Trending Projects

An open-source security guide covering security standards, frameworks, threat models, encryption, and benchmarks.

A Python script for detecting Windows systems infected with the DOUBLEPULSAR malware implant.

This repository provides a collection of Windows kernel exploit samples for penetration testing and security research.

NullArray/AutoSploit is an automated mass exploiter tool for penetration testing and security research.

Conceal provides easy Android APIs for performing fast encryption and authentication of data.

APKiD is a tool for identifying Android apps that have been packed, obfuscated, or secured using various techniques.

Nym is a decentralized, privacy-preserving network that enables anonymous transactions and strong network-level privacy.

This repository contains miscellaneous exploit code for security researchers and penetration testers.

A tool to spoof TLS/JA3 fingerprints in Go and JavaScript for bypassing security measures.

This project allows you to create up to a thousand WiFi access points with custom SSIDs, useful for security testing.

This GitHub repository contains a collection of security-related resources for developers.

A collection of Kali Linux tools for information gathering, penetration testing, and wireless security.

This repository provides a suite of tools for mapping network assets, scanning ports, and extracting sensitive information from web applications.

This repository contains a collection of kernel exploits, likely not relevant for vibe coders.

This repository contains resources and tools for analyzing Virtual Machine Protection (VMP) obfuscation techniques.

A utility to find AES keys in running processes, useful for security research and testing.

A collection of web attack payloads for security research and penetration testing.

Linux enumeration tool for penetration testing and CTFs with multiple verbosity levels.

A small, fast, portable TLS/SSL implementation for embedded devices to the cloud.

A Python tool that can discover hidden IP addresses behind Cloudflare using misconfigured DNS and old database records.

A collection of CTF challenge files and scripts for security researchers and penetration testers.

An OSINT framework and package manager for security researchers and bug bounty hunters.

A curated list of cybersecurity datasets for security researchers and machine learning practitioners.

This is a Windows kernel and user mode emulation library for malware analysis, not a vibe coder tool.

A Python-based tool for automating WeChat mini-program penetration testing.

A comprehensive guide for cybersecurity professionals preparing for job interviews.

A Python-based web vulnerability scanner for developers to identify and mitigate security risks.

A Python library that declutters URL lists for web crawling and penetration testing tasks.

A subdomain takeover vulnerability checker tool written in Go for bug bounty hunting and security research.

A C++ tool for post-exploitation and malware bypassing antivirus/EDR solutions.

This is a semi-automated, no-bs version of the public exploit code for MS17-010 vulnerability.

A Nuclei plugin for Burp Suite, a popular web application security testing tool.

A Python script that automatically cracks Jinja2 SSTI vulnerabilities to bypass WAF, designed for CTF challenges.

A Splunk app that guides threat hunting by mapping security telemetry to the MITRE ATT&CK framework.

An open-source CMS scanner that automates detection of security flaws in popular CMS platforms.

Streamline your security workflows with this automated pentest reporting tool with custom templates and project tracking.

This repository contains the original proof-of-concepts for the React2Shell CVE-2025-55182 vulnerability.

A curated list of awesome infosec courses and training resources for security professionals.

A cheat sheet for mobile app penetration testing covering Android, iOS, network analysis, and more.

P4wnP1 A.L.O.A. is a Raspberry Pi Zero W framework for penetration testing, red teaming, and physical engagements.

A comprehensive collection of awesome resources and modules for the Flipper Zero device, focused on security tools and penetration testing.

A collection of Beacon Object Files (BOFs) for situational awareness tasks on compromised systems.

A Python tool that scans for misconfigurations in Cross-Origin Resource Sharing (CORS) policies.

A collection of common vulnerabilities found in iOS applications to help secure iOS app development.

A large open-source database for detecting secrets, API keys, passwords, and more, useful for security-focused vibe coders.

A GUI framework for the Nuclei vulnerability PoC scanner, allowing quick PoC searches and one-click Nuclei runs.

DRAKVUF Sandbox is an automated hypervisor-level malware analysis system for reverse-engineering and security research.

Suricata IDS rules to detect red team and malicious behavior like CobaltStrike, MSF, Empire, etc.

A virtual machine for assessing Android applications, reverse engineering, and malware analysis.

This is a collection of OSINT and penetration testing tools for security researchers and red teams.