airman604

jdbc-backdoor

A fake JDBC driver that allows OS command execution.

schtask_now

discord-zerotier-bot

aws-security-workshop

CVE-2020-0601

PoC for CVE-2020-0601

gcp-env

Hack-the-Gibson-with-Metasploit

Materials for the Metasploit workshop debuting at BSides Vancouver 2019.

jq-workshop

misc

aws-scan-automation

BSidesPDX-CTF-2019

cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

xxelab

A simple web app with a XXE vulnerability.

airman604.github.io

BLAH

Build a Jekyll blog in minutes, without touching the command line.

chainoffools

A PoC for CVE-2020-0601

docker-timemachine

Docker image to run netatalk (compatible Time Machine for OS X)

dockerfiles

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

installtelmac

JNDI-Exploit-Kit

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection）

kalinka

kubeletmein

Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.

log4shell

Operational information regarding the vulnerability in the Log4j logging library.

mimikatz

A little tool to play with Windows security

public-pentesting-reports

Curated list of public penetration test reports released by several consulting firms and academic security groups

python-paddingoracle

A portable, padding oracle exploit API

SecureCodingDojo

The Secure Coding Dojo is a platform for delivering secure coding training.

shiva

An Ansible playbook to provision a host for penetration testing and CTF challenges

zerotier-discord-bot

Discord bot people can use to register and authorize a nodeId in a predefined zerotier network