#Security-research

Showing 60 of 87 repositories tagged #security-research, ranked by stars

PentestPad
PentestPad
subzy

Subdomain takeover vulnerability checker

Score
90
★ 1.6k ⑂ 205 +1/day
Go
JLospinoso
JLospinoso
gargoyle

Historical Windows temporal memory-state research artifact for studying time-bound memory observations, validation limits, and defensive visibility.

Score
100
★ 906 ⑂ 114
Python
LockGit
LockGit
Hacking

Hacker, ready for more of our story ! 🚀

Score
82
★ 587 ⑂ 172 +1/day
Python
ossf
ossf
fuzz-introspector

Fuzz Introspector -- introspect, extend and optimise fuzzers

Score
99
★ 461 ⑂ 85
Python
makalin
makalin
KeyForge3D

KeyForge3D is an app that turns a photo of a key into a 3D-printable STL file. Ideal for locksmiths and hobbyists, it analyzes the key's bitting pattern using image processing and generates an accurate 3D model for quick replication.

Score
0
★ 440 ⑂ 46 +3/day
Python
transilienceai
transilienceai
communitytools

Open-source Claude Code skills, agents, and slash commands for AI-powered penetration testing, bug bounty hunting, and security research

Score
97
★ 403 ⑂ 72 +10/day
Python
GainSec
GainSec
AutoProber

Hardware hacker’s flying probe automation stack for agent-driven target discovery, microscope mapping, safety-monitored CNC motion, probe review, and controlled pin probing.

Score
95
★ 305 ⑂ 18
Python
mebeim
mebeim
systrack

📡🐧 Linux kernel syscall implementation tracker

Score
33
★ 274 ⑂ 19
Python
H4D3ZS
H4D3ZS
vscodium-rust

AI-native IDE with agentic workflows, iPhone emulation on Windows/Linux, PyTorch ML Studio, and ROCm-optimized local AI. Built for security researchers and cross-platform developers.

Score
96
★ 230 ⑂ 44 +5/day
TypeScript
christinminor459
christinminor459
OnionClaw

Provide AI agents with full Tor network access and dark web data through a zero-config OpenClaw skill or standalone tool.

Score
100
★ 221 ⑂ 60
Python
GainSec
GainSec
anti-crime-ecosystem-research

Independent research white paper by Jon “GainSec” Gaines examining the security posture of a connected public safety technology ecosystem.

Score
79
★ 214 ⑂ 18 +2/day
miunasu
miunasu
IDA-Skill

使用skill让 AI Agent 像安全分析师一样分析恶意样本 | AI Agent skill for automated malware analysis using IDA Pro

Score
93
★ 197 ⑂ 29 +12/day
Python
tg12
tg12
PoC_CVEs

PoC_CVEs

Score
89
★ 172 ⑂ 23
Shell
ckcsec
ckcsec
ckcsec-security-wiki

Knowledge base for cybersecurity professionals

Score
92
★ 170 ⑂ 16
AnonKryptiQuz
AnonKryptiQuz
Injectra

Injectra is a Python-based tool for injecting custom payloads into various file types using their magic numbers. It supports file types like zip, rar, docx, jpg, and more, allowing for customizable payloads. It ensures seamless payload injection while maintaining the integrity of the original file.

Score
44
★ 149 ⑂ 28
Python
Pa55w0rd
Pa55w0rd
google-hacking-assistant

🔍 Chrome扩展,为安全研究和渗透测试提供Google/百度/Bing高级搜索语法快捷执行。一键Dorking、批量提取URL、智能过滤黑名单,大幅提升信息收集效率。 🔍 Chrome extension for security research and penetration testing. One-click advanced search (Dorking) on Google/Baidu/Bing, bulk URL extraction, smart blacklist filtering. Boost OSINT efficiency.

Score
64
★ 146 ⑂ 8
TypeScript
Tartarus-AI
Tartarus-AI
tartarusai-cli

Uncensored AI coding agent in your terminal. Does the work, skips the sermon. 256K context, crypto-only billing, no card on file.

Score
67
★ 139 ⑂ 6
7WaySecurity
7WaySecurity
cloud_osint

☁️ Curated Cloud OSINT resources — dorks, tools, and techniques for AWS, Azure, GCP, Oracle Cloud, and other major providers reconnaissance

Score
86
★ 133 ⑂ 19
noya21th
noya21th
claude-source-leaked

Claude Code v2.1.88 source analysis: system prompts, 87 hidden feature flags, cost optimization, architecture diagrams, undercover mode, and comparison with Cursor/Cline. No source code redistributed.

