BishopFox/GitGot: Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

d4rk007/RedGhost: Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. (Shell)

The Nansh0u Campaign: signed rootkit, exposed infrastructure and PE exploits in a massive MS-SQL & PHPMyAdmin attack campaign

"18 U.S. Code § 1956. Laundering of monetary instruments"


Seizure notice for DeepDotWeb - Available through their .onion link.


Definitely honeypot...


here you go, internet.
a host in the 'gov' section of aws with an open rootshell.


Little blast from the last : Carna Botnet Internet Census 2012 paper.

Port scanning /0 using insecure embedded devices

"How Mass Surveillance Works in Xinjiang - Reverse Engineering Police App Reveals Profiling and Monitoring Strategies"

That's one very complete and in-depth analysis. Great report. Curious to see the source code, if anyone knows where I can find it.

More bugbounty useful ressources !

streaak/keyhacks: KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if they are valid.

"Remote Code Execution in Dell Support Assist"

Good analysis and solid write-up 👍

Tl;Dr : Database gives100% coverage, 0% false positive, fast results. But need ~52 GB.
A bloom filter with 100% coverage, a 0.1% false positive need ~945MB of memory.
Finally, 5% of the hashes results in a 47MB bloom filter that covers 61% of the data.

Pentesting Cheatsheets:
Convenient commands for your pentesting / red-teaming engagements, OSCP and CTFs.

ThePoShWolf: PowerShell module for converting Curl commands to PowerShell.

Nice little script to save. Will come useful in the future.

"Analysis of an IRC based Botnet"

Tl;Dr: Mirai variant used to perform TCP Flood attacks. Don't seem to have port 22 or 23 scans for propagation unlike Mirai yet.

H4ckForJob/dirmap: 个高级web目录扫描工具,功能将会强于DirBuster、Dirsearch、cansina、御剑。

Another nice web directory scanning tool written in Python3.

And btw Firefox mobile purposely don't hide the url bar on this given website when scrolling.

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!