💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

All knowledge I gained from CTFs, real life penetration testing and learning by myself.

OWASP LLM (Large Language Model) Top 10

Just like a ghost, Ghost_Dir is capable of detecting hidden subdirectories that other scanning tools may not be able to find. It acts silently, without leaving any traces, and is able to penetrate into obscure areas of the web page that usually go unnoticed.

Offensive Security Scripts (OSS) - Repository of random scripts I've written for offensive purposes.

This repository is all about the POC and Tools that can be leveraged down for initial access in red teaming engagements.

This have 150+ books for start your career in the Penetration testing or cybersecurity

THM DESCRIPTION: Get started with Cyber Security in 24 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.

Pages documenting my Pentesting journey.

LSASSExtractor is a lightweight tool designed to capture memory dumps of the LSASS process on Windows systems. By leveraging the Windows API, it locates the target process and creates a memory dump, which can be analyzed to extract sensitive information such as passwords, encryption keys, and authentication tokens.

My Private Website Pentesting Tool

A collection of awesome penetration testing and offensive cybersecurity resources.

PortScanner is a C# tool for identifying open ports on target systems, crucial for network security. It offers fast, multi-threaded scanning and detailed reports, perfect for network administrators and cybersecurity professionals.

Your Ultimate Companion for Security Testing and Vulnerability Tracking

Security notes

Offensive Security Research, Corporate Espionage Investigation

Subdomain lookup tool using https://subdomainfinder.c99.nl/

Useful info about tools and methods

Denum is a tool designed for the reconnaissance phase of penetration testing and is especially valuable for bug bounty hunters. It helps in gathering and cleaning domain names from URLs to extend the scope of their search by efficiently extracting and standardizing core domain names and subdomains.