Pinned Repositories
awesome-infosec
A curated list of awesome infosec courses and training resources.
CookieMonster
ctf-tools
Some setup scripts for security research tools.
CVE-2018-20555
Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
datasploit
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
Infosec_Reference
An Information Security Reference That Doesn't Suck
Jackett
API Support for your favorite torrent trackers.
osint-scraper
Social Recon
passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
ReconT
reconnaisance - footprinting - information disclosure (0.7)
W1ck3dTh1ngs's Repositories
W1ck3dTh1ngs/AttackSurfaceMapper
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
W1ck3dTh1ngs/awesome-sec-s3
A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
W1ck3dTh1ngs/bokeh
Interactive Data Visualization in the browser, from Python
W1ck3dTh1ngs/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
W1ck3dTh1ngs/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
W1ck3dTh1ngs/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
W1ck3dTh1ngs/CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
W1ck3dTh1ngs/ConPresentations
Slide decks from my conference presentations
W1ck3dTh1ngs/cvelist
Pilot program for CVE submission through GitHub
W1ck3dTh1ngs/DeepNude-an-Image-to-Image-technology
DeepNude's pix2pixHD algorithms(proposed by NVIDIA) and general-purpose Image-to-Image theory and practice research. DeepNude的pix2pixHD算法(英伟达提出)以及通用的Image-to-Image理论与实践研究。
W1ck3dTh1ngs/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
W1ck3dTh1ngs/FaceAppPhotoStealer
How to steal FaceApp photos
W1ck3dTh1ngs/gitfiti
abusing github commit history for the lulz
W1ck3dTh1ngs/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
W1ck3dTh1ngs/grr
GRR Rapid Response: remote live forensics for incident response
W1ck3dTh1ngs/incidents
Collaborative, web-based case management for incident response
W1ck3dTh1ngs/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
W1ck3dTh1ngs/MaliciousClickOnceGenerator
Quick Malicious ClickOnceGenerator for Red Team
W1ck3dTh1ngs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
W1ck3dTh1ngs/poetry
Python dependency management and packaging made easy.
W1ck3dTh1ngs/pyqtgraph
Fast data visualization and GUI tools for scientific / engineering applications
W1ck3dTh1ngs/PySimpleGUI
Launched in 2018 Actively developed and supported. Supports tkinter, Qt, WxPython, Remi (in browser). Create custom layout GUI's simply. Python 2.7 & 3 Support. 100+ Demo programs & Cookbook for rapid start. Extensive documentation. Examples using Machine Learning(GUI, OpenCV Integration, Chatterbot), Floating Desktop Widgets, Matplotlib + Pyplot integration, add GUI to command line scripts, PDF & Image Viewer. For both beginning and advanced programmers .
W1ck3dTh1ngs/RDPassSpray
Python3 tool to perform password spraying using RDP
W1ck3dTh1ngs/ScoutSuite
Multi-Cloud Security Auditing Tool
W1ck3dTh1ngs/seaborn
Statistical data visualization using matplotlib
W1ck3dTh1ngs/Sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
W1ck3dTh1ngs/SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
W1ck3dTh1ngs/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
W1ck3dTh1ngs/volatility
An advanced memory forensics framework
W1ck3dTh1ngs/XSpotify
A modified Spotify client with DRM bypass.