httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Deobfuscate obfuscator.io, unminify and unpack bundled javascript

Iceman Fork - Proxmark3

Docker microservice for LineageOS Continuous Integration and Continous Deployment

Kali Nethunter for OnePlus 3T & MI9T

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Cross-Platform SDR Software

RF transmitter for Raspberry Pi

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.

XZ Utils

Bypass restricted and censored content on AI chat prompts 😈

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Low-level HTTP/2 client implementation for experimenting with the protocol.

A collective list of free APIs

Agola: CI/CD Redefined

A Python3 implementation of the Wiener attack on RSA

Arsenal is just a quick inventory and launcher for hacking programs

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

A ssh server that knows who you are. $ ssh whoami.filippo.io

The Illustrated TLS 1.2 Connection: Every byte explained

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Repo for my talks...and stuff

ImaginaryCTF is a platform that brings the beauty of CTF Competitions to discord, releasing a challenge every day

🎵 Official source code and writeups for SekaiCTF 2023!

Fast Application Layer Scanner

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Find authentication (authn) and authorization (authz) security bugs in web application routes.

Vulnerable web application, your goal is to exploit it and get the flag.