Automated All-in-One OS Command Injection Exploitation Tool.

An all-in-one WPA/WPS toolkit

POC for CVE-2024-40348. Will attempt to read /etc/passwd from target

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Fuzzing IoT Devices Using the Router TL-WR902AC as Example

Automated NoSQL database enumeration and web application exploitation tool.

Source code from Joe Helle's C2 course

Just a simple keylogger Written in C# and Python3 for the socket it connects to and sends the data to.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

This cheatsheet was created to assist Red Teamers and Penetration Testers in hunting down vulnerabilities using "Nmap."

a signal handler race condition in OpenSSH's server (sshd)

Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境

Nmap Dashboard Mini Project

arbitrary TCP and UDP connections and listens (Netcat for Python).

🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.

A Modern Framework for Bug Bounty Hunting

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

This is a Phi-3 book for getting started with Phi-3. Phi-3, a family of open AI models developed by Microsoft. Phi-3 models are the most capable and cost-effective small language models (SLMs) avai…

A Home Assistant integration & Model to control your smart home using a Local LLM

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a u…

自动化硬链接工具，在最大可能情况下节约空间，并保持做种。 小于1M的文件直接复制，刮削修改nfo等小文件不影响做种。 大于1M的文件硬链接到目的目录，可以随意修改文件名。

Proxy server to bypass Cloudflare protection

An uber fast and simple subdomain enumeration tool using DNS and web requests with support for detecting wildcard DNS records.

Official Kali Linux tool to check all urls of a domain for SQL injections :)

⚡ Scan World FTP Servers and Steal Their Data 🌍

End-to-end encrypted file transfer.

Simple OSINT script to find Instagram profiles by name and e-mail/phone

Planetary Motion Simulator

Basics on commands/tools/info on how to assess the security of mobile applications

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.