Pinned Repositories
krusty
Bot consulta de números de DNI PERU
CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
fake-sms-1
A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.
http-server-online
Start a local HTTP server without any tools, just open a web page.
KeyLogger-WebService
"KeyLogger-WebService" Is a Keylogger Write In python.
phaser
Automated attack surface mapper and vulnerability scanner
sshmap
SSH Tool For OSINT and then Cracking.
SUID3NUM
A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
vajra_scan_online_all
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
marcoshat's Repositories
marcoshat/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
marcoshat/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
marcoshat/URLHider
URLHider, a powerful tool designed to make URL masking a breeze.
marcoshat/CVE-2024-4577
PHP CGI Argument Injection vulnerability
marcoshat/lfiscan
A small and fast bash script to automate LFI vulnerability.
marcoshat/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
marcoshat/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
marcoshat/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
marcoshat/ZxCDDoS
ZxCDDoS for education with LAYER 7, LAYER 4, AMP METHODS
marcoshat/Anon-SMS
A Tool To Send Messages Anonymously..
marcoshat/CVE-2024-31848-PoC
PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal
marcoshat/AMSI-BYPASS
Vulnerability that leads to an effective AMSI BYPASS
marcoshat/CVE-2024-4040
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
marcoshat/fuzzing-templates
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
marcoshat/BobTheSmuggler
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
marcoshat/MHDDoS
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
marcoshat/CVE-2022-35914
PoC exploit for GLPI - Command injection using a third-party library script
marcoshat/spyhunt
recon for bug hunters
marcoshat/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
marcoshat/poc-seeker
automated tool designed to streamline the search and identification of Proofs of Concept (POCs)
marcoshat/X-hackz
This is a tool that has social media & camera hacking & WhatsApp virus & SMS bombing functions and much more
marcoshat/SecGen_crear_machine_vuln
Create randomly insecure VMs
marcoshat/GhostRecon
An OSINT framework updated weekly, wich with you can search on precise targets, with a lot of features like person search, criminal search, or social media scanning with eamail/phone, and ip changer
marcoshat/AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
marcoshat/PayloadsAllTheThings-sql-comando-xss-xxe-lfi
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
marcoshat/backdoorPhish
Herramienta de ingeniería social (Creador de puerta trasera con Reverse Shell para Windows/Android) con Ngrok.
marcoshat/SniperPhish
SniperPhish - The Web-Email Spear Phishing Toolkit
marcoshat/Doxxer-Toolkit
Todo lo necesario que un doxxer debe de tener siempre a mano
marcoshat/Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
marcoshat/SSTImap
Automatic SSTI detection tool with interactive interface