git clone https://github.com/ktecv2000/ProxyShell
cd ProxyShell
virtualenv -p $(which python3) venv
source venv/bin/activate
pip3 install pypsrp
cp wsman.py venv/lib/*/site-packages/pypsrp/wsman.py
python3 exploit.py <target-exchange-server-ip> <email>
PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket
client attack remotely , this script was written for educational purposes only, do not use against to any victim, which you do not have permission for it
vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin
print " INSTALL TOOLS " $ pkg update && upgrade $ pkg install python2 $ pkg install git $ pip2 install lolcat $ pip2 install bs4 $ pip2 install reques
CVE-2021-44228-log4j discovery (Download the MKP package) This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue. To discover this
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
Greenbone Vulnerability Management Tools The Greenbone Vulnerability Management Tools gvm-tools are a collection of tools that help with remote contro
CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot
介绍 工具介绍 这是一款致力于将各类优秀脚本集合在一起调用、联动,最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息,发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。
log4shell_finder Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mer
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root
Hackerone Passive Recon Tool A passive-recon tool that parses through found assets and interacts with the Hackerone API. Setup Simply run setup.sh to
mips mips is a python-based script that decodes MIPS instructions. Usage cd into mips and run python decode.py command or open decode.py to run the sc
ORector is a Fast Python tool designed to detect open redirects vulnerabilities
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
140 Dec 27, 2022
9 Jun 05, 2022
343 Dec 31, 2022
2 Nov 29, 2021
4 Jan 08, 2022
5 Dec 03, 2022
50 Sep 13, 2022
396 Jan 08, 2023
130 Dec 17, 2022
8 Nov 09, 2022
3.8k Jan 06, 2023
259 Dec 31, 2022
23 Jul 05, 2022
33 Jan 04, 2023
9 Dec 27, 2022
20 Nov 24, 2022
4 Jan 13, 2022
0 Mar 30, 2022
11 Apr 02, 2022
3 Oct 05, 2022