-
Stars12
-
Rank 1,588,411 (Top 32 %)
-
LanguagePython
-
Created about 2 years ago
-
Updated 6 months ago
Reviews
There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
Command line tool to fetch, decode and brute-force CodeIgniter session cookies by guessing and bruteforcing secret keys.
More Repositories
1
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!Dockerfile
1,809
2
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.Python
1,702
3
LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!C#
803
4
ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.Python
766
5
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.Python
693
6
webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
480
7
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.Python
478
8
FindUncommonShares
FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.Python
376
9
ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.Python
366
10
LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.Python
318
11
ExtractBitlockerKeys
A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.Python
298
12
DumpSMBShare
A script to dump files and folders remotely from a Windows SMB share.Python
200
13
GeoWordlists
GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.Python
143
14
MSSQL-Analysis-Coerce
A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.Python
123
15
ctfd-parser
A python script to dump all the challenges locally of a CTFd-based Capture the Flag.Python
121
16
ldap2json
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.Python
113
17
CVE-2022-36446-Webmin-Software-Package-Updates-RCE
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.Python
109
18
pdbdownload
A Python script to download PDB files associated with a Portable Executable (PE)Python
109
19
Tomcat-webshell-application
A webshell application and interactive shell for pentesting Apache Tomcat servers.Java
89
20
CVE-2022-21907-http.sys
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS serversPython
78
21
objectwalker
A python module to explore the object tree to extract paths to interesting objects in memory.Python
77
22
RDWAtool
A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) applicationPython
74
23
CVE-2021-43008-AdminerRead
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerabilityPython
73
24
pyLAPS
Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.Python
67
25
LFIDump
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.Python
63
26
Wordpress-webshell-plugin
A webshell plugin and interactive shell for pentesting a WordPress website.Python
59
27
owabrute
Hydra wrapper for bruteforcing Microsoft Outlook Web Application.Shell
56
28
ldapconsole
The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.Python
56
29
pydsinternals
A Python native library containing necessary classes, functions and structures to interact with Windows Active Directory.Python
52
30
CVE-2022-45771-Pwndoc-LFI-to-RCE
Pwndoc local file inclusion to remote code execution of Node.js code on the serverPython
46
31
volatility2-profiles
Memory mapping profiles for forensic analysis using volatility 2
43
32
microsoft-rpc-fuzzing-tools
This repository contains a list of python scripts to work with Microsoft RPC for research purposes.Python
43
33
RemoteMouse-3.008-Exploit
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.Python
41
34
Joomla-webshell-plugin
A webshell plugin and interactive shell for pentesting a Joomla website.Python
39
35
robotstester
This Python script can enumerate all URLs present in robots.txt files, and test whether they can be accessed or not.Python
39
36
DomainUsersToXLSX
Extract all users from an Active Directory domain to an Excel worksheet.Python
30
37
sectools
A Python native library containing lots of useful functions to write efficient scripts to hack stuff.Python
29
38
Argon2Cracker
A multithreaded bruteforcer of argon2 hashes.Python
27
39
p0dalirius
Front page README of my GitHub profile
27
40
Moodle-webshell-plugin
A webshell plugin and interactive shell for pentesting a Moodle instance.PHP
26
41
WifiListProbeRequests
Monitor 802.11 probe requests from a capture file or network sniffing!Python
26
42
GetFortinetSerialNumber
A Python script to extract the serial number of a remote Fortinet device.Python
26
43
TargetAllDomainObjects
A python wrapper to run a command on against all users/computers/DCs of a Windows DomainPython
25
44
crEAP
crEAP will identify WPA Enterprise mode EAP types and harvest usernames and/or handshakes if insecure protocols are in use.Python
24
45
RobotsValidator
A python script to check if URLs are allowed or disallowed by a robots.txt file.Python
22
46
AccountShadowTakeover
A python script to automatically add a KeyCredentialLink to newly created users, by quickly connecting to them with default credentials.Python
21
47
msFlagsDecoder
Decode the values of common Windows properties such as userAccountControl and sAMAccountType.Python
20
48
volatility3-symbols
Memory mapping profiles for forensic analysis using volatility 3
20
49
crawlersuseragents
Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.Python
19
50
Hashes-Harvester
Automatically extracts NT and LM hashes from Windows memory dumps based on volatility.Shell
19
51
MSRPRN-Coerce
A python script to force authentication using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 65).Python
18
52
binaryexploitation
A massive documentation about binary protections, exploitation techniques, and computer architecture concepts.
