📚 Freely available programming books

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

A swiss army knife for pentesting networks

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Scripts I use during pentest engagements.

Identify privilege escalation paths within and across different clouds

Note: Going through a full re-write of the tooling so the current versions in the repo do not work!