mokeneto

bw-dump

A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

selefra

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

bounty-targets-data

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

JNAerator

JNAerator: native bindings generator for JNA / BridJ / Node.js

jna

Java Native Access

DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

hiphp

The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range of activities such as downloading and editing files. It also allows for connecting to Tor networks with password protection for extra security.

CloudBrute

Awesome cloud enumerator

ScheduleRunner

A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation

onedrive_user_enum

onedrive user enumeration - pentest tool to enumerate valid o365 users

TREVORspray

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

fun-with-ssm

Resources for AWS post-exploitation scenarios where you have the permission ssm:SendCommand, but you can't use the AWS-RunPowerShellScript or AWS-RunShellScript documents.

NixImports

A .NET malware loader, using API-Hashing to evade static analysis

GOAD

game of active directory

Certipy

Tool for Active Directory Certificate Services enumeration and abuse

sourcemapper

Extract JavaScript source trees from Sourcemap files

SysWhispers3

SysWhispers on Steroids - AV/EDR evasion via direct system calls.

ADCSKiller

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer

github-oidc-checker

Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts

utils

Useful scripts, Docker images, docker-compose apps, and Terraform modules.

PowerSharpPack

private-gpt

Interact with your documents using the power of GPT, 100% privately, no data leaks

keepass-password-dumper

Original PoC for CVE-2023-32784

CVE-2023-0179-PoC

针对（CVE-2023-0179）漏洞利用 该漏洞被分配为CVE-2023-0179，影响了从5.5到6.2-rc3的所有Linux版本，该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。

CVE-2023-28231

DHCP Server Remote Code Execution impact: 2008 R2 SP1 до Server 2019

CVE-2023-27326

VM Escape for Parallels Desktop <18.1.1

BLACKHAT_Asia2023

Black Hat Asia 2023 PDF Public

exploit-notes

Sticky notes for pentesting, bug bounty, CTF.

pinvoke

A library containing all P/Invoke code so you don't have to import it every time. Maintained and updated to support the latest Windows OS.