zorroroot Goto Github PK

hackerone-reports

Top disclosed reports from HackerOne

hacking

🌐Collate and develop network security, Hackers technical documentation and tools, code.

hackthebox-exploits

Custom exploits that I made for Hack The Box machines!

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

hashcat-cheatsheet

Hashcat Cheatsheet for OSCP

hostilesubbruteforcer

howtohunt

Tutorials and Things to Do while Hunting Vulnerability.

httprobe

Take a list of domains and probe for working HTTP and HTTPS servers

iis6-exploit-2017-cve-2017-7269

iis6 exploit 2017 CVE-2017-7269

iis_exploit

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

ilspy

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

impacket

Impacket is a collection of Python classes for working with network protocols.

insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

intelowl

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

ioc

Threat Intel IoCs + bits and pieces of dark matter

iocs

Indicators from Unit 42 Public Reports

ipobfuscator

A simple tool to convert the IP to a DWORD IP

ivre

Network recon framework.

jmx-exploiter

A tool that helps you attacking unprotected JMX endpoints

jpexs-decompiler

JPEXS Free Flash Decompiler

jsparser

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

juicy-potato

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

jwt-cracker

Simple HS256 JWT token brute force cracker

jython

Python for the Java Platform

kerbrute

A tool to perform Kerberos pre-auth bruteforcing

kerbrute-1

An script to perform kerberos bruteforcing by using impacket

kingofbugbountytips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

kiterunner

Contextual Content Discovery Tool

knock

Knock Subdomain Scan