Top disclosed reports from HackerOne

A dockerised and maintained Next.js + Auth.js + Drizzle boilerplate

User-friendly WebUI for AI (Formerly Ollama WebUI)

Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection

Devon: An open-source pair programmer

Perplexica is an AI-powered search engine. It is an Open source alternative to Perplexity AI

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Desktop environment in the browser

SearXNG is a free internet metasearch engine which aggregates results from various search services and databases. Users are neither tracked nor profiled.

Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

SWE-agent takes a GitHub issue and tries to automatically fix it, using GPT-4, or your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

This is a step-by-step guide to implementing a DevSecOps program for any size organization

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Vector database (Weaviate) to build an image search engine powered by a deep neural network

Collection of methodology and test case for various web vulnerabilities.

🐙 Guides, papers, lecture, notebooks and resources for prompt engineering

Stateful Event Synchronization Testing for asynchronous services

this repo to show you examples of using syft as sbom generating tool with some containers

GVision is a reverse image search app that use Google Cloud Vision API to detect landmarks and web entities from images, helping you gather valuable information quickly and easily.

Get notified when someone comes to online on whatsapp

Scripts for solving WebSecurity Academy labs of PortSwigger using Python

40,000+ Nuclei templates for security scanning and detection across diverse web applications and services

This is a useful Python script for extracting bug bounty or any other write-ups from Medium.com and other websites (soon).

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

AutoRecon-XSS is a script designed for automated reconnaissance of XSS vulnerabilities. It crawls the target URL or alive domains, extracts potential vulnerable URLs, and checks them for XSS vulner…

SGPT is a command-line tool that provides a convenient way to interact with OpenAI models, enabling users to run queries, generate shell commands and produce code directly from the terminal.