Wholeaked – A File-Sharing Tool That Allows You To Find The Responsible Person In Case Of A Leakage
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage. It's written...
Tools
LDAP shell – AD ACL Abuse
This repository contains a small tool inherited from ldap_shell (https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldap_shell.py). Installation These tools are only compatible with Python 3.5+. Clone...
Poro – Scan Publicly Accessible Assets On Your AWS Cloud Environment
Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets...
Skanuvaty – Dangerously Fast DNS/network/port Scanner
Dangerously fast dns/network/port scanner, all-in-one.Start with a domain, and we'll find everything about it. Features: Finds subdomains from root domain...
Uncover – Quickly Discover Exposed Hosts On The Internet Using Multiple Search Engine
uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet....
Cloak – A Censorship Circumvention Tool To Evade Detection By Authoritarian State Adversaries
Cloak is a pluggable transport that enhances traditional proxy tools like OpenVPN to evade sophisticated censorship and data discrimination. Cloak...
OffensiveNotion – Notion As A Platform For Offensive Operations
Notion (yes, the notetaking app) as a C2. Wait, What? Yes. But Why? What started as a meme grew into...
Octosuite – Advanced Github OSINT Framework
Simply gather OSINT on Github users and organizations like a godļ„ FEATURES Fetches organization info Fetches user info Fetches repository...
Gitbleed_Tools – For Extracting Data From Mirrorred Git Repositories
This repo contains shell scripts that can be used to download and analyze differences between cloned and mirror Git repositories....
Hcltm – Documenting Your Threat Models With HCL
Threat Modeling with HCL Overview There are many different ways in which a threat model can be documented. From a...
KNX-Bus-Dump – A Tool To Listen On A KNX Bus Via TPUART And The Calimero Project Suite And To Dump The Data From The Packets Into A Wireshark-Compatible File Hex Dump
KNX is a popular building automation protocol and is used to interconnect sensors, actuators and other components of a smart...
ScheduleRunner – A C# Tool With More Flexibility To Customize Scheduled Task For Both Persistence And Lateral Movement In Red Team Operation
Scheduled task is one of the most popular attack technique in the past decade and now it is still commonly...
DarthSidious – Building An Active Directory Domain And Hacking It
The goal is simple To share my modest knowledge about hacking Windows systems. This is commonly refered to as red...
ICMP-TransferTools – Transfer Files To And From A Windows Host Via ICMP In Restricted Network Environments
ICMP-TransferTools is a set of Upload via ICMP The included ICMP-ReceiveFile.py and Invoke-IcmpUpload.ps1 scripts can be used to upload/exfiltrate a...
Live-Forensicator – Powershell Script To Aid Incidence Response And Live Forensics
Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in...
Phantun – Transforms UDP Stream Into (Fake) TCP Streams That Can Go Through Layer 3 &Amp; Layer 4 (NAPT) firewalls/NATs
Phantun is a project that obfuscated UDP packets into TCP connections. It aims to achieve maximum performance with minimum processing...
CobaltBus – Cobalt Strike External C2 Integration With Azure Servicebus, C2 Traffic Via Azure Servicebus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus Setup Create an Azure Service Bus Create...
Odin – Central IoC Scanner Based On Loki
Odin is a central IoC Collecting Parsing Download Odin If you like the site, please consider joining the telegram channel...
Subdomains.Sh – A Wrapper Around Tools I Use For Subdomain Enumeration On A Given Domain. This Script Is Written With The Aim To Automate The Workflow
subdomains.sh wrapper around tools I use for subdomain enumeration, to automate the workflow, on a given domain. Usage To display...
Auto-Elevate – Escalate From A Low-Integrity Administrator Account To NT AUTHORITYSYSTEM Without An LPE Exploit By Combining A COM UAC Bypass And Token Impersonation
This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates...
Slyther – AWS Security Tool
Slyther is AWS Security tool to check read/write/delete access for S3 bucketsĀ Requirements aws-cli Installation pip3 install -r requirements.txt Usage...
Spring-Spel-0Day-Poc – Spring-Cloud / spring-cloud-function, spring.cloud.function.routing-expression, RCE, 0day, 0-day, POC, EXP
spring-cloud/spring-cloud-function get path lists for test find . -name "*.java"|xargs -I % cat %|grep -Eo '"({8,})"'|sort -u|sed 's/"//g' ...functionRouteruppercaselowercase... poc1...
CVE-2022-22963 – PoC Spring Java Framework 0-day Remote Code Execution Vulnerability
To run the Credits https://github.com/hktalent/spring-spel-0day-poc Download CVE-2022-22963 If you like the site, please consider joining the telegram channel or supporting...
CVE-2022-27254 – PoC For Vulnerability In Honda’s Remote Keyless System
PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254) Disclaimer: For educational purposes only. Kindly note that the discoverers for this...
