Geeoon / asploit
One line command and control backdoors for APIs and web applications.
☆49Updated 5 months ago
Related projects: ⓘ
- Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure☆29Updated 7 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆38Updated 3 months ago
- exfiltration/infiltration toolkit☆23Updated 9 months ago
- Script designed to identify CanaryTokens within Microsoft Office documents and Acrobat Reader PDF (docx, xlsx, pptx, pdf).☆106Updated 7 months ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆59Updated 2 weeks ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆47Updated 3 weeks ago
- masscan with exclusive excludes☆55Updated 10 months ago
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data☆42Updated 10 months ago
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆41Updated 3 months ago
- POC for a DLL spoofer to determine DLL Hijacking☆60Updated 11 months ago
- Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…☆37Updated 7 months ago
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆72Updated 10 months ago
- Azure Service Subdomain Enumeration☆39Updated 2 weeks ago
- Enumerate valid users within Microsoft Teams and OneDrive with clean output.☆57Updated 9 months ago
- A basic username enumeration and password spraying tool aimed at spraying Microsoft's DOM based authentication using selenium.☆32Updated 9 months ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆45Updated 6 months ago
- Repo for all my exploits/PoCs☆28Updated last week
- ☆27Updated last year
- ☆50Updated 11 months ago
- Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)☆25Updated 6 months ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated 9 months ago
- CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow☆23Updated 2 months ago
- A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845☆59Updated 2 weeks ago
- ☆35Updated 9 months ago
- PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers☆21Updated 3 months ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆43Updated 6 months ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆47Updated 10 months ago
- CVE-2023-7028☆58Updated 8 months ago
- SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.☆33Updated 7 months ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆34Updated 4 months ago