A repository for learning various heap exploitation techniques.

AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)

Open-source AI hackers to find and fix your app’s vulnerabilities.

A script that you can run in the background!

A large portion of this configuration is based on Igor Babko's VS Code setup, presented in (https://www.youtube.com/watch?v=VmFOsK7IhI4). This repo takes that foundation and tweaks it to fit a diff…

Satty - Modern Screenshot Annotation.

Burp Plugin to Bypass WAFs through the insertion of Junk Data

A research project to add some brrrrrr to Burp

Collaborative cheatsheets for console commands 📚.

aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.

Auto Frida is a powerful, all-in-one automation toolkit that handles everything from Frida installation to script injection. Zero manual setup required – just connect your device and start testing.

NetworkSherlock: powerful and flexible port scanning tool With Shodan

A powerful open-source tool for managing networks and troubleshooting network problems!

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Lab used for workshop and CTF

CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Hack The Box CPTS, CWES, CDSA, CWEE, CAPE, CJCA Exam and Lab Reporting / Note-Taking Tool

A simple browser extension to quickly find interesting security-related information on a webpage.

Get 10k subdomains in securitytrails using cookie without apikey.

Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.

List of Stuff I did to get through the OSCP :D

Credentials recovery project

Ico repository for Folder11

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

An open-source AI agent that brings the power of Gemini directly into your terminal.