scirusvulgaris's Stars
s0md3v/roop
one-click face swap
dnSpy/dnSpy
.NET debugger and assembly editor
moonD4rk/HackBrowserData
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
megadose/holehe
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
neuralchen/SimSwap
An arbitrary face-swapping framework on images and videos with one single trained model!
lanmaster53/recon-ng
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
devanshbatham/ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
last-byte/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
phra/PEzor
Open-Source Shellcode & PE Packer
swisskyrepo/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
stamparm/DSVW
Damn Small Vulnerable Web
stamparm/identYwaf
Blind WAF identification tool
p0dalirius/windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
scadastrangelove/SCADAPASS
SCADA StrangeLove Default/Hardcoded Passwords List
wofeiwo/webcgi-exploits
Multi-language web CGI interfaces exploits.
xaitax/Chrome-App-Bound-Encryption-Decryption
Tool to decrypt App-Bound encrypted keys in Chrome 127+, using the IElevator COM interface with path validation and encryption protections.
cc1a2b/JShunter
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for and bug bounty hunters and security researchers.
c6fc/warcannon
High speed/Low cost CommonCrawl RegExp in Node.js
rcx/shellcode_encoder
x64 printable shellcode encoder
digininja/vuLnDAP
A vulnerable LDAP based web app written in Golang
asterictnl-lvdw/CVE-2024-6387
Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)
kh4sh3i/ProxyShell
CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
bluefrostsecurity/Windows-Drive-Remapping-EoP
monoidic/TLDR2
rissor41/SolarWinds-CVE-2021-35250
Supremolink81/TTSCeleb
A TTS app where you can clone the voices of any person you wish.
matrix/impacket
Impacket is a collection of Python classes for working with network protocols.