The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

A list of interesting payloads, tips and tricks for bug bounty hunters.

Automatic SSRF fuzzer and exploitation tool

Dynamically invoke arbitrary unmanaged code

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

Run PowerShell command without invoking powershell.exe

XNTSV program for detailed viewing of system structures for Windows.

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

My conference presentations and Materials for them.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Top Ten Web Hacking Techniques List

OWASP API Security Project

GTRS - Google Translator Reverse Shell

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.