boringthegod

Pierre's starred repositories

domscan

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

Language:JavaScript19100

针对PE文件的分离的攻防对抗工具，红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.

Language:GoMIT17700

SCCMSecrets

SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.

Language:Python9000

tldfinder

A streamlined tool for discovering TLDs, associated domains, and related domain names.

Language:GoMIT6900

windows_sleep_techniques

A collections of methods to sleep on Windows using common and less-so-common techniques

Language:C++800

dnscovery

Discover services embedded in a site's DNS records

Language:GoMIT1700

wstunnel

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

Language:RustBSD-3-Clause404200

TrickDump

Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!

Language:C#22900

ICMP-TransferTools

Transfer files to and from a Windows host via ICMP in restricted network environments.

Language:PythonGPL-3.030800

Shwmae

Language:C#BSD-3-Clause10000

Graphpython

Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit

Language:Python11000

Maestro

Language:C#GPL-3.013200

grimoire

Generate datasets of cloud audit logs for common attacks

Language:GoApache-2.015100

nowafpls

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Language:Python79700

h2spacex

HTTP/2 Single Packet Attack low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks

Language:PythonGPL-3.011300

splitting-the-email-atom

Language:HTML4300

cerbero

Kerberos protocol attacker

Language:RustAGPL-3.011800

voice-changer

リアルタイムボイスチェンジャー Realtime Voice Changer

Language:PythonNOASSERTION1578200

Retrieval-based-Voice-Conversion-WebUI

Easily train a good VC model with voice data <= 10 mins!

Language:PythonMIT2235100

Deep-Live-Cam

real time face swap and one-click video deepfake with only a single image

Language:PythonAGPL-3.02851900

deepface

A Lightweight Face Recognition and Facial Attribute Analysis (Age, Gender, Emotion and Race) Library for Python

Language:PythonMIT1148300

EXOCET-AV-Evasion

EXOCET - AV-evading, undetectable, payload delivery tool

Language:Go81400

BinarySpy

一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.

Language:PythonMIT34800

LayeredSyscall

Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.

Language:C12400

BadExclusionsNWBO

BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR

Language:C++6600

goop

Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.

Language:GoMIT56100

bypass-bot-detection

Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection

Language:JavaApache-2.016600

smbtakeover

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Language:C++21400

CloudRecon

Language:GoMIT41700

eza

A modern alternative to ls

Language:RustMIT1067600