rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks

An overview of LLMs for cybersecurity.

Google's Security extension for the Gemini CLI that finds vulnerabilities in your code changes and pull requests.

Primers for Specialist AI Smart Contract Auditors

A collection of MCP servers.

ESLint Plugin focused on common security issues and misconfigurations.

Fully open reproduction of DeepSeek-R1

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Collection of Cyber Threat Intelligence sources from the deep and dark web

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

A cheat sheet that contains advanced queries for SQL Injection of all types.

dnsenum is a perl script that enumerates DNS information. Officially mainlined in Kali Linux

DNS Enumeration Script

The Swiss Army knife for automated Web Application Testing

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Fast iOS executable dumper

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

A Workflow Engine for Offensive Security

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

Making Favicon.ico based Recon Great again !

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

Web Attack Cheat Sheet

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices