# [All Resource Collection Projects](https://github.com/alphaSeclab/all-my-collection-repos)




# PS
- [中文版本](https://github.com/alphaSeclab/sec-tool-list)
- Because Github can not show all lines, this page only show the first 1000 tools sorted by star count. [Read Full Version Here](https://github.com/alphaSeclab/sec-tool-list/blob/master/Readme_full_en.md)


# Tool List
- [**70102**Star][10d] [JS] [trekhleb/javascript-algorithms](https://github.com/trekhleb/javascript-algorithms) JavaScript算法和数据结构
- [**66889**Star][3m] [Py] [thealgorithms/python](https://github.com/thealgorithms/python) All Algorithms implemented in Python
- [**61315**Star][10d] [JS] [puppeteer/puppeteer](https://github.com/puppeteer/puppeteer) Headless Chrome Node.js API
- [**49304**Star][10d] [C#] [shadowsocks/shadowsocks-windows](https://github.com/shadowsocks/shadowsocks-windows) If you want to keep a secret, you must also hide it from yourself.
- [**37096**Star][10d] [Py] [scrapy/scrapy](https://github.com/scrapy/scrapy) Scrapy, a fast high-level web crawling & scraping framework for Python.
- [**35937**Star][10d] [Py] [minimaxir/big-list-of-naughty-strings](https://github.com/minimaxir/big-list-of-naughty-strings) The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
- [**35780**Star][10d] [Go] [fatedier/frp](https://github.com/fatedier/frp) A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
- [**35435**Star][8m] [hack-with-github/awesome-hacking](https://github.com/hack-with-github/awesome-hacking) A collection of various awesome lists for hackers, pentesters and security researchers
- [**35073**Star][7d] [C++] [x64dbg/x64dbg](https://github.com/x64dbg/x64dbg) An open-source x64/x32 debugger for windows.
- [**32627**Star][10d] [Py] [shadowsocks/shadowsocks](https://github.com/shadowsocks/shadowsocks) shadowsocks
- [**32301**Star][10d] [trimstray/the-book-of-secret-knowledge](https://github.com/trimstray/the-book-of-secret-knowledge) A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
- [**31373**Star][7d] [Go] [v2ray/v2ray-core](https://github.com/v2ray/v2ray-core) A platform for building proxies to bypass network restrictions.
- [**29641**Star][10d] [Kotlin] [shadowsocks/shadowsocks-android](https://github.com/shadowsocks/shadowsocks-android) A shadowsocks client for Android
- [**28802**Star][2m] [JS] [algorithm-visualizer/algorithm-visualizer](https://github.com/algorithm-visualizer/algorithm-visualizer) an interactive online platform that visualizes algorithms from code.
- [**26685**Star][10d] [Py] [certbot/certbot](https://github.com/certbot/certbot) Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
- [**26685**Star][10d] [Py] [certbot/certbot](https://github.com/certbot/certbot) Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
- [**26594**Star][1y] [Py] [imhuay/algorithm_interview_notes-chinese](https://github.com/imhuay/algorithm_interview_notes-chinese) 2018/2019/校招/春招/秋招/算法/机器学习(Machine Learning)/深度学习(Deep Learning)/自然语言处理(NLP)/C/C++/Python/面试笔记
- [**26576**Star][6m] [Swift] [shadowsocks/shadowsocksx-ng](https://github.com/shadowsocks/shadowsocksx-ng) Next Generation of ShadowsocksX
- [**26238**Star][10d] [xitu/gold-miner](https://github.com/xitu/gold-miner) 翻译优质互联网技术文章的社区
- [**24073**Star][10d] [Go] [filosottile/mkcert](https://github.com/filosottile/mkcert) A simple zero-config tool to make locally trusted development certificates with any names you'd like.
- [**23690**Star][10d] [alvin9999/new-pac](https://github.com/alvin9999/new-pac) 科学上网/自由上网/翻墙/软件/方法，免费shadowsocks/ss/ssr/v2ray/goflyway账号，vps一键搭建脚本/教程
- [**22908**Star][4m] [PHP] [danielmiessler/seclists](https://github.com/danielmiessler/seclists) SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- [**22862**Star][10d] [Swift] [raywenderlich/swift-algorithm-club](https://github.com/raywenderlich/swift-algorithm-club) Algorithms and data structures in Swift, with explanations!
- [**22521**Star][10d] [Rust] [alacritty/alacritty](https://github.com/alacritty/alacritty) A cross-platform, GPU-accelerated terminal emulator
- [**22161**Star][10d] [Java] [skylot/jadx](https://github.com/skylot/jadx) Dex to Java decompiler
- [**21446**Star][3m] [Java] [thealgorithms/java](https://github.com/thealgorithms/java) All Algorithms implemented in Java
- [**21055**Star][10d] [Java] [alibaba/arthas](https://github.com/alibaba/arthas) Alibaba Java Diagnostic Tool Arthas
- [**21039**Star][10d] [Shell] [streisandeffect/streisand](https://github.com/StreisandEffect/streisand) Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
- [**20823**Star][10d] [C++] [cmderdev/cmder](https://github.com/cmderdev/cmder) Lovely console emulator package for Windows
- [**20797**Star][10d] [Java] [nationalsecurityagency/ghidra](https://github.com/nationalsecurityagency/ghidra) Ghidra is a software reverse engineering (SRE) framework
- [**20360**Star][3m] [Jupyter Notebook] [camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers](https://github.com/camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers) An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)
- [**19944**Star][10d] [Haskell] [koalaman/shellcheck](https://github.com/koalaman/shellcheck) ShellCheck, a static analysis tool for shell scripts
- [**19824**Star][10d] [Py] [donnemartin/interactive-coding-challenges](https://github.com/donnemartin/interactive-coding-challenges) 120+ interactive Python coding interview challenges (algorithms and data structures). Includes Anki flashcards.
- [**19635**Star][10d] [TS] [railsware/upterm](https://github.com/railsware/upterm) A terminal emulator for the 21st century.
- [**19574**Star][4m] [Ruby] [rapid7/metasploit-framework](https://github.com/rapid7/metasploit-framework) Metasploit Framework
- [**19324**Star][10d] [Vue] [liyasthomas/postwoman](https://github.com/liyasthomas/postwoman) A free, fast, and beautiful alternative to Postman
- [**19002**Star][10d] [fallibleinc/security-guide-for-developers](https://github.com/fallibleinc/security-guide-for-developers) Security Guide for Developers (实用性开发人员安全须知)
- [**18747**Star][10d] [Py] [mitmproxy/mitmproxy](https://github.com/mitmproxy/mitmproxy) An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- [**18582**Star][10d] [Go] [inconshreveable/ngrok](https://github.com/inconshreveable/ngrok) Introspected tunnels to localhost
- [**18223**Star][10d] [Py] [trailofbits/algo](https://github.com/trailofbits/algo) Set up a personal VPN in the cloud
- [**17366**Star][7d] [Py] [corentinj/real-time-voice-cloning](https://github.com/corentinj/real-time-voice-cloning) Clone a voice in 5 seconds to generate arbitrary speech in real-time
- [**17309**Star][10d] [Py] [keon/algorithms](https://github.com/keon/algorithms) Minimal examples of data structures and algorithms in Python
- [**17131**Star][10d] [Py] [sqlmapproject/sqlmap](https://github.com/sqlmapproject/sqlmap) Automatic SQL injection and database takeover tool
- [**17119**Star][10d] [C] [curl/curl](https://github.com/curl/curl) A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, MQTT, FILE, IMAP, SMTP, POP3, RTSP and RTMP. libcurl offers a myriad of powerful features
- [**16898**Star][10d] [C] [bannedbook/fanqiang](https://github.com/bannedbook/fanqiang) 翻墙-科学上网
- [**16311**Star][10d] [gfwlist/gfwlist](https://github.com/gfwlist/gfwlist) gfwlist
- [**15960**Star][3m] [micropoor/micro8](https://github.com/micropoor/micro8) Gitbook
- [**15811**Star][10d] [Py] [drduh/macos-security-and-privacy-guide](https://github.com/drduh/macOS-Security-and-Privacy-Guide) Guide to securing and improving privacy on macOS
- [**15415**Star][7m] [Py] [eriklindernoren/ml-from-scratch](https://github.com/eriklindernoren/ml-from-scratch) Machine Learning From Scratch. Bare bones NumPy implementations of machine learning models and algorithms with a focus on accessibility. Aims to cover everything from linear regression to deep learning.
- [**15003**Star][10d] [Java] [tencent/tinker](https://github.com/tencent/tinker) Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
- [**14431**Star][10d] [C#] [0xd4d/dnspy](https://github.com/0xd4d/dnspy) .NET debugger and assembly editor
- [**14062**Star][6m] [Py] [binux/pyspider](https://github.com/binux/pyspider) A Powerful Spider(Web Crawler) System in Python.
- [**13549**Star][10d] [Shell] [hwdsl2/setup-ipsec-vpn](https://github.com/hwdsl2/setup-ipsec-vpn) Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS
- [**13544**Star][10d] [getlantern/download](https://github.com/getlantern/download) Lantern官方版本下载 蓝灯 翻墙 代理 科学上网 外网 加速器 梯子 路由 proxy vpn circumvention gfw
- [**13193**Star][3m] [Py] [cool-rr/pysnooper](https://github.com/cool-rr/pysnooper) Never use print for debugging again
- [**13072**Star][7d] [Java] [signalapp/signal-android](https://github.com/signalapp/Signal-Android) A private messenger for Android.
- [**13063**Star][10d] [Java] [signalapp/signal-android](https://github.com/signalapp/Signal-Android) A private messenger for Android.
- [**13030**Star][4m] [C] [shadowsocks/shadowsocks-libev](https://github.com/shadowsocks/shadowsocks-libev) libev port of shadowsocks
- [**12973**Star][10d] [facert/awesome-spider](https://github.com/facert/awesome-spider) 爬虫集合
- [**12948**Star][10d] [C] [openssl/openssl](https://github.com/openssl/openssl) TLS/SSL and crypto library
- [**12802**Star][10d] [JS] [gitsquared/edex-ui](https://github.com/gitsquared/edex-ui) A cross-platform, customizable science fiction terminal emulator with advanced monitoring & touchscreen support.
- [**12754**Star][10d] [Go] [buger/goreplay](https://github.com/buger/goreplay) capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with real data. It can be used to increase confidence in code deployments, configuration changes and infrastructure changes.
- [**12689**Star][7d] [ruanyf/weekly](https://github.com/ruanyf/weekly) 科技爱好者周刊，每周五发布
- [**12561**Star][10d] [QML] [swordfish90/cool-retro-term](https://github.com/swordfish90/cool-retro-term) A good looking terminal emulator which mimics the old cathode display...
- [**12481**Star][10d] [C] [radareorg/radare2](https://github.com/radareorg/radare2) UNIX-like reverse engineering framework and command-line toolset
- [**12456**Star][10d] [Java] [oracle/graal](https://github.com/oracle/graal) Run Programs Faster Anywhere
- [**12414**Star][11d] [Ruby] [diaspora/diaspora](https://github.com/diaspora/diaspora) A privacy-aware, distributed, open source social network.
- [**12244**Star][4m] [Py] [swisskyrepo/payloadsallthethings](https://github.com/swisskyrepo/payloadsallthethings) A list of useful payloads and bypass for Web Application Security and Pentest/CTF
- [**12083**Star][10d] [Go] [ehang-io/nps](https://github.com/ehang-io/nps) 一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
- [**12036**Star][10d] [enaqx/awesome-pentest](https://github.com/enaqx/awesome-pentest) A collection of awesome penetration testing resources, tools and other shiny things
- [**12020**Star][10d] [C++] [opengenus/cosmos](https://github.com/opengenus/cosmos) Algorithms that run our universe | Your personal library of every algorithm and data structure code that you will ever encounter | Ask us anything at our forum |
- [**12002**Star][4m] [Py] [owasp/cheatsheetseries](https://github.com/owasp/cheatsheetseries) The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
- [**11999**Star][7d] [C] [facebook/zstd](https://github.com/facebook/zstd) Zstandard - Fast real-time compression algorithm
- [**11865**Star][8m] [C] [robertdavidgraham/masscan](https://github.com/robertdavidgraham/masscan) TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
- [**11814**Star][10d] [Go] [xtaci/kcptun](https://github.com/xtaci/kcptun) A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64
- [**11782**Star][7d] [Shell] [233boy/v2ray](https://github.com/233boy/v2ray) 最好用的 V2Ray 一键安装脚本 & 管理脚本
- [**11728**Star][10d] [Go] [goharbor/harbor](https://github.com/goharbor/harbor) An open source trusted cloud native registry project that stores, signs, and scans content.
- [**11516**Star][10d] [Shell] [nyr/openvpn-install](https://github.com/nyr/openvpn-install) OpenVPN road warrior installer for Ubuntu, Debian, CentOS and Fedora
- [**11427**Star][10d] [Go] [txthinking/brook](https://github.com/txthinking/brook) Brook is a cross-platform strong encryption and not detectable proxy. Zero-Configuration.
- [**11265**Star][10d] [CSS] [hacker0x01/hacker101](https://github.com/hacker0x01/hacker101) Source code for Hacker101.com - a free online web and mobile security class.
- [**11183**Star][10d] [Java] [konloch/bytecode-viewer](https://github.com/konloch/bytecode-viewer) A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
- [**11135**Star][10d] [JS] [http-party/node-http-proxy](https://github.com/http-party/node-http-proxy) A full-featured http proxy for node.js
- [**11094**Star][10d] [C++] [trojan-gfw/trojan](https://github.com/trojan-gfw/trojan) An unidentifiable mechanism that helps you bypass GFW.
- [**11075**Star][5m] [ObjC] [flipboard/flex](https://github.com/flipboard/flex) An in-app debugging and exploration tool for iOS
- [**11059**Star][2y] [ObjC] [bang590/jspatch](https://github.com/bang590/jspatch) JSPatch bridge Objective-C and Javascript using the Objective-C runtime. You can call any Objective-C class and method in JavaScript by just including a small engine. JSPatch is generally used to hotfix iOS App.
- [**10931**Star][3y] [CoffeeScript] [dropbox/zxcvbn](https://github.com/dropbox/zxcvbn) Low-Budget Password Strength Estimation
- [**10845**Star][10d] [Go] [gocolly/colly](https://github.com/gocolly/colly) Elegant Scraper and Crawler Framework for Golang
- [**10755**Star][10d] [Ruby] [rubocop-hq/rubocop](https://github.com/rubocop-hq/rubocop) A Ruby static code analyzer and formatter, based on the community Ruby style guide.
- [**10603**Star][7d] [JS] [matt-esch/virtual-dom](https://github.com/matt-esch/virtual-dom) A Virtual DOM and diffing algorithm
- [**10564**Star][3m] [Go] [ehang-io/nps](https://github.com/ehang-io/nps) 一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发，可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面，内网dns解析、内网socks5代理等等……，并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
- [**10532**Star][10d] [JS] [valve/fingerprintjs2](https://github.com/valve/fingerprintjs2) Modern & flexible browser fingerprinting library
- [**10448**Star][3m] [C++] [microsoft/lightgbm](https://github.com/microsoft/lightgbm) A fast, distributed, high performance gradient boosting (GBT, GBDT, GBRT, GBM or MART) framework based on decision tree algorithms, used for ranking, classification and many other machine learning tasks.
- [**10267**Star][4m] [Py] [sherlock-project/sherlock](https://github.com/sherlock-project/sherlock) Find Usernames Across Social Networks
- [**10266**Star][3m] [C++] [valvesoftware/proton](https://github.com/valvesoftware/proton) Compatibility tool for Steam Play based on Wine and additional components
- [**10156**Star][11d] [Py] [apachecn/awesome-algorithm](https://github.com/apachecn/awesome-algorithm) 项目永久冻结，迁移至新地址：
- [**10040**Star][10d] [Shell] [alex000kim/nsfw_data_scraper](https://github.com/alex000kim/nsfw_data_scraper) Collection of scripts to aggregate image data for the purposes of training an NSFW Image Classifier
- [**10034**Star][10d] [Shell] [xdissent/ievms](https://github.com/xdissent/ievms) Automated installation of the Microsoft IE App Compat virtual machines
- [**10030**Star][3m] [imthenachoman/how-to-secure-a-linux-server](https://github.com/imthenachoman/how-to-secure-a-linux-server) An evolving how-to guide for securing a Linux server.
- [**9894**Star][10d] [JS] [localtunnel/localtunnel](https://github.com/localtunnel/localtunnel) expose yourself
- [**9795**Star][10d] [C] [gentilkiwi/mimikatz](https://github.com/gentilkiwi/mimikatz) A little tool to play with Windows security
- [**9781**Star][10d] [Py] [openai/baselines](https://github.com/openai/baselines) OpenAI Baselines: high-quality implementations of reinforcement learning algorithms
- [**9716**Star][10d] [Py] [jhao104/proxy_pool](https://github.com/jhao104/proxy_pool) proxy pool
- [**9682**Star][10d] [Py] [sovereign/sovereign](https://github.com/sovereign/sovereign) A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
- [**9657**Star][4m] [ObjC] [gnachman/iterm2](https://github.com/gnachman/iterm2) iTerm2 is a terminal emulator for Mac OS X that does amazing things.
- [**9649**Star][3m] [C++] [arendst/tasmota](https://github.com/arendst/Tasmota) Alternative firmware for ESP8266 with easy configuration using webUI, OTA updates, automation using timers or rules, expandability and entirely local control over MQTT, HTTP, Serial or KNX. Full documentation at
- [**9553**Star][3m] [PS] [lukesampson/scoop](https://github.com/lukesampson/scoop) A command-line installer for Windows.
- [**9536**Star][4m] [Java] [ibotpeaches/apktool](https://github.com/ibotpeaches/apktool) A tool for reverse engineering Android apk files
- [**9536**Star][10d] [C++] [google/tink](https://github.com/google/tink) tink：轻量级加密库，能够安全、简单、简洁、快速的完成一些普通加密任务
- [**9528**Star][4m] [C#] [icsharpcode/ilspy](https://github.com/icsharpcode/ilspy) .NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
- [**9434**Star][4m] [C++] [yuzu-emu/yuzu](https://github.com/yuzu-emu/yuzu) Nintendo Switch Emulator
- [**9397**Star][10d] [C++] [shiqiyu/libfacedetection](https://github.com/shiqiyu/libfacedetection) An open source library for face detection in images. The face detection speed can reach 1000FPS.
- [**9355**Star][10d] [JS] [qrohlf/trianglify](https://github.com/qrohlf/trianglify) Algorithmically generated triangle art
- [**9323**Star][10d] [Py] [waditu/tushare](https://github.com/waditu/tushare) TuShare is a utility for crawling historical data of China stocks
- [**9293**Star][7d] [microsoft/wsl](https://github.com/microsoft/WSL) Issues found on WSL
- [**9168**Star][8m] [vitalysim/awesome-hacking-resources](https://github.com/vitalysim/awesome-hacking-resources) A collection of hacking / penetration testing resources to make you better!
- [**9071**Star][4m] [Java] [android-hacker/virtualxposed](https://github.com/android-hacker/virtualxposed) A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
- [**8948**Star][7d] [Java] [code4craft/webmagic](https://github.com/code4craft/webmagic) A scalable web crawler framework for Java.
- [**8885**Star][8d] [Py] [wifiphisher/wifiphisher](https://github.com/wifiphisher/wifiphisher) 流氓AP框架, 用于RedTeam和Wi-Fi安全测试
- [**8884**Star][10d] [Go] [rkt/rkt](https://github.com/rkt/rkt) [Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.
- [**8763**Star][10d] [Go] [snail007/goproxy](https://github.com/snail007/goproxy) Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.
- [**8739**Star][2m] [Jupyter Notebook] [google/dopamine](https://github.com/google/dopamine) Dopamine is a research framework for fast prototyping of reinforcement learning algorithms.
- [**8725**Star][7d] [brannondorsey/wifi-cracking](https://github.com/brannondorsey/wifi-cracking) Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat
- [**8634**Star][7d] [Swift] [yanue/v2rayu](https://github.com/yanue/v2rayu) V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等
- [**8606**Star][10d] [C] [irungentoo/toxcore](https://github.com/irungentoo/toxcore) The future of online communications.
- [**8500**Star][10d] [Java] [java-decompiler/jd-gui](https://github.com/java-decompiler/jd-gui) A standalone Java Decompiler GUI
- [**8454**Star][10d] [JS] [netflix/pollyjs](https://github.com/netflix/pollyjs) Record, Replay, and Stub HTTP Interactions.
- [**8394**Star][10d] [Py] [shengqiangzhang/examples-of-web-crawlers](https://github.com/shengqiangzhang/examples-of-web-crawlers) Some interesting examples of python crawlers that are friendly to beginners
- [**8265**Star][3m] [Shell] [retropie/retropie-setup](https://github.com/retropie/retropie-setup) Shell script to set up a Raspberry Pi/Odroid/PC with RetroArch emulator and various cores
- [**8203**Star][10d] [Py] [facebook/chisel](https://github.com/facebook/chisel) Chisel is a collection of LLDB commands to assist debugging iOS apps.
- [**8159**Star][3m] [Jupyter Notebook] [atsushisakai/pythonrobotics](https://github.com/atsushisakai/pythonrobotics) Python sample codes for robotics algorithms.
- [**8143**Star][5m] [JS] [gchq/cyberchef](https://github.com/gchq/cyberchef) The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
- [**8123**Star][3m] [trimstray/the-practical-linux-hardening-guide](https://github.com/trimstray/the-practical-linux-hardening-guide) This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
- [**8097**Star][5m] [JS] [microsoft/chakracore](https://github.com/microsoft/chakracore) ChakraCore is the core part of the Chakra JavaScript engine that powers Microsoft Edge
- [**8074**Star][10d] [ObjC] [shadowsocks/shadowsocks-ios](https://github.com/shadowsocks/shadowsocks-ios) Removed according to regulations.
- [**8064**Star][10d] [Go] [cyfdecyf/cow](https://github.com/cyfdecyf/cow) HTTP proxy written in Go. COW can automatically identify blocked sites and use parent proxies to access.
- [**8053**Star][5m] [Py] [mailpile/mailpile](https://github.com/mailpile/mailpile) A free & open modern, fast email client with user-friendly encryption and privacy features
- [**7973**Star][10d] [Go] [sqshq/sampler](https://github.com/sqshq/sampler) Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.
- [**7967**Star][10d] [Py] [threat9/routersploit](https://github.com/threat9/routersploit) Exploitation Framework for Embedded Devices
- [**7900**Star][11d] [PHP] [friendsofphp/goutte](https://github.com/friendsofphp/goutte) Goutte, a simple PHP Web Scraper
- [**7899**Star][10d] [acdlite/react-fiber-architecture](https://github.com/acdlite/react-fiber-architecture) A description of React's new core algorithm, React Fiber
- [**7886**Star][4m] [Go] [git-lfs/git-lfs](https://github.com/git-lfs/git-lfs) Git extension for versioning large files
- [**7760**Star][1y] [Java] [didi/virtualapk](https://github.com/didi/virtualapk) A powerful and lightweight plugin framework for Android
- [**7718**Star][11d] [Py] [scrapinghub/portia](https://github.com/scrapinghub/portia) Visual scraping for Scrapy
- [**7714**Star][10d] [C] [hashcat/hashcat](https://github.com/hashcat/hashcat) World's fastest and most advanced password recovery utility
- [**7673**Star][10d] [C++] [keepassxreboot/keepassxc](https://github.com/keepassxreboot/keepassxc) KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
- [**7667**Star][10d] [Go] [nats-io/nats-server](https://github.com/nats-io/nats-server) High-Performance server for NATS, the cloud native messaging system.
- [**7608**Star][5m] [Py] [s0md3v/xsstrike](https://github.com/s0md3v/XSStrike) Most advanced XSS scanner.
- [**7601**Star][10d] [Shell] [etherdream/jsproxy](https://github.com/etherdream/jsproxy) 一个基于浏览器端 JS 实现的在线代理
- [**7577**Star][4m] [Swift] [krzyzanowskim/cryptoswift](https://github.com/krzyzanowskim/cryptoswift) CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
- [**7573**Star][10d] [Shell] [awslabs/git-secrets](https://github.com/awslabs/git-secrets) Prevents you from committing secrets and credentials into git repositories
- [**7546**Star][7m] [C++] [shadowsocks/shadowsocks-qt5](https://github.com/shadowsocks/shadowsocks-qt5) A cross-platform shadowsocks GUI client
- [**7484**Star][11d] [Java] [pxb1988/dex2jar](https://github.com/pxb1988/dex2jar) Tools to work with android .dex and java .class files
- [**7461**Star][7d] [Go] [future-architect/vuls](https://github.com/future-architect/vuls) Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
- [**7434**Star][5m] [Java] [lionsoul2014/ip2region](https://github.com/lionsoul2014/ip2region) a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is less then 5Mb with all ip address stored
- [**7419**Star][3m] [C++] [coatisoftware/sourcetrail](https://github.com/coatisoftware/sourcetrail) Sourcetrail - free and open-source interactive source explorer
- [**7408**Star][10d] [Py] [clips/pattern](https://github.com/clips/pattern) Web mining module for Python, with tools for scraping, natural language processing, machine learning, network analysis and visualization.
- [**7401**Star][10d] [Shell] [teddysun/shadowsocks_install](https://github.com/teddysun/shadowsocks_install) Auto Install Shadowsocks Server for CentOS/Debian/Ubuntu
- [**7368**Star][7m] [Shell] [kholia/osx-kvm](https://github.com/kholia/osx-kvm) Run macOS on QEMU/KVM. No support is provided at the moment.
- [**7335**Star][8d] [Java] [zaproxy/zaproxy](https://github.com/zaproxy/zaproxy) The OWASP ZAP core project
- [**7319**Star][10d] [JS] [cs01/gdbgui](https://github.com/cs01/gdbgui) Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
- [**7305**Star][11d] [tayllan/awesome-algorithms](https://github.com/tayllan/awesome-algorithms) A curated list of awesome places to learn and/or practice algorithms.
- [**7294**Star][10d] [Py] [networkx/networkx](https://github.com/networkx/networkx) a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.
- [**7249**Star][10d] [TS] [peers/peerjs](https://github.com/peers/peerjs) Simple peer-to-peer with WebRTC
- [**7240**Star][10d] [Go] [bettercap/bettercap](https://github.com/bettercap/bettercap) The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
- [**7203**Star][10d] [Rust] [denisidoro/navi](https://github.com/denisidoro/navi) An interactive cheatsheet tool for the command-line and application launchers
- [**7095**Star][10d] [Shell] [cisofy/lynis](https://github.com/cisofy/lynis) Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
- [**7075**Star][8d] [greatfire/wiki](https://github.com/greatfire/wiki) 自由浏览
- [**7053**Star][4m] [Py] [h2y/shadowrocket-adblock-rules](https://github.com/h2y/shadowrocket-adblock-rules) 提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。
- [**7004**Star][10d] [C++] [radareorg/cutter](https://github.com/radareorg/cutter) Reverse Engineering Platform powered by radare2
- [**6973**Star][7d] [JS] [avwo/whistle](https://github.com/avwo/whistle) HTTP, HTTP2, HTTPS, Websocket debugging proxy
- [**6904**Star][1y] [Java] [amitshekhariitbhu/android-debug-database](https://github.com/amitshekhariitbhu/android-debug-database) A library for debugging android databases and shared preferences - Make Debugging Great Again
- [**6897**Star][7d] [PS] [powershellmafia/powersploit](https://github.com/PowerShellMafia/PowerSploit) PowerSploit - A PowerShell Post-Exploitation Framework
- [**6891**Star][10d] [Py] [seatgeek/fuzzywuzzy](https://github.com/seatgeek/fuzzywuzzy) Fuzzy String Matching in Python
- [**6868**Star][10d] [PHP] [guyueyingmu/avbook](https://github.com/guyueyingmu/avbook) Japanese Adult Video Library,Adult Video Magnet Links - Japanese Adult Video Database
- [**6733**Star][10d] [Go] [casbin/casbin](https://github.com/casbin/casbin) An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
- [**6730**Star][3m] [C++] [marlinfirmware/marlin](https://github.com/marlinfirmware/marlin) Optimized firmware for RepRap 3D printers based on the Arduino platform.
- [**6701**Star][3y] [C++] [alibaba/andfix](https://github.com/alibaba/andfix) AndFix is a library that offer hot-fix for Android App.
- [**6655**Star][10d] [Go] [shadowsocks/shadowsocks-go](https://github.com/shadowsocks/shadowsocks-go) go port of shadowsocks (Deprecated)
- [**6605**Star][2y] [Jupyter Notebook] [coells/100days](https://github.com/coells/100days) 100 days of algorithms
- [**6596**Star][10d] [Go] [quay/clair](https://github.com/quay/clair) Vulnerability Static Analysis for Containers
- [**6596**Star][10d] [Go] [quay/clair](https://github.com/quay/clair) Vulnerability Static Analysis for Containers
- [**6589**Star][10d] [C] [qmk/qmk_firmware](https://github.com/qmk/qmk_firmware) Open-source keyboard firmware for Atmel AVR and Arm USB families
- [**6581**Star][10d] [shadowsocksrr/shadowsocksr-android](https://github.com/shadowsocksrr/shadowsocksr-android) A ShadowsocksR client for Android
- [**6572**Star][10d] [C] [spacehuhntech/esp8266_deauther](https://github.com/SpacehuhnTech/esp8266_deauther) Cheap WiFi hacks
- [**6555**Star][10d] [jeffgerickson/algorithms](https://github.com/jeffgerickson/algorithms) Bug-tracking for Jeff's algorithms book, notes, etc.
- [**6533**Star][10d] [Py] [gallopsled/pwntools](https://github.com/gallopsled/pwntools) CTF framework and exploit development library
- [**6523**Star][10d] [Roff] [max2max/freess](https://github.com/max2max/freess) 免费ss账号 免费shadowsocks账号 免费v2ray账号 (长期更新)
- [**6507**Star][7d] [HTML] [open-power-workgroup/hospital](https://github.com/open-power-workgroup/hospital) OpenPower工作组收集汇总的医院开放数据
- [**6469**Star][10d] [Py] [mlflow/mlflow](https://github.com/mlflow/mlflow) Open source platform for the machine learning lifecycle
- [**6468**Star][3m] [C] [softethervpn/softethervpn](https://github.com/softethervpn/softethervpn) Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at
- [**6461**Star][10d] [Go] [usefathom/fathom](https://github.com/usefathom/fathom) Fathom Lite. Simple, privacy-focused website analytics. Built with Golang & Preact.
- [**6453**Star][10d] [ASP] [hq450/fancyss](https://github.com/hq450/fancyss) fancyss is a project providing tools to across the GFW on asuswrt/merlin based router.
- [**6451**Star][10d] [Py] [asciimoo/searx](https://github.com/asciimoo/searx) Privacy-respecting metasearch engine
- [**6433**Star][10d] [Py] [cyrus-and/gdb-dashboard](https://github.com/cyrus-and/gdb-dashboard) Modular visual interface for GDB in Python
- [**6407**Star][1y] [stascorp/rdpwrap](https://github.com/stascorp/rdpwrap) RDP Wrapper Library
- [**6398**Star][12d] [Go] [henrylee2cn/pholcus](https://github.com/henrylee2cn/pholcus) a distributed, high concurrency and powerful web crawler software.
- [**6397**Star][11d] [rmerl/asuswrt-merlin](https://github.com/rmerl/asuswrt-merlin) Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
- [**6393**Star][10d] [Py] [yandex/gixy](https://github.com/yandex/gixy) Nginx configuration static analyzer
- [**6365**Star][10d] [Py] [the-art-of-hacking/h4cker](https://github.com/The-Art-of-Hacking/h4cker) thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
- [**6364**Star][12m] [JS] [haotian-wang/google-access-helper](https://github.com/haotian-wang/google-access-helper) 谷歌访问助手破解版
- [**6357**Star][2m] [JS] [alibaba/anyproxy](https://github.com/alibaba/anyproxy) A fully configurable http/https proxy in NodeJS
- [**6352**Star][4m] [TS] [chimurai/http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) js代理变得很简单。轻松配置代理中间件，支持连接、表达、浏览器同步等功能
- [**6340**Star][11d] [Java] [google/android-classyshark](https://github.com/google/android-classyshark) Analyze any Android/Java based app or game
- [**6298**Star][10d] [Java] [qihoo360/replugin](https://github.com/qihoo360/replugin) RePlugin - A flexible, stable, easy-to-use Android Plug-in Framework
- [**6284**Star][4m] [C#] [unity-technologies/unitycsreference](https://github.com/unity-technologies/unitycsreference) Unity C# reference source code
- [**6265**Star][5m] [Java] [droidpluginteam/droidplugin](https://github.com/droidpluginteam/droidplugin) A plugin framework on android,Run any third-party apk without installation, modification or repackage
- [**6262**Star][10d] [C++] [dolphin-emu/dolphin](https://github.com/dolphin-emu/dolphin) Dolphin is a GameCube / Wii emulator, allowing you to play games for these two platforms on PC with improvements.
- [**6260**Star][10d] [ObjC] [johnno1962/injectionforxcode](https://github.com/johnno1962/injectionforxcode) Runtime Code Injection for Objective-C & Swift
- [**6252**Star][6m] [Py] [s0md3v/photon](https://github.com/s0md3v/Photon) Incredibly fast crawler designed for OSINT.
- [**6246**Star][10d] [Py] [schollz/howmanypeoplearearound](https://github.com/schollz/howmanypeoplearearound) Count the number of people around you
- [**6244**Star][10d] [JS] [mgechev/javascript-algorithms](https://github.com/mgechev/javascript-algorithms) 
- [**6239**Star][10d] [Go] [inlets/inlets](https://github.com/inlets/inlets) Cloud Native Tunnel for APIs
- [**6189**Star][2y] [Hack] [facebook/fbctf](https://github.com/facebook/fbctf) Platform to host Capture the Flag competitions
- [**6171**Star][6m] [berzerk0/probable-wordlists](https://github.com/berzerk0/probable-wordlists) Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
- [**6155**Star][10d] [C] [rofl0r/proxychains-ng](https://github.com/rofl0r/proxychains-ng) proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
- [**6146**Star][10d] [Go] [crawlab-team/crawlab](https://github.com/crawlab-team/crawlab) Distributed web crawler admin platform for spiders management regardless of languages and frameworks. 分布式爬虫管理平台，支持任何语言和框架
- [**6144**Star][10d] [JS] [swagger-api/swagger-editor](https://github.com/swagger-api/swagger-editor) Swagger Editor
- [**6142**Star][3y] [C] [jgamblin/mirai-source-code](https://github.com/jgamblin/mirai-source-code) Leaked Mirai Source Code for Research/IoC Development Purposes
- [**6103**Star][10d] [Py] [refirmlabs/binwalk](https://github.com/ReFirmLabs/binwalk) a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
    - [IDA插件](https://github.com/ReFirmLabs/binwalk/tree/master/src/scripts) 
    - [binwalk](https://github.com/ReFirmLabs/binwalk/tree/master/src/binwalk) 
- [**6100**Star][10d] [rshipp/awesome-malware-analysis](https://github.com/rshipp/awesome-malware-analysis) A curated list of awesome malware analysis tools and resources.
- [**6088**Star][10d] [JS] [sindresorhus/fkill-cli](https://github.com/sindresorhus/fkill-cli) Fabulously kill processes. Cross-platform.
- [**6083**Star][10d] [C] [xoreaxeaxeax/movfuscator](https://github.com/xoreaxeaxeax/movfuscator) The single instruction C compiler
- [**6034**Star][10d] [Gnuplot] [nasa-jpl/open-source-rover](https://github.com/nasa-jpl/open-source-rover) A build-it-yourself, 6-wheel rover based on the rovers on Mars!
- [**6027**Star][10d] [C] [nodemcu/nodemcu-firmware](https://github.com/nodemcu/nodemcu-firmware) Lua based interactive firmware for ESP8266, ESP8285 and ESP32
- [**6008**Star][7d] [Py] [mobsf/mobile-security-framework-mobsf](https://github.com/MobSF/Mobile-Security-Framework-MobSF) Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
- [**5998**Star][10d] [Py] [mobsf/mobile-security-framework-mobsf](https://github.com/MobSF/Mobile-Security-Framework-MobSF) Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
- [**5987**Star][2y] [qinyuhang/shadowsocksx-ng-r](https://github.com/qinyuhang/shadowsocksx-ng-r) Next Generation of ShadowsocksX
- [**5966**Star][8m] [Py] [luyishisi/anti-anti-spider](https://github.com/luyishisi/anti-anti-spider) 越来越多的网站具有反爬虫特性，有的用图片隐藏关键数据，有的使用反人类的验证码，建立反反爬虫的代码仓库，通过与不同特性的网站做斗争（无恶意）提高技术。
- [**5961**Star][7d] [Shell] [vulhub/vulhub](https://github.com/vulhub/vulhub) Pre-Built Vulnerable Environments Based on Docker-Compose
- [**5956**Star][10d] [Py] [kivy/python-for-android](https://github.com/kivy/python-for-android) Turn your Python application into an Android APK
- [**5950**Star][10d] [Go] [dnscrypt/dnscrypt-proxy](https://github.com/DNSCrypt/dnscrypt-proxy) dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
- [**5911**Star][4m] [JS] [wix/detox](https://github.com/wix/detox) Gray box end-to-end testing and automation framework for mobile apps
- [**5848**Star][11d] [Py] [newsapps/beeswithmachineguns](https://github.com/newsapps/beeswithmachineguns) A utility for arming (creating) many bees (micro EC2 instances) to attack (load test) targets (web applications).
- [**5825**Star][2m] [carpedm20/awesome-hacking](https://github.com/carpedm20/awesome-hacking) A curated list of awesome Hacking tutorials, tools and resources
- [**5814**Star][10d] [HTML] [owasp/owasp-mstg](https://github.com/owasp/owasp-mstg) The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
- [**5785**Star][8m] [ObjC] [square/ponydebugger](https://github.com/square/ponydebugger) Remote network and data debugging for your native iOS app using Chrome Developer Tools
- [**5784**Star][10d] [Java] [guardianproject/haven](https://github.com/guardianproject/haven) Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensors
- [**5758**Star][10d] [Py] [ytisf/thezoo](https://github.com/ytisf/thezoo) A repository of LIVE malwares for your own joy and pleasure.
- [**5742**Star][11d] [Ruby] [presidentbeef/brakeman](https://github.com/presidentbeef/brakeman) A static analysis security vulnerability scanner for Ruby on Rails applications
- [**5738**Star][10d] [Py] [axi0mx/ipwndfu](https://github.com/axi0mx/ipwndfu) open-source jailbreaking tool for many iOS devices
- [**5702**Star][2y] [JS] [liftoff/gateone](https://github.com/liftoff/gateone) Gate One is an HTML5-powered terminal emulator and SSH client
- [**5627**Star][10d] [Go] [ginuerzh/gost](https://github.com/ginuerzh/gost) GO Simple Tunnel - a simple tunnel written in golang
- [**5624**Star][10d] [Java] [thingsboard/thingsboard](https://github.com/thingsboard/thingsboard) Open-source IoT Platform - Device management, data collection, processing and visualization.
- [**5624**Star][10d] [hq450/fancyss_history_package](https://github.com/hq450/fancyss_history_package) 科学上网插件的离线安装包储存在这里
- [**5613**Star][10d] [sbilly/awesome-security](https://github.com/sbilly/awesome-security) A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
- [**5604**Star][10d] [Shell] [kylemanna/docker-openvpn](https://github.com/kylemanna/docker-openvpn) 一个带有EasyRSA PKI CA的Docker容器
- [**5582**Star][10d] [Go] [jetstack/cert-manager](https://github.com/jetstack/cert-manager) Automatically provision and manage TLS certificates in Kubernetes
- [**5545**Star][10d] [Py] [awslabs/aws-shell](https://github.com/awslabs/aws-shell) An integrated shell for working with the AWS CLI.
- [**5524**Star][10d] [Shell] [foxlet/macos-simple-kvm](https://github.com/foxlet/macos-simple-kvm) Tools to set up a quick macOS VM in QEMU, accelerated by KVM.
- [**5523**Star][4m] [Go] [zricethezav/gitleaks](https://github.com/zricethezav/gitleaks) Audit git repos for secrets
- [**5504**Star][11d] [TS] [jigsaw-code/outline-client](https://github.com/jigsaw-code/outline-client) Outline clients, developed by Jigsaw. The Outline clients use the popular Shadowsocks protocol, and lean on the Cordova and Electron frameworks to support Windows, Android / ChromeOS, Linux, iOS and macOS.
- [**5443**Star][10d] [Go] [slackhq/nebula](https://github.com/slackhq/nebula) A scalable overlay networking tool with a focus on performance, simplicity and security
- [**5439**Star][11m] [C] [pwn20wndstuff/undecimus](https://github.com/pwn20wndstuff/undecimus) unc0ver jailbreak for iOS 11.0 - 12.4
- [**5424**Star][10d] [Rust] [autumnai/leaf](https://github.com/autumnai/leaf) Open Machine Intelligence Framework for Hackers. (GPU/CPU)
- [**5415**Star][10d] [C] [upx/upx](https://github.com/upx/upx) UPX - the Ultimate Packer for eXecutables
- [**5405**Star][10d] [Py] [shadowsocksr-backup/shadowsocksr](https://github.com/shadowsocksr-backup/shadowsocksr) Python port of ShadowsocksR
- [**5380**Star][10d] [Py] [bregman-arie/devops-exercises](https://github.com/bregman-arie/devops-exercises) Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization
- [**5378**Star][7d] [Java] [meituan-dianping/walle](https://github.com/meituan-dianping/walle) Android Signature V2 Scheme签名下的新一代渠道包打包神器
- [**5377**Star][7d] [PS] [empireproject/empire](https://github.com/EmpireProject/Empire) a PowerShell and Python post-exploitation agent.
- [**5376**Star][10d] [JS] [bda-research/node-crawler](https://github.com/bda-research/node-crawler) Web Crawler/Spider for NodeJS + server-side jQuery ;-)
- [**5374**Star][10d] [Py] [manisso/fsociety](https://github.com/manisso/fsociety) fsociety Hacking Tools Pack – A Penetration Testing Framework
- [**5366**Star][10d] [Makefile] [frida/frida](https://github.com/frida/frida) Clone this repo to build Frida
- [**5346**Star][2y] [Py] [xiyoumc/webhubbot](https://github.com/xiyoumc/webhubbot) Python + Scrapy + MongoDB . 5 million data per day !!!
- [**5321**Star][10d] [Py] [sshuttle/sshuttle](https://github.com/sshuttle/sshuttle) Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
- [**5299**Star][4m] [PHP] [tennc/webshell](https://github.com/tennc/webshell) This is a webshell open source project
- [**5273**Star][10d] [Py] [evilsocket/opensnitch](https://github.com/evilsocket/opensnitch) a GNU/Linux port of the Little Snitch application firewall
- [**5266**Star][10d] [Shell] [stackexchange/blackbox](https://github.com/stackexchange/blackbox) Safely store secrets in Git/Mercurial/Subversion
- [**5265**Star][4m] [Py] [n1nj4sec/pupy](https://github.com/n1nj4sec/pupy) Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
- [**5263**Star][4m] [ObjC] [macpass/macpass](https://github.com/MacPass/MacPass) A native OS X KeePass client
- [**5249**Star][10d] [C] [offensive-security/exploitdb](https://github.com/offensive-security/exploitdb) The official Exploit Database repository
- [**5236**Star][7d] [Py] [injetlee/python](https://github.com/injetlee/python) Python脚本。模拟登录知乎， 爬虫，操作excel，微信公众号，远程开机
- [**5229**Star][10d] [Go] [cloudflare/cfssl](https://github.com/cloudflare/cfssl) CFSSL: Cloudflare's PKI and TLS toolkit
- [**5227**Star][4m] [Py] [usarmyresearchlab/dshell](https://github.com/usarmyresearchlab/dshell) Dshell is a network forensic analysis framework.
- [**5224**Star][11d] [Rust] [sharkdp/hexyl](https://github.com/sharkdp/hexyl) A command-line hex viewer
- [**5224**Star][1y] [JS] [samyk/poisontap](https://github.com/samyk/poisontap) Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
- [**5209**Star][3m] [C++] [avast/retdec](https://github.com/avast/retdec) RetDec is a retargetable machine-code decompiler based on LLVM.
- [**5209**Star][10d] [Go] [gcla/termshark](https://github.com/gcla/termshark) A terminal UI for tshark, inspired by Wireshark
- [**5201**Star][10d] [Py] [secdev/scapy](https://github.com/secdev/scapy) Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
- [**5142**Star][7m] [Lua] [alexazhou/verynginx](https://github.com/alexazhou/verynginx) A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
- [**5140**Star][8d] [Py] [snare/voltron](https://github.com/snare/voltron) A hacky debugger UI for hackers
- [**5136**Star][10d] [Shell] [nginx-proxy/docker-letsencrypt-nginx-proxy-companion](https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion) LetsEncrypt companion container for nginx-proxy
- [**5094**Star][4m] [Py] [trustedsec/social-engineer-toolkit](https://github.com/trustedsec/social-engineer-toolkit) The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
- [**4999**Star][10d] [Py] [twintproject/twint](https://github.com/twintproject/twint) An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
- [**4998**Star][10d] [TS] [apis-guru/graphql-voyager](https://github.com/apis-guru/graphql-voyager) 将任何GraphQL API表示为交互式图形。
- [**4992**Star][11d] [Go] [yinghuocho/firefly-proxy](https://github.com/yinghuocho/firefly-proxy) A proxy software to help circumventing the Great Firewall.
- [**4987**Star][10d] [JS] [beefproject/beef](https://github.com/beefproject/beef) The Browser Exploitation Framework Project
- [**4982**Star][7d] [C++] [thealgorithms/c-plus-plus](https://github.com/thealgorithms/c-plus-plus) All Algorithms implemented in C++
- [**4979**Star][5m] [Py] [alessandroz/lazagne](https://github.com/alessandroz/lazagne) Credentials recovery project
- [**4967**Star][3m] [C] [google/oss-fuzz](https://github.com/google/oss-fuzz) OSS-Fuzz - continuous fuzzing of open source software.
- [**4957**Star][10d] [C] [lz4/lz4](https://github.com/lz4/lz4) Extremely Fast Compression algorithm
- [**4952**Star][10d] [C++] [facebook/redex](https://github.com/facebook/redex) A bytecode optimizer for Android apps
- [**4949**Star][11d] [Go] [bitly/oauth2_proxy](https://github.com/bitly/oauth2_proxy) A reverse proxy that provides authentication with Google, Github or other provider
- [**4948**Star][7d] [C++] [paddlepaddle/paddle-lite](https://github.com/PaddlePaddle/Paddle-Lite) Multi-platform high performance deep learning inference engine (『飞桨』多平台高性能深度学习预测引擎）
- [**4945**Star][11d] [Py] [worldveil/dejavu](https://github.com/worldveil/dejavu) Audio fingerprinting and recognition in Python
- [**4940**Star][10d] [JS] [wuchangming/spy-debugger](https://github.com/wuchangming/spy-debugger) 微信调试，各种WebView样式调试、手机浏览器的页面真机调试。便捷的远程调试手机页面、抓包工具，支持：HTTP/HTTPS，无需USB连接设备。
- [**4931**Star][4m] [C++] [hrydgard/ppsspp](https://github.com/hrydgard/ppsspp) A PSP emulator for Android, Windows, Mac and Linux, written in C++. Want to contribute? Join us on Discord at
- [**4928**Star][10d] [Py] [jopohl/urh](https://github.com/jopohl/urh) Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
- [**4906**Star][8d] [Ruby] [wpscanteam/wpscan](https://github.com/wpscanteam/wpscan) WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
- [**4906**Star][10d] [C++] [mozilla/rr](https://github.com/mozilla/rr) Record and Replay Framework
- [**4893**Star][10d] [C] [openvpn/openvpn](https://github.com/openvpn/openvpn) OpenVPN is an open source VPN daemon
- [**4891**Star][3m] [Py] [openmined/pysyft](https://github.com/openmined/pysyft) A library for encrypted, privacy preserving machine learning
- [**4890**Star][11d] [Go] [ponzu-cms/ponzu](https://github.com/ponzu-cms/ponzu) Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go.
- [**4868**Star][1y] [Py] [10se1ucgo/disablewintracking](https://github.com/10se1ucgo/disablewintracking) Uses some known methods that attempt to minimize tracking in Windows 10
- [**4850**Star][10d] [qazbnm456/awesome-web-security](https://github.com/qazbnm456/awesome-web-security) Curated list of Web Security materials and resources
- [**4817**Star][10d] [Py] [jofpin/trape](https://github.com/jofpin/trape) People tracker on the Internet: OSINT analysis and research tool by Jose Pino
- [**4806**Star][10d] [Shell] [zardus/ctf-tools](https://github.com/zardus/ctf-tools) Some setup scripts for security research tools.
- [**4793**Star][7d] [Swift] [signalapp/signal-ios](https://github.com/signalapp/Signal-iOS) A private messenger for iOS.
- [**4781**Star][7d] [Ruby] [vcr/vcr](https://github.com/vcr/vcr) Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.
- [**4760**Star][10d] [Java] [spring-projects/spring-security](https://github.com/spring-projects/spring-security) Spring Security
- [**4753**Star][10d] [Shell] [dehydrated-io/dehydrated](https://github.com/dehydrated-io/dehydrated) letsencrypt/acme client implemented as a shell-script – just add water
- [**4748**Star][4m] [PHP] [phan/phan](https://github.com/phan/phan) Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
- [**4730**Star][5m] [powershell/win32-openssh](https://github.com/powershell/win32-openssh) Win32 port of OpenSSH
- [**4722**Star][6m] [C] [google/ios-webkit-debug-proxy](https://github.com/google/ios-webkit-debug-proxy) A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
- [**4716**Star][10d] [Py] [dxa4481/trufflehog](https://github.com/dxa4481/trufflehog) Searches through git repositories for high entropy strings and secrets, digging deep into commit history
- [**4711**Star][10d] [Py] [secureauthcorp/impacket](https://github.com/SecureAuthCorp/impacket) Impacket is a collection of Python classes for working with network protocols.
- [**4701**Star][10d] [Rust] [timvisee/ffsend](https://github.com/timvisee/ffsend) Easily and securely share files from the command line
- [**4687**Star][11d] [Go] [davecheney/httpstat](https://github.com/davecheney/httpstat) It's like curl -v, with colours.
- [**4669**Star][4m] [Shell] [dehydrated-io/dehydrated](https://github.com/dehydrated-io/dehydrated) letsencrypt/acme client implemented as a shell-script – just add water
- [**4660**Star][11d] [JS] [bfirsh/jsnes](https://github.com/bfirsh/jsnes) A JavaScript NES emulator.
- [**4659**Star][10d] [Jupyter Notebook] [aimacode/aima-python](https://github.com/aimacode/aima-python) Python implementation of algorithms from Russell And Norvig's "Artificial Intelligence - A Modern Approach"
- [**4655**Star][11d] [C] [jedisct1/dsvpn](https://github.com/jedisct1/dsvpn) A Dead Simple VPN.
- [**4653**Star][1y] [Py] [ecthros/uncaptcha2](https://github.com/ecthros/uncaptcha2) defeating the latest version of ReCaptcha with 91% accuracy
- [**4607**Star][4m] [JS] [cure53/dompurify](https://github.com/cure53/dompurify) a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
- [**4598**Star][10d] [Shell] [ashishb/android-security-awesome](https://github.com/ashishb/android-security-awesome) A collection of android security related resources
- [**4590**Star][10d] [Go] [gophish/gophish](https://github.com/gophish/gophish) Open-Source Phishing Toolkit
- [**4588**Star][11d] [Go] [wallix/awless](https://github.com/wallix/awless) A Mighty CLI for AWS
- [**4544**Star][11d] [jivoi/awesome-osint](https://github.com/jivoi/awesome-osint) A curated list of amazingly awesome open source intelligence tools and resources
- [**4535**Star][2y] [Py] [lining0806/pythonspidernotes](https://github.com/lining0806/pythonspidernotes) Python入门网络爬虫之精华版
- [**4534**Star][11d] [Py] [tensorflow/cleverhans](https://github.com/tensorflow/cleverhans) An adversarial example library for constructing attacks, building defenses, and benchmarking both
- [**4527**Star][7d] [Py] [chyroc/wechatsogou](https://github.com/chyroc/wechatsogou) 基于搜狗微信搜索的微信公众号爬虫接口
- [**4524**Star][10d] [Go] [shopify/toxiproxy](https://github.com/shopify/toxiproxy) 用于模拟网络条件的框架，用测试来证明您的应用程序没有单点故障吗
- [**4519**Star][10d] [JS] [apsdehal/awesome-ctf](https://github.com/apsdehal/awesome-ctf) A curated list of CTF frameworks, libraries, resources and softwares
- [**4519**Star][10d] [JS] [apsdehal/awesome-ctf](https://github.com/apsdehal/awesome-ctf) A curated list of CTF frameworks, libraries, resources and softwares
- [**4517**Star][11d] [Go] [michenriksen/gitrob](https://github.com/michenriksen/gitrob) Reconnaissance tool for GitHub organizations
- [**4489**Star][10d] [Go] [dexidp/dex](https://github.com/dexidp/dex) OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors
- [**4454**Star][11d] [Java] [mcxiaoke/packer-ng-plugin](https://github.com/mcxiaoke/packer-ng-plugin) 下一代Android打包工具，100个渠道包只需要10秒钟
- [**4444**Star][10d] [Py] [smicallef/spiderfoot](https://github.com/smicallef/spiderfoot) SpiderFoot automates OSINT collection so that you can focus on analysis.
- [**4442**Star][10d] [PHP] [fuzzdb-project/fuzzdb](https://github.com/fuzzdb-project/fuzzdb) Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
- [**4436**Star][2y] [JS] [yujiosaka/headless-chrome-crawler](https://github.com/yujiosaka/headless-chrome-crawler) Distributed crawler powered by Headless Chrome
- [**4398**Star][3m] [C#] [xupefei/locale-emulator](https://github.com/xupefei/locale-emulator) Yet Another System Region and Language Simulator
- [**4395**Star][10d] [Py] [spiderclub/haipproxy](https://github.com/spiderclub/haipproxy) 
- [**4393**Star][11d] [TS] [javascript-obfuscator/javascript-obfuscator](https://github.com/javascript-obfuscator/javascript-obfuscator) A powerful obfuscator for JavaScript and Node.js
- [**4377**Star][10d] [JS] [travist/jsencrypt](https://github.com/travist/jsencrypt) A Javascript library to perform OpenSSL RSA Encryption, Decryption, and Key Generation.
- [**4376**Star][10d] [C++] [anbox/anbox](https://github.com/anbox/anbox)  a container-based approach to boot a full Android system on a regular GNU/Linux system
- [**4372**Star][10d] [LLVM] [llvm-mirror/llvm](https://github.com/llvm-mirror/llvm) Project moved to:
- [**4370**Star][1y] [Py] [lennylxx/ipv6-hosts](https://github.com/lennylxx/ipv6-hosts) Fork of
- [**4361**Star][5m] [Py] [aboul3la/sublist3r](https://github.com/aboul3la/sublist3r) Fast subdomains enumeration tool for penetration testers
        <details>
        <summary>View Details</summary>


        ## 存在问题
        - 代理集成
        - 翻墙
        - 结果的保存与查看, 是不是该有啥可视化工具???
        
        ## 使用OSINT的方式搜索子域名
        - 使用多个搜索引擎: Google, Yahoo, Bing, Baidu, Ask
        - 使用: Netcraft, Virustotal, ThreatCrowd, DNSdumpster, ReverseDNS.
        - 集成: subbrute(爆破)
        
        ## 安装
        - `git clone https://github.com/aboul3la/Sublist3r.git`
        - `sudo pip install -r requirements.txt`
        
        ## 使用
        Short Form    | Long Form     | Description
        ------------- | ------------- |-------------
        -d            | --domain      | Domain name to enumerate subdomains of
        -b            | --bruteforce  | Enable the subbrute bruteforce module
        -p            | --ports       | Scan the found subdomains against specific tcp ports
        -v            | --verbose     | Enable the verbose mode and display results in realtime
        -t            | --threads     | Number of threads to use for subbrute bruteforce
        -e            | --engines     | Specify a comma-separated list of search engines
        -o            | --output      | Save the results to text file
        -h            | --help        | show the help message and exit
        
        ## 作为模块使用
        ```python
        import sublist3r 
        subdomains = sublist3r.main(domain, no_threads, savefile, ports, silent, verbose, enable_bruteforce, engines)
        ```
        </details>


- [**4358**Star][10d] [Java] [jesusfreke/smali](https://github.com/jesusfreke/smali) smali/baksmali
- [**4355**Star][2m] [Py] [diafygi/acme-tiny](https://github.com/diafygi/acme-tiny) A tiny script to issue and renew TLS certs from Let's Encrypt
- [**4355**Star][10d] [Assembly] [cjdelisle/cjdns](https://github.com/cjdelisle/cjdns) An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
- [**4353**Star][10d] [wtsxdev/reverse-engineering](https://github.com/wtsxdev/reverse-engineering) List of awesome reverse engineering resources
- [**4350**Star][3m] [C] [nonstriater/learn-algorithms](https://github.com/nonstriater/learn-algorithms) 算法学习笔记
- [**4349**Star][2y] [Py] [rmax/scrapy-redis](https://github.com/rmax/scrapy-redis) Redis-based components for Scrapy.
- [**4340**Star][1y] [ObjC] [alonemonkey/monkeydev](https://github.com/alonemonkey/monkeydev) CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
- [**4339**Star][11d] [imeiji/shadowsocks_install](https://github.com/imeiji/shadowsocks_install) Auto install shadowsocks server，thanks 秋水逸冰
- [**4330**Star][10d] [Pascal] [cheat-engine/cheat-engine](https://github.com/cheat-engine/cheat-engine) Cheat Engine. A development environment focused on modding
- [**4327**Star][10d] [JS] [butterproject/butter-desktop](https://github.com/butterproject/butter-desktop) All the free parts of Popcorn Time
- [**4326**Star][7d] [Py] [spiderclub/weibospider](https://github.com/spiderclub/weibospider) 
- [**4326**Star][7d] [Py] [spiderclub/weibospider](https://github.com/SpiderClub/weibospider) 微博爬虫
- [**4309**Star][4m] [we5ter/scanners-box](https://github.com/we5ter/scanners-box) A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
- [**4297**Star][10d] [Py] [hypothesisworks/hypothesis](https://github.com/HypothesisWorks/hypothesis) Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
- [**4297**Star][10d] [Py] [hypothesisworks/hypothesis](https://github.com/HypothesisWorks/hypothesis) Hypothesis is a powerful, flexible, and easy to use library for property-based testing.
- [**4261**Star][10d] [Go] [mozilla/sops](https://github.com/mozilla/sops) Simple and flexible tool for managing secrets
- [**4257**Star][11d] [JS] [cuckoosandbox/cuckoo](https://github.com/cuckoosandbox/cuckoo) Cuckoo Sandbox is an automated dynamic malware analysis system
- [**4257**Star][11d] [JS] [cuckoosandbox/cuckoo](https://github.com/cuckoosandbox/cuckoo) Cuckoo Sandbox is an automated dynamic malware analysis system
- [**4255**Star][10d] [C] [tencent/tencentos-tiny](https://github.com/tencent/tencentos-tiny) 腾讯物联网终端操作系统
- [**4252**Star][4m] [Shell] [angristan/openvpn-install](https://github.com/angristan/openvpn-install) Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
- [**4243**Star][7d] [PS] [bloodhoundad/bloodhound](https://github.com/BloodHoundAD/BloodHound) a single page Javascript web application, uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.
- [**4235**Star][10d] [JS] [lesspass/lesspass](https://github.com/lesspass/lesspass) 无状态密码管理器。
- [**4234**Star][10d] [Py] [euske/pdfminer](https://github.com/euske/pdfminer) Python PDF Parser (Not actively maintained). Check out pdfminer.six.
- [**4232**Star][7m] [JS] [sigalor/whatsapp-web-reveng](https://github.com/sigalor/whatsapp-web-reveng) Reverse engineering WhatsApp Web.
- [**4226**Star][11d] [forter/security-101-for-saas-startups](https://github.com/forter/security-101-for-saas-startups) security tips for startups
- [**4214**Star][11d] [JS] [kdzwinel/betwixt](https://github.com/kdzwinel/betwixt) Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface.
- [**4211**Star][10d] [Py] [angr/angr](https://github.com/angr/angr) A powerful and user-friendly binary analysis platform!
- [**4208**Star][4m] [drduh/yubikey-guide](https://github.com/drduh/yubikey-guide) Guide to using YubiKey for GPG and SSH
- [**4207**Star][10d] [Py] [google/clusterfuzz](https://github.com/google/clusterfuzz) Scalable fuzzing infrastructure.
- [**4197**Star][10d] [C] [aol/moloch](https://github.com/aol/moloch)  large scale, full packet capturing, indexing, and database system.
- [**4194**Star][7d] [C] [secwiki/windows-kernel-exploits](https://github.com/secwiki/windows-kernel-exploits) windows-kernel-exploits Windows平台提权漏洞集合
- [**4186**Star][7d] [PHP] [ethicalhack3r/dvwa](https://github.com/ethicalhack3r/DVWA) Damn Vulnerable Web Application (DVWA)
- [**4166**Star][10d] [Py] [xoreaxeaxeax/sandsifter](https://github.com/xoreaxeaxeax/sandsifter) The x86 processor fuzzer
- [**4166**Star][10d] [Py] [paralax/awesome-honeypots](https://github.com/paralax/awesome-honeypots) an awesome list of honeypot resources
- [**4139**Star][10d] [hakluke/how-to-exit-vim](https://github.com/hakluke/how-to-exit-vim) Below are some simple methods for exiting vim.
- [**4136**Star][3m] [C#] [microsoft/msbuild](https://github.com/microsoft/msbuild) The Microsoft Build Engine (MSBuild) is the build platform for .NET and Visual Studio.
- [**4135**Star][2m] [C] [aquynh/capstone](https://github.com/aquynh/capstone) Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
- [**4127**Star][10d] [Go] [montferret/ferret](https://github.com/montferret/ferret) Declarative web scraping
- [**4119**Star][10d] [PHP] [paragonie/awesome-appsec](https://github.com/paragonie/awesome-appsec) A curated list of resources for learning about application security
- [**4114**Star][10d] [C#] [0xd4d/de4dot](https://github.com/0xd4d/de4dot) .NET deobfuscator and unpacker.
- [**4107**Star][10d] [Rust] [svenstaro/genact](https://github.com/svenstaro/genact) a nonsense activity generator
- [**4100**Star][10d] [Shell] [drwetter/testssl.sh](https://github.com/drwetter/testssl.sh) Testing TLS/SSL encryption anywhere on any port
- [**4100**Star][12d] [brucedone/awesome-crawler](https://github.com/brucedone/awesome-crawler) A collection of awesome web crawler,spider in different languages
- [**4087**Star][10d] [Py] [reorx/httpstat](https://github.com/reorx/httpstat) curl statistics made simple
- [**4071**Star][7m] [Swift] [lexrus/vpnon](https://github.com/lexrus/vpnon) Turn On your VPN like a hero.
- [**4054**Star][10d] [Py] [longld/peda](https://github.com/longld/peda) Python Exploit Development Assistance for GDB
- [**4046**Star][3y] [C#] [shadowsocksr-backup/shadowsocksr-csharp](https://github.com/shadowsocksr-backup/shadowsocksr-csharp) shadowsocksr C#
- [**4040**Star][7d] [C#] [winsw/winsw](https://github.com/winsw/winsw) A wrapper executable that can run any executable as an Windows service, in a liberal license
- [**4035**Star][4m] [C++] [baldurk/renderdoc](https://github.com/baldurk/renderdoc) a frame-capture based graphics debugger, currently available for Vulkan, D3D11, D3D12, OpenGL, and OpenGL ES development
- [**4025**Star][9m] [Py] [nullarray/autosploit](https://github.com/nullarray/autosploit) Automated Mass Exploiter
- [**4025**Star][3m] [Go] [eranyanay/1m-go-websockets](https://github.com/eranyanay/1m-go-websockets) handling 1M websockets connections in Go
- [**4019**Star][7d] [C] [wind4/vlmcsd](https://github.com/wind4/vlmcsd) KMS Emulator in C (currently runs on Linux including Android, FreeBSD, Solaris, Minix, Mac OS, iOS, Windows with or without Cygwin)
- [**4002**Star][10d] [C] [nmap/nmap](https://github.com/nmap/nmap) Nmap - the Network Mapper. Github mirror of official SVN repository.
- [**3994**Star][10d] [Py] [malwaredllc/byob](https://github.com/malwaredllc/byob) BYOB (Build Your Own Botnet)
- [**3977**Star][3m] [acl4ssr/acl4ssr](https://github.com/acl4ssr/acl4ssr) SSR 去广告ACL规则/SS完整GFWList规则/Clash规则碎片，Telegram频道订阅地址
- [**3974**Star][3m] [C++] [xenia-project/xenia](https://github.com/xenia-project/xenia) Xbox 360 Emulator Research Project
- [**3970**Star][5y] [shadowsocksr-backup/shadowsocks-rss](https://github.com/shadowsocksr-backup/shadowsocks-rss) ShadowsocksR update rss, SSR organization
- [**3954**Star][6m] [jjqqkk/chromium](https://github.com/jjqqkk/chromium) Chromium browser with SSL VPN. Use this browser to unblock websites.
- [**3953**Star][10d] [Java] [ffay/lanproxy](https://github.com/ffay/lanproxy) 将局域网个人电脑、服务器代理到公网的内网穿透工具，支持tcp流量转发，可支持任何tcp上层协议（访问内网网站、本地支付接口调试、ssh访问、远程桌面...）
- [**3953**Star][4m] [C] [atmosphere-nx/atmosphere](https://github.com/atmosphere-nx/atmosphere) Atmosphère is a work-in-progress customized firmware for the Nintendo Switch.
- [**3948**Star][10d] [JS] [shadowsocks/shadowsocks-manager](https://github.com/shadowsocks/shadowsocks-manager) A shadowsocks manager tool for multi user and traffic control.
- [**3938**Star][10d] [D] [gnunn1/tilix](https://github.com/gnunn1/tilix) A tiling terminal emulator for Linux using GTK+ 3
- [**3935**Star][10d] [Go] [jpillora/chisel](https://github.com/jpillora/chisel) A fast TCP tunnel over HTTP
- [**3931**Star][3m] [blacckhathaceekr/pentesting-bible](https://github.com/blacckhathaceekr/pentesting-bible) links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
- [**3927**Star][4m] [Shell] [toniblyx/my-arsenal-of-aws-security-tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools) List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
- [**3909**Star][10d] [Go] [adguardteam/adguardhome](https://github.com/adguardteam/adguardhome) Network-wide ads & trackers blocking DNS server
- [**3901**Star][10d] [PS] [samratashok/nishang](https://github.com/samratashok/nishang)  Offensive PowerShell for red team, penetration testing and offensive security.
- [**3893**Star][7d] [C] [cyan4973/xxhash](https://github.com/cyan4973/xxhash) Extremely fast non-cryptographic hash algorithm
- [**3884**Star][10d] [Py] [micahflee/onionshare](https://github.com/micahflee/onionshare) Securely and anonymously send and receive files, and publish onion sites
- [**3878**Star][10d] [C] [facebook/fishhook](https://github.com/facebook/fishhook) A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
- [**3871**Star][4m] [ObjC] [sveinbjornt/sloth](https://github.com/sveinbjornt/sloth) Mac app that shows all open files, directories and sockets in use by all running processes. Nice GUI for lsof.
- [**3860**Star][5y] [iosre/iosappreverseengineering](https://github.com/iosre/iosappreverseengineering) The world’s 1st book of very detailed iOS App reverse engineering skills :)
- [**3846**Star][2m] [Go] [hashicorp/consul-template](https://github.com/hashicorp/consul-template) Template rendering, notifier, and supervisor for
- [**3832**Star][3m] [Go] [go-acme/lego](https://github.com/go-acme/lego) Let's Encrypt client and ACME library written in Go
- [**3831**Star][3m] [C++] [pcsx2/pcsx2](https://github.com/pcsx2/pcsx2) PCSX2 - The Playstation 2 Emulator
- [**3820**Star][10d] [Py] [maurosoria/dirsearch](https://github.com/maurosoria/dirsearch) Web path scanner
- [**3816**Star][10d] [Perl] [sullo/nikto](https://github.com/sullo/nikto) Nikto web server scanner
- [**3816**Star][10d] [C] [meetecho/janus-gateway](https://github.com/meetecho/janus-gateway) Janus WebRTC Server
- [**3812**Star][10d] [C] [mikebrady/shairport-sync](https://github.com/mikebrady/shairport-sync) AirPlay audio player. Shairport Sync adds multi-room capability with Audio Synchronisation
- [**3807**Star][11d] [JS] [samyk/evercookie](https://github.com/samyk/evercookie) Produces persistent, respawning "super" cookies in a browser, abusing over a dozen techniques. Its goal is to identify users after they've removed standard cookies and other privacy data such as Flash cookies (LSOs), HTML5 storage, SilverLight storage, and others.
- [**3801**Star][7m] [Go] [microsoft/ethr](https://github.com/microsoft/ethr) Ethr is a Network Performance Measurement Tool for TCP, UDP & HTTP.
- [**3800**Star][3m] [C] [freerdp/freerdp](https://github.com/freerdp/freerdp) FreeRDP is a free remote desktop protocol library and clients
- [**3794**Star][10d] [C] [iaik/meltdown](https://github.com/iaik/meltdown) This repository contains several applications, demonstrating the Meltdown bug.
- [**3769**Star][10d] [Py] [misterch0c/shadowbroker](https://github.com/misterch0c/shadowbroker) The Shadow Brokers "Lost In Translation" leak
- [**3754**Star][10d] [shadowsocksrr/shadowsocks-rss](https://github.com/shadowsocksrr/shadowsocks-rss) ShadowsocksR update rss, SSR organization
- [**3742**Star][10d] [Py] [laramies/theharvester](https://github.com/laramies/theharvester) E-mails, subdomains and names Harvester - OSINT
        <details>
        <summary>View Details</summary>


        ## 被动源:
        - baidu: Baidu search engine - www.baidu.com
        - bing: Microsoft search engine - www.bing.com
        - bingapi: Microsoft search engine, through the API (Requires an API key, see below.)
        - CertSpotter: Cert Spotter monitors Certificate Transparency logs - https://sslmate.com/certspotter/
        - crtsh: Comodo Certificate search - www.crt.sh
        - dnsdumpster: DNSdumpster search engine - dnsdumpster.com
        - dogpile: Dogpile search engine - www.dogpile.com
        - duckduckgo: DuckDuckGo search engine - www.duckduckgo.com
        - Exalead: a Meta search engine - https://www.exalead.com/search
        - github-code: Github code search engine (Requires a Github Personal Access Token, see below.) - www.github.com
        - google: Google search engine (Optional Google dorking.) - www.google.com
        - hunter: Hunter search engine (Requires an API key, see below.) - www.hunter.io
        - intelx: Intelx search engine (Requires an API key, see below.) - www.intelx.io
        - linkedin: Google search engine, specific search for LinkedIn users - www.linkedin.com
        - netcraft: Internet Security and Data Mining - www.netcraft.com
        - otx: AlienVault Open Threat Exchange - https://otx.alienvault.com
        - securityTrails: Security Trails search engine, the world's largest repository of historical DNS data (Requires an API key, see below.) - www.securitytrails.com
        - shodan: Shodan search engine, will search for ports and banners from discovered hosts - www.shodanhq.com
        - Spyse: Web research tools for professionals (Requires an API key.) - https://spyse.com/
        - Suip: Web research tools that can take over 10 minutes to run, but worth the wait. - https://suip.biz/
        - threatcrowd: Open source threat intelligence - www.threatcrowd.org
        - trello: Search trello boards (Uses Google search.)
        - twitter: Twitter accounts related to a specific domain (Uses Google search.)
        - vhost: Bing virtual hosts search
        - virustotal: virustotal.com domain search
        - yahoo: Yahoo search engine
        
        ## 主动源:
        - DNS爆破: 字典
        
        ## 需要API-key的
        - bing
        - github
        - hunter
        - intelx
        - securityTrails
        - shodan
        - spyse
        </details>


- [**3724**Star][10d] [Go] [elazarl/goproxy](https://github.com/elazarl/goproxy) An HTTP proxy library for Go
- [**3709**Star][10d] [Py] [jrohy/multi-v2ray](https://github.com/jrohy/multi-v2ray) v2ray多用户管理部署程序
- [**3708**Star][8d] [PHP] [hanc00l/wooyun_public](https://github.com/hanc00l/wooyun_public)  crawl and search for wooyun.org public bug(vulnerability) and drops
- [**3707**Star][10d] [HTML] [consensys/smart-contract-best-practices](https://github.com/consensys/smart-contract-best-practices) A guide to smart contract security best practices
- [**3693**Star][12d] [jivoi/awesome-ml-for-cybersecurity](https://github.com/jivoi/awesome-ml-for-cybersecurity) Awesome Machine Learning for Cyber Security
- [**3690**Star][10d] [HTML] [hamukazu/lets-get-arrested](https://github.com/hamukazu/lets-get-arrested) This project is intended to protest against the police in Japan
- [**3689**Star][10d] [C] [shellphish/how2heap](https://github.com/shellphish/how2heap) A repository for learning various heap exploitation techniques.
- [**3682**Star][10d] [C] [awslabs/s2n](https://github.com/awslabs/s2n) an implementation of the TLS/SSL protocols
- [**3680**Star][11d] [C++] [mandliya/algorithms_and_data_structures](https://github.com/mandliya/algorithms_and_data_structures) 180+ Algorithm & Data Structure Problems using C++
- [**3680**Star][2y] [Py] [qiyeboy/ipproxypool](https://github.com/qiyeboy/ipproxypool) IPProxyPool代理池项目，提供代理ip
- [**3672**Star][8d] [Go] [tophubs/toplist](https://github.com/tophubs/toplist) 今日热榜，一个获取各大热门网站热门头条的聚合网站，使用Go语言编写，多协程异步快速抓取信息，预览:
- [**3667**Star][4m] [JS] [koenkk/zigbee2mqtt](https://github.com/koenkk/zigbee2mqtt) Zigbee
- [**3664**Star][3m] [Smarty] [anankke/sspanel-uim](https://github.com/anankke/sspanel-uim) Across the Great Wall we can reach every corner in the world
- [**3659**Star][3m] [C] [screetsec/thefatrat](https://github.com/screetsec/thefatrat) Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
- [**3653**Star][11d] [Shell] [toyodadoubi/doubi](https://github.com/toyodadoubi/doubi) 一个逗比写的各种逗比脚本~
- [**3645**Star][6y] [C#] [brandonlw/psychson](https://github.com/brandonlw/Psychson) Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)
- [**3643**Star][3y] [C] [hak5darren/usb-rubber-ducky](https://github.com/hak5darren/usb-rubber-ducky) a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. 
- [**3627**Star][10d] [C#] [mathewsachin/captura](https://github.com/mathewsachin/captura) Capture Screen, Audio, Cursor, Mouse Clicks and Keystrokes
- [**3627**Star][8d] [C] [virustotal/yara](https://github.com/virustotal/yara) The pattern matching swiss knife
- [**3618**Star][10d] [teivah/algodeck](https://github.com/teivah/algodeck) An Open-Source Collection of +200 Algorithmic Flash Cards to Help you Preparing your Algorithm & Data Structure Interview
- [**3614**Star][10d] [Py] [rarcega/instagram-scraper](https://github.com/rarcega/instagram-scraper) Scrapes an instagram user's photos and videos
- [**3609**Star][3y] [Perl] [x0rz/eqgrp](https://github.com/x0rz/eqgrp) Decrypted content of eqgrp-auction-file.tar.xz
- [**3597**Star][2y] [C#] [nummer/destroy-windows-10-spying](https://github.com/nummer/destroy-windows-10-spying) Destroy Windows Spying tool
- [**3592**Star][1y] [C] [rpisec/mbe](https://github.com/rpisec/mbe) Course materials for Modern Binary Exploitation by RPISEC
- [**3589**Star][11d] [Go] [fanpei91/torsniff](https://github.com/fanpei91/torsniff) a sniffer that sniffs torrents from BitTorrent network
- [**3589**Star][11d] [Go] [fanpei91/torsniff](https://github.com/fanpei91/torsniff) a sniffer that sniffs torrents from BitTorrent network
- [**3584**Star][11d] [Py] [stamparm/maltrail](https://github.com/stamparm/maltrail) Malicious traffic detection system
- [**3582**Star][10d] [C] [betaflight/betaflight](https://github.com/betaflight/betaflight) Open Source Flight Controller Firmware
- [**3579**Star][7d] [C#] [win-acme/win-acme](https://github.com/win-acme/win-acme) A simple ACME client for Windows (for use with Let's Encrypt et al.)
- [**3579**Star][10d] [HTML] [goproxy/goproxy.cn](https://github.com/goproxy/goproxy.cn) The most trusted Go module proxy in China.
- [**3576**Star][10d] [C] [qemu/qemu](https://github.com/qemu/qemu) Official QEMU mirror. Please see
- [**3554**Star][10d] [C] [tmate-io/tmate](https://github.com/tmate-io/tmate) Instant Terminal Sharing
- [**3551**Star][10d] [hslatman/awesome-threat-intelligence](https://github.com/hslatman/awesome-threat-intelligence) A curated list of Awesome Threat Intelligence resources
- [**3550**Star][10d] [HTML] [grangier/python-goose](https://github.com/grangier/python-goose) Html Content / Article Extractor, web scrapping lib in Python
- [**3549**Star][4m] [Java] [jasonchenlijian/fastble](https://github.com/jasonchenlijian/fastble) Android Bluetooth Low Energy (BLE) Fast Development Framework. It uses simple ways to filter, scan, connect, read ,write, notify, readRssi, setMTU, and multiConnection.
- [**3538**Star][6y] [R] [johnmyleswhite/ml_for_hackers](https://github.com/johnmyleswhite/ml_for_hackers) Code accompanying the book "Machine Learning for Hackers"
- [**3538**Star][10m] [Shell] [chengr28/revokechinacerts](https://github.com/chengr28/revokechinacerts) Revoke Chinese certificates.
- [**3532**Star][10d] [sundowndev/hacker-roadmap](https://github.com/sundowndev/hacker-roadmap) an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking
- [**3523**Star][10d] [CSS] [juliocesarfort/public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) Curated list of public penetration test reports released by several consulting firms and academic security groups
- [**3510**Star][10d] [JS] [digitalbazaar/forge](https://github.com/digitalbazaar/forge) A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
- [**3509**Star][4m] [Java] [meituan-dianping/robust](https://github.com/meituan-dianping/robust) Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
- [**3503**Star][11m] [C] [session-replay-tools/tcpcopy](https://github.com/session-replay-tools/tcpcopy) An online request replication tool, also a tcp stream replay tool, fit for real testing, performance testing, stability testing, stress testing, load testing, smoke testing, etc
- [**3494**Star][12d] [JS] [ionicabizau/scrape-it](https://github.com/ionicabizau/scrape-it) A Node.js scraper for humans.
- [**3486**Star][11d] [JS] [duo-labs/cloudmapper](https://github.com/duo-labs/cloudmapper) CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
- [**3477**Star][11d] [HTML] [leizongmin/js-xss](https://github.com/leizongmin/js-xss) Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
- [**3477**Star][10d] [Shell] [gfw-breaker/ssr-accounts](https://github.com/gfw-breaker/ssr-accounts) 一键部署Shadowsocks服务；免费Shadowsocks账号分享；免费SS账号分享; 翻墙；无界，自由门，SquirrelVPN
- [**3476**Star][11d] [Py] [google/grr](https://github.com/google/grr) remote live forensics for incident response
- [**3475**Star][10m] [C++] [wangyu-/udp2raw-tunnel](https://github.com/wangyu-/udp2raw-tunnel) A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
- [**3468**Star][2m] [JS] [mcollina/autocannon](https://github.com/mcollina/autocannon) fast HTTP/1.1 benchmarking tool written in Node.js
- [**3458**Star][11d] [Go] [imgproxy/imgproxy](https://github.com/imgproxy/imgproxy) Fast and secure standalone server for resizing and converting remote images
- [**3451**Star][4m] [C] [vanhauser-thc/thc-hydra](https://github.com/vanhauser-thc/thc-hydra) hydra
- [**3448**Star][10d] [C] [raspberrypi/firmware](https://github.com/raspberrypi/firmware) This repository contains pre-compiled binaries of the current Raspberry Pi kernel and modules, userspace libraries, and bootloader/GPU firmware.
- [**3445**Star][10d] [C] [nbs-system/naxsi](https://github.com/nbs-system/naxsi) NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
- [**3443**Star][4m] [Rust] [canop/broot](https://github.com/canop/broot) A new way to see and navigate directory trees :
- [**3440**Star][10d] [C] [unicorn-engine/unicorn](https://github.com/unicorn-engine/unicorn) Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
- [**3435**Star][10d] [Makefile] [lorien/awesome-web-scraping](https://github.com/lorien/awesome-web-scraping) List of libraries, tools and APIs for web scraping and data processing.
- [**3432**Star][10d] [icodesign/potatso](https://github.com/icodesign/Potatso) Potatso is an iOS client that implements different proxies with the leverage of NetworkExtension framework in iOS 10+.
- [**3432**Star][10d] [Shell] [softwaredownload/openwrt-fanqiang](https://github.com/softwaredownload/openwrt-fanqiang) 最好的路由器翻墙、科学上网教程—OpenWrt—shadowsocks
- [**3428**Star][10d] [Go] [dvyukov/go-fuzz](https://github.com/dvyukov/go-fuzz) a coverage-guided fuzzing solution for testing of Go packages
- [**3425**Star][11d] [Shell] [hwdsl2/docker-ipsec-vpn-server](https://github.com/hwdsl2/docker-ipsec-vpn-server) Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec
- [**3422**Star][10d] [Go] [michenriksen/aquatone](https://github.com/michenriksen/aquatone) A Tool for Domain Flyovers
        <details>
        <summary>View Details</summary>


