Awesome

Resource-List

A collection of useful GitHub projects loosely categorised. I may end up adding non-GitHub projects + KB-style links for topics.

pwnd

• ODAT Oracle Database Attack Tool:

  • https://github.com/quentinhardy/odat

• clusterd framework, attacking JBoss, CF, WebLogic, Tomcat, Railo, Axis2, Glassfish:

  • https://github.com/hatRiot/clusterd

• JexBoss - Jboss verify and EXploitation Tool:

  • https://github.com/joaomatosf/jexboss

• The Backdoor Factory Proxy (BDFProxy):

  • https://github.com/secretsquirrel/BDFProxy

• impacket:

  • https://github.com/CoreSecurity/impacket

• CrackMapExec Windows/Active Directory swiss army knife:

  • https://github.com/byt3bl33d3r/CrackMapExec

• commix:

  • https://github.com/stasinopoulos/commix

• beef-drive, beef framework with WebRTC:

  • https://github.com/tsu-iscd/beef-drive

• VirtuaPlant Industrial Control Systems simulator:

  • https://github.com/jseidl/virtuaplant

• Responder, LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication:

  • https://github.com/SpiderLabs/Responder

• WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections:

  • https://github.com/ctxis/wsuspect-proxy

• Potato, NTLM relay PrivEsc:

  • https://github.com/foxglovesec/Potato

• jdwp-shellifier (Java Debug Wire Protocol):

  • https://github.com/stufus/jdwp-shellifier

• foxglovesec JavaUnserializeExploits:

  • https://github.com/foxglovesec/JavaUnserializeExploits

• KeeFarce, extraction of KeePass 2.x password database information from memory:

  • https://github.com/denandz/KeeFarce

• Wolves Among the Sheep, MD5 hash collision:

  • https://github.com/silentsignal/sheep-wolf/

• TDL (Turla Driver Loader). Driver loader for bypassing Windows x64 Driver Signature Enforcement:

  • https://github.com/hfiref0x/TDL

• Ebowla, framework for Making Environmental Keyed Payloads:

  • https://github.com/Genetic-Malware/Ebowla

• CVE-2016-1287 POC: IKEv1/v2 buffer overflow

  • https://github.com/exodusintel/disclosures/blob/master/CVE_2016_1287_PoC

• SubTee, AllTheThings -> Includes 5 Known Application Whitelisting Bypass Techniques in One File:

  • https://github.com/subTee/AllTheThings

• IAT_POC, IAT based payload, that bypasses DEP/ASLR protections in EMET:

  • https://github.com/ShellcodeSmuggler/IAT_POC

• XRulez, Windows executable that can add malicious rules to Outlook:

  • https://github.com/mwrlabs/XRulez

PowerShell

• BloodHound, Six Degrees of Domain Admin:

  • https://github.com/adaptivethreat/Bloodhound

• PowerSploit - A PowerShell Post-Exploitation Framework:

  • https://github.com/PowerShellMafia/PowerSploit

• PowerShellArsenal, PowerShell Module Dedicated to Reverse Engineering:

  • https://github.com/mattifestation/PowerShellArsenal

• Empire, post-exploitation framework:

  • https://github.com/powershellempire/empire

• PowerShell Empire Web Interface using the REST API interface:

  • https://github.com/interference-security/empire-web

• PowerShell live disk forensics platform:

  • https://github.com/Invoke-IR/PowerForensics

• PowerMemory:

  • https://github.com/giMini/PowerMemory

• KeeThief, methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory:

  • https://github.com/adaptivethreat/KeeThief

• mimikittenz, a post-exploitation powershell tool for extracting juicy info from memory:

  • https://github.com/putterpanda/mimikittenz

• Inveigh, LLMNR/NBNS spoofer/man-in-the-middle tool:

  • https://github.com/Kevin-Robertson/Inveigh

• PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server:

  • https://github.com/NetSPI/PowerUpSQL

• PoshPrivilege, add/remove privileges to an account/group on a local machine as well as enabling or disabling existing privileges which are applied to a current user's process token:

  • https://github.com/proxb/PoshPrivilege

• Tater, PowerShell implementation of Hot Potato PrivEsc:

  • https://github.com/Kevin-Robertson/Tater

• Powershell to CodeExecution and ProcessInjection:

  • https://github.com/3gstudent/Code-Execution-and-Process-Injection

• PoshRat, PowerShell Reverse HTTP(s) Shell:

  • https://github.com/subTee/PoshRat

• p0wnedShell, PowerShell Runspace Post Exploitation Toolkit:

  • https://github.com/Cn33liz/p0wnedShell

• PSAttack, a portable console aimed at making pentesting with PowerShell a little easier:

  • https://github.com/jaredhaight/PSAttack

• OutlookPersistence:

  • https://github.com/enigma0x3/OutlookPersistence

• Babadook: Connection-less Powershell Persistent and Resilient Backdoor

  • https://github.com/jseidl/Babadook
  • https://wroot.org/posts/babadook-connection-less-powershell-persistent-and-resilient-backdoor/

