Stars
Awesome MCP Servers - A curated list of Model Context Protocol servers
Automated web vulnerability scanning with LLM agents
A local-first personal finance app
A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
A tool to dump a git repository from a website
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
Template-based docx report creation
rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
Automated & Manual Wordlists provided by Assetnote
The recursive internet scanner for hackers. π§‘
π π Find secrets and passwords in container images and file systems π π
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Utility program to perform multiple operations for a given subnet/CIDR ranges.
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
Wordlists for creating statistically likely username lists for use in password attacks and security testing
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!