Trending Projects

A collection of proof-of-concept exploits for the Linux kernel, focused on privilege escalation.

A Python library that declutters URL lists for web crawling and penetration testing tasks.

A LinkedIn enumeration tool that extracts valid employee names from an organization through web scraping.

ScopeSentry is a comprehensive security tool for mapping cyberspace, enumerating subdomains, scanning ports, and identifying vulnerabilities.

PowerShell tools for exploiting MachineAccountQuota and DNS vulnerabilities.

A C++ tool for extracting clear text passwords from the Windows Remote Desktop Protocol (RDP) client.

This repository provides a comprehensive list of rootkits for security research and penetration testing.

gasmask is an information gathering tool that performs OSINT (Open-Source Intelligence) reconnaissance.

A library of Elastic Security detection content for Endpoint protection, written in YARA language.

A Rust library that provides a comprehensive fingerprinting database for security research and web enumeration.

This is a sample penetration testing report provided by TCM Security, not a developer discovery platform.

A modular password spraying tool with threading, proxy support, and more for security researchers.

A curated collection of top-tier penetration testing tools and productivity utilities for security researchers and bug bounty hunters.

This project allows you to create up to a thousand WiFi access points with custom SSIDs, useful for security testing.

A Python-based reconnaissance framework for researching and investigating Telegram.

A Go-based utility for penetration testing and network security, featuring DHCP, DNS, and other network spoofing capabilities.

A comprehensive cheatsheet for Red Team activities and penetration testing techniques.

A PowerShell module for conducting security audits on Microsoft 365, Azure, and Azure AD resources.

A flexible DNS name permutation tool for security researchers and penetration testers.

Kunai is a threat-hunting tool for Linux that uses eBPF to detect and monitor security threats.

An idiomatic nmap library for Go developers to perform network mapping and analysis.

MagicRecon is a shell script that automates the recon and data collection process to find common vulnerabilities.

BloodHound-Legacy is a PowerShell tool for discovering paths to domain admin in Active Directory environments.

A set of SQL injection labs to test different types of SQL injection vulnerabilities.

A powerful Android decompiler tool for malware analysis, vulnerability detection, and code reversing.

A frida tool to dump dex in memory to support security engineers analyzing malware.

Pafish is a malware analysis tool that uses various techniques to detect virtual machines and analysis environments.

A comprehensive IT security toolkit for Android developers and professionals.

A Python-based platform security assessment framework for analyzing firmware security.

A comprehensive cheat sheet for advanced SQL injection techniques across various database platforms.

CHAOS is a free and open-source remote administration tool for controlling remote operating systems.

A privilege escalation tool that can be used to gain SYSTEM access on Windows systems.

This is an open-source EDR (Endpoint Detection and Response) repository, not a developer discovery platform for vibe coders.

A Python-based tool to search and analyze known vulnerabilities in software systems.

Th3Inspector is a comprehensive tool for information gathering and security research.

A fork of AFL for fuzzing Windows binaries, focused on security research and finding vulnerabilities.

A Python tool that can discover hidden IP addresses behind Cloudflare using misconfigured DNS and old database records.

Privaxy is a next-generation ad and tracker blocker that blocks ads and trackers by MITMing HTTP(s) traffic.

A Python toolkit for conducting phishing campaigns and security testing, not suitable for vibe coders.

A Python library that generates and resolves permutations of subdomains, useful for security researchers.

ReconDog is a Python-based reconnaissance tool for information gathering and vulnerability detection.

A PowerShell script for quickly finding missing software patches for local privilege escalation vulnerabilities.

A platform for exploiting Java vulnerabilities, including deserialization, JNDI, and Log4j RCE.

A Go-based toolkit for building phishing campaigns and C2 infrastructure.

This is a Linux eBPF rootkit with malicious capabilities including a backdoor, C2, and stealth features.

A Go port of the Shikata ga nai encoder with several improvements for security researchers and pentesters.

A PowerShell module and framework for interacting with and auditing Active Directory and Windows internals.

A curated list of Android Security materials and resources for penetration testing and bug hunting.

A curated collection of cybersecurity RSS feeds to help developers stay up-to-date on the latest security news and best practices.

Collection of common wordlists for brute force attacks on RDP, SSH, and IP camera passwords.