A curated list of my GitHub stars! Generated by starred
- AGS Script
- ASP
- ActionScript
- ApacheConf
- AppleScript
- Arduino
- Assembly
- AutoHotkey
- AutoIt
- Awk
- Batchfile
- BitBake
- BlitzBasic
- Boo
- Bro
- C
- C#
- C++
- CMake
- CSS
- Clojure
- CoffeeScript
- Common Lisp
- Cython
- D
- DIGITAL Command Language
- Dart
- Dockerfile
- Eagle
- Elixir
- Emacs Lisp
- Erlang
- F#
- GLSL
- Gherkin
- Go
- Groff
- Groovy
- HCL
- HTML
- Hack
- Handlebars
- Haskell
- Inno Setup
- Java
- JavaScript
- Jinja
- Jsonnet
- Julia
- Jupyter Notebook
- KiCad
- Kotlin
- Less
- Logos
- Lua
- M4
- Makefile
- Markdown
- Matlab
- Max
- Mustache
- NSIS
- Nginx
- Nim
- Nunjucks
- OCaml
- Objective-C
- Objective-C++
- Open Policy Agent
- OpenEdge ABL
- OpenSCAD
- Others
- PHP
- PLSQL
- Pascal
- Pawn
- Perl
- Perl6
- PostScript
- PowerShell
- Processing
- Prolog
- Propeller Spin
- Pug
- Puppet
- PureBasic
- Python
- R
- Rich Text Format
- Roff
- Ruby
- Rust
- SCSS
- SaltStack
- Scala
- Scheme
- Scilab
- Shell
- Smali
- Smalltalk
- Smarty
- Standard ML
- Starlark
- Svelte
- Swift
- TSQL
- Tcl
- TeX
- TypeScript
- VBA
- VBScript
- VCL
- VHDL
- Vala
- Verilog
- Vim script
- VimL
- Visual Basic
- Visual Basic .NET
- Vue
- WebAssembly
- XML
- XSLT
- YAML
- YARA
- Zeek
- Zig
- walidshaari/Certified-Kubernetes-Security-Specialist - Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
- misterch0c/APT34 - APT34/OILRIG leak
- jakobadam/RDSFactor - Two-factor authentication for Windows Remote Desktop Services (RDS)
- JackStouffer/Violent-Python - Code that I adapted from the "Violent Python" book
- NetSPI/cmdsql -
- cure53/Flashbang - Project "Flashbang" - An open-source Flash-security helper
- InQuest/malware-samples - A collection of malware samples and relevant dissection information, most probably referenced from http:https://blog.inquest.net
- sethsec/crossdomain-exploitation-framework - Everything you need to exploit overly permissive crossdomain.xml files
- apenwarr/flashlight-vnc - A VNC viewer for Adobe Flash - forked from the official non-git version.
- micahflee/fixubuntu - fixubuntu.com
- denibertovic/logstash-dockerfile - Dockerfile for building Logstash
- adriannier/tunnel - AppleScript applet to open SSH tunnels
- ticky/bonjour-browser-patcher - 🌎 Update Bonjour Browser with new services
- franzheidl/alfred-workflows - Workflows for Alfred
- benb116/Gone-Phishing - A phishing attack for Macs that copies the victim's password and keychain to the Public folder.
- dataduke/mac-taskpaper - TaskPaper for Mac - Themes and Settings
- Seytonic/Duckduino-microSD - Interpreter that runs on an arduino, decodes and executes ducky script on a microSD card.
- trandi/esp32-thermal_printer - Hack an Epson TM-T88 thermal printer (the ones that print receipts in a supermarket till) and remotely control it through a WiFi enabled ESP32
- valkyrix/Mimiduino - Executes mimikatz locally from a portable arduino and email yourself the report via smtp. Optimised for Windows 10.
- screetsec/Pateensy - Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy
- psuedoelastic/Pateensy - Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy
- Ozuru/Paensy - An attacker-oriented library for the Teensy 3.1 microcontroller.
- samyk/usbdriveby - USBdriveby exploits the trust of USB devices by emulating an HID keyboard and mouse, installing a cross-platform firewall-evading backdoor, and rerouting DNS within seconds of plugging it in.
- evilbluechickens/rapiro-orig - random files for rapiro
- ForensicTools/DigiForensics-464_2131-Coffie - USB tool for memory imaging
- CCoffie/DigiForensics - USB tool for memory imaging
- klezVirus/inceptor - Template-Driven AV/EDR Evasion Framework
- jthuraisamy/SysWhispers2 - AV/EDR evasion via direct system calls.
- vxunderground/MalwareSourceCode - Collection of malware source code for a variety of platforms in an array of different programming languages.
- antonioCoco/Mapping-Injection - Just another Windows Process Injection
- jthuraisamy/SysWhispers - AV/EDR evasion via direct system calls.
- 86hh/DreamLoader - Simple 32/64-bit PEs loader.
- 0xAX/asm - Learning assembly for linux-x64
- hasherezade/pe_to_shellcode - Converts PE into a shellcode
- clubjk/SLAE32 - Exam scripts
- abatchy17/SLAE - Example ASM code following SLAE course and exam assignments.
- vergl4s/pentesting-dump - Scripts, tools, and proof-of-concepts to aid in a penetration test.
- xillwillx/Mini_Reverse_Shell - Shovels a shell back to you on a specified port
- xillwillx/Mini_Bind_Shell - a CMD shell in masm that listens on port 8080
- ilovepp/firminsight - Automatic collect firmwares from internet,decompress,find binary code,extract info,file relation and function relation
- sgayou/kindle-5.6.5-jailbreak - Kindle 5.6.5 exploitation tools.
- mewmew/dissection - The dissection of a simple "hello world" ELF binary.
- reider-roque/reed - Reverse Engineering and Exploit Development stuff
- Th4nat0s/No_Sandboxes - Test suite for bypassing Malware sandboxes.
- dspinellis/unix-history-repo - Continuous Unix commit history from 1970 until today
- xorpd/asm_prog_ex - Exercises for Assembly language course
- gdbinit/mpress_dumper - MPRESS dumper for OS X
- edix/LoadDll - Better version of RunDll with GUI. This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry Point call (DllMain) or if you want to call directly an exported function of the DLL.
- pooler/cpuminer - CPU miner for Litecoin and Bitcoin
- osirislab/Shellcode -
- m0nad/Assembly - Assembly/Shellcode
- geyslan/SLAE - SLAE Assignments
- mubix/evilmaid_chkdsk - An bootable 'evil maid' tool that pretends to be Windows CHKDSK
- alexwebr/evilmaid_chkdsk - An bootable 'evil maid' tool that pretends to be Windows CHKDSK
- sch3m4/0xb4ckd00r - Backdoor for Windows systems (client and server) writen in C (client) and ASM (server) using reverse connection
- sch3m4/USBDASM - Dumps the whole content of all usb storage devices connected to the system
- hammackj/shellcode - Various Shellcode
- DannyBen/Gridy - Snap Windows to Grid
- AJMartel/IRTriage - Incident Response Triage - Windows Evidence Collection for Forensic Analysis
- jschicht/UsnJrnl2Csv - Parser for $UsnJrnl on NTFS
- Bioruebe/UniExtract2 - Universal Extractor 2 is a tool to extract files from any type of archive or installer.
- acalcutt/Vistumbler - A wireless network scanner written in AutoIT for Windows 10, 8, 7, and vista. VistumblerMDB is the current version of Vistumbler.
- bhdresh/taskhash - This tool is developed to assist forensic investigators and auditors to remotely collect the md5sum of running processes on the target windows machine.
- zackz/PuTTYAssist - PuTTY auxiliary tools
- jschicht/RawCopy - Commandline low level file extractor for NTFS
- jschicht/RunAsTI - Launch processes with TrustedInstaller privilege
- jschicht/Mft2Csv - Extract $MFT record info and log it to a csv file.
- jschicht/ExtractUsnJrnl - Tool to extract the $UsnJrnl from an NTFS volume
- vboxme/Portable-VirtualBox - Portable-VirtualBox is a free and open source software tool that lets you run any operating system from a usb stick without separate installation.
- d3sre/Understanding_the_NDIS_6_stack - Public documents about bachelor thesis "Reverse Engineering Analysis of the NDIS 6.* stack"
- nuex/zodiac - A static website generator written in awk and sh.
- abbodi1406/offlineinsiderenroll - OfflineInsiderEnroll - A script to enable access to the Windows Insider Program on machines not signed in with Microsoft Account
- AveYo/MediaCreationTool.bat - Universal MCT wrapper script for all Windows 10/11 versions from 1507 to 21H2!
- swagkarna/Defeat-Defender-V1.2 - Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
- ninhpn1337/Disable-Windows-Defender - Disable Windows Defender All Version
- abbodi1406/BatUtil - Collection of batch scripts utilities for Windows
- massgravel/Microsoft-Activation-Scripts - A collection of scripts for activating Microsoft products using HWID / KMS38 / Online KMS activation methods with a focus on open-source code, less antivirus detection and user-friendliness.
- DesktopECHO/xWSL - Script to install Ubuntu 20.04 / XFCE 4.16 desktop environment on WSL. Does not require hypervisor, container, or X11 server.
- sailay1996/SECOMN_EoP - Sound Research SECOMN service Privilege Escalation (windows 10)
- gobiasinfosec/Some-Tools - A collection of tools
- so87/CISSP-Study-Guide - study material used for the 2018 CISSP exam
- warengonzaga/wifi-passview - An open source batch script based WiFi Passview for Windows!
- sailay1996/amd_eop_poc - CVE-2020-8950 AMD User Experience Program Launcher from Radeon Software Privilege Escalation ( FileWrite eop)
- yasser-alghamdi/winterfell-collection - Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and threat hunting activities.
- NextronSystems/APTSimulator - A toolset to make a system look as if it was the victim of an APT attack
- N7WEra/SharpAllTheThings - The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
- gladiatx0r/Powerless - Windows privilege escalation (enumeration) script designed with OSCP labs (legacy Windows) in mind
- bitsadmin/winconfig - Windows productivity tweaks
- sagishahar/lpeworkshop - Windows / Linux Local Privilege Escalation Workshop
- CHEF-KOCH/Windows-ISO-to-LTSC-converter - Windows ISO to LTSC converter
- sindresorhus/win-clipboard - Access the Windows clipboard (copy/paste)
- CHEF-KOCH/KMS-activator - Windows activation research project.
- op7ic/EDR-Testing-Script - Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
- MaxySpark/Docker-Windows-10-Home - Docker Install in Windows 10 Home, Windows 10 Home Single Language
- esc0rtd3w/portable-cleaning-lab - Portable Cleaning Lab (PCL) Scripting and Utilities For A Completely Portable Malware Removal Experience
- tmacgbay/Graylog-AD-beats - Graylog AD Monitoring - beats
- b4rtik/HiddenPowerShellDll -
- mdsecactivebreach/SharpPack - An Insider Threat Toolkit
- sagishahar-zz/lpeworkshop - Windows / Linux Local Privilege Escalation Workshop
- 3gstudent/CLR-Injection - Use CLR to inject all the .NET apps
- aghorler/Windows-10-Hardening - An admittedly frivolous (and infrequently updated) attempt to harden Windows 10.
- btdig/dhtcrawler2 - dhtcrawler is a DHT crawler written in erlang. It can join a DHT network and crawl many P2P torrents. The program save all torrent info into database and provide an http interface to search a torrent by a keyword
- cudeso/security-screening - Security screening scripts
- frizb/Windows-Privilege-Escalation - Windows Privilege Escalation Techniques and Scripts
- swelcher/Security-Automation -
- huntresslabs/evading-autoruns - Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)
- TmmmmmR/WinEnum - Toolkit to detected abnormal activities on a Windows machine.
- mdsecactivebreach/RDPInception - A proof of concept for the RDP Inception Attack
- dnlongen/KillSMBv1 - Disable client- and server-side SMB version 1
- yizhimanpadewoniu/ms17-010-Close_Port - close_port
- mgeeky/LISET - Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident response (either forensic or malware oriented).
- jakobadam/packer-qemu-templates - Packer qemu templates
- ion-storm/sysmon-config - Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
- nguyentumine/AIO-Boot - AIO Boot is an All-in-One bootable software for USB and HDD. Is one of the best Multiboot USB Creator for Windows.
- roothaxor/Windows - Windows System Treasure
- brianwrf/WinSystemHelper - A tool that checks and downloads scripts that will aid with privilege escalation on a Windows system.
- CHEF-KOCH/regtweaks - Registry Tweaks for Windows.
- jbarcia/PCI-Audit-Script -
- cornerpirate/ReportCompiler - A tool for importing vulnerability scanner data and then allowing you to manipulate the risks, affected hosts, and create risk ordered output.
- bartblaze/Disable-Intel-AMT - Tool to disable Intel AMT on Windows
- knightmare2600/ShadowBrokers - Guides, Tools, Tips and such for working with the Shadow Brokers dumps
- FadeMind/hosts.extras - Extra rules for StevenBlack's hosts project [ https://git.io/Je0XR ] See also hosts.whitelists [ https://git.io/J3bdI ]
- xillwillx/MiniReverse_Shell_With_Parameters - Reverse to use in a batfile which can call the ip and ports from itself
- tresacton/PasswordStealer - USB / CD / DVD autorun password stealer
- diogo-fernan/ir-rescue - A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
- alwsl/alwsl - Install archlinux as the WSL (Windows Subsystem for Linux) host.
- securesean/Shim-Process-Scanner-Lite - A simple Batch script that prints the processes which contain shimming Dll's
- azmatt/windowsEnum - Batch file to help automate Windows enumeration for privilege escalation
- tylerapplebaum/NetDiagBatch -
- WindowsLies/BlockWindows - Stop Windows 10 Nagging and Spying. Works with Win7-10
- Explorer09/usb_vaccine - (Moved to https://gitlab.com/Explorer09/usb_vaccine) USB malware immunity script and hidden files revealer.
- bmrf/tron - Tron
- bmrf/standalone_scripts - Various standalone scripts
- AbinashBishoyi/WhatsApp-Key-DB-Extractor-UnOfficial - WhatsApp Key/DB Extractor [UnOfficial]
- nullbind/Other-Projects - This project is just a dumping ground for random scripts I've developed.
- ioerror/duraconf - duraconf - A collection of hardened configuration files for SSL/TLS services
- realpython/python-guide - Python best practices guidebook, written for humans.
- xer0days/BugBounty - Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...
- 1N3/IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
- byt3bl33d3r/SILENTTRINITY - An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
- evoxco/bro-file-extraction - Convenience wrapper for extracting files in bro
- corelight/http-stalling-detector - Detect HTTP stalling attacks like slowloris with Bro
- evernote/bro-scripts - Bro scripts developed by the Evernote security team.
- LiamRandall/novaha-bro-training - novaha-bro-training
- LiamRandall/BroTraining-2013-12 -
- aboutsecurity/Bro-samples - Network Forensics Bro scripts & pcap samples
- john-babio/bro-intel-scripts - Bro network security monitor intelligence framework scripts
- justbeck/bro-xorpe - Bro IDS script to detect XOR'd binaries
- sethhall/bro-apt1 - This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.
- sooshie/bro-scripts - Various Bro scripts
- stephane-chazelas/bro-skype-fake-https-detect - Bro IDS extension to detect Skype's fake HTTPS traffic and mark it as such in conn.log
- lruppert/bro-tor - Assorted scripts to make life easier for people with Tor users/servers on their network
- jonschipp/bro-scripts - A collection of Bro scripts I've written
- thorkill/bro-scripts - Experimental bro-scripts
- punkrokk/bro-lessons - Bro Lessons by JP Bourget
- mavam/brospects - Experimental Bro scripts with good prospects for the official bro-scripts repository.
- grigorescu/bro-scripts - Contributed Bro Scripts
- srunnels/broselytize - Bro scripts from RyeSecurity blog and other fun things to do with Bro!
- kevinwilcox/bro-sccrew - Bro module for the compromise indicators provided by Symantec in their Comment Crew report
- doppiosecurity/bro_scripts -
- jsiwek/bro_vetting - Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.
- sheharbano/BotFlex - BotFlex is an open source tool or bot detection and analysis
- JustinAzoff/bro_scripts - Analysis scripts for the Bro Intrusion Detection System
- sethhall/bro-securityonion - Bro Scripts for SecurityOnion
- LiamRandall/BroMalware-Exercise -
- LiamRandall/bro-scripts - Bro scripts to be shared with the community
- sethhall/bro-scripts - Various Bro scripts
- git/git - Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
- antonioCoco/MalSeclogon - A little tool to play with the Seclogon service
- woju/make_ext4fs - make_ext4fs from OpenWRT
- anthemtotheego/CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
- ventoy/Ventoy - A new bootable USB solution.
- Velocidex/WinPmem - The multi-platform memory acquisition tool.
- goldendict/goldendict - A feature-rich dictionary lookup program, supporting multiple dictionary formats (StarDict/Babylon/Lingvo/Dictd) and online dictionaries, featuring perfect article rendering with the complete markup, illustrations and other content retained, and allowing you to type in words without any accents or correct case.
- boku7/Nobelium-PdfDLRunAesShellcode - A recreation of the "Nobelium" malware based on Microsofts Malware analysis - Part 1: PDF2Pwn
- keiji0/canything - CUIでEmacs anythingを使うコマンド
- arizvisa/windows-binary-tools - Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them should be moved or re-moved.
- itm4n/PPLdump - Dump the memory of a PPL with a userland exploit
- jsecu/CredManBOF -
- Mr-Un1k0d3r/EDRs -
- ADD-SP/ngx_waf - Handy, High performance, ModSecurity compatible Nginx firewall module & 方便、高性能、兼容 ModSecurity 的 Nginx 防火墙模块
- antonioCoco/RemotePotato0 - Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.
- Leask/Mac-OS-X-Internals - Mac OS X Internals - Amit Singh ( from http:https://osxbook.com )
- hackerschoice/gsocket - Connect like there is no firewall. Securely.
- center-for-threat-informed-defense/adversary_emulation_library - An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
- xforcered/CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
- wheybags/wcp -
- uf0o/rootkit-arsenal-guacamole - An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples
- vxunderground/VX-API - Collection of various WINAPI tricks / features used or abused by Malware
- outflanknl/Ps-Tools - Ps-Tools, an advanced process monitoring toolkit for offensive operations
- ducatinat/tehm -
- maaaaz/mimicertz - A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
- Mr-Un1k0d3r/RedTeamCCode - Red Team C code repo
- ajpc500/BOFs - Collection of Beacon Object Files
- sandboxie-plus/Sandboxie - Sandboxie - Open Source
- nsacyber/Driver-Collider - Blocks drivers from loading by using a name collision technique. #nsacyber
- mintty/wsltty - Mintty as a terminal for Bash on Ubuntu on Windows / WSL
- byt3bl33d3r/BOF-Nim - Cobalt Strike BOF Files with Nim!
- connormcgarr/cThreadHijack - Beacon Object File (BOF) for remote process injection via thread hijacking
- phra/PEzor - Open-Source Shellcode & PE Packer
- DownWithUp/CallMon - CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
- ssdeep-project/ssdeep - Fuzzy hashing API and fuzzy hashing tool
- ifding/iot-malware - Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code
- ant4g0nist/Vulnerable-Kext - A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
- mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
- brannondorsey/naive-hashcat - Crack password hashes without the fuss 🐈
- slaeryan/DetectCobaltStomp - Detects Module Stomping as implemented by Cobalt Strike
- NanXiao/tcpbench - Porting OpenBSD tcpbench into Linux.
- izabera/pm-tools - process management tools
- giuseppe/crun - A fast and lightweight fully featured OCI runtime and C library for running containers
- CoolerVoid/HiddenWall - Tool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, firewall functions)
- einyx/beehive - Very much a WIP - A complete refactor of Tpot-CE - A full stack honeypot ecoystem running on k8s
- kubernetes-sigs/security-profiles-operator - The Kubernetes Security Profiles Operator
- JemmyLoveJenny/HookSigntool -
- Markus-Go/bonesi - BoNeSi - the DDoS Botnet Simulator
- nil0x42/duplicut - Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
- bhassani/EternalBlueC - EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader
- igraph/igraph - Library for the analysis of networks
- blackarrowsec/redteam-research - Collection of PoC and offensive techniques used by the BlackArrow Red Team
- Mr-Un1k0d3r/SCShell - Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
- outflanknl/TamperETW - PoC to demonstrate how CLR ETW events can be tampered.
- ph4ntonn/Impost3r - 👻Impost3r -- A linux password thief
- sailay1996/Life-long-Learner - Personal Notes About Everything.
- sailay1996/magnifier0day - Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking
- sailay1996/RpcSsImpersonator - Privilege Escalation Via RpcSs svc
- sailay1996/delete2SYSTEM - Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
- rxwx/spoolsystem - Print Spooler Named Pipe Impersonation for Cobalt Strike
- nccgroup/nccfsas - Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
- trustedsec/CS-Situational-Awareness-BOF - Situational Awareness commands implemented using Beacon Object Files
- FSecureLABS/Ninjasploit - A meterpreter extension for applying hooks to avoid windows defender memory scans
- quarkslab/binbloom - Raw binary firmware analysis software
- spieglt/whatfiles - Log what files are accessed by any Linux process
- vusec/ridl - RIDL test suite and exploits
- inforion/kopycat - Kopycat is an emulator of hardware platforms of various architectures
- bats3c/shad0w - A post exploitation framework designed to operate covertly on heavily monitored environments
- synackpse/tls-fingerprinting - TLS Fingerprinting
- mubix/FakeNetBIOS - See here:
- mridgers/clink - Bash's powerful command line editing in cmd.exe
- Cr4sh/s6_pcie_microblaze - PCI Express DIY hacking toolkit for Xilinx SP605
- zhovner/OneFileLinux - Live linux distro combined in one ~20MB file. Runs on any UEFI computer.
- libimobiledevice/libimobiledevice - A cross-platform protocol library to communicate with iOS devices
- ionescu007/PrintDemon - PrintDemon is a PoC for a series of issues in the Windows Print Spooler service, as well as potetial misuses of the functionality.
- ionescu007/faxhell - A Bind Shell Using the Fax Service and a DLL Hijack
- itm4n/PrintSpoofer - Abusing Impersonation Privileges on Windows 10 and Server 2019
- antonioCoco/RoguePotato - Another Windows Local Privilege Escalation from Service Account to System
- zznop/drow - Injects code into ELF executables post-build
- kopasiak/f_dl_ffs -
- p-gen/smenu - smenu started as a lightweight and flexible terminal menu generator, but quickly evolved into a powerful and versatile CLI selection tool for interactive or scripting use.
- mptre/pick - A fuzzy search tool for the command-line
- universal-ctags/ctags - A maintained ctags implementation
- shunf4/proxychains-windows - Windows and Cygwin port of proxychains, based on MinHook and DLL Injection
- Yubico/yubikey-personalization - YubiKey Personalization cross-platform library and tool
- shtirlic/yubikeylockd - Simple daemon for locking and unlocking macOS with Yubikey
- NtRaiseHardError/Kaiser - Fileless persistence, attacks and anti-forensic capabilties.
- bats3c/Ghost-In-The-Logs - Evade sysmon and windows event logging
- danigargu/CVE-2020-0796 - CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
- tandasat/MiniVisorPkg - The research UEFI hypervisor that supports booting an operating system.
- quarkslab/CVE-2020-0069_poc -
- taviso/avscript - Avast JavaScript Interactive Shell
- sailay1996/UAC_Bypass_In_The_Wild - Windows 10 UAC bypass for all executable files which are autoelevate true .
- RfidResearchGroup/proxmark3 - The Iceman fork of Proxmark3 / RFID / NFC reader, writer, sniffer and emulator
- set-element/auditdBroFramework - The Auditd Framework logs and applies security policy to linux auditd data
- redcanaryco/chain-reactor - Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
- jakeajames/time_waste - iOS 12.0-13.3 tfp0
- emeryberger/Malloc-Implementations - A collection of memory allocators
- DimitriFourny/cve-2019-2215 - Android privilege escalation via an use-after-free in binder.c
- xairy/raw-gadget - USB Raw Gadget — low-level interface for the Linux USB Gadget subsystem
- rokups/virtual-reality - Stealthy backdoor for Windows operating systems
- LinusHenze/Fugu - Fugu is the first open source jailbreak based on the checkm8 exploit
- hackerschoice/thc-tips-tricks-hacks-cheat-sheet - Various tips & tricks
- hc0d3r/tas - A tiny framework for easily manipulate the tty and create fake binaries.
- NICMx/FORT-validator - RPKI cache validator
- gentilkiwi/curveball - CVE-2020-0601 #curveball - Alternative Key Calculator
- odzhan/injection - Windows process injection methods
- F5OEO/rpitx - RF transmitter for Raspberry Pi
- pavsa/hackrf-spectrum-analyzer -
- nccgroup/Sniffle - A sniffer for Bluetooth 5 and 4.x LE
- hfiref0x/VBoxHardenedLoader - VirtualBox VM detection mitigation loader
- sud0man/pac4mac - Automatically exported from code.google.com/p/pac4mac
- RoganDawes/LOGITacker - Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.
- VladRico/apache2_BackdoorMod - A backdoor module for Apache2
- Protocentral/protocentral_sensything - Sensything is an ESP32-based IoT device that has multiple sensor interfaces to read from and send data from both analog and digital sensors.
- emsec/ChameleonMini - The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. The ChameleonMini was developed by https://kasper-oswald.de. The device is available at https://shop.kasper.it. For further information see the Getting Started Page https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html/_page__getting_started.html or the Wiki tab above.
- arendst/Tasmota - Alternative firmware for ESP8266 with easy configuration using webUI, OTA updates, automation using timers or rules, expandability and entirely local control over MQTT, HTTP, Serial or KNX. Full documentation at
- martin-ger/esp_wifi_repeater - A full functional WiFi Repeater (correctly: a WiFi NAT Router)
- Matheus-Garbelini/esp32_esp8266_attacks - Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- krakrukra/PocketAdmin - oshw keystroke injection device ( badusb )
- atlas0fd00m/rfcat - RfCat - swiss-army knife of ISM band radio
- micronucleus/micronucleus - ATTiny usb bootloader with a strong emphasis on bootloader compactness.
- openssh/openssh-portable - Portable OpenSSH
- luigirizzo/netmap - Automatically exported from code.google.com/p/netmap
- ZigzagSecurity/survival-guide-radare2 - Basic tutorials for reverse engineer with radare2
- ampotos/dynStruct - Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
- brettsheffield/mldspy - Multicast Listener Discovery (MLDv2) watcher
- CloverHackyColor/CloverBootloader - Bootloader for macOS, Windows and Linux in UEFI and in legacy mode
- ExistentialAudio/BlackHole - BlackHole is a modern macOS virtual audio driver that allows applications to pass audio to other applications with zero additional latency.
- rfc1036/whois - Intelligent WHOIS client
- RackunSec/ByteForce - Offline Digital Forensics Tool for Binary Files
- thiagoralves/EtherSploit-IP - Exploiting Allen-Bradley E/IP PLCs
- makefu/dnsmap - fork of http:https://code.google.com/p/dnsmap/source/checkout
- 3ndG4me/socat - Mirror of the socat source code with pre-built releases for Linux (x64 and x86), Windows (x64 and x86), and MacOS (x64)
- jtesta/rainbowcrackalack - Rainbow table generation & lookup tools. Make Rainbow Tables Great Again!
- stolk/imcat - Show any image in a terminal window.
- schweikert/fping - High performance ping tool
- crtsh/go-x509lint - Go wrapper for kroeckx/x509lint
- amazon-archives/certlint - X.509 certificate linter
- oririnat/Ospy_RAT - Ospy is a penetration testing tool for macOS, include keylogger, live screen catcher, reveres shell and more. Developed in c
- jollheef/lpe - collection of verified Linux kernel exploits
- DCSO/balboa - server for indexing and querying passive DNS observations
- DynamoRIO/drmemory - Memory Debugger for Windows, Linux, Mac, and Android
- ghaering/pysqlite - Python DB-API module for SQLite 3.
- threatland/TL-BOTS - A collection of source code for various botnets.
- PAGalaxyLab/uniFuzzer - A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
- jonas/tig - Text-mode interface for git
- ValdikSS/GoodbyeDPI - GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)
- bol-van/zapret - Обход DPI в linux
- rewardone/OSCPRepo - A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
- Cisco-Talos/pyrebox - Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
- Ice3man543/ZeusInjector - An Open Source Windows DLL Injector With All Known Techniques Available
- samhocevar/zzuf - 🌪️ Application fuzzer
- DoubleSpout/ccap - node.js generate captcha using c++ library CImg without install any other lib or software
- trailofbits/krf - A kernelspace syscall interceptor and randomized faulter
- emptymonkey/xorscura - A tool / library for simplifying string obfuscation with xor.
- NLnetLabs/ldns - LDNS is a DNS library that facilitates DNS tool programming
- NotMedic/rdp-tunnel - Pre-compiled tools to tunnel TCP over RDP Connections
- kholia/RC4-40-brute-office - Guaranteed cracking of M$ Office files using RC4 40-bit encryption
- TeamWin/Team-Win-Recovery-Project - Core recovery files for the Team Win Recovery Project (T.W.R.P) - this is not up to date, please see https://github.com/TeamWin/android_bootable_recovery/
- ForensicITGuy/libpreloadvaccine - Whitelisting LD_PRELOAD libraries using LD_AUDIT
- SpacehuhnTech/esp8266_deauther - Affordable WiFi hacking platform for testing and learning
- m0chan/h4cks - Combination of all my Resources, Links & Scripts
- TheWover/donut - Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
- nccgroup/phantap - Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
- limbenjamin/TCPHound - Win32 utility for auditing TCP connections
- cofyc/dnscrypt-wrapper - This is dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver.
- andreiw/RaspberryPiPkg - DEPRECATED - DO NOT USE | Go here instead ->
- henrypp/simplewall - Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
- pi-hole/FTL - The Pi-hole FTL engine
- scslab/tcpcrypt - Fast TCP encryption
- adafruit/adafruit-raspberrypi-linux - Adafruit's hacking-friendly Raspberry Pi linux kernel
- outflanknl/Dumpert - LSASS memory dumper using direct system calls and API unhooking.
- t57root/pwnginx - Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
- stephenbradshaw/vulnserver - Vulnerable server used for learning software exploitation
- robertdavidgraham/rdpscan - A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
- vmware/open-vm-tools - Official repository of VMware open-vm-tools project
- TarlogicSecurity/tickey - Tool to extract Kerberos tickets from Linux kernel keys.
- CoolerVoid/codewarrior - code-searching tool and static analysis - Beta
- pwn20wndstuff/Undecimus - unc0ver jailbreak for iOS 11.0 - 12.4
- Mr-Un1k0d3r/Shellcoding - Shellcoding utilities
- emptymonkey/revsh - A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
- neonichu/trolldrop - AirDrop trollfaces to everyone.
- trustedsec/trevorc2 - TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
- SecWiki/windows-kernel-exploits - windows-kernel-exploits Windows平台提权漏洞集合
- GoSecure/DLLPasswordFilterImplant - DLL Password Filter Implant with Exfiltration Capabilities
- Arno0x/DivertTCPconn - A TCP packet diverter for Windows platform
- droe/xnumon - monitor macOS for malicious activity
- landhb/HideProcess - A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
- wbenny/injdrv - proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
- npp-plugins/mimetools -
- hasherezade/demos - Demos of various injection techniques found in malware
- nongiach/sudo_inject - [Linux] Two Privilege Escalation techniques abusing sudo token
- JFLarvoire/SysToolsLib - A library of Windows and Linux system management tools
- FSecureLABS/incognito - One Token To Rule Them All https://labs.mwrinfosecurity.com/blog/incognito-v2-0-released/
- DimopoulosElias/alpc-mmc-uac-bypass - UAC Bypass with mmc via alpc
- hasherezade/hollows_hunter - Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- Darkabode/zerokit - Zerokit/GAPZ rootkit (non buildable and only for researching)
- skeeto/endlessh - SSH tarpit that slowly sends an endless banner
- ryanries/PassFiltEx - PassFiltEx. An Active Directory Password Filter.
- aircrack-ng/aircrack-ng - WiFi security auditing tools suite
- ZerBea/hcxdumptool - Small tool to capture packets from wlan devices.
- facebook/zstd - Zstandard - Fast real-time compression algorithm
- scaleway/natasha - Natasha is a fast and scalable, DPDK powered, stateless NAT44 packet processor
- nospaceships/raw-socket-sniffer - Packet capture on Windows without a kernel driver
- joswr1ght/nm2lp - Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format
- depletionmode/VirtualAllocSecure -
- nsacyber/Hardware-and-Firmware-Security-Guidance - Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
- Mr-Un1k0d3r/MaliciousDLLGenerator - DLL Generator for side loading attack
- jtesta/ssh-mitm - SSH man-in-the-middle tool
- linux-can/can-utils - Linux-CAN / SocketCAN user space applications
- machyve/xhyve - xhyve, a lightweight OS X virtualization solution
- moby/hyperkit - A toolkit for embedding hypervisor capabilities in your application
- gvb84/pbscan - Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
- ChrisJohnsen/tmux-MacOSX-pasteboard - Notes and workarounds for accessing the Mac OS X pasteboard in tmux sessions. Note: The pu branch (“Proposed Updates”) may be rewound without notice.
- majn/telegram-purple - Adds support for Telegram to Pidgin, Adium, Finch and other Libpurple based messengers.
- marcomorain/tcat - Time Cat is a program to add timestamps to text.
- aws/s2n-tls - An implementation of the TLS/SSL protocols
- r00t-3xp10it/hacking-material-books - collection of articles/books about programing
- libressl-portable/portable - LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome.
- WyAtu/windows_pentest_tools - My pentest tools used two years ago. Part1
- ehsahil/recon-my-way - This repository created for personal use and added tools from my latest blog post.
- bootleg/ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
- jthuraisamy/DIRT - Driver Initial Reconnaissance Tool
- hyc/fcrackzip - A braindead program for cracking encrypted ZIP archives. Forked from http:https://oldhome.schmorp.de/marc/fcrackzip.html
- CiscoCXSecurity/linikatz - linikatz is a tool to attack AD on UNIX
- riverloopsec/killerbee - IEEE 802.15.4/ZigBee Security Research Toolkit
- rsmudge/Layer2-Pivoting-Client - A simple client to demonstrate Layer-2 pivoting. Compatible with the simpletun.c server written by Davide Brini.
- e-ago/bitcracker - BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker
- kroeckx/x509lint - Tool to check X509 certificates
- arialdomartini/morris-worm - The decompiled Morris Worm source code
- ish-app/ish - Linux shell for iOS
- shellster/DCSYNCMonitor - Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.
- zodiacon/WindowsInternals - Windows Internals Book 7th edition Tools
- sensepost/hostapd-mana - SensePost's modified hostapd for wifi attacks.
- galkahana/HummusJS - Node.js module for high performance creation, modification and parsing of PDF files and streams
- zhaojh329/rtty - 🐛 Access your terminal from anywhere via the web.
- prbinu/tls-scan - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
- mkj/dropbear - Dropbear SSH
- jakeajames/rootlessJB -
- wazuh/wazuh - Wazuh - The Open Source Security Platform
- amv42/sshd-honeypot -
- jbruchon/jdupes - A powerful duplicate file finder and an enhanced fork of 'fdupes'.
- mptre/yank - Yank terminal output to clipboard
- upx/upx - UPX - the Ultimate Packer for eXecutables
- dbro/csvquote - Enables common unix utlities like cut, awk, wc, head to work correctly with csv data containing delimiters and newlines
- rgov/Thunderbolt3Unblocker - Enable unsupported Thunderbolt 3 peripherals on macOS
- DNS-OARC/dnsperf - DNS Performance Testing Tools
- jhawthorn/fzy - 🔍 A simple, fast fuzzy finder for the terminal
- jwbensley/Etherate - Linux CLI Ethernet and MPLS Testing Tool
- lecram/rover - simple file browser for the terminal
- jarun/nnn - n³ The unorthodox terminal file manager
- mattn/go-sqlite3 - sqlite3 driver for go using database/sql
- taviso/rbndr - Simple DNS Rebinding Service
- clydeclements/AsciiDocQuickLook - A QuickLook plugin to preview AsciiDoc files.
- shysaur/QLWindowsApps - QuickLook & Spotlight plugins for Windows DLLs and EXEs
- blechschmidt/massdns - A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- jaygreig86/dmitry - DMitry (Deepmagic Information Gathering Tool)
- ifding/iot - IoT device: Hardware & Firmware
- softwareengineer1/YourFriendlyDNS - A really awesome multi-platform (lin,win,mac,android) local caching and proxying dns server!
- hackgnar/ble_ctf - A Bluetooth low energy capture the flag
- RedaOps/ARPPD - An ARP Poisoning Defender script
- maxmind/geoipupdate-legacy - GeoIP update client code
- tgraf/bmon - bandwidth monitor and rate estimator
- sfan5/fi6s - IPv6 network scanner designed to be fast
- convisoappsec/firefox_tunnel -
- h1x0rz3r0/iBoot -
- hashcat/kwprocessor - Advanced keyboard-walk generator with configureable basechars, keymap and routes
- IAIK/meltdown - This repository contains several applications, demonstrating the Meltdown bug.
- misc0110/ProcDetails - A kernel module showing information about procfs files
- IAIK/CJAG - CJAG is an open-source implementation of our cache-based jamming agreement.
- IAIK/keydrown - Eliminating Keystroke Timing Attacks
- alexandervdm/gummi - Simple LaTeX editor
- google/yara-procdump-python - A Python extension to wrap the Yara process memory access API.
