Trending Projects

This is a collection of tools for penetration testing and OSINT, not a vibe coder platform.

This repository contains a series of challenges for learning the Frida framework for Android exploitation and reverse engineering.

Clair is a static analysis tool for scanning container images and identifying vulnerabilities.

This repository provides a collection of Windows kernel exploit samples for penetration testing and security research.

An open-source, stateless password manager that prioritizes privacy and self-hosting.

A step-by-step tutorial on fuzzing, a security testing technique to find vulnerabilities in software.

Advanced vulnerability scanning tool for developers using Nmap NSE scripts and Lua.

Advanced DNS filter/blocklists for privacy, security, and clean browsing.

GooFuzz is a tool to perform fuzzing with an OSINT approach, enumerating targets without leaving evidence.

This is a tool for cracking Mifare Classic RFID cards, not a developer platform for vibe coders.

A Rust-based tool for rapidly searching and hunting through Windows forensic artifacts.

This GitHub repository provides instructions to install the Metasploit Framework 6 on the Termux Android terminal emulator.

A security scanner that helps identify issues with Drupal, Silverstripe and other CMSs.

A fast, simple web crawler designed for quick discovery of endpoints and assets within a web application.

A Python script to track location with live address and accuracy using Termux on Linux platforms.

An open-source 802.11 attack tool written in Rust for security researchers and penetration testers.

Iris-web is a collaborative incident response platform for digital forensics and incident response teams.

This is a C library for offensive operations, not a developer discovery platform for vibe coders.

A comprehensive collection of reverse engineering resources and tools for multiple platforms.

A Python-based tool to suggest Windows exploits based on installed updates and patches.

A comprehensive collection of Android and iOS mobile security resources and tools for developers.

CaA - a Java tool for information gathering, analysis, and intelligence exploration for bounty hunters and security researchers.

Trojan Source is a research project that exposes invisible vulnerabilities in source code.

Metasploit module to exploit the Eternalblue-Doublepulsar vulnerability.

This Python tool detects sensitive information leaks by scanning web applications for vulnerable files.

Empire is a PowerShell and Python post-exploitation agent, not a developer discovery platform for vibe coders.

CloudGoat is a tool for deploying vulnerable AWS environments for security research and training.

A Go-based open-source tool for analyzing and detecting malware using VirusTotal-like functionality.

A DOM fuzzer built in Python that helps security researchers and developers discover vulnerabilities in web applications.

Comprehensive scanning tool for security testing and penetration testing of websites and web applications.

AFWall+ is an open-source Android firewall app that allows users to control network access and block unwanted traffic.

This repository contains publications from the security research firm Trail of Bits, covering academic papers and conference presentations.

A powerful internal penetration testing tool suite written in Go that supports various service brute-force attacks.

A Python tool that automates the reconnaissance process to map an application's attack surface.

Captfencoder is an open-source suite of network security tools, including crypto, hashing, and security utilities.

This is a Chrome extension that demonstrates bypassing Widevine L3 DRM for media content.

This is a collection of hacking tools for Android, Instagram, and wifi, not a developer discovery platform.

A Python-based tool for automating WeChat mini-program penetration testing.

OnionSearch is a Python script that scrapes URLs from different .onion search engines for open-source intelligence.

A framework for creating stealthy malware droppers that bypass antivirus software

A compilation of resources from the Practical Ethical Hacking Udemy course, focused on Python-based security tools.

An open-source penetration testing framework and vulnerability exploitation tools for Spring Boot applications.

Burp extension that can bypass TLS fingerprinting, WAF, and spoof any browser for penetration testing.

A collection of Google Dorks that can be used to find vulnerable websites indexed in Google Search results.

A Python library that makes it easy to pop remote shells and leverage penetration testing tools.

Comprehensive penetration testing toolkit for web, mobile, APIs, and more, useful for security-focused developers.

A C++ project that allows hiding PowerShell scripts in plain sight to bypass security features.

P4wnP1 A.L.O.A. is a Raspberry Pi Zero W framework for penetration testing, red teaming, and physical engagements.

A curated list of awesome resources for the OSCP (Offensive Security Certified Professional) certification.

NetRipper is a PowerShell tool for penetration testing that allows smart traffic sniffing.