Micky1warrior's repositories
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
CVE-2023-1326-PoC
A proof of concept for CVE-2023–1326 in apport-cli 2.26.0
CVE-2023-2640-CVE-2023-32629
GameOver(lay) Ubuntu Privilege Escalation
CVE-2023-27163
Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)
CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604)
exploit-CVE-2023-23752
Joomla! < 4.2.8 - Unauthenticated information disclosure
FIR
Fast Incident Response
Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
keepass-password-dumper
Original PoC for CVE-2023-32784
LME
Logging Made Easy (LME) is a free and open logging and protective monitoring solution serving all organizations.
log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
metabase-pre-auth-rce-poc
This is a script written in Python that allows the exploitation of the Metabase's software security flaw in the described in CVE 2023-38646.
Micky1Warrior
Config files for my GitHub profile.
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
pimpmykali
Kali Linux Fixes for Newly Imported VM's
porn-domains
A collection of domains used for explicit adult content like porn websites.
powerlevel10k
A Zsh theme
powerline
Powerline is a statusline plugin for vim, and provides statuslines and prompts for several other applications, including zsh, bash, tmux, IPython, Awesome and Qtile.
RedCloud-OS
RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)
SSRFmap
Automatic SSRF fuzzer and exploitation tool
unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
unpyc37-3.10
Minor tweaks to get this excellent Python bytecode decompiler running under Python 3.8-3.10
vagrant
Vagrant is a tool for building and distributing development environments.
WCE
This Python tool enables network node command and exfiltration while applying OPSEC to ensure the process is hidden by transmitting commands through window flags.
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet