Skip to content

@ProfessionallyEvil Professionally Evil

Change the repository type filter

All

    Repositories list

    43 repositories

    • harpoon

      Public
      A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
      Go
      MIT License
      3513470Updated Oct 15, 2024Oct 15, 2024

    • brokkr

      Public
      GNU Lesser General Public License v2.1
      0200Updated Sep 22, 2024Sep 22, 2024

    • webcast-iac-sast

      Public
      Dockerfile
      GNU Lesser General Public License v2.1
      0000Updated Aug 22, 2024Aug 22, 2024

    • dotknotty

      Public
      This is a dotnet vulnerable application for demonstrating web app flaws.
      C#
      0000Updated Aug 11, 2024Aug 11, 2024

    • wappalyzer

      Public
      The last commit of Wappalyzer before it went private
      JavaScript
      GNU General Public License v3.0
      151000Updated Jul 29, 2024Jul 29, 2024

    • tartar-sauce

      Public
      Miscellaneous demos and scripts for user awareness campaigns
      JavaScript
      0000Updated Jul 12, 2024Jul 12, 2024

    • webcast-cloudy-stealth

      Public
      Infrastructure as Code repo that accompanies the Cloudy with a Chance of Stealth webcast
      HCL
      GNU Lesser General Public License v3.0
      0000Updated Jul 11, 2024Jul 11, 2024

    • k8s-labs

      Public
      JavaScript
      1460Updated Apr 4, 2024Apr 4, 2024

    • container-escape-labs

      Public
      Some container escape labs
      Batchfile
      0100Updated Apr 4, 2024Apr 4, 2024

    • client-side-attacks-lab

      Public
      Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.
      HTML
      520125Updated Dec 10, 2022Dec 10, 2022

    • SameSiteAttackDemo

      Public
      A simple demo web app built with Svelte + Restify that is meant to demonstrate security aspects regarding the SameSite cookie flag.
      JavaScript
      15011Updated Dec 6, 2022Dec 6, 2022

    • blog-juiceshop-workshop

      Public
      Repo for this blog post: https://www.secureideas.com/blog/juiceshop-workshop-in-less-than-5-minutes
      Python
      0000Updated Sep 7, 2022Sep 7, 2022

    • cookie-monster

      Public
      Coming soon...
      JavaScript
      MIT License
      0200Updated Aug 10, 2022Aug 10, 2022

    • x86_asm

      Public
      x86 Assembly Code Examples for Blog Posts
      Assembly
      MIT License
      31500Updated Aug 2, 2022Aug 2, 2022

    • blog-ansible-webservers

      Public
      Repo for this blog: https://www.secureideas.com/blog/ensuring-web-security-via-ansible-apache
      MIT License
      0000Updated Aug 2, 2022Aug 2, 2022

    • edit_leaked_file_descriptor

      Public
      An all-in-one tool to edit a leaked file descriptor in SetUID binaries.
      C
      MIT License
      0200Updated Jun 24, 2022Jun 24, 2022

    • nmap_oui_update

      Public
      A script to download OUI data from the IEEE and parse it into the nmap-mac-prefixes file so Nmap has the latest OUI data.
      Python
      MIT License
      2910Updated Jun 8, 2022Jun 8, 2022

    • LD_PRELOAD-accept-backdoor

      Public
      Code samples to go along with the blog post on how to create an LD_PRELOAD backdoor hooking accept()
      C
      MIT License
      3300Updated May 26, 2022May 26, 2022

    • LD_PRELOAD-run-at-load-time

      Public
      Code samples to go along with the blog post on how to run code at load/unload time when using LD_PRELOAD to inject libraries.
      C
      MIT License
      31100Updated May 18, 2022May 18, 2022

    • CVE-2021-38295-PoC

      Public
      A simple Python proof of concept for CVE-2021-38295.
      Python
      3300Updated Oct 14, 2021Oct 14, 2021

    • March-2021-KeyGenMe-Solution

      Public
      This repo is to provide an example solution to the KeyGenMe challenge binary from March 2021.
      Python
      MIT License
      0000Updated Sep 17, 2021Sep 17, 2021

    • static-analysis-ttp

      Public
      Shell
      GNU Lesser General Public License v3.0
      0110Updated Sep 1, 2021Sep 1, 2021

    • bash_tricks

      Public
      a github repo that will be used for teaching bash optimizations in a youtube series
      GNU General Public License v3.0
      11060Updated Jul 6, 2021Jul 6, 2021

    • DVFPS

      Public
      A Damn Vulnerable FPS game built using Godot
      GDScript
      MIT License
      2900Updated Apr 14, 2021Apr 14, 2021

    • csik

      Public archive
      Client Script Injection Kit
      Python
      1300Updated Dec 10, 2020Dec 10, 2020

    • writeup_11_13_2020_challenge

      Public
      A supporting repo for a blog post write-up of how to solve the November 13th, 2020 Detective Nevils Mystery Challenge.
      Python
      MIT License
      0000Updated Nov 30, 2020Nov 30, 2020

    • LD_PRELOAD-rand-Hijack-Example

      Public
      Code samples to go along with the blog post on using LD_PRELOAD to hijack rand() in a number guessing game.
      C
      MIT License
      31100Updated Oct 29, 2020Oct 29, 2020

    • DVMMO

      Public
      Damn Vulnerable MMO; an mmo game that is deliberately vulnerable and maybe just maybe fun to play.
      GDScript
      MIT License
      1531Updated Sep 13, 2020Sep 13, 2020

    • pewapt101

      Public
      Professionally Evil Web Application Penetration Testing 101
      training
      Other
      3614110Updated Jun 16, 2020Jun 16, 2020

    • Top10

      Public
      Official OWASP Top 10 Document Repository
      HTML
      Other
      830000Updated May 2, 2020May 2, 2020