• Stars
    star
    22
  • Rank 1,048,934 (Top 21 %)
  • Language
    Python
  • Created about 3 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

More Repositories

1

pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
Python
1,483
star
2

malboxes

Builds malware analysis Windows VMs so that you don't have to.
Python
1,028
star
3

dtd-finder

List DTDs and generate XXE payloads using those local DTDs.
Kotlin
601
star
4

WSuspicious

WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
C#
338
star
5

php7-opcache-override

Security-related PHP7 OPcache abuse tools and demo
Python
306
star
6

pywsus

Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
Python
286
star
7

csp-auditor

Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
Java
135
star
8

DLLPasswordFilterImplant

DLL Password Filter Implant with Exfiltration Capabilities
C
133
star
9

template-injection-workshop

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
CSS
118
star
10

xxe-workshop

Workshop given at Hack in Paris 2019
JavaScript
118
star
11

ldap-scanner

Checks for signature requirements over LDAP
Python
92
star
12

frida-xamarin-unpin

A Frida script to bypass Xamarin certificate pinning implementations
C#
65
star
13

advanced-binary-analysis

Materials for the Binary Analysis Workshop presented at NorthSec 2020
HTML
63
star
14

break-fast-serial

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
Python
54
star
15

security-cheat-sheet

Minimalist cheat sheet for developpers to write secure code
HTML
54
star
16

xfsc

eXtensions for Financial Services (XFS) proof of concept client to explore and issue commands directly to the devices that support the protocol. Force ATMs to dispense cash if you have code execution on them.
C
53
star
17

gophish-cli

Gophish Python cli to perform huge phishing campaigns
Python
40
star
18

linkedin-osint

A simple proof of concept that demonstrate how emails can easily be tie to LinkedIn profile
Python
36
star
19

presentations

Material from presentations done by GoSecure researchers
HTML
32
star
20

burp-ntlm-challenge-decoder

Burp extension to decode NTLM SSP headers and extract domain/host information
Kotlin
32
star
21

Cisco2Checkpoint

Tool that assists in migrating firewall rules from Cisco to Checkpoint. Will optimize rules for you (rationalization, reuse merging, etc.).
Python
21
star
22

unicode-pentester-cheatsheet

An easy to navigate list of unicode characters that have risky transformations 💥
HTML
20
star
23

zap-autodecode-view

ZAP plugin demonstrating custom view for WebSocket messages.
Kotlin
13
star
24

goinsecure-deserialization

Accompanying material needed for the workshop
Java
11
star
25

LansweeperPasswordRecovery

Lansweeper Password Recovery Tool
C#
11
star
26

malware-ioc

Indicators of Compromise (IOCs) for malware we have researched
YARA
10
star
27

44con-code-review-workshop

References, tools and sample payloads
10
star
28

hackfest-deserialization-workshop

8
star
29

jenkins-fsb

Jenkins instance with preconfigured jobs to analyze Java binaries using Find Security Bugs.
Shell
6
star
30

orange-code-widget

🍊 Widget for Orange to visualize code sample
Python
6
star
31

request-smuggling-nsec-demo

PHP
5
star
32

burp-fuzzy-encoding-generator

Quickly test various encoding for a given value in Burp Intruder
Kotlin
5
star
33

malware_investigation_template

Because .idb files should be version controlled.
Shell
4
star
34

fq-pyrdp

fq format for parsing PyRDP replays
Go
4
star
35

owasp-workshop-zap

Atelier pratique sur le développement d'extension ZAP / Workshop on ZAP extension development
HTML
4
star
36

caplets

Fork of caplets with RDP proxy caplet
JavaScript
3
star
37

confoo-xss-bypass-demos

Demonstration for the presentation Modern XSS
3
star
38

java-hostname-verification-poc

Java
2
star
39

missing-security-controls

HTML
1
star
40

notebooks

Cybersecurity Research Jupyter Notebooks for the Community
Jupyter Notebook
1
star
41

gosecure.github.io

HTML
1
star