Best AI tools for< Security Analyst >

Sentitrac.com is a website that focuses on security verification for user connections. It ensures that users are human by conducting security checks before allowing access to the site. The platform utilizes technologies like JavaScript and cookies to enhance security measures. Additionally, it leverages Cloudflare for performance optimization and protection against cyber threats.

faye.xyz is a website that encountered an SSL handshake failed error, specifically error code 525. The error message suggests that Cloudflare is unable to establish an SSL connection to the origin server. The website provides troubleshooting information for visitors and owners to address the issue. It seems to be a technical problem related to SSL configuration compatibility with Cloudflare.

assetsai.art is a website that currently faces an issue with an invalid SSL certificate, causing an error code 526. The site appears to be hosted on Cloudflare and is experiencing a problem with the SSL certificate validation. Visitors are advised to try accessing the site again after a few minutes, while the website owner is recommended to ensure that a valid SSL certificate is configured by the hosting provider. The error message provides additional troubleshooting information and directs users to Cloudflare for further assistance.

The website appears to be displaying a '403 Forbidden' error, which typically means that the user is not authorized to access the requested page. This error is often caused by incorrect permissions on the server or a misconfiguration in the website's settings. The message 'openresty' suggests that the website may be using the OpenResty web platform, which is based on NGINX and Lua programming language. Users encountering this error should contact the website administrator for assistance in resolving the issue.

The website seems to be experiencing a 403 Forbidden error, which indicates that the server is refusing to respond to the request. This error is often caused by incorrect permissions on the server or misconfigured server settings. The message '403 Forbidden' is a standard HTTP status code that indicates the server understood the request but refuses to authorize it. Users encountering this error may need to contact the website administrator or webmaster for assistance in resolving the issue.

The website seems to be experiencing a 403 Forbidden error, which indicates that the server is refusing to respond to the request. This error is often caused by incorrect permissions on the server or misconfigured security settings. The message '403 Forbidden' is a standard HTTP status code that indicates the server understood the request but refuses to authorize it. It is not related to AI technology or applications.

The website seems to be experiencing a 403 Forbidden error, which typically indicates that the server is denying access to the requested resource. This error is often caused by incorrect permissions or misconfigurations on the server side. The message 'openresty' suggests that the server may be using the OpenResty web platform. Users encountering this error may need to contact the website administrator for assistance in resolving the issue.

Escape is a dynamic application security testing (DAST) tool that stands out for its ability to work seamlessly with modern technology stacks, test business logic, and help developers address vulnerabilities efficiently. It offers features like API discovery and security testing, GraphQL security testing, and tailored remediations. Escape provides advantages such as high code coverage improvement, fewer false negatives, time-saving benefits, and application risk reduction. However, it also has disadvantages like the need for manual code remediations and limited support for certain security integrations.

Cloudflare is a web infrastructure and website security company that provides content delivery network services, DDoS mitigation, Internet security, and distributed domain name server services. It offers a range of developer products and AI products to enhance web performance and security. Cloudflare's platform allows users to build, secure, and deliver applications globally, with features like Workers, Pages, Images, Stream, AutoRAG, AI Vectorize, AI Gateway, and AI Playground.

SocialGuard.co is a website that currently faces an issue with an invalid SSL certificate, causing an error code 526. The website is hosted on Cloudflare and provides information on the SSL certificate error. Users visiting the site are advised to wait a few minutes if they encounter the error. For website owners, the error indicates a problem with the SSL certificate validation, possibly due to expiration or incorrect configuration. The site recommends contacting the hosting provider to resolve the issue.

icetana AI is a self-learning AI tool designed for real-time event detection in security surveillance systems. It seamlessly connects to existing security cameras, learns normal patterns, and highlights unusual events without compromising privacy. The system continuously evolves to improve security team decision-making. icetana AI offers a suite of products for safety and security, analytics, forensics, license plate recognition, facial recognition, and automating security workflows. It is ideal for industries like mall management, education, guarding services, safe cities, and more.

The website is currently displaying a '403 Forbidden' error, which means that the server is refusing to respond to the request. This could be due to various reasons such as insufficient permissions, server misconfiguration, or a client error. The 'openresty' message indicates that the server is using the OpenResty web platform. It is important to troubleshoot and resolve the issue to regain access to the website.

Frigate is an open source NVR application that focuses on locally processed AI object detection for security camera monitoring. It offers custom models with Frigate+ to enhance detection accuracy. The application is designed for privacy-focused home automation enthusiasts, aiming to reduce false positives and provide real-time object tracking without sending camera feeds to the cloud. Frigate integrates with Home Assistant and other automation platforms for seamless control and automation of security systems.

DTiQ is an AI-powered loss prevention and intelligent video solution for businesses. It helps industries enhance security, reduce losses, and optimize operations through a combination of technology, audits, and training. The platform offers purpose-built solutions tailored to specific needs, such as speed of service, business operations transformation, safety risk mitigation, and exceptional customer experiences. DTiQ's intelligent solutions empower businesses to prevent losses, improve speed of service, ensure compliance, and drive operational efficiency. With features like AI-driven insights, remote audits, and drive-thru optimization, DTiQ provides actionable insights to enhance profitability and operational success.

The website is currently displaying a '403 Forbidden' error, which indicates that the server is refusing to respond to the request. This error message is typically displayed when the server understands the request made by the client but refuses to fulfill it. The 'openresty' mentioned in the text is likely the web server software being used. It is important to troubleshoot and resolve the 403 Forbidden error to regain access to the website's content.

Resemble AI is an AI-powered platform that offers AI Voice Generator and Deepfake Detection services for enterprises. The platform provides features such as Generative AI Voice Cloning, Text to Speech, Speech to Speech conversion, Multilingual support, Audio Editing, and Open Source Voice Cloning AI Model. Resemble AI focuses on delivering state-of-the-art AI models for voice generation and deepfake detection, ensuring security and trust for its users.

medium.engineering is a website that focuses on verifying the security of user connections before allowing access to its content. It ensures that users are human by conducting a verification process that may take a few seconds. The site emphasizes the importance of enabling JavaScript and cookies for a seamless browsing experience. Powered by Cloudflare, medium.engineering prioritizes performance and security in delivering its services.

The website en.cloudhumans.com is experiencing a DNS issue where the IP address is prohibited, causing a conflict within Cloudflare's system. Users encountering this error are advised to refer to the provided link for troubleshooting details. The site is hosted on the Cloudflare network, and the owner is instructed to log in and change the DNS A records to resolve the issue. Additionally, the page provides information about Cloudflare Ray ID and user's IP address, along with performance and security features by Cloudflare.

Angelmatch.io is a web application that focuses on verifying the security of user connections before proceeding. It ensures that users are human by conducting a verification process that may take a few seconds. The platform reviews the security aspects of the connection and requires users to enable JavaScript and cookies to continue. Angelmatch.io leverages Cloudflare for performance and security enhancements.

DryRun Security is an AI-driven application security tool that provides Contextual Security Analysis to detect and prevent logic flaws, authorization gaps, IDOR, and other code risks. It offers features like code insights, natural language code policies, and customizable notifications and reporting. The tool benefits CISOs, security leaders, and developers by enhancing code security, streamlining compliance, increasing developer engagement, and providing real-time feedback. DryRun Security supports various languages and frameworks and integrates with GitHub and Slack for seamless collaboration.

Roundtable is a human-in-the-loop AI application designed to improve market research data quality by detecting and stopping bots and fraud in real-time. It uses behavioral biometrics to analyze user interactions, identify AI-generated responses, and ensure data integrity. The application offers seamless security, effortless integration, privacy-preserving design, and explainable results for transparent decision-making. Trusted by global platforms, Roundtable helps businesses maintain trust in their data and make informed decisions.

CopyCopAI.com is an AI-powered tool designed to assist users in verifying their identity and ensuring secure connections. The tool performs security checks to prevent unauthorized access and protect user data. By enabling JavaScript and cookies, users can proceed with the verification process. CopyCopAI.com leverages AI technology to enhance performance and security, with the support of Cloudflare services.

Nightfall AI is an all-in-one data loss prevention platform that helps organizations prevent data leaks by putting data loss prevention on autopilot across SaaS & Gen AI apps, endpoints, and browsers. It offers features such as data exfiltration prevention, data detection & response, and data discovery & classification. Nightfall AI uses AI-powered LLM & behavioral models to deeply understand content sensitivity and data lineage, providing complete coverage across various applications and devices. The platform ensures frictionless deployment & maintenance with API-based integrations and lightweight agents, offering a streamlined user experience for quick understanding of exposure and user intent. Nightfall AI also involves and coaches end users to self-remediate, reducing the burden on SOC teams.

Mintlify.com is a website experiencing an SSL handshake failed error (Error code 525) due to Cloudflare being unable to establish an SSL connection to the origin server. The issue may be related to SSL configuration compatibility with Cloudflare, potentially caused by no shared cipher suites. Visitors are advised to try again in a few minutes, while website owners are recommended to check the SSL configuration for compatibility. The website is hosted on writer.mintlify.com and the error occurred in Singapore. Cloudflare Ray ID: 97e12c9cc812fd9a. Your IP: Click to reveal 159.65.141.37. Performance & security are managed by Cloudflare.

dexa.ai is an AI-powered platform that focuses on security verification for user connections. It ensures a secure browsing experience by reviewing and verifying the security of connections before allowing access. The platform utilizes AI algorithms to detect and prevent potential security threats, providing users with a safe online environment. dexa.ai prioritizes performance and security, leveraging Cloudflare technology to enhance protection and speed for users.

DevOps Security Platform is an AI-native security tool designed to automate security requirements definition, enforcement, risk assessments, and threat modeling. It helps companies secure their applications by identifying risks early in the Software Development Lifecycle and enforcing security measures before go-live. The platform offers innovative features, customization options, and integrations with existing tools to streamline security processes.

The website promptsplitter.com encountered a Cloudflare Tunnel error, preventing access to the requested page. Users are advised to try again in a few minutes. The site is hosted on the Cloudflare network, and the error may be due to configuration issues. The error message provides guidance for both visitors and website owners on potential solutions to resolve the issue.

Sider.ai is an AI tool designed to verify the security of user connections. It ensures a safe browsing experience by reviewing and authenticating human users before granting access. The tool performs security checks in real-time, providing a seamless and secure online environment for users. Sider.ai leverages AI technology to enhance performance and protect against potential threats, offering peace of mind to individuals and businesses alike.

The website is currently displaying a '403 Forbidden' error message, which indicates that the server understood the request but refuses to authorize it. This error is typically caused by insufficient permissions or misconfiguration on the server side. The 'openresty' mentioned in the message refers to a web platform based on NGINX and LuaJIT, often used for building high-performance web applications. It seems that the website is currently inaccessible due to server-side issues.

The website www.atom.com is a platform that provides security verification services to ensure a safe and secure connection for users. It verifies the authenticity of users by checking for human interaction, enabling JavaScript and cookies, and reviewing the security of connections. The platform is powered by Cloudflare to enhance performance and security measures.

Ambient.ai is an AI-powered physical security software that helps prevent security incidents by detecting threats in real-time, auto-clearing false alarms, and accelerating investigations. The platform uses computer vision intelligence to monitor cameras for suspicious activities, decrease alarms, and enable rapid investigations. Ambient.ai offers rich integration ecosystem, detections for a spectrum of threats, unparalleled operational efficiency, and enterprise-grade privacy to ensure maximum security and efficiency for its users.

The website frankebike.com is a platform that utilizes Cloudflare's security service to protect itself from online attacks. Users may encounter a block when triggering certain actions like submitting specific words or phrases, SQL commands, or malformed data. In such cases, users can contact the site owner via email to resolve the issue. Cloudflare Ray ID is provided for reference. The platform focuses on enhancing security measures to safeguard user data and prevent unauthorized access.

The website appears to be displaying a '403 Forbidden' error message, which typically means that the user is not authorized to access the requested page. This error is often encountered when trying to access a webpage without the necessary permissions or when the server is configured to deny access. The message 'openresty' may indicate that the server is using the OpenResty web platform. It is important to ensure that the correct permissions are in place and that the requested page exists on the server.

Equixly is an AI-powered application designed to help users secure their APIs by identifying vulnerabilities and weaknesses through continuous security testing. The platform offers features such as scalable API PenTesting, attack simulation, mapping of attack surfaces, compliance simplification, and data exposure minimization. Equixly aims to streamline the process of identifying and fixing API security risks, ultimately enabling users to release secure code faster and reduce their attack surface.

Turing.school is a website that focuses on security verification for users. It ensures the safety of connections by reviewing security measures before allowing access. Users may encounter a brief waiting period during the verification process, which involves enabling JavaScript and cookies. The site is powered by Cloudflare for enhanced performance and security.

The website is currently displaying a '403 Forbidden' error, which indicates that the server understood the request but refuses to authorize it. This error is typically caused by insufficient permissions or misconfiguration on the server side. The 'openresty' message suggests that the server is using the OpenResty web platform. OpenResty is a powerful web platform based on Nginx and LuaJIT, providing high performance and flexibility for web applications.

Smaty.xyz is a comprehensive platform that provides a suite of tools for code generation and security auditing. With Smaty.xyz, developers can quickly and easily generate high-quality code in multiple programming languages, ensuring consistency and reducing development time. Additionally, Smaty.xyz offers robust security auditing capabilities, enabling developers to identify and address vulnerabilities in their code, mitigating risks and enhancing the overall security of their applications.

Tweetify.it is a website that helps users verify their human identity before proceeding. It ensures the security of the connection by reviewing it. Users may need to enable JavaScript and cookies to continue using the site. The site is powered by Cloudflare for performance and security purposes.

The website seems to be experiencing a 403 Forbidden error, which indicates that the server is refusing to respond to the request. This error is often caused by incorrect permissions on the server or misconfigured security settings. The message 'openresty' suggests that the server may be running on the OpenResty web platform. OpenResty is a web platform based on NGINX and LuaJIT, known for its high performance and scalability. Users encountering a 403 Forbidden error on a website may need to contact the website administrator or webmaster for assistance in resolving the issue.

The website is currently displaying a '403 Forbidden' error message, which indicates that the server understood the request but refuses to authorize it. This error is often encountered when trying to access a webpage without proper permissions. The 'openresty' mentioned in the message refers to a web platform based on NGINX and LuaJIT, commonly used for building high-performance web applications. The website may be experiencing technical issues or undergoing maintenance.

Komo.ai is a website that provides security services to protect itself from online attacks. Users may encounter a block when triggering certain actions, such as submitting specific words or phrases, SQL commands, or malformed data. In such cases, users can contact the site owner to resolve the issue. The website utilizes Cloudflare for performance and security measures.

Teleport is a modern access platform for infrastructure that provides on-demand, least privileged access with a focus on cryptographic identity and zero trust security. It simplifies zero trust security for AWS and offers solutions for improving engineer productivity, protecting infrastructure, meeting compliance requirements, and modernizing privileged access management. Teleport is trusted by market leaders and offers more than 170 integrations for accessing clouds, data centers, and various resources.

The website is currently displaying a '403 Forbidden' error, which indicates that the server understood the request but refuses to authorize it. This error is typically caused by insufficient permissions or misconfiguration on the server side. The 'openresty' message suggests that the server is using the OpenResty web platform, which is based on NGINX and Lua programming language. Users encountering this error may need to contact the website administrator for assistance in resolving the issue.

