DeepTeam is a framework to red team LLMs and LLM systems.

An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.

A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers …

The AI framework that adds the engineering to prompt engineering (Python/TS/Ruby/Java/C#/Rust/Go compatible)

Bug Bounty Hunting Framework Designed to Help Beginners Compete w/ the Pros

A curated list of various bug bounty tools

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

A tool designed to automate various techniques in order to bypass HTTP 401 and 403 response codes and gain access to unauthorized areas in the system. This code is made for security enthusiasts and…

Fuzz 401/403/404 pages for bypasses

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets

A wrapper around grep, to help you grep for things

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Community curated list of templates for the nuclei engine to find security vulnerabilities.

OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.

Scan MCP servers for potential threats & security findings.

Visual testing tool for MCP servers

Hands-on MCP security lab: 10 real incidents reproduced with vulnerable/secure MCP servers, pytest regressions, and Claude/Cursor battle-tested exploit walkthroughs

Metis is an open-source, AI-driven tool for deep security code review

Official Notion MCP Server

cryptlib security toolkit

Threat Designer is a GenerativeAI application designed to automate and streamline the threat modeling process for secure system design.

OWASP Foundation web repository

A lightning-fast search engine API bringing AI-powered hybrid search to your sites and applications.

CTF challenge (mostly pwn) files, scripts etc

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!