The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Getting a handle on container security

A curated list of CTF frameworks, libraries, resources and softwares

Windows Privilege Escalation Techniques and Scripts

A little tool to play with Windows security

A swiss army knife for pentesting networks

ezXSS is an easy way to test (blind) XSS

Phishing Campaign Toolkit

Windows / Linux Local Privilege Escalation Workshop

Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

A static analyzer for Java, C, C++, and Objective-C

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

SimplE RePort wrIting and COllaboration tool

An extensible multilanguage static code analyzer.

Static analysis tools for all programming languages

Automated Penetration Testing Framework

REST/JSON API to the Burp Suite security tool.

Security Knowledge Framework (SKF) Python Flask / Angular project

Hacker101

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Application Security Automation

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Reconnaissance Swiss Army Knife

a package of Pentest scripts I have made or commonly use

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A container repository for my public web hacks!