Trending Projects

A C# library for detecting the presence of malicious strings in .NET applications.

A comprehensive resource for cybersecurity professionals, containing tools used by various ransomware gangs.

This repository contains learning notes about Android security, not a developer platform focused on vibe coders.

cwe_checker finds vulnerable patterns in binary executables, helping developers identify and fix security issues.

A curated list of resources for vulnerability research and exploit development.

DecryptTools is a comprehensive tool for decryption tasks, likely useful for security researchers and developers.

A modern 32/64-bit position independent implant template for security researchers and penetration testers.

A toolkit for auditing and exploiting Cross-Site Request Forgery (CSRF) vulnerabilities in web applications.

A utility for detecting phishing domains targeting Web3 users, built with TypeScript.

Secator is a powerful security and pentesting tool that provides a comprehensive set of automation and reconnaissance capabilities.

This repository contains the public open-source code of the malware Stuxnet, also known as MyRTUs.

A fast emergency response tool for supply chain vulnerability scanning and port scanning

A comprehensive collection of techniques and examples for manually obfuscating PowerShell scripts to evade antivirus detection.

A tool that helps developers easily trace classes, functions, and modify method return values on iOS platforms.

A vulnerable server used for learning software exploitation, written in C.

An advanced in-memory evasion technique for encrypting and decrypting shellcode contents.

A password manager that uses the age encryption standard as a backend, providing a secure and modern alternative to password-store.

An idiomatic nmap library for Go developers to perform network mapping and analysis.

A collection of cool tools and resources for mobile hackers and bug hunters.

This repository contains the original proof-of-concepts for the React2Shell CVE-2025-55182 vulnerability.

A handbook for securing your cryptocurrency against the 'dark forest' of blockchain threats.

A scalable fuzzing infrastructure to find vulnerabilities and improve software stability.

This repository provides a collection of deals and discounts for InfoSec-related software and tools during the Black Friday season.

A free online security knowledge library for pentesters and researchers.

A fast sub-domain brute tool for penetration testers and security researchers.

The vanhoefm/krackattacks-scripts repository contains scripts related to the KRACK attack on WPA2 wireless protocols.

This repository contains penetration testing reports, documents, and security books, primarily written in Python.

A daily updated composer exclusion list for security vulnerabilities in PHP projects.

A Wi-Fi penetration testing framework for security researchers and ethical hackers.

A collection of tools, scripts, and resources for OSCP (Offensive Security Certified Professional) preparation and penetration testing.

A toolset to simulate an APT attack on a system, useful for security testing and research.

This is an open-source EDR (Endpoint Detection and Response) repository, not a developer discovery platform for vibe coders.

A comprehensive collection of hardening settings and scripts for securing Windows systems.

A Swift obfuscator that protects iOS apps against reverse engineering attacks.

An open-source OSINT tool for finding profiles by username across various social media platforms.

This is a repository of penetration testing tools for security researchers and developers.

This shell script simplifies the process of adding a backdoor to any Android APK file for educational purposes.

ESLint plugin that provides security-related linting rules for Node.js projects

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR.

This is a collection of tools and resources for developers to bypass internet censorship and access restricted content.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

This is a tool to bypass passwords on Windows and Linux systems from a bootable USB, not a developer discovery platform.

A Perl script that exploits NAT Slipstreaming to bypass victim's firewall and access services on their machine.

An open-source threat intelligence platform for cybersecurity professionals and researchers.

This repository contains a C# library for abusing Active Directory certificate functionality.

This is a fork of the Reaver WPS (Wi-Fi Protected Setup) tool for security research and testing.

A modified version of the captcha-killer tool, supporting base64-encoded image keyword recognition and using a free OCR library for captcha brute-forcing, compatible with the latest Burp Suite.

A vulnerability scanner that automatically runs 30+ tools on a target, supporting web, system, subdomain, directory, and more scanning.

A Go-based tool that can bypass 40X/HTTP errors by tampering with HTTP requests, headers, and credentials.

This repository provides a curated list of tutorials and resources for hacking online games.