Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Installation script for Codename SCNR.

Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰

F5 Agility Labs for Web Application Firewall Use Cases

A simple Web Application Firewall docker image.

An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enhancing the efficiency of bug bounty hunting.

HTTP request smuggling examples

StealthNewSQL : The Ultimate NewSQL Injection Tool - Your All-in-One Solution for NewSQL Database Security! 🛡️ Uncover, exploit, and secure NewSQL database vulnerabilities with this feature-packed command-line tool. Whether you're a penetration tester, security researcher, or developer, StealthNewSQL equips you with the ultimate power! 💥

qualysapi is a simple API Qualys client written in shell script 🐧.

StealthSQL: The Ultimate SQL Injection Tool - Dive into the shadows of web security with StealthSQL. Harness the power of StealthSQL to silently unveil vulnerabilities in SQL databases. Conduct stealthy SQL injections, expose misconfigurations, and empower your security journey. 🕵️‍♂️🔐

Command Generator Script for Arachni (Simplify the CLI)

StealthNoSQL : The Ultimate NoSQL Injection Tool - Unleash the power of advanced NoSQL injection techniques with this comprehensive command-line tool! Whether you’re pentesting MongoDB, CouchDB, or any other NoSQL database, StealthNoSQL has you covered. 🚀💻

MisCORS - Unleash CORS Misconfigurations Like a Digital Phantom! 🌐✨ Harness the power of MisCORS to silently unveil vulnerabilities in Cross-Origin Resource Sharing. Stealthily analyze web defenses, expose misconfigurations, and empower your security journey. 🕵️‍♂️🔓 Dive into the shadows of web security with MisCORS. #WebSecurity #CORSExposure

Some tools I always carry with me in my toolbox

This repository hosts a powerful web app security automation tool developed in Python and Bash scripting. The tool automates essential tasks in web application security testing and reconnaissance, significantly reducing manual effort and time required for these critical processes.

webGuard is a Web Application Testing tool that helps find security vulnerabilities in your applications.

Setup vulnerable web applications for pentesting with a single command.

REXEC-Hunt is an initial Bash script for identifying web app vulnerabilities leading to remote code execution. A foundational tool to automate detection, REXEC-Hunt is a stepping stone towards a comprehensive scanner. Clone, run, and probe URLs safely.