There are no reviews yet. Be the first to send feedback to the community and the maintainers!
PRET
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.Terrapin-Scanner
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".WS-Attacker
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).CORStest
A simple CORS misconfiguration scannerMetadata-Attacker
A tool to generate media files with malicious metadataBurpSSOExtension
An extension for BurpSuite that highlights SSO messages in Burp's proxy window..PDF101
Artifacts for the Black Hat talk.REST-Attacker
REST-Attacker is designed as a proof-of-concept for the feasibility of testing generic real-world REST implementations. Its goal is to provide a framework for REST security research.xsinator.com
XS-Leak Browser Test Suitealpaca-code
Artifacts to the ALPACA attack.DTD-Attacks
Tests for different parsers from Ruby, Python, .NET, PHP, Perl, JavaJohnny-You-Are-Fired
Artifacts for the USENIX publication.MS-RMS-Attacks
Breaking the security of Microsoft's RMSTerrapin-Artifacts
This repository contains the artifacts for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".JOSEPH
OpenID-Attacker
PrOfESSOS
PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach to improve the security of OpenID Connect implementations by systematically detecting vulnerabilities.SAML-XXE-Test
Simple XXE test suite generated specifically for SAML interfacespdf-attacker
thesis_layout
Latex template for students writing a bachelor or master thesisikev1-psk-main-mode-dict-attacker
Proof-of-Concept Dictionary Attacker against IKEv1 PSK in Main ModeSocketProxy
Simple proxy designed to intercept and modify connections on the transport level. This means you can also modify TLS raw bytes.Office-Security
Artifacts for the WOOT publication.FutureTrust
FutureTrust analyzes electronic identification (eID) services in Europe and beyond. It is funded within the EU Framework Programme for Research and Innovation (Horizon 2020).DISTINCT
Dynamic In-Browser Single Sign-On Tracer Inspecting Novel Communication TechniquesOOXML_Signature_Security
USENIX 2023 ArtifactsAutoLeak
Find XS-Leaks in the browser by diffing DOM-Graphs in two statesyour-sop.com
SOAP-Test-Webservices
SOAP webservices of different SOAP frameworks including samples for WS-Security.Covert-Content-Attacks
Artifacts for the DEF CON talk.exposee_layout
Latex template for students writing an exposé for a seminar or thesisWS-TLS-Scanner
The TLS-Scanner for the SIWECOS ProjectCVE-2020-2655-DemoServer
SECRET
A Secure, Efficient, and Collaborative Real-Time Web EditorGridcoin-Attacks
The source code of our attacking tool described in the paper "Breaking and Fixing Gridcoin" published at WOOT'17, see also:JavaCryptoExamples
Examples for using Java CryptoTerrapin-Website
This repository hosts the public website for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation" via GitHub Pages.RKE
Implementation of ratcheted key exchange protocol (Poettering and Rösler, CRYPTO 2018, https://ia.cr/2018/296) by Marco SmeetsWS-Attacker-Plugin_Denial_of_Service
Denial_of_Service - A git submodule for WS-AttackerSyncEnc-Keyserver
A Key Management Server for SyncEncWS-Attacker-Library_Intelligent_Denial_of_Service_Library
Intelligent_Denial_of_Service_Library - A git submodule for WS-AttackerPDF-Tester
PDF Tester can be used to evaluate the signature status of a PDF document under different PDF applications.JsseTLS
BouncyCastleTLS
BouncyCastle TLS examplesWS-Attacker-Library_Signature_Faking_Library
Signature_Faking_Library - A git submodule for WS-Attackeralpaca-attack
AKE-Cryptoverif-Tutorial
Mitigation-of-Attacks-on-Email-E2E-Encryption
Research Artifacts for the Publication "Mitigation of Attacks on Email End-to-End Encryption"IPsec-StateMachineExtractor
Extract the state machine of an IKEv1/IKEv2 implementationSyncEnc-App
WS-Attacker-Library_XML_Encryption_Attack_Library
XML_Encryption_Attack_Library - A git submodule for WS-AttackerSingle-Sign-On-Libraries
ShareJSXML
Library to allow concurrent editing of XML documents using Operational Transforms based on ShareJS 0.6SyncEnc-Demonstrator
A Demonstrator for Collaborative Encrypted EditingWS-Attacker-Plugin_SoapAction_Spoofing
SoapAction_Spoofing - A git submodule for WS-AttackerWS-Attacker-Plugin_Signature_Wrapping
Signature_Wrapping - A git submodule for WS-AttackerWS-Attacker-Plugin_XML_Encryption_Attack
XML_Encryption_Attack - A git submodule for WS-AttackerWS-Attacker-Plugin_Intelligent_Denial_of_Service
Intelligent_Denial_of_Service - A git submodule for WS-Attackeroidc-docker-libs
medfuzz
Fuzzing plattform for medical protocolsDocumentSignatureValidator
Automation tool for evaluating the signature status of office documentsWS-Attacker-Library_SoapHttpClient
SoapHttpClient - A git submodule for WS-AttackerWS-Attacker-Library_Signature_Wrapping
Signature_Wrapping_Library - A git submodule for WS-AttackerWS-Attacker-Plugin_WS_Addressing_Spoofing
WS_Addressing_Spoofing - A git submodule for WS-AttackerWS-Attacker-Library_XML_Utilities
WS-Attacker-Library_XML-Utilities- A git submodule for WS-AttackerWS-Attacker-Plugin_OptionsTesterPlugin
OptionsTesterPlugin - A git submodule for WS-AttackerWS-Attacker-Library_Schema_Analyzer
Schema_Analyzer_Library - A git submodule for WS-AttackerLove Open Source and this site? Check out how you can help us