Skip to content
View an4kein's full-sized avatar
🏠
Working from home
🏠
Working from home
90 followers · 74 following

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Arctic Code Vault Contributor

Block or report an4kein

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

rootsecdev / Azure-Red-Team

Azure Security Resources and Notes

PowerShell 1,659 221 Updated Nov 7, 2025

mvelazc0 / BadZure

BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse entities and configurable, traversable attack paths.

Python 478 31 Updated Nov 6, 2025

dafthack / GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

PowerShell 1,229 151 Updated Jul 22, 2025

rvrsh3ll / TokenTactics

Azure JWT Token Manipulation Toolset

PowerShell 696 109 Updated Dec 6, 2024

TakSec / google-dorks-bug-bounty

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

1,647 227 Updated Sep 29, 2025

mitmproxy / mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Python 41,287 4,364 Updated Nov 18, 2025

nikitastupin / pwnhub

How GitHub Actions workflows can be hacked

Shell 172 16 Updated Aug 23, 2024

cider-security-research / top-10-cicd-security-risks

420 63 Updated Jan 18, 2023

xpn / WAMBam

Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post

C# 129 22 Updated Jan 14, 2023

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.

JavaScript 9,310 6,549 Updated Aug 16, 2024

RedByte1337 / GraphSpy

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

HTML 894 101 Updated May 10, 2025

OWASP / www-project-ai-testing-guide

OWASP Foundation web repository

Python 439 84 Updated Nov 20, 2025

secureworks / family-of-client-ids-research

Research into Undocumented Behavior of Azure AD Refresh Tokens

Python 324 38 Updated Feb 23, 2024

tbhaxor / CARTX

Collection of powershell scripts I used to complete my CARTP and CARTE courses.

PowerShell 47 6 Updated Aug 20, 2025

x1xhlol / system-prompts-and-models-of-ai-tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus Agent Tools, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae…

96,499 25,947 Updated Nov 19, 2025

asgeirtj / system_prompts_leaks

Collection of extracted System Prompts from popular chatbots like ChatGPT, Claude & Gemini

JavaScript 23,774 3,636 Updated Nov 13, 2025

jhaddix / system_prompts_leaks

Forked from asgeirtj/system_prompts_leaks

Collection of extracted System Prompts from popular chatbots like ChatGPT, Claude & Gemini

JavaScript 24 2 Updated Jun 1, 2025

nccgroup / ScoutSuite

Multi-Cloud Security Auditing Tool

Python 7,428 1,159 Updated Sep 23, 2025

dafthack / MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

PowerShell 1,590 221 Updated Mar 4, 2025

dafthack / CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

2,766 551 Updated Sep 17, 2024

dafthack / DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

PowerShell 1,967 405 Updated Jul 11, 2024

dafthack / MSOLSpray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

PowerShell 1,058 179 Updated Mar 19, 2024

hausec / PowerZure

PowerShell framework to assess Azure security

PowerShell 1,239 179 Updated Oct 18, 2025

Offensive-Panda / ShadowDumper

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

C++ 565 90 Updated May 22, 2025

NetSPI / MicroBurst

A collection of scripts for assessing Microsoft Azure security

PowerShell 2,269 336 Updated Oct 29, 2025

0xsyr0 / Red-Team-Playbooks

This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.

PowerShell 356 91 Updated Jun 7, 2025

six2dez / pentest-book

1,797 618 Updated Nov 4, 2025

MAX-P0W3R / OSCP-machine-generator

A simple python script that will generate 2-6 machine names from the now infamous "Lainkusanagi & TJ Null OSCP trophy list".

Python 13 1 Updated Aug 1, 2024

SAPT01 / HBSQLI

Automated Tool for Testing Header Based Blind SQL Injection

Python 291 68 Updated Jul 23, 2023

r0oth3x49 / ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Python 3,777 402 Updated Oct 4, 2025
Next