Pinned Repositories
Burp-AnonymousCloud
Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
Burp-IndicatorsOfVulnerability
Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
Burp-UserAgent
Automatically modify the User-Agent header in all Burp requests
Burp-Yara-Rules
Yara rules to be used with the Burp Yara-Scanner extension
bypasswaf
Add headers to all Burp requests to bypass some WAF products
cpscam
Bypass captive portals by impersonating inactive users
gophish
GoPhish is a phishing script that enables rapid deployment of phishing sites.
PowerSniper
Password spraying script and helper for creating password lists
SideStep
Yet another AV evasion tool
sqlipy
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
codewatchorg's Repositories
codewatchorg/bypasswaf
Add headers to all Burp requests to bypass some WAF products
codewatchorg/sqlipy
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
codewatchorg/SideStep
Yet another AV evasion tool
codewatchorg/cpscam
Bypass captive portals by impersonating inactive users
codewatchorg/Burp-UserAgent
Automatically modify the User-Agent header in all Burp requests
codewatchorg/Burp-Yara-Rules
Yara rules to be used with the Burp Yara-Scanner extension
codewatchorg/Burp-AnonymousCloud
Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
codewatchorg/Burp-IndicatorsOfVulnerability
Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
codewatchorg/PowerSniper
Password spraying script and helper for creating password lists
codewatchorg/gophish
GoPhish is a phishing script that enables rapid deployment of phishing sites.
codewatchorg/jnlpdownloader
jnlpdownloader is a Python script that takes a URL to a JNLP and downloads all the associated JARs and native libraries. Another Java based tool exists that provides this functionality, but this Python version extends the capabilities to include the ability to authenticate with BASIC, DIGEST, NTLM, or cookie authentication.
codewatchorg/OfficeCracker
Tool to bruteforce Word, Excel, and PowerPoint office document passwords
codewatchorg/dirscalate
Dirscalate helps escalate a directory traversal vulnerability to root access (hopefully)
codewatchorg/nacpersonate
The nacpersonate script uses configuration files to impersonate an OS likely to be allowed through the device without special authentication. The tool spoofs TCP and IP options as well as the User-Agent header sent in requests to appear to be from the selected OS.
codewatchorg/CloudKeyHunter
Scan targets via SMB for cloud key files on Windows systems
codewatchorg/droidboxhelper
A slight modification to the droidbox source and a helper file to convert the output into a more legible/readable form.
codewatchorg/p2e
Process to escalate to, or p2e, identifies processes on remote hosts running under potentially privileged accounts to be used for escalation in penetration tests
codewatchorg/PANhunt
PANhunt searches for credit card numbers (PANs) in directories.
codewatchorg/RDPSpray
Tool for password spraying RDP
codewatchorg/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
codewatchorg/testingatlass