an0nym0u5101 Goto Github PK

credential-dumping

This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks

credits

This a pown command that gives credit where credit is due. It is important to remember that none of this work is possible without our direct and indirect contributors.

credninja

A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter

creep-web-app-scanner

A web app scanner

creep3r

This is a big smash up of a lot of various tools I have made in the past along with some new ones. It includes a array of tools for helping with pentesting and messing around on the net. Currently only have installer files made for Ubuntu & Debian systems, but if you know what you're doing you can easily read them and get what you need to get all the dependencies installed on your own. I made a quick basic demonstration video you to give a general overview of what it has included, you can watch it here: http://youtu.be/z9rq1SBIYI0 Here is another short video to show how the Dorker piece works: http://youtu.be/43aphr0QRng It's a bit of a constant work in progress but will be posting updates from time to time as I add more stuff and get them stabilized and working properly without much issue. If you have any questions, comments, or suggestions just let me know. Thanks, H.R.

crlf-injection-payloads

Payloads for CRLF Injection

crlf-injection-scanner

Command line tool for testing CRLF injection on a list of domains.

cryptpad-docker

cscan

Faraday Continuous Scanning

csdig

Control Systems Digger digs into data found on Shodan

csharpshellapp

csp-bypass

A Burp Plugin for Detecting Weaknesses in Content Security Policies

cti

Cyber Threat Intelligence Repository expressed in STIX 2.0

curlconverter

convert curl commands to Python, JavaScript, PHP, R, Go, Rust, Dart, JSON, Ansible, Elixir

cursedchrome

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

custom_bash_for_termux

This here is a little modification to the bash.bashrc file in the /usr/etc/bash.bashrc. Enjoy tweaking with these c:

cve-2020-1350

Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.

cve-2021-21123-poc-google-chrome

🐱‍💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...

cwe-tool

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

cyber-scavenger-hunt

A simple scavenger hunt to learn about pentesting a website or web application.

cyberboomer-source

Source for the first tool

cybermenace

A one stop shop hunting app in Splunk that can ingest Zeek, Suricata, Sysmon, and Windows event data to find malicious indicators of compromise relating to the MITRE ATT&CK Matrix.

d-tech

d4n155

OWASP D4N155 - Intelligent and dynamic wordlist using OSINT

daemon

the core of the cSploit project

dagon

Advanced Hash Manipulation

dalfox

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

damn-vulnerable-bank

Vulnerable Banking Application for Android

damnwebscanner

Another web vulnerabilities scanner, this extension works on Chrome and Opera

dark-fb-gold