Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic

File formats dissections and more...

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

A generator of weird files (binary polyglots, near polyglots, polymocks...)

Artifacts for the Black Hat talk.

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

PDF Files for Pentesting

Argon programming language

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.

iOS platform security & anti-tampering Swift library

AFL-based fuzzing for Java

Tutorials, examples, discussions, research proposals, and other resources related to fuzzing