Security Research
CVE repos and security research
Showing 1181-1200 of 1,841 projects
cube0x0/noPac
This is a C# project that scans for and exploits two CVE vulnerabilities (CVE-2021-42287/CVE-2021-42278).
OWASP/wrongsecrets
A vulnerable app with examples showing how to not use secrets, useful for security education.
HASecuritySolutions/VulnWhisperer
A Python tool that creates actionable data from vulnerability scans for security professionals.
bytedance/AabResGuard
A tool for obfuscating Android App Bundle (AAB) resources, useful for vibe coders building mobile apps.
L4ys/LazyIDA
A Python plugin for the IDA Pro disassembler that helps make reverse engineering tasks more efficient.
justinsteven/dostackbufferoverflowgood
This C-based library helps developers discover and exploit buffer overflow vulnerabilities.
nfc-tools/mfoc
This is a tool for cracking Mifare Classic RFID cards, not a developer platform for vibe coders.
hakluke/weaponised-XSS-payloads
This repository contains a collection of XSS payloads designed to turn 'alert(1)' into more potent attacks.
ossf/allstar
GitHub App to set and enforce security policies for open-source projects on GitHub.
tnballo/high-assurance-rust
A free book about developing secure and robust systems software in the Rust programming language.
GhostPack/SharpDPAPI
SharpDPAPI is a C# port of Mimikatz DPAPI functionality for interacting with Windows Data Protection API.
tennc/fuzzdb
A dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
obsidianforensics/hindsight
A Python-based browser forensics tool for extracting data from Google Chrome and other Chromium-based browsers.
c0ny1/FastjsonExploit
A framework for quickly exploiting the Fastjson vulnerability in Java applications.
649/Memcrashed-DDoS-Exploit
A Python-based DDoS attack tool that leverages the Shodan API to find vulnerable Memcached servers.
twelvesec/gasmask
gasmask is an information gathering tool that performs OSINT (Open-Source Intelligence) reconnaissance.
brannondorsey/naive-hashcat
A command-line tool for cracking password hashes using the popular Hashcat library.
dirkjanm/ldapdomaindump
A Python tool to dump information from Active Directory via LDAP, useful for security research and penetration testing.
ExpertAnonymous/PhoneInfoga
PhoneInfoga is a tool for advanced phone number information gathering and validation using free resources.
elastic/protections-artifacts
A library of Elastic Security detection content for Endpoint protection, written in YARA language.
Stay in the loop
Get weekly updates on trending AI coding tools and projects.