Skip to content

Latest commit

 

History

History
3256 lines (1587 loc) · 190 KB

Chan9390.md

File metadata and controls

3256 lines (1587 loc) · 190 KB

Awesome Stars Awesome

A curated list of my GitHub stars! Generated by starred

Contents

ASP

ApacheConf

Arduino

  • WHID - Available on eBay & Aliexpress / WiFi HID Injector for Fun & Profit - An USB Rubberducky / BadUSB On Steroids.

  • arduino - my arduino sketches

  • arduino - A repository of arduino scripts I've written, generally for home automation

  • Arduino-POV - Arduino Controlled POV Display

Assembly

  • malware - Проекты участников, выложенные в образовательных целях.

  • anti-analysis-tricks - Bunch of techniques potentially used by malware to detect analysis environments

  • CryptoAccel -

  • tools - security and hacking tools, exploits, proof of concepts, shellcodes, scripts

AutoIt

  • SetMace - Manipulate timestamps on NTFS

Batchfile

  • WinEnum - Toolkit to detected abnormal activities on a Windows machine.

  • ShadowBrokers - Guides, Tools, Tips and such for working with the Shadow Brokers dumps

  • ReportCompiler - A tool for importing vulnerability scanner data and then allowing you to manipulate the risks, affected hosts, and create risk ordered output.

C

  • demos - Demos of various injection techniques found in malware

  • shellcode - A collection of shellcodes

  • Unix-Privilege-Escalation-Exploits-Pack - Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.

  • SECCON2016_online_CTF - SECCON2016 online CTF for public

  • ms16-098 - Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow

  • eaphammer - Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

  • dinput-proxy-dll - complete reverse engineering of all internal structs and vtable methods

  • ShellcodeDriver - Windows driver to execute arbitrary usermode code (essentially same vulnerability as capcom.sys)

  • armadito-av - Armadito antivirus main repository

  • pyrsistence - A Python extension for managing External Memory Data Structures (EMDs)

  • injectdso - A collection of tools for injecting DSOs in processes under various operating systems

  • CDIR - CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

  • zos - RACF and z/OS tools and info

  • LiME - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.

  • windows-logical-eop-workshop -

  • write-ups-2016 - Wiki-like CTF write-ups repository, maintained by the community. 2016

  • pentestkoala - Modified dropbear server which acts as a client and allows authless login

  • Privilege-Escalation - This contains common local exploits and enumeration scripts

  • pbscan - faster and more efficient stateless syn scanner and banner grabber due to userland TCP/IP stack usage

  • avet - AntiVirus Evasion Tool

  • nsjail - A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)

  • caos - Calcium OS project for x86_64

  • lcamtuf-memfetch - Memfetch is a simple utility to dump all memory of a running process, either immediately or when a fault condition is discovered. It is an attractive alternative to the vastly inferior search capabilities of many debuggers and tracers - and a convenient way to grab "screenshots" from many types of text-based interactive utilities.

  • syringe - A General Purpose DLL & Code Injection Utility

  • sslsplit - Transparent SSL/TLS interception

  • PuttyRider - Hijack Putty sessions in order to sniff conversation and inject Linux commands.

  • pigpio - pigpio is a C library for the Raspberry which allows control of the General Purpose Input Outputs (GPIO).

  • scan-tools - Scanning tools used in the Critical.IO research project

  • MEMZ - A trojan made for Danooct1's User Made Malware Series.

  • torsocks - Library to torify application - NOTE: upstream has been moved to https://gitweb.torproject.org/torsocks.git

  • cve-2013-2094 - original cve-2013-2094 exploit and a rewritten version for educational purposes

  • nginx-1.4.0 - For the analysis of CVE-2013-2028

  • nginxpwn - Exploitation Training -- CVE-2013-2028: Nginx Stack Based Buffer Overflow

  • DriveCrypt - DriveCrypt Dcr.sys vulnerability exploit

  • poc-exp - poc or exp of android vulnerability

  • scvs - Secure Coding Validation Suite

  • WIN_JELLY - Windows GPU RAT PoC by Team Jellyfish

  • jellyfish - GPU rootkit PoC by Team Jellyfish

  • Demon - GPU keylogger PoC by Team Jellyfish

  • how2heap - A repository for learning various heap exploitation techniques.

  • JohnTheRipper - This is the official repo for the Jumbo version of John the Ripper. The "bleeding-jumbo" branch (default) is based on 1.8.0-Jumbo-1 (but we are literally thousands of commits ahead of it). This is a bug tracker, not a support forum. It's also not the place to report bugs you see in any version of Jumbo other than the LATEST, from HERE! Thanks.

  • simple-rootkit - A simple attack against gcc and Python via kernel module, with highly detailed comments.

  • metasploit-payloads - Unified repository for different Metasploit Framework payloads

  • hidemyass - a post-exploit tool that carefully clean *NIX access logs

  • binflow - This is the new ftrace (https://github.com/elfmaster/ftrace) - Much faster, better resolution but not complete yet! :)

  • Beleth - Multi-threaded SSH Password Auditor

  • winfsp - Windows File System Proxy - FUSE for Windows

  • netsniff-ng - A Swiss army knife for your daily Linux network plumbing.

  • sniffles - Sniffles: Packet Capture Generator for IDS and Regular Expression Evaluation

  • Durvasav-BfPC - Durvasav is a bruteforce password cracker (BfPC) written in C.

  • zzuf - Application fuzzer

  • Zeus - NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. I have created this repository to make the access for study as easy as possible.

  • AndroidKernelExploitationPlayground -

  • FunctionInterception - Overwrite functions in memory x86-32/64 on Linux, Mac & Windows

  • proxydroid - Global Proxy for Android

  • high-low-frequency-attack-defense-toolkits - High/Low frequency attack and defense tookits

  • linux.mirai - Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

  • keylogger-osx - Very simple keylogger for self-quantifying on Mac OS X

  • PassiveFuzzFrameworkOSX - This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.

  • elfit - ELF Infector's Toolkit

  • metasploit-loader - A client compatible with Metasploit's staging protocol

  • masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

  • pivoter - Pivoter is a proxy tool for pentesters to have easier lateral movement.

  • mimikatz - A little tool to play with Windows security

  • icmpsh - Simple reverse ICMP shell

  • post-exploitation - Post Exploitation Collection

  • sslscan - sslscan tests SSL/TLS enabled services to discover supported cipher suites

  • azazel - Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.

  • phc-winner-argon2 - The password hash Argon2, winner of PHC

  • Mermaid - Generate customized and undetectable exploits for Metasploit.

  • AFFLIBv3 - AFF is an open and extensible file format to store disk images and associated metadata.

  • 0d1n - Web security tool to make fuzzing at HTTP, Beta

  • drool - DNS Replay Tool

  • wifi_ducky - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4

  • passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

  • MemoryModule - Library to load a DLL from memory.

  • MemoryModule - Library to load a DLL from memory.

  • A-journey-into-Radare2 - A series of tutorials about radare2 framework from https://www.megabeets.net

  • DoubleAgent - Zero-Day Code Injection and Persistence Technique

  • MBE - Course materials for Modern Binary Exploitation by RPISEC

  • onion-sites-that-dont-suck - Onion Sites That Don't Suck

  • OverTheWire-website - OverTheWire website

  • Publications - A list of published research documents

  • LiveProxies - High-performance asynchronous proxy checker

  • naxsi - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX

  • pcp - Pretty Curved Privacy

  • AndroidKernelExploitationPlayground -

  • WindowsRegistryRootkit - Kernel rootkit, that lives inside the Windows registry values data

  • ThinkPwn - Lenovo ThinkPad System Management Mode arbitrary code execution 0day exploit

  • ExtractKeyMaster - Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431

  • mbedtls - An open source, portable, easy to use, readable and flexible SSL library

  • dirtycow-vdso - PoC for Dirty COW (CVE-2016-5195)

  • PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

  • How-to-Make-a-Computer-Operating-System - How to Make a Computer Operating System in C++

  • dumpdecrypted - Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.

  • shell-workshop - Materials from my Strange Loop 2014 workshop, Let's Build a Shell!

  • Mirai-Source-Code - Leaked Mirai Source Code for Research/IoC Development Purposes

  • Android_Kernel_CVE_POCs - A list of my CVE's with POCs

  • Hack-Night - Hack Night is an open weekly training session run by the ISIS lab.

  • littleblackbox - Database of private SSL/SSH keys for embedded devices

  • public-pentesting-reports - Curated list of public penetration test reports released by several consulting firms and academic security groups

  • pcileech - Direct Memory Access (DMA) Attack Software

  • iodine - Official git repo for iodine dns tunnel

  • reptyr - Reparent a running program to a new terminal

  • winafl - A fork of AFL for fuzzing Windows binaries

  • UACME - Defeating Windows User Account Control

  • research-rootkit - LibZeroEvil & the Research Rootkit project.

  • sudo - The Proof of Concept of vulnerabilities of Sudo session handling

  • fuzzgoat - A vulnerable, backdoored C program for testing fuzzers.

  • haka - Haka runtime

  • ccache - ccache - a fast compiler cache

  • radare2 - unix-like reverse engineering framework and commandline tools

  • wdpassport-utils - Code and information on how to unlock a WD My Passport drive in Linux.

  • ida-efiutils - Some scripts for IDA Pro to assist with reverse engineering EFI binaries

  • bgrep - Binary Grep

  • massdns - A high-performance DNS stub resolver for bulk lookups in C

  • parasite - Linux Runtime Process Injection Tool

  • zmap - ZMap Internet Scanner

  • netdata - Get control of your servers. Simple. Effective. Awesome. https://my-netdata.io/

  • linux - Linux kernel source tree

  • zmap - ZMap Internet Scanner

  • Exploitation - Windows Software Exploitation

  • dump1090_sdrplus - Dump1090_sdrplus is a Mode S decoder for Software Defined Radio (SDR) devices including RTL SDR, HackRF, Airspy and SDRplay.

