Pentesting framework with shell integrations designed for workflow automation

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Here I gather all the resources about hacking that I find interesting

wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures from various AV engines. It also has a handful of additional built in modules to help automate some common tasks on Red team engagements.

A penetration testing playbook that's suitable for CTF challenges, bug bounty hunting and red team assessments.

A Security Tool for Bug Bounty, Pentest and Red Teaming.

A scalable pentesting platform

Moonshot - A simple and modular tool to evaluate and red-team any LLM application.

Infrastructure as code framework for deploying servers to linode to be used in Red Team Operations

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

Adversary Emulation Framework

📍 Bypass CDN/WAFs!

Test & strengthen defenses against social attacks. Simulate phishing, vishing & more in a safe, ethical LAB.Test & strengthen defenses against social attacks. Simulate phishing, vishing & more in a safe, ethical LAB.

[ICML 2024] Prompting4Debugging: Red-Teaming Text-to-Image Diffusion Models by Finding Problematic Prompts (Official Pytorch Implementation)

Personal InfoSec blog

AWS CloudSaga - Simulate security events in AWS

Compiled tools for internal assessments

Azure Service Subdomain Enumeration

一个攻防知识仓库 Red Teaming and Offensive Security

PAL: Proxy-Guided Black-Box Attack on Large Language Models