Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Rich is a Python library for rich text and beautiful formatting in the terminal.
We write your reusable computer vision tools. 💜
Automatic SQL injection and database takeover tool
Automated All-in-One OS Command Injection Exploitation Tool.
Console user interface library for Python (official repo)
Fully featured and community-driven hacking environment
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Extract credentials from lsass remotely
weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-32…
rsatool can be used to calculate RSA and RSA-CRT parameters
Kerberos relaying and unconstrained delegation abuse toolkit
Foundations of Python Network Programming (Apress) — scripts and examples
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.
Active Directory ACL exploitation with BloodHound
kernel privilege escalation enumeration and exploitation framework
Hackish way to intercept and modify non-HTTP protocols through Burp & others.