Trending Projects

Next-generation Linux kernel exploit suggester tool for security researchers and penetration testers.

This GitHub repository is a list of recent data breaches and supply chain attacks, not a developer tool.

A Python-based password brute force dictionary with keyboard combinations, pinyin, and alphanumeric dictionaries.

A set of tools for creating and injecting malicious image payloads for web attacks.

A DNS enumeration tool that can be used for network reconnaissance and security testing.

OWASP Joomla Vulnerability Scanner, a security tool for scanning Joomla websites for vulnerabilities.

A fast, open-source CORS misconfiguration vulnerability scanner written in Python.

A Python library for parsing Cobalt Strike beacon data, useful for security analysis and incident response.

An open-source collection of incident response methodologies and frameworks for security professionals.

This Python library provides a comprehensive set of tools for penetration testing and offensive security.

A secure, fast, and enterprise-level honeypot management system with support for multiple protocols.

This is a repository for Twitch livestreams by a Turkish security researcher and penetration tester.

This is a Windows Local Privilege Escalation tool, not a developer discovery platform focused on vibe coders.

This repository provides a collection of advanced XSS payloads for penetration testing and security research.

A Python library for security researchers and penetration testers to automate web application testing.

A PowerShell script for quickly finding missing software patches for local privilege escalation vulnerabilities.

A repository with interview preparation material for penetration testing and security roles.

An open-source Java-based network intrusion detection and response system for visibility and security.

A security tool to search for interesting files in S3 buckets, useful for bug bounty and penetration testing.

Implements the CobaltStrike Beacon in Go for security research and reverse engineering purposes.

This is a tool to generate passwords using personal information, not an AI coding tool.

A C# version of PowerShell for red teaming and penetration testing purposes.

A high-performance, ModSecurity-compatible Nginx firewall module for web application security.

A comprehensive information gathering tool for security researchers and pentesters.

This is a Docker-based environment for reproducing and testing IoT firmware vulnerabilities.

A Python library that helps developers bypass URL parsing restrictions and security checks.

A repository for quickly setting up various vulnerable environments for security research and testing.

An offensive software exploitation course focused on developing exploitation techniques.

This repository is a Python library for performing Kerberos attacks, not focused on AI coding tools.

Open source platform to enhance security and observability of cloud native applications and infrastructure

SSH-MITM is a tool for auditing and analyzing SSH connections through a MITM proxy.

Strongbox is a secure password manager for iOS and macOS, featuring encryption, password generation, and KeePass support.

A program to reverse Docker images into Dockerfiles, useful for security researchers and developers.

A Go-based CLI tool to generate temporary phone numbers for bypassing SMS verification.

A semi-automated tool for rapidly searching public GitHub data for sensitive secrets and information leaks.

A Python tool to help MySQL client file reading and JDBC client Java deserialization for security testing.

A collection of academic papers related to fuzzing, binary analysis, and exploit development for vibe coders.

This repository contains a vulnerability scanner and rapid response system for enterprise networks.

A collection of precompiled Windows exploits, not actively maintained.

A Python library that provides one-liners for various penetration testing and privilege escalation tasks.

A remote administration tool for iOS/macOS/Linux that provides advanced exploitation and security capabilities.

A Python tool for evading antivirus detection, useful for security researchers and penetration testers.

This repository contains learning notes related to binary security, contributed by the Disiwater Reverse Engineering community.

A security tool that combines a modified version of Mimikatz and a .NET PE Loader for penetration testing.

PoC for the Zerologon vulnerability, which allows an attacker to completely compromise a Windows domain controller.

A passive Burp Suite plugin for detecting FastJson vulnerabilities.

LimeRAT is a simple yet powerful remote administration tool for Windows, commonly used for malicious purposes.

XcodeGhost is a malicious code injection vulnerability affecting Xcode, Apple's primary IDE for iOS development.

Python reference implementation of The Update Framework (TUF), a library for securing software update systems

A dictionary of common attack vectors for penetration testing, not a developer platform for AI tools.