Will's repositories
lazy_scripts
Basic javascript snippets to interact with DOM in some web services in order to extract usefull information.
tableofrefs
This is an repository created to compress information and make easier to find informations normally used for creating reports on day2day work.
exfil_server
An basic python exfiltration server (HTTP) to handle with multiple files and save it local with different hash names.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
android-penetration-testing-cheat-sheet
Work in progress... Thanks for all the stars, I will try to prioritize this project :)
chisel
A fast TCP/UDP tunnel over HTTP
Conferences
Conference slides
csrf-poc-generator
this html file creates a csrf poc form to any http request.
dumpall
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
GoForDorks
Easier way to use advanced search syntax on common search engines like Google, Yandex, DuckDuckGo and more.
frida-scripts
Frida Scripts
git-dumper
A tool to dump a git repository from a website
GoMapEnum
User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
HTTPLeaks
HTTPLeaks - All possible ways, a website can leak HTTP requests
imapsprayer
A simple IMAP password sprayer
juicyinfo-nuclei-templates
Nuclei (https://github.com/projectdiscovery/nuclei) templates for extracting juicy info from web pages
LoggerPlusPlus-API-Filters
A Collection of Logger++ Filters for Hunting API Vulnerabilities
LOTL
Living Off The Land (LOTL) persistent Reverse shell
MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
MSOLSpray
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
o365recon
retrieve information via O365 and AzureAD with a valid cred
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
sns
IIS shortname scanner written in Go
subjs
Fetches javascript file from a list of URLS or subdomains.
waymore
Find way more from the Wayback Machine!
zendesk_chat_adapter
Inbenta's public repository