A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
Wordlists handcrafted (and automated) with ♥
Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun 🕵️♂️
Fast, multi-protocol credential brute-forcer. Parses Nmap, Nessus, and Nexpose output to automatically test default and custom credentials a…
Repository of Bug-Bounty Writeups
Buildware-Tools is an all-in-one multitool for security research and automation.
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration,…
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the activ…
Cache Commander — a TUI and MCP server to explore, audit, and clean developer cache directories. Scan for CVEs, find outdated packages, recl…
Automated IP Camera & Network Video Stream Reconnaissance Toolkit
[scanner] [TcpListener] [FileMiner] [Subscrabber]…
Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.
💻 Certified ethical hacker summary in bullet points
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive managem…
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tool…
承影,愿你在光影之间,找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like applicat…
AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Co…
AI-powered cybersecurity code review skill for Claude Code. 8 specialist agents, OWASP 2025, CWE Top 25, MITRE ATT&CK, 11 languages, zero co…
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Automated All-in-One OS Command Injection Exploitation Tool
Automate Scoping, OSINT and Recon assessments.
A powerful browser crawler for web vulnerability scanners
A fast tool to scan CRLF vulnerability written in Go