Collection of Cyber Threat Intelligence sources from the deep and dark web

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

xss 跨站漏洞平台

Advisories, proof of concept files and exploits that have been made public by @pedrib.

Pre-Built Vulnerable Environments Based on Docker-Compose

ML research on software vulnerabilities

Slides from my talk "whoami /priv" at Romhack 2018

Safari local file reader

A collection of captive portals for phishing using a WiFi Pineapple

Wifite for the WiFi Pineapple NANO + TETRA (Chaos Calmer - openWrt)

Credentials recovery project

A collection of various awesome lists for hackers, pentesters and security researchers

This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem…

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C

A scraper for the data made available by the Italian Senate, and a cluster analysis to detect similar amendments.

SCADA StrangeLove Default/Hardcoded Passwords List

Scripted Local Linux Enumeration & Privilege Escalation Checks

Architectural privilege escalation on x86

UPnP Pentest Toolkit for Windows

Shell snippets to auth and send remote control commands to Sony Bravia TVs

Nimue is a simple Python script for jailbreaking Sony Bravia TVs.

Control your Sony Bravia TV using nodejs

Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices

Source code for my crackstation.net website.

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io