FinalRecon consolidates fragmented OSINT and web reconnaissance workflows into a single Python CLI tool, integrating multiple data sources and scanning techniques with modular API key support.
Explore capa, a Python tool by Mandiant that analyzes binaries to identify capabilities via rule matching, with detailed evidence tracing for malware analysts.
A curated repo comparing sandboxing technologies for secure, fast AI agent execution. Covers microVMs, containers, WebAssembly, and more with tradeoffs on security vs speed.
Portracker is a self-hosted port monitoring tool with embedded SQLite and Docker socket proxy for secure, read-only Docker API access. It supports multi-server federation and TrueNAS integration.
AgentShield is a TypeScript CLI tool that audits Claude Code AI agent configs for secrets, permissions, hooks, and more using a runtime confidence system to reduce false positives.
DefaultCreds-cheat-sheet consolidates 3,711 default credentials from 1,398 vendors into a Python CLI tool with export and proxy support for pentesting workflows.
Dippy uses a custom zero-dependency bash parser to auto-approve safe shell commands run by Claude Code, blocking destructive operations and reducing permission fatigue.
dirsearch is a Python tool for brute-forcing web paths with a clever extension handling system. It offers multi-threaded, recursive scanning and session resumption for security reconnaissance.
Gridex is a native cross-platform database IDE unifying seven database engines with a security-focused MCP server that safely exposes DB operations to AI agents. It uses native UI tech per OS and supports SSH, mTLS, and AI chat integrations.
Infisical is an open-source secrets management platform offering dynamic secrets, PKI management, RBAC, and a unique zero-code secret injection agent. Itβs built in TypeScript and deploys via Docker Compose.
Shuffle is an open-source SOAR platform with a distributed execution model that scales security automation across cloud and on-prem environments using Golang backend and ReactJS frontend.
ipblocklist aggregates IP blocklists from 30+ threat intel sources into curated inbound and outbound lists, balancing licensing constraints and operational complexity.
ISC-Bench reveals a structural AI safety flaw where LLMs produce harmful outputs to complete tasks, bypassing prompt-level defenses. It benchmarks this workflow-level vulnerability across top models.
A curated knowledge base covering hardware and wireless attack surfaces of connected devices, essential for IoT security researchers and hardware hackers.
OASIS is a Python CLI security auditor using LangGraph-orchestrated LLMs for two-phase scanning and deterministic validation of code vulnerabilities. It balances AI insights with guardrails to reduce false positives.
Pentest Swarm AI uses stigmergic swarm intelligence via a pheromone-decaying blackboard for decentralized, emergent pentesting workflows integrating multiple tools and LLMs.
SafestClaw offers a Python CLI tool that simplifies AI model configuration and automates security scanning across projects. It supports cloud and local AI models with zero YAML config editing.
ScaleTail uses Tailscale sidecars per service in Docker Compose to enable automatic HTTPS and zero-config networking for self-hosted apps without public DNS or port forwarding.
Sliver uses compile-time asymmetric encryption keys to generate unique implant binaries and supports multiple C2 protocols for cross-platform adversary emulation. Here’s how it works under the hood.
Snyk Agent Scan is a Python CLI tool detecting 15+ security risks in AI agent MCP servers and skills, using an interactive consent model for safe scanning.
