Go on HackyFeed

afrog

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Afrog is a security tool designed for bug bounty programs, penetration testing, and red teaming efforts. It facilitates the creation and execution of Proofs of Concept (PoCs) to help security professionals identify vulnerabilities in systems. Notable features include a streamlined PoC writing guide, multi-language support, and a community-driven approach to contribute new exploit techniques.

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

English • 中文

APKHunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APKHunt is a static code analysis tool specifically designed for Android applications, leveraging the OWASP MASVS framework to identify and rectify security vulnerabilities. It offers comprehensive scanning capabilities, including support for multiple APK files, a low false-positive rate, and optimized rules for accurate vulnerability detection, making it suitable for both mobile developers and security testers. Notably, it produces results in a user-friendly TXT format and is tailored for Linux environments.

apkurlgrep

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ApkUrlGrep is a tool designed for extracting endpoints from APK files. Its primary use case is to facilitate the analysis of mobile applications by identifying URLs and their paths embedded within the app. Notable features include the ability to output both the discovered URLs and their corresponding paths, making it a valuable resource for security researchers and penetration testers.

README

ApkUrlGrep

Tool that allow extract endpoints from APK files

asnmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: asnmap is a Go CLI and library designed for quickly mapping organizational network ranges by leveraging Autonomous System Number (ASN) information. Its primary use case is for cybersecurity analysts to perform lookups for CIDR ranges based on various inputs such as ASN, organization name, domain, or IP addresses, with flexibility in output formats including JSON, CSV, and plain text. Notable features include support for multiple input types, integration with a Project Discovery Cloud Platform API for enhanced data retrieval, and the ability to operate with standard input/output.

BounceBack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BounceBack is a versatile reverse proxy tool designed to enhance the security of red team operations by obfuscating the command-and-control (C2) or phishing infrastructure from detection by blue teams and security tools. It features a highly customizable filtering system that leverages real-time traffic analysis, extensive blacklists, and support for multiple protocols, enabling precise control over which traffic is allowed or denied. Notable capabilities include malleable C2 profile parsing, comprehensive IP address validation, domain fronting, and a robust logging mechanism for monitoring incoming requests and potential security threats.

brutespray

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Brutespray is a credential brute-forcing tool designed to automatically test default credentials against discovered services from various scan outputs, including Nmap and Nessus. It supports over 30 protocols and features capabilities such as multi-auth support, password spray mode, an interactive terminal UI, and resume functionality, allowing for efficient and comprehensive credential testing across networks. The tool is built in Go and offers extensive customization options through YAML configuration files and embedded wordlists.

caddy-waf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Caddy WAF is a customizable middleware for the Caddy web server that functions as a Web Application Firewall, designed to provide advanced protection against a wide range of web-based threats. Key features include regex-based filtering, IP blacklisting, geo-blocking, rate limiting, anomaly scoring, and detailed monitoring capabilities, all aimed at securing applications while ensuring high performance through techniques like zero-copy networking and wait-free concurrency. The tool also supports seamless dynamic configuration reloads and offers precise insights into traffic and security events, making it a robust solution for safeguarding web applications.

cameradar

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cameradar is a tool designed for scanning RTSP endpoints on authorized targets, utilizing dictionary attacks to discover credentials and stream routes. Its primary use case is to assess the security of RTSP streams by detecting open hosts, identifying device models, and generating comprehensive reports of findings. Notable features include the ability to enumerate multiple RTSP stream routes and credentials through customizable dictionaries, as well as support for Docker for streamlined deployment.

CDK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CDK is a zero dependency container penetration toolkit designed for security testing, enabling stable exploitation across slimmed containers. Its primary use case revolves around container escaping, persistence, and lateral movement within Kubernetes clusters, featuring modules for evaluating container weaknesses, executing various exploits, and providing essential network tools. Notable capabilities include information gathering, direct interaction with the container’s environment, and the ability to initiate and manage attacks seamlessly.

README

CDK - Zero Dependency Container Penetration Toolkit

English | 简体中文

cent

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Cent is a tool designed to organize community-contributed Nuclei templates, simplifying the process of managing and utilizing these resources for vulnerability scanning. Key features include the ability to clone templates from multiple repositories, validate their integrity, and generate detailed summaries of the templates’ metadata, including statistics on validation and severity distribution. Additionally, Cent supports multi-threading for efficient repository management and offers commands for initializing configurations, updating templates, and accessing versioning information.

certificates

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: step-ca is an online certificate authority designed for secure and automated certificate management in DevOps environments. It features the capability to issue HTTPS and TLS certificates for various services like VMs, containers, and APIs, as well as SSH certificates, while supporting automated certificate management through ACME protocols. Its flexibility allows users to select key types and certificate lifetimes, making it an essential tool for managing cryptographic needs within modern infrastructures.

chain-bench

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Chain-bench is an open-source tool designed for auditing software supply chain security compliance based on the CIS Software Supply Chain benchmark. It examines the entire Software Development Life Cycle (SDLC) to identify risks from code inception to deployment, ensuring adherence to organizational security policies. Notable features include CLI-based scanning capabilities, integration options with various SCM platforms, and support for Docker deployment.