- govolution/avepoc - some pocs for antivirus evasion
- vanhoefm/krackattacks-scripts -
- 0xdea/exploits - A handy collection of my public exploits, all in one place.
- spacehuhn/wifi_ducky - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
- dvorka/hstr - bash and zsh shell history suggest box - easily view, navigate, search and manage your command history.
- mitchellkrogza/apache-ultimate-bad-bot-blocker - Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
- CipherShed/CipherShed - Main CipherShed Development
- vysheng/tg - telegram-cli
- telegramdesktop/dependencies_windows - Compiled dependencies for the windows build
- tmux/tmux - tmux source code
- hashcat/hashcat-utils - Small utilities that are useful in advanced password cracking
- mattthias/slurm - yet another network load monitor
- abelcheung/rifiuti2 - Windows Recycle Bin analyser
- sqlcipher/sqlcipher - SQLCipher is a standalone fork of SQLite that adds 256 bit AES encryption of database files and other security features.
- ANSSI-FR/ADCP-DirectoryCrawler - AD-control-paths LDAP submodule
- tsl0922/ttyd - Share your terminal over the web
- radare/gradare2 - Port of gradare GTK/VTE frontend to r2
- t00sh/rop-tool - A tool to help you write binary exploits
- google/honggfuzz - Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
- unicorn-engine/unicorn - Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, X86)
- openics/openics - Industrial Control Systems Protocol Decoders
- dlundquist/sniproxy - Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
- zcgonvh/NTDSDumpEx - NTDS.dit offline dumper with non-elevated
- hashcat/statsprocessor - Word-generator based on per-position markov-chains
- joswr1ght/genip - Generate Lists of IP Addresses
- philsmd/pswRecovery4Moz - Recover your Mozilla passwords with a simple c script
- ZerBea/hcxtools - Portable (that doesn't include proprietary/commercial operating systems) solution for conversion of cap/pcap/pcapng (gz compressed) WiFi dump files to hashcat formats (recommended by hashcat) and to John the Ripper formats. hcx: h = hash, c = convert and calculate candidates, x = different hashtypes
- syslog-ng/syslog-ng - syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL & NoSQL.
- EnderUNIX/VoIPong - VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. It supports SIP, H323, Cisco's Skinny Client Protocol, RTP and RTCP.
- tomac/yersinia - A framework for layer 2 attacks
- ethanwilloner/DNS-Amplification-Attack -
- djpnewton/vmulti - Virtual Multiple HID Driver (multitouch, mouse, digitizer, keyboard, joystick)
- armadito/armadito-mod-pdf - Armadito module for PDF document analysis.
- newsoft/adduser - Programmatically create an administrative user under Windows
- michael-dev/ebtables-dhcpsnooping - Linux generic dhcp snooping daemon using nflog and ebtables or nftables
- Ettercap/ettercap - Ettercap Project
- HackerDom/ructf-2017 -
- adulau/dcfldd - dcfldd - enhanced version of dd for forensics and security
- btoews/softu2f-legacy-driver - This project has been merged into the main SoftU2F repository
- btoews/security-key - iOS SEP U2F
- I-am-Batman/quickdump - an x86 disassembler
- dyninst/dyninst - DyninstAPI: Tools for binary instrumentation, analysis, and modification.
- chokepoint/azazel - Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.
- visit1985/mdp - A command-line based markdown presentation tool.
- pwning/docs - Tips, Tricks, and Suggestions for Running a CTF
- jingchunzhang/backdoor_rootkit -
- dev-zzo/exploits-nt-privesc - Exploit collection for NT privilege escalation
- trailofbits/ctf - CTF Field Guide
- VirusFriendly/SSHapendoes - Capture passwords of login attempts on non-existent and disabled accounts.
- mncoppola/suterusu - An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
- srcclr/bughunt - A weekly challenge where we share some code and you find a bug in it.
- mdsecresearch/Publications - A list of published research documents
- zardus/preeny - Some helpful preload libraries for pwning stuff.
- xoreaxeaxeax/movfuscator - The single instruction C compiler
- nelhage/reptyr - Reparent a running program to a new terminal
- infodox/tsh-sctp - TinySHell port to SCTP
- unix-thrust/beurk - BEURK Experimental Unix RootKit
- CoolerVoid/Mosca - Manual search tool to find bugs like a grep unix command - Beta
- earthquake/chw00t - chw00t - Unices chroot breaking tool
- nmap/ncrack - Ncrack network authentication tool
- hvqzao/foolav - Pentest tool for antivirus evasion and running arbitrary payload on target Wintel host
- hacksysteam/HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Windows Driver
- kablaa/CTF-Workshop - Challenges for Binary Exploitation Workshop
- hal3002/rooty - libpcap based ICMP encrypted backdoor for linux.
- wapiflapi/exrs - Exercises for learning Reverse Engineering and Exploitation.
- trustedsec/pivoter - Pivoter is a proxy tool for pentesters to have easier lateral movement.
- FuzzySecurity/Unix-PrivEsc - Local UNIX PrivEsc Aggregation
- jamesbarlow/icmptunnel - Tunnel IP over ICMP.
- sahib/rmlint - Extremely fast tool to remove duplicates and other lint from your filesystem
- s0lst1c3/eaphammer - Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
- iovisor/bcc - BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
- huntergregal/mimipenguin - A tool to dump the login password from the current linux user
- 3proxy/3proxy - 3proxy - tiny free proxy server
- Cybellum/DoubleAgent - Zero-Day Code Injection and Persistence Technique
- RUB-SysSec/OMEN - OMEN: Ordered Markov ENumerator - Password Guesser
- GaloisInc/hacrypto - Experiments in high-assurance crypto.
- kylekirkby/Python-Exploit-Search-Tool - A search tool that searches Offensive Securitys Exploit-db and Shodans Exploit DB using their API.
- trailofbits/cb-multios - DARPA Challenges Sets for Linux, Windows, and macOS
- torvalds/linux - Linux kernel source tree
- DhavalKapil/icmptunnel - Transparently tunnel your IP traffic through ICMP echo and reply packets.
- P0cL4bs/Shellcodes -
- P0cL4bs/kadimus - kadimus is a tool to check and exploit lfi vulnerability.
- scumjr/the-sea-watcher - Implementation of the SMM rootkit "The Watcher"
- lastpass/lastpass-cli - LastPass command line interface tool
- telekom-security/tpotce - 🍯 T-Pot - The All In One Honeypot Platform 🐝
- armedpot/honeytrap - Last download from git:https://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
- vincentbernat/ssl-dos - Various tools related to SSL denial of service
- peacand/msf-av-escape - Metasploit reverse TCP stager fully undetectable
- tylabs/qs_old - Command line tool for scanning streams within office documents plus xor db attack
- klsecservices/Invoke-Vnc - Powershell VNC injector
- fabianhu/SIP-Pi - SIP answering machine running on Raspberry Pi
- ipankajg/ceed - A tiny x86 compiler with ELF and PE target
- PeterMosmans/openssl - 'Extra featured' OpenSSL with ChaCha20 and Poly1305 support
- endrazine/wcc - The Witchcraft Compiler Collection
- elfmaster/saruman - ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
- ufrisk/pcileech - Direct Memory Access (DMA) Attack Software
- wick2o/osf_db - Offline Security Focus Database
- mteg/braa - Ultra-fast SNMPv1/v2 stack. Get/set/walk tens of thousands of hosts at once.
- stufus/ADEGrab - Standalone Windows tool to automatically retrieve Sysinternals' AD Explorer search output from the ListView control and save/copy to clipboard.
- rofl0r/proxychains-ng - proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
- yarrick/pingfs - Stores your data in ICMP ping packets
- ValdikSS/p0f-mtu - p0f with patches to save MTU value and export it via API (for VPN detection)
- libyal/libscca - Library and tools to access the Windows Prefetch File (SCCA) format.
- winfsp/sshfs-win - SSHFS For Windows
- winfsp/winfsp - Windows File System Proxy - FUSE for Windows
- gdabah/distorm - Powerful Disassembler Library For x86/AMD64
- hc0d3r/alfheim - a linux process hacker tool
- jgamblin/Mirai-Source-Code - Leaked Mirai Source Code for Research/IoC Development Purposes
- robertdavidgraham/telnetlogger - Simulates enough of a Telnet connection in order to log failed login attempts.
- hashcat/hashcat - World's fastest and most advanced password recovery utility
- openwrt/openwrt - This repository is a mirror of https://git.openwrt.org/openwrt/openwrt.git It is for reference only and is not active for check-ins. We will continue to accept Pull Requests here. They will be merged via staging trees then into openwrt.git.
- rbsec/sslscan - sslscan tests SSL/TLS enabled services to discover supported cipher suites
- Cn33liz/EasySystem - Quick and dirty System (Power)Shell using NamedPipe impersonation.
- rapid7/metasploit-payloads - Unified repository for different Metasploit Framework payloads
- esnet/iperf - iperf3: A TCP, UDP, and SCTP network bandwidth measurement tool
- bartobri/no-more-secrets - A command line tool that recreates the famous data decryption effect seen in the 1992 movie Sneakers.
- Ridter/Pentest - tools
- sensepost/USaBUSe - Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.
- vanhauser-thc/thc-ipv6 - IPv6 attack toolkit
- CyberThreatAlliance/cryptowall_v3 - A repository of scripts and files related to the CryptoWall version 3 threat
- raspberrypi-ui/piclone - Utility to back up Pi to an SD card reader
- DougGore/telepi - Remote streaming for your Raspberry Pi
- redbear/IoT_pHAT - WiFi + Bluetooth, designed for the Raspberry Pi Zero
- screetsec/TheFatRat - Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
- timwr/CVE-2016-5195 - CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android
- 1N3/PrivEsc - A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
- DavidBuchanan314/pwn-mbr - A simple MBR hijack demonstration
- 0x27/linux.mirai - Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
- techgaun/mirai - Mirai related codes and stuff
- davidgfnet/wireshark-whatsapp - Whatsapp dissector plugin for wireshark
- boundarydevices/imx_usb_loader - USB & UART loader for i.MX5/6/7/8 series
- crmulliner/hidemulation - hid emulation tools for the usbarmory
- 504ensicsLabs/LiME - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
- tcr/t2-packetspammer -
- evil-e/sdb-explorer - Tool to view and create Microsoft shim database files (SDB).
- libyal/libfvde - Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes
- shellphish/how2heap - A repository for learning various heap exploitation techniques.
- session-replay-tools/tcpcopy - An online request replication tool, also a tcp stream replay tool, fit for real testing, performance testing, stability testing, stress testing, load testing, smoke testing, etc
- ebursztein/malusb - Malicious USB
- lunixbochs/patchkit - binary patching from Python
- kamakazikamikaze/easysnmp - [MAINTAINER REQUESTED/HELP WANTED] A blazingly fast and Pythonic SNMP library based on the official Net-SNMP bindings
- nabla-c0d3/dumpdecrypted - Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
- lldpd/lldpd - implementation of IEEE 802.1ab (LLDP)
- gentilkiwi/kekeo - A little toolbox to play with Microsoft Kerberos in C
- libyal/libesedb - Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
- kheops2713/portsplit - Splits a single TCP port for a use with multiple services (in the spirit of sslh)
- blankwall/MacDBG - Simple easy to use C and python debugging framework for OSX
- justinfrankel/licecap - LICEcap simple animated screen capture tool for Windows and OS X
- clibs/clib - C package manager-ish
- ndt-project/ndt - Network Diagnostic Tool
- gitdurandal/dbd - Durandal's Backdoor
- rsmusllp/syringe - A General Purpose DLL & Code Injection Utility
- yarrick/iodine - Official git repo for iodine dns tunnel
- autoas/as - automotive software(OSEK & AUTOSAR) and its tool-chain
- Cr4sh/ThinkPwn - Lenovo ThinkPad System Management Mode arbitrary code execution 0day exploit
- elceef/dhcpf - Passive DHCP fingerprinting implementation
- thinkst/canaryfy - Linux file read monitor
- libyal/libvshadow - Library and tools to access the Volume Shadow Snapshot (VSS) format
- RPISEC/MBE - Course materials for Modern Binary Exploitation by RPISEC
- GNS3/iouyap - Bridge IOU to UDP, TAP and Ethernet.
- W4RH4WK/ETnM - Exploitation Techniques and Mitigations
- Cr4sh/WindowsRegistryRootkit - Kernel rootkit, that lives inside the Windows registry values data
- GNS3/vpcs - Simple Virtual PC Simulator
- hfiref0x/DSEFix - Windows x64 Driver Signature Enforcement Overrider
- hdm/juniper-cve-2015-7755 - Notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS
- dokan-dev/dokany - User mode file system library for windows with FUSE Wrapper
- REhints/Publications - Conference slides and White-papers
- jmk-foofus/medusa - Medusa is a speedy, parallel, and modular, login brute-forcer.
- glmcdona/Process-Dump - Windows tool for dumping malware PE files from memory back to disk for analysis.
- netdata/netdata - Real-time performance monitoring, done right! https://www.netdata.cloud
- CroweCybersecurity/shareenum - Tool to enumerate shares from Windows hosts.
- jacobstanley/network-info - Get information about local network adapters such as name, IP address, MAC address
- JonDoNym/peinjector - peinjector - MITM PE file infector
- dmolnar/SmartFuzz - Valgrind extension for whitebox fuzz testing
- CoolerVoid/0d1n - Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
- pleed/pyqemu - Dynamic binary instrumentation based crypto detection framework. Implementation of http:https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6461007&isnumber=6460999
- gat3way/hashkill - hashkill password recovery tool
- dstosberg/odt2txt - A simple converter from OpenDocument Text to plain text
- rg3/sudoku - A simple command-line Sudoku solver in C for educational purposes
- Explorer09/xfprot-ubcd - Modified XFPROT 2.4 for Parted Magic and UBCD.
- inotify-tools/inotify-tools - inotify-tools is a C library and a set of command-line programs providing a simple interface to inotify.
- mirror/firmware-mod-kit - http:https://firmware-mod-kit.googlecode.com/svn/trunk
- devttys0/littleblackbox - Database of private SSL/SSH keys for embedded devices
- zcutlip/nvram-faker - A simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.
- devttys0/libmpsse - Open source library for SPI/I2C control via FTDI chips
- devttys0/wrt120n -
- ScarletBlazin/rebind - Automatically exported from code.google.com/p/rebind
- t6x/reaver-wps-fork-t6x -
- 0x90/wifi-arsenal - WiFi arsenal
- aircrack-ng/aircrack-ng-archive - Pre-migration repository. New repository ➙
- gabrielrcouto/reaver-wps - Brute force attack against Wifi Protected Setup
- phikshun/Peap-Karma - Hostapd - PEAP "Karma" Patched
- tillwo/80211ping - Small Linux command-line tool to "ping" 802.11 devices
- defuse/WinPassGen - A Windows Password Generator.
- WuerthPhoenix/safed - Safed for Linux
- silentsignal/sheep-wolf - Wolves Among the Sheep
- gh0std4ncer/lizkebab - Lizard Squad rekt
- tweksteen/oplzkwp - ELF obfuscator
- leechristensen/UnmanagedPowerShell - Executes PowerShell from an unmanaged process
- leahneukirchen/nq - Unix command line queue utility
- nmaier/ffthumb - ffthumb - Yet another ffmpeg thumbnail library
- rockdaboot/mget - Multithreaded metalink/file/website downloader (like Wget) and C library
- BurntSushi/rtmpdump-ksv - rtmpdump with ksv's patch. Intended to track upstream git:https://git.ffmpeg.org/rtmpdump as well.
- Maijin/radare2-workshop-2015 -
- midnitesnake/USB-Rubber-Ducky -
- libusb/libusb - A cross-platform library to access USB devices
- jndok/harpoon - Lightweight runtime hooking library for OS X.
- NitinJami/keychaineditor - A CLI to interact with iOS's keychain on a jailbroken device to dump/edit/delete a keychain item.
- TsudaKageyu/minhook - The Minimalistic x86/x64 API Hooking Library for Windows
- tklengyel/honeybrid - Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TCP or UDP) from one primary destination host to a secondary destination host.
- vlad902/hacking-team-windows-kernel-lpe - Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar.
- yrutschle/sslh - Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
- tklengyel/drakvuf - DRAKVUF Black-box Binary Analysis
- certego/fw1-loggrabber - FW1-Loggrabber is a command-line tool to grab logfiles from remote Checkpoint devices using OPSEC LEA (Log Export API)
- xerub/irecovery - A program used to communicate with iBoot / iBSS using the libusb-1.0 api.
- libimobiledevice/idevicerestore - Restore/upgrade firmware of iOS devices
- planetbeing/ios-jailbreak-patchfinder - Analyzes a binary iOS kernel to determine function offsets and where to apply the canonical jailbreak patches.
- libimobiledevice/libirecovery - Library and utility to talk to iBoot/iBSS via USB on Mac OS X, Windows, and Linux
- h2o/h2o - H2O - the optimized HTTP/1, HTTP/2, HTTP/3 server
- jessfraz/tor - Development fork of https://git.torproject.org/tor.git
- therealdreg/anticuckoo - A tool to detect and crash Cuckoo Sandbox
- andreafabrizi/DNSProxy - DNS proxy listens for incoming DNS requests on the local interface and resolves the hosts using an external PHP script, through http proxy requests.
- hugsy/proxenet - The ONLY hacker friendly proxy for webapp pentests.
- kost/nanomet - Nano meterpreter shell based on TinyMet
- jond3k/sandbox - Ideas that I've been experimenting with
- aboutsecurity/Hacme-Dogs - Learn basic fuzzing and explotation techniques with a simple network listener vulnerable to a stack based overflow written in C
- libyal/libvhdi - Library and tools to access the Virtual Hard Disk (VHD) image format
- kornelski/pngquant - Lossy PNG compressor — pngquant command based on libimagequant library
- Kveri/IOUsniffer - A tool which intercepts traffic on IOU netio sockets and writes it to pcap files
- pygraphviz/pygraphviz - Python interface to Graphviz graph drawing package
- wg/wrk - Modern HTTP benchmarking tool
- hannob/selftls - Sample application to let OpenSSL talk to itself (for fuzzing)
- vanhauser-thc/thc-hydra - hydra
- rsyslog/rsyslog - a Rocket-fast SYStem for LOG processing
- wiire-a/pixiewps - An offline Wi-Fi Protected Setup brute-force utility
- pololu/make - A little repository to keep track of our changes to GNU Make 3.82.
- hfiref0x/UACME - Defeating Windows User Account Control
- ged/ruby-openldap - A simple, but full-featured Ruby binding for libldap (Github mirror)
- stealth/troubleshooter - setroubleshootd xSports
- jahendrie/bin2dec - Convert binary numbers to decimal
- IOActive/Melkor_ELF_Fuzzer - Melkor is a very intuitive and easy-to-use ELF file format fuzzer to find functional and security bugs in ELF parsers.
- friedrich/iodine-tunemu - iodine with tunemu
- programa-stic/ropc-llvm - ropc-llvm is a PoC of a Turing complete ROP compiler with support for a subset of LLVM IR. It is an extension of ropc.
- utds3lab/pemu -
- BinaryAnalysisPlatform/deprecated-qemu-tracer -
- apg/grapt - simple charting tools for unix.
- apg/when - run a command until a condition is met, then run another one!
- silentbicycle/ff - fuzzy-completion for finding files
- btpd/btpd - ⚡ The BitTorrent Protocol Daemon
- jpirko/libteam - team netdevice library
- poliva/rootadb - restart adbd with root privileges
- abrt/abrt - Automatic bug detection and reporting tool
- anestisb/dexRepair - Cmd line tool to repair Android DEX bytecode files CRC checksum
- anestisb/melkor-android - An Android port of the melkor ELF fuzzer
- facebookarchive/fb-adb - A better shell for Android devices
- drwhomphd/AuditdAndroid - A Fork of Auditd geared specifically for running on the Android platform. Includes system applications, AOSP patches, and kernel patches to maximize the audit experience.
- crmulliner/ddi - ddi - Dynamic Dalvik Instrumentation Toolkit
- crmulliner/adbi - Android Dynamic Binary Instrumentation Toolkit
- hfiref0x/WinObjEx64 - Windows Object Explorer 64-bit
- vmt/udis86 - Disassembler Library for x86 and x86-64
- nullsecuritynet/tools - Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
- Cr4sh/openreil - Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)
- wishstudio/flinux - Foreign LINUX - Run unmodified Linux applications inside Windows.
- openwrt-mirror/openwrt - Mirror of the OpenWRT repository
- allinurl/goaccess - GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
- robertdavidgraham/pemcrack - Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON'T JUDGE ME!!!
- trailofbits/onesixtyone - Fast SNMP Scanner
- lclevy/libcraw2 - simple, easy to read, minimal and portable library to decode Canon RAW 2 files
- singpolyma/mnemonicode - Fork of http:https://web.archive.org/web/20101031205747/http:https://www.tothink.com/mnemonic/
- Lekensteyn/dmg2img - DMG2IMG allows you to convert a (compressed) Apple Disk Images (imported from http:https://vu1tur.eu.org/dmg2img). Note: the master branch contains imported code, but lacks bugfixes/features from the develop branch. "develop" branch is recommended!
- mhl/unicode-poster - Scripts for generating posters that contain glyphs of every printable character in Unicode 5.1.0
- bitlbee/bitlbee - An IRC to other chat networks gateway 🐝
- clowwindy/ShadowVPN - Removed according to regulations.
- shadowsocks/ChinaDNS - Protect yourself against DNS poisoning in China.
- ant4g0nist/sandy - Static and Dynamic exploit analysis framework.
- janmojzis/tinyssh - TinySSH is small server (less than 100000 words of code)
- ThibaultReuille/internet-graph - Python code to create a graph of the internet (AS nodes, BGP routes, Prefixes ...) with SemanticNet.
- libyal/libqcow - Library and tools to access the QEMU Copy-On-Write (QCOW) image format
- libyal/libsigscan - Library for binary signature scanning.
- libyal/libhmac - Library to support various Hash-based Message Authentication Codes (HMAC)
- libyal/libhibr - Library and tools to access the Windows Hibernation File (hiberfil.sys) format
- libguestfs/libguestfs - library and tools for accessing and modifying virtual machine disk images. PLEASE DO NOT USE GITHUB FOR ISSUES OR PULL REQUESTS. See the website for how to file a bug or contact us.
- s7ephen/SandKit - A Toolkit to assist with the investigation of Sandboxing software
- newsoft/sqlite3-dbx - SQLite3 with encryption support
- bwalex/tc-play - Free and simple TrueCrypt/VeraCrypt Implementation based on dm-crypt
- Thomas-Tsai/partclone - Partclone provides utilities to backup a partition smartly and it is designed for higher compatibility of the file system by using existing library.
- ytisf/ext-gpg - An extreme version of GnuPGP able to create keys of up to 16kb.
- attackdebris/arpscan -
- lvrach/MiKey - MiKey is a minimal and modular Linux keylogger. It provides a toolkit that monitors and records all activities performed on a computer. It makes use of the Xlib.
- ANSSI-FR/AD-control-paths - Active Directory Control Paths auditing and graphing tools
- seastorm/PuttyRider - Hijack Putty sessions in order to sniff conversation and inject Linux commands.
- quarkslab/iMITMProtect - Prevent Apple to mess with keys
- quarkslab/dreamboot - UEFI bootkit
- oblique/wificurse - WiFi Jamming tool
- hashcat/princeprocessor - Standalone password candidate generator using the PRINCE algorithm
- ttscoff/nv - MultiMarkdown version of Notational Velocity with Markdown editing features and preview
- planetbeing/iphonelinux - Port Linux to the iPhone
- jklmnn/imagejs - Small tool to package javascript into a valid image file.
- picosync/workingDraft - picosync
- ssllabs/sslhaf - Passive SSL client fingerprinting using handshake analysis.
- basil00/Divert - WinDivert: Windows Packet Divert
- MRGEffitas/hwfwbypass -
- MalwareTech/TinyXPB - Windows XP 32-Bit Bootkit
- kaie/sphere-detection - Various modules to implement the DetecTor design from http:https://detector.kuix.de
- geohot/qira - QEMU Interactive Runtime Analyser
- FreeRDP/FreeRDP - FreeRDP is a free remote desktop protocol library and clients
- iagox86/nmap-smbv2 -
- iagox86/nbtool -
- carmaa/interrogate - Interrogate is a proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage.
- hanzelpeter/dispmanx_vnc - VNC Server for Raspberry PI using dispmanx
- deepwater82/bismark_ucap_openflow - Revised OpenFlow for hashed MACs
- nmathewson/shim - Chris Davis's minimal http proxy, based on libevent2
- ioerror/torsocks - Wrapper to safely torify applications
- CrowdStrike/Tortilla -
- nohuhu/TuTTY - SSH and Telnet client for Windows (PuTTY fork)
- fireeye/tools - general purpose and malware specific analysis tools
- hellman/shtest - Simple shellcode testing tool.
- ankurs/Hash-Table - simple implementation of a hash table
- arisada/midgetpack - midgetpack is a multiplatform secure ELF packer
- gianlucaborello/libprocesshider - Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
- cjdelisle/cjdns - An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
- tass-belgium/picotcp - PicoTCP is a free TCP/IP stack implementation
- pepe2k/u-boot_mod - U-Boot 1.1.4 modification for routers
- signal11/hidapi - A Simple library for communicating with USB and Bluetooth HID devices on Linux, Mac, and Windows.
- openocd-org/openocd - Official OpenOCD Read-Only Mirror (no pull requests)
- vasi/squashfuse - FUSE filesystem to mount squashfs archives
- hak5darren/USB-Rubber-Ducky -
- tcurdt/iProxy - Let's you connect your laptop to the iPhone to surf the web.
- zed-0xff/lltdscan - Scan for LLTD-enabled hosts on your network
- robm/dzen - Dzen is a general purpose messaging, notification and menuing program for X11.
- robertdavidgraham/isowall - This is a mini-firewall that completely isolates a target device from the local network.
- mncoppola/rpef - Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers
- cea-hpc/robinhood - Robinhood Policy Engine : a versatile tool to monitor filesystem contents and schedule actions on filesystem entries.
- zoobab/linuxAP-eh - linuxAP-eh
- gmsoft-tuxicoman/pom-ng - Packet-o-matic NG !
- qemu/qemu - Official QEMU mirror. Please see http:https://wiki.qemu.org/Contribute/SubmitAPatch for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.
- rchiossi/dexterity - Dex manipulation library
- jduck/canhazaxs - A tool for enumerating the access to entries in the file system of an Android device.
- jduck/privmap - A tool for enumerating the effective privileges of processes on an Android device.
- strazzere/android-unpacker - Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
- conormcd/osx-keychain-java - Access the OS X keychain from Java.
- miniupnp/miniupnp - UPnP IGD implementation
- getlantern/proxysetup - proxysetup is a command-line utility that allows managing Macintosh proxy settings via the networksetup program without having to sudo or supply one's password
- pauloborges/bluez - My bluez tree.
- jech/polipo - The Polipo caching HTTP proxy
- guardianproject/openssl-android - a version of the official Android openssl setup to build standalone for use in app
- acama/xdisasm - Simple binary file disassembler based on libopcodes and bfd from binutils.
- acama/xrop - Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC
- zardus/gdb_woo -
- aosp-mirror/platform_external_qemu -
- SecurityCompass/android_emulator_spoofing - This is a fork of the Android emulator that allows spoofing of IMEI, IMSI, and phone number.
- SecurityCompass/iPhoneLabs - iPhone security labs
- projectbismark/censorscope -
- kirei/sha2wordlist - Display SHA-256 as PGP words
- tumi8/trumanbox -
- m-lab/web100_userland-debian - Debian package for web100 userland library
- m-lab/ndt-debian - Debian package for NDT
- danielgtaylor/jpeg-archive - Utilities for archiving JPEGs for long term storage.
- bryanforbes/libimobiledevice - A protocol library to access an iPhone or iPod Touch in Linux
- chaostheory88/revengineering - Practical Reverse Engineering exercise's solutions
- robertdavidgraham/robdns - A fast DNS server based on C10M principles
- zmap/zmap - ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
- pwning/plaidctf2014 - Source for some problems from PlaidCTF 2014.
- paulgribble/CBootCamp - C Programming Boot Camp
- mjording/ttyrec - ttyrec is a tty recorder. Recorded data can be played back with the included ttyplay command. ttyrec is just a derivative of script command for recording timing information with microsecond accuracy as well. It can record emacs -nw, vi, lynx, or any programs running on tty.
- icholy/ttygif - Convert terminal recordings to animated gifs
- laurikari/tre - The approximate regex matching library and agrep command line tool.
- sqlmapproject/udfhack - Database takeover UDF repository
- stefanesser/dumpdecrypted - Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
- DinoTools/python-ssdeep - Python wrapper for ssdeep fuzzy hashing library
- chokepoint/Beleth - Multi-threaded SSH Password Auditor
- capstone-engine/capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
- traviscross/mtr - Official repository for mtr, a network diagnostic tool
- LCyberspazio/exaconv - Exadecimal \xNN format to ASCII format converter
- curl/curl - A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP. libcurl offers a myriad of powerful features
- bumptech/stud - The Scalable TLS Unwrapping Daemon
- DNS-OARC/dnscap - Network capture utility designed specifically for DNS traffic
- krmaxwell/Dripper - Dripper.c is a fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS.
- udishamir/Domain-Analyzer - Detect malicious domain, Blablablablabla
- buffer/shellcodes - A collection of tricky (and sometimes) funny shellcodes
- AnwarMohamed/meterpreter-darwin - Metasploit's native payload for Mac OS X and iOS
- dvdhrm/kmscon - Linux KMS/DRM based virtual Console Emulator
- libgit2/pygit2 - Python bindings for libgit2
- boundary/khial - a fake network driver to test network applications
- hc0d3r/C - some codes
- conix-security/audit-springbok - A tool for analyzing firewall rules
- conix-security/zer0m0n - zer0m0n driver for cuckoo sandbox
- keplerproject/md5 - MD5 offers basic cryptographic facilities for Lua 5.1.
- keplerproject/luasql - LuaSQL is a simple interface from Lua to a DBMS.
- stedolan/jq - Command-line JSON processor
- ossec/ossec-hids - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
- REMath/implementations - Implementations of program analysis tools with a focus on machine code
- yasm/yasm - Yasm Assembler mainline development tree
- locasto/libdisorder - A simple C library for entropy measurement of byte streams and other data.
- gentilkiwi/mimikatz - A little tool to play with Windows security
- n0fate/keychaindump - A proof-of-concept tool for reading OS X keychain passwords
- hannoL/Anleit - collection of tutorial and manuals (focus to android)
- DataSoft/Honeyd - virtual honeypots
- jvehent/Honeybrid - Honeybrid is a intelligent network proxy that stands in front of a farm of honeypots and redirect connections from low interaction to high interaction honeypots.
- robertdavidgraham/heartleech - Demonstrates the "heartbleed" problem using full OpenSSL stack
- rustyrussell/ccan - The C Code Archive Network
- okoeroo/CUDA-MD5-Crack - MD5 password cracker for CUDA
- okoeroo/drssl - DoctorSSL enables you to diagnose the SSL enables services and generate a report.
- openssl/openssl - TLS/SSL and crypto library
- tombkeeper/Talks - Slides and demos
- ggreer/the_silver_searcher - A code-searching tool similar to ack, but faster.
- viettug/winefish - Winefish LaTeX editor
- IOActive/SearchAndCollect - search and collect windows files from multiple locations on machine and store in one centralized directory
- sjvermeu/cvechecker - Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
- realtalk/cve-2013-2094 - original cve-2013-2094 exploit and a rewritten version for educational purposes
- saelo/cve-2014-0038 - Linux local root exploit for CVE-2014-0038
- lwoggardner/rfuse - Ruby FUSE bindings - write Filesystems in Ruby
- ddk50/winkvm - WinKVM: porting Linux KVM to the Microsoft Windows
- pjr/keycode-idrac - Keycode hack for iDrac javaws
- virtio-win/kvm-guest-drivers-windows - Windows paravirtualized
- GNS3/dynamips - Dynamips development
- Aorimn/dislocker - FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX
- quarkslab/quarkspwdump - Dump various types of Windows credentials without injecting in any process.
- ultravideo/kvazaar - An open-source HEVC encoder
- VirusTotal/yara - The pattern matching swiss knife
- stesie/hbcicron - HBCI transaction mailer
- skyhover/Deckard - Code clone detection; clone-related bug detection; sematic clone analysis
- defuse/sockstress - Sockstress (TCP DoS) implementation.
- offensive-security/exploitdb - The official Exploit Database repository
- kamailio/kamailio - Kamailio - The Open Source SIP Server for large VoIP and real-time communication platforms -
- hyperic/sigar - System Information Gatherer And Reporter
- dchest/historic-password-hashes - Historic password hashing algorithms
- FauxFaux/PuTTYTray - A continuation of Barry Haanstra (haanstra.eu)'s PuTTYTray
- gak/gravit - A gravity simulator
- mike-perdide/scikit-learn - scikit-learn main repo
- mike-perdide/pcoords-cli -
- BohuTANG/nessDB - A very fast transactional key-value, embedded database storage engine in Fractal-Tree. Teaching/Research purposes only.
- Mrktn/ccg - CCG is a random C Code Generator
- haiwen/seafile - High performance file syncing and sharing, with also Markdown WYSIWYG editing, Wiki, file label and other knowledge management features.
- rapid7/meterpreter - THIS REPO IS OBSOLETE. USE https://github.com/rapid7/metasploit-payloads INSTEAD
- danielfrg/word2vec - Python interface to Google word2vec
- m0wfo/cups - Ruby bridge to CUPS API
- panda-re/panda - Platform for Architecture-Neutral Dynamic Analysis
- robertdavidgraham/masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
- jtripper/sslnuke - Transparent proxy that decrypts SSL traffic and prints out IRC messages.
- rhuitl/hostap-07 - hostap from git:https://w1.fi/srv/git/hostap-07.git with minimal uClinux patches
- AndyA/psips - Replicate SPS/PPS in h264 bit streams
- gamelinux/pads - This is a fork of the last pads version (1.2) from Matt Shelton with the sguil patches and other patches to make it work on modern operating systems.
- rids43/Nypt - Custom wrapper for OpenSSL
- poliva/dexinfo - A very rudimentary Android DEX file parser
- glandium/vmfs-tools -
- BGerard/ios6passcodebypass - A hack that disables the iOS6 passcode (on jailbroken device)
- dnet/usbpwn-host - USBpwn source code for Windows hosts
- dnet/usbpwn-device - USBpwn source code for AVR USB device
- penberg/linux-kvm - Native Linux KVM tool
- Visgean/Zeus - NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repository is for study purposes only, do not message me about your lame hacking attempts.
- inliniac/barnyard2 - Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
- kost/libwmiclient - WMI client library - useful for monitoring/commanding Windows from other OSes
- stephenfewer/ReflectiveDLLInjection - Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
- inliniac/vuurmuur - Vuurmuur Firewall
- openwall/john - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
- Xen0ph0n/passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
- darkk/redsocks - transparent TCP-to-proxy redirector
- ckolivas/cgminer - ASIC and FPGA miner in c for bitcoin
- Hexxeh/rpi-firmware - Firmware files for the Raspberry Pi
- greatscottgadgets/hackrf - low cost software radio platform
- luke-jr/bfgminer - Modular ASIC/FPGA miner written in C, featuring overclocking, monitoring, fan speed control and remote interface capabilities.
- ganglia/monitor-core - Ganglia Monitoring core
- raspberrypi/linux - Kernel source tree for Raspberry Pi Foundation-provided kernel builds. Issues unrelated to the linux kernel should be posted on the community forum at https://forums.raspberrypi.com/
- sarfata/pi-blaster - PWM on the Raspberry pi - done properly (in hardware, stable)
- ajaiantilal/i7z - i7z tool
- dorimanx/exfat-nofuse - Android ARM Linux non-fuse read/write kernel driver for exFat and VFat Android file systems
- Openwsman/openwsman - Openwsman server implementation and client api with bindings
- jtripper/dns-tcp-socks-proxy - Simple daemon to tunnel DNS requests over SOCKS
- jtripper/parasite - Linux Runtime Process Injection Tool
- nicolasgomollon/RecordScreen - RecordScreen is a universal iPhone and iPad application that allows you to record your screen, even on non-jailbroken devices.
- anarchivist/pyflag - Fork/mirror of Darcs repo for PyFlag (Forensic and Log Analysis GUI)
- searchdaimon/enterprise-search - An open source search engine for corporate data and websites.
- OpenSecurityResearch/onedecrypt - PoC to decrypt the registry password stored by the WebEx One-Click client
- WaterJuice/WjCryptLib - Public Domain C Library of Cryptographic functions. Including: MD5, SHA1, SHA256, SHA512, RC4, AES, AES-CTR, AES-OFB, AES-CBC
- radii/undupfs - deduplicating FUSE backend
- gdbinit/hydra - A kernel extension and userland daemon to patch applications
- gdbinit/crackme_nr1 - fG!'s crackme #1 source code
- tmate-io/tmate - Instant Terminal Sharing
- bfleischer/fuse_wait - fuse_wait for Mac OS X 10.7 and later (timeout warning workaround)
- defuse/swatd - Run a script when one or more sensors fail.
- pkrumins/node-base64 - A base64 encoding and decoding C++ module for node.js that actually works! (node now has it's own base64 encoding, see docs!)
