SWE-agent takes a GitHub issue and tries to automatically fix it, using your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges. [NeurIPS 2024]

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Open-source AI agents for penetration testing

Cybersecurity AI (CAI), the framework for AI Security

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

CVE-2025-49844 (RediShell)

Building a Secure and Interoperable Future for AI-Driven Payments.

Linux Kernel Rootkit for modern kernels (6x)

PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC

Just another elf library

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud rev…

A blind XSS detection and XSS data capture framework

Python script for automatically renewing Let's Encrypt certificates on Synology NAS using DNS-01 challenge. Also supports wildcard certificates.

Linux privilege escalation exploits collection.

my knowledge of linux privilege escalation

Crypto Wallet Bruteforce, a tool designed for educational and research purposes to explore the mechanics of crypto wallet generation and balance checking across multiple blockchain networks.

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Bypass-Four03 is a powerful bash tool designed to help testers bypass HTTP 403 forbidden errors through various path and header manipulation techniques. It also includes fuzzing for HTTP methods an…

The AI Browser Automation Framework

Federated query engine for AI - The only MCP Server you'll ever need

Use Wireless Android Auto with a car that supports only wired Android Auto using a Raspberry Pi.

Python tool for converting files and office documents to Markdown.

bluetooth mesh chat, IRC vibes

A Model Context Protocol (MCP) server for querying the CVE-Search API

PoC & Exploit for CVE-2025-32023 / PlaidCTF 2025 "Zerodeo"

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Local Privilege Escalation to Root via Sudo chroot in Linux

Academic research rootkit using ftrace-hooking to hide files and processes via magic word or user/group. Tested until Linux 6.11.

Personal technical learning notes