Trending Projects

A personal VPN project using Shadowsocks and v2ray to provide a free and secure VPN solution.

Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation.

An open-source ESP32-powered tool to scan, jam, spoof, and master BLE, Wi-Fi, and 2.4GHz networks.

A framework for creating stealthy malware droppers that bypass antivirus software

Iris-web is a collaborative incident response platform for digital forensics and incident response teams.

This is an Albanian hacking tool with various functionalities for ethical hacking and information gathering.

A large open-source database for detecting secrets, API keys, passwords, and more, useful for security-focused vibe coders.

A modern 32/64-bit position independent implant template for security researchers and penetration testers.

A collection of over 60 BadUSB scripts for the FlipperZero device, focused on security research and penetration testing.

A curated list of resources for detection engineering, a cybersecurity function for proactively identifying malicious activity.

XX-Net is a proxy tool to bypass GFW with multi-platform support and traffic obfuscation.

Bypass GFW using TLS-based protocols

This is a collection of malware source code for various platforms and programming languages.

A Python library for working with various network protocols, useful for network security and penetration testing.

ZAP is an open-source web application security scanner that helps developers identify and fix security vulnerabilities.

A fast passive subdomain enumeration tool for security researchers and bug bounty hunters.

This is an open-source webshell project that provides access to remote servers through various scripting languages.

ModSecurity is an open-source web application firewall (WAF) engine for Apache, IIS, and Nginx that provides protection from web attacks.

An open-source post-exploitation framework for students, researchers and developers.

A comprehensive security and attack surface management platform for penetration testing and vulnerability assessment.

Pupy is a cross-platform C2 and post-exploitation framework written in Python and C for pentesting and security research.

A minimalist, open-source pastebin that encrypts data in the browser, providing zero-knowledge security.

A PowerShell-based toolkit for security professionals to test Active Directory environments.

Comprehensive collection of security tools for penetration testing, vulnerability assessment, and incident response.

Browser fingerprinting library that uses favicons to track users across the web.

RSA attack tool to retrieve private keys from weak public keys and/or decipher data

Monitor Linux processes without root permissions using this Go-based security tool.

A curated list of various bug bounty tools for web security researchers and bug hunters.

A fast, reliable, and simple port scanner written in Go, ideal for bug bounties and penetration testing.

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework.

Automated all-in-one OS command injection exploitation tool for security researchers and penetration testers.

A curated list of awesome infosec courses and training resources for security professionals.

A curated list of bug bounty writeups, a valuable resource for security researchers and bug hunters.

A cloud-native SIEM for intelligent security analytics for the entire enterprise.

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang.

Automatically install all Kali Linux tools for security and penetration testing.

A collection of study notes and resources for learning web hacking and security.

A curated list of awesome forensic analysis tools and resources for digital forensics and incident response (DFIR).

A comprehensive collection of reverse engineering resources and tools for multiple platforms.

A Python-based tool to suggest Windows exploits based on installed updates and patches.

A JavaScript library that produces persistent, respawning "super" cookies in a browser, used for user identification.

This is a phishing tool and information collector, not a developer tool focused on AI-powered coding.

A collection of cheat sheets for penetration testing and security research.

A Python-based information gathering automation tool for security researchers and penetration testers.

A censorship circumvention tool to evade detection by authoritarian state adversaries.

An open-source project that provides privacy-focused guides and tools to protect data against global surveillance.

This tool allows developers to extract decrypted iOS app binaries from jailbroken devices for reverse engineering and security research.

DedSecInside/TorBot is a dark web OSINT tool written in Python that crawls and extracts information from the Tor network.

A library of PHP unserialize() payloads and a tool to generate them programmatically.

A cloud security posture management (CSPM) tool that helps developers secure their cloud infrastructure.