README

📖 Documentation

Chain-bench is an open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark. The auditing focuses on the entire SDLC process, where it can reveal risks from code time into deploy time. To win the race against hackers and protect your sensitive data and customer trust, you need to ensure your code is compliant with your organization’s policies.

CHAOS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CHAOS is an open-source Remote Administration Tool developed in Golang, designed for generating binaries that facilitate control over remote operating systems. It features robust capabilities such as reverse shell access, file manipulation (upload, download, delete), remote system information retrieval, and several system control functions like shutdown and restart, making it a versatile tool for remote administration tasks across both Windows and Linux platforms.

README

CHAOS: Remote Administration Tool

cli

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Step CLI is a robust command-line interface tool designed for building and managing Public Key Infrastructure (PKI) systems and workflows, providing functionalities for cryptographic operations and X.509 certificate management. Key features include the ability to create, revoke, and validate certificates, generate key pairs and Certificate Signing Requests (CSRs), and automate certificate issuance via integration with the step-ca server and ACME-compliant CAs. The tool simplifies the setup and maintenance of secure TLS/HTTPS environments, making it essential for developers and system administrators working with PKI.

CloudBrute

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CloudBrute is a reconnaissance tool designed for uncovering infrastructure, files, and applications across major cloud providers, including Amazon, Google, Microsoft, and others. Its primary use case targets bug bounty hunters, red teamers, and penetration testers, providing features such as black-box detection, user-agent and proxy randomization, and modular customization to facilitate efficient cloud enumeration and vulnerability assessment without requiring authentication.

README

CloudBrute

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike.

ContainerSSH

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ContainerSSH is an SSH server designed to dynamically launch containers in Kubernetes and Docker, primarily aimed at facilitating lab environments, debugging production systems, and running honeypots. Notable features include ephemeral container management with automatic cleanup, secure and logged access for developers, and comprehensive auditing capabilities that allow for monitoring and analysis of SSH attack patterns. This tool enhances security workflows by leveraging containerization to isolate user activities and preserve system integrity.

copacetic

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Copa is a CLI tool designed to directly patch container images for vulnerabilities without requiring a full rebuild, thereby enhancing DevSecOps workflows. Leveraging vulnerability scan results from tools like Trivy, Copa reduces the operational downtime associated with patching, minimizes storage needs by creating only additional patch layers, and allows any user to perform patches, irrespective of image ownership. Its extensible architecture supports multiple package managers and vulnerability report formats, making it adaptable to various container ecosystems.

crawlergo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: crawlergo is a robust web vulnerability scanner that utilizes a headless Chrome browser to collect URLs and interact with web pages, capable of intelligent form submission and JavaScript event triggering. Its key features include automatic URL de-duplication, support for different browser environments, request proxying, and the ability to push results to passive vulnerability scanners, making it an essential tool for comprehensive web application security assessments.

README

crawlergo

crlfuzz

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CRLFuzz is a specialized tool for detecting CRLF injection vulnerabilities in web applications, developed in Go for high performance. It offers flexible scanning options, including targeting individual URLs or multiple URLs from a list, and provides various command line flags to customize request methods, output results to files, and adjust concurrency levels. Notable features include support for custom headers, proxy usage, and integration capabilities with other security tools through standard input.

CyberStrikeAI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CyberStrikeAI is an AI-integrated security testing platform developed in Go, designed for automated vulnerability discovery and attack-chain analysis. It features a vast integration of over 100 security tools, AI-driven orchestration, role-based testing, and lifecycle management to create a collaborative and auditable environment for security teams. Notable features include a web console, AI decision engine with OpenAI compatibility, detailed vulnerability management, and a comprehensive knowledge base for enhanced security expertise.

DetectDee

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DetectDee is a reconnaissance tool designed to track down social media accounts using identifiers such as usernames, emails, and phone numbers across various social networks. Notable features include precise control over request handling to evade web application firewalls, support for multiple input types for user detection, and the option for integration with ChatGPT for enhanced result tagging. Its extensibility and ease of use make it suitable for cybersecurity practitioners in their investigations.

DllShimmer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DllShimmer is a tool designed to facilitate DLL hijacking by allowing users to backdoor any function in a DLL without disrupting the normal operation of the host program. It generates proxy DLLs through a boilerplate C++ file and a corresponding .def file, ensuring that all exported functions maintain their original names and ordinal numbers, thus avoiding detection. Key features include support for both dynamic and static linking, the option to prevent multiple executions of the backdoor, and comprehensive debug logging capabilities.

dockle

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dockle is a container image linter designed to enhance the security and compliance of Docker images by identifying vulnerabilities and recommending adherence to best practices, including CIS Benchmarks. It offers a simple command-line interface for scanning images, supports integration with CI/CD pipelines, and provides detailed checkpoint reports regarding security issues and Dockerfile practices. Notable features include vulnerability detection and the ability to customize scan parameters for fine-tuning results.

fridare

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fridare is an automation tool for modifying the Frida server on iOS, Android, Linux, and Windows platforms, designed to enhance security and flexibility by allowing users to change server names and ports while bypassing jailbreak detection. The tool features a dual-mode interface, offering both a robust command line and a modern graphical user interface (GUI) based on the Fyne framework, facilitating intuitive server modifications and visual feedback. Notable functionalities include cross-platform support, binary replacement, custom packaging, and dependency management, making it a comprehensive solution for Frida users across different environments.

fscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fscan is a comprehensive internal network scanning tool designed for automated vulnerability assessment and information gathering. Its primary use case encompasses host discovery, port scanning, credential brute-forcing across various protocols, system vulnerability detection, and web application scanning, including comprehensive support for various databases and frameworks. Notable features include the ability to exploit vulnerabilities such as MS17-010, SSH remote command execution, and the storage of scan results for further analysis.

geacon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Geacon is a tool designed for implementing CobaltStrike’s Beacon using Go, primarily aimed at protocol analysis and reverse engineering. It supports CobaltStrike 4.1 and includes functionalities such as command execution, file upload/download, and directory navigation. The tool emphasizes learning and experimentation, with a strong caution against illegal use.

README

Geacon

Using Go to implement CobaltStrike’s Beacon

This project is for learning protocol analysis and reverse engineering only, if someone’s rights have been violated, please contact me to remove the project, and the last DO NOT USE IT ILLEGALLY

getJS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: getJS is a command-line tool and Go package designed for extracting JavaScript sources from URLs and HTTP responses, catering primarily to penetration testers, bug bounty hunters, and developers. Its notable features include customizable request options, support for input from files, and the ability to resolve relative URLs, enhancing the efficiency of JavaScript extraction processes.

README

JavaScript Extraction CLI & Package

This is a powerful tool for extracting JavaScript sources from URLs and web pages / HTTP responses. It offers a command-line interface (CLI) for straightforward URL processing and a package interface for custom integrations, making it ideal for pentesters, bug bounty hunters, and developers needing to extract JS sources efficiently.

git-hound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GitHound is a secret detection tool designed to identify exposed API keys, secrets, and credentials across GitHub repositories using advanced pattern matching and commit-history analysis. Its notable features include global GitHub search capabilities, smart API key detection mechanisms, and the ability to visualize results in real-time through the GitHound Explore dashboard. This tool is particularly useful for security professionals in corporate environments and bug bounty hunters seeking to uncover sensitive information that may lead to vulnerabilities.

github-subdomains

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The github-subdomains tool is designed to search GitHub for subdomains related to a specified domain and parse the search results efficiently. Key features include the ability to use multiple GitHub tokens to manage rate limits, an option for extended searches, and customizable output formats for the collected subdomains. This tool is particularly useful for security researchers and analysts looking to identify exposed subdomains for threat assessment or reconnaissance purposes.

gitjacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gitjacker is a tool designed to retrieve git repositories and their contents from web servers where the .git directory has been unintentionally exposed. It effectively extracts repository data even when directory listings are disabled, making it suitable for educational purposes and penetration testing. Notable features include ease of installation via a simple script and the ability to operate in scenarios where access to traditional repository resources is restricted.

gitleaks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Gitleaks is a tool designed for the detection of sensitive information, such as passwords, API keys, and tokens, within Git repositories and other files. Its primary use case is to identify and prevent the accidental exposure of secrets in code, and it offers notable features such as integration with GitHub Actions and pre-commit hooks for continuous monitoring. Additionally, Gitleaks utilizes a robust detection engine based on regular expressions to analyze codebases efficiently.

go-shellcode

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-shellcode tool enables users to execute shellcode directly from memory as a standalone process, aiming to circumvent antivirus detection. Its primary use case involves running custom shellcode for penetration testing or exploitation purposes, leveraging features like shellcode size handling via batch scripts and a recommendation for binary obfuscation using the garble tool. The tool requires manual architecture specification and supports 64-bit shellcode execution while providing instructions for building and compressing the resulting binary.

go-whatsapp

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-whatsapp package offers a Go interface for interacting with the WhatsApp Web API, enabling developers to integrate WhatsApp functionalities in their applications. Its primary use case is to facilitate the sending and receiving of messages, management of user sessions, and handling various types of media messages through a websocket connection. Notable features include session restoration, customizable message handlers for different message types, and the ability to send contact information in the vCard format; however, the package is not actively maintained and may soon become obsolete due to WhatsApp’s evolving architecture.

GobyVuls

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GobyVuls is a collection of exploitation scripts specifically designed for vulnerabilities identified by the Goby scanning tool. The primary use case is to facilitate the exploitation of detected vulnerabilities, allowing users to perform actions such as command execution or establishing reverse shells. Notable features include a user-friendly interface for scanning and verification, as well as a collaborative framework for contributing new vulnerabilities and enhancing existing exploitation methods.

