Security on Noureddine RAMDI

Security on Noureddine RAMDIhttps://ramdi.fr/tags/security/Recent content in Security on Noureddine RAMDIHugoenSat, 23 May 2026 20:41:27 +0000A curated taxonomy of open source web security scannershttps://ramdi.fr/github-stars/a-curated-taxonomy-of-open-source-web-security-scanners/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/a-curated-taxonomy-of-open-source-web-security-scanners/Explore a community-curated catalog of open source web security scanners organized by scanner type, revealing trends in modern web app security tooling.Argus: a modular Python CLI toolkit for comprehensive security reconnaissancehttps://ramdi.fr/github-stars/argus-a-modular-python-cli-toolkit-for-comprehensive-security-reconnaissance/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/argus-a-modular-python-cli-toolkit-for-comprehensive-security-reconnaissance/Argus is a Python CLI toolkit bundling 135 reconnaissance modules across network, web, and threat intelligence domains in a unified command shell.awesome-osint-arsenal: automated multi-distro provisioning for a massive OSINT and security toolkithttps://ramdi.fr/github-stars/awesome-osint-arsenal-automated-multi-distro-provisioning-for-a-massive-osint-and-security-toolkit/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/awesome-osint-arsenal-automated-multi-distro-provisioning-for-a-massive-osint-and-security-toolkit/awesome-osint-arsenal provides a single-command shell installer that auto-detects Linux distros and installs 750+ OSINT and security tools idempotently, turning an awesome list into a deployable arsenal.bopscrk: targeted password wordlist generation with lyric-based OSINThttps://ramdi.fr/github-stars/bopscrk-targeted-password-wordlist-generation-with-lyric-based-osint/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/bopscrk-targeted-password-wordlist-generation-with-lyric-based-osint/bopscrk is a Python CLI tool for targeted password wordlist generation, combining user input and scraped song lyrics with mutations. Useful in pentesting and red teaming.CF-Hero: A Go CLI for uncovering origin IPs behind Cloudflare using multi-source OSINT correlationhttps://ramdi.fr/github-stars/cf-hero-a-go-cli-for-uncovering-origin-ips-behind-cloudflare-using-multi-source-osint-correlation/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/cf-hero-a-go-cli-for-uncovering-origin-ips-behind-cloudflare-using-multi-source-osint-correlation/CF-Hero is a Go CLI tool that finds origin IP addresses hidden behind Cloudflare by correlating OSINT sources, DNS history, and HTTP fingerprinting. A practical tool for security pros.Claude-OSINT: Turning Claude into an AI-driven OSINT Recon Operator with Structured Skillshttps://ramdi.fr/github-stars/claude-osint-turning-claude-into-an-ai-driven-osint-recon-operator-with-structured-skills/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/claude-osint-turning-claude-into-an-ai-driven-osint-recon-operator-with-structured-skills/Claude-OSINT equips Claude LLM with 4,600+ lines of structured OSINT tradecraft in markdown skills, enabling AI-driven recon with 90+ modules, 80+ dorks, and attack-path templates. No external APIs needed.Cyber Detective's OSINT Tools Collection: A curated index for systematic open-source intelligence workflowshttps://ramdi.fr/github-stars/cyber-detective-s-osint-tools-collection-a-curated-index-for-systematic-open-source-intelligence-workflows/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/cyber-detective-s-osint-tools-collection-a-curated-index-for-systematic-open-source-intelligence-workflows/A curated collection of 1000+ OSINT tools organized by investigative domains, supporting systematic workflows in open-source intelligence gathering.DeepZero: Automating Windows Kernel Driver Vulnerability Research with YAML-Driven LLM Pipelineshttps://ramdi.fr/github-stars/deepzero-automating-windows-kernel-driver-vulnerability-research-with-yaml-driven-llm-pipelines/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/deepzero-automating-windows-kernel-driver-vulnerability-research-with-yaml-driven-llm-pipelines/DeepZero automates vulnerability research on Windows kernel drivers by chaining Ghidra decompilation with LLM-based analysis using YAML pipelines and Jinja2 templates.FuzzyAI: AI-Driven Fuzz Testing with Local LLM Integrationhttps://ramdi.fr/github-stars/fuzzyai-ai-driven-fuzz-testing-with-local-llm-integration/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/fuzzyai-ai-driven-fuzz-testing-with-local-llm-integration/FuzzyAI combines fuzz testing with AI models using Python and Ollama. It offers a CLI for fuzzing with local LLMs, balancing AI power and practical setup tradeoffs.GarudRecon: orchestrating 80+ security tools for automated recon with