This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.

A web based OSINT ressource and tool

GEF - GDB Enhanced Features - bata24's fork

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.

A series of mini-projects used to learn C for beginners

Kubernetes exploitation tool

Visualize and manage your Flipper Zero animations directly from your computer - Flipper Animation Manager

A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

NodeJS bots for challenges

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This tool allows to automatically test for Content Security Policy bypass payloads.

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!