Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.
A collection of tests for Local File Inclusion (LFI) vulnerabilities using Burp Suite.
A Python library for exploiting race conditions in web apps
A tool for generating .NET serialized gadgets for triggering .NET assembly load/execution.
Skyhook facilitates obfuscated HTTP file transfers to bypass IDS detections, enhancing secure data exchange.
Hidden parameters discovery suite
Stealing Signatures and Making One Invalid Signature at a Time.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
A framework for exploiting Android-based devices and applications
A credit card/magstripe spoofer that can emulate any magnetic stripe or credit card wirelessly.
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Phrack Magazine is a digital magazine that focuses on computer security and hacking, featuring articles, interviews, and tutorials on various topics related to computer security.
A black-box obfuscation tool for Android apps with Android App Bundle support.
A proof-of-concept obfuscation toolkit for C# post-exploitation tools, designed to conceal malicious activities from detection.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
A list of useful payloads and bypasses for Web Application Security.
A set of YARA rules for identifying files containing sensitive information
A cross-platform tool for creating malicious MS Office documents with hidden VBA macros and anti-analysis features.
DueDLLigence is an open-source tool for identifying and analyzing DLL hijacking vulnerabilities in Windows applications, providing automated analysis and remediation guidance.
PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.
A PoC tool for generating Excel files with embedded macros without using Excel.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
Inceptor is a template-driven framework for evading Anti-Virus and Endpoint Detection and Response solutions, allowing users to create custom evasion techniques and test their security controls.
CLI tool for offensive and defensive security assessments on the Joi validator library with a wide range of attacks.
A blog post discussing the often overlooked dangers of CSV injection in applications.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
A tool for automated security scanning of web applications and manual penetration testing.
A quick and dirty dynamic redirect.rules generator for penetration testers and security professionals.