This is your work, valued
fuzzable. Framework for Automating Fuzzable Target Discovery with Static Analysis.
★ 550structmap. Procedural macro crate for conversion between Rust structs and associative containers.
★ 61microkv. secure minimal key-value store
★ 43binsec. Binary (In)security tool
★ 25ward. Simple ELF runtime packer for creating self-protecting binaries
★ 21confine. Small container runtime for threat detection
★ 15sneak. A container/VM malware that finds and exploits SSRF opportunities in a compromised cloud environment
★ 9slamdunk. Cloud Storage Bucket Permissions Auditor
★ 5dotfiles. Shell
★ 1smolvm. Portable, lightweight, self-contained virtual machines.
★ 4.3kkbox. Boot a real Linux kernel as an in-process library (LKL) and route intercepted syscalls to it via seccomp
★ 92renode. Renode - Antmicro's open source simulation and virtual development framework for complex embedded systems
★ 2.6ktenrec. A headless, extendable, multi-session, IDA Pro MCP framework.
★ 178pbtk. A toolset for reverse engineering and fuzzing Protobuf-based apps
★ 1.7ksecurity-research. This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
★ 4.6kbettercap. The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
★ 20kbuttercup. Buttercup finds and patches software vulnerabilities
★ 1.6kvet. vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.
★ 1.1kexploits. C
★ 25starina. Rust
★ 431grease. CLI tool, Ghidra plug-in, and Haskell library for analyzing binaries using under-constrained symbolic execution
★ 132nerve. The Simple Agent Development Kit.
★ 1.3kECC_Attacks. Known attacks on Elliptic Curve Cryptography
★ 612multiplier. Code auditing productivity multiplier.
★ 474rtic. Real-Time Interrupt-driven Concurrency (RTIC) framework for ARM Cortex-M microcontrollers
★ 2.4kcve-rs. Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀
★ 5.4kblackmagic. In-application debugger for ARM Cortex and RISC-V processors.
★ 3.7knanoGPT. The simplest, fastest repository for training/finetuning medium-sized GPTs.
★ 61kQtRE. A Ghidra headless analyzer tailored for Qt binary analysis
★ 76tinygrad. You like pytorch? You like micrograd? You love tinygrad! ❤️
★ 33khledger. Robust, fast, intuitive plain text accounting tool with CLI, TUI and web interfaces.
★ 4.6krust-headless-chrome. A high-level API to control headless Chrome or Chromium over the DevTools Protocol. It is the Rust equivalent of Puppeteer, a Node library maintained by the Chrome DevTools team.
★ 2.9klogrotten. C
★ 206ferrocene. Source code of Ferrocene, safety-critical Rust toolchain
★ 1.6kbindiff. Quickly find differences and similarities in disassembled code
★ 3.1kSeaGOAT. local-first semantic code search engine
★ 1.3kclang-cfi-bypass-techniques. Exploitation techniques to bypass Clang CFI when applied to Chromium
★ 115zellij. A terminal workspace with batteries included
★ 34kFlask-Unsign. Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
★ 654birdcage. Cross-platform embeddable sandboxing
★ 219hydrafw. HydraBus HydraFW official firmware for open source multi-tool for anyone interested in learning/developping/debugging/hacking/Penetration Testing for basic or advanced embedded hardware
★ 443netlink. Simple netlink library for go.
★ 3.3kshiva. A custom ELF linker/loader for installing ET_REL binary patches at runtime
★ 215ocaml_intrinsics. Provides functions to invoke amd64 instructions (such as clz,popcnt,rdtsc,rdpmc) when available, or compatible software implementation on other targets.
★ 40xone. Linux kernel driver for Xbox One and Xbox Series X|S accessories
★ 2.5kouroboros. Easy self-referential struct generation for Rust.
★ 712wsrepl. WebSocket REPL for pentesters
★ 238llef. LLEF is a plugin for LLDB to make it more useful for RE and VR
★ 490opencanary. Modular and decentralised honeypot
★ 2.9kcircl. CIRCL: Cloudflare Interoperable Reusable Cryptographic Library
★ 1.7kpastis. PASTIS: Collaborative Fuzzing Framework
★ 165openplayground. An LLM playground you can run on your laptop
★ 6.4ktry. Inspect a command's effects before modifying your live system
★ 5.4kbuild-bom. Dynamically discover the commands used to create a piece of software
★ 58drgn. Programmable debugger
★ 2.1kcs. codespelunker - CLI code search tool that understands code structure and ranks results by relevance. No indexing required with CLI, TUI, MCP and HTTP support.
★ 1kvast-checker. MLIR
★ 27seninja. symbolic execution plugin for binary ninja
★ 357sasquatch. Shell
★ 562fuse-overlayfs. FUSE implementation for overlayfs
★ 672jtagulator. JTAGulator: Assisted discovery of on-chip debug interfaces
★ 793compdb. The compilation database Swiss army knife
★ 337scip. SCIP Code Intelligence Protocol
★ 686binja_coolsigmaker. a cooler signature scanning and creation library for binja
★ 81snapchange. Lightweight fuzzing of a memory snapshot using KVM
★ 467binsync. A reversing plugin for cross-decompiler collaboration, built on git.
