• $300 Free Credits for Your Google Cloud Projects Icon
    $300 Free Credits for Your Google Cloud Projects

    Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

    Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
    Start Free Trial
  • Ship Agents Faster Icon
    Ship Agents Faster

    Transform your applications and workflows into powerful agentic systems at global scale.

    Gemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
    Get Started Free
  • 1
    Flipper Zero Firmware

    Flipper Zero Firmware

    Flipper Zero firmware source code

    ...Flipper was inspired by the pwnagotchi project, but unlike other DIY boards, Flipper is designed with the convenience of everyday usage in mind — it has a robust case, handy buttons, and shape, so there are no dirty PCBs or scratchy pins. Flipper turns your projects into a game, reminding you that development should always be fun.
    Downloads: 57 This Week
    Last Update:
    See Project
  • 2
    emp3r0r

    emp3r0r

    Linux/Windows post-exploitation framework made by linux user

    ...Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.
    Downloads: 24 This Week
    Last Update:
    See Project
  • 3
    PEASS-ng

    PEASS-ng

    Privilege Escalation Awesome Scripts SUITE

    These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. All the scripts/binaries of the PEAS suite should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own machines and/or with the owner's permission.
    Downloads: 158 This Week
    Last Update:
    See Project
  • 4
    ZAP

    ZAP

    The OWASP ZAP core project

    ...ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application.
    Downloads: 93 This Week
    Last Update:
    See Project
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 5
    Gobuster

    Gobuster

    Directory/File, DNS and VHost busting tool written in Go

    Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic...
    Downloads: 44 This Week
    Last Update:
    See Project
  • 6
    mitmproxy

    mitmproxy

    A free and open source interactive HTTPS proxy

    ...Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of features like request interception and replay. Its command-line version mitmdump allows you to write powerful addons and script mitmproxy so it can automatically modify messages, redirect traffic, and perform many other custom commands.
    Downloads: 23 This Week
    Last Update:
    See Project
  • 7
    thc-hydra

    thc-hydra

    Shows how easy it would be to gain unauthorized access to a system

    ...It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD/OpenBSD, QNX (Blackberry 10) and MacOS. However the module engine for new services is very easy so it won't take a long time until even more services are supported. Via the command line options you specify which logins to try, which passwords, if SSL should be used, how many parallel tasks to use for attacking, etc. PROTOCOL is the protocol you want to use for attacking, e.g. ftp, smtp, http-get or many others are available.
    Downloads: 37 This Week
    Last Update:
    See Project
  • 8
    Shannon

    Shannon

    Fully autonomous AI hacker to find actual exploits in your web apps

    ...It focuses on “proof by exploitation,” meaning it actively hunts for attack vectors in your code and then attempts to execute end-to-end exploits to demonstrate impact. The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. ...
    Downloads: 20 This Week
    Last Update:
    See Project
  • 9
    EMAGNET

    EMAGNET

    Automated hacking tool to find leaked databases with 97.1% accuracy

    ...Before using Emagnet, please remember that with great power comes great responsibility. Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce support for Spotify accounts, Instagram accounts, ssh servers, Microsoft RDP clients and Gmail accounts. Emagnet is a very powerful tool for capturing email addresses and passwords from leaked databases uploaded on Pastebin. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 10
    Atlantis iOS

    Atlantis iOS

    A lightweight and powerful iOS framework for intercepting HTTP/HTTPS

    ...Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 11
    Modlishka

    Modlishka

    Powerful and flexible HTTP reverse proxy

    Modlishka is a powerful and flexible HTTP reverse proxy. It implements an entirely new and interesting approach of handling browser-based HTTP traffic flow, which allows to transparently proxy of multi-domain destination traffic, both TLS and non-TLS, over a single domain, without the requirement of installing any additional certificate on the client. What exactly does this mean? In short, it simply has a lot of potential, that can be used in many use case scenarios. Modlishka was written as...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 12
    Flipper Zero BadUSB

    Flipper Zero BadUSB

    Repository for my flipper zero badUSB payloads

    The repository is a public GitHub collection of BadUSB payloads prepared to run from a Flipper Zero device; it’s presented as a plug-and-play library that bundles payload scripts, a README, and supporting files so users can pick and use payloads without heavy setup. The project is heavily PowerShell-oriented and organized into a payloads folder with documentation (README, FAQs) and helper scripts, and the author says they formatted the collection to be easy for others to use. The maintainer also set up short-URL infrastructure to simplify embedding webhooks or tokens into compact one-liners for payload configuration, and the repo includes social/contact links and acknowledgments to related projects. ...
    Downloads: 38 This Week
    Last Update:
    See Project
  • 13
    nbcelltests

    nbcelltests

    Cell-by-cell testing for production Jupyter notebooks in JupyterLab

    ...Cell-by-cell testing for production Jupyter notebooks in JupyterLab. To use in JupyterLab, you will also need the lab and server extensions. Typically, these are automatically installed alongside nbcelltests, so you should not need to do anything special to use them. The lab extension will require a rebuild of JupyterLab, which you'll be prompted to do on starting JupyterLab the first time after installing celltests (or you can do it manually with jupyter lab build). Note that you must have node.js installed (as for any lab extension).
    Downloads: 3 This Week
    Last Update:
    See Project
  • 14
    RufasSok

    RufasSok

    Sokoban with many families of puzzles provided.

