Trending Projects

A curated list of mobile-based CTFs, write-ups, and vulnerable Android apps for security researchers and developers.

This repository provides a tool for remotely accessing webcams, which can be used for malicious purposes.

KeySweeper is a stealthy Arduino-based device that wirelessly sniffs, decrypts, and logs keystrokes from Microsoft wireless keyboards.

Stealth is a secure, peer-to-peer, private, and automatable web browser/scraper/proxy for developers who value privacy.

A Python-based parser and emulation engine to analyze and detect malicious VBA macros.

Examples demonstrating how to implement AWS security patterns using CloudFormation and Terraform.

An automated, modular cryptanalysis tool for security researchers and penetration testers.

A Python library for decoding common remote access trojans (RATs) used by cybercriminals.

A toolkit to attack Office365 using various security tools and techniques.

A PowerShell framework for attacking RDP sessions and lateral movement in Windows environments.

A Python library that helps developers bypass URL parsing restrictions and security checks.

This is a security scanning tool for internal networks, not a vibe coder platform.

A Python library that decrypts and logs a process's SSL traffic for security analysis.

A repository providing examples and tools for conducting security assessments on Azure and AWS cloud environments.

IntelMQ is a security incident handling solution for IT security teams to collect and process security feeds.

An OSINT tool for location tracking and social engineering attacks.

A security tool for developers to hunt endpoints, expose shadow APIs, and map attack surfaces.

This is a GitHub repository for a security vulnerability in Microsoft Teams that allows for remote code execution.

A PowerShell-based utility for creating malicious Office macro documents.

A directory traversal fuzzer tool written in Perl for penetration testing and security research.

A self-hosted VPN deployment with DNS ad blocking for privacy protection.

A static analyzer for PE executables, useful for malware analysis and security research.

A collection of handy bookmarks for penetration testing and security research.

An open-source collection of incident response methodologies and frameworks for security professionals.

A Go-based port of Wappalyzer that automates mass scanning to uncover technologies used on websites.

A vulnerable server used for learning software exploitation, written in C.

WebMap-Nmap Web Dashboard and Reporting tool for cybersecurity professionals

A tool for cloning and running the popular WiFi Pineapple security device on generic hardware.

A repository containing proof-of-concept projects, experiments, and security resources for developers.

This is a kernel exploit for the PS Vita on firmwares 3.65-3.68, allowing for jailbreaking and hacking capabilities.

A Python PoC tool that packages payloads into various output containers to evade detection and demonstrate risks.

A Python tool that generates randomized Cobalt Strike C2 malleable profiles for red teaming activities.

Collection of Python-based security exploits and research tools written by the Rhino Security Labs team.

Deprecated mana toolkit for wifi rogue AP attacks and MitM

A collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+, a popular red team toolkit.

This GitHub repository contains a collection of anti-virus evasion techniques for developers.

Cryptomator for Android is an open-source file encryption tool for secure cloud storage access.

A Python tool to access the front and back cameras of a target's phone by sending a phishing link.

This is a script for hacking Instagram accounts using a brute-force password cracking technique.

This Java-based tool is a collection of vulnerability detection utilities, not focused on AI coding tools.

A privacy-preserving home security camera that uses end-to-end encryption.

A C++ library for recovering the encryption key used by the WannaCry ransomware.

A security advisory database for Rust crates published through crates.io, focused on vulnerability research and reporting.

An open-source enterprise-level automated app privacy compliance detection tool.

C# implementation of the PowerView framework for Windows domain enumeration and lateral movement

A cybersecurity platform to protect against the Ukraine-Russia conflict on the internet.

Unix Privesc Check is a shell script that checks for common Unix privilege escalation vectors.

A list of DNS providers and how to claim vulnerable domains for bug bounty and security research.

Spartacus is a toolkit for DLL/COM hijacking, providing utilities for proxy DLL generation and Windows process monitoring.

A security tool for monitoring and protecting Windows 11 systems from spyware and malware.