moloch54 / b4blood
Finds Domain Controller on a network, enumerates users, AS-REP Roasting and hash cracking, bruteforces password, dumps AD users, DRSUAPI, scans SMB/NFS shares for passwords, scans for remote accesses, dumps NTDS.dit.
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for b4blood
- Simple Python script to sort nuclei scans by severity and URL☆29Updated last year
- A security assessment tool for Hitachi Vantara's Pentaho Business Analytics platform.☆14Updated 3 years ago
- Saves pages to Wayback machine☆13Updated 2 years ago
- Ffuf output browser☆37Updated last year
- ☆14Updated last year
- FireProx written in Go☆17Updated 6 months ago
- OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.☆26Updated last year
- This repository presents a proof-of-concept of CVE-2023-22527☆13Updated 9 months ago
- Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…☆14Updated 2 years ago
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆15Updated 3 months ago
- H&E- Burp Highlighter and Extractor☆18Updated last year
- Template Nuclei SSTI☆28Updated last year
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆35Updated last year
- HTTP requests of FrontPage expolit☆24Updated 10 years ago
- Public repo of Nuclei scanner templates.☆19Updated last year
- Burp extension used to snip any header from all the requests.☆22Updated 11 months ago
- Bcheck scripts for Burp☆23Updated 3 months ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆20Updated 2 years ago
- Analyzes AdminSDHolder permissions & compares with a previous run, to detect potential backdoor/excessive persistent permission(s)☆14Updated 11 months ago
- Automated compromise detection of the world's most popular packages☆15Updated last year
- Reversing Citrix Gateway for XSS☆14Updated last year
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.☆24Updated 11 months ago
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆27Updated last year
- Find CVEs that don't have a Detectify modules.☆21Updated last year
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆11Updated last year
- tool that generates bypasses for open redirects☆48Updated 2 years ago
- A multi-threaded password sprayer based on Medusa, built for distributed spraying.☆36Updated 3 years ago