Skip to content

@SECFORCE SECFORCE

Change the repository type filter

All

    Repositories list

    35 repositories

    • droidground

      Public
      A flexible playground for Android CTF challenges.
      androidplaygroundcybersecurity
      androidplaygroundcybersecurityctf
      TypeScript
      GNU General Public License v3.0
      711400Updated Apr 15, 2026Apr 15, 2026

    • LLMGoat

      Public
      This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.
      Python
      GNU General Public License v3.0
      55100Updated Jan 19, 2026Jan 19, 2026

    • droidground-samples

      Public
      Sample applications to showcase DroidGround
      ctfsample-appsdroidground
      ctfsample-appsdroidground
      Kotlin
      0500Updated Jan 7, 2026Jan 7, 2026

    • NetScalerEPABypass

      Public
      A quick and dirty way to bypass encrypted EPA to connect to a NetScaler Gateway
      Python
      The Unlicense
      11100Updated Apr 9, 2025Apr 9, 2025

    • Beacon2023

      Public
      Slides from Beacon 2023 Conference
      2300Updated Nov 27, 2023Nov 27, 2023

    • SharpWhispers

      Public
      C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
      C#
      1911110Updated Apr 14, 2023Apr 14, 2023

    • AWS-Cognito-Finder

      Public
      AWS Cognito Finder Burp Suite Extension
      Python
      2520Updated Mar 13, 2023Mar 13, 2023

    • Tunna

      Public
      Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environmen…
      Python
      2801.3k141Updated Sep 4, 2022Sep 4, 2022

    • fixer

      Public
      FIX (Financial Information eXchange) protocol fuzzer
      Ruby
      142401Updated Jul 22, 2022Jul 22, 2022

    • CSS_exfiltration

      Public
      Python
      1100Updated Jun 12, 2022Jun 12, 2022

    • SharpASM

      Public
      SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.
      C#
      95900Updated May 23, 2022May 23, 2022

    • NimWhispers

      Public
      Nim
      41300Updated Apr 8, 2022Apr 8, 2022

    • awsome-cis-checker

      Public
      Python
      MIT License
      1410Updated Feb 17, 2022Feb 17, 2022

    • SharpExtractor

      Public
      SharpExtractor is a dotnet project that allows file extraction from file containers.
      C#
      MIT License
      1100Updated Nov 17, 2021Nov 17, 2021

    • SharpZip

      Public
      C#
      1600Updated Nov 11, 2021Nov 11, 2021

    • DLL-Hollow-PoC

      Public
      DLL Hollowing PoC - Remote and Self shellcode injection
      C
      178500Updated Nov 10, 2021Nov 10, 2021

    • SharpAllowedToAct

      Public
      Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
      C#
      37200Updated Nov 10, 2021Nov 10, 2021

    • CVE-2021-37748

      Public
      Python
      6500Updated Oct 25, 2021Oct 25, 2021

    • SNMP-Brute

      Public
      Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.
      Python
      GNU General Public License v3.0
      10633300Updated Sep 13, 2021Sep 13, 2021

    • AzDetect

      Public
      Python
      1000Updated Jun 22, 2021Jun 22, 2021

    • sparta

      Public
      Network Infrastructure Penetration Testing Tool
      Python
      GNU General Public License v3.0
      4421.7k165Updated Jun 2, 2021Jun 2, 2021

    • Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647

      Public
      MOVEit Transfer 2020 web application Stored Cross-Site Scripting (XSS)
      JavaScript
      0000Updated Dec 17, 2020Dec 17, 2020

    • WPTimeCapsulePOC

      Public
      An authentication bypass was recently discovered (https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/) on WP Time Capsule < 1.21.16.…
      Python
      4500Updated Jan 16, 2020Jan 16, 2020

    • proxyfuzz

      Public
      Python
      151101Updated Nov 20, 2019Nov 20, 2019

    • CVE-2018-1000082-exploit

      Public
      0100Updated Oct 22, 2019Oct 22, 2019

    • secforce.github.io

      Public
      Blog content (BETA)
      HTML
      0000Updated Apr 25, 2019Apr 25, 2019

    • Macro-Keystrokes

      Public
      PoC of execution of commands on a Word macro, without the use of rundll32.exe and importation of kernel32 libraries such as CreateRemoteThread or CreateProcessA…
      5800Updated Apr 1, 2019Apr 1, 2019

    • CVE-2018-8941

      Public
      D-Link DSL-3782 Code Execution (Proof of Concept)
      9910Updated Apr 3, 2018Apr 3, 2018

    • sftp-exploit

      Public
      OpenSSH <=6.6 SFTP misconfiguration universal exploit
      Python
      212700Updated Mar 20, 2018Mar 20, 2018

    • CVE-2008-1613

      Public
      RedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.
      cve-2008-1613
      cve-2008-1613
      Python
      4200Updated May 3, 2017May 3, 2017
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.