CTF write-ups

An HTTP toolkit for security research.

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

Independent technology for modern publishing, memberships, subscriptions and newsletters.

A mechanism to selectively enable and disable browser features and APIs

Proposal to allow specifying a text snippet in a URL fragment

Easy to configure Honeypot for Blue Team

☁️ Nextcloud server, a safe home for all your data

PCRE wrapping library that offers type-safe preg_* replacements.

Maho is a free and open source ecommerce platform created in 2024. Based on the M1 platform, Maho offers great stability and a vast ecosystem of modules and extensions.

GLPI vulnerabilities checking tool

The WebAssembly Binary Toolkit

An nsjail Docker image for CTF pwnables. Easily create secure, isolated xinetd/inetd-style services.

american fuzzy lop - a security-oriented fuzzer

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

Daemon to ban hosts that cause multiple authentication errors

DSL engine

Helios server

Concurrent networking library for Python

SADDNS: Side Channel Based DNS Cache Poisoning Attack

Lightweight server monitoring hub with historical data, docker stats, and alerts.

Subdomain enumeration and information gathering tool

Browser extension that leverages TruffleHog and Native Messaging Hosts to scan web traffic in real-time for exposed secrets

A browser automation framework and ecosystem.