nozakiHTTP fuzzer engine security oriented
Stars: ✭ 37 (-95.13%)
shakeitoffWindows MSI Installer LPE (CVE-2021-43883)
Stars: ✭ 68 (-91.05%)
HomeUniteUsWe're working with community non-profits who have a Host Home or empty bedrooms initiative to develop a workflow management tool to make the process scalable (across all providers), reduce institutional bias, and effectively capture data.
Stars: ✭ 22 (-97.11%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (-88.16%)
Malicious-Urlv5A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.
Stars: ✭ 35 (-95.39%)
BoomERFramework for exploiting local vulnerabilities
Stars: ✭ 84 (-88.95%)
CVE-2022-21907-http.sysProof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
Stars: ✭ 67 (-91.18%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (-92.37%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-94.21%)
MacOS-WPA-PSKPoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
Stars: ✭ 29 (-96.18%)
e2e-testingFormal verification of Elastic-Agent and more using BDD
Stars: ✭ 22 (-97.11%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-90.92%)
FShellMy python3 implementation of a Forward Shell
Stars: ✭ 24 (-96.84%)
AxonUnrestricted Lua Execution
Stars: ✭ 59 (-92.24%)
Jira-LensFast and customizable vulnerability scanner For JIRA written in Python
Stars: ✭ 185 (-75.66%)
gwdomainssub domain wild card filtering tool
Stars: ✭ 38 (-95%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-90.92%)
CVE-2021-27928CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞
Stars: ✭ 53 (-93.03%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-95%)
AstraAstra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (-75.39%)
palinka c2Just another useless C2 occupying space in some HDD somewhere.
Stars: ✭ 14 (-98.16%)
SubcertSubcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
Stars: ✭ 58 (-92.37%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-83.82%)
telegram-logSend a Telegram message when your scripts fire an exception or when they finish their execution.
Stars: ✭ 16 (-97.89%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-95.66%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-95.26%)
hackipyHacking, pen-testing, and cyber-security related tools built with Python.
Stars: ✭ 26 (-96.58%)
recceDomain availbility checker
Stars: ✭ 30 (-96.05%)
fake-web-eventsCreates a Simulation of Fake Web Events
Stars: ✭ 48 (-93.68%)
EmissarySend notifications on different channels such as Slack, Telegram, Discord etc.
Stars: ✭ 33 (-95.66%)
attack to verisThe principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (-92.63%)
advisoriesA collection of my public security advisories.
Stars: ✭ 16 (-97.89%)
Awesome-HTTPRequestSmugglingA curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
Stars: ✭ 97 (-87.24%)
HostEnumeratorA tool that automates the process of enumeration
Stars: ✭ 29 (-96.18%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (-11.05%)
MOSPA collaborative platform for creating, editing and sharing JSON objects.
Stars: ✭ 72 (-90.53%)
PythonPython Powered Repository
Stars: ✭ 17 (-97.76%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-97.11%)
WMEyeWMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
Stars: ✭ 315 (-58.55%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-96.32%)
sike-javaSIKE for Java is a software library that implements experimental supersingular isogeny cryptographic schemes that aim to provide protection against attackers running a large-scale quantum computer.
Stars: ✭ 28 (-96.32%)
PPNPentester's Promiscuous Notebook
Stars: ✭ 221 (-70.92%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (-95.92%)
JawbreakerA Python obfuscator using HTTP Requests and Hastebin.
Stars: ✭ 50 (-93.42%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-94.47%)
ICUAn Extended, Modulair, Host Discovery Framework
Stars: ✭ 40 (-94.74%)
ADLESAutomated Deployment of Lab Environments System (ADLES)
Stars: ✭ 28 (-96.32%)
kube-scanKubernetes Scanner
Stars: ✭ 32 (-95.79%)
exploitingExploiting challenges in Linux and Windows
Stars: ✭ 122 (-83.95%)
selenium BDD frameworkBehavioural driven development UI automation framework using selenium, cucumber-java, testng, maven, phantomjs
Stars: ✭ 34 (-95.53%)
adv-dnn-ens-malwareadversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants
Stars: ✭ 33 (-95.66%)