Pinned Repositories
csp-auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
DLLPasswordFilterImplant
DLL Password Filter Implant with Exfiltration Capabilities
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
malboxes
Builds malware analysis Windows VMs so that you don't have to.
php7-opcache-override
Security-related PHP7 OPcache abuse tools and demo
pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
pywsus
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
template-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
xxe-workshop
Workshop given at Hack in Paris 2019
GoSecure's Repositories
GoSecure/break-fast-serial
A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
GoSecure/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
GoSecure/gophish-cli
Gophish Python cli to perform huge phishing campaigns
GoSecure/44con-code-review-workshop
References, tools and sample payloads
GoSecure/find-sec-bugs
The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects)
GoSecure/jenkins-fsb
Jenkins instance with preconfigured jobs to analyze Java binaries using Find Security Bugs.
GoSecure/orange-code-widget
:orange: Widget for Orange to visualize code sample
GoSecure/wsuspect-proxy
WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections
GoSecure/cowrie
Cowrie SSH Honeypot (based on kippo)
GoSecure/owasp-workshop-zap
Atelier pratique sur le développement d'extension ZAP / Workshop on ZAP extension development
GoSecure/packer
Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
GoSecure/tls-fingerprinting
TLS Fingerprinting
GoSecure/api-client-python
A Python API Client for Gophish
GoSecure/confoo-xss-bypass-demos
Demonstration for the presentation Modern XSS
GoSecure/docker-cowrie
Docker Cowrie Honeypot image
GoSecure/backslash-powered-scanner
Finds unknown classes of injection vulnerabilities
GoSecure/findbugs-plugin
Jenkins findbugs plugin
GoSecure/roslyn-security-guard
Roslyn analyzers that aim to help security audit on .NET applications.
GoSecure/rwhtml
A peculiar markdown-to-HTML converter
GoSecure/yasuo
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
GoSecure/cpAnsible
Ansible module provides control over a Check Point Management server using Check Point's web-services APIs.
GoSecure/cti
Cyber Threat Intelligence Repository expressed in STIX 2.0
GoSecure/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
GoSecure/pandas
Flexible and powerful data analysis / manipulation library for Python, providing labeled data structures similar to R data.frame objects, statistical functions, and much more
GoSecure/SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
GoSecure/unfetter
Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. iadgov
GoSecure/VVV
An open source Vagrant configuration for developing with WordPress
GoSecure/chocolatey-coreteampackages
These packages that are managed by the chocolatey core team. To get a package added here, the official chocolatey account needs to have push access to the package on chocolatey.org.
GoSecure/chocolateypackages.AnthonyMastrean
Application packages for Windows
GoSecure/ChocolateyPackages.MarkRobertJohnson
All of the Chocolatey packages that have been publicly published