Catch API bugs before your users do

Obtain GraphQL API schema even if the introspection is disabled

Android deeplink misconfiguration detector and exploitation tool

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Probe a rendering engine for vulnerabilities and other features

💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp…

Obsidian plugin — audit + auto-cleanup of your vault. Detects broken links, orphan notes, duplicates, ghost attachments. Local-first, dry-run by default.

CORS Misconfiguration Scanner

Deriving RSA public keys from message-signature pairs

Clone this repo to build Frida

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Find, verify, and analyze leaked credentials

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Timelock Encryption made practical. The Go `tlock` library and the `tle` cmd line tool home to encrypt towards the future.

An open source personal productivity platform built on Markdown, turbo charged with the scripting power of Lua

how to look for Leaked Credentials !

one-for-all llm powered, passive & active subdomain enumeration tool

A `.git` folder disclosure exploit

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.

Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and handling git workflo…

A visual, example-driven guide to Claude Code — from basic concepts to advanced agents, with copy-paste templates that bring immediate value.

An agent-managed museum exhibit, built in Rust with Gajae-Code / LazyCodex — developed and maintained with no human intervention.

Simple CLI program that will fetch and convert a HackTheBox Academy module into a local file in Markdown format.

OSINT resources and tools by country, structured for fact-checkers and digital profilers

A little tool to play with Windows security

Simple CLI program that will fetch and convert a HackTheBox Academy module into a local file in Markdown format.