#NGINX http request smuggling : cve-2019-20372 NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted…

Docker Hub Link: 

ViperVenom is an open-source cyber offensive tool developed by Revise7 Security for pentesters. ViperVenom is a great tool when it comes to pentesting

Running InjectEtwBypass BOF from CobaltStrike to Bypass ETW in Notepad.exe

In this article, we'll provide information about generate more leads with these 12 SEO tips. Google is king when it comes to search engines.

This Module will connect to Jira's API using an access token, export to a word .doc, and download the Jira issues that the target has access to. It allows you

Most PHP distributions include the PostgreSQL extension PDO_PGSQL by default so you don’t need to do any further configuration in PHP.

Unmanaged PowerShell execution using DLLs or a standalone executable.

GitOops is a tool to help attackers and defenders identify lateral movement and privilege escalation paths in GitHub organizations by abusing CI/CD pipelines

Trying to gather xss payloads from the internet that bypasses WAF. All credit goes to the owners of the payloads.

BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is not complex, and we welcome

Start a cmd shell (with admin priv.) like this and run CopyCat.exe and enjoy Mimikatz (If you are running 64 bit Windows 10)

This is a comprehensive repository containing 30+ notebooks on Python programming, data manipulation, data analysis, data visualization, data cleaning,

EXOCET is superior to Metasploit's "Evasive Payloads" modules as EXOCET uses AES-256 in GCM Mode (Galois/Counter Mode). Metasploit's Evasion Payloads uses a