Trending Projects

A C++ tool for loading and executing remote AES encrypted PE files in memory, commonly used for malware analysis and penetration testing.

A PowerShell script for quickly finding missing software patches for local privilege escalation vulnerabilities.

This is a cheatsheet for pentesting and cybersecurity, not a developer discovery platform for vibe coders.

FiercePhish is a full-fledged phishing framework to manage phishing engagements and campaigns.

This is a course repository for a University of Cincinnati Malware Analysis class, not a developer discovery platform.

A set of tools for creating and injecting malicious image payloads for web attacks.

A security solution for Kubernetes and container environments, providing runtime protection and threat detection.

This is a stealth AirTag clone that bypasses Apple's tracking protection features, likely for nefarious purposes.

This repository contains a collection of kernel exploits, likely not relevant for vibe coders.

A Python library for tracking the history of USB events on GNU/Linux for forensic and security purposes.

Metasploit module to exploit the Eternalblue-Doublepulsar vulnerability.

A comprehensive collection of techniques and examples for manually obfuscating PowerShell scripts to evade antivirus detection.

A blackbox tool to disable SSL certificate validation within iOS and macOS applications.

OS X Auditor is a free Mac OS X computer forensics tool.

An Android plugin tool that automatically encrypts strings in the bytecode to protect app source code.

A Python library for spoofing Apple BLE proximity pairing messages, likely used for security research.

A curated list of security resources and tools for developers and security professionals.

A Windows tool for dumping malware PE files from memory to disk for security analysis.

A browser extension for encrypting emails with OpenPGP, compatible with webmail providers.

A passive Shiro detection plugin for the BurpSuite security tool, used for web application security testing.

Python reference implementation of The Update Framework (TUF), a library for securing software update systems

A Python library that protects against fake shops, ads, tracking, and other internet attacks.

A shell script that transparently encrypts files within a Git repository to securely manage secrets.

Peirates is a Kubernetes Penetration Testing tool written in Go for security research and vulnerability assessment.

A field guide for Capture the Flag (CTF) competitions, focused on security and hacking.

A Python library for generating password wordlists and hashcat rules for offline password cracking

A vulnerable app with examples showing how to not use secrets, useful for security education.

r2frida combines the static and dynamic analysis capabilities of Radare2 and Frida for Android and iOS security assessments.

A comprehensive collection of cheatsheets for various infosec tools and security-related topics.

DecryptTools is a comprehensive tool for decryption tasks, likely useful for security researchers and developers.

Captfencoder is an open-source suite of network security tools, including crypto, hashing, and security utilities.

A toolkit for auditing and exploiting Cross-Site Request Forgery (CSRF) vulnerabilities in web applications.

Apache Teaclave SGX SDK helps developers write Intel SGX applications in Rust for confidential computing.

A collection of Android malware samples for security research and analysis.

OWASP Joomla Vulnerability Scanner, a security tool for scanning Joomla websites for vulnerabilities.

A simple command-line tool to brute force crack HS256, HS384 & HS512 JWT tokens.

An open-source software supply chain security solution for detecting dependencies, vulnerabilities, and license compliance.

A fast asset fingerprinting tool that queries data from popular security platforms like Fofa, ZoomEye, and Shodan.

A simple remote control tool in C# for red team and security research purposes.

The Exploit Database is a collection of publicly disclosed cybersecurity vulnerabilities and exploits.

An open-source web vulnerability scanner that helps developers audit and secure web applications.

A free, open-source honeypot solution for enterprise-level security monitoring and threat hunting.

A Python script that demonstrates how to get free WiFi access by spoofing network credentials.

A tool to upload arbitrary data via Apple's Find My network, useful for security researchers and data exfiltration.

An evasion framework for bypassing anti-virus and endpoint detection and response (EDR) tools.

A collection of cybersecurity and incident response notes for blue team professionals.

Collection of common wordlists for brute force attacks on RDP, SSH, and IP camera passwords.

A Python tool that checks expired domains for categorization, reputation, and historical data to identify phishing and C2 domain candidates.

A PowerShell script designed to bypass AMSI and commercial antivirus solutions for penetration testing

A Python tool that scans for misconfigurations in Cross-Origin Resource Sharing (CORS) policies.