ZephrFish

CVE-2020-16898

HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).

rengine

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

hax

SH

sendemail

lightweight, command line SMTP email client

NessusPreFlight

Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to scan a machine

Wordlists

Various Payload wordlists

cve-2020-1351

Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2003 up to Windows Server 2019.

CVE-2020-5902

EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

nmap-summariser

another nmap summarising script

GoogD0rker

Note: Going through a full re-write of the tooling so the current versions in the repo do not work!

CoverStory

A cover story generator for people who Need Quick Covers On Operations

TJ-JPT

This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

Random-Yara-Rules

A collection of yara rules I've gathered over the years :-)

asscan

Automated Subnet Scanner

sherlock

🔎 Hunt down social media accounts by username across social networks

C4

Cyberdelia, a Collection of Command and Control frameworks

ASREPRoast

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

PS-Scripts

Useful scripts for labs

msf-autoshell

Feed the tool a .nessus file and it will automatically get you MSF shell

GitTools

A repository with 3 tools for pwn'ing websites with .git repositories available

Mailgun-python

Python Wrapper for sending email with mailgun

subscraper

External pentest tool that performs subdomain enumeration through various techniques. In addition, SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps.

Vibe

A framework for stealthy domain reconnaissance

XSSPayloads

Cross Site Scripting Payloads -- Variations

commonspeak2-wordlists

Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.

Scout

Scout - a Contactless Active Reconnaissance Tool