Sign up for your own profile on GitHub, the best place to host code, manage projects, and build software alongside 36 million developers.
Hide content and notifications from this user.
Learn more about blocking users
Contact Support about this user’s behavior.
Learn more about reporting abuse
Attack and defend active directory using modern post exploitation adversary tradecraft activity
A truly monstrous async web chat using no JS whatsoever on the frontend
An implementation of JOSE standards (JWE, JWS, JWT) in Go
A byte code analyzer for finding deserialization gadget chains in Java applications
siberas JMX exploitation toolkit
New TLS Padding Oracles
PoC for CVE-2019-5736
Named vulnerabilities and their practical impact
An Active Directory audit utility
JNDI Attacking Tool
Hackish way to intercept and modify non-HTTP protocols through Burp & others.
A list of interesting payloads, tips and tricks for bug bounty hunters.
unc0ver jailbreak for iOS 11.0 - 12.1.2
Python script to exploit java unserialize on t3 (Weblogic)
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
TER project (master-csi)
This is a standalone exploit for a vulnerable feature in Capcom.sys
CVE-2018-??? - CA Dollar Universe 5.3.3 'uxdqmsrv' - Privilege escalation via a vulnerable setuid binary
Save Linux frambuffer (/dev/fb0) to a PNG image file.
Monitor linux processes without root permissions
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
Intercepting TCP proxy to modify raw TCP streams using modules on incoming or outgoing traffic
Console user interface library for Python (official repo)
Windows IKEEXT DLL Hijacking Exploit Tool
Utility to find AES keys in running processes