Contributions to the Open Source community.
I maintain a technical cheat sheet here.
Projects to which I actively contribute
SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Nuclei, from ProjectDiscovery, is a fast and customizable vulnerability scanner based on simple YAML based DSL. I contribute to the templates repository.
Projects created and maintained
Burp PIPER custom scripts repository
Centralize and share all my custom scripts to be used with the PIPER Burp extension.
Docker toolbox for web pentest
Docker image, updated every day, containing several useful tools during the evaluation of the security of a web application.
PowerShell Android module
Utility PowerShell module when manipulating APK on Windows.
BURP Extension to create an audit trail log
Record every HTTP request send via BURP and create an audit trail log of an assessment.
Tool to automate the passive reconnaissance performed on a website prior to an assessment
Automate, when possible, the passive reconnaissance performed on a website prior to an assessment - no direct hit on the target.
Also used to guide a reconnaissance phase by defining all steps (manual or automated) that must be mandatory performed.