OWASP Foundation web repository

My bachelor thesis

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

Ghidra is a software reverse engineering (SRE) framework

The SpecterOps project management and reporting engine

Scripts for the Ghidra software reverse engineering suite.

Pre-Built Vulnerable Environments Based on Docker-Compose

UNIX-like reverse engineering framework and command-line toolset

[WIP] Crappy iOS app analyzer

Full featured multi arch/os debugger built on top of PyQt5 and frida

[Deprecated] Iceman Fork, the most totally wicked fork around if you are into proxmark3

Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.

Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit

Extract hidden data from pdf files

Mallet is an intercepting proxy for arbitrary protocols

.NET deobfuscator and unpacker.

.NET debugger and assembly editor

Windows / Linux Local Privilege Escalation Workshop

Big Iron Recon & Pwnage

Clone this repo to build Frida

📱 objection - runtime mobile exploration

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Burp Suite Attack Selector Plugin

WarBerryPi - Tactical Exploitation

Look-Ahead Java Deserialization Library

idb is a tool to simplify some common tasks for iOS pentesting and research