AI-agent Skill for generating polished HTML slide decks: editorial magazine and Swiss layouts, image prompts, social covers, and a WebGL/low-power presentation runtime.

AI-Powered Agents for Bub-Bounty Pentesting and Red-Teaming purposes

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Multi-agent AI system for financial analysis and investment research. Uses LLMs, APIs, and agentic workflows (prompt chaining, routing, evaluator–optimizer) to analyze stocks, news, and financials.

AI-powered 7-agent sequential pipeline for autonomous startup due diligence. Researches companies, analyzes markets, builds financial models, and generates investment reports. Built with Claude and…

HackerOne "in scope" domains

腾讯云智能渗透黑客松 Official repository of Tencent Cloud Intelligent Penetration Hackathon. Showcasing top open-source projects of LLM-based autonomous penetration agents, including multi-agent collaboratio…

cc-web是通过浏览器使用cc的远程工具，主要是超轻量的设计、后台进程保活、交互界面优化，对于捉襟见肘的服务器空间有很好的帮助。支持linux和windows。

Web 安全渗透测试工具，包含端点发现、跨域消息追踪、原型污染检测、词表生成和 DOM XSS 检测

一款基于Colly的轻量级储存桶漏洞扫描器

💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp…

TL-ICScan 是由天禄实验室开发的一款面向安全研究人员、红队与蓝队的本地化漏洞情报聚合与分析工具。

Burp插件 TLA Watcher：分为两个模块：流量管理模块、扩展功能模块（脆弱风险检测）

弱口令检测、 漏洞扫描、端口扫描（协议识别，组件识别）、web目录扫描、等保工具（网络安全等级保护现场测评工具）内置3级等保核查命令、基线核查工具、键盘记录器

A wrapper around grep, to help you grep for things

Zero-Config Code Flow for Claude code & Codex

A lightweight Python-based tool to extract and enumerate Android components and automatically generate practical ADB commands

Distributed transactional key-value database, originally created to complement TiDB

A dynamic, Flask-based web application providing a centralized interface for executing various open-source intelligence (OSINT) and cybersecurity command-line tools.

Swagger/OpenAPI/WSDL/SOAP 接口 Fuzz 工具， —— 面向 API 安全测试的轻量化命令行工具。

Multi-harness agentic plugin marketplace for Claude Code, Codex CLI, Cursor, OpenCode, GitHub Copilot, and Gemini CLI

手动 Cookie 认证绕过人机验证、Nginx + FastAPI 高性能异步架构、实时增量流转换、Docker 一键部署、无缝兼容 OpenAI API 生态

基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。

dirsx 是一款能够自动化过滤扫描结果的目录扫描工具

A frida tool to dump dex in memory to support security engineers analyzing malware.

Pure Malware Development Resource Collections