mattzajork / httpxui
HTTP flyover tool based on the httpx library by ProjectDiscovery
☆31Updated 3 weeks ago
Related projects: ⓘ
- .NET deserialization hunter☆66Updated last month
- Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…☆37Updated 7 months ago
- Tool for efficient directory enumeration☆55Updated 3 months ago
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- ☆40Updated 2 years ago
- ☆60Updated this week
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆62Updated 5 months ago
- Source code and examples for PassiveAggression☆54Updated 3 months ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated 9 months ago
- ZSH integration for Impacket☆56Updated last week
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆71Updated 5 months ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆26Updated last year
- Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)☆25Updated 6 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆38Updated 3 months ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆47Updated 3 weeks ago
- Lateral Movement☆117Updated 10 months ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆77Updated 9 months ago
- ☆90Updated 6 months ago
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆102Updated last year
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆53Updated 9 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆29Updated 3 months ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆109Updated 2 months ago
- Execute commands in other Sessions☆74Updated last month
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- Dump Kerberos tickets from the KCM database of SSSD☆30Updated last week
- Exploit for the CVE-2024-5806☆40Updated 2 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆52Updated 3 months ago
- Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3☆18Updated last month
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆76Updated 3 weeks ago
- This tool, programmed in C#, allows for the fast discovery and exploitation of vulnerabilities in MSSQL servers☆53Updated 3 months ago