Bashhttps://ramdi.fr/github-stars/garudrecon-orchestrating-80-security-tools-for-automated-recon-with-bash/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/garudrecon-orchestrating-80-security-tools-for-automated-recon-with-bash/GarudRecon automates reconnaissance by orchestrating 80+ security tools in Bash. Its design tradeoffs and installation steps reveal why Bash remains a practical choice for heavy string manipulation workflows.H4X-Tools: a modular Python CLI for OSINT and dual-source credential leak searchhttps://ramdi.fr/github-stars/h4x-tools-a-modular-python-cli-for-osint-and-dual-source-credential-leak-search/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/h4x-tools-a-modular-python-cli-for-osint-and-dual-source-credential-leak-search/H4X-Tools is a Python 3.10+ CLI toolkit offering 16 modular OSINT utilities, including a dual-source leak search combining stealer logs and a 3.2B+ credential dataset for actionable breach insights.Hackingtool Plugin: a smart dispatcher for 183 pentesting tools with native, WSL, and Docker backendshttps://ramdi.fr/github-stars/hackingtool-plugin-a-smart-dispatcher-for-183-pentesting-tools-with-native-wsl-and-docker-backends/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/hackingtool-plugin-a-smart-dispatcher-for-183-pentesting-tools-with-native-wsl-and-docker-backends/Hackingtool-plugin wraps 183 pentesting and OSINT tools behind a Claude Code plugin. It smartly dispatches commands to native Bash, WSL, or Docker containers, outputting clean JSON.Inside reconFTW: orchestrating 50+ security tools for automated reconnaissancehttps://ramdi.fr/github-stars/inside-reconftw-orchestrating-50-security-tools-for-automated-reconnaissance/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/inside-reconftw-orchestrating-50-security-tools-for-automated-reconnaissance/reconFTW automates over 50 security tools into a unified Shell-based pipeline for penetration testers and bug bounty hunters, supporting full lifecycle recon and distributed scanning.Inside Xalgorix: an LLM-driven autonomous pentesting platform with a 22-phase testing pipelinehttps://ramdi.fr/github-stars/inside-xalgorix-an-llm-driven-autonomous-pentesting-platform-with-a-22-phase-testing-pipeline/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/inside-xalgorix-an-llm-driven-autonomous-pentesting-platform-with-a-22-phase-testing-pipeline/Xalgorix is a Go-based autonomous pentesting platform driven by LLMs, featuring a 22-phase methodology from recon to exploit verification, with live telemetry and reporting.jadx-ai-mcp: enabling AI-augmented reverse engineering of Android APKs with a JADX plugin and MCP serverhttps://ramdi.fr/github-stars/jadx-ai-mcp-enabling-ai-augmented-reverse-engineering-of-android-apks-with-a-jadx-plugin-and-mcp-server/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/jadx-ai-mcp-enabling-ai-augmented-reverse-engineering-of-android-apks-with-a-jadx-plugin-and-mcp-server/jadx-ai-mcp combines a JADX decompiler plugin with a Python MCP server, enabling AI assistants like Claude to perform live reverse engineering on Android APKs with 30+ interactive tools.LLM4Pentest: A curated knowledge hub on large language models for automated penetration testinghttps://ramdi.fr/github-stars/llm4pentest-a-curated-knowledge-hub-on-large-language-models-for-automated-penetration-testing/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/llm4pentest-a-curated-knowledge-hub-on-large-language-models-for-automated-penetration-testing/LLM4Pentest aggregates 40+ research papers and tools tracking the evolving role of LLMs in automated penetration testing, highlighting progress and limitations.LocalSend: Secure, cross-platform LAN file sharing with on-the-fly TLShttps://ramdi.fr/github-stars/localsend-secure-cross-platform-lan-file-sharing-with-on-the-fly-tls/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/localsend-secure-cross-platform-lan-file-sharing-with-on-the-fly-tls/LocalSend offers secure, zero-config LAN file sharing with ephemeral TLS certificates, built with Flutter and Rust for cross-platform privacy-focused transfers.LuaN1aoAgent: Autonomous penetration testing with P-E-R multi-agent causal graph reasoninghttps://ramdi.fr/github-stars/luan1aoagent-autonomous-penetration-testing-with-p-e-r-multi-agent-causal-graph-reasoning/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/luan1aoagent-autonomous-penetration-testing-with-p-e-r-multi-agent-causal-graph-reasoning/LuaN1aoAgent uses a P-E-R multi-agent framework and causal graph reasoning to achieve 90.4% autonomous success on penetration tests with low exploit cost. Key for AI-driven pentesting.Matkap: Active interception of malicious Telegram bots using leaked tokenshttps://ramdi.fr/github-stars/matkap-active-interception-of-malicious-telegram-bots-using-leaked-tokens/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/matkap-active-interception-of-malicious-telegram-bots-using-leaked-tokens/Matkap is a Python tool