Trending Projects

A WebSocket-based memory shell/webshell tool for developers interested in security research.

A Python tool to search for leaked credentials in the PWNDB database.

A comprehensive tool for scanning and exploiting various OA vulnerabilities in bulk.

This is a GUI launcher for the XRAY web vulnerability scanning tool, focusing on web security.

This repository covers code execution and AV evasion methods for macros in Office documents.

A powerful SQL injection vulnerability scanner for web applications written in Python.

Key and Lock Decoding Tools for developers interested in cryptography and security.

Stealth is a secure, peer-to-peer, private, and automatable web browser/scraper/proxy for developers who value privacy.

HElib is an open-source C++ library for homomorphic encryption, supporting BGV and CKKS schemes.

A secure clipboard sharing tool that allows copying and pasting anything over the network.

A security-focused firmware for FIDO2 and U2F hardware security keys, written in C.

A C++ library for loading and executing shellcode, likely used for security research and penetration testing.

Woodpecker is a high-risk vulnerability detection and deep exploitation framework for vibe coders.

Web and mobile application security training platform focused on secure coding practices.

A Python tool that automates the reconnaissance process to map an application's attack surface.

A collection of PoCs for remote code execution vulnerabilities in ThinkPHP v5.x, a popular PHP framework.

A Golang command and control framework for post-exploitation tooling and red team operations.

Spartacus is a toolkit for DLL/COM hijacking, providing utilities for proxy DLL generation and Windows process monitoring.

A Python framework for conducting Man-In-The-Middle attacks, useful for security research and penetration testing.

Librefox is a Firefox-based browser with privacy enhancements for security-conscious users.

Curated list of machine learning tools and resources for cybersecurity professionals.

A tool for extracting browser passwords, with plans for additional functionality.

Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.

MouseJack is a security research tool focused on discovering and analyzing vulnerabilities in wireless mice and keyboards.

A Python tool for automatic detection of ThinkPHP vulnerabilities.

A collection of scripts and executables for penetration testing and digital forensics.

PoC for a local privilege escalation vulnerability in the pkexec command of the polkit library (CVE-2021-4034)

This is a security scanning tool for internal networks, not a vibe coder platform.

A modular, customizable tool for building security incident scenarios and artifacts for Blue/Red Team operations.

This is a workshop focused on local privilege escalation techniques on Windows and Linux systems, not a developer tool for AI-powered coding.

A library and command line tool to detect SHA-1 collisions in files.

This is a C-based exploit targeting a Windows SMBv3 vulnerability (CVE-2020-0796) known as SMBGhost.

This repository contains a collection of kernel exploits, likely not relevant for vibe coders.

A C++ tool for bypassing security products by obscuring the intentions of a process.

Collection of PoC and offensive techniques used by the BlackArrow Red Team

This is a Python script for monitoring and crawling the Chinese Darknet, not a developer discovery platform.

C# implementation of the PowerView framework for Windows domain enumeration and lateral movement

Provides a wordlist, rules, and masks for password cracking and security research.

A tool to upload arbitrary data via Apple's Find My network, useful for security researchers and data exfiltration.

A Python tool for data exfiltration and infiltration using text-based steganography to evade detection.

HackBar is a Burpsuite plugin that provides a user-friendly interface for web application penetration testing.

This is a repository containing notes on penetration testing, not a developer discovery platform.

A Python-based parser and emulation engine to analyze and detect malicious VBA macros.

A list of DNS providers and how to claim vulnerable domains for bug bounty and security research.

A security tool for multithreaded information gathering and service enumeration in penetration testing.

A simple reverse ICMP shell written in C for remote system access and control.

This repository contains a collection of XSS payloads designed to turn 'alert(1)' into more potent attacks.

A Python tool for scanning IP and domain names to find weakly protected internal systems.

A Python tool to test for the CVE-2020-1472 vulnerability, which is a critical security issue.

SPARTA is a network infrastructure penetration testing tool written in Python.