snallygaster
Tool to scan for secret files on HTTP serversbashcheck
test script for shellshocker and related vulnerabilitiesphp-crashers
Example scripts that cause segfaults in PHPvulns
Named vulnerabilities and their practical impactmeltdownspectre-patches
Summary of the patch status for Meltdown / Spectrevacdec
Python script to decode the EU Covid-19 vaccine certificateoptionsbleed
tlshelpers
A collection of shell scripts that help handling X.509 certificate and TLS issuestls-what-can-go-wrong
TLS - what can go wrong?smtpsmug
hpkp
HTTP Public Key Pinning (HPKP) pin generation toolsapache-uaf
Apache use after free bug infos / ASAN stack tracessuperfishy
Archive of software and other data involved in the Superfish / Komodia incidentfpmvuln
bash poc scripts to exploit open fpm portslecaa
Check for Let's Encrypt CAA issuehackercon
List of Free Software and IT Security related conferencesbignum-fuzz
Code to fuzz bignum librariesselftls
Sample application to let OpenSSL talk to itself (for fuzzing)pgpecosystem
Scripts to parse and analyze pgp key server datacom2txt
com2txt tool (from 1993)zipeinfo
ZIP encryption infoalphasecret
Find PNG files with suspicious data in alpha channelctgrab
pgpbugs
A history of PGP-related vulnerabilitiesmmapfail
Simple shell script to detect bad checks of mmap() return valueed25519hetzner
Script to scan OpenSSH host key and known_hosts files for shared keys from server hoster Hetznerpwncloud
proof of concept to backdoor files from owncloud encryption modulesvnscraper
bash script to download publicly available .svn directorieslibfuzzer-examples
examples for libfuzzersecpw
Secure random passwords in Javascriptipmx
badocspcert
Check for certs affected by July 2020 OCSP intermediate incidentjitsivuln
Check for jitis meet default password vulnerabilityprimecheck
Check Diffie Hellman group prime parameterpypi-bad
Bad packages from the pypi repositoryhttpstime
Setting the system time over HTTPSmbox2maildir
Script to convert between mbox and maildir formatwebminex
poc exploit for webmin backdoor (CVE-2019-15107 and CVE-2019-15231)asantoo
Overlay to use Gentoo with Address Sanitizeremailprotocols
An overview of E-Mail protocols and data formatssilic
silic - simple link checker written in pythonrpter
Parse mails with reports from DMARC and SMTP TLS Reportinguudeview
Decoder and encoder for Base64 (MIME), uuencoded, xxencoded and Binhex files.rompager-check
Online and offline check tool for the RomPager HTTP server and vulnerable versionstmobile-login
Trivial bash script to log into Telekom / T-Mobile wireless lanfritzbox-keys
private keys found on AVM Fritz!Box firmware imagespwsec
Simple password generator with no optionsxssgame
exif2osm
Convert JPEG exif geotags to link on openstreetmap.orgpwbloom
Simple web index to use bloom filter for Pwned Passwordshtpasswdos
Proof of concept for Apache htpasswd denial of servicesymlinkown
Patch for the Linux Kernel to implement "SymlinksIfOwnerMatches" featuresrdrand-test
Testing the rdrand CPU instructioncrimesafe-csrf
Create CSRF tokens secure from compression attacks like CRIME/BREACH/TIME/HEISTcbugs
examples for C / C++ bugs caught by various safety toolsprocdown
Harden access to the /proc filesystem in LinuxCVE-2020-27603-bbb-libreoffice-poc
Proof of Concept of Libreoffice file exfiltration vulnerability in Big Blue Buttonsvgx
Shell script chaining various SVG optimization toolssmtpsend
Command line tool to send mails with authenticationfcrdns
Command line Forward-confirmed reverse DNS (FCrDNS) check written in Pythonrosproject-scripts
Scripts to compile ROS packages with compiler sanitizerswebsec-examples
Some trivial examples for web vulnerabilitiesgccweverything
getacmeaccount
Get account ID and other account info with private key for ACME accountwhichmicroarch
Shell script to guess CPU microarchitecture for latest CFLAGSwolfoverflow
poc for stack buffer overflow in wolfsslsquirrelpatches
Patches for Squirrelmailblocklistmaker
Scripts to create compromised key blocklists for the badkeys toolros-sanitizer-logs
Logs from ASAN/UBSAN/TSAN tests of ROSrbltest
Simple script to query mailserver realtime block lists (RBLs)sanhash
Normalize and hash ASAN/MSAN crash dumpssnallygaster-testdata
Test data for the snallygaster toolfpracer
File permission race proof of conceptthrusql
Docker image to access German emission data from thru.dewifiinjection
Collection of Screenshots documenting WiFi Networks injecting content into HTTP pagesgetkey
Bruteforce-search private keys in larger filesabusescript
Scripts I've been using to inform owners of hosts affected by security vulnerabilitiesacmereflect
quick and dirty check for ACME API endpoints that reflect contentsriutil
Love Open Source and this site? Check out how you can help us