AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.

SSH tarpit that slowly sends an endless banner

Various *nix tools built as statically-linked binaries

Tiny SHell is an open-source UNIX backdoor.

Hand-crafted Frida examples

The best tool for finding one gadget RCE in libc.so.6

Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.

Web application fuzzer

CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

📖 A collection of pure bash alternatives to external processes.

Faker is a Python package that generates fake data for you.

European Cyber Security Challenge Gameboard

Magic hashes – PHP hash "collisions"

Google Search Scraper

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

For Interview, OSCP proof of concept code during the course.

Hash collisions and exploitations

Some of the scripts I use.

A script that you can run in the background!

Fuzzing Payloads to Assist in Web Application Testing.

Ftring: Flag-Based String Generator, an obfuscator.

Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.

Vulnx 🕷️ Cms and vulnerabilites detector, & An intelligent bot auto shell injector

What do we say to JavaScript? Not today! motherfuckingwebsite.com inspired CTF platform.

Pre-Built Vulnerable Environments Based on Docker-Compose