₪Ʊןןζ€'s repositories
CVE-2020-10558
Tesla Hack All Vehicles DoS Infotainment Touchscreen Interface CVE-2020-10558
Tesla-Tester
Testing Tesla's API Functionality, helps when MITM internal traffic.
asploit
One line command and control backdoors for APIs and web applications.
BloodHound.py
A Python based ingestor for BloodHound
books
A collection of online books for data science, computer science and coding!
ConfuserEx
An open-source, free protector for .NET applications
csprecon
Discover new target domains using Content Security Policy
DNS-Tunnel-Keylogger
Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes.
dojo
Infrastructure powering pwn.college dojo
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
gram
Gram is Klarna's own threat model diagramming tool
ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
JS-Tap
JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
metabigor
OSINT tools and more but without API key
NimPlant
A light-weight first-stage C2 implant written in Nim.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Offensivesecurity-Checklists
Checklists for Testing Security environment
phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
presentations
SpecterOps Presentations
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
TeamsNTLMLeak
Leak NTLM via Website tab in teams via MS Office
TrailDiscover
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
trufflehog
Find and verify credentials
writehat
A pentest reporting tool written in Python. Free yourself from Microsoft Word.