Boschko

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half this shit in a formal interview ¯\_(ツ)_/¯

This is a very simple privilege escalation technique, from admin to System. This is the same technique PSExec uses.

transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV

Nice FASM src of basic ring 3 rootkit has no more use to me.

Exploits developed by me. And scripts I made and use for pentesting / getting bloods on HTB

In this repository I'll host my research and methodologies for auditing vulnerabilities

My configs, tools and what not. For everytime that I blow up my vm....

scripts I make in golang will end up here and notes I took during my study of the language

Notes From Doing The 3CX Basic Certification

Notes from 3CX Intermediate Certification

All the best password crackers I know and what their for

No description.

Fileserver written in Go with a useful upload feature that can be leveraged to transfer file between machines. Has the option to force authentication before accessing.

No description.

No description.

template exploit works by corrupting memory to control execution flow. The check_overflow.c program demonstrates this concept.

CreateProcess requires more parameters, so ShellExecute is easier to use.... less to account for then CreateProcess which is why ShelllExecute.

No description.

Here a simple linux detouring class. It should work for x64/x86 architecture. Dont expect me to explain this in an interview

Small and highly portable detection tests based on MITRE's ATT&CK.

custom binary reverseshell in C#

simple hook [FASM]

Burp Suite Certified Practitioner Exam Study

No description.

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

No description.

CTF Writeups in (.md) well formated with images and explanation / my thoughts.

No description.

Tree of Attacks (TAP) Jailbreaking Implementation

A sandbox environment designed for loading, running and profiling a wide range of files, including machine learning models, ELFs, Pickle, Javascript and more

Execute a payload at each right click on a file/folder in the explorer menu for persistence

Open-Source Phishing Toolkit

Python, Perl, Ruby tools I've written.

No description.

Made a webapp to have an idea of how they're made

CDN ranges

Credits to people helping Kamailio project

Ceph is a distributed object, block, and file storage platform

Training library for Megatron-based models with bidirectional Hugging Face conversion capability

stb single-file public domain libraries for C/C++

LLM inference in C/C++

Scripts from technical blog

NFC MiTM made with two PN532 readers and a Raspberry Pi.

A simple driver that will try to lock a driver memory so that it does not get paged-out and stay valid for snapshot taking and potentially snapshot fuzzing

Golden collection of weak passwords

Repository for our code for DataCV Challenge in CVPR 2024

Deep Comprehensive Correlation Mining

Hardcore Debugging

ECSC GR 2020 - [Medium] Web Cached 🙈

Apple OS X tool to audit for, and remediate, security configuration settings.

A True Instrumentable Binary Emulation Framework

Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

NorthSec 2023 CTF Writeups (Cubermitis)

No description.

A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.

Coerce Windows machines auth via MS-EVEN

NFC MiTM made with two PN532 readers and a Raspberry PI. Created by Aleksei Stennikov.

eXtensions for Financial Services (XFS) proof of concept client to explore and issue commands directly to the devices that support the protocol. Force ATMs to dispense cash if you have code execution on them.

Red Team C code repo

No description.

I should not have struggled this much and burned through 4 oled displays trying to make this work :/ Goodluck to anyone who wants to decipher this mess

A* path-finding algorithm written is squeaky clean python (;

I like building crawlers because sometimes people pay me? Here you'll find some of my projects and projects I was never paid out on and I'm therefore open-sourcing also some of them are creepy. Regardless enjoy and use!