This is your work, valued
feroxbuster. A fast, simple, recursive content discovery tool written in Rust.
★ 7.9kosed-scripts. bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
★ 620recon-pipeline. An automated target reconnaissance pipeline.
★ 451feroxfuzz. A structure-aware HTTP fuzzing library
★ 222fuzzing-101-solutions. Companion repository to the Fuzzing101 with LibAFL series of blog posts.
★ 170cve-2018-15473. Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
★ 115recursive-gobuster. DEPRECATED - A wrapper around gobuster that automatically scans newly discovered directories.
★ 114OSCE-exam-practice. Proof of Concept exploit scripts and fuzzing templates. Companion blog posts located at https://epi052.gitlab.io/notes-to-self/blog/2020-05-13-osce-exam-practice-part-one/
★ 65rustdsplit. At some point, I learned about a method to perform a binary search on a file in order to identify its AV signature and change it to bypass signature-based AV. The tool I used back then is gone, so I wrote this.
★ 35htb-scripts-for-retired-boxes. Just a place to share some things I've written while participating in Hack The Box.
★ 18feroxbuster-docs. MDX
★ 5CiscoNotes. Notes for Latest Cisco vulns
★ 4rust-i-choose-you-tcs-2021. Source code & slides for Rust, I choose you! A formative talk for the Rust-curious.
★ 4OSCP-Exam-Report-Template-Markdown. :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
★ 3reverse-shell-generator. Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
★ 2winget-pkgs. The Microsoft community Windows Package Manager manifest repository
★ 2LibAFL. Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
★ 1advent-of-code-2023. Rust
★ 1Fuzzing101.
★ 1lcov-to-cobertura-xml. Converts lcov output to Cobertura-compatible XML for CI
★ 1advent-of-code-2021. Solutions for AoC 2021
★ 1afl-cov. Produce code coverage results with gcov from afl-fuzz test cases
★ 1helpdesk. Python
★ 1nasmshell. shell for nasm
★ 1metasploit-framework. Metasploit Framework
★ 1slae-64-assignments. Assignments completed to garner the SLAE-64 certification. Primarily x86_64 asm, with some Python and C for good measure.
★ 1vec2text. utilities for decoding deep representations (like sentence embeddings) back to text
★ 1.1kFabric. Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
★ 43klinux-luminarium. Shell
★ 52lve. A repository of Language Model Vulnerabilities and Exposures (LVEs).
★ 113JS-Tap. JavaScript beacons and C2 to be used for XSS payload or post exploitation implants on webapp servers or desktop software to monitor users and maintain persistence. Browser extension, electron app, and node/bun app implants are included.
★ 469realm. Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
★ 629sj. A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
★ 859arsenal. Arsenal is just a quick inventory and launcher for hacking programs
★ 3.8kbpfhacks. eBPF hacks
★ 195python-best-practices-cookiecutter. Python best practices project cookiecutter 🍪
★ 706Lucid. An educational Bochs-based snapshot fuzzer project
★ 246websec-answers. Websec interview questions by tib3rius answered
★ 309qbindiff. Quarkslab Bindiffer but not only !
★ 227hw-hacking-lab. VSS Hardware Hacking Wiki and Blog Entries
★ 264spacedrive. Spacedrive is an open source cross-platform file explorer, powered by a virtual distributed filesystem written in Rust.
★ 39kghidriff. Python Command-Line Ghidra Binary Diffing Engine
★ 791heaptruffle. Mine URLs from Browser's Heap Snapshot for fun and profit
★ 65cvc5. cvc5 is an open-source automatic theorem prover for Satisfiability Modulo Theories (SMT) problems.
★ 1.3kCVE-2023-4911. CVE-2023-4911 proof of concept
★ 167AD_Miner. AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
★ 1.5ktsffs. A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
★ 330CreuSAT. CreuSAT - A formally verified SAT solver written in Rust and verified with Creusot.
★ 688CS7038-Malware-Analysis. Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
★ 1.4kpytest-textual-snapshot. Snapshot testing for Textual applications
★ 51symrustc. SymRustC is a hybrid fuzzer for Rust combining concolic execution using SymCC and fuzzing using LibAFL.
