jahno Goto Github PK

cve-2022-29464

WSO2 RCE (CVE-2022-29464) exploit and writeup.

cve-2022-30075

Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075)

cybersecurity-career-path

Cybersecurity Career Path

cybersecurity-forensics

A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

cypher-rat-full

Cypher Rat Full Version - Advanced Android Remote Tool 2022

dcrat

A simple remote tool in C#.

defaultprojectnest

dns_enumerator

dnsreaper

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

drone-hacking-tool

Drone Hacking Tool is a GUI tool that works with a USB Wifi adapter and HackRF One for hacking drones.

faceboom

Faceboom - Social Engineering Application for Facebook

fbi-tools

🕵️ OSINT Tools for gathering information and actions forensic🕵️

find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

findbb

Check if domain has bug bounty program or not

forbidden

Bypass 4xx HTTP response status codes and more. Based on PycURL.

gecko

Gecko Backdoor Bypassed

ghunt

🕵️‍♂️ Offensive Google framework.

github-search

Tools to perform basic search on GitHub.

google-drive-upload

Bash scripts to upload files to google drive

hekatomb

Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.

herpaderping

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

hoaxshell

An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.

howtohunt

Tutorials and Things to Do while Hunting Vulnerability.

ipgeo

iscsicpl_bypassuac

UAC bypass for x64 Windows 7 - 11

jfrog-docker-desktop-extension

🐸 Scans any of your local Docker images for security vulnerabilities. 🐋

jndi-exploit-kit

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection）

jpgtomalware

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.

l3mon

L3MON - Remote Android Managment Suite

laracarte-jahno

Laracarte