Hacking

x011/smtp-tunnel-proxy: A high-speed covert tunnel that disguises TCP traffic as SMTP email communication to bypass Deep Packet Inspection (DPI) firewalls.

MatheuZSecurity/Singularity: Stealthy Linux Kernel Rootkit for modern kernels (6x)

Neo23x0/NoCat: A harmless Netcat-lookalike for detection testing. Simulates NC-style command-line flags and listener behavior without exposing a real backdoor or shell.

OWASP Noir

GitHub - keowu/Ryujin: Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool

zardus/preeny

EDR Redir

FullHunt 💜 Open-Source: 39,408 Exploits from 0day.today is Back Online

The Only JWT Security Guide You Will Ever Need

hackerhouse-opensource/SetupHijack: SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.

dis0rder0x00/obex: Obex – Blocking unwanted DLLs in user mode

cc1a2b/JShunter: jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for and bug bounty hunters and security researchers.

Leveraging Raw Disk Reads to Bypass EDR | by Christopher Ellis | Workday Technology Blog | Sep, 2025 | Medium

GitHub - 0x4m4/hexstrike-ai: HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities.

fkie-cad/cwe_checker: cwe_checker finds vulnerable patterns in binary executables

Print3M/DllShimmer: Weaponize DLL hijacking easily. Backdoor any function in any DLL.

the tigress c obfuscator

Loki: Hardening Code Obfuscation Against Automated Attacks

GitHub - BlackSnufkin/LitterBox: A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabilities.

ghostsecurity/reaper: 💀 Don't fear the Reaper 👻

.NET GAC and NIC hijacking for lateral movement - ...

io_uring Rootkit Bypasses Linux Security Tools - ARMO

lwthiker/curl-impersonate: curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

FunnyWolf/Viper: A Unified Platform for Adversary Emulation and Red Team Operations

DosX-dev/Astral-PE: Astral-PE is a low-level mutator (headers obfuscator) for native Windows PE files (x32/x64)

wietze/ArgFuscator.net: ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native executables.

WorstFit: Unveiling Hidden Transformers in Windows ANSI!

hardenedlinux/userland-exec: Userland exec PoC to be used as attack vector technique

devttys0/delink

xaitax/TotalRecall: This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.