Awesome Stars

A curated list of my GitHub stars! Generated by starred.

3d

pioneerspacesim/pioneer - A game of lonely space adventure

ai

BlackSnufkin/LitterBox - A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabiliti
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
s0md3v/roop - one-click face swap
BishopFox/eyeballer - Convolutional neural network for analyzing pentest screenshots
jezs00/pycasso - A system to send AI generated art to an E-Paper display through a Raspberry PI unit
FunnyWolf/Viper - Adversary simulation and Red teaming platform with AI
quark-engine/quark-engine - Quark Agent - Your AI-powered Android APK Analyst

analytics

DefectDojo/django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
hashview/hashview - A web front-end for password cracking and analytics
hegusung/WebHashcat - Hashcat web interface

android

iAnonymous3000/awesome-grapheneos-guide - A comprehensive, step-by-step guide to help new users navigate the privacy-focused, security-hardened mobile OS based on Android. Learn how to purchase a device, install and configure GrapheneOS, and
Semper-Viventem/MetaRadar - A tool for BLE environment monitoring. Find and track Bluetooth devices around, and get notified when the target device is detected.
Anof-cyber/MobSecco - Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins
ac3ss0r/DroidFrida - Portable frida injector for rooted android devices.
HuntDownProject/KoodousFinder - A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities
morpheuslord/QuadraInspect - QuadraInspect is an Android framework that integrates AndroPass, APKUtil, and MobFS, providing a powerful tool for analyzing the security of Android applications.
ivan-sincek/android-penetration-testing-cheat-sheet - Work in progress...
ax/apk.sh - Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK.
n1nj4sec/pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
ASHWIN990/ADB-Toolkit - ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
mvt-project/mvt - MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
gloxec/CrossC2 - generate CobaltStrike's cross-platform payload
enovella/TEE-reversing - A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices
Ch0pin/medusa - Binary instrumentation framework based on FRIDA
bytedance/appshark - Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
horsicq/XAPKDetector - APK/DEX detector for Windows, Linux and MacOS.
rednaga/APKiD - Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
CrossC2/CrossC2Kit - CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon sessi
ReversecLabs/drozer - The Leading Security Assessment Framework for Android.
A-YATTA/AMDH - Android Mobile Device Hardening
rovellipaolo/NinjaDroid - Ninja Reverse Engineering on Android APK packages
Jigsaw-Code/outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them
OwlGramDev/OwlGram - OwlGram is an unofficial messaging app that uses Telegram's API.
Pithus/bazaar - NO LONGER MAINTAINED - Android security & privacy analysis for the masses
iipeace/guider - Real-time Performance & Fault Detection Service Enabled by Comprehensive Built-in Command
ukncsc/Device-Security-Guidance-Configuration-Packs - This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These
aktsk/aprox - android proxy setting tool
rewanthtammana/Damn-Vulnerable-Bank - Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
lief-project/LIEF - LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
cloudfuzz/android-kernel-exploitation - Android Kernel Exploitation
mzfr/slicer - A tool to automate the boring process of APK recon
quark-engine/quark-engine - Quark Agent - Your AI-powered Android APK Analyst
ClaudiuGeorgiu/PlaystoreDownloader - A command line tool to download Android applications directly from the Google Play Store by specifying their package name (an initial one-time configuration is required)
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
andOTP/andOTP - [Unmaintained] Open source two-factor authentication for Android
Konloch/bytecode-viewer - A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Hack-with-Github/Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers

angular

matro7sh/Smersh - Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
softrams/bulwark - An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

ansible

semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
netbootxyz/netboot.xyz - Your favorite operating systems in one place. A network-based bootable operating system installer based on iPXE.
RoseSecurity/WolfPack - WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
trailofbits/algo - Set up a personal VPN in the cloud
Marshall-Hallenbeck/red_team_attack_lab - Red Team Attack Lab for TTP testing & research
ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
khuedoan/homelab - Fully automated homelab from empty disk to running services with a single command.
Orange-Cyberdefense/GOAD - game of active directory
relaypro-open/dog - A firewall management system.
clong/DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
marco-lancini/offensive-infrastructure - Offensive Infrastructure with Modern Technologies

api

Lissy93/who-dat - 🔎 A free no-CORS WHOIS/RDAP lookup API, for fetching domain registration info
6abd/horus - An OSINT / digital forensics tool built in Python
Shad0w-ops/H.I.V.E - H.I.V.E is an automated OSINT (Open Source Intelligence) multi-tool that enables efficient data gathering from various sources through the utilization of a single, unified platform.
nitefood/asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
mytechnotalent/Go-Hacking - A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
Endava/cats - CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing
FlareSolverr/FlareSolverr - Proxy server to bypass Cloudflare protection
HolyBugx/HolyTips - A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
seashell/drago - ☁️ Securely connect anything with WireGuard® and manage all your networks from a single place.
Zeyad-Azima/Offensive-Resources - A Huge Learning Resources with Labs For Offensive Security Players
Patrowl/PatrowlManager - PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
TheHive-Project/Cortex - Cortex: a Powerful Observable Analysis and Active Response Engine

archlinux

89luca89/distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at

arduino

t3l3machus/Synergy-httpx - A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
SpacehuhnTech/esp8266_deauther - Affordable WiFi hacking platform for testing and learning

artificial-intelligence

xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.
e-m-b-a/emba - EMBA - The firmware security analyzer
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
quark-engine/quark-engine - Quark Agent - Your AI-powered Android APK Analyst

aspnet

antonioCoco/SharPyShell - SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications

automation

who0xac/SubHunterX - SubHunterX is an automated tool for subdomain enumeration, vulnerability scanning, and exploitation. It discovers subdomains, detects live hosts, fuzzes directories, scans ports, identifies vulner
autoscrape-labs/pydoll - Pydoll is a library for automating chromium-based browsers without a WebDriver, offering realistic interactions.
ultrafunkamsterdam/undetected-chromedriver - Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
brexhq/substation - Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
apify/crawlee - Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and o
DefectDojo/django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
fleschutz/PowerShell - 500+ free PowerShell scripts (.ps1) for Linux, Mac OS, and Windows.
smithy-security/smithy - The security workflow engine!
kurogai/100-redteam-projects - Projects for security students
abisecops/Probe - Probe: This is a special tool for bug hunter for automated recon process smoothly.
blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
A3h1nt/Grawler - Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file.
berstend/puppeteer-extra - 💯 Teach puppeteer new tricks through plugins.
cybersecsi/RAUDI - A repo to automatically generate and keep updated a series of Docker images through GitHub Actions.
robusta-dev/robusta - Better Prometheus alerts for Kubernetes - smart grouping, AI enrichment, and automatic remediation
robiot/xclicker - XClicker - Fast gui autoclicker for x11 linux desktops
Dheerajmadhukar/karma_v2 - ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
eslam3kl/3klCon - Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.
Patrowl/PatrowlManager - PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
xFreed0m/KatzKatz - Python3 script to parse txt files containing Mimikatz output
S3cur3Th1sSh1t/WinPwn - Automation for internal Windows Penetrationtest / AD-Security
stevenaldinger/decker - Declarative penetration testing orchestration framework
ajinabraham/CMSScan - CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues

awesome

Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
0xor0ne/awesome-list - Cybersecurity oriented awesome list
k4m4/movies-for-hackers - 🎬 A curated list of movies every hacker & cyberpunk must watch.
GuidoPenta/galactic-CV-guide-for-developers - Tips & Tricks to write a great CV
ARPSyndicate/awesome-intelligence - A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
dwisiswant0/awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
meirwah/awesome-incident-response - A curated list of tools for incident response
hslatman/awesome-industrial-control-system-security - A curated list of resources related to Industrial Control System (ICS) security.
guardrailsio/awesome-dotnet-security - Awesome .NET Security Resources
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
djsime1/awesome-flipperzero - 🐬 A collection of awesome resources for the Flipper Zero device.
cipher387/Dorks-collections-list - List of Github repositories and articles with list of dorks for different search engines
xxh/xxh - 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
reHackable/awesome-reMarkable - A curated list of projects related to the reMarkable tablet
jorgebucaran/awsm.fish - A curation of prompts, plugins & other Fish treasures 🐚💎
maguowei/starred - creating your own Awesome List by GitHub stars!
awesome-selfhosted/awesome-selfhosted - A list of Free Software network services and web applications which can be hosted on your own servers
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
paralax/awesome-honeypots - an awesome list of honeypot resources
trimstray/the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
0xInfection/Awesome-WAF - 🔥 Web-application firewalls (WAFs) from security standpoint.
V33RU/awesome-connected-things-sec - A Curated list of Security Resources for all connected things
OlivierLaflamme/Cheatsheet-God - Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Hack-with-Github/Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers

awesome-list

Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
0xor0ne/awesome-list - Cybersecurity oriented awesome list
k4m4/movies-for-hackers - 🎬 A curated list of movies every hacker & cyberpunk must watch.
ARPSyndicate/awesome-intelligence - A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
meirwah/awesome-incident-response - A curated list of tools for incident response
hslatman/awesome-industrial-control-system-security - A curated list of resources related to Industrial Control System (ICS) security.
guardrailsio/awesome-dotnet-security - Awesome .NET Security Resources
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
djsime1/awesome-flipperzero - 🐬 A collection of awesome resources for the Flipper Zero device.
cipher387/Dorks-collections-list - List of Github repositories and articles with list of dorks for different search engines
reHackable/awesome-reMarkable - A curated list of projects related to the reMarkable tablet
maguowei/starred - creating your own Awesome List by GitHub stars!
mrtouch93/awesome-security-feed - A semi-curated list of Security Feeds
analysis-tools-dev/static-analysis - ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
ksluckow/awesome-symbolic-execution - A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
awesome-selfhosted/awesome-selfhosted - A list of Free Software network services and web applications which can be hosted on your own servers
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
paralax/awesome-honeypots - an awesome list of honeypot resources
redhuntlabs/Awesome-Asset-Discovery - List of Awesome Asset Discovery Resources
trimstray/the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
0xInfection/Awesome-WAF - 🔥 Web-application firewalls (WAFs) from security standpoint.
V33RU/awesome-connected-things-sec - A Curated list of Security Resources for all connected things

aws

anvilsecure/aws-sigv4 - Anvil Secure's Burp extension for signing AWS requests with SigV4
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
brexhq/substation - Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
RoseSecurity/CloudPulse - A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech indu
fyoorer/ShadowClone - Unleash the power of cloud
Zeus-Labs/ZeusCloud - Open Source Cloud Security
RhinoSecurityLabs/ccat - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
matanolabs/matano - Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Ge0rg3/requests-ip-rotator - A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
BishopFox/cloudfox - Automating situational awareness for cloud penetration tests.
padok-team/yatas - 🦉🔎 A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
clouditor/clouditor - The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.
rootcathacking/catspin - Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
PaloAltoNetworks/IAM-Deescalate - IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
prowler-cloud/prowler - Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening
cyberark/SkyArk - SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
sa7mon/S3Scanner - Scan for misconfigured S3 buckets across S3-compatible APIs!
ncc-erik-steringer/Aerides - An implementation of infrastructure-as-code scanning using dynamic tooling.
DataDog/stratus-red-team - ☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Skyscanner/cfripper - Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
nccgroup/PMapper - A tool for quickly evaluating IAM permissions in AWS.
RhinoSecurityLabs/pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
salesforce/cloudsplaining - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
goldfiglabs/sgCheckup - sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Noovolari/leapp - Leapp is the DevTool to access your cloud
gl4ssesbo1/Nebula - Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Comp
nccgroup/ScoutSuite - Multi-Cloud Security Auditing Tool
SharonBrizinov/s3viewer - Storage Explorer - Publicly open storage viewer (Amazon S3 Bucket, Azure Blob, FTP server, HTTP Index Of/)
nccgroup/s3_objects_check - Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow
spacesiren/spacesiren - A honey token manager and alert system for AWS.
ReversecLabs/awspx - A graph-based tool for visualizing effective access and resource relationships in AWS environments.
aquasecurity/tfsec - Tfsec is now part of Trivy

azure

ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
clouditor/clouditor - The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.
prowler-cloud/prowler - Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening
SecurityFTW/cs-suite - Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
cyberark/SkyArk - SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
nyxgeek/onedrive_user_enum - onedrive user enumeration - pentest tool to enumerate valid o365 users
mdecrevoisier/Microsoft-eventlog-mindmap - Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
christophetd/Adaz - 🔧 Deploy customizable Active Directory labs in Azure - automatically.
Noovolari/leapp - Leapp is the DevTool to access your cloud
nccgroup/ScoutSuite - Multi-Cloud Security Auditing Tool
SharonBrizinov/s3viewer - Storage Explorer - Publicly open storage viewer (Amazon S3 Bucket, Azure Blob, FTP server, HTTP Index Of/)
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow
hausec/PowerZure - PowerShell framework to assess Azure security
aquasecurity/tfsec - Tfsec is now part of Trivy
AutomatedLab/AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 20

bash

who0xac/SubHunterX - SubHunterX is an automated tool for subdomain enumeration, vulnerability scanning, and exploitation. It discovers subdomains, detects live hosts, fuzzes directories, scans ports, identifies vulner
wick3dr0se/matrix - Matrix digital rain implemented in Bash
Aegrah/PANIX - Customizable Linux Persistence Tool for Security Research and Detection Engineering.
sebastiancarlos/swabai - SWABAI (Wrapper for the Sway/i3/Yabai tiling window managers)
89luca89/distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at
MegaManSec/SSH-Snake - SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
sebastiancarlos/sway-talisman - Sway-Talisman: Terminal Application Launcher in Scratchpad, Minimalist And Native
microsoft/inshellisense - IDE style command line auto complete
nitefood/asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
avilum/waycup - A minimal tool that hides your online assets from online security scanners, researchers and hackers.
dwisiswant0/awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
kurogai/100-redteam-projects - Projects for security students
peass-ng/PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
djjoa/genshell - Genshell: The atomatic copy-and-paste oneline reverse shell generator. Just add args!
D3Ext/WEF - Wi-Fi Exploitation Framework
xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.
xxh/xxh - 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
screetsec/Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
clu3bot/owt - Update Version 3.1 added free SMS messaging.
kingToolbox/WindTerm - A professional cross-platform SSH/Sftp/Shell/Telnet/Tmux/Serial terminal.
Gictorbit/photoshopCClinux - Photoshop CC v19 installer for Gnu/Linux
sdushantha/tmpmail - A temporary email right from your terminal written in POSIX sh
gwen001/github-search - A collection of tools to perform searches on GitHub.
koalaman/shellcheck - ShellCheck, a static analysis tool for shell scripts
gwen001/pentest-tools - A collection of custom security tools for quick needs.
zMarch/Orc - Orc is a post-exploitation framework for Linux written in Bash
0xR0/shellver - Reverse Shell Cheat Sheet TooL
redcode-labs/Bashark - Bash post exploitation toolkit
leebaird/discover - Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

blockchain

enzymefinance/oyente - An Analysis Tool for Smart Contracts
Texnomic/SecureDNS - Secure, Modern, Fully-Featured, All-In-One Cross-Architecture & Cross-Platform DNS Server Using .NET 8.0
trailofbits/manticore - Symbolic execution tool

bot

spellshift/realm - Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
onionj/pybotnet - PyBotNet: A Remote Control Framework for Python with Telegram Integration

bugbounty

who0xac/SubHunterX - SubHunterX is an automated tool for subdomain enumeration, vulnerability scanning, and exploitation. It discovers subdomains, detects live hosts, fuzzes directories, scans ports, identifies vulner
0xKayala/Custom-Nuclei-Templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
RevoltSecurities/Subdominator - SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
chiasmod0n/chiasmodon - Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do
n0mi1k/subby - An uber fast and simple subdomain enumeration tool using DNS and web requests with support for detecting wildcard DNS records.
devploit/XORpass - Encoder to bypass WAF filters using XOR operations.
iustin24/chameleon -
daffainfo/Oneliner-Bugbounty - A collection oneliner scripts for bug bounty
Anof-cyber/MobSecco - Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins
pdelteil/BugBountyReportTemplates - List of reporting templates I have used since I started doing BBH.
3nock/SpiderSuite - Advance web security spider/crawler
dwisiswant0/apkleaks - Scanning APK file for URIs, endpoints & secrets.
fyoorer/ShadowClone - Unleash the power of cloud
Hari-prasaanth/Web-App-Pentest-Checklist - A OWASP Based Checklist With 500+ Test Cases
d3mondev/burp-vps-proxy - This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
0xPugal/fuzz4bounty - 1337 Wordlists for Bug Bounty Hunting
n0kovo/n0kovo_subdomains - An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
gbrls/kurl - HTTP Requests for security researchers
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Zeus-Labs/ZeusCloud - Open Source Cloud Security
ItsIgnacioPortal/Hacker-Scoper - CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.
Josue87/AnalyticsRelationships - Get related domains / subdomains by looking at Google Analytics IDs
d3mondev/puredns - Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
ShobhitMishra-bot/SWS-Recon-Tool - SWS-Recon is a Python Tool designed to performed Reconnaissance on the given target website- Domain or SubDomain. SWS-Recon collects information such as Google Dork, DNS Information, Sub Domains, Port
thehlopster/hfuzz - Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
chvancooten/BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
nullt3r/rapiddns - Rapidly enumerate subdomains and domains using rapiddns.io.
tamimhasan404/Gau-Expose - It grep subdomains, email/username, build custom wordlist etc from gau results
Cgboal/SonarSearch - A rapid API for the Project Sonar dataset
WHOISshuvam/gotld - Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and security researchers.
RapidDNS/Afuzz - Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.
Josue87/gotator - Gotator is a tool to generate DNS wordlists through permutations.
christophetd/censys-subdomain-finder - ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
trickest/dsieve - Filter and enrich a list of subdomains by level
trickest/wordlists - Real-world infosec wordlists, updated regularly
sl4x0/subfree - Your subdomains are free for the taking - no API key, no mistaking! 🕺
dwisiswant0/awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
Brum3ns/firefly - Black box fuzzer for web applications
dhn/udon - A simple tool that helps to find assets/domains based on the Google Analytics ID.
0xAkashsky/sub-scout - Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
thecyberneh/scriptkiddi3 - Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.
0xmaximus/Galaxy-Bugbounty-Checklist - Tips and Tutorials for Bug Bounty and also Penetration Tests.
ssl/ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Micro0x00/Arsenal - Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
dhn/spk - spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
ihebski/DefaultCreds-cheat-sheet - One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
1N3/BruteX - Automatically brute force all services running on a target.
Ge0rg3/requests-ip-rotator - A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
devanshbatham/FavFreak - Making Favicon.ico based Recon Great again !
abisecops/Probe - Probe: This is a special tool for bug hunter for automated recon process smoothly.
EasyRecon/Hunt3r - Made your bugbounty subdomains reconnaissance easier with Hunt3r the web application reconnaissance framework
khast3x/Redcloud - Automated Red Team Infrastructure deployement using Docker
blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
ThreatUnknown/jsubfinder - jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
robotshell/magicRecon - MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in
m8sec/subscraper - Subdomain and target enumeration tool built for offensive security testing
GhostTroops/scan4all - Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
0xPugal/SubDomz - An Automated Subdomain Enumeration Tool
c0dejump/HawkScan - Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
harleo/knockknock - A simple reverse whois lookup tool which returns a list of domains owned by people or companies
payloadbox/sql-injection-payload-list - 🎯 SQL Injection Payload List
sa7mon/S3Scanner - Scan for misconfigured S3 buckets across S3-compatible APIs!
utkusen/socialhunter - crawls the website and finds broken social media links that can be hijacked
projectdiscovery/uncover - Quickly discover exposed hosts on the internet using multiple search engines.
enenumxela/subdomains.sh - A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
dwisiswant0/cf-check - CloudFlare Checker written in Go
Ice3man543/SubOver - A Powerful Subdomain Takeover Tool
haccer/subjack - Subdomain Takeover tool written in Go
EdOverflow/can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
d4rckh/vaf - Vaf is a cross-platform very advanced and fast web fuzzer written in nim
HolyBugx/HolyTips - A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
hahwul/authz0 - 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Hackmanit/Web-Cache-Vulnerability-Scanner - Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
jaeles-project/gospider - Gospider - Fast web spider written in Go
SpiderLabs/HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
screetsec/Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
codingo/VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
shmilylty/OneForAll - OneForAll是一款功能强大的子域收集工具
jonaslejon/malicious-pdf - 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
Dheerajmadhukar/karma_v2 - ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
Sh1Yo/request_smuggler - Http request smuggling vulnerability scanner
Impact-I/x8-Burp - Hidden parameters discovery suite
Sh1Yo/x8 - Hidden parameters discovery suite
dwisiswant0/ppfuzz - A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
projectdiscovery/nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
projectdiscovery/interactsh - An OOB interaction gathering server and client library
lutfumertceylan/top25-parameter - For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
six2dez/reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
mlcsec/headi - Customisable and automated HTTP header injection
disclose/resources - Tools, data, and contact lists relevant to The disclose.io Project.
mufeedvh/basecrack - Decode All Bases - Base Scheme Decoder
dsopas/assessment-mindset - Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
utkusen/urlhunter - a recon tool that allows searching on URLs that are exposed via shortener services
wagiro/BurpBounty - Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through
yogeshojha/rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon
dwisiswant0/go-dork - The fastest dork scanner written in Go.
softrams/bulwark - An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
serain/bbrecon - Python library and CLI for the Bug Bounty Recon API
whitel1st/docem - A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
doyensec/inql - InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
mzfr/slicer - A tool to automate the boring process of APK recon
Shivangx01b/CorsMe - Cross Origin Resource Sharing MisConfiguration Scanner
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters - A list of resources for those interested in getting started in bug bounties
kac89/vulnrepo - VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT
yeswehack/PwnFox - PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
hahwul/dalfox - 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
tillson/git-hound - Fast GitHub recon tool. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
devanshbatham/ParamSpider - Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
gwen001/github-search - A collection of tools to perform searches on GitHub.
stevemcilwain/quiver - Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
random-robbie/bruteforce-lists - Some files for bruteforcing certain things.
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
jaeles-project/jaeles - The Swiss Army knife for automated Web Application Testing
hakluke/hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Findomain/Findomain - The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, mul
gwen001/pentest-tools - A collection of custom security tools for quick needs.
j3ssie/osmedeus - A Workflow Engine for Offensive Security
hisxo/gitGraber - gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
security-checklist/php-security-check-list - PHP Security Check List [ EN ] 🌋 ☣️
codingo/Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
nsonaniya2010/SubDomainizer - A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
TypeError/domained - Multi Tool Subdomain Enumeration
projectdiscovery/subfinder - Fast passive subdomain enumeration tool.
vincentcox/StaCoAn - StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
maurosoria/dirsearch - Web path scanner
swisskyrepo/PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
1N3/PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

c

droe/sslsplit - Transparent SSL/TLS interception
tree-sitter/tree-sitter - An incremental parsing system for programming tools
lvntky/ArtilleryOS - ArtilleryOS is a unique graphical operating system that combines the simplicity and power of Unix-like systems. Featuring a custom-designed kernel.
reveng007/reveng_rtkit - Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
souzomain/Shaco - Shaco is a linux agent for havoc
carloslack/KoviD - Red-Team Linux kernel rootkit
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
ggreer/the_silver_searcher - A code-searching tool similar to ack, but faster.
mvp/uhubctl - uhubctl - USB hub per-port power control
Not-C-Developer/VERBA - Very Easy Relative Backdoor Application
mav8557/Father - LD_PRELOAD rootkit
mempodippy/vlany - Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
m0nad/Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
brosck/Pingoor - 「🚪」Linux Backdoor based on ICMP protocol
ergrelet/cpplumber - Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
Idov31/Cronos - PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
UnamSanctam/UnamDownloader - A Free Silent (Hidden) Open Source Downloader (Binder) - Includes Windows Defender Bypass - Build Native - Unam Downloader
jvoisin/snuffleupagus - Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
p-gen/smenu - smenu started as a lightweight and flexible terminal menu generator, but quickly evolved into a powerful and versatile CLI selection tool for interactive or scripting use.
robiot/xclicker - XClicker - Fast gui autoclicker for x11 linux desktops
trustedsec/CS-Situational-Awareness-BOF - Situational Awareness commands implemented using Beacon Object Files
MichaelDim02/Narthex - Modular personalized dictionary generator.
huangqinjin/ucrt -
rvaiya/keyd - A key remapping daemon for linux.
leo-arch/clifm - 💾 The shell-like, command line terminal file manager
kovidgoyal/kitty - Cross-platform, fast, feature-rich, GPU based terminal
arkime/arkime - Arkime is an open source, large scale, full packet capturing, indexing, and database system.
abakh/nbsdgames - A package of 18 text-based modern games
revng/pagebuster - PageBuster - dump all executable pages of packed processes.
alt-romes/programmer-calculator - Terminal calculator made for programmers working with multiple number representations, sizes, and overall close to the bits
semgrep/semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
tarun27sh/gdb_graphs - To visualize function call flow for a C/C++ program using gdb and python
bats3c/shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
nil0x42/duplicut - Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
hfiref0x/UACME - Defeating Windows User Account Control
3proxy/3proxy - 3proxy - tiny free proxy server
hashcat/hashcat - World's fastest and most advanced password recovery utility

c-plus-plus

google/bindiff - Quickly find differences and similarities in disassembled code
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
mawww/kakoune - mawww's experiment for a better code editor
CleverRaven/Cataclysm-DDA - Cataclysm - Dark Days Ahead. A turn-based survival game set in a post-apocalyptic world.
d35ha/CallObfuscator - Obfuscate specific windows apis with different apis
xournalpp/xournalpp - Xournal++ is a handwriting notetaking software with PDF annotation support. Written in C++ with GTK3, supporting Linux (e.g. Ubuntu, Debian, Arch, SUSE), macOS and Windows 10. Supports pen input from
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
rek7/mXtract - mXtract - Memory Extractor & Analyzer

chatbot

NoDataFound/hackGPT - I leverage OpenAI and ChatGPT to do hackerish things

chatgpt

NoDataFound/hackGPT - I leverage OpenAI and ChatGPT to do hackerish things

chatgpt-api

NoDataFound/hackGPT - I leverage OpenAI and ChatGPT to do hackerish things

chrome

ultrafunkamsterdam/undetected-chromedriver - Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
jlandure/alpine-chrome - Chrome Headless docker images built upon alpine official image
StarfireLab/SharpWeb - 一个浏览器数据（密码|历史记录|Cookie|书签|下载记录）的导出工具，支持主流浏览器。
berstend/puppeteer-extra - 💯 Teach puppeteer new tricks through plugins.
FlareSolverr/FlareSolverr - Proxy server to bypass Cloudflare protection
nccgroup/tracy - A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
sensepost/gowitness - 🔍 gowitness - a golang, web screenshot utility using Chrome Headless

chrome-extension

nccgroup/tracy - A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

cli

sandy-sp/metadata-cleaner - Metadata Cleaner – A CLI tool to remove metadata from images, PDFs, DOCX, audio, and video files. Privacy-focused, fast, and open-source. Supports batch processing & standalone executables.
hetznercloud/cli - A command-line interface for Hetzner Cloud
antonmedv/fx - Terminal JSON viewer & processor
sebastiancarlos/swabai - SWABAI (Wrapper for the Sway/i3/Yabai tiling window managers)
caio-ishikawa/netscout - OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.
wagoodman/dive - A tool for exploring each layer in a docker image
microsoft/inshellisense - IDE style command line auto complete
zu1k/nali - An offline tool for querying IP geographic information and CDN provider. 一个查询IP地理信息和CDN服务提供商的离线终端工具.
wustho/epr - CLI Epub Reader
SUPERCILEX/forkfs - ForkFS allows you to sandbox a process's changes to your file system.
poetaman/arttime - arttime is a CLI application that blends beauty of ASCII / text art with functionality of clock / timer / pattern-based time manager in terminal ⏰
projectdiscovery/chaos-client - Go client to communicate with Chaos DB API.
kimono-koans/httm - Interactive, file-level Time Machine-like tool for ZFS/btrfs/nilfs2 (and even Time Machine and Restic backups!)
ashirt-ops/aterm - It records your terminal, then lets you upload to ASHIRT
ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
mempodippy/vlany - Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Textualize/textual - The lean application framework for Python. Build sophisticated user interfaces with a simple Python API. Run your apps in the terminal and a web browser.
liamg/grace - 🪛 It's strace, with colours.
projectdiscovery/katana - A next-generation crawling and spidering framework.
ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
swanandx/lemmeknow - The fastest way to identify anything!
blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
padok-team/yatas - 🦉🔎 A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
pvolok/mprocs - Run multiple commands in parallel
ankitpokhrel/jira-cli - 🔥 Feature-rich interactive Jira command line.
lkabuci/Botflix - 🎥 Stream your favorite movie from the terminal!
projectdiscovery/uncover - Quickly discover exposed hosts on the internet using multiple search engines.
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
ariary/cfuzz - Command line fuzzer and bruteforcer 🌪 wfuzz for command
wader/fq - jq for binary formats - tool, language and decoders for working with binary and text formats
p-gen/smenu - smenu started as a lightweight and flexible terminal menu generator, but quickly evolved into a powerful and versatile CLI selection tool for interactive or scripting use.
xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.
ibraheemdev/modern-unix - A collection of modern/faster/saner alternatives to common unix commands.
projectdiscovery/dnsx - dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
TheYkk/git-switcher - Easily switch between your git profiles
leo-arch/clifm - 💾 The shell-like, command line terminal file manager
dominikbraun/timetrace - A simple CLI for tracking your working time.
paralax/ObsidianSailboat - Nmap and NSE command line wrapper in the style of Metasploit
MashMB/1pass - 1Password Linux CLI explorer
soxoj/maigret - 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
alt-romes/programmer-calculator - Terminal calculator made for programmers working with multiple number representations, sizes, and overall close to the bits
ctxis/SnitchDNS - Database Driven DNS Server with a Web UI
deepjyoti30/ytmdl - A simple app to get songs from YouTube in mp3 format with artist name, album name etc from sources like iTunes, Spotify, LastFM, Deezer, Gaana etc.
archivy/archivy - Archivy is a self-hostable knowledge repository that allows you to learn and retain information in your own personal and extensible wiki.
gnebbia/kb - A minimalist command line knowledge base manager
sharkdp/bat - A cat(1) clone with wings.
dronesploit/dronesploit - Drone pentesting framework console
securisec/chepy - Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
jarun/googler - 🔍 Google from the terminal
lirantal/dockly - Immersive terminal interface for managing docker containers and services

clojure

CodeIntelligenceTesting/jazzer - Coverage-guided, in-process fuzzing for the JVM

cms

umbraco/Umbraco-CMS - Umbraco is a free and open source .NET content management system helping you deliver delightful digital experiences.

