pdolinic Goto Github PK

covermyass

Shell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation.

defendercheck

Identifies the bytes that Microsoft Defender flags on.

deimosc2

DeimosC2 is a Golang command and control framework for post-exploitation.

detector

Free Open Source IDS via Shellscripts, connecting Binaries

detector-logstash-pipeline

Logstash Pipeline for my (yet unreleased) detector project, which continously runs bash commands to determine privacy and security checks

dns-over-ping

DNS-over-ping(8)

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

drheader

drHEADer helps with the audit of security headers received in response to a single request or a list of requests.

dvs

D(COM) V(ulnerability) S(canner) AKA Devious swiss army knife - Lateral movement using DCOM Objects

easy_rust

Rust explained using easy English

edrsandblast

elastic-container

Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine

etwpatching

Patching Event Tracing for Windows, by overwriting "call ntdll!EtwpEventWriteFull" inside ntdll!EtwEventWrite , the patched call do the actual Event Writing

fake-sms

A small script to send messages anonymously. very fast and secure SMS sending script.

fido2

Man in the Browser Attack on FIDO2. Proof of concept. Just another school project.

freeze

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

fud-uuid-shellcode

fuzz4bounty

Awesome wordlists for Bug Bounty Hunting

fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

geacon_pro

跨平台重构了Cobaltstrike Beacon，适配了大部分Beacon的功能，行为对国内主流杀软免杀，支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.

ghauri

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

go-check

golang library to provide some basic tools to monitoring plugins for Icinga

goad

game of active directory

goc2

MacOS C2 Framework

godgenesis

A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.

goofuzz

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

havoc

The Havoc Framework

hoaxshell

An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.

howtohunt

Collection of methodology and test case for various web vulnerabilities.

hwbp4mw