that hunts down malicious Telegram bots by hijacking leaked bot tokens and forwarding their messages for active threat intelligence gathering.Metasploit on Android via Termux: Automating a fragile Ruby native extension patchhttps://ramdi.fr/github-stars/metasploit-on-android-via-termux-automating-a-fragile-ruby-native-extension-patch/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/metasploit-on-android-via-termux-automating-a-fragile-ruby-native-extension-patch/Metasploit-termux automates installing Metasploit Framework on Android via Termux, fixing Ruby 3.4 Nokogiri/Gumbo native extension build issues on ARM64. Here’s how it works.nomore403: automated HTTP 403 bypass testing with heuristic scoring in Gohttps://ramdi.fr/github-stars/nomore403-automated-http-403-bypass-testing-with-heuristic-scoring-in-go/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/nomore403-automated-http-403-bypass-testing-with-heuristic-scoring-in-go/nomore403 is a Go CLI tool for security researchers automating HTTP 403/401 bypass testing with heuristic scoring to flag likely bypasses and reduce false positives.OpenAnt: An LLM-powered two-stage vulnerability discovery tool with exploit validationhttps://ramdi.fr/github-stars/openant-an-llm-powered-two-stage-vulnerability-discovery-tool-with-exploit-validation/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/openant-an-llm-powered-two-stage-vulnerability-discovery-tool-with-exploit-validation/OpenAnt uses a two-stage LLM pipeline to detect and validate code vulnerabilities across multiple languages, reducing false positives by verifying exploits automatically.OpsKat: AI-first secure infrastructure management with policy-enforced AI agentshttps://ramdi.fr/github-stars/opskat-ai-first-secure-infrastructure-management-with-policy-enforced-ai-agents/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/opskat-ai-first-secure-infrastructure-management-with-policy-enforced-ai-agents/OpsKat is a desktop app blending AI agents with secure, policy-enforced remote infrastructure control across SSH, databases, and Kafka. It bridges AI coding assistants to production safely.SafestClaw: a deterministic AI assistant with classical ML pipelines for local, secure, and zero-cost operationhttps://ramdi.fr/github-stars/safestclaw-a-deterministic-ai-assistant-with-classical-ml-pipelines-for-local-secure-and-zero-cost-operation/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/safestclaw-a-deterministic-ai-assistant-with-classical-ml-pipelines-for-local-secure-and-zero-cost-operation/SafestClaw uses classical ML pipelines and local AI models to deliver 90% of OpenClaw’s features at zero cost, avoiding prompt injection and cloud dependencies.Seeker: a social engineering tool for harvesting browser location and fingerprint datahttps://ramdi.fr/github-stars/seeker-a-social-engineering-tool-for-harvesting-browser-location-and-fingerprint-data/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/seeker-a-social-engineering-tool-for-harvesting-browser-location-and-fingerprint-data/Seeker hosts fake web pages to trick users into granting browser location permission, harvesting precise GPS and device fingerprint data via HTML5 APIs. Built with Python and Flask, it runs on multiple platforms and supports export to Google Earth and Telegram.skill-check: enforcing quality standards for AI agent skills with measurable scoringhttps://ramdi.fr/github-stars/skill-check-enforcing-quality-standards-for-ai-agent-skills-with-measurable-scoring/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/skill-check-enforcing-quality-standards-for-ai-agent-skills-with-measurable-scoring/skill-check is a TypeScript CLI that validates and scores AI agent SKILL.md files with auto-fix and security scanning, supporting multiple output formats and baseline comparisons.VoidAuth: a self-hosted OpenID Connect SSO provider for homelabshttps://ramdi.fr/github-stars/voidauth-a-self-hosted-openid-connect-sso-provider-for-homelabs/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/voidauth-a-self-hosted-openid-connect-sso-provider-for-homelabs/VoidAuth is a TypeScript-based self-hosted OpenID Connect provider and ForwardAuth reverse proxy designed for homelabs, offering user management, passkeys, MFA, and Docker-first deployment.WhatsApp-OSINT: A Python CLI tool for WhatsApp phone number intelligence via RapidAPIhttps://ramdi.fr/github-stars/whatsapp-osint-a-python-cli-tool-for-whatsapp-phone-number-intelligence-via-rapidapi/Sat, 23 May 2026 20:41:14 +0000https://ramdi.fr/github-stars/whatsapp-osint-a-python-cli-tool-for-whatsapp-phone-number-intelligence-via-rapidapi/WhatsApp-OSINT is a Python CLI that queries RapidAPI endpoints to extract WhatsApp phone number intelligence, including profile pics, business status, linked devices, and privacy settings.OpenShell: Securing AI agents with runtime-policy sandboxing from