CTF challenges I created 🚩

Jnitrace for cpp

RunasCs - Csharp and open version of windows builtin runas.exe

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

The Internets #1 Subdomain Takeover Tool

This is a opensource repo about how to detect android malware using Random Forest Classifier and explain it use linearsvc.

All about bug bounty (bypasses, payloads, and etc)

declutters url lists for crawling/pentesting

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.

A cheat sheet for attacking SQLite via SQLi

Top disclosed reports from HackerOne

SAEG: Stateful Automatic Exploit Generation, an AEG framework for CGC / RHG and pwnable CTF challenges.

Conference presentation slides

Prototype Pollution and useful Script Gadgets

Subdomain takeover vulnerability checker

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

how to look for Leaked Credentials !

Blazing fast, advanced Padding Oracle exploit

LFI to RCE tool.

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

BloodyAD is an Active Directory Privilege Escalation Framework

Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

recon for bug hunters

A next-generation crawling and spidering framework.

The recursive internet scanner for hackers. 🧡

ChatGPT DAN, Jailbreaks prompt