Skip to content
View devploit's full-sized avatar
🦊
Updating pwny.cc...
🦊
Updating pwny.cc...
432 followers · 90 following

Achievements

Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: Starstruckx3Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: Pair ExtraordinaireAchievement: QuickdrawAchievement: Starstruckx3Achievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Organizations

@eyeem @freepik-company @ripp3rs

Block or report devploit

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
devploit/README.md

Hey there! 🦊

View counter

Hi, I'm Daniel Púa (a.k.a. devploit), offensive security researcher based in Málaga (Spain). I do bug bounty, penetration testing, and security consulting — focused on web, mobile, APIs, and source code. Currently Head of Security at Freepik and CTF competitor with SFPE. I was previously part of ripp3rs and represented Spain in the European Cybersecurity Challenge (ECSC) as a member of the national team.

GIF

I maintain pwny.cc — a curated repository of offensive payloads and research material for the security community.

In my spare time, I build open source security tools — always with the same mindset: If it parses, it breaks. 🧨

👤 Social / Content:

GitHub: devploit Blog: devploit Twitter: devploit Linkedin: Daniel Púa

🐛 Bug Bounty:

HackerOne: devploit Intigriti: devploit Bugcrowd: devploit YesWeHack: devploit

🛡️ CTF & Security:

CTFTime: devploit HackTheBox: devploit

Pinned Loading

  1. nomore403 nomore403 Public

    🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

    Go 1.6k 176

  2. awesome-ctf-resources awesome-ctf-resources Public

    A list of Capture The Flag (CTF) frameworks, libraries, resources and software for started/experienced CTF players 🚩

    739 100

  3. debugHunter debugHunter Public

    Discover hidden debugging parameters and uncover web application secrets

    JavaScript 246 7

  4. SubProbe SubProbe Public

    ⚡ JavaScript-aware crawler for security researchers and bug bounty hunters. Extract hidden endpoints and internal subdomains through static and semantic analysis of JS files. Lightweight. Fast. Sne…

    JavaScript 6