New version of #BurpSuite Exporter extension.
Fixed minor bugs, added support for HTML Forms, Ruby Net::HTTP, JavaScript XHR and a Tab to search HTTP Requests.
https://github.com/artssec/burp-exporter
#bugbounty #bugbountytips
Fixed minor bugs, added support for HTML Forms, Ruby Net::HTTP, JavaScript XHR and a Tab to search HTTP Requests.
https://github.com/artssec/burp-exporter
#bugbounty #bugbountytips
GitHub
GitHub - artssec/burp-exporter: Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming…
Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions. - artssec/burp-exporter
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
GitHub
GitHub - EncodeGroup/BOF-RegSave: Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File - EncodeGroup/BOF-RegSave
The vulnerability allows a low-privilege user (such as www-data) to escalate his privileges to root using a bug in PHP-FPM, which has been present for 10 years.
https://www.ambionics.io/blog/php-fpm-local-root
https://www.ambionics.io/blog/php-fpm-local-root
Ambionics
PHP-FPM local root vulnerability (CVE-2021-21703)
This article reveals a privilege escalation vulnerability affecting PHP-FPM.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
https://github.com/Rices/Phishious
https://github.com/Rices/Phishious
GitHub
GitHub - CanIPhish/Phishious: An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers. - CanIPhish/Phishious
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
https://github.com/RoseSecurity/Automator-Terminator
https://github.com/RoseSecurity/Automator-Terminator
GitHub
GitHub - RoseSecurity/Automator-Terminator: A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations…
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automato...
Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK® framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
https://github.com/redcanaryco/atomic-red-team
https://github.com/redcanaryco/atomic-red-team
GitHub
GitHub - redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.
Small and highly portable detection tests based on MITRE's ATT&CK. - redcanaryco/atomic-red-team
A TCP proxy to simulate network and system conditions for #chaos and #resiliency #testing
https://github.com/Shopify/toxiproxy
#toxiproxy #TCPproxy
https://github.com/Shopify/toxiproxy
#toxiproxy #TCPproxy
GitHub
GitHub - Shopify/toxiproxy: :alarm_clock: A TCP proxy to simulate network and system conditions for chaos and resiliency testing
:alarm_clock: :fire: A TCP proxy to simulate network and system conditions for chaos and resiliency testing - GitHub - Shopify/toxiproxy: :alarm_clock: A TCP proxy to simulate network and system co...
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
https://github.com/splunk/attack_range
https://github.com/splunk/attack_range
GitHub
GitHub - splunk/attack_range: A tool that allows you to create vulnerable instrumented local or cloud environments to simulate…
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk - GitHub - splunk/attack_range: A tool that allows...
Combine namp and masscan for fast scanning and identification tools Github: https://github.com/MrLion7/Lmap
#tools #Scanner
#tools #Scanner
GitHub
GitHub - MrLion7/Lmap: A tool combined with the advantages of masscan and nmap
A tool combined with the advantages of masscan and nmap - MrLion7/Lmap
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
https://github.com/xforcered/InvisibilityCloak
#POC #FUD
https://github.com/xforcered/InvisibilityCloak
#POC #FUD
GitHub
GitHub - xforcered/InvisibilityCloak: Proof-of-concept obfuscation toolkit for C# post-exploitation tools
Proof-of-concept obfuscation toolkit for C# post-exploitation tools - xforcered/InvisibilityCloak
Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://github.com/projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei-templates
#scanner #bugbounty
https://github.com/projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei-templates
#scanner #bugbounty
GitHub
GitHub - projectdiscovery/nuclei: Nuclei is a fast, customizable vulnerability scanner powered by the global security community…
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the ...
Turbolist3r is a fork of the #sublist3r #subdomain discovery tool. In addition to the original #OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on subdomain takeover.
https://github.com/alex14324/Turbolist3r
https://github.com/alex14324/Turbolist3r
GitHub
GitHub - alex14324/Turbolist3r
Contribute to alex14324/Turbolist3r development by creating an account on GitHub.