Simple PoC script that allows you to exploit telegram's "send with timer" feature by saving any media sent with this functionality.
"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber …
Stealer for Windows 10/11 for Chrome, Edge, Firefox, Brave with Wallet, Discord, Telegram and many more functions. Passwords, cookies, autof…
BrowserSnatch is a powerful browser stealer or browser data extraction tool intended to be used for ethical hacking or penetration testing.
Wordlists handcrafted (and automated) with ♥
Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials a…
Fast, zero-dependency credential testing tool in Go. Brute force SSH, MySQL, PostgreSQL, Redis, MongoDB, SMB, and 20+ protocols. Hydra alter…
This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learn…
This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles
The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
BurnWP Advanced Exploiter System instead Scanner & Custom Plugin for Pentester
Burp Suite Certified Practitioner Exam Study
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration,…
Evade EDR's the simple way, by not touching any of the API's they hook.
BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).
EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
Tool that tests MANY url bypasses to reach a 40X protected page.
Bypass WAF SQL Injection SQLMAP
This map lists the essential techniques to bypass anti-virus and EDR
Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)!…
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities
All social Media hacking with information gathering
Cache Commander — a TUI and MCP server to explore, audit, and clean developer cache directories. Scan for CVEs, find outdated packages, recl…