aels

💭

No business. Everyone will die.

Lavander aels

💭

No business. Everyone will die.

151 followers · 244 following

Achievements

wso-ng Public

The new generation of famous WSO web shell. With perks included

webshell wso-webshell wso-shell php-webshells wso

PHP 38 20 Updated Sep 22, 2025
code-edit Public
Forked from WebCoder49/code-input

Turn any textarea tag into syntax-highlighted code editor with one script tag

JavaScript 2 MIT License Updated Sep 22, 2025
mailtools Public

Perfect scripts for all the hustle we have with mass-mailing

email imap email-validation massmailing message-download smtp-checker email-validator

Python 110 68 Do What The F*ck You Want To Public License Updated Aug 29, 2025
WP-Brute Public
Forked from InMyMine7/WP-Brute

WordPress XML-RPC & WP-Login Bruteforce + Auto Uploader Powerful asynchronous bruteforce tool for WordPress sites via wp-login.php and xmlrpc.php, featuring smart password placeholders, username e…

Python 1 Other Updated Apr 22, 2025
wp-upshell Public
Forked from InMyMine7/wp-upshell

upload shell on wordpress via plugin, themes, and inject plugin

Python 1 Updated Apr 19, 2025
CVE-2025-2005-wp Public
Forked from Nxploited/CVE-2025-2005

WordPress Front End Users Plugin <= 3.2.32 is vulnerable to Arbitrary File Upload

MIT License Updated Apr 2, 2025
cve-2024-25600 Public
Forked from so1icitx/CVE-2024-25600

Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.

Python MIT License Updated Mar 31, 2025
EvilSln-vs-code-exec Public
Forked from mitjakolsek/EvilSln

A New Exploitation Technique for Visual Studio Projects

C# 2 Updated Oct 11, 2023
subdirectories-discover Public

Perfect wordlist for discovering directories and files on target site

wordlist wordlist-generator dirbuster wordlists gobuster subdirectories sublist3r

305 79 Updated Sep 4, 2023
CVE-2023-34960 Public
Forked from Aituglo/CVE-2023-34960

CVE-2023-34960 Chamilo PoC

Python Updated Jun 9, 2023
cobaltstrike-beacon-rust Public
Forked from b1tg/cobaltstrike-beacon-rust

CobaltStrike beacon in rust

Rust Updated May 12, 2023
ProtectMyTooling Public
Forked from mgeeky/ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

PowerShell MIT License Updated Mar 31, 2023
Penetration-Testing-Tools Public
Forked from mgeeky/Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

PowerShell 1 2 MIT License Updated Mar 17, 2023
bypass-403 Public
Forked from iamj0ker/bypass-403

A simple script just made for self use for bypassing 403

Shell Updated Mar 10, 2023
CVE-2023-21608-Acrobat-RCE Public
Forked from hacksysteam/CVE-2023-21608

Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

JavaScript GNU General Public License v3.0 Updated Feb 27, 2023
leaky-paths Public
Forked from ayoubfathi/leaky-paths

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints …

1 Updated Feb 23, 2023
Email-Vulnerablity-Checker Public
Forked from BLACK-SCORP10/Email-Vulnerability-Checker

Find Email Spoofing Vulnerablity of domains

Shell 2 MIT License Updated Feb 22, 2023
CVE-2022-44666-office-rce Public
Forked from j00sean/CVE-2022-44666

Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the …

Rich Text Format Apache License 2.0 Updated Feb 15, 2023
mailcat-find-email Public
Forked from sharsil/mailcat

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

Python 1 1 Apache License 2.0 Updated Feb 14, 2023
decode-spam-headers Public
Forked from mgeeky/decode-spam-headers

A script that helps you understand why your E-Mail ended up in Spam

Python 1 MIT License Updated Feb 6, 2023
damage Public

PHP Updated Jan 29, 2023
CVE-2022-47966 Public
Forked from horizon3ai/CVE-2022-47966

POC for CVE-2022-47966 affecting multiple ManageEngine products

Python Updated Jan 19, 2023
ChatGPT-API-server Public
Forked from acheong08/ChatGPT-API-server

API server for ChatGPT

Go MIT License Updated Dec 28, 2022
cloudflare-origin-ip Public
Forked from gwen001/cloudflare-origin-ip

Try to find the origin IP of a webapp protected by Cloudflare.

Python 1 MIT License Updated Dec 27, 2022
dnstake Public
Forked from pwnesia/dnstake

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover

Go 1 MIT License Updated Dec 14, 2022
google-search Public
Forked from visualbasic6/search

a cli google client written by ai (chatgpt) that bypasses captcha and rate limiting by using the google alerts "preview" feature

Go Updated Dec 8, 2022
pycrypt Public
Forked from root4031/pycrypt

Python Based Crypter That Can Bypass Any Kinds Of Antivirus Products

Python Apache License 2.0 Updated Dec 4, 2022
subzuf Public
Forked from elceef/subzuf

a smart DNS response-guided subdomain fuzzer

Python Updated Nov 27, 2022
maddy Public
Forked from foxcpp/maddy

✉️ Composable all-in-one mail server.

Go GNU General Public License v3.0 Updated Nov 20, 2022
ProxyNotShell-PoC Public
Forked from testanull/ProxyNotShell-PoC

Python Updated Nov 18, 2022

Lavander aels

Achievements

Achievements

wso-ng Public

Uh oh!

code-edit Public

Uh oh!

mailtools Public

Uh oh!

WP-Brute Public

Uh oh!

wp-upshell Public

Uh oh!

CVE-2025-2005-wp Public

Uh oh!

cve-2024-25600 Public

Uh oh!

EvilSln-vs-code-exec Public

Uh oh!

subdirectories-discover Public

Uh oh!

CVE-2023-34960 Public

Uh oh!

cobaltstrike-beacon-rust Public

Uh oh!

ProtectMyTooling Public

Uh oh!

Penetration-Testing-Tools Public

Uh oh!

bypass-403 Public

Uh oh!

CVE-2023-21608-Acrobat-RCE Public

Uh oh!

leaky-paths Public

Uh oh!

Email-Vulnerablity-Checker Public

Uh oh!

CVE-2022-44666-office-rce Public

Uh oh!

mailcat-find-email Public

Uh oh!

decode-spam-headers Public

Uh oh!

damage Public

Uh oh!

CVE-2022-47966 Public

Uh oh!

ChatGPT-API-server Public

Uh oh!

cloudflare-origin-ip Public

Uh oh!

dnstake Public

Uh oh!

google-search Public

Uh oh!

pycrypt Public

Uh oh!

subzuf Public

Uh oh!

maddy Public

Uh oh!

ProxyNotShell-PoC Public

Uh oh!