Pinned Repositories
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
Beginners-Guide-to-Obfuscation
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
Wordlists-2
A collection of wordlists for many different usages.
slooppe's Repositories
slooppe/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
slooppe/Antivirus-Artifacts
Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
slooppe/apkdiff
Diff between two APK files.
slooppe/APKHunt
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
slooppe/bofhound
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
slooppe/cloudcat
aws cli pentesting/red team snippets
slooppe/disobeyrecon23.github.io
Workshop slides
slooppe/domainGain
Helps with finding and registering categorized domains
slooppe/fuzzlists
A collection of useful lists for Penetration Testing & Bug Bounty - Content Discovery, Payloads, Variables, Sandbox Escaping, etc
slooppe/HardHatC2
A c# Command & Control framework
slooppe/HostHunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
slooppe/ipatool
Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
slooppe/JNDI-Injection-Exploit-Plus
50+ Gadgets(20 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.
slooppe/Kraken
Kraken, a modular multi-language webshell coded by @secu_x11
slooppe/mulef
your bestfried for finding LinkedIn Employees on github
slooppe/n0kovo_subdomains
An extremely effective subdomain wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
slooppe/nsec3map
a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain
slooppe/nuclei-wordfence-cve
You just found a hidden gem 💎
slooppe/pp-finder
PP-finder Help you find gadget for prototype pollution exploitation
slooppe/ReconAIzer
A Burp Suite extension to add OpenAI to Burp to help you with your Bug Bounty recon!
slooppe/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
slooppe/scrcpy
Display and control your Android device
slooppe/SharpAgent
C# havoc implant
slooppe/sherlock-1
🔎 Hunt down social media accounts by username across social networks
slooppe/slooppe.github.io
slooppe/spidy
Expired Domain Name Scraper - scrap the web and find expired domains
slooppe/Split
Apply a divide and conquer approach to bypass EDRs
slooppe/succinct
A tool to create a text summary of a provided list of websites
slooppe/XSS-Catcher
Find blind XSS but why not gather data while you're at it.
slooppe/xsshunter-1