Lists (4)
Starred repositories
Never ever ever use pixelation as a redaction technique
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, harden…
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Incredibly fast crawler designed for OSINT.
Kerberos relaying and unconstrained delegation abuse toolkit
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Python version of the C# tool for "Shadow Credentials" attacks
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
The Leading Security Assessment Framework for Android.
Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
Tool to look for several security related Android application vulnerabilities
Tool for Active Directory Certificate Services enumeration and abuse
WAFNinja is a tool which contains two functions to attack Web Application Firewalls.
Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.
Automatic SSTI detection tool with interactive interface
Server-Side Template Injection and Code Injection Detection and Exploitation Tool