🕵️‍♂️ Offensive Google framework.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

A PoC backdoor that uses Gmail as a C&C server

Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices

Tookie is a advanced OSINT information gathering tool that finds social media accounts based on inputs.

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azur…

A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.

Finds Instagram location IDs near a specified latitude and longitude.

Tool to find CVEs and Exploits.

Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.

A dope AF repo of all customized plugins & configurations I use as seen on my socials / YouTube. Helpful guides and troubleshooting too.

Retired TrustedSec Capabilities

Wi-Fi Framework for creating proof-of-concepts, automated experiments, test suites, fuzzers, and more.

Repo for Concierge AI dev work

Attack to induce LLMs within hallucinations

A LLM explicitly designed for getting hacked

Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)

WifiForge is a tool developed by Black Hills InfoSec to help train Pentesters on different Wi-Fi attack vectors and Wireless capabilities.

Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.

Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomain takeover (public results), along with detailed metadata l…

A PoC backdoor that uses Gmail as a C&C server

AI-powered tool designed to help security professionals detect vulnerabilities at machine speed and extract insights from extensive bug bounty reports. By leveraging Generative AI and Retrieval-Aug…

An AWS native data mobility solution for Crowdstrike Falcon Data Replicator ETL into the Amazon Security Lake in OCSF v1.2.0 format.