Lorenzo Stella's starred repositories
the_silver_searcher
A code-searching tool similar to ack, but faster.
Burp-Non-HTTP-Extension
Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
enumerate-iam
Enumerate the permissions associated with AWS credential set
Windows-exploits
This project is only used for vulnerability verification to help security engineers better understand the system and carry out repair work. Please do not use it for other purposes.
regexploit
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
tor-socks-proxy
🐳 Tiny Docker image (🤏 10MB) as 🧅 Tor SOCKS5 proxy 🛡
gatekeeper
GATEKEEPER: Inline and on-target defense
calc_security_poc
A sample of proof of concept scripts that run Calc.exe with full source code.
request-filtering-agent
An http(s).Agent implementation that block request Private/Reserved IP addresses. Prevent SSRF.
electronegativity-action
The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD.
imagemagick-security-policy-evaluator
The ImageMagick Security Policy Evaluator allows developers and security experts to check if an XML Security Policy is hardened against a wide set of malicious attacks. It assists with the process of reviewing such policies, which is usually a manual task, and helps identify the best practices for ImageMagick deployments.
Not-In-Pentesting-Class
The Dirty Secrets They Didn't Teach You In Pentesting Class
electrolint
An open source VSCode plugin for Electron applications
CVE-2020-9283
Exploit for CVE-2020-9283 based on Go