Hanno Bรถck (@hannob)

Top repositories

1

snallygaster

Tool to scan for secret files on HTTP servers
Python
2,047
star
2

bashcheck

test script for shellshocker and related vulnerabilities
Shell
653
star
3

php-crashers

Example scripts that cause segfaults in PHP
PHP
448
star
4

vulns

Named vulnerabilities and their practical impact
430
star
5

meltdownspectre-patches

Summary of the patch status for Meltdown / Spectre
346
star
6

vacdec

Python script to decode the EU Covid-19 vaccine certificate
Python
242
star
7

optionsbleed

Python
145
star
8

tlshelpers

A collection of shell scripts that help handling X.509 certificate and TLS issues
Shell
127
star
9

tls-what-can-go-wrong

TLS - what can go wrong?
100
star
10

smtpsmug

Python
94
star
11

hpkp

HTTP Public Key Pinning (HPKP) pin generation tools
Shell
71
star
12

apache-uaf

Apache use after free bug infos / ASAN stack traces
65
star
13

superfishy

Archive of software and other data involved in the Superfish / Komodia incident
Python
59
star
14

fpmvuln

bash poc scripts to exploit open fpm ports
Shell
58
star
15

lecaa

Check for Let's Encrypt CAA issue
Shell
53
star
16

hackercon

List of Free Software and IT Security related conferences
52
star
17

bignum-fuzz

Code to fuzz bignum libraries
C
46
star
18

selftls

Sample application to let OpenSSL talk to itself (for fuzzing)
C
33
star
19

pgpecosystem

Scripts to parse and analyze pgp key server data
Python
31
star
20

com2txt

com2txt tool (from 1993)
C
30
star
21

zipeinfo

ZIP encryption info
Python
29
star
22

alphasecret

Find PNG files with suspicious data in alpha channel
Shell
28
star
23

ctgrab

Shell
25
star
24

pgpbugs

A history of PGP-related vulnerabilities
21
star
25

mmapfail

Simple shell script to detect bad checks of mmap() return value
C
19
star
26

ed25519hetzner

Script to scan OpenSSH host key and known_hosts files for shared keys from server hoster Hetzner
Shell
19
star
27

pwncloud

proof of concept to backdoor files from owncloud encryption module
Shell
17
star
28

svnscraper

bash script to download publicly available .svn directories
Shell
16
star
29

libfuzzer-examples

examples for libfuzzer
C++
15
star
30

secpw

Secure random passwords in Javascript
HTML
14
star
31

ipmx

Python
13
star
32

badocspcert

Check for certs affected by July 2020 OCSP intermediate incident
Shell
13
star
33

jitsivuln

Check for jitis meet default password vulnerability
Python
12
star
34

primecheck

Check Diffie Hellman group prime parameter
Python
11
star
35

pypi-bad

Bad packages from the pypi repository
Python
9
star
36

httpstime

Setting the system time over HTTPS
Shell
9
star
37

mbox2maildir

Script to convert between mbox and maildir format
Python
9
star
38

webminex

poc exploit for webmin backdoor (CVE-2019-15107 and CVE-2019-15231)
8
star
39

asantoo

Overlay to use Gentoo with Address Sanitizer
Shell
8
star
40

emailprotocols

An overview of E-Mail protocols and data formats
8
star
41

silic

silic - simple link checker written in python
Python
7
star
42

rpter

Parse mails with reports from DMARC and SMTP TLS Reporting
Python
7
star
43

uudeview

Decoder and encoder for Base64 (MIME), uuencoded, xxencoded and Binhex files.
C
7
star
44

rompager-check

Online and offline check tool for the RomPager HTTP server and vulnerable versions
PHP
6
star
45

tmobile-login

Trivial bash script to log into Telekom / T-Mobile wireless lan
Shell
6
star
46

fritzbox-keys

private keys found on AVM Fritz!Box firmware images
5
star
47

pwsec

Simple password generator with no options
Shell
5
star
48

xssgame

PHP
5
star
49

exif2osm

Convert JPEG exif geotags to link on openstreetmap.org
Shell
5
star
50

pwbloom

Simple web index to use bloom filter for Pwned Passwords
Python
4
star
51

htpasswdos

Proof of concept for Apache htpasswd denial of service
PHP
4
star
52

symlinkown

Patch for the Linux Kernel to implement "SymlinksIfOwnerMatches" features
Shell
4
star
53

rdrand-test

Testing the rdrand CPU instruction
C
3
star
54

crimesafe-csrf

Create CSRF tokens secure from compression attacks like CRIME/BREACH/TIME/HEIST
PHP
3
star
55

cbugs

examples for C / C++ bugs caught by various safety tools
C
3
star
56

procdown

Harden access to the /proc filesystem in Linux
Shell
3
star
57

CVE-2020-27603-bbb-libreoffice-poc

Proof of Concept of Libreoffice file exfiltration vulnerability in Big Blue Button
3
star
58

svgx

Shell script chaining various SVG optimization tools
Shell
3
star
59

smtpsend

Command line tool to send mails with authentication
Python
2
star
60

fcrdns

Command line Forward-confirmed reverse DNS (FCrDNS) check written in Python
Python
2
star
61

rosproject-scripts

Scripts to compile ROS packages with compiler sanitizers
Shell
2
star
62

websec-examples

Some trivial examples for web vulnerabilities
PHP
2
star
63

gccweverything

Shell
2
star
64

getacmeaccount

Get account ID and other account info with private key for ACME account
Python
2
star
65

whichmicroarch

Shell script to guess CPU microarchitecture for latest CFLAGS
Shell
1
star
66

wolfoverflow

poc for stack buffer overflow in wolfssl
Shell
1
star
67

squirrelpatches

Patches for Squirrelmail
1
star
68

blocklistmaker

Scripts to create compromised key blocklists for the badkeys tool
1
star
69

ros-sanitizer-logs

Logs from ASAN/UBSAN/TSAN tests of ROS
1
star
70

rbltest

Simple script to query mailserver realtime block lists (RBLs)
Python
1
star
71

sanhash

Normalize and hash ASAN/MSAN crash dumps
Shell
1
star
72

snallygaster-testdata

Test data for the snallygaster tool
1
star
73

fpracer

File permission race proof of concept
Python
1
star
74

thrusql

Docker image to access German emission data from thru.de
Dockerfile
1
star
75

wifiinjection

Collection of Screenshots documenting WiFi Networks injecting content into HTTP pages
1
star
76

getkey

Bruteforce-search private keys in larger files
Python
1
star
77

abusescript

Scripts I've been using to inform owners of hosts affected by security vulnerabilities
Shell
1
star
78

acmereflect

quick and dirty check for ACME API endpoints that reflect content
Shell
1
star
79

sriutil

Python
1
star