Stars
Abuse trust-boundaries to bypass firewalls and network controls
jxscout superpowers JavaScript analysis for security researchers
FrogPost: postMessage Security Testing Tool
🦔 PostHog provides open-source web & product analytics, session recording, feature flagging and A/B testing that you can self-host. Get started - free.
📄 Configuration files that enhance Cursor AI editor experience with custom rules and behaviors
Check subdomains for subdomain takeovers and other DNS tomfoolery
📍 A map of my life, where each week I've been alive is a little box.
View HTTP/HTTPS requests made by any Linux program
Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
A collection of prompts to challenge the reasoning abilities of large language models in presence of misguiding information
Updated version of https://codeshare.frida.re/@Numenorean/ios-instagram-facebook-ssl-pinning-bypass/
Burp Plugin to Bypass WAFs through the insertion of Junk Data
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
A small command-line utility to artificially limit the input rate to STDIN.
Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
Gather and update all available and newest CVEs with their PoC.
Secure open source cloud runtime for AI apps & AI agents
Extract phone numbers from an audio recording of the dial tones.
Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
Automated learning of regexes for DNS discovery
My OSCP Pre-Preparation Phase. I'm not sure if I'll be able to afford the exam but what count's trying and learning things. I'm gonna give it a try. [Start Date: 21st March 2022]
A tool to inspect and attack version 1 GUIDs