simplerhacking / Evilginx3-Phishlets

The Havoc Framework

#夺旗赛 (CTF) 和网络安全资源#SecLists 是安全测试员工作伴侣。该仓库整理了大量用于安全测试的清单集合，清单中包括弱口令，常用用户名，敏感数据特征码、模糊测试载荷等。

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Devika is now Opcode

#大语言模型#🙌 OpenHands: Code Less, Make More

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication...

xz 漏洞（CVE-2024-3094）笔记、攻击demo

🐬 Feature-rich, stable and customizable Flipper Firmware

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, ...

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

#Awesome#A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

Reverse engineered to remove IOCs, added Exchange Online Protection IP blacklist and bing-bot user-agent blocking, DNS configuration and notes on usage.

Covenant is a collaborative .NET C2 framework for red teamers.