★ 728scare. A multi-arch assembly REPL and emulator for your command line.
★ 311flowistry. Flowistry is an IDE plugin for Rust that helps you focus on relevant code.
★ 3.1kgptcommit. A git prepare-commit-msg hook for authoring commit messages with LLMs.
★ 2.4khomebridge. HomeKit support for the impatient.
★ 25kFirmAE. Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
★ 879nn-zero-to-hero. Neural Networks: Zero to Hero
★ 23kdebugger. Binary Ninja debugger
★ 322SockFuzzer. C
★ 450QBDI. A Dynamic Binary Instrumentation framework based on LLVM.
★ 1.8kFUGIO. FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
★ 99ronin. Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories.
★ 751vast. VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.
★ 444carbonyl. Chromium running inside your terminal
★ 19kcxx. Safe interop between Rust and C++
★ 6.8kuncover. Quickly discover exposed hosts on the internet using multiple search engines.
★ 3kpyhidra. Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
★ 211goomba. gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions
★ 678divergent-representations. CodeQL and Binary Ninja scripts to accompany the blog post
★ 11fdupes. FDUPES is a program for identifying or deleting duplicate files residing within specified directories.
★ 3kSilhouette. Keep it secret, keep it safe
★ 77hound. Lightning fast code searching made easy
★ 5.9kMacDirtyCowDemo. Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
★ 411php_filter_chain_generator. Python
★ 1.1ktlspuffin. A Dolev-Yao-model-guided fuzzer for TLS
★ 160timevault. A dead man's switch for full but responsible disclosure of vulnerabilities
★ 66git-hound. Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
★ 1.4ksynchrony. javascript-obfuscator cleaner & deobfuscator
★ 1.2kz-tokens. z-tokens -- random tokens generation and related tools
★ 81fuzz-introspector. Fuzz Introspector -- introspect, extend and optimise fuzzers
★ 461BugChecker. SoftICE-like kernel debugger for Windows 11
★ 1kcargo-sandbox. Rust
★ 114hyperscan. High-performance regular expression matching library
★ 5.4kmodreveal. Utility to find hidden Linux kernel modules
★ 148WDBFontOverwrite. Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
★ 891binaryninja-openai. Integrates OpenAI with BinaryNinja via a plugin.
★ 77goldberg. A Rust-based obfuscation macro library!
★ 196elegant-bouncer. ELEGANTBOUNCER is a detection tool for file-based mobile exploits.
★ 176bypass-sentry-safe. C++
★ 600RebirthGuard. Anti-cheat library for Windows C++
★ 503idahunt. idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
★ 393Exploit-Development. Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
★ 236comprehensive-rust. This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.
★ 33ksnuffleupagus. Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
★ 836rbndr. Simple DNS Rebinding Service
★ 751osv-scanner. Vulnerability scanner written in Go which uses the data provided by https://osv.dev
★ 11kawesome-websocket-security. Awesome information for WebSockets security research
★ 309STEWS. A Security Tool for Enumerating WebSockets
★ 376websocat. Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
★ 8.6krsyscall. Process-independent interface to Linux system calls
★ 95blink. tiniest x86-64-linux emulator
★ 7.6kDOMPurify. DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
★ 17kexploits. Python
★ 268refinery. High Octane Triage Analysis
★ 859asm2vec. An unofficial implementation of asm2vec as a standalone python package
★ 172ultimate-writer. Open Digital Typewriter
★ 329Gepetto. IDA plugin which queries language models to speed up reverse-engineering
★ 3.4kfwanalyzer. a tool to analyze filesystem images for security
★ 516buck2. Build system, successor to Buck
★ 4.4ktandem. A maliciously secure two-party computation engine which is embeddable and accessible
★ 188ocamlbyexample. Learn Ocaml by reading code examples
★ 76Stockfish. A free and strong UCI chess engine
★ 16kpolytracker. An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
★ 592vagrant-qemu. Use Vagrant to manage machines using QEMU. Test with Apple Silicon / M1 and CentOS aarch64 image
★ 504Proxyman. The best-in-class HTTP Debugger for macOS. Capture HTTP/HTTPS from macOS, iOS, Android with a few clicks ✅
★ 6.9krecollapse. REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
★ 1.4ksniffnet. Comfortably monitor your Internet traffic 🕵️♂️
★ 40kUnwinder. Call stack spoofing for Rust
★ 380guard. Guard is a command line tool to easily handle events on file system modifications.
★ 6.5kfirmadyne. Platform for emulation and dynamic analysis of Linux-based firmware
★ 2.1kguarddog. :snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
★ 1.2kvmprotect_binja_plugin. Binary Ninja plugin for automating VMProtect analysis
★ 63codeql-action. Actions for running CodeQL analysis
★ 1.6khyperpom. AArch64 fuzzer based on the Apple Silicon hypervisor
★ 200Starlink-FI. HTML
★ 1kwInd3x. iPod Classic and Nano 3/4/5G bootrom exploit
★ 291katana. A next-generation crawling and spidering framework.
