Trending Projects

A tool to find the origin servers of websites behind Cloudflare using Censys internet-wide scan data.

A comprehensive roadmap and resources for those interested in pursuing a career in cybersecurity.

A web security testing platform built with PHP for discovering and testing web vulnerabilities.

A free and efficient ad-blocker and privacy guard for Windows, macOS, and Linux desktop apps.

A curated list of Immunefi bug bounty writeups, useful for security researchers and bug bounty hunters.

This is a script to install Kali Nethunter, a penetration testing Linux distro, on Android devices using Termux without root access.

This Python repository provides a JSON file for performing user enumeration on various websites.

High-quality Sysmon configuration template for advanced Windows security monitoring and threat hunting

A collection of study notes and resources for learning web hacking and security.

A curated list of awesome resources for threat detection and incident response.

Trojan-go is a Go-based Trojan proxy that provides an unidentifiable mechanism to bypass the Great Firewall of China.

A free, open-source password manager compatible with KeePass, with cross-platform support.

A dictionary of attack patterns and primitives for application fault injection and resource discovery.

Arachni is a powerful open-source web application security scanner framework for penetration testing and vulnerability detection.

An initial access and post-exploitation tool for AAD and O365 with a browser-based GUI

A command-line tool for retrieving information about any IP address, useful for security and information gathering.

This is a phishing tool and information collector, not a developer tool focused on AI-powered coding.

IntelOwl: A comprehensive threat intelligence management platform for security professionals.

A comprehensive guide for web application penetration testing and bug bounty hunting.

Legion is an automatic enumeration tool based on open-source tools for security professionals and pentesters.

A Python script that finds endpoints in JavaScript files for security and information gathering purposes.

Automation tool to assess M365 tenant security against CISA baselines for cybersecurity compliance.

Daily feed of bad IP addresses with blacklist hit scores for security and threat monitoring.

Buttercup is a Python tool that finds and patches software vulnerabilities.

A compilation of resources from the Practical Ethical Hacking Udemy course, focused on Python-based security tools.

This is a Kali Linux-based tool for creating masked phishing URLs to conduct social engineering attacks.

Advanced Wazuh rules for more accurate threat detection in your Wazuh environment.

A cheatsheet of default credentials to help blue/red teamers identify devices with default passwords

A powerful Nginx server-side script that blocks bad bots, spam referrers, vulnerability scanners, and other malicious traffic.

A powerful toolkit for security professionals and hackers, offering a wide range of scanning and analysis tools.

A curated list of Google Dorks for bug bounty, web application security, and penetration testing.

A C# data collector for the BloodHound tool, which is used for Active Directory reconnaissance.

This GitHub repository is a collection of tools and methods for open-source intelligence (OSINT) collection.

This repository contains a comprehensive checklist of web and API vulnerabilities for bug bounty hunters and security researchers.

This Python program allows you to detect and view IMSI numbers of nearby cellphones.

A plug-in type web vulnerability scanner written in Python

A high-level C2 framework for managing reverse TCP & HoaxShell-based shells with enhanced features

ScopeSentry is a comprehensive security tool for mapping cyberspace, enumerating subdomains, scanning ports, and identifying vulnerabilities.

A fully customizable Windows-based pentesting virtual machine distribution for security professionals.

An open-source C++ compiler for fully homomorphic encryption, enabling secure computation on encrypted data.

A tool to dump a git repository from a website, useful for security researchers and developers.

This repository provides a patch to hide QEMU and bypass various anti-detection mechanisms.

Free VPN configs for Russia using shadowsocks, v2ray, vless protocols with whitelist bypass

This is a Java web security repository, likely focused on web application security research and testing.

Freenet is a decentralized, anonymous peer-to-peer network for secure and private communication.

This is a C++ rootkit designed to provide stealth and evasion capabilities to malicious software.

An open-source project focused on tracking and exposing Huawei's alleged misdeeds.

A C# Command & Control framework for security research and penetration testing

Clair is a static analysis tool for scanning container images and identifying vulnerabilities.

A penetration testing tool for finding 'delicious candy' (sensitive data) on systems.