Ko Ko Naing's repositories
sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
pwndoc
Pentest Report Generator
petereport
PeTeReport is an open-source application vulnerability reporting tool.
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
PRET
Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
cent
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
kiterunner
Contextual Content Discovery Tool
acu
note
awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
CVE-2020-25515
Unrestricted File Upload in Simple Library Management System 1.0
devsecops-gitlab-java-vulnerable-application
DevSecOps Training
MonkeyDev
CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
CTF
CTF chall write-ups, files, scripts etc (trying to be more organised LOL)
noPac
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
envizon
network visualization & pentest reporting
Attiny85
RubberDucky like payloads for DigiSpark Attiny85
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP
saycheese
Grab target's webcam shots by link
PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
icmpdoor
ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user