- abbbe/sslcaudit -
- crazyricky/SSLStrip-for-Android - SSLStrip for Android
- dlbeer/quirc - QR decoder library
- troydhanson/uthash - C macros for hash tables and more
- georgenicolaou/iDisasm - Icarus Disassembly Engine
- juergh/lqs2mem - Convert libvirt-QEMU-save (LQS) files to raw memory files
- rsmudge/metasploit-loader - A client compatible with Metasploit's staging protocol
- rumca-js/disktype - Linux commandline utility to display disk types
- google/ios-webkit-debug-proxy - A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
- ThomasHabets/xor-analyze - Program for cryptanalyzing xor "encryption" with variable key length
- gdbinit/gimmedebugah - A small utility to inject a Info.plist into binaries.
- ioerror/sslscan - sslscan tests SSL/TLS enabled services to discover supported cipher suites
- mushorg/BFR - Better Function Replacer based on APD
- b3h3moth/UnixCentric - Everything is focused on Unix systems. From C Language Programming to Unix Systems Programming and Kernel Hacking
- CoolerVoid/ninja_shell - Secure shell using port Knocking technique with AES256-GCM
- libvmi/libvmi - The official home of the LibVMI project is at https://github.com/libvmi/libvmi.
- m0nad/DNS-Discovery - DNS-Discovery is a multithreaded subdomain bruteforcer.
- redis/redis - Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs, Bitmaps.
- CERT-Polska/hsn2-razorback -
- kbandla/pydeep - Python bindings for ssdeep
- cuckoosandbox/cuckoomon - DEPRECATED - replaced with "monitor"
- a0rtega/pafish - Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
- neuroo/runtime-tracer - Dynamic tracing for binary applications (using PIN), IDA plugin to visualize and interact with the traces
- pakt/ropc - A Turing complete ROP compiler
- CTSRD-SOAAP/taintgrind -
- Laurelai/decompile-dump - Partial stuxnet source decompiled with hexrays, if anyone has better decompile tools feel free to contribute better versions.
- OISF/suricata - Suricata git repository maintained by the OISF
- arkem/pyflag - A fork of the pyflag forensics framework (this may be the most recently maintained version)
- fancycode/MemoryModule - Library to load a DLL from memory.
- penguin42/pocketdisassembler - A disassembler for multiple architectures that runs on Android (uses Binutils libopcode)
- axiak/pybloomfiltermmap - Fast Python Bloom Filter using Mmap
- radareorg/radare2 - UNIX-like reverse engineering framework and command-line toolset
- kernelslacker/trinity - Linux system call fuzzer
- gamelinux/cxtracker - Connection Tracker is a passive network connection tracker for profiling, history, auditing and network discovery.
- gamelinux/passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
- poliva/lightum - MacBook automatic light sensor daemon
- osxfuse/sshfs - File system based on the SSH File Transfer Protocol
- sleuthkit/sleuthkit - The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
- firnsy/barnyard2 - Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
- ioerror/tlsdate - secure parasitic rdate replacement
- proxytunnel/proxytunnel - Stealth tunneling through HTTP(S) proxies
- stricaud/faup - Fast URL decoder library
- 0vercl0k/j0llyDmpr - j0llydmper is a windows service that allows you to dump furtively and automaticaly some contents of USB disks just plugged in your computer. In order to dump potentialy interesting files, you can use a rule on the file name or/and on the file size.
- 0vercl0k/stuffz - Basically a script thrift shop
- gdbinit/gdb-ng - Apple's gdb fork with some fixes and enhancements
- mubix/keychaindump - A proof-of-concept tool for reading OS X keychain passwords
- juuso/keychaindump - A proof-of-concept tool for reading OS X keychain passwords
- wireghoul/sploit-dev - Exploits and research stuffs
- mubix/post-exploitation - Post Exploitation Collection
- pod2g/sendrawpdu - CLI tool to send raw SMS PDU data to the iPhone 4 baseband
- cyrus-and/httpfs - Remote FUSE filesystem via server-side script
- opexxx/tools - Random utilities
- radare/radare - advanced unix-like hexadecimal editor and debugger
- Pronghorn/pronghorn - DSD's submission for the DFRWS 2012 Forensics Challenge (http:https://www.dfrws.org/2012/challenge/)
- ikotler/tty64 - A collection of legacy projects, previously published on my old website
- MrTchuss/scl - Tool to help Shellcode development and use in exploits
- ikotler/shellcode - A collection of shellcodes
- MarioVilas/shellcode_tools - Miscellaneous tools written in Python, mostly centered around shellcodes.
- cyrus-and/zizzania - Automated DeAuth attack
- droe/sslsplit - Transparent SSL/TLS interception
- letolabs/nasm - Mirror of main nasm git repo at http:https://repo.or.cz/w/nasm.git
- merces/hdump - Fast, simple and portable hexadecimal/ASCII dumper
- merces/pev - The PE file analysis toolkit
- djrbliss/libplayground - A simple framework for developing Linux kernel heap exploit techniques
- fln/addrwatch - A tool similar to arpwatch for IPv4/IPv6 and ethernet address pairing monitoring.
- adamcaudill/ccsrch - Cross-platform credit card (PAN) search tool for security assessments
- monitoring-plugins/monitoring-plugins - Monitoring Plugins
- toucan-system/pmcma -
- jnraber/Hades - Windows driver for profiling and debugging ring 3 applications
- comex/star_ - star and saffron
- unmarshal/shellcode - A collection of shellcodes for BSD and Linux for exploit development
- bdamele/icmpsh - Simple reverse ICMP shell
- bdamele/shellcodeexec - Script to execute in memory a sequence of opcodes
- abrasive/shairport - Airtunes emulator! Shairport is no longer maintained.
- dzzie/sclog - shellcode logging application which runs the code LIVE and inserts hooks on key api. This is an update to the base project as found on the labs.idefense.com website
- netsniff-ng/netsniff-ng - A Swiss army knife for your daily Linux network plumbing.
- selkhateeb/hardlink - a simple command-line utility that implements hardlinks on Mac OsX
- haad/proxychains - proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
- dzzie/SCDBG - note: current build is VS_LIBEMU project. This cross platform gcc build is for Linux users but is no longer updated. modification of the libemu sctest project to add basic debugger capabilities and more output useful for manual RE. The newer version will run under WINE
- struct/QueMod - Transparently hooks network traffic inline with netfilterqueue
- koto/blog-kotowicz-net-examples - Code Examples for blog.kotowicz.net
- mreiferson/py-wkhtmltox - Python bindings for libwkhtmltox using Cython
- tmbinc/bgrep - Binary Grep
- orj/mod_bonjour - Fixes applied to Apple's mod_bonjour.
- b4winckler/macvim - Vim - the text editor - for Mac OS X
- Sha0/winvblock - WinVBlock (derived from WinAoE) AoE, MEMDISK, GRUB4DOS RAM Disk, File-Backed Disk Driver
- Sha0/gpxe - gPXE Network Boot-Loader
- msysgit/git - msysGit-based Git for Windows 1.x is now superseded by Git for Windows 2.x
- opexxx/lanmap2 - builds database/visualizations of LAN structure from passively sifted information
- msysgit/msysgit - msysGit has been superseded by Git for Windows 2.x
- sparklemotion/nokogiri - Nokogiri (鋸) makes it easy and painless to work with XML and HTML from Ruby.
- ThomasHabets/arping - ARP Ping
- NetworkBlockDevice/nbd - Network Block Device
- rflynn/lanmap2 - builds database/visualizations of LAN structure from passively sifted information
- robins/pdfcrack - PDF Crack
- uzbl/uzbl - A web browser that adheres to the unix philosophy.
- rieck/malheur - A Tool for Automatic Analysis of Malware Behavior
- noahwilliamsson/distributedcracking.net-client - A John the Ripper client patched for running against the distributedcracking.net software
- cube0x0/noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
- A-D-Team/SharpMemshell - Memshell
- matterpreter/FindETWProviderImage - Quickly search for references to a GUID in DLLs, EXEs, and drivers
- arsium/EagleMonitorRAT - Remote Access Tool Written In C#
- secdev-01/AllTheThingsExec - Executes Blended Managed/Unmanged Exports
- SharpC2/SharpC2 - Command and Control Framework written in C#.
- CCob/BeaconEye - Hunts out CobaltStrike beacons and logs operator command output
- connormcgarr/LittleCorporal - LittleCorporal: A C# Automated Maldoc Generator
- cube0x0/CVE-2021-1675 - C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
- yasenstar/cloud_computing - information on cloud computing that Yasen are learning
- GhostPack/Certify - Active Directory certificate abuse.
- Azure/template-analyzer - ARM Template scanner for security misconfiguration and best practices
- improsec/ImproHound - Identify the attack paths in BloodHound breaking your AD tiering
- OlivierLaflamme/DNSWho - transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
- FortyNorthSecurity/CIMplant - C# port of WMImplant which uses either CIM or WMI to query remote systems
- mitchmoser/SharpShares - Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
- FeigongSec/NTLMINFO -
- RowTeam/SharpDetectionNTLMSSP - 利用 NTLMSSP 探测 Windows 信息
- juliourena/SharpNoPSExec - Get file less command execution for lateral movement.
- TheWover/CertStealer - A .NET tool for exporting and importing certificates without touching disk.
- marius-rothenbuecher/PentestBro - Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses subdomain list of SecLists. Uses nmap service probes for banner grabbing. Uses list of paths for web enumeration.
- BloodHoundAD/SharpHound3 - C# Data Collector for the BloodHound Project, Version 3
- Kevin-Robertson/Sharpmad - C# version of Powermad
- swisskyrepo/SharpLAPS - Retrieve LAPS password from LDAP
- rvrsh3ll/SharpSSDP - SSDP Service Discovery
- Aetsu/OffensivePipeline - OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
- 0xyg3n/UAC_Exploit - Escalate as Administrator bypassing the UAC affecting administrator accounts only.
- Flangvik/AzureC2Relay - AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
- RiccardoAncarani/TaskShell -
- rvrsh3ll/SharpSMBSpray - Spray a hash via smb to check for local administrator access
- S3cur3Th1sSh1t/SharpByeBear - AppXSVC Service race condition - privilege escalation
- Viralmaniar/BigBountyRecon - BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
- svenmauch/WinSlap - Swiftly configure a fresh Windows 10 installation with useful tweaks and antispy settings.
- JamesCooteUK/SharpSphere - .NET Project for Attacking vCenter
- py7hagoras/CovenantTasks - Source for tasks I have used with Covenant
- pardeike/Harmony - A library for patching, replacing and decorating .NET and Mono methods during runtime
- FSecureLABS/SharpClipHistory - SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.
- builtbybel/privatezilla - 👀👮🐢🔥Performs a privacy & security check of Windows 10
- hellzerg/optimizer - Make Windows faster and more secure
- SnaffCon/Snaffler - a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
- RamblingCookieMonster/Docker-PowerShell - PowerShell Module for Docker
- vletoux/RPCForSMBLibrary - Extension of SMBLibrary for RPC calls
- TalAloni/SMBLibrary - Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0, SMB 2.1 and SMB 3.0 server and client library
- mez-0/DecryptRDCManager - .NET 4.0 Remote Desktop Manager Password Gatherer
- mez-0/MoveScheduler - .NET 4.0 Scheduled Job Lateral Movement
- mez-0/CSharpWinRM - .NET 4.0 WinRM API Command Execution
- dotnet/ILMerge - ILMerge is a static linker for .NET Assemblies.
- ITAYC0HEN/SUNBURST-Cracked - The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
- PowerShell/SecretManagement - PowerShell module to consistent usage of secrets through different extension vaults
- jfmaes/SharpHandler -
- sshnet/SSH.NET - SSH.NET is a Secure Shell (SSH) library for .NET, optimized for parallelism.
- GoSecure/WSuspicious - WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
- jfmaes/SharpZipRunner - Executes position independent shellcode from an encrypted zip
- mubix/solarflare - SolarWinds Orion Account Audit / Password Dumping Utility
- checkymander/Zolom - C# Executable with embedded Python that can be used reflectively to run python code on systems without Python installed
- pelparp/SolrDecoder -
- awillard1/Pen-Test-Tools - All the information provided on this site is for educational purposes only.
- S3cur3Th1sSh1t/Sharp-HackBrowserData - C# binary with embeded golang hack-browser-data
- nccgroup/Carnivore - Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb
- cube0x0/SharpMapExec -
- MicrosoftLearning/AZ500-AzureSecurityTechnologies - Microsoft Azure Security Technologies
- thehlopster/SignHackTool - Sign your file with expired certificates
- PwnDexter/SharpEDRChecker - Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
- microsoft/PowerToys - Windows system utilities to maximize productivity
- xforcered/StandIn - StandIn is a small .NET35/45 AD post-exploitation toolkit
- PowerShell/SecretStore -
- wavvs/doctrack - Tool to insert tracking pixels into Office Open XML documents.
- hotnops/COM_Mapper - A tool to create COM class/interface relationships in neo4j
- fozavci/ta505plus - TA505+ Adversary Simulation
- leoloobeek/subTee-gits-backups - subTee gists code backups
- leftp/VmdkReader - .NET 4.0 Console App to browse VMDK / VHD images and extract files
- DiscUtils/DiscUtils - Utility libraries to interact with discs, filesystem formats and more
- AdysTech/CredentialManager - C# wrapper around CredWrite / CredRead functions to store and retreive from Windows Credential Store
- G0ldenGunSec/wmiServSessEnum - .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
- ReverendThing/Carnivore - Microsoft External Attack Tool
- sp00ks-git/nps - Not PowerShell
- sp00ks-git/Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
- sp00ks-git/Rubeus - Trying to tame the three-headed dog.
- G0ldenGunSec/SharpSecDump - .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
- mvelazc0/PurpleSharp - PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
- EncodeGroup/RegSave - A .NET implementation to dump SAM / SECURITY / SYSTEM registry hives
- EncodeGroup/Gopher - C# tool to discover low hanging fruits
- EncodeGroup/SharpDirLister - .NET 4.0 Fast Directory / File Lister
- mgeeky/Stracciatella - OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
- eladshamir/Internal-Monologue - Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
- cobbr/SharpSploit - SharpSploit is a .NET post-exploitation library written in C#
- rvrsh3ll/MSBuildAPICaller - MSBuild Without MSBuild.exe
- GhostPack/Lockless - Lockless allows for the copying of locked files.
- GhostPack/SharpDPAPI - SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
- b4rtik/SharpKatz - Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
- b4rtik/RedPeanut - RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
- sailay1996/SeBackupPrivilege - Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to
- ustayready/SharpHose - Asynchronous Password Spraying Tool in C# for Windows Environments
- LuckyPi/PushPin -
- jwillyamz/ezEmu - See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
- Mr-B0b/SpaceRunner - This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace.
- ConsciousHacker/Get-RBCD-Threaded - Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments
- djhohnstein/CSharpCreateThreadExample - C# code to run PIC using CreateThread
- leechristensen/RequestAADRefreshToken -
- checkymander/Carbuncle - Tool for interacting with outlook interop during red team engagements
- dirkjanm/ROADtoken -
- bohops/SharpRDPHijack - A POC Remote Desktop (RDP) session hijack utility for disconnected sessions
- jfmaes/TrustJack - Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows
- am0nsec/SharpHellsGate - C# Implementation of the Hell's Gate VX Technique
- cyberark/Evasor - A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
- tomcarver16/ADSearch - A tool to help query AD via the LDAP protocol
- CCob/SharpBlock - A method of bypassing EDR's active projection DLL's by preventing entry point exection
- KevReed/PlantUml.Net - a .Net wrapper for PlantUml
- QAX-A-Team/BrowserGhost - 这是一个抓取浏览器密码的工具,后续会添加更多功能
- RedLectroid/SearchOutlook - A C# tool to search through a running instance of Outlook for keywords
- ZecOps/CVE-2020-1206-POC - CVE-2020-1206 Uninitialized Kernel Memory Read POC
- Flangvik/BetterSafetyKatz - Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.
- tophertimzen/shellcodeTester - GUI Application in C# to run and disassemble shellcode
- dmchell/Sniper - A simple proof of concept for detecting use of Cobalt Strike's execute-assembly
- jasondrawdy/Forerunner - Fast and extensible network scanning library featuring multithreading, ping probing, and scan fetchers.
- stufus/reconerator - C# Targeted Attack Reconnissance Tools
- rasta-mouse/Watson - Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
- djhohnstein/EventLogParser - Parse PowerShell and Security event logs for sensitive information.
- GhostPack/Seatbelt - Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
- 3CORESec/S2AN - S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
- dev-2null/ADCollector - A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
- amitwaisel/Malproxy - Proxy system calls over an RPC channel
- 0xthirteen/SharpMove - .NET Project for performing Authenticated Remote Execution
- 0xthirteen/SharpStay - .NET project for installing Persistence
- orlikoski/CyLR - CyLR - Live Response Collection Tool
- deadjakk/Reg1c1de - Registry permission scanner written in C# for finding potential privesc avenues within registry
- rvrsh3ll/Rubeus-Rundll32 - Run Rubeus via Rundll32
- BeichenDream/BadPotato - Windows 权限提升 BadPotato
- Viralmaniar/HiveJack - This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.
- odedshimon/BruteShark - Network Analysis Tool
- Flangvik/NetLoader - Loads any C# binary in mem, patching AMSI + ETW.
- atredispartners/CVE-2018-0952-SystemCollector - PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service
- microsoft/WindowsProtocolTestSuites - ⭐⭐Join us at SNIA EMEA SDC SMB3 IO Lab 2022 (6/14 - 6/16)
- gpoguy/setpol - Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)
- mdsecactivebreach/sitrep -
- dahall/Vanara - A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
- emberstack/docker-sftp - SFTP Server for Docker
- CCob/SweetPotato - Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
- bitsadmin/fakelogonscreen - Fake Windows logon screen to steal passwords
- onSec-fr/Http-Asynchronous-Reverse-Shell - [POC] Asynchronous reverse shell using the HTTP protocol.
- HunnicCyber/SharpML - Machine Learning Network Share Password Hunting Toolkit
- fox-it/LDAPFragger -
- nccgroup/WinShareEnum - Windows Share Enumerator
- 3xpl01tc0d3r/Callidus -
- gerardog/gsudo - A Sudo for Windows
- MicrosoftLearning/AZ-500-Azure-Security -
- CyberPoint/Ruxcon2016ETW - Ruxcon2016 POC Code
- RedCursorSecurityConsulting/CVE-2020-0668 - Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
- FSecureLABS/physmem2profit - Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
- 0x09AL/AzureCLI-Extractor - A tool to extract and abuse access tokens from AzureCLI for bypassing 2FA/MFA.
- V1V1/DecryptTeamViewer - Enumerate and decrypt TeamViewer credentials from Windows registry
- FatRodzianko/Get-RBCD-Threaded - Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory environments
- antonioCoco/RunasCs - RunasCs - Csharp and open version of windows builtin runas.exe
- basic4/WiDucky - WiFi Enabled USB Rubber Ducky
- 0xthirteen/SharpRDP - Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
- outflanknl/Net-GPPPassword - .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy Preferences.
- microsoft/ApplicationInspector - A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
- zacateras/sddl-parser - Security Descriptor Definition Language (SDDL) Parser
- Kudaes/LOLBITS - C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.
- nccgroup/SCOMDecrypt - SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers
- Pickfordmatt/SharpLocker -
- RedXRanger/StageStrike - Custom Cobalt Strike stagers using different methods of thread execution and memory allocation
- obfuscar/obfuscar - Open source obfuscation tool for .NET assemblies
- Metalnem/noise - .NET Standard 1.3 implementation of the Noise Protocol Framework (revision 33 of the spec)
- carlospolop/PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
- 3xpl01tc0d3r/ProcessInjection - This program is designed to demonstrate various process injection techniques
- goliate/hidden-tear - ransomware open-sources
- Azure/azure-functions-core-tools - Command line tools for Azure Functions
- microsoft/binskim - A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
- jimradford/superputty - The SuperPuTTY Window Manager for putty sessions
- m0rv4i/SafetyDump - Dump stuff without touching disk
- Crypto-Notepad/Crypto-Notepad - 🔑 Simple notepad for Windows with encryption features
- colinodell/lync-productivity-timer - Automatically sets your Lync status to "Busy" or "DND" for x minutes
- WetHat/OnenoteTaggingKit - OneNote (desktop) add-in to manage OneNote pages by page tags
- atrenton/MyJournal.Notebook - My Journal Add-In for Microsoft OneNote
- eidoom/onenote2pdf - Tool to export OneNote to PDF
- elvirbrk/NoteHighlight2016 - Source code syntax highlighting for OneNote 2016 and OneNote for O365 . NoteHighlight 2013 port for OneNote 2016 (32-bit and 64-bit)
- woanware/LogViewer - LogViewer for viewing and searching large text files...
- ashr/netrefject - Inject .Net payloads into other .Net assemblies on disk
- sf197/Telegra_Csharp_C2 - Command and Control for C# Writing
- Fody/Home - The landing page for Fody repositories
- Fody/Costura - Embed references as resources
- chrizator/WMIGatherer - A WMI wrapper and system information gathering library
- chrizator/BrowserHistoryGatherer - A library for gathering history entries of major browsers
- rtcrowley/StormlightDinosaur - Intrusion Detection C# app for standlone Windows workstations
- XenocodeRCE/neo-ConfuserEx - Updated ConfuserEX, an open-source, free obfuscator for .NET applications
- djhohnstein/SharpShares - Enumerate all network shares in the current domain. Also, can resolve names to IP addresses.
- mandiant/DueDLLigence -
- malcomvetter/CSExec - An implementation of PSExec in C#
- n1xbyte/donutCS - dem sharp donuts
- mbdavid/LiteDB - LiteDB - A .NET NoSQL Document Store in a single data file - https://www.litedb.org
- ohhsodead/FileMasta - A search application to explore, discover and share online files
- Dijji/FileMeta - Enable Explorer in Vista, Windows 7 and later to see, edit and search on tags and other metadata for any file type
- julianpaulozzi/LiteDbExplorer - Viewer and editor for LiteDB v4 databases.
- sepich/SynNotes - Syntax highlighted Notes manager
- MathewSachin/Captura - Capture Screen, Audio, Cursor, Mouse Clicks and Keystrokes
- Tichau/FileConverter - File Converter is a very simple tool which allows you to convert and compress one or several file(s) using the context menu in windows explorer.
- Mr-Un1k0d3r/MiniDump - alternative to procdump
- med0x2e/GadgetToJScript - A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
- zodiacon/EtwExplorer - View ETW Provider manifest
- vivami/SauronEye - Search tool to find specific files containing specific words, i.e. files containing passwords..
- outflanknl/SharpHide - Tool to create hidden registry keys.
- tyranid/WindowsRpcClients - This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.
- TechnitiumSoftware/DnsServer - Technitium DNS Server
- ElevenPaths/FOCA - Tool to find metadata and hidden information in the documents.
- collinbarrett/FilterLists - 🛡️ The independent, comprehensive directory of filter and host lists for advertisements, trackers, malware, and annoyances.
- jwallet/spy-spotify - 🎤 Records Spotify to mp3 without ads and adds media tags to the files 🎵
- Marusyk/grok.net - .NET implementation of the grok 📝
- Hackplayers/Salsa-tools - Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
- ohjeongwook/PowerShellRunBox - Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
- Fody/Fody - Extensible tool for weaving .net assemblies
- WBGlIl/IIS_backdoor - backdoor
- ALBY-Project/ALBY -
- FuzzySecurity/DotNetToJScript-LanguageModeBreakout -
- anthemtotheego/SharpSploitConsole -
- woanware/wmi-parser - Parses the WMI object database....looking for persistence
- djhohnstein/WireTap - .NET 4.0 Project to interact with video, audio and keyboard hardware.
- rvrsh3ll/Sharp-Suite - My musings with C#
- mandiant/SharPersist -
- GoogleCloudPlatform/iap-desktop - IAP Desktop is a Windows application that provides zero-trust Remote Desktop and SSH access to Linux and Windows VMs on Google Cloud.
- rvrsh3ll/SharpExcel4-DCOM - Port of Invoke-Excel4DCOM
- infosecn1nja/SharpDoor - SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.
- automatize-it/eml-attachments - Extracts attachments from .eml files
- mubix/certexp - Certificate Export Utility
- dotnet/Kerberos.NET - A Kerberos implementation built entirely in managed code.
- ceramicskate0/AddReferenceDotRedTeam - A PoC to show how to add code to C# and dotNet and make it reusable for Red Team operations. Maybe one day it will be the largest collection of C# red team projects in 1 Lib.
- guillaC/wsManager - Webshell Manager
- matterpreter/Shhmon - Neutering Sysmon via driver unload
- HunnicCyber/SharpSniper - Find specific users in active directory via their username and logon IP address
- pwntester/ysoserial.net - Deserialization payload generator for a variety of .NET formatters
- Wohlstand/Destroy-Windows-10-Spying - !!!UNMAINTAINED!!! Destroy Windows Spying tool
- shibayan/Sharprompt - Interactive command-line based application framework for C#
- Mr-Un1k0d3r/RedTeamCSharpScripts - C# Script used for Red Team
- randyrants/sharpkeys - SharpKeys is a utility that manages a Registry key that allows Windows to remap one key to any other key.
- 3xpl01tc0d3r/Minidump - The program is designed to dump full memory of the process by specifing process name or process id.
- djhohnstein/SharpChromium - .NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
- WOA-Project/WOA-Deployer-Rpi - WOA Deployer for Raspberry Pi
- HunnicCyber/SharpDomainSpray - Basic password spraying tool for internal tests and red teaming
- xforever1313/Filesing - A tool to search file contents and file names for a list of strings.
- djhohnstein/.NET-Profiler-DLL-Hijack - Implementation of the .NET Profiler DLL hijack in C#
- dionach/NtdsAudit - An Active Directory audit utility
- EternalC0der/TeleShadow3 - Telegram Desktop Session Stealer
- microsoft/AttackSurfaceAnalyzer - Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
- secgroundzero/SharpAttack - C# Situational Awareness Script
- markgamache/gMSA - fun code for dealing with AD Group Managed Service Accounts
- tyranid/DeviceGuardBypasses - A repository of some of my Windows 10 Device Guard Bypasses
- harleyQu1nn/AggressorScripts - Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
- t3ntman/Social-Engineering-Payloads - Collection of social engineering payloads
- leoloobeek/csharp - Various C# projects for offensive security
- P1CKLES/SharpBox - SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.
- cobbr/InsecurePowerShellHost - InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.
- nettitude/SharpSocks - Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell
- BloodHoundAD/SharpHound2 - The Old BloodHound C# Ingestor (Deprecated)
- SpiderLabs/SharpCompile - SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing using beacon's 'execute-assembly' in seconds.
- anthemtotheego/SharpCradle -
- Kevin-Robertson/InveighZero - .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
- SpiderLabs/DoHC2 - DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).
- cobbr/SharpGen - SharpGen is a .NET Core console application that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applications or libraries.
- 0xbadjuju/rundotnetdll32 - A tool to run .Net DLLs from the command line
- pwndizzle/c-sharp-memory-injection - A set of scripts that demonstrate how to perform memory injection in C#
- cobbr/SharpShell - SharpShell is a proof-of-concept offensive C# scripting engine that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applications or libraries.
- chrismaddalena/SharpCloud - Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.
- FuzzySecurity/Sharp-Suite - Also known by Microsoft as Knifecoat 🌶️
- rvrsh3ll/SharpCOM - CSHARP DCOM Fun
- cobbr/Elite - Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
- marcin-chwedczuk/dll-inject - Simple DLL injector written in C#
- antman1p/SharpProcEnum - .NET tool for enumeration processes and dumping memory.
- decoder-it/powershellveryless - Constrained Language Mode + AMSI bypass all in one
- matterpreter/OffensiveCSharp - Collection of Offensive C# Tooling
- mdsecactivebreach/Browser-ExternalC2 - External C2 Using IE COM Objects
- rvrsh3ll/CPLResourceRunner - Run shellcode from resource
- djhohnstein/SharpSearch - Search files for extensions as well as text within.
- rasta-mouse/CollectorService -
- GavinYellow/SharpSCADA - C# SCADA
- NetSPI/DAFT - DAFT: Database Audit Framework & Toolkit
- malcomvetter/ManagedInjection - A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
- matterpreter/DefenderCheck - Identifies the bytes that Microsoft Defender flags on.
- outflanknl/EvilClippy - A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
- mandiant/SilkETW -
- falahati/NetworkAdapterSelector - A simple solution to let you force bind a program to a specific network adapter
- zodiacon/ProcMonX - Extended Process Monitor-like tool based on Event Tracing for Windows
- anthemtotheego/SharpExec -
- FSecureLABS/SharpGPOAbuse - SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
- certsocietegenerale/NotifySecurity - Outlook add-in companion to report suspicious mail easily
- mandiant/ADFSDump -
- cobbr/Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
- samk1/IISPowershellModule - IIS Handler for *.ps1 files
- rasta-mouse/EWSToolkit - Abusing Exchange via EWS
- pkb1s/SharpAllowedToAct - Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
- yatt-ze/The-Collection - Collection of cracked malware, and ebooks
- 0xbadjuju/TellMeYourSecrets - A C# DLL to Dump LSA Secrets
- NetSPI/MonkeyWorks -
- 0xbadjuju/WheresMyImplant - A Bring Your Own Land Toolkit that Doubles as a WMI Provider
- dnSpy/dnSpy - .NET debugger and assembly editor
- rasta-mouse/TikiTorch - Process Injection
- anthemtotheego/SharpNado -
- vinifr/-ListNetworks - Enumerate all visible network printers in local network
- tevora-threat/SharpView - C# implementation of harmj0y's PowerView
- rvrsh3ll/SharpPrinter - Discover Printers
- panagioto/SharpExchangePriv - A C# implementation of PrivExchange by @_dirkjan.
- pornin/TestSSLServer -
- rvrsh3ll/SharpFruit - A C# penetration testing tool to discover low-haning web fruit via web requests.
- zacbrown/PowerKrabsEtw - PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
- LazoCoder/Windows-Hacks - Creative and unusual things that can be done with the Windows API.
- tyranid/oleviewdotnet - A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
- richardszalay/pshosts - PowerShell cmdlets for modifying the hosts file on Windows, Linux, and macOS
- cyberark/zBang - zBang is a risk assessment tool that detects potential privileged account threats
- GreyCorbel/admpwd - AdmPwd project
- bitsadmin/nopowershell - PowerShell rebuilt in C# for Red Teaming purposes
- checkymander/Sharp-SMBExec - SMBExec C# module
- checkymander/Sharp-WMIExec -
- lucasg/Dependencies - A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
- gourk/FirePwd.Net - Password reader for Mozilla Firefox and Thunderbird
- djhohnstein/SharpWeb - .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
- GhostPack/Rubeus - Trying to tame the three-headed dog.
- leechristensen/OffensivePowerShellTasking - Run multiple PowerShell scripts concurrently in different app domains!
- microsoft/DbgShell - A PowerShell front-end for the Windows debugger engine.
- Schillings/SwordPhish - Schillings SwordPhish empowers organisations and engages its employees to establish the key component of any cyber security strategy: the Human Firewall.
- n0dec/MalwLess - Test Blue Team detections without running any attack.
- spboyer/dotnet-upforgrabs - .NET Core Global Tool to help you get started with contributing to Open Source projects.
- codewhitesec/LethalHTA - Lateral Movement technique using DCOM and HTA
- foxglovesec/HPwn - HP printer security research code
- malcomvetter/NamedPipes - A pattern for client/server communication via Named Pipes via C#
- Starli0n/TLArchiver - Archive media of a Telegram talk (http:https://telegram.org)
- mkropat/MlkPwgen - Secure random password generator for .NET and PowerShell
- rzander/ruckzuck - software package manager for windows
- mrwiora/hashPwd - passphrase generator
- vletoux/ADSecrets - Set of ultra technical notes about AD
- vletoux/pingcastle - PingCastle - Get Active Directory Security at 80% in 20% of the time
- leechristensen/SpoolSample - PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
- valsov/BackNet - Remote Administration Tool with botnet capability, Windows
- jfabry-noc/Base64Coder - Simple console-based application to encode and decode to and from base 64, with both command line switches and an interactive mode.
- mitm-dev/GPP-Automatic - Fully Automated Tool to Extract and Decrypt Passwords from Miscrosoft Group Policy Preferences
- 0xbadjuju/Tokenvator - A tool to elevate privilege with Windows Tokens
- Mr-Un1k0d3r/MaliciousClickOnceGenerator - Quick Malicious ClickOnceGenerator for Red Team
- jephthai/OpenPasswordFilter - An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.
- ceramicskate0/App_to_Fire_Balloon_Tip_on_passed_CMD_Args - App_to_Fire_Balloon_Tip_on_passed_CMD_Args
- pumasecurity/puma-scan - Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.
- GhostPack/SharpUp - SharpUp is a C# port of various PowerUp functionality.
- GhostPack/SharpRoast - DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.
- GhostPack/SafetyKatz - SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
- GhostPack/SharpDump - SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
- GhostPack/SharpWMI - SharpWMI is a C# implementation of various WMI functionality.
- hermitdave/FrequencyWords - Repository for Frequency Word List Generator and processed files
- zacbrown/PowerShellMethodAuditor - PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
- inchara/ShowDscResource - A Powershell ISE addon which speeds up DSC configuration scripting by presenting all information about DSC resources on the system.
- GhostPack/KeeThief - Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
- cerebrate/carob - A simple utility to automatically elevate and run chocolatey.
- Dynatrace/superdump - A service for automated crash-dump analysis
- Excel-projects/Server-Help - 💻 This VSTO Add-In allows the user to ping a list of servers and creates a file for Microsoft Remote Desktop Manager an Excel table. This is used for quickly determining which servers are offline in a list. It is written in 3 different versions as a VSTO Add-In in C# and VB.NET as well as a VBA Add-In.
- quasar/Quasar - Remote Administration Tool for Windows
- nsacyber/Windows-Event-Log-Messages - Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber
- Invoke-IR/uprootd - Service for Uproot IDS Listening Post
- EricZimmerman/USBDevices - Get USB Devices from Registry hives
- 3gstudent/Smallp0wnedShell - Small modification version of p0wnedShell
- dotnet/msbuild - The Microsoft Build Engine (MSBuild) is the build platform for .NET and Visual Studio.
- 3gstudent/p0wnedShell-DarkVersion - Add my own POC to test Visual Studio trick to run code when building
- zcgonvh/SSMSPwd - SQL Server Management Studio(SSMS) saved password dumper
- zcgonvh/cve-2017-7269-tool - CVE-2017-7269 to webshell or shellcode loader
- syphersec/PowerOPS - PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
- nccgroup/WMIcmd - A command shell wrapper using only WMI for Microsoft Windows
- Cn33liz/CScriptShell - CScriptShell, a Powershell Host running within cscript.exe
- secvulture/dvta - Damn Vulnerable Thick Client App
- dxflatline/flatpipes - A TCP proxy over named pipes. Originally created for maintaining a meterpreter session over 445 for less network alarms.
- DamonMohammadbagher/NativePayload_ICMP - C# code for Transferring Backdoor Payloads by ICMPv4 Traffic and bypassing Anti-Viruses
- tyranid/DotNetToJScript - A tool to create a JScript file which loads a .NET v2 assembly from memory.
- HackingThings/CAN-Bus-Arduino-Tool - A tool for performing replay and sniffing CAN bus traffic.
- realalexandergeorgiev/tempracer - A Windows priviledge escalation tool (abusing race conditions)
- owaspjocur/OwaspPciToolkit - PCI-DSS toolkit to help scope web applications
- endgameinc/Py2ExeDecompiler -
- NLog/NLog - NLog - Advanced and Structured Logging for Various .NET Platforms
- ShaneK2/inVtero.net - inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
- EricZimmerman/Prefetch - Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
- EricZimmerman/Lnk - Lnk file parser
- EricZimmerman/LECmd - Lnk Explorer Command line edition!!
- bhdresh/lazykatz - Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.
- mRemoteNG/mRemoteNG - mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.
- DamonMohammadbagher/NativePayload_DNS - C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses
- HynekPetrak/nmap2web - Full text search engine for nmap results. Written in C# ASP.NET
- brandonprry/gray_hat_csharp_code - This repository contains full code examples from the book Gray Hat C#
- apache/lucenenet - Apache Lucene.NET
- chocolatey/choco - Chocolatey - the package manager for Windows
- alphaleonis/AlphaVSS - AlphaVSS is a .NET class library released under the MIT license providing a managed API for the Volume Shadow Copy Service also known as VSS.
- DanielRTeixeira/Malware -
- sbidy/PS-ExecutionMonitor - An approach to monitor the PowerShell event log for malicious events.
- p3nt4/PowerShdll - Run PowerShell with rundll32. Bypass software restrictions.
- jajp777/PowerForensics_Source -
- ctigeek/InvokeQueryPowershellModule - A Powershell module of Cmdlets for querying most types of databases.
- thoemmi/AerialForWindows - Aerial For Windows is a Windows screen saver based on the new Apple TV screen saver
- NickeManarin/ScreenToGif - 🎬 ScreenToGif allows you to record a selected area of your screen, edit and save it as a gif or video.
- manojlds/redditps - Reddit provider for Powershell
- guidooliveira/PSWord - Powershell module for creation and manipulation of Docx files without needing Microsoft Office Installed
- powercode/PSParallel - PowerShell module to invoke scriptblocks in parallel runspaces
- winsw/winsw - A wrapper executable that can run any executable as a Windows service, in a permissive license.
- thoemmi/7Zip4Powershell - Powershell module for creating and extracting 7-Zip archives
- andrewburgess/sparks-pdf - PDF Creation Library
- DnevnikRu/PDFSharp - A .NET library for processing PDF
- jstedfast/MimeParserBenchmark - Benchmark for popular MIME parsers for .NET
- jstedfast/MimeKit - A .NET MIME creation and parser library with support for S/MIME, PGP, DKIM, TNEF and Unix mbox spools.
