This is your work, valued

Melbourne, Australia

initstring

Elite
@initstring

Hacker.

cloud_enum. Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

2.1k

linkedin2username. OSINT Tool: Generate username lists for companies on LinkedIn

1.8k

passphrase-wordlist. Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

1.4k

dirty_sock. Linux privilege escalation exploit via snapd (CVE-2019-7304)

683

evil-ssdp. Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

443

uptux. Linux privilege escalation checks (systemd, dbus, socket fun, etc)

300

pentest-methodology. Short checklists for penetration testing methodology

199

lxd_root. Linux privilege escalation via LXD

143

lyricpass. Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

101

pentest-tools. General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

91

RTAP. Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams

34

switcheroo. Universal LAN-based SSRF Attack Primitive

19

pyshell. Simple netcat-like binary for Windows, created with python and py2exe.

13

SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

11

abrt_root. Privilege escalation in Fedora Linux via ABRT (Automatic Bug Reporting Tool): CVE-2025-12744

7

urban-dictionary-word-list. Script and sample dataset of all urban dictionary entry names (around 1.4 million total)

5

MemPG. Memorable Passphrase Generator - create secure random passphrases that sound like sentences

4

attack-flow. Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

3

gitrob. Reconnaissance tool for GitHub organizations

2

metasploit-framework. Metasploit Framework

2

nuclei-templates. Community curated list of templates for the nuclei engine to find security vulnerabilities.

1

dhcp4. DHCP4 library written in Go.

1

andrankEnum. Tool to get the top android apps for bug bounty purpose

1

PiHoleBlocklist. PiHole and AGH Blocklists

1