surbo

Pinned Repositories

ABC
Script to check a list of passwords against haveibeenpwned.com/Passwords without sharing the real password.
Language:Shell4 1 01
herohunter
Searches urlscan.io submissions for webpages that contain common phishing files such as common credential login splash pages.
Language:Python1 1 00
HTTP-Info
Homemade urlscan.io in a docker container
Language:Python1 1 00
knockknock
How to test if FireEye is inline
1 1 00
OVERFLOW
Microsoft Flow Attack Framework
Language:Shell23 2 01
rumpshaker
Zoom Vulnerability URL path that allows an unauthenticated attacker to guess a meeting room id. Successful exploit may lead to sensitive information disclosure as well as access to a valid meeting id.
1 1 01
St2-057
St2-057 Poc Example
Language:Shell1 1 00
vulhub
Docker-Compose files for vulnerability environments
Language:Shell1 1 00

surbo's Repositories

surbo/OVERFLOW
Microsoft Flow Attack Framework
Language:Shell23 2 01
surbo/ABC
Script to check a list of passwords against haveibeenpwned.com/Passwords without sharing the real password.
Language:Shell4 1 01
surbo/herohunter
Searches urlscan.io submissions for webpages that contain common phishing files such as common credential login splash pages.
Language:Python1 1 00
surbo/HTTP-Info
Homemade urlscan.io in a docker container
Language:Python1 1 00
surbo/knockknock
How to test if FireEye is inline
1 1 00
surbo/rumpshaker
Zoom Vulnerability URL path that allows an unauthenticated attacker to guess a meeting room id. Successful exploit may lead to sensitive information disclosure as well as access to a valid meeting id.
1 1 01
surbo/St2-057
St2-057 Poc Example
Language:Shell1 1 00
surbo/vulhub
Docker-Compose files for vulnerability environments
Language:Shell1 1 00
surbo/April
1 0
surbo/artillery
The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
Language:Python1 0
surbo/BloodHound
Six Degrees of Domain Admin
Language:PowerShell0 0
surbo/cortex_urlscan_analyzer
Cortex analyzer for urlscan.io.
Language:Python1 0
surbo/CyberChef-VBS
The start of vbs tool for cyberchef
1 0
surbo/elevate
surbo/ESPCanary
Language:C++0 0
surbo/Golang_Reverse_HTTPS_Meterpreter
A reverse https meterpreter payload written in Go
Language:Go0 0
surbo/hhupd.exe
1 0
surbo/Invoke-LoginPrompt
Invokes a Windows Security Login Prompt and outputs the clear text password.
Language:PowerShell
surbo/log4jscanwin
Log4j Vulnerability Scanner for Windows
Language:C0 0
surbo/MISC
1 0
surbo/misp-modules
Modules for expansion services, import and export in MISP
Language:Python
surbo/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Language:PowerShell1 0
surbo/reverse_ssh
By far one of the stupidest things I've been thinking of for a while. Have an ssh client connect to a server, and then provide the server the ability to control the client
surbo/Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
Language:PowerShell0 0
surbo/WARP-ZONE
Download tool-kits and other payloads by blending in with Microsoft Azure Infrastructure. Bypass web proxy restrictions when downloading files.
Language:PowerShell1 0
surbo/workbench
1 0
surbo/xmlrpc-scan
Scan a list of domain names looking for XMLRPC.php
Language:Shell1 0