mgcfish Goto Github PK
Type: User
Type: User
Automated All-in-One OS Command Injection and Exploitation Tool
A collection of web pages, vulnerable to command injection flaws.
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
Contains Attack labs
Simple connect-back and bind payloads written in C# and work on Linux, Mac, and Windows.
Material related to my talks at various conferences on using Continuous Integration tools (Jenkins, Teamcity, Go, Hudson, CruiseControl) for penetration testing
simple demo of XSS in an SVG
JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
This is a simple demo that shows you can host a PDF cross origin in chrome, and track a user's interaction with the PDF with the default chrome PDF viewer.
My collection of Cortana scripts I've written
Bypass captive portals by impersonating inactive users
Simple bash scripts very helpful for cracking passwords.
A swiss army knife for pentesting Windows/Active Directory environments
The great CrackMapExec tool compiled for Windows
Web recon tool (find temporary files, parse robots.txt, search some folders, google dorks and search domains hosted on same server)
A fast and stealthy credential harvester
Extract stored credentials from Internet Explorer and Edge
A web app scanner
Content hijacking proof-of-concept using Flash, PDF and Silverlight
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
Cloud Security Suite - One stop tool for auditing the security posture of AWS infrastructure.
Cobalt Strike Aggressor Script Collection
CScriptShell, a Powershell Host running within cscript.exe
A Burp Plugin for Detecting Weaknesses in Content Security Policies
This is a simple CSRF Proof of Concept generator that supports multiple form encodings and methods
This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.