PenetrationTesting

中文版本

The page You see here is a stripped version: Repos with less than 200 stars and last modified more than 500 days ago are not included. Check FULL version here: English Version-Full

Tools

RecentAdded

[3527Star][2m] [PowerShell] bloodhoundad/bloodhound Six Degrees of Domain Admin
[1992Star][2m] [C++] darthton/blackbone Windows memory hacking library
[1879Star][19d] [C] chipsec/chipsec Platform Security Assessment Framework
[1859Star][1y] [C++] y-vladimir/smartdeblur Restoration of defocused and blurred photos/images
[1773Star][5m] [Py] veil-framework/veil Veil 3.1.X (Check version info in Veil at runtime)
[1560Star][1m] [Shell] internetwache/gittools A repository with 3 tools for pwn'ing websites with .git repositories available
[1400Star][4m] [C] ettercap/ettercap Ettercap Project
[1384Star][1y] [Go] filosottile/whosthere A ssh server that knows who you are. $ ssh whoami.filippo.io
[1339Star][20d] [XSLT] lolbas-project/lolbas Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
[1328Star][12m] [XSLT] api0cradle/lolbas Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
[1314Star][1y] mortenoir1/virtualbox_e1000_0day VirtualBox E1000 Guest-to-Host Escape
[1298Star][2m] [PowerShell] peewpw/invoke-psimage Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
[1272Star][1y] [JS] sakurity/securelogin This version won't be maintained!
[1218Star][1y] [Go] cloudflare/redoctober Go server for two-man rule style file encryption and decryption.
[1209Star][1m] [Go] google/martian Martian is a library for building custom HTTP/S proxies
[1136Star][3m] [C] dgiese/dustcloud Xiaomi Smart Home Device Reverse Engineering and Hacking
[1128Star][2m] [HTML] cure53/httpleaks HTTPLeaks - All possible ways, a website can leak HTTP requests
[1105Star][2m] [Py] thoughtfuldev/eagleeye Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
[1073Star][14d] [Go] looterz/grimd
[1052Star][1m] [PHP] nbs-system/php-malware-finder Detect potentially malicious PHP files
[1023Star][13d] [Py] yelp/detect-secrets An enterprise friendly way of detecting and preventing secrets in code.
[967Star][25d] [HTML] n0tr00t/sreg Sreg可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。
[923Star][7m] [Py] osirislab/hack-night Hack Night is an open weekly training session run by the OSIRIS lab.
[904Star][26d] [Ruby] david942j/one_gadget The best tool for finding one gadget RCE in libc.so.6
[903Star][12m] [C++] miek/inspectrum Offline radio signal analyser
[902Star][3m] [Go] dominicbreuker/pspy Monitor linux processes without root permissions
[894Star][25d] [C] arm-software/arm-trusted-firmware Read-only mirror of Trusted Firmware-A
[885Star][1m] [C#] google/sandbox-attacksurface-analysis-tools Set of tools to analyze and attack Windows sandboxes.
[874Star][4m] [JS] dpnishant/appmon Documentation:
[873Star][4m] bugcrowd/bugcrowd_university Open source education content for the researcher community
[852Star][20d] [Py] shmilylty/oneforall OneForAll是一款功能强大的子域收集工具
[850Star][3m] [CSS] outflanknl/redelk Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
[838Star][13d] [Py] circl/ail-framework AIL framework - Analysis Information Leak framework
[835Star][13d] [Roff] slimm609/checksec.sh Checksec.sh
[832Star][7m] [JS] serpicoproject/serpico SimplE RePort wrIting and COllaboration tool
[819Star][10m] [Shell] thelinuxchoice/userrecon Find usernames across over 75 social networks
[818Star][21d] [C#] borntoberoot/networkmanager A powerful tool for managing networks and troubleshoot network problems!
[814Star][9m] [Py] ietf-wg-acme/acme A protocol for automating certificate issuance
[814Star][16d] [Py] lylemi/learn-web-hacking Study Notes For Web Hacking / Web安全学习笔记
[812Star][14d] [Java] lamster2018/easyprotector 一行代码检测XP/调试/多开/模拟器/root
[807Star][8m] [Py] nccgroup/featherduster An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
[802Star][6m] [Py] corelan/mona Corelan Repository for mona.py
[797Star][2m] [JS] sindresorhus/is-online Check if the internet connection is up
[793Star][1m] [Py] hellman/xortool A tool to analyze multi-byte xor cipher
[769Star][1m] [Go] dreddsa5dies/gohacktools Hacker tools on Go (Golang)
[765Star][12m] [PowerShell] kevin-robertson/invoke-thehash PowerShell Pass The Hash Utils
[761Star][24d] [C++] shekyan/slowhttptest Application Layer DoS attack simulator
[757Star][9m] [Py] hlldz/spookflare Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
[757Star][4m] [TSQL] threathunterx/nebula "星云"业务风控系统，主工程
[746Star][1y] [Py] greatsct/greatsct The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
[745Star][1m] [Go] bishopfox/sliver Implant framework
[739Star][1m] [PHP] symfony/security-csrf The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.
[738Star][2m] [C++] snort3/snort3 Snort++
[735Star][7m] [Py] ricterz/genpass 中国特色的弱口令生成器
[734Star][5m] [Go] talkingdata/owl distributed monitoring system
[731Star][1m] [HTML] m4cs/babysploit
[729Star][1y] [C#] eladshamir/internal-monologue Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
[719Star][5m] [Go] anshumanbh/git-all-secrets A tool to capture all the git secrets by leveraging multiple open source git searching tools
[711Star][3m] [Py] f-secure/see Sandboxed Execution Environment
[709Star][24d] [Py] globaleaks/globaleaks GlobaLeaks - The Open-Source Whistleblowing Software
[708Star][5m] [Py] adamlaurie/rfidiot python RFID / NFC library & tools
[707Star][1m] [Perl] gouveaheitor/nipe Nipe is a script to make Tor Network your default gateway.
[706Star][4m] aleenzz/cobalt_strike_wiki Cobalt Strike系列
[706Star][1y] [C#] p3nt4/powershdll Run PowerShell with rundll32. Bypass software restrictions.
[706Star][1m] [Py] shawndevans/smbmap SMBMap is a handy SMB enumeration tool
[698Star][13d] [C] iaik/zombieload Proof-of-concept for the ZombieLoad attack
[692Star][3m] netflix/security-bulletins Security Bulletins that relate to Netflix Open Source
[687Star][5m] [C++] google/certificate-transparency Auditing for TLS certificates.
[687Star][7m] [C] hfiref0x/tdl Driver loader for bypassing Windows x64 Driver Signature Enforcement
[684Star][2m] [Py] mjg59/python-broadlink Python module for controlling Broadlink RM2/3 (Pro) remote controls, A1 sensor platforms and SP2/3 smartplugs
[684Star][25d] streaak/keyhacks Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
[682Star][12d] [Java] peergos/peergos A decentralised, secure file storage and social network
[673Star][7m] [Py] mr-un1k0d3r/powerlessshell Run PowerShell command without invoking powershell.exe
[665Star][1y] [Py] endgameinc/rta
[665Star][12m] [PowerShell] arvanaghi/sessiongopher SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
[664Star][2m] [Py] skelsec/pypykatz Mimikatz implementation in pure Python
[662Star][2m] [Go] pquerna/otp TOTP library for Go
[658Star][5m] [Py] golismero/golismero GoLismero - The Web Knife
[654Star][1y] [Py] deepzec/bad-pdf Steal Net-NTLM Hash using Bad-PDF
[651Star][4m] [C#] outflanknl/evilclippy A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
[650Star][12d] ptresearch/attackdetection Attack Detection
[647Star][8m] [C] samdenty/wi-pwn ESP8266 Deauther with a material design WebUI
[642Star][11m] [C#] wwillv/godofhacker 黑客神器
[637Star][3m] [C#] ghostpack/rubeus Trying to tame the three-headed dog.
[631Star][2m] [Py] gquere/pwn_jenkins Notes about attacking Jenkins servers
[628Star][5m] [PHP] l3m0n/bypass_disable_functions_shell 一个各种方式突破Disable_functions达到命令执行的shell
[615Star][10m] [Py] dirkjanm/privexchange Exchange your privileges for Domain Admin privs by abusing Exchange
[606Star][1y] [Shell] wireghoul/htshells Self contained htaccess shells and attacks
[602Star][2m] [JS] evilsocket/arc A manager for your secrets.
[592Star][2m] [PHP] hongrisec/php-audit-labs 一个关于PHP的代码审计项目
[592Star][1m] [PowerShell] ramblingcookiemonster/powershell Various PowerShell functions and scripts
[589Star][3m] [Py] webrecorder/pywb Core Python Web Archiving Toolkit for replay and recording of web archives
[584Star][16d] [YARA] didierstevens/didierstevenssuite Please no pull requests for this repository. Thanks!
[575Star][8m] [C#] 0xbadjuju/tokenvator A tool to elevate privilege with Windows Tokens
[575Star][9m] [Py] romanz/amodem Audio MODEM Communication Library in Python
[574Star][8m] [C] mrexodia/titanhide Hiding kernel-driver for x86/x64.
[567Star][1y] [C#] tyranid/dotnettojscript A tool to create a JScript file which loads a .NET v2 assembly from memory.
[561Star][1y] [Solidity] trailofbits/not-so-smart-contracts Examples of Solidity security issues
[558Star][5m] [Py] nidem/kerberoast a series of tools for attacking MS Kerberos implementations
[550Star][10m] [C] justinsteven/dostackbufferoverflowgood
[545Star][1y] [Go] cw1997/natbypass 一款lcx在golang下的实现
[545Star][3m] [Py] its-a-feature/apfell A collaborative, multi-platform, red teaming framework
[543Star][1m] [Go] shopify/kubeaudit kubeaudit helps you audit your Kubernetes clusters against common security controls
[536Star][8m] [C] hfiref0x/upgdsed Universal PatchGuard and Driver Signature Enforcement Disable
[536Star][2m] [C] vanhauser-thc/thc-ipv6 IPv6 attack toolkit
[533Star][1m] [Go] yggdrasil-network/yggdrasil-go An experiment in scalable routing as an encrypted IPv6 overlay network
[530Star][5m] [HCL] coalfire-research/red-baron Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
[530Star][2m] [C] eliasoenal/multimon-ng
[526Star][28d] [Ruby] hdm/mac-ages MAC address age tracking
[524Star][1y] [Py] n00py/wpforce Wordpress Attack Suite
[523Star][1y] [C#] ghostpack/safetykatz SafetyKatz is a combination of slightly modified version of
[515Star][11m] [PowerShell] a-min3/winspect Powershell-based Windows Security Auditing Toolbox
[513Star][1m] [Shell] trailofbits/twa A tiny web auditor with strong opinions.
[509Star][11m] [Go] mthbernardes/gtrs GTRS - Google Translator Reverse Shell
[507Star][1m] [JS] mr-un1k0d3r/thundershell Python / C# Unmanaged PowerShell based RAT
[505Star][7m] [Visual Basic] mr-un1k0d3r/maliciousmacrogenerator Malicious Macro Generator
[501Star][24d] [Go] sensepost/gowitness Go 语言编写的网站快照工具
[489Star][2m] [PHP] nzedb/nzedb nZEDb - a fork of nnplus(2011) | NNTP / Usenet / Newsgroup indexer.
[485Star][2m] [Go] gen2brain/cam2ip Turn any webcam into an IP camera
[480Star][1y] [Java] continuumsecurity/bdd-security BDD Automated Security Tests for Web Applications
[479Star][11m] [Go] evanmiller/hecate The Hex Editor From Hell
[475Star][1m] [C] m0nad/diamorphine LKM rootkit for Linux Kernels 2.6.x/3.x/4.x (x86 and x86_64)
[474Star][10m] [Shell] craigz28/firmwalker Script for searching the extracted firmware file system for goodies!
[474Star][2m] [Go] gorilla/csrf gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services
[468Star][2m] [Py] bashfuscator/bashfuscator A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
[465Star][18d] [Py] aoii103/darknet_chinesetrading
[457Star][21d] [LLVM] jonathansalwan/tigress_protection Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
[456Star][12m] [Py] mehulj94/radium Python keylogger with multiple features.
[454Star][5m] [C] phoenhex/files
[453Star][27d] [Go] gen0cide/gscript framework to rapidly implement custom droppers for all three major operating systems
[449Star][3m] [C++] omerya/invisi-shell Hide your Powershell script in plain sight. Bypass all Powershell security features
[448Star][2m] [Py] bit4woo/teemo A Domain Name & Email Address Collection Tool
[448Star][2m] [PowerShell] rvrsh3ll/misc-powershell-scripts Random Tools
[445Star][13d] [Shell] wireghoul/graudit grep rough audit - source code auditing tool
[444Star][9m] [C] martinmarinov/tempestsdr Remote video eavesdropping using a software-defined radio platform
[443Star][2m] [Py] portantier/habu Hacking Toolkit
[443Star][1y] [JS] simonepri/upash
[437Star][6m] [PHP] flozz/p0wny-shell Single-file PHP shell
[432Star][1m] [PowerShell] mr-un1k0d3r/redteampowershellscripts Various PowerShell scripts that may be useful during red team exercise
[428Star][6m] [Pascal] mojtabatajik/robber Robber is open source tool for finding executables prone to DLL hijacking
[426Star][6m] [Py] stamparm/fetch-some-proxies Simple Python script for fetching "some" (usable) proxies
[423Star][28d] [Py] super-l/superl-url 【公告：不提供技术支持服务，不接定制，有问题可发技术群】根据关键词，对搜索引擎内容检索结果的网址内容进行采集的一款轻量级软程序。程序主要运用于安全渗透测试项目，以及批量评估各类CMS系统0DAY的影响程度，同时也是批量采集自己获取感兴趣的网站的一个小程序~~ 可自动从搜索引擎采集相关网站的真实地址与标题等信息，可保存为文件，自动去除重复URL。同时，也可以自定义忽略多条域名等。
[421Star][10m] [Py] d4vinci/cuteit IP obfuscator made to make a malicious ip a bit cuter
[408Star][10m] [Py] powerscript/katanaframework The New Hacking Framework
[404Star][2m] [C++] hoshimin/kernel-bridge Windows kernel hacking framework, driver template, hypervisor and API written on C++
[401Star][5m] [Py] ytisf/pyexfil A Python Package for Data Exfiltration
[396Star][2m] [HTML] w3c/webappsec Web Application Security Working Group repo
[387Star][1y] [C#] squalr/squalr Squalr Memory Editor - Game Hacking Tool Written in C#
[378Star][1y] [JS] empireproject/empire-gui Empire client application
[376Star][1m] [JS] nccgroup/tracy A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
[375Star][13d] [C++] simsong/bulk_extractor This is the development tree. For downloads please see:
[375Star][8m] [Java] tiagorlampert/saint a Spyware Generator for Windows systems written in Java
[372Star][8m] [Py] k4m4/onioff onioff：url检测器，深度检测网页链接
[365Star][1m] [C++] crypto2011/idr Interactive Delphi Reconstructor
[362Star][17d] [C#] bloodhoundad/sharphound The BloodHound C# Ingestor
[361Star][20d] [Py] emtunc/slackpirate Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
[360Star][26d] [Ruby] david942j/seccomp-tools Provide powerful tools for seccomp analysis
[360Star][4m] [Shell] trimstray/otseca Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
[354Star][2m] [Py] fox-it/bloodhound.py A Python based ingestor for BloodHound
[351Star][6m] [Py] tidesec/tidefinger TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。
[350Star][10m] [Py] secynic/ipwhois Retrieve and parse whois data for IPv4 and IPv6 addresses
[348Star][2m] [Py] lockgit/hacking hacking is a kind of spirit !
[342Star][30d] [Ruby] sunitparekh/data-anonymization Want to use production data for testing, data-anonymization can help you.
[339Star][1m] [C] nccgroup/phantap Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
[338Star][1y] [Ruby] srcclr/commit-watcher Find interesting and potentially hazardous commits in git projects
[336Star][4m] [Perl] keydet89/regripper2.8 RegRipper version 2.8
[331Star][12m] [Assembly] egebalci/amber Reflective PE packer.
[328Star][8m] [Py] dirkjanm/ldapdomaindump Active Directory information dumper via LDAP
[327Star][28d] [PowerShell] joelgmsec/autordpwn The Shadow Attack Framework
[327Star][1y] [Py] leapsecurity/inspy A python based LinkedIn enumeration tool
[325Star][10m] [C#] ghostpack/sharpdump SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
[322Star][1y] [Shell] 1n3/goohak Automatically Launch Google Hacking Queries Against A Target Domain
[318Star][22d] [Py] codingo/interlace Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
[317Star][1y] [JS] nccgroup/wssip Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
[316Star][1m] [JS] meituan-dianping/lyrebird 基于拦截以及模拟HTTP/HTTPS网络请求的面向移动应用的插件化测试工作台
[316Star][1y] [Java] ysrc/liudao “六道”实时业务风控系统
[314Star][1y] [Go] benjojo/bgp-battleships Play battleships using BGP
[312Star][2m] [Py] circl/lookyloo Lookyloo is a web interface allowing to scrape a website and then displays a tree of domains calling each other.
[312Star][11m] crazywa1ker/darthsidious-chinese DarthSidious 中文版
[311Star][12d] [C] vanhauser-thc/aflplusplus afl++ is afl 2.56b with community patches, AFLfast power schedules, qemu 3.1 upgrade + laf-intel support, MOpt mutators, InsTrim instrumentation, unicorn_mode and a lot more!
[310Star][5m] [YARA] needmorecowbell/hamburglar Hamburglar -- collect useful information from urls, directories, and files
[307Star][1m] [Go] wangyihang/platypus A modern multiple reverse shell sessions/clients manager via terminal written in go
[306Star][3m] [PowerShell] enigma0x3/misc-powershell-stuff random powershell goodness
[304Star][2m] [Py] coalfire-research/slackor A Golang implant that uses Slack as a command and control server
[304Star][6m] [C] pmem/syscall_intercept The system call intercepting library
[302Star][7m] [C] tomac/yersinia A framework for layer 2 attacks
[298Star][26d] [Py] salls/angrop a rop gadget finder and chain builder
[298Star][1m] [Py] skylined/bugid Detect, analyze and uniquely identify crashes in Windows applications
[296Star][1y] [PowerShell] onelogicalmyth/zeroday-powershell A PowerShell example of the Windows zero day priv esc
[295Star][6m] [HTML] nccgroup/crosssitecontenthijacking Content hijacking proof-of-concept using Flash, PDF and Silverlight
[295Star][1y] [C++] nevermoe/unity_metadata_loader load strings and method/class names in global-metadata.dat to IDA
[295Star][1y] [JS] xxxily/fiddler-plus 自定义的Fiddler规则，多环境切换、解决跨域开发、快速调试线上代码必备|高效调试分析利器
[294Star][27d] [JS] doyensec/electronegativity Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
[294Star][13d] [C++] squalr/squally 2D Platformer Game for Teaching Game Hacking - C++/cocos2d-x
[290Star][3m] [Shell] fdiskyou/zines Mirror of my favourite hacking Zines for the lulz, nostalgy, and reference
[290Star][1m] [C] mboehme/aflfast AFLFast (extends AFL with Power Schedules)
[288Star][2m] [C] 9176324/shark Turn off PatchGuard in real time for win7 (7600) ~ win10 (18950).
[288Star][3m] [Visual Basic] itm4n/vba-runpe A VBA implementation of the RunPE technique or how to bypass application whitelisting.
[286Star][8m] [C] gianlucaborello/libprocesshider Hide a process under Linux using the ld preloader (
[286Star][1y] [Java] webgoat/webgoat-legacy Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
[285Star][3m] [Py] apache/incubator-spot Mirror of Apache Spot
[284Star][6m] [C#] matterpreter/offensivecsharp Collection of Offensive C# Tooling
[279Star][11m] [Py] justicerage/ffm Freedom Fighting Mode: open source hacking harness
[278Star][1m] [Go] cruise-automation/fwanalyzer a tool to analyze filesystem images
[278Star][3m] [Py] joxeankoret/pyew Official repository for Pyew.
[277Star][1y] [HTML] google/p0tools Project Zero Docs and Tools
[277Star][16d] [Shell] trimstray/mkchain Open source tool to help you build a valid SSL certificate chain.
[276Star][4m] geerlingguy/ansible-role-security Ansible Role - Security
[276Star][2m] [Go] mdsecactivebreach/o365-attack-toolkit A toolkit to attack Office365
[275Star][4m] [Py] opsdisk/pagodo pagodo (Passive Google Dork) - Automate Google Hacking Database scraping
[273Star][3m] [PowerShell] nullbind/powershellery This repo contains Powershell scripts used for general hackery.
[272Star][9m] [C++] anhkgg/superdllhijack SuperDllHijack：A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术，不再需要手工导出Dll的函数接口了
[272Star][3m] [Py] invernizzi/scapy-http Support for HTTP in Scapy
[271Star][3m] artsploit/solr-injection Apache Solr Injection Research
[269Star][6m] [Py] ropnop/windapsearch Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
[268Star][4m] [Py] den1al/jsshell An interactive multi-user web JS shell
[264Star][7m] s0md3v/mypapers Repository for hosting my research papers
[264Star][7m] [Py] s0md3v/breacher An advanced multithreaded admin panel finder written in python.
[263Star][1y] [Ruby] evait-security/envizon network visualization tool with focus on red / blue team requirements
[261Star][2m] [Shell] al0ne/linuxcheck linux信息收集/应急响应/常见后门检测脚本
[260Star][10m] [Py] ant4g0nist/susanoo A REST API security testing framework.
[260Star][5m] [C++] d35ha/callobfuscator Obfuscate specific windows apis with different apis
[260Star][3m] [C] portcullislabs/linikatz linikatz is a tool to attack AD on UNIX
[259Star][2m] [C] eua/wxhexeditor wxHexEditor official GIT repo
[258Star][25d] [Py] frint0/email-enum Email-Enum searches mainstream websites and tells you if an email is registered!
[256Star][1y] [PowerShell] fox-it/invoke-aclpwn
[256Star][8m] [C] landhb/hideprocess A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
[256Star][1y] [Py] m4ll0k/galileo Galileo - Web Application Audit Framework
[256Star][11m] [Py] hysnsec/devsecops-studio DevSecOps Distribution - Virtual Environment to learn DevSecOps
[254Star][1m] [Shell] cytoscape/cytoscape Cytoscape: an open source platform for network analysis and visualization
[254Star][9m] [C] p0f/p0f p0f unofficial git repo
[253Star][1y] [C] benjamin-42/trident
[253Star][1y] [Java] jackofmosttrades/gadgetinspector A byte code analyzer for finding deserialization gadget chains in Java applications
[252Star][2m] [C++] poweradminllc/paexec Remote execution, like PsExec
[251Star][6m] [Go] lavalamp-/ipv666 Golang IPv6 address enumeration
[250Star][14d] [C++] fransbouma/injectablegenericcamerasystem This is a generic camera system to be used as the base for cameras for taking screenshots within games. The main purpose of the system is to hijack the in-game 3D camera by overwriting values in its camera structure with our own values so we can control where the camera is located, it's pitch/yaw/roll values, its FoV and the camera's look vector.
[250Star][2m] [Py] hacktoolspack/hack-tools hack tools
[249Star][6m] [Py] itskindred/procspy Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
[247Star][14d] [Py] rvrsh3ll/findfrontabledomains Search for potential frontable domains
[246Star][4m] [Py] redteamoperations/pivotsuite Network Pivoting Toolkit
[244Star][7m] ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet WordPress Plugin Security Testing Cheat Sheet
[243Star][9m] [Py] wh0ale/src-experience 工欲善其事，必先利其器
[239Star][7m] [Py] openstack/syntribos Python API security testing tool from OpenStack Security Group
[236Star][1y] [Py] matthewclarkmay/geoip-attack-map Cyber security geoip attack map that follows syslog and parses IPs/port numbers to visualize attackers in real time.
[236Star][8m] [Py] mazen160/bfac BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
[234Star][15d] [Py] cisco-config-analysis-tool/ccat Cisco Config Analysis Tool
[234Star][3m] [Rust] hippolot/anevicon
[233Star][2m] [JS] martinzhou2015/srcms SRCMS企业应急响应与缺陷管理系统
[231Star][11m] xcsh/unity-game-hacking A guide for hacking unity games
[230Star][29d] [Py] timlib/webxray webxray is a tool for analyzing third-party content on webpages and identifying the companies which collect user data.
[226Star][10m] duoergun0729/2book 《Web安全之深度学习实战》
[226Star][7m] [Shell] r00t-3xp10it/meterpreter_paranoid_mode-ssl Meterpreter Paranoid Mode - SSL/TLS connections
[225Star][1y] [Go] netxfly/sec_check Cross platform security detection tool
[224Star][6m] [JS] jesusprubio/strong-node
[222Star][22d] [Py] webbreacher/whatsmyname This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects.
[221Star][2m] [Py] guimaizi/get_domain 域名收集与监测
[217Star][6m] bhdresh/dejavu DejaVU - Open Source Deception Framework
[215Star][9m] [Py] mckinsey666/vocabs A lightweight online dictionary integration to the command line
[213Star][3m] [JS] varchashva/letsmapyournetwork Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error
[212Star][4m] [Shell] cryptolok/crykex Linux Memory Cryptographic Keys Extractor
[212Star][1m] [Py] wazuh/wazuh-ruleset Wazuh - Ruleset
[212Star][8m] [JS] zhuyingda/veneno 用Node.js编写的Web安全测试框架
[209Star][1y] basilfx/tradfri-hacking Hacking the IKEA TRÅDFRI light bulbs and accessories.
[208Star][5m] [C#] erfg12/memory.dll C# Hacking library for making PC game trainers.
[208Star][2m] [Py] jordanpotti/cloudscraper CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
[205Star][4m] [PowerShell] harmj0y/damp The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
[205Star][12m] [Py] orf/xcat Automate XPath injection attacks to retrieve documents
[205Star][12m] [C#] tevora-threat/sharpview C# implementation of harmj0y's PowerView
[204Star][8m] 1hack0/facebook-bug-bounty-write-ups Hunting Bugs for Fun and Profit
[203Star][14d] [Py] seahoh/gotox 本地自动代理，修改自 goagent。
[201Star][12d] [CoffeeScript] bevry/getmac Get the mac address of the current machine you are on via Node.js
[201Star][6m] [JS] wingleung/save-page-state A chrome extension to save the state of a page for further analysis
[200Star][1m] [Py] nyxgeek/lyncsmash locate and attack Lync/Skype for Business

NoCategory

AI&&MachineLearning&&DeepLearning&&NeturalNetwork

NoCategory

[4216Star][25d] [Py] tensorflow/cleverhans An adversarial example library for constructing attacks, building defenses, and benchmarking both
[3263Star][18d] jivoi/awesome-ml-for-cybersecurity 针对网络安全的机器学习资源列表
[2480Star][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- Also In Section: Tools/Network&&Sniff&&Mitm/MITM |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[1049Star][1m] [Py] 13o-bbr-bbq/machine_learning_security Source code about machine learning and security.
[569Star][20d] 404notf0und/ai-for-security-learning 安全场景、基于AI的安全算法和安全数据分析学习资料整理
[513Star][21d] [Py] gyoisamurai/gyoithon GyoiThon is a growing penetration test tool using Machine Learning.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AllInOne&&Framework |
[445Star][4m] [Py] cchio/deep-pwning Metasploit for machine learning.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Metasploit/NoCategory |
[283Star][1m] [Py] bishopfox/eyeballer Convolutional neural network for analyzing pentest screenshots
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/NoCategory |

