bhdresh

CVE-2017-0199

Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

Dejavu

DejaVU - Open Source Deception Framework

SocialEngineeringPayloads

This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.

CVE-2017-8759

Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

lazykatz

Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.

Whatsapp-IP-leak

Leak the IP address and Geolocation of target whatsapp user

CVE-2021-33766

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit

SnortRules

This is an open source Snort rules repository

CVE-2018-11776

Vulnerable docker container for CVE-2018-11776

taskhash

This tool is developed to assist forensic investigators and auditors to remotely collect the md5sum of running processes on the target windows machine.

ProbesPlotter

ProbesPlotter is a passive WiFi surveillance tool developed to plot the WiFi probe requests from different devices using directed-graph.

About

Research and Publications

CVE-2022-1388

CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

RedHunt-OS

Virtual Machine for Adversary Emulation and Threat Hunting

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

dnsresolver

Empire

Empire is a PowerShell and Python post-exploitation agent.