phong1337's repositories
Public-AD-Scripts
AD Scripts
Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
clash
A rule-based tunnel in Go.
Cryptanalysis
This is my personal (big) recopilation about cryptanalysis, crypto tools and challenges
CVE-2021-39115
Template Injection in Email Templates leads to code execution on Jira Service Management Server
Exploit-Dev-OSCE
Exploit Development, backdooring PE, bypassing Anti-Virus (AV), assembly shellcoding
GOAD
game of active directory
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
OSCE-Complete-Guide
OSWE, OSEP, OSED
osed-scripts
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
pentest-notes-1
👹 :japanese_ogre: :japanese_ogre:
PentestNote
一些渗透姿势记录
petereport
PeTeReport is an open-source application vulnerability reporting tool.
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
ProxyVulns
[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.
pwn_jenkins
Notes about attacking Jenkins servers
RustScan
🤖 The Modern Port Scanner 🤖
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SourceCodeReview
Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.
v2ray-core
A platform for building proxies to bypass network restrictions.
V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
weird_proxies
Reverse proxies cheatsheet
Windows-AD-environment-related
This Repository contains the stuff related to windows Active directory environment exploitation