The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to…

A new simple and powerfull packer for malware

List of payloads and wordlists that are specifically crafted to identify and exploit vulnerabilities in target web applications.

This Script will help you to gather information about your victim or friend.

Command and Control (C2) framework

Abuse leaked token handles.

Fuzz 401/403/404 pages for bypasses

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities

My Private Bug Hunting Methodology

Uncover the true IP address of websites safeguarded by Cloudflare & Others

A list of interesting payloads, tips and tricks for bug bounty hunters.

Red Teaming and Penetration Testing Checklist, Cheatsheet, Clickscript

Bypass 403

A compact toolbox for backdoor attacks and defenses.

Network, recon and offensive-security tool for Linux.

All about bug bounty (bypasses, payloads, and etc)

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

A living document for penetration testing and offensive security.