This is a webshell open source project

Awesome Writeups and POCs

Simple "postMessage logger" Chrome extension

Information about web3 security and programming tutorials/tools

Binaries for the book Practical Malware Analysis

A mission to breakout every single solidity vuln I come across and categorize it

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Penetration tests guide based on OWASP including test cases, resources and examples.

A curated list of awesome Ethereum security references

The Web3 Security Resources Hub is a comprehensive collection of curated tools, guides, and best practices for securing decentralized systems and smart contracts in the blockchain space.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location

This script is intended to automate your reconnaissance process in an organized fashion

Take a list of domains and probe for working HTTP and HTTPS servers

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A list of Reverse Engineering articles, books, and papers

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A weekly challenge where we share some code and you find a bug in it.

PostMessage extension

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.

Official OWASP Top 10 Document Repository

The Black Hat Bash book repository

Organized list of my malware development resources