- raandree/NTFSSecurity - Managing permissions with PowerShell is only a bit easier than in VBS or the command line as there are no cmdlets for most day-to-day tasks like getting a permission report or adding permission to an item. PowerShell only offers Get-Acl and Set-Acl but everything in between getting and setting the ACL is missing. This module closes the gap.
- Netflix/Fido -
- Cn33liz/SmashedPotato -
- googleprojectzero/sandbox-attacksurface-analysis-tools - Set of tools to analyze Windows sandboxes for exposed attack surface.
- igoravl/TfsCmdlets - PowerShell Cmdlets for Azure DevOps and Team Foundation Server
- Iristyle/PerfTap - A Windows PerfMon monitoring service that pushes data to a graphite server
- itext/itextsharp - [DEPRECATED] .NET port of the iText library, only security fixes will be added — please use iText 7 for .NET
- powercode/PSEverything - PowerShell commandlets for the local search engine Everything
- powercode/PSExt - Windows Debuggers extension for PowerShell
- itadder/PoshLook - Exchange Powershell / Cli Email Client (like pine, but powershell based). And also to be used in automation scripts. Little by little start adding other Exchange features, like Calendar, Task/Reminders, and Contact list. CLI client, for those who spend all day in powershell and Conemu.
- ElevenPaths/EvilFOCA - Tool to analyze and test security in IPv4 and IPv6 data networks
- GDSSecurity/PSAttack - A portable console aimed at making pentesting with PowerShell a little easier.
- mgr32/PsISEProjectExplorer - Powershell ISE Addon - Project Explorer
- Ben0xA/nps - Not PowerShell
- PowerShell/PowerShell - PowerShell for every system!
- foxglovesec/RottenPotato - RottenPotato local privilege escalation from service account to SYSTEM
- PoshSec/PoshSecFramework - A framework for PowerShell and PoshSec scripts for network management, security, and maintenance.
- Nummer/Destroy-Windows-10-Spying - Destroy Windows Spying tool
- Raikia/CredNinja - A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
- MichaelGrafnetter/DSInternals - Directory Services Internals (DSInternals) PowerShell Module and Framework
- beefarino/seeshell - PowerShell module for simple data visualization
- bitbeans/SimpleDnsCrypt - A simple management tool for dnscrypt-proxy
- EricZimmerman/JLECmd - Automatic and Custom Destinations jump list parser with Windows 10 support
- PowerShell/platyPS - Write PowerShell External Help in Markdown
- ebekker/ACMESharp - An ACME client library and PowerShell client for the .NET platform (Let's Encrypt)
- guyoung/GySurface - .NET WPF Framework
- davotronic5000/PowerShell_Credential_Manager - PowerShell Module to Read and Write Credentials from the Windows Credential Manager
- foxglovesec/Potato -
- Kevin-Robertson/Inveigh - .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
- Cn33liz/p0wnedLoader -
- Cn33liz/p0wnedShell - PowerShell Runspace Post Exploitation Toolkit
- Invoke-IR/PowerForensics - PowerForensics provides an all in one platform for live disk forensic analysis
- brandonlw/Psychson - Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)
- Meddington/OutlookPrivacyPlugin - A PGP encryption plugin for Outlook 2010, 2013 and 2016.
- monoxgas/Trebuchet - MS15-076 Privilege Escalation
- Noxwizard/dnscrypt-winclient - Windows client for managing the DNSCrypt Proxy
- opendns/dnscrypt-win-client - Windows front end for DNSCrypt Proxy
- PowerShell/PSScriptAnalyzer - Download ScriptAnalyzer from PowerShellGallery
- charlesw/tesseract - A .Net wrapper for tesseract-ocr
- joachimmetz/dokan - Clone of dokan (https://code.google.com/p/dokan/) for libyal builds
- zone117x/Jackett - Use just about any tracker with Sonarr
- Sonarr/Sonarr - Smart PVR for newsgroup and bittorrent users.
- Code52/carnac - A utility to give some insight into how you use your keyboard
- dredix/VisualSearch - A Windows Forms tool for searching across multiple text files
- bwight/CloudInit.NET - CloudInit.NET is a service like the linux CloudInit application but designed for windows. Useful for Amazon EC2 but could be used for other environments as well. The service will download a file when the server starts and execute the code as a powershell script.
- neuecc/RespClient - RespClient is a minimal RESP(REdis Serialization Protocol) client for C# and PowerShell.
- lstratman/EasyConnect - Tabbed remote desktop application with a Chrome-like UI.
- cdhunt/EasyConnect - Tabbed remote desktop application with a Chrome-like UI.
- jpoehls/MarkdownWin - A "live preview" Markdown viewer for Windows.
- github/GitPad - Notepad.exe as Git commit editor
- dfinke/powershell-for-developers - PowerShell examples for the book "PowerShell for Developers"
- apaka/dokan-net - .NET binding for Dokan API
- ewilderj/doap - RDF schema for describing software projects
- alphaleonis/AlphaFS - AlphaFS is a .NET library providing more complete Win32 file system functionality to the .NET platform than the standard System.IO classes.
- darkoperator/Posh-SSH - PowerShell Module for automating tasks on remote systems using SSH
- Pro/dkim-exchange - DKIM Signing Agent for Microsoft Exchange Server
- bolorundurowb/Open-Exam-Suite - This project seeks to create an open source exam designer and simulator that will be solace for those wanting to take any simulated examinations.
- yck1509/ConfuserEx - An open-source, free protector for .NET applications
- iSECPartners/sqlperms - A tool for calculating necessary SQL Server permissions
- Lavakumar/IronWASP - Source code of IronWASP
- OneGet/oneget - PackageManagement (aka OneGet) is a package manager for Windows
- ShareX/ShareX - ShareX is a free and open source program that lets you capture or record any area of your screen and share it with a single press of a key. It also allows uploading images, text or other types of files to many supported destinations you can choose from.
- iSECPartners/PeachFarmer - A log collector for Peach fuzzing in the cloud
- koush/UniversalAdbDriver - One size fits all Windows Drivers for Android Debug Bridge.
- de4dot/de4dot - .NET deobfuscator and unpacker.
- HoardingInfo/PDFFolderPageCountWin32 - This application was used in a service bureau environment. It is designed to count incoming PDF files and their pages over FTP and then transfer them to OCR process. It monitors an input folder realtime, and counts actual PDF pages
- icsharpcode/ILSpy - .NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
- stefanstranger/ScriptGalleryISEAddOn - Initial version of PowerShell Script Gallery ISE AddOn
- PowerShell/PSReadLine - A bash inspired readline implementation for PowerShell
- GDSSecurity/SSLSecurityChecker - IronWASP module to test security of SSL services. Ported from http:https://www.bolet.org/TestSSLServer/
- nccgroup/UPnP-Pentest-Toolkit - UPnP Pentest Toolkit for Windows
- g0tmi1k/VulnInjector - Generates a Windows 'vulnerable' machine from ISOs
- nmaier/simpleDLNA - A simple, zero-config DLNA media server, that you can just fire up and be done with it.
- nmaier/unrarit - Ever wanted to extract a range of archive files? UnRarIt.Net comes to help.
- defuse/textractor - Extract strings from files to make wordlists.
- aranasoft/PhantomIIS - PhantomIIS is a utility for executing PhantomJS within the context of an IIS Express web server.
- woanware/exefinder -
- AonCyberLabs/Fizzer - Fizzer is an assessment tool for fuzzing FIX messages.
- Paris/IronAHK - Cross platform .NET rewrite of the popular AutoHotkey scripting language for desktop automation.
- lachesis/scallion - GPU-based Onion Hash generator
- nektra/SQLSvrIntercept - Microsoft SQL Server Hooking
- woanware/TargetAnalyser - Tool for analysts to perform simultaneous lookups (IP, Domain, URL, MD5) against multiple data sources
- woanware/EventLogParser -
- Genbox/VirusTotalNet - A full implementation of the VirusTotal 2.0 API
- woanware/autorunner - Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
- aliostad/SuperBenchmarker - Apache Benchmark (ab.exe) on steroids
- einarwh/Metarx - Reactive metaprogramming demo
- dblock/remoteinstall - Pragmatic VMWare-based tool for automating software testing, starting with software installation.
- juj/vs-tool - Visual Studio 2010 plugin to integrate MinGW, Clang and Emscripten to the VS IDE.
- dlbeer/saraswati - Text-mode EPUB reader for Linux
- synchrone/GridFuse - A MongoDB GridFS driver for Dokan
- apaka/win-sshfs - Git repo for http:https://code.google.com/p/win-sshfs/
- VolatileMindsLLC/nessus-sharp - C# library for interfacing with Nessus
- kml/Wigraf - Graphviz (WinGraphviz) Frontend
- cweb/unicode-hax - A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.
- lsauer/entropy - ent is a small, fast command line utility, plotting various entropy related metrics of files or pipe/stdin streams
- woanware/javaidx -
- woanware/xor -
- mono/monomac - Bindings to create MacOS X applications with Mono.
- mono/ngit - Automated jgit port to c#
- fluentsharp/FluentSharp - Fluent API for the .NET Framework (used by the O2 Platform)
- brandonprry/volatile_reader - A small, fast, and efficient offline event log parser, registry reader, pcap file analyzer, IL decompiler (with ICSharpCode), and pagefile analyzer written in C# and using GTK.
- brandonlw/upek-ps-pass-decrypt - UPEK Protector Suite Password Decrypter
- cameronhotchkies/Absinthe - A Blind SQL Exploitation application
- sensepost/wikto - Nikto for Windows with some extra features.
- sensepost/Suru - Suru is one of the original Man In The Middle (MITM) proxies that sits between the user's browser and the web application.
- Code52/DownmarkerWPF - MarkPad - a visual Markdown editor (inspired by the Downmarker project)
- ADVTOOLS/ADVsock2pipe - A small utility to connect a TCP socket to a Windows named pipe. It can be used, for exemple, to capture network data with tcpdump on Linux or iPhone/iPad and to see the capture in (almost) realtime in Wireshark on Windows. Released under GPLv3.
- net-commons/common-logging - A portable logging abstraction for .NET
- phendryx/superputty - PLEASE DO NOT USE THIS FORK! IT IS QUITE OUTDATED AND DOES NOT INCLUDE UPDATES MADE BY JIM RADFORD, THE ORIGINAL DEVELOPER. USE:
- lab52io/StopDefender - Stop Windows Defender programmatically
- lab52io/StealAllTokens - This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate and use whatever token present at any process
- googleprojectzero/Jackalope - Binary, coverage-guided fuzzer for Windows and macOS
- 2igosha/parse_evtx - Tools for DFIR
- xuanxuan0/DripLoader - Evasive shellcode loader for bypassing event-based injection detection (PoC)
- BSI-Bund/RdpCacheStitcher - RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
- RedCursorSecurityConsulting/PPLKiller - Tool to bypass LSA Protection (aka Protected Process Light)
- google/security-research-pocs - Proof-of-concept codes created as part of security research done by Google Security Team.
- ChaitanyaHaritash/Callback_Shellcode_Injection - POCs for Shellcode Injection via Callbacks
- last-byte/hybris - Tool to spawn processes as SYSTEM by stealing tokens
- itm4n/Perfusion - Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
- magnusstubman/MagnusKatz - Research project for understanding how Mimikatz work and become better at C
- Rvn0xsy/PDacl - Play Doh Windows ACL Tools
- bablosoft/BAS - BrowserAutomationStudio can automate everything that Chrome can.
- multiOTP/multiOTPCredentialProvider - multiOTP Credential Provider is a V2 Credential Provider for Windows 7/8/8.1/10/2012(R2)/2016 with options like RDP only and UPN name support
- rprichard/win32-console-docs - Win32 Console Documentation -- in particular, console/standard handles and CreateProcess inheritance
- 0xbadfca11/miniwsl - Mini Windows Subsystem for Linux Distribution
- DjGorillaz/chrome-password-reader - Console utility to view saved passwords in Chrome and export to .csv file (Windows)
- etormadiv/HostingCLR - Executing a .NET Assembly from C++ in Memory (CLR Hosting)
- solemnwarning/rehex - Reverse Engineers' Hex Editor
- stevemk14ebr/PolyHook_2_0 - C++17, x86/x64 Hooking Libary v2.0
- vvip-68/GyverMatrixWiFi - Адресная матрица на NodeMCU с управлением по WiFi
- ebartz/esp8266-rfid-sonos -
- bohops/WSMan-WinRM - A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object
- knownsec/shellcodeloader - shellcodeloader
- facebookincubator/oomd - A userspace out-of-memory killer
- hoangprod/AndrewSpecial - AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
- slaeryan/AQUARMOURY - My musings in C and offensive tooling
- WerWolv/ImHex - 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
- microsoft/Detours - Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
- hzqst/FuckCertVerifyTimeValidity - This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing system time manually
- ComodoSecurity/openedr - Open EDR public repository
- microsoft/winget-cli - Windows Package Manager CLI (aka winget)
- Neo23x0/Raccine - A Simple Ransomware Vaccine
- GJDuck/e9patch - A powerful static binary rewriting tool
- outflanknl/Spray-AD - A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
- sailay1996/WerTrigger - Weaponizing for privileged file writes bugs with windows problem reporting
- 0xnobody/vmpattack - A VMP to VTIL lifter.
- hlldz/dazzleUP - A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems.
- disk91/esp8266-sigfox-trackr - Sigfox / ESP8266 WiFi based tracker
- Q4n/CVE-2020-1362 - writeup of CVE-2020-1362
- Cr0n1c/yasc - Yet Another Slack C2
- pavel-odintsov/fastnetmon - FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support
- cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION - Support ALL Windows Version
- abenkhadra/bcov - Static instrumentation tool for efficient binary-level coverage analysis.
- git-artes/gr-tempest - An implementation of TEMPEST en GNU Radio
- jafarlihi/serpentine - C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
- antonioCoco/RogueWinRM - Windows Local Privilege Escalation from Service Account to System
- vovkos/protolesshooks - API monitoring via return-hijacking thunks; works without information about target function prototypes.
- guidovranken/cryptofuzz - Fuzzing cryptographic libraries. Magic bug printer go brrrr.
- jafarlihi/revp - Reverse HTTP proxy that works on Linux, Windows, and macOS. Made with C++ and Boost.
- slaeryan/FALCONSTRIKE - A stealthy, targeted Windows Loader for delivering second-stage payloads(shellcode) from Github to the host machine undetected
- google/fuzzing - Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
- hasherezade/paramkit - A small library helping to parse commandline parameters (for C/C++)
- nccgroup/SocksOverRDP - Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
- CredDefense/CredDefense - Credential and Red Teaming Defense for Windows Environments
- monoxgas/FlyingAFalseFlag - Slides and Code for the BHUSA 2019 talk: Flying a False Flag
- ivan-sincek/invoker - Penetration testing utility and antivirus assessment tool.
- D4stiny/PeaceMaker - PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
- thalium/icebox - Virtual Machine Introspection, Tracing & Debugging
- hlldz/pickl3 - Windows active user credential phishing tool
- hackerhouse-opensource/electionhacking - Diebold Accuvote-TSx Election Machine Hacking
- CheckPointSW/InviZzzible - InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
- whid-injector/whid-31337 - WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
- ray-cp/browser_pwn - browser pwn, main work now
- panagioto/SyscallHide - Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
- 0xZ0F/Z0FCourse_ReverseEngineering - Reverse engineering focusing on x64 Windows.
- HassanShehata/KeySpark - Get a reverse shell within 15 seconds on both Windows or Unix based systems, using the Digispark developement board.
- dreamstalker/rehlds - Reverse-engineered HLDS
- changeofpace/VivienneVMM - VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
- JPCERTCC/EmoCheck - Emotet detection tool for Windows OS
- SandboxEscaper/Bug -
- usb-tools/USBProxy-legacy - A proxy for USB devices, libUSB and gadgetFS - this project is unmaintained, try here: https://github.com/usb-tools/Facedancer
- marcosd4h/memhunter - Live hunting of code injection techniques
- AD-Vega/rtl-power-fftw - Power spectrum for RTLSDR dongles.
- f4exb/sdrangel - SDR Rx/Tx software for Airspy, Airspy HF+, BladeRF, HackRF, LimeSDR, PlutoSDR, RTL-SDR, SDRplay RSP1 and FunCube
- ptrkrysik/gr-gsm - Gnuradio blocks and tools for receiving GSM transmissions
- bluefrostsecurity/CVE-2019-1215 -
- s1egesystems/ShellcodeFetcher - Antivirus evasion technique to execute shellcode in memory.
- tzapu/WiFiManager - ESP8266 WiFi Connection manager with web captive portal
- xoseperez/espurna - Home automation firmware for ESP8266-based devices
- ION28/BLUESPAWN - An Active Defense and EDR software to empower Blue Teams
- miek/inspectrum - Radio signal analyser
- cseagle/blc - Integrate Ghidra's decompiler as an Ida plugin
- joelsernamoreno/badusb_examples - This repository have some BadUSB attack examples for Arduino IDE compatible devices
- SpacehuhnTech/WiFiDuck - Wireless keystroke injection attack platform
- niklasb/sploits -
- hasherezade/libpeconv - A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
- K2/EhTrace - ATrace is a tool for tracing execution of binaries on Windows.
- sepehrdaddev/hashcobra - HashCobra Hash Cracking tool.
- facebook/rocksdb - A library that provides an embeddable, persistent key-value store for fast storage.
- KitMurdock/plundervolt -
- AlicanAkyol/sems - Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools
- CoatiSoftware/Sourcetrail - Sourcetrail - free and open-source interactive source explorer
- 0x09AL/RdpThief - Extracting Clear Text Passwords from mstsc.exe using API Hooking.
- DarthTon/Blackbone - Windows memory hacking library
- broken-e/DragDropConfirm - A simple shell extension for Windows to stop accidental drag and drop moves of folders.
- apt69/COMahawk - Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322
- Azure/iisnode - Hosting node.js applications in IIS on Windows
- can1357/ByePg - Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
- outflanknl/Recon-AD - Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
- microsoft/windows-container-tools - Collection of tools to improve the Windows Containers experience
- scylladb/scylla - NoSQL data store using the seastar framework, compatible with Apache Cassandra
- alpha1ab/CVE-2018-8120 - CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7
- ze0r/CVE-2018-8639-exp -
- rootm0s/Injectors - 💉 DLL/Shellcode injection techniques
- m0n0ph1/Process-Hollowing - Great explanation of Process Hollowing (a Technique often used in Malware)
- ExpLife0011/ShellcodeLoader - Small tool to load shellcodes or PEs to analyze them
- theevilbit/injection -
- aleksost/MemoryDecompression - Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
- watersalesman/aura-botnet - A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
- DFIR-ORC/dfir-orc - Forensics artefact collection tool for systems running Microsoft Windows
- secrary/Andromeda - Andromeda - Interactive Reverse Engineering Tool for Android Applications
- vnotex/vnote - A pleasant note-taking platform.
- FSecureLABS/C3 - Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
- LongSoft/UEFITool - UEFI firmware image viewer and editor
- NytroRST/ShellcodeCompiler - Shellcode Compiler
- pqrs-org/Karabiner-Elements - Karabiner-Elements is a powerful utility for keyboard customization on macOS Sierra (10.12) or later.
- 0x00-0x00/CVE-2019-0841-BYPASS - A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.
- aurel26/gpocheck - gpocheck
- jackullrich/ShellcodeStdio - An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
- 3gstudent/Eventlogedit-evtx--Evolution - Remove individual lines from Windows XML Event Log (EVTX) files
- JLospinoso/gargoyle - A memory scanning evasion technique
- b4rtik/metasploit-execute-assembly - Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
- LordNoteworthy/al-khaser - Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- wangyu-/udp2raw - A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
- ChadSki/SharpNeedle - Inject C# code into a running process
- hlldz/APC-PPID - Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
- ifding/learning-notes - Always Keep Learning
- secrary/InjectProc - InjectProc - Process Injection Techniques [This project is not maintained anymore]
- dim0x69/dns-exe-persistance -
- tandasat/ExploitCapcom - This is a standalone exploit for a vulnerable feature in Capcom.sys
- googleprojectzero/symboliclink-testing-tools -
- rogue-kdc/CVE-2019-0841 - PoC code for CVE-2019-0841 Privilege Escalation vulnerability
- 62726164/oathgen - A command line HOTP and TOTP client
- s3rb31/jDecrypt - jDownloader Storage Decrypter
- ClickHouse/ClickHouse - ClickHouse® is a free analytics DBMS for big data
- Yubico/yubioath-desktop - Yubico Authenticator for Desktop (Windows, macOS and Linux)
- AGWA/git-crypt - Transparent file encryption in git
- whid-injector/WHID - WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
- simdjson/simdjson - Parsing gigabytes of JSON per second
- HyperSine/SdoKeyCrypt-sys-local-privilege-elevation - CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation
- ryanries/LAPM - Local Admin Password Maintainer
- ggerganov/kbd-audio - Tools for capturing and analysing keyboard input paired with microphone capture 🎤⌨️
- WildByDesign/AppContainer-Launcher - AppContainer and LPAC (Less Privileged AppContainer) Launcher with Capabilities
- leechristensen/GetNTLMChallenge - Obtains a crackable hash for the current user account
- keepassxreboot/keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
- maestron/botnets - This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
- mandiant/SimplifyGraph - IDA Pro plugin to assist with complex graphs
- illera88/Ponce - IDA 2016 plugin contest winner! Symbolic Execution just one-click away!
- oxfemale/XorVarsMacros - Xor var before compile binary and decrypt var after run binary by decrypt function
- electron/electron - Build cross-platform desktop apps with JavaScript, HTML, and CSS
- stealth/fernmelder - async mass DNS resolver
- atxsinn3r/amsiscanner - A C/C++ implementation of Microsoft's Antimalware Scan Interface
- xpn/getsystem-offline - Small tool to get a SYSTEM shell
- outflanknl/NetshHelperBeacon - Example DLL to load from Windows NetShell
- JetBrains/runAs - The tool to run command under a specified user account on Windows.
- isc-projects/dnsgen - DNS packet generator
- ariya/phantomjs - Scriptable Headless Browser
- entaopy/peerblock - Automatically exported from code.google.com/p/peerblock
- JacksonVD/PwnedPasswordsDLL - Open source solution to check prospective AD passwords against previously breached passwords
- mstfknn/malware-sample-library - Malware sample library.
- OmerYa/Invisi-Shell - Hide your Powershell script in plain sight. Bypass all Powershell security features
- QAX-A-Team/getpass - a mini tool to dump password and NTLM hash from WDigest & MSV1_0 & tspkg, as a result of study of mimikatz
- QAX-A-Team/EventCleaner - A tool mainly to erase specified records from Windows event logs, with additional functionalities.
- dannagle/Cryptoknife - All-in-one, portable, collection of general-purpose cryptography tools
- msoos/cryptominisat - An advanced SAT solver
- hasherezade/pe-sieve - Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
- ewhitehats/InvisiblePersistence - Persisting in the Windows registry "invisibly"
- RamadhanAmizudin/malware - Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from: http:https://www.malwaretech.com
- hryuk/Carberp -
- hatRiot/token-priv - Token Privilege Research
- breenmachine/RottenPotatoNG - New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
- ohpe/juicy-potato - A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
- rprichard/winpty - A Windows software package providing an interface similar to a Unix pty-master for communicating with Windows console programs.
- emcrisostomo/fswatch - A cross-platform file change monitor with multiple backends: Apple OS X File System Events, *BSD kqueue, Solaris/Illumos File Events Notification, Linux inotify, Microsoft Windows and a stat()-based backend.
- stefanhepp/pplatex - Pretty-Print LaTeX: A tool to reformat the output of latex and friends into readable messages
- digizeph/dnsperf - DNS Performance Checker
- marcelscode/glasnost - Tool to detect traffic shaping in broadband networks
- skelterjohn/go-pkg-complete - bash completion for go and wgo
- pstavirs/ostinato - Ostinato - Packet/Traffic Generator and Analyzer
- 3gstudent/Eventlogedit-evt--General - Remove individual lines from Windows Event Viewer Log (EVT) files
- PurpleI2P/i2pd - 🛡 I2P: End-to-End encrypted and anonymous Internet
- sqlitebrowser/sqlitebrowser - Official home of the DB Browser for SQLite (DB4S) project. Previously known as "SQLite Database Browser" and "Database Browser for SQLite". Website at:
- misc0110/LiveTikZ - A live preview for TikZ drawings
- IAIK/drama - This repository contains examples of DRAMA reverse-engineering and side-channel attacks
- demonsaw/Code - Demonsaw Source Code
- otakuto/crazydiskinfo - CrazyDiskInfo is an interactive TUI S.M.A.R.T viewer for Unix systems.
- pstolarz/dumpext - WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both 32 (PE) and 64-bit (PE+) platforms.
- vah13/extractTVpasswords - tool to extract passwords from TeamViewer memory using Frida
- Gregwar/fatcat - FAT filesystems explore, extract, repair, and forensic tool
- telegramdesktop/tdesktop - Telegram Desktop messaging app
- clymb3r/Misc-Windows-Hacking - Miscellaneous projects related to attacking Windows.
- TopoIogist/Blackbone - Windows memory hacking library
- rwfpl/rewolf-wow64ext - Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.
- abhisek/Pe-Loader-Sample - Proof of concept implementation of in-memory PE Loader based on ReflectiveDLLInjection Technique
- securifybv/u3-armory - U3 armory - exploiting the AutoRunz
- OISF/libhtp - LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
- x64dbg/x64dbg - An open-source x64/x32 debugger for windows.
- nettitude/SimplePELoader - In-Memory PE Loader
- nettitude/DLLInjection - DLL Injection Library & Tools
- hasherezade/persistence_demos - Demos of various (also non standard) persistence methods used by malware
- cmu-sei/BigGrep - A scalable search index for binary files
- luctalpe/WMIMon - Tool to monitor WMI activity on Windows
- msuiche/OPCDE - OPCDE Cybersecurity Conference Materials
- Professor-plum/Reflective-Driver-Loader -
- uxmal/nucleus - Clone of "Compiler-Agnostic Function Detection in Binaries" source code
- secrary/InfectPE - InfectPE - Inject custom code into PE file [This project is not maintained anymore]
- lief-project/LIEF - LIEF - Library to Instrument Executable Formats
- ephox-gcc-plugins/dump_call_graph - Print out the call graph.
- ephox-gcc-plugins/latent_entropy - gcc plugin to help generate a little bit of entropy from program state, used throughout the uptime of the kernel
- ondrejbudai/hidviz - A tool for in-depth analysis of USB HID devices communication
- clymb3r/KdExploitMe - A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.
- snort3/snort3 - Snort++
- zecure/shadowd - The Shadow Daemon web application firewall server
- codewatchorg/SideStep - Yet another AV evasion tool
- mfontanini/dot11decrypt - An 802.11 WEP/WPA2 on-the-fly decrypter.
- friedrich/hans - IP over ICMP
- shekyan/slowhttptest - Application Layer DoS attack simulator
- silverf0x/RpcView - RpcView is a free tool to explore and decompile Microsoft RPC interfaces
- modzero/fix-windows-privacy - Fix Windows 10 Privacy
- USBGuard/usbguard - USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
- pytorch/pytorch - Tensors and Dynamic neural networks in Python with strong GPU acceleration
- silentbreaksec/Throwback - HTTP/S Beaconing Implant
- mandiant/flare-wmi -
- oguzhaninan/Stacer - Linux System Optimizer and Monitoring - https://oguzhaninan.github.io/Stacer-Web
- cbucher/console - This is a modified version of Console 2 for a better experience under Windows Vista/7/8/10 and a better visual rendering.
- sensepost/rattler - Automated DLL Enumerator
- facebook/ThreatExchange - Share threat information with vetted partners
- RoliSoft/Host-Scanner - Active/passive network scanner and autonomous vulnerability assessment application.
- govolution/wce - wce reverse
- cybermaggedon/cyberprobe - Capturing, analysing and responding to cyber attacks
- EgeBalci/Cminer - Cminer is a tool for enumerating the code caves in PE files.
- comaeio/Hibr2Bin - Comae Hibernation File Decompressor
- manux81/canspy - Very simple tool for users who need to interface with a device based on CAN (CAN/CANopen/J1939/NMEA2000/DeviceNet) such as motors, sensors and many other devices.
- SpiderLabs/ModSecurity - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
- OMENScan/AChoir - Windows Live Artifacts Acquisition Script
- Cn33liz/p0shKiller -
- google/binexport - Export disassemblies into Protocol Buffers
- Cn33liz/TpmInitUACAnniversaryBypass - Bypassing User Account Control (UAC) using TpmInit.exe
- codeliker/mymig_meterpreter - mig meterpreter stager
- tandasat/HyperPlatform - Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
- BreakingMalware/Selfie - A Tool to Unpack Self-Modifying Code using DynamoRIO
- djcb/mu - maildir indexer/searcher + emacs mail client + guile bindings
- qlyoung/armory-keyboard - utility for emulating a USB HID keyboard with the USBArmory
- JonathanSalwan/Triton - Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
- comaeio/SwishDbgExt - Incident Response & Digital Forensics Debugging Extension
- swwwolf/wdbgark - WinDBG Anti-RootKit Extension
- securesocketfunneling/ssf - Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
- iSECPartners/jailbreak - Jailbreak
- keystone-engine/keystone - Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings
- ricochet-im/ricochet - Anonymous peer-to-peer instant messaging
- TheTorProject/stegotorus - Advanced development framework for stealthier pluggable transports
- openwall/johnny - GUI frontend to John the Ripper password cracker
- tobimensch/aqemu - Official AQEMU repository - a GUI for virtual machines using QEMU as the backend
- scantailor/scantailor -
- Cisco-Talos/TeslaDecrypt - Decryption Tool
- denandz/KeeFarce - Extracts passwords from a KeePass 2.x database, directly from memory.
- strozfriedberg/ntfs-linker - An NTFS journal parser
- pentestmonkey/yapscan - Automatically exported from code.google.com/p/yapscan
- maciejczyzewski/libchaos - Advanced library for randomization, hashing and statistical analysis (devoted to chaos machines). 🔬
- Z3Prover/z3 - The Z3 Theorem Prover
- sphinxsearch/sphinx - Sphinx search server
- MaartenBaert/ssr - SimpleScreenRecorder, a screen recorder for Linux
- secmob/PoCForCVE-2015-1528 - I'll submit the poc after blackhat
- daniel-j-h/TM602X - Simple application to generate the login "password of the day" for the Arris TM602X telephony modem family.
- rlaager/docsis - This program encodes a DOCSIS binary configuration file from a human-readable text configuration file.
- Vivek-Ramachandran/wi-door - Wi-Fi Backdoors
- trainman419/kismet - Fork of http:https://www.kismetwireless.net/
- stealth/opmsg - opmsg message encryption
- BreakingMalware/PowerLoaderEx - PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
- mit-nlp/MITIE - MITIE: library and tools for information extraction
- nmaier/mkvtoolnix - Creating and working with Matroska files
- lavv17/lftp - sophisticated command line file transfer program (ftp, http, sftp, fish, torrent)
- gpg4usb/gpg4usb - gpg4usb is an easy to use portable editor to encrypt and decrypt with gnupg. Homepage: http:https://www.gpg4usb.org
- stevemk14ebr/PolyHook - x86/x64 C++ Hooking Library
- kkar/TeamViewer-dumper-in-CPP - Dumps TeamViewer ID,Password and account settings from a running TeamViewer instance by enumerating child windows.
- zrm/snow -
- rwfpl/rewolf-dllpackager - Simple tool to bundle windows DLLs with PE executable
- hoehrmann/pngwolf -
pngwolf
uses a genetic algorithm to find PNG scanline filter combinations that compress well - GreySyntax/iRecoveryplusplus - iRecovery++ is a program designed to communicate with the iPhone/iPod Touch/iPad via iBoot and iBSS via a USB interface. This program is compatible with Mac OS X, Linux and possibly windows (if libusb has been updated).
- google/lmctfy - lmctfy is the open source version of Google’s container stack, which provides Linux application containers.
- vgough/encfs - EncFS: an Encrypted Filesystem for FUSE.
- matteoserva/MegaFuse - MEGA client for linux, based on FUSE
- RC1140/cr-gpg - A chrome plugin that enables gpg encryption and decryption for the gmail web interface
- tstack/lnav - Log file navigator
- Grive/grive - an open source Linux client for Google Drive
- nccgroup/pip3line - The Swiss army knife of byte manipulation
- joxeankoret/pinpack - A PIN Tool to unpack simple write and exec packers (for Linux)
- anestisb/oatdump_plus - Extended oatdump from AOSP platform/art repo
- anestisb/android-simg2img - Tool to convert Android sparse images to raw images
- stealth/fraud-bridge - ICMP and DNS tunneling via IPv4 and IPv6
- stealth/sshttp - SSH/HTTP(S) multiplexer. Run a webserver and a sshd on the same port w/o changes.
- BogdanDIA/airprobe-hopping - Airprobe for frequency hopping GSM channels
- strazzere/android-scripts - Collection of Android reverse engineering scripts
- rakshasa/rtorrent - rTorrent BitTorrent client
- jonstewart/fsrip - Output Filesystem Information as JSON using The Sleuthkit
- NtQuery/Scylla - Imports Reconstructor
- Cr4sh/MsFontsFuzz - OpenType font file format fuzzer for Windows
- osquery/osquery - SQL powered operating system instrumentation, monitoring, and analytics.
- google/rowhammer-test - Test DRAM for bit flips caused by the rowhammer problem
- trailofbits/pe-parse - Principled, lightweight C/C++ PE parser
- lifting-bits/mcsema - Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode
- wroberts/count - UNIX line counting utilities
- SIPp/sipp - The SIPp testing tool
- DrWhax/truecrypt-archive - Archive of (almost) all truecrypt releases - Please audit this repository!
- nlohmann/json - JSON for Modern C++
- NPS-DEEP/hashdb - hashdb block hash database tool and API
- MalwareTech/FakeMBR - TDL4 style rootkit to spoof read/write requests to master boot record
- blankwall/Python_Pin -
- ANSSI-FR/SysvolExplorer - Active Directory Group Policy analyzer
- vyos/vyatta-cfg - Vyatta configuration system
- CrowdStrike/CrowdDetox - The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations.
- horsicq/DIE-engine - DIE engine
- MalwareTech/UACElevator - Passive UAC elevation using dll infection
- demi6od/Smashing_The_Browser - Smashing The Browser: From Vulnerability Discovery To Exploit
- eurecom-s3/sdhash_psql - PostgreSQL plugin interface to sdhash/sdbf fuzzyhash library
- avatarone/avatar-python - Dynamic security analysis of embedded systems’ firmwares
- r-lyeh-archived/tracey - :squirrel: Tracey is a lightweight and simple C++ memory leak finder with no dependencies.
- abarisain/imagegrouper - Image duplicate finder. Puts similar images into groups
- wkhtmltopdf/wkhtmltopdf - Convert HTML to PDF using Webkit (QtWebKit)
- google/certificate-transparency - Auditing for TLS certificates.
- soarlab/maline - Android Malware Detection Framework
- getlantern/natty - Standalone WebRTC-based NAT traversal
- F-Secure/Sulo - Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin
- vlad902/findcrypt2-with-mmx - IDA Pro findcrypt2 plug-in with MMX AES instruction finding support
- tumi8/vermont - Vermont (VERsatile MONitoring Toolkit) is an open-source software toolkit for the creation and processing of network flow data.
- UTSA-cyber/sceadan - Systematic Classification Engine for Advanced Data ANalysis
- wisec/DOMinator -
- neraliu/tainted-phantomjs - Tainted PhantomJS
- SherifEldeeb/TinyMet - A "tiny" meterpreter stager
- proactiveRISK/switchblade - DoS-Switchblade is a single tool that is a collection of testing tools for DoS
- moxie0/tortunnel - A partial Onion Proxy implementation that's designed to build single-hop circuits through Tor exit nodes
- Studio3T/robomongo - Native cross-platform MongoDB management tool
- cmderdev/cmder - Lovely console emulator package for Windows
- carlosgprado/PinTools - Intel PIN rocks
- OpenSecurityResearch/dllinjector - dll injection tool that implements various methods
- OpenSecurityResearch/slacker - A prototype file slack space remover
- rjhansen/duffy - Easily query NIST's database of MD5 hashes
- mozmark/ringleader - A tool for configuring and using MITM proxies from firefox
- edix/MalwareResourceScanner - Scanning and identifying XOR encrypted PE files in PE resources
- AmrThabet/pySRDF - This is the python wrapper for The Security Framework SRDF
- PowerDNS/pdns - PowerDNS Authoritative, PowerDNS Recursor, dnsdist
- XhmikosR/perfmonbar - Displays performance counters on the Windows Taskbar
- eranon/CNonymizer - A fast and simple anonymization tool for text files
- XhmikosR/notepad2-mod - LOOKING FOR DEVELOPERS - Notepad2-mod, a Notepad2 fork, a fast and light-weight Notepad-like text editor with syntax highlighting
- asmjit/asmjit - Machine code generation for C++
- boostcon/cppnow_presentations_2014 - Presentation materials presented at C++Now 2014
- kavika13/RemCom - Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
- scriptjunkie/sessionthief - Session hijacking GUI tool
- zeek/zeek - Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
- indutny/heartbleed - Extracting server private key using Heartbleed OpenSSL vulnerability.
- aria2/aria2 - aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
- Sigil-Ebook/Sigil - Sigil is a multi-platform EPUB ebook editor
- jlodom/FLAIM-Database-For-OS-X - A fork of the open source version of Novell's FLAIM database (used by GroupWise and eDirectory) to compile easily on OS X.
