Trending Projects

A step-by-step tutorial on fuzzing, a security testing technique to find vulnerabilities in software.

A PowerShell script for enumerating privilege escalation vulnerabilities on Windows systems.

A fast Go HTML sanitizer to scrub user-generated content and prevent XSS attacks.

An open-source C++ compiler for fully homomorphic encryption, enabling secure computation on encrypted data.

A fast sub-domain brute tool for penetration testers and security researchers.

Tool to find metadata and hidden information in documents, useful for security researchers and engineers.

A Python-based reverse shell payload generator and handler for penetration testing and red teaming

A comprehensive OSINT tool written in Go that allows searching anyone's digital footprint across 300+ websites.

An automated NoSQL database enumeration and web application exploitation tool for security researchers.

Blokada is an open-source ad blocker and VPN app for Android and iOS that provides privacy and security features.

A Python-based platform security assessment framework for analyzing firmware security.

Smap is a drop-in replacement for Nmap that uses Shodan.io to scan and discover devices on a network.

A collection of cybersecurity handbooks and resources for security professionals and CTF players.

A comprehensive cheat sheet for understanding and mitigating Java Deserialization vulnerabilities.

Orbot is an open-source Tor client for Android that provides anonymity and censorship circumvention.

This is a Kali Linux-based tool for creating masked phishing URLs to conduct social engineering attacks.

A comprehensive wordlist for web fuzzing and security testing, useful for bug bounty and pentesting.

A modular sysmon configuration repository for security monitoring and threat hunting.

A powerful web interface for manipulating Android and iOS apps at runtime for mobile security research.

This repository contains penetration testing reports, documents, and security books, primarily written in Python.

A .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.

YARA signature database for threat detection, malware analysis, and security scanning

An ESP32-based tool for exploring and attacking nearby Wi-Fi networks, not related to vibe coders.

A command-line tool for retrieving information about any IP address, useful for security and information gathering.

A modular and decentralized honeypot designed to detect and monitor network intrusions.

A tool to test and exploit JNDI Injection vulnerabilities in Java applications.

A cheatsheet for penetration testing with the Kali Linux distribution, useful for security-focused developers.

A privilege escalation tool that can be used to gain SYSTEM access on Windows systems.

Single-file PHP shell for penetration testing and system exploration.

A fork of AFL for fuzzing Windows binaries, focused on security research and finding vulnerabilities.

Reflective DLL Injection to convert DLLs into position-independent shellcode

This repository contains a collection of vulnerability proof-of-concepts and exploits for security research purposes.

A collection of attack scenarios and mitigations for Microsoft Entra ID (Azure Active Directory).

Automation tool to assess M365 tenant security against CISA baselines for cybersecurity compliance.

This is a cheatsheet for Burp Suite, a popular security testing tool used by bug bounty hunters and penetration testers.

Guidelines and training material to write secure smart contracts on the Ethereum blockchain.

A tool to dump a git repository from a website, useful for security researchers and developers.

A Python-based cybersecurity tool for hacking wireless connections using built-in Kali Linux tools.

A Wi-Fi/LAN intruder detector that checks connected devices and alerts on unknown or disconnected devices.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

A privacy-focused Android app to monitor and control trackers and ads on your device.

This is an evil RAT (Remote Administration Tool) for macOS / OS X, built with Python.

This Python repository provides a JSON file for performing user enumeration on various websites.

A security-focused firmware for FIDO2 and U2F hardware security keys, written in C.

This shell script simplifies the process of adding a backdoor to any Android APK file for educational purposes.

A Windows kernel rootkit for advanced cybersecurity research and red teaming.

Daily feed of bad IP addresses with blacklist hit scores for security and threat monitoring.

This GitHub repository contains files related to jamming and hacking Sub-GHz signals using a Flipper Zero device.

A subdomain takeover tool for attackers, bug bounty hunters, and security teams to detect and mitigate security vulnerabilities.

A Python script to automatically coerce a Windows server to authenticate on an arbitrary machine through multiple methods.