dphuxley's starred repositories
such-static-analysis
Source code scanner. Scan a Java codebase for instances of SQL injection, or print out how many lines of code are in each file.
hardentools
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
bucket-stream
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Python-FTP-Fuzzer
Python FTP Fuzzer and Ability FTP Server POC
Pentesting
Tricks for penetration testing
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Pin-ApiTracer
Updated version of ApiTracer Pin tool
go-deliver
Go-deliver is a payload delivery tool coded in Go.
XStreamServer
RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
Invoke-ATTACKAPI
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
security-onion
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management