Stars
Chrome V8 n-day exploits that I've written.
Blazing fast GraphQL discovery & fingerprinting toolbox.
The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
Automated tool for patching APKs to enable the use of Frida gadget by downloading the library and injecting code into the main activity.
A tool for automated analysis of APKs to identify dependencies, de-obfuscate gross code, identify interesting files and their semantics, and generate suggestions for frida hooks.
🌐 Capture and inspect HTTP(S) traffic seamlessly across all platforms with ProxyPin's easy-to-use interface and powerful features.
Frida hook some jni functions
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
Personal Access Token (PAT) recon tool for bug bounty hunters, pentesters & red teams
This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).
SharePoint WebPart Injection Exploit Tool
The power of Claude Code / GeminiCLI / CodexCLI + [Gemini / OpenAI / OpenRouter / Azure / Grok / Ollama / Custom Model / All Of The Above] working as one.
MCP server that enables AI assistants to interact with Google Gemini CLI, leveraging Gemini's massive token window for large file analysis and codebase understanding
A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter specializes in dissecting AWS Cognito implementations and perf…
Proxy server to bypass Cloudflare protection
Deepagents is an agent harness built on langchain and langgraph. Deep agents are equipped with a planning tool, a filesystem backend, and the ability to spawn subagents - making them well-equipped …
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
Aquapy is an open-source tool for visually inspecting websites across multiple hosts. It enables security professionals to rapidly map and analyze HTTP-based attack surfaces, streamlining the ident…
Mobile Edge-Dynamic Unified Security Analysis
DeepFace UI is a web application for facial recognition and analysis built with DeepFace. It offers an intuitive interface to upload images, automatically extract faces, and perform state-of-the-ar…
A selection of Python programs which will retrieve live bus and rail UK open data and output it to a ER-OLEDM032 (256X64) display screen.
Intelligent automation and multi-agent orchestration for Claude Code