Hash collisions and exploitations

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Making Favicon.ico based Recon Great again !

Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A list of interesting payloads, tips and tricks for bug bounty hunters.

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

Take a list of domains and probe for working HTTP and HTTPS servers

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Store SSH keys in the Secure Enclave

A lightweight, one line setup, iOS / OSX network debugging library! 🦊

🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.

Massive Mobile Security Framework

Codeless drop-in universal library allows to prevent issues of keyboard sliding up and cover UITextField/UITextView. Neither need to write any code nor any setup required and much more.

Elegant HTTP Networking in Swift

Swift library to generate differences and patches between collections.

A clean and easy-to-use floating panel UI component for iOS

Simple Swift wrapper for Keychain that works on iOS, watchOS, tvOS and macOS.

CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift

Hot Reloading for Swift applications!

Strong typed, autocompleted resources like images, fonts and segues in Swift projects

Replacement for Apple's Reachability re-written in Swift with closures