Skip to content
View GhostOverflow's full-sized avatar
:electron:
:electron:
3 followers · 1 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report GhostOverflow

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
GhostOverflow/README.md

GhostOverflow

I break into things for the sake of understanding them. Web apps, Active Directory environments, C2 operations. If there's an attack surface, I'm interested in it. Right now I'm pushing deeper into red team tradecraft, cloud security, and where AI fits into offensive tooling.

  • HTB Certified Penetration Testing Specialist (CPTS)
  • INE Certified Cloud Associate (ICCA)
  • eLearnSecurity Junior Penetration Tester (eJPT)
  • CompTIA Security+
  • CompTIA Network+

Discord: @ghostoverflow

Pinned Loading

  1. CVE-2024-28397-command-execution-poc CVE-2024-28397-command-execution-poc Public

    This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Python’s internal object model and access dangerous classes like subprocess.Popen, leading to ar…

    JavaScript 5 2

  2. ShadowLedger ShadowLedger Public

    Python 1

  3. AES-zip-bruteforcing-script AES-zip-bruteforcing-script Public

    This script tries to decyrpt an AES encrypted zip file by perfroming a dictionary attack

    Python

  4. Python-HMAC-Signing-Proxy Python-HMAC-Signing-Proxy Public

    A Custom proxy written in Python that automatically calculates the SHA-256 HMAC signature of the request payload and appends it in the header.

    Python