GoSecure

Canada & United States

https://gosecure.net

GoSecure's repositories

pyrdp

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Language:PythonGPL-3.01489 44 281

dtd-finder

List DTDs and generate XXE payloads using those local DTDs.

Language:Kotlin601 14 3

php7-opcache-override

Security-related PHP7 OPcache abuse tools and demo

Language:PythonMIT308 13 4

pywsus

Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.

Language:PythonMIT286 28 10

template-injection-workshop

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

Language:CSS119 8 1

xxe-workshop

Workshop given at Hack in Paris 2019

Language:JavaScript119 7 6

ldap-scanner

Checks for signature requirements over LDAP

Language:Python92 3 1

frida-xamarin-unpin

A Frida script to bypass Xamarin certificate pinning implementations

Language:C#66 10 7

linkedin-osint

A simple proof of concept that demonstrate how emails can easily be tie to LinkedIn profile

Language:PythonMIT36 7 2

presentations

Material from presentations done by GoSecure researchers

Language:HTML32 44 1

request-smuggling-workshop

Language:Python22 4 1

unicode-pentester-cheatsheet

An easy to navigate list of unicode characters that have risky transformations 💥

Language:HTML22 40

zap-autodecode-view

ZAP plugin demonstrating custom view for WebSocket messages.

Language:KotlinMIT13 5 5

goinsecure-deserialization

Accompanying material needed for the workshop

Language:Java11 40

malware-ioc

Indicators of Compromise (IOCs) for malware we have researched

Language:YARANOASSERTION10 110

burp-fuzzy-encoding-generator

Quickly test various encoding for a given value in Burp Intruder

Language:Kotlin6 4 2

fq-pyrdp

fq format for parsing PyRDP replays

Language:GoMIT4 4 1

hack400tool

hack400tool

Language:Java2 10

Nimcrypt2

.NET, PE, & Raw Shellcode Packer/Loader Written in Nim

Language:NimGPL-3.02 10

peas

PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.

Language:PythonNOASSERTION2 20

pwndoc

Pentest Report Generator

Language:JavaScriptMIT2 10

gosecure.github.io

Language:HTML1 40

missing-security-controls

Language:HTML1 50

notebooks

Cybersecurity Research Jupyter Notebooks for the Community

Language:Jupyter NotebookMIT1 40

ScoutSuite

Multi-Cloud Security Auditing Tool

Language:PythonGPL-2.01 20

Spray365

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

Language:PythonMIT1 10

csp-evaluator

Language:TypeScriptApache-2.0010

jupyterhub-workshop-environment

Opinionated JupyterHub deployment for workshops relying on GitHub for Authentication

Language:HCLMIT040

jupyterhub-workshop-environment-legacy

Opinionated JupyterHub deployment for workshops relying on GitHub for Authentication

Language:Shell020

scoutmerge

ScoutMerge is an extension for ScoutSuite allowing you to easily display results of hundreds of projects audits into a single text file.

Language:PythonGPL-2.0000