ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-97.96%)
Gitlab rceRCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-95.49%)
Owasp MasvsThe Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
Stars: ✭ 1,030 (-55.31%)
Buffer overflowDon't let buffer overflows overflow your mind
Stars: ✭ 131 (-94.32%)
Write Ups📚 VoidHack CTF write-ups
Stars: ✭ 45 (-98.05%)
Timeless Timing AttacksA Python implementation that facilitates finding timeless timing attack vulnerabilities.
Stars: ✭ 45 (-98.05%)
Nonce DisrespectNonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
Stars: ✭ 103 (-95.53%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (-55.49%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (-55.7%)
PortiaPortia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
Stars: ✭ 154 (-93.32%)
Mida MultitoolBash script purposed for system enumeration, vulnerability identification and privilege escalation.
Stars: ✭ 144 (-93.75%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-95.53%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (-55.66%)
NugetdefenseAn MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.
Stars: ✭ 44 (-98.09%)
Gdb StaticPublic repository of static GDB and GDBServer
Stars: ✭ 103 (-95.53%)
PsattackA portable console aimed at making pentesting with PowerShell a little easier.
Stars: ✭ 1,021 (-55.7%)
IcememeRoblox Exploit Source Code Called IceMeme with some cmds, lua c and limited lua execution with simple ui in c#
Stars: ✭ 42 (-98.18%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-94.36%)
M4ngl3m3Common password pattern generator using strings list
Stars: ✭ 103 (-95.53%)
PwntoolsCTF framework and exploit development library
Stars: ✭ 8,585 (+272.45%)
MtpwnPoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
Stars: ✭ 143 (-93.8%)
Cve 2018 18852CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
Stars: ✭ 42 (-98.18%)
Local File Disclosure Sql Injection LabThis is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
Stars: ✭ 41 (-98.22%)
Fuzz.txtPotentially dangerous files
Stars: ✭ 1,382 (-40.04%)
SlowhttptestApplication Layer DoS attack simulator
Stars: ✭ 1,003 (-56.49%)
GhostGhost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
Stars: ✭ 992 (-56.96%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (-16.88%)
RegslscanA tool for scanning registery key permissions. Find where non-admins can create symbolic links.
Stars: ✭ 39 (-98.31%)
PowerladonLadon Network Penetration Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
Stars: ✭ 39 (-98.31%)
Security ScriptsA collection of public offensive and defensive security related scripts for InfoSec students.
Stars: ✭ 101 (-95.62%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-98.35%)
Lpecollection of verified Linux kernel exploits
Stars: ✭ 159 (-93.1%)
Exploit Patterngenerate and search pattern string for exploit development
Stars: ✭ 153 (-93.36%)
SvscannerSVScanner - Scanner Vulnerability And MaSsive Exploit.
Stars: ✭ 143 (-93.8%)
Awesome Internet ScanningA curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
Stars: ✭ 130 (-94.36%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-95.62%)
PysploitRemote exploitation framework written in Python
Stars: ✭ 37 (-98.39%)
Hisilicon Dvr TelnetPoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-95.62%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-98.39%)
PentaOpen source all-in-one CLI tool to semi-automate pentesting.
Stars: ✭ 130 (-94.36%)
Cve 2019 1458CVE-2019-1458 Windows LPE Exploit
Stars: ✭ 101 (-95.62%)
Pentest ChainsawScrapes Router Passwords From http://www.routerpasswords.com ,more then +300 product
Stars: ✭ 36 (-98.44%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (-40.82%)
Repo Security ScannerCLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
Stars: ✭ 977 (-57.61%)
Oxidtools200 TOOLS BY 0XID4FF0X FOR TERMUX
Stars: ✭ 143 (-93.8%)
IsoallocA general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good performance
Stars: ✭ 130 (-94.36%)
Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
Stars: ✭ 977 (-57.61%)
Exploit Cve 2016 9920Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container
Stars: ✭ 34 (-98.52%)
YamsA collection of Ansible roles for automating infosec builds.
Stars: ✭ 98 (-95.75%)