A proper well structured documentation for getting started with chrome pwning & v8 pwning

GoogleTest - Google Testing and Mocking Framework

Open Redirect Vulnerability Payload List

Because just a dark theme wasn't enough!

Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec …

A Zsh theme

Making Favicon.ico based Recon Great again !

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

PowerSploit - A PowerShell Post-Exploitation Framework

Why fuzzing with emulators is amazing

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

📙 OSCP Exam Report Template in Markdown

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the…

Fast web fuzzer written in Go

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A tool for reverse engineering Android apk files

👻Impost3r -- A linux password thief

A collection of tiny XSS Payloads that can be used in different contexts.

A swiss army knife for pentesting networks

The Pwning Machine

One liner regex match to search inside JS files, using curl and grep!

Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomains to enumerate a list of subdomains for a given URL.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Metasploit Framework

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

A collection of all the data i could extract from 1 billion leaked credentials from internet.