82goober82's repositories
requests
Python HTTP Requests for Humans™ ✨🍰✨
unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
CredDefense
Credential and Red Teaming Defense for Windows Environments
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
gitleaks
Searches full repo history for secrets and keys 🔑
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
winpirate
to grab or steal the password of systemAutomated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords Download git clone https://github.com/pourquoibenoit/WinPirate.git This project is still in progress Estimated Completion Date: soon…ish Here’s the plan. We create a way to automate doing the sticky keys windows hack from a bootable USB. Then, we automate getting as many saved passwords as possible, drop a listener, and delete all traces that we were there. All without being detected by antivirus we should add a mimikittenz option if the computer was found running and unlocked, otherwise we can just run it later remotely How to Use Requirements: a linux bootable USB, this repo on the USB (not in the OS, just put it in the root directory) chromepasswords.py requires PyWin32 If the computer is locked: 1) shutdown windows (make sure not hibernating by holding shift while pressing shut down) 2) hit F12 and select USB 3) sudo -i 4) fdisk -l (note: if you’re on Kali Linux, run parted -l) 5) mkdir /media/windows 6) mount /dev/WHATEVERTHEWINDOWSPARTITIONWASCALLED /media/windows -t ntfs 7) run Stickykeys.sh 8) restart and boot to Windows 9) hit Shift 5 times fast, a command prompt will appear 10) cd to the USB and run WinPirate.bat If the computer isn’t locked: cd to the USB and run Run.bat (this will run WinPirate.bat silently in the background, it should be done in < 10 seconds Current Issues 1) The chrome passwords grabber that I made is still a .py For it to work, I need to convert it to exe so it doesn’t require python to be installed on the system. You can run it with python chromepasswords.py -csv and it will decrypt the Chrome saved passwords database and export it as a CSV 2) The sticky keys automation doesn’t speed the process up as much as I previously thought, as evident by the lengthy “How to Use” section 3) I haven’t been able to write any tools that grab passwords for IE or Firefox Source: https://github.com/pourquoibenoit/WinPirate
gettorbrowser
This is a repository to provide links for downloading Tor Browser from Github.
nightwatcher
mine
iChainbreaker
Breaking the iCloud Keychain Artifacts
krackinfo
Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack)
infernal-twin
wireless hacking - This is automated wireless hacking tool
open-in
Send URLs from one browser to another one
CIA-Hacking-Tools
WikiLeaks Vault 7 CIA Hacking Tools
TrackUrl
A Bash/JS Script For Tracking Locations
burner-phone-challenge
Can you identify a burner phone from a stream of (fake) AT&T Hemisphere data?
macchanger
click on CLICKME.sh and it downloads macchanger then changes it's own name and finally spoofes your mac address, you just need to give it exacutable permisions.
Pompem
Find exploit tool
Hacking-Tools-Repository
A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
EQGRP
Decrypted content of eqgrp-auction-file.tar.xz
iDict
iCloud Apple iD BruteForcer
dirbuster-ng
dirbuster-ng is C CLI implementation of the Java dirbuster tool
pushpin-web
Monitor geotagged social media from multiple platforms in real time.