Scanner to find .env file and .git repository exposure on multiple hosts
Because of the response code from some hosts, it may have some false positives.
requests and argparse
pip3 install -r requirements.txt
Be careful with the output filename as it can be deleted if duplicated
python3 git_scan.py -t hosts.txt -o results.txt -f git or env
ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -
infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s
This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).
PY4COC A deobfuscator for multiple python obfuscators, supports exe's packed with pyinstaller too. How to use python3 py4coc.py exe file or py file o
gmail-hack Gmail Accounts Hacking Gemail-Hack python script for Hack gmail account brute force What is brute force attack? In brute force attack,scrip
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica
vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu
Zip-Cracker Video Lesson : This is a Very powerfull Zip File Crack tool for termux users. Check 500 000 Passwords in 30 seconds Unique Performance Che
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。
SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web
Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o
Python Log4RCE An all-in-one pure Python3 PoC for CVE-2021-44228. Configure Replace the global variables at the top of the script to your configuratio
CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri
This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information
The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.
WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar
Log4Pot A honeypot for the Log4Shell vulnerability (CVE-2021-44228). License: GPLv3.0 Features Listen on various ports for Log4Shell exploitation. Det
Broken Link Hijacker BrokenLinkHijacker(BLH) is a Fast Broken Link Hijacker Tool written in Python.
130 Dec 15, 2022
41 Dec 30, 2022
13 Jul 04, 2021
16 Dec 03, 2022
25 Nov 10, 2022
16 Nov 09, 2022
7 Nov 09, 2022
1 Jan 14, 2022
13 Oct 24, 2022
[email protected]">
388 Dec 27, 2022
298 Dec 14, 2022
1 Dec 23, 2021
15 Jul 24, 2022
178 Nov 09, 2022
21 Dec 27, 2022
66 Nov 08, 2022
12 Nov 09, 2022
8 Nov 10, 2022
79 Dec 27, 2022
70 Nov 30, 2022