attacker

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.

🎯 SQL Injection Payload List

Kubernetes security notes and best practices

Bruteforce attack on Facebook account using python script

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

hacker, ready for more of our story ! 🚀

🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩

Authenticate against a MySQL server without knowing the cleartext password

Next Generation Remote Administration Tool (RAT)

Botnet targeting Windows machines written entirely in Python & open source security project.

🐝 DecoyMini•智能仿真与攻击诱捕工具是基于商业化蜜罐产品积累而推出的免费蜜罐工具。工具支持主流操作系统，安装使用简单，通过一键式导入云端仿真模板库就可以在用户网络快速部署多样化的虚假服务和应用；同时支持采用可视化仿真编排引擎通过界面配置即可实现对自定义的网络协议、服务或应用的仿真能力。通过部署虚假的服务和应用，吸引攻击者进行攻击，在虚假环境中对攻击者行为进行抓取和存储，基于对攻击者的行为分析来实现攻击预警、威胁分析和溯源取证；工具加入了云情报分享激励计划，通过情报和仿真模板的分享用户还可以获得丰厚的奖励。

👨‍💻🕵🏻👩‍💻 Analyze user behavior against fake access points📡

SIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.

This program allow you to extract some features from pcap files.

Facebrute is an advance facebook Bruteforce script made in python language. Just provide username & wordlist and this script is going to try all passwords with returning responses as well. It uses python-requests with tor stem controller that changes its Public IP on every attempt as facebook block IP that try 20 attempts at once.

OS Command Injection Vulnerability Payload List

CloudHound is a cloudflare bypass tool which is using several methods such as DNS history Checkup, Cross-Site port Attack and etc to detect original Server's IP

Attacker can use the scripts to gain reverse shell of a target's machine.

Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.

Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attaches and mounts the EBS volume to an EC2 instance. Finally, attacker can ssh into an EC2 instance and inspect a mounted volume "/usr/src/hack".

Offensive Terraform module which creates RDS database from a publicly exposed RDS snapshot in attacker's AWS account. After that, attacker can connect to RDS database and inspect it.

this is an offensive security tool

Cross Site Scripting ( XSS ) Vulnerability Payload List

Automate the creation of Backdoors and postexplotation activities

白帽SEO是一种精神！

Mikrotik 0day Credential Disclosure Scanner

This script sends forged ARP packages on a local network in order to impersonate a host and receive victim's internet traffic

A DHCP starvation tool written in python