The automated prompt injection framework for LLM-integrated applications.

Set of tools to assess and improve LLM security.

Delving into the Realm of LLM Security: An Exploration of Offensive and Defensive Tools, Unveiling Their Present Capabilities.

Nmap script that scans for probable vulnerabilities based on services discovered in open ports.

Get up and running with Llama 3, Mistral, Gemma, and other large language models.by adding more amd gpu support.

LLM and System Prompt vulnerability scanner tool

🍒 Cherry Studio is a desktop client that supports for multiple LLM providers

Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement

Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty

轻量级的无害化钓鱼~

UpdateHub is an app that simplifies updating software on your computer. A user-friendly interface allows you to quickly check for and install available updates for your operating system and applica…

一款便捷、实用的Nuclei POC 管理工具。A convenient and practical Nuclei POC management tool.

log analysis tool

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

这是一个 XXE 漏洞检测工具（This is an XXE vulnerability detection tool）

Jan is an open source alternative to ChatGPT that runs 100% offline on your computer

Web 版 Java Payload 生成与利用工具，提供 Java 反序列化、Hessian 1/2 反序列化等Payload生成，以及 JNDI、Fake Mysql、JRMPListener 等利用｜The web version of Java Payload generation and utilization tool provides Payload generation su…

openHarmony逆向工具包

CISSP资料汇总

Python tool for converting files and office documents to Markdown.

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Playbooks for SOC Analysts

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…

A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities

ParamScan is a chrome extension for finding reflected parameters in a webpage.

JWT-scanner Burp Extension

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy lea…

Android real-time display control software

Burp Plugin to Bypass WAFs through the insertion of Junk Data

RequestShield is a 100% Free and OpenSource tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential security threats. It uses factors like geolocation, abuse h…