Trending Projects

This is a public repository for the AppSec Ezine, a resource for application security professionals.

A comprehensive list of web security and code audit resources for developers.

This is a Chrome extension that demonstrates bypassing Widevine L3 DRM for media content.

RedSnarf is a Windows-focused penetration testing and red-teaming tool for security professionals.

evilginx2 is a man-in-the-middle attack framework used for phishing credentials and session cookies.

This project appears to be a Facebook hacking toolkit written in Python, not a developer discovery platform for AI-focused developers.

A virtual machine for CTF competitions, with multiple versions and systems to choose from for an out-of-the-box experience.

This is a repository of digital forensics artifacts, not a developer discovery platform focused on AI coding tools.

A web application that assists network defenders in mapping adversary behaviors to the MITRE ATT&CK framework.

Kalitorify is a transparent proxy tool for Kali Linux OS that routes traffic through the Tor network for enhanced privacy and security.

A Burp plugin that can find reflected XSS vulnerabilities in real-time while browsing a website.

Keybase Filesystem (KBFS) is a secure, distributed file system with end-to-end encryption.

This repository contains writeups and cheatsheets for Vulnhub CTF challenges, useful for OSCP preparation and penetration testing.

A collection of security-focused writeups and resources for web application security researchers and developers.

A Python tool for LinkedIn reconnaissance and data extraction.

This is an awesome list of hacking tools and resources in Chinese.

This is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.

A PHP shell that bypasses disabled functions to achieve command execution.

This is a blocklist for Adobe's URLs and IPs that can be added to the Windows host file.

Proof of Concept for an advanced in-memory evasion technique to hide injected shellcode from scanners.

The-XSS-Rat/SecurityTesting is a Python repository focused on security testing and penetration testing tools.

Utility that retrieves plaintext Active Directory credentials for internal network access.

This is a Shell script that sets up a TLS proxy for the Signal messaging app, likely for security and privacy purposes.

A script for searching extracted firmware file systems for sensitive information.

Ncrack is a high-speed network authentication tool used for cracking authentication credentials across a network.

A collection of Android malware samples for security research and analysis.

Athena OS is a Arch/Nix-based Linux distribution focused on cybersecurity learning and penetration testing.

This repository contains a collection of kernel exploits, likely not relevant for vibe coders.

A collection of PowerShell scripts with 100% AV bypass capability for security research and pen-testing.

A C# workshop on writing custom backdoor payloads for red team security research.

This repository contains the public open-source code of the malware Stuxnet, also known as MyRTUs.

Proof of concept for CVE-2019-0708, a critical remote code execution vulnerability in Microsoft's Remote Desktop Protocol (RDP).

A program to reverse Docker images into Dockerfiles, useful for security researchers and developers.

A PHP security checker that scans projects for known vulnerabilities in their dependencies.

An easy-to-use encryption library for JavaScript, utilizing RSA and AES algorithms.

A security platform for managing application assets, vulnerabilities, and security knowledge.

A GitHub code leak monitoring system built with Laravel for security-conscious developers.

A collection of resources for penetration testing and securing Microsoft's cloud platform Azure.

This Rust library provides a framework for using Notion as a platform for offensive operations.

A collection of PoCs for remote code execution vulnerabilities in ThinkPHP v5.x, a popular PHP framework.

A PowerShell script anti-virus evasion tool for penetration testing and red team activities.

A collection of vulnerability labs for security analysis and exploitation.

This project appears to be a malicious spyware Trojan program, not a developer tool.

A cloud security suite that audits the security posture of AWS, GCP, and Azure infrastructure.

A simple command-line tool to brute force crack HS256, HS384 & HS512 JWT tokens.

This is a repository for Twitch livestreams by a Turkish security researcher and penetration tester.

NextScan is a comprehensive enterprise-level black-box vulnerability scanning system that integrates vulnerability scanning, management, asset scanning, and crawling services.

Malcom is a Python-based framework for analyzing and monitoring network traffic to detect malware communications.

Bandit is a static code analysis tool that helps find security issues in Python code.

A C# library for bypassing EDR's active projection DLL's by preventing entry point execution.