AI Phishing Email Detector | Web Vulnerability Scanner - Tayyabjavedofficial/cybershield

Professional smart contract security auditing framework — vulnerability scanner, exploit PoCs, AI audit assistant, and audit report generator - BlockchainNooberz/Auditing-smart-contracts

Web Application Penetration Testing against OWASP Juice Shop using PTES, OWASP Top 10 and OWASP WSTG. - gfmcorrea/pentest-web-juice-shop

Deploying Sliver to an Oracle OCI compute instance via Terraform and Ansible - datboyblu3/The-Homegrown-Beacon

Safely detect whether a SolarWinds Serv-U host is vulnerable to CVE-2026-28318 - BishopFox/CVE-2026-28318-check

Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026-20230. - HalilDeniz/CVE-2026-20230-Scanner

Web Vulnerability Scanner — Flask REST API + SQLite + Security Scanning - amr-khaledd/webguard

Burp Suite Extension for auditing OAuth 2.0 implementations. Supports both Community and Professional Editions. - matiassequeira/burpsuite-oauth2.0

TryHackMe SOC Level 1 — Full kill chain analysis: HTA lure, DLL execution, credential dumping, DCSync, ransomware staging - czabatta/THM-Boogeyman3

Memory forensics automation — process analysis, injection detection, YARA scanning, IOC extraction with STIX 2.1 export. Works standalone or with Volatility3. - joemunene-by/ghostforensics

Open-source malware analysis sandbox with Docker/QEMU execution, telemetry, YARA, Suricata, threat-intel enrichment, and AI reports. - allsmog/detonate

Orchestra is the most advanced C2 framework in development. Features are beta and final version will be available commercially only to approved candidates. - t-h-i-n-k-er/orchestra

WebStrike — automated web-pentesting framework that orchestrates Kali tools (subfinder, httpx, katana, ffuf, nuclei, sqlmap, dalfox) into one phased recon→exploit→report pipeline. - FlinnZee/webstr...

An advanced Out-of-Band and In-Band SSRF fuzzing scanner with dynamic request tracking. - R0X4R/ressrf

5-layer offensive & defensive security toolkit: API scanner + payload injection (SQLi/XSS/JWT/PathTrav/SSRF) + network recon + AI prompt injection/red-team engine. Built on CL4R1T4S (29.5k ...

Reproducible Stuxnet malware-analysis lab with static and dynamic workflows, YARA/Sigma detections, and safety-first documentation. - allsmog/mlw-lab

pentesting tool to bypass captcha Steam, Gmail, Instagram, Facebook, Twitter, Snapchat, Outlook, Netflix, Adobe Bot Automation - SeseyqOw/Captcha-Bypass-Tool

🔐 Atithi-Attacker — XSS-based cookie hijacking lab demonstrating session theft through stored XSS vulnerabilities. Frontend (HTML/JS) + Backend (PHP) with real-time stolen cookie dashboard. - Tarik...

Python web vulnerability scanner detecting SQL injection, XSS, open redirects, and security misconfigurations. Multithreaded directory enumeration across 40+ sensitive paths. Generates color-coded ...