PwnX.py🏴☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit
Stars: ✭ 30 (-78.26%)
OSCP-PrepContained is all my reference material for my OSCP preparation. Designed to be a one stop shop for code, guides, command syntax, and high level strategy. One simple clone and you have access to some of the most popular tools used for pentesting.
Stars: ✭ 33 (-76.09%)
metagoofilSearch Google and download specific file types
Stars: ✭ 174 (+26.09%)
dwnd(ockerp)wn - a docker pwn tool manager
Stars: ✭ 154 (+11.59%)
digital-copyrightStamp your code with a trackable digital copyright
Stars: ✭ 17 (-87.68%)
shellPython 3 Reverse Shell
Stars: ✭ 22 (-84.06%)
SCANNER-INURLBRAdvanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
Stars: ✭ 90 (-34.78%)
connectorsOpenCTI connectors
Stars: ✭ 135 (-2.17%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-90.58%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-24.64%)
sshamebrute force SSH public-key authentication
Stars: ✭ 43 (-68.84%)
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: ✭ 53 (-61.59%)
PassLockPassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)
Stars: ✭ 44 (-68.12%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-56.52%)
DNSWhotransmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
Stars: ✭ 47 (-65.94%)
STEWSA Security Tool for Enumerating WebSockets
Stars: ✭ 154 (+11.59%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+551.45%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (-37.68%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-74.64%)
css-cheatsheetSyntax, terminologies, selectors, and common properties of CSS
Stars: ✭ 114 (-17.39%)
adduser-dllSimple DLL that add a user to the local Administrators group
Stars: ✭ 48 (-65.22%)
skweezFast website scraper and wordlist generator
Stars: ✭ 49 (-64.49%)
Offensive-Security-CayuqueoScripts usados en mi formación de Offensive Security por medio de la suscripción Learn Unlimited
Stars: ✭ 14 (-89.86%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-53.62%)
filter-var-sqliBypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )
Stars: ✭ 29 (-78.99%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-84.06%)
machinescliThis tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.
Stars: ✭ 34 (-75.36%)
BCA-PhantomA multi-platform HTTP(S) Reverse Shell Server and Client in Python 3
Stars: ✭ 80 (-42.03%)
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Stars: ✭ 181 (+31.16%)
attack-evalsATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (-58.7%)
AlfredA friendly Toolkit for Beginner CTF players
Stars: ✭ 39 (-71.74%)
AzureAD Autologon BruteBrute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Stars: ✭ 90 (-34.78%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+21.01%)
meteorA cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
Stars: ✭ 31 (-77.54%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-51.45%)
Malicious-Urlv5A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.
Stars: ✭ 35 (-74.64%)
vsauditVOIP Security Audit Framework
Stars: ✭ 104 (-24.64%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-86.23%)
URL-obfuscatorPython Program to obfuscate URLs to make Phishing attacks more difficult to detect. Uses Active open redirect list and other URL obfuscation techniques.
Stars: ✭ 101 (-26.81%)
ADMMutateClassic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I h…
Stars: ✭ 69 (-50%)
SentryPeerA distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot.
Stars: ✭ 108 (-21.74%)
sphinx-rest-cheatsheetA compact cheat sheet for writing documentation string for Sphinx, with focus on Python.
Stars: ✭ 17 (-87.68%)
TokenBreakerJSON RSA to HMAC and None Algorithm Vulnerability POC
Stars: ✭ 51 (-63.04%)
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-77.54%)
fileless-elf-execExecute ELF files without dropping them on disk
Stars: ✭ 237 (+71.74%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+217.39%)
BlueReverseBluetooth reverse shell.
Stars: ✭ 15 (-89.13%)