Security related resources

Safety checks your installed dependencies for known security vulnerabilities

A Python library for mathematical finance

awesome resources about cloud native security 🐿

Tenet is an IDA Pro plugin for exploring execution traces. The goal of this plugin is to provide more natural, human controls for navigating execution traces against a given binary. The basis of this work stems from the desire to

UFONet - Denial of Service Toolkit

Profil3r Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This p

Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management

Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pgp key servers and shodan) and check if emails was leaked using haveibeenpwned.com API. Is a really si

DomainCAT (Domain Connectivity Analysis Tool) Domain Connectivity Analysis Tool is used to analyze aggregate connectivity patterns across a set of dom

gitrecon OSINT tool to get information from a Github or Gitlab profile and find user's email addresses leaked on commits. 📚 How does this work? GitHu

Doge-Defense-Evasion-Ref Defense Evasion | Bypass AntiVirus Reference Github Repositories https://github.com/BishopFox/sliver https://github.com/optiv

This is a js front-end encryption blasting account and password tools，Because it calls JS in a clever way without us having to analyze the whole project

A set of Python scripts for finding threats in Office365

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspec

Land doesn't vote, people do. This is a version of the famous visualization «Land doesn't vote, people do» by Karim Douïeb for Switzerland written in

关于POC 这里会把作者在各种环境中遇到的繁琐漏洞简化为POC工具,以便在后续中轻松发现与利用

Picocrypt is a very tiny (hence "Pico"), very simple, yet very secure file encryption tool. It uses the modern ChaCha20-Poly1305 cipher suite as well

weblogic-framework is the best tool for detecting weblogic vulnerabilities.

malware_training_vol1 Materials for Windows Malware Analysis training (volume 1) 🚧 WARNING: work in progress! More material will be added gradually.

Description iOS devices contain a hidden feature for sniffing decrypted HTTP/HTTPS traffic from all processes using the CFNetwork framework into an HA

ChizCoin : a simple blockchain implementation using python in a very noob way, i used flask to build API and bootstrap to makeup a (so called) fronten

ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell) usage: python ProxyLogon.py --host=exchang

The CISA Hunt and Incident Response Program (CHIRP) is a tool created to dynamically query Indicators of Compromise (IoCs) on hosts with a single package, outputting data in a JSON format for further analysis in a SIEM or other to

Datto RMM :: FireEye Red Team Countermeasure Scanner Build 23, 18th December 2020, (C) Copyright Datto, Inc. BACKSTORY On the 8th of December, a group

CVE-2021-3156 (Sudo Baron Samedit) This repository is CVE-2021-3156 exploit targeting Linux x64. For writeup, please visit https://datafarm-cybersecur

CVE-2021-26855 PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github Why does github remove this exploit because

CVE-2020-6308 SAP POC SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker t

ssh-mitm - intercept ssh traffic man in the middle (mitm) server for security audits supporting public key authentication, session hijacking and file

Luca Security Concept This is the document source of luca's security concept. Please go here for the HTML version: https://luca-app.de/securityconcept

Project Champollion About this project Rosetta 2 is an emulation mechanism to run the x86_64 applications on Arm-based Apple Silicon with Ahead-Of-Tim

Bypassing a CGNAT with Wireguard Contents VPS Setup Locking down your server System config Installing Wireguard Home Server Setup System Config Instal

Templates are the core of nuclei scanner which power the actual scanning engine.