Aliens_eye - Find all social media accounts with a username!

https://github.com/BLINKING-IDIOT/Aliens_eye

​VPN server configuration software. Protocols: L2TP, PPTP, OpenVPN, WireGuard, Socks5, ShadowSocks (v2ray). | Providers: DigitalOcean, Linode, CryptoServers, Hetzner Cloud, Custom Server

https://github.com/my0419/myvpn-desktop

D1T2 - Philippe Langlois - Hacking HLR HSS and MME Core Network Elements

https://github.com/drego85/JoomlaScan
https://github.com/1N3/Sn1per
https://github.com/aboul3la/Sublist3r
https://github.com/MrMugiwara/CTF-Tools
https://github.com/asciimoo/searx
https://github.com/Dionach/CMSmap
https://github.com/shawarkhanethicalhacker/D-TECT-1
https://github.com/ron190/jsql-injection
https://github.com/khalilbijjou/WAFNinja
https://github.com/Ekultek/whitewidow
https://github.com/anarcoder/google_explorer
https://github.com/anarcoder/WordPressMassExploiter
https://github.com/anarcoder/JoomlaMassExploiter
https://github.com/Neohapsis/bbqsql
https://github.com/rezasp/vbscan/
https://github.com/screetsec/Dracnmap
https://github.com/OWASP/QRLJacking/tree/master/QrlJacking-Framework
https://github.com/k4m4/onioff
https://github.com/sepehrdaddev/blackbox
https://github.com/random-robbie/bruteforce-lists
https://github.com/random-robbie/drupwn
https://github.com/maurosoria/dirsearch
https://github.com/random-robbie/phpunit-brute
https://github.com/random-robbie/mini-php-shells
https://github.com/random-robbie/AutoRecon
https://github.com/KTN1990/WordPress-Easy-WP-SMTP-plugin-0day https://github.com/s0md3v/Photon
https://github.com/KTN1990/ACIDREVERSER
https://github.com/KTN1990/Email-Grabber
https://github.com/KTN1990/joomla-com_xcloner-upload_shell https://github.com/KTN1990/CMS https://github.com/KTN1990/PostgreSQL https://github.com/s0md3v/Breacher
https://github.com/s0md3v/Shiva
https://github.com/s0md3v/proxify
https://github.com/random-robbie/xssfinder
https://github.com/XiphosResearch/exploits
https://github.com/XiphosResearch/wp-user-enum-scripts
https://github.com/rastating/wordpress-exploit-framework
https://github.com/Bayz21/WP-3u3
https://github.com/2inf3rnal/wp-checkout-exploit
https://github.com/dr-iman/wp-content-injection-mass-exploit

imgur[.]com Subdomain Takeover | Bug Bounty
https://youtu.be/IHRVGaug3n8

Anybody Can Ban This Instagram Account https://www.instagram.com/itssneha_890/

JSON web token vulnerability [Cookie clicker] | Bug Bounty
https://youtu.be/h2PxTT9ECVU

​​SMB-Session-Spoofing

The goal of this program is to create a fake SMB Session. The primary purpose of this is to serve as a method to lure attackers into accessing a honey-device. This program comes with no warranty or guarantees.

https://github.com/Sq00ky/SMB-Session-Spoofing

https://github.com/CorrieOnly/google-dorks

43 lists of Google Dorks for a variety of purposes:

Amazon/Shopping/Carding dorks
Passwords/usernames/Juicy info dorks
Gaming/Minecraft dorks

and much more

#vulnerabilities #cybersecurity

​​CVE-2022-30525 Zyxel Mass Exploiter

Mass Exploitation tool for Zyxel devices written in Python3. This tool is NOT free to prevent abuse and do not expect to find a fix-it-all proof of concept for exploitation for free. Only for those knowledgeable.

https://github.com/ExploitPwner/CVE-2022-30525-Zyxel-Mass-Exploiter

This is not Breach

​​SMBMap

SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is intended to simplify searching for potentially sensitive data across large networks.

Some of the features have not been thoroughly tested, so changes will be forth coming as bugs are found. I only really find and fix the bugs while I'm on engagements, so progress is a bit slow. Any feedback or bug reports would be appreciated. It's definitely rough around the edges, but I'm just trying to pack in features at the moment. Version 2.0 should clean up the code a lot….whenever that actually happens ;). Thanks for checking it out!!

There's a known oddity in the SMBServer component used for the file content search feature. For some reason it throws an exception in the threading library. It still works, but the error is annoying none the less.

Features:
▫️ Pass-the-Hash Support
▫️ File upload/download/delete
▫️ Permission enumeration (writable share, meet Metasploit)
▫️ Remote Command Execution
▫️ Distrubted file content searching (beta!)
▫️ File name matching (with an auto downoad capability)

https://github.com/tothi/smbmap

#ad #samba

​​COM-Hunter

COM Hijacking VOODOO

COM-hunter is a COM Hijacking persistnce tool written in C#.

Features:
▫️ Finds out entry valid CLSIDs in the victim's machine.
▫️ Finds out valid CLSIDs via Task Scheduler in the victim's machine.
▫️ Finds out if someone already used any of those valid CLSIDs in order to do COM persistence (LocalServer32/InprocServer32).
▫️ Finds out if someone already used any of valid CLSID via Task Scheduler in order to do COM persistence (LocalServer32/InprocServer32).
▫️ Tries to do automatically COM Hijacking Persistence with general valid CLSIDs (LocalServer32/InprocServer32).
▫️ Tries to do automatically COM Hijacking Persistence via Task Scheduler.
▫️ Tries to use "TreatAs" key in order to refere to a different component.

https://github.com/nickvourd/COM-Hunter

CVE-2022-30075
Authenticated Remote Code Execution in Tp-Link Routers

2FA Verification Code Bypass Attack via Burpsuite | OTP Verification Bypass | Bug Bounty
https://youtu.be/DUm23Pfgz6k