sergii iermolenko's repositories
SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
tle.js
🛰️ Satellite TLE tools in JavaScript: get lat/lon of satellites, get look angles, plot orbit lines, extract individual TLE elements, etc
chisel
A fast TCP/UDP tunnel over HTTP
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
WinDefenderKiller
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
blacksmith
Next-gen Rowhammer fuzzer that uses non-uniform, frequency-based patterns.
mosint
An automated e-mail OSINT tool
toxssin
An XSS exploitation command-line interface and payload generator.
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
AzureADRecon
AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.
shells
Script for generating revshells
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
ROADtools
A collection of Azure AD tools for offensive and defensive security purposes
github-search
A collection of tools to perform searches on GitHub.
extract-endpoints
Extract endpoints from source files.
vhost-brute
A PHP tool to brute force vhost configured on a server.
dnspy
Find subdomains and takeovers.
csp-analyzer
Analyze CSP header of a given URL.
detectify-cves
Find CVEs that don't have a Detectify modules.
keyhacks.sh
Test is the automation of KeyHacks project from Streaak.
pentest-tools
A collection of custom security tools for quick needs.
WP-Vulnerabilities-Exploits
Huge Collection of Wordpress Exploits and CVES
osint_stuff_tool_collection
A collection of several hundred online tools for OSINT
impacket
Impacket is a collection of Python classes for working with network protocols.