Lists (1)
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
YOLOv5 🚀 in PyTorch > ONNX > CoreML > TFLite
Automatic SQL injection and database takeover tool
E-mails, subdomains and names Harvester - OSINT
Fast subdomains enumeration tool for penetration testers
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Tool for Active Directory Certificate Services enumeration and abuse
BloodyAD is an Active Directory Privilege Escalation Framework
Orange Cyberdefense mindmaps
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
Automatic SSTI detection tool with interactive interface
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Active Directory Integrated DNS dumping by any authenticated user
Python version of the C# tool for "Shadow Credentials" attacks
Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑…
A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
Rid_enum is a null session RID cycle attack for brute forcing domain controllers.
A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily