Trending Projects

UFONet is a Denial of Service toolkit that can be used to disrupt and disrupt networks and servers.

ArcherySec is an open-source vulnerability management and security testing platform for DevSecOps teams.

A tool that extracts various credentials and sensitive data from network packets or live interfaces.

This repository contains a proof-of-concept exploit for a Linux kernel vulnerability that allows local privilege escalation.

This repository provides free proxy and VPN solutions including Clash, Shadowsocks, and V2Ray for developers to bypass internet censorship.

Fibratus is a powerful security tool for adversary tradecraft detection, protection, and hunting on Windows.

A collection of CTF challenge files and scripts for security researchers and penetration testers.

APKiD is a tool for identifying Android apps that have been packed, obfuscated, or secured using various techniques.

A Wi-Fi/LAN intruder detector that checks connected devices and alerts on unknown or disconnected devices.

A Docker-based platform for quickly setting up various vulnerability test environments for security research.

This repository contains information about the Cobalt Strike malware framework, which is not a developer tool for building AI-powered applications.

A Java security audit plugin that helps developers find security vulnerabilities in web and Android apps.

A middleware to create a flexible proxy pool, providing a fixed request address for long-term use.

High-fidelity detection mechanism for finding security vulnerabilities in Next.js and React apps.

Portspoof is a C++ library that generates fake open ports to detect and mitigate network scanning attempts.

RootMyTV is an exploit for rooting/jailbreaking LG webOS smart TVs.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

Android reverse engineering tool for unpacking apps via memory analysis and code extraction.

An OSINT framework and package manager for security researchers and bug bounty hunters.

This GitHub repository provides a comprehensive collection of hacking resources and cheat sheets for security professionals.

A powerful framework for rogue access point attacks, focused on security research and penetration testing.

A Python script for finding sensitive data (API keys, access tokens, JWTs) and searching JavaScript files.

A privacy-focused Android app to monitor and control trackers and ads on your device.

This is an evil RAT (Remote Administration Tool) for macOS / OS X, built with Python.

An offensive software exploitation course focused on developing exploitation techniques.

This is a hardware backdoor research project for x86 CPUs, not a developer discovery platform focused on vibe coders.

A comprehensive tool for exploiting Shiro deserialization vulnerabilities, including command execution and memory shell injection.

This Python repository provides a JSON file for performing user enumeration on various websites.

A Python library for stealing signatures and making invalid signatures for testing purposes.

A tool for automating brute-force attacks on services found through various scanning techniques.

A collection of open-source security projects to help enterprise security professionals build security capabilities.

This is a repository of penetration testing tools for security researchers and developers.

A security-focused firmware for FIDO2 and U2F hardware security keys, written in C.

A customizable and automated penetration testing reporting platform for offensive security professionals.

A Zygisk module to hide root for KernelSU, Magisk and APatch, designed for Android 5.0+.

A fast vulnerability scanner that helps pentesters identify potentially vulnerable web servers.

A fast and efficient subdomain brute-forcing tool written in Go for security testing and penetration testing.

A curated list of awesome cloud security resources for developers and security professionals

A Magisk/KernelSU module that automatically adds user certificates to the system root CA store

This Python tool is a penetration testing and vulnerability scanning utility for quickly gaining access to target systems.

This is a one-click script to set up Shadowsocks/ShadowsocksR and enable BBR kernel acceleration on Ubuntu/CentOS/Debian.

A Python-based toolkit for security researchers and hackers, providing tools for penetration testing and network analysis.

This is a Firefox extension that demonstrates HTTP session hijacking attacks, not a vibe coder tool.

A simple keylogger for Windows, Linux and Mac used for hacking and penetration testing.

This repository contains a collection of exploits and proof-of-concept code for various CMS, platforms, and software vulnerabilities.

Malcolm is a powerful network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.

This shell script simplifies the process of adding a backdoor to any Android APK file for educational purposes.

Sudomy is a subdomain enumeration tool for bug hunting and pentesting, providing automated reconnaissance.

The OWASP MASVS is the industry standard for mobile app security verification and testing.

A set of tools to convert network capture files to hash files for use with password cracking tools.