Trending Projects

This is a GUI launcher for the XRAY web vulnerability scanning tool, focusing on web security.

A collection of trust and safety tools to help fight digital harms and protect online communities.

A Burpsuite plugin for recursively detecting vulnerable paths in web applications.

A PowerShell tool that extracts saved session information for remote access tools like WinSCP, PuTTY, and Remote Desktop.

A customizable Windows-based virtual machine for threat intelligence analysis and hunting

Passhunt is a tool for searching default credentials across network devices, web apps, and more.

An utility tool that integrates high-risk vulnerability exploits for security researchers and penetration testers.

This repository appears to be a security research project related to 802.11 wireless network vulnerabilities, not a developer tool for vibe coders.

GPU-based Onion Hash generator for developers working with cryptography and anonymity tools.

Pillager is an information gathering tool for post-exploitation purposes.

Implements the CobaltStrike Beacon in Go for security research and reverse engineering purposes.

PowerShell framework to assess Azure security for Windows and Linux systems

A collection of Docker images for network intrusion and penetration testing tools.

A Java library that unpacks malicious backdoors and exploits used by the Chinese e-commerce company Pinduoduo.

A powerful SQL injection vulnerability scanner for web applications written in Python.

A Python framework for wireless penetration testing and network security assessment.

A Burp plugin that can find reflected XSS vulnerabilities in real-time while browsing a website.

This is an awesome list of hacking tools and resources in Chinese.

Utility that retrieves plaintext Active Directory credentials for internal network access.

Key and Lock Decoding Tools for developers interested in cryptography and security.

This is a C library for offensive operations, not a developer discovery platform for vibe coders.

A cloud security suite that audits the security posture of AWS, GCP, and Azure infrastructure.

NextScan is a comprehensive enterprise-level black-box vulnerability scanning system that integrates vulnerability scanning, management, asset scanning, and crawling services.

This is a keylogger for macOS written in Swift, not a tool for vibe coders.

An antivirus evasion project written in C#, focused on bypassing antivirus detection.

Metasploit module to exploit the Eternalblue-Doublepulsar vulnerability.

A collection of Red Team focused tools, scripts, and notes for cybersecurity professionals.

This Python tool detects sensitive information leaks by scanning web applications for vulnerable files.

A fast, open-source CORS misconfiguration vulnerability scanner written in Python.

A Python-based C2/post-exploitation framework for offensive security and penetration testing

This repository provides a cheatsheet for the Cobalt Strike penetration testing framework, useful for red team operations.

An online port scan scraper written in Python for penetration testing and security research.

KeySweeper is a stealthy Arduino-based device that wirelessly sniffs, decrypts, and logs keystrokes from Microsoft wireless keyboards.

A toolkit to attack Office365 using various security tools and techniques.

A repository providing examples and tools for conducting security assessments on Azure and AWS cloud environments.

A Python tool that generates randomized Cobalt Strike C2 malleable profiles for red teaming activities.

An exploitation framework based on Python for Industrial Control System (ICS) and SCADA security research.

Provides a wordlist, rules, and masks for password cracking and security research.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

AoiAWD is a portable, low-privilege EDR system designed for cybersecurity competitions.

A collection of scripts for participating in AWD (Attacking and Defending) security competitions.

CMS Scanner: A tool to scan WordPress, Drupal, Joomla, and vBulletin websites for security issues.

A database of vulnerable Ruby Gems, helping Ruby developers stay secure.

This repository demonstrates exploiting vulnerabilities to impersonate a Domain Admin from a standard domain user account.

A privacy leak detection tool for developers to check for personal data exposure.

A collection of community-contributed Nuclei templates for bug bounty and penetration testing.

A wiki-based knowledge base focused on cloud security for developers and security professionals.

A Python-based toolkit for performing a wide range of security auditing and exploitation tasks.

This is a burp plugin for automatically recognizing and solving CAPTCHA challenges.

A C# Command & Control framework for security research and penetration testing