Between Lines

Askar

Elite
@mhaskar

I write codes that break codes, Hacker wannabe.

Octopus. Open source pre-operation C2 server based on python and powershell

764

DNSStager. Hide your payload in DNS

621

RCEScanner. Simple python script to extract unsafe functions from php projects

197

ExchangeFinder. Find Microsoft Exchange instance for a given domain and identify the exact version

190

XMLDecoder-payload-generator. A simple python script to generate XML payloads works for XMLDecoder based on ProcessBuilder and Runtime exec

149

Bughound. Static code analysis tool based on Elasticsearch

130

Shellcode-In-Memory-Decoder. A simple C implementation to decoded your shellcode and writes it directly to memory

98

CVE-2020-8813. The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813

67

shellcode-process-injection. Simple C implementation to perform shellcode process injection via win32 APIs

63

XSSRadare. A Cross Site Scripting scanner using selenium webdriver

55

Blinder. A python library to automate time-based blind SQL injection

50

DNSKeyGen. A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.

40

MalleableC2-Profiles. A collection of Cobalt Strike Malleable C2 profiles

36

Octopus-C2-RedTeam-infrastructure-automation. Python

22

CVE-2020-12078. The official exploit for Open-AudIT v3.3.1 Remote Code Execution CVE-2020-12078

18

CVE-2020-14947. The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947

17

CVE-2019-20224. The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224

14

CVE-2019-16662. The official exploit for rConfig 3.9.2 Pre-auth Remote Code Execution CVE-2019-16662

13

HTTPFuzzer. HTTPFuzzer is a simple python script to perform multiple fuzzing techniques for HTTP protocol

13

CVE-2019-13024. The official exploit code for Centreon v19.04 Remote Code Execution CVE-2019-13024

11

Linux-Root-Kit. Simple Linux RootKit written in python

10

CVE-2024-11320. Exploit for Pandora FMS Remote Code Execution CVE-2024-11320

9

CVE-2018-20434. The official exploit code for LibreNMS v1.46 Remote Code Execution CVE-2018-20434

9

CVE-2019-15029. The official exploit code for FusionPBX v4.4.8 Remote Code Execution CVE-2019-15029

8

CVE-2023-0315. The official exploit for Froxlor Remote Code Execution CVE-2023-0315

7

JinjaPwn. Web-based tool to generate and validate Malicious Jinja2 expression to use in offensive operations

7

CVE-2019-16663. The official exploit for rConfig 3.9.2 Post-auth Remote Code Execution CVE-2019-16663

6

Dr0p1t-Framework. A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

5

BlindSQLinjectionExploit. Python

5

powershell-extractor-elasticsearch. Python script to extract powershell scrips from elasticsearch based on windows event "4104"

4

wifi-jammer. Python automated wifi jammer

3

JiraLab. Docker-based lab to run multiple jira instances for security researchers

3

shellcodes. C

3

MicrosoftDCFTokenRequester. Simple and lazy script to request tokens from Microsoft using Device Code Flow

3

APT-Hunter. APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

3

PowerShell. Useful PowerShell scripts

3

CVE-2019-11510. Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

3

GitTools. A repository with 3 tools for pwn'ing websites with .git repositories available

3

impacket. Impacket is a collection of Python classes for working with network protocols.

2

Internet-Programming. HTML

2

auto_sniffer. Python

2

Stuff. Python

2

centreon. Centreon is a network, system, applicative supervision and monitoring tool

2

linuxprivchecker. linuxprivchecker.py -- a Linux Privilege Escalation Check Script

2

Fingerprinter. CMS/LMS/Library etc Versions Fingerprinter

2

stem_finder. Python

1

python_Backdoor. Python

1

sqlmap-tamper-api. Allow SQLMap tamper to accept tamper scripts from all languages

1

shields. Concise, consistent, and legible badges in SVG and raster format

1

BOF_Collection. Various Cobalt Strike BOFs

1
50
Apply