x1mdev
Follow
Stars
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
Zero shot vulnerability discovery using LLMs
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
Private chat with local GPT with document, images, video, etc. 100% private, Apache 2.0. Supports oLLaMa, Mixtral, llama.cpp, and more. Demo: https://gpt.h2o.ai/ https://gpt-docs.h2o.ai/
Extract URLs, paths, secrets, and other interesting bits from JavaScript
An XSS exploitation command-line interface and payload generator.
CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
SmartCheck – a static analysis tool that detects vulnerabilities and bugs in Solidity programs (Ethereum-based smart contracts).
Tool to detect secrets in source code management systems.
Collection of PoC and offensive techniques used by the BlackArrow Red Team
"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
Heuristics for smart contract auditors
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…
Confluence Server Webwork OGNL injection
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
An implementation of NSA's ExplodingCan exploit in Python
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.