Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Nuclei-AI-Prompts

Firebase DB, String and Google API Key Extractor

Next Generation SSLKillSwitch with much more support!

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

🤖 A minimal and customizable Docker image running the Android emulator as a service.

A simple, lightweight PowerShell script to remove pre-installed apps, disable telemetry, as well as perform various other changes to customize, declutter and improve your Windows experience. Win11D…

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…

OSWE, OSEP, OSED, OSEE

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security teste…

JWT Auditor – Analyze, break, and understand your tokens like a pro.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!

Various exploit scripts and code snippets I've created over the years for HTB, Vulnhub, CTFs, etc.

A container repository for my public web hacks!

Keylogger, Screenlogger, Installer, Uninstaller, Archiver

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Tfsec is now part of Trivy

A Blazing fast Security Auditing tool for Kubernetes

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Ku…

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

kubeaudit helps you audit your Kubernetes clusters against common security controls

Hunt for security weaknesses in Kubernetes clusters

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Cybersecurity AI (CAI), the framework for AI Security

syzkaller is an unsupervised coverage-guided kernel fuzzer