A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

Browser extension that leverages TruffleHog and Native Messaging Hosts to scan web traffic in real-time for exposed secrets

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

An IIS short filename enumeration tool

A curated list wordlists for bruteforcing and fuzzing

Reverse proxies cheatsheet

🔥 Turn entire websites into LLM-ready markdown or structured data. Scrape, crawl and extract with a single API.

A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets

A python program that turns an LLM, running on Ollama, into an automated researcher, which will with a single query determine focus areas to investigate, do websearches and scrape content from vari…

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa…

This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

An open-source screen recorder built with web technology

This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains are resolvable.

📄 A curated list of awesome .cursorrules files

IP Logger that uses discord's "Open Original" feature to steal IP's.

LLM based autonomous agent that conducts deep local and web research on any topic and generates a long report with citations.

Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️

A Python interface to Last.fm and Libre.fm

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Frequency and preset adjustable subghz radio frequency jammer for Flipper Zero

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

An open-source RAG-based tool for chatting with your documents.

Awesome Security lists for SOC/CERT/CTI

jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice

iOS Logs, Events, And Plist Parser

Extract files from Apple devices on Windows, Linux and MacOS. Mostly a wrapper for pymobiledevice3. Creates iTunes-style backups and "advanced logical backups"