Trending Projects

CloudGoat is a tool for deploying vulnerable AWS environments for security research and training.

A collection of nightly builds of common C# offensive tools, built and released in a CI/CD fashion.

A modular and decentralized honeypot designed to detect and monitor network intrusions.

A Python-based web vulnerability scanner for developers to identify and mitigate security risks.

Nym is a decentralized, privacy-preserving network that enables anonymous transactions and strong network-level privacy.

This is a collection of tools for penetration testing and OSINT, not a vibe coder platform.

A collection of over 60 BadUSB scripts for the FlipperZero device, focused on security research and penetration testing.

This is a collection of OSINT and penetration testing tools for security researchers and red teams.

A library that helps detect various malware analysis techniques used in the wild.

An all-in-one browser extension for offensive security professionals with a collection of hacking tools.

The leading security assessment framework for Android, providing a comprehensive toolkit for penetration testing.

A high-level C2 framework for managing reverse TCP & HoaxShell-based shells with enhanced features

A library of PHP unserialize() payloads and a tool to generate them programmatically.

An open-source OSINT framework for gathering information about IP addresses, emails, websites, and organizations.

A tool to dump a git repository from a website, useful for security researchers and developers.

This GitHub repository contains files related to jamming and hacking Sub-GHz signals using a Flipper Zero device.

Secure and firewall-agnostic networking library for building hacking and networking tools.

A curated list of awesome cybersecurity resources, tools, and learning materials.

A Python library providing the latest CVEs with their Proof of Concept exploits.

This is a collection of hacking tools for Android, Instagram, and wifi, not a developer discovery platform.

A curated list of resources for understanding and bypassing Web Application Firewalls (WAFs) from a security standpoint.

A collection of resources for learning about Linux kernel security and exploitation.

A C# tool for legally evading network monitoring and conducting online research.

Curated blocklists for ad-blocking and malware prevention on Pi-hole and DNS filters.

This is a phishing tool and information collector, not a developer tool focused on AI-powered coding.

Collection of ad-blocking rules and configs for proxy/tunnel clients (Loon, Surge, QuantumultX, ShadowRocket, Egern).

A tool that extracts various credentials and sensitive data from network packets or live interfaces.

A Python-based toolkit for security researchers and hackers, providing tools for penetration testing and network analysis.

A multifunctional Telegram-based Android RAT (Remote Access Tool) without port forwarding.

A curated list of Google Dorks for bug bounty, web application security, and penetration testing.

AndroRAT is a Remote Administrator Tool for hacking Android devices, allowing remote control and exploitation.

This repository is a list of Android Remote Access Trojans, not a developer discovery platform for vibe coders.

A collection of CTF (Capture The Flag) challenges and resources for security researchers and developers.

API security checklist for designing, testing, and releasing secure APIs

A curated list of resources for learning about application security, including security experts, OWASP, and more.

A comprehensive penetration testing reference bank for OSCP/PTP & PTX certification preparation.

A Go-based tool to fetch known URLs from various threat intelligence sources for security analysis.

AFWall+ is an open-source Android firewall app that allows users to control network access and block unwanted traffic.

This is a script to install Kali Nethunter, a penetration testing Linux distro, on Android devices using Termux without root access.

A collection of tools for offensive and defensive security on the Azure AD/Microsoft Entra platform.

An OSINT framework and package manager for security researchers and bug bounty hunters.

A powerful framework for rogue access point attacks, focused on security research and penetration testing.

A comprehensive roadmap and resources for those interested in pursuing a career in cybersecurity.

All-in-one malware analysis tool for security-focused developers and researchers.

BlueDucky is a Python implementation of a security vulnerability (CVE-2023-45866) that allows unauthenticated code execution using a HID keyboard.

Open source platform for adversary emulation and exposure validation to enhance cybersecurity posture.

This repository provides tools and configurations for accessing censorship-circumvention services like Shadowsocks, Clash, and Trojan.

A Burpsuite plugin for automating the bypass of authentication and WAF protections.

Empire is a PowerShell and Python post-exploitation agent, not a developer discovery platform for vibe coders.

An open-source adversary emulation platform for security professionals to assess system vulnerabilities.