Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with offsec

A curated list of projects in awesome lists tagged with offsec .

https://github.com/Syslifters/sysreptor

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

cape cdsa chhb cpts hackthebox infosectools offsec oscp osed osep oswa oswp penetration-testing pentest-reports pentesting-tool report-generator reporting reporting-tool security-assessment security-audit

Last synced: 20 Apr 2025

https://github.com/Syslifters/OffSec-Reporting

Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool

lab-report offensive-security offsec oscp oscp-tools osed osee osep oswa oswe oswp penetration-testing pentest-report pentesting-tools red-teaming reporting reporting-tool security-tools

Last synced: 29 Apr 2025

https://github.com/whitewinterwolf/wwwolf-php-webshell

WhiteWinterWolf's PHP web shell

offsec pentesting php unix webapp windows

Last synced: 11 May 2025

https://github.com/AnonCatalyst/Ominis-Osint

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.

finder forensics information-gathering infosec offsec ominis-osint osint osint-resources osint-tools python reconnaissance scraping search-engine username username-checker web websearch

Last synced: 05 May 2025

https://github.com/volkandindar/agartha

A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced XSS exploitation.

application-security appsec burp-extensions burpsuite cybersecurity hacking hacking-tool offensivesecurity offsec penetration-testing pentesting

Last synced: 13 May 2025

https://github.com/AnonCatalyst/Ominis-OSINT

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user-inputted query. The tool extracts relevant information such as titles, URLs, and potential mentions of the query in the results.

finder forensics information-gathering infosec offsec ominis-osint osint osint-resources osint-tools python reconnaissance scraping search-engine username username-checker web websearch

Last synced: 04 Dec 2024

https://github.com/M507/AWAE-Preparation

This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.

advanced-web-application-pentesting awae offensive-security offsec oswe study-guide

Last synced: 21 Nov 2024

https://github.com/7h3rAm/writeups

Writeups for vulnerable machines.

ctf hackthebox offsec oscp tryhackme vulnhub writeups

Last synced: 01 May 2025

https://github.com/dadevel/mssql-spider

Automated exploitation of MSSQL servers at scale

adsecurity mssql offsec

Last synced: 06 Apr 2025

https://github.com/dadevel/impacket-zsh-integration

ZSH integration for Impacket

adsecurity impacket offsec

Last synced: 07 May 2025

https://github.com/JosephTLucas/vger

An interactive CLI application for interacting with authenticated Jupyter instances.

aisecurity jupyter mlsecops offsec

Last synced: 18 Apr 2025

https://github.com/sircryptic/cwv-scanner

This is a simple web application vulnerability scanner that checks if a given URL or IP address is vulnerable to 37 common web application security vulnerabilities. The tool is designed to help website owners and security researchers identify vulnerabilities in their web applications that can be exploited by attackers.

bash bash-script offsec opsec osint scanner-web webscanner

Last synced: 14 Apr 2025

https://github.com/dadevel/bloodhoundcli

Utilities for Pentesting with BloodHound

adsecurity bloodhound offsec

Last synced: 07 May 2025

https://github.com/audibleblink/git-ls

List (or plunder) private repos/gists to which a token has access, including those of other users

golang offsec osint redteam

Last synced: 13 Apr 2025

https://github.com/dadevel/shells

Collection of Reverse, Bind & Web Shells

bind-shell offsec pentesting reverse-shell web-shell

Last synced: 07 May 2025

https://github.com/000pp/arbimz

🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.

2019 cve cve-2019-9670 exploit offsec pentest poc python python3 rce redteam ssrf xxe zimbra

Last synced: 24 Apr 2025

https://github.com/dadevel/terraform-team-server

Setup Sliver team server with Terraform

infrastructure-as-code offsec

Last synced: 12 Mar 2025

https://github.com/tajiknomi/browsers_masterkey_extractor

Extract the master key and important file(s) of various browser (i.e. Chrome, Firefox, Brave, Edge, Opera) in order to extract stored credentials

browser browser-security cpp offsec windows

Last synced: 25 Nov 2024

https://github.com/4thel00z/oneliners

Magic offsec/utility oneliners to make your red teaming/CTF/h4x0r life easier! 🤓

bash offsec oneline oneliner oneliners security sysadmin

Last synced: 24 Mar 2025

https://github.com/tajiknomi/remote_administrative_console

Command and Control (C2) Framework for remotely managing multiple clients. It allows for issuing commands, manipulating filesystems, executing shell, uploading/downloading data and gathering details about the connected systems

cpp filemanager hacking-tool offsec pentest-tool pentesting qt rat red-team remote-access-tool remote-administrative-tool