- iSECPartners/yontma - You'll never take me alive.
- bwall/HashPump - A tool to exploit the hash length extension attack in various hashing algorithms
- iSECPartners/publications - iSEC Partners' research publications
- osirislab/dllinjection -
- homenc/HElib - HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.
- mitmedialab/Junkyard-Jumbotron - The Junkyard Jumbotron is a web tool that makes it really easy to combine a bunch of random displays into a single, large virtual display. It works with laptops, tablets, smartphones -- anything that can run a web browser. And the magic is that all you need to do to configure one is take a photograph of all the screens.
- russtheaerialist-retired-projects/node-spi - A NodeJS interface to the SPI bus on embedded linux machines
- tenzir/vast - 🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.
- 0xdabbad00/OpenHIPS - OpenHIPS prevents exploitation of Windows systems
- torps/torps - The Tor Path Simulator
- xbmc/xbmc - Kodi is an award-winning free and open source home theater/media center software and entertainment hub for digital media. With its beautiful interface and powerful skinning engine, it's available for Android, BSD, Linux, macOS, iOS and Windows.
- tomahawk-player/tomahawk-resolvers - Resolver plugins for Tomahawk Player
- inliniac/libhtp - LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
- litecoin-project/litecoin - Litecoin source tree
- mistralol/ipstats - Collects ip stats from passing traffic
- stealth/psc - E2E encryption for multi-hop tty sessions or portshells + TCP/UDP port forward
- REhints/HexRaysCodeXplorer - Hex-Rays Decompiler plugin for better code navigation
- rjhansen/nsrllookup - Checks with NSRL RDS servers looking for for hash matches
- rjhansen/nsrlsvr -
- takemaru/graphillion - Fast, lightweight graphset operation library
- yinqiwen/ardb - A redis protocol compatible nosql, it support multiple storage engines as backend like Google's LevelDB, Facebook's RocksDB, OpenLDAP's LMDB, PerconaFT, WiredTiger, ForestDB.
- zynamics/pin-tools - Collection of tools for the Pin dynamic instrumentation framework
- BenjaminKim/dokanx - user-mode filesystem framework for Windows
- boostcon/cppnow_presentations_2012 -
- boostcon/cppnow_presentations_2013 -
- jessek/hashdeep -
- CERT-Polska/HSN-Capture-HPC-NG - HoneySpider Network version of Capture-HPC
- 0vercl0k/rp - rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries.
- dsw/oink-stack - Oink is a collaboration of C++ static analysis tools.
- wirepair/IDAPinLogger - Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.
- danmar/cppcheck - static analysis of C/C++ code
- mubix/netview - Netview enumerates systems using WinAPI calls
- thomhastings/mimikatz-en - English language translation of gentilkiwi's early mimikatz release
- MartialB/BinSlayer -
- asmuth/clip - Create charts from the command line
- SherifEldeeb/inmet - A multi-purpose meterpreter executable (inline, many transports, msfpayload)
- wirepair/NetLogger - Pin tool for logging socket communications to disk
- stealth/grab - experimental and very fast implementation of a grep
- hzphreak/VMInjector - DLL Injection tool to unlock guest VMs
- jeffbryner/NBDServer - Network Block Device Server for windows with a DFIR/forensic focus.
- Y-Vladimir/SmartDeblur - Restoration of defocused and blurred photos/images
- simsong/bulk_extractor - This is the development tree. Production downloads are at:
- simsong/tcpflow - TCP/IP packet demultiplexer. Download from:
- wisk/medusa - An open source interactive disassembler
- fujieda/xkeymacs -
- jduck/file-dissect - File Dissect is a cross-platform framework and UI for analyzing various file formats. It is based on wxWidgets since it provides a native feel regardless of base OS.
- droe/sslsniff - A tool for automated MITM attacks on SSL connections.
- moxie0/sslsniff - A tool for automated MITM attacks on SSL connections.
- dzzie/VS_LIBEMU - Visual Studio 2008 port of the libemu library that includes scdbg.exe, a modification of the sctest project, that includes more hooks, interactive debugging, reporting features, and ability to work with file format exploit shellcode. Will run under WINE
- candera/hobocopy - An open source backup tool for Windows
- mobile-shell/mosh - Mobile Shell
- firebreath/FireBreath - Browser Plugin framework (NPAPI and ActiveX on Windows, Mac, and Linux)
- codebutler/firesheep - A Firefox extension that demonstrates HTTP session hijacking attacks.
- signal11/PlayCap - Performs playback of tcpdump, windump, Wireshark, and libpcap files.
- sethhall/bro-dblogger - Utility for logging data from the Bro Intrusion Detection System directly to PostgreSQL <- Deprecated! This project is only here for historical curiosity now.
- corelight/bro-maxminddb - Plugin to support libmaxminddb in Bro
- OWASP/common-requirement-enumeration -
- black7375/Firefox-UI-Fix - 🦊 I respect proton UI and aim to improve it.
- johnpaulada/pandoc-markdown-book-template - A template for creating epub books from markdown using pandoc.
- FuzzySecurity/Fermion - Fermion, an electron wrapper for Frida & Monaco.
- TROUBLE-1/Hacking-Sunday -
- sharu725/online-cv - A minimal Jekyll Theme to host your resume (CV)
- ethanhs/WSL-Programs - A community powered list of programs that work (and those that don't) on the Windows subsystem for Linux
- varchashva/vPrioritizer - vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)
- assetnote/wordlists - Automated & Manual Wordlists provided by Assetnote
- m6a-UdS/dvca - Damn Vulnerable Cloud Application
- rkhal101/Hack-the-Box-OSWE-Preparation -
- leonjza/frida-boot - Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!
- gbrindisi/wordpot - A Wordpress Honeypot
- endgameinc/varna - Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)
- appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training - Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
- phonexicum/phonexicum.github.io -
- trustedsec/SysmonCommunityGuide - TrustedSec Sysinternals Sysmon Community Guide
- cybersafeblr/thedorkbox - TheDorkbox Comprehensive collection of Google Dorks & OSINT techniques to find Confidential Data
- weev3/LKWA - Lesser Known Web Attack Lab
- s0md3v/Predator - Anti-Automation System
- andev-software/graphql-ide - ⚡️ GraphQL IDE - An extensive IDE for exploring GraphQL API's
- lis912/CISSP-OSG-8th-note - CISSP OSG 8th学习笔记
- zseano/JS-Scan - a .js scanner, built in php. designed to scrape urls and other info
- Matir/write-ups-2015 - Wiki-like CTF write-ups repository, maintained by the community. 2015
- picturepan2/spectre - Spectre.css - A Lightweight, Responsive and Modern CSS Framework
- sqreen/DevelopersSecurityBestPractices -
- noLogicXD/xssizer - The best tool to find and prove XSS flaws.
- microsoft/azuredevopslabs - Learn how you can plan smartly, collaborate better, and ship faster with a set of modern development services with Azure DevOps.
- ajinabraham/nodejsscan - nodejsscan is a static security code scanner for Node.js applications.
- b374k/b374k - PHP Webshell with handy features
- bhdresh/SocialEngineeringPayloads - This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
- appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows - Repository for all the workshop content delivered at nullcon X on 1st of March 2019
- usnistgov/800-63-3 - Home to public development of NIST Special Publication 800-63-3: Digital Authentication Guidelines
- ihorzenich/html5checklist - HTML/CSS markup checklist
- thewhiteh4t/seeker - Accurately Locate Smartphones using Social Engineering
- pwnsdx/Mailsploit-HTML - Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Mail Transfer Agents (MTA) aka email servers, therefore circumventing spoofing protection mechanisms such as DMARC (DKIM/SPF) or spam filters.
- adobe-fonts/source-sans - Sans serif font family for user interface environments
- woj-ciech/OSINT -
- elipapa/markdown-cv - a simple template to write your CV in a readable markdown file and use CSS to publish/print it.
- c0bra/markdown-resume-js - Turn a simple markdown document into a resume in HTML and PDF
- posativ/blog.posativ.org - Source files of my personal blog using Acrylamid as static blog engine.
- OWASP/owasp-summit-2017 - Content for OWASP Summit 2017 site
- GuillaumeRoss/evilplumbing - Evil.Plumbing
- chriskempson/tomorrow-theme - Tomorrow Theme now lives on at https://github.com/chriskempson/base16
- ryanoasis/nerd-fonts - Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more
- httphacker/gethead - HTTP Header Analysis Vulnerability Tool
- s0meguy1/RougeWifi - A malicious captive wifi portal
- lixmk/Wiegotcha - Wiegotcha: Long Range RFID Thief
- juliocesarfort/public-pentesting-reports - Curated list of public penetration test reports released by several consulting firms and academic security groups
- kxxoling/markdown2pdf - [Deprecated] A command line tool to convert markdown file to pdf.
- chef-boneyard/chef-fundamentals - DEPRECATED: Chef Fundamentals training materials
- merces/aleph - An Open Source Malware Analysis Pipeline System
- mmistakes/jekyll-theme-skinny-bones - A Jekyll starter with a variety of flexible layouts and components.
- poole/lanyon - A content-first, sliding sidebar theme for Jekyll.
- poole/hyde - A brazen two-column theme for Jekyll.
- barryclark/jekyll-now - Build a Jekyll blog in minutes, without touching the command line.
- rhiever/redditviz - An interactive map of reddit: the "front page of the internet"
- davidhampgonsalves/resume - Resume in markdown
- ybur-yug/python_ocr_tutorial - This is a tutorial on getting OCR running on a simple web server, using python, flask, tesseract-ocr, and leptonica
- tabulapdf/tabula - Tabula is a tool for liberating data tables trapped inside PDF files
- maxx/osxprivacy - osxprivacy.com
- t413/SinglePaged - SinglePaged - Simple Jekyll template
- asciidoctor/docgist - Render AsciiDoc documents from Gists, GitHub, DropBox and other remote sources in the browser.
- houqp/asciidoc-deckjs - A deck.js backend for asciidoc
- RaReNet/DFAK - The Digital First Aid Kit has moved to Gitlab:
- Shellntel/vcr - Vulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.
- rmusser01/Infosec_Reference - An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
- hoodsec/hoodsec.github.io - hoodsec page
- kencochrane/docker-guidebook - Docker Guidebook
- travs/MacPass - A native OS X KeePass client
- savon-noir/nmap-webgui - Basic gui to run and display nmap scan results. Just a POC so far.
- revolunet/PythonBooks - Directory of free Python ebooks
- opendns/dataviz - OpenDNS Data Visualization Framework
- ctfs/write-ups-2015 - Wiki-like CTF write-ups repository, maintained by the community. 2015
- krasimir/yez - Chrome extension that acts as terminal and task runner
- Seldaek/slippy - HTML Presentations
- googlecreativelab/coder-projects - Fun projects and sneakily educational things that can all be made with Coder and Rasberry Pi.
- OpenSecurityResearch/FSExploitMe - Purposely vulnerable ActiveX Control to teach about exploitation in a browser-based environment.
- erichelgeson/erichelgeson.github.com - gh-pages
- ripienaar/gdash - A dashboard for Graphite
- bebraw/ghw - Converts your GitHub wiki to gh-pages (MIT)
- client9/sslassert - simple scripts to make sure your web server is configured correctly under HTTPS
- waveform80/picroscopy - A Python web-application to turn a Raspberry Pi and PiCam into a microscopy solution
- pericazivkovic/portablepython - Build environment for the Portable Python project
- justdeleteme/justdelete.me - A directory of direct links to delete your account from web services.
- mhils/honeyproxy-client - Quick in-depth URL traffic analysis without much hassle.
- Unitech/node-logman - Log client side/server side messages and monitor them with a realtime interface
- rstacruz/flatdoc - Build sites fast from Markdown
- wlwardiary/cable2graph - WikiLeaks Cablegate Reference Network Visualization : cables.csv to graph to svg/html5
- cjdsie/wirefy - Wirefy is a browser based responsive wireframe tool, which allows you to create functional wireframes using standard elements. Think of it as the foundation for your content to be built on. This allows you to focus on the content rather than the design to get faster sign off. Wirefy is not a one-solution answer.
- mubix/WhiteChapel - password cracking front end
- mjpizz/reclaimprivacy -
- into-docker/into-docker - Never write another Dockerfile
- metabase/metabase - The simplest, fastest way to get business intelligence and analytics to everyone in your company 😋
- jeaye/safepaste - A security-conscious paste service
- bcambel/oss.io - Developers gathering up
- ztellman/rhizome - simple graph and tree visualization
- technomancy/leiningen - Automate Clojure projects without setting your hair on fire.
- narkisr-deprecated/gelfino - A micro graylog server
- mozilla/seasponge - 🍍 SeaSponge is an accessible threat modelling tool from Mozilla
- oggy/1pass - 1Password on the command line.
- basecamp/pow - Zero-configuration Rack server for Mac OS X
- michaelvillar/dynamics.js - Javascript library to create physics-based animations
- clvv/scriptbroadcast - Broadcast recorded typescripts(shell sessions)
- shadowsocks/shadowsocks-nodejs -
- atom/tree-view - 🌳 Explore and open project files in Atom
- okTurtles/dnschain - A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!
- hiddentao/squel - 🏢 SQL query string builder for Javascript
- carlosdcastillo/vim-mode - Experimental next generation vim support for atom. This project needs a new home!
- keybase/node-client - CLI for keybase.io written in/for Node.js
- keybase/node-installer - An installer/updater for the node client.
- danielgtaylor/nesh - An enhanced, extensible interactive shell for Node.js and CoffeeScript
- olark/hashmonitor - turn logs into metrics like a boss
- stackdot/OpenVZ-Wrapper-NodeJS - NodeJS Wrapper for the OpenVZ CLI
- kartograph/kartograph.js - UNMAINTAINED Open source JavaScript renderer for Kartograph SVG maps
- fw42/honeymap - Real-time websocket stream of GPS events on a fancy SVG world map
- CiscoCXSecurity/httpShell -
- tower/tower - UNMAINTAINED - Small components for building apps, manipulating data, and automating a distributed infrastructure.
- asciimoo/feedme - Lightweight, single-user feed reader
- gescheit/fastsnmp - Fast SNMP poller
- MindMac/HideAndroidEmulator - Slides and demo resources presented at HITCON 2014 & XCON 2014-"Guess Where I am-Android模拟器躲避的检测与应对"
- jmdugan/blocklists - Shared lists of problem domains people may want to block with hosts files
- corbindavenport/nexus-tools - Installer for ADB, Fastboot, and other Android tools on Linux, macOS, Chrome OS, and Windows
- leonjza/docker-elk - docker-elk repo, using the https://github.com/deviantony/docker-elk template
- higatowa/bento - Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.
- hexops/dockerfile - Dockerfile best-practices for writing production-worthy Docker images.
- madhuakula/hacker-container - Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
- geekscrapy/docker-snort - Snort + Pulledpork + Websnort in Docker!
- suidroot/docker-malwoverview - malwoverview Docker Container
- aaaguirrep/offensive-docker - Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
- masahiro331/CVE-2020-9484 -
- hysnsec/awesome-threat-modelling - A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
- CiscoTestAutomation/pyats-docker - Dockerfile and scripts for pyATS
- nu11secur1ty/centos-snort3-dev - centos-snort3-dev
- antitree/cmd_and_kubectl_demos -
- belane/docker-bloodhound - BloodHound Docker Ready to Use
- sherifabdlnaby/elastdocker - 🐳 Elastic Stack (ELK) on Docker, preconfigured Out of the Box. Enables Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command. Now Supports v8.0!
- aws/aws-codebuild-docker-images - Official AWS CodeBuild repository for managed Docker images http:https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html
- vimagick/dockerfiles - 🐳 A collection of delicious docker recipes
- dukebarman/ghidra-builder - Docker image for building ghidra RE framework from source
- robcowart/influx_snmp - SNMP Data Collection and Analytics with the TICK Stack (Telegraf, InfluxDB, Chronograf and Kapacitor)
- GelosSnake/CyberChefDocker - A simple docker for CyberChef Dev environment
- jgamblin/NMap-Action - A Github Action That Launches an NMap Scan Vulners Scan & Opens A Github Issue With The Findings
- sneakerhax/TTPs - Tactics, Techniques, and Procedures
- obscuritylabs/RAI - Rapid Attack Infrastructure (RAI)
- PagerDuty/incident-response-docs - PagerDuty's Incident Response Documentation.
- TheSecureTux/redteam-k8spwn - Reverse shell container for k8s deployments
- knqyf263/CVE-2019-6340 - Environment for CVE-2019-6340 (Drupal)
- johackim/docker-hacklab - My personal hacklab, create your own.
- OWASP/Docker-Security - Getting a handle on container security
- rsyslog/rsyslog-docker - rsyslog docker containers
- kyledinh/docker - Collection of docker code and docs
- quickbreach/PowerShell-NTLM - Docker image for PowerShell remoting from Linux to Windows
- orlikoski/skadi_timesketch - Skadi specific Docker build for TimeSketch
- cboin/re_lab - A portable reverse engineering environment using docker.
- wpengine/base-images-public - Simple Docker Images
- singe/hashcat-brain - A docker container for running the hashcat brain server
- dizcza/docker-hashcat - Latest hashcat docker for Ubuntu 18.04 CUDA, OpenCL, and POCL
- espi0n/Dockerfiles -
- marco-lancini/docker_burp - Burp as a Docker Container
- raesene/dockerized-security-tools - Dockerfiles for security tools
- random-robbie/wifite2-docker - Docker of Wifite2
- random-robbie/squid-anon-docker - Squid Proxy that is classed as anon
- MyKings/docker-vulnerability-environment - Use the docker to build a vulnerability environment
- SilentServices/docker-sslscan -
- ermaker/dockerfile-fluentd -
- regit/suri-docker-qa - Docker image running a buildbot set up for Suricata QA
- laradock/laradock - Full PHP development environment for Docker.
- paunin/PostDock - PostDock - Postgres & Docker - Postgres streaming replication cluster for any docker environment
- sixeyed/dockerfiles-windows - Dockerfiles for Windows containers
- MattHodge/ansible-docker - Docker Container for running Ansible with support for WinRM
- mikesplain/openvas-docker - A Docker container for Openvas
- bse666/rpi-mopidy - Mopidy for docker enabled RaspberryPi
- thinkst/canarytokens-docker - Docker configuration to quickly setup your own Canarytokens.
- phocean/dockerfile-msf - This Dockerfile builds a Debian-based Docker container with Metasploit-Framework installed. A quick and easy way to deploy Metasploit on any box, including Linux, MacOS or Windows!
- fcolista/alpine-metasploit - Docker Image for Metasploit based on Alpine Linux
- balabit/syslog-ng-docker - Docker images for syslog-ng development, testing, playground.
- zeek/zeek-docker - Docker files for building Zeek.
- silvio/docker-pandoc - Dockerimage for the great pandoc with inotify based server
- jessfraz/dockerfiles - Various Dockerfiles I use on the desktop and on servers.
- firecat53/dockerfiles - Dockerfiles: Check_Mk, Couchpotato, Deluge, Gollum, Headphones, Jackett, Lazy Librarian, Miniflux, Nginx/PHP-FPM, OpenVPN PIA client, Plex, Privatebin, Radarr, Sabnzbd, Samba, SSH Socks Proxy server, Sonarr, Syncthing, Stringer,Transmission, Unifi Controller.
- LogicalSpark/docker-tikaserver - Apache Tika Server as a Docker Image
- REMnux/docker - This repository contains Dockerfiles for building Docker images of popular malware analysis tools, which are distributed through the REMnux repository on Docker Hub.
- blacktop/docker-volatility - Volatility Dockerfile
- samyk/magspoof - A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card "wirelessly", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy.
- edgurgel/httpoison - Yet Another HTTP client for Elixir powered by hackney
- operable/cog - Bringing the power of the command line to chat
- asciinema/asciinema-server - Web app for hosting asciicasts
- for-GET/know-your-http-well - HTTP headers, media-types, methods, relations and status codes, all summarized and linking to their specification.
- wanderlust/wanderlust - Wanderlust Development Repository
- Sliim/helm-github-stars - Browse your starred repositories with Emacs helm interface
- vikasrawal/orgpaper - Reproducible Research Papers using Org-mode and R: A Guide
- sshaw/git-link - Emacs package to get the GitHub/Bitbucket/GitLab/... URL for a buffer location
- linhmtran168/mac_dotfiles - My Mac dot files
- serras/emacs-haskell-tutorial - Tutorial on setting up Emacs to do Haskell programming
- jorgenschaefer/elpy - Emacs Python Development Environment
- melpa/melpa - Recipes and build machinery for the biggest Emacs package repo
- kuanyui/moe-theme.el - A customizable colorful eye-candy theme for Emacser. Moe, moe, kyun!
- yukihr/Warp - Web Article Realtime Preview for Emacs
- nelhage/reverse-android - Reverse-engineering tools for Android applications
- tsgates/pylookup - Emacs mode for searching python documents with convenience
- 0xc0decafe/ss7MAPer - SS7 MAP (pen-)testing toolkit
- ernw/ss7MAPer - SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/
- benoitc/nat_upnp - Erlang library to map your internal port to an external using UNP IGD
- benoitc/dnssd_erlang - Erlang interface to Apple's Bonjour DNS Service Discovery implementation
- leo-project/leofs - The LeoFS Storage System
- heroku/logplex - [DEPRECATED] Heroku log router
- enkomio/Sojobo - A binary analysis framework
- enkomio/Anathema - .NET instrumentation framework
- enkomio/sacara - Sacara VM
- WestpointLtd/tls_prober - A tool to fingerprint SSL/TLS servers
- owasp-cloud-security/owasp-cloud-security - OWASP Cloud Security - Enabling conversations through threat and control stories
- BBVA/patton - The clever vulnerability dependency finder
- kosmosec/proto-find - Let's check if your target is vulnerable for client side prototype pollution.
- Azure/aad-pod-identity - Assign Azure Active Directory Identities to Kubernetes applications.
- pupagang/pupadrive-go -
- v-byte-cpu/sx - 🖖 Fast, modern, easy-to-use network scanner
- Ethermat/tld-scan - Top level domain scanner in Go
- L11R/escobar - Like cntlm but for Kerberos
- stanford-esrg/lzr - LZR quickly detects and fingerprints unexpected services running on unexpected ports.
- Hackmanit/Web-Cache-Vulnerability-Scanner - Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http:https://hackmanit.de/).
- idiotc4t/Reflective-HackBrowserData - HackBrowserData的反射模块
- 0xInfection/LogMePwn - A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
- kost/logdns - Simple DNS logging server
- zinclabs/zinc - Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
- jas502n/Grafana-CVE-2021-43798 - Grafana Unauthorized arbitrary file reading vulnerability
- FDlucifer/Proxy-Attackchain - proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool
- abhimanyu003/sttr - cross-platform, cli app to perform various operations on string
- nodauf/GoMapEnum - User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
- chenjiandongx/sniffer - 🤒 A modern alternative network traffic sniffer.
- Tylous/ZipExec - A unique technique to execute binaries from a password protected zip
- neex/ghostinthepdf -
- nikitavoloboev/alfred-web-searches - Alfred workflow to search through any website (easily extendable list)
- Antonito/gfile - Direct file transfer over WebRTC
- docuowl/docuowl - 🦉 A documentation generator
- konoui/alfred-tldr - tldr with alfred workflow written in Go
- yehgdotnet/attack - Utilities/scripts/files to assist emulation of MITRE ATT&CK / PRE-ATT&CK prepared by Myo Soe
- balook/tools - These are my private tools for hacking
- metal3d/cors-proxy - A simple proxy to add CORS for other service
- inbug-team/InScan - 边界打点后的自动化渗透工具
- Rvn0xsy/red-tldr - red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.
- TheYkk/git-switcher - Switch between your git profiles easily
- Tylous/SourcePoint - SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
- cristianoliveira/ergo - The management of multiple apps running over different ports made easy
- projectdiscovery/interactsh - An OOB interaction gathering server and client library
- nektos/act - Run your GitHub Actions locally 🚀
- ossf/allstar - GitHub App to set and enforce security policies
- Binject/go-donut - Donut Injector ported to pure Go. For use with https://github.com/TheWover/donut
- signedsecurity/sigurlfind3r - A passive reconnaissance tool for known URLs discovery - it gathers a list of URLs passively using various online sources.
- daffainfo/Key-Checker - Go scripts for checking API key / access token validity
- reugn/wifiqr - Create a QR code with your Wi-Fi login details
- benjojo/totp-ssh-fluxer - Take security by obscurity to the next level (this is a bad idea, don't really use this please)
- FINCTIVE/video-download-bot - download online videos with telegram bot. (built for raspberry pi 👏)
- JanDeDobbeleer/oh-my-posh - A prompt theme engine for any shell.
- grines/scour -
- kubernetes-sigs/krew - 📦 Find and install kubectl plugins
- lima-vm/lima - Linux virtual machines, typically on macOS, for running containerd
- jetstack/jetstack-secure - Open source components of Jetstack Secure
- cespare/reflex - Run a command when files change
- chen-keinan/kube-beacon - Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification
- liamg/pax - 💀 🔓 CLI tool for PKCS7 padding oracle attacks
- gwen001/github-subdomains - Find subdomains on GitHub
- doersa/alfred-hash - Hashes strings with algorithms like md5, sha1, sha512, and many others.
- deanishe/alfred-forklift - Filter ForkLift favourites in Alfred
- detectify/page-fetch - Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values
- optiv/ScareCrow - ScareCrow - Payload creation framework designed around EDR bypass.
- birchb1024/frangipanni - Program to convert lines of text into a tree structure.
- KubeOperator/webkubectl - Run kubectl command in Web Browser.
- sigstore/cosign - Container Signing
- GoogleCloudPlatform/security-response-automation - Take automated actions against threats and vulnerabilities.
- projectdiscovery/simplehttpserver - Go alternative of python SimpleHTTPServer
- dundee/gdu - Fast disk usage analyzer with console interface written in Go
- azimjohn/jprq - Get Your Localhost Online - Ngrok Alternative
- niocs/csvsql - Golang project to run sql queries on any csv file using embedded sqlite database. Has interactive and non-interactive modes.
- senthilrch/kube-fledged - A kubernetes operator for creating and managing a cache of container images directly on the cluster worker nodes, so application pods start almost instantly
- cdk-team/CDK - CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
- GoogleContainerTools/kpt - A Git-native, schema-aware, extensible client-side tool for packaging, customizing, validating, and applying Kubernetes resources.
- cyberark/kubesploit - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
- liggitt/audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs
- Tylous/Limelighter - A tool for generating fake code signing certificates or signing real ones
- optiv/Go365 - An Office365 User Attack Tool
- Narasimha1997/fake-sms - A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy.
- gwen001/github-endpoints - Find endpoints on GitHub.
- hahwul/DevSecOps - 🔱 Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
- hahwul/MobileHackersWeapons - Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
- nodauf/Girsh - Automatically spawn a reverse shell fully interactive for Linux or Windows victim
- brompwnie/botb - A container analysis and exploitation tool for pentesters and engineers.
- inguardians/peirates - Peirates - Kubernetes Penetration Testing tool
- anmitsu/goful - Goful is a CUI file manager written in Go.
- blushft/go-diagrams - Create beautiful system diagrams with Go
- cycloidio/inframap - Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.
- gustavorobertux/goshock - SonicWall VPN-SSL Exploit* using Golang ( * and other targets vulnerable to shellshock ).
- deepfence/SecretScanner - 🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
- open-ch/ja3 - A high performance Go Implementation of the JA3 Client Fingerprinting Algorithm.
- pry0cc/soxy - Multi-threaded socks proxy checker written in Go!
- chennqqi/godnslog - An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
- jsidrach/idn-homograph-attack - [Archived] Analysis of the potential impact of IDN Homograph Attacks
- Henry-Sarabia/blank - Detect blank strings or remove whitespace from strings
- xct/morbol - Simple AV Evasion for PE Files
- benpye/wsl-ssh-pageant - A Pageant -> TCP bridge for use with WSL, allowing for Pageant to be used as an ssh-ageant within the WSL environment.
- evilsocket/ditto - A tool for IDN homograph attacks and detection.
- RumbleDiscovery/jarm-go - A Go implementation of JARM
- ReddyyZ/urlbrute - Directory/Subdomain scanner developed in GoLang.
- root4loot/rescope - A scope-generator-tool for Burp Suite and ZAP
- S4R1N/Tritium - Password Spraying Framework
- roerohan/bird - A simple website directory enumeration tool built with Golang.
- buptczq/WinCryptSSHAgent - Using a Yubikey for SSH Authentication on Windows Seamlessly
- fzipi/go-ftw - Web Application Firewall Testing Framework - Go version
- dolthub/dolt - Dolt – It's Git for Data
- hahwul/WebHackersWeapons - ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
- wybiral/ipv4scan - IoT device scanner.
- Matir/dice - Go implementation of Dice Words with EFF Wordlist.
- target/goalert - Open source on-call scheduling, automated escalations, and notifications so you never miss a critical alert
- v2fly/v2ray-core - A platform for building proxies to bypass network restrictions.
- timescale/tobs - tobs - The Observability Stack for Kubernetes. Easy install of a full observability stack into a k8s cluster with a CLI tool or Helm charts.
- hahwul/urlgrab - A golang utility to spider through a website searching for additional links.
- riza/medusa - Fastest recursive HTTP fuzzer, like a Ferrari.
- Jake0x48/quickbrute - An automated bruteforce tool
- hahwul/backbomb - 💣 Dockerized penetration-testing/bugbounty/app-sec testing environment
- stackrox/kube-linter - KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
- snyk/driftctl - Detect, track and alert on infrastructure drift
- projectdiscovery/proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.
- kentaro-m/md2confl - 🛠 md2confl is a CLI tool to convert the markdown text to confluence wiki format.
- digitalocean/clusterlint - A best practices checker for Kubernetes clusters. 🤠
- moloch--/denim - Automated compiler obfuscation for nim
- ameenmaali/qsfuzz - qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
- mzfr/takeover - A tool for testing subdomain takeover possibilities at a mass scale.
- muesli/duf - Disk Usage/Free Utility - a better 'df' alternative
- sandstorm/sku - Sandstorm Kubernetes Client - Convenience tools to interact with Kubernetes
- k8gege/LadonGo - Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
- vulsio/go-cve-dictionary - Build a local copy of CVE (NVD and Japanese JVN). Server mode for easy querying.
- zmap/zgrab2 - Fast Go Application Scanner
- dsopas/rfd-checker - RFD Checker - security CLI tool to test Reflected File Download issues
- policy-hub/policy-hub-cli - CLI for searching Rego policies
- fluxcd/flux2 - Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
- edoardottt/scilla - Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
- 0xjbb/scyllago - Simple Go Module for the scylla.sh API
- dandare100/agentstub - SSH Agent Forwarding
- mhmdiaa/second-order - Second-order subdomain takeover scanner
- alpkeskin/mosint - An automated e-mail OSINT tool
- sw33tLie/bbscope - Scope gathering tool for HackerOne, Bugcrowd, Intigriti and Immunefi!
- busterb/msmailprobe - Office 365 and Exchange Enumeration
- Shivangx01b/BountyIt - A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it using signatures
- gruntwork-io/kubergrunt - Kubergrunt is a standalone go binary with a collection of commands to fill in the gaps between Terraform, Helm, and Kubectl. https://www.gruntwork.io
- cisco-open/kubei - KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and CI/CD pipelines for enhanced software supply chain security.
- uber/kraken - P2P Docker registry capable of distributing TBs of data in seconds
- chenjiandongx/kubectl-images - 🕸 Show container images used in the cluster.
- tilt-dev/ctlptl - Making local Kubernetes clusters fun and easy to set up
- grafana/k6 - A modern load testing tool, using Go and JavaScript - https://k6.io
- aws/karpenter - Kubernetes Node Autoscaling: built for flexibility, performance, and simplicity.
- slyd0g/WhiteChocolateMacademiaNut - Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies
- ahmetb/kubectx - Faster way to switch between clusters and namespaces in kubectl
- alexellis/arkade - Open Source Marketplace For Developer Tools
- weaveworks/kured - Kubernetes Reboot Daemon
- ethicalhackingplayground/bxss -
- ethicalhackingplayground/ssrf-tool -
- ethicalhackingplayground/wordlistgen - Generates target specific word lists for Fuzzing with fuff
- ethicalhackingplayground/linkJS -
- ryandamour/crlfmap - CRLFMap is a tool to find HTTP Splitting vulnerabilities
- ethicalhackingplayground/dorkX - Pipe different tools with google dork Scanner
- anasbousselham/fortiscan - A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool.
- projectdiscovery/dnsx - dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
- C-Sto/recursebuster - rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
- ropnop/go-windapsearch - Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
- github/git-sizer - Compute various size metrics for a Git repository, flagging those that might cause problems
- rodrigodiez/smocha - Smocha is a http smoke tests runner focused on simplicity, readability, and speed
- pressly/sup - Super simple deployment tool - think of it like 'make' for a network of servers
- mxssl/cmd-runner - Execute commands on remote hosts asynchronously over ssh
- instrumenta/kubeval - Validate your Kubernetes configuration files, supports multiple Kubernetes versions
- StackExchange/blackbox - Safely store secrets in Git/Mercurial/Subversion
- mstruebing/duration - Shows how long a process is already running
- cri-o/cri-o - Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
- containers/skopeo - Work with remote images registries - retrieving information, images, signing content
- containers/buildah - A tool that facilitates building OCI images.
- containers/podman - Podman: A tool for managing OCI containers and pods.
- projectdiscovery/cloudlist - Cloudlist is a tool for listing Assets from multiple Cloud Providers.
- redcode-labs/Sammler - A tool to extract useful data from documents
- moonD4rk/HackBrowserData - Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
- aquasecurity/kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
- Shopify/kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls
- salesforce/sloop - Kubernetes History Visualization
- matryer/xbar - Put the output from any script or program into your macOS Menu Bar (the BitBar reboot)
- moncho/dry - dry - A Docker manager for the terminal @
- cloudquery/cloudquery - The open-source cloud asset inventory powered by SQL.
- aquasecurity/tracee - Linux Runtime Security and Forensics using eBPF
- optiv/Talon - A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.
- kitabisa/teler - Real-time HTTP Intrusion Detection
- heroku/terrier - Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of specific files according to their hashes.
- sclevine/yj - CLI - Convert between YAML, TOML, JSON, and HCL
- ossf/scorecard - Security Scorecards - Security health metrics for Open Source
- sensepost/common-substr - Simple tool to extract the most common substrings from an input text. Built for password cracking.
- mergestat/mergestat - Query git repositories with SQL. Generate reports, perform status checks, analyze codebases. 🔍 📊
- RedTeamPentesting/CVE-2020-13935 - Exploit for WebSocket Vulnerability in Apache Tomcat
- thelikes/gwdomains - sub domain wild card filtering tool
- 1ndianl33t/urlprobe - Urls status code & content length checker
- openfaas/faas-cli - Official CLI for OpenFaaS
- djhohnstein/spfwalker - Tool to walk SPF records for relevant domain names and Whois information.
- kevinjqiu/pat - Prometheus Alert Testing utility
- crowdsecurity/hub - Main repository for crowdsec scenarios/parsers
- charmbracelet/glow - Render markdown on the CLI, with pizzazz! 💅🏻
- jckuester/awsls - A list command for AWS resources
- AlecRandazzo/Packrat - Live system forensic collector
- hashicorp/boundary - Boundary enables identity-based access management for dynamic infrastructure.
- trek10inc/awsets - A utility for crawling an AWS account and exporting all its resources for further analysis.
- lima-vm/sshocker - ssh + reverse sshfs + port forwarder, in Docker-like CLI (predecessor of Lima)
- peak/s5cmd - Parallel S3 and local filesystem execution tool.
- shenwei356/rush - A cross-platform command-line tool for executing jobs in parallel
- dstotijn/hetty - An HTTP toolkit for security research.
- dwisiswant0/cf-check - CloudFlare Checker written in Go
- projectdiscovery/dnsprobe - DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
- hahwul/hack-pet - 🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
- hahwul/dalfox - 🌙🦊 DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility
- balook/teleman - Telegram cli tool for bot notifications
- toufik-airane/leakin - Secrets detection based on regular expressions.
- Cgboal/Decant - Expand CIDR ranges to IPv4 addresses
- Cgboal/SonarSearch - A rapid API for the Project Sonar dataset
- derailed/k9s - 🐶 Kubernetes CLI To Manage Your Clusters In Style!
- random-robbie/slurp - Enumerate S3 buckets via certstream, domain, or keywords
- praetorian-inc/trident - automated password spraying tool
- tstillz/webshell-analyzer - Web shell scanner and analyzer.
- EdOverflow/csp - Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
- hahwul/s3reverse - The format of various s3 buckets is convert in one format. for bugbounty and security testing.
- hahwul/jwt-hack - 🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
- knownsec/ksubdomain - 无状态子域名爆破工具
- theblackturtle/ASNTool -
- MilindPurswani/whoxyrm - A reverse whois tool based on Whoxy API.
- liamg/gitjacker - 🔪 Leak git repositories from misconfigured websites
- jaeles-project/jaeles - The Swiss Army knife for automated Web Application Testing
- hahwul/mzap - ⚡️ Multiple target ZAP Scanning
- shenwei356/csvtk - A cross-platform, efficient and practical CSV/TSV toolkit in Golang
- 0xsha/CloudBrute - Awesome cloud enumerator
- spyre-project/spyre - simple YARA-based IOC scanner
- lc/subjs - Fetches javascript file from a list of URLS or subdomains.
