Trending Projects

A Python-based HTA encryption tool for Red Teams to obfuscate and execute malicious scripts.

GitHub App to set and enforce security policies for open-source projects on GitHub.

A Java deserialization exploit framework for penetration testing and security research.

A passive Burp Suite plugin for detecting FastJson vulnerabilities.

A program to reverse Docker images into Dockerfiles, useful for security researchers and developers.

A collection of PoCs for remote code execution vulnerabilities in ThinkPHP v5.x, a popular PHP framework.

This Python library scans Pastebin for suspicious content using Yara rules.

A collection of historical vulnerability analyses for the ThinkPHP framework.

A Python tool that creates archives that can exploit directory traversal vulnerabilities.

A C++ cheat/skin changer tool for the game League of Legends, used for modding and reverse-engineering.

A Python-based honeypot framework for setting up and managing modern honeypot sensors.

Portspoof is a C++ library that generates fake open ports to detect and mitigate network scanning attempts.

A Java tool for exploiting Shiro550 and Shiro721 vulnerabilities with various payload options.

A repository that provides tips and tricks for pwn (binary exploitation) in CTF challenges.

A C++ tool for extracting clear text passwords from the Windows Remote Desktop Protocol (RDP) client.

A collection of web security tools for penetration testing and vulnerability scanning.

This is a tool to generate passwords using personal information, not an AI coding tool.

This is a security scanning tool for internal networks, not a vibe coder platform.

This is a workshop focused on local privilege escalation techniques on Windows and Linux systems, not a developer tool for AI-powered coding.

Rule sets for Surge proxy clients (iOS/Mac) with ad-blocking, anti-censorship, and GFW bypass capabilities.

This Python tool is a penetration testing and vulnerability scanning utility for quickly gaining access to target systems.

Asset discovery and identification tools to quickly identify web fingerprint information and locate asset types.

A Java-based tool for quickly exploiting Spring Boot vulnerabilities during penetration testing.

A reverse proxies cheatsheet for security professionals and penetration testers.

This repository contains personal notes on Active Directory penetration testing, not a developer discovery platform for vibe coders.

A reverse tunneling tool for pentesters, built with Go, to easily establish secure connections.

A tool to monitor and detect sensitive information leaks on GitHub repositories.

A C++ library for loading and executing shellcode, likely used for security research and penetration testing.

BinAbsInspector is a Java-based vulnerability scanner that analyzes binary files using abstract interpretation techniques.

An Android library that prevents app piracy using Google Play Licensing, APK signature protection, and more.

LunaSec is a dependency security scanner that automatically notifies you about vulnerabilities in your codebase.

A tutorial on how to exploit a double-free vulnerability, focused on binary exploitation and security research.

This is a C-based exploit targeting a Windows SMBv3 vulnerability (CVE-2020-0796) known as SMBGhost.

A simple and fast SSH server bruteforcer tool for security professionals and developers.

A security tool for analyzing vulnerabilities, malware, and anomalous activities in Docker images and containers.

A cybersecurity incident response testing tool that generates tailored scenarios using LLMs and the MITRE ATT&CK framework.

A collection of red team tools and scripts for security research and penetration testing.

A Windows 10 privacy and security checker tool that helps users optimize their system settings.

YARA signature database for threat detection, malware analysis, and security scanning

Curated cheatsheets & command snippets for penetration testing and security research

A collection of common system vulnerabilities encountered in red team operations.

An experimental host-based intrusion detection system (HIDS) written in Go.

A Go port of the Shikata ga nai encoder with several improvements for security researchers and pentesters.

A repository of security proof-of-concept codes created by the Google Security Team.

This is an exploit for a vulnerability (CVE-2019-11043) and not a developer tool or platform.

A simulated phishing system for red-blue team exercises in the field of cybersecurity.

Attack surface mapping tool for CVEs

A payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods.

This repository contains a collection of tools for red team hacking and penetration testing.

A Python tool for evading antivirus detection, useful for security researchers and penetration testers.