hood3drob1n Goto Github PK
Type: User
Type: User
Hashcat Bash Scripts for bulk hash file processing
BinGoo! A Linux bash based Bing and Google Dorking Tool
A swiss army knife for pentesting Windows/Active Directory environments
This is a big smash up of a lot of various tools I have made in the past along with some new ones. It includes a array of tools for helping with pentesting and messing around on the net. Currently only have installer files made for Ubuntu & Debian systems, but if you know what you're doing you can easily read them and get what you need to get all the dependencies installed on your own. I made a quick basic demonstration video you to give a general overview of what it has included, you can watch it here: http://youtu.be/z9rq1SBIYI0 Here is another short video to show how the Dorker piece works: http://youtu.be/43aphr0QRng It's a bit of a constant work in progress but will be posting updates from time to time as I add more stuff and get them stabilized and working properly without much issue. If you have any questions, comments, or suggestions just let me know. Thanks, H.R.
ImaegMagick Code Execution (CVE-2016-3714)
D-Link Dir-600 & Dir-300 RCE Exploit By: Hood3dRob1n ============ Vulnerable Firmware Releases - DIR-300: ============ Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 ============ Vulnerable Firmware Releases - DIR-600: ============ Firmware-Version : 2.12b02 - 17/01/2012 Firmware-Version : 2.13b01 - 07/11/2012 Firmware-Version : 2.14b01 - 22/01/2013 In response to vuln & PoC posted on PacketStorm, by Michael Messner: http://packetstormsecurity.com/files/120052/D-Link-DIR-600-DIR-300-Command-Execution-Bypass-Disclosure.html PIC: http://i.imgur.com/nrmRxLi.png PIC: http://i.imgur.com/jtMmCps.png
Ding-2: A Faster Better Bing Dork Scanner
This is a Ruby script I wrote to perform searches against the Exploit-DB Local Archive. It adds some better logic to the searches over the bash version in my opinion, also adds some much needed color :)
test
A web shell I made while trying to pick up PHP.
Inf0rm3r - A Linux Info & Ssytem Enumeration Script
IPB <= 3.3.4 Remote Code Execution Exploit
This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.
A Kali Linux Tool to assist with security audits and pentesting. Lots of wrappers for commonly used tools to help extend their usefulness while making a lot of the experience easy on the user.
Linux RDP Scanner and Bruteforcer Scripts
LotusCMS 3.0 eval() Remote Command Execution
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
Linux MySQL Client Wrapper to make things a easier for those who have a hard time or dont know how to use the mysql client itself. Performs lots of standard tasks local or remote on given database with provided credentials.
MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline analysis later), also includes Ruby port of Kingcope's CVE-2012-5613 Linux MySQL Privilege Escalation Exploit.
OhNo - The Evil Image Builder & Meta Manipulator
PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.
PHPKIT <= 1.6.1 SQLi Exploit Script
phpThumb <= 1.7.9-2008 RCE Exploit
Simple PhpMyAdmin Finder and Bruteforcer Script
Reverser - A Quick Reverse Connection Deployment Script
RottenPotato local privilege escalation from service account to SYSTEM
A Ruby class which wraps the rpcclient tool to make easily available from your Ruby scripts/apps
Ruby Bind and Reverse Shells I wrote using standard libs. Bind Shell includes authentication while reverse does not. Standard libs only so should work in most places you find Ruby supported. Hope its helpsful to someone.....
RubyCat - A Pure Ruby NetCat Alternative
Search Tool for easy handling of the Exploit-DB Archive & associated CSV file
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.