Pinned Repositories
Automation
This repo contains Automation scripts which can be used in CTFs and Real world.
chrome-sniff-snuff
A Google Chrome extension to monitor canaries in URLs, cookies, headers and content in real-time. Useful for web application analysis without Burp or ZAP, etc.
Flask-GzipBomb
Gzip Bomb responses for Flask
iDict
iCloud Apple iD BruteForcer
nsa-theme
NSA-styled MDM theme
sandbox
Repo for various proofs of concept
timing-attacks
Code and docs related to timing attacks
wp-xmlrpc-bruteforcer
A simple threaded password bruteforce tool against Wordpress installations with XML-RPC enabled. The tool exploits the system.multicall functionality.
0xBADCA7's Repositories
0xBADCA7/apache-log4j-poc
Apache Log4j 远程代码执行
0xBADCA7/arch-nvidia-installer
Nvidia driver installer for Arch Linux, Alter Linux
0xBADCA7/CVE-2021-26084
CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)
0xBADCA7/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
0xBADCA7/crc-32-hash-collider
CRC-32 collision finder
0xBADCA7/CVE-2022-0185
CVE-2022-0185
0xBADCA7/device-flasher
Android Factory Image Flasher for Linux, macOS and Windows
0xBADCA7/DirtyPipe-Android
Dirty Pipe root exploit for Android (Pixel 6)
0xBADCA7/esp8266_deauther
Affordable WiFi hacking platform for testing and learning
0xBADCA7/ESPCanary
0xBADCA7/ghostwriter
Text editor for Markdown
0xBADCA7/HackLikeALegend
Scripts featured in the book How to Hack Like a Legend
0xBADCA7/http2smugl
0xBADCA7/JNDI-Injection-Exploit
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
0xBADCA7/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
0xBADCA7/Platinum9
Mac OS 9 Theme for Xubuntu
0xBADCA7/quickjs
Public repository of the QuickJS Javascript Engine. Pull requests are not accepted. Use the mailing list to submit patches.
0xBADCA7/rogue-jndi
A malicious LDAP server for JNDI injection attacks
0xBADCA7/rsa_sign2n
Deriving RSA public keys from message-signature pairs
0xBADCA7/RsaCtfTool
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
0xBADCA7/security-labs-pocs
Proof of concept code for Datadog Security Labs referenced exploits.
0xBADCA7/SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
0xBADCA7/Spring4Shell-POC
0xBADCA7/starbase
Graph-based security analysis for everyone
0xBADCA7/syncserver
Run-Your-Own Firefox Sync Server
0xBADCA7/T-Watch-2021
0xBADCA7/UEFI-Repair-Guide
0xBADCA7/usbrply
Replay USB messages from Wireshark (.cap) files
0xBADCA7/VirtualSMC
SMC emulator layer
0xBADCA7/vuo-fork
A realtime visual programming language for interactive media.