xer0xe9 Goto Github PK

100-days-of-ml-code

100 Days of ML Coding

ansible-examples

A few starter examples of ansible playbooks, to show features and how they work together. See http://galaxy.ansible.com for example roles from the Ansible community for deploying many popular applications.

ansible-java8-oracle

Ansible role to Install the oracle Java8 on ubuntu or mint using the webupd8 ppa

aptnotes

Various public documents, whitepapers and articles about APT campaigns

arjun

Arjun is a python script for finding hidden GET & POST parameters.

awesome-incident-response

A curated list of tools for incident response

awesome-malware-analysis

A curated list of awesome malware analysis tools and resources

awesome-pcaptools

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

bitbucketbackupcron

bypass-web-application-firewalls

Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for BurpSuite Pro for bypassing web application firewalls (WAF) and XSS filters. These python scripts have been created to fuzz wierd combinations: URL Escape Characters HTML Escape Characters Binary Characters These scripts were created during an assessment, while trying to bypass a Web Application Firewall (WAF) in order to exploit a XSS vulnerability. Differnt webservers and browsers interpret URL and strange characters differently which could lead to the bypassing of security controls. When I tried to send a > or < character the WAF would block the request. The following URL escapes I have noticed are traslated to < > ' by Apache2 based web servers: %(N%(n%)S%)U%)^%)s%)u%*C%*E%*c%*e%,.%.#%1N%1n%2S%2U%2^%2s%2u%3C%3E%3c%3e%5.%7#%:C%:E %:c%:e%HN%Hn%IS%IU%I^%Is%Iu%JC%JE%Jc%Je%L.%N#%XN%Xn%YS%YU%Y^%Ys%Yu%ZC%ZE%Zc%Ze%.%^# %hN%hn%iS%iU%i^%is%iu%jC%jE%jc%je%l.%n#%xN%xn%yS%yU%y^%ys%yu%zC%zE%zc%ze%|

chkproxy

A simple WHMCS hook that checks if the client is using a proxy/VPN prior to ordering (saves tickets and time).

courseware

Courseware setup and information for instructors

cupp

Common User Passwords Profiler (CUPP)

cybrary-video-downloader

Downloads Course Videos From Cybrary.it

didierstevenssuite

Please no pull requests for this repository. Thanks!

eqgrp

Decrypted content of eqgrp-auction-file.tar.xz

exrex

Irregular methods on regular expressions

free-security-ebooks

Free Security and Hacking eBooks

fuzzing-resources

List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis

fwsnort

Application Layer IDS/IPS with iptables

geoip2-python

Python code for GeoIP2 webservice client and database reader

ghidra

goldeneye

GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool

gossip-python

Implementation of the gossip protocol

hping

hping network tool

idapython_scripts

impacket

Impacket is a collection of Python classes for working with network protocols.

knock

Simple python port knocking client

librsync-winbuild

Fork of librsync to build cleanly with Microsoft Visual Studio 2008 for python 2 extension compatibility

mailsniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.