2026-04 · 11 projects · Ranked by HubLens score
Shannon is an autonomous, white-box AI pentester that analyzes source code to identify and exploit security vulnerabilities in web applications and APIs. It performs live testing using browser automation and command-line tools to provide verifiable proof-of-concept exploits for identified issues. By integrating into development workflows, it helps teams bridge the security gap between annual penetration tests.
AI-Infra-Guard is a professional AI red teaming security assessment platform developed by Tencent Zhuque Lab, designed to provide comprehensive AI security risk self-inspection solutions for enterprises and individuals. The platform integrates core functions such as AI infrastructure vulnerability scanning, Agent workflow security assessment, MCP server scanning, and jailbreak testing. Users can deploy it quickly via Docker and utilize its modern Web interface and robust API to achieve efficient security detection and management.
Elkeid is an open-source security solution designed to protect diverse cloud-native workloads including hosts, containers, and Kubernetes environments. It provides comprehensive capabilities such as host-level intrusion detection, RASP for runtime application protection, and Kubernetes audit log analysis. The platform integrates these features into a unified system derived from ByteDance's internal production security practices.
AI-Infra-Guard is a professional AI red teaming security assessment platform developed by Tencent Zhuque Lab, designed to provide comprehensive AI security risk self-inspection solutions for enterprises and individuals. The platform integrates core functions such as AI infrastructure vulnerability scanning, Agent workflow security assessment, MCP server scanning, and jailbreak testing. Users can deploy it quickly via Docker and utilize its modern Web interface and robust API to achieve efficient security detection and management.
This project reverse-engineers Google's SynthID AI watermarking system using spectral analysis and signal processing techniques without requiring access to proprietary encoders. It provides a robust detector with 90% accuracy and a V3 multi-resolution spectral bypass capable of significantly reducing watermark energy while maintaining high image quality. The system utilizes a multi-resolution spectral codebook to identify and surgically remove watermarks across various image resolutions.
Decepticon is a professional autonomous red team agent designed to execute realistic attack chains like reconnaissance, exploitation, and lateral movement. Unlike simple scanners, it operates under strict rules of engagement and generates comprehensive operational plans before initiating any activity. The system utilizes specialized agents and isolated network architecture to perform professional-grade security testing while maintaining safety and discipline.
SNI-Spoofing is a tool designed to bypass Deep Packet Inspection systems. It functions by performing specific manipulations on IP and TCP headers. The project aims to provide users with methods to circumvent network restrictions through these technical adjustments.
Cap is a lightweight, open-source alternative to traditional visual CAPTCHAs that utilizes SHA-256 proof-of-work and JavaScript instrumentation. It eliminates the need for user-solved puzzles while ensuring privacy by avoiding telemetry and external tracking. The solution is highly customizable, dependency-free, and can be deployed via Docker or any JavaScript runtime.
OSV-Scanner is a command-line tool that connects project dependencies to known vulnerabilities using the comprehensive OSV.dev database. It supports a wide range of languages, package managers, and container images to provide accurate and actionable security insights. The tool also features guided remediation and license scanning to help developers efficiently manage and secure their software projects.
This Claude Code skill automates the decompilation of Android APK, XAPK, JAR, and AAR files using industry-standard tools like jadx and Fernflower. It enables developers to extract HTTP APIs, Retrofit endpoints, and authentication patterns directly from compiled binaries. The tool also provides capabilities to trace complex call flows and analyze app architecture even when dealing with obfuscated code.
This project backs up the complete source code of Anthropic's official AI coding tool, Claude Code, which was leaked due to the accidental inclusion of sourcemap files in an npm package. The repository details the cause of the leak and provides an in-depth analysis of Claude Code's complex internal architecture and hidden features. This initiative aims to provide researchers with a reference platform for studying and archiving the internal systems of this AI agent framework.