All articles

Cybersecurity

215 articles

Cybersecurity

Smap: How to Port Scan 200 Hosts Per Second Without Touching a Single Target

By Rob Ragan ★ 3.2k Go Mar 24, 2026
Cybersecurity

CloudGoat: Building Vulnerable AWS Infrastructure to Train Your Red Team

By Rob Ragan ★ 3.5k Python Mar 24, 2026
Cybersecurity

RED_HAWK: The PHP Pentester's Swiss Army Knife That Time Forgot

By Rob Ragan ★ 3.6k PHP Mar 24, 2026
Cybersecurity

Mining Bug Bounty Scopes: How bounty-targets-data Automates Security Reconnaissance

By Rob Ragan ★ 3.7k Unknown Mar 24, 2026
Cybersecurity

Notify: Why Go's Multi-Platform Notification Library Chooses Simplicity Over Guarantees

By Rob Ragan ★ 3.7k Go Mar 24, 2026
Cybersecurity

Arsenal: A Command Injection Hack That Makes Penetration Testing Actually Manageable

By Rob Ragan ★ 3.7k Python Mar 24, 2026
Cybersecurity

shhgit: Real-Time Secret Detection Across Public Git Repositories

By Rob Ragan ★ 3.9k JavaScript Mar 24, 2026
Cybersecurity

Ghauri: Building a Modern SQL Injection Framework with Session Management and Multi-Technique Detection

By Rob Ragan ★ 4.0k Python Mar 24, 2026
Cybersecurity

bbscope: Building a Multi-Platform Bug Bounty Scope Aggregator with PostgreSQL and LLM Normalization

By Rob Ragan ★ 1.3k Go Mar 24, 2026
Cybersecurity

Teaching AI Assistants to Hunt Bugs: Inside h1-brain's MCP Architecture

By Rob Ragan ★ 224 Python Mar 24, 2026
Cybersecurity

Open-CVDB: The Community-Driven Database Tracking Cloud Provider Security Failures

By Rob Ragan ★ 381 Unknown Mar 23, 2026
Cybersecurity

Gsec: The Open-Source Web Scanner That Automates What Burp Suite Makes You Test Manually

By Rob Ragan ★ 383 Python Mar 23, 2026
Cybersecurity

GSAN: Mining Subdomains from SSL Certificates Without Certificate Transparency Logs

By Rob Ragan ★ 389 Python Mar 23, 2026
Cybersecurity

Gorilla: A Unified Wordlist Generator That Replaces Your Entire Password Cracking Toolkit

By Rob Ragan ★ 392 Rust Mar 23, 2026
Cybersecurity

Second Order: Finding Subdomain Takeovers Hidden in Plain Sight

By Rob Ragan ★ 403 Go Mar 23, 2026
Cybersecurity

ppfuzz: Hunting Client-Side Prototype Pollution with Headless Chrome and Rust

By Rob Ragan ★ 660 Rust Mar 23, 2026
Cybersecurity

Puncia: When You Need Nation-State Exploit Intelligence Your CVE Database Doesn't Have

By Rob Ragan ★ 663 Python Mar 23, 2026
Cybersecurity

Finding Invisible Vulnerabilities: How Backslash-Powered Scanning Detects Unknown Injection Flaws

By Rob Ragan ★ 709 Java Mar 23, 2026
Cybersecurity

Ax Framework: Building Disposable Cloud Armies for Offensive Security

By Rob Ragan ★ 735 Shell Mar 23, 2026
Cybersecurity

Recog: How Rapid7 Fingerprints the Internet with Regex and XML

By Rob Ragan ★ 765 Ruby Mar 23, 2026
Cybersecurity

osx-security-awesome: Your Forensic Roadmap Through the macOS Security Jungle

By Rob Ragan ★ 778 Unknown Mar 23, 2026
Cybersecurity

Confused: A Surgical Strike Tool for Dependency Confusion Detection

By Rob Ragan ★ 779 Go Mar 23, 2026
Cybersecurity

Inside Pedro Ribeiro's Exploit Arsenal: A Deep Dive into Real-World Vulnerability Research

By Rob Ragan ★ 856 Ruby Mar 23, 2026
Cybersecurity

Tactical Exploitation: When Brute Force Beats Zero-Days in Modern Pentesting

By Rob Ragan ★ 859 Python Mar 23, 2026