Minimal plugin that lets Claude Code call you on the phone.

AI Sandbox

Stop getting 403 Forbidden. A specialized httpx-like toolkit for WAF evasion.

the blazing-fast pentesting suite.

A phone number can reveal whether a device is active, in standby or offline (and more). This PoC demonstrates how delivery receipts + RTT timing leak sensitive device-activity patterns. (WhatsApp /…

Terminal UI for AWS (taws) - A terminal-based AWS resource viewer and manager

A fast, concurrent IRC reconnaissance and information gathering tool

JSSCM detects expired domains for Stored XSS exploitation during browsing.

🛜 ESPectre 👻 - Motion detection system based on Wi-Fi spectre analysis (CSI), with Home Assistant integration.

🐹 Deep clean and optimize your Mac.

Why is this running?

September Chrome 1day by István Kurucsai

VyAPI - A cloud based vulnerable hybrid Android App

This code repository contains the scenarios in the security cheat sheet on Secure data storage in the browser.

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

Python Pagespeed Insights Api 👽

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.

up10.me file storage site which only store data given data one day

A tool to perform static analysis on regexes to determine whether they are vulnerable to ReDoS.

Ssh Connection and Exec Command Tool 😸

Toolkit to detect and keep track on Blind XSS, XXE & SSRF

Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)

Go net/http configurable handler to handle CORS requests

Bash script for uploading files via the slack API

dfg - Generates dockerfiles based on various input channels.

AgentTesla botnet C&C RCE exploit.

Apache Solr Injection Research

a tiny tool for swf hacking, just browse it:)