Nick's starred repositories
tamperchrome
Tamper Dev is an extension that allows you to intercept and edit HTTP/HTTPS requests and responses as they happen without the need of a proxy. Works across all operating systems (including Chrome OS).
ScyllaHide
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
CVE-2021-1675
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
CVE-2021-31166
Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.
can-i-take-over-dns
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
process_ghosting
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
RCE-0-day-for-GhostScript-9.50
RCE 0-day for GhostScript 9.50 - Payload generator
gcp-dhcp-takeover-code-exec
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
awesome-java-security
Awesome Java Security Resources 🕶☕🔐
HTTPHeadModifer
一款快速修改HTTP数据包头的Burp Suite插件
dotnet-wtrace
A command-line tool for live tracing .NET applications, based on EventPipes.
rogue-jndi
A malicious LDAP server for JNDI injection attacks
CVE-2021-34730
Cisco RV110w UPnP stack overflow
ctf-challenges
Fun CTF (capture the flag) security challenges that I've created
phpggc_tester
quick payload testing on phpggc