A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.

Consulta de placas de veículos na base de dados do SINESP Cidadão sem a necessidade do preenchimento de captchas

DPWO

Sharing our security research on the Oculus Quest

Tools for maintaining access to systems and proof-of-concept demonstrations.

The tool is used to analyze the content of the android application in local storage.

Pwnagotchi Plugins and Things for Mayhem and Profit

一个解析APK相关文件的库 [Gitee -> Github 镜像自动同步]，这只是一个备份

USB access on python

Frida tool to dump an NSS Key Log for Wireshark, from a process using dynamically linked OpenSSL (or BoringSSL)

OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.

notes and code on past CTFs

pulp_soc is the core building component of PULP based SoCs

PE Binary Shellcode Injector - Automated code cave discovery, shellcode injection, ASLR bypass, x86/x64 compatible

Alphanumeric Shellcode (x86) Encoder

Scripts I used during CTP

Protocol decode and synthesis library

Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly

Binaryninja AVR architecture plugin with lifting

🐍 Copy passwords from Crome and send them via email,Python && win32crypt

A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.

A library for the pcf8574 I2C IO expander chip

Tiny Python lib to write your own debug script for Android application with ADB

Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pente…

A python script that allows a researcher to merge databases from Malshare and Malware Bazaar to created enrriched datasets from SIEM tools