A recursive internet scanner for hackers.

Unsecure time-based secret exploitation and Sandwich attack implementation Resources

The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, and more.

A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues

Drag & drop UI to build your customized LLM flow

Langflow is a low-code app builder for RAG and multi-agent AI applications. It’s Python-based and agnostic to any model, API, or database.

Creating and Using an Open Assistant API locally (Pythia 12B GPT model)

♾️ toolkit for air-gapped LLMs on consumer-grade hardware

Interact with your documents using the power of GPT, 100% privately, no data leaks

🦜🔗 Build context-aware reasoning applications

YesWeHack Api Extension for Burp

AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

Twitter vulnerable snippets

An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Pentest Report Generator

A Burp Suite extension to extract datas from source code while browsing.

Subdomain finder

A fast, simple, recursive content discovery tool written in Rust.

In-depth attack surface mapping and asset discovery

Generates permutations, alterations and mutations of subdomains and then resolves them

Automated & Manual Wordlists provided by Assetnote

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Directory/File, DNS and VHost busting tool written in Go

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Monitoring framework to detect and report newly found subdomains on a specific target using various scanning tools

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports