Trending Projects

Logging Made Easy (LME) is a no-cost, open-source platform that centralizes log collection, enhances threat detection, and enables real-time alerting for small to medium-sized organizations.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

Run frida-server on boot with Magisk, always up-to-date for Android exploitation and reverse-engineering.

An open-source, extensible network penetration testing tool for security research and reconnaissance.

This is an Android app that detects and fights against IMSI-Catchers, StingRays, and silent SMS attacks.

Pafish is a malware analysis tool that uses various techniques to detect virtual machines and analysis environments.

This is a collection of malware samples, not a tool for vibe coders.

A JavaScript library that produces persistent, respawning "super" cookies in a browser, used for user identification.

A powerful framework for rogue access point attacks, focused on security research and penetration testing.

A tool to upload arbitrary data via Apple's Find My network, useful for security researchers and data exfiltration.

Compiled binaries for the Ghostpack suite of post-exploitation tools for penetration testing.

A free, open-source honeypot solution for enterprise-level security monitoring and threat hunting.

An Assembly-based tool for AV/EDR evasion via direct system calls.

A comprehensive resource for cybersecurity professionals, containing tools used by various ransomware gangs.

BlueDucky is a Python implementation of a security vulnerability (CVE-2023-45866) that allows unauthenticated code execution using a HID keyboard.

Comprehensive penetration testing toolkit for web, mobile, APIs, and more, useful for security-focused developers.

A Python-based web vulnerability scanner for developers to identify and mitigate security risks.

A comprehensive list of open-source tools for AWS security, including defensive, offensive, auditing, and incident response capabilities.

This tool allows developers to extract decrypted iOS app binaries from jailbroken devices for reverse engineering and security research.

CHAOS is a free and open-source remote administration tool for controlling remote operating systems.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Open Source Cloud Native Application Protection Platform (CNAPP) for securing cloud-native applications

A Python-based reverse shell payload generator and handler for penetration testing and red teaming

A C-based loader that mitigates VMware Hardened VM detection to bypass anti-VM protections.

This repository provides a collection of hacking tools and backdoor generators for security research and penetration testing.

Original C implementation of the Hell's Gate VX technique, a security research project.

A Rust implementation of the Noise Protocol Framework for secure communication.

A comprehensive collection of reverse engineering resources and tools for multiple platforms.

Open-source educational content for security researchers and bug bounty hunters.

A Python library that provides various UAC bypass, elevation, and persistence methods for Windows.

A comprehensive collection of awesome resources and modules for the Flipper Zero device, focused on security tools and penetration testing.

A curated list of wordlists for bruteforcing and fuzzing, useful for security researchers and pentesters.

This is an Android security learning repository, not a developer discovery platform for vibe coders.

A small, fast, portable TLS/SSL implementation for embedded devices to the cloud.

A comprehensive collection of Android and iOS mobile security resources and tools for developers.

A tool that extracts various credentials and sensitive data from network packets or live interfaces.

A DOM fuzzer built in Python that helps security researchers and developers discover vulnerabilities in web applications.

A BLE and Bluetooth jammer using nRF24L01 and ESP32 for cybersecurity research and pentesting.

A Python tool that can identify the type of hash, including common ones like MD5 and SHA256, for developers working in cybersecurity and CTF challenges.

Automatic Linux privilege escalation tool that exploits common vulnerabilities and misconfigurations.

A tool for searching for ROP gadgets in binary files to facilitate exploitation.

A Python script to track location with live address and accuracy using Termux on Linux platforms.

A cryptography toolkit providing a variety of secure algorithms and primitives for developers.

A Python tool for black-box regex fuzzing to bypass validations and discover normalizations in web apps.

This is an advanced remote access trojan (RAT) written in Python that can be controlled through Discord.

A privacy-focused Android app to monitor and control trackers and ads on your device.

Google CTF is a security-focused repository with CTF challenges, not a developer discovery platform for vibe coders.

Free and open-source BadUSB payloads for the Flipper Zero hacking device, supporting Windows, Linux, and iOS.

A Python script to automatically coerce a Windows server to authenticate on an arbitrary machine through multiple methods.

A Python-based DDoS testing tool that can perform Layer 7 attacks using KeepAlive+NoCache techniques.