VSSTrigger
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Credits: @topotam (https://fr.slideshare.net/LionelTopotam/petit-potam-slidesrtfmossir)
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)
Overview
Burp Extensions
Burp Extensions This is a collection of extensions to Burp Suite that I have written. getAllParams.py - Version 1.2 This is a python extension that ru
364 Dec 30, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack
O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t
![Trewis [work] Scotch](https://avatars.githubusercontent.com/u/92666826?v=4&s=60)
4 Sep 23, 2022
This repository is one of a few malware collections on the GitHub.
This repository is one of a few malware collections on the GitHub.
1.7k Dec 28, 2022
Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
3 Oct 05, 2022
Delta Sharing: An Open Protocol for Secure Data Sharing
Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl
497 Jan 02, 2023
Tor Relay availability checker, for using it as a bridge in countries with censorship
Tor Relay Availability Checker This small script downloads all Tor Relay IP addresses from onionoo.torproject.org and checks whether random Relays are
161 Dec 30, 2022
Exploit-CVE-2021-21086
CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an
23 Nov 09, 2022
Using python 3 and Flask an MVC system where the AES 128 CBC and Trivium algorithms
This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a
1 Dec 26, 2021
Bilgi Sistemleri Projesi için yapılan keylogger
Keylogger Bilgi Sistemleri Projesi için yapılan keylogger Projede kullanılan kütüphanelere sahip olmasanız da python dosyası çalıştığında kendisi gere
1 Jan 07, 2022
ssh-audit is a tool for ssh server & client configuration auditing.
SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
1.4k Dec 31, 2022
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
187 Jan 03, 2023
This tool help you to check if your Windows machine has hidden miner.
Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana
2 Oct 05, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability
Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •
2.1k Jan 08, 2023
The best Python Backdoor👌
Backdoor The best Python Backdoor Files Server file is used in all of cases If client is Windows, the client need execute EXE file If client is Linux,
13 Oct 28, 2022
An forensics tool to help aid in the investigation of spoofed emails based off the email headers.
A forensic tool to make analysis of email headers easy to aid in the quick discovery of the attacker. Table of Contents About mailMeta Installation Us
59 Nov 26, 2022
Cisco RV110w UPnP stack overflow
Cisco RV110W UPnP 0day 分析 前言 最近UPnP比较火,恰好手里有一台Cisco RV110W,在2021年8月份思科官方公布了一个Cisco RV系列关于UPnP的0day,但是具体的细节并没有公布出来。于是想要用手中的设备调试挖掘一下这个漏洞,漏洞的公告可以在官网看到。 准
25 Nov 09, 2022
一个自动挖掘漏洞的框架,日后会发展成强大的信息收集+漏洞挖掘脚本!
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
23 Jul 05, 2022
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR
9 Dec 12, 2022
PoC encrypted diary in Python 3
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
1 Dec 25, 2021
Cloud One Container Security Runtime Events Forwarder
Example on how to query events by a RESTful API, compose CEF event format and send the events to an UDP receiver.
3 Feb 10, 2022