0day-l0gg3r Goto Github PK

0xsp-mongoose

a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.

aapfinder

AAP Finder (Advanced Admin Page Finder) is a tool written in Python3 with advanced functionalities

amass

In-depth Attack Surface Mapping and Asset Discovery

aquatone

A Tool for Domain Flyovers

assetnote

Push notifications for passive DNS data

blackhat-python3

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated libraries.

cve-2020-6287-exploit

PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https://github.com/rapid7/metasploit-framework/pull/13852/commits/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py <HTTP(s)://IP:Port

cve-2022-0185

CVE-2022-0185

cve-2022-0995

CVE-2022-0995 exploit

cve-2022-21882

win32k LPE

cve-2022-25636

CVE-2022-25636

cve-2022-2588

exploit for CVE-2022-2588

cve-2022-29072

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.

cve-2022-40490

Tiny File Manager v2.4.7 and below are vulnerable to Cross Site Scripting

cve-2022-40916

deathransom

A ransomware developed in python, with bypass technics, for educational purposes.

dnscan

doh365

An Office 365 enumeration script - PoC

domlink

A tool to link a domain with registered organisation names and emails, to other domains.

exphub

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

fbtool

FACEBOOK HACKING TOOLKIT

fdns

Concurrent Rapid7 FDNS dataset parser

fierce-domain-scanner

Fierce.pl Domain Scanner

finalrecon

OSINT Tool for All-In-One Web Reconnaissance

findomain

The fastest and cross-platform subdomain enumerator, do not waste your time.

fuzz.txt

Potentially dangerous files

gitrecon

OSINT tool to get information from a Github and Gitlab profile and find user's email addresses leaked on commits.

gorecon

Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal

gozi

Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.

h2buster

A fast, threaded, recursive, web directory brute-force scanner over HTTP/2.