Oliver Techman's repositories
CVE-2022-27925-PoC
Zimbra RCE simple poc
pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
interactsh
An OOB interaction gathering server and client library
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
AMSI_patch
Patching AmsiOpenSession by forcing an error branching
awsenum
Enumerate AWS permissions and resources.
BypassCredGuard
Credential Guard Bypass Via Patching Wdigest Memory
Creds
Some usefull Scripts and Executables for Pentest & Forensics
CVE-2022-22980
Poc of CVE-2022-22980
CVE-2023-24055_PoC
CVE-2023-24055 PoC (KeePass 2.5x)
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
elmerfem
Official git repository of Elmer FEM software
HTTPLoot
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.
imaginaryC2
Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
misp-training
MISP trainings, threat intel and information sharing training materials with source code
PoC-CVE-2022-26809
PoC for CVE-2022-26809, analisys and considerations are shown in the github.io.
PortEx
Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
pyload
The free and open-source Download Manager written in pure Python
ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
SharpSCCM
A C# utility for interacting with SCCM
Spring-Data-Mongodb-Example
CVE-2022-22980环境
subparse
Modular malware analysis artifact collection and correlation framework