Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

Unofficial and insecure Signal app, used by senior Trump officials like Mike Waltz, downloaded from the official TeleMessage website

Rust tool to detect cell site simulators on an orbic mobile hotspot

Tips and tricks for working with Large Language Models like OpenAI's GPT-4.

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy.

Uses ChatGPT API, Bard API, and Llama2, Python-Nmap, DNS Recon, PCAP and JWT recon modules and uses the GPT3 model to create vulnerability reports based on Nmap scan data, and DNS scan information.…

Commandline tool for running SQL queries against JSON, CSV, Excel, Parquet, and more.

Blazing fast, advanced Padding Oracle exploit

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

A list of semi to fully remote-friendly companies (jobs) in tech.

The all-in-one browser extension for offensive security professionals 🛠

My Neovim settings

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

Reproduce DeFi hacked incidents using Foundry.

A tool to inspect and attack version 1 GUIDs

The fastest way to identify anything!

Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.

A script that you can run in the background!

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Security aspects of AWS products for the Security Specialist certification

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Awesome Trainings from Cloud Native Computing Foundation Projects and Kubernetes related software

A template for writing a condensed course index leveraging LaTeX indexing

Master programming by recreating your favorite technologies from scratch.