Matheus (StraNgFreak) Rocha ☠️'s Projects
📦 Make security testing of K8s, Docker, and Containerd easier.
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
Cross Origin Resource Sharing MisConfiguration Scanner
CORS Misconfiguration Scanner
Some setup scripts for security research tools.
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
Common User Passwords Profiler (CUPP)
Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
Search The Deep Web Straight From Your Terminal
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Ferramentas desenvolvidas durante o curso de pentest profissional da DESEC.
DIVA Android - Damn Insecure and vulnerable App for Android
Pentest Reconnaissance Tool in Javascript based on Ricardo Longatto version.
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
emoji terminal output for Python
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Sticky notes for pentesting, bug bounty, CTF.
Extract endpoints from source files.
Collaborative Penetration Test and Vulnerability Management Platform
A fast, simple, recursive content discovery tool written in Rust.
Fast web fuzzer written in Go
fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
Foundations of Python Network Programming (Apress) — scripts and examples
:books: Freely available programming books
fsociety Hacking Tools Pack – A Penetration Testing Framework
Automatic web fuzzer.