Cybersecurity AI (CAI), the framework for AI Security

unleashed ffuf

An experimental high-performance DNS query bruteforce tool built with AF_XDP for extremely fast and accurate bulk DNS lookups.

The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight supported c…

ai-based domain name generation

Scan for misconfigured S3 buckets across S3-compatible APIs!

The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning-On Your Terms. Easily distribute arbitrary binaries and scripts using any of our nine supported cl…

Data pipelines for cloud config and security data. Build cloud asset inventory, CSPM, FinOps, and vulnerability management solutions. Extract from AWS, Azure, GCP, and 70+ cloud and SaaS sources.

SSHamble: Unexpected Exposures in SSH

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Kubernetes focused container assessment and context discovery tool for penetration testing

The most exhaustive list of reliable DNS resolvers.

Find, verify, and analyze leaked credentials

A list of open source web security scanners

A repo to automatically generate and keep updated a series of Docker images through GitHub Actions.

The scripts I write to help me on my bug bounty hunting

Nuclei templates written by geeknik. Claude is my co-pilot. 🤖

Keep track of changes in website with WEBSY

Interlace C++

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

gjfy is a standalone one-time link server. Use it to securely share secrets.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Small and highly portable detection tests based on MITRE's ATT&CK.

A scalable overlay networking tool with a focus on performance, simplicity and security

SSRF (Server Side Request Forgery) testing resources

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Bugbounty scope tool

transparent TCP-to-proxy redirector

Module and example scripts to help test the security of Erlang Runtime System (ERTS) nodes using Erlang Distribution Protocol