This is your work, valued
zeno. Automatic Vulnerability Discovery
★ 39Forklift_LPE. Vulnerability Description of CVE-2020-15349
★ 10Hardening.
★ 3ktf. Kernel Test Framework
★ 155onefuzz. A self-hosted Fuzzing-As-A-Service platform
★ 2.8khotwax. Coverage-guided binary fuzzing powered by Frida Stalker
★ 185mitm_relay. Hackish way to intercept and modify non-HTTP protocols through Burp & others.
★ 629findrpc. Idapython script to carve binary for internal RPC structures
★ 238pwn_jenkins. Notes about attacking Jenkins servers
★ 2.1kccat. Cisco Config Analysis Tool
★ 472doh-client. DNS over HTTPS client
★ 103ghidra_bridge. Python 3 bridge to Ghidra's Python scripting
★ 362joshuto. ranger-like terminal file manager written in Rust
★ 3.7kPUBG-map-hack. Map hack solution for PUBG
★ 769pcileech-webradar. CS:GO DMA Cheat (caution, seems to be detected by ESEA and FaceIt)
★ 234cwe_checker. cwe_checker finds vulnerable patterns in binary executables
★ 1.3kgdbgui. Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
★ 10kvilloc. Visualization of heap operations.
★ 617misc. Miscellaneous programs/scripts to make your life a little less painful
★ 157arm_exploitation. Exploitation on ARM-based Systems (Troopers18)
★ 149protobuf-inspector. 🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
★ 1.1kstatic-arm-bins. Statically compiled ARM binaries for debugging and runtime analysis
★ 526afl-dyninst. American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
★ 75IDAGolangHelper. Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
★ 1.1kgolang_loader_assist. Making GO reversing easier in IDA Pro
★ 662awesome-frida. Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
★ 3.5ktech-interview-handbook. Curated coding interview preparation materials for busy software engineers
★ 141kBasicBlocks. Pin tool for printing the address of each basic block executed in a program.
★ 7spiderfoot. SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
★ 19klinux_kernel_cves. Tracking CVEs for the linux Kernel
★ 755domato. DOM fuzzer
★ 1.8kysoserial.net. Deserialization payload generator for a variety of .NET formatters
★ 3.8kkleefl. Seeding fuzzers with symbolic execution
★ 202cb-multios. DARPA Challenges Sets for Linux, Windows, and macOS
★ 540Exploit-Challenges. A collection of vulnerable ARM binaries for practicing exploit development
★ 952dr_checker. DR.CHECKER : A Soundy Vulnerability Detection Tool for Linux Kernel Drivers
★ 338HUNT. Python
★ 2.3kawesome-web-security. 🐶 A curated list of Web Security materials and resources.
★ 14kSwishDbgExt. Incident Response & Digital Forensics Debugging Extension
★ 398LIEF. LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
★ 5.5kpefile. pefile is a Python module to read and work with PE (Portable Executable) files
★ 2.1knetdata. The fastest path to AI-powered full stack observability, even for lean teams.
★ 80kloadlibrary. Porting Windows Dynamic Link Libraries to Linux
★ 4.5kRedTips. Red Team Tips as posted by @vysecurity on Twitter
★ 1.1krtfm. A database of common, interesting or useful commands, in one handy referable form
★ 755trolldrop. :trollface: AirDrop trollfaces to everyone.
★ 271OfficeMalware.
★ 113ssh_scan. DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)
★ 790BugId. Detect, analyze and uniquely identify crashes in Windows applications
★ 523icmpsh. Simple reverse ICMP shell
★ 1.6kpupy. Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
★ 9kEbowla. Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
★ 762the-backdoor-factory. Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
★ 3.4ksecure-ios-app-dev. Collection of the most common vulnerabilities found in iOS applications
★ 1.4kRootKits-List-Download. This is the list of all rootkits found so far on github and other sites.
★ 1.5klighthouse. A Coverage Explorer for Reverse Engineers
★ 2.6kmimipenguin. A tool to dump the login password from the current linux user
★ 4.1kgitpitch. Markdown Presentations for Tech Conferences, Training, Developer Advocates, and Educators.
★ 5.5kPentest-Scripts. Github for the scripts utilised during Penetration test
★ 238thefuck. Magnificent app which corrects your previous console command.
★ 98kHow-to-Make-a-Computer-Operating-System. How to Make a Computer Operating System in C++
★ 22kSherlock. PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
★ 2kAwesome-Hacking. A collection of various awesome lists for hackers, pentesters and security researchers
★ 116kBashBunny. Hak5 BashBunny Payloads
★ 155iaito. This project has been moved to:
★ 1.5kbinjascripts. Scripts for Binary Ninja
★ 259libc-database. Build a database of libc offsets to simplify exploitation
★ 1.9kripr. Package Binary Code as a Python class using Binary Ninja and Unicorn Engine
★ 412TriforceAFL. AFL/QEMU fuzzing with full-system emulation.
