Trending Projects

A set of tools for creating and injecting malicious image payloads for web attacks.

A Python-based reconnaissance framework for researching and investigating Telegram.

This is a Linux kernel CVE exploit analysis tool with a debugger environment, not focused on AI coding tools.

PoC for the Zerologon vulnerability, which allows an attacker to completely compromise a Windows domain controller.

DRAKVUF Sandbox is an automated hypervisor-level malware analysis system for reverse-engineering and security research.

A Rust plugin for sudo that requires another human to approve and monitor privileged sudo sessions for compliance.

This is a Docker-based environment for reproducing and testing IoT firmware vulnerabilities.

Suricata IDS rules to detect red team and malicious behavior like CobaltStrike, MSF, Empire, etc.

An OSINT tool that helps find email addresses and potential credential leaks from social media profiles.

A DNS client that supports various encryption and anonymization protocols to bypass censorship and protect privacy.

A decentralized VPN written in Go that provides secure, privacy-preserving internet access.

A set of process injection techniques for Windows Thread Pools, primarily for security research purposes.

A PowerShell module for conducting security audits on Microsoft 365, Azure, and Azure AD resources.

A fast and powerful steganography cracking tool for security researchers and CTF participants.

A Python-based tool for batch URL collection and vulnerability scanning, useful for security research and penetration testing.

A Python library for implementing cryptographic attacks and utilities for security research and CTF challenges.

A Go tool that manipulates compiled executables to avoid detection from EDRs.

This is a stealth AirTag clone that bypasses Apple's tracking protection features, likely for nefarious purposes.

A security tool for analyzing vulnerabilities, malware, and anomalous activities in Docker images and containers.

XploitSPY is an Android monitoring tool for malicious activities and remote access.

This repository provides a suite of tools for mapping network assets, scanning ports, and extracting sensitive information from web applications.

A Python library for analyzing and securing drone systems against security vulnerabilities.

A curated list of wordlists for bruteforcing and fuzzing, useful for security researchers and pentesters.

A collection of Censys Search Queries for security research and OSINT investigations.

A cybersecurity incident response testing tool that generates tailored scenarios using LLMs and the MITRE ATT&CK framework.

A collection of useful Google Dorks for web security and bug bounty hunting.

A dictionary of common attack vectors for penetration testing, not a developer platform for AI tools.

Information Gathering tool for DNS, subdomains, ports, and directory enumeration.

A Python tool to monitor GitHub for new CVEs, security updates, and more, with multi-channel notifications.

This is a Python-based tool for hosting PlayStation 4 exploits, not a developer discovery platform for vibe coders.

A fully interactive reverse shell for Windows, allowing remote access and control.

A Python tool for scanning IP and domain names to find weakly protected internal systems.

A collection of tools for iOS penetration testing and security research.

This is an open-source tool for detecting app hardening features in APK files, supporting over 40 vendors.

This GitHub repository provides a Docker environment for testing various versions of the FastJson library for vulnerabilities and exploitation techniques.

Subdomain enumeration tool written in Go, with fast asynchronous DNS scanning to find subdomains for bug bounty hunting.

A Python library for tracking the history of USB events on GNU/Linux for forensic and security purposes.

This Python-based backdoor uses Gmail to exfiltrate data and track user activity for red team engagements.

Key and Lock Decoding Tools for developers interested in cryptography and security.

An open-source Go library that uncovers unexpected SSH server exposures and vulnerabilities.

This is a C library for offensive operations, not a developer discovery platform for vibe coders.

This is an advanced remote access trojan (RAT) written in Python that can be controlled through Discord.

A Splunk app that guides threat hunting by mapping security telemetry to the MITRE ATT&CK framework.

OWASP Joomla Vulnerability Scanner, a security tool for scanning Joomla websites for vulnerabilities.

A PowerShell tool for dominating Active Directory through lateral movement, credential theft, and more.

A post-quantum cryptography library written in C for key exchange and encryption.

Python script for brute force hacking of Gmail accounts, not suitable for vibe coder tools.

Transmission block list repository to help developers protect their systems from malicious IP addresses.

A fast emergency response tool for supply chain vulnerability scanning and port scanning

This is an IPv6 attack toolkit for penetration testing and security research.