GoSecure's repositories
dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
php7-opcache-override
Security-related PHP7 OPcache abuse tools and demo
template-injection-workshop
Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
xxe-workshop
Workshop given at Hack in Paris 2019
ldap-scanner
Checks for signature requirements over LDAP
frida-xamarin-unpin
A Frida script to bypass Xamarin certificate pinning implementations
linkedin-osint
A simple proof of concept that demonstrate how emails can easily be tie to LinkedIn profile
presentations
Material from presentations done by GoSecure researchers
unicode-pentester-cheatsheet
An easy to navigate list of unicode characters that have risky transformations đź’Ą
zap-autodecode-view
ZAP plugin demonstrating custom view for WebSocket messages.
goinsecure-deserialization
Accompanying material needed for the workshop
malware-ioc
Indicators of Compromise (IOCs) for malware we have researched
burp-fuzzy-encoding-generator
Quickly test various encoding for a given value in Burp Intruder
hack400tool
hack400tool
ScoutSuite
Multi-Cloud Security Auditing Tool
jupyterhub-workshop-environment
Opinionated JupyterHub deployment for workshops relying on GitHub for Authentication
jupyterhub-workshop-environment-legacy
Opinionated JupyterHub deployment for workshops relying on GitHub for Authentication
scoutmerge
ScoutMerge is an extension for ScoutSuite allowing you to easily display results of hundreds of projects audits into a single text file.