Pinned Repositories
3XPL01t5
Random Exploits
appsec_gitleaks
Protect and discover secrets using Gitleaks 🔑
AskingCreds
PowerShell script used to steal user/admin Windows password simply by asking the user
AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
AzureRBAC
Docs and samples about privileged identity and access management in Azure
barq_aws
barq: The AWS Cloud Post Exploitation framework!
bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
BetterSafetyKatz
Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.
exploit_code
Scripts that would help while pentesting
TCM_breach-parse
A tool for parsing breached passwords
taipansec's Repositories
taipansec/exploit_code
Scripts that would help while pentesting
taipansec/appsec_gitleaks
Protect and discover secrets using Gitleaks 🔑
taipansec/bugbounty
taipansec/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
taipansec/client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
taipansec/cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
taipansec/D1rkLrd
Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time
taipansec/hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
taipansec/mimikatz
A little tool to play with Windows security
taipansec/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
taipansec/NetSPI_MicroBurst
A collection of scripts for assessing Microsoft Azure security
taipansec/NetSPI_PowerHunt
PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
taipansec/NetSPI_PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
taipansec/NetSPI_PowerShell_Stuff
NetSPI PowerShell Scripts
taipansec/NetSPI_PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
taipansec/nuclei
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
taipansec/nuclei-templates
Community curated list of templates for the nuclei engine to find a security vulnerability in application.
taipansec/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
taipansec/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
taipansec/post-exploit
taipansec/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
taipansec/SAAD_githubC2
Abusing Github API to host our C2 traffic, usefull for bypassing blocking firewall rules if github is in the target white list , and in case you don't have C2 infrastructure , now you have a free one
taipansec/securityScoreCard
taipansec/SentinelKQL
Azure Sentinel KQL
taipansec/SentinelPlaybooks
taipansec/SharpImpersonation
A User Impersonation tool - via Token or Shellcode injection
taipansec/smartbrute
Password spraying and bruteforcing tool for Active Directory Domain Services
taipansec/TCM_ADGenerator
Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.
taipansec/TCM_Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
taipansec/WinPwn
Automation for internal Windows Penetrationtest / AD-Security