Collection

NoCategory

[4097Star][20d] qazbnm456/awesome-web-security web 安全资源列表
[2778Star][4m] [C] juliocesarfort/public-pentesting-reports Curated list of public penetration test reports released by several consulting firms and academic security groups
[2747Star][2m] infosecn1nja/red-teaming-toolkit A collection of open source and commercial tools that aid in red team operations.
[2592Star][1m] rmusser01/infosec_reference An Information Security Reference That Doesn't Suck
[2483Star][2m] kbandla/aptnotes Various public documents, whitepapers and articles about APT campaigns
[2353Star][22d] [Py] 0xinfection/awesome-waf
[2253Star][11m] yeyintminthuhtut/awesome-red-teaming List of Awesome Red Teaming Resources
[2058Star][3m] infoslack/awesome-web-hacking A list of web application security
[2024Star][1y] bluscreenofjeff/red-team-infrastructure-wiki Wiki to collect Red Team infrastructure hardening resources
[2008Star][1m] tanprathan/mobileapp-pentest-cheatsheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[1897Star][2m] toolswatch/blackhat-arsenal-tools Official Black Hat Arsenal Security Tools Repository
[1767Star][1m] djadmin/awesome-bug-bounty A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
[1706Star][4m] ngalongc/bug-bounty-reference Inspired by
[1698Star][1y] coreb1t/awesome-pentest-cheat-sheets Collection of the cheat sheets useful for pentesting
[1602Star][6m] [Py] w1109790800/penetration 渗透超全面的渗透资料
[1587Star][6m] [Ruby] brunofacca/zen-rails-security-checklist Checklist of security precautions for Ruby on Rails applications.
[1510Star][24d] emijrp/awesome-awesome A curated list of awesome curated lists of many topics.
[1340Star][19d] grrrdog/java-deserialization-cheat-sheet The cheat sheet about Java Deserialization vulnerabilities
[1170Star][7m] joe-shenouda/awesome-cyber-skills A curated list of hacking environments where you can train your cyber skills legally and safely
[1126Star][2m] [Batchfile] ckjbug/hacking
[1124Star][2m] m4ll0k/awesome-hacking-tools Awesome Hacking Tools
[1095Star][13d] w00t3k/awesome-cellular-hacking Awesome-Cellular-Hacking
[1095Star][1y] paulsec/awesome-windows-domain-hardening A curated list of awesome Security Hardening techniques for Windows.
[1088Star][4m] zbetcheckin/security_list Great security list for fun and profit
[994Star][1y] [JS] 0xsobky/hackvault A container repository for my public web hacks!
[961Star][4m] [Py] jekil/awesome-hacking Awesome hacking is an awesome collection of hacking tools.
[944Star][7m] 0x4d31/awesome-threat-detection A curated list of awesome threat detection and hunting resources
[940Star][6m] sundowndev/hacker-roadmap
[908Star][9m] wtsxdev/penetration-testing List of awesome penetration testing resources, tools and other shiny things
[905Star][6m] [PowerShell] api0cradle/ultimateapplockerbypasslist The goal of this repository is to document the most common techniques to bypass AppLocker.
[899Star][6m] cn0xroot/rfsec-toolkit RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
[894Star][24d] tom0li/collection-document Collection of quality safety articles
[862Star][5m] [Shell] dominicbreuker/stego-toolkit Collection of steganography tools - helps with CTF challenges
[848Star][13d] explife0011/awesome-windows-kernel-security-development windows kernel security development
[803Star][4m] [Shell] danielmiessler/robotsdisallowed A curated list of the most common and most interesting robots.txt disallowed directories.
[762Star][10m] v2-dev/awesome-social-engineering A curated list of awesome social engineering resources.
[761Star][1m] daviddias/awesome-hacking-locations
[723Star][1y] [Py] averagesecurityguy/scripts Scripts I use during pentest engagements.
[709Star][1y] snifer/security-cheatsheets A collection of cheatsheets for various infosec tools and topics.
[696Star][4m] bit4woo/python_sec python安全和代码审计相关资料收集 resource collection of python security and code review
[685Star][2m] [C#] harleyqu1nn/aggressorscripts Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
[681Star][1m] andrewjkerr/security-cheatsheets
[667Star][8m] [XSLT] adon90/pentest_compilation Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
- Also In Section: Tools/OSCP |
[649Star][1y] dsasmblr/hacking-online-games A curated list of tutorials/resources for hacking online games.
[628Star][9m] webbreacher/offensiveinterview Interview questions to screen offensive (red team/pentest) candidates
[627Star][2m] redhuntlabs/awesome-asset-discovery List of Awesome Asset Discovery Resources
[619Star][3m] 3gstudent/pentest-and-development-tips A collection of pentest and development tips
[603Star][2m] [Shell] ashishb/osx-and-ios-security-awesome OSX and iOS related security tools
[589Star][1y] jiangsir404/audit-learning 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
[587Star][11m] pandazheng/ioshackstudy IOS安全学习资料汇总
[575Star][16d] [Py] hslatman/awesome-industrial-control-system-security A curated list of resources related to Industrial Control System (ICS) security.
[552Star][8m] guardrailsio/awesome-python-security Awesome Python Security resources
[452Star][8m] gradiuscypher/infosec_getting_started A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
[444Star][7m] jnusimba/miscsecnotes some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
[426Star][1y] meitar/awesome-lockpicking awesome-lockpicking：有关锁、保险箱、钥匙的指南、工具及其他资源的列表
[404Star][19d] meitar/awesome-cybersecurity-blueteam
[398Star][21d] [Py] bl4de/security-tools Collection of small security tools created mostly in Python. CTFs, pentests and so on
[394Star][3m] re4lity/hacking-with-golang Golang安全资源合集
[390Star][6m] [HTML] gexos/hacking-tools-repository A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
[384Star][1m] husnainfareed/awesome-ethical-hacking-resources
[380Star][1m] dsopas/assessment-mindset Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
[350Star][16d] fkromer/awesome-ros2 The Robot Operating System Version 2.0 is awesome!
[331Star][1m] softwareunderground/awesome-open-geoscience Curated from repositories that make our lives as geoscientists, hackers and data wranglers easier or just more awesome
[328Star][27d] [PowerShell] mgeeky/penetration-testing-tools A collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
[308Star][16d] cryptax/confsec Security, hacking conferences (list)
[303Star][4m] trimstray/technical-whitepapers Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
[299Star][1m] [HTML] eugenekolo/sec-tools A set of security related tools
[289Star][1m] hongrisec/web-security-attack Web安全相关内容
[265Star][1y] [JS] ropnop/serverless_toolkit A collection of useful Serverless functions I use when pentesting
[260Star][3m] mattnotmax/cyber-chef-recipes A list of cyber-chef recipes
[243Star][4m] zhaoweiho/web-sec-interview Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
[232Star][21d] pe3zx/my-infosec-awesome My curated list of awesome links, resources and tools on infosec related topics
[224Star][25d] euphrat1ca/security_w1k1 collect
[211Star][5m] guardrailsio/awesome-dotnet-security Awesome .NET Security Resources
[207Star][9m] jeansgit/redteam RedTeam资料收集整理
[205Star][9m] puresec/awesome-serverless-security A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
[201Star][1y] faizann24/resources-for-learning-hacking All the resources I could find for learning Ethical Hacking and penetration testing.
[201Star][1y] sigp/solidity-security-blog Comprehensive list of known attack vectors and common anti-patterns

Mixed

[24225Star][15d] trimstray/the-book-of-secret-knowledge A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
[10176Star][17d] enaqx/awesome-pentest A collection of awesome penetration testing resources, tools and other shiny things
[5384Star][8m] carpedm20/awesome-hacking A curated list of awesome Hacking tutorials, tools and resources
[4994Star][1m] sbilly/awesome-security A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
[3116Star][20d] [Rich Text Format] the-art-of-hacking/h4cker This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
[1710Star][20d] olivierlaflamme/cheatsheet-god Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet
- Also In Section: Tools/OSCP |
[573Star][5m] d30sa1/rootkits-list-download This is the list of all rootkits found so far on github and other sites.
[551Star][17d] [Perl] bollwarm/sectoolset The security tool(project) Set from github。github安全项目工具集合

WithoutTools

[33516Star][1y] [Py] minimaxir/big-list-of-naughty-strings The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
[8929Star][2m] vitalysim/awesome-hacking-resources A collection of hacking / penetration testing resources to make you better!
[2935Star][1m] blacckhathaceekr/pentesting-bible This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
[2660Star][1m] secwiki/sec-chart 安全思维导图集合
[2580Star][1y] [HTML] chybeta/web-security-learning Web-Security-Learning
[2427Star][1y] onlurking/awesome-infosec A curated list of awesome infosec courses and training resources.
[2306Star][10m] hack-with-github/free-security-ebooks Free Security and Hacking eBooks
[2054Star][2m] yeahhub/hacking-security-ebooks Top 100 Hacking & Security E-Books (Free Download)
[1917Star][3m] [Py] nixawk/pentest-wiki PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
[1434Star][4m] hmaverickadams/beginner-network-pentesting Notes for Beginner Network Pentesting Course

CollectionOfCollection

[32197Star][2m] hack-with-github/awesome-hacking A collection of various awesome lists for hackers, pentesters and security researchers

Book&&Tutorial&&Courses

[10844Star][1m] [CSS] hacker0x01/hacker101 Hacker101
[3897Star][3m] [PHP] paragonie/awesome-appsec A curated list of resources for learning about application security

Note&&Tips&&Tricks&&Talk&&Conference

NoCategory

[2786Star][29d] paulsec/awesome-sec-talks A collected list of awesome security talks
[671Star][2m] uknowsec/active-directory-pentest-notes 个人域渗透学习笔记
[540Star][9m] [PowerShell] threatexpress/red-team-scripts A collection of Red Team focused tools, scripts, and notes

blog

[1231Star][5m] chalker/notes Some public notes

Mobile

NoCategory

[4885Star][14d] [HTML] owasp/owasp-mstg The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
[4785Star][13d] [JS] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
[1940Star][20d] [Py] sensepost/objection objection： runtimemobile exploration
[1839Star][6m] [Java] fuzion24/justtrustme An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
[604Star][6m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
- Also In Section: Tools/Audit&&SecurityAudit&&CodeAudit/NoCategory |
[529Star][17d] [Shell] owasp/owasp-masvs The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
[370Star][1y] [CSS] nowsecure/secure-mobile-development A Collection of Secure Mobile Development Best Practices
[320Star][5m] [Java] datatheorem/trustkit-android Easy SSL pinning validation and reporting for Android.

Android

[4221Star][23d] [Shell] ashishb/android-security-awesome A collection of android security related resources
[2294Star][1y] [Java] csploit/android cSploit - The most complete and advanced IT security professional toolkit on Android.
[2089Star][8m] [Py] linkedin/qark Tool to look for several security related Android application vulnerabilities
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/VulnerabilityScan&&BugHunting/VulnerabilityScan/NoCategory |
[2033Star][9m] jermic/android-crack-tool
[1966Star][7m] [Py] fsecurelabs/drozer The Leading Security Assessment Framework for Android.
[1414Star][10m] [Java] aslody/legend A framework for hook java methods.
[1393Star][13d] [Java] chrisk44/hijacker Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
[1202Star][26d] [Java] find-sec-bugs/find-sec-bugs The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
[1199Star][2m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
[781Star][2m] sh4hin/androl4b A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
- Also In Section: Tools/EvnSetup&&Env/NoCategory |
[664Star][17d] doridori/android-security-reference A W.I.P Android Security Ref
[511Star][3m] [JS] wooyundota/droidsslunpinning Android certificate pinning disable tools
[462Star][3m] [JS] lyxhh/lxhtoolhttpdecrypt Simple Android/iOS protocol analysis and utilization tool
[383Star][1y] [Py] thehackingsage/hacktronian All in One Hacking Tool for Linux & Android
[372Star][3m] [Java] megatronking/netbare Net packets capture & injection library designed for Android
[358Star][4m] [C] the-cracker-technology/andrax-mobile-pentest ANDRAX The first and unique Penetration Testing platform for Android smartphones
[348Star][4m] [Makefile] crifan/android_app_security_crack 安卓应用的安全和破解
[341Star][4m] b3nac/android-reports-and-resources A big list of Android Hackerone disclosed reports and other resources.
[326Star][14d] [TypeScript] shroudedcode/apk-mitm
- Also In Section: Tools/Network&&Sniff&&Mitm/NoCategory |Tools/Network&&Sniff&&Mitm/MITM |
[248Star][9m] [C] chef-koch/android-vulnerabilities-overview An small overview of known Android vulnerabilities
[233Star][1y] [Ruby] hahwul/droid-hunter Android application vulnerability analysis and Android pentest tool

iOS&&MacOS&&iPhone&&iPad&&iWatch

[5299Star][5m] [C] pwn20wndstuff/undecimus unc0ver jailbreak for iOS 11.0 - 12.4
[5097Star][2m] [Py] axi0mx/ipwndfu open-source jailbreaking tool for many iOS devices
[4143Star][7m] [Objective-C] alonemonkey/monkeydev CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
[3411Star][6m] icodesign/potatso Potatso is an iOS client that implements different proxies with the leverage of NetworkExtension framework in iOS 10+.
[3072Star][9m] [JS] jipegit/osxauditor OS X Auditor is a free Mac OS X computer forensics tool
[1685Star][5m] [Py] yelp/osxcollector A forensic evidence collection & analysis toolkit for OS X
[1366Star][6m] [Objective-C] nabla-c0d3/ssl-kill-switch2 Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
[1259Star][5m] [JS] feross/spoof Easily spoof your MAC address in macOS, Windows, & Linux!
[1218Star][5m] [Vue] chaitin/passionfruit [WIP] Crappy iOS app analyzer
[1214Star][19d] [C] datatheorem/trustkit Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
[1174Star][29d] [YARA] horsicq/detect-it-easy Program for determining types of files for Windows, Linux and MacOS.
[1121Star][4m] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
[1094Star][1y] [Objective-C] neoneggplant/eggshell iOS/macOS/Linux Remote Administration Tool
[969Star][1y] [Py] mwrlabs/needle The iOS Security Testing Framework
[898Star][2m] [Objective-C] ptoomey3/keychain-dumper A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
[577Star][2m] siguza/ios-resources Useful resources for iOS hacking
[475Star][1y] [Swift] icepa/icepa iOS system-wide VPN based Tor client
[385Star][3m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/NoCategory |
[321Star][30d] [Objective-C] auth0/simplekeychain A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
[213Star][10m] [AppleScript] lifepillar/csvkeychain Import/export between Apple Keychain.app and plain CSV file.
[204Star][7m] [C] owasp/igoat OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar

CTF&&HTB

NoCategory

[952Star][2m] ctfs/resources A general collection of information, tools, and tips regarding CTFs and similar security competitions
[744Star][1m] [Py] ashutosh1206/crypton Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Authentication methods along with example challenges from CTFs
[634Star][8m] cryptogenic/exploit-writeups A collection where my current and future writeups for exploits/CTF will go
[474Star][5m] [PHP] wonderkun/ctf_web a project aim to collect CTF web practices .
[472Star][3m] [PHP] susers/writeups 国内各大CTF赛题及writeup整理
[450Star][8m] [Py] christhecoolhut/zeratool Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
[410Star][3m] ctftraining/ctftraining CTF Training 经典赛题复现环境
[307Star][5m] [C] sixstars/ctf A writeup summary for CTF competitions, problems.
[294Star][28d] [HTML] balsn/ctf_writeup CTF writeups from Balsn
[290Star][9m] [HTML] s1gh/ctf-literature Collection of free books, papers and articles related to CTF challenges.
[283Star][10m] [Shell] ctf-wiki/ctf-tools CTF 工具集合
[260Star][5m] [CSS] l4wio/ctf-challenges-by-me Pwnable|Web Security|Cryptography CTF-style challenges
[253Star][6m] [Shell] lieanu/libcsearcher glibc offset search for ctf.
[233Star][8m] harmoc/ctftools Personal CTF Toolkit
[209Star][1y] [Py] 3summer/ctf-rsa-tool a little tool help CTFer solve RSA problem

Collection

[3857Star][1m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[3857Star][1m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[1709Star][1m] [PHP] orangetw/my-ctf-web-challenges Collection of CTF Web challenges I made
[945Star][19d] [C] bt3gl/pentesting-toolkit Tools for pentesting, CTFs & wargames.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/NoCategory |
[358Star][4m] xtiankisutsa/awesome-mobile-ctf This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
- Also In Section: Tools/VulnerableMachine/Collection |

HTB

[642Star][28d] hackplayers/hackthebox-writeups Writeups for HacktheBox 'boot2root' machines

CTF

NoCategory

[6102Star][1y] [Hack] facebook/fbctf Platform to host Capture the Flag competitions
[5861Star][14d] [Py] gallopsled/pwntools CTF framework and exploit development library
[4317Star][1m] [Shell] zardus/ctf-tools Some setup scripts for security research tools.
[2756Star][19d] [HTML] ctf-wiki/ctf-wiki CTF Wiki Online. Come and join us, we need you!
[2295Star][19d] [Py] ctfd/ctfd CTFs as you need them
[1531Star][1m] [C] firmianay/ctf-all-in-one CTF竞赛入门指南
[1343Star][4m] [Go] google/google-ctf Google CTF
[1340Star][3m] [C] taviso/ctftool Interactive CTF Exploration Tool
[1248Star][11m] [Py] unapibageek/ctfr Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
[1244Star][2m] [Py] ganapati/rsactftool RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
[1132Star][16d] [Py] p4-team/ctf Ctf solutions from p4 team
[1034Star][2m] [C] trailofbits/ctf CTF Field Guide
[1013Star][12m] naetw/ctf-pwn-tips Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
[845Star][1m] [Ruby] w181496/web-ctf-cheatsheet Web CTF CheatSheet
[824Star][28d] ignitetechnologies/privilege-escalation This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
[780Star][2m] [Py] acmesec/ctfcracktools China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
[609Star][1m] [Shell] diego-treitos/linux-smart-enumeration Linux enumeration tool for pentesting and CTFs with verbosity levels
[423Star][6m] [HTML] ctf-wiki/ctf-challenges
[397Star][2m] [Py] j00ru/ctf-tasks An archive of low-level CTF challenges developed over the years
[381Star][14d] [Py] moloch--/rootthebox A Game of Hackers (CTF Scoreboard & Game Manager)
[373Star][4m] [C] hackgnar/ble_ctf A Bluetooth low energy capture the flag
[309Star][2m] [PHP] nakiami/mellivora Mellivora is a CTF engine written in PHP
[302Star][7m] [Py] screetsec/brutesploit BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
[292Star][2m] [Py] christhecoolhut/pinctf Using Intel's PIN tool to solve CTF problems
[275Star][11m] [Py] hongrisec/ctf-training 收集各大比赛的题目和Writeup
[252Star][5m] [Shell] ctfhacker/epictreasure Batteries included CTF VM
[236Star][12m] [Java] shiltemann/ctf-writeups-public Writeups for infosec Capture the Flag events by team Galaxians
[218Star][2m] [HTML] sectalks/sectalks CTFs, solutions and presentations
[215Star][1m] [C] david942j/ctf-writeups Collection of scripts and writeups

Writeup

[1813Star][1y] [CSS] ctfs/write-ups-2015 Wiki-like CTF write-ups repository, maintained by the community. 2015
[1763Star][11m] [Py] ctfs/write-ups-2017 Wiki-like CTF write-ups repository, maintained by the community. 2017
[586Star][1m] [Py] pwning/public-writeup CTF write-ups by Plaid Parliament of Pwning
[489Star][8m] manoelt/50m_ctf_writeup $50 Million CTF from Hackerone - Writeup
[275Star][7m] [HTML] bl4de/ctf CTF (Capture The Flag) writeups, code snippets, notes, scripts
[222Star][1y] [Shell] ctfs/write-ups-2018 Wiki-like CTF write-ups repository, maintained by the community. 2018

Collection

Vulnerability&&BugHunting&&Exploit&&Fuzzing

NoCategory

[1968Star][12d] [Java] jeremylong/dependencycheck OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
[1797Star][27d] [TypeScript] snyk/snyk CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
[1619Star][18d] roave/securityadvisories ensures that your application doesn't have installed dependencies with known security vulnerabilities
[1535Star][1m] [Java] spotbugs/spotbugs SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
[1284Star][12m] [Py] xyntax/poc-t 渗透测试插件化并发框架 / Open-sourced remote vulnerability PoC/EXP framework
[1232Star][30d] [JS] archerysec/archerysec Centralize Vulnerability Assessment and Management for DevSecOps Team
[1079Star][19d] [Jupyter Notebook] ibm/adversarial-robustness-toolbox Python library for adversarial machine learning, attacks and defences for neural networks, logistic regression, decision trees, SVM, gradient boosted trees, Gaussian processes and more with multiple framework support
[1074Star][1y] [PowerShell] rasta-mouse/sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
[1018Star][16d] [HTML] defectdojo/django-defectdojo DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
[901Star][19d] [Py] knownsec/pocsuite3 pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
[814Star][6m] numirias/security Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
[813Star][3m] [JS] creditease-sec/insight 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
[806Star][1y] [Py] leviathan-framework/leviathan wide range mass audit toolkit
[625Star][5m] [Py] pyupio/safety Safety checks your installed dependencies for known security vulnerabilities
[578Star][7m] [Java] olacabs/jackhammer Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
[567Star][12d] arkadiyt/bounty-targets-data This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
[541Star][1y] [Java] mr5m1th/poc-collect 各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
[540Star][10m] [PHP] zhuifengshaonianhanlu/pikachu 一个好玩的Web安全-漏洞测试平台
[462Star][1m] [Java] joychou93/java-sec-code Java common vulnerabilities and security code.
[430Star][28d] [Py] google/vulncode-db Vulncode-DB project
[428Star][4m] [Py] crocs-muni/roca ROCA: Infineon RSA key vulnerability
[409Star][4m] [Java] nccgroup/freddy Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
[395Star][17d] [Go] cbeuw/cloak A universal pluggable transport utilising TLS domain fronting to evade deep packet inspection and active probing from state-level adversaries
[379Star][10m] skyblueeternal/thinkphp-rce-poc-collection thinkphp v5.x 远程代码执行漏洞-POC集合
[372Star][6m] tidesec/tide 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
[361Star][12m] hannob/vulns Named vulnerabilities and their practical impact
[357Star][8m] [C] vulnreproduction/linuxflaw This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
[354Star][6m] [PHP] fate0/prvd PHP Runtime Vulnerability Detection
[351Star][6m] [Py] orangetw/awesome-jenkins-rce-2019 There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
[342Star][2m] snyk/zip-slip-vulnerability Zip Slip Vulnerability (Arbitrary file write through archive extraction)
[335Star][2m] [Java] denimgroup/threadfix ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to
[314Star][27d] [Java] sap/vulnerability-assessment-tool Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy.
[312Star][11m] cryin/paper Web Security Technology & Vulnerability Analysis Whitepapers
[299Star][16d] [Py] ym2011/poc-exp Collecting and writing PoC or EXP for vulnerabilities on some application
[291Star][3m] [Py] christhecoolhut/firmware_slap Discovering vulnerabilities in firmware through concolic analysis and function clustering.
[286Star][2m] [Py] fplyth0ner-combie/bug-project-framework 漏洞利用框架模块分享仓库
[283Star][4m] [C#] l0ss/grouper2 Find vulnerabilities in AD Group Policy
[283Star][7m] [C] tangsilian/android-vuln 安卓内核提权漏洞分析
[271Star][21d] disclose/disclose Driving safety, simplicity, and standardization in vulnerability disclosure.
[265Star][1y] [Py] ucsb-seclab/bootstomp BootStomp: a bootloader vulnerability finder
[263Star][1y] [JS] portswigger/hackability Probe a rendering engine for vulnerabilities and other features
[249Star][5m] [Py] jcesarstef/dotdotslash Search for Directory Traversal Vulnerabilities
[234Star][19d] [HTML] edoverflow/bugbountyguide Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
[220Star][2m] [Py] ismailtasdelen/hackertarget attack surface discovery and identification of security vulnerabilities
[211Star][2m] [C++] atxsinn3r/vulncases Oh it's just a bunch of vulns for references.
[207Star][6m] [Py] jas502n/cnvd-c-2019-48814 WebLogic wls9-async反序列化远程命令执行漏洞
[202Star][6m] [Py] greekn/rce-bug 新漏洞感知项目主要帮助大家记录一些重大漏洞漏洞方面的细节
[201Star][2m] [Ruby] appfolio/gemsurance Gem vulnerability checker using rubysec/ruby-advisory-db
[201Star][7m] [C++] j00ru/kfetch-toolkit A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities

Collectioin

[3444Star][8m] [C] rpisec/mbe Course materials for Modern Binary Exploitation by RPISEC
[3429Star][4m] [PHP] hanc00l/wooyun_public This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
[2954Star][8m] [C] secwiki/linux-kernel-exploits linux-kernel-exploits Linux平台提权漏洞集合
[2600Star][1m] xairy/linux-kernel-exploitation A bunch of links related to Linux kernel exploitation
[2072Star][14d] [PowerShell] k8gege/k8tools K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
[1962Star][14d] qazbnm456/awesome-cve-poc CVE PoC列表
[1882Star][1m] [HTML] gtfobins/gtfobins.github.io Curated list of Unix binaries that can be exploited to bypass system security restrictions
[1701Star][3m] tunz/js-vuln-db A collection of JavaScript engine CVEs with PoCs
[1196Star][1y] felixgr/secure-ios-app-dev Collection of the most common vulnerabilities found in iOS applications
[1093Star][5m] [Py] coffeehb/some-poc-or-exp 各种漏洞poc、Exp的收集或编写
[1044Star][14d] [Py] offensive-security/exploitdb-bin-sploits Exploit Database binary exploits located in the /sploits directory
[1020Star][1m] [C] xairy/kernel-exploits My proof-of-concept exploits for the Linux kernel
[1006Star][19d] [Py] thekingofduck/fuzzdicts Web Pentesting Fuzz 字典,一个就够了。
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/VulnerabilityScan&&BugHunting/Fuzzing/NoCategory |
[977Star][10m] [Py] xiphosresearch/exploits Miscellaneous exploit code
[962Star][11m] [PHP] secwiki/cms-hunter CMS漏洞测试用例集合
[938Star][5m] [C] dhavalkapil/heap-exploitation This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
[894Star][2m] [Py] nullsecuritynet/tools Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
[672Star][1y] [C] billy-ellis/exploit-challenges A collection of vulnerable ARM binaries for practicing exploit development
[609Star][7m] yeyintminthuhtut/awesome-advanced-windows-exploitation-references List of Awesome Advanced Windows Exploitation References
[568Star][1y] [C] externalist/exploit_playground Analysis of public exploits or my 1day exploits
[483Star][7m] [C] jiayy/android_vuln_poc-exp This project contains pocs and exploits for vulneribilities I found (mostly)
[417Star][9m] [C] hardenedlinux/linux-exploit-development-tutorial a series tutorial for linux exploit development to newbie.
[329Star][1y] snyk/vulnerabilitydb Snyk's public vulnerability database
[268Star][10m] [Py] secwiki/office-exploits office-exploits Office漏洞集合
[222Star][2m] [Py] boy-hack/airbug Airbug(空气洞)，收集漏洞poc用于安全产品
[222Star][1y] [C++] wnagzihxa1n/browsersecurity 我在学习浏览器安全过程中整理的漏洞分析笔记与相关的学习资料

ExploitDevelopment

NoCategory

[3705Star][10m] [Py] longld/peda PEDA - Python Exploit Development Assistance for GDB
[2488Star][13d] [Py] hugsy/gef GEF - GDB Enhanced Features for exploit devs & reversers
[2362Star][22d] [Py] pwndbg/pwndbg Exploit Development and Reverse Engineering with GDB Made Easy
[465Star][10m] [Py] wapiflapi/villoc Visualization of heap operations.

