An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with offensive-security

A curated list of projects in awesome lists tagged with offensive-security .

https://github.com/ihebski/defaultcreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting

Last synced: 25 Mar 2025

https://github.com/ihebski/DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting

Last synced: 02 Apr 2025

https://github.com/t3l3machus/villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools

Last synced: 13 May 2025

https://github.com/t3l3machus/Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).

c2 cybersecurity hacking hacking-tool offensive-security open-source penetration-testing penetration-testing-tools pentest pentesting readteaming redteam redteam-tools

Last synced: 30 Mar 2025

https://github.com/noraj/OSCP-Exam-Report-Template-Markdown

:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

exam exam-report latex markdown markdown-template markdown-to-pdf offensive-security osce oscp oscp-prep osee oswe oswp pandoc report reporting-tool

Last synced: 11 Jul 2025

https://github.com/noraj/oscp-exam-report-template-markdown

:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

exam exam-report latex markdown markdown-template markdown-to-pdf offensive-security osce oscp oscp-prep osee oswe oswp pandoc report reporting-tool

Last synced: 13 May 2025

https://github.com/nicocha30/ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

golang offensive-security pentest-tool pentesting pivoting post-exploitation redteam tunneling

Last synced: 12 Jan 2026

https://github.com/tnpitsecurity/ligolo-ng

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

golang offensive-security pentest-tool pentesting pivoting post-exploitation redteam tunneling

Last synced: 05 Apr 2025

https://github.com/x90skysn3k/brutespray

Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials across 28 protocols.

brute-force-attacks bruteforce credential-testing cybersecurity ftp golang infosec nessus network-security nmap offensive-security password-spraying penetration-testing pentesting rdp red-team security socks5-proxy ssh

Last synced: 17 Mar 2026

https://github.com/codingo/reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 15 May 2025

https://github.com/codingo/Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

discover-services enumeration hacking hacking-tool kali-linux nmap offensive-security oscp penetration-testing range scanner scanning security security-audit security-scanner security-tools service-enumeration services-discovered snmp virtual-hosts

Last synced: 30 Mar 2025

https://github.com/0xsyr0/awesome-cybersecurity-handbooks

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

capture-the-flag ctf cybersecurity handbooks infosec offensive offensive-security penetration-testing pentesting red-teaming security

Last synced: 27 Jan 2026

https://github.com/elementalsouls/Claude-BugHunter

A Claude Code skill bundle for bug hunting and external red-team work — 71 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 core vulnerability classes, plus enterprise identity + infrastructure attack matrices.

ai-security anthropic application-security bug-bounty bugbounty bugcrowd claude claude-code claude-skills ethical-hacking hackerone offensive-security pentesting red-team security-tools web-security

Last synced: 19 Jun 2026

https://github.com/joaoviictorti/rustredops

RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀

malware-development offensive-security redteam rust windows

Last synced: 14 May 2025

https://github.com/joaoviictorti/RustRedOps

RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust 🦀

malware-development offensive-security redteam rust windows

Last synced: 05 Apr 2025

https://github.com/viralmaniar/bigbountyrecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming

Last synced: 16 May 2025

https://github.com/Viralmaniar/BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming

Last synced: 11 Jul 2025

https://github.com/codingo/vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 08 Apr 2025

https://github.com/codingo/VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 30 Mar 2025

https://github.com/pushsecurity/saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

offensive-security saas web-security

Last synced: 14 Apr 2025

https://github.com/Syslifters/OffSec-Reporting

Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool

lab-report offensive-security offsec oscp oscp-tools osed osee osep oswa oswe oswp penetration-testing pentest-report pentesting-tools red-teaming reporting reporting-tool security-tools

Last synced: 29 Apr 2025

https://github.com/noraj/flask-session-cookie-manager

:cookie: Flask Session Cookie Decoder/Encoder

cookie decoder encoder flask offensive-security pentest tool

Last synced: 14 May 2025

https://github.com/nyancrimew/goop

Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.

bug-bounty git infosec offensive-security

Last synced: 17 Jan 2026

https://github.com/EvilBytecode/GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

go golang hacking malware malware-development offensive-security red-team redteaming security windows

Last synced: 14 Oct 2025

https://github.com/the-viper-one/pentest-everything

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

active-directory active-directory-security bloodhound crto crtp ctf ctf-writeups ecpptv2 ejpt hacking hackthebox offensive-security oscp penetration-testing pentest-tools pentesting proving-grounds-writeups security tryhackme

Last synced: 27 Jan 2026

https://github.com/evilbytecode/goredops

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

go golang hacking malware malware-development offensive-security red-team redteaming security windows

