Discover dxa4481/truffleHogRegexes Open Source project

This is a POC to show it is possible to capture enough of a handshake with a user from a fake AP to crack a WPA2 network without knowing the passphrase of the actual AP.

1,419

WPA2-HalfHandshake-Crack

Stealing CSRF tokens with CSS injection (without iFrames)

545

cssInjection

A security tool for grabbing screenshots of many web hosts

306

Snapper

These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok

290

gcploit

Abusing Self-XSS and Clickjacking to trigger XSS

155

XSSJacking

A demo of altering an opened tab after a timer

126

windowHijacking

This repo gives an overview of some GCP metadata API attack and defend patterns

125

AttackingAndDefendingTheGCPMetadataAPI

Damn-Vulnerable-Redis-Container

An example of obtaining RCE via Redis and CSRF

Maintaining account persistence via XSS and Oauth

XSSOauthPersistence

A CSRF demonstration of stealing local Redis data, and encrypting all Redis instances on a local network

whatsinmyredis

CSS

inputProtectionShield

Eagle

CORS

JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.

CSRF-PoC-Genorator

This is a simple CSRF Proof of Concept generator that supports multiple form encodings and methods

Steals cleartext passwords from webservices, by reading the memory of browsers

mimikittenz4Linux

Scans packages in npm and pypi for secrets

santaHog

A demonstration of secure hashing done client side

clientHashing

A tool to discover bygonessl vulnerabilities using the facebook API

bygonessl

Simple javascript logging of fingerprint, IP address and user agent

logger

Smart Health Card Viewer, view your California Smart Health Card Vaccination record

SmartHealthCardViewer

An open source project for bitcoin mining on an FPGA

BitRush

VHDL

domainAbandonedDetector

Detects abandoned domains referenced in HTML

This is my resume, in HTML/CSS

dxa4481.github.io

Translating JTAGENUM to Python for the Raspberry Pi

JayPi

redirect_demo

This simple python module takes GPS locations of a moving object, and measured signal strengths of an IoT object and uses trilateration and the method of least squares to solve for the location of the object

gpsIoTTracker

We are creating a system that translates measured distances of physical objects into vibrations to assist the blind

Veyebrations

Eagle

JohnWilliams

simple demo of XSS in an SVG

coolSVGXSS

A simple template that can be used to deliver security reports either for bug bounties, internal reports, or consultancy work

security_reports

A restful single page app tool sharing application

penguin

An example of the HTML5 vibration API

VibrationAPI

Tutorials

dotGitFinder

HIVStats

This application makes HIV statistics very accessible

The backend log handler for logger.io

log_handler

A simple presentation on social engineering

SocialEngineeringPresentation

This uses the open hardware provided by arduino to modify an arduino PCB into making a sound board

SoundMaker

Eagle

fingerprint-page-count

Counts how many times a user has viewed a page based on his browser's fingerprint

blog

Controlled builds, tests, static analysis, releases, and deploys with validation and 2FA and live streaming to your CI

SeriousApiarist

serviceworkerCSRFLogout

a very simple insecure web application designed to turn a lamp on and off

insecureLamp

The server configuration files for security.love and e-q.pw

serverConfigs

FingerprintPressure

This simple demo shows given an image of a fingerprint, you can determine how hard the person was pushing down

A brief demonstration showing browsers can access a device's accelerator data without promoting a user. This app shows the total acceleration vector magnitude

AccelerometerAPI

This is a simple demo that shows you can host a PDF cross origin in chrome, and track a user's interaction with the PDF with the default chrome PDF viewer.

CORS-pdf