VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
https://github.com/l0ggg/VMware_vCenter
https://github.com/l0ggg/VMware_vCenter
A Visual Studio template used to create #Cobalt_Strike BOFs
https://github.com/securifybv/Visual-Studio-BOF-template
#Cobalt_Strike BOF - Bypass AMSI in a remote process with code injection
https://github.com/boku7/injectAmsiBypass
Tool for working with Direct System Calls in #Cobalt_Strike's Beacon Object Files (BOF) via Syswhispers2
https://github.com/Sh0ckFR/InlineWhispers2
A Beacon Object File (BOF) for #Cobalt_Strike which uses direct system calls to enable WDigest credential caching
https://github.com/outflanknl/WdToggle
https://github.com/securifybv/Visual-Studio-BOF-template
#Cobalt_Strike BOF - Bypass AMSI in a remote process with code injection
https://github.com/boku7/injectAmsiBypass
Tool for working with Direct System Calls in #Cobalt_Strike's Beacon Object Files (BOF) via Syswhispers2
https://github.com/Sh0ckFR/InlineWhispers2
A Beacon Object File (BOF) for #Cobalt_Strike which uses direct system calls to enable WDigest credential caching
https://github.com/outflanknl/WdToggle
scanner that detects #CVE-2021-21980 vulnerabilities VMware vCenter earlier versions (7.0.2.00100)
https://github.com/Osyanina/westone-CVE-2021-21980-scanner
Plex media server local privilige escalation poc #CVE-2021-42835
https://github.com/netanelc305/PlEXcalaison
Python tool for exploiting #CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
https://github.com/Osyanina/westone-CVE-2021-21980-scanner
Plex media server local privilige escalation poc #CVE-2021-42835
https://github.com/netanelc305/PlEXcalaison
Python tool for exploiting #CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
Master the command line in one page
https://github.com/jlevy/the-art-of-command-line
All sysmon event types and their fields explained
https://github.com/olafhartong/sysmon-cheatsheet
https://github.com/jlevy/the-art-of-command-line
All sysmon event types and their fields explained
https://github.com/olafhartong/sysmon-cheatsheet
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet
https://github.com/fatedier/frp
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration
https://github.com/XTLS/Xray-core
https://github.com/fatedier/frp
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration
https://github.com/XTLS/Xray-core
ByPass SSL Pinning with IP Forwarding | iptables
https://medium.com/@yoshimlutfi/bypass-ssl-pinning-with-ip-forwarding-iptables-568171b52b62
Microsoft Internet Explorer Active-X Control Security Bypass
https://packetstormsecurity.com/files/165160/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt
https://medium.com/@yoshimlutfi/bypass-ssl-pinning-with-ip-forwarding-iptables-568171b52b62
Microsoft Internet Explorer Active-X Control Security Bypass
https://packetstormsecurity.com/files/165160/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt
#Bugbounty Resources
https://github.com/aufzayed/bugbounty
Poc, EXP, scripts, privilege escalation, gadgets, etc related to penetration testing
https://github.com/Mr-xn/Penetration_Testing_POC
https://github.com/aufzayed/bugbounty
Poc, EXP, scripts, privilege escalation, gadgets, etc related to penetration testing
https://github.com/Mr-xn/Penetration_Testing_POC
Intranet #penetration tools
https://github.com/Al1ex/Pentest-tools
Rust Weaponization for #Red_Team Engagements
https://github.com/trickster0/OffensiveRust
https://github.com/Al1ex/Pentest-tools
Rust Weaponization for #Red_Team Engagements
https://github.com/trickster0/OffensiveRust
Kali Intelligence Suite (KIS) is an intelligence gathering and data mining tool for penetration testers
https://github.com/chopicalqui/KaliIntelligenceSuite
A cross platform RAT
https://github.com/hash3liZer/SillyRAT
https://github.com/chopicalqui/KaliIntelligenceSuite
A cross platform RAT
https://github.com/hash3liZer/SillyRAT
#fileless-xec used on target machine to stealthy execute a binary file located on attacker machine
https://github.com/ariary/fileless-xec
Linux post #exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace
https://github.com/d4rk007/RedGhost
Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client
https://github.com/d4rk007/sak1to-shell
https://github.com/ariary/fileless-xec
Linux post #exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace
https://github.com/d4rk007/RedGhost
Multi-threaded, multi-os/platform (Linux/Windows) c2 server and Windows reverse TCP shell client
https://github.com/d4rk007/sak1to-shell
Automatically spawn a reverse shell fully interactive for Linux or Windows victim
https://github.com/nodauf/Girsh
Injects code into ELF executables post-build
https://github.com/zznop/drow
https://github.com/nodauf/Girsh
Injects code into ELF executables post-build
https://github.com/zznop/drow
User enumeration and password #bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
https://github.com/nodauf/GoMapEnum
NoSql Injection CLI tool, for finding #vulnerable websites using MongoDB
https://github.com/Charlie-belmer/nosqli
https://github.com/nodauf/GoMapEnum
NoSql Injection CLI tool, for finding #vulnerable websites using MongoDB
https://github.com/Charlie-belmer/nosqli
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Cloud service provider security mistakes (AWS و GCP و Azure)
https://github.com/SummitRoute/csp_security_mistakes
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Cloud service provider security mistakes (AWS و GCP و Azure)
https://github.com/SummitRoute/csp_security_mistakes
#Ransomware #python open source 🔐
https://github.com/HugoLB0/Ransom0
#Rust Ransomware
https://github.com/cdong1012/Rust-Ransomware
#PHP Ransomware
https://github.com/ivan-sincek/php-ransomware
#Android Ransomware
https://github.com/termuxhackers-id/SARA
#Linux Ransomware
https://github.com/tarcisio-marinho/GonnaCry
https://github.com/HugoLB0/Ransom0
#Rust Ransomware
https://github.com/cdong1012/Rust-Ransomware
#PHP Ransomware
https://github.com/ivan-sincek/php-ransomware
#Android Ransomware
https://github.com/termuxhackers-id/SARA
#Linux Ransomware
https://github.com/tarcisio-marinho/GonnaCry