febiNJ's starred repositories
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
OffSec-Reporting
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Leaked-Credentials
how to look for Leaked Credentials !
Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
CVE-2023-36424
Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
atril_cbt-inject-exploit
CVE-2023-44452, CVE-2023-51698: CBT File Parsing Argument Injection that affected Popular Linux Distros
slippy-book-exploit
CVE-2023-44451, CVE-2023-52076: RCE Vulnerability affected popular Linux Distros including Mint, Kali, Parrot, Manjaro etc. EPUB File Parsing Directory Traversal Remote Code Execution
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
jsql-injection
jSQL Injection is a Java application for automatic SQL database injection.
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
libc-database
Build a database of libc offsets to simplify exploitation
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
Flipper-Zero-Sub-GHz-Jamming-Files
Looking for those jamming files that were removed from custom firmwares? Here they are. Only for educational purposes, of course.
flipperzero-wifi-marauder
Flipper Zero WiFi Marauder companion app
PySQLRecon
Offensive MSSQL toolkit written in Python, based off SQLRecon
AMSITrigger
The Hunt for Malicious Strings