codingo
Vice President, Security Operations and Researcher Success @ Bugcrowd
@bugcrowd Brisbane, Australia
Pinned Repositories
bbr
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
BibWord
Microsoft Word and Bibliography Styles extender.
crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
DNSCewl
A DNS Bruteforcing Wordlist Generator
dorky
A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
NoSQLMap
Automated NoSQL database enumeration and web application exploitation tool.
OSCP-2
Collection of things made during my OSCP journey
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
VHostScan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
codingo's Repositories
codingo/Retrieve-Windows-Wifi-Passwords
Retreives the SSID names and passwords in cleartext for each Wifi network stored on the computer running this powershell script and output to JSON.
codingo/cracknet
A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.
codingo/Windows-Privesc
Basics of Windows privilege escalation
codingo/awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
codingo/RaiderOfTheLostBrowsers
Command line utility to extract passwords from the major browsers (Chrome, Firefox, Edge). Useful in demonstrating to users the importance of using proper password managers instead of saving credentials in browser based accounts which synchronize settings locally.
codingo/Google-Phonelib-SQL-CLR
A SQL CLR implementation of GooglePhoneLib allowing it to be used as a Microsoft SQL Function.
codingo/Hash-Buster
Hash Buster is a python script which scraps online hash crackers to find cleartext of a hash.
codingo/AWSBucketDump
Security Tool to Look For Interesting Files in S3 Buckets
codingo/Content-Bruteforcing-Wordlist
Wordlist for content(directory) bruteforce discovering with Burp and dirsearch
codingo/CTFs
Code and writeups for a variety of CTF challenges. Links to writeups included where available.
codingo/jwt_tool
A toolkit for testing, tweaking and cracking JSON Web Tokens
codingo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
codingo/Security-Testing
Security Related Tools and Resources
codingo/sqlmap
Automatic SQL injection and database takeover tool
codingo/SublimeXssEncode
Converts characters from one encoding to another using a transformation.
codingo/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
codingo/autoSubTakeover
A tool used to check if a CNAME resolves to the scope adress. If the CNAME resolves to a non-scope adress it might be worth checking out if subdomain takeover is possible.
codingo/badwolf
A Vim color scheme.
codingo/echoed
Bug Bounty Alexa Skill
codingo/Hash-Checker
A Powershell script to check a hash against a file script
codingo/krackdetector
Detect and prevent KRACK attacks in your network
codingo/nosqlilab
A lab for playing with NoSQL Injection
codingo/PythonTaskManager
A Python3 TaskManager threading threads
codingo/RedTips
Red Team Tips as posted by @vysecurity on Twitter
codingo/CORStest
A simple CORS misconfiguration scanner
codingo/crypto
A single page web app that uses coinmarketcap's api to display cryptocurrency prices.
codingo/fuzzdb
一个fuzzdb扩展库
codingo/IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
codingo/inkpot
Inkpot 88/256 Colour Scheme for Vim
codingo/WPF-Fading-Notification
A WPF based notification that displays an alert for the user within the current window and then slowly fades from view