Icmp's repositories
Tempest-Null
A Method to cause a null route to a Tempest server (spoofed only)
Python
All Algorithms implemented in Python
ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.
Awesome-RCE-techniques
Awesome list of techniques to achieve Remote Code Execution on various apps!
bitcoin
Bitcoin Core integration/staging tree
CEF4Delphi
CEF4Delphi is an open source project to embed Chromium-based browsers in applications made with Delphi or Lazarus/FPC for Windows, Linux and MacOS.
CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
cypress
Fast, easy and reliable testing for anything that runs in a browser.
discord-api-types
Up to date Discord API Typings, versioned by the API version
dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
fivem
The source code for the Cfx.re modification frameworks, such as FiveM, RedM and LibertyM, as well as FXServer.
FiveM-Server-Dumps
FiveM Server Dumps | Some With Assets | Deobfuscated
httpx
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
metabigor
Intelligence tool but without API key
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
osmedeus
A Workflow Engine for Offensive Security
prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
selenium
A browser automation framework and ecosystem.
subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Wordpress-XMLRPC-Brute-Force-Exploit
Wordpress XMLRPC System Multicall Brute Force Exploit (0day)