Stars
Execute commands interactively on remote Windows machines using the WinRM protocol
A Bash script for automated nuclei dast scanning by using passive urls
Burp Suite Certified Practitioner Exam Study
NextSploit is a command-line tool designed to detect and exploit CVE-2025-29927, a security flaw in Next.js
Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
mbrg / dontgo403
Forked from devploit/nomore403Tool to bypass 40X response codes.
PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
A python script to dump files and folders remotely from a Windows SMB share.
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
Scan for misconfigured S3 buckets across S3-compatible APIs!
A script to enumerate virtual hosts on a server.
Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
Simple php reverse shell implemented using binary .
Multi-threaded XMLRPC brute forcer using amplification attacks targeting WordPress installations prior to version 4.4.
Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)
LLM tool to find any potential vulnerabilities in android apps and deobfuscate android app code.