- veggiedefender/browsertunnel - Surreptitiously exfiltrate data from the browser over DNS
- dwisiswant0/go-dork - The fastest dork scanner written in Go.
- projectdiscovery/naabu - A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
- projectdiscovery/shuffledns - MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
- projectdiscovery/mapcidr - Small utility program to perform multiple operations for a given subnet/CIDR ranges.
- projectdiscovery/subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
- projectdiscovery/httpx - httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
- tomnomnom/anew - A tool for adding new lines to files, skipping duplicates
- OWASP/Amass - In-depth Attack Surface Mapping and Asset Discovery
- brentp/gargs - better(?) xargs in go
- shantanu561993/SharpChisel - C# Wrapper around Chisel from https://github.com/jpillora/chisel
- KathanP19/Gxss - A tool to check a bunch of URLs that contain reflecting params.
- Archive-Puma/Elliot - 👤 A framework to automate the OSINT process at night
- rverton/wonitor - fast, zero config web endpoint change monitor
- dwisiswant0/wadl-dumper - Dump all available paths and/or endpoints on WADL file.
- go-jira/jira - simple jira command line client in Go
- saeeddhqan/evine - Interactive CLI Web Crawler
- SixGenInc/Noctilucent - Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
- iyouport-org/relaybaton - A pluggable transport to circumvent Internet censorship
- bluesentinelsec/OffensiveGoLang - A collection of Offensive Go packages.
- D00MFist/Go4aRun - Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
- alexzorin/authy - Go library and program to access your Authy TOTP secrets.
- IAmStoxe/urlgrab - A golang utility to spider through a website searching for additional links.
- aquasecurity/starboard - Kubernetes-native security toolkit
- lucasepe/draft - Generate High Level Cloud Architecture diagrams using YAML syntax.
- fiatjaf/jqview - simplest possible native GUI for inspecting JSON objects with jq
- cybercdh/kitphishr - A tool designed to hunt for Phishing Kit source code
- projectdiscovery/chaos-client - Go client to communicate with Chaos DNS API.
- EgeBalci/sgn - Shikata ga nai (仕方がない) encoder ported into go with several improvements
- FiloSottile/yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
- sysdream/ligolo - Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
- foxcpp/maddy - ✉️ Composable all-in-one mail server.
- ndelphit/apkurlgrep - Extract endpoints from APK files
- inancgumus/learngo - 1000+ Hand-Crafted Go Examples, Exercises, and Quizzes
- tomnomnom/burl - A Broken-URL Checker
- forensicanalysis/artifactcollector - 🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
- Binject/backdoorfactory - A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.
- leobeosab/sharingan - Offensive Security recon tool
- netograph/netograph-api - Tools and libraries for interacting with the Netograph API
- openfaas/faas-netes - Serverless Functions For Kubernetes
- letsencrypt/boulder - An ACME-based certificate authority, written in Go.
- signalfx/gateway - A proxy to buffer and forward metrics, events, and traces.
- activecm/rita-bl - Real Intelligence Threat Analytics -- Blacklist Database
- digitalocean/terraform-provider-digitalocean - Terraform DigitalOcean provider
- edi9999/path-extractor - A unix filter which outputs the filepaths found in stdin
- LukaSikic/subzy - Subdomain takeover vulnerability checker
- brianredbeard/gpget - A simple utility to safely retrieve arbitrary files.
- go-piv/piv-go - Keys and certificates for YubiKeys, written in Go
- FiloSottile/age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
- FiloSottile/captive-browser - A dedicated Chrome instance to log into captive portals without messing with DNS settings.
- aaronjanse/3mux - Terminal multiplexer inspired by i3
- kuberhealthy/kuberhealthy - A Kubernetes operator for running synthetic checks as pods. Works great with Prometheus!
- projectdiscovery/nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
- open-policy-agent/opa - An open source, general-purpose policy engine.
- cycloidio/terracognita - Reads from existing Cloud Providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration
- 99designs/aws-vault - A vault for securely storing and accessing AWS credentials in development environments
- brimdata/zed - Tooling for super-structured data: a new and easier way to manipulate data
- weaveworks/scope - Monitoring, visualisation & management for Docker & Kubernetes
- micrictor/Requestor - Defensive counterpart to https://github.com/SpiderLabs/Responder
- arnaucube/cryptofun - Crypto algorithms from scratch. Learning purposes only. ECC, BN128 pairing, Paillier, RSA, Homomorphic computation, ElGamal, Schnorr, ECDSA, BLS, ...
- strongdm/comply - Compliance automation framework, focused on SOC2
- tiagorlampert/CHAOS - 🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
- assafmo/xioc - Extract indicators of compromise from text, including "escaped" ones.
- x1sec/commit-stream - #OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
- lc/gau - Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
- CCob/gookies - A Chrome cookie dumping utility
- hotnops/gtunnel - A robust tunelling solution written in golang
- theblackturtle/fprobe - Take a list of domains/subdomains and probe for working http/https server.
- opencontrol/standards - OpenControl-formatted industry standards and requirement documents
- lc/secretz - secretz, minimizing the large attack surface of Travis CI
- cybercdh/h2i - Converts a hostname (or URI) to IP address using your local resolver
- genuinetools/bane - Custom & better AppArmor profile generator for Docker containers.
- FlowerWrong/tun2socks - Redirect tun flow to socks 5 in golang, support tcp and udp.
- kkdai/goFBPages - 臉書相簿小幫手 A Facebook Page Album download tool in Golang
- kelseyhightower/kube-rsa - Generate self-signed TLS certificates for Kubernetes
- johto/iso9660wrap - Wrap a single file into an ISO9660 image
- jondlm/trapper - A small HTTP server for inspecting payloads
- joneskoo/http2-keylog - Example: debugging TLS with Go crypto/tls KeyLogWriter
- JustinAzoff/ssh-auth-logger - A low/zero interaction ssh authentication logging honeypot
- jzelinskie/faq - Format Agnostic jQ -- process various formats with libjq
- kalafut/imohash - Fast hashing for large files
- KeizerDev/domainchecker - 🌐 Check/buy domains from the terminal at your favorite supplier.
- m3db/m3 - M3 monorepo - Distributed TSDB, Aggregator and Query Engine, Prometheus Sidecar, Graphite Compatible, Metrics Platform
- adnanh/webhook - webhook is a lightweight incoming webhook server to run shell commands
- cloudutil/AutoSpotting - Saves up to 90% of AWS EC2 costs by automating the use of spot instances on existing AutoScaling groups. Installs in minutes using CloudFormation or Terraform. Convenient to deploy at scale using StackSets. Uses tagging to avoid launch configuration changes. Automated spot termination handling. Reliable fallback to on-demand instances.
- tismayil/fockcache - FockCache - Minimalized Test Cache Poisoning
- jaeles-project/gospider - Gospider - Fast web spider written in Go
- koenrh/s3enum - Fast Amazon S3 bucket enumeration tool for pentesters.
- theblackturtle/wildcheck - A simple tool to detect wildcards domain based on Amass's wildcards detector.
- x1sec/citrix-honeypot - Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts
- atredispartners/flamingo - Flamingo captures credentials sprayed across the network by various IT and security products.
- ddz/whatsapp-media-decrypt - Decrypt WhatsApp encrypted media files
- alexellis/k3sup - bootstrap Kubernetes with k3s over SSH < 1 min 🚀
- m-mizutani/AlertResponder - Automatic security alert response framework by AWS Serverless Application Model
- octarinesec/kube-scan - kube-scan: Octarine k8s cluster risk assessment tool
- corellium/corellium-android-unpacking - Android Unpacking Automation using Corellium Devices
- mikispag/rosettaflash - A tool for manipulating SWF files, leveraging zlib to craft alphanumeric-only valid SWF files in order to allow CSRF with SOP bypass thanks to JSONP abuse.
- x1sec/citrixmash_scanner - A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix
- google/link022 - Link022 - an open WiFi access point
- google/gousb - gousb provides low-level interface for accessing USB devices
- google/easypki - Creating a certificate authority the easy way
- donatj/imgdedup - CLI tool for image duplicate detection
- h12w/socks - A SOCKS (SOCKS4, SOCKS4A and SOCKS5) Proxy Package for Go
- labstack/echo - High performance, minimalist Go web framework
- casbin/casbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
- ph4ntonn/Stowaway - 👻Stowaway -- Multi-hop Proxy Tool for pentesters
- grantae/certinfo - A tool for printing X509 TLS certificates in Go
- hakluke/hakrawler - Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
- hakluke/hakcheckurl - Takes a list of URLs and returns their HTTP response codes
- dropbox/llama - Library for testing and measuring network loss and latency between distributed endpoints.
- networkop/terraform-yang - Terraform provider utilizing gNMI interface and OpenConfig models
- taktv6/go-traffic-mon - High resolution traffic measurement tool for Linux written in Go
- hakluke/hakrevdns - Small, fast tool for performing reverse DNS lookups en masse.
- liamg/scout - 🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
- tillson/git-hound - Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
- mmitton/ldap - Basic LDAP v3 functionality for the GO programming language.
- mavricknz/ldap - Basic LDAP v3 functionality for the GO programming language.
- demisto/alfred - A Slack bot to add security info to messages containing URLs, hashes and IPs
- aviadl/thirdPartyLicenseCollector - Collect all third party licenses in dependencies into one file, and notify about missing licenses
- olebedev/when - A natural language date/time parser with pluggable rules
- 4ARMED/kubeletmein - Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.
- slackhq/nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
- demisto/elastic - Elasticsearch client for Go.
- trailofbits/audit-kubernetes - k8s audit repo
- aau-network-security/haaukins - A Highly Accessible and Automated Virtualization Platform for Security Education
- jimen0/brute - Package brute allows concurrently bruteforce subdomains for a domain using a list of DNS servers and querying a desired DNS record
- mame82/lmidns -
- spencerkimball/repo-digest - Create daily digests of activity to GitHub repositories
- evilsocket/brutemachine - A Go library which main purpose is giving an interface to loop over a dictionary and use those words/lines as input for some custom logic such as HTTP file bruteforcing, DNS bruteforcing, etc.
- rverton/webanalyze - Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
- antoniomika/sish - HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
- audibleblink/letsproxy - Quickly fetch Let's Encrypt certs and serve a reverse proxy
- audibleblink/passdb-backend - Password Breach API Server
- similarweb/finala - Finala is an open-source resource cloud scanner that analyzes, discloses, presents and notifies about wasteful and unused resources.
- vmware-tanzu/octant - Highly extensible platform for developers to better understand the complexity of Kubernetes clusters.
- hsiafan/httpdump - Capture and parse http traffics
- jakejarvis/subtake - Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
- IntelligenceX/Telnet-2 - Telnet-2 allows to connect via Tor and define a custom timeout
- famasoon/crtsh - This tool shows the result of crt.sh
- eranyanay/1m-go-websockets - handling 1M websockets connections in Go
- lis912/CapOS - 等级保护测评windows工具源码
- smallstep/certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
- CUCyber/ja3transport - Impersonating JA3 signatures
- sundowndev/phoneinfoga - Information gathering & OSINT framework for phone numbers
- volatiletech/authboss - The boss of http auth.
- rebuy-de/aws-nuke - Nuke a whole AWS account and delete all its resources.
- cilium/hubble - Hubble - Network, Service & Security Observability for Kubernetes using eBPF
- GoogleCloudPlatform/terraformer - CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
- random-robbie/CVE-2019-5418 -
- zaf/sipshock - A scanner for SIP proxies vulnerable to Shellshock
- bfix/Tor-DNS - Simple DNS server that uses a Tor SOCKS5 proxy to resolve names.
- asciimoo/filtron - Filtering reverse HTTP proxy
- ok-borg/borg - Search and save shell snippets without leaving your terminal
- bnagy/crashwalk - Bucket and triage on-disk crashes. OSX and Linux.
- gilbertchen/duplicacy - A new generation cloud backup tool
- lukasmartinelli/pipecat - Connect UNIX pipes and message queues
- edermi/go-tomcat-mgmt-scanner - A simple scanner to find and brute force tomcat manager logins
- kubernetes-simulator/simulator - Kubernetes Security Training Platform - Focussing on security mitigation
- stefansundin/ec2-metadata-filter - Enhance the security of the EC2 metadata service. (Obsolete thanks to Instance Metadata Service Version 2, see note in README)
- haraldfw/cfger - Go-package to read structured or unstructured configuration from environment variables, files and docker secrets.
- lc/brute53 - A tool to bruteforce nameservers when working with subdomain delegations to AWS.
- codyleyhan/crane - A CLI for interacting with private docker repos
- arbazkiraak/DNSGrep - Quickly Search Large DNS Datasets
- hillu/go-yara - Go bindings for YARA
- Velocidex/evtx - Golang Parser for Microsoft Event Logs
- hahwul/ras-fuzzer - RAS(RAndom Subdomain) Fuzzer
- schweikert/fping-exporter - prometheus exporter to measure network latency
- idestis/gort - Simple HTTP handler to receive remote calls to run scripts bundled in Docker containers
- AbGuthrie/goquery - Provide a shell like interface by utilizing osquery's distributed API
- lair-framework/go-nexpose - Nexpose XML parsing library
- lair-framework/go-sslyze - SSLyze XML parsing library for Go
- lair-framework/go-sslscan - SSLScan XML parsing library for Go
- lair-framework/go-recon-ng -
- lair-framework/go-lair - Go package for lair
- mitchellh/gox - A dead simple, no frills Go cross compile tool
- teknogeek/ssrf-sheriff - A simple SSRF-testing sheriff written in Go
- opencontrol/doc-template - Simple Google Go (golang) library for replace text in microsoft word (.docx) file
- opencontrol/compliance-masonry - Security Documentation Builder
- ovh/utask - µTask is an automation engine that models and executes business processes declared in yaml. ✏️📋
- med0x2e/genxlm - A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4Macro"
- apuigsech/git-seekret - Git module to prevent from committing sensitive information into the repository.
- C-Sto/gosecretsdump - Dump ntds.dit really fast
- awgh/ratnet - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.
- oftn-oswg/zerodrop - A stealth URL toolkit optimized for bypassing censorship filters and/or dropping malware
- t94j0/AIRMASTER - Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
- evilsocket/islazy - A Go library containing a set of opinionated packages, objects, helpers and functions implemented with the KISS principle in mind.
- Ullaakut/camerattack - An attack tool designed to remotely disable CCTV camera streams (like in spy movies)
- skx/simple-vpn - A simple VPN allowing mesh-like communication between nodes, over websockets
- stevenaldinger/decker - Declarative penetration testing orchestration framework
- lesnuages/hershell - Multiplatform reverse shell generator
- dan-v/dosxvpn - Easily deploy your own personal VPN server with DNS adblocking running on DigitalOcean
- lunixbochs/usercorn - dynamic binary analysis via platform emulation
- go-ole/go-ole - win32 ole implementation for golang
- erning/gorun - gorun is a tool enabling one to put a "bang line" in the source code of a Go program to run it, or to run such a source code file explicitly. It was created in an attempt to make experimenting with Go more appealing to people used to Python and similar languages which operate most visibly with source code.
- Dliv3/Venom - Venom - A Multi-hop Proxy for Penetration Testers
- cosmos72/gomacro - Interactive Go interpreter and debugger with REPL, Eval, generics and Lisp-like macros
- adammck/terraform-inventory - Terraform State → Ansible Dynamic Inventory
- d5/tengo - A fast script language for Go
- google/keytransparency - A transparent and secure way to look up public keys.
- traefik/yaegi - Yaegi is Another Elegant Go Interpreter
- runatlantis/atlantis - Terraform Pull Request Automation
- robertkrimen/otto - A JavaScript interpreter in Go (golang)
- tomnomnom/concurl - Make concurrent requests with the curl command-line tool
- fiatjaf/jiq - jid on jq - interactive JSON query tool using jq expressions
- sudosammy/knary - A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
- kennylevinsen/sshmuxd - sshmux frontend
- kennylevinsen/serve2d - Protocol detecting server
- sourcekris/goCertStreamCatcher - golang port of the certstreamcatcher certificate transparency log monitor
- fffaraz/fakessh - A dockerized fake SSH server honeypot written in Go that logs login attempts.
- D4-project/sensor-d4-tls-fingerprinting - Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
- magisterquis/dnsbotnet - DNS Botnet Server and Client
- fzerorubigd/go0r - A simple ssh honeypot in golang
- traetox/sshForShits - framework for a high interaction SSH honeypot
- danieljoos/wincred - Go wrapper around the Windows Credential Manager API functions
- litl/rdstail - Tool for reading RDS logs
- kennylevinsen/serve2 - Protocol detecting server library
- google/gonids - gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
- mushorg/go-dpi - Application layer protocol identification of traffic flows
- groob/moroz - Moroz is a Santa server
- tobischo/gokeepasslib - A library to read and write keepass 2 files written in go
- carlmjohnson/heffalump - Heffalump is an endless honeypot
- magisterquis/sshhipot - High-interaction MitM SSH honeypot
- google/certificate-transparency-go - Auditing for TLS certificates (Go code)
- dutchcoders/marija - Data exploration and visualisation for Elasticsearch and Splunk.
- xordataexchange/crypt - Store and retrieve encrypted configs from etcd or consul
- nsheridan/cashier - A self-service CA for OpenSSH
- Pallinder/go-randomdata - A tiny generator of random data for golang, also known as a faker
- hashicorp/go-getter - Package for downloading things from a string URL using a variety of protocols.
- spf13/pflag - Drop-in replacement for Go's flag package, implementing POSIX/GNU-style --flags.
- google/stenographer - Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at [email protected]
- hashicorp/envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.
- gopherdata/gophernotes - The Go kernel for Jupyter notebooks and nteract.
- igrigorik/ga-beacon - Google Analytics collector-as-a-service (using GA measurement protocol).
- cloudflare/cfssl - CFSSL: Cloudflare's PKI and TLS toolkit
- hacdias/webdav - Simple Go WebDAV server.
- go-chat-bot/bot - IRC, Slack, Telegram and RocketChat bot written in go
- RiccardoAncarani/urlscango - A super simple interface for urlscan.io, written in Go.
- box/kube-iptables-tailer - A service for better network visibility for your Kubernetes clusters.
- aquasecurity/tfsec - Security scanner for your Terraform code
- dexidp/dex - OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
- cert-manager/cert-manager - Automatically provision and manage TLS certificates in Kubernetes
- JavierOlmedo/ipdiscover - 🔍 A simple tool to obtain long lists of ips from domains using goroutines
- mschwager/riplink - Find dead links on the web.
- mitchellh/gon - Sign, notarize, and package macOS CLI tools and applications written in any language. Available as both a CLI and a Go library.
- justmao945/mallory - HTTP/HTTPS proxy over SSH
- rsrdesarrollo/SaSSHimi - SSH Tunnelling in "RAW mode", via STDIN/OUT without using forwarding channels
- amar-myana/certdomainfinder - Finds the domains using the certspotter API
- subfinder/goaltdns - A permutation generation tool written in golang
- neex/phuip-fpizdam - Exploit for CVE-2019-11043
- kryptco/kr - A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.
- sahilm/yamldiff - A CLI tool to diff two YAML files.
- neox41/CloudInt - Cloud Container Enumerator via HTTP response code
- tcnksm/go-httpstat - Tracing golang HTTP request latency
- j3ssie/rgf - A wrapper around ripgrep to check for various common patterns.
- j3ssie/go-auxs - Collection of auxiliary command line tools
- ahhh/GoRedLoot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
- Ullaakut/astronomer - A tool to detect illegitimate stars from bot accounts on GitHub projects
- jm33-m0/mec-ng - pentest toolbox
- CapacitorSet/ja3-server - A proof of concept of JA3 tracking.
- C-Sto/goWMIExec - Really stupid re-implementation of invoke-wmiexec
- portapps/portapps - 🛰 Collection of portable apps for Windows
- im050/awesome-hosts - A simple GUI for manage hosts, written in Go
- ma6174/myhttpdns - DNS 服务器,接收标准 DNS 查询请求,然后通过查询 http dns 获取结果返回给客户端。
- mattn/docx2md - Convert Microsoft Word Document to Markdown
- Lallassu/gorss - Go Terminal Feed Reader
- mxplusb/cloudflare-sync - A nice to have, MIT-licensed tool for using Cloudflare as a dynamic DNS provider.
- bbb31/slurp - Preventing malicious takeover of the retired slurp AWS tool
- ffuf/ffuf - Fast web fuzzer written in Go
- netevert/delator - Golang-based subdomain miner leveraging certificate transparency logs
- vmware/terraform-provider-vra7 - Terraform VMware vRealize Automation 7 provider
- mojocn/base64Captcha - captcha of base64 image string
- opencontainers/runc - CLI tool for spawning and running containers according to the OCI specification
- GoogleContainerTools/container-diff - container-diff: Diff your Docker containers
- keybase/saltpack - a modern crypto messaging format
- 003random/online - Uses Go net/http library to distinguish alive hosts from a give list of hosts/urls
- ehrishirajsharma/swiftness-static -
- assetnote/commonspeak2 - Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
- anshumanbh/tko-subs - A tool that can help detect and takeover subdomains with dead DNS records
- tomnomnom/hacks - A collection of hacks and one-off scripts
- mithrandie/csvq - SQL-like query language for csv
- sachaos/s3env - Load environment variables from AWS S3
- sachaos/toggl - Toggl CLI Client
- sachaos/tcpterm - tcpterm is a packet visualizer in TUI.
- afiskon/promtail-client - Promtail client library. Promtail is an agent for Loki logging system.
- daniarlert/beagle - Beagle is a CLI written in Go to search for an specific username across the Internet.
- bitnami-labs/sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
- containrrr/watchtower - A process for automating Docker container base image updates.
- skydive-project/skydive - An open source real-time network topology and protocols analyzer
- thanasisk/go-ssh-cracker - A simple ssh private key password recovery tool written in Go
- gardener/gardener - Kubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, EquinixMetal, vSphere, MetalStack, and Kubevirt with minimal TCO.
- gruntwork-io/terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
- kubernetes/perf-tests - Performance tests and benchmarks
- Leoid/MySQL-Injection-Exfiltration-Optimization - MySQL Injection Exfoliation Optimization
- dghubble/go-twitter - Go Twitter REST and Streaming API v1.1
- dearplain/goloader - load and run golang code at runtime. (WARNING: this repo has not been maintained for a long time, please take a look at https://github.com/pkujhd/goloader)
- goharbor/harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
- InVisionApp/tabular - Tabular simplifies printing ASCII tables from command line utilities
- j3ssie/metabigor - Intelligence tool but without API key
- bacongobbler/helm-whatup - A Helm plugin to help users determine if there's an update available for their installed charts.
- threatstack/authkeys - A tool for getting SSH keys out of LDAP
- sysdiglabs/kube-psp-advisor - Help building an adaptive and fine-grained pod security policy
- nielsing/yar - Yar is a tool for plunderin' organizations, users and/or repositories.
- jcmturner/gokrb5 - Pure Go Kerberos library for clients and services
- mxssl/webshare - webshare is a CLI tool that provides web-interface for your local files
- netevert/dnsmorph - Domain name permutation engine written in Go
- jmpsec/osctrl - Fast and efficient osquery management
- defenxor/dsiem - Security event correlation engine for ELK stack
- RoganDawes/munifying -
- olsio/ftp-scan -
- arachnys/athenapdf - Drop-in replacement for wkhtmltopdf built on Go, Electron and Docker
- GoogleContainerTools/skaffold - Easy and Repeatable Kubernetes Development
- aws/amazon-vpc-cni-k8s - Networking plugin repository for pod networking in Kubernetes using Elastic Network Interfaces on AWS
- kayac/ecspresso - ecspresso is a deployment tool for Amazon ECS
- awslabs/fargatecli - CLI for AWS Fargate
- awslabs/amazon-ecr-credential-helper - Automatically gets credentials for Amazon ECR on docker push/docker pull
- coldbrewcloud/coldbrew-cli - AWS Docker container deploy automation
- cruise-automation/fwanalyzer - a tool to analyze filesystem images for security
- rivo/tview - Terminal UI library with rich, interactive widgets — written in Golang
- muesli/gitomatic - A tool to monitor git repositories and automatically pull & push changes
- schollz/find3 - High-precision indoor positioning framework, version 3.
- GoogleCloudPlatform/gcping - The source for the CLI and web app at gcping.com
- olivere/iterm2-imagetools - Display images in the command line with iterm2.
- wincent/clipper - ✂️ Clipboard access for local and remote tmux sessions
- aws/amazon-ecs-cli - The Amazon ECS CLI enables users to run their applications on ECS/Fargate using the Docker Compose file format, quickly provision resources, push/pull images in ECR, and monitor running applications on ECS/Fargate.
- vinc3m1/1pa - 1Password Command Line Interface written in Go for Linux, Windows, MacOS
- mpage/onepassword - Golang interface to 1Password sqlite databases
- DimitarPetrov/stegify - 🔍 Go tool for LSB steganography, capable of hiding any file within an image.
- BishopFox/sliver - Adversary Emulation Framework
- drakkan/sftpgo - Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob
- mdsecactivebreach/o365-attack-toolkit - A toolkit to attack Office365
- elastic/go-structform - Go Encoding, Decoding, Transcoding
- sqshq/sampler - Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.
- ProfessionallyEvil/harpoon - A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
- AdguardTeam/urlfilter - AdGuard content blocking library in golang
- eternal-flame-AD/mkhosts - 一个自动生成hosts文件绕过dns污染的工具,采用DNSoverHTTPS绕过国内DNS,适用于P站等未遭到全面TCP/IP封禁的网站
- folbricht/routedns - DNS stub resolver, proxy and router with support for DoT, DoH, DoQ, and DTLS
- picatz/doh - 🍩 DNS over HTTPs command-line client
- pda/cidrinfo - Given an IP CIDR (e.g. 10.20.30.40/20), explain and illustrate the address, network, masks, and host address range.
- keybase/client - Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
- ekalinin/awsping - Console tool to check the latency to each Amazon EC2 region
- esrrhs/pingtunnel - Pingtunnel is a tool that send TCP/UDP traffic over ICMP
- jflyup/ifinder - discover bonjour services, particularly Apple related.
- Gandem/bonjour-reflector - A reflector that forwards mdns packets between VLANs - like avahi-reflector but with fine-grained control !
- mlaccetti/ipd2 - IP address lookup service
- llkat/rsockstun - reverse socks tunneler with ntlm and proxy support
- sourcefrenchy/certexfil - Exfiltration based on custom X509 certificates
- jamesbcook/peepingJim - A take on peepingTom in GO
- summerwind/secretctl - A CLI based secret management tool.
- eriol/piken - CLI tool to search unicode data backed by SQLite3
- erroneousboat/resume - Create an online resume that can be accessed by a
curl
command. - dcb9/curl2httpie - covert command arguments between cURL and HTTPie
- graphql-editor/gql - Very simple CLI for many GraphQL schemas in the cloud. Provides autocompletion for GraphQL queries
- rs/curlie - The power of curl, the ease of use of httpie.
- toni-moreno/snmpcollector - A full featured Generic SNMP data collector with Web Administration Interface for InfluxDB
- deanishe/alfred-safari-assistant - Alfred 3+ workflow to search and use Safari bookmarks, history, reading list and tabs.
- siongui/cookie-txt-export.go - Google Chrome extension that creates a cookie.txt file for use with wget, written in Go, compiled to JavaScript via GopherJS. (Go porting of cookie-txt-export)
- schollz/squirrel - Like curl, or wget, but downloads directly go to a SQLite databse
- noborus/trdsql - CLI tool that can execute SQL queries on CSV, LTSV, JSON and TBLN. Can output to various formats.
- franela/vault - Vault - cross-platform GPG KV store for teams made easy
- mafredri/gpg-notify - Notify about GPG events (pinentry, smartcard)
- joshdk/ykmango - 🔑 Prompt a YubiKey device to generate an OATH code
- yawn/ykoath - Native Yubikey OATH protocol implementation for TOTP
- go-piv/go-ykpiv - Golang interface to manage Yubikeys, including a crypto.Signer & crypto.Decrypter interface
- Symantec/keymaster - Short term certificate based identity system (ssh/x509 ca + openidc)
- portapps/openvpn-portable - 🚀 OpenVPN portable for Windows
- 3fs/go-authy-openvpn - Two-factor authentication for OpenVPN
- ozgur-soft/otp.go - One time password (OTP) library for generate two-factor authentication (2FA) tokens with golang
- rls-moe/dnsbench - DNS Benchmarking Tool
- irai/arp - A go package to monitor ARP changes and notify when mac is online or offline. Also allow forced IP address change (IP spoofing).
- j-keck/lsleases - list assigned ip from any device in your network
- ipchama/dhammer - DHCP stress tester and benchmark tool
- emersion/go-upnp-igd - Minimal Go UPnP InternetGatewayDevice library
- songjiayang/natat - It's a NAT sniffing tool that you can use to determine your NAT type.
- pbnj/YAS3BL - 🔓 Yet Another S3 Bucket Leak
- ysugimoto/ls3 - AWS S3 file explorer on CLI
- pbnj/s3-fuzzer - 🔐 A concurrent, command-line AWS S3 Fuzzer. Written in Go.
- ScullWM/chart-to-aws - Microservice to generate screenshot from a webpage and upload it to a AWS S3 Bucket.
- slotix/dataflowkit - Extract structured data from web sites. Web sites scraping.
- Zenika/goru - Goru - the perfect looser to transform your pdf
- TomasTomecek/tmux-top - Monitoring information for your tmux status line.
- grafov/hulk - HULK DoS tool ported to Go with some additional features.
- benjojo/dnsfs - Store your data in others DNS resolver cache
- parsiya/Hacking-with-Go - Golang for Security Professionals
- git-chglog/git-chglog - CHANGELOG generator implemented in Go (Golang).
- inetaf/tcpproxy - Proxy TCP connections based on static rules, HTTP Host headers, and SNI server names (Go package or binary)
- google/google-ctf - Google CTF
- codesenberg/bombardier - Fast cross-platform HTTP benchmarking tool written in Go
- zalando/skipper - An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress
- kubernetes-sigs/external-dns - Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
- syncsynchalt/illustrated-tls - The Illustrated TLS Connection: Every byte explained
- sorintlab/stolon - PostgreSQL cloud native High Availability and more.
- mholt/archiver - Easily create & extract archives, and compress & decompress files of various formats
- qustavo/httplab - The interactive web server
- Shopify/toxiproxy - ⏰ 🔥 A TCP proxy to simulate network and system conditions for chaos and resiliency testing
- fnproject/fn - The container native, cloud agnostic serverless platform.
- coredns/coredns - CoreDNS is a DNS server that chains plugins
- gcla/termshark - A terminal UI for tshark, inspired by Wireshark
- rakyll/hey - HTTP load generator, ApacheBench (ab) replacement
- git-lfs/git-lfs - Git extension for versioning large files
- tsenart/vegeta - HTTP load testing tool and library. It's over 9000!
- smt923/twiddle - Shift characters and fiddle with words to generate common variations on them, designed for usernames, logins, etc
- stefanoj3/dirstalk - Modern alternative to dirbuster/dirb
- s32x/ipdata - 🌐 An IP lookup system utilizing open datasets
- devanshbatham/Golookup - GoLookup is a simple tool written in GoLang, which looks for CNAME(s) ,A and AAAA Records , TXT Records , NameServer(s) / MX Record of any domain
- artooro/drivebackup - Backup a Google Drive account to a local device such as QNAP or a computer.
- keelerh/omniscience - Search Everything 👀
- mickael-kerjean/filestash - 🦄 A modern web client for SFTP, S3, FTP, WebDAV, Git, Minio, LDAP, CalDAV, CardDAV, Mysql, Backblaze, ...
- ihciah/tg_channel_bot - Fetch and push to telegram channel/user/group !
- devanshbatham/Gorecon - Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
- fnzv/OpenPortNotifier - Simple tool to monitor network changes over time and trigger alerts
- damselem/autohosts - /etc/hosts automation for instances in AWS and GCP
- daniarlert/whisperer - Simple Go program that makes HTTP request constantly in order to generate random HTTP/DNS traffic noise
- cpl/cryptor - Privacy, Anonymity, Freedom - P2P network
- 42wim/gomphs - A tool to ping multiple hosts at once with a CLI and web-based overview
- foae/godet - Blacklist (RBL) and IP / domain checker and details scraper
- valeriano-manassero/ip-maat - IP Maat is a Dockerized microservice that generates and mantains a blacklist based on various public IP blacklists.
- subzerobo/dare-devil - Dockerized IP2Location + FireHOL IP Blacklists with Shell Script Data Fetcher written in GO Lang
- maticmeznar/dnsbl_checker - DNSBL checker written in Go
- e-XpertSolutions/punycode-attack -
- olihough86/stinkyphish - Monitor Certificate Transparency Logs For Phishing Domains
- filmil/typediag - A program that produces a type diagram of a go language package.
- sfischer13/datautils - 🐹 Collection of handy text manipulation tools
- gorgonia/parser - A simple parser that turns a formulae written in unicode into an ExprGraph
- jakewarren/punycoder - Converts punycode domains to unicode and vice-versa.
- Luzifer/vault2env - Small utility to transfer fields of a key in Vault into the environment
- Wing924/hostutils - A golang library for packing and unpacking hosts list
- ajaxray/markpdf - Watermark PDF files using image or text
- moriyoshi/devproxy - A swiss army knife of forward HTTP proxies
- mtraver/qrbak - Securely and durably back up your private key using QR codes printed on paper
- lazypic/img2info - get text or qrcode information from image.
- pseyfert/go-networkmanager-qrcode-generator - generate qr codes for wifi network connections from networkmanager connections
- vus520/go-scan - 简单的内网端口扫描器, pingo
- tdh8316/Investigo - 🔎 Find usernames and download their data across social media.
- Rhymen/go-whatsapp - WhatsApp Web API
- peteretelej/mimi - Simple service discovery for nodes with dynamic IPs
- clarketm/ncalc - Command line utility for quick number base conversions ( ascii / binary / octal / decimal / hexadecimal )
- Necroforger/textify - Library for converting images to text.
- jedib0t/go-pretty - Pretty print tables and more in golang!
- Zenithar/go-pun - command line Punycode (enc/dec)oder
- smt923/godamnit - Replace ascii characters with identical unicode ones
- Q-Smith/go-ansipix - Images to Terminal Art
- xsb/graffiti - graffiti sends ASCII-art texts to remote webserver logs using consecutive 404 errors
- mchtech/domain-dependency-tool - 一个能画出域名与其它DNS域的依赖关系的工具 A dependency graph tool that can draw domain names with other DNS domains/zones
- missdeer/blocklist - A big domain block list - 150000~260000 lines
- usk81/holster - command line tool for file management
- lende/127 - 127 is a tool for mapping hostnames to random loopback addresses
- portapps/hostsman-portable - 🚀 Hostsman portable for Windows
- kevinburke/hostsfile - go tool for working with /etc/hosts files
- meshbird/meshbird - Distributed private networking
- ANSSI-FR/transdep - Discover SPOF in DNS dependency graphs
- 0xrawsec/whids - Open Source EDR for Windows
- mmarkdown/mmark - Mmark: a powerful markdown processor in Go geared towards the IETF
- agl/crlset-tools - Tools for dealing with Chrome's CRLSets
- sgreben/tj - stdin line timestamps. single binary, no dependencies. osx & linux & windows. plays well with jq.
- erbbysam/DNSGrep - Quickly Search Large DNS Datasets
- thedevsaddam/gojsonq - A simple Go package to Query over JSON/YAML/XML/CSV Data
- dreadl0ck/netcap - A framework for secure and scalable network traffic analysis - https://netcap.io
- jedisct1/piknik - Copy/paste anything over the network.
- minio/minio - High Performance, Kubernetes Native Object Storage
- gokyle/sshcrypt - Encrypt files using Cryptobox and SSH keys.
- rolandshoemaker/solvere - A validating recursive DNS resolver library and standalone server with DNSSEC support
- cjimti/iotwifi - Raspberry Pi (arm) wifi configuration container. Configure and control wifi connectivity with a JSON based REST api.
- netxfly/xsec-proxy-scanner - xsec-proxy-scanner是一款速度超快、小巧的代理扫描器
- netxfly/Transparent-Proxy-Scanner - 基于vpn和透明代理的web漏洞扫描器的实现思路及demo
- AdguardTeam/AdGuardHome - Network-wide ads & trackers blocking DNS server
- qax-os/excelize - Go language library for reading and writing Microsoft Excel™ (XLAM / XLSM / XLSX / XLTM / XLTX) spreadsheets
- tstillz/webshell-scan - Simple web shell scanner written in Golang.
- aatarasoff/apistress - Very simple stress testing tool for API
- miquella/vaulted - Spawning and storage of secure environments
- ncsa/ssh-auth-logger - A low/zero interaction ssh authentication logging honeypot
- jesseduffield/lazydocker - The lazier way to manage everything docker
- derailed/popeye - 👀 A Kubernetes cluster resource sanitizer
- tomnomnom/assetfinder - Find domains and subdomains related to a given domain
- antonmedv/red - Terminal log analysis tools
- slok/grafterm - Metrics dashboards on terminal (a grafana inspired terminal version)
- essentialkaos/sslcli - Pretty awesome command-line client for public SSLLabs API
- dru1d-foofus/gorgon -
- lavalamp-/ipv666 - Golang IPv6 address enumeration
- tkuchiki/aws-cert-utils - Certificate Utility for AWS(ACM, IAM, ALB, CLB, CloudFront)
- arminc/clair-scanner - Docker containers vulnerability scan
- kung-foo/certgrep - certgrep is a cross-platform command line tool that extracts SSL certificates from either a network interface or a local PCAP file.