Global Threat is an AI-driven platform that provides real-time global threat assessment by continuously monitoring and analyzing various data sources worldwide. It empowers users, governments, organizations, and security teams with comprehensive insights into evolving threats, utilizing advanced data analytics, machine learning algorithms, and predictive modeling. The platform offers actionable intelligence on geopolitical shifts, cyber threats, natural disasters, and public health emergencies to keep users ahead of potential risks. Stay informed, prepared, and protected with unparalleled efficiency and accuracy in a data-driven security intelligence era.

Zensors is an AI application that offers Visual AI agents for real-world understanding. It provides a Spatial AI platform for spatial monetization, Virtual Manager AI solution to automate location operations, and On-Prem AI for understanding spaces, monitoring service processes, forecasting accurately, and ensuring efficiency. Zensors leverages Multimodal AI for video understanding and Spatial AI for structuring unstructured data. The application caters to various industries such as Aviation, Retail, and Commercial Real Estate, offering operational efficiencies, strategic planning, financial performance, safety, and sustainability through AI-driven solutions.

Hoop.dev is an AI-powered application that provides live data masking in Rails console sessions. It offers shielded Rails console access, automated employee onboarding and off-boarding, and AI data masking to protect sensitive information. The application allows for passwordless authentication via Google SSO with MFA, auditability of console operations, and compliance with various security controls and regulations. Hoop.dev aims to streamline Rails console operations, reduce manual workflows, and enhance security measures for user convenience and data protection.

The website seems to be experiencing a 403 Forbidden error, which indicates that the server is refusing to fulfill the request. This error message is typically displayed when the server recognizes the request but is refusing to authorize it. The '403 Forbidden' error can occur due to various reasons, such as insufficient permissions, IP blocking, or misconfigured server settings. It is important to troubleshoot and resolve the underlying cause to regain access to the website.

Theresanaiforthat.com is a website that provides a platform for users to verify their identity as human users before accessing the content. The site ensures security by reviewing the connection and requires enabling JavaScript and cookies for continued access. It utilizes Cloudflare for performance and security measures.

The website is currently displaying a '403 Forbidden' error, which indicates that the server understood the request but refuses to authorize it. This error is often encountered when trying to access a webpage without the necessary permissions. The 'openresty' mentioned in the text is likely the software running on the server. It is a web platform based on NGINX and LuaJIT, known for its high performance and scalability in handling web traffic. The website may be using OpenResty to manage its server configurations and handle incoming requests.

Metaverse.insighthack.com is a website that focuses on security verification for user connections. It verifies the user as human and reviews the security of the connection before proceeding. The site ensures a safe browsing experience by enabling JavaScript and cookies. It utilizes Cloudflare for performance and security measures.

Hatchet is an AI companion designed to assist on-call engineers in incident response by providing intelligent insights and suggestions based on logs, communications channels, and code analysis. It helps save time and money by automating the triaging and investigation process during critical incidents. The tool is built by engineers with a focus on data security, offering self-hosted deployments, permissions, audit trails, SSO, and version control. Hatchet aims to streamline incident resolution for tier-1 services, enabling faster response and potential problem resolution.

Lakera is the world's most advanced AI security platform that offers cutting-edge solutions to safeguard GenAI applications against various security threats. Lakera provides real-time security controls, stress-testing for AI systems, and protection against prompt attacks, data loss, and insecure content. The platform is powered by a proprietary AI threat database and aligns with global AI security frameworks to ensure top-notch security standards. Lakera is suitable for security teams, product teams, and LLM builders looking to secure their AI applications effectively and efficiently.

Pentest Copilot by BugBase is an ultimate ethical hacking assistant that guides users through each step of the hacking journey, from analyzing web apps to root shells. It eliminates redundant research, automates payload and command generation, and provides intelligent contextual analysis to save time. The application excels at data extraction, privilege escalation, lateral movement, and leaving no trace behind. With features like secure VPN integration, total control over sessions, parallel command processing, and flexibility to choose between local or cloud execution, Pentest Copilot offers a seamless and efficient hacking experience without the need for Kali Linux installation.

klu.ai is an AI-powered platform that focuses on security verification for online connections. It ensures a safe browsing experience by reviewing and enhancing the security measures of the user's connection. The platform utilizes advanced algorithms to detect and prevent potential threats, providing users with a secure environment for their online activities.

ZeroGPTDetector is a website that focuses on verifying human users and ensuring secure connections. It performs security checks to prevent automated bots from accessing the site. Users may encounter a brief waiting period during the verification process. The site utilizes JavaScript and cookies for seamless browsing. Powered by Cloudflare, ZeroGPTDetector prioritizes performance and security for a safe online experience.

SENEX is an AI-powered Blockchain company that aims to create the world's finest Intelligent Chain. It combines Artificial Intelligence with Blockchain technology to provide a privacy-compliant and secure platform for digital users and businesses. SENEX's Intelligent Chain distributes data processing across the network while keeping information private and secure, giving users the benefits of anonymity. The company's AI-powered solutions address various challenges and problems in industries such as healthcare, finance, transportation, and education.

CensysGPT Beta is a tool that simplifies building queries and empowers users to conduct efficient and effective reconnaissance operations. It enables users to quickly and easily gain insights into hosts on the internet, streamlining the process and allowing for more proactive threat hunting and exposure management.

Link Shield is an AI-powered malicious URL detection API platform that helps protect online security. It utilizes advanced machine learning algorithms to analyze URLs and identify suspicious activity, safeguarding users from phishing scams, malware, and other harmful threats. The API is designed for ease of integration, affordability, and flexibility, making it accessible to developers of all levels. Link Shield empowers businesses to ensure the safety and security of their applications and online communities.

Resemble AI is a cutting-edge generative voice AI platform that empowers enterprises with advanced voice cloning, deepfake detection, and AI watermarking capabilities. Our suite of tools enables the creation of realistic synthetic voices, detection of AI-generated content, and protection of intellectual property. With Resemble AI, businesses can enhance customer service, elevate gaming experiences, revolutionize entertainment, and safeguard their digital assets.

CYBER AI is a security report savant powered by DEPLOYH.AI that simplifies cybersecurity for businesses. It offers a range of features to help organizations understand, unlock, and uncover security threats, including security reports, databreach reports, logs, and threat hunting. With CYBER AI, businesses can gain a comprehensive view of their security posture and take proactive steps to mitigate risks.

Nametag is an identity verification solution designed specifically for IT helpdesks. It helps businesses prevent social engineering attacks, account takeovers, and data breaches by verifying the identity of users at critical moments, such as password resets, MFA resets, and high-risk transactions. Nametag's unique approach to identity verification combines mobile cryptography, device telemetry, and proprietary AI models to provide unmatched security and better user experiences.

hCaptcha Enterprise is a comprehensive security platform that protects businesses from a wide range of online threats, including bots, fraud, and abuse. It uses advanced machine learning and threat intelligence to detect and block malicious activity, while providing a frictionless experience for legitimate users. hCaptcha Enterprise is easy to deploy and manage, and it can be customized to meet the specific needs of each business.

Cyguru is an all-in-one cloud-based AI Security Operation Center (SOC) that offers a comprehensive range of features for a robust and secure digital landscape. Its Security Operation Center is the cornerstone of its service domain, providing AI-Powered Attack Detection, Continuous Monitoring for Vulnerabilities and Misconfigurations, Compliance Assurance, SecPedia: Your Cybersecurity Knowledge Hub, and Advanced ML & AI Detection. Cyguru's AI-Powered Analyst promptly alerts users to any suspicious behavior or activity that demands attention, ensuring timely delivery of notifications. The platform is accessible to everyone, with up to three free servers and subsequent pricing that is more than 85% below the industry average.

Japan Computer Vision (JCV) is a leading technology company specializing in advanced computer vision solutions (image recognition). As a 100% subsidiary of SoftBank Corp., JCV focuses on security and innovation to provide cutting-edge technologies that transform industries and improve lives worldwide. Through solutions for smart buildings and smart retail, JCV enhances office environments, streamlines operations, improves hospitality in stores and commercial facilities, and creates new work and lifestyle experiences.

EchoMark is a cloud-based data leak prevention solution that uses invisible forensic watermarks to protect sensitive information from unauthorized access and exfiltration. It allows organizations to securely share and collaborate on documents and emails without compromising privacy and security. EchoMark's advanced investigation tools can trace the source of a leaked document or email, even if it has been shared via printout or photo.

Vanta is a trust management platform that helps businesses automate compliance, streamline security reviews, and build trust with customers. It offers a range of features to help businesses manage risk and prove security in real time, including: * **Compliance automation:** Vanta automates up to 90% of the work for security and privacy frameworks, making it easy for businesses to achieve and maintain compliance. * **Real-time monitoring:** Vanta provides real-time visibility into the state of a business's security posture, with hourly tests and alerts for any issues. * **Holistic risk visibility:** Vanta offers a single view across key risk surfaces in a business, including employees, assets, and vendors, to help businesses identify and mitigate risks. * **Efficient audits:** Vanta streamlines the audit process, making it easier for businesses to prepare for and complete audits. * **Integrations:** Vanta integrates with a range of tools and platforms to help businesses automate security and compliance tasks.

Verificient Technologies Inc specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring. Their flagship product, Proctortrack, is an identity verification and automated digital remote proctoring solution, helping Institutions of higher education ensure the integrity of their high-stakes online assessments.

Tracecat is an open-source security automation platform that helps you automate security alerts, build AI-assisted workflows, orchestrate alerts, and close cases fast. It is a Tines / Splunk SOAR alternative that is built for builders and allows you to experiment for free. You can deploy Tracecat on your own infrastructure or use Tracecat Cloud with no maintenance overhead. Tracecat is Apache-2.0 licensed, which means it is open vision, open community, and open development. You can have your say in the future of security automation. Tracecat is no-code first, but you can also code as well. You can build automations fast with no-code and customize without vendor lock-in using Python. Tracecat has a click-and-drag workflow builder that allows you to automate SecOps using pre-built actions (API calls, webhooks, data transforms, AI tasks, and more) combined into workflows. No code is required. Tracecat also has a built-in case management system that allows you to open cases directly from workflows and track and manage security incidents all in one platform.

Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining workflows to ensure audit-readiness. It automates evidence collection, control monitoring, and risk management, saving companies time and resources. Drata also provides a centralized platform for managing compliance across multiple frameworks, including SOC 2, ISO 27001, HIPAA, and GDPR.

Dataminr is a leading provider of real-time event and risk detection. Its AI platform processes billions of public data units daily to deliver real-time alerts on high-impact events and emerging risks. Dataminr's products are used by businesses, public sector organizations, and newsrooms to plan for and respond to crises, manage risks, and stay informed about the latest events.

Robust Intelligence is an end-to-end solution for securing AI applications. It automates the evaluation of AI models, data, and files for security and safety vulnerabilities and provides guardrails for AI applications in production against integrity, privacy, abuse, and availability violations. Robust Intelligence helps enterprises remove AI security blockers, save time and resources, meet AI safety and security standards, align AI security across stakeholders, and protect against evolving threats.

Netify provides network intelligence and visibility. Its solution stack starts with a Deep Packet Inspection (DPI) engine that passively collects data on the local network. This lightweight engine identifies applications, protocols, hostnames, encryption ciphers, and other network attributes. The software can be integrated into network devices for traffic identification, firewalling, QoS, and cybersecurity. Netify's Informatics engine collects data from local DPI engines and uses the power of a public or private cloud to transform it into network intelligence. From device identification to cybersecurity risk detection, Informatics provides a way to take a proactive approach to manage network threats, bottlenecks, and usage. Lastly, Netify's Data Feeds provide data to help vendors understand how applications behave on the Internet.

Signal is an encrypted messaging service that allows users to send and receive text, voice, video, and image messages. It is available as a mobile app and a desktop application, and it can be used to communicate with other Signal users or with people who use other messaging apps. Signal is known for its strong security features, which include end-to-end encryption, disappearing messages, and a focus on privacy.

ZeroThreat is a web app and API security scanner that helps businesses identify and fix vulnerabilities in their web applications and APIs. It uses a combination of static and dynamic analysis techniques to scan for a wide range of vulnerabilities, including OWASP Top 10, CWE Top 25, and SANS Top 25. ZeroThreat also provides continuous monitoring and alerting, so businesses can stay on top of new vulnerabilities as they emerge.

Instafill.ai is a website that provides a security service to protect itself from online attacks. It uses a variety of techniques to detect and block malicious traffic, including IP blocking, web application firewall, and bot detection. Instafill.ai also provides a variety of security features, such as two-factor authentication, SSL encryption, and malware scanning.

Prompt Security is a platform that secures all uses of Generative AI in the organization: from tools used by your employees to your customer-facing apps.

HCLSoftware is a leading provider of software solutions for digital transformation, data and analytics, AI and intelligent automation, enterprise security, and cloud computing. The company's products and services help organizations of all sizes to improve their business outcomes and achieve their digital transformation goals.

Robust Intelligence is an end-to-end security solution for AI applications. It automates the evaluation of AI models, data, and files for security and safety vulnerabilities and provides guardrails for AI applications in production against integrity, privacy, abuse, and availability violations. Robust Intelligence helps enterprises remove AI security blockers, save time and resources, meet AI safety and security standards, align AI security across stakeholders, and protect against evolving threats.

Dataminr is a leading AI company that provides real-time event, risk, and threat detection. Its revolutionary real-time AI Platform discovers the earliest signals of events, risks, and threats from within public data. Dataminr's products deliver critical information first—so organizations can respond quickly and manage crises effectively.

Redflag AI is a leading provider of content and brand protection solutions. Our AI-powered platform helps businesses protect their brands from fraud, abuse, and counterfeiting. We offer a range of services to help businesses protect their online presence, including brand monitoring, content moderation, and fraud detection.

SafeSpeak is an AI-powered mobile security solution that protects users from phone scams, SIM swaps, and other malicious activities. It uses advanced machine learning and large language models to detect and block threats in real-time. SafeSpeak offers a range of features for both personal and business use, including malicious behavior detection, community immunity, SIM swap detection, weekly and monthly reporting, quick and easy setup, admin dashboard, extensible API, custom reporting, and visibility into tactics, techniques, and procedures (TTPs).

PullRequest is an AI-powered code review as a service platform that offers on-demand code review from expert engineers enhanced by AI. It supports all languages and frameworks, helping development teams of any size ship better, more secure code faster through AI-assisted code reviews. PullRequest integrates with popular version control platforms like GitHub, GitLab, Bitbucket, and Azure DevOps, providing valuable knowledge sharing with senior engineers to improve code quality and security. The platform ensures code safety and security by adhering to best practices, strict procedures, and employing reviewers based in the US, the UK, or Canada.

MiniAiLive is a provider of Touchless Biometrics Authentication and ID verification solutions. They offer strong security solutions with cutting-edge technologies for facial recognition, liveness detection, and ID document recognition. MiniAiLive ensures seamless integration with clients' existing systems. The application caters to various industries and provides solutions for identity verification, biometric authentication, and fraud prevention. MiniAiLive stands out for its global coverage, configurability, speed, and accuracy in identity verification services.

AppSec Assistant is an AI-powered application designed to provide automated security recommendations in Jira Cloud. It focuses on ensuring data security by enabling secure-by-design software development. The tool simplifies setup by allowing users to add their OpenAI API key and organization, encrypts and stores data using Atlassian's Storage API, and provides tailored security recommendations for each ticket to reduce manual AppSec reviews. AppSec Assistant empowers developers by keeping up with their pace and helps in easing the security review bottleneck.

