Trending Projects

This is a burp plugin for automatically recognizing and solving CAPTCHA challenges.

Modlishka is a reverse proxy tool for penetration testing and security research.

This GitHub repository contains tools and resources for red team and blue team security research and penetration testing.

A C-based loader that mitigates VMware Hardened VM detection to bypass anti-VM protections.

A curated list of CTF (Capture the Flag) frameworks, libraries, resources and software for security professionals.

A free online security knowledge library for pentesters and researchers.

Deprecated security and incident response platform for enterprises, built on the ELK stack.

A knowledge base for vulnerability PoCs with over 1000 vulnerabilities.

This is a penetration testing guide based on OWASP, including test cases, resources, and examples.

A Raspberry Pi-based Wi-Fi hacking tool for security researchers and penetration testers.

DumpsterDiver is a Python tool to search for secrets in various file types.

This repository is a collection of database exploitation techniques for penetration testing.

This repository contains resources and examples related to Linux rootkits, which are malicious software designed to gain unauthorized access to a system.

This Python repository provides a suite of online tools for security scanning, including CMS identification, information leakage, and port scanning.

This is an Intel SGX library for Linux that provides hardware-based confidential computing capabilities.

A Python tool for generating various types of NTLMv2 hash theft files for security research and testing.

A Python tool that helps find interesting Amazon S3 buckets by monitoring certificate transparency logs.

The Bug Hunters Methodology is a comprehensive guide for penetration testing and security research.

A comprehensive guide to Secure Shell (SSH) tunneling, port redirection, and network traffic manipulation for security professionals.

Tink is an open-source cryptography library that provides secure, easy-to-use APIs across multiple languages.

A comprehensive collection of Android security-related resources for developers.

A curated collection of Shodan search queries for security professionals and researchers.

A Python-based network penetration testing tool for security research and red teaming activities.

This is a tool for hacking Android pattern locks from the Termux terminal, likely used for phishing and penetration testing.

A Python script to automatically coerce a Windows server to authenticate on an arbitrary machine through multiple methods.

A curated list of domains using Cloudflare DNS at the time of the CloudBleed security incident.

A collection of OSINT tools for exploring the dark web, including scraping, search, and data extraction capabilities.

An open-source tool for performing security assessments on Oracle databases.

A remote administration tool for iOS/macOS/Linux that provides advanced exploitation and security capabilities.

Adversary Tactics - PowerShell Training for security professionals and penetration testers.

An all-in-one browser extension for offensive security professionals with a collection of hacking tools.

A network stresser tool that uses Hatsune Miku as its theme, built with TypeScript.

A curated list of various bug bounty tools for web security researchers and bug hunters.

A powerful open-source recursive internet scanner for security researchers and penetration testers.

A collection of exploit scripts for vulnerabilities in various web applications and frameworks.

A tool to bypass DPI (Deep Packet Inspection) and bypass internet censorship.

An offensive software exploitation course focused on developing exploitation techniques.

A comprehensive OSINT cheat sheet and repository of tools, datasets, and resources for security researchers and hackers.

A password cracking tool with a single rule to crack all passwords, or at least try to.

WebGoat is a deliberately insecure web application for security training and testing.

An open-source forum for discussing and circumventing internet censorship.

A curated list of awesome forensic analysis tools and resources for digital forensics and incident response (DFIR).

A browser extension that protects your browser fingerprints across Chrome, Edge, and Firefox

Extracts credentials and performs security testing on Windows systems

A collection of Azure security resources and notes for security researchers and penetration testers.

Comprehensive collection of security tools for penetration testing, vulnerability assessment, and incident response.

A collection of tools, scripts, and resources for OSCP (Offensive Security Certified Professional) preparation and penetration testing.

A reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications.

A subdomain takeover vulnerability checker tool written in Go for bug bounty hunting and security research.

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.