Curated collection of security, development, and research tools refined through operational experience. From network reconnaissance to mobile forensics, these utilities power our daily workflows.

AI-Powered Security Orchestration

ToolDescriptionLink
HexStrike AIAutonomously run 190+ cybersecurity tools for automated pentesting, vulnerability discovery, and bug bounty automationGitHub
Villager AIAutonomous penetration testing framework with HexStrike integration and GitHub discoveryGitHub
CodeNomadCommand center for AI-powered coding and automation workflowsGitHub
OpenChamberDesktop and web interface for OpenCode AI agent with integrated toolsGitHub
AionUiFree local AI coworking interface for Gemini, Claude, Qwen Code, and moreGitHub

Reconnaissance & Discovery

ToolDescriptionLink
NmapNetwork discovery and port scanning with advanced host enumerationnmap.org
ZoomEye AI MCPNetwork asset intelligence and IoT discovery via Model Context ProtocolGitHub
RobinAI-powered Dark Web OSINT for threat intelligence and vulnerability trackingGitHub
CamXploitSecurity reconnaissance tool for identifying exposed IP cameras and misconfigurationsGitHub

Web Application Security

ToolDescriptionLink
Burp SuiteWeb vulnerability scanning, manual testing, and API securityportswigger.net
DroopescanPlugin-based CMS scanner for Drupal, Silverstripe, WordPressGitHub
CMSScanUnified scanner for WordPress, Drupal, Joomla, vBulletinGitHub
wp-backdoorWordPress persistence and surveillance techniques for advanced testingGitHub

Credentials & Exploitation

ToolDescriptionLink
LegbaFast multiprotocol credentials bruteforcer and password sprayer (Rust)GitHub

Reverse Engineering & Binary Analysis

ToolDescriptionLink
GhidraNSA-developed reverse engineering and program analysis frameworkghidra-sre.org
Radare2Command-line reverse engineering and assembly analyzing toolkitrada.re
Detect It EasyUniversal file type identifier for Windows, Linux, macOSGitHub
pwntoolsCTF framework and exploit development library (Python)GitHub
pwn-toolkitExtended pentesting utilities for exploit developmentGitHub

Endpoint Security & Monitoring

ToolDescriptionLink
OSQuerySQL-driven endpoint visibility and system monitoringosquery.io
YARAPattern matching engine for malware identification and classificationvirustotal.github.io
MITRE ATT&CKAdversarial tactics and techniques knowledge base for threat modelingattack.mitre.org

Command & Control Research

ToolDescriptionLink
LokiNode.js C2 framework for Electron app research and testingGitHub

Android Security & Analysis

ToolDescriptionLink
scrcpyDisplay and control Android devices over USB or TCP/IP from desktopscrcpy.org
escrcpyWeb-based Android device control via WebRTC with browser interfaceGitHub
oxproxionAndroid chat application for LLM interactions with custom model supportGitHub
WallFlowModern Android wallpaper app built with Jetpack ComposeGitHub
Android-SkillsCommunity repository for AI agent skills targeting Android securityGitHub

Audio & Voice Processing

ToolDescriptionLink
WhisperRobust speech-to-text model supporting 99+ languagesGitHub
Audio-Guided-3D-InteractionOffline real-time AI pipeline: Whisper STT + LLM + TTS with lip-synced avatarsGitHub

CLI Essentials

ToolPurposeLink
Bash + coreutilsDaily Linux operations and scriptinggnu.org
OpenSSHSecure remote access and key managementopenssh.com
GitVersion control and source code managementgit-scm.com
jq / yqJSON/YAML parsing and transformationgithub.com/jqlang/jq
curlHTTP client for requests and API testingcurl.se
tcpdumpPacket capture and network protocol analysistcpdump.org
tmuxTerminal multiplexing and session managementgithub.com/tmux/tmux
ripgrepFast recursive searching with regex supportgithub.com/BurntSushi/ripgrep
fzfFuzzy command-line finder for efficiencygithub.com/junegunn/fzf

Incident Response Kit

ToolPurposeLink
journalctlSystemd log analysis and filteringman7.org
auditdLinux audit framework for compliance and investigationgithub.com/linux-audit/audit-userspace
hashdeepFile integrity checking and change detectiongithub.com/jessek/hashdeep
straceSystem call tracing and process monitoringstrace.io
ss / ipNetwork socket analysis and routing inspectionman7.org
nftablesModern firewall rule inspection and configurationnetfilter.org
VolatilityMemory forensics framework for incident analysisgithub.com/volatilityfoundation/volatility3

Development & Deployment

ToolPurposeLink
DockerContainerized environments and deploymentdocker.com
VS CodeEditor with security research extensionscode.visualstudio.com
MakeBuild automation and task runninggnu.org/software/make
NginxReverse proxy, load balancer, web servernginx.org
HugoStatic site generation for security research blogsgohugo.io

Self-Hosted Infrastructure

ToolPurposeLink
PrometheusMetrics collection and time-series databaseprometheus.io
GrafanaVisualization dashboards and alertinggrafana.com
LokiLog aggregation without indexing overheadgrafana.com/loki
Uptime KumaSelf-hosted status monitoring and uptime trackinggithub.com/louislam/uptime-kuma
ResticEncrypted incremental backupsrestic.net

AI Agent Frameworks & Plugins

ToolDescriptionLink
Eliza OSCore OS framework for autonomous agentselizaos.ai
Eliza Web Search PluginIntegration of powerful web search capabilities for agentsGitHub
Eliza Telegram PluginDirect Telegram chat interface for Eliza agentsGitHub

Development Environment & Theme

ToolPurposeLink
Hugo Terminal ThemeSimple retro terminal theme for HugoGitHub
GitHub-style CSSCSS framework inspired by GitHub designGitHub
Obsidian OpenCode PluginEmbed OpenCode AI assistant in Obsidian sidebarGitHub

Resources & References

ResourceDescriptionLink
Awesome Claude SkillsCurated collection of AI agent skills and workflowsGitHub
macOS on VMWare GuideComprehensive guide for virtualizing macOSGitHub

Tool recommendations evolve. We update this list as we discover new utilities, integrate cutting-edge AI frameworks, or when existing tools reach end-of-life.