GhostProject
Search 1.4B+ leaked records for usernames and clear text passwords.
https://t.co/iAYKzHVuJW
All tools available at https://t.co/7YGpU9Rxsn
#OSINT#CredentialLeaks
🚨 SOMEONE JUST BUILT TORLINK — A SLEEK TERMINAL-NATIVE TORRENT CLIENT THAT SEARCHES EVERY TRUSTED SOURCE AT ONCE AND DOWNLOADS STRAIGHT TO YOUR DISK.
Tired of sketchy torrent sites packed with fake buttons, popups, and dead links? torlink fixes that.
Type a query (or paste a magnet), and it hits a curated list of trusted sources in parallel — FitGirl (games), YTS, 1337x, EZTV, Nyaa, SubsPlease & more. Results stream in live with sizes and seed counts. Arrow + d to download.
Highlights:
• One command: npx torlnk (just needs Node)
• Background queuing + resume support
• Auto-seeds by default (easy toggle)
• Clean keyboard TUI — nothing leaves your machine except torrent traffic
Perfect for grabbing games, movies, TV, or anime without the usual headache. MIT open source, zero setup, and stupidly simple.
This is the terminal tool power users have been waiting for.
Who’s trying this on their next download? 🔥
Project Deep Focus - Creating Your Own Mini Shodan
Most of you are already familiar with popular platforms like Shodan, FOFA, and Hunter.
These are useful when you want to find specific services. They have become standard tools for pentesters, defenders, and hackers as well.
But the results you get are often stale and already heavily “picked over.”
By the time an exposed service appears in one of these platforms, it may already have been abused or taken offline. Port scanning itself is sometimes misunderstood. Some people associate it only with hackers, but it is one of the most fundamental activities in security work.
See how we built our "Mini Shodan" with Project Deep Focus for cybersecurity
https://t.co/zPmfAG9vHE
0liverflow/cve2poc: CVE2PoC is a tool that helps penetration testers, bug hunters, and security researchers quickly find public exploits or PoCs related to a CVE ID https://t.co/ggJxFLaMae
🤖 Autonomous Pentesting & AI Security: 400+ Resources in One Place
A curated repository focused on the rapidly growing intersection of Cybersecurity, AI Agents, MCP Servers, Autonomous Pentesting, and Agent Security.
Inside you'll find:
🧠 Agentic AI Security Research
🔌 Security-Focused MCP Servers
⚔️ Autonomous Pentesting Frameworks
🛡️ AI Agent Security Testing Tools
🔍 OSINT & Threat Intelligence Integrations
📊 Security Datasets for AI Training
🏗️ Multi-Agent Frameworks
🎯 CTF & Cyber Range Research
🔬 LLM Red Teaming & AI Security Resources
Highlights include integrations for:
• Burp Suite MCP
• BloodHound MCP
• Ghidra MCP
• Binary Ninja MCP
• Nuclei MCP
• Shodan MCP
• VirusTotal MCP
• Jadx MCP
If you're exploring the future of AI-powered security operations, autonomous vulnerability discovery, AI red teaming, or agent security engineering, this repository is worth bookmarking.
🔗 https://t.co/IePWhqSWlO
#AISecurity #AgenticAI #CyberSecurity #MCP #LLMSecurity #RedTeaming #ThreatIntelligence #Pentesting #InfoSec #ArtificialIntelligence
C̶l̶a̶u̶d̶e̶ ̶B̶u̶g̶ ̶H̶u̶n̶t̶e̶r̶ is now BUG HUNTER.
We changed the name because it is no longer limited to Claude Code.
Now it is a standalone open-source CLI that runs from any terminal.
Use Ollama, Groq, DeepSeek, Claude, OpenAI or Grok.
Built for the bug bounty community.
Run it locally with Ollama - no paid AI subscription required.
We are very close to 2.5K GitHub stars. Let’s make it happen, guys.
More updates coming soon.
#OpenSource #BugBounty #CyberSecurity #AI #EthicalHacking #Ollama #GitHub #SecurityTools #BugHunter
Open Source Web Scanners: The Ultimate Directory of Web Security Testing Tools 🌐
A curated repository of open-source web security scanners covering web applications, APIs, CMS platforms, fuzzing, infrastructure assessment, and specialized vulnerability testing tools.
