There are no reviews yet. Be the first to send feedback to the community and the maintainers!
pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the factmalboxes
Builds malware analysis Windows VMs so that you don't have to.dtd-finder
List DTDs and generate XXE payloads using those local DTDs.WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalationsphp7-opcache-override
Security-related PHP7 OPcache abuse tools and demopywsus
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.csp-auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a WebsiteDLLPasswordFilterImplant
DLL Password Filter Implant with Exfiltration Capabilitiestemplate-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.xxe-workshop
Workshop given at Hack in Paris 2019ldap-scanner
Checks for signature requirements over LDAPfrida-xamarin-unpin
A Frida script to bypass Xamarin certificate pinning implementationsadvanced-binary-analysis
Materials for the Binary Analysis Workshop presented at NorthSec 2020break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugssecurity-cheat-sheet
Minimalist cheat sheet for developpers to write secure codexfsc
eXtensions for Financial Services (XFS) proof of concept client to explore and issue commands directly to the devices that support the protocol. Force ATMs to dispense cash if you have code execution on them.linkedin-osint
A simple proof of concept that demonstrate how emails can easily be tie to LinkedIn profilepresentations
Material from presentations done by GoSecure researchersburp-ntlm-challenge-decoder
Burp extension to decode NTLM SSP headers and extract domain/host informationrequest-smuggling-workshop
Cisco2Checkpoint
Tool that assists in migrating firewall rules from Cisco to Checkpoint. Will optimize rules for you (rationalization, reuse merging, etc.).unicode-pentester-cheatsheet
An easy to navigate list of unicode characters that have risky transformations ๐ฅzap-autodecode-view
ZAP plugin demonstrating custom view for WebSocket messages.goinsecure-deserialization
Accompanying material needed for the workshopLansweeperPasswordRecovery
Lansweeper Password Recovery Toolmalware-ioc
Indicators of Compromise (IOCs) for malware we have researched44con-code-review-workshop
References, tools and sample payloadshackfest-deserialization-workshop
jenkins-fsb
Jenkins instance with preconfigured jobs to analyze Java binaries using Find Security Bugs.orange-code-widget
๐ Widget for Orange to visualize code samplerequest-smuggling-nsec-demo
burp-fuzzy-encoding-generator
Quickly test various encoding for a given value in Burp Intrudermalware_investigation_template
Because .idb files should be version controlled.fq-pyrdp
fq format for parsing PyRDP replaysowasp-workshop-zap
Atelier pratique sur le dรฉveloppement d'extension ZAP / Workshop on ZAP extension developmentcaplets
Fork of caplets with RDP proxy capletconfoo-xss-bypass-demos
Demonstration for the presentation Modern XSSjava-hostname-verification-poc
missing-security-controls
notebooks
Cybersecurity Research Jupyter Notebooks for the Communitygosecure.github.io
Love Open Source and this site? Check out how you can help us