A repository to maintain the scripts I create for penetration testing

Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications

A collection of awesome penetration testing resources, tools and other shiny things. With repository stars⭐ and forks🍴

An application that utilizes fast AF_XDP Linux sockets to generate and send network packets. Used for penetration testing including Denial of Service (DoS) and network monitoring.

SSH based reverse shell

PHP mass mailer with multi-recipient sending.

A penetration testing playbook that's suitable for CTF challenges, bug bounty hunting and red team assessments.

Micro-ID-Gym is a software suite designed to aid security researchers and developers in testing Identity Management protocols implementations

📦 Make security testing of K8s, Docker, and Containerd easier.

Personal InfoSec blog

Nimbo-C2 is yet another (simple and lightweight) C2 framework

Security-C4PO is an open-source web-application for managing and documenting penetration tests. This tool allows a security tester to keep track of the testing progress according to the OWASP Testing Guide. This application aims to make the offical Testing Guide more actionable to work with.

A collection of awesome GitHub repositories for hackers, pentesters & security researchers. ADDING MORE REPOs SOON.

CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.

A penetration toolkit for container environment

Little Bug Bounty & Hacking Tools⚔️

This repository contains my assignments, project progress journal, and penetration test report as part of a privacy, security, and cryptography course.

Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.

Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).

Automating situational awareness for cloud penetration tests.