Pinned Repositories
CloudBunny
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
crAPI
completely ridiculous API (crAPI)
Powershell-RAT
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Praus
Operating system audit and Hardening Framework
pureblood
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
pwnedOrNot
Find Passwords for Compromised Email Accounts
r3con1z3r
R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence (OSINT) web-based footprinting can be conducted quickly and thoroughly.
seeker
Find GeoLocation with High Accuracy...
shellver
Reverse Shell Cheat Sheet TooL
WebMap
Nmap Web Dashboard and Reporting
D0cT0r-inf0s3c's Repositories
D0cT0r-inf0s3c/Praus
Operating system audit and Hardening Framework
D0cT0r-inf0s3c/crAPI
completely ridiculous API (crAPI)
D0cT0r-inf0s3c/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
D0cT0r-inf0s3c/WebGoat
WebGoat is a deliberately insecure application
D0cT0r-inf0s3c/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
D0cT0r-inf0s3c/AndroidSecNotes
An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.
D0cT0r-inf0s3c/awesome-api-security
A collection of awesome API Security tools and resources.
D0cT0r-inf0s3c/Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
D0cT0r-inf0s3c/awesome-mobile-CTF
This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
D0cT0r-inf0s3c/CVE-2022-40684
Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]
D0cT0r-inf0s3c/e-voting-with-django
The Voting System web application using Django is a project that serves as the automated voting system of an organization or school. This system works like the common manual system of election voting system whereas this system must be populated by the list of the positions, candidates, and voters. This system can help a certain organization or school to minimize the voting time duration because aside they can provide the voters an online platform to vote, the system will automatically count the votes for each candidate. The system has 2 sides of the user interface which are the administrator and voters side. The admin user is in charge to populate and manage the data of the system and the voter side which is where the voters will choose their candidate and submit their votes.
D0cT0r-inf0s3c/jasmin
Jasmin - Open source SMS gateway
D0cT0r-inf0s3c/jasmin-web-panel
📨 Jasmin Web Panel for Jasmin SMS Gateway
D0cT0r-inf0s3c/listmonk
High performance, self-hosted, newsletter and mailing list manager with a modern dashboard. Single binary app.
D0cT0r-inf0s3c/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
D0cT0r-inf0s3c/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
D0cT0r-inf0s3c/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
D0cT0r-inf0s3c/Offensive_tools
D0cT0r-inf0s3c/osmedeus
A Workflow Engine for Offensive Security
D0cT0r-inf0s3c/PAKURI-THON
PAKURI-THON is a tool that supports pentesters with various pentesting tools and C4 server (command & control and chat & communication server). PAKURI-THON can perform most of the operations with intuitive web operations and commands to chatbots.
D0cT0r-inf0s3c/PHPAzureADoAuth
PHP Azure AD login with demo site (using oAuth)
D0cT0r-inf0s3c/Radon-Real-Estate-Business
A platform where customers are able to Buy/Rent apartments or properties and also able to track their monthly invoices and utility bills. Various real estate businesses will be able to host their apartments or properties here as well as track their customers' monthly utility bills.
D0cT0r-inf0s3c/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
D0cT0r-inf0s3c/sample-airtime-topup-platform
Open source airtime and data top-up platform for distributors and e-com sites to use as white label. With complete Admin/Reseller/Customer side. Fully loaded with the Reloadly API. Easy to use and can be customized/white-labeled with any company design.
D0cT0r-inf0s3c/Semantic-UI
Semantic is a UI component framework based around useful principles from natural language.
D0cT0r-inf0s3c/test
D0cT0r-inf0s3c/WebMap-1
WebMap-Nmap Web Dashboard and Reporting
D0cT0r-inf0s3c/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
D0cT0r-inf0s3c/Wynis
Audit Windows Security with best Practice
D0cT0r-inf0s3c/XSRFProbe
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.