LowK's repositories
ctf-monitoring
Tools for CTF Attack / Defense
AutoRepeater
Automated HTTP Request Repeating With Burp Suite
CSS-injection-in-Swagger-UI
CSS injection vulnerability in Swagger UI
acefile
POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/
Brutal_SSH
Brutal SSH: SSH Login brute force, scan for vulnerable version and 0 day exploit (under development)
bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
CTF-Ranking-System
CTF ranking system for KMA's students, follow ctftime.org's events
docx
Simple Google Go (golang) library for replace text in microsoft word (.docx) file
docx-embeddedhtml-injection
This PowerShell script exploits a known vulnerability in Word 2016 documents with embedded online videos by injecting HTML code into a docx file, replacing the values of all pre-existing embeddedHtml tags.
feedgen
Generates RSS/ATOM/JSON feeds. Can be reasonably extended or create a feed using the CSS generator.
fuzz.txt
Potentially dangerous files
gosec
Golang security checker
hassio-frp-client
A fast reverse proxy client for Hass.io to help you expose a home assistant behind a NAT or firewall to the internet.
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
jbossScan
扫描jboss常见漏洞路径是否存在。
mybash
zsh
nishang
Nishang - PowerShell for penetration testing and offensive security.
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
PSSE
PowerShell Scripting Expert repository, contains template code for security and administrative scripting, largely derived through taking the SecurityTube PowerShell for Pentesters course
RedTeamScripts
Repo with various Red Team scripts
scriptsAndExploits
Some scripts and exploits
SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
wordpress-docker-compose
Easy Wordpress development with Docker and Docker Compose