Code for Vulnhub challenges I've either completed or at least attempted :)

This contains common local exploits and enumeration scripts

Curated list of public penetration test reports released by several consulting firms and academic security groups

Fuzzing for LFI using Burpsuite

Damn Small Vulnerable Web

Hash Buster is a python script which scraps online hash crackers to find cleartext of a hash.

Wordlist for content(directory) bruteforce discovering with Burp and dirsearch

Collection of things made during my OSCP journey

Notes of my OSCP study plan

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

venom - C2 shellcode generator/compiler/handler

Relational database brute force and post exploitation tool for MySQL and MSSQL

Collection of the cheat sheets useful for pentesting

Network Infrastructure Penetration Testing Tool

These are various simple python scripts that can be used to aid pentesters. None of these are overly complex, but should serve as a great starting point for more advanced tools/scripts.

My musings with PowerShell

CTF framework used by Gallopsled in every CTF

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems

PowerSploit - A PowerShell Post-Exploitation Framework

Linux privilege escalation auditing tool

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

Windows Packer Templates

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

💣 Download exploits from exploit-db.com

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th…

I have taken all of the challenges from Protostar - https://exploit-exercises.com/protostar/- and compiled them for the ARM architecture.

Python object interface to requests/responses recorded by Burp Suite

This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB share.

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…