Professionally Evil

Open-source projects by Secure Ideas

Pinned Repositories

bash_tricks
a github repo that will be used for teaching bash optimizations in a youtube series
10 5 61
bloodhound-elementary
Command line tool for analyzing .json files generated by bloodhound.py or sharphound for use in Bloodhound.
Language:Python20 4 14
C4
Cyberdelia, a Collection of Command and Control frameworks
Language:Shell63 9 2011
client-side-attacks-lab
Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.
Language:HTML20 4 15
harpoon
A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
Language:Go134 9 835
LD_PRELOAD-rand-Hijack-Example
Code samples to go along with the blog post on using LD_PRELOAD to hijack rand() in a number guessing game.
Language:C11 4 03
LD_PRELOAD-run-at-load-time
Code samples to go along with the blog post on how to run code at load/unload time when using LD_PRELOAD to inject libraries.
Language:C11 4 03
nmap_oui_update
A script to download OUI data from the IEEE and parse it into the nmap-mac-prefixes file so Nmap has the latest OUI data.
Language:Python10 3 12
pewapt101
Professionally Evil Web Application Penetration Testing 101
142 21 136
x86_asm
x86 Assembly Code Examples for Blog Posts
Language:Assembly16 4 03

Professionally Evil's Repositories

ProfessionallyEvil/pewapt101
Professionally Evil Web Application Penetration Testing 101
142 21 136
ProfessionallyEvil/harpoon
A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
Language:Go134 9 835
ProfessionallyEvil/client-side-attacks-lab
Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.
Language:HTML20 4 15
ProfessionallyEvil/x86_asm
x86 Assembly Code Examples for Blog Posts
Language:Assembly16 4 03
ProfessionallyEvil/LD_PRELOAD-rand-Hijack-Example
Code samples to go along with the blog post on using LD_PRELOAD to hijack rand() in a number guessing game.
Language:C11 4 03
ProfessionallyEvil/LD_PRELOAD-run-at-load-time
Code samples to go along with the blog post on how to run code at load/unload time when using LD_PRELOAD to inject libraries.
Language:C11 4 03
ProfessionallyEvil/bash_tricks
a github repo that will be used for teaching bash optimizations in a youtube series
10 5 61
ProfessionallyEvil/nmap_oui_update
A script to download OUI data from the IEEE and parse it into the nmap-mac-prefixes file so Nmap has the latest OUI data.
Language:Python10 3 12
ProfessionallyEvil/DVFPS
A Damn Vulnerable FPS game built using Godot
Language:GDScript9 5 42
ProfessionallyEvil/DVMMO
Damn Vulnerable MMO; an mmo game that is deliberately vulnerable and maybe just maybe fun to play.
Language:GDScript5 5 41
ProfessionallyEvil/SameSiteAttackDemo
A simple demo web app built with Svelte + Restify that is meant to demonstrate security aspects regarding the SameSite cookie flag.
Language:JavaScript5 5 01
ProfessionallyEvil/k8s-labs
Language:JavaScript4 4 201
ProfessionallyEvil/LD_PRELOAD-accept-backdoor
Code samples to go along with the blog post on how to create an LD_PRELOAD backdoor hooking accept()
Language:C4 3 03
ProfessionallyEvil/csik
Client Script Injection Kit
Language:Python3 4 01
ProfessionallyEvil/CVE-2021-38295-PoC
A simple Python proof of concept for CVE-2021-38295.
Language:Python3 6 03
ProfessionallyEvil/brokkr
2
ProfessionallyEvil/cookie-monster
Coming soon...
Language:JavaScript2 3 0
ProfessionallyEvil/edit_leaked_file_descriptor
An all-in-one tool to edit a leaked file descriptor in SetUID binaries.
Language:C2 3 0
ProfessionallyEvil/container-escape-labs
Some container escape labs
Language:Batchfile1 4 0
ProfessionallyEvil/static-analysis-ttp
Language:Shell1 6 3
ProfessionallyEvil/blog-ansible-webservers
Repo for this blog: https://www.secureideas.com/blog/ensuring-web-security-via-ansible-apache
4 0
ProfessionallyEvil/blog-juiceshop-workshop
Repo for this blog post: https://www.secureideas.com/blog/juiceshop-workshop-in-less-than-5-minutes
Language:Python4 0
ProfessionallyEvil/dotknotty
This is a dotnet vulnerable application for demonstrating web app flaws.
Language:C#3 0
ProfessionallyEvil/March-2021-KeyGenMe-Solution
This repo is to provide an example solution to the KeyGenMe challenge binary from March 2021.
Language:Python4 0
ProfessionallyEvil/tartar-sauce
Miscellaneous demos and scripts for user awareness campaigns
Language:JavaScript3 0
ProfessionallyEvil/Top10
Official OWASP Top 10 Document Repository
Language:HTML1 0
ProfessionallyEvil/wappalyzer
The last commit of Wappalyzer before it went private
Language:JavaScript0 0
ProfessionallyEvil/webcast-cloudy-stealth
Infrastructure as Code repo that accompanies the Cloudy with a Chance of Stealth webcast
Language:HCL5 0
ProfessionallyEvil/webcast-iac-sast
Language:Dockerfile
ProfessionallyEvil/writeup_11_13_2020_challenge
A supporting repo for a blog post write-up of how to solve the November 13th, 2020 Detective Nevils Mystery Challenge.
Language:Python4 0