GoSecure

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Builds malware analysis Windows VMs so that you don't have to.

List DTDs and generate XXE payloads using those local DTDs.

Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

Material from presentations done by GoSecure researchers