Skip to content
View stephenbradshaw's full-sized avatar
:octocat:
Working from home
:octocat:
Working from home
169 followers · 7 following

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor
BetaSend feedback

Achievements

Achievement: Pull Sharkx2Achievement: Starstruckx3Achievement: Arctic Code Vault Contributor
BetaSend feedback
Block or Report

Block or report stephenbradshaw

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
stephenbradshaw/README.md

Stephen's Github

This is where I store my public code, most of which is related to my pentesting/security work.

Some of the more interesting items are:

  • My pentesting_stuff repository, which has a website with some simple writeups on niche subjects I sometimes need reminders on, and bits of code too small for their own repo to do various pentesting tasks
  • vulnserver. I wrote this ages ago, its a simple server app that helps you learn software exploitation. Its inexplicably still relatively popular. I have a blog that has some articles describing how to exploit some of the vulnerabilities.
  • breakableflask, a simple single file vulnerable web app that was designed to be used as a target for me to test exploitation tools against. Also works as a learning tool.
  • Ive written new Burp extensions, and modified existing ones in Java and Python. Many have very niche uses, but even though I dont use them very often they do serve as good examples of how to write/modify extensions yourself. Examples here, here, here, here, here, here and here.
  • This is a DNS server I wrote to facilitate the process of obtaining wildcard certificates from LetsEncrypt using the DNS01 protocol. I wanted something small and dedicated to purpose as I was running it on a system that was making several non traditional uses of DNS, including a dedicated Burp Collaborator server and a DNS tunneling service. To help route the DNS requests I also modified this to route DNS requests based on type.

Pinned

  1. pentesting_stuff pentesting_stuff Public

    A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.

    Python 29 9

  2. vulnserver vulnserver Public

    Vulnerable server used for learning software exploitation

    C 955 255

  3. breakableflask breakableflask Public

    Simple vulnearable Flask web application

    Python 27 20

  4. hlextend hlextend Public

    Pure Python hash length extension module

    Python 116 25