lanceae

Pinned Repositories

A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
00
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
00
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Language:Jinja00
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
00
arsenal
Arsenal is just a quick inventory and launcher for hacking programs
Language:Python00
awesome-bugbounty-tools
A curated list of various bug bounty tools
00
awesome-honeypots
an awesome list of honeypot resources
Language:Python00
Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
Language:Go00
awesome-security-collection
1000+ Github Security Resource Collection Repos.
00

lanceae's Repositories

lanceae/ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Language:Jinja00
lanceae/awesome-bugbounty-tools
A curated list of various bug bounty tools
00
lanceae/Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
Language:Go00
lanceae/Awesome-Web3-security
A curated list of resources for learning web3 hacking/Security
lanceae/BotPEASS
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
Language:Python
lanceae/COM-Hunter
COM Hijacking VOODOO
lanceae/CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
lanceae/CyberSecurity
Cybersecurity stuff for both the blue team and the red team, mostly red though.
lanceae/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
lanceae/DFSCoerce
Language:Python
lanceae/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
lanceae/FollinaScanner
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)
lanceae/jarbou3
Jarbou3 is rat tool coded in python with C&C which can accept multiple connections from clients
lanceae/JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
lanceae/Kali-Linux-Wireless-Penetration-Testing-Beginners-Guide-Third-Edition
Kali Linux Wireless Penetration Testing Beginner's Guide - Third Edition, published by Packt
lanceae/KerberOPSEC
OPSEC safe Kerberoasting in C#
lanceae/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
lanceae/MS-MSDT-Office-RCE-Follina
CVE-2022-30190 | MS-MSDT Follina One Click
lanceae/msfvenom_maker
lanceae/MSRPC-to-ATTACK
A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
lanceae/MSSQL-Pentest-Cheatsheet
lanceae/myPyBackDoor
Easy to understand back door written in python
lanceae/Notes
Language:Python0 0
lanceae/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
lanceae/pentest-book
lanceae/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
lanceae/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Language:JavaScript0 0
lanceae/SMB-Session-Spoofing
lanceae/sqlmap
Automatic SQL injection and database takeover tool
lanceae/zap-scripts
Zed Attack Proxy Scripts for finding CVEs and Secrets.