AutoPwnKey is an open-source AV evasion tool that uses AutoHotKey to simulate user interaction and execute payloads without triggering antivirus or EDR detection. Learn how it works and how to use it safely.
GitPhish – OAuth Device Code Phishing for GitHub Repos, Secrets, and CI/CD
GitPhish is an automated tool that exploits GitHub’s OAuth device code flow to gain unauthorized access to repositories, secrets, and CI/CD systems. Learn how it works, how to use it, and how to mitigate this emerging phishing technique.
Exploring Netstalking – Mapping the Hidden Corners of the Internet
Explore netstalking, a digital anthropology practice uncovering forgotten web spaces, surveillance cameras, and esoteric protocols. Learn its history, methods, folklore, and cybersecurity relevance.
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
claws is a GitHub Actions workflow linter that helps secure your CI/CD pipeline by identifying misconfigurations, risky triggers, and unsafe action usage before deployment.
Envilder – Secure AWS SSM CLI for Environment Variable Management
Envilder is a fast, secure CLI tool that syncs environment variables from AWS SSM Parameter Store to your local shell or .env files, ideal for secrets and config hygiene.