Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Installation script for Codename SCNR.

F5 Agility Labs for Web Application Firewall Use Cases

Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰

A simple Web Application Firewall docker image.

An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enhancing the efficiency of bug bounty hunting.

HTTP request smuggling examples

qualysapi is a simple API Qualys client written in shell script 🐧.

Command Generator Script for Arachni (Simplify the CLI)

Some tools I always carry with me in my toolbox

StealthSQL - Unlock the Stealthy World of SQL Injection! 🌐✨ Dive into the shadows of web security with StealthSQL. Harness the power of StealthSQL to silently unveil vulnerabilities in SQL databases. Conduct stealthy SQL injections, expose misconfigurations, and empower your security journey. 🕵️‍♂️🔐

MisCORS - Unleash CORS Misconfigurations Like a Digital Phantom! 🌐✨ Harness the power of MisCORS to silently unveil vulnerabilities in Cross-Origin Resource Sharing. Stealthily analyze web defenses, expose misconfigurations, and empower your security journey. 🕵️‍♂️🔓 Dive into the shadows of web security with MisCORS. #WebSecurity #CORSExposure

REXEC-Hunt is an initial Bash script for identifying web app vulnerabilities leading to remote code execution. A foundational tool to automate detection, REXEC-Hunt is a stepping stone towards a comprehensive scanner. Clone, run, and probe URLs safely.

webGuard is a Web Application Testing tool that helps find security vulnerabilities in your applications.

Setup vulnerable web applications for pentesting with a single command.