★ 11angr. A powerful and user-friendly binary analysis platform!
★ 8.9kghidralligator. C++
★ 330symsan. A LLVM Sanitizer for Symbolic Tracing
★ 235ASPFuzz. ASPFuzz: Fuzzing the AMD SP's ROM bootloader with LibAFL using QEMU full-system emulation
★ 29fuguex-core. A binary analysis framework written in Rust.
★ 21snapchange. Lightweight fuzzing of a memory snapshot using KVM
★ 467angrgdb. Use angr inside GDB. Create an angr state from the current debugger state.
★ 205ShadowClone. Unleash the power of cloud
★ 820AutoGPT. AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.
★ 185kAgentGPT. 🤖 Assemble, configure, and deploy autonomous AI Agents in your browser.
★ 36kSiMBA-. Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)
★ 110binsync. A reversing plugin for cross-decompiler collaboration, built on git.
★ 728obfuscation_detection. Binary Ninja plugin to identify obfuscated code and other interesting code constructs
★ 666rellic. Rellic produces goto-free C output from LLVM bitcode
★ 605llvm-tutor. A collection of out-of-tree LLVM passes for teaching and learning
★ 3.4kllvm-plugin-rs. Out-of-tree LLVM passes in Rust
★ 235retdec. RetDec is a retargetable machine-code decompiler based on LLVM.
★ 8.6kloki. Hardening code obfuscation against automated attacks
★ 217semgrep. Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
★ 16kHypervisor-101-in-Rust. The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
★ 1.2kcargo-machete. Remove unused Rust dependencies with this one weird trick!
★ 1.3kratatui. A Rust crate for cooking up terminal user interfaces (TUIs) 👨🍳🐀 https://ratatui.rs
★ 22kAwesome-Binary-Similarity. An awesome & curated list of binary code similarity papers
★ 611fugue-core. A binary analysis framework written in Rust.
★ 184capital. A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
★ 332icicle-emu. Core emulator components for Icicle
★ 304zerus. Lightweight tool for creating project-specific and/or general offline crates.io mirrors
★ 47spotbot. Configuration tool for spotmicro
★ 7claripy. An abstraction layer for constraint solvers.
★ 333ockam. Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
★ 4.6ktinysh. Rust
★ 13vheap. Extendable Visualization & Exploitation tool for glibc heap
★ 75remill. Library for lifting machine code to LLVM bitcode
★ 1.8kOpenBTS. GSM+GPRS Radio Access Network Node reloaded for 2024-2025 for newest UHD drivers and supporting Ubuntu 22.04 & 24.04
★ 307tinyinst-rs. Rust bindings for googleprojectzero/TinyInst
★ 25cargo-libafl. Fuzz Rust code with LibAFL
★ 60lemonade. A debugger for Linux in Rust
★ 78AFLplusplus. The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
★ 6.6kblink. tiniest x86-64-linux emulator
★ 7.6kcodon. A high-performance, zero-overhead, extensible Python compiler with built-in NumPy support
★ 17kbutterfly. LibAFL components for stateful fuzzing
★ 53metlo. Metlo is an open-source API security platform.
★ 1.8kgraudit. grep rough audit - source code auditing tool
★ 1.7kiai. Experimental one-shot benchmarking/profiling harness for Rust
★ 654vmlinux-to-elf. A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
★ 1.8keviltree. A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
★ 407memfd-exec. Execute binaries straight from memory, without touching disk, with a friendly interface!
★ 51xx. The xx file format. Turn your hex dumps into art, then into binary data.
★ 343chafa. 📺🗿 Terminal graphics for the 21st century.
★ 5kchameleon. Rust
★ 384happy-birthday. Wish your friend/loved-ones happy birthday in a nerdy way.
★ 1.5kawesome-symbolic-execution. A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
★ 1.5klightkeeper. Java
★ 75rusty_v8. Rust bindings for the V8 JavaScript engine
★ 3.9kgorilla. tool for generating wordlists or extending an existing one using mutations.
★ 389fuzzable. Framework for Automating Fuzzable Target Discovery with Static Analysis.
