Ruhr University Bochum - Chair for Network and Data Security (@RUB-NDS)
Guthub

RUB-NDS

Twitter logo Share LinkedIn logo Share Facebook logo Share

Top repositories

1

PRET

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
Python
3,909
star
2

Terrapin-Scanner

This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
Go
887
star
3

WS-Attacker

WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).
Java
469
star
4

CORStest

A simple CORS misconfiguration scanner
Python
387
star
5

Metadata-Attacker

A tool to generate media files with malicious metadata
PHP
124
star
6

BurpSSOExtension

An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
Java
116
star
7

PDF101

Artifacts for the Black Hat talk.
Python
97
star
8

REST-Attacker

REST-Attacker is designed as a proof-of-concept for the feasibility of testing generic real-world REST implementations. Its goal is to provide a framework for REST security research.
Python
78
star
9

xsinator.com

XS-Leak Browser Test Suite
JavaScript
68
star
10

alpaca-code

Artifacts to the ALPACA attack.
C
60
star
11

DTD-Attacks

Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
Java
57
star
12

Johnny-You-Are-Fired

Artifacts for the USENIX publication.
57
star
13

MS-RMS-Attacks

Breaking the security of Microsoft's RMS
C++
51
star
14

Terrapin-Artifacts

This repository contains the artifacts for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
Python
46
star
15

JOSEPH

Java
32
star
16

OpenID-Attacker

Java
27
star
17

PrOfESSOS

PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach to improve the security of OpenID Connect implementations by systematically detecting vulnerabilities.
Java
27
star
18

SAML-XXE-Test

Simple XXE test suite generated specifically for SAML interfaces
Python
21
star
19

pdf-attacker

Python
21
star
20

thesis_layout

Latex template for students writing a bachelor or master thesis
TeX
18
star
21

ikev1-psk-main-mode-dict-attacker

Proof-of-Concept Dictionary Attacker against IKEv1 PSK in Main Mode
Python
16
star
22

SocketProxy

Simple proxy designed to intercept and modify connections on the transport level. This means you can also modify TLS raw bytes.
Java
16
star
23

Office-Security

Artifacts for the WOOT publication.
HTML
14
star
24

FutureTrust

FutureTrust analyzes electronic identification (eID) services in Europe and beyond. It is funded within the EU Framework Programme for Research and Innovation (Horizon 2020).
Java
11
star
25

DISTINCT

Dynamic In-Browser Single Sign-On Tracer Inspecting Novel Communication Techniques
JavaScript
10
star
26

OOXML_Signature_Security

USENIX 2023 Artifacts
10
star
27

AutoLeak

Find XS-Leaks in the browser by diffing DOM-Graphs in two states
JavaScript
10
star
28

your-sop.com

PHP
9
star
29

SOAP-Test-Webservices

SOAP webservices of different SOAP frameworks including samples for WS-Security.
Java
8
star
30

Covert-Content-Attacks

Artifacts for the DEF CON talk.
6
star
31

exposee_layout

Latex template for students writing an exposé for a seminar or thesis
TeX
6
star
32

WS-TLS-Scanner

The TLS-Scanner for the SIWECOS Project
Java
6
star
33

CVE-2020-2655-DemoServer

Java
5
star
34

SECRET

A Secure, Efficient, and Collaborative Real-Time Web Editor
CoffeeScript
5
star
35

Gridcoin-Attacks

The source code of our attacking tool described in the paper "Breaking and Fixing Gridcoin" published at WOOT'17, see also:
C++
5
star
36

JavaCryptoExamples

Examples for using Java Crypto
Java
4
star
37

Terrapin-Website

This repository hosts the public website for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation" via GitHub Pages.
HTML
4
star
38

RKE

Implementation of ratcheted key exchange protocol (Poettering and Rösler, CRYPTO 2018, https://ia.cr/2018/296) by Marco Smeets
Java
4
star
39

WS-Attacker-Plugin_Denial_of_Service

Denial_of_Service - A git submodule for WS-Attacker
Java
3
star
40

SyncEnc-Keyserver

A Key Management Server for SyncEnc
JavaScript
2
star
41

WS-Attacker-Library_Intelligent_Denial_of_Service_Library

Intelligent_Denial_of_Service_Library - A git submodule for WS-Attacker
Java
2
star
42

PDF-Tester

PDF Tester can be used to evaluate the signature status of a PDF document under different PDF applications.
C#
2
star
43

JsseTLS

Java
2
star
44

BouncyCastleTLS

BouncyCastle TLS examples
Java
2
star
45

WS-Attacker-Library_Signature_Faking_Library

Signature_Faking_Library - A git submodule for WS-Attacker
Java
1
star
46

alpaca-attack

HTML
1
star
47

AKE-Cryptoverif-Tutorial

HTML
1
star
48

Mitigation-of-Attacks-on-Email-E2E-Encryption

Research Artifacts for the Publication "Mitigation of Attacks on Email End-to-End Encryption"
Python
1
star
49

IPsec-StateMachineExtractor

Extract the state machine of an IKEv1/IKEv2 implementation
Java
1
star
50

SyncEnc-App

Java
1
star
51

WS-Attacker-Library_XML_Encryption_Attack_Library

XML_Encryption_Attack_Library - A git submodule for WS-Attacker
Java
1
star
52

Single-Sign-On-Libraries

Java
1
star
53

ShareJSXML

Library to allow concurrent editing of XML documents using Operational Transforms based on ShareJS 0.6
CoffeeScript
1
star
54

SyncEnc-Demonstrator

A Demonstrator for Collaborative Encrypted Editing
JavaScript
1
star
55

WS-Attacker-Plugin_SoapAction_Spoofing

SoapAction_Spoofing - A git submodule for WS-Attacker
Java
1
star
56

WS-Attacker-Plugin_Signature_Wrapping

Signature_Wrapping - A git submodule for WS-Attacker
Java
1
star
57

WS-Attacker-Plugin_XML_Encryption_Attack

XML_Encryption_Attack - A git submodule for WS-Attacker
Java
1
star
58

WS-Attacker-Plugin_Intelligent_Denial_of_Service

Intelligent_Denial_of_Service - A git submodule for WS-Attacker
Java
1
star
59

XMLSec-WebCrypto

An implementation for the XML Security Standard using the W3C WebCrypto API
CoffeeScript
1
star
60

oidc-docker-libs

Python
1
star
61

medfuzz

Fuzzing plattform for medical protocols
C++
1
star
62

DocumentSignatureValidator

Automation tool for evaluating the signature status of office documents
C++
1
star
63

WS-Attacker-Library_SoapHttpClient

SoapHttpClient - A git submodule for WS-Attacker
Java
1
star
64

WS-Attacker-Library_Signature_Wrapping

Signature_Wrapping_Library - A git submodule for WS-Attacker
Java
1
star
65

WS-Attacker-Plugin_WS_Addressing_Spoofing

WS_Addressing_Spoofing - A git submodule for WS-Attacker
Java
1
star
66

WS-Attacker-Library_XML_Utilities

WS-Attacker-Library_XML-Utilities- A git submodule for WS-Attacker
Java
1
star
67

WS-Attacker-Plugin_OptionsTesterPlugin

OptionsTesterPlugin - A git submodule for WS-Attacker
Java
1
star
68

WS-Attacker-Library_Schema_Analyzer

Schema_Analyzer_Library - A git submodule for WS-Attacker
Java
1
star