Stars
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileg…
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
Not The Hidden Wiki - The largest repository of links related to cybersecurity
This repository presents a proof-of-concept of CVE-2023-7028
[CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file for…
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Fully featured and community-driven hacking environment
gwyomarch / Exegol-images
Forked from ThePorgs/Exegol-imagesDocker images of the Exegol project
Dominate Active Directory with PowerShell.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
onedrive user enumeration - pentest tool to enumerate valid o365 users
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
Various tips & tricks
Username tools for penetration testing
Malicious Macro Generator for LibreOffice/OpenOffice
A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.
This is a simple bash script to fix errors with apt update, upgrade MetaSploit and run some upgrades to improve the system usability without breaking it, by using Pimpmykali script.