        ## Misc
        - 需要Google Chrome/Chromium浏览器
        - 下载编译好的二进制文件，或自己编译
        - 可以通过管道与现有工具集成
        </details>


- [**3420**Star][12d] [Java] [oldmanpushcart/greys-anatomy](https://github.com/oldmanpushcart/greys-anatomy) Java诊断工具
- [**3419**Star][8m] [Py] [volatilityfoundation/volatility](https://github.com/volatilityfoundation/volatility) An advanced memory forensics framework
- [**3418**Star][6m] [ObjC] [objective-see/lulu](https://github.com/objective-see/lulu) LuLu is the free macOS firewall
- [**3409**Star][5m] [C] [microsoft/windows-driver-samples](https://github.com/microsoft/windows-driver-samples) This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
- [**3405**Star][4m] [Java] [hustcc/js-sorting-algorithm](https://github.com/hustcc/js-sorting-algorithm) 一本关于排序算法的 GitBook 在线书籍 《十大经典排序算法》，多语言实现。
- [**3396**Star][7d] [C] [microsoft/wsl2-linux-kernel](https://github.com/microsoft/wsl2-linux-kernel) The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)
- [**3395**Star][11d] [meirwah/awesome-incident-response](https://github.com/meirwah/awesome-incident-response) A curated list of tools for incident response
- [**3395**Star][11d] [Haskell] [input-output-hk/cardano-sl](https://github.com/input-output-hk/cardano-sl) Cryptographic currency implementing Ouroboros PoS protocol
- [**3393**Star][7d] [Vue] [chaitin/xray](https://github.com/chaitin/xray) 一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
- [**3391**Star][10d] [Go] [tencent/bk-cmdb](https://github.com/tencent/bk-cmdb) 蓝鲸智云配置平台(BlueKing CMDB)
- [**3387**Star][10d] [Rust] [spacejam/sled](https://github.com/spacejam/sled) the champagne of beta embedded databases
- [**3387**Star][10d] [Go] [getlantern/lantern](https://github.com/getlantern/lantern)  lantern proxy vpn censorship-circumvention censorship gfw accelerator
- [**3384**Star][10d] [JS] [evilsocket/pwnagotchi](https://github.com/evilsocket/pwnagotchi)  Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- [**3380**Star][4m] [Swift] [yagiz/bagel](https://github.com/yagiz/bagel) a little native network debugging tool for iOS
- [**3379**Star][4m] [C] [magnumripper/johntheripper](https://github.com/magnumripper/johntheripper) This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS:
- [**3379**Star][2m] [PS] [fireeye/commando-vm](https://github.com/fireeye/commando-vm) Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
- [**3378**Star][10d] [Java] [phishman3579/java-algorithms-implementation](https://github.com/phishman3579/java-algorithms-implementation) Algorithms and Data Structures implemented in Java
- [**3377**Star][10d] [JS] [minbrowser/min](https://github.com/minbrowser/min) A fast, minimal browser that protects your privacy
- [**3369**Star][10d] [Py] [drivendata/cookiecutter-data-science](https://github.com/drivendata/cookiecutter-data-science) A logical, reasonably standardized, but flexible project structure for doing and sharing data science work.
- [**3366**Star][11d] [C] [taviso/loadlibrary](https://github.com/taviso/loadlibrary) Porting Windows Dynamic Link Libraries to Linux
- [**3349**Star][9d] [C++] [fireice-uk/xmr-stak](https://github.com/fireice-uk/xmr-stak) Free Monero RandomX Miner and unified CryptoNight miner
- [**3340**Star][3m] [TS] [jigsaw-code/outline-server](https://github.com/jigsaw-code/outline-server) Outline Manager, developed by Jigsaw. The Outline Manager application creates and manages Outline servers, powered by Shadowsocks. It uses the Electron framework to offer support for Windows, macOS and Linux.
- [**3327**Star][10d] [JS] [sindresorhus/speed-test](https://github.com/sindresorhus/speed-test) Test your internet connection speed and ping using speedtest.net from the CLI
- [**3325**Star][11d] [HTML] [ctf-wiki/ctf-wiki](https://github.com/ctf-wiki/ctf-wiki) CTF Wiki Online. Come and join us, we need you!
- [**3322**Star][4m] [scanate/ethlist](https://github.com/scanate/ethlist) The Comprehensive Ethereum Reading List
- [**3321**Star][10d] [PS] [redcanaryco/atomic-red-team](https://github.com/redcanaryco/atomic-red-team) Small and highly portable detection tests based on MITRE's ATT&CK.
- [**3317**Star][10d] [Py] [felixonmars/dnsmasq-china-list](https://github.com/felixonmars/dnsmasq-china-list) Chinese-specific configuration to improve your favorite DNS server. Best partner for chnroutes.
- [**3312**Star][11d] [Py] [pyca/cryptography](https://github.com/pyca/cryptography) cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
- [**3310**Star][4m] [C++] [spiderlabs/modsecurity](https://github.com/spiderlabs/modsecurity) ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
- [**3301**Star][11d] [C] [secwiki/linux-kernel-exploits](https://github.com/secwiki/linux-kernel-exploits) linux-kernel-exploits 
- [**3299**Star][12d] [Dockerfile] [thinkdevelop/free-ss-ssr](https://github.com/thinkdevelop/free-ss-ssr) SS账号、SSR账号、V2Ray账号
- [**3296**Star][10d] [Java] [calebfenton/simplify](https://github.com/calebfenton/simplify) Android virtual machine and deobfuscator
- [**3293**Star][3m] [Shell] [1n3/sn1per](https://github.com/1n3/sn1per) Automated pentest framework for offensive security experts
- [**3289**Star][10d] [Lua] [ntop/ntopng](https://github.com/ntop/ntopng) Web-based Traffic and Security Network Traffic Monitoring
- [**3288**Star][3m] [C] [valdikss/goodbyedpi](https://github.com/valdikss/goodbyedpi)  bypass Deep Packet Inspection systems found in many Internet Service Providers which block access to certain websites.
- [**3282**Star][10d] [Py] [corna/me_cleaner](https://github.com/corna/me_cleaner) Tool for partial deblobbing of Intel ME/TXE firmware images
- [**3278**Star][4m] [C++] [px4/firmware](https://github.com/px4/firmware) PX4 Autopilot Software
- [**3271**Star][10d] [Go] [meshbird/meshbird](https://github.com/meshbird/meshbird) cloud-native multi-region multi-cloud decentralized private networking
- [**3269**Star][15d] [C++] [google/lmctfy](https://github.com/google/lmctfy) lmctfy is the open source version of Google’s container stack, which provides Linux application containers.
- [**3265**Star][10d] [C] [processhacker/processhacker](https://github.com/processhacker/processhacker) A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
- [**3262**Star][10d] [TS] [google/incremental-dom](https://github.com/google/incremental-dom) An in-place DOM diffing library
- [**3257**Star][9m] [C] [yarrick/iodine](https://github.com/yarrick/iodine) Official git repo for iodine dns tunnel
- [**3253**Star][5y] [C] [shadowsocks/chinadns](https://github.com/shadowsocks/chinadns) Protect yourself against DNS poisoning in China.
- [**3250**Star][10m] [ObjC] [naituw/ipapatch](https://github.com/naituw/ipapatch) Patch iOS Apps, The Easy Way, Without Jailbreak.
- [**3249**Star][10d] [Go] [gwuhaolin/lightsocks](https://github.com/gwuhaolin/lightsocks) lightweight network obfuscate proxy, based on socks5, to replace shadowsocks
- [**3245**Star][4m] [Py] [byt3bl33d3r/crackmapexec](https://github.com/byt3bl33d3r/crackmapexec) A swiss army knife for pentesting networks
- [**3243**Star][11d] [Shell] [speed47/spectre-meltdown-checker](https://github.com/speed47/spectre-meltdown-checker) Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD
- [**3239**Star][10d] [Shell] [pivpn/pivpn](https://github.com/pivpn/pivpn) The Simplest VPN installer, designed for Raspberry Pi
- [**3236**Star][2y] [CSS] [jbtronics/crookedstylesheets](https://github.com/jbtronics/crookedstylesheets) Webpage tracking only using CSS (and no JS)
- [**3234**Star][10d] [Py] [stvir/pysot](https://github.com/stvir/pysot) SenseTime Research platform for single object tracking, implementing algorithms like SiamRPN and SiamMask.
- [**3228**Star][12d] [Shell] [trimstray/htrace.sh](https://github.com/trimstray/htrace.sh) My simple Swiss Army knife for http/https troubleshooting and profiling.
- [**3227**Star][10d] [Py] [kootenpv/whereami](https://github.com/kootenpv/whereami) Uses WiFi signals and machine learning (sklearn's RandomForest) to predict where you are.
- [**3222**Star][3m] [C++] [0xz0f/z0fcourse_reverseengineering](https://github.com/0xz0f/z0fcourse_reverseengineering) Reverse engineering focusing on x64 Windows.
- [**3222**Star][6m] [Py] [mininet/mininet](https://github.com/mininet/mininet) Emulator for rapid prototyping of Software Defined Networks
- [**3220**Star][2m] [Go] [99designs/aws-vault](https://github.com/99designs/aws-vault) A vault for securely storing and accessing AWS credentials in development environments
- [**3219**Star][10d] [JS] [bkimminich/juice-shop](https://github.com/bkimminich/juice-shop) OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
- [**3217**Star][10d] [C] [libfuse/sshfs](https://github.com/libfuse/sshfs) A network filesystem client to connect to SSH servers
- [**3213**Star][6m] [Java] [deathmarine/luyten](https://github.com/deathmarine/luyten) An Open Source Java Decompiler Gui for Procyon
- [**3210**Star][3y] [shadowsocksr-backup/shadowsocksr-android](https://github.com/shadowsocksr-backup/shadowsocksr-android) A ShadowsocksR client for Android
- [**3209**Star][10d] [Go] [securego/gosec](https://github.com/securego/gosec) Golang security checker
- [**3204**Star][3m] [C#] [quantconnect/lean](https://github.com/quantconnect/lean) Lean Algorithmic Trading Engine by QuantConnect (C#, Python, F#)
- [**3202**Star][10d] [secwiki/sec-chart](https://github.com/secwiki/sec-chart) 安全思维导图集合
- [**3200**Star][11d] [Shell] [txthinking/google-hosts](https://github.com/txthinking/google-hosts) Google hosts generator
- [**3197**Star][10d] [Py] [tribler/tribler](https://github.com/tribler/tribler) Privacy enhanced BitTorrent client with P2P content discovery
- [**3187**Star][10d] [Go] [dominikh/go-tools](https://github.com/dominikh/go-tools) Staticcheck - The advanced Go linter
- [**3180**Star][10d] [Py] [gnemoug/distribute_crawler](https://github.com/gnemoug/distribute_crawler) 使用scrapy,redis, mongodb,graphite实现的一个分布式网络爬虫,底层存储mongodb集群,分布式使用redis实现,爬虫状态显示使用graphite实现
- [**3179**Star][3m] [CSS] [readthedocs/sphinx_rtd_theme](https://github.com/readthedocs/sphinx_rtd_theme) Sphinx theme for readthedocs.org
- [**3176**Star][15d] [Ruby] [sagivo/algorithms](https://github.com/sagivo/algorithms) algorithms playground for common questions
- [**3174**Star][10d] [tycrek/degoogle](https://github.com/tycrek/degoogle) A huge list of alternatives to Google products. Privacy tips, tricks, and links.
- [**3166**Star][11d] [Py] [guardicore/monkey](https://github.com/guardicore/monkey) Infection Monkey - An automated pentest tool
- [**3165**Star][7d] [Py] [andresriancho/w3af](https://github.com/andresriancho/w3af) web application attack and audit framework, the open source web vulnerability scanner.
- [**3157**Star][4m] [C] [zmap/zmap](https://github.com/zmap/zmap) ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
- [**3150**Star][10d] [Py] [trustedsec/ptf](https://github.com/trustedsec/ptf) a way for modular support for up-to-date tools.
- [**3138**Star][4m] [infosecn1nja/red-teaming-toolkit](https://github.com/infosecn1nja/red-teaming-toolkit) A collection of open source and commercial tools that aid in red team operations.
- [**3137**Star][10d] [ObjC] [google/santa](https://github.com/google/santa) A binary whitelisting/blacklisting system for macOS
- [**3133**Star][3m] [C#] [microsoft/applicationinspector](https://github.com/microsoft/applicationinspector) A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
- [**3130**Star][11d] [Py] [cowrie/cowrie](https://github.com/cowrie/cowrie) Cowrie SSH/Telnet Honeypot
- [**3125**Star][10d] [Go] [kgretzky/evilginx2](https://github.com/kgretzky/evilginx2) Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
- [**3123**Star][3m] [Go] [aquasecurity/trivy](https://github.com/aquasecurity/trivy) A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
- [**3123**Star][3m] [Go] [cookiey/yearning](https://github.com/cookiey/yearning) A most popular sql audit platform for mysql
- [**3120**Star][10d] [C] [p-h-c/phc-winner-argon2](https://github.com/p-h-c/phc-winner-argon2) The password hash Argon2, winner of PHC
- [**3120**Star][10d] [ObjC] [dantheman827/ios-app-signer](https://github.com/dantheman827/ios-app-signer) This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
- [**3117**Star][7d] [Java] [frohoff/ysoserial](https://github.com/frohoff/ysoserial) A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
- [**3116**Star][10d] [JS] [ix64/unlock-music](https://github.com/ix64/unlock-music) Unlock encrypted music file in browser. 在浏览器中解锁加密的音乐文件。
- [**3111**Star][10d] [Py] [espressif/esptool](https://github.com/espressif/esptool) ESP8266 and ESP32 serial bootloader utility
- [**3106**Star][7m] [JS] [valve/fingerprintjs](https://github.com/valve/fingerprintjs) Anonymous browser fingerprint
- [**3106**Star][10d] [PHP] [owner888/phpspider](https://github.com/owner888/phpspider) 《我用爬虫一天时间“偷了”知乎一百万用户，只为证明PHP是世界上最好的语言 》所使用的程序
- [**3105**Star][10d] [Jupyter Notebook] [zotroneneis/machine_learning_basics](https://github.com/zotroneneis/machine_learning_basics) Plain python implementations of basic machine learning algorithms
- [**3105**Star][10d] [C++] [qv2ray/qv2ray](https://github.com/Qv2ray/Qv2ray) 
- [**3102**Star][10d] [C++] [google/robotstxt](https://github.com/google/robotstxt) The repository contains Google's robots.txt parser and matcher as a C++ library (compliant to C++11).
- [**3097**Star][9m] [Py] [spiderlabs/responder](https://github.com/spiderlabs/responder) a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
- [**3095**Star][10d] [Go] [oj/gobuster](https://github.com/oj/gobuster) Directory/File, DNS and VHost busting tool written in Go
- [**3087**Star][8d] [C++] [xmrig/xmrig](https://github.com/xmrig/xmrig) RandomX, CryptoNight, AstroBWT and Argon2 CPU/GPU miner
- [**3082**Star][10d] [Py] [lyst/lightfm](https://github.com/lyst/lightfm) A Python implementation of LightFM, a hybrid recommendation algorithm.
- [**3078**Star][4m] [JS] [webgoat/webgoat](https://github.com/webgoat/webgoat) A deliberately insecure Web Application
- [**3077**Star][1y] [JS] [jipegit/osxauditor](https://github.com/jipegit/osxauditor) OS X Auditor is a free Mac OS X computer forensics tool
- [**3073**Star][10d] [Swift] [zhuhaow/spechtlite](https://github.com/zhuhaow/spechtlite) A rule-based proxy for macOS
- [**3069**Star][10d] [Go] [schollz/croc](https://github.com/schollz/croc) Easily and securely send things from one computer to another
- [**3061**Star][10d] [Py] [cloudflare/flan](https://github.com/cloudflare/flan) A pretty sweet vulnerability scanner
- [**3060**Star][10d] [C++] [qtox/qtox](https://github.com/qtox/qtox) qTox is a chat, voice, video, and file transfer IM client using the encrypted peer-to-peer Tox protocol.
- [**3032**Star][2y] [phith0n/mind-map](https://github.com/phith0n/mind-map) 各种安全相关思维导图整理收集
- [**3029**Star][7d] [Py] [danmcinerney/wifijammer](https://github.com/danmcinerney/wifijammer) Continuously jam all wifi clients/routers
- [**3027**Star][10d] [Py] [androguard/androguard](https://github.com/androguard/androguard) Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
- [**3026**Star][10d] [C] [ossec/ossec-hids](https://github.com/ossec/ossec-hids) Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
- [**3025**Star][3m] [Java] [williamfiset/algorithms](https://github.com/williamfiset/algorithms) A collection of algorithms and data structures
- [**3022**Star][10d] [C] [lxc/lxc](https://github.com/lxc/lxc) LXC - Linux Containers
- [**3016**Star][3m] [Java] [anuken/mindustry](https://github.com/anuken/mindustry) A sandbox tower defense game
- [**3013**Star][4m] [C++] [tensorflow/minigo](https://github.com/tensorflow/minigo) An open-source implementation of the AlphaGoZero algorithm
- [**3003**Star][11m] [C++] [pytorch/elf](https://github.com/pytorch/elf) a platform for game research with AlphaGoZero/AlphaZero reimplementation
- [**2994**Star][8d] [Shell] [mskyaxl/wsl-terminal](https://github.com/mskyaxl/wsl-terminal) Terminal emulator for Windows Subsystem for Linux (WSL)
- [**2991**Star][10d] [ObjC] [facebook/idb](https://github.com/facebook/idb) idb is a flexible command line interface for automating iOS simulators and devices
- [**2991**Star][10d] [Go] [statping/statping](https://github.com/statping/statping) Status Page for monitoring your websites and applications with beautiful graphs, analytics, and plugins. Run on any type of environment.
- [**2986**Star][3m] [C++] [zeek/zeek](https://github.com/zeek/zeek) Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
- [**2984**Star][10d] [Lua] [loveshell/ngx_lua_waf](https://github.com/loveshell/ngx_lua_waf) ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
- [**2983**Star][11d] [pditommaso/awesome-pipeline](https://github.com/pditommaso/awesome-pipeline) A curated list of awesome pipeline toolkits inspired by Awesome Sysadmin
- [**2978**Star][10d] [Py] [liuxingming/sinaspider](https://github.com/liuxingming/sinaspider) 新浪微博爬虫（Scrapy、Redis）
- [**2972**Star][10d] [Py] [billryan/algorithm-exercise](https://github.com/billryan/algorithm-exercise) Data Structure and Algorithm notes. 数据结构与算法/leetcode/lintcode题解/
- [**2969**Star][5m] [secfigo/awesome-fuzzing](https://github.com/secfigo/awesome-fuzzing) A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
- [**2967**Star][11d] [ObjC] [maciekish/iresign](https://github.com/maciekish/iresign) iReSign allows iDevice app bundles (.ipa) files to be signed or resigned with a digital certificate from Apple for distribution. This tool is aimed at enterprises users, for enterprise deployment, when the person signing the app is different than the person(s) developing it.
- [**2958**Star][4m] [Shell] [91yun/serverspeeder](https://github.com/91yun/serverspeeder) 锐速破解版
- [**2953**Star][10d] [Py] [instantbox/instantbox](https://github.com/instantbox/instantbox) Get a clean, ready-to-go Linux box in seconds.
- [**2947**Star][1y] [C++] [wangyu-/udpspeeder](https://github.com/wangyu-/udpspeeder) A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
- [**2938**Star][2y] [Py] [byt3bl33d3r/mitmf](https://github.com/byt3bl33d3r/mitmf) Framework for Man-In-The-Middle attacks
- [**2932**Star][1y] [C#] [quasar/quasarrat](https://github.com/quasar/quasarrat) Remote Administration Tool for Windows
- [**2930**Star][10d] [Go] [libp2p/go-libp2p](https://github.com/libp2p/go-libp2p) libp2p implementation in Go
- [**2929**Star][1y] [C++] [chrisknott/algojammer](https://github.com/chrisknott/algojammer) An experimental code editor for writing algorithms
- [**2927**Star][12d] [JS] [laurentj/slimerjs](https://github.com/laurentj/slimerjs) A scriptable browser like PhantomJS, based on Firefox
- [**2926**Star][10d] [Go] [caddyserver/certmagic](https://github.com/caddyserver/certmagic) Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
- [**2925**Star][10d] [valvesoftware/steam-for-linux](https://github.com/valvesoftware/steam-for-linux) Issue tracking for the Steam for Linux beta client
- [**2922**Star][10d] [C] [klange/toaruos](https://github.com/klange/toaruos) A completely-from-scratch hobby operating system: bootloader, kernel, drivers, C library, and userspace including a composited graphical UI, dynamic linker, syntax-highlighting text editor, network stack, etc.
- [**2921**Star][4m] [C++] [tstack/lnav](https://github.com/tstack/lnav) Log file navigator
- [**2920**Star][11d] [paulsec/awesome-sec-talks](https://github.com/paulsec/awesome-sec-talks) A collected list of awesome security talks
- [**2920**Star][10d] [Go] [google/syzkaller](https://github.com/google/syzkaller) syzkaller is an unsupervised coverage-guided kernel fuzzer
- [**2918**Star][5m] [C#] [vsvim/vsvim](https://github.com/VsVim/VsVim) Vim Emulator Plugin for Visual Studio 2015+
- [**2918**Star][11d] [Makefile] [theos/theos](https://github.com/theos/theos) A cross-platform suite of tools for building and deploying software for iOS and other platforms.
- [**2916**Star][10d] [TS] [webhintio/hint](https://github.com/webhintio/hint) 
- [**2908**Star][4m] [C#] [netchx/netch](https://github.com/netchx/netch) Game accelerator. Support Socks5, Shadowsocks, ShadowsocksR, V2Ray protocol. UDP NAT FullCone
- [**2903**Star][10d] [Swift] [kasketis/netfox](https://github.com/kasketis/netfox) A lightweight, one line setup, iOS / OSX network debugging library!
- [**2895**Star][4m] [Java] [rovo89/xposedinstaller](https://github.com/rovo89/xposedinstaller) 
- [**2894**Star][11d] [Shell] [teddysun/across](https://github.com/teddysun/across) This is a shell script for configure and start WireGuard VPN server
- [**2893**Star][10d] [Py] [shadowsocksrr/shadowsocksr](https://github.com/shadowsocksrr/shadowsocksr) Python port of ShadowsocksR
- [**2888**Star][7m] [Assembly] [cirosantilli/x86-bare-metal-examples](https://github.com/cirosantilli/x86-bare-metal-examples) Dozens of minimal operating systems to learn x86 system programming. Tested on Ubuntu 17.10 host in QEMU 2.10 and real hardware. Userland cheat at:
- [**2877**Star][12d] [Py] [nryoung/algorithms](https://github.com/nryoung/algorithms) This repository is not maintained
- [**2875**Star][4m] [C] [tmk/tmk_keyboard](https://github.com/tmk/tmk_keyboard) Keyboard firmwares for Atmel AVR and Cortex-M
- [**2872**Star][10d] [C] [esnet/iperf](https://github.com/esnet/iperf) A TCP, UDP, and SCTP network bandwidth measurement tool
- [**2865**Star][10d] [Py] [hugsy/gef](https://github.com/hugsy/gef)  GDB Enhanced Features for exploit devs & reversers
- [**2859**Star][4m] [ObjC] [chatsecure/chatsecure-ios](https://github.com/chatsecure/chatsecure-ios) ChatSecure is a free and open source encrypted chat client for iOS that supports OTR and OMEMO encryption over XMPP.
- [**2857**Star][10d] [Py] [rogandawes/p4wnp1](https://github.com/RoganDawes/P4wnP1) P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
- [**2853**Star][2y] [CSS] [maxchehab/css-keylogging](https://github.com/maxchehab/css-keylogging) Chrome extension and Express server that exploits keylogging abilities of CSS.
- [**2852**Star][10d] [Py] [plasma-disassembler/plasma](https://github.com/plasma-disassembler/plasma) Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
- [**2851**Star][10d] [JS] [noble/noble](https://github.com/noble/noble) A Node.js BLE (Bluetooth Low Energy) central module
- [**2849**Star][10d] [JS] [trufflesuite/ganache-cli](https://github.com/trufflesuite/ganache-cli) Fast Ethereum RPC client for testing and development
- [**2847**Star][4m] [Makefile] [shadowsocks/openwrt-shadowsocks](https://github.com/shadowsocks/openwrt-shadowsocks) Shadowsocks-libev for OpenWrt/LEDE
- [**2843**Star][11d] [Go] [anthonynsimon/bild](https://github.com/anthonynsimon/bild) A collection of parallel image processing algorithms in pure Go
- [**2842**Star][17d] [TS] [microsoftdx/vorlonjs](https://github.com/microsoftdx/vorlonjs) A new, open source, extensible, platform-agnostic tool for remotely debugging and testing your JavaScript. Powered by node.js and socket.io
- [**2841**Star][3m] [Py] [kr1s77/python-crawler-tutorial-starts-from-zero](https://github.com/Kr1s77/Python-crawler-tutorial-starts-from-zero) python爬虫教程，带你从零到一，包含js逆向，selenium, tesseract OCR识别,mongodb的使用，以及scrapy框架
- [**2838**Star][1y] [Py] [p0cl4bs/wifi-pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) Framework for Rogue Wi-Fi Access Point Attack
- [**2832**Star][1y] [HTML] [ptwobrussell/mining-the-social-web-2nd-edition](https://github.com/ptwobrussell/mining-the-social-web-2nd-edition) The official online compendium for Mining the Social Web, 2nd Edition (O'Reilly, 2013)
- [**2832**Star][10d] [C++] [danmar/cppcheck](https://github.com/danmar/cppcheck) static analysis of C/C++ code
- [**2829**Star][10d] [Java] [pmd/pmd](https://github.com/pmd/pmd) An extensible multilanguage static code analyzer.
- [**2823**Star][4m] [rmusser01/infosec_reference](https://github.com/rmusser01/infosec_reference) An Information Security Reference That Doesn't Suck
- [**2821**Star][3m] [taichi-framework/taichi](https://github.com/taichi-framework/taichi) A framework to use Xposed module with or without Root/Unlock bootloader, supportting Android 5.0 ~ 10.0
- [**2817**Star][10d] [JS] [cyu/rack-cors](https://github.com/cyu/rack-cors) Rack Middleware for handling Cross-Origin Resource Sharing (CORS), which makes cross-origin AJAX possible.
- [**2813**Star][6m] [JS] [s0md3v/awesomexss](https://github.com/s0md3v/AwesomeXSS) Awesome XSS stuff
- [**2812**Star][10d] [C] [vanhoefm/krackattacks-scripts](https://github.com/vanhoefm/krackattacks-scripts) test if clients or access points (APs) are affected by the KRACK attack against WPA2
- [**2804**Star][2y] [HTML] [chybeta/web-security-learning](https://github.com/chybeta/web-security-learning) Web-Security-Learning
- [**2800**Star][10d] [C] [meituan-dianping/logan](https://github.com/meituan-dianping/logan) Logan is a lightweight case logging system based on mobile platform.
- [**2794**Star][12d] [Py] [hephaest0s/usbkill](https://github.com/hephaest0s/usbkill) an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer.
- [**2789**Star][10d] [Py] [pwndbg/pwndbg](https://github.com/pwndbg/pwndbg) Exploit Development and Reverse Engineering with GDB Made Easy
- [**2786**Star][12d] [Py] [qiwsir/algorithm](https://github.com/qiwsir/algorithm) 
- [**2783**Star][10d] [atarity/deploy-your-own-saas](https://github.com/atarity/deploy-your-own-saas) List of "only yours" cloud services for everyday needs
- [**2782**Star][2y] [C] [seclab-ucr/intang](https://github.com/seclab-ucr/intang) research project for circumventing the "TCP reset attack" from the Great Firewall of China (GFW) by disrupting/desynchronizing the TCP Control Block (TCB) on the censorship devices.
- [**2777**Star][7d] [Py] [xmendez/wfuzz](https://github.com/xmendez/wfuzz) Web application fuzzer
- [**2775**Star][10d] [onlurking/awesome-infosec](https://github.com/onlurking/awesome-infosec) A curated list of awesome infosec courses and training resources.
- [**2772**Star][7d] [HTML] [tikam02/devops-guide](https://github.com/tikam02/devops-guide) DevOps Guide from basic to advanced with Interview Questions and Notes
- [**2770**Star][11d] [C] [geohot/qira](https://github.com/geohot/qira) QEMU Interactive Runtime Analyser
- [**2770**Star][7m] [ObjC] [kjcracks/clutch](https://github.com/kjcracks/clutch) Fast iOS executable dumper
- [**2766**Star][10d] [Eagle] [samyk/magspoof](https://github.com/samyk/magspoof) A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card "wirelessly", even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy.
- [**2765**Star][8d] [C++] [google/zopfli](https://github.com/google/zopfli) Zopfli Compression Algorithm is a compression library programmed in C to perform very good, but slow, deflate or zlib compression.
- [**2764**Star][10d] [Py] [greenwolf/social_mapper](https://github.com/Greenwolf/social_mapper) A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf)
- [**2764**Star][12d] [leandromoreira/linux-network-performance-parameters](https://github.com/leandromoreira/linux-network-performance-parameters) Learn where some of the network sysctl variables fit into the Linux/Kernel network flow
- [**2733**Star][4m] [xairy/linux-kernel-exploitation](https://github.com/xairy/linux-kernel-exploitation) A collection of links related to Linux kernel exploitation
- [**2729**Star][10d] [Java] [jboss-javassist/javassist](https://github.com/jboss-javassist/javassist) Java bytecode engineering toolkit
- [**2725**Star][4m] [Shell] [wulabing/v2ray_ws-tls_bash_onekey](https://github.com/wulabing/v2ray_ws-tls_bash_onekey) V2Ray Nginx+vmess+ws+tls/ http2 over tls 一键安装脚本
- [**2724**Star][4m] [JS] [popcorn-official/popcorn-desktop](https://github.com/popcorn-official/popcorn-desktop) Popcorn Time is a multi-platform, free software BitTorrent client that includes an integrated media player. Desktop ( Windows / Mac / Linux ) a Butter-Project Fork
- [**2724**Star][10d] [PHP] [audi-1/sqli-labs](https://github.com/audi-1/sqli-labs) SQLI labs to test error based, Blind boolean based, Time based.
- [**2723**Star][7d] [Py] [ccostan/home-assistantconfig](https://github.com/ccostan/home-assistantconfig) 
- [**2716**Star][11d] [Ruby] [arachni/arachni](https://github.com/arachni/arachni) Web Application Security Scanner Framework
- [**2715**Star][10d] [Py] [the0demiurge/shadowsocksshare](https://github.com/the0demiurge/shadowsocksshare) Python爬虫/Flask网站/免费ShadowSocks账号/ssr订阅/json 订阅
- [**2713**Star][10d] [Go] [xiaoming2028/freepac](https://github.com/xiaoming2028/FreePAC) 科学上网/梯子/自由上网/翻墙 SS/SSR/V2Ray/Brook 搭建教程
- [**2713**Star][10d] [Go] [xiaoming2028/freepac](https://github.com/xiaoming2028/FreePAC) 科学上网/梯子/自由上网/翻墙 SS/SSR/V2Ray/Brook 搭建教程
- [**2709**Star][5y] [Java] [linyiqun/dataminingalgorithm](https://github.com/linyiqun/dataminingalgorithm) 数据挖掘18大算法实现以及其他相关经典DM算法
- [**2703**Star][14d] [C] [ckolivas/cgminer](https://github.com/ckolivas/cgminer) ASIC and FPGA miner in c for bitcoin
- [**2696**Star][10d] [Py] [ab77/netflix-proxy](https://github.com/ab77/netflix-proxy) Smart DNS proxy to watch Netflix
- [**2695**Star][10d] [C] [huntergregal/mimipenguin](https://github.com/huntergregal/mimipenguin) dump 当前Linux用户的登录密码
- [**2688**Star][11d] [C++] [fanout/pushpin](https://github.com/fanout/pushpin) a reverse proxy server written in C++ that makes it easy to implement WebSocket, HTTP streaming, and HTTP long-polling services
- [**2686**Star][7d] [Py] [ctfd/ctfd](https://github.com/CTFd/CTFd) CTFs as you need them
- [**2685**Star][10d] [Go] [ne0nd0g/merlin](https://github.com/ne0nd0g/merlin) Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
- [**2683**Star][10d] [C] [tsl0922/ttyd](https://github.com/tsl0922/ttyd) Share your terminal over the web
- [**2680**Star][10d] [C] [martin-ger/esp_wifi_repeater](https://github.com/martin-ger/esp_wifi_repeater) A full functional WiFi Repeater (correctly: a WiFi NAT Router)
- [**2677**Star][10d] [C++] [domoticz/domoticz](https://github.com/domoticz/domoticz) monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more
- [**2676**Star][7d] [C] [wireshark/wireshark](https://github.com/wireshark/wireshark) Read-only mirror of Wireshark's Git repository. GitHub won't let us disable pull requests
- [**2662**Star][9m] [Java] [teevity/ice](https://github.com/teevity/ice) AWS Usage Tool
- [**2660**Star][10d] [TSQL] [rapid7/metasploitable3](https://github.com/rapid7/metasploitable3) Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
- [**2659**Star][12d] [facert/python-data-structure-cn](https://github.com/facert/python-data-structure-cn) problem-solving-with-algorithms-and-data-structure-using-python 中文版
- [**2655**Star][5m] [Shell] [medicean/vulapps](https://github.com/medicean/vulapps) 快速搭建各种漏洞环境(Various vulnerability environment)
- [**2653**Star][10d] [Py] [pritunl/pritunl](https://github.com/pritunl/pritunl) Enterprise VPN server
- [**2653**Star][10d] [Py] [lionsec/katoolin](https://github.com/lionsec/katoolin) Automatically install all Kali linux tools
- [**2651**Star][4m] [Swift] [zhuhaow/nekit](https://github.com/zhuhaow/nekit) A toolkit for Network Extension Framework
- [**2651**Star][8y] [C] [id-software/quake](https://github.com/id-software/quake) Quake GPL Source Release
- [**2647**Star][6m] [Go] [owasp/amass](https://github.com/owasp/amass) In-depth Attack Surface Mapping and Asset Discovery
- [**2647**Star][10d] [C#] [openhardwaremonitor/openhardwaremonitor](https://github.com/openhardwaremonitor/openhardwaremonitor) Open Hardware Monitor
- [**2646**Star][6m] [Go] [drk1wi/modlishka](https://github.com/drk1wi/modlishka) a powerful and flexible HTTP reverse proxy
- [**2644**Star][15d] [JS] [h2non/toxy](https://github.com/h2non/toxy) Hackable HTTP proxy for resiliency testing and simulated network conditions
- [**2640**Star][5m] [Shell] [rebootuser/linenum](https://github.com/rebootuser/linenum) Scripted Local Linux Enumeration & Privilege Escalation Checks
- [**2637**Star][6m] [JS] [knownsec/kcon](https://github.com/knownsec/kcon) KCon is a famous Hacker Con powered by Knownsec Team.
- [**2629**Star][11d] [Java] [google/binnavi](https://github.com/google/binnavi) a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
- [**2617**Star][2y] [Py] [ecthros/uncaptcha](https://github.com/ecthros/uncaptcha) Defeating Google's audio reCaptcha with 85% accuracy.
- [**2612**Star][1y] [JS] [skidding/illustrated-algorithms](https://github.com/skidding/illustrated-algorithms) Interactive algorithm visualizations
- [**2609**Star][10d] [HTML] [dirtycow/dirtycow.github.io](https://github.com/dirtycow/dirtycow.github.io) Dirty COW
- [**2608**Star][3m] [Py] [0xinfection/awesome-waf](https://github.com/0xinfection/awesome-waf) Everything awesome about web application firewalls (WAFs).
- [**2596**Star][10d] [offensive-security/kali-nethunter](https://github.com/offensive-security/kali-nethunter) The Kali NetHunter Project
- [**2588**Star][4m] [C] [yrutschle/sslh](https://github.com/yrutschle/sslh) Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port). accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.
- [**2585**Star][10d] [Go] [42wim/matterbridge](https://github.com/42wim/matterbridge) bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, steam, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams and more with REST API (mattermost not required!)
- [**2584**Star][10d] [Shell] [v1s1t0r1sh3r3/airgeddon](https://github.com/v1s1t0r1sh3r3/airgeddon) This is a multi-use bash script for Linux systems to audit wireless networks.
- [**2584**Star][10d] [Go] [aquasecurity/kube-bench](https://github.com/aquasecurity/kube-bench) Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
- [**2579**Star][12d] [Py] [x0rz/tweets_analyzer](https://github.com/x0rz/tweets_analyzer) Tweets metadata scraper & activity analyzer
- [**2579**Star][1y] [ObjC] [nygard/class-dump](https://github.com/nygard/class-dump) Generate Objective-C headers from Mach-O files.
- [**2577**Star][11d] [Go] [xtaci/kcp-go](https://github.com/xtaci/kcp-go) A Crypto-Secure, Production-Grade Reliable-UDP Library for golang with FEC
- [**2576**Star][11d] [Py] [google/nogotofail](https://github.com/google/nogotofail) help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way
- [**2574**Star][10d] [nahamsec/resources-for-beginner-bug-bounty-hunters](https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters) A list of resources for those interested in getting started in bug bounties
- [**2574**Star][7d] [C] [mintty/wsltty](https://github.com/mintty/wsltty) Mintty as a terminal for Bash on Ubuntu on Windows / WSL
- [**2573**Star][6m] [Py] [ysrc/xunfeng](https://github.com/ysrc/xunfeng) 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。
- [**2564**Star][11d] [JS] [infobyte/faraday](https://github.com/infobyte/faraday) Collaborative Penetration Test and Vulnerability Management Platform
- [**2560**Star][8m] [kbandla/aptnotes](https://github.com/kbandla/aptnotes) Various public documents, whitepapers and articles about APT campaigns
- [**2560**Star][11d] [Py] [geekan/scrapy-examples](https://github.com/geekan/scrapy-examples) Multifarious Scrapy examples. Spiders for alexa / amazon / douban / douyu / github / linkedin etc.
- [**2559**Star][10d] [Py] [arthepsy/ssh-audit](https://github.com/arthepsy/ssh-audit) SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
- [**2559**Star][4m] [C#] [stocksharp/stocksharp](https://github.com/stocksharp/stocksharp) Algorithmic trading and quantitative trading open source platform to develop trading robots (stock markets, forex, crypto, bitcoins and options).
- [**2548**Star][15d] [evilsocket/bettercap](https://github.com/evilsocket/bettercap) DEPRECATED, bettercap developement moved here:
- [**2537**Star][10d] [C] [moby/hyperkit](https://github.com/moby/hyperkit) A toolkit for embedding hypervisor capabilities in your application
- [**2535**Star][3m] [Java] [m66b/netguard](https://github.com/m66b/netguard) A simple way to block access to the internet per app
- [**2533**Star][12d] [C++] [pavel-odintsov/fastnetmon](https://github.com/pavel-odintsov/fastnetmon) very fast DDoS analyzer with sflow/netflow/mirror support
- [**2526**Star][1y] [C#] [yck1509/confuserex](https://github.com/yck1509/confuserex) An open-source, free protector for .NET applications
- [**2524**Star][3m] [PHP] [misp/misp](https://github.com/misp/misp) MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
- [**2522**Star][3y] [C] [dhavalkapil/icmptunnel](https://github.com/dhavalkapil/icmptunnel) Transparently tunnel your IP traffic through ICMP echo and reply packets.
- [**2514**Star][10d] [Rust] [cloudflare/boringtun](https://github.com/cloudflare/boringtun) an implementation of the WireGuard® protocol designed for portability and speed.
- [**2513**Star][10d] [JS] [pa11y/pa11y](https://github.com/pa11y/pa11y) Pa11y is your automated accessibility testing pal
- [**2505**Star][4m] [JS] [vitaly-t/pg-promise](https://github.com/vitaly-t/pg-promise) PostgreSQL interface for Node.js
- [**2505**Star][10d] [JS] [thlorenz/proxyquire](https://github.com/thlorenz/proxyquire) 为了在测试过程中轻松地重写依赖项，同时保持完全不引人注目，nodejs的需求。
- [**2504**Star][8d] [JS] [weixin/miaow](https://github.com/weixin/Miaow) A set of plugins for Sketch include drawing links & marks, UI Kit & Color sync, font & text replacing.
- [**2503**Star][1y] [C++] [chengr28/pcap_dnsproxy](https://github.com/chengr28/pcap_dnsproxy) Pcap_DNSProxy, a local DNS server based on packet capturing
- [**2502**Star][2y] [Py] [feross/spoofmac](https://github.com/feross/spoofmac) Spoof your MAC address
- [**2500**Star][5m] [C] [hfiref0x/uacme](https://github.com/hfiref0x/uacme) Defeating Windows User Account Control
- [**2494**Star][3m] [Py] [bowenpay/wechat-spider](https://github.com/bowenpay/wechat-spider) 微信公众号爬虫
- [**2490**Star][12d] [Go] [syncsynchalt/illustrated-tls](https://github.com/syncsynchalt/illustrated-tls) The Illustrated TLS Connection: Every byte explained
- [**2490**Star][11d] [C++] [ggerganov/kbd-audio](https://github.com/ggerganov/kbd-audio) Tools for capturing and analysing keyboard input paired with microphone capture
- [**2488**Star][6m] [yeyintminthuhtut/awesome-red-teaming](https://github.com/yeyintminthuhtut/awesome-red-teaming) List of Awesome Red Teaming Resources
- [**2485**Star][2m] [Py] [google/enjarify](https://github.com/google/enjarify) a tool for translating Dalvik bytecode to equivalent Java bytecode.
- [**2482**Star][5m] [C] [haad/proxychains](https://github.com/haad/proxychains) a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
- [**2475**Star][14d] [Py] [secretsquirrel/the-backdoor-factory](https://github.com/secretsquirrel/the-backdoor-factory) Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)
- [**2474**Star][4m] [Py] [wistbean/learn_python3_spider](https://github.com/wistbean/learn_python3_spider) python爬虫教程系列、从0到1学习python爬虫，包括浏览器抓包，手机APP抓包，如 fiddler、mitmproxy，各种爬虫涉及的模块的使用
- [**2474**Star][10d] [Java] [genymobile/gnirehtet](https://github.com/genymobile/gnirehtet) Gnirehtet provides reverse tethering for Android
- [**2468**Star][10d] [Py] [guohongze/adminset](https://github.com/guohongze/adminset) 自动化运维平台：CMDB、CD、DevOps、资产管理、任务编排、持续交付、系统监控、运维管理、配置管理
- [**2467**Star][3y] [rpisec/malware](https://github.com/rpisec/malware) Course materials for Malware Analysis by RPISEC
- [**2458**Star][3m] [PS] [k8gege/k8tools](https://github.com/k8gege/k8tools) K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
- [**2453**Star][10d] [C++] [google/bloaty](https://github.com/google/bloaty) Bloaty McBloatface: a size profiler for binaries
- [**2452**Star][4m] [Java] [mock-server/mockserver](https://github.com/mock-server/mockserver) MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
- [**2452**Star][4m] [Java] [mock-server/mockserver](https://github.com/mock-server/mockserver) MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
- [**2443**Star][10d] [Java] [csploit/android](https://github.com/csploit/android) cSploit - The most complete and advanced IT security professional toolkit on Android.
- [**2440**Star][10d] [edoverflow/bugbounty-cheatsheet](https://github.com/edoverflow/bugbounty-cheatsheet) A list of interesting payloads, tips and tricks for bug bounty hunters.
- [**2434**Star][4m] [Shell] [eliaskotlyar/xiaomi-dafang-hacks](https://github.com/eliaskotlyar/xiaomi-dafang-hacks) Xiaomi DaFang Hacks / XiaoFang 1S / Wyzecam V2 / Wyzecam Pan / Other T20 Devices
- [**2432**Star][11d] [sobolevn/awesome-cryptography](https://github.com/sobolevn/awesome-cryptography) A curated list of cryptography resources and links.
- [**2432**Star][10d] [JS] [retirejs/retire.js](https://github.com/retirejs/retire.js) scanner detecting the use of JavaScript libraries with known vulnerabilities
- [**2432**Star][12d] [TeX] [crypto101/book](https://github.com/crypto101/book) Crypto 101, the introductory book on cryptography.
- [**2431**Star][4m] [security-onion-solutions/security-onion](https://github.com/security-onion-solutions/security-onion) Linux distro for threat hunting, enterprise security monitoring, and log management
- [**2431**Star][3y] [Py] [rootphantomer/blasting_dictionary](https://github.com/rootphantomer/blasting_dictionary) 爆破字典
- [**2431**Star][10d] [goq/telegram-list](https://github.com/goq/telegram-list) List of telegram groups, channels & bots // Список интересных групп, каналов и ботов телеграма // Список чатов для программистов
- [**2431**Star][10d] [getlantern/lantern-binaries](https://github.com/getlantern/lantern-binaries) Lantern installers binary downloads.
- [**2427**Star][7d] [Py] [novnc/websockify](https://github.com/novnc/websockify) Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. Implementations in Python, C, Node.js and Ruby.
- [**2413**Star][1y] [hack-with-github/free-security-ebooks](https://github.com/hack-with-github/free-security-ebooks) Free Security and Hacking eBooks
- [**2411**Star][12d] [Lua] [snabbco/snabb](https://github.com/snabbco/snabb) Simple and fast packet networking
- [**2407**Star][1y] [ObjC] [evgenykarkan/ekalgorithms](https://github.com/evgenykarkan/ekalgorithms) EKAlgorithms contains some well known CS algorithms & data structures.
- [**2406**Star][11d] [PHP] [kint-php/kint](https://github.com/kint-php/kint) a powerful and modern PHP debugging tool.
- [**2405**Star][10d] [Shell] [toniblyx/prowler](https://github.com/toniblyx/prowler) Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here
- [**2405**Star][14d] [OCaml] [facebookarchive/pfff](https://github.com/facebookarchive/pfff) Tools for code analysis, visualizations, or style-preserving source transformation.
- [**2397**Star][10d] [Py] [therook/subbrute](https://github.com/therook/subbrute) A DNS meta-query spider that enumerates DNS records, and subdomains.
- [**2396**Star][10d] [Py] [rll/rllab](https://github.com/rll/rllab) rllab is a framework for developing and evaluating reinforcement learning algorithms, fully compatible with OpenAI Gym.
- [**2396**Star][10d] [gbdev/awesome-gbdev](https://github.com/gbdev/awesome-gbdev) A curated list of Game Boy development resources such as tools, docs, emulators, related projects and open-source ROMs.
- [**2395**Star][10d] [C] [stlink-org/stlink](https://github.com/stlink-org/stlink) Open source STM32 MCU programming toolset
- [**2393**Star][10d] [Go] [google/mtail](https://github.com/google/mtail) extract whitebox monitoring data from application logs for collection in a timeseries database
- [**2391**Star][10m] [Go] [mlabouardy/komiser](https://github.com/mlabouardy/komiser) ：通过发现隐藏的成本，监控支出的增加，并根据客户的建议做出有影响的改变，保持在预算之下。
- [**2389**Star][10d] [Py] [lmacken/pyrasite](https://github.com/lmacken/pyrasite) Inject code into running Python processes
- [**2388**Star][2m] [C] [stefanesser/dumpdecrypted](https://github.com/stefanesser/dumpdecrypted) Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
- [**2388**Star][10d] [C] [armmbed/mbedtls](https://github.com/armmbed/mbedtls) An open source, portable, easy to use, readable and flexible SSL library
- [**2386**Star][10d] [JS] [dcodeio/bcrypt.js](https://github.com/dcodeio/bcrypt.js) Optimized bcrypt in plain JavaScript with zero dependencies.
- [**2386**Star][8d] [Shell] [pirate/wireguard-docs](https://github.com/pirate/wireguard-docs) 用于WireGuard的API参考指南，包括设置、配置和使用，以及示例。
- [**2386**Star][2y] [Py] [danmcinerney/lans.py](https://github.com/danmcinerney/lans.py) Inject code and spy on wifi users
- [**2385**Star][12d] [JS] [pedant/safe-java-js-webview-bridge](https://github.com/pedant/safe-java-js-webview-bridge) 为WebView中的Java与JavaScript提供【安全可靠】的多样互通方案
- [**2385**Star][10d] [Go] [projectdiscovery/subfinder](https://github.com/projectdiscovery/subfinder) Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
- [**2385**Star][10d] [JS] [talkingdata/inmap](https://github.com/talkingdata/inmap) 大数据地理可视化
- [**2367**Star][10d] [tylerha97/awesome-reversing](https://github.com/tylerha97/awesome-reversing) A curated list of awesome reversing resources
- [**2358**Star][8d] [Go] [vuvuzela/vuvuzela](https://github.com/vuvuzela/vuvuzela) Private messaging system that hides metadata
- [**2357**Star][10d] [Py] [pycqa/bandit](https://github.com/pycqa/bandit) find common security issues in Python code.
- [**2356**Star][1y] [microsoftedge/msedge](https://github.com/microsoftedge/msedge) Microsoft Edge
- [**2348**Star][11d] [Py] [elceef/dnstwist](https://github.com/elceef/dnstwist) Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
- [**2348**Star][10d] [C] [alexaltea/orbital](https://github.com/alexaltea/orbital) Experimental PlayStation 4 emulator
- [**2341**Star][10d] [Assembly] [pret/pokered](https://github.com/pret/pokered) disassembly of Pokémon Red/Blue
- [**2340**Star][3m] [C#] [dotnetcore/dotnetspider](https://github.com/dotnetcore/dotnetspider) DotnetSpider, a .NET Standard web crawling library. It is lightweight, efficient and fast high-level web crawling & scraping framework
- [**2335**Star][13d] [C] [abrasive/shairport](https://github.com/abrasive/shairport) Airtunes emulator! Shairport is no longer maintained.
- [**2333**Star][10d] [Go] [mmatczuk/go-http-tunnel](https://github.com/mmatczuk/go-http-tunnel) Fast and secure tunnels over HTTP/2
- [**2331**Star][11d] [dumb-password-rules/dumb-password-rules](https://github.com/dumb-password-rules/dumb-password-rules) Shaming sites with dumb password rules.
- [**2327**Star][10d] [JS] [jcubic/jquery.terminal](https://github.com/jcubic/jquery.terminal) jQuery Terminal Emulator - web based terminal
- [**2320**Star][10d] [Go] [solo-io/gloo](https://github.com/solo-io/gloo) The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
- [**2317**Star][3m] [C] [aurorawright/luma3ds](https://github.com/aurorawright/luma3ds) Noob-proof (N)3DS "Custom Firmware"
- [**2308**Star][10d] [swiftonsecurity/sysmon-config](https://github.com/swiftonsecurity/sysmon-config) Sysmon configuration file template with default high-quality event tracing
- [**2299**Star][3m] [C#] [hmbsbige/shadowsocksr-windows](https://github.com/hmbsbige/shadowsocksr-windows) ShadowsocksR for Windows
- [**2292**Star][12d] [Py] [commixproject/commix](https://github.com/commixproject/commix) Automated All-in-One OS command injection and exploitation tool.
- [**2285**Star][9m] [C#] [microsoft/git-credential-manager-for-windows](https://github.com/microsoft/git-credential-manager-for-windows) Secure Git credential storage for Windows with support for Visual Studio Team Services, GitHub, and Bitbucket multi-factor authentication.
- [**2280**Star][10d] [Go] [goodrain/rainbond](https://github.com/goodrain/rainbond) Enterprise Application System 
- [**2279**Star][11d] [Py] [datasploit/datasploit](https://github.com/DataSploit/datasploit) An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
- [**2278**Star][10d] [C++] [weidai11/cryptopp](https://github.com/weidai11/cryptopp) free C++ class library of cryptographic schemes
- [**2275**Star][11d] [PHP] [antonioribeiro/tracker](https://github.com/antonioribeiro/tracker) Tracker gathers a lot of information from your requests to identify and store
- [**2270**Star][3y] [Go] [mehrdadrad/mylg](https://github.com/mehrdadrad/mylg) Network Diagnostic Tool
- [**2269**Star][3y] [Java] [jackpal/android-terminal-emulator](https://github.com/jackpal/android-terminal-emulator) A VT-100 terminal emulator for the Android OS
- [**2269**Star][10d] [Py] [whaleshark-team/cobra](https://github.com/WhaleShark-Team/cobra) Source Code Security Audit (源代码安全审计)
- [**2266**Star][10d] [Py] [jinfagang/weibo_terminater](https://github.com/jinfagang/weibo_terminater) Final Weibo Crawler Scrap Anything From Weibo, comments, weibo contents, followers, anything. The Terminator
- [**2266**Star][12d] [Py] [scrapy-plugins/scrapy-splash](https://github.com/scrapy-plugins/scrapy-splash) Scrapy+Splash for JavaScript integration
- [**2263**Star][10d] [qazbnm456/awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc)  A curated list of CVE PoCs.
- [**2262**Star][10d] [exakat/php-static-analysis-tools](https://github.com/exakat/php-static-analysis-tools) A reviewed list of useful PHP static analysis tools
- [**2262**Star][5m] [JS] [cure53/h5sc](https://github.com/cure53/h5sc) HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
- [**2261**Star][10d] [Go] [projectcontour/contour](https://github.com/projectcontour/contour) Contour is a Kubernetes ingress controller using Lyft's Envoy proxy.
- [**2260**Star][3m] [hmaverickadams/beginner-network-pentesting](https://github.com/hmaverickadams/beginner-network-pentesting) Notes for Beginner Network Pentesting Course
- [**2259**Star][11d] [Rust] [ebtech/rust-algorithms](https://github.com/ebtech/rust-algorithms) Common data structures and algorithms in Rust
- [**2259**Star][3m] [selierlin/share-ssr-v2ray](https://github.com/selierlin/share-ssr-v2ray) 解决科学上网问题
- [**2245**Star][11d] [C++] [maestron/botnets](https://github.com/maestron/botnets) This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
- [**2244**Star][12d] [HTML] [kjur/jsrsasign](https://github.com/kjur/jsrsasign) The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token in pure JavaScript.
- [**2243**Star][8d] [PHP] [serghey-rodin/vesta](https://github.com/serghey-rodin/vesta) VESTA Control Panel
- [**2242**Star][4m] [HTML] [gtfobins/gtfobins.github.io](https://github.com/gtfobins/gtfobins.github.io) Curated list of Unix binaries that can be exploited to bypass system security restrictions
- [**2240**Star][11d] [Go] [shiyanhui/dht](https://github.com/shiyanhui/dht) BitTorrent DHT Protocol && DHT Spider.
- [**2240**Star][5y] [Go] [filosottile/heartbleed](https://github.com/filosottile/heartbleed) A checker (site and tool) for CVE-2014-0160
- [**2240**Star][10d] [Go] [eth0izzle/shhgit](https://github.com/eth0izzle/shhgit) Find GitHub secrets in real time
- [**2238**Star][10d] [C] [flatpak/flatpak](https://github.com/flatpak/flatpak) Linux application sandboxing and distribution framework
- [**2236**Star][3m] [Java] [elderdrivers/edxposed](https://github.com/elderdrivers/edxposed) Elder driver Xposed Framework.
- [**2231**Star][12d] [JS] [emadehsan/thal](https://github.com/emadehsan/thal) Getting started with Puppeteer and Chrome Headless for Web Scraping
- [**2230**Star][12d] [PHP] [jeremykenedy/laravel-auth](https://github.com/jeremykenedy/laravel-auth) Laravel 7 with user authentication, registration with email confirmation, social media authentication, password recovery, and captcha protection. Uses offical [Bootstrap 4](
- [**2230**Star][5m] [infoslack/awesome-web-hacking](https://github.com/infoslack/awesome-web-hacking) A list of web application security
- [**2228**Star][10d] [Py] [xuefenghuang/lianjia-scrawler](https://github.com/xuefenghuang/lianjia-scrawler) 链家二手房租房在线数据，存量房交易服务平台数据，详细数据分析教程
- [**2220**Star][4m] [Py] [fortynorthsecurity/eyewitness](https://github.com/FortyNorthSecurity/EyeWitness) EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
- [**2220**Star][10d] [C++] [codebutler/firesheep](https://github.com/codebutler/firesheep) A Firefox extension that demonstrates HTTP session hijacking attacks.
- [**2218**Star][11d] [ObjC] [ios-control/ios-deploy](https://github.com/ios-control/ios-deploy) Install and debug iPhone apps from the command line, without using Xcode
- [**2218**Star][12d] [C] [cleanflight/cleanflight](https://github.com/cleanflight/cleanflight) Clean-code version of the baseflight flight controller firmware
- [**2215**Star][12d] [Shell] [foospidy/payloads](https://github.com/foospidy/payloads) Git All the Payloads! A collection of web attack payloads.
- [**2209**Star][10d] [Py] [bisguzar/twitter-scraper](https://github.com/bisguzar/twitter-scraper) Scrape the Twitter Frontend API without authentication.
- [**2209**Star][4m] [Py] [trustedsec/unicorn](https://github.com/trustedsec/unicorn) Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
- [**2207**Star][12d] [C] [yarrick/pingfs](https://github.com/yarrick/pingfs) Stores your data in ICMP ping packets
- [**2207**Star][11d] [Go] [theupdateframework/notary](https://github.com/theupdateframework/notary) Notary is a project that allows anyone to have trust over arbitrary collections of data
- [**2207**Star][7d] [Py] [derv82/wifite2](https://github.com/derv82/wifite2) Rewrite of the popular wireless network auditor, "wifite"
- [**2205**Star][11d] [Go] [ullaakut/cameradar](https://github.com/Ullaakut/cameradar) Cameradar hacks its way into RTSP videosurveillance cameras
- [**2204**Star][11d] [Java] [alibaba/alink](https://github.com/alibaba/alink) Alink is the Machine Learning algorithm platform based on Flink, developed by the PAI team of Alibaba computing platform.
- [**2203**Star][4m] [Ruby] [urbanadventurer/whatweb](https://github.com/urbanadventurer/whatweb) Next generation web scanner
- [**2201**Star][10d] [djadmin/awesome-bug-bounty](https://github.com/djadmin/awesome-bug-bounty) A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
- [**2191**Star][8d] [JS] [secgroundzero/warberry](https://github.com/secgroundzero/warberry) WarBerryPi - Tactical Exploitation
- [**2190**Star][2m] [C++] [lordnoteworthy/al-khaser](https://github.com/lordnoteworthy/al-khaser) Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- [**2189**Star][1y] [jermic/android-crack-tool](https://github.com/jermic/android-crack-tool) Android-Crack-Tool For Mac
- [**2186**Star][9d] [Py] [aoncyberlabs/windows-exploit-suggester](https://github.com/AonCyberLabs/Windows-Exploit-Suggester) compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target
- [**2186**Star][15d] [C] [conorpp/u2f-zero](https://github.com/conorpp/u2f-zero) U2F USB token optimized for physical security, affordability, and style
- [**2184**Star][11d] [Java] [google/wycheproof](https://github.com/google/wycheproof) Project Wycheproof tests crypto libraries against known attacks.
- [**2184**Star][3y] [enddo/awesome-windows-exploitation](https://github.com/enddo/awesome-windows-exploitation) A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
- [**2182**Star][4m] [Py] [jonathansalwan/ropgadget](https://github.com/jonathansalwan/ropgadget) search your gadgets on your binaries to facilitate your ROP exploitation. supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
- [**2177**Star][10d] [Shell] [arismelachroinos/lscript](https://github.com/arismelachroinos/lscript) The LAZY script will make your life easier, and of course faster.
- [**2176**Star][3m] [Py] [sensepost/objection](https://github.com/sensepost/objection)  runtimemobile exploration
- [**2176**Star][2y] [Py] [rub-nds/pret](https://github.com/rub-nds/pret) Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
- [**2174**Star][3m] [yeahhub/hacking-security-ebooks](https://github.com/yeahhub/hacking-security-ebooks) Top 100 Hacking & Security E-Books (Free Download)
- [**2174**Star][10d] [Assembly] [dwelch67/raspberrypi](https://github.com/dwelch67/raspberrypi) Raspberry Pi ARM based bare metal examples
- [**2173**Star][11d] [Go] [jetstack/kube-lego](https://github.com/jetstack/kube-lego) Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
- [**2172**Star][10d] [Py] [nabla-c0d3/sslyze](https://github.com/nabla-c0d3/sslyze) Fast and powerful SSL/TLS scanning library.
- [**2172**Star][4m] [JS] [iam4x/pokemongo-webspoof](https://github.com/iam4x/pokemongo-webspoof) Spoof your iOS device GPS location for Pokémon Go
- [**2170**Star][11d] [Py] [aquasecurity/kube-hunter](https://github.com/aquasecurity/kube-hunter) Hunt for security weaknesses in Kubernetes clusters
- [**2169**Star][11d] [Py] [fsecurelabs/drozer](https://github.com/FSecureLABS/drozer) The Leading Security Assessment Framework for Android.
- [**2167**Star][10d] [C++] [lloyd/node-memwatch](https://github.com/lloyd/node-memwatch) A NodeJS library to keep an eye on your memory usage, and discover and isolate leaks.
- [**2164**Star][1y] [Py] [linkedin/qark](https://github.com/linkedin/qark) Tool to look for several security related Android application vulnerabilities
- [**2157**Star][10d] [Py] [calebmadrigal/trackerjacker](https://github.com/calebmadrigal/trackerjacker) Like nmap for mapping wifi networks you're not connected to, plus device tracking
- [**2155**Star][10d] [C] [shadowsocks/simple-obfs](https://github.com/shadowsocks/simple-obfs) A simple obfuscating tool (Deprecated)
- [**2154**Star][10d] [C] [merbanan/rtl_433](https://github.com/merbanan/rtl_433) Program to decode radio transmissions from devices on the ISM bands (and other frequencies)
- [**2154**Star][11d] [C++] [asmjit/asmjit](https://github.com/asmjit/asmjit) Complete x86/x64 JIT and AOT Assembler for C++
- [**2152**Star][7y] [Ruby] [plamoni/siriproxy](https://github.com/plamoni/siriproxy) A (tampering) proxy server for Apple's Siri
- [**2152**Star][10d] [Java] [andotp/andotp](https://github.com/andotp/andotp) Open source two-factor authentication for Android
- [**2149**Star][10d] [C++] [openthread/openthread](https://github.com/openthread/openthread) OpenThread released by Google is an open-source implementation of the Thread networking protocol
- [**2148**Star][2y] [bluscreenofjeff/red-team-infrastructure-wiki](https://github.com/bluscreenofjeff/red-team-infrastructure-wiki) Wiki to collect Red Team infrastructure hardening resources
- [**2146**Star][13d] [Ruby] [mojombo/god](https://github.com/mojombo/god) Ruby process monitor
- [**2145**Star][11d] [C] [fragglet/c-algorithms](https://github.com/fragglet/c-algorithms) A library of common data structures and algorithms written in C.
- [**2144**Star][3m] [Rust] [indygreg/pyoxidizer](https://github.com/indygreg/pyoxidizer) A modern Python application packaging and distribution tool
- [**2143**Star][1y] [TS] [loiane/javascript-datastructures-algorithms](https://github.com/loiane/javascript-datastructures-algorithms) 
- [**2142**Star][10d] [C++] [xoseperez/espurna](https://github.com/xoseperez/espurna) Home automation firmware for ESP8266-based devices
- [**2138**Star][11d] [Py] [dlitz/pycrypto](https://github.com/dlitz/pycrypto) The Python Cryptography Toolkit
- [**2136**Star][10d] [Py] [thekingofduck/fuzzdicts](https://github.com/thekingofduck/fuzzdicts) Web Pentesting Fuzz 字典,一个就够了。
- [**2133**Star][10d] [C++] [pytorch/glow](https://github.com/pytorch/glow) Compiler for Neural Network hardware accelerators
- [**2132**Star][10d] [Go] [mosn/mosn](https://github.com/mosn/mosn) MOSN is a cloud native proxy for edge or service mesh.
- [**2132**Star][6m] [C++] [darthton/blackbone](https://github.com/darthton/blackbone) Windows memory hacking library
- [**2131**Star][4m] [C] [wireguard/wireguard-monolithic-historical](https://github.com/WireGuard/wireguard-monolithic-historical) fast, modern, secure kernel VPN tunnel
- [**2129**Star][6m] [Swift] [krzysztofzablocki/lifetimetracker](https://github.com/krzysztofzablocki/lifetimetracker) Find retain cycles / memory leaks sooner.
- [**2129**Star][10d] [Go] [google/trillian](https://github.com/google/trillian) A transparent, highly scalable and cryptographically verifiable data store.
- [**2128**Star][11d] [Py] [nixawk/pentest-wiki](https://github.com/nixawk/pentest-wiki) PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
- [**2128**Star][2m] [Go] [mpolden/echoip](https://github.com/mpolden/echoip) IP address lookup service
- [**2126**Star][3m] [Java] [jeremylong/dependencycheck](https://github.com/jeremylong/dependencycheck) OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
- [**2124**Star][10d] [Py] [momosecurity/aswan](https://github.com/momosecurity/aswan) 陌陌风控系统静态规则引擎，零基础简易便捷的配置多种复杂规则，实时高效管控用户异常行为。
- [**2117**Star][10d] [C] [darkk/redsocks](https://github.com/darkk/redsocks) transparent TCP-to-proxy redirector
- [**2116**Star][12d] [Java] [tdebatty/java-string-similarity](https://github.com/tdebatty/java-string-similarity) Implementation of various string similarity and distance algorithms: Levenshtein, Jaro-winkler, n-Gram, Q-Gram, Jaccard index, Longest Common Subsequence edit distance, cosine similarity ...
- [**2116**Star][10d] [Go] [gdamore/tcell](https://github.com/gdamore/tcell) Tcell is an alternate terminal package, similar in some ways to termbox, but better in others.
- [**2115**Star][11d] [YARA] [yara-rules/rules](https://github.com/yara-rules/rules) Repository of yara rules
- [**2113**Star][11d] [obfuscator-llvm/obfuscator](https://github.com/obfuscator-llvm/obfuscator) Obfuscator-LLVM 
- [**2112**Star][4m] [tanprathan/mobileapp-pentest-cheatsheet](https://github.com/tanprathan/mobileapp-pentest-cheatsheet) The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
- [**2112**Star][10d] [Go] [bitnami-labs/sealed-secrets](https://github.com/bitnami-labs/sealed-secrets) A Kubernetes controller and tool for one-way encrypted Secrets
- [**2111**Star][7d] [Go] [maxmcd/webtty](https://github.com/maxmcd/webtty) Share a terminal session over WebRTC
- [**2109**Star][10d] [C] [ralim/ts100](https://github.com/ralim/ts100) The Feature Packed Alternate Open Source firmware for the TS100 iron by miniware.
- [**2108**Star][4m] [Go] [projectdiscovery/subfinder](https://github.com/projectdiscovery/subfinder) a subdomain discovery tool that discovers valid subdomains for websites
        <details>
        <summary>View Details</summary>


        ## Misc
        - 纯被动
        - stdin/stdout，集成到工作流
        
        ## 安装
        - `go get -v github.com/projectdiscovery/subfinder/cmd/subfinder`
        - `go get -u -v github.com/projectdiscovery/subfinder/cmd/subfinder` : 更新
        </details>


- [**2107**Star][9d] [TS] [microsoft/vscode-react-native](https://github.com/microsoft/vscode-react-native) VSCode extension for React Native - supports debugging and editor integration
- [**2106**Star][10d] [C] [tinyproxy/tinyproxy](https://github.com/tinyproxy/tinyproxy) a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
- [**2103**Star][4m] [Py] [welliamcao/opsmanage](https://github.com/welliamcao/opsmanage) 自动化运维平台: 代码及应用部署CI/CD、资产管理CMDB、计划任务管理平台、SQL审核|回滚、任务调度、站内WIKI
- [**2103**Star][11d] [Py] [cea-sec/miasm](https://github.com/cea-sec/miasm) Reverse engineering framework in Python
- [**2102**Star][10d] [C] [hashcat/hashcat-legacy](https://github.com/hashcat/hashcat-legacy) Advanced CPU-based password recovery utility
- [**2100**Star][10d] [Py] [hunters-forge/threathunter-playbook](https://github.com/hunters-forge/ThreatHunter-Playbook) A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
- [**2091**Star][11d] [Java] [jindrapetrik/jpexs-decompiler](https://github.com/jindrapetrik/jpexs-decompiler) JPEXS Free Flash Decompiler
- [**2091**Star][4m] [Py] [j3ssie/osmedeus](https://github.com/j3ssie/osmedeus) Fully automated offensive security framework for reconnaissance and vulnerability scanning
- [**2090**Star][5m] [C] [dekunukem/nintendo_switch_reverse_engineering](https://github.com/dekunukem/nintendo_switch_reverse_engineering) A look at inner workings of Joycon and Nintendo Switch
- [**2086**Star][5m] [infosecn1nja/ad-attack-defense](https://github.com/infosecn1nja/ad-attack-defense) Attack and defend active directory using modern post exploitation adversary tradecraft activity
- [**2085**Star][10d] [C] [ntop/ndpi](https://github.com/ntop/ndpi) Open Source Deep Packet Inspection Software Toolkit
- [**2083**Star][10d] [Go] [ffuf/ffuf](https://github.com/ffuf/ffuf) Fast web fuzzer written in Go
- [**2081**Star][2y] [BitBake] [1n3/intruderpayloads](https://github.com/1n3/intruderpayloads) A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
- [**2078**Star][12d] [toolswatch/blackhat-arsenal-tools](https://github.com/toolswatch/blackhat-arsenal-tools) Official Black Hat Arsenal Security Tools Repository
- [**2065**Star][2y] [Py] [derv82/wifite](https://github.com/derv82/wifite) an automated wireless attack tool.
- [**2064**Star][4m] [C#] [lucasg/dependencies](https://github.com/lucasg/dependencies) A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
- [**2060**Star][10d] [C++] [wrbug/dumpdex](https://github.com/wrbug/dumpdex) Android unpack
- [**2058**Star][11d] [C++] [powerdns/pdns](https://github.com/powerdns/pdns) PowerDNS Authoritative, PowerDNS Recursor, dnsdist
- [**2057**Star][9d] [C] [minhaskamal/creepycodecollection](https://github.com/minhaskamal/creepycodecollection) A Nonsense Collection of Disgusting Codes (quine-polyglot-code-golf-obfuscated-signature-creepy-codes-mandelbrot-esoteric-language-esoteric-programming-strange-golfing-spooky-weird)
- [**2052**Star][4m] [C++] [mhammond/pywin32](https://github.com/mhammond/pywin32) Python for Windows (pywin32) Extensions
- [**2049**Star][10d] [Py] [scrapy/scrapyd](https://github.com/scrapy/scrapyd) A service daemon to run Scrapy spiders
- [**2049**Star][10m] [HTML] [nikolait/googlescraper](https://github.com/nikolait/googlescraper) A Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, ...). Including asynchronous networking support.
- [**2048**Star][12d] [Go] [floyernick/data-structures-and-algorithms](https://github.com/floyernick/data-structures-and-algorithms) Data Structures and Algorithms implementation in Go
- [**2048**Star][10d] [dloss/python-pentest-tools](https://github.com/dloss/python-pentest-tools) Python tools for penetration testers
- [**2047**Star][12d] [C] [xoreaxeaxeax/rosenbridge](https://github.com/xoreaxeaxeax/rosenbridge) Hardware backdoors in some x86 CPUs
- [**2047**Star][4m] [Jupyter Notebook] [cyb3rward0g/helk](https://github.com/cyb3rward0g/helk) The Hunting ELK
- [**2045**Star][11d] [Java] [adoptopenjdk/jitwatch](https://github.com/adoptopenjdk/jitwatch) Log analyser / visualiser for Java HotSpot JIT compiler. Inspect inlining decisions, hot methods, bytecode, and assembly. View results in the JavaFX user interface.
- [**2039**Star][4m] [Go] [xiaoming2028/freepac](https://github.com/xiaoming2028/freepac) 科学上网/梯子/自由上网/翻墙 SS/SSR/V2Ray/Brook 搭建教程
- [**2038**Star][11d] [jadagates/shadowsocksbio](https://github.com/jadagates/shadowsocksbio) 记录一下SS的前世今生，以及一个简单的教程总结
- [**2036**Star][13d] [Go] [skynetservices/skydns](https://github.com/skynetservices/skydns) DNS service discovery for etcd
- [**2032**Star][10d] [Lua] [vulnerscom/nmap-vulners](https://github.com/vulnerscom/nmap-vulners) NSE script based on Vulners.com API
- [**2032**Star][3y] [Swift] [urinx/iosapphook](https://github.com/urinx/iosapphook) 专注于非越狱环境下iOS应用逆向研究，从dylib注入，应用重签名到App Hook
- [**2029**Star][5y] [CoffeeScript] [shadowsocks/shadowsocks-gui](https://github.com/shadowsocks/shadowsocks-gui) Shadowsocks GUI client
- [**2028**Star][10d] [JS] [ghacksuserjs/ghacks-user.js](https://github.com/ghacksuserjs/ghacks-user.js) An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
- [**2024**Star][11d] [PHP] [symfony/panther](https://github.com/symfony/panther) A browser testing and web crawling library for PHP and Symfony
- [**2023**Star][4m] [C] [adaway/adaway](https://github.com/adaway/adaway) AdAway is an open source ad blocker for Android using the hosts file.
- [**2022**Star][6m] [Swift] [github/softu2f](https://github.com/github/softu2f) Software U2F authenticator for macOS
- [**2021**Star][3m] [Perl] [spiderlabs/owasp-modsecurity-crs](https://github.com/spiderlabs/owasp-modsecurity-crs) OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
- [**2021**Star][10d] [C] [kevinoconnor/klipper](https://github.com/kevinoconnor/klipper) Klipper is a 3d-printer firmware
- [**2019**Star][10d] [C] [chipsec/chipsec](https://github.com/chipsec/chipsec) Platform Security Assessment Framework
- [**2018**Star][7d] [PHP] [jae-jae/querylist](https://github.com/jae-jae/querylist) 
- [**2016**Star][10d] [Go] [yahoo/gryffin](https://github.com/yahoo/gryffin) Gryffin is a large scale web security scanning platform.
- [**2016**Star][11d] [C] [mgba-emu/mgba](https://github.com/mgba-emu/mgba) mGBA Game Boy Advance Emulator
- [**2015**Star][10d] [TS] [snyk/snyk](https://github.com/snyk/snyk) CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
- [**2014**Star][10d] [Py] [minimaxir/facebook-page-post-scraper](https://github.com/minimaxir/facebook-page-post-scraper) Data scraper for Facebook Pages, and also code accompanying the blog post How to Scrape Data From Facebook Page Posts for Statistical Analysis
- [**2011**Star][4m] [JS] [thealgorithms/javascript](https://github.com/thealgorithms/javascript) A repository for All algorithms implemented in Javascript (for educational purposes only)
- [**2006**Star][10d] [Go] [minishift/minishift](https://github.com/minishift/minishift) Run OpenShift 3.x locally
- [**2004**Star][8d] [Py] [gerapy/gerapy](https://github.com/gerapy/gerapy) Distributed Crawler Management Framework Based on Scrapy, Scrapyd, Django and Vue.js
- [**2004**Star][10d] [C] [probablycorey/wax](https://github.com/probablycorey/wax) Wax is now being maintained by alibaba
- [**2003**Star][6m] [olivierlaflamme/cheatsheet-god](https://github.com/olivierlaflamme/cheatsheet-god) Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
- [**2002**Star][10d] [ngalongc/bug-bounty-reference](https://github.com/ngalongc/bug-bounty-reference) Inspired by
- [**2002**Star][3m] [Java] [kyson/androidgodeye](https://github.com/kyson/androidgodeye) A performance monitor tool , like "Android Studio profiler" for Android , you can easily monitor the performance of your app real time in pc browser
- [**1994**Star][5m] [C++] [acidanthera/lilu](https://github.com/acidanthera/Lilu) Arbitrary kext and process patching on macOS
- [**1992**Star][10d] [coreb1t/awesome-pentest-cheat-sheets](https://github.com/coreb1t/awesome-pentest-cheat-sheets) Collection of the cheat sheets useful for pentesting
- [**1990**Star][10d] [Java] [tiann/epic](https://github.com/tiann/epic) Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
- [**1988**Star][10d] [Py] [lanbing510/doubanspider](https://github.com/lanbing510/doubanspider) 豆瓣读书的爬虫
- [**1987**Star][3m] [Go] [zalando/skipper](https://github.com/zalando/skipper) An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress
- [**1987**Star][12m] [Java] [fuzion24/justtrustme](https://github.com/fuzion24/justtrustme) An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
- [**1987**Star][11d] [C] [cesanta/mongoose-os](https://github.com/cesanta/mongoose-os) Mongoose OS - an IoT Firmware Development Framework. Supported microcontrollers: ESP32, ESP8266, CC3220, CC3200, STM32F4, STM32L4, STM32F7. Amazon AWS IoT, Microsoft Azure, Google IoT Core integrated. Code in C or JavaScript.
- [**1985**Star][2y] [Py] [dormymo/spiderkeeper](https://github.com/dormymo/spiderkeeper) admin ui for scrapy/open source scrapinghub
- [**1983**Star][11d] [C++] [tum-vision/lsd_slam](https://github.com/tum-vision/lsd_slam) LSD-SLAM
- [**1979**Star][10d] [17mon/china_ip_list](https://github.com/17mon/china_ip_list) IPList for China by IPIP.NET
- [**1976**Star][5y] [Py] [ziggear/shadowsocks](https://github.com/ziggear/shadowsocks) backup of https://github.com/shadowsocks/shadowsocks
- [**1976**Star][6m] [Py] [lanjelot/patator](https://github.com/lanjelot/patator) Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
- [**1975**Star][10d] [JS] [robinmoisson/staticrypt](https://github.com/robinmoisson/staticrypt) Password protect a static HTML page
- [**1975**Star][10d] [Py] [gaojiuli/gain](https://github.com/gaojiuli/gain) Web crawling framework based on asyncio.
- [**1974**Star][5m] [C] [microsoft/procdump-for-linux](https://github.com/microsoft/procdump-for-linux) A Linux version of the ProcDump Sysinternals tool
- [**1971**Star][10d] [PS] [fireeye/flare-vm](https://github.com/fireeye/flare-vm) FireEye Labs Advanced Reverse Engineering
- [**1969**Star][10d] [rmerl/asuswrt-merlin.ng](https://github.com/rmerl/asuswrt-merlin.ng) Third party firmware for Asus routers (newer codebase)
- [**1967**Star][3y] [C#] [lazocoder/windows-hacks](https://github.com/lazocoder/windows-hacks) Creative and unusual things that can be done with the Windows API.
- [**1966**Star][11d] [Go] [hyperhq/hyperd](https://github.com/hyperhq/hyperd) HyperContainer Daemon
- [**1963**Star][10d] [Py] [lijiejie/subdomainsbrute](https://github.com/lijiejie/subdomainsbrute) A fast sub domain brute tool for pentesters
- [**1963**Star][10d] [Shell] [leebaird/discover](https://github.com/leebaird/discover) Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
- [**1960**Star][10d] [JS] [weichiachang/stacks-cli](https://github.com/weichiachang/stacks-cli) Check website stack from the terminal
- [**1960**Star][10d] [Py] [anorov/cloudflare-scrape](https://github.com/anorov/cloudflare-scrape) A Python module to bypass Cloudflare's anti-bot page.
- [**1959**Star][10d] [Py] [jinnlynn/genpac](https://github.com/jinnlynn/genpac) PAC/Dnsmasq/Wingy file Generator, working with gfwlist, support custom rules.
- [**1956**Star][13d] [JS] [diafygi/gethttpsforfree](https://github.com/diafygi/gethttpsforfree) Source code for
- [**1955**Star][1y] [C++] [facebookresearch/elf](https://github.com/facebookresearch/elf) An End-To-End, Lightweight and Flexible Platform for Game Research
- [**1954**Star][10d] [Py] [python-security/pyt](https://github.com/python-security/pyt) A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
- [**1953**Star][11d] [C++] [iagox86/dnscat2](https://github.com/iagox86/dnscat2) create an encrypted command-and-control (C&C) channel over the DNS protocol, which is an effective tunnel out of almost every network.
- [**1953**Star][13d] [C++] [googlecreativelab/open-nsynth-super](https://github.com/googlecreativelab/open-nsynth-super) Open NSynth Super is an experimental physical interface for the NSynth algorithm
- [**1941**Star][10d] [Py] [pwnlandia/mhn](https://github.com/pwnlandia/mhn) Modern Honey Network
- [**1940**Star][11d] [TS] [rangle/augury](https://github.com/rangle/augury) Angular Debugging and Visualization Tools
- [**1937**Star][10d] [Py] [trailofbits/manticore](https://github.com/trailofbits/manticore) Symbolic execution tool
- [**1937**Star][2y] [Py] [aploium/zmirror](https://github.com/aploium/zmirror) an http reverse proxy designed to automatically and completely mirror a website (such as google), support cache and CDN
- [**1933**Star][10d] [C] [ntop/n2n](https://github.com/ntop/n2n) Peer-to-peer VPN
- [**1931**Star][12d] [C] [retroplasma/earth-reverse-engineering](https://github.com/retroplasma/earth-reverse-engineering) Reversing Google's 3D satellite mode
- [**1930**Star][11d] [Py] [lorien/grab](https://github.com/lorien/grab) Web Scraping Framework
- [**1928**Star][10d] [onethawt/idaplugins-list](https://github.com/onethawt/idaplugins-list) A list of IDA Plugins
- [**1927**Star][12d] [JS] [coreybutler/node-windows](https://github.com/coreybutler/node-windows) Windows support for Node.JS scripts (daemons, eventlog, UAC, etc).
- [**1926**Star][7d] [HTML] [sprov065/v2-ui](https://github.com/sprov065/v2-ui) 支持多协议多用户的 v2ray 面板，Support multi-protocol multi-user v2ray panel
- [**1925**Star][3m] [PHP] [phpmetrics/phpmetrics](https://github.com/phpmetrics/PhpMetrics) Static analysis tool for PHP
- [**1923**Star][11d] [C] [schwabe/ics-openvpn](https://github.com/schwabe/ics-openvpn) OpenVPN for Android
- [**1923**Star][3m] [Py] [mozilla/mozdef](https://github.com/mozilla/mozdef) Mozilla Enterprise Defense Platform
- [**1920**Star][10d] [Java] [xtuhcy/gecco](https://github.com/xtuhcy/gecco) Easy to use lightweight web crawler
- [**1915**Star][3m] [bypass007/emergency-response-notes](https://github.com/bypass007/emergency-response-notes) 应急响应实战笔记，一个安全工程师的自我修养。
- [**1910**Star][11d] [Assembly] [pooler/cpuminer](https://github.com/pooler/cpuminer) CPU miner for Litecoin and Bitcoin
- [**1908**Star][10d] [dsasmblr/game-hacking](https://github.com/dsasmblr/game-hacking) Tutorials, tools, and more as related to reverse engineering video games.
- [**1900**Star][6m] [Shell] [x2on/openssl-for-iphone](https://github.com/x2on/openssl-for-iphone) A script for compiling OpenSSL for iOS Devices (iPhone, iPad, iPod Touch, AppleTV, MacCatalyst)
- [**1900**Star][4m] [Py] [veil-framework/veil](https://github.com/veil-framework/veil) generate metasploit payloads that bypass common anti-virus solutions
- [**1899**Star][15d] [C] [github/glb-director](https://github.com/github/glb-director) GitHub Load Balancer Director and supporting tooling.
- [**1898**Star][10d] [Java] [trojan-gfw/igniter](https://github.com/trojan-gfw/igniter) A trojan client for Android (UNDER CONSTRUCTION).
- [**1897**Star][10d] [Go] [influxdata/kapacitor](https://github.com/influxdata/kapacitor) Open source framework for processing, monitoring, and alerting on time series data
- [**1897**Star][23d] [JS] [florianheinemann/passwordless](https://github.com/florianheinemann/passwordless) node.js/express module to authenticate users without password
- [**1896**Star][3m] [sirredbeard/awesome-wsl](https://github.com/sirredbeard/awesome-wsl) Awesome list dedicated to Windows Subsystem for Linux
- [**1893**Star][10d] [Go] [eolinker/goku-api-gateway](https://github.com/eolinker/goku-api-gateway) A Powerful HTTP API Gateway in pure golang！Goku API Gateway 
- [**1892**Star][10d] [R] [briatte/awesome-network-analysis](https://github.com/briatte/awesome-network-analysis) A curated list of awesome network analysis resources.
- [**1889**Star][9d] [Java] [nekocode/camerafilter](https://github.com/nekocode/camerafilter) Realtime camera filters. Process frames by OpenGL shaders.
- [**1887**Star][5m] [Py] [lgandx/responder](https://github.com/lgandx/responder) a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
- [**1887**Star][8d] [Py] [ctfs/write-ups-2017](https://github.com/ctfs/write-ups-2017) Wiki-like CTF write-ups repository, maintained by the community. 2017
- [**1886**Star][4m] [Java] [ict-bda/easyml](https://github.com/ict-bda/easyml) Easy Machine Learning is a general-purpose dataflow-based system for easing the process of applying machine learning algorithms to real world tasks.
- [**1885**Star][4m] [PHP] [bartblaze/php-backdoors](https://github.com/bartblaze/php-backdoors) A collection of PHP backdoors. For educational or testing purposes only.
- [**1882**Star][10d] [PHP] [c0ny1/upload-labs](https://github.com/c0ny1/upload-labs) 一个帮你总结所有类型的上传漏洞的靶场
- [**1879**Star][4m] [Java] [yeriomin/yalpstore](https://github.com/yeriomin/yalpstore) Download apks from Google Play Store
- [**1876**Star][11d] [CSS] [ctfs/write-ups-2015](https://github.com/ctfs/write-ups-2015) Wiki-like CTF write-ups repository, maintained by the community. 2015
- [**1873**Star][8d] [Py] [yandex/yandex-tank](https://github.com/yandex/yandex-tank) Load and performance benchmark tool
- [**1871**Star][11d] [C] [jeelabs/esp-link](https://github.com/jeelabs/esp-link) esp8266 wifi-serial bridge, outbound TCP, and arduino/AVR/LPC/NXP programmer
- [**1869**Star][10d] [Py] [netflix-skunkworks/stethoscope](https://github.com/Netflix-Skunkworks/stethoscope) Personalized, user-focused recommendations for employee information security.
- [**1869**Star][4y] [Java] [chora10/cknife](https://github.com/chora10/cknife) Cknife
- [**1868**Star][10d] [Java] [angryip/ipscan](https://github.com/angryip/ipscan) Angry IP Scanner - fast and friendly network scanner
- [**1867**Star][5y] [ObjC] [xcodeghostsource/xcodeghost](https://github.com/xcodeghostsource/xcodeghost) "XcodeGhost" Source
- [**1866**Star][10d] [Py] [boppreh/keyboard](https://github.com/boppreh/keyboard) Hook and simulate global keyboard events on Windows and Linux.
- [**1865**Star][11d] [Go] [puerkitobio/gocrawl](https://github.com/puerkitobio/gocrawl) Polite, slim and concurrent web crawler.
- [**1865**Star][10d] [C] [google/honggfuzz](https://github.com/google/honggfuzz) Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
- [**1865**Star][11d] [PHP] [ezyang/htmlpurifier](https://github.com/ezyang/htmlpurifier) Standards compliant HTML filter written in PHP
- [**1859**Star][10d] [Swift] [rhummelmose/bluetoothkit](https://github.com/rhummelmose/bluetoothkit) Easily communicate between iOS/OSX devices using BLE
- [**1857**Star][10d] [Py] [guelfoweb/knock](https://github.com/guelfoweb/knock) Knock Subdomain Scan
- [**1853**Star][11d] [Py] [ehco1996/django-sspanel](https://github.com/ehco1996/django-sspanel) 用diango开发的shadowsocks/V2ray面板
- [**1853**Star][11d] [C++] [apitrace/apitrace](https://github.com/apitrace/apitrace) Tools for tracing OpenGL, Direct3D, and other graphics APIs
- [**1849**Star][10d] [Java] [spotbugs/spotbugs](https://github.com/spotbugs/spotbugs) SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
- [**1847**Star][10d] [JS] [expressjs/csurf](https://github.com/expressjs/csurf) CSRF token middleware
- [**1846**Star][2m] [Shell] [ttlequals0/autovpn](https://github.com/ttlequals0/autovpn) Create On Demand Disposable OpenVPN Endpoints on AWS.
- [**1845**Star][11d] [JS] [ziv-barber/officegen](https://github.com/ziv-barber/officegen) Standalone Office Open XML files (Microsoft Office 2007 and later) generator for Word (docx), PowerPoint (pptx) and Excell (xlsx) in javascript. The output is a stream.
- [**1843**Star][10d] [C] [ufrisk/pcileech](https://github.com/ufrisk/pcileech) Direct Memory Access (DMA) Attack Software
- [**1841**Star][3m] [Go] [mosn/mosn](https://github.com/mosn/mosn) MOSN is a cloud native proxy for edge or service mesh.
- [**1841**Star][10d] [CSS] [b374k/b374k](https://github.com/b374k/b374k)  a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc.
- [**1840**Star][10d] [Py] [pdfminer/pdfminer.six](https://github.com/pdfminer/pdfminer.six) Community maintained fork of pdfminer
- [**1839**Star][12d] [JS] [puppeteer/examples](https://github.com/puppeteer/examples) Use case-driven examples for using Puppeteer and headless chrome
- [**1837**Star][2y] [Py] [nyloner/nyspider](https://github.com/nyloner/nyspider) 各种爬虫
- [**1833**Star][10d] [C] [ctcaer/hekate](https://github.com/ctcaer/hekate) Nintendo Switch Bootloader - CTCaer mod
- [**1832**Star][11d] [sarojaba/awesome-devblog](https://github.com/sarojaba/awesome-devblog) Awesome Devblog
- [**1832**Star][12d] [Go] [golang/crypto](https://github.com/golang/crypto) [mirror] Go supplementary cryptography libraries
- [**1831**Star][2y] [aozhimin/ios-monitor-platform](https://github.com/aozhimin/ios-monitor-platform) iOS 性能监控方案 Wedjat 
- [**1827**Star][1y] [Py] [constverum/proxybroker](https://github.com/constverum/proxybroker) Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS
- [**1825**Star][10d] [Go] [smallstep/certificates](https://github.com/smallstep/certificates) An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere.
- [**1824**Star][4y] [caesar0301/awesome-pcaptools](https://github.com/caesar0301/awesome-pcaptools) A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
- [**1821**Star][10d] [Go] [oauth2-proxy/oauth2-proxy](https://github.com/oauth2-proxy/oauth2-proxy) A reverse proxy that provides authentication with Google, Github or other providers.
- [**1821**Star][5m] [Py] [epinna/weevely3](https://github.com/epinna/weevely3)  a web shell designed for post-exploitation purposes that can be extended over the network at runtime
- [**1819**Star][11d] [tunz/js-vuln-db](https://github.com/tunz/js-vuln-db) A collection of JavaScript engine CVEs with PoCs
- [**1816**Star][11d] [Go] [vzex/dog-tunnel](https://github.com/vzex/dog-tunnel) p2p tunnel,(udp mode work with kcp,
- [**1816**Star][10d] [Shell] [mzet-/linux-exploit-suggester](https://github.com/mzet-/linux-exploit-suggester) Linux privilege escalation auditing tool
- [**1815**Star][12m] [Smali] [ahmyth/ahmyth-android-rat](https://github.com/ahmyth/ahmyth-android-rat) Android Remote Administration Tool
- [**1813**Star][8d] [C] [neutrinolabs/xrdp](https://github.com/neutrinolabs/xrdp) xrdp: an open source RDP server
- [**1811**Star][4m] [C#] [sshnet/ssh.net](https://github.com/sshnet/ssh.net) SSH.NET is a Secure Shell (SSH) library for .NET, optimized for parallelism.
- [**1804**Star][10d] [Py] [cea-sec/ivre](https://github.com/cea-sec/ivre) Network recon framework.
        <details>
        <summary>View Details</summary>


        ## 特性
        - 被动侦查
            - 流分析：Bro, Argus, Nfdump
            - 指纹分析：Bro and p0f
        - 主动侦查
            - 使用Nmap扫描
            - 使用ZMap做预扫描器
            - 从Nmap和Masscan中导入XML输出文件
        </details>


