Trending Projects

A collection of tools that integrate with Cobalt Strike for advanced C2 framework development.

A collection of security-focused tools and projects for developers working on security-related tasks.

MouseJack is a security research tool focused on discovering and analyzing vulnerabilities in wireless mice and keyboards.

A C# library for detecting the presence of malicious strings in .NET applications.

A community-driven checklist for securing Ruby on Rails applications.

A repository containing a list of XSS (Cross-Site Scripting) vectors and payloads for security research and testing.

An open-source framework for analyzing and detecting information leaks, security incidents, and data privacy issues.

A Python tool to help MySQL client file reading and JDBC client Java deserialization for security testing.

This is a collection of resources related to SSRF (Server-Side Request Forgery) for security researchers and developers.

Anubis is a subdomain enumeration and information gathering tool for security professionals.

The OWASP Top 10 is a standard awareness document for web application security.

A library for detecting various types of network attacks and intrusions.

A powerful XSS scanning and parameter analysis tool written in Ruby for bug bounty and penetration testing.

A Go utility to generate malicious network traffic patterns for security testing and evaluation.

A collection of academic papers related to fuzzing, binary analysis, and exploit development for vibe coders.

A compilation of commands, tips, and scripts for penetration testing and security research.

A comprehensive collection of cybersecurity and infosec resources for developers.

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with an optimized, hardened, and debloated script.

This repository contains research code and papers from members of the vx-underground community, focused on malware development and research.

A collection of resources for Python security and code review, aimed at security-conscious developers.

A large open-source database for detecting secrets, API keys, passwords, and more, useful for security-focused vibe coders.

A Python tool for generating various types of NTLMv2 hash theft files for security research and testing.

This is a C-based exploit targeting a Windows SMBv3 vulnerability (CVE-2020-0796) known as SMBGhost.

A proof-of-concept backdoor that uses Gmail as a command-and-control server, likely not suitable for vibe coders.

A Java agent-based tool to quickly generate memory shell payloads for common Java web frameworks.

This is a semi-automated, no-bs version of the public exploit code for MS17-010 vulnerability.

This Python repository generates customized word lists for a variety of use cases, including penetration testing.

Mars is a comprehensive security tool for asset discovery, subdomain enumeration, port scanning, and more.

A simple asset discovery engine for cybersecurity professionals

This is a course repository for a University of Cincinnati Malware Analysis class, not a developer discovery platform.

A comprehensive tool for scanning and exploiting various OA vulnerabilities in bulk.

Run frida-server on boot with Magisk, always up-to-date for Android exploitation and reverse-engineering.

Beagle is a Python-based incident response and digital forensics tool that transforms security logs and data into graphs.

This repository provides resources and guidance for entry-level cybersecurity job seekers to build their skills.

A Rust library that provides a comprehensive fingerprinting database for security research and web enumeration.

This is a collection of tools for penetration testing and OSINT, not a vibe coder platform.

A comprehensive resource for cybersecurity professionals, containing tools used by various ransomware gangs.

A powerful MongoDB auditing and penetration testing tool for developers.

This is a sample penetration testing report provided by TCM Security, not a developer discovery platform.

A Python tool for remotely dumping DPAPI credentials from Windows systems.

ThePhish is an automated tool for analyzing and detecting phishing emails, providing cybersecurity professionals with a comprehensive solution.

A Burp Suite plugin that enables custom data processing like encryption/decryption and brute-force attacks.

This project appears to be related to the KRACK attack, which is a vulnerability in the WPA2 protocol, rather than a developer discovery platform for vibe coders.

This repository contains learning notes about Android security, not a developer platform focused on vibe coders.

A reverse shell written in Go that allows remote access and control over an SSH connection.

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

A Go-based wordlist framework for security researchers, bug bounty hunters, and hackers.

A collection of techniques and resources for bypassing MySQL SQL injection vulnerabilities.

This is a GUI launcher for the XRAY web vulnerability scanning tool, focusing on web security.

cwe_checker finds vulnerable patterns in binary executables, helping developers identify and fix security issues.