Trending Projects

A curated list of cybersecurity datasets for security researchers and machine learning practitioners.

A curated list of resources related to Industrial Control System (ICS) security.

An offensive web testing framework that helps security researchers and pentesters find and exploit vulnerabilities in web applications.

A Go port of the Shikata ga nai encoder with several improvements for security researchers and pentesters.

A collection of tools, tips, and tricks for exploring and securing Industrial Control Systems (ICS) and SCADA systems.

A suite of tools for hacking social media accounts, including brute-force, phishing, and reporting attacks.

Improve your security and privacy by blocking ads, tracking and malware domains.

An automatic LFI (Local File Inclusion) exploiter and scanner written in Python.

A network monitoring and bandwidth limiting tool for developers without administrative access.

A Python library for pwning IPv4 networks via IPv6 for security research and penetration testing.

A repository for building and optimizing efficient penetration testing dictionaries and fuzzing tools.

A Python library for comprehensive domain security analysis, suitable for security researchers and developers.

A curated list of security resources and tools for developers and security professionals.

A proposed standard that allows websites to define security policies.

A Python tool that helps discover subdomains, secrets, and external JavaScript files for security testing and bug bounty hunting.

This repository contains malicious functionality to aid in malware development, which is not suitable for developer discovery.

An open-source drone pentesting framework console written in Python for security researchers.

This repository provides a port of ParrotSec's stealth and anonsurf modules to Kali Linux for anonymous web browsing.

A vulnerability scanner that automatically runs 30+ tools on a target, supporting web, system, subdomain, directory, and more scanning.

A repository that provides tips and tricks for pwn (binary exploitation) in CTF challenges.

A Python tool that sniffs for sensitive data from network interfaces or PCAP files.

Exploit Database repository for security researchers and penetration testers.

A Go-based tool that can bypass 40X/HTTP errors by tampering with HTTP requests, headers, and credentials.

A library of BadUSB payloads for the Flipper Zero device, primarily written in PowerShell.

A passive Shiro detection plugin for the BurpSuite security tool, used for web application security testing.

An Assembly-based tool for AV/EDR evasion via direct system calls.

Phishing catcher tool that uses Certificate Transparency to detect and report suspicious SSL/TLS certificates.

A collection of PDF/books about modern web application security and bug bounty programs.

A reverse tunneling tool for pentesters, built with Go, to easily establish secure connections.

A Python script for checking Linux privilege escalation vulnerabilities for security testing.

A reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications.

An evasion framework for bypassing anti-virus and endpoint detection and response (EDR) tools.

A Python-based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

A high-value vulnerability collection and notification service for developers, integrating with popular chat platforms.

WeblogicTool is a GUI tool for Weblogic vulnerability detection, command execution, webshell injection, and password decryption.

This project provides a basic anti-detection frida-server solution for developers.

Comprehensive scanning tool for security testing and penetration testing of websites and web applications.

The SpecterOps project management and reporting engine focused on information security and penetration testing.

A Go-based security testing tool that includes vulnerability scanning, port scanning, web directory scanning, and security compliance checks.

Burp extension that can bypass TLS fingerprinting, WAF, and spoof any browser for penetration testing.

A PowerShell script that checks and hardens the Windows configuration for better security.

A collection of Google Dorks that can be used to find vulnerable websites indexed in Google Search results.

This GitHub repository contains tools to exploit and hack Windows systems, primarily through PowerShell scripts.

An open-source web crawler and spider tool for detecting cross-site scripting (XSS) vulnerabilities.

An open-source OWASP-based web application security testing checklist to help track completed and pending test cases.

This repository provides a detailed analysis of the reported backdoors in the Pinduoduo e-commerce platform.

A collection of cybersecurity and incident response notes for blue team professionals.

A Python tool for stealthy data exfiltration using DNS requests.

Collection of common wordlists for brute force attacks on RDP, SSH, and IP camera passwords.

This repository provides self-study tutorials and resources for network security tools and practices.