- [**1803**Star][12d] [C] [signal11/hidapi](https://github.com/signal11/hidapi) A Simple library for communicating with USB and Bluetooth HID devices on Linux, Mac, and Windows.
- [**1799**Star][14d] [CSS] [bagder/http2-explained](https://github.com/bagder/http2-explained) A detailed document explaining and documenting HTTP/2, the successor to the widely popular HTTP/1.1 protocol
- [**1798**Star][18d] [Go] [intelsdi-x/snap](https://github.com/intelsdi-x/snap)  an open telemetry framework designed to simplify the collection, processing and publishing of system data through a single API.
- [**1797**Star][10d] [Java] [fesh0r/fernflower](https://github.com/fesh0r/fernflower) Unofficial mirror of FernFlower Java decompiler (All pulls should be submitted upstream)
- [**1795**Star][2y] [PS] [fuzzysecurity/powershell-suite](https://github.com/fuzzysecurity/powershell-suite) My musings with PowerShell
- [**1795**Star][10d] [ObjC] [alibaba/wax](https://github.com/alibaba/wax) Wax is a framework that lets you write native iPhone apps in Lua.
- [**1792**Star][3m] [Py] [opendevops-cn/opendevops](https://github.com/opendevops-cn/opendevops) CODO是一款为用户提供企业多混合云、一站式DevOps、自动化运维、完全开源的云管理平台、自动化运维平台
- [**1791**Star][8d] [C] [google/wuffs](https://github.com/google/wuffs) Wrangling Untrusted File Formats Safely
- [**1790**Star][10d] [JS] [pstadler/flightplan](https://github.com/pstadler/flightplan) Run sequences of shell commands against local and remote hosts.
- [**1790**Star][11d] [ObjC] [kpwn/yalu102](https://github.com/kpwn/yalu102) incomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
- [**1789**Star][10d] [JS] [cazala/coin-hive](https://github.com/cazala/coin-hive) CoinHive cryptocurrency miner for node.js
- [**1787**Star][11d] [Shell] [ryanmjacobs/c](https://github.com/ryanmjacobs/c) Compile and execute C "scripts" in one go!
- [**1787**Star][4m] [HTML] [clong/detectionlab](https://github.com/clong/detectionlab) Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
- [**1784**Star][10d] [C] [networkprotocol/netcode.io](https://github.com/networkprotocol/netcode.io) A protocol for secure client/server connections over UDP
- [**1782**Star][4m] [Go] [convox/rack](https://github.com/convox/rack) Private PaaS built on native AWS services for maximum privacy and minimum upkeep
- [**1781**Star][5m] [Shell] [hexxeh/rpi-update](https://github.com/hexxeh/rpi-update) An easier way to update the firmware of your Raspberry Pi
- [**1779**Star][3m] [PHP] [wordpress/wordpress-coding-standards](https://github.com/wordpress/wordpress-coding-standards) PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions
- [**1777**Star][6m] [C++] [microsoft/detours](https://github.com/microsoft/detours) Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
- [**1775**Star][2m] [HTML] [chromium/badssl.com](https://github.com/chromium/badssl.com) 
- [**1772**Star][4m] [ObjC] [tapwork/heapinspector-for-ios](https://github.com/tapwork/heapinspector-for-ios) Find memory issues & leaks in your iOS app without instruments
- [**1772**Star][4m] [TSQL] [brentozarultd/sql-server-first-responder-kit](https://github.com/brentozarultd/sql-server-first-responder-kit) sp_Blitz, sp_BlitzCache, sp_BlitzFirst, sp_BlitzIndex, and other SQL Server scripts for health checks and performance tuning.
- [**1768**Star][10d] [C] [samyk/pwnat](https://github.com/samyk/pwnat) The only tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. 
- [**1768**Star][7m] [PHP] [orangetw/my-ctf-web-challenges](https://github.com/orangetw/my-ctf-web-challenges) Collection of CTF Web challenges I made
- [**1768**Star][10d] [Shell] [haugene/docker-transmission-openvpn](https://github.com/haugene/docker-transmission-openvpn) Docker container running Transmission torrent client with WebUI over an OpenVPN tunnel
- [**1768**Star][4m] [Go] [hashicorp/memberlist](https://github.com/hashicorp/memberlist) Golang package for gossip based membership and failure detection
- [**1767**Star][13d] [R] [szilard/benchm-ml](https://github.com/szilard/benchm-ml) A minimal benchmark for scalability, speed and accuracy of commonly used open source implementations (R packages, Python scikit-learn, H2O, xgboost, Spark MLlib etc.) of the top machine learning algorithms for binary classification (random forests, gradient boosted trees, deep neural networks etc.).
- [**1765**Star][10d] [Makefile] [raspberrypi/noobs](https://github.com/raspberrypi/noobs) NOOBS (New Out Of Box Software) - An easy Operating System install manager for the Raspberry Pi
- [**1765**Star][4m] [ivrodriguezca/re-ios-apps](https://github.com/ivrodriguezca/re-ios-apps) A completely free, open source and online course about Reverse Engineering iOS Applications.
- [**1765**Star][4y] [Go] [elastic/logstash-forwarder](https://github.com/elastic/logstash-forwarder) An experiment to cut logs in preparation for processing elsewhere. Replaced by Filebeat:
- [**1764**Star][3y] [Go] [s-rah/onionscan](https://github.com/s-rah/onionscan) OnionScan is a free and open source tool for investigating the Dark Web.
- [**1763**Star][14d] [JS] [noble/bleno](https://github.com/noble/bleno) A Node.js module for implementing BLE (Bluetooth Low Energy) peripherals
- [**1763**Star][10d] [C#] [jbevain/cecil](https://github.com/jbevain/cecil) Cecil is a library to inspect, modify and create .NET programs and libraries.
- [**1763**Star][10d] [JS] [efforg/privacybadger](https://github.com/efforg/privacybadger) Privacy Badger is a browser extension that automatically learns to block invisible trackers.
- [**1763**Star][2y] [Java] [ac-pm/inspeckage](https://github.com/ac-pm/inspeckage) Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
- [**1761**Star][4m] [Shell] [quericy/one-key-ikev2-vpn](https://github.com/quericy/one-key-ikev2-vpn) A bash script base on Centos or Ubuntu help you to create IKEV2/L2TP vpn.
- [**1760**Star][10d] [Makefile] [drizzlerisk/drizzledumper](https://github.com/drizzlerisk/drizzledumper) a memory-search-based Android unpack tool.
- [**1759**Star][10d] [JS] [localtunnel/server](https://github.com/localtunnel/server) server for localtunnel.me
- [**1755**Star][10d] [Py] [my8100/scrapydweb](https://github.com/my8100/scrapydweb) Web app for Scrapyd cluster management, Scrapy log analysis & visualization, Auto packaging, Timer tasks, Monitor & Alert, and Mobile UI. DEMO
- [**1755**Star][9d] [JS] [evilcos/xssor2](https://github.com/evilcos/xssor2) XSS'OR - Hack with JavaScript.
- [**1755**Star][10d] [Py] [enigmampc/catalyst](https://github.com/enigmampc/catalyst) An Algorithmic Trading Library for Crypto-Assets in Python
- [**1753**Star][10d] [Dockerfile] [nicolaka/netshoot](https://github.com/nicolaka/netshoot) a Docker + Kubernetes network trouble-shooting swiss-army container
- [**1753**Star][10d] [Go] [awnumar/memguard](https://github.com/awnumar/memguard) Secure software enclave for storage of sensitive information in memory.
- [**1749**Star][10d] [Java] [apache/geode](https://github.com/apache/geode) Apache Geode
- [**1747**Star][10d] [edoverflow/can-i-take-over-xyz](https://github.com/edoverflow/can-i-take-over-xyz) "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
- [**1746**Star][12d] [C] [dlundquist/sniproxy](https://github.com/dlundquist/sniproxy) Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
- [**1742**Star][5m] [Py] [rootm0s/winpwnage](https://github.com/rootm0s/winpwnage) UAC bypass, Elevate, Persistence and Execution methods
- [**1741**Star][8d] [C] [iqiyi/xhook](https://github.com/iqiyi/xhook) a PLT (Procedure Linkage Table) hook library for Android native ELF 
- [**1741**Star][10d] [Rust] [ctz/rustls](https://github.com/ctz/rustls) A modern TLS library in Rust
- [**1736**Star][10d] [Rust] [shadowsocks/shadowsocks-rust](https://github.com/shadowsocks/shadowsocks-rust) A Rust port of shadowsocks
- [**1736**Star][4m] [Ruby] [cliffe/secgen](https://github.com/cliffe/secgen) creates vulnerable virtual machines so students can learn security penetration testing techniques
- [**1735**Star][10d] [C++] [yegord/snowman](https://github.com/yegord/snowman)  a native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures
    - [IDA插件](https://github.com/yegord/snowman/tree/master/src/ida-plugin) 
    - [snowman](https://github.com/yegord/snowman/tree/master/src/snowman) QT界面
    - [nocode](https://github.com/yegord/snowman/tree/master/src/nocode) 命令行工具
    - [nc](https://github.com/yegord/snowman/tree/master/src/nc) 核心代码，可作为库使用
- [**1733**Star][10d] [C] [feralinteractive/gamemode](https://github.com/feralinteractive/gamemode) Optimise Linux system performance on demand
- [**1728**Star][14d] [Py] [yelp/osxcollector](https://github.com/yelp/osxcollector) A forensic evidence collection & analysis toolkit for OS X
- [**1726**Star][7m] [Shell] [internetwache/gittools](https://github.com/internetwache/gittools) find websites with their .git repository available to the public
- [**1725**Star][1y] [Go] [rexray/rexray](https://github.com/rexray/rexray) REX-Ray is a container storage orchestration engine enabling persistence for cloud native workloads
- [**1719**Star][3m] [CSS] [functionclub/v2ray.fun](https://github.com/functionclub/v2ray.fun) 正在开发的全新 V2ray.Fun
- [**1718**Star][4m] [PHP] [xtr4nge/fruitywifi](https://github.com/xtr4nge/fruitywifi) a wireless network auditing tool
- [**1717**Star][12d] [Java] [internetarchive/heritrix3](https://github.com/internetarchive/heritrix3) Heritrix is the Internet Archive's open-source, extensible, web-scale, archival-quality web crawler project.
- [**1716**Star][2y] [Swift] [haxpor/potatso](https://github.com/haxpor/potatso) Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork
- [**1714**Star][11d] [C#] [sjdirect/abot](https://github.com/sjdirect/abot) Cross Platform C# web crawler framework built for speed and flexibility. Please star this project! +1.
- [**1714**Star][7d] [Go] [ysrc/yulong-hids](https://github.com/ysrc/yulong-hids) 一款由 YSRC 开源的主机入侵检测系统
- [**1714**Star][3m] [roave/securityadvisories](https://github.com/roave/securityadvisories) ensures that your application doesn't have installed dependencies with known security vulnerabilities
- [**1710**Star][10d] [Py] [gwen001/pentest-tools](https://github.com/gwen001/pentest-tools) My collection of custom tools I use in my daily.
- [**1708**Star][10d] [Py] [jumper2014/lianjia-beike-spider](https://github.com/jumper2014/lianjia-beike-spider) 链家网和贝壳网房价爬虫，采集北京上海广州深圳等21个中国主要城市的房价数据（小区，二手房，出租房，新房）
- [**1708**Star][7m] [Swift] [pmusolino/wormholy](https://github.com/pmusolino/wormholy) iOS network debugging, like a wizard 🧙‍♂️
- [**1707**Star][2y] [owasp/devguide](https://github.com/owasp/devguide) The OWASP Guide
- [**1707**Star][12m] [C] [easyhook/easyhook](https://github.com/easyhook/easyhook) The reinvention of Windows API Hooking
- [**1706**Star][10d] [C] [plasma-umass/coz](https://github.com/plasma-umass/coz) Finding Code that Counts with Causal Profiling
- [**1701**Star][14d] [Go] [sipt/shuttle](https://github.com/sipt/shuttle) A web proxy in Golang with amazing features.
- [**1699**Star][12d] [Shell] [juude/droidreverse](https://github.com/juude/droidreverse) reverse engineering tools for android
- [**1699**Star][10d] [C] [dtag-dev-sec/tpotce](https://github.com/dtag-dev-sec/tpotce)  dockerized versions of the following honeypots
- [**1696**Star][13d] [JS] [tylerbrock/mongo-hacker](https://github.com/tylerbrock/mongo-hacker) MongoDB Shell Enhancements for Hackers
- [**1695**Star][2y] [jhaddix/tbhm](https://github.com/jhaddix/tbhm) The Bug Hunters Methodology
- [**1694**Star][11d] [Py] [joxeankoret/diaphora](https://github.com/joxeankoret/diaphora) program diffing
- [**1694**Star][11d] [PHP] [easyengine/easyengine](https://github.com/easyengine/easyengine) Command-line control panel for Nginx Server to manage WordPress sites running on Nginx, PHP, MySQL, and Let's Encrypt
- [**1693**Star][30d] [CoffeeScript] [okturtles/dnschain](https://github.com/okturtles/dnschain) A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!
- [**1691**Star][10d] [Go] [juju/juju](https://github.com/juju/juju) Simple, secure devops tooling built to manage today's complex applications wherever you run your software.
- [**1691**Star][8d] [Go] [filosottile/whoami.filippo.io](https://github.com/FiloSottile/whoami.filippo.io) A ssh server that knows who you are
- [**1688**Star][11d] [C++] [jmpews/dobby](https://github.com/jmpews/Dobby) a lightweight, multi-platform, multi-architecture hook framework.
- [**1686**Star][4m] [Py] [hoochanlon/fq-book](https://github.com/hoochanlon/fq-book) 上网的方式与获取信息的技巧，并对相关流行且典型的软件做简要的上手配置，以及原理的相关说明
- [**1685**Star][11d] [Py] [epinna/tplmap](https://github.com/epinna/tplmap) Server-Side Template Injection and Code Injection Detection and Exploitation Tool
- [**1683**Star][9d] [Py] [ctfs/write-ups-2014](https://github.com/ctfs/write-ups-2014) Wiki-like CTF write-ups repository, maintained by the community. 2014
- [**1683**Star][9d] [Py] [ctfs/write-ups-2014](https://github.com/ctfs/write-ups-2014) Wiki-like CTF write-ups repository, maintained by the community. 2014
- [**1682**Star][10d] [Py] [rocky/python-uncompyle6](https://github.com/rocky/python-uncompyle6) A cross-version Python bytecode decompiler
- [**1682**Star][10d] [Py] [mitre/caldera](https://github.com/mitre/caldera) an automated adversary emulation system, built on the MITRE ATT&CK™ framework.
- [**1681**Star][1y] [Py] [evyatarmeged/raccoon](https://github.com/evyatarmeged/raccoon) A high performance offensive security tool for reconnaissance and vulnerability scanning
- [**1678**Star][7d] [Py] [m4ll0k/wascan](https://github.com/m4ll0k/WAScan) WAScan - Web Application Scanner
- [**1676**Star][10d] [C] [tianocore/edk2](https://github.com/tianocore/edk2) A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications
- [**1676**Star][14d] [Py] [k4m4/kickthemout](https://github.com/k4m4/kickthemout)  kick devices out of your network and enjoy all the bandwidth for yourself.
- [**1675**Star][10d] [PHP] [mewebstudio/captcha](https://github.com/mewebstudio/captcha) Captcha for Laravel 5/6/7
- [**1674**Star][10d] [C#] [carlospolop/privilege-escalation-awesome-scripts-suite](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite) PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
- [**1674**Star][10d] [C#] [carlospolop/privilege-escalation-awesome-scripts-suite](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite) PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
- [**1673**Star][7d] [Py] [bitsadmin/wesng](https://github.com/bitsadmin/wesng) Windows Exploit Suggester - Next Generation
- [**1673**Star][10d] [Ruby] [ambethia/recaptcha](https://github.com/ambethia/recaptcha) ReCaptcha helpers for ruby apps
- [**1671**Star][4m] [Objective-C++] [tencent/oomdetector](https://github.com/tencent/oomdetector) OOMDetector is a memory monitoring component for iOS which provides you with OOM monitoring, memory allocation monitoring, memory leak detection and other functions.
- [**1671**Star][10d] [Py] [sensepost/regeorg](https://github.com/sensepost/regeorg) The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
- [**1671**Star][12d] [HTML] [scrapy/scrapely](https://github.com/scrapy/scrapely) A pure-python HTML screen-scraping library
- [**1670**Star][13d] [Py] [life4/textdistance](https://github.com/life4/textdistance) Compute distance between sequences. 30+ algorithms, pure python implementation, common interface, optional external libs usage.
- [**1669**Star][5m] [C++] [lief-project/lief](https://github.com/lief-project/lief) Library to Instrument Executable Formats
- [**1668**Star][1y] [C] [nmikhailov/validity90](https://github.com/nmikhailov/validity90) Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol
- [**1667**Star][11d] [Py] [harismuneer/ultimate-facebook-scraper](https://github.com/harismuneer/ultimate-facebook-scraper)  Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook. 
- [**1666**Star][4y] [Java] [dodola/hotfix](https://github.com/dodola/hotfix) 安卓App热补丁动态修复框架
- [**1665**Star][3y] [JS] [camwiegert/baffle](https://github.com/camwiegert/baffle) A tiny javascript library for obfuscating and revealing text in DOM elements.
- [**1662**Star][3m] [Py] [enablesecurity/wafw00f](https://github.com/EnableSecurity/wafw00f) WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- [**1662**Star][4m] [Py] [enablesecurity/wafw00f](https://github.com/enablesecurity/wafw00f) identify and fingerprint Web Application Firewall (WAF) products protecting a website.
- [**1660**Star][10d] [C] [nmap/npcap](https://github.com/nmap/npcap) Nmap Project's Windows packet capture and transmission library
- [**1654**Star][10d] [Py] [mozilla/cipherscan](https://github.com/mozilla/cipherscan) A very simple way to find out which SSL ciphersuites are supported by a target.
- [**1652**Star][9m] [Java] [jaredrummler/androidprocesses](https://github.com/jaredrummler/androidprocesses) A small Android library to get the current running processes
- [**1651**Star][10d] [TS] [kucherenko/jscpd](https://github.com/kucherenko/jscpd) Copy/paste detector for programming source code.
- [**1650**Star][4m] [C] [firmianay/ctf-all-in-one](https://github.com/firmianay/ctf-all-in-one) CTF竞赛入门指南
- [**1644**Star][10d] [C++] [srslte/srslte](https://github.com/srslte/srslte) Open source SDR LTE software suite from Software Radio Systems (SRS)
- [**1643**Star][11d] [Java] [ukanth/afwall](https://github.com/ukanth/afwall) AFWall+ (Android Firewall +) - iptables based firewall for Android
- [**1642**Star][11d] [emijrp/awesome-awesome](https://github.com/emijrp/awesome-awesome) A curated list of awesome curated lists of many topics.
- [**1638**Star][14d] [JS] [addyosmani/a11y](https://github.com/addyosmani/a11y) Accessibility audit tooling for the web (beta)
- [**1636**Star][11d] [Py] [lifting-bits/mcsema](https://github.com/lifting-bits/mcsema) Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode
    - [IDA7插件](https://github.com/lifting-bits/mcsema/tree/master/tools/mcsema_disass/ida7) 用于反汇编二进制文件并生成控制流程图
    - [IDA插件](https://github.com/lifting-bits/mcsema/tree/master/tools/mcsema_disass/ida) 用于反汇编二进制文件并生成控制流程图
    - [Binja插件](https://github.com/lifting-bits/mcsema/tree/master/tools/mcsema_disass/binja) 用于反汇编二进制文件并生成控制流程图
    - [mcsema](https://github.com/lifting-bits/mcsema/tree/master/mcsema) 
- [**1634**Star][7m] [ObjC] [ealeksandrov/provisionql](https://github.com/ealeksandrov/provisionql) Quick Look plugin for apps and provisioning profile files
- [**1631**Star][9d] [Py] [nccgroup/scout2](https://github.com/nccgroup/Scout2) Security auditing tool for AWS environments
- [**1631**Star][12d] [Go] [hu17889/go_spider](https://github.com/hu17889/go_spider)  An awesome Go concurrent Crawler(spider) framework. The crawler is flexible and modular. It can be expanded to an Individualized crawler easily or you can use the default crawl components only.
- [**1630**Star][11d] [C++] [vaibhavpandeyvpz/apkstudio](https://github.com/vaibhavpandeyvpz/apkstudio) Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
- [**1628**Star][4m] [Swift] [indragiek/inappviewdebugger](https://github.com/indragiek/inappviewdebugger) A UIView debugger (like Reveal or Xcode) that can be embedded in an app for on-device view debugging
- [**1626**Star][4y] [l3m0n/pentest_study](https://github.com/l3m0n/pentest_study) 从零开始内网渗透学习
- [**1622**Star][10d] [Go] [skydive-project/skydive](https://github.com/skydive-project/skydive) An open source real-time network topology and protocols analyzer
- [**1620**Star][4m] [C++] [longsoft/uefitool](https://github.com/longsoft/uefitool) UEFI firmware image viewer and editor
- [**1617**Star][9m] [Py] [knownsec/pocsuite](https://github.com/knownsec/pocsuite) remote vulnerability testing and proof-of-concept development framework 
- [**1615**Star][4m] [Py] [zerosum0x0/koadic](https://github.com/zerosum0x0/koadic) Koadic C3 COM Command & Control - JScript RAT
- [**1613**Star][7d] [JS] [luoxue-victor/workflow](https://github.com/luoxue-victor/workflow) 本项目的第四次革命，不止前端！
- [**1613**Star][14d] [C] [qihoo360/phptrace](https://github.com/qihoo360/phptrace) A tracing and troubleshooting tool for PHP scripts.
- [**1613**Star][10d] [Shell] [blackarch/blackarch](https://github.com/blackarch/blackarch) An ArchLinux based distribution for penetration testers and security researchers.
- [**1611**Star][10d] [HTML] [thelinuxchoice/blackeye](https://github.com/thelinuxchoice/blackeye) The most complete Phishing Tool, with 32 templates +1 customizable
- [**1611**Star][14d] [C] [codahale/bcrypt-ruby](https://github.com/codahale/bcrypt-ruby)  Ruby binding for the OpenBSD bcrypt() password hashing algorithm, allowing you to easily store a secure hash of your users' passwords.
- [**1610**Star][5m] [Py] [unkl4b/gitminer](https://github.com/unkl4b/gitminer) Tool for advanced mining for content on Github
- [**1605**Star][10d] [Py] [hannob/snallygaster](https://github.com/hannob/snallygaster) Tool to scan for secret files on HTTP servers
- [**1603**Star][10d] [C] [intel/haxm](https://github.com/intel/haxm)  cross-platform hardware-assisted virtualization engine (hypervisor), widely used as an accelerator for Android Emulator and QEMU
- [**1602**Star][12m] [Py] [w1109790800/penetration](https://github.com/w1109790800/penetration) 渗透 超全面的渗透资料
- [**1601**Star][4y] [C] [jech/polipo](https://github.com/jech/polipo) The Polipo caching HTTP proxy
- [**1600**Star][11d] [Java] [zhegexiaohuozi/seimicrawler](https://github.com/zhegexiaohuozi/seimicrawler) 一个简单、敏捷、分布式的支持SpringBoot的Java爬虫框架;An agile, distributed crawler framework.
- [**1598**Star][4m] [Ruby] [brunofacca/zen-rails-security-checklist](https://github.com/brunofacca/zen-rails-security-checklist) Checklist of security precautions for Ruby on Rails applications.
- [**1597**Star][12d] [Go] [caffix/amass](https://github.com/caffix/amass) In-depth Attack Surface Mapping and Asset Discovery
- [**1595**Star][4m] [PHP] [postaddictme/instagram-php-scraper](https://github.com/postaddictme/instagram-php-scraper) Get account information, photos, videos, stories and comments.
- [**1595**Star][2y] [JS] [keraf/nocoin](https://github.com/keraf/nocoin) No Coin is a tiny browser extension aiming to block coin miners such as Coinhive.
- [**1588**Star][11d] [Py] [ahupp/python-magic](https://github.com/ahupp/python-magic) A python wrapper for libmagic
- [**1587**Star][12d] [tiancode/learn-hacking](https://github.com/tiancode/learn-hacking) 开始学习Kali Linux 各种破解教程 渗透测试 逆向工程 HackThisSite挑战问题解答
- [**1582**Star][12d] [C] [p-gen/smenu](https://github.com/p-gen/smenu) Terminal utility that reads words from standard input or from a file and creates an interactive selection window just below the cursor. The selected word(s) are sent to standard output for further processing.
- [**1582**Star][12d] [C] [ctfs/write-ups-2016](https://github.com/ctfs/write-ups-2016) Wiki-like CTF write-ups repository, maintained by the community. 2016
- [**1580**Star][10d] [C++] [wangyu-/tinyfecvpn](https://github.com/wangyu-/tinyfecvpn) A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
- [**1580**Star][10d] [C] [sleuthkit/sleuthkit](https://github.com/sleuthkit/sleuthkit)  a library and collection of command line digital forensics tools that allow you to investigate volume and file system data.
- [**1580**Star][4m] [XSLT] [lolbas-project/lolbas](https://github.com/lolbas-project/lolbas) Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
- [**1578**Star][5m] [C] [raspberrypi/userland](https://github.com/raspberrypi/userland) Source code for ARM side libraries for interfacing to Raspberry Pi GPU.
- [**1577**Star][10d] [C] [shadowsocksr-live/shadowsocksr-native](https://github.com/shadowsocksr-live/shadowsocksr-native) ShadowsocksR (SSR) native implementation for all platforms
- [**1576**Star][11d] [Lua] [auto-ssl/lua-resty-auto-ssl](https://github.com/auto-ssl/lua-resty-auto-ssl) On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let's Encrypt.
- [**1576**Star][12d] [C++] [f1xpl/openauto](https://github.com/f1xpl/openauto)  features like brightness control, volume control, support of Kodi and integration with the Raspberry PI OS
- [**1575**Star][11d] [Go] [google/google-ctf](https://github.com/google/google-ctf) Google CTF
- [**1574**Star][4m] [YARA] [cybermonitor/apt_cybercriminal_campagin_collections](https://github.com/cybermonitor/apt_cybercriminal_campagin_collections) APT & CyberCriminal Campaign Collection
- [**1573**Star][4m] [C] [ezlippi/webbench](https://github.com/ezlippi/webbench) Webbench是Radim Kolar在1997年写的一个在linux下使用的非常简单的网站压测工具。它使用fork()模拟多个客户端同时访问我们设定的URL，测试网站在压力下工作的性能，最多可以模拟3万个并发连接去测试网站的负载能力。官网地址:
- [**1572**Star][10d] [Go] [prometheus/blackbox_exporter](https://github.com/prometheus/blackbox_exporter) Blackbox prober exporter
- [**1572**Star][4m] [Py] [oros42/imsi-catcher](https://github.com/oros42/imsi-catcher) This program show you IMSI numbers of cellphones around you.
- [**1572**Star][7d] [Shell] [anudeepnd/whitelist](https://github.com/anudeepnd/whitelist) A simple tool to add commonly white listed domains to your Pi-Hole setup.
- [**1571**Star][10d] [Go] [google/gapid](https://github.com/google/gapid) Graphics API Debugger
- [**1569**Star][15d] [Go] [neex/phuip-fpizdam](https://github.com/neex/phuip-fpizdam) Exploit for CVE-2019-11043
- [**1569**Star][2m] [C] [esp8266/esp8266-wiki](https://github.com/esp8266/esp8266-wiki) Online community http://www.esp8266.com supporting all aspects of the ESP8266 and ESP8266EX
- [**1568**Star][4m] [Java] [gchq/gaffer](https://github.com/gchq/Gaffer) A large-scale entity and relation database supporting aggregation of properties
- [**1568**Star][17d] [Py] [google/pyringe](https://github.com/google/pyringe) Debugger capable of attaching to and injecting code into python processes.
- [**1568**Star][11d] [C] [aircrack-ng/aircrack-ng](https://github.com/aircrack-ng/aircrack-ng) WiFi security auditing tools suite
- [**1567**Star][11d] [HTML] [gwuhaolin/blog](https://github.com/gwuhaolin/blog) 浩麟的技术博客
- [**1566**Star][4m] [Py] [awolfly9/ipproxytool](https://github.com/awolfly9/ipproxytool) python ip proxy tool scrapy crawl.
- [**1565**Star][10d] [Py] [instaloader/instaloader](https://github.com/instaloader/instaloader) Download pictures (or videos) along with their captions and other metadata from Instagram.
- [**1563**Star][4m] [snowming04/the-hacker-playbook-3-translation](https://github.com/snowming04/the-hacker-playbook-3-translation) 对 The Hacker Playbook 3 的翻译。
- [**1563**Star][6m] [C++] [microsoft/seal](https://github.com/microsoft/seal) Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.
- [**1561**Star][10d] [C++] [aappleby/smhasher](https://github.com/aappleby/smhasher) Automatically exported from code.google.com/p/smhasher
- [**1553**Star][8d] [Rust] [watchexec/watchexec](https://github.com/watchexec/watchexec) Executes commands in response to file modifications
- [**1553**Star][10d] [PS] [putterpanda/mimikittenz](https://github.com/putterpanda/mimikittenz) A post-exploitation powershell tool for extracting juicy info from memory.
- [**1553**Star][12d] [Py] [almandin/fuxploider](https://github.com/almandin/fuxploider) File upload vulnerability scanner and exploitation tool.
- [**1552**Star][10d] [C++] [eteran/edb-debugger](https://github.com/eteran/edb-debugger) edb is a cross platform AArch32/x86/x86-64 debugger.
- [**1551**Star][7d] [Go] [shadowsocks/v2ray-plugin](https://github.com/shadowsocks/v2ray-plugin) A SIP003 plugin based on v2ray
- [**1550**Star][10d] [C#] [k8gege/ladon](https://github.com/k8gege/ladon) 用于大型网络渗透的多线程插件化综合扫描神器
- [**1548**Star][11d] [C] [namhyung/uftrace](https://github.com/namhyung/uftrace) Function (graph) tracer for user-space
- [**1548**Star][7d] [kirikira/vtemplate](https://github.com/kirikira/vtemplate) v2ray的模板们
- [**1548**Star][6m] [Java] [chrisk44/hijacker](https://github.com/chrisk44/hijacker) Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
- [**1546**Star][10d] [TS] [spring-guides/tut-spring-security-and-angular-js](https://github.com/spring-guides/tut-spring-security-and-angular-js) Spring Security and Angular:: A tutorial on how to use Spring Security with a single page application with various backend architectures, ranging from a simple single server to an API gateway with OAuth2 authentication.
- [**1546**Star][10d] [minimaxir/hacker-news-undocumented](https://github.com/minimaxir/hacker-news-undocumented) Some of the hidden norms about Hacker News not otherwise covered in the Guidelines and the FAQ.
- [**1545**Star][3y] [Py] [x0rz/eqgrp_lost_in_translation](https://github.com/x0rz/eqgrp_lost_in_translation) Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
- [**1544**Star][10d] [Go] [microcosm-cc/bluemonday](https://github.com/microcosm-cc/bluemonday) a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
- [**1543**Star][4m] [C++] [jmpews/dobby](https://github.com/jmpews/dobby) a lightweight, multi-platform, multi-architecture hook framework.
- [**1543**Star][9d] [Java] [freetymekiyan/leetcode-sol-res](https://github.com/freetymekiyan/leetcode-sol-res) Clean, Understandable Solutions and Resources for LeetCode Online Judge Algorithm Problems.
- [**1543**Star][8d] [Java] [jimmysuncpt/algorithms](https://github.com/jimmysuncpt/algorithms) The codes and my solutions to exercises from the book "Algorithms" (4th edition) by Robert Sedgewick and Kevin Wayne.
- [**1541**Star][13d] [Go] [google/novm](https://github.com/google/novm) Experimental KVM-based VMM for containers, written in Go.
- [**1539**Star][4m] [C#] [pardeike/harmony](https://github.com/pardeike/harmony) A library for patching, replacing and decorating .NET and Mono methods during runtime
- [**1539**Star][6m] [ObjC] [nabla-c0d3/ssl-kill-switch2](https://github.com/nabla-c0d3/ssl-kill-switch2) Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
- [**1539**Star][10d] [PS] [joefitzgerald/packer-windows](https://github.com/joefitzgerald/packer-windows) Windows templates that can be used to create boxes for Vagrant using Packer
- [**1539**Star][4m] [Py] [google/rekall](https://github.com/google/rekall) Rekall Memory Forensic Framework
- [**1539**Star][11d] [Go] [cortesi/modd](https://github.com/cortesi/modd) A flexible developer tool that runs processes and responds to filesystem changes
- [**1537**Star][4m] [C] [jiangwenyuan/nuster](https://github.com/jiangwenyuan/nuster) A high performance HTTP proxy cache server and RESTful NoSQL cache server based on HAProxy
- [**1537**Star][3y] [C++] [hteso/iaito](https://github.com/hteso/iaito) A Qt and C++ GUI for radare2 reverse engineering framework
- [**1536**Star][9d] [Java] [tianshiyeben/wgcloud](https://github.com/tianshiyeben/wgcloud) linux高并发监控系统，java开发，支持内存，cpu，磁盘，系统负载，网络流量，进程等指标监控，服务接口动态检测，数据实时监控
- [**1536**Star][12d] [Py] [eldraco/domain_analyzer](https://github.com/eldraco/domain_analyzer) Analyze the security of any domain by finding all the information possible. Made in python.
- [**1535**Star][4m] [C#] [steamre/steamkit](https://github.com/steamre/steamkit) SteamKit2 is a .NET library designed to interoperate with Valve's Steam network. It aims to provide a simple, yet extensible, interface to perform various actions on the network.
- [**1535**Star][12d] [C] [antirez/dump1090](https://github.com/antirez/dump1090) Dump1090 is a simple Mode S decoder for RTLSDR devices
- [**1534**Star][3m] [Py] [netflix/dispatch](https://github.com/netflix/dispatch) All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!
- [**1533**Star][2y] [Py] [rolisoft/wsl-distribution-switcher](https://github.com/rolisoft/wsl-distribution-switcher) Scripts to replace the distribution behind Windows Subsystem for Linux with any other Linux distribution published on Docker Hub.
- [**1532**Star][8d] [Lua] [scipag/vulscan](https://github.com/scipag/vulscan) Advanced vulnerability scanning with Nmap NSE
- [**1532**Star][4m] [Go] [crazy-max/windowsspyblocker](https://github.com/crazy-max/windowsspyblocker)  an application written in Go and delivered as a single executable to block spying and tracking on Windows systems ⛔️.
- [**1531**Star][2y] [Kotlin] [gh0u1l5/wechatmagician](https://github.com/gh0u1l5/wechatmagician) WechatMagician is a Xposed module written in Kotlin, that allows you to completely control your Wechat.
- [**1527**Star][11d] [HTML] [qiwihui/hiwifi-ss](https://github.com/qiwihui/hiwifi-ss) 极路由+ss配置
- [**1527**Star][10d] [C] [skeeto/endlessh](https://github.com/skeeto/endlessh) SSH tarpit that slowly sends an endless banner
- [**1526**Star][4m] [C] [guanzhi/gmssl](https://github.com/guanzhi/gmssl) 支持国密SM2/SM3/SM4/SM9/ZUC/SSL的OpenSSL分支
- [**1525**Star][10d] [PHP] [spatie/crawler](https://github.com/spatie/crawler) An easy to use, powerful crawler implemented in PHP. Can execute Javascript.
- [**1516**Star][4m] [JS] [lockfale/osint-framework](https://github.com/lockfale/osint-framework) gathering information from free tools or resources
- [**1515**Star][11d] [Py] [veil-framework/veil-evasion](https://github.com/Veil-Framework/Veil-Evasion) Veil Evasion is no longer supported, use Veil 3.0!
- [**1515**Star][11d] [Py] [veil-framework/veil-evasion](https://github.com/Veil-Framework/Veil-Evasion) a tool designed to generate metasploit payloads that bypass common anti-virus solutions.
- [**1513**Star][3m] [C#] [ryujinx/ryujinx](https://github.com/ryujinx/ryujinx) Experimental Nintendo Switch Emulator written in C#
- [**1512**Star][11m] [gitguardian/apisecuritybestpractices](https://github.com/gitguardian/apisecuritybestpractices) Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
- [**1510**Star][4y] [tiancode/learn-hacking](https://github.com/tiancode/learn-hacking) 开始学习Kali Linux 各种破解教程 渗透测试 逆向工程 HackThisSite挑战问题解答
- [**1507**Star][11d] [Shell] [mitchellkrogza/nginx-ultimate-bad-bot-blocker](https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker) Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
- [**1505**Star][7y] [C] [alibaba/lvs](https://github.com/alibaba/lvs) A distribution of Linux Virtual Server with some advanced features. It introduces a new packet forwarding method - FULLNAT other than NAT/Tunneling/DirectRouting, and defense mechanism against synflooding attack - SYNPROXY.
- [**1504**Star][6m] [Kotlin] [cypherpunkarmory/userland](https://github.com/cypherpunkarmory/userland) The easiest way to run a Linux distribution or application on Android
- [**1503**Star][10d] [JS] [forwardemail/free-email-forwarding](https://github.com/forwardemail/free-email-forwarding) The best free email forwarding for custom domains. Visit our website to get started >>>>>
- [**1500**Star][11d] [Py] [rthalley/dnspython](https://github.com/rthalley/dnspython) a powerful DNS toolkit for python
- [**1500**Star][11d] [ObjC] [polidea/ios-class-guard](https://github.com/polidea/ios-class-guard) Simple Objective-C obfuscator for Mach-O executables.
- [**1499**Star][3m] [Shell] [yuk7/archwsl](https://github.com/yuk7/archwsl) ArchLinux as a WSL Instance. Supports multiple install.
- [**1497**Star][3m] [CSS] [nakov/practical-cryptography-for-developers-book](https://github.com/nakov/practical-cryptography-for-developers-book) Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Signatures, ECDSA, EdDSA
- [**1497**Star][11d] [Py] [fireeye/flare-floss](https://github.com/fireeye/flare-floss) Automatically extract obfuscated strings from malware.
    - [floss](https://github.com/fireeye/flare-floss/tree/master/floss) 
    - [IDA插件](https://github.com/fireeye/flare-floss/blob/master/scripts/idaplugin.py) 
- [**1496**Star][4m] [Py] [neo23x0/loki](https://github.com/neo23x0/loki) Loki - Simple IOC and Incident Response Scanner
- [**1496**Star][2y] [C++] [acaudwell/logstalgia](https://github.com/acaudwell/logstalgia)  a visualization tool that replays or streams web server access logs as a retro arcade game simulation.
- [**1494**Star][11d] [C] [dynamorio/drmemory](https://github.com/dynamorio/drmemory) Memory Debugger for Windows, Linux, Mac, and Android
- [**1493**Star][3m] [Rust] [vi/websocat](https://github.com/vi/websocat) Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
- [**1493**Star][12d] [Go] [cosmos72/gomacro](https://github.com/cosmos72/gomacro) Interactive Go interpreter and debugger with REPL, Eval, generics and Lisp-like macros
- [**1491**Star][3m] [Shell] [evertramos/docker-compose-letsencrypt-nginx-proxy-companion](https://github.com/evertramos/docker-compose-letsencrypt-nginx-proxy-companion) Automated docker nginx proxy integrated with letsencrypt.
- [**1491**Star][5m] [C++] [x64dbg/scyllahide](https://github.com/x64dbg/scyllahide) Advanced usermode anti-anti-debugger
- [**1491**Star][10d] [PHP] [ganlvtech/down_52pojie_cn](https://github.com/ganlvtech/down_52pojie_cn) A single page file explorer that can be hosted on static website. 吾爱破解论坛 爱盘
- [**1486**Star][3m] [C] [rikkaapps/riru](https://github.com/rikkaapps/riru) Inject zygote process by replace libmemtrack
- [**1485**Star][12d] [C++] [google/nsjail](https://github.com/google/nsjail) A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)
- [**1484**Star][4m] [Java] [limpoxe/android-plugin-framework](https://github.com/limpoxe/android-plugin-framework) Android插件框架，免安装运行插件APK ，支持独立插件和非独立插件
- [**1484**Star][12d] [Go] [google/stenographer](https://github.com/google/stenographer) a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets.
- [**1483**Star][8d] [Py] [jiangxufeng/v2rayl](https://github.com/jiangxufeng/v2rayl) v2ray linux GUI客户端，支持订阅、vemss、ss等协议，自动更新订阅、检查版本更新
- [**1482**Star][4m] [Go] [google/keytransparency](https://github.com/google/keytransparency) A transparent and secure way to look up public keys.
- [**1482**Star][6m] [C#] [bitbeans/simplednscrypt](https://github.com/bitbeans/simplednscrypt) A simple management tool for dnscrypt-proxy
- [**1480**Star][5y] [C++] [gdbinit/machoview](https://github.com/gdbinit/machoview) MachOView fork
- [**1478**Star][11d] [Py] [joaomatosf/jexboss](https://github.com/joaomatosf/jexboss) Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
- [**1475**Star][6m] [C] [z3apa3a/3proxy](https://github.com/z3apa3a/3proxy) tiny free proxy server
- [**1473**Star][4m] [Java] [willowtreeapps/hyperion-android](https://github.com/willowtreeapps/hyperion-android) App Debugging & Inspection Tool for Android
- [**1473**Star][3y] [Py] [nathanlopez/stitch](https://github.com/nathanlopez/stitch) a cross platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well
- [**1472**Star][2y] [Py] [d4vinci/cr3dov3r](https://github.com/d4vinci/cr3dov3r) Know the dangers of credential reuse attacks.
- [**1472**Star][2m] [Go] [barnybug/cli53](https://github.com/barnybug/cli53) Command line tool for Amazon Route 53
- [**1471**Star][10d] [Go] [unrolled/secure](https://github.com/unrolled/secure) HTTP middleware for Go that facilitates some quick security wins.
- [**1470**Star][4m] [Swift] [johnno1962/injectioniii](https://github.com/johnno1962/injectioniii) Re-write of Injection for Xcode in (mostly) Swift4
- [**1469**Star][7d] [C] [googleprojectzero/winafl](https://github.com/googleprojectzero/winafl) A fork of AFL for fuzzing Windows binaries
- [**1466**Star][10d] [C++] [khronosgroup/glslang](https://github.com/khronosgroup/glslang) Khronos-reference front end for GLSL/ESSL, partial front end for HLSL, and a SPIR-V generator.
- [**1465**Star][10d] [C] [zhaojh329/rtty](https://github.com/zhaojh329/rtty) Access your device's terminal from anywhere via the web.
- [**1463**Star][14d] [Java] [aslody/legend](https://github.com/aslody/legend) A framework for hook java methods.
- [**1462**Star][8m] [Go] [hellogcc/100-gdb-tips](https://github.com/hellogcc/100-gdb-tips) A collection of gdb tips. 100 maybe just mean many here.
- [**1461**Star][4m] [yadox666/the-hackers-hardware-toolkit](https://github.com/yadox666/the-hackers-hardware-toolkit) The best hacker's gadgets for Red Team pentesters and security researchers.
- [**1461**Star][11d] [OCaml] [mirage/mirage](https://github.com/mirage/mirage) MirageOS is a library operating system that constructs unikernels
- [**1458**Star][10d] [C] [dgiese/dustcloud](https://github.com/dgiese/dustcloud) Xiaomi Smart Home Device Reverse Engineering and Hacking
- [**1457**Star][10d] [Java] [chinashiyu/gfw.press](https://github.com/chinashiyu/gfw.press) GFW.Press新一代军用级高强度加密抗干扰网络数据高速传输软件
- [**1456**Star][5m] [HTML] [owasp/top10](https://github.com/owasp/top10) Official OWASP Top 10 Document Repository
- [**1455**Star][14d] [C] [tpruvot/ccminer](https://github.com/tpruvot/ccminer) CUDA Open Source miner project, for most nvidia cards
- [**1455**Star][4m] [C] [ettercap/ettercap](https://github.com/ettercap/ettercap) Ettercap Project
- [**1454**Star][10d] [Py] [ibm/adversarial-robustness-toolbox](https://github.com/ibm/adversarial-robustness-toolbox) Python library for adversarial machine learning (evasion, extraction, poisoning, verification, certification) with attacks and defences for neural networks, logistic regression, decision trees, SVM, gradient boosted trees, Gaussian processes and more with multiple framework support
- [**1452**Star][17d] [PHP] [johntroony/php-webshells](https://github.com/johntroony/php-webshells) Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
- [**1451**Star][12d] [C] [taviso/ctftool](https://github.com/taviso/ctftool) Interactive CTF Exploration Tool
- [**1451**Star][10d] [Py] [bethgelab/foolbox](https://github.com/bethgelab/foolbox) A Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX
- [**1450**Star][10d] [jaredthecoder/awesome-vehicle-security](https://github.com/jaredthecoder/awesome-vehicle-security) A curated list of awesome resources, books, hardware, software, applications, people to follow, and more cool stuff about vehicle security, car hacking, and tinkering with the functionality of your car.
- [**1450**Star][10d] [Py] [eth0izzle/bucket-stream](https://github.com/eth0izzle/bucket-stream) Find interesting Amazon S3 Buckets by watching certificate transparency logs.
- [**1450**Star][1y] [PS] [danielbohannon/invoke-obfuscation](https://github.com/danielbohannon/invoke-obfuscation) PowerShell Obfuscator
- [**1448**Star][14d] [JS] [s-macke/jor1k](https://github.com/s-macke/jor1k) Online OR1K Emulator running Linux
- [**1447**Star][9d] [PHP] [s4n7h0/xvwa](https://github.com/s4n7h0/xvwa) XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
- [**1447**Star][4m] [JS] [gildas-lormeau/singlefile](https://github.com/gildas-lormeau/singlefile) Web Extension for Firefox/Chrome/Edge and CLI tool to save a faithful copy of a complete web page as a single HTML file
- [**1447**Star][10d] [JS] [alonemonkey/frida-ios-dump](https://github.com/alonemonkey/frida-ios-dump) pull decrypted ipa from jailbreak device
- [**1443**Star][11d] [Py] [xdavidhu/mitmap](https://github.com/xdavidhu/mitmap)  A python program to create a fake AP and sniff data.
- [**1443**Star][10d] [JS] [rogandawes/p4wnp1_aloa](https://github.com/RoganDawes/P4wnP1_aloa) turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
- [**1442**Star][10d] [Go] [perlin-network/noise](https://github.com/perlin-network/noise) A decentralized P2P networking stack written in Go.
- [**1440**Star][11m] [JS] [krasimir/deb.js](https://github.com/krasimir/deb.js) Minimalistic JavaScript library for debugging in the browser
- [**1439**Star][4m] [C] [zyantific/zydis](https://github.com/zyantific/zydis) Fast and lightweight x86/x86-64 disassembler library
- [**1439**Star][4m] [Go] [hacklcx/hfish](https://github.com/hacklcx/hfish) Extend the enterprise security test open source honeypot system , Record hacker attacks.
- [**1436**Star][4m] [Py] [ekultek/whatwaf](https://github.com/ekultek/whatwaf) Detect and bypass web application firewalls and protection systems
- [**1435**Star][11d] [Makefile] [pegasuswang/python_data_structures_and_algorithms](https://github.com/pegasuswang/python_data_structures_and_algorithms) Python 中文数据结构和算法教程
- [**1435**Star][10d] [Go] [pomerium/pomerium](https://github.com/pomerium/pomerium) Pomerium is an identity-aware access proxy.
- [**1435**Star][9y] [Py] [moxie0/sslstrip](https://github.com/moxie0/sslstrip) A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.
- [**1434**Star][11d] [Go] [jsha/minica](https://github.com/jsha/minica) minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
- [**1433**Star][10d] [C++] [raspberrypi/tools](https://github.com/raspberrypi/tools) 
- [**1433**Star][9d] [C++] [phpv8/v8js](https://github.com/phpv8/v8js) V8 Javascript Engine for PHP — This PHP extension embeds the Google V8 Javascript Engine
- [**1433**Star][4m] [C++] [jonathansalwan/triton](https://github.com/jonathansalwan/triton) DBA framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.
- [**1432**Star][16d] [C++] [dotnet/llilc](https://github.com/dotnet/llilc) This repo contains LLILC, an LLVM based compiler for .NET Core. It includes a set of cross-platform .NET code generation tools that enables compilation of MSIL byte code to LLVM supported platforms.
- [**1432**Star][10d] [JS] [bubenshchykov/ngrok](https://github.com/bubenshchykov/ngrok) Expose your localhost to the web. Node wrapper for ngrok.
- [**1428**Star][11d] [C] [blechschmidt/massdns](https://github.com/blechschmidt/massdns) A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- [**1427**Star][4y] [mandatoryprogrammer/northkoreadnsleak](https://github.com/mandatoryprogrammer/northkoreadnsleak) Snapshot of North Korea's DNS data taken from zone transfers.
- [**1426**Star][3m] [C#] [cenmrev/v2rayw](https://github.com/cenmrev/v2rayw) GUI for v2ray-core on Windows
- [**1424**Star][9m] [Py] [nghuyong/weibospider](https://github.com/nghuyong/weibospider) This is a sina weibo spider built by scrapy[微博爬虫/持续维护]
- [**1424**Star][9m] [HTML] [thehive-project/thehive](https://github.com/thehive-project/thehive) a Scalable, Open Source and Free Security Incident Response Platform
- [**1421**Star][7m] [CSS] [undeadsec/socialfish](https://github.com/undeadsec/socialfish) Educational Phishing Tool & Information Collector
- [**1420**Star][10d] [C] [seemoo-lab/nexmon](https://github.com/seemoo-lab/nexmon) The C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips that enables Monitor Mode, Frame Injection and much more
- [**1417**Star][5m] [Py] [s0md3v/arjun](https://github.com/s0md3v/Arjun) HTTP parameter discovery suite.
- [**1417**Star][11d] [C] [traviscross/mtr](https://github.com/traviscross/mtr) combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool.
- [**1417**Star][4m] [rebeyond/behinder](https://github.com/rebeyond/behinder) “冰蝎”动态二进制加密网站管理客户端
- [**1415**Star][10d] [JS] [lirantal/is-website-vulnerable](https://github.com/lirantal/is-website-vulnerable) finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
- [**1415**Star][10d] [Go] [solo-io/squash](https://github.com/solo-io/squash) The debugger for microservices
- [**1413**Star][10d] [dweinstein/awesome-frida](https://github.com/dweinstein/awesome-frida) A curated list of Frida resources
- [**1412**Star][7m] [grrrdog/java-deserialization-cheat-sheet](https://github.com/grrrdog/java-deserialization-cheat-sheet) The cheat sheet about Java Deserialization vulnerabilities
- [**1411**Star][7m] [Py] [xianhu/pspider](https://github.com/xianhu/pspider) 简单易用的Python爬虫框架，QQ交流群：597510560
- [**1411**Star][11m] [Py] [s0md3v/striker](https://github.com/s0md3v/Striker) Striker is an offensive information and vulnerability scanner.
- [**1410**Star][11d] [Shell] [firehol/blocklist-ipsets](https://github.com/firehol/blocklist-ipsets) ipsets dynamically updated with firehol's update-ipsets.sh script
- [**1410**Star][11d] [Shell] [firehol/blocklist-ipsets](https://github.com/firehol/blocklist-ipsets) ipsets dynamically updated with firehol's update-ipsets.sh script
- [**1406**Star][10d] [Go] [rfjakob/gocryptfs](https://github.com/rfjakob/gocryptfs) Encrypted overlay filesystem written in Go
- [**1406**Star][10d] [HTML] [krishnakumarsekar/awesome-quantum-machine-learning](https://github.com/krishnakumarsekar/awesome-quantum-machine-learning) Here you can get all the Quantum Machine learning Basics, Algorithms ,Study Materials ,Projects and the descriptions of the projects around the web
- [**1405**Star][11d] [Vue] [chaitin/passionfruit](https://github.com/chaitin/passionfruit) [WIP] Crappy iOS app analyzer
- [**1402**Star][11d] [JS] [sqren/fb-sleep-stats](https://github.com/sqren/fb-sleep-stats) Use Facebook to track your friends’ sleeping habits
- [**1401**Star][7d] [Perl] [intelisecurelabs/linux_exploit_suggester](https://github.com/InteliSecureLabs/Linux_Exploit_Suggester) Linux Exploit Suggester; based on operating system release number
- [**1401**Star][18d] [C] [boywhp/fcn](https://github.com/boywhp/fcn) free connect your private network from anywhere
- [**1400**Star][11d] [Go] [securitywithoutborders/hardentools](https://github.com/securitywithoutborders/hardentools) Hardentools is a utility that disables a number of risky Windows features.
- [**1400**Star][10d] [C++] [klee/klee](https://github.com/klee/klee) KLEE Symbolic Execution Engine
- [**1400**Star][1y] [JS] [anttiviljami/browser-autofill-phishing](https://github.com/anttiviljami/browser-autofill-phishing) A simple demo of phishing by abusing the browser autofill feature
- [**1398**Star][11d] [Go] [ssllabs/ssllabs-scan](https://github.com/ssllabs/ssllabs-scan) A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
- [**1398**Star][10m] [Py] [lijiejie/githack](https://github.com/lijiejie/githack) A `.git` folder disclosure exploit
- [**1398**Star][13d] [Shell] [drduh/pwd.sh](https://github.com/drduh/pwd.sh) GPG symmetric password manager
- [**1396**Star][11d] [Shell] [rootsongjc/kubernetes-vagrant-centos-cluster](https://github.com/rootsongjc/kubernetes-vagrant-centos-cluster) Setting up a distributed Kubernetes cluster along with Istio service mesh locally with Vagrant and VirtualBox, only PoC or Demo use.
- [**1395**Star][6m] [C] [quiet/org.quietmodem.quiet](https://github.com/quiet/org.quietmodem.quiet) Quiet for Android - TCP over sound
- [**1394**Star][10d] [HTML] [archerysec/archerysec](https://github.com/archerysec/archerysec) Centralize Vulnerability Assessment and Management for DevSecOps Team
- [**1394**Star][16d] [C++] [mfontanini/libtins](https://github.com/mfontanini/libtins) High-level, multiplatform C++ network packet sniffing and crafting library.
- [**1393**Star][11d] [Py] [vulnerscom/getsploit](https://github.com/vulnerscom/getsploit) Command line utility for searching and downloading exploits
- [**1393**Star][1y] [C] [fancycode/memorymodule](https://github.com/fancycode/memorymodule) Library to load a DLL from memory.
- [**1392**Star][13d] [nikitavoloboev/privacy-respecting](https://github.com/nikitavoloboev/privacy-respecting) Curated List of Privacy Respecting Services and Software
- [**1392**Star][10d] [CoffeeScript] [atmos/camo](https://github.com/atmos/camo) all about making insecure assets look secure
- [**1391**Star][10d] [konradit/goprowifihack](https://github.com/konradit/goprowifihack) Unofficial GoPro WiFi API Documentation - HTTP GET requests for commands, status, livestreaming and media query.
- [**1390**Star][10d] [Shell] [dana-at-cp/backdoor-apk](https://github.com/dana-at-cp/backdoor-apk) a shell script that simplifies the process of adding a backdoor to any Android APK file.
- [**1389**Star][10d] [C++] [randombit/botan](https://github.com/randombit/botan) Cryptography Toolkit
- [**1389**Star][1y] [JS] [intika/librefox](https://github.com/intika/librefox) Firefox with privacy enhancements
- [**1385**Star][10d] [Py] [pyauth/pyotp](https://github.com/pyauth/pyotp) Python One-Time Password Library
- [**1385**Star][7d] [TS] [youzan/zan-proxy](https://github.com/youzan/zan-proxy) An extensible proxy for PC/Mobile/APP developer
- [**1382**Star][10d] [HTML] [vernesong/openclash](https://github.com/vernesong/openclash) A Clash Client For OpenWrt
- [**1382**Star][9d] [Go] [evilsocket/xray](https://github.com/evilsocket/xray) XRay is a tool for recon, mapping and OSINT gathering from public networks.
- [**1381**Star][4m] [C] [oisf/suricata](https://github.com/OISF/suricata) a network IDS, IPS and NSM engine
- [**1381**Star][11d] [PHP] [friendsofphp/security-advisories](https://github.com/friendsofphp/security-advisories) A database of PHP security advisories
- [**1378**Star][11d] [Py] [realsirjoe/instagram-scraper](https://github.com/realsirjoe/instagram-scraper) scrapes medias, likes, followers, tags and all metadata. Inspired by instagram-php-scraper,bot
- [**1377**Star][13d] [Py] [aivarsk/scrapy-proxies](https://github.com/aivarsk/scrapy-proxies) Random proxy middleware for Scrapy
- [**1377**Star][10d] [C++] [shadowsocks/libqtshadowsocks](https://github.com/shadowsocks/libqtshadowsocks) A lightweight and ultra-fast shadowsocks library written in C++14 with Qt framework
- [**1376**Star][2y] [Py] [marten4n6/evilosx](https://github.com/marten4n6/evilosx) An evil RAT (Remote Administration Tool) for macOS / OS X.
- [**1376**Star][1y] [Py] [feeicn/gsil](https://github.com/feeicn/gsil) GitHub Sensitive Information Leakage
- [**1376**Star][10d] [C] [a0rtega/pafish](https://github.com/a0rtega/pafish) Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
- [**1375**Star][5m] [C] [madeye/proxydroid](https://github.com/madeye/proxydroid) Global Proxy for Android
- [**1374**Star][4y] [C++] [valvesoftware/vogl](https://github.com/valvesoftware/vogl) OpenGL capture / playback debugger.
- [**1374**Star][10d] [bromite/bromite](https://github.com/bromite/bromite) Bromite a Chromium fork with ad blocking and privacy enhancements; take back your browser!
- [**1373**Star][8m] [PS] [peewpw/invoke-psimage](https://github.com/peewpw/invoke-psimage) Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
- [**1370**Star][12d] [C] [luke-jr/bfgminer](https://github.com/luke-jr/bfgminer) Modular ASIC/FPGA miner written in C, featuring overclocking, monitoring, fan speed control and remote interface capabilities.
- [**1369**Star][4m] [C++] [aslody/turbodex](https://github.com/aslody/turbodex) fast load dex in memory.
- [**1368**Star][3y] [Py] [maratyszcza/peachpy](https://github.com/maratyszcza/peachpy) x86-64 assembler embedded in Python
- [**1367**Star][10d] [C++] [crosire/reshade](https://github.com/crosire/reshade) A generic post-processing injector for games and video software.
- [**1367**Star][1y] [XSLT] [api0cradle/lolbas](https://github.com/api0cradle/lolbas) Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
- [**1366**Star][19d] [Py] [qinxuye/cola](https://github.com/qinxuye/cola) A high-level distributed crawling framework.
- [**1364**Star][11d] [C] [tsudakageyu/minhook](https://github.com/tsudakageyu/minhook) The Minimalistic x86/x64 API Hooking Library for Windows
- [**1364**Star][10d] [Go] [dominicbreuker/pspy](https://github.com/dominicbreuker/pspy) a command line tool designed to snoop on processes without need for root permissions
- [**1363**Star][10d] [C] [solokeys/solo](https://github.com/solokeys/solo) open security key supporting FIDO2 & U2F over USB + NFC
- [**1362**Star][10d] [C] [gamelinux/passivedns](https://github.com/gamelinux/passivedns) A network sniffer that logs all DNS server replies for use in a passive DNS setup
- [**1361**Star][12d] [Rust] [mesalock-linux/mesalink](https://github.com/mesalock-linux/mesalink) OpenSSL compatibility layer for the Rust SSL/TLS stack
- [**1361**Star][9d] [Py] [facebookincubator/xar](https://github.com/facebookincubator/xar) executable archive format
- [**1360**Star][17d] [Go] [davrodpin/mole](https://github.com/davrodpin/mole) cli app to create ssh tunnels
- [**1359**Star][13d] [Py] [consensys/mythril](https://github.com/ConsenSys/mythril) Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
- [**1358**Star][2y] [Py] [worawit/ms17-010](https://github.com/worawit/ms17-010) MS17-010
- [**1358**Star][14d] [Py] [virtualabs/btlejack](https://github.com/virtualabs/btlejack) Bluetooth Low Energy Swiss-army knife
- [**1358**Star][2y] [Py] [carmaa/inception](https://github.com/carmaa/inception) a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
- [**1358**Star][12d] [Py] [achillean/shodan-python](https://github.com/achillean/shodan-python) The official Python library for Shodan
- [**1357**Star][2m] [Py] [ddevault/evilpass](https://github.com/ddevault/evilpass) Slightly evil password strength checker
- [**1357**Star][12d] [JS] [feross/spoof](https://github.com/feross/spoof) Easily spoof your MAC address in macOS, Windows, & Linux!
- [**1357**Star][10d] [C++] [devsisters/libquic](https://github.com/devsisters/libquic) QUIC, a multiplexed stream transport over UDP
- [**1356**Star][21d] [Rust] [das-labor/panopticon](https://github.com/das-labor/panopticon) A libre cross-platform disassembler.
- [**1355**Star][4m] [C++] [purplei2p/i2pd](https://github.com/purplei2p/i2pd) a full-featured C++ implementation of I2P client
- [**1354**Star][11d] [joe-shenouda/awesome-cyber-skills](https://github.com/joe-shenouda/awesome-cyber-skills) A curated list of hacking environments where you can train your cyber skills legally and safely
- [**1354**Star][15d] [HTML] [daxeel/blockshell](https://github.com/daxeel/blockshell) A command line utility for learning Blockchain technical concepts likechaining, mining, proof of work etc.
- [**1353**Star][4m] [Go] [xiaomi/gaea](https://github.com/xiaomi/gaea) Gaea is a mysql proxy, it's developed by xiaomi b2c-dev team.
- [**1350**Star][11d] [C] [thestr4ng3r/chiaki](https://github.com/thestr4ng3r/chiaki) Free and Open Source PS4 Remote Play Client
- [**1349**Star][10d] [C] [dynamorio/dynamorio](https://github.com/dynamorio/dynamorio) Dynamic Instrumentation Tool Platform
- [**1348**Star][2y] [C++] [rehints/hexrayscodexplorer](https://github.com/rehints/hexrayscodexplorer) Hex-Rays Decompiler plugin for better code navigation
        <details>
        <summary>View Details</summary>


        - 自动类型重建
        - 虚表识别/导航(反编译窗口)
        - C-tree可视化与导出
        - 对象浏览
        </details>


- [**1346**Star][1y] [Py] [xyntax/poc-t](https://github.com/xyntax/poc-t) remote vulnerability PoC/EXP framework
- [**1345**Star][2m] [Py] [lyft/cartography](https://github.com/lyft/cartography) Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
- [**1345**Star][11d] [Java] [android-hacker/exposed](https://github.com/android-hacker/exposed) A library to use Xposed without root or recovery(or modify system image etc..).
- [**1341**Star][10d] [C] [x64dbg/x64dbgpy](https://github.com/x64dbg/x64dbgpy) Automating x64dbg using Python, Snapshots:
- [**1341**Star][8m] [Py] [ganapati/rsactftool](https://github.com/ganapati/rsactftool) RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
- [**1340**Star][10d] [Scala] [pathikrit/better-files](https://github.com/pathikrit/better-files) Simple, safe and intuitive Scala I/O
- [**1339**Star][10d] [mengskysama/shadowsocks](https://github.com/mengskysama/shadowsocks) A fast tunnel proxy that helps you bypass firewalls
- [**1336**Star][1y] [michalmalik/linux-re-101](https://github.com/michalmalik/linux-re-101) A collection of resources for linux reverse engineering
- [**1336**Star][6m] [C] [cisco-talos/pyrebox](https://github.com/cisco-talos/pyrebox) Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
- [**1333**Star][11d] [C] [ambrop72/badvpn](https://github.com/ambrop72/badvpn) NCD scripting language, tun2socks proxifier, P2P VPN
- [**1332**Star][10d] [HTML] [subspacecloud/subspace](https://github.com/subspacecloud/subspace) A simple WireGuard VPN server GUI
- [**1326**Star][11d] [C] [xroche/httrack](https://github.com/xroche/httrack) download a World Wide website from the Internet to a local directory, building recursively all directories, getting html, images, and other files from the server to your computer.
- [**1326**Star][8m] [Py] [codingo/reconnoitre](https://github.com/codingo/reconnoitre) multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
- [**1325**Star][13d] [Batchfile] [alwsl/alwsl](https://github.com/alwsl/alwsl) Install archlinux as the WSL (Windows Subsystem for Linux) host.
- [**1325**Star][14d] [michalmalik/osx-re-101](https://github.com/michalmalik/osx-re-101) A collection of resources for OSX/iOS reverse engineering.
- [**1325**Star][10d] [Rust] [edu4rdshl/findomain](https://github.com/edu4rdshl/findomain) The fastest and cross-platform subdomain enumerator, do not waste your time.
- [**1324**Star][10d] [jakejarvis/awesome-shodan-queries](https://github.com/jakejarvis/awesome-shodan-queries) Awesome Shodan Search Queries
- [**1320**Star][10d] [riusksk/secbook](https://github.com/riusksk/secbook) 信息安全从业者书单推荐
- [**1320**Star][9d] [mortenoir1/virtualbox_e1000_0day](https://github.com/mortenoir1/virtualbox_e1000_0day) VirtualBox E1000 Guest-to-Host Escape
- [**1320**Star][2m] [PS] [hak5/bashbunny-payloads](https://github.com/hak5/bashbunny-payloads) The Official Bash Bunny Payload Repository
- [**1319**Star][10d] [Go] [malfunkt/hyperfox](https://github.com/malfunkt/hyperfox) HTTP/HTTPS MITM proxy and recorder.
- [**1319**Star][10d] [Go] [malfunkt/hyperfox](https://github.com/malfunkt/hyperfox) HTTP/HTTPS MITM proxy and recorder.
- [**1317**Star][13d] [JS] [samyk/skyjack](https://github.com/samyk/skyjack) A drone engineered to autonomously seek out, hack, and wirelessly take full control over any other Parrot or 3DR drones within wireless or flying distance, creating an army of zombie drones under your control.
- [**1317**Star][11d] [Go] [google/martian](https://github.com/google/martian)  a library for building custom HTTP/S proxies
- [**1314**Star][10d] [Py] [viper-framework/viper](https://github.com/viper-framework/viper) Binary analysis and management framework
- [**1314**Star][10d] [Py] [cve-search/cve-search](https://github.com/cve-search/cve-search) perform local searches for known vulnerabilities
- [**1313**Star][10d] [Py] [vaguileradiaz/tinfoleak](https://github.com/vaguileradiaz/tinfoleak) The most complete open-source tool for Twitter intelligence analysis
- [**1313**Star][12d] [Go] [shawn1m/overture](https://github.com/shawn1m/overture) A customized DNS forwarder written in Go
- [**1313**Star][10d] [C] [saminiir/level-ip](https://github.com/saminiir/level-ip) a Linux userspace TCP/IP stack, implemented with TUN/TAP devices.
- [**1313**Star][8m] [Py] [alessandroz/beroot](https://github.com/alessandroz/beroot) Privilege Escalation Project - Windows / Linux / Mac
- [**1310**Star][10d] [Py] [jaspersnoek/spearmint](https://github.com/jaspersnoek/spearmint) Spearmint is a package to perform Bayesian optimization according to the algorithms outlined in the paper: Practical Bayesian Optimization of Machine Learning Algorithms. Jasper Snoek, Hugo Larochelle and Ryan P. Adams. Advances in Neural Information Processing Systems, 2012
- [**1308**Star][6m] [Java] [find-sec-bugs/find-sec-bugs](https://github.com/find-sec-bugs/find-sec-bugs) The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
- [**1307**Star][4y] [C++] [microsoft/microsoft-pdb](https://github.com/microsoft/microsoft-pdb) Information from Microsoft about the PDB format. We'll try to keep this up to date. Just trying to help the CLANG/LLVM community get onto Windows.
- [**1307**Star][2y] [PS] [dafthack/mailsniper](https://github.com/dafthack/mailsniper)  a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
- [**1305**Star][10d] [C] [vlfeat/vlfeat](https://github.com/vlfeat/vlfeat) An open library of computer vision algorithms
- [**1305**Star][1y] [Py] [flipkart-incubator/astra](https://github.com/flipkart-incubator/astra) Automated Security Testing For REST API's
- [**1304**Star][10d] [Go] [hakluke/hakrawler](https://github.com/hakluke/hakrawler) Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
- [**1303**Star][12d] [Scala] [vkostyukov/scalacaster](https://github.com/vkostyukov/scalacaster) Purely Functional Algorithms and Data Structures in Scala
- [**1303**Star][10d] [zero-equals-false/awesome-programming-books](https://github.com/zero-equals-false/awesome-programming-books) Awesome Programming Books
- [**1303**Star][4m] [JS] [jpcertcc/logontracer](https://github.com/jpcertcc/logontracer) Investigate malicious Windows logon by visualizing and analyzing Windows event log
- [**1302**Star][12d] [Go] [dreadl0ck/netcap](https://github.com/dreadl0ck/netcap) A framework for secure and scalable network traffic analysis -
- [**1302**Star][10d] [JS] [davidbau/seedrandom](https://github.com/davidbau/seedrandom) seeded random number generator for Javascript
- [**1302**Star][11d] [Py] [13o-bbr-bbq/machine_learning_security](https://github.com/13o-bbr-bbq/machine_learning_security) Source code about machine learning and security.
    - [Security_and_MachineLearning](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/Security_and_MachineLearning) The elementary training course of Machine learning for security engineer.

    - [Vulnerabilities_of_ML](https://github.com/13o-bbr-bbq/machine_learning_security/blob/master/Vulnerabilities_of_ML/) Summary of Machine Learning vulnerability.

    - [Analytics](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/Analytics) Analyzing packet capture data using k-means.

    - [CNN_test](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/CNN_test) Generate adversarial example against CNN.

    - [DeepExploit](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit) Fully automatic penetration test tool using Machine Learning.

    - [Generator](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/Generator) Fully automatically generate numerous injection codes for web application assessment using Genetic Algorithm and Generative Adversarial Networks.

    - [Recommender](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/Recommender) Recommend optimal injection code for detecting web app vulnerabilities.

    - [Saivs](https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/Saivs) an artificial intelligence to find vulnerabilities in Web applications.
- [**1300**Star][10d] [C] [the-tcpdump-group/tcpdump](https://github.com/the-tcpdump-group/tcpdump) the TCPdump network dissector
- [**1300**Star][4m] [JS] [megatronking/httpcanary](https://github.com/megatronking/httpcanary) A powerful capture and injection tool for the Android platform
- [**1297**Star][11d] [PHP] [you2php/delete](https://github.com/you2php/delete) （迫于压力，本项目停止维护，请尽快fork代码。1月1日之后删除项目）[免翻墙工具]A free and open-source youtube video proxy script [Written in PHP]
- [**1296**Star][14d] [Java] [linkedin/dexmaker](https://github.com/linkedin/dexmaker) A utility for doing compile or runtime code generation targeting Android's Dalvik VM
- [**1296**Star][4m] [JS] [icymind/vrouter](https://github.com/icymind/vrouter) 一个基于 VirtualBox 和 openwrt 构建的项目, 旨在实现 macOS / Windows 平台的透明代理.
- [**1296**Star][10d] [Py] [google/timesketch](https://github.com/google/timesketch) Collaborative forensic timeline analysis
- [**1295**Star][11d] [snoopysecurity/awesome-burp-extensions](https://github.com/snoopysecurity/awesome-burp-extensions) A curated list of amazingly awesome Burp Extensions
- [**1293**Star][10d] [C] [toktok/c-toxcore](https://github.com/TokTok/c-toxcore) The future of online communications.
- [**1293**Star][2m] [Py] [mebus/cupp](https://github.com/mebus/cupp) Common User Passwords Profiler (CUPP)
- [**1289**Star][10d] [F*] [project-everest/hacl-star](https://github.com/project-everest/hacl-star) HACL*, a formally verified cryptographic library written in F*
- [**1287**Star][10d] [C++] [dvorka/mindforger](https://github.com/dvorka/mindforger) Thinking notebook and Markdown editor.
- [**1286**Star][4m] [Py] [thoughtfuldev/eagleeye](https://github.com/thoughtfuldev/eagleeye) Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
- [**1286**Star][10d] [Py] [danmcinerney/net-creds](https://github.com/danmcinerney/net-creds) Sniffs sensitive data from interface or pcap
- [**1283**Star][1y] [Py] [unapibageek/ctfr](https://github.com/unapibageek/ctfr) Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
- [**1283**Star][12d] [C#] [cn33liz/p0wnedshell](https://github.com/cn33liz/p0wnedshell) PowerShell Runspace Post Exploitation Toolkit
- [**1282**Star][1y] [Kotlin] [gh0u1l5/wechatspellbook](https://github.com/gh0u1l5/wechatspellbook) 使用Kotlin编写的开源微信插件框架，底层需要 Xposed 或 VirtualXposed 等Hooking框架的支持，而顶层可以轻松对接Java、Kotlin、Scala等JVM系语言。让程序员能够在几分钟内编写出简单的微信插件，随意揉捏微信的内部逻辑。
- [**1282**Star][16d] [C] [droe/sslsplit](https://github.com/droe/sslsplit) Transparent SSL/TLS interception
- [**1282**Star][4m] [C] [datatheorem/trustkit](https://github.com/datatheorem/trustkit) Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
- [**1280**Star][14d] [Java] [googlearchive/android-runtimepermissions](https://github.com/googlearchive/android-RuntimePermissions) This sample has been deprecated/archived. Check this repo for related samples:
- [**1279**Star][21d] [Py] [desaster/kippo](https://github.com/desaster/kippo) Kippo - SSH Honeypot
- [**1278**Star][5m] [Py] [sundowndev/phoneinfoga](https://github.com/sundowndev/phoneinfoga) Advanced information gathering & OSINT tool for phone numbers
- [**1278**Star][11d] [Pascal] [nodemcu/nodemcu-flasher](https://github.com/nodemcu/nodemcu-flasher) A firmware Flash tool for nodemcu
- [**1278**Star][4y] [Py] [elvanderb/tcp-32764](https://github.com/elvanderb/tcp-32764) some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G.
- [**1274**Star][8d] [cure53/xsschallengewiki](https://github.com/cure53/XSSChallengeWiki) Welcome to the XSS Challenge Wiki!
- [**1274**Star][8d] [HTML] [diafygi/webcrypto-examples](https://github.com/diafygi/webcrypto-examples) Web Cryptography API Examples Demo:
- [**1273**Star][7d] [Swift] [onionbrowser/onionbrowser](https://github.com/onionbrowser/onionbrowser) An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network
- [**1273**Star][11d] [C] [mubix/post-exploitation](https://github.com/mubix/post-exploitation) Post Exploitation Collection
- [**1269**Star][10d] [C] [greatscottgadgets/ubertooth](https://github.com/greatscottgadgets/ubertooth) Software, firmware and hardware designs for Ubertooth
- [**1268**Star][12d] [C++] [nasa-sw-vnv/ikos](https://github.com/nasa-sw-vnv/ikos) Static analyzer for C/C++ based on the theory of Abstract Interpretation.
- [**1267**Star][15d] [JS] [sakurity/securelogin](https://github.com/sakurity/securelogin) a decentralized authentication protocol for websites and apps
- [**1265**Star][17d] [JS] [github/lightcrawler](https://github.com/github/lightcrawler) Crawl a website and run it through Google lighthouse
- [**1264**Star][11d] [Go] [nadoo/glider](https://github.com/nadoo/glider) a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
- [**1264**Star][14d] [Py] [ethereum/pyethapp](https://github.com/ethereum/pyethapp) 
- [**1263**Star][4m] [Py] [codingo/nosqlmap](https://github.com/codingo/NoSQLMap) Automated NoSQL database enumeration and web application exploitation tool.
- [**1263**Star][10d] [Py] [landgrey/pydictor](https://github.com/landgrey/pydictor) A powerful and useful hacker dictionary builder for a brute-force attack
- [**1263**Star][4m] [YARA] [horsicq/detect-it-easy](https://github.com/horsicq/detect-it-easy) Program for determining types of files for Windows, Linux and MacOS.
- [**1261**Star][10d] [JS] [libp2p/js-libp2p](https://github.com/libp2p/js-libp2p) The JavaScript Implementation of libp2p networking stack.
- [**1260**Star][12d] [Go] [go-zoo/bone](https://github.com/go-zoo/bone) Lightning Fast HTTP Multiplexer
- [**1260**Star][11d] [denji/awesome-http-benchmark](https://github.com/denji/awesome-http-benchmark) HTTP(S) benchmark tools, testing/debugging, & restAPI (RESTful)
- [**1260**Star][3m] [Py] [ct-open-source/tuya-convert](https://github.com/ct-open-source/tuya-convert) A collection of scripts to flash Tuya IoT devices to alternative firmwares
- [**1259**Star][4m] [Java] [whataa/pandora](https://github.com/whataa/pandora) an android library for debugging what we care about directly in app.
- [**1258**Star][7d] [C#] [pwntester/ysoserial.net](https://github.com/pwntester/ysoserial.net) Deserialization payload generator for a variety of .NET formatters
- [**1257**Star][4m] [C] [the-tcpdump-group/libpcap](https://github.com/the-tcpdump-group/libpcap) the LIBpcap interface to various kernel packet capture mechanism
- [**1256**Star][23d] [Go] [cloudflare/redoctober](https://github.com/cloudflare/redoctober) Go server for two-man rule style file encryption and decryption.
- [**1254**Star][4m] [HTML] [hiddenstrawberry/crawler_illegal_cases_in_china](https://github.com/hiddenstrawberry/crawler_illegal_cases_in_china) Collection of China illegal cases about web crawler 
- [**1253**Star][13d] [C] [luigirizzo/netmap](https://github.com/luigirizzo/netmap)  an framework for very fast packet I/O from userspace
- [**1252**Star][10d] [C] [blacksphere/blackmagic](https://github.com/blacksphere/blackmagic) In application debugger for ARM Cortex microcontrollers.
- [**1251**Star][11d] [Py] [observerss/textfilter](https://github.com/observerss/textfilter) 敏感词过滤的几种实现+某1w词敏感词库
- [**1250**Star][3m] [Py] [hhyo/archery](https://github.com/hhyo/archery) SQL 审核查询平台
- [**1249**Star][16d] [Ruby] [eliotsykes/rails-security-checklist](https://github.com/eliotsykes/rails-security-checklist) This checklist is limited to Rails security precautions and there are many other aspects of running a Rails app that need to be secured 
- [**1248**Star][3m] [C#] [facepunch/facepunch.steamworks](https://github.com/facepunch/facepunch.steamworks) Another fucking c# Steamworks implementation
- [**1247**Star][10d] [HTML] [ehco1996/python-crawler](https://github.com/ehco1996/python-crawler) 从头开始 系统化的 学习如何写Python爬虫。 Python版本 3.6
- [**1247**Star][3m] [JS] [mellow-io/mellow](https://github.com/mellow-io/mellow) Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
- [**1247**Star][10d] [Py] [p4-team/ctf](https://github.com/p4-team/ctf) Ctf solutions from p4 team
- [**1244**Star][10d] [Shell] [neofelhz/neohosts](https://github.com/neofelhz/neohosts) 自由·负责·克制 去广告 Hosts 项目
- [**1244**Star][9m] [Py] [owtf/owtf](https://github.com/owtf/owtf) a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to
- [**1243**Star][11d] [PS] [powershellempire/powertools](https://github.com/PowerShellEmpire/PowerTools) PowerTools is a collection of PowerShell projects with a focus on offensive operations.
- [**1243**Star][13d] [CoffeeScript] [shadowsocks/shadowsocks-nodejs](https://github.com/shadowsocks/shadowsocks-nodejs)  a node.js port of shadowsocks.
- [**1242**Star][6y] [cure53/xsschallengewiki](https://github.com/cure53/xsschallengewiki) Welcome to the XSS Challenge Wiki!
- [**1241**Star][18d] [felixgr/secure-ios-app-dev](https://github.com/felixgr/secure-ios-app-dev) Collection of the most common vulnerabilities found in iOS applications
- [**1240**Star][10d] [Go] [sensepost/ruler](https://github.com/sensepost/ruler) A tool to abuse Exchange services
- [**1239**Star][5y] [firesuncn/bluelotus_xssreceiver](https://github.com/firesuncn/bluelotus_xssreceiver) XSS平台 CTF工具 Web安全工具
- [**1237**Star][12d] [ObjC] [krausefx/detect.location](https://github.com/krausefx/detect.location) An easy way to access the user's iOS location data without actually having access
- [**1235**Star][5m] [m4ll0k/awesome-hacking-tools](https://github.com/m4ll0k/awesome-hacking-tools) Awesome Hacking Tools
- [**1235**Star][11d] [C++] [keystone-engine/keystone](https://github.com/keystone-engine/keystone) Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings
- [**1234**Star][11d] [C] [containers/bubblewrap](https://github.com/containers/bubblewrap) Unprivileged sandboxing tool
- [**1233**Star][11d] [C++] [cryfs/cryfs](https://github.com/cryfs/cryfs) Cryptographic filesystem for the cloud
- [**1233**Star][11d] [chalker/notes](https://github.com/chalker/notes) Some public notes
- [**1232**Star][4m] [C#] [perfare/il2cppdumper](https://github.com/perfare/il2cppdumper) Restore dll from Unity il2cpp binary file (except code)
- [**1231**Star][10d] [HTML] [securitytxt/security-txt](https://github.com/securitytxt/security-txt) A proposed standard that allows websites to define security policies.
- [**1231**Star][10d] [Go] [rancher/convoy](https://github.com/rancher/convoy) A Docker volume plugin, managing persistent container volumes.
- [**1231**Star][6m] [Py] [cujanovic/ssrf-testing](https://github.com/cujanovic/ssrf-testing) SSRF (Server Side Request Forgery) testing resources
- [**1227**Star][10d] [JS] [facundoolano/google-play-scraper](https://github.com/facundoolano/google-play-scraper) Node.js scraper to get data from Google Play
- [**1226**Star][1y] [C] [f0rb1dd3n/reptile](https://github.com/f0rb1dd3n/reptile) LKM Linux rootkit
- [**1223**Star][9m] [Py] [rhinosecuritylabs/pacu](https://github.com/rhinosecuritylabs/pacu) The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
- [**1222**Star][11d] [Py] [offensive-security/exploitdb-bin-sploits](https://github.com/offensive-security/exploitdb-bin-sploits) Exploit Database binary exploits located in the /sploits directory
- [**1222**Star][10d] [Kotlin] [ingokegel/jclasslib](https://github.com/ingokegel/jclasslib) jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode.
- [**1220**Star][11d] [TS] [mgechev/ngrev](https://github.com/mgechev/ngrev) Tool for reverse engineering of Angular applications
- [**1219**Star][6y] [gdbinit/gdbinit](https://github.com/gdbinit/gdbinit) Gdbinit for OS X, iOS and others - x86, x86_64 and ARM
- [**1218**Star][10d] [HTML] [defectdojo/django-defectdojo](https://github.com/DefectDojo/django-DefectDojo) DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
- [**1218**Star][6m] [Py] [gerbenjavado/linkfinder](https://github.com/gerbenjavado/linkfinder) A python script that finds endpoints in JavaScript files
- [**1216**Star][7d] [C#] [thealgorithms/c-sharp](https://github.com/thealgorithms/c-sharp) All algorithms implemented in C#.
- [**1216**Star][4m] [w00t3k/awesome-cellular-hacking](https://github.com/w00t3k/awesome-cellular-hacking) Awesome-Cellular-Hacking
- [**1216**Star][12d] [Roff] [matiasinsaurralde/facebook-tunnel](https://github.com/matiasinsaurralde/facebook-tunnel) Tunneling Internet traffic over Facebook chat.
- [**1215**Star][7d] [PS] [microsoftdocs/virtualization-documentation](https://github.com/MicrosoftDocs/Virtualization-Documentation) Place to store our documentation, code samples, etc for public consumption.
- [**1215**Star][4m] [Java] [javiersantos/piracychecker](https://github.com/javiersantos/piracychecker) An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
- [**1215**Star][10d] [C++] [facebookincubator/oomd](https://github.com/facebookincubator/oomd) A userspace out-of-memory killer
- [**1213**Star][13d] [nebgnahz/awesome-iot-hacks](https://github.com/nebgnahz/awesome-iot-hacks) A Collection of Hacks in IoT Space so that we can address them (hopefully).
- [**1213**Star][11d] [Py] [mothran/mongol](https://github.com/mothran/mongol) A simple python tool to pinpoint the IP addresses of machines working for the Great Firewall of China.
- [**1212**Star][3m] [JS] [yjs/yjs](https://github.com/yjs/yjs) Peer-to-peer shared types
- [**1208**Star][10d] [Java] [decaywood/xueqiusuperspider](https://github.com/decaywood/xueqiusuperspider) 雪球股票信息超级爬虫
- [**1208**Star][2m] [Py] [darkoperator/dnsrecon](https://github.com/darkoperator/dnsrecon) DNS Enumeration Script
- [**1207**Star][10d] [C++] [henrypp/simplewall](https://github.com/henrypp/simplewall) Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
- [**1205**Star][15d] [JS] [odota/core](https://github.com/odota/core) Open source Dota 2 data platform
- [**1205**Star][10d] [Swift] [rockbruno/swiftshield](https://github.com/rockbruno/swiftshield) wift/OBJ-C Obfuscator
- [**1205**Star][12d] [JS] [james-proxy/james](https://github.com/james-proxy/james) Web Debugging Proxy Application
- [**1205**Star][4m] [PHP] [gregwar/captcha](https://github.com/gregwar/captcha) PHP Captcha library
- [**1205**Star][11d] [bugcrowd/bugcrowd_university](https://github.com/bugcrowd/bugcrowd_university) Open source education content for the researcher community
- [**1204**Star][4m] [Py] [nccgroup/scoutsuite](https://github.com/nccgroup/scoutsuite) Multi-Cloud Security Auditing Tool
- [**1203**Star][4m] [C++] [wavm/wavm](https://github.com/WAVM/WAVM) WebAssembly Virtual Machine
- [**1203**Star][6m] [Go] [genuinetools/reg](https://github.com/genuinetools/reg) Docker registry v2 command line client and repo listing generator with security checks.
- [**1203**Star][8m] [Py] [jtesta/ssh-mitm](https://github.com/jtesta/ssh-mitm) SSH man-in-the-middle tool
- [**1202**Star][4m] [Go] [mmcloughlin/avo](https://github.com/mmcloughlin/avo) Generate x86 Assembly with Go
- [**1201**Star][10d] [JS] [cypress-io/cypress-example-recipes](https://github.com/cypress-io/cypress-example-recipes) Various recipes for testing common scenarios with Cypress
- [**1200**Star][10d] [Py] [hackathonhackers/personal-sites](https://github.com/hackathonhackers/personal-sites) List of Hackathon Hackers' personal sites.
- [**1198**Star][10d] [Shell] [dhruvvyas90/qemu-rpi-kernel](https://github.com/dhruvvyas90/qemu-rpi-kernel) Qemu kernel for emulating Rpi on QEMU
- [**1197**Star][10d] [C#] [nicehash/nicehashminer](https://github.com/nicehash/NiceHashMiner) NiceHash Miner
- [**1197**Star][11d] [Py] [programa-stic/barf-project](https://github.com/programa-stic/barf-project)  A multiplatform open source Binary Analysis and Reverse engineering Framework
- [**1197**Star][12d] [cloudflare/sslconfig](https://github.com/cloudflare/sslconfig) Cloudflare's Internet facing SSL configuration
- [**1197**Star][12d] [C++] [cgdb/cgdb](https://github.com/cgdb/cgdb) Console front-end to the GNU debugger
- [**1196**Star][12d] [bo0om/fuzz.txt](https://github.com/bo0om/fuzz.txt) Potentially dangerous files
- [**1195**Star][12d] [C] [hackerschoice/thc-tips-tricks-hacks-cheat-sheet](https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet) Various tips & tricks
- [**1195**Star][12d] [Assembly] [algorithm-archivists/algorithm-archive](https://github.com/algorithm-archivists/algorithm-archive) A collaborative book on algorithms
- [**1194**Star][8d] [PHP] [jaybizzle/crawler-detect](https://github.com/jaybizzle/crawler-detect) a PHP class for detecting bots/crawlers/spiders via the user agent and http_from header.
- [**1194**Star][2y] [Py] [citronneur/rdpy](https://github.com/citronneur/rdpy) Remote Desktop Protocol in Twisted Python
- [**1193**Star][13d] [Ruby] [felipecsl/wombat](https://github.com/felipecsl/wombat) Lightweight Ruby web crawler/scraper with an elegant DSL which extracts structured data from pages.
- [**1192**Star][1y] [Java] [luckyzxl2016/movie_recommend](https://github.com/luckyzxl2016/movie_recommend) 基于Spark的电影推荐系统，包含爬虫项目、web网站、后台管理系统以及spark推荐系统
- [**1192**Star][9d] [yzddmr6/webshell-venom](https://github.com/yzddmr6/webshell-venom) Generate webshell that bypass AV
- [**1192**Star][10d] [OCaml] [binaryanalysisplatform/bap](https://github.com/binaryanalysisplatform/bap) Binary Analysis Platform
- [**1190**Star][10d] [Ruby] [igrigorik/decisiontree](https://github.com/igrigorik/decisiontree) ID3-based implementation of the ML Decision Tree algorithm
- [**1189**Star][10d] [Py] [qyriad/fusee-launcher](https://github.com/Qyriad/fusee-launcher) work-in-progress launcher for one of the Tegra X1 bootROM exploits
- [**1189**Star][7y] [JS] [ptwobrussell/mining-the-social-web](https://github.com/ptwobrussell/mining-the-social-web) The official online compendium for Mining the Social Web (O'Reilly, 2011)
- [**1189**Star][27d] [Py] [hackappcom/ibrute](https://github.com/hackappcom/ibrute) AppleID bruteforce p0c
- [**1188**Star][11d] [Py] [openai/neural-mmo](https://github.com/openai/neural-mmo) Code for the paper "Neural MMO: A Massively Multiagent Game Environment for Training and Evaluating Intelligent Agents"
- [**1187**Star][3m] [C] [nethack/nethack](https://github.com/nethack/nethack) Official NetHack Git Repository
- [**1187**Star][11d] [0x4d31/awesome-threat-detection](https://github.com/0x4d31/awesome-threat-detection) A curated list of awesome threat detection and hunting resources
- [**1186**Star][3m] [TS] [microsoft/botframework-emulator](https://github.com/microsoft/botframework-emulator) Bot Framework Emulator
- [**1186**Star][11d] [Py] [infosec-au/altdns](https://github.com/infosec-au/altdns) Generates permutations, alterations and mutations of subdomains and then resolves them
- [**1185**Star][10d] [guardrailsio/awesome-golang-security](https://github.com/guardrailsio/awesome-golang-security) Awesome Golang Security resources
- [**1182**Star][4m] [hikariobfuscator/hikari](https://github.com/HikariObfuscator/Hikari) LLVM Obfuscator
- [**1180**Star][11d] [paulsec/awesome-windows-domain-hardening](https://github.com/PaulSec/awesome-windows-domain-hardening) A curated list of awesome Security Hardening techniques for Windows.
- [**1179**Star][10d] [Go] [sevlyar/go-daemon](https://github.com/sevlyar/go-daemon) A library for writing system daemons in golang.
- [**1179**Star][11d] [Py] [john-kurkowski/tldextract](https://github.com/john-kurkowski/tldextract) Accurately separate the TLD from the registered domain and subdomains of a URL, using the Public Suffix List.
- [**1177**Star][10d] [PHP] [jvoisin/php-malware-finder](https://github.com/jvoisin/php-malware-finder) Detect potentially malicious PHP files
- [**1177**Star][10d] [Py] [googleprojectzero/domato](https://github.com/googleprojectzero/domato) DOM fuzzer
- [**1177**Star][4y] [PS] [powershellempire/powertools](https://github.com/powershellempire/powertools) a collection of PowerShell projects with a focus on offensive operations.
    - [PewPewPew](https://github.com/powershellempire/powertools/tree/master/PewPewPew) scripts that utilize a common pattern to host a script on a PowerShell webserver, invoke the IEX download cradle to download/execute the target code and post the results back to the server, and then post-process any results.
    - [PowerBreach](https://github.com/powershellempire/powertools/tree/master/PowerBreach) a backdoor toolkit that aims to provide the user a wide variety of methods to backdoor a system. 
    - [PowerPick](https://github.com/powershellempire/powertools/tree/master/PowerPick) allowing the execution of Powershell functionality without the use of Powershell.exe
- [**1177**Star][10d] [PHP] [jvoisin/php-malware-finder](https://github.com/jvoisin/php-malware-finder) Detect potentially malicious PHP files
- [**1176**Star][14d] [Java] [weexteam/hackernews-app-powered-by-apache-weex](https://github.com/weexteam/hackernews-App-powered-by-Apache-Weex) A mobile app for Hacker News, which is powered by Weex and Vue.
- [**1176**Star][12d] [Go] [y0ssar1an/q](https://github.com/y0ssar1an/q) Quick and dirty debugging output for tired Go programmers
- [**1176**Star][10m] [Vue] [0xbug/hawkeye](https://github.com/0xbug/hawkeye) GitHub Sensitive Information Leakage Monitor Spider
- [**1175**Star][1y] [ssrarchive/shadowsocks-rss](https://github.com/ssrarchive/shadowsocks-rss) Shadowsocksr project backup
- [**1172**Star][8d] [HTML] [owasp/nodegoat](https://github.com/owasp/nodegoat) 学习OWASP安全威胁Top10如何应用到Web App的，以及如何处理
- [**1172**Star][10d] [C++] [opentx/opentx](https://github.com/opentx/opentx) OpenTX custom firmware for Transmitters
- [**1171**Star][4m] [Go] [u-root/u-root](https://github.com/u-root/u-root) A fully Go userland with Linux bootloaders! u-root can create a root file system (initramfs) containing a busybox-like set of tools written in Go.
- [**1171**Star][8m] [HTML] [cure53/httpleaks](https://github.com/cure53/httpleaks) HTTPLeaks - All possible ways, a website can leak HTTP requests
- [**1170**Star][10d] [C++] [dannagle/packetsender](https://github.com/dannagle/packetsender) Network utility for sending / receiving TCP, UDP, SSL
- [**1170**Star][7d] [Py] [ring04h/wydomain](https://github.com/ring04h/wydomain) to discover subdomains of your target domain
- [**1170**Star][11d] [HTML] [hookmaster/frida-all-in-one](https://github.com/hookmaster/frida-all-in-one) FRIDA操作手册
- [**1170**Star][10d] [Py] [gotcha/ipdb](https://github.com/gotcha/ipdb) Integration of IPython pdb
- [**1169**Star][12d] [Py] [diafygi/acme-nosudo](https://github.com/diafygi/acme-nosudo) Free HTTPS certificates without having to trust the letsencrypt cli with sudo/root
- [**1168**Star][15d] [Go] [mozilla/mig](https://github.com/mozilla/mig) Distributed & real time digital forensics at the speed of the cloud
- [**1168**Star][4m] [Batchfile] [ckjbug/hacking](https://github.com/ckjbug/hacking) Collate and develop network security, Hackers technical documentation and tools, code.
- [**1167**Star][4m] [HTML] [nsacyber/windows-secure-host-baseline](https://github.com/nsacyber/Windows-Secure-Host-Baseline) Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
- [**1167**Star][3m] [Py] [bugcrowd/hunt](https://github.com/bugcrowd/HUNT) Burp和ZAP的扩展收集
- [**1166**Star][11d] [PHP] [lucb1e/cookielesscookies](https://github.com/lucb1e/cookielesscookies) Demo of tracking using etags instead of cookies (or localstorage or anything else)
- [**1164**Star][10d] [C] [s0lst1c3/eaphammer](https://github.com/s0lst1c3/eaphammer) Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
- [**1164**Star][12d] [onethawt/reverseengineering-reading-list](https://github.com/onethawt/reverseengineering-reading-list) A list of Reverse Engineering articles, books, and papers
- [**1164**Star][17d] [Ruby] [cryptosphere/cryptosphere](https://github.com/cryptosphere/cryptosphere) Encrypted peer-to-peer web application platform for decentralized, privacy-preserving applications
- [**1163**Star][13d] [Py] [openrce/sulley](https://github.com/openrce/sulley) A pure-python fully automated and unattended fuzzing framework.
- [**1163**Star][10d] [Py] [google/uis-rnn](https://github.com/google/uis-rnn) This is the library for the Unbounded Interleaved-State Recurrent Neural Network (UIS-RNN) algorithm, corresponding to the paper Fully Supervised Speaker Diarization.
- [**1162**Star][15d] [Py] [byt3bl33d3r/gcat](https://github.com/byt3bl33d3r/gcat) A PoC backdoor that uses Gmail as a C&C server
- [**1159**Star][1y] [Py] [certsocietegenerale/fir](https://github.com/certsocietegenerale/fir) Fast Incident Response
- [**1158**Star][10d] [Py] [rajkumardusad/tool-x](https://github.com/rajkumardusad/Tool-X) Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions.
- [**1158**Star][13d] [Shell] [fritz-smh/yi-hack](https://github.com/fritz-smh/yi-hack) Xiaomi Yi Ants camera hack
- [**1157**Star][10d] [Rich Text Format] [decalage2/oletools](https://github.com/decalage2/oletools)  python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
- [**1156**Star][9d] [Ruby] [lionsec/xerosploit](https://github.com/lionsec/xerosploit) Efficient and advanced man in the middle framework
- [**1156**Star][25d] [Ruby] [kostya/eye](https://github.com/kostya/eye) Process monitoring tool. Inspired from Bluepill and God.
- [**1155**Star][11d] [vaib25vicky/awesome-mobile-security](https://github.com/vaib25vicky/awesome-mobile-security) An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
- [**1154**Star][3m] [Py] [ondyari/faceforensics](https://github.com/ondyari/faceforensics) Github of the FaceForensics dataset
- [**1154**Star][6m] [Java] [huangyz0918/androidwm](https://github.com/huangyz0918/androidwm) An android image watermark library that supports invisible digital watermarks (steganography).
- [**1154**Star][3m] [C++] [cppcon/cppcon2018](https://github.com/cppcon/cppcon2018) Slides and other materials from CppCon 2018
- [**1154**Star][3m] [PHP] [automattic/jetpack](https://github.com/automattic/jetpack) Increase your traffic, view your stats, speed up your site, and protect yourself from hackers with Jetpack.
- [**1153**Star][2y] [PS] [rasta-mouse/sherlock](https://github.com/rasta-mouse/sherlock) PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
- [**1153**Star][10d] [Py] [knownsec/pocsuite3](https://github.com/knownsec/pocsuite3) remote vulnerability testing framework developed by the Knownsec 404 Team.
- [**1152**Star][10d] [enjalot/algovis](https://github.com/enjalot/algovis) collection of projects and links about algorithm visualization
- [**1151**Star][10d] [C++] [whitewaterfoundry/pengwin](https://github.com/WhitewaterFoundry/Pengwin) A Linux distro optimized for WSL based on Debian.
- [**1151**Star][15d] [Py] [secforce/sparta](https://github.com/secforce/sparta) Network Infrastructure Penetration Testing Tool
- [**1150**Star][11d] [HTML] [sindresorhus/devtools-detect](https://github.com/sindresorhus/devtools-detect) Detect if DevTools is open and its orientation
- [**1150**Star][3m] [HTML] [darksecdevelopers/hiddeneye](https://github.com/darksecdevelopers/hiddeneye) Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ]
- [**1149**Star][4m] [zbetcheckin/security_list](https://github.com/zbetcheckin/security_list) Great security list for fun and profit
- [**1149**Star][10d] [JS] [opencti-platform/opencti](https://github.com/opencti-platform/opencti) Open Cyber Threat Intelligence Platform
- [**1149**Star][4m] [Kotlin] [duckduckgo/android](https://github.com/duckduckgo/android) DuckDuckGo Android App
- [**1149**Star][10d] [C] [cksystemsteaching/selfie](https://github.com/cksystemsteaching/selfie) An educational software system of a tiny self-compiling C compiler, a tiny self-executing RISC-V emulator, and a tiny self-hosting RISC-V hypervisor.
- [**1148**Star][10d] [C] [bt3gl/pentesting_toolkit](https://github.com/bt3gl/Pentesting_Toolkit) 渗透测试，CTF和战争游戏的工具收集
- [**1148**Star][10d] [C] [siemens/jailhouse](https://github.com/siemens/jailhouse) Linux-based partitioning hypervisor
- [**1147**Star][5m] [Py] [yelp/detect-secrets](https://github.com/yelp/detect-secrets) An enterprise friendly way of detecting and preventing secrets in code.
- [**1147**Star][2m] [HTML] [defectdojo/django-defectdojo](https://github.com/defectdojo/django-defectdojo) DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
- [**1147**Star][3m] [C#] [cobbr/covenant](https://github.com/cobbr/covenant) Covenant is a collaborative .NET C2 framework for red teamers.
- [**1145**Star][3m] [Py] [dropsdevopsorg/ecommercecrawlers](https://github.com/dropsdevopsorg/ecommercecrawlers) 多种电商商品数据🐍爬虫，整理收集爬虫练习
- [**1145**Star][11d] [Py] [lucifer1993/struts-scan](https://github.com/lucifer1993/struts-scan) struts2漏洞全版本检测和利用工具
- [**1144**Star][13d] [Java] [android-notes/swissarmyknife](https://github.com/android-notes/swissarmyknife) android ui调试工具
- [**1143**Star][6m] [Verilog] [cliffordwolf/picorv32](https://github.com/cliffordwolf/picorv32) PicoRV32 - A Size-Optimized RISC-V CPU
- [**1143**Star][14d] [PHP] [antonioribeiro/firewall](https://github.com/antonioribeiro/firewall) Firewall package for Laravel applications
- [**1142**Star][10d] [Py] [fireeye/flare-ida](https://github.com/fireeye/flare-ida) Multiple IDA plugins and IDAPython scripts
    - [StackStrings](https://github.com/fireeye/flare-ida/blob/master/plugins/stackstrings_plugin.py) recovery of manually constructed strings described [here](http://www.fireeye.com/blog/threat-research/2014/08/flare-ida-pro-script-series-automatic-recovery-of-constructed-strings-in-malware.html)
    - [Struct Typer](https://github.com/fireeye/flare-ida/blob/master/plugins/struct_typer_plugin.py) implements the struct typing described [here](https://www.mandiant.com/blog/applying-function-types-structure-fields-ida/)
    - [ApplyCalleeType](https://github.com/fireeye/flare-ida/blob/master/python/flare/apply_callee_type.py) specify or choose a function type for indirect calls as described [here](https://www.fireeye.com/blog/threat-research/2015/04/flare_ida_pro_script.html)
    - [argtracker](https://github.com/fireeye/flare-ida/blob/master/python/flare/argtracker.py) identify static arguments to functions used within a program
    - [idb2pat](https://github.com/fireeye/flare-ida/blob/master/python/flare/idb2pat.py) generate function patterns from an existing IDB database that can then be turned into FLIRT signatures to help identify similar functions in new files. [more info](https://www.fireeye.com/blog/threat-research/2015/01/flare_ida_pro_script.html)
    - [objc2_analyzer](https://github.com/fireeye/flare-ida/blob/master/python/flare/objc2_analyzer.py) creates cross-references between selector references and their implementations as defined in the Objective-C runtime related sections of the target Mach-O executable
    - [MSDN Annotations](https://github.com/fireeye/flare-ida/tree/master/python/flare/IDB_MSDN_Annotator) adds MSDN information from a XML file to the IDB database. [more info](https://www.fireeye.com/blog/threat-research/2014/09/flare-ida-pro-script-series-msdn-annotations-ida-pro-for-malware-analysis.html)
    - [ironstrings](https://github.com/fireeye/flare-ida/tree/master/python/flare/ironstrings) uses code emulation to recover constructed strings (stackstrings) from malware
    - [Shellcode Hashes](https://github.com/fireeye/flare-ida/tree/master/shellcode_hashes) create the database for hash search described in [here](https://www.mandiant.com/blog/precalculated-string-hashes-reverse-engineering-shellcode/)
- [**1141**Star][8m] [PHP] [tuhinshubhra/red_hawk](https://github.com/tuhinshubhra/red_hawk) All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
- [**1140**Star][2m] [Java] [indy256/codelibrary](https://github.com/indy256/codelibrary) 
- [**1140**Star][4m] [Py] [coffeehb/some-poc-or-exp](https://github.com/coffeehb/some-poc-or-exp) 各种漏洞poc、Exp的收集或编写
- [**1139**Star][12d] [C++] [cmuratori/meow_hash](https://github.com/cmuratori/meow_hash) Official version of the Meow hash, an extremely fast level 3 hash
- [**1139**Star][10d] [Kotlin] [chuckerteam/chucker](https://github.com/chuckerteam/chucker) simplifies the inspection of HTTP(S) requests/responses, and Throwables fired by your Android App
- [**1139**Star][1y] [Py] [0x00-0x00/shellpop](https://github.com/0x00-0x00/shellpop) Pop shells like a master.
- [**1138**Star][4m] [Py] [out0fmemory/goagent-always-available](https://github.com/out0fmemory/goagent-always-available) 一直可用的GoAgent，会定时扫描可用的google gae ip，提供可自动化获取ip运行的版本
- [**1138**Star][10d] [JS] [codfrm/cxmooc-tools](https://github.com/codfrm/cxmooc-tools) 一个 超星(学习通)/智慧树(知到)/中国大学慕课 刷课工具,火狐,谷歌,油猴支持.全自动任务,视频倍速秒过,作业考试题库,验证码自动打码(੧ᐛ੭挂科模式,启动)
- [**1137**Star][5m] [slowmist/knowledge-base](https://github.com/slowmist/knowledge-base) Knowledge Base 慢雾安全团队知识库
- [**1136**Star][2y] [ObjC] [neoneggplant/eggshell](https://github.com/neoneggplant/eggshell) iOS/macOS/Linux Remote Administration Tool
- [**1136**Star][4m] [C++] [cxbx-reloaded/cxbx-reloaded](https://github.com/cxbx-reloaded/cxbx-reloaded) Xbox (Original) Emulator
- [**1135**Star][4m] [Boo] [byt3bl33d3r/silenttrinity](https://github.com/byt3bl33d3r/silenttrinity) An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
- [**1134**Star][11d] [Go] [smallstep/cli](https://github.com/smallstep/cli) a zero trust swiss army knife that integrates with step-ca for automated certificate management
- [**1133**Star][10d] [C++] [hasherezade/pe-sieve](https://github.com/hasherezade/pe-sieve) Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
- [**1133**Star][2y] [C++] [x64dbg/gleebug](https://github.com/x64dbg/gleebug) Debugging Framework for Windows.
- [**1133**Star][4m] [Java] [manbanggroup/phantom](https://github.com/manbanggroup/phantom)  唯一零 Hook 稳定占坑类 Android 热更新插件化方案
- [**1133**Star][10m] [C#] [ebekker/acmesharp](https://github.com/ebekker/acmesharp) An ACME client library and PowerShell client for the .NET platform (Let's Encrypt)
- [**1133**Star][17d] [aoh/radamsa](https://github.com/aoh/radamsa) a general-purpose fuzzer
- [**1132**Star][10d] [Rust] [fgribreau/mailchecker](https://github.com/fgribreau/mailchecker) Cross-language email validation
- [**1130**Star][10d] [Py] [wibiti/uncompyle2](https://github.com/wibiti/uncompyle2) Python 2.7 decompiler
- [**1127**Star][12d] [C++] [gigablast/open-source-search-engine](https://github.com/gigablast/open-source-search-engine) Nov 20 2017 -- A distributed open source search engine and spider/crawler written in C/C++ for Linux on Intel/AMD. From gigablast dot com, which has binaries for download. See the README.md file at the very bottom of this page for instructions.
- [**1125**Star][11d] [Py] [stampery/mongoaudit](https://github.com/stampery/mongoaudit) 
- [**1123**Star][10d] [Go] [weaveworks/ignite](https://github.com/weaveworks/ignite) Ignite a Firecracker microVM
- [**1122**Star][2y] [ObjC] [yulingtianxia/fishchat](https://github.com/yulingtianxia/fishchat) Hook WeChat.app on non-jailbroken devices.
- [**1121**Star][7d] [Py] [nccgroup/winpayloads](https://github.com/nccgroup/Winpayloads) Undetectable Windows Payload Generation
- [**1121**Star][7y] [C] [stephenfewer/reflectivedllinjection](https://github.com/stephenfewer/reflectivedllinjection) Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
- [**1121**Star][2y] [ObjC] [lyndir/masterpassword](https://github.com/lyndir/masterpassword) A stateless password management solution. [OBSOLETE, moved to
- [**1121**Star][9m] [Py] [h4ckforjob/dirmap](https://github.com/h4ckforjob/dirmap) An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。
- [**1118**Star][5m] [JS] [freetubeapp/freetube](https://github.com/freetubeapp/freetube) An Open Source YouTube app for privacy
- [**1117**Star][11d] [Py] [m57/dnsteal](https://github.com/m57/dnsteal) DNS Exfiltration tool for stealthily sending files over DNS requests.
- [**1117**Star][4m] [C++] [google/sandboxed-api](https://github.com/google/sandboxed-api) Generates sandboxes for C/C++ libraries automatically
- [**1115**Star][10d] [C] [t6x/reaver-wps-fork-t6x](https://github.com/t6x/reaver-wps-fork-t6x) a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases
- [**1114**Star][13d] [Go] [looterz/grimd](https://github.com/looterz/grimd) Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers.
- [**1113**Star][7d] [Shell] [owasp/wstg](https://github.com/owasp/wstg) The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
- [**1113**Star][7d] [Shell] [owasp/wstg](https://github.com/OWASP/wstg) The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
- [**1113**Star][4m] [C++] [ddosolitary/lxrunoffline](https://github.com/ddosolitary/lxrunoffline) A full-featured utility for managing Windows Subsystem for Linux (WSL)
- [**1112**Star][13d] [evilsocket/bleah](https://github.com/evilsocket/bleah) This repository is DEPRECATED, please use bettercap as this tool has been ported to its BLE modules.
- [**1112**Star][14d] [ObjC] [dyci/dyci-main](https://github.com/dyci/dyci-main) Dynamic Code Injection Tool for Objective-C
- [**1110**Star][10d] [Go] [maliceio/malice](https://github.com/maliceio/malice) VirusTotal Wanna Be - Now with 100% more Hipster
- [**1110**Star][4y] [C++] [bonzaithepenguin/wikisort](https://github.com/bonzaithepenguin/wikisort) Fast and stable sort algorithm that uses O(1) memory. Public domain.
- [**1109**Star][10d] [Go] [vishvananda/netlink](https://github.com/vishvananda/netlink) Simple netlink library for go.
- [**1109**Star][10d] [Py] [rsmusllp/king-phisher](https://github.com/rsmusllp/king-phisher) Phishing Campaign Toolkit
- [**1109**Star][10d] [Py] [jekil/awesome-hacking](https://github.com/jekil/awesome-hacking) Awesome hacking is an awesome collection of hacking tools.
- [**1108**Star][10d] [Shell] [zfl9/ss-tproxy](https://github.com/zfl9/ss-tproxy) 搭建 SS/SSR/V2Ray/Socks5 透明代理环境的简陋脚本
- [**1108**Star][4m] [Py] [storyyeller/krakatau](https://github.com/storyyeller/krakatau) Java decompiler, assembler, and disassembler
- [**1108**Star][4m] [leng-yue/lengyue-vcode](https://github.com/leng-yue/lengyue-vcode) Project Stopped
- [**1107**Star][3m] [C] [quickjs-zh/quickjs](https://github.com/quickjs-zh/quickjs) QuickJS是一个小型并且可嵌入的Javascript引擎，它支持ES2020规范，包括模块，异步生成器和代理器。
- [**1107**Star][7d] [Swift] [polidea/rxbluetoothkit](https://github.com/polidea/rxbluetoothkit) iOS & OSX Bluetooth library for RxSwift
- [**1107**Star][10d] [Go] [liamg/tfsec](https://github.com/liamg/tfsec) 
- [**1106**Star][10d] [Go] [tricksterproxy/trickster](https://github.com/tricksterproxy/trickster) Open Source HTTP Reverse Proxy Cache and Time Series Dashboard Accelerator
- [**1106**Star][10d] [Go] [tricksterproxy/trickster](https://github.com/tricksterproxy/trickster) Open Source HTTP Reverse Proxy Cache and Time Series Dashboard Accelerator
- [**1106**Star][10d] [Batchfile] [kkkgo/kms_vl_all](https://github.com/kkkgo/kms_vl_all) 
- [**1106**Star][11d] [Assembly] [nullsecuritynet/tools](https://github.com/nullsecuritynet/tools) Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
- [**1105**Star][10d] [Shell] [dominicbreuker/stego-toolkit](https://github.com/dominicbreuker/stego-toolkit) Collection of steganography tools - helps with CTF challenges
- [**1104**Star][11d] [C++] [simsong/tcpflow](https://github.com/simsong/tcpflow) TCP/IP packet demultiplexer
- [**1104**Star][3m] [Py] [shmilylty/oneforall](https://github.com/shmilylty/oneforall) subdomain collect
- [**1104**Star][10d] [hugetiny/awesome-vpn](https://github.com/hugetiny/awesome-vpn) A curated list of awesome free VPNs and proxies.
- [**1103**Star][11d] [JS] [lukechilds/reverse-shell](https://github.com/lukechilds/reverse-shell) Easy to remember reverse shell that should work on most Unix-like systems.
- [**1102**Star][13d] [C] [micronucleus/micronucleus](https://github.com/micronucleus/micronucleus) ATTiny usb bootloader with a strong emphasis on bootloader compactness.
- [**1102**Star][1y] [C] [baoleiji/qilinbaoleiji](https://github.com/baoleiji/qilinbaoleiji) 堡垒机-麒麟堡垒机，集堡垒机、SSLVPN-堡垒机内置、动态口令-堡垒机内置、应用审计-堡垒机内置、数据库审计-堡垒机内置、CA证书-堡垒机内置-堡垒机内置、云桌面-堡垒机内置、密码自动修改为一体的堡垒机系统
- [**1101**Star][11d] [Go] [geziyor/geziyor](https://github.com/geziyor/geziyor) Geziyor, a fast web crawling & scraping framework for Go. Supports JS rendering.
- [**1101**Star][11d] [C] [ianharvey/bluepy](https://github.com/ianharvey/bluepy) Python interface to Bluetooth LE on Linux
- [**1100**Star][12d] [C++] [whitequark/unfork](https://github.com/whitequark/unfork) unfork(2) is the inverse of fork(2). sort of.
- [**1100**Star][11d] [Py] [forseti-security/forseti-security](https://github.com/forseti-security/forseti-security)  A community-driven collection of open source tools to improve the security of your Google Cloud Platform environments
- [**1099**Star][4m] [Py] [howie6879/ruia](https://github.com/howie6879/ruia) Async Python 3.6+ web scraping micro-framework based on asyncio（Python3.6+异步爬虫框架）
- [**1098**Star][13d] [C] [tpruvot/cpuminer-multi](https://github.com/tpruvot/cpuminer-multi) crypto cpuminer (linux + windows)
- [**1098**Star][10d] [C] [mintty/mintty](https://github.com/mintty/mintty) The Cygwin Terminal – terminal emulator for Cygwin, MSYS, and WSL
- [**1098**Star][10d] [Py] [kiminewt/pyshark](https://github.com/kiminewt/pyshark) Python wrapper for tshark, allowing python packet parsing using wireshark dissectors
- [**1097**Star][10d] [zhaoweih/shadowsocks-tutorial](https://github.com/zhaoweih/shadowsocks-tutorial) SS教程
- [**1097**Star][11d] [Py] [ticarpi/jwt_tool](https://github.com/ticarpi/jwt_tool)  a toolkit for validating, forging and cracking JWTs (JSON Web Tokens).
- [**1095**Star][11d] [C] [govolution/avet](https://github.com/govolution/avet) AntiVirus Evasion Tool
- [**1095**Star][12d] [Shell] [firehol/firehol](https://github.com/firehol/firehol) A firewall for humans...
- [**1094**Star][2y] [Batchfile] [nextronsystems/aptsimulator](https://github.com/NextronSystems/APTSimulator) A toolset to make a system look as if it was the victim of an APT attack
- [**1093**Star][17d] [stephenturner/oneliners](https://github.com/stephenturner/oneliners) Useful bash one-liners for bioinformatics.
- [**1093**Star][14d] [C] [trailofbits/ctf](https://github.com/trailofbits/ctf) CTF Field Guide
- [**1093**Star][11m] [Py] [nccgroup/winpayloads](https://github.com/nccgroup/winpayloads) Undetectable Windows Payload Generation
- [**1093**Star][11d] [JS] [monzo/response](https://github.com/monzo/response) Monzo's real-time incident response and reporting tool
- [**1093**Star][11d] [C++] [firmata/arduino](https://github.com/firmata/arduino) Firmata firmware for Arduino
- [**1093**Star][11d] [C] [fdiskyou/injectallthethings](https://github.com/fdiskyou/injectallthethings) Seven different DLL injection techniques in one single project.
- [**1092**Star][11d] [C++] [ibaaj/dijkstra-cartography](https://github.com/ibaaj/dijkstra-cartography) Using Dijkstra's algorithm ("finding the shortest paths between nodes in a graph") to draw maps
- [**1090**Star][10d] [Py] [foldingathome/coronavirus](https://github.com/foldingathome/coronavirus) Folding@home COVID-19 efforts
- [**1088**Star][26d] [Py] [muricoca/crab](https://github.com/muricoca/crab) Crab is a flexible, fast recommender engine for Python that integrates classic information filtering recommendation algorithms in the world of scientific Python packages (numpy, scipy, matplotlib).
- [**1087**Star][12d] [C] [gsliepen/tinc](https://github.com/gsliepen/tinc) a VPN daemon
- [**1086**Star][15d] [Py] [dixudx/tumblr-crawler](https://github.com/dixudx/tumblr-crawler) Easily download all the photos/videos from tumblr blogs.
- [**1085**Star][14d] [C] [xairy/kernel-exploits](https://github.com/xairy/kernel-exploits) My proof-of-concept exploits for the Linux kernel
- [**1085**Star][3y] [wtsxdev/machine-learning-for-cyber-security](https://github.com/wtsxdev/machine-learning-for-cyber-security) Curated list of tools and resources related to the use of machine learning for cyber security
- [**1085**Star][6m] [C] [quiet/quiet](https://github.com/quiet/quiet) Transmit data with sound. Includes binaries for soundcards and .wav files.
- [**1084**Star][10d] [Rust] [zboxfs/zbox](https://github.com/zboxfs/zbox) Zero-details, privacy-focused in-app file system.
- [**1084**Star][13d] [C] [tcurdt/iproxy](https://github.com/tcurdt/iproxy) Let's you connect your laptop to the iPhone to surf the web.
- [**1084**Star][10d] [Rust] [sozu-proxy/sozu](https://github.com/sozu-proxy/sozu) Sōzu HTTP reverse proxy, configurable at runtime, fast and safe, built in Rust. It is awesome! Ping us on gitter to know more
- [**1084**Star][11d] [C] [crmulliner/adbi](https://github.com/crmulliner/adbi) Android Dynamic Binary Instrumentation Toolkit
- [**1083**Star][4m] [C] [zerosum0x0/cve-2019-0708](https://github.com/zerosum0x0/cve-2019-0708) Scanner PoC for CVE-2019-0708 RDP RCE vuln
- [**1082**Star][12m] [PS] [nytrorst/netripper](https://github.com/nytrorst/netripper) Smart traffic sniffing for penetration testers
- [**1081**Star][12d] [Py] [woj-ciech/kamerka](https://github.com/woj-ciech/kamerka) Build interactive map of cameras from Shodan
- [**1081**Star][12d] [C] [cr-marcstevens/sha1collisiondetection](https://github.com/cr-marcstevens/sha1collisiondetection) Library and command line tool to detect SHA-1 collision in a file
- [**1080**Star][10d] [ctfs/resources](https://github.com/ctfs/resources) A general collection of information, tools, and tips regarding CTFs and similar security competitions
- [**1079**Star][3m] [C++] [everdox/infinityhook](https://github.com/everdox/infinityhook) Hook system calls, context switches, page faults and more.
- [**1078**Star][11d] [Go] [arkweid/lefthook](https://github.com/arkweid/lefthook) Fast and powerful Git hooks manager for any type of projects.
- [**1078**Star][10d] [Go] [40t/go-sniffer](https://github.com/40t/go-sniffer) 
- [**1077**Star][3y] [Perl] [samyk/usbdriveby](https://github.com/samyk/usbdriveby) USBdriveby exploits the trust of USB devices by emulating an HID keyboard and mouse, installing a cross-platform firewall-evading backdoor, and rerouting DNS within seconds of plugging it in.
- [**1076**Star][8d] [C++] [herumi/xbyak](https://github.com/herumi/xbyak) a JIT assembler for x86(IA-32)/x64(AMD64, x86-64) MMX/SSE/SSE2/SSE3/SSSE3/SSE4/FPU/AVX/AVX2/AVX-512 by C++ header
- [**1076**Star][11d] [Ruby] [david942j/one_gadget](https://github.com/david942j/one_gadget) The best tool for finding one gadget RCE in libc.so.6
- [**1076**Star][10d] [Jupyter Notebook] [bukosabino/ta](https://github.com/bukosabino/ta) Technical Analysis Library using Pandas and Numpy
- [**1075**Star][7d] [Py] [ezaquarii/vpn-at-home](https://github.com/ezaquarii/vpn-at-home) 1-click, self-hosted deployment of OpenVPN with DNS ad blocking sinkhole
- [**1073**Star][10d] [C] [u-boot/u-boot](https://github.com/u-boot/u-boot) "Das U-Boot" Source Tree
- [**1072**Star][9m] [PS] [kevin-robertson/inveigh](https://github.com/kevin-robertson/inveigh) Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
- [**1072**Star][11d] [JS] [gautamkrishnar/nothing-private](https://github.com/gautamkrishnar/nothing-private) Do you think you are safe using private browsing or incognito mode?.
- [**1071**Star][11d] [Py] [scrapinghub/frontera](https://github.com/scrapinghub/frontera) A scalable frontier for web crawlers
- [**1070**Star][11d] [C++] [kde/heaptrack](https://github.com/kde/heaptrack) A heap memory profiler for Linux
- [**1068**Star][17d] [Py] [adyzng/jd-autobuy](https://github.com/adyzng/jd-autobuy) Python爬虫，京东自动登录，在线抢购商品
- [**1068**Star][13d] [tom0li/collection-document](https://github.com/tom0li/collection-document) Collection of quality safety articles
- [**1068**Star][16d] [C++] [fireice-uk/xmr-stak-cpu](https://github.com/fireice-uk/xmr-stak-cpu) Monero CPU miner
- [**1066**Star][12d] [Ruby] [mdp/rotp](https://github.com/mdp/rotp) Ruby One Time Password library
- [**1065**Star][11d] [Go] [danderson/netboot](https://github.com/danderson/netboot) Go implementations of network protocols used in booting machines over the network, as well as utilites built on top of these libraries.
- [**1065**Star][1y] [Py] [lucifer1993/angelsword](https://github.com/lucifer1993/angelsword) Python3编写的CMS漏洞检测框架
- [**1065**Star][21d] [C] [citusdata/pg_shard](https://github.com/citusdata/pg_shard)  pg_shard is superseded by Citus, its more powerful replacement
- [**1064**Star][10d] [C++] [cisco-talos/clamav-devel](https://github.com/Cisco-Talos/clamav-devel) ClamAV Development
- [**1064**Star][6m] [Shell] [trimstray/sandmap](https://github.com/trimstray/sandmap) Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
- [**1064**Star][11d] [Py] [fireeye/flare-fakenet-ng](https://github.com/fireeye/flare-fakenet-ng) Next Generation Dynamic Network Analysis Tool
- [**1063**Star][10d] [Rust] [crev-dev/cargo-crev](https://github.com/crev-dev/cargo-crev) A cryptographically verifiable code review system for the cargo (Rust) package manager.
- [**1063**Star][10d] [C] [rbsec/sslscan](https://github.com/rbsec/sslscan) sslscan tests SSL/TLS enabled services to discover supported cipher suites
- [**1060**Star][15d] [PS] [danmcinerney/icebreaker](https://github.com/danmcinerney/icebreaker) Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
- [**1060**Star][2m] [cugu/awesome-forensics](https://github.com/cugu/awesome-forensics) A curated list of awesome forensic analysis tools and resources
- [**1060**Star][10d] [Go] [activecm/rita](https://github.com/activecm/rita) Real Intelligence Threat Analytics
- [**1059**Star][10d] [Java] [scottyab/rootbeer](https://github.com/scottyab/rootbeer) Simple to use root checking Android library and sample app
- [**1059**Star][14d] [Go] [gencebay/httplive](https://github.com/gencebay/httplive) HTTP Request & Response Service, Mock HTTP
- [**1058**Star][10d] [Go] [rebuy-de/aws-nuke](https://github.com/rebuy-de/aws-nuke) Nuke a whole AWS account and delete all its resources.
- [**1054**Star][11d] [Py] [mbi/django-simple-captcha](https://github.com/mbi/django-simple-captcha) an extremely simple, yet highly customizable Django application to add captcha images to any Django form.
- [**1054**Star][3m] [adolfintel/windows10-privacy](https://github.com/adolfintel/windows10-privacy) Windows 10 Privacy Guide
- [**1053**Star][10d] [Go] [square/ghostunnel](https://github.com/square/ghostunnel) A simple SSL/TLS proxy with mutual authentication for securing non-TLS services
- [**1053**Star][10d] [C] [aircrack-ng/rtl8812au](https://github.com/aircrack-ng/rtl8812au) RTL8812AU/21AU and RTL8814AU driver with monitor mode and frame injection
- [**1052**Star][3m] [C] [bt3gl/pentesting_toolkit](https://github.com/bt3gl/pentesting_toolkit) Tools for pentesting, CTFs & wargames.
- [**1051**Star][4m] [C] [softmotions/ejdb](https://github.com/softmotions/ejdb) 
- [**1051**Star][1y] [naetw/ctf-pwn-tips](https://github.com/naetw/ctf-pwn-tips) Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
- [**1049**Star][11d] [JS] [fabienvauchelles/scrapoxy](https://github.com/fabienvauchelles/scrapoxy) Scrapoxy hides your scraper behind a cloud. It starts a pool of proxies to send your requests. Now, you can crawl without thinking about blacklisting!
- [**1048**Star][13d] [Py] [fsecurelabs/needle](https://github.com/FSecureLABS/needle) The iOS Security Testing Framework
- [**1046**Star][9d] [Py] [wkunzhi/python3-spider](https://github.com/wkunzhi/python3-spider) Python爬虫实战 - 模拟登陆各大网站 包含但不限于：滑块验证、拼多多、美团、百度、bilibili、大众点评、淘宝，如果喜欢请start
- [**1046**Star][12d] [Go] [justinas/nosurf](https://github.com/justinas/nosurf) CSRF protection middleware for Go.
- [**1046**Star][5m] [C] [hacksysteam/hacksysextremevulnerabledriver](https://github.com/hacksysteam/hacksysextremevulnerabledriver) HackSys Extreme Vulnerable Windows Driver
- [**1045**Star][10d] [JS] [keenwon/antcolony](https://github.com/keenwon/antcolony) Nodejs实现的一个磁力链接爬虫
- [**1045**Star][11d] [C] [wiire-a/pixiewps](https://github.com/wiire-a/pixiewps) An offline Wi-Fi Protected Setup brute-force utility
- [**1044**Star][1y] [nanopool/claymore-dual-miner](https://github.com/nanopool/claymore-dual-miner) Claymore's Dual Ethereum+Decred_Siacoin_Lbry AMD+NVIDIA GPU Miner
- [**1044**Star][10d] [Go] [banzaicloud/bank-vaults](https://github.com/banzaicloud/bank-vaults) A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.
- [**1043**Star][4y] [C++] [zyq8709/dexhunter](https://github.com/zyq8709/dexhunter) General Automatic Unpacking Tool for Android Dex Files
- [**1042**Star][4m] [C#] [thepirat000/audit.net](https://github.com/thepirat000/audit.net) An extensible framework to audit executing operations in .NET and .NET Core.
- [**1041**Star][2m] [Py] [kerlomz/captcha_trainer](https://github.com/kerlomz/captcha_trainer) This project is based on CNN5/ResNet+BLSTM/LSTM/GRU/SRU/BSRU+CTC to realize verification code identification. This project is only for training the model.
- [**1041**Star][10d] [Ruby] [hackplayers/evil-winrm](https://github.com/hackplayers/evil-winrm) The ultimate WinRM shell for hacking/pentesting
- [**1040**Star][1y] [JS] [produck/svg-captcha](https://github.com/produck/svg-captcha) generate svg captcha in node
- [**1040**Star][10d] [JS] [umpox/zero-width-detection](https://github.com/umpox/zero-width-detection) Invisibly inserting usernames into text with Zero-Width Characters
- [**1040**Star][3y] [PS] [nccgroup/redsnarf](https://github.com/nccgroup/redsnarf) a pen-testing / red-teaming tool retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques
- [**1039**Star][10d] [Go] [nosequeldeebee/blockchain-tutorial](https://github.com/nosequeldeebee/blockchain-tutorial) Write and publish your own blockchain in less than 200 lines of Go
- [**1039**Star][9m] [Py] [byt3bl33d3r/deathstar](https://github.com/byt3bl33d3r/deathstar) Automate getting Domain Admin using Empire
- [**1037**Star][15d] [Go] [twitchyliquid64/subnet](https://github.com/twitchyliquid64/subnet) Simple, auditable & elegant VPN, built with TLS mutual authentication and TUN.
- [**1036**Star][7d] [Py] [danmcinerney/xsscrapy](https://github.com/danmcinerney/xsscrapy) XSS spider - 66/66 wavsep XSS detected
- [**1035**Star][7d] [Shell] [esc0rtd3w/wifi-hacker](https://github.com/esc0rtd3w/wifi-hacker) Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2)
- [**1034**Star][2y] [Py] [d4vinci/dr0p1t-framework](https://github.com/d4vinci/dr0p1t-framework) create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
- [**1033**Star][4m] [Py] [x0rz/phishing_catcher](https://github.com/x0rz/phishing_catcher) Phishing catcher using Certstream
- [**1033**Star][9m] [C] [google/fuzzer-test-suite](https://github.com/google/fuzzer-test-suite) Set of tests for fuzzing engines
- [**1033**Star][2y] [JS] [0xsobky/hackvault](https://github.com/0xsobky/hackvault) A container repository for my public web hacks!
- [**1032**Star][3m] [wtsxdev/penetration-testing](https://github.com/wtsxdev/penetration-testing) List of awesome penetration testing resources, tools and other shiny things
- [**1031**Star][10d] [Go] [opensec-cn/kunpeng](https://github.com/opensec-cn/kunpeng) POC Framework
- [**1030**Star][14d] [C] [0x90/wifi-arsenal](https://github.com/0x90/wifi-arsenal) WiFi arsenal
- [**1028**Star][2y] [PHP] [steamdatabase/saliencheat](https://github.com/steamdatabase/saliencheat)  Cheating Salien minigame, the proper way
- [**1027**Star][2y] [ObjC] [zhengmin1989/ios_ice_and_fire](https://github.com/zhengmin1989/ios_ice_and_fire) iOS冰与火之歌
- [**1027**Star][1y] [PHP] [secwiki/cms-hunter](https://github.com/secwiki/cms-hunter) Content Management System Vulnerability Hunter
- [**1027**Star][4m] [Java] [huolizhuminh/networkpacketcapture](https://github.com/huolizhuminh/networkpacketcapture) It is used to capture network packet via Android VPN.
- [**1026**Star][1y] [C] [ionescu007/simplevisor](https://github.com/ionescu007/simplevisor) a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
- [**1025**Star][8d] [payloadbox/xss-payload-list](https://github.com/payloadbox/xss-payload-list) Cross Site Scripting ( XSS ) Vulnerability Payload List 
- [**1025**Star][2m] [Py] [xiphosresearch/exploits](https://github.com/xiphosresearch/exploits) Miscellaneous exploit code
- [**1025**Star][13d] [Py] [selwin/python-user-agents](https://github.com/selwin/python-user-agents) A Python library that provides an easy way to identify devices like mobile phones, tablets and their capabilities by parsing (browser) user agent strings.
- [**1025**Star][4m] [C++] [prusa3d/prusa-firmware](https://github.com/prusa3d/prusa-firmware) Firmware for Original Prusa i3 3D printer by PrusaResearch
- [**1024**Star][10d] [Java] [i2p/i2p.i2p](https://github.com/i2p/i2p.i2p) I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is a mirror of the official Monotone repository.
- [**1024**Star][4m] [C#] [kenvix/usbcopyer](https://github.com/kenvix/usbcopyer) 插上U盘自动按需复制文件 
- [**1024**Star][12d] [Go] [grafeas/grafeas](https://github.com/grafeas/grafeas) Artifact Metadata API
- [**1023**Star][10d] [Shell] [nextcloud/nextcloudpi](https://github.com/nextcloud/nextcloudpi) 
- [**1022**Star][4m] [PS] [netspi/powerupsql](https://github.com/netspi/powerupsql) A PowerShell Toolkit for Attacking SQL Server
- [**1020**Star][10d] [PHP] [symfony/security-csrf](https://github.com/symfony/security-csrf) a class CsrfTokenManager for generating and validating CSRF tokens
- [**1018**Star][10d] [C] [tyilo/insert_dylib](https://github.com/tyilo/insert_dylib) Command line utility for inserting a dylib load command into a Mach-O binary
- [**1015**Star][10d] [Py] [mozilla/openwpm](https://github.com/mozilla/OpenWPM) A web privacy measurement framework
- [**1015**Star][17d] [C++] [aguinet/wannakey](https://github.com/aguinet/wannakey) Wannacry in-memory key recovery
- [**1013**Star][10d] [Java] [google/firing-range](https://github.com/google/firing-range)  a test bed for web application security scanners, providing synthetic, wide coverage for an array of vulnerabilities.
- [**1012**Star][12d] [C++] [securesocketfunneling/ssf](https://github.com/securesocketfunneling/ssf) Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
- [**1012**Star][12d] [C#] [lachesis/scallion](https://github.com/lachesis/scallion) GPU-based Onion Hash generator
- [**1011**Star][4m] [C] [zardus/preeny](https://github.com/zardus/preeny) Some helpful preload libraries for pwning stuff.
- [**1011**Star][10d] [Shell] [nahamsec/lazyrecon](https://github.com/nahamsec/lazyrecon) automate your reconnaissance process in an organized fashion
- [**1011**Star][10d] [C++] [miek/inspectrum](https://github.com/miek/inspectrum) analysing captured signals, primarily from software-defined radio receivers.
- [**1011**Star][1y] [Py] [entropy1337/infernal-twin](https://github.com/entropy1337/infernal-twin) wireless hacking - This is automated wireless hacking tool
- [**1010**Star][10d] [pillarjs/understanding-csrf](https://github.com/pillarjs/understanding-csrf) What are CSRF tokens and how do they work?
- [**1010**Star][12d] [Py] [eliben/pyelftools](https://github.com/eliben/pyelftools) Parsing ELF and DWARF in Python
- [**1010**Star][13d] [Py] [cknd/stackprinter](https://github.com/cknd/stackprinter) Debugging-friendly exceptions for Python
- [**1008**Star][4m] [ObjC] [lmirosevic/gbdeviceinfo](https://github.com/lmirosevic/gbdeviceinfo) Detects the hardware, software and display of the current iOS or Mac OS X device at runtime.
- [**1007**Star][10m] [Kotlin] [eycorsican/kitsunebi-android](https://github.com/eycorsican/kitsunebi-android) A fully-featured V2Ray client for Android.
- [**1007**Star][10d] [hoshsadiq/adblock-nocoin-list](https://github.com/hoshsadiq/adblock-nocoin-list) Block lists to prevent JavaScript miners
- [**1006**Star][3m] [Py] [ekultek/bluekeep](https://github.com/ekultek/bluekeep) Proof of concept for CVE-2019-0708
- [**1005**Star][2y] [Py] [tylous/sniffair](https://github.com/tylous/sniffair) A framework for wireless pentesting.
- [**1004**Star][14d] [JS] [pillarjs/cookies](https://github.com/pillarjs/cookies) Signed and unsigned cookies based on Keygrip
- [**1004**Star][11d] [Go] [dreddsa5dies/gohacktools](https://github.com/dreddsa5dies/gohacktools) Hacker tools on Go (Golang)
- [**1003**Star][20d] [Batchfile] [sagishahar-zz/lpeworkshop](https://github.com/sagishahar-zz/lpeworkshop) Windows / Linux Local Privilege Escalation Workshop
- [**1003**Star][8d] [JS] [yahooarchive/xss-filters](https://github.com/YahooArchive/xss-filters) Secure XSS Filters.
- [**1003**Star][3m] [C++] [vita3k/vita3k](https://github.com/vita3k/vita3k) Experimental PlayStation Vita emulator
- [**1003**Star][11d] [HTML] [sensepost/mana](https://github.com/sensepost/mana) *DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM
- [**1003**Star][10d] [C++] [project64/project64](https://github.com/project64/project64) N64 Emulator
- [**1002**Star][19d] [Assembly] [corkami/pocs](https://github.com/corkami/pocs) Proof of Concepts (PE, PDF...)
- [**1001**Star][3m] [C#] [googleprojectzero/sandbox-attacksurface-analysis-tools](https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools) Set of tools to analyze and attack Windows sandboxes.
- [**1001**Star][10d] [PHP] [jenssegers/optimus](https://github.com/jenssegers/optimus)  id transformation With this library, you can transform your internal id's to obfuscated integers based on Knuth's integer has和
- [**1001**Star][4m] [C#] [elevenpaths/foca](https://github.com/elevenpaths/foca) Tool to find metadata and hidden information in the documents.
- [**1001**Star][14d] [Py] [dowsnature/dowsdns](https://github.com/dowsnature/dowsdns) 快速翻跃中国防火墙
- [**1001**Star][20d] [JS] [d4t4x/data-selfie](https://github.com/d4t4x/data-selfie) Data Selfie - a browser extension to track yourself on Facebook and analyze your data.
- [**1000**Star][1y] [Go] [adtac/autovpn](https://github.com/adtac/autovpn) THIS PROJECT IS UNMAINTAINED.
- [**998**Star][10d] [explife0011/awesome-windows-kernel-security-development](https://github.com/explife0011/awesome-windows-kernel-security-development) windows kernel security development
- [**998**Star][3y] [Py] [abatchy17/windowsexploits](https://github.com/abatchy17/windowsexploits) Windows exploits, mostly precompiled. Not being updated. Check
- [**997**Star][10d] [streaak/keyhacks](https://github.com/streaak/keyhacks) Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
- [**996**Star][10d] [Py] [trustedsec/hate_crack](https://github.com/trustedsec/hate_crack) A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
- [**996**Star][5m] [Py] [syss-research/seth](https://github.com/syss-research/seth) Perform a MitM attack and extract clear text credentials from RDP connections
- [**994**Star][4m] [PHP] [kiddyuchina/beanbun](https://github.com/kiddyuchina/beanbun) Beanbun 是用 PHP 编写的多进程网络爬虫框架，具有良好的开放性、高可扩展性，基于 Workerman。
- [**994**Star][12d] [Go] [jaksi/sshesame](https://github.com/jaksi/sshesame) A fake SSH server that lets everyone in and logs their activity
- [**993**Star][5m] [Py] [theupdateframework/tuf](https://github.com/theupdateframework/tuf) A framework for securing software update systems
- [**992**Star][24d] [JS] [medialab/artoo](https://github.com/medialab/artoo) artoo.js - the client-side scraping companion.
- [**992**Star][5m] [Py] [0xinfection/tidos-framework](https://github.com/0xInfection/TIDoS-Framework) The Offensive Manual Web Application Penetration Testing Framework.
- [**992**Star][10d] [Py] [airbnb/binaryalert](https://github.com/airbnb/binaryalert) Serverless, Real-time & Retroactive Malware Detection.
- [**992**Star][6m] [Jupyter Notebook] [aarshayj/analytics_vidhya](https://github.com/aarshayj/analytics_vidhya) Codes related to activities on AV including articles, hackathons and discussions.
- [**991**Star][9m] [Go] [covenantsql/covenantsql](https://github.com/covenantsql/covenantsql) A decentralized, trusted, high performance, SQL database with blockchain features
- [**990**Star][4m] [CSS] [hacks-guide/guide_3ds](https://github.com/hacks-guide/Guide_3DS) A complete guide to 3DS custom firmware, from stock to boot9strap.
- [**989**Star][4m] [Py] [lylemi/learn-web-hacking](https://github.com/lylemi/learn-web-hacking) Study Notes For Web Hacking
- [**989**Star][8m] [Jupyter Notebook] [hyperparticle/one-pixel-attack-keras](https://github.com/hyperparticle/one-pixel-attack-keras) Keras implementation of "One pixel attack for fooling deep neural networks" using differential evolution on Cifar10 and ImageNet
- [**988**Star][7m] [Py] [d4vinci/one-lin3r](https://github.com/d4vinci/one-lin3r) Gives you one-liners that aids in penetration testing operations, privilege escalation and more
- [**987**Star][12d] [hackplayers/hackthebox-writeups](https://github.com/hackplayers/hackthebox-writeups) Writeups for HacktheBox 'boot2root' machines
- [**987**Star][3m] [C++] [superpoweredsdk/low-latency-android-ios-linux-windows-tvos-macos-interactive-audio-platform](https://github.com/superpoweredsdk/low-latency-android-ios-linux-windows-tvos-macos-interactive-audio-platform) 🇸Superpowered Audio, Networking and Cryptographics SDKs. High performance and cross platform on Android, iOS, macOS, tvOS, Linux, Windows and modern web browsers.
- [**987**Star][10d] [Java] [sleuthkit/autopsy](https://github.com/sleuthkit/autopsy)  a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. 
- [**987**Star][5m] [C] [olimex/olinuxino](https://github.com/olimex/olinuxino) OLINUXINO is Open Source / Open Hardware, low cost from EUR 24 Linux Industrial grade Single Board Computer capable to operate -25+85C
- [**986**Star][11d] [JS] [netflix-skunkworks/sleepy-puppy](https://github.com/Netflix-Skunkworks/sleepy-puppy) Sleepy Puppy XSS Payload Management Framework
- [**986**Star][7m] [Ruby] [w181496/web-ctf-cheatsheet](https://github.com/w181496/web-ctf-cheatsheet) Web CTF CheatSheet
- [**986**Star][18d] [Py] [synack/knockknock](https://github.com/synack/knockknock) displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X
- [**986**Star][10d] [C] [arm-software/arm-trusted-firmware](https://github.com/arm-software/arm-trusted-firmware)  a reference implementation of secure world software for Arm A-Profile architectures (Armv8-A and Armv7-A), including an Exception Level 3 (EL3) Secure Monitor.
- [**985**Star][10d] [Py] [osirislab/hack-night](https://github.com/osirislab/Hack-Night) a sobering introduction to offensive security
- [**985**Star][13d] [Py] [hasecuritysolutions/vulnwhisperer](https://github.com/HASecuritySolutions/VulnWhisperer) Create actionable data from your Vulnerability Scans
- [**985**Star][11d] [Roff] [slimm609/checksec.sh](https://github.com/slimm609/checksec.sh) a bash script to check the properties of executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source).
- [**984**Star][4m] [PHP] [tidesec/wdscanner](https://github.com/tidesec/wdscanner) WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
- [**984**Star][8d] [JS] [martinsbalodis/web-scraper-chrome-extension](https://github.com/martinsbalodis/web-scraper-chrome-extension) Web data extraction tool implemented as chrome extension
- [**983**Star][2y] [Py] [moosedojo/apt2](https://github.com/moosedojo/apt2) automated penetration toolkit
- [**983**Star][3m] [ignitetechnologies/privilege-escalation](https://github.com/ignitetechnologies/privilege-escalation) This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
- [**983**Star][11d] [escapingbug/awesome-browser-exploit](https://github.com/escapingbug/awesome-browser-exploit) awesome list of browser exploitation tutorials
- [**983**Star][12d] [C] [dhavalkapil/heap-exploitation](https://github.com/dhavalkapil/heap-exploitation) This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
- [**983**Star][3y] [C] [cybellum/doubleagent](https://github.com/cybellum/doubleagent) Zero-Day Code Injection and Persistence Technique
- [**982**Star][12d] [Go] [sammy007/open-ethereum-pool](https://github.com/sammy007/open-ethereum-pool) Open Ethereum Mining Pool
- [**982**Star][10d] [C++] [dfhack/dfhack](https://github.com/DFHack/dfhack) Memory hacking library for Dwarf Fortress and a set of tools that use it
- [**981**Star][4m] [Py] [sashs/ropper](https://github.com/sashs/ropper) Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.
- [**981**Star][3m] [Py] [jefferson-henrique/getoldtweets-python](https://github.com/jefferson-henrique/getoldtweets-python) A project written in Python to get old tweets, it bypass some limitations of Twitter Official API.
- [**981**Star][8m] [C] [basil00/divert](https://github.com/basil00/divert) Windows Packet Divert
- [**980**Star][10d] [mithi/robotics-coursework](https://github.com/mithi/robotics-coursework) 
- [**980**Star][7m] [HTML] [n0tr00t/sreg](https://github.com/n0tr00t/sreg) 可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。
- [**980**Star][11d] [Perl] [infobyte/evilgrade](https://github.com/infobyte/evilgrade) a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates
- [**976**Star][19d] [Java] [androidvts/android-vts](https://github.com/AndroidVTS/android-vts) Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
- [**976**Star][10d] [Rich Text Format] [sqlsec/clover](https://github.com/sqlsec/clover) Share some hackintosh Clover files 分享一些黑苹果clover配置文件
- [**976**Star][19d] [Java] [androidvts/android-vts](https://github.com/androidvts/android-vts) Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
- [**975**Star][8m] [Py] [sa7mon/s3scanner](https://github.com/sa7mon/s3scanner) Scan for open AWS S3 buckets and dump the contents
- [**975**Star][3m] [C] [mariadb-corporation/maxscale](https://github.com/mariadb-corporation/maxscale) An intelligent database proxy.
- [**975**Star][10d] [Py] [intelxed/xed](https://github.com/intelxed/xed) x86 encoder decoder
- [**975**Star][10d] [Go] [antoniomika/sish](https://github.com/antoniomika/sish) An open source serveo/ngrok alternative. HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
- [**975**Star][3m] [Shell] [1n3/findsploit](https://github.com/1n3/findsploit) Find exploits in local and online databases instantly
- [**974**Star][3m] [Py] [x64dbg/docs](https://github.com/x64dbg/docs) x64dbg Documentation
- [**974**Star][8d] [Py] [hatriot/zarp](https://github.com/hatriot/zarp) a network attack tool centered around the exploitation of local networks
- [**974**Star][12d] [C] [buserror/simavr](https://github.com/buserror/simavr) simavr is a lean, mean and hackable AVR simulator for linux & OSX
- [**974**Star][11d] [OCaml] [airbus-seclab/bincat](https://github.com/airbus-seclab/bincat) a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation.
        <details>
        <summary>View Details</summary>


        ## Misc
        - 分为单独的分析器和IDA插件
        - 分析器是用OCmal编写的，release版本较老，需自己编译
        </details>


- [**973**Star][8d] [C++] [matthewsamuel95/acm-icpc-algorithms](https://github.com/matthewsamuel95/acm-icpc-algorithms) Algorithms used in Competitive Programming
- [**973**Star][10d] [Java] [wszf/androrat](https://github.com/wszf/androrat) Remote Administration Tool for Android
- [**973**Star][2y] [Py] [trycatchhcf/cloakify](https://github.com/trycatchhcf/cloakify) CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
- [**972**Star][12d] [deepspaceharbor/awesome-ai-security](https://github.com/DeepSpaceHarbor/Awesome-AI-Security) A curated list of AI security resources 
- [**972**Star][4m] [Shell] [webbluetoothcg/web-bluetooth](https://github.com/webbluetoothcg/web-bluetooth) Bluetooth support for the Web.
- [**971**Star][1y] [Py] [gaasedelen/lighthouse](https://github.com/gaasedelen/lighthouse) Code Coverage Explorer for IDA Pro & Binary Ninja
    - [coverage-frida](https://github.com/gaasedelen/lighthouse/blob/master/coverage/frida/README.md) 使用Frida收集信息
    - [coverage-pin](https://github.com/gaasedelen/lighthouse/blob/master/coverage/pin/README.md) 使用Pin收集覆盖信息
    - [插件](https://github.com/gaasedelen/lighthouse/blob/master/plugin/lighthouse_plugin.py) 支持IDA和BinNinja
- [**971**Star][9m] [Py] [christophetd/cloudflair](https://github.com/christophetd/cloudflair) a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should
- [**968**Star][7d] [Py] [jimmy201602/webterminal](https://github.com/jimmy201602/webterminal) ssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django
- [**968**Star][10d] [cveproject/cvelist](https://github.com/cveproject/cvelist) Pilot program for CVE submission through GitHub
- [**967**Star][12d] [aptnotes/data](https://github.com/aptnotes/data) APTnotes data
- [**965**Star][12d] [Py] [mschwager/fierce](https://github.com/mschwager/fierce) A DNS reconnaissance tool for locating non-contiguous IP space.
- [**964**Star][3m] [the-akira/computer-science-resources](https://github.com/the-akira/Computer-Science-Resources) A list of resources in different fields of Computer Science (multiple languages)
- [**964**Star][10d] [C] [apple/cups](https://github.com/apple/cups) a standards-based, open source printing system 
- [**963**Star][10d] [YARA] [neo23x0/signature-base](https://github.com/neo23x0/signature-base) Signature base for my scanner tools
- [**962**Star][12d] [Py] [m4n3dw0lf/pythem](https://github.com/m4n3dw0lf/pythem) pentest framework
- [**962**Star][2y] [HTML] [chybeta/software-security-learning](https://github.com/chybeta/software-security-learning) Software-Security-Learning
- [**962**Star][10d] [TS] [casbin/node-casbin](https://github.com/casbin/node-casbin) An authorization library that supports access control models like ACL, RBAC, ABAC in Node.js
- [**961**Star][4m] [Py] [tuhinshubhra/cmseek](https://github.com/tuhinshubhra/cmseek) CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
- [**961**Star][17d] [JS] [song-li/cross_browser](https://github.com/song-li/cross_browser) a browser fingerprinting technique that can track users not only within a single browser but also across different browsers on the same machine.
- [**961**Star][29d] [JS] [netflix/sketchy](https://github.com/netflix/sketchy) A task based API for taking screenshots and scraping text from websites.
- [**961**Star][12d] [Go] [itchyny/bed](https://github.com/itchyny/bed) Binary editor written in Go
- [**960**Star][10d] [Py] [tomchop/malcom](https://github.com/tomchop/malcom) Malcom - Malware Communications Analyzer
- [**960**Star][12d] [C] [libtom/libtomcrypt](https://github.com/libtom/libtomcrypt) LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
- [**960**Star][12d] [Py] [erocarrera/pefile](https://github.com/erocarrera/pefile) pefile is a Python module to read and work with PE (Portable Executable) files
        <details>
        <summary>View Details</summary>


        ## 特性
        - Inspecting headers
        - Analysis of sections' data
        - Retrieving embedded data
        - Reading strings from the resources
        - Warnings for suspicious and malformed values
        - Support to write to some of the fields and to other parts of the PE, so it's possible to do some basic butchering of PEs
        - Packer detection with PEiD’s signatures
        - PEiD signature generation
        </details>


- [**959**Star][13d] [Py] [arnaucube/coffeeminer](https://github.com/arnaucube/coffeeMiner) collaborative (mitm) cryptocurrency mining pool in wifi networks
- [**959**Star][10d] [C] [zerbea/hcxtools](https://github.com/zerbea/hcxtools) Portable solution for capturing wlan traffic and conversion to hashcat formats (recommended by hashcat) and to John the Ripper formats
- [**959**Star][11d] [Shell] [niklasb/libc-database](https://github.com/niklasb/libc-database) Build a database of libc offsets to simplify exploitation
- [**959**Star][19d] [Py] [holgerd77/django-dynamic-scraper](https://github.com/holgerd77/django-dynamic-scraper) Creating Scrapy scrapers via the Django admin interface
- [**959**Star][10d] [Go] [henson/proxypool](https://github.com/henson/proxypool) Golang实现的IP代理池
- [**958**Star][12d] [C#] [opendns/dnscrypt-win-client](https://github.com/opendns/dnscrypt-win-client) Windows front end for DNSCrypt Proxy
- [**957**Star][4m] [derpopo/uabe](https://github.com/derpopo/uabe) Unity Assets Bundle Extractor
- [**957**Star][6m] [PHP] [ambionics/phpggc](https://github.com/ambionics/phpggc) PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
- [**956**Star][2y] [C#] [invoke-ir/powerforensics](https://github.com/invoke-ir/powerforensics) PowerForensics provides an all in one platform for live disk forensic analysis
- [**955**Star][4m] [JS] [pixelscommander/viraljs](https://github.com/pixelscommander/viraljs) Express.JS middleware to enable P2P distribution for your app. Your decentralized CDN made easy.
- [**954**Star][11d] [ObjC] [don/bluetoothserial](https://github.com/don/bluetoothserial) Cordova (PhoneGap) Plugin for Serial Communication over Bluetooth
- [**954**Star][4m] [Py] [swisskyrepo/ssrfmap](https://github.com/swisskyrepo/ssrfmap) Automatic SSRF fuzzer and exploitation tool
- [**954**Star][10d] [C] [jfreegman/toxic](https://github.com/jfreegman/toxic) An ncurses-based Tox client
- [**954**Star][10d] [Rust] [dagenix/rust-crypto](https://github.com/dagenix/rust-crypto) A (mostly) pure-Rust implementation of various cryptographic algorithms.
- [**953**Star][18d] [ObjC] [tobefuturer/restore-symbol](https://github.com/tobefuturer/restore-symbol) A reverse engineering tool to restore stripped symbol table for iOS app.
- [**952**Star][2m] [Py] [marcosfede/algorithms](https://github.com/marcosfede/algorithms) Solved algorithms and data structures problems in many languages
- [**951**Star][11d] [Go] [mehrdadrad/radvpn](https://github.com/mehrdadrad/radvpn) Decentralized VPN
- [**950**Star][10d] [Perl] [p0pr0ck5/lua-resty-waf](https://github.com/p0pr0ck5/lua-resty-waf) High-performance WAF built on the OpenResty stack
- [**950**Star][2y] [C#] [jaredhaight/psattack](https://github.com/jaredhaight/psattack) A portable console aimed at making pentesting with PowerShell a little easier.
- [**949**Star][10m] [threathuntingproject/threathunting](https://github.com/threathuntingproject/threathunting) An informational repo about hunting for adversaries in your IT environment.
- [**949**Star][15d] [C] [jbangert/trapcc](https://github.com/jbangert/trapcc) Computing with traps
- [**948**Star][3m] [Py] [al0ne/vxscan](https://github.com/al0ne/vxscan) python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。
- [**947**Star][10d] [C] [particle-iot/device-os](https://github.com/particle-iot/device-os) Device OS (Firmware) for Particle Devices
- [**947**Star][11m] [Py] [m0rtem/cloudfail](https://github.com/m0rtem/cloudfail) Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
- [**947**Star][10d] [Go] [gruntwork-io/cloud-nuke](https://github.com/gruntwork-io/cloud-nuke) A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it
- [**947**Star][4m] [PS] [api0cradle/ultimateapplockerbypasslist](https://github.com/api0cradle/ultimateapplockerbypasslist) The goal of this repository is to document the most common techniques to bypass AppLocker.
- [**946**Star][10d] [Py] [systemrage/py-kms](https://github.com/systemrage/py-kms) KMS Server Emulator written in Python
- [**946**Star][2m] [Py] [countercept/doublepulsar-detection-script](https://github.com/countercept/doublepulsar-detection-script) A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
- [**943**Star][1y] [C] [microsoft/windows-driver-frameworks](https://github.com/microsoft/windows-driver-frameworks) a set of libraries that make it simple to write high-quality device drivers.
- [**942**Star][10d] [JS] [animir/node-rate-limiter-flexible](https://github.com/animir/node-rate-limiter-flexible) Node.js rate limit requests by key with atomic increments in process Memory, Cluster or PM, Redis, MongoDb, etc.
- [**942**Star][5m] [C++] [adafruit/adafruit_ssd1306](https://github.com/adafruit/adafruit_ssd1306) Arduino library for SSD1306 monochrome 128x64 and 128x32 OLEDs
- [**941**Star][10d] [Ruby] [weppos/whois](https://github.com/weppos/whois) An intelligent — pure Ruby — WHOIS client and parser.
- [**941**Star][4m] [C++] [seladb/pcapplusplus](https://github.com/seladb/pcapplusplus) a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
- [**940**Star][10d] [Py] [nixawk/labs](https://github.com/nixawk/labs) Vulnerability Labs for security analysis
- [**939**Star][15d] [Py] [mothran/bunny](https://github.com/mothran/bunny) Bunny is a wireless. meshing, darknet that uses 802.11 to hide its communications
- [**939**Star][10d] [Py] [techgaun/github-dorks](https://github.com/techgaun/github-dorks) Collection of github dorks and helper tool to automate the process of checking dorks
- [**939**Star][8y] [designativedave/androrat](https://github.com/designativedave/androrat) Remote Administration Tool for Android devices
- [**939**Star][3m] [C] [cossacklabs/themis](https://github.com/cossacklabs/themis) Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 13 platforms.
- [**938**Star][11d] [Elixir] [nccgroup/sobelow](https://github.com/nccgroup/sobelow) Security-focused static analysis for the Phoenix Framework
- [**936**Star][10d] [C#] [webprofusion/certify](https://github.com/webprofusion/certify) SSL Certificate Manager UI for Windows, powered by Let's Encrypt. Download from certifytheweb.com
- [**936**Star][7m] [Py] [woj-ciech/leaklooker](https://github.com/woj-ciech/leaklooker) Find open databases - Powered by Binaryedge.io
- [**936**Star][17d] [Shell] [ioerror/duraconf](https://github.com/ioerror/duraconf) duraconf - A collection of hardened configuration files for SSL/TLS services
- [**936**Star][3m] [JS] [dchest/tweetnacl-js](https://github.com/dchest/tweetnacl-js) Port of TweetNaCl cryptographic library to JavaScript
- [**935**Star][10d] [JS] [ppoffice/hozz](https://github.com/ppoffice/hozz) [Development indefinitely suspended] A better way to manage your hosts.
- [**935**Star][12d] [voorivex/pentest-guide](https://github.com/voorivex/pentest-guide) Penetration tests guide based on OWASP including test cases, resources and examples.
- [**934**Star][3y] [Eagle] [samyk/keysweeper](https://github.com/samyk/keysweeper) KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
- [**933**Star][13d] [Py] [nil0x42/phpsploit](https://github.com/nil0x42/phpsploit) Stealth post-exploitation framework
- [**933**Star][3m] [Py] [derekselander/lldb](https://github.com/derekselander/lldb) A collection of LLDB aliases/regexes and Python scripts to aid in your debugging sessions
- [**933**Star][4m] [cn0xroot/rfsec-toolkit](https://github.com/cn0xroot/rfsec-toolkit) a collection of Radio Frequency Communication Protocol Hacktools.
- [**932**Star][10d] [Py] [complianceascode/content](https://github.com/ComplianceAsCode/content) Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
- [**931**Star][11d] [Py] [jeffzh3ng/fuxi](https://github.com/jeffzh3ng/fuxi) Penetration Testing Platform
- [**930**Star][10d] [C++] [tindy2013/stairspeedtest-reborn](https://github.com/tindy2013/stairspeedtest-reborn) Proxy performance batch tester based on Shadowsocks(R) and V2Ray
- [**930**Star][8d] [C#] [depressurizer/depressurizer](https://github.com/depressurizer/depressurizer) A Steam library categorizing tool.
- [**930**Star][15d] [HTML] [snorby/snorby](https://github.com/snorby/snorby) Ruby On Rails Application For Network Security Monitoring
- [**930**Star][8d] [Shell] [ivanilves/xiringuito](https://github.com/ivanilves/xiringuito) SSH-based "VPN for poors"
- [**929**Star][10d] [C] [fwupd/fwupd](https://github.com/fwupd/fwupd) A simple daemon to allow session software to update firmware
- [**929**Star][4m] [C#] [borntoberoot/networkmanager](https://github.com/borntoberoot/networkmanager) A powerful tool for managing networks and troubleshoot network problems!
- [**928**Star][4m] [Java] [lamster2018/easyprotector](https://github.com/lamster2018/easyprotector) a simple way to check root/virtual app/emulator/xposed framework/tracer/debugger.
- [**928**Star][4m] [Py] [ajinabraham/nodejsscan](https://github.com/ajinabraham/nodejsscan) NodeJsScan is a static security code scanner for Node.js applications.
- [**927**Star][2y] [Py] [sweetsoftware/ares](https://github.com/sweetsoftware/ares) Python botnet and backdoor
- [**927**Star][3y] [JS] [diracdeltas/sniffly](https://github.com/diracdeltas/sniffly) Sniffing browser history using HSTS
- [**927**Star][10d] [Shell] [diego-treitos/linux-smart-enumeration](https://github.com/diego-treitos/linux-smart-enumeration) Linux enumeration tool for pentesting and CTFs with verbosity levels
- [**926**Star][2m] [C++] [genoil/cpp-ethereum](https://github.com/genoil/cpp-ethereum) [Warning: Repo inactive] Ethereum GPU miner with OpenCL, CUDA and stratum support
- [**926**Star][11d] [C] [theofficialflow/h-encore](https://github.com/theofficialflow/h-encore) Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
- [**926**Star][9m] [Py] [srinivas11789/pcapxray](https://github.com/srinivas11789/pcapxray) visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
- [**926**Star][10m] [JS] [dpnishant/appmon](https://github.com/dpnishant/appmon) an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida.
- [**925**Star][3y] [C] [cturt/ps4-sdk](https://github.com/cturt/ps4-sdk) Open source PS4 SDK
- [**925**Star][11d] [JS] [creditease-sec/insight](https://github.com/creditease-sec/insight) 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
- [**924**Star][15d] [jonascz/how-to-prevent-scraping](https://github.com/jonascz/how-to-prevent-scraping) The ultimate guide on preventing Website Scraping
- [**924**Star][10d] [JS] [kohgylw/kiftd](https://github.com/kohgylw/kiftd) sky driver & cloud driver open source server application : kiftd . welcome to the home page:
- [**924**Star][13d] [Shell] [firmadyne/firmadyne](https://github.com/firmadyne/firmadyne) Platform for emulation and dynamic analysis of Linux-based firmware
- [**923**Star][10d] [C] [cisco/joy](https://github.com/cisco/joy) A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
- [**923**Star][6y] [C] [visgean/zeus](https://github.com/visgean/zeus) NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. I have created this repository to make the access for study as easy as possible.
- [**923**Star][7m] [TeX] [ethereum/yellowpaper](https://github.com/ethereum/yellowpaper) The "Yellow Paper": Ethereum's formal specification
- [**922**Star][2y] [Shell] [ywb94/openwrt-ssr](https://github.com/ywb94/openwrt-ssr) ShadowsocksR-libev for OpenWrt
- [**922**Star][14d] [JS] [reswitched/pegaswitch](https://github.com/reswitched/pegaswitch) PegaSwitch is an exploit toolkit for the Nintendo Switch
- [**922**Star][10d] [Py] [ericsson/codechecker](https://github.com/ericsson/codechecker) CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
- [**922**Star][3m] [Py] [circl/ail-framework](https://github.com/circl/ail-framework) AIL framework - Analysis Information Leak framework
- [**921**Star][3m] [CSS] [outflanknl/redelk](https://github.com/outflanknl/redelk) tracking and alarming about Blue Team activities as well as better usability in long term operations.
- [**920**Star][11d] [Py] [acmesec/ctfcracktools](https://github.com/Acmesec/CTFCrackTools) China's first CTFTools framework
- [**920**Star][4m] [C++] [whid-injector/whid](https://github.com/whid-injector/whid) WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
- [**920**Star][10d] [bastilleresearch/mousejack](https://github.com/bastilleresearch/mousejack) MouseJack device discovery and research tools
- [**919**Star][3y] [Java] [summitt/burp-non-http-extension](https://github.com/summitt/burp-non-http-extension) Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.
- [**918**Star][9m] [ObjC] [ptoomey3/keychain-dumper](https://github.com/ptoomey3/keychain-dumper) A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
- [**918**Star][12d] [Py] [corelan/mona](https://github.com/corelan/mona) Corelan Repository for mona.py
- [**918**Star][2m] [C] [brendan-rius/c-jwt-cracker](https://github.com/brendan-rius/c-jwt-cracker) JWT brute force cracker written in C
- [**917**Star][12d] [fabiobaroni/awesome-exploit-development](https://github.com/fabiobaroni/awesome-exploit-development) A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development
- [**917**Star][11d] [PS] [besimorhino/powercat](https://github.com/besimorhino/powercat) netshell features all in version 2 powershell
- [**917**Star][9d] [C++] [aslody/whale](https://github.com/aslody/whale) Hook Framework for Android/IOS/Linux/MacOS
- [**916**Star][19d] [Py] [pwnieexpress/raspberry_pwn](https://github.com/pwnieexpress/raspberry_pwn) A Raspberry Pi pentesting suite by Pwnie Express
- [**916**Star][3y] [valvesoftware/steamos](https://github.com/valvesoftware/steamos) SteamOS community tracker
- [**916**Star][10d] [CSS] [thewhiteh4t/seeker](https://github.com/thewhiteh4t/seeker) Accurately Locate Smartphones using Social Engineering
- [**915**Star][15d] [Go] [huacnlee/flora-kit](https://github.com/huacnlee/flora-kit) 基于 shadowsocks-go 做的完善实现，完全兼容 Surge 的配置文件
- [**914**Star][12d] [Java] [mahmoudparsian/data-algorithms-book](https://github.com/mahmoudparsian/data-algorithms-book) MapReduce, Spark, Java, and Scala for Data Algorithms Book
- [**914**Star][7y] [Java] [sonyxperiadev/apkanalyser](https://github.com/sonyxperiadev/apkanalyser) ApkAnalyser
- [**914**Star][2y] [Swift] [skreweverything/swift-keylogger](https://github.com/skreweverything/swift-keylogger) Keylogger for mac written in Swift using HID
- [**913**Star][10d] [C] [libressl-portable/portable](https://github.com/libressl-portable/portable) LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to tech@openbsd.org are welcome.
- [**912**Star][4m] [Py] [liftoff/pyminifier](https://github.com/liftoff/pyminifier) Pyminifier is a Python code minifier, obfuscator, and compressor.
- [**912**Star][13d] [Py] [x90skysn3k/brutespray](https://github.com/x90skysn3k/brutespray) Brute-Forcing from Nmap output - Automatically attempts default creds on found services.
- [**911**Star][11d] [Py] [phodal/iot](https://github.com/phodal/iot) IoT, 这是一个最小Internet of Things ，一个Internet of Things相关的毕业设计产生的一个简化的物联网系统。 。
- [**911**Star][11d] [C++] [wisk/medusa](https://github.com/wisk/medusa) An open source interactive disassembler
- [**911**Star][7m] [C] [504ensicslabs/lime](https://github.com/504ensicslabs/lime) LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
- [**910**Star][7d] [Py] [pentestmonkey/windows-privesc-check](https://github.com/pentestmonkey/windows-privesc-check) Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
- [**909**Star][4m] [C++] [jainaman224/algo_ds_notes](https://github.com/jainaman224/algo_ds_notes) It is a repository that is a collection of algorithms and data structures with implementation in various languages.
- [**909**Star][8d] [Py] [w-digital-scanner/w9scan](https://github.com/w-digital-scanner/w9scan) Plug-in type web vulnerability scanner
- [**909**Star][11d] [C++] [openzwave/open-zwave](https://github.com/openzwave/open-zwave) a C++ library to control Z-Wave Networks via a USB Z-Wave Controller.
- [**909**Star][15d] [CoffeeScript] [onplus/shadowsocks-heroku](https://github.com/onplus/shadowsocks-heroku) 一键部署 Free Shadowsocks-Heroku
- [**908**Star][8d] [C#] [proxykit/proxykit](https://github.com/proxykit/proxykit) A toolkit to create code-first HTTP reverse proxies on ASP.NET Core
- [**907**Star][12d] [Java] [gsh199449/spider](https://github.com/gsh199449/spider) A configurable web spider with a easy-to-use web console
- [**907**Star][11d] [C] [nixos/patchelf](https://github.com/nixos/patchelf) A small utility to modify the dynamic linker and RPATH of ELF executables
- [**907**Star][11d] [Go] [bishopfox/sliver](https://github.com/bishopfox/sliver)  a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS
- [**907**Star][12d] [C++] [0vercl0k/rp](https://github.com/0vercl0k/rp) find ROP sequences in PE/Elf/Mach-O x86/x64 binaries
- [**906**Star][3m] [proxymanapp/proxyman](https://github.com/proxymanapp/proxyman) Modern and Delightful HTTP Debugging Proxy for macOS, iOS and Android
- [**905**Star][3m] [C++] [qv2ray/qv2ray](https://github.com/qv2ray/qv2ray) 
- [**905**Star][15d] [Py] [nccgroup/demiguise](https://github.com/nccgroup/demiguise) HTA encryption tool for RedTeams
- [**904**Star][12d] [Py] [jivoi/pentest](https://github.com/jivoi/pentest) pentest
- [**904**Star][10d] [C] [inquisb/icmpsh](https://github.com/inquisb/icmpsh)  a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C, Perl or Python
- [**904**Star][10d] [Py] [gkbrk/slowloris](https://github.com/gkbrk/slowloris) an HTTP Denial of Service attack that affects threaded servers
- [**903**Star][3y] [PS] [windowsexploits/exploits](https://github.com/windowsexploits/exploits) Windows Exploits
- [**903**Star][12d] [Ruby] [whitewidowscanner/whitewidow](https://github.com/whitewidowscanner/whitewidow) SQL Vulnerability Scanner
- [**903**Star][12d] [Go] [fireeye/gocrack](https://github.com/fireeye/gocrack) a management frontend for password cracking tools written in Go
- [**902**Star][11d] [C++] [knightsj/awesome-algorithm-question-solution](https://github.com/knightsj/awesome-algorithm-question-solution) LeetCode，《剑指offer》中的算法题的题目和解法以及常见算法的实现
- [**900**Star][4m] [JS] [cloudsploit/scans](https://github.com/cloudsploit/scans) Cloud security configuration checks
- [**899**Star][19d] [Py] [nsacyber/gosecure](https://github.com/nsacyber/goSecure) An easy to use and portable Virtual Private Network (VPN) system built with Linux and a Raspberry Pi. #nsacyber
- [**899**Star][1y] [C++] [secrary/injectproc](https://github.com/secrary/injectproc) Process Injection Techniques [This project is not maintained anymore]
- [**899**Star][12d] [Py] [numba/llvmlite](https://github.com/numba/llvmlite) A lightweight LLVM python binding for writing JIT compilers
- [**899**Star][1y] [JS] [levskaya/jslinux-deobfuscated](https://github.com/levskaya/jslinux-deobfuscated) An old version of Mr. Bellard's JSLinux rewritten to be human readable, hand deobfuscated and annotated.
- [**899**Star][10d] [jslee02/awesome-robotics-libraries](https://github.com/jslee02/awesome-robotics-libraries) 
- [**898**Star][1y] [Visual Basic .NET] [mdsecactivebreach/sharpshooter](https://github.com/mdsecactivebreach/sharpshooter) Payload Generation Framework
- [**897**Star][15d] [Go] [ukhomeoffice/repo-security-scanner](https://github.com/ukhomeoffice/repo-security-scanner) CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
- [**897**Star][10d] [Swift] [googleprojectzero/fuzzilli](https://github.com/googleprojectzero/fuzzilli) A JavaScript Engine Fuzzer
- [**896**Star][9m] [Py] [lijiejie/bbscan](https://github.com/lijiejie/bbscan) A vulnerability scanner focus on scanning large number of targets in short time with a minimal set of rules.
- [**896**Star][7d] [Py] [jendrikseipp/vulture](https://github.com/jendrikseipp/vulture) Find dead Python code
- [**896**Star][2y] [Ruby] [enjoiz/xxeinjector](https://github.com/enjoiz/xxeinjector) Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
- [**896**Star][11d] [Go] [inetaf/tcpproxy](https://github.com/inetaf/tcpproxy) Proxy TCP connections based on static rules, HTTP Host headers, and SNI server names (Go package or binary)
- [**894**Star][7d] [Shell] [wslutilities/wslu](https://github.com/wslutilities/wslu) A collection of utilities for Windows 10 Linux Subsystems
- [**892**Star][9d] [JS] [kanasimi/work_crawler](https://github.com/kanasimi/work_crawler) Download comics novels 
- [**892**Star][10d] [Go] [kolide/fleet](https://github.com/kolide/fleet) A flexible control server for osquery fleets
- [**892**Star][16d] [C++] [google/security-research-pocs](https://github.com/google/security-research-pocs) Proof-of-concept codes created as part of security research done by Google Security Team.
- [**891**Star][2y] [Py] [meetmangukiya/instagram-scraper](https://github.com/meetmangukiya/instagram-scraper) Scrape the Instagram frontend
- [**891**Star][5m] [axtmueller/windows-kernel-explorer](https://github.com/axtmueller/windows-kernel-explorer) A free but powerful Windows kernel research tool.
- [**890**Star][1y] [Shell] [shadowsocks/luci-app-shadowsocks](https://github.com/shadowsocks/luci-app-shadowsocks) OpenWrt/LEDE LuCI for Shadowsocks-libev
- [**890**Star][10d] [CSS] [smartping/smartping](https://github.com/smartping/smartping) 综合性网络质量(PING)检测工具，支持正/反向PING绘图、互PING拓扑绘图与报警、全国PING延迟地图与在线检测工具等功能
- [**890**Star][10d] [Py] [scrapy/quotesbot](https://github.com/scrapy/quotesbot) This is a sample Scrapy project for educational purposes
- [**890**Star][8d] [Py] [ring04h/weakfilescan](https://github.com/ring04h/weakfilescan) 动态多线程敏感信息泄露检测工具
- [**889**Star][3m] [C] [strongswan/strongswan](https://github.com/strongswan/strongswan) strongSwan - IPsec-based VPN
- [**889**Star][3m] [rajannpatel/pi-hole-pivpn-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-openvpn-configs](https://github.com/rajannpatel/pi-hole-pivpn-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-openvpn-configs) Run your own privacy-first ad blocking service in the cloud for free on Google Cloud Services.
- [**889**Star][7d] [HTML] [j00ru/windows-syscalls](https://github.com/j00ru/windows-syscalls) Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
- [**888**Star][1y] [Shell] [thelinuxchoice/userrecon](https://github.com/thelinuxchoice/userrecon) Find usernames across over 75 social networks
- [**888**Star][12d] [Go] [sahilm/fuzzy](https://github.com/sahilm/fuzzy) Go library that provides fuzzy string matching optimized for filenames and code symbols in the style of Sublime Text, VSCode, IntelliJ IDEA et al.
- [**887**Star][1y] [Py] [s0md3v/recondog](https://github.com/s0md3v/ReconDog) Reconnaissance Swiss Army Knife
        <details>
        <summary>View Details</summary>


        ## 工具
        - Censys: Uses censys.io to gather massive amount of information about an IP address.
        - NS Lookup: Does name server lookup
        - Port Scan: Scan most common TCP ports
        - Detect CMS: Can detect 400+ content management systems
        - Whois lookup: Performs a whois lookup
        - Detect honeypot: Uses shodan.io to check if target is a honeypot
        - Find subdomains: Uses findsubdomains.com to find subdomains
        - Reverse IP lookup: Does a reverse IP lookup to find domains associated with an IP address
        - Detect technologies: Uses wappalyzer.com to detect 1000+ technologies
        - All: Runs all utilities against the target
        </details>


- [**887**Star][1y] [Py] [rev3rsesecurity/webmap](https://github.com/rev3rsesecurity/webmap) Nmap Web Dashboard and Reporting
- [**887**Star][4m] [Py] [redacted/xkcd-password-generator](https://github.com/redacted/xkcd-password-generator) Generate secure multiword passwords/passphrases, inspired by XKCD
- [**887**Star][19d] [PHP] [paragonie/halite](https://github.com/paragonie/halite) High-level cryptography interface powered by libsodium
- [**885**Star][4m] [C++] [google/uiforetw](https://github.com/google/uiforetw) User interface for recording and managing ETW traces
- [**884**Star][18d] [C] [frickle/ngx_cache_purge](https://github.com/frickle/ngx_cache_purge) nginx module which adds ability to purge content from FastCGI, proxy, SCGI and uWSGI caches.
- [**884**Star][22d] [Ruby] [rubycrypto/rbnacl](https://github.com/RubyCrypto/rbnacl) Ruby FFI binding to the Networking and Cryptography (NaCl) library (a.k.a. libsodium)
- [**884**Star][11d] [Py] [anchore/anchore-engine](https://github.com/anchore/anchore-engine) A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
- [**883**Star][7d] [Shell] [toutyrater/v2ray-guide](https://github.com/toutyrater/v2ray-guide) V2Ray 配置指南
- [**883**Star][15d] [PS] [curi0usjack/luckystrike](https://github.com/curi0usJack/luckystrike) A PowerShell based utility for the creation of malicious Office macro documents.
- [**883**Star][4m] [C] [emsec/chameleonmini](https://github.com/emsec/chameleonmini) The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. The ChameleonMini was developed by
- [**883**Star][7d] [Shell] [c0ny1/vulstudy](https://github.com/c0ny1/vulstudy) 使用docker快速搭建各大漏洞靶场，目前可以一键搭建17个靶场。
- [**883**Star][6m] [JS] [ankitrohatgi/webplotdigitizer](https://github.com/ankitrohatgi/webplotdigitizer) HTML5 based online tool to extract numerical data from plot images.
- [**883**Star][8m] [Py] [649/memcrashed-ddos-exploit](https://github.com/649/memcrashed-ddos-exploit) DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
- [**882**Star][13d] [Java] [iiitv/algos](https://github.com/iiitv/algos) Popular Algorithms and Data Structures implemented in popular languages
- [**882**Star][4m] [trimstray/iptables-essentials](https://github.com/trimstray/iptables-essentials) Common Firewall Rules and Commands.
- [**882**Star][4m] [ObjC] [meitu/mthawkeye](https://github.com/meitu/mthawkeye) Profiling / Debugging assist tools for iOS. (Memory Leak, OOM, ANR, Hard Stalling, Network, OpenGL, Time Profile ...)
- [**881**Star][11d] [C++] [dresden-elektronik/deconz-rest-plugin](https://github.com/dresden-elektronik/deconz-rest-plugin) REST API Plugin to control ZigBee lights like Philips Hue and dresden elektroniks wireless electronic ballasts
- [**881**Star][21d] [Java] [googlearchive/android-bluetoothlegatt](https://github.com/googlearchive/android-BluetoothLeGatt) Migrated:
- [**881**Star][10d] [Py] [qilingframework/qiling](https://github.com/qilingframework/qiling) Qiling Advanced Binary Emulation Framework
- [**881**Star][2y] [Py] [marcwebbie/passpie](https://github.com/marcwebbie/passpie) Command-line password manager
- [**880**Star][2y] [C++] [illera88/ponce](https://github.com/illera88/ponce) Symbolic Execution just one-click away!
- [**880**Star][11d] [Py] [awslabs/aws-config-rules](https://github.com/awslabs/aws-config-rules) [Node, Python, Java] Repository of sample Custom Rules for AWS Config.
- [**879**Star][2y] [C] [paboldin/meltdown-exploit](https://github.com/paboldin/meltdown-exploit) Meltdown exploit
- [**878**Star][10d] [TS] [alibaba/lightproxy](https://github.com/alibaba/lightproxy) 
- [**878**Star][10d] [PHP] [zhuifengshaonianhanlu/pikachu](https://github.com/zhuifengshaonianhanlu/pikachu) 一个好玩的Web安全-漏洞测试平台
- [**878**Star][11d] [Rust] [rust-fuzz/afl.rs](https://github.com/rust-fuzz/afl.rs) run AFL on code written in the Rust programming language.
- [**878**Star][3m] [C] [rewardone/oscprepo](https://github.com/rewardone/oscprepo) A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan (py2) in scripts folder. Py3 port coming. Custom ISO coming.
- [**878**Star][12d] [Go] [armon/go-socks5](https://github.com/armon/go-socks5) SOCKS5 server in Golang
- [**877**Star][10d] [ly0n/awesome-robotic-tooling](https://github.com/ly0n/awesome-robotic-tooling) Tools for professional robotic development with ROS in C++ and Python
- [**877**Star][4m] [JS] [vksrc/github-monitor](https://github.com/vksrc/github-monitor) Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
- [**877**Star][7m] [C] [spacehuhn/wifi_ducky](https://github.com/spacehuhn/wifi_ducky) Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
- [**877**Star][5m] [Py] [salesforce/ja3](https://github.com/salesforce/ja3)  a standard for creating SSL client fingerprints in an easy to produce and shareable way.
- [**876**Star][24d] [JS] [atonasting/zhihuspider](https://github.com/atonasting/zhihuspider) 网站「看知乎」的爬虫
- [**876**Star][7d] [PHP] [raikia/fiercephish](https://github.com/Raikia/FiercePhish) FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
- [**876**Star][4m] [Assembly] [bitdump/blheli](https://github.com/bitdump/blheli) BLHeli for brushless ESC firmware
- [**875**Star][10d] [Ruby] [sorcery/sorcery](https://github.com/sorcery/sorcery) Magical Authentication
- [**875**Star][4m] [AutoIt] [bioruebe/uniextract2](https://github.com/bioruebe/uniextract2) Universal Extractor 2 is a tool to extract files from any type of archive or installer.
- [**873**Star][11d] [Py] [yampelo/beagle](https://github.com/yampelo/beagle)  an incident response and digital forensics tool which transforms security logs and data into graphs.
- [**872**Star][15d] [C] [facebook/transform360](https://github.com/facebook/transform360) Transform360 is an equirectangular to cubemap transform for 360 video.
- [**872**Star][4m] [C++] [tasvideos/bizhawk](https://github.com/tasvideos/bizhawk) a multi-system emulator written in C#.
- [**871**Star][10d] [Java] [klausw/hackerskeyboard](https://github.com/klausw/hackerskeyboard) Hacker's Keyboard (official)
- [**871**Star][10d] [Py] [hubert3/isniff-gps](https://github.com/hubert3/isniff-gps) Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices
- [**870**Star][4m] [Py] [rajkumardusad/tool-x](https://github.com/rajkumardusad/tool-x) Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions.
- [**870**Star][4m] [Py] [newfuture/ddns](https://github.com/newfuture/ddns) 自动更新 DNS 解析 到本机 IP 地址,支持 ipv4 和 ipv6 以 本地(内网)IP 和 公网 IP。 代理模式,支持自动创建域名记录。
- [**870**Star][4m] [v33ru/iotsecurity101](https://github.com/v33ru/iotsecurity101) From IoT Pentesting to IoT Security
- [**870**Star][12d] [C++] [ptrkrysik/gr-gsm](https://github.com/ptrkrysik/gr-gsm) Gnuradio blocks and tools for receiving GSM transmissions
- [**870**Star][4m] [feeicn/security-ppt](https://github.com/feeicn/security-ppt) 大安全各领域各公司各会议分享的PPT
- [**869**Star][16d] [C] [strazzere/android-unpacker](https://github.com/strazzere/android-unpacker) Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
- [**869**Star][10d] [Shell] [osresearch/heads](https://github.com/osresearch/heads) A minimal Linux that runs as a coreboot or LinuxBoot ROM payload to provide a secure, flexible boot environment for laptops and servers.
- [**869**Star][10d] [C++] [ohpe/juicy-potato](https://github.com/ohpe/juicy-potato) A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
- [**869**Star][6m] [Py] [jordanpotti/awsbucketdump](https://github.com/jordanpotti/awsbucketdump) Security Tool to Look For Interesting Files in S3 Buckets
- [**868**Star][3m] [JS] [serpicoproject/serpico](https://github.com/SerpicoProject/Serpico) SimplE RePort wrIting and COllaboration tool
- [**868**Star][4m] [JS] [serpicoproject/serpico](https://github.com/serpicoproject/serpico) a penetration testing report generation and collaboration tool
- [**868**Star][4y] [C] [gurnec/hashcheck](https://github.com/gurnec/hashcheck) HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org
- [**867**Star][12d] [v2-dev/awesome-social-engineering](https://github.com/v2-dev/awesome-social-engineering) A curated list of awesome social engineering resources.
- [**867**Star][10d] [HTML] [tennc/fuzzdb](https://github.com/tennc/fuzzdb) 一个fuzzdb扩展库
- [**867**Star][2y] [Shell] [kpwn/iosre](https://github.com/kpwn/iosre) iOS Reverse Engineering
- [**866**Star][10d] [Py] [hellman/xortool](https://github.com/hellman/xortool) A tool to analyze multi-byte xor cipher
- [**866**Star][13d] [C] [examplecode/mproxy](https://github.com/examplecode/mproxy) c 语言实现的一个最小的http代理，支持翻墙
- [**864**Star][11d] [Py] [marvis/pytorch-caffe-darknet-convert](https://github.com/marvis/pytorch-caffe-darknet-convert) convert between pytorch, caffe prototxt/weights and darknet cfg/weights
- [**864**Star][10d] [shmilylty/awesome-hacking](https://github.com/shmilylty/awesome-hacking) awesome hacking chinese version
- [**864**Star][1y] [Go] [misecurity/x-patrol](https://github.com/misecurity/x-patrol) github泄露扫描系统
- [**864**Star][8m] [Py] [anorov/pysocks](https://github.com/anorov/pysocks) A SOCKS proxy client and wrapper for Python.
- [**863**Star][10d] [PHP] [ssl/ezxss](https://github.com/ssl/ezxss) ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
- [**862**Star][13d] [Java] [stealthcopter/androidnetworktools](https://github.com/stealthcopter/androidnetworktools) Set of useful android network tools
- [**862**Star][2y] [HTML] [ustayready/credsniper](https://github.com/ustayready/credsniper) CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
- [**861**Star][11d] [JS] [peculiarventures/pki.js](https://github.com/peculiarventures/pki.js) PKI.js is a pure JavaScript library implementing the formats that are used in PKI applications (signing, encryption, certificate requests, OCSP and TSP requests/responses). It is built on WebCrypto (Web Cryptography API) and requires no plug-ins.
- [**861**Star][13d] [Java] [tmobile/pacbot](https://github.com/tmobile/pacbot) PacBot (Policy as Code Bot)
- [**860**Star][2m] [Py] [jtpereyda/boofuzz](https://github.com/jtpereyda/boofuzz) A fork and successor of the Sulley Fuzzing Framework
- [**860**Star][11d] [Py] [istresearch/scrapy-cluster](https://github.com/istresearch/scrapy-cluster) This Scrapy project uses Redis and Kafka to create a distributed on demand scraping cluster.
- [**860**Star][12d] [Py] [ietf-wg-acme/acme](https://github.com/ietf-wg-acme/acme) A protocol for automating certificate issuance
- [**860**Star][10d] [Haskell] [galoisinc/cryptol](https://github.com/galoisinc/cryptol) The Language of Cryptography
- [**860**Star][11d] [JS] [brianlovin/security-checklist](https://github.com/brianlovin/security-checklist) A checklist for staying safe on the internet
- [**859**Star][10d] [PS] [bc-security/empire](https://github.com/bc-security/empire) Empire is a PowerShell and Python 3.x post-exploitation framework.
- [**859**Star][7d] [Py] [liuroy/zhihu_spider](https://github.com/liuroy/zhihu_spider) 知乎爬虫
- [**859**Star][1y] [Go] [tiagorlampert/chaos](https://github.com/tiagorlampert/chaos) a PoC that allow generate payloads and control remote operating system
- [**859**Star][11d] [C] [strace/strace](https://github.com/strace/strace) strace is a diagnostic, debugging and instructional userspace utility for Linux
- [**859**Star][3m] [Py] [ma1co/sony-pmca-re](https://github.com/ma1co/sony-pmca-re) Reverse engineering Sony PlayMemories Camera Apps
- [**858**Star][12d] [C++] [shekyan/slowhttptest](https://github.com/shekyan/slowhttptest) Application Layer DoS attack simulator
- [**858**Star][10d] [ntkernel/lantern](https://github.com/ntkernel/lantern) 免费 V2Ray 配置（vmess）
- [**858**Star][15d] [Py] [konradit/gopro-py-api](https://github.com/konradit/gopro-py-api) Unofficial GoPro API Library for Python - connect to GoPro via WiFi.
- [**857**Star][14d] [C] [aircrack-ng/aircrack-ng-archive](https://github.com/aircrack-ng/aircrack-ng-archive) Pre-migration repository. New repository ➙
- [**857**Star][17d] [utkusen/hidden-tear](https://github.com/utkusen/hidden-tear) an open source ransomware honeypot
- [**857**Star][4m] [GLSL] [khronosgroup/spirv-cross](https://github.com/khronosgroup/spirv-cross)  a practical tool and library for performing reflection on SPIR-V and disassembling SPIR-V back to high level languages.
- [**857**Star][7d] [Py] [anouarbensaad/vulnx](https://github.com/anouarbensaad/vulnx) An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of CMS
- [**856**Star][11d] [magnetikonline/linux-microsoft-ie-virtual-machines](https://github.com/magnetikonline/linux-microsoft-ie-virtual-machines) Run Internet Explorer 8/9/10/11/MS-Edge Virtual machines from Microsoft under Linux via VirtualBox.
- [**856**Star][11d] [PHP] [walkor/shadowsocks-php](https://github.com/walkor/shadowsocks-php) A php port of shadowsocks based on workerman. A socks5 proxy written in PHP.
- [**856**Star][10d] [TSQL] [threathunterx/nebula](https://github.com/threathunterx/nebula) "星云"业务风控系统，主工程
- [**856**Star][13d] [Py] [kgretzky/evilginx](https://github.com/kgretzky/evilginx) man-in-the-middle attack framework used for phishing credentials and session cookies of any web service
- [**856**Star][10d] [JS] [code-kotis/qr-code-scanner](https://github.com/code-kotis/qr-code-scanner) 
- [**854**Star][7d] [C++] [acidanthera/virtualsmc](https://github.com/acidanthera/virtualsmc) SMC emulator layer
- [**854**Star][12d] [JS] [edsu/anon](https://github.com/edsu/anon) tweet about anonymous Wikipedia edits from particular IP address ranges
- [**852**Star][1y] [C++] [tencent/tscancode](https://github.com/tencent/tscancode) A static code analyzer for C++, C#, Lua
- [**851**Star][3m] [Py] [blankerl/dxy-covid-19-crawler](https://github.com/blankerl/dxy-covid-19-crawler) 2019新型冠状病毒疫情实时爬虫及API | COVID-19/2019-nCoV Realtime Infection Crawler and API
- [**851**Star][4m] [C] [sheepdog/sheepdog](https://github.com/sheepdog/sheepdog) Distributed Storage System for QEMU
- [**850**Star][11d] [Go] [machine-drivers/docker-machine-driver-xhyve](https://github.com/machine-drivers/docker-machine-driver-xhyve) docker-machine/minikube/minishift driver plugin for xhyve/hyperkit (native macOS hypervisor.framework)
- [**850**Star][10d] [ukncsc/zero-trust-architecture](https://github.com/ukncsc/zero-trust-architecture) Principles to help you design and deploy a zero trust architecture
- [**850**Star][13d] [C#] [terminals-origin/terminals](https://github.com/terminals-origin/terminals) Terminals is a secure, multi tab terminal services/remote desktop client. It uses Terminal Services ActiveX Client (mstscax.dll). The project started from the need of controlling multiple connections simultaneously. It is a complete replacement for the mstsc.exe (Terminal Services) client. This is official source moved from Codeplex.
- [**850**Star][10d] [Go] [thoughtworks/talisman](https://github.com/thoughtworks/talisman) By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.
- [**850**Star][10d] [Py] [shawndevans/smbmap](https://github.com/shawndevans/smbmap) SMBMap is a handy SMB enumeration tool
- [**850**Star][11d] [Py] [hisxo/gitgraber](https://github.com/hisxo/gitgraber) monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
- [**850**Star][4m] [halfkiss/zjdroid](https://github.com/halfkiss/zjdroid) Android app dynamic reverse tool based on Xposed framework.
- [**849**Star][10d] [Py] [threatexpress/domainhunter](https://github.com/threatexpress/domainhunter) Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
- [**849**Star][2m] [Shell] [gaoyifan/china-operator-ip](https://github.com/gaoyifan/china-operator-ip) 中国运营商IPv4/IPv6地址库-每日更新
- [**849**Star][10d] [Go] [eldadru/ksniff](https://github.com/eldadru/ksniff) Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark
- [**847**Star][4m] [JS] [lijinma/wechat_spider](https://github.com/lijinma/wechat_spider) 使用“代理”的方式来抓取微信公众账号文章，可以抓取阅读数、点赞数，基于 anyproxy。
- [**847**Star][1y] [Java] [mitre/http-proxy-servlet](https://github.com/mitre/http-proxy-servlet) Smiley's HTTP Proxy implemented as a Java servlet
- [**847**Star][4y] [Shell] [hellofwy/ss-bash](https://github.com/hellofwy/ss-bash) Shadowsocks流量管理脚本
- [**847**Star][10d] [C++] [facebookincubator/fizz](https://github.com/facebookincubator/fizz) C++14 implementation of the TLS-1.3 standard
- [**847**Star][5y] [PS] [clymb3r/powershell](https://github.com/clymb3r/powershell) Useful PowerShell scripts
- [**846**Star][3m] [C++] [jpd002/play-](https://github.com/jpd002/play-) Play! - PlayStation 2 Emulator
- [**846**Star][11d] [vysecurity/redtips](https://github.com/vysecurity/RedTips) Red Team Tips as posted by
- [**846**Star][6m] [redhuntlabs/redhunt-os](https://github.com/redhuntlabs/redhunt-os) Virtual Machine for Adversary Emulation and Threat Hunting
- [**846**Star][11d] [C] [krakjoe/phpdbg](https://github.com/krakjoe/phpdbg) The Interactive PHP Debugger
- [**846**Star][2m] [Shell] [andreyvit/create-dmg](https://github.com/andreyvit/create-dmg) A shell script to build fancy DMGs
- [**845**Star][7d] [PS] [zhacker13/reversetcpshell](https://github.com/zhacker13/reversetcpshell) PowerShell ReverseTCP Shell - Framework
- [**845**Star][22d] [Go] [trivago/gollum](https://github.com/trivago/gollum) An n:m message multiplexer written in Go
- [**845**Star][12m] [ObjC] [sevenbits/mac-linux-usb-loader](https://github.com/sevenbits/mac-linux-usb-loader) Boot Linux on your Mac, easily
- [**845**Star][14d] [Java] [dragonite-network/dragonite-java](https://github.com/dragonite-network/dragonite-java) [DEPRECATED, please check
- [**845**Star][5m] [Shell] [aqzt/kjyw](https://github.com/aqzt/kjyw) 快捷运维，代号kjyw，项目基于shell、python，运维脚本工具库，收集各类运维常用工具脚本，实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
- [**844**Star][8d] [Java] [wycm/zhihu-crawler](https://github.com/wycm/zhihu-crawler) zhihu-crawler是一个基于Java的高性能、支持免费http代理池、支持横向扩展、分布式爬虫项目
- [**844**Star][11d] [C] [intel/nemu](https://github.com/intel/nemu) Modern Hypervisor for the Cloud
- [**844**Star][10m] [Shell] [danielmiessler/robotsdisallowed](https://github.com/danielmiessler/robotsdisallowed) A curated list of the most common and most interesting robots.txt disallowed directories.
- [**843**Star][8m] [C++] [redasmorg/redasm](https://github.com/redasmorg/redasm) The OpenSource Disassembler
- [**843**Star][11d] [Py] [nekmo/dirhunt](https://github.com/nekmo/dirhunt) Find web directories without bruteforce
- [**842**Star][15d] [Py] [ilektrojohn/creepy](https://github.com/ilektrojohn/creepy) A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.
- [**842**Star][18d] [C++] [nodejs/llnode](https://github.com/nodejs/llnode) An lldb plugin for Node.js and V8, which enables inspection of JavaScript states for insights into Node.js processes and their core dumps.
- [**842**Star][3m] [C] [google/afl](https://github.com/google/afl) american fuzzy lop - a security-oriented fuzzer
- [**840**Star][11d] [C] [emmericp/ixy](https://github.com/emmericp/ixy) A simple yet fast user space network driver for Intel 10 Gbit/s NICs written from scratch
- [**840**Star][10d] [Dockerfile] [badtuxx/giropops-monitoring](https://github.com/badtuxx/giropops-monitoring) Full stack tools for monitoring containers and other stuff. ;)
- [**839**Star][10d] [C++] [google/shaderc](https://github.com/google/shaderc) A collection of tools, libraries, and tests for Vulkan shader compilation.
- [**838**Star][17d] [JS] [googlearchive/cloud-functions-emulator](https://github.com/googlearchive/cloud-functions-emulator) A local emulator for deploying, running, and debugging Google Cloud Functions.
- [**837**Star][10d] [PS] [mantvydasb/redteam-tactics-and-techniques](https://github.com/mantvydasb/RedTeam-Tactics-and-Techniques) Red Teaming Tactics and Techniques
- [**836**Star][16d] [Lua] [starjun/openstar](https://github.com/starjun/openstar) lua waf,nginx+lua,openresty,luajit,waf+,cdn,nginx
- [**835**Star][4m] [Shell] [shr3ddersec/shr3dkit](https://github.com/shr3ddersec/shr3dkit) Red Team Tool Kit
- [**835**Star][10d] [C] [jedisct1/minisign](https://github.com/jedisct1/minisign) A dead simple tool to sign files and verify digital signatures.
- [**834**Star][7d] [Py] [s0md3v/hash-buster](https://github.com/s0md3v/Hash-Buster) Crack hashes in seconds.
- [**834**Star][4m] [JS] [wjcrowcroft/motioncaptcha](https://github.com/wjcrowcroft/motioncaptcha) MotionCAPTCHA jQuery Plugin - Stop Spam, Draw Shapes
- [**834**Star][4m] [Py] [ibm/aif360](https://github.com/ibm/aif360) A comprehensive set of fairness metrics for datasets and machine learning models, explanations for these metrics, and algorithms to mitigate bias in datasets and models.
- [**833**Star][6y] [C] [madeye/gaeproxy](https://github.com/madeye/gaeproxy) GAEProxy for Android (Deprecated)
- [**833**Star][5m] [C] [reisyukaku/reinx](https://github.com/reisyukaku/reinx) A modular Switch custom firmware
- [**832**Star][4m] [Py] [khast3x/h8mail](https://github.com/khast3x/h8mail) Password Breach Hunting & Email OSINT tool, locally or using premium services. Supports chasing down related email
- [**831**Star][13d] [Swift] [steamclock/bluejay](https://github.com/steamclock/bluejay) A simple Swift framework for building reliable Bluetooth LE apps.
- [**831**Star][12d] [Py] [nccgroup/featherduster](https://github.com/nccgroup/featherduster) An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
- [**830**Star][10d] [Go] [martinlindhe/wmi_exporter](https://github.com/martinlindhe/wmi_exporter) Prometheus exporter for Windows machines using WMI
- [**830**Star][9m] [Py] [secforce/tunna](https://github.com/secforce/tunna) Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
- [**830**Star][10d] [TS] [node-opcua/node-opcua](https://github.com/node-opcua/node-opcua) an implementation of a OPC UA stack fully written in javascript and nodejs -
- [**830**Star][11d] [Py] [gosecure/malboxes](https://github.com/gosecure/malboxes) Builds malware analysis Windows VMs so that you don't have to.
- [**830**Star][4m] [C] [dynup/kpatch](https://github.com/dynup/kpatch) live kernel patching
- [**829**Star][14d] [Shell] [robbintt/popup-openvpn](https://github.com/robbintt/popup-openvpn) Make a self hosted OpenVPN server in 15 minutes
- [**829**Star][4m] [Shell] [denilsonsa/prettyping](https://github.com/denilsonsa/prettyping) `prettyping` is a wrapper around the standard `ping` tool, making the output prettier, more colorful, more compact, and easier to read.
- [**828**Star][4m] [Rust] [google/opensk](https://github.com/google/opensk) OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
- [**828**Star][13d] [Go] [ddz/whatsapp-media-decrypt](https://github.com/ddz/whatsapp-media-decrypt) Decrypt WhatsApp encrypted media files
- [**828**Star][7d] [Jupyter Notebook] [carefree0910/machinelearning](https://github.com/carefree0910/machinelearning) Machine learning algorithms implemented by pure numpy
- [**828**Star][1y] [JS] [zone117x/node-open-mining-portal](https://github.com/zone117x/node-open-mining-portal) A scalable all-in-one easy to setup cryptocurrency mining pool and portal written entirely in Node.js.
- [**828**Star][5y] [etsy/midas](https://github.com/etsy/midas) Mac Intrusion Detection Analysis System
- [**827**Star][1y] [sandboxescaper/randomrepo](https://github.com/sandboxescaper/randomrepo) Repo for random stuff
- [**827**Star][4m] [Go] [parsiya/hacking-with-go](https://github.com/parsiya/hacking-with-go) Golang for Security Professionals
- [**826**Star][7d] [JS] [berkeley-reject/workers-proxy](https://github.com/Berkeley-Reject/Workers-Proxy) a lightweight Javascript application that retrieves resource as a client from other servers.
- [**826**Star][11d] [C] [thewover/donut](https://github.com/thewover/donut) Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
- [**826**Star][22d] [Py] [pirate/security-growler](https://github.com/pirate/security-growler) 
- [**826**Star][12d] [Ruby] [net-ssh/net-ssh](https://github.com/net-ssh/net-ssh) Pure Ruby implementation of an SSH (protocol 2) client
- [**826**Star][3y] [Ruby] [elevenpaths/eternalblue-doublepulsar-metasploit](https://github.com/elevenpaths/eternalblue-doublepulsar-metasploit) Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.
- [**826**Star][14d] [Ruby] [dmayer/idb](https://github.com/dmayer/idb) simplify some common tasks for iOS pentesting and research
- [**825**Star][14d] [Py] [utkusen/leviathan](https://github.com/utkusen/leviathan) wide range mass audit toolkit
- [**825**Star][14d] [Py] [utkusen/leviathan](https://github.com/utkusen/leviathan) wide range mass audit toolkit
- [**825**Star][4m] [PHP] [zhufaner/shadowsocks-manage-system](https://github.com/zhufaner/shadowsocks-manage-system) 科学上网管理系统
- [**825**Star][4m] [Py] [yeti-platform/yeti](https://github.com/yeti-platform/yeti) Your Everyday Threat Intelligence
- [**825**Star][10d] [trimstray/linux-hardening-checklist](https://github.com/trimstray/linux-hardening-checklist) Simple checklist to help you deploying the most important areas of the GNU/Linux production systems - work in progress.
- [**825**Star][14d] [Go] [schollz/find-lf](https://github.com/schollz/find-lf) Track the location of every Wi-Fi device (
- [**825**Star][10m] [Go] [haccer/subjack](https://github.com/haccer/subjack) Subdomain Takeover tool written in Go
- [**824**Star][8d] [Ruby] [rastating/wordpress-exploit-framework](https://github.com/rastating/wordpress-exploit-framework) A Ruby framework designed to aid in the penetration testing of WordPress systems.
- [**824**Star][1y] [Py] [mak-/parameth](https://github.com/mak-/parameth)  brute discover GET and POST parameters
- [**823**Star][10d] [C] [powershell/openssh-portable](https://github.com/powershell/openssh-portable) Portable OpenSSH, all Win32-OpenSSH releases and wiki are managed at
- [**823**Star][3m] [C#] [justcoding121/titanium-web-proxy](https://github.com/justcoding121/titanium-web-proxy) A cross-platform asynchronous HTTP(S) proxy server in C#.
- [**822**Star][10d] [JS] [betaflight/betaflight-configurator](https://github.com/betaflight/betaflight-configurator) Cross platform configuration tool for the Betaflight firmware
- [**822**Star][8m] [sh4hin/androl4b](https://github.com/sh4hin/androl4b) A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
- [**822**Star][4m] [aleenzz/cobalt_strike_wiki](https://github.com/aleenzz/cobalt_strike_wiki) Cobalt Strike系列
- [**821**Star][11d] [Swift] [apple/swift-crypto](https://github.com/apple/swift-crypto) Open-source implementation of a substantial portion of the API of Apple CryptoKit suitable for use on Linux platforms.
- [**821**Star][10d] [pfarb/awesome-crypto-papers](https://github.com/pfarb/awesome-crypto-papers) A curated list of cryptography papers, articles, tutorials and howtos.
- [**821**Star][21d] [ObjC] [isecpartners/ios-ssl-kill-switch](https://github.com/isecpartners/ios-ssl-kill-switch) Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps
- [**821**Star][15d] [Py] [dagrz/aws_pwn](https://github.com/dagrz/aws_pwn) A collection of AWS penetration testing junk
- [**820**Star][7d] [PS] [farag2/windows-10-setup-script](https://github.com/farag2/windows-10-setup-script) Script to setup Windows 10 1903/1909
- [**820**Star][10d] [Swift] [zhuhaow/specht](https://github.com/zhuhaow/specht) A rule-based proxy app built with Network Extension for macOS
- [**820**Star][1y] [PS] [kevin-robertson/invoke-thehash](https://github.com/kevin-robertson/invoke-thehash) PowerShell functions for performing pass the hash WMI and SMB tasks
- [**820**Star][12d] [Go] [ga0/netgraph](https://github.com/ga0/netgraph) A cross platform http sniffer with a web UI
- [**820**Star][12d] [C++] [dor1s/libfuzzer-workshop](https://github.com/dor1s/libfuzzer-workshop) Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
- [**819**Star][4m] [numirias/security](https://github.com/numirias/security) Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
- [**819**Star][14d] [Go] [evilsocket/dnssearch](https://github.com/evilsocket/dnssearch) A subdomain enumeration tool.
- [**818**Star][12d] [PHP] [reactphp/socket](https://github.com/reactphp/socket) Async, streaming plaintext TCP/IP and secure TLS socket server and client connections for ReactPHP.
- [**817**Star][14d] [Py] [sevagas/macro_pack](https://github.com/sevagas/macro_pack) automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to fin…
- [**817**Star][11d] [JS] [googlechrome/proxy-polyfill](https://github.com/googlechrome/proxy-polyfill) Proxy object polyfill
- [**817**Star][11d] [XSLT] [adon90/pentest_compilation](https://github.com/adon90/pentest_compilation) Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
- [**816**Star][11d] [uknowsec/active-directory-pentest-notes](https://github.com/uknowsec/active-directory-pentest-notes) Active-Directory-Pentest-Notes
- [**816**Star][3y] [C] [timwr/cve-2016-5195](https://github.com/timwr/cve-2016-5195) CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android
- [**816**Star][11d] [shirosaidev/diskover](https://github.com/shirosaidev/diskover) File system crawler, disk space usage, file search engine and file system analytics powered by Elasticsearch
- [**816**Star][15d] [C] [rdesktop/rdesktop](https://github.com/rdesktop/rdesktop) 
- [**815**Star][6m] [JS] [sindresorhus/is-online](https://github.com/sindresorhus/is-online) Check if the internet connection is up
- [**814**Star][11d] [C++] [leggedrobotics/darknet_ros](https://github.com/leggedrobotics/darknet_ros) Real-Time Object Detection for ROS
- [**814**Star][4m] [Java] [gaul/s3proxy](https://github.com/gaul/s3proxy) Access other storage backends via the S3 API
- [**814**Star][9m] [Scala] [antox/antox](https://github.com/antox/antox) Android client for Project Tox - Secure Peer to Peer Messaging
- [**813**Star][10d] [arkadiyt/bounty-targets-data](https://github.com/arkadiyt/bounty-targets-data) This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
- [**812**Star][11d] [Go] [rhaidiz/broxy](https://github.com/rhaidiz/broxy) An HTTP/HTTPS intercept proxy written in Go.
- [**812**Star][8d] [CSS] [w-digital-scanner/w12scan](https://github.com/w-digital-scanner/w12scan) a network asset discovery engine that can automatically aggregate related assets for analysis and use
- [**812**Star][2y] [Py] [viralmaniar/passhunt](https://github.com/viralmaniar/passhunt) Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
- [**811**Star][4m] [Java] [zstackio/zstack](https://github.com/zstackio/zstack) ZStack - the open-source IaaS software
- [**811**Star][15d] [Go] [rs/jplot](https://github.com/rs/jplot) iTerm2 expvar/JSON monitoring tool
- [**811**Star][11d] [C#] [obfuscar/obfuscar](https://github.com/obfuscar/obfuscar) Open source obfuscation tool for .NET assemblies
- [**811**Star][4y] [C++] [bwall/hashpump](https://github.com/bwall/hashpump) A tool to exploit the hash length extension attack in various hashing algorithms
- [**811**Star][12d] [C] [aorimn/dislocker](https://github.com/aorimn/dislocker) FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX
- [**811**Star][12d] [Go] [anshumanbh/git-all-secrets](https://github.com/anshumanbh/git-all-secrets) A tool to capture all the git secrets by leveraging multiple open source git searching tools
- [**810**Star][10d] [HCL] [rhinosecuritylabs/cloudgoat](https://github.com/rhinosecuritylabs/cloudgoat) CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
- [**810**Star][3y] [Py] [fuzzbunch/fuzzbunch](https://github.com/fuzzbunch/fuzzbunch) NSA finest tool
- [**809**Star][4y] [Go] [ryhanson/phishery](https://github.com/ryhanson/phishery) An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
- [**808**Star][1y] [HTML] [sense-of-security/adrecon](https://github.com/sense-of-security/adrecon) gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
- [**808**Star][10d] [C] [rapid7/metasploit-payloads](https://github.com/rapid7/metasploit-payloads) Unified repository for different Metasploit Framework payloads
- [**808**Star][10d] [PS] [olafhartong/sysmon-modular](https://github.com/olafhartong/sysmon-modular) A repository of sysmon configuration modules
- [**807**Star][11d] [C++] [electron/rcedit](https://github.com/electron/rcedit) Command line tool to edit resources of exe
- [**807**Star][10d] [te-k/flexidie](https://github.com/te-k/flexidie) Source code and binaries of FlexiSpy from the Flexidie dump
- [**807**Star][2y] [ObjC] [igrsoft/kismac2](https://github.com/igrsoft/kismac2) KisMAC is a free, open source wireless stumbling and security tool for Mac OS X.
- [**807**Star][3m] [Py] [bishopfox/gitgot](https://github.com/bishopfox/gitgot) Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
- [**806**Star][22d] [JS] [node-pcap/node_pcap](https://github.com/node-pcap/node_pcap) libpcap bindings for node
- [**806**Star][12d] [C++] [csmith-project/creduce](https://github.com/csmith-project/creduce) C-Reduce, a C program reducer
- [**806**Star][10d] [C++] [cmu-sei/pharos](https://github.com/cmu-sei/pharos) Automated static analysis tools for binary programs
- [**805**Star][12d] [Ruby] [ollypwn/curveball](https://github.com/ollypwn/CurveBall) PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
- [**805**Star][4m] [ObjC] [renmoqiqi/100-days-of-ios-datastructure-algorithm](https://github.com/renmoqiqi/100-days-of-ios-datastructure-algorithm) 100天iOS数据结构与算法实战
- [**805**Star][1m] [Ruby] [estiens/world_cup_json](https://github.com/estiens/world_cup_json) Rails backend for a scraper that outputs World Cup data as JSON
- [**804**Star][16d] [Py] [empireproject/empyre](https://github.com/EmpireProject/EmPyre) A post-exploitation OS X/Linux agent written in Python 2.7
- [**804**Star][11d] [Ruby] [intrigueio/intrigue-core](https://github.com/intrigueio/intrigue-core) Discover Your Attack Surface
- [**803**Star][10d] [Perl] [gouveaheitor/nipe](https://github.com/GouveaHeitor/nipe) A engine to make Tor network your default gateway
- [**803**Star][6y] [Pascal] [prof7bit/torchat](https://github.com/prof7bit/torchat) Decentralized anonymous instant messenger on top of Tor Hidden Services
- [**803**Star][3y] [C#] [netflix/fido](https://github.com/netflix/fido) an orchestration layer used to automate the incident response process by evaluating, assessing and responding to malware
- [**803**Star][3m] [Java] [dragonetmc/dragonproxy](https://github.com/dragonetmc/dragonproxy) A proxy to allow Minecraft: Bedrock clients to connect to Minecraft: Java Edition servers.
- [**803**Star][24d] [Go] [codahale/sneaker](https://github.com/codahale/sneaker) A tool for securely storing secrets on S3 using Amazon KMS.
- [**803**Star][4m] [Java] [blankeer/mdwechat](https://github.com/blankeer/mdwechat) 一个能让微信 Material Design 化的 Xposed 模块
- [**802**Star][12d] [C#] [nicehash/nicehashminer-archived](https://github.com/nicehash/nicehashminer-archived) NiceHash easy to use CPU&GPU Miner
- [**802**Star][10d] [HTML] [wi-fi-analyzer/fluxion](https://github.com/wi-fi-analyzer/fluxion) Offical repo for fluxion
- [**802**Star][4m] [Py] [skelsec/pypykatz](https://github.com/skelsec/pypykatz) Mimikatz implementation in pure Python
- [**802**Star][10d] [Go] [rhymen/go-whatsapp](https://github.com/rhymen/go-whatsapp) WhatsApp Web API
- [**801**Star][4m] [C] [netsniff-ng/netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) A Swiss army knife for your daily Linux network plumbing.
- [**801**Star][12d] [daviddias/awesome-hacking-locations](https://github.com/daviddias/awesome-hacking-locations) List of Awesome Hacking Locations, organised by Country and City, listing if it features power and wifi. 
- [**801**Star][1y] [C] [theofficialflow/adrenaline](https://github.com/theofficialflow/adrenaline) Custom Firmware 6.61 Adrenaline for the PSP Emulator
- [**801**Star][4m] [PS] [davehull/kansa](https://github.com/davehull/kansa) A Powershell incident response framework
- [**800**Star][4m] [Java] [mbechler/marshalsec](https://github.com/mbechler/marshalsec) Java Unmarshaller Security - Turning your data into code execution
- [**799**Star][1y] [Py] [phaethon/kamene](https://github.com/phaethon/kamene) Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
- [**797**Star][12d] [lirantal/awesome-nodejs-security](https://github.com/lirantal/awesome-nodejs-security) Awesome Node.js Security resources
- [**797**Star][3y] [Py] [empireproject/empyre](https://github.com/empireproject/empyre) A post-exploitation OS X/Linux agent written in Python 2.7
- [**797**Star][4m] [Py] [abhinavsingh/proxy.py](https://github.com/abhinavsingh/proxy.py) 快速，轻便，可插拔，支持TLS拦截的代理服务器，专注于网络监视，控件和应用程序开发，测试，调试
- [**795**Star][3y] [Shell] [screetsec/dracnmap](https://github.com/screetsec/dracnmap) Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform va…
- [**794**Star][7m] [microsoft/msrc-security-research](https://github.com/microsoft/msrc-security-research) Security Research from the Microsoft Security Response Center (MSRC)
- [**794**Star][2y] [C] [jklmnn/imagejs](https://github.com/jklmnn/imagejs) Small tool to package javascript into a valid image file.
- [**793**Star][10d] [Makefile] [kuoruan/openwrt-v2ray](https://github.com/kuoruan/openwrt-v2ray) V2Ray for OpenWrt
- [**793**Star][5m] [C++] [snort3/snort3](https://github.com/snort3/snort3) Snort++
- [**793**Star][3m] [C] [wolfssl/wolfssl](https://github.com/wolfssl/wolfssl) wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
- [**793**Star][12d] [Py] [vesche/scanless](https://github.com/vesche/scanless) online port scan scraper
- [**792**Star][10d] [C] [pmem/pmdk](https://github.com/pmem/pmdk) Persistent Memory Development Kit
- [**792**Star][15d] [C++] [google/rowhammer-test](https://github.com/google/rowhammer-test) Test DRAM for bit flips caused by the rowhammer problem
- [**791**Star][13d] [JS] [odota/web](https://github.com/odota/web) React web interface for the OpenDota platform
- [**791**Star][10d] [C++] [squid-cache/squid](https://github.com/squid-cache/squid) Squid Web Proxy Cache
- [**791**Star][3m] [leezj9671/pentest_interview](https://github.com/leezj9671/pentest_interview) pentest interview experience
- [**791**Star][10d] [Py] [devttys0/ida](https://github.com/devttys0/ida) Collection of IDA Python plugins/scripts/modules.


