A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network configurations across your infrastructure.

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

Zero shot vulnerability discovery using LLMs

Prompt Injections Everywhere

ChatGPT DAN, Jailbreaks prompt

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

UUID Payload Generator

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Security risk analysis for Kubernetes resources

Pulls Binance Smart Chain feed of newly-verified contracts every 30 seconds, then checks their contract code for links to socials.Returns only those with socials information included, and then subm…

basic tokensniffer in python

A web app for decrypting MetaMask vault data.

Hunt for security weaknesses in Kubernetes clusters

Tool for auditing RBACs in Kubernetes

Lecture by lecture commits of the https://www.udemy.com/build-blockchain-full-stack/ course

Build a blockchain-based cryptocurrency on the full stack course

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

Python based BloodHound data importer

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

Python tool and library for decrypting and encrypting MS Office files using passwords or other keys

Infection Monkey - An open-source adversary emulation platform

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Userland API Unhooker Project

Please no pull requests for this repository. Thanks!

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Receive the status of Windows Defender Credential Guard on network hosts.

A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.