poc

RFI to XSS and Open redirect

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

portscanner

A PortScanner for various plattforms

posts

Temporary dump of posts I eventually plan to publish on a proper site

privilege-escalation

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

privilege-escalation-awesome-scripts-suite

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

prototype-pollution-nsec18

Content released at NorthSec 2018 for my talk on prototype pollution

python-learning

Just Simple Tools

python-scripts

some scripts for penetration testing

python_basics

:snake: Syntax, working with Shell commands, Files, Text Processing, and more...

quark-script

Collections of Quark Script that detect vulnerabilities in the binaries.

recon_profile

reconftw

Simple script for full recon

reconnotes

Just some public notes that can be useful and i want let the world knows.

reflection-public

rengine

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

repo0a

repo7

repo9

reverse-engineering-tutorial

A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

s3_vulr

This tools is use for finding AWS S3 bucket vulrnablity base on hackerone report. Idea of making this tool came from Hackerone report "https://hackerone.com/reports/128088"

s3brute

s3 brute force tool

scanner

A lightweight Go-based port scanner that swiftly identifies open ports on specified IP addresses or hosts. It employs concurrent routines for efficient and accurate port identification, providing customizable port range options and supporting both TCP and UDP protocols.

scope-monitor

Burp Suite Extension to monitor new scope

security-tools

Collection of small security tools created mostly in Python. CTFs, pentests and so on

server-status_pwn

A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.

springshodanbash

Bash Script for Enumerating Spring Applications

spy0x7

spy0x7.github.io