Trending Projects

Attify OS is a Linux distro for penetration testing and exploiting IoT devices.

A curated list of resources related to the security and compromise of locks, safes, and keys.

AndroRAT is a Remote Administrator Tool for hacking Android devices, allowing remote control and exploitation.

A library that provides workarounds for Google SafetyNet attestation, useful for Android developers.

A powerful network reconnaissance framework that allows you to build your own self-hosted alternatives to Shodan, ZoomEye and more.

A curated list of Burp Suite extensions, a popular web application security testing tool.

This repository contains penetration testing reports, documents, and security books, primarily written in Python.

A tool for automating brute-force attacks on services found through various scanning techniques.

This is a database of known phishing domains and URLs that can be used to validate and detect phishing attacks.

This Java plugin helps discover unauthorized/sensitive information/privilege escalation vulnerabilities in web applications during security testing.

A collection of awesome resources related to the Cobalt Strike security tool for red team activities.

A fast Go HTML sanitizer to scrub user-generated content and prevent XSS attacks.

OnionSearch is a Python script that scrapes URLs from different .onion search engines for open-source intelligence.

Peirates is a Kubernetes Penetration Testing tool written in Go for security research and vulnerability assessment.

A post-quantum cryptography library written in C for key exchange and encryption.

A curated list of awesome infosec courses and training resources for security professionals.

Quickly discover exposed hosts on the internet using multiple search engines for bug bounty and reconnaissance.

A reverse shell written in Go that allows remote access and control over an SSH connection.

A Python script for finding sensitive data (API keys, access tokens, JWTs) and searching JavaScript files.

A PowerShell script that checks and hardens the Windows configuration for better security.

A collection of cheat sheets for penetration testing and security research.

This GitHub repository provides instructions to install the Metasploit Framework 6 on the Termux Android terminal emulator.

A Python-based geolocation OSINT tool that gathers information from social media platforms.

A toolkit for reverse engineering and malware analysis on Windows systems.

A curated list of awesome cybersecurity resources, tools, and learning materials.

A collection of open-source web security scanners for developers to assess web application vulnerabilities.

Subdomain enumeration tool written in Go, with fast asynchronous DNS scanning to find subdomains for bug bounty hunting.

A curated list of awesome resources for reverse engineering and malware analysis.

A collection of web attack payloads for security research and penetration testing.

A powerful password cracking and dictionary building tool for brute-force attacks and social engineering.

An anti-DDoS Lua script for Nginx to protect web servers from various attack types using a JavaScript-based authentication puzzle.

A Python tool that searches various hash APIs to quickly crack hashes and integrates with HashCat for advanced cracking.

A Go-based C2 tool for penetration testing with Lua plugin support, domain fronting, and remote file/process management.

A pure Python implementation of Mimikatz, a popular Windows credential theft tool.

The SpecterOps project management and reporting engine focused on information security and penetration testing.

A collection of helpful preload libraries for security research and penetration testing.

Nym is a decentralized, privacy-preserving network that enables anonymous transactions and strong network-level privacy.

Crowbar is a Python-based brute forcing tool for penetration testing, supporting protocols not covered by other tools.

A collection of techniques, tactics, and procedures for red teamers and security professionals.

This GitHub repository contains tools to exploit and hack Windows systems, primarily through PowerShell scripts.

A tool to spoof TLS/JA3 fingerprints in Go and JavaScript for bypassing security measures.

An open-source enterprise-level automated app privacy compliance detection tool.

PingCastle is a reporting tool that helps secure Active Directory by identifying and remediating security vulnerabilities.

This repository contains a C# library for abusing Active Directory certificate functionality.

A repository with tips and tutorials for bug bounty hunting and penetration testing.

An integrated BurpSuite vulnerability detection plugin for security researchers.

This is a repository of penetration testing tools for security researchers and developers.

An open-source OSINT tool to find breached emails, databases, pastes, and other relevant information.

The Bug Hunters Methodology is a comprehensive guide for penetration testing and security research.

A comprehensive ad-blocker and privacy protector for an annoyance-free, better open internet.