ROP

[2101Star][27d] [Py] jonathansalwan/ropgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
[931Star][13d] [Py] sashs/ropper Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.
[677Star][11m] [HTML] zhengmin1989/myarticles 蒸米的文章（iOS冰与火之歌系列，一步一步学ROP系列，安卓动态调试七种武器系列等）

VulnerabilityScan&&BugHunting

NoCategory

VulnerabilityScan

NoCategory

[6953Star][24d] [Go] future-architect/vuls Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
[6516Star][16d] [Java] zaproxy/zaproxy The OWASP ZAP core project
[5563Star][17d] [Ruby] presidentbeef/brakeman A static analysis security vulnerability scanner for Ruby on Rails applications
[2904Star][21d] [Py] andresriancho/w3af w3af: web application attack and audit framework, the open source web vulnerability scanner.
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/NoCategory |
[2440Star][6m] [Py] ysrc/xunfeng 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。
[2403Star][28d] [Go] knqyf263/trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
[2089Star][8m] [Py] linkedin/qark Tool to look for several security related Android application vulnerabilities
- Also In Section: Tools/Mobile/Android |
[1873Star][1m] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/Recon&&InfoGather |
[1864Star][3m] [Py] python-security/pyt A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
[1629Star][1y] [Py] evyatarmeged/raccoon A high performance offensive security tool for reconnaissance and vulnerability scanning
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/Recon&&InfoGather |
[1370Star][6m] [Py] almandin/fuxploider File upload vulnerability scanner and exploitation tool.
[1339Star][5m] [Py] s0md3v/striker Striker is an offensive information and vulnerability scanner.
[1023Star][7m] [Py] lucifer1993/angelsword Python3编写的CMS漏洞检测框架
[932Star][1y] [Java] google/firing-range a test bed for web application security scanners, providing synthetic, wide coverage for an array of vulnerabilities.
[913Star][4m] threathuntingproject/threathunting An informational repo about hunting for adversaries in your IT environment.
[884Star][1m] [Go] opensec-cn/kunpeng kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。
[884Star][2m] [Py] hasecuritysolutions/vulnwhisperer Create actionable data from your Vulnerability Scans
[852Star][3m] [Py] boy-hack/w9scan Plug-in type web vulnerability scanner
[840Star][3m] [Py] lijiejie/bbscan A vulnerability scanner focus on scanning large number of targets in short time with a minimal set of rules.
[725Star][10m] [PowerShell] l0ss/grouper A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
[643Star][5m] [Perl] moham3driahi/xattacker X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
[632Star][5m] [PHP] mattiasgeniar/php-exploit-scripts A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
[602Star][10m] [Dockerfile] aquasecurity/microscanner Scan your container images for package vulnerabilities with Aqua Security
[539Star][5m] [JS] seccubus/seccubus Easy automated vulnerability scanning, reporting and analysis
[523Star][3m] [Py] hatboy/struts2-scan Struts2全漏洞扫描利用工具
[513Star][7m] [Py] wyatu/perun Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
[491Star][14d] [C#] k8gege/ladon Ladon一款用于大型网络渗透的多线程插件化综合扫描神器，含端口扫描、服务识别、网络资产、密码爆破、高危漏洞检测以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描。5.5版本内置39个功能模块,通过多种协议以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、数据库等信息，漏洞检测包含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2等，密码爆破11种含数据库(Mysql、Oracle、MSSQL)、FTP、SSH(Linux主机)、VNC、Windows密码(IPC、WMI、SMB)、Weblogic后台、Rar压缩包密码等，Web指…
[488Star][2m] [Perl 6] rezasp/joomscan OWASP Joomla Vulnerability Scanner Project
[452Star][1m] [C] greenbone/openvas-scanner Open Vulnerability Assessment Scanner
[443Star][5m] [Py] dr0op/weblogicscan 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
[436Star][15d] [Py] k8gege/k8cscan K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动
[375Star][10m] [Py] hahwul/a2sv Auto Scanning to SSL Vulnerability

[362Star][1m] [Py] l4ys/lazyida Make your IDA Lazy!

View Details

  ### 功能
  - 快速移除函数返回类型
  - 数据格式(format)快速转换
  - 扫描字符串格式化漏洞
  - 双击跳转vtable函数
  - 快捷键: w/c/v
  </details>

[351Star][1m] [C#] security-code-scan/security-code-scan Vulnerability Patterns Detector for C# and VB.NET
[343Star][2m] [Py] chenjj/corscanner Fast CORS misconfiguration vulnerabilities scanner
[319Star][3m] [Py] vulmon/vulmap Vulmap Online Local Vulnerability Scanners Project
[318Star][7m] [C#] yalcinyolalan/wssat WEB SERVICE SECURITY ASSESSMENT TOOL
[297Star][4m] [Py] zhaoweiho/securitymanageframwork Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer securit…
[287Star][1y] [Py] flipkart-incubator/watchdog Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
[285Star][2m] [Py] utiso/dorkbot Command-line tool to scan Google search results for vulnerabilities
[279Star][7m] [Py] vulscanteam/vulscan vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
[276Star][5m] [Perl] rezasp/vbscan OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
[257Star][2m] [JS] stono/hawkeye A project security/vulnerability/risk scanning tool
[246Star][4m] [Shell] peterpt/eternal_scanner An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)
[226Star][1y] [Py] leapsecurity/libssh-scanner Script to identify hosts vulnerable to CVE-2018-10933
[222Star][1y] [C++] ucsb-seclab/dr_checker DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers
[218Star][7m] [Py] skewwg/vulscan 漏洞扫描：st2、tomcat、未授权访问等等
[211Star][6m] [Py] kingkaki/weblogic-scan weblogic 漏洞扫描工具
[208Star][20d] [Py] sethsec/celerystalk An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

Web漏洞

系统漏洞

App漏洞

移动平台漏洞

Fuzzing

NoCategory

[4649Star][29d] [C] google/oss-fuzz OSS-Fuzz - continuous fuzzing of open source software.
[3992Star][12d] [Py] google/clusterfuzz Scalable fuzzing infrastructure.
[3169Star][1m] [Go] dvyukov/go-fuzz Randomized testing for Go
[1706Star][1y] [PowerShell] fuzzysecurity/powershell-suite My musings with PowerShell
[1335Star][2m] [C] googleprojectzero/winafl A fork of AFL for fuzzing Windows binaries
[1107Star][9m] [Py] openrce/sulley A pure-python fully automated and unattended fuzzing framework.
[1100Star][28d] bo0om/fuzz.txt Potentially dangerous files
[1006Star][19d] [Py] thekingofduck/fuzzdicts Web Pentesting Fuzz 字典,一个就够了。
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/Collectioin |
[990Star][28d] [C] google/fuzzer-test-suite Set of tests for fuzzing engines
[859Star][18d] [Py] swisskyrepo/ssrfmap Automatic SSRF fuzzer and exploitation tool
[850Star][25d] [Go] sahilm/fuzzy Go library that provides fuzzy string matching optimized for filenames and code symbols in the style of Sublime Text, VSCode, IntelliJ IDEA et al.
[808Star][1m] [C] rust-fuzz/afl.rs
[788Star][17d] [Swift] googleprojectzero/fuzzilli A JavaScript Engine Fuzzer
[748Star][23d] [Py] jtpereyda/boofuzz A fork and successor of the Sulley Fuzzing Framework
[736Star][7m] [HTML] tennc/fuzzdb 一个fuzzdb扩展库
[689Star][14d] [Go] ffuf/ffuf Fast web fuzzer written in Go
[634Star][28d] [Go] google/gofuzz Fuzz testing for go.
[628Star][4m] [C] kernelslacker/trinity Linux system call fuzzer
[608Star][14d] [C] google/afl american fuzzy lop - a security-oriented fuzzer
[588Star][4m] [Py] nongiach/arm_now arm_now is a qemu powered tool that allows instant setup of virtual machines on arm cpu, mips, powerpc, nios2, x86 and more, for reverse, exploit, fuzzing and programming purpose.
[569Star][19d] [Py] 1n3/blackwidow A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
[541Star][8m] [Py] shellphish/fuzzer A Python interface to AFL, allowing for easy injection of testcases and other functionality.
[516Star][2m] [C++] angorafuzzer/angora Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
[500Star][12d] [Py] mozillasecurity/funfuzz A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
[472Star][1y] [Py] c0ny1/upload-fuzz-dic-builder 上传漏洞fuzz字典生成脚本
[471Star][16d] [Py] trailofbits/deepstate A unit test-like interface for fuzzing and symbolic execution
[453Star][1m] [Rust] rust-fuzz/cargo-fuzz Command line helpers for fuzzing
[424Star][2m] [Perl] wireghoul/dotdotpwn DotDotPwn - The Directory Traversal Fuzzer
[404Star][6m] [Ruby] tidesec/fuzzscanner 一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
[398Star][4m] [C] mykter/afl-training Exercises to learn how to fuzz with American Fuzzy Lop
[384Star][6m] [C] coolervoid/0d1n Web security tool to make fuzzing at HTTP/S, Beta
[379Star][27d] [Haskell] crytic/echidna Ethereum fuzz testing framework
[378Star][3m] [Rust] microsoft/lain A fuzzer framework built in Rust
[370Star][1m] [TypeScript] fuzzitdev/jsfuzz coverage guided fuzz testing for javascript
[364Star][1y] [C] battelle/afl-unicorn afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
[357Star][3m] [C++] googleprojectzero/brokentype TrueType and OpenType font fuzzing toolset
[340Star][4m] [Java] google/graphicsfuzz A testing framework for automatically finding and simplifying bugs in graphics shader compilers.
[340Star][1m] [C++] sslab-gatech/qsym QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
[337Star][11m] [Py] joxeankoret/nightmare A distributed fuzzing testing suite with web administration
[311Star][3m] lcatro/source-and-fuzzing 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..
[306Star][5m] [Py] cisco-talos/mutiny-fuzzer
[304Star][9m] [Py] cisco-sas/kitty Fuzzing framework written in python
[298Star][10m] [Py] mseclab/pyjfuzz PyJFuzz - Python JSON Fuzzer
[292Star][5m] [Py] mozillasecurity/dharma Generation-based, context-free grammar fuzzer.
[283Star][10m] [C++] gamozolabs/applepie A hypervisor for fuzzing built with WHVP and Bochs
[278Star][11m] [Py] mrash/afl-cov Produce code coverage results with gcov from afl-fuzz test cases
[278Star][10m] [C] samhocevar/zzuf Application fuzzer
[277Star][1m] [Py] tomato42/tlsfuzzer SSL and TLS protocol test suite and fuzzer
[273Star][17d] [HTML] mozillasecurity/fuzzdata Fuzzing resources for feeding various fuzzers with input.
[272Star][1y] [C++] dekimir/ramfuzz Combining Unit Tests, Fuzzing, and AI
[268Star][17d] [C] aflsmart/aflsmart Smart Greybox Fuzzing (
[263Star][8m] [Py] mozillasecurity/peach Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.
[245Star][7m] [C++] ucsb-seclab/difuze Fuzzer for Linux Kernel Drivers
[239Star][5m] [C] compsec-snu/razzer A Kernel fuzzer focusing on race bugs
[239Star][1y] [Py] hgascon/pulsar Protocol Learning and Stateful Fuzzing
[230Star][4m] [HTML] rootup/bfuzz Fuzzing Browsers
[222Star][3m] [C] pagalaxylab/unifuzzer A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
[221Star][3m] [C] dongdongshe/neuzz neural network assisted fuzzer
[214Star][27d] cpuu/awesome-fuzzing A curated list of awesome Fuzzing(or Fuzz Testing) for software security
[212Star][3m] [C++] lifting-bits/grr High-throughput fuzzer and emulator of DECREE binaries
[210Star][4m] [C] hunter-ht-2018/ptfuzzer Improving AFL by using Intel PT to collect branch information
[207Star][4m] [HTML] ajinabraham/droid-application-fuzz-framework Android application fuzzing framework with fuzzers and crash monitor.
[203Star][2m] [Py] jwilk/python-afl American Fuzzy Lop fork server and instrumentation for pure-Python code

Collection

[3792Star][1m] [PHP] fuzzdb-project/fuzzdb Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
[2864Star][5m] secfigo/awesome-fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

Fuzzer

[2629Star][17d] [Go] google/syzkaller syzkaller is an unsupervised coverage-guided kernel fuzzer
[2346Star][1m] [Py] xmendez/wfuzz Web application fuzzer
[1699Star][21d] [C] google/honggfuzz Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
[1051Star][2m] [Py] googleprojectzero/domato DOM fuzzer

Exploit

漏洞利用

[3933Star][3m] [Py] nullarray/autosploit Automated Mass Exploiter
[3364Star][1m] [C] shellphish/how2heap A repository for learning various heap exploitation techniques.
[2175Star][10m] [JS] secgroundzero/warberry WarBerryPi - Tactical Exploitation
[1448Star][3m] [Py] epinna/tplmap Server-Side Template Injection and Code Injection Detection and Exploitation Tool
[1180Star][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |Tools/Database&&SQLAttack&&SQLInjection/NoSQL/NoCategory |
[1080Star][6m] [Go] sensepost/ruler A tool to abuse Exchange services
[822Star][1m] [Py] nil0x42/phpsploit Stealth post-exploitation framework
[818Star][7m] [Shell] niklasb/libc-database Build a database of libc offsets to simplify exploitation
[797Star][28d] [Ruby] rastating/wordpress-exploit-framework A Ruby framework designed to aid in the penetration testing of WordPress systems.
[792Star][12d] cveproject/cvelist Pilot program for CVE submission through GitHub
[665Star][10m] [JS] theori-io/pwnjs A Javascript library for browser exploitation
[600Star][5m] [Java] sigploiter/sigploit SigPloit: Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
[568Star][1y] [Py] spencerdodd/kernelpop kernel privilege escalation enumeration and exploitation framework
[510Star][8m] [Py] dark-lbp/isf ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python
[474Star][25d] [C] r0hi7/binexp Linux Binary Exploitation
[449Star][5m] [Py] shellphish/rex Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
[429Star][11m] [Py] neohapsis/bbqsql SQL Injection Exploitation Tool
[394Star][20d] [Py] corkami/collisions Hash collisions and their exploitations
[378Star][2m] [Py] sab0tag3d/siet Smart Install Exploitation Tool
[346Star][9m] [C] wapiflapi/exrs Exercises for learning Reverse Engineering and Exploitation.
[345Star][29d] [JS] fsecurelabs/dref DNS Rebinding Exploitation Framework
[315Star][1y] [C] tharina/blackhoodie-2018-workshop Slides and challenges for my binary exploitation workshop at BlackHoodie 2018.
[314Star][13d] [Shell] zmarch/orc Orc is a post-exploitation framework for Linux written in Bash
[300Star][4m] [JS] vngkv123/asiagaming Chrome, Safari Exploitation
[288Star][9m] [Py] immunit/drupwn Drupal enumeration & exploitation tool
[284Star][1m] xairy/vmware-exploitation A bunch of links related to VMware escape exploits
[282Star][12m] [C] str8outtaheap/heapwn Linux Heap Exploitation Practice
[280Star][1y] [Py] novicelive/bintut Teach you a binary exploitation for great good.
[273Star][12m] [Py] fox-it/aclpwn.py Active Directory ACL exploitation with BloodHound
[266Star][22d] [Py] 0xinfection/xsrfprobe The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
[257Star][3m] [HTML] sp1d3r/swf_json_csrf swf_json_csrf：简化基于 SWF的 JSON CSRF exploitation
[250Star][7m] [Py] xairy/easy-linux-pwn A set of Linux binary exploitation tasks for beginners on various architectures
[243Star][26d] [Py] 0xinfection/xsrfprobe The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
[231Star][10m] [C] r3x/how2kernel This Repository aims at giving a basic idea about Kernel Exploitation.

Exp&&PoC

[1363Star][1m] [Py] bitsadmin/wesng Windows Exploit Suggester - Next Generation
[1353Star][6m] [Py] vulnerscom/getsploit Command line utility for searching and downloading exploits
[1322Star][4m] [Py] lijiejie/githack A .git folder disclosure exploit
[1120Star][4m] [Py] qyriad/fusee-launcher work-in-progress launcher for one of the Tegra X1 bootROM exploits
[930Star][10m] [Shell] 1n3/findsploit Find exploits in local and online databases instantly
[918Star][5m] [JS] reswitched/pegaswitch PegaSwitch is an exploit toolkit for the Nintendo Switch
[881Star][3m] [C] theofficialflow/h-encore Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
[711Star][1y] [Py] rfunix/pompem Find exploit tool
[707Star][11m] [HTML] juansacco/exploitpack Exploit Pack -The next generation exploit framework
[703Star][4m] [Py] rhinosecuritylabs/security-research Exploits written by the Rhino Security Labs team
[695Star][6m] [C] unamer/vmware_escape VMware Escape Exploit before VMware WorkStation 12.5.5
[681Star][1y] [C] saelo/pwn2own2018 A Pwn2Own exploit chain
[636Star][4m] smgorelik/windows-rce-exploits The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams.
[621Star][4m] [C++] eliboa/tegrarcmgui C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)
[617Star][4m] [Perl] jondonas/linux-exploit-suggester-2 Next-Generation Linux Kernel Exploit Suggester
[608Star][3m] [C] matheus-garbelini/esp32_esp8266_attacks Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[607Star][8m] [Py] al-azif/ps4-exploit-host Easy PS4 Exploit Hosting
[580Star][1y] [JS] cryptogenic/ps4-5.05-kernel-exploit A fully implemented kernel exploit for the PS4 on 5.05FW
[580Star][10m] mtivadar/windows10_ntfs_crash_dos PoC for a NTFS crash that I discovered, in various Windows versions
[552Star][9m] [C] t00sh/rop-tool A tool to help you write binary exploits
[544Star][2m] [Py] tarunkant/gopherus This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
[523Star][5m] [Py] bignerd95/chimay-red Working POC of Mikrotik exploit from Vault 7 CIA Leaks
[489Star][6m] [Py] danigargu/heap-viewer An IDA Pro plugin to examine the glibc heap, focused on exploit development
[489Star][5m] [Py] metachar/phonesploit Using open Adb ports we can exploit a Andriod Device
[488Star][7m] [Py] lijiejie/ds_store_exp A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
[481Star][5m] [PHP] cfreal/exploits Some of my exploits.
[473Star][2m] [JS] acmesec/pocbox PoCBox - 赏金猎人的脆弱性测试辅助平台（破300star写重构版本，400star免费线上版本开放【在线食用地址：由于经常被DDOS导致服务器资源恶意被占用费用过大决定关闭服务】，1000star开源重构全新版本！）
[472Star][9m] [Py] insecurityofthings/jackit JackIt - Exploit Code for Mousejack
[435Star][1y] [Py] jfoote/exploitable The 'exploitable' GDB plugin. I don't work at CERT anymore, but here is the original homepage:
[431Star][9m] [Shell] r00t-3xp10it/fakeimageexploiter Use a Fake image.jpg to exploit targets (hide known file extensions)
[418Star][11m] [Shell] nilotpalbiswas/auto-root-exploit Auto Root Exploit Tool
[412Star][3m] [Py] misterch0c/malsploitbase Malware exploits
[402Star][1y] [C] ww9210/linux_kernel_exploits Repo for FUZE project. I will also publish some Linux kernel LPE exploits for various real world kernel vulnerabilities here. the samples are uploaded for education purposes for red and blue teams.
[390Star][7m] [Py] jm33-m0/massexpconsole for concurrent exploiting
[383Star][12m] [JS] linushenze/webkit-regex-exploit
[378Star][12m] [PHP] bo0om/php_imap_open_exploit Bypassing disabled exec functions in PHP (c) CRLF
[372Star][2m] [PHP] mm0r1/exploits Pwn stuff.
[349Star][1m] [Shell] th3xace/sudo_killer A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
[348Star][8m] [C] p0cl4bs/kadimus Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...
[339Star][4m] [C] theofficialflow/trinity Trinity Exploit - Emulator Escape
[331Star][6m] [C++] thezdi/poc Proofs-of-concept
[305Star][1y] [Shell] jas502n/st2-057 St2-057 Poc Example
[302Star][3m] [PowerShell] kevin-robertson/powermad PowerShell MachineAccountQuota and DNS exploit tools
[300Star][1m] [Py] admintony/svnexploit SvnExploit支持SVN源代码泄露全版本Dump源码
[276Star][1m] [C] 0xdea/exploits A handy collection of my public exploits, all in one place.
[275Star][3m] [Shell] cryptolok/aslray Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying
[269Star][1y] [Py] mwrlabs/wepwnise WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
[266Star][4m] [Java] c0ny1/fastjsonexploit Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
[263Star][12m] [Py] c0rel0ader/east Exploits and Security Tools Framework 2.0.1
[251Star][4m] [C] bcoles/kernel-exploits Various kernel exploits
[245Star][9m] [Visual Basic] houjingyi233/office-exploit-case-study
[234Star][19d] [C#] tyranid/exploitremotingservice A tool to exploit .NET Remoting Services
[219Star][8m] [Py] coalfire-research/deathmetal Red team & penetration testing tools to exploit the capabilities of Intel AMT
[218Star][3m] [PowerShell] byt3bl33d3r/offensivedlr Toolbox containing research notes & PoC code for weaponizing .NET's DLR
[218Star][1m] [C++] soarqin/finalhe Final h-encore, a tool to push h-encore exploit for PS VITA/PS TV automatically
[215Star][3m] [C] semmle/securityexploits PoC exploits from the Semmle Security Research team
[210Star][1y] [Py] kurobeats/fimap fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
[207Star][1y] [C] crozone/spectrepoc Proof of concept code for the Spectre CPU exploit.
[201Star][6m] [Py] invictus1306/beebug A tool for checking exploitability

XSS&&XXE

Collection

[2671Star][5m] [JS] s0md3v/awesomexss Awesome XSS stuff
[454Star][1y] [HTML] metnew/uxss-db

NoCategory

[7288Star][25d] [Py] s0md3v/xsstrike Most advanced XSS scanner.
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/NoCategory |
[1641Star][10m] [JS] evilcos/xssor2 XSS'OR - Hack with JavaScript.
[1318Star][3m] [Go] microcosm-cc/bluemonday bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
[705Star][2m] [JS] mandatoryprogrammer/xsshunter The XSS Hunter service - a portable version of XSSHunter.com
[683Star][18d] [C#] mganss/htmlsanitizer Cleans HTML to avoid XSS attacks
[674Star][21d] [PHP] ssl/ezxss ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
[638Star][10m] [HTML] bl4de/security_whitepapers Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
[504Star][4m] [Py] opensec-cn/vtest 用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
[495Star][4m] [PHP] nettitude/xss_payloads Exploitation for XSS
[477Star][1y] [JS] koto/xsschef Chrome extension Exploitation Framework
[460Star][12m] [C] laruence/taint Taint is a PHP extension, used for detecting XSS codes
[334Star][12m] [Py] varbaek/xsser From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
[325Star][7m] [Py] s0md3v/jshell JShell - Get a JavaScript shell with XSS.
[289Star][1m] [JS] wicg/trusted-types A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
[287Star][13d] [Py] stamparm/dsxs Damn Small XSS Scanner
[286Star][13d] [PHP] voku/anti-xss
[251Star][3m] [PHP] dotboris/vuejs-serverside-template-xss Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
[243Star][4m] [JS] lewisardern/bxss bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
[241Star][2m] [JS] antswordproject/ant 实时上线的 XSS 盲打平台

WellKnownVulnerability&&CVE&&SpecificProduct

NoCategory

[1066Star][28d] [Go] neex/phuip-fpizdam Exploit for CVE-2019-11043
[886Star][1y] [Py] nixawk/labs Vulnerability Labs for security analysis
[601Star][1y] [C] scottybauer/android_kernel_cve_pocs A list of my CVE's with POCs
[562Star][10m] [Py] fs0c131y/esfileexploreropenportvuln ES File Explorer Open Port Vulnerability - CVE-2019-6447
[456Star][3m] [Py] blacknbunny/libssh-authentication-bypass Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH)
[449Star][6m] [Py] n1xbyte/cve-2019-0708 dump
[394Star][9m] [Ruby] dreadlocked/drupalgeddon2 Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
[371Star][1y] [Py] rhynorater/cve-2018-15473-exploit Exploit written in Python for CVE-2018-15473 with threading and export formats
[370Star][9m] [Py] wyatu/cve-2018-20250 exp for
[357Star][9m] [Go] frichetten/cve-2019-5736-poc PoC for CVE-2019-5736
[339Star][1m] [PHP] opsxcq/exploit-cve-2016-10033 PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
[318Star][8m] [Py] a2u/cve-2018-7600
[300Star][10m] [Py] basucert/winboxpoc Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)
[299Star][1y] [Py] bhdresh/cve-2017-8759 Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
[299Star][27d] [Py] rhinosecuritylabs/cves A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
[282Star][4m] [Py] lufeirider/cve-2019-2725 CVE-2019-2725 命令回显
[281Star][1y] [Py] mazen160/struts-pwn_cve-2018-11776 An exploit for Apache Struts CVE-2018-11776
[280Star][4m] marcinguy/cve-2019-2107 CVE-2019-2107
[276Star][11m] [Py] wyatu/cve-2018-8581 CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability
[269Star][5m] [Py] ridter/exchange2domain CVE-2018-8581
[259Star][1y] [C++] alpha1ab/cve-2018-8120 CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7
[253Star][1m] [C] a2nkf/macos-kernel-exploit macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to
[252Star][29d] [Vue] nluedtke/linux_kernel_cves Tracking CVEs for the linux Kernel
[243Star][3m] [Shell] projectzeroindia/cve-2019-11510 Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
[238Star][8m] [JS] exodusintel/cve-2019-5786 FileReader Exploit
[237Star][10m] [C] geosn0w/osirisjailbreak12 iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)
[234Star][9m] [JS] adamyordan/cve-2019-1003000-jenkins-rce-poc Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
[211Star][12m] [Py] evict/poc_cve-2018-1002105 PoC for CVE-2018-1002105.
[203Star][8m] [C++] rogue-kdc/cve-2019-0841 PoC code for CVE-2019-0841 Privilege Escalation vulnerability
[200Star][1y] [C] bazad/blanket CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.
[200Star][2m] [Go] kotakanbe/go-cve-dictionary Build a local copy of CVE (NVD and Japanese JVN). Server mode for easy querying.

