Discover @vysecurity Open Source projects

Vincent Yiu (@vysecurity)

vysecurity

Stars
5,999
Global Rank 4,234 (Top 0.2 %)
Followers 1,844
Following 77
Registered over 11 years ago
Most used languages

Python
51.7 %

PowerShell
17.2 %

C#
6.9 %

HTML
3.4 %

PHP
3.4 %

Shell
3.4 %

F#
3.4 %

Go
3.4 %

JavaScript
3.4 %

Batchfile 3.4 %

RedTips

Red Team Tips as posted by @vysecurity on Twitter

LinkedInt

LinkedIn Recon Tool

DomLink

A tool to link a domain with registered organisation names and emails, to other domains.

DomainFrontingLists

A list of Domain Frontable Domains by CDN

morphHTA

morphHTA - Morphing Cobalt Strike's evil.HTA

ANGRYPUPPY

Bloodhound Attack Path Automation in CobaltStrike

IPFuscator

IPFuscator - A tool to automatically generate alternative IP representations

Aggressor-VYSEC

CVE-2017-8759

CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.

ps1-toolkit

Obfuscated Penetration Testing PowerShell scripts

genHTA

Generates anti-sandbox analysis HTA files without payloads

CVE-2018-4878

Aggressor Script to launch IE driveby for CVE-2018-4878

checkO365

checkO365 is a tool to check if a target domain is using O365

CobaltSplunk

Splunk Dashboard for CobaltStrike logs

ATT-CK_Analysis

Repository for my ATT&CK analysis research.

FSharp-Shellcode

F# Implementation to spawn shellcode

Invoke-ProcessScan

Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.

AzureAppC2

A script that can be deployed to Azure App for C2 / Proxy / Redirector

basicAuth

Basic Auth Phish page

ShellcodeConversion

A collection of shell code conversion scripts that I have written over time for repetitive tasks

RDPInception

A script to attack users who are RDPing into a machine and recurse this attack. For security testers and attack simulations.

Office365TenantsList

Office365 Tenants List

WindfarmDynamite-CNA

CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe

EmpireAMSI

DoH-Servers

DNS over HTTPS Servers

BadIP

Bad Security Vendor IPs

wepwnise

A generator to weaponize Macro payloads that can evade EMET and utilises native VB migration.

PWNDB

autovpn

Easily connect to a VPN in a country of your choice

CloudServiceLists

Tenants list for each cloud service.

CVE-2020-0796

CVE-2020-0796 - Working PoC - 20200313

vysecurity

PacketParser

A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.

SCTPersistence

Create COM Objects backed by Scripts, not DLLs

nuclei-templates-notags

CVE-2021-40444

Linkedin_Connect_NEWUI

A Python Script that controls Selenium to automate the process of connecting on LinkedIn

malleable-profiles

IIS_exploit

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

test-conf

Archive

vysecurity.github.io

HOLYWATER

nextjs-blog-theme

DomainFrontingProxies

A list of Domain Fronting Proxies that are known to permit or break Domain Fronting