Chris Frohoff (@frohoff)
github

frohoff

Twitter logo Share LinkedIn logo Share Facebook logo Share
  • Stars
    star
    8,233
  • Global Rank 2,773 (Top 0.1 %)
  • Followers 984
  • Following 13
  • Registered about 16 years ago
  • Most used languages
    Java
         53.1 %
    CSS
         12.5 %
    Ruby
         12.5 %
    Shell
         6.3 %
    C
         6.3 %
    Scala
         3.1 %
    C++
         3.1 %
    Perl
         3.1 %
  • Location πŸ‡ΊπŸ‡Έ United States
  • Country Total Rank 1,401
  • Country Ranking
    Java
         56
    Ruby
         1,595
    C
         2,145
    Perl
         3,010
    CSS
         3,050
    Scala
         3,215

Top repositories

1

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Java
7,375
star
2

jdk8u-jdk

Java
203
star
3

ciphr

CLI crypto swiss-army knife for performing and composing encoding, decoding, encryption, decryption, hashing, and other various cryptographic operations on streams of data from the command line; mostly intended for ad hoc, infosec-related uses.
Ruby
115
star
4

inspector-gadget

Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
Java
103
star
5

grepcidr

from http://www.pc-tools.net/unix/grepcidr/
C
90
star
6

jdk8u-dev-jdk

Java
68
star
7

jdeserialize

From https://code.google.com/p/jdeserialize/
Java
34
star
8

rails_exploits

Ruby
22
star
9

serialysis

from http://weblogs.java.net/blog/emcmanus/archive/2007/06/disassembling_s.html
Java
10
star
10

appseccali-java

Java
9
star
11

inyourface

From http://www.synacktiv.com/ressources/inyourface-0.2.tar.gz
Java
7
star
12

pd-buddy-wye

From https://git.clarahobbs.com/pd-buddy/pd-buddy-wye.git
7
star
13

ctfd-trektheme

Star Trek LCARS inspired pure CSS theme for CTFd (v2.1.1) used during the 2019 LayerOne CTF and ToorCon CTF.
CSS
6
star
14

appseccali-marshalling-pickles

Slide deck from AppSecCali 2015 Talk "Marshalling Pickles: how deserializing objects will ruin your day"
CSS
6
star
15

sleepyhead

imported from https://sourceforge.net/projects/sleepyhead/
C++
6
star
16

grepcidr2

from http://www.taugh.com/grepcidr-2/
C
5
star
17

burp-plugin-requestutils

Plugin for manipulating requests in PortSwigger Burp Suite Pro v1.5+
Java
4
star
18

jimmix

From http://www.synacktiv.com/ressources/jimmix-0.3.tar.gz
Java
4
star
19

owaspsd-deserialize-my-shorts

Slide deck from OWASP SD Talk "Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization"
CSS
4
star
20

jdk7u

Java
3
star
21

shellshock-pocs

Perl
2
star
22

jmitm2

From http://www.david-guembel.de/uploads/media/jmitm2-0.1.0-source.tar.gz
Java
2
star
23

jdk6

Java
2
star
24

dotfiles

Shell
1
star
25

pwdagent

A barebones CLI utility to prompt for and cache a password in memory, then hand it out over HTTP or raw TCP
Ruby
1
star
26

burp-debug

Java
1
star
27

ircbots

Scala
1
star
28

reserializer

Java
1
star
29

privilegedaccessor

From https://code.google.com/p/privilegedaccessor/
Java
1
star
30

frohoff.github.io

Github Pages Site
CSS
1
star
31

lambda-zip-test

docker run -v [homedir]/.aws/:/root/.aws/ -e AWS_DEFAULT_PROFILE=[profilename] [containerid]
Shell
1
star
32

appseccali-rails-redis

Ruby
1
star
33

java-suid-exec

Break glass in case of suid java executable.
Java
1
star