CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH

32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo/cve-2024-6387-poc

Evade Everything

Slides & Code snippets for a workshop held @ x33fcon 2024

BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

Quickly discover exposed hosts on the internet using multiple search engine.

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

Best Practice Auditd Configuration

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Small utility program to perform multiple operations for a given subnet/CIDR ranges.

httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

Web dashboard for Interactsh client

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

A filter to check for CDN IP addresses during port scanning.

MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

Go alternative of python SimpleHTTPServer

A Rust-based dropper for shellcode payloads.

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository…

The Network Execution Tool

Ghidra is a software reverse engineering (SRE) framework

A Post-exploitation Toolset for Interacting with the Microsoft Graph API