  • 8cc - A Small C Compiler

  • HubCap - ChromeCast HubCap exploit

  • exploit-database - The official Exploit Database repository

  • stfusip - System Integrity Protection (SIP) bypass for OSX 10.11.1 - 10.11.2 - 10.11.3

  • portapack-havoc - Custom firmware for the HackRF SDR + PortaPack H1 addon

  • libdeep-python - A python interface for the libdeep deep learning library

  • libdeep - A deep learning library for C/C++

C#

  • SmashedPotato -

  • Py2ExeDecompiler -

  • CDIR-A - CDIR Analyzer - parser for data collected by CDIR Collector

  • KaniVola - Volatility GUI

  • oleviewdotnet - A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

  • Potato - Windows privilege escalation through NTLM Relay and NBNS Spoofing

  • scallion - GPU-based Onion Hash generator

  • CScriptShell - CScriptShell, a Powershell Host running within cscript.exe

  • gray_hat_csharp_code - This repository contains full code examples from the book Gray Hat C#

  • QuasarRAT - Remote Administration Tool for Windows

  • DevAudit - Open-source, cross-platform, multi-purpose security auditing tool

  • dnSpy - .NET assembly editor, decompiler, and debugger

  • KeeThief - Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.

  • PSAttack - A portable console aimed at making pentesting with PowerShell a little easier.

  • Windows-Hacks - Creative and unusual things that can be done with the Windows API.

  • lazykatz - Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.

  • PowerShell - PowerShell for every system!

  • Potato -

  • globalmousekeyhook - This library allows you to tap keyboard and mouse, detect and record their activity even when an application is inactive and runs in background.

  • netserializer - Fast(est?) .Net Serializer

  • xRAT - Remote Administration Tool for Windows

C++

  • cameradar - Cameradar hacks its way into RTSP CCTV cameras

  • ShellcodeStdio - An extensible framework for easily writing compiler optimized position independent x86 shellcode for windows platforms.

  • malware-botnets -

  • exploits -

  • TinyNuke - zeus-style banking trojan

  • VM_CrackMe_1 - Simple and old virtual machine

  • anti-import - Simple way to hide win32 import

  • UniversalInject - Windows IME-based DLL injection. Able to inject a DLL without OpenProcess or a process handle being necessary..

  • certificate-transparency - Auditing for TLS certificates.

  • keepassx - KeePassX is a cross platform port of the windows application “Keepass Password Safe”.

  • git-crypt - Transparent file encryption in git

  • AdvancedMemoryChallenges - Advanced buffer overflow and memory corruption security challenges

  • windows-exploit-development -

  • flare-wmi -

  • dnscat2 -

  • Botnet - Botnet

  • process_replacement - Run one process as another under Windows

  • homesecurity - VISTA ICM replacement: Adruino firmware for Honeywell / Ademco Vista series security panels

  • drammer - Native binary for testing Android phones for the Rowhammer bug

  • johnny - The GUI frontend to the John the Ripper password cracker

  • netview - Netview enumerates systems using WinAPI calls

  • arybo - Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions

  • apkstudio - Cross-platform Qt5 based IDE for reverse-engineering android applications.

  • slowhttptest - Application Layer DoS attack simulator

  • ansvif - A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.

  • Agafi - A gadget finder and a ROP-Chainer tool for x86 platforms

  • dllinjector - dll injection tool that implements various methods

  • rewolf-pcausa-exploit - PCAUSA Rawether for Windows Local Privilege Escalation

  • libfuzzer-workshop - Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.

  • iaito - A Qt and C++ GUI for radare2 reverse engineering framework

  • ddos-toolbox - DoS-Switchblade is a single tool that is a collection of testing tools for DoS

  • APIthet - An Application to security test RESTful web APIs.

  • androswat - tool to inspect, dump, modify, search and inject libraries into Android processes.

  • yontma - You'll never take me alive.

  • shadowd - The Shadow Daemon web application firewall server

  • I-know-where-your-page-lives - I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016

  • ricochet - Anonymous peer-to-peer instant messaging

  • PJON - Digital communication protocol and framework for IOT. Compatible with Arduino, ESP8266, Teensy and Raspberry Pi.

  • rethinkdb - The open-source database for the realtime web.

  • rgat - An instruction trace visualisation tool for dynamic program analysis

  • Autoware - Open-source software for urban autonomous driving.

  • sslsniff - A tool for automated MITM attacks on SSL connections.

  • electron - Build cross platform desktop apps with JavaScript, HTML, and CSS

  • fcd - An optimizing decompiler

  • arduino-menusystem - Arduino library for implementing a menu system

  • cocos2d-x - Cocos2d-x is a suite of open-source, cross-platform, game-development tools used by millions of developers all over the world.

CSS

CoffeeScript

  • dnschain - A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!

Eagle

  • BBB-Wifi-Radio - Internet Radio based on the Beaglebone Black platform

Emacs Lisp

Go

  • glugger - The fastest (and least featureful) DNS bruteforcer in the South

  • mkonion - A simple way to create a Tor onion service for existing Docker containers.

  • test_DHparams - test your Diffie-Hellman parameters for safe primes and right sizes

  • fzf - 🌸 A command-line fuzzy finder written in Go

  • cryptopals - Solutions to the Matasano Cryptopals challenges

  • extract-web-domains - Tool to extract domains/IP's from files

  • DBShield - Database firewall written in Go

  • tcpovericmp - TCP implementation over ICMP protocol to bypass firewalls

  • pen-utils - Trivial unixey pentest utilities

  • direnv - Unclutter your .profile

  • certspotter - Certificate Transparency Log Monitor

  • Go-SCP - Go programming language secure coding practices guide

  • alertmanager2es - Receives HTTP webhook notifications from AlertManager and inserts them into an Elasticsearch index for searching and analysis

  • frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

  • drone-burp - Parses a burp XML file into a lair project

  • autovpn - Easily connect to a VPN in a country of your choice.

  • dnsbrute - a fast domain brute tool

  • wuzz - Interactive cli tool for HTTP inspection

  • dns-reverse-proxy - DNS Reverse Proxy

  • BitBender - BitBender is a byte manipulation tool

  • HERCULES - HERCULES is a special payload generator that can bypass antivirus softwares.

  • EGESPLOIT - EGESPLOIT is a golang library for malware development

  • gobuster - Directory/file & DNS busting tool written in Go

  • cilium - Linux Native, HTTP Aware Networking and Security for Containers

  • usblockout - USBLockout monitors your user session and triggers Grsecurity Deny New USB feature.

  • oauth2_proxy - A reverse proxy that provides authentication with Google, Github or other provider

  • gotty - Share your terminal as a web application

  • find - High-precision indoor positioning framework for most wifi-enabled devices.

  • caddy - Fast, cross-platform HTTP/2 web server with automatic HTTPS

  • AuthTables - AuthTables is a microservice that helps detect "Account Take Over" caused by simple credential theft. If bad actors are stealing your users passwords, AuthTables may be useful.

  • ssh-chat - Chat over SSH.

  • cadvisor - Analyzes resource usage and performance characteristics of running containers.

  • batten - Hardening and Auditing Tool For Docker Hosts & Containers

  • habitus - A Build Flow Tool for Docker

  • seekret - Go library and command line to seek for secrets on various sources.

  • onionscan - OnionScan is a free and open source tool for investigating the Dark Web.

  • vuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go

Groff

HTML

Hack

  • fbctf - Platform to host Capture the Flag competitions

Java

  • Airachnid-Burp-Extension - A Burp Extension to test applications for vulnerability to the Web Cache Deception attack

  • UltimateAndroidReference - 🚀 Ultimate Android Reference - Your Road to Become a Better Android Developer

  • Twitter-Follow-Exploit - Automated Twitter mass account creation and follow using Selenium and Tor VPN

  • jakstab - The Jakstab static analysis platform for binaries

  • challenges - Some of the challenges I wrote

  • AndroRW - PoC Ransomware for android

  • Luyten - An Open Source Java Decompiler Gui for Procyon

  • burplist -

  • burp-suite-error-message-checks - Burp Suite extension to passively scan for applications revealing server error messages

  • wifi-bruteforcer-fsecurify - Android application to brute force WiFi passwords without requiring a rooted device.

  • jpexs-decompiler - JPEXS Free Flash Decompiler

  • android-crackme-challenge - A collection of reverse engineering challenges for learning about the Android operating system and mobile security.

  • diva-android - DIVA Android - Damn Insecure and vulnerable App for Android

  • SecurityShepherd - Web and mobile application security training platform

  • rootbeer - Simple to use root checking Android library and sample app

  • binnavi - BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

  • OWASP-WebScarab - OWASP WebScarab

  • jsql-injection - jSQL Injection is a Java application for automatic SQL database injection.

  • Burp-Non-HTTP-Extension - Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.

  • DexHook - DexHook is a xposed module for capturing dynamically loaded dex files.

  • bifuz - Broadcast Intent FUZzing Framework for Android

  • WS-Attacker - WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (http://nds.rub.de/ ) and the Hackmanit GmbH (http://hackmanit.de/).

  • swurg - Parses Swagger files into the BurpSuite for automating RESTful API testing – approved by Burp for inclusion in their official BApp Store.

  • drozer-agent - The Android Agent for the Mercury Security Assessment Framework.

  • PortAuthority - A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.

  • graylog-plugin-threatintel - Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

  • MoneyX - MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.

  • Android-SSL-TrustKiller - Bypass SSL certificate pinning for most applications

  • flip-tables - Because pretty-printing text tables in Java should be easy.

  • zaproxy - The OWASP ZAP core project

  • burpdeveltraining - Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

  • Burp-Extensions - Central Repo for Burp extensions

  • jmxploit - A tool to analyse JMX API security level.

  • wycheproof - Project Wycheproof tests crypto libraries against known attacks.

  • TLS-Attacker - TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is developed by the Ruhr University Bochum (http://nds.rub.de/) and the Hackmanit GmbH (http://hackmanit.de/).

  • waffle - Enable drop-in Windows Single Sign On for popular Java web servers.

