mmg1's repositories
gomo
Wiki pages about Android internals
practical-reverse-engineering
my results for the exercises in the book "Practical Reverse Engineering" by Bruce Dang et al.
dilettante
Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.
UniversalInject
Windows IME-based DLL injection. Able to inject a DLL without OpenProcess or a process handle being necessary..
ZjDroid
Android app dynamic reverse tool based on Xposed framework.
DiabloHorn
Projects and POCs
ollydbg2-python
Scripting OllyDBG2 using Python is now possible!
SimpleBackdoor
Remote Windows shell
Linux_Exploit_Suggester
Linux Exploit Suggester; based on operating system release number
SysvolExplorer
Active Directory Group Policy analyzer
burp-protobuf-decoder
A simple Google Protobuf Decoder for Burp
WindowsInternals-1
Windows Internals Study Notes.
ebooks
All free PowerShell.org ebooks
JavaPayload
JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
p0rk-crackling
Distributed password cracker for operating over high latency networks of loosely coupled hosts.
burp-extensions
Burp Suite Extensions
bucket_finder
Amazon bucket brute force tool
BufferOverflow-Kit
We collect many tools used in buffer overflow development in one place, repeating with new idea is not a shame - thanks China :)
COMRaider
ActiveX Fuzzing tool with GUI, object browser, system scanner, and distributed auditing capabilities
RE-for-beginners
Quick introduction to reverse engineering for beginners
xss.swf
a tiny tool for swf hacking, just browse it:)
pwp
Python Web framework P0wner
skipfish
Web application security scanner created by lcamtuf for google - Unofficial Mirror
sysret
Windows Kernel Intel x64 SYSRET Vulnerability Exploit
GWT-Penetration-Testing-Toolset
A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt
Scripts-1
random_scripts
API_watching
监视Windows系统下程序执行过程中的API调用,采用Ring3 Hook方式进行监控,记录API调用,分析软件行为。
Shortlink-Revealer
A firefox extension that, upon mouseover of a URL, will show you the actual target of that URL - not the bit.ly or other shortlink.