code

OWASP/CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Antonin-Deniau/cave_miner - Search for code cave in all binaries

code-quality

pmd/pmd - An extensible multilanguage static code analyzer.
Bearer/bearer - Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
analysis-tools-dev/static-analysis - ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

code-review

0xdea/weggli-patterns - A collection of my weggli patterns to facilitate vulnerability research.
Cyber-Buddy/APKHunt - APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers,
0xdea/semgrep-rules - A collection of my Semgrep rules to facilitate vulnerability research.
ajinabraham/nodejsscan - nodejsscan is a static security code scanner for Node.js applications.

compiler

Nuitka/Nuitka - Nuitka is a Python compiler written in Python. It's fully compatible with Python 2.6, 2.7, 3.4-3.13. You feed it your Python app, it does a lot of clever things, and spits out an executable or extens
ropfuscator/ropfuscator - ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).
kaitai-io/kaitai_struct_compiler - Kaitai Struct: compiler to translate .ksy => .cpp / .cs / .dot / .go / .java / .js / .lua / .nim / .php / .pm / .py / .rb
nim-lang/Nim - Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, an
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
Konloch/bytecode-viewer - A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

config

KSGamingLife/KSGamingLife - Config files for my GitHub profile.
TheYkk/git-switcher - Easily switch between your git profiles

continuous-integration

ergrelet/cpplumber - Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
google/clusterfuzzlite - ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
globocom/huskyCI - Performing security tests inside your CI

cpp

micREsoft/SysCaller - Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across different languages and Windows versions.
kyleneideck/BackgroundMusic - Background Music, a macOS audio utility: automatically pause your music, set individual apps' volumes and record system audio.
NickvisionApps/Parabolic - Download web video and audio
d419h/IconJector - Unorthodox and stealthy way to inject a DLL into the explorer using icons
Idov31/NidhoggScript - NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
0vercl0k/udmp-parser - A Cross-Platform C++ parser library for Windows user minidumps with Python 3 bindings.
hugsy/pwn-- - pwn++ is a Windows & Linux library oriented for exploit dev but mostly used to play with modern C++ features
Idov31/Jormungandr - Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
gtrubach/MyCPLApplet - Example of creating control panel applets in Windows.
TestingPens/CPLDropper - A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just double click them.
Idov31/Nidhogg - Nidhogg is an all-in-one simple to use windows kernel rootkit.
0x09AL/RdpThief - Extracting Clear Text Passwords from mstsc.exe using API Hooking.
epasveer/seer - Seer - a gui frontend to gdb
Idov31/Venom - Venom is a library that meant to perform evasive communication using stolen browser socket
ergrelet/cpplumber - Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
cemu-project/Cemu - Cemu - Wii U emulator
WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Barracudach/CallStack-Spoofer - This tool will allow you to spoof the return addresses of your functions as well as system functions.
Idov31/FunctionStomping - Shellcode injection technique. Given as C++ header, standalone Rust program or library.
seladb/PcapPlusPlus - PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popu
mrexodia/AppInitHook - Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary process.
mez-0/winrmdll - C++ WinRM API via Reflective DLL
hlldz/Phant0m - Windows Event Log Killer
tarun27sh/gdb_graphs - To visualize function call flow for a C/C++ program using gdb and python
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
rek7/mXtract - mXtract - Memory Extractor & Analyzer
securesocketfunneling/ssf - Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform

crawler

autoscrape-labs/pydoll - Pydoll is a library for automating chromium-based browsers without a WebDriver, offering realistic interactions.
apify/crawlee - Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and o
XORbit01/webpalm - 🕸️ Crawl in the web network
3nock/SpiderSuite - Advance web security spider/crawler
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
goclone-dev/goclone - Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.
projectdiscovery/katana - A next-generation crawling and spidering framework.
Josue87/EmailFinder - Search emails from a domain through search engines
jaeles-project/gospider - Gospider - Fast web spider written in Go
edermi/skweez - Fast website scraper and wordlist generator
thewhiteh4t/FinalRecon - All In One Web Recon
dwisiswant0/go-dork - The fastest dork scanner written in Go.
clarketm/s3recon - Amazon S3 bucket finder and crawler.

cryptocurrency

6abd/horus - An OSINT / digital forensics tool built in Python

cryptography

D3Ext/maldev - Golang library for malware development
blacklanternsecurity/badsecrets - A library for detecting known secrets across many web frameworks
rosenpass/rosenpass - Rosenpass is a post-quantum-secure VPN that uses WireGuard to transport the actual data.
blacklanternsecurity/dp_cryptomg - Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.
swanandx/lemmeknow - The fastest way to identify anything!
binref/refinery - High Octane Triage Analysis
mufeedvh/basecrack - Decode All Bases - Base Scheme Decoder
liquidsec/pyOracle2 - A python-based padding oracle tool
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
nccgroup/featherduster - An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

csharp

ironmansoftware/code-conversion - Code conversion command line tool for PowerShell and C#
PhrozenIO/SharpShellPipe - This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.
AdvDebug/NoMoreCookies - Browser Protector against various stealers, written in C# & C/C++.
m8sec/EAPrimer - C# project to Reflectively load .Net assemblies in memory
DamonMohammadbagher/NativePayloads - All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
matterpreter/DefenderCheck - Identifies the bytes that Microsoft Defender flags on.
Accenture/Codecepticon - .NET/PowerShell/VBA Offensive Security Obfuscator
Idov31/Sandman - Sandman is a NTP based backdoor for hardened networks.
peass-ng/PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
umbraco/Umbraco-CMS - Umbraco is a free and open source .NET content management system helping you deliver delightful digital experiences.
Aetsu/OffensivePipeline - OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
dnSpyEx/dnSpy - Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
notdodo/LocalAdminSharp - .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
p0dalirius/LDAPmonitor - Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
tbhaxor/CSharp-and-Infosec - This is a monorepo including codes from grey hat c# by no starch and some of my own research with it.
eksperience/KnockOutlook - A little tool to play with Outlook
mvelazc0/defcon27_csharp_workshop - Writing custom backdoor payloads with C# - Defcon 27 Workshop
0xyg3n/UAC_Exploit - Escalate as Administrator bypassing the UAC affecting administrator accounts only.
nettitude/PoshC2 - A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
ONLYOFFICE/CommunityServer - Free open source office suite with business productivity tools: document and project management, CRM, mail aggregator.
phaetto/windows-credentials-provider - An example implementation of a windows credential provider that is tightly connected with logon system
tomcarver16/ADSearch - A tool to help query AD via the LDAP protocol
mez-0/CSharpWinRM - .NET 4.0 WinRM API Command Execution
Andy53/ERC.Xdbg - An Xdbg Plugin of the ERC Library.
antonioCoco/ConPtyShell - ConPtyShell - Fully Interactive Reverse Shell for Windows
Andy53/ERC.net - A collection of tools for debugging Windows application crashes.
antonioCoco/SharPyShell - SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
GhostPack/Seatbelt - Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

cybersecurity

Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
0xor0ne/awesome-list - Cybersecurity oriented awesome list
who0xac/SubHunterX - SubHunterX is an automated tool for subdomain enumeration, vulnerability scanning, and exploitation. It discovers subdomains, detects live hosts, fuzzes directories, scans ports, identifies vulner
stanfrbd/cyberbro - A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
farhanashrafdev/90DaysOfCyberSecurity - This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov
Babyhamsta/Malcrow - A Malware Scarecrow for Windows 10/11 with a user-friendly touch.
SilvestriF3/Passworld - Passworld is a fully customizable wordlist generator
future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
FLOCK4H/NeoDucky - Rubber Ducky powered by NeoKey
OpenCTI-Platform/opencti - Open Cyber Threat Intelligence Platform
padok-team/cognito-scanner - A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation
6abd/horus - An OSINT / digital forensics tool built in Python
klarna-incubator/gram - Gram is Klarna's own threat model diagramming tool
AleksaMCode/WiFi-password-stealer - Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
Geeoon/DNS-Tunnel-Keylogger - Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.
AleksaMCode/Preferred-Network-List-Sniffer - A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
Idov31/NidhoggScript - NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
The-Z-Labs/bof-launcher - bof-launcher - library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready to use in C/Zig/Rust/Go/C++ applications.
spellshift/realm - Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
groundsec/secbutler - The perfect butler for pentesters, bug-bounty hunters and security researchers
MegaManSec/SSH-Snake - SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
RoseSecurity/WolfPack - WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
WangYihang/Apache-HTTP-Server-Module-Backdoor - 👺 A Simple Backdoor For Apache HTTP Server
3nock/OTE - OSINT Template Engine
bhavesh-pardhi/Wordlist-Hub - Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts
ARPSyndicate/awesome-intelligence - A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
hevnsnt/Awesome_Incident_Response - Awesome Incident Response
Idov31/Jormungandr - Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
Anof-cyber/MobSecco - Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins
infosecB/LOOBins - Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for mali
alpine-sec/SPECTR3 - Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
hcbaker/Puwr - Pivot your way deeper into computer networks with SSH compromised machines.
jassics/security-study-plan - Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
abdulkadir-gungor/HtmlSmuggling - HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the p
cisagov/Malcolm - Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
MattKeeley/Spoofy - Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Zeus-Labs/ZeusCloud - Open Source Cloud Security
Drew-Alleman/DataSurgeon - Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
Idov31/Nidhogg - Nidhogg is an all-in-one simple to use windows kernel rootkit.
guardsight/gsvsoc_cirt-playbook-battle-cards - Cyber Incident Response Team Playbook Battle Cards
ShobhitMishra-bot/SWS-Recon-Tool - SWS-Recon is a Python Tool designed to performed Reconnaissance on the given target website- Domain or SubDomain. SWS-Recon collects information such as Google Dork, DNS Information, Sub Domains, Port
center-for-threat-informed-defense/attack-flow - Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows f
cisagov/decider - A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
WHOISshuvam/gotld - Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and security researchers.
mytechnotalent/Go-Hacking - A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
netsecurity-as/recon365 - Gather information from an email address connected to Office 365
RhinoSecurityLabs/ccat - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
Purp1eW0lf/Blue-Team-Notes - You didn't think I'd go and leave the blue team out, right?
meirwah/awesome-incident-response - A curated list of tools for incident response
0xAkashsky/sub-scout - Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
blackorbird/APT_REPORT - Interesting APT Report Collection And Some Special IOCs
hdks-bug/exploit-notes - Sticky notes for pentesting, bug bounty, CTF.
Idov31/Venom - Venom is a library that meant to perform evasive communication using stolen browser socket
maliceio/malice - VirusTotal Wanna Be - Now with 100% more Hipster
knight0x07/Lnk2Vbs - A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.
hcbaker/Klyda - Highly configurable script for dictionary/spray attacks against online web applications.
kleiton0x00/RedditC2 - Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
knight0x07/BumbleCrypt - A Bumblebee-inspired Crypter
t3l3machus/Villain - Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them
SpyGuard/SpyGuard - SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.
RoseSecurity/ScrapPY - ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, an
cisagov/RedEye - RedEye is a visual analytic tool supporting Red & Blue Team operations
SpectralOps/netz - Discover internet-wide misconfigurations while drinking coffee
francesco-ficarola/cerberus - Cerberus is another simple stressing tool simulating DDoS attacks.
dogancanbakir/pirebok - pîrebok (from Kurdish "witch") - a guided adversarial fuzzer
matanolabs/matano - Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
swanandx/lemmeknow - The fastest way to identify anything!
splunk/security_content - Splunk Security Content
dogancanbakir/metamaska - μετάμάσκα - malevolent payload classifier
ihebski/DefaultCreds-cheat-sheet - One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
Idov31/Cronos - PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
tobor88/ReversePowerShell - Functions that can be used to gain Reverse Shells with PowerShell
iomoath/PyExchangePasswordSpray - Microsoft Exchange password spray tool with proxy support.
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
cyberark/RPCMon - RPC Monitor tool based on Event Tracing for Windows
Idov31/Sandman - Sandman is a NTP based backdoor for hardened networks.
WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
RoseSecurity/Red-Teaming-TTPs - Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
RoseSecurity/Anti-Virus-Evading-Payloads - During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus sof
p1ngul1n0/blackbird - An OSINT tool to search for accounts by username and email in social networks.
matro7sh/Smersh - Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
undergroundwires/privacy.sexy - Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
cipher387/Dorks-collections-list - List of Github repositories and articles with list of dorks for different search engines
Srinivas11789/PcapXray - ❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
GamehunterKaan/AutoPWN-Suite - AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
lunasec-io/lunasec - LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra
idnahacks/GoodHound - Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
zhzyker/dismap - Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点
TalEliyahu/awesome-security-newsletters - Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
tid4l/GoWard - A robust Red Team proxy written in Go.
Idov31/FunctionStomping - Shellcode injection technique. Given as C++ header, standalone Rust program or library.
nicolas-carolo/adsimulator - A realistic simulator of Active Directory domains
frankwxu/digital-forensics-lab - Free hands-on digital forensics labs for students and faculty
Yamato-Security/hayabusa - Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
tid4l/SharpCGHunter - Receive the status of Windows Defender Credential Guard on network hosts.
emalderson/ThePhish - ThePhish: an automated phishing email analysis tool
smicallef/spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
knight0x07/ImpulsiveDLLHijack - C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
iomoath/SharpStrike - A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.
noraj/haiti - 🔑 Hash type identifier (CLI & lib)
bee-san/pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️
RuiSiang/PoW-Shield - Project dedicated to fight Layer 7 DDoS with proof of work, with an additional WAF and controller. Completed with full set of features and containerized for rapid and lightweight deployment.
soxoj/maigret - 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
noraj/rawsec-cybersecurity-inventory - An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
bee-san/Search-That-Hash - 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
jipegit/IncidentsMindMaps - Cybersecurity Incidents Mind Maps
Zeyad-Azima/Offensive-Resources - A Huge Learning Resources with Labs For Offensive Security Players
center-for-threat-informed-defense/attack-control-framework-mappings - 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
opencve/opencve - Vulnerability Intelligence Platform
aydinnyunus/Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
CERT-Polska/karton - Distributed malware processing framework based on Python, Redis and S3.
thalesgroup-cert/Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
ihebski/A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
mrtouch93/awesome-security-feed - A semi-curated list of Security Feeds
alexandreborges/malwoverview - Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa
center-for-threat-informed-defense/adversary_emulation_library - An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
bunkerity/bunkerweb - 🛡️ Open-source and next-generation Web Application Firewall (WAF)
PaperMtn/gitlab-watchman - Finding exposed secrets and personal data in GitLab
serain/bbrecon - Python library and CLI for the Bug Bounty Recon API
t94j0/satellite - easy-to-use payload hosting
intelowlproject/IntelOwl - IntelOwl: manage your Threat Intelligence at scale
securisec/chepy - Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
monarc-project/MonarcAppFO - MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
mitre/caldera - Automated Adversary Emulation Platform
trimstray/otseca - Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Viralmaniar/Passhunt - Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
foospidy/payloads - Git All the Payloads! A collection of web attack payloads.

data

XORbit01/webpalm - 🕸️ Crawl in the web network
JoelGMSec/Invoke-DNSteal - Simple & Customizable DNS Data Exfiltrator
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow

data-analysis

e-m-b-a/embark - EMBArk - The firmware security scanning environment
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow

data-engineering

xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow

data-science

XORbit01/webpalm - 🕸️ Crawl in the web network
xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.

data-visualization

jerlendds/osintbuddy - Node graphs, OSINT data mining, and plugins. Connect unstructured and public data for transformative insights. The rewrite can be found @ osintbuddy/osintbuddy

database

Shad0w-ops/H.I.V.E - H.I.V.E is an automated OSINT (Open Source Intelligence) multi-tool that enables efficient data gathering from various sources through the utilization of a single, unified platform.
r4ulcl/wifi_db - Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes, MGT identities, interesting relations between APs, clients and it's Probes, WPS information
ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
mydumper/mydumper - Official MyDumper Project
Wisser/Jailer - Database Subsetting and Relational Data Browsing Tool.
securitybunker/databunker - Secure Vault for Customer PII/PHI/PCI/KYC Records

deep-learning

iperov/DeepFaceLab - DeepFaceLab is the leading software for creating deepfakes.
subeeshvasu/Awesome-Deblurring - A curated list of resources for Image and Video Deblurring

deployment

devtron-labs/devtron - The only Kubernetes dashboard you need
AutomatedLab/AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 20

design

chatwoot/chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬

developer-tools

leo-arch/clifm - 💾 The shell-like, command line terminal file manager
koalaman/shellcheck - ShellCheck, a static analysis tool for shell scripts

development

89luca89/distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at
D3Ext/maldev - Golang library for malware development

devops

healthchecks/healthchecks - Open-source cron job and background task monitoring service, written in Python & Django
semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
CISOfy/lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
khuedoan/homelab - Fully automated homelab from empty disk to running services with a single command.
robusta-dev/robusta - Better Prometheus alerts for Kubernetes - smart grouping, AI enrichment, and automatic remediation
xonsh/xonsh - 🐚 Python-powered shell. Full-featured and cross-platform.
xxh/xxh - 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
cr0hn/dockerfile-security - Static security checker for Dockerfiles
bunkerity/bunkerweb - 🛡️ Open-source and next-generation Web Application Firewall (WAF)
deepfence/ThreatMapper - Open Source Cloud Native Application Protection Platform (CNAPP)
aquasecurity/tfsec - Tfsec is now part of Trivy
trimstray/the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
marco-lancini/offensive-infrastructure - Offensive Infrastructure with Modern Technologies
archerysec/archerysec - ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

discord

3ct0s/dystopia-c2 - Windows Remote Administration Tool that uses Discord, Telegram and GitHub as C2s
projectdiscovery/notify - Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
hugsy/gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

django

healthchecks/healthchecks - Open-source cron job and background task monitoring service, written in Python & Django
makeplane/plane - 🔥 🔥 🔥 Open Source JIRA, Linear, Monday, and Asana Alternative. Plane helps you track your issues, epics, and cycles the easiest way on the planet.
DefectDojo/django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
blacklanternsecurity/badsecrets - A library for detecting known secrets across many web frameworks
TandoorRecipes/recipes - Application for managing recipes, planning meals, building shopping lists and much much more!
e-m-b-a/embark - EMBArk - The firmware security scanning environment
mucoze/Umay - IoT Malware Similarity Analysis Platform
opencve/opencve - Vulnerability Intelligence Platform
thalesgroup-cert/Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

docker

CycloneDX/cdxgen - Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission t
semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
skonik/docker-compose-diagram - 🐳docker-compose + 🎨diagrams = docker-compose-diagram 🐳🎨
pmsipilot/docker-compose-viz - Docker compose graph visualization
drakkan/sftpgo - Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob
zammad/zammad-docker-compose - Zammad Docker images for docker-compose & Kubernetes
makeplane/plane - 🔥 🔥 🔥 Open Source JIRA, Linear, Monday, and Asana Alternative. Plane helps you track your issues, epics, and cycles the easiest way on the planet.
chatwoot/chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
plankanban/planka - PLANKA is the kanban-style project mastering tool for everyone.
Peppermint-Lab/peppermint - An open source issue management & help desk solution. A zendesk & jira alternative
stanfrbd/cyberbro - A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
vulhub/vulhub - Pre-Built Vulnerable Environments Based on Docker-Compose
Stirling-Tools/Stirling-PDF - #1 Locally hosted web application that allows you to perform various operations on PDF files
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
89luca89/distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at
jlandure/alpine-chrome - Chrome Headless docker images built upon alpine official image
wagoodman/dive - A tool for exploring each layer in a docker image
netbootxyz/netboot.xyz - Your favorite operating systems in one place. A network-based bootable operating system installer based on iPXE.
NOXCIS/Wiregate - 🥷🏼 AmneziaWG + WireGuard VPN Server with Web UI + TOR + DnsCrypt + Pihole +AdGuard
sickcodes/Docker-OSX - Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
ThePorgs/Exegol - Fully featured and community-driven hacking environment
microsoft/vs-dockerfiles - Examples of dockerfiles and optional supporting scripts to install and use Build Tools for Visual Studio 2017 in a container.
Cyb3rWard0g/HELK - The Hunting ELK
bee-san/RustScan - 🤖 The Modern Port Scanner 🤖
RhinoSecurityLabs/ccat - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
kurogai/100-redteam-projects - Projects for security students
maliceio/malice - VirusTotal Wanna Be - Now with 100% more Hipster
ezra-buckingham/terry-the-terraformer - A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
JoelGMSec/EvilnoVNC - Ready to go Phishing Platform
khast3x/Redcloud - Automated Red Team Infrastructure deployement using Docker
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
0xricksanchez/like-dbg - Fully dockerized Linux kernel debugging environment
matro7sh/Smersh - Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
slimtoolkit/slim - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
rovellipaolo/NinjaDroid - Ninja Reverse Engineering on Android APK packages
sneakerhax/Arsenal - Red Team tools, infrastructure, and hardware weaponized
quay/clair - Vulnerability Static Analysis for Containers
cr0hn/dockerscan - Docker security analysis & hacking tools
Jigsaw-Code/outline-server - Outline Server, developed by Jigsaw. The Outline Server is a proxy server that runs a Shadowsocks instance and provides a REST API for access key management.
vvanglro/cf-clearance - Purpose To make a cloudflare v2 challenge pass successfully, Can be use cf_clearance bypassed by cloudflare, However, with the cf_clearance, make sure you use the same IP and UA as when you got it.
FlareSolverr/FlareSolverr - Proxy server to bypass Cloudflare protection
TandoorRecipes/recipes - Application for managing recipes, planning meals, building shopping lists and much much more!
khuedoan/homelab - Fully automated homelab from empty disk to running services with a single command.
cybersecsi/houdini - Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
cybersecsi/RAUDI - A repo to automatically generate and keep updated a series of Docker images through GitHub Actions.
robusta-dev/robusta - Better Prometheus alerts for Kubernetes - smart grouping, AI enrichment, and automatic remediation
getanteon/anteon - Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
BeetleChunks/SpoolSploit - A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.
Hackplayers/evil-winrm - The ultimate WinRM shell for hacking/pentesting
cr0hn/dockerfile-security - Static security checker for Dockerfiles
anchore/grype - A vulnerability scanner for container images and filesystems
deepfence/SecretScanner - 🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
mattes/rotating-proxy - Rotating TOR proxy with Docker
koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
sgabe/winaflpet - Web user interface and service agent for the monitoring and remote management of WinAFL.
himazawa/bento - Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
bunkerity/bunkerweb - 🛡️ Open-source and next-generation Web Application Firewall (WAF)
traefik/traefik - The Cloud Native Application Proxy
madhuakula/kubernetes-goat - Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
bats3c/shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments
telekom-security/tpotce - 🍯 T-Pot - The All In One Multi Honeypot Platform 🐝
aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
lirantal/dockly - Immersive terminal interface for managing docker containers and services
stevenaldinger/decker - Declarative penetration testing orchestration framework
devoteam-cybertrust/burpcollaborator-docker - This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible the
marco-lancini/docker_vault - Docker + Consul + Vault
marco-lancini/docker_offensive_elk - Elasticsearch for Offensive Security
marco-lancini/goscan - Interactive Network Scanner
marco-lancini/offensive-infrastructure - Offensive Infrastructure with Modern Technologies

documentation

GitbookIO/gitbook - The open source frontend for GitBook doc sites
mermaid-js/mermaid - Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown

dotfiles

twpayne/chezmoi - Manage your dotfiles across multiple diverse machines, securely.
polybar/polybar-scripts - This is a community project. We write and collect scripts for polybar!
addy-dclxvi/i3-starterpack - A simple guide (and example of configuration) about how to install i3 & its and essentials packages, then make them look eye candy, also contains my dotfiles of Debian 12 (Bookworm) setup
fluix-dev/dotfiles - My dotfiles and colorschemes for sway and a variety of other programs.

dotnet

Washi1337/AsmResolver - A library for creating, reading and editing PE files and .NET modules.
BC-SECURITY/Taming-Offensive-IronPython - This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it can be used to interact with other .NET languages.
dahall/Vanara - A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
void-stack/VMUnprotect.Dumper - VMUnprotect.Dumper can dynamically untamper VMProtected Assembly.
guardrailsio/awesome-dotnet-security - Awesome .NET Security Resources
danports/cassia - Cassia is a .NET library for accessing the native Windows Remote Desktop Services API (formerly the Terminal Services API).
jbevain/cecil - Cecil is a library to inspect, modify and create .NET programs and libraries.
dnSpyEx/dnSpy - Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
quasar/Quasar - Remote Administration Tool for Windows
B2R2-org/B2R2 - B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.
NotPrab/.NET-Obfuscator - Lists of .NET Obfuscator (Free, Freemium, Paid and Open Source )
bats3c/shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments
cobbr/Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
icsharpcode/ILSpy - .NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
byt3bl33d3r/SILENTTRINITY - An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

education

frankwxu/digital-forensics-lab - Free hands-on digital forensics labs for students and faculty
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters - A list of resources for those interested in getting started in bug bounties

electron

Zerx0r/Kage - Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler
Jigsaw-Code/outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them
Zettlr/Zettlr - Your One-Stop Publication Workbench
streetwriters/notesnook - A fully open source & end-to-end encrypted note taking alternative to Evernote.
staniel359/muffon - Advanced multi-source music streaming + discovery client for desktop. Free, clean, no login, no ads.
Noovolari/leapp - Leapp is the DevTool to access your cloud
pavlobu/deskreen - Deskreen turns any device with a web browser into a secondary screen for your computer. ⭐️ Star to support our work!
Foundry376/Mailspring - 💌 A beautiful, fast and fully open source mail client for Mac, Windows and Linux.
doyensec/electronegativity - Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

elixir

firezone/firezone - Enterprise-ready zero-trust access platform built on WireGuard®.

emacs

atlas-engineer/nyxt - Nyxt - the hacker's browser.

embedded

peterhinch/micropython-async - Application of uasyncio to hardware interfaces. Tutorial and code.
adi0x90/attifyos - Attify OS - Distro for pentesting IoT devices

emulator

cemu-project/Cemu - Cemu - Wii U emulator
86Box/86Box - Emulator of x86-based machines.
mrexodia/dumpulator - An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
bitdefender/bddisasm - bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
qilingframework/qiling - A True Instrumentable Binary Emulation Framework
zeropointdynamics/zelos - A comprehensive binary emulation and instrumentation platform.
emsec/ChameleonMini - The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. The ChameleonMini was developed by https://kasper-oswald.de. The device is available at https://shop.kasper.it. For f

es6

grafana/k6 - A modern load testing tool, using Go and JavaScript

ethereum

Quillhash/DeFi-Attack-Vectors - This Repository contains list of Common DeFi threat and Attack Vectors. If you find any attack vectors missing, you can create a pull request and be a contributor of the project.
crytic/slither - Static Analyzer for Solidity and Vyper
enzymefinance/oyente - An Analysis Tool for Smart Contracts
trailofbits/manticore - Symbolic execution tool

express

softrams/bulwark - An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

firebase

thisbejim/Pyrebase - A simple python wrapper for the Firebase API.
0xbigshaq/firepwn-tool - Firepwn is a tool made for testing the Security Rules of a firebase application.