    - [wpsearch](https://github.com/devttys0/ida/blob/master/scripts/wpsearch.py) Searches for immediate values commonly founds in MIPS WPS checksum implementations.
    - [md5hash](https://github.com/devttys0/ida/tree/master/modules/md5hash) A sample implementation of MD5 in pure Python
    - [alleycat](https://github.com/devttys0/ida/tree/master/plugins/alleycat) Finds paths to a given code block inside a function; Finds paths between two or more functions; Generates interactive call graphs
    - [codatify](https://github.com/devttys0/ida/tree/master/plugins/codatify) Defines ASCII-strings/functions/code that IDA's auto analysis missed; Converts all undefined bytes in the data segment into DWORDs
    - [fluorescence](https://github.com/devttys0/ida/tree/master/plugins/fluorescence) Un/highlights function call instructions
    - [leafblower](https://github.com/devttys0/ida/tree/master/plugins/leafblower) Assists in identifying standard POSIX functions in MIPS/ARM code.
    - [localxrefs](https://github.com/devttys0/ida/tree/master/plugins/localxrefs) Finds references to any selected text from within the current function
    - [mipslocalvars](https://github.com/devttys0/ida/tree/master/plugins/mipslocalvars) Names stack variables used by the compiler for storing registers on the stack, simplifying stack data analysis (MIPS only)
    - [mipsrop](https://github.com/devttys0/ida/tree/master/plugins/mipsrop) Allows you to search for suitable ROP gadgets in MIPS executable code; Built-in methods to search for common ROP gadgets
    - [rizzo](https://github.com/devttys0/ida/tree/master/plugins/rizzo) Identifies and re-names functions between two or more IDBs
- [**791**Star][11d] [C++] [bareflank/hypervisor](https://github.com/bareflank/hypervisor) lightweight hypervisor SDK written in C++ with support for Windows, Linux and UEFI
- [**790**Star][13d] [Assembly] [xoreaxeaxeax/sinkhole](https://github.com/xoreaxeaxeax/sinkhole) Architectural privilege escalation on x86
- [**789**Star][7d] [Py] [misterbianco/boopsuite](https://github.com/MisterBianco/BoopSuite) 无线审计与安全测试
- [**789**Star][4m] [Py] [snovvcrash/usbrip](https://github.com/snovvcrash/usbrip) Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
- [**789**Star][15d] [masatokinugawa/filterbypass](https://github.com/masatokinugawa/filterbypass) Browser's XSS Filter Bypass Cheat Sheet
- [**789**Star][7m] [Py] [kevthehermit/ratdecoders](https://github.com/kevthehermit/ratdecoders) Python Decoders for Common Remote Access Trojans
- [**789**Star][2y] [C] [ele7enxxh/android-inline-hook](https://github.com/ele7enxxh/android-inline-hook) thumb16 thumb32 arm32 inlineHook in Android
- [**788**Star][3y] [Py] [secretsquirrel/bdfproxy](https://github.com/secretsquirrel/bdfproxy) Patch Binaries via MITM: BackdoorFactory + mitmProxy. (NOT SUPPORTED)
- [**788**Star][5m] [C#] [cobbr/sharpsploit](https://github.com/cobbr/sharpsploit) SharpSploit is a .NET post-exploitation library written in C#
- [**787**Star][4m] [C++] [ysc3839/fontmod](https://github.com/ysc3839/fontmod) Simple hook tool to change Win32 program font.
- [**786**Star][7d] [Py] [puremourning/vimspector](https://github.com/puremourning/vimspector) vimspector - A multi-language debugging system for Vim
- [**786**Star][2y] [C++] [polysync/oscc](https://github.com/polysync/oscc) Open Source Car Control
- [**786**Star][10d] [Shell] [dokku/dokku-letsencrypt](https://github.com/dokku/dokku-letsencrypt) Automatic Let's Encrypt TLS Certificate installation for dokku
- [**786**Star][4m] [Py] [ashutosh1206/crypton](https://github.com/ashutosh1206/crypton) Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs
- [**784**Star][4m] [TS] [uwnetworkslab/uproxy-p2p](https://github.com/uwnetworkslab/uproxy-p2p) Internet without borders
- [**784**Star][10d] [Ruby] [rubysec/ruby-advisory-db](https://github.com/rubysec/ruby-advisory-db) A database of vulnerable Ruby Gems
- [**784**Star][3m] [C] [openvisualcloud/svt-av1](https://github.com/openvisualcloud/svt-av1) Welcome to the GitHub repo for the SVT-AV1! Help us grow the community by subscribing to our SVT-AV1 mailing list!
- [**783**Star][12d] [Py] [uber-common/metta](https://github.com/uber-common/metta) An information security preparedness tool to do adversarial simulation.
- [**783**Star][11m] [C] [neurobin/shc](https://github.com/neurobin/shc) Shell script compiler
- [**783**Star][5y] [C++] [denandz/keefarce](https://github.com/denandz/keefarce) Extracts passwords from a KeePass 2.x database, directly from memory.
- [**783**Star][11d] [Py] [cloudflare/bpftools](https://github.com/cloudflare/bpftools) BPF Tools - packet analyst toolkit
- [**782**Star][15d] [Py] [ztgrace/changeme](https://github.com/ztgrace/changeme) A default credential scanner.
- [**782**Star][8d] [Shell] [thecrypt0/yi-hack-v4](https://github.com/thecrypt0/yi-hack-v4) New Custom Firmware for Xiaomi Cameras based on Hi3518e Chipset. It features RTSP, SSH, FTP and more!
- [**782**Star][4y] [Go] [summitroute/osxlockdown](https://github.com/summitroute/osxlockdown) [No longer maintained] Apple OS X tool to audit for, and remediate, security configuration settings.
- [**781**Star][5m] [Java] [owasp/securityshepherd](https://github.com/owasp/securityshepherd) Web and mobile application security training platform
- [**781**Star][4m] [Py] [lgandx/pcredz](https://github.com/lgandx/pcredz) This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
- [**781**Star][10d] [Py] [iceyhexman/onlinetools](https://github.com/iceyhexman/onlinetools) 在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
- [**781**Star][10d] [Go] [esrrhs/pingtunnel](https://github.com/esrrhs/pingtunnel) 流量转发加速工具.a tool that advertises tcp/udp/socks5 traffic as icmp traffic for forwarding.
- [**780**Star][10d] [C] [meyerd/n2n](https://github.com/meyerd/n2n) A development branch of the n2n p2p vpn software
- [**780**Star][1y] [Py] [hlldz/spookflare](https://github.com/hlldz/spookflare) Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
- [**780**Star][12d] [amq/firefox-debloat](https://github.com/amq/firefox-debloat) Stop Firefox leaking data about you
- [**779**Star][2y] [Perl] [moham3driahi/th3inspector](https://github.com/moham3driahi/th3inspector) All in one tool for Information Gathering
- [**779**Star][6m] [HTML] [m4cs/babysploit](https://github.com/m4cs/babysploit) a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit
- [**779**Star][5m] [Py] [korcankaraokcu/pince](https://github.com/korcankaraokcu/pince) A reverse engineering tool that'll supply the place of Cheat Engine for linux
- [**778**Star][4m] [Py] [oddcod3/phantom-evasion](https://github.com/oddcod3/phantom-evasion) Python antivirus evasion tool
- [**778**Star][10d] [PHP] [joshdick/miniproxy](https://github.com/joshdick/miniproxy) 
- [**778**Star][2y] [Py] [greatsct/greatsct](https://github.com/greatsct/greatsct) generate metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions.
- [**777**Star][10d] [JS] [website-scraper/node-website-scraper](https://github.com/website-scraper/node-website-scraper) Download website to local directory (including all css, images, js, etc.)
- [**777**Star][16d] [JS] [micotton/dejavue](https://github.com/micotton/dejavue) Visualization and debugging tool built for Vue.js
- [**777**Star][14d] [C] [vvviperrr/simplert](https://github.com/vvviperrr/simplert) Simple Reverse Tethering utility for Android
- [**777**Star][11m] [PS] [hausec/adape-script](https://github.com/hausec/adape-script) Active Directory Assessment and Privilege Escalation Script
- [**776**Star][8d] [JS] [k1995/baiduyunspider](https://github.com/k1995/baiduyunspider) 百度云网盘搜索引擎，包含爬虫 & 网站
- [**776**Star][10d] [Py] [toolswatch/vfeed](https://github.com/toolswatch/vfeed) The Correlated CVE Vulnerability And Threat Intelligence Database API
- [**775**Star][13d] [Py] [keystone-engine/keypatch](https://github.com/keystone-engine/keypatch) Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.
- [**775**Star][9m] [Java] [isafeblue/trackray](https://github.com/isafeblue/trackray) 溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
- [**775**Star][4m] [C#] [bluestormdna/projectpsx](https://github.com/bluestormdna/projectpsx) Experimental C# Playstation Emulator
- [**774**Star][12d] [Py] [codereclaimers/neat-python](https://github.com/codereclaimers/neat-python) Python implementation of the NEAT neuroevolution algorithm
- [**773**Star][15d] [Py] [mubix/shellshocker-pocs](https://github.com/mubix/shellshocker-pocs) Collection of Proof of Concepts and Potential Targets for #ShellShocker
- [**772**Star][3m] [Py] [tib3rius/autorecon](https://github.com/tib3rius/autorecon) AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
- [**772**Star][10d] [C] [scanmem/scanmem](https://github.com/scanmem/scanmem) memory scanner for Linux
- [**772**Star][12d] [bit4woo/python_sec](https://github.com/bit4woo/python_sec) resource collection of python security and code review
- [**771**Star][10d] [Go] [pquerna/otp](https://github.com/pquerna/otp) One Time Password utilities Go
- [**771**Star][11d] [Py] [diyan/pywinrm](https://github.com/diyan/pywinrm) Python library for Windows Remote Management (WinRM)
- [**771**Star][2y] [Py] [d35m0nd142/lfisuite](https://github.com/d35m0nd142/lfisuite) Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
- [**771**Star][11d] [C++] [comaeio/porosity](https://github.com/comaeio/porosity) *UNMAINTAINED* Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts
- [**770**Star][14d] [Py] [the-robot/sqliv](https://github.com/the-robot/sqliv) massive SQL injection vulnerability scanner
- [**770**Star][11d] [HTML] [pagerduty/incident-response-docs](https://github.com/pagerduty/incident-response-docs) PagerDuty's Incident Response Documentation.
- [**768**Star][10d] [Go] [talkingdata/owl](https://github.com/talkingdata/owl) distributed monitoring system
- [**768**Star][10d] [Py] [mjg59/python-broadlink](https://github.com/mjg59/python-broadlink) Python module for controlling Broadlink RM2/3 (Pro) remote controls, A1 sensor platforms and SP2/3 smartplugs
- [**768**Star][10d] [Go] [google/gofuzz](https://github.com/google/gofuzz) Fuzz testing for go.
- [**767**Star][11d] [Java] [dadoonet/fscrawler](https://github.com/dadoonet/fscrawler) Elasticsearch File System Crawler (FS Crawler)
- [**767**Star][12d] [JS] [xl7dev/burpsuite](https://github.com/xl7dev/burpsuite) BurpSuite using the document and some extensions
- [**767**Star][14d] [C] [zerbea/hcxdumptool](https://github.com/zerbea/hcxdumptool) Small tool to capture packets from wlan devices.
- [**767**Star][12d] [ffffffff0x/digital-privacy](https://github.com/ffffffff0x/Digital-Privacy) 一个关于数字隐私搜集、保护、清理集一体的方案,外加开源信息收集(OSINT)对抗 (长期更新)
- [**767**Star][25d] [grugq/portal](https://github.com/grugq/portal) Personal Onion Router To Assure Liberty
- [**766**Star][5y] [Py] [shadowsocks/chinadns-python](https://github.com/shadowsocks/chinadns-python) Protect yourself against DNS poisoning in China.
- [**766**Star][12d] [Py] [averagesecurityguy/scripts](https://github.com/averagesecurityguy/scripts) Scripts I use during pentest engagements.
- [**765**Star][3m] [Py] [mobier/shadowsocksr-speed](https://github.com/mobier/shadowsocksr-speed) SSR 批量测试节点有效带宽
- [**765**Star][11d] [Py] [sc0tfree/mentalist](https://github.com/sc0tfree/mentalist) a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.
- [**765**Star][13d] [HTML] [rapid7/hackazon](https://github.com/rapid7/hackazon) A modern vulnerable web app
- [**765**Star][10d] [Py] [binarydefense/artillery](https://github.com/binarydefense/artillery) The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
- [**765**Star][13d] [andrewjkerr/security-cheatsheets](https://github.com/andrewjkerr/security-cheatsheets) A collection of useful cheatsheets for cheat that focuses on aiding security-type people with either security tools or popular UNIX programs.
- [**764**Star][7d] [Java] [pagalaxylab/yahfa](https://github.com/PAGalaxyLab/YAHFA) Yet Another Hook Framework for ART
- [**764**Star][15d] [C] [mempodippy/vlany](https://github.com/mempodippy/vlany) Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
- [**763**Star][10d] [Java] [threedr3am/learnjavabug](https://github.com/threedr3am/learnjavabug) Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
- [**763**Star][16d] [Swift] [cosmicmind/algorithm](https://github.com/cosmicmind/algorithm) Algorithm is a library of tools that is used to create intelligent applications.
- [**763**Star][3m] [PHP] [doganoo/phpalgorithms](https://github.com/doganoo/phpalgorithms) A collection of common algorithms implemented in PHP. The collection is based on "Cracking the Coding Interview" by Gayle Laakmann McDowell
- [**763**Star][10d] [Py] [salesforce/policy_sentry](https://github.com/salesforce/policy_sentry) IAM Least Privilege Policy Generator
- [**763**Star][10d] [PHP] [flozz/p0wny-shell](https://github.com/flozz/p0wny-shell) Single-file PHP shell
- [**762**Star][12d] [Go] [wspl/creeper](https://github.com/wspl/creeper) 
- [**762**Star][4m] [Java] [col-e/recaf](https://github.com/col-e/recaf) A modern Java bytecode editor
- [**761**Star][12d] [C#] [azzvx/gogotester](https://github.com/azzvx/gogotester) 
- [**761**Star][12d] [Py] [mushorg/conpot](https://github.com/mushorg/conpot) ICS/SCADA honeypot
- [**761**Star][1y] [Py] [mr-un1k0d3r/dkmc](https://github.com/mr-un1k0d3r/dkmc) DKMC - Dont kill my cat - Malicious payload evasion tool
- [**761**Star][10d] [C] [google/boringssl](https://github.com/google/boringssl) Mirror of BoringSSL
- [**760**Star][17d] [Java] [ebay/parallec](https://github.com/ebay/parallec) Fast Parallel Async HTTP/SSH/TCP/UDP/Ping Client Java Library. Aggregate 100,000 APIs & send anywhere in 20 lines of code. Ping/HTTP Calls 8000 servers in 12 seconds. (Akka)
- [**760**Star][11d] [C#] [tencent/injectfix](https://github.com/tencent/injectfix) InjectFix is a hot-fix solution library for Unity
- [**760**Star][13d] [PHP] [sektioneins/pcc](https://github.com/sektioneins/pcc) PHP Secure Configuration Checker
- [**760**Star][3y] [Py] [redballoonshenanigans/monitordarkly](https://github.com/redballoonshenanigans/monitordarkly) Poc, Presentation of Monitor OSD Exploitation, and shenanigans of high quality.
- [**760**Star][4m] [Py] [buffer/thug](https://github.com/buffer/thug) Python low-interaction honeyclient
- [**759**Star][4y] [HTML] [xyntax/1000php](https://github.com/xyntax/1000php) 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
- [**759**Star][11d] [C#] [uxmal/reko](https://github.com/uxmal/reko) Reko is a binary decompiler.
- [**759**Star][11d] [Py] [merrychap/shellen](https://github.com/merrychap/shellen) an interactive shellcoding environment.
- [**759**Star][8m] [JS] [mandatoryprogrammer/xsshunter](https://github.com/mandatoryprogrammer/xsshunter) The XSS Hunter service - a portable version of XSSHunter.com
- [**759**Star][3m] [Go] [cbeuw/goquiet](https://github.com/cbeuw/goquiet) A Shadowsocks obfuscation plugin utilising domain fronting to evade deep packet inspection
- [**759**Star][4m] [C] [andreiw/raspberrypipkg](https://github.com/andreiw/raspberrypipkg) 64-bit Tiano Core UEFI for the Raspberry Pi 3 (with devices, Linux, NetBSD, FreeBSD and Windows on Arm!)
- [**758**Star][8m] [C#] [harleyqu1nn/aggressorscripts](https://github.com/harleyqu1nn/aggressorscripts) Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
- [**757**Star][3m] [HTML] [owasp/asvs](https://github.com/owasp/asvs) Application Security Verification Standard
- [**756**Star][10d] [clarketm/proxy-list](https://github.com/clarketm/proxy-list) A list of free, public, forward proxy servers. UPDATED DAILY!
- [**755**Star][14d] [JS] [fritx/wxbot](https://github.com/fritx/wxbot) 普通个人号 微信机器人/外挂
- [**755**Star][15d] [JS] [zone117x/node-cryptonote-pool](https://github.com/zone117x/node-cryptonote-pool) Mining pool for CryptoNote based coins such as Bytecoin and Monero
- [**755**Star][13d] [C] [unamer/vmware_escape](https://github.com/unamer/vmware_escape) VMware Escape Exploit before VMware WorkStation 12.5.5
- [**754**Star][12d] [JS] [ranisalt/node-argon2](https://github.com/ranisalt/node-argon2) Node.js bindings for Argon2 hashing algorithm
- [**754**Star][19d] [Py] [eastee/rebreakcaptcha](https://github.com/eastee/rebreakcaptcha) A logic vulnerability, dubbed ReBreakCaptcha, which lets you easily bypass Google's ReCaptcha v2 anywhere on the web
- [**753**Star][3y] [PHP] [googleinurl/scanner-inurlbr](https://github.com/googleinurl/scanner-inurlbr) Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
- [**753**Star][8d] [C] [gentilkiwi/wanakiwi](https://github.com/gentilkiwi/wanakiwi) Automated wanadecrypt with key recovery if lucky
- [**752**Star][19d] [Go] [pforemski/dingo](https://github.com/pforemski/dingo) A DNS client in Go that supports Google DNS over HTTPS
- [**752**Star][5y] [ObjC] [kjcracks/yololib](https://github.com/kjcracks/yololib) dylib injector for mach-o binaries
- [**752**Star][13d] [Lua] [cldrn/nmap-nse-scripts](https://github.com/cldrn/nmap-nse-scripts) My collection of nmap NSE scripts
- [**751**Star][1y] [Py] [infobyte/spoilerwall](https://github.com/infobyte/spoilerwall) Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
- [**751**Star][10d] [C] [antirez/hping](https://github.com/antirez/hping) send custom TCP/IP	packets and to display target replies like ping do with	ICMP replies
- [**750**Star][11d] [Shell] [cleafy/sxkdvm](https://github.com/cleafy/sxkdvm) SXKDVM - OSX Docker KVM / Run an OSX KVM virtual machine inside a Docker container.
- [**750**Star][21d] [C] [yrp604/rappel](https://github.com/yrp604/rappel) A linux-based assembly REPL for x86, amd64, armv7, and armv8
- [**750**Star][7d] [vasanthk/web-security-basics](https://github.com/vasanthk/web-security-basics) Web security concepts
- [**750**Star][3m] [C#] [outflanknl/evilclippy](https://github.com/outflanknl/evilclippy) A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
- [**749**Star][16d] [Go] [jiajunhuang/guard](https://github.com/jiajunhuang/guard) NOT MAINTAINED! A generic high performance circuit breaker & proxy server written in Go
- [**748**Star][2m] [C++] [zerovm/zerovm](https://github.com/zerovm/zerovm) Open-source lightweight virtualization platform
- [**748**Star][4m] [Kotlin] [mygod/vpnhotspot](https://github.com/mygod/vpnhotspot) Share your VPN connection over hotspot or repeater! (root required)
- [**747**Star][12d] [C++] [ionescu007/lxss](https://github.com/ionescu007/lxss) Fun with the Windows Subsystem for Linux (WSL/LXSS)
- [**747**Star][10m] [C++] [darthton/xenos](https://github.com/darthton/xenos) Windows dll injector
- [**746**Star][2y] [Swift] [novatecconsulting/facerecognition-in-arkit](https://github.com/novatecconsulting/facerecognition-in-arkit) Detects faces using the Vision-API and runs the extracted face through a CoreML-model to identiy the specific persons.
- [**746**Star][11d] [Py] [fox-it/mitm6](https://github.com/fox-it/mitm6) exploits the default configuration of Windows to take over the default DNS server
- [**745**Star][1y] [C] [ztane/python-levenshtein](https://github.com/ztane/python-levenshtein) The Levenshtein Python C extension module contains functions for fast computation of Levenshtein distance and string similarity
- [**745**Star][5m] [YARA] [rednaga/apkid](https://github.com/rednaga/apkid) Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
- [**745**Star][4m] [C] [iaik/zombieload](https://github.com/iaik/zombieload) Proof-of-concept for the ZombieLoad attack
- [**744**Star][10d] [Go] [hyperhq/runv](https://github.com/hyperhq/runv) Hypervisor-based Runtime for OCI
- [**744**Star][2y] [C#] [eladshamir/internal-monologue](https://github.com/eladshamir/internal-monologue) Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
- [**743**Star][14d] [Py] [fffonion/xunlei-fastdick](https://github.com/fffonion/xunlei-fastdick) 迅雷快鸟 Xunlei Network Accelerator For Router
- [**743**Star][7d] [C++] [xoreos/xoreos](https://github.com/xoreos/xoreos) A reimplementation of BioWare's Aurora engine (and derivatives). Pre-pre-alpha :P
- [**743**Star][10d] [Go] [tomnomnom/httprobe](https://github.com/tomnomnom/httprobe) Take a list of domains and probe for working HTTP and HTTPS servers
- [**743**Star][18d] [C++] [stealth/sshttp](https://github.com/stealth/sshttp) SSH/HTTP(S) multiplexer. Run a webserver and a sshd on the same port w/o changes.
- [**743**Star][4m] [Py] [idapython/src](https://github.com/idapython/src) IDAPython project for Hex-Ray's IDA Pro
- [**742**Star][10d] [PHP] [spatie/laravel-uptime-monitor](https://github.com/spatie/laravel-uptime-monitor) A powerful and easy to configure uptime and ssl monitor
- [**742**Star][10d] [C] [malcolmrobb/dump1090](https://github.com/malcolmrobb/dump1090) Dump1090 is a simple Mode S decoder for RTLSDR devices
- [**742**Star][4m] [Go] [dliv3/venom](https://github.com/dliv3/venom) Venom - A Multi-hop Proxy for Penetration Testers
- [**741**Star][6m] [C++] [tandasat/hyperplatform](https://github.com/tandasat/hyperplatform) Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
- [**741**Star][10d] [Assembly] [cirosantilli/x86-assembly-cheat](https://github.com/cirosantilli/x86-assembly-cheat) the bulk of the x86 instruction examples with assertions.
- [**740**Star][10d] [HTML] [v2ray/manual](https://github.com/v2ray/manual) Source code for
- [**740**Star][3m] [JS] [sadeghhayeri/greentunnel](https://github.com/sadeghhayeri/greentunnel) Green Tunnel is an anti-censorship utility designed to bypass DPI system that are put in place by various ISPs to block access to certain websites.
- [**740**Star][10d] [TeX] [owasp/owasp-masvs](https://github.com/owasp/owasp-masvs) The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
- [**740**Star][15d] [C] [nuand/bladerf](https://github.com/nuand/bladerf) bladeRF USB 3.0 Superspeed Software Defined Radio Source Code
- [**740**Star][2y] [Java] [d3vilbug/hackbar](https://github.com/d3vilbug/hackbar) HackBar plugin for Burpsuite
- [**739**Star][11d] [Go] [cbednarski/hostess](https://github.com/cbednarski/hostess) An idempotent command-line utility for managing your /etc/hosts file.
- [**738**Star][15d] [PS] [arvanaghi/sessiongopher](https://github.com/Arvanaghi/SessionGopher)  a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
- [**738**Star][4m] [Py] [globaleaks/globaleaks](https://github.com/globaleaks/globaleaks) The Open-Source Whistleblowing Software
- [**738**Star][4m] [Py] [giacomolaw/keylogger](https://github.com/giacomolaw/keylogger) A simple keylogger for Windows, Linux and Mac
- [**738**Star][13d] [C++] [cebix/macemu](https://github.com/cebix/macemu) Basilisk II and SheepShaver Macintosh emulators
- [**737**Star][4m] [Java] [wrbug/developerhelper](https://github.com/wrbug/developerhelper) 帮助开发人员快速开发的工具
- [**737**Star][10d] [C++] [henrypp/memreduct](https://github.com/henrypp/memreduct) Lightweight real-time memory management application to monitor and clean system memory on your computer.
- [**737**Star][13d] [Java] [gcssloop/encrypt](https://github.com/gcssloop/encrypt) [暂停维护]Android 加密解密工具包。
- [**737**Star][5y] [Py] [androbugs/androbugs_framework](https://github.com/androbugs/androbugs_framework) AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
- [**736**Star][11d] [Py] [ricterz/genpass](https://github.com/ricterz/genpass) 中国特色的弱口令生成器
- [**736**Star][2y] [Py] [rfunix/pompem](https://github.com/rfunix/pompem) Find exploit tool
- [**735**Star][13d] [JS] [scrapingdance/jspider](https://github.com/scrapingdance/JSpider) JSpider会每周更新至少一个网站的JS解密方式，欢迎 Star，交流微信：13298307816
- [**735**Star][12m] [Py] [zyantific/idaskins](https://github.com/zyantific/idaskins) Plugin providing advanced skinning support for IDA Pro utilizing Qt stylesheets, similar to CSS.
- [**735**Star][10d] [C++] [tasvideos/desmume](https://github.com/tasvideos/desmume) DeSmuME is a Nintendo DS emulator
- [**735**Star][1y] [sandboxescaper/polarbearrepo](https://github.com/sandboxescaper/polarbearrepo) 
- [**735**Star][10m] [Py] [rhinosecuritylabs/security-research](https://github.com/rhinosecuritylabs/security-research) Exploits written by the Rhino Security Labs team
- [**735**Star][3m] [Py] [felipessalvatore/self_driving_pi_car](https://github.com/felipessalvatore/self_driving_pi_car) A deep neural network based self-driving car, that combines Lego Mindstorms NXT with the computational power of a Raspberry Pi 3.
- [**735**Star][17d] [Py] [f-secure/see](https://github.com/f-secure/see) a framework for building test automation in secured Environments
- [**734**Star][10d] [Py] [ramsayleung/jd_spider](https://github.com/ramsayleung/jd_spider) 两只蠢萌京东的分布式爬虫.
- [**734**Star][10d] [Py] [ramsayleung/jd_spider](https://github.com/ramsayleung/jd_spider) 两只蠢萌京东的分布式爬虫.
- [**734**Star][7m] [C++] [facebook/threatexchange](https://github.com/facebook/threatexchange) Share threat information with vetted partners
- [**734**Star][11d] [Go] [cloudflare/cloudflared](https://github.com/cloudflare/cloudflared) Argo Tunnel client
- [**733**Star][11d] [Java] [ron190/jsql-injection](https://github.com/ron190/jsql-injection) a Java application for automatic SQL database injection.
- [**733**Star][10d] [C] [justinsteven/dostackbufferoverflowgood](https://github.com/justinsteven/dostackbufferoverflowgood) The Presentation and Tutorial for Cross-Site Scripters Who Can't Stack Buffer Overflow Good and Want to Do Other Stuff Good Too
- [**732**Star][12d] [Py] [ynsta/steamcontroller](https://github.com/ynsta/steamcontroller) Standalone Steam Controller Driver
- [**732**Star][12d] [Py] [gquere/pwn_jenkins](https://github.com/gquere/pwn_jenkins) Notes about attacking Jenkins servers
- [**732**Star][11d] [Dockerfile] [aquasecurity/microscanner](https://github.com/aquasecurity/microscanner) Scan your container images for package vulnerabilities with Aqua Security
- [**731**Star][7d] [Py] [virt-manager/virt-manager](https://github.com/virt-manager/virt-manager) Desktop tool for managing virtual machines via libvirt
- [**731**Star][3y] [Swift] [kevincoble/aitoolbox](https://github.com/kevincoble/aitoolbox) A toolbox of AI modules written in Swift: Graphs/Trees, Support Vector Machines, Neural Networks, PCA, K-Means, Genetic Algorithms
- [**731**Star][4m] [Perl] [inverse-inc/packetfence](https://github.com/inverse-inc/packetfence) a fully supported, trusted, Free and Open Source network access control (NAC) solution
- [**731**Star][13d] [Jupyter Notebook] [anishathalye/obfuscated-gradients](https://github.com/anishathalye/obfuscated-gradients) Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
- [**730**Star][13d] [Shell] [cyclenerd/ethereum_nvidia_miner](https://github.com/cyclenerd/ethereum_nvidia_miner) 
- [**730**Star][22d] [Go] [puerkitobio/fetchbot](https://github.com/puerkitobio/fetchbot) A simple and flexible web crawler that follows the robots.txt policies and crawl delays.
- [**730**Star][13d] [snifer/security-cheatsheets](https://github.com/snifer/security-cheatsheets) A collection of cheatsheets for various infosec tools and topics.
- [**730**Star][4m] [C#] [mganss/htmlsanitizer](https://github.com/mganss/htmlsanitizer) Cleans HTML to avoid XSS attacks
- [**730**Star][1y] [PS] [l0ss/grouper](https://github.com/l0ss/grouper) A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
- [**729**Star][1m] [ObjC] [unixpickle/jamwifi](https://github.com/unixpickle/jamwifi) A GUI, easy to use WiFi network jammer for Mac OS X
- [**729**Star][14d] [Py] [alex/letsencrypt-aws](https://github.com/alex/letsencrypt-aws) a program that can be run in the background which automatically provisions and updates certificates on your AWS infrastructure using the AWS APIs and Let's Encrypt.
- [**728**Star][11d] [Py] [quentinhardy/odat](https://github.com/quentinhardy/odat) Oracle Database Attacking Tool
- [**728**Star][12d] [Py] [pyupio/safety](https://github.com/pyupio/safety) Safety checks your installed dependencies for known security vulnerabilities
- [**728**Star][1y] [Py] [mr-un1k0d3r/powerlessshell](https://github.com/mr-un1k0d3r/powerlessshell) rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe.
- [**728**Star][18d] [JS] [mozilla/node-client-sessions](https://github.com/mozilla/node-client-sessions) secure sessions stored in cookies
- [**728**Star][18d] [C++] [marcominetti/node-memwatch](https://github.com/marcominetti/node-memwatch) A NodeJS library to keep an eye on your memory usage, and discover and isolate leaks.
- [**728**Star][4m] [Py] [grayddq/gscan](https://github.com/grayddq/gscan) 本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。
- [**728**Star][4m] [C#] [ghostpack/rubeus](https://github.com/ghostpack/rubeus) a C# toolset for raw Kerberos interaction and abuses.
- [**728**Star][10d] [Py] [droope/droopescan](https://github.com/droope/droopescan) A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
- [**728**Star][1m] [Ruby] [chaps-io/access-granted](https://github.com/chaps-io/access-granted) Multi-role and whitelist based authorization gem for Rails (and not only Rails!)
- [**728**Star][2y] [Py] [bugscanteam/dnslog](https://github.com/bugscanteam/dnslog) 监控 DNS 解析记录和 HTTP 访问记录的工具。
- [**727**Star][10d] [Py] [glasgowembedded/glasgow](https://github.com/GlasgowEmbedded/glasgow) Scots Army Knife for electronics
- [**727**Star][2y] [C#] [p3nt4/powershdll](https://github.com/p3nt4/powershdll) Run PowerShell with rundll32. Bypass software restrictions.
- [**727**Star][2y] [JS] [melonproject/oyente](https://github.com/melonproject/oyente) An Analysis Tool for Smart Contracts
- [**726**Star][11d] [dsasmblr/hacking-online-games](https://github.com/dsasmblr/hacking-online-games) A curated list of tutorials/resources for hacking online games.
- [**726**Star][11m] [Py] [adamlaurie/rfidiot](https://github.com/adamlaurie/rfidiot) python RFID / NFC library & tools
- [**725**Star][4m] [Java] [rover12421/shakaapktool](https://github.com/rover12421/shakaapktool) ShakaApktool
- [**724**Star][10d] [Elixir] [fredwu/crawler](https://github.com/fredwu/crawler) A high performance web crawler in Elixir.
- [**724**Star][16d] [Py] [madeye/sssniff](https://github.com/madeye/sssniff) ShadowSocks(SS) traffic sniffer
- [**724**Star][4m] [Py] [kevthehermit/pastehunter](https://github.com/kevthehermit/pastehunter) Scanning pastebin with yara rules
- [**724**Star][11d] [Dockerfile] [emk/rust-musl-builder](https://github.com/emk/rust-musl-builder) Docker images for compiling static Rust binaries using musl-libc and musl-gcc, with static versions of useful C libraries. Supports openssl and diesel crates.
- [**724**Star][1y] [PHP] [defuse/password-hashing](https://github.com/defuse/password-hashing) Password hashing code.
- [**724**Star][3m] [Shell] [1n3/brutex](https://github.com/1n3/brutex) Automatically brute force all services running on a target.
- [**723**Star][7d] [OCaml] [moby/vpnkit](https://github.com/moby/vpnkit) A toolkit for embedding VPN capabilities in your application
- [**723**Star][14d] [Java] [lionsoul2014/jcseg](https://github.com/lionsoul2014/jcseg) Jcseg is a light weight NLP framework developed with Java. Provide CJK and English segmentation based on MMSEG algorithm, With also keywords extraction, key sentence extraction, summary extraction implemented based on TEXTRANK algorithm. Jcseg had a build-in http server and search modules for the latest lucene,solr,elasticsearch
- [**723**Star][1y] [C] [hfiref0x/tdl](https://github.com/hfiref0x/tdl) Driver loader for bypassing Windows x64 Driver Signature Enforcement
- [**722**Star][12d] [Py] [kezhenxu94/house-renting](https://github.com/kezhenxu94/house-renting) Possibly the best practice of Scrapy
- [**721**Star][7d] [Py] [librauee/reptile](https://github.com/librauee/reptile) 一些爬虫的学习实例和自己的爬虫实战汇总
- [**721**Star][18d] [Ruby] [brunofacca/active-record-query-trace](https://github.com/brunofacca/active-record-query-trace) Rails plugin that logs/displays a backtrace of all SQL queries executed by Active Record
- [**721**Star][10d] [ugvf2009/miles](https://github.com/ugvf2009/miles) 二爷翻墙，专注翻墙30年，但没有掌握核心科技，一切已经开始！^_^
- [**721**Star][10d] [Py] [witten/borgmatic](https://github.com/witten/borgmatic) Simple, configuration-driven backup software for servers and workstations
- [**720**Star][8d] [Go] [vouch/vouch-proxy](https://github.com/vouch/vouch-proxy) an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
- [**720**Star][10d] [Go] [honeytrap/honeytrap](https://github.com/honeytrap/honeytrap) Advanced Honeypot framework.
- [**720**Star][12d] [C] [eleme/corvus](https://github.com/eleme/corvus) A fast and lightweight Redis Cluster Proxy for Redis 3.0
- [**719**Star][16d] [C] [vmt/udis86](https://github.com/vmt/udis86) Disassembler Library for x86 and x86-64
- [**719**Star][12d] [Go] [moul/sshportal](https://github.com/moul/sshportal) Transparent SSH bastion
- [**719**Star][10d] [Go] [louketo/louketo-proxy](https://github.com/louketo/louketo-proxy) A OpenID / Proxy service
- [**718**Star][22d] [Eagle] [ytai/ioio](https://github.com/ytai/ioio) Software, firmware and hardware of the IOIO - I/O for Android
- [**718**Star][10d] [Go] [sensepost/gowitness](https://github.com/sensepost/gowitness)  a website screenshot utility written in Golang
- [**717**Star][4m] [Scala] [linkedin/photon-ml](https://github.com/linkedin/photon-ml) A scalable machine learning library on Apache Spark
- [**717**Star][15d] [C] [mohuihui/antispy](https://github.com/mohuihui/antispy) AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
- [**716**Star][10d] [Py] [x-spiders/aiss-spider](https://github.com/x-spiders/aiss-spider) 爱丝APP图片爬虫，以及免支付破解VIP看图
- [**716**Star][11d] [C++] [zrax/pycdc](https://github.com/zrax/pycdc) C++ python bytecode disassembler and decompiler
- [**716**Star][7d] [Roff] [palantir/windows-event-forwarding](https://github.com/palantir/windows-event-forwarding) A repository for using windows event forwarding for incident detection and response
- [**716**Star][15d] [kristate/krackinfo](https://github.com/kristate/krackinfo) Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack)
- [**716**Star][13d] [Py] [kbandla/dpkt](https://github.com/kbandla/dpkt) fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
- [**715**Star][11d] [Py] [jhaddix/domain](https://github.com/jhaddix/domain) Setup script for Regon-ng
- [**715**Star][4m] [CSS] [caspartse/qq-groups-spider](https://github.com/caspartse/qq-groups-spider) QQ Groups Spider
- [**715**Star][4m] [bypass007/safety-project-collection](https://github.com/bypass007/safety-project-collection) 收集一些比较优秀的开源安全项目，以帮助甲方安全从业人员构建企业安全能力。
- [**715**Star][10d] [Go] [bradleyjkemp/grpc-tools](https://github.com/bradleyjkemp/grpc-tools) A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.
- [**715**Star][13d] [bloodzer0/ossa](https://github.com/bloodzer0/ossa) Open-Source Security Architecture | 开源安全架构
- [**715**Star][4m] [Py] [blackorbird/apt_report](https://github.com/blackorbird/apt_report) Interesting apt report collection and some special ioc express
- [**714**Star][10d] [Py] [zhzyker/exphub](https://github.com/zhzyker/exphub) Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat的漏洞利用脚本，优先更新高危且易利用的漏洞利用脚本，最新添加CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2019-17558、CVE-2019-6340
- [**714**Star][14d] [Py] [jazzband/django-axes](https://github.com/jazzband/django-axes) Keep track of failed login attempts in Django-powered sites.
- [**714**Star][3y] [Py] [google/ssl_logger](https://github.com/google/ssl_logger) Decrypts and logs a process's SSL traffic.
- [**713**Star][10d] [JS] [theori-io/pwnjs](https://github.com/theori-io/pwnjs) A Javascript library for browser exploitation
- [**713**Star][3y] [PS] [samratashok/kautilya](https://github.com/samratashok/kautilya) a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests.
- [**713**Star][11d] [Py] [maqp/tfc](https://github.com/maqp/tfc) Tinfoil Chat - Onion-routed, endpoint secure messaging system
- [**713**Star][2m] [JS] [crits/crits](https://github.com/crits/crits)  Collaborative Research Into Threats
- [**712**Star][3m] [Shell] [valvesoftware/steam-runtime](https://github.com/valvesoftware/steam-runtime) A runtime environment for Steam applications
- [**712**Star][12d] [praetorian-code/hob0rules](https://github.com/praetorian-code/Hob0Rules) Password cracking rules for Hashcat based on statistics and industry patterns
- [**712**Star][11d] [C++] [thingpulse/esp8266-weather-station](https://github.com/ThingPulse/esp8266-weather-station) ESP8266 Weather Station library supporting OpenWeatherMap, Aeris and other sources
- [**712**Star][3y] [PHP] [xl7dev/webshell](https://github.com/xl7dev/webshell) Webshell && Backdoor Collection
- [**712**Star][5m] [C] [utox/utox](https://github.com/utox/utox) µTox the lightest and fluffiest Tox client
- [**712**Star][2y] [JS] [sytelus/cryptojs](https://github.com/sytelus/cryptojs) This is unmodified copy of Google Code hosted CryptoJS project. CryptoJS is a growing collection of standard and secure cryptographic algorithms implemented in JavaScript using best practices and patterns. They are fast, and they have a consistent and simple interface.
- [**712**Star][2m] [Go] [sidkshatriya/dontbug](https://github.com/sidkshatriya/dontbug) Dontbug is a reverse debugger for PHP
- [**712**Star][3y] [Py] [sensepost/det](https://github.com/sensepost/det) a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time.
- [**712**Star][14d] [C++] [nicehash/nheqminer](https://github.com/nicehash/nheqminer) Equihash miner for NiceHash
- [**712**Star][1m] [Py] [gunnery/gunnery](https://github.com/gunnery/gunnery) Remote task execution tool
- [**712**Star][12d] [C++] [google/certificate-transparency](https://github.com/google/certificate-transparency) Auditing for TLS certificates.
- [**712**Star][10d] [Py] [aploium/shootback](https://github.com/aploium/shootback) a reverse TCP tunnel let you access target behind NAT or firewall
- [**712**Star][2y] [C] [1n3/privesc](https://github.com/1n3/privesc) A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
- [**711**Star][12d] [waf-project/waf](https://github.com/waf-project/waf) Moved to
- [**711**Star][3m] [Java] [peergos/peergos](https://github.com/peergos/peergos) A decentralised, secure file storage and social network
- [**711**Star][10d] [C] [gdabah/distorm](https://github.com/gdabah/distorm) Powerful Disassembler Library For x86/AMD64
- [**710**Star][4m] [Py] [rabbitmask/weblogicscan](https://github.com/rabbitmask/weblogicscan) Weblogic一键漏洞检测工具，V1.3
- [**710**Star][10d] [JS] [nccgroup/house](https://github.com/nccgroup/house) A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
- [**710**Star][3y] [PS] [gimini/powermemory](https://github.com/gimini/powermemory) Exploit the credentials present in files and memory
- [**710**Star][10m] [CSS] [ajinabraham/cmsscan](https://github.com/ajinabraham/cmsscan) Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
- [**709**Star][11d] [JS] [asvd/jailed](https://github.com/asvd/jailed) execute untrusted code with custom permissions
- [**709**Star][10d] [JS] [zyfworks/steam-key](https://github.com/zyfworks/steam-key) Online activation tool for Steam.
- [**709**Star][17d] [netflix/security-bulletins](https://github.com/netflix/security-bulletins) Security Bulletins that relate to Netflix Open Source
- [**709**Star][3m] [Dockerfile] [jakzal/phpqa](https://github.com/jakzal/phpqa) Docker image that provides static analysis tools for PHP
- [**709**Star][10d] [Go] [aarzilli/gdlv](https://github.com/aarzilli/gdlv) GUI frontend for Delve
- [**708**Star][3m] [Shell] [jawj/ikev2-setup](https://github.com/jawj/ikev2-setup) Set up Ubuntu Server 18.04 as an IKEv2 VPN server
- [**708**Star][11d] [0kee-team/crawlergo](https://github.com/0kee-team/crawlergo) A powerful dynamic crawler for web vulnerability scanners
- [**708**Star][11d] [Py] [fhamborg/news-please](https://github.com/fhamborg/news-please) news-please - an integrated web crawler and information extractor for news that just works.
- [**708**Star][12m] [Py] [paranoidninja/carboncopy](https://github.com/paranoidninja/carboncopy) A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
- [**708**Star][11d] [offensive-security/kali-arm-build-scripts](https://github.com/offensive-security/kali-arm-build-scripts) Kali Linux ARM build scripts
- [**708**Star][3m] [Java] [ganyao114/sandhook](https://github.com/ganyao114/sandhook) Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
- [**708**Star][11d] [Py] [galkan/crowbar](https://github.com/galkan/crowbar) brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
- [**708**Star][10d] [denji/golang-tls](https://github.com/denji/golang-tls) Simple Golang HTTPS/TLS Examples
- [**707**Star][11d] [R] [johnmyleswhite/banditsbook](https://github.com/johnmyleswhite/banditsbook) Code for my book on Multi-Armed Bandit Algorithms
- [**707**Star][7d] [Py] [simplysecurity/simplyemail](https://github.com/SimplySecurity/SimplyEmail) Email recon made fast and easy, with a framework to build on
- [**707**Star][11d] [PHP] [mm0r1/exploits](https://github.com/mm0r1/exploits) Pwn stuff.
- [**707**Star][1y] [HTML] [juansacco/exploitpack](https://github.com/juansacco/exploitpack) Exploit Pack -The next generation exploit framework
- [**706**Star][7d] [Go] [yggdrasil-network/yggdrasil-go](https://github.com/yggdrasil-network/yggdrasil-go) An experiment in scalable routing as an encrypted IPv6 overlay network
- [**706**Star][4m] [C] [shadow/shadow](https://github.com/shadow/shadow) Shadow is a unique discrete-event network simulator that runs real applications like Tor, and distributed systems of thousands of nodes on a single machine. Shadow combines the accuracy of emulation with the efficiency and control of simulation, achieving the best of both approaches.
- [**706**Star][4m] [C#] [multipoolminer/multipoolminer](https://github.com/multipoolminer/multipoolminer) Monitors crypto mining pools in real-time in order to find the most profitable for your machine. Controls any miner that is available via command line.
- [**706**Star][2y] [JS] [maluen/backbone-debugger](https://github.com/maluen/backbone-debugger) Chrome Developer Tools extension for debugging Backbone.js applications
- [**705**Star][11d] [Py] [mtianyan/funpyspidersearchengine](https://github.com/mtianyan/funpyspidersearchengine) Scrapy 1.6.0爬取数据 + ElasticSearch6.8.0+Django2.2搜索引擎
- [**705**Star][8d] [C] [samdenty/wi-pwn](https://github.com/samdenty/Wi-PWN)  performs deauth attacks on cheap Arduino boards
- [**705**Star][14d] [Java] [vulnerscom/burp-vulners-scanner](https://github.com/vulnerscom/burp-vulners-scanner) Burp Suite scanner plugin based on Vulners.com vulnerability database API
- [**705**Star][11d] [C] [tgraf/bmon](https://github.com/tgraf/bmon) bandwidth monitor and rate estimator
- [**705**Star][10d] [JS] [handshake-org/hsd](https://github.com/handshake-org/hsd) Handshake Daemon & Full Node
- [**704**Star][3m] [Py] [yoongikim/autocrawler](https://github.com/yoongikim/autocrawler) Google, Naver multiprocess image web crawler (Selenium)
- [**704**Star][16d] [Batchfile] [ufologist/onekey-decompile-apk](https://github.com/ufologist/onekey-decompile-apk) onekey decompile apk
- [**704**Star][4m] [C++] [nodejs/node-addon-api](https://github.com/nodejs/node-addon-api) Module for using N-API from C++
- [**704**Star][10d] [JS] [iddoeldor/frida-snippets](https://github.com/iddoeldor/frida-snippets) Hand-crafted Frida examples
- [**704**Star][2m] [Java] [google/conscrypt](https://github.com/google/conscrypt) Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
- [**703**Star][1y] [C#] [wwillv/godofhacker](https://github.com/wwillv/godofhacker) 黑客神器
- [**703**Star][11d] [Py] [alichtman/stronghold](https://github.com/alichtman/stronghold) Easily configure macOS security settings from the terminal.
- [**703**Star][11d] [Go] [0x09al/raven](https://github.com/0x09al/raven) a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.
- [**702**Star][10d] [C] [open-sdr/openwifi](https://github.com/open-sdr/openwifi) open-source IEEE802.11/Wi-Fi baseband chip/FPGA design
- [**702**Star][3y] [yichengchen/shadowsocksx-r](https://github.com/yichengchen/shadowsocksx-r) Next Generation of ShadowsocksX
- [**702**Star][4m] [ptresearch/attackdetection](https://github.com/ptresearch/attackdetection) searches for new vulnerabilities and 0-days, reproduces it and creates PoC exploits to understand how these security flaws work and how related attacks can be detected on the network layer
- [**701**Star][26d] [Ruby] [phatworx/devise_security_extension](https://github.com/phatworx/devise_security_extension) An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.
- [**700**Star][3m] [Rust] [mullvad/mullvadvpn-app](https://github.com/mullvad/mullvadvpn-app) The Mullvad VPN client app for desktop and mobile
- [**700**Star][10m] [C++] [stealth/opmsg](https://github.com/stealth/opmsg) opmsg message encryption
- [**700**Star][14d] [Py] [klen/pylama](https://github.com/klen/pylama) Code audit tool for python.
- [**700**Star][16d] [JS] [karpathy/tsnejs](https://github.com/karpathy/tsnejs) Implementation of t-SNE visualization algorithm in Javascript.
- [**700**Star][10d] [Java] [joychou93/java-sec-code](https://github.com/joychou93/java-sec-code) Java web common vulnerabilities and security code which is base on springboot and spring security
- [**700**Star][8d] [jeanphorn/wordlist](https://github.com/jeanphorn/wordlist) Collection of some common wordlists such as RDP password, user name list, ssh password wordlist for brute force. IP Cameras Default Passwords.
- [**700**Star][14d] [R] [google/rappor](https://github.com/google/rappor) RAPPOR: Privacy-Preserving Reporting Algorithms
- [**699**Star][10d] [fabacab/awesome-cybersecurity-blueteam](https://github.com/fabacab/awesome-cybersecurity-blueteam) 
- [**699**Star][2m] [Shell] [dmarmor/epichrome](https://github.com/dmarmor/epichrome) An application and Chrome extension for creating web-based applications that work like standalone Mac apps.
- [**699**Star][5m] [404notf0und/ai-for-security-learning](https://github.com/404notf0und/ai-for-security-learning) 安全场景、基于AI的安全算法和安全数据分析学习资料整理
- [**698**Star][13d] [C] [saelo/pwn2own2018](https://github.com/saelo/pwn2own2018) Pwn2Own 2018 Safari+macOS 漏洞利用链
- [**698**Star][10d] [Py] [matlink/gplaycli](https://github.com/matlink/gplaycli) Google Play Downloader via Command line
- [**698**Star][11d] [fabrimagic72/malware-samples](https://github.com/fabrimagic72/malware-samples) A collection of malware samples caught by several honeypots i manage
- [**697**Star][14d] [Py] [csurfer/rake-nltk](https://github.com/csurfer/rake-nltk) Python implementation of the Rapid Automatic Keyword Extraction algorithm using NLTK.
- [**697**Star][6m] [Py] [rurik/noriben](https://github.com/rurik/noriben) Portable, Simple, Malware Analysis Sandbox
- [**697**Star][13d] [Shell] [rfxn/linux-malware-detect](https://github.com/rfxn/linux-malware-detect) Linux Malware Detection (LMD)
- [**697**Star][11d] [Ruby] [mozilla/ssh_scan](https://github.com/mozilla/ssh_scan) A prototype SSH configuration and policy scanner (Blog:
- [**696**Star][4m] [Py] [igio90/dwarf](https://github.com/igio90/dwarf) Full featured multi arch/os debugger built on top of PyQt5 and frida
- [**696**Star][13d] [Java] [honeynet/apkinspector](https://github.com/honeynet/apkinspector) APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
- [**695**Star][2y] [Py] [endgameinc/rta](https://github.com/endgameinc/rta)  a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
- [**694**Star][10d] [Py] [timgrossmann/instagram-profilecrawl](https://github.com/timgrossmann/instagram-profilecrawl) Quickly crawl the information (e.g. followers, tags etc...) of an instagram profile. No login required!
- [**694**Star][10d] [Rust] [cloud-hypervisor/cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor) A rust-vmm based cloud hypervisor
- [**694**Star][4m] [Go] [9seconds/mtg](https://github.com/9seconds/mtg) Bullshit-free MTPROTO proxy for Telegram
- [**693**Star][23d] [Swift] [yenom/bitcoinkit](https://github.com/yenom/BitcoinKit) Bitcoin protocol toolkit for Swift
- [**692**Star][15d] [Shell] [g0tmi1k/msfpc](https://github.com/g0tmi1k/msfpc) MSFvenom Payload Creator (MSFPC)
- [**692**Star][12d] [C#] [sjkp/letsencrypt-siteextension](https://github.com/sjkp/letsencrypt-siteextension) Azure Web App Site Extension for easy installation and configuration of Let's Encrypt issued SSL certifcates for custom domain names.
- [**692**Star][4m] [C] [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan) A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
- [**692**Star][20d] [Py] [lijiejie/htpwdscan](https://github.com/lijiejie/htpwdscan) A python HTTP weak pass scanner
- [**692**Star][4m] [Perl] [jondonas/linux-exploit-suggester-2](https://github.com/jondonas/linux-exploit-suggester-2) Next-Generation Linux Kernel Exploit Suggester
- [**692**Star][16d] [PHP] [ircmaxell/php-compiler](https://github.com/ircmaxell/php-compiler) A compiler. For PHP
- [**692**Star][25d] [Py] [golismero/golismero](https://github.com/golismero/golismero) an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans.
- [**691**Star][10d] [Py] [bridgecrewio/checkov](https://github.com/bridgecrewio/checkov) Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes and other infrastructure-as-code-languages with Checkov by Bridgecrew.
- [**691**Star][1m] [Py] [n1nj4sec/memorpy](https://github.com/n1nj4sec/memorpy) Python library using ctypes to search/edit windows / linux / macOS / SunOS programs memory
- [**691**Star][12m] [C++] [gossip-sjtu/armariris](https://github.com/gossip-sjtu/armariris) LLVM obfuscate freamwork
- [**691**Star][14d] [JS] [draios/sysdig-inspect](https://github.com/draios/sysdig-inspect)  A powerful opensource interface for container troubleshooting and security investigation
- [**690**Star][1y] [Scala] [seveniruby/appcrawler](https://github.com/seveniruby/appcrawler) 基于appium的app自动遍历工具
- [**690**Star][13d] [C] [pyca/pynacl](https://github.com/pyca/pynacl) Python binding to the Networking and Cryptography (NaCl) library
- [**690**Star][4m] [Py] [igogo-x86/hexrayspytools](https://github.com/igogo-x86/hexrayspytools) assists in the creation of classes/structures and detection of virtual tables
- [**690**Star][11d] [C++] [codilime/veles](https://github.com/codilime/veles) Binary data analysis and visualization tool
- [**689**Star][12d] [Py] [kkevsterrr/backdoorme](https://github.com/kkevsterrr/backdoorme) powerful auto-backdooring utility
- [**689**Star][3m] [Py] [kiorky/spynner](https://github.com/kiorky/spynner) Programmatic web browsing module with AJAX support for Python
- [**688**Star][13d] [C#] [unosquare/passcore](https://github.com/unosquare/passcore) A self-service password management tool for Active Directory
- [**688**Star][12d] [Py] [lanmaster53/recon-ng](https://github.com/lanmaster53/recon-ng) Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
- [**688**Star][1y] [HTML] [zhengmin1989/myarticles](https://github.com/zhengmin1989/myarticles) 蒸米的文章（iOS冰与火之歌系列，一步一步学ROP系列，安卓动态调试七种武器系列等）
- [**688**Star][13d] [Go] [yawning/obfs4](https://github.com/yawning/obfs4) The obfourscator (Courtesy mirror)
- [**688**Star][3m] [redhuntlabs/awesome-asset-discovery](https://github.com/redhuntlabs/awesome-asset-discovery) List of Awesome Asset Discovery Resources
- [**688**Star][1y] [Py] [m4ll0k/wpseku](https://github.com/m4ll0k/wpseku) WPSeku - Wordpress Security Scanner
- [**688**Star][7y] [Ruby] [juuso/bozocrack](https://github.com/juuso/bozocrack) A silly & effective MD5 cracker in Ruby
- [**687**Star][10m] [C#] [shack2/snetcracker](https://github.com/shack2/snetcracker) Windows平台的弱口令审计工具，支持批量多线程检查，可快速发现弱密码、弱口令账号，密码支持和用户名结合进行检查，大大提高成功率，支持自定义服务端口和字典。
- [**687**Star][11d] [Py] [eliasgranderubio/dagda](https://github.com/eliasgranderubio/dagda) a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
- [**687**Star][2y] [C] [billy-ellis/exploit-challenges](https://github.com/billy-ellis/exploit-challenges) A collection of vulnerable ARM binaries for practicing exploit development
- [**686**Star][13d] [C] [getdnsapi/stubby](https://github.com/getdnsapi/stubby) Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
- [**686**Star][16d] [Shell] [cokebar/gfwlist2dnsmasq](https://github.com/cokebar/gfwlist2dnsmasq) A shell script which convert gfwlist into dnsmasq rules. Python version:
- [**685**Star][9m] [Py] [v3n0m-scanner/v3n0m-scanner](https://github.com/v3n0m-scanner/v3n0m-scanner) Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
- [**684**Star][10d] [PHP] [s3inlc/hashtopolis](https://github.com/s3inlc/hashtopolis) A Hashcat wrapper for distributed hashcracking
- [**684**Star][10d] [PHP] [s3inlc/hashtopolis](https://github.com/s3inlc/hashtopolis) A Hashcat wrapper for distributed hashcracking
- [**684**Star][4m] [CSS] [pathartl/bleemsync](https://github.com/pathartl/bleemsync) An application manage and launch PlayStation Classic games from USB storage
- [**683**Star][10d] [Py] [ashishb/adb-enhanced](https://github.com/ashishb/adb-enhanced) a Swiss-army knife for Android testing and development. A command-line interface to trigger various scenarios like screen rotation, battery saver mode, data saver mode, doze mode, permission grant/revocation.
- [**683**Star][11d] [C] [openvpn/openvpn-gui](https://github.com/openvpn/openvpn-gui) OpenVPN GUI is a graphical frontend for OpenVPN running on Windows XP / Vista / 7 / 8. It creates an icon in the notification area from which you can control OpenVPN to start/stop your VPN tunnels, view the log and do other useful things.
- [**682**Star][2y] [Py] [trycatchhcf/dumpsterfire](https://github.com/trycatchhcf/dumpsterfire)  A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event s…
- [**682**Star][11m] [Perl] [moham3driahi/xattacker](https://github.com/moham3driahi/xattacker) X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
- [**682**Star][10m] [C++] [eliboa/tegrarcmgui](https://github.com/eliboa/tegrarcmgui) C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)
- [**681**Star][10d] [siguza/ios-resources](https://github.com/siguza/ios-resources) Useful resources for iOS hacking
- [**681**Star][16d] [Py] [hslatman/awesome-industrial-control-system-security](https://github.com/hslatman/awesome-industrial-control-system-security) A curated list of resources related to Industrial Control System (ICS) security.
- [**680**Star][2y] [Py] [spiside/pdb-tutorial](https://github.com/spiside/pdb-tutorial) A simple tutorial about effectively using pdb
- [**680**Star][12d] [Java] [neo4j-contrib/neo4j-graph-algorithms](https://github.com/neo4j-contrib/neo4j-graph-algorithms) Efficient Graph Algorithms for Neo4j
- [**680**Star][10d] [ankane/secure_rails](https://github.com/ankane/secure_rails) Rails security best practices
- [**679**Star][3y] [shadowsocksr-backup/shadowsocksx-ng](https://github.com/shadowsocksr-backup/shadowsocksx-ng) Next Generation of ShadowsocksX
- [**679**Star][10d] [C++] [optiboot/optiboot](https://github.com/optiboot/optiboot) Small and Fast Bootloader for Arduino and other Atmel AVR chips
- [**678**Star][8d] [C++] [ijhack/qtpass](https://github.com/ijhack/qtpass) QtPass is a multi-platform GUI for pass, the standard unix password manager.
- [**678**Star][9d] [Py] [0kee-team/watchad](https://github.com/0kee-team/watchad) AD Security Intrusion Detection System
- [**678**Star][16d] [Jupyter Notebook] [supercowpowers/data_hacking](https://github.com/SuperCowPowers/data_hacking) Data Hacking Project
- [**677**Star][24d] [JS] [victorqribeiro/invaderz](https://github.com/victorqribeiro/invaderz) Space invaders, but the invaders evolve with genetic algorithm
- [**677**Star][7d] [Py] [facebookincubator/weasel](https://github.com/facebookincubator/weasel) DNS covert channel implant for Red Teams.
- [**676**Star][4m] [JS] [scrapingdance/jspider](https://github.com/scrapingdance/jspider) JSpider会每周更新至少一个网站的JS解密方式，欢迎 Star，交流微信：13298307816
- [**676**Star][12d] [C] [greenbone/openvas](https://github.com/greenbone/openvas) Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
- [**676**Star][7d] [Lua] [unixhot/waf](https://github.com/unixhot/waf) 使用Nginx+Lua实现的WAF（版本v1.0）
- [**676**Star][12d] [Go] [shopify/kubeaudit](https://github.com/shopify/kubeaudit) kubeaudit helps you audit your Kubernetes clusters against common security controls
- [**676**Star][2y] [Py] [deepzec/bad-pdf](https://github.com/deepzec/bad-pdf) create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines
- [**676**Star][2y] [chybeta/code-audit-challenges](https://github.com/chybeta/code-audit-challenges) Code-Audit-Challenges
- [**675**Star][12d] [C] [qihoo360/mysql-sniffer](https://github.com/qihoo360/mysql-sniffer) mysql-sniffer is a network traffic analyzer tool for mysql, it is developed by Qihoo DBA and infrastructure team
- [**675**Star][10m] [C#] [cyanfish/naps2](https://github.com/cyanfish/naps2) Scan documents to PDF and other file types, as simply as possible.
- [**674**Star][3y] [Py] [ysrc/gourdscanv2](https://github.com/ysrc/gourdscanv2) 被动式漏洞扫描系统
- [**674**Star][10d] [Go] [lunixbochs/usercorn](https://github.com/lunixbochs/usercorn) dynamic binary analysis via platform emulation
- [**673**Star][10d] [SystemVerilog] [lowrisc/opentitan](https://github.com/lowrisc/opentitan) Open source silicon root of trust
- [**673**Star][10d] [C] [robertdavidgraham/heartleech](https://github.com/robertdavidgraham/heartleech) Demonstrates the "heartbleed" problem using full OpenSSL stack
- [**673**Star][6m] [Java] [dineshshetty/android-insecurebankv2](https://github.com/dineshshetty/android-insecurebankv2) Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
- [**672**Star][11d] [C] [mkj/dropbear](https://github.com/mkj/dropbear) Dropbear SSH
- [**672**Star][7m] [doridori/android-security-reference](https://github.com/doridori/android-security-reference) A W.I.P Android Security Ref
- [**671**Star][10d] [Py] [thewhiteh4t/pwnedornot](https://github.com/thewhiteh4t/pwnedornot) OSINT Tool for Finding Passwords of Compromised Email Addresses
- [**671**Star][4m] [Java] [nordicsemiconductor/android-nrf-toolbox](https://github.com/nordicsemiconductor/android-nrf-toolbox) The nRF Toolbox is a container app that stores your Nordic Semiconductor apps for Bluetooth Low Energy in one location.
- [**671**Star][10d] [C] [kernelslacker/trinity](https://github.com/kernelslacker/trinity) Linux system call fuzzer
- [**670**Star][4m] [YARA] [eset/malware-ioc](https://github.com/eset/malware-ioc) Indicators of Compromises (IOC) of our various investigations
- [**669**Star][9d] [HTML] [foxzilla/pxer](https://github.com/foxzilla/pxer) A tool for pixiv.net
- [**669**Star][21d] [PHP] [xx19941215/light-tips](https://github.com/xx19941215/light-tips) Some code tips about algorithms, php and more
- [**669**Star][10d] [Shell] [securityftw/cs-suite](https://github.com/securityftw/cs-suite) Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
- [**669**Star][10d] [Rust] [rust-bio/rust-bio](https://github.com/rust-bio/rust-bio) This library provides implementations of many algorithms and data structures that are useful for bioinformatics. All provided implementations are rigorously tested via continuous integration.
- [**669**Star][2y] [Java] [faizann24/wifi-bruteforcer-fsecurify](https://github.com/faizann24/wifi-bruteforcer-fsecurify) Android application to brute force WiFi passwords without requiring a rooted device.
- [**668**Star][10d] [Go] [jrohy/trojan](https://github.com/jrohy/trojan) trojan多用户管理部署程序, 支持web页面管理
- [**668**Star][23d] [C] [nfc-tools/mfoc](https://github.com/nfc-tools/mfoc) Mifare Classic Offline Cracker
- [**668**Star][11m] [PHP] [l3m0n/bypass_disable_functions_shell](https://github.com/l3m0n/bypass_disable_functions_shell) Bypass Disable Functions Shell
- [**668**Star][3y] [PS] [hlldz/invoke-phant0m](https://github.com/hlldz/invoke-phant0m) Windows Event Log Killer
- [**668**Star][14d] [C] [fail0verflow/shofel2](https://github.com/fail0verflow/shofel2) Tegra X1 bootrom exploit
- [**668**Star][11d] [C] [client9/libinjection](https://github.com/client9/libinjection) SQL / SQLI tokenizer parser analyzer
- [**667**Star][12d] [PHP] [jenssegers/php-proxy](https://github.com/jenssegers/php-proxy) A PHP proxy script with https and post support
- [**667**Star][3y] [Py] [travisfsmith/sweetsecurity](https://github.com/travisfsmith/sweetsecurity) Network Security Monitoring on Raspberry Pi type devices
- [**667**Star][5m] [nshalabi/sysmontools](https://github.com/nshalabi/sysmontools) Utilities for Sysmon
- [**666**Star][7d] [chris1111/wireless-usb-adapter-clover](https://github.com/chris1111/wireless-usb-adapter-clover) Visit BLOG :
- [**666**Star][4m] [C] [virtio-win/kvm-guest-drivers-windows](https://github.com/virtio-win/kvm-guest-drivers-windows) Windows paravirtualized
- [**666**Star][12d] [Py] [knownsec/rd_checklist](https://github.com/knownsec/rd_checklist) 知道创宇研发技能表
- [**666**Star][4m] [Py] [epsylon/ufonet](https://github.com/epsylon/ufonet) a toolkit designed to launch DDoS and DoS attacks.
- [**665**Star][11d] [veorq/cryptocoding](https://github.com/veorq/cryptocoding) Guidelines for low-level cryptography software
- [**665**Star][17d] [Jupyter Notebook] [parrt/lolviz](https://github.com/parrt/lolviz) A simple Python data-structure visualization tool for lists of lists, lists, dictionaries; primarily for use in Jupyter notebooks / presentations
- [**665**Star][10d] [C] [matheus-garbelini/esp32_esp8266_attacks](https://github.com/matheus-garbelini/esp32_esp8266_attacks) Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- [**665**Star][11m] [TeX] [bettercrypto/applied-crypto-hardening](https://github.com/bettercrypto/applied-crypto-hardening) Best Current Practices regarding secure online communication and configuration of services using cryptography.
- [**664**Star][2y] [Py] [floodsung/learningtocompare_fsl](https://github.com/floodsung/LearningToCompare_FSL) PyTorch code for CVPR 2018 paper: Learning to Compare: Relation Network for Few-Shot Learning (Few-Shot Learning part)
- [**664**Star][16d] [C] [eugnis/spectre-attack](https://github.com/eugnis/spectre-attack) Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
- [**664**Star][2y] [Rust] [endgameinc/xori](https://github.com/endgameinc/xori) an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
- [**663**Star][13d] [PHP] [mattiasgeniar/php-exploit-scripts](https://github.com/mattiasgeniar/php-exploit-scripts) A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
- [**663**Star][10d] [C] [hashcat/hashcat-utils](https://github.com/hashcat/hashcat-utils) Small utilities that are useful in advanced password cracking
- [**663**Star][1y] [ObjC] [chenxiancai/stcobfuscator](https://github.com/chenxiancai/stcobfuscator) iOS全局自动化 代码混淆 工具！支持cocoapod组件代码一并 混淆，完美避开hardcode方法、静态库方法和系统库方法！
- [**662**Star][4m] [C] [wifidog/wifidog-gateway](https://github.com/wifidog/wifidog-gateway) Repository for the wifidog-gateway captive portal designed for embedded systems
- [**662**Star][22d] [Py] [paulsec/twittor](https://github.com/paulsec/twittor) A fully featured backdoor that uses Twitter as a C&C server
- [**662**Star][13d] [Py] [lmco/laikaboss](https://github.com/lmco/laikaboss) Object Scanning System
- [**662**Star][8m] [PHP] [hongrisec/php-audit-labs](https://github.com/hongrisec/php-audit-labs) 一个关于PHP的代码审计项目
- [**661**Star][4m] [yeyintminthuhtut/awesome-advanced-windows-exploitation-references](https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References) List of Awesome Advanced Windows Exploitation References
- [**661**Star][15d] [Py] [praetorian-code/pentestly](https://github.com/praetorian-code/pentestly) Python and Powershell internal penetration testing framework
- [**661**Star][20d] [webbreacher/offensiveinterview](https://github.com/webbreacher/offensiveinterview) Interview questions to screen offensive (red team/pentest) candidates
- [**661**Star][23d] [Swift] [phynet/ios-url-schemes](https://github.com/phynet/ios-url-schemes) a github solution from my gist of iOS list for urls schemes
- [**661**Star][16d] [Shell] [ashishb/osx-and-ios-security-awesome](https://github.com/ashishb/osx-and-ios-security-awesome) OSX and iOS related security tools
- [**660**Star][5m] [Ruby] [markets/invisible_captcha](https://github.com/markets/invisible_captcha) Simple and flexible spam protection solution for Rails applications.

- [**660**Star][2m] [Ruby] [igrigorik/em-proxy](https://github.com/igrigorik/em-proxy) EventMachine Proxy DSL for writing high-performance transparent / intercepting proxies in Ruby
- [**660**Star][3y] [harmj0y/cheatsheets](https://github.com/harmj0y/cheatsheets) Cheat sheets for various projects.
- [**659**Star][12d] [Py] [timthony/self_drive](https://github.com/timthony/self_drive) 基于树莓派的自动驾驶小车，利用树莓派和tensorflow实现小车在赛道的自动驾驶。（Self-driving car based on raspberry pi（tensorflow））
- [**658**Star][7d] [HTML] [w-digital-scanner/w13scan](https://github.com/w-digital-scanner/w13scan) Passive Security Scanner (被动式安全扫描器)
- [**658**Star][2y] [C++] [nathancastle/bootshellcredentialprovider](https://github.com/nathancastle/bootshellcredentialprovider) Windows 10 Credential Provider intended to simplify the process of logging directly into alternative shells to Windows Explorer.
- [**658**Star][11d] [C] [gentilkiwi/kekeo](https://github.com/gentilkiwi/kekeo) A little toolbox to play with Microsoft Kerberos in C
- [**658**Star][12d] [Py] [deibit/cansina](https://github.com/deibit/cansina) Web Content Discovery Tool
- [**657**Star][14d] [C] [travisgoodspeed/md380tools](https://github.com/travisgoodspeed/md380tools) Python tools and patched firmware for the TYT-MD380
- [**656**Star][13d] [ObjC] [isecpartners/introspy-ios](https://github.com/iSECPartners/Introspy-iOS) Security profiling for blackbox iOS
- [**656**Star][10d] [Shell] [wireghoul/htshells](https://github.com/wireghoul/htshells) Self contained web shells and other attacks via .htaccess files.
- [**656**Star][11d] [Ruby] [dev-sec/ansible-ssh-hardening](https://github.com/dev-sec/ansible-ssh-hardening) This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
- [**656**Star][4m] [azure/aks](https://github.com/azure/aks) Azure Kubernetes Service
- [**655**Star][4m] [Py] [zdresearch/owasp-nettacker](https://github.com/zdresearch/OWASP-Nettacker) Automated Penetration Testing Framework
- [**655**Star][3m] [PS] [sbousseaden/evtx-attack-samples](https://github.com/sbousseaden/evtx-attack-samples) windows events samples associated to specific attack and post-exploitation techniques
- [**655**Star][4y] [C] [rentzsch/mach_inject](https://github.com/rentzsch/mach_inject) interprocess code injection for Mac OS X
- [**655**Star][13d] [Go] [marco-lancini/goscan](https://github.com/marco-lancini/goscan) Interactive Network Scanner
- [**655**Star][11d] [Go] [evilsocket/arc](https://github.com/evilsocket/arc) A manager for your secrets.
- [**655**Star][4m] [Py] [dirkjanm/privexchange](https://github.com/dirkjanm/privexchange) Exchange your privileges for Domain Admin privs by abusing Exchange
- [**654**Star][11d] [Py] [pahaz/sshtunnel](https://github.com/pahaz/sshtunnel) SSH tunnels to remote server.
- [**654**Star][10d] [Lua] [jx-sec/jxwaf](https://github.com/jx-sec/jxwaf) JXWAF(锦衣盾)是一款开源web应用防火墙
- [**653**Star][4m] [PS] [mattifestation/powershellarsenal](https://github.com/mattifestation/powershellarsenal) A PowerShell Module Dedicated to Reverse Engineering
- [**652**Star][10d] [Go] [dmacvicar/terraform-provider-libvirt](https://github.com/dmacvicar/terraform-provider-libvirt) Terraform provider to provision infrastructure with Linux's KVM using libvirt
- [**652**Star][18d] [Java] [facebookarchive/proguard](https://github.com/facebookarchive/proguard) A fork of ProGuard.
- [**652**Star][15d] [Go] [janusec/janusec](https://github.com/janusec/janusec) Janusec Application Gateway, an application security solution which provides WAF (Web Application Firewall), CC attack defense, OAuth2 Authentication, private key protection, Web SSH operation, Web routing and scalable load balancing. JANUSEC应用网关，提供WAF、CC攻击防御、OAuth2身份认证、统一Web化管理入口、证书私钥保护、Web SSH安全运维，Web路由以及可扩展的负载均衡等功能。
- [**651**Star][8d] [Py] [3xp10it/xwaf](https://github.com/3xp10it/xwaf) Automatic bypass (brute force) waf
- [**651**Star][12d] [C++] [sgan81/apfs-fuse](https://github.com/sgan81/apfs-fuse) FUSE driver for APFS (Apple File System)
- [**651**Star][12d] [Py] [marin-m/pbtk](https://github.com/marin-m/pbtk) A toolset for reverse engineering and fuzzing Protobuf-based apps
- [**651**Star][4y] [ObjC] [isecpartners/introspy-ios](https://github.com/isecpartners/introspy-ios) Security profiling for blackbox iOS
- [**650**Star][11d] [Py] [nongiach/arm_now](https://github.com/nongiach/arm_now) a qemu powered tool that allows instant setup of virtual machines on arm cpu, mips, powerpc, nios2, x86 and more, for reverse, exploit, fuzzing and programming purpose.
- [**650**Star][10d] [C#] [microsoft/clrmd](https://github.com/microsoft/clrmd) Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
- [**650**Star][15d] [Shell] [hannob/bashcheck](https://github.com/hannob/bashcheck) test script for shellshocker and related vulnerabilities
- [**649**Star][4m] [Py] [indigo-dc/udocker](https://github.com/indigo-dc/udocker) A basic user tool to execute simple docker containers in batch or interactive systems without root privileges
- [**649**Star][4m] [Go] [gudegg/yunspider](https://github.com/gudegg/yunspider) 百度云网盘爬虫
- [**649**Star][4m] [Go] [ullaakut/gorsair](https://github.com/ullaakut/gorsair) Gorsair hacks its way into remote docker containers that expose their APIs
- [**649**Star][3m] [Py] [netflix/repokid](https://github.com/netflix/repokid) AWS Least Privilege for Distributed, High-Velocity Deployment
- [**649**Star][10d] [Ruby] [mame/optcarrot](https://github.com/mame/optcarrot) A NES emulator written in Ruby
- [**649**Star][1y] [Py] [hermanhermitage/videocoreiv](https://github.com/hermanhermitage/videocoreiv) Tools and information for the Broadcom VideoCore IV (RaspberryPi)
- [**648**Star][12d] [C++] [qbdi/qbdi](https://github.com/QBDI/QBDI) A Dynamic Binary Instrumentation framework based on LLVM.
- [**648**Star][1y] [Py] [mehulj94/braindamage](https://github.com/mehulj94/braindamage) Remote administration tool which uses Telegram as a C&C server
- [**647**Star][6m] [Java] [nikita36078/j2me-loader](https://github.com/nikita36078/j2me-loader) A J2ME emulator for Android.
- [**647**Star][2m] [Java] [c0ny1/chunked-coding-converter](https://github.com/c0ny1/chunked-coding-converter) Burp suite 分块传输辅助插件
- [**646**Star][14d] [C++] [eidheim/simple-websocket-server](https://github.com/eidheim/simple-websocket-server) A very simple, fast, multithreaded, platform independent WebSocket (WS) and WebSocket Secure (WSS) server and client library implemented using C++11, Boost.Asio and OpenSSL. Created to be an easy way to make WebSocket endpoints in C++.
- [**646**Star][8d] [Go] [zmap/zgrab](https://github.com/zmap/zgrab) A Banner Grabber, in Go
- [**646**Star][8m] [C++] [stevemk14ebr/polyhook](https://github.com/stevemk14ebr/polyhook) x86/x64 C++ Hooking Library
- [**646**Star][12d] [Py] [pyca/pyopenssl](https://github.com/pyca/pyopenssl) A Python wrapper around the OpenSSL library
- [**646**Star][2y] [PHP] [duoergun0729/1book](https://github.com/duoergun0729/1book) 《Web安全之机器学习入门》
- [**645**Star][3y] [C] [shadowsocksr-backup/shadowsocksr-libev](https://github.com/shadowsocksr-backup/shadowsocksr-libev) libev port of ShadowsocksR
- [**645**Star][13d] [Py] [thinkst/opencanary](https://github.com/thinkst/opencanary) Modular and decentralised honeypot
- [**644**Star][10d] [Py] [ctf-missfeng/bayonet](https://github.com/ctf-missfeng/bayonet) bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
- [**644**Star][23d] [C++] [apple/swift-lldb](https://github.com/apple/swift-lldb) This is the version of LLDB that supports the Swift programming language & REPL.
- [**644**Star][4m] [webdigi/aws-vpn-server-setup](https://github.com/webdigi/aws-vpn-server-setup) Setup your own private, secure, free* VPN on the Amazon AWS Cloud in 10 minutes. CloudFormation
- [**644**Star][5y] [PHP] [emposha/php-shell-detector](https://github.com/emposha/php-shell-detector) a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. 
- [**644**Star][12d] [Py] [dmpayton/django-admin-honeypot](https://github.com/dmpayton/django-admin-honeypot)  a fake Django admin login screen to log and notify admins of attempted unauthorized access.
- [**644**Star][9m] [3gstudent/pentest-and-development-tips](https://github.com/3gstudent/pentest-and-development-tips) A collection of pentest and development tips
- [**643**Star][14d] [Swift] [gradients/gradients](https://github.com/Gradients/Gradients) A curated collection of 180 splendid gradients made in swift
- [**643**Star][1y] [cryptogenic/exploit-writeups](https://github.com/cryptogenic/exploit-writeups) A collection where my current and future writeups for exploits/CTF will go
- [**642**Star][2y] [Shell] [kitten/setup-simple-ipsec-l2tp-vpn](https://github.com/kitten/setup-simple-ipsec-l2tp-vpn) Setup a simple IPSec/L2TP VPN Server for Ubuntu and Debian
- [**642**Star][14d] [Py] [sourcelair/ceryx](https://github.com/sourcelair/ceryx) Dynamic reverse proxy based on NGINX OpenResty with an API
- [**642**Star][10m] [smgorelik/windows-rce-exploits](https://github.com/smgorelik/windows-rce-exploits) The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue teams.
- [**642**Star][10d] [JS] [n0wa11/gfw_whitelist](https://github.com/n0wa11/gfw_whitelist) A Pac File of the Whitelisted Websites for the Great Firewall of China (GFW)
- [**642**Star][3m] [aleenzz/mysql_sql_bypass_wiki](https://github.com/aleenzz/mysql_sql_bypass_wiki) mysql注入,bypass的一些心得
- [**641**Star][10d] [Go] [tomnomnom/assetfinder](https://github.com/tomnomnom/assetfinder) Find domains and subdomains related to a given domain
        <details>
        <summary>View Details</summary>


        ## 安装
        - go get -u github.com/tomnomnom/assetfinder
        
        ## 实现源
        - crt.sh
        - certspotter
        - hackertarget
        - threatcrowd
        - wayback machine
        - dns.bufferover.run
        - facebook: Needs FB_APP_ID and FB_APP_SECRET environment variables set (https://developers.facebook.com/)
        - virustotal: Needs VT_API_KEY environment variable set (https://developers.virustotal.com/reference)
        - findsubdomains: Needs SPYSE_API_TOKEN environment variable set (the free version always gives the first response page, and you also get "25 unlimited requests") — (https://spyse.com/apidocs)
        
        ## 待实现源:
        - http://api.passivetotal.org/api/docs/
        - https://community.riskiq.com/ (?)
        - https://riddler.io/
        - http://www.dnsdb.org/
        - https://certdb.com/api-documentation
        
        </details>


- [**641**Star][10d] [Py] [nidem/kerberoast](https://github.com/nidem/kerberoast)  a series of tools for attacking MS Kerberos implementations
- [**641**Star][10d] [Py] [isecpartners/sslyze](https://github.com/isecpartners/sslyze) Current development of SSLyze now takes place on a separate repository
- [**641**Star][13d] [JS] [alcuadrado/hieroglyphy](https://github.com/alcuadrado/hieroglyphy) Transform any javascript code to an equivalent sequence of ()[]{}!+ characters that runs in the browser!
- [**640**Star][10d] [Py] [guyinatuxedo/nightmare](https://github.com/guyinatuxedo/nightmare) 
- [**640**Star][11d] [adrianmihalko/raspberrypiwireguard](https://github.com/adrianmihalko/raspberrypiwireguard) Install and configure WireGuard on Raspberry Pi (and others)
- [**640**Star][7d] [Shell] [angristan/wireguard-install](https://github.com/angristan/wireguard-install) WireGuard VPN installer for Linux servers
- [**640**Star][7d] [PS] [s3cur3th1ssh1t/winpwn](https://github.com/S3cur3Th1sSh1t/WinPwn) Automation for internal Windows Penetrationtest / AD-Security
- [**640**Star][12d] [JS] [acmesec/pocbox](https://github.com/Acmesec/PoCBox) 赏金猎人的脆弱性测试辅助平台
- [**640**Star][14d] [C] [chokepoint/azazel](https://github.com/chokepoint/azazel) Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.
- [**640**Star][14d] [Py] [bsmali4/xssfork](https://github.com/bsmali4/xssfork) 新一代xss漏洞探测工具
- [**639**Star][11d] [C#] [akiver/csgo-demos-manager](https://github.com/akiver/csgo-demos-manager) manage replays from the game Counter-Strike: Global Offensive
- [**639**Star][1m] [Py] [mschwager/dhcpwn](https://github.com/mschwager/dhcpwn)  testing DHCP IP exhaustion attacks， sniff local DHCP traffic
- [**639**Star][5m] [HTML] [jiji262/wooyun_articles](https://github.com/jiji262/wooyun_articles) drops.wooyun.org 乌云Drops文章备份
- [**639**Star][4m] [Perl] [bollwarm/sectoolset](https://github.com/bollwarm/sectoolset) The security tool(project) Set from github
- [**638**Star][4m] [CoffeeScript] [shadowsocks/shadowsocks-chromeapp](https://github.com/shadowsocks/shadowsocks-chromeapp) Chrome client for shadowsocks
- [**638**Star][11m] [Java] [sigploiter/sigploit](https://github.com/sigploiter/sigploit) Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
- [**638**Star][10d] [PHP] [php-casbin/php-casbin](https://github.com/php-casbin/php-casbin) An authorization library that supports access control models like ACL, RBAC, ABAC in PHP .
- [**638**Star][1y] [HTML] [bl4de/security_whitepapers](https://github.com/bl4de/security_whitepapers) Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
- [**637**Star][12d] [dlenski/openconnect](https://github.com/dlenski/openconnect) OpenConnect client extended to support Palo Alto Networks' GlobalProtect VPN
- [**637**Star][7d] [Shell] [r00t-3xp10it/venom](https://github.com/r00t-3xp10it/venom) shellcode generator/compiler/handler (metasploit)
- [**637**Star][17d] [Java] [digitalpebble/storm-crawler](https://github.com/digitalpebble/storm-crawler) Scalable web crawler based on Apache Storm
- [**636**Star][15d] [PHP] [pr0x13/idict](https://github.com/pr0x13/idict) iCloud Apple iD BruteForcer
- [**636**Star][11d] [Py] [fanhuaandluomu/geetest_break](https://github.com/fanhuaandluomu/geetest_break) 极验验证码破解-源码+手册
- [**636**Star][10m] [Py] [faizann24/xsspy](https://github.com/faizann24/xsspy) Web Application XSS Scanner
- [**635**Star][10d] [Shell] [21y4d/nmapautomator](https://github.com/21y4d/nmapautomator) A script that you can run in the background!
- [**635**Star][7m] [PS] [monoxgas/srdi](https://github.com/monoxgas/srdi) Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
- [**633**Star][10d] [HTML] [r00t-3xp10it/morpheus](https://github.com/r00t-3xp10it/morpheus) Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)
- [**633**Star][11d] [C] [pelya/android-keyboard-gadget](https://github.com/pelya/android-keyboard-gadget) Convert your Android device into USB keyboard/mouse, control your PC from your Android device remotely, including BIOS/bootloader.
- [**632**Star][10d] [C++] [m2team/nsudo](https://github.com/m2team/nsudo) Series of System Administration Tools
- [**632**Star][10d] [Py] [eerkunt/terraform-compliance](https://github.com/eerkunt/terraform-compliance) a lightweight, security focused, BDD test framework against terraform.
- [**632**Star][11d] [Ruby] [thesp0nge/dawnscanner](https://github.com/thesp0nge/dawnscanner) Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
- [**632**Star][10d] [HTML] [fate0/proxylist](https://github.com/fate0/proxylist) proxylist, generate by fate0/getproxy project in every 15 minute
- [**632**Star][16d] [JS] [derhuerst/tcp-over-websockets](https://github.com/derhuerst/tcp-over-websockets) Tunnel TCP through WebSockets.
- [**632**Star][13d] [C] [coolstar/electra](https://github.com/coolstar/electra) Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake
- [**631**Star][3y] [C] [fail0verflow/ps4-linux](https://github.com/fail0verflow/ps4-linux) Linux kernel fork with PS4 support (work in progress)
- [**631**Star][12d] [ahmetb/gke-letsencrypt](https://github.com/ahmetb/gke-letsencrypt) Tutorial for installing cert-manager on GKE get HTTPS certificates from Let’s Encrypt (
- [**631**Star][3y] [Py] [0xbug/sqliscanner](https://github.com/0xbug/sqliscanner) Automatic SQL injection with Charles and sqlmap api
- [**630**Star][10d] [Makefile] [container-storage-interface/spec](https://github.com/container-storage-interface/spec) Container Storage Interface (CSI) Specification.
- [**630**Star][6y] [Assembly] [adriancable/8086tiny](https://github.com/adriancable/8086tiny) Official repository for 8086tiny: a tiny PC emulator/virtual machine
- [**629**Star][12d] [turbo/openftp4](https://github.com/turbo/openftp4) A list of all FTP servers in IPv4 that allow anonymous logins.
- [**629**Star][7m] [C++] [mdhiggins/esp8266-http-ir-blaster](https://github.com/mdhiggins/esp8266-http-ir-blaster) ESP8266 Compatible IR Blaster that accepts HTTP commands for use with services like Amazon Echo
- [**629**Star][2y] [jiangsir404/audit-learning](https://github.com/jiangsir404/audit-learning) 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
- [**629**Star][4m] [C++] [danielkrupinski/osiris](https://github.com/danielkrupinski/osiris) open-source training software / cheat for Counter-Strike: Global Offensive game. Designed as internal cheat - Dynamic-link library (DLL) loadable into game process
- [**629**Star][11d] [C] [bootleg/ret-sync](https://github.com/bootleg/ret-sync) a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with IDA/Ghidra disassemblers
    - [GDB插件](https://github.com/bootleg/ret-sync/tree/master/ext_gdb) 
    - [Ghidra插件](https://github.com/bootleg/ret-sync/tree/master/ext_ghidra) 
    - [IDA插件](https://github.com/bootleg/ret-sync/tree/master/ext_ida) 
    - [LLDB](https://github.com/bootleg/ret-sync/tree/master/ext_lldb) 
    - [OD](https://github.com/bootleg/ret-sync/tree/master/ext_olly1) 
    - [OD2](https://github.com/bootleg/ret-sync/tree/master/ext_olly2) 
    - [WinDgb](https://github.com/bootleg/ret-sync/tree/master/ext_windbg/sync) 
    - [x64dbg](https://github.com/bootleg/ret-sync/tree/master/ext_x64dbg) 
- [**629**Star][10d] [C++] [blastrock/pkgj](https://github.com/blastrock/pkgj) pkg download & installation directly on Vita
- [**629**Star][8m] [Py] [0xgalz/virtuailor](https://github.com/0xgalz/virtuailor) IDAPython tool for C++ vtables reconstruction
        <details>
        <summary>View Details</summary>


