Trending Projects

Bandit is a static code analysis tool that helps find security issues in Python code.

A curated list of awesome resources and tools for information security professionals.

This is a collection of resources for red team and blue team cybersecurity training, not a developer platform.

This Go-based GitHub leak scanning system helps developers and security teams monitor for leaked credentials and sensitive data.

This is a keylogger for macOS written in Swift, not a tool for vibe coders.

This repository provides a collection of cheatsheets for various penetration testing tools and techniques.

An open-source collection of security products such as IDS, IPS, WAF, and honeypots.

HostHunter is an open-source OSINT tool for discovering hostnames and IP addresses during security assessments and penetration testing.

A virtual machine for assessing Android applications, reverse engineering, and malware analysis.

An antivirus evasion project written in C#, focused on bypassing antivirus detection.

A password cracking tool for Windows that can bypass authentication without privileges

This is a tool to generate passwords using personal information, not an AI coding tool.

A collection of smart hosts used to block access to various websites and improve privacy

This repository provides a comprehensive summary of the Certified Ethical Hacker (CEH) certification in bullet points.

This repository is a comprehensive book focused on penetration testing and the ATTCK framework, not a developer discovery platform for vibe coders.

A real-world malware collection for researchers to understand and analyze malware threats.

A collection of scripts and executables for penetration testing and digital forensics.

A cheatsheet for bypassing a browser's XSS filter, useful for security researchers and penetration testers.

This repository contains a collection of malware samples for analysis purposes, not for malicious use.

Metasploit module to exploit the Eternalblue-Doublepulsar vulnerability.

A proof-of-concept tool to demonstrate the Follina Office RCE vulnerability for testing purposes.

A comprehensive collection of techniques and examples for manually obfuscating PowerShell scripts to evade antivirus detection.

This Python tool detects sensitive information leaks by scanning web applications for vulnerable files.

A shell script that creates multiple TOR instances with load balancing for secure and anonymous communication.

This Python project allows stealing Net-NTLM hashes using a vulnerable PDF document, used for security research.

This is a Python script for monitoring and crawling the Chinese Darknet, not a developer discovery platform.

A plug-in type web vulnerability scanner written in Python

A vulnerable Spring Boot web application for learning about the Log4Shell vulnerability (CVE-2021-44228).

Autorize is an extension for Burp Suite that automates authorization enforcement detection to ease security testing.

A comprehensive collection of tools and techniques for cracking various types of verification codes and captchas.

An open-source information security preparedness tool for adversarial simulation and security testing.

A repository showcasing security research and bug bounty case studies, not focused on vibe coders.

A collection of red team tools and scripts for security research and penetration testing.

CocoaSecurity provides an Objective-C library for common cryptographic and encoding/decoding functions.

An ESP32 firmware that revolutionizes pentesting with a focus on security research and penetration testing.

This Python project extracts and collects strong and weak passwords from previously leaked password data.

Active Directory assessment and privilege escalation script for security researchers and penetration testers.

A Python tool that automatically collects Proof of Concept (POC) or Exploit (EXP) from GitHub based on CVE IDs.

A Python library for parsing Cobalt Strike beacon data, useful for security analysis and incident response.

An Active Directory data ingestor for BloodHound Legacy written in Rust, focused on security research and penetration testing.

PoC for a local privilege escalation vulnerability in the pkexec command of the polkit library (CVE-2021-4034)

A root exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability.

This Python library scans Pastebin for suspicious content using Yara rules.

An open-source tool to generate application whitelist bypasses for red and blue team use.

This repository provides a cheatsheet for the Cobalt Strike penetration testing framework, useful for red team operations.

An IIS short filename enumeration tool for security audits and penetration testing.

LimeRAT is a simple yet powerful remote administration tool for Windows, commonly used for malicious purposes.

A macOS Mail plugin to block email trackers, read receipts, and spy pixels for privacy protection.

A collection of penetration testing and software development tips for security-focused developers.

This repository provides a collection of advanced XSS payloads for penetration testing and security research.