NVIDIAhttps://ramdi.fr/github-stars/openshell-securing-ai-agents-with-runtime-policy-sandboxing-from-nvidia/Mon, 18 May 2026 18:25:17 +0000https://ramdi.fr/github-stars/openshell-securing-ai-agents-with-runtime-policy-sandboxing-from-nvidia/OpenShell by NVIDIA offers a Rust-based AI agent sandbox runtime with hot-reloadable YAML policies for filesystem, network, process, and inference controls inside containers.Trivy: a unified security scanner for container images, filesystems, and Kuberneteshttps://ramdi.fr/github-stars/trivy-a-unified-security-scanner-for-container-images-filesystems-and-kubernetes/Tue, 05 May 2026 22:24:55 +0000https://ramdi.fr/github-stars/trivy-a-unified-security-scanner-for-container-images-filesystems-and-kubernetes/Trivy combines vulnerability detection, misconfiguration scanning, secret discovery, SBOM generation, and license analysis in one Go-based CLI tool for containers, filesystems, and Kubernetes clusters.Sherlock: A modular Python CLI tool for username reconnaissance across 400+ social networkshttps://ramdi.fr/github-stars/sherlock-a-modular-python-cli-tool-for-username-reconnaissance-across-400-social-networks/Tue, 05 May 2026 18:13:32 +0000https://ramdi.fr/github-stars/sherlock-a-modular-python-cli-tool-for-username-reconnaissance-across-400-social-networks/Sherlock is a Python CLI tool that checks username availability across 400+ social networks using a modular JSON-driven detection system. Practical, extensible, and flexible.cfpsec: a Python CLI for secure fetching of security conference CFPshttps://ramdi.fr/github-stars/cfpsec-a-python-cli-for-secure-fetching-of-security-conference-cfps/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/cfpsec-a-python-cli-for-secure-fetching-of-security-conference-cfps/cfpsec is a Python CLI tool that fetches Call For Papers data from cfptime.org with security-focused hardening like ANSI escape sanitization and CSV formula injection protection.DLLHijackHunter: Confirming real DLL hijacks on Windows with a canary DLL approachhttps://ramdi.fr/github-stars/dllhijackhunter-confirming-real-dll-hijacks-on-windows-with-a-canary-dll-approach/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/dllhijackhunter-confirming-real-dll-hijacks-on-windows-with-a-canary-dll-approach/DLLHijackHunter is a C# tool for Windows that confirms DLL hijack vulnerabilities by deploying test DLLs and verifying execution, reducing false positives in detection.Inside santifer/cv-santiago: a production-grade AI-powered portfolio with robust security and evaluationhttps://ramdi.fr/github-stars/inside-santifer-cv-santiago-a-production-grade-ai-powered-portfolio-with-robust-security-and-evaluation/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/inside-santifer-cv-santiago-a-production-grade-ai-powered-portfolio-with-robust-security-and-evaluation/santifer/cv-santiago offers an interactive portfolio CV with a dual-mode AI chatbot, hybrid search, multi-layer prompt injection defenses, and a closed-loop evaluation pipeline for production-grade AI security.Magento Open Source: A community-driven foundation for e-commercehttps://ramdi.fr/github-stars/magento-open-source-a-community-driven-foundation-for-e-commerce/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/magento-open-source-a-community-driven-foundation-for-e-commerce/Magento Open Source is a PHP-based e-commerce platform emphasizing community maintainers with elevated permissions and strong security practices. It offers a foundation for building online stores with active community governance.Personal security checklist powered by a single YAML source: architecture and insightshttps://ramdi.fr/github-stars/personal-security-checklist-powered-by-a-single-yaml-source-architecture-and-insights/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/personal-security-checklist-powered-by-a-single-yaml-source-architecture-and-insights/A TypeScript project using one YAML file to drive a static site, REST API, and markdown docs for personal security tips. Explore its architecture and tradeoffs.secrets-patterns-db: expanding regex coverage for secret scanning in codebaseshttps://ramdi.fr/github-stars/secrets-patterns-db-expanding-regex-coverage-for-secret-scanning-in-codebases/Tue, 05 May 2026 16:46:42 +0000https://ramdi.fr/github-stars/secrets-patterns-db-expanding-regex-coverage-for-secret-scanning-in-codebases/secrets-patterns-db offers over 1600 regex patterns for detecting secrets in code, doubling coverage compared to TruffleHog and vastly outpacing Gitleaks. It enhances AppSec scanning with tested, categorized regexes.CoreExtendedNFC: Bringing libnfc Protocol Logic to iOS with Pure Swifthttps://ramdi.fr/github-stars/coreextendednfc-bringing-libnfc-protocol-logic-to-ios-with-pure-swift/Tue, 05 May 2026 13:37:39 +0000https://ramdi.fr/github-stars/coreextendednfc-bringing-libnfc-protocol-logic-to-ios-with-pure-swift/CoreExtendedNFC