Thomas's starred repositories
tactical-exploitation
Modern tactical exploitation toolkit.
decomp2dbg
A plugin to introduce interactive symbols into your debugger from your decompiler
mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
Vulnerable-Code-Snippets
A small collection of vulnerable code snippets
awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
flipper_sub_plotters_comparers
Flipper SUB Plotters / comparers!
a-picture-is-worth-a-1000-words
I am trying to describe complex matters in simple doodles!
wrongsecrets
Vulnerable app with examples showing how to not use secrets
Real-Time-Voice-Cloning
Clone a voice in 5 seconds to generate arbitrary speech in real-time
ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
DirectoryImporter
This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
pico-light-arcade
A small arcade game utilizing the Raspberry Pi Pico and 20 arcade buttons!
TinyCheck
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
report_examples
Example reports from prior years of the Collegiate Penetration Testing Competition
Fuzzing101
An step by step fuzzing tutorial. A GitHub Security Lab initiative