Pinned Repositories
awesome-infosec
A curated list of awesome infosec courses and training resources.
CookieMonster
ctf-tools
Some setup scripts for security research tools.
CVE-2018-20555
Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
datasploit
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
Infosec_Reference
An Information Security Reference That Doesn't Suck
Jackett
API Support for your favorite torrent trackers.
osint-scraper
Social Recon
passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
ReconT
reconnaisance - footprinting - information disclosure (0.7)
W1ck3dTh1ngs's Repositories
W1ck3dTh1ngs/ReconT
reconnaisance - footprinting - information disclosure (0.7)
W1ck3dTh1ngs/ANGRYPUPPY
Bloodhound Attack Path Automation in CobaltStrike
W1ck3dTh1ngs/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
W1ck3dTh1ngs/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
W1ck3dTh1ngs/aws-security-benchmark
Open source demos, concept and guidance related to the AWS CIS Foundation framework.
W1ck3dTh1ngs/aws_pwn
A collection of AWS penetration testing junk
W1ck3dTh1ngs/bounty-targets
This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/etc) hourly and dumps them into the bounty-targets-data repo
W1ck3dTh1ngs/confluence
Confluence Python API
W1ck3dTh1ngs/cryptosmt
An easy to use tool for cryptanalysis of symmetric primitives based on SMT/SAT solvers.
W1ck3dTh1ngs/CVE-2019-0232
Apache Tomcat Remote Code Execution on Windows - CGI-BIN
W1ck3dTh1ngs/cve_server
Simple REST-style web service for the CVE searching
W1ck3dTh1ngs/Decodify
Detect and decode encoded strings, recursively.
W1ck3dTh1ngs/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
W1ck3dTh1ngs/featherduster
An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
W1ck3dTh1ngs/FTPBruter
A FTP Server brute forcing tool written in Python 3
W1ck3dTh1ngs/ghidra
Ghidra is a software reverse engineering (SRE) framework
W1ck3dTh1ngs/goscan
Interactive Network Scanner
W1ck3dTh1ngs/hackthebox-writeups
Writeups for HacktheBox 'boot2root' machines
W1ck3dTh1ngs/LeakLooker
Find open databases with Shodan
W1ck3dTh1ngs/ops-tools
A set of handy tools to make it easier for Operations teams to run to Trend Micro Deep Security.
W1ck3dTh1ngs/pentest-guide
Penetration tests cases, resources and guidelines.
W1ck3dTh1ngs/PMapper
A tool for quickly evaluating IAM permissions in AWS.
W1ck3dTh1ngs/RedTeamPowershellScripts
Various PowerShell scripts that may be useful during red team exercise
W1ck3dTh1ngs/RedTeamScripts
Repo with various Red Team scripts
W1ck3dTh1ngs/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
W1ck3dTh1ngs/social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
W1ck3dTh1ngs/Spray
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
W1ck3dTh1ngs/StegCracker
Steganography brute-force utility to uncover hidden data inside files
W1ck3dTh1ngs/Striker
Striker is an offensive information and vulnerability scanner.
W1ck3dTh1ngs/XSStrike
Most advanced XSS scanner.