Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+3584.81%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+5182.28%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+167.09%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+777.22%)
Pentest Tools FrameworkPentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (-39.24%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (-46.84%)
Ttpassgen密码生成 flexible and scriptable password dictionary generator which can support brute-force、combination、complex rule mode etc...
Stars: ✭ 68 (-13.92%)
Cve 2020 0796CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
Stars: ✭ 1,102 (+1294.94%)
Twitter Follow ExploitAutomated Twitter mass account creation and follow using Selenium and Tor VPN
Stars: ✭ 47 (-40.51%)
PlasmaAn Android Application written using latest Android Jetpack components and best practices, which displays trending movies/TV shows and cast, user can search movies and TV shows and also add them to watchlist.
Stars: ✭ 67 (-15.19%)
CtfSome of my CTF solutions
Stars: ✭ 70 (-11.39%)
PwntoolsCTF framework and exploit development library
Stars: ✭ 8,585 (+10767.09%)
LabsVulnerability Labs for security analysis
Stars: ✭ 1,002 (+1168.35%)
CiscoexploitCisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
Stars: ✭ 73 (-7.59%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1265.82%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-50.63%)
PysploitRemote exploitation framework written in Python
Stars: ✭ 37 (-53.16%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-53.16%)
SlowlorisAsynchronous Python implementation of SlowLoris DoS attack
Stars: ✭ 51 (-35.44%)
Exploit Cve 2016 9920Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container
Stars: ✭ 34 (-56.96%)
UnchainedSecure password hashers for Go compatible with Django
Stars: ✭ 46 (-41.77%)
Keychains🔑 A keychain wrapper that is so easy to use that your cat could use it.
Stars: ✭ 67 (-15.19%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-40.51%)
Kernel ExploitsMy proof-of-concept exploits for the Linux kernel
Stars: ✭ 1,173 (+1384.81%)
Write Ups📚 VoidHack CTF write-ups
Stars: ✭ 45 (-43.04%)
Chimay RedMikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
Stars: ✭ 63 (-20.25%)
Browserpass LegacyLegacy Browserpass repo, development is now happening at:
Stars: ✭ 1,020 (+1191.14%)
Cve 2017 0781Blueborne CVE-2017-0781 Android heap overflow vulnerability
Stars: ✭ 74 (-6.33%)
IcememeRoblox Exploit Source Code Called IceMeme with some cmds, lua c and limited lua execution with simple ui in c#
Stars: ✭ 42 (-46.84%)
UnlockdownDisabling kernel lockdown on Ubuntu without physical access
Stars: ✭ 62 (-21.52%)
Node Argon2Node.js bindings for Argon2 hashing algorithm
Stars: ✭ 1,008 (+1175.95%)
Go DicewareGolang library for generating passphrases via the diceware algorithm.
Stars: ✭ 69 (-12.66%)
X RayX-Ray is a script that lets users toggle password visibility in forms.
Stars: ✭ 40 (-49.37%)
Sap exploitHere you can get full exploit for SAP NetWeaver AS JAVA
Stars: ✭ 60 (-24.05%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (+1155.7%)
DownloadsAD Health Check, Send HTML Email, Ping machines, Encrypt Password,Bulk Password,Microsoft Teams,Monitor Certificate expiry, Monitor cert expiry, AD attributes, IP to Hostname, Export AD group, CSV to SQL,Shutdown, Restart, Local Admin, Disk Space, Account expiry,Restore Permissions, Backup permissions, Delete Files Older Than X-Days, export DHCP options,Read Registry,Distribution group AD attributes,Monitor Windows Services,Export Reverse DNS,Task Monitor,Monitor and alert, Exchange Health check,Get Network Info, Export AD Attributes,AD group members, Office 365 Group member, SQL to CSV, Outlook save send attachments, Upload files to FTP,Exchange – Total Messages Sent Received, Set Teams Only Mode, Intune Duplicate Device,Intune Cleanup Not Evaluated, Ownership and Grant Permissions, Write Create Modify Registry , Organization Hierarchy from AD,Azure AD Privileged Identity Management,Intune – Export MAM Devices,Intune Marking devices as Corporate, Dynamic to Static Distribution Group,Monitor Alert Office 365 services,Group Member Count,Bulk Addition external users sharepoint, ADD to Exchange online License Group,All in One Office 365 Powershell,Bulk Addition of Secondary Email, Automate move mailboxes to o365, Addition Modification Termination Exchange users, Monitoring Unified Messaging port,Unified Messaging Extensions Report, Set Default Quota for SharePoint,Bulk Contact Creation and Forwarding, Uploading and Downloading files sftp, Monitoring Sftp file and download, Office 365 groups Write back, CSV parser, Email address update, Email address modify, MDM enrollment, Welcome Email, Intune Welcome Email, remove messages, remove email, SKOB to AD, SKOB to group, PowerApps report, Powerautomate Report, Flow report, Server QA, Server Check List, O365 IP range, IP range Monitor, o365 Admin Roles, memberof extraction, CSV to Excel, Skype Policy, UPN Flip, Rooms Report, License Reconciliation,Intune Bulk Device Removal, Device Removal, Clear Activesync, Lync Account Termination,Lync Account Removal, Enable office 365 services, Enable o365 Services, Export PST, Site collection Report, Office 365 Group Sites, System Admin,ActiveSync Report,White Space,Active Directory attributes, outlook automation, Intune Detect App, Distribution list Fix, Legacy DN, start service, stop service, disable service, Message tracking, Distribution lists report,Distribution groups report,Quota Report, Auto reply, out of office, robocopy multi session, Home Folder, local admin, Database, UPN SIP Mismatch, Recoverable deleted, teams number, Number assignment, teams phone, AD Group Hierarchy, Hierarchy membership, Sync Groups
Stars: ✭ 75 (-5.06%)
FeatherpasswordmanagerHighly portable extremely light-weight password manager that stores all your passwords in a local encrypted file.
Stars: ✭ 39 (-50.63%)
Lypaymentfield多种风格的支付框控件,可定制加密图片,也可使用带动画的弹窗。A variety of styles of payment box controls can be customized to encrypt pictures, can also be used with animated alert.
Stars: ✭ 58 (-26.58%)
PgenCommand-line passphrase generator
Stars: ✭ 68 (-13.92%)
ChasmA CHaracter Aware Splitting Method for producing password candidates.
Stars: ✭ 37 (-53.16%)
NtrghidraFully Featured Nintendo DS Loader for Ghidra
Stars: ✭ 56 (-29.11%)
Pythempentest framework
Stars: ✭ 1,060 (+1241.77%)
PasswordcockpitPasswordcockpit is a simple, free, open source, self hosted, web based password manager for teams. It is made in PHP, Javascript, MySQL and it run on a docker service. It allows users with any kind of device to safely store, share and retrieve passwords, certificates, files and much more.
Stars: ✭ 34 (-56.96%)
H EncoreFully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
Stars: ✭ 968 (+1125.32%)
TegrarcmguiC++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)
Stars: ✭ 965 (+1121.52%)
Poc BankFocus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 68 (-13.92%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1116.46%)
MentalistMentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.
Stars: ✭ 945 (+1096.2%)
UnauthdA local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854
Stars: ✭ 79 (+0%)