Pinned Repositories
apache-log-parser
burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
CheckPoint-Firewall-Enum
simple bash script to obtain the firewall's hostname and ICA name
lfimap
Local file inclusion discovery and exploitation tool
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
ShadowScan
"ShadowScan captures the essence of stealthiness, slow scanning, and the pursuit of vulnerabilities like low-hanging fruit.
toaster
srand2's Repositories
srand2/CheckPoint-Firewall-Enum
simple bash script to obtain the firewall's hostname and ICA name
srand2/ShadowScan
"ShadowScan captures the essence of stealthiness, slow scanning, and the pursuit of vulnerabilities like low-hanging fruit.
srand2/certsync
Dump NTDS with golden certificates and UnPAC the hash
srand2/Crassus
accenture ++ windows priv escalation finder
srand2/fav-up
IP lookup by favicon using Shodan
srand2/GraphCrawler
GraphQL automated security testing toolkit
srand2/gron
Make JSON greppable!
srand2/ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
srand2/kali-tips
srand2/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
srand2/KnowledgeSharingWebHacks
srand2/Kraken
Kraken, a modular multi-language webshell coded by @secu_x11
srand2/krbjack
A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.
srand2/leaky-paths
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
srand2/Microsoft-Activation-Scripts
A Windows and Office activator using HWID / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
srand2/NcRok
Netcat&ngrok automation
srand2/NMapify
NMapify is a Python tool that creates mind maps to visualize network layouts using Nmap. It also generates test cases for each identified port to assist pentesters in conducting efficient network pentests.
srand2/noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
srand2/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
srand2/Pentest-Tools-Collection
srand2/PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
srand2/rmm
Recon MindMap (RMM)
srand2/ShadowClone
Unleash the power of cloud
srand2/sns
IIS shortname scanner written in Go
srand2/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
srand2/toolbox-pentest-web
Docker toolbox for pentest of web based application.
srand2/waf-bypass
Check your WAF before an attacker does
srand2/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
srand2/Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
srand2/XSS-Bypass-Filters