PikPikcU

AIRecon is an autonomous cybersecurity agent that combines a self-hosted Large Language Model (Ollama) with a Kali Linux Docker sandbox and a Textual TUI. It is designed to automate security assessments, penetration testing, and bug bounty reconnaissance — without any API keys or cloud dependency.

Community skill packs for AIRecon — extend the agent's knowledge base

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

XSSGEN is an advanced framework for generating and testing Cross-Site Scripting (XSS) payloads.

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

hostinject (Host Header Injection) Tool is a Python script that allows you to perform host header injection vulnerability testing on a target URL or a list of URLs. It injects various header values and checks for potential vulnerabilities.

mtk-su

JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various extraction methods and provides additional options for file download and wordlists creation.

Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.

Nuubi Tools (Information-ghatering|Scanner|Recon.)

KuroSploit is an exploit tool, KuroSploit provides an easy way to create backdoors and payload.

Naomi is a simple OSINT and information gathering tool that can scan quickly.

No description provided.

Learn regex the easy way

No description provided.

No description provided.

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software

nodecraw allows you to perform web crawling on specified URLs. It utilizes various modules and libraries to crawl web pages, extract information, and save the results.

No description provided.

turut (to-root). is a tool to extract a list of urls that you can return to the root domain. Where the data can be used for input to other scanning tools.

This tool performs TLS connections to specified IP addresses, retrieves host information, and optionally gathers detailed IP information using the ipapi.co API.

Nodesub is a command-line tool for finding subdomains in bug bounty programs

解决Cursor在免费订阅期间出现以下提示的问题: You've reached your trial request limit. / Too many free trial accounts used on this machine. Please upgrade to pro. We have this limit in place to prevent abuse. Please let us know if you believe this is a mistake.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Community curated list of nuclei templates for finding unknown security vulnerabilities.

No description provided.

No description provided.

Detect Program Bug Bounty

OSINT automation for hackers.

A list of open source web security scanners