Trending Projects

An educational resource that explains CSRF tokens and how they work to protect web applications.

An utility tool that integrates high-risk vulnerability exploits for security researchers and penetration testers.

A flexible DNS name permutation tool for security researchers and penetration testers.

A repository containing public documents and whitepapers about advanced persistent threat (APT) campaigns.

A Python library for patching PE, ELF, and Mach-O binaries with shellcode, primarily for security research and penetration testing.

This C# tool generates executable files that can bypass antivirus detection for malicious purposes.

PcapXray is a network forensics tool that visualizes packet capture data as a network diagram, enabling device identification and important communication analysis.

A comprehensive penetration testing framework with a variety of cybersecurity resources for security professionals.

A comprehensive tool for exploiting vulnerabilities in VMware vCenter Server

This repository contains learning notes about Android security, not a developer platform focused on vibe coders.

A collection of PowerShell scripts with 100% AV bypass capability for security research and pen-testing.

A course on intermediate-level Linux exploitation, focusing on Python-based techniques.

A Python-based tool for automating password cracking methodologies using Hashcat.

A passive Shiro detection plugin for the BurpSuite security tool, used for web application security testing.

A curated, well-maintained hostfile to block ads, tracking, cryptomining, and more for better privacy and performance.

A comprehensive cheat sheet for understanding and mitigating Java Deserialization vulnerabilities.

This repository contains a proof-of-concept exploit for a Linux kernel vulnerability that allows local privilege escalation.

A Java security audit plugin that helps developers find security vulnerabilities in web and Android apps.

A pentest reporting tool written in Python to free developers from Microsoft Word.

A proof-of-concept reflective loader for Cobalt Strike, enhancing its evasion features.

This Python project generates Gmail keyloggers for Windows, primarily used for penetration testing.

A comprehensive guide to Secure Shell (SSH) tunneling, port redirection, and network traffic manipulation for security professionals.

A Go-based tool for checking if a website is vulnerable to the Heartbleed OpenSSL bug (CVE-2014-0160).

A curated list of security resources and tools for developers and security professionals.

A repository providing a list of the top 25 vulnerability parameters for security researchers and bug bounty hunters.

A PowerShell script designed to bypass AMSI and commercial antivirus solutions for penetration testing

Minimal TOTP generator in 20 lines of Python for developers who need a simple 2FA solution.

A vulnerable app with examples showing how to not use secrets, useful for security education.

A Python tool to dump information from Active Directory via LDAP, useful for security research and penetration testing.

A set of process injection techniques for Windows Thread Pools, primarily for security research purposes.

A repository for learning and documenting internal network penetration testing (domain penetration).

Websploit is a high-level MITM (Man-in-the-Middle) framework written in Python for network penetration testing.

A daily updated composer exclusion list for security vulnerabilities in PHP projects.

Picocrypt is a small, secure encryption tool for developers focused on privacy and security.

This is a leaked repository of the Zeus trojan horse malware, not for actual use.

A C++ tool for extracting clear text passwords from the Windows Remote Desktop Protocol (RDP) client.

Athena OS is a Arch/Nix-based Linux distribution focused on cybersecurity learning and penetration testing.

A collection of CTF (Capture The Flag) tools for cryptography, web security, and more.

RootMyTV is an exploit for rooting/jailbreaking LG webOS smart TVs.

A Python library for remotely extracting credentials from the Windows Local Security Authority Subsystem Service (lsass).

A simple FOFA client written in JavaFX for security researchers and red teams.

A password cracking tool with a single rule to crack all passwords, or at least try to.

A collection of links related to VMware escape exploits, not a developer discovery platform for vibe coders.

A passive sniffing tool for capturing and visualizing WiFi location data disclosed by iOS devices.

This is an IPv6 attack toolkit for penetration testing and security research.

An antivirus evasion project written in C#, focused on bypassing antivirus detection.

Secure chat software for your computer using cryptography to protect conversations.

This is a Java security SDK and coding standard for developers building secure applications.

This Python tool is a penetration testing and vulnerability scanning utility for quickly gaining access to target systems.

PowerTools is a collection of PowerShell projects focused on offensive operations.