Trending Projects

This Go-based project provides a collection of techniques for bypassing antivirus (AV) protection, including API testing, encryption, and obfuscation.

An antivirus evasion project written in C#, focused on bypassing antivirus detection.

Examples demonstrating how to implement AWS security patterns using CloudFormation and Terraform.

IntelMQ is a security incident handling solution for IT security teams to collect and process security feeds.

A security tool for monitoring and protecting Windows 11 systems from spyware and malware.

A Windows privilege escalation tool that uses Windows Tokens to elevate privileges

A repository for quickly setting up various vulnerable environments for security research and testing.

A fast and powerful SSL/TLS scanning library for security-focused developers.

A comprehensive cheat sheet for understanding and mitigating Java Deserialization vulnerabilities.

A secure clipboard sharing tool that allows copying and pasting anything over the network.

A security-focused firmware for FIDO2 and U2F hardware security keys, written in C.

A tool to upload arbitrary data via Apple's Find My network, useful for security researchers and data exfiltration.

SharpSploit is a .NET post-exploitation library written in C# for security research and penetration testing.

An open-source dataset of Advanced Persistent Threat (APT) group information and analysis.

An open-source tool for performing security assessments on Oracle databases.

A collection of security POCs and exploits maintained by the Baize Sec security team.

NetRipper is a PowerShell tool for penetration testing that allows smart traffic sniffing.

This is a security research repository from the Microsoft Security Response Center (MSRC).

A repository of comprehensive wordlists used in bug bounty programs and ethical hacking.

A Burpsuite plugin for recursively detecting vulnerable paths in web applications.

TrevorC2 is a legitimate website that tunnels client/server communications for covert command execution.

A passive sniffing tool for capturing and visualizing WiFi location data disclosed by iOS devices.

LSTAR is a comprehensive post-exploitation plugin for CobaltStrike, a popular penetration testing framework.

Encrypted digital estate planning tool—securely store secrets & plans for worst-case scenarios

This is a Python script for monitoring and crawling the Chinese Darknet, not a developer discovery platform.

LimeRAT is a simple yet powerful remote administration tool for Windows, commonly used for malicious purposes.

iOS jailbreak tool for security research and system-level experimentation on iOS 15-16

A repository containing public documents and whitepapers about advanced persistent threat (APT) campaigns.

A toolkit of hacking tools and gadgets for security researchers and penetration testers.

A collection of helpful preload libraries for security research and penetration testing.

An open-source, lightweight, and cross-platform website vulnerability scanning tool to help developers quickly detect security risks.

A Suricata-based network detection and response (NDR) distribution for security monitoring and threat hunting.

VECTR is a tool that helps track red and blue team testing activities to measure detection and prevention capabilities.

An open-source Java-based network intrusion detection and response system for visibility and security.

A collection of academic papers related to fuzzing, binary analysis, and exploit development for vibe coders.

A proof-of-concept backdoor that uses Gmail as a command-and-control server, likely not suitable for vibe coders.

A Rust plugin for sudo that requires another human to approve and monitor privileged sudo sessions for compliance.

This repository contains a collection of malware samples for analysis purposes, not for malicious use.

A course on intermediate-level Linux exploitation, focusing on Python-based techniques.

An open-source project focused on protecting user privacy and security against mass surveillance.

A C-based JWT brute force cracker for security testing and research.

SSRF (Server Side Request Forgery) testing resources for security professionals.

The Python Cryptography Toolkit provides a set of cryptographic primitives and utilities for developers.

A repository with interview preparation material for penetration testing and security roles.

This is a collection of high-risk vulnerability exploitation tools, likely not intended for vibe coders.

This is a guide for configuring Cobalt Strike's C2 communication, not a developer discovery platform for vibe coders.

This repository is a Python library for performing Kerberos attacks, not focused on AI coding tools.

A collection of offensive C# tooling for security research and penetration testing.

A browser extension that protects user privacy by intercepting and serving local copies of common remote resources.

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.