• ps1-toolkit, obfuscated penetration testing PowerShell scripts:

  • https://github.com/vysec/ps1-toolkit

• Windows 10 hardening:

  • https://gist.github.com/alirobe/7f3b34ad89a159e6daa1

CTF

• CTF-Workshop:

  • https://github.com/kablaa/CTF-Workshop

• ctf-tools:

  • https://github.com/zardus/ctf-tools

• Mechanical Phish framework for the DARPA Cyber Grand Challenge (@shellphish):

  • https://github.com/mechaphish

• pwntools, CTF framework used by Gallopsled:

  • https://github.com/Gallopsled/pwntools

• Awesome CTF, tool list:

  • https://github.com/apsdehal/awesome-ctf

• binjitsu:

  • https://github.com/binjitsu/binjitsu

• 32/64 bit Intel shellcode for CTF style exploitation:

  • https://github.com/isislab/Shellcode

• preeny, payloads for binary patching:

  • https://github.com/zardus/preeny

• Eh'Trace (pronounced ATrace) is a binary tracing tool for Windows:

  • https://github.com/K2/EhTrace

• flare-ida, IDA Pro scripts and plugins by the FireEye FLARE team:

  • https://github.com/fireeye/flare-ida

• HexRaysCodeXplorer, IDA plugin for better code navigation:

  • https://github.com/REhints/HexRaysCodeXplorer

• Qira, timeless debugger:

  • https://github.com/BinaryAnalysisPlatform/qira

• Binary Ninja Python:

  • https://github.com/Vector35/binaryninja-python

• radare2:

  • https://github.com/radare/radare2

• Triton dynamic binary analysis framework:

  • https://github.com/JonathanSalwan/Triton

• angr binary analysis framework:

  • https://github.com/angr/angr

• Capstone disassembly/disassembler framework:

  • https://github.com/aquynh/capstone

• Snowman Decompiler:

  • https://github.com/yegord/snowman

• Pin unpacking and anti-evasion:

  • https://github.com/Seba0691/pin_unpacking_antievasion

• tesseract-ocr:

  • https://github.com/tesseract-ocr/tesseract

• xortool, analyze multi-byte xor cipher:

  • https://github.com/hellman/xortool

• flare-floss, FireEye Obfuscated String Solver:

  • https://github.com/fireeye/flare-floss

• FernFlower Java decompiler:

  • https://github.com/fesh0r/fernflower

• dbSypy, .NET assembly editor, decompiler, and debugger:

  • https://github.com/0xd4d/dnSpy

• JPEXS Free Flash Decompiler:

  • https://github.com/jindrapetrik/jpexs-decompiler

• Robust ABC (ActionScript Bytecode) [Dis-]Assembler (RABCDAsm):

  • https://github.com/CyberShadow/RABCDAsm

• WinAFL, a fork of AFL for fuzzing Windows binaries:

  • https://github.com/ivanfratric/winafl

• Gray Hat C#:

  • https://github.com/brandonprry/gray_hat_csharp_code

• CTF write-ups by PPP:

  • https://github.com/pwning/public-writeup

• CTFs -> CTF write-up's:

  • https://github.com/ctfs

• Modern Binary Exploitation RPISEC:

  • https://github.com/RPISEC/MBE

• HeXA CTF Platform:

  • https://github.com/L34p/HeXA-CTF-2015

• CTFd:

  • https://github.com/isislab/CTFd

• Christmas-CTF:

  • https://github.com/brian020305/Christmas-CTF

• CTF scoreboard:

  • https://github.com/ShySec/scrimmage-scoreboard

• DefCon CTF VM:

  • http://fuzyll.com/2016/the-defcon-ctf-vm/
  • https://github.com/fuzyll/defcon-vm

Malware

• GRR Rapid Response:

  • https://github.com/google/grr

• Viper, Binary analysis framework:

  • https://github.com/viper-framework/viper

• pafish, detect sandboxes and analysis environments in the same way as malware families do:

  • https://github.com/a0rtega/pafish

• yara:

  • https://github.com/plusvic/yara/

• Course materials for Malware Analysis by RPISEC (2015):

  • https://github.com/RPISEC/Malware

• APTnotes, various public documents, whitepapers and articles about APT campaigns:

  • https://github.com/kbandla/APTnotes

• QuasarRAT (c#):

  • https://github.com/quasar/QuasarRAT

• browsersploit, advanced browser exploit pack for doing internal and external pentesting:

  • https://github.com/julienbedard/browsersploit

• HellKitty-In-VC Ring3 Rootkit:

  • https://github.com/aaaddress1/HellKitty-In-VC

• PowerWorm, PowerShell-based malware:

  • https://github.com/mattifestation/PowerWorm

• Anti Sandbox and Anti Virtual Machine Tool:

  • https://github.com/AlicanAkyol/sems

• JSDetox, JavaScript deobfuscation:

  • https://github.com/svent/jsdetox

• CapTipper, analyze, explore and revive HTTP malicious traffic:

  • https://github.com/omriher/CapTipper