I wrote this small PoC after bumping into SMB servers where Hydra, Nmap, Medusa and CrackMapExec all failed to discover valid credentials correctly.
The script uses the official Python library from the Samba project, not Impacket, not PySMB.
You may find the library with a name like "samba-python3" in your package manager.
Usage: python brute_smb_share.py <ip_address> <share_name> <users_wordlist> <passwords_wordlist>
MIT Licence
Cleansweep Requirements A Linux (or Mac OS X) node with the following software installed. Ubuntu 14.04 is preferred. PostgreSQL 9.3 database server Py
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
Log4jake Log4jake works by spidering a web application for GET/POST requests. It will then automatically execute the GET/POST requests, filling any di
WELCOME TO LAYLA Layla is a python script that automatically performs recon on a
Let's Take The Bridge Pattern To The Next Level This video covers how the bridge
APKLeaks - Scanning APK file for URIs, endpoints & secrets.
SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn
CHIRP A forensic collection tool written in Python. Watch the video overview 📝 Table of Contents 📝 Table of Contents 🧐 About 🏁 Getting Started Pre
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)
A tool to crack a wifi password with a help of wordlist. This may take long to crack a wifi depending upon number of passwords your wordlist contains. Also it is slower as compared to social media ac
CVE-2022-22965: Spring-Core-Rce EXP 特性: 漏洞探测(不写入 webshell,简单字符串输出) 自定义写入 webshell 文件名称及路径 不会追加写入到同一文件中,每次检测写入到不同名称 webshell 文件 支持写入 冰蝎 webshell 代理支持,可
Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad
YouTube Video Proof of Concept I created a new YouTube Video with technical Explanation for breaking Google's Audio reCAPTCHAs: Click on the image bel
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP
CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 products. Follow the Horizon3.ai Attack Team on Twitter for the latest security research: Ho
An amazing application that will help us manage our passwords and even generate new passwords for us.
payload dumper Dumps the payload.bin image found in Android update images. Has significant performance gains over other tools due to using multiproces
getlevels A small Python Script To get all levels of subdomains Easily get 1st level, 2nd level, 3rd level, 4th level .... nth level subdomains Usag
pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta
39 May 24, 2022
1 Dec 25, 2021
16 May 09, 2022
68 Jan 04, 2023
11 Jun 14, 2022
3.5k Jan 09, 2023
287 Nov 09, 2022
48 Dec 19, 2022
1k Dec 09, 2022
266 Jan 02, 2023
144 Dec 29, 2022
53 Nov 09, 2022
1 Dec 28, 2021
153 Dec 20, 2022
365 Nov 30, 2022
231 Dec 07, 2022
1 Jan 23, 2022
7 Nov 17, 2022
9 Feb 15, 2022
5 Jun 03, 2021