This is your work, valued
ctf-katana. This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.
2.9kmsdt-follina. Codebase to generate an msdt-follina payload
1.6kkatana. Katana - Automatic CTF Challenge Solver in Python3
1.4krecaptcha-phish. Phishing with a fake reCAPTCHA
652poor-mans-pentest. This a collection of the code that I have written for the Poor Man's Pentest presentation.
580security-resources. A communal outpouring of online resources for learning different things in cybersecurity
482CVE-2021-34527. PowerShell
319vbe-decoder. A Python3 script to decode an encoded VBScript file, often seen with a .vbe file extension
197oscp-notetaking. This repository houses some of the small scripts I had used to quickly document throughout my OSCP course. This was referenced on YouTube, and should be made available to others!
182ignition_key. This is a small BASH script to quickly setup all the tools I would want and need on a new machine.
150labs. Free and publicly available training labs and exercises, for quick copy-and-paste demonstrations, learning and education.
130active_directory. Notes and resources for the Active Directory YouTube series on https://youtube.com/JohnHammond010
129miscellaneous. The purpose of this repository is to archive any extraneous documents, or anything else that really has no specific category but needs a home.
84pyminify. Compress a Python script to a command-line one-liner
78johnhammond.org. The code and material for my personal open-source website. (Flask, Gunicorn, Certbot)
77archlinux. These are my notes and setup scripts while installing and preparing my Arch Linux environment.
71intro2linux. This is a clone of the of Introduction To Linux repo that I developed for the class I taught at the US Coast Guard Academy.
65binnim. Shitty Nim code that reads in a file and converts it into \x hex representation, for the use of shellcode binaries.
65thm. My adhoc and abhorrent notes and work for TryHackMe machines. This repository is for personal use but is made public in case other somehow benefit from it.
59notes. An Obsidian vault to Github Pages workflow to hopefully make me take notes
51CVE-2012-2982. A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution
42c2c2. My new C2 framework
41qr2unicode. Crappy Python code to render a QR code as "plaintext" with Unicode
40htbbizctf2021. Code and notes for the 2021 HackTheBox Business CTF
37GTFOBins.github.io. Curated list of Unix binaries that can be exploited to bypass system security restrictions
35netstatgo. Crappy Golang code to list local listening ports and their associated processes.
35misfortune-ctf-challenge. A small binary exploitation challenge to demonstrate a typical return2libc attack
34wfi. Windows File Integrity -- an archive of information on installed Windows binaries.
34CTFd. CTFs as you need them
30ansible-playbooks. Ansible playbooks to install various utility and security tools to localhost
29overthewire_natas_solutions. As requested on YouTube, this is an archive of my Python scripts and code that I've used to solve the Natas challenges from OverTheWire.
28ctfd-download. A script to download all the challenges and files from a CTFd instance
27underthewire. These are notes and code from my experience working through the UnderTheWire wargames.
27training_wheels-public. The teaching vessel and "interactive textbook" that I am building for the Intro to Linux class at the USCGA.
26hackersyntax. Shell
22ctfcli. ctfcli is a tool to manage Capture The Flag events and challenges
21CVE-2036-69420. uwu
21fakemsf. Fake msfconsole for the use in demonstrations
20devops.
18base64io-python. A stream implementation for Python that provides transparent base64 encoding and decoding of an underlying stream.
17sshkeys. A weaponized technique for SSH to accept an inserted public/private key. Useful for red team effects.
15CVE-2020-35846. Python PoC for CVE-2020-35846 targeting Cockpit 0.11.1
15CVE-2021-4034. Bash implementation of CVE-2021-4034
15PowerSploit. PowerSploit - A PowerShell Post-Exploitation Framework
14pam_sneaky. A silly PAM module to allow authentication as any user with a single password.
13pcdc2019. This is a repository to house convenient things for the 2019 PCDC competition.
13CTFd-Docker-Challenges. Docker Challenge creation for CTFd. Allows per team/user containers!
10stix-attack-flow. Crappy code to work with MITRE Attack Flows with the stix2 Python library
10bbfuzzer. Nightmare code I wrote and used for the Cyberstakes 2016 Breaking Binaries challenge. Managed to crack a good 200+ programs, though, more than any other team! This is the catalyst to a better utility: peach.
10docker-php. Dockerfiles for php with a few extensions already loaded
10sandbox. My 1/c Senior Design project (at least the first half of it), aiming to synthesize virtualization and automation. I take advantage of VMware vCenter and PowerCLI to automate the process of creating a dynamic network.
9mynewmalware.
9pim. "...my own endeavor to learn low-level programming and develop a kernel or operating system". I have not touched this in years and I consider it inactive at the current moment.
8