List of Awesome CobaltStrike Resources

https://github.com/zer0yu/Awesome-CobaltStrike

Cobalt-Strike-CheatSheet
https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet

Latest Vulnerabilities and Exploits

1_ ProxyShell
_ https://github.com/ktecv2000/ProxyShell
_ https://github.com/dmaasland/proxyshell-poc
_ https://github.com/Udyz/proxyshell-auto

2_ proxylogon
https://github.com/Udyz/Automatic-Proxylogon-Exploit

3_ HAProxy HTTP Smuggling
https://github.com/knqyf263/CVE-2021-40346

4_ Sequoia PoC
https://github.com/ChrisTheCoolHut/CVE-2021-33909

5_ RCE 0-day for GhostScript 9.50
https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50

6_ CVE-2021-26084:
Confluence Server Webwork OGNL Injection
https://github.com/alt3kx/CVE-2021-26084_PoC

RCE PoC:
https://github.com/FanqXu/CVE-2021-26084

1_ Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

https://github.com/lockedbyte/CVE-2021-40444

https://github.com/Udyz/CVE-2021-40444

https://github.com/Udyz/CVE-2021-40444-Sample

2_ Atlassian Confluence Pre-Auth RCE

https://github.com/Udyz/CVE-2021-26084

A collection of more than 140+ tools, scripts, cheatsheets and other loots that for Red Teaming/Pentesting/IT Security

https://github.com/mgeeky/Penetration-Testing-Tools

42 ثغرة أمنية يتم استغلالها بواسطة مجموعات الفدية تشمل أكثر من 17 منتج
https://twitter.com/uuallan/status/1438899102448820224

أحدث 20 موضوع حول نقاط الضعف المختلفة
https://github.com/CHYbeta/Vuln100Topics20

Latest Vulnerabilities and Exploits

CVE-2021-3449 OpenSSL denial-of-service exploit
https://github.com/terorie/cve-2021-3449

ProxyToken
https://github.com/bhdresh/CVE-2021-33766-ProxyToken

CVES Xstream-1.4.17
https://github.com/zwjjustdoit/Xstream-1.4.17

CVE-2021-36934/HiveNightmare/SeriousSAM
https://github.com/cube0x0/CVE-2021-36934

How to exploit a vulnerable windows driver Exploit for AsrDrv104 sys
https://github.com/stong/CVE-2020-15368

CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel
https://github.com/0vercl0k/CVE-2021-32537

CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch sys
https://github.com/0vercl0k/CVE-2021-28476

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
https://github.com/klezVirus/CVE-2021-40444

Exploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack
https://github.com/lhashashinl/CVE-2021-37152

Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
https://github.com/horizon3ai/CVE-2021-38647

Proof of Concept Exploit for vCenter CVE-2021-21972
https://github.com/horizon3ai/CVE-2021-21972

Proof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893
https://github.com/ZephrFish/CVE-2021-22893

CVE-2021-33766 (ProxyToken)
https://github.com/demossl/CVE-2021-33766-ProxyToken

CVE-2021-2456
https://github.com/peterjson31337/CVE-2021-2456

CVE-2021-38647 POC for RCE
https://github.com/midoxnet/CVE-2021-38647

CVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection
https://github.com/alt3kx/CVE-2021-26084_PoC
https://github.com/r0ckysec/CVE-2021-26084_Confluence
https://github.com/march0s1as/CVE-2021-26084


CVE-2021-21551 Dell Driver EoP
https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)
https://github.com/lntrx/CVE-2021-28663

CVE-2021-40353 openSIS 8.0 SQL Injection
https://github.com/5qu1n7/CVE-2021-40353

CVE-2021-28476 Ubuntu 20.04
https://github.com/sh4m2hwz/CVE-2021-28476-tools-env

my exp for chrome V8 CVE-2021-30551
https://github.com/xmzyshypnc/CVE-2021-30551

POC of CVE-2021-2394
https://github.com/lz2y/CVE-2021-2394

WordPress Backup Guard Authenticated Remote Code Execution Exploit
https://github.com/0dayNinja/CVE-2021-24155.rb

Exploit code for CVE-2021-33909,Just a dump of removed
https://github.com/bbinfosec43/CVE-2021-33909

Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts
https://github.com/nullsecuritynet/tools

