Stars
A tool for monitoring bug bounty programs across multiple platforms to track scope changes.
Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.
Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the integration of webhooks, this tool sends real-time updates when…
The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, No-code agent builder, MCP compatibility, and more.
A command-line productivity tool powered by AI large language models like GPT-4, will help you accomplish your tasks faster and more efficiently.
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Pen Test Report Generation and Assessment Collaboration
BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate…
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
A curated list of the most common and most interesting robots.txt disallowed directories.
Differential testing framework for HTTP implementations
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar…
Ligue automaticamente para empresas de cobrança e deixe uma voz falando "Alô?" sem parar.
Repositório para o programa de contratamento de mulheres em segurança do N
Identify virtual hosts by similarity comparison
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
Implementation of GigaGAN, new SOTA GAN out of Adobe. Culmination of nearly a decade of research into GANs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
Ghostscript command injection vulnerability PoC (CVE-2023-36664)
Android in docker solution with noVNC supported and video recording
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL).