Trending Projects

A tool for creating vulnerable environments to simulate attacks and collect data into Splunk for security research and detection.

The OWASP MASVS is the industry standard for mobile app security verification and testing.

This repository provides a curated list of tutorials and resources for hacking online games.

A shell script tool to send anonymous SMS messages, useful for developers who need to test SMS functionality.

A comprehensive list of open-source tools for AWS security, including defensive, offensive, auditing, and incident response capabilities.

Easily identify emails, IP addresses, and more from text or PCAP files with this cybersecurity-focused Python library.

This repository provides practical examples of malicious software in Python for educational purposes.

A customizable Java in-memory webshell generation tool for security research and testing.

This repository provides advanced Red Team techniques and offensive malware focused on the Rust programming language.

This is an open-source tool for performing various types of spam and DDoS attacks, primarily targeting Discord, email, and SMS.

A modular penetration testing framework written in Python for security researchers and hackers.

A tool to simulate application layer DoS attacks for security testing and performance analysis.

A Python tool to extract one-time password (OTP) secrets from QR codes exported by 2FA apps like Google Authenticator.

An open-source OSINT tool for recon and security research without API keys

An automatic framework to detect, exploit and report XSS vulnerabilities in web applications.

A post-quantum cryptography library written in C for key exchange and encryption.

A collection of historical vulnerability analyses for the ThinkPHP framework.

A comprehensive network reconnaissance and analysis tool for security professionals and network engineers

A Java tool for exploiting JNDI-based attacks and ysoserial payloads for web security testing.

This is a collection of OSINT and penetration testing tools for security researchers and red teams.

A simple remote control tool in C# for red team and security research purposes.

Analysis of bot protection systems and techniques to bypass browser fingerprinting for web scraping.

A collection of web attack payloads for security research and penetration testing.

Fort Firewall for Windows bandwidth limiting

Elkeid is an open-source security solution for hosts, containers, K8s, and serverless workloads.

A collection of attack scenarios and mitigations for Microsoft Entra ID (Azure Active Directory).

Privacy-respecting web frontends for popular services like Reddit, Twitter, and YouTube.

This repository provides indicators of compromise from Amnesty International's cyber investigations.

A Python library that provides AV/EDR evasion capabilities via direct system calls for vibe coders.

This Python tool allows searching for sensitive files across network SMB shares using regex-based filename and content matching.

AI-powered penetration testing CLI using Gemini & LangChain for automated security workflows

An open-source security scanner tool for penetration testing and vulnerability detection with a focus on automation and extensibility.

A Go-based tool for checking if a website is vulnerable to the Heartbleed OpenSSL bug (CVE-2014-0160).

Malcolm is a powerful network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.

This is a collection of hacking and cybersecurity-related books, not a developer tool platform.

An open-sourced remote vulnerability PoC/EXP framework for penetration testing and security research.

A framework for rapid prototyping of custom C2 channels, with integration to existing offensive toolkits.

A privilege escalation tool for Windows domains where LDAP signing is not enforced.

This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.

A Burp Suite plugin that enables custom data processing like encryption/decryption and brute-force attacks.

A tool for port forwarding and intranet proxy, useful for penetration testing and network troubleshooting.

This repository contains information and resources related to IT security that developers may find useful.

A cryptography-powered, open-source toolkit for Zero Trust security in AI-driven infrastructure and applications.

Automatic Linux privilege escalation tool that exploits common vulnerabilities and misconfigurations.

P4wnP1 is a highly customizable USB attack platform based on a Raspberry Pi Zero or Raspberry Pi Zero W.

This is a penetration testing guide based on OWASP, including test cases, resources, and examples.

A powerful framework for rogue access point attacks, focused on security research and penetration testing.

A set of tools to convert network capture files to hash files for use with password cracking tools.

A Raspberry Pi-based toolkit for WiFi hacking and penetration testing.

Secure and firewall-agnostic networking library for building hacking and networking tools.