Lists (2)
Stars
A kubectl plugin that explains WHY a permission is granted in Kubernetes RBAC by showing the exact Role/ClusterRole + Binding chain.
A toolset for reverse engineering and fuzzing Protobuf-based apps
Library of Exploiting Last Frame Synchronization (also know as Single Packet Attack) on HTTP/3 - Manipulated version of quic-go lib
AIRecon is an autonomous cybersecurity agent that combines a self-hosted Large Language Model (Ollama) with a Kali Linux Docker sandbox and a Textual TUI. It is designed to automate security assess…
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
Encode/Decode gRPC-Web payloads automatically. Copied from nxenon/grpc-pentest-suite
Open Source Vulnerability Management Platform
FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…
Open source hyperconverged infrastructure (HCI) software
Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.
Zip Slip Vulnerability (Arbitrary file write through archive extraction)
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
Tools for finding SMTP smuggling vulnerabilities.
Reproduce DeFi hacked incidents using Foundry.
HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks
gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)
curation of all(most) immunefi bug bounty writeups I could find(till now)
Machine Learning Course, Sharif University of Technology
🔥 Search, scrape, and clean the web for AI agents.
A collection of smart contract vulnerabilities along with prevention methods
A list of Blockchain Security audit companies, solo auditors and location of public audits.
a javascript change monitoring tool for bugbounties