Matheus (StraNgFreak) Rocha ☠️'s Projects
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
Utility program to perform multiple operations for a given subnet/CIDR ranges.
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
Config files for my GitHub profile.
OSINT tools and more but without API ke
MS17-010
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more
A script that you can run in the background!
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
You just found a hidden gem 💎 This repo contains a massive amount (8000+) of WordPress related Nuclei templates. Updated daily!
Username enumeration and password spraying tool aimed at Microsoft O365.
A collection of awesome one-liners for bug bounty hunting.
Open Redirection Analyzer
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
Maintained collection of OSINT related resources. (All Free & Actionable)
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A collection of custom security tools for quick needs.
Colored logcat script which only shows log entries for a specific application package.
A list of public penetration test reports published by several consulting firms and academic security groups.
An open-source self-hosted purple team management web application.
Search for leaked credentials
Pentest Report Generator
CTF framework and exploit development library
Resources for Students in the Practical Webapp Security and Testing course
Tool to look for several security related Android application vulnerabilities
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent