Generate password spraying lists based on the pwdLastSet-attribute of users. - GitHub - eversinc33/CredGuess: Generate password spraying lists based on the pwdLastSet-attribute of users.

GoCrack is a management frontend for password cracking tools written in Go - GitHub - mandiant/gocrack: GoCrack is a management frontend for password cracking tools written in Go

Fuzz 401/403/404 pages for bypasses. Contribute to intrudir/BypassFuzzer development by creating an account on GitHub.

Brief I may have achieved successful exploitation of a SharePoint target during Pwn2Own Vancouver 2023. While the live demonstration lasted only approximately 30 seconds, it is noteworthy that the process of discovering and crafting the exploit chain consumed…

00:00 - Introduction
01:57 - Showing the trick and explaining why its important to understand the methodology behind finding the technique and not just the technique itself
03:50 - Going over the Flask App
05:45 - Showing Snyk highlighting the SQL Injection…

Hello, in this post, I will be sharing information about SQLMap tamper noscripts. So, what is SQLMap? What are tamper noscripts in SQLMap? And…

CVE-2023-43261 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption - GitHub - win3zz/CVE-2023-43261: CVE-2023-43261 - Credential Leakage Through Unprotected System Log...

Automating Host Exploitation with AI. Contribute to mazen160/shennina development by creating an account on GitHub.

PoC module to demonstrate automated lateral movement with the Havoc C2 framework. - icyguider/LatLoader

Active Directory Certificate Services (ADCS) is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing certificates for systems, users, applications, and more.

A collection of snippets of codes and commands to make your life easier! - GitHub - Kitsun3Sec/Pentest-Cheat-Sheets: A collection of snippets of codes and commands to make your life easier!

Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence - ErikWynter/CVE-2023-22515-Scan

AI-powered penetration testing assistant for automating recon, note-taking, and vulnerability analysis. - berylliumsec/nebula

All right so macros are out, ISOs, zips and password protected zips are all getting flagged. What’s an APT to do? Well, LNK files are still…

Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes. - GitHub - zer0condition/mhydeath: Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.