Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

QuoteDB (Vulnerable TCP Server)

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

TUDO - A vulnerable PHP Web Application.

Client Side Prototype Pollution Scanner

Raising the Cost of Malicious AI-Powered Image Editing

OSWE Preparation

Python for AWAE (Advanced Web Attacks and Exploitation)

Hand-crafted Frida examples

Learn about a type of vulnerability that specifically targets machine learning models

The notebook for my talk - ChatGPT: Your Red Teaming Ally

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

A list of public penetration test reports published by several consulting firms and academic security groups.

a javascript change monitoring tool for bugbounties

Continuous monitoring for JavaScript files

All about bug bounty (bypasses, payloads, and etc)

A Personal Collection of Infosec Dorks

Vim-fork focused on extensibility and usability

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Keep track of PF NAT records and logging of l3/l4 addresses and duration

Small cherrypy application to manage dns zones.