Pinned Repositories
0x94TR
0x94TR Scanner Burp Suite Extension
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
Apkatshu
Apkatshu is a Tool for extracting urls , emails , ip address , and interesting data from APK files
awakening-conscience
利用公开的验证漏洞框架 编写批量测试脚本
BeeLogger
Generate Gmail Emailing Keyloggers to Windows.
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
FakeImageExploiter
Use a Fake image.jpg (hide known file extensions) to exploit targets
hidemyass
a post-exploit tool that carefully clean access log
mooscan
A scanner for Moodle LMS
WhatWaf
Detect and bypass web application firewalls and protection systems
C0dak's Repositories
C0dak/CVE-2021-3129
Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)
C0dak/MkCheck
Script to check MikroTik Routers the WinBox Authentication Bypass Disclosure & RouterOS Jailbreak vulnerabilities
C0dak/adfsbrute
A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.
C0dak/bing-ip2hosts
bingip2hosts is a Bing.com web scraper that discovers websites by IP address
C0dak/cas-management-overlay
WAR overlay for Apereo CAS Management web application
C0dak/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
C0dak/CORS-one-liner
A one liner Bash command which finds CORS in every possible endpoint.
C0dak/CVE-2020-3452-Scanner
Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.
C0dak/CVE-2020-9484
C0dak/CVEs-Collection
CVEs collection
C0dak/exploit_laravel_cve-2018-15133
Exploit for Laravel Remote Code Execution with API_KEY (CVE-2018-15133)
C0dak/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
C0dak/HowToHunt
Some Tutorials and Things to Do while Hunting That Vulnerability.
C0dak/Java-Rce-Echo
Java RCE 回显测试代码
C0dak/Ladon
大型内网渗透扫描器&Cobalt Strike,包含信息收集/存活主机/IP扫描/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2系列等,密码口令爆破含(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB、LDAP、SmbHash、WmiHash)等,可高度自定义插件支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器一键生成Web漏洞POC,可快速扩展扫描或利用能力。支持Cobalt Strike 3.X-4.0
C0dak/pathbrute
Pathbrute
C0dak/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
C0dak/rpcenum
Herramienta en Bash ideal para extraer la información más relevante de un dominio vía rpcclient.
C0dak/SB-Actuator
Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测
C0dak/sdlookup
IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io
C0dak/Shodanfy.py
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate-limit!)
C0dak/Spring-Boot-Vulnerability
C0dak/SpringBoot-Labs
一个涵盖六个专栏:Spring Boot 2.X、Spring Cloud、Spring Cloud Alibaba、Dubbo、分布式消息队列、分布式事务的仓库。希望胖友小手一抖,右上角来个 Star,感恩 1024
C0dak/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
C0dak/Tentacle
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
C0dak/termux_All_hacking_tool
This is only for information about top hacking tools in termux
C0dak/viewstate-decoder
Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests
C0dak/vulmap
Vulmap - Web vulnerability scanning and verification tools,支持扫描 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, nexus, weblogic, jboss, thinkphp,并且具备漏洞利用功能。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883, S2-061, CVE-2020-13942, CVE-2020-17530, CVE-2020-17518, CVE-2020-17519
C0dak/WebShells
Webshell with the newest, easiest, and shortest code and technique.
C0dak/xray-1
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档