★ 549the-poor-mans-obfuscator. Binary & scripts associated with "The Poor Man's Obfuscator" presentation
★ 227leetcode. Leetcode solutions
★ 6.4kxnLinkFinder. A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
★ 1.6kauditd. Best Practice Auditd Configuration
★ 1.9kbinaryninja-api. Public API, examples, documentation and issues for Binary Ninja
★ 1.3kbeautify-github-profile. This repository will assist you in creating a more beautiful and appealing github profile, and you will have access to a comprehensive range of tools and tutorials for beautifying your github profile. 🪄 ⭐
★ 12kkAFL. A fuzzer for full VM kernel/driver targets
★ 2tabled. An easy to use library for pretty print tables of Rust structs and enums.
★ 2.3ktiptop. :desktop_computer: Command-line system monitoring
★ 2.1kvendor-android-cves. Collections of my POCs for android vendor CVEs
★ 287rusty-memory-loadlibrary. Load DLLs from memory with rust
★ 141rust-logo-3d.
★ 13fantoccini. A high-level API for programmatically interacting with web pages through WebDriver.
★ 2kpyafl_qemu_trace. pip-installable afl-qemu-trace python package with batteries
★ 5xpid. Linux Process Discovery. C Library, Go bindings, Runtime.
★ 223maat. Open-source symbolic execution framework: https://maat.re
★ 650furo. A clean customizable documentation theme for Sphinx
★ 3.5kgoldberg. A Rust-based obfuscation macro library!
★ 196FitM. FitM, the Fuzzer in the Middle, can fuzz client and server binaries at the same time using userspace snapshot-fuzzing and network emulation. It's fast and comparably easy to set up.
★ 293mdec. Decompilation as a Service. Explore multiple decompilers and compare their output with minimal effort. Upload binary, get decompilation.
★ 460FirmWire. FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares
★ 861Reverse-Engineering. A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
★ 14kmulticompiler. LLVM-based compiler to create artificial software diversity to protect software from code-reuse attacks.
★ 141awesome-reverse-engineering. Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
★ 5knyx-net. Python
★ 204assay. A super powered testing macro for Rust
★ 126makeit. Zero-overhead type-safe builder pattern `derive` macro for your Rust structs
★ 221httpmock. HTTP mocking library for Rust
★ 664x8. Hidden parameters discovery suite
★ 2.1kclap. A full featured, fast Command Line Argument Parser for Rust
★ 17ksystabs. Tool to produce system call tables from Linux source code.
★ 8rust-artwork. Official artwork for the Rust project.
★ 167tio. A serial device I/O tool
★ 3kshelf-loader-poc. Rust
★ 12pwninit. pwninit - automate starting binary exploit challenges
★ 1.1kSMBGhost_RCE_PoC. Python
★ 1.4kAFLTriage. Debugger-based crash triage tool
★ 145fact_extractor. Standalone Utility for FACT-like extraction
★ 90rust-raspberrypi-OS-tutorials. :books: Learn to write an embedded OS in Rust :crab:
★ 15kDevelopment_Documents. Development Documents for MTK chipsets
★ 193emba. EMBA - The firmware security analyzer
★ 3.5karm_now. arm_now is a qemu powered tool that allows instant setup of virtual machines on arm cpu, mips, powerpc, nios2, x86 and more, for reverse, exploit, fuzzing and programming purpose.
★ 888decomp2dbg. A plugin to introduce interactive symbols into your debugger from your decompiler
★ 803BinDiffHelper. Ghidra Extension to integrate BinDiff for function matching
★ 289panda-rs. Rust bindings for PANDA and libpanda
★ 24diaphora. Diaphora, the most advanced Free and Open Source program diffing tool.
★ 4.3kOffensiveRust. Rust Weaponization for Red Team Engagements.
★ 3kweggli. weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
★ 2.5kradius2. radius2 is a fast binary emulation and symbolic execution framework using radare2
★ 631objexplore. A terminal UI to inspect and explore Python objects
★ 278klask. Automatically create GUI applications from clap3 apps
★ 424Fuzzing101. An step by step fuzzing tutorial. A GitHub Security Lab initiative
★ 3.8kNotQuite0DayFriday. This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
★ 800ghidra_scripts. Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well.
