Trending Projects

This shell script simplifies the process of adding a backdoor to any Android APK file for educational purposes.

A Suricata-based network detection and response (NDR) distribution for security monitoring and threat hunting.

A collection of tools to perform advanced searches on GitHub for security research and bug bounty.

A tool to dump cookies and credentials directly from Chrome/Edge process memory.

A cloud security posture management (CSPM) tool that helps developers secure their cloud infrastructure.

Security Onion is a Linux distribution for threat hunting, enterprise security monitoring, and log management.

APKiD is a tool for identifying Android apps that have been packed, obfuscated, or secured using various techniques.

A collection of PowerShell functions for hackers and penetration testers.

A powerful penetration testing tool for LLMNR, NBT-NS and MDNS poisoning with rogue authentication servers.

Easy-to-follow tutorials for beginners on using Shadowsocks to bypass internet restrictions.

A curated list of resources for Identity and Access Management knowledge in cloud platforms

This is a Windows kernel and user mode emulation library for malware analysis, not a vibe coder tool.

This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.

This GitHub repository is a collection of penetration testing resources, tools, and other related materials.

Sudomy is a subdomain enumeration tool for bug hunting and pentesting, providing automated reconnaissance.

This repository contains resources and examples related to Linux rootkits, which are malicious software designed to gain unauthorized access to a system.

Secator is a powerful security and pentesting tool that provides a comprehensive set of automation and reconnaissance capabilities.

This is an advanced remote access trojan (RAT) written in Python that can be controlled through Discord.

This is an open-source tool for performing various types of spam and DDoS attacks, primarily targeting Discord, email, and SMS.

This is a Java security repository focused on secure coding and code auditing.

A virtual machine for CTF competitions, with multiple versions and systems to choose from for an out-of-the-box experience.

An open-source adversary emulation platform for security professionals to assess system vulnerabilities.

This Python library provides a dictionary for brute-force attacks, a common technique used in cybersecurity.

Iris-web is a collaborative incident response platform for digital forensics and incident response teams.

This Java-based tool is a collection of vulnerability detection utilities, not focused on AI coding tools.

This project is a Remote Access Trojan (RAT) that provides full remote command-line access, allowing for the download and execution of programs, and the spreading of viruses and malware.

A platform for exploiting Java vulnerabilities, including deserialization, JNDI, and Log4j RCE.

A Go-based toolkit for building phishing campaigns and C2 infrastructure.

A curated list of OSX and iOS related security tools for developers and security professionals.

This repository contains miscellaneous exploit code for security researchers and penetration testers.

A simple yet powerful IOC and YARA scanner for security analysis and threat hunting.

A Python-based tool to search and analyze known vulnerabilities in software systems.

This repository provides practical examples of malicious software in Python for educational purposes.

This repository contains malicious functionality to aid in malware development, which is not suitable for developer discovery.

A high-performance, comprehensive credentials bruteforcing and enumeration tool for security research.

This GitHub repository is focused on Awesome-Red-Team-Operations, which is related to cybersecurity and penetration testing.

Single Packet Authorization (SPA) firewall tool that provides an alternative to traditional port-knocking.

Hemmelig is an encrypted secrets management tool that keeps sensitive information secure in chat logs, emails, and more.

Collection of vulnerable PHP code snippets for security research and bug bounty hunting.

A modular sysmon configuration repository for security monitoring and threat hunting.

A Python tool that can discover hidden IP addresses behind Cloudflare using misconfigured DNS and old database records.

This repository is a list of Android Remote Access Trojans, not a developer discovery platform for vibe coders.

A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken.

An awesome curated list of vulnerable web applications for security researchers and bug bounty hunters.

A C++ project that allows hiding PowerShell scripts in plain sight to bypass security features.

A comprehensive collection of 170+ penetration testing and red teaming tools, scripts, and resources for security professionals.

This is a penetration testing guide based on OWASP, including test cases, resources, and examples.

A comprehensive tool for exploiting Shiro deserialization vulnerabilities, including command execution and memory shell injection.

A set of tools to convert network capture files to hash files for use with password cracking tools.

A curated list of resources related to executable packing, useful for malware analysis and security research.