hxp2k6's repositories
Add-Trusted-Certificate-to-iOS-Simulator
Script for easily importing a trusted CA certificate into the iOS Simulator's trust store. This provides application testers the ability to intercept SSL traffic when using the simulator for testing.
AlienVaultLabs
Alienvault Labs Projects Random Stuff
AntiXSS-for-Java
AntiXSS for Java is a port of the Microsoft Anti-Cross Site Scripting (AntiXSS) v1.5 library for .NET applications. The library requires Java 1.4 or higher, but has no other prerequisites.
Code-from-O-reilly-Network-Security-Tools
Tools developed for the book Network Security Tools: Writing, Hacking, and Modifying Security Tools (Published April 2005 by O'Reilly - ISBN 0-596-00794-9). These examples, along with the rest of the examples from the book, are also available from O'Reilly.
Deflate-Burp-Plugin
The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.
faraday-http-cache
a faraday middleware that respects HTTP cache
GWT-Penetration-Testing-Toolset
A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt
mangers-oracle
Demonstration of Manger's Oracle, attacking RSA OAEP
misp-bloomfilter
A tool to create bloom filters from MISP records to share IOCs with others without breaking confidentiality.
misp-graph
A tool to convert MISP XML files (events and attributes) into graphs
proxychains
proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
WCF-Binary-SOAP-Plug-In
This is a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1). There are two versions of the plug-in available (consult the README for more information).
WCF-WSDualHttpBinding-Port-Scanner
Proof of Concept utility for abusing WCF Web Services that use the WSDualHttpBinding in order to perform remote port scans of arbitrary hosts.