🔍 Explore a comprehensive collection of cybersecurity interview questions and answers, designed for all positions in the field.

The Most Advanced Client-Side Prototype Pollution Scanner

the web security and auditing tool

This is the source code of my website. Feel free to poke around, break things, or contribute if you're feeling helpful.

Advanced browser extension for detecting anti-bot solutions, CAPTCHA services, and web security mechanisms. Identifies 26+ services including Cloudflare, reCAPTCHA, DataDome, PerimeterX & more with confidence scoring.

Caido plugin to cap and split workspace files by size — ideal for proxy files/log uploads with file size limits.

A Caido extension written in Typescript that makes an OPTIONS request and determines if other HTTP methods than the original request are available. If there are other methods available, findings are created on the fly which will be enhanced based on pending further capabilities from the Caido SDK.

A Productivity-Boosting Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing. Built with the Montoya API and modern Kotlin tooling.

NoSQLInsanity: Tool for Security Assesment NoSQL (Linear Search VS Binary Search)

I have no idea how to make it safer: Studying Security and Privacy Mindsets of Browser Extension Developers

js cookie逆向利器：js cookie变动监控可视化工具 & js cookie hook打条件断点

用于快速定位使用jQuery绑定到DOM元素上的事件的代码的真实位置，辅助逆向分析。

Offensive Web is a documentation website about security research, difficult concepts, bypass and new exploitation techniques.

JavaScript逆向脚本开发基础组件：hook事件监听器，侵入接管事件触发逻辑

Z-Vulnerable-Website-Project (ZVP for short) is a project where I try to create a custom vulnerable website for learning and demonstrating common web security flaws.

🎯 Directory Payload List

An HTTP Response fuzzer to find Vulnerabilities in Security Scanners

📚 An ultimate collection wordlists of the best-known CMS

gather Intel using telegram username

javascript逆向开发基础组件，监听window的变化