icheernoom's Stars
anderspitman/awesome-tunneling
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
SpiderLabs/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security
HuskyDG/magisk-files
lasting-yang/frida_dump
frida dump dex, frida dump so
newbit1/rootAVD
Script to root AVDs running with QEMU Emulator from Android Studio
broamski/aws-mfa
Manage AWS MFA Security Credentials
anestisb/vdexExtractor
Tool to decompile & extract Android Dex bytecode from Vdex files
Marshall-Hallenbeck/red_team_attack_lab
Red Team Attack Lab for TTP testing & research
foundryzero/binder-trace
Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder".
Yamato-Security/EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
p0dalirius/windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
Paradoxis/Flask-Unsign
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
kavika13/RemCom
Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
NetSPI/ESC
Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.
duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC
CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator
SpecterOps/presentations
SpecterOps Presentations
freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)
SikretaLabs/BlueMap
A Azure Exploitation Toolkit for Red Team & Pentesters
salesforce/metabadger
Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
KiFilterFiberContext/promon-reversal
Analysis and proof-of-concept bypass of Promon SHIELD's Android application protection
CobblePot59/ADcheck
bassammaged/awsEnum
Enumerate AWS cloud resources based on provided credential
freeload101/Bloodhound-Portable
Bloodhound Portable for Windows
yohanes/zygisk-reflutter
Zygisk-based reFlutter
Paradoxis/Flask-Unsign-Wordlist
The following package is the standalone wordlist-only component to flask-unsign.
hackcatml/mldecrypt
iOS binary memory dump tool for iOS15+ (rootful, rootless)
bouj33boy/Domain-Persistence-Detection-Triage-and-Recovery-SO-CON-2024
Resources Links for the Research Based on Josh Prager and Nico Shyne's
m4fn3/frida-ios-dump-remote
pull decrypted ipa from remote jailbreak device
julio-cfa/vBankAPI
vBankAPI is an API that was designed to be vulnerable.