Get up and running with Llama 3.1, Mistral, Gemma 2, and other large language models.

Find, verify, and analyze leaked credentials

OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Securi…

In-depth attack surface mapping and asset discovery

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

An OOB interaction gathering server and client library

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

Tool to bypass 403/40X response codes.

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists

Command line fuzzer and bruteforcer 🌪 wfuzz for command