The Ministry of Health warns: programming seriously harms you and others around you.
shelling. SHELLING - a comprehensive OS command injection payload generator
445psychoPATH. psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.
278PPID_spoof. An example of how to spawn a process with a spoofed parent PID (Visual C++)
29icmpsh-s-linux. GNU/Linux version of the https://github.com/inquisb/icmpsh slave
22SCARY. PHP Source Code Analyzer written in Perl (taint checking)
18localdataHog. String-based secret-searching tool (high entropy and regexes) based on truffleHog
17Intrusive. Intrusive is a realtime log analysis tool designed to perform IDS and anomalies detection functions
9splitproc. Proof of concept code for split processing EDR evasion.
8parambrute. A little Burp Scanner extension (python) detecting page's parameters (fast binary search).
7xssValidatorTestCases. A set of test case scripts for xssValidator Burp Extension
7DFIR. Wykłady stworzone z myślą o studentach Politechniki Opolskiej (Wykrywanie i reagowanie na incydenty bezpieczeństwa).
6Windows_persistence. A collection of persistence methods for Windows
6api-ms-win-code-debug-l1-1-0. A sample DLL appending a text file with the list of high integrity/SYSTEM process that loaded it (for issue testing).
6Pattern_Discovery. Very simple and powerful pattern (PCRE) discovery tool for fast and effective log analysis, useful in debugging, SIEM development etc.
5dictator. Custom dictionary generation framework intended for enumertion of URL-s (directories, variables). With a bit of adjustment it would also be a good fit for passwords as well. This is currently NOT a Burp extension.
5magic_params. A simple helper for generating sets of potential hidden variables used in broken authentication/authorisation and latent verbosity/debug modes in a Burp Intruder-friendly fashion.
5registry_hidden_key. A CPP demo POC based on https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdf
4poison_exifdata. Simple helper for string exiftags poisoning (either with custom payload or with a holder to use with e.g. Burp Intruder -> Scanner integration).
4KeyWordSpottingTest. Universal auto tests set for sphinx4 KeyWordSpotting
3ZScaler_msiexec_LPE_2023. My proof of concept for a Local Privilege Escalation via msiexec in ZScaler Client Connector 3.7.2.18
3CVE-2024-0197-POC. Proof of concept for Local Privilege Escalation in Thales Sentinel HASP LDK.
3CVE-2023-38041-POC. Ivanti Pulse Secure Client Connect Local Privilege Escalation CVE-2023-38041 Proof of Concept
2CVE-2023-37250-POC. PoC
2memplunge. # Information disclosure searcher/debugger written by ewilded # This script conducts search over the whole memory allocated by all existing processes (and optionally opened file descriptors), looking for particular string. # The initial application of this script was to facilitate the process of discovering various dependancies and potential information disclosure vulnerabilities. The idea is to put the string which's flow we are interested in into the input of relevant application/service and then look for it in the memory.
2CVE-2024-25376-POC. CVE-2024-25376 - Local Privilege Escalation in TUSBAudio
2OSWindowsPrivEscalation. the Open Source Windows Privilege Escalation Guide
2content_discovery. I am just posting my thoughts on the Content Discovery process
2Mobile. Wykłady stworzone z myślą o studentach Politechniki Opolskiej
1upload-scanner. HTTP file upload scanner for Burp Proxy
1CVE-2024-35315-POC. Mitel Collab Local Privilege Escalation CVE-2024-35315 PoC
1vulndev_scripts. Garbage scripts helping with some vulndev tasks
1process-injection-postgre. A proof of concept for https://hackingiscool.pl/breaking-out-from-stripped-tokens-using-process-injection/
1authz. Java
1CVE-2023-7016-POC. POC for the flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows that allows an attacker to execute code at a SYSTEM level via local access.
1Lilith. Lilith, The Open Source C++ Remote Administration Tool (RAT)
1fucking_with_filenames. C++
1timebased_token_pattern_discovery. A simple script intended for discovery of current timestamp based security token patterns
1