Bishop Fox

Repositories

• sliver

  Implant framework

  golang http dns-server red-team security-tools c2 red-team-engagement
  Go GPL-3.0 130 966 56 (7 issues need help) 1 Updated Jun 14, 2020

• rmiscout

  RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

  java scanner javassist offensive-security java-rmi security-tools java-deserialization
  Java MIT 24 130 1 0 Updated Jun 11, 2020

• bfdecrypt

  Utility to decrypt App Store apps on jailbroken iOS 11.x
  C Apache-2.0 56 313 4 1 Updated May 24, 2020

• GadgetProbe

  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

  java pentesting javassist security-tools burp-extensions java-deserialization pentest-tools
  Java MIT 42 259 0 0 Updated Apr 22, 2020

• IDontSpeakSSL

  Simple tool based on sslyze to scan large scope and provide SSL/TLS vulnerabilities

  tls ssl security-tools testssl
  Python GPL-3.0 4 39 0 0 Updated Apr 6, 2020

• GitGot

  Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

  python github-api security osint fuzzy-matching recon gists
  Python LGPL-3.0 128 878 0 4 Updated Mar 27, 2020

• zigdiggity

  A ZigBee hacking toolkit by Bishop Fox

  zigbee iot-security security-tools pentest-tool zigbee-hacking
  Python GPL-3.0 34 140 2 1 Updated Feb 6, 2020

• dufflebag

  Search exposed EBS volumes for secrets

  aws-ebs elasticbeanstalk security-tools aws-ebs-volumes aws-ebs-snapshot aws-eb
  Go GPL-3.0 8 130 1 0 Updated Feb 5, 2020

• rickmote

  The Rickmote Controller: Hijack TVs using Google Chromecast

  prank google-chromecast rickroll rickmote
  Python GPL-3.0 33 186 4 0 Updated Feb 4, 2020

• eyeballer

  Convolutional neural network for analyzing pentest screenshots

  python machine-learning ai tensorflow security-tools pentesting-tools
  Python GPL-3.0 43 351 9 4 Updated Jan 23, 2020

• pwn-pulse

  Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

  exploit penetration-testing infosec pentesting cve red-team pentest-scripts
  Shell GPL-3.0 34 76 1 0 Updated Jan 15, 2020

• cyberdic

  An auxiliary spellcheck dictionary that corresponds with the Bishop Fox Cybersecurity Style Guide

  language spellcheck dictionary spelling hunspell word-processor
  CC-BY-SA-4.0 7 37 0 0 Updated Jan 3, 2020

• bfinject

  Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
  Objective-C++ Apache-2.0 139 511 25 9 Updated Dec 19, 2019

• .github

  Bishop Fox Engineering
  0 1 0 0 Updated Nov 20, 2019

• spoofcheck

  Simple script that checks a domain for email protections

  python phishing spf dmarc-record email-security security-tools
  Python MIT 84 362 3 5 Updated Nov 1, 2019

• gowitness

  Forked from sensepost/gowitness

  🔍 gowitness - a golang, web screenshot utility using Chrome Headless
  Go 111 7 0 0 Updated May 31, 2019

• SpoofcheckSelfTest

  Web application that lets you test if your domain is vulnerable to email spoofing
  Python Apache-2.0 12 21 0 1 Updated Mar 5, 2019

• deephack

  PoC code from DEF CON 25 presentation

  machine-learning ai proof-of-concept tensorflow keras security-tools
  Python 46 214 3 1 Updated Apr 18, 2018

• xsshunter

  Forked from mandatoryprogrammer/xsshunter

  The XSS Hunter service - a portable version of XSSHunter.com
  JavaScript 214 20 0 0 Updated Nov 13, 2017

• cervus

  Cervus - ELK stack for monitoring global bitflip events
  Python 0 7 0 0 Updated Sep 18, 2017

• ProxyListReliabilityCheck

  Perl script to test the reliability of a list of open web proxies.
  Perl 8 17 1 0 Updated Jul 5, 2017

• iSpy

  A reverse engineering framework for iOS
  Logos Apache-2.0 96 346 8 0 Updated Aug 11, 2016

• ispy-shell
  C 1 12 1 0 Updated Jul 18, 2016

• cve-2016-1764

  Forked from moloch--/cve-2016-1764

  Recovery of Plaintext iMessage Data Without Breaking Crypto

  proof-of-concept imessage exploit-code injection-attacks
  JavaScript 33 99 0 0 Updated Apr 9, 2016

• untwister

  Forked from altf4/untwister

  Seed recovery tool for PRNGs

  rng random-number-generators security-tools
  C++ GPL-3.0 33 58 0 1 Updated Feb 3, 2016

• theos-jailed

  Forked from theos/theos

  A version of Theos/CydiaSubstrate for non-jailbroken iOS devices
  Perl 847 290 12 3 Updated Jan 24, 2016

• firecat

  Firecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network.
  C 27 86 2 0 Updated Jan 11, 2016

• watchtower Archived

  Forked from chrisallenlane/watchtower

  Static Code Analysis tool. Platform and language agnostic. Provides reporting and custom signatures.
  Ruby GPL-3.0 24 12 0 0 Updated Oct 15, 2015

• coldfusion-10-11-xss

  Proof of Concept code for CVE-2015-0345 (APSB15-07)

  proof-of-concept xss coldfusion exploit-code
  4 17 0 0 Updated Jun 12, 2015

• spfmap

  A program to map out SPF and DKIM records for a large number of domains
  Go 7 24 0 0 Updated Apr 1, 2015