giuliocomi

followers

following

stars

aws

https://giuliocomi.blogspot.com/?m=1

giuliocomi's repositories

backoori

Tool aided persistence via Windows URI schemes abuse

Language:GoGPL-3.081 4 1

csplogger

A CSP endpoint to aggregate, correlate and analyze report-uri violations across your infrastructure

Language:PythonGPL-3.041 5 3

arp-scanner

A simple and lightweight C# ARP scanner to identify live hosts in your LAN

Language:C#30 30

knockandgo

Port Knocking revisited in Golang

Language:GoApache-2.022 30

CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

MIT1 20

evilarchiver

Modded version of tarfile.py for testing arbitrary file (over)write via path traversal in Tar archives.

Language:PythonGPL-3.01 20

exe2txt2exe

Useful binary transfer method: Convert exe binary to base64 txt file and back again to exe binary

Language:GoMIT1 20

Java-Board-Game

Lorenzo il Magnifico board game developed in Java

Language:Java1 20

afl-training

Exercises to learn how to fuzz with American Fuzzy Lop

Language:CNOASSERTION010

archiver

Easily create & extract archives, and compress & decompress files of various formats

Language:GoMIT010

skf-labs

Repo for all the OWASP-SKF Docker lab examples

Language:PythonAGPL-3.0010

bof_ported_to_metasploit

Here is a collection of buffer overflow (stack & SEH) I reproduced in Python and finally ported in Metasploit modules

Language:Ruby020

cmdlinehttpserver

Minimalistic Golang HttpServer

Language:Go010

dnSpy

.NET debugger and assembly editor

Language:C#010

http-server

A simple HTTPS server for serving files and for providing upload functionality

Language:GoGPL-3.0020

mattermost-server-v5.17

Open source Slack-alternative in Golang and React - Mattermost

Language:GoNOASSERTION010

mitm_relay

Hackish way to intercept and modify non-HTTP protocols through Burp & others.

Language:PythonApache-2.0010

nopowershell

PowerShell rebuilt in C# for Red Teaming purposes

Language:C#BSD-3-Clause020

PMapper

A tool for quickly evaluating IAM permissions in AWS.

Language:PythonAGPL-3.0010

PoCIDOR

PoC for Insecure Direct Object Reference vulnerabilities

Language:Python020

posh-discovery

[alpha] A set of scripts useful to run on a compromised Windows OS to map the attack surface (find of open ports, live hosts, etc.) from that Pivot. This toolkit aims to be complementary to framework that directly play with Active Directory objects.

Language:PowerShell020

qsslcaudit

test SSL/TLS clients how secure they are

Language:C++GPL-3.0010

Shiro-721

Shiro-721 RCE Via RememberMe Padding Oracle Attack

Language:Python010

skf-flask

Security Knowledge Framework (SKF) Python Flask / Angular project

Language:HTMLAGPL-3.0010

system-design-primer

Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

Language:PythonNOASSERTION010

VCG

VisualCodeGrepper - Code security scanning tool.

Language:Visual Basic010

x64dbg

An open-source x64/x32 debugger for windows.

Language:C++NOASSERTION010

zip-slip-vulnerability

Zip Slip Vulnerability (Arbitrary file write through archive extraction)

010