lowsecurity777 Goto Github PK

aclpwn.py

Active Directory ACL exploitation with BloodHound

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

apache-rootkit

A malicious Apache module with rootkit functionality

apachetomcatscanner

A python script to scan for Apache Tomcat server vulnerabilities.

asyncrat-c-sharp

Open-Source Remote Administration Tool For Windows C# (RAT)

awesome-rce-techniques

Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

blackhat_usa2022

BLACKHAT USA2022 PDF Public

bug_bounty_writeups

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

commix

Automated All-in-One OS Command Injection Exploitation Tool.

cs-video-courses

List of Computer Science courses with video lectures.

ctf-bash-tools

Toolset for automating common management actions used in CTF's

cve-2021-4034

CVE-2021-4034 1day

cve-2021-4035

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

cve-2021-4154

CVE-2021-4154 exploit

cve-2022-33891

Apache Spark Shell Command Injection Vulnerability

cybersecurity-career-path

Cybersecurity Career Path

dorks-collections-list

List of Github repositories and articles with list of dorks for different search engines

ethernally

Your scrcpy companion for Android wireless screen mirroring

express-server-basic

flavortown

Various ways to execute shellcode

goofuzz

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

google-dorks

Useful Google Dorks for WebSecurity and Bug Bounty

grub-theme

:information_source: GRUB Themes with the theme from the anime The Quintessential Quintuplets, Fate Series, and VTuber Hoshimati Suisei :computer: :heart:

hoaxshell

An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.

howtohunt

Tutorials and Things to Do while Hunting Vulnerability.

impacket-easy-web-server

Impacket is a collection of Python classes for working with network protocols.

knock

Knock Subdomain Scan

linux-exploit-suggester

Linux privilege escalation auditing tool

linux-pam-backdoor

Linux PAM Backdoor