hoodoer / JS-TapLinks
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
☆393Updated 6 months ago
Alternatives and similar repositories for JS-Tap
Users that are interested in JS-Tap are comparing it to the libraries listed below
Sorting:
- Session Hijacking Visual Exploitation☆210Updated last year
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆234Updated 2 years ago
- ☆305Updated 7 months ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆403Updated 10 months ago
- ☆373Updated 8 months ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆371Updated last month
- ☆92Updated 3 months ago
- peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.☆217Updated 7 months ago
- ☆309Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆506Updated 5 months ago
- Lab used for workshop and CTF☆282Updated 3 months ago
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆426Updated last year
- Multiplayer pivoting solution☆457Updated last week
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆634Updated 3 weeks ago
- Everything and anything related to password spraying☆150Updated last year
- Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operation…☆188Updated last year
- Enhance Your Active Directory Password Spraying with User Intelligence.☆300Updated 2 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆256Updated 8 months ago
- ☆563Updated last year
- ☆579Updated this week
- Enhanced version of secretsdump.py from Impacket. Adds multi-threading and accepts an input file with a list of target hosts for simultan…☆242Updated 2 years ago
- Azure mindmap for penetration tests☆191Updated last year
- winPEAS, but for Active Directory☆165Updated 7 months ago
- The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)☆117Updated 2 months ago
- A Red Team Activity Hub☆224Updated last week
- LDAP enumeration tool implemented in Python3☆223Updated 5 months ago
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆204Updated 10 months ago
- reverse shell using curl☆466Updated last year
- Impacket is a collection of Python classes for working with network protocols.☆296Updated 3 months ago
- ☆240Updated 11 months ago