All

143 repositories

OCInferno
Public
A pentesting tool for enumeration/download/graphical analysis of OCI content. Includes an OpenGraph generator for Bloodhound-style analysis.
Python
•
BSD 3-Clause "New" or "Revised" License
•2•14•0•0•Updated Apr 24, 2026Apr 24, 2026
OCISigner
Public
A Burp Suite extension to sign OCI HTTP requests using all supported OCI authentication mechanisms including API keys, session tokens, instance principals, & re…
Java
•
BSD 3-Clause "New" or "Revised" License
•0•3•0•0•Updated Apr 24, 2026Apr 24, 2026
oci-lexer-parser
Public
A utility to convert OCI IAM Policy Statements and Dynamic Group Matching Rules to serialized JSON output.
Python
•
BSD 3-Clause "New" or "Revised" License
•0•3•0•0•Updated Apr 19, 2026Apr 19, 2026
AutoDirbuster
Public
Automatically run and save ffuf scans for multiple IPs
Python
•
Other
•26•82•0•0•Updated Apr 9, 2026Apr 9, 2026
ForceHound
Public
Salesforce identity and permission graph collector for BloodHound CE. Maps users, profiles, permission sets, roles, groups, sharing rules, connected apps, and f…
python security identity
python security identity graph permissions bloodhound penetration-testing salesforce aura attack-path
Python
•
BSD 3-Clause "New" or "Revised" License
•3•39•0•0•Updated Apr 7, 2026Apr 7, 2026
GoLegacySslTlsSupport
Public
Go
•0•0•0•0•Updated Apr 3, 2026Apr 3, 2026
SQLInjectionWiki
Public
A wiki focusing on aggregating and documenting various SQL injection methods
mysql sql wiki
mysql sql wiki injection oracle sqli mssql sqlserver netspi
HTML
•148•794•2•3•Updated Apr 1, 2026Apr 1, 2026
MicroBurst
Public
A collection of scripts for assessing Microsoft Azure security
PowerShell
•
BSD 3-Clause "New" or "Revised" License
•337•2.4k•4•1•Updated Mar 15, 2026Mar 15, 2026
BypassFuzzer
Public
Fuzz 401/403/404 pages for bypasses
Python
•52•4•0•0•Updated Feb 27, 2026Feb 27, 2026
PowerShell
Public
NetSPI PowerShell Scripts
PowerShell
•110•345•0•1•Updated Feb 10, 2026Feb 10, 2026
BOF-PE
Public
An example reference design for a proposed BOF PE
redteam post-ex
redteam post-ex
C++
•
BSD 3-Clause "New" or "Revised" License
•31•206•0•2•Updated Jan 23, 2026Jan 23, 2026
bambdas
Public
Bambdas collection for Burp Suite Professional and Community.
Java
•
GNU Lesser General Public License v3.0
•87•0•0•1•Updated Dec 12, 2025Dec 12, 2025
NetSIP
Public
NetSIP is a Python-powered SIP repeater that lets you craft, replay, and inspect SIP traffic.
Python
•
GNU General Public License v3.0
•0•2•0•0•Updated Nov 6, 2025Nov 6, 2025
FuncoPop
Public
Tools for attacking Azure Function Apps
PowerShell
•
Other
•11•88•1•1•Updated Oct 28, 2025Oct 28, 2025
PXEThief
Public
PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
Python
•
GNU General Public License v3.0
•69•0•0•0•Updated Oct 28, 2025Oct 28, 2025
PowerHuntShares
Public
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
PowerShell
•
Other
•109•1k•11•0•Updated Oct 15, 2025Oct 15, 2025
BurpExtractor
Public
A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
Java
•34•98•8•3•Updated Oct 7, 2025Oct 7, 2025
whois-parser
Public
Whois parser for domain whois information parsing in Go(Golang).
Go
•
Apache License 2.0
•102•0•0•0•Updated Sep 25, 2025Sep 25, 2025
ATEAM
Public
Python
•
BSD 3-Clause "New" or "Revised" License
•15•142•2•0•Updated Sep 9, 2025Sep 9, 2025
Snaffler
Public
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
C#
•
GNU General Public License v3.0
•275•1•0•0•Updated Sep 8, 2025Sep 8, 2025
egressTester
Public
Allows testing all egress ports, an updated version of egressbuster
0•0•0•0•Updated Sep 4, 2025Sep 4, 2025
MSSQLHound
Public
PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
PowerShell
•
GNU General Public License v3.0
•19•1•0•0•Updated Jul 30, 2025Jul 30, 2025
CVE-2025-4660
Public
PoC for CVE-2025-4660 demonstrating exploitation of the Forescout SecureConnector on Windows
Python
•
BSD 3-Clause "New" or "Revised" License
•4•16•0•0•Updated Jul 16, 2025Jul 16, 2025
set_sail
Public
SailPoint IQService - RCE via Default Encryption Key
Python
•
Other
•3•1•0•0•Updated Jul 8, 2025Jul 8, 2025
BAS-Public-Tools
Public
0•0•0•0•Updated Jun 18, 2025Jun 18, 2025
gcpwn
Public
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
Python
•
BSD 3-Clause "New" or "Revised" License
•27•292•1•0•Updated May 16, 2025May 16, 2025
wopper
Public
Automatically upload, execute, and delete a PHP file using Wordpress administrator credentials.
Shell
•
BSD 3-Clause "New" or "Revised" License
•0•3•0•0•Updated Apr 23, 2025Apr 23, 2025
test-setup-public
Public
0•0•0•0•Updated Apr 22, 2025Apr 22, 2025
trufflehog-integration-netspi
Public
NetSPi fork of the official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc) us…
Python
•19•0•0•0•Updated Mar 11, 2025Mar 11, 2025
Challenges
Public
1•0•0•0•Updated Mar 7, 2025Mar 7, 2025

ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NetSPI

All

All

143 repositories

OCInferno

OCISigner

oci-lexer-parser

AutoDirbuster

ForceHound

GoLegacySslTlsSupport

SQLInjectionWiki

MicroBurst

BypassFuzzer

PowerShell

BOF-PE

bambdas

NetSIP

FuncoPop

PXEThief

PowerHuntShares

BurpExtractor

whois-parser

ATEAM

Snaffler

egressTester

MSSQLHound

CVE-2025-4660

set_sail

BAS-Public-Tools

gcpwn

wopper

test-setup-public

trufflehog-integration-netspi

Challenges

All

All

Repositories list

143 repositories