Cybersecurity

Statistically Likely Usernames: Why Horizontal Password Attacks Beat Vertical Every Time

By Rob Ragan ★ 1.3k Unknown May 13, 2026

Developer Tools

BaRMIe: Exploiting Java's Invisible Attack Surface in RMI Services

By Rob Ragan ★ 747 Unknown May 13, 2026

Automation

Building a Technology Detection Microservice with Wappalyzer API

By Rob Ragan ★ 63 Unknown May 13, 2026

Automation

GoGrabber: The Web Recon Tool That Screenshots Without Making Network Requests

By Rob Ragan ★ 51 Unknown May 13, 2026

Cybersecurity

PwnGitManager: Surgical Git Repository Extraction for Security Researchers

By Rob Ragan ★ 109 Unknown May 13, 2026

Cybersecurity

Inside can-i-take-over-xyz: The Crowdsourced Database Securing Subdomain Hygiene

By Rob Ragan ★ 5.7k Unknown May 13, 2026

Cybersecurity

Red-Teaming-Toolkit: A MITRE ATT&CK-Mapped Arsenal for Offensive Security Operations

By Rob Ragan ★ 10.3k Unknown May 13, 2026

Developer Tools

Parameth: Brute-Force Parameter Discovery for the APIs Nobody Documented

By Rob Ragan ★ 1.4k Unknown May 13, 2026

Developer Tools

ZGrab: The Deprecated Banner Grabber That Mapped the Internet's Security Posture

By Rob Ragan ★ 750 Unknown May 13, 2026

AI Dev Tools

ZAnnotate: Building a Multi-Source IP Intelligence Pipeline for Internet-Scale Research

By Rob Ragan ★ 114 Unknown May 13, 2026

Cybersecurity

Curate: Mining VirusTotal's URL Archive for Bug Bounty Reconnaissance

By Rob Ragan ★ 41 Unknown May 13, 2026

Cybersecurity

EdOverflow/hacks: The Art of Disposable Security Scripts in /usr/local/bin

By Rob Ragan ★ 100 Unknown May 13, 2026

Cybersecurity

LFISuite: Anatomy of an Automated Local File Inclusion Exploitation Framework

By Rob Ragan ★ 1.9k Unknown May 13, 2026

Developer Tools

Building a Bulk Email Breach Checker with Python and Have I Been Pwned

By Rob Ragan ★ 68 Unknown May 13, 2026

Data & Knowledge

ODAT: The Offensive Oracle Database Toolkit That Security Teams Need to Know

By Rob Ragan ★ 1.8k Unknown May 13, 2026

Cybersecurity

Drupalgeddon2: Dissecting the RCE Exploit That Threatened Millions of CMS Installations

By Rob Ragan ★ 597 Unknown May 13, 2026

Developer Tools

PHPGGC: The Weaponized Library Turning PHP Magic Methods Into Exploitation Chains

By Rob Ragan ★ 3.8k Unknown May 13, 2026

Cybersecurity

Cr3dOv3r: Reverse-Engineering a Credential Reuse Attack Framework

By Rob Ragan ★ 2.1k Unknown May 13, 2026

Cybersecurity

Smith: The Bug Bounty Wrapper That Makes Meg Actually Useful

By Rob Ragan ★ 59 Unknown May 13, 2026

Cybersecurity

AWSBucketDump: Weaponizing S3 Misconfigurations With Wordlists and Grep

By Rob Ragan ★ 1.5k Unknown May 13, 2026

Developer Tools

CloudScraper: Finding Cloud Storage Leaks Through Regex-Powered Web Spidering

By Rob Ragan ★ 537 Unknown May 13, 2026

Developer Tools

CORStest: Hunting Misconfigured Cross-Origin Policies at Scale

By Rob Ragan ★ 423 Unknown May 13, 2026

Developer Tools

Auditing S3 Bucket Exposures: A Security Researcher's Download Tool

By Rob Ragan ★ 21 Unknown May 13, 2026

Automation

DVCS-Pillage: The Security Tool That Exposes Your Forgotten .git Directories

By Rob Ragan ★ 327 Unknown May 13, 2026