-
sliver
Adversary Emulation Framework
Go ★ 11k 17d agoExplain → -
unredacter
Never ever ever use pixelation as a redaction technique
TypeScript ★ 8.3k 2y agoExplain → -
cloudfox
Automating situational awareness for cloud penetration tests.
Go ★ 2.5k 25d agoExplain → -
jsluice
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Go ★ 1.8k 2y agoExplain → -
GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Python ★ 1.6k 2y agoExplain → -
eyeballer
Convolutional neural network for analyzing pentest screenshots
Python ★ 1.3k 3mo agoExplain → -
sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
Go ★ 852 1mo agoExplain → -
h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
Python ★ 800 4y agoExplain → -
badPods
A collection of manifests that will create pods with elevated privileges.
Shell ★ 703 5mo agoExplain → -
bfinject
Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
Objective-C++ ★ 640 4y agoExplain → -
GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Java ★ 616 5y agoExplain → -
iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
HCL ★ 574 3mo agoExplain → -
bfdecrypt
Utility to decrypt App Store apps on jailbroken iOS 11.x
C ★ 486 6y agoExplain → -
cloudfoxable
Create your own vulnerable by design AWS penetration testing playground
Python ★ 457 1mo agoExplain → -
rmiscout
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
Java ★ 449 3y agoExplain → -
smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
Go ★ 350 6y agoExplain → -
theos-jailed ⑂
A version of Theos/CydiaSubstrate for non-jailbroken iOS devices
Perl ★ 343 10y agoExplain → -
dufflebag
Search exposed EBS volumes for secrets
Go ★ 306 3y agoExplain → -
zigdiggity
A ZigBee hacking toolkit by Bishop Fox
Python ★ 297 4y agoExplain → -
deephack
PoC code from DEF CON 25 presentation
Python ★ 244 8y agoExplain → -
CVE-2023-3519
RCE exploit for CVE-2023-3519
Python ★ 228 2y agoExplain → -
rickmote
The Rickmote Controller: Hijack TVs using Google Chromecast
Python ★ 224 6y agoExplain → -
json-interop-vuln-labs
Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
Python ★ 210 3y agoExplain → -
raink
Use LLMs for document ranking
Go ★ 176 1y agoExplain → -
aimap
Discover Exposed AI Services
Python ★ 171 1mo agoExplain → -
Imperva_gzip_WAF_Bypass
No description.
Python ★ 169 4y agoExplain → -
BrokenHill
A productionized greedy coordinate gradient (GCG) attack tool for large language models (LLMs)
Python ★ 168 1y agoExplain → -
forticrack
Decrypt encrypted Fortienet FortiOS firmware images
Python ★ 156 2y agoExplain → -
asminject
Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace by accessing /proc/<pid>/mem. Useful for certain post-exploitation scenarios, recovering content from process memory, etc..
Python ★ 145 3y agoExplain → -
pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Shell ★ 135 6y agoExplain → -
firecat
Firecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network.
C ★ 134 10y agoExplain → -
CVE-2023-27997-check
Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
Python ★ 134 2y agoExplain → -
mellon
OSDP attack tool (and the Elvish word for friend)
HTML ★ 114 2y agoExplain → -
cve-2024-21762-check
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
Python ★ 107 1y agoExplain → -
cve-2016-1764 ⑂
Recovery of Plaintext iMessage Data Without Breaking Crypto
JavaScript ★ 107 10y agoExplain → -
anti-anti-automation
Anti-Anti-Automation Framework
Python ★ 101 12y agoExplain → -
cyberdic
An auxiliary spellcheck dictionary that corresponds with the Bishop Fox Cybersecurity Style Guide
★ 97 3y agoExplain → -
untwister ⑂
Seed recovery tool for PRNGs
C++ ★ 88 10y agoExplain → -
llm-testing-findings
LLM Testing Findings Templates
HTML ★ 75 2y agoExplain → -
bigip-scanner
Determine the running software version of a remote F5 BIG-IP management interface.
Python ★ 70 2y agoExplain → -
cirro
Creating attacks paths across management and data planes
Rust ★ 60 19d agoExplain → -
SpoofcheckSelfTest
Web application that lets you test if your domain is vulnerable to email spoofing
Python ★ 44 7y agoExplain → -
spfmap
A program to map out SPF and DKIM records for a large number of domains
Go ★ 41 11y agoExplain → -
CVE-2021-35211
No description.
Python ★ 38 4y agoExplain → -
ca-clone
Scripts to clone CA certificates for use in HTTPS client attacks.
Shell ★ 37 6y agoExplain → -
ysoserial-bf ⑂
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Java ★ 37 2y agoExplain → -
CVE-2026-34908-check
Safely detect whether a UniFi OS Server is vulnerable to CVE-2026-34908
Python ★ 34 15d agoExplain → -
ProxyListReliabilityCheck
Perl script to test the reliability of a list of open web proxies.
Perl ★ 31 9y agoExplain → -
xsshunter ⑂
The XSS Hunter service - a portable version of XSSHunter.com
JavaScript ★ 28 8y agoExplain → -
joro
A collaborative web exploitation framework.
Go ★ 23 3d agoExplain → -
coldfusion-10-11-xss
Proof of Concept code for CVE-2015-0345 (APSB15-07)
★ 22 11y agoExplain → -
sonicrack
Decrypt encrypted SonicOSX firmware images
Python ★ 21 1y agoExplain → -
public-pentesting-reports ⑂
Curated list of public penetration test reports released by several consulting firms and academic security groups
★ 20 5y agoExplain → -
CVE-2022-22274_CVE-2023-0656
No description.
