Repositories list

• MATRIX

  Public
  Python

  •

  MIT License

  •1•4•0•0•Updated May 7, 2025May 7, 2025

• zpminternational

  Public
  HTML

  •4•6•0•0•Updated Feb 7, 2025Feb 7, 2025

• modsec-sdbm-util

  Public
  Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.

  C

  •

  Apache License 2.0

  •17•22•2•3•Updated Aug 16, 2024Aug 16, 2024

• BurpNotesExtension

  Public
  Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.

  Java

  •

  GNU General Public License v3.0

  •27•67•2•1•Updated May 16, 2024May 16, 2024

• snappy

  Public
  Python

  •22•267•0•1•Updated Jun 26, 2023Jun 26, 2023

• cve_server

  Public
  Simple REST-style web service for the CVE searching

  apiapi-serverapi-rest+ 9cvenvdcvsscvssv3cvssv2rubydatabase+ 2

  Ruby

  •

  Apache License 2.0

  •38•98•5•5•Updated May 19, 2023May 19, 2023

• ModSecurity-log-utilities

  Public
  Set of CLI tools to transform ModSecurity logs into a meaningful information, given a context.

  Python

  •

  Apache License 2.0

  •20•53•4•4•Updated May 5, 2023May 5, 2023

• Jorogumo

  Public
  Red Team Stored XSS SVG phishing-companion tool with the ability to serve a malicious login page, or clone an html page and implement custom javascript. It then generates a relevant SVG.

  phishingexploitsstored-xss-exploit+ 1cve-2021-45919

  Python

  •8•30•0•0•Updated Mar 31, 2023Mar 31, 2023

• HostHunter

  Public
  HostHunter a recon tool for discovering hostnames using OSINT techniques.

  open-sourcetoolhacking+ 16ipreconvirtual-hostshacking-toolnetwork-securityhostnamesscoping+ 9

  Python

  •

  MIT License

  •194•1.1k•0•0•Updated Mar 30, 2023Mar 30, 2023

• advisories-poc

  Public
  C

  •16•17•1•1•Updated Sep 9, 2022Sep 9, 2022

• Grandoreiro-decryptor

  Public
  Grandoreiro decryptor and DGA generator (26.May.2022)

  Python

  •2•1•0•0•Updated May 26, 2022May 26, 2022

• BlackByteDecryptor

  Public
  C#

  •

  Apache License 2.0

  •24•64•4•0•Updated Oct 19, 2021Oct 19, 2021

• IOCs-IDPS

  Public
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)

  30•104•0•0•Updated Jul 29, 2021Jul 29, 2021

• REvil_config

  Public
  Configuration file for REvil / Kaseya July campaign

  1•4•0•0•Updated Jul 6, 2021Jul 6, 2021

• pingback

  Public
  Python

  •

  MIT License

  •6•28•1•0•Updated May 4, 2021May 4, 2021

• masher

  Public
  multiple password 'asher using Python’s hashlib

  Python

  •5•15•0•0•Updated Mar 24, 2021Mar 24, 2021

• Airachnid-Burp-Extension

  Public
  A Burp Extension to test applications for vulnerability to the Web Cache Deception attack

  Java

  •

  GNU General Public License v3.0

  •34•139•0•2•Updated Feb 18, 2021Feb 18, 2021

• OWASP-CRS-regressions

  Public archive
  Regression tests for OWASP CRS v3

  Python

  •

  Apache License 2.0

  •14•16•7•1•Updated Aug 7, 2020Aug 7, 2020

• OWASP-CRS-Documentation

  Public archive
  Documentation for the OWASP CRS project

  Python

  •

  Apache License 2.0

  •19•40•2•5•Updated Aug 7, 2020Aug 7, 2020

• groupenum

  Public archive
  Python

  •17•57•0•0•Updated Aug 7, 2020Aug 7, 2020

• msfrpc

  Public archive
  Perl/Python modules for interfacing with Metasploit MSGRPC

  Python

  •60•96•3•2•Updated Aug 7, 2020Aug 7, 2020

• portia

  Public archive
  Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.

  PowerShell

  •

  Apache License 2.0

  •133•503•6•2•Updated Aug 7, 2020Aug 7, 2020

• cribdrag

  Public archive
  cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys

  Python

  •

  GNU General Public License v3.0

  •70•175•0•0•Updated Aug 7, 2020Aug 7, 2020

• Firework

  Public archive
  Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.

  Python

  •10•44•0•0•Updated Aug 7, 2020Aug 7, 2020

• SharpCompile

  Public archive
  SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…

  C#

  •58•292•0•0•Updated Aug 7, 2020Aug 7, 2020

• DoHC2

  Public archive
  DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).

  C#

  •96•451•2•0•Updated Aug 7, 2020Aug 7, 2020

• deblaze

  Public archive
  Performs method enumeration and interrogation against flash remoting end points.

  Python

  •

  GNU General Public License v3.0

  •18•38•0•4•Updated Aug 7, 2020Aug 7, 2020

• MCIR

  Public archive
  The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

  PHP

  •

  GNU General Public License v3.0

  •158•442•0•1•Updated Aug 7, 2020Aug 7, 2020

• Nmap-Tools

  Public archive
  SpiderLabs shared Nmap Tools

  Lua

  •78•229•1•4•Updated Aug 7, 2020Aug 7, 2020

• jboss-autopwn

  Public archive
  A JBoss script for obtaining remote shell access

  Shell

  •

  GNU General Public License v3.0

  •54•173•0•1•Updated Aug 7, 2020Aug 7, 2020