Use Garry Tan's exact Claude Code setup: 23 opinionated tools that serve as CEO, Designer, Eng Manager, Release Manager, Doc Engineer, and QA

An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities.

Agentic AI Infrastructure for magnifying HUMAN capabilities.

Network monitoring tool that maps process-to-network connections, identifies cloud providers, and detects beaconing activity. Zero-flag agent binary for deployment, aggregation server, offline ASN …

Umami is a modern, privacy-focused analytics platform. An open-source alternative to Google Analytics, Mixpanel and Amplitude.

I tried to replicate a complex AI pentest pipeline, using Kali MCP and HexStrike AI, and a proper setup Claude Code with augmented context. Results are mind-blowing, reports here

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

A monitoring hub that watches popular open-source repositories and uses AI to detect when commits are patching security vulnerabilities - often before a CVE is even assigned. Findings are published…

Various tips & tricks

MimiClaw: Run OpenClaw on a $5 chip. No OS(Linux). No Node.js. No Mac mini. No Raspberry Pi. No VPS. Hardware agents OS.

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…

The open source coding agent.

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

Agent Orchestration Command Center

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

Active Directory delegation management tool

Passive leak enumeration tool.

Outcome driven agent development framework and runtime harness

Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities bef…

Tool to sanitize data from Java heap dumps.

A modular framework for benchmarking LLMs and agentic strategies on security challenges across HackTheBox, TryHackMe, PortSwigger Labs, Cybench, picoCTF and more.

Dumps Salesforce objects if provided with credentials.

Latest CVEs with their Proof of Concept exploits.

Automate the creation of Shorts content locally with a couple simple steps.

Modern and easy to use SQL client for MySQL, Postgres, SQLite, SQL Server, and more. Linux, MacOS, and Windows.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security,…

Super Productivity is an advanced todo list app with integrated Timeboxing and time tracking capabilities. It also comes with integrations for Jira, GitLab, GitHub and Open Project.

A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.