Trending Projects

This is a repository for Twitch livestreams by a Turkish security researcher and penetration tester.

Original C implementation of the Hell's Gate VX technique, a security research project.

A curated list of awesome resources and tools for information security professionals.

Lightweight certificate transparency log monitor for monitoring SSL/TLS certificates.

This is a kernel exploit for the PS Vita on firmwares 3.65-3.68, allowing for jailbreaking and hacking capabilities.

A cross-platform honeypot web server designed to punish and deter unruly HTTP bots and spammers.

A list of DNS providers and how to claim vulnerable domains for bug bounty and security research.

This Shell repository appears to be a tool for Android malware development, not a developer discovery platform.

This Go-based stealth redirector helps red team operations by providing OPSEC for C2 infrastructure.

A C/C++ source obfuscator for bypassing antivirus detection, not a developer discovery platform for vibe coders.

A vulnerable iOS app to help mobile security enthusiasts and professionals test their penetration testing skills.

Open-source database for managing vulnerability disclosure and bug bounty programs

An open-source security guide covering security standards, frameworks, threat models, encryption, and benchmarks.

SharPyShell is a tiny and obfuscated ASP.NET webshell for C# web applications.

DumpsterDiver is a Python tool to search for secrets in various file types.

An initial access and post-exploitation tool for AAD and O365 with a browser-based GUI

EZ is a cross-platform vulnerability scanner that combines information gathering, port scanning, service brute-forcing, URL crawling, and fingerprinting.

A collection of paths linked to sensitive APIs, devops internals, and known misconfigurations for web content discovery and security research.

A security tool for evading memory scanners used in Cobalt Strike UDRL attacks.

A comprehensive list of privacy-focused alternatives to Google products.

The Exploit Database is a collection of publicly disclosed cybersecurity vulnerabilities and exploits.

Boundary enables identity-based access management for dynamic infrastructure.

A Python-based information gathering automation tool for security researchers and penetration testers.

This repository contains a vulnerability scanner and rapid response system for enterprise networks.

A curated list of CVE PoCs, a useful resource for security researchers and penetration testers.

An NSE script that leverages the Vulners.com API to provide vulnerability information for Nmap scans.

KeyDecoder is a mobile app that lets you quickly decode mechanical keys using your smartphone's camera.

A comprehensive cheat sheet for understanding and mitigating Java Deserialization vulnerabilities.

This is a deprecated WiFi hacking tool that can be used for man-in-the-middle attacks and network sniffing.

A tool to test and exploit JNDI Injection vulnerabilities in Java applications.

A Python library that provides various UAC bypass, elevation, and persistence methods for Windows.

A C# research tool that identifies the bytes that Microsoft Defender flags on, useful for security researchers and developers working on evasion techniques.

This repository generates a CobaltStrike cross-platform payload for red team activities.

A secure clipboard sharing tool that allows copying and pasting anything over the network.

A fast and efficient subdomain brute-forcing tool written in Go for security testing and penetration testing.

PowerTools is a collection of PowerShell projects focused on offensive operations.

An opinionated security and code quality standard for Solidity smart contracts.

w13scan is a passive security scanner that can detect vulnerabilities in web applications.

This GitHub repository is a list of recent data breaches and supply chain attacks, not a developer tool.

ADRecon is a tool for gathering information about Active Directory and generating a report on its current state.

A cryptography library for .NET that provides cryptographic primitives and algorithms.

A Go-based open-source tool for analyzing and detecting malware using VirusTotal-like functionality.

PcapXray is a network forensics tool that visualizes packet capture data as a network diagram, enabling device identification and important communication analysis.

A repository providing a list of the top 25 vulnerability parameters for security researchers and bug bounty hunters.

Exploit Database repository for security researchers and penetration testers.

Windows event log killer used for red team operations and penetration testing.

A command-line tool to quickly search and find exploits in local and online databases for penetration testing.

Local privilege escalation tool for Windows that can be used for security research and penetration testing.

Phishing catcher tool that uses Certificate Transparency to detect and report suspicious SSL/TLS certificates.

An open-source USB Rubber Ducky project that can be used for pen-testing and security research.