Projects & Tools

Fetches subdomains from SecurityTrails using your API key, filters hosts by actively checking sockets to identify live services, and stores results in normalized domain formats ready for scanners. Designed to produce clean, usable outputs for downstream tooling.

High-throughput subdomain bruteforcer — uses pre-built wordlists (or your custom wordlist) to brute subdomains, gathers passive results via crt.sh and active enumeration, supports structured output storage and streams results to stdout for piping into other tools or pipelines.

Comprehensive playbook covering all vulnerability classes, bypass techniques, and checklists. Includes step-by-step approaches: how to triage an issue, how to craft POCs, common bypasses, and recommended reporting templates to speed up high-quality disclosure.