HLOverflow

💭

I may be slow to respond.

HLOverflow

💭

I may be slow to respond.

20 followers · 8 following

Singapore

Achievements

express-js-on-vercel Public

TypeScript Updated Jan 23, 2026
PortTunnelingExplained Public

I keep notes on how port tunneling works, explain the different techniques and specify which scenario to deploy which techniques.

ssh

Updated Mar 17, 2025
HLOverflow.github.io Public

Testing out blogging on Github

Python Updated Jan 12, 2025
EDRNoiseMaker Public
Forked from amjcyber/EDRNoiseMaker

Detect WFP filters blocking EDR communications

PowerShell GNU General Public License v3.0 Updated Nov 1, 2024
XXE-study Public

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF…

xxe xxe-injection php-xxe-demo python-xxe-demo java-xxe-demo xxe-example xml-entity

PHP 112 35 MIT License Updated Mar 22, 2024
SharpRDP Public
Forked from DiedB/SharpRDP

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

C# BSD 3-Clause "New" or "Revised" License Updated Feb 22, 2024
cmd-to-powershell Public

Attempts to map various CMD enumerations to powershell version without creating executable process.

PowerShell Updated Feb 3, 2024
gophish Public
Forked from gophish/gophish

Open-Source Phishing Toolkit

Go 1 1 Other Updated Oct 12, 2023
Vulnerable-VueJS Public

A repository to study attack surface of VueJS. Many articles online talked about VueJS vulnerabilities in lengthy and wordly sentences with little example codes. Here, I aim to provide short and si…

vuejs vue

HTML 3 Updated Mar 14, 2023
aws_cpt Public
Forked from violenttestpen/aws_cpt

AWS Cloud Pentest Utility - Helper scripts for a quicker Cloud PT on AWS environments

Python Updated Jan 6, 2023
Burp-Audit-Configs Public

Targeted vulnerability scanning for burp suite.

GNU General Public License v2.0 Updated Nov 16, 2022
ProxyAgent Public
Forked from cloudkanghao/ProxyAgent

Java Apache License 2.0 Updated Oct 9, 2022
cloudgoat Public
Forked from RhinoSecurityLabs/cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Python BSD 3-Clause "New" or "Revised" License Updated May 4, 2022
SOAP-study Public archive

learn how to set up SOAP in various language.

Java Updated Mar 31, 2022
log-viewer Public
Forked from PortSwigger/log-viewer

Logs is a Burp Suite extension to work with log files.

java xml logs burp-plugin burp-extensions burpsuite-tools

Java 2 GNU General Public License v3.0 Updated Nov 18, 2021
manual-scan-issues Public
Forked from PortSwigger/manual-scan-issues

Java 1 Updated Oct 27, 2021
can-i-take-over-xyz Public
Forked from EdOverflow/can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Updated Oct 5, 2021
Hotspot-Generator Public

TP_Link Atheros USB Dongle

Shell 1 Updated Oct 4, 2021
StockCat Public
Forked from thehoneymad/StockCat

A small set of dumb tools for a guy who is learning basics of finance.

Python MIT License Updated Mar 17, 2021
aws-mock-metadata Public
Forked from jtblin/aws-mock-metadata

Mock ec2 instance metadata service that can run on a developer machine

Go Other Updated Dec 21, 2020
dockerize-gui-tools Public

A place to dockerize GUI tools

Shell Updated Nov 12, 2020
Pastejacking Public
Forked from dxa4481/Pastejacking

A demo of overriding what's in a person's clipboard

HTML GNU General Public License v3.0 Updated Aug 31, 2020
PayloadsAllTheThings Public
Forked from swisskyrepo/PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python MIT License Updated Jul 12, 2020
replicator Public
Forked from PortSwigger/replicator

Burp extension to help developers replicate findings from pen tests

Java Updated Apr 28, 2020
JSP-Tutorial Public

A quick tutorial to serve small JSP web

Java Updated Apr 28, 2020
RAU_crypto Public
Forked from bao7uo/RAU_crypto

Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)

Python Apache License 2.0 Updated Mar 23, 2020
dockerize-cli-tools Public

A place to dockerize CLI tools

Shell Updated Mar 14, 2020
how2ios Public

Updated Jul 18, 2019
How-to-Frida-Android Public

Journey to learning frida android.

JavaScript 11 3 Updated Apr 23, 2019
oh-my-zsh Public
Forked from ohmyzsh/ohmyzsh

A delightful community-driven (with 1,200+ contributors) framework for managing your zsh configuration. Includes 200+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, etc…

Shell Other Updated Mar 1, 2019

HLOverflow

Achievements

Achievements

express-js-on-vercel Public

Uh oh!

PortTunnelingExplained Public

Uh oh!

HLOverflow.github.io Public

Uh oh!

EDRNoiseMaker Public

Uh oh!

XXE-study Public

Uh oh!

SharpRDP Public

Uh oh!

cmd-to-powershell Public

Uh oh!

gophish Public

Uh oh!

Vulnerable-VueJS Public

Uh oh!

aws_cpt Public

Uh oh!

Burp-Audit-Configs Public

Uh oh!

ProxyAgent Public

Uh oh!

cloudgoat Public

Uh oh!

SOAP-study Public archive

Uh oh!

log-viewer Public

Uh oh!

manual-scan-issues Public

Uh oh!

can-i-take-over-xyz Public

Uh oh!

Hotspot-Generator Public

Uh oh!

StockCat Public

Uh oh!

aws-mock-metadata Public

Uh oh!

dockerize-gui-tools Public

Uh oh!

Pastejacking Public

Uh oh!

PayloadsAllTheThings Public

Uh oh!

replicator Public

Uh oh!

JSP-Tutorial Public

Uh oh!

RAU_crypto Public

Uh oh!

dockerize-cli-tools Public

Uh oh!

how2ios Public

Uh oh!

How-to-Frida-Android Public

Uh oh!

oh-my-zsh Public

Uh oh!