VSSTrigger
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Credits: @topotam (https://fr.slideshare.net/LionelTopotam/petit-potam-slidesrtfmossir)
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Overview
🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)
Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot
259 Dec 31, 2022
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.
SSLyze SSLyze is a fast and powerful SSL/TLS scanning tool and Python library. SSLyze can analyze the SSL/TLS configuration of a server by connecting
2.8k Jan 03, 2023
DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
4 Dec 21, 2021
Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10
CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p
6 Oct 10, 2022
TLaunch: Launch Programs on Multiple Hosts
TLaunch: Launch Programs on Multiple Hosts Introduction Deepmind launchpad is a library that helps writing distributed program in a simple way. But cu
11 Nov 11, 2022
Mips script decompiles MIPS assembly instructions & bot functionality
mips mips is a python-based script that decodes MIPS instructions. Usage cd into mips and run python decode.py command or open decode.py to run the sc
0 Mar 30, 2022
An auxiliary tool for iot vulnerability hunter
firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全
171 Nov 28, 2022
This repo is about steps to create a effective custom wordlist in a few clicks/
Custom Wordlist This repo is about steps to take in order to create a effective custom wordlist in a few clicks. this comes handing in pentesting enga
2 Oct 08, 2022
利用NTLM Hash读取Exchange邮件
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
[email protected]">
388 Dec 27, 2022
The probability of having the password you want in the PassMaker is +90%!!
PasswordMaker Strong listing password Introduction The probability of having the password you want in the tool is +90%!! How to Install Open the termi
4 Sep 05, 2021
Ducky Script is the payload language of Hak5 gear.
Ducky Script is the payload language of Hak5 gear. Since its introduction with the USB Rubber Ducky in 2010, Ducky Script has grown in capability while maintaining simplicity. Aided by Bash for logic
6 Oct 07, 2022
Grafana-POC(CVE-2021-43798)
Grafana-Poc 此工具请勿用于违法用途。 一、使用方法:python3 grafana_hole.py 在domain.txt中填入ip:port 二、漏洞影响范围 影响版本: Grafana 8.0.0 - 8.3.0 安全版本: Grafana 8.3.1, 8.2.7, 8.1.8,
8 Jan 03, 2023
python driver for fingerprint machine (ZKTeco biometrics)
fpmachine python driver for fingerprint machine (ZKTeco biometrics) support until now 2 model supported and tested ZMM100_TFT and ZMM220_TFT install p
4 Oct 06, 2022
IDA Pro Python plugin to analyze and annotate Linux kernel alternatives
About This is an IDA Pro (Interactive Disassembler) plugin allowing to automatically analyze and annotate Linux kernel alternatives (content of .altin
16 Oct 12, 2022
Apache OFBiz rmi反序列化EXP(CVE-2021-26295)
Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下,py3运行,根据提示输入漏洞url,你的vps地址和端口 第二次使用建议删除exp.ot 本工具仅用于安全测试,禁止未授权非法攻击站点,否则后果自负
15 Nov 09, 2022
DoSer.py - Simple DoSer in Python
DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this
1 Oct 12, 2021
JumpServer远程代码执行漏洞检测利用脚本
Jumpserver-EXP JumpServer远程代码执行漏洞检测利用脚本
181 Dec 20, 2022
A python tool capable of creating HUGE wordlists. Has the ability to add custom words for concatenation in any way you see fit.
A python tool capable of creating HUGE wordlists. Has the ability to add custom words for concatenation in any way you see fit.
9 Oct 05, 2022
A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password
Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password
3 Dec 06, 2021
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen
232 Nov 21, 2022