Stars
Investment Research for Everyone, Everywhere.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
🦄 The unofficial Python client for the Uniswap exchange.
Simple and elegant component-based UI library
🧑🌾 It ain't much, but it's an honest work
A wordlist of API names for web application assessments
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Slides and Code for the BHUSA 2019 talk: Flying a False Flag
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
A tool for embedding XXE/XML exploits into different filetypes
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Resources for Windows exploit development
The website / "start here" for the project. This project has been abandoned and merged into the open source Raccoons Rise Up game.
A cheat sheet for attacking SQLite via SQLi
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Animation of the SHA-256 hash function in your terminal.
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Windows Local Privilege Escalation from Service Account to System
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Simple Go script to check if found domains in a file are already saved in your Findomain database