Trending Projects

A Python-based YARA rule generator for malware analysis and research.

An open-source tool for performing security assessments on Oracle databases.

An open-source web crawler and spider tool for detecting cross-site scripting (XSS) vulnerabilities.

A collection of cybersecurity and incident response notes for blue team professionals.

A Python-based tool to bypass the Great Firewall of China's TLS SNI detection.

An open-source penetration testing tool for scanning and exploiting internal networks in Windows, Linux, and Mac environments.

A curated list of blockchain security CTF competitions for developers to improve their security skills.

This is a repository containing notes on penetration testing, not a developer discovery platform.

Malleable C2 is a domain-specific language to redefine indicators in Beacon's communication for Cobalt Strike.

GooFuzz is a tool to perform fuzzing with an OSINT approach, enumerating targets without leaving evidence.

VECTR is a tool that helps track red and blue team testing activities to measure detection and prevention capabilities.

This is a leaked repository of the Zeus trojan horse malware, not for actual use.

A comprehensive penetration testing framework with a variety of cybersecurity resources for security professionals.

A Burp Suite extension to find potential endpoints, parameters, and generate a custom target wordlist

A collection of tools to perform advanced searches on GitHub for security research and bug bounty.

A pentest reporting tool written in Python to free developers from Microsoft Word.

GUAC aggregates software security metadata into a high fidelity graph database.

GlobaLeaks is a secure and open-source whistleblowing platform for anyone to set up and maintain.

FiercePhish is a full-fledged phishing framework to manage phishing engagements and campaigns.

A Python tool to check if a website is blocked by a Russian ISP using deep packet inspection and DNS checks.

Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.

A framework for enumerating, spraying, exfiltrating, and backdooring Office 365 accounts, not for AI vibe coders.

MouseJack is a security research tool focused on discovering and analyzing vulnerabilities in wireless mice and keyboards.

A collection of security-focused tools and projects for developers working on security-related tasks.

This Python repository provides a proof-of-concept for brute-forcing Apple ID login credentials.

This repository provides security research and tools for cracking Android app security.

A set of tools for creating and injecting malicious image payloads for web attacks.

This is a Linux kernel CVE exploit analysis tool with a debugger environment, not focused on AI coding tools.

A security solution for Kubernetes and container environments, providing runtime protection and threat detection.

A CLI tool for open source and threat intelligence, focused on providing a comprehensive OSINT framework.

This repository contains a zero-day code injection and persistence technique in C, but it is not focused on AI tools for developers.

A toolkit for creating various payloads, powershell attacks, and launching listeners for Human Interface Devices (Teensy).

Noriben is a portable, simple malware analysis sandbox written in Python.

A collection of AWS penetration testing tools and scripts for security researchers and ethical hackers.

evilginx2 is a man-in-the-middle attack framework used for phishing credentials and session cookies.

Information Gathering tool for DNS, subdomains, ports, and directory enumeration.

Proof of Concept for an advanced in-memory evasion technique to hide injected shellcode from scanners.

This repository contains a collection of kernel exploits, likely not relevant for vibe coders.

A collection of tools for iOS penetration testing and security research.

A collection of resources for penetration testing and securing Microsoft's cloud platform Azure.

Python script for brute force hacking of Gmail accounts, not suitable for vibe coder tools.

Transmission block list repository to help developers protect their systems from malicious IP addresses.

This is a tool to generate passwords using personal information, not an AI coding tool.

A shell script that creates multiple TOR instances with load balancing for secure and anonymous communication.

A proof-of-concept server demonstrating a remote code execution vulnerability in Redis versions up to 5.0.5.

This is a Python library for cracking WPA passwords using precomputed data.

A Python library that helps developers bypass URL parsing restrictions and security checks.

A directory traversal fuzzer tool written in Perl for penetration testing and security research.

A static analyzer for PE executables, useful for malware analysis and security research.

An open-source collection of incident response methodologies and frameworks for security professionals.