Trending Projects

This project provides research articles and fileless webshells to bypass professional detection tools.

A static taint analysis platform to scan vulnerabilities in Android apps.

PowerShell utilities for passing the hash authentication method used in some security attacks.

A Python-based tool to bypass the Great Firewall of China's TLS SNI detection.

This repository contains a proof of concept for the CVE-2021-40444 vulnerability.

Distributed password cracking tool built on Hashcat for security researchers and penetration testers.

A penetration testing tool for network asset discovery and targeted attack surface profiling.

A collection of Azure security resources and notes for security researchers and penetration testers.

An OSINT project to automate Google dorks search for finding information about specific websites.

An open-source penetration testing tool for scanning and exploiting internal networks in Windows, Linux, and Mac environments.

An open-source OSINT tool for tracking social media accounts across multiple platforms.

This repository provides an organized list of resources for malware development, which is not recommended for general use.

Python reference implementation of The Update Framework (TUF), a library for securing software update systems

This GitHub repository is focused on Awesome-Red-Team-Operations, which is related to cybersecurity and penetration testing.

This repository provides principles and guidance for designing and deploying a zero trust architecture.

This GitHub repository is a collection of Java security resources and summaries, focused on security auditing.

A Python program to create a fake access point and sniff data for penetration testing and security research.

A modular penetration testing framework written in Python for security researchers and hackers.

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.

A command-line tool to audit source code for security vulnerabilities using grep patterns.

This repository provides a comprehensive set of tools for vulnerability exploitation and post-exploitation.

A Burp Suite extension to bypass 403 restricted directories.

An open-source Golang-based POC framework/library for quickly developing vulnerability detection systems.

BinAbsInspector is a Java-based vulnerability scanner that analyzes binary files using abstract interpretation techniques.

This is a PowerShell toolkit for security researchers and penetration testers.

This repository does not appear to be related to a developer discovery platform focused on vibe coders. It seems to be a collection of CTF (Capture The Flag) challenges.

SPARTA is a network infrastructure penetration testing tool written in Python.

A Python library that protects against fake shops, ads, tracking, and other internet attacks.

An interactive CTF exploration tool focused on reverse-engineering and Windows security research.

A Python-based tool for performing brute-force attacks on passwords, with a focus on security research.

A Python tool for data exfiltration and infiltration using text-based steganography to evade detection.

A Python tool that checks expired domains for categorization, reputation, and historical data to identify phishing and C2 domain candidates.

A Burp Suite plugin for testing web applications by spoofing IP addresses in case of server misconfigurations.

An OSINT tool that generates username lists for companies on LinkedIn to aid in penetration testing and security research.

A privilege escalation tool for Windows domains where LDAP signing is not enforced.

A high-performance, ModSecurity-compatible Nginx firewall module for web application security.

A collection of Burp Suite encryption plugins that support various crypto algorithms and execute custom JS code for security testing.

A Python tool that automates gaining administrative rights in Active Directory environments using offensive tactics.

A simple reverse ICMP shell written in C for remote system access and control.

This is a repository for a Cross-Site Scripting (XSS) receiver, likely used for CTF challenges or security research.

A collection of Living Off The Land Binaries and Scripts (LOLBins and LOLScripts) for cybersecurity research and testing.

A powerful mobile security testing framework for automating instrumentation and dynamic analysis of mobile apps.

Undetectable Windows payload generation tool for penetration testing and security research.

A collection of BadUSB payloads for the DigiSpark Attiny85 microcontroller, useful for penetration testing and security research.

Adversary Tactics - PowerShell Training for security professionals and penetration testers.

A physical memory manipulation and hacking tool that exploits PCI-based DMA vulnerabilities.

A Go tool to leak git repositories from misconfigured websites for security research and penetration testing.

A powerful internal penetration testing tool suite written in Go that supports various service brute-force attacks.

A comprehensive list of reentrancy attacks on Ethereum smart contracts for security research.

A Suricata-based network detection and response (NDR) distribution for security monitoring and threat hunting.