La3B0z
🕷️ threat level: unknown. targets: undefined. mission: access all areas. system breach is not a bug, it's a feature.
AnounymousJapon
Pinned Repositories
bugbounty-starter-notes
bug bounty hunters starter notes
bugcrowd_university
Open source education content for the researcher community
CVE-2020-0796-RCE-POC
CVE-2020-0796 Remote Code Execution POC
CVE-2021-26855-SSRF-Exchange
CVE-2021-26855 SSRF Exchange Server
mimikatz
A little tool to play with Windows security
recon_profile
SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
La3B0z's Repositories
La3B0z/mimikatz
A little tool to play with Windows security
La3B0z/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
La3B0z/Active-Directory-Exploitation-Cheat-Sheet-1
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
La3B0z/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩💻
La3B0z/Bug-Bounty-Toolz
BBT - Bug Bounty Tools
La3B0z/bugbounty_checklist
La3B0z/chalumeau
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.
La3B0z/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
La3B0z/Eternalblue-Doublepulsar-Metasploit
Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.
La3B0z/fakemailer
Fake Mailer is a PHP Email Spoofer which is capable of sending spoofed or tampered emails to the target. No Need to Sign up, Send Email Anonymously, Demo Site is available for test!
La3B0z/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
La3B0z/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
La3B0z/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
La3B0z/httpx
A next generation HTTP client for Python. 🦋
La3B0z/markransom
Simple but sharp ransomware
La3B0z/missionbot
Synack Mission claim Bot
La3B0z/OSCP
my oscp prep collection
La3B0z/paramiko
The leading native Python SSHv2 protocol library.
La3B0z/peas
PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.
La3B0z/Powerless
Windows privilege escalation (enumeration) script designed with OSCP labs (legacy Windows) in mind
La3B0z/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
La3B0z/pspy
Monitor linux processes without root permissions
La3B0z/Rails-doubletap-RCE
RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)
La3B0z/scant3r
ScanT3r - Web Security Scanner
La3B0z/scripts-1
Scripts I use during pentest engagements.
La3B0z/Sn1per
Automated pentest framework for offensive security experts
La3B0z/SubEnum
bash script for Subdomain Enumeration
La3B0z/tor-ip-changer
request new identity every X seconds interval using TOR client
La3B0z/XSpear
Powerfull XSS Scanning and Parameter analysis tool&gem
La3B0z/Zin
A Payload Injector for bugbounties written in go