Trending Projects

ESLint plugin that provides security-related linting rules for Node.js projects

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR.

A Swiss Army knife for automated web application testing, written in Go, useful for bug bounty hunters and security professionals.

Striker is an offensive information and vulnerability scanner for security professionals.

A Python library for security researchers and penetration testers to automate web application testing.

A Windows kernel rootkit for advanced cybersecurity research and red teaming.

This is a tool for hacking Android pattern locks from the Termux terminal, likely used for phishing and penetration testing.

An open-source penetration testing framework and vulnerability exploitation tools for Spring Boot applications.

Automatically brute force all services running on a target, useful for security researchers and bug bounty hunters.

This is a collection of hacking and cybersecurity-related books, not a developer tool platform.

This repository provides practical examples of malicious software in Python for educational purposes.

This is a collection of tools and resources for developers to bypass internet censorship and access restricted content.

Privacy-respecting web frontends for popular services like Reddit, Twitter, and YouTube.

This repository is focused on learning hacking, penetration testing, and reverse engineering using Kali Linux.

Daily feed of bad IP addresses with blacklist hit scores for security and threat monitoring.

This GitHub repository contains files related to jamming and hacking Sub-GHz signals using a Flipper Zero device.

A fast internal network scanning tool for security researchers and system administrators.

A deliberately vulnerable CI/CD environment to learn CI/CD security through multiple challenges.

XSS'OR is a JavaScript-based hacking tool for security researchers and penetration testers.

A subdomain takeover tool for attackers, bug bounty hunters, and security teams to detect and mitigate security vulnerabilities.

A C-based loader that mitigates VMware Hardened VM detection to bypass anti-VM protections.

This is a research repository from the SSL Labs team, likely not focused on vibe coders.

A Python script to automatically coerce a Windows server to authenticate on an arbitrary machine through multiple methods.

An experimental host-based intrusion detection system (HIDS) written in Go.

A JavaScript-based framework for dynamic analysis and penetration testing of Android and iOS apps.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

A PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC functions.

A security tool for multithreaded information gathering and service enumeration in penetration testing.

A collection of hacker tools written in Go, useful for security researchers and penetration testers.

PowerTools is a collection of PowerShell projects focused on offensive operations.

A Python library for remotely extracting credentials from the Windows Local Security Authority Subsystem Service (lsass).

This GitHub repository contains a collection of resources related to Remote Access Tools (RATs) and Command & Control (C&C) infrastructure.

An efficient and advanced man-in-the-middle (MITM) framework for security research and penetration testing.

This is a repository of Python scripts for red teaming and security research purposes.

Deprecated security and incident response platform for enterprises, built on the ELK stack.

A curated list of resources for Identity and Access Management knowledge in cloud platforms

This is a collection of Endpoint Detection and Response (EDR) tools for security researchers and developers.

An opinionated security and code quality standard for Solidity smart contracts.

A toolkit of hacking tools and gadgets for security researchers and penetration testers.

A customizable Java in-memory webshell generation tool for security research and testing.

linWinPwn is a bash script that streamlines the use of Active Directory security tools for penetration testing.

Venom is a multi-hop proxy tool for penetration testers and security researchers.

A sensitive information leakage scanner for GitHub that helps developers monitor for and secure exposed data.

The OWASP Developer Guide is a comprehensive resource for secure software development practices.

Asset discovery and identification tools to quickly identify web fingerprint information and locate asset types.

An open-source Chromium-based browser that provides fingerprinting protection and privacy features for web scraping and anti-detection use cases.

A curated list of Android Reverse Engineering training, resources, and tools for security researchers and developers.

This GitHub repository contains cheatsheets and resources for internal penetration testing and Active Directory security.

Simple OSINT script to find Instagram profiles by name and email/phone using Python

A curated list of cybersecurity tools and resources for security professionals and enthusiasts.