MCP server that connects AI assistants to HackerOne for bug bounty hunting

Claude Code skill for AI-assisted bug bounty hunting - recon, IDOR, XSS, SSRF, OAuth, GraphQL, LLM injection, and report generation

🤹 Caido AI Skills

734+ structured cybersecurity skills for AI agents · MITRE ATT&CK mapped · agentskills.io open standard · Works with Claude Code, GitHub Copilot, OpenAI Codex CLI, Cursor, Gemini CLI & 20+ platform…

Lightpanda: the headless browser designed for AI and automation

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.

This repo contains useful scripts that AI created for me which I would have been too lazy for

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

📜 Yet another collection of wordlists

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Claude Pentesting Subagent Structure

Hide your scrapers IP behind the cloud. Provision proxy servers across different cloud providers to improve your scraping success.

Extract JavaScript source trees from Sourcemap files

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

AI Native platform to get companies compliant - Vanta & Drata Alternative

Password spraying using AWS Lambda for IP rotation

IPSpinner works as a local proxy that redirects requests through external services.

CaptainCredz is a modular and discreet password-spraying tool.

Automated Penetration Testing Agentic Framework Powered by Large Language Models

Official awesome-list of CodeRabbit Starters & Resources ⚡️

Open-source AI hackers to find and fix your app’s vulnerabilities.

Secrets Ninja is an GUI tool for validating & investigating API keys discovered during pentesting & bug bounty hunting.

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

Abuse trust-boundaries to bypass firewalls and network controls

Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.