Pinned Repositories
crackmes
Open and censorship resistant crackmes repository
dalle-flow
A Human-in-the-Loop workflow for creating HD images from text
DALLE-pytorch
Implementation / replication of DALL-E, OpenAI's Text to Image Transformer, in Pytorch
fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
glide-text2im
GLIDE: a diffusion-based text-conditional image synthesis model
google-images-download
Python Script to download hundreds of images from 'Google Images'. It is a ready-to-run code!
malwarecookbook
Malware Analyst's Cookbook stuffs
open-deepnude
Open source reverse-engineered clone of DeepNude
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
wallpapers
stacklikemind's Repositories
stacklikemind/wallpapers
stacklikemind/malwarecookbook
Malware Analyst's Cookbook stuffs
stacklikemind/aflpin
aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.
stacklikemind/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
stacklikemind/driller
Driller: augmenting AFL with symbolic execution!
stacklikemind/enumXFF
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
stacklikemind/fuzzer
A Python interface to AFL, allowing for easy injection of testcases and other functionality.
stacklikemind/Go-For-OSCP
stacklikemind/how2heap
A repository for learning various heap exploitation techniques.
stacklikemind/InsecureProgramming
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
stacklikemind/loadlibrary
Porting Windows Dynamic Link Libraries to Linux
stacklikemind/mona
Corelan Repository for mona.py
stacklikemind/Mycroft-Android
Android companion app, sends commands from your Android device to your Mycroft system and returns the output as speech or other medium to the Android device.
stacklikemind/ntoskrnl
The Windows Research Kernel (WRK)
stacklikemind/Practical-Reverse-Engineering-using-Radare2
Training Materials of Practical Reverse Engineering using Radare2
stacklikemind/pymetasploit
A full-fledged msfrpc library for Metasploit framework.
stacklikemind/python-twitter-with-proxy
python-twitter-0.8.2 with support for proxies
stacklikemind/rex
Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
stacklikemind/ShadowBrokers-NSA-Mirror
https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation # Exploits - **EARLYSHOVEL** RedHat 7.0 - 7.1 Sendmail 8.11.x exploit - **EBBISLAND (EBBSHAVE)** root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86. - **ECHOWRECKER** remote Samba 3.0.x Linux exploit. - **EASYBEE** appears to be an MDaemon email server vulnerability - **EASYFUN** EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6 - **EASYPI** is an IBM Lotus Notes exploit that gets detected as Stuxnet - **EWOKFRENZY** is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2 - **EXPLODINGCAN** is an IIS 6.0 exploit that creates a remote backdoor - **ETERNALROMANCE** is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010) - **EDUCATEDSCHOLAR** is a SMB exploit (MS09-050) - **EMERALDTHREAD** is a SMB exploit for Windows XP and Server 2003 (MS10-061) - **EMPHASISMINE** is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2 - **ENGLISHMANSDENTIST** sets Outlook Exchange WebAccess rules to trigger executable code on the client's side to send an email to other users - **EPICHERO** 0-day exploit (RCE) for Avaya Call Server - **ERRATICGOPHER** is a SMBv1 exploit targeting Windows XP and Server 2003 - **ETERNALSYNERGY** is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010) - **ETERNALBLUE is** a SMBv2 exploit for Windows 7 SP1 (MS17-010) - **ETERNALCHAMPION** is a SMBv1 exploit - **ESKIMOROLL** is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers - **ESTEEMAUDIT** is an RDP exploit and backdoor for Windows Server 2003 - **ECLIPSEDWING** is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067) - **ETRE** is an exploit for IMail 8.10 to 8.22 - **ETCETERABLUE** is an exploit for IMail 7.04 to 8.05 - **FUZZBUNCH** is an exploit framework, similar to MetaSploit - **ODDJOB** is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors - **EXPIREDPAYCHECK** IIS6 exploit - **EAGERLEVER** NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release - **EASYFUN** WordClient / IIS6.0 exploit - **ESSAYKEYNOTE** - **EVADEFRED** # Utilities - **PASSFREELY** utility which "Bypasses authentication for Oracle servers" - **SMBTOUCH** check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE - **ERRATICGOPHERTOUCH** Check if the target is running some RPC - **IISTOUCH** check if the running IIS version is vulnerable - **RPCOUTCH** get info about windows via RPC - **DOPU** used to connect to machines exploited by ETERNALCHAMPIONS - **NAMEDPIPETOUCH** Utility to test for a predefined list of named pipes, mostly AV detection. User can add checks for custom named pipes.
stacklikemind/shellnoob
A shellcode writing toolkit
stacklikemind/Token-Stealing-Shellcode
stacklikemind/Ultimate-Forensics-VM
Evolving directions on building the best Open Source Forensics VM
stacklikemind/Using-machine-learning-to-detect-malicious-URLs
Machine Learning and Security | Using machine learning to detect malicious URLs
stacklikemind/windbglib
Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py
stacklikemind/write-ups-2015
Wiki-like CTF write-ups repository, maintained by the community. 2015
stacklikemind/zerodb
ZeroDB is an end-to-end encrypted database. Data can be stored and queried on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.