PixelZA's repositories
Amass
In-depth Attack Surface Mapping and Asset Discovery
assetfinder
Find domains and subdomains related to a given domain
attack_monitor
Endpoint detection & Malware analysis software
AutoBlue-MS17-010
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
awesome-security-trivia
🤙 Security Trivia that rare people know.
batea
AI-based, context-driven network device ranking
BloodHound-Owned
A collection of files for adding and leveraging custom properties in BloodHound.
CrackMapExec
A swiss army knife for pentesting networks
droopescan
A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
Exchange-AD-Privesc
Exchange privilege escalations to Active Directory
freepbx-shell-admin-module
FreePBX PHP Web Shell Admin Module
gowitness
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
keepnote
Quick and Dirty Penetration Testing Notes
kerbrute
An script to perform kerberos bruteforcing by using impacket
kerbrute-1
A tool to perform Kerberos pre-auth bruteforcing
metasploitable3
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
notable
The Markdown-based note-taking app that doesn't suck.
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Redis-Server-Exploit
This will give you shell access on the target system if redis server is not configured properly and faced on the internet without any authentication
subjack
Subdomain Takeover tool written in Go
Veil
Veil 3.1.X (Check version info in Veil at runtime)
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.