ports libnfc protocol-layer logic to iOS via CoreNFC, enabling high-level NFC operations in pure Swift with zero external dependencies and comprehensive test coverage.DockMon: secure multi-host Docker monitoring with a lightweight Go agent and real-time metricshttps://ramdi.fr/github-stars/dockmon-secure-multi-host-docker-monitoring-with-a-lightweight-go-agent-and-real-time-metrics/Tue, 05 May 2026 13:37:39 +0000https://ramdi.fr/github-stars/dockmon-secure-multi-host-docker-monitoring-with-a-lightweight-go-agent-and-real-time-metrics/DockMon offers secure multi-host Docker monitoring with a Go agent using mTLS, FastAPI backend, React frontend, real-time dashboards, and multi-channel alerts. A solid choice for enterprise-grade observability.Evilginx 3: A Go-based transparent reverse proxy for phishing and MFA bypasshttps://ramdi.fr/github-stars/evilginx-3-a-go-based-transparent-reverse-proxy-for-phishing-and-mfa-bypass/Tue, 05 May 2026 13:37:39 +0000https://ramdi.fr/github-stars/evilginx-3-a-go-based-transparent-reverse-proxy-for-phishing-and-mfa-bypass/Evilginx 3 is a standalone Go framework implementing HTTP/DNS servers to transparently intercept and modify traffic for phishing and MFA bypass using session hijacking.FinalRecon: a unified Python CLI for comprehensive web reconnaissance and OSINT automationhttps://ramdi.fr/github-stars/finalrecon-a-unified-python-cli-for-comprehensive-web-reconnaissance-and-osint-automation/Tue, 05 May 2026 13:37:39 +0000https://ramdi.fr/github-stars/finalrecon-a-unified-python-cli-for-comprehensive-web-reconnaissance-and-osint-automation/FinalRecon consolidates fragmented OSINT and web reconnaissance workflows into a single Python CLI tool, integrating multiple data sources and scanning techniques with modular API key support.Inside capa: a Python engine for binary capability analysis with instruction-level evidencehttps://ramdi.fr/github-stars/inside-capa-a-python-engine-for-binary-capability-analysis-with-instruction-level-evidence/Tue, 05 May 2026 13:37:39 +0000https://ramdi.fr/github-stars/inside-capa-a-python-engine-for-binary-capability-analysis-with-instruction-level-evidence/Explore capa, a Python tool by Mandiant that analyzes binaries to identify capabilities via rule matching, with detailed evidence tracing for malware analysts.awesome-sandbox: comparing modern sandboxing tech for AI agent executionhttps://ramdi.fr/github-stars/awesome-sandbox-comparing-modern-sandboxing-tech-for-ai-agent-execution/Mon, 04 May 2026 10:23:03 +0000https://ramdi.fr/github-stars/awesome-sandbox-comparing-modern-sandboxing-tech-for-ai-agent-execution/A curated repo comparing sandboxing technologies for secure, fast AI agent execution. Covers microVMs, containers, WebAssembly, and more with tradeoffs on security vs speed.Portracker: A lightweight self-hosted port monitoring tool with secure Docker proxy integrationhttps://ramdi.fr/github-stars/portracker-a-lightweight-self-hosted-port-monitoring-tool-with-secure-docker-proxy-integration/Mon, 04 May 2026 10:23:03 +0000https://ramdi.fr/github-stars/portracker-a-lightweight-self-hosted-port-monitoring-tool-with-secure-docker-proxy-integration/Portracker is a self-hosted port monitoring tool with embedded SQLite and Docker socket proxy for secure, read-only Docker API access. It supports multi-server federation and TrueNAS integration.AgentShield: auditing AI agent security configurations with runtime confidence scoringhttps://ramdi.fr/github-stars/agentshield-auditing-ai-agent-security-configurations-with-runtime-confidence-scoring/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/agentshield-auditing-ai-agent-security-configurations-with-runtime-confidence-scoring/AgentShield is a TypeScript CLI tool that audits Claude Code AI agent configs for secrets, permissions, hooks, and more using a runtime confidence system to reduce false positives.DefaultCreds-cheat-sheet: consolidated default credentials for pentestinghttps://ramdi.fr/github-stars/defaultcreds-cheat-sheet-consolidated-default-credentials-for-pentesting/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/defaultcreds-cheat-sheet-consolidated-default-credentials-for-pentesting/DefaultCreds-cheat-sheet consolidates 3,711 default credentials from 1,398 vendors into a Python CLI tool with export and proxy support for pentesting workflows.Dippy: safe shell command hooks for Claude Code with a custom zero-dependency bash parserhttps://ramdi.fr/github-stars/dippy-safe-shell-command-hooks-for-claude-code-with-a-custom-zero-dependency-bash-parser/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/dippy-safe-shell-command-hooks-for-claude-code-with-a-custom-zero-dependency-bash-parser/Dippy uses a custom zero-dependency bash parser to auto-approve safe shell commands run by Claude Code, blocking destructive operations and reducing permission