Red Team Grimoire
Advanced Red Team tactics and scripts crafted from real-world offensive security assessments.
PyCript
Burp extension to encrypt/decrypt traffic with custom logic in Python, Go, Node.js, etc.
Pentest Mapper
Burp extension to map API flows and link them to custom security test checklists.
InterceptSuite
Intercepts and inspects TLS/SSL traffic across all protocols beyond HTTP/S.
EvilTree
Python remake of "tree" with keyword/regex search and match highlighting in files.
wwwtree
Tool to locate, host, and transfer exploits/scripts to victim machines during privilege escalation.
Villain
C2 framework for managing reverse shells and sharing sessions across Villain instances.
Adaptix Framework
Extensible post-exploitation and adversary emulation framework for penetration testers.
Wynis
PowerShell script for auditing Windows security using BEST practices automatically.
Swego
Go webserver with many features, simple like Python's SimpleHTTPServer.
Deepkfake Offensive Toolkit
Generates real-time deepfakes for testing ID verification and social engineering scenarios.
reFlutter
Framework for reverse engineering Flutter apps using patched lib for dynamic analysis.
GJoy Dex Analyzer
Native Dalvik bytecode decompiler for fast APK and DEX analysis without Java VM.
Deep Live Cam
Deepfake software for AI-generated media creation and realistic adversary simulations.
Chiasmodon
OSINT tool to gather data from domains, apps, IPs, emails, organizations, and URL
GuardRail OSS
Framework enhancing AI outputs via conditional logic and emotional intelligence (AiEQ).
Social Analyzer
Finds and analyzes user profiles on 1000+ sites with confidence-based detection scoring.
SpyNote
SpyNote is an Android RAT malware used to spy on and control infected mobile devices.
Oblivion
Monitors real-time data leaks and alerts if user credentials have been exposed.
WiFi DensePose
Real-time, camera-free human pose detection using WiFi CSI and machine learning.
Agent Name Service
Secure AI agent registry based on OWASP GenAI ANS Protocol for safe agent interaction.
DSPy.ts
AI framework in JS/TS for building smart, private apps directly in the browser.
FACT
MCP tool replacing vectors with prompts for fast, auditable LLM-powered data retrieval.
HosTaGe
Lightweight honeypot to detect malicious networks on mobile devices like smartphones.
CAIDO
Modern, lightweight web security proxy with clean UI and modular design for web testing.
