Pentest Report Generator

A Firefox Web Extension to improve the discovery of DOM XSS.

🕵️‍♂️ Offensive Google framework.

Fileless Command Execution for Lateral Movement in Nim

A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc

The recursive internet scanner for hackers. 🧡

A tool for automating the process of getting a reverse shell from a fully functional webshell, generating payloads. It can be used on webshell for direct command execution. With directory persisten…

Fast web fuzzer written in Go

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Web Application Security Scanner Framework

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.

VBA Obfuscation Tools combined with an MS office document generator

The VBScript Obfuscator written in VBScript

The Browser Exploitation Framework Project

Robber is open source tool for finding executables prone to DLL hijacking

A VBA parser and emulation engine to analyze malicious macros.

List of Awesome Red Teaming Resources

Boilerplate application for Electron runtime

Defeating Windows User Account Control

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector