emptysec1's repositories
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
moonwalk-back
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
legba
A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
TInjA
TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.
Forbidden-Buster
A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and professionals only. Use it at your own risk.
fuzzing-templates
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
NucleiFuzzer
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
uploadserver
Python's http.server extended to include a file upload page
gitleaks
Scan git repos (or files) for secrets using regex and entropy 🔑
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
ShadowClone
Unleash the power of cloud
catspin
Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
netlas-cookbook
The goal of this guide is very simple - to teach anyone interested in cyber security, regardless of their knowledge level, how to make the most of Netlas.io.
LEAKEY
LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.
Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
MTKPI
🧰 Multi Tool Kubernetes Pentest Image
WebSecProbe
Bypass 403
x8
Hidden parameters discovery suite
DockerExploit
Docker Remote API Scanner and Exploit
cook
A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
SharpKiller
Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
cewler
CeWLeR - Custom Word List generator Redefined. CeWL alternative in Python, based on the Scrapy framework.
boopkit
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
PingRAT
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.