cyber pharaoh to be
vulnerable-AD. Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
2.3ksam-the-admin. Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
1.1kPE-Linux. Linux Privilege Escalation Tool
187CVE-2024-32002. CVE-2024-32002 RCE PoC
109LightMe. HTTP Server serving obfuscated Powershell Scripts/Payloads
95metateta. Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit
84CVE-2018-6389. CVE-2018-6389 Exploit In WordPress DoS
82android-usb-pwn. simple script to pwn android phone with physical access
27redblock. RedBlock is an Nginx module designed for offensive security operations and red teaming. This module empowers security professionals to easily block all IPs associated with hosting and cloud infrastructure, as well as known sandbox environments.
24remote-adb-scan. pure python remote adb scanner + nmap scan module
23exchange-cves-scanner. Small tool to scan On-Premises Exchange servers, useful for analytical purposes and patch management
20acunetix-python. Acunetix Python API
13edge-hot-delivery. edge --> powerpoint --> remote-file --> shell
12HVNC-POC. HVNC using virtual desktop
11takeoverit. Simple And Fast Subdomain Take Over Checker
9nmap-output-analyzer. xml nmap output analyzer using python
5procinj-csharp. Process Injection techniques implemented in C#.
5Egyptian-national-identity. Egyptian national identity Generator for testing purposes
41-to-0. Privilege Escalation From 1 to 0 (Workshop Slides)
3github-repos-cve. Search CVE numbers in GitHub repos
2HideImports. C++
2cli-manager-mcp. A Model Context Protocol (MCP) server that provides tools for executing shell commands in the background and retrieving their results asynchronously. This server is designed for AI agents that need to run long-running or blocking commands without blocking the main thread.
1injection. C++
1