Trending Projects

This repository contains binaries for the book 'Practical Malware Analysis', a resource for malware analysis.

A Python framework for detecting vulnerabilities in content management systems (CMS).

A Rust cryptography library with implementations of various algorithms.

GUAC aggregates software security metadata into a high fidelity graph database.

A Python tool for evading antivirus detection, useful for security researchers and penetration testers.

A curated list of writeups from the Google VRP Bug Bounty program, useful for security researchers and bug hunters.

A Python-based proof-of-concept tool to perform a MitM attack and extract clear text credentials from RDP connections.

A pure-Python, fully automated and unattended fuzzing framework for software testing and security research.

Software to identify different types of hashes, useful for security researchers and pentesters.

A tool to block Spotify ads and analytics on Linux, macOS, and Windows using the hosts file.

BinaryAlert is a serverless, real-time and retroactive malware detection tool powered by AWS Lambda and Terraform.

A collection of PowerShell functions for hackers and penetration testers.

A security risk analysis tool for Kubernetes resources, helping developers secure their cloud infrastructure.

A Firefox extension to protect users from browser fingerprinting.

SSH-MITM is a tool for auditing and analyzing SSH connections through a MITM proxy.

A comprehensive information gathering tool for security researchers and pentesters.

GlobaLeaks is a secure and open-source whistleblowing platform for anyone to set up and maintain.

A powerful Python tool to analyze PDF documents, useful for security researchers and developers.

An API security project presenting unique attack and defense methods in the API security field.

CaA - a Java tool for information gathering, analysis, and intelligence exploration for bounty hunters and security researchers.

An Android app that can brute force WiFi passwords without requiring a rooted device.

This Python-based tool can bypass firewalls and forward traffic using a webshell, potentially useful for security research.

This repository provides a comprehensive list of rootkits for security research and penetration testing.

A PowerShell script for detecting potential compromised accounts and applications in Azure/M365 environments.

A collection of one-liners for bug bounty hunting and web application security research.

Web and mobile application security training platform focused on secure coding practices.

An automatic framework to detect, exploit and report XSS vulnerabilities in web applications.

A Python-based HTA encryption tool for Red Teams to obfuscate and execute malicious scripts.

A security research project that discovers a vulnerability in the VirtualBox E1000 network driver, allowing a guest OS to escape to the host.

This repository contains learning notes related to binary security, contributed by the Disiwater Reverse Engineering community.

This is a tool for finding open databases by leveraging the Binaryedge.io platform.

A Python2 tool for detecting and exploiting Struts2 vulnerabilities across all versions.

A field guide for Capture the Flag (CTF) competitions, focused on security and hacking.

A collection of open-source security tools and custom scripts for Red Team operations.

A comprehensive guide to improving privacy and security on Windows 10.

A collection of common vulnerabilities found in iOS applications to help secure iOS app development.

A Python-based geolocation OSINT tool that gathers information from social media platforms.

Generates millions of password mutations in seconds for penetration testing and security research.

A vulnerable Android app for developers and security enthusiasts to learn about Android insecurities.

A tool to dump cookies and credentials directly from Chrome/Edge process memory.

A Python library for generating password wordlists and hashcat rules for offline password cracking

A collection of various JSP webshell implementation methods for security researchers and penetration testers.

Minimal TOTP generator in 20 lines of Python for developers who need a simple 2FA solution.

EgeBalci/amber is a reflective PE packer written in Go, useful for security researchers and penetration testers.

A collection of SaaS attack techniques to help defenders understand the threats they face.

APT-Hunter is a threat hunting tool for Windows event logs, designed for purple team use to detect APT activity.

A Python tool that automates the reconnaissance process to map an application's attack surface.

A collection of Grep Patterns for finding SSRF, RCE, LFI, SQLi, SSTI, IDOR, URL Redirection, and other vulnerabilities.

A collection of wordlists and tools for bruteforcing and penetration testing purposes.

A proof-of-concept reflective loader for Cobalt Strike, enhancing its evasion features.