This guide is designed for OpenClaw itself (Agent-facing), not as a traditional human-only hardening checklist.

Automated bug bounty reconnaissance and scanning agent

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

Interactive Network Scanner

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

A free open source IT asset/license management system

HackGPT Enterprise is a production-ready, cloud-native AI-powered penetration testing platform designed for enterprise security teams. It combines advanced AI, machine learning, microservices archi…

CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs of Adamkadaban

Intelligence and Reconnaissance Package/Bundle installer.

ChatGPT DAN, Jailbreaks prompt

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

ReconX is an advanced reconnaissance script designed for discovery and analysis to help you gather information about a target domain.

Web Application Security Scanner Framework

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

🕵️‍♂️ All-in-one OSINT tool for analysing any website

An OSINT tool that discovers sub-domains by searching Certificate Transparency logs

security environment, zsh configuration & tool designed for cybersecurity students, penetration testers & researchers. This config & script provides an organized, efficient environment with automat…

Single-file PHP shell

The Internet's Biggest and Best Collection of Bookmarks, Resources, Hidden Gems and Everything Else, MTHRFCKR!

SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty

Here we discuss how one can investigate crypto hacks and security incidents, and collect all the possible tools and manuals! PRs are welcome! If any tool is missing - please open PR!

Nightingale Docker for Pentesters is a comprehensive Dockerized environment tailored for penetration testing and vulnerability assessment. It comes preconfigured with all essential tools and utilit…

Dorks Eye Google Hacking Dork Scraping and Searching Script. Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web…

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

A script that I made to get the essentials I use for various reasons on Kali Linux.

Awesome Pentest Tools Collection

Kali Linux Fixes for Newly Imported VM's

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

Automated NoSQL database enumeration and web application exploitation tool.