A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.

Scripts to gather system configuration information for offline/remote auditing

KBOM - Kubernetes Bill of Materials

Interactive roadmaps, guides and other educational content to help developers grow in their careers.

Hardening script for Windows (Domain mode or without domain)

A tool for glamorous shell scripts 🎀

The Score Specification provides a developer-centric and platform-agnostic Workload specification to improve developer productivity and experience. It eliminates configuration inconsistencies betwe…

DevOps Tutorials

eBPF-based Security Observability and Runtime Enforcement

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

List of custom Nuclei templates

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

GNU Sed like Python3 module, to do basic text manipulation functions.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

grep rough audit - source code auditing tool

All about bug bounty (bypasses, payloads, and etc)

BUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔

24 Lessons, 12 Weeks, Get Started as a Web Developer

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

List of Computer Science courses with video lectures.

A list of bookmarks I have used since I started my journey in cyber security

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advan…

A tool for adding new lines to files, skipping duplicates

Fast passive subdomain enumeration tool.