I wrote this small PoC after bumping into SMB servers where Hydra, Nmap, Medusa and CrackMapExec all failed to discover valid credentials correctly.
The script uses the official Python library from the Samba project, not Impacket, not PySMB.
You may find the library with a name like "samba-python3" in your package manager.
Usage: python brute_smb_share.py <ip_address> <share_name> <users_wordlist> <passwords_wordlist>
MIT Licence
Port Scanner TCP/UDP port scanner on python, usong scapy and multiprocessing. Usage python3 scanner.py [OPTIONS] IP_ADDRESS [{tcp|udp}[/[PORT|PORT-POR
CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br
An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r
labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning
Guess the password for Tik Tok accounts Tool features : You don't need proxies There is no captcha Running on a private api Combo T
Promoter A Telegram Bot to force users to join a specific channel before sending messages in a group. Introduction A Telegram Bot to force users to jo
A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba
CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享,严禁用于非法用途,否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn
The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description
OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►
Web Scraping com Python - Raspando Vagas para Programadores Sobre o Projeto Web
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione
pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows
master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth
IDA iBoot Loader IDA loader for Apple's iBoot, SecureROM and AVPBooter Installation Copy iboot-loader.py to the loaders folder in IDA directory. Credi
reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re
Internationalized Domain Names in Applications (IDNA) Support for the Internationalised Domain Names in Applications (IDNA) protocol as specified in R
Vulnerability assessment for CVE-2022-22536 This repository contains a Python script that can be used to check if a SAP system is affected by CVE-2022
Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1
1 Dec 05, 2021
2 May 06, 2022
1k Jan 04, 2023
16 Dec 08, 2022
32 Dec 25, 2022
1 Jan 27, 2022
4.8k Dec 31, 2022
355 Aug 03, 2022
135 Dec 31, 2022
11 Dec 06, 2022
3 Dec 30, 2021
2 Feb 05, 2022
307 Dec 24, 2022
10 Jul 28, 2022
167 Dec 19, 2022
74 Dec 23, 2022
560 Dec 23, 2022
204 Dec 13, 2022
42 Dec 01, 2022
129 Dec 30, 2022