  • openhab1-addons - Add-ons for openHAB 1.x

  • Halcyon - First IDE for Nmap Script (NSE) Development.

  • cerealbox - Arduino-based network monitor

  • apkinspector - APKinspector is a powerful GUI tool for analysts to analyze the Android applications.

  • find-sec-bugs - The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Scala projects)

  • android-scripts - Collection of Android reverse engineering scripts

  • JAADAS - Joint Advanced Defect assEsment for android applications

  • afwall - AFWall+ (Android Firewall +) - iptables based firewall for Android

  • cortana-scripts - A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.

  • DeepLearning - Deep Learning (Python, C, C++, Java, Scala, Go)

JavaScript

  • pwgen-for-bios - Password generator for BIOS

  • AllTheThings - Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.

  • prepack - Prepack is a partial evaluator for JavaScript. Prepack rewrites a JavaScript bundle, resulting in JavaScript code that executes more efficiently.

  • HackVault - A container repository for my defensive/offensive hacks!

  • nothing-private - Using private browsing or icongito, Do you think you are safe?. 😄 👿 This will prove you, you're wrong.

  • Minions - Collaborative Distributed Scanning Application (Uses modified DNmap on backend)

  • Mocky - Generate custom HTTP responses, the simpler way to test your Web Services

  • APT_CyberCriminal_Campagin_Collections -

  • Shellcode-Via-HTA - How To Execute Shellcode via HTA

  • Splunk-Web-Shell - Splunk Web Shell

  • splunk_app_sec_orchestration - Splunk App for Security Orchestration

  • Cryptii - Web application where you can convert, encode and decode content between different format systems

  • bettertls - BetterTLS: A Name Constraints test suite for HTTPS clients.

  • tcp-over-websockets - Tunnel TCP through WebSockets.

  • VSVBP - Black box tool for Vulnerability detection in web applications

  • noVNC - VNC client using HTML5 (Web Sockets, Canvas) with encryption (wss://) support.

  • https-everywhere - A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections.

  • privacybadger - Privacy Badger - Block third party tracking in your browser! By EFF

  • community-scripts - A collection of ZAP scripts provided by the community - pull requests very welcome!

  • keeweb - Free cross-platform password manager compatible with KeePass

  • docker-intro - Presentation: Intro to Docker

  • evercookie - evercookie is a javascript API that produces extremely persistent, respawning cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies (LSOs), HTML5 storage, SilverLight storage, and others.

  • CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

  • goof - Super vulnerable todo list application

  • ShadowBuster -

  • gdbgui - A modern, browser-based frontend to gdb (gnu debugger). Add breakpoints, view stack traces, and more in C, C++, Go, and Rust. Simply run gdbgui from the terminal and a new tab will open in your browser.

  • RegEx-DoS - 👮 👊 RegEx Denial of Service (ReDos) Scanner

  • box-js - A tool for studying JavaScript malware.

  • beef - The Browser Exploitation Framework Project

  • AtEar - Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration

  • appmon - Documentation:

  • evilredis - Script for doing evil stuff to Redis servers (for education purposes only).

  • juice-shop - OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.

  • faraday - Collaborative Penetration Test and Vulnerability Management Platform

  • intrigue-core - Discover your attack surface!

  • king-phisher-templates - Templates for the King Phisher open source phishing campaign toolkit.

  • ttystudio - A terminal-to-gif recorder minus the headaches.

  • CTOSecurityChecklist - The SaaS CTO Security Checklist

  • mermaid - Generation of diagram and flowchart from text in a similar manner as markdown

  • How-to-Understand-Sockets-Using-IoT - 🙉 A repo to show how to use Sockets with IoT devices

  • raneto-docker - Docker container for Markdown based Raneto Knowledgebase

  • accelerating-your-security-learning-in-2017-null-Bangalore-Jan2017 - A talk+workshop on Accelerating Your Security Learning in 2017 given at null Bangalore 2017

  • xssHunterExtension - Chrome Extension for XSS Hunter Payloads

  • diff-gui - GUI for Frida -Scripts

  • standard-readme - Standard Readme Style

  • 52-technologies-in-2016 - Let's learn a new technology every week. A new technology blog every Sunday in 2016.

  • messenger-bot-witai-tutorial - Jack up your chat bot using Wit.ai in 30 minutes!

  • meanstacktutorial - MEAN Stack RESTful API Tutorial - Contact List App

  • serverless-iot-analytics - Serverless processing of sensor data using AWS IoT, Amazon Kinesis and AWS Lambda to display the result graphically on a static web page.

  • poisontap - Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.

  • AlgorithmVisualizer - Algorithm Visualizer

  • kitematic - Visual Docker Container Management on Mac & Windows

  • hacker-scripts - Based on a true story

  • vagrant-manager - Vagrant Manager is an electron, status bar menu app that lets you manage all of your vagrant machines from one central location.

  • contained.af - A stupid game for learning about containers, capabilities, and syscalls.

  • patchwork - A decentralized messaging and sharing app built on top of Secure Scuttlebutt (SSB).

  • linx-server - Self-hosted file/code/media sharing website

  • js-stack-from-scratch - 🛠️⚡ Step-by-step tutorial to build a modern JavaScript stack.

  • serverless-stories-lambda - Serverless app built with AWS Lambda

  • webpack-howto -

  • OSINT-Framework - OSINT Framework

  • vagrant-lists.github.io - Listing eco-system around Vagrant

  • mean - MEAN (Mongo, Express, Angular, Node) - A Simple, Scalable and Easy starting point for full stack javascript web development - utilizing many of the best practices we've found on the way

  • ubercookie - Browser Fingerprinting via getClientRects and AudioContext

  • wordpress-automation - Automate development of WordPress projects.

  • docker-swarm-visualizer - A visualizer for Docker Swarm Mode using the Docker Remote API, Node.JS, and D3

  • asciinema2gif - Generate animated GIFs from asciinema terminal recordings

  • pewpew - ⭐ ⭐ ⭐ Build your own IP Attack Maps with SOUND!

  • xss-keylogger - A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only

  • raptor - Web-based Source Code Vulnerability Scanner

  • scans - AWS security scanning checks

  • mapster - Live events map as a Kibana plugin

  • datacenter-sensor - Sensors for the datacenter to protect against intruders and high temperatures

  • sleepy-puppy - Sleepy Puppy XSS Payload Management Framework

  • vsaq - VSAQ is an interactive questionnaire application to assess the security programs of third parties.

  • OS.js - JavaScript Cloud/Web Desktop Platform

  • tips - Most commonly used git tips and tricks.

  • xsshunter - The XSS Hunter service - a portable version of XSSHunter.com

  • GAEStarterKit - Google App Engine Starter Kit

  • awesome-selfhosted - This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.

  • resume.github.com - Resumes generated using the GitHub informations

  • manual_verification - Most of the times during pentest / vulnerability assessment you need to verify a finding before marking it as confirmed or false positive. This repository will try to put in sample code snippets / command's that can be used to perform that.

  • awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares

  • Java - Java related code

  • wp-calypso - The new JavaScript- and API-powered WordPress.com

  • node-mysql2 - ⚡ fast node-mysql compatible mysql driver for node.js

  • nodejs-mysql-native - Native mysql async client for node.js

  • particle-cli - Command Line Interface for Particle Cloud and devices

  • Web - HTML, CSS, Javascript, jQuery...etc

  • jsascii - JavaScript Image ASCIIfier

  • ascii-camera - Real-time ASCII representation of your webcam video stream

Jupyter Notebook

  • 100days - 100 days of algorithms

  • BroThon - Bro + Python = BroThon! Processing and analysis of Bro IDS data with Python.

  • caffe2 - Caffe2 is a lightweight, modular, and scalable deep learning framework.

Lua

Makefile

Objective-C

  • FLEX - An in-app debugging and exploration tool for iOS

  • LinkLiar - 🔗 Link-Layer MAC spoofing GUI for macOS

Others

PHP

  • WebShells - An list of webshell vulnerability injection.

  • commix-testbed - A collection of web pages, vulnerable to command injection flaws.

  • password_lock - Wraps Bcrypt-SHA2 in Authenticated Encryption

  • crackingwebctfs - Repo of files and setup from the free session conducted on Cracking Web CTFs on 15th April 2017 Bangalore.

  • writeups - Coleção de writeups

  • SocialHacking - NYU ITP Spring 2016

  • nosqlilab - A lab for playing with NoSQL Injection

  • collection - this includes useful or interesting things....

  • sqli-labs - SQLI labs to test error based, Blind boolean based, Time based.

  • rips - RIPS - A static source code analyser for vulnerabilities in PHP scripts

  • FiercePhish - FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

  • PHP-backdoors - A collection of PHP backdoors. For educational or testing purposes only.

  • webshell - This is a webshell open source project

  • php-exploit-scripts - A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.

  • webshellSample - webshell sample for WebShell Log Analysis

  • WebShell - WebShell Collect

  • php-webshells - Common php webshells. Do not host the file(s) on your server!

  • LDAP-credentials-collector-backdoor-generator - This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.

  • Scanners-Box - [Project-Kob-6]The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合集👻

  • php-security-pitfalls - Code repository for Tutsplus course PHP Security Pitfalls

  • IntruderPayloads - A collection of Burpsuite Intruder payloads, fuzz lists and file uploads

  • fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

  • sqlite-lab - This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/

  • Sn1per - Automated Pentest Recon Scanner

  • adfind - Admin Panel Finder

  • WackoPicko - WackoPicko is a vulnerable web application used to test web application vulnerability scanners.

  • xvwa - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

  • Local-file-disclosure-SQL-Injection-Lab - This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at https://twitter.com/IndiShell1046 :)

  • http-basics-docker -

  • Security - Repository of my Computer and Information Security work.

