fransla's repositories
CVE-2023-35803
PoC Exploit for CVE-2023-35803 Unauthenticated Buffer Overflow in Aerohive HiveOS/Extreme Networks IQ Engine
bitcoin_fork_claimer
Script for transferring/claiming your coins on various Bitcoin forks
brainflayer
A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
brainwalletX.github.io
Brainwallet site
conti_locker
Conti Locker source code
CrackMapExec
A swiss army knife for pentesting networks
CS7038-Malware-Analysis
Course Repository for University of Cincinnati Malware Analysis Class (CS7038)
domi-owned
IBM/Lotus Domino exploitation
fw_updates
This repository contains official FW update files for Logitech control devices (mice, keyboards, etc.)
Go-Bitcoin-Balance
Check Bitcoin addresses balance using Blockr.io's API and Golang
hack-technicolor
Hacking Technicolor Gateways wiki repository
hostapd-mana
SensePost's modified hostapd for wifi attacks.
IntelBluetoothFirmware
Intel bluetooth drivers
Invoke-TheHash
PowerShell Pass The Hash Utils
jwt-editor
A Burp Suite extension and standalone application for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
mersenne-twister-predictor
Predict MT19937 PRNG, from preceding 624 generated numbers. There is a specialization for the "random" of Python standard library.
O2Xfs
Java API for accessing CEN/XFS API, EMV Level 2 Kernel
P4wnP1_aloa
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
python-trezor
:snake: Client side implementation for TREZOR-compatible Bitcoin hardware wallets.
RadAsync-Arbitrary-File-Upload
AsyncUploadHandler in Telerik's RadAsyncUpload feature is configured with a hard coded (default) encryption key. This key is used to encrypt upload variables which are sent to the user, and subsequently used in file upload requests by the user to the server. If this key is not changed from it's default value of "PrivateKeyForEncryptionOfRadAsyncUploadConfiguration", a malicious actor can capture the file upload request to /Telerik.Web.Ui.WebResource.axd and decrypt parameter 'rauPostData'. Once decrypted, the file upload location can be modified and re-encrypted, resulting in arbitrary file upload to any location on the server which the web server user has permissions to write to.
SL1toPhoton
Converter for SL1 to Photon files. Used to slice 3D-Models with Slic3r PE and print on Anycubic Photon
timeless-timing-attacks
A Python implementation that facilitates finding timeless timing attack vulnerabilities.
whatsapp-web-reveng
Reverse engineering WhatsApp Web.
xrdp
A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions