Trending Projects

An open-source OSINT framework for gathering information about IP addresses, emails, websites, and organizations.

Free and open-source BadUSB payloads for the Flipper Zero hacking device, supporting Windows, Linux, and iOS.

A collection of study notes and resources for learning web hacking and security.

A repository of YARA rules, a pattern matching tool for malware detection and analysis.

OS X Auditor is a free Mac OS X computer forensics tool.

An automatic LFI (Local File Inclusion) exploiter and scanner written in Python.

A collection of CTF (Capture The Flag) challenges and resources for security researchers and developers.

Metarget is a Python framework for automatically creating vulnerable infrastructures for security research and testing.

A Python tool to access the front and back cameras of a target's phone by sending a phishing link.

A fully customizable Windows-based pentesting virtual machine distribution for security professionals.

Automatically install all Kali Linux tools for security and penetration testing.

A Python script that finds endpoints in JavaScript files for security and information gathering purposes.

Automation tool to assess M365 tenant security against CISA baselines for cybersecurity compliance.

A privacy-focused Android app to monitor and control trackers and ads on your device.

A virtual machine for assessing Android applications, reverse engineering, and malware analysis.

Hemmelig is an encrypted secrets management tool that keeps sensitive information secure in chat logs, emails, and more.

A cybersecurity platform to protect against the Ukraine-Russia conflict on the internet.

This project is a Remote Access Trojan (RAT) that provides full remote command-line access, allowing for the download and execution of programs, and the spreading of viruses and malware.

This is an open-source webshell project that provides access to remote servers through various scripting languages.

A static analysis security vulnerability scanner for Ruby on Rails applications

A tool to dump a git repository from a website, useful for security researchers and developers.

A collection of hacker tools written in Go, useful for security researchers and penetration testers.

dddd is a simple batch information collection and supply chain vulnerability detection tool optimized for red team workflows.

A comprehensive cryptography library with implementations and challenges for security researchers and CTF participants.

Tinfoil Chat is an end-to-end encrypted, onion-routed secure messaging system for privacy-conscious developers.

A collection of Red Team focused tools, scripts, and notes for cybersecurity professionals.

A dictionary of attack patterns and primitives for application fault injection and resource discovery.

This Python tool is a Facebook hacking tool, not a developer discovery platform for vibe coders.

This repository provides a patch to hide QEMU and bypass various anti-detection mechanisms.

A repository containing a list of XSS (Cross-Site Scripting) vectors and payloads for security research and testing.

A comprehensive resource for cybersecurity professionals, containing tools used by various ransomware gangs.

Advanced Wazuh rules for more accurate threat detection in your Wazuh environment.

Attify OS is a Linux distro for penetration testing and exploiting IoT devices.

A cheatsheet of default credentials to help blue/red teamers identify devices with default passwords

Tool to find metadata and hidden information in documents, useful for security researchers and engineers.

Security Onion is a Linux distribution for threat hunting, enterprise security monitoring, and log management.

A machine learning security engine that automatically prevents threats against web apps and APIs.

A collection of Docker images for network intrusion and penetration testing tools.

A tool to download all Pwned Passwords hash ranges and save them offline for use without a dependency on the k-anonymity API.

Trojan-go is a Go-based Trojan proxy that provides an unidentifiable mechanism to bypass the Great Firewall of China.

A powerful Nginx server-side script that blocks bad bots, spam referrers, vulnerability scanners, and other malicious traffic.

Python reference implementation of The Update Framework (TUF), a library for securing software update systems

An anti-DDoS Lua script for Nginx to protect web servers from various attack types using a JavaScript-based authentication puzzle.

Curated list of awesome security resources for security operations, threat hunting, and incident response

This Rust-based repository provides tools and resources for offensive security and penetration testing.

A Go-based security testing tool that includes vulnerability scanning, port scanning, web directory scanning, and security compliance checks.

A repository with tips and tutorials for bug bounty hunting and penetration testing.

A Python-based reconnaissance framework for researching and investigating Telegram.

Collection of vulnerable PHP code snippets for security research and bug bounty hunting.

This is a research repository from the SSL Labs team, likely not focused on vibe coders.