Last synced: 14 Feb 2025

https://github.com/tajiknomi/browsercredextractor_windows

Extract stored password(s) and important file(s) from various browser (i.e. Chrome, Brave, Edge, Opera)

brave browser browser-security chrome cpp cybersecurity dpapi edge offsec windows

Last synced: 17 Jan 2025

https://github.com/the-viper-one/osep-notes

Various notes I have compiled during the OSEP PEN-300 course.

evasion offsec oscp osep pen-300 penetration-testing powershell

Last synced: 03 Apr 2025

https://github.com/gh0x0st/intro-honeypots

An introduction into the concept of honeypots and how they can be used defensively as an early detection mechanism.

blueteam honeypot offensive-security offsec threat-intelligence

Last synced: 15 Mar 2025

https://github.com/dadevel/bruteproxy

Automated brute forcing of web logins

offsec password-attacks

Last synced: 12 Mar 2025

https://github.com/dutchpsycho/activebreach-um-hookbypass

EDR/AC/AV evasion implementation of a Stub-Based syscall invoking system. Bypasses all Usermode Hooks

antivirus-evasion edr-evasion offsec red-team-tools red-teaming windefender

Last synced: 02 Feb 2025

https://github.com/loneicewolf/soc-200-lightpreparation

My (currently only in theory) light preparation for the SOC-200 course (will probably take it **sometime** )

cyber-threat-intelligence methodology offsec pentesting soc200-osda

Last synced: 15 May 2025

https://github.com/tajiknomi/clienthttp_linux

Linux based client interacting with REST/JSON HTTP server for system information retrieval, file management, remote command execution, data transfer, and automated task scheduling etc

client-http client-side cmake cpp filemanager hacking-tool linux-app linux-client linux-rat linux-shell offsec rat red-team remote-access-tool remote-administrative-tool remote-desktop

Last synced: 15 Apr 2025

https://github.com/tajiknomi/clienthttp_windows

Windows-based client application interacting with REST/JSON HTTP server for system information retrieval, file management, remote command execution, data transfer, and automated task scheduling

client-http client-side cmake cpp http-client offsec rat red-team remote-access-tool rest-api windows-rat

Last synced: 20 Mar 2025

https://github.com/ten-ops/pic-implant

64-bit PIC reverse shell implant written in x64 NASM assembly for educational use only.

offsec red-team shellcode windows

Last synced: 02 Apr 2025

https://github.com/4m3rr0r/zombifydocker

This script attempts to exploit Docker containers for privilege escalation by utilizing Docker images that may allow access to the host filesystem with privileged privileges. It tests a predefined list of Docker images and checks if the system is vulnerable to privilege escalation via chroot.

docker docker-image docker-priv-esc docker-privilege-escalation offsec priv-esc privilege-escalation

Last synced: 21 Feb 2025

https://github.com/loneicewolf/web200-oswa_planning

Some theoretical planning, I still go pen200 (which I first must complete obviously)

offsec web200-oswa

Last synced: 15 May 2025

https://github.com/ten-ops/pic_implant

64-bit PIC reverse shell implant written in x64 NASM assembly for educational use.

malware offsec red-team windows

Last synced: 03 Apr 2025

https://github.com/ten-ops/cve-2024-48990_needrestart

Exploit for CVE-2024-48990 - Privilege Escalation in Needrestart 3.7-3. For eductional purposes only

offsec privilege-escalation redteam shellcode

Last synced: 14 May 2025

https://github.com/ten-ops/baron-samedit

This repository contains a Proof-of-Concept (PoC) exploit for the Baron Samedit vulnerability (CVE-2021-3156). The exploit demonstrates privilege escalation on Ubuntu 20.04 with sudo version 1.8.31 and glibc version 2.31. It includes an assembly-based exploit, a shared object payload, and a Makefile for automated compilation.

linux lpe offsec privelage-escalation red-team

Last synced: 06 Apr 2025

https://github.com/tyler-tee/redlines

Red Lines is a professional note-taking application designed specifically for offensive security practitioners. It provides a structured approach to organizing findings during security assessments, penetration tests, and security research.

ethical-hacking htb notebook notes notes-app offsec

Last synced: 21 Mar 2025