nxkennedy

Pinned Repositories

python-verodin-director-api
A simple Python wrapper for the Verodin Director API
Language:Python1 4 01
AWAE-PREP
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
Language:Java0 0 00
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
00
clickjack
Simple script to test for clickjacking
Language:Python19 2 012
cofense-export-parser
Scripts to Parse Cofense/PhishMe Raw Exports
Language:Python0 2 00
compromised
Tool for comparing a list of email addresses to the haveibeenpwned database to determine if they have been compromised in a public breach
Language:Ruby1 1 00
CVE-2019-8997
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.
2 1 02
nexpose-automate_reports
Automatically dump tailored reports for each asset or site in your Nexpose installation using the Nexpose API
Language:Ruby20
nexpose-mac_counter
Sheds light on asset detection accuracy by determining unique MACs found, assets missing MACs, dupes, and the 10 most common dupes.
Language:Python10
OSWE-1
OSWE Preparation
10

nxkennedy's Repositories

nxkennedy/clickjack
Simple script to test for clickjacking
Language:Python19 2 012
nxkennedy/CVE-2019-8997
An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.
2 1 02
nxkennedy/OSWE-1
OSWE Preparation
10
nxkennedy/AWAE-PREP
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
Language:Java0 0 00
nxkennedy/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
0 2 00
nxkennedy/cofense-export-parser
Scripts to Parse Cofense/PhishMe Raw Exports
Language:Python0 2 00
nxkennedy/deephack
deephack
Language:Python
nxkennedy/DPAT
Domain Password Audit Tool for Pentesters
Language:Python2 0
nxkennedy/Malleable-C2-Profiles
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
1 0
nxkennedy/malware-1
Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
Language:C++1 0
nxkennedy/misc-scripts
miscellaneous scripts in mostly working order
Language:Python1 0
nxkennedy/nessus-mass_downloader
Download reports via the Nessus API
Language:Ruby1 0
nxkennedy/nessus-report-downloader
Language:Ruby1 0
nxkennedy/nxkennedy.github.io
Language:HTML1 0
nxkennedy/OSINT-Framework
OSINT Framework
Language:JavaScript1 0
nxkennedy/OWASP-Testing-Checklist
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
1 0
nxkennedy/p0wnedShell
PowerShell Runspace Post Exploitation Toolkit
Language:C#
nxkennedy/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Language:Python2 01
nxkennedy/php-reverse-shell
Language:PHP0 0
nxkennedy/python-amazon-simple-product-api
A simple Python wrapper for the Amazon.com Product Advertising API
Language:Python1 0
nxkennedy/python-verodin-director-api-1
A simple Python wrapper for the Verodin Director API
Language:Python0 0
nxkennedy/QuasarRAT
Remote Administration Tool for Windows
Language:C#1 0
nxkennedy/risu-templates
Templates to extract failed DISA STIG checks from Nessus scan reports parsed by Risu
Language:Ruby1 0
nxkennedy/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Language:PHP1 0
nxkennedy/shakedown
Shakedown scans text files for potentially malicious content. Greatly assists vetting complex security tools/frameworks before running them on a company network. (Talking to you, red teams and security engineers)
Language:Python1 0
nxkennedy/SILENTTRINITY
An asynchronous post-exploitation agent powered by Python, IronPython, C# and .NET's DLR
Language:Python1 0
nxkennedy/trape
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
Language:Python
nxkennedy/Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Language:Python2 0
nxkennedy/webshells
Various webshells. We accept pull requests for additions to this collection.
Language:PHP1 0
nxkennedy/zeroday-powershell
A PowerShell example of the Windows zero day priv esc
Language:PowerShell1 0