Trending Projects

This is a collection of custom Bash scripts for automating various penetration testing tasks, including reconnaissance, scanning, enumeration, and malicious payload creation, for use with Kali Linux.

This tool allows developers to extract decrypted iOS app binaries from jailbroken devices for reverse engineering and security research.

SecureDrop whistleblower platform repository

A fast and powerful SSL/TLS scanning library for security-focused developers.

This is the Kali NetHunter project, a penetration testing and security framework for Android devices.

Findomain is a fast and comprehensive domain discovery tool with features like port scanning, HTTP checking, and alert integrations.

A Python-based weaponized web shell for penetration testing and security research.

A comprehensive toolkit for Windows penetration testing, including a range of security tools and utilities.

A Python script to find leaked secrets on GitHub using custom dorks.

Reflective DLL Injection to convert DLLs into position-independent shellcode

A collection of attack scenarios and mitigations for Microsoft Entra ID (Azure Active Directory).

This is a cheatsheet for Burp Suite, a popular security testing tool used by bug bounty hunters and penetration testers.

Guidelines and training material to write secure smart contracts on the Ethereum blockchain.

Privacy-respecting web frontends for popular services like Reddit, Twitter, and YouTube.

A customizable Java in-memory webshell generation tool for security research and testing.

Microsoft Defender for Cloud is a cloud security platform that provides advanced threat protection and compliance management for cloud environments.

A browser extension for encrypting emails with OpenPGP, compatible with webmail providers.

A Python library that provides one-liners for various penetration testing and privilege escalation tasks.

This is an open-source tool for performing various types of spam and DDoS attacks, primarily targeting Discord, email, and SMS.

This is a Python script that installs hacking tools for the Android platform, specifically for the Termux app.

Curated DevSecOps resources and tooling for secure software development.

A comprehensive collection of resources for building and operating a Security Operations Center (SOC)

Remote video eavesdropping using a software-defined radio platform, not a vibe coder tool.

This is a Python-based tool for cracking WiFi passwords, not a developer platform for vibe coders.

A curated list of writeups from the Google VRP Bug Bounty program, useful for security researchers and bug hunters.

A curated list of open-source anti-censorship tools for developers and internet freedom advocates.

An open-source tool for network exploitation and information gathering using the powerful Nmap scanner.

This repository is a collection of documents leaked by Edward Snowden, a former NSA contractor and whistleblower.

An OSINT tool that helps find email addresses and potential credential leaks from social media profiles.

A collection of useful Google Dorks for web security and bug bounty hunting.

A Python tool that dumps Active Directory Integrated DNS information for any authenticated user.

WebMap-Nmap Web Dashboard and Reporting tool for cybersecurity professionals

CloudBrute is an awesome cloud enumeration tool written in Go that helps security researchers and penetration testers discover cloud security issues.

This repository contains detailed adversary simulation APT campaigns targeting various critical sectors.

A VoIP security testing toolset that helps security teams, QA, and developers test SIP-based VoIP systems and applications.

This is a collection of cybersecurity learning resources for beginners and enthusiasts.

This project provides technical guides and resources for various hacking and security-related topics.

A Python tool to search popular search engines for security research and reconnaissance.

This repository contains emergency response notes from a security engineer's perspective.

A Go-lang secure coding practices guide for developers building secure applications.

P4wnP1 is a highly customizable USB attack platform based on a Raspberry Pi Zero or Raspberry Pi Zero W.

Advanced vulnerability scanning tool for developers using Nmap NSE scripts and Lua.

A .NET deserialization payload generator to help developers identify and mitigate security vulnerabilities.

A Python script that exploits .git folder disclosure to retrieve source code from web servers.

An automatic SSRF fuzzer and exploitation tool for penetration testing and security research.

A curated list of Burp Suite extensions, a popular web application security testing tool.

A comprehensive collection of 170+ penetration testing and red teaming tools, scripts, and resources for security professionals.

Quickly discover exposed hosts on the internet using multiple search engines for bug bounty and reconnaissance.

Collection of security-focused projects for penetration testing and red team activities.

A comprehensive ad-blocker and privacy protector for an annoyance-free, better open internet.