Trending Projects

A collection of security-related presentations and research reports shared at various conferences and events.

HElib is an open-source C++ library for homomorphic encryption, supporting BGV and CKKS schemes.

A Python-based honeypot framework for setting up and managing modern honeypot sensors.

A collection of precompiled Windows exploits, not actively maintained.

A Java-based tool for quickly exploiting Spring Boot vulnerabilities during penetration testing.

A reverse proxies cheatsheet for security professionals and penetration testers.

A Rust-based security tool for Linux exploitation that aims to leave zero traces on system logs and filesystem timestamps.

This is a security research repository from the Microsoft Security Response Center (MSRC).

A customizable Windows-based virtual machine for threat intelligence analysis and hunting

Weak password scanner for various services like FTP, SSH, SQL databases, and more.

A Python script that generates a dictionary for fuzzing file uploads to detect vulnerabilities.

This repository contains a zero-day code injection and persistence technique in C, but it is not focused on AI tools for developers.

A Java deserialization exploit framework for penetration testing and security research.

A Golang command and control framework for post-exploitation tooling and red team operations.

An automated security and vulnerability scanning tool for security professionals and red teams.

A comprehensive collection of tools and techniques for cracking various types of verification codes and captchas.

A vulnerable Spring Boot web application for learning about the Log4Shell vulnerability (CVE-2021-44228).

Ladon 911 for Cobalt Strike & Cracked Download, a large network penetration scanner with various security tools

A C# version of PowerShell for red teaming and penetration testing purposes.

Picocrypt is a small, secure encryption tool for developers focused on privacy and security.

A Java tool for exploiting Shiro550 and Shiro721 vulnerabilities with various payload options.

w13scan is a passive security scanner that can detect vulnerabilities in web applications.

A payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods.

A tool to create a fake Windows logon screen and steal user credentials, potentially used for malicious purposes.

A powerful SQL injection vulnerability scanner for web applications written in Python.

This Python library scans Pastebin for suspicious content using Yara rules.

This is a Python library for cracking WPA passwords using precomputed data.

A Python-based parser and emulation engine to analyze and detect malicious VBA macros.

A self-hosted VPN deployment with DNS ad blocking for privacy protection.

A transparent ransomware claim tracker for monitoring and analyzing ransomware activity on the dark web.

A Python tool that creates archives that can exploit directory traversal vulnerabilities.

This GitHub repository is a list of recent data breaches and supply chain attacks, not a developer tool.

A repository of security proof-of-concept codes created by the Google Security Team.

A secure and scalable network traffic analysis framework written in Go for security and monitoring.

A high-performance, ModSecurity-compatible Nginx firewall module for web application security.

A WebSocket-based memory shell/webshell tool for developers interested in security research.

A browser extension that protects user privacy by intercepting and serving local copies of common remote resources.

A tool that creates spoofed certificates and signs executables to evade antivirus detection.

A collection of open-source security tools and custom scripts for Red Team operations.

This repository contains a collection of XSS payloads designed to turn 'alert(1)' into more potent attacks.

A tutorial on how to exploit a double-free vulnerability, focused on binary exploitation and security research.

A virtual machine for adversary emulation and threat hunting, not a developer discovery platform focused on vibe coders.

Encrypted digital estate planning tool—securely store secrets & plans for worst-case scenarios

A Python tool for scanning IP and domain names to find weakly protected internal systems.

A C# workshop on writing custom backdoor payloads for red team security research.

A PowerShell script anti-virus evasion tool for penetration testing and red team activities.

NextScan is a comprehensive enterprise-level black-box vulnerability scanning system that integrates vulnerability scanning, management, asset scanning, and crawling services.

A C# library for bypassing EDR's active projection DLL's by preventing entry point execution.

AntiSpy is a free anti-virus and rootkits toolkit that can detect, analyze, and restore kernel modifications.

iOS jailbreak tool for security research and system-level experimentation on iOS 15-16