Trending Projects

A Go-based wordlist framework for security researchers, bug bounty hunters, and hackers.

A C++ project that removes various kernel callbacks to bypass antivirus and endpoint detection and response (EDR) tools.

A community-curated list of public bug bounty and responsible disclosure programs for security researchers.

evilginx2 is a man-in-the-middle attack framework used for phishing credentials and session cookies.

This Python-based backdoor uses Gmail to exfiltrate data and track user activity for red team engagements.

Autorize is an extension for Burp Suite that automates authorization enforcement detection to ease security testing.

A Python tool that automatically collects Proof of Concept (POC) or Exploit (EXP) from GitHub based on CVE IDs.

A leaked guide on pentesting tools and techniques used by the Conti ransomware group

This repository demonstrates exploiting vulnerabilities to impersonate a Domain Admin from a standard domain user account.

Open-source RASP (Runtime Application Self-Protection) solution for improving application security.

A security tool that helps analyze changes to the attack surface of an operating system during software installation.

Matsuri is an Android app and toolchain for bypassing internet censorship using Shadowsocks and V2Ray.

A full-featured C2 framework for silently persisting on webservers with a single-line PHP backdoor.

This repository provides free proxy and VPN solutions including Clash, Shadowsocks, and V2Ray for developers to bypass internet censorship.

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR.

An open-source Golang-based POC framework/library for quickly developing vulnerability detection systems.

A Burpsuite plugin for recursively detecting vulnerable paths in web applications.

This repository provides a comprehensive summary of the Certified Ethical Hacker (CEH) certification in bullet points.

Secure chat software for your computer using cryptography to protect conversations.

Python low-interaction honeyclient for security research and incident response

SecureDrop whistleblower platform repository

This GitHub repository is a collection of Java security resources and summaries, focused on security auditing.

A collection of Burp Suite encryption plugins that support various crypto algorithms and execute custom JS code for security testing.

A Suricata-based network detection and response (NDR) distribution for security monitoring and threat hunting.

SSH-MITM is a tool for auditing and analyzing SSH connections through a MITM proxy.

An utility tool that integrates high-risk vulnerability exploits for security researchers and penetration testers.

A Python script for batch scanning with the Acunetix AWVS scanner, supporting various vulnerability checks.

A DNS enumeration tool that can be used for network reconnaissance and security testing.

A security-focused static analysis tool for Android and Java applications.

This project appears to be a Facebook hacking toolkit written in Python, not a developer discovery platform for AI-focused developers.

A collection of Censys Search Queries for security research and OSINT investigations.

This repository contains writeups and cheatsheets for Vulnhub CTF challenges, useful for OSCP preparation and penetration testing.

Ncrack is a high-speed network authentication tool used for cracking authentication credentials across a network.

A proof-of-concept tool to demonstrate the Follina Office RCE vulnerability for testing purposes.

Lightweight certificate transparency log monitor for monitoring SSL/TLS certificates.

RSA attack tool to retrieve private keys from weak public keys and/or decipher data

A curated list of CVE PoCs, a useful resource for security researchers and penetration testers.

A curated list of Node.js security resources for developers, including best practices, tools, and vulnerability info.

A daily updated composer exclusion list for security vulnerabilities in PHP projects.

A Python library for security researchers and penetration testers to automate web application testing.

This is a C2 shellcode generator/compiler/handler, not a developer discovery platform for vibe coders.

VPN/proxy node recommendation and evaluation guide for airport services

This repository is a curated list of advanced Windows exploitation references, not a developer discovery platform for vibe coders.

A Burp Suite extension to find potential endpoints, parameters, and generate a custom target wordlist

Open source platform to enhance security and observability of cloud native applications and infrastructure

An educational resource that explains CSRF tokens and how they work to protect web applications.

Minimal TOTP generator in 20 lines of Python for developers who need a simple 2FA solution.

A Python-based tool for automating favicon-based reconnaissance during bug bounty and penetration testing.

A fast emergency response tool for supply chain vulnerability scanning and port scanning

HostHunter is an open-source OSINT tool for discovering hostnames and IP addresses during security assessments and penetration testing.