★ 17kgrace. :screwdriver: It's strace, with colours.
★ 285machine_learning_security. Source code about machine learning and security.
★ 2.1kAwesome_Malware_Techniques. This is a repository of resource about Malware techniques
★ 858spyne. A transport agnostic sync/async RPC library that focuses on exposing services with a well-defined API using popular protocols.
★ 1.1kawesome-rust-security. Curated list of awesome projects and resources related to Rust and computer security
★ 593enf-matching. Date a recording using background electrical noise
★ 97Iroh. Dynamic code analysis tool - Exploit, record and analyze running JavaScript
★ 929SymbolicTriagePost. Supporting Materials for “Symbolic Triage” blog post
★ 24o-mvll. :electron: O-MVLL is a code obfuscation tool based on LLVM for native code (Android and iOS).
★ 1.1ktrojan-source. Trojan Source: Invisible Vulnerabilities
★ 1.3ksaml-attack-surface.
★ 30REpsych. Psychological warfare in reverse engineering
★ 1kelvm. EsoLangVM Compiler Infrastructure
★ 1.3kArtfuscator. A C compiler targeting an artistically pleasing nightmare for reverse engineers
★ 1.1krcgen. Generate X.509 certificates, CSRs
★ 493awesome-zero-knowledge-proofs. A curated list of awesome things related to learning Zero-Knowledge Proofs (ZKP).
★ 5.8kEdXposed. Elder driver Xposed Framework.
★ 5.7krewind. Snapshot-based coverage-guided windows kernel fuzzer
★ 324arbiter. Python
★ 239akamai-security-research. This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
★ 536requests-racer. Small Python library that makes it easy to exploit race conditions in web apps with Requests.
★ 163gef. GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
★ 8.3kpsalm. A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications
★ 5.9kHavoc. The Havoc Framework
★ 8.5ksteamdeck-emulation. 🎮 Guide to play emulated games on Steam Deck
★ 675Mussels. Python
★ 58turbinia. Automation and Scaling of Digital Forensics Tools
★ 790yori. Yori is a CMD replacement shell that supports backquotes, job control, and improves tab completion, file matching, aliases, command history, and more.
★ 1.3kawesome-elf.
★ 692octosuite. Terminal-based toolkit for GitHub data analysis.
★ 1.9kCronos. PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
★ 622binaryninja-api. Public API, examples, documentation and issues for Binary Ninja
★ 1.3ksynapse. Synapse: Matrix homeserver written in Python/Twisted.
★ 12ksymboliclink-testing-tools. C++
★ 859like-dbg. Fully dockerized Linux kernel debugging environment
★ 769werdlists. :keyboard: Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
★ 364out-of-tree. out-of-tree kernel {module, exploit} development tool
★ 231exrop. Automatic ROPChain Generation
★ 308drltrace. Drltrace is a library calls tracer for Windows and Linux applications.
★ 416martian. Martian is a library for building custom HTTP/S proxies
★ 2kwhisper. Robust Speech Recognition via Large-Scale Weak Supervision
★ 105kadvmlthreatmatrix. Adversarial Threat Landscape for AI Systems
★ 1.1krisk-explorer-for-software-supply-chains. A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and other resources. The taxonomy as well as related safeguards can be explored using an interactive visualization tool.
★ 82advisories. SSD Secure Disclosure Advisories
★ 171cloud-security-vulnerabilities. List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc
★ 373BGGP. Binary Golf Grand Prix
★ 115ast-grep. ⚡A CLI tool for code structural search, lint and rewriting. Written in Rust
★ 15kdacquiri. A strong, compile-time enforced authorization framework for rust applications.
★ 356EvilURL. Generate unicode domains for IDN Homograph Attack and detect them.
★ 1.3kCVE-2020-10665. POC for CVE-2020-10665 Docker Desktop Local Privilege Escalation
★ 53chromium. The official GitHub mirror of the Chromium source
★ 24kcertificate-transparency-go. Auditing for TLS certificates (Go code)
★ 1.1kpe-bear. Portable Executable reversing tool with a friendly GUI
★ 3.7kvirtual-fido. A Virtual FIDO2 USB Device
★ 1.4kVulnerability-Disclosures. C++
★ 219vheap. Extendable Visualization & Exploitation tool for glibc heap
★ 75flipperzero-firmware. Flipper Zero firmware source code
★ 16ktactical-exploitation. Modern tactical exploitation toolkit.
★ 866exploits. A handy collection of my public exploits, all in one place.
★ 676semgrep-rules. A collection of my Semgrep rules to facilitate vulnerability research.
★ 828voltron. A hacky debugger UI for hackers
★ 6.3kRed-Baron. Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
★ 927java-deserialization-exploits. A collection of curated Java Deserialization Exploits
★ 594CVE-2022-30075. Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075)
★ 236phishing_catcher. Phishing catcher using Certstream
★ 1.8kdisposable-email-domains. a list of disposable email domains
★ 5.3ktop-10-cicd-security-risks.
★ 428