README

GobyVuls

Vulnerabilities of Goby supported with exploitation.

gogo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: gogo is a versatile network scanning tool designed for both active and passive fingerprinting, featuring customizable port configurations and the extraction of key information such as titles and certificates through regex patterns. It supports the integration of Nuclei proof of concepts (POCs) and offers a heuristic scanning mode for improved performance with minimal resource usage, making it highly efficient for vulnerability detection. The tool is entirely written in Go, ensuring compatibility with minimal dependencies across various operating systems, including legacy versions like Windows 2003.

goscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoScan is an interactive network scanner client designed to automate and provide abstraction over nmap, facilitating host discovery, port scanning, and service enumeration. It is particularly suitable for use in CTFs, OSCP exams, or professional engagements, capable of maintaining scan state in an SQLite database, allowing for asynchronous results upload even in unstable network conditions. Notable features include service enumeration integration with additional tools such as EyeWitness and Hydra, real-time auto-completion, and support for importing data at various stages of the scanning process.

gosearch

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoSearch is an OSINT tool designed to automate the process of searching for online profiles associated with specific usernames, utilizing concurrency for efficiency. It integrates searches across multiple extensive databases, including 900,000 leaked credentials from HudsonRock and over 18 billion from BreachDirectory, enhancing its capability to detect compromised accounts. Notable features include the ability to filter results for accuracy with the --no-false-positives flag and the option to crack found password hashes using Weakpass, significantly boosting the tool’s effectiveness in cybersecurity investigations.

gosec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: gosec is a security analysis tool designed to inspect Go source code for potential security vulnerabilities by scanning the Abstract Syntax Tree (AST) and Static Single Assignment (SSA) representation. It utilizes pattern-based rules, SSA-based analyzers, and taint analysis to identify common issues like SQL injection and XSS. Notable features include customizable rule selection, various output formats, and integration as a GitHub Action for continuous security monitoring.

README

gosec - Go Security Checker

Inspects source code for security problems by scanning the Go AST and SSA code representation.

gotestwaf

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GoTestWAF is a versatile tool designed for simulating API and web application attacks, supporting a multitude of protocols like REST, GraphQL, and gRPC, among others. It evaluates the effectiveness of security solutions such as Web Application Firewalls and API gateways by generating malicious HTTP requests with encoded payloads, allowing for comprehensive security testing and reporting of vulnerabilities. Notable features include customizable payloads, diverse encoding options, and the ability to specify request placeholders for precise attack simulations.

greenmask

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Greenmask is an open-source utility designed for logical database dumping, anonymization, and synthetic data generation, primarily targeting PostgreSQL with ongoing support for MySQL. It enables users to create smaller, referentially intact development databases while offering features such as deterministic transformations, dynamic parameters, and storage support for S3-compatible systems, ensuring flexibility and data integrity. Ideal for sanitizing sensitive data, backing up and restoring databases, and streamlining local development processes, Greenmask operates statelessly and produces outputs compatible with standard database tools.

HackBrowserData

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackBrowserData is a command-line utility designed for decrypting and exporting sensitive data, such as passwords, cookies, and browsing history, from various popular web browsers on Windows, macOS, and Linux. Its notable features include support for the latest encryption standards, like AES-256-CBC for Firefox 144 and beyond, and comprehensive compatibility with a wide range of browsers including Google Chrome, Microsoft Edge, and Opera. The tool emphasizes its intended use for security research while disclaiming legal responsibilities associated with its application.

jaeles

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Jaeles is a robust and extensible web application scanning framework developed in Go, designed to facilitate the creation of customized scanners for identifying vulnerabilities. Its primary use case is in the security assessment of web applications, featuring capabilities such as signature-based scanning, integration with Burp Suite, and extensive reporting options. Notable features include the ability to scan multiple URLs concurrently, customizable signature definitions, and Docker support for streamlined deployment.

KubeHound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KubeHound is a Kubernetes attack graph tool designed to automatically calculate attack paths between assets within a cluster. It enables users to query and analyze security vulnerabilities through a graph-based representation of their Kubernetes environment, utilizing the Gremlin query language for advanced data exploration. Notable features include compatibility with Docker and Docker Compose, deployment as a service (KHaaS), and integration with graph query UIs, including a Jupyter notebook for user-friendly interaction with the attack graph data.

landrun

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Landrun is a lightweight sandboxing tool for Linux designed to run processes securely using the Landlock kernel security module, enabling fine-grained control over filesystem and network access without the need for root privileges or containerization. Notable features include kernel-level security, customizable read, write, and execution permissions for files and directories, and TCP access control, making it suitable for securely executing commands in an isolated environment. With a minimal overhead architecture, it offers a practical solution for developers needing enhanced process security.

ligolo-ng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ligolo-ng is an advanced tunneling tool that establishes connections through a TUN interface, enabling penetration testers to create reverse TCP/TLS tunnels without the need for SOCKS proxies. Notable features include a user-friendly web interface, automatic configuration for certificates, support for multiple platforms, and resilience to network issues with automatic tunnel recovery. Its design facilitates streamlined network management and the ability to run tools directly over these tunnels.

README

Ligolo-ng : Tunneling like a VPN

metabigor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Metabigor is an open-source intelligence (OSINT) tool designed for various information-gathering tasks without the need for API keys. It features capabilities such as network discovery, subdomain enumeration through certificate transparency logs, IP enrichment with Shodan InternetDB, and the ability to detect CDNs or WAFs, making it versatile for cybersecurity research and analysis. Notably, it allows users to automate input processing and batch queries for efficient data collection and analysis.

misconfig-mapper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Misconfig Mapper is a CLI tool developed by Intigriti designed to automate the detection and resolution of common security misconfigurations across various services and technologies. It leverages a flexible template-based system stored in services.json, allowing users to easily add new services and perform extensive checks tailored to their specific environments. Key features include service enumeration, customizable detection templates, and the option to check only for service presence without performing misconfiguration assessments.

