sudo read() lib call jacking using /etc/ld.so.preload to skim passwords

Shell script compiler

Ftrace Based Linux Loadable Kernel Module Rootkit for Linux Kernel 5.x and 6.x on x86_64, hides files, hides process, hides bind shell & reverse shell port, privilege escalation, cleans up logs and…

Intercepting TCP proxy to modify raw TCP streams using modules on incoming or outgoing traffic

Python framework for extracting secret data from compression oracles such as those exploited by the BEAST and CRIME attacks.

CVE-2024-6387 (regreSSHion) Exploit (PoC), a vulnerability in OpenSSH's server (sshd) on glibc-based Linux systems.

SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.

Malware rolled into legit installers with Python

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Automatic SQL injection and database takeover tool

The ZAP by Checkmarx Core project

Read-only mirror of Wireshark's Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won't let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab instead.

Mirror of http://silicone.homelinux.org/git/netsed.git/

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A number of exploits and tools I've written for CVEs accredited to Marshall Whittaker/oxagast

Linux SocketCAN kernel driver for ELM327 based devices

A Jekyll plugin to add Web Monetization API payment pointers to your site

*NIX X11 Keylogger

🎤⌨️ Acoustic keyboard eavesdropping

Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)

A scalable robust calculator application for the Flipper Zero

Emulate a Bluetooth HID device with bluez on linux

🎯 Command Injection Payload List

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

All about bug bounty (bypasses, payloads, and etc)

All in One OSCP Preparation Material

OSS-Fuzz - continuous fuzzing for open source software.

🕵️‍♂️ Offensive Google framework.

Threadless Process Injection using remote function hooking.