Pinned Repositories
0wned
Code execution via Python package installation.
AD-Attack-Defense
Active Directory Security For Red & Blue Team
advisories
AndroidInterview-Q-A
The top Internet companies android interview questions and answers
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
awesome-appsec
A curated list of resources for learning about application security
Bella
A pure python, post-exploitation, data mining tool and remote administration tool for macOS.
Docker-Secure-Deployment-Guidelines
Deployment checklist for securely deploying Docker
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
public-pentesting-reports
Curated list of public penetration testing reports released by several consulting firms
0x13337's Repositories
0x13337/AD-Attack-Defense
Active Directory Security For Red & Blue Team
0x13337/aem-hacker
0x13337/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
0x13337/awesome-virtualization
0x13337/CVE-2018-15961
Unrestricted file upload in Adobe ColdFusion
0x13337/exploitdb-papers
exploit-database-papers
0x13337/flare-vm
0x13337/GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
0x13337/LinkFinder
A python script that finds endpoints in JavaScript files
0x13337/nmap-vulners
NSE script based on Vulners.com API
0x13337/objection
📱 objection - runtime mobile exploration
0x13337/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
0x13337/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
0x13337/PoC
Proofs-of-concept
0x13337/PrestaShop-CVE-2018-19126
PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
0x13337/prototype-pollution-nsec18
Content released at NorthSec 2018 for my talk on prototype pollution
0x13337/pwn2own2018
A Pwn2Own exploit chain
0x13337/pwntools
CTF framework and exploit development library
0x13337/radare2
unix-like reverse engineering framework and commandline tools security
0x13337/radare2book
r1 book transcription to r2
0x13337/Security-Research
Exploits written by the Rhino Security Labs team
0x13337/security_whitepapers
Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
0x13337/SPartan
Frontpage and Sharepoint fingerprinting and attack tool.
0x13337/udacity-nanodegrees
:mortar_board: List of Udacity Nanodegree programs with links to the free courses in their curricula
0x13337/virtualbox_e1000_0day
VirtualBox E1000 Guest-to-Host Escape
0x13337/WebMap
Nmap Web Dashboard and Reporting
0x13337/Win10-LPE
The Windows 10 LPE exploit written by SandboxEscaper
0x13337/windowsblindread
A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
0x13337/workshops
A few exercises for use at events.
0x13337/ysoserial-modified
That repository contains my updates to the well know java deserialization exploitation tool ysoserial.