The Best 817 Python Security related resources Libraries

Network-wide ad blocking via your own Linux hardware The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installi

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of m

Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding

CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection Usage usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell] CVE-2021-2

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

CVE-2021-3156 (Sudo Baron Samedit) This repository is CVE-2021-3156 exploit targeting Linux x64. For writeup, please visit https://datafarm-cybersecur

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but

Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹，也可针对IP/IP段或资产列表进行快速的指纹识别。

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

SARA - Simple Android Ransomware Attack Disclaimer The author is not responsible for any issues or damage caused by this program. Features User can cu

Kunyu(坤舆) - More efficient corporate asset collection English | 中文文档 0x00 Introduce Tool introduction Kunyu (kunyu), whose name is taken from , is act

LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r

Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals

Adding DCSync Permissions Mostly copypasta from https://github.com/tothi/rbcd-at

First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'

gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"

NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds.

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

MainCoon is an automated recon framework meant for gathering information during penetration testing of web applications.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)

mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the

ThePhish ThePhish is an automated phishing email analysis tool based on TheHive, Cortex and MISP. It is a web application written in Python 3 and base

passwnd Check for breached passwords with k-anonymity Usage To get prompted to enter the password securely, simply run: passwnd.py Alternatively, you

charlotte c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launche

laravel-exploits Exploit for CVE-2021-3129

Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.

cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

Broken Link Hijacker BrokenLinkHijacker(BLH) is a Fast Broken Link Hijacker Tool written in Python.

tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote cod

Password List Creator Simple !

0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集，旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率，目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块，现已支持以下信息的查询： ✅ 微步标签 ✅ I

RedlineSpam Python tool to spam Redline Infostealer panels with legit looking da

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

Mobile Verification Toolkit Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic

Dlint Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure. The most important thing I have done as a progra

GreedyBear The project goal is to extract data of the attacks detected by a TPOT or a cluster of them and to generate some feeds that can be used to p

evil-stalker How to run First of all, you must install the necessary libraries.

Oh365 User Finder Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to ident

MassDNS A high-performance DNS stub resolver MassDNS is a simple high-performance DNS stub resolver targeting those who seek to resolve a massive amou

fn22snesticle.py A script for producing a SNESticle ISO from a Fight Night Round 2 ISO and any SNES ROM. Background Fight Night Round 2 is a boxing ga

SARveillance Sentinel-1 SAR time series analysis for OSINT use. Description Generates a time lapse GIF of the Sentinel-1 satellite images for the loca

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

CVE-2022-21907 Description POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 creat

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We