CVE-2020-0601

😂An awesome curated list of repos for CVE-2020-0601.

Awesome-CVE-2020-0601 ✔ 😂 An awesome curated list of repos for CVE-2020-0601 PoC Ruby ollypwn/CVE-2020-0601 githubcom/ollypwn/cve-2020-0601 Python kudelskisecurity/chainoffools githubcom/kudelskisecurity/chainoffools Python saleemrashid/badecparams githubcom/saleemrashid/badecparams C gentilkiwi/curveball githubcom/g

CryptoAPI attacks

CryptoAPI attacks CVE-2020-0601 Advisory: Windows CryptoAPI Spoofing Vulnerability Our blog post on CVE-2020-0601 and the PoC Our demo website to test if you have the patch installed (Linux & MacOS users were never impacted) CVE-2022-34689 Advisory: Windows CryptoAPI Spoofing Vulnerability Initial blog post by Akamai Research Coming soon NorthSec 2023 Slides are in

Remote Code Execution Exploit

CVE-2020-0601 Remote Code Execution Exploit (CVE-2020-0601)- Citrix Application Delivery Controller & Gateway

Powershell Scripts

Powershell A collection of Powershell scripts for various purposes CVE-2020-0601 - A script to check for CVE-2020-0601 violations, and how to create realtime monitoring for attempted violations on patched endpoints

CVE-2020-0601 This script is checking if the hotfix for CVE-2020-0601 is applied according to your Windows version Furthermore it checks if there is a attempt to exploit the known vulnerability The xml file is for ControlUp Users Import the XML file to your Script (Based) Actions as usual All the information can be found here: msrc-blogmicrosoftcom/2020/01/14/jan

Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601

cve-2020-0601-Perl This is the Perl language version of the script mainrb published here: githubcom/ollypwn/CVE-2020-0601

Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic

curveball_lua Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic

PoC for "CurveBall" CVE-2020-0601

CVE-2020-0601 - CurveBall Highlights PoC for CVE-2020-0601 Trivial solution for private-key of 1 Non-trivial solution for 1 < private-key < curve-order Written in C, uses OpenSSL's libcrypto Requirements Linux of some variety apt install libssl libssl-dev Or whatever package mananger you use Compiling make Usage /curveball MicrosoftECCProductRootC

这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者，自己确实很菜，但希望坚持下去，一起加油！

CVE-2018-20250-WinRAR 这资源是作者复现WinRAR漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者，自己确实很菜，但希望坚持下去，一起加油！

Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909

Just use this - githubcom/aaronparker/LatestUpdate Updates everything if ENTERPRISE or EDU Win 10 If PRO only 1809 , 1903 & 1909 are patched Windows10_Cumulative_Updates_PowerShell This powershell script can be ran on a system and will identify if a system is patched for CVE-2020-0601 "Curveball" and if not will then download the appropriate patch

Proof of Concept for CVE-2020-0601

BADECPARAMS Proof of Concept for CVE-2020-0601 badecparamspy generates an intermediate certificate authority that exploits the vulnerability, then issues Authenticode and TLS certificates The TLS certificates have Extended Validation in Microsoft Edge and Internet Explorer httpdpy serves the contents of the www subfolder over HTTPS, using the PEM encoded certificate cha

Some of my personal automation shell scripts.

Shell-Scripts Some of my personal automation shell scripts Details of all scripts Sub-Enumsh Syntax --> /Sub-Enumsh < filename containing all domains > This script takes a file containing all domains and enumerate subdomains for each of them using multiple tools as Subfinder , Assetfinder , Amass Then after sorting them it check for alive subdomains a

CS590J Capstone Project

CS590J Capstone The general idea: Victim is a school education system that has all the grades and tons of student/teacher information Let's assume this is all stored on the same machine and we can put all these files on the desktop We are a student that wants to have malicious access to this system to access school files (grades, attendance), spy on peer's informati

Proof Of Concept for the Curveball vunerability. KuS - FH Münster

PoC-Curveball (CVE-2020-0601) Proof Of Concept for the Curveball vulnerability for the course Cryptography and Security - FH Münster Andres David Vega Botero Andres Felipe Herrera Upegui Source: ollypwn (githubcom/ollypwn/CurveBall) Set Up is meant to run on linux with the following packages: openssl openssl 110 ruby 240 node 10190 Preparing nodejs Go

😂An awesome curated list of repos for CVE-2020-0601.