★ 644acsac-course. Python
★ 50docker-nfqueue-scapy. Docker container for intercepting packets with scapy from a netfilter queue (nfqueue)
★ 81AuthMatrix. AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
★ 648OSX-Peristant-BackDoor. Take full control of a OSX user or root account via command line.
★ 101python-fire. Python Fire is a library for automatically generating command line interfaces (CLIs) from absolutely any Python object.
★ 28kPayloadsAllTheThings. A list of useful payloads and bypass for Web Application Security and Pentest/CTF
★ 79kthe_silver_searcher. A code-searching tool similar to ack, but faster.
★ 27kinterpreter-bugs. Fuzzing results for various interpreters.
★ 82Stitch. Python Remote Administration Tool (RAT)
★ 3.6kscapy. Scapy: the Python-based interactive packet manipulation program & library.
★ 12kgo-observe. 🌌 Go-Observe: A command line Mozilla Observatory client written in Go
★ 12fido. Teaching old shellcode new tricks
★ 209SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
★ 72kbinaryninja-bookmarks. Plugin for BinaryNinja that provides bookmarking functionality
★ 21binja-retdec. Binary Ninja plugin to decompile binaries using RetDec API
★ 166OSX-KVM. Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.
★ 23knut. Nut: the development environment, containerized.
★ 259reverse-engineering. List of awesome reverse engineering resources
★ 10krr. Record and Replay Framework
★ 11ksecretgrind. Secretgrind: a Valgrind analysis tool to detect secrets in memory
★ 62Marx. Uncovering Class Hierarchies in C++ Programs
★ 128viz-js. Graphviz in your browser
★ 4.3kbackdoorme. powerful auto-backdooring utility
★ 749FLIRTDB. A community driven collection of IDA FLIRT signature files
★ 1.4kdress. add symbols back into a stripped ELF binary (~strip)
★ 176pwndbg. Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
★ 11kHEVD-Python-Solutions. Python solutions for the HackSysTeam Extreme Vulnerable Driver
★ 152magic-wormhole. get things from one computer to another, safely
★ 23kpython-asn1. Python-ASN1 is a simple ASN.1 encoder and decoder for Python 2.7 and 3.5+.
★ 110CyberChef. The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
★ 35klinux-kernel-exploitation. A collection of links related to Linux kernel security and exploitation
★ 6.5kMBE. Course materials for Modern Binary Exploitation by RPISEC
★ 6kwePWNise. WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
★ 350HexRaysPyTools. IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
★ 1.5kgattacker. A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
★ 836shelling. SHELLING - a comprehensive OS command injection payload generator
★ 445ScyllaHide. C++
★ 247Responder-Windows. Responder Windows Version Beta
★ 572keimpx. Check for valid credentials across a network over SMB
★ 268GolangSocks5Server. A simple SOCKS5 server written in Go
★ 31dirtycow.github.io. Dirty COW
★ 3.5kandroidre. Reverse engineering Android
★ 605OS-X-10.11.6-Exp-via-PEGASUS. Local privilege escalation for OS X 10.11.6 via PEGASUS
★ 151Java-Deserialization-Cheat-Sheet. The cheat sheet about Java Deserialization vulnerabilities
★ 3.2kluckystrike. A PowerShell based utility for the creation of malicious Office macro documents.
★ 1.1kPonce. IDA 2016 plugin contest winner! Symbolic Execution just one-click away!
★ 1.6kNope-Proxy. TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
★ 1.7kBloodHound-Legacy. Six Degrees of Domain Admin
★ 11kMalleable-C2-Profiles. Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
★ 1.6kResponder. Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
★ 4.9klinux-insides. A book-in-progress about the Linux kernel and its insides.
★ 33kawesome-devsecops. An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
★ 5.4kHTTP-Over-Protocol. HOP: A proxy server to enable arbitrary protocols behind an HTTP proxy
★ 169ssh-audit. SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
★ 3kApp-Payload-Injector. Script used to inject executables into OSX .app files
★ 4FuzzFlow. Python
★ 46fuzzer. A Python interface to AFL, allowing for easy injection of testcases and other functionality.
★ 645dnsteal. DNS Exfiltration tool for stealthily sending files over DNS requests.
★ 1.7kwcc. The Witchcraft Compiler Collection
★ 2kdefcon-vm. Files from my DEFCON CTF VM.
★ 273metame. metame is a metamorphic code engine for arbitrary executables
★ 603qemu-cgc. Official QEMU mirror. Please see http://wiki.qemu.org/Contribute/SubmitAPatch for how to submit changes to QEMU. Pull Requests are ignored.