firefox

pyllyukko/user.js - user.js -- Firefox configuration hardening
StarfireLab/SharpWeb - 一个浏览器数据（密码|历史记录|Cookie|书签|下载记录）的导出工具，支持主流浏览器。
CleoMenezesJr/flatline - Select apps directly from your favorite software center by clicking Install from Flathub, apps.gnome and AppCenter.
nccgroup/tracy - A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

flask

blacklanternsecurity/badsecrets - A library for detecting known secrets across many web frameworks
hashview/hashview - A web front-end for password cracking and analytics
AdrianVollmer/Crack-O-Matic - Find and notify users in your Active Directory with weak passwords
blukat29/search-libc - Web wrapper of niklasb/libc-database
python-security/pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

framework

kurogai/100-redteam-projects - Projects for security students
Textualize/textual - The lean application framework for Python. Build sophisticated user interfaces with a simple Python API. Run your apps in the terminal and a web browser.
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
screetsec/Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
ExpLife0011/awesome-windows-kernel-security-development - windows kernel security development
iipeace/guider - Real-time Performance & Fault Detection Service Enabled by Comprehensive Built-in Command
koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
0xsha/florentino - Fast Static File Analysis Framework
matrix1001/welpwn - 💖CTF pwn framework.
qilingframework/qiling - A True Instrumentable Binary Emulation Framework
stevenaldinger/decker - Declarative penetration testing orchestration framework

frontend

Wisser/Jailer - Database Subsetting and Relational Data Browsing Tool.

game

git-learning-game/oh-my-git - An interactive Git learning game!
gameflorist/dunedynasty - Dune Dynasty is a remaster / enhancement of the classic real-time strategy game Dune II by Westwood Studios. It builds upon the original reverse-engineered game engine and adds many enhancements, mode
longturn/freeciv21 - Develop your civilization from humble roots to a global empire
pioneerspacesim/pioneer - A game of lonely space adventure
simon987/Much-Assembly-Required - Assembly programming game
CleverRaven/Cataclysm-DDA - Cataclysm - Dark Days Ahead. A turn-based survival game set in a post-apocalyptic world.
abakh/nbsdgames - A package of 18 text-based modern games

games

abakh/nbsdgames - A package of 18 text-based modern games

gh-extension

gennaro-tedesco/gh-s - 🔎 search github repositories interactively
gennaro-tedesco/gh-f - 🔎 the ultimate compact fzf gh extension

git

git-learning-game/oh-my-git - An interactive Git learning game!
fteem/git-semantic-commits - Tiny semantic commit messages for Git.
drakkan/sftpgo - Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob
mhutchie/vscode-git-graph - View a Git Graph of your repository in Visual Studio Code, and easily perform Git actions from the graph.
GitbookIO/gitbook - The open source frontend for GitBook doc sites
gennaro-tedesco/gh-f - 🔎 the ultimate compact fzf gh extension
TheYkk/git-switcher - Easily switch between your git profiles
dandavison/delta - A syntax-highlighting pager for git, diff, grep, and blame output
liamg/gitjacker - 🔪 Leak git repositories from misconfigured websites
arthaud/git-dumper - A tool to dump a git repository from a website
sharkdp/bat - A cat(1) clone with wings.
tillson/git-hound - Fast GitHub recon tool. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
mschwager/gitem - A Github organization reconnaissance tool.
not-an-aardvark/lucky-commit - Customize your git commit hashes!

github

synacktiv/nord-stream - Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
gennaro-tedesco/gh-f - 🔎 the ultimate compact fzf gh extension
tillson/git-hound - Fast GitHub recon tool. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
mschwager/gitem - A Github organization reconnaissance tool.
gwen001/github-search - A collection of tools to perform searches on GitHub.

github-api

cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow

github-config

KSGamingLife/KSGamingLife - Config files for my GitHub profile.

go

semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
drakkan/sftpgo - Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob
Lissy93/who-dat - 🔎 A free no-CORS WHOIS/RDAP lookup API, for fetching domain registration info
future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
matro7sh/myph - shellcode loader for your evasion needs
fatedier/frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
nickvourd/Supernova - Real fucking shellcode encryptor & obfuscator tool
XORbit01/webpalm - 🕸️ Crawl in the web network
corazawaf/coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
D3Ext/maldev - Golang library for malware development
xjasonlyu/tun2socks - tun2socks - powered by gVisor TCP/IP stack
f1zm0/acheron - indirect syscalls for AV/EDR evasion in Go assembly
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
ItsIgnacioPortal/Hacker-Scoper - CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.
mytechnotalent/Go-Hacking - A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
XZB-1248/Spark - ✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的，网页UI、跨平台以及多功能的远程控制和监控工具，你可以随时随地监
liamg/grace - 🪛 It's strace, with colours.
goclone-dev/goclone - Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.
SpectralOps/netz - Discover internet-wide misconfigurations while drinking coffee
slimtoolkit/slim - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
RedTeamPentesting/pretender - Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
ankitpokhrel/jira-cli - 🔥 Feature-rich interactive Jira command line.
quay/clair - Vulnerability Static Analysis for Containers
dwisiswant0/cf-check - CloudFlare Checker written in Go
haccer/subjack - Subdomain Takeover tool written in Go
gennaro-tedesco/gh-s - 🔎 search github repositories interactively
wader/fq - jq for binary formats - tool, language and decoders for working with binary and text formats
hoppscotch/proxyscotch - 📡 A simple proxy server created for https://hoppscotch.io
jaeles-project/gospider - Gospider - Fast web spider written in Go
grafana/k6 - A modern load testing tool, using Go and JavaScript
r-darwish/idnt - Batch software uninstall
Shopify/toxiproxy - ⏰ 🔥 A TCP proxy to simulate network and system conditions for chaos and resiliency testing
getanteon/anteon - Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
kovidgoyal/kitty - Cross-platform, fast, feature-rich, GPU based terminal
SigNoz/signoz - SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour
saferwall/pe - A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
anchore/grype - A vulnerability scanner for container images and filesystems
restic/restic - Fast, secure, efficient backup program
teler-sh/teler - Real-time HTTP Intrusion Detection
RedTeamPentesting/monsoon - Fast HTTP enumerator
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow
dvyukov/go-fuzz - Randomized testing for Go
semgrep/semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
mole-ids/mole - Yara powered NIDS with high speed packet capture powered by PF_RING
traefik/traefik - The Cloud Native Application Proxy
j3ssie/osmedeus - A Workflow Engine for Offensive Security
smallstep/certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
aquasecurity/tfsec - Tfsec is now part of Trivy
owasp-amass/amass - In-depth attack surface mapping and asset discovery
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
gcla/termshark - A terminal UI for tshark, inspired by Wireshark
gocaio/goca - Goca Scanner
stevenaldinger/decker - Declarative penetration testing orchestration framework

godot

git-learning-game/oh-my-git - An interactive Git learning game!

golang

semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
cxnturi0n/convoC2 - C2 infrastructure over Microsoft Teams.
future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
f1zm0/hades - Go shellcode loader that combines multiple evasion techniques
KarpelesLab/vncpasswd - Encryption and decryption of DES encrypted VNC passwords
caio-ishikawa/netscout - OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.
CyberRoute/scanme - A Golang package for scanning private and public IPs for open TCP ports 👁️
spellshift/realm - Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
pygrum/monarch - Monarch - The Adversary Emulation Toolkit
groundsec/secbutler - The perfect butler for pentesters, bug-bounty hunters and security researchers
go-gost/gost - GO Simple Tunnel - a simple tunnel written in golang
nickvourd/Supernova - Real fucking shellcode encryptor & obfuscator tool
XORbit01/webpalm - 🕸️ Crawl in the web network
corazawaf/coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
D3Ext/maldev - Golang library for malware development
xjasonlyu/tun2socks - tun2socks - powered by gVisor TCP/IP stack
zu1k/nali - An offline tool for querying IP geographic information and CDN provider. 一个查询IP地理信息和CDN服务提供商的离线终端工具.
burrowers/garble - Obfuscate Go builds
f1zm0/acheron - indirect syscalls for AV/EDR evasion in Go assembly
looCiprian/GC2-sheet - GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or Mi
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
ItsIgnacioPortal/Hacker-Scoper - CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.
D3Ext/Hooka - Shellcode loader generator with multiples features
WHOISshuvam/gotld - Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and security researchers.
mytechnotalent/Go-Hacking - A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
subfinder/goaltdns - A permutation generation tool written in golang
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
XZB-1248/Spark - ✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的，网页UI、跨平台以及多功能的远程控制和监控工具，你可以随时随地监
Cybergenik/hopper - Coverage-Guided Greybox Distributed Fuzzer
An00bRektn/gopher47 - A third-party Gopher Assassin for the Havoc Framework.
maliceio/malice - VirusTotal Wanna Be - Now with 100% more Hipster
liamg/grace - 🪛 It's strace, with colours.
hanhanhanz/forothree - 403 bypass tools based on golang
goclone-dev/goclone - Website Cloner - Utilizes powerful Go routines to clone websites to your computer within seconds.
Checkmarx/kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
nicocha30/ligolo-ng - An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Enelg52/KittyStager - KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten and b
SpectralOps/netz - Discover internet-wide misconfigurations while drinking coffee
dhn/spk - spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
BishopFox/cloudfox - Automating situational awareness for cloud penetration tests.
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
clouditor/clouditor - The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.
slimtoolkit/slim - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
GhostTroops/scan4all - Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
sneakerhax/Arsenal - Red Team tools, infrastructure, and hardware weaponized
ankitpokhrel/jira-cli - 🔥 Feature-rich interactive Jira command line.
vouch/vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
dwisiswant0/cf-check - CloudFlare Checker written in Go
haccer/subjack - Subdomain Takeover tool written in Go
tid4l/GoWard - A robust Red Team proxy written in Go.
zarkones/XENA - XENA is an innovative C2 made fully in Go. With hacking automation features.
hahwul/authz0 - 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
capnspacehook/egress-eddie - Hostname filtering for arbitrary network protocols
wader/fq - jq for binary formats - tool, language and decoders for working with binary and text formats
grafana/k6 - A modern load testing tool, using Go and JavaScript
getanteon/anteon - Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
pallavJha/chaakoo - Slice and dice your TMUX windows and panes
BishopFox/sliver - Adversary Emulation Framework
praetorian-inc/gokart - A static analysis tool for securing Go code
Fahrj/reverse-ssh - Statically-linked ssh server with reverse shell functionality for CTFs and such
seashell/drago - ☁️ Securely connect anything with WireGuard® and manage all your networks from a single place.
redcode-labs/Solaris - A local LKM rootkit loader/dropper that lists available security mechanisms
kovidgoyal/kitty - Cross-platform, fast, feature-rich, GPU based terminal
projectdiscovery/interactsh - An OOB interaction gathering server and client library
saferwall/pe - A ⚡ lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
anchore/grype - A vulnerability scanner for container images and filesystems
redcode-labs/GodSpeed - Fast and intuitive manager for multiple reverse shells
cyberark/kubesploit - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
teler-sh/teler - Real-time HTTP Intrusion Detection
redcode-labs/neurax - A framework for constructing self-spreading binaries
mlcsec/headi - Customisable and automated HTTP header injection
rabbitstack/fibratus - Adversary tradecraft detection, protection, and hunting
securego/gosec - Go security checker
dwisiswant0/go-dork - The fastest dork scanner written in Go.
ph4ntonn/Stowaway - 👻Stowaway -- Multi-hop Proxy Tool for pentesters
mole-ids/mole - Yara powered NIDS with high speed packet capture powered by PF_RING
traefik/traefik - The Cloud Native Application Proxy
Shivangx01b/CorsMe - Cross Origin Resource Sharing MisConfiguration Scanner
hahwul/dalfox - 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
jaeles-project/jaeles - The Swiss Army knife for automated Web Application Testing
j3ssie/osmedeus - A Workflow Engine for Offensive Security
globocom/huskyCI - Performing security tests inside your CI
AbGuthrie/goquery - Provide a shell like interface by utilizing osquery's distributed API
owasp-amass/amass - In-depth attack surface mapping and asset discovery
michenriksen/aquatone - A Tool for Domain Flyovers
aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
gcla/termshark - A terminal UI for tshark, inspired by Wireshark
gocaio/goca - Goca Scanner
stevenaldinger/decker - Declarative penetration testing orchestration framework
Dliv3/Venom - Venom - A Multi-hop Proxy for Penetration Testers
jpillora/chisel - A fast TCP/UDP tunnel over HTTP
sensepost/godoh - 🕳 godoh - A DNS-over-HTTPS C2
marco-lancini/goscan - Interactive Network Scanner
DominicBreuker/pspy - Monitor linux processes without root permissions
Ne0nd0g/merlin - Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
sensepost/gowitness - 🔍 gowitness - a golang, web screenshot utility using Chrome Headless
gophish/gophish - Open-Source Phishing Toolkit

good-first-issue

SigNoz/signoz - SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour

google

faizann24/baby-naptime - A very simple open source implementation of Google's Project Naptime
looCiprian/GC2-sheet - GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet or Microsoft SharePoint List and exfiltrate files using Google Drive or Mi
RhinoSecurityLabs/ccat - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
ukncsc/Device-Security-Guidance-Configuration-Packs - This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow
ClaudiuGeorgiu/PlaystoreDownloader - A command line tool to download Android applications directly from the Google Play Store by specifying their package name (an initial one-time configuration is required)
jarun/googler - 🔍 Google from the terminal

graphql

spellshift/realm - Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
dolevf/Damn-Vulnerable-GraphQL-Application - Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
doyensec/inql - InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

hacking

The-Viper-One/PsMapExec - Dominate Active Directory with PowerShell.
zarkones/OnionC2 - C2 writen in Rust & Go powered by Tor network.
adgaultier/caracal - Make your programs stealthier🐝
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
FLOCK4H/Freeway - WiFi Penetration Testing & Auditing Tool
Hacking-Notes/RedTeam - This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.
AleksaMCode/WiFi-password-stealer - Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
k4m4/movies-for-hackers - 🎬 A curated list of movies every hacker & cyberpunk must watch.
AleksaMCode/Preferred-Network-List-Sniffer - A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
Warxim/petep - PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications
Warxim/deluder - Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
lefayjey/linWinPwn - linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
factionsecurity/faction - Pen Test Report Generation and Assessment Collaboration
Frissi0n/GTFONow - Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
MegaManSec/SSH-Snake - SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
3nock/OTE - OSINT Template Engine
Pennyw0rth/NetExec - The Network Execution Tool
MrTuxx/SocialPwned - SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed
florylsk/RecycledInjector - Native Syscalls Shellcode Injector
naksyn/ModuleShifting - Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes
florylsk/SignatureGate - Weaponized HellsGate/SigFlip
t3l3machus/Synergy-httpx - A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
hcbaker/Puwr - Pivot your way deeper into computer networks with SSH compromised machines.
Kudaes/Bin-Finder - Detect EDR's exceptions by inspecting processes' loaded modules
ThePorgs/Exegol - Fully featured and community-driven hacking environment
Kudaes/Fiber - Using fibers to run in-memory code.
sevagas/swap_digger - swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms
Marshall-Hallenbeck/red_team_attack_lab - Red Team Attack Lab for TTP testing & research
Drew-Alleman/DataSurgeon - Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
d3mondev/puredns - Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
thehlopster/hfuzz - Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
chvancooten/BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
bee-san/RustScan - 🤖 The Modern Port Scanner 🤖
mytechnotalent/Go-Hacking - A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
subfinder/goaltdns - A permutation generation tool written in golang
trickest/wordlists - Real-world infosec wordlists, updated regularly
pablosnt/rekono - Pentesting automation platform that combines hacking tools to complete assessments
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
kurogai/100-redteam-projects - Projects for security students
ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
shawnduong/PXEnum - A shell script that automatically performs a series of *NIX enumeration tasks.
naksyn/PythonMemoryModule - pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
m0nad/Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
brosck/Pingoor - 「🚪」Linux Backdoor based on ICMP protocol
kpcyrd/sh4d0wup - Signing-key abuse and update exploitation framework
kleiton0x00/RedditC2 - Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
t3l3machus/Villain - Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them
hanhanhanz/forothree - 403 bypass tools based on golang
RoseSecurity/ScrapPY - ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, an
De3vil/SteaLinG - The SteaLinG is an open-source penetration testing framework designed for social engineering
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Micro0x00/Arsenal - Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
1N3/BruteX - Automatically brute force all services running on a target.
naksyn/Pyramid - a tool to help operate in EDRs' blind spots
devanshbatham/FavFreak - Making Favicon.ico based Recon Great again !
tobor88/ReversePowerShell - Functions that can be used to gain Reverse Shells with PowerShell
22XploiterCrew-Team/Gel4y-Mini-Shell-Backdoor - A webshell that can bypass some system security, all code has been obfuscated to bypass malware scans freely.
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
khast3x/Redcloud - Automated Red Team Infrastructure deployement using Docker
blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
mbrg/power-pwn - An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
rootcathacking/catspin - Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.
RoseSecurity/Red-Teaming-TTPs - Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
RoseSecurity/Anti-Virus-Evading-Payloads - During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Here is a simple way to evade anti-virus sof
r3nt0n/bopscrk - Generate smart and powerful wordlists
t3l3machus/pentest-pivoting - A compact guide to network pivoting for penetration testings / CTF challenges.
D3Ext/DFShell - D3Ext's Forward Shell
AlaBouali/bane - The "bane" Python library stands out as a robust toolkit catering to a wide spectrum of cybersecurity and networking tasks. Its versatile range of functionalities covers various aspects, including bru
cipher387/Dorks-collections-list - List of Github repositories and articles with list of dorks for different search engines
t3l3machus/hoaxshell - A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
t3l3machus/psudohash - Generates millions of keyword-based password mutations in seconds.
payloadbox/sql-injection-payload-list - 🎯 SQL Injection Payload List
GamehunterKaan/AutoPWN-Suite - AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
cr0hn/dockerscan - Docker security analysis & hacking tools
nicholasadamou/minipwner - A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
d4rckh/vaf - Vaf is a cross-platform very advanced and fast web fuzzer written in nim
ariary/cfuzz - Command line fuzzer and bruteforcer 🌪 wfuzz for command
t94j0/gophish-notifier - Notification webhook for GoPhish
trickest/cve - Gather and update all available and newest CVEs with their PoC.
cybersecsi/houdini - Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.
Hackmanit/Web-Cache-Vulnerability-Scanner - Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
JavierOlmedo/OWASP-Calculator - 🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
e-m-b-a/embark - EMBArk - The firmware security scanning environment
SpiderLabs/HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
yassineaboukir/sublert - Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
codingo/VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
crossbowerbt/GDB-Python-Utils - A library for GDB (with python support), that adds useful functions to the standard 'gdb' library.
nyxgeek/lyncsmash - locate and attack Lync/Skype for Business
MichaelDim02/Narthex - Modular personalized dictionary generator.
smicallef/spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Hackplayers/evil-winrm - The ultimate WinRM shell for hacking/pentesting
Fahrj/reverse-ssh - Statically-linked ssh server with reverse shell functionality for CTFs and such
noraj/haiti - 🔑 Hash type identifier (CLI & lib)
clu3bot/owt - Update Version 3.1 added free SMS messaging.
stormshadow07/BeeF-Over-Wan - Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Ov
bee-san/pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️
gquere/pwn_jenkins - Notes about attacking Jenkins servers
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
gand3lf/heappy - A happy heap editor to support your exploitation process 🙂
swagkarna/Defeat-Defender-V1.2.0 - Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
dsopas/MindAPI - Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
bee-san/Search-That-Hash - 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
six2dez/reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Zeyad-Azima/Offensive-Resources - A Huge Learning Resources with Labs For Offensive Security Players
bee-san/Name-That-Hash - 🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
enkomio/Taipan - Web application vulnerability scanner
aydinnyunus/Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
e-m-b-a/emba - EMBA - The firmware security analyzer
ihebski/A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
mrtouch93/awesome-security-feed - A semi-curated list of Security Feeds
rewanthtammana/Damn-Vulnerable-Bank - Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
hackerschoice/gsocket - Connect like there is no firewall. Securely.
koutto/pi-pwnbox-rogueap - Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
yogeshojha/rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon
liamg/gitjacker - 🔪 Leak git repositories from misconfigured websites
blacklanternsecurity/TREVORspray - TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
serain/bbrecon - Python library and CLI for the Bug Bounty Recon API
six2dez/wahh_extras - The Web Application Hacker's Handbook - Extra Content
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
odedshimon/BruteShark - Network Analysis Tool
ndelphit/apkurlgrep - Extract endpoints from APK files
madhuakula/kubernetes-goat - Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters - A list of resources for those interested in getting started in bug bounties
kac89/vulnrepo - VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT
urbanadventurer/WhatWeb - Next generation web scanner
yeswehack/PwnFox - PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
stevemcilwain/quiver - Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Ullaakut/cameradar - Cameradar hacks its way into RTSP videosurveillance cameras
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
jaeles-project/jaeles - The Swiss Army knife for automated Web Application Testing
hakluke/hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
techgaun/github-dorks - Find leaked secrets via github search
dronesploit/dronesploit - Drone pentesting framework console
khast3x/h8mail - Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
gwen001/pentest-tools - A collection of custom security tools for quick needs.
j3ssie/osmedeus - A Workflow Engine for Offensive Security
W00t3k/Awesome-Cellular-Hacking - Awesome-Cellular-Hacking
veracode-research/solr-injection - Apache Solr Injection Research
milo2012/portia - Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as we
trimstray/the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
stevenaldinger/decker - Declarative penetration testing orchestration framework
diego-treitos/linux-smart-enumeration - Linux enumeration tool for pentesting and CTFs with verbosity levels
codingo/Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
initstring/uptux - Linux privilege escalation checks (systemd, dbus, socket fun, etc)
OlivierLaflamme/Cheatsheet-God - Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
mitre/caldera - Automated Adversary Emulation Platform
k4m4/dymerge - 🔓 A dynamic dictionary merger for successful dictionary based attacks.
Hack-with-Github/Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
0x00-0x00/ShellPop - Pop shells like a master.
infosecn1nja/Red-Teaming-Toolkit - This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
bettercap/bettercap - The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
adi0x90/attifyos - Attify OS - Distro for pentesting IoT devices
evyatarmeged/Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
D4Vinci/Cr3dOv3r - Know the dangers of credential reuse attacks.
samratashok/nishang - Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
brannondorsey/dns-rebind-toolkit - A front-end JavaScript toolkit for creating DNS rebinding attacks.
brannondorsey/whonow - A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
FSecureLABS/dref - DNS Rebinding Exploitation Framework
vah13/extractTVpasswords - tool to extract passwords from TeamViewer memory using Frida
projectdiscovery/subfinder - Fast passive subdomain enumeration tool.
initstring/passphrase-wordlist - Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
UnaPibaGeek/ctfr - Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
XiphosResearch/netelf - Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
maurosoria/dirsearch - Web path scanner
swisskyrepo/PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
1N3/PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
P0cL4bs/WiFi-Pumpkin-deprecated - DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3
foospidy/payloads - Git All the Payloads! A collection of web attack payloads.

hacking-tool

M507/RamiGPT - Autonomous Privilege Escalation using AI
MatrixTM/MHDDoS - Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
AleksaMCode/WiFi-password-stealer - Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
AleksaMCode/Preferred-Network-List-Sniffer - A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
Warxim/petep - PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications
Warxim/deluder - Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
reveng007/reveng_rtkit - Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
hcbaker/Puwr - Pivot your way deeper into computer networks with SSH compromised machines.
spyboy-productions/r4ven - Track the GPS location of the user's smartphone or PC and capture a picture of the target, along with IP and device information.
ShobhitMishra-bot/SWS-Recon-Tool - SWS-Recon is a Python Tool designed to performed Reconnaissance on the given target website- Domain or SubDomain. SWS-Recon collects information such as Google Dork, DNS Information, Sub Domains, Port
ASHWIN990/ADB-Toolkit - ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
m0nad/Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
hcbaker/Klyda - Highly configurable script for dictionary/spray attacks against online web applications.
theahmadov/slash - The Slash OSINT Tool
t3l3machus/Villain - Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them
Deadpool2000/Paybag - Simple and easy Metasploit payload generator for Linux & Termux
mbrg/power-pwn - An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
r3nt0n/bopscrk - Generate smart and powerful wordlists
t3l3machus/psudohash - Generates millions of keyword-based password mutations in seconds.
nicholasadamou/minipwner - A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
clarencesubia/dns_enumeration_tool - Enumerate DNS records using Python
0xsauby/yasuo - A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Hackmanit/Web-Cache-Vulnerability-Scanner - Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
SpiderLabs/HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
codingo/VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
stormshadow07/BeeF-Over-Wan - Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Ov
paralax/ObsidianSailboat - Nmap and NSE command line wrapper in the style of Metasploit
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
bee-san/Search-That-Hash - 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
enkomio/Taipan - Web application vulnerability scanner
aydinnyunus/Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
jm33-m0/emp3r0r - Linux/Windows post-exploitation framework made by linux user
koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
souravbaghz/RadareEye - Tool for especially scanning nearby devices and execute a given command on its own system while the target device comes in range.
InfosecMatter/default-http-login-hunter - Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Ullaakut/cameradar - Cameradar hacks its way into RTSP videosurveillance cameras
j3ssie/osmedeus - A Workflow Engine for Offensive Security
codingo/Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
OlivierLaflamme/Cheatsheet-God - Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
evyatarmeged/Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
D4Vinci/Cr3dOv3r - Know the dangers of credential reuse attacks.
maurosoria/dirsearch - Web path scanner

hacking-tools

M507/RamiGPT - Autonomous Privilege Escalation using AI
FLOCK4H/NeoDucky - Rubber Ducky powered by NeoKey
AleksaMCode/WiFi-password-stealer - Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
AleksaMCode/Preferred-Network-List-Sniffer - A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
Warxim/petep - PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applications
Warxim/deluder - Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
MegaManSec/SSH-Snake - SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
t3l3machus/Synergy-httpx - A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
ASHWIN990/ADB-Toolkit - ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
kurogai/100-redteam-projects - Projects for security students
ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
hdks-bug/exploit-notes - Sticky notes for pentesting, bug bounty, CTF.
0xacb/recollapse - REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
AlaBouali/bane - The "bane" Python library stands out as a robust toolkit catering to a wide spectrum of cybersecurity and networking tasks. Its versatile range of functionalities covers various aspects, including bru
GamehunterKaan/AutoPWN-Suite - AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
nicholasadamou/minipwner - A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
d4rckh/vaf - Vaf is a cross-platform very advanced and fast web fuzzer written in nim
xxh/xxh - 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
helich0pper/Karkinos - Penetration Testing and Hacking CTF's Swiss Army Knife with: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing
CoolHandSquid/TireFire - Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet - A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
aydinnyunus/Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
koutto/pi-pwnbox-rogueap - Homemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
urbanadventurer/WhatWeb - Next generation web scanner
stevemcilwain/quiver - Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
0xacb/viewgen - Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys

hacktoberfest

Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
DependencyTrack/dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
farhanashrafdev/90DaysOfCyberSecurity - This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov
johannesjo/super-productivity - Super Productivity is an advanced todo list app with integrated Timeboxing and time tracking capabilities. It also comes with integrations for Jira, GitLab, GitHub and Open Project.
6abd/horus - An OSINT / digital forensics tool built in Python
swisskyrepo/InternalAllTheThings - Active Directory and Internal Pentest Cheatsheets
jlandure/alpine-chrome - Chrome Headless docker images built upon alpine official image
groundsec/secbutler - The perfect butler for pentesters, bug-bounty hunters and security researchers
orhun/rustypaste - A minimal file upload/pastebin service.
DefectDojo/django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
netbootxyz/netboot.xyz - Your favorite operating systems in one place. A network-based bootable operating system installer based on iPXE.
orhun/kmon - Linux Kernel Manager and Activity Monitor 🐧💻
ARPSyndicate/awesome-intelligence - A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
reveng007/reveng_rtkit - Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
daffainfo/Oneliner-Bugbounty - A collection oneliner scripts for bug bounty
corazawaf/coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
mrexodia/TitanHide - Hiding kernel-driver for x86/x64.
pmd/pmd - An extensible multilanguage static code analyzer.
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
chvancooten/BugBountyScanner - A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
bee-san/RustScan - 🤖 The Modern Port Scanner 🤖
aquasecurity/kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
secureCodeBox/secureCodeBox - secureCodeBox (SCB) - continuous secure delivery out of the box
dwisiswant0/awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
hwittenborn/celeste - GUI file synchronization client that can sync with any cloud provider
ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
knavesec/CredMaster - Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
hslatman/awesome-industrial-control-system-security - A curated list of resources related to Industrial Control System (ICS) security.
theahmadov/slash - The Slash OSINT Tool
redballoonsecurity/ofrak - OFRAK: unpack, modify, and repack binaries.
Checkmarx/kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
tenzir/tenzir - Tenzir is the data pipeline engine for security teams.
dogancanbakir/pirebok - pîrebok (from Kurdish "witch") - a guided adversarial fuzzer
dogancanbakir/metamaska - μετάμάσκα - malevolent payload classifier
horsicq/XAPKDetector - APK/DEX detector for Windows, Linux and MacOS.
Ge0rg3/requests-ip-rotator - A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
spotbugs/spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
matro7sh/Smersh - Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
slimtoolkit/slim - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
chvancooten/maldev-for-dummies - A workshop about Malware Development
umbraco/Umbraco-CMS - Umbraco is a free and open source .NET content management system helping you deliver delightful digital experiences.
RocketChat/Rocket.Chat - The communications platform that puts data protection first.
deepfence/PacketStreamer - ⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐
stackrox/stackrox - The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
xepor/xepor - Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy & Flask
iina/iina - The modern video player for macOS.
NoahCardoza/CloudProxy - Proxy server to bypass Cloudflare protection.
FlareSolverr/FlareSolverr - Proxy server to bypass Cloudflare protection
Projeto-Pindorama/mitzune - chroot environments, done in a more elegant way
ossia/score - ossia score, an interactive sequencer for the intermedia arts
hoppscotch/proxyscotch - 📡 A simple proxy server created for https://hoppscotch.io
reconmap/reconmap - Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-i
mrexodia/dumpulator - An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
grafana/k6 - A modern load testing tool, using Go and JavaScript
projectdiscovery/shuffledns - MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
projectdiscovery/naabu - A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
getanteon/anteon - Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
salesforce/cloudsplaining - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
TheYkk/git-switcher - Easily switch between your git profiles
devtron-labs/devtron - The only Kubernetes dashboard you need
streetwriters/notesnook - A fully open source & end-to-end encrypted note taking alternative to Evernote.
iipeace/guider - Real-time Performance & Fault Detection Service Enabled by Comprehensive Built-in Command
CleverRaven/Cataclysm-DDA - Cataclysm - Dark Days Ahead. A turn-based survival game set in a post-apocalyptic world.
dominikbraun/timetrace - A simple CLI for tracking your working time.
noraj/haiti - 🔑 Hash type identifier (CLI & lib)
polybar/polybar-scripts - This is a community project. We write and collect scripts for polybar!
bee-san/pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️
Nukesor/pueue - 🌠 Manage your shell commands.
projectdiscovery/nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
Noovolari/leapp - Leapp is the DevTool to access your cloud
material-shell/material-shell - A modern desktop interface for Linux. Improve your user experience and get rid of the anarchy of traditional desktop workflows. Designed to simplify navigation and reduce the need to manipulate window
epi052/feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
anchore/grype - A vulnerability scanner for container images and filesystems
noraj/rawsec-cybersecurity-inventory - An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
phra/PEzor - Open-Source Shellcode & PE Packer
deepfence/SecretScanner - 🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
bee-san/Name-That-Hash - 🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
ivre/ivre - Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, colle
nim-lang/Nim - Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, an
rewanthtammana/Damn-Vulnerable-Bank - Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
GoSecure/pyrdp - RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
horsicq/Detect-It-Easy - Program for determining types of files for Windows, Linux and MacOS.
archivy/archivy - Archivy is a self-hostable knowledge repository that allows you to learn and retain information in your own personal and extensible wiki.
linhlhq/TinyAFL -
projectdiscovery/nuclei - Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int
GoSecure/pywsus - Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
analysis-tools-dev/static-analysis - ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
deepfence/ThreatMapper - Open Source Cloud Native Application Protection Platform (CNAPP)
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
odedshimon/BruteShark - Network Analysis Tool
mzfr/slicer - A tool to automate the boring process of APK recon
knavesec/Max - Maximizing BloodHound. Max is a good boy.
vimeo/psalm - A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications
sharkdp/bat - A cat(1) clone with wings.
hahwul/dalfox - 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
lc/gau - Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
intelowlproject/IntelOwl - IntelOwl: manage your Threat Intelligence at scale
techgaun/github-dorks - Find leaked secrets via github search
lc/secretz - secretz, minimizing the large attack surface of Travis CI
BC-SECURITY/Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
GoSecure/dtd-finder - List DTDs and generate XXE payloads using those local DTDs.
globocom/huskyCI - Performing security tests inside your CI
aquasecurity/tfsec - Tfsec is now part of Trivy
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly
aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
lirantal/dockly - Immersive terminal interface for managing docker containers and services
depthsecurity/armory - Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
Konloch/bytecode-viewer - A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
aquasecurity/kube-hunter - Hunt for security weaknesses in Kubernetes clusters
trailofbits/twa - A tiny web auditor with strong opinions.
Gallopsled/pwntools - CTF framework and exploit development library
SpacehuhnTech/esp8266_deauther - Affordable WiFi hacking platform for testing and learning
swisskyrepo/PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF

haskell

koalaman/shellcheck - ShellCheck, a static analysis tool for shell scripts
compiler-explorer/compiler-explorer - Run compilers interactively from your web browser and interact with the assembly

homebrew

Hakky54/certificate-ripper - 🔐 A CLI tool to extract server certificates

html

abdulkadir-gungor/HtmlSmuggling - HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the p
Zettlr/Zettlr - Your One-Stop Publication Workbench

http

monrax/h2fd - HTTP2 Frame Decoder
droe/sslsplit - Transparent SSL/TLS interception
go-gost/gost - GO Simple Tunnel - a simple tunnel written in golang
corazawaf/coraza - OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
synfron/ReshaperForBurp - Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
xepor/xepor - Xepor, a web routing framework for reverse engineers and security researchers, brings the best of mitmproxy & Flask
imgk/shadow - A rule-based transparent proxy for Windows, Linux, macOS
BishopFox/sliver - Adversary Emulation Framework
projectdiscovery/interactsh - An OOB interaction gathering server and client library
doronz88/harlogger - Simple utlity for sniffing decrypted HTTP/HTTPS traffic on an macOS/iOS device (either jailbroken or not)
RedTeamPentesting/monsoon - Fast HTTP enumerator
jpillora/chisel - A fast TCP/UDP tunnel over HTTP
mitmproxy/mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

https

monrax/h2fd - HTTP2 Frame Decoder
droe/sslsplit - Transparent SSL/TLS interception
go-gost/gost - GO Simple Tunnel - a simple tunnel written in golang
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
doronz88/harlogger - Simple utlity for sniffing decrypted HTTP/HTTPS traffic on an macOS/iOS device (either jailbroken or not)

image-processing

lbalazscs/Pixelitor - A desktop image editor

information-gathering

jasonxtn/Argus - The Ultimate Information Gathering Toolkit
RevoltSecurities/Subdominator - SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
chiasmod0n/chiasmodon - Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do
CyberRoute/scanme - A Golang package for scanning private and public IPs for open TCP ports 👁️
3nock/OTE - OSINT Template Engine
internet-relay-chat/IRCP - A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers 🛰️
3nock/SpiderSuite - Advance web security spider/crawler
jerlendds/osintbuddy - Node graphs, OSINT data mining, and plugins. Connect unstructured and public data for transformative insights. The rewrite can be found @ osintbuddy/osintbuddy
theahmadov/slash - The Slash OSINT Tool
Yashvendra/Recon-X - Advanced Reconnaissance tool to enumerate attacking surface of the target.
devanshbatham/FavFreak - Making Favicon.ico based Recon Great again !
jonluca/Anubis - Subdomain enumeration and information gathering tool
c0dejump/HawkScan - Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
digitaldisarray/OSINT-Tools - 👀 Some of my favorite OSINT tools.
HASH1da1/Gotanda - Gotanda is browser Web Extension for OSINT.
0xdea/tactical-exploitation - Modern tactical exploitation toolkit.
yassineaboukir/sublert - Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
smicallef/spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
shmilylty/OneForAll - OneForAll是一款功能强大的子域收集工具
laramies/theHarvester - E-mails, subdomains and names Harvester - OSINT
paralax/ObsidianSailboat - Nmap and NSE command line wrapper in the style of Metasploit
yogeshojha/rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon
AzizKpln/Moriarty-Project - This tool gives information about the phone number that you entered.
needmorecowbell/Hamburglar - Hamburglar -- collect useful information from urls, directories, and files
j3ssie/osmedeus - A Workflow Engine for Offensive Security
nopfor/ntlm_challenger - Parse NTLM challenge messages over HTTP and SMB
owasp-amass/amass - In-depth attack surface mapping and asset discovery
evyatarmeged/Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
trimstray/otseca - Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
UnaPibaGeek/ctfr - Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
leebaird/discover - Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

instagram

MrTuxx/SocialPwned - SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed

ios

ivan-sincek/ios-penetration-testing-cheat-sheet - Work in progress...
mvt-project/mvt - MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
gloxec/CrossC2 - generate CobaltStrike's cross-platform payload
CrossC2/CrossC2Kit - CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon sessi
Jigsaw-Code/outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them
utmapp/UTM - Virtual machines for iOS and macOS
fleetdm/fleet - Open device management
as0ler/r2flutch - Tool to decrypt iOS apps using r2frida
sterrasec/ipa-medit - Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.
ukncsc/Device-Security-Guidance-Configuration-Packs - This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These
doronz88/harlogger - Simple utlity for sniffing decrypted HTTP/HTTPS traffic on an macOS/iOS device (either jailbroken or not)
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
ReversecLabs/needle - The iOS Security Testing Framework

iot

pr3y/Bruce - Predatory ESP32 Firmware
therealsaumil/emux - EMUX Firmware Emulation Framework (formerly ARMX)
AleksaMCode/Preferred-Network-List-Sniffer - A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.
EntySec/CamRaptor - CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.
SpyGuard/SpyGuard - SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.
e-m-b-a/embark - EMBArk - The firmware security scanning environment
vesvault/snif - SNIF ~ e2e TLS trust for IoT
mucoze/Umay - IoT Malware Similarity Analysis Platform
CountablyInfinite/dit - DIT is a DTLS MitM proxy implemented in Python 3. It can intercept, manipulate and suppress datagrams between two DTLS endpoints and supports psk-based and certificate-based authentication schemes (RS
seashell/drago - ☁️ Securely connect anything with WireGuard® and manage all your networks from a single place.
souravbaghz/RadareEye - Tool for especially scanning nearby devices and execute a given command on its own system while the target device comes in range.
e-m-b-a/emba - EMBA - The firmware security analyzer
Telefonica/HomePWN - HomePwn - Swiss Army Knife for Pentesting of IoT Devices
cn0xroot/RFSec-ToolKit - RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
V33RU/awesome-connected-things-sec - A Curated list of Security Resources for all connected things
adi0x90/attifyos - Attify OS - Distro for pentesting IoT devices
attify/firmware-analysis-toolkit - Toolkit to emulate firmware and analyse it for security vulnerabilities
brannondorsey/dns-rebind-toolkit - A front-end JavaScript toolkit for creating DNS rebinding attacks.
FSecureLABS/dref - DNS Rebinding Exploitation Framework

java

Sekky61/riscv-sim - Web-based RISC-V superscalar simulator
google/bindiff - Quickly find differences and similarities in disassembled code
Stirling-Tools/Stirling-PDF - #1 Locally hosted web application that allows you to perform various operations on PDF files
Hakky54/certificate-ripper - 🔐 A CLI tool to extract server certificates
pmd/pmd - An extensible multilanguage static code analyzer.
ReversecLabs/drozer - The Leading Security Assessment Framework for Android.
Endava/cats - CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing
Wisser/Jailer - Database Subsetting and Relational Data Browsing Tool.
CodeIntelligenceTesting/jazzer - Coverage-guided, in-process fuzzing for the JVM
semgrep/semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
doyensec/burpdeveltraining - Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
oracle/visualvm - VisualVM is an All-in-One Java Troubleshooting Tool
BishopFox/rmiscout - RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
BishopFox/GadgetProbe - Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
Col-E/Recaf - The modern Java bytecode editor
Konloch/bytecode-viewer - A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
0xR0/shellver - Reverse Shell Cheat Sheet TooL

javafx

Col-E/Recaf - The modern Java bytecode editor

javascript

chatwoot/chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
plankanban/planka - PLANKA is the kanban-style project mastering tool for everyone.
Peppermint-Lab/peppermint - An open source issue management & help desk solution. A zendesk & jira alternative
filippofinke/layer7-dstat - 📈 A simple layer7 dstat on the web
apify/crawlee - Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and o
BishopFox/jsluice - Extract URLs, paths, secrets, and other interesting bits from JavaScript
abdulkadir-gungor/HtmlSmuggling - HTML smuggling is a malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page. The malicious script decodes and deploys the p
jerosoler/Drawflow - Simple flow library 🖥️🖱️
RocketChat/Rocket.Chat - The communications platform that puts data protection first.
fonoster/fonoster - 🚀 The open-source alternative to Twilio.
grafana/k6 - A modern load testing tool, using Go and JavaScript
mermaid-js/mermaid - Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
staniel359/muffon - Advanced multi-source music streaming + discovery client for desktop. Free, clean, no login, no ads.
arkime/arkime - Arkime is an open source, large scale, full packet capturing, indexing, and database system.
LucasN-dev/EXIF-GPS-Steganography - Hide a message in an image using EXIF GPS data.
semgrep/semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
tarun27sh/gdb_graphs - To visualize function call flow for a C/C++ program using gdb and python
ajinabraham/nodejsscan - nodejsscan is a static security code scanner for Node.js applications.
globocom/huskyCI - Performing security tests inside your CI

jenkins

semaphoreui/semaphore - Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.
gquere/pwn_jenkins - Notes about attacking Jenkins servers

json

antonmedv/fx - Terminal JSON viewer & processor
xscorp/jsmug - A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
wader/fq - jq for binary formats - tool, language and decoders for working with binary and text formats
cyrus-and/fracker - PHP function tracker

jupyter-notebook

Cyb3rWard0g/HELK - The Hunting ELK

kotlin

CodeIntelligenceTesting/jazzer - Coverage-guided, in-process fuzzing for the JVM

kubernetes

fluxninja/aperture - Rate limiting, caching, and request prioritization for modern workloads
DefectDojo/django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
cilium/tetragon - eBPF-based Security Observability and Runtime Enforcement
quarkslab/kdigger - Kubernetes focused container assessment and context discovery tool for penetration testing
RhinoSecurityLabs/ccat - Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
aquasecurity/kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
secureCodeBox/secureCodeBox - secureCodeBox (SCB) - continuous secure delivery out of the box
quay/clair - Vulnerability Static Analysis for Containers
fonoster/fonoster - 🚀 The open-source alternative to Twilio.
stackrox/stackrox - The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by
khuedoan/homelab - Fully automated homelab from empty disk to running services with a single command.
robusta-dev/robusta - Better Prometheus alerts for Kubernetes - smart grouping, AI enrichment, and automatic remediation
getanteon/anteon - Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud
marco-lancini/k8s-lab-plz - Modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components.
devtron-labs/devtron - The only Kubernetes dashboard you need
cyberark/kubesploit - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
deepfence/SecretScanner - 🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
cloudquery/cloudquery - The open source ELT framework powered by Apache Arrow
bunkerity/bunkerweb - 🛡️ Open-source and next-generation Web Application Firewall (WAF)
traefik/traefik - The Cloud Native Application Proxy
deepfence/ThreatMapper - Open Source Cloud Native Application Protection Platform (CNAPP)
madhuakula/kubernetes-goat - Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

language

nim-lang/Nim - Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, an

languages

Zettlr/Zettlr - Your One-Stop Publication Workbench

learning

git-learning-game/oh-my-git - An interactive Git learning game!
KatharaFramework/Kathara-Labs - Collection of Kathará network scenarios and tutorials.
Zeyad-Azima/Offensive-Resources - A Huge Learning Resources with Labs For Offensive Security Players

library

mempodippy/vlany - Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
Aetsu/SLib - SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
epixoip/hmac-bcrypt - The hmac-bcrypt password hashing function
jbevain/cecil - Cecil is a library to inspect, modify and create .NET programs and libraries.
Sh0ckFR/DLLirant - DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
bw0rth/pync - arbitrary TCP and UDP connections and listens (Netcat for Python).
fwkz/riposte - Python package for wrapping applications inside a tailored interactive shell

linux

charlie0129/killsnoop - Find out who sent a kill signal. Useful for debugging mysteriously happened kills.
adgaultier/caracal - Make your programs stealthier🐝
orhun/linuxwave - Generate music from the entropy of Linux 🐧🎵
intgr/ego - Alter Ego: run Linux desktop applications under a different local user
orhun/binsider - Analyze ELF binaries like a boss 😼🕵️‍♂️
aquasecurity/traceeshark - Deep Linux runtime visibility meets Wireshark
future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Aegrah/PANIX - Customizable Linux Persistence Tool for Security Research and Detection Engineering.
johannesjo/super-productivity - Super Productivity is an advanced todo list app with integrated Timeboxing and time tracking capabilities. It also comes with integrations for Jira, GitLab, GitHub and Open Project.
R3DRUN3/sploitcraft - 🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
89luca89/distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at
giulianopz/lfcs - my personal notes to prepare for the Linux Foundation Certified System Administrator (LFCS) exam
arget13/DDexec - A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
jart/cosmopolitan - build-once run-anywhere c library
sebastiancarlos/sway-talisman - Sway-Talisman: Terminal Application Launcher in Scratchpad, Minimalist And Native
netbootxyz/netboot.xyz - Your favorite operating systems in one place. A network-based bootable operating system installer based on iPXE.
microsoft/inshellisense - IDE style command line auto complete
orhun/kmon - Linux Kernel Manager and Activity Monitor 🐧💻
LeChatP/RootAsRole - A better alternative to sudo(-rs)/su • ⚡ Blazing fast • 🛡️ Memory-safe • 🔐 Security-oriented
lvntky/ArtilleryOS - ArtilleryOS is a unique graphical operating system that combines the simplicity and power of Unix-like systems. Featuring a custom-designed kernel.
froz42/funcheck - A tool for checking functions calls return protections
trailofbits/linuxevents - A sample PoC for container-aware exec events for osquery
mrtc0/bouheki - bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
h311d1n3r/Cerberus - A C++ tool to unstrip Rust/Go binaries (ELF and PE)
reveng007/reveng_rtkit - Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
SeanPesce/SELinux-Kernel-Module-Bypass - Tools to bypass flawed SELinux policies using the init_module system call
echo-devim/NoCrypt - AntiRansomware Linux Kernel Module
carloslack/KoviD - Red-Team Linux kernel rootkit
wcampbell0x2a/backhand - Library and binaries for the reading, creating, and modification of SquashFS file systems
ThePorgs/Exegol - Fully featured and community-driven hacking environment
n1nj4sec/pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
poetaman/arttime - arttime is a CLI application that blends beauty of ASCII / text art with functionality of clock / timer / pattern-based time manager in terminal ⏰
ASHWIN990/ADB-Toolkit - ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
kimono-koans/httm - Interactive, file-level Time Machine-like tool for ZFS/btrfs/nilfs2 (and even Time Machine and Restic backups!)
kurogai/100-redteam-projects - Projects for security students
hwittenborn/celeste - GUI file synchronization client that can sync with any cloud provider
exein-io/pulsar - A modular and blazing fast runtime security tool for the IoT, powered by eBPF.
morrownr/USB-WiFi - USB WiFi Adapter Information for Linux
shawnduong/PXEnum - A shell script that automatically performs a series of *NIX enumeration tasks.
gloxec/CrossC2 - generate CobaltStrike's cross-platform payload
ldpreload/Medusa - LD_PRELOAD Rootkit
mav8557/Father - LD_PRELOAD rootkit
mempodippy/vlany - Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
m0nad/Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
brosck/Pingoor - 「🚪」Linux Backdoor based on ICMP protocol
Ascotbe/Kernelhub - 🌴Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
GyulyVGC/sniffnet - Comfortably monitor your Internet traffic 🕵️‍♂️
liamg/dismember - 🔪 Scan memory for secrets and more. Maybe eventually a full /proc toolkit.
linux-credentials/libwebauthn - FIDO2 (WebAuthn) and FIDO U2F platform library for Linux written in Rust
twpayne/chezmoi - Manage your dotfiles across multiple diverse machines, securely.
0xAX/linux-insides - A little bit about a linux kernel
DavidBuchanan314/dlinject - Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
Deadpool2000/Paybag - Simple and easy Metasploit payload generator for Linux & Termux
Cyber-Dioxide/Cyber-Sploit - A framework like a metasploit containg a variety of modules for pentesting or ethical hacking. This repo willl be updated and new modules will be added time to time.
imthenachoman/How-To-Secure-A-Linux-Server - An evolving how-to guide for securing a Linux server.
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
pvolok/mprocs - Run multiple commands in parallel
CrossC2/CrossC2Kit - CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon sessi
0xricksanchez/like-dbg - Fully dockerized Linux kernel debugging environment
undergroundwires/privacy.sexy - Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
peass-ng/PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
CISOfy/lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Jigsaw-Code/outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them
Jigsaw-Code/outline-server - Outline Server, developed by Jigsaw. The Outline Server is a proxy server that runs a Shadowsocks instance and provides a REST API for access key management.
lbalazscs/Pixelitor - A desktop image editor
bw0rth/pync - arbitrary TCP and UDP connections and listens (Netcat for Python).
Zettlr/Zettlr - Your One-Stop Publication Workbench
dvorka/mindforger - Thinking notebook and Markdown editor.
seemoo-lab/opendrop - An open Apple AirDrop implementation written in Python
mufeedvh/moonwalk - Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
xxh/xxh - 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
hoppscotch/proxyscotch - 📡 A simple proxy server created for https://hoppscotch.io
seladb/PcapPlusPlus - PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popu
crowdsecurity/crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
nnsee/fileless-elf-exec - Execute ELF files without dropping them on disk
e-m-b-a/embark - EMBArk - The firmware security scanning environment
robiot/xclicker - XClicker - Fast gui autoclicker for x11 linux desktops
fleetdm/fleet - Open device management
the-useless-one/pywerview - A (partial) Python rewriting of PowerSploit's PowerView
onionj/pybotnet - PyBotNet: A Remote Control Framework for Python with Telegram Integration
threathunters-io/laurel - Transform Linux Audit logs for SIEM usage
rvaiya/keyd - A key remapping daemon for linux.
hacksysteam/HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
iipeace/guider - Real-time Performance & Fault Detection Service Enabled by Comprehensive Built-in Command
seashell/drago - ☁️ Securely connect anything with WireGuard® and manage all your networks from a single place.
clu3bot/owt - Update Version 3.1 added free SMS messaging.
staniel359/muffon - Advanced multi-source music streaming + discovery client for desktop. Free, clean, no login, no ads.
polybar/polybar-scripts - This is a community project. We write and collect scripts for polybar!
MashMB/1pass - 1Password Linux CLI explorer
SeaDve/Kooha - Elegantly record your screen
material-shell/material-shell - A modern desktop interface for Linux. Improve your user experience and get rid of the anarchy of traditional desktop workflows. Designed to simplify navigation and reduce the need to manipulate window
Prayag2/konsave - A command line program written in Python to let you backup your dotfiles and switch to other ones in an instant. Works out-of-the box on KDE Plasma!
ventoy/Ventoy - A new bootable USB solution.
kingToolbox/WindTerm - A professional cross-platform SSH/Sftp/Shell/Telnet/Tmux/Serial terminal.
kayrus/gof5 - Open Source F5 BIG-IP VPN client for Linux, MacOS, FreeBSD and Windows
calebstewart/pwncat - Fancy reverse and bind shell handler
fluix-dev/dotfiles - My dotfiles and colorschemes for sway and a variety of other programs.
Foundry376/Mailspring - 💌 A beautiful, fast and fully open source mail client for Mac, Windows and Linux.
jm33-m0/emp3r0r - Linux/Windows post-exploitation framework made by linux user
e-m-b-a/emba - EMBA - The firmware security analyzer
gustavo-iniguez-goya/opensnitch - OpenSnitch is a GNU/Linux application firewall
tizonia/tizonia-openmax-il - Command-line cloud music player for Linux with support for Spotify, Google Play Music, YouTube, SoundCloud, TuneIn, iHeartRadio, Plex servers and Chromecast devices.
Gictorbit/photoshopCClinux - Photoshop CC v19 installer for Gnu/Linux
sdushantha/tmpmail - A temporary email right from your terminal written in POSIX sh
foxlet/macOS-Simple-KVM - Tools to set up a quick macOS VM in QEMU, accelerated by KVM.
snorez/srcinv - source code audit tool
cloudfuzz/android-kernel-exploitation - Android Kernel Exploitation
iberianpig/fusuma - Multitouch gestures with libinput driver on Linux
zeropointdynamics/zelos - A comprehensive binary emulation and instrumentation platform.
str8outtaheap/heapwn - Linux Heap Exploitation Practice
phw/peek - Simple animated GIF screen recorder with an easy to use interface
mzfr/gtfo - Search gtfobins and lolbas files from your terminal
rek7/mXtract - mXtract - Memory Extractor & Analyzer
trimstray/the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
stevenaldinger/decker - Declarative penetration testing orchestration framework
codingo/Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
V33RU/awesome-connected-things-sec - A Curated list of Security Resources for all connected things
rosehgal/BinExp - Linux Binary Exploitation
nongiach/arm_now - arm_now is a qemu powered tool that allows instant setup of virtual machines on arm cpu, mips, powerpc, nios2, x86 and more, for reverse, exploit, fuzzing and programming purpose.
Gallopsled/pwntools - CTF framework and exploit development library
hugsy/gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
0xR0/shellver - Reverse Shell Cheat Sheet TooL
wismna/HackPi - Hacking tool inside a Raspberry Pi zero
trimstray/otseca - Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
OWASP/ZSC - OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
XiphosResearch/netelf - Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
google/nsjail - A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
evilsocket/opensnitch - OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
1N3/PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

llm

fluxninja/aperture - Rate limiting, caching, and request prioritization for modern workloads
GreyDGL/PentestGPT - A GPT-empowered penetration testing tool
FunnyWolf/Viper - Adversary simulation and Red teaming platform with AI

lua

michaelbrusegard/tabline.wez - A versatile and easy to use retro tab bar plugin for the WezTerm terminal emulator created with the lualine.nvim configuration format
kpcyrd/sn0int - Semi-automatic OSINT framework and package manager

mac

nikitabobko/AeroSpace - AeroSpace is an i3-like tiling window manager for macOS
ianyh/Amethyst - Automatic tiling window manager for macOS à la xmonad.
onionj/pybotnet - PyBotNet: A Remote Control Framework for Python with Telegram Integration
kingToolbox/WindTerm - A professional cross-platform SSH/Sftp/Shell/Telnet/Tmux/Serial terminal.

