FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing.

CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWh…

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the …

Automated All-in-One OS Command Injection Exploitation Tool

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)

F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.

CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.

A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read

OpenSSH 9.1 vulnerability mass scan and exploit

Red Teaming Tactics and Techniques

Burp Suite's extension to scan and crawl Single Page Applications

1337 Wordlists for Bug Bounty Hunting

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

cURL configs for exploiting Spring4Shell

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

Leaked Windows processes handles identification tool

how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP

A Firefox Web Extension to improve the discovery of DOM XSS.

POC for CVE-2020-9484

Local privilege escalation via PetitPotam (Abusing impersonate privileges).

Dump the memory of any PPL with a Userland exploit chain

A tool for checking if MFA is enabled on multiple Microsoft Services

OpenSSH Pre-Auth Double Free CVE-2023-25136 POC

Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝

The swiss army knife of LSASS dumping

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…