ariary
Security Engineer naively hoping that his technical background will one day be more effective than social engineering
Pinned Repositories
cfuzz
Command line fuzzer and bruteforcer ๐ช wfuzz for command
DogWalk-rce-poc
๐พDogwalk PoC (using diagcab file to obtain RCE on windows)
fileless-xec
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
HTTPCustomHouse
HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
Notionion
Notion as an HTTP proxy
notionterm
๐ฅ๏ธ๐ Embed reverse shell in Notion pages
QueenSono
Golang binary for data exfiltration with ICMP protocol (+ ICMP bindshell, http over ICMP tunneling, ...)
tacos
๐ฎ INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)
TrojanSourceFinder
๐ Help find Trojan Source vulnerability in code ๐ . Useful for code review in project with multiple collaborators (CI/CD)
volana
๐ Shell command obfuscation to avoid detection systems
ariary's Repositories
ariary/fileless-xec
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
ariary/notionterm
๐ฅ๏ธ๐ Embed reverse shell in Notion pages
ariary/volana
๐ Shell command obfuscation to avoid detection systems
ariary/cfuzz
Command line fuzzer and bruteforcer ๐ช wfuzz for command
ariary/TrojanSourceFinder
๐ Help find Trojan Source vulnerability in code ๐ . Useful for code review in project with multiple collaborators (CI/CD)
ariary/HTTPCustomHouse
HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
ariary/tacos
๐ฎ INTERACTIVE reverse shell everywhere! (Particularly digestible with socat multi-handler listener)
ariary/Notionion
Notion as an HTTP proxy
ariary/DomXssFinder
Find sources and sinks in js code that could lead to DOM XSS ๐๐ง๐ฐ
ariary/gitar
๐ก Ease file sharing during pentest/CTF ๐ธ
ariary/Readme-Like-Button
Style your README with a "like button" ๐
ariary/JSextractor
Fastly gather all JavaScript from url (CLi+TUI)
ariary/sexonthebash
Unprivileged and stealth shell input and output listeners. Differerent approach for keylogging with Shell/bash.
ariary/bang
My pentest machine environment set up, tools, aliases and shortcuts
ariary/cssrf
Ease CSS exfiltration
ariary/console.sh
Share terminal in your browser console
ariary/magnet
๐งฒ Hide data exfiltration in harmless looking executable
ariary/.pwnvscode
Obtain RCE by poisoning .vscode folder
ariary/kube-podpreemption-DoS
๐ช๏ธ Evict pods and block pod deployment (DoS) on kubernetes
ariary/quicli
๐ช Go library to quickly build CLI using a simple one-liner
ariary/sheesh
A ยซย better than an aliasย ยป generator (flag & completion) ๐ช
ariary/CVE-2021-25741
๐ช Instant shell on kubernetes node with CVE-2021-25741 exploit adaptation
ariary/aws-sdk-go
AWS SDK for the Go programming language.
ariary/coco-modules
Modules for coco c2c
ariary/countdown
Get passwords possibilities number providing wordlist and constraints model
ariary/dex
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
ariary/fox
๐ฆ youโve never sent a file so fast
ariary/go-utils
๐ list of golang helper functions not project dependants
ariary/kubectl-np-viewer
A kubectl plugin to visualize network policies rules.
ariary/kubectl-testnet
k8s plugin to test network connectivity within the cluster (useful for netpol tests)