machine-learning

iperov/DeepFaceLab - DeepFaceLab is the leading software for creating deepfakes.
iperov/DeepFaceLive - Real-time face swap for PC streaming or video calls
BishopFox/eyeballer - Convolutional neural network for analyzing pentest screenshots
McGill-DMaS/Kam1n0-Community - The Kam1n0 Assembly Analysis Platform
rednaga/APKiD - Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

macos

FelixKratz/JankyBorders - A lightweight window border system for macOS
nikitabobko/AeroSpace - AeroSpace is an i3-like tiling window manager for macOS
kyleneideck/BackgroundMusic - Background Music, a macOS audio utility: automatically pause your music, set individual apps' volumes and record system audio.
johannesjo/super-productivity - Super Productivity is an advanced todo list app with integrated Timeboxing and time tracking capabilities. It also comes with integrations for Jira, GitLab, GitHub and Open Project.
Hakky54/certificate-ripper - 🔐 A CLI tool to extract server certificates
microsoft/inshellisense - IDE style command line auto complete
dado3212/spaces-renamer - 💻 Ability to rename desktop spaces on macOS 10.10+
infosecB/LOOBins - Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for mali
sickcodes/Docker-OSX - Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
poetaman/arttime - arttime is a CLI application that blends beauty of ASCII / text art with functionality of clock / timer / pattern-based time manager in terminal ⏰
gloxec/CrossC2 - generate CobaltStrike's cross-platform payload
GyulyVGC/sniffnet - Comfortably monitor your Internet traffic 🕵️‍♂️
twpayne/chezmoi - Manage your dotfiles across multiple diverse machines, securely.
yasserbdj96/hiphp - The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range
pvolok/mprocs - Run multiple commands in parallel
CrossC2/CrossC2Kit - CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some interfaces for users to call to manipulate the CrossC2 Beacon sessi
undergroundwires/privacy.sexy - Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
Jigsaw-Code/outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them
lbalazscs/Pixelitor - A desktop image editor
dwarvesf/hidden - An ultra-light MacOS utility that helps hide menu bar icons
iina/iina - The modern video player for macOS.
Zettlr/Zettlr - Your One-Stop Publication Workbench
thompsonate/Shifty - ☀️ A macOS menu bar app that gives you more control over Night Shift.
Jaysce/Spaceman - A macOS app to view Spaces / Virtual Desktops in the menu bar
ianyh/Amethyst - Automatic tiling window manager for macOS à la xmonad.
utmapp/UTM - Virtual machines for iOS and macOS
dvorka/mindforger - Thinking notebook and Markdown editor.
seemoo-lab/opendrop - An open Apple AirDrop implementation written in Python
hoppscotch/proxyscotch - 📡 A simple proxy server created for https://hoppscotch.io
ant4g0nist/crashmon - crashmon - A LLDB Based replacement for CrashWrangler
fleetdm/fleet - Open device management
onionj/pybotnet - PyBotNet: A Remote Control Framework for Python with Telegram Integration
staniel359/muffon - Advanced multi-source music streaming + discovery client for desktop. Free, clean, no login, no ads.
ukncsc/Device-Security-Guidance-Configuration-Packs - This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These
ant4g0nist/ManuFuzzer - Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
lima-vm/lima - Linux virtual machines, with a focus on running containers
CyborgSecurity/PoisonApple - macOS persistence tool
kayrus/gof5 - Open Source F5 BIG-IP VPN client for Linux, MacOS, FreeBSD and Windows
sdushantha/tmpmail - A temporary email right from your terminal written in POSIX sh
foxlet/macOS-Simple-KVM - Tools to set up a quick macOS VM in QEMU, accelerated by KVM.
cldrn/macphish - Office for Mac Macro Payload Generator
lapfelix/BluetoothConnector - Simple macOS CLI to connect/disconnect a Bluetooth device. Useful for AirPods or other Bluetooth headphones.
mnrkbys/macosac - Forensic Artifact Collection Tool for macOS
mnrkbys/norimaci - Norimaci is a simple and lightweight malware analysis sandbox for macOS

markdown

matro7sh/BypassAV - This map lists the essential techniques to bypass anti-virus and EDR
wormi4ok/evernote2md - Convert Evernote .enex files to Markdown
GitbookIO/gitbook - The open source frontend for GitBook doc sites
phase1geo/Minder - Mind-mapping application for Elementary OS
Zettlr/Zettlr - Your One-Stop Publication Workbench
TandoorRecipes/recipes - Application for managing recipes, planning meals, building shopping lists and much much more!
dvorka/mindforger - Thinking notebook and Markdown editor.
ApostropheEditor/Apostrophe - Mirror of

material-design

material-shell/material-shell - A modern desktop interface for Linux. Improve your user experience and get rid of the anarchy of traditional desktop workflows. Designed to simplify navigation and reduce the need to manipulate window
andOTP/andOTP - [Unmaintained] Open source two-factor authentication for Android
secgroup/flower - TCP flow analyzer with sugar for A/D CTF

microsoft

micREsoft/SysCaller - Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across different languages and Windows versions.
cxnturi0n/convoC2 - C2 infrastructure over Microsoft Teams.
puzzlepeaches/msprobe - Finding all things on-prem Microsoft for password spraying and enumeration.
massgravel/Microsoft-Activation-Scripts - Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.
cfalta/MicrosoftWontFixList - A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021
ukncsc/Device-Security-Guidance-Configuration-Packs - This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These
bitsadmin/wesng - Windows Exploit Suggester - Next Generation
blacklanternsecurity/TREVORspray - TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

mobile

mvt-project/mvt - MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
ReversecLabs/drozer - The Leading Security Assessment Framework for Android.
Zeyad-Azima/Offensive-Resources - A Huge Learning Resources with Labs For Offensive Security Players
vaib25vicky/awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
ReversecLabs/needle - The iOS Security Testing Framework

mongodb

simon987/Much-Assembly-Required - Assembly programming game
Charlie-belmer/nosqli - NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
samdenty/injectify - Perform advanced MiTM attacks on websites with ease 💉

mongoose

zux0x3a/0xsp-Mongoose - a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and t

monitoring

healthchecks/healthchecks - Open-source cron job and background task monitoring service, written in Python & Django
brexhq/substation - Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
MegaManSec/LDAP-Monitoring-Watchdog - LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security rese
orhun/kmon - Linux Kernel Manager and Activity Monitor 🐧💻
Ragin-LundF/telegraf_fritzbox_monitor - Fritz!Box Monitoring for Telegraf with InfluxDB and Grafana
trailofbits/ebpfpub - ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.
trailofbits/linuxevents - A sample PoC for container-aware exec events for osquery
winsiderss/systeminformer - A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.co
sshlog/agent - SSH Session Monitoring Daemon
Yamato-Security/EnableWindowsLogSettings - Documentation and scripts to properly enable Windows event logs.
robusta-dev/robusta - Better Prometheus alerts for Kubernetes - smart grouping, AI enrichment, and automatic remediation
iipeace/guider - Real-time Performance & Fault Detection Service Enabled by Comprehensive Built-in Command
SigNoz/signoz - SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour
outflanknl/RedELK - Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
thalesgroup-cert/Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
PaperMtn/gitlab-watchman - Finding exposed secrets and personal data in GitLab
SigmaHQ/sigma - Main Sigma Rule Repository
eronnen/procmon-parser - Parser to process monitor file formats
0xThiebaut/dnsbeat - An Elasticsearch Beat to monitor DNS zones through customizable zone transfers.
bettercap/bettercap - The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

music

NickvisionApps/Parabolic - Download web video and audio
orhun/linuxwave - Generate music from the entropy of Linux 🐧🎵
staniel359/muffon - Advanced multi-source music streaming + discovery client for desktop. Free, clean, no login, no ads.
deepjyoti30/ytmdl - A simple app to get songs from YouTube in mp3 format with artist name, album name etc from sources like iTunes, Spotify, LastFM, Deezer, Gaana etc.

mysql

4ra1n/mysql-fake-server - 纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY 的利用
Not-C-Developer/VERBA - Very Easy Relative Backdoor Application
mydumper/mydumper - Official MyDumper Project
Wisser/Jailer - Database Subsetting and Relational Data Browsing Tool.
fofapro/fapro - Fake Protocol Server
freeacs/freeacs - Free TR-069 ACS that can run (mostly) anywhere.
tarunkant/Gopherus - This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
1N3/PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

natural-language-processing

pemistahl/lingua-py - The most accurate natural language detection library for Python, suitable for short text and mixed-language text
thunlp/OpenAttack - An Open-Source Package for Textual Adversarial Attack.
bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

nextjs

makeplane/plane - 🔥 🔥 🔥 Open Source JIRA, Linear, Monday, and Asana Alternative. Plane helps you track your issues, epics, and cycles the easiest way on the planet.
Peppermint-Lab/peppermint - An open source issue management & help desk solution. A zendesk & jira alternative
Sekky61/riscv-sim - Web-based RISC-V superscalar simulator
ergrelet/windiff - Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
SigNoz/signoz - SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour

nim

pptx704/domainim - A fast and comprehensive tool for organizational network scanning
eversinc33/BouncyGate - Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
d4rckh/vaf - Vaf is a cross-platform very advanced and fast web fuzzer written in nim
nim-lang/Nim - Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, an

nlp

pemistahl/lingua-py - The most accurate natural language detection library for Python, suitable for short text and mixed-language text
thunlp/OpenAttack - An Open-Source Package for Textual Adversarial Attack.

node

filippofinke/layer7-dstat - 📈 A simple layer7 dstat on the web
ajinabraham/nodejsscan - nodejsscan is a static security code scanner for Node.js applications.

nodejs

plankanban/planka - PLANKA is the kanban-style project mastering tool for everyone.
Peppermint-Lab/peppermint - An open source issue management & help desk solution. A zendesk & jira alternative
filippofinke/layer7-dstat - 📈 A simple layer7 dstat on the web
apify/crawlee - Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and o
lkabuci/Botflix - 🎥 Stream your favorite movie from the terminal!
fonoster/fonoster - 🚀 The open-source alternative to Twilio.
Zettlr/Zettlr - Your One-Stop Publication Workbench
RuiSiang/PoW-Shield - Project dedicated to fight Layer 7 DDoS with proof of work, with an additional WAF and controller. Completed with full set of features and containerized for rapid and lightweight deployment.
softrams/bulwark - An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
ajinabraham/nodejsscan - nodejsscan is a static security code scanner for Node.js applications.
lirantal/dockly - Immersive terminal interface for managing docker containers and services
doyensec/electronegativity - Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
brannondorsey/whonow - A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
samdenty/injectify - Perform advanced MiTM attacks on websites with ease 💉

nosql

Charlie-belmer/nosqli - NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

npm

filippofinke/layer7-dstat - 📈 A simple layer7 dstat on the web
apify/crawlee - Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and o
doyensec/confuser - Dependency Confusion Security Testing Tool

objective-c

kyleneideck/BackgroundMusic - Background Music, a macOS audio utility: automatically pause your music, set individual apps' volumes and record system audio.

open-source

Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
sandy-sp/metadata-cleaner - Metadata Cleaner – A CLI tool to remove metadata from images, PDFs, DOCX, audio, and video files. Privacy-focused, fast, and open-source. Supports batch processing & standalone executables.
Atlas-OS/Atlas - 🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
t3l3machus/Villain - Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them
t3l3machus/hoaxshell - A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
t3l3machus/psudohash - Generates millions of keyword-based password mutations in seconds.
ossia/score - ossia score, an interactive sequencer for the intermedia arts
R4yGM/garlicshare - Private and self-hosted file sharing over the Tor network written in golang
fleetdm/fleet - Open device management
SpiderLabs/HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
streetwriters/notesnook - A fully open source & end-to-end encrypted note taking alternative to Evernote.
SigNoz/signoz - SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open sour
soxoj/maigret - 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
firecracker-microvm/firecracker - Secure and fast microVMs for serverless computing.
TheHive-Project/Cortex - Cortex: a Powerful Observable Analysis and Active Response Engine
snorez/srcinv - source code audit tool

openai

NoDataFound/hackGPT - I leverage OpenAI and ChatGPT to do hackerish things
dvorka/mindforger - Thinking notebook and Markdown editor.

opengl

kovidgoyal/kitty - Cross-platform, fast, feature-rich, GPU based terminal

operating-system

lvntky/ArtilleryOS - ArtilleryOS is a unique graphical operating system that combines the simplicity and power of Unix-like systems. Featuring a custom-designed kernel.

osint

stanfrbd/cyberbro - A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
jasonxtn/Argus - The Ultimate Information Gathering Toolkit
OpenCTI-Platform/opencti - Open Cyber Threat Intelligence Platform
6abd/horus - An OSINT / digital forensics tool built in Python
caio-ishikawa/netscout - OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL.
chiasmod0n/chiasmodon - Chiasmodon is an OSINT tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including do
m8sec/CrossLinked - LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
3nock/OTE - OSINT Template Engine
XORbit01/webpalm - 🕸️ Crawl in the web network
ARPSyndicate/awesome-intelligence - A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
MrTuxx/SocialPwned - SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed
internet-relay-chat/IRCP - A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers 🛰️
n0kovo/n0kovo_subdomains - An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
edoardottt/cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Shad0w-ops/H.I.V.E - H.I.V.E is an automated OSINT (Open Source Intelligence) multi-tool that enables efficient data gathering from various sources through the utilization of a single, unified platform.
Drew-Alleman/DataSurgeon - Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
jerlendds/osintbuddy - Node graphs, OSINT data mining, and plugins. Connect unstructured and public data for transformative insights. The rewrite can be found @ osintbuddy/osintbuddy
Josue87/AnalyticsRelationships - Get related domains / subdomains by looking at Google Analytics IDs
nitefood/asn - ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
pielco11/fav-up - IP lookup by favicon using Shodan
Cgboal/SonarSearch - A rapid API for the Project Sonar dataset
WHOISshuvam/gotld - Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and security researchers.
christophetd/censys-subdomain-finder - ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
netsecurity-as/recon365 - Gather information from an email address connected to Office 365
Sybil-Scan/revwhoix - A simple utility to perform reverse WHOIS lookups using whoisxml API
dhn/udon - A simple tool that helps to find assets/domains based on the Google Analytics ID.
r1cksec/corptrace - Automate Scoping, OSINT and Recon assessments.
theahmadov/slash - The Slash OSINT Tool
AlephNullSK/dnsgen - DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery
edoardottt/awesome-hacker-search-engines - A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
SpectralOps/netz - Discover internet-wide misconfigurations while drinking coffee
Micro0x00/Arsenal - Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
dhn/spk - spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
devanshbatham/FavFreak - Making Favicon.ico based Recon Great again !
blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
p1ngul1n0/blackbird - An OSINT tool to search for accounts by username and email in social networks.
m8sec/subscraper - Subdomain and target enumeration tool built for offensive security testing
cipher387/Dorks-collections-list - List of Github repositories and articles with list of dorks for different search engines
harleo/knockknock - A simple reverse whois lookup tool which returns a list of domains owned by people or companies
A3h1nt/Grawler - Grawler is a tool written in PHP which comes with a web interface that automates the task of using google dorks, scrapes the results, and stores them in a file.
initstring/cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
mikeroyal/Digital-Forensics-Guide - Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
utkusen/socialhunter - crawls the website and finds broken social media links that can be hijacked
projectdiscovery/uncover - Quickly discover exposed hosts on the internet using multiple search engines.
projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
digitaldisarray/OSINT-Tools - 👀 Some of my favorite OSINT tools.
superhedgy/AttackSurfaceMapper - AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
HASH1da1/Gotanda - Gotanda is browser Web Extension for OSINT.
utkusen/wholeaked - a file-sharing tool that allows you to find the responsible person in case of a leakage
nyxgeek/onedrive_user_enum - onedrive user enumeration - pentest tool to enumerate valid o365 users
klezVirus/vortex - VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit
byt3bl33d3r/WitnessMe - Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Josue87/EmailFinder - Search emails from a domain through search engines
SpiderLabs/HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
nixintel/o365chk - Simple Python tool to check if there is an Office 365 instance linked to a domain.
smicallef/spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
shmilylty/OneForAll - OneForAll是一款功能强大的子域收集工具
laramies/theHarvester - E-mails, subdomains and names Harvester - OSINT
Dheerajmadhukar/karma_v2 - ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
soxoj/maigret - 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
six2dez/reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
ivre/ivre - Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, colle
thalesgroup-cert/Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
utkusen/urlhunter - a recon tool that allows searching on URLs that are exposed via shortener services
yogeshojha/rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon
AzizKpln/Moriarty-Project - This tool gives information about the phone number that you entered.
serain/bbrecon - Python library and CLI for the Bug Bounty Recon API
needmorecowbell/sniff-paste - Pastebin OSINT Harvester
ninoseki/mihari - A query aggregator for OSINT based threat hunting
tillson/git-hound - Fast GitHub recon tool. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
devanshbatham/ParamSpider - Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
mschwager/gitem - A Github organization reconnaissance tool.
hakluke/hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
intelowlproject/IntelOwl - IntelOwl: manage your Threat Intelligence at scale
sshell/reddit-analyzer - find out when and where someone is posting to reddit
Findomain/Findomain - The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, mul
khast3x/h8mail - Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
lc/secretz - secretz, minimizing the large attack surface of Travis CI
j3ssie/osmedeus - A Workflow Engine for Offensive Security
tg12/rapid7_OSINT - All the tools you need to make your own mind up from the Open Data Sets
owasp-amass/amass - In-depth attack surface mapping and asset discovery
hisxo/gitGraber - gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
michenriksen/aquatone - A Tool for Domain Flyovers
redhuntlabs/Awesome-Asset-Discovery - List of Awesome Asset Discovery Resources
twintproject/twint - An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
gocaio/goca - Goca Scanner
0xInfection/TIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.
kpcyrd/sn0int - Semi-automatic OSINT framework and package manager
j3ssie/IPOsint - ⚠️WARNING: This project now become part of https://github.com/j3ssie/Metabigor project
evyatarmeged/Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
projectdiscovery/subfinder - Fast passive subdomain enumeration tool.
Te-k/harpoon - CLI tool for open source and threat intelligence
leebaird/discover - Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
elceef/dnstwist - Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

