Lists (1)
Stars
Code and instructions for building a custom plugin backdoor for SonarQube
An interactive, password protected, aspx webshell with file upload capabilities and directory management.
A list of public penetration test reports published by several consulting firms and academic security groups.
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
A tool to dump a git repository from a website
Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11
Python script to decrypt passwords stored by mRemoteNG
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
A simple splunk package for obtaining reverse shells on both Windows and most *nix systems.
A super small jsp webshell with file upload capabilities.
scraping renting listings from willhaben.at
Dockerized Signal Messenger REST API
Username enumeration and password spraying tool aimed at Microsoft O365.