gobiasinfosec
I write crappy scripts that I don't finish that may occasionally be useful. This is a repository of that lack of effort.
gobiasinfosec's Stars
gophish/gophish
Open-Source Phishing Toolkit
rebootuser/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
bisguzar/twitter-scraper
Scrape the Twitter Frontend API without authentication.
internetwache/GitTools
A repository with 3 tools for pwn'ing websites with .git repositories available
huntergregal/mimipenguin
A tool to dump the login password from the current linux user
rootm0s/WinPwnage
UAC bypass, Elevate, Persistence methods
joaomatosf/jexboss
JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
UnaPibaGeek/ctfr
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
trustedsec/hate_crack
A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
api0cradle/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
byt3bl33d3r/SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
SySS-Research/Seth
Perform a MitM attack and extract clear text credentials from RDP connections
Viralmaniar/Passhunt
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Metnew/uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
m8sec/nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
dafthack/PowerMeta
PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.
enigma0x3/Misc-PowerShell-Stuff
random powershell goodness
SwiftOnSecurity/SwiftFilter
Exchange Transport rules to detect and enable response to phishing
jephthai/OpenPasswordFilter
An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.
aress31/jwtcat
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
preempt/credssp
A code demonstrating CVE-2018-0886
rand0m1ze/ezsploit
Linux bash script automation for metasploit
zeroSteiner/mayhem
Runtime Process Manipulation
secdec/adapt
ADAPT is a tool that performs automated Penetration Testing for WebApps.
madhuakula/wincmdfu
Windows one line commands that make life easier, shortcuts and command line fu.
chrismaddalena/Goreport
A Python script to collect campaign data from Gophish and generate a report
NickstaDB/SerialBrute
Java serialization brute force attack tool.
fortinet-solutions-cse/fortiosapi
Python library aimed to be used by configuration management system using Fortigate/Fortios devices (REST API)
maaaaz/weblogicpassworddecryptor
A simple script to decrypt stored passwords from Oracle WebLogic Server configuration files
zi0Black/POC-CVE-2018-0114
This repository contains the POC of an exploit for node-jose < 0.11.0