evilsocket / jscythe
Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code.
☆319Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for jscythe
- Take over macOS Electron apps' TCC permissions☆190Updated last year
- Intercept stdin/stdout/stderr for any process☆196Updated 2 years ago
- A crossplatform mDNS enumeration tool.☆344Updated 2 years ago
- Execute ELF files without dropping them on disk☆482Updated 4 months ago
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆140Updated last year
- A web client port-scanner written in GO, that supports the WASM/WASI interface for Browser WebAssembly runtime execution.☆141Updated last year
- Venom is a library that meant to perform evasive communication using stolen browser socket☆373Updated last year
- ☆63Updated last year
- ☆199Updated 2 weeks ago
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆464Updated 2 weeks ago
- A fast and secure multi protocol honeypot.☆311Updated 2 years ago
- A curated list of awesome browser security learning material.☆130Updated last year
- An automatic Blind ROP exploitation tool☆189Updated last year
- macOS persistence tool☆221Updated 2 years ago
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆180Updated 10 months ago
- One-stop TLS traffic inspection and manipulation using dynamic instrumentation☆240Updated 2 years ago
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆116Updated 2 years ago
- CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server☆120Updated 2 years ago
- 🤩 Emoji shellcoding tools for RISC-V (32-bit and 64-bit)☆174Updated last year
- bbs is a router for SOCKS and HTTP proxies. It exposes a SOCKS5 (or HTTP CONNECT) service and forwards incoming requests to proxies or ch…☆80Updated last week
- A structure-aware HTTP fuzzing library☆205Updated last year
- Electron Research☆70Updated 2 years ago
- Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.☆231Updated 3 years ago
- eBPF hacks☆173Updated 2 months ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa …☆88Updated 6 months ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆233Updated last year
- 🌒 Shell command obfuscation to avoid detection systems☆121Updated 2 years ago
- Source Code Management Attack Toolkit☆210Updated 2 years ago
- A toolbox for extracting RSA private keys from public keys.☆168Updated 3 years ago