  • HackTheVote - Handouts, setup scripts, sources, and solutions for challenges from Hack The Vote

  • VulApps - 快速搭建各种漏洞环境(Various vulnerability environment)

  • proxycheck_script - Proxy checking script

  • simplexssapp -

  • SecLists - SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

  • PHP-v8js-CloudFlare-bypass - A CloudFlare bypass that makes use of the v8 javascript engine for PHP

  • awesome-appsec - A curated list of resources for learning about application security

  • dvws - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

  • phpservermon - PHP Server Monitor

  • PlugBot-Plug - The "bot" component of the PlugBot project

  • PlugBot-C2C - This is the Command & Control component of the PlugBot project

  • wifidog-auth - Repository for the PHP wifidog captive portal auth server

  • masscan-web-ui - MASSCAN Web UI

PLpgSQL

  • cgasm - We're insanely passionate about command line asm documentation in the cloud, and we're crushing it!

Pascal

  • sandcat - An open-source, pentest and developer-oriented web browser, using the power of Lua

  • Remote-Access-Trojan - Windows Remote-Access-Trojan

Perl

  • lpe-arsenal - Local privilege escalation scripts and tools

  • AutomatedProfiler - Automated forensics written in PowerShell

  • dotfiles - My dotfiles. Buyer beware ;)

  • abarisani.github.io -

  • freeaudit - Packaging audit toolkit using vulners.com vulnerability database

  • EQGRP - Decrypted content of eqgrp-auction-file.tar.xz

  • O-Saft - O-Saft - OWASP SSL advanced forensic tool

  • twittermon - Twitter keywords monitoring tool

  • pastemon - pastebin.com Content Monitoring Tool

  • enum4linux - A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.

  • ssl-cipher-suite-enum - PERL script to enumerate supported SSL cipher suites supported by network services (principally HTTPS).

  • nikto - Nikto web server scanner

  • Linux_Exploit_Suggester - Linux Exploit Suggester; based on operating system release number

  • ATSCAN - Advanced Search & Dork Mass Exploit - فاحص متقدم لبحث و استغلال الثغرات بالجملة

  • rdp-sec-check - PERL script to enumerate security settings of an RDP Service (AKA Terminal Services)

  • dvcs-ripper - Rip web accessible (distributed) version control systems: SVN/GIT/HG...

  • shellcoder - Create shellcode from executable or assembly code

  • joomscan - OWASP Joomla Vulnerability Scanner Project

  • pentest-tools - Penetration testing scripts

  • exploit -

  • owasp-modsecurity-crs - OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)

Perl6

PowerShell

  • PowEnum - Executes common PowerSploit Powerview functionaility then combines output into a spreadsheet.

  • RedTeamPowershellScripts - Powershell script that search through the Windows event logs for specific user

  • Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator & Obfuscator

  • Discovery - Discovery is a powerful PowerShell module that lets you probe the inner depths of the operating system.

  • application-restriction-bypasses - A set of compiled application restriction bypasses

  • ElevateKit - The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

  • LyncSniper - LyncSniper: A tool for penetration testing Skype for Business and Lync deployments

  • PSKernel-Primitives - Exploit primitives for PowerShell

  • PoshC2 - Powershell C2 Server and Implants

  • WMImplant - This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.

  • HackSysTeam-PSKernelPwn -

  • Invoke-Obfuscation - PowerShell Obfuscator

  • Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

  • PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework

  • PIC_Bindshell - Position Independent Windows Shellcode Written in C

  • nishang - Nishang - PowerShell for penetration testing and offensive security.

  • NetRipper - NetRipper - Smart traffic sniffing for penetration testers

  • PowerTools - PowerTools is a collection of PowerShell projects with a focus on offensive operations.

  • Veil-Pillage - Veil-Pillage is a post-exploitation framework that integrates with Veil-Evasion.

  • SessionGopher-Arvanaghi - SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

  • SessionGopher - SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

  • redsnarf - RedSnarf is a pen-testing / red-teaming tool for Windows environments

  • PowerMeta - PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.

  • luckystrike - A PowerShell based utility for the creation of malicious Office macro documents.

  • Empire - Empire is a PowerShell and Python post-exploitation agent.

  • HostRecon - This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.

  • MakeWindows10GreatAgain - Tweaks to make Windows 10 less annoying and more usable

  • PowerMemory - Exploit the credentials present in files and memory

  • bashbunny-payloads - Payloads for the Hak5 Bash Bunny

  • BrowserGather - Fileless web browser information extraction

  • PowerUpSQL - PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

  • BloodHound - Six Degrees of Domain Admin

  • DefCon24 - DefCon24

  • mimikittenz - A post-exploitation powershell tool for extracting juicy info from memory.

  • fathomless - A collection of different programs for network red teaming.

  • PowerCat - A PowerShell TCP/IP swiss army knife.

Puppet

  • pentesting-playground - Code for installing various security minded tools onto Vagrant powered virtual machines

Python

  • LinkedinSpider - Linkedin爬虫,根据公司名字抓取员工的linkedin信息

  • IDS-Evasion - Evading Snort Intrusion Detection System.

  • malwaresearch - A command line tool to find malwares on http://openmalware.org

  • VolDiff - VolDiff: Malware Memory Footprint Analysis based on Volatility

  • pykek - Kerberos Exploitation Kit

  • freedomfighting - A collection of scripts which may come in handy during your freedom fighting activities.

  • penetration - this is some pentest script based on python, just simple but useful, maybe it can help you do something else. just have a try

  • jackhammer - Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

  • WindowsExploits - Windows exploits, mostly precompiled.

  • PyBozoCrack - A silly & effective MD5 cracker in Python

  • msf-remote-console - A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2.

  • Forensic-Tools - A collection of tools for forensic analysis

  • nsshell - A DNS connectback shell executed by strings in payloads.txt

  • freshonions-torscraper - Fresh Onions is an open source TOR spider / hidden service onion crawler hosted at zlal32teyptf4tvi.onion

  • pwnbin - Python Pastebin Webcrawler that returns list of public pastebins containing keywords

  • EmailHarvester - Email addresses harvester

  • inshack-2017 - Challenges for INShAck

  • pyekaboo - A proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable

  • python-sdk - Python library to use Koodous

  • RouterExploitScan - RouterExploit

  • CTF-Tools - Attack-Defend CTF Tools

  • spiderfoot - SpiderFoot, the open source footprinting and intelligence-gathering tool.

  • WhatsMyName - This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects.

  • CheckMyUsername - Python Library for Social Media and Other Service Username Availability Checker

  • Belati - The Traditional Swiss Army Knife for OSINT

  • python-security-bootcamp - Python Security Bootcamp aims at helping people with solving,automating challenges in security using python.

  • Mimir - OSINT Threat Intel Interface

  • lterm - lterm is a small script built to install a bash hook for full terminal logging.

  • Infoga - Infoga - Email Information Gathering

  • Some-PoC-oR-ExP - 各种漏洞poc、Exp的收集或编写

  • pyvulhunter - python audit tool 审计 注入 inject

  • bropy - Basic Anomaly IDS capabilities with Python and Bro

  • AIL-framework - AIL framework - Analysis Information Leak framework

  • jwtcat - JSON Web Token (JWT) cracker.

  • ipwhois - Retrieve and parse whois data for IPv4 and IPv6 addresses

  • Nettacker - Automated Penetration Testing Framework

  • DSSS - Damn Small SQLi Scanner

  • sploitego - Maltego Penetration Testing Transforms

  • awesome-hacking - Awesome hacking is an awesome collection of hacking tools.

  • scripts - Scripts

  • splunk_shells - Weaponizing Splunk with reverse and bind shells.

  • malicious_file_maker - malicious file maker/sender to create and send malicious attachments to test your email filter/alerting

  • TC2017 - Anti-Honeypot Demo

  • manticore - Dynamic binary analysis tool

  • WPSeku - Simple Wordpress Security Scanner

  • ctf - Ctf solutions from p4 team

  • intel_collection_tools -

  • FindFrontableDomains - Search for potential frontable domains

  • usb-device-fuzzing - Some tools for testing USB devices

  • CTF-Write-ups -

  • fuzzbunch_wrapper - Fuzzbunch Python-Wine wrapper

  • analyst-scripts - Scripts to analyze stuff

  • hacking-tools - tools which can be used by forensics experts and ethical hackers

  • system-design-primer - Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

  • WMI_Forensics -

  • iker - IPSec testing tool

  • passive-dns-atlas - Passive DNS collection (and statistics) from RIPE Atlas Sensors

  • scripts - Scripts that I've written that others may find useful

  • WebAppSec - Web Application Security

  • expdevBadChars - Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.

  • write-ups - 📘 Writeups for different CTF challenges

  • BurpSmartBuster - A Burp Suite content discovery plugin that add the smart into the Buster!

  • shootback - a reverse TCP tunnel let you access target behind NAT or firewall

  • domain-scan - A standard pipeline for running open source scanning tools on domains to measure things like speed, accessibiity, and HTTPS.

  • DFIRbus - DFIR automation tool based on REbus

  • CTF-Tools - My Personal Library for CTF's

  • useful-scripts -

  • Smbtouch-Scanner - Automatically scan the inner network to detect whether they are vulnerable.

  • tap - The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.

  • ctf101-systems-2016 - ctf101 systems security repository

  • linux-exploitation-course - A Course on Intermediate Level Linux Exploitation

  • pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

  • cinnapwn - CDDC Exploitation Framework

  • grapevine - Fuzzer for the Mac Kernel

  • post_pre - An example of smart assembly

  • ip2geo - Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses

  • burp-cph - Custom Parameter Handler extension for Burp Suite.

  • focuson - A tool to surface security issues in python code

  • SLARF - SQLite Artifact Recovery Framework (SLARF)

  • EvtxParser - Various Python scripts to parse Windows Evtx log files

  • EmbeddedForensics - Misc. Python scripts for conducting Embedded Forensics

  • RegHexDump - Registry Hex Dump

  • GitPass - Open Source Your Password (Mismanagement)!

