This is your work, valued
BugBountyTemplates. A collection of templates for bug bounty reporting
487GoogD0rker. Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
417OmniProx. IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare
287Bloodhound-CustomQueries. Custom Queries - Brought Up to BH4.1 syntax
283DockerAttack. Various Tools and Docker Images
281CVE-2020-1350_HoneyPoC. HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.
278Wordlists. Various Payload wordlists
244pyLDAPGui. Python based GUI for browsing LDAP
182static-tools. Static compiled binaries + scripts ready to use on systems
153QoL-BOFs. Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
140WindowsHardeningScript. Some settings stolen from multiple scripts @ZephrFish
137LOLSearches. Living off the land searches for explorer and sharepoint
102BurpFeed. Hacked together script for feeding urls into Burp's Sitemap
97AzureAttackKit. Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information
79RandomScripts. Random Shell Scripts and other ideas I have along the way
73XSSPayloads. Cross Site Scripting Payloads -- Variations
72F5-CVE-2022-1388-Exploit. Exploit and Check Script for CVE 2022-1388
59GoClipC2. Clipboard for Command and Control between VDI, RDP and Others on Windows
53AttackDeploy. Scripts for Deploying new server
49Stompy. Timestomp Tool to flatten MAC times with a specific timestamp
49CVE-2021-22893_HoneyPoC2. DO NOT RUN THIS.
47ADFSDump-PS. PowerShell Implementation of ADFSDump to assist with GoldenSAML
44GoogD0rk. Python
43DynamicMSBuilder. A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
38AutoHoneyPoC. AutoPoC Generator HoneyPoC
36CVE-2023-20198-Checker. CVE-2023-20198 & 0Day Implant Scanner
33CVE-2024-4577-PHP-RCE. PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template
32HelloJackHunter. Research into WinSxS binaries and finding hijackable paths
31SandboxSpy. Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them back in a Base32 string over HTTP to an endpoint.
31Exch-CVE-2021-26855. CVE-2021-26855: PoC (Not a HoneyPoC for once!)
30ChunkyIngress. Leverages B64 chunks to split files and save to clipboard
26bug-bounty-reference. Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
25CVE-2020-16898. HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).
22Blog_Backup. A repository with various tutorials on how to do things in Pentesting, setup environments and other things
21RepoMan. Repo hacks
21CVE-2023-34362. CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
19CVE-2025-53770-Scanner. ToolShell scanner - CVE-2025-53770 and detection information
18CVE-2021-41773-PoC. Python
17SCCMSiteCodeHunter. C#
16PotUtils. Go
16NessusPreFlight. Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to scan a machine
16edr-checker. Gets the name of all currently running process then checks them against a list of known defensive products such as AV's, EDR's and logging tools.
15PurpleTeamWorkshop-LabManual. Purple Team Workshop by @jorgeorchilles
12Red-Teaming-Toolkit. This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
11MoveIT-WebShellCheck. Python
11Lepus. Subdomain finder
11CVE-2021-28480_HoneyPoC3. DO NOT RUN THIS.
10NOPe. NOPe - Testing some alternate NOP opcodes
10XSS. A collection of XSS Attack vectors
10blind. A BOF for patching AMSI, ETW and NtTraceEvent aka Sysmon using Trampolines
10xss-proxy. BeEF-inspired XSS proxy service
10Autopeeper. Automated Screenshot Tool
9MediaCenterSetup. A setup script for Plex, Sonarr, Radarr & Jackett
8OffensiveSysAdmin. A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools
7NotProxyShellScanner. Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082
7LogsSteelcon.
6PowerSploit_Sensitive_Info_Hunter. Modifed PowerSploit/PowerView to search files and match RegEx for Sensitive info (PII, PCI, Passwords, Usernames, SNMP Strings, etc.)
4Exch-CVE-2021-26855_Priv. patched to work
4Mailgun-python. Python Wrapper for sending email with mailgun
4UnhookingPatch. Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
3