Score
100
★ 124 ⑂ 147
TypeScript
fierceoj
fierceoj
ShonyDanza

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Score
36
★ 120 ⑂ 25
Python
jusot99
jusot99
jusotlabs

Hand‑curated offensive security toolkit, scripts, and writeups for ethical hackers, pentesters, and IT pros eager to level up.

Score
84
★ 107 ⑂ 1
Python
HackingLZ
HackingLZ
maps_scanner

MAPS cloud scanner and response parser for Microsoft Defender research.

Score
0
★ 93 ⑂ 4
Python
ra1nb0rn
ra1nb0rn
search_vulns

A modular tool to search for known vulnerabilities, exploits and more across various data sources

Score
85
★ 90 ⑂ 15
Python
mrhenrike
mrhenrike
MikrotikAPI-BF

RouterOS Attack & Exploitation Framework — 40 CVE/EDB exploits, MAC-Server L2, credential decoder, NPK analyzer, 300-thread BF, Nmap NSE auto-install, pip package, CVE scanner. v3.5.4

Score
88
★ 88 ⑂ 29
Python
Chocapikk
Chocapikk
CVE-2023-6553

Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution

Score
29
★ 85 ⑂ 23
Python
dyjakan
dyjakan
interpreter-bugs

Fuzzing results for various interpreters.

Score
21
★ 82 ⑂ 12
Ruby
UCYBERS
UCYBERS
Bug-Bounty-Beginner-Roadmap

This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learning and practical development in the field of ethical hacking and vulnerability research.

Score
15
★ 80 ⑂ 4
Chocapikk
Chocapikk
CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Score
19
★ 79 ⑂ 12
Python
amurcanov
amurcanov
happ-decrypt-universal

Легковесный чистый Rust-дешифратор Happ-ссылок crypt, crypt2, crypt3, crypt4 и crypt5 без внешних runtime-зависимостей. Собранный в кроссплатформенные нативные бинарники. В образовательных целях.

Score
0
★ 75 ⑂ 3
Rust
0dayInc
0dayInc
pwn

PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

Score
81
★ 73 ⑂ 9
Ruby
lololosys
lololosys
awesome_cisco_exploitation

A curated list of awesome Cisco exploitation resources

Score
16
★ 70 ⑂ 14
disclose
disclose
dioterms

Open-source vulnerability disclosure policy templates.

Score
78
★ 70 ⑂ 8
vibheksoni
vibheksoni
dma-spoofer

First open-source DMA-based HWID spoofer written in Rust. Spoof hardware IDs via direct memory access.

Score
77
★ 68 ⑂ 21
Rust
pandaadir05
pandaadir05
re-architect

Advanced reverse engineering platform combining traditional static analysis with AI-powered insights. Supports multiple decompilers (Ghidra, IDA Pro, Binary Ninja), automated function analysis, and interactive web visualization for comprehensive binary analysis workflows.

Score
41
★ 65 ⑂ 8
Python
marcohextor
marcohextor
BOAST

BOAST is a server designed to receive and report Out-of-Band Application Security Testing (OAST) reactions.

Score
70
★ 65 ⑂ 7
Go
splintersfury
splintersfury
AutoPiff

Semantic analysis engine for detecting vulnerability fixes in Windows kernel driver patches — 58 YAML rules, Ghidra decompilation, reachability tracing, and scoring

Score
66
★ 63 ⑂ 3
Python
GainSec
GainSec
LeakScope

An all-in-one Shodan & ZoomEye supported tool to search, browse, preview and dump data leakage across 20+ services. Pulls real exposure straight from the sources instead of guessing. Drop it into your workflow and watch it surface leaks you won't find anywhere else.

Score
53
★ 62 ⑂ 9
JavaScript
0u44
0u44
NFCman

A Universal Android NFC research and analysis toolkit. Made for Android security researchers and developers. Clone, analyze, and test contactless cards including MIFARE, NTAG, and ISO14443 protocols. Features card data extraction, analysis tools, and emulation capabilities for penetration testing and research.

Score
73
★ 62 ⑂ 17 +3/day
Shell
K3ysTr0K3R
K3ysTr0K3R
CVE-2024-25600-EXPLOIT

A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)

Score
11
★ 57 ⑂ 11
Python
HackingLZ
HackingLZ
svg_phishing_tools

SVG Analysis and generation tools for commonly seen SVG attachment phishing

Score
33
★ 57 ⑂ 7
Python
K3ysTr0K3R
K3ysTr0K3R
INtrack

A flexible internet crawler used for scanning technologies, instances and vulnerabilities worldwide across the internet.

Score
10
★ 54 ⑂ 11
Python
cybersecplayground
cybersecplayground
bugbounty-Tips-and-Tricks

A curated collection of bug bounty tips, tricks, payloads, and bypass techniques

Score
75
★ 50 ⑂ 9 +1/day
Python
Macmod
Macmod
STARS

A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios.

