A wrapper for Wayback CDX that allows to passively enumerate website endpoints based on snapshot/crawl history.

Yet another WordPress XML-RPC endpoint PoC, intended for pentest reporting purposes.

🕵️‍♂️ Azure vulnerability guidelines / checklist compiled from multiple sources. - Akademia WIT 2025

💎 Vulnerability assessment and vulnerability intelligence tool searching for vulnerabilities and exploits using keywords across multiple sources.

Github home page

🥷 Subduer is a subdomain passive reconnaissance tool utilising Playwright and several online providers that gathers subdomains and generates wordlists and reports in multiple formats.

TODO Automated Webdav + Printerbug Shadow Credentials coercing

Reconnaissance, SOCMINT and OSINT framework.

Statistic username dataset for password spray.

⚡Various networking scripts

🔭 A web search panel for default credentials that includes a comprehensive dataset. The dataset contains information on services, vendors, systems, OT and IoT devices, routers, and more.

🪝🐟 Advanced phishing detection, domain name permutation, detecting homograph phishing attacks, typo squatting (and more), and scanning tool.

👻 Cyber Threat Intelligence suite for creating a list of working proxies that obtains, validates, and checks proxy origins. Supports VMESS, HTTPS, and SOCKS.

Work In Progress 📡 Cyber Threat Intelligence suite for collecting, processing, and analyzing breaches, credential leaks, tracing their origins, and generating actionable reports.

📁 Single-file Python server for quick upload/download HTTPS file transfers. No dependencies for HTTP; HTTPS requires only 'cryptography' for self-signed SSL certificates.

👾 Burp Suite request parser, used for aid in assessing application security functionality.

🔒⚡ An AES256-GCM and ZSTD encryption suite for file encryption, decryption, and secure DoD 5220.22-M deletion that supports files, directories and stdin-to-stdout pipelines.

🦮 A cross-platform polyglot lightweight Active Directory overview tool that works everywhere and needs no installation.

📁 Portable cross-platform file upload/download server and a MITM HTTPS reverse proxy written in Rust.

💠 Documented and undocumented WinAPI search.

🌍 🌐 Versatile GEOINT and OSINT tool that allows operators to search for keywords, then visualize events on a map.

🔐 UPLINK is a Rust lightweight (2MB) tool for file transfer and remote management that uses AES-GCM and Envelope Encryption over WebSockets.

e x p l o i t s

🕷️ Spiders web and runs SAST on it.

Factory-default credentials CLI search to rule them all.

Collecting, processing and generating the biggest factory-default credentials dataset.

Undocumented WinAPI collector, collecting functions from various sources. Used for winapi-search project.

An RSA PKCS1 - AES-256-CBC envelope encryption suite.