spooky360's starred repositories
EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
client-side-prototype-pollution
Prototype Pollution and useful Script Gadgets
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
StandardizedImageProcessingTest
A test suite built with Mocha/Chai to test for behavioral differences between image libraries for the web
Commodity-Injection-Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
bruteforce-http-auth
Bruteforce HTTP Authentication
detectionString
list of sql-injection and XSS strings
PenTestScripts
Scripts that are useful for me on pen tests
hackthebox-writeups
Writeups for HacktheBox 'boot2root' machines
XSS-Gif-Payload
A XSS Payload in a gif file