Trending Projects

A curated list of resources for bypassing Endpoint Detection and Response (EDR) solutions for ethical hacking.

A web scraper and analyzer for security information sites and security professionals' social accounts.

Conpot is a Python-based ICS/SCADA honeypot for security research and defensive purposes.

A minimal and effective Wi-Fi, BLE, and 2.4 GHz band jammer written in C.

This is an Intel SGX library for Linux that provides hardware-based confidential computing capabilities.

NoDPI is a Python utility for bypassing DPI (Deep Packet Inspection) to circumvent internet censorship.

A security scanner that helps identify issues with Drupal, Silverstripe and other CMSs.

An automatic SSTI detection tool with an interactive interface for penetration testing and security research.

This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.

gasmask is an information gathering tool that performs OSINT (Open-Source Intelligence) reconnaissance.

PhoneInfoga is a tool for advanced phone number information gathering and validation using free resources.

A passive information leakage detection tool for Chrome and Firefox developers using AI tools.

Logging Made Easy (LME) is a no-cost, open-source platform that centralizes log collection, enhances threat detection, and enables real-time alerting for small to medium-sized organizations.

A Python tool to search for leaked credentials in the PWNDB database.

A comprehensive collection of cheatsheets for various infosec tools and security-related topics.

Linux Malware Detection (LMD) is a command-line tool for detecting malware on Linux systems.

A Go utility to generate malicious network traffic patterns for security testing and evaluation.

Run frida-server on boot with Magisk, always up-to-date for Android exploitation and reverse-engineering.

A Burp Suite plugin that enables custom data processing like encryption/decryption and brute-force attacks.

A reverse shell written in Go that allows remote access and control over an SSH connection.

A Go-based wordlist framework for security researchers, bug bounty hunters, and hackers.

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms.

A tool to spoof TLS/JA3 fingerprints in Go and JavaScript for bypassing security measures.

USBGuard is a security framework for authorizing and controlling USB device interactions on Linux systems.

A C# application that exploits user edit rights on Group Policy Objects to compromise controlled objects.

A customizable Windows-based virtual machine for threat intelligence analysis and hunting

An advanced Python tool for email reconnaissance and cybersecurity research.

A curated list of vulnerable apps and systems for penetration testing practice.

An OSINT tool for finding profiles by username, useful for security research and information gathering.

This GitHub repository contains a collection of security-related resources for developers.

A detailed roadmap for learning hacking and penetration testing skills, including cybersecurity certifications.

This repository contains a series of challenges for learning the Frida framework for Android exploitation and reverse engineering.

A collection of captive portals for phishing using a WiFi Pineapple, focused on penetration testing and security research.

An open-source intelligence (OSINT) framework for researchers and security professionals.

GhostNet is an open-source, privacy-focused network tool for secure communication and anonymous web browsing.

Guidelines for developing secure and efficient low-level cryptography software

A C++ tool for bypassing security products by obscuring the intentions of a process.

This Go-based project provides a collection of techniques for bypassing antivirus (AV) protection, including API testing, encryption, and obfuscation.

A modular, open-source vulnerability scanner with automatic report generation capabilities.

A tool that helps developers easily trace classes, functions, and modify method return values on iOS platforms.

This is a collection of OSINT and penetration testing tools for security researchers and red teams.

An online port scan scraper written in Python for penetration testing and security research.

A C-based Beacon Object File (BOF) for use in remote operations on compromised systems.

A collection of historical vulnerability analyses for the ThinkPHP framework.

A ready-to-go phishing platform built with JavaScript for malicious social engineering attacks.

CloudBrute is an awesome cloud enumeration tool written in Go that helps security researchers and penetration testers discover cloud security issues.

A HTML5/CSS3 version of a security certification roadmap for developers.

A transparent ransomware claim tracker for monitoring and analyzing ransomware activity on the dark web.

This repository contains resources and tools for analyzing Virtual Machine Protection (VMP) obfuscation techniques.

A password manager that uses the age encryption standard as a backend, providing a secure and modern alternative to password-store.