- sourcefrenchy/cryptopayload - module for certexfil
- hashicorp/vault-ssh-helper - Vault SSH Agent is used to enable one time keys and passwords
- banzaicloud/cloudinfo - Cloud instance type and price information as a service
- aquasecurity/trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
- Gilks/hostscan-bypass - Generate OpenConnect CSD files to bypass Cisco AnyConnect hostscan requirements
- benjojo/six-onions - Like Tor2Web, but not just HTTP ( using IPv6 )
- function61/holepunch-client - Totally self-contained SSH reverse tunnel written in Go
- gocolly/colly - Elegant Scraper and Crawler Framework for Golang
- mvdan/xurls - Extract urls from text
- chromedp/chromedp - A faster, simpler way to drive browsers supporting the Chrome DevTools Protocol.
- muraenateam/muraena - Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
- kubernetes-sigs/aws-iam-authenticator - A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
- dgrijalva/jwt-go - ARCHIVE - Golang implementation of JSON Web Tokens (JWT). This project is now maintained at:
- grafana/loki - Like Prometheus, but for logs.
- fo0nikens/onion-scraper - Onion Scraper Service - support v2 and v3
- 003random/getJS - A tool to fastly get all javascript sources/files
- DominicBreuker/pspy - Monitor linux processes without root permissions
- crtsh/crl_monitor - Certificate Revocation List monitor
- VirusTotal/vt-cli - VirusTotal Command Line Interface
- honeytrap/honeytrap - Advanced Honeypot framework.
- itchyny/bed - Binary editor written in Go
- controlplaneio/kubectl-kubesec - Security risk analysis for Kubernetes resources
- Velocidex/velociraptor - Digging Deeper....
- Code-Hex/pget - The fastest file download client
- mozilla/libaudit-go - go package for interfacing with Linux audit
- crtsh/ct_monitor - Certificate Transparency log monitor
- mthbernardes/BadArchitect - Abusing SketchUp to make persistence on Windows
- jweslley/localtunnel - A localtunnel client written in Golang.
- localtunnel/go-localtunnel - golang client library for localtunnel.me
- NoahShen/gotunnelme - golang version of http:https://localtunnel.me client
- opendevsecops/go-s3cp -
- EdgeCast/vflow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)
- ropnop/kerbrute - A tool to perform Kerberos pre-auth bruteforcing
- davrodpin/mole - CLI application to create ssh tunnels focused on resiliency and user experience.
- superfly/wormhole - Fly.io secure tunnel
- crtsh/go-certlint - Go wrapper for awslabs/certlint
- divan/txqr - Transfer data via animated QR codes
- evanj/sftpsync - Synchronizes an SFTP server with a cloud storage bucket. Go Cloud experiment.
- jgrahamc/h2scan - Scan a list of sites to see which support HTTPS, SPDY/3.1 and HTTP/2
- jgrahamc/webcheck - Test connectivity to web sites and write log file
- jgrahamc/headscan - Scan a list of domains to see if they return a specific HTTP header
- jgrahamc/torexit - Small program to read lists of Tor exit nodes and draw picture showing when they join/leave list
- jgrahamc/torhoney - Gets the list of TOR exit nodes and matches them with Project Honeypot data
- rtr7/router7 - a small home internet router completely written in Go
- alash3al/sqler - write APIs using direct SQL queries with no hassle, let's rethink about SQL
- caddyserver/certmagic - Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
- wille/cry - Cross platform PoC ransomware written in Go
- gocaio/goca - Goca Scanner
- alphasoc/flightsim - A utility to safely generate malicious network traffic patterns and evaluate controls.
- sysdream/chashell - Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
- koenbollen/jl - jl — JSON Logs, a development tool for working with structured JSON logging.
- Frichetten/CVE-2019-5736-PoC - PoC for CVE-2019-5736
- eldadru/ksniff - Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark
- go-cq/cq - neo4j cypher library for database/sql in go
- pbar1/mfaws - 🔒 AWS multi-factor authentication for the CLI
- tg123/sshpiper - The missing reverse proxy for ssh scp
- armon/go-socks5 - SOCKS5 server in Golang
- Velocidex/oleparse - Golang parser for OLE files
- mholt/timeliner - All your digital life on a single timeline, stored locally
- liamg/furious - 😠 Go IP/port scanner with SYN (stealth) scanning and device manufacturer identification
- uber/prototool - Your Swiss Army Knife for Protocol Buffers
- google/gopacket - Provides packet processing capabilities for Go
- suyashkumar/ssl-proxy - 🔒 Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-signed, provided)
- cloudtools/ssh-cert-authority - An implementation of an SSH certificate authority.
- cloudtools/AWSAdminAccess - Utility to create an AWS AdministratorAccess account
- cloudflare/cfssl_trust - CFSSL's CA trust store repository
- MaxCDN/maxcli - Collection of CLI tools for interfacing with MaxCDN's REST API
- tebeka/selenium - Selenium/Webdriver client for Go
- droyo/go-xml - utility and code-generation libraries for XML
- tiaguinho/gosoap - 🦉SOAP package for Go
- databus23/helm-diff - A helm plugin that shows a diff explaining what a helm upgrade would change
- andlabs/reallymine - WD MyBook encrypted hard drive decryption (still WIP).
- chromium/hstspreload.org - 🔒 Chromium's HSTS preload list submission website.
- hashicorp/terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
- Ullaakut/nmap - Idiomatic nmap library for go developers
- DarthSim/overmind - Process manager for Procfile-based applications and tmux
- keybase/kbfs - Keybase Filesystem (KBFS)
- 1Password/spg - 1Password's Strong Password Generator - Go package
- 1Password/srp - A set of Go functions for Secure Remote Password protocol implementation in 1Password Teams
- dastergon/strgz - CLI tool for listing and searching users' starred repositories on Github
- Versent/saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
- jetstack/kube-lego - DEPRECATED: Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
- gruntwork-io/terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
- marpie/nmap2json - nmap2json converts a NMap XML file to a JSON file.
- 0x4D31/honeybits - A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
- manifoldco/promptui - Interactive prompt for command-line applications
- mandiant/gocrack - GoCrack is a management frontend for password cracking tools written in Go
- Ice3man543/SubOver - A Powerful Subdomain Takeover Tool
- auth0/go-jwt-middleware - A Middleware for Go Programming Language to check for JWTs on HTTP requests
- bitly/oauth2_proxy - A reverse proxy that provides authentication with Google, Github or other provider
- go-oauth2/oauth2 - OAuth 2.0 server library for the Go programming language.
- drk1wi/Modlishka - Modlishka. Reverse Proxy.
- openshift/origin - Conformance test suite for OpenShift
- crazy-max/nodejs-portable - Node.js portable on Windows
- vbrown608/cryptolog - A tool for anonymizing webserver logs
- vyrus001/shellGo - A Microsoft windows x86_64 Golang shellcode tester that includes example calc.exe shellcode.
- noma4i/s3-sftp-proxy - An AWS S3 gateway proxying SFTP connections.
- praetorian-inc/trudy - A transparent proxy that can modify and drop traffic for arbitrary TCP connections.
- tomsteele/cs-magik - WIP event and job queue using redis for Cobalt Strike
- kubernetes/minikube - Run Kubernetes locally
- gruntwork-io/cloud-nuke - A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it
- gohxs/cloudmount - Cloudmount Cloud services gdrive, dropbox linux mount tool
- Yelp/dockersh - A shell which places users into individual docker containers
- moby/swarmkit - A toolkit for orchestrating distributed systems at any scale. It includes primitives for node discovery, raft-based consensus, task scheduling and more.
- hashicorp/terraform-provider-aws - Terraform AWS provider
- rkt/rkt - [Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.
- lfaoro/flares - Flares 🔥 is a CloudFlare DNS backup tool
- semihalev/sdns - Privacy important, fast, recursive dns resolver server with dnssec support
- hashicorp/terraform-provider-google - Terraform Google Cloud Platform provider
- firecracker-microvm/firecracker-containerd - firecracker-containerd enables containerd to manage containers as Firecracker microVMs
- AV1080p/goddi - goddi (go dump domain info) dumps Active Directory domain information
- j3ssie/osmedeus - A Workflow Engine for Offensive Security
- diljith369/premantel - Premantel - A Malware analysis and Threat Intel Framework
- microsoft/ethr - Ethr is a Comprehensive Network Measurement Tool for TCP, UDP & ICMP.
- marco-lancini/goscan - Interactive Network Scanner
- wagoodman/dive - A tool for exploring each layer in a docker image
- jpillora/cloud-torrent - ☁️ Cloud Torrent: a self-hosted remote torrent client
- aelsabbahy/goss - Quick and Easy server testing/validation
- sideshow/apns2 - ⚡ HTTP/2 Apple Push Notification Service (APNs) push provider for Go — Send push notifications to iOS, tvOS, Safari and OSX apps, using the APNs HTTP/2 protocol.
- out-of-tree/out-of-tree - out-of-tree kernel {module, exploit} development tool
- posener/complete - bash completion written in go + bash completion for go command
- raja/argon2pw - Argon2 password hashing package for go with constant time hash comparison
- dvyukov/go-fuzz - Randomized testing for Go
- mvdan/sh - A shell parser, formatter, and interpreter with bash support; includes shfmt
- whyrusleeping/gx - A package management tool
- spencerkimball/stargazers - Analyze GitHub stars
- ssh-vault/ssh-vault - 🌰 encrypt/decrypt using ssh keys
- ProspectOne/perfops-cli - A simple command line tool to interact with hundreds of servers around the world.
- esimov/diagram - CLI app to convert ASCII arts into hand drawn diagrams.
- stelligent/mu - A full-stack DevOps on AWS framework
- fiatjaf/rel - command line tool for managing personal graphs of anything and writing them to dot
- kaishuu0123/erd-go - Translates a plain text description of a relational database schema to a graphical entity-relationship diagram.(convert to dot file)
- gmarik/go-erd - Go-ERD (Entity Relationship Diagrams) for Golang with Graphviz [WIP]
- k-kawa/erd - Simplest DSL to draw ER diagrams executable on any environments
- DrakeW/corgi - Corgi is a command-line workflow manager that helps with your repetitive command usages by organizing them into reusable snippet
- sam701/awstools - A few helpful AWS tools written in Go
- tidwall/cities - 10,000 Cities with Latitude, Longitude, and Elevation in Go
- twitchyliquid64/subnet - Simple, auditable & elegant VPN, built with TLS mutual authentication and TUN.
- aws/aws-sdk-go - AWS SDK for the Go programming language.
- jung-kurt/qlm - A simple, high-level wrapper for ql, a native, embedded database engine written in Go.
- pcarrier/gauth - Google Authenticator on your laptop
- jpillora/chisel - A fast TCP/UDP tunnel over HTTP
- sec51/twofactor - Golang two factor authentication library
- jung-kurt/gofpdf - A PDF document generator with high level support for text, drawing and images
- maxmcd/webtty - Share a terminal session over WebRTC
- jbenet/hashpipe - hashpipe - pipe iff the hash matches
- agl/extract-nss-root-certs -
- brianvoe/gofakeit - Random fake data generator written in go
- mingrammer/flog - 🎩 A fake log generator for common log formats
- direnv/direnv - unclutter your .profile
- DCSO/gonmap - go wrapper for the port and vulnerability scanner nmap
- chrisDeFouRire/tlsproxy - Let's encrypt automatic Docker HTTP and TCP proxy
- chrisDeFouRire/CertPump - go cert pump
- kbinani/screenshot - Go library to capture desktop to image
- mrwiora/NAMEinator - NAMEinator DNS Benchmark tool (namebench successor)
- ns3777k/go-shodan - Shodan API client
- alash3al/httpsify - a transparent HTTPS termination proxy using letsencrypt with auto certification renewal
- techjacker/repo-security-scanner - CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
- qvl/httpsyet - Crawler to find links you can update to HTTPS
- yamnikov-oleg/pss - Simple cli password manager
- sayanarijit/gopgcli - Policy based password generator CLI
- carlmjohnson/opensesame - Trivial password generator
- malnick/cryptorious - CLI Password Manager
- michaelbironneau/garbler - Generator of memorable passwords, written in Go
- henriksb/ZipCrack - Crack password protected zip files
- brejoc/gosgp - Command line SuperGenPass password generator written in go.
- toomore/xig - 🐾 To fetch instagram user img, content, avatar data.
- golang/net - [mirror] Go supplementary network libraries
- PuerkitoBio/purell - tiny Go library to normalize URLs
- temoto/robotstxt - The robots.txt exclusion protocol implementation for Go language
- PuerkitoBio/fetchbot - A simple and flexible web crawler that follows the robots.txt policies and crawl delays.
- kkomelin/insecres - A console tool that finds insecure resources on HTTPS sites
- onetwopunch/security-scan - Customizable Security Scanner written in Go
- AlexAkulov/hungryfox - Monitoring for leaks of sensitive information in git repositories
- sethvargo/go-password - A Golang library for generating high-entropy random passwords similar to 1Password or LastPass.
- muteor/pass-totp - TOTP code generator for pass
- wincent/passage - 🔑 macOS keychain caching proxy
- cloudflare/gokey - A simple vaultless password manager in Go
- square/certstrap - Tools to bootstrap CAs, certificate requests, and signed certificates.
- b1naryth1ef/bowser - a smart, friendly, secure, and auditable ssh daemon
- zalando/go-keyring - Cross-platform keyring interface for Go
- AnalogJ/drawbridge - manage SSH access to multiple applications/environments protected by bastion servers
- mikesmitty/curse - CURSE is an SSH certificate signing server, built as an alternative to Netflix's BLESS tool, but without a dependency on AWS.
- olekukonko/tablewriter - ASCII table in golang
- go-gormigrate/gormigrate - Minimalistic database migration helper for Gorm ORM
- gliderlabs/ssh - Easy SSH servers in Golang
- moul/sshportal - 🎩 simple, fun and transparent SSH (and telnet) bastion server
- gavv/httpexpect - End-to-end HTTP and REST API testing for Go.
- parnurzeal/gorequest - GoRequest -- Simplified HTTP client ( inspired by nodejs SuperAgent )
- cosiner/socker - A Go library to simplify the use of SSH for devops
- bcicen/slackcat - CLI utility to post files and command output to slack
- jackc/pgx - PostgreSQL driver and toolkit for Go
- zxsecurity/glugger - The fastest (and least featureful) DNS bruteforcer in the South
- tomnomnom/gf - A wrapper around grep, to help you grep for things
- phishdetect/phishdetect - PhishDetect is a library to help identify phishing pages
- tomsteele/pen-utils - Trivial unixey pentest utilities
- mhmdiaa/chronos - Extract pieces of info from a web page's Wayback Machine history
- vsergeev/tinytaptunnel - a point-to-point layer 2 tap interface tunnel over UDP/IP with HMAC-SHA256 authentication, written in Go.
- bsi-group/autorun-logger-server - Server for receiving autorun data from the clients
- Numbers11/rvprxmx - A reverse socks5 proxy server and client
- anshumanbh/merge-nmap-masscan - Merge results from NMAP and Masscan into one CSV file
- stefansundin/secrets-scanner - Find API keys in your code. 🔑
- dutchcoders/anam - Mass scanning the internet (http and https) using a raw tcpstack.
- averagesecurityguy/searchscan - Search Nmap and Metasploit scanning scripts.
- gdbelvin/starttls_scan - Survey the internet's mail servers to find market penetration of STARTTLS
- govau/certwatch -
- google/gvisor - Application Kernel for Containers
- simeji/jid - json incremental digger
- tatsushid/go-fastping - ICMP ping library for Go inspired by AnyEvent::FastPing Perl module
- nnao45/pexpo - 💻 Terminal sending ping tool written in Go.
- hirose31/pinger -
- evanmiller/hecate - 🔥 The Hex Editor From Hell! 🔥
- nsf/termbox-go - Pure Go termbox implementation
- nats-io/nats-server - High-Performance server for NATS.io, the cloud and edge native messaging system.
- influxdata/telegraf - The plugin-driven server agent for collecting & reporting metrics.
- moul/gotty-client - 🔧 terminal client for GoTTY
- gopasspw/gopass - The slightly more awesome standard unix password manager for teams
- gizak/termui - Golang terminal dashboard
- google/cadvisor - Analyzes resource usage and performance characteristics of running containers.
- tigrawap/slit - slit - a modern PAGER for viewing logs, get more than most in less time
- bcicen/ctop - Top-like interface for container metrics
- lanrat/certgraph - An open source intelligence tool to crawl the graph of certificate Alternate Names
- miekg/exdns - Go DNS example programs
- evilsocket/gitstats - Git Repository Analyzer.
- 99designs/iamy - A cli tool for importing and exporting AWS IAM configuration to YAML files
- Q2h1Cg/dnsbrute - a fast domain brute tool
- kgretzky/evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
- fanpei91/torsniff - torsniff - a sniffer that sniffs torrents from BitTorrent network
- karrick/godirwalk - Fast directory traversal for Golang
- prometheus-community/windows_exporter - Prometheus exporter for Windows machines
- smallstep/cli - 🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
- google/safebrowsing - Safe Browsing API Go Client
- dreddsa5dies/goHackTools - Hacker tools on Go (Golang)
- bndw/pick - A secure and easy-to-use CLI password manager for macOS and Linux
- sensepost/notruler - The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
- RonniSkansing/go-rip-git - RipGit - Scanner/Scraper of git source deployed
- P3GLEG/Whaler - Program to reverse Docker images into Dockerfiles
- venkssa/s3copier - Go based S3 to Filesystem copier
- rkusa/sqlstruct - Helper functions for using structs with sql databases.
- arsham/blush - Grep with colours
- IzakMarais/reporter - Service that generates a PDF report from a Grafana dashboard
- nicolargo/winks - A Glances server with minimal footprint
- majewsky/gofu - My personal busybox built in Go
- xo/xo - Command line tool to generate idiomatic Go code for SQL databases supporting PostgreSQL, MySQL, SQLite, Oracle, and Microsoft SQL Server
- wallix/awless - A Mighty CLI for AWS
- pulumi/pulumi - Pulumi - Developer-First Infrastructure as Code. Your Cloud, Your Language, Your Way 🚀
- glauth/glauth - A lightweight LDAP server for development, home use, or CI
- kost/httpexec - RESTful interface to your operating system shell
- kost/sqlc - sqlc - Universal DBMS/SQL client with exfiltration features :)
- evilsocket/shellz - shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.
- Arvanaghi/CheckPlease - Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
- unixpickle/gobfuscate - Obfuscate Go binaries and packages
- krishnasrinivas/httpdump - HTTP reverse proxy that dumps the http headers and body
- sensepost/godoh - 🕳 godoh - A DNS-over-HTTPS C2
- kost/go-mimikatz - A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
- leoloobeek/mfastealer - Stealing MFA/2FA tokens and using them to logon with VPN clients
- ravenac95/sudolikeaboss - Get 1password access from iterm2
- ls0f/cracker - tunnel over http[s]
- etf1/ip2proxy - IP2Location.com Proxy database parser for Golang
- cretz/tor-dht-poc - Anonymous DHT Accessible from Executable or Tor-Enabled Browser
- snail007/goproxy - 🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
- snail007/shadowtunnel - secure tunnel which help you protecting your tcp traffic between your machine and your service on remote.
- sipt/shuttle - A web proxy in Golang with amazing features.
- t94j0/ctfnmap - An easy way to manage nmap scans during a CTF
- t94j0/brute - Yet Another Bruteforcer... but written in Go
- hdm/nextnet - nextnet is a pivot point discovery tool written in Go.
- go-ldap/ldap - Basic LDAP v3 functionality for the GO programming language.
- korylprince/go-ad-auth - Simple Active Directory authentication library for Go
- teris-io/shortid - Super short, fully unique, non-sequential and URL friendly Ids
- hackebrot/turtle - Emojis for Go 😄🐢🚀
- gen0cide/gscript - framework to rapidly implement custom droppers for all three major operating systems
- monochromegane/smux - smux is a socket multiplexer written in Golang. It provides fast communication by efficiently a single connection.
- ffay/lanproxy-go-client - Lanproxy is a reverse proxy to help you expose a local server behind a NAT or firewall to the internet. it supports any protocols over tcp (http https ssh ...)
- cmars/ormesh - [UNMAINTAINED: Try https://github.com/cmars/oniongrok instead] onion-routed mesh
- icexin/sockhttp - A HTTP&HTTPS proxy over SOCK5
- adrpino/sshackle - SSH bruteforcer with Tor
- keroserene/snowflake - WebRTC Pluggable Transport
- Psiphon-Labs/psiphon-tunnel-core - Psiphon is an Internet censorship circumvention system.
- willscott/onionproxy - A proxy for allowing a public IP address to host a service actually provided by a hidden backend.
- schollz/croc - Easily and securely send things from one computer to another 🐊 📦
- dutchcoders/transfer.sh - Easy and fast file sharing from the command-line.
- helm/helm - The Kubernetes Package Manager
- savaki/jq - A high performance Golang implementation of the incredibly useful jq command line tool.
- FiloSottile/vendorcheck - Check that all your Go dependencies are properly vendored
- slackhq/go-audit - go-audit is an alternative to the auditd daemon that ships with many distros
- ejcx/passgo - Simple golang password manager.
- ppacher/honeyssh - A credential dumping SSH honeypot with statistics
- Bren2010/mitm - Command mitm intercepts and outputs decrypted TLS connections.
- ejcx/badcors-massscan -
- lukechampine/fastxor - The fastest way to xor bytes in Go
- templexxx/xor - Move to: https://github.com/templexxx/xorsimd
- Nhoya/multibase - multi base encoding/decoding utility
- adamdecaf/cert-manage - WIP x509 Certificate auditing CLI
- veorq/ipcrypt - IP-format-preserving encryption, with a dedicated 4-byte cipher
- danmarg/sts-mate - An MTA-STS policy server/reverse proxy. Uses LetsEncrypt to fetch certs for your host.
- kreuzwerker/awsu - Enhanced account switching for AWS, supports Yubikey as MFA source
- gugadev/virusgotal - Tiny CLI app to upload a file to VirusTotal and show the report.
- er28-0652/vtquery - Unofficial VirusTotal Query Client written by Golang
- moldabekov/gauth - 🔑 Command line 2FA Authentication
- moldabekov/virusgotal - 👾 VirusTotal zero dependency command line client. Hassle free file/URL scanning from CLI
- appropriate/go-virtualboxclient - Go client library for vboxwebsrv
- blacktop/go-vboxapi - Go interface to VirtualBox's remote API
- blacktop/how-ya-doing - Monitor your Github repos activity
- blacktop/graboid - Clientless Docker Image Downloader
- blacktop/rldump - macOS Safari Reading List Dumper
- prasmussen/gdrive - Google Drive CLI Client
- botherder/go-autoruns - Collect autorun records from running system
- botherder/pcqf - pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise.
- botherder/kraken - Cross-platform Yara scanner written in Go
- 0x09AL/raven - raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.
- FiloSottile/mkcert - A simple zero-config tool to make locally trusted development certificates with any names you'd like.
- propervillain/moistpetal - Open source offensive security platform for red team, by red team.
- dutchcoders/sshproxy - Golang library to proxy ssh connections
- appleboy/easyssh-proxy - easyssh-proxy provides a simple implementation of some SSH protocol features in Go
- dchest/blakesum - Utility to calculate BLAKE-224, -256, -385, or -512 checksums.
- allanlw/dns-rebinding-server - An integrated DNS/HTTP server for performing DNS rebinding written in Go. Powers rebindmy.zone
- LinkedInAttic/jaqen - Jaqen - Simple DNS rebinding
- skoky/goscan - goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet.
- timest/goscan - goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet.
- go-gorm/gorm - The fantastic ORM library for Golang, aims to be developer friendly
- shadowsocks/shadowsocks-go - go port of shadowsocks (Deprecated)
- KyleBanks/depth - Visualize Go Dependency Trees
- hugows/hf - (another) Fuzzy file finder for the command line
- ziadoz/media-swapper - A simple utility to swap MKV to MP4 and M4A to MP3.
- kyoh86/zshist -
- renatoathaydes/go-hash - Small utility to store secret information like passwords.
- yvesago/shodan-cli - Simple golang shodan cli
- TheHackerDev/race-the-web - Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
- future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
- zyedidia/micro - A modern and intuitive terminal-based text editor
- greenboxal/dns-heaven - Fixes stupid macOS DNS stack (/etc/resolv.conf)
- blacktop/lporg - Organize Your macOS Launchpad Apps
- txthinking/brook - Brook is a cross-platform strong encryption and not detectable proxy. Zero-Configuration. Brook 是一个跨平台的强加密无特征的代理软件. 零配置.
- laurent22/massren - massren - easily rename multiple files using your text editor
- 0x00-0x00/CVE-2016-10033 - PHPMailer < 5.2.18 Remote Code Execution Exploit
- bradleyfalzon/sha1affected - Checks whether a TLS connection uses SHA1 signed certificates, and if Google Chrome approves.
- coolbry95/passutils - Utilities to aid in password cracking
- jschauma/certdiff - report differences in certificate properties
- alphasoc/nfr - A lightweight tool to score network traffic and flag anomalies
- codeexpress/respounder - Respounder detects presence of responder in the network.
- VividCortex/pm - Processlist manager with TCP listener
- tylertreat/comcast - Simulating shitty network connections so you can build better systems.
- fideliscyber/x509 - Proof of concept framework for transferring a file over x509 extension covert channel
- weppos/dnscaa -
- u-root/u-root - A fully Go userland with Linux bootloaders! u-root can create a one-binary root file system (initramfs) containing a busybox-like set of tools written in Go.
- essentialkaos/sslscan - Go package for working with SSLLabs API
- QAX-A-Team/NtlmSocks - a pass-the-hash tool
- mikefarah/yq - yq is a portable command-line YAML, JSON and XML processor
- johnkerl/miller - Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON
- sgreben/jp - dead simple terminal plots from JSON data. single binary, no dependencies. linux, osx, windows.
- turbobytes/certmon - Monitor and track TLS endpoints for certificate expiry
- CoderCookE/osx-thumbnails - Reassemble thumbnails from osx quicklook thumbnail cache
- EgeBalci/BitBender - BitBender is a byte manipulation tool
- EgeBalci/amber - Reflective PE packer.
- EgeBalci/Ticketbleed - This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.
- turbobytes/recursive - Recursive DNS resolver for analysis
- turbobytes/dnsperfbench - DNS Performance Benchmarker
- eur0pa/goGetBucket - A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
- b4b4r07/go-check-certs - A utility to check validity and expiration dates of SSL certificates, written in Golang.
- abbot/go-http-auth - Basic and Digest HTTP Authentication for golang http
- b4b4r07/go-finder - CLI finder wrapper (fzf, peco, etc) for golang
- CrushedPixel/moshpit - A powerful cross-platform command-line tool for datamoshing.
- rgburke/grv - GRV is a terminal interface for viewing git repositories
- kennylevinsen/sshmux - SSH multiplexer
- apuigsech/seekret - Go library and command line to seek for secrets on various sources.
- ginuerzh/gost - GO Simple Tunnel - a simple tunnel written in golang
- sdidyk/mtproto - MTProto implementation in Golang
- shelomentsevd/telegramgo - CLI telegram client written in golang
- shazow/ssh-chat - Chat over SSH.
- gravitational/teleconsole - Command line tool to share your UNIX terminal and forward local TCP ports to people you trust.
- davecheney/httpstat - It's like curl -v, with colours.
- tomnomnom/gron - Make JSON greppable!
- owenthereal/ccat - Colorizing
cat
- NetSPI/gppdecrypt - Stand alone script to decrypt GPP cpassword.
- msoap/shell2http - Executing shell commands via HTTP server
- divan/gofresh - Keep your Go package dependencies fresh. Console tool for checking and updating package dependencies (imports).
- firstrow/go-outdated - Find outdated golang packages
- masterzen/winrm - Command-line tool and library for Windows remote command execution in Go
- kenshinx/godns - A fast dns cache server written by go
- abh/geodns - DNS server with per-client targeted responses
- zmap/zannotate - Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
- domainr/whois - Whois client for Go.
- briandowns/spinner - Go (golang) package with 90 configurable terminal spinner/progress indicators.
- zmap/zlint - X.509 Certificate Linter focused on Web PKI standards and requirements.
- Nhoya/gOSINT - OSINT Swiss Army Knife
- NetSPI/goddi - goddi (go dump domain info) dumps Active Directory domain information
- leonjza/go-observe - 🌌 Go-Observe: A command line Mozilla Observatory client written in Go
- dzonerzy/goWAPT - Go Web Application Penetration Test
- ga0/netgraph - A cross platform http sniffer with a web UI
- yl2chen/cidranger - Fast IP to CIDR lookup in Golang
- spolu/warp - Secure and simple terminal sharing
- gokcehan/lf - Terminal file manager
- zquestz/s - Open a web search in your terminal.
- kgretzky/dcrawl - Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
- radovskyb/go-packages - A large repository of code and documented examples for Go's standard package library.
- subgraph/macouflage - macouflage is a MAC address anonymization tool, written in Golang, for Linux-based operating systems.
- zricethezav/gronit - Cron monitoring written in Go
- anacrolix/dht - dht is used by anacrolix/torrent, and is intended for use as a library in other projects both torrent related and otherwise
- google/go-github - Go library for accessing the GitHub API
- xo/usql - Universal command-line interface for SQL databases
- iawia002/lux - 👾 Fast and simple video download library and CLI tool written in Go
- golang/go - The Go programming language
- mtojek/go-url-fuzzer - Discover hidden files and directories on a web server.
- CaliDog/certstream-go - Go library for connecting to CertStream
- milo2012/pathbrute - Pathbrute
- StackExchange/dnscontrol - Synchronize your DNS to multiple providers from a simple DSL
- marco-lancini/robtex-go - Go client for the Robtex API
- ncsa/ssh-auditor - The best way to scan for weak ssh passwords on your network
- bettercap/bettercap - The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
- claudiodangelis/qrcp - ⚡ Transfer files over wifi from your computer to your mobile device by scanning a QR code without leaving the terminal.
- ipfs/go-ipfs - IPFS implementation in Go
- cbednarski/hostess - An idempotent command-line utility for managing your /etc/hosts file.
- mmatczuk/go-http-tunnel - Fast and secure tunnels over HTTP/2
- tomnomnom/unfurl - Pull out bits of URLs provided on stdin
- haccer/subjack - Subdomain Takeover tool written in Go
- evilsocket/sg1 - A wanna be swiss army knife for data encryption, exfiltration and covert communication.
- evilsocket/dirsearch - A Go implementation of dirsearch.
- glen-mac/goGetBucket - A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
- sensepost/gowitness - 🔍 gowitness - a golang, web screenshot utility using Chrome Headless
- markjlorenz/hackpipe - Access REST or streaming APIs via a pipe-like interface -- "AWK for APIs"
- tomnomnom/httprobe - Take a list of domains and probe for working HTTP and HTTPS servers
- skyjia/repogen - A toy to generate a Markdown index document for my starred GitHub repositories.
- motemen/github-list-starred - List GitHub repositories starred by a user
- avineshwar/slurp - S3 bucket enumerator
- Ice3man543/hawkeye - Hawkeye filesystem analysis tool
- tomnomnom/waybackurls - Fetch all the URLs that the Wayback Machine knows about for a domain
- tomnomnom/meg - Fetch many paths for many hosts - without killing the hosts
- random-robbie/AWS-Scanner - Scans a list of websites for Cloudfront or S3 Buckets
- magisterquis/s3finder - Yet another open S3 bucket finder
- smiegles/mass3 -
- zricethezav/gitleaks - Scan git repos (or files) for secrets using regex and entropy 🔑
- keybase/go-keychain - Golang keychain package for iOS and macOS
- evilsocket/xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.
- mdreizin/chrome-bookmarks-alfred-workflow - Chrome/Canary/Chromium/Microsoft Edge bookmarks search workflow for Alfred
- nikitavoloboev/alfred-learn-anything - Alfred workflow to search Learn Anything
- seedifferently/nogo - A cross-platform network-wide ad/site blocker with a simple web control panel.
- rs/jplot - iTerm2 expvar/JSON monitoring tool
- DNSCrypt/dnscrypt-proxy - dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
- Yawning/obfs4 - The obfourscator (Courtesy mirror)
- 42wim/matterbridge - bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams, nextcloud, mumble, vk and more with REST API (mattermost not required!)
- requilence/integram - Integrate Telegram into your workflow – Trello, Gitlab, Bitbucket and other bots
- google/namebench - namebench
- activecm/rita - Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
- caffix/amass - In-depth Attack Surface Mapping and Asset Discovery
- Ne0nd0g/merlin - Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
- Ullaakut/cameradar - Cameradar hacks its way into RTSP videosurveillance cameras
- rclone/rclone - "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Yandex Files
- michenriksen/aquatone - A Tool for Domain Flyovers
- malisit/kolpa - A fake data generator written in and for Go
- notaryproject/notary - Notary is a project that allows anyone to have trust over arbitrary collections of data
- buger/goreplay - GoReplay is an open-source tool for capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with real data. It can be used to increase confidence in code deployments, configuration changes and infrastructure changes.
- hashicorp/vault - A tool for secrets management, encryption as a service, and privileged access management
- xtaci/kcptun - A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64。KCPプロトコルに基づく安全なトンネル。KCP 프로토콜을 기반으로 하는 보안 터널입니다。
- elves/elvish - Elvish = Expressive Programming Language + Versatile Interactive Shell
- fatedier/frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
- spf13/viper - Go configuration with fangs
- evilsocket/dnssearch - A subdomain enumeration tool.
- anshumanbh/git-all-secrets - A tool to capture all the git secrets by leveraging multiple open source git searching tools
- DeadNumbers/hikka-x86 - IP camera bruteforcer, 32 bit version
- jpillora/go-tcp-proxy - A small TCP proxy written in Go
- malfunkt/hyperfox - HTTP/HTTPS MITM proxy and recorder.
- zboya/gomitmproxy - gomitmproxy是想用golang语言实现[mitmproxy],实现http(s)代理
- dim0x69/windows-hunting -
- crazy-max/WindowsSpyBlocker - Block spying and tracking on Windows
- schachmat/wego - weather app for the terminal
- rabbitstack/fibratus - A modern tool for the Windows kernel exploration and tracing
- bsi-group/nsrls - nsrls is a server designed to provide access to the NSRL hash data set
- HowNetWorks/whereabouts - An HTTP service for mapping IPv4 and IPv6 addresses to cities, countries & continents
- RoliSoft/Host-Scanner-Scripts - Miscellaneous utility scripts for the Host Scanner application.
- mpolden/echoip - IP address lookup service
- kubernetes/kubernetes - Production-Grade Container Scheduling and Management
- oleksandr/bonjour - mDNS/DNS-SD (also known as Apple Bonjour) library for Go (in pure Go)
- ryhanson/checkpot - A tool for checking a hash:pass pot file for hashes from a user:hash file
- openfaas/faas - OpenFaaS - Serverless Functions Made Simple
- kashav/fsql - Find files with SQL.
- deckarep/EasyCert - EasyCert quickly generates web server TLS certificates that have been self-signed by a private certificate authority that it also creates.
- square/certigo - A utility to examine and validate certificates in a variety of formats
- SSLMate/certspotter - Certificate Transparency Log Monitor
- abesto/docker-compose-graphviz - Turn a docker-compose.yml files into Graphviz .dot files
- go-acme/lego - Let's Encrypt/ACME client and library written in Go
- rach/pome - A Postgres Metrics Dashboard
- caarlos0/env - A simple and zero-dependencies library to parse environment variables into structs.
- OWASP/Go-SCP - Go programming language secure coding practices guide
- mhausenblas/dnpipes - Distributed Named Pipes
- gravitational/teleport - Certificate authority and access plane for SSH, Kubernetes, web apps, databases and desktops
- thanasisk/TLSlayer - A fast SSL/TLS reconnaisance tool written in Go
- OJ/gobuster - Directory/File, DNS and VHost busting tool written in Go
- inconshreveable/ngrok - Introspected tunnels to localhost
- q3k/crowbar - Tunnel TCP over a plain HTTP session (warning: mediocre Go code)
- vyrus001/go-mimikatz - A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
- jrozner/sonar - Self contained cross platform DNS recon tool
- EgeBalci/ARCANUS - ARCANUS is a customized payload generator/handler.
- trufflesecurity/trufflehog - Find credentials all over the place
- optiopay/klar - Integration of Clair and Docker Registry
- jgsqware/clairctl - Tracking container vulnerabilities with Clair Control for CoreOS Clair
- genuinetools/reg - Docker registry v2 command line client and repo listing generator with security checks.
- google/syzkaller - syzkaller is an unsupervised coverage-guided kernel fuzzer
- boramalper/magnetico - Autonomous (self-hosted) BitTorrent DHT search engine suite.
- gonum/plot - A repository for plotting and visualizing data
- b4b4r07/zsh-history - A plugin for zsh history extended by golang, dealing it like SQL
- nictuku/dht - Kademlia/Mainline DHT node in Go.
- lair-framework/go-nmap - Nmap XML parsing library for Go
- s-rah/onionscan - OnionScan is a free and open source tool for investigating the Dark Web.
- securitywithoutborders/hardentools - Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
- golang/dep - Go dependency management tool experiment (deprecated)
- ahhh/Go_Shells - a collection of shells written with the go programming language, golang
- ghostunnel/ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services
- quay/clair - Vulnerability Static Analysis for Containers
- Matir/webborer - WebBorer is a directory-enumeration tool written in Go.
- gophish/gophish - Open-Source Phishing Toolkit
- dutchcoders/troje - Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.
