Stars
Scrape, Hunt, and Transform names and usernames
微舆:人人可用的多Agent舆情分析助手,打破信息茧房,还原舆情原貌,预测未来走向,辅助决策!从0实现,不依赖任何框架。
A simple Xposed module based on LSPosed's Modern Xposed API, that fast-forwards face unlock by skipping the biometric confirmation step in System UI on Android 10+.
Bypass iOSSecuritySuite jailbreak detection
SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information.
A fork of KitsuneMagisk. Thanks to the original author @HuskyDG.
This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of s…
Detection for CVE-2025-61882 & CVE-2025-61884
TapTrap is a new attack on Android that lures you into performing actions you did not intend to do. This allows an app to silently access your camera or location, or even erase your entire device —…
Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables users to generate intelligent security testing prompts and tai…
A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
Redis exploit and Pentesting guide for penetration tester
Talk to any LLM with hands-free voice interaction, voice interruption, and Live2D taking face running locally across platforms
🔗 A curated list of awesome Caido related projects
SVG XSS Exploiter is a web tool built with Python and Flask that lets users inject JavaScript payloads into SVG images to simulate XSS attacks. Made for ethical hackers and security researchers, it…
An open-source AI agent that brings the power of Gemini directly into your terminal.
Public repository of the QuickJS Javascript Engine.
💪🏻 Blazing-fast system monitoring for your desktop (built with Rust, Tauri & Svelte)
Java decompiler, assembler, and disassembler
Caido plugin that hunts CSP misconfigs & cracks headers wide open.
GraphQL Analyzer brings powerful GraphQL analysis directly into Caido. Automatically discover schemas, visualize relationships, and assess security risks with an integrated testing suite.
Useful configurations for the DomLogger++ extension
JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具
A web security research tool for DOM testing
A research project to add some brrrrrr to Burp
A Productivity-Boosting Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing. Built with the Montoya API and modern Kotlin tooling.