edd13mora Goto Github PK

cloakquest3r

Uncover the true IP address of websites safeguarded by Cloudflare & Others

cmseek

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

codium-crypter-1.8.6

Codium Algorithm, We Provide Strong Encryption, And Stable Crypter, And Weekly-Daily Updates.

counter-osint-guide-en

Comprehensive Counter OSINT and privacy guide (initially for CIS countries)

crawpy

Yet another content discovery tool

csintruder

本项目包含CobaltStrike密码爆破、伪造上线以及DDos功能。其中伪造上线支持常见魔改版CS。This project includes CobaltStrike password blasting, fake online and DDos functions. Among them, fake online supports common secondary development version CS.

ctf-platform

CTF Platform where student participate and compete to solve capture the flag challenges and get higher in the scoarboard to win the competition

cve-2021-1675

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

cve-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

cve-2023-25690-poc

CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.

cve-2023-26067

Lexmark CVE-2023-26067

cve-2023-38831-winrar-expoit-simple-poc

CVE-2023-38831 winrar exploit generator and get reverse shell

cve-2023-4911

PoC for CVE-2023-4911

cve-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

cve-2024-37888

XSS PoC/Exploit for Open Link Plugin for CKEditor 4

cve-2024-4577

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

cve-2024-4885

Exploit for CVE-2024-4885

damp

The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification

defaultcreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

dirhunt

Find web directories without bruteforce

discord-rat-2.0

Discord Remote Administration Tool fully written in c#, stub size of ~75kb, over 40 post exploitations modules

docker-bloodhound

BloodHound Docker Ready to Use

domainalerting

Daily alert when a new domain name is registered and contains your keywords

dots-in-the-shadows

Exploring the unexpected vulnerabilities introduced by Gmail's dot feature, and its potential implications for digital security.

drupalwned

Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in Drupal CMS.

dumbledore

Simple Python Port Scanner

easy-exploits

Exploits of different CVE IDs (CVE-2021-37910, CVE-2021-40288, CVE-2021-41435, CVE-2021-41436, CVE-2021-41437, CVE-2021-41441, CVE-2021-41442, CVE-2021-41445, CVE-2021-41449, CVE-2021-41450, CVE-2021-41451, CVE-2021-41753, CVE-2021-41788, CVE-2021-46353, CVE-2022-41540, CVE-2022-41541)

edd13mora

emagnet

Emagnet is a tool for find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks. Support for brute forcing spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts

enum

Enumeration scripts for pentesting