Anas Lachheb's repositories
403jump
HTTP 403 bypass tool
Above_InvisibleNetworkProtocolSniffer
Invisible network protocol sniffer
BloodHound
Six Degrees of Domain Admin
BlueDucky
🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)
BlueSpy
PoC to record audio from a Bluetooth device
BrowserBruter
BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
chisel
A fast TCP/UDP tunnel over HTTP
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
CVE-2024-4577
PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
GOAD
game of active directory
gourlex
Gourlex is a simple tool that can be used to extract URLs and paths from web pages.
HardenAD
Hardening Active Directory version 2
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
malicious_ip_addresses_EU
These are the IP addresses of the most active C2/Botnets/Zombies/Scanners in European Cyber Space
muraena
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
pwndoc
Pentest Report Generator
RedCloud-OS-CWL
RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
sqlmc
Check all urls of a domain for SQL injections :)
Subdominator
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
theZoo_MalwareAnalysis
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
web-check
🕵️♂️ All-in-one OSINT tool for analysing any website