Skip to content
View nullfuzz-pentest's full-sized avatar
🏠
Working from home
🏠
Working from home
121 followers · 270 following

Achievements

Achievement: StarstruckAchievement: QuickdrawAchievement: Pair ExtraordinaireAchievement: YOLOAchievement: Pull Shark

Achievements

Achievement: StarstruckAchievement: QuickdrawAchievement: Pair ExtraordinaireAchievement: YOLOAchievement: Pull Shark

Highlights

Block or report nullfuzz-pentest

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Lists (20)

Sort Name ascending (A-Z)
Sort by
Name ascending (A-Z) Name descending (Z-A) Newest Oldest Last updated

Stars

Showing results

ARCANGEL0 / EVA

EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.

Python 261 43 Updated Dec 27, 2025

grokability / snipe-it

A free open source IT asset/license management system

PHP 13,195 3,700 Updated Dec 31, 2025

adulau / the-art-of-pivoting

The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World

Shell 119 8 Updated Dec 31, 2025

bscript / supabase-exposure-check

Scan websites for exposed Supabase JWTs, enumerate accessible tables, and detect sensitive data exposure automatically.

Python 100 7 Updated Dec 29, 2025

guglia001 / MassZeroLogon

Tool for mass testing ZeroLogon vulnerability CVE-2020-1472

Python 3 1 Updated Sep 30, 2022

FLOCK4H / Freeway

WiFi Penetration Testing & Auditing Tool

Python 644 61 Updated Apr 28, 2025

joe-desimone / mongobleed

JavaScript 779 131 Updated Dec 26, 2025

Malayke / Next.js-RSC-RCE-Scanner-CVE-2025-66478

A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.

Go 389 78 Updated Dec 16, 2025

l4rm4nd / CVE-2025-55182

Docker poc lab for CVE-2025-55182 / CVE-2025-66478 (React2Shell) detection and exploitation

JavaScript 72 23 Updated Dec 11, 2025

sensepost / pipetap

A Windows Named Pipe Multi-tool / Proxy

C++ 223 15 Updated Dec 7, 2025

t3l3machus / psudohash

Generates millions of keyword-based password mutations in seconds.

Python 1,402 168 Updated Jun 8, 2025

zack0x01 / CVE-2025-55182-advanced-scanner-

Shell 270 48 Updated Dec 6, 2025

vercel-labs / fix-react2shell-next

One command to fix CVE-2025-66478 (React 2 Shell RCE) in your Next.js / React RSC app.

JavaScript 389 58 Updated Dec 12, 2025

sickwell / CVE-2025-55182

CVE-2025-55182 - React Server Components RCE Exploit & Scanner Supports external servers and CLI interface

Python 13 6 Updated Dec 5, 2025

dwisiswant0 / CVE-2025-55182

Pre-auth RCE in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0.

JavaScript 59 14 Updated Dec 9, 2025

fatguru / CVE-2025-55182-scanner

A non-intrusive surface scanner for CVE-2025-55182 (React Server Components RCE). Detects exposed RSC endpoints in React 19 and Next.js applications

Python 117 18 Updated Dec 10, 2025

vavkamil / js-snitch

Scans remote JavaScript files with Trufflehog + Semgrep to detect leaked secrets

Python 131 20 Updated Jan 21, 2025

Az0x7 / vulnerability-Checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

3,188 730 Updated Feb 10, 2024

ozguralp / gmapsapiscanner

Python 1,075 195 Updated Dec 8, 2025

usestrix / strix

Open-source AI agents for penetration testing

Python 18,378 1,892 Updated Dec 16, 2025

ashemery / Anti-Forensics

A Repository to Track Anti-Forensic Techniques

118 10 Updated Mar 8, 2023

squidowl / halloy

IRC application written in Rust

Rust 3,601 147 Updated Dec 31, 2025

comet-ml / opik

Debug, evaluate, and monitor your LLM applications, RAG systems, and agentic workflows with comprehensive tracing, automated evaluations, and production-ready dashboards.

Python 17,075 1,259 Updated Jan 1, 2026

apurvsinghgautam / robin

AI-Powered Dark Web OSINT Tool

Python 3,355 650 Updated Dec 1, 2025

gliderlabs / ssh

Easy SSH servers in Golang

Go 4,056 481 Updated Jan 27, 2025

CyberSecurityUP / ChromePasswordDumper

Chrome Dump Password

Python 10 4 Updated Nov 17, 2025

threatexpress / domainhunter

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

Python 1,641 293 Updated Jun 6, 2024

francescopace / espectre

🛜 ESPectre 👻 - Motion detection system based on Wi-Fi spectre analysis (CSI), with Home Assistant integration.

C 4,750 346 Updated Dec 31, 2025

CravateRouge / autobloody

Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound

Python 659 61 Updated Oct 23, 2025

danielbohannon / Invoke-Obfuscation

PowerShell Obfuscator

PowerShell 4,167 807 Updated Aug 10, 2023
Next