Awesome-CVE-2020-0601 ✔ 😂 An awesome curated list of repos for CVE-2020-0601 PoC Ruby ollypwn/CVE-2020-0601 githubcom/ollypwn/cve-2020-0601 Python kudelskisecurity/chainoffools githubcom/kudelskisecurity/chainoffools Python saleemrashid/badecparams githubcom/saleemrashid/badecparams C gentilkiwi/curveball githubcom/g

👋 Looks like you've found my profile! Enjoy your stay (and don't take me too serious ^_^)! 💣 I'm a reverse engineer and software engineer that mostly dabbles around in Rust, C++ and various Assembly languages 👹 I spend most of my free time working on low-level projects such as but not limited to reverse engineering software (malware, anti cheats, games,

A PoC for CVE-2020-0601

CryptoAPI CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability exploitation More information in our blog post Install requirements pip install -U -r requirementstxt The certificate generation works with OpenSSL verion up to 102u CA certificate We used the USERTrust ECC Certification Authority but it can be any root certificate wor

Here i host my personal blog

Blog This repository contains the blog for blogtoerktumlarecom TODO's set up repository and push repo push production build to gh-branch configure github-pages setup cname to point correctly Change background color (darkgreyish, not totally black) create proper bio page clean up footer write blog post about base64 make sure to be able to switch between dark/lig

test SSL/TLS clients how secure they are

Table of Contents Summary Installation from Binary Packages Prior note Ubuntu Kali Installation from Sources Note on OpenSSL 110 Note on unsafe OpenSSL variant Build Instructions Detailed build description Building unsafe OpenSSL library Usage Forwarding Connection application settings hosts file traffic forwarding using proxy Usage Example #1 Usage Example #

Zeek script to detect servers vulnerable to CVE-2020-13777

Zeek test script for CVE-2020-13777 This script performs a simple test to check if a server is potentially vulnerable to CVE-2020-13777 CVE-2020-13777 causes GnuTLS to create unencrypted session tickets This seems to be detectable by checking gnutls sets the key_name to zero - for which it uses the first 16 bytes of the session-ticket This script checks if: A server sends a

Yamato Security's Ultimate Windows Event Log Configuration Guide For DFIR And Threat Hunting [ English ] | [日本語] This is yet another guide on properly configuring and monitoring Windows event logs with an emphasis on logging for sigma rules This is a work in progress, so check back please periodically for updates TLDR You can only use around 10~20% of sigma d

qsslcaudit package for Debian derivatives

Table of Contents Summary Installation from Binary Packages Prior note Ubuntu Kali Installation from Sources Note on OpenSSL 110 Note on unsafe OpenSSL variant Build Instructions Detailed build description Building unsafe OpenSSL library Usage Forwarding Connection application settings hosts file traffic forwarding using proxy Usage Example #1 Usage Example #

Resources related to CurveBall (CVE-2020-0601) detection

CurveBallDetection Resources related to CurveBall (CVE-2020-0601) detection See mediumcom/zengo/hitting-a-curveball-like-a-pro-129c1dca427c

This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.

CTF-Katana John Hammond | February 1st, 2018 This repository, at the time of writing, will just host a listing of tools and commands that may help with CTF challenges I hope to keep it as a "live document," and ideally it will not die out like the old "tools" page I had made (githubcom/USCGA/tools) The formal tool that automates some of this lo

CVE-2020-0601-spoofkey To see how to Make Spoofed Key and Signing the code REQ: openssl, mainrb(which i uplaoded) VISIT : twittercom/exploitblizzard

Implementing CVE-2020-0601

twoplustwo Implementing CVE-2020-0601

simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers

curveball-plus simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers This file is constantly updated!

Hashcheck Hashcheck uses the already existing certutil program that comes default on windows in order to show you the hash of any given file Usage: Open the Hashcheckbat file Enter the exact path to the file that needs to be checked (eg C:\Users\username\Desktop\coolfiletxt) Check the output to see the file's hash value in each supported hash format Check the official

Hashcheck Hashcheck uses the already existing certutil program that comes default on windows in order to show you the hash of any given file Usage: Open the Hashcheckbat file Enter the exact path to the file that needs to be checked (eg C:\Users\username\Desktop\coolfiletxt) Check the output to see the file's hash value in each supported hash format Check the official

CurveBall (CVE-2020-0601) - PoC This vulnerability, known as CurveBall, is due to invalid verification of certificates that using the ECC algorithm Windows try to verify previously verified certificates from the certificate cache and while doing this, it only checks whether the public keys of the certificates are identical and does not check other parameters Mathematical deta

Documentation and scripts to properly enable Windows event logs.

