Skip to content

@BishopFox Bishop Fox

Change the repository type filter

All

    Repositories list

    87 repositories

    • cloudfox

      Public
      Automating situational awareness for cloud penetration tests.
      golangawssecurity
      golangawssecuritycloudcloud-securitypenetration-testing-tools
      Go
      MIT License
      2302.4k61Updated May 19, 2026May 19, 2026

    • joro

      Public
      A collaborative web exploitation framework.
      Go
      GNU General Public License v3.0
      0900Updated May 14, 2026May 14, 2026

    • sj

      Public
      A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
      Go
      MIT License
      11284530Updated May 13, 2026May 13, 2026

    • cirro

      Public
      Creating attacks paths across management and data planes
      Rust
      GNU General Public License v3.0
      25300Updated May 12, 2026May 12, 2026

    • sliver

      Public
      Adversary Emulation Framework
      dnsgolanghttp
      dnsgolanghttpgplv3dns-serversliverred-teamsecurity-toolsc2red-team-engagement
      Go
      GNU General Public License v3.0
      1.5k11k1976Updated May 7, 2026May 7, 2026

    • cloudfoxable

      Public
      Create your own vulnerable by design AWS penetration testing playground
      Python
      MIT License
      5144910Updated May 1, 2026May 1, 2026

    • aimap

      Public
      Discover Exposed AI Services
      Python
      MIT License
      2411610Updated Apr 28, 2026Apr 28, 2026

    • otto-support

      Public
      An implementation of a vulnerable MCP server using mcp-go
      Go
      GNU General Public License v3.0
      01000Updated Apr 21, 2026Apr 21, 2026

    • install-aws-cli-action

      Public
      Install AWS CLI on a GitHub Actions Linux host
      Shell
      MIT License
      39200Updated Apr 13, 2026Apr 13, 2026

    • cirro-azcli-ext

      Public
      Azure CLI extension for Cirro collection
      Python
      Apache License 2.0
      1600Updated Apr 10, 2026Apr 10, 2026

    • aws-signing

      Public
      CLI that allows user to submit http requests using AWS request signing
      engineering
      engineering
      Go
      MIT License
      7600Updated Apr 10, 2026Apr 10, 2026

    • cirrodash

      Public
      Dashboard for Cirro
      TypeScript
      GNU General Public License v3.0
      11100Updated Apr 7, 2026Apr 7, 2026

    • CVE-2026-35616-check

      Public
      Python
      MIT License
      0100Updated Apr 6, 2026Apr 6, 2026

    • CVE-2026-25075-check

      Public
      Python
      MIT License
      0200Updated Mar 26, 2026Mar 26, 2026

    • iam-vulnerable

      Public
      Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
      HCL
      MIT License
      10456800Updated Mar 12, 2026Mar 12, 2026

    • eyeballer

      Public
      Convolutional neural network for analyzing pentest screenshots
      pythonmachine-learningai
      pythonmachine-learningaitensorflowsecurity-toolspentesting-tools
      Python
      GNU General Public License v3.0
      1471.3k83Updated Mar 8, 2026Mar 8, 2026

    • badPods

      Public
      A collection of manifests that will create pods with elevated privileges.
      kubernetessecurityassessment
      kubernetessecurityassessmentpenetration-testingexploitationpodspecpodsprivilegedhostpathhostpid
      Shell
      MIT License
      11969910Updated Dec 30, 2025Dec 30, 2025

    • awsservicemap

      Public
      Go module that returns supported regions for a service or supported services for a region
      Go
      MIT License
      61800Updated Dec 12, 2025Dec 12, 2025

    • CVE-2025-6980-check

      Public
      Safely test Arista NGFW for information disclosure
      Python
      MIT License
      0300Updated Dec 4, 2025Dec 4, 2025

    • fortiweb-auth-bypass-check

      Public
      Python
      MIT License
      0500Updated Dec 3, 2025Dec 3, 2025

    • shining-mask

      Public
      Python
      01200Updated Oct 30, 2025Oct 30, 2025

    • raink

      Public
      Use LLMs for document ranking
      Go
      MIT License
      617130Updated Apr 17, 2025Apr 17, 2025

    • sonicrack

      Public
      Decrypt encrypted SonicOSX firmware images
      Python
      GNU General Public License v3.0
      32000Updated Feb 24, 2025Feb 24, 2025

    • BrokenHill

      Public
      A productionized greedy coordinate gradient (GCG) attack tool for large language models (LLMs)
      Python
      MIT License
      2316121Updated Dec 18, 2024Dec 18, 2024

    • local-llm-ctf

      Public
      A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow
      Go
      MIT License
      01700Updated Sep 10, 2024Sep 10, 2024

    • cve-2024-21762-check

      Public
      Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
      Python
      GNU General Public License v3.0
      1710731Updated Jul 5, 2024Jul 5, 2024

    • jsluice

      Public
      Extract URLs, paths, secrets, and other interesting bits from JavaScript
      javascriptsecurity
      javascriptsecurity
      Go
      MIT License
      1391.8k82Updated May 22, 2024May 22, 2024

    • gcp-terraform-cloud-connector

      Public
      This repo provides a terraform module for customers looking to implement Google Cloud connector support for Bishop Fox Cosmos
      HCL
      Apache License 2.0
      0100Updated May 20, 2024May 20, 2024

    • CVE-2023-27997-check

      Public
      Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
      Python
      GNU General Public License v3.0
      2413400Updated May 8, 2024May 8, 2024

    • unredacter

      Public
      Never ever ever use pixelation as a redaction technique
      TypeScript
      GNU General Public License v3.0
      8058.3k2213Updated Mar 15, 2024Mar 15, 2024
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.