Web Security Scanner

Web Application Secure Coding Handbook resource.

one-stop resource for all things offensive security.

Make URL path combinations using a wordlist

OWASP Code Review Guide Web Repository

A tech enumeration toolkit focused on 404 Not found pages.

ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & stuffs helpful for Web Application Penetration Testing. By @scriptkkiddie

Changes the output of Wappalyzer into something human readable. It also provides links to useful websites and a Google query for finding information on vulnerabilities.

Web applications info gatherer

JS Source Map Extractor & Secrets Scanner

A curated list of tools which you can use in Infosec!

Automation scripts for PortSwigger labs

A collection of security notes and procedures to use during pentests/red team assessments or as preparation for OSCP and similar exams

Command line utility to hunt for Virtual Hosts

web application penetration testing and security notes.

An all-in-one frontend security tool for downloading, beautifying, and scanning for secrets.

I began as a developer, building applications with clean code and strong logic. Over time, my interest shifted to protecting the systems I built, which led me to cybersecurity.

Yet Another Recon Framework🥷⚔️

I began as a developer, building applications with clean code and strong logic. Over time, my interest shifted to protecting the systems I built, which led me to cybersecurity.

A self-contained Docker lab simulating real-world broken access control vulnerabilities for security recruiting and training. Includes 8 challenges covering header injection, HTTP method overrides, path normalization, and WAF bypass, each requiring a genuine 403 bypass to capture a unique flag.