Pentest Report Generator

An NFC research toolkit application for Android

Record and replay RF433Mhz signals on an ESP8266, using the Arduino IDE.

Fast and small flat file CMS (5 files). Built with PHP, JSON database.

The New Relic PHP Agent

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

A device built with an Arduino board that captures wireless signals and replays them at specific frequencies. It supports operation at 433 MHz or 315 MHz frequencies for various signal applications.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Cross-Platform Android Remote Administration Tool | Official maintained repository for the AhMyth R.A.T Project | A dedicated revival of the original repository at https://GitHub.com/AhMyth/AhMyth-…

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP…

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13

A simplified Jira clone built with React/Babel (Client), and Node/TypeScript (API). Auto formatted with Prettier, tested with Cypress.

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Microsoft Security Guidance

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

An intentionally vulnerable Android Application to demonstrate various vulnerabilities that airses in Android Components.

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

The Deepfake Offensive Toolkit

Automation to assess the state of your M365 tenant against CISA's baselines

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.

Exploit app for CVE-2022-20494, a high severity permanent denial-of-service vulnerability that leverages Android's DND (Do not disturb) feature

A collection of OSX and iOS security resources