Yamato Security's Windows Event Log Configuration Guide For DFIR And Threat Hunting [ English ] | [日本語] This is yet another guide on properly configuring and monitoring Windows event logs with an emphasis on logging for sigma rules This is a work in progress, so check back please periodically for updates TLDR You can only use around 10~20% of sigma detection

SystemSecurity-ReverseAnalysis 该资源为系统安全和逆向分析实验，包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本。主要以实例为主，安全工具推荐大家购买正版使用，基础性文章，希望对您有所帮助~ 声明：本人坚决反对利用教学方法进行犯罪的行为，一切犯罪行为必将受到严�

CSI SIEM

Malcolm CSI-SIEM using Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using li

proof of concept for CVE-2020-0601

CVE-2020-0601 proof of concept A fun proof of concept to create your own root CA and signed certificate based on the CVE-2020-0601 vulnerability in Windows 10 The basis for the issue is the CertGetCertificateChain() method improperly validated root certificate authorities Since the search for a signing certificate within the trust store can be expensive, Microsoft implemented

zeekweek-2021 See githubcom/zeek/zeek-training ('21) docker pull zeekurity/zeek-training-2021 docker run -it zeekurity/zeek-training-2021 bash training 1 - Fatema BW, Keith Lehigh zeek -Cr /capturepcap local zeek -Cr /modbuspcap protocols/modbus/track-memmapzeek zeek -Cr /capturepcap local -e 'redef Site::loca

A Windows Crypto Exploit

CVE-2020-0601 CVE-2020-0601 - A Windows Crypto Exploit

PoC for CVE-2020-0601 vulnerability (Code Signing)

CurveballCertTool (CVE-2020-0601) This automated bash script for Code Signing was created using this repository: githubcom/ollypwn/CurveBall Please use this script for educational purposes only Requirements openssl ruby osslsigncode Usage /CurveballCertToolsh -c: Create new "legit" certificate /CurveballCertToolsh -s: Sign executable Example

Curated list of CVE-2020-0601 resources

ChainOfFools AKA CurveBall AKA CVE-2020-0601 Collection of CVE-2020-0601 (#ChainOfFools | #CurveBall) resources General A summary from the NSA advisory states NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows®1 cryptographic functionality The certificate validation vulnerability allows an attacker to undermine how Windows verifies cr

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall

CVE-2020-0601 PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32dll) POC: githubcom/ollypwn/CurveBall On kali: 1Make PKCS12 file openssl req -new -x509 -key spoofed_cakey -out spoofed_cacrt openssl ecparam -name secp384r1 -genkey -noout -out Microsoftkey openssl req -new -key Microsoftkey -out Microsoftcsr -config openssl_csconf -reqexts v3_cs openssl x509 -

CVE-2020-0601-spoofkey To see how to Make Spoofed Key and Signing the code REQ: openssl, mainrb(which i uplaoded) VISIT : twittercom/exploitblizzard

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified ECC relies on different parameters These parameters are standardized for many curves However, Microsoft didn't check all these parameters The parameter G (the gen

CVE-2020-0601 #curveball - Alternative Key Calculator

curveball CVE-2020-0601 #curveball - Alternative Key Calculator Build Windows Visual Studio 2012 or >, then build the solution Linux / Unix cc altkeyc -lcrypto -o altkey Usage Usage: altkey ec_public_certificatepem [ec_new_privatekeypem] Example C:\security\curveball\Release>altkey \public\CACA93B9D23D2B6FA76E8B8471931E0DF3EC6F63AF3CDBB936C41954A1872326crt

CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall/ChainOfFools)

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601: Also known as CurveBall or ChainOffFools, is a vulnerability in the Microsoft CryptoApi (specificly in Crypt32dll) where elliptic curve signatures (ECDSA) of certificates is not correctly verified There is a very nice blog post here which explains the issue very neatly This should only be used for educational and researching pur

