Trending Projects

An interactive network scanner written in Go with features like port scanning, service detection, and vulnerability assessment.

An idiomatic nmap library for Go developers to perform network mapping and analysis.

A collection of cool tools and resources for mobile hackers and bug hunters.

A Go library that allows executing binaries from a password-protected zip file for security purposes.

A wiki-based knowledge base focused on cloud security for developers and security professionals.

This repository contains the original proof-of-concepts for the React2Shell CVE-2025-55182 vulnerability.

This project is a Remote Access Trojan (RAT) that provides full remote command-line access, allowing for the download and execution of programs, and the spreading of viruses and malware.

A Python tool that creates archives that can exploit directory traversal vulnerabilities.

A modular, customizable tool for building security incident scenarios and artifacts for Blue/Red Team operations.

DumpsterDiver is a Python tool to search for secrets in various file types.

An open-source guideline to help embed security as part of the development pipeline.

A Python-based toolkit for performing a wide range of security auditing and exploitation tasks.

An initial access and post-exploitation tool for AAD and O365 with a browser-based GUI

A utility to find AES keys in running processes, useful for security research and testing.

This is a curated list of Burp Suite resources, including 400+ open source plugins and 400+ posts/videos.

This repository provides information on how to find leaked credentials, which can be useful for security research.

A Python CLI tool for multi-cloud and multi-SaaS asset management, security posture monitoring, and attack surface reduction.

This is a burp plugin for automatically recognizing and solving CAPTCHA challenges.

A sensitive information protection toolkit written in Go for secure data handling.

This repository is a collection of database exploitation techniques for penetration testing.

MagicRecon is a shell script that automates the recon and data collection process to find common vulnerabilities.

A Python library and CLI tool equivalent to the CyberChef tool for data format conversion and processing.

A statically-linked SSH server with reverse shell functionality for CTFs and penetration testing.

A Python script for detecting Windows systems infected with the DOUBLEPULSAR malware implant.

A powerful SMS and call bomber tool for Linux and Termux, designed for hacking and spamming purposes.

This project provides technical guides and resources for various hacking and security-related topics.

A curated collection of awesome PHP security resources for developers.

This repository contains information and resources related to IT security that developers may find useful.

EZ is a cross-platform vulnerability scanner that combines information gathering, port scanning, service brute-forcing, URL crawling, and fingerprinting.

This repository contains tools for web shell malware evasion and encrypted traffic transmission.

This is a C++ rootkit designed to provide stealth and evasion capabilities to malicious software.

An open-source Android app that tests for recent device vulnerabilities to improve Android security.

Sublert is a security and reconnaissance tool that leverages certificate transparency to monitor new subdomains and SSL/TLS certificates.

A C# Command & Control framework for security research and penetration testing

This repository contains the source code for the book 'Violent Python' focused on cybersecurity and ethical hacking tools.

ToRat is a remote administration tool written in Go that uses Tor as a transport mechanism and RPC for communication.

A Python tool for penetration testers to audit domain passwords.

A collection of paths linked to sensitive APIs, devops internals, and known misconfigurations for web content discovery and security research.

This Python project is a tool for exploiting SVN source code leaks to dump the entire codebase.

A Python-based tool for finding exploit code from various exploit databases.

A comprehensive web security dictionary for security researchers and penetration testers.

A collection of Python scripts used during penetration testing engagements.

Execute untrusted code with custom permissions in a secure sandboxed environment.

Obfuscate specific Windows APIs with different APIs for malware research and security applications.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Python low-interaction honeyclient for security research and incident response

Attify OS is a Linux distro for penetration testing and exploiting IoT devices.

A C++ tool for loading and executing remote AES encrypted PE files in memory, commonly used for malware analysis and penetration testing.

A comprehensive cheatsheet for various Man-in-the-Middle (MITM) attack techniques for penetration testing.

A framework for constructing self-spreading binaries, a type of malware, written in Go.