There are no reviews yet. Be the first to send feedback to the community and the maintainers!
GoogD0rker
Note: Going through a full re-write of the tooling so the current versions in the repo do not work!BugBountyTemplates
A collection of templates for bug bounty reportingCVE-2020-1350_HoneyPoC
HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.DockerAttack
Various Tools and Docker ImagesWordlists
Various Payload wordlistsBloodhound-CustomQueries
Custom Queries - Brought Up to BH4.1 syntaxstatic-tools
Static compiled binaries + scripts ready to use on systemsWindowsHardeningScript
Some settings stolen from multiple scripts @ZephrFishBurpFeed
Hacked together script for feeding urls into Burp's SitemapAzureAttackKit
Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful informationXSSPayloads
Cross Site Scripting Payloads -- VariationsF5-CVE-2022-1388-Exploit
Exploit and Check Script for CVE 2022-1388RandomScripts
Random Shell Scripts and other ideas I have along the wayCVE-2021-22893_HoneyPoC2
DO NOT RUN THIS.Stompy
Timestomp Tool to flatten MAC times with a specific timestampGoogD0rk
AttackDeploy
Scripts for Deploying new serverAutoHoneyPoC
AutoPoC Generator HoneyPoCCVE-2023-20198-Checker
CVE-2023-20198 & 0Day Implant ScannerDynamicMSBuilder
A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilationExch-CVE-2021-26855
CVE-2021-26855: PoC (Not a HoneyPoC for once!)ADFSDump-PS
PowerShell Implementation of ADFSDump to assist with GoldenSAMLbug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug natureChunkyIngress
Solving problems I didn't think I'd have on a saturday with clipboard copy pasta limits with powershellCVE-2020-16898
HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).Blog_Backup
A repository with various tutorials on how to do things in Pentesting, setup environments and other thingsCVE-2021-41773-PoC
SandboxSpy
Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them back in a Base32 string over HTTP to an endpoint.NessusPreFlight
Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to scan a machinePotUtils
HelloJackHunter
Research into WinSxS binaries and finding hijackable pathsLOLSearches
Living off the land searches for explorer and sharepointCVE-2021-28480_HoneyPoC3
DO NOT RUN THIS.MoveIT-WebShellCheck
Autopeeper
Automated Screenshot ToolMediaCenterSetup
A setup script for Plex, Sonarr, Radarr & Jackettxss-proxy
BeEF-inspired XSS proxy serviceXSS
A collection of XSS Attack vectorsNotProxyShellScanner
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082ZephrFish
PurpleTeamWorkshop-LabManual
Purple Team Workshop by @jorgeorchillesHeadlessBounties
A shell script that bundles Eyewitness and Sublist3r to create a great fingerprinting toolLogsSteelcon
OldGold
Sysadmin ToolsCSVInjectionPayloads
A list of various ways of injecting payloads for CSV InjectionPS-Scripts
Useful scripts for labsLegacyResearch
DoNotRunMe
Random-Yara-Rules
A collection of yara rules I've gathered over the years :-)CVE-2021-22986_Check
CVE-2021-22986 Checker Script in Python3Exch-CVE-2021-26855_Priv
patched to workMailgun-python
Python Wrapper for sending email with mailgunWebSocketsAreFun
FAFO with WebSocketscsc_cypher
Cyber Security Challenge Cipher Challengezephrfish.github.io
zsec backup blogghostDebian
GhostDeployment Script for Debianblacksheepwall
blacksheepwall is a hostname reconnaissance toolredsocial
SSH_Notify
Different Scripts for SSH hardening blogWriteups
Various write-ups from CTFs, fixes for things and othersCTF-Solutions
cloudathost-debian
Provision Script for Debian on CACBootspeed
Check the boot speed of a windows machineFSMF-BurpExtension
Find Subdomains MoFo - Burp Extension WIPCVE-2024-3400-Canary
Have we not learnt from HoneyPoC?Sub2CDN
LearnTheRopes
An outline as to how to get the basics nailed down before approaching information security as a careerVPNConnectScript
VPN Connection Menu Script, Created in BashKali_Setup
Epic Kali Script, oracle and other thinfs need to be added soon.subroot
Another subdomain bruteforcerLTR101
Repository for Breaking into Information Security: Learning the Ropes 101 (https://leanpub.com/ltr101-breaking-into-infosec)HoffPwn
Hoff in StyleIncomeTaxCalc
A basic python script that takes your weekly wage and works out how much tax you payUnlmtdCalc
A python application that takes the Value of a Cineworld Unlimited card and then works out if it's worth while you getting one based upon your film choicesLearningThings
xfer
ingress toolingconfigFiles
zsh stuffsSH
zephrsnaps.github.io
Love Open Source and this site? Check out how you can help us