Last synced: 15 May 2025

https://github.com/Frissi0n/GTFONow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

ctf ctf-tools gtfobins hacking hackthebox offensive-security pentest pentesting post-exploitation privilege-escalation redteam security security-tools suid-binaries

Last synced: 11 Jun 2025

https://github.com/shreyaschavhan/oscp-pre-preparation-plan-and-notes

My OSCP Pre-Preparation Phase. I'm not sure if I'll be able to afford the exam but what count's trying and learning things. I'm gonna give it a try. [Start Date: 21st March 2022]

certification offensive-security offensive-security-certified-professional

Last synced: 10 Apr 2025

https://github.com/fuzzinglabs/mcp-security-hub

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

ai claude cybersecurity docker ghidra mcp mcp-server nmap nuclei offensive-security osint pentesting security vulnerability-scanner

Last synced: 21 May 2026

https://github.com/frizb/Vanquish

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

kali-linux offensive-security oscp penetration-testing penetration-testing-framework python vulnerability-assessment vulnerability-scanners

Last synced: 02 Apr 2025

https://github.com/The-Viper-One/Pentest-Everything

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

active-directory active-directory-security bloodhound crto crtp ctf ctf-writeups ecpptv2 ejpt hacking hackthebox offensive-security oscp penetration-testing pentest-tools pentesting proving-grounds-writeups security tryhackme

Last synced: 20 Apr 2025

https://github.com/so87/OSCP-PwK

This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.

cheatsheet kali-linux-course offensive-security oscp study

Last synced: 30 Apr 2025

https://github.com/georgesotiriadis/Chimera

Automated DLL Sideloading Tool With EDR Evasion Capabilities

assembly cpp dll-sideloading edr-bypass offensive-security python3

Last synced: 12 Apr 2025

https://github.com/georgesotiriadis/chimera

Automated DLL Sideloading Tool With EDR Evasion Capabilities

assembly cpp dll-sideloading edr-bypass offensive-security python3

Last synced: 05 Apr 2025

https://github.com/BishopFox/rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

java java-deserialization java-rmi javassist offensive-security scanner security-tools

Last synced: 30 Mar 2025

https://github.com/bishopfox/rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

java java-deserialization java-rmi javassist offensive-security scanner security-tools

Last synced: 06 Apr 2025

https://github.com/f1zm0/hades

Go shellcode loader that combines multiple evasion techniques

adversary-emulation av-evasion edr-evasion evasion golang ntapi ntdll offensive-security pentesting red-teaming syscalls

Last synced: 06 Apr 2025

https://github.com/SofianeHamlaoui/Pentest-Notes

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

cheatsheets offensive-security penetration-testing penetration-testing-tools pentesting security security-audit security-tools sofianehamlaoui

Last synced: 12 Jul 2025

https://github.com/0xsyr0/red-team-playbooks

This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.

offensive-methodology offensive-security penetration-testing playbook redteam ttp

Last synced: 09 Oct 2025

https://github.com/justicerage/ffm

Freedom Fighting Mode: open source hacking harness

hacking-harness information-security offensive-security

Last synced: 05 Apr 2025

https://github.com/esonhugh/sshd_backdoor

/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.

backdoor ebpf offensive-security

Last synced: 07 Apr 2025

https://github.com/safedv/rustivedump

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

lsass-dump offensive-security position-independent-code redteam rust-lang

Last synced: 16 May 2025

https://github.com/Esonhugh/sshd_backdoor

/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.

backdoor ebpf offensive-security

Last synced: 11 Jul 2025

https://github.com/safedv/RustiveDump

LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

lsass-dump offensive-security position-independent-code redteam rust-lang

Last synced: 22 Oct 2025

https://github.com/0xda568/iconjector

Unorthodox and stealthy way to inject a DLL into the explorer using icons

cpp dll dll-injection injection malware-development offensive-security win64 windows windows-10 windows-11

Last synced: 12 Apr 2025

https://github.com/c0rel0ader/east

Exploits and Security Tools Framework 2.0.1

east-framework exploits offensive-security penetration-testing python

Last synced: 02 Apr 2025

https://github.com/C0reL0ader/EaST

Exploits and Security Tools Framework 2.0.1

east-framework exploits offensive-security penetration-testing python

Last synced: 13 Mar 2025

https://github.com/sudosammy/knary

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support

bugbounty burpsuite canary ctf-tools discord discord-bot dns-canary microsoft-teams offensive-security penetration-testing pentesting pushover-notifications security-tools slackbot

Last synced: 10 Mar 2026

https://github.com/tokyoneon/credphish

CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.

amsi antivirus-evasion backdoor bypass-antivirus c2 dns dns-server exfiltration information-security kali kali-linux kali-scripts offensive-security penetration-testing reverse-shell shell social-engineering

Last synced: 09 Apr 2025