Detect drift. Defend cloud.
-
Updated
Feb 21, 2026 - Go
Detect drift. Defend cloud.
Encrypted vault, ZK settlement archiving, x402 payment receipts, Agent Passport binding, and Solana anchoring for OpenClaw and agent runtimes. Drop-in stack — compression, privacy, payments, identity.
AI-powered multi-chain Web3 security toolkit. Scan smart contracts across 6 EVM chains in minutes, not weeks.
Security Notes/Tools/Scripts
Deterministic, local-first context builder for flow automation exports: redacts sensitive data, detects risks, and produces auditable bundles for AI assistants and support workflows: flow analysis, subflow expansion, secret redaction, token budgeting, and reproducible bundle generation via CLI and VUE web app.
SQL Server security audit tool that scans .NET/web configs for SQL connection strings and secrets and reports risky features like xp_cmdshell and password reuse.
Automated reconnaissance and attack-surface analysis pipeline for infrastructure visibility, asset discovery, and vulnerability identification.
Local-first context-integrity engine. Reconstructs trust from immutable runtime history, contains risky actions in QTF, and gates promotion through EXT.
Production-grade scripts to deploy, harden, and operate OpenCTI on Ubuntu LTS with the fixes for issues you'd otherwise hit on day one.
High‑performance iocx plugin for detecting Windows Registry keys, values, and persistence locations. Includes full test coverage, performance benchmarks, and security checks.
Educational C2 Framework for Red Team Learning
Deterministic Python CLI for repository hygiene checks and pre-commit secret scanning.
Validate Infrastructure as Code against CMMC Level 2 and NIST 800-171 security controls
CI scanner for RAG corpus risks: prompt injection, risky HTML/Markdown, PII, and secret-like content.
Research-preview AWS IAM reasoning tool with bounded evidence, deterministic findings, and explicit non-claims.
Access Log Correlator - Python based access log correlation tool for detecting failed login bursts with schema validation and JSON output.
Cross-platform persistence detection CLI with baseline/diff analysis for Linux and Windows.
HacxGPT CLI — Open-source command-line interface for unrestricted AI model access with multi-provider support, prompt injection research capabilities, configurable API endpoints, Termux/Linux/Windows compatibility, and Rich terminal UI for security research and red-team evaluation
Project-aware tabletop exercise generator + AAR drafter for Claude Code
KYNEĒ — AI-assisted portable security assessment platform for authorized penetration testing and red team operations
Add a description, image, and links to the security-tooling topic page so that developers can more easily learn about it.
To associate your repository with the security-tooling topic, visit your repo's landing page and select "manage topics."