- jaksi/sshesame - An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity
- mushorg/glutton - Generic Low Interaction Honeypot
- magisterquis/vnclowpot - Low-interaction VNC honeypot with a static challenge.
- schollz/find-lf - Track the location of every Wi-Fi device (:iphone:) in your house using Raspberry Pis and FIND
- sroberts/cacador - Indicator Extractor
- Phillipmartin/gopassivedns - PassiveDNS in Go
- asciimoo/wuzz - Interactive cli tool for HTTP inspection
- jarv/cmdchallenge - This repo is mirror of https://gitlab.com/jarv/cmdchallenge
- EgeBalci/EGESPLOIT - EGESPLOIT is a golang library for malware development
- nginx-proxy/docker-gen - Generate files from docker container meta-data
- publicsuffix/list - The Public Suffix List
- UnrealAkama/PassCrackNet - An application for distributing oclHashcat tasks.
- leechristensen/GolangSSHServer - A standalone SSH server written in Go
- leechristensen/GolangSocks5Server - A simple SOCKS5 server written in Go
- ellotheth/pipethis - Replace your
curl | sh
installers - andrewaeva/gobotnet - Pure HTTP and DNS Botnet written in Golang for Windows.
- leechristensen/tgscrack - Kerberos TGS_REP cracker written in Golang
- yudai/gotty - Share your terminal as a web application
- tomsteele/blacksheepwall - blacksheepwall is a hostname reconnaissance tool
- sensepost/ruler - A tool to abuse Exchange services
- ryhanson/phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
- ory/hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
- mauri870/powershell-reverse-http - 😇 A Powershell exploit service that opens a reverse http connection via meterpreter
- maliceio/malice - VirusTotal Wanna Be - Now with 100% more Hipster
- mailhog/MailHog - Web and API based SMTP testing
- janimo/textsecure - TextSecure client package for Go
- zmap/zdns - Fast CLI DNS Lookup Tool
- EgeBalci/HERCULES - HERCULES is a special payload generator that can bypass antivirus softwares.
- asharif/netsecure - a utility app based on nmap to detect unknown MAC address(s) on LAN and to send email alert
- restanrm/gans - Go automated nmap scanner
- LDCS/qsdatanet - qsdatanet runs nmap to detect up/down status of network devices on a configured subnets, and produces csv-formatted file output
- influxdata/influxdb - Scalable datastore for metrics, events, and real-time analytics
- suntong/cloudmail - IMAP-client program in Go
- mehrdadrad/mylg - Network Diagnostic Tool
- jheise/threatcmd - Cli interface to threatcrowd.org
- elastic/beats - 🐠 Beats - Lightweight shippers for Elasticsearch & Logstash
- SummitRoute/osxlockdown - [No longer maintained] Apple OS X tool to audit for, and remediate, security configuration settings.
- square/sharkey - Sharkey is a service for managing certificates for use by OpenSSH
- sirupsen/logrus - Structured, pluggable logging for Go.
- biggiesmallsAG/nightHawkResponse - Incident Response Forensic Framework
- zxsecurity/steamer - For importing, searching, and managing public password breach data
- leo-stone/hack-petya - search key to restore petya encrypted mft
- zakjan/cert-chain-resolver - SSL certificate chain resolver
- npackd/npackd - Package manager for Microsoft Windows: Wiki, bug tracker, mirror of the default repositories
- mozkeeler/sunlight - Examine the Certificate Transparency Log for Baseline Requirements issues
- sselph/scraper - A scraper for EmulationStation written in Go using hashing
- mfonda/simhash - Go implementation of simhash algoritim
- yahoo/gryffin - Gryffin is a large scale web security scanning platform.
- svent/sift - A fast and powerful alternative to grep
- mozilla/sops - Simple and flexible tool for managing secrets
- hellogcc/100-gcc-tips - A collection of gcc tips. 100 maybe just mean many here.
- FiloSottile/whoami.filippo.io - A ssh server that knows who you are. $ ssh whoami.filippo.io
- hanwen/go-fuse - FUSE bindings for Go
- howeyc/gopass - getpasswd for Go
- bgentry/go-osxkeychain - Golang package for accessing and manipulating the Mac OS X Keychain
- jgrahamc/httpdiff - Perform the same request against two HTTP servers and diff the results
- benjojo/dos_ssh - Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
- benjojo/AnyCatch - "Where does this IP hit on a AnyCast network?!"
- benjojo/Newmarket - Wrap a TCP connection over two HTTP connections, Previously named "RunAround"
- fairlyblank/md2min - convert markdown file to minimal html file
- hellogcc/100-gdb-tips - A collection of gdb tips. 100 maybe just mean many here.
- jmmcatee/cracklord - Queue and resource system for cracking passwords
- prometheus/prometheus - The Prometheus monitoring system and time series database.
- go-macaron/bindata - Package bindata is a helper module that allows to use in-memory static and template files for Macaron.
- github/hub - A command-line tool that makes git easier to use with GitHub.
- dinedal/textql - Execute SQL against structured text like CSV or TSV
- jamiemccrindle/dockerception - Docker building dockers - keeping them small
- jordan-wright/elastichoney - A Simple Elasticsearch Honeypot
- dgryski/go-pgpwords - Encode bytes with PGP's biometric word-list
- abh/geoip - GeoIP API for Golang
- dgryski/go-ipcrypt - ipcrypt implements a 4-byte block cipher
- joewalnes/websocketd - Turn any program that uses STDIN/STDOUT into a WebSocket server. Like inetd, but for WebSockets.
- abneptis/GoDHCP - An implementation of DHCPv4 (focused on clients) for Go
- monochromegane/the_platinum_searcher - A code search tool similar to ack and the_silver_searcher(ag). It supports multi platforms and multi encodings.
- ldx/bumper - An HTTP proxy with SSL/TLS Man In The Middle capabilities, written in Go.
- ustream/packer-builder-lxc - Packer builder for LXC containers
- aidanhs/dlgrab - docker layer grabber
- docker-archive/boatyard - [DEPRECATED] Web UI to docker build
- junegunn/fzf - 🌸 A command-line fuzzy finder
- sosedoff/pgweb - Cross-platform client for PostgreSQL databases
- avelino/awesome-go - A curated list of awesome Go frameworks, libraries and software
- ssllabs/ssllabs-scan - A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
- driskell/log-courier - Log Courier, a lightweight log shipper with Logstash integration.
- mozilla/masche - Deprecated - MIG Memory Forensic library
- snarlysodboxer/BTSyncInator - Multiple BitTorrent Sync Daemon Manager.
- snarlysodboxer/sploitinator - Run Metasploit modules against known hosts and ports, notify of vulnerabilities.
- pachyderm/pachyderm - The Complete MLOps Stack
- weaveworks/weave - Simple, resilient multi-host containers networking and more.
- appc/spec - App Container Specification and Tooling (archived, see rkt/rkt#4024)
- david415/HoneyBadger - Quantum Insert detector/recorder
- cyfdecyf/cow - HTTP proxy written in Go. COW can automatically identify blocked sites and use parent proxies to access.
- papertrail/remote_syslog2 - To install, see "Releases" tab. Self-contained daemon for reading local files and emitting remote syslog (without using local syslogd).
- gliderlabs/logspout - Log routing for Docker container logs
- evandcoleman/remuxer - Remux x264 MKV files into Apple TV Compatible MP4s
- karan/joe - 🏃 A .gitignore magician in your command line
- michenriksen/gitrob - Reconnaissance tool for GitHub organizations
- JustinAzoff/bro-pdns - Passive DNS collection using Bro
- tianon/gosu - Simple Go-based setuid+setgid+setgroups+exec
- michaelsauter/crane - Crane - Lift containers with ease
- crosbymichael/dockersql - Query your docker via SQL
- crosbymichael/slex - SSH multiplex
- yeasy/docker_practice - Learn and understand Docker&Container technologies, with real DevOps practice!
- mwgg/passera - [UNSUPPORTED] A small tool to turn any entered passphrase into a strong secure password, allowing you to easily use different strong passwords for different websites without storing them
- syncthing/syncthing - Open Source Continuous File Synchronization
- mozilla/tls-observatory - An observatory for TLS configurations, X509 certificates, and more.
- docker/compose - Define and run multi-container applications with Docker
- cheat/cheat - cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not frequently enough to remember.
- getlantern/enproxy - Chained HTTP proxy that supports arbitrary TCP traffic tunneled over HTTP proxies using encapsulated HTTP requests
- getlantern/sitescanner - Tunnel scanner
- mozilla/mig - Distributed & real time digital forensics at the speed of the cloud
- miekg/skydns2 - Development is taking place: https://github.com/skynetservices/skydns2
- skynetservices/skydns1 - DNS for skynet or any other service discovery
- crosbymichael/skydock - Service discovery via DNS for docker
- akrennmair/gopcap - A simple wrapper around libpcap for the Go programming language
- miekg/dns - DNS library in Go
- sburnett/encore - Measure Web filtering from Web browsers.
- mtourne/gurl - gURL, it's like cURL but for SPDY in Go.
- jondot/groundcontrol - Manage and monitor your Raspberry Pi with ease
- flynn-archive/discoverd - Archived -- see https://github.com/flynn/flynn
- omc/dendrite - Dendrite adds all your logs to a single structured log stream, so you can search, graph, and analyze easier.
- maliceio/malice-av - Malice AntiVirus Plugins
- zmap/zgrab - DEPRECATED This project has been replaced by https://github.com/zmap/zgrab2
- williballenthin/govt - Virustotal API for Go
- threatstream/go-bulk-dns-resolver - Lightning-fast high-performance bulk DNS resolution tool written in Go.
- hashicorp/packer - Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
- peco/peco - Simplistic interactive filtering tool
- FiloSottile/Heartbleed - A checker (site and tool) for CVE-2014-0160
- boot2docker/boot2docker-cli - boot2docker management utility
- client9/ipcat - Categorization of IP Addresses
- titanous/heartbleeder - OpenSSL CVE-2014-0160 Heartbleed vulnerability test
- jvehent/pgpfinder - Find PGP keys on keyservers and show the details of each key
- moul/assh - 💻 make your ssh client smarter
- cmars/sshlurp - Retrieve SSH public keys from remote hosts.
- elastic/logstash-forwarder - An experiment to cut logs in preparation for processing elsewhere. Replaced by Filebeat: https://github.com/elastic/beats/tree/master/filebeat
- docopt/docopt.go - A command-line arguments parser that will make you smile.
- fiorix/go-redis - Redis client library for Go
- ncode/gogix - Transports your local syslog to Graylog2 via AMQP
- mitchellh/cli - A Go library for implementing command-line interfaces.
- urfave/cli - A simple, fast, and fun package for building command line apps in Go
- jmhodges/howsmyssl - The web app running howsmyssl.com
- rakyll/boom - HTTP(S) load generator, ApacheBench (ab) replacement, written in Go
- toorop/ovh-cli - Command-line tool to consume OVH services
- jmhodges/justrun - A tool that watches files, and runs possibly long-lived commands when they change.
- mozilla-services/heka - DEPRECATED: Data collection and processing made easy.
- moby/moby - Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
- HouzuoGuo/tiedot - A rudimentary implementation of a basic document (NoSQL) database in Go
- utahta/pythonbrew - Python Environment manager
- fiorix/freegeoip - IP geolocation web server
- progrium/localtunnel - Expose localhost servers to the Internet
- opendns/Security_Ninjas_AppSec_Training - OpenDNS application security training program
- vfarcic/ms-lifecycle -
- docToolchain/docToolchain - a Gradle based AsciiDoc Toolchain for Software Architecture Documentation
- theratpack/grails-zap-security-tests-plugin - Grails plugin to run security tests using the OWASP's Zed Attack Proxy
- khuedoan/homelab - Small and energy efficient self-hosting infrastructure, fully automated from empty disk to operating services.
- alijahnas/CKA-practice-exercises - This is a guide for passing the CNCF Certified Kubernetes Administrator (CKA) with practice exercises. Good luck!
- PacktPublishing/Kubernetes-in-Production-Best-Practices - Kubernetes Production Best Practices, published by Packt
- iacsecurity/tool-compare -
- stackrox/Kubernetes_Security_Specialist_Study_Guide -
- ctxis/DynamicLabs -
- jtracey93/AzureSubscriptionVendingFunction - A PowerShell Azure Function to create Azure EA Subscriptions.
- b3n-j4m1n/Red-Terroir - Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure
- iknowjason/Velociraptor_Azure - A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
- iknowjason/HELK_Azure - A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.
- jonrau1/AWS-ComplianceMachineDontStop - Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.
- bridgecrewio/terragoat - TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
- offensive-terraform/terraform-aws-rds-snapshot-publicly-exposed - Offensive Terraform module which creates RDS database from a publicly exposed RDS snapshot in attacker's AWS account. After that, attacker can connect to RDS database and inspect it.
- aaaguirrep/offensive-docker-vps - Create a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
- iknowjason/AriaCloud - A Docker container for remote penetration testing.
- christophetd/Adaz - 🔧 Deploy customizable Active Directory labs in Azure - automatically.
- sozercan/OpenShift-Azure-Terraform - ⛑ Deploy OpenShift Origin on Azure using Terraform and Ansible
- cloudposse/terraform-aws-iam-user - Terraform Module to provision a basic IAM user suitable for humans.
- xFreed0m/Disruption - Terraform script to deploy AD-based environment on Azure
- secdevops-cuse/CyberRange - The Open-Source AWS Cyber Range
- grem11n/terraform-aws-vpc-peering - Terraform module to setup VPC peering connection
- nccgroup/sadcloud - A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
- BlueTeamLabs/sentinel-attack - Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
- avantoss/vault-infra - Terraform to create Vault infrastructure
- hashicorp/terraform-aws-vault - A Terraform Module for how to run Vault on AWS using Terraform and Packer
- Coalfire-Research/Red-Baron - Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
- byt3bl33d3r/Red-Baron - Automate creating resilient, disposable, secure and agile infrastructure for Red Teams
- mantvydasb/Red-Team-Infrastructure-Automation - Disposable and resilient red team infrastructure with Terraform
- cloudposse/terraform-aws-jenkins - Terraform module to build Docker image with Jenkins, save it to an ECR repo, and deploy to Elastic Beanstalk running Docker stack
- TomJanetscheck/AzureSecurity - This repository contains code snippets for secure deployments of Azure resources.
- rgl/windows-vagrant - Windows 10/11/2016/2019/2022 Base Vagrant Box (https://app.vagrantup.com/rgl)
- apparentlymart/terraform-aws-tf-registry - Terraform module for creating a simple private Terraform registry in AWS with DynamoDB
- nozaq/terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
- lbernail/dockeroverlays -
- kojiromike/inception - Wrap dind to run a container at arbitrary depth
- roottusk/vapi - vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
- tb0hdan/domains - World’s single largest Internet domains dataset
- kubecamp/kubernetes_in_one_day - Material for the training course
- kubecamp/kubernetes_in_2_days - Material for the training course
- cyberheartmi9/PayloadsAllTheThings -
- cncf/glossary - Cloud Native Glossary
- anki-geo/ultimate-geography - Geography flashcard deck for Anki
- cipher387/osint_stuff_tool_collection - A collection of several hundred online tools for OSINT
- Woile/gopass-cheat-sheet - Cheat Sheet for the awesome gopass
- TheBobPony/getwindows11.tech - Mirrors to download the leaked Windows 11 build.
- tracelabs/tlosint-live - Trace Labs OSINT Linux Distribution based on Kali.
- jobgemws/Projects-MS-SQL-Server-DBA - Утилиты и скрипты для MS SQL Server DBA
- ricsirigu/Top10 - Official OWASP Top 10 Document Repository
- EddieHubCommunity/awesome-github-profiles - List of GitHub profiles that have awesome customisation, that you can use for inspiration
- juro-privacy/free-privacy-notice - Open source privacy notice design patterns.
- JavierOlmedo/OWASP-Calculator - 🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
- ITI/ICS-Security-Tools - Tools, tips, tricks, and more for exploring ICS Security.
- erlonpinheiro/kubernetes_de_k_a_s - Conteúdo utilizado no treinamento Kubernetes de K a S
- Vairous7x/V7x-Fishing2 - V7x Fishing Tool, The Most Powerful Tool For All
- schomery/privacy-settings - Alter Firefox's built-in privacy settings easily with a toolbar panel
- umpirsky/country-list - 🌐 List of all countries with names and ISO 3166-1 codes in all languages and data formats.
- OWASP/www-project-kubernetes-security-testing-guide - OWASP Kubernetes Security Testing Guide
- fpmon/fingerprinting-monitor - A fingerprinting monitor for Chrome.
- JPCERTCC/ToolAnalysisResultSheet - Tool Analysis Result Sheet
- elestio/ws-monitoring - A simple & lightweight realtime monitoring web UI + server in Node.js
- prinsharma1999/bug_bounty_tweets -
- jstrosch/malware-samples - Malware samples, analysis exercises and other interesting resources.
- madhuakula/kubernetes-goat - Kubernetes Goat 🐐 is a "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🔐
- AaronDinnage/Licensing - Microsoft 365 licensing diagrams
- WADComs/WADComs.github.io - WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
- erebe/personal-server - Personal server configuration with k3s
- ibrahimjelliti/CKSS-Certified-Kubernetes-Security-Specialist - This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
- collabnix/kubelabs - Kubernetes - Beginners | Intermediate | Advanced
- CyberSecDef/STIG - STIG/Security Control XML Transformations
- daattali/beautiful-jekyll - ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com
- MS-WEB-BN/c41n - Automated rogue access point setup tool.
- incidrthreat/GoTunnelr -
- MartinPacker/md2pptx - Markdown To PowerPoint converter
- fr34k8/security_whitepapers - Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
- nccgroup/autochrome - This tool downloads, installs, and configures a shiny new copy of Chromium.
- cloudflare/isbgpsafeyet.com - Is BGP safe yet?
- counteractive/security-controls -
- Cisc0-gif/KITT-Lite - Python-Based Pentesting CLI Tool
- DefensiveOrigins/APT06202001 - Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020
- ustayready/CredSniper - CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
- subspacecommunity/subspace - A fork of the simple WireGuard VPN server GUI community maintained
- guhe120/Windows-EoP - Windows EoP Bugs
- blabla1337/skf-flask - Security Knowledge Framework (SKF) Python Flask / Angular project
- mitre-attack/attack-evals - ATT&CK Evaluations website (DEPRECATED)
- sans-blue-team/sec455-wiki -
- sans-blue-team/sec530-wiki -
- sans-blue-team/sec555-mdwiki-v1 -
- sans-blue-team/blue-team-wiki - Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
- activecm/threat-hunting-labs - Collection of walkthroughs on various threat hunting techniques
- 5bhuv4n35h/pentestmindmap - a mindmap on pentest #pentestmindmap #oscp #lpt #ecsa #ceh #bugbounty
- fkasler/scope_creep - Mass target enumeration
- etlownoise/xolo - Tool to crawl, visualize and interact with SQL server links in a d3 graph to help in your red/blue/purple/.../risk assessments pentest hacking team exercises.
- cloudfoundry-tutorials/tutorials -
- circlecell/randomkeygen.com - Random Key Generator
- koutto/jok3r - Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
- Igglybuff/awesome-piracy - A curated list of awesome warez and piracy links
- w3c/webcrypto - The W3C Web Cryptography API
- faizann24/phishytics-machine-learning-for-phishing - Machine Learning for Phishing Website Detection
- Build5Nines/exam-assessments - A collection of Self Assessment tools to help study for certification exams.
- OpenRCE/Malware-Analysis-Training - Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.
- nu11secur1ty/Windows10Exploits - Microsoft » Windows 10 : Security Vulnerabilities
- MalwareTech/CitrixHoneypot - Detect and log CVE-2019-19781 scan and exploitation attempts.
- Elemental-attack/Elemental - Elemental - An ATT&CK Threat Library
- RenwaX23/X - Playground
- ninoseki/mihari - A tool for OSINT based threat hunting
- Azure/SONiC - Landing page for Software for Open Networking in the Cloud (SONiC) - http:https://azure.github.io/SONiC/
- RomanEmelyanov/CobaltStrikeForensic - Toolset for research malware and Cobalt Strike beacons
- MohitDabas/malwinx - Just a normal flask web app to understand win32api with code snippets and references.
- gnebbia/nmap_tutorial - Some collected notes about nmap
- coinbase/salus - Security scanner coordinator
- davidtavarez/passwords - Online password generator
- amolnaik4/bodhi - Bodhi - Client-side Vulnerability Playground
- ninoseki/cortex-securitytrails - Cortex analyzer for SecurityTrails
- redcanaryco/wwhf - Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
- warrensbox/terraform-switcher - A command line tool to switch between different versions of terraform (install with homebrew and more)
- makash/effective-ssh-usage-for-pentesters - This is a beginner level session to train you into using SSH more effectively. While pentesters may benefit (especially if they are planning on doing a time based exam like OSCP), this should be useful for anyone who has a need to login to servers using a Secure SHell.
- OpenToAllCTF/REsources - Reverse Engineering Resources
- devvid/python-common-crawl-amazon-example - Exploring Common-Crawl using Python and DynamoDB
- PeterBrockfeld/passwordCardGenerator - A standalone JavaScript application to generate password cards for offline use
- chrissimpkins/cinder - A clean, responsive MkDocs theme
- Tikam02/DevOps-Guide - DevOps Guide - Development to Production all configurations with basic notes to debug efficiently.
- ehsahil/werdlists - ⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
- endoflife-date/endoflife.date - Informative site with EoL dates of everything
- da667/Training_Materials_Bookmarks - Learn you a book for some infosec good
- secuvera/SpotMyBackup - Backup and Restore your Spotify Playlists and "My Music"
- mozilla/tracking-test - Test page for tracking protection
- majkinetor/au-packages - Chocolatey packages by majkinetor
- victorshinya/awesome-ibmcloud - A curated list of awesome IBM Cloud SDKs, open source repositories, tools, blogs and other resources.
- proabiral/inception - A highly configurable Framework for easy automated web scanning
- sqreen/DevOpsSecurityChecklist -
- w3c/reporting - Reporting API
- JohnLaTwC/MSRC - Scripts for interacting with MSRC portal data
- posquit0/hugo-awesome-identity - 😤 Awesome Identity is a single-page Hugo theme to introduce yourself.
- shd101wyy/markdown-preview-enhanced - One of the 'BEST' markdown preview extensions for Atom editor!
- skahwah/wordsmith_parsers - This repository contains a collection of parsers that were written to collect and collate data for Wordsmith v2
- threatland/TL-FRAUD - A collection of fraud related tools for research.
- sbousseaden/EVTX-ATTACK-SAMPLES - Windows Events Attack Samples
- lkys37en/DetectionLab - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
- vanhoefm/dragonblood -
- codepr/codepr.github.io - Personal site
- adulau/misp-osint-collection - Collection of best practices to add OSINT into MISP and/or MISP communities
- sisoc-tokyo/Real-timeDetectionAD_ver2 -
- pmcao/caudit - CAUDIT: Continuous Auditing of SSH Servers To Mitigate Brute-Force Attacks
- decal/werdlists - ⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
- syncsynchalt/illustrated-tls13 - The Illustrated TLS 1.3 Connection: Every byte explained
- AwsGeek/aws-periodic-table -
- DefectDojo/django-DefectDojo - DefectDojo is an open-source DevSecOps and vulnerability management tool.
- google/fonts - Font files available from Google Fonts, and a public issue tracker for all things Google Fonts
- jgamblin/NMapNetworkInventoryContainer - A Docker Container To Continually Scan Your Network And Display Findings Cleanly.
- kubernetes/website - Kubernetes website and documentation repo:
- mpgn/CVE-2019-9580 - CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE
- NetSPI/SQLInjectionWiki - A wiki focusing on aggregating and documenting various SQL injection methods
- L4bF0x/PhishingPretexts - A library of pretexts to use on offensive phishing engagements.
- Arno0x/EmbedInHTML - Embed and hide any file in an HTML file
- Lz1y/CVE-2018-8420 - 原PoC甚至符号都打错了!太不走心了!
- CHYbeta/Web-Security-Learning - Web-Security-Learning
- docker/docker.github.io - Source repo for Docker's Documentation
- WebpageFX/emoji-cheat-sheet.com - A one pager for emojis on Campfire and GitHub
- EIGHTFINITE/jdownloader-portable - 🌎 JDownloader in PortableApps.com format — https://github.com/EIGHTFINITE/jdownloader-portable | https://portableapps.com/node/53823 | http:https://jdownloader.org/
- OWASP/german-owasp-day - German OWASP Day conference site & presentation archive
- mozilla/server-side-tls - Server side TLS Tools
- kafkaesqu3/subtee-gist-mirror - few months old but better than nothing
- oleg-shilo/cs-script - C# scripting platform
- Anon215/privacytools.it-sec.rocks - deutsche, angepasste Version von
- RaymiiOrg/cipherli.st - Ciplerli.st - strong ciphers for NGINX, Apache and Lighttpd
- NigelEarle/AWS-CSA-Notes-2018 - My AWS Certified Solutions Architect Associate Study Notes!
- hakanson/ng-owasp - ng-owasp: OWASP Top 10 for AngularJS Applications
- rvrsh3ll/Word-Doc-Video-Embed-EXE-POC -
- nshalabi/ATTACK-Tools - Utilities for MITRE™ ATT&CK
- dastergon/availability-calculator - Calculate how much downtime should be permitted in your Service Level Agreement or Objective
- mxk/win10-secure-baseline-gpo - Windows 10 and Server 2016 Secure Baseline Group Policy
- clr2of8/ChromeShot - Capture web screenshots using Chrome. No other dependencies required. Works cross platform.
- jeroenjanssens/data-science-at-the-command-line - Data Science at the Command Line
- garethflowers/postgresql-portable - Portable version of the PostgreSQL Database Server, for Windows
- praetorian-inc/DVRF - The Damn Vulnerable Router Firmware Project
- cyc10n3/WPSpider - A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
- madhur/PortableJekyll - Portable Jekyll for Windows
- shower/shower - Shower HTML presentation engine
- GTFOBins/GTFOBins.github.io - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
- AndyFul/Hard_Configurator - GUI to Manage Software Restriction Policies and harden Windows Home OS
- clr2of8/CookieCrimesJS - A cross-platform one-liner to steal a user's cookies from Chrome <- cool
- wisec/domxsswiki - Automatically exported from code.google.com/p/domxsswiki
- usnistgov/mobile-threat-catalogue - NIST/NCCoE Mobile Threat Catalogue
- GovReady/govready-q - An open source, self-service GRC tool to automate security assessments and compliance.
- NorthwoodsSoftware/GoJS - JavaScript diagramming library for interactive flowcharts, org charts, design tools, planning tools, visual languages.
- fivefilters/block-ads - Web page to test ad blocking and encourage use of blockers.
- sense-of-security/ADRecon - ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
- grahams/safari-utm-stripper - Safari extension that strips Google Analytics (i.e. Urchin Traffic Monitor) tokens from URL query strings.
- knative/docs - User documentation for Knative components.
- honze-net/nmap-bootstrap-xsl - A Nmap XSL implementation with Bootstrap.
- kjur/jsrsasign - The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES and JSON Web Signature/Token in pure JavaScript.
- emn178/online-tools - Online tools provides md2, md5, sha1, sha2, sha512, bas64, html encode / decode functions
- blivesta/flexicon - SVG icon collection.
- chromium/badssl.com - 🔒 Memorable site for testing clients against bad SSL configs.
- nabla-c0d3/trust_stores_observatory - Continuously monitor and record the content of the major platforms' root certificate stores.
- tomschlenkhoff/bsi-it-grundschutz - ePUB / AZW3 / mobi Version des aktuellen Entwurfs des BSI IT-Grundschutzes
- OWASP/ASVS - Application Security Verification Standard
- JonnyBanana/safari-ie-reaper.github.io - Simple HTML page that i realized to test the CSS webkit filter DoS attack created by pwnsdx
- rootclay/Powershell-Attack-Guide - Powershell攻击指南----黑客后渗透之道
- intezer/linux-explorer - Easy-to-use live forensics toolbox for Linux endpoints
- bevacqua/hget - 👏 Render websites in plain text from your terminal
- OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
- ericchiang/pup - Parsing HTML at the command line
- h-yde/ReconDashboard - Dashboard containing various recon tools
- deanishe/alfred-searchio - Alfred workflow to auto-suggest search results from multiple search engines and languages.
- Patrowl/PatrowlDocs - PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
- clong/DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
- francisck/DanderSpritz_lab - A fully functional DanderSpritz lab in 2 commands
- muellerberndt/smashing-smart-contracts - Compiled writings on EVM smart contracts security analysis.
- cloudsriseup/PoorOperationalSecurityPractices - Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.
- OWASP/Top10 - Official OWASP Top 10 Document Repository
- IAIK/interruptjs - Practical Keystroke Timing Attacks in Sandboxed JavaScript
- MISP/misp-rfc - Specifications used in the MISP project including MISP core format
- jgamblin/nmaptable - Transform NMap Scans to an D3.js HTML Table
- threatexpress/metatwin - The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
- securitytxt/security-txt - A proposed standard that allows websites to define security policies.
- CipherShed/CipherShedBuilds - Contains the generated and built documentation, data, debug information and executables.
- rougier/python-visualization-landscape - Adaptation of Jake VanderPlas graphic about python visualization landscape
- SkyLined/LocalNetworkScanner - PoC Javascript that scans your local network when you open a webpage
- phin3has/Dockerfiles - My collection of dockerfiles
- braimee/bpatty - Brian's Pentesting and Technical Tips for You
- r00t-3xp10it/morpheus - Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)
- tpn/pdfs - Technically-oriented PDF Collection (Papers, Specs, Decks, Manuals, etc)
- flakshack/SysAdminBoard - Simple dashboard system for sysadmins with modules for VMware, SNMP, REST API and more
- zaproxy/zap-extensions - OWASP ZAP Add-ons
- jglovier/resume-template - 📄💼🎩 A simple Jekyll + GitHub Pages powered resume template.
- alexdglover/AWSCodeDeployCourseMaterials - Templates, scripts, revisions, etc that are used in the AWS CodeDeploy course on Udemy and ACloudGuru
- SamJoan/droopescan - A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
- rapid7/hackazon - A modern vulnerable web app
- sectalks/sectalks - CTFs, solutions and presentations
- dxa4481/windowHijacking - A demo of altering an opened tab after a timer
- JonnyHightower/neet - Neet - Network Enumeration and Exploitation Tool
- lukas-w/font-logos - An icon font providing popular linux distro's logos
- zimfw/zimfw - Zim: Modular, customizable, and blazing fast Zsh framework
- cloudtracer/ThreatPinchLookup - Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
- adde88/ManaToolkit - Mana Toolkit - Module for the WiFi Pineapple (NANO/TETRA)
- google/rekall-profiles - Public Profile Repository for Rekall Memory Forensic.
- sovereign/sovereign - A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
- thinkst/canarytokens - Canarytokens helps track activity and actions on your network.
- raspberrypi/documentation - The official documentation for Raspberry Pi computers and microcontrollers
- georgebrock/1pass - A command line interface for 1Password
- gradiuscypher/infosec_getting_started - A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
- ddbullfrog/resumecard - You can see the live demo
- adhdproject/adhdproject.github.io -
- coolwanglu/pdf2htmlEX - Convert PDF to HTML without losing text or format.
- eugenekolo/sec-tools - A set of security related tools
- woanware/woanware.github.io -
- jpf/domain-profiler - Given a domain, will tell you the decisions that the domain owner has made.
- dxa4481/Damn-Vulnerable-Redis-Container - An example of obtaining RCE via Redis and CSRF
- maurermj08/efetch - Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.
- keithjjones/visualize_logs - A Python library and command line tools to provide interactive log visualization.
- scudette/memory-analysis - A Rekall interactive document for a Memory Analysis workshop/course.
- doesitscript/PSPesterDashboardKickstarter - PowerShell Pester HTML Reporting on Infrastructure
- myano/lmddgtfy - Let Me DuckDuckGo That For You
- dirtycow/dirtycow.github.io - Dirty COW
- xsscx/Commodity-Injection-Signatures - Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
- rapid7/metasploitable3 - Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
- szimeus/evalyzer - Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection
- vah13/AVDetection - A simple way for detection the remote user's antivirus
- Draft2007/Scripts -
- shoxxdj/HackingStuff - All my Tools/ Tricks/ Stuff
- abzcoding/aptdetector - Advanced Persistent Threat Detection Using Network Analysis
- rtucker/imap2maildir - Backs up an IMAP mailbox to a maildir. Useful for backing up mail stored on free webmail providers, etc.
- nsacyber/Windows-Secure-Host-Baseline - Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
- gfoss/misc - 👽 miscellaneous scripts and things...
- ooni/ooni.org - The ooni.org homepage and all cross organisational issues
- Danladi/HttpPwnly - "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
- ripienaar/free-for-dev - A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
- sys4/postproof - Collect messages from a Postfix mail queue and preserve them as incident report
- marcoramilli/malexit - find and detect Malicious TOR Relays
- cortesi/ghrabber - Grab files matching a search specification from Github
- aliev/runestone - 📙 Перевод книги Problem Solving with Algorithms and Data Structures Using Python
- DefensePointSecurity/threat_note - DPS' Lightweight Investigation Notebook
- etherealmachine/etherealmachine.github.io -
- mmistakes/minimal-mistakes - 📐 Jekyll theme for building a personal site, blog, project documentation, or portfolio.
- mojombo/mojombo.github.io - Jekyll source for my personal blog.
- PeerJ/paper-now - Create, edit and display a journal article, entirely in GitHub
- coursera-dl/edx-dl - A simple tool to download video lectures from edx.org (and other openedx sites)
- idleberg/base16-notepad-plus-plus - Notepad++ styles based on Chris Kempson's Base16 colour scheme
- privacytools/privacytools.io - 🛡🛠 You are being watched. Protect your privacy against global mass surveillance.
- knennigtri/Import-Evernote-into-AEM -
- cure53/HTTPLeaks - HTTPLeaks - All possible ways, a website can leak HTTP requests
- thugs-rumal/rumal - Thug's Rumāl: a Thug's dress & weapon
- hugsy/codebro - Web based code browser using clang to provide basic code analysis.
- crackinglandia/pype32 - Yet another Python library to read and write PE/PE+ files.
- voxpupuli/puppet-postfix - Puppet postfix module
- octocat/Spoon-Knife - This repo is for demonstration purposes only.
- jsakamoto/MarkdownPresenter - For when you're giving a presentation in half an hour, and you haven't got the time to open up keynote...
- hwmaier/asciidoc-mscgen-filter - mscgen filter for AsciiDoc
- mdo/code-guide - Standards for developing consistent, flexible, and sustainable HTML and CSS.
- cudeso/tools - Different tools, [email protected]
- rcrowley/certified - Generate and manage an internal CA for your company
- Roguelazer/onepasswordpy - Python implementation of 1Password keychains
- gnab/remark - A simple, in-browser, markdown-driven slideshow tool.
- ivandavidov/minimal - Minimal Linux Live (MLL) is a tiny educational Linux distribution, which is designed to be built from scratch by using a collection of automated shell scripts. Minimal Linux Live offers a core environment with just the Linux kernel, GNU C library, and Busybox userland utilities.
- wincent/presentation-template - Simple starting template for slideshow presentations built using reveal.js, highlight.js and HTML
- diafygi/webrtc-ips - Demo: https://diafygi.github.io/webrtc-ips/
- keen/dashboards - Responsive dashboard templates 📊✨
- mozilla/spiderflunky - Static analysis of JavaScript
- RadLikeWhoa/bookmarklets - bookmarklets is a curated list of, you guessed it, bookmarklets that are useful on the web.
- zenkay/bigdata-ecosystem - BigData Ecosystem Dataset
- vjousse/viserlalune - http:https://vincent.jousse.org
- paulrouget/dzslides - DZSlides is a one-file HTML template to build slides in HTML5 and CSS3.
- michaelhelmick/lassie - Web Content Retrieval for Humans™
- grangier/python-goose - Html Content / Article Extractor, web scrapping lib in Python
- chrisalbon/code_py - A collection of well-commented code snippets for data science
- wijjo/passhash - Password Hasher Firefox extension
- getpelican/pelican - Static site generator that supports Markdown and reST syntax. Powered by Python.
- ImageOptim/ImageOptim - GUI image optimizer for Mac
- deanmalmgren/textract - extract text from any document. no muss. no fuss.
- Z6543/ZombieBrowserPack - Firefox, Chrome, Safari browser extensions, Rails control server, meterpreter scripts, SET plugin
- MRGEffitas/ZombieBrowserPack - Firefox, Chrome, Safari browser extensions, Rails control server, meterpreter scripts, SET plugin
- sensepost/mana - DEPRECATED mana toolkit for wifi rogue AP attacks and MitM
- ttscoff/KeyBindings - DefaultKeybindings.dict for Mac OS X
- NikolaiT/GoogleScraper - A Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, ...). Including asynchronous networking support.
- sbehrens/sleepy-puppy - Deprecated please use https://github.com/Netflix/sleepy-puppy
- ageitgey/node-unfluff - Automatically extract body content (and other cool stuff) from an html document
- droidsec/droidsec.github.io - The droidsec web site!
- mitro-co/mitro - Repository for all Mitro client & server code
- doar-e/bak.doar-e.github.io - Diary of a reverse-engineer
- chrisspen/webarticle2text - [DEPRECATED] A script to extract the main article text from an arbitrary webpage.
- HackEducation/guide - Hack Education's Ed-Tech Guide
- vz-risk/veris - Vocabulary for Event Recording and Incident Sharing (VERIS)
- tennc/fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
- waldobronchart/ShortcutMapper - A visual keyboard shortcut