Trending Projects

A Python-based malware analysis and unpacking tool for security researchers and analysts.

Hayabusa is a Rust-based threat hunting and forensics timeline generator for Windows event logs.

This is a Kali Linux-based tool for creating masked phishing URLs to conduct social engineering attacks.

A comprehensive wordlist for web fuzzing and security testing, useful for bug bounty and pentesting.

A Python tool for discovering URLs and parameters from web archives for bug hunting, fuzzing, and further probing.

OWASP CRS (Core Rule Set) is a web application firewall (WAF) security ruleset for detecting and preventing common web vulnerabilities.

A tool to bypass DPI (Deep Packet Inspection) and bypass internet censorship.

Project Wycheproof tests crypto libraries against known attacks, helping developers improve security.

HTML5 Security Cheatsheet - a collection of HTML5-related XSS attack vectors.

A Rust library for offensive security and red team engagements.

An open-source Python tool to audit the security of SSH servers.

A modular sysmon configuration repository for security monitoring and threat hunting.

A Python script that demonstrates how to get free WiFi access by spoofing network credentials.

A curated list of Node.js security resources for developers, including best practices, tools, and vulnerability info.

A powerful web interface for manipulating Android and iOS apps at runtime for mobile security research.

Open-source tools and middleware for working with smart cards and secure elements.

Fort Firewall for Windows bandwidth limiting

This is a script to install Kali Nethunter, a penetration testing Linux distro, on Android devices using Termux without root access.

A vulnerable Windows & Linux kernel driver for security research and exploit development.

Open-source RASP (Runtime Application Self-Protection) solution for improving application security.

This GitHub repository appears to be a collection of leaked QQ user data, not a developer tool.

Conceal provides easy Android APIs for performing fast encryption and authentication of data.

An on-path blackbox network traffic security testing tool written in Python.

This repository contains penetration testing reports, documents, and security books, primarily written in Python.

A tool to find the origin servers of websites behind Cloudflare using Censys internet-wide scan data.

A repository that collects interesting APT reports and special IOCs for cybersecurity researchers and threat hunters.

This is a toolkit for penetration testing and security research, not a developer platform focused on vibe coders.

An open-source password manager with end-to-end encryption and progressive web app capabilities.

A security tool that helps analyze changes to the attack surface of an operating system during software installation.

A .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.

A comprehensive collection of 170+ penetration testing and red teaming tools, scripts, and resources for security professionals.

Android security patching framework that disables signature verification for system modifications

Secure password sharing with automatic expiration, view limits, and audit logs

A tool that automatically integrates and synchronizes the latest Nuclei vulnerability POCs from across the web.

An open-source repository of payloads for the Hak5 Bash Bunny, a multi-function USB attack platform.

This repository provides suggestions and code for Capture The Flag (CTF) cybersecurity challenges.

Rule sets for Surge proxy clients (iOS/Mac) with ad-blocking, anti-censorship, and GFW bypass capabilities.

YARA signature database for threat detection, malware analysis, and security scanning

A daily updated composer exclusion list for security vulnerabilities in PHP projects.

A guide for setting up NextDNS, a privacy-focused DNS over HTTPS (DoH) proxy with advanced capabilities.

Curated cheatsheets & command snippets for penetration testing and security research

ScareCrow is a payload creation framework designed to bypass endpoint detection and response (EDR) solutions.

This repository appears to be a Java security-focused project, not a developer discovery platform for vibe coders.

Detect and fingerprint WAF technologies, test bypass techniques for security research

Firefox hardening configuration script for enhanced privacy and security

Reverse shell handler for Linux and Windows

BloodHound is a tool for graphically visualizing Active Directory environments to discover attack paths.

Quickly discover exposed hosts on the internet using multiple search engines for bug bounty and reconnaissance.

An ESP32-based tool for exploring and attacking nearby Wi-Fi networks, not related to vibe coders.

This repository provides a shell script to infect Android devices with a virus from a link in Termux.