Trending Projects

Awesome list of step-by-step techniques to achieve Remote Code Execution on various applications.

A collection of precompiled Windows exploits, not actively maintained.

This is an automated penetration testing tool written in Go, not a developer discovery platform focused on vibe coders.

A reverse proxies cheatsheet for security professionals and penetration testers.

An offensive manual web application penetration testing framework written in Python.

A Go-based asset discovery and port brute-force scanning system to help enterprises find weak passwords.

A Python tool that helps find interesting Amazon S3 buckets by monitoring certificate transparency logs.

WeblogicTool is a GUI tool for Weblogic vulnerability detection, command execution, webshell injection, and password decryption.

Librefox is a Firefox-based browser with privacy enhancements for security-conscious users.

A Java tool for exploiting JNDI-based attacks and ysoserial payloads for web security testing.

A Python tool for stealthy data exfiltration using DNS requests.

A Python program to create a fake access point and sniff data for penetration testing and security research.

An open-source Golang-based POC framework/library for quickly developing vulnerability detection systems.

BinAbsInspector is a Java-based vulnerability scanner that analyzes binary files using abstract interpretation techniques.

A recon tool that allows searching on URLs exposed via shortener services for security research.

A collection of helpful preload libraries for security research and penetration testing.

A modern reverse shell sessions manager written in Go for security researchers and penetration testers.

Undetectable Windows payload generation tool for penetration testing and security research.

A Go tool to leak git repositories from misconfigured websites for security research and penetration testing.

A powerful internal penetration testing tool suite written in Go that supports various service brute-force attacks.

An Android library that prevents app piracy using Google Play Licensing, APK signature protection, and more.

A collection of Aggressor scripts for Cobalt Strike, a popular penetration testing framework.

Android library that provides a secure way to store sensitive data in shared preferences with encryption.

WeChat database decryption tool for extracting encrypted messages and keys from SQLCipher 4

A payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods.

This repository contains a collection of tools for red team hacking and penetration testing.

Woodpecker is a high-risk vulnerability detection and deep exploitation framework for vibe coders.

BinaryAlert is a serverless, real-time and retroactive malware detection tool powered by AWS Lambda and Terraform.

A security research project that discovers a vulnerability in the VirtualBox E1000 network driver, allowing a guest OS to escape to the host.

A collection of various JSP webshell implementation methods for security researchers and penetration testers.

This is a C# project that scans for and exploits two CVE vulnerabilities (CVE-2021-42287/CVE-2021-42278).

A Python tool that creates actionable data from vulnerability scans for security professionals.

This C-based library helps developers discover and exploit buffer overflow vulnerabilities.

A dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

An iOS security testing framework for penetration testing and vulnerability assessment of mobile apps.

A compilation of commands, tips, and scripts for penetration testing and security research.

A comprehensive collection of cybersecurity and infosec resources for developers.

Beagle is a Python-based incident response and digital forensics tool that transforms security logs and data into graphs.

This project appears to be related to the KRACK attack, which is a vulnerability in the WPA2 protocol, rather than a developer discovery platform for vibe coders.

An open-source intrusion detection system for monitoring and detecting suspicious activity in Active Directory environments.

A Python-based password brute force dictionary with keyboard combinations, pinyin, and alphanumeric dictionaries.

A virtual machine for adversary emulation and threat hunting, not a developer discovery platform focused on vibe coders.

A Java library for securely encrypting data into a native .so library for use in your projects.

A collection of web security tools for penetration testing and vulnerability scanning.

A security tool to help identify potentially vulnerable web services affected by the log4j vulnerabilities.

A mirror of a privacy-focused software recommendations repository focused on security and privacy.

This repository provides resources and learning materials for software security research and education.

An automation tool that enumerates subdomains and scans for web vulnerabilities.

LSTAR is a comprehensive post-exploitation plugin for CobaltStrike, a popular penetration testing framework.

Automated Red Team Infrastructure deployment using Docker for penetration testing and security research.