  • CVE-2017-0199 - Exploit toolkit CVE-2017-0199 - v3.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious (Obfuscated) RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

  • libheap - python library to examine ptmalloc (the glibc userland heap implementation)

  • java_deserialization_exploits - A collection of Java Deserialization Exploits

  • BeRoot - Windows Privilege Escalation Tool

  • vault-tendril - A tool to manipulate secrets using Hashicorp's vault

  • compileShellCode -

  • ShodanHat - search for hosts info with shodan

  • exefilter - ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats and can remove active content (scripts, macros, etc) according to a configurable policy.

  • balbuzard - Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.

  • algorithms - Minimal examples of data structures and algorithms in Python

  • mass_triage_tools - Mass Triage Tools

  • nsrlfilter - Startup script for handling multiple whitelists/blacklists for nsrllookup daemons

  • CIS-ESP - The Center for Internet Security Enumeration and Scanning Program

  • metastamp - Extract metadata from files in directory

  • misc - Miscellaneous repository of scripts and tools

  • FalconGate - A smart gateway to stop hackers and Malware attacks

  • OpenDoor - OWASP WEB Directory Scanner

  • Needl - Take back your privacy. Lose yourself in the haystack.

  • the-endorser - LinkedIn OSINT tool to pluck out relationships between people via endorsements

  • blackmamba - Blackmamba is a new concurrent networking library for Python. Blackmamba was built from the ground up leveraging the power of epoll and coroutines.

  • pyshark - Python wrapper for tshark, allowing python packet parsing using wireshark dissectors

  • TTSL - Tool to scrape LinkedIn

  • OWASP-ZSC - OWASP ZSC - Shellcode/Obfuscate Code Generator

  • nmap-converter - Python script for converting nmap reports into XLS

  • opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.

  • mando.me - Web Command Injection Tool

  • powerstager - A payload stager using PowerShell

  • subuser - Run programs on linux with selectively restricted permissions.

  • games -

  • myWriteUps -

  • ctfs - Write ups

  • pwntools-write-ups - A colleciton of CTF write-ups all using pwntools

  • demos - Prototype Demo Code

  • doublepulsar-detection-script - A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

  • scripts - Random scripts

  • fuzzbunch - NSA finest tool

  • black.box - Plug-and-Play VPN router and unblocker

  • APK - apk: a wrapper over various commands used for Android APK manipulation

  • LiMEaide - A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host.

  • Python-Hash-Cracker - Extremely Fast Python Hash Cracker.

  • shadowbrokers-exploits - Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

  • EQGRP_Lost_in_Translation - Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

  • python-for-pentesters-webinar - Example Material for SecureState's 2016 Python for Pentesters Webinar

  • Insanity-Framework - Generate Payloads and Control Remote Machines. [Discontinued]

  • PoC - Various PoCs

  • pyrasite - Inject code into running Python processes

  • PloitKit - The Hacker's ToolBox

  • waybackpack - Download the entire Wayback Machine archive for a given URL.

  • clusterd - application server attack toolkit

  • shadowbroker - The Shadow Brokers "Lost In Translation" leak

  • WHP - Micro$oft Windows Hacking Pack

  • giant_backdoor - Windows login backdoor diagnostic tool

  • apiscout -

  • idastuff - IDA Pro/Hexrays plugins

  • miasm - Reverse engineering framework in Python

  • shellnoob - A shellcode writing toolkit

  • python-paddingoracle - A portable, padding oracle exploit API

  • virustotal - VirusTotal tools

  • dragon - Dragon Sandbox

  • viper - Binary analysis and management framework

  • detekt - Malware triaging tool

  • pentest-wiki - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

  • tools - 7E Tools

  • emailSpam - An email spam bot written in Python, to send emails to specified addresses. Use with caution.

  • tweets_analyzer - Tweets metadata scraper & activity analyzer

  • hakkuframework - Hakku Framework penetration testing

  • sipvicious - SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems.

  • security-scripts - A collection of public offensive and defensive security related scripts for InfoSec students.

  • Garfield - An offensive attack framework for Distributed Layer of Modern Applications

  • zapy - Run Zed Attack Proxy from command-line

  • grr - GRR Rapid Response: remote live forensics for incident response

  • kickthemout - 💤 Kick devices off your network by performing an ARP Spoof attack.

  • macOS-Security-and-Privacy-Guide - A practical guide to securing macOS.

  • XSSight - It is script that can scan for XSS vulnerabilites and inject payloads. Visit our website for awesome hacking tutorials http://teamultimate.in/

  • gef - Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

  • CarHackerBookCode - A small repository of code and snippets for the Car Hacker's Manual

  • python-scraping - Code samples from the book Web Scraping with Python http://shop.oreilly.com/product/0636920034391.do

  • netscreen-shodan-scanner - A SHODAN/Censys + Paramiko scanner to check for backdoored Internet-facing Juniper ScreenOS devices

  • garfield - Wannabe distributed system scanner

  • reversemap - Analyse SQL injection attempts in web server logs

  • mac4n6 - Collection of forensics artifacs location for Mac OS X and iOS

  • AndroBugs_Framework - AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.

  • httpscreenshot -

  • pefile - pefile is a Python module to read and work with PE (Portable Executable) files

  • netattack - Python script to scan and attack wireless networks

  • punter - Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, Shodan, Crimeflare

  • Vproxy - Forward HTTP/S Traffic To Proxy Instance

  • evilginx - Man-in-the-middle attack framework used for phishing credentials and session cookies of any web service.

  • umap2 - Umap2 is the second revision of NCC Group's python based USB host security assessment tool.

  • Hodor - Hodor! Fuzzer..

  • ssh_user_enum - SSH User Enumeration Script in Python Using The Timing Attack

  • shocker - A tool to find and exploit servers vulnerable to Shellshock

  • python-libnmap - libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.6 up to 3.4. It's wonderful.

  • fuzzyftp - The FTP fuzzer for Sulley and Peach.

  • burp2sulley - Converts burp's sitemap to sulley's fuzzing script

  • peach - Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.

  • Pentesting-with-Python - Various penetration testing tools written in Python. Based mostly on ideas and implementations presented in 'Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers' by TJ O'Connor and 'Black Hat Python' by Justin Seitz.

  • isp-data-pollution - ISP Data Pollution to Protect Private Browsing History with Obfuscation

  • osint_public -

  • python_lnk_maker - Make Windows LNK file with python (pylnk)

  • yosai - A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail

  • awesome-honeypots - an awesome list of honeypot resources

  • struts2_045_scan - Struts2-045 Scanner

  • sovereign - A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.

  • WordSteal - This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.

  • osintstalker - osintstalker

  • pyforensics - Collection of single use scripts I worte for windows forensics

  • dnsrecon - DNS Enumeration Script

  • WPForce - Wordpress Attack Suite

  • interactive-coding-challenges - Huge update! Interactive Python coding interview challenges (algorithms and data structures). Includes Anki flashcards.

  • ds_store_exp - A .DS_Store file disclosure exploit. It parse .DS_Store file and download files recursively.

  • mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers

  • wfuzz - Web application fuzzer

  • bitdump - A tool to extract database data from a blind SQL injection vulnerability.

  • birp - Big Iron Recon & Pwnage

  • binwally - Binary and Directory tree comparison tool using Fuzzy Hashing

  • BDFProxy - Patch Binaries via MITM: BackdoorFactory + mitmProxy.

  • BBScan - A tiny Batch weB vulnerability Scanner

  • bbqsql - SQL Injection Exploitation Tool

  • BAMF - Botnet Analysis Modular Framework

  • backHack - backHack, a tool to perform Android app analysis by backing up and extracting apps, allowing you to analyze and modify file system contents for apps.

  • backfuzz - protocol fuzzing toolkit

  • backdoorme - powerful auto-backdooring utility

  • backcookie - Small backdoor using cookie.

  • metame - metame is a metamorphic code engine for arbitrary executables

  • PenBox - PenBox - A Penetration Testing Framework - The Tool With All The Tools , The Hacker's Repo

  • scapy-fakeap - Fake wireless Access Point (AP) implementation using Python and Scapy, intended for convenient testing of 802.11 protocols and implementations.

  • king-phisher - Phishing Campaign Toolkit

  • Matroschka - Python steganography tool to hide images or text in images

  • RecuperaBit - A tool for forensic file system reconstruction.

  • Fireaway - Next Generation Firewall Audit and Bypass Tool

  • dockerscan - Docker security analysis & hacking tools

  • Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

  • smod - MODBUS Penetration Testing Framework

  • choronzon - An evolutionary knowledge-based fuzzer

  • BruteXSS - BruteXSS - Cross-Site Scripting Bruteforcer

  • kerberom - Kerberom is a tool aimed to retrieve ARC4-HMAC'ed encrypted Tickets Granting Service (TGS) of accounts having a Service Principal Name (SPN) within an Active Directory

  • sulley - A pure-python fully automated and unattended fuzzing framework.

  • pshtt - Scan domains and return data based on HTTPS best practices

  • LHF - A modular recon tool for pentesting

  • sslyze - Fast and powerful SSL/TLS server scanning library.

  • wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

  • EmPyre - A post-exploitation OS X/Linux agent written in Python 2.7

  • ViperMonkey - A VBA parser and emulation engine to analyze malicious macros.

  • Clickjacking-Tester - A python script designed to check if the website if vulnerable of clickjacking and create a poc

  • AdflyUrlGrabber - A python script designed to grab the original url from an adfly url without opening it :D

  • AirCracker - Basic python script for detect airdroid users in lan

  • Dr0p1t-Framework - A framework that creates a dropper that bypass most AVs, some sandboxes and have some tricks ;)

  • Saddam - DDoS Amplification Tool

  • DPAT - Domain Password Audit Tool for Pentesters

  • theZoo - A repository of LIVE malwares for your own joy and pleasure

  • MFFA - Media Fuzzing Framework for Android

  • Malfunction - Malware Analysis Tool using Function Level Fuzzy Hashing

  • LL-Fuzzer - An automated NFC fuzzing framework for Android devices.

  • AndroFuzz - A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process

  • Just-Metadata - Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.

  • utimaco - Tools for reverse engineering the Utimaco Firmware

  • shannonRE - Helpful scripts for various tasks performed during reverse engineering the Shannon Baseband with the goal to exploit the Samsung Galaxy S6

  • maltrieve - A tool to retrieve malware directly from the source for security researchers.

