9h4wk Goto Github PK

jaylogger

Simple Keylogger which saves keylogs in logs.txt in the Documents folder

katacoda-scenarios

Katacoda Scenarios

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

linenum

Scripted Local Linux Enumeration & Privilege Escalation Checks

linux-smart-enumeration

Linux enumeration tool for pentesting and CTFs with verbosity levels

lnkexploit

A simple project to show how to create .lnk files using c#

maldevacademy

match-replace-burp

Useful Match and Replace BurpSuite Rules

minet-rates

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pdfs-security

My collection of Security Books

penetration_testing_poc

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

pentest-cheat-sheets

A collection of snippets of codes and commands to make your life easier!

pentesting-bible

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

powersploit

PowerSploit - A PowerShell Post-Exploitation Framework

privilege-escalation

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

red-team-ops-ii

red-teaming-toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

redteam-offensivesecurity

Tools & Interesting Things for RedTeam Ops

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

rsactftool

RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data

sam-the-admin

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

seclists-1

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sef

Subdomain Enumeration Framework

shellcode-downloader-createthread-execution

This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.

template-generator

A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates.

testpe

A Console Application for testing c# functions as I do C# projects

tl-trojan

A collection of source code for various RATs, Stealers, and other Trojans.

uac-exploit

UAC bypass for confirmation bypass in win 10/11

waf-bypass-cheat-sheet

Another way to bypass WAF Cheat Sheet (draft)