Trending Projects

A collection of open-source security projects to help enterprise security professionals build security capabilities.

This repository is focused on learning hacking, penetration testing, and reverse engineering using Kali Linux.

A Burp Suite extension to bypass 403 restricted directories.

This is a PowerShell toolkit for security researchers and penetration testers.

This is a Windows Privilege Escalation tool that can be used to elevate a user's privileges to a domain admin.

A powerful Python tool to analyze PDF documents, useful for security researchers and developers.

A Go-based C2 tool for penetration testing with Lua plugin support, domain fronting, and remote file/process management.

A PowerShell tool that extracts saved session information for remote access tools like WinSCP, PuTTY, and Remote Desktop.

A Python script for batch scanning with the Acunetix AWVS scanner, supporting various vulnerability checks.

A collection of Android malware samples for security research and analysis.

This repository contains information about the Cobalt Strike malware framework, which is not a developer tool for building AI-powered applications.

A fast and efficient subdomain brute-forcing tool written in Go for security testing and penetration testing.

PowerTools is a collection of PowerShell projects focused on offensive operations.

This is a C2 shellcode generator/compiler/handler, not a developer discovery platform for vibe coders.

A command-line tool for searching and downloading exploits, focusing on security research and penetration testing.

A shell script that transparently encrypts files within a Git repository to securely manage secrets.

This repository provides methods to bypass 403/401 errors and includes bash automation scripts.

A tool for bypassing websites protected by CloudFlare WAF, useful for penetration testing and website analysis.

AD Miner is an Active Directory audit tool that uncovers security weaknesses using Bloodhound graph data.

A repository containing a list of XSS (Cross-Site Scripting) vectors and payloads for security research and testing.

A collection of Windows 11 security hardening and configuration recommendations.

A fast and efficient dork scanner written in Go for bug bounty and security research.

This C# program demonstrates various process injection techniques for security research and testing.

evilginx2 is a man-in-the-middle attack framework used for phishing credentials and session cookies.

This project appears to be a Facebook hacking toolkit written in Python, not a developer discovery platform for AI-focused developers.

A collection of Censys Search Queries for security research and OSINT investigations.

This Python project generates Gmail keyloggers for Windows, primarily used for penetration testing.

A Python library for decoding common remote access trojans (RATs) used by cybercriminals.

A Go-based port of Wappalyzer that automates mass scanning to uncover technologies used on websites.

An advanced in-memory evasion technique for encrypting and decrypting shellcode contents.

A C++ cheat/skin changer tool for the game League of Legends, used for modding and reverse-engineering.

This project is a web proxy tool that allows pivoting and exploitation through a bastion server.

SSRF (Server Side Request Forgery) testing resources for security professionals.

This repository contains a proof-of-concept exploit for a Linux kernel vulnerability that allows local privilege escalation.

This repository provides free proxy and VPN solutions including Clash, Shadowsocks, and V2Ray for developers to bypass internet censorship.

A Python library for remotely extracting credentials from the Windows Local Security Authority Subsystem Service (lsass).

A collection of cybersecurity and incident response notes for blue team professionals.

A curated list of blockchain security CTF competitions for developers to improve their security skills.

A collection of Burp Suite encryption plugins that support various crypto algorithms and execute custom JS code for security testing.

A collection of links related to VMware escape exploits, not a developer discovery platform for vibe coders.

An educational resource that explains CSRF tokens and how they work to protect web applications.

A collection of Grep Patterns for finding SSRF, RCE, LFI, SQLi, SSTI, IDOR, URL Redirection, and other vulnerabilities.

Mars is a comprehensive security tool for asset discovery, subdomain enumeration, port scanning, and more.

Pillager is an information gathering tool for post-exploitation purposes.

A toolkit for creating various payloads, powershell attacks, and launching listeners for Human Interface Devices (Teensy).

A simple Trojan deployment script that can set up a proxy server with just one command.

A comprehensive list of web security and code audit resources for developers.

This repository contains writeups and cheatsheets for Vulnhub CTF challenges, useful for OSCP preparation and penetration testing.

A collection of vulnerability labs for security analysis and exploitation.

A curated list of awesome resources and tools for information security professionals.