Mario Vilas's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
ScoutSuite
Multi-Cloud Security Auditing Tool
c-jwt-cracker
JWT brute force cracker written in C
cipherscan
A very simple way to find out which SSL ciphersuites are supported by a target.
IIS-ShortName-Scanner
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
Conferences
Conference presentation slides
enumerate-iam
Enumerate the permissions associated with AWS credential set
RootTheBox
A Game of Hackers (CTF Scoreboard & Game Manager)
betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
parallels_desktop_crack_18.0.1-53056
Parallels Desktop for mac Crack
graphql-cop
Security Auditor Utility for GraphQL APIs
gamebuilder
Game Builder is an application that allows users to create games with little or no coding experience.
yagooglesearch
Yet another googlesearch - A Python library for executing intelligent, realistic-looking, and tunable Google searches.
picklescan
Security scanner detecting Python Pickle files performing suspicious actions
BypassFuzzer
Fuzz 401/403/404 pages for bypasses
shellingham
Tool to Detect Surrounding Shell
enteletaor
Message Queue & Broker Injection tool
ultimate-nmap-parser
parse nmap files
TunnelVision
A network technique that decloaks a VPN users traffic on a local network without disconnecting them from a VPN.
echoCTF.RED
A platform to develop, run and administer CTF competitions. The online echoCTF.RED platform user interfaces and codebase
markdown-template
A markdown template for any project, resume, github repo or whatever
fake-ransomware
A non-destructive, but ANNOYING ransomware lookalike for use with red team exercises.
GQLSpection
GQLSpection - parses GraphQL introspection schema and generates possible queries
mitmsqlproxy
Tool for MS SQL Man In The Middle attack which supports TLS encryption.
CVE-2018-0114
Exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT.