Synacktiv's repositories
nord-stream
Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.
php_filter_chains_oracle_exploit
A CLI to exploit parameters vulnerable to PHP filter chain error based oracle.
QLinspector
Finding Java gadget chains with CodeQL
CVE-2023-35001
Pwn2Own Vancouver 2023 Ubuntu LPE exploit
rulesfinder
Machine-learn password mangling rules
Invoke-RunAsWithCert
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
CVE-2020-9289
Decrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).
forensic-msvpn
This repository contains Velociraptor artifact and Chainsaw rules to help detect Microsoft Remote Access VPN activity
krustyloader-analysis
KrustyLoader Analysis
dissect.esedb
A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, Exchange and Windows Update.
gh-hijack-runner
A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.
CacheData_decrypt
A simple Toolkit to BF and decrypt Windows EntraId CacheData