GDSSecurity/OSX-Continuity-Dialer-POC

Stars
23
Rank 1,010,802 (Top 21 %)
Language
Objective-C
License
GNU General Publi...
Created about 9 years ago
Updated almost 9 years ago

GDSSecurity/OSX-Continuity-Dialer-POC

GDSSecurity

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

GWT-Penetration-Testing-Toolset

A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt

wifitap

wifitap updated for BT5r3

Jetleak-Testing-Script

Script to test if a server is vulnerable to the JetLeak vulnerability

SQLBrute

SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities.

GDS-PMD-Security-Rules

Custom security ruleset for the popular Java static analysis tool PMD.

Whitepapers

A collection of publicly released whitepapers

Add-Trusted-Certificate-to-iOS-Simulator

Script for easily importing a trusted CA certificate into the iOS Simulator's trust store. This provides application testers the ability to intercept SSL traffic when using the simulator for testing.

WCF-Binary-SOAP-Plug-In

This is a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1). There are two versions of the plug-in available (consult the README for more information).

burpee

Python object interface to requests/responses recorded by Burp Suite

cloud-and-control

PaddingOracleDemos

Anti-CSRF-Library

This library was co-developed with a leading financial institution in order to build a single solution for Cross-Site Request Forgery (CSRF) prevention that is flexible enough to deploy firm-wide within diverse Java/J2EE web application environments.

DotNET-MVC-Enumerator

Unibrute

Multithreaded SQL union bruteforcer

AntiXSS-for-Java

AntiXSS for Java is a port of the Microsoft Anti-Cross Site Scripting (AntiXSS) v1.5 library for .NET applications. The library requires Java 1.4 or higher, but has no other prerequisites.

Code-from-O-reilly-Network-Security-Tools

Tools developed for the book Network Security Tools: Writing, Hacking, and Modifying Security Tools (Published April 2005 by O'Reilly - ISBN 0-596-00794-9). These examples, along with the rest of the examples from the book, are also available from O'Reilly.

Deflate-Burp-Plugin

The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.

JSSE_Fortify_SCA_Rules

Custom Fortify SCA rules to detect common JSSE certification validation flaws

SSLSecurityChecker

IronWASP module to test security of SSL services. Ported from http://www.bolet.org/TestSSLServer/

Presentations

This repository contains slide decks and other materials for talks and research presented at various conferences.

SubstrateDemo

ListLock APK contains the demo APK for the Using Mobile Substrate With Android Applications blog post

mangers-oracle

Demonstration of Manger's Oracle, attacking RSA OAEP

Convert2FPR

Utility for converting Findbugs, ESLint and PMD XML results into HP Fortify FPRs

blazentoo

Blazentoo is an Adobe AIR application that can be used to exploit insecure Adobe BlazeDS and LiveCycle Data Services ES servers. Blazentoo provides the ability to seamlessly browse web content, abusing insecurely configured Proxy Services.

Scala-Findbugs-Sample

Sample Findbugs custom detector for finding potentially insecure Scala code.

SubstrateDemo2

CSAW_2010

Source code to the Crypto Challenges for the CSAW 2010 qualifying CTF

mimegusta

Configurable content-sniffing XSS test bed

WCF-WSDualHttpBinding-Port-Scanner

Proof of Concept utility for abusing WCF Web Services that use the WSDualHttpBinding in order to perform remote port scans of arbitrary hosts.