Pipeless Agents is a platform that allows users to convert any video feed into an actionable data stream, enabling automation of tasks based on visual inputs. It serves as a serverless platform for Vision AI, offering the ability to create projects, connect video sources, and customize agents for specific needs. With a focus on simplicity and efficiency, Pipeless Agents empowers users to extract structured data from various video sources and automate processes with minimal coding requirements.

KBY-AI is an advanced Identity Verification SDK provider offering powerful solutions for Face Recognition, Face Liveness Detection, and ID Card Recognition. Their cutting-edge AI technology ensures foolproof protection without disrupting the user's flow. The SDKs are designed to be lightweight, highly effective, and ideal for commercial applications like KYC automation, time and attendance systems, and video surveillance. KBY-AI's solutions support various ID documents from 200+ countries and are compatible with Android, iOS, and web platforms.

Nudify.me is an AI-powered application that utilizes DeepNude technology to generate nudified images from uploaded photos. The app offers a simple and secure way to view individuals in the nude by predicting their appearance with high accuracy. Users can upload photos, select a generation mode, and receive the nudified result within seconds. Nudify.me also provides options for privacy settings and profit-sharing from public galleries. The application offers transparent pricing plans tailored to different user needs, with no hidden fees or long-term contracts.

Endor Labs is an AI-powered software supply chain security solution that helps organizations manage their software bills of materials (SBOM), secure their open source dependencies, optimize CI/CD pipeline security, and enhance application security with secret detection. The platform offers advanced features such as AI-assisted OSS selection, compliance management, reachability-based SCA, and repository security posture management. Endor Labs aims to streamline security processes, reduce false positives, and provide actionable insights to improve software supply chain security.

MTS AI is a platform offering AI-based products and solutions, leveraging artificial intelligence technologies to create voice assistants, chatbots, video analysis solutions, and more. They develop AI solutions using natural language processing, computer vision, and edge computing technologies, collaborating with leading tech companies and global experts. MTS AI aims to find the most viable AI applications for the benefit of society, providing automation for customer service systems, security control, and voice and video data analysis.

Visionify.ai is an advanced Vision AI application designed to enhance workplace safety and compliance through AI-driven surveillance. The platform offers over 60 Vision AI scenarios for hazard warnings, worker health, compliance policies, environment monitoring, vehicle monitoring, and suspicious activity detection. Visionify.ai empowers EHS professionals with continuous monitoring, real-time alerts, proactive hazard identification, and privacy-focused data security measures. The application transforms ordinary cameras into vigilant protectors, providing instant alerts and video analytics tailored to safety needs.

FacePlugin is an ID verification and Biometric Authentication solution provider that utilizes advanced face recognition, face liveness detection, and ID document recognition technologies. The platform offers solutions for eKYC and ID verification needs, with features such as instant face recognition, enhanced face anti-spoofing technology, and robust identity document verification. FacePlugin aims to secure and streamline the authentication process for various industries and use cases, providing proprietary solutions, top-notch quality, and competitive pricing.

Lakera is the world's most advanced AI security platform designed to protect organizations from AI threats. It offers solutions for prompt injection detection, unsafe content identification, PII and data loss prevention, data poisoning prevention, and insecure LLM plugin design. Lakera is recognized for setting global AI security standards and is trusted by leading enterprises, foundation model providers, and startups. The platform is powered by a proprietary AI threat database and aligns with global AI security frameworks.

Mxface is a leading face recognition API technology that offers advanced computer vision and AI APIs for developers. The platform provides services like face detection, face comparing, face landmarks, face attributes, face search, iris recognition, fingerprint recognition, and people detection. Mxface ensures data security, real-time face recognition, precision, easy face enrollment, and device integration. It is a cloud-based facial recognition solution that supports various use cases and offers comprehensive security features.

Airship AI is a cutting-edge, artificial intelligence-driven video, sensor, and data management surveillance platform. Customers rely on their services to provide actionable intelligence in real-time, collected from a wide range of deployed sensors, utilizing the latest in edge and cloud-based analytics. These capabilities improve public safety and operational efficiency for both public sector and commercial clients. Founded in 2006, Airship AI is U.S. owned and operated, headquartered in Redmond, Washington. Airship's product suite is comprised of three core offerings: Acropolis, the enterprise software stack, Command, the family of viewing clients, and Outpost, edge hardware and software AI offerings.

Rank One Computing (ROC) is an American-made provider of multimodal biometrics and computer vision solutions, specializing in face recognition, fingerprint recognition, and artificial intelligence technologies. Trusted by the U.S. military, law enforcement, and leading FinTech brands, ROC offers top-ranked software for identity proofing and threat detection. Their suite of products includes ROC SDK, ROC Watch, and custom enterprise AI development services. With a focus on security and efficiency, ROC aims to make the world safer and more convenient through unbiased and privacy-conscious applications.

Allwire Technologies, LLC is a boutique IT consultancy firm that specializes in building intelligent IT infrastructure solutions. They offer services such as hybrid infrastructure management, security expertise, IT helpdesk support, operational insurance, and AI-driven solutions. The company focuses on empowering clients by providing tailored IT solutions without vendor lock-in. Allwire Technologies is known for fixing complex IT problems and modernizing existing tech stacks through a combination of cloud and data center solutions.

FaceCheck.ID is a facial recognition AI technology-powered search engine that allows users to upload a photo of a person to discover their social media profiles, appearances in blogs, videos, news websites, and more. It helps users verify the authenticity of individuals, avoid dangerous criminals, keep their families safe, and avoid becoming victims of various scams and crimes. The tool is designed to assist in identifying and uncovering information about individuals based on their facial features, with a focus on safety and security.

Wing Security is a SaaS Security Posture Management (SSPM) solution that helps businesses protect their data by providing full visibility and control over applications, users, and data. The platform offers features such as automated remediation, AI discovery, real-time SaaS visibility, vendor risk management, insider risk management, and more. Wing Security enables organizations to eliminate risky applications, manage user behavior, and protect sensitive data from unauthorized access. With a focus on security first, Wing Security helps businesses leverage the benefits of SaaS while staying protected.

Horizon3.ai Solutions offers the NodeZero™ Platform, an AI-powered autonomous penetration testing tool designed to enhance cybersecurity measures. The platform combines expert human analysis by Offensive Security Certified Professionals with automated testing capabilities to streamline compliance processes and proactively identify vulnerabilities. NodeZero empowers organizations to continuously assess their security posture, prioritize fixes, and verify the effectiveness of remediation efforts. With features like internal and external pentesting, rapid response capabilities, AD password audits, phishing impact testing, and attack research, NodeZero is a comprehensive solution for large organizations, ITOps, SecOps, security teams, pentesters, and MSSPs. The platform provides real-time reporting, integrates with existing security tools, reduces operational costs, and helps organizations make data-driven security decisions.

Recognito is a leading facial recognition technology provider, offering the NIST FRVT Top 1 Face Recognition Algorithm. Their high-performance biometric technology is used by police forces and security services to enhance public safety, manage individual movements, and improve audience analytics for businesses. Recognito's software goes beyond object detection to provide detailed user role descriptions and develop user flows. The application enables rapid face and body attribute recognition, video analytics, and artificial intelligence analysis. With a focus on security, living, and business improvements, Recognito helps create safer and more prosperous cities.

Vectra AI is a leading AI security platform that helps organizations stop advanced cyber attacks by providing an integrated signal for extended detection and response (XDR). The platform arms security analysts with real-time intelligence to detect, prioritize, investigate, and respond to threats across network, identity, cloud, and managed services. Vectra AI's AI-driven detections and Attack Signal Intelligence enable organizations to protect against various attack types and emerging threats, enhancing cyber resilience and reducing risks in critical infrastructure, cloud environments, and remote workforce scenarios. Trusted by over 1100 enterprises worldwide, Vectra AI is recognized for its expertise in AI security and its ability to stop sophisticated attacks that other technologies may miss.

ISMS Copilot is an AI-powered assistant designed to simplify ISO 27001 preparation for both experts and beginners. It offers various features such as ISMS scope definition, risk assessment and treatment, compliance navigation, incident management, business continuity planning, performance tracking, and more. The tool aims to save time, provide precise guidance, and ensure ISO 27001 compliance. With a focus on security and confidentiality, ISMS Copilot is a valuable resource for small businesses and information security professionals.

Sardine is an AI-powered platform for fraud prevention and compliance. It offers a comprehensive suite of products to help banks, retailers, and fintechs detect fraud patterns, prevent money laundering, and stop sophisticated scams. Sardine combines deep device intelligence, behavior biometrics, and identity signals to provide a precise risk score for every customer interaction. The platform also features machine learning models, a rules engine, network graph analysis, anomaly detection, and generative AI capabilities to fight modern threats. Sardine helps reduce fraud rates, decrease false positives, and streamline risk operations with its fully integrated solutions.

SecureLabs is an AI-powered platform that offers comprehensive security, privacy, and compliance management solutions for businesses. The platform integrates cutting-edge AI technology to provide continuous monitoring, incident response, risk mitigation, and compliance services. SecureLabs helps organizations stay current and compliant with major regulations such as HIPAA, GDPR, CCPA, and more. By leveraging AI agents, SecureLabs offers autonomous aids that tirelessly safeguard accounts, data, and compliance down to the account level. The platform aims to help businesses combat threats in an era of talent shortages while keeping costs down.

WP Safe AI is a cutting-edge Security as a Service (SaaS) solution powered by AI, designed to effortlessly secure compromised WordPress websites. The platform guarantees a fast, thorough cleanup verified by experts, with zero stress for the user. It combines the power of AI with expert verification to handle most cleanup tasks automatically, streamlining routine tasks with exceptional accuracy and efficiency. WP Safe AI offers a secure staging environment for users to review their cleaned site before deployment, ensuring a hassle-free experience. The application goes beyond simple scanning and removal, addressing deep-seated malware roots for a complete and lasting solution.

GitLab is a comprehensive AI-powered DevSecOps platform that balances speed and security in a single platform. It automates software delivery, boosts productivity, and secures the end-to-end software supply chain. GitLab simplifies the toolchain by providing all essential DevSecOps tools in one place, accelerates software delivery through automation and AI-powered workflows, and integrates security seamlessly. It allows users to deploy anywhere without cloud vendor lock-in, offering value stream management, analytics, and insights to accelerate coding. GitLab is trusted by industry leaders for building mission-critical software and is recognized as a Leader in DevOps Platforms by various industry analysts.

Snyk is a developer security platform powered by DeepCode AI, offering solutions for application security, software supply chain security, and secure AI-generated code. It provides comprehensive vulnerability data, license compliance management, and self-service security education. Snyk integrates AI models trained on security-specific data to secure applications and manage tech debt effectively. The platform ensures developer-first security with one-click security fixes and AI-powered recommendations, enhancing productivity while maintaining security standards.

SparkCognition Government Systems (SGS) is a full-spectrum artificial intelligence company dedicated to government and national defense missions. The company leverages AI technologies such as machine learning, natural language processing, and computer vision to enhance mission readiness, battle management, logistics, security, and manufacturing optimization. SparkCognition Government Systems focuses on delivering targeted AI solutions to amplify asset readiness, augment human intelligence, and accelerate decision-making processes for government organizations.

Vulnscanner AI is an AI-powered WordPress security tool that offers affordable and user-friendly website security solutions. It provides instant, jargon-free security reports, step-by-step resolution guides, and customizable security solutions to prevent future attacks. The tool is designed to help small/medium businesses, web professionals, and individuals safeguard their online presence without breaking the bank. With advanced algorithms and military-grade encryption, Vulnscanner AI aims to protect websites from cyber threats and vulnerabilities.

Dynatrace is a modern cloud platform that offers unified observability and security solutions to simplify cloud complexity and drive innovation. Powered by causal AI, Dynatrace provides analytics and automation capabilities to help businesses monitor and secure their full stack, solve digital challenges, and make better business decisions in real-time. Trusted by thousands of global brands, Dynatrace empowers teams to deliver flawless digital experiences, drive intelligent cloud ecosystem automations, and solve any use-case with custom solutions.

Storytell.ai is an enterprise-grade AI platform that offers Business-Grade Intelligence across data, focusing on boosting productivity for employees and teams. It provides a secure environment with features like creating project spaces, multi-LLM chat, task automation, chat with company data, and enterprise-AI security suite. Storytell.ai ensures data security through end-to-end encryption, data encryption at rest, provenance chain tracking, and AI firewall. It is committed to making AI safe and trustworthy by not training LLMs with user data and providing audit logs for accountability. The platform continuously monitors and updates security protocols to stay ahead of potential threats.

Traceable is an AI-driven application designed to enhance API security for Cloud-Native Apps. It collects API traffic across the application landscape and utilizes advanced context-based behavioral analytics AI engine to provide insights on APIs, data exposure, threat analytics, and forensics. The platform offers features for API cataloging, activity monitoring, endpoint details, ownership, vulnerabilities, protection against security events, testing, analytics, and more. Traceable also allows for role-based access control, policy configuration, data classification, and integration with third-party solutions for data collection and security. It is a comprehensive tool for API security and threat detection in modern cloud environments.

Sighthound is an AI-powered video solutions provider that specializes in solving complex video AI problems at scale. Their products, such as Sighthound ALPR+ for Automatic License Plate Recognition and Sighthound Redactor for Video Redaction, leverage deep learning technology to unlock valuable user insights, reduce operational costs, and increase revenue in the privacy and vehicle recognition space. With a focus on simplicity and customer support, Sighthound offers easy integration of their AI products through simple-to-use APIs.

VisionLabs is a leading provider of facial recognition technology that enhances digital identity experiences. Their Artificial Intelligence and Machine Learning technology, based on neural network algorithms, ensures a safer and more secure world, enabling seamless navigation in the digital realm. With applications in over 60 countries across various industries, VisionLabs aims to facilitate better and safer interactions through facial recognition technology.

The Coalition for Secure AI (CoSAI) is an open ecosystem of AI and security experts dedicated to sharing best practices for secure AI deployment and collaborating on AI security research and product development. It aims to foster a collaborative ecosystem of diverse stakeholders to invest in AI security research collectively, share security expertise and best practices, and build technical open-source solutions for secure AI development and deployment.

Traceable is an intelligent API security platform designed for enterprise-scale security. It offers unmatched API discovery, attack detection, threat hunting, and infinite scalability. The platform provides comprehensive protection against API attacks, fraud, and bot security, along with API testing capabilities. Powered by Traceable's OmniTrace Engine, it ensures unparalleled security outcomes, remediation, and pre-production testing. Security teams trust Traceable for its speed and effectiveness in protecting API infrastructures.

The website is a comprehensive platform for software development news, covering a wide range of topics such as AI, DevOps, Observability, CI/CD, Cloud Native, Data, Test Automation, Mobile, API, Performance, Security, DevSecOps, Enterprise Security, Supply Chain Security, Teams & Culture, Dev Manager, Agile, Value Stream, Productivity, and more. It provides news articles, webinars, podcasts, and white papers to keep developers informed about the latest trends and technologies in the software development industry.

Intuition Machines is a leading provider of Privacy-Preserving AI/ML platforms and research solutions. They offer products and services that cater to category leaders worldwide, focusing on AI/ML research, security, and risk analysis. Their innovative solutions help enterprises prepare for the future by leveraging AI for a wide range of problems. With a strong emphasis on privacy and security, Intuition Machines is at the forefront of developing cutting-edge AI technologies.

