Caddy module: dns.providers.cloudflare

The WebAssembly Binary Toolkit

A lightweight GPT model, trained to discover subdomains.

USB Raw Gadget — a low-level interface for the Linux USB Gadget subsystem

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.

MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.

Automagically reverse-engineer REST APIs via capturing traffic

qpdf: A content-preserving PDF document transformer

Testing TLS/SSL encryption anywhere on any port

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

A streamlined tool for discovering private TLDs for security research.

Whois client for Go.

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

Quickly discover exposed hosts on the internet using multiple search engines.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.

kw is our inglorious kernel developer workflow tool with a simple mission: reduce the overhead with infrastructure setup for Linux development

A tool for checking the security hardening options of the Linux kernel

Some setup scripts for security research tools.

The Python micro framework for building web applications.

Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Checksec tool in Python, Rich output. Based on LIEF