Pinned Repositories
bruteforce-lists
Some files for bruteforcing certain things.
BurpSSOExtension
An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
cloud-service-enum
cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
DetectDynamicJS
The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and aid in finding user/session data.
HUNT
IISAppPoolCreds
Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.
ropemporium
My solutions for the ROP Emporium challenges (https://ropemporium.com/). For each challenge, a solution based on plain Python (exp_plain.py) and based on Pwntools is provided.
windowsblindread
A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
soffensive's Repositories
soffensive/windowsblindread
A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
soffensive/collaborator-everywhere
A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
soffensive/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
soffensive/azure-docs
Open source documentation of Microsoft Azure
soffensive/azure-websites-security
Security helpers optimized to run in the Azure App Service environment.
soffensive/bambdas
Bambdas collection for Burp Suite Professional and Community.
soffensive/CARTP-cheatsheet
Azure AD cheatsheet for the CARTP course
soffensive/cheatsheets
Collection of knowledge about information security
soffensive/cloud-middleware-dataset
soffensive/CVEs
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
soffensive/dotfiles-1
Collection of my dotfiles
soffensive/EAST
Extensible Azure Security Tool - Documentation
soffensive/guidtool
A tool to inspect and attack version 1 GUIDs
soffensive/hijack-kubernetes
This repo includes a demo that shows how a Kubernetes cluster can be hijacked and how to prevent it using common best practices.
soffensive/HttpRemotingObjRefLeak
Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
soffensive/InterProcessCommunication-Samples
Some Code Samples for Windows based Inter-Process-Communication (IPC)
soffensive/ipc-challenge-2
IPC Security Challenge #2
soffensive/javaweb-sec
soffensive/libnfs
NFS client library
soffensive/pipe-intercept
Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools
soffensive/PMapper
A tool for quickly evaluating IAM permissions in AWS.
soffensive/protoburp
Encode and Fuzz Custom Protobuf Messages in Burp Suite
soffensive/prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
soffensive/sqlmap
Automatic SQL injection and database takeover tool
soffensive/thc-tips-tricks-hacks-cheat-sheet
Various tips & tricks
soffensive/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
soffensive/wafer
soffensive/webpack-exploder
Unpack the source code of React and other Webpacked apps!
soffensive/windows-ipc-samples
Windows Interprocess Communication Samples
soffensive/xiaoyuanxie.github.io
Personal Page