Qazeer
Follow
Stars
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
This repository serves as a place for community created Targets and Modules for use with KAPE.
Automatic SQL injection and database takeover tool
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Cameradar hacks its way into RTSP videosurveillance cameras
C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll
Run PowerShell command without invoking powershell.exe
Automation for internal Windows Penetrationtest / AD-Security
Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
Run PowerShell with rundll32. Bypass software restrictions.
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
Simply generates a wordpress plugin that will grant you a reverse shell once uploaded. I recommend installing Kali Linux, as msfvenom is used to generate the payload.
A tool for reverse engineering Android apk files
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
A list of useful payloads and bypass for Web Application Security and Pentest/CTF