git clone https://github.com/ktecv2000/ProxyShell
cd ProxyShell
virtualenv -p $(which python3) venv
source venv/bin/activate
pip3 install pypsrp
cp wsman.py venv/lib/*/site-packages/pypsrp/wsman.py
python3 exploit.py <target-exchange-server-ip> <email>
CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la
Hikvisioninformation Hikvision 流媒体管理服务器敏感信息泄漏 Options optional arguments: -h, --help show this help message and exit -u url, --url url
Red-Key Red-Key Password List Maker Version 1.1.2 Created By FireKing255 -=Features=- Create Random Password List Create Password List Create Password
A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba
A tool that detects the "expensive" Carbon Black watchlists.
Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication
Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as
宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma
pythonwhois A WHOIS retrieval and parsing library for Python. Dependencies None! All you need is the Python standard library. Instructions The manual
Password Manager is a simple Python project which helps users in managing their passwords in a easier way
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.
CondaDEV A CTF2.5/MMF2 Decompiler What is CondaDEV? CondaDEV (anaCondaDEVeloper) is a fork of Anaconda Mode 4.1, with a lot of Quality of Life patches
Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg
Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk
PreviewGram is for users that wants get a more private experience with the Telegram's Channel.
OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测,被动探测,对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list
SimplePasswordManager A simple way to store your passwords without requiring third party applications Simple To Use. Store Your Passwords For Each Web
4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us
20 Aug 25, 2022
13 Nov 09, 2022
7 Dec 26, 2021
4.8k Dec 31, 2022
8 Aug 04, 2022
4 Nov 06, 2021
2 Aug 31, 2022
298 Dec 14, 2022
3 Oct 05, 2022
479 Dec 27, 2022
384 Dec 23, 2022
4 Sep 29, 2021
21 Jan 01, 2023
4 Mar 07, 2022
1.8k Jan 04, 2023
43 Dec 03, 2022
1 Sep 25, 2022
21 Aug 12, 2022
1 Dec 23, 2021
11 Aug 27, 2022