Discover exploding GitHub repositories before they go viral. We track velocity — how fast repos are gaining stars — not just popularity.
30 results • fastest-growing repos first
by mukul975
754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0
by mukul975
Production-grade MCP server giving Claude 27 security intelligence tools across 21 APIs — CVE lookup, EPSS scoring, CISA KEV, MITRE ATT&CK, Shodan, VirusTotal, and more.
by mandiant
Free educational content on reverse engineering and malware analysis from the FLARE team
by lucija8320nhung4
HacxGPT CLI — Open-source command-line interface for unrestricted AI model access with multi-provider support, prompt injection research capabilities, configurable API endpoints, Termux/Linux/Windows compatibility, and Rich terminal UI for security research and red-team evaluation
by samugit83
An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.
by Sushegaad
Claude Skills for Governance, Risk & Compliance (GRC): Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA Cybersecurity, ISO 42001 AI Management System, ISO 27701 Privacy Information Mgmt., DORA Digital Operational Resilience, and India's Digital Personal Data Protection Act. Benchmark 94% vs 83%.
by CarterPerez-dev
Building 67 Projects ranging from beginner to advanced so anyone can — learn from, build upon, use as a reference, or even copy directly. Gamified Cybersecurity learning 👇
by knostic
OpenAnt from Knostic is an open source LLM-based vulnerability discovery product that helps defenders proactively find verified security flaws while minimizing both false positives and false negatives. Stage 1 detects. Stage 2 attacks. What survives is real.
by pikpikcu
AIRecon is an autonomous cybersecurity agent that combines a self-hosted Large Language Model (Ollama) with a Kali Linux Docker sandbox and a Textual TUI. It is designed to automate security assessments, penetration testing, and bug bounty reconnaissance — without any API keys or cloud dependency.
by ghostvectoracademy
Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.
by Gowtham-Darkseid
AutoPentestX – Automated Pentesting & Vulnerability Reporting Tool
by LucidAkshay
Tactical AI Workspace Monitor & EDR
by Ilias1988
A comprehensive collection of penetration testing cheatsheets, guides, and tools.
by 3516634930
渗透测试Payload速查平台 | Pentest Payload Quick Reference | XSS/SQLi/SSRF/RCE | React+TypeScript
by bountyyfi
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
by SanMuzZzZz
LuaN1aoAgent is a cognitive-driven AI hacker. It is a fully autonomous AI penetration testing agent powered by DeepSeek V3.2. Using dual-graph reasoning, LuaN1ao achieves a success rate of over 90% on the XBOW Benchmark, with a median exploit cost of just $0.09.
by FuzzingLabs
A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.
by chadi0x
The Big Brother V4.0 is a weaponized OSINT platform featuring username enumeration (473+ platforms), quad-vector visual intelligence, Sky Radar tracking, crypto wallet analysis, SSL intelligence, digital footprint reconstruction, EXIF extraction, advanced dorking, and network reconnaissance.
by SHAdd0WTAka
🛡⚔️AI-Powered Penetration Testing Framework with automated vulnerability scanning, multi-agent system, and compliance reporting🛡⚔️
by Maniesh-Neupane
BugBounty-Recon-Methodology
by BlessedRebuS
Krawl is a customizable, lightweight, cloud-native web deception server and anti-crawler that creates fake web applications with low-hanging vulnerabilities using realistic, randomly generated decoy data and AI-generated HTML templates.
by frangelbarrera
A comprehensive 2026 guide to Open-Source Intelligence (OSINT): tools, methodologies, ethics, and techniques for responsible research and investigation.
by backbay-labs
Runtime security enforcement and threat hunting engine for autonomous AI fleets. Build Swarm Detection & Response (SDR) platforms with Clawdstrike.
by Vyntral
AI-powered subdomain enumeration tool with local LLM analysis via Ollama - 100% private, zero API costs
by ARCANGEL0
EVA is an AI-assisted penetration testing agent that enhances offensive security workflows by providing structured attack guidance, contextual analysis, and multi-backend AI integration.
by tangxiaofeng7
🚀 Enterprise-grade Distributed Asset & Vulnerability Scanner. Features: Port Scanning, Subdomain Brute-force, Fingerprinting, and PoC Detection. Built on Go-Zero & Vue3. 高性能分布式网络资产扫描平台 (端口/子域名/指纹/漏扫)---------------------------------点击下面URL获取高级POC
by pandaadir05
Detects process injection and memory manipulation used by malware. Finds RWX regions, shellcode patterns, API hooks, thread hijacking, and process hollowing. Built in Rust for speed. Includes CLI and TUI interfaces.
by SecNN
AiScan-N 来了!这是一款基于人工智能驱动的Ai自动化网络安全(运维)工具,专注于网络安全评估、漏洞扫描、运维、应急响应、渗透测试自动化,Ai大模型工具集【CLI Agent】 ,Ai驱动的安全检测技术,提升安全测试(运维)效率,专为企业和个人用户打造,尤其适合初学者(小白)快速上手使用,让你轻松迈入智能安全攻防时代!适用场景 :如(红队演练、CTF比赛、Web应用渗透测试、内网横向移动、密码破解与暴力攻击、流量分析与威胁检测、APT攻击模拟、漏洞赏金挑战等场景)🎥演示视频(文章中):https://mp.weixin.qq.com/s/7lsUdbrxkDy4P5pZhEWv7Q
by Nebulock-Inc
ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.
by techenthusiast167
WebRecon is an advanced Open Source Intelligence (OSINT) web reconnaissance tool designed for cybersecurity professionals, penetration testers, and security researchers. It automates the process of gathering intelligence from target websites through comprehensive crawling, data extraction, and analysis.