Moises Tapia's Projects
A tool for embedding XXE/XML exploits into different filetypes
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Este Proyecto es para realizar pruebas de laboratorio en la mayorΓa de los entornos linux sin la necesidad de tener las herramientas instaladas de forma native el unico requerimiento es que se tenga docker y docker-compose instalado el el hosts
Este proyecto va enfocado a la seguridad informΓ‘tica y al Hacking Etico, pudiendo desplegar herramientas como Metasplotable, Dradis DVWAP.
Using open Adb ports we can exploit a Andriod Device
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Audit tool to find common vulnerabilities in PHP source code
A framework for managing and maintaining multi-language pre-commit hooks.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
ProFTPD IAC Remote Root Exploit
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.
CLI component of OWASP PurpleTeam
CTF framework and exploit development library
A Pythonic framework for threat modeling
Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
A high performance offensive security tool for reconnaissance and vulnerability scanning
Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.
React Suspended is an educational frontend application riddled with security vulnerabilities
Intentionally vulnerable React web application for exercising vulnerability detection
A deliberately vulnerable js app made with reactjs. For educational purposes.
Automated Red Team Infrastructure deployement using Docker
Collection of PoC and offensive techniques used by the BlackArrow Red Team
Interactive Terraform visualization. State and configuration explorer.
Simple forward and reverse shells that can be compiled and used on pen tests to avoid AV and used to get better access.
Tool to check AWS S3 bucket permissions
Scan for open AWS S3 buckets and dump the contents
Sample Node App to Habitize!
A distributed nmap / masscan scanning framework