pondim
Nonprofit Cyber Security Firm Specializing in Social Engineering (work in progress)
Pond Information Management IncorporatedAnaheim, CA
Pinned Repositories
action-regex-match
🔍 GitHub Action to do regex matching
ADFSpoof
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
DogeGF
Grant-Program
Livepeer Community Node Grants Program
idunno.Authentication
A filled with self-loathing implementation of Basic Authentication, and Certificate Authentication to make me feel like a real security person, all for for ASP.NET Core
KringleCon2021
KringleCon 2021
pondim's Repositories
pondim/ADFSpoof
pondim/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
pondim/agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
pondim/atproto
Social networking technology created by Bluesky
pondim/Auto_Wordlists
pondim/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
pondim/awesome-bugbounty-tools
A curated list of various bug bounty tools
pondim/Awesome-RCE-techniques
Awesome list of techniques to achieve Remote Code Execution on various apps!
pondim/bluesky
experiment orchestration and data acquisition
pondim/cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
pondim/Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
pondim/DALLE2-pytorch
Implementation of DALL-E 2, OpenAI's updated text-to-image synthesis neural network, in Pytorch
pondim/DLLirant
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
pondim/dnsrecon
DNS Enumeration Script
pondim/ESP32Marauder
A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32
pondim/gossip
Gossip is a nostr client
pondim/infosec-talks
pondim/mapcidr
Small utility program to perform multiple operations for a given subnet/CIDR ranges.
pondim/merlin
Cross-platform post-exploitation HTTP Command & Control agent written in golang
pondim/nostr
a truly censorship-resistant alternative to Twitter that has a chance of working
pondim/nostream
pondim/nostream-1
A Nostr Relay written in TypeScript
pondim/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
pondim/pidcat
Colored logcat script which only shows log entries for a specific application package.
pondim/ProcessInjection
This program is designed to demonstrate various process injection techniques
pondim/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
pondim/suckit
pondim/WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
pondim/whistle
HTTP, HTTP2, HTTPS, Websocket debugging proxy
pondim/xmanager
A platform for managing machine learning experiments