Trending Projects

A powerful framework for rogue access point attacks, focused on security research and penetration testing.

A toolkit for creating various payloads, powershell attacks, and launching listeners for Human Interface Devices (Teensy).

Bandit is a static code analysis tool that helps find security issues in Python code.

A C# port of Mimikatz's sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands for security research.

A Chrome extension that turns victim browsers into HTTP proxies, allowing you to browse as them.

This repository provides a comprehensive set of tools for vulnerability exploitation and post-exploitation.

An OSINT tool that generates username lists for companies on LinkedIn to aid in penetration testing and security research.

An open-source tool for network exploitation and information gathering using the powerful Nmap scanner.

A security tool for developers to hunt endpoints, expose shadow APIs, and map attack surfaces.

This repository contains write-ups for iOS vulnerabilities that have been released.

A fast subdomain enumeration tool for penetration testers and security researchers.

A powerful Ruby-based WinRM shell for hacking, penetration testing, and remote Windows management.

An ESP32-based tool for exploring and attacking nearby Wi-Fi networks, not related to vibe coders.

CVE cache of the official CVE List in CVE JSON 5 format, providing developers with a comprehensive vulnerability database.

A Go-based security testing tool that includes vulnerability scanning, port scanning, web directory scanning, and security compliance checks.

EgeBalci/amber is a reflective PE packer written in Go, useful for security researchers and penetration testers.

RedSnarf is a Windows-focused penetration testing and red-teaming tool for security professionals.

A cybersecurity platform to protect against the Ukraine-Russia conflict on the internet.

IntelOwl: A comprehensive threat intelligence management platform for security professionals.

A hosted reverse shell generator with many features for use in CTFs and security testing.

A Windows kernel rootkit for advanced cybersecurity research and red teaming.

This is a Windows Privilege Escalation tool that can be used to elevate a user's privileges to a domain admin.

A security tool that combines a modified version of Mimikatz and a .NET PE Loader for penetration testing.

This Python tool allows searching for sensitive files across network SMB shares using regex-based filename and content matching.

A collection of Nuclei templates for security researchers and penetration testers.

A simple C++ tool to encrypt and hide files inside images using Least-Significant-Bit encoding.

AutoPWN Suite is a Python-based project for scanning vulnerabilities and automatically exploiting systems.

This Python library provides a comprehensive set of tools for penetration testing and offensive security.

An online port scan scraper written in Python for penetration testing and security research.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

A library that helps detect various malware analysis techniques used in the wild.

This repository provides resources for learning web security concepts like SQL injection and XSS.

OWASP CRS (Core Rule Set) is a web application firewall (WAF) security ruleset for detecting and preventing common web vulnerabilities.

A Python library that provides one-liners for various penetration testing and privilege escalation tasks.

A machine learning security engine that automatically prevents threats against web apps and APIs.

A curated list of writeups from the Google VRP Bug Bounty program, useful for security researchers and bug hunters.

An open-source Android app that tests for recent device vulnerabilities to improve Android security.

This project is a security vulnerability research repository focused on a Linux privilege escalation exploit.

A comprehensive study plan to become a successful cybersecurity engineer across various roles.

This is a wiki collecting resources for hardening red team infrastructure, not a vibe coder tool.

This is a proof of concept for the SMBGhost RCE vulnerability, written in Python.

PoC for the Zerologon vulnerability, which allows an attacker to completely compromise a Windows domain controller.

High-quality Sysmon configuration template for advanced Windows security monitoring and threat hunting

Cameradar is a Go library that allows developers to hack into RTSP video surveillance cameras for security testing.

A Magisk/KernelSU module that automatically adds user certificates to the system root CA store

Secure Boot for NixOS, a Rust-based project for the Nix community.

This is a repository of hacking tools and scripts for the Termux Linux environment on Android.

This repository provides a beginner's guide to obfuscation, a technique used to protect software from reverse engineering.

This repository provides tools and tutorials for cracking WPA/WPA2 Wi-Fi passwords, which is not recommended for general use.

Smap is a drop-in replacement for Nmap that uses Shodan.io to scan and discover devices on a network.