An OOB interaction gathering server and client library

IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).

A repository for learning various heap exploitation techniques.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Terminal in browser over http/https. (Ajaxterm/Anyterm alternative, but much better)

An implementation of TEMPEST en GNU Radio

Learn how to write webapps without a framework in Go.

Gatt is a Go package for building Bluetooth Low Energy peripherals

Reverse engineering focusing on x64 Windows.

Course content and slides from my ancient training on Reverse Engineering & Malware Analysis

A Go web server with built in logging, tracing, health check, and graceful shutdown. It also includes a few demo applications showing the Go HTML temple functionality.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

DEFCON 27 workshop - Modern Debugging with WinDbg Preview

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

Exercises to learn how to fuzz with American Fuzzy Lop

Recent Fuzzing Paper

A fork of AFL for fuzzing Windows binaries

CVE-2019-0604

A JavaScript Engine Fuzzer

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Course materials for Modern Binary Exploitation by RPISEC

Extracting URLs of a specific target based on the results of "commoncrawl.org"

🐶 A curated list of Web Security materials and resources.

A XSS mind map ;)

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux