A curated list of annual cyber security reports

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Docker container for managing Nginx proxy hosts with a simple, powerful interface

A simple, retro theme for Hugo

The world’s fastest framework for building websites.

Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.

apkpure.com apk downloader

Tool to get the top android apps for bug bounty purpose

A faster, simpler way to drive browsers supporting the Chrome DevTools Protocol.

A golang http.Transport layer that uses Otto to solve Cloudflare challenges

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

Reconnaissance tool for GitLab and GitHub organizations

Some of my bug bounty tools

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Rainbow table generation & lookup tools. Make Rainbow Tables Great Again!

grep rough audit - source code auditing tool

Mimikatz implementation in pure Python

Asynchronous Python HTTP Requests for Humans using Futures

Linux kernel source tree

Sock Puppet is a tool for creating custom snap packages that leverage the dirtysock vulnerability to exploit snapd

Payload Generator

🌓 Moon is a minimal, one column jekyll theme.

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Python script to download top billboard singles from umdmusic.com

An example code to advertise a device on a network using UPnP/SSDP

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

A script for generating custom passphrase lists to be used for password cracking with hashcat rules