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

yara-rules A collection of YARA rules from the folks at InQuest we wish to share with the world These rules should not be considered production appropriate Rather, they are valuable for research and hunting purposes See also: githubcom/InQuest/yara-rules-vt 📖 githubcom/InQuest/awesome-yara 🏆🥇 labsinquestnet 🥼🔬🧪 yaramatec

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified ECC relies on different parameters These parameters are standardized for many curves However, Microsoft didn't check all these parameters The parameter G (the gen

CVE-2020-0601 proof of concept

Basic Info The source code of this tool is supposed to help with understanding of CVE-2020-0601 vulnerability discovered in Windows Crypto API, see CERT's overview The tool itself can be used to produce a certificate for an arbitrary domain which will be signed by an evil certificate authority This tool produces evil CA with the same public key as the one provided on com

Malcolm CSI-SIEM using Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs These artifacts can be uploaded via a simple browser-based interface or captured live and forwarded to Malcolm using li

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall

CVE-2020-0601 PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32dll) POC: githubcom/ollypwn/CurveBall On kali: 1Make PKCS12 file openssl req -new -x509 -key spoofed_cakey -out spoofed_cacrt openssl ecparam -name secp384r1 -genkey -noout -out Microsoftkey openssl req -new -key Microsoftkey -out Microsoftcsr -config openssl_csconf -reqexts v3_cs openssl x509 -

CTF-Katana John Hammond | February 1st, 2018 This repository, at the time of writing, will just host a listing of tools and commands that may help with CTF challenges I hope to keep it as a "live document," and ideally it will not die out like the old "tools" page I had made (githubcom/USCGA/tools) The formal tool that automates some of this lo

Collection of PowerShell functinos and scripts a Blue Teamer might use

PowerShell-Blue-Team Collection of PowerShell functions and scripts a Blue Teamer might use Watch-PortScanps1 This cmdlet is used to discover attemtped port scans on a device It runs on an infinite loop This cmdlet can be used to send an email alert containing the log information, it can automatically added a source IP addresses accused of port scanning to the Windows Fi

Yet Another Link Repo. Mainly Security Links

Robs-Links Mostly Cybersecurity related, however not all Malware Related Link Description sslblabusech/ Malware related ssl certs githubcom/guardicore/monkey Infection Monkey - Automated testing urlhausabusech/ Malware Repo triage/reports/public Malware Repo Testing Disto Link Description testaspnetvulnwebc

这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，理解ECC算法、Windows验证机制，并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者，自己确实很菜，但希望坚持下去，加油！

CVE-2020-0601-EXP 这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，理解ECC算法、Windows验证机制，并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者，自己确实很菜，但希望坚持下去，加油！ 这篇文章将分享微软证

PoC for CVE-2020-0601 - CryptoAPI exploit

Curveball A PoC for CVE-2020-0601 A detailed blog post can be found here This exploit allows you to create a fake trusted certificate by abusing how CryptoAPI handles certain parameters on ECC based certificates Setup Clone the repository and open it in Visual Studio 2019 Switch to Release and compile it You can find prebuilt binaries here Usage \Curveballexe MicrosoftE

CurveBall CVE exploitation

CVE-2020-0601 : CurveBall CVE exploitation This ruby script can be used to spoof a legit certificate authority and generat a certificate that will be considered valid for Windows computer affected by the CurveBall vulnerability You need to get a certificate comming from the certificate authority you want to spoof Then, you can run the script with the following command : ruby

该资源为系统安全和逆向分析实验，包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本，基础性文章，希望对您有所帮助~

SystemSecurity-ReverseAnalysis 该资源为系统安全和逆向分析实验，包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本。主要以实例为主，安全工具推荐大家购买正版使用，基础性文章，希望对您有所帮助~ 声明：本人坚决反对利用教学方法进行犯罪的行为，一切犯罪行为必将受到严�

Yamato Security's Ultimate Windows Event Log Configuration Guide For DFIR And Threat Hunting [ English ] | [日本語] This is yet another guide on properly configuring and monitoring Windows event logs with an emphasis on logging for sigma rules This is a work in progress, so check back please periodically for updates TLDR You can only use around 10~20% of sigma d

CVE-2020-0601 I give full credit to githubcom/kudelskisecurity/chainoffools This fork just adds a Dockerfile which creates a pre-configured environment and a bash script that creates the certificates and key I have also included a simple Python server and client to test the certificates 💿 Build Docker Image docker build -t cve-2020-0601

CurveBall (CVE-2020-0601) - PoC This vulnerability, known as CurveBall, is due to invalid verification of certificates that using the ECC algorithm Windows try to verify previously verified certificates from the certificate cache and while doing this, it only checks whether the public keys of the certificates are identical and does not check other parameters Mathematical deta

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections.

