This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.

🎯 Prevent RubberDucky (or other keystroke injection) attacks

An exploit for Apache Struts CVE-2017-5638

A python tool to identify different Hash Function Algorithms

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution

An interactive multi-user web JS shell

Intercepting TCP proxy to modify raw TCP streams using modules on incoming or outgoing traffic

Plugins I've written for Volatility

VolDiff: Malware Memory Footprint Analysis based on Volatility

Exploit for Drupal 7 <= 7.57 CVE-2018-7600

siberas JMX exploitation toolkit

Crypto tool for pentest and ctf : try to uncipher data using multiple algorithms and block chaining modes. Usefull for a quick check on unknown cipher text and key dictionnary

Python script that takes new output from Get-DomainTrustMapping .csvs and outputs graphml. Based on DomainTrustExplorer.

Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.

Convert ldapdomaindump to Bloodhound

MS17-010

Script to output stats around weak passwords and password re-use from an NtdsAudit (pwdump) file

Python script to exploit java unserialize on t3 (Weblogic)

A small python library for exploiting simple chosen-plaintext attacks.

Updated the FoxGlove Security WebLogic serialization exploit.

Advanced scanner for CVE-2020-0796 - SMBv3 RCE

Exemple d'extension Burp permettant d'utiliser les fichiers de configuration de proxy PAC