Pinned Repositories
awesome-infosec
A curated list of awesome infosec courses and training resources.
CookieMonster
ctf-tools
Some setup scripts for security research tools.
CVE-2018-20555
Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
datasploit
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
Infosec_Reference
An Information Security Reference That Doesn't Suck
Jackett
API Support for your favorite torrent trackers.
osint-scraper
Social Recon
passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
ReconT
reconnaisance - footprinting - information disclosure (0.7)
W1ck3dTh1ngs's Repositories
W1ck3dTh1ngs/Jackett
API Support for your favorite torrent trackers.
W1ck3dTh1ngs/Awesome-Cellular-Hacking
Awesome-Cellular-Hacking
W1ck3dTh1ngs/aws-inventory
Discover resources created in an AWS account.
W1ck3dTh1ngs/azure-policy
Repository for Azure Resource Policy samples
W1ck3dTh1ngs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
W1ck3dTh1ngs/cloudtracker
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
W1ck3dTh1ngs/CredSniper
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
W1ck3dTh1ngs/crowdstrike-alerts
Send concise alerts to slack from Crowdstrike using python
W1ck3dTh1ngs/CVE-2019-0708
dump
W1ck3dTh1ngs/CVE-2019-0709
Scanner PoC for CVE-2019-0708 RDP RCE vuln
W1ck3dTh1ngs/CVE-2019-1040
CVE-2019-1040 with Exchange
W1ck3dTh1ngs/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
W1ck3dTh1ngs/discord.js
A powerful JavaScript library for interacting with the Discord API
W1ck3dTh1ngs/enumerate-iam
Enumerate the permissions associated with AWS credential set
W1ck3dTh1ngs/fish-shell
The user-friendly command line shell.
W1ck3dTh1ngs/geziyor
Geziyor, a fast web crawling & scraping framework for Go
W1ck3dTh1ngs/gitleaks
Audit git repos for secrets 🔑
W1ck3dTh1ngs/google-cloud-python
Google Cloud Client Library for Python
W1ck3dTh1ngs/kong
:gorilla: The Cloud-Native API Gateway
W1ck3dTh1ngs/LogESP
Open Source SIEM (Security Information and Event Management system).
W1ck3dTh1ngs/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
W1ck3dTh1ngs/My-Shodan-Scripts
Collection of Scripts for shodan searching stuff.
W1ck3dTh1ngs/oss-fuzz
OSS-Fuzz - continuous fuzzing of open source software
W1ck3dTh1ngs/scrapy
Scrapy, a fast high-level web crawling & scraping framework for Python.
W1ck3dTh1ngs/skaffold
Easy and Repeatable Kubernetes Development
W1ck3dTh1ngs/skywalking
APM, Application Performance Monitoring System
W1ck3dTh1ngs/subscraper
External pentest and bug bounty tool to perform subdomain enumeration through various techniques. SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps.
W1ck3dTh1ngs/ThunderShell
Python / C# Unmanaged PowerShell based RAT
W1ck3dTh1ngs/vagrant
Vagrant is a tool for building and distributing development environments.
W1ck3dTh1ngs/weirdAAL
WeirdAAL (AWS Attack Library)