QeeqBox
Change the repository type filter
All
Repositories list
93 repositories
blind-sql-injection
Publicblind-sql-injectionvulnerable-web-app
Publicauthentication-bypass
PublicA threat actor may gain access to data and functionalities by bypassing the target authentication mechanism- A threat actor may perform unauthorized functions belonging to another user with a higher privileges level
- A threat actor may inject malicious content into a vulnerable target
- A threat actor may inject malicious content into webapp. The payload is reflected in the HTTP request and response, then executed in the victim's browser
sql-injection
PublicA threat actor may alter structured query language (SQL) query to read, modify and write to the database or execute administrative commands for further chained attacksos-command-injection
PublicA threat actor may inject arbitrary operating system (OS) commands on targetopen-redirect
PublicA threat actor may send a malicious redirect request for a vulnerable target to a victim; the victim gets redirected to a malicious website that threat actor controls- A threat actor may perform unauthorized functions belonging to another user with a similar privileges level
- A threat actor may inject malicious content into webapp. The payload is not reflected in the HTTP request and response, then executed in the victim's browser
default-credential
PublicA threat actor may gain unauthorized access using the default username and passwordsocial-analyzer
PublicAPI, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websiteshoneypots
Public30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)analyzer
PublicAnalyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)threat-intelligence
PublicThreat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, and future cyber threats (Collecting information about a potential threat, then analyzing that information to learn more about the negative events)- Data Lifecycle Management (DLM) is a policy-based model for managing data in an organization
cyber-kill-chain
PublicCyber Kill Chain is a model that Lockheed Martin created for understanding (Describe the sequence of events) and stopping cyberattacks- An adversary may utilize a sim swapping attack for defeating 2fa authentication
- An adversary may utilize a sim swapping attack for defeating 2fa authentication
digital-forensics
PublicDigital Forensics is the process of finding and analyzing electronic datacybersecurity
PublicCybersecurity is the measures taken to protect networks, devices, and data against cyberattacksincident-response
PublicIncident response is a set of steps that are used to handle the aftermath of a data breach or cyberattackauthorization-bypass
PublicA threat actor may access the user's account using a stolen or leaked valid (existing) session identifierpassword-spraying
PublicA threat actor may guess the target credentials using a single password with a large set of usernames against the targetcredential-stuffing
PublicA threat actor may guess the target credentials using a known username and password pairs gathered from previous brute-force attacksdirectory-listing
PublicA threat actor may list files on a misconfigured serverrisk-management
PublicRisk management is the process of identifying, assessing, treating, and monitoring any negative events that affect a company's ability to operate (Preventing them or minimizing their harmful impact)- A threat actor may lunch brute force to the two-factor authentication (2FA) logic causing unauthorized access to the target