matthewomccorkle
Hello 👋 my name is Matthew McCorkle 👨. I am a security analyst based in Florida 🌴.
matthewomccorkle's Stars
projectdiscovery/alterx
Fast and customizable subdomain wordlist generator using DSL
cramppet/regulator
Automated learning of regexes for DNS discovery
nzymedefense/nzyme
Network Defense System.
intigriti/misconfig-mapper
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
noperator/panos-scanner
Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.
jeremylaratro/cloud_pentesting_overview
Cloud Pentesting Resource Collection
foxlox/GIUDA
Ask a TGS on behalf of another user without password
subat0mik/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
waelmas/frameless-bitb
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
praetorian-inc/noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
p0dalirius/Wordpress-webshell-plugin
A webshell plugin and interactive shell for pentesting a WordPress website.
absolomb/FindMeAccess
dievus/Oh365UserFinder
Python3 o365 User Enumeration Tool
dunderhay/entraspray
Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)
Ragnt/AngryOxide
802.11 Attack Tool
pwnfoo/NTLMRecon
Enumerate information from NTLM authentication enabled web endpoints 🔎
Macmod/godap
A complete TUI for LDAP.
danti1988/adcshunter
Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
Syslifters/sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
zyedidia/micro
A modern and intuitive terminal-based text editor
tenable/poc
Proof of Concepts
Ridter/noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
expl0itabl3/check_mdi
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
blechschmidt/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
tdubs/crt.sh
Shell script to obtain information from https://crt.sh
nitefood/asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
nmmapper/dnsdumpster
A tool to perform DNS reconnaissance on target networks. Among the DNS information got from include subdomains, mx records, web application firewall detection and more fingerprinting and lookups
ZephrFish/Bloodhound-CustomQueries
Custom Queries - Brought Up to BH4.1 syntax
deepinstinct/ContainYourself
A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
bitquark/shortscan
An IIS short filename enumeration tool