ackemed's Stars
belane/CloudHunter
AWS, Azure, Alibaba and Google bucket scanner
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
benjamin-mauss/depenfusion
A powerful pentesting tool for proactive detection and exploitation of dependency confusion vulnerabilities in Node.js projects. Enhance your security assessments and protect against potential attacks.
gotr00t0day/spyhunt
recon for bug hunters
PortSwigger/upload-scanner
HTTP file upload scanner for Burp Proxy
extencil/CVE-2024-44849
🔥 CVE-2024-44849 Exploit
d3fudd/CVE-2020-9484_Exploit
Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE
asterictnl-lvdw/CVE-2024-6387
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
thewhiteh4t/seeker
Accurately Locate Smartphones using Social Engineering
stivenhacker/GhostStrike
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
n3rada/toboggan
🛝 Toboggan is a module wrapper for Remote Command Execution that can be leveraged to interactive shell such as forward shell in a constrained environment (e.g. with a firewall).
taythebot/CVE-2021-43798
CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)
thewhiteh4t/FinalRecon
All In One Web Recon
Tib3rius/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
HadessCS/Awesome-Privilege-Escalation
Awesome Privilege Escalation
0xC01DF00D/Collabfiltrator
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
Mehdi0x90/Red-Team
Red teaming is an attack technique used in cyber security to test how an organisation would respond to a genuine cyber attack. It is done through an Ethical Hacking team or similar offensive security team.
webhooksite/webhook.site
⚓️ Easily test HTTP webhooks with this handy tool that displays requests instantly.
GTFOArgs/GTFOArgs.github.io
GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrary commands, using argument injection.
bohops/UltimateWDACBypassList
A centralized resource for previously documented WDAC bypass techniques
hacksider/Deep-Live-Cam
real time face swap and one-click video deepfake with only a single image
CyberSecurityUP/Awesome-Red-Team-Operations
sujayadkesar/Linux-Privilege-Escalation
All Linux privilege Escalation methods are listed under one MarkDown🦁 i.e Kernel Exploits to Cronjobs
matro7sh/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
oshp/oshp-validator
Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
murphysecurity/RDL-detect
远程探测 remote desktop licensing 服务开放情况,用于 CVE-2024-38077 漏洞快速排查
zhuxi1965/CVE-2024-38077-RDLCheck
检测RDL服务是否运行,快速排查受影响资产
qi4L/CVE-2024-38077
RDL的堆溢出导致的RCE