Modlishka

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Modlishka is an open-source penetration testing tool that operates as a man-in-the-middle proxy, allowing seamless proxying of multi-domain HTTP and HTTPS traffic without requiring client certificate installation. Its primary use case is in security testing, particularly for ethical phishing assessments and 2FA bypass demonstrations, providing features such as pattern-based JavaScript payload injection, user credential harvesting, and extensive support for various 2FA schemes. Additionally, Modlishka’s modular and stateless design enhances scalability, while its cross-platform compatibility ensures usability across major operating systems.

mosint

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mosint is an automated Open Source Intelligence (OSINT) tool designed for efficient email investigations and scanning. It consolidates various services to validate emails, check for social media accounts, investigate data breaches, and extract associated information rapidly, all while being lightweight and user-friendly. Notable features include email verification, data breach checks, Pastebin scans, DNS/IP lookups, and the ability to output results in JSON format.

README

Features • Installation • Services • Usage • Docker • Config • Screen

nmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Ullaakut/nmap library offers Go developers a comprehensive interface to leverage the features of the Nmap network scanner within their applications, facilitating the creation of security audit tools. By utilizing the Go language’s capabilities, the library allows for robust network scans, service detection, and easy parsing of XML outputs produced by the Nmap binary. Notable features include support for various scan types and the ability to manage scan timeouts, enhancing both flexibility and performance in penetration testing scenarios.

nmap-formatter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NMAP-Formatter is a versatile tool designed to convert NMAP XML output into various formats such as HTML, CSV, JSON, Excel, and more, facilitating the analysis and reporting of network scan results. Notable features include support for output via stdin, the ability to generate diagrams using Graphviz, and options to skip down hosts, enhancing usability for security professionals and network administrators. This tool can also be utilized as a library in Golang for integration into other applications.

nodepass

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NodePass is an open-source network tunneling solution that provides enterprise-grade TCP/UDP tunneling with minimal configuration and high performance, designed for managing complex network scenarios. Key features include seamless protocol conversion, a connection pooling architecture for reduced latency, multi-level TLS security mechanisms, and real-time monitoring capabilities. The tool targets DevOps professionals and system administrators, facilitating effortless deployment and control in diverse networking conditions.

README

nomore403

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NoMore403 is a specialized tool for cybersecurity professionals aimed at bypassing HTTP 40X errors during web security assessments. It employs multiple techniques such as header manipulation, method tampering, and custom path testing to automate the bypass process, featuring smart output filtering to highlight significant results and high concurrency for efficient testing. Notable capabilities include auto-calibration, deduplication of results, color-coded output, and customizable payloads for enhanced flexibility.

README

NoMore403

OneListForAll

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneListForAll is a web fuzzing tool that generates a variety of curated wordlists for penetration testing, focusing on efficiency and organization. Its notable features include automated synchronization of multiple source repositories, categorization of wordlists into short and long versions, deduplication, and a streamlined CLI for pipeline management. The tool consolidates wordlists into manageable files, supporting broad use cases from local fuzzing to advanced vulnerability assessments.

README

OneListForAll

Wordlists for web fuzzing: curated micro, categorized short/long, and combined final lists.

Open-Source-Security-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

osmedeus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Osmedeus is a security-focused orchestration engine designed for automating complex workflows through declarative YAML definitions, enhancing the audibility and management of security tasks. It features distributed execution, a rich library of over 80 utility functions, and supports cloud infrastructure provisioning for robust penetration testing and scanning. Key functionalities include event-driven scheduling, agentic LLM integration for tool orchestration, and a REST API for seamless integration and visualization through a web interface.

osv-scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSV-Scanner is a tool designed to identify vulnerabilities in project dependencies by leveraging the OSV database through a user-friendly CLI interface. It supports a diverse range of programming languages, package managers, and includes features such as vulnerability detection in container images and guided remediation recommendations based on various criteria. The tool’s extensibility and comprehensive data sourcing improve the accuracy and effectiveness of vulnerability notifications for developers.

README

pentagi

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PentAGI is an AI-powered penetration testing framework that automates security assessments for information security professionals and researchers. Notable features include a fully autonomous AI agent capable of executing penetration test steps, integration with over 20 professional tools, a smart memory system for storing results, and comprehensive monitoring and reporting capabilities. The tool operates within a secure Docker environment and includes a modern web interface along with APIs for automation and integration, making it a flexible solution for advanced cybersecurity testing.

phoneinfoga

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneInfoga is an advanced information-gathering framework specifically designed for scanning international phone numbers. Its primary use case involves collecting detailed information such as country, area, carrier, and line type, while employing various OSINT techniques to uncover more about the phone number in question. Notable features include a graphical user interface for scans, programmatic access through a REST API, and the ability to check for the existence of a number and its associated reputation across different platforms.

