phra
OSCE // OSCP // Ethical Hacker & Red Teamer // Full Stack Developer // JavaScript Enthusiast // Staff Member of @BolognaJS // CTF player at @d0nkeys
@d0nkeys @BolognaJS Amsterdam, NL
Pinned Repositories
redteam
Red Team Scripts by d0nkeys (ex SnadoTeam)
jest
Delightful JavaScript Testing.
await-to-ts
http://blog.grossman.io/how-to-write-async-await-without-try-catch-blocks-in-javascript/
crosser
A Reflected / Stored / DOM XSS Scanner based on Headless Chrome Node API via Puppeteer
nodebuster
DirBuster for Node.js
PEzor
Open-Source Shellcode & PE Packer
rustbuster
A Comprehensive Web Fuzzer and Content Discovery Tool
x0rro
A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
metasploit-framework
Metasploit Framework
phra's Repositories
phra/PEzor
Open-Source Shellcode & PE Packer
phra/rustbuster
A Comprehensive Web Fuzzer and Content Discovery Tool
phra/x0rro
A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
phra/crosser
A Reflected / Stored / DOM XSS Scanner based on Headless Chrome Node API via Puppeteer
phra/await-to-ts
http://blog.grossman.io/how-to-write-async-await-without-try-catch-blocks-in-javascript/
phra/http-check
HTTP Header Analysis Vulnerability Tool
phra/inspector-exploiter
Execute commands via Node.js debug port and inspector protocol
phra/zero-width-fingerprint-detection-extension
A browser extension to detect when zero-width characters are used to fingerprint cut/copied/pasted text.
phra/console-caller
Do you want to easily find out which line of your code is printing that thing? This is the right module for you!
phra/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
phra/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
phra/phra.github.io
phra/detection-rules
Rules for the Detection Engine in Elastic Security
phra/gef
GEF - GDB Enhanced Features for exploit devs & reversers
phra/obfuscator
ollvm,base on llvm-clang 5.0.2, 6.0.1 , 7.0.1,8.0,9.0,9.0.1,swift-llvm-clang 5.0(waiting support swift obfuscator)
phra/Awesome-Profile-README-templates
A collection of awesome readme templates to display on your profile
phra/CS-BOFs
Collection of CobaltStrike beacon object files
phra/graphql-apollo-react-chat
phra/mimikatz
A little tool to play with Windows security
phra/mingw-pe-resources-example
Based on https://bigcode.wordpress.com/2016/12/21/mingw-windows-icon-resource-example/
phra/Recon-AD
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
phra/SharpChromium
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
phra/SharpMove
.NET Project for performing Authenticated Remote Execution
phra/SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
phra/UACME
Defeating Windows User Account Control
phra/dumb-obfuscator
Tutorial on how to write the dumbest obfuscator I could think of.
phra/metasploit-framework
Metasploit Framework
phra/notevil
Evalulate javascript like the built-in javascript eval() method but safely.
phra/phra
phra/postwoman
👽 A free, fast and beautiful API request builder (web alternative to Postman) https://postwoman.io