cloudflare/cloudflared: Cloudflare Tunnel client
Hashcracky Resources
NVIDIA/SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
GitHub - Andyyyy64/whichllm: Find the local LLM that actually runs and performs best on your hardware. Ranked by real, recency-aware benchmarks, not parameter count. One command, run it instantly.
anthropics/claude-plugins-official: Official, Anthropic-managed directory of high quality Claude Code Plugins.
hypnguyen1209/offensive-claude: Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest
elementalsouls/Claude-BugHunter: A Claude Code skill bundle for bug hunting and external red-team work - 51 skills, 15 slash commands, 681 disclosed-report patterns curated across 24 vulnerability classes, plus enterprise identity + infrastructure attack matrices.
DrCatHicks/learning-opportunities: A Claude or Codex skill for deliberate skill development during AI-assisted coding
0xSteph/pentest-ai-agents: Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagements, analyze recon, research exploits, build detections, audit STIGs, and write reports.
mukul975/Anthropic-Cybersecurity-Skills: 754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0
mukul975/Threatswarm: 27 scope-enforced AI agents that run the full pentest kill-chain (recon → exploit → post-ex → DFIR → report) as a one-command Claude Code plugin. Backed by 754 MITRE-mapped skills.
trailofbits/trailmark: Build and query a graph database representation of source code
trailofbits/trailmark: Build and query a graph database representation of source code
ZeroPrime9/WordListeXplorer: A local wordlist intelligence and workflow management tool for offensive security & Bug Bounty workflows.
zakirullin/files.md: 🌱 Private, quiet space for thinking. A simple app for your .md files.
z-ny.com - Collaborative Markdown Workspace
httpbin.org
PayloadBox
Online - Reverse Shell Generator
GitHub - salesforce/url-content-auditor: Audit content (pdfs, media files, images) sensitivity on urls
GitHub - SunWeb3Sec/llm-sast-scanner: A SAST skill that gives AI coding agents structured vulnerability detection across 34 vulnerability classes.
GitHub - ChiChou/grapefruit: Open-source mobile security testing suite for iOS and Android. Previously Passionfruit · GitHub
UTF-8 Playground
0xMarcio/cve
vulncheck-oss/0day.today.archive: An archive of 0day.today exploits
💀 Sploitus | Exploits & Tools Search Engine
CVE PoC Search
Search across CVE identifiers proof-of-concept links.
Rapid7 Vulnerability & Exploit Database | CVE Insights
OffSec’s Exploit Database Archive
CVE - Common Vulnerabilities and Exposures (CVE)