Phaze228's Stars
urbanadventurer/username-anarchy
Username tools for penetration testing
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit
This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location "/main/inc/lib/javascript/bigupload/inc/bigUpload.php" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell.
dhmosfunk/CVE-2023-25690-POC
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
pentestfunctions/BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
WhiteWinterWolf/wwwolf-php-webshell
WhiteWinterWolf's PHP web shell
samratashok/nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
ropnop/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
kimci86/bkcrack
Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
RedSiege/EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
haad/proxychains
proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
lanmaster53/recon-ng
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
openwall/john
John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
owasp-amass/amass
In-depth attack surface mapping and asset discovery
darkoperator/dnsrecon
DNS Enumeration Script
mschwager/fierce
A DNS reconnaissance tool for locating non-contiguous IP space.
fwaeytens/dnsenum
dnsenum is a perl script that enumerates DNS information
DominicBreuker/pspy
Monitor linux processes without root permissions
shhrew/CVE-2022-0944
A proof of concept exploit for SQLPad RCE (CVE-2022-0944).
spipm/Depix
Recovers passwords from pixelized screenshots
mteg/braa
Ultra-fast SNMPv1/v2 stack. Get/set/walk tens of thousands of hosts at once.
Pennyw0rth/NetExec
The Network Execution Tool
trailofbits/onesixtyone
Fast SNMP Scanner
digininja/CeWL
CeWL is a Custom Word List Generator
BurntSushi/xsv
A fast CSV command line toolkit written in Rust.