morcelan's Stars
ph0wn/writeups
Write ups for Ph0wn CTF
nccgroup/depthcharge
A U-Boot hacking toolkit for security researchers and tinkerers
hydrabus/hydrafw
HydraBus HydraFW official firmware for open source multi-tool for anyone interested in learning/developping/debugging/hacking/Penetration Testing for basic or advanced embedded hardware
nccgroup/GTFOBLookup
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).
Frissi0n/GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
xaitax/SploitScan
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
owasp-dep-scan/dep-scan
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
vstinner/hachoir
Hachoir is a Python library to view and edit a binary stream field by field
Orange-OpenSource/decret
DEbian Cve REproducer Tool
x1trap/websec-answers
Websec interview questions by tib3rius answered
initstring/passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
trickest/cve
Gather and update all available and newest CVEs with their PoC.
e1abrador/web.Monitor
Fast & user-friendly web change tracking tool.
DidierStevens/DidierStevensSuite
Please no pull requests for this repository. Thanks!
DominicBreuker/stego-toolkit
Collection of steganography tools - helps with CTF challenges
Fundacio-i2CAT/InfoHound
InfoHound is an OSINT to extract a large amount of data given a web domain name.
google/honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
antonio-morales/Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
aapooksman/certmitm
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
koalaman/shellcheck
ShellCheck, a static analysis tool for shell scripts
greatscottgadgets/facedancer
Implement your own USB device in Python, supported by a hardware peripheral such as Cynthion or GreatFET
aleff-github/my-flipper-shits
Free and libre source BadUSB payloads for Flipper Zero. [Windows, GNU/Linux, iOS]
thagrol/Guides
mkubecek/vmware-host-modules
Patches needed to build VMware (Player and Workstation) host modules against recent kernels
ptoomey3/evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
nomi-sec/NVD-Exploit-List-Ja
🔍NVD exploit & JVN(Japan Vulnerability Notes) easy description
scipag/HardeningKitty
HardeningKitty - Checks and hardens your Windows configuration
TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.