bhdresh
This is a personal repository. Tools/opinions/comments are my own and not of my employer.
Personal repository
Pinned Repositories
CVE-2017-0199
Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
CVE-2017-8759
Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
CVE-2018-11776
Vulnerable docker container for CVE-2018-11776
CVE-2021-33766
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Dejavu
DejaVU - Open Source Deception Framework
lazykatz
Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.
SnortRules
This is an open source Snort rules repository
SocialEngineeringPayloads
This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
taskhash
This tool is developed to assist forensic investigators and auditors to remotely collect the md5sum of running processes on the target windows machine.
Whatsapp-IP-leak
Leak the IP address and Geolocation of target whatsapp user
bhdresh's Repositories
bhdresh/CVE-2017-0199
Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
bhdresh/Dejavu
DejaVU - Open Source Deception Framework
bhdresh/SocialEngineeringPayloads
This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
bhdresh/CVE-2017-8759
Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
bhdresh/lazykatz
Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.
bhdresh/Whatsapp-IP-leak
Leak the IP address and Geolocation of target whatsapp user
bhdresh/CVE-2021-33766
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
bhdresh/SnortRules
This is an open source Snort rules repository
bhdresh/CVE-2018-11776
Vulnerable docker container for CVE-2018-11776
bhdresh/taskhash
This tool is developed to assist forensic investigators and auditors to remotely collect the md5sum of running processes on the target windows machine.
bhdresh/ProbesPlotter
ProbesPlotter is a passive WiFi surveillance tool developed to plot the WiFi probe requests from different devices using directed-graph.
bhdresh/About
Research and Publications
bhdresh/CVE-2022-1388
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE
bhdresh/RedHunt-OS
Virtual Machine for Adversary Emulation and Threat Hunting
bhdresh/UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
bhdresh/dnsresolver
bhdresh/Empire
Empire is a PowerShell and Python post-exploitation agent.