★ 498IoTGoat. IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
★ 904makefiletutorial. Learn make by example
★ 5.9kIoTGoat. IoTGoat is a deliberately insecure firmware based on OpenWrt.
★ 185awesome-angr. A collection of resources/tools and analyses for the angr binary analysis framework.
★ 189routerosbackuptools. Tools to encrypt/decrypt and pack/unpack RouterOS v6.13+ backup files
★ 63cwe_checker. cwe_checker finds vulnerable patterns in binary executables
★ 1.3kqiling. A True Instrumentable Binary Emulation Framework
★ 6kvermin. Concurrently detect the minimum Python versions needed to run code
★ 522LibAFL. Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
★ 2.6klighthouse. A Coverage Explorer for Reverse Engineers
★ 2.6kautoharness. A tool that automatically creates fuzzing harnesses based on a library
★ 292textual. The lean application framework for Python. Build sophisticated user interfaces with a simple Python API. Run your apps in the terminal and a web browser.
★ 37kReddit_Sentiment_Trader. Python
★ 462one_gadget. The best tool for finding one gadget RCE in libc.so.6
★ 2.3kkiterunner. Contextual Content Discovery Tool
★ 3.2kpagebuster. PageBuster - dump all executable pages of packed processes.
★ 206metagoofil. Search Google and download specific file types
★ 573star-history. The de facto GitHub star history graph.
★ 9.3kreverse-shell-generator. Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
★ 4kzombieant. Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
★ 227bdvl. bdvl
★ 119Diamorphine. LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
★ 2.4krich. Rich is a Python library for rich text and beautiful formatting in the terminal.
★ 57klsd. The next gen ls command
★ 16kpyo3. Rust bindings for the Python interpreter
★ 16kCexigua. Linux based inter-process code injection without ptrace(2)
★ 260gorsh. A toy CTF Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
★ 87plugin-system-example. Example design of executable with `dylib`-based runtime plugin system in Rust, `libloading` used
★ 133c2rust. Migrate C code to Rust
★ 4.7kbinja-rs. Some Rust bindings for Binary Ninja
★ 31hiring-without-whiteboards. ⭐️ Companies that don't have a broken hiring process
★ 51kbackoff. Exponential backoff and retry for Rust.
★ 342crackq. CrackQ: A Python Hashcat cracking queue system
★ 942fuzzyhash-rs. Pure Rust fuzzy hash implementation
★ 23kbd-audio. 🎤⌨️ Acoustic keyboard eavesdropping
★ 9kImHex. 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
★ 54kInfosec-Deals. Ongoing Infosec Deals
★ 115jarm. Python
★ 1.3kobfuscator.
★ 4.4khow2heap. A repository for learning various heap exploitation techniques.
★ 8.7kslides. Presentations for programming courses
★ 390Ciphey. ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
★ 22kpb-jelly. A protobuf code generation framework for the Rust language developed at Dropbox.
★ 612nightmare. Python
★ 3.1keasy_rust. Rust explained using easy English
★ 8.3kjinja-template. Jinja Template - Free & commercial projects | AppSeed
★ 129recon-pipeline. An automated target reconnaissance pipeline.
★ 451BurpSuite_payloads. Payloads to be used with Burp Suite Intruder. (Originally found on swisskeyrepo-PayloadsAllTheThings)
★ 90PEzor. Open-Source Shellcode & PE Packer
★ 2.1kscripthunter. Tool to find JavaScript files on Websites
★ 529SharpCollection. Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
★ 2.9kkerberoast. Kerberoast attack -pure python-
★ 435sliver. Adversary Emulation Framework
★ 11kgitscraper. A tool which scrapes public github repositories for common naming conventions in variables, folders and files
★ 297gaussrf. Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SSRF Parameters.
★ 175TJ-JPT. This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
★ 710Gf-Patterns. GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
★ 1.4kCVE-2019-1579. Python
★ 63bounty-targets-data. This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
★ 3.8k100DaysHackerArt.
★ 55postMessage-tracker. A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
★ 1.3kcave_miner. Search for code cave in all binaries
★ 286sickle-pdk. Sickle - Payload Development Kit
★ 870CTP-OSCE. Scripts I used during CTP
★ 68boofuzz. A fork and successor of the Sulley Fuzzing Framework
★ 2.3k