fatigue.dirsearch: a Python web path brute-forcer with precise extension handlinghttps://ramdi.fr/github-stars/dirsearch-a-python-web-path-brute-forcer-with-precise-extension-handling/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/dirsearch-a-python-web-path-brute-forcer-with-precise-extension-handling/dirsearch is a Python tool for brute-forcing web paths with a clever extension handling system. It offers multi-threaded, recursive scanning and session resumption for security reconnaissance.Gridex: a native cross-platform database IDE with a secure AI-integrated MCP serverhttps://ramdi.fr/github-stars/gridex-a-native-cross-platform-database-ide-with-a-secure-ai-integrated-mcp-server/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/gridex-a-native-cross-platform-database-ide-with-a-secure-ai-integrated-mcp-server/Gridex is a native cross-platform database IDE unifying seven database engines with a security-focused MCP server that safely exposes DB operations to AI agents. It uses native UI tech per OS and supports SSH, mTLS, and AI chat integrations.Infisical: A comprehensive open-source secrets management platform with zero-code secret injectionhttps://ramdi.fr/github-stars/infisical-a-comprehensive-open-source-secrets-management-platform-with-zero-code-secret-injection/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/infisical-a-comprehensive-open-source-secrets-management-platform-with-zero-code-secret-injection/Infisical is an open-source secrets management platform offering dynamic secrets, PKI management, RBAC, and a unique zero-code secret injection agent. It’s built in TypeScript and deploys via Docker Compose.Inside Shuffle: an open-source platform for distributed security automation workflowshttps://ramdi.fr/github-stars/inside-shuffle-an-open-source-platform-for-distributed-security-automation-workflows/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/inside-shuffle-an-open-source-platform-for-distributed-security-automation-workflows/Shuffle is an open-source SOAR platform with a distributed execution model that scales security automation across cloud and on-prem environments using Golang backend and ReactJS frontend.ipblocklist: Aggregated IP threat intelligence with clear licensing boundarieshttps://ramdi.fr/github-stars/ipblocklist-aggregated-ip-threat-intelligence-with-clear-licensing-boundaries/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/ipblocklist-aggregated-ip-threat-intelligence-with-clear-licensing-boundaries/ipblocklist aggregates IP blocklists from 30+ threat intel sources into curated inbound and outbound lists, balancing licensing constraints and operational complexity.ISC-Bench: exposing fundamental AI safety failures from workflow-level designhttps://ramdi.fr/github-stars/isc-bench-exposing-fundamental-ai-safety-failures-from-workflow-level-design/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/isc-bench-exposing-fundamental-ai-safety-failures-from-workflow-level-design/ISC-Bench reveals a structural AI safety flaw where LLMs produce harmful outputs to complete tasks, bypassing prompt-level defenses. It benchmarks this workflow-level vulnerability across top models.Mapping the full attack surface of connected devices with awesome-connected-things-sechttps://ramdi.fr/github-stars/mapping-the-full-attack-surface-of-connected-devices-with-awesome-connected-things-sec/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/mapping-the-full-attack-surface-of-connected-devices-with-awesome-connected-things-sec/A curated knowledge base covering hardware and wireless attack surfaces of connected devices, essential for IoT security researchers and hardware hackers.OASIS: a Python CLI for AI-driven code vulnerability scanning with deterministic validationhttps://ramdi.fr/github-stars/oasis-a-python-cli-for-ai-driven-code-vulnerability-scanning-with-deterministic-validation/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/oasis-a-python-cli-for-ai-driven-code-vulnerability-scanning-with-deterministic-validation/OASIS is a Python CLI security auditor using LangGraph-orchestrated LLMs for two-phase scanning and deterministic validation of code vulnerabilities. It balances AI insights with guardrails to reduce false positives.Pentest Swarm AI: A stigmergic swarm intelligence approach to autonomous penetration testinghttps://ramdi.fr/github-stars/pentest-swarm-ai-a-stigmergic-swarm-intelligence-approach-to-autonomous-penetration-testing/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/pentest-swarm-ai-a-stigmergic-swarm-intelligence-approach-to-autonomous-penetration-testing/Pentest Swarm AI uses stigmergic swarm intelligence via a pheromone-decaying blackboard for decentralized, emergent pentesting workflows integrating multiple tools and LLMs.SafestClaw: Combining simple AI setup with automated security scanning in