The recursive internet scanner for hackers. 🧡

Dump cookies and credentials directly from Chrome/Edge process memory

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Firebase client tools for security assessment or penetration testing.

A streamlined tool for discovering private TLDs for security research.

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

A WordPress rest-enumeration script

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.

Coverage-Guided Greybox Distributed Fuzzer

The Tengu Maruader is an open source wireless testing and autonomous security robot designed for multi-terrain movement and meant to work in tandem with the Strix Interceptor

Find, verify, and analyze leaked credentials

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9…

Firepwn is a tool made for testing the Security Rules of a firebase application.

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Azure JWT Token Manipulation Toolset

DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).

A mod manager for Baldur's Gate 3.

This project is aimed at freely providing technical guides on various hacking topics.

OSINT Tool: Generate username lists for companies on LinkedIn

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

Advanced player for set-top boxes and tvs running Android OS

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer

nyeheheheheh look lois im in the computah

Twitter Blue data