From ZAP, Nuclei, Nikto, and Wapiti to ffuf, dirsearch, SQLMap, Dalfox, and XSStrike—everything in one place.
🔗 https://t.co/XSiEVCQTtt
#CyberSecurity #WebSecurity #Pentesting #BugBounty #AppSec #OWASP #OpenSource #InfoSec
Pentest-AI — Autonomous Penetration Testing from a Single Command 🤖💀
An AI-powered offensive security platform that combines recon, authentication, vulnerability validation, attack-chain analysis, and reporting into one workflow. Generates validated findings with PoCs and audit-ready reports while running locally on your machine.
🔗 https://t.co/07LcoL7n0M
#CyberSecurity #Pentesting #BugBounty #AppSec #RedTeam #AI #SecurityAutomation #ThreatDetection #OpenSource #Infosec
Claude-Red: Turn Claude into a Red Team Operator 🤖💀
A massive collection of offensive security skills that transforms Claude into a context-aware specialist for:
🎯 Web App Pentesting
🎯 Active Directory Attacks
🎯 Cloud Security
🎯 Mobile Pentesting
🎯 OSINT & Recon
🎯 Wireless Attacks
🎯 Exploit Development
🎯 Fuzzing & Vulnerability Research
🎯 AI Security Testing
🔗 https://t.co/QraHdkdU0A
100+ structured red team playbooks, methodologies, and attack workflows — loaded on demand.
#RedTeam #Pentesting #CyberSecurity #OSINT #bugbounty #ThreatResearch #InfoSec #AI
Awesome OSINT Arsenal — 750+ OSINT & Cybersecurity Tools in One Repository 💀🔥
One of the largest collections of OSINT and security tools available on GitHub.
Features
• 750+ OSINT and cybersecurity tools • 50+ categories covering OSINT, Red Team, Blue Team, DFIR, Hardware Security, and Threat Intelligence • One-click installation scripts for different use cases • Dedicated installers for OSINT, Red Team, Blue Team, Forensics, Hardware, and Labs • Includes popular tools like Sherlock, Maigret, Amass, theHarvester, BloodHound, Sliver, Wazuh, Sigma, Suricata, Velociraptor, Volatility, and Ghidra • Supports Kali Linux, Ubuntu, Debian, Parrot OS, Mint, Pop!_OS, and Termux • 460+ online platforms and resources • 100+ GitHub repositories and 25+ AI-powered security tools
🔗 https://t.co/o7S8xeiBfX
#OSINT #ThreatIntelligence #CyberSecurity #DFIR #RedTeam #BlueTeam #SecurityResearch #OpenSource #EthicalHacking #InfoSec
Introducing HTTP/2 Bomb: a remote DoS in nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client pins 32GB of server memory in 10s. Found by Codex.
Blog post: https://t.co/WO9MeExoun
PoCs: https://t.co/NpVgEHBHPl
Leaker — Passive Credential Leak Discovery Across Multiple Breach Sources 💀💥
When investigating exposed credentials, checking one breach database is rarely enough.
Leaker aggregates results from 12 different leak intelligence sources into a single tool, helping researchers uncover leaked emails, usernames, domains, phone numbers, and credentials faster.
🔍 Search by email, username, domain, keyword, or phone number
⚡ Aggregates data from IntelligenceX, DeHashed, Snusbase, LeakCheck, Hudson Rock, ProxyNova, and more
🧹 Built-in deduplication removes duplicate results across sources
📊 JSONL output for automation, pipelines, and OSINT workflows
🌐 Proxy support, rate limiting, credential verification, and local SQLite caching included
A useful addition for OSINT analysts, threat intelligence teams, and bug bounty hunters performing breach exposure investigations.
🔗 https://t.co/8b72EEYgCW
#OSINT #ThreatIntelligence #CyberSecurity #ThreatHunting #BugBounty #OpenSource #InfoSec
A Claude Code skill bundle for bug hunting and external red-team work - 51 skills, 15 slash commands, 574+ disclosed-report patterns curated across 24 vulnerability classes, plus enterprise identity + infrastructure attack matrices. https://t.co/MpxsmCqaM3