Skip to content
View theoffsecgirl's full-sized avatar
🕷️
No system is secure — we prove it.
🕷️
No system is secure — we prove it.
37 followers · 19 following

Achievements

Achievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Highlights

  • Pro

Block or report theoffsecgirl

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
theoffsecgirl/README.md

theoffsecgirl

🕷️ Security Researcher · Bug Hunter · Tool Developer · Instructor

LinkedIn Email Web

Typing SVG

Pink lines. Red team.

About me

I work across offensive security, vulnerability research, bug bounty, tooling, and technical training.
My focus is practical: find real issues, understand root causes, build useful workflows, and teach clearly.

What I do

[+] Researching attack surface
[+] Hunting vulnerabilities
[+] Building tools and workflows
[+] Teaching cybersecurity
[+] Turning complexity into practical methodology

Tools

Repo Description
🕷️ webxray Web scanner: crawling, XSS, SQLi, headers, WAF bypass
📍 pathraider Local File Disclosure & Directory Traversal scanner
🔄 takeovflow Advanced subdomain takeover scanner
🦷 bluedeath Offensive Bluetooth BR/EDR auditing tool for Linux
🔒 corskit CORS misconfiguration tester — offensive web tool
🤖 bb-copilot AI-powered bug bounty assistant — methodology vault + CLI
🖥️ dotfiles macOS / Linux environment for bug bounty and pentesting

Tech / Areas

Web Security Bug Bounty Python Bash Linux Automation Teaching

Contact

Quote

┌──────────────────────────────────────────────────────┐
│   Every vulnerability is a lesson someone ignored.  │
└──────────────────────────────────────────────────────┘

pink lines · red team · practical security

Popular repositories Loading

  1. webxray webxray Public

    Offensive web scanner: crawling, XSS, SQLi, headers and WAF bypass

    Python 13

  2. pathraider pathraider Public

    Offensive LFD and Directory Traversal scanner with encoding bypass

    Python 3 1

  3. takeovflow takeovflow Public

    Advanced subdomain takeover scanner — passive + active + CNAME fingerprinting

    Python 1 1

  4. bluedeath bluedeath Public

    Offensive Bluetooth BR/EDR auditing tool for Linux (BlueZ)

    Shell 1 1

  5. theoffsecgirl theoffsecgirl Public

  6. corskit corskit Public

    CORS misconfiguration tester — no dependencies, runs in browser

    HTML