Pinned Repositories
3klCon
Automation Recon tool which works with Small & Medium scopes
BinExp
Linux Binary Exploitation
Bug-Bounty-Toolz
BBT - Bug Bounty Tools
christmas-tree
christmas tree bash script
CVE-2022-28601
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor
cyber-security-cheatsheets
Cheat Sheets to help with common security/pen testing tasks
GoGhost
High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
shhgit
Ah shhgit! Find GitHub secrets in real time
XSStrike
Most advanced XSS scanner.
FlaviuPopescu's Repositories
FlaviuPopescu/CVE-2022-28601
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor
FlaviuPopescu/christmas-tree
christmas tree bash script
FlaviuPopescu/awesome-web-security
🐶 A curated list of Web Security materials and resources.
FlaviuPopescu/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
FlaviuPopescu/AzureAttackKit
Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information
FlaviuPopescu/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
FlaviuPopescu/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
FlaviuPopescu/cloudfox
Automating situational awareness for cloud penetration tests.
FlaviuPopescu/copy-as-go-request
Burp Suite extension to copy requests as Go
FlaviuPopescu/CVE-2021-40444
CVE-2021-40444 PoC
FlaviuPopescu/CVE-2022-28986
A Insecure direct object references (IDOR) vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor
FlaviuPopescu/FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
FlaviuPopescu/FlaviuPopescu
FlaviuPopescu/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
FlaviuPopescu/hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
FlaviuPopescu/katana
A next-generation crawling and spidering framework.
FlaviuPopescu/L4sh
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
FlaviuPopescu/Learn365
The purpose of #Learn365 collection is to create informational content in multiple codecs and share with the community to allow knowledge advent and studying.
FlaviuPopescu/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
FlaviuPopescu/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
FlaviuPopescu/ParamSpider
Mining parameters from dark corners of Web Archives
FlaviuPopescu/psudohash
Password list generator that focuses on keywords mutated by commonly used password creation patterns
FlaviuPopescu/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
FlaviuPopescu/RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
FlaviuPopescu/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
FlaviuPopescu/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
FlaviuPopescu/Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
FlaviuPopescu/waymore
Find way more from the Wayback Machine!
FlaviuPopescu/weird_proxies
Reverse proxies cheatsheet
FlaviuPopescu/xnLinkFinder
A python tool used to discover endpoints (and potential parameters) for a given target