A unified interface for AI in your terminal.

EFF's 4G IMSI catcher - catcher

Rust tool to detect cell site simulators on an orbic mobile hotspot

A highly flexible AI Agent-driven EVM smart contract vulnerability detection framework

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

Rust GUI components for building fantastic cross-platform desktop application by using GPUI.

🔴 CVE-2026-22794 - Appsmith Password Reset Account Takeover via Origin Header Injection | PoC Exploit + Nuclei Template

Outcome driven agent development framework that evolves

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

wooyun-legacy skill for claude code

EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.

Local Area Network discovery tool with a modern Terminal User Interface (TUI) written in Go. Discover, explore, and understand your LAN in an intuitive way. Knock Knock.. who's there? 🚪

A path-normalization pentesting tool.

Rust Based PE & Shellcode Packer

Automatic Exploit Generation with LLMs

AWS Attack Path Scanner - Discover privilege escalation paths across 10+ AWS services

Read PostgreSQL data files without credentials - forensics, data recovery, and security research tool

CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati…

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry…

🎬 火宝短剧 - 基于AI的一站式短剧生成平台 《一句话生成完整短剧，从剧本到成片全自动化》 Huobao Drama - An AI-Powered End-to-End Short Drama Generator "One Sentence to Complete Drama: Fully Automated from Script to Final Video"

world's first Opensource fully Autonomous AI Security Engineer

Go HTTP client with browser-identical TLS/HTTP2 fingerprinting. Bypass bot detection by perfectly mimicking Chrome, Firefox, and Safari at the cryptographic level (JA3/JA4, Akamai fingerprint, head…

Proof of Concept for CVE-2026-23745: Arbitrary File Overwrite vulnerability in node-tar (versions < 7.5.3).

declutters url lists for crawling/pentesting

Fast Windows post-exploitation wins after initial access.

A calm, CLI-native way to semantically grep everything, like code, images, pdfs and more.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Android kernel exploit for CVE-2025-38352, previously exploited in-the-wild. Targets vulnerable x86_64 Linux kernels v5.10.x.

「🔑」A tool used to hunt down API key leaks in JS files and pages