febinrev

dirtypipez-exploit

CVE-2022-0847 DirtyPipe Exploit.

tinyfilemanager-2.4.3-exploit

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.

CVE-2021-46398_Chamilo-LMS-RCE

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

AndroRAT

A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side

AD-enum-custom

Custom scripts and tools for AD enumeration

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

Bypass-AMSI

Ghostpack-CompiledBinaries

Compiled Binaries for Ghostpack (.NET v4.0)

Malware-collection

🔬Collection(-BIGGEST-) of malware, ransomware, RATs, botnets, stealers, etc.

Bash-web-server

A purely bash web server, no socat, netcat, etc...

batch-obfuscator-made-in-python

obfuscate a batch file with this simple to use python script

Covenant

Covenant is a collaborative .NET C2 framework for red teamers.

CVE-2021-45010-TinyFileManager-Exploit

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.

CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

DCSyncer

Perform DCSync operation without mimikatz

dronesploit

Drone pentesting framework console

evil-winrm

The ultimate WinRM shell for hacking/pentesting

HackBrowserData

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

hashes

Magic hashes – PHP hash "collisions"

host-files

krbrelayx

Kerberos unconstrained delegation abuse toolkit

miniserve

🌟 For when you really just want to serve some files over HTTP right now!

RedELK

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

reinschauer

rlwrap

A readline wrapper

SpoolFool

Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)

test-cnc

None

tinyfilemanager-2.4.6-exploit

Tiny FIle Manager <= 2.4.3 Authenticated RCE exploit

wifimouse_mouseserver_exploit

WiFi Mouse / Mouse Server exploit (0-day)