Pinned Repositories
advisories
Security advisories
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
airprobe
GSM sniffer
alpha-toolkit
Botnets of the Web - How to Hijack One
free-for-dev
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
TempestSDR
Remote video eavesdropping using a software-defined radio platform
xss-shell-payloads
XSSing Your Way to Shell
xsser
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Varbaek's Repositories
Varbaek/xsser
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Varbaek/amass
In-Depth DNS Enumeration and Network Mapping
Varbaek/android-security-awesome
A collection of android security related resources
Varbaek/awesome-telco
A curated list of telco resources and projects
Varbaek/bspfuzz
Varbaek/burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Varbaek/dirsearch
Web path scanner
Varbaek/dns-rebind-toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks.
Varbaek/dubstep-data
Put data inside dubstep drops
Varbaek/EMI_mapper
A python script using RTL-SDR and OpenCV to create fast 2D electromagnetic maps.
Varbaek/fl2k-examples
Example flowgraphs for osmo-fl2k
Varbaek/hackbox
HackBox is the combination of awesome techniques.
Varbaek/HUNT
Varbaek/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Varbaek/MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
Varbaek/Mobile-Security-Framework-MobSF
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
Varbaek/mobisys2018_nexmon_software_defined_radio
Proof of concept project for operating Broadcom Wi-Fi chips as arbitrary signal transmitters similar to software-defined radios (SDRs)
Varbaek/mXtract
mXtract - Memory Extractor & Analyzer
Varbaek/NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
Varbaek/NSEC-3-Walker
Performs DNS zone dumps by walking DNSSEC NSEC(3) records.
Varbaek/Phantom-Evasion
Python AV evasion tool capable to generate FUD executable even with the most common 32 bit metasploit payload(exe/elf/dmg/apk)
Varbaek/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
Varbaek/Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
Varbaek/RyzeTelloFirmware
Firmware images for hacking, reverse engineering, and teardown of the Ryze / DJI / Intel Movidius Tello
Varbaek/SharpSploitConsole
Varbaek/static-arm-bins
Statically compiled ARM binaries for debugging and runtime analysis
Varbaek/subfinder
SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Varbaek/Sublist3r
Fast subdomains enumeration tool for penetration testers
Varbaek/swf_json_csrf
Varbaek/the-book-of-secret-knowledge
:dizzy: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.