Pond Information Management's Projects
🔍 GitHub Action to do regex matching
A cheat sheet that contains advanced queries for SQL Injection of all types.
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
In-depth Attack Surface Mapping and Asset Discovery
A tool for reverse engineering Android apk files
Application Insights for Java
A toolset to make a system look as if it was the victim of an APT attack
Small and highly portable detection tests based on MITRE's ATT&CK.
Social networking technology created by Bluesky
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
A curated list of various bug bounty tools
Awesome list of techniques to achieve Remote Code Execution on various apps!
BloodyAD is an Active Directory Privilege Escalation Framework
experiment orchestration and data acquisition
A list of interesting payloads, tips and tricks for bug bounty hunters.
Bypass Paywalls web browser extension for Chrome and Firefox.
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
This plugin adds an ability to perform automatic code scan by Checkmarx server and shows results summary and trend in Jenkins interface.
Programmatically extract saved passwords from Google Chrome
Simulates a compromise in a cloud and container environment
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Hash collisions and their exploitations
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
A command-line utility that creates projects from cookiecutters (project templates), e.g. Python package projects, VueJS projects.
Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Cuckoo Sandbox is an automated dynamic malware analysis system