others

zarkones/BloodfangC2 - Modern PIC implant for Windows (64 & 32 bit)
praetorian-inc/ChromeAlone - A tool to transform Chromium browsers into a C2 Implant
sikumy/sauron - Fast context enumeration for newly obtained Active Directory credentials.
MatheuZSecurity/RingReaper - Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.
franc-pentest/ldeep - In-depth ldap enumeration utility
evilsocket/nyx - Self-contained script for cleaning forensic traces on Linux, macOS, and Windows.
intruder-io/autoswagger - Autoswagger by Intruder - detect API auth weaknesses
scadastrangelove/nuknuke -
Ylianst/MeshCentral - A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
chillyilly/spfshadow -
cgoesche/willdo - willdo is a minimal command line to-do list manager
sapdragon/syscalls-cpp - A modern C++20 header-only library for advanced direct system call invocation.
cybersectroll/TrollBlacklistDLL -
RedSiege/Egress-Assess - Egress-Assess is a tool used to test egress data detection capabilities
Ordspilleren/Tilted -
mp-se/gravitymon - iSpindle replacement firmware for beer brewing/fermenting
jezek2/fixbrowser - FixBrowser is a lightweight web browser created from scratch.
kamorin/DHCPig - DHCP exhaustion script written in python using scapy network library
0x90/wifi-arsenal - WiFi arsenal
CroodSolutions/AutoPwnKey - AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over
ZathuraDbg/ZathuraDbg - An emulation based tool for learning and debugging assembly.
Honoo/SnipeIT-PythonAPI - Python Interface to the SnipeIT (https://github.com/snipe/snipe-it) API
c0nf1den71al/Lodestar-Forge - Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
nbulischeck/tyton - Kernel-Mode Rootkit Hunter
gcve-eu/gcve - A Python client for the Global CVE Allocation System.
hackerschoice/bincrypter - Pack/Encrypt/Obfuscate ELF + SHELL scripts
MatheuZSecurity/ElfDoor-gcc - ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
0xb4db01/xorvm - Emulated CPU with custom ASM initially developed for XOR encryption
mindverse/Second-Me - Train your AI self, amplify you, bridge the world
cyberaz0r/thc-ssl-dos_mod - A fork of thc-ssl-dos that supports all SSL/TLS implementations, UDP (using DTLS), SOCKS5 proxy and both renegotiation and reconnect attacks. It also includes a docker lab to test the exploit.
EFForg/apkeep - A command-line tool for downloading APK files from various sources
LaurieWired/GhidraMCP - MCP Server for Ghidra
varnish/tinykvm - VMM for native-performance sandboxing
jerrykuku/luci-theme-argon - Argon is a clean and tidy OpenWrt LuCI theme that allows users to customize their login interface with images or videos. It also supports automatic and manual switching between light and dark modes.
tmahmood/taskwarrior-web - Minimalistic web UI for Task warrior
universam1/iSpindel - electronic Hydrometer
RedTeamPentesting/keycred - Generate and Manage KeyCredentialLinks
JavaHammes/Z - Z Anti-Anti-Debugger for Linux
airbus-seclab/soxy - A suite of services (SOCKS, FTP, shell, etc.) over Citrix, VMware Horizon and native Windows RDP virtual channels.
WillyJL/MemSed - 🔍 MEMory Search and EDit for Linux, inspired by Cheat Engine
posidron/dharma - Generation-based, context-free grammar fuzzer.
adampielak/nuclei-templates - All Nuclei Templates
coffinxp/nuclei-templates -
emadshanab/Nuclei-Templates-Collection - Nuclei Templates Collection
linuxadi/40k-nuclei-templates - 40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
thieu-b55/ESP32-clock-radio-with-web-interface -
javiser/crescendo-clock - Crescendo Clock - an ESP32 based alarm clock to wake up gently
DIYDave/ESP8266-Alarmclock - Alarmclock with 3,5" touch. 4 alarms, MP3, RTC, light sensor,
sadreck/Spartacus - Spartacus DLL/COM Hijacking Toolkit
0xb4db01/FAP - Fake Access Point
Karkas66/EarlyCascadeImprooved - an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
utkusen/baitroute - A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers
i-am-shodan/USBArmyKnife - USB Army Knife – the ultimate close access tool for penetration testers and red teamers.
007revad/Synology_DSM_reinstall - Easily re-install the same DSM version without losing any data or settings
0xNinjaCyclone/EarlyCascade - A PoC for Early Cascade process injection technique.
Z3r0n3us/custom-wordlist-generator -
PatrickTulskie/reset-rabbit - Application to test rapidly resetting http/2 streams
vitotai/BrewManiac - an Open ArdBir alternative.
SecurityInnovation/glibc_heap_exploitation_training - The resources for glibc Malloc heap exploitation course by Maxwell Dulin and Security Innovation.
chm0dx/creepyCrawler - OSINT tool to crawl a site and extract useful recon info.
olafhartong/PockETWatcher - a tiny program to consume from ETW providers for research
musana/CF-Hero - CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
akamai/Linux-Process-Injection -
runarbu/ProxyMaid - A open source proxy checker
pwardle/ReflectiveLoader - A Reflective Loader for macOS
ZephrFish/QoL-BOFs - Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
The-Z-Labs/cli4bofs - A swiss army knife tool for running, injecting and organizing your BOFs collection
bnagy/afl-launch - Boring tool to launch multiple afl-fuzz instances
bnagy/crashwalk - Bucket and triage on-disk crashes. OSX and Linux.
floyd-fuh/afl-crash-analyzer - Another crash analyzer tool for the American Fuzzy Lop (AFL) fuzzer
quic/AFLTriage -
espressif/esp-idf - Espressif IoT Development Framework. Official development framework for Espressif SoCs.
t3hbb/PanGP_Extractor - Tool to extract username and password of current user from PanGPA in plaintext
vxCrypt0r/Voidmaw - A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables that w
7h30th3r0n3/Evil-M5Project - Evil-M5Project is an innovative tool developed for ethical hacking and exploration of WiFi networks. It's compatible with Cardputer, Atoms3, Fire, core2. You can scan, monitor, and interact with WiFi
lantuin/squatter - Check if your website has been SQUATTED
OtterHacker/Hooker -
osresearch/SongRec - An open-source Shazam client for Linux, written in Rust.
guilhermeprokisch/see - A cute cat(1) for the terminal with advanced code viewing, Markdown rendering, 🌳 tree-sitter syntax highlighting, images view and more.
PortSwigger/turbo-intruder - Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Ry0taK/first-sequence-sync -
tsale/EDR-Telemetry-Website -
glebarez/padre - Blazing fast, advanced Padding Oracle exploit
absoluteappsec/handouts - materials we hand out
fkie-cad/bountyhunter - A Caldera plugin for the emulation of complete, realistic cyberattack chains.
amjcyber/pwnlook - An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it.
decoder-it/KrbRelay-SMBServer -
yrutschle/sslh - Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
anonymous300502/Nuke-AMSI - NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
mlcsec/EDRenum-BOF - Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
H4NM/WhoYouCalling - Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
haxxm0nkey/azhunt - Azure AD (Entra ID) enumeration tool. Find related domains and tenant information in a simple way.
llabusch93/pdf-namer - CLI Program to automatically manage PDF documents
reecdeep/segugio - Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.
nwg-piotr/nwg-displays - Output management utility for sway and Hyprland.
aittalam/PicoGopher - A micropython Gopher server tiny enough to run on a Raspberry Pi Pico W
start/331 - A 3x3 pixel font without animation.
gbevin/SendMIDI - Multi-platform command-line tool to send out MIDI messages
19or/ESC24-Keychain - ESC 2024 edition Keychain one of variuos versions made during the event
galkan/crowbar - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
S3N4T0R-0X0/BEAR - Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and
CrzPhil/SSHniff - An SSH metadata analyser used to showcase a timing-based attack on the protocol.
nettitude/SharpWSUS -
TheWover/DInvoke - Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
KoffieNu/rpm2cvescan - rpm2cvescan reports cve vulnerabilities affecting your RedHat/CentOS server
Lartsch/cisextractor - Extract CIS benchmarks from PDFs
finalduty/cis-benchmarks-audit - Simple command line tool to check for compliance against CIS Benchmarks
Cipher7/ApexLdr - ApexLdr is a DLL Payload Loader written in C
0xb4db01/S7SCEncrypt - XOR/AES encrypt binaries to C header files
0xb4db01/EATool - Read/write Extended Attributes to files on a Windows NTFS filesystem
jasonxtn/Kraken - All-in-One Toolkit for BruteForce Attacks
tehstoni/tryharder - C++ Staged Shellcode Loader with Evasion capabilities.
VoldeSec/PatchlessCLRLoader - .NET assembly loader with patchless AMSI and ETW bypass
dfir-scripts/siftgrab -
malcomvetter/CSExec - An implementation of PSExec in C#
poweradminllc/PAExec - Remote execution, like PsExec
helviojunior/shellcodetester - An application to test windows and linux shellcodes
helviojunior/hookchain - HookChain: A new perspective for Bypassing EDR Solutions
OtterHacker/Conferences -
ricardojoserf/SharpSelfDelete - PoC to self-delete a binary in C#
TierZeroSecurity/edr_blocker - Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Client
mlcsec/huntsman - Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io
H1d3r/GPU_ShellCode -
WKL-Sec/LayeredSyscall - Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.
zst123/openvpn_socks5_docker - Docker container: connect to OpenVPN networks via a SOCKS5 proxy
brmkit/ad-training-lab - Automated Active Directory lab running on Proxmox
lawndoc/Respotter - Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
S3cur3Th1sSh1t/SharpLigolo - C# wrapper for ligolo
bbernhard/signal-cli-rest-api - Dockerized Signal Messenger REST API
mqst/gouge - Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp Suite
0x6rss/pdfdropper - PDF dropper Red Team Scenairos
efeali/fragtunnel - Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation firewalls en route to the target.
0xricksanchez/Shellcoder - BinjaryNinja plugin for a ShellStorm like assembly/disassembly experience
ZeroMemoryEx/Amsi-Killer - Lifetime AMSI bypass
slyd0g/PrimaryTokenTheft - Steal a primary token and spawn cmd.exe using the stolen token
kleampa/not-paid - Client did not pay? Add opacity to the body tag and decrease it every day until their site completely fades away
JumpsecLabs/CloudflareRedirector - Putting the C2 in C2loudflare
tmux-plugins/tmux-resurrect - Persists tmux environment across system restarts.
Cybereason/siofra -
naksyn/DojoLoader - Generic PE loader for fast prototyping evasion techniques
Quack2332/Simple-.NET-Obfuscator-PoC -
Wh1t3Rh1n0/SlackEnum - A user enumeration tool for Slack.
SPTHvx/SPTH - Second Part To Hell's artworks: artificial (life/evolution/intelligence)
EvilBytecode/EDR-XDR-AV-Killer - Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
EvilBytecode/Lifetime-AmsiBypass - Lifetime AMSI bypass.
ntdevlabs/tiny11builder - Scripts to build a trimmed-down Windows 11 image.
zkondor/znotch - zNotch is for toggling (hide/show) your M1/M2 Macbook's notch
lllyasviel/Fooocus - Focus on prompting and generating
LiveOverflow/pwn_docker_example - Example pwnable challenge hosted with docker
UeharaYou/HiddenBar - An ultra-light MacOS utility that helps hide menu bar icons
vxCrypt0r/Voidgate - A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypte
huntandhackett/PassiveAggression - Source code and examples for PassiveAggression
0xsp-SRD/MDE_Enum - comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reduction (ASR) rules without Admin privileges
shantanu561993/SharpChisel - C# Wrapper around Chisel from https://github.com/jpillora/chisel
friedrich/hans - IP over ICMP
klsecservices/rpivot - socks4 reverse proxy for penetration testing
dotnet/yarp - A toolkit for developing high-performance HTTP reverse proxy applications.
mlcsec/SharpGraphView - Microsoft Graph API post-exploitation toolkit
cybersectroll/TrollAMSI -
BC-SECURITY/Long-Live-The-Empire - A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing on the open-source Empire C2 framework.
xct/winpspy - CLI monitor for windows process- & file activity
RevoltSecurities/ShodanX - ShodanX is a tool to gather information of targets using shodan dorks⚡.
RevoltSecurities/Probuster - Probuster : A Python based Web Application Penetration testing tool for Information Gathering⚡.
RevoltSecurities/SubProber - Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. The tool offers concurrent scanning, allowing users to define the
HernanRodriguez1/SharpBruteForceSSH -
DownWithUp/ALPC-Example - An example of a client and server using Windows' ALPC functions to send and receive data.
Flangvik/ObfuscatedSharpCollection - Attempt at Obfuscated version of SharpCollection
fin3ss3g0d/ASPJinjaObfuscator - Heavily obfuscated ASP web shell generation tool.
parzel/getsystem-bof - BOF to execute shellcode as SYSTEM via PPID spoofing.
BC-SECURITY/Moriarty - Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
emptynebuli/dauthi - dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-factor authentication attacks. Additionally, the framework offers au
floesen/KExecDD - Admin to Kernel code execution using the KSecDD driver
gatariee/gocheck - Because AV evasion should be easy.
Peco602/cobaltstrike-aggressor-scripts - A collection of Cobalt Strike Aggressor scripts.
Karkas66/CelestialSpark - Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
skeeto/endlessh - SSH tarpit that slowly sends an endless banner
Cipher7/ChaiLdr - AV bypass while you sip your Chai!
ParrotSec/shellter -
nettitude/SharpConflux -
reveng007/DarkWidow - Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDl
vusec/ghostrace -
TalAloni/SMBLibrary - Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0, SMB 2.1 and SMB 3.0 server and client library
HavocFramework/Modules - Modules used by the Havoc Framework
fancycode/MemoryModule - Library to load a DLL from memory.
WKL-Sec/FuncAddressPro - A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
Permiso-io-tools/CloudGrappler -
thiagopeixoto/winsos-poc - A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
Helixo32/CrimsonEDR - Simulate the behavior of AV/EDR for malware development training.
gavz/ExplorerPersist - Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when it's get loaded into the explorer process , our malicoius code
brokensound77/LoFP - Living off the False Positive!
boostsecurityio/lotp - boostsecurityio/lotp
ad0nis/ntlm_relay_gat -
trap-bytes/403jump - HTTP 403 bypass tool
pberba/pberba.github.io -
MultSec/MultCheck - Identifies bad bytes from static analysis with any Anti-Virus scanner.
bcdannyboy/EnterpriseSASTDASTProductLandscape - Analysis of the Enterprise SAST/DAST product landscape
LetsDefend/SOC-Interview-Questions - SOC Interview Questions
orph3usLyre/muddy-waters - A literal string obfuscation library for rust projects
upx/upx - UPX - the Ultimate Packer for eXecutables
Kudaes/Shelter - ROP-based sleep obfuscation to evade memory scanners
cube0x0/SharpMapExec -
Kevin-Robertson/Invoke-TheHash - PowerShell Pass The Hash Utils
S3cur3Th1sSh1t/SharpNamedPipePTH - Pass the Hash to a named pipe for token Impersonation
icyguider/UAC-BOF-Bonanza - Collection of UAC Bypass Techniques Weaponized as BOFs
MarekKnapek/DependencyViewer -
naksyn/Embedder - Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
antirez/64-thermometer - ESP8266 based C64 style thermometer with last hour/day graphs
Sh3lldon/FullBypass - A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
icyguider/LatLoader - PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
Copilot-abuser/Python_breach_checker - BreachChecker is a Python tool that leverages the BreachDirectory API to check for data breaches associated with email addresses, usernames, or passwords. It provides detailed information about leaked
AlDanial/cloc - cloc counts blank lines, comment lines, and physical lines of source code in many programming languages.
secureworks/family-of-client-ids-research - Research into Undocumented Behavior of Azure AD Refresh Tokens
penk/rasti.computer - a retro-futuristic laptop
dzonerzy/CaptainHook - Prototype-less hooking library for Windows
FalconForceTeam/SOAPHound - SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
rbmm/MutationGate -
rbmm2/MutationGate - demo implementation of Ziyi Shen idea
rasta-mouse/CsWhispers - Source generator to add D/Invoke and indirect syscall methods to a C# project.
hoodoer/proxy-helper-the-sequel - Port/rework of proxy-helper plugin for hak5 Pineapples
kleiton0x00/Proxy-DLL-Loads - A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
RedSiege/GraphStrike - Cobalt Strike HTTPS beaconing over Microsoft Graph API
LaresLLC/SuperSharpShares - SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your associated domain account.
caster0x00/F31 - Kali noise reduction tool
FalconForceTeam/FalconHound - FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggre
TheCyb3rAlpha/BobTheSmuggler - "Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format
ChoiSG/OneDriveUpdaterSideloading - Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
bfengj/eBPFeXPLOIT - Exploit tool implemented using ebpf.
usdAG/FlowMate - FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application and matches their occurrences in the responses.
DavidBuchanan314/stelf-loader - A stealthy ELF loader - no files, no execve, no RWX
splunk/ShellSweep - ShellSweeping the evil.
BishopFox/sj - A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
S3N4T0R-0X0/Checkmate - payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
nand2mario/nestang - NESTang is an FPGA Nintendo Entertainment System implemented with Sipeed Tang Primer 25K, Nano 20K and Primer 20K boards
blackarrowsec/Handly - Abuse leaked token handles.
Xacone/BestEdrOfTheMarket - EDR Lab for Experimentation Purposes
malvuln/RansomLord - RansomLord is a proof-of-concept Anti-Ransomware exploitation tool that automates the creation of PE files, used to compromise ransomware pre-encryption.
mifi/lossless-cut - The swiss army knife of lossless video/audio editing
Malandrone/PowerDecode - PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and che
dafthack/GraphRunner - A Post-exploitation Toolset for Interacting with the Microsoft Graph API
naksyn/ProcessStomping - A variation of ProcessOverwriting to execute shellcode on an executable's section
hackerschoice/bpfhacks - eBPF hacks
maddiestone/ConPresentations - Slide decks from my conference presentations
jayateertha043/venom - Venom - Your Portable Wireless & Hardware Hacking Companion
Wra7h/SingleDose - Generate Shellcode Loaders & Injects
WGU-CCDC/Blue-Team-Tools - A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-Team defense under an active threat.
hackerhouse-opensource/Marble - The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
gtworek/VolatileDataCollector -
yunchih/static-binaries - A set of commonly-used static binaries
VICE-Team/svn-mirror - The official git mirror of the official VICE subversion trunk.
dub-flow/sessionprobe - SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a l
ambionics/owncloud-exploits - ownCloud exploits for CVE-2023-49105
koekeishiya/yabai - A tiling window manager for macOS based on binary space partitioning
redrays-io/SAP-Penetration-Testing - SAP Penetration Testing: A Comprehensive Analysis of SAP Security Issues
Drew-Sec/EvilSlackbot - A Slack bot phishing framework for Red Teaming exercises
jgraph/drawio-desktop - Official electron build of draw.io
infosecn1nja/red-team-scripts - A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc
rohsec/LEAKEY - LEAKEY is a bash script which checks and validates for leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services.
shearn89/pex-demo - Simple demo to show how to package python scripts into PEX files
pex-tool/pex - A tool for generating .pex (Python EXecutable) files, lock files and venvs.
jaskaur18/pinliner - Python Inliner merges in a single file all files from a Python package.
Akrog/pinliner - Python Inliner merges in a single file all files from a Python package.
vtu81/backdoor-toolbox - A compact toolbox for backdoor attacks and defenses.
TakahiroHaruyama/VDR - Vulnerable driver research tool, result and exploit PoCs
ucsb-seclab/popkorn-artifact -
zimnyaa/grpc-ssh-socks - A minimal reverse proxy implementation over gRPC
zimnyaa/grpcssh - A simple reverse ssh/proxy implant PoC for *nix systems.
zimnyaa/beepsyscall - An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.
fransr/unpack-burp - For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)
UncoderIO/Uncoder_IO - An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Mr-Un1k0d3r/BOFCode - Bunch of BOF files
Mr-Un1k0d3r/.NetConfigLoader - .net config loader
Enelg52/OffensiveGo - Golang weaponization for red teamers.
pard0p/CallstackSpoofingPOC - C++ self-Injecting dropper based on various EDR evasion techniques.
foozzi/discoshell - a simple discovery script that uses popular tools like subfinder, amass, puredns, alterx, massdns and others
ElliotKillick/LdrLockLiberator - For when DLLMain is the only way
fortra/No-Consolation - A BOF that runs unmanaged PEs inline
S12cybersecurity/NinjaInjector - Classic Process Injection with Memory Evasion Techniques implemantation
mindedsecurity/semgrep-rules-android-security - A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
pr0v3rbs/FirmAE - Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
fin3ss3g0d/CosmicRakp - CVE-2013-4786 Go exploitation tool
iotsrg/IoT-Lab-Setup-Guide -
evilsocket/legba - A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
smikims/arpspoof - Performs an ARP spoofing attack using the Linux kernel's raw sockets
mthbernardes/sshLooterC - It's the C version of https://github.com/mthbernardes/sshLooter
nullsection/DLL-Spoofer - POC for DLL Proxying / Hijacking
HIJACKED1/Dark-Shell-V1 - Dark-Shell is a Tool for Generating ReverShell File
EvanMcBroom/perfect-loader - Load a dynamic library from memory by modifying the native Windows loader
zer0condition/mhydeath - Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
OneScripter/WmiExec - Execute Windows commands remotely and capture output using only WMI and PowerShell (not remoting).
erickdimalanta/esxi-unlocker - VMware ESXi macOS
SaadAhla/DocPlz - Documents Exfiltration project for fun and educational purposes
AD-Security/AD_Miner - AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
cecio/USBvalve - Expose USB activity on the fly
reewardius/bbFuzzing.txt -
VirtualAlllocEx/DEFCON-31-Syscalls-Workshop - Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
BeetleChunks/Obligato - This project is an implant framework designed for long term persistent access to Windows machines.
S12cybersecurity/DumpLsass - C++ Code to perform a MiniDump of lsass.exe
SafeBreach-Labs/wd-pretender -
SafeBreach-Labs/Back2TheFuture - Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.
SafeBreach-Labs/pacdoor - Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File
SafeBreach-Labs/pinjectra - Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
hardenedvault/ved-ebpf - VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
henry-richard7/Browser-password-stealer - This python program gets all the saved passwords, credit cards and bookmarks from chromium based browsers supports chromium 80 and above!
devanshbatham/rayder - A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
joelsernamoreno/EvilCrow-Keylogger - WiFi keylogger with Micro SD slot, based on the Atmega32U4 microcontroller and the ESP32-PICO module
W01fh4cker/VcenterKit - Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
M01N-Team/HeaderLessPE -
hmgle/graftcp - A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
mertdas/PrivKit - PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
mertdas/RedPersist -
mertdas/SharpTerminator - Terminate AV/EDR Processes using kernel driver
nikhilh-20/ELFEN - ELFEN: Automated Linux Malware Analysis Sandbox
pruzko/hakuin - A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.
leonjza/frida-boot - Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!
S3cur3Th1sSh1t/Caro-Kann - Encrypted shellcode Injection to avoid Kernel triggered memory scans
dobin/avred - Analyse your malware to surgically obfuscate it
trevorsaudi/Mshikaki - A shellcode injection tool showcasing various process injection techniques
trailofbits/btfparse - A C++ library that parses debug information encoded in BTF format
CaptainNox/Hypnos - A more reliable way of resolving syscall numbers in Windows
maldevel/email-providers - Free Email Providers
m417z/ntdoc - Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
byt3bl33d3r/SpamChannel - Spoof emails from any of the +2 Million domains using MailChannels (DEFCON 31 Talk)
xeptagondev/xep-whois - Lightweight WhoIs client
GgBoom-993/xorshell - Encoder PHP webshell to bypass WAF using XOR operations.
fin3ss3g0d/secretsdump.py - Enhanced version of secretsdump.py from Impacket. Adds multi-threading and accepts an input file with a list of target hosts for simultaneous secrets extraction.
securitygeneration/templates - A Collection of Email and Landing Page Templates for Use with Gophish
hakluke/weaponised-XSS-payloads - XSS payloads designed to turn alert(1) into P1
CiscoCXSecurity/udpy_proto_scanner - udpy_proto_scanner is a Python script which discovers UDP services by sending triggers to a list of hosts
weak1337/Alcatraz - x64 binary obfuscator
SigmaHQ/pySigma-backend-crowdstrike - SigmaHQ pySigma CrowdStrike processing pipeline
SigmaHQ/pySigma - Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
rainyear/python3-in-one-pic - Learn python3 in one picture.
ayoubfaouzi/windows-exploitation - My notes while studying Windows exploitation
hugsy/cemu - Cheap EMUlator: lightweight multi-architecture assembly playground
foxlox/GIUDA - Ask a TGS on behalf of another user without password
RoganDawes/P4wnP1_aloa - P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appli
tomnomnom/unfurl - Pull out bits of URLs provided on stdin
stark0de/nginxpwner - Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
devttys0/sasquatch -
shellster/LDAPPER - LDAP Querying without the Suck
doyensec/wsrepl - WebSocket REPL for pentesters
NVISOsecurity/cs2br-bof - Run Cobalt Strike BOFs in Brute Ratel C4!
cisagov/ADHunt - Tool for enumerating Active Directory environments
lem0nSec/ShellGhost - A memory-based evasion technique which makes shellcode invisible from process start to end.
Orange-Cyberdefense/awesome-industrial-protocols - Security-oriented list of resources about industrial network protocols.
ZephrFish/PotUtils -
HuntDownProject/HEDnsExtractor - A suite for hunting suspicious targets, expose domains and phishing discovery
roleoroleo/yi-hack-Allwinner-v2 - Custom firmware for Yi 1080p camera based on Allwinner platform
tandasat/hvext - The Windbg extensions to study Hyper-V on Intel and AMD processors.
ldpreload/BlackLotus - BlackLotus UEFI Windows Bootkit
google/syzygy - Syzygy Transformation Toolchain
HacktivistRO/ExtFilterBuster - A BASH script to bypass server-side filters for file upload vulnerability using multiple extensions and special symbols.
metlo-labs/csp-report-listener -
Octoberfest7/TeamsPhisher - Send phishing messages and attachments to Microsoft Teams users
HacktivistRO/Bug-Bounty-Wordlists - This repository contains some of the most exhaustive wordlists for enumeration, gathered from a lot of wordlists available on the Internet.
0xdevrel/EasyScan - Light-weight web security scanner
nocerainfosec/TakeMyRDP2.0 - An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts
namazso/MagicSigner - Signtool for expired certificates
sensity-ai/dot - The Deepfake Offensive Toolkit
wavvs/nanorobeus - COFF file (BOF) for managing Kerberos tickets.
jstkdng/ueberzugpp - Drop in replacement for ueberzug written in C++
tishion/mmLoader - A library for loading dll module bypassing windows PE loader from memory (x86/x64)
nodauf/GoMapEnum - User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
amateur-hacker/scheduler - A project designed for Linux users that facilitates the addition, listing, and deletion of schedules through the terminal.
CosmodiumCS/MalwareDNA - This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
f0cker/crackvue -
JetP1ane/Callisto - Callisto - An Intelligent Binary Vulnerability Analysis Tool
noperator/CVE-2019-18935 - RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
cure53/HTTPLeaks - HTTPLeaks - All possible ways, a website can leak HTTP requests
Flipper-XFW/Xtreme-Firmware - The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!
colind0pe/AV-Bypass-Learning - 免杀学习笔记
bp0lr/dmut - A tool to perform permutations, mutations and alteration of subdomains in golang.
kvegter/query-analyzer-app - Analyzing Neo4j Query Log files and more in the Neo4j Desktop
MrSaighnal/GCR-Google-Calendar-RAT - Google Calendar RAT is a PoC of Command&Control over Google Calendar Events
dievus/Python3-C2-Course-Code-Modules - Modules for my C2 course students to use for their own projects.
0xKayala/NucleiFuzzer - NucleiFuzzer is a robust automation tool that efficiently detects web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration techn
ThatLing/limba - compile-time control flow obfuscation using mba
persistent-security/hermes-the-messenger - A PoC for achieving persistence via push notifications on Windows
hyp3rlinx/PSTrojanFile - Unfixed Windows PowerShell Filename Code Execution POC
bohops/SharpRDPHijack - A proof-of-concept Remote Desktop (RDP) session hijack utility
med0x2e/SigFlip - SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
cyberaz0r/Burp-IISTildeEnumerationScanner - Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
SigPloiter/GTScan - The Nmap Scanner for Telco
projectdiscovery/aix - AIx is a cli tool to interact with Large Language Models (LLM) APIs.
Sh3lldon/RemoteApp - I have created these custom servers for preparing EXP-301 course (aka WUMED) exam and hope it will help to take OSED certification. Feel free to DM me in discord, if you have any questions about solvi
s7ephen/seacrane - Still point in moving world.
ZeroMemoryEx/Terminator - Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
Dec0ne/DavRelayUp - DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
michenriksen/drawio-threatmodeling - Draw.io libraries for threat modeling diagrams
itaymigdal/RegStrike - RegStrike is a .reg payload generator
doyensec/r2pickledec - Pickle decompiler plugin for Radare2
secur30nly/go-self-delete - Go implementation of the self-deletion of an running executable from disk
rustdesk/rustdesk-server - RustDesk Server Program
LaresLLC/ScrapingKit - Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if you have popped a user's desktop and their outlook client.
sensepost/mallet - Mallet is an intercepting proxy for arbitrary protocols
S3cur3Th1sSh1t/Ruy-Lopez -
ZeroMemoryEx/Blackout - kill anti-malware protected processes ( BYOVD ) ( Microsoft Won )
OffenseTeacher/NimRekey -
sominsong/NIMOS - Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
alwashali/detection-validation - Detection rule validation
jm33-m0/SSH-Harvester - Harvest passwords automatically from OpenSSH server
grimlockx/ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
TheNewAttacker64/Theattacker-Crypter - Tool to evade Antivirus With Different Techniques
xorvoid/sectorc - A C Compiler that fits in the 512 byte boot sector of an x86 machine
iilegacyyii/Shellcrypt - A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods.
dr4k0nia/NixImports - A .NET malware loader, using API-Hashing to evade static analysis
mrd0x/file-archiver-in-the-browser -
corellium/usbfluxd - Redirects the standard usbmuxd socket to allow connections to local and remote usbmuxd instances so remote devices appear connected locally.
CalfCrusher/MaccaroniC2 - A proof-of-concept Command & Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client and server implementation of the SSHv2 protocol and use PyNgrok
WKL-Sec/GregsBestFriend - GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
sw33tLie/sns - IIS shortname scanner written in Go
SoftPoison/blazor-interact - some bare tooling for interacting with Blazor Server
itm4n/VBA-RunPE - A VBA implementation of the RunPE technique or how to bypass application whitelisting.
4ndr34z/prenum -
susMdT/effective-waffle - yet another sleep encryption thing. also used the default github repo name for this one.
samyk/magspoof - A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card "wirelessly", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card n
nop-tech/OSED - Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
crispyricepc/sway-nvidia - Helper files to make sway a better experience for us poor NVIDIA users.
vdohney/keepass-password-dumper - Original PoC for CVE-2023-32784
rvrsh3ll/bl-bfg -
SixGenInc/Noctilucent - Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
DataDog/HASH - HASH (HTTP Agnostic Software Honeypot)
cyberark/White-Phoenix - A tool to recover content from files encrypted with intermittent encryption
radsecproxy/radsecproxy - radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports.
RedTeamPentesting/resocks - mTLS-Encrypted Back-Connect SOCKS5 Proxy
hyprwm/Hyprland - Hyprland is an independent, highly customizable, dynamic tiling Wayland compositor that doesn't sacrifice on its looks.
CobaltBSD/neosurf - A NetSurf fork with various improvements
jborean93/dpapi-ng - Python DPAPI NG Decryptor for non-Windows Platforms
demon-i386/Coercer - A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
demon-i386/zoshrinkC2 - DNS over HTTPS targeted malware (only runs once)
BC-SECURITY/OffensiveDLR - Toolbox containing research notes & PoC code for weaponizing .NET's DLR
Alevsk/rmm - Recon MindMap (RMM)
nullsection/Discord-DLL-Hijacking - This is a simple example of DLL hijacking enabling proxy execution.
quarkslab/pastis - PASTIS: Collaborative Fuzzing Framework
jakev/pyxamstore - Python utility for parsing Xamarin AssemblyStore blob files
lizrice/ebpf-beginners - The beginner's guide to eBPF
Micro0x00/nucleitemp - get all nuclei temp from emad shanab repo in one run
cihansol/XamAsmUnZ - Extract .NET assemblies from Xamarin mobile applications.
facebook/mariana-trench - A security focused static analysis tool for Android and Java applications.
NickstaDB/xamarin-decompress - Decompress Xamarin .NET compressed binaries so they can be decompiled.
bit4woo/knife - A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
CheckPointSW/InviZzzible - InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
zer0condition/ReverseKit - x64 Dynamic Reverse Engineering Toolkit
eddiechu/File-Smuggling - HTML smuggling is not an evil, it can be useful
dmahony/LoRa-AX25-IP-Network - Utilising inexpensive wireless modules and open source software to form networks over long distances using AX25 and IP networking in the unlicensed ISM bands, without reliance on a centralised service
TaurusOmar/reconbulk - Automated Subdomain Enumeration and Scanning Tool
Mayyhem/SharpSCCM - A C# utility for interacting with SCCM
