Transformer based end-to-end Web Application Firewall (WAF) pipeline

A GitHub Action for running the ZAP Full scan

GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & more.

https://fmhy.net/

An Exhaustive WhatsApp Chat Data Analysis.

A simple CORS misconfiguration scanner

Red Teaming Tactics and Techniques

GeoPort: Your Location, Anywhere! The iOS location simulator

AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.

Locally run web app and Chrome extension to remove duplicates from Google Photos

A list of AI autonomous agents

A subdomain enumeration suite.

Backend for HTTP Observatory on MDN

Official writeups and challenges for Codefest CTF 2025

recon for bug hunters

A toolkit for developing high-performance HTTP reverse proxy applications.

this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)

An alternative to Cydia Impactor and AltServer for ALL computers.

Brute-force a JWT HS256, HS384 or HS512 from your browser (online)

403/401 Bypass Methods + Bash Automation + Your Support ;)

Successor of Undetected-Chromedriver. Providing a blazing fast framework for web automation, webscraping, bots and any other creative ideas which are normally hindered by annoying anti bot systems …

Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA …