Pinned Repositories
botsql
Bot that uses Atscan and Sqlmap to perform scan and exploit sql vulns
brutecms
Multi-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart
fastssh
Fast SSH Scan and BruteForcer for most common credentials.
infog
Information Gathering Tool
PAVELOW
PAVELOW Exploit Toolbox is a BASH script that corresponds with your KALI distro to better help your vulnerability hunting and exploiting proccess with a few other goodies added to aid your fight.
Samurai
Samurai Email Discovery - SED is a email discovery framework that grabs emails via google dork, company name, or domain name.
TheDoc
TheDoc is a simple but very useful SQLMAP automator with built in admin finder, hash cracker(using hashca) and more!
welcome
Brief Introduction
OffXec's Repositories
OffXec/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
OffXec/pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
OffXec/awesome-malware-analysis
A curated list of awesome malware analysis tools and resources.
OffXec/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
OffXec/Complete-Ethical-Hacking-Penetration-Testing-for-Web-Apps
Complete Ethical Hacking & Penetration Testing for Web Apps, published by Packt
OffXec/CrackMapExec
A swiss army knife for pentesting networks
OffXec/gasmask
Information gathering tool - OSINT
OffXec/ICS-Security-Tools
Tools, tips, tricks, and more for exploring ICS Security.
OffXec/impacket
Impacket is a collection of Python classes for working with network protocols.
OffXec/pentest-guide
Penetration tests cases, resources and guidelines.
OffXec/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
OffXec/SecGen
Generate vulnerable virtual machines on the fly (current team development is taking place in the cliffe/SecGen fork)
OffXec/Sublist3r
Fast subdomains enumeration tool for penetration testers
OffXec/wpscan
WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites.
OffXec/AppSecEzine
AppSec Ezine Public Repository.
OffXec/ATSCAN
Advanced Search & Mass Exploit Scanner
OffXec/autoSource
Automated SonarQube
OffXec/awesome-python-applications
💿 Free software that works great, and also happens to be open-source Python.
OffXec/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OffXec/dirhunt
Find web directories without bruteforce
OffXec/HackTheBox-Writeups
OffXec/isf
ISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
OffXec/markdown-here
Google Chrome, Firefox, and Thunderbird extension that lets you write email in Markdown and render it before sending.
OffXec/omniwallet
Omni Protocol Hybrid Web-Wallet
OffXec/Penetration-Testing-Tools
Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
OffXec/protocol
UMA Protocol Running on Ethereum
OffXec/ShellPop
Pop shells like a master.
OffXec/TheCollective
The Collective. A repo for a collection of red-team projects found mostly on Github. aka YAKSR
OffXec/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
OffXec/vulscan
Advanced vulnerability scanning with Nmap NSE