Tobey's repositories
awesome-password-spraying
Everything and anything related to password spraying
CVE-2024-21683-RCE
CVE-2024-21683 Confluence Post Auth RCE
nmap-did-what
Nmap Dashboard Mini Project
No_X_Memory_ShellCodeLoader
无可执行权限加载 ShellCode (点点 Star,非常感谢!)
AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
AHHHZURE
AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.
centralized-logging-with-opensearch
Build your own log analytics platform on OpenSearch in 20 minutes
Collect_Threat_Intel_AND_Malware_Using_Honeypots
This code run as a service continuous monitoring all Sysmon event logs and take action based on events generated by attackers activities. Also sending filtered and contextual details on telegram bots to update administrators. Uploading and capturing all malware's dropped by attackers.
CVE-2024-21111
Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
CVE-2024-21338
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
CVE-2024-32002
CVE-2024-32002 RCE PoC
CVE-2024-3400
CVE-2024-3400 Palo Alto OS Command Injection
epeius
Deploy Trojan using a Serverless approach
FullBypass
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)
galah
Galah: an LLM-powered web honeypot using the OpenAI API.
gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
GoogleRecaptchaBypass
Solve Google reCAPTCHA in less than 5 seconds! 🚀
horus
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
Invoke-RunAsWithCert
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
KExecDD
Admin to Kernel code execution using the KSecDD driver
LetMeowIn
A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
Microsoft-Analyzer-Suite
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
Reverse-Engineering_1
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
searchbins
Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.
siem-on-amazon-opensearch-service
A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
sof-elk
Configuration files for the SOF-ELK VM
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool