Trending Projects

ReconDog is a Python-based reconnaissance tool for information gathering and vulnerability detection.

A Burp Suite extension that adds useful context menu functions for web application penetration testing.

This repository provides indicators of compromise from Amnesty International's cyber investigations.

A toolkit for emulating and analyzing firmware for security vulnerabilities, targeted at IoT and embedded devices.

A library of Elastic Security detection content for Endpoint protection, written in YARA language.

A C# library for detecting the presence of malicious strings in .NET applications.

This is a sample penetration testing report provided by TCM Security, not a developer discovery platform.

USBGuard is a security framework for authorizing and controlling USB device interactions on Linux systems.

This is a repository of digital forensics artifacts, not a developer discovery platform focused on AI coding tools.

This repository contains a collection of malware samples for analysis purposes, not for malicious use.

A collection of Red Team focused tools, scripts, and notes for cybersecurity professionals.

This GitHub repository does not provide enough information to classify it as a developer discovery platform for vibe coders.

This repository provides suggestions and code for Capture The Flag (CTF) cybersecurity challenges.

This is a comprehensive security handbook covering web vulnerabilities, exploitation, code auditing, and penetration testing.

A vulnerability scanner that automatically runs 30+ tools on a target, supporting web, system, subdomain, directory, and more scanning.

A PAM module that allows users to set alternate passwords to clear sensitive data or notify IT/Security if coerced.

A passive information leakage detection tool for Chrome and Firefox developers using AI tools.

A collection of Windows exploits and hacking tools for security research and penetration testing.

Subdomain enumeration tool written in Go, with fast asynchronous DNS scanning to find subdomains for bug bounty hunting.

This is a PowerShell framework for creating reverse TCP shells, used for penetration testing and security research.

A Python-based platform security assessment framework for analyzing firmware security.

This is a PHP webshell with handy features, not a developer discovery platform for vibe coders.

linWinPwn is a bash script that streamlines the use of Active Directory security tools for penetration testing.

A proposed standard that allows websites to define security policies.

APT-Hunter is a threat hunting tool for Windows event logs, designed for purple team use to detect APT activity.

This Java plugin helps discover unauthorized/sensitive information/privilege escalation vulnerabilities in web applications during security testing.

Linux Malware Detection (LMD) is a command-line tool for detecting malware on Linux systems.

A comprehensive resource for cybersecurity professionals, containing tools used by various ransomware gangs.

ThePhish is an automated tool for analyzing and detecting phishing emails, providing cybersecurity professionals with a comprehensive solution.

cwe_checker finds vulnerable patterns in binary executables, helping developers identify and fix security issues.

Reverse-engineering tool for account pooling with load balancing, auto-refresh, caching & proxy support

A simple SQL injection testing plugin for Burp Suite to help identify SQL injection vulnerabilities.

Malcom is a Python-based framework for analyzing and monitoring network traffic to detect malware communications.

An advanced in-memory evasion technique for encrypting and decrypting shellcode contents.

An open-source enterprise-level automated app privacy compliance detection tool.

This repository contains information and resources related to IT security that developers may find useful.

Hackazon is a modern vulnerable web app for security research and training purposes.

A scalable fuzzing infrastructure to find vulnerabilities and improve software stability.

A project documenting the history and providing a tutorial on the Shadowsocks proxy server.

Secure password sharing with automatic expiration, view limits, and audit logs

A comprehensive ad-blocker and privacy protector for an annoyance-free, better open internet.

A Windows password auditing tool that supports multi-threaded batch checks to quickly detect weak passwords and accounts.

A Go-based tool for checking if a website is vulnerable to the Heartbleed OpenSSL bug (CVE-2014-0160).

This is a Linux eBPF rootkit with malicious capabilities including a backdoor, C2, and stealth features.

This GitHub repository provides resources for bug bounty hunting, a valuable skill for security-focused developers.

A repository for building and optimizing efficient penetration testing dictionaries and fuzzing tools.

Educational, CTF-styled labs for individuals interested in Memory Forensics

This repository contains CTF (Capture the Flag) solutions from the p4 team, focused on security and writeups.

A Go-based tool that can bypass 40X/HTTP errors by tampering with HTTP requests, headers, and credentials.

A Google Chrome extension for passive monitoring of high-risk fingerprinting, honeypot detection, and machine feature obfuscation.