        ## 静态部分: 
        - 检测非直接调用
        - 利用条件断点, Hook非直接调用的值赋值过程
        
        ## 动态 部分
        - 创建虚表结构
        - 重命名函数和虚表地址
        - 给反汇编非直接调用添加结构偏移
        - 给非直接调用到虚表之间添加交叉引用
        
        ## 使用
        - File -> Script File -> Main.py(设置断点) -> IDA调试器执行
        </details>


- [**628**Star][10d] [PS] [threatexpress/red-team-scripts](https://github.com/threatexpress/red-team-scripts) A collection of Red Team focused tools, scripts, and notes
- [**628**Star][6m] [C] [mrexodia/titanhide](https://github.com/mrexodia/titanhide) a driver intended to hide debuggers from certain processes
- [**627**Star][3m] [dm2333/attck-pentester-book](https://github.com/dm2333/attck-pentester-book) ATTCK-PenTester-Book
- [**627**Star][4m] [Py] [webrecorder/pywb](https://github.com/webrecorder/pywb) Core Python Web Archiving Toolkit for replay and recording of web archives
- [**627**Star][17d] [C++] [nladuo/captcha-break](https://github.com/nladuo/captcha-break) captcha break based on opencv2, tesseract-ocr and some machine learning algorithm.
- [**627**Star][14d] [C] [iagox86/hash_extender](https://github.com/iagox86/hash_extender) Hash Extender
- [**626**Star][10d] [Ruby] [stelligent/cfn_nag](https://github.com/stelligent/cfn_nag) Linting tool for CloudFormation templates
- [**625**Star][10d] [JS] [cdnbye/hlsjs-p2p-engine](https://github.com/cdnbye/hlsjs-p2p-engine) A hls.js plugin to offload bandwidth from expensive traditional CDNs，while also maximizing a user’s viewing experience.
- [**625**Star][4m] [Max] [maktm/flirtdb](https://github.com/Maktm/FLIRTDB) A community driven collection of IDA FLIRT signature files
- [**625**Star][4m] [PHP] [chocobozzz/openvpn-admin](https://github.com/chocobozzz/openvpn-admin) Install and administrate OpenVPN with a web interface (logs visualisations, users managing...)
- [**623**Star][25d] [Go] [gyuho/goraph](https://github.com/gyuho/goraph) Package goraph implements graph data structure and algorithms.
- [**623**Star][10d] [Py] [opensec-cn/vtest](https://github.com/opensec-cn/vtest) 用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
- [**623**Star][16d] [Go] [nytimes/gziphandler](https://github.com/nytimes/gziphandler) Go middleware to gzip HTTP responses
- [**623**Star][3y] [ObjC] [macmade/keychaincracker](https://github.com/macmade/keychaincracker) macOS keychain cracking tool
- [**622**Star][24d] [Ruby] [postmodern/spidr](https://github.com/postmodern/spidr) A versatile Ruby web spidering library that can spider a site, multiple domains, certain links or infinitely. Spidr is designed to be fast and easy to use.
- [**622**Star][11d] [Go] [netxfly/x-crack](https://github.com/netxfly/x-crack) Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
- [**622**Star][4y] [hack-with-github/windows](https://github.com/hack-with-github/windows) Awesome tools to exploit Windows !
- [**622**Star][11d] [Py] [googlecloudplatform/flask-talisman](https://github.com/googlecloudplatform/flask-talisman) HTTP security headers for Flask
- [**622**Star][2y] [Py] [adamcaudill/equationgroupleak](https://github.com/adamcaudill/equationgroupleak) Archive of leaked Equation Group materials
- [**621**Star][1y] [JS] [vincentcox/stacoan](https://github.com/vincentcox/stacoan) StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
- [**621**Star][2y] [Py] [softscheck/tplink-smartplug](https://github.com/softscheck/tplink-smartplug) TP-Link WiFi SmartPlug Client and Wireshark Dissector
- [**621**Star][1y] [C#] [0xbadjuju/tokenvator](https://github.com/0xbadjuju/tokenvator) A tool to elevate privilege with Windows Tokens
- [**620**Star][7m] [PS] [ramblingcookiemonster/powershell](https://github.com/ramblingcookiemonster/powershell) Various PowerShell functions and scripts
- [**620**Star][17d] [C] [pyca/bcrypt](https://github.com/pyca/bcrypt) Modern(-ish) password hashing for your software and your servers
- [**620**Star][10d] [Go] [mysteriumnetwork/node](https://github.com/mysteriumnetwork/node) Mysterium Network Node - official implementation of distributed VPN network (dVPN) protocol
- [**620**Star][2m] [Go] [leo-stone/hack-petya](https://github.com/leo-stone/hack-petya) search key to restore petya encrypted mft
- [**620**Star][10d] [Java] [alexzaitsev/apk-dependency-graph](https://github.com/alexzaitsev/apk-dependency-graph) Android class dependency visualizer. This tool helps to visualize the current state of the project.
- [**619**Star][7m] [Py] [pure-l0g1c/instagram](https://github.com/pure-l0g1c/instagram) Bruteforce attack for Instagram
- [**619**Star][4m] [Py] [al-azif/ps4-exploit-host](https://github.com/al-azif/ps4-exploit-host) Easy PS4 Exploit Hosting
- [**618**Star][11d] [CSS] [functionclub/ssr-bash-python](https://github.com/functionclub/ssr-bash-python) 一个SSR多用户控制脚本
- [**618**Star][10d] [C] [open-quantum-safe/liboqs](https://github.com/open-quantum-safe/liboqs) C library for quantum-safe cryptography.
- [**618**Star][11d] [C++] [intel/linux-sgx](https://github.com/intel/linux-sgx) Intel SGX for Linux*
- [**617**Star][4y] [Batchfile] [windowslies/blockwindows](https://github.com/windowslies/blockwindows) Stop Windows 10 Nagging and Spying. Works with Win7-10
- [**617**Star][13d] [Go] [timest/goscan](https://github.com/timest/goscan) goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet.
- [**617**Star][17d] [Go] [fzipp/gocyclo](https://github.com/fzipp/gocyclo) Calculate cyclomatic complexities of functions in Go source code.
- [**617**Star][3m] [YARA] [didierstevens/didierstevenssuite](https://github.com/didierstevens/didierstevenssuite) No Documentation
- [**617**Star][11d] [C] [brannondorsey/naive-hashcat](https://github.com/brannondorsey/naive-hashcat) Crack password hashes without the fuss
- [**617**Star][10d] [C] [appneta/tcpreplay](https://github.com/appneta/tcpreplay) Pcap editing and replay tools for *NIX and Windows
- [**616**Star][10d] [PS] [stefanscherer/packer-windows](https://github.com/stefanscherer/packer-windows) Windows Templates for Packer: Win10, Server 2016, 1709, 1803, 1809, 2019, 1903, 1909, 2004, Insider with Docker
- [**616**Star][13d] [guardrailsio/awesome-python-security](https://github.com/guardrailsio/awesome-python-security) Awesome Python Security resources
- [**616**Star][12d] [Py] [graphenex/graphenex](https://github.com/graphenex/graphenex) Automated System Hardening Framework
- [**616**Star][4m] [Ruby] [bit4woo/summit_ppt](https://github.com/bit4woo/summit_ppt) 各种安全大会PPT PDF
- [**615**Star][2y] [Py] [secretsquirrel/sigthief](https://github.com/secretsquirrel/sigthief) Stealing Signatures and Making One Invalid Signature at a Time
- [**615**Star][11d] [Java] [java-deobfuscator/deobfuscator](https://github.com/java-deobfuscator/deobfuscator) The real deal
- [**614**Star][10d] [C++] [kth-competitive-programming/kactl](https://github.com/kth-competitive-programming/kactl) KTH Algorithm Competition Template Library (... eller KTHs AC-tillverkande lapp)
- [**614**Star][4m] [C] [trustedsec/trevorc2](https://github.com/trustedsec/trevorc2) a legitimate website (browsable) that tunnels client/server communications for covert command execution.
- [**614**Star][7d] [C++] [secrary/andromeda](https://github.com/secrary/andromeda) Andromeda - Interactive Reverse Engineering Tool for Android Applications [This project is not maintained anymore]
- [**614**Star][29d] [C] [quiet/quiet-lwip](https://github.com/quiet/quiet-lwip)  create TCP and UDP connections over an audio channel
- [**614**Star][12d] [Java] [limboemu/limbo](https://github.com/limboemu/limbo) Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
- [**614**Star][15d] [C++] [breakingmalwareresearch/atom-bombing](https://github.com/breakingmalwareresearch/atom-bombing) Brand New Code Injection for Windows
- [**613**Star][11d] [C++] [priyankchheda/algorithms](https://github.com/priyankchheda/algorithms) Data Structure Libraries and Algorithms implementation
- [**613**Star][11d] [Solidity] [crytic/not-so-smart-contracts](https://github.com/crytic/not-so-smart-contracts) examples of common Ethereum smart contract vulnerabilities, including code from real smart contracts.
- [**613**Star][3y] [Py] [omriher/captipper](https://github.com/omriher/captipper) a python tool to analyze, explore and revive HTTP malicious traffic.
- [**613**Star][4m] [langyanduan/reborn](https://github.com/langyanduan/reborn) The missing proxy for macOS
- [**613**Star][2y] [JS] [csbun/thal](https://github.com/csbun/thal) 译文：Puppeteer 与 Chrome Headless —— 从入门到爬虫
- [**613**Star][3m] [Py] [1n3/blackwidow](https://github.com/1n3/blackwidow) A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
- [**612**Star][9m] [Py] [hatboy/struts2-scan](https://github.com/hatboy/struts2-scan) Struts2全漏洞扫描利用工具
- [**612**Star][2y] [Go] [cw1997/natbypass](https://github.com/cw1997/natbypass) 内网穿透，端口转发工具
- [**610**Star][10d] [CSS] [appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
- [**610**Star][2y] [PS] [fortynorthsecurity/wmimplant](https://github.com/FortyNorthSecurity/WMImplant) This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
- [**610**Star][13d] [C++] [tobefuturer/app2dylib](https://github.com/tobefuturer/app2dylib) A reverse engineering tool to convert iOS app to dylib
- [**610**Star][2y] [PS] [peewpw/invoke-wcmdump](https://github.com/peewpw/invoke-wcmdump) PowerShell Script to Dump Windows Credentials from the Credential Manager
- [**610**Star][4m] [C#] [bonesoul/coiniumserv](https://github.com/bonesoul/coiniumserv) Next-gen crypto currency mining pool software
- [**609**Star][10d] [C++] [kismetwireless/kismet](https://github.com/kismetwireless/kismet) Github mirror of official Kismet repository
- [**609**Star][2y] [Java] [federicodotta/brida](https://github.com/federicodotta/brida) The new bridge between Burp Suite and Frida!
- [**609**Star][10d] [Jupyter Notebook] [borealisai/advertorch](https://github.com/borealisai/advertorch) A Toolbox for Adversarial Robustness Research
- [**609**Star][4m] [PS] [411hall/jaws](https://github.com/411hall/jaws) JAWS - Just Another Windows (Enum) Script
- [**608**Star][11d] [TS] [mitre-attack/attack-navigator](https://github.com/mitre-attack/attack-navigator) Web app that provides basic navigation and annotation of ATT&CK matrices
- [**608**Star][7d] [Py] [vivisect/vivisect](https://github.com/vivisect/vivisect) Vivisect / Vdb / Vtrace
- [**608**Star][11d] [JS] [rutrackerorg/rutracker-proxy](https://github.com/rutrackerorg/rutracker-proxy) rutracker proxy based on electron
- [**608**Star][13d] [Py] [romanz/amodem](https://github.com/romanz/amodem) transmit a file between 2 computers, using a simple headset, allowing true air-gapped communication (via a speaker and a microphone), or an audio cable (for higher transmission speed)
- [**608**Star][11d] [C++] [microsoft/msix-packaging](https://github.com/microsoft/msix-packaging) MSIX SDK
- [**608**Star][11d] [JS] [hiproxy/hiproxy](https://github.com/hiproxy/hiproxy) 
- [**608**Star][15d] [Py] [hatriot/clusterd](https://github.com/hatriot/clusterd) application server attack toolkit
- [**608**Star][3y] [Py] [bhdresh/cve-2017-0199](https://github.com/bhdresh/cve-2017-0199) Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
- [**608**Star][4m] [Perl] [alisamtechnology/atscan](https://github.com/alisamtechnology/atscan) Advanced dork Search & Mass Exploit Scanner
- [**607**Star][8m] [Py] [tarunkant/gopherus](https://github.com/tarunkant/gopherus) This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
- [**607**Star][2y] [C] [scottybauer/android_kernel_cve_pocs](https://github.com/scottybauer/android_kernel_cve_pocs) A list of my CVE's with POCs
- [**605**Star][7m] [Py] [pwning/public-writeup](https://github.com/pwning/public-writeup) CTF write-ups by Plaid Parliament of Pwning
- [**605**Star][5y] [C] [notsecure/utox](https://github.com/notsecure/utox) Lightweight Tox client
- [**605**Star][17d] [C] [matthijskooijman/arduino-lmic](https://github.com/matthijskooijman/arduino-lmic) LoraWAN-in-C library, adapted to run under the Arduino environment
- [**605**Star][11d] [Ruby] [mattes/rotating-proxy](https://github.com/mattes/rotating-proxy) Rotating TOR proxy with Docker
- [**605**Star][4m] [C] [hfiref0x/winobjex64](https://github.com/hfiref0x/winobjex64) Windows Object Explorer 64-bit
- [**604**Star][3m] [C#] [woa-project/woa-deployer-rpi](https://github.com/woa-project/woa-deployer-rpi) WOA Deployer for Raspberry Pi
- [**604**Star][2m] [Py] [nekmo/amazon-dash](https://github.com/nekmo/amazon-dash) Hack your Amazon Dash to run what you want.
- [**604**Star][12d] [PHP] [acmesec/dorabox](https://github.com/Acmesec/DoraBox) DoraBox - 基础Web漏洞训练靶场
- [**604**Star][4m] [Py] [tf-encrypted/tf-encrypted](https://github.com/tf-encrypted/tf-encrypted) A Framework for Machine Learning on Encrypted Data
- [**604**Star][12d] [Py] [unode/firefox_decrypt](https://github.com/unode/firefox_decrypt) Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles
- [**604**Star][11m] [HTML] [nshalabi/attack-tools](https://github.com/nshalabi/attack-tools) Utilities for MITRE™ ATT&CK
- [**604**Star][13d] [Java] [hypertrack/hyperlog-android](https://github.com/hypertrack/hyperlog-android) Utility logger library for storing logs into database and push them to remote server for debugging
- [**604**Star][2y] [Py] [eldraco/salamandra](https://github.com/eldraco/salamandra) Salamandra is a tool to find spy microphones that use radio freq to transmit. It uses SDR.
- [**603**Star][4m] [Rust] [balena-io/wifi-connect](https://github.com/balena-io/wifi-connect) Easy WiFi setup for Linux devices from your mobile phone or laptop
- [**603**Star][12d] [Shell] [pires/kubernetes-vagrant-coreos-cluster](https://github.com/pires/kubernetes-vagrant-coreos-cluster) Kubernetes cluster (for testing purposes) made easy with Vagrant and CoreOS.
- [**603**Star][1y] [Py] [feeicn/esd](https://github.com/feeicn/esd) Enumeration sub domains
- [**603**Star][2y] [Py] [brannondorsey/passgan](https://github.com/brannondorsey/passgan) A Deep Learning Approach for Password Guessing (
- [**602**Star][5y] [Makefile] [zhengmin1989/thesevenweapons](https://github.com/zhengmin1989/thesevenweapons) 安卓动态调试七种武器
- [**602**Star][30d] [C++] [secrary/makin](https://github.com/secrary/makin) reveal anti-debugging and anti-VM tricks
- [**602**Star][7m] [HTML] [owasp/railsgoat](https://github.com/owasp/railsgoat) A vulnerable version of Rails that follows the OWASP Top 10
- [**602**Star][10d] [XSLT] [openscap/openscap](https://github.com/openscap/openscap) NIST Certified SCAP 1.2 toolkit
- [**602**Star][7y] [Py] [m0mchil/poclbm](https://github.com/m0mchil/poclbm) PyOpenCL bitcoin miner
- [**602**Star][4y] [certsocietegenerale/irm](https://github.com/certsocietegenerale/irm) Incident Response Methodologies
- [**602**Star][2y] [brunty/awesome-checker-services](https://github.com/brunty/awesome-checker-services) List of links to the various checkers out there on the web for sites, domains, security etc
- [**602**Star][21d] [C] [asamy/ksm](https://github.com/asamy/ksm) A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
- [**601**Star][11d] [JS] [feross/hostile](https://github.com/feross/hostile) Simple, programmatic `/etc/hosts` manipulation (in node.js)
- [**601**Star][12d] [Go] [sysdream/chashell](https://github.com/sysdream/chashell) Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
- [**601**Star][4m] [Go] [dimitarpetrov/stegify](https://github.com/dimitarpetrov/stegify) 
- [**601**Star][4m] [d30sa1/rootkits-list-download](https://github.com/d30sa1/rootkits-list-download) the list of all rootkits found so far on github and other sites.
- [**600**Star][7m] [Kotlin] [hmbsbige/shadowsocksr-android](https://github.com/hmbsbige/shadowsocksr-android) A ShadowsocksR client for Android, written in Kotlin.
- [**600**Star][11d] [Py] [alexa/alexa-skills-kit-sdk-for-python](https://github.com/alexa/alexa-skills-kit-sdk-for-python) The Alexa Skills Kit SDK for Python helps you get a skill up and running quickly, letting you focus on skill logic instead of boilerplate code.
- [**600**Star][4m] [Rust] [sfackler/rust-openssl](https://github.com/sfackler/rust-openssl) OpenSSL bindings for Rust
- [**600**Star][4m] [C++] [emeryberger/hoard](https://github.com/emeryberger/hoard) The Hoard Memory Allocator: A Fast, Scalable, and Memory-efficient Malloc for Linux, Windows, and Mac.
- [**600**Star][13d] [Py] [certsocietegenerale/fame](https://github.com/certsocietegenerale/fame) FAME Automates Malware Evaluation
- [**600**Star][10d] [JS] [azuread/azure-activedirectory-library-for-js](https://github.com/azuread/azure-activedirectory-library-for-js) use Azure AD for handling authentication in your single page applications
- [**599**Star][3m] [Py] [nsacyber/walkoff](https://github.com/nsacyber/WALKOFF) A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber
- [**599**Star][10d] [CSS] [xapax/security](https://github.com/xapax/security) note about stuff related to IT-security, and specifically penetration testing.
- [**599**Star][10d] [wenzel/awesome-virtualization](https://github.com/wenzel/awesome-virtualization) Collection of resources about Virtualization
- [**599**Star][12d] [Go] [timothyye/godns](https://github.com/timothyye/godns) A dynamic DNS client tool, supports AliDNS, Cloudflare, Google Domains, DNSPod, HE.net & DuckDNS, written in Go.
- [**599**Star][1y] [pandazheng/ioshackstudy](https://github.com/pandazheng/ioshackstudy) IOS安全学习资料汇总
- [**599**Star][5m] [Py] [codingo/vhostscan](https://github.com/codingo/vhostscan) A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
- [**598**Star][14d] [Py] [yellowbyte/reverse-engineering-reference-manual](https://github.com/yellowbyte/reverse-engineering-reference-manual) collage of reverse engineering topics that I find interesting
- [**598**Star][3y] [Go] [nim4/dbshield](https://github.com/nim4/dbshield) Database firewall written in Go
- [**598**Star][3y] [Visual Basic .NET] [mdsecactivebreach/cactustorch](https://github.com/mdsecactivebreach/cactustorch) Payload Generation for Adversary Simulations
- [**598**Star][10d] [Go] [jcmoraisjr/haproxy-ingress](https://github.com/jcmoraisjr/haproxy-ingress) HAProxy Ingress
- [**598**Star][3y] [hack-with-github/awesome-security-gists](https://github.com/hack-with-github/awesome-security-gists) A collection of various GitHub gists for hackers, pentesters and security researchers
- [**597**Star][14d] [C] [yangyangwithgnu/bypass_disablefunc_via_ld_preload](https://github.com/yangyangwithgnu/bypass_disablefunc_via_ld_preload) bypass disable_functions via LD_PRELOA (no need /usr/sbin/sendmail)
- [**597**Star][15d] [JS] [privacyradius/gdpr-checklist](https://github.com/privacyradius/gdpr-checklist) The GDPR Checklist
- [**597**Star][11d] [HTML] [gwillem/magento-malware-scanner](https://github.com/gwillem/magento-malware-scanner) Scanner, signatures and the largest collection of Magento malware
- [**597**Star][11d] [Coq] [gustavo-depaula/stalin-sort](https://github.com/gustavo-depaula/stalin-sort) Add a stalin sort algorithm in any language you like
- [**597**Star][10d] [C++] [bkerler/exploit_me](https://github.com/bkerler/exploit_me) Very vulnerable ARM/ARM64 application (CTF style exploitation tutorial)
- [**596**Star][12d] [Scala] [ruippeixotog/scala-scraper](https://github.com/ruippeixotog/scala-scraper) A Scala library for scraping content from HTML pages
- [**596**Star][9m] [C] [espressif/esp-iot-solution](https://github.com/espressif/esp-iot-solution) Espressif IoT Library. IoT Device Drivers, Documentations And Solutions.
- [**596**Star][11d] [Py] [openai/maddpg](https://github.com/openai/maddpg) Code for the MADDPG algorithm from the paper "Multi-Agent Actor-Critic for Mixed Cooperative-Competitive Environments"
- [**596**Star][13d] [C] [vanhauser-thc/thc-ipv6](https://github.com/vanhauser-thc/thc-ipv6) IPv6 attack toolkit
- [**596**Star][23d] [C] [ktap/ktap](https://github.com/ktap/ktap) a new scripting dynamic tracing tool for Linux
- [**596**Star][10d] [duyetdev/bruteforce-database](https://github.com/duyetdev/bruteforce-database) Bruteforce database
- [**595**Star][10m] [Py] [neo23x0/yargen](https://github.com/neo23x0/yargen) yarGen is a generator for YARA rules
- [**595**Star][6m] [Py] [m4ll0k/infoga](https://github.com/m4ll0k/infoga) Email OSINT
- [**595**Star][1y] [Py] [ekultek/zeus-scanner](https://github.com/ekultek/zeus-scanner) Advanced reconnaissance utility
- [**594**Star][16d] [Py] [spencerdodd/kernelpop](https://github.com/spencerdodd/kernelpop) kernel privilege escalation enumeration and exploitation framework
- [**594**Star][23d] [PHP] [pentestgeek/phishing-frenzy](https://github.com/pentestgeek/phishing-frenzy) Ruby on Rails Phishing Framework
- [**594**Star][1y] [Java] [olacabs/jackhammer](https://github.com/olacabs/jackhammer)  One Security vulnerability assessment/management tool to solve all the security team problems.
- [**594**Star][7d] [Shell] [l-n-s/wireguard-install](https://github.com/l-n-s/wireguard-install) WireGuard VPN server installer
- [**594**Star][24d] [Swift] [krisyu/swift14macosapps](https://github.com/krisyu/swift14macosapps) approaching macOS development using swift with 14 mini projects.
- [**594**Star][4m] [Py] [jonluca/anubis](https://github.com/jonluca/anubis) Subdomain enumeration and information gathering tool
- [**593**Star][4m] [HTML] [valvesoftware/steam-audio](https://github.com/valvesoftware/steam-audio) Steam Audio
- [**593**Star][13d] [80vul/phpcodz](https://github.com/80vul/phpcodz) Php Codz Hacking
- [**592**Star][2y] [C#] [tyranid/dotnettojscript](https://github.com/tyranid/dotnettojscript) A tool to create a JScript file which loads a .NET v2 assembly from memory.
- [**592**Star][3y] [rapid7/iotseeker](https://github.com/rapid7/iotseeker)  scan a network for specific types of IoT devices to detect if they are using the default, factory set credentials.
- [**592**Star][21d] [Py] [mlsecproject/combine](https://github.com/mlsecproject/combine) Tool to gather Threat Intelligence indicators from publicly available sources
- [**592**Star][9m] [Py] [its-a-feature/apfell](https://github.com/its-a-feature/apfell) A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI.
- [**592**Star][11d] [Py] [fate0/getproxy](https://github.com/fate0/getproxy) 抓取发放代理网站，获取 http/https 代理的程序
- [**592**Star][12d] [JS] [codeskyblue/gosuv](https://github.com/codeskyblue/gosuv) Deprecated!!! Process managerment writtern by golang, inspired by python-supervisor
- [**592**Star][10d] [C#] [0xd4d/iced](https://github.com/0xd4d/iced) x86/x64 disassembler, assembler, decoder, encoder
- [**591**Star][10d] [Shell] [balenalabs/balena-sound](https://github.com/balenalabs/balena-sound) Build a single or multi-room streamer for an existing audio device using a Raspberry Pi! Supports Bluetooth, Airplay and Spotify Connect
- [**591**Star][11d] [TS] [shroudedcode/apk-mitm](https://github.com/shroudedcode/apk-mitm) 一个为HTTPS检查自动准备Android APK文件的CLI应用程序
- [**591**Star][2m] [Py] [dabeaz/bitey](https://github.com/dabeaz/bitey) Import LLVM bitcode directly into Python and use it as an extension module.
- [**590**Star][1y] [Py] [ddevault/pass-rotate](https://github.com/ddevault/pass-rotate) A tool and library for rotating your password on online services
- [**590**Star][10d] [C] [solo5/solo5](https://github.com/solo5/solo5) A sandboxed execution environment for unikernels
- [**590**Star][12d] [PHP] [object-calisthenics/phpcs-calisthenics-rules](https://github.com/object-calisthenics/phpcs-calisthenics-rules) Object Calisthenics rules for PHP_CodeSniffer
- [**590**Star][12d] [C] [jgarzik/cpuminer](https://github.com/jgarzik/cpuminer) CPU miner for bitcoin
- [**590**Star][3y] [Java] [findbugsproject/findbugs](https://github.com/findbugsproject/findbugs)  a program which uses static analysis to look for bugs in Java code
- [**589**Star][10d] [Py] [hunters-forge/mordor](https://github.com/hunters-forge/mordor) Re-play Adversarial Techniques
- [**589**Star][20d] [C] [jhallen/joes-sandbox](https://github.com/jhallen/joes-sandbox) joes 沙箱
- [**589**Star][14d] [C] [gaffe23/linux-inject](https://github.com/gaffe23/linux-inject) Tool for injecting a shared object into a Linux process
- [**589**Star][3y] [C] [cr4sh/thinkpwn](https://github.com/cr4sh/thinkpwn) Lenovo ThinkPad System Management Mode arbitrary code execution 0day exploit
- [**589**Star][11d] [C] [anestisb/vdexextractor](https://github.com/anestisb/vdexextractor) Tool to decompile & extract Android Dex bytecode from Vdex files
- [**588**Star][1y] [Py] [woj-ciech/danger-zone](https://github.com/woj-ciech/danger-zone) Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files.
- [**588**Star][1m] [Ruby] [sliim/pentest-env](https://github.com/sliim/pentest-env) Pentest environment deployer (kali linux + targets) using vagrant and chef.
- [**588**Star][10d] [C] [gerard/ext4fuse](https://github.com/gerard/ext4fuse) EXT4 implementation for FUSE
- [**588**Star][12d] [C] [file/file](https://github.com/file/file) Read-only mirror of file CVS repository, updated every half hour. NOTE: do not make pull requests here, nor comment any commits, submit them usual way to bug tracker or to the mailing list. Maintainer(s) are not tracking this git mirror.
- [**587**Star][10d] [C++] [usbguard/usbguard](https://github.com/USBGuard/usbguard) USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
- [**587**Star][4m] [Perl] [spiderlabs/modsecurity-nginx](https://github.com/spiderlabs/modsecurity-nginx) ModSecurity v3 Nginx Connector
- [**587**Star][11d] [C] [pulp-platform/pulpino](https://github.com/pulp-platform/pulpino) An open-source microcontroller system based on RISC-V
- [**587**Star][3m] [maddiestone/androidappre](https://github.com/maddiestone/androidappre) Android App Reverse Engineering Workshop
- [**587**Star][3m] [ObjC] [hdb-li/lldebugtool](https://github.com/hdb-li/lldebugtool) LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
- [**587**Star][2y] [JS] [cryptogenic/ps4-5.05-kernel-exploit](https://github.com/cryptogenic/ps4-5.05-kernel-exploit) A fully implemented kernel exploit for the PS4 on 5.05FW
- [**587**Star][10d] [Py] [angr/angr-doc](https://github.com/angr/angr-doc) Documentation for the angr suite
- [**586**Star][11d] [Shell] [vincentcox/bypass-firewalls-by-dns-history](https://github.com/vincentcox/bypass-firewalls-by-dns-history) Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
- [**586**Star][3y] [Ruby] [tobmatth/rack-ssl-enforcer](https://github.com/tobmatth/rack-ssl-enforcer) A simple Rack middleware to enforce ssl connections
- [**586**Star][5y] [C#] [elevenpaths/evilfoca](https://github.com/elevenpaths/evilfoca) Tool to analyze and test security in IPv4 and IPv6 data networks
- [**585**Star][8d] [loyalsoldier/v2ray-rules-dat](https://github.com/loyalsoldier/v2ray-rules-dat) V2Ray 规则文件加强版，可代替官方规则文件。Enhanced edition of V2Ray rules dat files.
- [**585**Star][10d] [Makefile] [tinyclub/linux-lab](https://github.com/tinyclub/linux-lab) Docker/Qemu Based Linux Kernel Learning, Development and Testing Environment
- [**585**Star][17d] [C++] [zneak/fcd](https://github.com/zneak/fcd) An optimizing decompiler
- [**585**Star][11m] [Py] [owasp/qrljacking](https://github.com/owasp/qrljacking) QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.
- [**585**Star][4m] [Py] [metachar/phonesploit](https://github.com/metachar/phonesploit) Using open Adb ports we can exploit a Andriod Device
- [**585**Star][15d] [Go] [manifoldco/torus-cli](https://github.com/manifoldco/torus-cli) A secure, shared workspace for secrets
- [**584**Star][4m] [Go] [pritunl/pritunl-client-electron](https://github.com/pritunl/pritunl-client-electron) Pritunl OpenVPN client
- [**584**Star][10d] [Py] [bt3gl/book_on_python_algorithms_and_data_structure](https://github.com/bt3gl/Book_on_Python_Algorithms_and_Data_Structure) 
- [**584**Star][11d] [miyogurt/network-security-mind-map](https://github.com/MiYogurt/network-security-mind-map) 网络安全基础知识思维导图
- [**584**Star][12d] [C] [eliasoenal/multimon-ng](https://github.com/EliasOenal/multimon-ng) the successor of multimon. It decodes the following digital transmission modes
- [**584**Star][10d] [Py] [warner/python-ecdsa](https://github.com/warner/python-ecdsa) pure-python ECDSA signature/verification
- [**584**Star][13d] [Go] [cossacklabs/acra](https://github.com/cossacklabs/acra) Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
- [**582**Star][4m] [Jupyter Notebook] [tiramisu-compiler/tiramisu](https://github.com/tiramisu-compiler/tiramisu) A polyhedral compiler for expressing fast and portable data parallel algorithms
- [**582**Star][10d] [keke-li/data-structures-questions](https://github.com/keke-li/data-structures-questions) golang sorting algorithm and data construction.
- [**582**Star][4y] [Pascal] [t-d-k/librecrypt](https://github.com/t-d-k/librecrypt) Transparent on-the-fly disk encryption for Windows. LUKS compatible.
- [**582**Star][2y] [Py] [nnamon/linux-exploitation-course](https://github.com/nnamon/linux-exploitation-course) A Course on Intermediate Level Linux Exploitation
- [**582**Star][10d] [JS] [lyxhh/lxhtoolhttpdecrypt](https://github.com/lyxhh/lxhtoolhttpdecrypt) Simple Android/iOS protocol analysis and utilization tool
- [**582**Star][15d] [CSS] [hashview/hashview](https://github.com/hashview/hashview) A web front-end for password cracking and analytics
- [**582**Star][11d] [Py] [ant4g0nist/lisa.py](https://github.com/ant4g0nist/lisa.py) -An Exploit Dev Swiss Army Knife.
- [**581**Star][5m] [C] [yulingtianxia/blockhook](https://github.com/yulingtianxia/blockhook) Hook Objective-C blocks. A powerful AOP tool.
- [**581**Star][10d] [JS] [seccubus/seccubus](https://github.com/seccubus/seccubus) Easy automated vulnerability scanning, reporting and analysis
- [**581**Star][10d] [Py] [tp4a/teleport](https://github.com/tp4a/teleport) Teleport是一款简单易用的堡垒机系统。
- [**581**Star][10d] [C] [zmartzone/mod_auth_openidc](https://github.com/zmartzone/mod_auth_openidc) OpenID Connect Relying Party implementation for Apache HTTP Server 2.x
- [**581**Star][11d] [rapid7/ssh-badkeys](https://github.com/rapid7/ssh-badkeys) A collection of static SSH keys (public and private) that have made their way into software and hardware products.
- [**581**Star][4m] [r35tart/penetration_testing_case](https://github.com/r35tart/penetration_testing_case) 用于记录分享一些有趣的案例
- [**581**Star][14d] [guardrailsio/awesome-php-security](https://github.com/guardrailsio/awesome-php-security) Awesome PHP Security Resources
- [**581**Star][2y] [Py] [fanpei91/simdht](https://github.com/fuck-you-gfw/simdht) A very simple DHT crawler, written in Python.
- [**581**Star][11d] [Py] [alexandreborges/malwoverview](https://github.com/alexandreborges/malwoverview) Malwoverview is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
- [**579**Star][12d] [Py] [hackndo/lsassy](https://github.com/hackndo/lsassy) Extract credentials from lsass remotely
- [**579**Star][1m] [mtivadar/windows10_ntfs_crash_dos](https://github.com/mtivadar/windows10_ntfs_crash_dos) PoC for a NTFS crash that I discovered, in various Windows versions
- [**579**Star][11d] [mitre/cti](https://github.com/mitre/cti) Cyber Threat Intelligence Repository expressed in STIX 2.0
- [**579**Star][10d] [C++] [manisandro/gimagereader](https://github.com/manisandro/gimagereader) A Gtk/Qt front-end to tesseract-ocr.
- [**579**Star][12d] [Py] [dmoj/judge-server](https://github.com/DMOJ/judge-server) Judging backend server for the DMOJ online judge.
- [**578**Star][14d] [huanz/surge-hosts](https://github.com/huanz/surge-hosts) hosts for surge,翻墙,强力去APP广告,google,facebook,twitter,youtube,etc
- [**578**Star][16d] [Java] [mr5m1th/poc-collect](https://github.com/Mr5m1th/POC-Collect) 各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
- [**578**Star][30d] [HTML] [salesforce/vulnreport](https://github.com/salesforce/vulnreport) pentesting management and automation platform by Salesforce Product Security
- [**578**Star][12d] [JS] [raineorshine/solgraph](https://github.com/raineorshine/solgraph) Visualize Solidity control flow for smart contract security analysis.
- [**578**Star][10d] [C] [nmap/ncrack](https://github.com/nmap/ncrack) Ncrack network authentication tool
- [**578**Star][4m] [YARA] [justicerage/manalyze](https://github.com/justicerage/manalyze) A static analyzer for PE executables.
- [**578**Star][19d] [C] [benblazak/ergodox-firmware](https://github.com/benblazak/ergodox-firmware) firmware for the ergoDOX keyboard
- [**577**Star][4m] [ObjC] [cranimation/crboxinputview](https://github.com/cranimation/crboxinputview) Verify code input view. Support security type for password
- [**577**Star][1y] [C#] [scottlerch/hostsfileeditor](https://github.com/scottlerch/hostsfileeditor) Easily edit and manage the hosts file for Windows
- [**577**Star][19d] [TS] [samdenty/injectify](https://github.com/samdenty/injectify) Perform advanced MiTM attacks on websites with ease
- [**577**Star][5m] [JS] [shadowsocks-plus/shadowsocks-plus](https://github.com/shadowsocks-plus/shadowsocks-plus) shadowsocks+
- [**577**Star][1y] [ObjC] [rpetrich/captainhook](https://github.com/rpetrich/captainhook) Common hooking/monkey patching headers for Objective-C on Mac OS X and iPhone OS. MIT licensed
- [**577**Star][1y] [Py] [genetic-malware/ebowla](https://github.com/genetic-malware/ebowla) Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
- [**577**Star][10d] [CSS] [fmstrat/diy-ipmi](https://github.com/fmstrat/diy-ipmi) A DIY IPMI / IP KVM system utilizing the Raspberry Pi
- [**577**Star][4m] [C#] [dabutvin/imgbot](https://github.com/dabutvin/imgbot) An Azure Function solution to crawl through all of your image files in GitHub and losslessly compress them. This will make the file size go down, but leave the dimensions and quality untouched. Once it's done, ImgBot will open a pull request for you to review and merge. help@imgbot.net
- [**576**Star][4m] [Py] [yosaiproject/yosai](https://github.com/yosaiproject/yosai) A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail
- [**576**Star][16d] [Py] [wh0ale/src-experience](https://github.com/wh0ale/src-experience) 工欲善其事，必先利其器
- [**576**Star][4m] [C++] [lowpowerlab/rfm69](https://github.com/lowpowerlab/rfm69) RFM69 library for RFM69W, RFM69HW, RFM69CW, RFM69HCW (semtech SX1231, SX1231H)
- [**576**Star][3m] [Py] [beurtschipper/crackcoin](https://github.com/beurtschipper/crackcoin) Very basic blockchain-free cryptocurrency PoC in Python
- [**575**Star][4y] [ObjC] [makezl/zlgotosandboxplugin](https://github.com/makezl/zlgotosandboxplugin) You can quickly enter the iOS simulator Xcode plugin!
- [**575**Star][7m] [PS] [nettitude/poshc2_old](https://github.com/nettitude/poshc2_old) Powershell C2 Server and Implants
- [**575**Star][13d] [JS] [speed/newcrawler](https://github.com/speed/newcrawler) Free Web Scraping Tool with Java
- [**575**Star][8d] [Py] [sananth12/imagescraper](https://github.com/sananth12/imagescraper) A high performance, easy to use, multithreaded command line tool which downloads images from the given webpage.
- [**575**Star][7d] [C++] [winscp/winscp](https://github.com/winscp/winscp) WinSCP is a popular free SFTP and FTP client for Windows, a powerful file manager that will improve your productivity. It supports also Amazon S3, FTPS, SCP and WebDAV protocols. Power users can automate WinSCP using .NET assembly.
- [**575**Star][15d] [Py] [cliffordwolf/icestorm](https://github.com/cliffordwolf/icestorm) Project IceStorm - Lattice iCE40 FPGAs Bitstream Documentaion (Reverse Engineered)
- [**575**Star][10d] [Java] [aslody/andhook](https://github.com/asLody/AndHook) Android dynamic instrumentation framework
- [**575**Star][10d] [Py] [hunters-forge/ossem](https://github.com/hunters-forge/OSSEM) Open Source Security Events Metadata (OSSEM)
- [**575**Star][10d] [Py] [archiveteam/grab-site](https://github.com/ArchiveTeam/grab-site) The archivist's web crawler: WARC output, dashboard for all crawls, dynamic ignore patterns
- [**574**Star][1y] [Py] [s0md3v/blazy](https://github.com/s0md3v/Blazy) Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
- [**574**Star][11d] [Py] [te-k/harpoon](https://github.com/te-k/harpoon) CLI tool for open source and threat intelligence
- [**574**Star][12d] [C] [t00sh/rop-tool](https://github.com/t00sh/rop-tool) A tool to help you write binary exploits
- [**574**Star][11d] [YARA] [ghidraninja/ghidra_scripts](https://github.com/ghidraninja/ghidra_scripts) Scripts for the Ghidra software reverse engineering suite.
    - [binwalk](https://github.com/ghidraninja/ghidra_scripts/blob/master/binwalk.py) Runs binwalk on the current program and bookmarks the findings
    - [yara](https://github.com/ghidraninja/ghidra_scripts/blob/master/yara.py) Automatically find crypto constants in the loaded program - allows to very quickly identify crypto code.
    - [swift_demangler](https://github.com/ghidraninja/ghidra_scripts/blob/master/swift_demangler.py) Automatically demangle swift function names
    - [golang_renamer](https://github.com/ghidraninja/ghidra_scripts/blob/master/golang_renamer.py) Restores function names from a stripped Go binary
- [**573**Star][4m] [C] [microsoftdocs/wsl](https://github.com/microsoftdocs/wsl) Source code behind the Windows Subsystem for Linux documentation.
- [**573**Star][10d] [Go] [kubernetes/frakti](https://github.com/kubernetes/frakti) The hypervisor-based container runtime for Kubernetes.
- [**573**Star][8y] [C] [katmagic/shallot](https://github.com/katmagic/shallot)  create customized .onion addresses for your hidden service
- [**573**Star][11d] [Jupyter Notebook] [jackonyang/captcha-tensorflow](https://github.com/jackonyang/captcha-tensorflow) Image Captcha Solving Using TensorFlow and CNN Model. Accuracy 90%+
- [**573**Star][6m] [Java] [guardianproject/netcipher](https://github.com/guardianproject/netcipher)  a library for Android that provides multiple means to improve network security in mobile applications
- [**572**Star][3m] [Py] [sc0tfree/updog](https://github.com/sc0tfree/updog) Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
- [**572**Star][11d] [Py] [typeerror/domained](https://github.com/TypeError/domained) Multi Tool Subdomain Enumeration
- [**572**Star][3m] [rhinosecuritylabs/aws-iam-privilege-escalation](https://github.com/rhinosecuritylabs/aws-iam-privilege-escalation) A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
- [**572**Star][4y] [C++] [microsoft/iediagnosticsadapter](https://github.com/microsoft/iediagnosticsadapter) IE Diagnostics Adapter is a standalone exe that enables tools to debug and diagnose IE11 using the Chrome remote debug protocol.
- [**572**Star][11m] [jiansiting/decryption-tools](https://github.com/jiansiting/decryption-tools) Decryption-Tools
- [**572**Star][3y] [Py] [edwardz246003/iis_exploit](https://github.com/edwardz246003/iis_exploit) Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
- [**572**Star][14d] [JS] [blinksocks/blinksocks](https://github.com/blinksocks/blinksocks) A framework for building composable proxy protocol stack.
- [**572**Star][4m] [HTML] [bitdust/wamacry](https://github.com/bitdust/wamacry) a fake WannaCry
- [**572**Star][14d] [Py] [autotest/autotest](https://github.com/autotest/autotest) Fully automated tests on Linux
- [**571**Star][7d] [Java] [pagalaxylab/virtualhook](https://github.com/PAGalaxyLab/VirtualHook) Android application hooking tool based on VirtualApp
- [**571**Star][12d] [C++] [fsecurelabs/c3](https://github.com/FSecureLABS/C3) A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
- [**571**Star][6y] [JS] [zertosh/jquery-audit](https://github.com/zertosh/jquery-audit) jQuery Audit
- [**571**Star][14d] [C] [rssnsj/openwrt-hc5x61](https://github.com/rssnsj/openwrt-hc5x61) OpenWrt Patch for HiWiFi HC5661 / HC5761 / HC5861
- [**571**Star][10d] [rguo12/awesome-causality-algorithms](https://github.com/rguo12/awesome-causality-algorithms) An index of algorithms for learning causality with data
- [**570**Star][4m] [C#] [valvesoftware/steamvr_unity_plugin](https://github.com/valvesoftware/steamvr_unity_plugin) SteamVR Unity Plugin - Documentation at:
- [**570**Star][19d] [Makefile] [veficos/reverse-engineering-for-beginners](https://github.com/veficos/reverse-engineering-for-beginners) translate project of Drops
- [**570**Star][7m] [HTML] [netspi/sqlinjectionwiki](https://github.com/netspi/sqlinjectionwiki) A wiki focusing on aggregating and documenting various SQL injection methods
- [**570**Star][28d] [Py] [musalbas/heartbleed-masstest](https://github.com/musalbas/heartbleed-masstest) Multi-threaded tool for scanning many hosts for CVE-2014-0160.
- [**570**Star][15d] [mhaggis/sysmon-dfir](https://github.com/mhaggis/sysmon-dfir) Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
- [**570**Star][1y] [Rust] [koute/pinky](https://github.com/koute/pinky) An NES emulator written in Rust
- [**570**Star][8m] [Shell] [denizparlak/zeus](https://github.com/denizparlak/zeus) AWS Auditing & Hardening Tool
- [**570**Star][11d] [Py] [construct/construct](https://github.com/construct/construct) Declarative data structures for python that allow symmetric parsing and building
- [**569**Star][10d] [xairy/vmware-exploitation](https://github.com/xairy/vmware-exploitation) A collection of links related to VMware escape exploits
- [**569**Star][1y] [Py] [wyatu/perun](https://github.com/wyatu/perun) 主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
- [**569**Star][14d] [Go] [mohanson/daze](https://github.com/mohanson/daze) Daze is a tool to help you link to the Internet.
- [**569**Star][16d] [Shell] [lxdvs/apk2gold](https://github.com/lxdvs/apk2gold) CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
- [**569**Star][9y] [Ruby] [applidium/cracking-siri](https://github.com/applidium/cracking-siri) Files we used to reverse-engineer Siri
- [**568**Star][3m] [C#] [microsoft/miengine](https://github.com/microsoft/miengine) The Visual Studio MI Debug Engine ("MIEngine") provides an open-source Visual Studio Debugger extension that works with MI-enabled debuggers such as gdb, lldb, and clrdbg.
- [**568**Star][12d] [Py] [jordan-wright/dumpmon](https://github.com/jordan-wright/dumpmon) monitors paste sites for interesting content
- [**568**Star][11d] [Py] [hugsy/cemu](https://github.com/hugsy/cemu) Cheap EMUlator: lightweight multi-architecture assembly playground
- [**567**Star][21d] [Shell] [protonvpn/protonvpn-cli](https://github.com/protonvpn/protonvpn-cli) ProtonVPN Command-Line Tool for Linux and macOS.
- [**567**Star][10d] [husnainfareed/awesome-ethical-hacking-resources](https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources) Awesome Resources For Learning Hacking & Pentesting
- [**567**Star][14d] [Py] [storyyeller/enjarify](https://github.com/storyyeller/enjarify) 将Dalvik字节码转为对应的Java字节码（google Fork版）
- [**567**Star][16d] [secmobi/wiki.secmobi.com](https://github.com/secmobi/wiki.secmobi.com) a collection of mobile security resources.
- [**567**Star][2y] [C] [scwuaptx/hitcon-training](https://github.com/scwuaptx/hitcon-training) For Linux binary Exploitation
- [**567**Star][4m] [Ruby] [railslove/rack-tracker](https://github.com/railslove/rack-tracker) Tracking made easy: Don’t fool around with adding tracking and analytics partials to your app and concentrate on the things that matter.
- [**567**Star][11d] [Py] [quentinhardy/msdat](https://github.com/quentinhardy/msdat) Microsoft SQL Database Attacking Tool
- [**567**Star][11m] [C#] [fremag/memoscope.net](https://github.com/fremag/memoscope.net) Dump and analyze .Net applications memory ( a gui for WinDbg and ClrMd )
- [**566**Star][10d] [Go] [panther-labs/panther](https://github.com/panther-labs/panther) Detect threats with log data and improve cloud security posture
- [**566**Star][4m] [PS] [sans-blue-team/deepbluecli](https://github.com/sans-blue-team/deepbluecli) a PowerShell Module for Threat Hunting via Windows Event Logs
- [**566**Star][1m] [Ruby] [mojombo/proxymachine](https://github.com/mojombo/proxymachine) A simple TCP routing proxy built on EventMachine that lets you configure the routing logic in Ruby.
- [**566**Star][18d] [Java] [java-decompiler/jd-eclipse](https://github.com/java-decompiler/jd-eclipse) A Java Decompiler Eclipse plugin
- [**566**Star][17d] [JS] [fwon/electron-anyproxy](https://github.com/fwon/electron-anyproxy) 
- [**565**Star][16d] [Py] [yassineaboukir/sublert](https://github.com/yassineaboukir/sublert) Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
- [**565**Star][15d] [Py] [yanxiu0614/subdomain3](https://github.com/yanxiu0614/subdomain3) A new generation of tool for discovering subdomains( ip , cdn and so on)
- [**565**Star][7m] [Shell] [offensive-security/kali-linux-docker](https://github.com/offensive-security/kali-linux-docker) PLEASE USE GITLAB
- [**565**Star][2m] [C] [externalist/exploit_playground](https://github.com/externalist/exploit_playground) Analysis of public exploits or my 1day exploits
- [**565**Star][6m] [Py] [decalage2/vipermonkey](https://github.com/decalage2/vipermonkey) A VBA parser and emulation engine to analyze malicious macros.
- [**565**Star][12d] [C] [cloudflare/cloudflare-blog](https://github.com/cloudflare/cloudflare-blog) Cloudflare Blog code samples
- [**564**Star][11d] [TS] [novage/p2p-media-loader](https://github.com/novage/p2p-media-loader) An open-source engine for P2P streaming of live and on demand video directly in a web browser HTML page
- [**564**Star][2m] [Py] [s0md3v/corsy](https://github.com/s0md3v/corsy) CORS Misconfiguration Scanner
- [**564**Star][11d] [C] [decaf-project/decaf](https://github.com/decaf-project/DECAF) a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
- [**564**Star][4m] [Py] [threezh1/jsfinder](https://github.com/threezh1/jsfinder) quickly extracting URLs and subdomains from JS files on a website.
- [**564**Star][10d] [Py] [rail-berkeley/softlearning](https://github.com/rail-berkeley/softlearning) Softlearning is a reinforcement learning framework for training maximum entropy policies in continuous domains. Includes the official implementation of the Soft Actor-Critic algorithm.
- [**564**Star][1y] [ASP] [landgrey/webshell-detect-bypass](https://github.com/landgrey/webshell-detect-bypass) 绕过专业工具检测的Webshell研究文章和免杀的Webshell
- [**564**Star][1y] [Py] [fs0c131y/esfileexploreropenportvuln](https://github.com/fs0c131y/esfileexploreropenportvuln) ES File Explorer Open Port Vulnerability - CVE-2019-6447
- [**563**Star][13d] [C] [jserv/amacc](https://github.com/jserv/amacc) Small C Compiler generating ELF executable Arm architecture, supporting JIT execution
- [**563**Star][14d] [JS] [0vercl0k/cve-2019-11708](https://github.com/0vercl0k/cve-2019-11708) Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
- [**563**Star][3m] [C++] [cyberman54/esp32-paxcounter](https://github.com/cyberman54/esp32-paxcounter) Wifi & BLE driven passenger flow metering with cheap ESP32 boards
- [**563**Star][1m] [Shell] [corbindavenport/nexus-tools](https://github.com/corbindavenport/nexus-tools) Bash script for quickly installing ADB and Fastboot on macOS and Linux.
- [**563**Star][10d] [JS] [codemanki/cloudscraper](https://github.com/codemanki/cloudscraper) --DEPRECATED --
- [**562**Star][10d] [TS] [javieraviles/node-typescript-koa-rest](https://github.com/javieraviles/node-typescript-koa-rest) REST API boilerplate using NodeJS and KOA2, typescript. Logging and JWT as middlewares. TypeORM with class-validator, SQL CRUD. Docker included. Swagger docs, actions CI and valuable README
- [**562**Star][24d] [JS] [asmcrypto/asmcrypto.js](https://github.com/asmcrypto/asmcrypto.js) JavaScript Cryptographic Library with performance in mind.
- [**562**Star][30d] [Py] [wapiflapi/binglide](https://github.com/wapiflapi/binglide) Visual reverse engineering tool showing some of the current techniques.
- [**562**Star][11d] [JS] [sindresorhus/public-ip](https://github.com/sindresorhus/public-ip) Get your public IP address - very fast!
- [**562**Star][12d] [Go] [msoap/shell2http](https://github.com/msoap/shell2http) Executing shell commands via HTTP server
- [**562**Star][4m] [Py] [liuxingming/qqspider](https://github.com/liuxingming/qqspider) QQ空间爬虫（日志、说说、个人信息）
- [**562**Star][16d] [Py] [jesparza/peepdf](https://github.com/jesparza/peepdf) Powerful Python tool to analyze PDF documents
- [**562**Star][11d] [JS] [evanoxfeld/node-unzip](https://github.com/evanoxfeld/node-unzip) node.js cross-platform unzip using streams
- [**561**Star][11d] [TSQL] [404notf0und/security-data-analysis-and-visualization](https://github.com/404notf0und/security-data-analysis-and-visualization) 2018-2020青年安全圈-活跃技术博主/博客
- [**561**Star][10d] [PHP] [anonaddy/anonaddy](https://github.com/anonaddy/anonaddy) Anonymous email forwarding
- [**561**Star][10d] [Py] [ustayready/fireprox](https://github.com/ustayready/fireprox) AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
- [**561**Star][7y] [Py] [sensepost/snoopy](https://github.com/sensepost/snoopy) A distributed tracking and data interception framework
- [**561**Star][8m] [C++] [screetsec/brutal](https://github.com/screetsec/brutal) Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
- [**561**Star][11d] [C] [nowsecure/fsmon](https://github.com/nowsecure/fsmon) monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux
- [**561**Star][4m] [C] [mange/rtl8192eu-linux-driver](https://github.com/mange/rtl8192eu-linux-driver) Drivers for the rtl8192eu chipset for wireless adapters (D-Link DWA-131 rev E1 included!)
- [**561**Star][4m] [Java] [littlerich/virtuallocation](https://github.com/littlerich/virtuallocation) 利用Hook技术对APP进行虚拟定位，可修改微信、QQ、以及一些打卡APP等软件，随意切换手机所处位置！
- [**561**Star][11d] [JS] [icflorescu/iisexpress-proxy](https://github.com/icflorescu/iisexpress-proxy) A simple local proxy for accessing IIS Express from remote machines.
- [**561**Star][10d] [a13xp0p0v/linux-kernel-defence-map](https://github.com/a13xp0p0v/linux-kernel-defence-map) Linux Kernel Defence Map
- [**560**Star][18d] [PHP] [beyondcode/laravel-view-xray](https://github.com/beyondcode/laravel-view-xray) Take a look into your Laravel views
- [**560**Star][10d] [Py] [chion82/hello-old-driver](https://github.com/chion82/hello-old-driver) お兄ちゃん大好き(琉璃神社爬虫脚本)
- [**560**Star][5y] [C] [kabot/unix-privilege-escalation-exploits-pack](https://github.com/kabot/unix-privilege-escalation-exploits-pack) Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
- [**559**Star][3m] [Py] [inconvergent/differential-line](https://github.com/inconvergent/differential-line) a generative algorithm
- [**559**Star][12d] [Go] [willf/bitset](https://github.com/willf/bitset) Go package implementing bitsets
- [**559**Star][28d] [Py] [shellphish/fuzzer](https://github.com/shellphish/fuzzer) A Python interface to AFL, allowing for easy injection of testcases and other functionality.
- [**559**Star][15d] [C] [mirrorer/afl](https://github.com/mirrorer/afl) american fuzzy lop (copy of the source code for easy access)
- [**559**Star][10d] [Py] [dstmath/frida-unpack](https://github.com/dstmath/frida-unpack) unpack script based on frida
- [**559**Star][13d] [dropsofzut/awesome-security-weixin-official-accounts](https://github.com/dropsofzut/awesome-security-weixin-official-accounts) awesome-security-weixin-official-accounts
- [**559**Star][10d] [Py] [0xdea/tactical-exploitation](https://github.com/0xdea/tactical-exploitation) Modern tactical exploitation toolkit.
- [**558**Star][15d] [Py] [errbufferoverfl/usb-canary](https://github.com/errbufferoverfl/usb-canary) A Linux or OSX tool that uses psutil to monitor devices while your computer is locked. In the case it detects someone plugging in or unplugging devices it can be configured to send you an SMS or alert you via Slack or Pushover.
- [**558**Star][10d] [JS] [prismarinejs/node-minecraft-protocol](https://github.com/prismarinejs/node-minecraft-protocol) Parse and serialize minecraft packets, plus authentication and encryption.
- [**558**Star][10d] [Shell] [energizedprotection/block](https://github.com/energizedprotection/block) Let's make an annoyance free, better open internet, altogether!
- [**558**Star][3y] [advanced-threat-research/firmware-security-training](https://github.com/advanced-threat-research/firmware-security-training) materials for a hands-on training Security of BIOS/UEFI System Firmware from Attacker and Defender Perspectives
- [**557**Star][4m] [smodnix/31-days-of-api-security-tips](https://github.com/smodnix/31-days-of-api-security-tips) This challenge is Inon Shkedy's 31 days API Security Tips.
- [**557**Star][4m] [Py] [pixaranimationstudios/opentimelineio](https://github.com/pixaranimationstudios/opentimelineio) Open Source API and interchange format for editorial timeline information.
- [**557**Star][3y] [Java] [linchaolong/apktoolplus](https://github.com/linchaolong/apktoolplus) apk analysis tool
- [**556**Star][15d] [Shell] [superkojiman/onetwopunch](https://github.com/superkojiman/onetwopunch) Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans.
- [**556**Star][12d] [Py] [scottbez1/splitflap](https://github.com/scottbez1/splitflap) DIY split-flap display
- [**556**Star][11m] [HCL] [coalfire-research/red-baron](https://github.com/coalfire-research/red-baron) Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
- [**556**Star][10d] [Groovy] [bryansharp/hibeaver](https://github.com/bryansharp/hibeaver) a gradle plugin for java byte code manipulation and AOP design by modifying project byte code during build of the package, or modifying byte code within Jar independently.
- [**555**Star][25d] [Py] [krmaxwell/maltrieve](https://github.com/krmaxwell/maltrieve) A tool to retrieve malware directly from the source for security researchers.
- [**555**Star][11d] [C] [libnet/libnet](https://github.com/libnet/libnet) an API to help with the construction and injection of network packets.
- [**555**Star][10d] [JS] [h2non/jshashes](https://github.com/h2non/jshashes) Fast and dependency-free cryptographic hashing library for node.js and browsers (supports MD5, SHA1, SHA256, SHA512, RIPEMD, HMAC)
- [**555**Star][2y] [C#] [ghostpack/safetykatz](https://github.com/ghostpack/safetykatz)  combination of slightly modified version of Mimikatz project and .NET PE Loader.
- [**555**Star][6m] [Go] [biggiesmallsag/nighthawkresponse](https://github.com/biggiesmallsag/nighthawkresponse) Incident Response Forensic Framework
- [**554**Star][16d] [Java] [iammehedi/secured-preference-store](https://github.com/iammehedi/secured-preference-store) A cryptography library and a SharedPreferences wrapper for Android that encrypts the content with 256 bit AES encryption. The Encryption key is securely stored in device's KeyStore.
- [**554**Star][11d] [JS] [crizstian/data-structure-and-algorithms-with-es6](https://github.com/crizstian/data-structure-and-algorithms-with-es6) Data Structures and Algorithms using ES6
- [**554**Star][2y] [Go] [p3gleg/whaler](https://github.com/P3GLEG/Whaler) Program to reverse Docker images into Dockerfiles
- [**554**Star][9d] [Py] [sjvasquez/web-traffic-forecasting](https://github.com/sjvasquez/web-traffic-forecasting) My solution for the Web Traffic Forecasting competition hosted on Kaggle.
- [**554**Star][4m] [PHP] [robthree/twofactorauth](https://github.com/robthree/twofactorauth) PHP library for Two Factor Authentication (TFA / 2FA)
- [**554**Star][6m] [nordicsemiconductor/android-nrf-connect](https://github.com/nordicsemiconductor/android-nrf-connect) Documentation and issue tracker for nRF Connect for Android.
- [**554**Star][4y] [C] [ausjock/privilege-escalation](https://github.com/ausjock/privilege-escalation) This contains common local exploits and enumeration scripts
- [**553**Star][11d] [Py] [benedekrozemberczki/awesome-fraud-detection-papers](https://github.com/benedekrozemberczki/awesome-fraud-detection-papers) A curated list of data mining papers about fraud detection.
- [**553**Star][8d] [Ruby] [zed-0xff/zsteg](https://github.com/zed-0xff/zsteg) detect stegano-hidden data in PNG & BMP
- [**553**Star][7m] [Java] [wagiro/burpbounty](https://github.com/wagiro/burpbounty) is a extension of Burp Suite to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
- [**553**Star][1y] [Py] [fbessez/tinder](https://github.com/fbessez/tinder) Official November 2019 Documentation for Tinder's API (wrapper included)
- [**553**Star][10d] [Shell] [cloudsec/brootkit](https://github.com/cloudsec/brootkit) Lightweight rootkit implemented by bash shell scripts v0.10
- [**552**Star][11d] [C#] [bitsadmin/fakelogonscreen](https://github.com/bitsadmin/fakelogonscreen) Fake Windows logon screen to steal passwords
- [**552**Star][10d] [Rust] [dswd/vpncloud](https://github.com/dswd/vpncloud) Peer-to-peer VPN
- [**552**Star][13d] [Py] [python3webspider/douyin](https://github.com/python3webspider/douyin) API of DouYin for Humans used to Crawl Popular Videos and Musics
- [**552**Star][7m] [Py] [shellphish/driller](https://github.com/shellphish/driller) augmenting AFL with symbolic execution!
- [**552**Star][10m] [C++] [nytrorst/shellcodecompiler](https://github.com/nytrorst/shellcodecompiler) compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows (x86 and x64) and Linux (x86 and x64)
- [**552**Star][2y] [Py] [n00py/wpforce](https://github.com/n00py/wpforce) a suite of Wordpress Attack tools
- [**551**Star][10d] [R] [beoutbreakprepared/ncov2019](https://github.com/beoutbreakprepared/ncov2019) Location for summaries and analysis of data related to n-CoV 2019, first reported in Wuhan, China
- [**551**Star][11d] [C++] [andrivet/advobfuscator](https://github.com/andrivet/advobfuscator) Obfuscation library based on C++11/14 and metaprogramming
- [**551**Star][10d] [Py] [cisagov/pshtt](https://github.com/cisagov/pshtt) Scan domains and return data based on HTTPS best practices
- [**551**Star][3m] [Py] [theresafewconors/sooty](https://github.com/theresafewconors/sooty) The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
- [**551**Star][7d] [PHP] [pk-fr/yakpro-po](https://github.com/pk-fr/yakpro-po) YAK Pro - Php Obfuscator
- [**551**Star][12d] [C++] [kohler/click](https://github.com/kohler/click) The Click modular router: fast modular packet processing and analysis
- [**551**Star][1y] [C] [hfiref0x/upgdsed](https://github.com/hfiref0x/upgdsed) Universal PatchGuard and Driver Signature Enforcement Disable
- [**551**Star][2y] [Py] [anatolikalysch/vmattack](https://github.com/anatolikalysch/vmattack) static and dynamic virtualization-based packed analysis and deobfuscation.
- [**550**Star][9m] [JS] [wooyundota/droidsslunpinning](https://github.com/wooyundota/droidsslunpinning) Android certificate pinning disable tools
- [**550**Star][2y] [Py] [ihack4falafel/oscp](https://github.com/ihack4falafel/oscp) Collection of things made during my OSCP journey
- [**550**Star][1y] [Py] [dark-lbp/isf](https://github.com/dark-lbp/isf) ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python
- [**550**Star][10d] [Py] [certtools/intelmq](https://github.com/certtools/intelmq) IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
- [**549**Star][13d] [Java] [jaredrummler/apkparser](https://github.com/jaredrummler/apkparser) APK parser for Android
- [**549**Star][11m] [Shell] [sameersbn/docker-squid](https://github.com/sameersbn/docker-squid) Dockerfile to create a Docker container image for Squid proxy server
- [**549**Star][12d] [Py] [aidaho12/haproxy-wi](https://github.com/aidaho12/haproxy-wi) Web interface for managing Haproxy, Nginx and Keepalived servers
- [**548**Star][10d] [Go] [projectdiscovery/naabu](https://github.com/projectdiscovery/naabu) A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
- [**548**Star][7m] [Py] [tencent/habomalhunter](https://github.com/tencent/habomalhunter) HaboMalHunter is a sub-project of Habo Malware Analysis System (
- [**548**Star][17d] [XSLT] [honze-net/nmap-bootstrap-xsl](https://github.com/honze-net/nmap-bootstrap-xsl) A Nmap XSL implementation with Bootstrap.
- [**547**Star][10d] [C] [wilix-team/iohook](https://github.com/wilix-team/iohook) Node.js global keyboard and mouse listener.
- [**547**Star][11d] [C] [mykter/afl-training](https://github.com/mykter/afl-training) Exercises to learn how to fuzz with American Fuzzy Lop
- [**547**Star][12d] [walterinsh/risk-management-note](https://github.com/walterinsh/risk-management-note) 
- [**547**Star][10d] [Shell] [seemoo-lab/mobisys2018_nexmon_software_defined_radio](https://github.com/seemoo-lab/mobisys2018_nexmon_software_defined_radio) Proof of concept project for operating Broadcom Wi-Fi chips as arbitrary signal transmitters similar to software-defined radios (SDRs)
- [**547**Star][2y] [C++] [raphaelsc/am-i-affected-by-meltdown](https://github.com/raphaelsc/am-i-affected-by-meltdown) Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
- [**547**Star][4y] [Py] [fjserna/cve-2015-7547](https://github.com/fjserna/cve-2015-7547) Proof of concept for CVE-2015-7547
- [**547**Star][13d] [Py] [c0ny1/upload-fuzz-dic-builder](https://github.com/c0ny1/upload-fuzz-dic-builder) 上传漏洞fuzz字典生成脚本
- [**546**Star][13d] [itrump/ssfree](https://github.com/itrump/ssfree) provide shadowsocks free tutorial and free account
- [**546**Star][3m] [netbiosx/checklists](https://github.com/netbiosx/checklists) Pentesting checklists for various engagements
- [**546**Star][21d] [C++] [monero-project/kovri](https://github.com/monero-project/kovri) The Kovri I2P Router Project
- [**546**Star][18d] [JS] [moll/node-mitm](https://github.com/moll/node-mitm) Intercept and mock outgoing Node.js network TCP connections and HTTP requests for testing. Intercepts and gives you a Net.Socket, Http.IncomingMessage and Http.ServerResponse to test and respond with. Super useful when testing code that hits remote servers.
- [**546**Star][20d] [Go] [genuinetools/amicontained](https://github.com/genuinetools/amicontained) Container introspection tool. Find out what container runtime is being used as well as features available.
- [**546**Star][4m] [C#] [crosire/scripthookvdotnet](https://github.com/crosire/scripthookvdotnet) An ASI plugin for Grand Theft Auto V, which allows running scripts written in any .NET language in-game.
- [**545**Star][15d] [Py] [scrapinghub/scrapyrt](https://github.com/scrapinghub/scrapyrt) Scrapy realtime
- [**545**Star][4m] [CoffeeScript] [koding/global.hackathon](https://github.com/koding/global.hackathon) Welcome to the World’s First Global Virtual Hackathon!
- [**545**Star][19d] [C] [jiayy/android_vuln_poc-exp](https://github.com/jiayy/android_vuln_poc-exp) This project contains pocs and exploits for vulneribilities I found (mostly)
- [**544**Star][10d] [Java] [nordicsemiconductor/android-ble-library](https://github.com/nordicsemiconductor/android-ble-library) A library that makes working with Bluetooth LE on Android a pleasure. Seriously.
- [**544**Star][4m] [Py] [chengyumeng/spider163](https://github.com/chengyumeng/spider163) 抓取网易云音乐热门评论
- [**544**Star][4m] [C#] [michaelgrafnetter/dsinternals](https://github.com/michaelgrafnetter/dsinternals) Directory Services Internals (DSInternals) PowerShell Module and Framework
- [**544**Star][4y] [Java] [demantz/rfanalyzer](https://github.com/demantz/rfanalyzer) Spectrum Analyzer for Android using the HackRF
- [**543**Star][11d] [Ruby] [vifreefly/kimuraframework](https://github.com/vifreefly/kimuraframework) Modern web scraping framework written in Ruby which works out of box with Headless Chromium/Firefox, PhantomJS, or simple HTTP requests and allows to scrape and interact with JavaScript rendered websites
- [**543**Star][11d] [C] [yourtion/learningmasteringalgorithms-c](https://github.com/yourtion/learningmasteringalgorithms-c) Mastering Algorithms with C 《算法精解：C语言描述》源码及Xcode工程、Linux工程
- [**543**Star][7d] [Py] [langzifun/langsrccurise](https://github.com/langzifun/langsrccurise) SRC子域名资产监控
- [**543**Star][15d] [Java] [dawei101/shadowsocks-android-java](https://github.com/dawei101/shadowsocks-android-java) Shadowsocks android client, pure java version
- [**543**Star][10d] [Rich Text Format] [tsingui/clover-efi](https://github.com/tsingui/clover-efi) 分享整理一些黑苹果Clover驱动配置文件
- [**543**Star][13d] [PHP] [slince/spike](https://github.com/slince/spike) a fast reverse proxy built on top of ReactPHP that helps to expose your local services to the internet
- [**543**Star][2m] [Py] [monperrus/crawler-user-agents](https://github.com/monperrus/crawler-user-agents) Syntactic patterns of HTTP user-agents used by bots / robots / crawlers / scrapers / spiders. pull-request welcome
- [**543**Star][10d] [C] [jkornev/hidden](https://github.com/jkornev/hidden) Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
- [**543**Star][1y] [grananqvist/awesome-quant-machine-learning-trading](https://github.com/grananqvist/awesome-quant-machine-learning-trading) Quant/Algorithm trading resources with an emphasis on Machine Learning
- [**543**Star][7d] [Rust] [cloudflare/wirefilter](https://github.com/cloudflare/wirefilter) An execution engine for Wireshark-like filters
- [**543**Star][11m] [Py] [bignerd95/chimay-red](https://github.com/bignerd95/chimay-red) Working POC of Mikrotik exploit from Vault 7 CIA Leaks
- [**542**Star][10d] [JS] [kgretzky/pwndrop](https://github.com/kgretzky/pwndrop) Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
- [**542**Star][12d] [Py] [foair/course-crawler](https://github.com/foair/course-crawler) 一个基于 Python 3 的 MOOC 课程下载工具，可以获取 中国大学MOOC、学堂在线、网易云课堂 MOOC、好大学在线、爱课程 的课件，方便离线观看。
- [**542**Star][12d] [C++] [tencent/dcache](https://github.com/tencent/dcache) A distributed in-memory NOSQL system based on TARS framework, support LRU algorithm and data persists on back-end database. Users can easily deploy, publish, and scale services on the web interface.
- [**542**Star][17d] [Py] [xillwillx/skiptracer](https://github.com/xillwillx/skiptracer) OSINT python webscaping framework
- [**542**Star][5m] [C#] [rasta-mouse/watson](https://github.com/rasta-mouse/watson) Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
- [**542**Star][14d] [Py] [mysterie/uncompyle2](https://github.com/mysterie/uncompyle2) A Python 2.5, 2.6, 2.7 byte-code decompiler
- [**542**Star][7y] [Java] [moxie0/androidpinning](https://github.com/moxie0/androidpinning) A standalone library project for certificate pinning on Android.
- [**542**Star][4m] [Py] [hatboy/pcap-analyzer](https://github.com/hatboy/pcap-analyzer) Python编写的可视化的离线数据包分析器
- [**541**Star][8d] [Go] [skyhee/algorithms-learning-with-go](https://github.com/skyhee/algorithms-learning-with-go) 算法学习 Golang 版，参考 raywenderlich/swift-algorithm-club
- [**541**Star][4m] [Java] [windysha/xpatch](https://github.com/windysha/xpatch) This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.
- [**541**Star][4y] [Py] [mimoo/diffie-hellman_backdoor](https://github.com/mimoo/diffie-hellman_backdoor) How to backdoor Diffie-Hellman
- [**541**Star][3y] [PHP] [dotcppfile/daws](https://github.com/dotcppfile/daws) Advanced Web Shell
- [**541**Star][12d] [JS] [coalfire-research/npk](https://github.com/coalfire-research/npk) A mostly-serverless distributed hash cracking platform
- [**541**Star][13d] [aozhimin/ios-debug-hacks](https://github.com/aozhimin/ios-debug-hacks) 
- [**540**Star][17d] [Go] [gotoz/runq](https://github.com/gotoz/runq) run regular Docker images in KVM/Qemu
- [**540**Star][20d] [PHP] [simplethings/entityauditbundle](https://github.com/simplethings/entityauditbundle) Doctrine2 Extension to Audit Entities through versioning tables.
- [**540**Star][15d] [sergey-pronin/awesome-vulnerability-research](https://github.com/sergey-pronin/Awesome-Vulnerability-Research) A curated list of the awesome resources about the Vulnerability Research
- [**540**Star][5m] [C++] [vadimcn/vscode-lldb](https://github.com/vadimcn/vscode-lldb) A native debugger extension for VSCode based on LLDB
- [**540**Star][2y] [Py] [torque59/nosql-exploitation-framework](https://github.com/torque59/nosql-exploitation-framework) A Python Framework For NoSQL Scanning and Exploitation
- [**540**Star][15d] [Rust] [rust-fuzz/cargo-fuzz](https://github.com/rust-fuzz/cargo-fuzz) Command line helpers for fuzzing
- [**540**Star][10d] [Perl 6] [rezasp/joomscan](https://github.com/rezasp/joomscan) OWASP Joomla Vulnerability Scanner Project
- [**540**Star][3m] [fabacab/awesome-cybersecurity-blueteam](https://github.com/fabacab/awesome-cybersecurity-blueteam) A collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
- [**540**Star][7m] [C++] [lemire/fastpfor](https://github.com/lemire/fastpfor) The FastPFOR C++ library: Fast integer compression
- [**540**Star][22d] [Erlang] [heroku/vegur](https://github.com/heroku/vegur) HTTP Proxy Library
- [**540**Star][10d] [C#] [chmorgan/sharppcap](https://github.com/chmorgan/sharppcap) Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
- [**539**Star][2m] [Py] [lijiejie/ds_store_exp](https://github.com/lijiejie/ds_store_exp) A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
- [**539**Star][4m] [Rust] [kpcyrd/sn0int](https://github.com/kpcyrd/sn0int) Semi-automatic OSINT framework and package manager
- [**539**Star][5m] [Py] [jseidl/goldeneye](https://github.com/jseidl/goldeneye) HTTP DoS Test Tool.
- [**539**Star][4m] [Py] [gyoisamurai/gyoithon](https://github.com/gyoisamurai/gyoithon) a growing penetration test tool using Machine Learning.
- [**539**Star][10d] [Java] [dsheirer/sdrtrunk](https://github.com/dsheirer/sdrtrunk) A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:
- [**539**Star][5m] [C++] [angorafuzzer/angora](https://github.com/angorafuzzer/angora) Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
- [**538**Star][10d] [Py] [hellock/icrawler](https://github.com/hellock/icrawler) A multi-thread crawler framework with many builtin image crawlers provided.
- [**538**Star][4m] [Py] [ypeleg/hungabunga](https://github.com/ypeleg/hungabunga) Brute-Force all sklearn models with all parameters using .fit .predict!
- [**538**Star][10d] [Lua] [viruscamp/luadec](https://github.com/viruscamp/luadec) Lua Decompiler for lua 5.1 , 5.2 and 5.3
- [**538**Star][10d] [Ruby] [sidaf/homebrew-pentest](https://github.com/sidaf/homebrew-pentest) a Tap containing some Homebrew formulas consisting of penetration testing related tools.
- [**538**Star][4m] [Nix] [reflex-frp/reflex-platform](https://github.com/reflex-frp/reflex-platform) Reflex FRP is a composable, cross-platform functional reactive programming framework for Haskell. It allows you to build interactive components in pure functional style, working in harmony with established Haskell techniques and improving the quality and elegance of your applications.
- [**538**Star][4m] [JS] [mr-un1k0d3r/thundershell](https://github.com/mr-un1k0d3r/thundershell) a C# RAT that communicates via HTTP requests
- [**538**Star][12d] [C++] [miki151/keeperrl](https://github.com/miki151/keeperrl) Source code of KeeperRL
- [**538**Star][29d] [Py] [hackappcom/iloot](https://github.com/hackappcom/iloot) OpenSource tool for iCloud backup extraction
- [**538**Star][4y] [PS] [enigma0x3/generate-macro](https://github.com/enigma0x3/generate-macro) This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.
- [**538**Star][2y] [Objective-C++] [davidgoldman/inspectivec](https://github.com/davidgoldman/inspectivec) objc_msgSend hook for debugging/inspection purposes.
- [**538**Star][11d] [HTML] [ctf-wiki/ctf-challenges](https://github.com/ctf-wiki/ctf-challenges) 收集到题目按照一定的分类进行存储，方便练习
- [**538**Star][19d] [Py] [alexhude/uemu](https://github.com/alexhude/uemu) Tiny cute emulator plugin for IDA based on unicorn.
- [**537**Star][9d] [Py] [thingsboard/thingsboard-gateway](https://github.com/thingsboard/thingsboard-gateway) Open-source IoT Gateway - integrates devices connected to legacy and third-party systems with ThingsBoard IoT Platform using OPC-UA and MQTT protocols
- [**537**Star][3m] [JS] [igrigorik/node-spdyproxy](https://github.com/igrigorik/node-spdyproxy) SPDY forwarding proxy - fast and secure
- [**537**Star][14d] [Py] [woodrush/neural-art-tf](https://github.com/woodrush/neural-art-tf) "A neural algorithm of Artistic style" in tensorflow
- [**537**Star][13d] [Shell] [wireghoul/graudit](https://github.com/wireghoul/graudit)  a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep
- [**537**Star][2y] [vulnhub/ctf-writeups](https://github.com/vulnhub/ctf-writeups) CTF write-ups from the VulnHub CTF Team
- [**537**Star][9m] [Java] [megatronking/stringfog](https://github.com/megatronking/stringfog) 一款自动对字节码中的字符串进行加密Android插件工具
- [**537**Star][8m] [Kotlin] [jire/charlatano](https://github.com/jire/charlatano) Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems
- [**536**Star][8d] [Py] [veekxt/v2ray-template](https://github.com/veekxt/v2ray-template) v2ray 模板，v2ray 配置生成工具
- [**536**Star][10d] [Py] [idarlingteam/idarling](https://github.com/IDArlingTeam/IDArling) a collaborative reverse engineering plugin for IDA Pro and Hex-Rays
- [**536**Star][13d] [C] [odzhan/injection](https://github.com/odzhan/injection) Windows process injection methods
- [**535**Star][10d] [Shell] [trimstray/multitor](https://github.com/trimstray/multitor) Shell脚本, 创建多个Tor实例, 并使用HAProxy实现负载均衡
- [**535**Star][14d] [Ruby] [substrakt/letsencrypt-heroku](https://github.com/substrakt/letsencrypt-heroku) Make any Heroku application secure in just a couple of minutes.
- [**535**Star][10d] [C] [projectacrn/acrn-hypervisor](https://github.com/projectacrn/acrn-hypervisor) Project ACRN hypervisor
- [**535**Star][10d] [C] [lunixbochs/patchkit](https://github.com/lunixbochs/patchkit) binary patching from Python
    - [IDA插件](https://github.com/lunixbochs/patchkit/tree/master/ida) 
    - [patchkit](https://github.com/lunixbochs/patchkit/tree/master/core) 
- [**535**Star][3y] [C] [larryli/putty](https://github.com/larryli/putty) PuTTY 中文版，原
- [**535**Star][19d] [C] [jondonym/peinjector](https://github.com/jondonym/peinjector) peinjector - MITM PE file infector
- [**535**Star][10d] [Py] [insecurityofthings/jackit](https://github.com/insecurityofthings/jackit) Exploit Code for Mousejack
- [**535**Star][11d] [bfuzzy/auditd-attack](https://github.com/bfuzzy/auditd-attack) A Linux Auditd rule set mapped to MITRE's Attack Framework
- [**535**Star][4m] [Java] [1998lixin/hardwarecode](https://github.com/1998lixin/hardwarecode) 基于xposed 修改硬件信息
- [**534**Star][9d] [Py] [qqxx6661/price-monitor](https://github.com/qqxx6661/price-monitor) 京东商品价格监控：监控用户设定商品价格，降价邮件/微信提醒。技术：Python爬虫/IP代理池/JS接口爬取/Selenium页面爬取
- [**534**Star][14d] [C++] [rbei-etas/busmaster](https://github.com/rbei-etas/busmaster) simulate, analyze and test data bus systems such as CAN.
- [**534**Star][17d] [JS] [mrluanma/shadowsocks-heroku](https://github.com/mrluanma/shadowsocks-heroku) shadowsocks over WebSocket, support Heroku.
- [**534**Star][12d] [Py] [ionelmc/python-hunter](https://github.com/ionelmc/python-hunter) Hunter is a flexible code tracing toolkit.
- [**534**Star][10d] [Ruby] [hdm/mac-ages](https://github.com/hdm/mac-ages) determine an approximate issuance date for IEEE allocated hardware address ranges
- [**533**Star][21d] [JS] [venables/koa-helmet](https://github.com/venables/koa-helmet) Important security headers for koa
- [**533**Star][11d] [JS] [sciencefair-land/sciencefair](https://github.com/sciencefair-land/sciencefair) The futuristic, fabulous and free desktop app for working with scientific literature
- [**533**Star][10d] [Go] [cyberark/summon](https://github.com/cyberark/summon) CLI that provides on-demand secrets access for common DevOps tools
- [**533**Star][13d] [Py] [zhongyiio/crack-geetest](https://github.com/zhongyiio/crack-geetest) 滑动验证码破解示例，仅供学习使用。
- [**533**Star][11d] [C] [lucyoa/kernel-exploits](https://github.com/lucyoa/kernel-exploits) 内核 exploit
- [**533**Star][23d] [Scala] [densh/scala-offheap](https://github.com/densh/scala-offheap) Experimental type-safe off-heap memory for Scala.
- [**533**Star][12d] [Py] [awslabs/aws-security-benchmark](https://github.com/awslabs/aws-security-benchmark) Open source demos, concept and guidance related to the AWS CIS Foundation framework.
- [**532**Star][17d] [Shell] [trailofbits/twa](https://github.com/trailofbits/twa) A tiny web auditor with strong opinions.
- [**532**Star][10m] [C++] [shuax/greenchrome](https://github.com/shuax/greenchrome) 超好用的Chrome浏览器增强软件
- [**532**Star][15d] [C++] [opengenus/quark](https://github.com/opengenus/quark) Stay happy while offline | World's first offline search engine.
- [**531**Star][9d] [PHP] [nettitude/xss_payloads](https://github.com/nettitude/xss_payloads) Exploitation for XSS
- [**531**Star][14d] [C] [iovisor/ply](https://github.com/iovisor/ply) Dynamic Tracing in Linux
- [**531**Star][2y] [C] [ionescu007/specucheck](https://github.com/ionescu007/specucheck) SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
- [**531**Star][11d] [Go] [gorilla/csrf](https://github.com/gorilla/csrf)  provides CSRF prevention middleware for Go web applications & services
- [**531**Star][18d] [Py] [chybeta/cmspoc](https://github.com/chybeta/cmspoc) A CMS Exploit Framework
- [**530**Star][1y] [JS] [mindedsecurity/jstillery](https://github.com/mindedsecurity/jstillery) Advanced JavaScript Deobfuscation via Partial Evaluation
- [**530**Star][12d] [C] [mikeryan/crackle](https://github.com/mikeryan/crackle) Crack and decrypt BLE encryption
- [**530**Star][17d] [lmy375/awesome-vmp](https://github.com/lmy375/awesome-vmp) VM analysis materials
- [**530**Star][3y] [ObjC] [herzmut/shadowsocks-ios](https://github.com/herzmut/shadowsocks-ios) Fork of shadowsocks/shadowsocks-iOS
- [**529**Star][10d] [Shell] [microsoft/linux-vm-tools](https://github.com/microsoft/linux-vm-tools) Hyper-V Linux Guest VM Enhancements
- [**529**Star][19d] [Py] [project-imas/mdm-server](https://github.com/project-imas/mdm-server) Sample iOS MDM server
- [**529**Star][2m] [C] [neilalexander/sigmavpn](https://github.com/neilalexander/sigmavpn) Light-weight, secure and modular VPN solution which makes use of NaCl encryption (also available for Android using jnacl in "sigmavpn-android")
- [**528**Star][11d] [C#] [tyranid/oleviewdotnet](https://github.com/tyranid/oleviewdotnet) A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container
- [**528**Star][17d] [Py] [trailofbits/deepstate](https://github.com/trailofbits/deepstate) A unit test-like interface for fuzzing and symbolic execution
- [**528**Star][13d] [palantir/osquery-configuration](https://github.com/palantir/osquery-configuration) 使用 osquery 做事件检测和响应
- [**528**Star][6m] [Perl] [mrash/fwknop](https://github.com/mrash/fwknop) Single Packet Authorization > Port Knocking
- [**527**Star][9d] [Py] [lb2281075105/python-spider](https://github.com/lb2281075105/python-spider) 豆瓣电影top250、斗鱼爬取json数据以及爬取美女图片、淘宝、有缘、CrawlSpider爬取红娘网相亲人的部分基本信息以及红娘网分布式爬取和存储redis、爬虫小demo、Selenium、爬取多点、django开发接口、爬取有缘网信息、模拟知乎登录、模拟github登录、模拟图虫网登录、爬取多点商城整站数据、爬取微信公众号历史文章、爬取微信群或者微信好友分享的文章、itchat监听指定微信公众号分享的文章
- [**527**Star][12d] [Go] [mailgun/kafka-pixy](https://github.com/mailgun/kafka-pixy) gRPC/REST proxy for Kafka
- [**526**Star][6y] [Py] [swdunlop/andbug](https://github.com/swdunlop/andbug) Android Debugging Library
- [**526**Star][10d] [Py] [skavngr/rapidscan](https://github.com/skavngr/rapidscan) 
- [**526**Star][16d] [Py] [scrapy/scrapyd-client](https://github.com/scrapy/scrapyd-client) Command line client for Scrapyd server
- [**526**Star][11d] [PLSQL] [nologic/idaref](https://github.com/nologic/idaref) IDA Pro Instruction Reference Plugin
- [**526**Star][12d] [C] [luadist/luajit](https://github.com/luadist/luajit) LuaJIT is JIT compiler for the Lua language.
- [**526**Star][4m] [JS] [hapijs/good](https://github.com/hapijs/good) hapi process monitoring
- [**526**Star][3y] [Py] [gojhonny/credcrack](https://github.com/gojhonny/credcrack) A fast and stealthy credential harvester
- [**526**Star][12d] [Py] [danigargu/heap-viewer](https://github.com/danigargu/heap-viewer) An IDA Pro plugin to examine the glibc heap, focused on exploit development
- [**526**Star][11d] [Shell] [craigz28/firmwalker](https://github.com/craigz28/firmwalker) A simple bash script for searching the extracted or mounted firmware file system.
- [**526**Star][11d] [b-mueller/android_app_security_checklist](https://github.com/b-mueller/android_app_security_checklist) Android App Security Checklist
- [**525**Star][10d] [C] [tklengyel/drakvuf](https://github.com/tklengyel/drakvuf) DRAKVUF Black-box Binary Analysis
- [**525**Star][2y] [Py] [robindavid/lsb-steganography](https://github.com/robindavid/lsb-steganography) Python program to steganography files into images using the Least Significant Bit.
- [**525**Star][4m] [Py] [platomav/meanalyzer](https://github.com/platomav/meanalyzer) Intel Engine Firmware Analysis Tool
- [**525**Star][5m] [Py] [pagekite/pypagekite](https://github.com/pagekite/pypagekite) Python implementation of the PageKite remote front-end protocols.
- [**525**Star][10d] [Py] [marshall/logcat-color](https://github.com/marshall/logcat-color) A colorful and highly configurable alternative to the standard "adb logcat" command from the Android SDK
- [**525**Star][4m] [PHP] [delight-im/php-auth](https://github.com/delight-im/php-auth) Authentication for PHP. Simple, lightweight and secure.
- [**525**Star][5y] [ObjC] [bonzaithepenguin/loading](https://github.com/bonzaithepenguin/loading) Simple network activity monitor for OS X
- [**524**Star][2y] [ifyour/hosts-for-surge](https://github.com/ifyour/hosts-for-surge) 一份 Hosts 列表，按照 Surge 的配置文件规则生成
- [**524**Star][10d] [Shell] [antonbabenko/pre-commit-terraform](https://github.com/antonbabenko/pre-commit-terraform) pre-commit git hooks to take care of Terraform configurations
- [**524**Star][14d] [mel0day/redteam-bcs](https://github.com/mel0day/redteam-bcs) BCS（北京网络安全大会）2019 红队行动会议重点内容
- [**524**Star][12d] [Py] [fcavallarin/htcap](https://github.com/fcavallarin/htcap) htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.
- [**524**Star][9m] [PHP] [susers/writeups](https://github.com/susers/writeups) 国内各大CTF赛题及writeup整理
- [**524**Star][3m] [Py] [superhedgy/attacksurfacemapper](https://github.com/superhedgy/attacksurfacemapper) aims to automate the reconnaissance process.
- [**524**Star][10d] [Py] [sibson/redbeat](https://github.com/sibson/redbeat) RedBeat is a Celery Beat Scheduler that stores the scheduled tasks and runtime metadata in Redis.
- [**524**Star][4m] [Py] [schutzwerk/canalyzat0r](https://github.com/schutzwerk/canalyzat0r) Security analysis toolkit for proprietary car protocols
- [**524**Star][6m] [C] [r0hi7/binexp](https://github.com/r0hi7/binexp) Linux Binary Exploitation
- [**524**Star][23d] [C] [nfc-tools/mfcuk](https://github.com/nfc-tools/mfcuk) MiFare Classic Universal toolKit (MFCUK)
- [**524**Star][1y] [Visual Basic .NET] [mr-un1k0d3r/maliciousmacrogenerator](https://github.com/mr-un1k0d3r/maliciousmacrogenerator)  generate obfuscated macro that also include a AV / Sandboxes escape mechanism.
- [**523**Star][11d] [Go] [v2ray/domain-list-community](https://github.com/v2ray/domain-list-community) Community managed domain list
- [**523**Star][8d] [JS] [kevva/wifi-password](https://github.com/kevva/wifi-password) Get current wifi password
- [**523**Star][1y] [JS] [xd4rker/minerblock](https://github.com/xd4rker/minerblock) An efficient browser extension to block browser-based cryptocurrency miners all over the web.
- [**523**Star][7m] [Py] [romanzaikin/burpextension-whatsapp-decryption-checkpoint](https://github.com/romanzaikin/burpextension-whatsapp-decryption-checkpoint) Burp extension to decrypt WhatsApp Protocol
- [**523**Star][4m] [Py] [byt3bl33d3r/sprayingtoolkit](https://github.com/byt3bl33d3r/sprayingtoolkit) Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
- [**523**Star][14d] [Shell] [ashishb/android-malware](https://github.com/ashishb/android-malware) Collection of android malware samples
- [**523**Star][1y] [PS] [a-min3/winspect](https://github.com/a-min3/winspect) Powershell-based Windows Security Auditing Toolbox
- [**522**Star][11d] [Py] [furlongm/openvpn-monitor](https://github.com/furlongm/openvpn-monitor) openvpn-monitor is a web based OpenVPN monitor, that shows current connection information, such as users, location and data transferred.
- [**522**Star][10d] [mirinsoft/debotnet](https://github.com/mirinsoft/debotnet) 
- [**522**Star][13d] [Py] [lanbing510/lianjiaspider](https://github.com/lanbing510/lianjiaspider) 链家爬虫
- [**522**Star][7d] [Py] [fortynorthsecurity/just-metadata](https://github.com/FortyNorthSecurity/Just-Metadata) Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
- [**522**Star][10d] [C++] [tenable/routeros](https://github.com/tenable/routeros) various tools and exploits developed while performing security research on MikroTik's RouterOS.
- [**522**Star][20d] [Py] [reyammer/shellnoob](https://github.com/reyammer/shellnoob) A shellcode writing toolkit
- [**522**Star][4m] [C] [pmacct/pmacct](https://github.com/pmacct/pmacct) pmacct is a small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP RPKI IGP Streaming Telemetry].
- [**521**Star][3m] [Shell] [th3xace/sudo_killer](https://github.com/th3xace/sudo_killer) A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
- [**521**Star][16d] [Py] [rabbitstack/fibratus](https://github.com/rabbitstack/fibratus) Tool for exploration and tracing of the Windows kernel
- [**521**Star][7m] [C] [m0nad/diamorphine](https://github.com/m0nad/diamorphine) LKM rootkit for Linux Kernels 2.6.x/3.x/4.x (x86 and x86_64)
- [**521**Star][25d] [Swift] [google/science-journal-ios](https://github.com/google/science-journal-ios) Use the sensors in your mobile devices to perform science experiments. Science doesn’t just happen in the classroom or lab—tools like Science Journal let you see how the world works with just your phone.
- [**521**Star][3m] [Batchfile] [chef-koch/regtweaks](https://github.com/chef-koch/regtweaks) Windows Registry Tweaks (Win 7 - Win 10)
- [**520**Star][23d] [ObjC] [krzyzanowskim/objectivepgp](https://github.com/krzyzanowskim/objectivepgp) OpenPGP library for iOS and macOS
- [**520**Star][10d] [PHP] [zhuzhichao/ip-location-zh](https://github.com/zhuzhichao/ip-location-zh) 获取 IP 地址的真实地理位置
- [**520**Star][14d] [Rust] [sodiumoxide/sodiumoxide](https://github.com/sodiumoxide/sodiumoxide) Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium)
- [**520**Star][15d] [Py] [pjlantz/droidbox](https://github.com/pjlantz/droidbox) Dynamic analysis of Android apps
- [**520**Star][4y] [ObjC] [pjebs/obfuscator-ios](https://github.com/pjebs/obfuscator-ios) Secure your app by obfuscating all the hard-coded security-sensitive strings.
- [**520**Star][11m] [C] [nurupo/rootkit](https://github.com/nurupo/rootkit) Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
- [**520**Star][11d] [Py] [netflix-skunkworks/diffy](https://github.com/netflix-skunkworks/diffy) a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
- [**520**Star][5m] [Java] [happylishang/cacheemulatorchecker](https://github.com/happylishang/cacheemulatorchecker) Android模拟器检测，检测Android模拟器 ，获取相对真实的IMEI AndroidId 序列号 MAC地址等，作为DeviceID，应对防刷需求等
- [**520**Star][10d] [Go] [gen2brain/cam2ip](https://github.com/gen2brain/cam2ip) Turn any webcam into an IP camera
- [**519**Star][10d] [C++] [xmrig/xmrig-nvidia](https://github.com/xmrig/xmrig-nvidia) Monero (XMR) NVIDIA miner
- [**519**Star][2y] [C] [wubingzheng/memleax](https://github.com/wubingzheng/memleax) debugs memory leak of running process. Not maintained anymore, try `libleak` please.
- [**519**Star][4m] [Java] [rub-nds/tls-attacker](https://github.com/rub-nds/tls-attacker) TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is developed by the Ruhr University Bochum (
- [**519**Star][5m] [Py] [mozillasecurity/funfuzz](https://github.com/mozillasecurity/funfuzz) A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
- [**519**Star][13d] [C] [irontec/sngrep](https://github.com/irontec/sngrep) Ncurses SIP Messages flow viewer
- [**519**Star][2y] [PS] [dafthack/domainpasswordspray](https://github.com/dafthack/domainpasswordspray) DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
- [**519**Star][10d] [Cycript] [codermjlee/mjcript](https://github.com/codermjlee/mjcript) 【越狱-逆向】基于Cycript实现的一些实用函数
- [**519**Star][4m] [Py] [aoii103/darknet_chinesetrading](https://github.com/aoii103/darknet_chinesetrading) Darknet Chinese Market Trading Crawl and Monitor
- [**518**Star][10d] [JS] [trufflesuite/drizzle-legacy](https://github.com/trufflesuite/drizzle-legacy) Reactive Ethereum datastore for dapp UIs.
- [**518**Star][11d] [C#] [justcoding121/advanced-algorithms](https://github.com/justcoding121/advanced-algorithms) 100+ algorithms & data structures generically implemented in C#.
- [**518**Star][12d] [radareorg/awesome-radare2](https://github.com/radareorg/awesome-radare2) A curated list of awesome projects, articles and the other materials powered by Radare2
- [**518**Star][11m] [Visual Basic .NET] [nyan-x-cat/lime-rat](https://github.com/nyan-x-cat/lime-rat) LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
- [**518**Star][12d] [ernw/hardening](https://github.com/ernw/hardening) Repository of Hardening Guides
- [**518**Star][4m] [Py] [ctxis/cape](https://github.com/ctxis/cape) Malware Configuration And Payload Extraction
- [**517**Star][3y] [Java] [diablo-d3/diablominer](https://github.com/diablo-d3/diablominer) OpenCL miner for Bitcoin
- [**517**Star][11d] [TS] [davewasmer/devcert](https://github.com/davewasmer/devcert) Local HTTPS development made easy
- [**517**Star][2y] [C] [samyk/opensesame](https://github.com/samyk/opensesame) OpenSesame attacks wireless garages and can open most fixed-code garages and gates in seconds using a Mattel toy
- [**516**Star][8d] [Py] [wnma3mz/wechat_articles_spider](https://github.com/wnma3mz/wechat_articles_spider) 微信公众号的爬虫
- [**516**Star][3y] [Java] [nsacyber/grassmarlin](https://github.com/nsacyber/GRASSMARLIN) Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber
- [**516**Star][7d] [C] [triaquae/crazyeye](https://github.com/triaquae/crazyeye) OpenSource IT Automation Software
- [**516**Star][12d] [Shell] [staz0t/hashcatch](https://github.com/staz0t/hashcatch) Capture handshakes of nearby WiFi networks automatically
- [**516**Star][10d] [C++] [kirschju/demovfuscator](https://github.com/kirschju/demovfuscator) A work-in-progress deobfuscator for movfuscated binaries
- [**516**Star][6m] [Py] [iti/ics-security-tools](https://github.com/iti/ics-security-tools) Tools, tips, tricks, and more for exploring ICS Security.
- [**515**Star][10d] [C++] [stevemk14ebr/polyhook_2_0](https://github.com/stevemk14ebr/polyhook_2_0) C++17, x86/x64 Hooking Libary v2.0
- [**515**Star][16d] [OCaml] [trustinsoft/tis-interpreter](https://github.com/trustinsoft/tis-interpreter)  detects subtle bugs in C programs that may not have eye-visible effects when executing the same programs compiled in the traditional way.
- [**515**Star][3y] [tengzhangchao/sec-box](https://github.com/tengzhangchao/sec-box) information security Tools Box （信息安全工具以及资源集合）
- [**515**Star][13d] [Go] [psiphon-labs/psiphon-tunnel-core](https://github.com/psiphon-labs/psiphon-tunnel-core) Psiphon is an Internet censorship circumvention system.
- [**515**Star][13d] [Java] [chengdedeng/waf](https://github.com/chengdedeng/waf) 
- [**515**Star][12d] [TS] [cartant/rxjs-spy](https://github.com/cartant/rxjs-spy) A debugging library for RxJS
- [**514**Star][11d] [PHP] [nzedb/nzedb](https://github.com/nzedb/nzedb) automatically scans usenet, similar to the way web spiders scan the internet
- [**514**Star][10d] [Shell] [jsamr/bootiso](https://github.com/jsamr/bootiso) A bash script to securely create a bootable USB device from one image file. Just curl it, chmod it and go!
- [**513**Star][12d] [Py] [scwuaptx/pwngdb](https://github.com/scwuaptx/pwngdb) gdb for pwn
- [**513**Star][12d] [C] [n64dev/cen64](https://github.com/n64dev/cen64) Cycle-Accurate Nintendo 64 Emulator
- [**513**Star][1y] [Go] [mthbernardes/gtrs](https://github.com/mthbernardes/gtrs)  uses Google Translator as a proxy to send arbitrary commands to an infected machine
- [**513**Star][17d] [C] [jarun/keysniffer](https://github.com/jarun/keysniffer) 
- [**513**Star][1y] [C] [google/ktsan](https://github.com/google/ktsan) a fast data race detector for the Linux kernel
- [**512**Star][6m] [Py] [wetw0rk/sickle](https://github.com/wetw0rk/Sickle) Payload development tool
- [**512**Star][6m] [Py] [wetw0rk/sickle](https://github.com/wetw0rk/sickle) Payload development tool
- [**512**Star][2y] [C++] [tandasat/ddimon](https://github.com/tandasat/ddimon) Monitoring and controlling kernel API calls with stealth hook using EPT
- [**512**Star][13d] [Dockerfile] [mikesplain/openvas-docker](https://github.com/mikesplain/openvas-docker) A Docker container for Openvas
- [**512**Star][5m] [JS] [mattzeunert/fromjs](https://github.com/mattzeunert/fromjs) See where each character on the screen came from in code.
- [**512**Star][13d] [C] [martona/mhook](https://github.com/martona/mhook) A Windows API hooking library
- [**512**Star][11d] [govolution/betterdefaultpasslist](https://github.com/govolution/betterdefaultpasslist) list includes default credentials from various manufacturers for their products like NAS, ERP, ICS etc.
- [**511**Star][11d] [Java] [dependencytrack/dependency-track](https://github.com/DependencyTrack/dependency-track) Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
- [**511**Star][10d] [mutability/dump1090](https://github.com/mutability/dump1090) Dump1090 is a simple Mode S decoder for RTLSDR devices
- [**511**Star][15d] [Py] [initstring/dirty_sock](https://github.com/initstring/dirty_sock) Linux privilege escalation exploit via snapd (CVE-2019-7304)
- [**511**Star][10d] [Py] [graalvm/graalpython](https://github.com/graalvm/graalpython) A Python 3 implementation built on GraalVM
- [**511**Star][11d] [Java] [dependencytrack/dependency-track](https://github.com/dependencytrack/dependency-track) Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
- [**510**Star][11d] [Py] [timwhitez/crawlergo_x_xray](https://github.com/timwhitez/crawlergo_x_xray) 360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能
- [**510**Star][11d] [Py] [fportantier/habu](https://github.com/fportantier/habu) Hacking Toolkit
- [**510**Star][8d] [Scala] [thehive-project/cortex](https://github.com/TheHive-Project/Cortex) a Powerful Observable Analysis and Active Response Engine
- [**510**Star][11d] [Py] [savio-code/fern-wifi-cracker](https://github.com/savio-code/fern-wifi-cracker) Automatically exported from code.google.com/p/fern-wifi-cracker
- [**510**Star][11d] [Py] [fportantier/habu](https://github.com/fportantier/habu) Hacking Toolkit to teach (and learn) some concepts about Python and Network Hacking.
- [**510**Star][2y] [JS] [cryptogenic/ps4-4.05-kernel-exploit](https://github.com/cryptogenic/ps4-4.05-kernel-exploit) A fully implemented kernel exploit for the PS4 on 4.05FW
- [**510**Star][6m] [Go] [arminc/clair-scanner](https://github.com/arminc/clair-scanner) Docker containers vulnerability scan
- [**510**Star][12d] [adi0x90/attifyos](https://github.com/adi0x90/attifyos) IoT 安全评估/渗透测试工具包
- [**509**Star][14d] [C++] [0x09al/rdpthief](https://github.com/0x09al/rdpthief) Extracting Clear Text Passwords from mstsc.exe using API Hooking.
- [**509**Star][11d] [Py] [tlswg/tls13-spec](https://github.com/tlswg/tls13-spec) TLS 1.3 Specification
- [**509**Star][10d] [C] [nongiach/sudo_inject](https://github.com/nongiach/sudo_inject) [Linux] Two Privilege Escalation techniques abusing sudo token
- [**508**Star][4y] [Assembly] [xoreaxeaxeax/repsych](https://github.com/xoreaxeaxeax/repsych) Psychological warfare in reverse engineering
- [**508**Star][10d] [C] [libreswan/libreswan](https://github.com/libreswan/libreswan) an Internet Key Exchange (IKE) implementation for Linux.
- [**508**Star][14d] [Shell] [leonteale/pentestpackage](https://github.com/leonteale/pentestpackage) a package of Pentest scripts I have made or commonly use
- [**507**Star][3m] [Ruby] [lackoftactics/facebook_data_analyzer](https://github.com/lackoftactics/facebook_data_analyzer) Analyze facebook copy of your data with ruby language. Download zip file from facebook and get info about friends ranking by message, vocabulary, contacts, friends added statistics and more
- [**507**Star][4m] [JS] [shadowsocks/shadowsocks-org](https://github.com/shadowsocks/shadowsocks-org) The official website of Project Shadowsocks.
- [**507**Star][8d] [PS] [nsacyber/event-forwarding-guidance](https://github.com/nsacyber/Event-Forwarding-Guidance) Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
- [**507**Star][16d] [C] [tihmstar/tsschecker](https://github.com/tihmstar/tsschecker) a powerfull tool to check tss signing status of various devices and firmwares
- [**507**Star][18d] [Java] [strazzere/anti-emulator](https://github.com/strazzere/anti-emulator) Android Anti-Emulator
- [**507**Star][1y] [Shell] [stamusnetworks/selks](https://github.com/stamusnetworks/selks) A Suricata based IDS/IPS distro
- [**507**Star][3m] [manoelt/50m_ctf_writeup](https://github.com/manoelt/50m_ctf_writeup) $50 Million CTF from Hackerone - Writeup
- [**507**Star][4m] [Go] [cbeuw/cloak](https://github.com/cbeuw/cloak) A censorship circumvention tool to evade detection against state adversaries
- [**507**Star][2y] [Py] [attify/firmware-analysis-toolkit](https://github.com/attify/firmware-analysis-toolkit) Toolkit to emulate firmware and analyse it for security vulnerabilities
- [**506**Star][10d] [C] [larmel/lacc](https://github.com/larmel/lacc) A simple, self-hosting C compiler
- [**506**Star][10d] [Java] [ddssingsong/webrtc_android](https://github.com/ddssingsong/webrtc_android) webrtc VideoCall VideoConference 视频通话 视频会议
- [**506**Star][20d] [Py] [zdresearch/owasp-zsc](https://github.com/zdresearch/OWASP-ZSC) Shellcode/Obfuscate Code Generator
- [**506**Star][1m] [Py] [vector35/deprecated-binaryninja-python](https://github.com/vector35/deprecated-binaryninja-python) Deprecated Binary Ninja prototype written in Python
- [**506**Star][13d] [Objective-C++] [bishopfox/bfinject](https://github.com/bishopfox/bfinject) Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks
- [**506**Star][28d] [C] [android-rooting-tools/android_run_root_shell](https://github.com/android-rooting-tools/android_run_root_shell) 
- [**505**Star][1y] [C] [theofficialflow/nonpdrm](https://github.com/theofficialflow/nonpdrm) A plugin that allows you to bypass DRM protection on any PS Vita content
- [**505**Star][1y] [C#] [lowleveldesign/wtrace](https://github.com/lowleveldesign/wtrace) Command line tracing tool for Windows, based on ETW.
- [**505**Star][2y] [PS] [danielbohannon/invoke-cradlecrafter](https://github.com/danielbohannon/invoke-cradlecrafter) PowerShell Remote Download Cradle Generator & Obfuscator
- [**504**Star][11d] [Py] [super-l/superl-url](https://github.com/super-l/superl-url) 根据关键词，对搜索引擎内容检索结果的网址内容进行采集的一款轻量级软程序
- [**504**Star][12d] [C++] [ridiculousfish/libdivide](https://github.com/ridiculousfish/libdivide) Official git repository for libdivide: optimized integer division
- [**504**Star][11d] [C#] [qmk/qmk_toolbox](https://github.com/qmk/qmk_toolbox) A Toolbox companion for QMK Firmware
- [**504**Star][3y] [PS] [powershellmafia/cimsweep](https://github.com/powershellmafia/cimsweep) CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
- [**504**Star][12d] [Assembly] [pjimenezmateo/curriculum-bootloader](https://github.com/pjimenezmateo/curriculum-bootloader) Here I share the code of my CV, which is also a bootable bootloader :)
- [**504**Star][13d] [JS] [pinterest/snappass](https://github.com/pinterest/snappass) Share passwords securely
- [**504**Star][6y] [Py] [infodox/python-pty-shells](https://github.com/infodox/python-pty-shells) Python PTY backdoors - full PTY or nothing!
- [**503**Star][1m] [Rust] [linkerd/linkerd-tcp](https://github.com/linkerd/linkerd-tcp) A TCP/TLS load balancer for Linkerd 1.x.
- [**503**Star][11d] [Solidity] [provable-things/ethereum-api](https://github.com/provable-things/ethereum-api) Provable API for Ethereum smart contracts
- [**503**Star][14d] [Go] [square/certigo](https://github.com/square/certigo) A utility to examine and validate certificates in a variety of formats
- [**503**Star][15d] [Go] [shyiko/kubesec](https://github.com/shyiko/kubesec) Secure Secret management for Kubernetes (with gpg, Google Cloud KMS and AWS KMS backends)
- [**503**Star][12d] [C] [schweikert/fping](https://github.com/schweikert/fping) High performance ping tool
- [**503**Star][8m] [Py] [olafhartong/threathunting](https://github.com/olafhartong/threathunting) A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
- [**503**Star][3y] [C] [huawei/huawei_liteos_kernel](https://github.com/huawei/huawei_liteos_kernel) uawei LiteOS Kernel项目
- [**503**Star][4m] [PS] [evotecit/pswinreporting](https://github.com/evotecit/pswinreporting) This PowerShell Module has multiple functionalities, but one of the signature features of this module is the ability to parse Security logs on Domain Controllers providing easy to use access to AD Events.
- [**503**Star][10m] [JS] [ehrishirajsharma/swiftnessx](https://github.com/ehrishirajsharma/swiftnessx) A cross-platform note-taking & target-tracking app for penetration testers.
- [**502**Star][13d] [JS] [sindresorhus/get-port](https://github.com/sindresorhus/get-port) Get an available port
- [**502**Star][11d] [Java] [michaelvilleneuve/react-native-document-scanner](https://github.com/michaelvilleneuve/react-native-document-scanner) Document scanner, features live border detection, perspective correction, image filters and more !
- [**502**Star][10m] [Py] [maddiestone/idapythonembeddedtoolkit](https://github.com/maddiestone/idapythonembeddedtoolkit) a set of script to automate many of the steps associated with statically analyzing, or reverse engineering, the firmware of embedded devices in IDA Pro.
- [**502**Star][14d] [Go] [dan-v/awslambdaproxy](https://github.com/dan-v/awslambdaproxy) An AWS Lambda powered HTTP/SOCKS web proxy
- [**502**Star][1m] [PHP] [bramus/mixed-content-scan](https://github.com/bramus/mixed-content-scan) Scan your HTTPS-enabled website for Mixed Content
- [**502**Star][13d] [Py] [armissecurity/blueborne](https://github.com/armissecurity/blueborne) PoC scripts demonstrating the BlueBorne vulnerabilities
- [**501**Star][11d] [JS] [vincentchanx/shadowsocks-over-websocket](https://github.com/vincentchanx/shadowsocks-over-websocket) 免费使用 Heroku 部署 shadowsocks
- [**501**Star][11d] [C] [sandeepmistry/arduino-nrf5](https://github.com/sandeepmistry/arduino-nrf5) Arduino Core for Nordic Semiconductor nRF5 based boards
- [**501**Star][4m] [Py] [r35tart/rw_password](https://github.com/r35tart/rw_password) 此项目用来提取收集以往泄露的密码中符合条件的强弱密码
- [**501**Star][11d] [ph055a/osint_collection](https://github.com/Ph055a/OSINT_Collection) Maintained collection of OSINT related resources. (All Free & Actionable)
- [**501**Star][7m] [C] [hasherezade/demos](https://github.com/hasherezade/demos) Demos of various injection techniques found in malware
- [**501**Star][1m] [Go] [evanmiller/hecate](https://github.com/evanmiller/hecate) The Hex Editor From Hell
- [**501**Star][4m] [Java] [chainsdd/superuser](https://github.com/chainsdd/superuser) Android superuser permissions app (from Zinx)
- [**500**Star][10d] [C++] [wbenny/hvpp](https://github.com/wbenny/hvpp) hvpp is a lightweight Intel x64/VT-x hypervisor written in C++ focused primarily on virtualization of already running operating system
- [**500**Star][5y] [JS] [mandatoryprogrammer/sonar.js](https://github.com/mandatoryprogrammer/sonar.js) A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration combined with WebSockets and external resource fingerprinting.
- [**500**Star][10d] [C++] [linuxboot/linuxboot](https://github.com/linuxboot/linuxboot) The LinuxBoot project is working to enable Linux to replace your firmware on all platforms.
- [**500**Star][2m] [Ruby] [kaich/codeobscure](https://github.com/kaich/codeobscure) code obscure for object-c project. 方便强大的OC工程代码自动混淆工具
- [**500**Star][14d] [C] [ghughes/fruitstrap](https://github.com/ghughes/fruitstrap) Install and debug iPhone apps from the command line, without using Xcode
- [**500**Star][11d] [Py] [bit4woo/teemo](https://github.com/bit4woo/teemo) A Domain Name & Email Address Collection Tool
- [**499**Star][11d] [Perl] [winterheart/broadcom-bt-firmware](https://github.com/winterheart/broadcom-bt-firmware) Repository for various Broadcom Bluetooth firmware
- [**499**Star][11d] [Py] [yadominjinta/atilo](https://github.com/yadominjinta/atilo) Linux installer for termux
- [**499**Star][11d] [Java] [continuumsecurity/bdd-security](https://github.com/continuumsecurity/bdd-security) a security testing framework that uses Behaviour Driven Development concepts to create self-verifying security specifications.
- [**498**Star][10d] [Py] [sleventyeleven/linuxprivchecker](https://github.com/sleventyeleven/linuxprivchecker) a Linux Privilege Escalation Check Script
- [**498**Star][14d] [Py] [polymorf/findcrypt-yara](https://github.com/polymorf/findcrypt-yara) IDA pro plugin to find crypto constants (and more)
- [**498**Star][10d] [C] [laruence/taint](https://github.com/laruence/taint) Taint is a PHP extension, used for detecting XSS codes
- [**498**Star][13d] [PHP] [l3m0n/pentest_tools](https://github.com/l3m0n/pentest_tools) collection of pentest tools
- [**498**Star][2y] [Py] [khalilbijjou/wafninja](https://github.com/khalilbijjou/wafninja) WAFNinja is a tool which contains two functions to attack Web Application Firewalls.
- [**498**Star][2y] [hack-with-github/powerful-plugins](https://github.com/hack-with-github/powerful-plugins) Powerful plugins and add-ons for hackers
- [**498**Star][11d] [Py] [duo-labs/cloudtracker](https://github.com/duo-labs/cloudtracker) CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
- [**498**Star][10d] [Py] [1120362990/vulnerability-list](https://github.com/1120362990/vulnerability-list) 在渗透测试中快速检测常见中间件、组件的高危漏洞。
- [**497**Star][3y] [JS] [rptec/squid-pac](https://github.com/rptec/squid-pac) 利用国外VPS搭建多协议代理服务，squid PAC代理服务器，25端口翻墙 ....墙已加高，https网站已失效，普通站点仍可代理..建议使用ssr替代
- [**496**Star][4m] [Batchfile] [chef-koch/kms-activator](https://github.com/chef-koch/kms-activator) Windows activation research project.
- [**496**Star][11d] [Go] [coreos/go-iptables](https://github.com/coreos/go-iptables) Go wrapper around iptables utility
- [**496**Star][10d] [Perl] [wireghoul/dotdotpwn](https://github.com/wireghoul/dotdotpwn) DotDotPwn - The Directory Traversal Fuzzer
- [**496**Star][12d] [Py] [tenable/poc](https://github.com/tenable/poc) Proof of Concepts
- [**496**Star][4m] [Java] [t-spoon/traceur](https://github.com/t-spoon/traceur) Easier RxJava2 debugging with better stacktraces
- [**496**Star][12d] [C] [skeeto/enchive](https://github.com/skeeto/enchive) Encrypted personal archives
- [**496**Star][2y] [ksluckow/awesome-symbolic-execution](https://github.com/ksluckow/awesome-symbolic-execution) A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
- [**496**Star][15d] [Go] [evilsocket/sg1](https://github.com/evilsocket/sg1) A wanna be swiss army knife for data encryption, exfiltration and covert communication.
- [**495**Star][10d] [Jupyter Notebook] [morvanzhou/easy-scraping-tutorial](https://github.com/morvanzhou/easy-scraping-tutorial) Simple but useful Python web scraping tutorial code.
- [**495**Star][6m] [Shell] [s0md3v/diggy](https://github.com/s0md3v/Diggy) Extract endpoints from apk files.
- [**495**Star][5y] [Py] [offensivepython/nscan](https://github.com/offensivepython/nscan) a fast Network scanner optimized for internet-wide scanning purposes and inspired by Masscan and Zmap.
- [**495**Star][15d] [C++] [mikesart/gpuvis](https://github.com/mikesart/gpuvis) GPU Trace Visualizer
- [**495**Star][13d] [m1ghtym0/browser-pwn](https://github.com/m1ghtym0/browser-pwn) An updated collection of resources targeting browser-exploitation.
- [**495**Star][4m] [Py] [k8gege/k8cscan](https://github.com/k8gege/k8cscan) K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用
- [**495**Star][11d] [Assembly] [gekkio/mooneye-gb](https://github.com/gekkio/mooneye-gb) A Game Boy research project and emulator written in Rust
- [**495**Star][8m] [Py] [bashfuscator/bashfuscator](https://github.com/bashfuscator/bashfuscator) A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
- [**495**Star][14d] [JS] [adampflug/express-brute](https://github.com/adampflug/express-brute) Brute-force protection middleware for express routes by rate limiting incoming requests
- [**494**Star][12d] [TS] [fuzzitdev/jsfuzz](https://github.com/fuzzitdev/jsfuzz) coverage guided fuzz testing for javascript
- [**494**Star][4m] [C++] [ce-programming/cemu](https://github.com/CE-Programming/CEmu) Third-party TI-84 Plus CE / TI-83 Premium CE emulator, focused on developer features
