Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Attack Surface Management Platform

MailHunter is a tool to give you access to the exchange server mails.

A list of public penetration test reports published by several consulting firms and academic security groups.

Web path scanner

Collection of methodology and test case for various web vulnerabilities.

this tool take a list of subdomains and give you the ip for each

Create your Custom Wordlist For Fuzzing

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Fast subdomains enumeration tool for penetration testers

WebPwn3r - Web Applications Security Scanner.

Q&A community platform