Vulnerable application using Kafka

A universal memory dumper using Frida for Python 3

Intentionally vulnerable iOS application

Intentionally vulnerable Android application.

Open-source mobile security testing suite for iOS and Android. Previously Passionfruit

Cloud agnostic IAM permissions enumerator

This module configures the chrome flag --ignore-certificate-errors-spki-list, this bypasses the NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED cert error produced by Certificate Transparency (CT) intro…

SQLMap wrapper that lets you use Interact.sh as a DNS server for exfiltrating data with zero configuration

Exploit for CVE-2025-11001 or CVE-2025-11002

Orchestrate microservice-based process flows

Automatic SQL injection and database takeover tool

CLI enabling more autonomous black-box penetration tests using Large Language Models (LLMs)

Massgitleaks automates bulk secret scanning across multiple git repositories as a gitleaks wrapper with advanced reporting and pentester-friendly features.

match command-line arguments to their help text

Autonomous coding agent right in your IDE, capable of creating/editing files, executing commands, using the browser, and more with your permission every step of the way.

Magic hashes – PHP hash "collisions"

PwnPad is an affordable, hands-on hardware hacking platform built for practical learning. It features a range of challenges that walk users through key hardware security concepts, from PCB design t…

Advanced SQLMap command builder with an intuitive cheatsheet UI. Works locally in your browser as a single HTML file (no data sent anywhere).

This node script changes behavior of a Postman application to be used locally (without online services)

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…

Java RMI Vulnerability Scanner

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Small subset of Bash and Python scripts which could be used for rapid network recon

Place where I'm putting all the scripts and config files regarding Active Directory Security.

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

YARA malware query accelerator (web frontend)

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Cross-platform incident response and live forensics toolkit with built-in detection, structured analysis, and report generation — designed for fast, actionable security investigations.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.