Spottr is an advanced AI-powered video search tool that revolutionizes content navigation by enabling users to find specific moments in vast video archives within seconds. With sophisticated algorithms and natural language processing, Spottr offers context-aware search results and infinite video length handling capabilities. The application is ideal for various industries such as investigation, wildlife monitoring, video production, and more. Spottr eliminates the need for endless scrolling through footage, making it a valuable tool for both small businesses and large enterprises.

Socure is a revolutionary digital identity verification and fraud prevention platform that leverages advanced AI/ML technology to provide the most accurate and comprehensive identity verification and fraud prediction solutions. The platform offers a wide range of features including graph-defined identity verification, fraud risk assessment, compliance solutions, account intelligence, decisioning analytics, and reporting. Socure's ID+ platform integrates real-time intelligence from billions of predictions and outcomes to deliver maximum accuracy and eliminate the need for disparate products. With up to 98% auto-approvals across all demographics, Socure helps organizations prevent fraud, streamline compliance, and onboard good customers efficiently.

Glog is an AI application focused on making software more secure by providing remediation advice for security vulnerabilities in software code based on context. It is capable of automatically fixing vulnerabilities, thus reducing security risks and protecting against cyber attacks. The platform utilizes machine learning and AI to enhance software security and agility, ensuring system reliability, integrity, and safety.

Outsight is an AI application that utilizes LiDAR technology to provide end-to-end passenger journey tracking, enhance airport operations, improve security solutions, and transform various industries. The application offers high-accuracy, all-weather monitoring, reduces false alarms, and enhances perimeter and access control. Outsight collaborates with industry leaders to deliver unprecedented solutions in the field of Spatial AI, making spaces truly smart and revolutionizing the way we perceive reality.

Stellar Cyber is an AI-driven unified security operations platform powered by Open XDR. It offers a single platform with NG-SIEM, NDR, and Open XDR, providing security capabilities to take control of security operations. The platform helps organizations detect, correlate, and respond to threats fast using AI technology. Stellar Cyber is designed to protect the entire attack surface, improve security operations performance, and reduce costs while simplifying security operations.

Chima is an AI tool that is revolutionizing the enterprise landscape by offering Complex Human Reasoning Systems powered by AI. It automates various functions, enhances customer targeting, and improves business operations. Chima ensures industry-grade security and compliance, making it a reliable choice for enterprises looking to leverage AI for growth and efficiency.

Dropzone AI is an award-winning AI application designed to reinforce Security Operations Centers (SOCs) by providing autonomous AI analysts. It replicates the techniques of elite analysts to autonomously investigate alerts, covering various use cases such as phishing, endpoint, network, cloud, identity, and insider threats. The application offers pre-trained AI agents that work alongside human analysts, automating investigation tasks and providing fast, detailed, and accurate reports. With built-in integrations with major security tools, Dropzone AI aims to reduce Mean Time to Respond (MTTR) and allow analysts to focus on addressing real threats.

n8n is a powerful workflow automation software and tools that offer advanced AI capabilities. It is a popular platform for technical teams to automate workflows, integrate various services, and build autonomous agents. With over 400 integrations, n8n enables users to save time, streamline operations, and enhance security through AI-driven processes. The tool supports self-hosting, external libraries, and offers enterprise-ready solutions for scaling operations. n8n empowers users to code iteratively, explore advanced AI features, and create complex workflows with ease.

n8n is a powerful workflow automation software and tool that offers advanced AI capabilities. It is a popular platform for technical teams to automate workflows, integrate various services, and build autonomous agents. With over 400 integrations, n8n enables users to save time, streamline operations, and enhance security through AI-powered solutions. The tool supports self-hosting, external libraries, and a user-friendly interface for both coding and non-coding users.

Start Left® Security is an AI-driven application security posture management platform that empowers product teams to automate secure-by-design software from people to cloud. The platform integrates security into every facet of the organization, offering a unified solution that aligns with business goals, fosters continuous improvement, and drives innovation. Start Left® Security provides a gamified DevSecOps experience with comprehensive security capabilities like SCA, SBOM, SAST, DAST, Container Security, IaC security, ASPM, and more.

ArcadianAI is a modern security monitoring platform that offers easy and affordable solutions for businesses and individuals. The platform provides security cameras, crime maps, and a 30-day free trial for users to experience its features. ArcadianAI uses AI technology for intrusion detection, smart alerts analytics, AI heatmaps search, and AI detection of people. The platform aims to enhance security measures by intelligently contextualizing, analyzing, and safeguarding premises in real-time using existing CCTV footage.

Seventh Sense is an AI company focused on providing cutting-edge AI solutions for secure and private identity verification. Their innovative technologies, such as SenseCrypt, OpenCV FR, and SenseVantage, offer advanced biometric verification, face recognition, and AI video analysis. With a mission to make self-sovereign identity accessible to all, Seventh Sense ensures privacy, security, and compliance through their AI algorithms and cryptographic solutions.

VOLT AI is a cloud-based enterprise security application that utilizes advanced AI technology to intercept threats in real-time. The application offers solutions for various industries such as education, corporate, and cities, focusing on perimeter security, medical emergencies, and weapons detection. VOLT AI provides features like unified cameras, video intelligence, real-time notifications, automated escalations, and digital twin creation for advanced situational awareness. The application aims to enhance safety and security by detecting security risks and notifying users promptly.

AquilaX is an AI-powered DevSecOps platform that simplifies security and accelerates development processes. It offers a comprehensive suite of security scanning tools, including secret identification, PII scanning, SAST, container scanning, and more. AquilaX is designed to integrate seamlessly into the development workflow, providing fast and accurate results by leveraging AI models trained on extensive datasets. The platform prioritizes developer experience by eliminating noise and false positives, making it a go-to choice for modern Secure-SDLC teams worldwide.

AITX - Artificial Intelligence Technology Solutions Inc. is a leading company at the forefront of the 4th Industrial Revolution, specializing in deploying Autonomous Intelligent Response (AIR™) technology. They design, engineer, manufacture, and maintain innovative AI-powered solutions for security and facility management, aiming to enhance security, safety, and efficiency in various sectors. AITX's subsidiaries develop cutting-edge robotics and AI technology to revolutionize workflow automation, security solutions, and more, offering cost-effective and advanced alternatives to traditional methods.

CyberUpgrade.net is an AI-powered platform that offers comprehensive cybersecurity and compliance solutions for organizations of all sizes. It provides automated compliance, risk management, vendor risk assessment, policy management, audit management, and 24/7 security support. The platform features a cloud vulnerability scanner, security awareness training, pentesting, business continuity planning, disaster recovery planning, and an AI-powered assistant for seamless security support. CyberUpgrade helps CTOs understand their organization's security status, proposes improvement plans, guides execution, and prepares compliance documentation with a push of a button. It engages every employee individually for evidence collection and situation analysis, ensuring real cybersecurity measures are in place.

Coram AI is a modern business video security platform that offers AI-powered solutions for various industries such as warehouse, manufacturing, healthcare, education, and more. It provides advanced features like gun detection, productivity alerts, facial recognition, and safety alerts to enhance security and operations. Coram AI's flexible architecture allows users to seamlessly integrate with any IP camera and scale effortlessly to meet their demands. With natural language search capabilities, users can quickly find relevant footage and improve decision-making. Trusted by local businesses and Fortune 500 companies, Coram AI delivers real business value through innovative AI tools and reliable customer support.

Kindo is an AI-powered platform designed for DevSecOps teams to automate tasks, write doctrine, and orchestrate infrastructure responses. It offers AI-powered Runbook automations to streamline workflows, automate tedious tasks, and enhance security controls. Kindo enables users to offload time-consuming tasks to AI Agents, prioritize critical tasks, and monitor AI-related activities for compliance and informed decision-making. The platform provides a comprehensive vantage point for modern infrastructure defense and instrumentation, allowing users to create repeatable processes, automate vulnerability assessment and remediation, and secure multi-cloud IAM configurations.

Turing AI is a cloud-based video security system powered by artificial intelligence. It offers a range of AI-powered video surveillance products and solutions to enhance safety, security, and operations. The platform provides smart video search capabilities, real-time alerts, instant video sharing, and hardware offerings compatible with various cameras. With flexible licensing options and integration with third-party devices, Turing AI is trusted by customers across industries for its robust and innovative approach to cloud video security.

PreCheck.ai is an AI-powered facial recognition and ID verification platform that empowers individuals and businesses with tools for privacy, reputation management, and fast online identity verification. It offers solutions for protecting personal privacy, monitoring online reputation, identifying unauthorized images, finding lost photos, assisting law enforcement, and helping content creators protect their work. The platform provides lightning-fast verification, fraud prevention, and industry-leading accuracy through features like ID/passport scan, facial image search, advanced filtering options, link and photo removal requests, data enrichment, and developer-friendly APIs.

XenonStack AI is an AI application that offers solutions for various industries by providing AI vision systems, incident detection, product inspection, supply chain visibility, and content enhancements. The application utilizes Vision AI and AI agents to automate operations, enhance decision-making, and improve efficiency across different sectors. XenonStack AI empowers users to unlock the potential of fully automated workflows, predict maintenance issues, optimize operations, and ensure safety and security through advanced AI technologies.

FaceOnLive is an AI-powered on-premises ID verification and biometrics solution provider. The platform offers a suite of SDKs for ID document recognition, face liveness detection, face recognition, and other AI solutions. With a focus on data security and compliance, FaceOnLive enables businesses to build custom ID verification systems while maintaining full control over customer data. The platform also provides touchless biometrics authentication solutions for secure and contact-free customer onboarding.

Ferhat Erata is an AI application developed by a Computer Science PhD graduate from Yale University. The application focuses on training transformers to solve NP-complete problems using reinforcement learning and improving test-time compute strategies for reasoning. It also explores learning randomized reductions and program properties for security, privacy, and side-channel resilience. Ferhat Erata is currently an Applied Scientist at the Automated Reasoning Group at AWS, working on Neuro-Symbolic AI to prevent factual errors caused by LLM hallucinations using mathematically sound Automated Reasoning checks.

Legit is an Application Security Posture Management (ASPM) platform that helps organizations manage and mitigate application security risks from code to cloud. It offers features such as Secrets Detection & Prevention, Continuous Compliance, Software Supply Chain Security, and AI Security Posture Management. Legit provides a unified view of AppSec risk, deep context to prioritize issues, and proactive remediation to prevent future risks. It automates security processes, collaborates with DevOps teams, and ensures continuous compliance. Legit is trusted by Fortune 500 companies like Kraft-Heinz for securing the modern software factory.

Lacework is a cloud security platform that provides comprehensive security solutions for DevOps, Containers, and Cloud Environments. It offers features such as Code Security, Workload Protection, Identities and Entitlements management, Posture Management, Kubernetes Security, Data Posture Management, Infrastructure as Code security, Software Composition Analysis, Application Security Testing, Edge Security, and Platform Overview. Lacework empowers users to secure their entire cloud infrastructure, prioritize risks, protect workloads, and stay compliant by leveraging AI-driven technologies and behavior-based threat detection. The platform helps automate compliance reporting, fix vulnerabilities, and reduce alerts, ultimately enhancing cloud security and operational efficiency.

GitLab is a comprehensive AI-powered DevSecOps platform that balances speed and security in a single platform. It automates software delivery, boosts productivity, and secures the end-to-end software supply chain. GitLab simplifies the toolchain by providing all essential DevSecOps tools in one place, accelerates software delivery with automation and AI-powered workflows, and integrates security seamlessly. It allows users to deploy anywhere without cloud vendor lock-in, offering value stream management, analytics, and insights to accelerate coding and optimize processes.

Torq is an AI-driven platform that offers Security Hyperautomation Solutions, empowering security teams to detect, prioritize, and respond to threats faster. It provides a range of features and capabilities such as AI Agents, AI SOC Analyst, Case Management, and Integrations. Torq is trusted by top security teams worldwide and is recognized for its ability to mitigate alert fatigue, false positives, and staff burnout. The platform is designed to usher in the era of Autonomous SOC by harnessing AI to enhance security operations.

Elastic is a Search AI Company that offers a platform for building tailored experiences, search and analytics, data ingestion, visualization, and generative AI solutions. The company provides services like Elastic Cloud for real-time insights, Elastic AI Assistant for retrieval and generation, and Search AI Lake for faster integration with LLMs. Elastic aims to help businesses scale with low-latency search AI and accelerate problem resolution with observability powered by advanced ML and analytics.

Bricklayer AI is an automated AI security team that empowers Security Operations Centers (SOCs) to manage alerts, incidents, and threats efficiently. It offers autonomous AI agents designed to work collaboratively with human experts, enabling faster and more effective security operations. Bricklayer AI helps organizations stay ahead of cyber threats by automating labor-intensive tasks and providing real-time analysis and response.

DeepSource is a Unified DevSecOps Platform that secures the entire development lifecycle with static analysis and AI. It offers code quality and SAST, open-source security, and is trusted by over 6,000 companies. The platform helps in finding and fixing security vulnerabilities before code is merged, with a low false-positive rate and customizable security gates for pull requests. DeepSource is built for modern software development, providing features like Autofix™ AI, code coverage, and integrations with popular tools like Jira and GitHub Issues. It offers detailed reports, issue suppression, and metric thresholds to ensure clean and secure code shipping.

SentiVeillance is an automated video analytics and surveillance solution developed by Neurotechnology. It offers real-time biometric face identification, tracking of people and vehicles, and automatic license plate recognition. The application provides algorithms for face identification, vehicle-human detection, and license plate recognition. SentiVeillance is used in various industries for security, traffic management, access control, and law enforcement. The software development kits enable the creation of unique recognition products. Customers have praised the mature and stable technology, along with the excellent technical support provided by Neurotechnology.

Neurotechnology is an AI-driven company specializing in biometric technologies, artificial intelligence, and computer vision. With over 35 years of research and development experience, the company offers a wide range of products and solutions for biometric identification, surveillance, and authentication. Neurotechnology's innovative AI applications are used in various industries, including security, law enforcement, and healthcare, to enhance efficiency and accuracy in identity verification and data analysis.

Iris AI is an AI-powered RFP software designed for sales, legal, and security teams to handle RFPs, RFIs, SOWs, VSQs, DDQs, and more efficiently. It leverages AI to reduce time-consuming processes, improve information accuracy, and enhance win rates for sales teams. Iris uses AI to generate first drafts in minutes, update knowledge bases, and manage complex projects across organizations. The application aims to streamline the RFP response process, increase deal volume, and enhance the chances of winning competitive deals.

True Anomaly is a technology company focused on redefining space security by developing hardware and software solutions at the intersection of spacecraft, software, and AI. The company aims to enhance the capabilities of the U.S., its allies, and commercial partners to safeguard global security and ensure space access and sustainability for all. True Anomaly offers a holistic platform powered by a common operating system for end-to-end development of applications and services for space-based missions.

PyRIT is an open access automation framework designed to empower security professionals and ML engineers to red team foundation models and their applications. It automates AI Red Teaming tasks to allow operators to focus on more complicated and time-consuming tasks and can also identify security harms such as misuse (e.g., malware generation, jailbreaking), and privacy harms (e.g., identity theft). The goal is to allow researchers to have a baseline of how well their model and entire inference pipeline is doing against different harm categories and to be able to compare that baseline to future iterations of their model. This allows them to have empirical data on how well their model is doing today, and detect any degradation of performance based on future improvements.

Microsoft Copilot for Security is a generative AI-powered assistant for daily operations in security and IT that empowers teams to protect at the speed and scale of AI.

