Open-source PACS / RFID lab you can build at home! Can be built via custom PCB, or completely with off the shelf parts.

Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.

Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing.

BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.

Automated prompt injection testing framework for LLM-integrated applications with dual-LLM architecture.

Scan the world (for secrets)

A lightweight, robust Python utility for seamlessly uploading Bloodhound JSON/ZIP data to a Bloodhound Community Edition (CE) instance

A BloodHound OpenGraph collector that models Windows local privilege escalation as interconnected attack paths.

evilwaf is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Interactive XSS Labs to get into Client-Side Hacking

Ragnar is a Powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT and is Father of Bjorn. It discovers network targets, open ports, exposed service…

ESP32-DIV HaleHound Edition for Cheap Yellow Display - Multi-protocol offensive security toolkit

Lab used for workshop and CTF

SCAM - Security Comprehension Awareness Measure | Open-source benchmark that tests AI agents' security awareness during realistic, multi-turn workplace tasks.

Red Team Toolkit - A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.

A covert module that supports keystroke injection, keylogging, wireless access, and detection-evasion for red-team engagements

The Official WiFi Pineapple Pager Payload Repository

This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.

Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection

Hidden parameters discovery suite

🎯 Advanced GPT-5 Powered Ghidra Reverse Engineering MCP Server | 7 AI-Enhanced Analysis Tools | Professional Binary Analysis | TechSquad Inc. Proprietary Software

Public PoC + Scanner and research for CVE-2025-68613: Critical RCE in n8n Workflow Automation via Expression Injection (CVSS 10.0). Includes detection tools, full exploit, and remediation guidance.

Reverse engineered remote control using an ESP32 for the Charlton & Jenricks fireplace range.

All-in-One malware analysis tool.

Pack/Encrypt/Obfuscate ELF + SHELL scripts

IoT pentesting tools for ONVIF-enabled devices

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026