A script that you can run in the background!

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Interact with your documents using the power of GPT, 100% privately, no data leaks

Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

A next-generation crawling and spidering framework.

Kubernetes Virtualization API and runtime in order to define and manage virtual machines.

Damn Vulnerable NodeJS Application

DNS server for providing TLS to webservices on local addresses

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Interactive code examples for documentation, education and fun

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

Enumerate the permissions associated with AWS credential set

Hidden parameters discovery suite

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

Project to illustrate how to build a programming language

Run queries on your Java code to check if it meets the criteria suggested by the book Effective Java. And some others.

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Pull out bits of URLs provided on stdin

Incredibly fast crawler designed for OSINT.

one-click face swap

Access large language models from the command-line

A python script that finds endpoints in JavaScript files

Automation for javascript recon in bug bounty.

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing