Fr4nzisko's repositories
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Escalacion_de_Privilegios_en_Windows
Script que te ayudará a crear tu propio laboratorio de escalada de privilegios local en Windows 10 Pro x64 y Windows 11 Pro.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
bypass-403
A simple script just made for self use for bypassing 403
CARTP-Scripts
Random scripts that I used in the CARTP course lab & final exam.
ChromeKatz
Dump cookies directly from Chrome process memory
command-injection-payload-list
🎯 Command Injection Payload List
csv-injection-payloads
🎯 CSV Injection Payloads
CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check
Chequea si tu firewall es vulnerable a CVE-2024-21762 (RCE sin autenticación)
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find some bugs :)
GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
grok-1
Grok open release
Invoke-Obfuscation
PowerShell Obfuscator
MultCheck
Identifies bad bytes from static analysis with any Anti-Virus scanner.
sql-injection-payload-list
🎯 SQL Injection Payload List
ssti-payloads
🎯 Server Side Template Injection Payloads
TTY-interactiva-Como-hacer-una-terminal-interactiva-
Descubre el poder de la TTY Interactiva en pruebas de penetración con este detallado post “TTY Interactiva: ¿Cómo hacer una terminal interactiva?”. En este artículo, exploramos en profundidad cómo una TTY interactiva es esencial para los pentesters al interactuar con sistemas objetivo.
WebVulnLab-Home_Lab
WebVulnLab: A practical GitHub repository for hands-on web vulnerability discovery and exploitation. Enhance your security skills through real-world scenarios, penetration testing, and challenges. Safely explore attack vectors, learn about web vulnerabilities, and strengthen web application security.
XSScope
XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
xxe-injection-payload-list
🎯 XML External Entity (XXE) Injection Payload List