d3ndr1t30x's repositories
bludithammer
Versions prior to and including 3.9.2 of the Bludit CMS are vulnerable to a bypass of the anti-brute force mechanism that is in place to block users that have attempted to incorrectly login 10 times or more. Based on a POC created by rastating in this blog post: https://rastating.github.io/bludit-brute-force-mitigation-bypass/
aspxshell
A simple ASPX webshell that comes in handy for labs and CTFs
changepasswd
A small powershell script I used on the Fuse HTB machine to change a user password for login
client-server
Basic client and server written in C
emailgen
A small python script to generate permutations of emails when fed a username list. List should be a txt file in <firstname> <lastname> with one name per line.
emailscraper
A simple email scraper. Feed it a list of urls as a txt file. One url per line, it will then search for email address on those websites and generate a new txt file with the results.
exploit-dev-cheat-sheet
Full credit to @ovid. Hosting here for personal use.
gospider
Gospider - Fast web spider written in Go
hammer
Hammer DDos Script - Python 3
interactsh
An OOB interaction gathering server and client library
k6
A modern load testing tool, using Go and JavaScript - https://k6.io
Malware
macOS Malware Collection
osx-security-awesome
A collection of OSX and iOS security resources
output_clean
Quick and dirty script I threw together to clean the fuzzing output from ReconFTW so I could feed it to Aquatone easier.
PHP5-Reverse_Shell
A simple reverse shell written in PHP5, used on the October machine as part of my OSCP prep
pydf
I got sick of giving Adobe money. So I created a script to convert pdfs to word documents. There's also an option to copy all the text out into a separate txt file. Make sure to pip install pdf2docx and docx2txt first. Also make sure to specify the file extension each time you're prompted for a file output name.
pymerge
The most useless python program to ever exist! :D I made this because I hate powershell/cmd and wanted a way to merge txt files as part of my lead gen process.
recursive.py
A small script used to decode base64 recursively. I used this for the poison machine on hackthebox
rusty-dropper
Rusty dropper is a simple malware loader written in Rust.
shell-cpp
A simple reverse shell written in C++
Shhhloader
Syscall Shellcode Loader (Work in Progress)
sizzle
Used for initial access on the Sizzle machine on HackTheBox. You must generate your own unique .cer & .key files to make use of this.
stresstest
A simple load testing tool written in python
subdomain-nmap
A bash script that reads a list of subdomains outputted from Assetfinder/Subfinder and performs an nmap scan against all subdomains in the list.
windapsearch_2023
Python script to enumerate users, groups and computers from a Windows domain through LDAP queries