Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

A curated list of GPT agents for cybersecurity

A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

Fancy reverse and bind shell handler

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information colle…

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

Self-host a ChatGPT-style web interface for Ollama 🦙

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Automating situational awareness for cloud penetration tests.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

A set of Zeek scripts to detect ATT&CK techniques.

A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Useful shortcuts for bash/zsh

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

HTTP parameter discovery suite.

Contextual Content Discovery Tool

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository …

Linux enumeration tool for pentesting and CTFs with verbosity levels

Scripted Local Linux Enumeration & Privilege Escalation Checks

Various *nix tools built as statically-linked binaries

Single-file PHP shell

A list of useful payloads and bypass for Web Application Security and Pentest/CTF