Pinned Repositories
Antide4dot-Remover
Detected Antide4dot and Removed it automatically.
fastjson_rce_tool
fastjson命令执行利用工具, remote code execute
hacking-methodologies
HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
medusa-1
Medusa is a Frida based tool which traces Android API calls in order to identify harmful behaviour to the end user
windows_hardening
Windows Hardening settings and configurations
mmg1's Repositories
mmg1/HowToHunt
Tutorials and Things to Do while Hunting Vulnerability.
mmg1/NetblockTool
Find netblocks owned by a company
mmg1/snyk
CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
mmg1/ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
mmg1/Bug-bounty
Ressources for bug bounty hunting
mmg1/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
mmg1/cspp-tools
Client-Side Prototype Pollution Tools
mmg1/Dell-Driver-EoP-CVE-2021-21551
Dell Driver EoP (CVE-2021-21551)
mmg1/grype
A vulnerability scanner for container images and filesystems
mmg1/jspanda
client-side prototype pullution vulnerability scanner
mmg1/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
mmg1/Lilly
Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, all the possible IPs, PORTs and SSL/TLS Certs are searched to validate the target in-scope.
mmg1/MeterPwrShell
Automated Tool That Generate The Perfect Powershell Payload
mmg1/Mitigating-Obsolete-TLS
Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber
mmg1/moodlescan
Tool for scan vulnerabilities in Moodle platforms
mmg1/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
mmg1/plution
Prototype pollution scanner using headless chrome
mmg1/powershell-android-utils
PowerShell module providing utility commands to manipulate a APK file on Windows
mmg1/ppfuzz
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
mmg1/PPScan
Client Side Prototype Pollution Scanner
mmg1/RCE-0-day-for-GhostScript-9.50
RCE 0-day for GhostScript 9.50 - Payload generator
mmg1/rengine
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
mmg1/robots-disallowed-dict-builder
Script generating a dictionary containing the most common DISALLOW clauses from robots.txt file found on CISCO Top 1 million sites
mmg1/SerialDetector
A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
mmg1/SigFlip
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
mmg1/svn-extractor
simple script to extract all web resources by means of .SVN folder exposed over network.
mmg1/SysWhispers2
AV/EDR evasion via direct system calls.
mmg1/Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
mmg1/wordlists-8
Wordlists for Fuzzing
mmg1/XXE-study
This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.