Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation firewalls en route to the target.

Trail of Bits Testing Handbook

CasaOS - A simple, easy-to-use, elegant open-source Personal Cloud system.

A not-curated list of cloud hacking labs

This repository contains various attack against Large Language Models.

assetwarden is a simple monitoring framework that detects changes in JS files of websites

Fully open source, End to End Encrypted alternative to Google Photos and Apple Photos

🌀 A log file highlighter

Active Directory and Internal Pentest Cheatsheets

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Automatic tool for DNS rebinding-based SSRF attacks

Bcheck scripts for Burp

Quickly fetches files from Wayback Machine.

🐶 Lightweight scripts for quick checks in web security assessments

VMware Aria Operations for Logs CVE-2023-34051

An Obsidian.md plugin that syncs highlights from Raindrop.

Generative fill in 3D.

Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusias…

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, …

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

LangChain for Go, the easiest way to write LLM-based programs in Go

A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows

A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.

We write your reusable computer vision tools. 💜

Fast HTTP enumerator

automatically tests prompt injection attacks on ChatGPT instances

Determine privileges from cloud credentials via brute-force testing.

A small script to resolve domains to Azure AD tenants (and OAuth login portals)

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

Low-cost LS/FS/HS USB sniffer with Wireshark interface