VSSTrigger
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Credits: @topotam (https://fr.slideshare.net/LionelTopotam/petit-potam-slidesrtfmossir)
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Overview
Some Attacks of Exchange SSRF ProxyLogon&ProxyShell
Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1
129 Dec 30, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
165 Dec 21, 2022
Brute-forcing (or not!) deck builder for Pokemon Trading Card Game.
PokeBot Deck Builder Brute-forcing (or not!) deck builder for Pokemon Trading Card Game. Warning: intensely not optimized and spaghetti coded Credits
0 Jan 10, 2022
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
2 Jul 20, 2022
A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms
A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms. Change the Blackgound image of targets' computer. and decrypt the targets' encrypted files in our own compute
2 Dec 02, 2022
Python script to tamper with pages to test for Log4J Shell vulnerability.
log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static
8 Oct 20, 2022
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanni
12 Dec 02, 2022
Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool
loggef Facebook automation tool, Facebook account hacking and cloning advanced tool + dictionary attack added Warning Use this tool for educational pu
149 Aug 10, 2022
The Multi-Tool Web Vulnerability Scanner.
🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1
1.3k Dec 31, 2022
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability
ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i
24 Dec 19, 2022
Brute force attack tool for Azure AD Autologon/Seamless SSO
Brute force attack tool for Azure AD Autologon
89 Jan 02, 2023
Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source
Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg
1.8k Jan 04, 2023
Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.
Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark
36 Dec 04, 2022
TCP/UDP port scanner on python, usong scapy and multiprocessin
Port Scanner TCP/UDP port scanner on python, usong scapy and multiprocessing. Usage python3 scanner.py [OPTIONS] IP_ADDRESS [{tcp|udp}[/[PORT|PORT-POR
1 Dec 05, 2021
自动化爆破子域名,并遍历所有端口寻找http服务,并使用crawlergo、dirsearch、xray等工具扫描并集成报告;支持动态添加扫描到的域名至任务;
AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告; 工具目前有:oneforall、masscan、nmap、crawlergo、dirse
633 Dec 30, 2022
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.
Just-Your-Basic-Port-Scanner Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration. Use at your own discretion,
0 Nov 06, 2021
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228
log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.
2 Dec 16, 2021
Webpack自动化信息收集
Webpack-信息收集工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:小洲 团队:横戈安全团队,未来一段时间将陆续开源工具,欢迎关注微信公众号: 定位:协助红队人员快速的信息收集,测绘目
214 Dec 19, 2022
Script Crack Facebook Premium 🚶♂
premium Script Crack Facebook Premium 🚶♂ In Script Install Script $ pkg update && pkg upgrade $ termux-setup-storage $ pkg install python $ pkg inst
2 Dec 19, 2021
Metasploit Multi Purpose Exploiting Toolkit For Termux
MSF-EXPLOIT MSF-ANDRO is a Metasploit Multi Purpose Exploiting Toolkit For Termux . Only a Basic Script , Still in Development . FEATURES : Install Me
22 Dec 29, 2022