📦 Repomix (formerly Repopack) is a powerful tool that packs your entire repository into a single, AI-friendly file. Perfect for when you need to feed your codebase to Large Language Models (LLMs) o…

ServiceNow widge-simple-list misconfiguration scanner

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

the LLM vulnerability scanner

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Academic purposes only. Attack against Salesforce lightning with guest privilege.

The only GraphQL wordlist you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

This repo contains a list of the 10,000 most common English words in order of frequency, as determined by n-gram frequency analysis of the Google's Trillion Word Corpus.

The EXCLUSIVE Collection of 50,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.

This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

Distribute ordinary bash commands over many systems

Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.

A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities

Automated backlinks for notes in Bear.app, on macOS.

Maintains backlink structure among interlinked Markdown notes

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist

Python library for Eufy Security cameras

Free, libre, effective, and data-driven wordlists for all!

Python wrapper for Hikvision camera event stream

Node.js Client Library for interacting with PocketCasts API.

A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system

Burp Suite Extension useful to verify OAUTHv2 and OpenID security

A repository with 3 tools for pwn'ing websites with .git repositories available

Burpsuite plugin for Interact.sh

Obtain GraphQL API schema even if the introspection is disabled

Small, fast tool for performing reverse DNS lookups en masse.