an0nym0u5101 Goto Github PK
Type: User
Type: User
This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks
This a pown command that gives credit where credit is due. It is important to remember that none of this work is possible without our direct and indirect contributors.
A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
A web app scanner
This is a big smash up of a lot of various tools I have made in the past along with some new ones. It includes a array of tools for helping with pentesting and messing around on the net. Currently only have installer files made for Ubuntu & Debian systems, but if you know what you're doing you can easily read them and get what you need to get all the dependencies installed on your own. I made a quick basic demonstration video you to give a general overview of what it has included, you can watch it here: http://youtu.be/z9rq1SBIYI0 Here is another short video to show how the Dorker piece works: http://youtu.be/43aphr0QRng It's a bit of a constant work in progress but will be posting updates from time to time as I add more stuff and get them stabilized and working properly without much issue. If you have any questions, comments, or suggestions just let me know. Thanks, H.R.
Payloads for CRLF Injection
Command line tool for testing CRLF injection on a list of domains.
Faraday Continuous Scanning
Control Systems Digger digs into data found on Shodan
A Burp Plugin for Detecting Weaknesses in Content Security Policies
Cyber Threat Intelligence Repository expressed in STIX 2.0
convert curl commands to Python, JavaScript, PHP, R, Go, Rust, Dart, JSON, Ansible, Elixir
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
This here is a little modification to the bash.bashrc file in the /usr/etc/bash.bashrc. Enjoy tweaking with these c:
Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.
🐱💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
A simple scavenger hunt to learn about pentesting a website or web application.
Source for the first tool
A one stop shop hunting app in Splunk that can ingest Zeek, Suricata, Sysmon, and Windows event data to find malicious indicators of compromise relating to the MITRE ATT&CK Matrix.
OWASP D4N155 - Intelligent and dynamic wordlist using OSINT
the core of the cSploit project
Advanced Hash Manipulation
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Vulnerable Banking Application for Android
Another web vulnerabilities scanner, this extension works on Chrome and Opera
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.