w00t3k Goto Github PK

mfastealer

Stealing MFA/2FA tokens and using them to logon with VPN clients

mimikatz

A little tool to play with Windows security

minikerberos

Kerberos manipulation library in pure Python

miniupnpd_poc

Read out-of-bounds PoC for miniupnpd <= v2.1

misc-powershell-scripts

Random Tools

mitm-cheatsheet

All MITM attacks in one place.

mitm6

pwning IPv4 via IPv6

mitmap

📡 A python program to create a fake AP and sniff data.

mjet

Mogwai Java Management Extensions (JMX) Exploitation Toolkit

mkgist

Utility for sharing snippets easily

mkhtaccess_red

Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been seen before, and redirects them to a benign payload.

modlishka

Modlishka. Reverse Proxy. Phishing NG.

modmobmap

Map 2G/3G/4G and more cellular networks in real live with a simple smart phone, pretty much like osmocomBB monitoring feature.

modsecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

modwifi

moistpetal

Open source offensive security platform for red team, by red team.

mojibake

Package with useful methods for managing data encodings

monkey

Infection Monkey - An automated pentest tool

morphhta

morphHTA - Morphing Cobalt Strike's evil.HTA

mousejack

MouseJack device discovery and research tools

ms17-010

MS17-010

msolspray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

mtmux

A script that uses tmux for multi-server administration with a tiling interface and synchronized keyboard input along the lines of terminator, clusterssh, multi-gnome-terminal, pconsole, etc.

mtpwn

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

mycryptomonitor

Lightweight Cryptocurrency Monitor

nccfsas

Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.

neo.vim

The Ultimate Nvim Distribution Without Plugins

net-creds

Sniffs sensitive data from interface or pcap

netntlmtosilverticket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

nexmon

The C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips that enables Monitor Mode, Frame Injection and much more