CVE

[1058Star][3m] [C] zerosum0x0/cve-2019-0708 Scanner PoC for CVE-2019-0708 RDP RCE vuln

Spectre&&Meltdown

[3728Star][29d] [C] iaik/meltdown This repository contains several applications, demonstrating the Meltdown bug.
[2999Star][2m] [Shell] speed47/spectre-meltdown-checker Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD
[531Star][1y] [C] ionescu007/specucheck SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
[249Star][5m] nsacyber/hardware-and-firmware-security-guidance Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

BlueKeep

[973Star][3m] [Py] ekultek/bluekeep Proof of concept for CVE-2019-0708
[633Star][6m] [C] robertdavidgraham/rdpscan A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
[303Star][4m] [Py] algo7/bluekeep_cve-2019-0708_poc_to_exploit Porting BlueKeep PoC from
[267Star][6m] [Py] k8gege/cve-2019-0708 3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Heartbleed

DirtyCow

Blueborne

CSRF

[1668Star][4m] [JS] expressjs/csurf CSRF token middleware
[220Star][11m] [PHP] paragonie/anti-csrf Full-Featured Anti-CSRF Library

容器&&Docker

[5906Star][13d] [Go] quay/clair Vulnerability Static Analysis for Containers
[5905Star][13d] [Go] quay/clair Vulnerability Static Analysis for Containers
[661Star][1y] [Shell] c0ny1/vulstudy 使用docker快速搭建各大漏洞学习平台，目前可以一键搭建12个平台。
[636Star][13d] [Go] ullaakut/gorsair Gorsair hacks its way into remote docker containers that expose their APIs
[602Star][6m] [Py] eliasgranderubio/dagda a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
[475Star][5m] [Go] arminc/clair-scanner Docker containers vulnerability scan
[332Star][6m] [Dockerfile] mykings/docker-vulnerability-environment Use the docker to build a vulnerability environment
[299Star][1y] [Dockerfile] ston3o/docker-hacklab My personal hacklab, create your own.

漏洞管理

[2381Star][2m] [Py] infobyte/faraday Collaborative Penetration Test and Vulnerability Management Platform
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AllInOne&&Framework |
[1177Star][17d] [Py] cve-search/cve-search cve-search - a tool to perform local searches for known vulnerabilities

漏洞数据库

[4770Star][13d] [C] offensive-security/exploitdb The official Exploit Database repository
[1265Star][2m] [PHP] friendsofphp/security-advisories A database of PHP security advisories

CORS

[2716Star][8m] [JS] cyu/rack-cors Rack Middleware for handling Cross-Origin Resource Sharing (CORS), which makes cross-origin AJAX possible.

漏洞分析

SpecificTarget

NoCategory

AWS

[4138Star][3m] [Py] dxa4481/trufflehog Searches through git repositories for high entropy strings and secrets, digging deep into commit history
[3130Star][17d] [Shell] toniblyx/my-arsenal-of-aws-security-tools List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
[2758Star][12d] [Go] 99designs/aws-vault A vault for securely storing and accessing AWS credentials in development environments
[2633Star][3m] [Java] teevity/ice AWS Usage Tool
[2347Star][4m] [Go] mlabouardy/komiser
[1892Star][19d] [Py] mozilla/mozdef MozDef: Mozilla Enterprise Defense Platform
[1805Star][20d] [Shell] toniblyx/prowler AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide:
[1597Star][1y] [Py] nccgroup/scout2 Security auditing tool for AWS environments
[1374Star][11m] [Py] eth0izzle/bucket-stream Find interesting Amazon S3 Buckets by watching certificate transparency logs.
[1161Star][17d] [Py] lyft/cartography Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
[1105Star][3m] [Py] rhinosecuritylabs/pacu The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
[887Star][2m] [Py] sa7mon/s3scanner Scan for open AWS S3 buckets and dump the contents
[824Star][5m] [Py] jordanpotti/awsbucketdump Security Tool to Look For Interesting Files in S3 Buckets
[756Star][28d] [Go] rebuy-de/aws-nuke Nuke a whole AWS account and delete all its resources.
[749Star][1m] [Java] tmobile/pacbot PacBot (Policy as Code Bot)
[592Star][17d] [Shell] securityftw/cs-suite Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
[525Star][25d] [Ruby] stelligent/cfn_nag Linting tool for CloudFormation templates
[490Star][16d] [Py] salesforce/policy_sentry IAM Least Privilege Policy Generator
[480Star][6m] [Py] netflix-skunkworks/diffy Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
[433Star][7m] [Py] ustayready/fireprox AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
[391Star][3m] [Py] duo-labs/cloudtracker CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
[382Star][20d] [Py] riotgames/cloud-inquisitor Enforce ownership and data security within AWS
[365Star][6m] [Py] carnal0wnage/weirdaal WeirdAAL (AWS Attack Library)
[363Star][10m] [Py] awslabs/aws-security-automation Collection of scripts and resources for DevSecOps and Automated Incident Response Security
[311Star][1y] [Py] securing/dumpsterdiver Tool to search secrets in various filetypes.
[273Star][7m] [Py] cesar-rodriguez/terrascan Collection of security and best practice test for static code analysis of terraform templates
[264Star][23d] [Py] nccgroup/pmapper A tool for quickly evaluating IAM permissions in AWS.
[224Star][29d] [HCL] nozaq/terraform-aws-secure-baseline Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations.
[216Star][26d] [Dockerfile] thinkst/canarytokens-docker Docker configuration to quickly setup your own Canarytokens.
[202Star][2m] [Py] voulnet/barq barq: The AWS Cloud Post Exploitation framework!

Phoenix

[810Star][16d] [Elixir] nccgroup/sobelow Security-focused static analysis for the Phoenix Framework

Kubernetes

[1761Star][27d] [Py] aquasecurity/kube-hunter Hunt for security weaknesses in Kubernetes clusters
[379Star][2m] [Shell] kabachook/k8s-security Kubernetes security notes and best practices

Azure

Nginx

[6164Star][1m] [Py] yandex/gixy Nginx configuration static analyzer

ELK

[1875Star][18d] [CSS] cyb3rward0g/helk The Hunting ELK

IoT&&EmbedDevice&&Router&&Switch&&SmartDevice&&Printer

NoCategory

[1119Star][6m] nebgnahz/awesome-iot-hacks A Collection of Hacks in IoT Space so that we can address them (hopefully).
[817Star][14d] v33ru/iotsecurity101 From IoT Pentesting to IoT Security
[791Star][30d] [Py] ct-open-source/tuya-convert A collection of scripts to flash Tuya IoT devices to alternative firmwares
[582Star][8m] [Py] woj-ciech/danger-zone Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files.
[465Star][2m] [Py] iti/ics-security-tools Tools, tips, tricks, and more for exploring ICS Security.
[437Star][18d] [Py] rabobank-cdc/dettect Detect Tactics, Techniques & Combat Threats
[330Star][1y] [Py] vmware/liota
[307Star][1m] [Java] erudika/para Open source back-end server for web, mobile and IoT. The backend for busy developers. (self-hosted or hosted)

Printer

Router&&Switch

EmbedDevice

[7428Star][3m] [Py] threat9/routersploit Exploitation Framework for Embedded Devices

Communication&&Proxy&&RverseProxy&&Tunnel

NoCategory

[19800Star][2m] [Shell] streisandeffect/streisand Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
[16743Star][18d] [Py] mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- Also In Section: Tools/Network&&Sniff&&Mitm/MITM |
[10723Star][13d] getlantern/download 蓝灯Windows下载
[5481Star][3m] [C] rofl0r/proxychains-ng proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
[4915Star][13d] [Go] dnscrypt/dnscrypt-proxy dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
[4662Star][28d] [Go] alexellis/inlets Expose your local endpoints to the Internet
[4468Star][22d] [C] jedisct1/dsvpn A Dead Simple VPN.
[4223Star][5m] [Go] ginuerzh/gost GO Simple Tunnel - a simple tunnel written in golang
[4039Star][4m] [Py] spiderclub/haipproxy
[3592Star][2m] hq450/fancyss_history_package 科学上网插件的离线安装包储存在这里
[3348Star][4m] [Go] jpillora/chisel A fast TCP tunnel over HTTP
[2804Star][8m] [C++] wangyu-/udpspeeder A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
[2468Star][3m] [C] yrutschle/sslh Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
[2450Star][17d] [Shell] teddysun/across Across the Great Wall we can reach every corner in the world
[2352Star][6m] [Lua] snabbco/snabb Snabb: Simple and fast packet networking
[2133Star][1m] [Go] mmatczuk/go-http-tunnel Fast and secure tunnels over HTTP/2
[1874Star][4m] [C] darkk/redsocks transparent TCP-to-proxy redirector
[1844Star][1y] [Py] aploium/zmirror The next-gen reverse proxy for full site mirroring
[1813Star][3m] [C] tinyproxy/tinyproxy tinyproxy - a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
[1678Star][9m] [Py] constverum/proxybroker Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS
[1665Star][4m] [C] networkprotocol/netcode.io A protocol for secure client/server connections over UDP
[1611Star][6m] [Go] sipt/shuttle A web proxy in Golang with amazing features.
[1495Star][1m] [C] ntop/n2n Peer-to-peer VPN
[1448Star][7m] [C++] wangyu-/tinyfecvpn A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
[1334Star][1m] [Go] davrodpin/mole cli app to create ssh tunnels
[1308Star][12m] [C] madeye/proxydroid Global Proxy for Android
[1222Star][4m] [JS] bubenshchykov/ngrok Expose your localhost to the web. Node wrapper for ngrok.
[1199Star][21d] [Objective-C] onionbrowser/onionbrowser An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network
[1048Star][5m] [C] tcurdt/iproxy Let's you connect your laptop to the iPhone to surf the web.
[1042Star][28d] [Go] pusher/oauth2_proxy A reverse proxy that provides authentication with Google, Github or other providers. #Hacktoberfest
[999Star][7m] [Go] adtac/autovpn THIS PROJECT IS UNMAINTAINED.
[946Star][9m] [JS] lukechilds/reverse-shell Reverse Shell as a Service
[927Star][3m] [Py] christophetd/cloudflair a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should
[836Star][2m] [Py] anorov/pysocks A SOCKS proxy client and wrapper for Python.
[810Star][1m] [Go] henson/proxypool Golang实现的IP代理池
[790Star][3m] [Py] secforce/tunna Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
[753Star][1m] [C#] justcoding121/titanium-web-proxy A cross-platform asynchronous HTTP(S) proxy server in C#.
[738Star][30d] [Shell] zfl9/ss-tproxy SS/SSR/V2Ray/Socks5 透明代理 for Linux
[737Star][1m] [C#] damianh/proxykit A toolkit to create code-first HTTP reverse proxies on ASP.NET Core
[674Star][1m] [Go] dliv3/venom Venom - A Multi-hop Proxy for Penetration Testers
[674Star][24d] [JS] mellow-io/mellow Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
[664Star][19d] [Kotlin] mygod/vpnhotspot Share your VPN connection over hotspot or repeater! (root required)
[651Star][27d] [Py] abhinavsingh/proxy.py ⚡⚡⚡Fast, Lightweight, Programmable, TLS interception capable proxy server for your Home and Application debugging, testing and development
[616Star][4m] [JS] derhuerst/tcp-over-websockets Tunnel TCP through WebSockets.
[574Star][4m] [Py] trustedsec/trevorc2 TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
[568Star][12d] [Go] cloudflare/cloudflared Argo Tunnel client
[558Star][8m] [JS] blinksocks/blinksocks A framework for building composable proxy protocol stack.
[556Star][27d] clarketm/proxy-list A list of free, public, forward proxy servers. UPDATED DAILY!
[545Star][1y] [Py] fate0/getproxy getproxy 是一个抓取发放代理网站，获取 http/https 代理的程序
[513Star][10m] [Erlang] heroku/vegur Vegur: HTTP Proxy Library
[473Star][1y] [Go] yinqiwen/gsnova Private proxy solution & network troubleshooting tool.
[449Star][28d] [Py] aidaho12/haproxy-wi Web interface for managing Haproxy servers
[397Star][9m] [Go] evilsocket/shellz shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
[382Star][1y] [Ruby] aphyr/tund SSH reverse tunnel daemon
[361Star][1m] [Py] lyft/metadataproxy A proxy for AWS's metadata service that gives out scoped IAM credentials from STS
[355Star][1y] [C] emptymonkey/revsh A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
[345Star][6m] [Go] coreos/jwtproxy An HTTP-Proxy that adds AuthN through JWTs
[336Star][8m] [Py] iphelix/dnschef DNSChef - DNS proxy for Penetration Testers and Malware Analysts
[331Star][6m] [Py] fbkcs/thunderdns This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support.
[325Star][4m] [Go] sysdream/hershell Hershell is a simple TCP reverse shell written in Go.
[320Star][9m] [JS] mhzed/wstunnel tunnel over websocket
[301Star][4m] [Py] rootviii/proxy_requests a class that uses scraped proxies to make an http GET/POST request (Python requests)
[293Star][2m] [JS] bettercap/caplets bettercap scripts (caplets) and proxy modules.
[290Star][8m] [C] basil00/reqrypt A censorship circumvention tool
[289Star][2m] [Py] covertcodes/multitun Tunnel arbitrary traffic through an innocuous WebSocket. Clients can 'see' each other, resulting in a stealth WebSocket VPN.
[278Star][11m] [C] dgoulet/torsocks Library to torify application - NOTE: upstream has been moved to
[276Star][5m] [Py] mthbernardes/rsg ReverShellGenerator - A tool to generate various ways to do a reverse shell
[273Star][12d] a2u/free-proxy-list
[273Star][9m] [Py] chenjiandongx/async-proxy-pool
[272Star][4m] [Go] suyashkumar/ssl-proxy
[257Star][8m] [C] rofl0r/microsocks tiny, portable SOCKS5 server with very moderate resource usage
[254Star][3m] [Py] fwkz/riposte Python package for wrapping applications inside a tailored interactive shell
[245Star][4m] [Shell] thesecondsun/revssl A simple script that automates generation of OpenSSL reverse shells
[242Star][17d] [Go] adguardteam/dnsproxy Simple DNS proxy with DoH, DoT, and DNSCrypt support
[242Star][4m] [Go] lesnuages/hershell Multiplatform reverse shell generator
[241Star][9m] [C] pegasuslab/ghosttunnel GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment.
[236Star][11m] [Go] fardog/secureoperator A DNS-protocol proxy for DNS-over-HTTPS providers, such as Google and Cloudflare
[224Star][1m] [Ruby] zt2/sqli-hunter SQLi-Hunter is a simple HTTP proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
[216Star][1y] [PHP] softius/php-cross-domain-proxy PHP Proxy for Cross Domain Requests
[213Star][8m] [Go] joncooperworks/judas a phishing proxy
[207Star][9m] [Go] justmao945/mallory HTTP/HTTPS proxy over SSH
[202Star][1y] [C#] damonmohammadbagher/nativepayload_dns C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses

GFW

NoCategory

[2918Star][11m] [Shell] 91yun/serverspeeder 锐速破解版

GFWBypass

[12874Star][8m] [JS] bannedbook/fanqiang 翻墙-科学上网
[6211Star][20d] [Py] h2y/shadowrocket-adblock-rules 提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。
[3046Star][4m] [Shell] softwaredownload/openwrt-fanqiang 最好的路由器翻墙、科学上网教程—OpenWrt—shadowsocks

GFW

[14484Star][21d] gfwlist/gfwlist The one and only one gfwlist here
[3531Star][14d] acl4ssr/acl4ssr SSR 去广告ACL规则/SS完整GFWList规则，Telegram频道订阅地址
[2482Star][2m] [C++] trojan-gfw/trojan An unidentifiable mechanism that helps you bypass GFW.
[202Star][16d] [Shell] zfl9/gfwlist2privoxy 将 gfwlist.txt（Adblock Plus 规则）转换为 privoxy.action

Proxy

[7149Star][14d] [Go] snail007/goproxy Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理，代理API认证，全能跨平台代理服务器。
[5971Star][14d] [JS] avwo/whistle HTTP, HTTP2, HTTPS, Websocket debugging proxy
[1380Star][1m] [C] z3apa3a/3proxy 3proxy - tiny free proxy server
[304Star][17d] [Shell] brainfucksec/kalitorify Transparent proxy through Tor for Kali Linux OS

ReverseProxy

[29549Star][23d] [Go] fatedier/frp A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
[9114Star][2m] [JS] localtunnel/localtunnel expose yourself
[8706Star][2m] [Go] cnlh/nps 一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发，支持内网http代理、内网socks5代理，同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理，集成多用户模式。
[4887Star][10m] [Go] bitly/oauth2_proxy A reverse proxy that provides authentication with Google, Github or other provider
[3521Star][1m] [Java] ffay/lanproxy lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具，支持tcp流量转发，可支持任何tcp上层协议（访问内网网站、本地支付接口调试、ssh访问、远程桌面...）。目前市面上提供类似服务的有花生壳、TeamView、GoToMyCloud等等，但要使用第三方的公网服务器就必须为第三方付费，并且这些服务都有各种各样的限制，此外，由于数据包会流经第三方，因此对数据安全也是一大隐患。技术交流QQ群 946273429
[2586Star][1m] [C++] fanout/pushpin Reverse proxy for realtime web services
[2476Star][5m] [Go] drk1wi/modlishka Modlishka. Reverse Proxy.
[656Star][4m] [Py] aploium/shootback a reverse TCP tunnel let you access target behind NAT or firewall

Tunnel

[3271Star][4m] [C++] wangyu-/udp2raw-tunnel A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
[3131Star][3m] [C] yarrick/iodine Official git repo for iodine dns tunnel
[1779Star][5m] [C++] iagox86/dnscat2 dnscat2：在 DNS 协议上创建加密的 C&C channel

ProxyCrawl&&ProxyPool

[4882Star][1y] [Go] yinghuocho/firefly-proxy A proxy software to help circumventing the Great Firewall.

AnonymousNetwork

NoCategory

Tor&&&Onion

[1302Star][1m] [C++] purplei2p/i2pd a full-featured C++ implementation of I2P client
[423Star][2m] [Py] nullhypothesis/exitmap A fast and modular scanner for Tor exit relays.
[406Star][13d] [Awk] alecmuffett/eotk Enterprise Onion Toolkit
[387Star][1m] [JS] ayms/node-tor Javascript implementation of the Tor (or Tor like) anonymizer project (The Onion Router)
[377Star][1m] [Py] maqp/tfc Tinfoil Chat - Onion-routed, endpoint secure messaging system
[353Star][2m] [Py] micahflee/torbrowser-launcher Securely and easily download, verify, install, and launch Tor Browser in Linux
[286Star][28d] [Perl] alecmuffett/real-world-onion-sites An index of the non-dark web...
[261Star][9m] [C++] wbenny/mini-tor proof-of-concept implementation of tor protocol using Microsoft CNG/CryptoAPI
[250Star][30d] [C] basil00/torwall Tallow - Transparent Tor for Windows
[219Star][5m] [Py] ruped24/toriptables2 Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the Tor network.

Socks&&ShadowSocksXx

[25047Star][14d] [Swift] shadowsocks/shadowsocksx-ng Next Generation of ShadowsocksX
[12355Star][1m] [C] shadowsocks/shadowsocks-libev libev port of shadowsocks
[7061Star][7m] [Shell] teddysun/shadowsocks_install Auto Install Shadowsocks Server for CentOS/Debian/Ubuntu
[4154Star][15d] [Swift] yanue/v2rayu V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等
[3797Star][29d] [JS] shadowsocks/shadowsocks-manager A shadowsocks manager tool for multi user and traffic control.
[3174Star][15d] [Smarty] anankke/sspanel-uim SSPanel V3 魔改再次修改版
[2946Star][1m] [Go] gwuhaolin/lightsocks 轻量级网络混淆代理，基于 SOCKS5 协议，可用来代替 Shadowsocks
[2751Star][24d] [Makefile] shadowsocks/openwrt-shadowsocks Shadowsocks-libev for OpenWrt/LEDE
[2300Star][10m] [C] haad/proxychains proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
[2029Star][15d] [C#] netchx/netch Game accelerator. Support Socks5, Shadowsocks, ShadowsocksR, V2Ray protocol. UDP NAT FullCone
[1821Star][3m] [C] shadowsocks/simple-obfs A simple obfuscating tool (Deprecated)
[1683Star][1y] [Swift] haxpor/potatso Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork
[1621Star][17d] [Py] ehco1996/django-sspanel 用diango开发的全新的shadowsocks网络面板
[1567Star][16d] [C#] hmbsbige/shadowsocksr-windows 【自用】Bug-Oriented Programming
[1306Star][4m] [Rust] shadowsocks/shadowsocks-rust A Rust port of shadowsocks
[1177Star][6m] ssrbackup/shadowsocks-rss Shadowsocksr project backup
[1068Star][1m] jadagates/shadowsocksbio 记录一下SS的前世今生，以及一个简单的教程总结
[922Star][1y] [Shell] ywb94/openwrt-ssr ShadowsocksR-libev for OpenWrt
[900Star][1y] [Go] huacnlee/flora-kit 基于 shadowsocks-go 做的完善实现，完全兼容 Surge 的配置文件
[899Star][2m] zhaoweih/shadowsocks-tutorial
[840Star][11m] [PHP] walkor/shadowsocks-php A php port of shadowsocks based on workerman. A socks5 proxy written in PHP.
[830Star][1m] [C] shadowsocksr-live/shadowsocksr-native 从容翻越党国敏感日 ShadowsocksR (SSR) native implementation for all platforms, GFW terminator
[730Star][6m] [Go] cbeuw/goquiet A Shadowsocks obfuscation plugin utilising domain fronting to evade deep packet inspection
[517Star][9m] [JS] mrluanma/shadowsocks-heroku shadowsocks over WebSocket, support Heroku.
[421Star][2m] [PowerShell] p3nt4/invoke-socksproxy Socks proxy server using powershell. Supports local and reverse connections for pivoting.
[402Star][3m] [JS] lolimay/shadowsocks-deepin
[374Star][1y] [Go] riobard/go-shadowsocks2 Experimental Shadowsocks in Go. Stable fork at
[337Star][16d] [Py] leitbogioro/ssr.go A new shadowsocksR config manager
[318Star][3m] [Py] qwj/python-proxy HTTP/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.
[301Star][13d] [Shell] loyess/shell Shadowsocks-libev with plugins one-click installation. For example: v2ray-plugin, kcptun, simple-obfs, goquiet, cloak...
[250Star][4m] [Py] fsgmhoward/shadowsocks-py-mu A fast tunnel proxy server for multiple users

V2Ray

[23571Star][28d] [Go] v2ray/v2ray-core A platform for building proxies to bypass network restrictions.
[2804Star][2m] [Dockerfile] thinkdevelop/free-ss-ssr SS账号、SSR账号、V2Ray账号
[2484Star][2m] [Py] jrohy/multi-v2ray v2ray easy delpoy & manage tool， support multiple user & protocol manage
[1656Star][1m] [Shell] wulabing/v2ray_ws-tls_bash_onekey V2Ray Nginx+vmess+ws+tls/ http2 over tls 一键安装脚本
[1556Star][4m] [CSS] functionclub/v2ray.fun 正在开发的全新 V2ray.Fun
[1432Star][12d] selierlin/share-ssr-v2ray
[1070Star][1m] [Go] xiaoming2028/freenet 科学上网/梯子/自由上网/翻墙 SSR/V2Ray/Brook 最全搭建教程
[783Star][16d] [HTML] sprov065/v2-ui 支持多协议多用户的 v2ray 面板，Support multi-protocol multi-user v2ray panel
[589Star][21d] [Shell] toutyrater/v2ray-guide
[553Star][29d] ntkernel/lantern V2Ray配置文件，蓝灯(Lantern)破解，手机版+win版
[360Star][2m] [Dockerfile] onplus/v2hero All Free . Deploy V2Ray to Heroku . v2ray学习参考
[307Star][2m] [Shell] zw963/asuswrt-merlin-transparent-proxy transparent proxy base on ss, v2ray, ipset, iptables, chinadns on asuswrt merlin.
[256Star][24d] [Py] jiangxufeng/v2rayl v2ray linux GUI客户端，支持订阅、vemss、ss等协议，自动更新订阅、检查版本更新

VPN

[419Star][19d] hugetiny/awesome-vpn A curated list of awesome free VPNs and proxies.免费的代理,科学上网,翻墙，梯子大集合

Pentest&&Offensive&&PentestFramework&&PostExp

NoCategory

[3005Star][3m] [Py] spiderlabs/responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
[2013Star][1m] [C++] lordnoteworthy/al-khaser Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- Also In Section: Tools/Malware&&APT |
[1721Star][1m] [Go] chaitin/xray xray 安全评估工具
[1444Star][1m] [C] ufrisk/pcileech Direct Memory Access (DMA) Attack Software
[1393Star][4m] yadox666/the-hackers-hardware-toolkit The best hacker's gadgets for Red Team pentesters and security researchers.
[1361Star][2m] [Py] ekultek/whatwaf Detect and bypass web application firewalls and protection systems
[1212Star][3m] [Py] owtf/owtf Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient
[945Star][19d] [C] bt3gl/pentesting-toolkit Tools for pentesting, CTFs & wargames.
- Also In Section: Tools/CTF&&HTB/Collection |
[943Star][4m] [Py] hatriot/zarp Network Attack Tool
[918Star][1m] [Py] d4vinci/one-lin3r Gives you one-liners that aids in penetration testing operations, privilege escalation and more
[808Star][1m] [Py] jeffzh3ng/fuxi Penetration Testing Platform
[784Star][6m] [Py] jivoi/pentest
[728Star][7m] [Py] gkbrk/slowloris Low bandwidth DoS tool. Slowloris rewrite in Python.
[687Star][16d] voorivex/pentest-guide Penetration tests guide based on OWASP including test cases, resources and examples.
[666Star][5m] leezj9671/pentest_interview 个人准备渗透测试和安全面试的经验之谈，和去部分厂商的面试题，干货真的满满~
[610Star][9m] [Py] epsylon/ufonet UFONet - Denial of Service Toolkit
[489Star][13d] netbiosx/checklists Pentesting checklists for various engagements
[487Star][16d] [Ruby] hackplayers/evil-winrm The ultimate WinRM shell for hacking/pentesting
[487Star][1y] [Shell] leonteale/pentestpackage a package of Pentest scripts I have made or commonly use
[479Star][10m] [Ruby] sidaf/homebrew-pentest Homebrew Tap - Pen Test Tools
[464Star][7m] [Java] alpha1e0/pentestdb WEB渗透测试数据库
[459Star][2m] [C++] fsecurelabs/c3 Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
[457Star][10m] [PHP] l3m0n/pentest_tools 收集一些小型实用的工具
[444Star][15d] [C++] danielkrupinski/osiris Free open-source training software / cheat for Counter-Strike: Global Offensive, written in modern C++. GUI powered by imgui.
[439Star][7m] [C++] rek7/mxtract mXtract - Offensive Memory Extractor & Analyzer
[432Star][3m] mel0day/redteam-bcs BCS（北京网络安全大会）2019 红队行动会议重点内容
[414Star][18d] [PHP] gwen001/pentest-tools Custom pentesting tools
[404Star][1m] [Py] admintony/prepare-for-awd AWD攻防赛脚本集合
[401Star][9m] [Py] christruncer/pentestscripts Scripts that are useful for me on pen tests
[398Star][27d] [PowerShell] s3cur3th1ssh1t/winpwn Automation for internal Windows Penetrationtest / AD-Security
[388Star][12m] [Py] cr4shcod3/pureblood A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
[386Star][9m] [Go] amyangxyz/assassingo An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!
[385Star][3m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
- Also In Section: Tools/Mobile/iOS&&MacOS&&iPhone&&iPad&&iWatch |
[385Star][23d] [Py] clr2of8/dpat Domain Password Audit Tool for Pentesters
[378Star][6m] unprovable/pentesthardware Kinda useful notes collated together publicly
[371Star][8m] [C] ridter/pentest tools
[368Star][4m] [C#] bitsadmin/nopowershell PowerShell rebuilt in C# for Red Teaming purposes
[350Star][2m] [Shell] maldevel/pentestkit Useful tools and scripts used during Penetration Tests.
[346Star][10m] [Py] darkspiritz/darkspiritz A penetration testing framework for Linux, MacOS, and Windows systems.
[341Star][15d] [Py] ym2011/pest this is some pentest script based on python, just simple but useful, maybe it can help you do something else. just have a try
[338Star][3m] [Py] xuanhun/pythonhackingbook1 Python黑客编程之极速入门
[337Star][1y] [Java] rub-nds/ws-attacker WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (
[327Star][1y] [PowerShell] rootclay/powershell-attack-guide Powershell攻击指南----黑客后渗透之道
[320Star][2m] [PowerShell] kmkz/pentesting Tricks for penetration testing
[316Star][28d] [Py] m8r0wn/nullinux Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
[307Star][2m] [PowerShell] d0nkeys/redteam Red Team Scripts by d0nkeys (ex SnadoTeam)
[300Star][3m] [HTML] koutto/jok3r Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
[298Star][2m] [Ruby] fozavci/viproy-voipkit VIPROY - VoIP Pen-Test Kit for Metasploit Framework
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Metasploit/NoCategory |
[295Star][11m] stardustsky/saidict 弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
[292Star][27d] [Lua] pentesteracademy/patoolkit PA Toolkit is a collection of traffic analysis plugins focused on security
[286Star][1y] [C++] paranoidninja/pandoras-box This repo contains my custom scripts for Penetration Testing and Red Team Assessments. I will keep on updating this repo as and when I get time.
[283Star][1m] [Py] bishopfox/eyeballer Convolutional neural network for analyzing pentest screenshots
- Also In Section: Tools/AI&&MachineLearning&&DeepLearning&&NeturalNetwork/NoCategory |
[267Star][18d] [Go] rmikehodges/hidensneak a CLI for ephemeral penetration testing
[252Star][13d] anyeduke/enterprise-security-skill 用于记录企业安全规划，建设，运营，攻防的相关资源
[251Star][3m] [Py] giantbranch/python-hacker-code 《python黑帽子：黑客与渗透测试编程之道》代码及实验文件，字典等
[240Star][2m] [Shell] leviathan36/kaboom An automated pentest tool
[238Star][25d] [PowerShell] sdcampbell/internal-pentest-playbook Internal Network Penetration Test Playbook
[225Star][8m] [Go] stevenaldinger/decker Declarative penetration testing orchestration framework
[216Star][5m] [Py] mgeeky/tomcatwardeployer Apache Tomcat auto WAR deployment & pwning penetration testing tool.
[211Star][19d] [JS] giper45/dockersecurityplayground A Microservices-based framework for the study of Network Security and Penetration Test techniques

Collection

[903Star][8m] [C] 0x90/wifi-arsenal WiFi arsenal
[803Star][2m] [Shell] shr3ddersec/shr3dkit Red Team Tool Kit
[537Star][6m] [Py] 0xdea/tactical-exploitation Modern tactical exploitation toolkit.

Wireless&&WiFi&&AP&&802.11

NoCategory

[8337Star][17d] [Py] wifiphisher/wifiphisher The Rogue Access Point Framework
- Also In Section: Tools/SET&&Phishing&&SpearPhishing/Phish |
[6109Star][9m] [Py] schollz/howmanypeoplearearound Count the number of people around you
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |
[5597Star][1m] [C] spacehuhn/esp8266_deauther Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners!
[4313Star][27d] [Py] jopohl/urh Universal Radio Hacker: investigate wireless protocols like a boss
[2723Star][1y] [C] vanhoefm/krackattacks-scripts 检测客户端和AP是否受KRACK漏洞影响
[2706Star][8m] [Py] p0cl4bs/wifi-pumpkin Framework for Rogue Wi-Fi Access Point Attack
[2480Star][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- Also In Section: Tools/AI&&MachineLearning&&DeepLearning&&NeturalNetwork/NoCategory |Tools/Network&&Sniff&&Mitm/MITM |
[2433Star][2m] [C] martin-ger/esp_wifi_repeater A full functional WiFi Repeater (correctly: a WiFi NAT Router)
[2374Star][1y] [Py] danmcinerney/lans.py Inject code and spy on wifi users
[2194Star][22d] [Shell] v1s1t0r1sh3r3/airgeddon This is a multi-use bash script for Linux systems to audit wireless networks.
[1816Star][1y] [Py] derv82/wifite2 Rewrite of the popular wireless network auditor, "wifite"
[1799Star][4m] [Shell] arismelachroinos/lscript The LAZY script will make your life easier, and of course faster.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AutoXxx |
[1527Star][1m] [Py] k4m4/kickthemout 使用ARP欺骗，将设备从网络中踢出去
[1525Star][1y] [HTML] qiwihui/hiwifi-ss 极路由+ss配置
[1244Star][1m] [C] seemoo-lab/nexmon The C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips that enables Monitor Mode, Frame Injection and much more
[1219Star][12d] [C] aircrack-ng/aircrack-ng WiFi security auditing tools suite
[1022Star][1m] [C] t6x/reaver-wps-fork-t6x 攻击 Wi-Fi Protected Setup (WPS)，恢复 WPA/WPA2 密码
[998Star][12m] [Py] entropy1337/infernal-twin wireless hacking - This is automated wireless hacking tool
[987Star][1y] [Py] tylous/sniffair A framework for wireless pentesting.
[983Star][1y] [HTML] sensepost/mana DEPRECATED mana toolkit for wifi rogue AP attacks and MitM
- Also In Section: Tools/Network&&Sniff&&Mitm/MITM |
[977Star][14d] [C] s0lst1c3/eaphammer Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
[903Star][1m] [TeX] ethereum/yellowpaper The "Yellow Paper": Ethereum's formal specification
[818Star][2m] [C] spacehuhn/wifi_ducky Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
[796Star][1y] [Objective-C] igrsoft/kismac2 KisMAC is a free, open source wireless stumbling and security tool for Mac OS X.
[766Star][22d] [Py] konradit/gopro-py-api Unofficial GoPro API Library for Python - connect to GoPro via WiFi.
[755Star][7m] [Py] misterbianco/boopsuite A Suite of Tools written in Python for wireless auditing and security testing.
[676Star][10m] [Objective-C] unixpickle/jamwifi A GUI, easy to use WiFi network jammer for Mac OS X
[649Star][7m] [C] wifidog/wifidog-gateway Repository for the wifidog-gateway captive portal designed for embedded systems
[608Star][3m] [C] matheus-garbelini/esp32_esp8266_attacks Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/Exploit/Exp&&PoC |
[502Star][14d] [C++] cyberman54/esp32-paxcounter Wifi & BLE driven passenger flow metering with cheap ESP32 boards
[463Star][2m] [Shell] staz0t/hashcatch Capture handshakes of nearby WiFi networks automatically
[455Star][3m] [Java] lennartkoopmann/nzyme Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
[450Star][1m] [Py] savio-code/fern-wifi-cracker Automatically exported from code.google.com/p/fern-wifi-cracker
[396Star][18d] [C] freifunk-gluon/gluon a modular framework for creating OpenWrt-based firmwares for wireless mesh nodes
[387Star][1y] [Py] jpaulmora/pyrit The famous WPA precomputed cracker, Migrated from Google.
[373Star][3m] [C++] bastibl/gr-ieee802-11 IEEE 802.11 a/g/p Transceiver
[320Star][2m] [Shell] vanhoefm/modwifi
[316Star][2m] [Java] wiglenet/wigle-wifi-wardriving Nethugging client for Android, from wigle.net
[310Star][3m] [TeX] chronaeon/beigepaper Rewrite of the Yellowpaper in non-Yellowpaper syntax.
[266Star][6m] [C] br101/horst “horst” - lightweight IEEE802.11 wireless LAN analyzer with a text interface
[265Star][2m] [C] sensepost/hostapd-mana SensePost's modified hostapd for wifi attacks.
[253Star][1y] [Py] wipi-hunter/pidense Monitor illegal wireless network activities.
[237Star][7m] [Py] lionsec/wifresti Find your wireless network password in Windows , Linux and Mac OS
[234Star][2m] [C] mame82/logitacker Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.
[218Star][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- Also In Section: Tools/Bluetooth |Tools/Network&&Sniff&&Mitm/NoCategory |

WPS&&WPA&&WPA2

[302Star][4m] [Py] hash3lizer/wifibroot A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication)

802.11

Payload&&RAT

NoCategory

[1231Star][19d] [PowerShell] hak5/bashbunny-payloads The Official Bash Bunny Payload Repository
[962Star][27d] [C] zardus/preeny Some helpful preload libraries for pwning stuff.
[560Star][10m] [Py] genetic-malware/ebowla Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
[529Star][2m] [C++] screetsec/brutal Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
[438Star][12d] [Py] ctxis/cape Malware Configuration And Payload Extraction
[339Star][11m] [JS] gabemarshall/brosec Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.
[259Star][3m] [Py] felixweyne/imaginaryc2 Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
[234Star][3m] cujanovic/markdown-xss-payloads XSS payloads for exploiting Markdown syntax
[229Star][17d] cujanovic/open-redirect-payloads Open Redirect Payloads
[226Star][5m] cr0hn/nosqlinjection_wordlists This repository contains payload to test NoSQL Injections
[216Star][2m] [Py] whitel1st/docem Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
[210Star][1m] [Py] brent-stone/can_reverse_engineering Automated Payload Reverse Engineering Pipeline for the Controller Area Network (CAN) protocol
[210Star][24d] [C] shchmue/lockpick_rcm Nintendo Switch encryption key derivation bare metal RCM payload
[210Star][20d] [PHP] zigoo0/jsonbee A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

PayloadCollection

[21409Star][14d] [PHP] danielmiessler/seclists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- Also In Section: Tools/webshell/Collection |Tools/wordlist/Collection |
[10579Star][14d] [Py] swisskyrepo/payloadsallthethings A list of useful payloads and bypass for Web Application Security and Pentest/CTF
[1994Star][8m] [Shell] foospidy/payloads Git All the Payloads! A collection of web attack payloads.
[1989Star][26d] edoverflow/bugbounty-cheatsheet A list of interesting payloads, tips and tricks for bug bounty hunters.
[1856Star][10m] [PHP] bartblaze/php-backdoors A collection of PHP backdoors. For educational or testing purposes only.
[717Star][2m] [HTML] ismailtasdelen/xss-payload-list XSS 漏洞Payload列表
[367Star][2m] renwax23/xss-payloads List of XSS Vectors/Payloads
[272Star][3m] [Py] thekingofduck/easyxsspayload XssPayload List . Usage:
[238Star][3m] payloadbox/command-injection-payload-list

RAT

[5045Star][3m] [Py] n1nj4sec/pupy Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
[1696Star][6m] [Smali] ahmyth/ahmyth-android-rat Android Remote Administration Tool
[1306Star][1y] [Py] marten4n6/evilosx An evil RAT (Remote Administration Tool) for macOS / OS X.
[763Star][22d] [Py] kevthehermit/ratdecoders Python Decoders for Common Remote Access Trojans
[597Star][1y] [PowerShell] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
[477Star][5m] [Visual Basic] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
[352Star][2m] [C++] werkamsus/lilith Lilith, The Open Source C++ Remote Administration Tool (RAT)
[307Star][5m] [Py] mvrozanti/rat-via-telegram Windows Remote Administration Tool via Telegram
[271Star][1m] [C#] nyan-x-cat/asyncrat-c-sharp Open-Source Remote Administration Tool For Windows C# (RAT)
[269Star][3m] [C++] yuanyuanxiang/simpleremoter 基于gh0st的远程控制器：实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能，优化全部代码及整理排版，修复内存泄漏缺陷，程序运行稳定。此项目初版见：

PayloadGenerate

[3268Star][2m] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/PostExp/NoCategory |
[2591Star][3m] [Java] frohoff/ysoserial A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
[1741Star][21d] [Shell] leebaird/discover Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AutoXxx |Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Metasploit/NoCategory |
[1061Star][5m] [Py] nccgroup/winpayloads Undetectable Windows Payload Generation
[1003Star][1y] [Py] d4vinci/dr0p1t-framework A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
[857Star][10m] [Visual Basic] mdsecactivebreach/sharpshooter Payload Generation Framework
[816Star][6m] [Go] tiagorlampert/chaos a PoC that allow generate payloads and control remote operating system
[810Star][2m] [PHP] ambionics/phpggc PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
[794Star][1m] [C#] pwntester/ysoserial.net Deserialization payload generator for a variety of .NET formatters
[733Star][12m] [Py] oddcod3/phantom-evasion Python AV evasion tool capable to generate FUD executable even with the most common 32 bit metasploit payload(exe/elf/dmg/apk)
[684Star][3m] [Py] sevagas/macro_pack macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to fin…
[618Star][8m] [Shell] g0tmi1k/mpc MSFvenom Payload Creator (MSFPC)
[560Star][14d] [C] thewover/donut Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
[397Star][28d] [Perl] chinarulezzz/pixload Image Payload Creating/Injecting tools
[287Star][7m] [Py] 0xacb/viewgen viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
[268Star][1y] [Shell] abedalqaderswedan1/aswcrypter An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far [FUD]
[262Star][1y] [Java] ewilded/shelling SHELLING - a comprehensive OS command injection payload generator
[222Star][1y] [Java] ewilded/psychopath psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.

Botnet

[3690Star][3m] [Py] malwaredllc/byob BYOB (Build Your Own Botnet)
[2135Star][1y] [C++] maestron/botnets This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
[390Star][19d] [C++] souhardya/uboat HTTP Botnet Project
[319Star][5m] [Go] saturnsvoid/gobot2 Second Version of The GoBot Botnet, But more advanced.

Backdooring&&Backdoor

[378Star][7m] [C] zerosum0x0/smbdoor Windows kernel backdoor via registering a malicious SMB handler
[364Star][2m] [Shell] screetsec/vegile This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
[362Star][7m] [Py] s0md3v/cloak Cloak can backdoor any python script with some tricks.
[341Star][11m] [Shell] r00t-3xp10it/backdoorppt transform your payload.exe into one fake word doc (.ppt)
[317Star][1y] [Ruby] carletonstuberg/browser-backdoor BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener
[287Star][3m] [C#] mvelazc0/defcon27_csharp_workshop Writing custom backdoor payloads with C# - Defcon 27
[201Star][8m] [C] paradoxis/php-backdoor Your interpreter isn’t safe anymore — The PHP module backdoor

混淆器&&Obfuscate

[1351Star][9m] [PowerShell] danielbohannon/invoke-obfuscation PowerShell Obfuscator

Payload管理

[930Star][1y] [JS] netflix/sleepy-puppy Sleepy Puppy XSS Payload Management Framework

勒索软件

[379Star][1y] [Go] mauri870/ransomware A POC Windows crypto-ransomware (Academic)
[313Star][13d] [Batchfile] mitchellkrogza/ultimate.hosts.blacklist The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.

键盘记录器

[359Star][11m] [Py] ajinabraham/xenotix-python-keylogger Xenotix Python Keylogger for Windows.

Meterpreter

[233Star][5m] [Py] mez0cc/ms17-010-python MS17-010: Python and Meterpreter

Payload投递

[255Star][3m] [Py] no0be/dnslivery Easy files and payloads delivery over DNS

AllInOne&&Framework

[4965Star][4m] [PowerShell] empireproject/empire Empire is a PowerShell and Python post-exploitation agent.
[4576Star][22d] [Py] manisso/fsociety fsociety Hacking Tools Pack – A Penetration Testing Framework
[3313Star][5m] [PowerShell] samratashok/nishang Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
[3053Star][1m] [Shell] 1n3/sn1per Automated pentest framework for offensive security experts
[3041Star][1m] [Py] byt3bl33d3r/crackmapexec A swiss army knife for pentesting networks
[2961Star][17d] [Py] guardicore/monkey Infection Monkey - An automated pentest tool
[2767Star][7m] [C#] quasar/quasarrat Remote Administration Tool for Windows
[2381Star][2m] [Py] infobyte/faraday Collaborative Penetration Test and Vulnerability Management Platform
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/漏洞管理 |
[1482Star][16d] [Py] zerosum0x0/koadic Koadic C3 COM Command & Control - JScript RAT
[1081Star][10m] [Py] secforce/sparta Network Infrastructure Penetration Testing Tool
[934Star][3m] [Py] 0xinfection/tidos-framework The Offensive Manual Web Application Penetration Testing Framework.
[918Star][1y] [Py] m4n3dw0lf/pythem pentest framework
[513Star][21d] [Py] gyoisamurai/gyoithon GyoiThon is a growing penetration test tool using Machine Learning.
- Also In Section: Tools/AI&&MachineLearning&&DeepLearning&&NeturalNetwork/NoCategory |

PostExp

NoCategory

[6832Star][17d] [C] hashcat/hashcat World's fastest and most advanced password recovery utility
- Also In Section: Tools/Password&&Credential/Password |
[3268Star][2m] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadGenerate |
[2346Star][1m] [Shell] rebootuser/linenum Scripted Local Linux Enumeration & Privilege Escalation Checks
[2136Star][14d] [Py] commixproject/commix Automated All-in-One OS command injection and exploitation tool.
[1226Star][9m] [C] a0rtega/pafish Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
[1191Star][1y] [C#] cn33liz/p0wnedshell PowerShell Runspace Post Exploitation Toolkit
[1045Star][8m] [Py] 0x00-0x00/shellpop Pop shells like a master.
[1029Star][28d] [Boo] byt3bl33d3r/silenttrinity An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
[1015Star][3m] [Py] byt3bl33d3r/deathstar Automate getting Domain Admin using Empire
[754Star][4m] [Py] lgandx/pcredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
[737Star][4m] [PowerShell] hausec/adape-script Active Directory Assessment and Privilege Escalation Script
[668Star][1m] [C#] cobbr/sharpsploit SharpSploit is a .NET post-exploitation library written in C#
[405Star][4m] [Shell] thesecondsun/bashark Bash post exploitation toolkit
[341Star][4m] [Py] adrianvollmer/powerhub A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
[282Star][1y] [JS] chrisallenlane/novahot A webshell framework for penetration testers.
- Also In Section: Tools/webshell/NoCategory |
[212Star][2m] [Go] brompwnie/botb A container analysis and exploitation tool for pentesters and engineers.

PrivilegeEscalation

[3509Star][4m] [C] secwiki/windows-kernel-exploits windows-kernel-exploits Windows平台提权漏洞集合
[1245Star][2m] [Py] alessandroz/beroot Privilege Escalation Project - Windows / Linux / Mac
[583Star][11m] [C++] ohpe/juicy-potato A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
[529Star][4m] rhinosecuritylabs/aws-iam-privilege-escalation A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
[492Star][7m] [Py] initstring/dirty_sock Linux privilege escalation exploit via snapd (CVE-2019-7304)
[467Star][8m] [C] nongiach/sudo_inject [Linux] Two Privilege Escalation techniques abusing sudo token
[443Star][1m] [C#] rasta-mouse/watson Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
[383Star][3m] [PowerShell] cyberark/aclight A script for advanced discovery of Privileged Accounts - includes Shadow Admins
[353Star][2m] [PowerShell] gdedrouas/exchange-ad-privesc Exchange privilege escalations to Active Directory
[337Star][20d] [Shell] nullarray/roothelper A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
[302Star][4m] [Batchfile] frizb/windows-privilege-escalation Windows Privilege Escalation Techniques and Scripts
[258Star][3m] [PHP] lawrenceamer/0xsp-mongoose Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding

Windows

NoCategory

[328Star][2m] [C] mattiwatti/efiguard Disable PatchGuard and DSE at boot time
[209Star][1y] [C++] tandasat/pgresarch PatchGuard Research

UAC

[2283Star][15d] [C] hfiref0x/uacme Defeating Windows User Account Control

AppLocker

ActiveDirectory

[1943Star][2m] infosecn1nja/ad-attack-defense Attack and defend active directory using modern post exploitation adversary tradecraft activity

Domain

Persistence

[271Star][2m] [C#] fireeye/sharpersist Windows persistence toolkit
[260Star][1y] [C++] ewhitehats/invisiblepersistence Persisting in the Windows registry "invisibly"

AutoXxx

[1799Star][4m] [Shell] arismelachroinos/lscript The LAZY script will make your life easier, and of course faster.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[1741Star][21d] [Shell] leebaird/discover Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadGenerate |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Metasploit/NoCategory |
[1656Star][2m] [Py] rootm0s/winpwnage UAC bypass, Elevate, Persistence and Execution methods

DataExfiltration

[453Star][3m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

LateralMovement

Burp

Collection

[1920Star][1y] [BitBake] 1n3/intruderpayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
[1058Star][27d] snoopysecurity/awesome-burp-extensions A curated list of amazingly awesome Burp Extensions

NoCategory

[1091Star][1y] [Py] bugcrowd/hunt Burp和ZAP的扩展收集
[742Star][13d] [Batchfile] mr-xn/burpsuite-collections BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦
[705Star][1y] [Java] d3vilbug/hackbar HackBar plugin for Burpsuite v1.0
[646Star][8m] [Java] vulnerscom/burp-vulners-scanner Vulnerability scanner based on vulners.com search API
[563Star][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
[549Star][8m] [Java] c0ny1/chunked-coding-converter Burp suite 分块传输辅助插件
[466Star][19d] [Java] wagiro/burpbounty Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
[436Star][5m] [Py] albinowax/activescanplusplus ActiveScan++ Burp Suite Plugin
[434Star][1m] [Py] romanzaikin/burpextension-whatsapp-decryption-checkpoint This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019)
[402Star][4m] [Java] bit4woo/recaptcha reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
[397Star][7m] [Java] nccgroup/burpsuitehttpsmuggler A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
[373Star][1y] [Py] rhinosecuritylabs/sleuthql Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
[371Star][2m] [Java] nccgroup/autorepeater Automated HTTP Request Repeating With Burp Suite
[352Star][4m] [Java] bit4woo/domain_hunter A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名（不仅仅是单个主域名）的插件
[327Star][2m] [Kotlin] portswigger/turbo-intruder Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
[309Star][1y] [Java] ebryx/aes-killer Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
[300Star][3m] [Java] bit4woo/knife A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
[300Star][7m] [Java] ilmila/j2eescan J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
[299Star][2m] [Java] portswigger/http-request-smuggler an extension for Burp Suite designed to help you launch HTTP Request Smuggling attack
[297Star][11m] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
[296Star][1y] [Java] vmware/burp-rest-api REST/JSON API to the Burp Suite security tool.
[272Star][1y] [Java] elkokc/reflector Burp plugin able to find reflected XSS on page in real-time while browsing on site
[264Star][18d] [Py] quitten/autorize Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
[250Star][2m] [Py] rhinosecuritylabs/iprotate_burp_extension Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
[241Star][4m] [Py] initroot/burpjslinkfinder Burp Extension for a passive scanning JS files for endpoint links.
[235Star][1m] [Java] samlraider/samlraider SAML2 Burp Extension
[231Star][1y] [Java] nccgroup/burpsuiteloggerplusplus Burp Suite Logger++: Log activities of all the tools in Burp Suite
[230Star][1y] [Py] audibleblink/doxycannon A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
[230Star][1y] [Java] difcareer/sqlmap4burp sqlmap embed in burpsuite
[222Star][6m] [Java] c0ny1/jsencrypter 一个用于加密传输爆破的Burp Suite插件
[214Star][2m] [Java] c0ny1/passive-scan-client Burp被动扫描流量转发插件
[205Star][2m] [Java] h3xstream/http-script-generator ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
[202Star][5m] [Perl] modzero/mod0burpuploadscanner HTTP file upload scanner for Burp Proxy

Metasploit

NoCategory

[18724Star][14d] [Ruby] rapid7/metasploit-framework Metasploit Framework
[1741Star][21d] [Shell] leebaird/discover Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AutoXxx |Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadGenerate |
[1284Star][1y] [Shell] dana-at-cp/backdoor-apk backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
[709Star][2m] [C] rapid7/metasploit-payloads Unified repository for different Metasploit Framework payloads
[683Star][2m] [Java] isafeblue/trackray 溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
[445Star][4m] [Py] cchio/deep-pwning Metasploit for machine learning.
- Also In Section: Tools/AI&&MachineLearning&&DeepLearning&&NeturalNetwork/NoCategory |
[389Star][5m] [Ruby] praetorian-code/purple-team-attack-automation Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
[309Star][10m] [Ruby] darkoperator/metasploit-plugins Plugins for Metasploit Framework
[298Star][2m] [Ruby] fozavci/viproy-voipkit VIPROY - VoIP Pen-Test Kit for Metasploit Framework
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/NoCategory |
[296Star][1m] [Py] 3ndg4me/autoblue-ms17-010 This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
[265Star][3m] [Vue] zerx0r/kage Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler

AntiAV&&BypassAV

[1009Star][4m] [C] govolution/avet AntiVirus Evasion Tool
[698Star][9m] [Py] mr-un1k0d3r/dkmc DKMC - Dont kill my cat - Malicious payload evasion tool
[620Star][6m] [Py] paranoidninja/carboncopy A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
[461Star][1y] [Go] arvanaghi/checkplease Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
[299Star][1y] [Py] two06/inception Provides In-memory compilation and reflective loading of C# apps for AV evasion.
[280Star][1m] [C#] ch0pin/aviator Antivirus evasion project
[252Star][1m] [C#] hackplayers/salsa-tools Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched

C&C

[2387Star][3m] [Go] ne0nd0g/merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
[1104Star][1y] [Py] byt3bl33d3r/gcat A PoC backdoor that uses Gmail as a C&C server
[917Star][19d] [C#] cobbr/covenant Covenant is a collaborative .NET C2 framework for red teamers.
[632Star][10m] [Py] mehulj94/braindamage Remote administration tool which uses Telegram as a C&C server
[314Star][1y] [C#] spiderlabs/dohc2 DoHC2 allows the ExternalC2 library from Ryan Hanson (
[240Star][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2
[240Star][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2

DDOS

[2443Star][17d] [C++] pavel-odintsov/fastnetmon FastNetMon community - very fast DDoS analyzer with sflow/netflow/mirror support
[1174Star][29d] [Shell] mitchellkrogza/nginx-ultimate-bad-bot-blocker Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
[831Star][2m] [Py] 649/memcrashed-ddos-exploit DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/Shodan |
[457Star][6m] [Shell] jgmdev/ddos-deflate Fork of DDoS Deflate with fixes, improvements and new features.
[451Star][2m] [JS] codemanki/cloudscraper Node.js library to bypass cloudflare's anti-ddos page
[374Star][12m] [C] markus-go/bonesi BoNeSi - the DDoS Botnet Simulator
[293Star][3m] [Shell] anti-ddos/anti-ddos
[243Star][12m] [Py] wenfengshi/ddos-dos-tools some sort of ddos-tools

