inosec2 Goto Github PK
Type: User
Bio: This account is a bookmark repo.
Type: User
Bio: This account is a bookmark repo.
This repo covers some code execution and AV Evasion methods for Macros in Office documents
Tricks the target into enabling content (macros) with fake messages. Once enabled, uses macros to reduce the risk of suspision from target user via verious methods.
Scan Victim Backup Directories & Backup Files
🙃 A delightful community-driven (with 1800+ contributors) framework for managing your zsh configuration. Includes nearly 300 optional plugins (rails, git, OSX, hub, docker, homebrew, node, php, python, etc), over 140 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
Fetch the details of assets hosted on AWS.
OnionScan is a free and open source tool for investigating the Dark Web.
🎯 Open Redirect Payload List
Operator Mono Fonts
Collection of Beacon Object Files (BOF) for Cobalt Strike
:orange_book: OSCP Exam Report Template in Markdown
Markdown reporting templates and Pandoc styling references to generate sleek reports for OSCP/PWK with little effort.
Mind maps / flow charts to help with privilege escalation on the OSCP.
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Collections of tools and methods created to aid in OSINT collection
OSWE Preparation
offensive notes & resources
A tool for embedding XXE/XML exploits into different filetypes
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Heuristic Vulnerable Parameter Scanner
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
.NET assembly loader with patchless AMSI and ETW bypass
Helping to automate payload development, testing, Opsec checking, beacon tasking, and deployment for Cobalt Strike
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
some of my personal settings like zsh
Modified version of PEAS client for offensive operations
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.