Trending Projects

This is a collection of custom Bash scripts for automating various penetration testing tasks, including reconnaissance, scanning, enumeration, and malicious payload creation, for use with Kali Linux.

This tool allows developers to extract decrypted iOS app binaries from jailbroken devices for reverse engineering and security research.

Velociraptor is a digital forensics and incident response framework written in Go, with a focus on endpoint discovery and security.

DedSecInside/TorBot is a dark web OSINT tool written in Python that crawls and extracts information from the Tor network.

This Python program allows you to detect and view IMSI numbers of nearby cellphones.

A repository for quickly setting up various vulnerable environments for security research and testing.

SecureDrop whistleblower platform repository

This repository provides dynamically updated IP blocklists for defending against cyber attacks and abuses.

This repository provides a comprehensive guide to the OSCE3 (OSWE, OSEP, OSED, OSEE) offensive security certifications.

A library of PHP unserialize() payloads and a tool to generate them programmatically.

A fast and powerful SSL/TLS scanning library for security-focused developers.

This is an advanced phishing tool for Linux, not a developer platform focused on AI tools.

This is the Kali NetHunter project, a penetration testing and security framework for Android devices.

An open-source two-factor authentication app for Android with support for HOTP, TOTP, and OpenPGP.

A simple yet powerful IOC and YARA scanner for security analysis and threat hunting.

A powerful OSINT tool for gathering open-source intelligence and performing online investigations.

A Windows 10 privacy and security checker tool that helps users optimize their system settings.

A step-by-step tutorial on fuzzing, a security testing technique to find vulnerabilities in software.

Advanced vulnerability scanning tool for developers using Nmap NSE scripts and Lua.

A free online security knowledge library for pentesters and researchers.

A PowerShell script for enumerating privilege escalation vulnerabilities on Windows systems.

A cloud security posture management (CSPM) tool that helps developers secure their cloud infrastructure.

A Python-based utility to quickly access and launch various hacking tools for security professionals.

Findomain is a fast and comprehensive domain discovery tool with features like port scanning, HTTP checking, and alert integrations.

A .NET deserialization payload generator to help developers identify and mitigate security vulnerabilities.

This GitHub repository provides hourly-updated data dumps of bug bounty platform scopes for developers to explore and use.

A curated collection of awesome tools and resources for securing APIs, benefiting the entire community.

OSCP cheatsheet for penetration testing and offensive security

A repository containing public documents and whitepapers about advanced persistent threat (APT) campaigns.

Automation tools for internal Windows penetration testing and Active Directory security research.

A Python framework for conducting Man-In-The-Middle attacks, useful for security research and penetration testing.

A fast Go HTML sanitizer to scrub user-generated content and prevent XSS attacks.

This repository provides a comprehensive collection of resources and tools for cellular network hacking.

An open-source C++ compiler for fully homomorphic encryption, enabling secure computation on encrypted data.

A Python tool to generate malicious PDF files with phone-home functionality for penetration testing.

Protect against DNS poisoning in China with this lightweight DNS proxy written in C.

A fast sub-domain brute tool for penetration testers and security researchers.

This is a collection of classic and modern trojan builders, not a developer tool for AI-powered coding.

This repository contains a vulnerability scanner and rapid response system for enterprise networks.

A powerful password cracking and dictionary building tool for brute-force attacks and social engineering.

A collection of security-related presentations and research reports shared at various conferences and events.

A comprehensive IT security toolkit for Android developers and professionals.

A Python script that exploits .git folder disclosure to retrieve source code from web servers.

CloudGoat is a tool for deploying vulnerable AWS environments for security research and training.

The vanhoefm/krackattacks-scripts repository contains scripts related to the KRACK attack on WPA2 wireless protocols.

An automatic SSRF fuzzer and exploitation tool for penetration testing and security research.

A Python-based weaponized web shell for penetration testing and security research.

A simple way to block internet access per app on Android devices.

A curated list of CVE PoCs, a useful resource for security researchers and penetration testers.

A Python script for brute-forcing WPA/WPA2 WiFi passwords, not suitable for vibe coders.