This is your work, valued
AssetViz. AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.
★ 38ReTab. Anyone who has used Burp Suite Repeater for more than 20 minutes knows the problem. You send request after request, and every tab is named 1, 2, 3... Ten tabs in, you are clicking through each one trying to find that one password reset endpoint you tested earlier. Fifty tabs in, you have lost track entirely.
★ 18vitalsource_downloader. Simple script to download Vitalsource book
★ 4Attacking-JWT. JavaScript
★ 3offsectools_www. A vast collection of security tools.
★ 1Curl2Repeater. Burp Suite extension that converts cURL commands from clipboard directly to Burp Repeater.
★ 1js-recon. Automate JS analysis on modern JS apps
★ 15.context. AI Agent Skills for Security Auditing to generate triaged, industry grade report findings, code locations, pocs, attacker story flow graphs and more
★ 114directus. The flexible backend for all your projects 🐰 Turn your DB into a headless CMS, admin panels, or apps with a custom UI, instant APIs, auth & more.
★ 36kfloci. Light, fluffy, and always free - The AWS Local Emulator alternative
★ 16kscalpel. Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
★ 73tailpos. TailPOS an Offline First Open Source POS for ERPNext
★ 656invoify. An invoice generator app built using Next.js, Typescript, and Shadcn
★ 6.3kInvitation-Flow-Security-Testing-Checklist. checklist for testing invitation / team-member invite flows for business-logic vulnerabilities. Use this as a GitHub-ready checklist in your repo, penetration-testing notes, or bug bounty writeups. Each item includes: What to test → Quick test steps → PoC / Request template → Expected (bad) behavior → Impact → Mitigation.
★ 9claude-code-security-review. An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities.
★ 5.5kwebappanalyzer. This project aims to maintain Wappalyzer technologies
★ 540openhare. AI-powered desktop SQL client. Cross-platform. Built with Flutter.
★ 708Claude-OSINT. Two paired Claude skills · 90+ recon modules · 48 secret-regex patterns · 80+ dorks · 9 read-only credential validators · 27 attack-path templates · 5,500+ lines of structured tradecraft. Drop-in SKILL.md files that turn Claude into a god-mode external recon operator for authorized red-team and bug-bounty engagements.
★ 1.9kProteus. Proteus is a plugin for Claude Code, Codex and Opencode, plus a local runtime, for structured, continuous vulnerability research.
★ 25authz-replay. Replay any request as another user to find IDOR/BOLA/BFLA, right in the browser.
★ 26claude-bug-bounty. AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
★ 3.9ktcpk. Portable Windows toolkit for pentesting thick-client applications, including .NET, MSIX, and native binaries.
★ 10repshot. RepShot · Generate professional security finding cards directly from Burp Suite Repeater.
★ 95MacroFlow. MacroFlow is a visual, node-based macro workflow engine for Burp Suite. It replaces Burp's built-in Macro system with a drag-and-drop canvas where you build multi-step HTTP flows, automatically inject session tokens, and validate reflected payloads across multiple targets - all without writing a single script.
★ 3damn-vulnerable-ai-agent. Damn Vulnerable AI Agent is a deliberately vulnerable AI agent platform for security testing and education.
★ 57iris. Intent Runtime Inspection System
★ 70tarnish. A Chrome extension static analysis tool to help aide in security reviews.
★ 165invisible_playwright. Anti-Detect Browser that passes every bot detection test. Drop-in Playwright replacement.
★ 1.7ksrc-hunter-skill. 实战 SRC / 众测 / Bug bounty 漏洞挖掘 Claude Code skill — 19 个攻击类 playbook、305 个结构化 payload、263 个 WAF/EDR 绕过、2887 份 HackerOne 真实案例、88,636 WooYun 案例统计
★ 544android-reverse-engineering-skill. Claude Code skill to support Android app's reverse engineering
★ 6.4kcal.diy. Scheduling infrastructure for absolutely everyone.
★ 46kMind-Map. 各种安全相关思维导图整理收集
★ 4.6kswagger-hack. 自动化爬取并自动测试所有swagger接口
★ 1.2kInvio. Self-hosted invoicing without the bloat.
★ 892shopware. Shopware 6 is an open commerce platform based on Symfony Framework and Vue and supported by a worldwide community and more than 3.100 community extensions
★ 3.4knullhyd-org. CSS
★ 1simplesamlphp. SimpleSAMLphp is an application written in native PHP that deals with authentication.
★ 1.1kfrida-script-gen. Generate Frida bypass scripts for Android APK root and SSL checks.
★ 214viewstate-security-workshop. This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.
