calfcrusher Goto Github PK

-bin-lol

/bin/lol - Backdoor Creator - Compile a shell script into an suid static binary.

airavat

A multifunctional Android RAT with GUI based Web Panel without port forwarding.

allaboutbugbounty

All about bug bounty (bypasses, payloads, and etc)

android-ratlist

Android - Remote Access Trojan List

androrat

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

apache-tomcat-pentesting

Apache Tomcat exploit and Pentesting guide for penetration tester

apt38-0day-stealer

APT38 Tactic PoC for Stealing 0days from security professionals

armor

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

auto-change-tor-ip

Automatically change tor ip address over time when accessing the internet. Make it private and safe for you

automatebugbounties

Script for automate Bug Hunting

bettercap-caplets

caplets and proxy modules.

betterxencrypt

A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.

bruteforce.py

small script to brute force usernames/passwords with post request

buffshark-shellcode-runner

Shellcode runner to execute malicious payload and bypass AV

bug-bounty-program-dorks

List of Google Dorks for sites that have responsible disclosure program / bug bounty program

calfcrusher

calfcrusher.github.io

condor

「🛡️」AVs/EDRs Evasion tool

cookiestalker

Python AJAX cookie stealer + payload generator

covermyass

Shell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation.

ctf-pcap-analysis

knowledge is power

cve-2019-7192-check

Checker for QNAP pre-auth root RCE (CVE-2019-7192 ~ CVE-2019-7195)

cve-2021-30632

cve-2021-38647

Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)

cve-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

cve-2021-4035

CVE-2021-4034 1day

cve-2021-40444

CVE-2021-40444 PoC

cve-2021-41773_cve-2021-42013

Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE

cve-2021-44228

This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce