Giter VIP home page Giter VIP logo

I'm a CHECK Team Leader web app pentester and I largely build quick and dirty scripts to exploit web vulnerabilities. Some of my stuff is also in /nettitude.

Highlights:

  • pwnlyoffice - Exploit ONLYOFFICE vulnerabilities for RCE
  • xss_payloads - Do better than alert(1)
  • zeropress - Dumb script for finding dumb PHP mistakes
  • version-detective - Work out a target site's framework version using git
  • Random Scripts - A few surprisingly useful tools that get used in pentests quite a lot
  • swagger-hose - Ingest a whole bunch of swagger docs and squirt requests in to speed up pentest triage / fuzzing

You can reach me on:

Iain Wallace's Projects

autotrader-miner icon autotrader-miner

Single-user site for mining Autotrader.co.uk data and providing more useful searches for cars

cct-syllabus icon cct-syllabus

CREST Certified Tester Syllabus in a non-crap format for revision purposes

greedy-git icon greedy-git

Tool for analysing remote git repos accidentally shared by web devs

linkedinbuddy icon linkedinbuddy

A Burp passive scanner extension which helpfully takes a note of any names and job titles you encounter whilst browsing LinkedIn

linkedint icon linkedint

LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation

ocatodo icon ocatodo

Download your last Ocado shopping list as a todo.txt list

poisonpen icon poisonpen

Python tool for creating malicious Office docs

posh-hunter icon posh-hunter

Find a PoshC2 instance from a payload file and interact with it

prowler icon prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

random-scripts icon random-scripts

Quick and dirty scripts that don't really belong in a larger project

resourcespace icon resourcespace

git clone of https://svn.resourcespace.com/svn/rs/releases/9.8/

rift icon rift

Rapid intranet framework template: Create flexible web-based relational databases inside your organisation with the minimum development time

swagger-hose icon swagger-hose

Squirt a bunch of swagger requests into an API just to get some base requests to start from

toothbot icon toothbot

Toothbrushing timer for Pimoroni Scrollbot

version-detective icon version-detective

Use git and static files to determine a web application's middleware version

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.