00kush00 Goto Github PK

pupy

Pupy is an opensource, multi-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) mainly written in python. It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory.

pwnwiki.github.io

PwnWiki - The notes section of the pentesters mind.

pystemon

Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon

reaver-wps-fork-t6x

robot-detect

routersploit

The Router Exploitation Framework

s3scanner

Scan for open AWS S3 buckets and dump the contents

screetsec

Screetsec fork

seclists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

security-best-practices

A Security and Privacy Guide for non-technical users

security-scripts

Small, one-off scripts for security related stuff I've written over time

shell-detector

Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.

shellshocker-pocs

Collection of Proof of Concepts and Potential Targets for #ShellShocker

slackbuilds

A collection of personal SlackBuilds.

sploit-dev

Exploits and research stuffs

sshkey-grab

Grab ssh keys from ssh-agent

sublist3r

Fast subdomains enumeration tool for penetration testers

sudo-backdoor

Wrapper to sudo; prompts regularily but steals user's password. For those annoying times when you get a "non-privileged" sudo-enabled shell.

taipan

Web application vulnerability scanner

termux-fingerprint-lock

Secure Termux with Fingerprint Lock

tftptheft

TFTP Theft is a tool which allows one to quickly scan/bruteforce a tftp server for files and download them instantly

th3inspector

Th3Inspector 🕵️ Best Tool For Information Gathering 🔎

the-backdoor-factory

Patch PE, ELF, Mach-O binaries with shellcode

tools

Tools that are related to pentest and network security

tools-1

security and hacking tools, exploits, proof of concepts, shellcodes, scripts

trape

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

unix-privesc-check

Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurations that could allow local unprivileged user to escalate to other users (e.g. root) or to access local apps (e.g. databases). This is a collaborative rework of version 1.0

v3n0m-scanner

Popular Pentesting scanner in Python3.5 for SQLi/XSS/LFI/RFI and other Vulns

virtunoid

My KVM breakout code from my DEFCON/Black Hat 2011 presentation