Pass2Pwn is a simple python3 tool created to assist penetration testers generate possible passwords for a targeted system based solely on the organization's name. Although Pass2Pwn does not have the capacity to generate as many passwords as other tools, I have attempted to implement a mechanism that generates passwords using the most common password pattern that we notice in general, which is correlated to the organization name.
FTP-exploits FTP-exploits is a tool which is used for Penetration Testing that can run many kinds of exploits on port 21(FTP) Commands and Exploits Ex
Bitpass Password Generator Installation Make sure Python 3+ is installed
Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat
PasswordGenerator Simple password generator: -Simplisitc Window Application -Allows Numbers, Symbols & letters upper and lowercase -Restricts rows of
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
MD5-CRACKER So this is my first app i created with python3 . if you guys downloa
Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
Cryptographied Password Manager This is a Cryptographied Password Manager, a tool for storing Passwords in a Secure way without using external Service
Hi there,
There is a Path Traversal vulnerability in this project, through the input word/words. Yes, path traversal is intended for the filename input since it depends on the user on where the file should be saved and how, however, I guess it isn't intended for the word/words input too.
For example, if I give input as "../nice" for "Word/s" and go with the default file name, then the password list generated is totally fine, however there is no proper sanitization to avoid dot-dot-slash (or simply slash) to prevent path traversal through the word/words input.
Note: Path traversal through filename input mayn't count as a vulnerability, since that's the file path decided by the user. But, this isn't the focus of this issue I am opening up, and instead this is about the word/words input.
If I give input as "../nice" for "Word/s", then the default file name prefix should be one of these: "nice", ".._nice", "..nice".
I am opening up a Pull Request alongside this Issue, where I have implemented a fix for the issue. I hope you would check that out after going through this issue.
Thanks, @TheBinitGhimire
bugThis is a beta version with numerous flaws and no error handling; but, if you like my concept, please don't hesitate to help me improving this tool.
Source code(tar.gz)PasswordManager is a command-line program that helps you manage your secret files like passwords. It's very minimalistic and easy to use.
Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex
Lots o' Bytes 🔣 Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo
IDA iBoot Loader IDA loader for Apple's iBoot, SecureROM and AVPBooter Installation Copy iboot-loader.py to the loaders folder in IDA directory. Credi
LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa
HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H
NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky
cve-2022-23131 cve-2022-23131 zabbix-saml-bypass-exp replace [zbx_signed_session
Mad Spammer 👿 Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
SonicWALL SSL-VPN Web Server Vulnerable Exploit
Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc
CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。
CHIRP A forensic collection tool written in Python. Watch the video overview 📝 Table of Contents 📝 Table of Contents 🧐 About 🏁 Getting Started Pre
A DOM-based G-Suite password sprayer and user enumerator
Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i
CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p
Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal
dnspooq DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) For educational purposes only Requirements Docker compo
1 Dec 26, 2021
6 Feb 2, 2022
1 Jan 1, 2022
1 Jan 10, 2022
2 Feb 14, 2022
2 Nov 10, 2022
368 Jan 4, 2023
7 Jul 14, 2022
3 Nov 23, 2022
3 Dec 30, 2021
172 Nov 17, 2022
1 Jan 13, 2022
74 Dec 23, 2022
4 Dec 14, 2021
10 Nov 10, 2022
123 Dec 19, 2022
6 Aug 02, 2022
135 Dec 14, 2022
1 Nov 26, 2021
68 Dec 12, 2022
44 Nov 15, 2022
35 Dec 12, 2022
23 Mar 18, 2021
1k Dec 09, 2022
1 Apr 07, 2022
170 Dec 11, 2022
6 Oct 10, 2022
50 Dec 26, 2022
80 Nov 28, 2022