CVE-2019-5736-PoC. PoC for CVE-2019-5736
658SneakyEndpoints. Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
121aws_stealth_perm_enum. Research on the enumeration of IAM permissions without logging to CloudTrail
60aws-api-models. A collection of documented and undocumented AWS API models
55gitlab-runner-research. Research on abusing GitLab Runners
32CVE-2020-11108-PoC. PoCs for CVE-2020-11108; an RCE and priv esc in Pi-hole
27aws_api_shapeshifter. A small library to alter AWS API requests; Used for fuzzing research
22ssm-agent-research. This is a custom SSM agent which is sorta functional
17tools. A collection of pen-testing/hacking scripts. Various uses.
13Specter. Specter is a prototype cryptocurrency developed to help people learn about Blockchain Technology.
10aws-api-model-converter. Take undocumented APIs in the AWS Console and convert them to usable models for the AWS CLI.
9enumate_iam_using_bucket_policy. Tool to enumerate IAM Users and Roles by Abusing S3 Bucket Policies
8meltdown-spectre-poc. This is a combination of several different projects. It is intended to understand what the Meltdown and Spectre exploits are capable of.
8deserialization_stuff. Research on deserialization attacks in Python and PHP
5FriendlyExitNode. The source/config of the Friendly Exit Node project.
5selfhosted-shodan-gather. Side project to catalog various selfhosted services on the internet using Shodan; Gather metrics on usage over time
5Dungeons-and-Agents. Make Codex or Claude Code act as a virtual dungeon master for D&D 5e.
5hackingthe.cloud. An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
4Linux-From-Scratch. A repository holding everything I used to complete Linux From Scratch 8.2 (http://linuxfromscratch.org)
4crs. Random tools to make research/testing easier
3sigv4-signing-examples. Original SIGv4 Signing Examples
3open-cvdb. An open project to list all publicly known cloud vulnerabilities and CSP security issues
3SPA-Directory-Enumerator. Tool to perform directory enumeration of single page web applications
2TrailDiscover. An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
2Cut-Out-C2. Covert command and control system for Red-Team Operations
2appID-2-acctID. Resolve an AWS Amplify App ID to AWS Account ID
2Bulldog-2-The-Reckoning. A vulnerable (on purpose) Node.js web application to teach about application security. A sequel to Bulldog.
2Image-Difference-Finder. A program to find the differences in "spot the differences" pictures
2easyPoll. A effective and simple polling tool for any environment
2plagiarism-examples. This repo contains a list of examples of plagiarism from HackTricks.
1Fallout_Terminal_Hacker. An Android application that solves the hackable terminal puzzles of the Fallout franchise using OCR and Probability Analysis.
1Frichetten. Read Me :)
1aws_certified_solutions_architect_notes. Notes for AWS Certified Solutions Architect Studying
1Tor-Docker-Proxy. Another Tor installation in a Docker container.
1Bulldog. The source code to a Vulnerable (on purpose) VM
1WiFiReader. Identifies nearby WiFi signals
1normalize_aws_api. A quick script to normalize the AWS API into a single json file
1GoEncryptTheCloud. Using Go, encrypt files and move them to the cloud (S3)
1