MathzRocha
Pentester | Eterno Aprendiz | Entusiasta em Cybersecurity | Aprendiz de desenvolvimento em Python & JS | Jogador de CTF | Entusiasta em Android Seurity | π₯οΈ πΎ
SΓ£o Paulo - SP
Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Amass
In-depth Attack Surface Mapping and Asset Discovery
Android-BuggyCrypto
Application for showcasing Android application Crypto vulnerabilities
Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
androidcomponentsparser
Hacky script to parse AndroidManifest.xml file and provide the list of components along with the intent filter and exported state
apk-analyzer
Analyze an APK archive.
jok3r
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
JSLinkFinder
Finder Paths and dot JS on webpages β For endpoint and path analysis
SecurePasswordGenerator
Gerador de senhas seguras em Python
MathzRocha's Repositories
MathzRocha/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
MathzRocha/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
MathzRocha/awesome-bugbounty-tools
A curated list of various bug bounty tools
MathzRocha/BloodHound
Six Degrees of Domain Admin
MathzRocha/BugBuntu
BugBuntu Linux
MathzRocha/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
MathzRocha/dnsrato
Pentest Reconnaissance Tool in Javascript based on Ricardo Longatto version.
MathzRocha/faraday
Collaborative Penetration Test and Vulnerability Management Platform
MathzRocha/fopnp
Foundations of Python Network Programming (Apress) β scripts and examples
MathzRocha/hacks
A collection of hacks and one-off scripts
MathzRocha/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
MathzRocha/httpx
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
MathzRocha/karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Rconnaissance (framework)
MathzRocha/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
MathzRocha/MS17-010
MS17-010
MathzRocha/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
MathzRocha/nuclei
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
MathzRocha/o365spray
Username enumeration and password spraying tool aimed at Microsoft O365.
MathzRocha/Oralyzer
Open Redirection Analyzer
MathzRocha/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
MathzRocha/reconness
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
MathzRocha/Red_Team
Some scripts useful for red team activities
MathzRocha/SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
MathzRocha/shellphish
Phishing Tool for Instagram, Facebook, Twitter, Snapchat, Github
MathzRocha/SocialPhish
The most complete Phishing Tool, with 32 templates +1 customizable
MathzRocha/subjack
Subdomain Takeover tool written in Go
MathzRocha/Sublist3r
Fast subdomains enumeration tool for penetration testers
MathzRocha/updog
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
MathzRocha/username_generator
Create a list of possible usernames for bruteforcing
MathzRocha/XSStrike
Most advanced XSS scanner.