Beast code in Giters

Tanner Barnes's repositories

BurpSuiteAutoCompletion

This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.

Language:Java164 80

CloudCopy

This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.

Language:Python114 4 2

Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, ParameterMiner! Pipe in a list of javascript urls and ParameterMiner pulls all the variable names.

Language:Go43 3 2

goRecorder

During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what will be important. To remedy that problem (and also to teach myself go) I built a command line tool that implements the "clip that" functionality of gaming consoles to allow me to save the last minute of screen activity as images to later view.

Language:Go25 5 1

BurpSuiteAutoRepeaterNaming

This extension replaces the default repeater tab name with the URL path of the repeater request.

Language:Java22 3 1

BurpRequestCleaner

This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.

Language:Java12 40

LORC

LORC - Low Orbit RECON Cannon

Language:Go12 40

aem-rce

Python and Metasploit module for exploiting Adobe Experience Manager (AEM) default credentials which can be used to achieve RCE

Language:Python7 30

GoPatternMatcher

This tool allows for quickly searching for a specified pattern within HTTP Response bodies. Simply pipe in a list of URLs, specify your pattern and hit enter.

Language:Go5 30

ratt

Recon All The Things (R.A.T.T.) provides a quick and easy way to spider a target ( or multiple targets ) and retrieve infomation key to further recon steps such as javascript files, relative/absolute paths referenced on the page, headers used in requests, and more!

Language:Go4 20

Console

Faction C2 Framework Console Service

Language:VueBSD-3-Clause1 20

EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Language:PythonGPL-3.01 20

Hibernate-Injection-Study

Study about HQL injection exploitation.

Language:Perl1 20

XSSContentDiscover

This is a PoC for an attack path I've seen on multiple engagements I wanted to standardize.

Language:PHP1 10

braindump

BrainDump is a simple, powerful, and open note taking platfform that makes it easy to organize your life.

Language:PythonMIT010

Codiad

Web Based, Cloud IDE

Language:PHPMIT020

DocumentServer

ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.

Language:ShellAGPL-3.0020

gophish

Open-Source Phishing Toolkit

Language:GoNOASSERTION000

govultr

Vultr Go API client

Language:GoMIT020

hackvertor

Language:Java020

machat

An open source chat server implemented in Go

Language:GoMIT020

screenshot

Go library to capture desktop to image

Language:GoMIT000

townhall-news-extension

This Chrome Extension pulls in the top 5 news stories about all the politicians and government bodies that represent your area. Simply load the chrome extension and navigate to https://www.facebook.com/townhall/?tab=directory.

Language:JavaScript020