lc

I hack things (legally)

South Dakota, USA

Pinned Repositories

230-OOB
An Out-of-Band XXE server for retrieving file contents over FTP.
Language:Python176 8 347
brute53
A tool to bruteforce nameservers when working with subdomain delegations to AWS.
Language:Go59 5 117
cspparse
A tool to evaluate Content Security Policies.
Language:Go70 5 018
gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Language:Go4.2k 49 107464
hacks
Repo of useful scripts
Language:Go104 6 227
jenkinz
jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
Language:Go66 4 017
otxurls
Fetch known urls from AlienVault's Open Threat Exchange for given hosts
Language:Go61 3 016
secretz
secretz, minimizing the large attack surface of Travis CI
Language:Go325 11 448
subjs
Fetches javascript file from a list of URLS or subdomains.
Language:Go755 14 1494
theftfuzzer
TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
Language:Python310 14 459

lc's Repositories

lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Language:Go4.2k 49 107464
lc/subjs
Fetches javascript file from a list of URLS or subdomains.
Language:Go755 14 1494
lc/secretz
secretz, minimizing the large attack surface of Travis CI
Language:Go325 11 448
lc/theftfuzzer
TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
Language:Python310 14 459
lc/230-OOB
An Out-of-Band XXE server for retrieving file contents over FTP.
Language:Python176 8 347
lc/hacks
Repo of useful scripts
Language:Go104 6 227
lc/cspparse
A tool to evaluate Content Security Policies.
Language:Go70 5 018
lc/jenkinz
jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.
Language:Go66 4 017
lc/otxurls
Fetch known urls from AlienVault's Open Threat Exchange for given hosts
Language:Go61 3 016
lc/brute53
A tool to bruteforce nameservers when working with subdomain delegations to AWS.
Language:Go59 5 117
lc/DOD-Recon
Recon for Department of Defense HackerOne program
Language:HTML45 11 016
lc/research
miscellaneous security research stuff
Language:Java38 2 111
lc/rickrolllogs
tool to rick roll access.logs
Language:Python17 3 03
lc/reckdns
A kinda reckless dns resolver. Still under development.
Language:Go16 4 07
lc/rlyCTF
rlyCTF (relay CTF) challenge to emulate real-world SSRF attacks.
Language:HTML9 4 04
lc/sslc2
Simple C&C example in assembly that retrieves commands from the Organizational Unit (OU) field in an SSL certificate
Language:Assembly9 3 02
lc/bugbountylink
URL Shortener using Flask & MySQL
Language:HTML7 3 24
lc/lc.github.io
Information Security blog by Corben Leo @hacker_
Language:HTML7 4 04
lc/newsletter-code
Repository for any code I send out in newsletters.
Language:Go7 2 0
lc/pfzf
fzf for yanking code/workspace context for LLM workflows.
Language:Go5 1 0
lc/certspotter
Certificate Transparency Log Monitor
Language:Go4 3 01
lc/ds_storescanner
A tool to scan for .DS_Store files on webservers
Language:Go3 2 02
lc/upload-scanner
HTTP file upload scanner for Burp Proxy
Language:Perl3 0 0
lc/ctf-dev
Various CTF's I've created over time
Language:HTML2 3 02
lc/color
Color package for Go (golang)
Language:Go1 2 01
lc/ffuf
Fast web fuzzer written in Go
Language:Go1 1 0
lc/safewrite
simple golang library for safe/multi-threaded file writing
Language:Go1 3 0
lc/trufflehog
Find and verify credentials
Language:Go1 1 01
lc/zgrab2
Fast Go Application Scanner
Language:Go1 1 0
lc/buz
Serverless multi-protocol + multi-destination event collection system.
Language:Go0 0