  • mehrai - docker based telnet honeypot

  • headerget - Get version headers from a list of websites

  • BlackHatPython - Black Hat Python Labs

  • Jetleak-Testing-Script - Script to test if a server is vulnerable to the JetLeak vulnerability

  • dnscan -

  • dumpmon - Information Dump Monitor

  • Security-Tools - General Security Tools Developed by AppSec Consulting

  • Pentest-Tools - Penetration Testing Tools Developed by AppSec Consulting.

  • truffleHog - Searches through git repositories for high entropy strings, digging deep into commit history

  • AutoBrowser - AutoBrowser Screenshot

  • gateway-finder - Tool to identify routers on the local LAN and paths to the Internet

  • sparta - Network Infrastructure Penetration Testing Tool

  • sqlmap - Automatic SQL injection and database takeover tool

  • egressbuster - Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.

  • hash_parser - This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want to see if any of the credentials work on another domain or other systems.

  • meterssh - MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned (meterpeter in this case) by the shellcode over SSH back to the attackers machine. Then connecting with meterpreter's listener to localhost will communicate through the SSH proxy, to the victim through the SSH tunnel. All communications are relayed through the SSH tunnel and not through the network.

  • unicorn - Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

  • crowbar - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

  • zarp - Network Attack Tool

  • keimpx - Check for valid credentials across a network over SMB

  • SNMP-Brute - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.

  • smbmap - SMBMap is a handy SMB enumeration tool

  • snitch - information gathering via dorks

  • subbrute - A DNS meta-query spider that enumerates DNS records, and subdomains.

  • Veil-Catapult - Veil Catapult is no longer supported

  • Veil-Evasion - Veil Evasion is no longer supported, use Veil 3.0!

  • sparty - Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]

  • MITMf - Framework for Man-In-The-Middle attacks

  • net-creds - Sniffs sensitive data from interface or pcap

  • Scripts - Useful Scripts

  • wifijammer - Continuously jam all wifi clients/routers

  • CMSmap -

  • WPA2-HalfHandshake-Crack - This is a POC to show it is possible to capture enough of a handshake with a user from a fake AP to crack a WPA2 network without knowing the passphrase of the actual AP.

  • nsearch - minimal script to help find script into the nse database

  • WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack

  • ptf - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

  • golismero - GoLismero - The Web Knife

  • autopwn - Specify targets and run sets of tools against them

  • scripts - Scripts created by MRG Effitas

  • ARTLAS - Apache Real Time Logs Analyzer System

  • ARPwner -

  • arpstraw - Arp spoof detection tool

  • ARMSCGen - ARM Shellcode Generator

  • apt2 - automated penetration toolkit

  • APKiD - Android Application Identifier for Packers, Protectors, Obfuscators and Oddities

  • API-dnsdumpster.com - (Unofficial) Python API for https://dnsdumpster.com/

  • AntiRansom - Fighting against ransomware using honeypots

  • angrop -

  • angr - The next-generation binary analysis platform from UC Santa Barbara's Seclab!

  • androwarn - Yet another static code analyzer for malicious Android applications

  • AndroidPINCrack - Bruteforce the Android Passcode given the hash and salt.

  • androguard - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

  • amoco - yet another tool for analysing binaries

  • albatar - Albatar is a SQLi exploitation framework in Python

  • http-request-translator - HTTP Request Translator (hrt) translates raw HTTP requests to different scripts (bash, python, etc.)

  • nozzlr - Nozzlr is a bruteforce framework, trully modular and script-friendly

  • nullinux - SMB null session identification and enumeration tool

  • ptp - Pentester's Tools Parser (PTP) provides an unified way to retrieve the information from all (final goal) automated pentesting tools and assign an automated ranking for each finding.

  • infosec -

  • dnsbrute - DNS Sub-domain brute forcer, in Python + gevent

  • pydictor - A useful hacker dictionary builder for a brute-force attack

  • security-tools - Collection of small security tools created mostly in Python. CTFs, pentests and so on

  • CyberCrowl - CyberCrowl is a python Web path scanner tool

  • zap-cli - A simple tool for interacting with OWASP ZAP from the commandline.

  • FileSensor - Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

  • drozer-modules -

  • killchain - A unified console to perform the "kill chain" stages of attacks

  • web2attack - Web hacking framework with tools, exploits by python

  • cansina - Web Content Discovery Tool

  • RSPET - RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

  • exploitpack - Exploit Pack - Open Source GPLv3 Project

  • V3n0M-Scanner - Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

  • dirsearch - Web path scanner

  • mongoaudit - 🔥 A powerful MongoDB auditing and pentesting tool 🔥

  • mitmAP - 📡 A python program to create a fake AP and sniff data.

  • drozer - The Leading Security Assessment Framework for Android.

  • CrackMapExec - A swiss army knife for pentesting networks

  • jawfish - Tool for breaking into web applications.

  • NodeJsScan - NodeJsScan is a static security code scanner for Node.js applications.

  • aggroArgs - Bruteforce commandline buffer overflows and automated exploit generation, linux, aggressive arguments

  • ad-ldap-enum - An LDAP based Active Directory user and group enumeration tool

  • abcd - ActionScript ByteCode Disassembler

  • a2sv - Auto Scanning to SSL Vulnerability

  • AutOSINT - Tool to automate common OSINT tasks

  • wpsik - WPS scan and pwn tool

  • dtf - Android Device Testing Framework ("dtf")

  • ridenum - Rid_enum is a null session RID cycle attack for brute forcing domain controllers.

  • csrfpocmaker - A Simple & Handy tool.

  • Inspector - The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, check kernel version, check history file, get possible exploit ...

  • operative-framework - This is a framework based on fingerprint action, this tool is used for get information on a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics ...)

  • HaboMalHunter - HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

  • usb-canary - A Linux tool that uses pyudev to monitor devices while your computer is locked. In the case it detects someone plugging in or unplugging devices it can be configured to send you an SMS or alert you via Slack of the potential security breach.

  • LaZagne - Credentials recovery project

  • mimipenguin - A tool to dump the login password from the current linux user

  • inquisitor - Opinionated tool for easily and accurately profiling the internet exposure of target organisations using OSINT sources

  • BlindElephant - Getting BlindElephant into a working state, and updating the plugin files

  • plecost - Plecost - Wordpress finger printer Tool

  • pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

  • useful -

  • flare-fakenet-ng - FakeNet-NG - Next Generation Dynamic Network Analysis Tool

  • metasploitHelper - metasploitHelper

  • cribdrag - cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys

  • ptscripts -

  • linuxprivchecker - linuxprivchecker.py -- a Linux Privilege Escalation Check Script

  • JeanGrey - A tool to perform differential fault analysis attacks (DFA).

  • wifite2 -

  • armpwn - Repository to train/learn memory corruption on the ARM platform.

  • Delorean - NTP Main-in-the-Middle tool

  • AuthMatrix - AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.

  • IIS_exploit - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

  • SMTP-Injection-POC - Small POC to test SMTP command injection

  • dagda - a tool to perform static analysis of known vulnerabilities in docker images/containers and to monitor running docker containers for detecting anomalous activities

  • CSRFT - A lightweight CSRF Toolkit for easy Proof of concept

  • fame - FAME Automates Malware Evaluation

  • Deadpool - Repository of various public white-box cryptographic implementations and their practical attacks.

  • webapp-checklist - Technical details that a programmer of a web application should consider before making the site public.

  • XssPy - XssPy - Web Application XSS Scanner

  • break-fast-serial - A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs

  • Nscan - Nscan: Fast internet-wide scanner

  • struts-pwn - An exploit for Apache Struts CVE-2017-5638

  • ReconScan - Network reconnaissance and vulnerability assessment tools.

  • Ebowla - Framework for Making Environmental Keyed Payloads

  • pwlist - Password lists obtained from strangers attempting to log in to my server.

  • dynamic-instrumentation-with-Frida -

  • changeme - A default credential scanner.

  • pbtk - A toolset for reverse engineering and fuzzing Protobuf-based apps

  • Jarvis - Personal Assistant for Linux

  • labs - Vulnerability Labs for security analysis

  • Veil - Veil 3.0

  • GithubLeakAlert -

  • exploits -

  • whoishere.py - WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.

  • ML-From-Scratch - Bare bones Python implementations of some of the fundamental Machine Learning models and algorithms.

  • PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  • evilpass - Slightly evil password strength checker

  • Pytroj - A tool for infected .pyc files with arbitrary code that spreads out to infect all other .pyc files

  • basicRAT - python remote access trojan

  • CTF - Flask platform for Capture The Flag challenges

  • picoCTF-Platform-2 - A genericized version of picoCTF 2014 that can be easily adapted to host CTF or programming competitions.

  • pURL - API testing tool written with Python

  • Cypher - Pythonic ransomware proof of concept.

  • ctf - My solutions of CTFs

  • carml - Command-line utility to control Tor.

  • hardentheworld - Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

  • tls13-spec - TLS 1.3 Specification

  • Wifi-Dumper - This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

  • voltron - A hacky debugger UI for hackers

  • awesome-iot - Awesome IoT. A collaborative list of great resources about IoT Framework, Library, OS, Platform

  • rpivot - socks4 reverse proxy for penetration testing

  • winsharecrawler - Python crawler for remote Windows shares

  • DHCP-Powner - DHCP Starvation Exploit

  • WASE - The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch

  • HashTag - Password Hash Identification

  • SmeegeScrape - File/Web Text Scraper and Wordlist Generator

  • shellconv - Small tool for disassembling shellcode (using objdump)

  • malware_analysis - Various snippets created during malware analysis

  • Metaphor - Metaphor - Stagefright with ASLR bypass

  • pentestly - Python and Powershell internal penetration testing framework

  • gladius - Automated Responder/secretsdump.py cracking

  • boofuzz - A fork and successor of the Sulley Fuzzing Framework

  • BMW-i-Remote - A reverse engineered interface for the BMW i3 Electric Car

  • BlackHat_2015 - Distributing the REconstruction of High-Level IR for Large Scale Malware Analysis

  • android_fde_bruteforce - Scripts to bruteforce Android's Full Disk Encryption off the device

  • PytheM - Multi-purpose pentest framework

  • binwalk - Firmware Analysis Tool

  • pat - Customizable lazy exploit pattern utility.

