lanceae's repositories
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
awesome-bugbounty-tools
A curated list of various bug bounty tools
Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
Awesome-Web3-security
A curated list of resources for learning web3 hacking/Security
BotPEASS
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
COM-Hunter
COM Hijacking VOODOO
CRLFsuite
The most powerful CRLF injection (HTTP Response Splitting) scanner.
CyberSecurity
Cybersecurity stuff for both the blue team and the red team, mostly red though.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
FollinaScanner
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)
jarbou3
Jarbou3 is rat tool coded in python with C&C which can accept multiple connections from clients
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
Kali-Linux-Wireless-Penetration-Testing-Beginners-Guide-Third-Edition
Kali Linux Wireless Penetration Testing Beginner's Guide - Third Edition, published by Packt
KerberOPSEC
OPSEC safe Kerberoasting in C#
kerbrute
A tool to perform Kerberos pre-auth bruteforcing
MS-MSDT-Office-RCE-Follina
CVE-2022-30190 | MS-MSDT Follina One Click
MSRPC-to-ATTACK
A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
myPyBackDoor
Easy to understand back door written in python
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
sqlmap
Automatic SQL injection and database takeover tool
zap-scripts
Zed Attack Proxy Scripts for finding CVEs and Secrets.