★ 24JavaID. java source code static code analysis and danger function identify prog
★ 536humanify. Deobfuscate Javascript code using ChatGPT
★ 3.2krestringer. A Javascript Deobfuscator
★ 598webcrack. Deobfuscate obfuscator.io, unminify and unpack bundled javascript
★ 2.8kevilarc. Create tar/zip archives that can exploit directory traversal vulnerabilities
★ 1.1kgit-city. Your GitHub profile as a 3D pixel art building in an interactive city
★ 5.7kctf-skills. Agent skills for solving CTF challenges - web exploitation, binary pwn, crypto, reverse engineering, forensics, OSINT, and more
★ 2.7kEasyAdminBundle. EasyAdmin is a fast, beautiful and modern admin generator for Symfony applications.
★ 4.3kfridare. 强大的 Frida 重打包工具,用于 iOS 和 Android。轻松修改 Frida 特征,增强隐蔽性,绕过检测。简化逆向工程和安全测试。Powerful Frida repackaging tool for iOS and Android. Easily modify Frida servers to enhance stealth and bypass detection. Streamlines reverse engineering and security testing.
★ 807CodeVisualizer. CodeVisualizer is a powerful VS Code extension that provides two main visualization capabilities: function-level flowcharts for understanding code control flow, and codebase-level dependency graphs for analyzing project structure and module relationships.
★ 643ast-flow-graph. Creates a CFG from JavaScript source code.
★ 71codeflow. Paste any GitHub URL → interactive architecture map. See how files connect, find what breaks if you change something. No install, no accounts — runs entirely in your browser.
★ 4.1kVibeSec-Skill. This skill helps Claude write secure code and prevent common vulnerabilities.
★ 1.1kheisenberg-ssc-health-check. Analyzes software dependencies across GitHub repositories to identify security vulnerabilities and health risks in your supply chain.
★ 125bearer. Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
★ 2.7kgradio. Build and share delightful machine learning apps, all in Python. 🌟 Star to support our work!
★ 43kagents. Build and deploy AI Agents on Cloudflare
★ 5.2kidno. A social publishing platform.
★ 1.1kdtd-finder. List DTDs and generate XXE payloads using those local DTDs.
★ 662white-box-challenges. JavaScript
★ 87react-cosmos. Sandbox for developing and testing UI components in isolation
★ 8.7kopenemr. The most popular open source electronic health records and medical practice management solution.
★ 5.3kkubernetes-the-hard-way. Bootstrap Kubernetes the hard way. No scripts.
★ 49kfirecrawl. The API to search, scrape, and interact with the web at scale. 🔥
★ 149kvscode-security-notes. Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
★ 143cli. The official CLI for interacting with your Doppler secrets and configuration.
★ 383skills. Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
★ 6.1kyaak. The most intuitive desktop API client. Organize and execute REST, GraphQL, WebSockets, Server Sent Events, and gRPC 🦬
★ 19kBurp-MCP-Assistant. Burp Suite MCP Assistant in IDE Extension
★ 15wtfis. Passive hostname, domain and IP lookup tool for non-robots
★ 1.8kdive. A tool for exploring each layer in a docker image
★ 54ksqlit. A user friendly TUI for SQL databases. Written in python. Supports SQL server, Mysql, PostreSQL, SQLite, Turso and more.
★ 4.5kwitr. Why is this running?
★ 18kdockerscan. The Most Comprehensive Docker Security Scanner
★ 1.7kcurlconverter. Transpile curl commands into Python, JavaScript and 27 other languages
★ 8.2kRecaf. The modern Java bytecode editor
★ 7.3krep-chrome. rep+ — Burp-style HTTP Repeater for Chrome DevTools with built‑in AI to explain requests and suggest attacks
★ 1.6kFastjson-Gadgets-Automatic-Scanner. Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may be exploited, and screening results need to be excluded by themselves. Looking forward to Fork and Star.
★ 49Security-Learning. 对于安全学习的一些总结,更新ing,期待 Fork & Star!
★ 346request-catcher. Capture HTTP requests with ease! Create a private bucket, capture requests, and analyze the results. Useful for security and E2E testing.
★ 1ct-archive. A directory of archived Certificate Transparency (CT) logs and tools to archive RFC 6962 and Static CT logs.
★ 50android-penetration-testing-cheat-sheet. Work in progress...
★ 484ios-penetration-testing-cheat-sheet. Work in progress...
★ 419autoswagger. Autoswagger by Intruder - detect API auth weaknesses
★ 1.9kawesome-reverse-engineering. Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
★ 5kFresh-Resolvers. List of Hourly Updated Fresh DNS resolvers
★ 115TunProxy. Android VPN interceptor to send HTTP and HTTPS traffic to a proxy
★ 526Awesome-Fuzzing. A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
★ 5.9kjsxtract. JSXtract is a security research tool used to pull various type of data from JS files that exist within a selected tab.
