ac1d's repositories
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
Windows-Exploitation
Audit and pentest methodologies for Windows including internal enumeration, privesc, lateral movement, etc.
AllAboutBugBounty
All about bug websites (bypasses, payloads, and etc)
business-ctf-2024
Official writeups for Business CTF 2024: The Vault Of Hope
CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
CVE-2024-4040-SSTI-LFI-PoC
CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support
DeadPotato
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the original GodPotato source code by BeichenDream.
Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
goNtdllOverwrite
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder or a debugged process
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
mac_nimject
Shellcode execution via fibers and xor encrypted mac address shellcode
metax
MetaX - Advanced XSS Vulnerability Detector
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
nmap-did-what
Nmap Dashboard Mini Project
OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
ohmyzsh
🙃 A delightful community-driven (with 1700+ contributors) framework for managing your zsh configuration. Includes nearly 300 optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, etc), over 140 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
PartyLoader
Threadless shellcode injection tool
penelope
Penelope Shell Handler
precompiled-binaries
Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments
RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
winutil
Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates