jgcubillos
Follow
Stars
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
CTF framework and exploit development library
Freeze (package) Python programs into stand-alone executables
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…
Tool to look for several security related Android application vulnerabilities
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
This tool can be used to brute discover GET and POST parameters
Salamandra is a tool to find spy microphones that use radio freq to transmit. It uses SDR.
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
kernel privilege escalation enumeration and exploitation framework
Pentesting automation platform that combines hacking tools to complete assessments
Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
PhEmail is a python open source phishing email tool that automates the process of sending phishing emails as part of a social engineering test