claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a s…

Ghidra MCP Server — 200+ MCP tools for AI-powered reverse engineering. GUI plugin + headless server, lazy tool loading, convention enforcement, batch operations, Ghidra Server integration, and Dock…

An agent-managed museum exhibit, built in Rust with Gajae-Code / LazyCodex — developed and maintained with no human intervention.

A curated list of awesome Claude Skills, resources, and tools for customizing Claude AI workflows

MCP Attack Surface Detector - Burp plugin to make manual testing of MCP servers easier in Burp Suite

Installable GitHub library of 1,500+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes specialized plugins, installer CLI, bundles, workflows, and offic…

Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.

The Havoc Framework

OSS-Fuzz - continuous fuzzing for open source software.

Nexus Repository Hacker,nexus docker repository downloader

Ultimate DevSecOps library

Modified version of the 'rogue-mysql-server.py' script from https://landgrey.me/blog/11/ to exploit JDBC connection string deserialization. All credit to the original author.

HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite

intentionally vuln web Application Security in django

Contextual Content Discovery Tool

Prototype Pollution and useful Script Gadgets

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Defeating Windows User Account Control

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Wrong project! You should head over to http://github.com/sshuttle/sshuttle

An HTTP toolkit for security research.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Nodejs , Attack

Homebrew Tap - Pen Test Tools

Extract Sensitive Keys, Secret, Token Or Interested thing from source

A list of freely available resources that can be used as a prerequisite before taking OSCE.