Pinned Repositories
Alpha
Frame of word game with ReactNative
Cloud-Hacking
CVE-2018-9276
CVE-2018-9276 PRTG < 18.2.39 Reverse Shell (Python3 support)
FreePBX-2.10.0---Elastix-2.2.0---Remote-Code-Execution
Modified version of the original one for HackTheBox Beep
Hack-Tools
The all-in-one Red Team extension for Web Pentester 🛠
JSONBee
A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
OSCP-PWK
https://alvinsmith.gitbook.io/progressive-oscp/
OSEP
Wiki page as CheatSheet. Please also focus on your PEN-300 studying!
Passkeys-availability-check
WIP, PR more than welcome
A1vinSmith's Repositories
A1vinSmith/OSCP-PWK
https://alvinsmith.gitbook.io/progressive-oscp/
A1vinSmith/OSWE-AWAE
A1vinSmith/Passkeys-availability-check
WIP, PR more than welcome
A1vinSmith/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
A1vinSmith/hacktricks-cloud
A1vinSmith/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
A1vinSmith/aquatone
A Tool for Domain Flyovers
A1vinSmith/aquatone-new
A Tool for Domain Flyovers
A1vinSmith/cve
Gather and update all available and newest CVEs with their PoC.
A1vinSmith/dbsc
A1vinSmith/DNS-Checker
A1vinSmith/dnspython
a powerful DNS toolkit for python
A1vinSmith/dnsReaper
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
A1vinSmith/exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
A1vinSmith/FinalRecon
All In One Web Recon
A1vinSmith/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
A1vinSmith/mbedtls
An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
A1vinSmith/nvd-json-data-feeds
Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endorsed nor certified by the NVD.
A1vinSmith/objection
📱 objection - runtime mobile exploration
A1vinSmith/OSCP
OSCP Cheat Sheet
A1vinSmith/PersonalStuff
Upload files done during my research.
A1vinSmith/pysaml2
Python implementation of SAML2
A1vinSmith/saml_idp
Ruby SAML Identity Provider, best used with Rails (though not required)
A1vinSmith/SharpDPAPI
SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
A1vinSmith/sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
A1vinSmith/websocat
Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
A1vinSmith/WindowsDowndate
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
A1vinSmith/xmlsec
XML Security Library
A1vinSmith/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A1vinSmith/ysoserial.net
Deserialization payload generator for a variety of .NET formatters