π Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
β3,606Nov 14, 2025Updated 3 months ago
Alternatives and similar repositories for malicious-pdf
Users that are interested in malicious-pdf are comparing it to the libraries listed below
Sorting:
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,259Updated this week
- linWinPwn is a bash script that streamlines the use of a number of Active Directory toolsβ2,155Updated this week
- ScareCrow - Payload creation framework designed around EDR bypass.β2,873Aug 18, 2023Updated 2 years ago
- An OOB interaction gathering server and client libraryβ4,201Feb 19, 2026Updated last week
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.β6,498Jan 18, 2026Updated last month
- Automation for internal Windows Penetrationtest / AD-Securityβ3,643Aug 28, 2025Updated 5 months ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formβ¦β1,097Jun 10, 2024Updated last year
- A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.β3,421Jan 19, 2025Updated last year
- Rockyou for web fuzzingβ3,023Feb 11, 2026Updated 2 weeks ago
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,851Updated this week
- One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password π‘οΈβ6,415Dec 20, 2025Updated 2 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.β2,027Jul 12, 2025Updated 7 months ago
- Privilege Escalation Enumeration Script for Windowsβ3,697Jan 30, 2026Updated 3 weeks ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,075Aug 14, 2024Updated last year
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)β1,495Dec 21, 2023Updated 2 years ago
- β1,669Apr 14, 2025Updated 10 months ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivyβs loader does this by β¦β745Aug 18, 2023Updated 2 years ago
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.β2,182Jan 5, 2026Updated last month
- Collection of methodology and test case for various web vulnerabilities.β7,034Jun 25, 2025Updated 8 months ago
- evilginx3 + gophishβ1,957Jun 15, 2024Updated last year
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ3,010Jun 24, 2024Updated last year
- Adversary Emulation Frameworkβ10,717Updated this week
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )β2,737Feb 2, 2026Updated 3 weeks ago
- All about bug bounty (bypasses, payloads, and etc)β6,644Sep 8, 2023Updated 2 years ago
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!β2,539Feb 7, 2026Updated 2 weeks ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,479Nov 16, 2025Updated 3 months ago
- This map lists the essential techniques to bypass anti-virus and EDRβ3,155Mar 28, 2025Updated 10 months ago
- Contextual Content Discovery Toolβ3,096Apr 29, 2024Updated last year
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!β1,941Oct 7, 2023Updated 2 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the defaultβ¦β1,630Aug 6, 2022Updated 3 years ago
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,374May 1, 2025Updated 9 months ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,837Jan 1, 2025Updated last year
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clouβ¦β2,802Sep 17, 2024Updated last year
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,348Sep 30, 2024Updated last year
- The swiss army knife of LSASS dumpingβ2,072Sep 17, 2024Updated last year
- Red Teaming Tactics and Techniquesβ4,491Aug 22, 2024Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,524Jan 15, 2026Updated last month
- macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other fβ¦β2,301Aug 15, 2024Updated last year
- Notes about attacking Jenkins serversβ2,090Jul 10, 2024Updated last year