Pinned Repositories
cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
dirty_sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
evil-ssdp
Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
lxd_root
Linux privilege escalation via LXD
lyricpass
Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
pentest-methodology
Short checklists for penetration testing methodology
pentest-tools
General stuff for pentesting - password cracking, phishing, automation, Kali, etc.
uptux
Linux privilege escalation checks (systemd, dbus, socket fun, etc)
initstring's Repositories
initstring/cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
initstring/passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
initstring/linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
initstring/dirty_sock
Linux privilege escalation exploit via snapd (CVE-2019-7304)
initstring/evil-ssdp
Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
initstring/uptux
Linux privilege escalation checks (systemd, dbus, socket fun, etc)
initstring/pentest-methodology
Short checklists for penetration testing methodology
initstring/lxd_root
Linux privilege escalation via LXD
initstring/lyricpass
Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
initstring/pentest-tools
General stuff for pentesting - password cracking, phishing, automation, Kali, etc.
initstring/switcheroo
Universal LAN-based SSRF Attack Primitive
initstring/pyshell
Simple netcat-like binary for Windows, created with python and py2exe.
initstring/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
initstring/MemPG
Memorable Passphrase Generator - create secure random passphrases that sound like sentences
initstring/gitrob
Reconnaissance tool for GitHub organizations
initstring/andrankEnum
Tool to get the top android apps for bug bounty purpose
initstring/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
initstring/dhcp4
DHCP4 library written in Go.
initstring/metasploit-framework
Metasploit Framework
initstring/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
initstring/PiHoleBlocklist
PiHole and AGH Blocklists
initstring/urban-dictionary-word-list
Script and sample dataset of all urban dictionary entry names (around 1.4 million total)
initstring/gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
initstring/stockpile
A CALDERA plugin
initstring/test
initstring/umdmusic-downloader
Python script to download top billboard singles from umdmusic.com