The community's most comprehensive, continuously-updated index of research on Large Language Models for software vulnerability detection — papers across function-level, repository-level, agentic, a…

Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagements, analyze recon, research exploits, build detections, a…

DeepTeam is a framework to red team LLMs and AI agents.

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…

Lists of independent cybersecurity blogs covering threat intelligence, purple team, red team, threat hunting, and detection engineering. Most are personal blogs maintained by practitioners who publ…

Claude Code learns from your corrections: self-correcting memory that compounds over 50+ sessions. Context engineering, parallel worktrees, agent teams, and 17 battle-tested skills.

Open-Source Frontier Voice AI

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…

Free, open-source macOS cleaner. CleanMyMac alternative with zero telemetry. Native SwiftUI, scheduled auto-cleaning, Xcode/Homebrew/system cache cleanup. MIT licensed.

Web vulnerability scanner written in Python3

OWASP Autonomous Penetration Testing Standard

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Hunt down social media accounts by username across social networks

📡 Comprehensive collection of OSINT tools for cybersecurity professionals, researchers, and bug bounty hunters. Topics: information gathering, reverse search, red team, trust & safety, AI.

A collection of notebooks/recipes showcasing some fun and effective ways of using Claude.

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

Private key usage verification

RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.

Exploits and Security Tools Framework 2.0.1

An evil RAT (Remote Administration Tool) for macOS / OS X.

A java library for hashing

A modern vulnerable web app

Ethereum miner with OpenCL, CUDA and stratum support

The Credential Mapper

OWASP ASVS checklist for audits

Application Security Verification Standard

Know the dangers of credential reuse attacks.

AWS Security Odyssey: A hands-on journey with security services and controls in the AWS cloud.