Skip to content

@synacktiv Synacktiv

Change the repository type filter

All

    Repositories list

    89 repositories

    • ROADtools

      Public
      Python
      MIT License
      0000Updated Feb 28, 2025Feb 28, 2025

    • captaincredz

      Public
      CaptainCredz is a modular and discreet password-spraying tool.
      Python
      68800Updated Feb 28, 2025Feb 28, 2025

    • shh

      Public
      Systemd Hardening Helper - Mirror of https://github.com/desbma/shh
      Rust
      GNU General Public License v3.0
      111510Updated Feb 24, 2025Feb 24, 2025

    • adb_client

      Public
      Rust ADB client - Mirror of https://github.com/cocool97/adb_client
      Rust
      MIT License
      42110Updated Feb 20, 2025Feb 20, 2025

    • CVE-2023-42791_CVE-2024-23666

      Public
      Exploitations scripts for CVE-2023-42791 and CVE-2024-23666.
      Python
      0600Updated Feb 12, 2025Feb 12, 2025

    • synacktiv-rules

      Public
      Public repository of Sigma and YARA rules created by Synacktiv
      Other
      0100Updated Feb 12, 2025Feb 12, 2025

    • Prox-Ez

      Public
      Python
      88600Updated Feb 11, 2025Feb 11, 2025

    • nord-stream

      Public
      Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.
      githubgitlabgitlab-cici-cdcicdazuredevops
      Python
      GNU General Public License v3.0
      1627200Updated Feb 6, 2025Feb 6, 2025

    • IPSpinner

      Public
      IPSpinner works as a local proxy that redirects requests through external services.
      Go
      33100Updated Jan 22, 2025Jan 22, 2025

    • octoscan

      Public
      Octoscan is a static vulnerability scanner for GitHub action workflows.
      githubexploitvulnerabilitycicdgithub-actions
      Go
      GNU General Public License v3.0
      1219433Updated Jan 21, 2025Jan 21, 2025

    • CVE-2024-43468

      Public
      Python
      118100Updated Jan 16, 2025Jan 16, 2025

    • QLinspector

      Public
      Finding Java gadget chains with CodeQL
      CodeQL
      GNU General Public License v3.0
      2016710Updated Jan 14, 2025Jan 14, 2025

    • bbs

      Public
      bbs is a router for SOCKS and HTTP proxies. It exposes a SOCKS5 (or HTTP CONNECT) service and forwards incoming requests to proxies or chains of proxies based on the request's target. Routing can be configured with a PAC script (if built with PAC support), or through a JSON file.
      Go
      48300Updated Jan 9, 2025Jan 9, 2025

    • AADOutsider-py

      Public
      Python3 rewrite of AsOutsider features of AADInternals
      Python
      MIT License
      44000Updated Dec 20, 2024Dec 20, 2024

    • SCCMSecrets

      Public
      SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
      Python
      2119800Updated Dec 17, 2024Dec 17, 2024

    • DepFuzzer

      Public
      Python
      MIT License
      75711Updated Dec 17, 2024Dec 17, 2024

    • nmap-farewell

      Public
      Automated Network Security with Rust: Detecting and Blocking Port Scanners
      Rust
      GNU General Public License v3.0
      1100Updated Dec 6, 2024Dec 6, 2024

    • CVE-2023-32413

      Public
      Exploit code for CVE-2023-42914 / pwn2own Vancouver 2023
      C
      11100Updated Nov 22, 2024Nov 22, 2024

    • laravel-crypto-killer

      Public
      A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.
      Python
      MIT License
      23400Updated Nov 12, 2024Nov 12, 2024

    • GPOddity

      Public
      The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
      Python
      2227610Updated Nov 8, 2024Nov 8, 2024

    • action-octoscan

      Public
      📦 :octocat: A GitHub Action that performs a security scan of your GitHub Actions.
      githubsecurityscancicdgithub-actions
      Shell
      GNU General Public License v3.0
      12600Updated Oct 28, 2024Oct 28, 2024

    • eos

      Public
      Enemies Of Symfony - Debug mode Symfony looter
      Python
      Other
      5132901Updated Oct 18, 2024Oct 18, 2024

    • gh-hijack-runner

      Public
      A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.
      githubrunnercicdexploitationgithubactions
      Python
      42200Updated Oct 13, 2024Oct 13, 2024

    • CVE-2024-45409

      Public
      Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit
      Python
      147600Updated Oct 7, 2024Oct 7, 2024

    • krbrelayx

      Public
      Kerberos unconstrained delegation abuse toolkit
      Python
      MIT License
      180000Updated Oct 3, 2024Oct 3, 2024

    • garble

      Public
      Obfuscate Go builds
      Go
      BSD 3-Clause "New" or "Revised" License
      275000Updated Sep 25, 2024Sep 25, 2024

    • kcmdump

      Public
      Dump Kerberos tickets from the KCM database of SSSD
      Python
      54900Updated Sep 8, 2024Sep 8, 2024

    • veeam-velociraptor

      Public
      Proof-of-concept Velociraptor artifacts pack to showcase a remote Veeam forensics pipeline.
      GNU Affero General Public License v3.0
      0000Updated Aug 27, 2024Aug 27, 2024

    • hexalocker-analysis

      Public
      HexaLocker ransomware analysis
      YARA
      GNU Affero General Public License v3.0
      0300Updated Aug 23, 2024Aug 23, 2024

    • ntdissector

      Public
      Python
      Other
      1613845Updated Aug 16, 2024Aug 16, 2024