Trending Projects

A Python tool that sniffs for sensitive data from network interfaces or PCAP files.

Distributed password cracking tool built on Hashcat for security researchers and penetration testers.

This GitHub repository is a tool for using an Android device as a Rubber Ducky against another Android device.

Compiled binaries for the Ghostpack suite of post-exploitation tools for penetration testing.

A reconnaissance tool that utilizes various techniques to expedite initial information gathering on target organizations.

A collection of PowerShell functions for hackers and penetration testers.

An EDR (Endpoint Detection and Response) testing tool for developers to experiment with defense evasion techniques.

This GitHub repository contains a hidden desktop tool for the Cobalt Strike penetration testing framework.

This is an advanced remote access trojan (RAT) written in Python that can be controlled through Discord.

This is a C library for offensive operations, not a developer discovery platform for vibe coders.

A collection of vulnerability labs for security analysis and exploitation.

A cloud security posture management (CSPM) tool that helps developers secure their cloud infrastructure.

Android security patching framework that disables signature verification for system modifications

This is a collection of malware samples, not a tool for vibe coders.

A curated list of awesome cloud security resources for developers and security professionals

A curated list of tools and resources for investigating crypto hacks, security incidents, and on-chain analysis.

This repository provides a port of ParrotSec's stealth and anonsurf modules to Kali Linux for anonymous web browsing.

A high-value vulnerability collection and notification service for developers, integrating with popular chat platforms.

A comprehensive collection of resources for building and operating a Security Operations Center (SOC)

Undetectable Windows payload generation tool for penetration testing and security research.

A library for protecting against prototype pollution vulnerabilities in JavaScript applications.

This is a shell script for brute-forcing Instagram account passwords, not a developer tool for vibe coders.

A collection of useful Google Dorks for web security and bug bounty hunting.

This project appears to be a malicious spyware Trojan program, not a developer tool.

An open-source security guide covering security standards, frameworks, threat models, encryption, and benchmarks.

An open-source, extensible network penetration testing tool for security research and reconnaissance.

This repository contains the original proof-of-concepts for the React2Shell CVE-2025-55182 vulnerability.

Attify OS is a Linux distro for penetration testing and exploiting IoT devices.

This is the Kali NetHunter project, a penetration testing and security framework for Android devices.

Automation tools for internal Windows penetration testing and Active Directory security research.

This is a tool for conducting targeted evil twin attacks against WPA2-Enterprise networks and performing indirect wireless pivots using hostile portal attacks.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

A Go port of the Shikata ga nai encoder with several improvements for security researchers and pentesters.

A Python tool to extract one-time password (OTP) secrets from QR codes exported by 2FA apps like Google Authenticator.

Android library that provides a secure way to store sensitive data in shared preferences with encryption.

An open-source Instagram OSINT tool for collecting and analyzing data from Instagram.

Metarget is a Python framework for automatically creating vulnerable infrastructures for security research and testing.

A Java library for securely encrypting data into a native .so library for use in your projects.

This repository appears to be a security research project related to 802.11 wireless network vulnerabilities, not a developer tool for vibe coders.

An OSINT tool for finding profiles by username, useful for security research and information gathering.

A collection of CTF (Capture The Flag) tools for cryptography, web security, and more.

Collection of Python-based security exploits and research tools written by the Rhino Security Labs team.

A transparent ransomware claim tracker for monitoring and analyzing ransomware activity on the dark web.

A password manager that uses the age encryption standard as a backend, providing a secure and modern alternative to password-store.

A Windows privilege escalation tool that uses Windows Tokens to elevate privileges

A powerful penetration testing tool for LLMNR, NBT-NS and MDNS poisoning with rogue authentication servers.

An automated NoSQL database enumeration and web application exploitation tool for security researchers.

A collection of leaked credentials for security research and password security testing.

This repository contains penetration testing reports, documents, and security books, primarily written in Python.

ADRecon is a tool for gathering information about Active Directory and generating a report on its current state.