This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Overview

PYTHON-EXPLOITATION

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Networking

tcp_clinet.py

The tcp_clinet.py script is used to push data to a server in the event that you are not able to use the typical networking tools. In the script we:

  • Create a socket object (line 8): the AF_INET parameter indicates we will use a standard IPv4 address or hostname, and SOCK_STREAM indicates that this will be a TCP client.
  • Connect to the client server (line 11): note that, since we are using a TCP client, we must first connect to our server (via the TCP handshake) to send data to it.
  • Send the server some data in bytes (line 14)
  • Recieve data back from the server and print out the response (line 17)

    Note that this script makes numerous assumptions about the server we are engaging with:

  • It assumes that our connection will always succeed as it does not have a fallback function in the event that the server rejects our connection.
  • It assumes that the server expects us to send data first. Sometimes, the server will want to send us data first - this is especially true if the server is being guarded by a firewall of some kind.
  • The script assumes that the server will always return data to us in a timely fashion.

    The assumptions are made for simplicity's sake. All things considered, sometimes less is more.

    udp_client.py

    Our udp_client.py script is much different from our tcp script, only that it it configured to send data via the user datagram protocol (but that much was obvious):

    • We change the socket type to SOCK_DGRAM to indicate that we will be using sending data via the UDP (line 6).
    • Also, notice that there is no connect() method beforehand, since we do not need to connect to a server beforehand using UDP. This is because UDP is a connectionaless protocol.
    • The last step is to call the recvfrom() method to receive UDP data back. This returns both the data and the details of the remote host and port (line 9).

    tcp_server.py

    The tcp_server.py is just that, a multi-threaded python TCP server that we can use in the event we want to write a command shell or craft a proxy.

    • Firstly, we pass in the IP address and port we want the server to listen on (line 9).
    • Next, we tell the server to simply start listening with a max backlog of connections set to 5 (line 10). Now ther server waits for a connection.
    • Once the clinet connects, we get the client socket in the client variable and the remote connection details in teh address variable.
    • We tehn start the thread to handle the client connection (line 17).
    • The handle_client function performs rec() and then sens a simple message back to the client.
  • Owner
    Nathan Galindo
    Hi, my name is Nathan Galindo and I am a cybersecurity student at Baylor University!
    Nathan Galindo
    Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

    This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-

    35 Apr 17, 2022
    Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

    Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

    Mythic Agents 37 Dec 06, 2022
    Simple yara rule manager

    Yara Manager A simple program to manage your yara ruleset in a (sqlite) database. Todos Search rules and descriptions Cluster rules in rulesets Enforc

    Nils Kuhnert 65 Nov 17, 2022
    Simple python script for generating custom high-secure passwords for securing your social-apps ❤️

    Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account

    K A R T H I K 15 Dec 01, 2022
    Password Manager is a simple Python project which helps users in managing their passwords in a easier way

    Password Manager is a simple Python project which helps users in managing their passwords in a easier way

    Manish Jalui 4 Sep 29, 2021
    Compilation of resources and insights that helped me on my journey to data scientist

    Compilation of resources and insights that helped me on my journey to data scientist

    Conor Dewey 1.5k Jan 02, 2023
    Bypass ReCaptcha: A Python script for dealing with recaptcha

    Bypass ReCaptcha Bypass ReCaptcha is a Python script for dealing with recaptcha.

    Marcos Camargo 1 Jan 11, 2022
    Security System using OpenCV

    Security-System Security System using OpenCV Files in this Repository: email_send.py - This file contains python code to send an email when something

    Mehul Patwari 1 Oct 28, 2021
    NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

    NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

    Mr. Error 81 Jan 08, 2023
    dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

    script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor. tiene capacidad de ajustar la cantidad de informacion a enviar, el numero de hilos a

    Desmon 2 Jun 01, 2022
    Password database With special stuff

    This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password datab

    9 Oct 30, 2022
    一个自动挖掘漏洞的框架,日后会发展成强大的信息收集+漏洞挖掘脚本!

    介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。

    Thinking rookie 23 Jul 05, 2022
    Buffer Overflow para SLmail5.5 32 bits

    SLmail5.5-Exploit-BoF Buffer Overflow para SLmail5.5 32 bits con un par de utilidades para que puedas hacer el tuyo REQUISITOS PARA QUE FUNCIONE: Desa

    Luis Javier 15 Jul 30, 2022
    CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

    CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享,严禁用于非法用途,否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn

    r0cky 355 Aug 03, 2022
    Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)

    Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -

    Oliver Lyak 250 Dec 31, 2022
    Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

    pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows

    Webrecorder 10 Jul 28, 2022
    This repository is one of a few malware collections on the GitHub.

    This repository is one of a few malware collections on the GitHub.

    Andrew 1.7k Dec 28, 2022
    An IDA pro python script to decrypt Qbot malware string

    Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.

    stuckinvim 6 Sep 01, 2022
    Fast and customizable vulnerability scanner For JIRA written in Python

    Fast and customizable vulnerability scanner For JIRA. 🤔 What is this? Jira-Lens 🔍 is a Python Based vulnerability Scanner for JIRA. Jira is a propri

    Mayank Pandey 185 Dec 25, 2022