Offensive Security
Showing 36 of 37 projects
A PowerShell framework for offensive security, penetration testing, and red teaming with scripts for all phases.
A Python tool for generating custom wordlists by profiling users to guess weak passwords during penetration tests.
A dynamic infrastructure framework for distributing security scanning workloads across multiple cloud instances.
A curated collection of cheat sheets and resources for penetration testing and security assessments.
A browsable archive of decrypted NSA exploit tools and implants leaked by the Shadow Brokers in 2017.
A penetration testing tool that detects and exploits Server-Side Template Injection (SSTI) and code injection vulnerabilities.
A multi-threaded Python brute-forcing tool with a modular design for reliable and flexible password guessing attacks.
A high-performance offensive security tool for reconnaissance, vulnerability scanning, and information gathering.
An automated Python tool for auditing and exploiting NoSQL database vulnerabilities and web application injection attacks.
A deprecated collection of PowerShell tools for offensive security operations and penetration testing.
A collection of notes, scripts, and techniques for exploiting vulnerabilities and attacking Jenkins servers.
A graphical tool for custom wordlist generation using human password paradigms, with output for Hashcat and John the Ripper.
A Linux eBPF rootkit demonstrating offensive capabilities with backdoor, C2, library injection, execution hijacking, persistence, and stealth modules.
A command-line tool that automates password cracking methodologies through Hashcat with integrated wordlist management and attack orchestration.
A comprehensive password cracking rule combining multiple sources for improved hashcat performance.
A PowerShell runspace post-exploitation toolkit written in C# that bypasses security mitigations and includes offensive modules.
Statistical password cracking rules for Hashcat based on industry patterns and frequency analysis.
A Python tool that generates targeted wordlists for security testing by combining personal info, leet transforms, and song lyrics.
A professional-grade web security scanner for penetration testing with intelligent, context-aware scanning and proof-based vulnerability detection.
A Ruby-based command-line tool for analyzing password dumps to generate statistics and insights for security reports.
A PowerShell suite for remote Windows incident response and hunting using CIM/WMI, requiring no agent deployment.
An optimized hashcat rule set for password cracking with reduced rule count and zero performance loss against major breach datasets.
A curated collection of offensive security research, techniques, and tools for attacking CI/CD pipelines and software supply chains.
A collection of PowerShell scripts for security testing, penetration testing, and general system administration tasks.
A command-line tool for security testing and offensive operations against Jenkins CI/CD servers.
A standalone password candidate generator implementing the PRINCE algorithm for advanced password cracking attacks.
A collection of hashcat and John the Ripper rules for password cracking, optimized for common password generation patterns.
Large hashcat rulesets generated from real-world compromised passwords to improve password cracking effectiveness.
A multi-platform distributed brute-force password cracking system for parallelizing dictionary and word generator attacks.
An automated Hashcat wrapper that speeds up hash cracking during security engagements with pre-configured wordlists and rules.
A penetration testing tool that bypasses wired 802.1x network protection to gain access to target networks.
A comprehensive collection of 317 hashcat rule files for password cracking and security testing.
A Rust tool that machine-learns efficient password mangling rules for John the Ripper or Hashcat from a dictionary and password list.
A wordlist generator for security testing that creates permutations of known data to crack tokens.
A collaborative serverless framework for orchestrating geographically distributed assets to simulate offensive cyberspace operations.
Extracts the most common substrings from text files, specifically designed to generate wordlists for password cracking attacks.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.