Trending Projects

Bandit is a static code analysis tool that helps find security issues in Python code.

Cryptomator for Android is an open-source file encryption tool for secure cloud storage access.

This Python script allows you to abuse Exchange Server to escalate privileges and gain Domain Admin access.

A Python cryptography package that provides low-level access to cryptographic primitives and recipes.

A hosted reverse shell generator with many features for use in CTFs and security testing.

A webshell management tool for Godzilla that helps bypass traffic detection devices.

This repository appears to be a collection of articles related to penetration testing, not a developer discovery platform focused on vibe coders.

A curated collection of resources, tools, and shiny things for cybersecurity blue teams.

This project hosts security advisories and proof-of-concepts related to research conducted at Google.

Frida scripts to rewrite mobile applications at runtime to directly MitM all HTTPS traffic

A Python tool to generate malicious PDF files with phone-home functionality for penetration testing.

A comprehensive guide to privacy settings for popular software and services.

A collection of cybersecurity handbooks and resources for security professionals and CTF players.

A collection of setup scripts for security research tools, useful for penetration testing and ctf challenges.

This is a script for hacking Instagram accounts using a brute-force password cracking technique.

Velociraptor is a digital forensics and incident response framework written in Go, with a focus on endpoint discovery and security.

A customizable and automated penetration testing reporting platform for offensive security professionals.

Obfuscate specific Windows APIs with different APIs for malware research and security applications.

A Python library for web fuzzing and parameter discovery, useful for pentesting and security research.

A comprehensive resource for bug bounty hunters, covering payloads, bypasses, and other security techniques.

A Windows kernel rootkit for advanced cybersecurity research and red teaming.

This project is a security vulnerability research repository focused on a Linux privilege escalation exploit.

A suite of tools for hacking social media accounts, including brute-force, phishing, and reporting attacks.

This repository contains a collection of tools and resources for penetration testing and security research.

A collection of resources for learning about Linux kernel security and exploitation.

A Go-based tool to fetch known URLs from various threat intelligence sources for security analysis.

A Python project that reverse-engineers the new 'captchaless' ReCaptcha system.

A powerful SMS and call bomber tool for Linux and Termux, designed for hacking and spamming purposes.

Pafish is a malware analysis tool that uses various techniques to detect virtual machines and analysis environments.

XX-Net is a proxy tool to bypass GFW with multi-platform support and traffic obfuscation.

A Python-based tool for finding exploit code from various exploit databases.

A C++ implementation of the I2P anonymous network, providing end-to-end encrypted and anonymous internet communications.

ARL (Asset Reconnaissance Lighthouse) is a security tool for quickly investigating and building an asset information library for penetration testing and vulnerability assessment.

Evil-M5Project is an educational tool for exploring WiFi network security and vulnerabilities.

API security checklist for designing, testing, and releasing secure APIs

A collection of penetration testing POCs, exploits, scripts, and tools for security research and testing.

A collection of CTF challenge files and scripts for security researchers and penetration testers.

A C/C++ source obfuscator for bypassing antivirus detection, not a developer discovery platform for vibe coders.

Email OSINT and password breach hunting tool, locally or using premium services

This is an open-source EDR (Endpoint Detection and Response) repository, not a developer discovery platform for vibe coders.

The OWASP MASVS is the industry standard for mobile app security verification and testing.

AutoPWN Suite is a Python-based project for scanning vulnerabilities and automatically exploiting systems.

This repository provides information on how to find leaked credentials, which can be useful for security research.

A powerful network penetration testing tool that can be used to automate various pentesting tasks.

A Python-based shell handler tool for security researchers and penetration testers.

This is a Python toolkit for conducting various brute-force attacks, including admin panel, CMS, and password cracking.

A Python library for launching HTTP/HTTPS flood attacks using socks4/5 or HTTP proxies.

This is a curated list of Burp Suite resources, including 400+ open source plugins and 400+ posts/videos.

Metasploitable3 is a vulnerable virtual machine for security research and testing purposes.

OSCP cheatsheet for penetration testing and offensive security