AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.

SSH tarpit that slowly sends an endless banner

Various *nix tools built as statically-linked binaries

Tiny SHell is an open-source UNIX backdoor.

Hand-crafted Frida examples

The best tool for finding one gadget RCE in libc.so.6

Web application fuzzer

CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Faker is a Python package that generates fake data for you.

Magic hashes – PHP hash "collisions"

Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

For Interview, OSCP proof of concept code during the course.

Hash collisions and exploitations

Some of the scripts I use.

A script that you can run in the background!

Fuzzing Payloads to Assist in Web Application Testing.

Ftring: Flag-Based String Generator, an obfuscator.

Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.

What do we say to JavaScript? Not today! motherfuckingwebsite.com inspired CTF platform.

Pre-Built Vulnerable Environments Based on Docker-Compose

A simple emoji classifier for humans. 🖖

Writeups for the challs I solved

Python bot to automate the Tweeting 😄

Python wrapper for Marvel API

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

Resumes generated using the GitHub informations