Python ★ 19 2y agoExplain → -
otto-support
An implementation of a vulnerable MCP server using mcp-go
Go ★ 18 2mo agoExplain → -
local-llm-ctf
A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow
Go ★ 18 1y agoExplain → -
awsservicemap
Go module that returns supported regions for a service or supported services for a region
Go ★ 17 6mo agoExplain → -
wordlist-sanitizer
Remove Offensive and Profane Words from Wordlists
Go ★ 16 2y agoExplain → -
cirrodash
Dashboard for Cirro
TypeScript ★ 14 2mo agoExplain → -
gowitness ⑂
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
Go ★ 13 7y agoExplain → -
shining-mask
No description.
Python ★ 12 7mo agoExplain → -
burpcage
No description.
Kotlin ★ 10 3y agoExplain → -
cirro-azcli-ext
Azure CLI extension for Cirro collection
Python ★ 7 2mo agoExplain → -
steampipe ⑂
Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required.
★ 7 4y agoExplain → -
docker-selenium ⑂
Docker images for the Selenium Grid Server
★ 7 5y agoExplain → -
aws-signing ⑂
CLI that allows user to submit http requests using AWS request signing
Go ★ 6 2mo agoExplain → -
fortiweb-auth-bypass-check
No description.
Python ★ 5 6mo agoExplain → -
VulnerableGWTApp
An intentionally-vulnerable GWT-based web application to test tooling and techniques
Java ★ 5 2y agoExplain → -
You-re-Doing-IoT-RNG
Results and device code from the DEF CON 29 presentation "You're Doing IoT RNG"
C ★ 5 4y agoExplain → -
zgrab2 ⑂
Fast Go Application Scanner
★ 4 4y agoExplain → -
knownawsaccountslookup
Go module that provides two lookup functions for the data in https://github.com/fwdcloudsec/known_aws_accounts
Go ★ 4 2y agoExplain → -
aws_seeker ⑂
No description.
★ 4 6y agoExplain → -
CVE-2025-6980-check
Safely test Arista NGFW for information disclosure
Python ★ 3 6mo agoExplain → -
aws-eks-accelerator-for-terraform ⑂
The AWS EKS Accelerator for Terraform is a framework designed to help deploy and operate secure multi-account, multi-region AWS environments. The power of the solution is the configuration file which enables the users to provide a unique terraform state for each cluster and manage multiple clusters from one repository. This code base allows users to deploy EKS add-ons using Helm charts.
HCL ★ 3 4y agoExplain → -
kafka-connect-field-and-time-partitioner ⑂
Kafka Connect Store Partitioner by custom fields and time; also removing topic from s3 file path
Java ★ 3 2y agoExplain → -
n0sc0p3 ⑂
Silly little aws auditing project
★ 3 6y agoExplain → -
s3-odradek ⑂
Little tool to suss out S3 permissions as visible to the public.
★ 3 6y agoExplain → -
CVE-2026-0265-check
Safely detect whether a PAN-OS target is vulnerable to CVE-2026-0265.
Python ★ 2 29d agoExplain → -
CVE-2026-25075-check
No description.
Python ★ 2 2mo agoExplain → -
install-aws-cli-action ⑂
Install AWS CLI on a GitHub Actions Linux host
Shell ★ 2 2mo agoExplain → -
action-automatic-releases ⑂
READONLY: Auto-generated mirror for https://github.com/marvinpinto/actions/tree/master/packages/automatic-releases
★ 2 2y agoExplain → -
ssp-eks-add-ons ⑂
No description.
★ 2 4y agoExplain → -
render-whitespace-plextrac ⑂
Are they tabs? Are they spaces? How many? Never wonder again!
★ 2 7y agoExplain → -
.github
Bishop Fox Engineering
★ 2 6y agoExplain → -
exchange-scanner
Identify public-facing Microsoft Exchange servers and determine their software versions
Python ★ 1 8d agoExplain → -
CVE-2026-28318-check
Safely detect whether a SolarWinds Serv-U host is vulnerable to CVE-2026-28318
Python ★ 1 8d agoExplain → -
CVE-2026-22557-check
Safely detect whether a UniFi Network Application controller is vulnerable to CVE-2026-22557
Python ★ 1 19d agoExplain → -
sparkplugFuzzer
Fuzzer for the Sparkplug B IIoT protocol
Python ★ 1 25d agoExplain → -
CVE-2026-27886-check
Detect whether a Strapi instance is vulnerable to CVE-2026-27886 (unauthenticated boolean-oracle exfiltration of administrator secrets).
Python ★ 1 29d agoExplain → -
CVE-2026-35616-check
No description.
Python ★ 1 2mo agoExplain → -
minisign-action ⑂
Github action to sign and verify minisign/signify signatures
Shell ★ 1 2y agoExplain → -
action-zip ⑂
A GitHub action used to zip file contents
Dockerfile ★ 1 2y agoExplain → -
action-gh-release ⑂
📦 :octocat: GitHub Action for creating GitHub Releases
TypeScript ★ 1 2y agoExplain → -
gcp-terraform-cloud-connector
This repo provides a terraform module for customers looking to implement Google Cloud connector support for Bishop Fox Cosmos
HCL ★ 1 2y agoExplain →
No repos match these filters.