BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combining pathgen.py and autobloody.py. This framework supports…
Ninjas workout is a Vulnerable NodeJS Web Application. Quick Start Download the Repo =>run npm i After Installing all dependency just run…
FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or…
Xolo is a tool to crawl, visualize and interact with SQL server links in a d3 graph to help in…
Dontgo403 is a tool to bypass 40X error. Installation git clone https://github.com/devploit/dontgo403; cd dontgo403; go get; go build Customization If…
VulnLab is a web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL InjectionCross Site Scripting (XSS)Command InjectionInsecure Direct Object References…
Http2Smugl tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1…
Whatfiles is a Linux utility that logs what files another program reads/writes/creates/deletes on your system. It traces any new processes…
Second-Order is a Scans web applications for second-order subdomain takeover by crawling the app, and collecting URLs (and other data)…
Mandiant-Azure-AD-Investigator repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity.…