Proof-of-Concept exploit for CVE-2026-23918 (Apache mod_http2 double-free). Features multi-mode DoS (Rapid-RST, Slow-Drip) and passive RCE/vulnerability detection for Apache 2.4.66.

Taste-Skill - gives your AI good taste. stops the AI from generating boring, generic slop

CVE-2026-41940 — cPanel & WHM Authentication Bypass via Session-File CRLF Injection

Top disclosed reports from HackerOne

Copy Fail (CVE-2026-31431) LPE exploit. A clean, multi-arch Python reimplementation targeting the Linux kernel AF_ALG page cache vulnerability.

CVE-2026-7671 - OTP Brute Force vulnerability in Tornet Scooter Mobile App 4.75 (CWE-307)

AI/LLM security scanner — model artifact analysis, prompt injection firewall, MCP agent validation, pickle/safetensors/GGUF fuzzing. Zero false positives.

A collection of awesome resources related AI security

AWS, Azure, Alibaba and Google bucket scanner

A lightweight, cryptography-powered, open-source toolkit built to enforce Zero Trust security for infrastructure, applications, and data in the AI-driven world.

Security audit tool for Claude Desktop and Claude Code on macOS — single-command visibility into MCP servers, extensions, plugins, connectors, scheduled tasks, and permissions.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Generate Claude Code bug bounty skills from public HackerOne reports and GitHub writeups — 18 vuln classes, no private reports needed

Master programming by recreating your favorite technologies from scratch.

The GEP-powered self-evolving engine for AI agents. Auditable evolution with Genes, Capsules, and Events. | evomap.ai

APT38 Tactic PoC for Stealing 0days from security researchers

Claude Code skill for drafting cross-platform replies (GitHub/Reddit/Twitter/HN) with anti-AI-smell rules

Repositório com recursos em Português (PT-BR) para estudos da certificação AWS Certified Solutions Architect - Associate (SAA-C03)

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

A python script that finds endpoints in JavaScript files

Opinionated skills for AI coding agents to create stunning diagrams and visualizations directly in Markdown. These skills extend agent capabilities across diagram generation, data visualization, an…

Debugging skill for AI agents

Local Azure development. One binary. No account needed. 25+ emulated services for testing, CI and local dev.

OpenFrame is a video review and approval platform for teams that need clear feedback, version control, and client-friendly review links in one place. It supports collaborative review workflows out …

FluidVoice - Fastest macOS Offline Dictation app - Voice to Text fully Local. One ⭐ takes us a long way :))

GoAttack 是一款运用Go语言作为后端和Vue 3作为前端开发的现代化网络安全扫描分析平台。它被设计用于对标商业级漏洞扫描器，并提供一系列包括主机探测、端点梳理、资产测绘、漏扫POC验证和自动报告等多位一体的安全分析能力。旨在为安全工程师、红蓝渗透测试人员及安全运维管理团队提供一个精练、高效、可扩展且界面友好的集成式作战平台。

From a goal to a task DAG, automatically. TypeScript-native multi-agent orchestration with MCP and live tracing. Three runtime dependencies.

This is a Python script that generates a staged payload that fully bypasses MS Defender. Can potentially be used for EDRs with some customization.

GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.