Trending Projects

A Nuclei plugin for Burp Suite, a popular web application security testing tool.

This Python repository provides a proof-of-concept for brute-forcing Apple ID login credentials.

Evilgrade is a Perl framework that allows injecting fake updates to take advantage of poor upgrade implementations.

An open-source tool for network exploitation and information gathering using the powerful Nmap scanner.

An open-source intrusion detection system for monitoring and detecting suspicious activity in Active Directory environments.

A collection of trust and safety tools to help fight digital harms and protect online communities.

Rosenpass is a post-quantum-secure VPN that uses WireGuard to transport the actual data.

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms.

A collection of hacking tools and resources in C# for developers interested in cybersecurity.

An open source security framework that provides a badge for projects following best practices.

A simple and fast SSH server bruteforcer tool for security professionals and developers.

An active defense and EDR software to empower blue teams and detect security threats on Windows systems.

A Python-based password brute force dictionary with keyboard combinations, pinyin, and alphanumeric dictionaries.

Single Packet Authorization (SPA) firewall tool that provides an alternative to traditional port-knocking.

A curated list of resources for vulnerability research and exploit development.

A Burpsuite plugin for recursively detecting vulnerable paths in web applications.

A command-line tool to generate various Metasploit payloads for penetration testing and security research.

A virtual machine for adversary emulation and threat hunting, not a developer discovery platform focused on vibe coders.

This repository is a collection of documents leaked by Edward Snowden, a former NSA contractor and whistleblower.

A Java library for securely encrypting data into a native .so library for use in your projects.

A multi-threaded PDF password cracking utility with password format builders and dictionary attacks.

This appears to be a collection of security-focused tools for developers.

DecryptTools is a comprehensive tool for decryption tasks, likely useful for security researchers and developers.

A PowerShell tool that extracts saved session information for remote access tools like WinSCP, PuTTY, and Remote Desktop.

TrevorC2 is a legitimate website that tunnels client/server communications for covert command execution.

This repository provides security research and tools for cracking Android app security.

A security tool that combines a modified version of Mimikatz and a .NET PE Loader for penetration testing.

Tinfoil Chat is an end-to-end encrypted, onion-routed secure messaging system for privacy-conscious developers.

USBGuard is a security framework for authorizing and controlling USB device interactions on Linux systems.

A Swift library for performing RSA public/private key encryption, useful for mobile app security.

A tool to spoof TLS/JA3 fingerprints in Go and JavaScript for bypassing security measures.

A C++ project that allows hiding PowerShell scripts in plain sight to bypass security features.

A modular password spraying tool with threading, proxy support, and more for security researchers.

A C# application that exploits user edit rights on Group Policy Objects to compromise controlled objects.

An extensible, multi-threaded internal network penetration testing tool with various plugins for information gathering, vulnerability scanning, and more.

SploitScan is a sophisticated cybersecurity utility for vulnerabilities and exploit analysis.

This Python tool allows searching for sensitive files across network SMB shares using regex-based filename and content matching.

A customizable Windows-based virtual machine for threat intelligence analysis and hunting

A modern 32/64-bit position independent implant template for security researchers and penetration testers.

This GitHub repository contains a hidden desktop tool for the Cobalt Strike penetration testing framework.

This is a hacking tool that can track a user's location, capture their picture, and collect device information.

A collection of web security tools for penetration testing and vulnerability scanning.

A Node.js command and control tool for script-jacking vulnerable Electron applications.

Passhunt is a tool for searching default credentials across network devices, web apps, and more.

An open-source EDR (Endpoint Detection and Response) tool for Windows focused on threat hunting and security analysis.

A collection of defenses and detections against Cobalt Strike, a popular penetration testing tool.

Advanced honeypot framework for security researchers and developers.

A curated collection of top-tier penetration testing tools and productivity utilities for security researchers and bug bounty hunters.

A C++ project that removes various kernel callbacks to bypass antivirus and endpoint detection and response (EDR) tools.

An utility tool that integrates high-risk vulnerability exploits for security researchers and penetration testers.