ethical-hacking

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

The Python Code Tutorials

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Complete Listing and Usage of Tools used for Ethical Hacking

Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

Pentesting Using Android

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

A Network Packet Sniffing tool developed in Python 3.

Vagrant VirtualBox environment for conducting an internal network penetration test

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

OSINT-SAN Framework дает возможность быстро находить информацию и деанонимизировать пользователей сети интернет.

The most powerful CRLF injection (HTTP Response Splitting) scanner.

Work in progress...

These are my checklists which I use during my hunting.

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.

PHP shells that work on Linux OS, macOS, and Windows OS.

Penetration testing utility and antivirus assessment tool.

PowerShell scripts for communicating with a remote host.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.