Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

CLI and library for Roblox Open Cloud API

3D Printable Retro-style Raspberry Pi HQ Camera

A Raspberry Pi Camera

Multi-architecture readsb-protobuf container with support for RTLSDR, bladeRF and plutoSDR (x86_64, arm32v7, arm64v8)

Community curated list of templates for the nuclei engine to find security vulnerabilities.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

AI-Powered Photos App for the Decentralized Web 🌈💎✨

A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

In-depth attack surface mapping and asset discovery

Matter (formerly Project CHIP) creates more connections between more objects, simplifying development for manufacturers and increasing compatibility for consumers, guided by the Connectivity Standa…

A generator of weird files (binary polyglots, near polyglots, polymocks...)

A visualizer for dump1090 ADSB data

Dump1090 is a simple Mode S decoder for RTLSDR devices

Rojo enables Roblox developers to use professional-grade software engineering tools

A (Windows) desktop application wrapper for https://github.com/grocy/grocy

Fast subdomains enumeration tool for penetration testers

Arduino RFID Library for MFRC522

ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Attack Surface Management Platform

Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Fetch many paths for many hosts - without killing the hosts

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

A list of interesting payloads, tips and tricks for bug bounty hunters.

A toolset to track and organize output of reconnaissance tools