Trending Projects

macOS security and privacy guide for developers

Open Source Cloud Native Application Protection Platform (CNAPP) for securing cloud-native applications

A toolkit for reverse engineering and malware analysis on Windows systems.

iOS jailbreak tool for security research and system-level experimentation on iOS 15-16

A knowledge base for security research, hacking, and blockchain-related topics.

A comprehensive guide to Capture The Flag (CTF) competitions for security and hacking enthusiasts.

This repository provides a cheat sheet for web application security attacks and techniques.

A collection of awesome resources related to the Cobalt Strike security tool for red team activities.

Course materials for Malware Analysis, focused on reverse engineering and understanding malicious software.

A collection of security testing tools and payloads for web application penetration testing.

Unicorn is a tool for using a PowerShell downgrade attack and injecting shellcode into memory.

Automation tools for internal Windows penetration testing and Active Directory security research.

Blokada is an open-source ad blocker and VPN app for Android and iOS that provides privacy and security features.

A tool to find the origin servers of websites behind Cloudflare using Censys internet-wide scan data.

This is a collection of malware samples, not a tool for vibe coders.

This GitHub repository contains tools and resources for red team and blue team security research and penetration testing.

An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network.

This is a hardware backdoor research project for x86 CPUs, not a developer discovery platform focused on vibe coders.

A comprehensive tool for exploiting Shiro deserialization vulnerabilities, including command execution and memory shell injection.

This repository is focused on learning hacking, penetration testing, and reverse engineering using Kali Linux.

A subdomain takeover tool for attackers, bug bounty hunters, and security teams to detect and mitigate security vulnerabilities.

This repository contains decrypted content from the Equation Group, a suspected NSA hacking group.

An Android plugin tool that automatically encrypts strings in the bytecode to protect app source code.

pwncat is a powerful penetration testing tool that offers advanced features like firewall and IDS/IPS evasion, bind and reverse shell, and port forwarding.

A Python library for pwning IPv4 networks via IPv6 for security research and penetration testing.

This Python repository provides a suite of online tools for security scanning, including CMS identification, information leakage, and port scanning.

A Python script for checking Linux privilege escalation vulnerabilities for security testing.

An open-source OWASP-based web application security testing checklist to help track completed and pending test cases.

Linux/Windows post-exploitation framework with advanced stealth and rootkit capabilities for penetration testing.

This is a PowerShell toolkit for security researchers and penetration testers.

This repository provides indicators of compromise from Amnesty International's cyber investigations.

A shell script that transparently encrypts files within a Git repository to securely manage secrets.

This is a collection of detailed tutorials on using various VPN/proxy services like Shadowsocket, V2Ray, and Trojan for secure internet access.

Advanced dork Search & Mass Exploit Scanner for security testing and vulnerability discovery.

A collection of incident response playbooks mapped to MITRE ATT&CK tactics and techniques.

An open-source Java-based network intrusion detection and response system for visibility and security.

A tool to block Spotify ads and analytics on Linux, macOS, and Windows using the hosts file.

A minimal and effective Wi-Fi, BLE, and 2.4 GHz band jammer written in C.

Peirates is a Kubernetes Penetration Testing tool written in Go for security research and vulnerability assessment.

This is a semi-automated, no-bs version of the public exploit code for MS17-010 vulnerability.

A Go-based wordlist framework for security researchers, bug bounty hunters, and hackers.

A Python tool for black-box regex fuzzing to bypass validations and discover normalizations in web apps.

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

This repository provides a tool for generating various types of webshells that are difficult to detect.

A refactored and improved password spraying tool that uses FireProx APIs to stay anonymous and beat throttling.

A set of process injection techniques for Windows Thread Pools, primarily for security research purposes.

A curated list of amazing Homomorphic Encryption libraries, software and resources for developers.

Websploit is a high-level MITM (Man-in-the-Middle) framework written in Python for network penetration testing.

A collection of Censys Search Queries for security research and OSINT investigations.

This Python-based backdoor uses Gmail to exfiltrate data and track user activity for red team engagements.