Trending Projects

A collection of top Termux hacking tools for Android devices, focused on security and penetration testing.

This is an archived repository that provides a web crawler and search engine for the now-defunct Wooyun security vulnerability database.

This repository provides a cheat sheet for web application security attacks and techniques.

Post-quantum cryptographic signatures using hash-based schemes in Rust

A collection of awesome resources related to the Cobalt Strike security tool for red team activities.

A tool for searching for ROP gadgets in binary files to facilitate exploitation.

This project hosts security advisories and proof-of-concepts related to research conducted at Google.

P4wnP1 is a highly customizable USB attack platform based on a Raspberry Pi Zero or Raspberry Pi Zero W.

A high-level C2 framework for managing reverse TCP & HoaxShell-based shells with enhanced features

This repository provides a collection of deals and discounts for InfoSec-related software and tools during the Black Friday season.

A collaborative, multi-platform red teaming framework for security researchers and penetration testers.

This is an Android security learning repository, not a developer discovery platform for vibe coders.

A collection of Kali Linux scripts for penetration testing and security research.

This repository provides resources for learning web security concepts like SQL injection and XSS.

A web security testing platform built with PHP for discovering and testing web vulnerabilities.

P4wnP1 A.L.O.A. is a Raspberry Pi Zero W framework for penetration testing, red teaming, and physical engagements.

A Python script that finds endpoints in JavaScript files for security and information gathering purposes.

This Rust-based repository provides tools and resources for offensive security and penetration testing.

A collection of cheat sheets for penetration testing and security research.

Python library for hash-based digital signatures and cryptographic signing operations.

A collection of exploit scripts for vulnerabilities in various web applications and frameworks.

The Bug Hunters Methodology is a comprehensive guide for penetration testing and security research.

A comprehensive security scanner written in Go, supporting port scanning, protocol detection, fingerprinting, and brute-force attacks.

AdGuard browser extension to block ads, trackers, and protect user privacy across Chrome and Firefox.

Arachni is a powerful open-source web application security scanner framework for penetration testing and vulnerability detection.

Boundary enables identity-based access management for dynamic infrastructure.

Course materials for Malware Analysis, focused on reverse engineering and understanding malicious software.

A Python-based information gathering automation tool for security researchers and penetration testers.

A social media enumeration and correlation tool for security researchers and penetration testers.

A powerful network reconnaissance framework that allows you to build your own self-hosted alternatives to Shodan, ZoomEye and more.

A collection of tools and techniques for the Blue Team, focused on incident response and cybersecurity.

A tool to find secrets and sensitive information in code repositories across GitHub, GitLab, and Bitbucket.

A tool for checking and mitigating various CPU vulnerabilities like Spectre, Meltdown, and ZombieLoad.

An advanced Python-based tool for automating the detection and exploitation of SQL injection vulnerabilities.

A project documenting the history and providing a tutorial on the Shadowsocks proxy server.

A collection of web attack payloads for security research and penetration testing.

A C++ implementation of the I2P anonymous network, providing end-to-end encrypted and anonymous internet communications.

A collection of security testing tools and payloads for web application penetration testing.

Unicorn is a tool for using a PowerShell downgrade attack and injecting shellcode into memory.

A censorship circumvention tool to evade detection by authoritarian state adversaries.

An open-source project that provides privacy-focused guides and tools to protect data against global surveillance.

A free and efficient ad-blocker and privacy guard for Windows, macOS, and Linux desktop apps.

A curated list of resources for social engineering, a technique used to manipulate people into divulging sensitive information.

A simple and lightweight library for performing encryption and decryption in PHP.

Pafish is a malware analysis tool that uses various techniques to detect virtual machines and analysis environments.

Linux enumeration tool for penetration testing and CTFs with multiple verbosity levels.

A collection of Burpsuite plugins, articles, and usage tips for web security testing and penetration testing.

This is a free, open-source CTF tutorial for beginners, covering various CTF challenges and network security topics.

A hosted reverse shell generator with many features for use in CTFs and security testing.

An open-source remote vulnerability testing framework for security research and penetration testing.