Stars
Enable WebView remote inspector for every app
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submissio…
Some Useful Tricks for Pentest Android and iOS Apps
MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI wor…
Cybersecurity AI (CAI), an open Bug Bounty-ready Artificial Intelligence
BurpSuite extension that helps find user input in a GWT body.
Never forget where you inject.
PoC Exploit for the NTLM reflection SMB flaw.
Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 issues in code. Ideal for SAST and CI/CD integration.
Python 3 script to dump/scrape/extract company employees from LinkedIn API
A tool for inspecting and analyzing mobile application storage files.
A lightweight Python-based tool to extract and enumerate Android components and automatically generate practical ADB commands
A Python 3 class that reads and extracts files from a password-encrypted iOS backup created by iTunes on Mac and Windows. Compatible with iOS 14. Class works on Linux too.
Pen Test Report Generation and Assessment Collaboration
Top 10 for Agentic AI (AI Agent Security) serves as the core for OWASP and CSA Red teaming work
The Internets #1 Subdomain Takeover Tool
Check subdomains for subdomain takeovers and other DNS tomfoolery
Search Google and download specific file types
Subdomain and target enumeration tool built for offensive security testing
The tool is used to analyze the content of the android application in local storage.