GitHub - arm/metis: Metis is an open-source, AI-driven tool for deep security code review
GitHub - 0rShemesh/jadx-magic-strings: JADX plugin that extracts method names, class references, and source file paths from string constants found in DEX files and decompiled Android code.
GitHub - irsdl/auraditor: A Burp Suite extension for Lightning/Aura framework security testing with advanced action management, context editing, and comprehensive audit capabilities. [app]
westonbrown/Cyber-AutoAgent: AI agent for autonomous cyber operations
anthropics/claude-code-security-review: An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities.
LLM Code Review vs Deterministic SAST Security Tools
GitHub - ofkm/arcane: Modern Docker Management, Designed for Everyone
GitHub - pandaadir05/re-architect
GitHub - ImAyrix/fallparams: Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
owasp-noir/noir: Attack surface detector that identifies endpoints by static analysis
GitHub - jonaslejon/malicious-pdf: 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
usestrix/strix: ✨ Open-source AI hackers for your apps 👨🏻💻
aliasrobotics/cai: Cybersecurity AI (CAI), the framework for AI Security
Unleashing the Hound: How AI Agents Find Deep Logic Bugs in Any Codebase
GitHub - RedSiege/Chromatophore: Utilities for obfuscating shellcode [exp]
Slice: SAST + LLM Interprocedural Context Extractor
GitHub - jumpycastle/rre-burp: Burp extension for Recursive Request Exploits (RRE) — DEFCON 2025 [app] [exp]
GitHub - 0x4m4/hexstrike-ai: HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities. [app] [sys]
Buttercup is now open-source!
GitHub - loerting/dalvikus: Android reverse-engineering tool / smali editor [rev] [sys]
GitHub - atiilla/whiterabbit-mcp: A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), enabling AI-assisted security research, scanning, and analysis. [app]
GitHub - irsdl/ysonet: Deserialization payload generator for a variety of .NET formatters [app] [exp]