    This is a minimalist version of the Sokoban puzzle game that runs on Windows, OSX, and Linux. The best thing about this game that is different: you can use the built-in solvers a little bit.. Sometimes I want to know the best next move or two, but no more. Other times I want to solve part way and watch the solver step thru the remainder of the solution at whatever speed I choose.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 15
    PyRDP

    PyRDP

    RDP monster-in-the-middle (mitm) and library for Python

    PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    ISB

    ISB

    ISB (I'm so bored) is a network stress-testing application for Windows

    ISB (I'm so bored) is a network stress-testing application for Windows created by byte[size] Software byte[size] Software: https://github.com/softbytesize Frontpage: https://softbytesize.github.io/ISB/ Support: https://softbytesize.github.io/ISB#cu Documentation: https://softbytesize.github.io/ISB/#helpstart Releases: https://github.com/softbytesize/ISB-Releases/releases Discord: https://discord.com/invite/9YNzrXDHxE
    Downloads: 9 This Week
    Last Update:
    See Project
  • 17

    MkPasswd-Chrome_Extension

    Password Generator which creates passwords they can't brute force

    MkPasswd will create easy to remember passwords with a combination of 48 Billion Trillion easily remembered possibilities (or more!!). So stop using passwords that are hard for you to remember and easy for a computer to brute force guess. Start using SMART passwords today!
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    Chromepass

    Chromepass

    Hacking Chrome Saved Passwords

    ...The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics. If this becomes false in the future, some methods will be implemented to improve AV evasion. The dependencies are checked and installed automatically, so you can just skip to Usage. It's recommended that you use a clean VM, just to make sure there are no conflicts. If you don't have the dependencies and your internet isn't fast, this will take a while.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 19
    Offensive Web Testing Framework

    Offensive Web Testing Framework

    Offensive Web Testing Framework (OWTF), is a framework

    OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    PentestBox

    PentestBox

    A Portable Penetration Testing Distribution for Windows

    PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 50% of penetration testing distributions users uses windows. Source:- https://pentestbox.com/download_stats.txt So it provides an efficient platform for Penetration Testing on windows.
    Downloads: 628 This Week
    Last Update:
    See Project
  • 21
    pydictor

    pydictor

    powerful and useful hacker dictionary builder for a brute-force attack

    A powerful and useful hacker dictionary builder for a brute-force attack. You can use pydictor to generate a general blast wordlist, a custom wordlist based on Web content, a social engineering wordlist, and so on; You can use the pydictor built-in tool to safe delete, merge, unique, merge and unique, count word frequency to filter the wordlist, besides, you also can specify your wordlist and use '-tool handler' to filter your wordlist. You can generate highly customized and complex wordlists by modifying multiple configuration files, adding your own dictionary, using leet mode, filter by length, char occur times, types of different char, regex, and even add customized encode scripts in /lib/encode/ folder, add your own plugin script in /plugins/ folder, add your own tool script in /tools/ folder.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 22
    Infernal Wireless

    Infernal Wireless

    Infernal Wireless Penetration Testing Suite

    ...Having looked around we all see a lot of penetration testing suits which can automate the process of penetration testing easier for us during Web or other kind of audits, but I did not find one for wireless hacking, except some commercial tools. So, I thought how about to create a tool which automate many different type of attacks with a click of button and save us some time. We got to admit that some of the attacks can get complex. Well, I decided to create the suite and make use of publicly available tools to achieve it. Followings are features which can be achieved with the tool: WPA2 hacking WEP Hacking WPA2 Enterprise hacking Wireless Social Engineering SSL Strip Evil Access Point Creation Infernal Wireless Report
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    miniPHP

    miniPHP

    A small, simple PHP MVC framework skeleton that encapsulates a lot of

    ...Things like authentication, and authorization that you will see here is not something I've invented from the scratch, Some of it, is aggregation of concepts applied already be frameworks, but, built in a much simpler way, So, you can understand it, and take it further.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 24

    Web Pentesting Environment

    Vulnerable Virtual Machine to Learn

    ...For instant support ask me @ahmaddotninja 5. Why didn`t I setup tools ? because you should learn how to install any tool on any platform ** Installation steps :-: 1- WPE is virtual Machine so you will need VM software we recommended Oracle VM VirtualBox Get it from here https://www.virtualbox.org/wiki/Downloads 2- uncompressed WPE.7z 3- after you install VirtualBox go to the menu bar select Machine > add 4- Browse to WPE folder select WPE.vbox // we use only OpenSource or Free software
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25

    bWAPP

    an extremely buggy web app !

    ...bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. ...
    Leader badge
    Downloads: 714 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • Next