  • bintut - Teach you a binary exploitation for great good.

  • BFuzzer - A Browser Fuzzer for Vulnerbilities

  • betabot-re - Beta Bot reverse engineering work

  • shiva - Spam Honeypot with Intelligent Virtual Analyzer

  • yapdns - YAPDNS

  • honeysnap -

  • droidbot - A lightweight test input generator for Android

  • cuckooml - CuckooML: Machine Learning for Cuckoo Sandbox

  • beeswarm - Honeypot deployment made easy

  • snapchat-decrypt - Python script for decrypting stored images from Snapchat version 5.0.34.nn

  • Marvin-static-Analyzer - Marvin static analyzer is an Android application vulnerability scanner. The framework uses androguard and Static Android Analysis Framework (SAAF).

  • Marvin-dynamic-Analyzer - Dynamic android vulnerability scanner using OpenNebula and Android-x86 emulators.

  • barf-project - BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

  • pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy

  • needle - The iOS Security Testing Framework

  • iloot - OpenSource tool for iCloud backup extraction

  • phpkit - PHP Backdooring framework using include() and php://input to execute code.

  • pr0cks - python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target

  • django-th - Trigger Happy - take the control of your data with this bridge between your internet services

  • Gooey - Turn (almost) any Python command line program into a full GUI application with one line

  • fibratus - Tool for exploration and tracing of the Windows kernel

  • pyspider - A Powerful Spider(Web Crawler) System in Python.

  • you-get - ⏬ Dumb downloader that scrapes the web

  • cheat - cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not frequently enough to remember.

  • faker - Faker is a Python package that generates fake data for you.

  • django-rules - Awesome Django authorization, without the database

  • SDK - ZoomEye API SDK

  • mqtt-bridges - Various bridges between MQTT and different hardware written in python for use with OpenHab

  • pytomation - Pytomation is an extensible device communication and automation system written in Python. It's uses include home automation and lighting control but is certainly not limited to that. It is supported on any platform that support Python ( Windows, Mac OS-X, Linux, etc )

  • alldaydevops-aism - All Day DevOps - Automated Infrastructure Security Monitoring and Defence (ELK + AWS Lambda)

  • pocs - Proof-of-Concept scripts for various issues.

  • wharfee - A CLI with autocompletion and syntax highlighting for Docker commands.

  • kerberoast -

  • fbctf17052014 - Some scripts I wrote for the Facebook CTF on May 17, 2014 in San Diego.

  • safety-db - A curated database of insecure Python packages

  • Sentiment-Analysis-Twitter - 🎓RESEARCH [NLP 💭] We use different feature sets and machine learning classifiers to determine the best combination for sentiment analysis of twitter.

  • HackSpy-Trojan-Exploit - This tool creates almost undetectabe trojan virus to exploit windows machine.

  • flask-intro - Introduction to Flask showing much of the basic functionality. Plus, I built a task manager application called FlaskTaskr.

  • pat - Pentester Automation Tool

  • PyGithub - Typed interactions with the GitHub API v3

  • flask-security-admin-example - Example of combining Flask-Security and Flask-Admin

  • Bluto - DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking

  • python-nvd3 - Python Wrapper for NVD3 - It's time for beautiful charts

  • worm-ssh - Create a worm that bruteforces SSH and "infect" the system.

  • cowrie - Cowrie SSH/Telnet Honeypot

  • DSVW - Damn Small Vulnerable Web

  • openstack-ansible-security - Security Role for OpenStack-Ansible

  • EyeWitness - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

  • MonitorDarkly - Poc, Presentation of Monitor OSD Exploitation, and shenanigans of high quality.

  • creepy - A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.

  • pwntools - CTF framework and exploit development library

  • D-TECT - D-TECT - Pentesting the Modern Web

  • azure-linux-extensions - Linux Virtual Machine Extensions for Azure

  • lektor - The lektor static file content management system

  • social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

  • aws-waf-sample - Lambda script that blocks IP addresses based on the number of requests.

  • aws-config-rules - [Node, Python, Java] Repository of sample Custom Rules for AWS Config.

  • spike - A cool web interface to manage rules for naxsi

  • foghorn - The foghorn project is a DNS proxy intended to reduce user exposure to phishing and other malicious items that can be interdicted by DNS greylisting

  • tplmap - Code and Server-Side Template Injection Detection and Exploitation Tool

  • public_drown_scanner -

  • TekDefense-Automater - Automater - IP URL and MD5 OSINT Analysis

  • spoofcheck - Simple script that checks a domain for email protections

  • SimpleEmailSpoofer - A simple Python CLI to spoof emails.

  • CANToolz - CANToolz - framework for black-box CAN network analysis

  • huatian-funny - 科学地分析自己的择偶观

  • pyauto - 《python自动化运维:技术与最佳实践》书中示例及案例源码

  • pentest_scripts -

  • Diffie-Hellman_Backdoor - How to backdoor Diffie-Hellman

  • bwscanner - Bandwidth authority scanner

  • anonBrowser - Anonymous python based browser

  • weevely3 - Weaponized web shell

  • malspider - Malspider is a web spidering framework that detects characteristics of web compromises.

  • Effective-Python-Penetration-Testing - Effective Python Penetration Testing by Packt Publishing

  • plasma - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

  • explainshell - match command-line arguments to their help text

  • kivy - Open source UI framework written in Python, running on Windows, Linux, macOS, Android and iOS

  • pyJoiner - pyJoiner - Exe Joiner (Kali Linux Version)

  • vulnerable-apps -

  • datasploit - A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.

  • droid-ff - Android File Fuzzing Framework

  • wifi - [unmaintained] WiFi tools for linux

  • LANs.py - Inject code, jam wifi, and spy on wifi users

  • python-markdown-oembed - Markdown extension to allow media embedding using the oEmbed standard.

  • mkdocs - Project documentation with Markdown.

  • Pazuzu - Pazuzu: Reflective DLL to run binaries from memory

  • the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode

  • github_cloner - Clone github repositories of a user / organization

  • waldo -

  • wifiphisher - Automated victim-customized phishing attacks against Wi-Fi clients

  • AutoLocalPrivilegeEscalation - An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically

  • ranger - A tool for security professionals to access and interact with remote Microsoft Windows based systems.

  • GitMiner - Tool for advanced mining for content on Github

  • Mobile-Security-Framework-MobSF - Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.

  • zmqc - netcat for ØMQ. Small but powerful.

  • scripts - Scripts I use during pentest engagements.

  • script-collection - Collection of my scripts ranging from bash or python or shell. Readme will contain list of which script does what.

  • crawler - Web Scraping Framework

  • grab - Web Scraping Framework

  • pymiproxy - A small and sweet man-in-the-middle proxy capable of doing HTTP and HTTP over SSL.

  • pymetasploit - A full-fledged msfrpc library for Metasploit framework.

  • Winpayloads - Undetectable Windows Payload Generation

  • websocketshell -

  • maybe - 📂 🐇 🎩 See what a program does before deciding whether you really want it to happen.

  • AutoNessus - This script communicates with the Nessus API in an attempt to help with automating scans. Depending on the flag issued with the script, you can list all scans, list all policies, start, stop, pause, and resume a scan.

  • w3af - w3af: web application attack and audit framework, the open source web vulnerability scanner.

  • Routerhunter-2.0 - Testing vulnerabilities in devices and routers connected to the Internet.

  • whatportis - A command to search port names and numbers

  • thefuck - Magnificent app which corrects your previous console command.

  • poet - Post-exploitation tool

  • exploitpack - Exploit Pack - One step ahead

  • pacemaker - Heartbleed (CVE-2014-0160) client exploit

  • Windows-Exploit-Suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.

  • exploit-database-bin-sploits - Exploit Database binary exploits located in the /sploits directory

  • CMS-Exploit-Framework - CMS Exploit Framework

  • getExploit - 💣 Download exploits from exploit-db.com

  • exploits - Some exploits and exploit development stuff.

  • exploits - Miscellaneous exploit code

  • RATDecoders - Python Decoders for Common Remote Access Trojans

  • peda - PEDA - Python Exploit Development Assistance for GDB

  • Pompem - Find exploit tool

  • toriptables2 - Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the tor network.

  • PyCat - Python network tool, similar to Netcat with custom features.

  • Ares - Python botnet and backdoor

  • pyinstaller - Freeze (package) Python programs into stand-alone executables

  • uncurl - A library to convert curl requests to python-requests.

  • hashID - Software to identify the different types of hashes -

  • github-dorks - Collection of github dorks and helper tool to automate the process of checking dorks

  • wordbrutepress - Wordpress Brute Force Multithreading with standard and xml-rpc login

  • get_prox - get proxies. nothing more, nothing less

  • pythonpentest - A repository for large scripts from my book.

  • crawler - a web crawler

  • deep-pink - Deep Pink is a chess AI that learns to play chess using deep learning.

  • neural-networks-and-deep-learning - Code samples for my book "Neural Networks and Deep Learning"

  • deeppy - Deep learning in Python

  • deepnet - Implementation of some deep learning algorithms.

  • DeepLearningTutorials - Deep Learning Tutorial notes and code. See the wiki for more info.

Ruby

  • lulz2 - lulz2

  • lulz - lulz: automated webstalking tool

  • Scripts-Sploits - A number of scripts POC's and problems solved as pentests move along.

  • MS17-010 - MS17-010 Windows SMB RCE -- exploits, payloads, and scanners

  • Eternalblue-Doublepulsar-Metasploit -

  • WhatWeb - Website Fingerprinter

  • squirtle - Squirtle the Browser-based NTLM Attack Toolkit

  • metasploitable3-readme - Rails app for Metasploitable3 information.

