Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jwilk/security-research

Jakub's security research
https://github.com/jwilk/security-research

security

Last synced: about 1 month ago
JSON representation

Jakub's security research

Awesome Lists containing this project

README

        

This repository documents security research of a *certain individual*.

Here, threshold for what is considered a security issue is intentionally very low.

Some security-related stuff is hosted separately:

* `python-afl `_,
which enables `American fuzzy lop`_ instrumentation of Python code
* `detsan `_,
which helps you find sources of non-determinism in C (or C++) programs
* `longutf8 `_ —
overlong UTF-8 sequence generator
* `traversal-archives `_ —
archive file samples for testing against directory traversal
* `fuzzing `_ goodies
* `ttyjack `_ —
proof-of-concept tty hijacking
* `vcsnoop `_ —
Linux virtual console snooping via TIOCLINUX
* `getenvy `_ —
LD_PRELOAD library to snoop on ``getenv()`` calls
* `stopgp32 `_ —
tool to brute-force 32-bit OpenPGP key IDs
* `docbook-xsl-mitm `_ —
DocBook XSL MitM proxy
* `git-landmine `_ —
tool to create local malicious git repos
* `unfaithful-less `_ —
demonstration that less(1) is not a faithful pager
* `url.sh `_ —
URL/shell-script hybrid
* `abmagick `_ —
demonstration that ImageMagick can be abused to create arbitrary files
* `cdhttpd `_ —
HTTP server for testing Content-Disposition
* `crafted.deb `_ —
various generators of crafted \*.deb packages

.. _American fuzzy lop:
https://lcamtuf.coredump.cx/afl/

.. vim:ts=3 sts=3 sw=3 et ft=rst