HOT🔥
10.1k
GhostTrack
GhostTrack is a lightweight, open-source OSINT tool that helps cybersecurity researchers and ethical hackers gather public intelligence on IP addresses, phone numbers, usernames, and domains. With its simple menu-driven CLI interface, it offers IP geolocation, phone carrier details, social media footprint searches, and easy integration with tools like Seeker—all in a single Python script for quick reconnaissance.(214 characters)[1][2][3]
HOT🔥
7.8k
browser-harness
Browser Harness is a lightweight, self-healing tool that gives AI language models direct control over a real Chrome browser via the Chrome DevTools Protocol. It skips rigid frameworks for maximum freedom—agents can click, scroll, fill forms, handle crashes, and even write custom helpers on the fly to tackle any web task, from logins to dynamic apps. Perfect for developers and security researchers building flexible automation.
Burp Suite CE
Burp Suite Community Edition is a free toolkit for web app security testing, offering an intercepting proxy, traffic history, repeater, decoder, and other core tools for hands-on manual assessments.
FoxyProxy
FoxyProxy is an open-source, advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. No paid accounts are necessary; bring your own proxies or buy from any vendor. The original proxy tool, since 2006.
365.7k
openclaw
OpenClaw is an open-source, local-first AI agent that runs on your Mac, Windows, or Linux machine, keeping all data private and under your control. Chat with it via WhatsApp, Telegram, Discord, Slack, or Signal to automate tasks like clearing inboxes, sending emails, managing calendars, running shell commands, and browser actions. Model-agnostic with persistent memory, skills, and enhanced security features, it delivers efficiency for developers and security researchers auditing AI workflows.[1][2][3]
185.9k
n8n
Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.
110.9k
Awesome-Hacking
Awesome-Hacking curates top security, pentesting, and hacking resources into one place, giving developers and auditors quick access to tools, guides, and research for stronger security work.
106.1k
frp
frp is a high-performance reverse proxy that exposes internal TCP, UDP, HTTP, and HTTPS services through a secure public endpoint, with auth, encryption, logging, and load balancing for analysis.
105.2k
moltbot
Moltbot is a local-first AI agent that runs 24/7 on your hardware, acting as a proactive coding assistant for developers and auditors. It monitors CI/CD pipelines, fixes bugs overnight, creates pull requests, and integrates with 50+ messaging apps like Telegram and Slack. With persistent memory and full system access, it automates workflows securely while keeping your data private—saving hours on repetitive tasks.
102.9k
terminal
Windows Terminal is a fast, tabbed command-line hub for cmd, PowerShell, WSL, and SSH, with profiles, search, and deep customization that streamline development, admin, and security investigation workflows.
Bug Bounty Daily
Bug Bounty Daily curates the most useful bug bounty articles in one place, helping developers and security researchers stay sharp, learn new techniques, and improve their vulnerability finding skills.
77.3k
PayloadsAllTheThings
PayloadsAllTheThings is an open-source resource offering a comprehensive collection of payloads and bypass techniques for web application security testing and penetration testing. It helps developers and security researchers quickly identify, exploit, and understand vulnerabilities like XSS, SQL injection, command injection, and file inclusion. The project saves time in audits and supports learning through practical examples used in real-world web security assessments.
70.7k
sherlock
Sherlock is an open-source tool that scans 400+ sites to find where a username is registered, giving developers and investigators quick insight into a target’s social media footprint.
70.5k
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
68.9k
claude-mem
A Claude Code plugin that automatically captures everything Claude does during your coding sessions, compresses it with AI (using Claude's agent-sdk), and injects relevant context back into future sessions.
67.8k
ghidra
Ghidra is an open-source software reverse engineering framework developed by the NSA that helps developers and security researchers analyze and decompile binary code. It offers disassembly, decompilation, scripting, and collaborative features to uncover software behavior, identify vulnerabilities, and analyze malware across multiple platforms. Its extensibility and user-friendly interface make complex reverse engineering accessible and efficient.
55.4k
clawdbot
clawdbot is a self-hosted AI agent platform that connects chat, tools, and devices, helping developers and security researchers automate workflows and audit complex systems across platforms.
54.2k
hackingtool
hackingtool is an all‑in‑one ethical hacking suite that unifies popular pentesting, OSINT, and network scanning tools into a single menu-driven interface for faster security audits and research.
53.3k
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
52.9k
worldmonitor
Real-time global intelligence dashboard. AI-powered news aggregation, geopolitical monitoring, and infrastructure tracking in a unified situational awareness interface