All

86 repositories

otto-support
Public
An implementation of a vulnerable MCP server using mcp-go
Go
•
GNU General Public License v3.0
•0•0•0•0•Updated Apr 21, 2026Apr 21, 2026
cloudfox
Public
Automating situational awareness for cloud penetration tests.
golang aws security
golang aws security cloud cloud-security penetration-testing-tools
Go
•
MIT License
•227•2.3k•6•1•Updated Apr 21, 2026Apr 21, 2026
sliver
Public
Adversary Emulation Framework
dns golang http
dns golang http gplv3 dns-server sliver red-team security-tools c2 red-team-engagement
Go
•
GNU General Public License v3.0
•1.5k•11k•198•6•Updated Apr 19, 2026Apr 19, 2026
cirro
Public
Creating attacks paths across management and data planes
Rust
•
GNU General Public License v3.0
•1•44•1•0•Updated Apr 13, 2026Apr 13, 2026
install-aws-cli-action
Public
Install AWS CLI on a GitHub Actions Linux host
Shell
•
MIT License
•39•2•0•0•Updated Apr 13, 2026Apr 13, 2026
cirro-azcli-ext
Public
Azure CLI extension for Cirro collection
Python
•
Apache License 2.0
•1•6•0•0•Updated Apr 10, 2026Apr 10, 2026
aws-signing
Public
CLI that allows user to submit http requests using AWS request signing
engineering
engineering
Go
•
MIT License
•7•6•0•0•Updated Apr 10, 2026Apr 10, 2026
cirrodash
Public
Dashboard for Cirro
TypeScript
•
GNU General Public License v3.0
•1•11•0•0•Updated Apr 7, 2026Apr 7, 2026
CVE-2026-35616-check
Public
Python
•
MIT License
•0•1•0•0•Updated Apr 6, 2026Apr 6, 2026
CVE-2026-25075-check
Public
Python
•
MIT License
•0•2•0•0•Updated Mar 26, 2026Mar 26, 2026
sj
Public
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
Go
•
MIT License
•110•841•3•0•Updated Mar 24, 2026Mar 24, 2026
iam-vulnerable
Public
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
HCL
•
MIT License
•104•563•0•0•Updated Mar 12, 2026Mar 12, 2026
eyeballer
Public
Convolutional neural network for analyzing pentest screenshots
python machine-learning ai
python machine-learning ai tensorflow security-tools pentesting-tools
Python
•
GNU General Public License v3.0
•146•1.3k•6•3•Updated Mar 8, 2026Mar 8, 2026
cloudfoxable
Public
Create your own vulnerable by design AWS penetration testing playground
Python
•
MIT License
•51•441•1•0•Updated Feb 16, 2026Feb 16, 2026
sliver-wasm-stager
Public archive
A stager and implant that executes remote Web Assembly
Rust
•
GNU General Public License v3.0
•10•64•0•0•Updated Feb 4, 2026Feb 4, 2026
badPods
Public
A collection of manifests that will create pods with elevated privileges.
kubernetes security assessment
kubernetes security assessment penetration-testing exploitation podspec pods privileged hostpath hostpid
Shell
•
MIT License
•119•693•0•0•Updated Dec 30, 2025Dec 30, 2025
awsservicemap
Public
Go module that returns supported regions for a service or supported services for a region
Go
•
MIT License
•6•18•0•0•Updated Dec 12, 2025Dec 12, 2025
CVE-2025-6980-check
Public
Safely test Arista NGFW for information disclosure
Python
•
MIT License
•0•3•0•0•Updated Dec 4, 2025Dec 4, 2025
fortiweb-auth-bypass-check
Public
Python
•
MIT License
•0•5•0•0•Updated Dec 3, 2025Dec 3, 2025
shining-mask
Public
Python
•0•12•0•0•Updated Oct 30, 2025Oct 30, 2025
raink
Public
Use LLMs for document ranking
Go
•
MIT License
•6•169•1•0•Updated Apr 17, 2025Apr 17, 2025
sonicrack
Public
Decrypt encrypted SonicOSX firmware images
Python
•
GNU General Public License v3.0
•3•19•0•0•Updated Feb 24, 2025Feb 24, 2025
BrokenHill
Public
A productionized greedy coordinate gradient (GCG) attack tool for large language models (LLMs)
Python
•
MIT License
•23•159•1•1•Updated Dec 18, 2024Dec 18, 2024
local-llm-ctf
Public
A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow
Go
•
MIT License
•0•17•0•0•Updated Sep 10, 2024Sep 10, 2024
cve-2024-21762-check
Public
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
Python
•
GNU General Public License v3.0
•17•108•3•1•Updated Jul 5, 2024Jul 5, 2024
jsluice
Public
Extract URLs, paths, secrets, and other interesting bits from JavaScript
javascript security
javascript security
Go
•
MIT License
•137•1.8k•7•2•Updated May 22, 2024May 22, 2024
gcp-terraform-cloud-connector
Public
This repo provides a terraform module for customers looking to implement Google Cloud connector support for Bishop Fox Cosmos
HCL
•
Apache License 2.0
•0•1•0•0•Updated May 20, 2024May 20, 2024
CVE-2023-27997-check
Public
Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing
Python
•
GNU General Public License v3.0
•24•135•0•0•Updated May 8, 2024May 8, 2024
unredacter
Public
Never ever ever use pixelation as a redaction technique
TypeScript
•
GNU General Public License v3.0
•800•8.3k•22•13•Updated Mar 15, 2024Mar 15, 2024
GitGot
Public
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
python github-api security
python github-api security osint fuzzy-matching recon gists security-scanner security-tools reconnaissance
Python
•
GNU Lesser General Public License v3.0
•217•1.6k•3•0•Updated Mar 7, 2024Mar 7, 2024

ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bishop Fox

All

All

86 repositories

otto-support

cloudfox

sliver

cirro

install-aws-cli-action

cirro-azcli-ext

aws-signing

cirrodash

CVE-2026-35616-check

CVE-2026-25075-check

sj

iam-vulnerable

eyeballer

cloudfoxable

sliver-wasm-stager

badPods

awsservicemap

CVE-2025-6980-check

fortiweb-auth-bypass-check

shining-mask

raink

sonicrack

BrokenHill

local-llm-ctf

cve-2024-21762-check

jsluice

gcp-terraform-cloud-connector

CVE-2023-27997-check

unredacter

GitGot

All

All

Repositories list

86 repositories