United States

Eugene Lim

Elite
@spaceraccoon

manuka. A modular OSINT honeypot for blue teamers

348

from-day-zero-to-zero-day. Scripts and examples for "From Day Zero to Zero Day" by Eugene Lim.

255

webpack-exploder. Unpack the source code of React and other Webpacked apps!

119

spring-boot-actuator-h2-rce. Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database

109

ogp-ctf-2024. A web CTF for training developers in bug hunting and secure coding!

101

CVE-2020-10665. POC for CVE-2020-10665 Docker Desktop Local Privilege Escalation

53

npm-scan. An extensible, heuristic-based vulnerability scanning tool for installed npm packages

50

npm-zoo. A zoo for malicious NPM packages

20

accent-trainer. Flask webapp/endpoint that compares the user's speech with different accents and assigns similarity scores based on speed, voice (DTW/MFCC), and accuracy. The accents are generated from Amazon Polly and accuracy analysis using Bing Speech API speech to text.

18

detect-cve-2024-4367. YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js

11

serverless-recon-example. Example of a serverless web reconaissance workflow's AWS architecture.

11

icalendardb. A data

11

detecting-fake-text. Giant Language Model Test Room

8

lohrem-ipsum. A Singlish version of the classic Lorem Ipsum generator coded as a Racket webapp.

4

streamliner-doc-word-replacer. Flask webapp that replaces words in documents according to debate tournament rules. Useful if you want to quickly replace a dictionary of words and save syllables.

3

road-sign-manager. A civic hacking project in collaboration with MakeHaven and New Haven Transportation. A cloud road sign manager platform.

3

aws-amazon-polly-flask-sample. Amazon Polly implementation that mirrors the Python example provided by AWS, only using the Flask framework.

3

manuka-client. Frontend client for Manuka

2

unicollider. An elegant frontend to generate and detect possible Unicode transformation collisions.

2

SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

2

npm-scan-backtest. Backtest npm-scan on past updates on npmjs

1

code4good-crash-course. A developer crash course for my team at Code4Good.

1

tsunami-security-scanner-plugins. This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

1

electronic-road-sign-simulator. Express app that simulates an electronic road sign that is updated over the web live via websockets.

1

manuka-listener. Listener honeypot for Manuka

1

manuka-server. REST API and business logic for Manuka

1

cryptopals-rust. Rust

1

SSRFTest. SSRF testing tool

1

jobcan-automatic-clock-chrome-extension. Chrome extension for automatic clocking on JobCan (Unofficial)

1
29
Apply