blackarrowsec/redteam-research - Collection of PoC and offensive techniques used by the BlackArrow Red Team
Flangvik/DLLSideloader - PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading
nullt3r/udpx - Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable, and can be
dadevel/mssql-spider - Automated exploitation of MSSQL servers at scale
whalebone7/FfufMaster - Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.
SoftwareSecurityLab/UbSym - A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes
thefLink/Hunt-Weird-Syscalls - ETW based POC to identify direct and indirect syscalls
archcloudlabs/HackSpaceCon_Malware_Analysis_Course - Free training course offered at Hack Space Con 2023
archcloudlabs/BSidesRoc2022_Linux_Malware_Analysis_Course - BSidesRoc 2022 Linux Malware/Forensics Course
tsale/EDR-Telemetry - This project aims to compare and evaluate the telemetry of various EDR products.
eversinc33/GpuDecryptShellcode - XOR decrypting shellcode using the GPU with OpenCL.
tkmru/awesome-edr-bypass - Awesome EDR Bypass Resources For Ethical Hacking
montysecurity/InfraSpyder - Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
google/centipede -
Cracked5pider/KaynStrike - UDRL for CS
vivami/OutlookParasite - Outlook persistence using VSTO add-ins
ewhitehats/InvisiblePersistence - Persisting in the Windows registry "invisibly"
KINGSABRI/AssemblyLoader - Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()
warferik/AssemblyRunner - C# Exe that can remotely retrieve C# assemblies for in-memory execution
S3cur3Th1sSh1t/Invoke-Sharpcradle - Load C# Code straight to memory
amalmurali47/swagroutes - swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
nullsection/Sneaky-DLL-Stager - Reasonably undetected shellcode stager and executer.
d35ha/xLogger - Simple windows API logger
bytecode77/r77-rootkit - Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
trickster0/Elastic_Panel_AutoInstall - Spawn Up quickly Elastic EDR Panel
trickster0/TartarusGate - TartarusGate, Bypassing EDRs
bobricius/PICOmputer - #PICOmputer - World first Raspberry RP2040 PICO - QWERTY & IPS devkit
rasta-mouse/DInvoke - Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
PolGs/Persistent-Backdoor - Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality
thewhiteh4t/seeker - Accurately Locate Smartphones using Social Engineering
ghostpepper108/Evasion -
0xHossam/Killer - Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.
0x727/BypassPro - 对权限绕过自动化bypass的burpsuite插件
Kazhuu/asm2cfg - Python command-line tool and GDB extension to view and save x86, ARM and objdump assembly files as control-flow graph (CFG) pdf files
thorkill/eresi - The ERESI Reverse Engineering Software Interface
maliciousgroup/RDI-SRDI - This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
elmasy-com/columbus-scanner - Log scanner CLI to upload to Columbus server.
elmasy-com/columbus-server -
elmasy-com/columbus-cli - A CLI apllication for Columbus
LukeyJ-turbobk1990/CollectAndDecrypt - Tools to decrypt Google Chrome, Mozilla Firefox and Microsoft Edge login/password information.
redcanaryco/invoke-atomicredteam - Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team proj
Atomics-on-A-Friday/Emulation-Tools -
lsecqt/OffensiveCpp - This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
Mav3rick33/ZenLdr - Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
bittentech/Bug-Bounty-Beginner-Roadmap - This is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.
magicsword-io/LOLDrivers - Living Off The Land Drivers
cloudflare/flan - A pretty sweet vulnerability scanner
eMVee-NL/MindMap - This is a collection of some of mine mindmaps abount pentesting created with Obsidian.
RipFran/rpcenum - Herramienta en Bash ideal para extraer la información más relevante de un dominio vía rpcclient.
Ashifcoder/exposelab - This is a fully automated Active directory Lab made with the purpose to reduce the hustle of creating it manually.
hakluke/hakoriginfinder - Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
arg2u/cfd - Cfd (Cloudflare detector) is a tool that allows you to check one or more domains to see if they are protected by CloudFlare or not. The check is carried out based on five criteria: 3 headers in the HT
onhexgroup/Vulnerable-WordPress - The vulnerable version of WordPress that is updated monthly.
Marmeus/mad-hyperv - Ansible + Vagrant + Hyper-V + Vulnerable AD 😎
RixedLabs/IDLE-Abuse - A method to execute shellcode using RegisterWaitForInputIdle API.
mgeeky/decode-spam-headers - A script that helps you understand why your E-Mail ended up in Spam
XiaoliChan/wmiexec-Pro - New generation of wmiexec.py
SonarSource/argument-injection-vectors - A curated list of argument injection vectors
GTFOArgs/GTFOArgs.github.io - GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrary commands, using argument injection.
bugcrowd/HUNT -
wustho/baca - TUI Ebook Reader
ggerganov/kbd-audio - 🎤⌨️ Acoustic keyboard eavesdropping
b4rth0v5k1/EarlyBirdNTDLL -
CERT-Polska/malduck - 🦆 Malduck is your ducky companion in malware analysis journeys
DragoQCC/CrucibleC2 - A C# Command & Control framework
tomnomnom/httprobe - Take a list of domains and probe for working HTTP and HTTPS servers
redteamguides/redteamguides.github.io - Red Team Guides
hisxo/JSpector - A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues
SaadAhla/HeapCrypt - Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap
dobin/ace-firefist - Attack chain emulator. Write recipes for initial access easily
RedSiege/jargon -
tevora-threat/SharpView - C# implementation of harmj0y's PowerView
netspooky/scare - A multi-arch assembly REPL and emulator for your command line.
mgeeky/ElusiveMice - Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
PistonMiner/binaryninja-bindiff-viewer -
crosstool-ng/crosstool-ng - A versatile (cross-)toolchain generator.
imran-parray/cloudclear -
rkbennett/pyThreadlessInject - A python port of CCob's ThreadlessInject
beefproject/beef - The Browser Exploitation Framework Project
PortSwigger/ator -
SiriusScan/Sirius -
CyberSecurityUP/OSCE3-Complete-Guide - OSWE, OSEP, OSED, OSEE
wixtoolset/wix - WiX Toolset Code
FuzzySecurity/StandIn - StandIn is a small .NET35/45 AD post-exploitation toolkit
TheCruZ/kdmapper - KDMapper is a simple tool that exploits iqvw64e.sys Intel driver to manually map non-signed drivers in memory
XaFF-XaFF/Cronos-Rootkit - Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
nyxgeek/imgdevil - quick and dirty proof-of-concept to hide shells in images
Neo23x0/signature-base - YARA signature and IOC database for my scanners and tools
mobdk/WinSpoof - Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
itm4n/PPLmedic - Dump the memory of any PPL with a Userland exploit chain
ScriptIdiot/sleepmask_PatchlessHook - Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
wsummerhill/IPv4Fuscation-Encrypted -
philippelaulheret/talks_blogs_and_fun - Repo for various public facing talks, presentations and other fun stuff
OmriBaso/RToolZ - A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
six2dez/ipcdn - Check which CDN providers an IP list belongs to
Cracked5pider/Ekko - Sleep Obfuscation
glebarez/cero - Scrape domain names from SSL certificates of arbitrary hosts
blechschmidt/massdns - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
projectdiscovery/mapcidr - Utility program to perform multiple operations for a given subnet/CIDR ranges.
Sq00ky/csharp-portscanner - simple C# portscanner - written for playing around with Metasploit's Execute-Assembly
expl0itabl3/check_mdi - Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
thefLink/RecycledGate - Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
klezVirus/NimlineWhispers3 - A tool for converting SysWhispers3 syscalls for use with Nim projects
jobertabma/virtual-host-discovery - A script to enumerate virtual hosts on a server.
regorsec/Linux-Post-Exploitation - Tips, Tricks, and Scripts for Linux Post Exploitation
minispooner/red-team-playground - Docker network containing many vulnerable targets for practicing Red Teaming concepts (initial access, priv esc, persistence, lateral, C2, evasion, etc).
0xTriboulet/Revenant - Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
MFMokbel/Crawlector - Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
AvasDream/docker-subdomain-worker -
nettitude/MalSCCM -
trustedsec/ELFLoader -
MzHmO/psexec_noinstall - Repository contains psexec, which will help to exploit the forgotten pipe
paranoidninja/Proxy-Function-Calls-For-ETwTI - The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
jackullrich/syscall-detect - PoC capable of detecting manual syscalls from usermode.
obfuscator-llvm/obfuscator -
thefLink/DeepSleep - A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
waldo-irc/YouMayPasser - You shall pass
Reijaff/offensive_c -
pwncollege/pwnkernel - Kernel development & exploitation practice environment.
forensicxlab/VISION-ProcMon - A ProcessMonitor visualization application written in rust.
0xBallpoint/LOAD - Lord Of Active Directory - automatic vulnerable active directory on AWS
darkoperator/dnsrecon - DNS Enumeration Script
tomnomnom/gf - A wrapper around grep, to help you grep for things
bp0lr/gauplus -
JoelGMSec/Thunderstorm - Modular framework to exploit UPS devices
wsummerhill/CSharp-Alt-Shellcode-Callbacks - A collection of (even more) alternative shellcode callback methods in CSharp
kleiton0x00/RemoteShellcodeExec - Execute shellcode from a remote-hosted bin file using Winhttp.
ayadim/Nuclei-bug-hunter - i will upload more templates here to share with the comunity.
M00NLIG7/ChopChopGo - Rapidly Search and Hunt through Linux Forensics Artifacts
jhonnybonny/CleverJAM - Smart jammer based on SDR with frequency hopping 🐇
maaaaz/webscreenshot - A simple script to screenshot a list of websites
breenmachine/httpscreenshot -
Cillian-Collins/subscraper - Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomains to enumerate a list of subdomains for a given URL.
m4ll0k/BBTz - BBT - Bug Bounty Tools (examples💡)
x90skysn3k/brutespray - Bruteforcing from various scanner output - Automatically attempts default creds on found services.
ahmad0x1/ARWAD - Advanced Reconnaissance and Web Application Discovery
harsh-bothra/Bheem -
tomnomnom/assetfinder - Find domains and subdomains related to a given domain
notsoshant/DCSyncer - Perform DCSync operation without mimikatz
wunderwuzzi23/yolo-ai-cmdbot - AI bot that translates your question to a command and executes it yolo style
CodeXTF2/maldev-links - My collection of malware dev links
rocky/python-xdis - Python cross-version bytecode library and disassembler
Wack0/CVE-2022-21894 - baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
CHERIoT-Platform/cheriot-rtos - The RTOS components for the CHERIoT research platform
inguardians/peirates - Peirates - Kubernetes Penetration Testing tool
nettitude/Aladdin -
nccgroup/DroppedConnection -
NyaMisty/ssl-kill-switch3 - Next Generation SSLKillSwitch with much more support!
snovvcrash/BOFs - Beacon Object Files (not Buffer Overflows)
RajQureshi/APK-Penetration-testing-Guide - The Android Penetration Testing Steps repository is intended for security professionals, penetration testers, developers, and anyone who is interested in understanding the security implications of And
vvelitkn/Evasion-Escaper - Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
facebookexperimental/reverie - An ergonomic and safe syscall interception framework for Linux.
cpu0x00/pwn_www - open public http and tcp tunnels on the go ;)
oldboy21/CGPL - Yet, Another Packer/Loader
rasta-mouse/SharpC2 - Command and Control Framework written in C#
zan8in/leo - Leo is a network logon cracker which support many different services.
QueenSquishy/plague - Default Detections for EDR
CCob/BOF.NET - A .NET Runtime for Cobalt Strike's Beacon Object Files
xnl-h4ck3r/GAP-Burp-Extension - Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
emperorcow/go-netscan -
awgh/nfp - Network Finger Printer
fcavallarin/burp-dom-scanner - Burp Suite's extension to scan and crawl Single Page Applications
federicodotta/semgrep-rules - A collection of my Semgrep rules
b1ack0wl/vulnerability-write-ups - This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.
mrideout/GRFICSv3 - Graphical Realism Framework for Industrial Control Simulation (GRFICS) version 3
paranoidninja/O365-Doppelganger - A quick handy script to harvest credentials off of a user during a Red Team and get execution of a file from the user
trailofbits/semgrep-rules - Semgrep queries developed by Trail of Bits.
wumb0/pxpwn - Something something, botnet, blah something
mz-automation/libiec61850 - Official repository for libIEC61850, the open-source library for the IEC 61850 protocols
classvsoftware/spy-extension - A Chrome extension that will steal literally everything it can
troyhunt/password-purgatory - Deliberately making password creation a true hell
sublime-security/sublime-rules - Sublime rules for email attack detection, prevention, and threat hunting.
aahmad097/AlternativeShellcodeExec - Alternative Shellcode Execution Via Callbacks
chvancooten/NimPlant - A light-weight first-stage C2 implant written in Nim (and Rust).
tothi/serviceDetector - Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
runZeroInc/recog-go - Recog-Go: Pattern Recognition using Rapid7 Recog
lorenzo-stoakes/linux-vm-hacks - Hacks and experiments for the linux kernel VM subsystem.
lorenzo-stoakes/linux-vm-notes - Notes on the linux kernel VM subsystem.
nccgroup/rustproofing-linux -
RistBS/ContextMenuHijack - Execute a payload at each right click on a file/folder in the explorer menu for persistence
rikka0w0/ExplorerContextMenuTweaker - Restore the style of context menu in explorer window and open/save file dialog back to classic style (for 1809 and above)
rbmm/TBAL -
s0md3v/uro - declutters url lists for crawling/pentesting
intoolswetrust/jd-cli - Command line Java Decompiler
thiekus/fsvwin - Fork of fsv built on MSVC and run on Windows. fsv is a file system visualizer in cyberspace. It lays out files and directories in three dimensions, geometrically representing the file system hierarchy
sam4k/lica - A hacky tool for analysing linux kernel commits
sam4k/lmb - Very lightweight kernel module boilerplate for kernel development/testing.
mcuelenaere/fsv - fsv is a file system visualizer in cyberspace. It lays out files and directories in three dimensions, geometrically representing the file system hierarchy to allow visual overview and analysis.
CCob/ThreadlessInject - Threadless Process Injection using remote function hooking.
The-XSS-Rat/SecurityTesting -
navisecdelta/EmailGen - A simple email generator that uses dorks on Bing to generate emails from LinkedIn Profiles.
dwisiswant0/gfx - A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
Dec0ne/HWSyscalls - HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
DataDog/threatest - Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
trailofbits/RpcInvestigator - Exploring RPC interfaces on Windows
dwisiswant0/secpat2gf - convert secret patterns to gf compatible.
PinoyWH1Z/C99Shell-PHP7 - PHP 7 and safe-build Update of the popular C99 variant of PHP Shell.
lanjelot/patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
SaadAhla/UnhookingPatch - Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
ashirt-ops/ashirt - It records your screenshots and code, then lets you upload to ASHIRT
matthewbobrowski/infector - POC ELF runtime process infection via PLT/GOT redirection using ptrace(2)
matthewbobrowski/shellgame - Shellgame is a very simple userspace rootkit that has been specifically designed for normal users to hide files from other users.
ahhh/GoRedLoot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
nopernik/SSHPry2.0 - SSHPry v2 - Spy & Control os SSH Connected client's TTY
ahhh/Cybersecurity-Tradecraft - A repo to support the book
stealthcopter/deepce - Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
mnp/xspy - Record X11 keypress events to a log file
dsaveliev/rootsh - Shell wrapper with keylogger (local log or syslog)
americanexpress/earlybird - EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
mazen160/secrets-patterns-db - Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
Flangvik/TeamFiltration - TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
MMitsuha/Tajimari - the Open Source and Pure C++ Packer for eXecutables
Acebond/ReverseSocks5 - Single executable reverse SOCKS5 proxy written in Golang.
Flangvik/AMSI.fail - C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
SaadAhla/NTDLLReflection - Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
Checkmarx/capital - A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
iuliandita/keychron - Settings for Keychron keyboards
sofblocks/sofblocks.github.io - IT Sec Blog
MzHmO/Privileger - Privileger is a tool to work with Windows Privileges
Neo23x0/tiny-shells - All kinds of tiny shells
gerstner-hub/rocket.term - Text based chat client for the Rocket.chat messaging solution.
synacktiv/php_filter_chain_generator -
kiks7/KRWX - Kernel Read Write Execute
RamXtha/DefaScan -
Zer0Sploit/wordlister - This script generates a custom wordlist based on the specified organization name and source wordlist. The custom wordlist contains combinations of the organization name with each word from the source
mxrch/snmp-shell - Shell Simulation over Net-SNMP with extend functionality
sensepost/DET - (extensible) Data Exfiltration Toolkit (DET)
bananabr/TimeException - A tool to find folders excluded from AV real-time scanning using a time oracle
vivami/SauronEye - Search tool to find specific files containing specific words, i.e. files containing passwords..
CsEnox/SeManageVolumeExploit -
pathtofile/bad-bpf - A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
Esonhugh/sshd_backdoor - /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
SaadAhla/D1rkLdr - Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time
Limmen/awesome-rl-for-cybersecurity - A curated list of resources dedicated to reinforcement learning applied to cyber security.
paranoidninja/Proxy-DLL-Loads - The code is a pingback to the Dark Vortex blog:
rvrsh3ll/Misc-Powershell-Scripts - Random Tools
Ignitetechnologies/Mindmap - This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
Octoberfest7/Inline-Execute-PE - Execute unmanaged Windows executables in CobaltStrike Beacons
theart42/Sharpcat - A port of classic netcat to C#
certmichelin/PTART -
aerleon/aerleon - Multi-platform ACL generation system
ustayready/golddigger -
pe3zx/mthc - All-in-one bundle of MISP, TheHive and Cortex
cyb3rfox/Aurora-Incident-Response - Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
dfirtrack/dfirtrack - DFIRTrack - The Incident Response Tracking Application
pain0x0/awesome-incident-response -
G4lile0/Heimdall-WiFi-Radar - Heimdall WiFi Radar ESP8266
hosch3n/msmap - Msmap is a Memory WebShell Generator.
theopolis/uefi-firmware-parser - Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc
ShiftLeftSecurity/sast-scan - Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
justjake/Gauss - Stable Diffusion macOS native app
silverfort-open-source/latma -
MaximeBeasse/KeyDecoder - KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
IncideDigital/Mistica - An open source swiss army knife for arbitrary communication over application protocols
t57root/pwnginx - Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
rofl0r/microsocks - tiny, portable SOCKS5 server with very moderate resource usage
VladRico/apache2_BackdoorMod - A backdoor module for Apache2
mrmoss/poovey - Standard pam module backdoor.
flkn404/pamdoor - UNIX PAM Backdoor with rolling passwords
segmentati0nf4ult/linux-pam-backdoor - Linux PAM Backdoor
ociredefz/pambd - The most small and fast solution to create a undetectable backdoor through the PAM module.
rek7/madlib - PAM Backdoor
Error996/bdvl - bdvl
mellow-hype/santa-linux - A proof-of-concept Linux clone of Santa, Google's binary authorization system for macOS
chokepoint/azazel - Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detect
SpiderLabs/scavenger - scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.
BCHarrell/redteamcmm -
rbmm/LdrpKernel32DllName -
jart/blink - tiniest x86-64-linux emulator
jonny-jhnson/MSRPC-to-ATTACK - A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
Maproom/qmapshack - Consumer grade GIS software
vu-ls/Crassus -
ga1ois/BlackHat-Europe-2022 - Select Bugs From Binary Where Pattern Like CVE-1337-Days
frkngksl/Shoggoth - Shoggoth: Asmjit Based Polymorphic Encryptor
BishopFox/unredacter - Never ever ever use pixelation as a redaction technique
X-C3LL/memdlopen-lib -
punk-security/secret-magpie - Secret Magpie - Secret Detection Tool
OtterHacker/CoffLoader -
danielbohannon/Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator & Obfuscator
P1sec/hermes-dec - A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode
blasty/lexmark -
sorokinpf/cth_wordlists - Various wordlists for bruteforce
FiloSottile/whoami.filippo.io - A ssh server that knows who you are. $ ssh whoami.filippo.io
h2337/connmap - connmap is an X11 desktop widget that shows location of your current network peers on a world map in real-time
praetorian-inc/NTLMRecon - A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
praetorian-inc/fingerprintx - Standalone utility for service discovery on open ports!
trufflesecurity/of-CORS -
jmdx/TLS-poison -
elmasy-com/elmasy - Open Source External Attack Surface Management
Maldev-Academy/HellHall - Performing Indirect Clean Syscalls
CravateRouge/autobloody - Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound
Proteas/bindiff-tool - An assistant for BinDiff
trustedsec/hardcidr - hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route
vitoplantamura/BugChecker - SoftICE-like kernel debugger for Windows 11
mttaggart/security-tools - A very opinionated list of security tools
ciniml/WireGuard-ESP32-Arduino - WireGuard implementation for ESP32 Arduino
ashemery/exploitation-course - Offensive Software Exploitation Course
ARPSyndicate/kenzer - automated web assets enumeration & scanning [DEPRECATED]
jmpews/Dobby - a lightweight, multi-platform, multi-architecture hook framework.
azurit/modsecurity-backdoor - This is a proof-of-concept of malicious software running inside of ModSecurity WAF.
IS5882/Open-CyKG -
felixweyne/imaginaryC2 - Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs.
BryanLunduke/LundukeHoliday - Lunduke's Holiday BASH Decorations
KINGSABRI/ServerlessRedirector - Serverless Redirector in various cloud vendor for red team
nettitude/ShellcodeMutator -
salesforce/ja3 - JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
MythicAgents/merlin - Cross-platform post-exploitation HTTP Command & Control agent written in golang
namazso/linux_injector - A simple ptrace-less shared library injector for x64 Linux
struppigel/PortexAnalyzerGUI - Graphical interface for PortEx, a Portable Executable and Malware Analysis Library
post-cyberlabs/Offensive_tools -
0xCD4/Projects -
binderlabs/DirCreate2System - Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
deepinstinct/Dirty-Vanity - A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28
vxunderground/VX-API - Collection of various malicious functionality to aid in malware development
Flangvik/SharpCollection - Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Alygnt/Clifty - World's most powerful and compact tool. This Tool is made for educational purpose only !
john-xor/shelloader - generates a shellcode loading powershell script that is xor encrypted
LethalSnake1337/PE-Loader-exercise - A simple PE loader.
MarioVilas/shellcode_tools - Miscellaneous tools written in Python, mostly centered around shellcodes.
googleprojectzero/sandbox-attacksurface-analysis-tools - Set of tools to analyze Windows sandboxes for exposed attack surface.
KULeuven-COSIC/Starlink-FI -
HackCommander/PHP-info-cookie-stealer - Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation.
cloudflare/mitmengine - A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
sensepost/wiresocks - A sock, with a wire, so you can tunnel all you desire.
bohops/DynamicDotNet - A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
pentagridsec/smsgate - SMSgate is an open source Python-based server for sending and especially receiving SMS using multiple GSM modems and SIM cards.
klezVirus/SilentMoonwalk - PoC Implementation of a fully dynamic call stack spoofer
visualbasic6/search - a cli google client that bypasses captcha and rate limiting by using the google alerts "preview" feature
quark-engine/quark-script - Collections of Quark Script that detect vulnerabilities in the binaries.
EspressoCake/Defender_Exclusions-BOF - A BOF to determine Windows Defender exclusions.
siemens/GoScans - Collection of network scan modules for infrastructure discovery and information gathering.
siemens/Large-Scale-Discovery - A network scanning solution for information gathering in large IT/OT network environments.
mogwailabs/jarjarbigs - A python script to merge multiple jar files for easier debugging via JD-Eclipse
micro-joan/D4TA-HUNTER - GUI Osint Framework with Kali Linux
Mebus/cupp - Common User Passwords Profiler (CUPP)
jfmaes/AmsiHooker - Hookers are cooler than patches.
ironmansoftware/psmsi - Create MSIs using PowerShell.
Coldzer0/ReverseSock5Proxy - A tiny Reverse Sock5 Proxy written in C :V
enkomio/BrokenFlow - A simple PoC to invoke an encrypted shellcode by using an hidden call
secureworks/squarephish -
riesha/drv-vuln-scanner - Finds imports that could be exploited, still requires manual analysis.
Mr-Un1k0d3r/AMSI-ETW-Patch - Patch AMSI and ETW
whokilleddb/exe_who - Executables on Disk? Bleh 🤮
elceef/subzuf - a smart DNS response-guided subdomain fuzzer
xalicex/blackhoodie_maldev101_2022 -
blackmagic-debug/blackmagic - In-application debugger for ARM Cortex and RISC-V processors.
S3cur3Th1sSh1t/Amsi-Bypass-Powershell - This repo contains some Amsi Bypass methods i found on different Blog Posts.
wfg/docker-openvpn-client - OpenVPN client with killswitch and proxy servers; built on Alpine
ZeroPointSecurity/PhishingTemplates -
milo2012/phishing-frenzy-template-cloner -
miguelangelramirez/httphish - Quickly clone a website and launch an HTTP server to phish information with httphish.py 🐍
CyberSecurityUP/Red-Team-Management -
ryanries/PassFiltEx - PassFiltEx. An Active Directory Password Filter.
projectdiscovery/proxify - A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.
G0ldenGunSec/SharpTransactedLoad - Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
threatexpress/metatwin - The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
nmantani/archiver-MOTW-support-comparison -
icyguider/MoreImpacketExamples - More examples using the Impacket library designed for learning purposes.
assume-breach/Home-Grown-Red-Team -
CCob/Volumiser -
aniqfakhrul/powerview.py - Just another Powerview alternative but on steroids
Binject/binjection - Injects additional machine instructions into various binary formats.
trustedsec/orpheus - Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
nu11secur1ty/IIS-Backdoor -
karimhabush/cis-vsphere - A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
mandiant/SharPersist -
ohchase/ptrace_syscalls - Exploration project to invoke syscalls in arbitrary unix processes with ptrace.
osandov/drgn - Programmable debugger
aleixrodriala/wa-tunnel - Tunneling Internet traffic over Whatsapp
capt-meelo/laZzzy - laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
georgesotiriadis/MalwareDev -
rommelfs/scanner - nmap/ndiff based scanner with template based notification system in case of infrastructure changes
stuhli/awesome-event-ids - Collection of Event ID ressources useful for Digital Forensics and Incident Response
Bw3ll/ShellWasp - ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2
nixpal/ProcInjectSyscall -
AlirezaDehlaghi/ICSSIM - This is the ICSSIM source code and user manual for simulating industrial control system testbed for cybersecurity experiments
thefLink/C-To-Shellcode-Examples -
jsecu/BOF-pack-1 - A care package of useful bofs for red team engagments
hasherezade/pe_to_shellcode - Converts PE into a shellcode
ctxis/DLLHSC - DLLHSC - DLL Hijack SCanner a tool to assist with the discovery of suitable candidates for DLL Hijacking
d3lb3/KeeFarceReborn - A standalone DLL that exports databases in cleartext once injected in the KeePass process.
rad9800/WTSRM - WTSRM
NUL0x4C/KnownDllUnhook - Replace the .txt section of the current loaded modules from \KnownDlls\
guervild/BOFs - Cobalt Strike Beacon Object Files
outflanknl/WdToggle - A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
N7WEra/BofAllTheThings - Creating a repository with all public Beacon Object Files (BoFs)
thec0nci3rge/PS_with_inline_csharp_compilation -
4g3nt47/Striker - A Command and Control (C2)
cepxeo/dll4shell - Shellcode launcher for AV bypass
0xAbdullah/Offensive-Snippets - A repository with my code snippets for research/education purposes.
ocastejon/linux-kernel-learning - Notes, exploits, and other stuff that I create while learning Linux Kernel exploitation techniques
scambaitermailbox/scambaiter_backend -
r3motecontrol/Ghostpack-CompiledBinaries - Compiled Binaries for Ghostpack
jmmcatee/cracklord - Queue and resource system for cracking passwords
tothi/stager_libpeconv - A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
winsecurity/Offensive-C-Sharp -
Yariya/Zmap-ProxyScanner - A Thread Safe fast way to find proxies. Find 2000-5000 working http,socks4,socks5 proxies in one scan.
hugsy/gef-binja - Interface GDB-GEF with Binary Ninja
eldraco/Sapito - A mDNS sniffer and interpreter.
outflanknl/C2-Tool-Collection - A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
vxunderground/VXUG-Papers - Research code & papers from members of vx-underground.
NUL0x4C/DeleteShadowCopies - Deleting Shadow Copies In Pure C++
MahmoudZohdy/Process-Injection-Techniques - Various Process Injection Techniques
3xpl01tc0d3r/ProcessInjection - This program is designed to demonstrate various process injection techniques
xillwillx/tricky.lnk - Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Payload is a powershell webdl and execute
it-gorillaz/lnk2pwn - Malicious Shortcut(.lnk) Generator
dievus/lnkbomb - Malicious shortcut generator for collecting NTLM hashes from insecure file shares.
tommelo/lnk2pwn - Malicious Shortcut(.lnk) Generator
plackyhacker/Shellcode-Encryptor - A simple shell code encryptor/decryptor/executor to bypass anti virus.
0xZDH/imgect - Inject shellcode into a valid BMP/GIF image.
DISREL/Ring0VBA - CVE-2018-6066 using VBA
skelsec/asysocks - Socks5 / Socks4 client and server library
cr0hn/EasyLogs - The simple, agnostic and lightweight logging dashboard
loneicewolf/smbdoor - improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
YA551N3/Bug-Bounty-Wordlists -
fin3ss3g0d/cypherhound - Your template-based BloodHound terminal companion tool
hypn/wordlist-wikipedia-pages -
honoki/bbrf-server - The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
zeGolem/wf - wf is a UNIX-style utility for running commands on file change
xpn/WAMBam - Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
wunderwuzzi23/ropci - So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
pietroborrello/RopDaemon - A fast, multithreaded, ROP-gadget semantics analyzer.
rootkit-io/awesome-malware-development - Organized list of my malware development resources
lutzenfried/Methodology -
zolderio/misp-to-sentinel - Azure function to insert MISP data in to Azure Sentinel
gaffe23/linux-inject - Tool for injecting a shared object into a Linux process
AonCyberLabs/Cexigua - Linux based inter-process code injection without ptrace(2)
itaymigdal/Nimbo-C2 - Nimbo-C2 is yet another (simple and lightweight) C2 framework
mertdas/Slayer - Just an AV slayer. Nothing special ;)
BishopFox/asminject - Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace b
marcosd4h/memhunter - Live hunting of code injection techniques
rvrsh3ll/BOF_Collection - Various Cobalt Strike BOFs
penguintrace/penguintrace - penguinTrace is a tool to show how code runs at the hardware level
outflanknl/HelpColor - Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
bugch3ck/SharpEfsPotato - Local privilege escalation from SeImpersonatePrivilege using EfsRpc.
n00py/GetFGPP - Get Fine Grained Password Policy
JuliaPoo/Artfuscator - A C compiler targeting an artistically pleasing nightmare for reverse engineers
CodeXTF2/HavocNotion - A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally safe or stable, built as a PoC to showcase Havoc C2's modular C
0xAJStrike/SPFAbuse - SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp
cramppet/regulator - Automated learning of regexes for DNS discovery
f1tz/Misc -
byt3bl33d3r/BOF-Nim - Cobalt Strike BOF Files with Nim!
smokeme/ProxyNotShell -
susMdT/SharpAgent - C# havoc implant
NUL0x4C/GP - using the gpu to hide your payload
timhsutw/elfuck - ELF packer for i386
doredry/TokenFinder - Tool to extract powerful tokens from Office desktop apps memory
trustedsec/CS-Remote-OPs-BOF -
anvilsecure/ulexecve - ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teaming a
TheZ3ro/fdstealer - dummy PoC to write into fds from other pids
persistence-info/persistence-info.github.io -
bigb0sss/RedTeam-OffensiveSecurity - Tools & Interesting Things for RedTeam Ops
WithSecureLabs/CallStackSpoofer - A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
jeffbencteux/mailsecchk - POSIX script for mail security checks of domain names
Dec0ne/ShadowSpray - A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.
skelsec/aardwolf - Asynchronous RDP client for Python (headless)
dunderhay/phishsticks - A framework for OAuth 2.0 device code authentication grant flow phishing
The-Login/DNS-Analysis-Server - Tools to assess DNS security.
The-Login/DNS-Reset-Checker - Tools to assess the DNS security of web applications
freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy - Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)
splunk/attack_data - A repository of curated datasets from various attacks
ltratt/pizauth - Command-line OAuth2 authentication daemon
cramppet/dank - a deterministic finite automata ranker
HavocFramework/Havoc - The Havoc Framework
Rvn0xsy/AsmShellcodeLoader - 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/
JohnHammond/msdt-follina - Codebase to generate an msdt-follina payload
thesp0nge/java_audit_sh - A set of companion tools needed by everyday job during Java source code audits
punk-security/dnsReaper - dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
optiv/Freeze - Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
jazzpizazz/BloodHound.py-Kerberos - A Python based ingestor for BloodHound
adityatelange/bhhb - Burp HTTP history browser (bhhb) - A tool to view HTTP history exported from Burp Suite Community Edition
netspooky/xx - The xx file format. Turn your hex dumps into art, then into binary data.
bchavez/Havoc - 🌋 A set of dangerous algorithms that cause havoc in .NET applications and operating systems for use in chaos engineering.
