git-rotate. Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking
152CCTV-v380-pro. Research on v380 Pro CCTV IP Camera
120entraspray. Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)
70phishsticks. A framework for OAuth 2.0 device code authentication grant flow phishing
47CVE-2020-5902. Python script to exploit F5 Big-IP CVE-2020-5902
36adfspray. ADFS Brute-Force Login Script
11devicecode_phishing. OAuth Device Code Authorization Phishing Script
11gophish-notifications. A webhook server to send email notifications when a target has submitted credentials to a Gophish landing page.
5recon. Bash shell script to perform domain recon using various tools
4evilginx3-phishlets.
4evilginx2. Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
4Kawaiicon-Box-CTF-2019. Box challenge for Kawaiicon 2019
3Secret-Santa-for-Hackers. Python
3mct-to-mfd. Convert .mct file format to .mfd - which can be uploaded to Chameleon Mini
2jwt_tool. :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
2redirect.rules. Quick and dirty dynamic redirect.rules generator
2dunderhay.github.io. HTML
1access-control. A reference of the different types of access control card readers and which countries they're commonly found in
1dump. PowerShell
1RFID-Field-Detector. Open source PCB the size of a credit card that is capable of detecting the field generated by a RFID reader and identify if it is a LF(125kHz) or HF/NFC(13.56MHz) reader.
1