Marco's repositories
bbrf-server
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
BurpSuiteHTTPSmuggler
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
cve
Gather and update all available and newest CVEs with their PoC.
CVE-2019-0708
Only Hitting PoC [Tested on Windows Server 2008 r2]
CVE-2023-34039
VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)
dompdf-rce
RCE exploit for dompdf
FavFreak
Making Favicon.ico based Recon Great again !
file-extension-list
Organised collection of common file extensions
gpt4all
gpt4all: a chatbot trained on a massive collection of clean assistant data including code, stories and dialogue
imagepayloadgen
Generate image payloads in JS to bypass filters
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
log4j-payload-generator
Log4j jndi injects the Payload generator
PHP-vulnerability-audit-cheatsheet
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
Qu1cksc0pe
All-in-One malware analysis tool.
security-cheat-sheet
Minimalist cheat sheet for developpers to write secure code
SeManageVolumeAbuse
SeManageVolumePrivilege to SYSTEM
SpamChannel
Spoof emails from any domain using MailChannels (+2 Million)
spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
weird_proxies
Reverse proxies cheatsheet