OWASP

[10690Star][13d] [Py] owasp/cheatsheetseries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
[2245Star][13d] [Go] owasp/amass In-depth Attack Surface Mapping and Asset Discovery
[1902Star][28d] [Perl] spiderlabs/owasp-modsecurity-crs OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
[1680Star][1y] owasp/devguide The OWASP Guide
[1390Star][2m] [HTML] owasp/top10 Official OWASP Top 10 Document Repository
[1000Star][3m] [HTML] owasp/nodegoat The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
[731Star][2m] [Java] owasp/securityshepherd Web and mobile application security training platform
[665Star][13d] [HTML] owasp/asvs Application Security Verification Standard
[597Star][10m] [Py] zdresearch/owasp-nettacker Automated Penetration Testing Framework
[480Star][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
[480Star][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
[461Star][7m] [Java] owasp/owasp-webscarab OWASP WebScarab
[402Star][5m] [Py] stanislav-web/opendoor OWASP WEB Directory Scanner
[360Star][1m] [Java] zaproxy/zap-extensions OWASP ZAP Add-ons
[341Star][1m] [Java] esapi/esapi-java-legacy ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
[292Star][5m] 0xradi/owasp-web-checklist OWASP Web Application Security Testing Checklist
[271Star][5m] [JS] mike-goodwin/owasp-threat-dragon An open source, online threat modelling tool from OWASP
[269Star][4m] tanprathan/owasp-testing-checklist OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
[248Star][11m] [Java] owasp/owasp-java-encoder The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
[225Star][1m] owasp/api-security OWASP API Security Project

Kali

[2522Star][7m] offensive-security/kali-nethunter The Kali NetHunter Project
[2332Star][7m] [Py] lionsec/katoolin Automatically install all Kali linux tools
[1690Star][2m] [PHP] xtr4nge/fruitywifi FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.
[849Star][10m] [Shell] esc0rtd3w/wifi-hacker Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2)
[714Star][3m] [Py] rajkumrdusad/tool-x Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 263 hacking tools in termux app and other linux based distributions.
[667Star][7m] offensive-security/kali-arm-build-scripts Kali Linux ARM build scripts
[542Star][1m] [Shell] offensive-security/kali-linux-docker PLEASE USE GITLAB
[385Star][3m] jack-liang/kalitools Kali Linux工具清单
[328Star][7m] offensive-security/kali-linux-recipes Kali Linux Recipes

CobaltStrike

[389Star][1y] [Shell] killswitch-gui/cobaltstrike-toolkit Some useful scripts for CobaltStrike
[203Star][1y] [C#] spiderlabs/sharpcompile SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…

Scanner&&SecurityScan&&AppScan

NoCategory

[11006Star][2m] [C] robertdavidgraham/masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
[7288Star][25d] [Py] s0md3v/xsstrike Most advanced XSS scanner.
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/XSS&&XXE/NoCategory |
[5245Star][1m] [Go] zricethezav/gitleaks Audit git repos for secrets
[4474Star][16d] [Ruby] wpscanteam/wpscan WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
[4101Star][24d] we5ter/scanners-box A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
[3375Star][1m] [Perl] sullo/nikto Nikto web server scanner
[3119Star][2m] [Go] mozilla/sops Simple and flexible tool for managing secrets
[3049Star][20d] [Py] maurosoria/dirsearch Web path scanner
[3022Star][2m] [C] zmap/zmap ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
[2904Star][21d] [Py] andresriancho/w3af w3af: web application attack and audit framework, the open source web vulnerability scanner.
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/VulnerabilityScan&&BugHunting/VulnerabilityScan/NoCategory |
[2261Star][3m] [JS] retirejs/retire.js scanner detecting the use of JavaScript libraries with known vulnerabilities
[2027Star][2m] [Ruby] urbanadventurer/whatweb Next generation web scanner
[2023Star][2m] [Py] nabla-c0d3/sslyze Fast and powerful SSL/TLS server scanning library.
[1630Star][1m] [NSIS] angryip/ipscan Angry IP Scanner - fast and friendly network scanner
[1530Star][7m] [Py] m4ll0k/wascan WAScan - Web Application Scanner
[1494Star][4m] [Py] hannob/snallygaster Tool to scan for secret files on HTTP servers
[1060Star][2m] [PHP] tuhinshubhra/red_hawk All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |
[1054Star][3m] [Py] gerbenjavado/linkfinder A python script that finds endpoints in JavaScript files
[1037Star][7m] [Py] lucifer1993/struts-scan Python2编写的struts2漏洞全版本检测和利用工具
[985Star][3m] [Py] h4ckforjob/dirmap An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。
[905Star][2m] [Py] tuhinshubhra/cmseek CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
[880Star][5m] [PHP] tidesec/wdscanner WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
[862Star][1m] [Py] ajinabraham/nodejsscan NodeJsScan is a static security code scanner for Node.js applications.
[759Star][17d] [Py] vesche/scanless online port scan scraper
[741Star][19d] [Py] nekmo/dirhunt Find web directories without bruteforce
- Also In Section: Tools/Spdier |
[722Star][6m] [Py] ztgrace/changeme A default credential scanner.
[694Star][4m] [CSS] ajinabraham/cmsscan CMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
[690Star][2m] [CSS] boy-hack/w12scan a network asset discovery engine that can automatically aggregate related assets for analysis and use
[681Star][28d] [C] scanmem/scanmem memory scanner for Linux
[671Star][1m] [Ruby] mozilla/ssh_scan A prototype SSH configuration and policy scanner (Blog:
[657Star][7m] [Py] m4ll0k/wpseku WPSeku - Wordpress Security Scanner
[656Star][2m] [Py] kevthehermit/pastehunter Scanning pastebin with yara rules
[649Star][5m] [Py] droope/droopescan A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
[636Star][1y] [Py] lmco/laikaboss Laika BOSS: Object Scanning System
[613Star][5m] [Py] rabbitmask/weblogicscan Weblogic一键漏洞检测工具，V1.3
[612Star][12m] [Ruby] thesp0nge/dawnscanner Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
[604Star][4m] [Py] faizann24/xsspy XssPy - Web Application XSS Scanner
[569Star][2m] [HTML] gwillem/magento-malware-scanner Scanner, signatures and the largest collection of Magento malware
[564Star][2m] [Perl] alisamtechnology/atscan Advanced dork Search & Mass Exploit Scanner
[555Star][5m] [Py] codingo/vhostscan A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
[542Star][7m] [Go] marco-lancini/goscan Interactive Network Scanner
[536Star][4m] [Py] dhs-ncats/pshtt Scan domains and return data based on HTTPS best practices
[526Star][6m] [Py] grayddq/gscan 本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。
[481Star][1m] [Py] fcavallarin/htcap htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.
[475Star][1y] [C] nanshihui/scan-t a new crawler based on python with more function including Network fingerprint search
[399Star][2m] [Py] boy-hack/w13scan Passive Security Scanner (被动安全扫描器)
[397Star][10m] [JS] eviltik/evilscan NodeJS Simple Network Scanner
[390Star][10m] [Py] mitre/multiscanner Modular file scanning/analysis framework
[386Star][1y] [Py] grayddq/publicmonitors 对公网IP列表进行端口服务扫描，发现周期内的端口服务变化情况和弱口令安全风险
[385Star][1m] [C] hasherezade/hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
[379Star][13d] [Py] stamparm/dsss Damn Small SQLi Scanner
[340Star][4m] [Py] swisskyrepo/wordpresscan WPScan rewritten in Python + some WPSeku ideas
[339Star][12m] [Py] skavngr/rapidscan
[338Star][1m] [Py] fgeek/pyfiscan Free web-application vulnerability and version scanner
[335Star][3m] [Java] portswigger/backslash-powered-scanner Finds unknown classes of injection vulnerabilities
[330Star][1y] [Py] flipkart-incubator/rta Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
[316Star][2m] [HTML] coinbase/salus Security scanner coordinator
[315Star][15d] [C] royhills/arp-scan The ARP Scanner
[301Star][10m] [PHP] steverobbins/magescan Scan a Magento site for information
[299Star][1m] [PowerShell] canix1/adaclscanner Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
[294Star][1y] [Shell] cryptolok/ghostinthenet Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
- Also In Section: Tools/Network&&Sniff&&Mitm/MITM |
[294Star][2m] [Ruby] m0nad/hellraiser Vulnerability Scanner
[294Star][1m] [Shell] mitchellkrogza/apache-ultimate-bad-bot-blocker Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
[286Star][4m] enkomio/taipan Web application vulnerability scanner
[284Star][1y] [Py] code-scan/dzscan Dzscan
[280Star][8m] [Py] boy-hack/w8fuckcdn Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
[278Star][3m] [Py] shenril/sitadel Web Application Security Scanner
[276Star][2m] [Py] target/strelka Real-time, container-based file scanning at enterprise scale
[268Star][1y] [PHP] psecio/parse Parse: A Static Security Scanner
[262Star][5m] [Py] abhisharma404/vault_scanner swiss army knife for hackers
[254Star][3m] [Py] m4ll0k/konan Konan - Advanced Web Application Dir Scanner
[253Star][9m] jeffzh3ng/insectsawake Network Vulnerability Scanner
[246Star][1m] [Py] gildasio/h2t h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
[245Star][2m] [Go] zmap/zgrab2 Go Application Layer Scanner
[235Star][3m] [PHP] psecio/versionscan A PHP version scanner for reporting possible vulnerabilities
[233Star][7m] [Go] gocaio/goca Goca Scanner
[217Star][5m] [JS] pavanw3b/sh00t Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
[209Star][3m] [Py] iojw/socialscan Check email address and username availability on online platforms
[207Star][9m] [Py] nullarray/dorknet Selenium powered Python script to automate searching for vulnerable web apps.
[202Star][1y] [Py] dionach/cmsmap CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
[201Star][12m] [PowerShell] sud0woodo/dcomrade Powershell script for enumerating vulnerable DCOM Applications

Secret&&Privacy

[6673Star][10m] [Shell] awslabs/git-secrets Prevents you from committing secrets and credentials into git repositories
[4346Star][7m] [Py] boxug/trape People tracker on the Internet: OSINT analysis and research tool by Jose Pino
[3064Star][28d] [Py] tribler/tribler Privacy enhanced BitTorrent client with P2P content discovery
[1102Star][4m] [Vue] 0xbug/hawkeye GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
[935Star][20d] [Py] mozilla/openwpm A web privacy measurement framework
[884Star][2m] [C#] elevenpaths/foca Tool to find metadata and hidden information in the documents.
[822Star][18d] [Py] al0ne/vxscan python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。
[390Star][6m] [Py] repoog/gitprey Searching sensitive files and contents in GitHub associated to company name or other key words
[356Star][2m] [Py] hell0w0rld0/github-hunter This tool is for sensitive information searching on Github - The Fast Version here:
[312Star][15d] [HTML] tanjiti/sec_profile 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/SocialNetwork/Github |

PrivacyStorage

NoCategory

[5029Star][2m] [Shell] stackexchange/blackbox Safely store secrets in Git/Mercurial/Subversion

Steganography

[569Star][1m] [Go] dimitarpetrov/stegify Go tool for LSB steganography, capable of hiding any file within an image.
[344Star][6m] [Go] lukechampine/jsteg JPEG steganography
[342Star][5m] [Java] syvaidya/openstego OpenStego is a steganography application that provides two functionalities: a) Data Hiding: It can hide any data within a cover file (e.g. images). b) Watermarking: Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying.
[274Star][1y] [C] abeluck/stegdetect UNMAINTAINED. USE AT OWN RISK. Stegdetect is an automated tool for detecting steganographic content in images.
[256Star][26d] [Py] cedricbonhomme/stegano Stegano is a pure Python steganography module.

Recon&&InfoGather&&SubDomainDiscovery&&OSINT

NoCategory

[7042Star][28d] [Java] lionsoul2014/ip2region Ip2region is a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is less then 5Mb with all ip address stored. binding for Java,PHP,C,Python,Nodejs,Golang,C#,lua. Binary,B-tree,Memory searching algorithm
[6894Star][27d] greatfire/wiki 自由浏览
[6109Star][9m] [Py] schollz/howmanypeoplearearound Count the number of people around you
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[2154Star][28d] [C] texane/stlink stm32 discovery line linux programmer
[2061Star][16d] [Py] fortynorthsecurity/eyewitness EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
[1741Star][21d] [Shell] leebaird/discover Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/AutoXxx |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadGenerate |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Metasploit/NoCategory |
[1627Star][28d] [Py] cea-sec/ivre Network recon framework.
[1593Star][28d] [Go] awnumar/memguard Secure software enclave for storage of sensitive information in memory.
[1591Star][4m] [Py] mozilla/cipherscan A very simple way to find out which SSL ciphersuites are supported by a target.
[1392Star][6m] [Py] enablesecurity/wafw00f WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
[1309Star][3m] [JS] lockfale/osint-framework OSINT Framework
[1301Star][26d] [CSS] undeadsec/socialfish Educational Phishing Tool & Information Collector
- Also In Section: Tools/SET&&Phishing&&SpearPhishing/NoCategory |
[1261Star][1m] [Py] s0md3v/arjun HTTP parameter discovery suite.
[1256Star][2m] [Py] codingo/reconnoitre A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
[1253Star][1y] [PowerShell] dafthack/mailsniper MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
[1180Star][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/Exploit/漏洞利用 |Tools/Database&&SQLAttack&&SQLInjection/NoSQL/NoCategory |
[1135Star][10m] [C] blechschmidt/massdns A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
[1060Star][2m] [PHP] tuhinshubhra/red_hawk All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/NoCategory |
[1041Star][1m] [Rust] fgribreau/mailchecker 邮件检测库，跨语言。覆盖33078虚假邮件提供者
[944Star][4m] [C] rbsec/sslscan sslscan tests SSL/TLS enabled services to discover supported cipher suites
[930Star][2m] [Py] sundowndev/phoneinfoga Advanced information gathering & OSINT tool for phone numbers
[924Star][17d] [OCaml] airbus-seclab/bincat Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
[871Star][4m] derpopo/uabe Unity Assets Bundle Extractor
[851Star][7m] [Py] s0md3v/recondog Reconnaissance Swiss Army Knife
[760Star][12m] [HTML] sense-of-security/adrecon ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
[742Star][3m] [Py] threatexpress/domainhunter Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
- Also In Section: Tools/SET&&Phishing&&SpearPhishing/NoCategory |
[698Star][17d] [Ruby] intrigueio/intrigue-core Discover Your Attack Surface
[694Star][27d] [Py] khast3x/h8mail Password Breach Hunting and Email OSINT tool, locally or using premium services. Supports chasing down related email
[680Star][4m] [Shell] nahamsec/lazyrecon This script is intended to automate your reconnaissance process in an organized fashion
[617Star][5m] [Py] deibit/cansina Web Content Discovery Tool
[579Star][7m] [Py] ekultek/zeus-scanner Advanced reconnaissance utility
[537Star][8m] [Py] m4ll0k/infoga Infoga - Email OSINT
[483Star][2m] no-github/digital-privacy 一个关于数字隐私搜集、保护、清理集一体的方案,外加开源信息收集(OSINT)对抗
[463Star][3m] [Py] xillwillx/skiptracer OSINT python webscaping framework
[462Star][14d] [Rust] kpcyrd/sn0int Semi-automatic OSINT framework and package manager
[417Star][2m] [Py] superhedgy/attacksurfacemapper AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
[404Star][4m] [Shell] d4rk007/redghost Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace.
[388Star][3m] [Go] graniet/operative-framework operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
[387Star][12m] [Py] chrismaddalena/odin Automated network asset, email, and social media profile discovery and cataloguing.
[378Star][2m] ph055a/osint-collection Maintained collection of OSINT related resources. (All Free & Actionable)
[362Star][1m] [Py] dedsecinside/torbot Dark Web OSINT Tool
[350Star][11m] [Py] aancw/belati The Traditional Swiss Army Knife for OSINT
[350Star][18d] [Py] depthsecurity/armory Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
[335Star][1m] [Py] darryllane/bluto DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking
[329Star][11m] [Py] mdsecactivebreach/linkedint LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
[320Star][5m] [Go] nhoya/gosint OSINT Swiss Army Knife
[304Star][4m] [Py] initstring/linkedin2username OSINT Tool: Generate username lists for companies on LinkedIn
[302Star][1y] [Py] sharadkumar97/osint-spy Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. If you want to ask something please feel free to reach out to me at sharad@osint-spy.com
[299Star][1y] [Py] twelvesec/gasmask Information gathering tool - OSINT
[296Star][11m] [Py] r3vn/badkarma network reconnaissance toolkit
[289Star][6m] [Shell] eschultze/urlextractor Information gathering & website reconnaissance |
[284Star][2m] [JS] pownjs/pown-recon A powerful target reconnaissance framework powered by graph theory.
[279Star][1y] [Shell] ha71/namechk Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.
[268Star][1y] [Go] tomsteele/blacksheepwall blacksheepwall is a hostname reconnaissance tool
[264Star][2m] [Py] ekultek/whatbreach OSINT tool to find breached emails, databases, pastes, and relevant information
[242Star][2m] [Shell] solomonsklash/chomp-scan A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
[236Star][13d] [Py] zephrfish/googd0rker GoogD0rker is a tool for firing off google dorks against a target domain, it is purely for OSINT against a specific target domain. READ the readme before messaging or tweeting me.
[229Star][7m] [JS] cliqz-oss/local-sheriff Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII) are being shared / leaked to which all third-parties.
[229Star][1m] [Propeller Spin] grandideastudio/jtagulator JTAGulator: Assisted discovery of on-chip debug interfaces
[227Star][1m] [Py] sc1341/instagramosint An Instagram Open Source Intelligence Tool
[225Star][1m] [Py] anon-exploiter/sitebroker A cross-platform python based utility for information gathering and penetration testing automation!
[220Star][3m] [Py] thewhiteh4t/finalrecon OSINT Tool for All-In-One Web Reconnaissance
[220Star][13d] [PowerShell] tonyphipps/meerkat A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
[219Star][3m] [Py] eth0izzle/the-endorser An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.
[218Star][1y] [Shell] edoverflow/megplus Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
[210Star][4m] [Py] spiderlabs/hosthunter HostHunter a recon tool for discovering hostnames using OSINT techniques.

SubDomainDiscovery

[4008Star][1m] [Py] aboul3la/sublist3r Fast subdomains enumeration tool for penetration testers
[3147Star][15d] [Py] laramies/theharvester E-mails, subdomains and names Harvester - OSINT
[2981Star][6m] [Go] michenriksen/aquatone A Tool for Domain Flyovers
[1750Star][6m] [Py] lijiejie/subdomainsbrute A fast sub domain brute tool for pentesters
[1686Star][1m] [Go] subfinder/subfinder SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
[1668Star][7m] [Py] guelfoweb/knock Knock Subdomain Scan
- Also In Section: Tools/wordlist/NoCategory |
[1555Star][14d] [Go] caffix/amass In-depth Attack Surface Mapping and Asset Discovery
[1087Star][1m] [Py] john-kurkowski/tldextract Accurately separate the TLD from the registered domain and subdomains of a URL, using the Public Suffix List.
[752Star][12d] [Rust] edu4rdshl/findomain The fastest and cross-platform subdomain enumerator, don't waste your time.
[687Star][4m] [Go] haccer/subjack Subdomain Takeover tool written in Go
[639Star][1y] [Py] simplysecurity/simplyemail Email recon made fast and easy, with a framework to build on
[573Star][2m] [Py] jonluca/anubis Subdomain enumeration and information gathering tool
[537Star][8m] [Py] feeicn/esd Enumeration sub domains(枚举子域名)
[468Star][1m] [Py] typeerror/domained Multi Tool Subdomain Enumeration
[435Star][1y] [Go] ice3man543/subover A Powerful Subdomain Takeover Tool
[434Star][5m] [Py] threezh1/jsfinder JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
[425Star][1m] [Py] nsonaniya2010/subdomainizer A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
[422Star][10m] [Py] appsecco/bugcrowd-levelup-subdomain-enumeration This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
[407Star][2m] [Py] yanxiu0614/subdomain3 A new generation of tool for discovering subdomains( ip , cdn and so on)
[327Star][4m] [Py] chris408/ct-exposer An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
[302Star][1y] [Py] christophetd/censys-subdomain-finder ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
[275Star][7m] [Py] franccesco/getaltname Extract subdomains from SSL certificates in HTTPS sites.
[254Star][10m] [Py] appsecco/the-art-of-subdomain-enumeration This repository contains all the supplement material for the book "The art of sub-domain enumeration"
[251Star][5m] [Go] anshumanbh/tko-subs A tool that can help detect and takeover subdomains with dead DNS records
[204Star][1m] [Shell] screetsec/sudomy Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format

Recon&&InfoGather

[3496Star][15d] [Shell] drwetter/testssl.sh Testing TLS/SSL encryption anywhere on any port
[2378Star][15d] [Py] smicallef/spiderfoot SpiderFoot, the most complete OSINT collection and reconnaissance tool.
[2168Star][1y] [Py] datasploit/datasploit An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
[1963Star][8m] [JS] weichiachang/stacks-cli Check website stack from the terminal
[1873Star][1m] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/VulnerabilityScan&&BugHunting/VulnerabilityScan/NoCategory |
[1629Star][1y] [Py] evyatarmeged/raccoon A high performance offensive security tool for reconnaissance and vulnerability scanning
- Also In Section: Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/VulnerabilityScan&&BugHunting/VulnerabilityScan/NoCategory |
[1420Star][6m] [Py] oros42/imsi-catcher This program show you IMSI numbers of cellphones around you.
[1271Star][1y] [Go] evilsocket/xray XRay is a tool for recon, mapping and OSINT gathering from public networks.
[619Star][29d] [Py] tib3rius/autorecon AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
[510Star][9m] [Py] fortynorthsecurity/just-metadata Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
[453Star][19d] [Py] yassineaboukir/sublert Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
[388Star][10m] [Swift] ibm/mac-ibm-enrollment-app The Mac@IBM enrollment app makes setting up macOS with Jamf Pro more intuitive for users and easier for IT. The application offers IT admins the ability to gather additional information about their users during setup, allows users to customize their enrollment by selecting apps or bundles of apps to install during setup, and provides users with …
[349Star][4m] [C++] wbenny/pdbex pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers
[343Star][27d] [Py] lanmaster53/recon-ng Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
[283Star][2m] [Py] govanguard/legion Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
[269Star][10m] [Py] LaNMaSteR53/recon-ng

Fingerprinting

[8843Star][13d] [JS] valve/fingerprintjs2 Modern & flexible browser fingerprinting library
[3029Star][1m] [JS] valve/fingerprintjs Anonymous browser fingerprint
[1595Star][14d] [JS] ghacksuserjs/ghacks-user.js An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
[1595Star][9m] [C] nmikhailov/validity90 Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol
[918Star][7m] [JS] song-li/cross_browser cross_browser_fingerprinting
[783Star][1m] [Py] salesforce/ja3 JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
[372Star][21d] [Py] 0x4d31/fatt FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
[309Star][2m] [Py] dpwe/audfprint Landmark-based audio fingerprinting
[305Star][3m] [Py] salesforce/hassh HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.
[268Star][1y] [CSS] w-digital-scanner/w11scan 分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform
[240Star][2m] [C] leebrotherston/tls-fingerprinting TLS Fingerprinting
[224Star][2m] [GLSL] westpointltd/tls_prober A tool to fingerprint SSL/TLS servers
[212Star][1y] [Py] sensepost/spartan Frontpage and Sharepoint fingerprinting and attack tool.
[200Star][1y] [Erlang] kudelskisecurity/scannerl The modular distributed fingerprinting engine

Collection

[3674Star][15d] jivoi/awesome-osint OSINT资源收集

SocialNetwork

Twitter

[2797Star][21d] [Py] twintproject/twint An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

Github

[1627Star][22d] [Go] eth0izzle/shhgit Ah shhgit! Find GitHub secrets in real time
[1549Star][1y] [Py] unkl4b/gitminer Tool for advanced mining for content on Github
[1321Star][7m] [Py] feeicn/gsil GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）
[840Star][7m] [Go] misecurity/x-patrol github泄露扫描系统
[834Star][1m] [JS] vksrc/github-monitor Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
[767Star][1m] [Py] bishopfox/gitgot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
[750Star][3m] [Py] techgaun/github-dorks Collection of github dorks and helper tool to automate the process of checking dorks
[602Star][2m] [Py] hisxo/gitgraber gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
[312Star][15d] [HTML] tanjiti/sec_profile 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/Secret&&Privacy |
[290Star][7m] [Py] s0md3v/zen Find emails of Github users

NoCategory

[7541Star][30d] [Py] theyahya/sherlock Find Usernames Across Social Networks
[2504Star][2m] [Py] greenwolf/social_mapper A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)
[653Star][1y] [Go] 0x09al/raven raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

DNS

[2421Star][4m] [Go] oj/gobuster Directory/File, DNS and VHost busting tool written in Go
[2278Star][30d] [Py] ab77/netflix-proxy Smart DNS proxy to watch Netflix
[2081Star][19d] [Py] elceef/dnstwist Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
[1885Star][28d] [C++] powerdns/pdns PowerDNS
[1669Star][3m] [Py] lgandx/responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
[1117Star][7m] [Py] darkoperator/dnsrecon DNS Enumeration Script
[1044Star][2m] [Py] infosec-au/altdns Generates permutations, alterations and mutations of subdomains and then resolves them
[1039Star][1m] [Go] nadoo/glider glider is a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
[969Star][6m] [Py] m57/dnsteal DNS Exfiltration tool for stealthily sending files over DNS requests.
[891Star][18d] [Py] mschwager/fierce A DNS reconnaissance tool for locating non-contiguous IP space.
[877Star][5m] [Py] m0rtem/cloudfail Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
[681Star][1y] [Py] bugscanteam/dnslog DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。
[594Star][7m] [Shell] cokebar/gfwlist2dnsmasq A shell script which convert gfwlist into dnsmasq rules. Python version:
[558Star][6m] [C] getdnsapi/stubby Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
[457Star][8m] [C] cofyc/dnscrypt-wrapper This is dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver.
[359Star][3m] [JS] nccgroup/singularity A DNS rebinding attack framework.
[259Star][11m] [Py] trycatchhcf/packetwhisper PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
[258Star][2m] [Go] zmap/zdns Fast CLI DNS Lookup Tool
[249Star][3m] [C#] kevin-robertson/inveighzero Windows C# LLMNR/mDNS/NBNS/DNS spoofer/man-in-the-middle tool
[243Star][9m] [Go] erbbysam/dnsgrep Quickly Search Large DNS Datasets
[237Star][25d] [Py] mandatoryprogrammer/trusttrees A Tool for DNS Delegation Trust Graphing
[230Star][1m] [Go] sensepost/godoh A DNS-over-HTTPS Command & Control Proof of Concept
[213Star][1y] [PowerShell] lukebaggett/dnscat2-powershell A Powershell client for dnscat2, an encrypted DNS command and control tool.