Platypus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Platypus is a modern terminal-based tool for managing multiple reverse shell sessions and clients, implemented in Go. Its primary use case is to facilitate secure and efficient reverse shell connections across various protocols, featuring functionalities such as multiple service listening ports, a RESTful API for management, file download/upload capabilities, and an interactive shell interface that supports common control commands. Notable features include automatic server initiation, port forwarding, and a web UI for enhanced usability.

pretender

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pretender is a versatile tool designed for executing man-in-the-middle (MitM) attacks by spoofing local name resolutions and performing DHCPv6 DNS takeover. It specializes in relaying attacks primarily against Windows hosts, leveraging protocols such as mDNS, LLMNR, and NetBIOS-NS spoofing. Notable features include the ability to log network queries in dry run mode, tailored domain responses, and integration with relaying tools like Impacket’s ntlmrelayx.py and krbrelayx.

README

pretender

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover
as well as mDNS, LLMNR and NetBIOS-NS spoofing

pspy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pspy is an unprivileged Linux process monitoring tool that allows users to observe commands executed by other processes, including cron jobs, in real-time without requiring root access. It leverages procfs scans and inotify filesystem watchers to detect short-lived processes and can be particularly useful for system enumeration in Capture The Flag (CTF) challenges, as well as for demonstrating secure coding practices regarding command-line argument handling. Notable features include customizable process and filesystem event monitoring, with options for output formatting and scan intervals.

reverse_ssh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reverse SSH is a tool designed for establishing reverse shells using SSH, enabling secure connections for remote management and file transfer. Its primary use case revolves around providing a reliable method for accessing and controlling remote systems, featuring capabilities such as dynamic port forwarding, native SCP/SFTP support, and multiple network transports like HTTP and TLS. Notable features include mutual client-server authentication, a full Windows shell experience, and advanced functionalities like fileless execution and built-in HTTP server capabilities for dynamic client generation.

reverse-shell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reverse-shell is a tool that facilitates setting up reverse shells on Unix-like systems, primarily intended for penetration testing and educational purposes. It automatically detects the target’s available software to execute the appropriate payload, enabling users to bypass firewalls and gain remote shell access effortlessly. Notable features include ease of use with commands for listening and executing reverse shells, options for reconnecting after disconnection, and the ability to run in the background to avoid detection.

reverse-ssh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ReverseSSH is a lightweight, statically-linked SSH server designed for establishing reverse connections, primarily useful for remote access during CTFs and penetration tests like the OSCP exam. It offers fully interactive shell access, file transfer through SFTP, and supports various port forwarding options, making it a versatile tool for bridging initial access with privilege escalation on target systems running Unix or Windows. Notable features include its compact size of less than 1.5MB and compatibility with both operating systems, enhancing its utility in diverse environments.

ruler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ruler is a remote interaction tool designed for Exchange servers, exploiting MAPI/HTTP and RPC/HTTP protocols to manipulate Outlook features for shell access. Its primary use case includes enumerating valid users, creating malicious mail rules, and executing VBScript via Outlook forms or home pages. Notable features include the ability to leverage the Autodiscover service for efficient interaction and a variety of built-in functions for customized exploitation.

README

Introduction

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is abuse the client-side Outlook features and gain a shell remotely.

SatIntel

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SatIntel is an OSINT tool designed for satellite reconnaissance, built with Golang. It enables users to extract satellite telemetry, receive orbital predictions, and parse Two Line Elements (TLE) using a command-line interface that integrates with APIs from Space Track and N2YO. Notable features include satellite catalog retrieval, telemetry display, visual and radio orbital predictions, and user-friendly authentication through environmental variables.

README

SatIntel

 . . . . . . . . .
 . . . ________
 . ///////// . . . . . .
 . ________ . . ///////// . .
 |.____. /\ ///////// . . . .
 . // \/ |\ /////////
 // \ | \ ///////// _______ _______ _______ _____ __ _ _______ _______ .
 || | | ///////// . . |______ |_____| | | | \ | | |______ |
 . || | |// ///// ______| | | | __|__ | \_| | |______ |_____ .
 \\ / // \/ .
 \\.___./ //\ ,_\ . . .
 . . \ //////\ / \ . . Satellite OSINT CLI Tool . .
 . ///////// \| | .
 . ///////// . \ __ / . Made by Angelina Tsuboi (G4LXY) .
 . ///////// . . .
 . . ///////// . . . . . .
 -------- . .. . . .
 . . . . . .

SatIntel is a OSINT tool for satellite reconnaissance made with Golang. The tool can extract satellite telemetry, receive orbital predictions, and parse TLEs.

Features

Satellite Catalog Retrieval from NORAD ID or Selection Menu
Display Satellite Telemetry
Visual and Radio Orbital Predictions
Parse Two Line Elements (TLE)

Preview

Usage

Make an account at Space Track save username and password.

scan4all

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: scan4all is a versatile cybersecurity tool designed for automated web scanning and vulnerability detection, integrating various tools such as vscan, nuclei, and subfinder. It supports a wide range of protocols for password blasting and includes built-in detection capabilities for over 15,000 proof-of-concept (PoC) exploits. Built on Golang, it is cross-platform, lightweight, customizable, and features intelligent scanning mechanisms that optimize performance while ensuring comprehensive coverage of vulnerabilities.

