Source generator to add D/Invoke and indirect syscall methods to a C# project.

Command and Control Framework written in C#

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

A cheat sheet that contains advanced queries for SQL Injection of all types.

My personal blog!

Sudo Baron Samedit Exploit

This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

A step by step workshop to exploit various vulnerabilities in Node.js and Java applications

🕵️‍♂️ Offensive Google framework.

Generates target specific word lists for Fuzzing with fuff

Resources for Windows exploit development

awesome list of browser exploitation tutorials

Lesser Known Web Attack Lab

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and re…

Copies of my 'Script Center' and 'Technet Gallery' publications

A list of resources for those interested in getting started in bug bounties

XSS payloads designed to turn alert(1) into P1

Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.

Course materials for Modern Binary Exploitation by RPISEC

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https://github.com/rapid7/metasp…

Modified template for the OSCP Exam and Labs. Used during my passing attempt

Collection of pentesting scripts

A microapi to allow easy integration of authentication into your service

Scanning APK file for URIs, endpoints & secrets.

🐧 Abuse of Google Colab for cracking hashes.