Shodan

[1082Star][2m] [Py] achillean/shodan-python The official Python library for Shodan
[954Star][4m] [Py] woj-ciech/kamerka Build interactive map of cameras from Shodan
[831Star][2m] [Py] 649/memcrashed-ddos-exploit DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/DDOS |
[669Star][2m] jakejarvis/awesome-shodan-queries
[353Star][1m] [Py] pielco11/fav-up IP lookup from favicon using Shodan
[337Star][2m] [Py] random-robbie/my-shodan-scripts Collection of Scripts for shodan searching stuff.
[233Star][10m] [Py] nethunteros/punter Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, Shodan, Crimeflare

nmap

[3492Star][17d] [C] nmap/nmap Nmap - the Network Mapper. Github mirror of official SVN repository.
[2099Star][6m] [Py] calebmadrigal/trackerjacker Like nmap for mapping wifi networks you're not connected to, plus device tracking
[1666Star][3m] [Lua] vulnerscom/nmap-vulners NSE script based on Vulners.com API
[1497Star][2m] [C] nmap/npcap Nmap Project's packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF.
[1237Star][2m] [Lua] scipag/vulscan Advanced vulnerability scanning with Nmap NSE
[936Star][4m] [Shell] trimstray/sandmap Nmap on steroids! Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
[887Star][11m] [Py] rev3rsesecurity/webmap Nmap Web Dashboard and Reporting
[822Star][2m] [Py] x90skysn3k/brutespray Brute-Forcing from Nmap output - Automatically attempts default creds on found services.
[728Star][4m] [Lua] cldrn/nmap-nse-scripts My collection of nmap NSE scripts
[658Star][4m] [Py] iceyhexman/onlinetools 在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
[481Star][1y] [XSLT] honze-net/nmap-bootstrap-xsl A Nmap XSL implementation with Bootstrap.
[391Star][7m] [Py] savon-noir/python-libnmap libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.6 up to 3.4. It's wonderful.
[325Star][9m] [Py] samhaxr/hackbox HackBox is the combination of awesome techniques. [1] - Xss [2] - Exploits [3] - Subdomain scanner [4] - Whois Lookup [5] - SSRF Injection [6] - Nmap Auto banner [7] - Js Url parser [8] - Web Headers [9] - Listener [10] - Current Network Stats [11] - CORS Misconfig [12] - AWS S3 Misconfig
[307Star][1y] [Java] s4n7h0/halcyon First IDE for Nmap Script (NSE) Development.
[282Star][1y] [Ruby] danmcinerney/pentest-machine Automates some pentest jobs via nmap xml file
[257Star][1y] [Java] danicuestasuarez/nmapgui Advanced Graphical User Interface for NMap
[247Star][1y] [Shell] m4ll0k/autonse Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
[230Star][7m] [Lua] rvn0xsy/nse_vuln Nmap扫描、漏洞利用脚本
[228Star][5m] [Py] maaaaz/nmaptocsv A simple python script to convert Nmap output to CSV

Database&&SQLAttack&&SQLInjection

NoCategory

[950Star][18d] [PowerShell] netspi/powerupsql PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
[661Star][3m] [Py] v3n0m-scanner/v3n0m-scanner Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
[638Star][2m] [Py] quentinhardy/odat ODAT: Oracle Database Attacking Tool
[526Star][4m] [Py] quentinhardy/msdat MSDAT: Microsoft SQL Database Attacking Tool

SQL

NoCategory

[2883Star][1m] [Go] cookiey/yearning A most popular sql audit platform for mysql
[712Star][1y] [Py] the-robot/sqliv massive SQL injection vulnerability scanner
[553Star][1m] [HTML] netspi/sqlinjectionwiki A wiki focusing on aggregating and documenting various SQL injection methods
[444Star][9m] [Go] netxfly/x-crack x-crack - Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
[439Star][3m] [Go] stripe/safesql Static analysis tool for Golang that protects against SQL injections
[395Star][3m] [C#] shack2/supersqlinjectionv1 超级SQL注入工具（SSQLInjection）是一款基于HTTP协议自组包的SQL注入工具,采用C#开发，直接操作TCP会话来进行HTTP交互，支持出现在HTTP协议任意位置的SQL注入，支持各种类型的SQL注入，支持HTTPS模式注入；支持以盲注、错误显示、Union注入等方式来获取数据；支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库；支持手动灵活的进行SQL注入绕过，可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计，需要使用人员对SQL注入有一定了解。
[295Star][8m] [JS] ning1022/sqlinjectionwiki 一个专注于聚合和记录各种SQL注入方法的wiki
[255Star][7m] [Py] s0md3v/sqlmate A friend of SQLmap which will do what you always expected from SQLmap.

SQLInjection

[15554Star][16d] [Py] sqlmapproject/sqlmap Automatic SQL injection and database takeover tool
[592Star][6m] aleenzz/mysql_sql_bypass_wiki mysql注入,bypass的一些心得

SQLVul

NoSQL

NoCategory

[1180Star][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |Tools/Vulnerability&&BugHunting&&Exploit&&Fuzzing/Exploit/漏洞利用 |
[275Star][1y] [Java] florent37/android-nosql Lightweight, simple structured NoSQL database for Android

MongoDB

[1069Star][2m] [Py] stampery/mongoaudit

Audit&&SecurityAudit&&CodeAudit

NoCategory

[6407Star][1m] [Shell] cisofy/lynis Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
[1465Star][27d] [Shell] mzet-/linux-exploit-suggester Linux privilege escalation auditing tool
[967Star][2m] [Py] nccgroup/scoutsuite Multi-Cloud Security Auditing Tool
[604Star][6m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
- Also In Section: Tools/Mobile/NoCategory |
[271Star][17d] [Py] lorexxar/cobra-w Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版

CodeAudit

[2041Star][3m] [Py] whaleshark-team/cobra Source Code Security Audit (源代码安全审计)
[807Star][1y] [Py] utkusen/leviathan wide range mass audit toolkit
[646Star][1y] chybeta/code-audit-challenges Code-Audit-Challenges
[626Star][8m] [Py] klen/pylama Code audit tool for python.
[399Star][4m] [C] anssi-fr/ad-control-paths Active Directory Control Paths auditing and graphing tools
[355Star][11m] [Py] enablesecurity/sipvicious SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems.
[293Star][2m] [C#] ossindex/devaudit Open-source, cross-platform, multi-purpose security auditing tool
[263Star][14d] [Py] exodus-privacy/exodus Platform to audit trackers used by Android application
[254Star][1m] [Py] hubblestack/hubble Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe.
[240Star][4m] [PowerShell] nccgroup/azucar Security auditing tool for Azure environments
[215Star][1y] [C] meliot/filewatcher A simple auditing utility for macOS

SET&&Phishing&&SpearPhishing

NoCategory

[1301Star][26d] [CSS] undeadsec/socialfish Educational Phishing Tool & Information Collector
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |
[742Star][3m] [Py] threatexpress/domainhunter Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/NoCategory |
[556Star][2m] [Py] thewhiteh4t/seeker Accurately Locate Smartphones using Social Engineering
[305Star][1m] [Py] raikia/uhoh365 A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.

SET

[4854Star][2m] [Py] trustedsec/social-engineer-toolkit The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Phish

[8337Star][17d] [Py] wifiphisher/wifiphisher The Rogue Access Point Framework
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[4161Star][12d] [Go] gophish/gophish Open-Source Phishing Toolkit
[2721Star][1m] [Go] kgretzky/evilginx2 Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
- Also In Section: Tools/Network&&Sniff&&Mitm/MITM |
[1402Star][8m] [JS] anttiviljami/browser-autofill-phishing A simple demo of phishing by abusing the browser autofill feature
[1331Star][10m] [HTML] thelinuxchoice/blackeye The most complete Phishing Tool, with 32 templates +1 customizable
[994Star][17d] [Py] securestate/king-phisher Phishing Campaign Toolkit
[976Star][1m] [Py] x0rz/phishing_catcher Phishing catcher using Certstream
[861Star][19d] [HTML] darksecdevelopers/hiddeneye Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ]
[858Star][7m] [HTML] thelinuxchoice/shellphish Phishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest
[831Star][4m] [PHP] raikia/fiercephish FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
[828Star][1y] [HTML] ustayready/credsniper CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
[524Star][26d] [Py] shellphish/driller Driller: augmenting AFL with symbolic execution!
[348Star][4m] [Py] tatanus/spf SpeedPhishing Framework
[297Star][10m] [Py] mr-un1k0d3r/catmyphish Search for categorized domain
[265Star][3m] [Go] muraenateam/muraena Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
[240Star][2m] [Py] atexio/mercure Mercure is a tool for security managers who want to train their colleague to phishing.
[228Star][1y] [Jupyter Notebook] wesleyraptor/streamingphish Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.
[220Star][3m] [Py] duo-labs/isthislegit Dashboard to collect, analyze, and respond to reported phishing emails.

SpearPhishing

Hardware&&USB&&RaspberryPi

NoCategory

[2190Star][18d] [Shell] eliaskotlyar/xiaomi-dafang-hacks
[2009Star][1y] [C] xoreaxeaxeax/rosenbridge Hardware backdoors in some x86 CPUs
[1932Star][13d] [Go] ullaakut/cameradar Cameradar hacks its way into RTSP videosurveillance cameras
[1327Star][1y] [Py] carmaa/inception Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
[1117Star][10m] [JS] mame82/p4wnp1_aloa P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
- Also In Section: Tools/EvnSetup&&Env/NoCategory |
[962Star][2m] [C] olimex/olinuxino OLINUXINO is Open Source / Open Hardware, low cost from EUR 24 Linux Industrial grade Single Board Computer capable to operate -25+85C
[516Star][3m] [Java] 1998lixin/hardwarecode 基于xposed 修改硬件信息

USB

[3811Star][17d] drduh/yubikey-guide Guide to using YubiKey for GPG and SSH
[2643Star][12m] [Py] mame82/p4wnp1 P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
- Also In Section: Tools/Hardware&&USB&&RaspberryPi/RaspberryPi |
[2149Star][9m] [C] conorpp/u2f-zero U2F USB token optimized for physical security, affordability, and style
[1018Star][28d] [C] solokeys/solo Solo: open security key supporting FIDO2 & U2F over USB + NFC
[982Star][11m] [C#] kenvix/usbcopyer 插上U盘自动按需复制文件
[865Star][2m] [C++] whid-injector/whid WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
[832Star][6m] [Objective-C] sevenbits/mac-linux-usb-loader Boot Linux on your Mac, easily
[825Star][1m] [C++] openzwave/open-zwave a C++ library to control Z-Wave Networks via a USB Z-Wave Controller.
[744Star][19d] [Py] snovvcrash/usbrip Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
- Also In Section: Tools/IncidentResponse&&Forensics/Forensics |
[695Star][2m] [C] nuand/bladerf bladeRF USB 3.0 Superspeed Software Defined Radio Source Code
[596Star][5m] [C] pelya/android-keyboard-gadget Convert your Android device into USB keyboard/mouse, control your PC from your Android device remotely, including BIOS/bootloader.
[410Star][8m] [Shell] jsamr/bootiso A bash script to securely create a bootable USB device from one ISO file. Just curl it, chmod it and go!
[307Star][3m] [Py] circl/circlean USB key cleaner
[305Star][3m] [C++] cedarctic/digispark-scripts USB Rubber Ducky type scripts written for the DigiSpark.
[221Star][5m] [ANTLR] myriadrf/limesdr-usb USB 3.0 version of the LimeSDR board

RaspberryPi

[2643Star][12m] [Py] mame82/p4wnp1 P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
- Also In Section: Tools/Hardware&&USB&&RaspberryPi/USB |
[1658Star][7m] [Makefile] raspberrypi/noobs NOOBS (New Out Of Box Software) - An easy Operating System install manager for the Raspberry Pi
[1510Star][1m] [C] raspberrypi/userland Source code for ARM side libraries for interfacing to Raspberry Pi GPU.
[296Star][6m] [C++] cyphunk/jtagenum Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch…
[258Star][5m] [Py] mbro95/portablecellnetwork Utilize a Raspberry Pi and a Nuand BladeRF to generate your own portable local cell network
[246Star][4m] [Py] tipam/pi3d Simple, yet powerful, 3D Python graphics library for beginners and school children running on the Raspberry Pi.

Car&&Vehicle

[1305Star][1m] jaredthecoder/awesome-vehicle-security
[768Star][1y] [C++] polysync/oscc Open Source Car Control
[513Star][7m] [Py] schutzwerk/canalyzat0r Security analysis toolkit for proprietary car protocols
[261Star][1y] [Shell] jgamblin/carhackingtools Install and Configure Common Car Hacking Tools.
[216Star][2m] [Py] caringcaribou/caringcaribou A friendly car security exploration tool for the CAN bus

EvnSetup&&Env

NoCategory

[1571Star][13d] [HTML] clong/detectionlab Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
[1371Star][16d] [Go] crazy-max/windowsspyblocker
[1294Star][2m] [C] cisco-talos/pyrebox Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
[1117Star][10m] [JS] mame82/p4wnp1_aloa P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
- Also In Section: Tools/Hardware&&USB&&RaspberryPi/NoCategory |
[799Star][3m] redhuntlabs/redhunt-os Virtual Machine for Adversary Emulation and Threat Hunting
[781Star][2m] sh4hin/androl4b A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
- Also In Section: Tools/Mobile/Android |
[560Star][5m] [Ruby] sliim/pentest-env Pentest environment deployer (kali linux + targets) using vagrant and chef.
[210Star][11m] [Shell] proxycannon/proxycannon-ng A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference

Linux-Distro

[2830Star][1m] [Py] trustedsec/ptf The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
[2310Star][1m] security-onion-solutions/security-onion Linux distro for intrusion detection, enterprise security monitoring, and log management
[1459Star][13d] [Shell] blackarch/blackarch BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers.
[342Star][13d] [Shell] archstrike/archstrike An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

EnvAutoSetup

[3058Star][2m] [PowerShell] fireeye/commando-vm Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
[1686Star][18d] [PowerShell] fireeye/flare-vm 火眼发布用于 Windows 恶意代码分析的虚拟机：FLARE VM

VulnerableMachine

NoCategory

[4986Star][1m] [Shell] vulhub/vulhub Pre-Built Vulnerable Environments Based on Docker-Compose
[3680Star][2m] [PHP] ethicalhack3r/dvwa Damn Vulnerable Web Application (DVWA)
[2536Star][25d] [Shell] medicean/vulapps 快速搭建各种漏洞环境(Various vulnerability environment)
[2382Star][27d] [TSQL] rapid7/metasploitable3 Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
[1522Star][1m] [PHP] c0ny1/upload-labs 一个想帮你总结所有类型的上传漏洞的靶场
[981Star][1m] [C] hacksysteam/hacksysextremevulnerabledriver HackSys Extreme Vulnerable Windows Driver
[831Star][27d] [JS] lirantal/is-website-vulnerable finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
[741Star][1m] [Ruby] rubysec/ruby-advisory-db A database of vulnerable Ruby Gems
[633Star][2m] [HCL] rhinosecuritylabs/cloudgoat CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
[577Star][2m] [HTML] owasp/railsgoat A vulnerable version of Rails that follows the OWASP Top 10
[563Star][1m] [C++] bkerler/exploit_me Very vulnerable ARM/ARM64 application (CTF style exploitation tutorial)
[517Star][5m] [PHP] acmesec/dorabox DoraBox - 基础Web漏洞训练靶场
[311Star][28d] [Py] owasp/owasp-vwad The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
[252Star][2m] [PHP] incredibleindishell/ssrf_vulnerable_lab This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
[237Star][2m] [JS] owasp/dvsa a Damn Vulnerable Serverless Application
[218Star][11m] [C] stephenbradshaw/vulnserver Vulnerable server used for learning software exploitation

WebApp

[2902Star][13d] [JS] webgoat/webgoat WebGoat 8.0
[2556Star][15d] [JS] bkimminich/juice-shop OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
[459Star][14d] [Py] stamparm/dsvw Damn Small Vulnerable Web
[427Star][3m] [Py] payatu/tiredful-api An intentionally designed broken web application based on REST API.
[289Star][1y] [CSS] appsecco/dvna Damn Vulnerable NodeJS Application
[218Star][5m] [JS] cr0hn/vulnerable-node A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Generate

[1699Star][13d] [Ruby] cliffe/secgen Create randomly insecure VMs
[1408Star][5m] [PHP] s4n7h0/xvwa XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
[305Star][7m] [Ruby] secgen/secgen Generate vulnerable virtual machines on the fly (current team development is taking place in the cliffe/SecGen fork)

Collection

[358Star][4m] xtiankisutsa/awesome-mobile-ctf This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
- Also In Section: Tools/CTF&&HTB/Collection |

MobileApp

[645Star][4m] [Java] dineshshetty/android-insecurebankv2 Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
[203Star][2m] [Java] owasp/mstg-hacking-playground 不安全的iOS/Android App集合

Network&&Sniff&&Mitm

NoCategory

[11823Star][24d] [Go] buger/goreplay GoReplay is an open-source tool for capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with real data. It can be used to increase confidence in code deployments, configuration changes and infrastructure changes.
[6391Star][1m] [Py] networkx/networkx Official NetworkX source code repository.
[5204Star][6m] [Py] usarmyresearchlab/dshell Dshell is a network forensic analysis framework.
[4526Star][15d] [Py] secdev/scapy Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
[4144Star][11m] [JS] kdzwinel/betwixt Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface.
[3729Star][20d] [Py] secureauthcorp/impacket Impacket is a collection of Python classes for working with network protocols.
[3482Star][15d] [JS] aol/moloch Moloch is an open source, large scale, full packet capturing, indexing, and database system.
[3480Star][7m] [Go] fanpei91/torsniff torsniff - a sniffer that sniffs torrents from BitTorrent network
[3191Star][14d] [Py] stamparm/maltrail Malicious traffic detection system
[3096Star][25d] [C] valdikss/goodbyedpi GoodbyeDPI—Passive Deep Packet Inspection blocker and Active DPI circumvention utility (for Windows)
[2503Star][7m] [C++] chengr28/pcap_dnsproxy Pcap_DNSProxy, a local DNS server based on packet capturing
[1877Star][28d] [C] ntop/ndpi Open Source Deep Packet Inspection Software Toolkit
[1799Star][1m] [C] merbanan/rtl_433 Program to decode traffic from Devices that are broadcasting on 433.9 MHz like temperature sensors
[1419Star][2m] [Go] google/stenographer Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
[1328Star][2m] [C++] mfontanini/libtins High-level, multiplatform C++ network packet sniffing and crafting library.
[1271Star][2m] [C] traviscross/mtr Official repository for mtr, a network diagnostic tool
[1258Star][1m] [Go] dreadl0ck/netcap A framework for secure and scalable network traffic analysis -
[1207Star][1y] [Py] danmcinerney/net-creds Sniffs sensitive data from interface or pcap
[1056Star][6m] [PowerShell] nytrorst/netripper NetRipper - Smart traffic sniffing for penetration testers
[1046Star][10m] [C++] simsong/tcpflow TCP/IP packet demultiplexer. Download from:
[952Star][2m] [Py] kiminewt/pyshark Python wrapper for tshark, allowing python packet parsing using wireshark dissectors
[945Star][7m] [Py] fireeye/flare-fakenet-ng FakeNet-NG - Next Generation Dynamic Network Analysis Tool
[853Star][3m] [C] cisco/joy A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
[820Star][6m] [Go] 40t/go-sniffer
[817Star][29d] [C] zerbea/hcxtools Portable solution for capturing wlan traffic and conversion to hashcat formats (recommended by hashcat) and to John the Ripper formats. hcx: h = hash, c = capture, convert and calculate candidates, x = different hashtypes
[800Star][2m] [C] emmericp/ixy Simple userspace packet processing for educational purposes
[790Star][7m] [Py] phaethon/kamene Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
[779Star][2m] [C] netsniff-ng/netsniff-ng A Swiss army knife for your daily Linux network plumbing.
[713Star][2m] [Py] cloudflare/bpftools BPF Tools - packet analyst toolkit
[652Star][1m] [Py] kbandla/dpkt fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
[645Star][1m] [C] zerbea/hcxdumptool Small tool to capture packets from wlan devices.
[636Star][1y] [Go] ga0/netgraph A cross platform http sniffer with a web UI
[509Star][9m] [Perl] mrash/fwknop Single Packet Authorization > Port Knocking
[505Star][7m] [C++] kohler/click The Click modular router: fast modular packet processing and analysis
[499Star][1m] [C] sam-github/libnet A portable framework for low-level network packet construction
[458Star][1m] [Py] netzob/netzob Netzob: Protocol Reverse Engineering, Modeling and Fuzzing
[451Star][4m] [C] jarun/keysniffer
[440Star][20d] [C#] malwareinfosec/ekfiddle A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.
[435Star][2m] [C++] pstavirs/ostinato Ostinato - Packet/Traffic Generator and Analyzer
[431Star][2m] [Ruby] aderyabin/sniffer Log and Analyze Outgoing HTTP Requests
[412Star][10m] [C] jpr5/ngrep ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF f…
[411Star][2m] [C] desowin/usbpcap USB packet capture for Windows
[407Star][8m] [Py] mitrecnd/chopshop Protocol Analysis/Decoder Framework
[387Star][1m] [Rust] kpcyrd/sniffglue Secure multithreaded packet sniffer
[382Star][2m] [Go] alphasoc/flightsim A utility to generate malicious network traffic and evaluate controls
[379Star][4m] [PHP] floedesigntechnologies/phpcs-security-audit phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
[375Star][28d] [Py] idaholab/malcolm Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.
[330Star][12m] [Ruby] packetfu/packetfu PacketFu, a mid-level packet manipulation library for Ruby
[326Star][14d] [TypeScript] shroudedcode/apk-mitm
- Also In Section: Tools/Mobile/Android |Tools/Network&&Sniff&&Mitm/MITM |
[303Star][1y] [Py] tintinweb/scapy-ssl_tls SSL/TLS layers for scapy the interactive packet manipulation tool
[292Star][4m] [C] pulkin/esp8266-injection-example Example project to demonstrate packet injection / sniffer capabilities of ESP8266 IC.
[278Star][23d] [C] troglobit/nemesis A command-line network packet crafting and injection utility
[273Star][9m] [C] jiaoxianjun/btle Bluetooth Low Energy (BLE) packet sniffer and generator for both standard and non standard (raw bit).
[254Star][2m] [Go] sachaos/tcpterm tcpterm is a packet visualizer in TUI.
[243Star][7m] [Py] needmorecowbell/sniff-paste Pastebin OSINT Harvester
[241Star][2m] [C] nccgroup/sniffle A sniffer for Bluetooth 5 and 4.x LE
[218Star][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- Also In Section: Tools/Bluetooth |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[213Star][2m] [C] dns-oarc/dnscap Network capture utility designed specifically for DNS traffic

MITM

[16743Star][18d] [Py] mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- Also In Section: Tools/Communication&&Proxy&&RverseProxy&&Tunnel/NoCategory |
[6294Star][12d] [Go] bettercap/bettercap The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
[2886Star][1y] [Py] byt3bl33d3r/mitmf Framework for Man-In-The-Middle attacks
[2721Star][1m] [Go] kgretzky/evilginx2 Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
- Also In Section: Tools/SET&&Phishing&&SpearPhishing/Phish |
[2480Star][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- Also In Section: Tools/AI&&MachineLearning&&DeepLearning&&NeturalNetwork/NoCategory |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[1258Star][2m] [Go] unrolled/secure HTTP middleware for Go that facilitates some quick security wins.
[1199Star][3m] [C] droe/sslsplit Transparent SSL/TLS interception
[1184Star][2m] [Py] jtesta/ssh-mitm SSH man-in-the-middle tool
[1085Star][7m] [Ruby] lionsec/xerosploit Efficient and advanced man in the middle framework
[1017Star][3m] [PowerShell] kevin-robertson/inveigh Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
[999Star][7m] [Go] justinas/nosurf CSRF protection middleware for Go.
[983Star][1y] [HTML] sensepost/mana DEPRECATED mana toolkit for wifi rogue AP attacks and MitM
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |
[977Star][30d] [Py] syss-research/seth Perform a MitM attack and extract clear text credentials from RDP connections
[568Star][11m] [HTML] r00t-3xp10it/morpheus Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)
[551Star][8m] [Py] fox-it/mitm6 pwning IPv4 via IPv6
[509Star][5m] [JS] moll/node-mitm Intercept and mock outgoing Node.js network TCP connections and HTTP requests for testing. Intercepts and gives you a Net.Socket, Http.IncomingMessage and Http.ServerResponse to test and respond with. Super useful when testing code that hits remote servers.
[432Star][1y] [JS] digitalsecurity/btlejuice BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework
[393Star][3m] [Go] cloudflare/mitmengine A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
[382Star][3m] [JS] joeferner/node-http-mitm-proxy HTTP Man In The Middle (MITM) Proxy
[379Star][1y] [JS] securing/gattacker A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
[365Star][10m] [Py] crypt0s/fakedns A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
[347Star][17d] [Py] gosecure/pyrdp RDP man-in-the-middle (mitm) and library for Python 3 with the ability to watch connections live or after the fact
[347Star][1y] [Py] quickbreach/smbetray SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
[326Star][14d] [TypeScript] shroudedcode/apk-mitm
- Also In Section: Tools/Mobile/Android |Tools/Network&&Sniff&&Mitm/NoCategory |
[294Star][1y] [Shell] cryptolok/ghostinthenet Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/NoCategory |
[225Star][8m] [Py] ivanvza/arpy Mac OSX ARP spoof (MiTM) tool that can also plug into Gource
[205Star][3m] sab0tag3d/mitm-cheatsheet All MITM attacks in one place.

PacketSniff&&Monitor

[3480Star][7m] [Go] fanpei91/torsniff torsniff - a sniffer that sniffs torrents from BitTorrent network
[2950Star][14d] [Lua] ntop/ntopng Web-based Traffic and Security Network Traffic Monitoring
[1328Star][1y] [C] gamelinux/passivedns A network sniffer that logs all DNS server replies for use in a passive DNS setup
[286Star][1m] [Shell] tehw0lf/airbash A POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing

pcap

[820Star][13d] [C++] seladb/pcapplusplus PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
[780Star][3m] [Py] srinivas11789/pcapxray A Network Forensics Tool
[459Star][30d] [C#] chmorgan/sharppcap Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
[210Star][12m] [Py] mateuszk87/pcapviz Visualize network topologies and collect graph statistics based on pcap files
[209Star][7m] [JS] dirtbags/pcapdb A Distributed, Search-Optimized Full Packet Capture System
[206Star][4m] [Py] pynetwork/pypcap pypcap - python libpcap module, forked from code.google.com/p/pypcap, now actively maintained

Hijack&&TCP/HTTP

ProtocolAnalyze&&PacketAnalyze

[1401Star][1m] [Go] skydive-project/skydive An open source real-time network topology and protocols analyzer

Password&&Credential

NoCategory

[4772Star][1m] [Py] alessandroz/lazagne Credentials recovery project
[1441Star][1y] [Py] d4vinci/cr3dov3r Know the dangers of credential reuse attacks.
[1025Star][1y] [PowerShell] danmcinerney/icebreaker Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
[891Star][16d] [C] cossacklabs/themis Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 12 platforms.
[514Star][2m] [Py] unode/firefox_decrypt Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox/Thunderbird/Seabird) profiles
[492Star][2m] [Py] byt3bl33d3r/sprayingtoolkit Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
[483Star][1y] [JS] emilbayes/secure-password Making Password storage safer for all
[442Star][1y] [Go] ncsa/ssh-auditor The best way to scan for weak ssh passwords on your network
[385Star][11m] [Shell] mthbernardes/sshlooter Script to steal passwords from ssh.
[347Star][3m] [Py] davidtavarez/pwndb Search for leaked credentials
[295Star][5m] [C#] raikia/credninja A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
[284Star][6m] [Shell] greenwolf/spray A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
[272Star][2m] [JS] kspearrin/ff-password-exporter Easily export your passwords from Firefox.
[267Star][1m] [Py] xfreed0m/rdpassspray Python3 tool to perform password spraying using RDP
[255Star][5m] [C] rub-syssec/omen OMEN: Ordered Markov ENumerator - Password Guesser
[210Star][3m] [Ruby] bdmac/strong_password Entropy-based password strength checking for Ruby and Rails.

