fr0zn

followers

following

stars

https://www.nullbyte.cat/

Ferran Celades's starred repositories

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Language:PythonApache-2.0995500

moleculer

:rocket: Progressive microservices framework for Node.js

Language:JavaScriptMIT607100

firefly

Hyperledger FireFly is the first open source Supernode: a complete stack for enterprises to build and scale secure Web3 applications. The FireFly API for digital assets, data flows, and blockchain transactions makes it radically faster to build production-ready apps on popular chains and protocols.

Language:GoApache-2.048500

blockscout

Blockchain explorer for Ethereum based network and a tool for inspecting and analyzing EVM based blockchains.

Language:ElixirGPL-3.0332600

solidity-security-blog

Comprehensive list of known attack vectors and common anti-patterns

NOASSERTION136300

building-secure-contracts

Guidelines and training material to write secure smart contracts

Language:SolidityAGPL-3.0214500

damn-vulnerable-defi

Language:SolidityMIT65300

CVE-2020-0041

Exploits for Android Binder bug CVE-2020-0041

Language:C21500

rust-learning

A bunch of links to blog posts, articles, videos, etc for learning Rust

ethereumbook

Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood

Language:JavaScriptNOASSERTION1952400

CVE-2019-18634

A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc

Language:Shell5800

gramfuzz

gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.

Language:PythonMIT24700

learning-v8

Project for learning V8 internals

Language:C++250000

AFLplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Language:CApache-2.0482400

avscript

Avast JavaScript Interactive Shell

Language:CGPL-3.066400

GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Language:HTMLGPL-3.01036800

os-tutorial

How to create an OS from scratch

Language:CBSD-3-Clause2660800

fuzz.txt

Potentially dangerous files

WTFPL282700

Kaonashi

Wordlist, rules and masks from Kaonashi project (RootedCON 2019)

GPL-3.094000

CVE-2019-13272

Linux 4.10 < 5.1.17 PTRACE_TRACEME local root

Language:C32300

manim

Animation engine for explanatory math videos

Language:PythonMIT6028800

kernel-exploits

Language:C107700

js-vuln-db

A collection of JavaScript engine CVEs with PoCs

rhme3-writeups

Writeups for the RHME3 Challenges

Language:Assembly5000

CTF

CTF write-ups / solution scripts

Language:Python100

yabai

A tiling window manager for macOS based on binary space partitioning

Language:CMIT2237900

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT5827700

dvna

Damn Vulnerable NodeJS Application

Language:SCSSMIT68000

ctf-writeups

Perfect Blue's CTF Writeups

Language:Max64200

awesome-symbolic-execution

A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

CC0-1.0127800