Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Most advanced XSS scanner.

My Notes For OSCP

A list of public penetration test reports published by several consulting firms and academic security groups.

A high-throughput and memory-efficient inference and serving engine for LLMs

Tool for Active Directory Certificate Services enumeration and abuse

Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the white paper Certified Pre-Owned.

Tools for Kerberos PKINIT and relaying to AD CS

Python version of the C# tool for "Shadow Credentials" attacks

Abusing impersonation privileges through the "Printer Bug"

Exchange privilege escalations to Active Directory

Active Directory Integrated DNS dumping by any authenticated user

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

This pihole_adlists.txt file is a consolidated list of adblock lists downloaded and formatted using the "Pi-hole Adblock Lists Updater" script. This list is designed to be used with Pi-hole, a netw…

Dynamic DNS (DDNS) service based on Cloudflare! Access your home network remotely via a custom domain name without a static IP! Written in pure BASH~

Liberation Mono with ligatures

CSS is powerful, you can do a lot of things without JS.

A huge list of alternatives to Google products. Privacy tips, tricks, and links.

One rule to crack all passwords. or atleast we hope so.

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

</> htmx - high power tools for HTML

Tool to audit and attack LAPS environments

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Wordlists for creating statistically likely username lists for use in password attacks and security testing

Find, verify, and analyze leaked credentials