njahrckstr
Penetration Tester | Network & Web Application Vulnerability Researcher/tester | OSCP | OSWP | GIAC GREM | R&D Engineer
USA
Pinned Repositories
assetfinder
Find domains and subdomains related to a given domain
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Cheatsheet-God
Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet
OSWA
A collection of useful commands, scripts and resources for the OSWA (WEB-200) exam of Offensive Security
PentestScripts
Some scripts for penetration testing
Privilege_Escalation
PyCk
A collection of useful Python hacking scripts for beginners
Red-Team-Exercises
Red-Team-Management
Windows_Kernel_Sploit_List
njahrckstr's Repositories
njahrckstr/Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
njahrckstr/CVE-2021-21972
Proof of Concept Exploit for vCenter CVE-2021-21972
njahrckstr/CVE-2021-24085
njahrckstr/exploits-
njahrckstr/CVE-2021-3156
njahrckstr/Ethical-Hacking-Python-Scripts
Repository for security-related Python scripts.
njahrckstr/GHunt
🕵️♂️ Investigate Google Accounts with emails.
njahrckstr/red_team_tool_countermeasures
njahrckstr/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
njahrckstr/PurpleCloud
An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.
njahrckstr/SecGen
Create randomly insecure VMs
njahrckstr/AWSBucketDump
Security Tool to Look For Interesting Files in S3 Buckets
njahrckstr/InjuredAndroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
njahrckstr/multi-juicer
Run Capture the Flags and Security Trainings with OWASP Juice Shop
njahrckstr/IoT-PT
A Virtual environment for Pentesting IoT Devices
njahrckstr/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
njahrckstr/0l4bs
Cross-site scripting labs for web application security enthusiasts
njahrckstr/CVE-2020-1473
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
njahrckstr/panos-scanner
Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.
njahrckstr/CVE-2020-1472
Test tool for CVE-2020-1472
njahrckstr/zerologon
Exploit for zerologon cve-2020-1472
njahrckstr/XSStrike
Most advanced XSS scanner.
njahrckstr/CVE-2019-18935
RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
njahrckstr/Adaz
:wrench: Automatically deploy customizable Active Directory labs in Azure
njahrckstr/dvna
Damn Vulnerable NodeJS Application
njahrckstr/pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
njahrckstr/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
njahrckstr/Redboto
Red Team Scripts for AWS.
njahrckstr/Bucket-Flaws
Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
njahrckstr/capsulecorp-pentest
Vagrant VirtualBox environment for conducting an internal network penetration test