Tracecat is an open-source automation platform for security teams. It's designed to be simple but powerful, with a focus on AI features and a practitioner-obsessed UI/UX. Tracecat can be used to automate a variety of tasks, including phishing email investigation, evidence collection, and remediation plan generation.

Frigate is a complete and local NVR designed for Home Assistant with AI object detection. It uses OpenCV and Tensorflow to perform realtime object detection locally for IP cameras. Use of a Google Coral Accelerator is optional, but highly recommended. The Coral will outperform even the best CPUs and can process 100+ FPS with very little overhead.

AIL framework is a modular framework to analyze potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible and can be extended to support other functionalities to mine or process sensitive information (e.g. data leak prevention).

The Prompt Fuzzer is an open-source tool that helps you assess the security of your GenAI application's system prompt against various dynamic LLM-based attacks. It provides a security evaluation based on the outcome of these attack simulations, enabling you to strengthen your system prompt as needed. The Prompt Fuzzer dynamically tailors its tests to your application's unique configuration and domain. The Fuzzer also includes a Playground chat interface, giving you the chance to iteratively improve your system prompt, hardening it against a wide spectrum of generative AI attacks.

AirGo is a front and rear end separation, multi user, multi protocol proxy service management system, simple and easy to use. It supports vless, vmess, shadowsocks, and hysteria2.

Beelzebub is an advanced honeypot framework designed to provide a highly secure environment for detecting and analyzing cyber attacks. It offers a low code approach for easy implementation and utilizes virtualization techniques powered by OpenAI Generative Pre-trained Transformer. Key features include OpenAI Generative Pre-trained Transformer acting as Linux virtualization, SSH Honeypot, HTTP Honeypot, TCP Honeypot, Prometheus openmetrics integration, Docker integration, RabbitMQ integration, and kubernetes support. Beelzebub allows easy configuration for different services and ports, enabling users to create custom honeypot scenarios. The roadmap includes developing Beelzebub into a robust PaaS platform. The project welcomes contributions and encourages adherence to the Code of Conduct for a supportive and respectful community.

This competition is organized by Javier Rando and Florian Tramèr from the ETH AI Center and SPY Lab at ETH Zurich. The goal of the competition is to create a method that can detect universal backdoors in aligned language models. A universal backdoor is a secret suffix that, when appended to any prompt, enables the model to answer harmful instructions. The competition provides a set of poisoned generation models, a reward model that measures how safe a completion is, and a dataset with prompts to run experiments. Participants are encouraged to use novel methods for red-teaming, automated approaches with low human oversight, and interpretability tools to find the trojans. The best submissions will be offered the chance to present their work at an event during the SaTML 2024 conference and may be invited to co-author a publication summarizing the competition results.

hackingBuddyGPT is a framework for testing LLM-based agents for security testing. It aims to create common ground truth by creating common security testbeds and benchmarks, evaluating multiple LLMs and techniques against those, and publishing prototypes and findings as open-source/open-access reports. The initial focus is on evaluating the efficiency of LLMs for Linux privilege escalation attacks, but the framework is being expanded to evaluate the use of LLMs for web penetration-testing and web API testing. hackingBuddyGPT is released as open-source to level the playing field for blue teams against APTs that have access to more sophisticated resources.

AIDE (Advanced Intrusion Detection Environment) is a tool for monitoring file system changes. It can be used to detect unauthorized changes to monitored files and directories. AIDE was written to be a simple and free alternative to Tripwire. Features currently included in AIDE are as follows: o File attributes monitored: permissions, inode, user, group file size, mtime, atime, ctime, links and growing size. o Checksums and hashes supported: SHA1, MD5, RMD160, and TIGER. CRC32, HAVAL and GOST if Mhash support is compiled in. o Plain text configuration files and database for simplicity. o Rules, variables and macros that can be customized to local site or system policies. o Powerful regular expression support to selectively include or exclude files and directories to be monitored. o gzip database compression if zlib support is compiled in. o Free software licensed under the GNU General Public License v2.

This script automates setting up TUIC, hysteria and other proxy-related tools in Linux. It features setting domains, getting SSL certification, setting up a simple web page, SmartSNI by Bepass, Chisel Tunnel, Hysteria V2, Tuic, Hiddify Reality Scanner, SSH, Telegram Proxy, Reverse TLS Tunnel, different panels, installing, disabling, and enabling Warp, Sing Box 4-in-1 script, showing ports in use and their corresponding processes, and an Android script to use Chisel tunnel.

uuWAF is an industrial-grade, free, high-performance, highly extensible web application and API security protection product that supports AI and semantic engines.

LLM Guard is a comprehensive tool designed to fortify the security of Large Language Models (LLMs). It offers sanitization, detection of harmful language, prevention of data leakage, and resistance against prompt injection attacks, ensuring that your interactions with LLMs remain safe and secure.

Awesome GPT + Security is a curated list of awesome security tools, experimental case or other interesting things with LLM or GPT. It includes tools for integrated security, auditing, reconnaissance, offensive security, detecting security issues, preventing security breaches, social engineering, reverse engineering, investigating security incidents, fixing security vulnerabilities, assessing security posture, and more. The list also includes experimental cases, academic research, blogs, and fun projects related to GPT security. Additionally, it provides resources on GPT security standards, bypassing security policies, bug bounty programs, cracking GPT APIs, and plugin security.

The OWASP AI Exchange and OWASP AI security and privacy guide are initiatives to collect and present the state of the art on AI threats, controls, security, and privacy through community collaboration. The AI Exchange is a living set of documents that collect AI threats and controls from collaboration between experts worldwide. The AI Security and Privacy Guide project has a security part that links directly to the AI Exchange, and a privacy part.

MiniAiLive provides system integrators with fast, flexible and extremely precise facial recognition with 3D passive face liveness detection (face anti-spoofing) that can be deployed across a number of scenarios, including security, access control, public safety, fintech, smart retail and home protection.

The MiniAiLive Face Recognition LivenessDetection Server SDK provides system integrators with fast, flexible, and extremely precise facial recognition that can be deployed across various scenarios, including security, access control, public safety, fintech, smart retail, and home protection. The SDK is fully on-premise, meaning all processing happens on the hosting server, and no data leaves the server. The project structure includes bin, cpp, flask, model, python, test_image, and Dockerfile directories. To set up the project on Linux, download the repo, install system dependencies, and copy libraries into the system folder. For Windows, contact MiniAiLive via email. The C++ example involves replacing the license key in main.cpp, building the project, and running it. The Python example requires installing dependencies and running the project. The Python Flask example involves replacing the license key in app.py, installing dependencies, and running the project. The Docker Flask example includes building the docker image and running it. To request a license, contact MiniAiLive. Contributions to the project are welcome by following specific steps. An online demo is available at https://demo.miniai.live. Related products include MiniAI-Face-Recognition-LivenessDetection-AndroidSDK, MiniAI-Face-Recognition-LivenessDetection-iOS-SDK, MiniAI-Face-LivenessDetection-AndroidSDK, MiniAI-Face-LivenessDetection-iOS-SDK, MiniAI-Face-Matching-AndroidSDK, and MiniAI-Face-Matching-iOS-SDK. MiniAiLive is a leading AI solutions company specializing in computer vision and machine learning technologies.

AIL framework is a modular framework to analyze potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams. AIL framework is flexible and can be extended to support other functionalities to mine or process sensitive information (e.g. data leak prevention).

The Awesome-LM-SSP repository is a collection of resources related to the trustworthiness of large models (LMs) across multiple dimensions, with a special focus on multi-modal LMs. It includes papers, surveys, toolkits, competitions, and leaderboards. The resources are categorized into three main dimensions: safety, security, and privacy. Within each dimension, there are several subcategories. For example, the safety dimension includes subcategories such as jailbreak, alignment, deepfake, ethics, fairness, hallucination, prompt injection, and toxicity. The security dimension includes subcategories such as adversarial examples, poisoning, and system security. The privacy dimension includes subcategories such as contamination, copyright, data reconstruction, membership inference attacks, model extraction, privacy-preserving computation, and unlearning.

last_layer is a security library designed to protect LLM applications from prompt injection attacks, jailbreaks, and exploits. It acts as a robust filtering layer to scrutinize prompts before they are processed by LLMs, ensuring that only safe and appropriate content is allowed through. The tool offers ultra-fast scanning with low latency, privacy-focused operation without tracking or network calls, compatibility with serverless platforms, advanced threat detection mechanisms, and regular updates to adapt to evolving security challenges. It significantly reduces the risk of prompt-based attacks and exploits but cannot guarantee complete protection against all possible threats.

AudioSeal is a method for speech localized watermarking, designed with state-of-the-art robustness and detector speed. It jointly trains a generator to embed a watermark in audio and a detector to detect watermarked fragments in longer audios, even in the presence of editing. The tool achieves top-notch detection performance at the sample level, generates minimal alteration of signal quality, and is robust to various audio editing types. With a fast, single-pass detector, AudioSeal surpasses existing models in speed, making it ideal for large-scale and real-time applications.

aiohttp_security is a library that provides identity and authorization for aiohttp.web. It offers features for handling authorization via cookies and supports aiohttp-session. The library includes examples for basic usage and database authentication, along with demos in the demo directory. For development, the library requires installation of specific requirements listed in the requirements-dev.txt file. aiohttp_security is licensed under the Apache 2 license.

BlinkID iOS is a mobile SDK that enables developers to easily integrate ID scanning and data extraction capabilities into their iOS applications. The SDK supports scanning and processing various types of identity documents, such as passports, driver's licenses, and ID cards. It provides accurate and fast data extraction, including personal information and document details. With BlinkID iOS, developers can enhance their apps with secure and reliable ID verification functionality, improving user experience and streamlining identity verification processes.

FigStep is a black-box jailbreaking algorithm against large vision-language models (VLMs). It feeds harmful instructions through the image channel and uses benign text prompts to induce VLMs to output contents that violate common AI safety policies. The tool highlights the vulnerability of VLMs to jailbreaking attacks, emphasizing the need for safety alignments between visual and textual modalities.

Züs is a high-performance cloud on a fast blockchain offering privacy and configurable uptime. It uses erasure code to distribute data between data and parity servers, allowing flexibility for IT managers to design for security and uptime. Users can easily share encrypted data with business partners through a proxy key sharing protocol. The ecosystem includes apps like Blimp for cloud migration, Vult for personal cloud storage, and Chalk for NFT artists. Other apps include Bolt for secure wallet and staking, Atlus for blockchain explorer, and Chimney for network participation. The QoS protocol challenges providers based on response time, while the privacy protocol enables secure data sharing. Züs supports hybrid and multi-cloud architectures, allowing users to improve regulatory compliance and security requirements.

AI Exploits is a repository that showcases practical attacks against AI/Machine Learning infrastructure, aiming to raise awareness about vulnerabilities in the AI/ML ecosystem. It contains exploits and scanning templates for responsibly disclosed vulnerabilities affecting machine learning tools, including Metasploit modules, Nuclei templates, and CSRF templates. Users can use the provided Docker image to easily run the modules and templates. The repository also provides guidelines for using Metasploit modules, Nuclei templates, and CSRF templates to exploit vulnerabilities in machine learning tools.

NGCBot is a WeChat bot based on the HOOK mechanism, supporting scheduled push of security news from FreeBuf, Xianzhi, Anquanke, and Qianxin Attack and Defense Community, KFC copywriting, filing query, phone number attribution query, WHOIS information query, constellation query, weather query, fishing calendar, Weibei threat intelligence query, beautiful videos, beautiful pictures, and help menu. It supports point functions, automatic pulling of people, ad detection, automatic mass sending, Ai replies, rich customization, and easy for beginners to use. The project is open-source and periodically maintained, with additional features such as Ai (Gpt, Xinghuo, Qianfan), keyword invitation to groups, automatic mass sending, and group welcome messages.

This repository contains a vulnerability mining engine based on GPT technology. The engine is designed to identify logic vulnerabilities in code by utilizing task-driven prompts. It does not require prior knowledge or fine-tuning and focuses on prompt design rather than model design. The tool is effective in real-world projects and should not be used for academic vulnerability testing. It supports scanning projects in various languages, with current support for Solidity. The engine is configured through prompts and environment settings, enabling users to scan for vulnerabilities in their codebase. Future updates aim to optimize code structure, add more language support, and enhance usability through command line mode. The tool has received a significant audit bounty of $50,000+ as of May 2024.

LLM4Decompile is an open-source large language model dedicated to decompilation of Linux x86_64 binaries, supporting GCC's O0 to O3 optimization levels. It focuses on assessing re-executability of decompiled code through HumanEval-Decompile benchmark. The tool includes models with sizes ranging from 1.3 billion to 33 billion parameters, available on Hugging Face. Users can preprocess C code into binary and assembly instructions, then decompile assembly instructions into C using LLM4Decompile. Ongoing efforts aim to expand capabilities to support more architectures and configurations, integrate with decompilation tools like Ghidra and Rizin, and enhance performance with larger training datasets.

ReVA (Reverse Engineering Assistant) is a project aimed at building a disassembler agnostic AI assistant for reverse engineering tasks. It utilizes a tool-driven approach, providing small tools to the user to empower them in completing complex tasks. The assistant is designed to accept various inputs, guide the user in correcting mistakes, and provide additional context to encourage exploration. Users can ask questions, perform tasks like decompilation, class diagram generation, variable renaming, and more. ReVA supports different language models for online and local inference, with easy configuration options. The workflow involves opening the RE tool and program, then starting a chat session to interact with the assistant. Installation includes setting up the Python component, running the chat tool, and configuring the Ghidra extension for seamless integration. ReVA aims to enhance the reverse engineering process by breaking down actions into small parts, including the user's thoughts in the output, and providing support for monitoring and adjusting prompts.

AutoAudit is an open-source large language model specifically designed for the field of network security. It aims to provide powerful natural language processing capabilities for security auditing and network defense, including analyzing malicious code, detecting network attacks, and predicting security vulnerabilities. By coupling AutoAudit with ClamAV, a security scanning platform has been created for practical security audit applications. The tool is intended to assist security professionals with accurate and fast analysis and predictions to combat evolving network threats.

hCaptcha-Solver is an AI-based hcaptcha text challenge solver that utilizes the playwright module to generate the hsw N data. It can solve any text challenge without any problem, but may be flagged on some websites like Discord. The tool requires proxies since hCaptcha also rate limits. Users can run the 'hsw_api.py' before running anything and then integrate the usage shown in 'main.py' into their projects that require hCaptcha solving. Please note that this tool only works on sites that support hCaptcha text challenge.

PatchWork is an open-source framework designed for automating development tasks using large language models. It enables users to automate workflows such as PR reviews, bug fixing, security patching, and more through a self-hosted CLI agent and preferred LLMs. The framework consists of reusable atomic actions called Steps, customizable LLM prompts known as Prompt Templates, and LLM-assisted automations called Patchflows. Users can run Patchflows locally in their CLI/IDE or as part of CI/CD pipelines. PatchWork offers predefined patchflows like AutoFix, PRReview, GenerateREADME, DependencyUpgrade, and ResolveIssue, with the flexibility to create custom patchflows. Prompt templates are used to pass queries to LLMs and can be customized. Contributions to new patchflows, steps, and the core framework are encouraged, with chat assistants available to aid in the process. The roadmap includes expanding the patchflow library, introducing a debugger and validation module, supporting large-scale code embeddings, parallelization, fine-tuned models, and an open-source GUI. PatchWork is licensed under AGPL-3.0 terms, while custom patchflows and steps can be shared using the Apache-2.0 licensed patchwork template repository.

