Jason Ross's repositories
Auto-GPT
An experimental open-source attempt to make GPT-4 fully autonomous.
GC2-sheet
GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.
llm-security
New ways of breaking app-integrated LLMs
ardupilot
ArduPlane, ArduCopter, ArduRover, ArduSub source
hackerpoints
hackerpoints app
Prompt-Injection-Playground
A playground to test various prompt injection techniques and bypasses.
pretalx
Conference planning tool: CfP, scheduling, speaker management
stable-diffusion-webui-blip2-captioner
BLIP2 captioning tool as an extension of AUTOMATIC's WebUI
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
prowler
Prowler is an Open Source Security tool to perform Cloud Security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
url2screen
Automated screenshots of webpages using NodeJS
chatgpt-playground
chatGPT playground
gpt3_security_vulnerability_scanner
GPT-3 found hundreds of security vulnerabilities in this repo
rfctf-container
scripts that go in the rfctf container
sliver
Adversary Emulation Framework
nn-zero-to-hero
Neural Networks: Zero to Hero
octosuite
Advanced Github OSINT Framework
Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
getpackt
App that sends an SMS reminder to download the free daily Packt.com e-book
GodGenesis
A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.
faker-golang
Random fake data and struct generator for Go.
toxssin
An XSS exploitation command-line interface and payload generator.
slack-clone-docker
Containerising Slack Clone App built with MERN Stack
pen-testing-findings
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.
adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
red_team_attack_lab
Red Team Attack Lab for TTP testing & research
GOAD
game of active directory
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication