pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Notes and resources for the Active Directory YouTube series on https://youtube.com/JohnHammond010

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Convenient print function overwritten with terminal color specifications for Python 2.* and 3.* both.

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a …

A generic post-processing injector for games and video software.

Compilation of Resources from TCM's Windows Priv Esc Udemy Course

Kali Linux Fixes for Newly Imported VM's

A redteam tool to obfuscate IPv4 addresses to evade AV or Application Firewalls

Nessus Parser

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

Terminal countdown timer, written in Go

A shell countdown timer

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

StreamFX is a plugin for OBS® Studio which adds many new effects, filters, sources, transitions and encoders! Be it 3D Transform, Blur, complex Masking, or even custom shaders, you'll find it all h…

Lightweight, high-level, multi-paradigm programming language Script used with Open Broadcaster Software®️ (OBS)

Resources for TCM Security Linux 101 course

A little tool to play with Windows security

SSRF testing tool

Damn Vulnerable IOS App (DVIA) is an IOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their IOS penet…

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Automated reconnaissance wrapper — TomNomNom's meg on steroids.

ASN reconnaissance script

ASN reconnaissance script

The Bug Hunters Methodology

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"

OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.

A collection of hacks and one-off scripts