DSVPN is a minimalist C VPN that runs TCP-over-TCP with a clever congestion control coupling to overcome traditional performance issues. Zero-config, cross-platform, and formally verified cryptography.
pentest-ai-agents uses 35 markdown-based Claude Code subagents to automate offensive security tasks without servers or orchestration. Zero dependencies, pure prompt-engineering architecture.
HydroponicOne is a self-hosted IoT system for hydroponic automation featuring an ESP32 firmware with RSA-2048 signed OTA updates, a TypeScript backend, and a React real-time dashboard.
AI Security Arsenal offers 12 modular AI agent skills for security testing, using lazy-loaded decision trees optimized for limited LLM contexts, spanning mobile, web, cloud, network, and code security.
Minimal Firewall is a lightweight C# frontend for Windows Firewall enforcing default-deny outbound with real-time alerts and a unique audit system that disables sneaky allow rules.
subfinder is a Go-based passive subdomain enumerator using modular sources and concurrent validation to discover valid subdomains stealthily and efficiently.
SPR is an open-source router OS delivering per-device WPA3 passphrases, micro-segmented /30 subnets, and zero-trust policies in Docker containers on Linux.
Explore a community-curated catalog of open source web security scanners organized by scanner type, revealing trends in modern web app security tooling.
awesome-osint-arsenal provides a single-command shell installer that auto-detects Linux distros and installs 750+ OSINT and security tools idempotently, turning an awesome list into a deployable arsenal.
bopscrk is a Python CLI tool for targeted password wordlist generation, combining user input and scraped song lyrics with mutations. Useful in pentesting and red teaming.
CF-Hero is a Go CLI tool that finds origin IP addresses hidden behind Cloudflare by correlating OSINT sources, DNS history, and HTTP fingerprinting. A practical tool for security pros.
Claude-OSINT equips Claude LLM with 4,600+ lines of structured OSINT tradecraft in markdown skills, enabling AI-driven recon with 90+ modules, 80+ dorks, and attack-path templates. No external APIs needed.
DeepZero automates vulnerability research on Windows kernel drivers by chaining Ghidra decompilation with LLM-based analysis using YAML pipelines and Jinja2 templates.
FuzzyAI combines fuzz testing with AI models using Python and Ollama. It offers a CLI for fuzzing with local LLMs, balancing AI power and practical setup tradeoffs.
GarudRecon automates reconnaissance by orchestrating 80+ security tools in Bash. Its design tradeoffs and installation steps reveal why Bash remains a practical choice for heavy string manipulation workflows.
H4X-Tools is a Python 3.10+ CLI toolkit offering 16 modular OSINT utilities, including a dual-source leak search combining stealer logs and a 3.2B+ credential dataset for actionable breach insights.
Hackingtool-plugin wraps 183 pentesting and OSINT tools behind a Claude Code plugin. It smartly dispatches commands to native Bash, WSL, or Docker containers, outputting clean JSON.
reconFTW automates over 50 security tools into a unified Shell-based pipeline for penetration testers and bug bounty hunters, supporting full lifecycle recon and distributed scanning.