̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿
ntlmrelayx-prettyloot. Convert the loot directory of ntlmrelayx into an enum4linux like output
22DllInjectExec. :syringe: Dll injection for executable file :syringe:
17CVE-2018-19276. CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE
16HallOfFame-Root-me.org. :skull: Root-me Hall Of Fame dashboard :skull:
14Slanger-RCE. RCE in Slanger using deserialization of Ruby objects
11The-Hacker-Recipes. This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.
10ropycat. Scripts that allow you to copy/past text into another Windows process to bypass Citrix copy/paste limitation
10discourse-cookie-token-domain. :cookie: Allow to setup cookie token to authenticate user :cookie:
8CVE-2018-3760. Rails Asset Pipeline Directory Traversal Vulnerability
8CVE-2019-9978. CVE-2019-9978 - RCE on a Wordpress plugin: Social Warfare < 3.5.3
8ShareP0wn. ShareP0wn
6CVE-2018-11686. CVE-2018-11686 - FlexPaper PHP Publish Service RCE <= 2.3.6
6AChat-Reverse-TCP-Exploit. Tested on AChat 0.150 Beta 7 Windows 7/8/10 x86/x64
5copper-jekyll-theme. Copper Jekyll theme - simple and useful
5DllInjectService. :syringe: Dll ready to be injected into a service :syringe:
5YTC-ID. :pushpin: Get the YouTube channel ID ! :pushpin:
4docker_dashboard. Python
4InternalAllTheThings. Active Directory and Internal Pentest Cheatsheets
4PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
3pywerview. A (partial) Python3 rewriting of PowerSploit's PowerView
2impacket. Impacket is a collection of Python classes for working with network protocols.
2impacket-cme. Python
2BloodHound. Six Degrees of Domain Admin
1Invoke-MetasploitPayload. Powershell script to download and kick off Metasploit payloads. Relies on the exploit/multi/scripts/web_delivery metasploit module.
1pingcastle. PingCastle - Get Active Directory Security at 80% in 20% of the time
1Invoke-Vnc. Powershell VNC injector
1Guardian. A simple script that watch for unusual tcp/http/ssh activity and ban ip via routing
1dploot. DPAPI looting remotely in Python
1Enum4LinuxPy. Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
1Exegol-images. Docker images of the Exegol project
1SharpGPOAbuse. SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
1serviceDetector. Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
1PingCastle-Notify. Send the result of a PingCastle scan into Slack and highlight the rule diff between two scans
1swindle. Swindle is a project for YouTube Network
1