The 'reolink_aio' Python package is designed to integrate Reolink devices (NVR/cameras) into your application. It implements Reolink IP NVR and camera API, allowing users to subscribe to Reolink ONVIF SWN events for real-time event notifications via webhook. The package provides functionalities to obtain and cache NVR or camera settings, capabilities, and states, as well as enable features like infrared lights, spotlight, and siren. Users can also subscribe to events, renew timers, and disconnect from the host device.

CredSweeper is a tool designed to detect credentials like tokens, passwords, and API keys in directories or files. It helps users identify potential exposure of sensitive information by scanning lines, filtering, and utilizing an AI model. The tool reports lines containing possible credentials, their location, and the expected type of credential.

code2prompt is a command-line tool that converts your codebase into a single LLM prompt with a source tree, prompt templating, and token counting. It automates generating LLM prompts from codebases of any size, customizing prompt generation with Handlebars templates, respecting .gitignore, filtering and excluding files using glob patterns, displaying token count, including Git diff output, copying prompt to clipboard, saving prompt to an output file, excluding files and folders, adding line numbers to source code blocks, and more. It helps streamline the process of creating LLM prompts for code analysis, generation, and other tasks.

AIShield Watchtower is a tool designed to fortify the security of AI/ML models and Jupyter notebooks by automating model and notebook discoveries, conducting vulnerability scans, and categorizing risks into 'low,' 'medium,' 'high,' and 'critical' levels. It supports scanning of public GitHub repositories, Hugging Face repositories, AWS S3 buckets, and local systems. The tool generates comprehensive reports, offers a user-friendly interface, and aligns with industry standards like OWASP, MITRE, and CWE. It aims to address the security blind spots surrounding Jupyter notebooks and AI models, providing organizations with a tailored approach to enhancing their security efforts.

Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.

This is the official repository for the ACM CCS 2024 paper 'Do Anything Now': Characterizing and Evaluating In-The-Wild Jailbreak Prompts on Large Language Models. The project employs a new framework called JailbreakHub to conduct the first measurement study on jailbreak prompts in the wild, collecting 15,140 prompts from December 2022 to December 2023, including 1,405 jailbreak prompts. The dataset serves as the largest collection of in-the-wild jailbreak prompts. The repository contains examples of harmful language and is intended for research purposes only.

aioquic is a Python library for the QUIC network protocol, featuring a minimal TLS 1.3 implementation, a QUIC stack, and an HTTP/3 stack. It is designed to be embedded into Python client and server libraries supporting QUIC and HTTP/3, with IPv4 and IPv6 support, connection migration, NAT rebinding, logging TLS traffic secrets and QUIC events, server push, WebSocket bootstrapping, and datagram support. The library follows the 'bring your own I/O' pattern for QUIC and HTTP/3 APIs, making it testable and integrable with different concurrency models.

Safeguards Shield is a security and alignment toolkit designed to detect unwanted inputs and LLM outputs. It provides tools to optimize RAG pipelines for accuracy and ensure trustworthy AI needs are met. The SDK aims to make LLMs accurate and secure, unlocking value faster by unifying a set of tools.

Cloudflare Proxy EX is a tool that provides Cloudflare super proxy, OpenAI/ChatGPT proxy, Github acceleration, and online proxy services. It allows users to create a worker in Cloudflare website by copying the content from worker.js file, and add their domain name before any URL to use the tool. The tool is an improvement based on gaboolic's cloudflare-reverse-proxy, offering features like removing '/proxy/', handling redirection events, modifying headers, converting relative paths to absolute paths, and more. It aims to enhance proxy functionality and address issues faced by some websites. However, users are advised not to log in to any website through the online proxy due to potential security risks.

DeGPT is a tool designed to optimize decompiler output using Large Language Models (LLM). It requires manual installation of specific packages and setting up API key for OpenAI. The tool provides functionality to perform optimization on decompiler output by running specific scripts.

AirGuard is an anti-tracking protection app designed to protect Android users from being tracked by AirTags and other Find My devices. The app periodically scans the surroundings for potential tracking devices and notifies the user if being followed. Users can play a sound on AirTags, view tracked locations, and participate in a research study on privacy protection. AirGuard does not monetize through ads or in-app purchases and ensures all tracking detection and notifications happen locally on the user's device.

Agentic Security is an open-source vulnerability scanner designed for safety scanning, offering customizable rule sets and agent-based attacks. It provides comprehensive fuzzing for any LLMs, LLM API integration, and stress testing with a wide range of fuzzing and attack techniques. The tool is not a foolproof solution but aims to enhance security measures against potential threats. It offers installation via pip and supports quick start commands for easy setup. Users can utilize the tool for LLM integration, adding custom datasets, running CI checks, extending dataset collections, and dynamic datasets with mutations. The tool also includes a probe endpoint for integration testing. The roadmap includes expanding dataset variety, introducing new attack vectors, developing an attacker LLM, and integrating OWASP Top 10 classification.

XcodeLLMEligible is a project that provides ways to enjoy Xcode LLM on ChinaSKU Mac without disabling SIP. It offers methods for script execution and manual execution, allowing users to override eligibility service features. The project is for learning and research purposes only, and users are responsible for compliance with applicable laws. The author disclaims any responsibility for consequences arising from the use of the project.

Awesome LLM Security is a curated collection of tools, documents, and projects related to Large Language Model (LLM) security. It covers various aspects of LLM security including white-box, black-box, and backdoor attacks, defense mechanisms, platform security, and surveys. The repository provides resources for researchers and practitioners interested in understanding and safeguarding LLMs against adversarial attacks. It also includes a list of tools specifically designed for testing and enhancing LLM security.

HaE is a framework project in the field of network security (data security) that combines artificial intelligence (AI) large models to achieve highlighting and information extraction of HTTP messages (including WebSocket). It aims to reduce testing time, focus on valuable and meaningful messages, and improve vulnerability discovery efficiency. The project provides a clear and visual interface design, simple interface interaction, and centralized data panel for querying and extracting information. It also features built-in color upgrade algorithm, one-click export/import of data, and integration of AI large models API for optimized data processing.

CipherChat is a novel framework designed to examine the generalizability of safety alignment to non-natural languages, specifically ciphers. The framework utilizes human-unreadable ciphers to potentially bypass safety alignments in natural language models. It involves teaching a language model to comprehend ciphers, converting input into a cipher format, and employing a rule-based decrypter to convert model output back to natural language.

This is a development tutorial for eBPF based on CO-RE (Compile Once, Run Everywhere). It provides practical eBPF development practices from beginner to advanced, including basic concepts, code examples, and real-world applications. The tutorial focuses on eBPF examples in observability, networking, security, and more. It aims to help eBPF application developers quickly grasp eBPF development methods and techniques through examples in languages such as C, Go, and Rust. The tutorial is structured with independent eBPF tool examples in each directory, covering topics like kprobes, fentry, opensnoop, uprobe, sigsnoop, execsnoop, exitsnoop, runqlat, hardirqs, and more. The project is based on libbpf and frameworks like libbpf, Cilium, libbpf-rs, and eunomia-bpf for development.

LLM-PLSE-paper is a repository focused on the applications of Large Language Models (LLMs) in Programming Language and Software Engineering (PL/SE) domains. It covers a wide range of topics including bug detection, specification inference and verification, code generation, fuzzing and testing, code model and reasoning, code understanding, IDE technologies, prompting for reasoning tasks, and agent/tool usage and planning. The repository provides a comprehensive collection of research papers, benchmarks, empirical studies, and frameworks related to the capabilities of LLMs in various PL/SE tasks.

DAILA is a unified interface for AI systems in decompilers, supporting various decompilers and AI systems. It allows users to utilize local and remote LLMs, like ChatGPT and Claude, and local models such as VarBERT. DAILA can be used as a decompiler plugin with GUI or as a scripting library. It also provides a Docker container for offline installations and supports tasks like summarizing functions and renaming variables in decompilation.

Frigate Home Assistant Integration provides a rich media browser with thumbnails and navigation, sensor entities for camera FPS, detection FPS, process FPS, skipped FPS, and objects detected, binary sensor entities for object motion, camera entities for live view and object detected snapshot, switch entities for clips, detection, snapshots, and improve contrast, and support for multiple Frigate instances. It offers easy installation via HACS and manual installation options for advanced users. Users need to configure the `mqtt` integration for Frigate to work. Additionally, media browsing and a companion Lovelace card are available for enhanced user experience. Refer to the main Frigate documentation for detailed installation instructions and usage guidance.

Dioptra is a software test platform for assessing the trustworthy characteristics of artificial intelligence (AI). It supports the NIST AI Risk Management Framework by providing functionality to assess, analyze, and track identified AI risks. Dioptra provides a REST API and can be controlled via a web interface or Python client for designing, managing, executing, and tracking experiments. It aims to be reproducible, traceable, extensible, interoperable, modular, secure, interactive, shareable, and reusable.

Invariant Analyzer is an open-source scanner designed for LLM-based AI agents to find bugs, vulnerabilities, and security threats. It scans agent execution traces to identify issues like looping behavior, data leaks, prompt injections, and unsafe code execution. The tool offers a library of built-in checkers, an expressive policy language, data flow analysis, real-time monitoring, and extensible architecture for custom checkers. It helps developers debug AI agents, scan for security violations, and prevent security issues and data breaches during runtime. The analyzer leverages deep contextual understanding and a purpose-built rule matching engine for security policy enforcement.

PentestGPT provides advanced AI and integrated tools to help security teams conduct comprehensive penetration tests effortlessly. Scan, exploit, and analyze web applications, networks, and cloud environments with ease and precision, without needing expert skills. The tool utilizes Supabase for data storage and management, and Vercel for hosting the frontend. It offers a local quickstart guide for running the tool locally and a hosted quickstart guide for deploying it in the cloud. PentestGPT aims to simplify the penetration testing process for security professionals and enthusiasts alike.

AI-Security-and-Privacy-Events is a curated list of academic events focusing on AI security and privacy. It includes seminars, conferences, workshops, tutorials, special sessions, and covers various topics such as NLP & LLM Security, Privacy and Security in ML, Machine Learning Security, AI System with Confidential Computing, Adversarial Machine Learning, and more.

Botright is a tool designed for browser automation that focuses on stealth and captcha solving. It uses a real Chromium-based browser for enhanced stealth and offers features like browser fingerprinting and AI-powered captcha solving. The tool is suitable for developers looking to automate browser tasks while maintaining anonymity and bypassing captchas. Botright is available in async mode and can be easily integrated with existing Playwright code. It provides solutions for various captchas such as hCaptcha, reCaptcha, and GeeTest, with high success rates. Additionally, Botright offers browser stealth techniques and supports different browser functionalities for seamless automation.

SecReport is a platform for collaborative information security penetration testing report writing and exporting, powered by ChatGPT. It standardizes penetration testing processes, allows multiple users to edit reports, offers custom export templates, generates vulnerability summaries and fix suggestions using ChatGPT, and provides APP security compliance testing reports. The tool aims to streamline the process of creating and managing security reports for penetration testing and compliance purposes.

Workshops is a repository containing workshop subjects and materials for developers. It covers a wide range of topics including AI, AR/VR, hardware, security, software, and peer-to-peer technologies. The repository is designed to provide developers with resources and materials to enhance their skills and knowledge in various technology domains.

Awesome LLM for APR is a repository dedicated to exploring the capabilities of Large Language Models (LLMs) in Automated Program Repair (APR). It provides a comprehensive collection of research papers, tools, and resources related to using LLMs for various scenarios such as repairing semantic bugs, security vulnerabilities, syntax errors, programming problems, static warnings, self-debugging, type errors, web UI tests, smart contracts, hardware bugs, performance bugs, API misuses, crash bugs, test case repairs, formal proofs, GitHub issues, code reviews, motion planners, human studies, and patch correctness assessments. The repository serves as a valuable reference for researchers and practitioners interested in leveraging LLMs for automated program repair.

This is a vulnerability mining engine purely based on GPT, requiring no prior knowledge base, no fine-tuning, yet its effectiveness can overwhelmingly surpass most of the current related research. The core idea revolves around being task-driven, not question-driven, driven by prompts, not by code, and focused on prompt design, not model design. The essence is encapsulated in one word: deception. It is a type of code understanding logic vulnerability mining that fully stimulates the capabilities of GPT, suitable for real actual projects.

The AV-Deepfake1M repository is the official repository for the paper AV-Deepfake1M: A Large-Scale LLM-Driven Audio-Visual Deepfake Dataset. It addresses the challenge of detecting and localizing deepfake audio-visual content by proposing a dataset containing video manipulations, audio manipulations, and audio-visual manipulations for over 2K subjects resulting in more than 1M videos. The dataset is crucial for developing next-generation deepfake localization methods.

GhidrOllama is a script that interacts with Ollama's API to perform various reverse engineering tasks within Ghidra. It supports both local and remote instances of Ollama, providing functionalities like explaining functions, suggesting names, rewriting functions, finding bugs, and automating analysis of specific functions in binaries. Users can ask questions about functions, find vulnerabilities, and receive explanations of assembly instructions. The script bridges the gap between Ghidra and Ollama models, enhancing reverse engineering capabilities.

BitBom Minefield is a tool that uses roaring bit maps to graph Software Bill of Materials (SBOMs) with a focus on speed, air-gapped operation, scalability, and customizability. It is optimized for rapid data processing, operates securely in isolated environments, supports millions of nodes effortlessly, and allows users to extend the project without relying on upstream changes. The tool enables users to manage and explore software dependencies within isolated environments by offline processing and analyzing SBOMs.

Nesa is a tool that allows users to run on-prem AI for a fraction of the cost through a blind API. It provides blind privacy, zero latency on protected inference, wide model coverage, cost savings compared to cloud and on-prem AI, RAG support, and ChatGPT compatibility. Nesa achieves blind AI through Equivariant Encryption (EE), a new security technology that provides complete inference encryption with no additional latency. EE allows users to perform inference on neural networks without exposing the underlying data, preserving data privacy and security.

aiohttp-remotes is a library containing a set of useful tools for aiohttp.web server. It includes functionalities such as restricting incoming connections to allowed hosts only, protecting web applications with basic auth authorization, ensuring web applications are protected by CloudFlare, processing HTTP headers for secure and relaxed modes, handling HTTPS only, and redirecting plain HTTP to HTTPS automatically. The library provides tools for managing various aspects of web server security and configuration.

Quark Engine is an AI-powered tool designed for analyzing Android APK files. It focuses on enhancing the detection process for auto-suggestion, enabling users to create detection workflows without coding. The tool offers an intuitive drag-and-drop interface for workflow adjustments and updates. Quark Agent, the core component, generates Quark Script code based on natural language input and feedback. The project is committed to providing a user-friendly experience for designing detection workflows through textual and visual methods. Various features are still under development and will be rolled out gradually.

SinkFinder + LLM is a closed-source semi-automatic vulnerability discovery tool that performs static code analysis on jar/war/zip files. It enhances the capability of LLM large models to verify path reachability and assess the trustworthiness score of the path based on the contextual code environment. Users can customize class and jar exclusions, depth of recursive search, and other parameters through command-line arguments. The tool generates rule.json configuration file after each run and requires configuration of the DASHSCOPE_API_KEY for LLM capabilities. The tool provides detailed logs on high-risk paths, LLM results, and other findings. Rules.json file contains sink rules for various vulnerability types with severity levels and corresponding sink methods.

