typo3scan

Enumerate Typo3 version and extensions

uacme

Defeating Windows User Account Control

ultimateapplockerbypasslist

The goal of this repository is to document the most common techniques to bypass AppLocker.

ultimatewdacbypasslist

A centralized resource for previously documented WDAC bypass techniques

unibyav

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

unix-privesc-check

Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurations that could allow local unprivileged user to escalate to other users (e.g. root) or to access local apps (e.g. databases). This is a collaborative rework of version 1.0

updog

Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.

uproot

Currently not updated for WMIEvent module...

uptux

Linux privilege escalation checks (systemd, dbus, socket fun, etc)

urbanbishoplocal

A port of FuzzySecurity's UrbanBishop project for inline shellcode execution

userenum

Domain user enumeration tool

usodllloader

Windows - Weaponizing privileged file writes with the Update Session Orchestrator service

v3n0m-scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

vba-runpe

A VBA implementation of the RunPE technique or how to bypass application whitelisting.

vbad

VBA Obfuscation Tools combined with an MS office document generator

vbscan

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

vcg

VisualCodeGrepper - Code security scanning tool.

vcsmap

vcsmap is a plugin-based tool to scan public version control systems for sensitive information.

vegile

This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell

vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

viewgen

viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

visualbasicobfuscator

Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.

vmdkreader

.NET 4.0 Console App to browse VMDK / VHD images and extract files

vmware_vcenter_cve_2020_3952

Exploit for CVE-2020-3952 in vCenter 6.7

voltron

A hacky debugger UI for hackers

vpnpivot

Explore the network using VPNPivot tool

vulmap

Vulmap Online Local Vulnerability Scanners Project

vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

vulscan

Advanced vulnerability scanning with Nmap NSE