Karim Jaber (Exfil0)

The Phantom Whisper is a sophisticated, production-grade Python orchestration framework designed to deploy zero-click exploits with surgical precision.

RevBot is an advanced, modular reverse shell generator for penetration testing and educational use.

This project provides a robust, stealth-optimized framework for collecting detailed browser and system information from a website visitor without their explicit consent, and exfiltrating that data to a remote server.

A sophisticated, wizard-driven Python exploit tool targeting CVE-2025-53770, a critical (CVSS 9.8) unauthenticated remote code execution (RCE) vulnerability in on-premises Microsoft SharePoint Server (2016, 2019, Subscription Edition)

Fortinet announced two closely related authentication‑bypass vulnerabilities on 9 December 2025. Both flaws involve improper verification of cryptographic signatures (CWE‑347) in the handling of SAML responses for the FortiCloud SSO login feature.

A professional-grade Python application for detecting technical surveillance threats including RF bugs, rogue Wi-Fi access points, BLE tracking devices, and GSM cell site simulators (IMSI catchers).

This document explains how to set up and run the wizard scripts in the wizard/ folder of the SIGINTPI project.

SMTP-Hunter is an advanced, aggressive SMTP penetration testing tool designed for security professionals to identify vulnerabilities in SMTP servers.

No description provided.

CollectJuices is a powerful tool designed to automate the process of fetching, analyzing, and recursively processing JavaScript files to discover URLs and secrets. Leveraging the capabilities of the JSluice tool and advanced Python libraries, CollectJuices is an essential tool for cybersecurity professionals.

Below is a complete Python script that implements a single-node or distributed 5G slicing lab wizard.

CVE-2024-4367 is a critical vulnerability (CVSS 9.8) in PDF.js, allowing arbitrary JavaScript code execution due to insufficient type checks on the FontMatrix object within PDF files.

No description provided.

Iron Veil is a comprehensive, militarized subdomain enumeration and verification tool built in Python.

The Advanced SQL Injection Scanner is a sophisticated, Python-based tool crafted for security analysts and penetration testers. It automates the detection of SQL Injection vulnerabilities in web applications by sending varied SQLi payloads to specified URLs and analyzing the responses for signs of injectable parameters.

Advanced PowerShell-based red team implant along with a custom C2 (Command & Control) server

No description provided.

No description provided.

Cerberus Singularity is the ultimate evolution in adaptive web application infiltration, designed specifically to target JSF (JavaServer Faces) login pages with unparalleled intelligence, stealth, and resilience.

No description provided.

tealthWizard is a military-grade penetration testing tool engineered for covert operations against Active Directory (AD) environments and Microsoft 365 (M365) cloud tenants.

Designed for Demonstration of Deep Exploitation.

A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (CVE-2024-55591) in certain Fortinet devices.

A comprehensive wizard-style tool to install and configure a single-instance Tor hidden service on Debian/Ubuntu systems.

Dynamic_enum_Wizard is a curses-based wizard that conducts a wide range of security reconnaissance tasks while keeping the terminal output to a minimum.

No description provided.

Generates a Root CA to facilitate certificate-based HTTPS interception, serves that certificate via a captive portal, and optionally installs mitmproxy for full HTTPS MITM.

This repository contains a Python script that validates card numbers using the Luhn algorithm, fetches BIN details using the Binlist API, and generates professional JSON reports for single and batch validations.

MSSQLSEC is a comprehensive toolkit, incorporating advanced tools and methodologies, specifically designed for performing in-depth audits on MSSQL databases. It is more than just a static set of tools; it's a dynamic framework that continuously evolves to meet the demands of the changing landscape of database security and audit requirements.

This tool is designed for file extension spoofing. It allows users to create a copy of a file with a spoofed extension. This can be useful in various testing scenarios, including security testing and penetration testing exercises. The tool uses a special Unicode character to reverse the order of characters in the spoofed extension.