La3B0z
🕷️ threat level: unknown. targets: undefined. mission: access all areas. system breach is not a bug, it's a feature.
AnounymousJapon
Pinned Repositories
bugbounty-starter-notes
bug bounty hunters starter notes
bugcrowd_university
Open source education content for the researcher community
CVE-2020-0796-RCE-POC
CVE-2020-0796 Remote Code Execution POC
CVE-2021-26855-SSRF-Exchange
CVE-2021-26855 SSRF Exchange Server
mimikatz
A little tool to play with Windows security
recon_profile
SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
La3B0z's Repositories
La3B0z/Automatic-Proxylogon-Exploit
Automatic OWA Proxylogon Exploit
La3B0z/burpa
Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).
La3B0z/byp4xx
Simple bash script to bypass "403 Forbidden" messages with well-known methods discussed in #bugbountytips
La3B0z/caronte
A tool to analyze the network flow during attack/defence Capture the Flag competitions
La3B0z/CiLocks
Android LockScreen Bypass
La3B0z/Cloud-Penetration-Testing-and-Red-Teaming
Tools, Resources & Helpful Tips
La3B0z/CVE-2021-1675
C# and Impacket implementation of CVE-2021-1675/PrintNightmare
La3B0z/CVE-2021-28482-Exchange-POC
POC from TestANull for CVE-2021-28482 on Exchange Server
La3B0z/CVE-2021-3493
Ubuntu OverlayFS Local Privesc
La3B0z/CVE-2021-40444
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
La3B0z/CVE-Exploits
PoC exploits for software vulnerabilities
La3B0z/DiscordOSINT
🔥🌌This repository contains useful resources to conduct research and OSINT investigations on Discord accounts ,servers and bots.🌌🔥
La3B0z/dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
La3B0z/evildork
Evildork targeting your fiancee
La3B0z/Garud
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
La3B0z/HolyTips
Tips and Tutorials on Bug Bounty Hunting and Web App Security.
La3B0z/HostHunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
La3B0z/htshells
Self contained htaccess shells and attacks
La3B0z/investigations
Indicators from Amnesty International's investigations
La3B0z/Invoke-BuildAnonymousSMBServer
Use to build an anonymous SMB file server.
La3B0z/KingOfBugBountyTips
La3B0z/Nuclei-Templates-Collection
Nuclei Templates Collection
La3B0z/openvpn-install
OpenVPN road warrior installer for Ubuntu, Debian, CentOS and Fedora
La3B0z/Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
La3B0z/PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
La3B0z/SecurityTesting
La3B0z/traitor
Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins :arrow_up: :skull_and_crossbones:
La3B0z/vulnx
vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
La3B0z/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
La3B0z/WinPwn
Automation for internal Windows Penetrationtest / AD-Security