Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name. Although Pass2Pwn does not have the capacity to generate as many passwords as other tools, I have attempted to implement a mechanism that generates passwords using the most common password pattern that we notice in general, which is correlated to the organization name.
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
Bitpass Password Generator Installation Make sure Python 3+ is installed
Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service
Hi there,
There is a Path Traversal vulnerability in this project, through the input word/words. Yes, path traversal is intended for the filename input since it depends on the user on where the file should be saved and how, however, I guess it isn't intended for the word/words input too.
For example, if I give input as "../nice" for "Word/s" and go with the default file name, then the password list generated is totally fine, however there is no proper sanitization to avoid dot-dot-slash (or simply slash) to prevent path traversal through the word/words input.
Note: Path traversal through filename input mayn't count as a vulnerability, since that's the file path decided by the user. But, this isn't the focus of this issue I am opening up, and instead this is about the word/words input.
If I give input as "../nice" for "Word/s", then the default file name prefix should be one of these: "nice", ".._nice", "..nice".
I am opening up a Pull Request alongside this Issue, where I have implemented a fix for the issue. I hope you would check that out after going through this issue.
Thanks, @TheBinitGhimire
bugThis is a beta version with numerous flaws and no error handling; but, if you like my concept, please don't hesitate to help me improving this tool.
Source code(tar.gz)brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
Re-Scripts IA32-VMX-Helper (IDA-Script) IA32-MSR-Decoder (IDA-Script) IA32 VMX Helper It's an IDA script (Updated IA32 MSR Decoder) which helps you to
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol
CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106
KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for
snowflake-cli Snowflake is a system to defeat internet censorship, made by Tor Project. The system works by volunteers who run the snowflake extension
💣 Bomb Crypto Bot 💣 ⚠️ Warning I am not responsible for any penalties incurred by those who use the bot, use it at your own risk. 📄 Documentation -
About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202
tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可 0x01 hscan介绍 hscan是什么 hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsear
f-mbf Fuck - Multi Brute Force 🚶♂ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2
GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.
BurpParamFlagger A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF
Web Headers Security Scanner
Monty Hall Problem Simulation monty_hall_sim is a brute-force method of determining the optimal strategy for the Monty Hall Problem. Usage Set boolean
QHack 2022 Problems from Coding Challenges 2022. Rules and how it works To test
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.
Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.
CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la
✭ SAKERA CRACK Made With ❤️ By Denventa, Araya, Dapunta Author: - Denventa - Araya Dev - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Cookies ⇨ Ins
1 Dec 26, 2021
6 Feb 2, 2022
1 Jan 1, 2022
1 Jan 10, 2022
2 Feb 14, 2022
2 Nov 10, 2022
368 Jan 4, 2023
7 Jul 14, 2022
3 Nov 23, 2022
3 Feb 21, 2022
16 Oct 08, 2022
1 Jan 13, 2022
25 Nov 09, 2022
35 Oct 25, 2022
6 Jul 14, 2022
4 Apr 27, 2022
500 Jan 06, 2023
102 Jan 04, 2023
1 Dec 03, 2021
352 Jan 02, 2023
2 Aug 03, 2022
118 Nov 07, 2022
3 Dec 16, 2022
1 Aug 29, 2022
1 Feb 14, 2022
17 Sep 25, 2022
3 Feb 07, 2022
20 Aug 25, 2022
26 Jan 01, 2023