Qymaen

Qymaen's Stars

• ohpe/juicy-potato

  A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

  Language:C++2.4k466

• BuffaloWill/oxml_xxe

  A tool for embedding XXE/XML exploits into different filetypes

  Language:Ruby1k232

• Ne0nd0g/merlin

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

  Language:Go5k798

• volatilityfoundation/community

  Volatility plugins developed and maintained by the community

  Language:Python339143

• quentinhardy/odat

  ODAT: Oracle Database Attacking Tool

  Language:Python1.6k345

• D35m0nd142/LFISuite

  Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner

  Language:Python1.7k388

• FuzzySecurity/PowerShell-Suite

  My musings with PowerShell

  Language:PowerShell2.6k763

• samratashok/nishang

  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

  Language:PowerShell8.7k2.4k

• Alamot/code-snippets

  Various code snippets

  Language:C++259108

• Genetic-Malware/Ebowla

  Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

  Language:Python732167

• breenmachine/RottenPotatoNG

  New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.

  Language:C++890178

• foxglovesec/RottenPotato

  RottenPotato local privilege escalation from service account to SYSTEM

  Language:C#639134

• huntergregal/mimipenguin

  A tool to dump the login password from the current linux user

  Language:C3.8k631

• yandex/gixy

  Nginx configuration static analyzer

  Language:Python8.2k395

• drk1wi/Modlishka

  Modlishka. Reverse Proxy.

  Language:Go4.8k875

• psypanda/hashID

  Software to identify the different types of hashes -

  Language:Python1.3k180

• infosecn1nja/AD-Attack-Defense

  Attack and defend active directory using modern post exploitation adversary tradecraft activity

  4.4k1k

• RsaCtfTool/RsaCtfTool

  RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

  Language:Python5.5k893

• angristan/openvpn-install

  Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.

  Language:Shell13.4k2.9k

• sullo/nikto

  Nikto web server scanner

  Language:Perl8.3k1.2k

• rasta-mouse/Sherlock

  PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

  Language:PowerShell1.9k422

• EnableSecurity/sipvicious

  SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.

  Language:Python877159

• tennc/fuzzdb

  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

  Language:HTML1.4k623

• pentestmonkey/unix-privesc-check

  Automatically exported from code.google.com/p/unix-privesc-check

  Language:Shell1k218

• rebootuser/LinEnum

  Scripted Local Linux Enumeration & Privilege Escalation Checks

  Language:Shell6.9k2k

• s4n7h0/xvwa

  XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

  Language:PHP1.7k340

• trustedsec/unicorn

  Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

  Language:Python3.7k810

• dirtycow/dirtycow.github.io

  Dirty COW

  Language:HTML3.3k938

• infodox/python-pty-shells

  Python PTY backdoors - full PTY or nothing!

  Language:Python735214

• jordansissel/xdotool

  fake keyboard/mouse input, window management, and more

  Language:C3.2k316