secrets-patterns-db. Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
1.6kbfac. BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
566shennina. Automating Host Exploitation with AI
556Firefox-Security-Toolkit. A tool that transforms Firefox browsers into a penetration testing suite
513struts-pwn. An exploit for Apache Struts CVE-2017-5638
444server-status_PWN. A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
443GithubCloner. A script that clones Github repositories of users and organizations.
424xless. The Serverless Blind XSS App
338jwt-pwn. Security Testing Scripts for JWT
333tfquery. tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
332struts-pwn_CVE-2018-11776. An exploit for Apache Struts CVE-2018-11776
303struts-pwn_CVE-2017-9805. An exploit for Apache Struts CVE-2017-9805
247llmquery. Powerful LLM Query Framework with YAML Prompt Templates. Made for Automation
36public. PHP
35go-random. 🌐 go-random: A fast, clear, and cryptographically-secure random data generator for Golang
32whatsapp-chat-parser. WhatsApp Chat Parser
27backlog. backlog: Your AI agent forgets between sessions. Backlog remembers.
9juice-shop. TypeScript
4Ubuntu-Desktop-Malware-Vector-Demo. Demo for http://blog.mazinahmed.net/2017/04/using-ubuntu-desktop-as-malware-vector.html
4SecLists. SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
4gronpy. Print JSON objects in a "Greppable" output.
3aws-bedrock-proxy-server. AWS Bedrock API Proxy Server: Interact with AWS Bedrock models through a standardized OLLAMA API format
3mazinahmed.net. mazinahmed.net
3ohmyzsh. 🙃 A delightful community-driven (with nearly 1,500 contributors) framework for managing your zsh configuration. Includes 200+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, etc), over 140 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
2dirsearch. Web path scanner
2detect_passive_secrets. JavaScript
2tfsec. 🔒🌍 Security scanner for your Terraform code
1ptf. The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
1InfoSec-Black-Friday. All the deals for InfoSec related software/tools this Black Friday
1dnsrecon. DNS Enumeration Script
1trufflehog-clone. Trufflehog v2 Clone
1