Skip to content
View python4004's full-sized avatar

Block or report python4004

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Showing results

🐛 A list of writeups from the Google VRP Bug Bounty program

Python 1,631 273 Updated May 13, 2026

This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom tools, C2 servers, backdoors, exploitation techniques, stage…

C++ 1,091 185 Updated Jul 1, 2026

A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)

Shell 323 43 Updated Sep 19, 2022

Useful tips and resources for preparing for the AWAE exam.

194 27 Updated Jul 30, 2021

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

7,529 1,016 Updated May 27, 2024
C++ 1 Updated Aug 15, 2024

Python script for exploiting command injection in Open PLC Webserver v3

Python 21 4 Updated Jul 12, 2024

Active Directory certificate abuse.

C# 2,000 276 Updated Mar 30, 2026

This challenge is Inon Shkedy's 31 days API Security Tips.

2,240 350 Updated Apr 20, 2022

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

7,870 1,341 Updated Jul 1, 2026

A wrapper around grep, to help you grep for things

Go 2,121 343 Updated Jun 8, 2024

Active Directory Cheat Sheet

PowerShell 205 35 Updated May 7, 2021

Various *nix tools built as statically-linked binaries

Shell 3,721 617 Updated Aug 21, 2023

Python tool to test known techniques to bypass 403 and 401 HTTP responses.

Python 36 6 Updated May 27, 2023

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

Python 2,279 414 Updated Jul 14, 2024

A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to …

Python 13 17 Updated Feb 3, 2024

Checklist for container security - devsecops practices

1,617 227 Updated Sep 15, 2025

This repository contains a list of pseudo-sorted malicious JavaScripts collected from time to time.

HTML 92 44 Updated Mar 1, 2023

Collection of CTF Web challenges I made

PHP 2,854 482 Updated Aug 31, 2025

All the labs in this repository simulate real world bugs I found in the wild

Python 203 63 Updated Jul 25, 2024

PowerShell Obfuscator

PowerShell 4,284 810 Updated Aug 10, 2023

PowerSploit - A PowerShell Post-Exploitation Framework

PowerShell 13,053 4,712 Updated Aug 17, 2020

A little tool to play with Windows security

C 21,671 4,144 Updated Apr 17, 2026
YARA 2,551 351 Updated Jun 28, 2024

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

PHP 3,840 556 Updated Sep 29, 2025

A list of public penetration test reports published by several consulting firms and academic security groups.

HTML 9,611 2,168 Updated Jun 7, 2026

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

Python 3,393 404 Updated Apr 18, 2023

Amazon S3 bucket finder and crawler.

Python 155 57 Updated Dec 27, 2021

a Damn Vulnerable Serverless Application

JavaScript 545 208 Updated Sep 12, 2023

DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.

C# 997 125 Updated Jun 19, 2026
Next