hoodoer / JS-TapLinks
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
☆372Updated last month
Alternatives and similar repositories for JS-Tap
Users that are interested in JS-Tap are comparing it to the libraries listed below
Sorting:
- Session Hijacking Visual Exploitation☆200Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Updated 5 months ago
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆231Updated last year
- Everything and anything related to password spraying☆141Updated last year
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆577Updated 7 months ago
- ☆298Updated 3 months ago
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆409Updated last year
- ☆496Updated 2 weeks ago
- peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.☆198Updated 2 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆310Updated 7 months ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆359Updated 4 months ago
- ☆315Updated 3 months ago
- ☆543Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆597Updated last month
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆255Updated 10 months ago
- Password spraying tool and Bloodhound integration☆237Updated 5 months ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆299Updated last year
- Nuclei templates for honeypots detection.☆196Updated last year
- Azure mindmap for penetration tests☆186Updated last year
- Azure DevOps Services Attack Toolkit☆292Updated 3 months ago
- A Red Team Activity Hub☆209Updated last week
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆231Updated 4 months ago
- Offensive MSSQL toolkit written in Python, based off SQLRecon☆202Updated 5 months ago
- ☆297Updated 2 years ago
- A Slack bot phishing framework for Red Teaming exercises☆167Updated last year
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆160Updated 6 months ago
- Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operation…☆181Updated 9 months ago
- Lab used for workshop and CTF☆250Updated last month
- Impacket is a collection of Python classes for working with network protocols.☆283Updated 5 months ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆276Updated last year