Hacker tools on Go
https://github.com/dreddsa5dies/goHackTools

Red Team Scripts
https://github.com/d0nkeys/redteam

hack tools 2017 - 2020
https://github.com/hacktoolspack/hack-tools

قائمة شاملة لأفضل اختصارات و أوامر لينكس

https://gto76.github.io/linux-cheatsheet/

بعض أدوات التخمين
وقوائم كلمات المرور

أدوات الشبكة
hydra
https://github.com/vanhauser-thc/thc-hydra

patator
https://github.com/lanjelot/patator

cerbrutus
https://github.com/Cerbrutus-BruteForcer/cerbrutus

bruteforce SSH
https://github.com/kitabisa/ssb

BruteX
https://github.com/1N3/BruteX

الشبكات الإجتماعية
facebook
https://github.com/IAmBlackHacker/Facebook-BruteForce

instagram
https://github.com/Bitwise-01/Instagram-

twitter
https://github.com/0xfff0800/Brute-Forc-Twitter-

gmail
https://github.com/Ha3MrX/Gemail-Hack

المواقع وإدارة المحتوى
XBruteForcer
https://github.com/Moham3dRiahi/XBruteForcer

CMSeeK
https://github.com/Tuhinshubhra/CMSeeK

Brute-Force-Login
https://github.com/Sanix-Darker/Brute-Force-Login
------------ ------------ ------------
قوائم بأسماء المستخدمين وكلمات المرور المختلفة
SecLists
https://github.com/danielmiessler/SecLists

pydictor
https://github.com/LandGrey/pydictor

bruteforce-database
https://github.com/duyet/bruteforce-database

wordlists
https://github.com/assetnote/wordlists

crunch
https://github.com/crunchsec/crunch

GENESIS
https://github.com/Sanix-Darker/GENESIS

20 أداة مختلفة
أفضل بديل لـ TeamViewer و AnyDesk بلغة Rust مجانية ومفتوحة المصدر وتعمل على ويندوز ولينكس وأندرويد
https://github.com/rustdesk/rustdesk

للبحث عن أجهزة أندرويد ضعيفة في جميع أنحاء العالم واستغلالها
https://github.com/0x1CA3/AdbNet

لتحويل الملفات بصيغة DLL إلى صيغة EXE
https://github.com/hasherezade/dll_to_exe

لفحص وتحليل النظام من المواد الضارة
https://github.com/hasherezade/pe-sieve

للبحث عن آخر الأخبار ومقاطع الفيديو ونقاط الضعف والـ CVEs
https://github.com/PwnedShell/Bugs-feed

لإيقاف سجل أحداث الويندوز
https://github.com/hlldz/Phant0m

استغلال بعض نقاط الضعف في معظم كاميرات المراقبة
https://github.com/EntySec/CamOver

لتشفير حركة مرور DNS والمصادقة عليها
https://github.com/DNSCrypt/dnscrypt-proxy

التصيد وهجمات Illicit Consent Grant
https://github.com/AlteredSecurity/365-Stealer

لتحديد نقاط الضعف لمواقع ال من خلال هجمات ddos
https://github.com/Cyberlands-io/epiphany

لمسح واستغلال ثغرات xss
https://github.com/kleiton0x00/ppmap

لتكوين جدار الحماية لتوزيعات لينكس
https://github.com/philippecrowdsec/iptables-nftables-multiroute-firewall

لمسح قائمة من النطاقات الفرعية
وتحديد النطاقات التي يمكن اختراقها
https://github.com/haccer/subjack

لعمل بايلود وأدوات المسح الضوئي و
ddos
https://github.com/Malam-X/DragonMS

للحصول على screenshot لموقع ويب محدد من خلال عنوان url
https://github.com/sensepost/gowitness

الفحص العميق وتحليل الأدلة الجنائية للشبكة
https://github.com/odedshimon/BruteShark

لمنع الإعلانات والتتبع لمواقع الإنترنت
https://github.com/AdguardTeam/AdGuardHome

صفحة ويب html لجمع المعلومات بطريقة سهلة
https://github.com/abhijithb200/investigator

جمع بيانات الإعتماد من خلال زيارة موقع ويب
https://github.com/ustayready/CredSniper

BugBountyScanner
https://github.com/chvancooten/BugBountyScanner

#CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD

https://github.com/AlteredSecurity/CVE-2021-38647

Scan for evidence of #CVE-2021-30860 (FORCEDENTRY) exploit

https://github.com/Levilutz/CVE-2021-30860

#PoC CVE-2021-30632 - Out of bounds write in V8
Tested against Samsung Internet Browser v15.0.2.47, which does not yet have Google's patch

https://github.com/Phuong39/PoC-CVE-2021-30632

[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] WaitForUpdate

https://github.com/hosch3n/ProxyVulns