Pinned Repositories
0wned
Code execution via Python package installation.
AD-Attack-Defense
Active Directory Security For Red & Blue Team
advisories
AndroidInterview-Q-A
The top Internet companies android interview questions and answers
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
awesome-appsec
A curated list of resources for learning about application security
Bella
A pure python, post-exploitation, data mining tool and remote administration tool for macOS.
Docker-Secure-Deployment-Guidelines
Deployment checklist for securely deploying Docker
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
public-pentesting-reports
Curated list of public penetration testing reports released by several consulting firms
0x13337's Repositories
0x13337/AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
0x13337/AndrewSpecial
AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
0x13337/binary-exploitation-intro
A gentle introduction to binary exploitation
0x13337/Cheatsheets-1
Penetration Testing/Security Cheatsheets
0x13337/clusterfuzz
Scalable fuzzing infrastructure.
0x13337/CVE-2019-12086-jackson-databind-file-read
0x13337/CVE-2019-3396_EXP
CVE-2019-3396 confluence SSTI RCE
0x13337/dnSpy
.NET debugger and assembly editor
0x13337/DVFaaS-Damn-Vulnerable-Functions-as-a-Service
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
0x13337/fyyur-fullstacknd
0x13337/git-secrets
Prevents you from committing secrets and credentials into git repositories
0x13337/honggfuzz
Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
0x13337/House-of-Corrosion
A description of the "House of Corrosion" GLIBC heap exploitation technique.
0x13337/httpie
As easy as httpie /aitch-tee-tee-pie/ 🥧 Modern command line HTTP client – user-friendly curl alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc. https://twitter.com/clihttp
0x13337/httprebind
Automatic tool for DNS rebinding-based SSRF attacks
0x13337/idapython
A collection of IDAPython modules made with 💚 by Duo Labs
0x13337/impacket
Impacket is a collection of Python classes for working with network protocols.
0x13337/miniupnpd_poc
Read out-of-bounds PoC for miniupnpd <= v2.1
0x13337/oss-fuzz
OSS-Fuzz - continuous fuzzing of open source software.
0x13337/phpggc
0x13337/polarbearrepo
0x13337/policy_sentry
IAM Least Privilege Policy Generator
0x13337/PrivExchange
Exchange your privileges for Domain Admin privs by abusing Exchange
0x13337/safeside
A project to understand and mitigate software-observable side-channels
0x13337/Swiss_E-Voting_Publications
Our publications of the Swiss E-Voting Public Intrusion Test (PIT)
0x13337/syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
0x13337/TheRomanXpl0it.github.io
:triangular_flag_on_post: TheRomanXpl0it is an italian academic CTF team from Sapienza, University of Rome.
0x13337/TLS-Padding-Oracles
New TLS Padding Oracles
0x13337/trxmalloc
A dummy allocator ptmalloc-inspired that we use to introduce n00bs to heap exploitation
0x13337/WebFundamentals
Best practices for modern web development