Sean McQuilling's repositories
intro_to_llm_agents
Simple introduction to LLM Agents
darknetlive
A web scrape of Darknetlive. Incognito Market admin has removed the news page. This scrape has everything including the news.
sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
graphiql
GraphiQL & the GraphQL LSP Reference Ecosystem for building browser & IDE tools.
hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
graphql-landscape
🌄Landscape for the GraphQL ecosystem
GOAD
game of active directory
flipper-zero-animations
Here I'll dump animations and tools to create them
toxicache
Go scanner to find web cache poisoning vulnerabilities in a list of URLs
CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
SharpADWS
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
Azure-Red-Team
Azure Security Resources and Notes
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Evilginx3-Phishlets
Learn my systematic process of creating Evilginx Phishlets from scratch: https://www.simplerhacking.com
AutonomousThreatSweeper
Threat Hunting queries for various attacks
Flipper-Zero-BadUSB
Repository for my flipper zero badUSB payloads. Now almost entirely plug and play.
uploadthing
File uploads for modern web devs
puppeteer
Node.js API for Chrome
conditional-love
An AWS metadata enumeration tool by Plerion
PythonDataScienceHandbook
Python Data Science Handbook: full text in Jupyter Notebooks
Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
evilginx2_dev
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
token-inspector
Token Extractor is a powerful Chrome extension designed to streamline the process of extracting authorization tokens from HTTP requests in Chrome DevTools. With Token Extractor, developers can easily identify requests containing authorization headers, extract the tokens, and perform essential tasks with just a few clicks.
vunnel
Tool for collecting vulnerability data from various sources (used to build the grype database)
Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.