Instant access to security testing payloads, commands, and techniques.
Cyn0 is a cross-platform desktop application designed for penetration testers, security researchers, and bug bounty hunters. Access thousands of security payloads, exploitation techniques, and commands with lightning-fast search and intelligent payload copying.
- Global Hotkey Access - Press
Shift + Spaceanywhere to instantly open Cyn0 - Fast Search - Real-time search across 100+ security categories
- Intelligent Payload Copying - Auto-detect and copy payloads with keyboard shortcuts
- Comprehensive Database - Web exploits, Linux/Windows commands, OSINT tools, and more
- Arrow keys for navigation
Enterto selectBackspace/Deleteto go backShift + Arrowsto navigate between payloadsShift + Ctrl/Cmd + Cto copy selected payloadCtrl/Cmd + Nfor quick actions menuCtrl/Cmd + Ffor search mode
- Payload Auto-Detection - Automatically identifies code blocks, commands, and payloads
- Backup System - SHA256-based backup with restore functionality
- Stay-on-Top - Always accessible, never lost behind other windows
- System Tray - Runs quietly in the background
Project layout notes are documented in docs/PROJECT_STRUCTURE.md.
All Platforms:
- Qt 6.9+ (Core, Widgets, GUI)
- C++17 compiler
- CMake or qmake
Linux Additional:
# Ubuntu/Debian
sudo apt install libx11-dev libxkbcommon-x11-dev
# Fedora/RHEL
sudo dnf install libX11-devel libxkbcommon-x11-develDownload the latest release for your platform from GitHub Releases:
- Windows:
Cyn0-Windows-x64.zip - macOS:
Cyn0-macOS.dmg - Linux:
Cyn0-Linux-x86_64.AppImage
# Clone the repository
git clone https://github.com/yourusername/cyn0.git
cd cyn0
# Build using qmake
qmake Cyn0.pro
make
# Or using Qt Creator
# Open Cyn0.pro in Qt Creator and buildPlatform-Specific Instructions:
macOS:
# Build
qmake Cyn0.pro
make
# Run
open Cyn0.app
# Create DMG (optional)
macdeployqt Cyn0.app -dmgLinux:
# Install dependencies first
sudo apt install libx11-dev libxkbcommon-x11-dev
# Build
qmake Cyn0.pro
make
# Run
./Cyn0Windows:
# Build (Qt environment required)
qmake Cyn0.pro
nmake
# Run
release\Cyn0.exe- Launch Cyn0 - The app runs in the system tray
- Press
Shift + Space- Opens the main window - Start Typing - Search begins automatically
- Navigate - Use arrow keys to browse categories
- Select - Press Enter to view content
Type: "xss"
Results: XSS Payloads, XSS Tools, WAF Bypass Techniques
Type: "privilege"
Results: Linux Privilege Escalation, Windows Privilege Escalation
Type: "sql"
Results: SQL Injection, SQLMap Commands, MySQL Exploitation
When viewing content with payloads (e.g., XSS attacks):
- First payload auto-selected - Highlighted in purple
- Navigate -
Shift + ↓/↑to move between payloads - Copy -
Shift + Ctrl/Cmd + Cto copy to clipboard - Quick Copy & Close -
Shift + Entercopies and closes window
| Shortcut | Action |
|---|---|
Shift + Space |
Toggle Cyn0 visibility |
| Shortcut | Action |
|---|---|
↑/↓ |
Navigate items (normal mode) |
Enter |
Select/Open item |
Backspace/Delete |
Go back |
Ctrl/Cmd + F |
Focus search bar |
Ctrl/Cmd + N |
Quick actions menu |
Esc |
Hide window |
| Shortcut | Action |
|---|---|
Shift + ↓/↑ |
Navigate between payloads |
Shift + Ctrl/Cmd + C |
Copy selected payload |
Shift + Enter |
Copy and close window |
- XSS Payloads & Bypasses
- SQL Injection
- SSTI (Server-Side Template Injection)
- Command Injection & Unicode Bypass
- CORS Misconfiguration
- File Upload Bypass
- GraphQL Exploitation
- JWT & API Security
- LFI/RFI Exploitation
- OAuth 2.0 Attacks
- SSRF Exploitation
- WAF Bypass Techniques
- WebSocket Security
- XXE Exploitation
- Web Fuzzing Tools
- Vulnerability Scanners
- Advanced System Commands
- Metasploit Modules
- MySQL Exploitation
- NFS Enumeration
- Privilege Escalation
- RDP Enumeration
- Redis Exploitation
- SMB Enumeration
- Specialized Security Tools
- Terminal Commands
- PowerShell Basics
- PowerShell Commands
- Privilege Escalation
- Registry Commands
- Service Commands
- OSINT Tools Database
- Recon Tools
- Google Dork Database
- GitHub Security Resources
- Burp Suite Extensions
- Steganography Tools
- Python Security Commands
Edit mainwindow.cpp (line 47):
hotkey = new QHotkey(QKeySequence("Shift+Space"), true, this);Available modifiers: Ctrl, Shift, Alt, Meta (Win/Cmd)
Backups:
~/.config/Cyn0/backups/
This tool is intended for:
- ✅ Authorized security testing
- ✅ Educational purposes
- ✅ Bug bounty programs
- ✅ Penetration testing with proper authorization
- ✅ CTF competitions
- ✅ Security research
Prohibited Use:
- ❌ Unauthorized access to systems
- ❌ Malicious activities
- ❌ Illegal hacking
- ❌ Violation of computer fraud laws
Users are solely responsible for ensuring they have proper authorization before using any techniques or payloads contained in this tool.
- 100% Local - All data stored locally, no cloud connections
- No Telemetry - Zero tracking or analytics
- Open Source - Full transparency, audit the code yourself
- Accessibility Permissions Required - Grant permissions in System Preferences → Security & Privacy → Accessibility
- First Launch - May require right-click → Open to bypass Gatekeeper
- X11 Required - Wayland support limited (use X11 session)
- Global Hotkey - May conflict with desktop environment shortcuts
- Antivirus False Positives - Some AVs flag global hotkey usage (add exception)
Edit JSON files in the project root or json/ directory. Format:
{
"Category Name": {
"desc": "Description of the technique",
"commands": [
{
"desc": "What this command does",
"command": "actual command here"
}
],
"examples": [
{
"desc": "Example scenario",
"command": "example usage"
}
]
}
}Built with:
- Qt Framework - Cross-platform GUI
- QHotkey - Global hotkey support
Payload Sources:
- PayloadsAllTheThings
- HackTricks
- OWASP
- Community contributions
MIT License - See LICENSE file for details.
- Issues: GitHub Issues
- Discussions: GitHub Discussions
Special thanks to the security community for sharing knowledge and techniques. This tool stands on the shoulders of giants.
Stay ethical. Stay legal. Happy hacking! 🔒
