Stars
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
The provided Python program, Nim-Backdoor.py, generates a Nim program that operates as a backdoor, allowing remote command execution via a netcat-like session. This tool is designed to work on both…
Create a list of possible usernames for bruteforcing
Evilginx Phishing Engagement Infrastructure Setup Guide
A simple to use single-include Windows API resolver
The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both…
Slides & Code snippets for a workshop held @ x33fcon 2024
A creation of scripts devloped to get quick system information to aid in build reviews.
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
Various one-off pentesting projects written in Nim. Updates happen on a whim.
Script for File Transfer Command Generation
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
PowerShell framework to assess Azure security
Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
Kali Linux Fixes for Newly Imported VM's
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
Obsidian Templates for OSCP, CPTS, Pentesting, and Wargames
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares
Perform a MitM attack and extract clear text credentials from RDP connections
Python3 terminal application that contains 405 Neo4j cyphers for BloodHound data sets and 388 GUI cyphers
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
Tylous / ScareCrow
Forked from optiv/ScareCrowScareCrow - Payload creation framework designed around EDR bypass.