La3B0z
🕷️ threat level: unknown. targets: undefined. mission: access all areas. system breach is not a bug, it's a feature.
AnounymousJapon
Pinned Repositories
bugbounty-starter-notes
bug bounty hunters starter notes
bugcrowd_university
Open source education content for the researcher community
CVE-2020-0796-RCE-POC
CVE-2020-0796 Remote Code Execution POC
CVE-2021-26855-SSRF-Exchange
CVE-2021-26855 SSRF Exchange Server
mimikatz
A little tool to play with Windows security
recon_profile
SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
La3B0z's Repositories
La3B0z/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
La3B0z/Bashark
Bash post exploitation toolkit
La3B0z/buffer_overflow
Buffer Overflow repo for hackit talks
La3B0z/bypass-firewalls-by-DNS-history
Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
La3B0z/CVE-2020-1472
Test tool for CVE-2020-1472
La3B0z/CVE-2020-16947
PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)
La3B0z/CVE-2020-17530
S2-061 CVE-2020-17530
La3B0z/fakemailer
Fake Mailer is a PHP Email Spoofer which is capable of sending spoofed or tampered emails to the target. No Need to Sign up, Send Email Anonymously, Demo Site is available for test!
La3B0z/GoldenNuggets-1
Burp Extension for easily creating Wordlists
La3B0z/GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
La3B0z/HoneyCreds
HoneyCreds network credential injection to detect responder and other network poisoners.
La3B0z/httpx-1
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
La3B0z/JustTryHarder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
La3B0z/linux-exploit-suggester
Linux privilege escalation auditing tool
La3B0z/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
La3B0z/mod0BurpUploadScanner
HTTP file upload scanner for Burp Proxy
La3B0z/naabu
A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
La3B0z/OSCP
my oscp prep collection
La3B0z/php-jpeg-injector
Injects php payloads into jpeg images
La3B0z/poor-mans-pentest
This a collection of the code that I have written for the Poor Man's Pentest presentation.
La3B0z/portable-data-exfiltration
This repo contains all the injections mentioned in my talk and enumerators.
La3B0z/PowerTools
PowerTools is a collection of PowerShell projects with a focus on offensive operations.
La3B0z/PPLKiller
Tool to bypass LSA Protection (aka Protected Process Light)
La3B0z/PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019
La3B0z/privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
La3B0z/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
La3B0z/venom
venom - shellcode generator/compiler/handler (metasploit)
La3B0z/WhatWaf
Detect and bypass web application firewalls and protection systems
La3B0z/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
La3B0z/zerologon
Exploit for zerologon cve-2020-1472