bhdresh

CVE-2017-0199

Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Dejavu

DejaVU - Open Source Deception Framework

CVE-2017-8759

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

SocialEngineeringPayloads

This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.

lazykatz

Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.

Whatsapp-IP-leak

Leak the IP address and Geolocation of target whatsapp user

CVE-2021-33766

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

SnortRules

This is an open source Snort rules repository

CVE-2018-11776

Vulnerable docker container for CVE-2018-11776

taskhash

This tool is developed to assist forensic investigators and auditors to remotely collect the md5sum of running processes on the target windows machine.

ProbesPlotter

ProbesPlotter is a passive WiFi surveillance tool developed to plot the WiFi probe requests from different devices using directed-graph.

About

Research and Publications

CVE-2022-1388

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

RedHunt-OS

Virtual Machine for Adversary Emulation and Threat Hunting

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

dnsresolver

Empire

Empire is a PowerShell and Python post-exploitation agent.