Trending Projects

A collection of Azure security resources and notes for security researchers and penetration testers.

This C# project demonstrates an attack technique to retrieve NTLM hashes without touching LSASS.

This Python library provides a comprehensive set of tools for penetration testing and offensive security.

Splunk Security Content is a Python library for cybersecurity detection and response engineering.

Cortex is a powerful open-source engine for observable analysis and active incident response.

An anti-DDoS Lua script for Nginx to protect web servers from various attack types using a JavaScript-based authentication puzzle.

A shell script tool to send anonymous SMS messages, useful for developers who need to test SMS functionality.

This is a cheatsheet for pentesting and cybersecurity, not a developer discovery platform for vibe coders.

A collection of PowerShell functions for hackers and penetration testers.

A Firefox extension to protect users from browser fingerprinting.

A powerful Python tool to analyze PDF documents, useful for security researchers and developers.

This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.

EgeBalci/amber is a reflective PE packer written in Go, useful for security researchers and penetration testers.

r2frida combines the static and dynamic analysis capabilities of Radare2 and Frida for Android and iOS security assessments.

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with an optimized, hardened, and debloated script.

This repository provides resources and guidance for entry-level cybersecurity job seekers to build their skills.

A reverse shell written in Go that allows remote access and control over an SSH connection.

A multi-threaded PDF password cracking utility with password format builders and dictionary attacks.

A C# application that exploits user edit rights on Group Policy Objects to compromise controlled objects.

This is a shell script for attacking wireless connections using Kali Linux tools.

A utility for detecting phishing domains targeting Web3 users, built with TypeScript.

A mobile tool for Android, iOS, and HarmonyOS developers focused on app analysis, vulnerability discovery, and penetration testing.

This is a repository of digital forensics artifacts, not a developer discovery platform focused on AI coding tools.

OWASP Joomla Vulnerability Scanner, a security tool for scanning Joomla websites for vulnerabilities.

A Go-based CLI tool for testing web cache poisoning vulnerabilities.

This repository provides a comprehensive summary of the Certified Ethical Hacker (CEH) certification in bullet points.

A Python tool that automatically collects Proof of Concept (POC) or Exploit (EXP) from GitHub based on CVE IDs.

This repository provides a tool for remotely accessing webcams, which can be used for malicious purposes.

This project is a Remote Access Trojan (RAT) that provides full remote command-line access, allowing for the download and execution of programs, and the spreading of viruses and malware.

A toolkit for reverse engineering and malware analysis on Windows systems.

Curated list of VPN/proxy services (shadowsocks, trojan, v2ray) for circumventing network restrictions.

A comprehensive security scanner written in Go, supporting port scanning, protocol detection, fingerprinting, and brute-force attacks.

A free online security knowledge library for pentesters and researchers.

A pure Python implementation of Mimikatz, a popular Windows credential theft tool.

A fast and efficient security scanner for websites built with JavaScript module bundlers like Webpack.

Smap is a drop-in replacement for Nmap that uses Shodan.io to scan and discover devices on a network.

A Rust library for offensive security and red team engagements.

An open-source password manager with end-to-end encryption and progressive web app capabilities.

A software sandbox for secure storage of sensitive information in memory, built using Go.

This is a PHP webshell with handy features, not a developer discovery platform for vibe coders.

A comprehensive library of cybersecurity resources for developers and security professionals.

This is an evil RAT (Remote Administration Tool) for macOS / OS X, built with Python.

A curated list of awesome cloud security resources for developers and security professionals

A curated list of resources for Identity and Access Management knowledge in cloud platforms

linWinPwn is a bash script that streamlines the use of Active Directory security tools for penetration testing.

A Java security-focused repository with notes and resources for Java developers.

A tool for AV/EDR evasion via direct system calls, focused on assembly programming.

This repository contains a C# library for abusing Active Directory certificate functionality.

A curated list of security resources and tools for developers and security professionals.

This repository provides advanced Red Team techniques and offensive malware focused on the Rust programming language.