Pinned Repositories
3XPL01t5
Random Exploits
CVE-2019-19781-CitrixRCE
Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781
cve-2020-0688-webshell-upload-technique
cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output
CVE-2020-1938-Clean-Version
CVE-2020-1938(GhostCat) clean and readable code version
Invoke-PowerCloud
Deliver powershell paylods via DNS TXT via CloudFlare using PowerShell
LonelyALPC-BypassUAC
Lonely x64 binary to Bypass Win10 UAC utilizing ALPC method with [command line]
MS08-067-Case-Study
OSWE
OSWE Preparation
Pentest-notes
Pentest stuff
wp-file-manager-0day
wp-file-manager 6.7 (Aug 2020) Wordpress Plugin 0day - Remote Code Execution
w4fz5uck5's Repositories
w4fz5uck5/wp-file-manager-0day
wp-file-manager 6.7 (Aug 2020) Wordpress Plugin 0day - Remote Code Execution
w4fz5uck5/Microsoft-Active-Sync-Timming-Attack
Microsoft-Active-Sync Timing Attack - POC
w4fz5uck5/dirble
Fast directory scanning and scraping tool
w4fz5uck5/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
w4fz5uck5/azucar
Security auditing tool for Azure environments
w4fz5uck5/BadTooth
Python Game Cheat Framework
w4fz5uck5/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
w4fz5uck5/dazzleUP
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.
w4fz5uck5/DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
w4fz5uck5/Genshin-Bypass
An Anti-Cheat Bypass for Genshin Impact that allows you to inject any dlls into the protected game.
w4fz5uck5/GyoiThon
GyoiThon is a growing penetration test tool using Machine Learning.
w4fz5uck5/house
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
w4fz5uck5/idaplugins-list
A list of IDA Plugins
w4fz5uck5/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
w4fz5uck5/moneta
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
w4fz5uck5/NSLogger
A modern, flexible logging tool
w4fz5uck5/PowerZure
PowerShell script to "interact" with Azure
w4fz5uck5/rengine
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
w4fz5uck5/Rubeus
Trying to tame the three-headed dog.
w4fz5uck5/scant3r
ScanT3r - Web Security Scanner
w4fz5uck5/singularity
A DNS rebinding attack framework.
w4fz5uck5/SocksOverRDP
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
w4fz5uck5/sourcemapper
Extract JavaScript source trees from Sourcemap files
w4fz5uck5/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
w4fz5uck5/Unity-game-hacking
A guide for hacking unity games
w4fz5uck5/VmwareHardenedLoader
Vmware Hardened VM detection mitigation loader (anti anti-vm)
w4fz5uck5/Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
w4fz5uck5/Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion
PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
w4fz5uck5/wordpress-exploits
All known and unknown public POC's for wordpress themes and plugins
w4fz5uck5/wpbullet
A static code analysis for WordPress (and PHP)