Skip to content
View devploit's full-sized avatar
🦊
Bug whisperer. Sometimes I create them, sometimes I hunt them. Balance is key
🦊
Bug whisperer. Sometimes I create them, sometimes I hunt them. Balance is key

Organizations

@eyeem @freepik-company @ripp3rs

Block or report devploit

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
devploit/README.md

Hey there! 🦊

View counter

Hi, I'm Daniel Púa (a.k.a. devploit), offensive security researcher based in Málaga (Spain). I do bug bounty, penetration testing, and security consulting — focused on web, mobile, APIs, and source code. Currently Head of Security at Magnific and CTF competitor with SFPE. I was previously part of ripp3rs and represented Spain in the European Cybersecurity Challenge (ECSC) as a member of the national team.

GIF

I maintain pwny.cc — a curated repository of offensive payloads and research material for the security community.

In my spare time, I build open source security tools — always with the same mindset: If it parses, it breaks. 🧨

👤 Social / Content:

GitHub: devploit Blog: devploit Twitter: devploit Linkedin: Daniel Púa

🐛 Bug Bounty:

HackerOne: devploit Intigriti: devploit Bugcrowd: devploit YesWeHack: devploit

🛡️ CTF & Security:

CTFTime: devploit HackTheBox: devploit

Pinned Loading

  1. nomore403 nomore403 Public

    🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

    Go 1.8k 209

  2. awesome-ctf-resources awesome-ctf-resources Public

    A list of Capture The Flag (CTF) frameworks, libraries, resources and software for started/experienced CTF players 🚩

    776 102

  3. debugHunter debugHunter Public

    Discover hidden debugging parameters and uncover web application secrets

    JavaScript 249 7

  4. SubProbe SubProbe Public

    ⚡ JavaScript-aware crawler for security researchers and bug bounty hunters. Extract hidden endpoints and internal subdomains through static and semantic analysis of JS files. Lightweight. Fast. Sne…

    JavaScript 8