Ty Anderson

**Describe the bug** `detect --source` doesn't allow ~/ (tilde slash) **To Reproduce** `./gitleaks detect --source ~/cloned_repo` **Expected behavior** source param should be able to read `~` as home dir. it...

Support SimpleSAMLphp Nov2019 auth bypass vuln

3

The popular SAML library SimpleSAMLphp had an auth bypass vuln in Nov 2019 [here](https://simplesamlphp.org/security/201911-01). This is a novel XSW attack that could be added into SAMLRaider functionality. I was able...

hi takito1812, im a red teamer looking to build a red teaming environment for practicing exploitation, evasion, c2, lateral, etc. I haven't really found any suitable solutions out there that...

We need defensive monitoring

2

To simulate a real-world corporate network, we need defensive capabilities (monitoring, AV, EDR, alerts, etc...). Like an automated SOC that fires off alerts so that we Red Teamers can see...

Here's a list of common software I see at companies. You can almost always find a vulnerable version to deploy to make it fun ;) - Jenkins - Github (internal...

New vulnerable machines should follow these standards: - add a new dir for your machine/service - add a Dockerfile and add the machine/service into the main docker-compose file - add...