An up-to-date export of cloud provider IP address ranges

Visualization tool for Graph Neural Networks

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact dire…

Collection of Meta's DNS Libraries

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

Scanner to identify dangling DNS records and subdomain takeovers

Graph database optimized for fast analysis and real-time data processing. It is provided as an extension to PostgreSQL.

Fast DNS Lookup Library and CLI Tool

Evals is a framework for evaluating LLMs and LLM systems, and an open-source registry of benchmarks.

Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.

A list of 600+ URL shorteners (i.e goo.gl, bit.ly)

Lists of Dynamic DNS Domains/FQDNs as well as lists of services/providers that offer free dynamic dns domains.

Scan DockerHub images that match a keyword to find secrets.

A set of Zeek scripts to detect ATT&CK techniques.

🎄Visualization and annotation of phylogenetic trees

A command-line benchmarking tool

Train Tesseract LSTM with make

An automated approach to performing recon for bug bounty hunting and penetration testing.

A fast Go Avro codec

the Wayback Machine, and Common Crawl. Originally built as a microservice. #hacking #bugbunty #bughunting #cybersecurity #security

Poor (rich?) man's bug bounty pipeline https://dubell.io

A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in Python.

PostMessage extension

Keep track of internships for Summer 2020 for undergraduates interested in tech./SWE/related fields

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

A bot that creates and posts dank memes whenever a Yubikey is accidentally posted in GroupMe/Slack

A static analysis security vulnerability scanner for Ruby on Rails applications