Decode the values of common Windows properties such as userAccountControl and sAMAccountType.

A Python script to backup all repos (public or private) of a user.

A Python script to sort Portable Executable (PE) files by their version and download debug symbols if existing.

A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.

A Python script to parse Fortinet products serial numbers, and detect the associated model and revision.

Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.

A collection of http fuzzing python scripts to fuzz HTTP servers for bugs.

A webshell plugin and interactive shell for pentesting a WordPress website.

A simple library to parse command line arguments in C++.

A path traversal in smbserver.py allows an attacker to read/write arbitrary files on the server.

A python wrapper to run a command on against all users/computers/DCs of a Windows Domain

Memory mapping profiles for forensic analysis using volatility 2

A webshell plugin and interactive shell for pentesting a Joomla website.

A webshell plugin and interactive shell for pentesting JoGet application.

A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file.

A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks

A script to enumerate valid usernames based on the requests response times.

MailMasta wordpress plugin Local File Inclusion vulnerability (CVE-2016-10956)

Memory mapping profiles for forensic analysis using volatility 3

This repository contains the list of windows builds as parsable JSON files.

crEAP will identify WPA Enterprise mode EAP types and harvest usernames and/or handshakes if insecure protocols are in use.

This repository contains a set of useful scripts templates for pentesters and security researchers.