Lists (6)
Bug Bounty
CVE PoC Implementations
Enhanced and refactored CVE proof-of-concepts with improved code quality, multi-language implementations, and better exploit logicLegacy
Archived ML/DL projects and experiments from my earlier self-projects before shifting to cybersecurity.My Pentesting Tools
Custom-built penetration testing tools for enumeration, credential validation, and privilege escalation in OSCP/CTF environmentsPentesting
Programming
Stars
CVE-2025-58434 and CVE-2025-59528 chain POC - FlowiseAI Remote Code Execution
Privilege Escalation Enumeration Script for Windows
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
windows-kernel-exploits Windows平台提权漏洞集合
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP…
Don't expect much :) Just expect to learn new things!
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-…
📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Collection of Statically linked binaries for Linux. Suited for Forensics
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
Compiled Binaries for Ghostpack
A tool for parsing breached passwords
A complete, beginner-friendly bug bounty roadmap that takes you from zero experience to earning your first bounty.
Incredibly fast crawler designed for OSINT.
Exchange privilege escalations to Active Directory
This repo contains a series of challenges that get harder and harder to exploit
A Modern Bug Bounty and Security Research Management Platform
This repo contains scripts to query dehashed.com and crack the returned hashes which will then save all cleartext passwords and hashes to files.
The most complete code auditing platform with thousands of real-world challenges