π Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
β3,633Nov 14, 2025Updated 4 months ago
Alternatives and similar repositories for malicious-pdf
Users that are interested in malicious-pdf are comparing it to the libraries listed below
Sorting:
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,352Updated this week
- An OOB interaction gathering server and client libraryβ4,230Mar 10, 2026Updated last week
- linWinPwn is a bash script that streamlines the use of a number of Active Directory toolsβ2,159Mar 8, 2026Updated last week
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,873Updated this week
- ScareCrow - Payload creation framework designed around EDR bypass.β2,878Aug 18, 2023Updated 2 years ago
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.β6,541Jan 18, 2026Updated 2 months ago
- A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.β3,432Jan 19, 2025Updated last year
- Rockyou for web fuzzingβ3,087Mar 11, 2026Updated last week
- Automation for internal Windows Penetrationtest / AD-Securityβ3,648Aug 28, 2025Updated 6 months ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,101Aug 14, 2024Updated last year
- One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password π‘οΈβ6,433Updated this week
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formβ¦β1,112Jun 10, 2024Updated last year
- Collection of methodology and test case for various web vulnerabilities.β7,049Jun 25, 2025Updated 8 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.β2,034Jul 12, 2025Updated 8 months ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!β2,562Mar 8, 2026Updated last week
- Adversary Emulation Frameworkβ10,838Updated this week
- All about bug bounty (bypasses, payloads, and etc)β6,665Sep 8, 2023Updated 2 years ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ3,021Mar 7, 2026Updated last week
- Privilege Escalation Enumeration Script for Windowsβ3,728Jan 30, 2026Updated last month
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,424May 1, 2025Updated 10 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,853Jan 1, 2025Updated last year
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.β2,203Jan 5, 2026Updated 2 months ago
- Contextual Content Discovery Toolβ3,121Apr 29, 2024Updated last year
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,510Nov 16, 2025Updated 4 months ago
- β1,674Apr 14, 2025Updated 11 months ago
- evilginx3 + gophishβ1,967Jun 15, 2024Updated last year
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!β1,942Oct 7, 2023Updated 2 years ago
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )β2,756Feb 27, 2026Updated 2 weeks ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)β1,499Dec 21, 2023Updated 2 years ago
- A fast, simple, recursive content discovery tool written in Rust.β7,587Feb 8, 2026Updated last month
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the defaultβ¦β1,634Aug 6, 2022Updated 3 years ago
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,592Feb 8, 2025Updated last year
- This map lists the essential techniques to bypass anti-virus and EDRβ3,171Mar 28, 2025Updated 11 months ago
- HTTP parameter discovery suite.β6,142Feb 20, 2025Updated last year
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,297Aug 7, 2025Updated 7 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,532Mar 8, 2026Updated last week
- Hidden parameters discovery suiteβ2,031Sep 8, 2024Updated last year
- Notes about attacking Jenkins serversβ2,089Jul 10, 2024Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivyβs loader does this by β¦β744Aug 18, 2023Updated 2 years ago