pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Notes and resources for the Active Directory YouTube series on https://youtube.com/JohnHammond010

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

Convenient print function overwritten with terminal color specifications for Python 2.* and 3.* both.

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a …

A generic post-processing injector for games and video software.

Compilation of Resources from TCM's Windows Priv Esc Udemy Course

Nessus Parser

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

StreamFX is a plugin for OBS® Studio which adds many new effects, filters, sources, transitions and encoders! Be it 3D Transform, Blur, complex Masking, or even custom shaders, you'll find it all h…

Lightweight, high-level, multi-paradigm programming language Script used with Open Broadcaster Software®️ (OBS)

Resources for TCM Security Linux 101 course

A little tool to play with Windows security

SSRF testing tool

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"

A collection of hacks and one-off scripts

This script is intended to automate your reconnaissance process in an organized fashion

A Powerful Subdomain Takeover Tool

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powe…

clock in bash

HTML ASCII Art Maker

A script that you can run in the background!

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A collection of awesome penetration testing resources

Automatic Service Enumeration Script

PoC for Zerologon - all research credits go to Tom Tervoort of Secura

Simple web interface to allow VPNs to be started and stopped easily

SSL/TLS cipher testing tool

A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.