SpeTr0x

Moataz Jemni's starred repositories

Cronos

PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.

Language:CGPL-3.054400

Sekiryu

Comprehensive toolkit for Ghidra headless.

Language:PythonApache-2.034300

ExploitLeakedHandle

Identify and exploit leaked handles for local privilege escalation.

Language:C++BSD-3-Clause10300

bootlicker

A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.

Language:C38700

dindocker

Play around with your own cluster nodes using docker containers.

Language:DockerfileMIT200

Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Language:JavaGPL-3.014800

wifiphisher

The Rogue Access Point Framework

Language:PythonGPL-3.01286300

bugcrowd_university

Open source education content for the researcher community

CC-BY-4.0256500

hacktronian

All in One Hacking Tool for Linux & Android

Language:PythonMIT100

Photon

Incredibly fast crawler designed for OSINT.

Language:PythonGPL-3.01066200

gitleaks

Protect and discover secrets using Gitleaks 🔑

Language:GoMIT1649800

003Recon

Some tools to automate recon - 003random

Language:Python29600

h1-212-ctf-solutions

A collection of the solutions people wrote for the H1-212 Capture The Flag event

9300

research

Bug Bounty writeups, Vulnerability Research, Tutorials, Tips&Tricks

Language:JavaScript18300

book

Crypto 101, the introductory book on cryptography.

Language:PythonNOASSERTION297000

Tiny-URL-Fuzzer

A tiny and cute URL fuzzer

Language:PythonMIT38600

V3n0M-Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Language:PythonGPL-3.0143400

pixiewps

An offline Wi-Fi Protected Setup brute-force utility

Language:CNOASSERTION150300

xsshunter

The XSS Hunter service - a portable version of XSSHunter.com

Language:JavaScriptMIT144500

reflector

Burp plugin able to find reflected XSS on page in real-time while browsing on site

Language:Java109200

ActiveScanPlusPlus

ActiveScan++ Burp Suite Plugin

Language:PythonApache-2.057500

CSRFT

A lightweight CSRF Toolkit for easy Proof of concept

Language:PythonGPL-3.017500

Sublist3r

Fast subdomains enumeration tool for penetration testers

Language:PythonGPL-2.011600

awesome-bug-bounty

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

CC0-1.0444000

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

Language:Python100