There are no reviews yet. Be the first to send feedback to the community and the maintainers!
pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the factmalboxes
Builds malware analysis Windows VMs so that you don't have to.dtd-finder
List DTDs and generate XXE payloads using those local DTDs.WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalationsphp7-opcache-override
Security-related PHP7 OPcache abuse tools and demopywsus
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.csp-auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a WebsiteDLLPasswordFilterImplant
DLL Password Filter Implant with Exfiltration Capabilitiestemplate-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.xxe-workshop
Workshop given at Hack in Paris 2019ldap-scanner
Checks for signature requirements over LDAPfrida-xamarin-unpin
A Frida script to bypass Xamarin certificate pinning implementationsadvanced-binary-analysis
Materials for the Binary Analysis Workshop presented at NorthSec 2020break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugssecurity-cheat-sheet
Minimalist cheat sheet for developpers to write secure codegophish-cli
Gophish Python cli to perform huge phishing campaignslinkedin-osint
A simple proof of concept that demonstrate how emails can easily be tie to LinkedIn profilepresentations
Material from presentations done by GoSecure researchersburp-ntlm-challenge-decoder
Burp extension to decode NTLM SSP headers and extract domain/host informationrequest-smuggling-workshop
Cisco2Checkpoint
Tool that assists in migrating firewall rules from Cisco to Checkpoint. Will optimize rules for you (rationalization, reuse merging, etc.).unicode-pentester-cheatsheet
An easy to navigate list of unicode characters that have risky transformations ๐ฅzap-autodecode-view
ZAP plugin demonstrating custom view for WebSocket messages.goinsecure-deserialization
Accompanying material needed for the workshopLansweeperPasswordRecovery
Lansweeper Password Recovery Toolmalware-ioc
Indicators of Compromise (IOCs) for malware we have researched44con-code-review-workshop
References, tools and sample payloadshackfest-deserialization-workshop
jenkins-fsb
Jenkins instance with preconfigured jobs to analyze Java binaries using Find Security Bugs.orange-code-widget
๐ Widget for Orange to visualize code samplerequest-smuggling-nsec-demo
burp-fuzzy-encoding-generator
Quickly test various encoding for a given value in Burp Intrudermalware_investigation_template
Because .idb files should be version controlled.fq-pyrdp
fq format for parsing PyRDP replaysowasp-workshop-zap
Atelier pratique sur le dรฉveloppement d'extension ZAP / Workshop on ZAP extension developmentcaplets
Fork of caplets with RDP proxy capletconfoo-xss-bypass-demos
Demonstration for the presentation Modern XSSjava-hostname-verification-poc
missing-security-controls
notebooks
Cybersecurity Research Jupyter Notebooks for the Communitygosecure.github.io
Love Open Source and this site? Check out how you can help us