Dump DEX files from a running Android process without instrumentation

Self-hosted private chat: no cloud, no telemetry, no Big Tech. Discord alternative that runs on your own machine.

Build and query a graph database representation of source code

Static analyzer for Flutter/Dart AOT snapshots

Hermes Agent 从入门到精通 · 橙皮书系列 · Nous Research 开源 AI Agent 框架实战指南

The agent that grows with you

Project N.O.M.A.D, is a self-contained, offline survival computer packed with critical tools, knowledge, and AI to keep you informed and empowered—anytime, anywhere.

Google Drive public file downloader when curl/wget fails.

A lightweight, open-source, fully local alternative to Logitech Options+ for remapping Logitech HID++ mice.

AndroHunter

Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.

Undiscord - Delete all messages in a Discord server / channel or DM (Easy and fast) Bulk delete

100+ AI Agent & RAG apps you can actually run — clone, customize, ship.

Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war, apk, ipa, ...) archives

Local LLM for VS Code - an open-source extension for private, offline AI coding assistance and chat.

Hands-on challenges for learning how to reverse engineer Flutter applications.

SutraAI is a lightweight, open-source framework for orchestrating AI agent pipelines. Designed for developers who want control, hackability, and offline execution, SutraAI lets you sequence small-t…

The most powerful and modular diffusion model GUI, api and backend with a graph/nodes interface.

Runs 405B LLMs on 8GB VRAM

This project contains the different security vulnerability with the corresponding fluentTQL specifications. https://fluenttql.github.io/fluenttql.catalog/

Firepwn is a tool made for testing the Security Rules of a firebase application.

CLI to download websites' actual JS/CSS/assets (not flattened HTML)

list of awesome platforms, tools, and resources run for LLMs locally

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

A Basic Roku channel for watching IPTV

A powerful obfuscator for JavaScript and Node.js

A remote live memory viewer PoC based on the MongoBleed vulnerability primitive!

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…