A Burp Suite extension that automatically redacts PII, credentials, and other sensitive data from HTTP traffic, enabling secure sharing of requests and responses in reports, team reviews, or AI wor...

Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典. - wgpsec/AboutSecurity

This Burp plugin allow copy all authentication headers by one click - smackerdodi/copy-auth-header

Description for repo19:34Detection content for CVE-2026-22557 — UniFi Network Application unauthenticated path traversal (CVSS 10.0). Includes YARA, Sigma, KQL, Splunk SPL, Sysmon config, and a bas...

Tested applications (DVWA, OWASP Juice Shop) for vulnerabilities Identified issues like SQL Injection and XSS Translated security findings into secure development practices - RBCHANDRAKANTH/web-sec...

The first security CTF lab built with React and Next.js. Open you browser and start hacking. - kOaDT/oss-oopssec-store

Living of the Land of Free SaaS. Contribute to lolfsaas/lolfsaas.github.io development by creating an account on GitHub.

Exploits crypto wallet vulnerabilities to steal funds by injecting malicious scripts that capture seed phrases and private keys, bypassing security measures on platforms like MetaMask, OKX, and Exo...

A Python-based security log analyzer with a graphical interface that detects suspicious activities such as SSH brute force attempts, SQL injection, XSS attacks, and directory scans from log files. ...

AI JOKER-C2 — identity-bound operational AI application built on the HBCE infrastructure. - manuelcoletta1-source/hbce-ai-joker-c2

Critical Pre-Auth Root RCE (CVSS 10.0) in DigitalOcean Droplet Agent up to v1.3.2 via Command Injection. - poxsky/CVE-2026-24516-DigitalOcean-RCE

Incident response lab simulating a real-world security incident lifecycle, including detection, investigation, containment and remediation of a brute force attack using log analysis and response pl...

Built a real-time ML-powered security system that monitors a PHP catering application, detects SQL injection and XSS attacks using a Random Forest classifier, and automatically blacklists maliciou...

C2pool: decentralized, DoS-resistant, Hop-Proof PoW mining pool. - frstrtr/c2pool

Create rogue Wi-Fi access points with captive portals, DNS spoofing, and transparent proxy to intercept and control client web traffic on Linux systems. - saliniarjun/EvilAP

Bypass SSL pinning in Meta Business Suite on Android to intercept and analyze HTTPS traffic on rooted and non-rooted devices. - kenshin-arch/Meta-Business-Suite-SSL-Pinning-Bypass

Scan MCP servers, AI agents, and LLM pipelines for security vulnerabilities and send results directly to your GitHub Security tab. - schyles/mcp-scan-action

Bypass web application firewalls and test security with an open-source toolkit offering recon, scanning, and hardening without dependencies. - chasesniper/Fray

Contribute to buugdig/pages-ssrf-test development by creating an account on GitHub.

Advanced Mythic C2 Interface. Contribute to aifred0729-TW/Minerva development by creating an account on GitHub.

Python-based Web Vulnerability Scanner covering OWASP Top 10 — SQLi, XSS, CSRF, SSL, broken auth & more - ankush-beniwal/owasp-web-scanner