README

💬

scilla

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scilla is an information gathering tool designed for DNS, subdomains, ports, and directories enumeration. Its primary use case is for penetration testing, providing capabilities for extensive reconnaissance on target domains. Notable features include customizable wordlists for subdomain and directory enumeration, multiple output formats, and ease of installation through various methods such as Homebrew, Snap, and Docker.

README

🏴‍☠️ Information Gathering tool 🏴‍☠️ - DNS / Subdomains / Ports / Directories enumeration

_{Coded with 💙 by edoardottt}
Share on Twitter!

ScopeSentry

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scope Sentry is a versatile cybersecurity tool that provides functionalities such as asset mapping, subdomain enumeration, vulnerability scanning, and information leakage detection. Its primary use case is to facilitate comprehensive security assessments of web assets through a distributed scanning approach, allowing users to configure multiple scanning nodes. Notably, it features a plugin system for extensibility, supports multi-node scanning, and includes components for web monitoring and sensitive data leakage detection.

SecretScanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Deepfence SecretScanner is a standalone tool designed to identify unprotected secrets, such as API keys and passwords, within container images and file systems. It matches content against a comprehensive database of approximately 140 secret types, outputting detailed findings in JSON format. Furthermore, SecretScanner can be integrated into the ThreatMapper platform, allowing for holistic vulnerability scanning and risk assessment in cloud-native applications.

README

SecretScanner

Deepfence SecretScanner can find unprotected secrets in container images or file systems.

seekr

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Seekr is a multi-purpose toolkit designed for gathering and managing Open Source Intelligence (OSINT) data, featuring a streamlined web interface for data collection, organization, and analysis. Key functionalities include integration with popular OSINT tools, account discovery, customizable themes, and the absence of API keys for any features, making it suitable for researchers and investigators seeking to enhance their OSINT workflows. It is currently in beta development and allows for easy setup on various platforms including Windows, Linux, and Docker.

shortscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

spicedb

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SpiceDB is an open-source authorization database inspired by Google’s Zanzibar system, designed to provide scalable and secure permission checks for applications. It allows developers to define schemas, manage relationships, and conduct queries to assess user permissions on resources, addressing critical access control threats. Notable features include its relational-like structure for defining authorization models and its capability to handle complex permission queries for enhanced security management.

README

SpiceDB sets the standard for authorization that scales.

Scale with
Traffic • Dev Velocity • Functionality • Geography

spray

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SPRAY is a high-performance directory fuzzing tool designed for testing and exploiting web applications, boasting over 50% greater performance compared to similar tools like ffuf and feroxbuster. It features customizable dictionary generation based on masks or rules, dynamic filtering, extensive fingerprint recognition capabilities, and the ability to handle multiple targets efficiently with resume options for interrupted sessions. The tool seamlessly integrates with *nix command line environments, facilitating inter-operation with other cybersecurity tools.

Stowaway

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stowaway is a multi-tier proxy tool written in Go, designed specifically for penetration testers to route external traffic through multiple nodes into an internal network, thereby overcoming access restrictions. Notable features include user-friendly command-line interface, tree structure node management, support for various connection types (socks5, HTTP, SSH), traffic encryption using TLS/AES-256-GCM, and capabilities for remote shell, file transfer, and port mapping, all while maintaining compatibility across multiple platforms such as Linux, Mac, and Windows.

stunner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stunner is a specialized tool designed for testing and exploiting STUN and TURN servers, particularly in the context of videoconferencing and audio chat applications utilizing the TURN protocol. Its primary use case involves identifying misconfigurations in TURN servers, enabling users to establish a SOCKS proxy that routes traffic through these servers into internal networks. Notable features include the ability to enumerate accessible IP addresses, perform detailed server information queries, and set up a local SOCKS server for traffic relaying.

subjack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Subjack is a DNS takeover scanner written in Go, designed for the concurrent scanning of domain lists to identify registrable domains vulnerable to hijacking. It features detection capabilities for various vulnerability types including CNAME takeovers, NS delegation issues, stale A records, and more, allowing security professionals to assess the risk of domain takeovers effectively. With an emphasis on speed and efficiency, Subjack provides functionalities such as customizable concurrency and thorough output options to facilitate large-scale testing.

SubOver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SubOver is a Golang-based tool designed for detecting potential subdomain takeovers across more than 30 services, leveraging Go’s concurrency for enhanced speed and efficiency. Its primary use case is for security professionals conducting assessments of web applications to identify vulnerable subdomains that can be hijacked. Notable features include a comprehensive service list, customizable concurrent threads, and a straightforward command-line interface for easy operation.

README

SubOver

Note - This project is discontinued. No more updates will be provided! Sorry!

But something more awesome will come soon!

