incredibleindishell
Security enthusiast Love to learn Linux, PHP and exploit development
IndiShell Lab
Pinned Repositories
CORS-vulnerable-Lab
Sample vulnerable code and its exploit code
CORS_vulnerable_Lab-Without_Database
exploit-code-by-me
Exploit code developed/reproduced by me
LDAP-credentials-collector-backdoor-generator
This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
Local-file-disclosure-SQL-Injection-Lab
This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)
Mannu-Shell
Mannu Shell is PHP web based shell. This code is meant for performing server side file manipulation and other stuffs. Its backdoor free and user friendly.
PHP-web-shells
when i started web application security testing, i fall in love with web shell development and designed some PHP based web shells. This repository contains all my codes which i released in public.
sqlite-lab
This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
SSRF_Vulnerable_Lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Windows-AD-environment-related
This Repository contains the stuff related to windows Active directory environment exploitation
incredibleindishell's Repositories
incredibleindishell/hash-cracker-ICA
Just an experiment with hash cracking :) few password lists along with some good password cracking rule sets.
incredibleindishell/XXE_Vulnerable_codes
Sample codes vulnerable to XXE
incredibleindishell/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
incredibleindishell/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
incredibleindishell/insert_SQLI
SQL Injection in Insert query. Application is not throwing SQL server error messages.
incredibleindishell/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
incredibleindishell/AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
incredibleindishell/Active-Directory-Exploitation-Cheat-Sheet-1
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
incredibleindishell/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
incredibleindishell/BadPotato
Windows 权限提升 BadPotato
incredibleindishell/BruteShark
Network Analysis Tool
incredibleindishell/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
incredibleindishell/CVE-2020-0683
CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege
incredibleindishell/CVE-2020-9547
CVE-2020-9547:FasterXML/jackson-databind 远程代码执行漏洞
incredibleindishell/darkarmour
Windows AV Evasion
incredibleindishell/docem
Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
incredibleindishell/Get-System-Techniques
incredibleindishell/gitscraper
A tool which scrapes public github repositories for common naming conventions in variables, folders and files
incredibleindishell/HTTP-revshell
Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware
incredibleindishell/Invoke-SocksProxy
Socks proxy server using powershell. Supports local and reverse connections for pivoting.
incredibleindishell/javaserializetools
Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。
incredibleindishell/k8s-ctf-rocks
Kubernetes Easter CTF
incredibleindishell/kube_security_lab
incredibleindishell/LTE-ciphercheck
Check LTE Network Cipher Support -- over the air
incredibleindishell/NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
incredibleindishell/o365enum
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
incredibleindishell/PAW
incredibleindishell/Pentest_Note
渗透测试常规操作记录
incredibleindishell/SpaceRunner
This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.
incredibleindishell/WinPwn
Automation for internal Windows Penetrationtest / AD-Security