HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations. 赋能白帽，高效作战！

Python tool for converting files and office documents to Markdown.

AI-Powered Agents for Bub-Bounty Pentesting and Red-Teaming purposes

Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagements, analyze recon, research exploits, build detections, a…

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

OBLITERATE THE CHAINS THAT BIND YOU

Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Certified Red Team Operator

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

DNSChef - DNS proxy for Penetration Testers and Malware Analysts

Oxidized is a network device configuration backup tool. It's a RANCID replacement!

This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles

CISSP mastery, one domain at a time. Practical guidance for professionals aiming to level up in cybersecurity.

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Get up and running with Kimi-K2.6, GLM-5.1, MiniMax, DeepSeek, gpt-oss, Qwen, Gemma and other models.

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Autoswagger by Intruder - detect API auth weaknesses

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Security reconnaissance and assessment tool for identifying potentially exposed IP cameras by analyzing open ports, service configurations, and common misconfigurations.

Gospider - Fast web spider written in Go

API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).

Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

curation of all(most) immunefi bug bounty writeups I could find(till now)