Marcos Tolosa's repositories
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
WhatWeb
Next generation web scanner
OmegaPSToolkit
Totally in development! A toolkit that brings together penetration testing tools such as wireless tools, web tools, password cracking tools, etc.
AWSome-Pentesting
My cheatsheet notes to pentest AWS infrastructure
Firefox-Grabber
Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
awsome-security-write-ups-and-POCs
Awesome Writeups and POCs
hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
nginxpwner
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
Havoc
The Havoc Framework
ShellcodeTemplate
An easily modifiable shellcode template for Windows x64/x86
Maryam
Maryam: Open-source Intelligence(OSINT) Framework
RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
markdown-preview-enhanced
One of the 'BEST' markdown preview extensions for Atom editor!
spk
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
NodeJS-Red-Team-Cheat-Sheet
NodeJS Red-Team Cheat Sheet
cspp-tools
Client-Side Prototype Pollution Tools
crimson
Web Application Security Testing automation.
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
onesixtyone
Fast SNMP Scanner
reveal.js
reveal.js extended with logo support
ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
jsoncrack.com
🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch!
HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
nopp
Tiny helper to protect against Prototype Pollution vulnerabilities in your application regardless if they introduced in your own code or in 3rd-party code
CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
awesome-ransomware
Curated list of ransomware-related resources; awesome style.
gifcurry
😎 The open-source, Haskell-built video editor for GIF makers.