alwanwijaya's repositories
Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.
AsyncRAT-C-Sharp
Open-Source Remote Administration Tool For Windows C# (RAT)
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
BLACKHAT_USA2022
BLACKHAT USA2022 PDF Public
commix
Automated All-in-One OS Command Injection Exploitation Tool.
cs-video-courses
List of Computer Science courses with video lectures.
CVE-2021-4154
CVE-2021-4154 exploit
cve-2022-33891
Apache Spark Shell Command Injection Vulnerability
Dorks-collections-list
List of Github repositories and articles with list of dorks for different search engines
FlavorTown
Various ways to execute shellcode
GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
google-dorks
Useful Google Dorks for WebSecurity and Bug Bounty
GRUB-Theme
:information_source: GRUB Themes with the theme from the anime The Quintessential Quintuplets, Fate Series, and VTuber Hoshimati Suisei :computer: :heart:
hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
impacket-easy-web-server
Impacket is a collection of Python classes for working with network protocols.
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
Malware-collection
🔬Collection(-BIGGEST-) of malware, ransomware, RATs, botnets, stealers, etc.
phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
PSFuzz
Proviesec Fuzz Scanner - dir/path web scanner
PyPhisher
Easy to use phishing tool with 77 website templates. Author is not responsible for any misuse.
simple-php-web-shell
Tiny PHP Web shell for executing unix commands from web page
SSH-BRUTEFORCE-PYTHON
this script will perform a password brute force attack for ssh
sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
ssti-payload
SSTI Payload Generator
tbhm
The Bug Hunters Methodology