vuldb/cyber_threat_intelligence - Cyber Threat Intelligence Data, Indicators, and Analysis
hasherezade/exe_to_dll - Converts a EXE into DLL
wunderwuzzi23/gospray - Active Directory Password Spray Testing Utility in Go
CodeXTF2/cobaltstrike-headless - Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
thiagopeixoto/massayo - Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL
Velocidex/cloudvelo - An experimental Velociraptor implementation using cloud infrastructure
sean-t-smith/Extreme_Breach_Masks - A set of prioritized Hashcat .hcmask files intelligently developed from terabytes of password breach datasets and organized by run time.
lkarlslund/ldapnomnom - Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
Bw3ll/JOP_ROCKET - This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultimate solution for Windows jump-oriented programming. JOP ROCKET
janoglezcampos/c_syscalls - Single stub direct and indirect syscalling with runtime SSN resolving for windows.
elfmaster/maya - Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.
mallorbc/stable-diffusion-klms-gui - This repo dockerizes Stable Diffusion to ease the usage of the model with a gradio UI
luser/read-process-memory -
thinkst/canarytokens-docker - Docker configuration to quickly setup your own Canarytokens.
fin3ss3g0d/evilgophish - evilginx3 + gophish
mazen160/server-status_PWN - A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
OccamsXor/sim-ba - (Sim)ulate (Ba)zar Loader
Wra7h/FlavorTown - Various ways to execute shellcode
HXSecurity/DongTai - Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through p
DarthTon/Blackbone - Windows memory hacking library
nheiniger/SnaffPoint - A tool for pointesters to find candies in SharePoint
ps1337/reinschauer - it is very good
diwsec/pentdocks - web application pentesting tools for docker
cyberbuff/TheAtomicPlaybook - The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resource to know about the tests, it's execution, detection and defe
hakivvi/ermir - an Evil Java RMI Registry.
embee-research/Randomise-api-hashes-cobalt-strike - Bypass Detection By Randomising ROR13 API Hashes
m417z/winapiexec - A small tool that allows to run WinAPI functions through command line parameters
nccgroup/jwt-reauth -
pentesteracademy/reconpal - ReconPal: Leveraging NLP for Infosec
mamun-sec/dfirt - Collect information of Windows PC when doing incident response
KhaosT/ACVM -
Z4kSec/Masky - Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
MWR-CyberSec/PXEThief - PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
Qazeer/FarsightAD - PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise
KiFilterFiberContext/warbird-hook - Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
NUL0x4C/EtwSessionHijacking - A Poc on blocking Procmon from monitoring network events
SlyFabi/WSysMon - A windows task manager clone for Linux.
modzero/fix-windows-privacy - Fix Windows 10 Privacy
hasherezade/libpeconv - A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
gehaxelt/sshfp-dns-measurement - Code used for the "Oh SSH-it, what's my fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS" paper
paranoidninja/Brute-Ratel-C4-Community-Kit - This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)
BC-SECURITY/Beginners-Guide-to-Obfuscation -
sliverarmory/armory - The Official Sliver Armory
Flangvik/SharpDllProxy - Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
mandiant/Azure_Workshop -
o7-machinehum/ovrdrive - Security focused USB drive.
freqyXin/Offensive-Wireless-Security - Slide deck for DEF CON 30 - Read Team Village - Offensive Wireless Security presentation
chris-anley/cq - CQ, a code security scanner
io-tl/Mara - Mara is a userland pty/tty sniffer
kyleavery/AceLdr - Cobalt Strike UDRL for memory scanner evasion.
r4wd3r/Suborner -
tarahmarie/investigations -
xforcered/elfpack - ELF Sectional docking payload injector system
containers/bubblewrap - Low-level unprivileged sandboxing tool used by Flatpak and similar projects
MarginResearch/cannoli - High-performance QEMU memory and instruction tracing
mikeroyal/eBPF-Guide - eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.
mainframed/DC30_Workshop - DEFCON 30 Mainframe buffer overlow workshop container
mandiant/STrace - A DTrace on Windows Reimplementation
wietze/HijackLibs - Project for tracking publicly disclosed DLL Hijacking opportunities.
0xbadjuju/Sharpire - A C# implementation of the PowerShell Empire Agent
aahmad097/ZoomPersistence - Zoom Persistence Aggressor and Handler
CodeXTF2/Burp2Malleable - Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
darksh3llRU/dark-doh -
anthemtotheego/InlineExecute-Assembly - InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional f
xforcered/SCMKit - Source Code Management Attack Toolkit
h4wkst3r/InvisibilityCloak - Proof-of-concept obfuscation toolkit for C# post-exploitation tools
NetSPI/PowerHuntShares - PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
icyguider/Shhhloader - Syscall Shellcode Loader (Work in Progress)
Diego-AltF4/GLUFS - GLUFS allows you to automate the tedious process of finding leaks using format string vulnerabilities.
Techryptic/Pokemon-Shellcode-Loader - Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you.
jkotra/unlockr -
rad9800/TamperingSyscalls -
Yaxser/Backstab - A tool to kill antimalware protected processes
micro-joan/BlackStone - Pentesting Reporting Tool
WSP-LAB/FUGIO - FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
mgeeky/ProtectMyTooling - Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with
thiagomayllart/Harvis - Harvis is designed to automate your C2 Infrastructure.
emptymonkey/shelljack - A keystroke / terminal logger for Linux.
vmware/burp-rest-api - REST/JSON API to the Burp Suite security tool.
DissectMalware/XLMMacroDeobfuscator - Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
elastic/protections-artifacts - Elastic Security detection content for Endpoint
veo/vbackdoor - Hide process,port,self under Linux using the ld_preload
chipmanfu/RGI-redteam-scripts - Automation For Metova Range Global Internet system Red Team Infastructure
bananabr/Givemeahand - A PoC tool for exploiting leaked process and thread handles
wikiZ/RedGuard - RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
aaaddress1/PR0CESS - some gadgets about windows process and ready to use :)
codewhitesec/Lastenzug - Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
capt-meelo/MassMap - Combined port scanning w/ Masscan's speed & Nmap's scanning features.
kymb0/Stealth_shellcode_runners -
allyomalley/LiveTargetsFinder - Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts and gather service information
HumanSecurity/restringer - A Javascript Deobfuscator
mdsecresearch/BurpSuiteSharpener -
Humoud/BackBag-Lab-VM - Small enough to carry on your back (Backpack) 🎒💻
citronneur/blindssl - Disable SSL certificate verification for all binaries that use libssl
Ben-Lichtman/reloader - Reflective DLL self-loading as a library
PHProxy/phproxy - PHP based web proxy. Initially developed by whitefyre
p0dalirius/Coercer - A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
expl0itabl3/Redsheet - Red Teaming & Active Directory Cheat Sheet.
GhostPack/Koh - The Token Stealer
F6JO/RouteVulScan - Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
Adepts-Of-0xCC/VBA-macro-experiments - Collection of VBA macro published in our twitter / blog
citronneur/pamspy - Credentials Dumper for Linux using eBPF
andersju/webbkoll-backend - Express.js app that runs Puppeteer as a service; visits specified URL with Chromium and sends back various data (requests, cookies, etc.) as JSON
huebicode/abuselookup-gui - A GUI to query the API of abuse.ch.
bkup/SlackShell - PowerShell to Slack C2
digininja/scanner_user_agents - A list of user agents belonging to common web scanners.
HernanRodriguez1/1nv0k3-Rvb3us2 -
shellntel-acct/scripts -
lateralblast/lunar - A UNIX security auditing tool based on several security frameworks
FSecureLABS/Azurite - Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
duo-labs/cloudtracker - CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
NetSPI/MicroBurst - A collection of scripts for assessing Microsoft Azure security
RhinoSecurityLabs/GCPBucketBrute - A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
NotSoSecure/cloud-service-enum -
puresec/sas-top-10 - Serverless Architectures Security Top 10 Guide
kost/dockscan - dockscan is security vulnerability and audit scanner for Docker installations
CiscoCXSecurity/linikatz - linikatz is a tool to attack AD on UNIX
0xmitsurugi/gimmecredz - You're a #pentester and you totally pwn that linux box, congrats! Now what? You can launch gimmecredz.sh which will try to extract all passwords from known locations.
blendin/3snake - Tool for extracting information from newly spawned processes
canix1/ADACLScanner - Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
adrecon/ADRecon - ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
n1nj4sec/mimipy - port of mimipenguin.sh in python with some additional protection features
phackt/wptsextensions.dll - WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
chvancooten/follina.py - POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
Luct0r/KerberOPSEC - OPSEC safe Kerberoasting in C#
NextronSystems/ransomware-simulator - Ransomware simulator written in Golang
DODC/turncoat -
pyutils/line_profiler - Line-by-line profiling for Python
rkern/line_profiler - (OLD REPO) Line-by-line profiling for Python - Current repo ->
viridityzhu/Evangelion-typora-theme - An eye-friendly dark theme for Typora editor, based on the color scheme of Neon Genesis Evangelion.
rvrsh3ll/TokenTactics - Azure JWT Token Manipulation Toolset
secretsquirrel/encryptAgit - Encrypt your git repo...
certat/exchange-scans - A collection of functions to check Microsoft Exchange Servers for ProxyLogon and ProxyShell
linkedin/qark - Tool to look for several security related Android application vulnerabilities
Dec0ne/KrbRelayUp - KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
nettitude/RunPE - C# Reflective loader for unmanaged binaries.
FelixBer/FindFunc - FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints.
curlconverter/curlconverter - Transpile curl commands into Python, JavaScript and 27 other languages
lazaars/SAP-Pentest -
janestreet/magic-trace - magic-trace collects and displays high-resolution traces of what a process is doing
fgeek/pyfiscan - Free web-application vulnerability and version scanner
Roni-Carta/cf-bypass -
Ridter/noPac - Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
rootsecdev/Azure-Red-Team - Azure Security Resources and Notes
salrashid123/squid_proxy - Multi-mode Squid Proxy container running SSL intercept
varnish/hitch - A scalable TLS proxy by Varnish Software.
redis/RedisInsight - Redis GUI by Redis
GJDuck/RedFat - A binary hardening system
CompassSecurity/BloodHoundQueries -
hausec/Bloodhound-Custom-Queries - Custom Query list for the Bloodhound GUI based off my cheatsheet
SpecterOps/BloodHound-Legacy - Six Degrees of Domain Admin
joeroe/risotto - A minimalist, responsive hugo theme inspired by terminal ricing aesthetics.
GoogleContainerTools/container-diff - container-diff: Diff your Docker containers
Accenture/Condstanta -
s0md3v/Smap - a drop-in replacement for Nmap powered by shodan.io
mttaggart/OffensiveNotion - Notion as a platform for offensive operations
zeGolem/openfdd - Userspace driver for Fancy Devices™
cyberbutler/RedDrop - RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
michelep/ESP8266_PowerMeter - A simple but effective power meter based on INA219 and ESP8266 (Wifi and MQTT)
rezer0dai/bananafzz - Banana Fuzzer ~ modulable, loop based, poc gen, code cov, platform agnostic, race oriented
o1mate/AppLocker-Bypass - Bypassing AppLocker with C#
EnableSecurity/wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
honoki/bbrf-client - The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
VirtualAlllocEx/Create-Thread-Shellcode-Fetcher - This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)
Vyiel/RedTeamPets - A collection of handy and specific tools for the Red Teamer
MythicAgents/thanatos - Mythic C2 agent targeting Linux and Windows hosts written in Rust
zadewg/RIUS - CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
ropnop/kerbrute - A tool to perform Kerberos pre-auth bruteforcing
malvuln/Adversary3 - Malware vulnerability intel tool for third-party attackers
cure53/Contracts - A small collection of potentially useful contract templates
ExAndroidDev/rtlo-attack - Right-To-Left Override POC
Accenture/VulFi - IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.
fgsect/FitM - FitM, the Fuzzer in the Middle, can fuzz client and server binaries at the same time using userspace snapshot-fuzzing and network emulation. It's fast and comparably easy to set up.
kimci86/bkcrack - Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
He-No/ntlmrelayx2proxychains -
justinsteven/advisories -
mikeroyal/Open-Source-Security-Guide - Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
DarkFlippers/unleashed-firmware - Flipper Zero Unleashed Firmware
ralphte/build_a_phish - Ansible playbook to deploy a phishing engagement in the cloud.
mrd0x/BITB - Browser In The Browser (BITB) Templates
Group3r/Group3r - Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
0xbigshaq/apache-afl - An automated setup for compiling & fuzzing Apache httpd server
0xbigshaq/redis-afl - An automated setup for fuzzing Redis w/ AFL++
FirmWire/FirmWire - FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares
ustayready/roguerdp -
Sceptive/forgiva-integrator - Core module for Forgiva Enterprise connecting Forgiva Server to Forgiva Webclient.
grassmunk/Chicago95 - A rendition of everyone's favorite 1995 Microsoft operating system for Linux.
klezVirus/SysWhispers3 - SysWhispers on Steroids - AV/EDR evasion via direct system calls.
christophetd/CloudFlair - 🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
agrawalsmart7/scodescanner - SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.
login-securite/DonPAPI - Dumping DPAPI credz remotely
DashBarkHuss/100-days-of-code - Fork this template for the 100 days journal - to keep yourself accountable (multiple languages available)
jychp/cloudflare-bypass - Bypass Coudflare bot protection using Cloudflare Workers
Anorov/cloudflare-scrape - A Python module to bypass Cloudflare's anti-bot page.
micahvandeusen/gMSADumper - Lists who can read any gMSA password blobs and parses them if the current user has access.
Hemogl0bin/drvscanner - Scan for potentially vulnerable drivers
fkie-cad/libdesock - A de-socketing library for fuzzing.
trustedsec/COFFLoader -
rxhanson/Rectangle - Move and resize windows on macOS with keyboard shortcuts and snap areas
gechr/WhichSpace - 🖥 Active space menu bar icon for macOS 10.11+
halencarjunior/plsc4n -
S3cur3Th1sSh1t/Creds - Some usefull Scripts and Executables for Pentest & Forensics
0x727/FingerprintHub - 侦查守卫(ObserverWard)的指纹库
Cracked5pider/Stardust - A modern 32/64-bit position independent implant template
evilbuffer/malware-and-exploitdev-resources -
0x00Jeff/sec-dojo - sec-dojo write ups
hari0943/nvidia-manager - Allows you to turn off, on your nvidia gpu at will
romkatv/powerlevel10k - A Zsh theme
nix-community/comma - Comma runs software without installing it. [maintainers=@Artturin,@burke,@DavHau]
cube0x0/KrbRelay - Framework for Kerberos relaying
mahaloz/decomp2dbg - A plugin to introduce interactive symbols into your debugger from your decompiler
Allevon412/PPL_Sandboxer -
klezVirus/CandyPotato - Pure C++, weaponized, fully automated implementation of RottenPotatoNG
mlcsec/SharpSQL - Simple C# implementation of PowerUpSQL
BawdyAnarchist/QubesTricks - Qubes Tricks, Scripts, and Tips
mgeeky/PackMyPayload - A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
slyd0g/SharpCryptUnprotectData -
jsa2/aadcookiespoof - Azure AD Identity Protection Cookie Spoofing
M-HT/SR - A project to statically recompile following games to create Windows or Linux (x86 or arm) versions of the games - Albion, X-Com: UFO Defense (UFO: Enemy Unknown), X-Com: Terror from the Deep, Warcraft
tomnomnom/anew - A tool for adding new lines to files, skipping duplicates
plackyhacker/SandboxDefender - C# code to Sandbox Defender (and most probably other AV/EDRs).
RedTeamOperations/Advanced-Process-Injection-Workshop -
MartinIngesen/TokenStomp - C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic
atdpa4sw0rd/Search-Tools - 聚合空间测绘搜索（Fofa,Zoomeye,Quake,Shodan,Censys,BinaryEdge）
samisecure/LsassDumpReflectiveDll - Dump Lsass Memory Using a Reflective Dll
hlldz/RefleXXion - RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCrea
liuzhen03/awesome-video-enhancement - Paper list for video enhancement, including video super-resolution, interpolation, denoising, deblurring and inpainting.
AlanGriffiths/egmde - Example Mir Desktop Environment
canonical/mir - The Mir compositor
operasoftware/ssh-key-authority - A tool for managing SSH key access to any number of servers.
TimothyYe/skm - A simple and powerful SSH keys manager
latchset/tang - Tang binding daemon
latchset/clevis - Automated Encryption Framework
aels/subdirectories-discover - Perfect wordlist for discovering directories and files on target site
mechanicalnull/phantasm - Binary Ninja plugin for visualizing coverage over time
PaulSec/twittor - A fully featured backdoor that uses Twitter as a C&C server
rsmudge/Malleable-C2-Profiles - Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt
bluscreenofjeff/Malleable-C2-Randomizer - A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
threatexpress/random_c2_profile - Cobalt Strike random C2 Profile generator
DenFox93/GitWebsite -
jekyc/wig - WebApp Information Gatherer
johnthebrit/CertificationMaterials - A collection of materials related to my certification videos
fuzzware-fuzzer/fuzzware-experiments - Files used for reproducing Fuzzware's experiments
trustedsec/SeeYouCM-Thief -
murar8/firefox-deflector - Open external links using any currently running firefox profile.
ideasman42/nerd-dictation - Simple, hackable offline speech to text - using the VOSK-API.
mikroskeem/tosh - Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...
Cerbersec/Ares - Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique
n1nj4sec/pr0cks-py - python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target
sysdream/ligolo - Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
thefLink/Hunt-Sleeping-Beacons - Aims to identify sleeping beacons
Dutchosintguy/digital-business-cards-pse - Using a Google a Programmable Search Engine to make custom Digital Business Card Search Engine
ox-eye/Ox4Shell - Deobfuscate Log4Shell payloads with ease.
ShaneMcC/beeps - Linux beep music
optiv/Ivy - Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment t
zeronetworks/BloodHound-Tools - Collection of tools that reflect the network dimension into Bloodhound's data
0xded093/Serpico-NG - Serpico-NG https://github.com/LUTECH-TMS-CERT/EHAT-NG
mariusae/trickle - Trickle is a userland bandwidth shaper for Unix-like systems.
Gerenios/AADInternals - AADInternals PowerShell module for administering Azure AD and Office 365
ivicanikolicsg/MAIAN - MAIAN: automatic tool for finding trace vulnerabilities in Ethereum smart contracts
treebuilder/aad-sso-enum-brute-spray - POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
darlinghq/darling - Darwin/macOS emulation layer for Linux
cert-ee/cuckoo3 - Cuckoo3 is a Python 3 open source automated malware analysis system.
waldo-irc/LockdExeDemo - A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/
dfaram7/pptshots - Finding sensitive information in the trimmed parts of cropped images
heroku/heroku-guardian - Easy to use CLI security checks for the Heroku platform. Validate baseline security configurations for your own Heroku deployments.
pathtofile/commandline_cloaking - A collection of projects demonstrating various commandline cloaking techniques on Linux
sankyhack/Threat-Hunting-with-WebProxy-Logs-using-Pandas---Jupyter-Notebook -
Cracked5pider/KaynLdr - KaynLdr is a Reflective Loader written in C/ASM
cedowens/Inject_Dylib - Swift code to programmatically perform dylib injection
robusta-dev/debug-toolkit - A modern code-injection framework for Python. Like Pyrasite but Kubernetes-aware.
hardenedvault/bootkit-samples - Bootkit sample for firmware attack
her0ness/AlternativeShellcodeExec - Alternative Shellcode Execution Via Callbacks
her0ness/SCShell - Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
0xJin/awesome-bugbounty-builder - Awesome Bug bounty builder Project
plackyhacker/Peruns-Fart - Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
t3hbb/DefenderCheck - Identifies the bytes that Microsoft Defender flags on.
vitaly-kamluk/bitscout - Remote forensics meta tool
EricZimmerman/KapeFiles - This repository serves as a place for community created Targets and Modules for use with KAPE.
solemnwarning/rehex - Reverse Engineers' Hex Editor
ChrisTheCoolHut/Zeratool - Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
amix/vimrc - The ultimate Vim configuration (vimrc)
0xsp-SRD/mortar - evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
hardenedvault/lurch - XEP-0384: OMEMO Encryption for libpurple.
Velocidex/velociraptor - Digging Deeper....
eduardomcm/VelociraptorCompetition -
xme/velociraptor - Velociraptor Stuff
CERN-CERT/WAD - Web application/technology detection tool
ShielderSec/webtech - Identify technologies used on websites.
ppshobi/tech-detector - A web app for detecting backend technologies used in a web app, Based on wappalyzer node module
ameenmaali/whoareyou - whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)
blackarrowsec/wappy - Discover web technologies in web applications from your terminal
dorker6/simttylogin - simulate tty login in terminal
gcompris/GCompris-qt - GCompris in Qt Quick - Mirror of https://invent.kde.org/education/gcompris
struppigel/PortEx - Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
kmanc/remote_code_oxidation -
ly4k/Pachine - Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)
cocomelonc/2021-12-11-malware-injection-11 - Code injection via NtOpenProcess and NtAllocateVirtualMemory
APTortellini/DoH-Stager -
srl-labs/containerlab - container-based networking labs
cube0x0/noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
GovTech-CSG/ProxyAgent -
catern/sfork - A synchronous, single-threaded interface for starting processes on Linux
guitmz/ezuri - A Simple Linux ELF Runtime Crypter
xforcered/xPipe - Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
antonioCoco/MalSeclogon - A little tool to play with the Seclogon service
wavestone-cdt/EDRSandblast -
can1357/NtRays - Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.
XMCyber/XMGoat -
ajmandourah/Ladispad - A custom-made 11 key macropad + 2 rotary encoders with minimal components.
Etisalat-Egypt/Rodan - Rodan Exploitation Framework
cutaway-security/sawh - Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Active Directory Domain and do not require Windows services to funct
vavkamil/wp-update-confusion - WordPress Plugin Update Confusion
NetSPI/NetblockTool - Find netblocks owned by a company
her0ness/av-edr-urls - AV/EDR companies netblocks
mantvydasb/Red-Team-Infrastructure-Automation - Disposable and resilient red team infrastructure with Terraform
OSInside/kiwi - KIWI - Appliance Builder Next Generation
zcgonvh/EfsPotato - Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
divinity76/converttostatic - attempt to make linux binaries static
onvio/gophish - Gophish with Malicious Attachment and HTTP redirect support
MobSF/Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and
quarkslab/rewind - Snapshot-based coverage-guided windows kernel fuzzer
GoSecure/gophish-cli - Gophish Python cli to perform huge phishing campaigns
tothi/dll-hijack-by-proxying - Exploiting DLL Hijacking by DLL Proxying Super Easily
fkasler/phishmonger - Phishing Framework for Pentesters
edermi/gophish_mods - Open-Source Phishing Toolkit
jthuraisamy/SysWhispers2 - AV/EDR evasion via direct system calls.
CravateRouge/bloodyAD - BloodyAD is an Active Directory Privilege Escalation Framework
dafthack/MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services
Retrospected/kerbmon - Continuous kerberoast monitor
monoxgas/Koppeling - Adaptive DLL hijacking / dynamic export forwarding
google/UIforETW - User interface for recording and managing ETW traces
oldboy21/SMBSR - Lookup for interesting stuff in SMB shares
fortra/nanodump - The swiss army knife of LSASS dumping
CCob/lsarelayx - NTLM relaying for Windows made easy
RICSecLab/AFLplusplus-cs -
RUB-SysSec/nyx-net -
Hypnoze57/RDPChecker - RDP Checker
AtropineTears/TheMacHardeningScripts - Scripts to secure and harden Mac OS X
trufflesecurity/driftwood - Private key usage verification
EspressoCake/DLL-Exports-Extraction-BOF - DLL Exports Extraction BOF with optional NTFS transactions.
tothi/smbmap - SMBMap is a handy SMB enumeration tool - here with Kerberos support
gfek/Lepus - Subdomain finder
halencarjunior/sss3 - Simple S3 Bucket Testing Software
ahrm/sioyek - Sioyek is a PDF viewer with a focus on textbooks and research papers
LuemmelSec/WinPwn - Automation for internal Windows Penetrationtest / AD-Security
aas-n/spraykatz - Credentials gathering tool automating remote procdump and parse of lsass process.
aaaddress1/Skrull - Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting te
stong/how-to-exploit-a-double-free - How to exploit a double free vulnerability in 2021. Use After Free for Dummies
sensepost/SPartan - Frontpage and Sharepoint fingerprinting and attack tool.
punk-security/pwnspoof - Pwnspoof repository
S3cur3Th1sSh1t/OffensiveVBA - This repo covers some code execution and AV Evasion methods for Macros in Office documents
Tylous/ZipExec - A unique technique to execute binaries from a password protected zip
eslamedhat/XDomain - Auto powerful subdomains scanner - Auto check live subdomains
tomnomnom/meg - Fetch many paths for many hosts - without killing the hosts
tomnomnom/qsreplace - Accept URLs on stdin, replace all query string values with a user-supplied value
s0md3v/Arjun - HTTP parameter discovery suite.
infosec-au/altdns - Generates permutations, alterations and mutations of subdomains and then resolves them
jpf/domain-profiler - Given a domain, will tell you the decisions that the domain owner has made.
m4ll0k/SecretFinder - SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
jkakavas/creepy - A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.
bohops/UltimateWDACBypassList - A centralized resource for previously documented WDAC bypass techniques
ufrisk/MemProcFS - MemProcFS
microsoft/MSTIC-Sysmon - Anything Sysmon related from the MSTIC R&D team
mattifestation/WDACTools - A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
mermaid-js/mermaid-live-editor - Edit, preview and share mermaid charts/diagrams. New implementation of the live editor.
Mr-Un1k0d3r/DKMC - DKMC - Dont kill my cat - Malicious payload evasion tool
c6fc/warcannon - High speed/Low cost CommonCrawl RegExp in Node.js
rvrsh3ll/Rubeus-Rundll32 - Run Rubeus via Rundll32
fr0gger/awesome-ida-x64-olly-plugin - A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
Arinerron/heaptrace - helps visualize heap operations for pwn and debugging
ScorpionesLabs/DVS - D(COM) V(ulnerability) S(canner) AKA Devious swiss army knife - Lateral movement using DCOM Objects
VeNoMouS/cloudscraper - A Python module to bypass Cloudflare's anti-bot page.
klezVirus/inceptor - Template-Driven AV/EDR Evasion Framework
boku7/Ninja_UUID_Runner - Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
tandasat/DotNetHooking - Sample use cases of the .NET native code hooking technique
peasead/windows-sandbox-to-elastic - Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
thewhiteninja/ntfstool - Forensics tool for NTFS (parser, mft, bitlocker, deleted files)
herosi/CTO - Call Tree Overviewer
weggli-rs/weggli - weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
snorez/ebpf-fuzzer - fuzz the linux kernel bpf verifier
tlspuffin/tlspuffin - A Dolev-Yao-model-guided fuzzer for TLS
eldraco/domain_analyzer - Analyze the security of any domain by finding all the information possible. Made in python.
mcw0/PoC - Issues has been disabled for these PoC's, as they are simply PoC, Public Domain and unsupported.
codewhitesec/HandleKatz - PIC lsass dumper using cloned handles
mindcrypt/powerglot - Powerglot encodes offensive powershell scripts using polyglots . Offensive security tool useful for stego-malware, privilege escalation, lateral movement, reverse shell, etc.
ly4k/Certipy - Tool for Active Directory Certificate Services enumeration and abuse
horizon3ai/vcenter_saml_login - A tool to extract the IdP cert from vCenter backups and log in as Administrator
ionescu007/clfs-docs - Unofficial Common Log File System (CLFS) Documentation
daem0nc0re/Abusing_Weak_ACL_on_Certificate_Templates - Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
0xf4b1/bsod-kernel-fuzzing - BSOD: Binary-only Scalable fuzzing Of device Drivers
HunnicCyber/SharpML - Machine Learning Network Share Password Hunting Toolkit
two06/sitrep -
CultCornholio/solenya - Microsoft365 Device Code Phishing Framework
blacklanternsecurity/spiderfoot-neo4j - Import, visualize, and analyze SpiderFoot scans in Neo4j, a graph database
pevma/SEPTun-Mark-II - Suricata Extreme Performance Tuning guide - Mark II
pevma/SEPTun - Suricata Extreme Performance Tuning guide
rvrsh3ll/BOF-ForeignLsass -
WebGoat/WebGoat - WebGoat is a deliberately insecure application
AndrewRathbun/DFIRMindMaps - A repository of DFIR-related Mind Maps geared towards the visual learners!
redcanaryco/vscode-attack - Visual Studio Code extension for MITRE ATT&CK
trickster0/OffensiveRust - Rust Weaponization for Red Team Engagements.
bats3c/DefensiveInjector - Shellcode injector using direct syscalls
bats3c/DarkLoadLibrary - LoadLibrary for offensive operations
mgeeky/ShellcodeFluctuation - An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
thesephist/monocle - Universal personal search engine, powered by a full text search algorithm written in pure Ink, indexing Linus's blogs and private note archives, contacts, tweets, and over a decade of journals.
amirgamil/apollo - A Unix-style personal search engine and web crawler for your digital footprint.
cartography-cncf/cartography - Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
tomnomnom/waybackurls - Fetch all the URLs that the Wayback Machine knows about for a domain
Info-security/binary-auditing-training - Free IDA Pro Binary Auditing Training Material for University Lectures - from http://binary-auditing.com . Contains decrypted/unzipped files along with original zip archive and site's index.html
mgeeky/ThreadStackSpoofer - Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
sh4hin/GoPurple - Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions
tanc7/EXOCET-AV-Evasion - EXOCET - AV-evading, undetectable, payload delivery tool
BishopFox/iam-vulnerable - Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
davidmalcolm/antipatterns.ko - The world's worst kernel module
boku7/injectEtwBypass - CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
qsecure-labs/overlord - Overlord - Red Teaming Infrastructure Automation
paranoidninja/PIC-Get-Privileges - Building and Executing Position Independent Shellcode from Object Files in Memory
SolomonSklash/SleepyCrypt - A shellcode function to encrypt a running process image when sleeping.
benjojo/gogetgithub - "go get" all the go repo's you have starred on github
purarue/oh-my-stars - An offline CLI tool to search your GitHub Stars.
GhostPack/SharpDPAPI - SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
ShutdownRepo/targetedKerberoast - Kerberoast with ACL abuse capabilities
jdgregson/Disclosures - My publically disclosed vulnerability reports.
wez3/msfenum - A Metasploit auto auxiliary script
klezVirus/CVE-2021-40444 - CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
optiv/Go365 - An Office365 User Attack Tool
iomoath/PowerShx - Run Powershell without software restrictions.
boku7/azureOutlookC2 - Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Micro
mdecrevoisier/EVTX-to-MITRE-Attack - Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
dirkjanm/PKINITtools - Tools for Kerberos PKINIT and relaying to AD CS
sonertari/SSLproxy - Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection
nuvious/pam-duress - A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive
roadwy/RIP -
passivedns/passivedns - Web Application for domain name monitoring / alerting
assetnote/kiterunner - Contextual Content Discovery Tool
FiloSottile/age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
phillipberndt/autorandr - Auto-detect the connected display hardware and load the appropriate X11 setup using xrandr
ExPixel/cargo-disasm - Disassembly viewer for rust projects.
carmaa/inception - Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
LucaBongiorni/jellyfish - GPU rootkit PoC by Team Jellyfish
nwork/WIN_JELLY - Windows GPU rootkit PoC by Team Jellyfish
jfmaes/Invoke-DLLClone - Koppeling x Metatwin x LazySign
CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering -
KINGSABRI/kingsabri-blog -
Errum/IntelArchitectureMap - Intelligence Architecture Mind Map
mgeeky/UnhookMe - UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
nccgroup/exploit_mitigations - Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
optiv/Registry-Recon - Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon
federicodotta/ghidra2frida - The new bridge between Ghidra and Frida!
Ne0nd0g/go-shellcode - A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
RedCursorSecurityConsulting/PPLKiller - Tool to bypass LSA Protection (aka Protected Process Light)
IlanKalendarov/PyHook - PyHook is an offensive API hooking tool written in python designed to catch various cre

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
.gitignore		.gitignore
README.md		README.md
README_language.md		README_language.md
README_topic.md		README_topic.md

theguly/stars

Folders and files

Latest commit

History

Repository files navigation

Awesome Stars

Contents

3d

ai

analytics

android

angular

ansible

api

archlinux

arduino

artificial-intelligence

aspnet

automation

awesome

awesome-list

aws

azure

bash

blockchain

bot

bugbounty

c

c-plus-plus

chatbot

chatgpt

chatgpt-api

chrome

chrome-extension

cli

clojure

cms

code

code-quality

code-review

compiler

config

continuous-integration

cpp

crawler

cryptocurrency

cryptography

csharp

cybersecurity

data

data-analysis

data-engineering

data-science

data-visualization

database

deep-learning

deployment

design

developer-tools

development

devops

discord

django

docker

documentation

dotfiles

dotnet

education

electron

elixir

emacs

embedded

emulator

es6

ethereum

express

firebase

firefox

flask

framework