Trending Projects

An open-source SSH man-in-the-middle tool for penetration testing and security research.

This repository appears to contain resources related to social engineering and hacking tools, not a developer platform.

This GitHub repository is a list of recent data breaches and supply chain attacks, not a developer tool.

WeblogicTool is a GUI tool for Weblogic vulnerability detection, command execution, webshell injection, and password decryption.

A Firefox extension to protect users from browser fingerprinting.

A Python-based information gathering automation tool for security researchers and penetration testers.

A Go-based asset discovery and port brute-force scanning system to help enterprises find weak passwords.

A curated list of threat modeling resources for learning and practicing security review.

This is a curated collection of hacking and penetration testing resources for developers.

A repository of custom payloads for the USB Rubber Ducky, a powerful pen-testing tool for keystroke injection attacks.

A tool for automating brute-force attacks on services found through various scanning techniques.

A Python-based malware analysis and unpacking tool for security researchers and analysts.

This project provides research articles and fileless webshells to bypass professional detection tools.

Orbot is an open-source Tor client for Android that provides anonymity and censorship circumvention.

A comprehensive list of reentrancy attacks on Ethereum smart contracts for security research.

A comprehensive library of cybersecurity resources for developers and security professionals.

An automatic SSTI detection tool with an interactive interface for penetration testing and security research.

A security advisory database for Rust crates published through crates.io, focused on vulnerability research and reporting.

A tool to scan and identify Fastjson vulnerabilities, including version, dependencies, and autoType status.

A powerful XSS scanning tool for security researchers and developers.

A powerful web interface for manipulating Android and iOS apps at runtime for mobile security research.

A LinkedIn enumeration tool that extracts valid employee names from an organization through web scraping.

A collection of tools for offensive and defensive security on the Azure AD/Microsoft Entra platform.

A Python library for remotely extracting credentials from the Windows Local Security Authority Subsystem Service (lsass).

Malleable C2 is a domain-specific language to redefine indicators in Beacon's communication for Cobalt Strike.

Psiphon is an open-source tool for circumventing internet censorship, built in Go.

A Go-based shellcode encryptor and obfuscator tool for penetration testing and red team activities.

A comprehensive collection of hacking tools, resources, and references for practicing ethical hacking.

A secure and scalable network traffic analysis framework written in Go for security and monitoring.

A powerful JavaScript and Node.js obfuscator for protecting your code and intellectual property.

A curated list of honeypot resources for security researchers and developers.

A comprehensive OSINT tool written in Go that allows searching anyone's digital footprint across 300+ websites.

A Python library for mass scanning IPs to discover vulnerable network services.

This Python project is a tool for exploiting SVN source code leaks to dump the entire codebase.

A collection of nightly builds of common C# offensive tools, built and released in a CI/CD fashion.

This is a collection of Endpoint Detection and Response (EDR) tools for security researchers and developers.

A comprehensive penetration testing framework with a variety of cybersecurity resources for security professionals.

A tool for checking and mitigating various CPU vulnerabilities like Spectre, Meltdown, and ZombieLoad.

Phishing catcher tool that uses Certificate Transparency to detect and report suspicious SSL/TLS certificates.

An all-in-one hacking tool for Linux and Android (Termux) to turn your environment into a hacking machine.

A high-performance, ModSecurity-compatible Nginx firewall module for web application security.

A Python-based shell handler tool for security researchers and penetration testers.

This repository provides an organized list of resources for malware development, which is not recommended for general use.

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.

This repository provides a patch to hide QEMU and bypass various anti-detection mechanisms.

A Windows kernel rootkit for advanced cybersecurity research and red teaming.

A collection of precompiled Windows exploits, not actively maintained.

SPARTA is a network infrastructure penetration testing tool written in Python.

A Burp Suite extension to bypass 403 restricted directories.

A curated list of blockchain security CTF competitions for developers to improve their security skills.