ScriptIdiot

James Yeung's starred repositories

vulnx

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.

Language:PythonGPL-3.01860 52 58

needle

The iOS Security Testing Framework

Language:PythonNOASSERTION1321 83 147

jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Language:GoMIT1292 14 12

HardeningKitty

HardeningKitty - Checks and hardens your Windows configuration

Language:PowerShellMIT1226 34 40

ShellGhost

A memory-based evasion technique which makes shellcode invisible from process start to end.

Language:CGPL-3.01117 9 3

TeamsPhisher

Send phishing messages and attachments to Microsoft Teams users

Language:Python996 10 27

Locksmith

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Language:PowerShellNOASSERTION773 14 30

onedrive_user_enum

onedrive user enumeration - pentest tool to enumerate valid o365 users

Language:PythonGPL-3.0572 12 3

RedCloud-OS

RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)

Language:ShellGPL-2.0498 8 4

fileless-elf-exec

Execute ELF files without dropping them on disk

Language:PythonGPL-3.0438 7 1

SharpToken

Windows Token Stealing Expert

Language:C#GPL-3.0386 50

HadesLdr

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

Language:C++BSD-3-Clause281 20

evilqr

Proof-of-concept to demonstrate dynamic QR swap phishing attacks in practice.

Language:JavaScriptMIT241 7 8

AtlasReaper

A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.

Language:C#GPL-3.0235 20

deepsecrets

Secrets scanner that understands code

Language:PythonMIT184 10 2

WMIExec

Set of python scripts which perform different ways of command execution via WMI protocol.

Language:Python156 30

GhostFart

Language:C++132 1 1

LockScream

macOS Client-Side Phishing lock screen payload

Language:SwiftApache-2.0126 9 3

BOFMask

Language:C102 20

Winsocky

Winsocket for Cobalt Strike.

Language:C94 40

ADxRay

Active Directory's Health Check script that generates a full HTML report of the environment's health, security and status based on Microsoft's Best Practices.

Language:PowerShellGPL-3.091 7 5

ropci

So, you think you have MFA? AAD/ROPC/MFA bypass testing tool

Language:GoMIT90 20

SharpDXWebcam

Utilizing DirectX and DShowNET assemblies to record video from a host's webcam

Language:C#BSD-3-Clause80 40

MalwareMorphology

Language:C++74 20

PHISHLET-EVILGINX3

PHISHLET [EVILGINX3] Settings for phishing sites are written in the yaml language. This is a long development of my collection that I have been working on for the last 3 months due to changes in site security rules in particular scripts for bypassing the CloudFlare security. 🙌 I PRESENT to you my collection from the sites : 1Password / Binance

66 4 2