Github home page

👾 Burp Suite request parser, used for aid in assessing application security functionality.

Reconnaissance, SOCMINT and OSINT framework.

A wrapper for Wayback CDX

⚡Various networking scripts

📁 Portable cross-platform file upload/download server and a MITM HTTPS reverse proxy written in Rust.

Yet another WordPress XML-RPC endpoint PoC, intended for pentest reporting purposes.

🥷 Subduer is a subdomain passive reconnaissance tool utilising Playwright and several online providers that gathers subdomains and generates wordlists and reports in multiple formats.

Statistic username dataset for password spray.

🪝🐟 Advanced phishing detection, domain name permutation, detecting homograph phishing attacks, typo squatting (and more), and scanning tool.

👻 Cyber Threat Intelligence suite for creating a list of working proxies that obtains, validates, and checks proxy origins. Supports VMESS, HTTPS, and SOCKS.

📁 Single-file Python server for quick upload/download HTTPS file transfers. No dependencies for HTTP; HTTPS requires only 'cryptography' for self-signed SSL certificates.

🔒⚡ An AES256-GCM and ZSTD encryption suite for file encryption, decryption, and secure DoD 5220.22-M deletion that supports files, directories and stdin-to-stdout pipelines.

🦮 A cross-platform polyglot lightweight Active Directory overview tool that works everywhere and needs no installation.

🌍 🌐 Versatile GEOINT and OSINT tool that allows operators to search for keywords, then visualize events on a map.

🔐 UPLINK is a Rust lightweight (2MB) tool for file transfer and remote management that uses AES-GCM and Envelope Encryption over WebSockets.

e x p l o i t s

🕷️ Spiders web and runs SAST on it.

Factory-default credentials CLI search to rule them all.

Collecting, processing and generating the biggest factory-default credentials dataset.

An RSA PKCS1 - AES-256-CBC envelope encryption suite.

📦 Pentest provisioning tool.

New automagic blog

A simple Google HTTPS proxy for reaching API's from browser.