I wrote this small PoC after bumping into SMB servers where Hydra, Nmap, Medusa and CrackMapExec all failed to discover valid credentials correctly.
The script uses the official Python library from the Samba project, not Impacket, not PySMB.
You may find the library with a name like "samba-python3" in your package manager.
Usage: python brute_smb_share.py <ip_address> <share_name> <users_wordlist> <passwords_wordlist>
MIT Licence
Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT
This bug doesnโt exist on x86: Exploiting an ARM-only race condition How to exploit a double free and get a shell. "Use-After-Free for dummies" In thi
ProxyLogon Pre-Auth SSRF To Arbitrary File Write For Education and Research Usage: C:\python proxylogon.py mail.evil.corp
๐ Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a
CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074โฏan
vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen
AF-ShellHunter AF-ShellHunter: Auto shell lookup AF-ShellHunter its a script designed to automate the search of WebShell's in AF Team How to pip3 ins
BurpSuite Extension: Log4j RCE Scanner
Polkit-exploit - CVE-2021-3560 Privilege escalation with polkit - CVE-2021-3560 Summary CVE-2021-3560 is an authentication bypass on polkit, which all
๐ Discovery Header DoD Bug-Bounty Did you know that DoD accepts server headers? ๐ฒ (example: apache"version" , php"version") ? In this code it is pos
CVE-2021-44228 Log4Shell Proof of Concept (CVE-2021-44228) Make sure to use Java 8 JDK. Java 8 Download Images Credits Casey Dunham - Java Reverse She
CAM-HACK CC CAMERA HACKING TOOL Installation On Termux $ apt update
pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this
Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re
Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos
AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.
GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __
Python open-source keylogger Language Python open-source keylogger using pynput module Using Install dependences in archive setup.py or install.sh in
CVE-2022-23967 In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbprot
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
22 Dec 04, 2022
1.2k Dec 25, 2022
87 Dec 13, 2022
23 Nov 09, 2022
4 Sep 23, 2022
34 May 13, 2022
1 Dec 16, 2021
95 Dec 27, 2022
38 Aug 09, 2022
3 Jul 23, 2022
10 Sep 25, 2022
181 Jan 02, 2023
91 Dec 29, 2022
30 May 17, 2022
14 Dec 23, 2022
352 Jan 02, 2023
4 Jan 15, 2022
15 Jul 11, 2022
29 Dec 04, 2022