FRANCE

Alexandre ZANNI

Elite
@noraj

I'm a Cybersecurity engineer, security auditor, pentester and ethical hacker.

OSCP-Exam-Report-Template-Markdown. :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

4.2k

haiti. :key: Hash type identifier (CLI & lib)

988

flask-session-cookie-manager. :cookie: Flask Session Cookie Decoder/Encoder

773

rawsec-cybersecurity-inventory. An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.

341

BB-legal-FR. Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France

152

ctf-party. :triangular_flag_on_post: A CLI tool & library to enhance and speed up script/exploit writing with string conversion/manipulation.

91

Umbraco-RCE. Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution

79

ANDRAX-Mobile-Pentest-1. ANDRAX Advanced Penetration Testing Platform for Android Smartphones

75

pass-station. CLI & library to search for default credentials among thousands of Products / Vendors

56

firefox-extension-arch-search. A set of Web Extensions that adds ArchLinux (bug tracker, forum, packages, wiki, AUR) as a search engine to the Firefox browser.

54

the-hacking-trove. The hacker technical cheat sheet

50

miniss. Displays a list of open listening sockets. It is a minimal alternative to ss or netstat.

39

mkdocs-windmill-dark. Outstanding mkdocs theme with a focus on navigation and usability

38

refind-theme-regular. Shell

29

AWAE-OSWE.

28

vbsmin. VBScript minifier

25

tryhackme-writeups. Write-Ups for TryHackMe

24

unisec. Unicode Security Toolkit

22

DCDetector. Spot all domain controllers in a Microsoft Active Directory environment. Find computer name, FQDN, and IP address(es) of all DCs.

20

ADAssault. Dominate the Active Directory game. An Active Directory environments pentest tool complementary to existing ones like NetExec.

20

Bludit-auth-BF-bypass. Bludit <= 3.9.2 - Authentication Bruteforce Mitigation Bypass

15

PixelChart. Map binary data into a beautiful chart

15

PayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF

14

Pentest-collab-convert. Collection of scripts used to convert stuff from one penetration testing collaborative platform to another and facilitate the migration of solution

13

cybertopia-marp. 🎨 A dark theme for Marp / Marpit slides ecosystem with a custom highlight.js theme.

13

rabid. :cookie: A CLI tool and library allowing to simply decode all kind of BigIP cookies.

12

tls-map. CLI & library for TLS cipher suites manipulation

12

ctfd-theme-sigsegv2. SigSegv2 CTFd theme

11

Atmail-exploit-toolchain. AtMail Email Server Appliance 6.4 - Exploit toolchain (XSS > CSRF > RCE)

11

vrt-cli. A simple tool to visualize VRT (Vulnerability Rating Taxonomy) from the CLI.

11

hacktricks. Python

10

aspisec. Vacuuming out the remnants of offensive tools. AspiSec is responsible for removing the traces and confidential information left by offensive security tools on an auditor's computer in various cache and log files.

9

OpenEMR-RCE. OpenEMR <= 5.0.1 - (Authenticated) Remote Code Execution

8

awesome-pentest. A collection of awesome penetration testing resources, tools and other shiny things

8

fuelcms-rce. Fuel CMS 1.4 - Remote Code Execution

7

kh2hc. Convert OpenSSH known_hosts file hashed with HashKnownHosts to hashes crackable by Hashcat.

7

spaceship-current-netns. Current network namespace for Spaceship prompt

7

security.txt_stats. :bar_chart: Scripts used for the security.txt statistic study

7

cybertopia-highlightjs. 🎨 Dark theme (and several variants) for highlight.js

7

ffuf-scripts. Scripts to help with different ffuf tasks and workflows

6

XSS-classification-model. :speech_balloon: XSS classification model - Types of Cross-Site Scripting

6

tlrc-dracula. Dracula theme for tlrc

5

DefaultCreds-cheat-sheet. One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

5

OSCP-Prep. A list of the resources I use as I get ready for the exam

4

The-Hacker-Recipes. This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.

3

AD_Miner. AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

3

huxdemp. A better hexdump

3

Pinkerton. 🕵️ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python

3

breads. Breaking Active Directory Security with 🍞

2

mssqlrelay. Tool for MSSQL relay audit and abuse

2
50
Apply