541 Open source projects that are alternatives of or similar to flaskbomb

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Misc. Public Reports of Penetration Testing and Security Audits.

A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.

InfoPath Phishing Repo Resource

Fast, flexible zlib bindings.

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

The initial conversation slides and menu of scenarios

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Turn your VPS into an attack box

PoC; terraform + kubeadm

sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.

Script to spider a website and find publicly open S3 buckets

Focus on cybersecurity | collection of PoC and Exploits

Some good resources for getting started with application security

Formal verification of Elastic-Agent and more using BDD

Task Hijacking in Android (somebody call it also StrandHogg vulnerability)

A Python obfuscator using HTTP Requests and Hastebin.

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

zlib-compressed file depacking library in Lua

Documentation, configuration, reference material and other information around an Asterisk-based VNF

A schema and set of tools for using SQL to query cloud infrastructure.

Malware Sample Sources

A simple remote tool in C#.

compress and uncompress for Deno

An intelligent React component to obfuscate any contact link!

A PoC on passing data through UNIX file privilege bits (RWX Triplets)

Replacement for golang http.FileServer which supports precompressed static assets.

A support library for Ronin. Like activesupport, but for hacking!

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

CVE-2020-11651: Proof of Concept

We're working with community non-profits who have a Host Home or empty bedrooms initiative to develop a workflow management tool to make the process scalable (across all providers), reduce institutional bias, and effectively capture data.

Scan installed EDRs and AVs on Windows

The essential toolkit for reversing, malware analysis, and cracking

Java Based Cross-Platform CSGO Offset and Netvar Scanner

A memorial site for Hackers and Infosec people who have passed

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Additional Resources For Securing The Stack Tutorials

Information Security Library

Generate pre-compressed .gz and .br files for static web servers

聚合Github上已有的Poc或者Exp，CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

Fileless attack with persistence

You didn't think I'd go and leave the blue team out, right?

Related subdomains finder

unix wildcard attacks

Efficient (de)compression package for AWS Lambda

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

Multi source CVE/exploit parser.

An online tool to quickly bundle & minify your projects, while viewing the compressed gzip/brotli bundle size, all running locally on your browser.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

This repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.

One stop place for exploiting Jira instances in your proximity

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

Multi-threaded Padding Oracle attacks against any service. Written in Rust.

PoC ActiveX SVG Document Execution

Various proofs of concept examples using Github Actions 🤖

IOTA Proof of Concept, store MQTT messages on the tangle.

POC de uma aplicação de domínio financeiro.

Pools organized for Epitech's students in 2021.