Automation to assess the state of your M365 tenant against CISA's baselines

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

TikTok User Info Scraper allows you to fetch detailed information about TikTok users by their username or user ID, without requiring logins or API keys. It extracts various user data such as follow…

A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.

Get your documents ready for gen AI

Running Docling as an API service

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …

real time face swap and one-click video deepfake with only a single image

Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data

Packaging metasploit-framework with omnibus

LazyOwn RedTeam/APT Framework is the first RedTeam Framework with an AI-powered C&C, featuring rootkits to conceal campaigns, undetectable malleable implants compatible with Windows/Linux/Mac OSX, …

CVE-2025-29927 Proof of Concept

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

Testing TLS/SSL encryption anywhere on any port

List of payloads: reverse shell, bind shell, webshell.

A python wrapper for libmagic

Collection of reverse shells for red team operations.

The official Windows Driver Kit documentation sources

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Cron API

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Metasploit Framework

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse …