CyberStrikeus
CyberStrikeCyberStrike is an open-source AI-powered offensive security agent that automates penetration testing by integrating with LLMs (Claude, GPT, etc.) to...
23 repositories found
CyberStrikeus
CyberStrikeCyberStrike is an open-source AI-powered offensive security agent that automates penetration testing by integrating with LLMs (Claude, GPT, etc.) to...
m14r41
PentestingEverythingPentestingEverything is a comprehensive, searchable knowledge base for penetration testing and application security across 23 domains including web,...
six2dez
burp-ai-agentCustom AI Agent is a Burp Suite extension that integrates multiple AI backends (11 providers including Anthropic, Ollama, Gemini) and MCP protocol...
chaitin
SafeLineSafeLine is a self-hosted Web Application Firewall (WAF) and reverse proxy designed to protect web applications from common attacks including SQL...
DefectDojo
django-DefectDojoDefectDojo is a comprehensive DevSecOps and vulnerability management platform that orchestrates security testing, deduplication, remediation, and...
zaproxy
zaproxyZAP by Checkmarx is a web application security scanner designed to automatically detect vulnerabilities during development and testing, as well as...
sqlmapproject
sqlmapsqlmap is a mature penetration testing tool that automates SQL injection detection and exploitation, along with database server takeover...
DependencyTrack
dependency-trackDependency-Track is an OWASP-maintained Component Analysis platform that ingests Software Bill of Materials (SBOMs) to identify and mitigate supply...
openziti
zitiOpenZiti is an open-source zero-trust networking platform that makes services invisible to unauthorized users through cryptographic identity,...
projectdiscovery
interactshInteractsh is an open-source out-of-band (OOB) interaction detection server and client library used primarily in security testing and vulnerability...
Bearer
bearerBearer is an open-source static application security testing (SAST) tool that scans source code to identify security vulnerabilities and privacy...
OWASP
CheatSheetSeriesThe OWASP Cheat Sheet Series is a curated collection of concise, high-value security guidance organized by application security topic, designed to...
webpwnized
mutillidaeOWASP Mutillidae II is a deliberately vulnerable web application designed as a training target for learning web security through hands-on practice....
OWASP
wstgThe OWASP Web Security Testing Guide (WSTG) is a comprehensive, open-source framework for testing web application security, actively maintained as a...
juice-shop
juice-shopOWASP Juice Shop is an intentionally vulnerable web application designed for security training, CTF competitions, and penetration testing practice....
OWASP
www-project-top-10-for-large-language-model-applicationsThe OWASP Top 10 for Large Language Model Applications is a security awareness framework that identifies and documents the ten most critical security...
infoslack
awesome-web-hackingA curated list of resources for web application security education and penetration testing, including books, documentation, tools, cheat sheets,...
infobyte
faradayFaraday is an open-source vulnerability management platform designed to centralize, aggregate, and normalize security scan data from multiple tools...
maurosoria
dirsearchdirsearch is a web path brute-forcer tool for discovering hidden directories and files on web servers during penetration testing and bug bounty work....
lirantal
npqnpq is a command-line tool that audits npm packages before installation by checking against CVE databases, analyzing package metadata (age,...
microsoft
Security-101Security-101 is an educational curriculum comprising 8 structured lessons on cybersecurity fundamentals, covering topics from the CIA triad through...
urbanadventurer
WhatWebWhatWeb is a web scanner that identifies websites and their underlying technologies—CMS platforms, web servers, JavaScript libraries, version...
openappsec
openappsecopen-appsec is a machine learning-powered Web Application Firewall (WAF) that detects and prevents threats against web applications and APIs by...
Weekly newsletter
Every Monday: the repos worth your attention, anomaly signals and deep AI analysis. No fluff, unsubscribe any time.