A script that parses nmap.xml output, identifies all SSL services and automatically performs an sslscan of each service
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
Fast directory scanning and scraping tool
A Go implementation of dirsearch.
Detect and disconnect hidden WiFi cameras in that AirBnB you're staying in
Find potentially sensitive files
Useful frida scripts
A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Internal Network Penetration Test Playbook
Build a Jekyll blog in minutes, without touching the command line.
Open Redirect Payloads
Notes/Tools for pentesting
Custom pentesting tools
BurpSuite extension to find reflected XSS in real-time
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Indexes for SANS Courses and GIAC Certifications
A starter secure code review checklist
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Fetch all the URLs that the Wayback Machine knows about for a domain
Whitebox source code review cheatsheet (Based on AWAE syllabus)