17
53
TimeBasedLoginUserEnum
A script to enumerate valid usernames based on the requests response times.Python
17
54
CVE-2022-30780-lighttpd-denial-of-service
CVE-2022-30780 - lighttpd remote denial of servicePerl
16
55
GithubBackupAllRepos
A Python script to backup all repos (public or private) of a user.Python
16
56
Sprayer
Multithreaded spraying of a password on all accounts of a domain.Python
16
57
CVE-2020-14144-GiTea-git-hooks-rce
A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooksPython
16
58
LootApacheServerStatus
A script to automatically dump all URLs present in /server-status to a file locally.Python
15
59
CVE-2016-10956-mail-masta
MailMasta wordpress plugin Local File Inclusion vulnerability (CVE-2016-10956)Python
15
60
DescribeNTSecurityDescriptor
A python tool to parse and describe the contents of a raw ntSecurityDescriptor structure.Python
15
61
volatility2docker
A volatility 2 docker for forensic investigations
Makefile
14
62
http-fuzzing-scripts
A collection of http fuzzing python scripts to fuzz HTTP servers for bugs.Python
13
63
hivetools
A collection of python scripts to work with Windows Hives.Python
13
64
gitea-extract-users
A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.Python
13
65
GhostSPN
List accounts with Service Principal Names (SPN) not linked to active dns records in an Active Directory Domain.Python
13
66
windows-cryptography-explained
Detailed explanation of Windows cryptographic algorithms, with examples and schemes.Python
13
67
LimeSurvey-webshell-plugin
A webshell plugin and interactive shell for pentesting a LimeSurvey application.Python
12
68
ParseFortinetSerialNumber
A Python script to parse Fortinet products serial numbers, and detect the associated model and revision.Python
12
69
wav2mmv
WAV to MMV converter. You can then use the MMV file in input of MSSTV to decode Slow Scan Television (SSTV) sound signals.Shell
12
70
JoGet-webshell-plugin
A webshell plugin and interactive shell for pentesting JoGet application.Java
12
71
CVE-2022-26159-Ametys-Autocompletion-XML
A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file.Python
12
72
goLAPS
Go setter/getter for property ms-Mcs-AdmPwd used by LAPS.Go
12
73
CVE-2018-16763-FuelCMS-1.4.1-RCE
Exploit to trigger RCE for CVE-2018-16763 on FuelCMS <= 1.4.1 and interactive shell.PHP
11
74
ListValidGSuiteEmails
A Python script to list valid emails of GSuite accounts.Python
11
75
Joomla-1.6-1.7-2.5-Privilege-Escalation-Vulnerability
A Python script to create an administrator account on Joomla! 1.6/1.7/2.5 using a privilege escalation vulnerabilityPython
10
76
factorizator
A script to factorize integers with sagemath and factordb.Python
10
77
hexcat
A tool to show only printable characters of a fileC
10
78
DescribeSDDL
A python tool to parse and describe the SDDL string.Python
10
79
mercurial-scm-extract
A tool to extract and dump files of mercurial SCM exposed on a web server.Python
9
80
FindAzureDomainTenant
A Python script to find tenant id an region from a list of domain names.Python
9
81
SortWindowsISOs
Extract the windows major and minor build numbers from an ISO file, and automatically sort the iso files.Python
9
82
pwndocapi
A python library to interact with Pwndoc instances for pentest reports generationPython
9
83
WindowsBuilds
This repository contains the list of windows builds as parsable JSON files.
8
84
python_packages_paths
This repository contains paths to python modules from inside python modules.
8
85
UsersWithPwdLastSetOlderThan
Extract all users from an Active Directory domain with password last set older than X days to an Excel worksheet.Python
8
86
linux-kernels
List of linux kernel versions and download links in JSONPython
7
87
CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write
A path traversal in smbserver.py allows an attacker to read/write arbitrary files on the server.Python
7
88
streamableDownloader
A simple python script to download videos hosted on streamable from their linkPython
7
89
Windows-Hardening
6
90
win32errorcodes
A small C/C++ library to lookup Windows error codes.C
6
91
SweetRice-webshell-plugin
A webshell plugin and interactive shell for pentesting a SweetRice website.PHP
6
92
CrackedNTDStoXLSX
A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.Python
6
93
SymfonyDumpSource
A python script to automatically dump files and source code of a Symfony server in debug mode.Python
6
94
what-if
Python
5
95
lib-parseargs
A simple library to parse command line arguments in C++.C++
5
96
CVE-2020-8813-Cacti-RCE-in-graph_realtime
CVE-2020-8813 - RCE through graph_realtime.php in Cacti 1.2.8Python
5
97
pdsimage-downloader
A python script to filter by filename and download PDS images.Python
4
98
stackdumper
A python tool to autmatically dump the stack content with a format string vulnerability in CTF.Python
4
99
SortPEbyVersions
A Python script to sort Portable Executable (PE) files by their version and download debug symbols if existing.Python
3
100
CpuCoresTemperatureGraph
A python tool to print CPU core temperatures for each cores.Python
3