mattzajork / httpxui

Related projects: ⓘ

• two06 / CerealKiller
  .NET deserialization hunter
  ☆66Updated last month
• sdcampbell / nmapurls
  Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…
  ☆37Updated 7 months ago
• bitsadmin / dir2json
  Tool for efficient directory enumeration
  ☆55Updated 3 months ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆47Updated last year
• RayRRT / Active-Directory-Certificate-Services-abuse
  ☆40Updated 2 years ago
• DallasFR / EnumStrike
  ☆60Updated this week
• sfewer-r7 / CVE-2023-34362
  CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
  ☆62Updated 5 months ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆54Updated 3 months ago
• dwisiswant0 / cve-2023-50164-poc
  Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")
  ☆57Updated 9 months ago
• dadevel / impacket-zsh-integration
  ZSH integration for Impacket
  ☆56Updated last week
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆71Updated 5 months ago
• BronzeBee / DavRelayUp
  An old Windows workstations LPE for domain environments without LDAP signing/channel binding.
  ☆26Updated last year
• dunderhay / entraspray
  Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)
  ☆25Updated 6 months ago
• smokeme / ansible-havoc
  Scripts I use to deploy Havoc on Linode and setup categorization and SSL
  ☆38Updated 3 months ago
• RedTeamOperations / Red-Infra-Craft
  RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…
  ☆47Updated 3 weeks ago
• mertdas / SharpLateral
  Lateral Movement
  ☆117Updated 10 months ago
• praetorian-inc / NTLMRecon
  A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
  ☆77Updated 9 months ago
• rasta-mouse / SpawnWith
  ☆90Updated 6 months ago
• sfewer-r7 / CVE-2023-27532
  Exploit for CVE-2023-27532 against Veeam Backup & Replication
  ☆102Updated last year
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆53Updated 9 months ago
• felmoltor / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆29Updated 3 months ago
• mlcsec / proctools
  Small toolkit for extracting information and dumping sensitive strings from Windows processes
  ☆109Updated 2 months ago
• Leo4j / SessionExec
  Execute commands in other Sessions
  ☆74Updated last month
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆60Updated last year
• synacktiv / kcmdump
  Dump Kerberos tickets from the KCM database of SSSD
  ☆30Updated last week
• watchtowrlabs / watchTowr-vs-progress-moveit_CVE-2024-5806
  Exploit for the CVE-2024-5806
  ☆40Updated 2 months ago
• CICADA8-Research / LogHunter
  Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)
  ☆52Updated 3 months ago
• kleiton0x00 / contexter
  Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3
  ☆18Updated last month
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆76Updated 3 weeks ago
• SySS-Research / MAT
  This tool, programmed in C#, allows for the fast discovery and exploitation of vulnerabilities in MSSQL servers
  ☆53Updated 3 months ago