Trending Projects

VeraCrypt is a disk encryption tool with strong security based on TrueCrypt, not a developer tool for vibe coders.

A comprehensive collection of Android security-related resources for developers.

This is a wiki for Capture the Flag (CTF) challenges, covering various topics like crypto, web, reverse engineering, and more.

This is a collection of password wordlists sorted by probability, useful for password generation and testing.

Leaked source code for the Mirai botnet, for research and indicator of compromise (IoC) development purposes.

An open-source project focused on tracking and exposing Huawei's alleged misdeeds.

This is a reconnaissance tool for locating smartphones using social engineering techniques.

A powerful network penetration testing tool that can be used to automate various pentesting tasks.

Curated list of privacy & security-focused software and services for developers

WebGoat is a deliberately insecure web application for security training and testing.

Pupy is a cross-platform C2 and post-exploitation framework written in Python and C for pentesting and security research.

The OWASP Web Security Testing Guide is a comprehensive open-source guide for security testing of web applications and services.

A powerful toolkit for security professionals and hackers, offering a wide range of scanning and analysis tools.

A curated list of tools for incident response and digital forensics investigations.

A dictionary of attack patterns and primitives for application fault injection and resource discovery.

This is a multi-honeypot platform for security research and deception.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

This repository provides a collection of Windows kernel exploit samples for penetration testing and security research.

A powerful OSINT analysis and research tool for tracking people on the internet.

Tsunami is a general purpose network security scanner for detecting high severity vulnerabilities.

This GitHub repository contains a collection of tools and techniques for Red Team and penetration testing activities.

A comprehensive list of privacy-focused alternatives to Google products.

An open-source vulnerability scanner written in Go that uses data from osv.dev to identify security issues.

An automated reconnaissance framework for web applications focused on highly configurable streamlined recon process.

A repository for learning various heap exploitation techniques in C.

A project that provides a comprehensive collection of Living Off The Land Binaries and Scripts for security research and incident response.

Trojan-go is a Go-based Trojan proxy that provides an unidentifiable mechanism to bypass the Great Firewall of China.

A private certificate authority and ACME server for secure automated certificate management, enabling TLS everywhere and SSH single sign-on.

A malicious traffic detection system written in Python for network monitoring and security.

A Python library for web fuzzing and parameter discovery, useful for pentesting and security research.

A TypeScript library that warns developers against using pixelation as a redaction technique.

Simple Swift wrapper for Keychain that works across iOS, watchOS, tvOS and macOS.

Secure your SSH keys using the Secure Enclave on your Mac, protecting them from unauthorized access.

A minimalist, open-source pastebin that encrypts data in the browser, providing zero-knowledge security.

A Python-based tool for tracking location or mobile number information, with features for cybersecurity and penetration testing.

A script that performs local Linux enumeration and privilege escalation checks.

The Exploit Database is a collection of publicly disclosed cybersecurity vulnerabilities and exploits.

Empire is a PowerShell and Python post-exploitation agent, not a developer discovery platform for vibe coders.

A curated list of Awesome Red Teaming resources for security professionals and penetration testers.

proxychains is a tool that forces any TCP connection to follow through a proxy, supporting SOCKS4, SOCKS5 and HTTP(S) proxies.

A rewrite of the popular wireless network auditing tool 'wifite' that allows developers to audit and crack Wi-Fi networks.

A comprehensive collection of online tools for Open-Source Intelligence (OSINT) research.

Comprehensive collection of the latest CVEs and their PoCs for security research and penetration testing.

A fast, simple, recursive content discovery tool written in Rust for penetration testing and security research.

This is a multi-use bash script for Linux systems to audit wireless networks.

A fully customizable Windows-based pentesting virtual machine distribution for security professionals.

A PowerShell-based toolkit for security professionals to test Active Directory environments.

A Python cryptography package that provides low-level access to cryptographic primitives and recipes.

Zeek is a powerful network analysis framework for security monitoring and incident response.

Direct Memory Access (DMA) Attack Software for security research and penetration testing