Pinned Repositories
csp-auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
DLLPasswordFilterImplant
DLL Password Filter Implant with Exfiltration Capabilities
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
malboxes
Builds malware analysis Windows VMs so that you don't have to.
php7-opcache-override
Security-related PHP7 OPcache abuse tools and demo
pyrdp
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
pywsus
Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
template-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
WSuspicious
WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
xxe-workshop
Workshop given at Hack in Paris 2019
GoSecure's Repositories
GoSecure/LansweeperPasswordRecovery
Lansweeper Password Recovery Tool
GoSecure/docker-cowrie-kost
A Docker container for Cowrie - SSH honeypot based on kippo
GoSecure/ciscoconfparse
Parse, Audit, Query, Build, and Modify Cisco IOS-style configurations
GoSecure/malware_investigation_template
Because .idb files should be version controlled.
GoSecure/inception
Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
GoSecure/tachyon
Fast Multi-Threaded Web Discovery Tool