codingo
Vice President, Security Operations and Researcher Success @ Bugcrowd
@bugcrowd Brisbane, Australia
Pinned Repositories
bbr
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
BibWord
Microsoft Word and Bibliography Styles extender.
crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
DNSCewl
A DNS Bruteforcing Wordlist Generator
dorky
A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
NoSQLMap
Automated NoSQL database enumeration and web application exploitation tool.
OSCP-2
Collection of things made during my OSCP journey
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
codingo's Repositories
codingo/OSCP-2
Collection of things made during my OSCP journey
codingo/SharePoint-Security
A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.
codingo/pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
codingo/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
codingo/megplus
Automated reconnaissance wrapper — TomNomNom's meg on steroids.
codingo/gitleaks
Searches full repo history for secrets and keys 🔑
codingo/Red-Team-Infrastructure
Tooling and commands for common red team and Infrastructure testing tasks
codingo/security-through-obscurity
A reversing challenge made for CrikeyCon 2018
codingo/coffee
A repository for snippets of code that make my life easier.
codingo/fuzzdb-1
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
codingo/gobuster
Directory/file & DNS busting tool written in Go
codingo/InsecureProgrammingDB
Insecure programming functions database
codingo/iOS-Pentesting
Wiki for Pentesting iOS apps
codingo/kb
Respositoy of all my notes on infosec I have been building up over the years
codingo/Scanners-Box
The toolbox of open source scanners - 安全行业从业者自研开源扫描器合辑
codingo/Simple-Substitution
A CTF challenge for CrikeyCon 2018
codingo/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
codingo/windows_auditor
A simple powershell script which gives handy compliance report.
codingo/xsshunter
The XSS Hunter service - a portable version of XSSHunter.com
codingo/AutoBlue-MS17-010
This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue
codingo/dooks-air-conditioning
A CTF web challenge built for CrikeyCon 2018
codingo/ReconPDF
PDF report generator for basic recon
codingo/reflector
Burp plugin able to find reflected XSS on page in real-time while browsing on site
codingo/session-tracking-checks
codingo/SubOver
A Powerful Subdomain Takeover Tool
codingo/subtake
Extension of sublister tool to check for subdomain takeovers
codingo/Asia-Pacific-Infosec-Conferences
A list of infosec / hacking conferences in Asia Pacific
codingo/badge
Add a badge to your app icon
codingo/CoinBlockerLists
Simple lists that can help prevent cryptomining in the browser or other applications.
codingo/copy-as-powershell-requests
Copy as PowerShell request(s) plugin for Burp Suite