A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

▲ Web services for modern and legacy websites, web apps, e-commerce shops, social and corporate portals, and IoT devices. Made for top-notch experience with monitoring, security, web analytics, SEO, and DevOps in the cloud, virtual, and bare-metal environments

🤖 Telegram Bot written on Python for basic web-app analysis.

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

Repository for my GitBook (CTF writeups)

Tool to bypass 403/40X response codes.

The Clara S. Traversal's classroom is an intermediate level web security challenge (black box) where you will have to exploit both client-side and server-side vulnerability in order to change a student gard. Can you hack the class and get in? Access teacher only features? Do even more than the teacher can? Good luck!

Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.

writeups/solvers for CTF challenges

A tech enumeration toolkit focused on 404 Not found pages.

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

🎯 Directory Payload List

🎯 CSV Injection Payloads

Web Content Discovery Tool

Content Discovery/Directory Brute-forcing using Python3

Find web directories without bruteforce

Discover hidden debugging parameters and uncover web application secrets

The B.L.O.G experiment

Pwnable|Web Security|Cryptography CTF-style challenges

VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.