A dependency-aware Software Composition Analysis (SCA) tool for Perl.

Fake Account Interaction Recognition

A hacker's userspace TCP/IP stack

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

A study of V8 internals.

Content-Type Research

Collection of CTF Web challenges I made

TinyLinux mini linux kernel implmentation from scratch

Tutorial for writing kernel exploits

Distributed scraping framework

Archive for acez.re blog.

Pwn stuff.

A Python script designed to monitor bug bounty programs for any changes and promptly notify users.

Setup Perl environment Action

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

Collection of PoC and offensive techniques used by the BlackArrow Red Team

CodeQL zero to hero blog post series challenges

Slides about HyperDbg

Reverse engineering framework in Python

Tutorials, examples, discussions, research proposals, and other resources related to fuzzing

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall, just by anyone on the victim's network visiting a website

Exploiting misconfigured firebase databases