The Leading Security Assessment Framework for Android.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Enumerate the permissions associated with AWS credential set

☠️ Delightful Node.js packages useful for penetration testing, exploiting, reverse engineer, cryptography ...

💻 Netcat client and server modules written in pure Javascript for Node.js.

🐙 Guides, papers, lecture, notebooks and resources for prompt engineering

This repository contains a collection of scripts and tools that I have written to solve various problems that I have come across.

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

Playground (and dump) of stuff I make or modify for the Flipper Zero

The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!

Brute force subghz fixed codes using flipper zero

BlueHound - pinpoint the security issues that actually matter

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness,…

A curated list of awesome Nim frameworks, libraries, software and resources.

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

An on-path blackbox network traffic security testing tool

Chat with your database or your datalake (SQL, CSV, parquet). PandasAI makes data analysis conversational using LLMs and RAG.

「🔑」A tool used to hunt down API key leaks in JS files and pages

A curated list of resources for graph databases and graph computing tools

Pull out bits of URLs provided on stdin

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Fast web fuzzer written in Go

All about bug bounty (bypasses, payloads, and etc)

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A list of interesting payloads, tips and tricks for bug bounty hunters.