Score
8
★ 49 ⑂ 6
Python
alby77689-design
alby77689-design
Wuzen-Framework---Advanced-Mobile-Security-Research-Platform

Advanced mobile security research platform for authorized testing and educational purposes

Score
45
★ 48 ⑂ 23
toxy4ny
toxy4ny
bl00dym4ry

Trojan (Ransomware) Phishing Simulator for Cybersecurity Training.

Score
38
★ 44 ⑂ 3
C
Ninja-Yubaraj
Ninja-Yubaraj
SQL-Injection-Payloads-List

SQL Injection Payloads List.

Score
7
★ 43 ⑂ 9
gl0bal01
gl0bal01
malware-analysis-claude-skills

Complete Claude skills toolkit for professional malware analysis. 5 specialized skills covering triage, dynamic analysis, detection engineering, and reporting. Works with REMnux/FlareVM offline environments.

Score
59
★ 42 ⑂ 3
Python
vibheksoni
vibheksoni
unbuned

Extract JavaScript from Bun-compiled executables. Zero dependencies, pure Python reverse engineering tool for security research and code analysis.

Score
71
★ 41 ⑂ 6 +2/day
Python
s-r-e-e-r-a-j
s-r-e-e-r-a-j
CamHawk

CamHawk is a camera phishing tool that tricks users into granting webcam access. Once permission is granted, the tool captures images from the webcam and sends them to your machine.

Score
74
★ 40 ⑂ 12
Shell
gl0bal01
gl0bal01
intel-codex

Comprehensive operational knowledge base: OSINT, forensics, reverse engineering, malware analysis, cryptography, smart-contract audit, cloud/AD/web pentesting, blockchain tracing, and intelligence frameworks for security researchers and CTF players.

Score
62
★ 38 ⑂ 6 +1/day
Shell
ByamB4
ByamB4
find-cve-agent

CVE hunting harness for Claude Code - 20 skills, 5-agent team, systematic vulnerability research with false positive elimination

Score
56
★ 37 ⑂ 6 +2/day
JavaScript
webpro255
webpro255
awesome-ai-agent-attacks

A curated timeline of real AI agent security incidents, breaches, and vulnerabilities (2024-2026). Every entry sourced and dated.

Score
60
★ 34 ⑂ 3 +5/day
xdrew87
xdrew87
Echos

Echos is a stealthy C2 traffic emulator built in Rust for Red Teamers. It simulates adversarial beaconing patterns and custom jitter to test EDR/NDR detection logic. Ideal for validating network security signatures in a safe, modular framework.

Score
55
★ 33 ⑂ 2
Rust
gitsint-rs
gitsint-rs
gitsint-rs

🔍 Gitsint is a cutting-edge OSINT platform designed for security researchers, threat intelligence teams, and developers. Uncover hidden connections, detect exposed secrets, and map digital footprints across GitHub's vast ecosystem.

Score
0
★ 33 ⑂ 0
zencefilefendi
zencefilefendi
zerdecalistops

🛡️ Zerdecalistops: The Ultimate Cyber Security Ammo Depot. An advanced, dashboard-powered custom wordlist collection for Penetration Testers and Security Researchers.

Score
63
★ 33 ⑂ 5
PHP
Keyvanhardani
Keyvanhardani
mythos-research

Outside-in replication of Anthropic's Mythos Preview / Project Glasswing — open-source agentic vulnerability-discovery scaffold on Claude Opus 4.7. Eight-phase sink-guided pipeline, ~$1/run, OSS self-scan and coordinated disclosure.

Score
68
★ 33 ⑂ 13 +1/day
Shell
RodricBr
RodricBr
OffSec-MISC

Offensive Security MISC Annotations and Payloads for Ethical Hackers / Security Researchers

Score
3
★ 31 ⑂ 4
feedhenry
feedhenry
mobile-security

FeedHenry Mobile Security

Score
0
★ 29 ⑂ 11
JavaScript
Irench1k
Irench1k
unsafe-code

Hands-on secure code review training: learn to find vulnerabilities in Flask, Django, FastAPI through production-quality examples. Whitebox pentesting for modern web frameworks.

Score
47
★ 29 ⑂ 1
Python
vibheksoni
vibheksoni
ferrox

Windows infostealer in Rust with polymorphic builds, Hell's Gate syscalls, and compile-time encryption. Educational use only.

Score
52
★ 28 ⑂ 10 +2/day
Rust
Related Topics
#cybersecurity#penetration-testing#security#python#red-team#reverse-engineering#security-tools#infosec#hacking#pentesting#threat-intelligence#malware-analysis

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly