Skip to content

@ProfessionallyEvil Professionally Evil

Change the repository type filter

All

    Repositories list

    46 repositories

    • csp-slap

      Public
      An interactive security laboratory demonstrating Content Security Policy implementation.
      EJS
      Other
      0100Updated Jun 8, 2025Jun 8, 2025

    • consulting-ttps

      Public
      Shell
      GNU General Public License v3.0
      0100Updated Apr 9, 2025Apr 9, 2025

    • blog-custom-collaborator-everywhere

      Public
      A slightly modified version of collaborator everywhere for a blog post
      Java
      99000Updated Jan 28, 2025Jan 28, 2025

    • harpoon

      Public
      A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
      Go
      MIT License
      3713970Updated Oct 15, 2024Oct 15, 2024

    • brokkr

      Public
      GNU Lesser General Public License v2.1
      0200Updated Sep 22, 2024Sep 22, 2024

    • webcast-iac-sast

      Public
      Dockerfile
      GNU Lesser General Public License v2.1
      0000Updated Aug 22, 2024Aug 22, 2024

    • dotknotty

      Public
      This is a dotnet vulnerable application for demonstrating web app flaws.
      C#
      0000Updated Aug 11, 2024Aug 11, 2024

    • wappalyzer

      Public
      The last commit of Wappalyzer before it went private
      JavaScript
      GNU General Public License v3.0
      169100Updated Jul 29, 2024Jul 29, 2024

    • tartar-sauce

      Public
      Miscellaneous demos and scripts for user awareness campaigns
      JavaScript
      0000Updated Jul 12, 2024Jul 12, 2024

    • webcast-cloudy-stealth

      Public
      Infrastructure as Code repo that accompanies the Cloudy with a Chance of Stealth webcast: https://youtu.be/_o-kZ9OIIQo
      HCL
      GNU Lesser General Public License v3.0
      0000Updated Jul 11, 2024Jul 11, 2024

    • k8s-labs

      Public
      JavaScript
      1460Updated Apr 4, 2024Apr 4, 2024

    • container-escape-labs

      Public
      Some container escape labs
      Batchfile
      1100Updated Apr 4, 2024Apr 4, 2024

    • client-side-attacks-lab

      Public
      Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.
      HTML
      520125Updated Dec 10, 2022Dec 10, 2022

    • SameSiteAttackDemo

      Public
      A simple demo web app built with Svelte + Restify that is meant to demonstrate security aspects regarding the SameSite cookie flag.
      JavaScript
      15011Updated Dec 6, 2022Dec 6, 2022

    • blog-juiceshop-workshop

      Public
      Repo for this blog post: https://www.secureideas.com/blog/juiceshop-workshop-in-less-than-5-minutes
      Python
      0000Updated Sep 7, 2022Sep 7, 2022

    • cookie-monster

      Public
      Coming soon...
      JavaScript
      MIT License
      0200Updated Aug 10, 2022Aug 10, 2022

    • x86_asm

      Public
      x86 Assembly Code Examples for Blog Posts
      Assembly
      MIT License
      31800Updated Aug 2, 2022Aug 2, 2022

    • blog-ansible-webservers

      Public
      Repo for this blog: https://www.secureideas.com/blog/ensuring-web-security-via-ansible-apache
      MIT License
      0000Updated Aug 2, 2022Aug 2, 2022

    • edit_leaked_file_descriptor

      Public
      An all-in-one tool to edit a leaked file descriptor in SetUID binaries.
      C
      MIT License
      0200Updated Jun 24, 2022Jun 24, 2022

    • nmap_oui_update

      Public
      A script to download OUI data from the IEEE and parse it into the nmap-mac-prefixes file so Nmap has the latest OUI data.
      Python
      MIT License
      21220Updated Jun 8, 2022Jun 8, 2022

    • LD_PRELOAD-accept-backdoor

      Public
      Code samples to go along with the blog post on how to create an LD_PRELOAD backdoor hooking accept()
      C
      MIT License
      51000Updated May 26, 2022May 26, 2022

    • LD_PRELOAD-run-at-load-time

      Public
      Code samples to go along with the blog post on how to run code at load/unload time when using LD_PRELOAD to inject libraries.
      C
      MIT License
      31200Updated May 18, 2022May 18, 2022

    • CVE-2021-38295-PoC

      Public
      A simple Python proof of concept for CVE-2021-38295.
      Python
      3300Updated Oct 14, 2021Oct 14, 2021

    • March-2021-KeyGenMe-Solution

      Public
      This repo is to provide an example solution to the KeyGenMe challenge binary from March 2021.
      Python
      MIT License
      0000Updated Sep 17, 2021Sep 17, 2021

    • static-analysis-ttp

      Public
      Shell
      GNU Lesser General Public License v3.0
      0110Updated Sep 1, 2021Sep 1, 2021

    • bash_tricks

      Public
      a github repo that will be used for teaching bash optimizations in a youtube series
      GNU General Public License v3.0
      11060Updated Jul 6, 2021Jul 6, 2021

    • DVFPS

      Public
      A Damn Vulnerable FPS game built using Godot
      GDScript
      MIT License
      2900Updated Apr 14, 2021Apr 14, 2021

    • csik

      Public archive
      Client Script Injection Kit
      Python
      1300Updated Dec 10, 2020Dec 10, 2020

    • writeup_11_13_2020_challenge

      Public
      A supporting repo for a blog post write-up of how to solve the November 13th, 2020 Detective Nevils Mystery Challenge.
      Python
      MIT License
      0000Updated Nov 30, 2020Nov 30, 2020

    • LD_PRELOAD-rand-Hijack-Example

      Public
      Code samples to go along with the blog post on using LD_PRELOAD to hijack rand() in a number guessing game.
      C
      MIT License
      31100Updated Oct 29, 2020Oct 29, 2020