Trending Projects

A Python-based toolkit for performing a wide range of security auditing and exploitation tasks.

A framework for constructing self-spreading binaries, a type of malware, written in Go.

A minimal and effective Wi-Fi, BLE, and 2.4 GHz band jammer written in C.

This Shell repository appears to be a tool for Android malware development, not a developer discovery platform.

A malicious traffic detection system written in Python for network monitoring and security.

A vulnerable iOS app to help mobile security enthusiasts and professionals test their penetration testing skills.

A comprehensive open-source intelligence (OSINT) tool for gathering information from various online sources.

This is a curated collection of hacking and penetration testing resources for developers.

A curated list of CTF (Capture the Flag) frameworks, libraries, resources and software for security professionals.

A repository providing free VPN configurations for users in Russia and other regions.

A collection of red team tips and techniques for security researchers and penetration testers.

A privacy leak detection tool for developers to check for personal data exposure.

A repository of LIVE malwares for analysis and research purposes.

A private certificate authority and ACME server for secure automated certificate management, enabling TLS everywhere and SSH single sign-on.

DIVA Android is a deliberately insecure and vulnerable Android app for security testing and education.

A Node.js command and control tool for script-jacking vulnerable Electron applications.

MagicRecon is a shell script that automates the recon and data collection process to find common vulnerabilities.

An idiomatic nmap library for Go developers to perform network mapping and analysis.

A stealthy Linux kernel rootkit for modern kernels, useful for security research and penetration testing.

A minimalist, open-source pastebin that encrypts data in the browser, providing zero-knowledge security.

A Go library that allows executing binaries from a password-protected zip file for security purposes.

A penetration testing framework packed with hacking tools for security research and exploration.

A tool for automated decompiling and security evaluation of WeChat mini-programs, supporting decryption, unpacking, and code modification.

A curated list of various bug bounty tools for web security researchers and bug hunters.

NoDPI is a Python utility for bypassing DPI (Deep Packet Inspection) to circumvent internet censorship.

This project is a penetration testing tool for hacking cameras and GPS locations of target devices.

A high-speed covert tunnel to bypass Deep Packet Inspection firewalls by disguising TCP traffic as SMTP email.

This is a collection of commonly used commands for penetration testing, not a developer tool.

Collection of blocklists to fill in the gaps for ad-blocking, privacy, and security purposes.

CACTUSTORCH is a library for generating payloads for adversary simulations, not a developer discovery platform.

This PoC exploits a vulnerability to bypass Xiaomi's HyperOS community restrictions for bootloader unlocking.

This is a burp plugin for automatically recognizing and solving CAPTCHA challenges.

This repository contains tools for web shell malware evasion and encrypted traffic transmission.

A comprehensive cheatsheet for bug bounty hunters, covering various payloads, tips, and tricks.

An open-source anti-DPI software that allows users to bypass internet censorship on various platforms.

This repository is a collection of database exploitation techniques for penetration testing.

A middleware to create a flexible proxy pool, providing a fixed request address for long-term use.

This repository provides a suite of tools for mapping network assets, scanning ports, and extracting sensitive information from web applications.

A network reconnaissance and asset discovery tool written in Go for security professionals.

Actionable analytics and threat intelligence tools for incident response and threat hunting.

DumpsterDiver is a Python tool to search for secrets in various file types.

This repository provides a comprehensive guide to the OSCE3 (OSWE, OSEP, OSED, OSEE) offensive security certifications.

A repository of custom payloads for the USB Rubber Ducky, a powerful pen-testing tool for keystroke injection attacks.

This Python project is a tool for exploiting SVN source code leaks to dump the entire codebase.

EZ is a cross-platform vulnerability scanner that combines information gathering, port scanning, service brute-forcing, URL crawling, and fingerprinting.

A reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications.

The Rogue Access Point Framework for security and penetration testing

A tool to scan and identify Fastjson vulnerabilities, including version, dependencies, and autoType status.

A curated collection of Shodan search queries for security professionals and researchers.

This is a social engineering tool for hacking that can access webcam, microphone, and location.