Ghidra is a software reverse engineering (SRE) framework

MCP Server for Ghidra

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

Open Adversarial Exposure Validation Platform

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

completely ridiculous API (crAPI)

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

🔐 A CLI tool to extract server certificates

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Intentionally vulnerable Android application.

CVE-2020-5902 BIG-IP

The TLS-Scanner Module from TLS-Attacker

Native Android Proxmark3 client (no root required)

Repository to store exploits created by Assetnotes Security Research team

A JVM agent that automatically forces a proxy for HTTP(S) connections and trusts MitM certificates, for all major JVM HTTP clients

BurpSuite Extension: A one-stop pen testing checklist and logger tool

Burp extension to use updated token values, such as a bearer token

A Burp Suite extension to add a custom header (e.g. JWT)