A Claude/Gemini/Grok/GPT Skills built from [PayloadsAllTheThings], enabling Agent to look up attack payloads and bypass techniques on demand during penetration testing, bug bounty hunting, and CTF …

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Use Garry Tan's exact Claude Code setup: 23 opinionated tools that serve as CEO, Designer, Eng Manager, Release Manager, Doc Engineer, and QA

OpenClaw: Use All Major AI Models NO API Token! Claude/ChatGPT/Gemini/DeepSeek/Doubao/Grok/Qwen/Manus/Kimi

Python implementation for PetitPotam

PortSwigger Web Security Academy

Encoder PHP webshell to bypass WAF using XOR operations.

EwoMail是基于Linux的企业邮箱服务器，集成了众多优秀稳定的组件，是一个快速部署、简单高效、多语言、安全稳定的邮件解决方案

gophish modified

Just a crap vulnerability detection tool.

Ai迷思录（应用与安全指南）

A powershell password sprayer based on LDAP.

🩻 Web Check API - Xray Vision for any Website

Awesome curated collection of images and prompts generated by GPT-4o and gpt-image-1. Explore AI generated visuals created with ChatGPT and Sora, showcasing OpenAI’s advanced image generation capab…

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations

Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.

RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

Red team Interview Questions

A fast TCP/UDP tunnel over HTTP

Prompt越狱手册

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

An offensive data enrichment pipeline

Ai迷思录（应用与安全指南）

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Windows Local Privilege Escalation Cookbook