Pinned Repositories
ACEshark
ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.
BabelStrike
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurring from scraped employee name lists (e.g. from Linkedin). 2. to transliterate a wordlist that may include words/phrases written in multiple (non-Englis
eviltree
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
pentest-pivoting
A compact guide to network pivoting for penetration testings / CTF challenges.
PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
psudohash
Generates millions of keyword-based password mutations in seconds.
toxssin
An XSS exploitation command-line interface and payload generator.
Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
wwwtree
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
t3l3machus's Repositories
t3l3machus/Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
t3l3machus/hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
t3l3machus/psudohash
Generates millions of keyword-based password mutations in seconds.
t3l3machus/PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
t3l3machus/eviltree
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
t3l3machus/pentest-pivoting
A compact guide to network pivoting for penetration testings / CTF challenges.
t3l3machus/wwwtree
A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
t3l3machus/BabelStrike
The purpose of this tool is: 1. to transliterate and generate possible usernames out of a full names list that may include names written in multiple (non-English) languages, common problem occurring from scraped employee name lists (e.g. from Linkedin). 2. to transliterate a wordlist that may include words/phrases written in multiple (non-Englis
t3l3machus/Synergy-httpx
A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
t3l3machus/CVE-2023-22960
This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.
t3l3machus/ACEshark
ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.
t3l3machus/OWASP-Testing-Guide-Checklist
OWASP based Web Application Security Testing Checklist
t3l3machus/Awesome-AI
t3l3machus/cybersec-service-metrics
A spreadsheet designed to automatically generate Key Performance Indicators (charts) for Cyber Security Services based on documented data, powered by formulas (no MACROS). Ideal for Team leaders / Managers of small-medium sized organizations.
t3l3machus/t3l3machus
t3l3machus/ssh-log-alert
Receive email alerts on successful ssh logins based on a predefined IP whitelist OR a predefined IP country origin whitelist (using mailgun)
t3l3machus/gmail-ssh-log-alert
Receive email alerts on successful ssh logins based on a predefined IP whitelist OR a predefined IP country origin whitelist (using gmail)
t3l3machus/reverse-shell-generator
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
t3l3machus/YouTube-Example-Scripts
t3l3machus/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
t3l3machus/.github
t3l3machus/resolvers