Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

jsleak is a tool to find secret , paths or links in the source code during the recon.

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

Research, Plan, Implement Workflow for Claude Code

AirLLM 70B inference with single 4GB GPU

Browser-based iOS IPA security analyzer.

Minimal plugin that lets Claude Code call you on the phone.

A one stop repository for generative AI research updates, interview resources, notebooks and much more!

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks

This is a container of web applications that work with OWASP Bug Bounty for Projects

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

⚓️ Easily test HTTP webhooks with this handy tool that displays requests instantly.

NeuroSploitv2 is an advanced, AI-powered penetration testing framework designed to automate and augment various aspects of offensive security operations. Leveraging the capabilities of large langua…

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

Force Remove Copilot, Recall and More in Windows 11

🔥📜 Forbidden collection of Red Team sorcery 📜🔥

All the deals for InfoSec related software/tools this Black Friday

A collection of BBRF agents that can be deployed to AWS lambda

CT Log Scanner

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…

Open Source Cloud Native Application Protection Platform (CNAPP)

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