Michael Skelton

Senior Director of Security Operations @ Bugcrowd

Ecosystems: Python, C++, Go, PowerShell, Redis, MongoDB, Linux, Bitcoin, C#, JSON, Ruby

Projects

NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.

Python - Released: 24 Sep 2013 - 2,869

Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Python - Released: 23 Oct 2018 - 1,198

Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Python - Released: 24 Apr 2017 - 2,101

VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Python - Released: 03 Sep 2017 - 1,189

DNSCewl

A DNS Bruteforcing Wordlist Generator

C++ - Released: 19 Aug 2019 - 347

dorky

A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon

Go - Released: 15 Jul 2019 - 225

Minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Python - Released: 30 Jan 2018 - 196

bbr

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Go - Released: 20 Jun 2019 - 206

Ransomware-Json-Dataset

Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ransomware.

Python - Released: 27 Feb 2017 - 68

Retrieve-Windows-Wifi-Passwords

Retreives the SSID names and passwords in cleartext for each Wifi network stored on the computer running this powershell script and output to JSON.

PowerShell - Released: 03 Jul 2017 - 79

dooked

DNS and Target HTTP History Local Storage and Search

C++ - Released: 13 Feb 2021 - 63

microsubs

A collection of code for interacting with API sources directly to improve your understanding of those services.

C++ - Released: 11 Dec 2020 - 66

fastsub

A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.

C++ - Released: 25 Apr 2022 - 55

SharePoint-Security

A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.

PowerShell - Released: 11 Apr 2018 - 45

simple

A collection of one off hacks and simple scripts

Go - Released: 08 Mar 2023 - 26

cracknet

A .net Crackme Challenge made for the SecTalks Brisbane 2017 Capture the Flag Event. Writeup/solution included.

C# - Released: 10 Apr 2017 - 20

succinct

A tool to create a text summary of a provided list of websites

Go - Released: 21 Mar 2023 - 9

codingo.github.io

Ruby - Released: 07 Jul 2017 - 2

RaiderOfTheLostBrowsers

Command line utility to extract passwords from the major browsers (Chrome, Firefox, Edge). Useful in demonstrating to users the importance of using proper password managers instead of saving credentials in browser based accounts which synchronize settings locally.

Python - Released: 05 Mar 2017 - 5