💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

All knowledge I gained from CTFs, real life penetration testing and learning by myself.

OWASP LLM (Large Language Model) Top 10

Just like a ghost, Ghost_Dir is capable of detecting hidden subdirectories that other scanning tools may not be able to find. It acts silently, without leaving any traces, and is able to penetrate into obscure areas of the web page that usually go unnoticed.

Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It supports bulk domain scanning and logs detailed results for analysis.

Offensive Security Scripts (OSS) - Repository of random scripts I've written for offensive purposes.

This have 150+ books for start your career in the Penetration testing or cybersecurity

This repository is all about the POC and Tools that can be leveraged down for initial access in red teaming engagements.

THM DESCRIPTION: Get started with Cyber Security in 24 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.

Pages documenting my Pentesting journey.

LSASSExtractor is a lightweight tool designed to capture memory dumps of the LSASS process on Windows systems. By leveraging the Windows API, it locates the target process and creates a memory dump, which can be analyzed to extract sensitive information such as passwords, encryption keys, and authentication tokens.

Your Ultimate Companion for Security Testing and Vulnerability Tracking

My Private Website Pentesting Tool

Offensive Security Research, Corporate Espionage Investigation

A collection of awesome penetration testing and offensive cybersecurity resources.

A keylogger designed for stealthy keystroke capture & analysis.

Security notes

Subdomain lookup tool using https://subdomainfinder.c99.nl/

Useful info about tools and methods

Denum is a tool designed for the reconnaissance phase of penetration testing and is especially valuable for bug bounty hunters. It helps in gathering and cleaning domain names from URLs to extend the scope of their search by efficiently extracting and standardizing core domain names and subdomains.