Pythonhttps://ramdi.fr/github-stars/safestclaw-combining-simple-ai-setup-with-automated-security-scanning-in-python/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/safestclaw-combining-simple-ai-setup-with-automated-security-scanning-in-python/SafestClaw offers a Python CLI tool that simplifies AI model configuration and automates security scanning across projects. It supports cloud and local AI models with zero YAML config editing.ScaleTail: Per-Service Tailscale Sidecars for Secure Self-Hosting with Docker Composehttps://ramdi.fr/github-stars/scaletail-per-service-tailscale-sidecars-for-secure-self-hosting-with-docker-compose/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/scaletail-per-service-tailscale-sidecars-for-secure-self-hosting-with-docker-compose/ScaleTail uses Tailscale sidecars per service in Docker Compose to enable automatic HTTPS and zero-config networking for self-hosted apps without public DNS or port forwarding.Sliver: a cryptographically unique adversary emulation framework with multi-protocol C2https://ramdi.fr/github-stars/sliver-a-cryptographically-unique-adversary-emulation-framework-with-multi-protocol-c2/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/sliver-a-cryptographically-unique-adversary-emulation-framework-with-multi-protocol-c2/Sliver uses compile-time asymmetric encryption keys to generate unique implant binaries and supports multiple C2 protocols for cross-platform adversary emulation. Here’s how it works under the hood.Snyk Agent Scan: interactive security scanning for AI agent componentshttps://ramdi.fr/github-stars/snyk-agent-scan-interactive-security-scanning-for-ai-agent-components/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/snyk-agent-scan-interactive-security-scanning-for-ai-agent-components/Snyk Agent Scan is a Python CLI tool detecting 15+ security risks in AI agent MCP servers and skills, using an interactive consent model for safe scanning.WindowsAPIAbuseAtlas: A practical catalog of Windows API abuse techniques with YARA ruleshttps://ramdi.fr/github-stars/windowsapiabuseatlas-a-practical-catalog-of-windows-api-abuse-techniques-with-yara-rules/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/windowsapiabuseatlas-a-practical-catalog-of-windows-api-abuse-techniques-with-yara-rules/WindowsAPIAbuseAtlas catalogs Windows API abuse by malware with reverse engineering notes and YARA rules, aiding threat hunters and malware analysts in detection.X-osint: a modular Python CLI framework orchestrating multiple OSINT APIshttps://ramdi.fr/github-stars/x-osint-a-modular-python-cli-framework-orchestrating-multiple-osint-apis/Mon, 04 May 2026 10:23:02 +0000https://ramdi.fr/github-stars/x-osint-a-modular-python-cli-framework-orchestrating-multiple-osint-apis/X-osint is a Python CLI tool aggregating OSINT data from multiple external APIs with a modular menu-driven interface, designed for Termux, Linux, and macOS.Clawd Cursor: Unified cross-platform desktop control for AI agentshttps://ramdi.fr/github-stars/clawd-cursor-unified-cross-platform-desktop-control-for-ai-agents/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/clawd-cursor-unified-cross-platform-desktop-control-for-ai-agents/Clawd Cursor offers AI agents native desktop control on Windows, macOS, and Linux with a unified PlatformAdapter and local-first architecture, enabling secure, model-agnostic automation without cloud round-trips.fastapi-guard: fine-grained security middleware for FastAPI with composable per-route decoratorshttps://ramdi.fr/github-stars/fastapi-guard-fine-grained-security-middleware-for-fastapi-with-composable-per-route-decorators/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/fastapi-guard-fine-grained-security-middleware-for-fastapi-with-composable-per-route-decorators/fastapi-guard offers a composable security middleware for FastAPI with per-route decorators, IP filtering, rate limiting, and an optional cloud dashboard for monitoring.Inside Mandiant's FLARE Learning Hub: A practical Go reverse engineering reference and malware analysis training platformhttps://ramdi.fr/github-stars/inside-mandiant-s-flare-learning-hub-a-practical-go-reverse-engineering-reference-and-malware-analysis-training-platform/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/inside-mandiant-s-flare-learning-hub-a-practical-go-reverse-engineering-reference-and-malware-analysis-training-platform/Explore Mandiant’s FLARE Learning Hub, an open educational platform for malware analysis and reverse engineering with a standout Go reverse engineering reference targeting Windows AMD64.Inside the iOS-Hardening-Guide: Practical security for Apple deviceshttps://ramdi.fr/github-stars/inside-the-ios-hardening-guide-practical-security-for-apple-devices/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/inside-the-ios-hardening-guide-practical-security-for-apple-devices/A deep dive into the iOS-Hardening-Guide