Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into account…

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems

Lists of .NET Obfuscator (Free, Freemium, Paid and Open Source )

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

Active Directory information dumper via LDAP

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols

The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Tool to search secrets in various filetypes.

An ASCII Header Generator for Network Protocols

Random scripts for generating Flipper data files.

CrackQ: A Python Hashcat cracking queue system

PACK (Password Analysis and Cracking Kit)

This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.

Search for potential frontable domains

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices

Steganography brute-force utility to uncover hidden data inside files

Repo to store compiled modules or links to 3rd party add-on modules.

Chameleon: A tool for evading Proxy categorisation

Code that runs on the Open Source Rover

Search for Directory Traversal Vulnerabilities

Apache Tomcat auto WAR deployment & pwning penetration testing tool.

Encoding Tools for Rubber Ducky

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras