njahrckstr's repositories
chrome-spy-extension
A Chrome extension that will steal literally everything it can
MacDirtyCowDemo
Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
redteamguides.github.io
Red Team Guides
SpamChannel
Spoof emails from any domain using MailChannels (+2 Million)
awesome-osint
:scream: A curated list of amazingly awesome OSINT
chainbreaker
Mac OS X Keychain Forensic Tool
citrix-exploits
Repository to store exploits created by Assetnotes Security Research team
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
CVE-2023-50164
A scanning utility and PoC for CVE-2023-50164
CVE-2023-50164-Apache-Struts-RCE
A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).
cvss-bt
Enriching the NVD CVSS scores to include Temporal & Threat Metrics
GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
interactsh
An OOB interaction gathering server and client library
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
NimPlant
A light-weight first-stage C2 implant written in Nim.
NtlmThief
Extracting NetNTLM without touching lsass.exe
Nuitka
Nuitka is a Python compiler written in Python. It's fully compatible with Python 2.6, 2.7, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, and 3.11. You feed it your Python app, it does a lot of clever things, and spits out an executable or extension module.
OSCE-Complete-Guide
OSWE, OSEP, OSED
PassDetective
PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
Pentest-Cheat-Sheets
A collection of snippets of codes and commands to make your life easier!
redcanary-mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
SharpTokenFinder
C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
ThreatMapper
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
waf-bypass
Check your WAF before an attacker does
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768