This is your work, valued
post-exploitation. Post Exploitation Collection
1.6kshellshocker-pocs. Collection of Proof of Concepts and Potential Targets for #ShellShocker
889post-exploitation-wiki. Post Exploitation Wiki
527solarflare. SolarWinds Orion Account Audit / Password Dumping Utility
354netview. Netview enumerates systems using WinAPI calls
300IOXIDResolver. IOXIDResolver.py from AirBus Security
270vt-notify. Get email notification when Virus Total has a copy of your binary.
168pykek. Kerberos Exploitation Kit
164CVE-2021-44228-Log4Shell-Hashes. Hashes for vulnerable LOG4J versions
155osx-wificleaner. Cleans out "open" wireless connections from OSX machine
153howtowinccdc. Notes, Slides, Comments and Commands on How to Win CCDC
149nfsclient. NFS client written in Go
104repos. List of Repositories
103cfdb. Common Findings Database
101akb. Attack Knowledge Base
101redteam-collab. Red Team Collaboration Infrastructure
97ditto. Binary resource copier
97Not-In-Pentesting-Class. The Dirty Secrets They Didn't Teach You In Pentesting Class
96open-ssids. SSIDs for the Hak5 Wifi Pineapple's PineAP setup
92sectaskbars. Security Product Taskbar Icons (to identify from screenshots)
58WhiteChapel. password cracking front end
58tools. Operational toolset utilizing git's submodule feature
57FakeNetBIOS. See here:
43manage2decrypt. ManageEngine OpManager Decryption Tools
33stuff. Things I've coded, or use (cause I can't find them online anymore)
32DeleteThatTweet. Monitors a Twitter stream and saves off any tweet that is deleted.
27windows-hardening. Because I can't find scripts to do this anywhere else...
26certexp. Certificate Export Utility
26windows-declutter. Windows 10 De-Clutter script
25securitytitles.com. Standardizing Security Titles
25mubix.github. Malicious Link Blog
25attackbox. Ansible scripts to build an attack box
24ntds_decode. Decrypt NTDS hashes
24ccdc_malware. Talk given at DerbyCon and RuxCon 2016
23lmo. LetMeOutOfYour.net Resources
21whitechapel-ng. Next Generation of White Chapel
21local-hibp. How to set up a local copy of Have-I-Been-Pwned's password checking service
21metasploitwiki. Clone of Metasploit's wiki w/ additions
17htshells. Self contained htaccess shells and attacks
16GScriptOldEmal. Deletes old email from my Gmail accounts
15Interceptor. PowerShell HTTP(s) Intercepting Proxy
14hackingtogether. #HackingTogether
14PCredz. This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
13ctf. Capture The Flag Information
12twitter-list-follow. Follow all members of a list
12SecLists. SecLists is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
12metasploit-framework. Metasploit Framework
11elgamalcrypto. Simple Python Elgamal Encryption and Decryption Tool
10scoreproxy. CCDC Scorebot SOCKS5 checks proxy
10presentations. Public copies of my previous presentations
8evil-winrm. The ultimate WinRM shell for hacking/pentesting
8decryptcpuu. Decrypt "Unrestricted" CPUU.ini passwords
7getPatrons. Pulls down list of Patrons in tab formatted list
1