Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

🐍 High-performance, multi-threaded YARA & IOC scanner

An IIS short filename enumeration tool

A path-normalization pentesting tool.

Chisel new generation, written in rust. SSH under WSS with some customization.

A script that you can run in the background!

Go HTTP client with browser-identical TLS/HTTP2 fingerprinting. Bypass bot detection by perfectly mimicking Chrome, Firefox, and Safari at the cryptographic level (JA3/JA4, Akamai fingerprint, head…

In this article, I will show you how to build your first AI agent from scratch using Google’s ADK (Agent Development Kit). This is an open-source framework that makes it easier to create agents, te…

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

X-UI PRO nginx reverse proxy with WS/gRPC/HttpUpgrade/SplitHttp support,Xray protocol support: vless,vmess,trojan,shadowsocks xui panel Cloudflare auto SSL,XTLS-rprx,SSR,v2fly Bypass restrictions:…

Script and ansible role to setup Xray-core with VLESS+Reality steal-self and TCP transport

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

WormGPT kawaii ver

ripgrep recursively searches directories for a regex pattern while respecting your gitignore

SVG XSS Payloads

A curated list of MCP servers for bug bounty.

🤖 LLM-powered agent for automated Google Dorking in bug hunting & pentesting.

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Scira (Formerly MiniPerplx) is a minimalistic AI-powered search engine that helps you find information on the internet and cites it too. Powered by Vercel AI SDK!

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

GO Simple Tunnel - a simple tunnel written in golang

A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python.

An enterprise friendly way of detecting and preventing secrets in code.

Find secrets with Gitleaks 🔑

Abuse trust-boundaries to bypass firewalls and network controls

Lightweight anonymous browser that works via I2P. Ideal for those who want quick and easy access to I2P without heavy add-ons.

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Firepwn is a tool made for testing the Security Rules of a firebase application.