Pinned Repositories
3snake
Tool for extracting information from newly spawned processes
address-spoofing-poc
Chrome address spoofing vulnerability proof-of-concept for HTTPS. (Original by David Leo.)
admin-finder
Python Script to find Web Site Admin Login Page.
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Am-I-affected-by-Meltdown
Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
ARPER
ARPER is an arp cache poisoning tool, it sends spoofed address resolution protocol messages onto a local area network. It has the ability to arp-poison multiple-host systems.
ASLRay
Linux ELF x32 and x64 ASLR bypass exploit with stack-spraying
atomic-red-team
Small and highly portable detection tests.
Invoke-Phant0m
Windows Event Log Killer
aln7's Repositories
aln7/3snake
Tool for extracting information from newly spawned processes
aln7/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
aln7/Am-I-affected-by-Meltdown
Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
aln7/AutoSploit
Automated Mass Exploiter
aln7/Crips
IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
aln7/cssInjection
Stealing CSRF tokens with CSS injection (without iFrames)
aln7/Diggy
Extract enpoints from apk files.
aln7/fsociety
fsociety Hacking Tools Pack – A Penetration Testing Framework
aln7/fuddly
Fuzzing and Data Manipulation Framework (for GNU/Linux)
aln7/getaltname
Get Subject Alt Name from SSL Certificates
aln7/go-internals
A book about the internals of the Go programming language.
aln7/In-Spectre-Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
aln7/kDriver-Fuzzer
aln7/LaZagne
Credentials recovery project
aln7/lpeworkshop
Windows / Linux Local Privilege Escalation Workshop
aln7/Meltdown
Meltdown PoC for reading passwords from Google Chrome.
aln7/monkey
Infection Monkey - An automated pentest tool
aln7/multidiff
Binary data diffing for multiple objects or streams of data
aln7/Passhunt
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
aln7/radare2
unix-like reverse engineering framework and commandline tools
aln7/ReelPhish
aln7/rop-tool
A tool to help you write binary exploits
aln7/S3Scanner
Scan for open S3 buckets and dump
aln7/sdrtrunk
A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:
aln7/SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
aln7/SharpShooter
Payload Generation Framework
aln7/Striker
Striker is an offensive information and vulnerability scanner.
aln7/tactical-exploitation
Modern tactical exploitation toolkit.
aln7/tensorflow-1.4-billion-password-analysis
Deep Learning model to analyze a large corpus of clear text passwords.
aln7/WhatWaf
Detect and bypass web application firewalls and protection systems