Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.

A collection of my Semgrep rules to facilitate vulnerability research.

A simple tool to facilitate practical PoCs of Task Hijacking vulnerabilities on Android apps

A "simple" tool/library that can be used to generate a set of binary payloads according to a template. The payload can be used for fuzzing or unit testing.

The MSAK is a tool written in Python to help discovering and testing exposed standard and custom services of ModBus Servers/Slaves over Serial or TCP/IP connections.

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

An incremental parsing system for programming tools

A C Compiler that fits in the 512 byte boot sector of an x86 machine

c2point - c2 go-based application that uses sharepoint online files (Excel online) as command and control

Clone this repo to build Frida

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Semgrep rules registry

A collection of useful regex patterns

Self hosted search engine for data leaks and password dumps

A fast, multithreaded, ROP-gadget semantics analyzer.

All the mono c exports, ready to be used in frida!

A minimalist command line knowledge base manager