Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name. Although Pass2Pwn does not have the capacity to generate as many passwords as other tools, I have attempted to implement a mechanism that generates passwords using the most common password pattern that we notice in general, which is correlated to the organization name.
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
Bitpass Password Generator Installation Make sure Python 3+ is installed
Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service
Hi there,
There is a Path Traversal vulnerability in this project, through the input word/words. Yes, path traversal is intended for the filename input since it depends on the user on where the file should be saved and how, however, I guess it isn't intended for the word/words input too.
For example, if I give input as "../nice" for "Word/s" and go with the default file name, then the password list generated is totally fine, however there is no proper sanitization to avoid dot-dot-slash (or simply slash) to prevent path traversal through the word/words input.
Note: Path traversal through filename input mayn't count as a vulnerability, since that's the file path decided by the user. But, this isn't the focus of this issue I am opening up, and instead this is about the word/words input.
If I give input as "../nice" for "Word/s", then the default file name prefix should be one of these: "nice", ".._nice", "..nice".
I am opening up a Pull Request alongside this Issue, where I have implemented a fix for the issue. I hope you would check that out after going through this issue.
Thanks, @TheBinitGhimire
bugThis is a beta version with numerous flaws and no error handling; but, if you like my concept, please don't hesitate to help me improving this tool.
Source code(tar.gz)laravel-exploits Exploit for CVE-2021-3129
ORector is a Fast Python tool designed to detect open redirects vulnerabilities
shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
Osint-Tool Herramienta para la recolección de información Pronto más opciones In
✔️ Gerador e Validador de CPF Programa que gera e valida números de CPF Requisitos • Como usar • Capturas de Tela Requisitos Antes de começar, você va
Fuzz introspector Fuzz introspector is a tool to help fuzzer developers to get an understanding of their fuzzer’s performance and identify any potenti
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p
CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p
PySharpSphere Inspired by SharpSphere, just another python version. Installation python3 setup.py install Features Support control both Linux and Wind
Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in
POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le
CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri
Cleansweep Requirements A Linux (or Mac OS X) node with the following software installed. Ubuntu 14.04 is preferred. PostgreSQL 9.3 database server Py
This repository is NOT official -- the original repository is located on GitLab
AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告; 工具目前有:oneforall、masscan、nmap、crawlergo、dirse
sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of
4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the conte
1 Dec 26, 2021
6 Feb 2, 2022
1 Jan 1, 2022
1 Jan 10, 2022
2 Feb 14, 2022
2 Nov 10, 2022
368 Jan 4, 2023
7 Jul 14, 2022
3 Nov 23, 2022
228 Nov 25, 2022
11 Apr 02, 2022
10 Dec 28, 2021
29 Dec 04, 2022
3 Apr 09, 2022
1 Nov 07, 2021
221 Jan 01, 2023
2 Jun 19, 2022
2.4k Jan 07, 2023
6 Oct 10, 2022
191 Dec 22, 2022
4 Jan 15, 2022
2 Nov 28, 2022
23 Dec 02, 2022
39 May 24, 2022
2 Feb 05, 2022
633 Dec 30, 2022
25.7k Jan 08, 2023
11 Aug 27, 2022
96 Dec 20, 2022