SydneyQt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SydneyQt is a cross-platform desktop client designed for the jailbroken New Bing AI Copilot, enabling advanced interactions with the AI through capabilities such as prompt injection, CAPTCHA resolution via Selenium, and context editing. Key features include support for various file types and multimedia interactions, customizable quick responses, and integration with OpenAI’s API, all presented within a modern and user-friendly interface. The tool is built with Go and Wails, offering robust functionality while allowing users to bypass regional restrictions and enhance their AI interactions.

terracognita

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Terracognita is a tool that automates the import of existing cloud infrastructure into Terraform configurations (HCL) or Terraform state, particularly supporting AWS, GCP, Azure, and VMware. It streamlines the adoption of Infrastructure as Code (IaC) best practices by generating Terraform code from current cloud setups, enabling easier lifecycle management and integration with Cycloid’s DevOps pipelines. Notable features include support for multiple major cloud providers and an open-source nature that encourages community contributions.

Terrapin-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Terrapin Vulnerability Scanner is a Go-based utility designed to assess the vulnerability of SSH clients and servers against the Terrapin Attack. It utilizes a single connection to retrieve supported algorithms without initiating a full SSH key exchange, allowing it to identify potential vulnerabilities and support for known countermeasures like strict key exchange. Notable features include JSON output for results, support for various operating systems via pre-compiled binaries and Docker, and ease of building from source.

traitor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Traitor is a privilege escalation tool designed to automatically exploit local vulnerabilities and misconfigurations in Unix-like systems to achieve a root shell. It incorporates various methods from GTFOBins and specific CVEs, allowing users to discover potential exploits with options to directly attempt them if necessary. Notable features include the ability to analyze sudo permissions, the option to exploit specific vulnerabilities, and support for various privilege escalation vectors.

README

Traitor

Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy!

trivy-operator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Trivy Operator is a Kubernetes-native security toolkit that utilizes Trivy to perform continuous security scans of Kubernetes clusters. It automatically generates and updates comprehensive security reports, including vulnerability assessments, configuration audits, and compliance checks, which are accessible through the Kubernetes API. Notable features include automated scans for workloads, RBAC assessments, secret exposure detection, and generation of Software Bill of Materials (SBOM) for workloads, aiding in the identification and mitigation of potential security risks in real-time.

urlfinder

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: URLFinder is a high-speed, passive URL discovery tool optimized for efficient web asset discovery without active scanning, making it particularly useful for penetration testers and security researchers. It features curated passive sources for comprehensive URL gathering, supports multiple output formats, and provides integration capabilities through STDIN/OUT support.

README

URLFinder

A high-speed tool for passively gathering URLs, optimized for efficient web asset discovery without active scanning.

Features • Installation • Usage • Examples • Join Discord

urlhunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: urlhunter is a reconnaissance tool designed for searching URLs exposed via URL shortener services like bit.ly and goo.gl. It utilizes collections published by the URLTeam, enabling users to perform keyword and regex searches on historical data with customizable date ranges and output options. Notable features include the ability to specify single or multiple keywords, regex searches, and support for bulk archive downloading, making it ideal for cyber intelligence and bug bounty applications.

Venom

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Venom is a multi-hop proxy tool designed for penetration testers, built using Go, which allows the connection of multiple nodes to facilitate multi-layer traffic routing. Key features include a visual network topology, multi-level SOCKS5 proxying, interactive shell access, and secure communication between nodes, making it ideal for managing complex internal networks during security assessments. The tool supports various platforms and architectures, enhancing its versatility for engagements in diverse environments.

Web-Cache-Vulnerability-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web Cache Vulnerability Scanner (WCVS) is a command-line interface tool designed to identify and exploit web cache poisoning and deception vulnerabilities across various web applications. It supports multiple techniques for both attack types, features a crawler for discovering additional URLs, and can be integrated into CI/CD processes to streamline security practices. Notable functionalities include customizable request handling, JSON report generation, and the ability to route traffic through a proxy for enhanced testing versatility.

webanalyze

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Webanalyze is a performance-oriented tool written in Go that identifies technologies used by web applications by analyzing HTTP responses from specified hosts. Its primary use case is for security assessments and technology profiling, supporting bulk analysis of multiple hosts via input files and offering output in various formats such as CSV and JSON. Notable features include the ability to crawl links from a root page, search for subdomains, and download updated app definitions from the Wappalyzer repository.

Whaler

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Whaler is a Go-based tool that facilitates the reverse engineering of Docker images by reconstructing the Dockerfile that generated them. Its primary use case involves extracting valuable information from Docker images, such as identifying added files, detecting potential secret files, and displaying metadata including open ports and environment variables. Notable features include the ability to automatically pull Docker images, filter out irrelevant filenames, and save image layers for further analysis.

wholeaked

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: wholeaked is a Go-based file-sharing tool designed to identify the responsible individual in the event of a document leakage. It accomplishes this by creating a unique hidden signature for each recipient, which is embedded in the shared file, and offers integrations with services such as Sendgrid and AWS SES for automated file distribution. Key features include compatibility with various file types and enhanced functionality for common formats like PDF and DOCX, enabling both automated and manual sharing.

wpprobe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPProbe is a rapid scanning tool designed to detect installed WordPress plugins and themes through REST API enumeration and HTML discovery, mapping them to known vulnerabilities. It supports multiple scanning modes, including stealthy, brute-force, and hybrid methods, allowing detection of over 5,000 plugins without brute-force and many more with it. The tool fetches an updated vulnerability database automatically, eliminating the need for an API key by default, while still allowing for custom configurations and output formats.