Joe Helle

Elite
@dievus

Also known as the Mayor

Oh365UserFinder. Python3 o365 User Enumeration Tool

575

PowerShellForPentesters. Course repository for PowerShell for Pentesters Course

439

threader3000. Multi-threaded Python Port Scanner with Nmap Integration

394

lnkbomb. Malicious shortcut generator for collecting NTLM hashes from insecure file shares.

363

msLDAPDump. LDAP enumeration tool implemented in Python3

224

printspoofer.

221

ADGenerator. Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.

219

msdorkdump. Google Dork File Finder

202

msImpersonate. msImpersonate - User account impersonation written in pure Python3

107

msdnsscan. MayorSec DNS Enumeration Tool

91

AWeSomeUserFinder. AWS IAM Username Enumerator and Password Spraying Tool in Python3

91

Python3-C2-Course-Code-Modules. Modules for my C2 course students to use for their own projects.

73

PowerShellRunner. PowerShell runner for executing malicious payloads in order to bypass Windows Defender.

71

GatekeeperLite. Lite version of my Gatekeeper backdoor for public use.

52

Active-Directory-Exploitation-Cheat-Sheet. A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

33

BadLister. Deny list generator for password filters

26

PythonCreateYourOwnSeries. Files for my Python3 Create Your Own Tool Series

25

Firefox-Dumper. Tool to transfer credential files from Firefox to your local machine to decrypt offline.

22

geeMailUserFinder. Python Gmail User Enumeration Tool

20

MayorbotC2. My attempt at weaponizing Discord.

18

Internal-Pentest-Playbook. Internal Network Penetration Test Playbook

17

msToolSet-Docker. Dockerized version of my most used tools.

10

helper. PowerShell

10

WinPwn. Automation for internal Windows Penetrationtest / AD-Security

9

bufferoverflow. Repository of Ruby related buffer overflow boilerplates

8

MayorSecPasswordGenerator. Simple Python tool that generates a pseudo-random password with numbers, letters, and special characters in accordance with password policy best practices.

6

Covenant. Covenant is a collaborative .NET C2 framework for red teamers.

6

msLHFSS. MayorSec Low Hanging Fruit Security Scanner

5

Minimalistic-offensive-security-tools. A repository of tools for pentesting of restricted and isolated environments.

5

toolsdirectory. PowerShell

5

atomic-red-team. Small and highly portable detection tests based on MITRE's ATT&CK.

4

CVE-2021-37832. CVE-2021-37832 - Hotel Druid 3.0.2 SQL Injection Vulnerability - 9.8 CVSS 3.1

4

Osmedeus. Fully automated offensive security framework for reconnaissance and vulnerability scanning

4

DigiSpark-Scripts. USB Rubber Ducky type scripts written for the DigiSpark.

4

GoPhish-Templates. GoPhish Templates that I have retired and/or templates I've recreated.

3

decider. A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

3

MayorSecWorkoutTracker. MayorSec Workout Tracker

3

cognito-identity-sa. Cognito Identity Situational Awareness and Exploitation

3

CVE-2020-28351. CVE-2020-28351 - Reflected Cross-Site Scripting attack in ShoreTel version 19.46.1802.0.

3

msesxicontroller. Python ESXi CLI Controller

2

LOLAPPS. LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.

2

Wordlists.

2

cloud_enum. Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

2

pingsweep. The first tool I wrote when I started Pentesting.

2

CVE-2021-37833. CVE 2021-37833 Hotel Druid 3.0.2 Reflected Cross Site Scripting

2

pretender. Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.

2

ms-s3-Enum. Public S3 Bucket Enumeration and Download Tool

1

Project_Plus. HTML

1

eaphammer. Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

1

InvisibilityCloak. Proof-of-concept obfuscation toolkit for C# post-exploitation tools

1

PMapper. A tool for quickly evaluating IAM permissions in AWS.

1

untitledgoosetool. Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

1
52
Apply