Pinned Repositories
Acomplete-guide-to-dir-brute-force-admin-panel-and-API-endpoints
JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
mobiletools
Official Website of drozer and needle.
PSH-credBox
PowerShell to pop an error message and prompt for credentials
mgcfish's Repositories
mgcfish/android_app_security_checklist
Android App Security Checklist
mgcfish/Atlassian-Jira-pentesting
mgcfish/awesome-cybersecurity-conferences
Awesome Cybersecurity Conferences - Watch the latest awesome security talks around the globe
mgcfish/Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
mgcfish/bbot
OSINT automation for hackers.
mgcfish/Bug-Bounty-Wordlists
mgcfish/Bug-Hunting-Arsenal
The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a quick look down here 👇👇
mgcfish/cve
Gather and update all available and newest CVEs with their PoC.
mgcfish/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
mgcfish/Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
mgcfish/impressive-chatgpt
A collection of impressive and useful results from OpenAI's chatgpt
mgcfish/JNDI-Injection-Exploit-Plus
80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
mgcfish/lemma-fork
mgcfish/linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
mgcfish/Network-segmentation-cheat-sheet
Best practices for segmentation of the corporate network of any company
mgcfish/obsidian-markmind
A mind map, outline and pdf annotate tool for obsidian,It support mobile and desktop
mgcfish/OSCP-Tricks-2023
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
mgcfish/ownlist
Weekly compilation of offensive security tools and write-ups
mgcfish/pentest-pivoting
A compact guide to network pivoting for penetration testings / CTF challenges.
mgcfish/PentestTools
Awesome Pentest Tools Collection
mgcfish/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
mgcfish/rmm
Recon MindMap (RMM)
mgcfish/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
mgcfish/templates
Repository to house markdown templates for researchers
mgcfish/toxssin
An XSS exploitation command-line interface and payload generator.
mgcfish/vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
mgcfish/Vulnerability-Wiki
一个综合漏洞知识库,集成了Vulhub、Peiqi、Edge、0sec、Wooyun等开源漏洞库
mgcfish/WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
mgcfish/wesng
Windows Exploit Suggester - Next Generation
mgcfish/windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.