Security

Go script for bypassing 403 forbidden

🔐 Share end-to-end encrypted secrets with others via a one-time URL

A scanner/exploitation tool written in GO, which leverages Prototype Pollution to XSS by exploiting known gadgets.

Flashbots is a research and development organization formed to mitigate the negative externalities and existential risks posed by miner-extractable value (MEV) to smart-contract blockchains.

Windows 11 TPM 2.0 and Secure Boot Setup.exe/Registry bypass written in Go.

DalFox is a fast, powerful parameter analysis and XSS scanner, based on a golang/DOM parser. supports friendly Pipeline, CI/CD and testing of different types of XSS. I talk about naming. Dal(달) is the Korean pronunciation of moon

A fast cryptocurrency bot framework implemented in Go. Ninjabot permits users to create and test custom strategies for spot markets.

An experimental tool for splitting and distributing your private keys safely*

It allows for multiple, independent file systems on a single disk whose existence can only be verified if you posses the correct password.

Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode

EJSON is a small library to manage encrypted secrets using asymmetric encryption.

rosetta-dogecoin provides an implementation of the Rosetta API for Dogecoin in golang, based off the rosetta-bitcoin reference implementation provided by Coinbase. If you haven't heard of the Rosetta API, you can find more informa

Obfuscate Go code by wrapping the Go toolchain

REALITY_SMASHER vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????) "As easy to stop as it is to comprehend." What is it? "Reality

Cryptogalaxy is an app which will get any cryptocurrencies ticker and trade data from multiple exchanges through REST / websocket and save it into multiple storage systems.

CVE-2021-26855 CVE-2021-26855 ssrf 简单利用 golang 练习 影响版本 Exchange Server 2013 小于 CU23 Exchange Server 2016 小于 CU18 Exchange Server 2019 小于 CU7 利用条件 该漏洞不

Password Lists Introduction Password lists are going back to the roots of information security. They compile a list of popular passwords. Often to opt

A secrets management tool for developers built in Go - never leave your command line for secrets

CVE-2021-3449 OpenSSL <1.1.1k DoS exploit Usage: go run . -host hostname:port This program implements a proof-of-concept exploit of CVE-2021-3449 affe

Secret - Encrypt anything with a password Ever wanted to hide a file? Now you can do it really easily! Usage secret {-e/--encrypt | -d/--decrypt} <sou

Welcome to the DEROHE Testnet Explorer Source Twitter Discord Wiki Github DERO CryptoNote Mainnet Stats Mainnet WebWallet DERO HE [ DERO Homomorphic E

Secure, private and feature-rich CLI password manager

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

Official node implementation of the Avalanche network - a blockchains platform with high throughput, and blazing fast transactions.

Friends don't let friends leak secrets in terminal windows.

It'll exploit most sudo privileges listed in GTFOBins to pop a root shell, as well as exploiting issues like a writable docker.sock. More routes to root will be added over time too.

Someone tried to unlock your device

Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.

Find secrets and passwords in container images and file systems

What the world needed, another leak scanner

A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt or JavaScript (npm) package.json

Saferwall is an open source malware analysis platform.

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.