Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the integration of webhooks, this tool sends real-time updates when…

The all-in-one Desktop & Docker AI application with built-in RAG, AI agents, and more.

A command-line productivity tool powered by AI large language models like GPT-4, will help you accomplish your tasks faster and more efficiently.

Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Pen Test Report Generation and Assessment Collaboration

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate…

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

A curated list of the most common and most interesting robots.txt disallowed directories.

Differential fuzzing REPL for HTTP implementations.

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar…

Ligue automaticamente para empresas de cobrança e deixe uma voz falando "Alô?" sem parar.

Resources related to GitHub Security Lab

Repositório para o programa de contratamento de mulheres em segurança do N

Prompt Injection Primer for Engineers

Identify virtual hosts by similarity comparison

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Implementation of GigaGAN, new SOTA GAN out of Adobe. Culmination of nearly a decade of research into GANs

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Ghostscript command injection vulnerability PoC (CVE-2023-36664)

PoC_CVEs

Android in docker solution with noVNC supported and video recording

Unleash the power of cloud

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL).

Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)

📦 Make security testing of K8s, Docker, and Containerd easier.

Files + Writeups for DownUnderCTF 2022 Challenges