A recon tool that uses ML to predict subdomains. Then returns those that resolve.

Oversecured Vulnerable Android App

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

Zero shot vulnerability discovery using LLMs

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

Private chat with local GPT with document, images, video, etc. 100% private, Apache 2.0. Supports oLLaMa, Mixtral, llama.cpp, and more. Demo: https://gpt.h2o.ai/ https://gpt-docs.h2o.ai/

Prompt Injection Primer for Engineers

Extract URLs, paths, secrets, and other interesting bits from JavaScript

An XSS exploitation command-line interface and payload generator.

CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

Windows LPE exploit for CVE-2022-37969

侦查守卫(ObserverWard)的指纹库

A simple framework for webapps

SmartCheck – a static analysis tool that detects vulnerabilities and bugs in Solidity programs (Ethereum-based smart contracts).

Tool to detect secrets in source code management systems.

Collection of PoC and offensive techniques used by the BlackArrow Red Team

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

Heuristics for smart contract auditors

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…

Confluence Server Webwork OGNL injection

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

An implementation of NSA's ExplodingCan exploit in Python

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.