This is your work, valued

Ryan Montgomery

Elite
@0dayCTF

Pentester / Child Safety Warrior / Serial Entrepreneur -- Check me out on https://ryanmontgomery.me

reverse-shell-generator. Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

4k

FireRTC-Call-Spoofer. Spoof Calls For Free - Unlimited Usage

135

Flipper. Playground (and dump) of stuff I make or modify for the Flipper Zero

95

endlets. Bookmarklet to find endpoints easily with one click

90

Autofill_Danger. Autofill Phishing

89

capNcook_Trilogy_Media. capNcook - a dark web exploration tool

86

0day-Xfinity-Wordlist-Generator. Xfinity / Comcast Wordlist Generator

80

Discord-Crash. Crash all Discord clients (desktop, mobile, browser, third party clients)

80

PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF

65

Discord-Custom-Connections. Create custom connections in your profile on Discord

65

WeaponizeKali.sh. Automate installation of extra pentest tools on Kali Linux

64

Windows-3.1-Virus-List. A list of viruses from Windows 3.1, and the 16 bit binaries associated.

58

Reverse-Shell-Bash-Alias. Generate common Reverse Shells for Pentesting

45

KingOfBugBountyTips.

31

uspsboxspammer. This tool was created to automatically send 53 different types of USPS branded boxes, with the maximum quantities to any address (about 500 boxes,envelopes,and letters). USPS currently offers free shipping materials, with a very large maximum quantity. I created this tool in Node, for simplicity of use, and to easily manipulate the elements if required. Feel free to contact me with any questions or feature requests.

30

awesome-shodan-queries. 🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

24

security. Stuff about it-security that might be good to know

24

CVE-2020-9484. Remake of CVE-2020-9484 by Pentestical

23

RustScan. 🤖 The Modern Port Scanner 🤖

22

PyIntruder. A Powerful Intruder written in Python

22

AppleJuice. Apple BLE proximity pairing message spoofing

22

toolbox. CTF toolbox

21

up-http-tool. Simple HTTP listener for security testing

21

ScareCrow. ScareCrow - Payload creation framework designed around EDR bypass.

21

xc. A small reverse shell for Linux & Windows

19

qFlipper. qFlipper — desktop application for updating Flipper Zero firmware via PC

17

AutoRecon. AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

17

InfoSec-Black-Friday. All the deals for InfoSec related software/tools this Black Friday

16

flipperzero-firmware. Flipper Zero Firmware

14

giveaway-bot-amazon. Tampermonkey Script - Amazon Giveaways

14

astro-bot. Browse the web entirely over SMS — no apps required.

13

File-Download-Generator. Copy and paste commands to quickly transfer files between hosts

12

THM-Bot. TryHackMe Python Bot

12

sudo-piggyback. privilege escalation by piggy-backing user sudo requests

12

Rickroll-Server. Python TCP server for terminal rickrolls

11

deepce. Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

10

portapack-havoc. Custom firmware for the HackRF SDR + PortaPack H1 addon

10

InstallerFileTakeOver. C++

9

mediacms. MediaCMS is a modern, fully featured open source video and media CMS, written in Python/Django and React, featuring a REST API.

9

StegKraken. StegCracker but actually good

8

p3nt3t3r. Commit Art

6

Arjun. HTTP parameter discovery suite.

6

CVE-Exploits. PoCs for public CVE's I have been working on.

6

GraphQLmap. GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

5

Research_Papers.

5

xsinator.com. XS-Leak Browser Test Suite

5

commonspeak. Content discovery wordlists generated using BigQuery

4

gtfo. gtfobin checker

4

sudo-cve-2019-18634. Proof of Concept for CVE-2019-18634

4

SUID3NUM. A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)

3

CVE-2021-3493. Ubuntu OverlayFS Local Privesc

3

dompdf-rce. RCE exploit for dompdf

2

impacket-examples-windows. The great impacket example scripts compiled for Windows

2