Trending Projects

A static taint analysis platform to scan vulnerabilities in Android apps.

This project provides ESP8266 firmware for performing deauthentication attacks on wireless networks.

APT-Hunter is a threat hunting tool for Windows event logs, designed for purple team use to detect APT activity.

A collection of handy bookmarks for penetration testing and security research.

A Go reverse shell that communicates over DNS for bypassing firewalls and restricted networks.

A penetration testing tool and framework for security researchers and ethical hackers.

A Docker-based platform for quickly setting up various vulnerability test environments for security research.

A fast internal network scanning tool for security researchers and system administrators.

A subdomain takeover tool for attackers, bug bounty hunters, and security teams to detect and mitigate security vulnerabilities.

This GitHub repository provides resources for bug bounty hunting, a valuable skill for security-focused developers.

A simple FOFA client written in JavaFX for security researchers and red teams.

A collection of Grep Patterns for finding SSRF, RCE, LFI, SQLi, SSTI, IDOR, URL Redirection, and other vulnerabilities.

A curated list of CVE PoCs, a useful resource for security researchers and penetration testers.

A software sandbox for secure storage of sensitive information in memory, built using Go.

A fast and efficient subdomain brute-forcing tool written in Go for security testing and penetration testing.

Microsoft Defender for Cloud is a cloud security platform that provides advanced threat protection and compliance management for cloud environments.

Collection of common wordlists for brute force attacks on RDP, SSH, and IP camera passwords.

A tool for bypassing websites protected by CloudFlare WAF, useful for penetration testing and website analysis.

gasmask is an information gathering tool that performs OSINT (Open-Source Intelligence) reconnaissance.

This is a Linux eBPF rootkit with malicious capabilities including a backdoor, C2, and stealth features.

Windows event log killer used for red team operations and penetration testing.

A Burp Suite plugin for testing web applications by spoofing IP addresses in case of server misconfigurations.

A fast, open-source GitHub recon tool that scans for leaked secrets across all of GitHub.

A powerful XSS scanning and parameter analysis tool written in Ruby for bug bounty and penetration testing.

A security solution for Kubernetes and container environments, providing runtime protection and threat detection.

A cybersecurity incident response testing tool that generates tailored scenarios using LLMs and the MITRE ATT&CK framework.

An automated system hardening framework written in Python for securing Linux systems.

A Swiss Army knife for automated web application testing, written in Go, useful for bug bounty hunters and security professionals.

pwncat is a powerful penetration testing tool that offers advanced features like firewall and IDS/IPS evasion, bind and reverse shell, and port forwarding.

A collection of one-liners for bug bounty hunting and web application security research.

Proof of Concept for an advanced in-memory evasion technique to hide injected shellcode from scanners.

WebMap-Nmap Web Dashboard and Reporting tool for cybersecurity professionals

A blazing-fast security auditing tool for Kubernetes that helps DevOps and security teams secure their cloud-native infrastructure.

A fast sub-domain brute tool for penetration testers and security researchers.

This is a repository focused on learning Ethereum Virtual Machine (EVM) attacks, useful for security audits and smart contract development.

A fast and efficient dork scanner written in Go for bug bounty and security research.

This Python-based backdoor uses Gmail to exfiltrate data and track user activity for red team engagements.

This repository provides a comprehensive summary of the Certified Ethical Hacker (CEH) certification in bullet points.

A security tool that helps analyze changes to the attack surface of an operating system during software installation.

A collection of Burp Suite encryption plugins that support various crypto algorithms and execute custom JS code for security testing.

A PowerShell script for detecting potential compromised accounts and applications in Azure/M365 environments.

A Python script for batch scanning with the Acunetix AWVS scanner, supporting various vulnerability checks.

An automation tool that enumerates subdomains and scans for web vulnerabilities.

The-XSS-Rat/SecurityTesting is a Python repository focused on security testing and penetration testing tools.

Boundary enables identity-based access management for dynamic infrastructure.

A collection of Go code examples and tools for security professionals

A Rust-based security tool for Linux exploitation that aims to leave zero traces on system logs and filesystem timestamps.

A collection of trust and safety tools to help fight digital harms and protect online communities.

A Python-based tool for automating favicon-based reconnaissance during bug bounty and penetration testing.

A toolkit for creating various payloads, powershell attacks, and launching listeners for Human Interface Devices (Teensy).