Inference-first static analysis for Ruby

Client / Server Model for GitHub Actions

Small and highly portable detection tests based on MITRE's ATT&CK.

GitHub Action to configure PyPI clients (pip etc.) with Takumi Guard

Self-hosted GitHub App that validates Pull Request reviews. It helps organizations improve governance and security by ensuring PRs cannot be merged without proper approvals while keeping developer …

Personal Zero Trust Browser Security

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Use the GCP testIamPermissions functionality to bruteforce and discover your permissions

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities bef…

Library packaging and distribution for Ruby.

[PoC] Trusted Publishing verifier for package URLs (purl)

CVE-2024-4367 & CVE-2024-34342 Proof of Concept

Redis(<=5.0.5) RCE

58 MB Google Chrome to fit inside AWS Lambda Layer compressed with Brotli

CVE-2025-48384 PoC

A minimal network monitoring MCP tool for Playwright browser automation. **Just 3 simple tools** to capture, filter, and analyze network traffic during web automation.

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

CTFs as you need them

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

an open source, extensible AI agent that goes beyond code suggestions - install, execute, edit, and test with any LLM

Open-Source Remote Administration Tool For Windows C# (RAT)

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

U16プロコンの題材となっているCHaserのNode.js製ライブラリです。

#YOLO motherfuckers!