-
sqlipy Public
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
-
Burp-AnonymousCloud Public
Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
-
Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack
-
Burp-Yara-Rules Public
Yara rules to be used with the Burp Yara-Scanner extension
-
-
CloudKeyHunter Public
Scan targets via SMB for cloud key files on Windows systems
-
jnlpdownloader Public
jnlpdownloader is a Python script that takes a URL to a JNLP and downloads all the associated JARs and native libraries. Another Java based tool exists that provides this functionality, but this Py…
-
PowerSniper Public
Password spraying script and helper for creating password lists
-
-
MSOLSpray Public
Forked from dafthack/MSOLSprayA password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…
-
OfficeCracker Public
Tool to bruteforce Word, Excel, and PowerPoint office document passwords
-
RDPSpray Public
Forked from dafthack/RDPSprayTool for password spraying RDP
-
gophish Public
GoPhish is a phishing script that enables rapid deployment of phishing sites.
-
PANhunt Public
Forked from dionach/PANhuntPANhunt searches for credit card numbers (PANs) in directories.
-
bypasswaf Public
Add headers to all Burp requests to bypass some WAF products
-
Burp-UserAgent Public
Automatically modify the User-Agent header in all Burp requests
-
dirscalate Public
Dirscalate helps escalate a directory traversal vulnerability to root access (hopefully)
-
cpscam Public
Bypass captive portals by impersonating inactive users
-
droidboxhelper Public
A slight modification to the droidbox source and a helper file to convert the output into a more legible/readable form.
-
nacpersonate Public
The nacpersonate script uses configuration files to impersonate an OS likely to be allowed through the device without special authentication. The tool spoofs TCP and IP options as well as the User-…
-
p2e Public
Process to escalate to, or p2e, identifies processes on remote hosts running under potentially privileged accounts to be used for escalation in penetration tests
{{ message }}