Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name. Although Pass2Pwn does not have the capacity to generate as many passwords as other tools, I have attempted to implement a mechanism that generates passwords using the most common password pattern that we notice in general, which is correlated to the organization name.
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
Bitpass Password Generator Installation Make sure Python 3+ is installed
Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service
Hi there,
There is a Path Traversal vulnerability in this project, through the input word/words. Yes, path traversal is intended for the filename input since it depends on the user on where the file should be saved and how, however, I guess it isn't intended for the word/words input too.
For example, if I give input as "../nice" for "Word/s" and go with the default file name, then the password list generated is totally fine, however there is no proper sanitization to avoid dot-dot-slash (or simply slash) to prevent path traversal through the word/words input.
Note: Path traversal through filename input mayn't count as a vulnerability, since that's the file path decided by the user. But, this isn't the focus of this issue I am opening up, and instead this is about the word/words input.
If I give input as "../nice" for "Word/s", then the default file name prefix should be one of these: "nice", ".._nice", "..nice".
I am opening up a Pull Request alongside this Issue, where I have implemented a fix for the issue. I hope you would check that out after going through this issue.
Thanks, @TheBinitGhimire
bugThis is a beta version with numerous flaws and no error handling; but, if you like my concept, please don't hesitate to help me improving this tool.
Source code(tar.gz)Log4j2 RCE Scanner 作者:[email protected]元亨实验室 声明:由于传播、利用本项目所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,项目作者不为此承担任何责
ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f
WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are
little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for
Descarga los eventos de Sucuri Script para descargar los eventos del Sucuri Web Application Firewall (WAF) en el disco como archivos CSV. Requerimient
A tool that detects the "expensive" Carbon Black watchlists.
Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex
⚜️ Berserker ⚜️ An unique Python3 obfuscator using Kyrie Eleison's encryption protocol, written in Python3. 📋 Examples 📋 Unobfuscated: input("Hello
reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re
CVE-2021-26084 Description POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection V
Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
Parler's unofficial API with all endpoints present in their iOS app as of 08/12/2020. For the most part undocumented, but the error responses are alre
scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.
getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag
💳 Credit Card Checker (CC Checker) & Mass SK Checker & Generator 💳
Wallet Tracker This is a Crypto asset tracker that I built to aid my personal journey in cryptocurrencies. build docker build -t wallet-tracker . run
1 Dec 26, 2021
6 Feb 2, 2022
1 Jan 1, 2022
1 Jan 10, 2022
2 Feb 14, 2022
2 Nov 10, 2022
368 Jan 4, 2023
7 Jul 14, 2022
3 Nov 23, 2022
87 Dec 29, 2021
130 Dec 15, 2022
1 Nov 02, 2022
86 Aug 21, 2022
8 Nov 10, 2022
96 Dec 14, 2022
5 Nov 23, 2021
2 Nov 29, 2021
8 Aug 04, 2022
4 Jan 09, 2022
81 Dec 07, 2022
560 Dec 23, 2022
9 Aug 31, 2022
43 Dec 03, 2022
393 Nov 26, 2022
1 Dec 21, 2021
37 Dec 06, 2022
9 Feb 15, 2022
53 Dec 31, 2022
2 Mar 21, 2022