Trending Projects

This repository contains a collection of tools for red team hacking and penetration testing.

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

A tool to block Spotify ads and analytics on Linux, macOS, and Windows using the hosts file.

A powerful Python tool to analyze PDF documents, useful for security researchers and developers.

A Python2 tool for detecting and exploiting Struts2 vulnerabilities across all versions.

A tool to create a fake Windows logon screen and steal user credentials, potentially used for malicious purposes.

A penetration testing framework packed with hacking tools for security research and exploration.

A Go-lang secure coding practices guide for developers building secure applications.

A Python library for comprehensive domain security analysis, suitable for security researchers and developers.

PowerShell tools for exploiting MachineAccountQuota and DNS vulnerabilities.

This is a GUI launcher for the XRAY web vulnerability scanning tool, focusing on web security.

This repository provides a collection of free proxy, VPN, and network acceleration tools for developers to bypass internet censorship.

A powerful Android decompiler tool for malware analysis, vulnerability detection, and code reversing.

A .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.

A PHP library to detect potentially malicious PHP files, useful for security-focused developers.

A PowerShell Runspace Post Exploitation Toolkit for security research and penetration testing.

A Python tool for mapping and tracking WiFi networks and devices without being connected to them.

A proof-of-concept for exploiting the critical CVE-2021-44228 vulnerability in the Log4j logging library.

A transparent and secure way to look up public keys for encryption, authentication, and more.

A collection of one-liners for bug bounty hunting and web application security research.

A tool that creates spoofed certificates and signs executables to evade antivirus detection.

A curated list of resources for vulnerability research and exploit development.

This is a multi-use bash script for Linux systems to audit wireless networks.

SharpUp is a C# port of various PowerUp functionality for security research and testing.

Tool for bypassing Discord server verification checks on low-spec machines.

A collection of self-contained htaccess shells and attacks for penetration testing and security research.

An exploitation framework for embedded devices, focused on penetration testing and security research.

A comprehensive network reconnaissance and analysis tool for security professionals and network engineers

A Burp Suite plugin to bypass WAFs by inserting junk data into requests.

This is a repository of cutting-edge open-source security tools for red teamers and threat hunters.

A Python framework for detecting vulnerabilities in content management systems (CMS).

This Python project is a 'super weapon' that aims to bypass online censorship, likely not suitable for vibe coders.

A collection of resources for Python security and code review, aimed at security-conscious developers.

Open source metadata repository for security events, useful for security researchers and analysts.

A collection of security-focused writeups and resources for web application security researchers and developers.

A fast, reliable, and simple port scanner written in Go, ideal for bug bounties and penetration testing.

Collection of blocklists to fill in the gaps for ad-blocking, privacy, and security purposes.

A PowerShell tool that extracts saved session information for remote access tools like WinSCP, PuTTY, and Remote Desktop.

A Python script that generates a dictionary for fuzzing file uploads to detect vulnerabilities.

PowerShell framework to assess Azure security for Windows and Linux systems

This project provides a basic anti-detection frida-server solution for developers.

This repository contains a collection of XSS payloads designed to turn 'alert(1)' into more potent attacks.

A tutorial on how to exploit a double-free vulnerability, focused on binary exploitation and security research.

A fast and powerful steganography cracking tool for security researchers and CTF participants.

Suricata is a powerful network security monitoring engine for intrusion detection and prevention.

An open-source Python tool to audit the security of SSH servers.

A Python tool that helps discover subdomains, secrets, and external JavaScript files for security testing and bug bounty hunting.

Local privilege escalation tool for Windows that can be used for security research and penetration testing.

A collection of open-source web security scanners for developers to assess web application vulnerabilities.

This book provides a comprehensive guide to understanding and exploiting the internals of the glibc heap for security researchers.