TactiFail / Metasploit-Plugins
A collection of Metasploit plugins I have written for various reasons.
☆15Updated 3 years ago
Related projects: ⓘ
- A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.☆15Updated 4 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 5 years ago
- Docker image for reconftw, a simple script intended to perform a full recon on an objective with multiple subdomains☆9Updated 3 years ago
- ☆20Updated 4 years ago
- This is a lazy enumeration script made to make bug bounty enum & pentest flyovers easy as cake!☆14Updated 4 years ago
- Burp Suite Pro extension☆10Updated 7 years ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆13Updated 5 months ago
- LyncSniper: A tool for penetration testing Skype for Business and Lync deployments☆9Updated 7 years ago
- Identify common attack paths to get Domain Administrator☆21Updated 5 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Updated 6 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆11Updated 2 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆12Updated 3 years ago
- LetMeOutOfYour.net Resources☆19Updated 4 years ago
- Standardizing Security Titles☆13Updated last year
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 2 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆12Updated 2 years ago
- ☆13Updated 4 years ago
- Pythonize Intruder Payload☆13Updated 3 years ago
- pwncat windows c2 components☆17Updated 3 years ago
- Extract endpoints from specific Git repository for fuzzing☆21Updated 3 years ago
- Burp extension for automated handling of CSRF tokens☆15Updated 6 years ago
- parsers to make life easier☆12Updated 4 years ago
- ZAP plugin demonstrating custom view for WebSocket messages.☆13Updated 2 years ago
- Exfiltrate data with DNS queries. Based on CertUtil and NSLookup.☆19Updated 8 months ago
- ☆23Updated this week
- Automated Payload Test Controller☆9Updated 7 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆18Updated 4 years ago
- Scripts for OSCE☆18Updated 5 years ago
- ☆14Updated 3 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Updated 4 years ago