Pinned Repositories
403-bypass
403-bypass tool to bypass 403 responses.
awesome-cyber-skills
A curated list of hacking environments where you can train your cyber skills legally and safely
bruteforce-lists
Some files for bruteforcing certain things.
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic templates designed specifically for use with Evilginx3.
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
iscsicpl_bypassUAC
UAC bypass for x64 Windows 7 - 11
ollama-telegram
🦙 Ollama Telegram bot, with advanced configuration
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
Vulnerable-Code-Snippets
A small collection of vulnerable code snippets
gabyavra's Repositories
gabyavra/bruteforce-lists
Some files for bruteforcing certain things.
gabyavra/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
gabyavra/advisories
gabyavra/AMSITrigger
The Hunt for Malicious Strings
gabyavra/Autowasp
BurpSuite Extension: A one-stop pen testing checklist and logger tool
gabyavra/awesome-hacker-api-tools
A collection of hacker tools using HackerOne's API
gabyavra/chisel
A fast TCP/UDP tunnel over HTTP
gabyavra/CrackMapExec
A swiss army knife for pentesting networks
gabyavra/Cyber-Bookmarks
A list of bookmarks I have used since I started my journey in cyber security
gabyavra/espoofer
An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻
gabyavra/evil-winrm
The ultimate WinRM shell for hacking/pentesting
gabyavra/google-search-telegram-bot
Mirror of https://gitlab.com/nkming2/google-search-telegram-bot. Please report issues there, thanks!
gabyavra/hackbar
HackBar plugin for Burpsuite
gabyavra/malware-1
Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from: http://www.malwaretech.com
gabyavra/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
gabyavra/Ninja
Open source C2 server created for stealth red team operations
gabyavra/OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
gabyavra/owt
Introducing owt the most compact WiFi auditing tool that works on command line linux.
gabyavra/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
gabyavra/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
gabyavra/Pentest-Bookmarkz
A collection of useful links for Pentesters
gabyavra/Pentest-Tools
gabyavra/Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
gabyavra/PESecurity
PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
gabyavra/Pixi
The Pixi module is a MEAN Stack web app with wildly insecure APIs!
gabyavra/PS_Scripts_Backup
gabyavra/PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
gabyavra/rengine
reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance.
gabyavra/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
gabyavra/WinPwn
Automation for internal Windows Penetrationtest / AD-Security