Trending Projects

The Python Cryptography Toolkit provides a set of cryptographic primitives and utilities for developers.

This is a research repository from the SSL Labs team, likely not focused on vibe coders.

An awesome collection of resources for securing Go applications and infrastructure.

This is an automated penetration testing tool written in Go, not a developer discovery platform focused on vibe coders.

ServerScan is a high-concurrency network scanning and service detection tool written in Golang.

A Python codebase to generate an msdt-follina payload, a vulnerability exploit in Microsoft.

A collection of various JSP webshell implementation methods for security researchers and penetration testers.

A proof-of-concept backdoor that uses Gmail as a command-and-control server, likely not suitable for vibe coders.

Passhunt is a tool for searching default credentials across network devices, web apps, and more.

An automation tool that enumerates subdomains and scans for web vulnerabilities.

A dictionary of common attack vectors for penetration testing, not a developer platform for AI tools.

A PHP security checker that scans projects for known vulnerabilities in their dependencies.

A collection of red team tools and scripts for security research and penetration testing.

A root exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability.

This is a security scanning tool for internal networks, not a vibe coder platform.

A modular, customizable tool for building security incident scenarios and artifacts for Blue/Red Team operations.

Protect against DNS poisoning in China with this lightweight DNS proxy written in C.

Teler is a real-time HTTP intrusion detection system written in Go for analyzing logs and detecting threats.

A collection of common system vulnerabilities encountered in red team operations.

A sensitive information leakage scanner for GitHub that helps developers monitor for and secure exposed data.

A proof-of-concept for exploiting the critical CVE-2021-44228 vulnerability in the Log4j logging library.

A Go-based asset discovery and port brute-force scanning system to help enterprises find weak passwords.

XVWA is a vulnerable web app for security enthusiasts to learn application security.

A collection of Aggressor scripts for Cobalt Strike, a popular penetration testing framework.

LunaSec is a dependency security scanner that automatically notifies you about vulnerabilities in your codebase.

A comprehensive guide to improving privacy and security on Windows 10.

CredSniper is a phishing framework that supports capturing 2FA tokens for security research.

Evilgrade is a Perl framework that allows injecting fake updates to take advantage of poor upgrade implementations.

This Python repository provides a proof-of-concept for brute-forcing Apple ID login credentials.

GPU-based Onion Hash generator for developers working with cryptography and anonymity tools.

A C# tool for discovering and exploiting SQL injection vulnerabilities across various databases.

A web application that assists network defenders in mapping adversary behaviors to the MITRE ATT&CK framework.

A GitHub code leak monitoring system built with Laravel for security-conscious developers.

A plug-in type web vulnerability scanner written in Python

Portspoof is a C++ library that generates fake open ports to detect and mitigate network scanning attempts.

This is a one-click script to set up Shadowsocks/ShadowsocksR and enable BBR kernel acceleration on Ubuntu/CentOS/Debian.

An experimental host-based intrusion detection system (HIDS) written in Go.

A Python library for comprehensive domain security analysis, suitable for security researchers and developers.

An offensive manual web application penetration testing framework written in Python.

This repository is a collection of exploits and hacking tools, not a vibe coder platform.

A Python tool that helps find interesting Amazon S3 buckets by monitoring certificate transparency logs.

An Android library that prevents app piracy using Google Play Licensing, APK signature protection, and more.

Pilot program for submitting CVE records through GitHub, ending on 6/30/2023.

This repository contains a collection of tools for red team hacking and penetration testing.

A Rust cryptography library with implementations of various algorithms.

A Python tool for evading antivirus detection, useful for security researchers and penetration testers.

A pure-Python, fully automated and unattended fuzzing framework for software testing and security research.

This is a C# project that scans for and exploits two CVE vulnerabilities (CVE-2021-42287/CVE-2021-42278).

A mirror of a privacy-focused software recommendations repository focused on security and privacy.

A Python tool to monitor GitHub for new CVEs, security updates, and more, with multi-channel notifications.