Trending Projects

A Python library for Active Directory reconnaissance tasks, useful for penetration testing.

A repository containing proof-of-concept projects, experiments, and security resources for developers.

Collection of Python-based security exploits and research tools written by the Rhino Security Labs team.

A transparent ransomware claim tracker for monitoring and analyzing ransomware activity on the dark web.

An open-source enterprise-level automated app privacy compliance detection tool.

C# implementation of the PowerView framework for Windows domain enumeration and lateral movement

This repository contains resources and tools for analyzing Virtual Machine Protection (VMP) obfuscation techniques.

Jok3r v3 BETA 2 is a comprehensive network and web penetration testing automation framework.

A Python library for launching HTTP/HTTPS flood attacks using socks4/5 or HTTP proxies.

A Python tool to generate smart and powerful wordlists for password cracking and cybersecurity testing.

Security tools and apps for Android, focused on hacking, penetration testing, and cybersecurity.

Muraena is a reverse proxy tool for automating phishing and post-phishing activities.

This repository provides information on how to find leaked credentials, which can be useful for security research.

A curated collection of awesome PHP security resources for developers.

A utility to examine and validate certificates in a variety of formats, useful for developers working with security and cryptography.

Legion is an automatic enumeration tool based on open-source tools for security professionals and pentesters.

Simple Swift wrapper for Keychain that works across iOS, watchOS, tvOS and macOS.

A free, open-source honeypot solution for enterprise-level security monitoring and threat hunting.

Dirty COW is a Linux kernel vulnerability that allows unprivileged local users to gain root privileges.

A collection of leaked credentials for security research and password security testing.

This project is a web proxy tool that allows pivoting and exploitation through a bastion server.

This is a toolkit for penetration testing and security research, not a developer platform focused on vibe coders.

A security tool that helps analyze changes to the attack surface of an operating system during software installation.

A tool that automatically integrates and synchronizes the latest Nuclei vulnerability POCs from across the web.

This repository provides suggestions and code for Capture The Flag (CTF) cybersecurity challenges.

Rule sets for Surge proxy clients (iOS/Mac) with ad-blocking, anti-censorship, and GFW bypass capabilities.

A C-based JWT brute force cracker for security testing and research.

This repository contains a proof-of-concept exploit for a Linux kernel vulnerability that allows local privilege escalation.

Fibratus is a powerful security tool for adversary tradecraft detection, protection, and hunting on Windows.

This repository contains information about the Cobalt Strike malware framework, which is not a developer tool for building AI-powered applications.

Portspoof is a C++ library that generates fake open ports to detect and mitigate network scanning attempts.

A fast vulnerability scanner that helps pentesters identify potentially vulnerable web servers.

A Python library for security researchers and penetration testers to automate web application testing.

A fast internal network scanning tool for security researchers and system administrators.

A security tool for multithreaded information gathering and service enumeration in penetration testing.

A toolkit of hacking tools and gadgets for security researchers and penetration testers.

The OWASP Developer Guide is a comprehensive resource for secure software development practices.

This is a PHP code audit project focused on improving code security and quality.

A Burp Suite extension that adds useful context menu functions for web application penetration testing.

SharpSploit is a .NET post-exploitation library written in C# for security research and penetration testing.

A Python tool that helps discover subdomains, secrets, and external JavaScript files for security testing and bug bounty hunting.

This repository contains malicious functionality to aid in malware development, which is not suitable for developer discovery.

This repository appears to be a hacking tool and not a developer discovery platform focused on vibe coders.

A repository that provides tips and tricks for pwn (binary exploitation) in CTF challenges.

A command-line tool for searching and downloading exploits, focusing on security research and penetration testing.

A DOM fuzzer built in Python that helps security researchers and developers discover vulnerabilities in web applications.

A Python library that tracks the real IP address behind Cloudflare, Sucuri, and Incapsula proxy services.

An alternative method for executing shellcode via callbacks in C++.

An interactive CTF exploration tool focused on reverse-engineering and Windows security research.

An interactive cheat sheet of offensive security tools and commands for Windows/AD environments.