Trending Projects

Powerful and extensible proxy server with anti-censorship functionality for Android devices

A repository that provides tips and tricks for pwn (binary exploitation) in CTF challenges.

A comprehensive guide for cybersecurity professionals preparing for job interviews.

A Python library that protects against fake shops, ads, tracking, and other internet attacks.

A privilege escalation tool for Windows domains where LDAP signing is not enforced.

This repository contains research code and papers from members of the vx-underground community, focused on malware development and research.

An open-source security guide covering security standards, frameworks, threat models, encryption, and benchmarks.

This is a fork of the Reaver WPS (Wi-Fi Protected Setup) tool for security research and testing.

An open-source OWASP-based web application security testing checklist to help track completed and pending test cases.

An offline Wi-Fi Protected Setup brute-force utility for security researchers and penetration testers.

Cortex is a powerful open-source engine for observable analysis and active incident response.

PowerShell tools for exploiting MachineAccountQuota and DNS vulnerabilities.

This is a stealth AirTag clone that bypasses Apple's tracking protection features, likely for nefarious purposes.

A Swift obfuscator that protects iOS apps against reverse engineering attacks.

A Python-based tool for performing brute-force attacks on passwords, with a focus on security research.

A GUI tool for macOS that allows users to spoof their MAC address at the link layer.

Autorize is an extension for Burp Suite that automates authorization enforcement detection to ease security testing.

Hackazon is a modern vulnerable web app for security research and training purposes.

A collection of leaked credentials for security research and password security testing.

A tool for AV/EDR evasion via direct system calls, focused on assembly programming.

An interactive cheat sheet of offensive security tools and commands for Windows/AD environments.

Pilot program for submitting CVE records through GitHub, ending on 6/30/2023.

Anubis is a subdomain enumeration and information gathering tool for security professionals.

A fast and powerful steganography cracking tool for security researchers and CTF participants.

A detailed roadmap for learning hacking and penetration testing skills, including cybersecurity certifications.

A tool that exploits locked/password protected computers over USB, drops a persistent backdoor, and siphons cookies.

A collection of exploit scripts for vulnerabilities in various web applications and frameworks.

A tool to test and exploit JNDI Injection vulnerabilities in Java applications.

A reverse shell microservice that can be used for security testing and pentesting purposes.

A Python-based tool for automating WeChat mini-program penetration testing.

A tool to block Spotify ads and analytics on Linux, macOS, and Windows using the hosts file.

A collection of tools that integrate with Cobalt Strike for advanced C2 framework development.

This repository provides a cheatsheet for the Cobalt Strike penetration testing framework, useful for red team operations.

A Python tool for sending phishing messages and attachments to Microsoft Teams users.

ArcherySec is an open-source vulnerability management and security testing platform for DevSecOps teams.

A Chrome extension that turns victim browsers into HTTP proxies, allowing you to browse as them.

This C# project demonstrates an attack technique to retrieve NTLM hashes without touching LSASS.

Generates millions of password mutations in seconds for penetration testing and security research.

Transmission block list repository to help developers protect their systems from malicious IP addresses.

ReconDog is a Python-based reconnaissance tool for information gathering and vulnerability detection.

This repository is a collection of malware samples gathered from honeypots, useful for malware analysis.

A collection of security POCs and exploits maintained by the Baize Sec security team.

EgeBalci/amber is a reflective PE packer written in Go, useful for security researchers and penetration testers.

enum4Linux is a Linux tool for enumerating data from Windows and Samba hosts.

This Python project generates professional phishing emails for social engineering and hacking purposes.

Guidelines for developing secure and efficient low-level cryptography software

A C-based Beacon Object File (BOF) for use in remote operations on compromised systems.

A full-featured C2 framework for silently persisting on webservers with a single-line PHP backdoor.

A Go-based wordlist framework for security researchers, bug bounty hunters, and hackers.

A utility for detecting phishing domains targeting Web3 users, built with TypeScript.