A simple JSON parser and that acts like jq and can be used in the browser. ALL processing is done client side using JavaScript. No data is sent to any server nor stored in local or session storage...

Tool for generating a word list of password candidates based off of a seed word. The output list can be used as a word list in tools like hashcat with rules to crack hashes. All processing is done...

In this post we’ll look at how to bulk mark users are owned when using Bloodhound. An example scenario would be you have done a password spray (or password audit) and found the password to a large...

Useful Rust snippets and example code for commonly used patterns and features.

In this post we’ll look at how to use magic numbers to create a perfect hash function for a set of Key Value pairs with Integer keys that is known a ahead of time. We’ll assume that we are using 6...

Dump Keys (check for default keys): Sometimes not all keys will be retrieved even if they are all default. Running the command again may be required. hf mf chk hf mf fchk Either command shou...

Get Card Info - General Low Frequency (LF - 125 KHz) High Frequency (HF - 13.56 MHz) Working with Specific Cards EM4100 HID 125 KHz T5577 MIF...

This guide can be used when the goal is to modify the source code of the resource JARs used by a Java application that is launched via a JNLP file. The below guide assumes the application uses HTT...

Collection of different things to try when attempting to breakout of a Windows environment such as Citrix, AWS AppStream, CyberArk PSM, etc. General Tips & Ideas Dialogs He...

Collection of tools, techniques, and payloads for external information gathering when performing an external security assessment. Subdomain Discovery & Enumeration Find Certifica...

General encoder (and decoder) that can be used for various common encoding methods. Currently included decoding functions: Base64 HEX URL HTML ROT-N (1-25) Atbash String Reversal ...

This page contains information and commands about viewing and clearing the DNS and ARP caches on Windows computers, as well as the hosts file. Hosts File DNS Cache (CMD) View DNS C...

This post contains recommendation summaries for password security and cryptographic topics including password complexity & storage, hash functions, symmetric & asymmetric encryption, MACs, ...

This tool generates a list of sequential payloads starting and ending at the specified numbers. These values can be arbitrarily large and outputted as integers, HEX values, or base64 encoded string...

This is a tool for breaking the encryption of messages that have been XOR encrypted using a repeated key. This method uses statistics (letter frequencies and use of common words, bigrams, and trigr...