Trending Projects

A Python library that exploits a vulnerability in Apple software to craft PNG files that appear differently

JA4+ is a suite of network fingerprinting standards for cybersecurity and network forensics analysis.

Leaked source code for the Mirai botnet, for research and indicator of compromise (IoC) development purposes.

This repository provides a comprehensive collection of resources and tools for cellular network hacking.

A cheatsheet for penetration testing with the Kali Linux distribution, useful for security-focused developers.

Proof-of-Concept code for a critical remote code execution vulnerability (CVE-2025-55182) in a Python-based application.

This repository contains write-ups for iOS vulnerabilities that have been released.

An open-source vulnerability intelligence platform that provides data and insights on CVEs and vulnerabilities.

A reverse engineering framework for Flutter, focused on security research and bug bounty programs.

This is a Python script for brute-force attacking Instagram accounts, not a tool for vibe coders.

An advanced Python-based tool for automating the detection and exploitation of SQL injection vulnerabilities.

BloodHound-Legacy is a PowerShell tool for discovering paths to domain admin in Active Directory environments.

This is a hacking tool that can track a user's location, capture their picture, and collect device information.

Official OWASP Top 10 document repository for web application security best practices.

Fluxion is an AI-powered tool for cybersecurity researchers and penetration testers, focused on evil-twin attacks and captive portal exploits.

A curated list of awesome resources for the OSCP (Offensive Security Certified Professional) certification.

A Python tool to automate Google Hacking Database scraping and searching for bug bounty and OSINT purposes.

This repository provides downloads for various VPN software across different platforms.

Hayabusa is a Rust-based threat hunting and forensics timeline generator for Windows event logs.

An open-source library for creating security detection rules and threat hunting content.

In-depth repository of Telegram OSINT resources covering tools, techniques and tradecraft.

OWASP CRS (Core Rule Set) is a web application firewall (WAF) security ruleset for detecting and preventing common web vulnerabilities.

A collection of PDF/books about modern web application security and bug bounty programs.

A powerful MongoDB auditing and penetration testing tool for developers.

Reverse engineering and pentesting tool for analyzing Android applications

A PowerShell script for enumerating privilege escalation vulnerabilities on Windows systems.

A sensitive information protection toolkit written in Go for secure data handling.

GmSSL is a cryptographic toolbox supporting Chinese national cryptography standards including SM2, SM3, SM4, SM9 and SSL/TLS protocols.

This appears to be a collection of security-focused tools for developers.

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers.

A Python-based cybersecurity tool for hacking wireless connections using built-in Kali Linux tools.

This repository contains a C# library for abusing Active Directory certificate functionality.

A Python tool to search popular search engines for security research and reconnaissance.

A powerful OSINT tool for gathering open-source intelligence and performing online investigations.

A beginner-friendly Python toolkit for penetration testing and ethical hacking.

A Python library for detecting homograph phishing attacks, typo squatting, and brand impersonation through domain name permutation.

OpenKeychain is an open-source OpenPGP implementation for secure communication on Android.

A collection of Google Dorks to find websites with responsible disclosure programs or bug bounty programs.

This is an Android app that detects and fights against IMSI-Catchers, StingRays, and silent SMS attacks.

This repository provides access to the latest proxy/VPN resources for developers who need to bypass censorship or access restricted content.

Secure Boot for NixOS, a Rust-based project for the Nix community.

An open-source script that automatically removes DRM from Steam games

This is an open-source tool for detecting app hardening features in APK files, supporting over 40 vendors.

A Python tool that helps identify and take over domains with dangling DNS records, useful for security researchers and bug bounty hunters.

A browser extension that protects your browser fingerprints across Chrome, Edge, and Firefox

This is an open-source webshell project that provides access to remote servers through various scripting languages.

Securely and anonymously share files, host websites, and chat using the Tor network.

Automated all-in-one OS command injection exploitation tool for security researchers and penetration testers.

A collection of tools and resources for web hackers and bug hunters.

All-in-one malware analysis tool for security-focused developers and researchers.