Soufiane Tahiri's Projects
A list of resources for those interested in getting started in bug bounties
Cheat sheet and notes inspired by the book RTFM - Red Team Field Manual
ScareCrow - Payload creation framework designed around EDR bypass.
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
Repository of SentinelOne Deep Visibility queries.
Cracked ShadowBrokers tools and latested dumbs 😎 lol
My musings with C#
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
A list of shodan filters
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)
🎯 SQL Injection Payload List
sqlmap cheat sheet
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
zeus-style banking trojan
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Tweets metadata scraper & activity analyzer
HTTP file upload scanner for Burp Proxy
This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.
Another OSINT tool
Hive solves a critical problem for the malware operators at the CIA.
Advanced vulnerability scanning with Nmap NSE
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1
WP Logical - A Windows Phone 8.1 Contacts and Appointments logical acquisition tool
Ultimate Cross Site Scripting Attack Cheat Sheet
XSSRecon - Reflected XSS Scanner
Electron JS Browser To Find XSS Vulnerabilities Automatically