Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name. Although Pass2Pwn does not have the capacity to generate as many passwords as other tools, I have attempted to implement a mechanism that generates passwords using the most common password pattern that we notice in general, which is correlated to the organization name.
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
Bitpass Password Generator Installation Make sure Python 3+ is installed
Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
-Python-DNS-Lookup- โจ ๐ Python DNS Lookup โจ ๐ The Domain Name System (DNS) is
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service
Hi there,
There is a Path Traversal vulnerability in this project, through the input word/words. Yes, path traversal is intended for the filename input since it depends on the user on where the file should be saved and how, however, I guess it isn't intended for the word/words input too.
For example, if I give input as "../nice" for "Word/s" and go with the default file name, then the password list generated is totally fine, however there is no proper sanitization to avoid dot-dot-slash (or simply slash) to prevent path traversal through the word/words input.
Note: Path traversal through filename input mayn't count as a vulnerability, since that's the file path decided by the user. But, this isn't the focus of this issue I am opening up, and instead this is about the word/words input.
If I give input as "../nice" for "Word/s", then the default file name prefix should be one of these: "nice", ".._nice", "..nice".
I am opening up a Pull Request alongside this Issue, where I have implemented a fix for the issue. I hope you would check that out after going through this issue.
Thanks, @TheBinitGhimire
bugThis is a beta version with numerous flaws and no error handling; but, if you like my concept, please don't hesitate to help me improving this tool.
Source code(tar.gz)๐พ๐๐๐ ๐๐๐๐๐๐ ๐๐๐๐๐๐ - ๐ฝ๐ ๐ฒ๐๐๐ข๐๐๐๐๐ - ๐๐๐๐ ๐๐๐๐ - ๐๐๐๐๐๐ ๐ฟ๐ข๐๐๐๐ ๐ฟ๐๐๐๐๐๐ - ๐ฒ๐๐๐๐๐๐ ๐ฑ๐ข : ๐ฐ๐๐ ๐๐๐๐ - ๐ฒ๐๐๐ข๐ฟ๐๐๐ ๐ฒ๐๐ ๐ฝ๐๐ ๐ผ๐๐๐ ๐๐๐ ๐๐๐๐ ๐ฟ๐๐๐๐๐๐๐๐๐
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.
Chapter 1 - Security Set and export your default region: export AWS_REGION=us-east-1 Set your AWS ACCOUNT ID:: AWS_ACCOUNT_ID=$(aws sts get-caller-ide
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u
GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p
musig2-py Experimental musig2 python code, not for production use! This is just for testing things out. All public keys are encoded as 32 bytes, assum
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl
subDomainsBrute 1.4 A fast sub domain brute tool for pentesters. It works with P
dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig
CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to
Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional
LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r
๐ฅ PortScan-DNS Esta รฉ uma ferramenta simples de Port Scan + DNS by Hostname... ๐ป | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO ๐ป | Port
Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.
ๅคงๅฎๅ-ไฟกๆฏๆถ้ๅ่ตไบงๆขณ็ๅทฅๅ ท๏ผ็บข้ใ่้ใไผไธ็ป็ปๆถๆใๅญๅๅใWeb่ตไบงๆขณ็ใWebๆ็บน่ฏๅซใICON_Hash่ตไบงๅน้ ๏ผ
About This repo contains some malware analysis writeups i've created over time m
RonnieColemanYARAParser This script is named after Ronnie Coleman, and peforms bulk lifts on arbitary file features using YARA console logging. Requir
Quick WAF "paranoid" Doctor Evaluation WAFPARAN01D3 The Web Application Firewall Paranoia Level Test Tool. โ From alt3kx.github.io Introduction to Par
Apache OFBiz rmiๅๅบๅๅEXP(CVE-2021-26295) ็ฎๅไป ๆฏๆncๅผนshell ๅฐysoserial.jarๆพ็ฝฎๅจๅ็ฎๅฝไธ๏ผpy3่ฟ่ก๏ผๆ นๆฎๆ็คบ่พๅ ฅๆผๆดurl๏ผไฝ ็vpsๅฐๅๅ็ซฏๅฃ ็ฌฌไบๆฌกไฝฟ็จๅปบ่ฎฎๅ ้คexp.ot ๆฌๅทฅๅ ทไป ็จไบๅฎๅ จๆต่ฏ๏ผ็ฆๆญขๆชๆๆ้ๆณๆปๅป็ซ็น๏ผๅฆๅๅๆ่ช่ด
1 Dec 26, 2021
6 Feb 2, 2022
1 Jan 1, 2022
1 Jan 10, 2022
2 Feb 14, 2022
2 Nov 10, 2022
368 Jan 4, 2023
7 Jul 14, 2022
3 Nov 23, 2022
2 Oct 27, 2022
5 May 10, 2022
30 Nov 27, 2022
589 Dec 30, 2022
33 Nov 27, 2022
72 Jan 01, 2023
14 Jul 08, 2022
5 Nov 23, 2021
2 Oct 18, 2022
112 Nov 25, 2022
164 Dec 10, 2022
32 Jan 02, 2023
315 Dec 18, 2022
7 Dec 08, 2022
3 Feb 07, 2022
835 Jan 05, 2023
14 Jun 22, 2022
20 Dec 13, 2022
22 Jul 25, 2022
15 Nov 09, 2022