Trending Projects

A collection of RSS feeds for cybersecurity and information security news, blogs, and social media.

P4wnP1 A.L.O.A. is a Raspberry Pi Zero W framework for penetration testing, red teaming, and physical engagements.

A Burpsuite plugin for automating the bypass of authentication and WAF protections.

Kunai is a threat-hunting tool for Linux that uses eBPF to detect and monitor security threats.

This is the unofficial Git repository for the Tor Project, a popular tool for online privacy and anonymity.

This is a repository of hacking tools and scripts for the Termux Linux environment on Android.

A Rust-based tool for rapidly searching and hunting through Windows forensic artifacts.

An open-source 802.11 attack tool written in Rust for security researchers and penetration testers.

This repository provides a comprehensive set of tools for vulnerability exploitation and post-exploitation.

A personal VPN project using Shadowsocks and v2ray to provide a free and secure VPN solution.

Automatically install all Kali Linux tools for security and penetration testing.

An open-source post-exploitation framework for students, researchers and developers.

An automatic SSRF fuzzer and exploitation tool for penetration testing and security research.

A vulnerable Windows & Linux kernel driver for security research and exploit development.

A comprehensive cheatsheet for bug bounty hunters, covering various payloads, tips, and tricks.

A repository that collects interesting APT reports and special IOCs for cybersecurity researchers and threat hunters.

A Python-based toolkit for security researchers and hackers, providing tools for penetration testing and network analysis.

A Python library for pwning IPv4 networks via IPv6 for security research and penetration testing.

OS X Auditor is a free Mac OS X computer forensics tool.

A Burp Suite plugin to bypass WAFs by inserting junk data into requests.

A collection of Burpsuite plugins, articles, and usage tips for web security testing and penetration testing.

This repository provides a shell script to infect Android devices with a virus from a link in Termux.

This is a course repository for a University of Cincinnati Malware Analysis class, not a developer discovery platform.

Burp extension that can bypass TLS fingerprinting, WAF, and spoof any browser for penetration testing.

This project has been deprecated, but the ChatSecure iOS project continues. For Android, Conversations or Zom are recommended alternatives.

Curated list of awesome security resources for security operations, threat hunting, and incident response

Empire is a PowerShell and Python post-exploitation agent, not a developer discovery platform for vibe coders.

Easily identify emails, IP addresses, and more from text or PCAP files with this cybersecurity-focused Python library.

This repository contains course materials for learning modern binary exploitation techniques.

A comprehensive study plan to become a successful cybersecurity engineer across various roles.

This repository provides a collection of deals and discounts for InfoSec-related software and tools during the Black Friday season.

This is an advanced phishing tool for Linux, not a developer platform focused on AI tools.

A step-by-step tutorial on fuzzing, a security testing technique to find vulnerabilities in software.

A Java agent-based tool to quickly generate memory shell payloads for common Java web frameworks.

CMS Scanner: A tool to scan WordPress, Drupal, Joomla, and vBulletin websites for security issues.

A set of SQL injection labs to test different types of SQL injection vulnerabilities.

A free C++ cryptography library that provides a variety of cryptographic schemes and primitives.

A curated list of resources for bypassing Endpoint Detection and Response (EDR) solutions for ethical hacking.

An Arch Linux-based distribution for penetration testers and security researchers.

This is a blocklist for Adobe's URLs and IPs that can be added to the Windows host file.

A censorship circumvention tool to evade detection by authoritarian state adversaries.

A Python-based utility to quickly access and launch various hacking tools for security professionals.

This is a collection of tools for penetration testing and OSINT, not a vibe coder platform.

A Python tool to automate Google Hacking Database scraping and searching for bug bounty and OSINT purposes.

A library of BadUSB payloads for the Flipper Zero device, primarily written in PowerShell.

A comprehensive collection of resources for building and operating a Security Operations Center (SOC)

A cheat sheet for mobile app penetration testing covering Android, iOS, network analysis, and more.

Tool to find metadata and hidden information in documents, useful for security researchers and engineers.

This repository contains a collection of malware samples, which is not recommended for developers to use or distribute.

A comprehensive repository of red teaming tactics and techniques for security professionals.