★ 6hack_tips.
★ 249IP-Obfuscator. Simple script to convert and obscure any IP address of any host.
★ 30jwt-vulnerabilities-lab. JavaScript
★ 5BurpSuite_LocalAI. Java
★ 14vulnhuntr. Zero shot vulnerability discovery using LLMs
★ 2.7kvuln-bank. A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.
★ 781vulhub. Pre-Built Vulnerable Environments Based on Docker-Compose
★ 21kxss-waf-bypass. XSS Payloads for WAF Bypass
★ 5codesearch. Fast, indexed regexp search over large file trees
★ 4kmyDrive. Node.js and mongoDB Google Drive Clone
★ 4.2ktinyauth. The tiniest OpenID Certified™ authorization and authentication server you have ever seen.
★ 7.8kkillbill. Open-Source Subscription Billing & Payments Platform
★ 5.6kSolidInvoice. Simple and elegant invoicing solution.
★ 932resume. ATS-Friendly Markdown-to-PDF Resume Generator
★ 8vulnerable-code-snippets. Twitter vulnerable snippets
★ 1.2kMassive-Web-Application-Penetration-Testing-Bug-Bounty-Notes. A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.
★ 1.8kTalks. My talks...
★ 25zin-mcp-client. MCP Client which serves as bridge between mcp servers and local LLMs running on Ollama, Created for MCP Servers Developed by Me, However other MCP Servers may run as well
★ 105leaked-system-prompts. Collection of leaked system prompts
★ 15kEasyEASM. Zero-dollar attack surface management tool
★ 325apkleaks. Scanning APK file for URIs, endpoints & secrets.
★ 6.2kipfuscator. A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.
★ 93CF-Hero. CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
★ 2.6kopengrep. 🔎 Static code analysis engine to find security issues in code.
★ 2.8keventlistener-xss-recon.
★ 151AI-Red-Teaming-Playground-Labs. AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.
★ 2knewtowner. Abuse trust-boundaries to bypass firewalls and network controls
★ 423formatify. Formatify is a Burp Suite extension that instantly converts HTTP requests into multiple formats like cURL, Python, PowerShell, and more—saving time and streamlining your workflow. 🚀
★ 31sectracker. A Modern Bug Bounty and Security Research Management Platform
★ 97system_prompts_leaks. Extracted system prompts from Anthropic - Claude Fable 5, Opus 4.8, Claude Code, Claude Design. OpenAI - ChatGPT GPT-5.6, Codex GPT-5.6, GPT-5.5. Google - Gemini 3.5 Flash, 3.1 Pro, Antigravity. xAI - Grok, Cursor, Copilot, VS Code, Perplexity, and more. Updated regularly.
★ 56kVulnerable-JWT. Collection of vulnerable APIs/apps to test JWT attacks
★ 7ctf-archives. CTF Archives: Collection of CTF Challenges.
★ 1.5klightyear. lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
★ 112jxscout. jxscout superpowers JavaScript analysis for security researchers
★ 468XORpass. Encoder to bypass WAF filters using XOR operations.
★ 254jwt-cracker-go. jwt-cracker-go is a simple brute force cracker for HS256, HS384, and HS512 JWT tokens, inspired by jwt-cracker.
★ 4js-analysis-tools. A collection of js analysis tools & scripts.
★ 19github-dorks. The repository contains useful GitHub dorks for finding open-source vulnerabilities.
★ 95ua-shuffler. A chrome extension that lets you specify request headers with a list of values that are randomly "shuffled" trough on every request.
★ 3DataExtractor. A Burp Suite extension to extract datas from source code while browsing.
★ 162graphqlextractor. Extract GraphQL operations from javascript
★ 24burpference. A research project to add some brrrrrr to Burp
★ 211web-testing-bookmarklets. This is a set of bookmarklets I use for analyzing web applications for testing purposes.
★ 60jq_cookbook. Here are my favorite JQ scripts for analysis and web-based testing.
★ 19Poc. PoC collection of Atlassian(Jira, Confluence, Bitbucket) products and Jenkins, Solr, Nexus
★ 233frida-scripts. A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.
★ 1.6kbbmon. web app monitoring automation
★ 15prompts.chat. f.k.a. Awesome ChatGPT Prompts. Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy.
★ 165kbrowser-use. 🌐 Make websites accessible for AI agents. Automate tasks online with ease.
★ 104kideviceinstaller. Manage apps of iOS devices
★ 1.4kdock-droid. Docker Android - Run QEMU Android in a Docker! X11 Forwarding! CI/CD for Android!
