Fast DNS Lookup Library and CLI Tool

Atmosphère is a work-in-progress customized firmware for the Nintendo Switch.

The Swift Programming Language

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

A fast Go Avro codec

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…

A static analysis security vulnerability scanner for Ruby on Rails applications

Evals is a framework for evaluating LLMs and LLM systems, and an open-source registry of benchmarks.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🎄Visualization and annotation of phylogenetic trees

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.

Collection of Meta's DNS Libraries

Graph database optimized for fast analysis and real-time data processing. It is provided as an extension to PostgreSQL.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

A command-line benchmarking tool

An up-to-date export of cloud provider IP address ranges

A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python.

Train Tesseract LSTM with make

A list of 600+ URL shorteners (i.e goo.gl, bit.ly)

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Scanner to identify dangling DNS records and subdomain takeovers

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A set of Zeek scripts to detect ATT&CK techniques.

Poor (rich?) man's bug bounty pipeline https://dubell.io

Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.

Reconnaissance tool for GitHub organizations

Visualization tool for Graph Neural Networks

the Wayback Machine, and Common Crawl. Originally built as a microservice. #hacking #bugbunty #bughunting #cybersecurity #security