MrTuxx
Follow
Stars
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
Deserialization payload generator for a variety of .NET formatters
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Real fucking shellcode encryptor & obfuscator tool
OSINT Tool for Finding Passwords of Compromised Email Addresses
Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
A curated list of free courses with certifications. Also available at https://free-certifications.com/
RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
「🔑」A tool used to hunt down API key leaks in JS files and pages
GO Simple Tunnel - a simple tunnel written in golang
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.
Collection of PoC and offensive techniques used by the BlackArrow Red Team
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
A tool to create a JScript file which loads a .NET v2 assembly from memory.
A curated list of amazingly awesome Burp Extensions
Red Team Cheatsheet in constant expansion.