Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Enumerate the permissions associated with AWS credential set

☠️ Delightful Node.js packages useful for penetration testing, exploiting, reverse engineer, cryptography ...

💻 Netcat client and server modules written in pure Javascript for Node.js.

Get the default network gateway, cross-platform.

🐙 Guides, papers, lecture, notebooks and resources for prompt engineering

This repository contains a collection of scripts and tools that I have written to solve various problems that I have come across.

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

Playground (and dump) of stuff I make or modify for the Flipper Zero

The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!

Brute force subghz fixed codes using flipper zero

BlueHound - pinpoint the security issues that actually matter

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness,…

A curated list of awesome Nim frameworks, libraries, software and resources.

Tool to unlock the bootloader and enable Root Access on Windows Phones

Fileless Command Execution for Lateral Movement in Nim

Callisto - An Intelligent Binary Vulnerability Analysis Tool

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

A GPT-empowered penetration testing tool

Set of python scripts which perform different ways of command execution via WMI protocol.

ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing,…

Program to decode radio transmissions from devices on the ISM bands (and other frequencies)