✅Browser ❌Cloudflare ✅Host — Generator of customized Cloudflare error pages (unofficial)

The next-generation file converter. Open source, fully local* and free forever.

🛜 ESPectre 👻 - Motion detection system based on Wi-Fi spectre analysis (CSI), with Home Assistant integration.

Collection of links on bad opsec

A resources for who want to learn and get deep into client-side bugs

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

AI agent for autonomous cyber operations

AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of s…

This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interviews 😉

Scalene: a high-performance, high-precision CPU, GPU, and memory profiler for Python with AI-powered optimization proposals

Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

FrogPost: postMessage Security Testing Tool

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Security reconnaissance and assessment tool for identifying potentially exposed IP cameras by analyzing open ports, service configurations, and common misconfigurations.

A visual reference of 118 essential red team tools, frameworks & standards, organized like a periodic table. Includes a printable PDF version.

A collection of useful tools and scripts were developed and gathered throughout the Offensive Security's PEN-300 (OSEP) course.

Cameradar hacks its way into RTSP videosurveillance cameras

eXtensions for Financial Services (XFS) proof of concept client to explore and issue commands directly to the devices that support the protocol. Force ATMs to dispense cash if you have code executi…

List DTDs and generate XXE payloads using those local DTDs.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Deserialization payload generator for a variety of .NET formatters

[GITLAB MIRROR] Ludus is a system to build easy to use cyber environments for testing and development.

DeepTeam is a framework to red team LLMs and LLM systems.

Publication-ready NN-architecture schematics.

real time face swap and one-click video deepfake with only a single image

OSWE, OSEP, OSED, OSEE

A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.

Injects additional machine instructions into various binary formats.