Discover @0x00-0x00 Open Source projects

Andre Marques (zc00l) (@0x00-0x00)

0x00-0x00

Stars
1,840
Global Rank 16,641 (Top 0.6 %)
Followers 520
Following 13
Registered almost 8 years ago
Most used languages

Python
42.1 %

C
13.2 %

PowerShell
7.9 %

C#
7.9 %

Shell
7.9 %

Go
7.9 %

Ruby
5.3 %

C++
5.3 %

HTML
2.6 %
Location 🇧🇷 Brazil
Country Total Rank 223
Country Ranking

Python
24

PowerShell
28

C++
161

C
180

Go
241

C#
283

Shell
294

Ruby
1,048

ShellPop

Pop shells like a master.

FakePip

Pip install exploit package

CVE-2019-0841-BYPASS

A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.

CVE-2018-1000001

glibc getcwd() local privilege escalation compiled binaries

Shellkiller

A killer reverse-shell script that is able to use a lot of techniques to ensure your shell will pop back to you.

NamedPipes

Bind shell that uses Named Pipes as transport and execute PowerShell code through Runspaces.

CVE-2016-2098

Ruby On Rails unrestricted render() exploit

-CVE-2017-9805

Exploit script for Apache Struts2 REST Plugin XStream RCE (‎CVE-2017-9805)

CVE-2019-1064

CVE-2019-1064 Local Privilege Escalation Vulnerability

TelePreter

Telegram-based PowerShell Runspace Host

CVE-2018-12613

PHPMyAdmin v4.8.0 and v.4.8.1 LFI exploit

CVE-2016-10033

PHPMailer < 5.2.18 Remote Code Execution Exploit

XXE

My own repository used for testing XXE vulnerabilities in a more automated way.

CVE-2017-5638

Struts02 s2-045 exploit program

CVE-2018-10517

CMS Made Simple 2.2.7 RCE exploit

0x00-0x00.github.io

shemutils

Pythonic multi-task library of encryption, database, logging and checksum.

ctf_tools

Tools we (Watchers) use for CTF wargames.

CVE-2015-3224

Modification of Metasploit module for RCE in Ruby-On-Rails Console CVE-2015-3224

CVE-2014-6271

Shellshock exploitation script that is able to upload and RCE using any vector due to its versatility.

CVE-2018-10949

Zimbra Collaboration Suite Username Enumeration

gadreel-bot

Telegram bot to help with task management and CTF wargames

router_attack

wireless security audit repository

decryptor

A substitution cipher decryptor that uses the operator (user) to decrypt the cipher on-the-fly.

asyncspider

A URL brute-forcer to find hidden files from a target URL. AsyncIO.

CTF_SecurityWeekend

Data for FATEC's 1st SecurityWeekend CTF

hashfind

A simple program to request to decrypthash.com to decrypt the hash given by the user.

crypt

Crypt is a cryptography tool to protect all kinds of data using AES-256 and RSA-4096 algorithms.

shredder

C program to erase files securely overwritting data with random patterns.

CVE-2018-7422

Wordpress plugin Site-Editor v1.1.1 LFI exploit

nichide

NicHide is a pure-C program to hide your NIC hardware address.

autobackup

C program to handle rsync and SimplePush notifications easily for my own servers.

shell_scripts

My own shell scripts used for management.

ReverseEngineerPractice

Reverse Engineering Tutorial Files from Lena Course

proxypwn

ProxyPwn is a scanner and tunneler for open proxies.

netcracker

WiFi auditing tool to monitor, capture and crack WPA handshakes.

CVE-2018-15131

Zimbra Collaboration Suite Username Enumeration

pybackdoor

poc backdoor using python and threading

netwatch

NetWatch is a tool to monitor network hosts TCP ports, uptime and visualize scan logs.