n00py's Projects
Exploiting the HippoConnect protocol for HippoRemote
A collection of awesome penetration testing resources, tools and other shiny things
List of Awesome Windows Security Resources
BetterHeaderGetter: Get HTTP security headers and make them look good.
Black Hat Python Labs
红蓝对抗跨平台远控工具
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
https://www.n00py.io/2020/05/extracting-files-from-burp-intruder-output/
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
A swiss army knife for pentesting networks
The Credential Mapper
Cisco Unfied Call Manager enumeration
Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / any other payload to victim without any complex configuration.
CVE-2019-0230 Exploit POC
CobaltStrike <= 4.7.1 RCE
DCSync Attack from Outside using Impacket
Rogue Synergy server
Empire is a PowerShell and Python post-exploitation agent.
A post-exploitation OS X/Linux agent written in Python 2.7
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Hash cracker
Official FOSSCAD Library Repository
Simple, hand-picked list of fuzz strings
A PoC backdoor that uses Gmail as a C&C server
Get Fine Grained Password Policy