Highlights
- Pro
Stars
Adversary Tactics - PowerShell Training
Android malware (.apk) can be spread through a fake PDF document by manipulating the file extension in the WhatsApp application. PoC is available in this repo
Friend.com but as an iOS shortcut. It's a bird based name because my day job is https://magpai.app
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
List of Directory Traversal/LFI Payloads Scraped from the Internet
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
Burp plugin able to find reflected XSS on page in real-time while browsing on site
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)
Community curated list of templates for the nuclei engine to find security vulnerabilities.


