0xbadad's repositories
subdirectories-discover
Perfect wordlist for discovering directories and files on target site
decode-spam-headers
A script that helps you understand why your E-Mail ended up in Spam
CVE-2023-21608-Acrobat-RCE
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
Email-Vulnerablity-Checker
Find Email Spoofing Vulnerablity of domains
leaky-paths
A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
mailcat-find-email
Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
bypass-403
A simple script just made for self use for bypassing 403
ChatGPT-API-server
API server for ChatGPT
cloudflare-origin-ip
Try to find the origin IP of a webapp protected by Cloudflare.
cobaltstrike-beacon-rust
CobaltStrike beacon in rust
cve-2022-39197
cve-2022-39197 poc
CVE-2022-44666-office-rce
Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.
CVE-2022-47966
POC for CVE-2022-47966 affecting multiple ManageEngine products
CVE-2023-34960
CVE-2023-34960 Chamilo PoC
DNS-Analysis-Server
Tools to assess DNS security.
dns-blocklists
Ad, tracker, adult content and gambling blocking for our DNS blocking service
dnscrypt-proxy
dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
google-search
a cli google client written by ai (chatgpt) that bypasses captcha and rate limiting by using the google alerts "preview" feature
maddy
✉️ Composable all-in-one mail server.
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
ProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
pycrypt
Python Based Crypter That Can Bypass Any Kinds Of Antivirus Products
subzuf
a smart DNS response-guided subdomain fuzzer
svn-extractor
simple script to extract all web resources by means of .SVN folder exposed over network.