JIRA"YA is a vulnerability analyzer for JIRA instances. It runs active scans to identify vulnerabilities by interacting with the host and conducting tests.

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks

Complete list of LPE exploits for Windows (starting from 2023)

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

A collection of Server-Side Prototype Pollution gadgets and exploits

Example of passing file descriptors into a container to perform a privilege escalation on the host

AI Substitutor is an extension for Burp Suite that uses AI functionality to substitute values of HTTP request parameters and headers.

Dev podkop

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

a rep for documenting my study, may be from 0 to 0.1

su18 ysoserial

Simple and accurate guide for linux privilege escalation tactics

MySQL fake server for read files of connected clients

A collection of statically compiled tools like Nmap and Socat.

Exploits targeting Symfony

The first standalone .NET decompiler for Mac, Linux and Windows

An MS Sharepoint and Frontpage Auditing Tool

Exploiting XXE Vulnerabilities on Microsoft SharePoint Server and Cloud via Confused URL Parsing

Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

A library for detecting known secrets across many web frameworks

Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()

Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)

Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.

Extract URLs, paths, secrets, and other interesting bits from JavaScript

The recursive internet scanner for hackers. 🧡

Maintains a list of IPv4 DNS servers by verifying them against baseline servers, and ensuring accurate responses.

The most exhaustive list of reliable DNS resolvers.