- [**494**Star][4m] [C] [shinyquagsire23/switch-fightstick](https://github.com/shinyquagsire23/switch-fightstick) Proof-of-Concept LUFA Project for the Nintendo Switch. Pretends to be a HORI Pokken Pad which only prints Splatoon 2 Posts
- [**494**Star][12d] [C] [sciresm/hactool](https://github.com/sciresm/hactool) hactool is a tool to view information about, decrypt, and extract common file formats for the Nintendo Switch, especially Nintendo Content Archives.
- [**494**Star][4m] [pixelcyber/thor](https://github.com/pixelcyber/thor) HTTP Sniffer/Capture on iOS for Network Debug & Inspect.
- [**494**Star][4m] [C#] [paulbartrum/jurassic](https://github.com/paulbartrum/jurassic) A .NET library to parse and execute JavaScript code.
- [**494**Star][21d] [Py] [erevus-cn/pocscan](https://github.com/erevus-cn/pocscan) Will to be a niubility scan-framework
- [**494**Star][11d] [JS] [0xdea/frida-scripts](https://github.com/0xdea/frida-scripts) A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
- [**493**Star][21d] [C] [bitly/simplehttp](https://github.com/bitly/simplehttp) a family of libraries and daemons for building scalable web infrastructure
- [**493**Star][2y] [Py] [zdresearch/owasp-zsc](https://github.com/zdresearch/OWASP-ZSC) Shellcode/Obfuscate Code Generator
- [**493**Star][9d] [Py] [wapiflapi/villoc](https://github.com/wapiflapi/villoc) Visualization of heap operations.
- [**493**Star][9m] [Py] [viralmaniar/powershell-rat](https://github.com/viralmaniar/powershell-rat) Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
- [**493**Star][3y] [C#] [tlaster/yourav](https://github.com/tlaster/yourav) 宇宙级最轻量杀毒软件
- [**493**Star][12d] [Py] [obsidianforensics/hindsight](https://github.com/obsidianforensics/hindsight) Internet history forensics for Google Chrome/Chromium
- [**493**Star][14d] [C++] [jessek/hashdeep](https://github.com/jessek/hashdeep) md5deep, a set of cross-platform tools to compute hashes, or message digests, for any number of files while optionally recursively digging through the directory structure
- [**493**Star][17d] [Swift] [icepa/icepa](https://github.com/icepa/icepa) iOS system-wide VPN based Tor client
- [**493**Star][12d] [Py] [corkami/collisions](https://github.com/corkami/collisions) Hash collisions and their exploitations
- [**492**Star][3y] [Py] [ssrarchive/shadowsocksr](https://github.com/ssrarchive/shadowsocksr) Python port of ShadowsocksR
- [**492**Star][4m] [xiangpasama/jdsrc-small-classroom](https://github.com/xiangpasama/jdsrc-small-classroom) 京东SRC小课堂系列文章
- [**491**Star][7d] [Py] [epsylon/xsser](https://github.com/epsylon/xsser) Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
- [**491**Star][11d] [Py] [s0md3v/goop](https://github.com/s0md3v/goop) Google Search Scraper
- [**491**Star][8m] [PS] [rvrsh3ll/misc-powershell-scripts](https://github.com/rvrsh3ll/misc-powershell-scripts) Random Tools
- [**491**Star][10d] [Py] [epistasislab/penn-ml-benchmarks](https://github.com/epistasislab/penn-ml-benchmarks) PMLB: A large, curated repository of benchmark datasets for evaluating supervised machine learning algorithms.
- [**491**Star][2y] [JS] [emilbayes/secure-password](https://github.com/emilbayes/secure-password) Making Password storage safer for all
- [**491**Star][11m] [PHP] [cfreal/exploits](https://github.com/cfreal/exploits) Some of my exploits.
- [**491**Star][26d] [Ruby] [0xsauby/yasuo](https://github.com/0xsauby/yasuo) ruby 脚本，扫描网络中存在漏洞的第三方 web app
- [**490**Star][2y] [C++] [turbo/kpti-poc-collection](https://github.com/turbo/kpti-poc-collection) Meltdown/Spectre PoC src collection.
- [**490**Star][12d] [JS] [nccgroup/singularity](https://github.com/nccgroup/singularity) A DNS rebinding attack framework.
- [**490**Star][13d] [C] [hasherezade/hollows_hunter](https://github.com/hasherezade/hollows_hunter) Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- [**490**Star][11d] [PHP] [akaunting/firewall](https://github.com/akaunting/firewall) Web Application Firewall (WAF) package for Laravel
- [**489**Star][13d] [valvesoftware/csgo-osx-linux](https://github.com/ValveSoftware/csgo-osx-linux) Counter-Strike: Global Offensive
- [**489**Star][3m] [Py] [rabobank-cdc/dettect](https://github.com/rabobank-cdc/dettect) Detect Tactics, Techniques & Combat Threats
- [**489**Star][4m] [Py] [netzob/netzob](https://github.com/netzob/netzob)  Protocol Reverse Engineering, Modeling and Fuzzing
- [**489**Star][14d] [Go] [ncsa/ssh-auditor](https://github.com/ncsa/ssh-auditor) The best way to scan for weak ssh passwords on your network
- [**489**Star][2y] [HTML] [metnew/uxss-db](https://github.com/metnew/uxss-db) 
- [**489**Star][11d] [jack-liang/kalitools](https://github.com/jack-liang/kalitools) Kali Tools Translate Volunteers
- [**489**Star][4m] [C#] [akaion/bleak](https://github.com/akaion/bleak) A Windows native DLL injection library that supports several methods of injection.
- [**488**Star][10d] [Py] [controlscanmdr/cyphon](https://github.com/controlscanmdr/cyphon) Open source incident management and response platform.
- [**488**Star][10d] [Go] [stripe/safesql](https://github.com/stripe/safesql) Static analysis tool for Golang that protects against SQL injections
- [**488**Star][3y] [PS] [secabstraction/powercat](https://github.com/secabstraction/powercat) A PowerShell TCP/IP swiss army knife that works with Netcat & Ncat
- [**488**Star][10d] [ObjC] [sap/macos-enterprise-privileges](https://github.com/sap/macos-enterprise-privileges) For Mac users in an Enterprise environment, this app gives the User control over administration of their machine by elevating their level of access to Administrator privileges on macOS. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.
- [**488**Star][10d] [Py] [ridter/redis-rce](https://github.com/ridter/redis-rce) Redis 4.x/5.x RCE
- [**488**Star][15d] [C] [phoenhex/files](https://github.com/phoenhex/files) Repository for exploits/POCs/presentation of the phoenhex team
- [**488**Star][10d] [Go] [openshift/odo](https://github.com/openshift/odo) odo - Developer-focused CLI for OpenShift and Kubernetes
- [**488**Star][12d] [PHP] [nette/latte](https://github.com/nette/latte) the intuitive and fast template engine for those who want the most secure PHP sites.
- [**488**Star][4m] [C] [microsoft/symcrypt](https://github.com/microsoft/symcrypt) Cryptographic library
- [**488**Star][10d] [Go] [gen0cide/gscript](https://github.com/gen0cide/gscript) framework to rapidly implement custom droppers for all three major operating systems
- [**488**Star][11d] [Py] [coalfire-research/java-deserialization-exploits](https://github.com/coalfire-research/java-deserialization-exploits) A collection of curated Java Deserialization Exploits
- [**487**Star][10d] [JS] [phantombuster/nickjs](https://github.com/phantombuster/nickjs) Web scraping library made by the Phantombuster team. Modern, simple & works on all websites.
- [**487**Star][11d] [carolcoral/no-free_vpn](https://github.com/carolcoral/no-free_vpn) 亲测可用的 VPN。亲测有效的科学上网，同时支持 windows、mac、linux、ios 和 andrioid 系统。并提供 chrome、firefox、opera 等浏览器的插件使用。
- [**487**Star][14d] [C] [riverloopsec/killerbee](https://github.com/riverloopsec/killerbee) IEEE 802.15.4/ZigBee Security Research Toolkit
- [**487**Star][17d] [JS] [koto/xsschef](https://github.com/koto/xsschef) Chrome extension Exploitation Framework
- [**487**Star][13d] [C] [jayddee/cpuminer-opt](https://github.com/jayddee/cpuminer-opt) Optimized multi algo CPU miner
- [**487**Star][16d] [HTML] [gradiuscypher/infosec_getting_started](https://github.com/gradiuscypher/infosec_getting_started) A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
- [**487**Star][3y] [PS] [gofetchad/gofetch](https://github.com/gofetchad/gofetch) automatically exercise an attack plan generated by the BloodHound application.
- [**487**Star][4m] [Py] [dr0op/weblogicscan](https://github.com/dr0op/weblogicscan) 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
- [**487**Star][10d] [Py] [census-instrumentation/opencensus-python](https://github.com/census-instrumentation/opencensus-python) A stats collection and distributed tracing framework
- [**487**Star][4m] [Py] [aker-gateway/aker](https://github.com/aker-gateway/aker) SSH bastion/jump host/jumpserver
- [**486**Star][10d] [C++] [sylar-yin/sylar](https://github.com/sylar-yin/sylar) C++高性能分布式服务器框架,webserver,websocket server,自定义tcp_server（包含日志模块，配置模块，线程模块，协程模块，协程调度模块，io协程调度模块，hook模块，socket模块，bytearray序列化，http模块，TcpServer模块，Websocket模块，Https模块等, Smtp邮件模块, MySQL, SQLite3, ORM,Redis,Zookeeper)
- [**486**Star][11d] [Perl] [aoncyberlabs/padbuster](https://github.com/AonCyberLabs/PadBuster) Automated script for performing Padding Oracle attacks
- [**486**Star][10d] [C++] [ajkhoury/reclassex](https://github.com/ajkhoury/ReClassEx) ReClassEx
- [**486**Star][4m] [Go] [yinqiwen/gsnova](https://github.com/yinqiwen/gsnova) Private proxy solution & network troubleshooting tool.
- [**486**Star][5m] [PHP] [wonderkun/ctf_web](https://github.com/wonderkun/ctf_web) a project aim to collect CTF web practices .
- [**486**Star][2y] [Py] [shawarkhanethicalhacker/brutexss](https://github.com/shawarkhanethicalhacker/brutexss) BruteXSS - Cross-Site Scripting Bruteforcer
- [**486**Star][23d] [Ruby] [ring0lab/catphish](https://github.com/ring0lab/catphish) 用于网络钓鱼及企业间谍活动。Ruby编写
- [**486**Star][12d] [Java] [payatu/diva-android](https://github.com/payatu/diva-android) DIVA Android - Damn Insecure and vulnerable App for Android
- [**486**Star][1y] [C++] [glmcdona/process-dump](https://github.com/glmcdona/process-dump) Windows tool for dumping malware PE files from memory back to disk for analysis.
- [**486**Star][10d] [C] [exim/exim](https://github.com/exim/exim) Exim Mail Transport Agent - source, testsuite and documentation
- [**485**Star][10d] [Py] [trustedsec/cve-2019-19781](https://github.com/trustedsec/cve-2019-19781) This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
- [**485**Star][2y] [Py] [xyuanmu/xx-mini](https://github.com/xyuanmu/xx-mini) XX-Net 精简版 
- [**485**Star][14d] [Shell] [q3aql/aria2-static-builds](https://github.com/q3aql/aria2-static-builds) aria2 static builds for GNU/Linux & Windows (with OpenSSL).
- [**485**Star][3m] [C] [limpkin/mooltipass](https://github.com/limpkin/mooltipass) Github repository dedicated to the mooltipass project
- [**485**Star][10d] [clowwindy/shadowsocks-libev](https://github.com/clowwindy/shadowsocks-libev) 
- [**485**Star][3y] [Py] [4w4k3/beelogger](https://github.com/4w4k3/beelogger) Generate Gmail Emailing Keyloggers to Windows.
- [**484**Star][10d] [Py] [doyensec/inql](https://github.com/doyensec/inql) InQL - A Burp Extension for GraphQL Security Testing
- [**484**Star][10d] [Go] [jaeles-project/jaeles](https://github.com/jaeles-project/jaeles) The Swiss Army knife for automated Web Application Testing
- [**484**Star][12d] [Py] [ptresearch/unme11](https://github.com/ptresearch/unme11) Intel ME 11.x Firmware Images Unpacker
- [**484**Star][10d] [Py] [doyensec/inql](https://github.com/doyensec/inql) InQL - A Burp Extension for GraphQL Security Testing
- [**484**Star][10d] [Py] [brendan-w/python-obd](https://github.com/brendan-w/python-obd) OBD-II serial module for reading engine data
- [**484**Star][1y] [Java] [alpha1e0/pentestdb](https://github.com/alpha1e0/pentestdb) web pentest database
- [**484**Star][11d] [Java] [akdeniz/google-play-crawler](https://github.com/akdeniz/google-play-crawler) Play with Google Play API :)
- [**483**Star][10d] [Shell] [und3rf10w/kali-anonsurf](https://github.com/und3rf10w/kali-anonsurf) A port of ParrotSec's stealth and anonsurf modules to Kali Linux
- [**483**Star][17d] [Makefile] [drk1wi/portspoof](https://github.com/drk1wi/portspoof) 操作系统安全加固脚本
- [**482**Star][10d] [Java] [leibnitz27/cfr](https://github.com/leibnitz27/cfr) This is the public repository for the CFR Java decompiler
- [**481**Star][12d] [C++] [xroxygen/xray-oxygen](https://github.com/xroxygen/xray-oxygen) 
- [**481**Star][23d] [skysafe/reblog](https://github.com/skysafe/reblog) SkySafe Miscellaneous Reverse Engineering Blog
- [**481**Star][10d] [JS] [rodrigogs/easyvpn](https://github.com/rodrigogs/easyvpn) Easily connect to a VPN in a country of your choice.
- [**481**Star][7m] [Java] [tornaco/x-apm](https://github.com/tornaco/x-apm) 应用管理 Xposed
- [**481**Star][5m] [PS] [mr-un1k0d3r/redteampowershellscripts](https://github.com/mr-un1k0d3r/redteampowershellscripts) Various PowerShell scripts that may be useful during red team exercise
- [**481**Star][2y] [C] [leurak/memz](https://github.com/leurak/memz) A trojan made for Danooct1's User Made Malware Series.
- [**481**Star][5m] [Rust] [kpcyrd/sniffglue](https://github.com/kpcyrd/sniffglue) Secure multithreaded packet sniffer
- [**481**Star][11d] [Perl] [jbittel/httpry](https://github.com/jbittel/httpry) HTTP logging and information retrieval tool
- [**481**Star][11m] [Py] [duo-labs/efigy](https://github.com/duo-labs/efigy) A small client application that uses the Duo Labs EFIgy API to inform you about the state of your Mac EFI firmware
- [**481**Star][10d] [Makefile] [crifan/android_app_security_crack](https://github.com/crifan/android_app_security_crack) 安卓应用的安全和破解
- [**480**Star][18d] [Java] [xuxueli/xxl-crawler](https://github.com/xuxueli/xxl-crawler) A distributed web crawler framework.（分布式爬虫框架XXL-CRAWLER）
- [**480**Star][12d] [Py] [mehulj94/radium](https://github.com/mehulj94/Radium) Python logger with multiple features.
- [**480**Star][8m] [valvesoftware/steamvr-for-linux](https://github.com/valvesoftware/steamvr-for-linux) Issue tracker for the Linux port of SteamVR
- [**480**Star][6m] [Py] [thehackingsage/hacktronian](https://github.com/thehackingsage/hacktronian) All in One Hacking Tool for Linux & Android
- [**480**Star][7m] [Py] [stamparm/dsvw](https://github.com/stamparm/dsvw) Damn Small Vulnerable Web
- [**480**Star][2y] [C] [realjtg/meltdown](https://github.com/realjtg/meltdown) Meltdown PoC for reading passwords from Google Chrome.
- [**480**Star][11d] [Py] [osnr/horrifying-pdf-experiments](https://github.com/osnr/horrifying-pdf-experiments) 
- [**479**Star][10d] [Py] [pan-unit42/public_tools](https://github.com/pan-unit42/public_tools) 
- [**479**Star][12m] [Shell] [jgmdev/ddos-deflate](https://github.com/jgmdev/ddos-deflate) Fork of DDoS Deflate with fixes, improvements and new features.
- [**479**Star][11d] [Py] [idanr1986/cuckoo-droid](https://github.com/idanr1986/cuckoo-droid) Automated Android Malware Analysis with Cuckoo Sandbox.
- [**479**Star][12d] [Py] [firstlookmedia/pdf-redact-tools](https://github.com/firstlookmedia/pdf-redact-tools) a set of tools to help with securely redacting and stripping metadata from documents before publishing
- [**479**Star][29d] [Py] [ckmarkoh/neuralart_tensorflow](https://github.com/ckmarkoh/neuralart_tensorflow) Implementation of "A Neural Algorithm of Artistic Style" by Tensorflow
- [**479**Star][6m] [Go] [arvanaghi/checkplease](https://github.com/arvanaghi/checkplease) Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
- [**478**Star][2y] [C] [nanshihui/scan-t](https://github.com/nanshihui/scan-t) a new crawler based on python with more function including Network fingerprint search
- [**478**Star][3y] [Py] [lgandx/poc](https://github.com/lgandx/poc) Various PoCs
- [**478**Star][10d] [PHP] [arrexel/phpbash](https://github.com/arrexel/phpbash) A semi-interactive PHP shell compressed into a single file.
- [**477**Star][13d] [C++] [avast/retdec-idaplugin](https://github.com/avast/retdec-idaplugin) RetDec plugin for IDA
- [**477**Star][12d] [C] [openresty/luajit2](https://github.com/openresty/luajit2) OpenResty's Branch of LuaJIT 2
- [**477**Star][10d] [Shell] [g0tmi1k/os-scripts](https://github.com/g0tmi1k/os-scripts) Personal Collection of Operating Systems Scripts
- [**477**Star][4y] [Py] [dxa4481/wpa2-halfhandshake-crack](https://github.com/dxa4481/wpa2-halfhandshake-crack) This is a POC to show it is possible to capture enough of a handshake with a user from a fake AP to crack a WPA2 network without knowing the passphrase of the actual AP.
- [**477**Star][4m] [ctftraining/ctftraining](https://github.com/ctftraining/ctftraining) CTF Training 经典赛题复现环境
- [**477**Star][1y] [Py] [christhecoolhut/zeratool](https://github.com/christhecoolhut/zeratool) Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
- [**476**Star][11d] [Java] [bit4woo/recaptcha](https://github.com/bit4woo/recaptcha) A Burp Suite Extender that recognize CAPTCHA and use for intruder payload
- [**476**Star][26d] [Py] [einstein-/decompiler](https://github.com/EiNSTeiN-/decompiler) A decompiler with multiple backend support, written in Python. Works with IDA and Capstone.
- [**476**Star][20d] [Py] [trustedsec/meterssh](https://github.com/trustedsec/meterssh) a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection.
- [**476**Star][4m] [Java] [mycatapache/mycat2](https://github.com/mycatapache/mycat2) MySQL Proxy using Java NIO ,simple and fast
- [**476**Star][2m] [meitar/awesome-lockpicking](https://github.com/meitar/awesome-lockpicking) A curated list of awesome guides, tools, and other resources relating to the security and compromise of locks, safes, and keys.
- [**476**Star][3m] [Py] [gameye98/lazymux](https://github.com/gameye98/lazymux) termux tool installer
- [**475**Star][15d] [C] [guardianproject/orbot](https://github.com/guardianproject/orbot) The Github home of Orbot: Tor on Android (Also available on gitlab!)
- [**475**Star][10d] [Py] [vpnguy-zz/ntpdos](https://github.com/vpnguy-zz/ntpdos) Create a DDOS attack using NTP servers
- [**475**Star][13d] [Go] [yl2chen/cidranger](https://github.com/yl2chen/cidranger) Fast IP to CIDR lookup in Golang
- [**475**Star][3y] [Smali] [sensepost/kwetza](https://github.com/sensepost/kwetza) Python script to inject existing Android applications with a Meterpreter payload.
- [**475**Star][10d] [remath/literature_review](https://github.com/remath/literature_review) Survey of program analysis research with a focus on machine code
- [**475**Star][5y] [pyrotek3/powershell-ad-recon](https://github.com/pyrotek3/powershell-ad-recon) PowerShell Scripts I find useful
- [**475**Star][5m] [C#] [microsoft/dbgshell](https://github.com/microsoft/dbgshell) A PowerShell front-end for the Windows debugger engine.
- [**475**Star][4m] [C#] [malwareinfosec/ekfiddle](https://github.com/malwareinfosec/ekfiddle) A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.
- [**475**Star][7m] [LLVM] [jonathansalwan/tigress_protection](https://github.com/jonathansalwan/tigress_protection) Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
- [**475**Star][10d] [Batchfile] [ion-storm/sysmon-config](https://github.com/ion-storm/sysmon-config) Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
- [**475**Star][1y] [C++] [everettjf/machoexplorer](https://github.com/everettjf/machoexplorer) [WIP] Explore MachO File on macOS and Windows
- [**475**Star][8m] [Py] [coleifer/micawber](https://github.com/coleifer/micawber) a small library for extracting rich content from urls
- [**475**Star][2y] [Py] [0xdeadbeefjerky/office-dde-payloads](https://github.com/0xdeadbeefjerky/office-dde-payloads) Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
- [**474**Star][15d] [Py] [xingag/spider_python](https://github.com/xingag/spider_python) python爬虫
- [**474**Star][4m] [Py] [drewnf/tensorflow_object_tracking_video](https://github.com/drewnf/tensorflow_object_tracking_video) Object Tracking in Tensorflow ( Localization Detection Classification ) developed to partecipate to ImageNET VID competition
- [**474**Star][4m] [Java] [nladuo/iot-firstep](https://github.com/nladuo/iot-firstep) 一个物联网(IoT)开发的入门教程。涉及单片机、上位机、移动应用、服务器后台开发的知识。以及蓝牙4.0、以太网模块的使用实例。
- [**474**Star][1m] [missdeer/avege](https://github.com/missdeer/avege) Yet Another Redsocks Golang Fork
- [**474**Star][10d] [HTML] [thinkst/canarytokens](https://github.com/thinkst/canarytokens) Canarytokens helps track activity and actions on your network.
- [**474**Star][11d] [C] [ryancdotorg/brainflayer](https://github.com/ryancdotorg/brainflayer) A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
- [**474**Star][12d] [Py] [laramies/metagoofil](https://github.com/laramies/metagoofil) a tool for extracting metadata of public documents (pdf,doc,xls,ppt,etc) availables in the target websites
- [**474**Star][2m] [C] [deepwn/deepminer](https://github.com/deepwn/deepminer) deepMiner webminer proxy (update for cryptoNight R)
- [**474**Star][14d] [C] [cofyc/dnscrypt-wrapper](https://github.com/cofyc/dnscrypt-wrapper) This is dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver.
- [**474**Star][10d] [PHP] [athlon1600/php-proxy-app](https://github.com/athlon1600/php-proxy-app) Web Proxy Application built on php-proxy library ready to be installed on your server
- [**473**Star][8d] [C#] [adultlink/texturepanner](https://github.com/adultlink/texturepanner) This repository hosts a shader for Unity3D whose main goal is to facilitate the creation of neon-like signs, conveyor belts and basically whatever based on scrolling textures
- [**473**Star][7d] [Dockerfile] [pengchujin/v2raydocker](https://github.com/pengchujin/v2raydocker) 一键v2ray ws + tls 方便就完事了
- [**473**Star][19d] [miscreant/meta](https://github.com/miscreant/meta) 具备错误使用抗性的（Misuse-resistant ）对称加密库，支持 AES-SIV (RFC5297) 和 CHAIN/STREAM
- [**473**Star][17d] [C++] [rek7/mxtract](https://github.com/rek7/mxtract) an opensource linux based tool that analyzes and dumps memory.
- [**473**Star][14d] [C++] [ondrejbudai/hidviz](https://github.com/ondrejbudai/hidviz)  in-depth analysis of USB HID devices communication
- [**473**Star][15d] [Java] [lennartkoopmann/nzyme](https://github.com/lennartkoopmann/nzyme) Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
- [**473**Star][12d] [Shell] [kosborn/p2p-adb](https://github.com/kosborn/p2p-adb) Phone to Phone Android Debug Bridge - A project for "debugging" phones... from other phones.
- [**473**Star][11d] [C] [furrtek/portapack-havoc](https://github.com/furrtek/portapack-havoc) Custom firmware for the HackRF SDR + PortaPack H1 addon
- [**473**Star][1m] [Py] [cchio/deep-pwning](https://github.com/cchio/deep-pwning) Metasploit for machine learning.
- [**473**Star][10d] [Py] [awslabs/aws-waf-security-automations](https://github.com/awslabs/aws-waf-security-automations) This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
- [**472**Star][4m] [Swift] [1amageek/bleu](https://github.com/1amageek/bleu) BLE (Bluetooth LE) for U
- [**472**Star][7m] [Py] [globaleaks/tor2web](https://github.com/globaleaks/tor2web) Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
- [**471**Star][4y] [CoffeeScript] [rastapasta/pokemon-go-mitm](https://github.com/rastapasta/pokemon-go-mitm) 
- [**471**Star][3y] [Go] [egebalci/hercules](https://github.com/egebalci/hercules) HERCULES is a special payload generator that can bypass antivirus softwares.
- [**470**Star][16d] [Py] [angr/rex](https://github.com/angr/rex) Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
- [**470**Star][11d] [C++] [spacehuhn/esp8266_beaconspam](https://github.com/spacehuhn/esp8266_beaconspam) Creates up to a thousand WiFi access points with custom SSIDs.
- [**470**Star][16d] [Py] [angr/rex](https://github.com/angr/rex) Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
- [**470**Star][1y] [C++] [ntquery/scylla](https://github.com/ntquery/scylla) Imports Reconstructor
- [**470**Star][2m] [JS] [ghostwords/chameleon](https://github.com/ghostwords/chameleon) Browser fingerprinting protection for everybody.
- [**469**Star][3m] [Py] [charles2gan/gda-android-reversing-tool](https://github.com/charles2gan/gda-android-reversing-tool) GDA is a new decompiler written entirely in c++, so it does not rely on the Java platform, which is succinct, portable and fast, and supports APK, DEX, ODEX, oat.
- [**469**Star][10d] [Py] [aouinizied/nfstream](https://github.com/aouinizied/nfstream) a Flexible Network Data Analysis Framework.
- [**469**Star][17d] [Lua] [w3h/icsmaster](https://github.com/w3h/icsmaster) ICS/SCADA Security Resource
- [**469**Star][3m] [C] [vanhauser-thc/aflplusplus](https://github.com/vanhauser-thc/aflplusplus)  afl 2.56b with community patches
- [**469**Star][11d] [Rust] [rustcrypto/hashes](https://github.com/rustcrypto/hashes) Collection of cryptographic hash functions written in pure Rust
- [**469**Star][1y] [Java] [owasp/owasp-webscarab](https://github.com/owasp/owasp-webscarab) OWASP WebScarab
- [**469**Star][12d] [JS] [digitalsecurity/btlejuice](https://github.com/digitalsecurity/btlejuice) BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework
- [**468**Star][3y] [Py] [yukinoshita47/yuki-chan-the-auto-pentest](https://github.com/yukinoshita47/yuki-chan-the-auto-pentest) an Automated Penetration Testing tool this tool will auditing all standard security test method for you.
- [**468**Star][12d] [skyblueeternal/thinkphp-rce-poc-collection](https://github.com/skyblueeternal/thinkphp-rce-poc-collection) thinkphp v5.x 远程代码执行漏洞-POC集合
- [**468**Star][4m] [ObjC] [patrick-kladek/cocoadebugkit](https://github.com/patrick-kladek/cocoadebugkit) Debugging made easy. Automatically create QuickLook images of custom objects
- [**468**Star][1y] [C] [martinmarinov/tempestsdr](https://github.com/martinmarinov/tempestsdr) Remote video eavesdropping using a software-defined radio platform
- [**468**Star][12d] [iovisor/bpf-docs](https://github.com/iovisor/bpf-docs) Presentations and docs
- [**468**Star][27d] [Ruby] [crossref/pdfextract](https://github.com/crossref/pdfextract) MOVED TO
- [**468**Star][3y] [C++] [aimtuxofficial/aimtux](https://github.com/aimtuxofficial/aimtux) A large Linux csgo cheat/hack
- [**468**Star][13d] [C++] [ahupowerdns/hello-dns](https://github.com/ahupowerdns/hello-dns) Hello and welcome to DNS!
- [**467**Star][11d] [Ruby] [praetorian-code/purple-team-attack-automation](https://github.com/praetorian-code/purple-team-attack-automation) Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
- [**467**Star][26d] [JS] [mdp/gibberish-aes](https://github.com/mdp/gibberish-aes) A fully OpenSSL compliant javascript library for AES encryption.
- [**467**Star][2y] [Go] [ice3man543/subover](https://github.com/ice3man543/subover) A Powerful Subdomain Takeover Tool
- [**467**Star][2y] [Py] [dchrastil/scrapedin](https://github.com/dchrastil/scrapedin) A tool to scrape LinkedIn without API restrictions for data reconnaissance
- [**466**Star][15d] [Makefile] [crifan/scientific_network_summary](https://github.com/crifan/scientific_network_summary) 总结关于科学上网的概念方法及工具
- [**466**Star][24d] [Go] [solo-io/sqoop](https://github.com/solo-io/sqoop) The GraphQL Engine powered by Gloo
- [**466**Star][4m] [Kotlin] [v2ray-android/actinium](https://github.com/v2ray-android/actinium) A 3rd party V2Ray client for Android
- [**466**Star][4m] [JS] [philbooth/complexity-report](https://github.com/philbooth/complexity-report) [UNMAINTAINED] Software complexity analysis for JavaScript projects
- [**466**Star][15d] [C] [ntruchsess/arduino_uip](https://github.com/ntruchsess/arduino_uip) A plugin-replacement of the stock Arduino Ethernet library for ENC28J60 shields and breakout boards. Full support for persistent (streaming) TCP-connections and UDP (Client and Server each), ARP, ICMP, DHCP and DNS. Build around Adam Dunkels uIP Stack. Further developed version can be found on
- [**466**Star][3y] [POV-Ray SDL] [hzqst/syscall-monitor](https://github.com/hzqst/syscall-monitor)  a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
- [**466**Star][7d] [Py] [google/vulncode-db](https://github.com/google/vulncode-db)  a database for vulnerabilities and their corresponding source code if available
- [**466**Star][12d] [fkromer/awesome-ros2](https://github.com/fkromer/awesome-ros2) The Robot Operating System Version 2.0 is awesome!
- [**466**Star][26d] [TeX] [corkami/docs](https://github.com/corkami/docs) documentations, slides decks...
- [**466**Star][9m] [C++] [comaeio/opcde](https://github.com/comaeio/opcde) OPCDE Cybersecurity Conference Materials
- [**466**Star][10d] [aptive/penetration-testing-tools](https://github.com/aptive/penetration-testing-tools) make a single repository for all the commonly used penetration testing tools, typically tools that don't exist within Kali or other penetration testing distros.
- [**465**Star][3m] [C#] [tidesec/bypassantivirus](https://github.com/tidesec/bypassantivirus) 远控免杀系列文章及配套工具，搜集汇总了互联网上的几十种免杀工具和免杀方法，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。
- [**465**Star][4m] [JS] [chill117/proxy-lists](https://github.com/chill117/proxy-lists) Node.js module and CLI tool to get proxies from publicly available proxy lists.
- [**465**Star][1y] [Kotlin] [shadowsocks/kcptun-android](https://github.com/shadowsocks/kcptun-android) kcptun for Android.
- [**465**Star][10d] [Shell] [thelinuxchoice/saycheese](https://github.com/thelinuxchoice/saycheese) Grab target's webcam shots by link
- [**465**Star][9m] [re4lity/hacking-with-golang](https://github.com/re4lity/hacking-with-golang) Golang安全资源合集
- [**465**Star][6m] [Shell] [r00t-3xp10it/fakeimageexploiter](https://github.com/r00t-3xp10it/fakeimageexploiter) Use a Fake image.jpg to exploit targets (hide known file extensions)
- [**465**Star][4y] [pgaijin66/xss-payloads](https://github.com/pgaijin66/xss-payloads) List of advanced XSS payloads
- [**465**Star][6y] [Py] [bramcohen/dissidentx](https://github.com/bramcohen/dissidentx) Bram's steganographic framework
- [**465**Star][15d] [Py] [appsecco/bugcrowd-levelup-subdomain-enumeration](https://github.com/appsecco/bugcrowd-levelup-subdomain-enumeration) This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
- [**464**Star][11d] [Go] [cnbattle/douyin](https://github.com/cnbattle/douyin) golang adb nodejs anyproxy
- [**464**Star][16d] [C++] [lifting-bits/remill](https://github.com/lifting-bits/remill) Library for lifting of x86, amd64, and aarch64 machine code to LLVM bitcode
- [**464**Star][10d] [C] [newaetech/chipwhisperer](https://github.com/newaetech/chipwhisperer) thecomplete open-source toolchain for side-channel power analysis and glitchingattacks
- [**464**Star][3y] [C] [nccgroup/triforceafl](https://github.com/nccgroup/triforceafl) AFL/QEMU fuzzing with full-system emulation.
- [**464**Star][9m] [C++] [emoon/prodbg](https://github.com/emoon/prodbg) Debugging the way it's meant to be done
- [**464**Star][12d] [C] [aarond10/https_dns_proxy](https://github.com/aarond10/https_dns_proxy) A lightweight DNS-over-HTTPS proxy.
- [**463**Star][23d] [Py] [blacknbunny/cve-2018-10933](https://github.com/blacknbunny/CVE-2018-10933) Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH)
- [**463**Star][6m] [Py] [nsonaniya2010/subdomainizer](https://github.com/nsonaniya2010/subdomainizer) A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
- [**463**Star][3m] [Java] [mr-xn/penetration_testing_poc](https://github.com/mr-xn/penetration_testing_poc) About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce
- [**463**Star][19d] [C] [jpr5/ngrep](https://github.com/jpr5/ngrep) like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets.
- [**463**Star][11d] [C++] [google/binexport](https://github.com/google/binexport) Export disassemblies into Protocol Buffers
- [**463**Star][11d] [Py] [forensicartifacts/artifacts](https://github.com/forensicartifacts/artifacts) Digital Forensics Artifact Repository
- [**463**Star][10d] [C] [facebook/openbmc](https://github.com/facebook/openbmc) OpenBMC is an open software framework to build a complete Linux image for a Board Management Controller (BMC).
- [**463**Star][11d] [Perl] [chinarulezzz/pixload](https://github.com/chinarulezzz/pixload) Image Payload Creating/Injecting tools
- [**462**Star][14d] [C#] [ryanlamansky/dotnet-webassembly](https://github.com/ryanlamansky/dotnet-webassembly) Create, read, modify, write and execute WebAssembly (WASM) files from .NET-based applications.
- [**462**Star][10d] [Java] [portswigger/http-request-smuggler](https://github.com/PortSwigger/http-request-smuggler) an extension for Burp Suite designed to help you launch HTTP Request Smuggling attack
- [**462**Star][11d] [xtiankisutsa/awesome-mobile-ctf](https://github.com/xtiankisutsa/awesome-mobile-ctf) This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
- [**462**Star][10d] [PS] [spiderlabs/portia](https://github.com/spiderlabs/portia) Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
- [**462**Star][2y] [rsmudge/malleable-c2-profiles](https://github.com/rsmudge/malleable-c2-profiles) Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
- [**462**Star][11d] [C++] [pstavirs/ostinato](https://github.com/pstavirs/ostinato) Packet/Traffic Generator and Analyzer
- [**462**Star][8d] [C#] [jbe2277/waf](https://github.com/jbe2277/waf) Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
- [**462**Star][10d] [C] [floooh/chips](https://github.com/floooh/chips) 8-bit chip and system emulators in standalone C headers
- [**462**Star][11d] [PS] [d0nkeys/redteam](https://github.com/d0nkeys/redteam) Red Team Scripts 
- [**462**Star][8d] [JS] [brannondorsey/whonow](https://github.com/brannondorsey/whonow) A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
- [**461**Star][4m] [Java] [fengzhizi715/netdiscovery](https://github.com/fengzhizi715/netdiscovery) NetDiscovery 是一款基于 Vert.x、RxJava 2 等框架实现的通用爬虫框架/中间件。
- [**461**Star][17d] [C] [lucasjones/cpuminer-multi](https://github.com/lucasjones/cpuminer-multi) Multi-algo CPUMiner & Reference Cryptonote Miner (JSON-RPC 2.0)
- [**461**Star][11d] [Py] [jekyc/wig](https://github.com/jekyc/wig) a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.
- [**461**Star][4m] [Shell] [jactor-sue/deepin-apps-installation](https://github.com/jactor-sue/deepin-apps-installation) 本仓库介绍如何在基于Ubuntu的系统上安装Deepin移植的软件
- [**461**Star][11d] [C++] [hasherezade/dll_to_exe](https://github.com/hasherezade/dll_to_exe) Converts a DLL into EXE
- [**461**Star][10d] [Java] [batfish/batfish](https://github.com/batfish/batfish) Batfish is a network configuration analysis tool that can find bugs and guarantee the correctness of (planned or current) network configurations. It enables network engineers to rapidly and safely evolve their network, without fear of outages or security breaches.
- [**460**Star][10d] [Py] [aws-samples/aws-waf-sample](https://github.com/aws-samples/aws-waf-sample) This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
- [**460**Star][9d] [PHP] [ysrc/webshell-sample](https://github.com/ysrc/webshell-sample) 收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。
- [**460**Star][10d] [C#] [vletoux/pingcastle](https://github.com/vletoux/pingcastle) Get Active Directory Security at 80% in 20% of the time
- [**460**Star][4m] [Ruby] [tidesec/fuzzscanner](https://github.com/tidesec/fuzzscanner) 一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
- [**460**Star][12d] [C++] [simonkagstrom/kcov](https://github.com/simonkagstrom/kcov) Code coverage tool for compiled programs, Python and Bash which uses debugging information to collect and report data without special compilation options
- [**460**Star][7d] [owasp/api-security](https://github.com/owasp/api-security) OWASP API Security Project
- [**459**Star][1y] [jnusimba/miscsecnotes](https://github.com/jnusimba/miscsecnotes) some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
- [**459**Star][10m] [Java] [graxcode/jbytemod-beta](https://github.com/graxcode/jbytemod-beta) Java bytecode editor
- [**459**Star][15d] [Go] [client9/ipcat](https://github.com/client9/ipcat) Categorization of IP Addresses
- [**458**Star][11d] [Dockerfile] [luisfarzati/localdots](https://github.com/luisfarzati/localdots) HTTPS domains for localhost.
- [**458**Star][16d] [HTML] [praetorian-code/dvrf](https://github.com/praetorian-code/DVRF) The Damn Vulnerable Router Firmware Project
- [**458**Star][14d] [Py] [shmilylty/cheetah](https://github.com/shmilylty/cheetah) a very fast brute force webshell password tool
- [**458**Star][2y] [Py] [undeadsec/evilurl](https://github.com/undeadsec/evilurl) Generate unicode evil domains for IDN Homograph Attack and detect them.
- [**458**Star][9d] [Swift] [securing/iossecuritysuite](https://github.com/securing/iossecuritysuite) iOS platform security & anti-tampering Swift library
- [**458**Star][2y] [Py] [embedi/cve-2017-11882](https://github.com/embedi/cve-2017-11882) Proof-of-Concept exploits for CVE-2017-11882
- [**458**Star][21d] [Py] [dnsviz/dnsviz](https://github.com/dnsviz/dnsviz) s a tool suite for analysis and visualization of Domain Name System (DNS) behavior, including its security extensions (DNSSEC)
- [**457**Star][10d] [Java] [pwittchen/networkevents](https://github.com/pwittchen/networkevents) Android library listening network connection state and change of the WiFi signal strength with event bus
- [**457**Star][9m] [Py] [xuanhun/pythonhackingbook1](https://github.com/xuanhun/pythonhackingbook1) Python黑客编程之极速入门
- [**457**Star][13d] [Jupyter Notebook] [saurabhmathur96/clickbait-detector](https://github.com/saurabhmathur96/clickbait-detector) Detects clickbait headlines using deep learning.
- [**457**Star][22d] [Go] [retroplasma/flyover-reverse-engineering](https://github.com/retroplasma/flyover-reverse-engineering) Reversing Apple's 3D satellite mode
- [**457**Star][11d] [Kotlin] [portswigger/turbo-intruder](https://github.com/portswigger/turbo-intruder) a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
- [**457**Star][9m] [C++] [omerya/invisi-shell](https://github.com/omerya/invisi-shell) Hide your Powershell script in plain sight. Bypass all Powershell security features
- [**457**Star][28d] [Py] [neohapsis/bbqsql](https://github.com/neohapsis/bbqsql) SQL Injection Exploitation Tool
- [**457**Star][13d] [C] [mncoppola/suterusu](https://github.com/mncoppola/suterusu) An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
- [**457**Star][1y] [Py] [mandatoryprogrammer/tldr](https://github.com/mandatoryprogrammer/tldr) TLDR (TLD Records) is a continually updated DNS archive of zone transfer attempts again all existing TLD nameservers as well as the root servers.
- [**457**Star][3m] [C++] [khronosgroup/spirv-tools](https://github.com/khronosgroup/spirv-tools) provides an API and commands for processing SPIR-V module
- [**457**Star][2y] [Py] [jfoote/exploitable](https://github.com/jfoote/exploitable) The 'exploitable' GDB plugin. I don't work at CERT anymore, but here is the original homepage:
- [**457**Star][10d] [Py] [j00ru/ctf-tasks](https://github.com/j00ru/ctf-tasks) An archive of low-level CTF challenges developed over the years
- [**457**Star][4m] [Py] [chef-koch/nsablocklist](https://github.com/chef-koch/nsablocklist) HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server
- [**456**Star][3m] [C#] [morkt/garbro](https://github.com/morkt/garbro) Visual Novels resource browser
- [**456**Star][16d] [Go] [gorilla/securecookie](https://github.com/gorilla/securecookie) Package gorilla/securecookie encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- [**456**Star][11d] [ansjdnakjdnajkd/ios](https://github.com/ansjdnakjdnajkd/ios) Most usable tools for iOS penetration testing
- [**455**Star][4m] [PHP] [antonioribeiro/google2fa-laravel](https://github.com/antonioribeiro/google2fa-laravel) A One Time Password Authentication package, compatible with Google Authenticator for Laravel
- [**455**Star][13d] [C++] [vusec/drammer](https://github.com/vusec/drammer) Native binary for testing Android phones for the Rowhammer bug
- [**455**Star][10d] [C] [spinkham/skipfish](https://github.com/spinkham/skipfish) Web application security scanner created by lcamtuf for google - Unofficial Mirror
- [**455**Star][6m] [Py] [sidechannelmarvels/deadpool](https://github.com/sidechannelmarvels/deadpool) Repository of various public white-box cryptographic implementations and their practical attacks.
- [**455**Star][10d] [Py] [ring04h/wyproxy](https://github.com/ring04h/wyproxy) proxying and recording HTTP/HTTPs/Socks5 proxy flow, save to MYSQL database.
- [**455**Star][10m] [PHP] [kasperskylab/klara](https://github.com/kasperskylab/klara) Kaspersky's GReAT KLara
- [**455**Star][5m] [Py] [jpaulmora/pyrit](https://github.com/jpaulmora/pyrit) The famous WPA precomputed cracker, Migrated from Google.
- [**455**Star][11d] [Py] [ioactive/jdwp-shellifier](https://github.com/ioactive/jdwp-shellifier) be used by pentesters against active JDWP service, in order to gain Remote Code Execution.
- [**455**Star][2m] [CSS] [graniet/chromebackdoor](https://github.com/graniet/chromebackdoor)  a PoC of pentest tool, use a MITB technique for generate a windows executable ".exe" after launch run a malicious extension or script on most popular browsers, and send all DOM datas on command and control.
- [**455**Star][11d] [Go] [gcla/gowid](https://github.com/gcla/gowid) Compositional widgets for terminal user interfaces, written in Go, inspired by urwid.
- [**455**Star][4m] [ObjC] [aburgh/disk-arbitrator](https://github.com/aburgh/disk-arbitrator) A Mac OS X forensic utility which manages file system mounting in support of forensic procedures.
- [**454**Star][12d] [Go] [go-crawler/lagou_jobs](https://github.com/go-crawler/lagou_jobs) 爬虫带你了解一下Golang的市场行情
- [**454**Star][8d] [riusksk/vul_war](https://github.com/riusksk/vul_war) 《漏洞战争：软件漏洞分析精要》配套资料
- [**454**Star][2y] [JS] [simonepri/upash](https://github.com/simonepri/upash) allow you to have a clean and easy-to-use API to use any password hashing algorithm seamlessly in your application.
- [**454**Star][1m] [C] [haka-security/haka](https://github.com/haka-security/haka) a collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files.
- [**453**Star][11m] [Py] [stanislav-web/opendoor](https://github.com/stanislav-web/opendoor) OWASP WEB Directory Scanner
- [**453**Star][4m] [C] [rogerclarkmelbourne/stm32duino-bootloader](https://github.com/rogerclarkmelbourne/stm32duino-bootloader) Bootloader for STM32F103 boards, for use with the Arduino_STM32 repo and the Arduino IDE
- [**453**Star][18d] [Ruby] [relevance/tarantula](https://github.com/relevance/tarantula) a big hairy fuzzy spider that crawls your site, wreaking havoc
- [**453**Star][11d] [milabs/awesome-linux-rootkits](https://github.com/milabs/awesome-linux-rootkits) awesome-linux-rootkits
- [**453**Star][10d] [Py] [honeynet/droidbot](https://github.com/honeynet/droidbot) A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!
- [**453**Star][12d] [Go] [gojek/weaver](https://github.com/gojek/weaver) An Advanced HTTP Reverse Proxy with Dynamic Sharding Strategies
- [**453**Star][5m] [C++] [cobaltfusion/debugviewpp](https://github.com/cobaltfusion/debugviewpp) DebugView++, collects, views, filters your application logs, and highlights information that is important to you!
- [**453**Star][15d] [Go] [chaitin/cloudwalker](https://github.com/chaitin/cloudwalker) CloudWalker Platform
- [**452**Star][1m] [Py] [alexmathew/scrapple](https://github.com/alexmathew/scrapple) A framework for creating semi-automatic web content extractors
- [**452**Star][11d] [C] [lihancong/tonyenc](https://github.com/lihancong/tonyenc) 高性能、跨平台的 PHP7 代码加密扩展 (A high performance and cross-platform encrypt extension for PHP source code)
- [**452**Star][5m] [C] [ufrisk/memprocfs](https://github.com/ufrisk/memprocfs) The Memory Process File System
- [**452**Star][10d] [stamparm/ipsum](https://github.com/stamparm/ipsum) Daily feed of bad IPs (with blacklist hit scores)
- [**452**Star][10d] [C] [samba-team/samba](https://github.com/samba-team/samba) he standard Windows interoperability suite of programs for Linux and Unix
- [**452**Star][12d] [C] [frida/frida-python](https://github.com/frida/frida-python) Frida Python bindings
- [**451**Star][10d] [Go] [lc/gau](https://github.com/lc/gau) Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
- [**451**Star][16d] [C++] [etodd/lasercrabs](https://github.com/etodd/lasercrabs) Launch your LASERCRAB at walls, ceilings, and enemy heads in this indie multiplayer shooter where "move" and "attack" are synonymous.
- [**451**Star][12d] [Java] [bihe0832/android-getapkinfo](https://github.com/bihe0832/android-getapkinfo) 获取Android应用基本信息的工具集
- [**451**Star][10d] [JS] [saucxs/watermark-dom](https://github.com/saucxs/watermark-dom) 基于DOM对象实现的BS系统的水印，确保系统保密性，安全性，降低数据泄密风险，简单轻量，支持多属性配置，动态计算水印，水印防被删
- [**451**Star][12d] [Py] [mitre/multiscanner](https://github.com/mitre/multiscanner) Modular file scanning/analysis framework
- [**451**Star][5m] [C#] [sdrapkin/securitydriven.inferno](https://github.com/sdrapkin/securitydriven.inferno) 
- [**451**Star][4m] [Py] [n1xbyte/cve-2019-0708](https://github.com/n1xbyte/cve-2019-0708) dump
- [**451**Star][15d] [magoo/redteam-plan](https://github.com/magoo/redteam-plan) Issues to consider when planning a red team exercise.
- [**451**Star][13d] [Py] [endgameinc/gym-malware](https://github.com/endgameinc/gym-malware) a malware manipulation environment for OpenAI's gym
- [**451**Star][2y] [PS] [danielbohannon/revoke-obfuscation](https://github.com/danielbohannon/revoke-obfuscation) PowerShell Obfuscation Detection Framework
- [**451**Star][3y] [C] [cr4sh/openreil](https://github.com/cr4sh/openreil) Open source library that implements translator and tools for REIL (Reverse Engineering Intermediate Language)
- [**451**Star][12d] [HTML] [blabla1337/skf-flask](https://github.com/blabla1337/skf-flask) Security Knowledge Framework (SKF) Python Flask / Angular project
- [**450**Star][11d] [Rust] [ah-/anne-key](https://github.com/ah-/anne-key) Firmware for Anne Pro Keyboard written in Rust
- [**450**Star][11d] [Dockerfile] [jpillora/docker-dnsmasq](https://github.com/jpillora/docker-dnsmasq) dnsmasq in a docker container, configurable via a simple web UI
- [**450**Star][7d] [Lua] [xsec-lab/x-waf](https://github.com/xsec-lab/x-waf) 适用于中小企业的云waf
- [**450**Star][11d] [preos-security/awesome-firmware-security](https://github.com/preos-security/awesome-firmware-security) Awesome Firmware Security & Other Helpful Documents
- [**450**Star][9m] [Py] [payatu/tiredful-api](https://github.com/payatu/tiredful-api) An intentionally designed broken web application based on REST API.
- [**450**Star][12d] [Rust] [m4b/goblin](https://github.com/m4b/goblin) An impish, cross-platform binary parsing crate, written in Rust
- [**450**Star][12d] [C++] [hatriot/token-priv](https://github.com/hatriot/token-priv) Token Privilege Research
- [**450**Star][4y] [Py] [alienvault-labs/alienvaultlabs](https://github.com/alienvault-labs/alienvaultlabs) Alienvault Labs Projects Random Stuff
- [**450**Star][9m] [C++] [alexhude/friend](https://github.com/alexhude/friend) Flexible Register/Instruction Extender aNd Documentation
- [**450**Star][4m] [7kbstorm/7kbscan-webpathbrute](https://github.com/7kbstorm/7kbscan-webpathbrute) Web Path Brute Discovery
- [**449**Star][10d] [Shell] [hijkpw/scripts](https://github.com/hijkpw/scripts) Shadowsocks/SS一键脚本、ShadowsocksR/SSR一键脚本、V2Ray一键脚本、trojan一键脚本、VPS购买教程，以及各种资源教程
- [**449**Star][16d] [Go] [titanous/heartbleeder](https://github.com/titanous/heartbleeder) OpenSSL CVE-2014-0160 Heartbleed vulnerability test
- [**449**Star][13d] [Shell] [sroberts/awesome-iocs](https://github.com/sroberts/awesome-iocs) A collection of sources of indicators of compromise.
- [**449**Star][10d] [CSS] [mike-goodwin/owasp-threat-dragon-desktop](https://github.com/mike-goodwin/owasp-threat-dragon-desktop) An installable desktop variant of OWASP Threat Dragon
- [**449**Star][4m] [Py] [dashingsoft/pyarmor](https://github.com/dashingsoft/pyarmor) A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.
- [**449**Star][11m] [Py] [albinowax/activescanplusplus](https://github.com/albinowax/activescanplusplus) ActiveScan++ Burp Suite Plugin
- [**448**Star][5y] [C++] [boyliang/allhookinone](https://github.com/boyliang/allhookinone)  all method hook approachs for android such as dalvik hook, art hook, elf hook and inline hook
- [**448**Star][4m] [Ruby] [shopify/statsd-instrument](https://github.com/shopify/statsd-instrument) A StatsD client for Ruby apps. Provides metaprogramming methods to inject StatsD instrumentation into your code.
- [**448**Star][11d] [Go] [riobard/go-shadowsocks2](https://github.com/riobard/go-shadowsocks2) Experimental Shadowsocks in Go. Stable fork at
- [**448**Star][15d] [Java] [nccgroup/freddy](https://github.com/nccgroup/freddy) Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
- [**448**Star][12d] [Ruby] [david942j/seccomp-tools](https://github.com/david942j/seccomp-tools) Provide powerful tools for seccomp analysis.  targeted to (but not limited to) analyze seccomp sandbox in CTF pwn challenges
- [**447**Star][2m] [C] [taviso/avscript](https://github.com/taviso/avscript) Avast JavaScript Interactive Shell
- [**447**Star][10d] [thejambo/awesome-testing](https://github.com/thejambo/awesome-testing) A curated list of testing resources
- [**447**Star][9m] [Java] [megatronking/netbare](https://github.com/megatronking/netbare) Net packets capture & injection library designed for Android
- [**447**Star][2m] [Rust] [ierror/ssh-permit-a38](https://github.com/ierror/ssh-permit-a38) Central management and deployment for SSH keys
- [**447**Star][12d] [Go] [alphasoc/flightsim](https://github.com/alphasoc/flightsim) A utility to generate malicious network traffic and evaluate controls
- [**447**Star][4m] [Py] [admintony/prepare-for-awd](https://github.com/admintony/prepare-for-awd) AWD攻防赛脚本集合
- [**446**Star][2m] [Swift] [inamiy/cassowary](https://github.com/inamiy/cassowary) An incremental linear constraint-solving algorithm (Auto Layout) in Swift.
- [**446**Star][16d] [PHP] [terrylinooo/shieldon](https://github.com/terrylinooo/shieldon) Web Application Firewall (WAF) for PHP.
- [**446**Star][13d] [Py] [openrce/paimei](https://github.com/openrce/paimei) A reverse engineering framework written in Python.
- [**446**Star][12d] [Py] [kromtech/s3-inspector](https://github.com/kromtech/s3-inspector) Tool to check AWS S3 bucket permissions
- [**446**Star][4m] [Java] [hive2hive/hive2hive](https://github.com/hive2hive/hive2hive) Java library for secure, distributed, P2P-based file synchronization and sharing.
- [**446**Star][12d] [Java] [eclipse/californium](https://github.com/eclipse/californium) CoAP/DTLS Java Implementation
- [**445**Star][11d] [PHP] [spatie/ssl-certificate](https://github.com/spatie/ssl-certificate) A class to validate SSL certificates
- [**445**Star][5m] [xuanhun/hackingresource](https://github.com/xuanhun/hackingresource) “玄魂工作室--安全圈” 知识星球内资源汇总
- [**445**Star][5m] [Go] [tomnomnom/waybackurls](https://github.com/tomnomnom/waybackurls) Fetch all the URLs that the Wayback Machine knows about for a domain
- [**445**Star][3y] [Vim script] [tmhedberg/simpylfold](https://github.com/tmhedberg/simpylfold) No-BS Python code folding for Vim
- [**445**Star][12d] [C] [rocky/remake](https://github.com/rocky/remake) Enhanced GNU Make - tracing, error reporting, debugging, profiling and more
- [**445**Star][10d] [Py] [p1r06u3/opencanary_web](https://github.com/p1r06u3/opencanary_web) The web management platform of honeypot
- [**445**Star][1m] [C++] [moxie0/sslsniff](https://github.com/moxie0/sslsniff) A tool for automated MITM attacks on SSL connections.
- [**445**Star][13d] [kai5263499/osx-security-awesome](https://github.com/kai5263499/osx-security-awesome) A collection of OSX and iOS security resources
- [**445**Star][1y] [captainarash/the_holy_book_of_x86](https://github.com/captainarash/the_holy_book_of_x86) A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS....
- [**444**Star][16d] [Py] [alecxe/scrapy-fake-useragent](https://github.com/alecxe/scrapy-fake-useragent) Random User-Agent middleware based on fake-useragent
- [**444**Star][12d] [Py] [stamparm/fetch-some-proxies](https://github.com/stamparm/fetch-some-proxies) Simple Python script for fetching "some" (usable) proxies
- [**444**Star][18d] [Py] [pielco11/fav-up](https://github.com/pielco11/fav-up) IP lookup by favicon using Shodan
- [**444**Star][11d] [C] [libvmi/libvmi](https://github.com/libvmi/libvmi) a virtual machine introspection library
- [**444**Star][21d] [ObjC] [keith/hopper-swift-demangle](https://github.com/keith/hopper-swift-demangle) A Hopper plugin for demangle Swift symbols
- [**444**Star][4y] [Py] [brianwrf/hackutils](https://github.com/brianwrf/hackutils) a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module 
- [**444**Star][30d] [Awk] [alecmuffett/eotk](https://github.com/alecmuffett/eotk) Enterprise Onion Toolkit
- [**443**Star][10d] [HTML] [tanjiti/sec_profile](https://github.com/tanjiti/sec_profile) 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
- [**443**Star][19d] [C] [juuso/keychaindump](https://github.com/juuso/keychaindump) A proof-of-concept tool for reading OS X keychain passwords
- [**443**Star][3m] [jnusimba/androidsecnotes](https://github.com/jnusimba/androidsecnotes) some learning notes about Android Security
- [**443**Star][6m] [C++] [hoshimin/kernel-bridge](https://github.com/hoshimin/kernel-bridge) Windows kernel hacking framework, driver template, hypervisor and API written on C++
- [**443**Star][3m] [JS] [ayms/node-tor](https://github.com/ayms/node-tor) Javascript implementation of the Tor (or Tor like) anonymizer project (The Onion Router)
- [**443**Star][16d] [Py] [0x4d31/honeylambda](https://github.com/0x4d31/honeylambda) honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
- [**442**Star][3m] [C#] [pickfordmatt/sharplocker](https://github.com/pickfordmatt/sharplocker) 
- [**442**Star][7d] [C++] [medusalix/xow](https://github.com/medusalix/xow) Linux driver for the Xbox One wireless dongle
- [**442**Star][8d] [Assembly] [jthuraisamy/syswhispers](https://github.com/jthuraisamy/syswhispers) AV/EDR evasion via direct system calls.
- [**442**Star][15d] [C++] [wbenny/pdbex](https://github.com/wbenny/pdbex) pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers
- [**442**Star][5m] [C++] [var-solutions/algorithms](https://github.com/var-solutions/algorithms) Efficient Algorithms
- [**442**Star][12d] [Py] [qwj/python-proxy](https://github.com/qwj/python-proxy) HTTP/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.
- [**442**Star][10d] [Py] [nimia/public_drown_scanner](https://github.com/nimia/public_drown_scanner) 
- [**442**Star][4y] [C#] [keepwn/altman](https://github.com/keepwn/altman) the cross platform webshell tool in .NET
- [**442**Star][11d] [PHP] [floedesigntechnologies/phpcs-security-audit](https://github.com/floedesigntechnologies/phpcs-security-audit) phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
- [**441**Star][15d] [Ruby] [fuzzapi/fuzzapi](https://github.com/Fuzzapi/fuzzapi) Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
- [**441**Star][10d] [Java] [spring-cloud/spring-cloud-security](https://github.com/spring-cloud/spring-cloud-security) Security concerns for distributed applications implemented in Spring
- [**441**Star][3m] [Py] [secureworks/dcept](https://github.com/secureworks/dcept) A tool for deploying and detecting use of Active Directory honeytokens
- [**441**Star][11d] [Java] [patrickfav/uber-apk-signer](https://github.com/patrickfav/uber-apk-signer) A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
- [**441**Star][3y] [Py] [nahamsec/jsparser](https://github.com/nahamsec/jsparser)  using Tornado and JSBeautifier to parse relative URLs from JavaScript files
- [**441**Star][12m] [Pascal] [mojtabatajik/robber](https://github.com/mojtabatajik/robber) Robber is open source tool for finding executables prone to DLL hijacking
- [**441**Star][13d] [Py] [davidtavarez/pwndb](https://github.com/davidtavarez/pwndb) Search for leaked credentials
- [**441**Star][11d] [Py] [crocs-muni/roca](https://github.com/crocs-muni/roca) ROCA: Infineon RSA key vulnerability
- [**441**Star][14d] [C#] [bitsadmin/nopowershell](https://github.com/bitsadmin/nopowershell) PowerShell rebuilt in C# for Red Teaming purposes
- [**441**Star][10d] [Ruby] [arkadiyt/aws_public_ips](https://github.com/arkadiyt/aws_public_ips) Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
- [**440**Star][3m] [ph055a/osint_collection](https://github.com/ph055a/osint_collection) Maintained collection of OSINT related resources. (All Free & Actionable)
- [**440**Star][9d] [PS] [cyberark/aclight](https://github.com/cyberark/ACLight) A script for advanced discovery of Privileged Accounts - includes Shadow Admins
- [**440**Star][4m] [PS] [p3nt4/invoke-socksproxy](https://github.com/p3nt4/invoke-socksproxy) Socks proxy server using powershell. Supports local and reverse connections for pivoting.
- [**440**Star][2y] [C] [novicelive/research-rootkit](https://github.com/novicelive/research-rootkit) LibZeroEvil & the Research Rootkit project.
- [**440**Star][4y] [Shell] [imagetragick/pocs](https://github.com/imagetragick/pocs) Proof of Concepts for CVE-2016–3714
- [**440**Star][12d] [Java] [fourbrother/kstools](https://github.com/fourbrother/kstools) Android中自动爆破签名工具
- [**440**Star][21d] [dsopas/assessment-mindset](https://github.com/dsopas/assessment-mindset) Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
- [**440**Star][22d] [Go] [coyim/coyim](https://github.com/coyim/coyim) a safe and secure chat client
- [**439**Star][4m] [Py] [kong36088/baiduimagespider](https://github.com/kong36088/baiduimagespider) 一个超级轻量的百度图片爬虫
- [**439**Star][18d] [Java] [xm0625/vbrowser-android](https://github.com/xm0625/vbrowser-android) 全网视频嗅探缓存APP
- [**439**Star][2y] [C#] [squalr/squalr](https://github.com/squalr/squalr) performant Memory Editing software that allows users to create and share cheats in their windows desktop games
- [**439**Star][11d] [JS] [lolimay/shadowsocks-deepin](https://github.com/lolimay/shadowsocks-deepin) a powerful shadowsocks client for linux deepin.
- [**439**Star][4m] [Py] [jotygill/openpyn-nordvpn](https://github.com/jotygill/openpyn-nordvpn) Easily connect to and switch between, OpenVPN servers hosted by NordVPN on Linux (+patch leakes)
- [**439**Star][4y] [Py] [foxglovesec/javaunserializeexploits](https://github.com/foxglovesec/javaunserializeexploits) 
- [**439**Star][11d] [C] [cirosantilli/cpp-cheat](https://github.com/cirosantilli/cpp-cheat) MOVING TO:
- [**439**Star][1y] [Go] [amyangxyz/assassingo](https://github.com/amyangxyz/assassingo) An extensible and concurrency pentest framework in Go, also with WebGUI
- [**438**Star][14d] [HTML] [dnfwah/dnfwah](https://github.com/DNFWAH/DNFWAH) It's an ezine: DO NOT FUCK WITH A HACKER
- [**438**Star][6m] [Py] [ytisf/pyexfil](https://github.com/ytisf/pyexfil) A Python Package for Data Exfiltration
- [**438**Star][11d] [Batchfile] [sagishahar/lpeworkshop](https://github.com/sagishahar/lpeworkshop) Windows/Linux本地提权工作室
- [**438**Star][13d] [Py] [nginxinc/nginx-ldap-auth](https://github.com/nginxinc/nginx-ldap-auth) Example of LDAP authentication using ngx_http_auth_request_module
- [**438**Star][10d] [Go] [mdsecactivebreach/o365-attack-toolkit](https://github.com/mdsecactivebreach/o365-attack-toolkit) A toolkit to attack Office365
- [**438**Star][4m] [Py] [lordamit/brightness](https://github.com/lordamit/brightness) Brightness Controller
- [**438**Star][10d] [Java] [google/closure-templates](https://github.com/google/closure-templates) A client- and server-side templating system that helps you dynamically build reusable HTML and UI elements
- [**437**Star][10d] [Py] [huaying/instagram-crawler](https://github.com/huaying/instagram-crawler) Get Instagram posts/profile/hashtag data without using Instagram API
- [**437**Star][4m] [ObjC] [iosre/smsninja](https://github.com/iosre/smsninja) SMSNinja is a lightweight but highly efficient firewall for blocking and hiding SMS, MMS, iMessages, phone calls and FaceTime on stock Phone and Message Apps.
- [**437**Star][1m] [Py] [lightbulb-framework/lightbulb-framework](https://github.com/lightbulb-framework/lightbulb-framework) Tools for auditing WAFS
- [**437**Star][12d] [C] [hardenedlinux/linux-exploit-development-tutorial](https://github.com/hardenedlinux/linux-exploit-development-tutorial) a series tutorial for linux exploit development to newbie.
- [**437**Star][1m] [Go] [ethereumproject/go-ethereum](https://github.com/ethereumproject/go-ethereum) Go language implementation of the original/classic design of the Ethereum protocol
- [**436**Star][4m] [PHP] [zzjzz9266a/91porn_php](https://github.com/zzjzz9266a/91porn_php) 最简单的91porn爬虫php版本
- [**436**Star][1m] [ObjC] [krausefx/wifiauth](https://github.com/krausefx/wifiauth) Because connecting to WiFis is still an unsolved problem
- [**436**Star][10d] [Lua] [kuoruan/luci-app-v2ray](https://github.com/kuoruan/luci-app-v2ray) LuCI support for V2Ray
- [**436**Star][12d] [Go] [mozilla/tls-observatory](https://github.com/mozilla/tls-observatory) An observatory for TLS configurations, X509 certificates, and more.
- [**436**Star][13d] [Py] [windsooon/cherry](https://github.com/Windsooon/cherry) text classification - no machine learning knowledge needed
- [**436**Star][10d] [Java] [tiagorlampert/saint](https://github.com/tiagorlampert/saint) a Spyware Generator for Windows systems written in Java
- [**436**Star][8m] [C] [thundercls/xanalyzer](https://github.com/thundercls/xanalyzer) xAnalyzer plugin for x64dbg
- [**436**Star][4m] [Java] [spring-cloud/spring-cloud-gcp](https://github.com/spring-cloud/spring-cloud-gcp) Integration for Google Cloud Platform APIs with Spring
- [**436**Star][4m] [C#] [shack2/supersqlinjectionv1](https://github.com/shack2/supersqlinjectionv1) 超级SQL注入工具（SSQLInjection）是一款基于HTTP协议自组包的SQL注入工具,采用C#开发，直接操作TCP会话来进行HTTP交互，支持出现在HTTP协议任意位置的SQL注入，支持各种类型的SQL注入，支持HTTPS模式注入；支持以盲注、错误显示、Union注入等方式来获取数据；支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库；支持手动灵活的进行SQL注入绕过，可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计，需要使用人员对SQL注入有一定了解。
- [**436**Star][4m] [PS] [officedev/o365-investigationtooling](https://github.com/officedev/o365-investigationtooling)  faciliate testing and low-volume activity data acquisition from the Office 365 Management Activity API.
- [**436**Star][10d] [Py] [nsmfoo/antivmdetection](https://github.com/nsmfoo/antivmdetection) Script to create templates to use with VirtualBox to make vm detection harder
- [**436**Star][13d] [Shell] [kabachook/k8s-security](https://github.com/kabachook/k8s-security) Kubernetes security notes and best practices
- [**436**Star][4m] [C] [hfiref0x/vboxhardenedloader](https://github.com/hfiref0x/vboxhardenedloader) VirtualBox VM detection mitigation loader
- [**436**Star][10d] [Py] [evilsocket/smali_emulator](https://github.com/evilsocket/smali_emulator) This software will emulate a smali source file generated by apktool.
- [**435**Star][10d] [Py] [google/fuzzbench](https://github.com/google/fuzzbench) FuzzBench - Fuzzer benchmarking as a service.
- [**435**Star][7d] [PS] [the-xentropy/xencrypt](https://github.com/the-xentropy/xencrypt) A PowerShell script anti-virus evasion tool
- [**435**Star][10d] [Py] [davidbuchanan314/dlinject](https://github.com/davidbuchanan314/dlinject) Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace
- [**435**Star][11d] [C] [mcgill-dmas/kam1n0-community](https://github.com/McGill-DMaS/Kam1n0-Community) a scalable assembly management and analysis platform
    - [IDA插件](https://github.com/McGill-DMaS/Kam1n0-Community/tree/master2.x/kam1n0-clients/ida-plugin) 
    - [kam1n0](https://github.com/McGill-DMaS/Kam1n0-Community/tree/master2.x/kam1n0) 
- [**435**Star][14d] [Go] [kragniz/tor-controller](https://github.com/kragniz/tor-controller) Run Tor onion services on Kubernetes
- [**435**Star][3y] [ObjC] [jackrex/fakewechatloc](https://github.com/jackrex/fakewechatloc) 手把手教你制作一款iOS越狱App
- [**435**Star][4y] [Py] [chishaxie/blindwatermark](https://github.com/chishaxie/blindwatermark) 盲水印 by python
- [**435**Star][11d] [JS] [chichou/bagbak](https://github.com/ChiChou/bagbak) Yet another frida based iOS dumpdecrypted, works on iOS 13 with checkra1n and supports decrypting app extensions
- [**434**Star][27d] [Ruby] [dwbutler/logstash-logger](https://github.com/dwbutler/logstash-logger) Ruby logger that writes logstash events
- [**434**Star][10d] [Go] [squat/kilo](https://github.com/squat/kilo) Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes (k8s + wg = kg)
- [**434**Star][4m] [Go] [tellytv/telly](https://github.com/tellytv/telly) An IPTV proxy
- [**434**Star][12d] [Py] [orangetw/awesome-jenkins-rce-2019](https://github.com/orangetw/awesome-jenkins-rce-2019) There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
- [**434**Star][7m] [Py] [bitbrute/evillimiter](https://github.com/bitbrute/evillimiter) Tool that limits bandwidth of devices on the same network without access.
- [**434**Star][8m] [Ruby] [aderyabin/sniffer](https://github.com/aderyabin/sniffer) Log and Analyze Outgoing HTTP Requests
- [**433**Star][8d] [C] [xqemu/xqemu](https://github.com/xqemu/xqemu) Open-source emulator to play original Xbox games on Windows, macOS, and Linux
- [**433**Star][10d] [Rust] [veloren/veloren](https://github.com/veloren/veloren) [Mirror] An open world, open source voxel RPG inspired by Dwarf Fortress and Cube World
- [**433**Star][17d] [fwgs/cs16-client](https://github.com/fwgs/cs16-client) Counter-Strike 1.6 rewritten client.dll. Without VGUI, ParticleMan and ecology friendy.
- [**433**Star][6m] [Shell] [thesecondsun/bashark](https://github.com/thesecondsun/bashark) Bash post exploitation toolkit
- [**433**Star][4m] [C++] [souhardya/uboat](https://github.com/souhardya/uboat) HTTP Botnet Project
- [**433**Star][2y] [C] [siguza/iohideous](https://github.com/siguza/iohideous) IOHIDFamily 0day
- [**433**Star][11d] [Go] [mauri870/ransomware](https://github.com/mauri870/ransomware) A POC Windows crypto-ransomware (Academic)
- [**433**Star][8m] [C] [desowin/usbpcap](https://github.com/desowin/usbpcap) USB packet capture for Windows
- [**433**Star][3m] [Shell] [d4rk007/redghost](https://github.com/d4rk007/redghost) Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace.
- [**432**Star][18d] [Py] [autocracy/python-ipy](https://github.com/autocracy/python-ipy) IPy are a Python class and tools for handling of IPv4 and IPv6 addresses and networks. It is similar to Net::IP Perl module.
- [**432**Star][12d] [Py] [priyankchheda/chrome_password_grabber](https://github.com/priyankchheda/chrome_password_grabber) Get unencrypted 'Saved Password' from Google Chrome
- [**432**Star][13d] [C#] [security-code-scan/security-code-scan](https://github.com/security-code-scan/security-code-scan) Vulnerability Patterns Detector for C# and VB.NET
- [**432**Star][11d] [Py] [nullhypothesis/exitmap](https://github.com/nullhypothesis/exitmap) A fast and modular scanner for Tor exit relays.
- [**432**Star][10d] [Py] [misterch0c/malsploitbase](https://github.com/misterch0c/malsploitbase) Malware exploits
- [**432**Star][3y] [C++] [malwares/botnet](https://github.com/malwares/botnet) Botnet
- [**432**Star][13d] [HTML] [koutto/jok3r](https://github.com/koutto/jok3r) a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.
- [**432**Star][12d] [Go] [graniet/operative-framework](https://github.com/graniet/operative-framework) operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
- [**432**Star][10d] [Jupyter Notebook] [endgameinc/ember](https://github.com/endgameinc/ember) a collection of features from PE files that serve as a benchmark dataset for researchers.
- [**432**Star][1y] [Py] [d4vinci/cuteit](https://github.com/d4vinci/cuteit) IP obfuscator made to make a malicious ip a bit cuter
- [**432**Star][10d] [Java] [bit4woo/knife](https://github.com/bit4woo/knife) A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
- [**432**Star][18d] [Py] [autocracy/python-ipy](https://github.com/autocracy/python-ipy) IPy are a Python class and tools for handling of IPv4 and IPv6 addresses and networks. It is similar to Net::IP Perl module.
- [**432**Star][10d] [Py] [alecmuffett/real-world-onion-sites](https://github.com/alecmuffett/real-world-onion-sites) This is a list of substantial, commercial-or-social-good mainstream websites which provide onion services.
- [**431**Star][8d] [C] [dhowland/easyavr](https://github.com/dhowland/easyavr) Easy AVR USB Keyboard Firmware and Keymapper
- [**431**Star][9d] [PHP] [wupco/weblogger](https://github.com/wupco/weblogger) 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具
- [**431**Star][2m] [JS] [mozilla/scanjs](https://github.com/mozilla/scanjs) Static analysis tool for javascript code.
- [**431**Star][10d] [Java] [jeremyh/jbcrypt](https://github.com/jeremyh/jbcrypt) A Java implementation of OpenBSD's Blowfish password hashing code
- [**431**Star][15d] [Py] [fossfreedom/indicator-sysmonitor](https://github.com/fossfreedom/indicator-sysmonitor) Ubuntu application indicator to show various system parameters
- [**431**Star][11d] [Py] [breenmachine/httpscreenshot](https://github.com/breenmachine/httpscreenshot) grabbing screenshots and HTML of large numbers of websites.
- [**431**Star][13d] [JS] [bradoyler/xmr-miner](https://github.com/bradoyler/xmr-miner) Web-based Cryptocurrency miner, built with Vue.js
- [**431**Star][4y] [az0ne/azscanner](https://github.com/az0ne/azscanner) Automatic scanner, automatic sub domain blasting, automatic crawl injection, injection, call the sqlmapapi port scan detection, directory service detection and segment blasting, port scanning, vulnerability detection framework commonly used.
- [**431**Star][12d] [PHP] [attackercan/regexp-security-cheatsheet](https://github.com/attackercan/regexp-security-cheatsheet) 
- [**431**Star][5m] [C] [anssi-fr/ad-control-paths](https://github.com/anssi-fr/ad-control-paths) Active Directory Control Paths auditing and graphing tools
- [**431**Star][3m] [C] [alonho/pytrace](https://github.com/alonho/pytrace) pytrace is a fast python tracer. it records function calls, arguments and return values. can be used for debugging and profiling.
- [**431**Star][10d] [Py] [0x4d31/fatt](https://github.com/0x4d31/fatt) a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
- [**431**Star][11d] [C] [0x27/linux.mirai](https://github.com/0x27/linux.mirai) Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
- [**430**Star][10d] [Go] [octarinesec/kube-scan](https://github.com/octarinesec/kube-scan) kube-scan: Octarine k8s cluster risk assessment tool
- [**430**Star][13d] [Py] [xapax/oscp](https://github.com/xapax/oscp) Recon scan
- [**430**Star][28d] [Java] [aosp-mirror/platform_dalvik](https://github.com/aosp-mirror/platform_dalvik) mirrored from https://android.googlesource.com/platform/dalvik.git
- [**430**Star][16d] [C++] [tihmstar/futurerestore](https://github.com/tihmstar/futurerestore) A hacked up idevicerestore wrapper, which allows specifying SEP and Baseband for restoring
- [**430**Star][15d] [Java] [spring-cloud/spring-cloud-aws](https://github.com/spring-cloud/spring-cloud-aws) Integration for Amazon Web Services APIs with Spring
- [**430**Star][11d] [opentechfund/secure-email](https://github.com/opentechfund/secure-email) Overview of projects working on next-generation secure email.
- [**430**Star][13d] [JS] [chokcoco/httphijack](https://github.com/chokcoco/httphijack) 使用Javascript实现前端防御http劫持及防御XSS攻击，并且对可疑攻击进行上报
- [**430**Star][4m] [Jupyter Notebook] [azure/azure-sentinel](https://github.com/azure/azure-sentinel) Cloud-native SIEM for intelligent security analytics for your entire enterprise.
- [**429**Star][9d] [Py] [s0md3v/silver](https://github.com/s0md3v/silver) Mass scan IPs for vulnerable services
- [**429**Star][10d] [CSS] [teejee2008/polo](https://github.com/teejee2008/polo) Advanced file manager for Linux written in Vala. Supports multiple panes (single, dual, quad) with multiple tabs in each pane. Supports archive creation, extraction and browsing. Support for cloud storage; running and managing KVM images, modifying PDF documents and image files, booting ISO files in KVM, and writing ISO files to USB drives.
- [**429**Star][17d] [Py] [facert/tumblr_spider](https://github.com/facert/tumblr_spider) 汤不热 python 多线程爬虫
- [**429**Star][1y] [Py] [powerscript/katanaframework](https://github.com/powerscript/katanaframework) a framework written in python for making penetration testing, based on a simple and comprehensive structure for anyone to use, modify and share
- [**429**Star][4y] [Makefile] [mindmac/androideagleeye](https://github.com/mindmac/androideagleeye) An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
- [**429**Star][15d] [Py] [hahwul/a2sv](https://github.com/hahwul/a2sv) Auto Scanning to SSL Vulnerability
- [**429**Star][8d] [Shell] [functionclub/mtproxy-bash](https://github.com/functionclub/mtproxy-bash) MTProxy 一键搭建管理脚本
- [**429**Star][12d] [dostoevskylabs/dostoevsky-pentest-notes](https://github.com/dostoevskylabs/dostoevsky-pentest-notes) Notes for taking the OSCP in 2097. Read in book form on GitBook
- [**429**Star][2y] [JS] [ciscocsirt/gosint](https://github.com/ciscocsirt/gosint) collecting, processing, and exporting high quality indicators of compromise (IOCs).
- [**428**Star][9d] [Vim script] [jodosha/vim-godebug](https://github.com/jodosha/vim-godebug) Go debugging for Vim
- [**428**Star][11d] [Py] [linklayer/pyvit](https://github.com/linklayer/pyvit)  toolkit for interfacing with cars from Python. It aims to implement common hardware interfaces and protocols used in the automotive systems
- [**428**Star][12d] [C#] [microsoft/binskim](https://github.com/microsoft/binskim) A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
- [**428**Star][10d] [AngelScript] [inquest/malware-samples](https://github.com/inquest/malware-samples) A collection of malware samples and relevant dissection information, most probably referenced from
- [**428**Star][3m] [Py] [idaholab/malcolm](https://github.com/idaholab/malcolm) Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.
- [**428**Star][12d] [Py] [cloudburst/libheap](https://github.com/cloudburst/libheap) python library to examine ptmalloc (the glibc userland heap implementation)
- [**427**Star][18d] [Rust] [exodusvpn/exodus](https://github.com/ExodusVPN/exodus) network proxy and tunnel (VPN)
- [**427**Star][10d] [payloadbox/command-injection-payload-list](https://github.com/payloadbox/command-injection-payload-list) 
- [**427**Star][29d] [Ruby] [svent/jsdetox](https://github.com/svent/jsdetox) A Javascript malware analysis tool
- [**427**Star][14d] [Py] [rub-syssec/kafl](https://github.com/rub-syssec/kafl) Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
- [**427**Star][2y] [ring04h/papers](https://github.com/ring04h/papers) my security summit papers
- [**427**Star][1y] [Shell] [nilotpalbiswas/auto-root-exploit](https://github.com/nilotpalbiswas/auto-root-exploit) Auto Root Exploit Tool
- [**427**Star][5y] [C++] [jonathansalwan/pintools](https://github.com/jonathansalwan/pintools) Pintool example and PoC for dynamic binary analysis
- [**426**Star][4m] [Py] [aploium/zmirror-onekey](https://github.com/aploium/zmirror-onekey) 一键部署zmirror镜像
- [**426**Star][4y] [Py] [x3omdax/penbox](https://github.com/x3omdax/penbox)  A Penetration Testing Framework - The Tool With All The Tools
- [**426**Star][11d] [petoolse/petools](https://github.com/petoolse/petools) PE Tools - Portable executable (PE) manipulation toolkit
- [**426**Star][5m] [C++] [netheril96/securefs](https://github.com/netheril96/securefs) Filesystem in userspace (FUSE) with transparent authenticated encryption
- [**426**Star][13d] [Go] [jpillora/backoff](https://github.com/jpillora/backoff) Simple backoff algorithm in Go (golang)
- [**426**Star][11d] [C#] [goliate/hidden-tear](https://github.com/goliate/hidden-tear) ransomware open-sources
- [**425**Star][10d] [JS] [davellanedam/node-express-mongodb-jwt-rest-api-skeleton](https://github.com/davellanedam/node-express-mongodb-jwt-rest-api-skeleton) This is a basic API REST skeleton written on JavaScript using async/await. Great for building a starter web API for your front-end (Android, iOS, Vue, react, angular, or anything that can consume an API). Demo of frontend in VueJS here:
- [**425**Star][12d] [C#] [beckzhu/simpleremote](https://github.com/beckzhu/simpleremote) Remote Administration Tools
- [**425**Star][11d] [Haskell] [crytic/echidna](https://github.com/crytic/echidna) Ethereum smart contract fuzzer
- [**425**Star][12d] [PS] [stefanscherer/docker-windows-box](https://github.com/stefanscherer/docker-windows-box) Various Vagrant envs with Windows 2019/10 and Docker, Swarm mode, LCOW, WSL2, ...
- [**425**Star][17d] [JS] [joeferner/node-http-mitm-proxy](https://github.com/joeferner/node-http-mitm-proxy) HTTP Man In The Middle (MITM) Proxy
- [**425**Star][17d] [Pascal] [felipedaragon/sandcat](https://github.com/felipedaragon/sandcat) An open-source, pentest and developer-oriented web browser, using the power of Lua
- [**425**Star][10d] [C] [arkq/bluez-alsa](https://github.com/arkq/bluez-alsa) Bluetooth Audio ALSA Backend
- [**424**Star][4m] [C#] [matterpreter/defendercheck](https://github.com/matterpreter/defendercheck) Identifies the bytes that Microsoft Defender flags on.
- [**424**Star][10d] [C#] [xljiulang/networksocket](https://github.com/xljiulang/networksocket) NetworkSocket是一个以中间件(middleware)扩展通讯协议，以插件(plug)扩展服务器功能的支持SSL安全传输的通讯框架；目前支持http、websocket、fast、flex策略与silverlight策略协议。
- [**424**Star][2y] [C++] [unamer/cve-2018-8120](https://github.com/unamer/cve-2018-8120) CVE-2018-8120 Windows LPE exploit
- [**424**Star][2y] [Py] [ridter/cve-2017-11882](https://github.com/ridter/cve-2017-11882) CVE-2017-11882 from
- [**424**Star][4m] [C++] [keyboardio/kaleidoscope](https://github.com/keyboardio/kaleidoscope) Firmware for the Keyboardio Model 01 and other keyboards with AVR or ARM MCUs.
- [**424**Star][17d] [Go] [710leo/urlooker](https://github.com/710leo/urlooker) enterprise-level websites monitoring system
- [**423**Star][9m] [Py] [jonbakerfish/tweetscraper](https://github.com/jonbakerfish/tweetscraper) TweetScraper is a simple crawler/spider for Twitter Search without using API
- [**423**Star][9d] [Py] [raikia/uhoh365](https://github.com/raikia/uhoh365) A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.
- [**423**Star][1y] [TS] [polymer/prpl-server](https://github.com/Polymer/prpl-server) An HTTP server for Node designed to serve PRPL apps in production.
- [**423**Star][17d] [Py] [mitrecnd/chopshop](https://github.com/mitrecnd/chopshop) Protocol Analysis/Decoder Framework
- [**423**Star][4y] [Py] [mengskysama/shadowsocks-rm](https://github.com/mengskysama/shadowsocks-rm) A fast tunnel proxy that helps you bypass firewalls
- [**423**Star][8d] [Shell] [matthewpierson/1033-ota-downgrader](https://github.com/matthewpierson/1033-ota-downgrader) First ever tool to downgrade ANY iPhone 5s, ANY iPad Air and (almost any) iPad Mini 2 to 10.3.3 with OTA blobs + checkm8!
- [**423**Star][20d] [Logos] [limneos/classdump-dyld](https://github.com/limneos/classdump-dyld) Class-dump any Mach-o file without extracting it from dyld_shared_cache
- [**423**Star][11d] [Py] [govanguard/legion](https://github.com/govanguard/legion) Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
- [**423**Star][2y] [Py] [ekultek/pybelt](https://github.com/ekultek/pybelt) The hackers tool belt
- [**423**Star][1y] [C] [darthton/hyperbone](https://github.com/darthton/hyperbone) Minimalistic VT-x hypervisor with hooks
- [**423**Star][10d] [Go] [cretz/bine](https://github.com/cretz/bine) Go library for accessing and embedding Tor clients and servers
- [**423**Star][15d] [Java] [bit4woo/domain_hunter](https://github.com/bit4woo/domain_hunter) A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 
- [**423**Star][4y] [ObjC] [asido/systemmonitor](https://github.com/asido/systemmonitor) iOS application providing you all information about your device - hardware, operating system, processor, memory, GPU, network interface, storage and battery, including OpenGL powered visual representation in real time.
- [**423**Star][4m] [CSS] [angea/pocorgtfo](https://github.com/angea/pocorgtfo) a "Proof of Concept or GTFO" mirror with extra article index, direct links and clean PDFs.
- [**423**Star][2y] [Py] [51x/whp](https://github.com/51x/whp) Micro$oft Windows Hacking Pack
- [**423**Star][10d] [0x4d31/awesome-oscp](https://github.com/0x4d31/awesome-oscp) A curated list of awesome OSCP resources
- [**422**Star][10d] [Go] [projectdiscovery/nuclei](https://github.com/projectdiscovery/nuclei) Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
- [**422**Star][11d] [Shell] [thelinuxchoice/instashell](https://github.com/thelinuxchoice/instashell) Multi-threaded Instagram Brute Forcer without password limit
- [**422**Star][12d] [Py] [vysecurity/domlink](https://github.com/vysecurity/DomLink) A tool to link a domain with registered organisation names and emails, to other domains.
- [**422**Star][3y] [zyfworks/ssr-backup](https://github.com/zyfworks/ssr-backup) ShadowsocksR backups
- [**422**Star][13d] [Go] [sslmate/certspotter](https://github.com/sslmate/certspotter) Certificate Transparency Log Monitor
- [**422**Star][17d] [C++] [simsong/bulk_extractor](https://github.com/simsong/bulk_extractor) bulk_extractor
- [**422**Star][3y] [C++] [rwfpl/rewolf-wow64ext](https://github.com/rwfpl/rewolf-wow64ext) Helper library for x86 programs that runs under WOW64 layer on x64 versions of Microsoft Windows operating systems.
- [**421**Star][7d] [Go] [zmap/zgrab2](https://github.com/zmap/zgrab2) Go Application Layer Scanner
- [**421**Star][2y] [zhengmin1989/greatiosjailbreakmaterial](https://github.com/zhengmin1989/greatiosjailbreakmaterial) Great iOS Jailbreak Material! - I read hundreds of papers and PPTs. Only list the most useful materials here!
- [**421**Star][11d] [C++] [vah13/extracttvpasswords](https://github.com/vah13/extracttvpasswords) tool to extract passwords from TeamViewer memory using Frida
- [**421**Star][1y] [Java] [nccgroup/burpsuitehttpsmuggler](https://github.com/nccgroup/burpsuitehttpsmuggler) A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
- [**421**Star][11d] [JS] [jprichardson/node-google](https://github.com/jprichardson/node-google) A Node.js module to search and scrape Google.
- [**421**Star][24d] [C++] [iaik/rowhammerjs](https://github.com/iaik/rowhammerjs) A Remote Software-Induced Fault Attack in JavaScript
- [**421**Star][3m] [C#] [collinbarrett/filterlists](https://github.com/collinbarrett/filterlists) independent, comprehensive directory of filter and host lists for advertisements, trackers, malware, and annoyances.
- [**421**Star][3m] [C++] [bdring/grbl_esp32](https://github.com/bdring/grbl_esp32) A port of Grbl CNC Firmware for ESP32
- [**420**Star][4m] [PS] [banksecurity/red_team](https://github.com/banksecurity/red_team) Some scripts useful for red team activities
- [**420**Star][12d] [C#] [mr-un1k0d3r/scshell](https://github.com/mr-un1k0d3r/scshell) Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
- [**420**Star][4m] [HTML] [w3c/webappsec](https://github.com/w3c/webappsec) Web Application Security Working Group repo
- [**420**Star][10d] [softwareunderground/awesome-open-geoscience](https://github.com/softwareunderground/awesome-open-geoscience) Curated from repositories that make our lives as geoscientists, hackers and data wranglers easier or just more awesome
- [**420**Star][2y] [C++] [rootm0s/injectors](https://github.com/rootm0s/injectors) 
- [**420**Star][20d] [Ruby] [rocketjob/symmetric-encryption](https://github.com/rocketjob/symmetric-encryption) Symmetric Encryption for Ruby Projects using OpenSSL
- [**420**Star][4m] [prife/virtualappdoc](https://github.com/prife/virtualappdoc) VirtualApp项目的非官方文档
- [**420**Star][16d] [C] [henkaku/henkaku](https://github.com/henkaku/henkaku) Homebrew enabler for PS Vita
- [**420**Star][18d] [Rust] [gamozolabs/orange_slice](https://github.com/gamozolabs/orange_slice) A research kernel and hypervisor attempting to get fully deterministic emulation with minimum performance cost
- [**420**Star][11d] [Py] [dinotools/dionaea](https://github.com/dinotools/dionaea) Home of the dionaea honeypot
- [**420**Star][8d] [C] [devshane/zork](https://github.com/devshane/zork) The DUNGEON (Zork I) source
- [**420**Star][2m] [JS] [crawljax/crawljax](https://github.com/crawljax/crawljax) Crawling Dynamic (JavaScript-based) Web Applications
- [**420**Star][5m] [Py] [bl4de/security-tools](https://github.com/bl4de/security-tools) Collection of small security tools created mostly in Python. CTFs, pentests and so on
- [**419**Star][10d] [Py] [rugantio/fbcrawl](https://github.com/rugantio/fbcrawl) A Facebook crawler
- [**419**Star][1m] [Assembly] [mewmew/dissection](https://github.com/mewmew/dissection) The dissection of a simple "hello world" ELF binary.
- [**419**Star][1y] [C] [titansec/openwaf](https://github.com/titansec/openwaf) Web security protection system based on openresty
- [**419**Star][16d] [Py] [syworks/waidps](https://github.com/syworks/waidps) Wireless Auditing, Intrusion Detection & Prevention System
- [**419**Star][3y] [Go] [subgraph/oz](https://github.com/subgraph/oz) a sandboxing system targeting everyday workstation applications
- [**419**Star][4m] [Py] [random-robbie/my-shodan-scripts](https://github.com/random-robbie/my-shodan-scripts) Collection of Scripts for shodan searching stuff.
- [**419**Star][4m] [ObjC] [mxabc/devdatatool](https://github.com/mxabc/devdatatool) 编码转换、摘要(hash)、加解密（MD5、SHA、SHA3、SM3、HMAC、DES、3DES、AES、SM4）
- [**419**Star][15d] [C++] [msoos/cryptominisat](https://github.com/msoos/cryptominisat) An advanced SAT solver
- [**419**Star][13d] [C] [fireyfly/pixd](https://github.com/fireyfly/pixd) visualizing binary data using a colour palette
- [**419**Star][3m] [JS] [aztecprotocol/aztec](https://github.com/aztecprotocol/aztec) Public repository for the AZTEC protocol
- [**419**Star][4y] [Java] [ac-pm/sslunpinning_xposed](https://github.com/ac-pm/sslunpinning_xposed) Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).
- [**418**Star][3m] [JS] [qiaozi-tech/securityworker](https://github.com/qiaozi-tech/securityworker) The best javascript code protection solution ever.
- [**418**Star][12d] [JS] [zyszys/awesome-captcha](https://github.com/zyszys/awesome-captcha) Curated list of awesome captcha libraries and captcha crack tools.
- [**418**Star][15d] [JS] [securing/gattacker](https://github.com/securing/gattacker) A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
- [**418**Star][10d] [YARA] [guelfoweb/peframe](https://github.com/guelfoweb/peframe) PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
- [**418**Star][22d] [Py] [fate0/pychrome](https://github.com/fate0/pychrome) A Python Package for the Google Chrome Dev Protocol [threading base]
- [**418**Star][16d] [JS] [evilcos/xssor](https://github.com/evilcos/xssor) 方便XSS与CSRF的工具，
- [**418**Star][11d] [JS] [db48x/emularity](https://github.com/db48x/emularity) easily embed emulators
- [**418**Star][6m] [C#] [bloodhoundad/sharphound](https://github.com/bloodhoundad/sharphound) C# Rewrite of the BloodHound Ingestor
- [**418**Star][12d] [C++] [bastibl/gr-ieee802-11](https://github.com/bastibl/gr-ieee802-11) IEEE 802.11 a/g/p Transceiver
- [**417**Star][11d] [Jupyter Notebook] [aaronward/covidify](https://github.com/aaronward/covidify) Covidify - corona virus report and dataset generator for python
- [**417**Star][11d] [Jupyter Notebook] [aaronward/covidify](https://github.com/AaronWard/covidify) Covidify - corona virus report and dataset generator for python
- [**417**Star][10d] [Clojure] [day8/re-frame-10x](https://github.com/day8/re-frame-10x) A debugging dashboard for re-frame. X-ray vision as tooling.
- [**417**Star][5m] [Py] [crytic/slither](https://github.com/crytic/slither) Static Analyzer for Solidity
- [**417**Star][18d] [Py] [jm33-m0/mec](https://github.com/jm33-m0/mec) for concurrent exploiting
- [**417**Star][4m] [PHP] [naneau/php-obfuscator](https://github.com/naneau/php-obfuscator) A parsing PHP obfuscator
- [**417**Star][20d] [ObjC] [lavabit/libdime](https://github.com/lavabit/libdime) The DIME resolver library and command line utilities.
- [**417**Star][11m] [Py] [itayc0hen/a-journey-into-radare2](https://github.com/itayc0hen/a-journey-into-radare2) A series of tutorials about radare2 framework from
- [**417**Star][5m] [Py] [grayddq/publicmonitors](https://github.com/grayddq/publicmonitors) 对公网IP列表进行端口服务扫描，发现周期内的端口服务变化情况和弱口令安全风险
- [**417**Star][6m] [Py] [fox-it/bloodhound.py](https://github.com/fox-it/bloodhound.py) a Python based ingestor for BloodHound, based on Impacket.
- [**417**Star][3m] [C] [deeponion/deeponion-legacy](https://github.com/deeponion/deeponion-legacy) Official Source Repo for DeepOnion - Anonymous Cryptocurrency on TOR Network (legacy)
- [**417**Star][2m] [Py] [ciscocsirt/malspider](https://github.com/ciscocsirt/malspider) Malspider is a web spidering framework that detects characteristics of web compromises.
- [**416**Star][8d] [Lua] [gawen/wirehub](https://github.com/gawen/wirehub) 
- [**416**Star][1m] [Java] [jonathanlermitage/tikione-steam-cleaner](https://github.com/jonathanlermitage/tikione-steam-cleaner) Steam/GOG/Origin games redistributable packages finder and remover. Available in 13 languages.
- [**416**Star][14d] [Py] [williballenthin/python-evtx](https://github.com/williballenthin/python-evtx) Pure Python parser for recent Windows Event Log files (.evtx)
- [**416**Star][10d] [Go] [tg123/sshpiper](https://github.com/tg123/sshpiper) The missing reverse proxy for ssh scp
- [**416**Star][10d] [teoseller/osquery-attck](https://github.com/teoseller/osquery-attck) Mapping the MITRE ATT&CK Matrix with Osquery
- [**416**Star][4m] [Py] [rustyshackleford221/oscp-prep](https://github.com/rustyshackleford221/oscp-prep) A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
- [**416**Star][4y] [Py] [ngalongc/autolocalprivilegeescalation](https://github.com/ngalongc/autolocalprivilegeescalation) An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
- [**416**Star][13d] [Py] [neo23x0/munin](https://github.com/neo23x0/munin) Online hash checker for Virustotal and other services
- [**416**Star][11d] [C++] [istio/proxy](https://github.com/istio/proxy) The Istio proxy components.
- [**416**Star][11d] [C] [freifunk-gluon/gluon](https://github.com/freifunk-gluon/gluon) a modular framework for creating OpenWrt-based firmwares for wireless mesh nodes
- [**416**Star][5y] [C++] [demi6od/smashing_the_browser](https://github.com/demi6od/smashing_the_browser) Smashing The Browser: From Vulnerability Discovery To Exploit
- [**416**Star][2y] [PS] [danielbohannon/invoke-dosfuscation](https://github.com/danielbohannon/invoke-dosfuscation) Cmd.exe Command Obfuscation Generator & Detection Test Harness
- [**416**Star][14d] [Py] [cr4shcod3/pureblood](https://github.com/cr4shcod3/pureblood) A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
- [**415**Star][18d] [Rust] [tagua-vm/tagua-vm](https://github.com/tagua-vm/tagua-vm) Tagua VM is an experimental PHP Virtual Machine that guarantees safety and quality by removing large classes of vulnerabilities thanks to the Rust language and the LLVM Compiler Infrastructure.
- [**415**Star][9d] [Py] [lixiang0/web_kg](https://github.com/lixiang0/web_kg) 爬取百度百科中文页面，抽取三元组信息，构建中文知识图谱
- [**415**Star][21d] [C++] [eelcocramer/node-bluetooth-serial-port](https://github.com/eelcocramer/node-bluetooth-serial-port) Serial I/O over bluetooth for NodeJS
- [**415**Star][11d] [Py] [zhengmin1989/rop_step_by_step](https://github.com/zhengmin1989/rop_step_by_step) 一步一步学ROP
- [**415**Star][2y] [C] [ww9210/linux_kernel_exploits](https://github.com/ww9210/linux_kernel_exploits) Repo for FUZE project. I will also publish some Linux kernel LPE exploits for various real world kernel vulnerabilities here. the samples are uploaded for education purposes for red and blue teams.
- [**415**Star][11d] [C++] [openvpn/openvpn3](https://github.com/openvpn/openvpn3) OpenVPN 3 is a C++ class library that implements the functionality of an OpenVPN client, and is protocol-compatible with the OpenVPN 2.x branch.
- [**415**Star][4y] [Java] [lukefalsina/grab-n-run](https://github.com/lukefalsina/grab-n-run) Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
- [**415**Star][3y] [Py] [kvasirsecurity/kvasir](https://github.com/kvasirsecurity/kvasir) Penetration Test Data Management
- [**415**Star][10d] [hkbakke/bash-insulter](https://github.com/hkbakke/bash-insulter) Insults the user when typing wrong command
- [**415**Star][4m] [Py] [dedsecinside/torbot](https://github.com/dedsecinside/torbot) Dark Web OSINT Tool
- [**415**Star][10d] [Go] [abutaha/aws-es-proxy](https://github.com/abutaha/aws-es-proxy) aws-es-proxy is a small web server application sitting between your HTTP client (browser, curl, etc...) and Amazon Elasticsearch service.
- [**415**Star][15d] [Py] [36hours/idaemu](https://github.com/36hours/idaemu) an IDA Pro Plugin use for emulating code in IDA Pro.
- [**414**Star][13d] [Py] [rieuse/learnpython](https://github.com/rieuse/learnpython) Python的基础练习代码与各种爬虫代码
- [**414**Star][11d] [Shell] [dylanbai8/onekey_caddy_php7_sqlite3](https://github.com/dylanbai8/onekey_caddy_php7_sqlite3) 小内存 VPS 一键搭建 Caddy+PHP7+Sqlite3 环境 （支持VPS最小内存64M），一键翻墙 caddy+web(php+sqlite3)+v2ray+bbr。
- [**414**Star][12d] [Java] [zaproxy/zap-extensions](https://github.com/zaproxy/zap-extensions) OWASP ZAP Add-ons
- [**414**Star][4m] [Py] [tidesec/tidefinger](https://github.com/tidesec/tidefinger) Fingerprinting tool.
- [**414**Star][2y] [Java] [testwhat/smaliex](https://github.com/testwhat/smaliex) A wrapper to get de-optimized dex from odex/oat/vdex.
- [**414**Star][4m] [JS] [nowsecure/r2frida](https://github.com/nowsecure/r2frida) Radare2 and Frida better together.
- [**413**Star][4y] [C#] [zenlulz/memorysharp](https://github.com/zenlulz/memorysharp) A C# based memory editing library targeting Windows applications, offering various functions to extract and inject data and codes into remote processes to allow interoperability.
- [**413**Star][10d] [Java] [wycm/selenium-geetest-crack](https://github.com/wycm/selenium-geetest-crack) selenium破解滑动验证码
- [**413**Star][12d] [vk496/linset](https://github.com/vk496/linset) Evil Twin Attack Bash script
- [**413**Star][3m] [JS] [steamdatabase/steamtracking](https://github.com/steamdatabase/steamtracking) 
- [**413**Star][3y] [Py] [ojasookert/cve-2017-0785](https://github.com/ojasookert/cve-2017-0785) Blueborne CVE-2017-0785 Android information leak vulnerability
- [**413**Star][4m] [Py] [moloch--/rootthebox](https://github.com/moloch--/rootthebox) A Game of Hackers (CTF Scoreboard & Game Manager)
- [**412**Star][11d] [Py] [xitu/macos-security-and-privacy-guide](https://github.com/xitu/macos-security-and-privacy-guide) A practical guide to securing macOS.
- [**412**Star][14d] [Py] [operatorequals/covertutils](https://github.com/operatorequals/covertutils) A framework for Backdoor development!
- [**412**Star][5m] [Jupyter Notebook] [microsoft/windowsdefenderatp-hunting-queries](https://github.com/microsoft/windowsdefenderatp-hunting-queries) Sample queries for Advanced hunting in Microsoft Defender ATP
- [**411**Star][4y] [C] [robertyim/shadowsocksx](https://github.com/RobertYim/ShadowsocksX) Fork of shadowsocks-iOS
- [**411**Star][23d] [Java] [wg/scrypt](https://github.com/wg/scrypt) Java implementation of scrypt
- [**411**Star][15d] [C++] [swwwolf/wdbgark](https://github.com/swwwolf/wdbgark) WinDBG Anti-RootKit Extension
- [**411**Star][17d] [Py] [milo2012/osintstalker](https://github.com/milo2012/osintstalker) osintstalker
- [**411**Star][11d] [C] [markus-go/bonesi](https://github.com/markus-go/bonesi) BoNeSi - the DDoS Botnet Simulator
- [**411**Star][5m] [C++] [kliment/sprinter](https://github.com/kliment/sprinter) Firmware for RepRap printers and similar devices
- [**411**Star][14d] [Go] [kgretzky/dcrawl](https://github.com/kgretzky/dcrawl) Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
- [**411**Star][4m] [Ruby] [digininja/cewl](https://github.com/digininja/cewl) CeWL is a Custom Word List Generator
- [**411**Star][5m] [Py] [christruncer/pentestscripts](https://github.com/christruncer/pentestscripts) Scripts that are useful for me on pen tests
- [**410**Star][26d] [Py] [paloaltonetworks/wirelurkerdetector](https://github.com/PaloAltoNetworks/WireLurkerDetector) Script for detecting the WireLurker malware family
- [**410**Star][13d] [C] [sharebrained/portapack-hackrf](https://github.com/sharebrained/portapack-hackrf) Portability Add-On for the HackRF Software-Defined Radio.
- [**410**Star][23d] [Py] [mandatoryprogrammer/cloudflare_enum](https://github.com/mandatoryprogrammer/cloudflare_enum) Cloudflare DNS Enumeration Tool for Pentesters
- [**410**Star][18d] [Py] [hurricanelabs/machinae](https://github.com/hurricanelabs/machinae) Machinae Security Intelligence Collector
- [**410**Star][17d] [Go] [evilsocket/shellz](https://github.com/evilsocket/shellz) shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
- [**410**Star][4m] [Go] [dan-v/rattlesnakeos-stack](https://github.com/dan-v/rattlesnakeos-stack) Build your own privacy and security focused Android OS in the cloud on a continuous basis with OTA updates.
- [**410**Star][15d] [C++] [cseagle/sk3wldbg](https://github.com/cseagle/sk3wldbg) Debugger plugin for IDA Pro backed by the Unicorn Engine
- [**410**Star][3y] [CSS] [710leo/zvuldrill](https://github.com/710leo/zvuldrill) Web漏洞演练平台
- [**409**Star][1m] [PHP] [tomzx/php-semver-checker](https://github.com/tomzx/php-semver-checker) Compares two source sets and determines the appropriate semantic versioning to apply.
- [**409**Star][7d] [C] [autobleem/autobleem](https://github.com/autobleem/autobleem) AutoBleem - Alternative to BleemSync/BootMenu, C++ based, GameScanner and Updater for Playstation Classic
- [**409**Star][15d] [Py] [mushorg/glastopf](https://github.com/mushorg/glastopf) Web Application Honeypot
- [**409**Star][11d] [cisco-talos/clamav-faq](https://github.com/cisco-talos/clamav-faq) ClamAV FAQ
- [**409**Star][10d] [Java] [spring-cloud/spring-cloud-openfeign](https://github.com/spring-cloud/spring-cloud-openfeign) Support for using OpenFeign in Spring Cloud apps
- [**409**Star][11d] [C++] [rv8-io/rv8](https://github.com/rv8-io/rv8) RISC-V simulator for x86-64
- [**409**Star][12d] [Go] [optiopay/klar](https://github.com/optiopay/klar) Integration of Clair and Docker Registry
- [**409**Star][15d] [Py] [mushorg/glastopf](https://github.com/mushorg/glastopf) Web Application Honeypot
- [**409**Star][2y] [Shell] [killswitch-gui/cobaltstrike-toolkit](https://github.com/killswitch-gui/cobaltstrike-toolkit) Some useful scripts for CobaltStrike
- [**409**Star][6y] [Java] [isecpartners/introspy-android](https://github.com/isecpartners/introspy-android) Security profiling for blackbox Android
- [**409**Star][20d] [C] [coalfire-research/ios-11.1.2-15b202-jailbreak](https://github.com/coalfire-research/ios-11.1.2-15b202-jailbreak) iOS 11.1.2 (15B202) Jailbreak
- [**408**Star][11d] [Py] [mbedmicro/pyocd](https://github.com/mbedmicro/pyocd) Open source Python library for programming and debugging Arm Cortex-M microcontrollers
- [**408**Star][19d] [C] [liudf0716/xkcptun](https://github.com/liudf0716/xkcptun) xkcptun is kcp tunnel for OpenWRT&LEDE, implemented in c language
- [**408**Star][11d] [Py] [fbngrm/matroschka](https://github.com/fbngrm/Matroschka) Python steganography tool to hide images or text in images
- [**408**Star][4m] [Py] [pdbpp/pdbpp](https://github.com/pdbpp/pdbpp) pdb++, a drop-in replacement for pdb (the Python debugger)
- [**408**Star][2m] [JS] [yincongcyincong/proxy-web](https://github.com/yincongcyincong/proxy-web) proxy-web是用go语言写的，基于snail007/goproxy完成的可视化网页应用
- [**408**Star][11d] [C++] [tripwire/tripwire-open-source](https://github.com/tripwire/tripwire-open-source) Open Source Tripwire®
- [**408**Star][4m] [tidesec/tide](https://github.com/tidesec/tide) 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
- [**408**Star][6y] [Py] [paloaltonetworks/wirelurkerdetector](https://github.com/paloaltonetworks/wirelurkerdetector) Script for detecting the WireLurker malware family
- [**408**Star][11d] [Shell] [mthbernardes/sshlooter](https://github.com/mthbernardes/sshlooter) Script to steal passwords from ssh.
- [**408**Star][15d] [HTML] [maestron/reverse-engineering-tutorials](https://github.com/maestron/reverse-engineering-tutorials) Reverse Engineering Tutorials
- [**408**Star][2y] [C] [fuzion24/androidkernelexploitationplayground](https://github.com/fuzion24/androidkernelexploitationplayground)  a hands on guide to Linux kernel exploitation with a special interest in Android
- [**408**Star][2y] [Py] [ezelf/cve-2018-9995_dvr_credentials](https://github.com/ezelf/cve-2018-9995_dvr_credentials) (CVE-2018-9995) Get DVR Credentials
- [**408**Star][11d] [decalage2/awesome-security-hardening](https://github.com/decalage2/awesome-security-hardening) A collection of awesome security hardening guides, tools and other resources
- [**408**Star][4m] [Go] [cloudfoundry/gorouter](https://github.com/cloudfoundry/gorouter) CF Router
- [**408**Star][10m] [Py] [cea-sec/sibyl](https://github.com/cea-sec/sibyl) A Miasm2 based function divination.
- [**407**Star][10d] [otobtc/adhosts](https://github.com/otobtc/adhosts) 手机电脑去广告 hosts&规则 PC&Android
- [**407**Star][10d] [C] [battelle/afl-unicorn](https://github.com/Battelle/afl-unicorn) afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
- [**407**Star][1m] [Py] [riotgames/cloud-inquisitor](https://github.com/riotgames/cloud-inquisitor) Enforce ownership and data security within AWS
- [**407**Star][25d] [C++] [lyle-nel/siga](https://github.com/lyle-nel/siga) Population based metaheuristic for password cracking. Siga(Simple genetic algorithm)
- [**407**Star][5m] [Assembly] [hasherezade/pe_to_shellcode](https://github.com/hasherezade/pe_to_shellcode) Converts PE into a shellcode
- [**407**Star][13d] [JS] [eviltik/evilscan](https://github.com/eviltik/evilscan) NodeJS Simple Network Scanner
- [**407**Star][11d] [Py] [conorpp/btproxy](https://github.com/conorpp/btproxy) Man in the Middle analysis tool for Bluetooth.
- [**407**Star][11d] [Py] [awslabs/aws-security-automation](https://github.com/awslabs/aws-security-automation) Collection of scripts and resources for DevSecOps and Automated Incident Response Security
- [**407**Star][13d] [C++] [alonemonkey/iosrebook](https://github.com/alonemonkey/iosrebook) 《iOS应用逆向与安全》随书源码
- [**406**Star][10d] [Java] [core-lib/xjar](https://github.com/core-lib/xjar) Spring Boot JAR 安全加密运行工具，支持的原生JAR。
- [**406**Star][18d] [Ruby] [openaustralia/morph](https://github.com/openaustralia/morph) Take the hassle out of web scraping
- [**406**Star][11d] [Shell] [vitalysim/totalrecon](https://github.com/vitalysim/totalrecon) TotalRecon installs all the recon tools you need
- [**406**Star][2y] [r0ysue/osg-translationteam](https://github.com/r0ysue/osg-translationteam) 看雪iOS安全小组的翻译团队作品集合，如有勘误，欢迎斧正！
- [**406**Star][12d] [notsosecure/password_cracking_rules](https://github.com/notsosecure/password_cracking_rules) One rule to crack all passwords. or atleast we hope so.
- [**406**Star][10d] [JS] [nccgroup/tracy](https://github.com/nccgroup/tracy) A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
- [**406**Star][5m] [ObjC] [mp0w/ios-headers](https://github.com/mp0w/ios-headers) iOS 5.0/5.1/6.0/6.1/7.0/7.1/8.0/8.1 Headers of All Frameworks (private and not) + SpringBoard
- [**406**Star][15d] [Py] [dirkjanm/ldapdomaindump](https://github.com/dirkjanm/ldapdomaindump) Active Directory information dumper via LDAP
- [**406**Star][5m] [Py] [clr2of8/dpat](https://github.com/clr2of8/dpat) Domain Password Audit Tool for Pentesters
- [**406**Star][4m] [Go] [cloudflare/mitmengine](https://github.com/cloudflare/mitmengine) A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
- [**406**Star][1m] [JS] [cagataycali/xss-listener](https://github.com/cagataycali/xss-listener) 
- [**406**Star][10d] [Py] [atc-project/atomic-threat-coverage](https://github.com/atc-project/atomic-threat-coverage) Actionable analytics designed to combat threats based
- [**406**Star][12d] [Py] [0x4d31/burpa](https://github.com/0x4d31/burpa) A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
- [**405**Star][13d] [CSS] [d2-projects/folder-explorer](https://github.com/d2-projects/folder-explorer) 分析文件目录，统计数据并以树形结构和图表的形式展示结果，也可以导出多种格式留存
- [**405**Star][2m] [Java] [routerkeygen/routerkeygenandroid](https://github.com/routerkeygen/routerkeygenandroid) Router Keygen generate default WPA/WEP keys for several routers.
- [**405**Star][2m] [Ruby] [nviennot/playdrone](https://github.com/nviennot/playdrone) Google Play Crawler
- [**405**Star][4m] [C#] [kyrodan/keeanywhere](https://github.com/kyrodan/keeanywhere) A cloud storage provider plugin for KeePass Password Safe
- [**405**Star][11d] [Go] [jcmturner/gokrb5](https://github.com/jcmturner/gokrb5) Pure Go Kerberos library for clients and services
- [**405**Star][20d] [C] [hackgnar/ble_ctf](https://github.com/hackgnar/ble_ctf) A Bluetooth low energy capture the flag
- [**405**Star][10d] [Ruby] [dradis/dradis-ce](https://github.com/dradis/dradis-ce) Colllaboration and reporting for IT Security teams
- [**405**Star][4y] [Py] [1an0rmus/tekdefense-automater](https://github.com/1an0rmus/tekdefense-automater) Automater - IP URL and MD5 OSINT Analysis
- [**404**Star][11d] [Java] [wfh45678/radar](https://github.com/wfh45678/radar) 实时风控引擎(Risk Engine)，自定义规则引擎（Rule Script），完美支持中文，适用于反欺诈(Anti-fraud)应用场景，开箱即用！！！移动互联网时代的风险管理利器，你 Get 到了吗？
- [**404**Star][10d] [Shell] [uraimo/buildswiftonarm](https://github.com/uraimo/buildswiftonarm) All you need to build Swift on a RaspberryPi or other ARM boards, updated to Swift 5.1.5
- [**404**Star][11d] [Java] [wuxiaosu/xposedwechathelper](https://github.com/wuxiaosu/xposedwechathelper) Xposed 微信辅助模块，实现消息防撤回、模拟位置、运动步数修改、猜拳骰子游戏作弊、零钱余额修改、微信运动一键点赞。
- [**404**Star][10d] [Go] [unixpickle/gobfuscate](https://github.com/unixpickle/gobfuscate) Obfuscate Go binaries and packages
- [**404**Star][10d] [Java] [spring-cloud/spring-cloud-commons](https://github.com/spring-cloud/spring-cloud-commons) Common classes used in different Spring Cloud implementations
- [**404**Star][2y] [Py] [se55i0n/dbscanner](https://github.com/se55i0n/dbscanner) 自动扫描内网常见sql、no-sql数据库脚本(mysql、mssql、oracle、postgresql、redis、mongodb、memcached、elasticsearch)，包含未授权访问及常规弱口令检测
- [**404**Star][14d] [Py] [realgam3/pymultitor](https://github.com/realgam3/pymultitor) PyMultitor - Python Multi Threaded Tor Proxy
- [**404**Star][11d] [Py] [mar10/wsgidav](https://github.com/mar10/wsgidav) A generic and extendable WebDAV server based on WSGI
- [**404**Star][3y] [C] [kablaa/ctf-workshop](https://github.com/kablaa/ctf-workshop) Challenges for Binary Exploitation Workshop
- [**404**Star][1y] [C#] [fdiskyou/powerops](https://github.com/fdiskyou/powerops) PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell "easier"
- [**404**Star][11d] [Makefile] [bettermanbao/openwrt-shadowsocksr-libev-full](https://github.com/bettermanbao/openwrt-shadowsocksr-libev-full) ShadowsocksR-libev-full for OpenWrt
- [**403**Star][7d] [Dockerfile] [onplus/v2hero](https://github.com/onplus/v2hero) All Free . Deploy V2Ray to Heroku . v2ray学习参考
- [**403**Star][11d] [C#] [sonarsource/sonar-dotnet](https://github.com/sonarsource/sonar-dotnet)  static code analyser for C# and VB.​NET languages used as an extension for the SonarQube and SonarCloud platforms.
- [**403**Star][12d] [Py] [savon-noir/python-libnmap](https://github.com/savon-noir/python-libnmap) libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.6 up to 3.4. It's wonderful.
- [**403**Star][8m] [Java] [nccgroup/autorepeater](https://github.com/nccgroup/autorepeater) Automated HTTP Request Repeating With Burp Suite
- [**403**Star][3y] [Java] [irsdl/iis-shortname-scanner](https://github.com/irsdl/iis-shortname-scanner) latest version of scanners for IIS short filename (8.3) disclosure vulnerability
- [**403**Star][1y] [HTML] [gexos/hacking-tools-repository](https://github.com/gexos/hacking-tools-repository) A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
- [**403**Star][1y] [Ruby] [dreadlocked/drupalgeddon2](https://github.com/dreadlocked/drupalgeddon2) Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
- [**403**Star][1y] [Py] [chrismaddalena/odin](https://github.com/chrismaddalena/odin) Automated network asset, email, and social media profile discovery and cataloguing.
- [**402**Star][18d] [Shell] [writeups/ios](https://github.com/writeups/ios) Here you can find write ups for iOS Vulnerabilities that have been released.
- [**402**Star][1y] [Py] [repoog/gitprey](https://github.com/repoog/gitprey) Searching sensitive files and contents in GitHub associated to company name or other key words
- [**402**Star][16d] [JS] [meituan-dianping/lyrebird](https://github.com/meituan-dianping/lyrebird) 基于网络协议的移动应用插件化测试工作台
- [**402**Star][19d] [C++] [llvm-mirror/lldb](https://github.com/llvm-mirror/lldb) Project moved to:
- [**402**Star][3y] [C#] [harmj0y/keethief](https://github.com/harmj0y/keethief) extraction of KeePass 2.X key material from memory, as well as the backdooring and enumeration of the KeePass trigger system.


