Security related resources

Mobile & IOT Malware, Spyware, & Forensic Analysis Author: Jonathan Scott Twitter: @jonathandata1 Version 1.0 This repository contains methods, and to

open-source-web-scanners A list of open source web security scanners on GitHub. General Purpose Web Scanners Main Site Last Commit Committers Stars Ar

🅼🅰🅳🅴 🆆🅸🆃🅷 🅿 🆈🆃🅷🅾🅽 🆅 🅿 🅷🅸🆂🅷🅴🆁 [+] 𝕯𝖊𝖘𝖈𝖗𝖎𝖕𝖙𝖎𝖔𝖓 : Ultimate phishing tool ,A beginners friendly, Automated phishing tool

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Program Features - 📌 Hack all Android phones. - 📌 Failure to detect antivirus. - 📌 Superior encryption - 📌 Source provided - 📌 100 ٪ FUD - 📌 It

README This small script takes any decklist from an MTGO list and pulls all card images as jpg or png files into your directory. If you like this pr

Phishing Email Analysis Useful tools MX Lookup Online URL/Attachment Analysis Tools AnyRun Browserling Hybrid Analysis urlscan Reputation Check Virust

This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password database, that can encrypt, decrypt

Cuckoo 3 Cuckoo 3 is a Python 3 open source automated malware analysis system. For setup instructions, please refer to our documentation. This is a de

Hackerone Passive Recon Tool A passive-recon tool that parses through found assets and interacts with the Hackerone API. Setup Simply run setup.sh to

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Tenssens - OSINT Framework Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free

Discord-BotnetClient Embed C&C botnet into the discord client. Working trought websocket c&c server. How to use. pip3 install websocket_server colored

CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various Web applications. What is Clickjacking ? Clickjacking, also known as a

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. Crossing the Log4j Horizon - A Vulnerability With No Retu

3ds Ghidra Scripts These are ghidra scripts to help with 3ds reverse engineering. Features: Labels, comments (when inlined), and bookmarks svc use Lab

CVE-2021-42342 RCE

CVE-2021-45383 & CVE-2021-45384 There are several network-layer vulnerabilities in the official server of Minecraft: Bedrock Edition (aka Bedrock Serv

Ψ Information Gathering Through Link STILL TESTING About Psi Gets The Information About browser and Device of User. Get exact location and cam snap. H

Malware Arcane Repository of notes and scripts I use when doing malware analysis Qakbot Some scripts that can be useful when dealing with Qakbot fiddb

Lnkbomb Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon fi

Cowrie Welcome to the Cowrie GitHub repository This is the official repository for the Cowrie SSH and Telnet Honeypot effort. What is Cowrie Cowrie is

NOTE: For more recent development, check out Michel Oosterhof's fork Kippo Kippo is a medium interaction SSH honeypot designed to log brute force atta

ssh-audit ssh-audit is a tool for ssh server auditing. Features SSH1 and SSH2 protocol server support; grab banner, recognize device or software and o

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. Another Log4j on the fire: Unifi Why? Proof of c

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Lionel GILLES (a.k.a. Topotam) Source: https://twitter.com/topotam77/status/1475701014204461056 Expl

CVE-2021-44733: Fuzzing and exploitation of a use-after-free in the Linux kernel TEE subsystem Recently a use-after-free vulnerability was discovered

Linux Security and Monitoring Scripts These are a collection of security and monitoring scripts you can use to monitor your Linux installation for sec

Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release of the Log4Shell vulnerability (CVE-2021-44228), many tools were crea

LFI-Paradise Local File Inclusion Scanner and Exploiter Features 1- Scanner 2- Exploiter Exploiter Attack Vectors: 1- /proc/self/environ 2- /var/log/a

🐞 Log4Scan 🔧 Log4Shell 简单的主动和被动扫描脚本 Log4scan 针对header头和fuzz参数的主动批量扫描，用于大批量黑盒检测 先配置ceye信息 self.host = "" self.token = "" PassiveLog4Scan burp suite