Extract 500+ technologies from any repository. Detect Languages, SaaS, Cloud, Infrastructure, Dependencies and Services

A research project to add some brrrrrr to Burp

Build mindmaps with plain text

A robust command-line tool built in Rust that makes merging and deduplicating text files a breeze. Whether you're dealing with small files or massive datasets, this tool handles the heavy lifting w…

A powerful tool for automated LLM fuzzing. It is designed to help developers and security researchers identify and mitigate potential jailbreaks in their LLM APIs.

iOS and macOS Decompiler

A static analysis tool for GitHub Actions

The new bridge between Ghidra and Frida!

the Network Protocol Fuzzer that we will want to use.

Hackish way to intercept and modify non-HTTP protocols through Burp & others.

BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.

Golang tool to dump useful information from a Mach-O binary

A security focused static analysis tool for Android and Java applications.

CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.

A Burp Suite extension that helps track and manage multiple sessions simultaneously by color-coding HTTP requests based on custom patterns.

A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a process as possible

A high-speed tool for passively gathering URLs, optimized for efficient and comprehensive web asset discovery without active scanning.

Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

HTTP parameter discovery suite.

A powerful and user-friendly binary analysis platform!

🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️

A framework for BREACH and other compression-based crypto attacks

Cross compiling toolchains in Docker images

Self-optimizing cross-platform code tracer based on dynamic recompilation

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

A Frida based tool that traces usage of the JNI API in Android apps.