Halim Jabbes's Projects
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
This is a P.O.C bitcoin stealer strictly for educational purposes written in C# purely ... Sole purpose is to detect the user's bitcoin wallet and change it to the malicious bitcoin wallet Quite basic so all trolls allowed.A (v3.5 compatible) .NET tool for stealing and importing certificates in the Windows certificate store without touching disk. Useful for red team operations where you need to poach a certificate for pivoting purposes and want to do so with an in-memory post-ex payload.
One rule to crack all passwords. or atleast we hope so.
Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.
Bypass AMSI by patching AmsiScanBuffer api memory
CVE-2021-41773 | CVE-2021-42013 Exploit Tool (Apache/2.4.49-2.4.50)
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PE loader with various shellcode injection techniques
To help you go through the pentesting phases and the tools each phase can have. Some pratical examples of the tools are present too.
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Windows internals and exploitation tricks
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
An open source ticket management & help desk solution. A freshdesk alternative
PeTeReport is an open-source application vulnerability reporting tool.
A tool for recovering server credentials from a pgadmin4 database
Phishlets for Evilginx2 (MITM proxy Framework)
Incredibly fast crawler designed for OSINT.
phpMyAdmin Authentication Bruteforce Tool
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
γπͺγLinux Backdoor based on ICMP protocol
Infinitely transfer between every device over pure HTTP with pipes or browsers
Image Payload Creating/Injecting tools
An easy tool to disable and enable windows defender protections
Leveraging CVE-2018-19788 without root shells
PoC for CVE-2022-26809, analisys and considerations are shown in the github.io.
Proof of Concepts of vulnerabilities discovered by me