Bishop Fox
The leader in offensive security, providing continuous pen testing, red teaming, attack surface management, and traditional security assessments.
Pinned Repositories
badPods
A collection of manifests that will create pods with elevated privileges.
bfinject
Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
cloudfox
Automating situational awareness for cloud penetration tests.
eyeballer
Convolutional neural network for analyzing pentest screenshots
GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
sliver
Adversary Emulation Framework
spoofcheck
Simple script that checks a domain for email protections
unredacter
Never ever ever use pixelation as a redaction technique
Bishop Fox's Repositories
BishopFox/sliver
Adversary Emulation Framework
BishopFox/unredacter
Never ever ever use pixelation as a redaction technique
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
BishopFox/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
BishopFox/jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
BishopFox/eyeballer
Convolutional neural network for analyzing pentest screenshots
BishopFox/sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
BishopFox/iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
BishopFox/iSpy
A reverse engineering framework for iOS
BishopFox/cloudfoxable
Create your own vulnerable by design AWS penetration testing playground
BishopFox/sliver-gui
A Sliver GUI Client
BishopFox/CVE-2023-3519
RCE exploit for CVE-2023-3519
BishopFox/CVE-2023-27997-check
Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
BishopFox/forticrack
Decrypt encrypted Fortienet FortiOS firmware images
BishopFox/cve-2024-21762-check
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
BishopFox/mellon
OSDP attack tool (and the Elvish word for friend)
BishopFox/llm-testing-findings
LLM Testing Findings Templates
BishopFox/bigip-scanner
Determine the running software version of a remote F5 BIG-IP management interface.
BishopFox/BrokenHill
A productionized greedy coordinate gradient (GCG) attack tool for large language models (LLMs)
BishopFox/ysoserial-bf
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
BishopFox/CVE-2022-22274_CVE-2023-0656
BishopFox/awsservicemap
Go module that returns supported regions for a service or supported services for a region
BishopFox/wordlist-sanitizer
Remove Offensive and Profane Words from Wordlists
BishopFox/aws-signing
CLI that allows user to submit http requests using AWS request signing
BishopFox/local-llm-ctf
A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow
BishopFox/VulnerableGWTApp
An intentionally-vulnerable GWT-based web application to test tooling and techniques
BishopFox/kafka-connect-field-and-time-partitioner
Kafka Connect Store Partitioner by custom fields and time; also removing topic from s3 file path
BishopFox/knownawsaccountslookup
Go module that provides two lookup functions for the data in https://github.com/fwdcloudsec/known_aws_accounts
BishopFox/gcp-terraform-cloud-connector
This repo provides a terraform module for customers looking to implement Google Cloud connector support for Bishop Fox Cosmos
BishopFox/action-gh-release
📦 :octocat: GitHub Action for creating GitHub Releases