Trending Projects

A cloud security posture management (CSPM) tool that helps developers secure their cloud infrastructure.

A .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers.

A set of tools to convert network capture files to hash files for use with password cracking tools.

A collection of tools, tips, and tricks for exploring and securing Industrial Control Systems (ICS) and SCADA systems.

A Python-based tool for automating WeChat mini-program penetration testing.

dddd is a simple batch information collection and supply chain vulnerability detection tool optimized for red team workflows.

This is a hacking tool for brute-forcing Instagram passwords, not a developer platform focused on vibe coders.

A Go-based security testing tool that includes vulnerability scanning, port scanning, web directory scanning, and security compliance checks.

Burp extension that can bypass TLS fingerprinting, WAF, and spoof any browser for penetration testing.

A browser extension for OSINT (Open-Source Intelligence) search, focused on threat intelligence and security.

FPGA modules used with PCILeech DMA Attack Software for advanced security research and hardware hacking.

Compiled binaries for the Ghostpack suite of post-exploitation tools for penetration testing.

This repository contains a collection of malware samples, which is not recommended for developers to use or distribute.

A collection of 'Proof of Concept or GTFO' articles and magazines for hackers and security researchers.

A subdomain takeover vulnerability checker tool written in Go for bug bounty hunting and security research.

A web scraper and analyzer for security information sites and security professionals' social accounts.

This Windows Local Privilege Escalation Cookbook provides PowerShell scripts and techniques for privilege escalation on Windows systems.

This repository contains a series of challenges for learning the Frida framework for Android exploitation and reverse engineering.

A collection of captive portals for phishing using a WiFi Pineapple, focused on penetration testing and security research.

A C# data collector for the BloodHound tool, which is used for Active Directory reconnaissance.

An ESP32 firmware that revolutionizes pentesting with a focus on security research and penetration testing.

A curated list of Immunefi bug bounty writeups, useful for security researchers and bug bounty hunters.

A security tool for developers to hunt endpoints, expose shadow APIs, and map attack surfaces.

A Python PoC tool that packages payloads into various output containers to evade detection and demonstrate risks.

ExtremeInjector is an unknown library or tool, likely related to security or hacking.

A cryptography-powered, open-source toolkit for Zero Trust security in AI-driven infrastructure and applications.

A tool for searching for ROP gadgets in binary files to facilitate exploitation.

Arachni is a powerful open-source web application security scanner framework for penetration testing and vulnerability detection.

A Python-based utility to quickly access and launch various hacking tools for security professionals.

A powerful web interface for manipulating Android and iOS apps at runtime for mobile security research.

A collection of CTF challenge files and scripts for security researchers and penetration testers.

A curated list of resources related to Industrial Control System (ICS) security.

An open-source Instagram OSINT tool for collecting and analyzing data from Instagram.

An open-source OSINT tool for recon and security research without API keys

Picocrypt is a small, secure encryption tool written in Go that can be used for file encryption and privacy.

A curated list of writeups from the Google VRP Bug Bounty program, useful for security researchers and bug hunters.

An awesome curated list of vulnerable web applications for security researchers and bug bounty hunters.

A detailed roadmap for learning hacking and penetration testing skills, including cybersecurity certifications.

XploitSPY is an Android monitoring tool for malicious activities and remote access.

A curated list of wordlists for bruteforcing and fuzzing, useful for security researchers and pentesters.

This project appears to be a malicious spyware Trojan program, not a developer tool.

Wazuh - a powerful open-source security platform for threat detection, incident response, and compliance.

An idiomatic nmap library for Go developers to perform network mapping and analysis.

An open-source, stateless password manager that prioritizes privacy and self-hosting.

A curated list of awesome infosec courses and training resources for security professionals.

A cheat sheet for mobile app penetration testing covering Android, iOS, network analysis, and more.

This tool allows developers to extract decrypted iOS app binaries from jailbroken devices for reverse engineering and security research.

A curated list of awesome resources for the OSCP (Offensive Security Certified Professional) certification.

This GitHub repository is a collection of penetration testing resources, tools, and other related materials.

A curated collection of Windows Event Log samples for security research and threat hunting.