WPSploit
WPSploit is a repository designed for creating and/or porting specific exploits for WordPress using Metasploit as an exploitation tool. It currently contains 45 modules (15 exploits and 30 auxiliaries). For usage, download the modules to a directory, and refer to the official documentation of Metasploit for loading external modules. All modules are based on the WPScan Vulnerability Database (WPVDB). For contributions, fork the repository, create a new feature branch, commit changes, and create a new pull request. Questions and suggestions can be sent to robertoespreto[at]gmail.com.
FEATURES
ALTERNATIVES
Alpha release of External C2 framework for Cobalt Strike with enhanced data channels.
AzureC2Relay enhances security by validating and relaying Cobalt Strike beacon traffic through Azure Functions.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.
A list of useful payloads and bypasses for Web Application Security.
Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.
FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.
A script to enumerate Google Storage buckets and determine access and privilege escalation
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.