markterlep Goto Github PK

mailinabox

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.

mailsniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

maldev-av-edr-evasion-for-pentesters

MalDev & AV-EDR Evasion for Pentesters

malleable-c2-profiles

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

malmemdetect

Detect strange memory regions and DLLs

malwaredev

mangle

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

manual-dll-loader

Custom LoadLibrary / GetProcAddress (x86 / x64) - Load DLL and retrieve functions manually

memfiles

A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk

microsoft-account-creator

Microsoft/Outlook HQ Account Generator

minhook

The Minimalistic x86/x64 API Hooking Library for Windows

modlishka

Modlishka. Reverse Proxy.

mortar

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

mythic

A collaborative, multi-platform, red teaming framework

mythic-macro-generator

Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens

nimjector

A dive into shellcode injection and EDR evasion techniques in nim (but with a punny name)

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

o365-attack-toolkit

A toolkit to attack Office365

o365creeper

Python script that performs email address validation against Office 365 without submitting login attempts.

o365recon

retrieve information via O365 and AzureAD with a valid cred

o365spray

Username enumeration and password spraying tool aimed at Microsoft O365.

offensiverust

Rust Weaponization for Red Team Engagements.

omnispray

Modular Enumeration and Password Spraying Framework

onlinetools

在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..

operatorskit

Collection of Beacon Object Files (BOF) for Cobalt Strike

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pdfator

pe-bear

Portable Executable reversing tool with a friendly GUI

peloader

PE loader with various shellcode injection techniques

penetration-testing-tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.