Password

[6832Star][17d] [C] hashcat/hashcat World's fastest and most advanced password recovery utility
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/PostExp/NoCategory |
[5149Star][12m] [JS] samyk/poisontap Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
[3083Star][13d] [C] magnumripper/johntheripper This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS:
[2536Star][1m] [C] huntergregal/mimipenguin A tool to dump the login password from the current linux user
[1124Star][7m] [Py] mebus/cupp Common User Passwords Profiler (CUPP)
[859Star][4m] [Go] fireeye/gocrack GoCrack is a management frontend for password cracking tools written in Go
[843Star][2m] [Go] ukhomeoffice/repo-security-scanner CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
[628Star][1y] [Java] faizann24/wifi-bruteforcer-fsecurify Android application to brute force WiFi passwords without requiring a rooted device.
[585Star][1y] [Py] brannondorsey/passgan A Deep Learning Approach for Password Guessing (
[578Star][6m] [C] hashcat/hashcat-utils Small utilities that are useful in advanced password cracking
[574Star][3m] [Py] thewhiteh4t/pwnedornot OSINT Tool for Finding Passwords of Compromised Email Addresses
[482Star][1y] [PowerShell] dafthack/domainpasswordspray DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
[404Star][1y] [C++] vah13/extracttvpasswords tool to extract passwords from TeamViewer memory using Frida
[344Star][7m] [Py] iphelix/pack PACK (Password Analysis and Cracking Kit)
[318Star][2m] [JS] auth0/repo-supervisor Scan your code for security misconfiguration, search for passwords and secrets.
[318Star][1m] [CSS] guyoung/captfencoder CaptfEncoder是一款跨平台网络安全工具套件，提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具，并聚合各类在线工具。

Ancient

[1593Star][3m] [Py] knownsec/pocsuite This project has stopped to maintenance, please to
[1510Star][1y] dripcap/dripcap
[845Star][1y] [Py] kgretzky/evilginx PLEASE USE NEW VERSION:

Windows

[8590Star][3m] [C] gentilkiwi/mimikatz A little tool to play with Windows security
[2084Star][1m] [Py] trustedsec/unicorn Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

webshell

Collection

[21409Star][14d] [PHP] danielmiessler/seclists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- Also In Section: Tools/wordlist/Collection |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadCollection |
[5033Star][1m] [PHP] tennc/webshell This is a webshell open source project

NoCategory

[1739Star][2m] [Py] epinna/weevely3 Weaponized web shell
[956Star][1m] [Py] yzddmr6/webshell-venom 免杀webshell无限生成工具(利用随机异或无限免杀D盾)
[474Star][7m] [ASP] landgrey/webshell-detect-bypass 绕过专业工具检测的Webshell研究文章和免杀的Webshell
[421Star][1y] [Py] shmilylty/cheetah a very fast brute force webshell password tool
[411Star][1y] [PHP] ysrc/webshell-sample 收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。
[366Star][5m] [PHP] blackarch/webshells Various webshells. We accept pull requests for additions to this collection.
[351Star][7m] [PHP] s0md3v/nano Nano is a family of PHP web shells which are code golfed for stealth.
[305Star][8m] [Py] wangyihang/webshell-sniper webshell管理器，命令行工具
[282Star][1y] [JS] chrisallenlane/novahot A webshell framework for penetration testers.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/PostExp/NoCategory |
[243Star][8m] [Py] antoniococo/sharpyshell SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
[207Star][6m] [PHP] samdark/yii2-webshell Web shell allows to run yii console commands using a browser

Other

NoCategory

[25893Star][12d] [Py] certbot/certbot Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
[7594Star][17d] [JS] gchq/cyberchef The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
[4838Star][2m] [Rust] sharkdp/hexyl A command-line hex viewer
[4230Star][14d] [JS] cure53/dompurify DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
[3166Star][6m] [HTML] leizongmin/js-xss Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
[3078Star][2m] [Shell] trimstray/htrace.sh My simple Swiss Army knife for http/https troubleshooting and profiling.
[949Star][8m] [Go] maliceio/malice VirusTotal Wanna Be - Now with 100% more Hipster
[500Star][17d] [Py] certtools/intelmq IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
[464Star][4m] [JS] ehrishirajsharma/swiftnessx A cross-platform note-taking & target-tracking app for penetration testers.

TLS&&SSL&&HTTPS

[4292Star][5m] [Py] diafygi/acme-tiny A tiny script to issue and renew TLS certs from Let's Encrypt
[1663Star][2m] [HTML] chromium/badssl.com
[1177Star][2m] [Go] jsha/minica minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
[1126Star][19d] [Go] smallstep/certificates 私有的证书颁发机构（X.509和SSH）和ACME服务器，用于安全的自动证书管理，因此您可以在SSH和SSO处使用TLS
[507Star][14d] [Java] rub-nds/tls-attacker TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is developed by the Ruhr University Bochum (

IncidentResponse&&Forensics

NoCategory

IncidentResponse

[3054Star][14d] meirwah/awesome-incident-response A curated list of tools for incident response
[1801Star][4m] bypass007/emergency-response-notes 应急响应实战笔记，一个安全工程师的自我修养。
[1310Star][3m] [HTML] thehive-project/thehive TheHive: a Scalable, Open Source and Free Security Incident Response Platform
[1132Star][10m] [Py] certsocietegenerale/fir Fast Incident Response
[988Star][9m] [Go] gencebay/httplive HTTP Request & Response Service, Mock HTTP
[965Star][1m] [JS] monzo/response Monzo's real-time incident response and reporting tool
[764Star][16d] microsoft/msrc-security-research Security Research from the Microsoft Security Response Center (MSRC)
[744Star][10m] [PowerShell] davehull/kansa A Powershell incident response framework
[710Star][2m] [HTML] pagerduty/incident-response-docs PagerDuty's Incident Response Documentation.
[634Star][9m] [Roff] palantir/windows-event-forwarding A repository for using windows event forwarding for incident detection and response
[627Star][21d] [Kotlin] chuckerteam/chucker simplifies the inspection of HTTP(S) requests/responses, and Throwables fired by your Android App
[579Star][9m] [Go] nytimes/gziphandler Go middleware to gzip HTTP responses
[535Star][5m] [Py] owasp/qrljacking QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
[459Star][6m] palantir/osquery-configuration A repository for using osquery for incident detection and response
[452Star][28d] [Py] controlscanmdr/cyphon Open source incident management and response platform.
[286Star][1m] [Py] alexandreborges/malwoverview Malwoverview.py is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
[251Star][1m] [C#] orlikoski/cylr CyLR - Live Response Collection Tool
[204Star][2m] [PowerShell] wiredpulse/posh-r2 PowerShell - Rapid Response... For the incident responder in you!

Forensics

[3315Star][2m] [Py] google/grr GRR Rapid Response: remote live forensics for incident response
[1486Star][9m] [Py] google/rekall Rekall Memory Forensic Framework
[1465Star][18d] [C] sleuthkit/sleuthkit The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
[1200Star][27d] [Py] google/timesketch Collaborative forensic timeline analysis
[1152Star][2m] [Go] mozilla/mig Distributed & real time digital forensics at the speed of the cloud
[953Star][1m] [Rich Text Format] decalage2/oletools oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
[940Star][17d] [C++] hasherezade/pe-sieve Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
[909Star][2m] [Py] ondyari/faceforensics Github of the FaceForensics dataset
[826Star][12d] [Java] sleuthkit/autopsy Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
[817Star][21d] cugu/awesome-forensics A curated list of awesome forensic analysis tools and resources
[802Star][14d] [Py] yampelo/beagle Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
[744Star][19d] [Py] snovvcrash/usbrip Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
- Also In Section: Tools/Hardware&&USB&&RaspberryPi/USB |
[419Star][2m] [Py] obsidianforensics/hindsight Internet history forensics for Google Chrome/Chromium
[400Star][14d] [Py] forensicartifacts/artifacts Digital Forensics Artifact Repository
[391Star][10m] [Go] mozilla/masche MIG Memory Forensic library
[321Star][10m] [Py] alessandroz/lazagneforensic Windows passwords decryption from dump files
[317Star][3m] [HTML] intezer/linux-explorer Easy-to-use live forensics toolbox for Linux endpoints
[311Star][8m] [Py] n0fate/chainbreaker Mac OS X Keychain Forensic Tool
[301Star][2m] [Py] google/turbinia Automation and Scaling of Digital Forensics Tools
[296Star][24d] [Shell] vitaly-kamluk/bitscout Remote forensics meta tool
[268Star][12d] [Perl] owasp/o-saft O-Saft - OWASP SSL advanced forensic tool
[255Star][6m] [Batchfile] diogo-fernan/ir-rescue A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
[250Star][21d] [Py] google/docker-explorer A tool to help forensicate offline docker acquisitions
[248Star][12m] [C++] comaeio/swishdbgext Incident Response & Digital Forensics Debugging Extension
[243Star][11m] [Py] crowdstrike/forensics Scripts and code referenced in CrowdStrike blog posts
[241Star][1m] [Py] orlikoski/cdqr The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
[227Star][30d] [C] elfmaster/libelfmaster Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
[217Star][2m] [Py] crowdstrike/automactc AutoMacTC: Automated Mac Forensic Triage Collector

Volatility

[3199Star][2m] [Py] volatilityfoundation/volatility An advanced memory forensics framework
[308Star][7m] [Py] jasonstrimpel/volatility-trading A complete set of volatility estimators based on Euan Sinclair's Volatility Trading
[224Star][2m] [Py] volatilityfoundation/profiles Volatility profiles for Linux and Mac OS X
[219Star][1m] [Py] volatilityfoundation/community Volatility plugins developed and maintained by the community

Honeypot

NoCategory

[1784Star][1m] [Py] threatstream/mhn Modern Honey Network
[1259Star][21d] [C] dtag-dev-sec/tpotce tpotce：创建多蜜罐平台T-Pot ISO 镜像
[1201Star][24d] [Go] hacklcx/hfish Extend the enterprise security test open source honeypot system , Record hacker attacks. 扩展企业安全测试主动诱导型开源蜜罐框架系统，记录黑客攻击手段
[400Star][3m] [Py] nsmfoo/antivmdetection Script to create templates to use with VirtualBox to make vm detection harder
[356Star][2m] [Py] p1r06u3/opencanary_web The web management platform of honeypot
[325Star][1y] [JS] shmakov/honeypot Low interaction honeypot that displays real time attacks
[303Star][1m] [Py] hatching/vmcloak Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
[271Star][1y] [Py] gbafana25/esp8266_honeypot THE ESP8266 HONEYPOT: A PROJECT TO TRAP SCRIPT KIDDIES EVERYWHRE!!
[229Star][1y] [Shell] aplura/tango Honeypot Intelligence with Splunk
[227Star][9m] [Py] honeynet/beeswarm Honeypot deployment made easy
[219Star][1m] [Py] jamesturk/django-honeypot

Honeypot

[735Star][1m] [Py] buffer/thug Python low-interaction honeyclient
[687Star][4m] [Py] mushorg/conpot ICS/SCADA honeypot
[668Star][6m] [Go] honeytrap/honeytrap Advanced Honeypot framework.
[574Star][2m] [Py] thinkst/opencanary Modular and decentralised honeypot
[396Star][2m] [Py] mushorg/glastopf Web Application Honeypot
[379Star][3m] [Py] foospidy/honeypy A low to medium interaction honeypot.
[371Star][1m] [Py] dinotools/dionaea Home of the dionaea honeypot
[224Star][1m] [Py] johnnykv/heralding Credentials catching honeypot
[215Star][1m] [Py] mushorg/snare Super Next generation Advanced Reactive honEypot

Collection

[3708Star][1m] [Py] paralax/awesome-honeypots an awesome list of honeypot resources

SSH&&Telnet

[2906Star][18d] [Py] cowrie/cowrie Cowrie SSH/Telnet Honeypot
[272Star][27d] [C] droberson/ssh-honeypot Fake sshd that logs ip addresses, usernames, and passwords.

TCP&&UDP

HTTP&&Web

[433Star][1y] [Py] 0x4d31/honeylambda honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

ActiveDirectory

SMTP

打印机

Elasticsearch

ADB

Bluetooth

[1261Star][1m] [Py] virtualabs/btlejack Bluetooth Low Energy Swiss-army knife
[1120Star][9m] evilsocket/bleah This repository is DEPRECATED, please use bettercap as this tool has been ported to its BLE modules.
[865Star][3m] [Java] googlearchive/android-bluetoothlegatt Migrated:
[292Star][11m] [JS] jeija/bluefluff Reverse Engineering Furby Connect's Bluetooth Protocol and Update Format

Other

Wordpress

ThreatIntelligence

NoCategory

[2390Star][13d] [PHP] misp/misp MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
[1836Star][3m] [YARA] yara-rules/rules Repository of yara rules
[1246Star][15d] [Shell] firehol/blocklist-ipsets ipsets dynamically updated with firehol's update-ipsets.sh script
[826Star][19d] [YARA] neo23x0/signature-base Signature base for my scanner tools
[824Star][27d] [JS] opencti-platform/opencti Open Cyber Threat Intelligence Platform
[786Star][17d] [Py] yeti-platform/yeti Your Everyday Threat Intelligence
[715Star][24d] [C++] facebook/threatexchange Share threat information with vetted partners
[704Star][2m] [Go] activecm/rita Real Intelligence Threat Analytics
[505Star][6m] [Py] te-k/harpoon CLI tool for open source and threat intelligence
[444Star][4m] [PHP] kasperskylab/klara Kaspersky's GReAT KLara
[411Star][1m] mitre/cti Cyber Threat Intelligence Repository expressed in STIX 2.0
[407Star][3m] [Scala] thehive-project/cortex Cortex: a Powerful Observable Analysis and Active Response Engine
[374Star][7m] [Py] hurricanelabs/machinae Machinae Security Intelligence Collector
[290Star][6m] [YARA] supportintelligence/icewater 16,432 Free Yara rules created by
[253Star][2m] [Py] diogo-fernan/malsub A Python RESTful API framework for online malware analysis and threat intelligence services.
[234Star][2m] [Py] cylance/cybot Open Source Threat Intelligence Chat Bot
[231Star][1m] [Py] anouarbensaad/vulnx vulnx
[217Star][2m] [Py] inquest/threatingestor Extract and aggregate threat intelligence.
[208Star][18d] [Py] inquest/omnibus The OSINT Omnibus (beta release)
[201Star][3m] [Py] yelp/threat_intel Threat Intelligence APIs

Collection

[3117Star][5m] hslatman/awesome-threat-intelligence A curated list of Awesome Threat Intelligence resources
[1459Star][14d] [YARA] cybermonitor/apt_cybercriminal_campagin_collections APT & CyberCriminal Campaign Collection

IOC

NoCategory

[1408Star][1m] [Py] neo23x0/loki Loki - Simple IOC and Incident Response Scanner
[208Star][4m] [Shell] neo23x0/fenrir Simple Bash IOC Scanner

Collection

[405Star][8m] [Shell] sroberts/awesome-iocs A collection of sources of indicators of compromise.

IOCExtract

[212Star][23d] [Py] inquest/python-iocextract Defanged Indicator of Compromise (IOC) Extractor.

IOCCrawl

[652Star][13d] [Py] blackorbird/apt_report Interesting apt report collection and some special ioc express
[626Star][28d] [YARA] eset/malware-ioc Indicators of Compromises (IOC) of our various investigations
[418Star][1y] [JS] ciscocsirt/gosint The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
[303Star][1y] [Py] fsecurelabs/win_driver_plugin A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
[257Star][2m] [PHP] pan-unit42/iocs Indicators from Unit 42 Public Reports

Defense

NoCategory

[630Star][5m] [Py] binarydefense/artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

WAF

[3248Star][2m] [C] nbs-system/naxsi NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
[3125Star][17d] [C++] spiderlabs/modsecurity ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
[617Star][2m] [Py] 3xp10it/xwaf Automatic bypass (brute force) waf
[600Star][3m] [Lua] jx-sec/jxwaf JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的web应用防火墙
[599Star][1y] [Lua] unixhot/waf 使用Nginx+Lua实现的WAF（版本v1.0）
[543Star][7m] [Py] s0md3v/blazy Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
[500Star][1m] [Go] janusec/janusec Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing.
[462Star][7m] [Java] chengdedeng/waf
[436Star][2m] [PHP] akaunting/firewall Web Application Firewall (WAF) package for Laravel
[424Star][8m] [Py] aws-samples/aws-waf-sample This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
[406Star][1m] [C#] jbe2277/waf Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
[401Star][7m] [Py] awslabs/aws-waf-security-automations This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
[401Star][10m] [C] titansec/openwaf Web security protection system based on openresty
[243Star][1y] [Py] warflop/cloudbunny CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
[207Star][6m] [C] coolervoid/raptor_waf Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta

FireWall

[4162Star][2m] [Py] evilsocket/opensnitch OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
[3186Star][1m] [Objective-C] objective-see/lulu LuLu is the free macOS firewall
[1515Star][12d] [Java] ukanth/afwall AFWall+ (Android Firewall +) - iptables based firewall for Android
[1031Star][9m] [Shell] firehol/firehol A firewall for humans...
[817Star][4m] trimstray/iptables-essentials Iptables Essentials: Common Firewall Rules and Commands.
[545Star][6m] [Go] sysdream/chashell Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
[449Star][5m] [Shell] vincentcox/bypass-firewalls-by-dns-history Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
[232Star][4m] [Shell] essandess/macos-fortress Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
[220Star][1y] [Go] maksadbek/tcpovericmp TCP implementation over ICMP protocol to bypass firewalls

IDS&&IPS

[2874Star][27d] [Zeek] zeek/zeek Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
[2798Star][1m] [C] ossec/ossec-hids OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
[1589Star][1m] [Go] ysrc/yulong-hids 一款由 YSRC 开源的主机入侵检测系统
[1252Star][1m] [C] oisf/suricata Suricata git repository maintained by the OISF
[524Star][19d] [Py] 0kee-team/watchad AD Security Intrusion Detection System
[507Star][4m] [C] decaf-project/decaf DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
[489Star][7m] [Shell] stamusnetworks/selks A Suricata based IDS/IPS distro
[369Star][6m] jnusimba/androidsecnotes some learning notes about Android Security
[278Star][13d] [C] ebwi11/agentsmith-hids Low performance loss and by LKM technology HIDS tool, from E_Bwill.
[243Star][1y] [Perl] mrash/psad psad: Intrusion Detection and Log Analysis with iptables
[220Star][1m] [Py] secureworks/dalton Suricata and Snort IDS rule and pcap testing system

Spdier

[741Star][19d] [Py] nekmo/dirhunt Find web directories without bruteforce
- Also In Section: Tools/Scanner&&SecurityScan&&AppScan/NoCategory |

wordlist

NoCategory

[1668Star][7m] [Py] guelfoweb/knock Knock Subdomain Scan
- Also In Section: Tools/Recon&&InfoGather&&SubDomainDiscovery&&OSINT/SubDomainDiscovery |
[382Star][3m] [Ruby] digininja/cewl CeWL is a Custom Word List Generator
[328Star][4m] [Py] initstring/passphrase-wordlist Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
[251Star][1y] [Py] berzerk0/bewgor Bull's Eye Wordlist Generator - Does your password rely on predictable patterns of accessible info?

Collection

[21409Star][14d] [PHP] danielmiessler/seclists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- Also In Section: Tools/webshell/Collection |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Payload&&RAT/PayloadCollection |
[5955Star][6m] berzerk0/probable-wordlists Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

WordlistGenerate

Breach&&Leak

[1358Star][5m] gitguardian/apisecuritybestpractices Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
[885Star][21d] [Py] woj-ciech/leaklooker Find open databases - Powered by Binaryedge.io

Crack&&BruteForce

[3217Star][18d] [C] vanhauser-thc/thc-hydra hydra
[1885Star][1m] [Py] lanjelot/patator Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
[1042Star][3m] [Py] landgrey/pydictor A powerful and useful hacker dictionary builder for a brute-force attack
[875Star][2m] [Py] trustedsec/hate_crack A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
[789Star][6m] [C] brendan-rius/c-jwt-cracker JWT brute force cracker written in C
[780Star][10m] [Py] mak-/parameth This tool can be used to brute discover GET and POST parameters
[748Star][4m] [Py] s0md3v/hash-buster Crack hashes in seconds.
[679Star][7m] [Shell] 1n3/brutex Automatically brute force all services running on a target.
[625Star][2m] [JS] animir/node-rate-limiter-flexible Node.js rate limit requests by key and protection from DDoS and Brute-Force attacks in process Memory, Redis, MongoDb, Memcached, MySQL, PostgreSQL, Cluster or PM
[619Star][4m] [C#] shack2/snetcracker 超级弱口令检查工具是一款Windows平台的弱口令审计工具，支持批量多线程检查，可快速发现弱密码、弱口令账号，密码支持和用户名结合进行检查，大大提高成功率，支持自定义服务端口和字典。
[606Star][1y] [C] nfc-tools/mfoc Mifare Classic Offline Cracker
[551Star][5m] [PHP] s3inlc/hashtopolis A Hashcat wrapper for distributed hashcracking
[546Star][1y] [CSS] hashview/hashview A web front-end for password cracking and analytics
[516Star][3m] [C] nmap/ncrack Ncrack network authentication tool
[507Star][1m] [Py] pure-l0g1c/instagram Bruteforce attack for Instagram
[499Star][3m] duyetdev/bruteforce-database Bruteforce database
[487Star][1y] [C] mikeryan/crackle Crack and decrypt BLE encryption
[437Star][1y] [C] ryancdotorg/brainflayer A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
[435Star][5m] [JS] coalfire-research/npk A mostly-serverless distributed hash cracking platform
[380Star][25d] [Py] ticarpi/jwt_tool jwt_tool：测试，调整和破解JSON Web Token 的工具包
[351Star][2m] [Py] denyhosts/denyhosts Automated host blocking from SSH brute force attacks
[307Star][10m] [C] e-ago/bitcracker BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker
[287Star][11m] [Shell] cyb0r9/socialbox SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi
[265Star][11m] [C] jmk-foofus/medusa Medusa is a speedy, parallel, and modular, login brute-forcer.
[256Star][17d] [Shell] wuseman/emagnet Emagnet is a tool for find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks. Support for brute forcing spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts
[250Star][1y] [Py] avramit/instahack Instagram bruteforce tool
[246Star][6m] [Go] ropnop/kerbrute A tool to perform Kerberos pre-auth bruteforcing
[245Star][11m] [Shell] thelinuxchoice/instainsane Multi-threaded Instagram Brute Forcer (100 attemps at once)
[225Star][2m] [Py] evilmog/ntlmv1-multi NTLMv1 Multitool
[220Star][6m] [Py] blark/aiodnsbrute Python 3.5+ DNS asynchronous brute force utility
[220Star][11m] [Py] chris408/known_hosts-hashcat A guide and tool for cracking ssh known_hosts files with hashcat
[215Star][7m] [Py] paradoxis/stegcracker Steganography brute-force utility to uncover hidden data inside files
[209Star][1m] [C] hyc/fcrackzip A braindead program for cracking encrypted ZIP archives. Forked from
[203Star][3m] [Py] isaacdelly/plutus An automated bitcoin wallet collider that brute forces random wallet addresses

OSCP

[1710Star][20d] olivierlaflamme/cheatsheet-god Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet
- Also In Section: Tools/Collection/Mixed |
[756Star][1m] [HTML] rewardone/oscprepo A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
[667Star][8m] [XSLT] adon90/pentest_compilation Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
- Also In Section: Tools/Collection/NoCategory |
[375Star][10m] [Py] rustyshackleford221/oscp-prep A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
[360Star][8m] [PowerShell] ferreirasc/oscp oscp study
[289Star][14d] [PowerShell] mantvydasb/redteam-tactics-and-techniques Red Teaming Tactics and Techniques
[222Star][7m] 0x4d31/awesome-oscp A curated list of awesome OSCP resources
[210Star][1y] foobarto/redteam-notebook Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.

MitreATT&CK

[2595Star][12d] [PowerShell] redcanaryco/atomic-red-team Small and highly portable detection tests based on MITRE's ATT&CK.
[1308Star][14d] [Py] mitre/caldera An automated adversary emulation system
[557Star][5m] [HTML] nshalabi/attack-tools Utilities for MITRE™ ATT&CK
[454Star][2m] [Py] olafhartong/threathunting A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
[450Star][12m] bfuzzy/auditd-attack A Linux Auditd rule set mapped to MITRE's Attack Framework
[325Star][5m] teoseller/osquery-attck Mapping the MITRE ATT&CK Matrix with Osquery
[312Star][10m] [PowerShell] cyb3rward0g/invoke-attackapi A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
[307Star][29d] [Py] atc-project/atomic-threat-coverage Actionable analytics designed to combat threats based on MITRE's ATT&CK.

Browser

[4591Star][2m] [JS] beefproject/beef The Browser Exploitation Framework Project
[960Star][8m] [Py] selwin/python-user-agents A Python library that provides an easy way to identify devices like mobile phones, tablets and their capabilities by parsing (browser) user agent strings.
[852Star][3m] escapingbug/awesome-browser-exploit awesome list of browser exploitation tutorials
[450Star][30d] [Py] globaleaks/tor2web Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
[446Star][2m] m1ghtym0/browser-pwn An updated collection of resources targeting browser-exploitation.
[408Star][2m] [Pascal] felipedaragon/sandcat An open-source, pentest and developer-oriented web browser, using the power of Lua
[290Star][2m] xsleaks/xsleaks A collection of browser-based side channel attack vectors.
[215Star][2m] [Py] icsec/airpwn-ng airpwn-ng
[212Star][1y] [C#] djhohnstein/sharpweb .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.

Bluetooth

[218Star][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- Also In Section: Tools/Network&&Sniff&&Mitm/NoCategory |Tools/Pentest&&Offensive&&PentestFramework&&PostExp/Wireless&&WiFi&&AP&&802.11/NoCategory |

REST_API&&RESTFUL

[1220Star][8m] [Py] flipkart-incubator/astra Automated Security Testing For REST API's

Malware&&APT

[2013Star][1m] [C++] lordnoteworthy/al-khaser Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- Also In Section: Tools/Pentest&&Offensive&&PentestFramework&&PostExp/NoCategory |
[859Star][2m] aptnotes/data APTnotes data

Contribute

Contents auto exported by Our System, please raise Issue if you have any question.

Files

Readme_en.md

Latest commit

History

Readme_en.md

File metadata and controls

PenetrationTesting

Directory

Tools

RecentAdded

RecentAdded

NoCategory

AI&&MachineLearning&&DeepLearning&&NeturalNetwork

NoCategory

Collection

Collection

NoCategory

Mixed

WithoutTools

CollectionOfCollection

Book&&Tutorial&&Courses

Note&&Tips&&Tricks&&Talk&&Conference

NoCategory

blog

Mobile

NoCategory

Android

iOS&&MacOS&&iPhone&&iPad&&iWatch

CTF&&HTB

NoCategory

Collection

HTB

CTF

NoCategory

Writeup

Collection

Vulnerability&&BugHunting&&Exploit&&Fuzzing

NoCategory

Collectioin

ExploitDevelopment

NoCategory

ROP

VulnerabilityScan&&BugHunting

NoCategory

VulnerabilityScan

NoCategory

Web漏洞

系统漏洞

App漏洞

移动平台漏洞

Fuzzing

NoCategory

Collection

Fuzzer

Exploit

漏洞利用

Exp&&PoC

XSS&&XXE

Collection

NoCategory

WellKnownVulnerability&&CVE&&SpecificProduct

NoCategory

CVE

Spectre&&Meltdown

BlueKeep

Heartbleed

DirtyCow

Blueborne

CSRF

容器&&Docker

漏洞管理

漏洞数据库

CORS

漏洞分析

SpecificTarget

NoCategory

AWS

Phoenix

Kubernetes

Azure