A complete learning path from fundamentals to advanced exploitation (Android Application Security & Mobile Pentesting Roadmap)

Educational / research tool related to React / Next.js vulnerability CVE‑2025‑55182 (“React2Shell”).

WSUS scanner, security tools, patch level detection, Windows Server Update Services, WSUS vulnerability, sysadmin tools, cybersecurity, network scanner, Python security script, IT infrastructure se…

A powerful Python tool for downloading historical files (PDF, JPG, PNG, CSS, JS, etc.) from the Internet Archive Wayback Machine with support for SOCKS5 proxies, retry logic, random User-Agent rota…

Instal MTKClient at Window 'os

CVE‑2025‑25257 is a critical pre-authentication SQL injection vulnerability affecting Fortinet FortiWeb’s

This repository provides a deeply detailed roadmap for identifying, simulating, and mitigating security vulnerabilities in PHP 8-based payment systems. It is designed for security testers, PHP deve…

Install From Media - A PowerShell script to generate an Install From Media (IFM) backup of Active Directory using ntdsutil. Useful for deploying additional Domain Controllers without relying on net…

WordPress FEUP Arbitrary File Upload Exploit (CVE-2025-2005)

A simple DNS-based remote command execution (RCE) tool that allows a client to send commands to a server using DNS queries. The tool encrypts the commands, sends them to the server, and then decryp…

This vulnerability is of the "double-free" type, which occurs during the processing of key exchange (KEX) algorithms in OpenSSH. A "double-free" vulnerability happens when memory that has already b…

Obfuscation Script for PowerShell Commands

CVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service

An automated tool for discovering vulnerabilities in GraphQL applications through fuzzing techniques, including OS Command Injection and XSS, with a focus on OWASP Top Ten vulnerabilities.

Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709

WAFManis is a Protocol-Level WAF Evasion Fuzzing Tool that automates the discovery of evasion vulnerabilities in Web Application Firewalls (WAFs) by fuzzing HTTP requests to identify potential bypa…

DNS Spoofing Tool simulates TuDoor attacks by crafting and sending malicious DNS responses to exploit vulnerabilities in DNS resolution, allowing users to test and evaluate DNS security measures.

0day-mikrotik is a security tool designed to identify and exploit vulnerabilities in MikroTik routers, enabling security researchers to assess the resilience of their network infrastructure.

Life is full of moments you can learn from, but don’t just rush past them like I do.

regreSSHion is a security tool designed to test for vulnerabilities related to CVE-2024-6387, specifically focusing on SSH and remote access exploitation.

Browser 9 WINDOWS 7 Portable

webservice_upload_photo_base64 is a web service that allows users to upload images encoded in Base64 format, simplifying the process of handling image uploads in web applications.

webservice_upload_photo_base64 is a web service that allows users to upload images encoded in Base64 format, simplifying the process of handling image uploads in web applications.