★ 25afl. Unofficial American Fuzzy Lop repo
★ 25awesome-pentest. A collection of awesome penetration testing resources, tools and other shiny things
★ 27kmms. Modern Memory Safety in C/C++
★ 1.2kNodeFuzz. JavaScript
★ 124shadow. jemalloc heap exploitation framework
★ 468pokemongo-webspoof. 👾 Play Pokémon Go from your Mac
★ 2.1kMacHeap. OS X malloc introspection tool
★ 321xss-polygiots. A set of malicious payloads for XSS testing
★ 7explib2. JavaScript
★ 18PINCE. Reverse engineering tool for Linux
★ 3kssh-baseline. DevSec SSH Baseline - InSpec Profile
★ 294chef-nginx-hardening. This chef cookbook provides secure nginx configurations.
★ 49cis-docker-benchmark. CIS Docker Benchmark - InSpec Profile
★ 524ansible-mysql-hardening. This Ansible role provides security configuration for MySQL.
★ 142ansible-ssh-hardening. This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
★ 787apache-baseline. DevSec Apache Baseline - InSpec Profile
★ 39ansible-collection-hardening. This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
★ 5.4kHttpPwnly. "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
★ 138monks. Procmon alternative for Linux
★ 70HERCULES. HERCULES is a special payload generator that can bypass antivirus softwares.
★ 601pip3line. Swiss Army knife for raw bytes manipulation & interception
★ 56firminator_backend. The first open source vulnerability scanner for firmwares
★ 197binwalk. Firmware Analysis Tool
★ 14kbrowser-backdoor. BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener
★ 340OSX-Keylogger. Python keylogger designed for Mac
★ 9stuff. Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
★ 228cemu. Cheap EMUlator: lightweight multi-architecture assembly playground
★ 1kMacroShop. Collection of scripts to aid in delivering payloads via Office Macros. Most are python. See http://khr0x40sh.wordpress.com for details.
★ 409ScratchABit. Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
★ 413Firewall-Rule-Scanner. A project to traverse an archive of ip connections from a server and locate connections of the requested IPs
★ 2SMBCrunch. 3 tools that work together to simplify reconaissance of Windows File Shares
★ 171jit-spray-poc-for-ksp. C
★ 28DOMPurify. DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
★ 17kTater. Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec
★ 455bt2. Blaze Telegram Backdoor Toolkit is a post-exploitation tool that leverages the infrastructure of Telegram as a C&C
★ 206aws-cli. Universal Command Line Interface for Amazon Web Services
★ 17kaws2010. AWS Support Scripts
★ 26acme-client. secure ACME client
★ 177XssPy. XssPy - Web Application XSS Scanner
★ 842rupture. A framework for BREACH and other compression-based crypto attacks
★ 237EmPyre. A post-exploitation OS X/Linux agent written in Python 2.7
★ 872ysoserial. A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
★ 9kPrivesc. Windows batch script that finds misconfiguration issues which can lead to privilege escalation.
★ 683pulsar. Protocol Learning and Stateful Fuzzing
★ 355ctf-tools. Some setup scripts for security research tools.
★ 9.5kidaplugins-list. A list of IDA Plugins
★ 3.8kpydiff. A simple GUI for python's difflib to compare files and directories
★ 136fierce. A DNS reconnaissance tool for locating non-contiguous IP space.
★ 1.8kPHP-backdoors. A collection of PHP backdoors. For educational or testing purposes only.
★ 2.3kJavaSerialKiller. Burp extension to perform Java Deserialization Attacks
★ 218LinkLiar. :link: Link-Layer MAC spoofing GUI for macOS
★ 1.5klinux-injector. Utility for injecting executable code into a running process on x86/x64 Linux
★ 265Rshell. Working Rsh Client With Bind/Reverse Shell
★ 19PsexecSpray. Spray SMB with hashes, Then psexec
★ 32empire-web. PowerShell Empire Web Interface
★ 331certerator. A tool to generate a custom code signing certificate chain and generate instructions to sign a binary. Useful for establishing persistence on a penetration test.
★ 115Tzeentch. Android Fuzzing
★ 7routersploit. Exploitation Framework for Embedded Devices
★ 13ksamparser. A python script used to parse the SAM registry hive.
★ 78preeny. Some helpful preload libraries for pwning stuff.
★ 1.7kafl-dyninst. American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
★ 190roper. Return Oriented Programme Evolution with ROPER
★ 171IntruderPayloads. A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
★ 4kpafish. Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
★ 3.9kburp-bs. An extension for Burp Suite which provides integration with the Java BeanShell interpreter.
★ 9payloads. Git All the Payloads! A collection of web attack payloads.
★ 4kvoltron. A hacky debugger UI for hackers
★ 6.3kawesome-infosec. A curated list of awesome infosec courses and training resources.
★ 5.7kidiot. Your best is an idiot
★ 136advisories. C
★ 26ipv6tools. IPv6Tools is a robust modular framework that enables the ability to visually audit an IPv6 enabled network.
★ 126ARCANUS. ARCANUS is a customized payload generator/handler.
★ 144