Garak is a vulnerability scanner designed for LLMs (Large Language Models) that checks for various weaknesses such as hallucination, data leakage, prompt injection, misinformation, toxicity generation, and jailbreaks. It combines static, dynamic, and adaptive probes to explore vulnerabilities in LLMs. Garak is a free tool developed for red-teaming and assessment purposes, focusing on making LLMs or dialog systems fail. It supports various LLM models and can be used to assess their security and robustness.

Enhance your Terraform and OpenTofu configurations with intelligent analysis powered by local LLMs. Kuzco reviews your resources, compares them to the provider schema, detects unused parameters, and suggests improvements for a more secure, reliable, and optimized setup. It saves time by avoiding the need to dig through the Terraform registry and decipher unclear options.

Burpference is an open-source extension designed to capture in-scope HTTP requests and responses from Burp's proxy history and send them to a remote LLM API in JSON format. It automates response capture, integrates with APIs, optimizes resource usage, provides color-coded findings visualization, offers comprehensive logging, supports native Burp reporting, and allows flexible configuration. Users can customize system prompts, API keys, and remote hosts, and host models locally to prevent high inference costs. The tool is ideal for offensive web application engagements to surface findings and vulnerabilities.

LLAMATOR is a Red Teaming python-framework designed for testing chatbots and LLM-systems. It provides support for custom attacks, a wide range of attacks on RAG/Agent/Prompt in English and Russian, custom configuration of chat clients, history of attack requests and responses in Excel and CSV format, and test report document generation in DOCX format. The tool is classified under OWASP for Prompt Injection, Prompt Leakage, and Misinformation. It is supported by AI Security Lab ITMO, Raft Security, and AI Talent Hub.

SinkFinder is a tool designed to analyze jar and zip files for security vulnerabilities. It allows users to define rules for white and blacklisting specific classes and methods that may pose a risk. The tool provides a list of common security sink names along with severity levels and associated vulnerable methods. Users can use SinkFinder to quickly identify potential security issues in their Java applications by scanning for known sink patterns and configurations.

Open Computer Use is a secure cloud Linux computer powered by E2B Desktop Sandbox and controlled by open-source LLMs. It allows users to operate the computer via keyboard, mouse, and shell commands, live stream the display of the sandbox on the client computer, and pause or prompt the agent at any time. The tool is designed to work with any operating system and supports integration with various LLMs and providers following the OpenAI API specification.

The NVIDIA AI Blueprint for Vulnerability Analysis for Container Security showcases accelerated analysis on common vulnerabilities and exposures (CVE) at an enterprise scale, reducing mitigation time from days to seconds. It enables security analysts to determine software package vulnerabilities using large language models (LLMs) and retrieval-augmented generation (RAG). The blueprint is designed for security analysts, IT engineers, and AI practitioners in cybersecurity. It requires NVAIE developer license and API keys for vulnerability databases, search engines, and LLM model services. Hardware requirements include L40 GPU for pipeline operation and optional LLM NIM and Embedding NIM. The workflow involves LLM pipeline for CVE impact analysis, utilizing LLM planner, agent, and summarization nodes. The blueprint uses NVIDIA NIM microservices and Morpheus Cybersecurity AI SDK for vulnerability analysis.

promptmap2 is a vulnerability scanning tool that automatically tests prompt injection attacks on custom LLM applications. It analyzes LLM system prompts, runs them, and sends attack prompts to determine if injection was successful. It has ready-to-use rules to steal system prompts or distract LLM applications. Supports multiple LLM providers like OpenAI, Anthropic, and open source models via Ollama. Customizable test rules in YAML format and automatic model download for Ollama.

CodeGate is a local gateway that enhances the safety of AI coding assistants by ensuring AI-generated recommendations adhere to best practices, safeguarding code integrity, and protecting individual privacy. Developed by Stacklok, CodeGate allows users to confidently leverage AI in their development workflow without compromising security or productivity. It works seamlessly with coding assistants, providing real-time security analysis of AI suggestions. CodeGate is designed with privacy at its core, keeping all data on the user's machine and offering complete control over data.

FiniteMonkey is an advanced vulnerability mining engine powered purely by GPT, requiring no prior knowledge base or fine-tuning. Its effectiveness significantly surpasses most current related research approaches. The tool is task-driven, prompt-driven, and focuses on prompt design, leveraging 'deception' and hallucination as key mechanics. It has helped identify vulnerabilities worth over $60,000 in bounties. The tool requires PostgreSQL database, OpenAI API access, and Python environment for setup. It supports various languages like Solidity, Rust, Python, Move, Cairo, Tact, Func, Java, and Fake Solidity for scanning. FiniteMonkey is best suited for logic vulnerability mining in real projects, not recommended for academic vulnerability testing. GPT-4-turbo is recommended for optimal results with an average scan time of 2-3 hours for medium projects. The tool provides detailed scanning results guide and implementation tips for users.

RevEng.AI IDA Pro Plugin is a tool that integrates with the RevEng.AI platform to provide various features such as uploading binaries for analysis, downloading analysis logs, renaming function names, generating AI summaries, synchronizing functions between local analysis and the platform, and configuring plugin settings. Users can upload files for analysis, synchronize function names, rename functions, generate block summaries, and explain function behavior using this plugin. The tool requires IDA Pro v8.0 or later with Python 3.9 and higher. It relies on the 'reait' package for functionality.

The RevEng.AI Ghidra Plugin by RevEng.ai allows users to interact with their API within Ghidra for Binary Code Similarity analysis to aid in Reverse Engineering stripped binaries. Users can upload binaries, rename functions above a confidence threshold, and view similar functions for a selected function.

This repository provides a collection of tools and techniques for defending against injection attacks in software applications. It includes code samples, best practices, and guidelines for implementing secure coding practices to prevent common injection vulnerabilities such as SQL injection, XSS, and command injection. The tools and resources in this repository aim to help developers build more secure and resilient applications by addressing one of the most common and critical security threats in modern software development.

VULNRΞPO is a vulnerability report generator and repository tool that prioritizes security by using browser-based encryption and storing data locally. It offers features such as custom templates for pentesters, importing issues from various security scanners, multiple report formats (TXT, HTML, DOCX, PDF), attachment support with checksum verification, changelog tracking, issue export to bugtrackers, AES encryption for report sharing, API integration for backend storage, report template customization, audit tool for research completeness, and local LLM model usage. The tool is designed for efficient vulnerability management and secure report generation.

The Agentic Radar is a security scanner designed to analyze and assess agentic systems for security and operational insights. It helps users understand how agentic systems function, identify potential vulnerabilities, and create security reports. The tool includes workflow visualization, tool identification, and vulnerability mapping, providing a comprehensive HTML report for easy reviewing and sharing. It simplifies the process of assessing complex workflows and multiple tools used in agentic systems, offering a structured view of potential risks and security frameworks.

Gitleaks is a tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and whatever else you wanna throw at it via stdin. It can be installed using Homebrew, Docker, or Go, and is available in binary form for many popular platforms and OS types. Gitleaks can be implemented as a pre-commit hook directly in your repo or as a GitHub action. It offers scanning modes for git repositories, directories, and stdin, and allows creating baselines for ignoring old findings. Gitleaks also provides configuration options for custom secret detection rules and supports features like decoding encoded text and generating reports in various formats.

LLM-Navigation is a repository dedicated to documenting learning records related to large models, including basic knowledge, prompt engineering, building effective agents, model expansion capabilities, security measures against prompt injection, and applications in various fields such as AI agent control, browser automation, financial analysis, 3D modeling, and tool navigation using MCP servers. The repository aims to organize and collect information for personal learning and self-improvement through AI exploration.

The Caddy Defender plugin is a middleware for Caddy that allows you to block or manipulate requests based on the client's IP address. It provides features such as IP range filtering, predefined IP ranges for popular AI services, custom IP ranges configuration, and multiple responder backends for different actions like blocking, custom responses, dropping connections, returning garbage data, redirecting, and tarpitting to stall bots. The plugin can be easily installed using Docker or built with `xcaddy`. Configuration is done through the Caddyfile syntax with various options for responders, IP ranges, custom messages, and URLs.

PrivHunterAI is a tool that detects authorization vulnerabilities using mainstream AI engines such as Kimi, DeepSeek, and GPT through passive proxying. The core detection function relies on open APIs of related AI engines and supports data transmission and interaction over HTTPS protocol. It continuously improves by adding features like scan failure retry mechanism, response Content-Type whitelist, limiting AI request size, URL analysis, frontend result display, additional headers for requests, cost optimization by filtering authorization keywords before calling AI, and terminal output of request package records.

PentAGI is an innovative tool for automated security testing that leverages cutting-edge artificial intelligence technologies. It is designed for information security professionals, researchers, and enthusiasts who need a powerful and flexible solution for conducting penetration tests. The tool provides secure and isolated operations in a sandboxed Docker environment, fully autonomous AI-powered agent for penetration testing steps, a suite of 20+ professional security tools, smart memory system for storing research results, web intelligence for gathering information, integration with external search systems, team delegation system, comprehensive monitoring and reporting, modern interface, API integration, persistent storage, scalable architecture, self-hosted solution, flexible authentication, and quick deployment through Docker Compose.

LLAMATOR is a Red Teaming Python framework designed for testing chatbots and LLM systems. It provides support for custom attacks, a wide range of attack options in English and Russian, custom configuration of chat clients, history tracking of attack requests and responses in Excel and CSV formats, and test report generation in DOCX format. The tool is classified under OWASP as addressing prompt injection, system prompt leakage, and misinformation. It is supported by the AI Security Lab ITMO, Raft Security, and AI Talent Hub, and is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International license.

AI-Assisted DevOps is a 10-day course focusing on integrating artificial intelligence (AI) technologies into DevOps practices. The course covers various topics such as AI for observability, incident response, CI/CD pipeline optimization, security, and FinOps. Participants will learn about running large language models (LLMs) locally, making API calls, AI-powered shell scripting, and using AI agents for self-healing infrastructure. Hands-on activities include creating GitHub repositories with bash scripts, generating Docker manifests, predicting server failures using AI, and building AI agents to monitor deployments. The course culminates in a capstone project where learners implement AI-assisted DevOps automation and receive peer feedback on their projects.

hCaptcha Challenger is a tool designed to gracefully face hCaptcha challenges using a multimodal large language model. It does not rely on Tampermonkey scripts or third-party anti-captcha services, instead implementing interfaces for 'AI vs AI' scenarios. The tool supports various challenge types such as image labeling, drag and drop, and advanced tasks like self-supervised challenges and Agentic Workflow. Users can access documentation in multiple languages and leverage resources for tasks like model training, dataset annotation, and model upgrading. The tool aims to enhance user experience in handling hCaptcha challenges with innovative AI capabilities.

Microsoft Security Copilot is a generative AI-powered assistant for daily operations in security and IT that empowers teams to protect at the speed and scale of AI. It provides a platform for contributors to enhance and expand the capabilities of the tool through collaborative development. Users can contribute by forking the repository, making changes locally, and submitting pull requests to merge their contributions back into the main repository. The tool is designed to streamline security and IT tasks, automate processes, and enable teams to work more efficiently in managing security operations.

Semgrep MCP Server is a beta server under active development for using Semgrep to scan code for security vulnerabilities. It provides a Model Context Protocol (MCP) for various coding tools to get specialized help in tasks. Users can connect to Semgrep AppSec Platform, scan code for vulnerabilities, customize Semgrep rules, analyze and filter scan results, and compare results. The tool is published on PyPI as semgrep-mcp and can be installed using pip, pipx, uv, poetry, or other methods. It supports CLI and Docker environments for running the server. Integration with VS Code is also available for quick installation. The project welcomes contributions and is inspired by core technologies like Semgrep and MCP, as well as related community projects and tools.

CyberSentinel AI is a powerful automated security monitoring and AI analysis system designed to help security researchers and enthusiasts track the latest security vulnerabilities (CVE) and security-related repositories on GitHub in real-time. It utilizes artificial intelligence technology for in-depth analysis and automatically publishes valuable security intelligence to a blogging platform. The system features multiple data sources monitoring, intelligent AI analysis using OpenAI and Gemini engines, fully automated workflow with 24/7 monitoring, daily briefings, and dynamic blacklists, flexible configuration and management with support for multiple tokens, configurable parameters, and detailed logging, and automatic blog publishing with integrated blogging platform and Markdown reports.

A sophisticated multi-agent configuration system for Claude Code that provides specialized agents and command templates to accelerate code review, refactoring, security audits, tech-lead-guidance, and UX evaluations. It offers essential commands, directory structure details, agent system overview, command templates, usage patterns, collaboration philosophy, sync management, advanced usage guidelines, and FAQ. The tool aims to streamline development workflows, enhance code quality, and facilitate collaboration between developers and AI agents.

Private ML SDK is a secure solution for running Large Language Models (LLMs) in Trusted Execution Environments (TEEs) using NVIDIA GPU TEE and Intel TDX technologies. It provides a tamper-proof data processing environment with secure execution, open-source builds, and nearly native speed performance. The system includes components like Secure Compute Environment, Remote Attestation, Secure Communication, and Key Management Service (KMS). Users can build TDX guest images, run Local KMS, and TDX guest images on TDX host machines with Nvidia GPUs. The SDK offers verifiable execution results and high performance for LLM workloads.

Hound is a security audit automation pipeline for AI-assisted code review that mirrors how expert auditors think, learn, and collaborate. It features graph-driven analysis, sessionized audits, provider-agnostic models, belief system and hypotheses, precise code grounding, and adaptive planning. The system employs a senior/junior auditor pattern where the Scout actively navigates the codebase and annotates knowledge graphs while the Strategist handles high-level planning and vulnerability analysis. Hound is optimized for small-to-medium sized projects like smart contract applications and is language-agnostic.

JADX-MCP-SERVER is a standalone Python server that interacts with JADX-AI-MCP Plugin to analyze Android APKs using LLMs like Claude. It enables live communication with decompiled Android app context, uncovering vulnerabilities, parsing manifests, and facilitating reverse engineering effortlessly. The tool combines JADX-AI-MCP and JADX MCP SERVER to provide real-time reverse engineering support with LLMs, offering features like quick analysis, vulnerability detection, AI code modification, static analysis, and reverse engineering helpers. It supports various MCP tools for fetching class information, text, methods, fields, smali code, AndroidManifest.xml content, strings.xml file, resource files, and more. Tested on Claude Desktop, it aims to support other LLMs in the future, enhancing Android reverse engineering and APK modification tools connectivity for easier reverse engineering purely from vibes.

Cursor Free VIP is an automation tool that registers accounts with custom emails, supports Google and GitHub account registrations, temporary GitHub account registration, kills all Cursor's running processes, resets and wipes Cursor data and hardware info. It supports Windows, macOS, and Linux systems. For optimal performance, run with privileges and always stay up to date. Always clean your browser's cache and cookies. The tool is designed for learning and research purposes, and users should comply with relevant software usage terms. It offers multi-language support and various features like Google OAuth Authentication, GitHub OAuth Authentication, automatic Cursor membership registration, system support for Windows, macOS, and Linux, and more.

Clearcam is a tool that allows users to turn their RTSP enabled camera or old iPhone into a state-of-the-art AI security camera. Users can install and run NVR + inference with homebrew or in Python from source. The tool also provides an iOS app for remote viewing of live camera feeds, receiving notifications on events, viewing event clips, and ensuring end-to-end encryption on all data. Users can sign up for Clearcam Premium to access additional features and functionalities.

