setrus's repositories
CVE-2019-0232
CVE-2019-0232-Remote Code Execution on Apache Tomcat 7.0.42
Web-Application
Web Application Worksheet
AADInternals
AADInternals PowerShell module for administering Azure AD and Office 365
Documentation
Links and articles on Security
fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
gobuster
Directory/File, DNS and VHost busting tool written in Go
MicroBurst
A collection of scripts for assessing Microsoft Azure security
MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
o365creeper
Python script that performs email address validation against Office 365 without submitting login attempts.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PullRequests
This is a demo repository for pull requests training on GitHub
Scripts
Useful Scripts
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SimpleHTTPServer_PUT
Pythons Module for Simple HTTP Server with PUT. This is useful for exfiltration of data once you have access (rev shell) to a machine
subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
THP-ChatSupportSystem
The Hacker Playbook 3 - Web Commands