XattackerX Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+2703.13%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (+21.88%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+1381.25%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+559.38%)
Pwn jenkinsNotes about attacking Jenkins servers
Stars: ✭ 841 (+2528.13%)
MS17010EXPLadon Moudle MS17010 Exploit for PowerShell
Stars: ✭ 40 (+25%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-25%)
Cve 2019 0604cve-2019-0604 SharePoint RCE exploit
Stars: ✭ 91 (+184.38%)
StuffUnsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
Stars: ✭ 146 (+356.25%)
Pythempentest framework
Stars: ✭ 1,060 (+3212.5%)
Cve 2019 07083389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
Stars: ✭ 350 (+993.75%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (+9.38%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (+350%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+109.38%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+5990.63%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+12940.63%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-59.37%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+2065.63%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+8996.88%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+337.5%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (+53.13%)
SubRosaBasic tool to automate backdooring PE files
Stars: ✭ 48 (+50%)
Discord-Console-hacksA collection of JavaScript Codes I've made to enhance the User Experience of Discord and some other Discord related stuff
Stars: ✭ 353 (+1003.13%)
fusee-nanoA minimalist re-implementation of the Fusée Gelée exploit (http://memecpy.com), designed to run on embedded Linux devices. (Zero dependencies)
Stars: ✭ 49 (+53.13%)
kernelpwnkernel-pwn and writeup collection
Stars: ✭ 348 (+987.5%)
usefuluseful pentest note
Stars: ✭ 59 (+84.38%)
PocOrExp in Github聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+1600%)
exploitsSome of my public exploits
Stars: ✭ 50 (+56.25%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (+34.38%)
expdevVulnerable software and exploits used for OSCP/OSCE preparation
Stars: ✭ 24 (-25%)
Discord-Block-BypassSimple script that utilities discord's flaw in detecting who blocked who.
Stars: ✭ 24 (-25%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-28.12%)
PeekABooPeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
Stars: ✭ 120 (+275%)
CVE-2019-8449CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
Stars: ✭ 66 (+106.25%)
PoC-BankFocus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (+159.38%)
LightCosmosRatA remote administration tool for Windows, written in C#
Stars: ✭ 31 (-3.12%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (+128.13%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (+181.25%)
BoomERFramework for exploiting local vulnerabilities
Stars: ✭ 84 (+162.5%)
DoubleStarA personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques
Stars: ✭ 140 (+337.5%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (+115.63%)
exploit-CVE-2015-3306ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
Stars: ✭ 97 (+203.13%)
batchqlGraphQL security auditing script with a focus on performing batch GraphQL queries and mutations
Stars: ✭ 251 (+684.38%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (+293.75%)
huntkitDocker - Ubuntu with a bunch of PenTesting tools and wordlists
Stars: ✭ 51 (+59.38%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (+278.13%)
dirtycowradare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
Stars: ✭ 93 (+190.63%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (+771.88%)