Pinned Loading

1. JS-Tap JS-Tap Public

   JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom Java…

   JavaScript 419 43

2. WP-XSS-Admin-Funcs WP-XSS-Admin-Funcs Public

   JavaScript functions intended to be used as an XSS payload against a WordPress admin account.

   JavaScript 57 11

3. DragonHash DragonHash Public

   Demo code JavaScript POC that tricks user into sending Windows hash to responder

   HTML 36 4

4. Top-Port-Slicer Top-Port-Slicer Public

   Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma separated list you can copy into -p arg for nmap or masscan

   Python 18 3

5. ENNEoS ENNEoS Public

   Evolutionary Neural Network Encoder of Shenanigans. Obfuscating shellcode with an encoder that uses genetic algorithms to evolve neural networks to contain and output the shellcode on demand.

   C++ 24 9

6. ColonelClustered ColonelClustered Public

   A Java Burp Plugin that performs text clustering on responses to identify outliers/groups based on the actual content of the server responses, say from an Intruder run.

   Java