Offensive Security

B

Free

Offensive Security

Burp-LFI-tests View Burp-LFI-tests

A unified repository for different Metasploit Framework payloads.

BS

Free

Offensive Security

Burp Suite Professional View Burp Suite Professional

A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions

C

Free

Offensive Security

C2concealer View C2concealer

Emulates Docker HTTP API with event logging and AWS deployment script.

C

Free

Offensive Security

C3 View C3

Preparation process for participating in the Pacific Rim CCDC 2015.

C

Free

Offensive Security

Caldera View Caldera

A black-box obfuscation tool for Android apps with Android App Bundle support.

C

Free

Offensive Security

cariddi View cariddi

APT Simulator is a tool for simulating a compromised system on Windows.

C

Free

Offensive Security

Charlotte View Charlotte

Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.

CC

Free

Offensive Security

Chaos Client View Chaos Client

A PowerShell toolkit for attacking Azure environments

C

Free

Offensive Security

Chameleon View Chameleon

Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.

C(

Free

Offensive Security

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution View ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution

A document that helps inform red team planning by contrasting against the very specific red team style described in Red Teams.

C

Free

Offensive Security

CloakifyFactory View CloakifyFactory

A blog post discussing the often overlooked dangers of CSV injection in applications.

CS

Free

Offensive Security

Cobalt Strike Malleable C2 Design and Reference Guide View Cobalt Strike Malleable C2 Design and Reference Guide

A framework for testing and exploiting race conditions in software

CS

Free

Offensive Security

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite View Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite

A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.

C

Free

Offensive Security

CobaltBus View CobaltBus

Setup script for Regon-ng

CS

Free

Offensive Security

Cobalt Strike's ExternalC2 framework View Cobalt Strike's ExternalC2 framework

Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

CI

Free

Offensive Security

Combatting Incident Responders with Apache mod_rewrite View Combatting Incident Responders with Apache mod_rewrite

A tool that visits suspected phishing pages, takes screenshots, and extracts interesting files.

C

Free

Offensive Security

Commix View Commix

Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

CR

Free

Offensive Security

Covert Red Team Attack Infrastructure View Covert Red Team Attack Infrastructure

A collection of resources for practicing penetration testing

T

Free

Offensive Security

tryharder View tryharder

A set of commands for exploit developers and reverse-engineers to enhance GDB functionality.

C

Free

Offensive Security

Covenant View Covenant

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.

C

Free

Offensive Security

CrackMapExec View CrackMapExec

A list of useful payloads and bypasses for Web Application Security.

C(

Free

Offensive Security

CrackMapExec (CME) View CrackMapExec (CME)

Data exfiltration & infiltration tool using text-based steganography to evade security controls.

C

Free

Offensive Security

CredMaster View CredMaster

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.

C

Free

Offensive Security

CrossC2 View CrossC2

Check if a domain is in the Alexa or Cisco top one million domain list.