Pinned Repositories
CVE-2006-3747
Information about my advisory on CVE-2006-3747 (Apache mod_rewrite LDAP off-by-one buffer overflow).. At the time, it was the first public working exploit :)
CVSS2-Calculator
CVSSv2.js is a Free and Open Source Javascript library that is based on Common Vulnerability Scoring System (CVSS) version 2.0 calculator easier to share and deploy.
ldd-win
A similar Linux ldd command for EXE files... for DLL hijacking prevention or exploitation
nodessrf
Lab to understand and test SSRF attacks
pnfaker
Process name faker for linux/BSD/Unix
shellcodes
My shellcodes library
spinfuzz
Fuzzing lists for webapp pentesting
syn-file
Exfiltrate data from a compromised target using covert channels
URLSUCKER
Sucks all embedded URLs from a given URI or file. Ideal to parse URLs from CSS or JavaScript (such as API calls, webservices, ;)
viewstate-decoder
Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests
defensahacker's Repositories
defensahacker/syn-file
Exfiltrate data from a compromised target using covert channels
defensahacker/viewstate-decoder
Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests
defensahacker/shellcodes
My shellcodes library
defensahacker/CVSS2-Calculator
CVSSv2.js is a Free and Open Source Javascript library that is based on Common Vulnerability Scoring System (CVSS) version 2.0 calculator easier to share and deploy.
defensahacker/pnfaker
Process name faker for linux/BSD/Unix
defensahacker/URLSUCKER
Sucks all embedded URLs from a given URI or file. Ideal to parse URLs from CSS or JavaScript (such as API calls, webservices, ;)
defensahacker/CVE-2006-3747
Information about my advisory on CVE-2006-3747 (Apache mod_rewrite LDAP off-by-one buffer overflow).. At the time, it was the first public working exploit :)
defensahacker/ldd-win
A similar Linux ldd command for EXE files... for DLL hijacking prevention or exploitation
defensahacker/nodessrf
Lab to understand and test SSRF attacks
defensahacker/spinfuzz
Fuzzing lists for webapp pentesting
defensahacker/windows-evtx-forensics
Perform forensics in Windows Event Log Files
defensahacker/bob-inject
Webapp path discovery and fuzzer
defensahacker/CVE-2016-5195
CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android
defensahacker/debian-weak-ssh
defensahacker/fosc
TCP/UDP Fast Port Scanner
defensahacker/kernel2.4-rootkit
Hijacking system calls on 2.4 linux kernels
defensahacker/nessus-plugins
Extended plugins for Tenable Nessus scanner
defensahacker/nodexss
Simple and vulnerable NodeJS app prone to Cross-Site Scripting (XSS)
defensahacker/OWASP-Risk-Assessment-Calculator
This Risk Rating Calculator is based on OWASP's Risk Rating Methodology
defensahacker/panther-analysis
Built-in Panther detection rules and policies
defensahacker/polygon-transferwithsig
defensahacker/python-evtx
Pure Python parser for recent Windows Event Log files (.evtx)
defensahacker/secrets-finder
Simple script to find secrets inside source code folders
defensahacker/term-colors
Color codes for Linux terminal (Python and Bash)