ThePacketBender / notes

Related projects ⓘ

Alternatives and complementary repositories for notes

• BBhacKing / jwt_secrets
  A list of "secrets" from JWT sample code and readme files.
  ☆51Updated 4 years ago
• BishopFox / pwn-pulse
  Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
  ☆137Updated 4 years ago
• phackt / Invoke-Recon
  "Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' l…
  ☆79Updated 3 years ago
• esabear / iis_tilde_enum
  Takes a URL and checks the system for the tilde enum vuln and then find the files.
  ☆21Updated 4 years ago
• federicodotta / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆41Updated 4 years ago
• 0xZDH / burp-password-spray
  This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.
  ☆23Updated 4 years ago
• JGillam / burp-paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆154Updated 2 years ago
• hoodoer / WP-XSS-Admin-Funcs
  JavaScript functions intended to be used as an XSS payload against a WordPress admin account.
  ☆52Updated 4 years ago
• luke-goddard / LFI-Fuzzer-Burp-Suite
  Local File Inclusion Burp-Suite Intruder Payload Generator Plugin
  ☆39Updated 4 years ago
• ZephrFish / BurpFeed
  Hacked together script for feeding urls into Burp's Sitemap
  ☆92Updated 2 years ago
• xFreed0m / ADFSpray
  Python3 tool to perform password spraying against Microsoft Online service using various methods
  ☆84Updated last year
• pentestmonkey / finger-user-enum
  Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another fi…
  ☆44Updated 9 years ago
• Keramas / mssqli-duet
  SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
  ☆92Updated 4 years ago
• noraj / Umbraco-RCE
  Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
  ☆73Updated 3 years ago
• blacklanternsecurity / fulcrom
  A web shell for pivoting and lateral movement
  ☆31Updated 6 years ago
• Static-Flow / BurpSuiteTeamServer
  This is the Go Server that relays all HTTP requests and responses between clients.
  ☆27Updated last year
• XalfiE / Sharepoint-URL-Fuzzlist
  ☆28Updated 4 years ago
• 0xVIC / CheatSheets
  Cheat sheet
  ☆38Updated 4 years ago
• MarioBartolome / Jenkins-pRCE-exploit
  Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/…
  ☆10Updated 5 years ago
• dogasantos / masstomap
  A bridge between masscan and nmap - run fast masscan, parse output, execute nmap using masscan as input
  ☆26Updated 4 months ago
• chryzsh / JenkinsPasswordSpray
  A tool to password spray Jenkins instances
  ☆52Updated 5 years ago
• reconmap / rest-api
  REST API backend for Reconmap
  ☆47Updated this week
• ThePacketBender / webshells
  webshells written with malice
  ☆22Updated 7 years ago
• decoder-it / juicy-potato
  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts t…
  ☆59Updated 5 years ago
• timip / exploit
  Just some exploits :P
  ☆46Updated 3 years ago
• infosec-au / fuzzdb
  Automatically exported from code.google.com/p/fuzzdb
  ☆58Updated 2 years ago
• strupo / usernames
  Username lists that I created.
  ☆17Updated 3 years ago
• trustedsec / cors-poc
  ☆127Updated 6 years ago
• antonytuff / Red-Team-Notes
  OSCP guide and Red Team assessment Guide
  ☆33Updated 4 years ago