CurveBall (CVE-2020-0601) - ECC/Po2 EXPLOIT CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified ECC relies on different parameters Standardized parameters are used for many curves However, Microsoft didn't check all these parameters like the geniu

Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts

Zeek test script for CVE-2020-0601 This script can detect exploit attempts for CVE-2020-0601 It performs a check to see if a known curve is used in a certificate - if this is not the case a notice is raised Example notice in noticelog: 1579043477791522 CHhAvVGS1DHFjwGM9 19224120949 46110 19224120221 4433 F37z6n1B8zn1fZjpj application/x-x509-user-cert 19224120221:44

CTF-Katana John Hammond | February 1st, 2018 This repository, at the time of writing, will just host a listing of tools and commands that may help with CTF challenges I hope to keep it as a "live document," and ideally it will not die out like the old "tools" page I had made (githubcom/USCGA/tools) The formal tool that automates some of this lo

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified ECC relies on different parameters These parameters are standardized for many curves However, Microsoft didn't check all these parameters The parameter G (the gen

Config files for my GitHub profile.

Yojimbo Security Introduction 👋 Hi, I’m @YojimboSecurity 👀 I’m interested in Information Security, Python, and Go 🌱 I’m currently learning Elixir 💞️ I’m looking to collaborate on anything 📫 How to reach me david@yojimbosecurityninja 📚 I’m a Python Developer and Security Researcher Blog posts Detecting Cobalt Strike Mitre T

A collection of zeek detection scripts

Bro/Zeek Detection Script Collection A collection of bro/zeek detection scripts This is just a list Detection of techniques Mitre BZAR Detection of Long Connections Ransomware Filenames PingBack Cryptomining Detection of Vulnerabilities CVE-2020-0601 0xxon CVE-2020-1472 - Zerologon Corelight CVE-2020-12695 - CallStranger Corelight CVE-2020-13777 0xxon Threat I

Zeek package to detect CVE-2020-0601

Zeek test script for CVE-2020-0601 This script can detect exploit attempts for CVE-2020-0601 It performs a simple check to see if a known curve is used in a certificate - if this is not the case a notice is raised Example notice in noticelog: 1579043477791522 CHhAvVGS1DHFjwGM9 19224120949 46110 19224120221 4433 F37z6n1B8zn1fZjpj application/x-x509-user-cert 19224120

DeepCASE Dataset This research uses two datasets for its evaluation: Lastline dataset HDFS dataset Lastline dataset The real-world Lastline dataset consists of 20 international organizations that use 395 detectors to monitor 388K devices* This resulted in 105M security events for 291 unique types of security events collected over a 5-month period Events include policy vi

DeepCASE Dataset This research uses two datasets for its evaluation: Lastline dataset HDFS dataset Lastline dataset The real-world Lastline dataset consists of 20 international organizations that use 395 detectors to monitor 388K devices* This resulted in 105M security events for 291 unique types of security events collected over a 5-month period Events include policy vi

Important security information regarding the CheatBreaker Client.

Security Advisory This repository contains important security information regarding CheatBreaker General Information CheatBreaker is NOT currently available to the public We highly recommend that you do NOT download any files claiming to be CheatBreaker Many people have created viruses and other malicious programs while pretending to be our official software We do NOT have

Recopilacion de sitios de referencia de diferentes ambitos

Sitios Web de Referencia o Consulta Pentest Pentesting Cheatsheets - githubcom/Kitsun3Sec/Pentest-Cheat-Sheets Pentesting Cheatsheets - iredteam/offensive-security-experiments/offensive-security-cheetsheets tips tipicos pentest - mediumcom/bug-bounty-hunting/beginner-tips-to-own-boxes-at-hackthebox-9ae3fec92a96 Tecnicas variadas - bitvi

StarlightCTF is a repository containing notes pointing to ideas and resources It's purpose is to help the user (usually me) to find solutions to security-related challenges and provide some tools to use when offline The resources that I use most often are marked with a heart ❤️ symbol This database was inspired by CTF Katana (unmaintained) and HackTricks (pentest-or