https://github.com/t3l3machus/t3l3machus
https://github.com/t3l3machus/t3l3machus
Last synced: 1 day ago
JSON representation
- Host: GitHub
- URL: https://github.com/t3l3machus/t3l3machus
- Owner: t3l3machus
- Created: 2022-06-21T10:52:35.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2025-01-11T09:58:28.000Z (5 months ago)
- Last Synced: 2025-01-11T10:36:38.335Z (5 months ago)
- Size: 50.8 KB
- Stars: 25
- Watchers: 3
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
### Connect with me / Support:
Hi, I'm t3l3machus, Penetration Tester & Cybersec Researcher from Athens, Greece 🇬🇷, currently living in Poland 🇵🇱.
Check out my channel on YouTube! -> [HaxorTechTones](https://www.youtube.com/@HaxorTechTones)
### Projects & Contributions:
:boom: Offensive Security Tools
Project
Short Description
Stars
Forks
Villain
A C2 backdoor generator and multi-session handler.
toxssin
An XSS exploitation command-line interface.
hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s)
protocol to establish a beacon-like reverse shell.
psudohash
A password list generator based on keywords mutated by commonly used patterns and more.
PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts.
ACEshark
ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminating the need for tools like accesschk.exe or other non-native binaries.
kcbrute
Basic brute-force script targeting the standard Keycloak Admin/User Console browser login flow.
eviltree
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
wwwtree
A utility for quickly and easily locating, web hosting and transferring resources during PrivEsc.
CVE-2023-22960
PoC for CVE-2023-22960 (Brute-force prevention mechanism bypass for Lexmark devices' web interface).
Synergy Httpx
A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
BabelStrike
Performs Romanization and name-to-usernames convertion of full name lists.
pentest-pivoting
A network pivoting guide for pentests / CTFs.
:octocat: Contributions
Project
Short Description
Contribution
nuclei-templates
Templates are the core of the nuclei scanner which powers the actual scanning engine.
Templates contributed: CVE-2024-2340, sap-public-admin, chirpstack-default-login
reverse-shell-generator (revshells.com)
Hosted Reverse Shell generator with a ton of functionality.
Added HoaxShell and front-end style improvements.
Cadiclus
Privilege Escalation Tool for Linux Systems that use PowerShell.
Added the Invoke-CredentialHunting module.
🌀 CVEs
CVE
Short Description
References
CVE-2023-22960
Lexmark devices have a feature that protects against local account credential brute-force guessing attacks by temporarily locking out an account for an amount of time after a number of unsuccessful login attempts. This vulnerability bypasses the brute-force protection, allowing unrestricted attempts to guess a local account's credentials. Works for PIN-based authentication as well.
CVE-2023-22960 Publication
âš¡ Other Tools, Guides, etc
Project
Short Description
Stars
Forks
ssh-log-alert
Receive email alerts on successful ssh logins (mailgun).
gmail-ssh-log-alert
Receive email alerts on successful ssh logins (gmail).
cybersec-service-metrics
A spreadsheet designed to automatically generate Key Performance Indicators
for Cyber Security Services based on documented data. Ideal for Team leaders / Managers of small-medium sized organizations.
Awesome-AI
A list of awesome AI resources around the internet.
OWASP-Testing-Guide-Checklist
OWASP based Web Application Security Testing Checklist.