repo, covering hardware exploits like checkm8, Apple’s mitigations, and practical operational security for iOS/iPadOS users.oh-my-kiro: deterministic hooks and reliable loops for AI coding agentshttps://ramdi.fr/github-stars/oh-my-kiro-deterministic-hooks-and-reliable-loops-for-ai-coding-agents/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/oh-my-kiro-deterministic-hooks-and-reliable-loops-for-ai-coding-agents/oh-my-kiro enhances AI coding agents with 3-layer deterministic enforcement and a crash-recovering outer loop, improving reliability and reducing hallucinations.Picosnitch: per-executable network monitoring on Linux with eBPF and fanotifyhttps://ramdi.fr/github-stars/picosnitch-per-executable-network-monitoring-on-linux-with-ebpf-and-fanotify/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/picosnitch-per-executable-network-monitoring-on-linux-with-ebpf-and-fanotify/Picosnitch uses eBPF and fanotify to track bandwidth per executable on Linux, with device+inode caching and hash verification for accuracy.reNgine: A Django-based framework for customizable web reconnaissance pipelineshttps://ramdi.fr/github-stars/rengine-a-django-based-framework-for-customizable-web-reconnaissance-pipelines/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/rengine-a-django-based-framework-for-customizable-web-reconnaissance-pipelines/reNgine is a Django-powered web reconnaissance framework using YAML configurations to orchestrate multiple security tools with async concurrency and role-based access control.watchtower: langgraph orchestration for automated pentesting workflowshttps://ramdi.fr/github-stars/watchtower-langgraph-orchestration-for-automated-pentesting-workflows/Mon, 04 May 2026 10:23:01 +0000https://ramdi.fr/github-stars/watchtower-langgraph-orchestration-for-automated-pentesting-workflows/Watchtower orchestrates 23 security tools via a LangGraph multi-agent system for automated pentesting. It uses a Planner-Worker-Analyst pattern, SQLite state, and supports multiple LLM providers.AI penetration testing knowledge base: structured resources for LLM security researchhttps://ramdi.fr/github-stars/ai-penetration-testing-knowledge-base-structured-resources-for-llm-security-research/Mon, 04 May 2026 10:09:00 +0000https://ramdi.fr/github-stars/ai-penetration-testing-knowledge-base-structured-resources-for-llm-security-research/A curated repository for AI/LLM penetration testing covering prompt injection, adversarial ML, and LLM red teaming with the OWASP LLM Top 10 framework.Bureautix: Secure office workstations managed as code with NixOS and Githttps://ramdi.fr/github-stars/bureautix-secure-office-workstations-managed-as-code-with-nixos-and-git/Sat, 02 May 2026 20:07:04 +0000https://ramdi.fr/github-stars/bureautix-secure-office-workstations-managed-as-code-with-nixos-and-git/Bureautix offers a minimal-infrastructure approach to secure office workstations using NixOS, Secure Boot, and FIDO2 MFA, managing user directories as code distributed via Git.Maigret: A resilient OSINT username scraper across thousands of siteshttps://ramdi.fr/github-stars/maigret-a-resilient-osint-username-scraper-across-thousands-of-sites/Sat, 02 May 2026 20:07:04 +0000https://ramdi.fr/github-stars/maigret-a-resilient-osint-username-scraper-across-thousands-of-sites/Maigret is a Python-based OSINT tool that scrapes public profiles by username from 3,000+ sites without API keys. It features adaptive scraping, anti-blocking, and a web interface.Vaultwarden: a resource-efficient Rust implementation of the Bitwarden server APIhttps://ramdi.fr/github-stars/vaultwarden-a-resource-efficient-rust-implementation-of-the-bitwarden-server-api/Sat, 02 May 2026 20:07:04 +0000https://ramdi.fr/github-stars/vaultwarden-a-resource-efficient-rust-implementation-of-the-bitwarden-server-api/Vaultwarden is a lightweight, Rust-based server compatible with the Bitwarden API, optimized for self-hosting with low resource usage and Docker deployment.SecLists: the essential wordlist collection for security testinghttps://ramdi.fr/github-stars/seclists-the-essential-wordlist-collection-for-security-testing/Sat, 02 May 2026 20:02:28 +0000https://ramdi.fr/github-stars/seclists-the-essential-wordlist-collection-for-security-testing/SecLists is a comprehensive collection of security testing wordlists and payloads, essential for penetration testers and researchers seeking standardized, ready-to-use resources.Syncthing: secure, decentralized continuous file synchronization in Gohttps://ramdi.fr/github-stars/syncthing-secure-decentralized-continuous-file-synchronization-in-go/Fri, 24 Apr 2026 07:26:29 +0000https://ramdi.fr/github-stars/syncthing-secure-decentralized-continuous-file-synchronization-in-go/Syncthing is an open-source Go tool for continuous, secure, decentralized file synchronization across devices, emphasizing data safety and privacy.