OWASP VulnerableApp Project: Break it. Scan it. Reproduce it. Benchmark against it. Improve it.

Automating the MITM attack on WSUS

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

A collection of useful prompts and system prompts for security-oriented code reviews

Open-source mobile security testing suite for iOS and Android. Previously Passionfruit

Extract Windows credentials directly from VM memory snapshots and virtual disks

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

Set up a personal VPN in the cloud

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

KslDump — Why bring your own knife when Defender already left one in the kitchen?

SSL pinning bypass setup for iOS (No Jailbreak) using OpenVPN + iptables traffic redirection to proxy (Burp Suite / mitmproxy)

Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs

Open-source endpoint detection engine for Windows and Linux using ETW, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.

Proper sandboxing for agentic coding and web browsing

A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, without touching LSASS process memory.

PowerShell implementation for AD CS

The open-source AI voice studio. Clone, dictate, create.

Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!

HTML parser for PEAS output with additional features

No-as-a-Service (NaaS) is a simple API that returns a random rejection reason. Use it when you need a realistic excuse, a fun “no,” or want to simulate being turned down in style.

EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.

Tool to find common vulnerabilities in cryptographic public keys

Rust-powered HTTP Request Smuggling Scanner.

Serverless AITM Simulation Framework for Entra ID and M365

Wirebrowser is a CDP-based runtime instrumentation platform for the browser. Think Frida, but for JavaScript running in Chrome — without monkeypatching.

A Dockerized build pipeline for custom Windows x64 shellcode

Windows internals and exploitation tricks

Windows Session Hijacking via COM

RDP Bitmap Cache parser

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.