Pinned Repositories
AutoLocalPrivilegeEscalation
An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
awesome-cve-poc
✍️ A curated list of CVE PoCs.
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
bruteforce-salted-openssl
Try to find the password of a file that was encrypted with the 'openssl' command.
bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
ctf-tools
tổng hợp tool ctf
darkjpeg
JPEG steganography web service
dirtycow.github.io
Dirty COW
FiercePhish
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
FindHiddenSSID
Find Hidden SSID info
ap0cryphon's Repositories
ap0cryphon/FiercePhish
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
ap0cryphon/awesome-cve-poc
✍️ A curated list of CVE PoCs.
ap0cryphon/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
ap0cryphon/bruteforce-salted-openssl
Try to find the password of a file that was encrypted with the 'openssl' command.
ap0cryphon/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
ap0cryphon/dirtycow.github.io
Dirty COW
ap0cryphon/FindHiddenSSID
Find Hidden SSID info
ap0cryphon/GithubLeakAlert
ap0cryphon/IIS_exploit
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
ap0cryphon/Kadimus
Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...
ap0cryphon/Kautilya
Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.
ap0cryphon/leviathan
wide range mass audit toolkit
ap0cryphon/massExpConsole
adding more exploits and tools
ap0cryphon/mimipenguin
A tool to dump the login password from the current linux user
ap0cryphon/ms17-0100
Mixing up CVE and MS like a pro
ap0cryphon/NetWars
Pcap Forensics Challenge
ap0cryphon/nishang
Nishang - PowerShell for penetration testing and offensive security.
ap0cryphon/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
ap0cryphon/pentest-lab
Pentest Lab on OpenStack with Heat & Chef provisioning
ap0cryphon/phishery
An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
ap0cryphon/PoC
Various PoCs
ap0cryphon/PowerMemory
Exploit the credentials present in files and memory
ap0cryphon/python-exploits
Repository for python exploits
ap0cryphon/redsnarf
RedSnarf is a pen-testing / red-teaming tool for Windows environments
ap0cryphon/rpivot
socks4 reverse proxy for penetration testing
ap0cryphon/SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
ap0cryphon/shadowbroker
The Shadow Brokers "Lost In Translation" leak
ap0cryphon/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
ap0cryphon/wafpass
Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
ap0cryphon/weapons4pentester
:hocho: This repo contains required files for web application pentest.