中文小黑怪诞正文配图生成 Skill | 16:9 白底手绘 | 少量红橙蓝批注 | Codex Skill

Runtime security monitoring and control for AI agents. Catches malicious tool use, prompt injection, and policy drift in real time, before the agent acts.

HackAgent is an open-source security toolkit to detect vulnerabilities of your AI Agents

Bug bounty agent framework for Claude Code, Codex, Gemini, Cursor, Windsurf, Copilot, and OpenClaw — 48 agents, 26 commands, 19 CLI tools, 2 MCP servers, autonomous hunt loops, exploit chain builder.

🎨 Local-first, open-source Claude Design alternative. 🖥️ Native desktop app. ⚡ 259+ Skills · ✨ 142+ Design Systems 🖼️ Web · desktop · mobile prototypes · slides · images · videos · HyperFrames 📦 Sa…

Multi-Cloud Security Auditing Tool

18 Claude Code skill files for smart contract security — built from 2,749 Immunefi reports, 681 DeFiHack reproductions, and real hunt experience

Security testing toolkit for AI Agent: curated SecLists wordlists, injection payloads, and expert agents for authorized pentesting, CTFs, and bug bounties

AzPolicyFactory is a Infrastructure as Code solution for deploying Azure Policy resources using Azure Bicep

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

A collection of scripts for assessing Microsoft Azure security

Training course materials and notes related to SAP security audit and penetration testing

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

MCP Fusion - The TypeScript framework for secure MCP servers.

Enterprise IAM platform based on Keycloak 26 — multi-tenant, GKE multi-region, with integration examples for Spring Boot, .NET 9, NestJS, Express, FastAPI, Quarkus, Next.js, Angular, React and Vue

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)

sap-security-mcp

Claude Skill - SAP Private Cloud ERP Expert - RISE with SAP

A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

An AI Security Testing Playbook with labs for prompt injection, RAG poisoning, and tool attacks

AzPolicyFactory is a Infrastructure as Code solution for deploying Azure Policy resources using Azure Bicep

A complete list of SAP MCP Servers and SAP AI Skills

Pentesting Cheatsheet (Continuosly updating it)

Active Directory Attack Architecture Map Comprehensive Pentest Reference — From Recon to Domain Dominance

Phishing tool script which generate phishing websites with a link to send to victim, the link genrated comes together with a QR code.Medusa Phisher helps pentesters to evaluate how well employees r…

Production-ready plugins for SAP development with AI coding assistants — BTP, CAP, Fiori, ABAP, HANA, Analytics Cloud, Datasphere, and more

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a rang…