Pinned Repositories
CORScanner
Fast CORS misconfiguration vulnerabilities scannerš»
Exploits
Invoke-Recon
"Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' lab from pentesteracademy.
killswitch
VPN Killswitch
mitm
Repository housing my 'man in the middle' project dealing with mitmproxy (Defeating HTTPS/HSTS, JS injection, DNS spoofing)
pentest
Custom tools and projects about security
phackt.github.io
https://phackt.com
stager.dll
Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/
wptsextensions.dll
WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
windapsearch
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
phackt's Repositories
phackt/stager.dll
Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/
phackt/pentest
Custom tools and projects about security
phackt/Invoke-Recon
"Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' lab from pentesteracademy.
phackt/wptsextensions.dll
WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
phackt/mitm
Repository housing my 'man in the middle' project dealing with mitmproxy (Defeating HTTPS/HSTS, JS injection, DNS spoofing)
phackt/phackt.github.io
https://phackt.com
phackt/Exploits
phackt/killswitch
VPN Killswitch
phackt/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
phackt/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
phackt/webapp
Secure Java WebApp (Java 8, Spring Security, XSS, CSRF, CORS, HSTS, ...)
phackt/xsssniper
An automatic XSS discovery tool
phackt/CORScanner
Fast CORS misconfiguration vulnerabilities scannerš»
phackt/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
phackt/Amass
In-depth Attack Surface Mapping and Asset Discovery
phackt/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
phackt/Crypto-Honeypot-Detector
The project aims to identify crypto honeypots in many chains.
phackt/Drupalgeddon2
Exploit for Drupalgeddon 2 - CVE-2018-7600
phackt/gateio-crypto-trading-bot-binance-announcements-new-coins
This is a crypto trading bot that scans the Binance Annoucements page for new coins, and places trades on Gateio
phackt/labs
Labs setup for tests & experimentations
phackt/p5-ssl-tools
various standalone perl scripts
phackt/PetitPotam
phackt/PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
phackt/PrintNightmare
phackt/puppeteer-examples
Puppeteer example scripts for running Headless Chrome from Node. Run them at https://puppeteersandbox.com
phackt/ReconJSON
Recon.json is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.
phackt/SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
phackt/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
phackt/windapsearch
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
phackt/zimbra_poc
Zimbra XXE+SSRF+UPLOAD Poc