Tooling

SIGIT - Simple Information Gathering Toolkit · Sprache: Python · Topics: cybersecurity, hacking-tools, information, kali-linux, kali-linux-tools, osint · ⭐ 960 Stars

Arcjet JavaScript (JS) / TypeScript SDK. Stop bots and automated attacks from burning your AI budget, leaking data, or misusing tools with Arcjet's AI security building blocks. · Sprache: TypeScript · Topics: bun, developer-tools, javascript, javascript-library, nextjs, nodejs · ⭐ 663 Stars

Open-source AI agent red-team engine, SDK, and CLI. Run offline or against the Humanbound Platform. · Sprache: Python · Topics: adversarial-testing, agentic-ai, ai-agents, ai-red-teaming, ai-safety, ai-security · ⭐ 20 Stars

a secure dotenv–from the creator of `dotenv` · Sprache: JavaScript · Topics: cli, configuration-file, curl, dotenv, dotenvx, end-to-end-encryption · ⭐ 5,434 Stars

Open-source CLI for AI coding agents. Give your coding agents access to services without exposing keys. · Sprache: Go · Topics: ai, ai-agents, audit-logging, cli, credential-management, developer-tools · ⭐ 189 Stars

⭐️ Luminar Neo Activator | Photo Editor v1.0 | Setup Installer 2026 | Patch Keygen Loader | License Key Mod | Pre-Activated Full Version | Latest Build for Windows 10/11 PC | Get Desktop Activation | Premium Serial Bypass | Unlock Pro Features | Genuine Original x64 ⭐️ · Topics: budget-calculator, cirrus, cover, lidar-point-cloud, linux-audit, luminar-free · ⭐ 11 Stars

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data · Sprache: Go · Topics: abac, acl, authorization, ciam, cloud-native, database · ⭐ 6,701 Stars

FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data. · Sprache: Rust · Topics: cybersecurity, events, file-integrity, file-integrity-monitoring, filemonitor, files · ⭐ 194 Stars

wolfSSL Intrusion Detection and Prevention System (IDPS) · Sprache: C · Topics: anti-bot, attack-prevention, ban-hosts, c-library, embedded, embedded-systems · ⭐ 51 Stars

Open-source endpoint detection engine for Windows and Linux using ETW, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts. · Sprache: Rust · Topics: blue-team, detection-engineering, ebpf, edr, endpoint-detection, endpoint-security · ⭐ 244 Stars

Mobile Edge-Dynamic Unified Security Analysis · Sprache: JavaScript · Topics: android, android-malware, dynamic-analysis, frida, frida-scripts, frida-snippets · ⭐ 2,257 Stars

Autonomous AI pentesting engine performing continuous offensive security across web, cloud, AD and Kubernetes. Uses agentic reasoning, real exploit execution and attack path analysis to deliver proof-based vulnerabilities. · Sprache: Python · Topics: ai-agents, ai-security-tool, autonomous-agents, cybersecurity, llm, multi-agent-systems · ⭐ 164 Stars

Open-source credential vault, give your AI agents access to services without exposing keys. · Sprache: TypeScript · Topics: ai-agents, cli, mcp, nanoclaw, nodejs, openclaw · ⭐ 2,138 Stars

Mapping the information system / Cartographie du système d'information · Sprache: Blade · Topics: anssi, assets, assets-management, cartographie, cartography, cmdb · ⭐ 523 Stars

The open source taint analysis engine for the AI era. Formal inter-procedural taint analysis — finds what pattern matching engines miss, enacts what LLM agents discover as rules, scales where neither can alone. · Sprache: Kotlin · Topics: java, kotlin, sast, security, security-tools, seqra · ⭐ 41 Stars

A modular vulnerability scanner with automatic report generation capabilities. · Sprache: Python · Topics: artemis, pentesting, security, security-scanner, security-tools, vulnerability-detection · ⭐ 1,166 Stars

Justniffer Just A Network TCP Packet Sniffer. Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate web server log files, track response times and extract all "intercepted" files from the HTTP traffic · Sprache: C · Topics: cli, cpp, cybersecurity, http, linux, network · ⭐ 228 Stars

An open source tool for detecting website blocks, downdetecting, and network analysis · Sprache: Python · Topics: ai-first, ai-friendly, arp, censorship, cli, dns · ⭐ 22 Stars

Dradis Framework: Collaboration and reporting for IT Security teams · Sprache: Ruby · Topics: collaboration, dradis, dradis-framework, infosec, penetration-testing, pentesting · ⭐ 803 Stars

All-in-one Burp Suite attack framework — 16 active scanners, 4 passive analyzers, SQL exploitation engine (OmniMap), AI-powered fuzzing, prerequisite chain automation (Stepper), built-in OOB server (HTTP+DNS). Single JAR, Montoya API. · Sprache: Java · Topics: ai-security, burp-extension, burp-suite, montoya-api, owasp, penetration-testing · ⭐ 12 Stars

🐶 A curated list of Web Security materials and resources. · Sprache: Python · Topics: awesome, awesome-list, list, penetration-testing, security, web · ⭐ 13,361 Stars

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency...

Open-source Supabase security auditor: detects RLS-disabled tables, public buckets, exposed SECURITY DEFINER functions. Active anonymous probe confirms each leak with the anon key. · Sprache: JavaScript · Topics: audit, auditor, cli, devsecops, leak, mit-license · ⭐ 15 Stars

Two releases shipped this cycle - v10.4.2 (April 15) and v10.4.3 (May 5) - delivering deep KEV coverage, a major push into AI/LLM attack surface, fresh Perforce visibility, and broad quality improvements across the template library. 🚀 April Stats Release New Templates CVEs Added First-time...

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session. · Sprache: Python · Topics: adb, android, android-debug-bridge, android-hacking, collaborate, cybersecurity · ⭐ 5,846 Stars

👻 AI-Powered Pentesting Command Center — Autonomous security testing with real-time streaming, self-improving AI, unlimited tool iterations, and beautiful dark UI · Sprache: JavaScript · Topics: ai, ai-agent, autonomous-agent, command-center, cybersecurity, dark-ui · ⭐ 13 Stars

新一代Webshell管理器，兼容蚁剑与冰蝎的PHP webshell · Sprache: Python · Topics: awd, ctf, javascript, penetration-testing, penetration-testing-tools, php · ⭐ 676 Stars

Open-source PACS / RFID lab you can build at home! Can be built via custom PCB, or completely with off the shelf parts. · Sprache: C++ · Topics: access-control, door-controller, door-lock, door-sensor, doorsim, hacking · ⭐ 11 Stars

A.I. Sorcery · Sprache: Python · Topics: 4ndr0tools, ai, chatgpt, engagement, jailbreak, llm · ⭐ 11 Stars

实战 SRC / 众测 / Bug bounty 漏洞挖掘 Claude Code skill — 19 个攻击类 playbook、305 个结构化 payload、263 个 WAF/EDR 绕过、2887 份 HackerOne 真实案例、88,636 WooYun 案例统计 · Topics: bug-bounty, claude-code, claude-code-skill, hackerone, owasp, payloads · ⭐ 33 Stars