Uncurled - everything I know and learned about running and maintaining Open Source projects for three decades.

Simple filter query language parser so that you can build SQL, Elasticsearch, etc. queries safely from user input.

A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery

Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.

InstantID: Zero-shot Identity-Preserving Generation in Seconds 🔥

UI Library for Design Engineers. Animated components and effects you can copy and paste into your apps. Free. Open Source.

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

A Go library to run a command after login

Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.

AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetV…

A high performance go implementation of Wappalyzer Technology Detection Library

Scrape domain names from SSL certificates of arbitrary hosts

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Gospider - Fast web spider written in Go

Hidden parameters discovery suite

Fast website scraper and wordlist generator

SFWindows - Apple Fonts (San Francisco and New York families) for Windows 10/11 and other non-Apple platforms.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Minimap extension for Codemirror 6

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Find web directories without bruteforce

cmdk, but for Svelte ✨

A web tool to explore the ASTs generated by various parsers.

Extract URLs, paths, secrets, and other interesting bits from JavaScript

This is a fun, new monospaced font that includes programming ligatures and is designed to enhance the modern look and feel of the Windows Terminal.

Stateful programmatic web browsing in Go.

the LLM vulnerability scanner