Stars
Burp Plugin to Bypass WAFs through the insertion of Junk Data
Slides & Code snippets for a workshop held @ x33fcon 2024
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…
PoC for using MS Windows printers for persistence / command and control via Internet Printing
Simple (relatively) things allowing you to dig a bit deeper than usual.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
This program is designed to demonstrate various process injection techniques
eXtensions for Financial Services (XFS) proof of concept client to explore and issue commands directly to the devices that support the protocol. Force ATMs to dispense cash if you have code executi…
"Terrible Thick Client" is a vulnerable application developed in C# .NET framework.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
ScareCrow - Payload creation framework designed around EDR bypass.
C# obfuscator that bypass windows defender
A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
A list of hacking/security resources that are focused on IoT
All the deals for InfoSec related software/tools this Black Friday
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series