★ 1.4ktemplate-injection-playground. The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilities.
★ 67template-injection-table. The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.
★ 116AssetsTools.NET. Read and write unity assets/bundle files, based on https://github.com/SeriousCache/UABE
★ 668awesome-secure-code-review.
★ 52Web-CTF-Cheatsheet. Web CTF CheatSheet 🐈
★ 3ksecurity-code-review. My personal collection of resources (mostly tools and training materials) for source code security audits.
★ 109manual-source-code-review. Regex patterns for manual application source code review
★ 34Secure-Code-Review-Snippets. Welcome to the secure code review snippets for secure code review snippets! This repository aims to provide developers with valuable examples and guidance for conducting secure code reviews and writing secure code.
★ 14CSPTBurpExtension. CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.
★ 169clairvoyance. Obtain GraphQL API schema even if the introspection is disabled
★ 1.5kunpack-burp. For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)
★ 55Postman-Pat. Burp extension to import Postman collections and create Repeater tabs
★ 6restfire. A lightweight web-based Postman alternative for testing your APIs
★ 6PentestOAuthServer. Kotlin
★ 4bypass-url-parser. bypass-url-parser
★ 1.1kmapperplus. MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
★ 299test-proxy. Advanced test for proxy & waf
★ 14csvtk. A cross-platform, efficient and practical CSV/TSV toolkit in Golang
★ 1.2krush. A cross-platform command-line tool for executing jobs in parallel
★ 1.1kFriList. Collection of useful FRIDA Mobile Scripts
★ 191awesome-bugbounty-tools. A curated list of various bug bounty tools
★ 6.1ksemgrep-rules. My custom semgrep rules
★ 24gf-patterns. A repository of some useful grep patterns for tomnomnoms gf tool
★ 37BurpMontoyaRetryRequests. Kotlin
★ 1MontoyaEveryParameter. Kotlin
★ 2DevSecOps. ♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
★ 70graphql-cop. Security Auditor Utility for GraphQL APIs
★ 674chunkloader. A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs
★ 76Android-iOS-Cheat-Sheet.
★ 92ARTHookScripts. frida runtime resolves smali
★ 93graudit. grep rough audit - source code auditing tool
★ 1.7ksubdomain-monitoring-elasticsearch. Go
★ 20GQLSpection. GQLSpection - parses GraphQL introspection schema and generates possible queries
★ 106medusa. Mobile Edge-Dynamic Unified Security Analysis
★ 2.3kbaddns. Check subdomains for subdomain takeovers and other DNS tomfoolery
★ 441inql. InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
★ 1.8kFabric. Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
★ 43knowafpls. Burp Plugin to Bypass WAFs through the insertion of Junk Data
★ 1.5khttpc. HTTP Client Library for security tooling
★ 3jsoncrack.com. ✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML and CSV into interactive graphs.
★ 44kcsprecon. Discover new target domains using Content Security Policy
★ 517gungnir. CT Log Scanner
★ 562linux-exploit-suggester. Linux privilege escalation auditing tool
★ 6.6kpostleaks. Search for sensitive data in Postman public library.
★ 216http-garden. Differential testing framework for HTTP implementations
★ 938bbscope. Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
★ 1.4kget-all-parameters. Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
★ 31postMessage-tracker-firefox. A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
★ 28Frida-Labs. The repo contains a series of challenges for learning Frida for Android Exploitation.
★ 1.3kwafer. Python
★ 221dnsgen. DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery and security assessments.
★ 1.1kcurated-semgrep-rules. Curated Collection of Popular Community Rules for Semgrep
★ 21frida-android-helper. Frida Android utilities
★ 263JS-Tap. JavaScript beacons and C2 to be used for XSS payload or post exploitation implants on webapp servers or desktop software to monitor users and maintain persistence. Browser extension, electron app, and node/bun app implants are included.
★ 469kenzer. automated web assets enumeration & scanning [DEPRECATED]
★ 288sj. A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
★ 859sus_params. Python
★ 213UUIDHunter. This Extension provides a Passive and Active Scan Check that detects V1 UUIDs and attempts to find other potentially valid ones.
★ 6RepeaterSearch. This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.
★ 81BurpSuite-Team-Extension. This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
★ 261jaeles. The Swiss Army knife for automated Web Application Testing
★ 2.4kgithub-stargazer. View stars evolution of GitHub repositories.
★ 4Nope-Proxy. TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
★ 1.7krmm. Recon MindMap (RMM)
★ 185XSpear. 🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
★ 1.4kpoc_subto. JavaScript
★ 1skanuvaty. Dangerously fast DNS/network/port scanner
★ 924