Trending Projects

An IIS short filename enumeration tool for security audits and penetration testing.

A curated collection of awesome PHP security resources for developers.

A fully customizable Windows-based pentesting virtual machine distribution for security professionals.

A Python library for detecting homograph phishing attacks, typo squatting, and brand impersonation through domain name permutation.

A comprehensive penetration testing reference bank for OSCP/PTP & PTX certification preparation.

BlueDucky is a Python implementation of a security vulnerability (CVE-2023-45866) that allows unauthenticated code execution using a HID keyboard.

This C-based library helps developers discover and exploit buffer overflow vulnerabilities.

Curated list of awesome security resources for security operations, threat hunting, and incident response

Legion is an automatic enumeration tool based on open-source tools for security professionals and pentesters.

An automated email OSINT tool for gathering information about email addresses and associated accounts.

This repository contains a Linux eBPF backdoor over TCP, allowing remote access and exploitation.

This repository provides tools and configurations for accessing censorship-circumvention services like Shadowsocks, Clash, and Trojan.

CaA - a Java tool for information gathering, analysis, and intelligence exploration for bounty hunters and security researchers.

A compilation of commands, tips, and scripts for penetration testing and security research.

GhostNet is an open-source, privacy-focused network tool for secure communication and anonymous web browsing.

An open-source collection of security products such as IDS, IPS, WAF, and honeypots.

This is a collection of password wordlists sorted by probability, useful for password generation and testing.

A library of PHP unserialize() payloads and a tool to generate them programmatically.

OSCP cheatsheet for penetration testing and offensive security

CloudGoat is a tool for deploying vulnerable AWS environments for security research and training.

This repository contains a collection of exploits and proof-of-concept code for various CMS, platforms, and software vulnerabilities.

ARL (Asset Reconnaissance Lighthouse) is a security tool for quickly investigating and building an asset information library for penetration testing and vulnerability assessment.

This GitHub repository contains tools to exploit and hack Windows systems, primarily through PowerShell scripts.

A collection of helpful preload libraries for security research and penetration testing.

A reverse shell written in Go that allows remote access and control over an SSH connection.

A passive sniffing tool for capturing and visualizing WiFi location data disclosed by iOS devices.

A password cracking tool for Windows that can bypass authentication without privileges

A comprehensive collection of Android and iOS mobile security resources and tools for developers.

Pentest Report Generator is an open-source tool for security professionals to generate professional penetration testing reports.

A tool to dump a git repository from a website, useful for security researchers and developers.

A curated list of awesome cybersecurity resources, tools, and learning materials.

A comprehensive guide to privacy settings for popular software and services.

A collection of SaaS attack techniques to help defenders understand the threats they face.

A collection of CTF (Capture The Flag) challenges and resources for security researchers and developers.

This Python project generates Gmail keyloggers for Windows, primarily used for penetration testing.

BloodHound-Legacy is a PowerShell tool for discovering paths to domain admin in Active Directory environments.

A Python library for web fuzzing and parameter discovery, useful for pentesting and security research.

A step-by-step tutorial on fuzzing, a security testing technique to find vulnerabilities in software.

A collection of cybersecurity handbooks and resources for security professionals and CTF players.

A high-performance, comprehensive credentials bruteforcing and enumeration tool for security research.

A curated list of awesome security hardening techniques for Windows.

Crowbar is a Python-based brute forcing tool for penetration testing, supporting protocols not covered by other tools.

Peirates is a Kubernetes Penetration Testing tool written in Go for security research and vulnerability assessment.

A Go utility to generate malicious network traffic patterns for security testing and evaluation.

This is a semi-automated, no-bs version of the public exploit code for MS17-010 vulnerability.

This is a hacking tool that can track a user's location, capture their picture, and collect device information.

A collection of Windows 11 security hardening and configuration recommendations.

A PowerShell script anti-virus evasion tool for penetration testing and red team activities.

A web security testing platform built with PHP for discovering and testing web vulnerabilities.

A Python script that finds endpoints in JavaScript files for security and information gathering purposes.