Logto is a modern, open-source authentication infrastructure designed for SaaS and AI applications. It simplifies OIDC and OAuth 2.1 implementation, enabling secure, production-ready authentication with features like multi-tenancy, enterprise SSO, and RBAC. Logto offers pre-built sign-in flows, customizable UIs, and SDKs for various frameworks, supporting protocols like OIDC, OAuth 2.1, and SAML. It is suitable for teams scaling SaaS, AI, and agent-based platforms without authentication complexities.

ScaBench is a comprehensive framework designed for evaluating security analysis tools and AI agents on real-world smart contract vulnerabilities. It provides curated datasets from recent audits and official tooling for consistent evaluation. The tool includes features such as curated datasets from Code4rena, Cantina, and Sherlock audits, a baseline runner for security analysis, a scoring tool for evaluating findings, a report generator for HTML reports with visualizations, and pipeline automation for complete workflow execution. Users can access curated datasets, generate new datasets, download project source code, run security analysis using LLMs, and evaluate tool findings against benchmarks using LLM matching. The tool enforces strict matching policies to ensure accurate evaluation results.

Awesome-AI-Security is a curated list of resources for AI security, including tools, research papers, articles, and tutorials. It aims to provide a comprehensive overview of the latest developments in securing AI systems and preventing vulnerabilities. The repository covers topics such as adversarial attacks, privacy protection, model robustness, and secure deployment of AI applications. Whether you are a researcher, developer, or security professional, this collection of resources will help you stay informed and up-to-date in the rapidly evolving field of AI security.

Textcoder is a proof-of-concept tool for steganographically encoding secret messages into ordinary text using arithmetic coding based on a statistical model derived from an LLM. It encrypts the secret message to produce a pseudorandom bit stream, which is then decompressed to generate text that appears randomly sampled from the LLM while encoding the secret message in specific token choices.

MCP-Scan is a security scanning tool designed to detect common security vulnerabilities in Model Context Protocol (MCP) servers. It can auto-discover various MCP configurations, scan both local and remote servers for security issues like prompt injection attacks, tool poisoning attacks, and toxic flows. The tool operates in two main modes - 'scan' for static scanning of installed servers and 'proxy' for real-time monitoring and guardrailing of MCP connections. It offers features like scanning for specific attacks, enforcing guardrailing policies, auditing MCP traffic, and detecting changes to MCP tools. MCP-Scan does not store or log usage data and can be used to enhance the security of MCP environments.

Octelium is a free and open source, self-hosted, unified zero trust secure access platform that operates as a modern zero-config remote access VPN, a comprehensive Zero Trust Network Access (ZTNA)/BeyondCorp platform, an ngrok/Cloudflare Tunnel alternative, an API gateway, an AI/LLM gateway, a PaaS-like platform, a Kubernetes gateway/ingress, and a homelab infrastructure. It provides scalable zero trust architecture for identity-based, application-layer aware secure access via private client-based access over WireGuard/QUIC tunnels and public clientless access, with context-aware access control. Octelium offers dynamic secretless access, fine-grained access control, identity-based routing, continuous strong authentication, OpenTelemetry-native auditing, passwordless SSH, effortless deployment of containerized applications, centralized management, and more. It is open source, designed for self-hosting, and provides a commercial license option for businesses.

AirScript is a domain-specific language for expressing AIR constraints for STARKs, with the goal of enabling writing and auditing constraints without the need to learn a specific programming language. It also aims to perform automated optimizations and output constraint evaluator code in multiple target languages. The project is organized into several crates including Parser, MIR, AIR, Winterfell code generator, ACE code generator, and AirScript CLI for transpiling AIRs to target languages.

httpjail is a cross-platform tool designed for monitoring and restricting HTTP/HTTPS requests from processes using network isolation and transparent proxy interception. It provides process-level network isolation, HTTP/HTTPS interception with TLS certificate injection, script-based and JavaScript evaluation for custom request logic, request logging, default deny behavior, and zero-configuration setup. The tool operates on Linux and macOS, creating an isolated network environment for target processes and intercepting all HTTP/HTTPS traffic through a transparent proxy enforcing user-defined rules.

MCPSpy is a command-line tool leveraging eBPF technology to monitor Model Context Protocol (MCP) communication at the kernel level. It provides real-time visibility into JSON-RPC 2.0 messages exchanged between MCP clients and servers, supporting Stdio and HTTP transports. MCPSpy offers security analysis, debugging, performance monitoring, compliance assurance, and learning opportunities for understanding MCP communications. The tool consists of eBPF programs, an eBPF loader, an HTTP session manager, an MCP protocol parser, and output handlers for console display and JSONL output.

RAG/LLM Security Scanner is a professional security testing tool designed for Retrieval-Augmented Generation (RAG) systems and LLM applications. It identifies critical vulnerabilities in AI-powered applications such as chatbots, virtual assistants, and knowledge retrieval systems. The tool offers features like prompt injection detection, data leakage assessment, function abuse testing, context manipulation identification, professional reporting with JSON/HTML formats, and easy integration with OpenAI, HuggingFace, and custom RAG systems.

Production-ready slash commands for Claude Code that accelerate development through intelligent automation and multi-agent orchestration. Contains 52 commands organized into workflows and tools categories. Workflows orchestrate complex tasks with multiple agents, while tools provide focused functionality for specific development tasks. Commands can be used with prefixes for organization or flattened for convenience. Best practices include using workflows for complex tasks and tools for specific scopes, chaining commands strategically, and providing detailed context for effective usage.

Facemash is a powerful Python tool designed for ethical hacking and cybersecurity research purposes. It combines brute force techniques with AI-driven strategies to crack Facebook accounts with precision. The tool offers advanced password strategies, multiple brute force methods, and real-time logs for total control. Facemash is not open-source and is intended for responsible use only.

This repository contains a Binary Ninja plugin, MCP server, and bridge that enables seamless integration of Binary Ninja's capabilities with your favorite LLM client. It provides real-time integration, AI assistance for reverse engineering, multi-binary support, and various MCP tools for tasks like decompiling functions, getting IL code, managing comments, renaming variables, and more.

Quimera is an exploit-generator tool that utilizes large language models (LLMs) to uncover smart contract exploits in Foundry. It follows steps such as obtaining the smart contract's source code, creating a prompt for the exploit goal, generating or enhancing a Foundry test case, running the test, and analyzing the transaction trace for profitability. The tool is currently in an experimental prototype stage, focusing on optimizing settings, prompt creation, and exploring its capabilities. It has successfully rediscovered known exploits like APEMAGA, VISOR, FIRE, XAI, and Thunder-Loan using Gemini Pro 2.5 06-05.

Ramparts is a fast, lightweight security scanner designed for the Model Context Protocol (MCP) ecosystem. It scans MCP servers to identify vulnerabilities and provides security features such as discovering capabilities, multi-transport support, session management, static analysis, cross-origin analysis, LLM-powered analysis, and risk assessment. The tool is suitable for developers, MCP users, and MCP developers to ensure the security of their connections. It can be used for security audits, development testing, CI/CD integration, and compliance with security requirements for AI agent deployments.

Guardrails is a security tool designed to help developers identify and fix security vulnerabilities in their code. It provides automated scanning and analysis of code repositories to detect potential security issues, such as sensitive data exposure, injection attacks, and insecure configurations. By integrating Guardrails into the development workflow, teams can proactively address security concerns and reduce the risk of security breaches. The tool offers detailed reports and actionable recommendations to guide developers in remediation efforts, ultimately improving the overall security posture of the codebase. Guardrails supports multiple programming languages and frameworks, making it versatile and adaptable to different development environments. With its user-friendly interface and seamless integration with popular version control systems, Guardrails empowers developers to prioritize security without compromising productivity.

A deep state agent with an understanding of intelligence operations.

Advisor for safe LLM integration using OWASP guidelines

A training tool for infosec professionals to improve their skills in GRC & security and help obtain related certifications.

Engagingly clarifies web security topics with interactive questions.

A virtual SOC analyst aiding in incident response.

Binary tools & Z3 CLI

Configuration wizard for Mr. Ranedeer

Your personal security tool

Asistente de código y pentesting

Assists in writing detailed security reports.

Expert AI with Incident Response & Digital Forensics

This plugin assists reverse-engineering binary programs, including decompiling.

Active Directory 2019 Specialist

Pivots to UUIDs, generates one.

Creates Application Security Test cases in YAML

AI-powered audit ally. Enhance cybersecurity effortlessly with intelligent, automated security analysis. Safe, swift, and smart.

Digital Security Expert on Security Policy and Governance

Analyzes emails for phishing risks.

Adversarial AI expert aiding in AI red teaming, informed by cutting-edge industry research (early dev)

A gamified, educational GPT on digital security.

Explains security concepts simply to juniors

Based off of reddit thread r/scambait. Spam Jester is a role playing bot that engages with spam/scam messages to waste scammer's time with funny replys. Upload a spam message to generate a funny reply!

GPT security specialist with tailored test scenarios.

Objective conflict reports

Open Source Prompt: https://github.com/mleoca/Bash-Scripting-GPT

Expert in BloodHound CE, Cypher, SharpHound, and related tech

Expert on LLM security risks, providing detailed, accurate advice.

To assist individuals seeking to learn about or work with Microsoft's Defender for Endpoint. I provide detailed explanations, step-by-step guides, troubleshooting advice, cybersecurity best practices, and demonstrations, all specifically tailored to Microsoft Defender for Endpoint.

AI tool for network scanning and IP routing insights.

A helpful guide for understanding the paper "Anatomy of an AI-powered malicious social botnet"

Cyber incident response assistant for triage and guided support.

Acts like a Linux terminal, responding with precise outputs.

The KQL Query Helper GPT is tailored specifically for assisting users with Kusto Query Language (KQL) queries. It leverages extensive knowledge from Azure Data Explorer documentation to aid users in understanding, reviewing, and creating new KQL queries based on their prompts.

Comprehensive threat modeling

GPT used to classify prompts as valid inputs or injection attempts. Json output.

Specializes in AI-evasive and human-evasive pattern design.

Your ally in navigating the CVE deluge. Expert insights for prioritizing and remediating vulnerabilities.

Spam expert with comprehensive scam detection and education.

Supportive AI for Intelligence Analysis

Analyzes email headers for security insights, presenting data in a structured table view.

Identifies API keys in text and provides service details and usage instructions.

Expert in ethical hacking, leveraging https://pentestbook.six2dez.com/ and https://book.hacktricks.xyz resources for CTFs and challenges.

Creates secure, varied passwords and offers security tips.

Hone your phishing detection skills! Analyze emails, texts, and calls to spot deception. Become a security pro!

Use me to PROTECT ⚠️ your Custom Instructions ! Type Spell 👉 "Protect Me"

Generate and explain regex patterns from your description, it support English and Chinese.

Web Vulnerability Academy (WVA) is an interactive tutor designed to introduce users to web vulnerabilities while also providing them with opportunities to assess and enhance their knowledge through testing.

I create ultra-secure, random passwords and offer concise security tips.

Generates TTX scenarios

Bypass Internet censorship & improve your security online

Red Team Recipe and Guide for Fun & Profit.

A specialist in crafting and explaining regex patterns.

Expert in crafting and explaining grep commands.

FREE tool to compare best spy apps for Android. Get answers to your questions and explore features, pricing, pros and cons of each spy app.

R&D security expert

I'm PhishCatcher, an expert in identifying phishing attempts.

Spring Security expert using a 2023 knowledge base

Provides threat-related info as BLUF (Bottom Line Up Front)

Helps you build logic security into your GPTs custom instructions. Documentation: https://github.com/infotrix/SSLLMs---Semantic-Secuirty-for-LLM-GPTs

Generates UUIDs, ULIDs, and NanoIDs on request

Guidance on offensive security and pentesting.

Updates on CVEs from GitHub repo in table format.

A cute sheep expert in risk analysis, providing downloadable checklists.

Generates GUIDs with technical precision

Global Conflict Analyst that will provide a 'wartime update' on the worst global conflict atm.

Linux/Unix expert with a focus on detailed security aspects.

James Bond inspired code cracking game. Copyright (C) 2023, Sourceduty - All Rights Reserved.

Monitoring tools expert with brief responses and guiding hints.

Assists in vendor risk evaluation for security, legal, and privacy.

Ensures software security through comprehensive testing techniques.

Advises on managing technology risks to safeguard organization.

Your AI-powered sentinel for code! Scans for vulnerabilities, offers security tips, and educates on best practices in cybersecurity. 🔍🔐

Generates realistic worst-case scenarios in a thoughtful, detailed manner.

Specialized LLM in computer security, acting as a CISO with 20 years of experience, providing precise, data-driven technical responses to enhance organizational security.

Guide to ethical hacking, specializing in NMAP | For Educational Purposes Only | CSV Upload Suggested |

プレイブック作成botです。例：GuardDutyの検出結果タイプを入力することで、自動的にプレイブックを作成します。

A voiceprint recognition trainer for security experts and artists.

Safeguarding secrets with respectful, vigilant responses

An expert on Zero-Knowledge Proofs, explaining concepts through stories and examples.

A playful game master for a password guessing game, maintaining secrecy and engagement.

Guide on AI implementation for secure data, with a focus on best practices and tools.

A helpful guide for identifying unknown callers and missed calls.

Proxy guide and setup

Expert in host monitoring setup, providing seamless network monitoring solutions.

Expert in analyzing vulnerabilities with ransomware focus with intelligence powered by Phoenix Security

Security-focused GPT offering advice on personal and online safety.

A cybersecurity expert aiding in penetration testing. Check repo: https://github.com/GreyDGL/PentestGPT

Analyzes rare events with enhanced predictive capabilities.

CSIRT que lidera un equipo especializado en detectar y responder a incidentes de seguridad, maneja la contención y recuperación, organiza entrenamientos y simulacros, elabora reportes para optimizar estrategias de seguridad y coordina con entidades legales cuando es necesario

Assistant for pentesting apis

🏭 Professional IP analysis and identification

Archive of content shared in Randy Lariar's weekly "Thinks and Links" newsletter about AI, Risk, and Security.

Java Security Expert offering advice on best practices and resolving security issues.

A cryptic, enigmatic GPT guarding a secret key

Generates a UUID in a text code block for any request.

BashEmulator GPT: A Virtualized Bash Environment for Linux Command Line Interaction. It virtualized all network interfaces and local network

Cybersecurity simulation

Aid in decrypting text with guidance and security awareness.

根据域名或ip，返回机房所在地地址与ip信息，结果发送到我的信箱，请同时提供邮箱地址和网络地址

CEH course instructor and test simulator.

Delivers AST analysis with type, value, and children.

Demo bot for Papsum Security Layer for GPT

Translates network issues into Wireshark filter syntax.

Strict and focused C/C++ expert, intolerant of distractions

يقدم نصائح للكشف عن الاحتيال

I'm designed to help You analyze any logs like Linux system logs, Windows logs, any security logs, access logs, error logs, etc. Please do not share information that You would like to keep private. The author does not collect or process any personal data.

I'm an analyst specializing in Advanced Persistent Threat (APT) groups.

The best assistant for IT admins, get to the root cause of any issue

Expert in data disclosure risk analysis, mitigation, and modeling methods.

British cryptologist, innovating and explaining cryptography with wit.

Oracle TDE expert providing support in Korean

Expert in Zero Trust security, providing insights and guidance.

Peer support guide for digital and physical stalking protection

DevOps specialist providing guidance on CI/CD, cloud services, and security.

Friendly AI guardian with a crime trend analysis tool and holistic safety advice.

Malware analyzer for WordPress code.