  • BreakingBricks - Some tools used in the Ruxcon / Kiwicon /SECT-T presentation "Breaking Bricks and Plumbing Pipes: Cisco ASA a Super Mario Adventure."

  • linux-baseline - DevSec Linux Baseline - InSpec Profile

  • ctf - some tasks/solutions from CTF challenges

  • watchtower - Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is platform- and language-agnostic.

  • watchtower - Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is platform- and language-agnostic.

  • cross - A tool for finding Cross Site Scripting vulnerabilities in web applications

  • brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications

  • ssh_scan - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)

  • mastodon - A GNU Social-compatible microblogging server

  • rbkb - Ruby BlackBag. Misc ruby-based pen-testing/reversing tools. Inspired by Matasano BlackBag.

  • Meterpreter-Scripts - Meterpreter Scripts that I'm working on

  • Metasploit-Plugins - Plugins for Metasploit Framework

  • BinProxy - BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.

  • bettercap - A complete, modular, portable and easily extensible MITM framework.

  • Serpico - SimplE RePort wrIting and COllaboration tool

  • CeWL - CeWL is a Custom Word List Generator

  • vsaudit - VOIP Security Audit Framework

  • wordpress-exploit-framework - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

  • XXEinjector - Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

  • wpsploit - WPSploit - Exploiting Wordpress With Metasploit

  • ruby-SSLscanner - A simple and easy to use SSL Cipher scanner

  • viproy-voipkit - VIPROY - VoIP Pen-Test Kit for Metasploit Framework

  • automato - automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.

  • arachni - Web Application Security Scanner Framework

  • dradis-ce - Dradis Framework: Colllaboration and reporting for IT Security teams

  • hoper - Security tool to trace URL's jumps across the rel links to obtain the last URL

  • yawast - The YAWAST Antecedent Web Application Security Toolkit

  • wpscan - WPScan is a black box WordPress vulnerability scanner.

  • owasp-mstg - The Mobile Security Testing Guide (MSTG) is the ultimate guide for mobile app security testing and reverse engineering.

  • searchpass - A simple tool for offline searching of default credentials for network devices, web applications and more.

  • rex-exploitation - Rex library for various exploitation helpers

  • win32-security - A Ruby interface for security aspects of MS Windows

  • HatCloud - Bypass CloudFlare with Ruby

  • scripts - A collection of useful scripts for penetration testers

  • Docker-War - Docker based Wargame Platform - To practice your CTF skills

  • cii-best-practices-badge - Core Infrastructure Initiative Best Practices Badge

  • commit-watcher - Find interesting and potentially hazardous commits in git projects

  • Kaffeine - Keeping free Heroku apps awake.

  • gitrob - Reconnaissance tool for GitHub organizations

  • droid-hunter - Android application vulnerability analysis and Android pentest tool

  • API-fuzzer - API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities

  • frog - Frog is a command line tool to help you quickly jump to the right Android doc.

  • metasploit-framework - Metasploit Framework

  • ciphr - a CLI tool for performing and composing encoding, decoding, encryption, decryption, hashing, and other various cryptographic operations on streams of data from the command line; mostly intended for infosec uses.

  • metasploit-framework - Metasploit Framework

  • java - Chef Java Cookbook

Scala

  • bfg-repo-cleaner - Removes large or troublesome blobs like git-filter-branch does, but faster. And written in Scala

Scheme

  • radamsa - a general-purpose fuzzer

Shell

  • nsd-dnssec - 🐳 Simple authoritative name server with DNSSEC support using Docker

  • oss-fuzz - OSS-Fuzz - continuous fuzzing of open source software

  • hispagatos-enumeration - Bash script that runs most of the external enumeration with some logic

  • Packaging_Tools - This repository contains various shell scripts and tips and tricks used for packaging androidtamer packages

  • P4wnP1 - P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.

  • ipv6-workshop - IPv6 Workshop Slides and Exercise Files

  • Pentest-Scripts - Github for the scripts utilised during Penetration test

  • dnssec-labs -

  • static-binaries - Various *nix tools built as statically-linked binaries

  • ansible-pentest-with-tor - Use Tor for anonymous scanning with nmap

  • securityonion-nsmnow-admin-scripts -

  • docker-dvwa - Docker image for DVWA(Damn Vulnerable Web Application)

  • Ubuntu-Telemetry-Free-Privacy-Secure - Bash script, which helps to remove telemetry and do system more private and secure

  • lair-docker - Lair Framework dockerized.

  • docker-bench-security - The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

  • dockerfile-msf -

  • autoenv - Directory-based environments.

  • vagrant_pwn - Reversing-Pwning Vagrant setup

  • mitm-vm - An easy-to-deploy virtual machine that can provide flexible man-in-the-middle capabilities.

  • git-secret - 👥 A bash-tool to store your private data inside a git repository.

  • shARP - An anti-ARP-spoofing application software that use active scanning method to detect and remove any ARP-spoofer from the network.

  • Microsploit - Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow

  • ansible-lxd - Ansible role to setup LXD, its bridge, pre-copy images and eventually pre-configure some

  • ansible-harden - harden system (linux, unix...)

  • RogueSploit - Powerfull social engeering Wi-Fi trap!

  • dirtshell - Provide a sort of shell-ish interface to make file directory traversal quicker and easier.

  • cheat-sheets - Various Cheat Sheets related to development and security

  • FakeImageExploiter - Use a Fake image.jpg (hide known file extensions) to exploit targets

  • ctf-tools - Some setup scripts for security research tools.

  • Autosnort - Repo for autosnort scripts.

  • setup-ipsec-vpn - Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS

  • algo - Set up a personal IPSEC VPN in the cloud

  • bootcamp - A open contribute bootcamp to develop DevSecOps skills...

  • python-cookbook - Code samples from the "Python Cookbook, 3rd Edition", published by O'Reilly & Associates, May, 2013.

  • openssh-backdoor-kit - 💣 just for fun ¯_(ツ)_/¯

  • Nix-Auditor - Nix Audit made easier (RHEL, CentOS)

  • PoCs - Proof of Concepts for CVE-2016–3714

  • docker-ipv6 - Scripts and tools for Docker with IPv6 Prefix Delegation

  • BinGoo - BinGoo! A Linux bash based Bing and Google Dorking Tool

  • backdoorppt - transform your payload.exe into one fake word doc (.ppt)

  • PPSS -

  • lunar - A UNIX security auditing tool based on several security frameworks

  • testssl.sh - Testing TLS/SSL encryption anywhere on any port

  • DVCS-Pillage - Pillage web accessible GIT, HG and BZR repositories

  • Mass-Hacker-Arsenal - Massive arsenal of hacker tools...

  • CDMCS - Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch

  • afl-trivia - Short, unrelated helper scripts for users of AFL (the fuzzer)

  • discover - For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks.

  • gitlist -

  • BruteX - Automatically brute force all services running on a target.

  • Airoscript - Airoscript-ng

  • PenTestKit - Useful tools for Penetration Testing

  • MIDA-Multitool - Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

  • pentest - ⛔ offsec batteries included

  • airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks.

  • docker-webappsecscanbox - Docker build file providing an Image exposing some web app scan in order to use the image as command line tools.

  • security_ctf - Security Capture The Flag (CTF) competition writeups and learning notes.

  • docker-ipsec-vpn-server - Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec

  • pwnbox - Docker container with tools for binary reverse engineering and exploitation.

  • autovpn - Create On Demand OpenVPN Endpoints on AWS.

  • linpostexp - Linux post exploitation enumeration and exploit checking tools

  • python-for-system-administration - A workshop on using Python language for system administration

  • script-hack-github-commit-graph - Hack the Github commit graph: add previous dates or write a word on it!

  • docker_practice - Learn and understand Docker, with real DevOps practice!

  • wicked_cool_shell_scripts_2e - Full shell scripts for the second edition of Wicked Cool Shell Scripts

  • rpi-mitmproxy-gateway - Build an SSL capable transparent proxying WiFi Access point with budget commodity hardware and Open Source software.

  • pwndsh - Post-exploitation framework (and an interactive shell) developed in Bash shell scripting

  • dirtycow-docker-vdso -

  • OpenVPN-Setup - Shell script to set up Raspberry Pi (TM) as an OpenVPN server

  • ovpngen - Generate an OpenVPN Connect private tunnel profile in the unified format

  • backdoor-apk - backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.

  • og-aws - 📙 Amazon Web Services — a practical guide

  • getting-started-with-public-cloud-iaas-null-blr-puliya - null Bangalore Puliya on Getting Started with Public Cloud IAAS (AWS/GCP/Azure)

  • dokku - A docker-powered PaaS that helps you build and manage the lifecycle of applications

  • workshop -

  • lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

  • docker-monitor - Scripts and configuration to help you monitor your Docker containers

  • docker-swarm-demo - A demo of Docker Swarm

  • vagrant-pentester - Vagrant / Puppet based vulnerable web application suite - needs updating

  • cheat-scripts - because you cant remember everything

  • INE-VIRL - INE VIRL Topologies & Initial Configs

  • blackarch - BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers.

  • securityheaders - Bash script for checking HTTP headers for security

  • damneasygentoo - An SH script that installs gentoo from a live media, all from a user friendly GUI.

  • pentestpackage - a package of Pentest scripts I have made or commonly use

  • recon-ng-Automation -

  • halcyon - System for installing Haskell apps

Smali

  • kwetza - Python script to inject existing Android applications with a Meterpreter payload.

TeX

Visual Basic

  • MaliciousMacroGenerator - Malicious Macro Generator

  • COMRaider - ActiveX Fuzzing tool with GUI, object browser, system scanner, and distributed auditing capabilities

  • Crypter - Windows Crypter

  • ntstream -

  • winerr - A simple UI tool that enumerates Windows System Error Codes and allows you to search using a specific error code.

  • adbrute -

License

CC0

To the extent possible under law, Chan9390 has waived all copyright and related or neighboring rights to this work.