Henry 's starred repositories
OneListForAll
Rockyou for web fuzzing
PocList
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
specification
Specification and other related documents.
autoharness
A tool that automatically creates fuzzing harnesses based on a library
containers-roadmap
This is the public roadmap for AWS container services (ECS, ECR, Fargate, and EKS).
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
paper_collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
CrackMapExec
A swiss army knife for pentesting networks
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
cloudflare-bypass
Bypass Coudflare bot protection using Cloudflare Workers
Invoke-Obfuscation
PowerShell Obfuscator
Starkiller
Starkiller is a Frontend for PowerShell Empire.
DefenderCheck
Identifies the bytes that Microsoft Defender flags on.