Collection of Cyber Threat Intelligence sources from the deep and dark web

Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!

xss development frameworks, with the goal of making payload writing easier.

a javascript change monitoring tool for bugbounties

A Python based ingestor for BloodHound

Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite

This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location "/main/inc/lib/javascript/bigupload/inc/bigUpload.php" in Chamilo LMS <= v1.11.24, …

Not The Hidden Wiki - The largest repository of links related to cybersecurity

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Reverse Shell POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253), PHP Code Injection

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Little user-mode AV/EDR evasion lab for training & learning purposes

Single-file PHP shell

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Conference presentation slides

This script Crawl the website and find the urls that contains html forms.

CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4

⚡️ Quick and easy searching tasks in one library.

Projects for security students

my kali desktop setup

A tool to perform Kerberos pre-auth bruteforcing

Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Hacking Notes

A next-generation crawling and spidering framework.