chr0n1k's Stars
Nuitka/Nuitka
Nuitka is a Python compiler written in Python. It's fully compatible with Python 2.6, 2.7, 3.4-3.13. You feed it your Python app, it does a lot of clever things, and spits out an executable or extension module.
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
trustedsec/CS-Remote-OPs-BOF
i-am-shodan/USBArmyKnife
USB Army Knife – the ultimate close access tool for penetration testers and red teamers.
MalwareTech/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Fortiphyd/GRFICSv2
Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
Maldev-Academy/EmbedPayloadInPng
Embed a payload inside a PNG file
tykawaii98/CVE-2024-30088
decoder-it/KrbRelay-SMBServer
thiagoralves/OpenPLC_v2
OpenPLC with the new IEC ST to C compiler
Offensive-Panda/LsassReflectDumping
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callbacks to generate a memory dump of the cloned process
hoto/jenkins-credentials-decryptor
Command line tool for dumping Jenkins credentials.
amjcyber/pwnlook
An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it.
Octoberfest7/Secure_Stager
An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
Sleepw4lker/TameMyCerts
Policy Module for Microsoft Active Directory Certificate Services
netbiosX/AMSI-Provider
A fake AMSI Provider which can be used for persistence.
SpecterOps/cred1py
A Python POC for CRED1 over SOCKS5
blackhatethicalhacking/SQLMutant
SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible to SQL injection formats and then performs injection attacks. These attacks include pattern matching, error analysis, and timing attacks.
passthehashbrowns/VectoredExceptionHandling
netero1010/SCCMVNC
A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications. This can be done without requiring access to SCCM server.
nullenc0de/servicelens
ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify services, categorizing them into Email, Cloud, Security, and more.
fortra/CVE-2024-6769
Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)
ring0-c0d3-br34k3r/Stuxnet-Rootkit
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
HulkOperator/AuthStager
Krypteria/Proxll
Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
Shrfnt77/AmsiBypass
Bypassing Amsi using LdrLoadDll
rvrsh3ll/FindIngressEmail
Find Inbound Email Domains
mez-0/offensive-groovy
Groovy Post Exploitation
Cyb3rDudu/SliverLoader
A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec
MuhammadWaseem29/RCE-CVE-2024-7954