ewilded Goto Github PK

mbe

Course materials for Modern Binary Exploitation by RPISEC

mbe-snippets

memplunge

# Information disclosure searcher/debugger written by ewilded # This script conducts search over the whole memory allocated by all existing processes (and optionally opened file descriptors), looking for particular string. # The initial application of this script was to facilitate the process of discovering various dependancies and potential information disclosure vulnerabilities. The idea is to put the string which's flow we are interested in into the input of relevant application/service and then look for it in the memory.

mimespray

MimeCast Password Spraying Tool

mobile

Wykłady stworzone z myślą o studentach Politechniki Opolskiej

oswindowsprivescalation

the Open Source Windows Privilege Escalation Guide

param-miner

parambrute

A little Burp Scanner extension (python) detecting page's parameters (fast binary search).

pattern_discovery

Very simple and powerful pattern (PCRE) discovery tool for fast and effective log analysis, useful in debugging, SIEM development etc.

poison_exifdata

Simple helper for string exiftags poisoning (either with custom payload or with a holder to use with e.g. Burp Intruder -> Scanner integration).

ppid_spoof

An example of how to spawn a process with a spoofed parent PID (Visual C++)

psychopath

psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.

registry_hidden_key

A CPP demo POC based on https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdf

scary

PHP Source Code Analyzer written in Perl (taint checking)

sharpblock

A method of bypassing EDR's active projection DLL's by preventing entry point exection

shelling

SHELLING - a comprehensive OS command injection payload generator

sleepy-puppy

Sleepy Puppy XSS Payload Management Framework

sysadmin_scripts

Few system administration scripts

timebased_token_pattern_discovery

A simple script intended for discovery of current timestamp based security token patterns

upload-scanner

HTTP file upload scanner for Burp Proxy

v2

V2 is an extremely secure PHP web app framework.

vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

vulndev_scripts

Garbage scripts helping with some vulndev tasks

windows_persistence

A collection of persistence methods for Windows

xssvalidator

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.

xssvalidatortestcases

A set of test case scripts for xssValidator Burp Extension