- [**401**Star][12d] [C#] [addictedcs/soundfingerprinting](https://github.com/addictedcs/soundfingerprinting) audio fingerprinting in .NET. An efficient algorithm for acoustic fingerprinting written purely in C#.
- [**401**Star][4m] [Java] [rikkaapps/shizuku](https://github.com/rikkaapps/shizuku) Using system APIs directly with adb/root privileges from normal apps through a Java process started with app_process.
- [**401**Star][3y] [Py] [sekoialab/fastir_collector](https://github.com/sekoialab/fastir_collector) collects different artefacts on live Windows and records the results in csv or json files. With the analyses of these artefacts, an early compromission can be detected.
- [**401**Star][4m] [Java] [pqpo/inputmethodholder](https://github.com/pqpo/inputmethodholder) A keyboard listener for Android which by hooking the InputMethodManager. 
- [**401**Star][12d] [Py] [pageauc/pi-timolo](https://github.com/pageauc/pi-timolo) Raspberry PI-TIMOLO ( PI-TImelapse, MOtion, LOwLight ) uses RPI picamera and python for Remote Headless Security Monitoring & Auto Sync files with rclone remote storage services. Auto Twilight Transitions and Low Light Camera Settings. This project is featured on Awesome List
- [**401**Star][18d] [CSS] [nowsecure/secure-mobile-development](https://github.com/nowsecure/secure-mobile-development) A Collection of Secure Mobile Development Best Practices
- [**401**Star][2y] [Go] [mwitkow/grpc-proxy](https://github.com/mwitkow/grpc-proxy) a Go reverse proxy that allows for rich routing of gRPC calls with minimum overhead.
- [**401**Star][11d] [C++] [microsoft/llvm-mctoll](https://github.com/microsoft/llvm-mctoll)  statically (AOT) translates (or raises) binaries to LLVM IR
- [**401**Star][2y] [Java] [federicodotta/java-deserialization-scanner](https://github.com/federicodotta/java-deserialization-scanner) All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
- [**401**Star][7d] [Py] [carnal0wnage/weirdaal](https://github.com/carnal0wnage/weirdaal) WeirdAAL (AWS Attack Library)
- [**401**Star][14d] [TS] [bacher09/pwgen-for-bios](https://github.com/bacher09/pwgen-for-bios) Password generator for BIOS
- [**400**Star][4y] [Py] [sensepost/dns-shell](https://github.com/sensepost/dns-shell) an interactive Shell over DNS channel
- [**400**Star][1m] [Scala] [philwantsfish/shard](https://github.com/philwantsfish/shard) A command line tool to detect shared passwords
- [**400**Star][9m] [HTML] [igrigorik/istlsfastyet.com](https://github.com/igrigorik/istlsfastyet.com) Is TLS fast yet? Yes, yes it is.
- [**400**Star][13d] [Swift] [ibm/mac-ibm-enrollment-app](https://github.com/ibm/mac-ibm-enrollment-app) The Mac@IBM enrollment app makes setting up macOS with Jamf Pro more intuitive for users and easier for IT. The application offers IT admins the ability to gather additional information about their users during setup, allows users to customize their enrollment by selecting apps or bundles of apps to install during setup, and provides users with …
- [**400**Star][6m] [Shell] [himanshub16/proxyman](https://github.com/himanshub16/proxyman) Configuring proxy settings made easy.
- [**400**Star][14d] [JS] [derjanb/hamiyoca](https://github.com/derjanb/hamiyoca) Hash me if you can - A Bitcoin miner that supports pure Javscript, WebWorker and WebGL mining.
- [**400**Star][2y] [PS] [cryps1s/darksurgeon](https://github.com/cryps1s/darksurgeon) a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
- [**400**Star][15d] [JS] [capacitorset/box-js](https://github.com/capacitorset/box-js) A tool for studying JavaScript malware.
- [**399**Star][11d] [Py] [ex0dus-0x/brute](https://github.com/ex0dus-0x/brute) security-oriented bruteforce framework
- [**399**Star][4m] [C] [pgaudit/pgaudit](https://github.com/pgaudit/pgaudit) PostgreSQL Audit Extension
- [**399**Star][1y] [C++] [googleprojectzero/functionsimsearch](https://github.com/googleprojectzero/functionsimsearch) Some C++ example code to demonstrate how to perform code similarity searches using SimHashing.
- [**399**Star][4m] [zer0yu/cybersecurityrss](https://github.com/zer0yu/cybersecurityrss) 优秀的个人情报来源
- [**399**Star][11d] [Shell] [thelinuxchoice/instainsane](https://github.com/thelinuxchoice/instainsane) Multi-threaded Instagram Brute Forcer (100 attemps at once)
- [**399**Star][24d] [sweis/crypto-might-not-suck](https://github.com/sweis/crypto-might-not-suck) List of crypto projects that might not suck
- [**399**Star][1m] [JS] [pkrumins/nodejs-proxy](https://github.com/pkrumins/nodejs-proxy) A HTTP proxy server written in node.js
- [**399**Star][10d] [Shell] [myxuchangbin/dnsmasq_sniproxy_install](https://github.com/myxuchangbin/dnsmasq_sniproxy_install) One-click Install and Configure Dnsmasq and Sniproxy for CentOS/Debian/Ubuntu
- [**399**Star][16d] [C] [mist64/hvdos](https://github.com/mist64/hvdos) hvdos, a simple DOS emulator based on the OS X Hypervisor.framework
- [**399**Star][10d] [Py] [micahflee/torbrowser-launcher](https://github.com/micahflee/torbrowser-launcher) Securely and easily download, verify, install, and launch Tor Browser in Linux
- [**399**Star][11d] [Go] [jacksontj/promxy](https://github.com/jacksontj/promxy) An aggregating proxy to enable HA prometheus
- [**399**Star][11d] [HTML] [howsecureismypassword/hsimp](https://github.com/howsecureismypassword/hsimp) How Secure is My Password for your own website
- [**399**Star][14d] [Rust] [google/mundane](https://github.com/google/mundane) Mundane is a Rust cryptography library backed by BoringSSL that is difficult to misuse, ergonomic, and performant (in that order).
- [**399**Star][11d] [Py] [ex0dus-0x/brute](https://github.com/ex0dus-0x/brute) security-oriented bruteforce framework
- [**399**Star][13d] [Py] [essandess/isp-data-pollution](https://github.com/essandess/isp-data-pollution) ISP Data Pollution to Protect Private Browsing History with Obfuscation
- [**399**Star][12d] [C] [csete/gpredict](https://github.com/csete/gpredict) a real time satellite tracking and orbit prediction program
for the Linux desktop
- [**399**Star][12d] [ansible/ansible-lockdown](https://github.com/ansible/ansible-lockdown) Ansible playbook roles for security
- [**398**Star][11d] [TS] [lmmfranco/nintendo-switch-eshop](https://github.com/lmmfranco/nintendo-switch-eshop) Crawler for Nintendo Switch eShop
- [**398**Star][8d] [Ruby] [kumar91gopi/algorithms-and-data-structures-in-ruby](https://github.com/kumar91gopi/algorithms-and-data-structures-in-ruby) Ruby implementation of Algorithms,Data-structures and programming challenges
- [**398**Star][9d] [C++] [mostafa-saad/arabiccompetitiveprogramming](https://github.com/mostafa-saad/arabiccompetitiveprogramming) The repository contains the ENGLISH description files attached to the video series in my ARABIC algorithms channel.
- [**398**Star][13d] [TeX] [radareorg/radare2book](https://github.com/radareorg/radare2book) Radare2 official book
- [**398**Star][15d] [Py] [vysecurity/morphhta](https://github.com/vysecurity/morphHTA) morphHTA - Morphing Cobalt Strike's evil.HTA
- [**398**Star][6m] [ym2011/securitymanagement](https://github.com/ym2011/securitymanagement) share with you some knowledge for Information Security Management,ISO27001,Information Security Class Protect ,SDLC,etc.
- [**398**Star][7d] [Py] [vulscanteam/vulscan](https://github.com/vulscanteam/vulscan) vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
- [**398**Star][10d] [Shell] [ukncsc/lme](https://github.com/ukncsc/lme) Logging Made Easy
- [**398**Star][13d] [udpsec/awesome-vpn](https://github.com/udpsec/awesome-vpn) 科学上网的有趣项目集锦，欢迎大家pr自己喜欢的项目到这里。
- [**398**Star][14d] [C++] [szechyjs/dsd](https://github.com/szechyjs/dsd) Digital Speech Decoder
- [**398**Star][4m] [Py] [sibears/idagolanghelper](https://github.com/sibears/idagolanghelper) Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
- [**398**Star][11d] [Go] [q3k/crowbar](https://github.com/q3k/crowbar) Tunnel TCP over a plain HTTP session (warning: mediocre Go code)
- [**398**Star][10d] [Py] [paulgclark/waveconverter](https://github.com/paulgclark/waveconverter) An Open Source tool for RF reverse engineering.
- [**398**Star][2y] [m0l1ce/wooyunallbugs](https://github.com/m0l1ce/wooyunallbugs) wooyun_all_bugs
- [**398**Star][4m] [Scala] [lihaoyi/utest](https://github.com/lihaoyi/utest) A simple testing framework for Scala
- [**398**Star][2y] [hillbrad/u2freviews](https://github.com/hillbrad/u2freviews) Reviews of U2F devices
- [**398**Star][12d] [Py] [funkandwagnalls/ranger](https://github.com/funkandwagnalls/ranger) A tool for security professionals to access and interact with remote Microsoft Windows based systems.
- [**397**Star][13d] [C] [ebwi11/agentsmith-hids](https://github.com/EBWi11/AgentSmith-HIDS) By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
- [**397**Star][9d] [xsleaks/xsleaks](https://github.com/xsleaks/xsleaks) A collection of browser-based side channel attack vectors.
- [**397**Star][3y] [JS] [mandatoryprogrammer/judasdns](https://github.com/mandatoryprogrammer/judasdns) Nameserver DNS poisoning attacks made easy
- [**397**Star][13d] [Py] [initstring/passphrase-wordlist](https://github.com/initstring/passphrase-wordlist) Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
- [**397**Star][12d] [fr0gger/awesome-ida-x64-olly-plugin](https://github.com/fr0gger/awesome-ida-x64-olly-plugin) Awesome IDA, x64DBG & OllyDBG plugin
- [**397**Star][4m] [Py] [fkie-cad/fact_core](https://github.com/fkie-cad/fact_core) Firmware Analysis and Comparison Tool
- [**397**Star][14d] [Shell] [ctf-wiki/ctf-tools](https://github.com/ctf-wiki/ctf-tools) CTF 工具集合
- [**397**Star][6m] [C] [coolervoid/0d1n](https://github.com/coolervoid/0d1n) Web security tool to make fuzzing at HTTP/S, Beta
- [**397**Star][4y] [PHP] [breakthenet/hackme-sql-injection-challenges](https://github.com/breakthenet/hackme-sql-injection-challenges) Pen test your "friend's" online MMORPG game - specific focus, sql injection opportunities
- [**397**Star][15d] [C] [arialdomartini/morris-worm](https://github.com/arialdomartini/morris-worm) The original Morris Worm source code
- [**396**Star][12d] [C] [protonvpn/android-app](https://github.com/protonvpn/android-app) Official ProtonVPN Android app
- [**396**Star][10d] [lcatro/source-and-fuzzing](https://github.com/lcatro/Source-and-Fuzzing) 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..
- [**396**Star][8m] [Py] [sab0tag3d/siet](https://github.com/sab0tag3d/siet) Smart Install Exploitation Tool
- [**396**Star][4y] [C] [micrictor/stuxnet](https://github.com/micrictor/stuxnet) Open-source decompile of Stuxnet/myRTUs
- [**396**Star][11d] [jaybosamiya/security-notes](https://github.com/jaybosamiya/security-notes) notes on the security related videos I watch (as a way of quick recall).
- [**396**Star][2y] [Py] [frizb/vanquish](https://github.com/frizb/vanquish) Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
- [**395**Star][11d] [HCL] [blueteamlabs/sentinel-attack](https://github.com/blueteamlabs/sentinel-attack) Repository of sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework
- [**395**Star][4m] [Py] [den4uk/andriller](https://github.com/den4uk/andriller) a collection of forensic tools for smartphones
- [**395**Star][15d] [PS] [shellntel/scripts](https://github.com/shellntel/scripts) A collection of scripts from the security professionals at www.shellntel.com.
- [**395**Star][1y] [JS] [linushenze/webkit-regex-exploit](https://github.com/linushenze/webkit-regex-exploit) an exploit for the latest version of Safari (as of Dec. 6 2018).
- [**395**Star][2y] [JS] [empireproject/empire-gui](https://github.com/empireproject/empire-gui) a graphical interface to the Empire post-exploitation Framework
- [**395**Star][10d] [CSS] [appsecco/dvna](https://github.com/appsecco/dvna) Damn Vulnerable NodeJS Application
- [**394**Star][10d] [C] [akospasztor/stm32-bootloader](https://github.com/akospasztor/stm32-bootloader) Customizable Bootloader for STM32 microcontrollers. This example demonstrates how to perform in-application-programming of a firmware located on an external SD card with FAT32 file system.
- [**394**Star][17d] [JS] [koalazak/dorita980](https://github.com/koalazak/dorita980) Unofficial iRobot Roomba and Braava (i7/i7+, 980, 960, 900, e5, 690, 675, m6, etc) node.js library (SDK) to control your robot
- [**394**Star][10d] [tobiasbueschel/awesome-pokemon](https://github.com/tobiasbueschel/awesome-pokemon) A curated list of awesome Pokémon & Pokémon GO resources, tools and more. 
- [**394**Star][10d] [Py] [symbiflow/prjxray](https://github.com/symbiflow/prjxray) Documenting the Xilinx 7-series bit-stream format.
- [**394**Star][14d] [snyk/zip-slip-vulnerability](https://github.com/snyk/zip-slip-vulnerability) Zip Slip Vulnerability (Arbitrary file write through archive extraction)
- [**394**Star][14d] [Py] [shadowsocksr-rm/shadowsocksr](https://github.com/shadowsocksr-rm/shadowsocksr) Python port of ShadowsocksR
- [**394**Star][4y] [C++] [sektioneins/suidguard](https://github.com/sektioneins/suidguard) SUIDGuard - a TrustedBSD Kernel Extension that adds mitigations to protect SUID/SGID processes a bit more
- [**394**Star][8m] [Shell] [screetsec/vegile](https://github.com/screetsec/vegile) set up your backdoor/rootkits when backdoor already setup it will be hidden your specific process,unlimited your session in metasploit and transparent
- [**394**Star][10d] [JS] [privacypass/challenge-bypass-extension](https://github.com/privacypass/challenge-bypass-extension) the Privacy Pass extension implements the Privacy Pass protocol for providing a private authentication mechanism during web browsing.
- [**394**Star][10d] [Rust] [nccgroup/dirble](https://github.com/nccgroup/dirble) Fast directory scanning and scraping tool
- [**394**Star][4m] [Py] [n8henrie/pycookiecheat](https://github.com/n8henrie/pycookiecheat) Borrow cookies from your browser's authenticated session for use in Python scripts.
- [**394**Star][12d] [JS] [le4f/pcap-analyzer](https://github.com/le4f/pcap-analyzer) online pcap forensic
- [**394**Star][1m] [C] [laurelai/decompile-dump](https://github.com/laurelai/decompile-dump) Partial stuxnet source decompiled with hexrays, if anyone has better decompile tools feel free to contribute better versions.
- [**393**Star][13d] [Py] [venomous/cloudscraper](https://github.com/venomous/cloudscraper) A Python module to bypass Cloudflare's anti-bot page.
- [**393**Star][11d] [Go] [jpillora/go-tcp-proxy](https://github.com/jpillora/go-tcp-proxy) A small TCP proxy written in Go
- [**393**Star][10d] [C++] [trendmicro/tlsh](https://github.com/trendmicro/tlsh) a fuzzy matching library
- [**393**Star][16d] [Py] [secynic/ipwhois](https://github.com/secynic/ipwhois) Retrieve and parse whois data for IPv4 and IPv6 addresses
- [**393**Star][2y] [Py] [rhinosecuritylabs/sleuthql](https://github.com/rhinosecuritylabs/sleuthql) Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
- [**393**Star][1m] [C++] [p0sixspwn/p0sixspwn](https://github.com/p0sixspwn/p0sixspwn) Released in accordance with GPL licensing.
- [**393**Star][3y] [Java] [nickstadb/barmie](https://github.com/nickstadb/barmie)  enumerating and attacking Java RMI (Remote Method Invocation) services.
- [**393**Star][9m] [PHP] [msurguy/honeypot](https://github.com/msurguy/honeypot)  a simple and effective way to defer some of the spam bots that come to your site
- [**393**Star][2y] [C++] [liveoverflow/pwnadventure3](https://github.com/liveoverflow/pwnadventure3) PwnAdventure3 Server
- [**393**Star][2m] [ObjC] [kpwn/tpwn](https://github.com/kpwn/tpwn) xnu local privilege escalation via cve-2015-???? & cve-2015-???? for 10.10.5, 0day at the time | poc or gtfo
- [**393**Star][1y] [Ruby] [hatbashbr/hatcloud](https://github.com/hatbashbr/hatcloud) discontinued
- [**393**Star][2y] [Py] [fireeye/reelphish](https://github.com/fireeye/reelphish) real-time-two-factor-phishing-tool
- [**393**Star][2y] [JS] [chpmrc/zero-width-chrome-extension](https://github.com/chpmrc/zero-width-chrome-extension) Replace scary zero-width characters with funny emojis
- [**393**Star][4m] [Py] [chenjj/corscanner](https://github.com/chenjj/corscanner) Fast CORS misconfiguration vulnerabilities scanner
- [**392**Star][8m] [C++] [werkamsus/lilith](https://github.com/werkamsus/lilith) Lilith, The Open Source C++ Remote Administration Tool (RAT)
- [**392**Star][13d] [Shell] [nginx-le/nginx-le](https://github.com/nginx-le/nginx-le) Nginx with automatic let's encrypt (docker image)
- [**392**Star][16d] [Ruby] [stephenfewer/grinder](https://github.com/stephenfewer/grinder) Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.
- [**392**Star][10d] [C++] [stanfordpl/x64asm](https://github.com/stanfordpl/x64asm) x86-64 assembler library
- [**392**Star][3y] [stamparm/eternalrocks](https://github.com/stamparm/eternalrocks) EternalRocks worm
- [**392**Star][10d] [Perl] [rapid7/metasploit-vulnerability-emulator](https://github.com/rapid7/metasploit-vulnerability-emulator) Metasploit Vulnerable Services Emulator
- [**392**Star][15d] [Rust] [microsoft/lain](https://github.com/microsoft/lain) A fuzzer framework built in Rust
- [**392**Star][1y] [Py] [google/upvote](https://github.com/google/upvote) A multi-platform binary whitelisting solution
- [**392**Star][10d] [Java] [google/graphicsfuzz](https://github.com/google/graphicsfuzz) A testing framework for automatically finding and simplifying bugs in graphics shader compilers.
- [**392**Star][29d] [Ruby] [elastic/puppet-elasticsearch](https://github.com/elastic/puppet-elasticsearch) Elasticsearch Puppet module
- [**392**Star][12d] [PHP] [blackarch/webshells](https://github.com/blackarch/webshells) Various webshells. We accept pull requests for additions to this collection.
- [**392**Star][15d] [Py] [bdcht/amoco](https://github.com/bdcht/amoco) yet another tool for analysing binaries
- [**392**Star][12d] [PLpgSQL] [amachanic/sp_whoisactive](https://github.com/amachanic/sp_whoisactive) sp_whoisactive
- [**391**Star][11d] [Shell] [anti-ddos/anti-ddos](https://github.com/anti-ddos/Anti-DDOS) 
- [**391**Star][4y] [PHP] [spiderlabs/mcir](https://github.com/spiderlabs/mcir) The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
- [**391**Star][2m] [Py] [sensepost/snoopy-ng](https://github.com/sensepost/snoopy-ng) modular digital terrestrial tracking framework
- [**391**Star][1y] [C] [ridter/pentest](https://github.com/ridter/pentest) tools
- [**391**Star][17d] [C] [nccgroup/phantap](https://github.com/nccgroup/phantap) Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
- [**391**Star][11d] [HTML] [mubix/post-exploitation-wiki](https://github.com/mubix/post-exploitation-wiki) Post Exploitation Wiki
- [**391**Star][11d] [Go] [mozilla/masche](https://github.com/mozilla/masche) MIG Memory Forensic library
- [**391**Star][3y] [TeX] [mimoo/rsa-and-lll-attacks](https://github.com/mimoo/rsa-and-lll-attacks) attacking RSA via lattice reductions (LLL)
- [**391**Star][14d] [JS] [brannondorsey/dns-rebind-toolkit](https://github.com/brannondorsey/dns-rebind-toolkit) A front-end JavaScript toolkit for creating DNS rebinding attacks.
- [**390**Star][7d] [Java] [six2dez/wahh_extras](https://github.com/six2dez/wahh_extras) The Web Application Hacker's Handbook - Extra Content
- [**390**Star][10d] [Py] [juancarlospaco/faster-than-requests](https://github.com/juancarlospaco/faster-than-requests) Faster requests on Python 3
- [**390**Star][4m] [Java] [ivbaranov/rxbluetooth](https://github.com/ivbaranov/rxbluetooth) Android reactive bluetooth
- [**390**Star][3y] [slyth11907/cheatsheets](https://github.com/slyth11907/cheatsheets) Helped during my OSCP lab days.
- [**390**Star][18d] [JS] [risingstack/protect](https://github.com/risingstack/protect) Proactively protect your Node.js web services
- [**390**Star][10d] [Py] [lyft/metadataproxy](https://github.com/lyft/metadataproxy) A proxy for AWS's metadata service that gives out scoped IAM credentials from STS
- [**390**Star][4m] [hongrisec/web-security-attack](https://github.com/hongrisec/web-security-attack) Web安全相关内容
- [**390**Star][4y] [Py] [gstarnberger/uncompyle](https://github.com/gstarnberger/uncompyle) Python decompiler
- [**390**Star][5m] [Py] [foospidy/honeypy](https://github.com/foospidy/honeypy) A low to medium interaction honeypot.
- [**389**Star][10d] [JS] [andrewda/node-steam-guide](https://github.com/andrewda/node-steam-guide) A guide to creating Steam bots and websites using Node.js
- [**389**Star][10d] [Roff] [ysurac/openmptcprouter](https://github.com/ysurac/openmptcprouter) OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
- [**389**Star][19d] [Shell] [dnscrypt/dnscrypt-server-docker](https://github.com/dnscrypt/dnscrypt-server-docker) A Docker image for a non-censoring, non-logging, DNSSEC-capable, DNSCrypt-enabled DNS resolver
- [**389**Star][7m] [Py] [stamparm/dsss](https://github.com/stamparm/dsss) Damn Small SQLi Scanner
- [**389**Star][21d] [C] [seccomp/libseccomp](https://github.com/seccomp/libseccomp) an easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism
- [**389**Star][16d] [C] [sandeepmistry/arduino-bleperipheral](https://github.com/sandeepmistry/arduino-bleperipheral) An Arduino library for creating custom BLE peripherals with Nordic Semiconductor's nRF8001 or nR51822.
- [**389**Star][22d] [Py] [mricon/rev-proxy-grapher](https://github.com/mricon/rev-proxy-grapher) a useful little tool that will generate a nice graphviz graph illustrating your reverse proxy flow.
- [**389**Star][16d] [Go] [lukechampine/jsteg](https://github.com/lukechampine/jsteg) JPEG steganography
- [**389**Star][7m] [Py] [emtunc/slackpirate](https://github.com/emtunc/slackpirate) Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
- [**389**Star][4m] [C#] [digitalruby/ipban](https://github.com/digitalruby/ipban)  Monitors failed logins and bad behavior and bans ip addresses on Windows and Linux. Highly configurable, lean and powerful.
- [**389**Star][2y] [Java] [davidbuchanan314/nxloader](https://github.com/davidbuchanan314/nxloader) My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)
- [**389**Star][2y] [chryzsh/darthsidious](https://github.com/chryzsh/darthsidious) Building an Active Directory domain and hacking it
- [**389**Star][14d] [C++] [96boards/documentation](https://github.com/96boards/documentation) This repository hosts the documentation for 96Boards products and specifications.
- [**388**Star][11d] [Py] [fsecurelabs/awspx](https://github.com/fsecurelabs/awspx) A graph-based tool for visualizing effective access and resource relationships in AWS environments.
- [**388**Star][3m] [Py] [ydhcui/cnvd-2020-10487-tomcat-ajp-lfi](https://github.com/ydhcui/cnvd-2020-10487-tomcat-ajp-lfi) Tomcat-Ajp协议文件读取漏洞
- [**388**Star][11d] [Go] [slotix/dataflowkit](https://github.com/slotix/dataflowkit) Extract structured data from web sites. Web sites scraping.
- [**388**Star][26d] [PS] [netspi/pesecurity](https://github.com/NetSPI/PESecurity) PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
- [**388**Star][10d] [C++] [googleprojectzero/symboliclink-testing-tools](https://github.com/googleprojectzero/symboliclink-testing-tools) a small suite of tools to test various symbolic link types of Windows
- [**388**Star][4m] [C] [zerosum0x0/smbdoor](https://github.com/zerosum0x0/smbdoor) Windows kernel backdoor via registering a malicious SMB handler
- [**388**Star][11d] [Py] [visipedia/inat_comp](https://github.com/visipedia/inat_comp) iNaturalist competition details
- [**388**Star][26d] [JS] [substack/hyperboot](https://github.com/substack/hyperboot) offline webapp bootloader
- [**388**Star][11d] [C++] [sslab-gatech/qsym](https://github.com/sslab-gatech/qsym) A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
- [**388**Star][8m] [Py] [ptresearch/inteltxe-poc](https://github.com/ptresearch/inteltxe-poc) Intel Management Engine JTAG Proof of Concept
- [**388**Star][1m] [C++] [equalitie/np1sec](https://github.com/equalitie/np1sec) A library for off-the-record (deniable authenticated forward secure confidential) multiparty messaging
- [**388**Star][4m] [Py] [enablesecurity/sipvicious](https://github.com/enablesecurity/sipvicious) SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.
- [**388**Star][15d] [Ruby] [digininja/pipal](https://github.com/digininja/pipal) Pipal, THE password analyser
- [**388**Star][1m] [Ruby] [aphyr/tund](https://github.com/aphyr/tund) SSH reverse tunnel daemon
- [**387**Star][1m] [Py] [mfrister/pushproxy](https://github.com/mfrister/pushproxy) A man-in-the-middle proxy for iOS and OS X device push connections
- [**387**Star][12d] [Java] [yuriy-budiyev/code-scanner](https://github.com/yuriy-budiyev/code-scanner) Code scanner library for Android, based on ZXing
- [**387**Star][10m] [Py] [ynvb/die](https://github.com/ynvb/die)  an IDA python plugin designed to enrich IDA`s static analysis with dynamic data
- [**387**Star][15d] [Go] [wweir/sower](https://github.com/wweir/sower) Sower is a cross-platform intelligent transparent proxy solution.
- [**387**Star][12d] [Jupyter Notebook] [uds-se/fuzzingbook](https://github.com/uds-se/fuzzingbook) The Book "Generating Software Tests"
- [**387**Star][5m] [C] [robertfisk/usg](https://github.com/robertfisk/usg) The USG is Good, not Bad
- [**387**Star][3m] [Shell] [loyess/shell](https://github.com/loyess/shell) Shadowsocks-libev with plugins one-click installation. For example: v2ray-plugin, kcptun, simple-obfs, goquiet, cloak...
- [**387**Star][4m] [Py] [l4ys/lazyida](https://github.com/l4ys/lazyida) Make your IDA Lazy!
        <details>
        <summary>View Details</summary>


        ### 功能
        - 快速移除函数返回类型
        - 数据格式(format)快速转换
        - 扫描字符串格式化漏洞
        - 双击跳转vtable函数
        - 快捷键: w/c/v
        </details>


- [**387**Star][2y] [ObjC] [codermjlee/mjapptools](https://github.com/codermjlee/mjapptools) 【越狱-逆向】处理iOS APP信息的命令行工具
- [**387**Star][11d] [Go] [adguardteam/dnsproxy](https://github.com/adguardteam/dnsproxy) Simple DNS proxy with DoH, DoT, and DNSCrypt support
- [**386**Star][10d] [HTML] [ddosi/hack](https://github.com/ddosi/hack) 
- [**386**Star][11d] [Perl] [truongkma/ctf-tools](https://github.com/truongkma/ctf-tools) tổng hợp tool ctf
- [**386**Star][5m] [Py] [tmr232/sark](https://github.com/tmr232/sark) IDAPython Made Easy
- [**386**Star][4y] [C++] [m00nrise/processhider](https://github.com/m00nrise/processhider) Post-exploitation tool for hiding processes from monitoring applications
- [**386**Star][4m] [Swift] [justeat/justlog](https://github.com/justeat/justlog) JustLog brings logging on iOS to the next level. It supports console, file and remote Logstash logging via TCP socket with no effort. Support for logz.io available.
- [**386**Star][10d] [Py] [artisan-roaster-scope/artisan](https://github.com/artisan-roaster-scope/artisan) helps coffee roasters record, analyze, and control roast profiles
- [**386**Star][11d] [Ruby] [anaynayak/aws-security-viz](https://github.com/anaynayak/aws-security-viz) Visualize your aws security groups.
- [**386**Star][5y] [Py] [ahhh/reverse_dns_shell](https://github.com/ahhh/reverse_dns_shell) A python reverse shell that uses DNS as the c2 channel
- [**385**Star][10d] [PHP] [webpwnized/mutillidae](https://github.com/webpwnized/mutillidae) OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on SamuraiWTF and OWASP BWA. The existing version can be updated on these platforms. With dozens of vulnerabilities a…
- [**385**Star][11d] [Go] [shady831213/algorithms](https://github.com/shady831213/algorithms) CLRS study. Codes are written with golang.
- [**385**Star][18d] [C] [zeex/subhook](https://github.com/zeex/subhook) Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies)
- [**385**Star][2y] [Assembly] [sgayou/kindle-5.6.5-jailbreak](https://github.com/sgayou/kindle-5.6.5-jailbreak) Kindle 5.6.5 exploitation tools.
- [**385**Star][19d] [Py] [pyenchant/pyenchant](https://github.com/pyenchant/pyenchant) spellchecking library for python
- [**385**Star][14d] [C++] [opensecurityresearch/dllinjector](https://github.com/opensecurityresearch/dllinjector) dll injection tool that implements various methods
- [**385**Star][4m] [Java] [jaredrummler/androidshell](https://github.com/jaredrummler/androidshell) Execute shell commands on Android.
- [**385**Star][11d] [Py] [hasherezade/malware_analysis](https://github.com/hasherezade/malware_analysis) Various snippets created during malware analysis
- [**385**Star][10d] [euphrat1ca/security_w1k1](https://github.com/euphrat1ca/security_w1k1) collect
- [**385**Star][10d] [Py] [deresz/funcap](https://github.com/deresz/funcap) IDA Pro script to add some useful runtime info to static analysis
- [**385**Star][4m] [C#] [dahall/taskscheduler](https://github.com/dahall/taskscheduler) Provides a .NET wrapper for the Windows Task Scheduler. It aggregates the multiple versions, provides an editor and allows for localization.
- [**385**Star][12d] [Py] [alexmojaki/snoop](https://github.com/alexmojaki/snoop) A powerful set of Python debugging tools, based on PySnooper
- [**385**Star][4m] [C#] [3f/dllexport](https://github.com/3f/dllexport) .NET DllExport
- [**384**Star][11d] [Shell] [crazy-max/csgo-server-launcher](https://github.com/crazy-max/csgo-server-launcher) 
- [**384**Star][21d] [Shell] [trimstray/otseca](https://github.com/trimstray/otseca)  security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
- [**384**Star][11d] [C++] [netis/packet-agent](https://github.com/netis/packet-agent) A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.
- [**384**Star][4y] [ObjC] [kpwn/yalu](https://github.com/kpwn/yalu) incomplete ios 8.4.1 jailbreak by Kim Jong Cracks (8.4.1 codesign & sandbox bypass w/ LPE to root & untether)
- [**384**Star][1y] [Py] [k4m4/onioff](https://github.com/k4m4/onioff)  inspecting Deep Web URLs (or onions).
- [**384**Star][7m] [JS] [johnno1962/xprobeplugin](https://github.com/johnno1962/xprobeplugin) Live Memory Browser for Apps & Xcode
- [**384**Star][10d] [C++] [jlospinoso/gargoyle](https://github.com/jlospinoso/gargoyle) A memory scanning evasion technique
- [**384**Star][4m] [C] [hzqst/vmwarehardenedloader](https://github.com/hzqst/vmwarehardenedloader) Vmware Hardened VM detection mitigation loader (anti anti-vm)
- [**384**Star][10d] [Py] [fgeek/pyfiscan](https://github.com/fgeek/pyfiscan) Free web-application vulnerability and version scanner
- [**384**Star][13d] [Py] [daniestevez/gr-satellites](https://github.com/daniestevez/gr-satellites) GNU Radio decoders for several Amateur satellites
- [**384**Star][2y] [C++] [breenmachine/rottenpotatong](https://github.com/breenmachine/rottenpotatong) New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
- [**384**Star][21d] [Py] [a0rtega/metame](https://github.com/a0rtega/metame) metame is a metamorphic code engine for arbitrary executables
- [**383**Star][12m] [unprovable/pentesthardware](https://github.com/unprovable/pentesthardware) Kinda useful notes collated together publicly
- [**383**Star][2m] [Py] [moxie0/knockknock](https://github.com/moxie0/knockknock) A simple, secure, and stealthy port knocking implementation that does not use libpcap or bind to a socket interface.
- [**383**Star][8m] [Py] [maldevel/emailharvester](https://github.com/maldevel/emailharvester) Email addresses harvester
- [**383**Star][10d] [Py] [iphelix/dnschef](https://github.com/iphelix/dnschef) DNSChef - DNS proxy for Penetration Testers and Malware Analysts
- [**383**Star][12d] [Py] [gallopsled/pwntools-write-ups](https://github.com/gallopsled/pwntools-write-ups) A colleciton of CTF write-ups all using pwntools
- [**383**Star][25d] [feicong/sec_skills](https://github.com/feicong/sec_skills) 软件安全工程师技能表
- [**383**Star][8m] [C++] [crypto2011/idr](https://github.com/crypto2011/idr) Interactive Delphi Reconstructor
- [**383**Star][16d] [Go] [cardigann/cardigann](https://github.com/cardigann/cardigann) A proxy server for adding new indexers to Sonarr, SickRage and other media managers
- [**383**Star][17d] [JS] [auth0/repo-supervisor](https://github.com/auth0/repo-supervisor) Scan your code for security misconfiguration, search for passwords and secrets.
- [**382**Star][10d] [JS] [cabal-club/cabal-desktop](https://github.com/cabal-club/cabal-desktop) Desktop client for Cabal, the p2p/decentralized/local-first chat platform.
- [**382**Star][8d] [C++] [ggerganov/wave-share](https://github.com/ggerganov/wave-share) Serverless, peer-to-peer, local file sharing through sound
- [**382**Star][12d] [C] [fsecurelabs/kernelfuzzer](https://github.com/FSecureLABS/KernelFuzzer) Cross Platform Kernel Fuzzer Framework
- [**382**Star][12d] [C] [wbenny/injdrv](https://github.com/wbenny/injdrv) proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
- [**382**Star][3y] [PS] [xorrior/remoterecon](https://github.com/xorrior/remoterecon) Remote Recon and Collection
- [**382**Star][3y] [C] [sensepost/usabuse](https://github.com/sensepost/usabuse) Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.
- [**382**Star][4m] [renwax23/xss-payloads](https://github.com/renwax23/xss-payloads) List of XSS Vectors/Payloads
- [**382**Star][4m] [Java] [portswigger/param-miner](https://github.com/portswigger/param-miner) identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities
- [**382**Star][4m] [opencybertranslationproject/linux-basics-for-hackers](https://github.com/opencybertranslationproject/linux-basics-for-hackers) 书籍《Linux Basics for Hackers》2019版中文翻译版
- [**382**Star][15d] [Py] [lightos/credmap](https://github.com/lightos/credmap) The Credential Mapper
- [**382**Star][12d] [C] [jvns/kernel-module-fun](https://github.com/jvns/kernel-module-fun) Some fun things you can do with kernel modules (all "bad ideas")
- [**382**Star][3y] [PS] [gfoss/psrecon](https://github.com/gfoss/psrecon) gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team
- [**382**Star][4m] [Java] [ganyao114/sandvxposed](https://github.com/ganyao114/sandvxposed) Xposed environment without root (OS 5.0 - 10.0)
- [**382**Star][1y] [PS] [ferreirasc/oscp](https://github.com/ferreirasc/oscp) oscp study
- [**382**Star][20d] [C] [coolstar/electra1131](https://github.com/coolstar/electra1131) Electra for iOS 11.0 - 11.3.1
- [**382**Star][12d] [Shell] [plyint/encpass.sh](https://github.com/plyint/encpass.sh) Lightweight solution for using encrypted passwords in shell scripts
- [**381**Star][15d] [isafeblue/mind-map](https://github.com/isafeblue/mind-map) 超详细的渗透测试思维导图
- [**381**Star][10d] [C] [intel/libipt](https://github.com/intel/libipt) libipt - an Intel(R) Processor Trace decoder library
- [**381**Star][4m] [Shell] [whonix/whonix](https://github.com/whonix/whonix) Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.
- [**381**Star][11d] [Java] [syvaidya/openstego](https://github.com/syvaidya/openstego) OpenStego is a steganography application that provides two functionalities: a) Data Hiding: It can hide any data within a cover file (e.g. images). b) Watermarking: Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying.
- [**381**Star][13d] [Py] [scalingexcellence/scrapybook](https://github.com/scalingexcellence/scrapybook) Scrapy Book Code
- [**381**Star][2y] [Shell] [ptb/mac-setup](https://github.com/ptb/mac-setup) Setup Mac:     From zero to fully installed and configured, in an hour.
- [**381**Star][22d] [Makefile] [opensecurityresearch/hostapd-wpe](https://github.com/opensecurityresearch/hostapd-wpe) Modified hostapd to facilitate AP impersonation attacks
- [**381**Star][10d] [C] [lordnoteworthy/cpu-internals](https://github.com/lordnoteworthy/cpu-internals) Intel / AMD CPU Internals
- [**381**Star][10d] [Py] [iphelix/pack](https://github.com/iphelix/pack) PACK (Password Analysis and Cracking Kit)
- [**381**Star][12d] [C] [gbrindisi/malware](https://github.com/gbrindisi/malware) malware source codes
- [**381**Star][10d] [PHP] [fate0/prvd](https://github.com/fate0/prvd) PHP Runtime Vulnerability Detection
- [**381**Star][14d] [C++] [evilsocket/arminject](https://github.com/evilsocket/arminject) An application to dynamically inject a shared object into a running process on ARM architectures.
- [**381**Star][1m] [Py] [depthsecurity/armory](https://github.com/depthsecurity/armory) Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
- [**380**Star][10d] [Py] [lzjqsdd/newsspider](https://github.com/lzjqsdd/newsspider) 爬取今日头条，网易，腾讯等新闻,并建立简单的搜索引擎
- [**380**Star][4m] [Py] [wyatu/cve-2018-20250](https://github.com/wyatu/cve-2018-20250) exp for
- [**380**Star][15d] [veracode-research/solr-injection](https://github.com/veracode-research/solr-injection) Apache Solr Injection Research
- [**380**Star][3y] [Shell] [screetsec/microsploit](https://github.com/screetsec/microsploit) Fast and easy create backdoor office exploitation using module metasploit packet , Microsoft Office , Open Office , Macro attack , Buffer Overflow
- [**380**Star][7m] [C] [rgov/thunderbolt3unblocker](https://github.com/rgov/thunderbolt3unblocker) Enable unsupported Thunderbolt 3 peripherals on macOS
- [**380**Star][14d] [C] [git-hulk/tcpkit](https://github.com/git-hulk/tcpkit) the tcpkit was designed to make network packets programable with Lua script
- [**380**Star][5m] [Swift] [evermeer/passportscanner](https://github.com/evermeer/passportscanner) Scan the MRZ code of a passport and extract the firstname, lastname, passport number, nationality, date of birth, expiration date and personal numer.
- [**380**Star][13d] [Go] [cloudflare/ahocorasick](https://github.com/cloudflare/ahocorasick) A Golang implementation of the Aho-Corasick string matching algorithm
- [**380**Star][14d] [Py] [cesar-rodriguez/terrascan](https://github.com/cesar-rodriguez/terrascan) Collection of security and best practice test for static code analysis of terraform templates
- [**380**Star][15d] [veracode-research/solr-injection](https://github.com/veracode-research/solr-injection) Apache Solr Injection Research
- [**379**Star][10d] [Py] [entynetproject/ghost](https://github.com/entynetproject/ghost) Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
- [**379**Star][10d] [Java] [patrickfav/blurtestandroid](https://github.com/patrickfav/blurtestandroid) This is a simple App to test some blur algorithms on their visual quality and performance.
- [**379**Star][16d] [hackerschoice/thc-tesla-powerwall2-hack](https://github.com/hackerschoice/thc-tesla-powerwall2-hack) TESLA PowerWall 2 Security Shenanigans
- [**379**Star][10d] [Py] [dnscrypt/dnscrypt-resolvers](https://github.com/dnscrypt/dnscrypt-resolvers) Lists of public DNSCrypt / DoH DNS servers and DNS relays
- [**379**Star][1y] [Py] [s0md3v/cloak](https://github.com/s0md3v/Cloak) Cloak can backdoor any python script with some tricks.
- [**379**Star][10d] [Java] [eclipse/steady](https://github.com/eclipse/steady) Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy.
- [**379**Star][5y] [Py] [rrenaud/gibberish-detector](https://github.com/rrenaud/gibberish-detector) A small program to detect gibberish using a Markov Chain
- [**379**Star][2y] [Py] [rhynorater/cve-2018-15473-exploit](https://github.com/rhynorater/cve-2018-15473-exploit) Exploit written in Python for CVE-2018-15473 with threading and export formats
- [**379**Star][11d] [Ruby] [puppetlabs/puppetlabs-mysql](https://github.com/puppetlabs/puppetlabs-mysql) MySQL Puppet Module / Manifests + Types & Providers
- [**379**Star][10d] [pomerium/awesome-zero-trust](https://github.com/pomerium/awesome-zero-trust) A curated collection of awesome resources for the zero-trust security model.
- [**379**Star][4m] [Py] [p1sec/qcsuper](https://github.com/p1sec/qcsuper) QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G radio frames, among other things.
- [**379**Star][10d] [mattnotmax/cyberchef-recipes](https://github.com/mattnotmax/cyberchef-recipes) A list of cyber-chef recipes
- [**379**Star][10d] [Java] [hubspot/jinjava](https://github.com/hubspot/jinjava) Jinja template engine for Java
- [**379**Star][4m] [C] [heardrwt/revealloader](https://github.com/heardrwt/revealloader) Reveal Loader dynamically loads libReveal.dylib (Reveal.app support) into iOS apps on jailbroken devices.
- [**379**Star][10d] [Py] [fireeye/stringsifter](https://github.com/fireeye/stringsifter) A machine learning tool that ranks strings based on their relevance for malware analysis.
- [**379**Star][10d] [Py] [denyhosts/denyhosts](https://github.com/denyhosts/denyhosts) Automated host blocking from SSH brute force attacks
- [**379**Star][4m] [Py] [checkpointsw/karta](https://github.com/checkpointsw/karta) source code assisted fast binary matching plugin for IDA
- [**379**Star][2y] [Py] [1111joe1111/ida_ea](https://github.com/1111joe1111/ida_ea) A set of exploitation/reversing aids for IDA
- [**378**Star][14d] [Py] [rbsec/dnscan](https://github.com/rbsec/dnscan) a python wordlist-based DNS subdomain scanner.
- [**378**Star][3m] [C] [liji32/sameboy](https://github.com/liji32/sameboy) Game Boy and Game Boy Color emulator written in C
- [**378**Star][5m] [PS] [gdedrouas/exchange-ad-privesc](https://github.com/gdedrouas/exchange-ad-privesc) Exchange privilege escalations to Active Directory
- [**378**Star][6y] [C++] [clymb3r/kdexploitme](https://github.com/clymb3r/kdexploitme) A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.
- [**378**Star][11d] [Shell] [brainfucksec/kalitorify](https://github.com/brainfucksec/kalitorify) a shell script for Kali Linux which use iptables settings to create a Transparent Proxy through the Tor Network, the program also allows you to perform various checks like checking the Tor Exit Node (i.e. your public IP when you are under Tor proxy), or if Tor has been configured correctly checking service and network settings.
- [**378**Star][1y] [PHP] [bo0om/php_imap_open_exploit](https://github.com/bo0om/php_imap_open_exploit) Bypassing disabled exec functions in PHP (c) CRLF
- [**378**Star][2y] [bluscreenofjeff/aggressorscripts](https://github.com/bluscreenofjeff/aggressorscripts) Aggressor scripts for use with Cobalt Strike 3.0+
- [**377**Star][5m] [reddrip7/apt_digital_weapon](https://github.com/reddrip7/apt_digital_weapon) Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
- [**377**Star][10d] [Py] [damianmoore/photonix](https://github.com/damianmoore/photonix) This is a new web-based photo management application. Run it on your home server and it will let you find the right photo from your collection on any device. Smart filtering is made possible by object recognition, location awareness, color analysis and other ML algorithms.
- [**377**Star][4m] [Java] [zc-zh-001/shadowsocks-share](https://github.com/zc-zh-001/shadowsocks-share) 示例站点
- [**377**Star][13d] [Makefile] [xdite/internet-security](https://github.com/xdite/internet-security) 互联网资安风控实战
- [**377**Star][5m] [Ruby] [winrb/winrm](https://github.com/winrb/winrm) Ruby library for Windows Remote Management
- [**377**Star][4m] [C#] [technitiumsoftware/dnsserver](https://github.com/technitiumsoftware/dnsserver) Technitium DNS Server
- [**377**Star][1y] [Py] [secrary/ssma](https://github.com/secrary/ssma) SSMA - Simple Static Malware Analyzer [This project is not maintained anymore]
- [**377**Star][19d] [Elixir] [robinmonjo/coincoin](https://github.com/robinmonjo/coincoin) Blockchain based cryptocurrency proof-of-concept in Elixir. Feedback welcome
- [**377**Star][29d] [Py] [rc0r/afl-utils](https://github.com/rc0r/afl-utils) Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization
- [**377**Star][11d] [C] [orangetw/tsh](https://github.com/orangetw/tsh) Tiny SHell is an open-source UNIX backdoor.
- [**377**Star][8d] [PHP] [nikicat/web-malware-collection](https://github.com/nikicat/web-malware-collection) Clone of svn repository of
- [**377**Star][11d] [Java] [jaegertracing/jaeger-client-java](https://github.com/jaegertracing/jaeger-client-java) Jaeger Bindings for Java OpenTracing API
- [**377**Star][3y] [georgiaw/smartphone-pentest-framework](https://github.com/georgiaw/smartphone-pentest-framework) Repository for the Smartphone Pentest Framework (SPF)
- [**377**Star][4m] [Go] [frichetten/cve-2019-5736-poc](https://github.com/frichetten/cve-2019-5736-poc) PoC for CVE-2019-5736
- [**377**Star][4y] [JS] [allfro/burpkit](https://github.com/allfro/burpkit) Next-gen BurpSuite penetration testing tool
- [**376**Star][10d] [Py] [mildsunrise/protobuf-inspector](https://github.com/mildsunrise/protobuf-inspector) 
- [**376**Star][10d] [Scala] [pathikrit/scalgos](https://github.com/pathikrit/scalgos) algorithms in scala
- [**376**Star][4m] [C] [turing-technician/fasthook](https://github.com/turing-technician/fasthook) Android ART Hook
- [**376**Star][11d] [C++] [theevilbit/injection](https://github.com/theevilbit/injection) various process injection technique
- [**376**Star][5y] [PHP] [onesourcecat/phpvulhunter](https://github.com/onesourcecat/phpvulhunter) A tool that can scan php vulnerabilities automatically using static analysis methods
- [**376**Star][4m] [no-github/dork-admin](https://github.com/no-github/dork-admin) 盘点近年来的数据泄露、供应链污染事件
- [**376**Star][4m] [C++] [namecoin/namecoin-core](https://github.com/namecoin/namecoin-core) Reimplementation of Namecoin on top of the current Bitcoin Core codebase.
- [**376**Star][2y] [Shell] [m4sc3r4n0/evil-droid](https://github.com/m4sc3r4n0/evil-droid) a framework that create & generate & embed apk payload to penetrate android platforms
- [**376**Star][4m] [Py] [gosecure/pyrdp](https://github.com/gosecure/pyrdp) RDP man-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
- [**375**Star][19d] [PHP] [roave/no-leaks](https://github.com/roave/no-leaks) 
- [**375**Star][11m] [Ruby] [mdp/gibberish](https://github.com/mdp/gibberish) Simple Ruby encryption module
- [**375**Star][11d] [C++] [googleprojectzero/brokentype](https://github.com/googleprojectzero/BrokenType) TrueType and OpenType font fuzzing toolset
- [**375**Star][8d] [C] [xyzz/vita-moonlight](https://github.com/xyzz/vita-moonlight) NVIDIA Gamestream client for PlayStation Vita, based on moonlight-embedded
- [**375**Star][12d] [ObjC] [wzqcongcong/macsubstrate](https://github.com/wzqcongcong/macsubstrate) Substrate for macOS
- [**375**Star][11d] [Java] [portswigger/backslash-powered-scanner](https://github.com/portswigger/backslash-powered-scanner) Finds unknown classes of injection vulnerabilities
- [**375**Star][14d] [C] [k0keoyo/kdriver-fuzzer](https://github.com/k0keoyo/kdriver-fuzzer) 基于ioctlbf框架编写的驱动漏洞挖掘工具kDriver Fuzzer
- [**375**Star][10d] [Java] [jaegertracing/jaeger-kubernetes](https://github.com/jaegertracing/jaeger-kubernetes) Support for deploying Jaeger into Kubernetes
- [**375**Star][12d] [Java] [jackofmosttrades/gadgetinspector](https://github.com/jackofmosttrades/gadgetinspector) A byte code analyzer for finding deserialization gadget chains in Java applications
- [**375**Star][14d] [Py] [iojw/socialscan](https://github.com/iojw/socialscan) Check email address and username availability on online platforms with 100% accuracy
- [**375**Star][11d] [Ruby] [cyberark/conjur](https://github.com/cyberark/conjur) CyberArk Conjur automatically secures secrets used by privileged users and machine identities
- [**375**Star][1y] [Py] [crypt0s/fakedns](https://github.com/crypt0s/fakedns) A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
- [**375**Star][3y] [C] [cr4sh/windowsregistryrootkit](https://github.com/cr4sh/windowsregistryrootkit) Kernel rootkit, that lives inside the Windows registry values data
- [**375**Star][3y] [Py] [ajinabraham/owasp-xenotix-xss-exploit-framework](https://github.com/ajinabraham/owasp-xenotix-xss-exploit-framework) OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
- [**374**Star][12d] [Py] [valvepython/steam](https://github.com/valvepython/steam) 
- [**374**Star][11d] [PHP] [s0md3v/nano](https://github.com/s0md3v/nano) a family of PHP web shells which are code golfed for stealth.
- [**374**Star][1m] [JS] [thlorenz/visulator](https://github.com/thlorenz/visulator) A machine emulator that visualizes how each instruction is processed
- [**374**Star][12d] [Java] [elkokc/reflector](https://github.com/elkokc/reflector) Burp plugin able to find reflected XSS on page in real-time while browsing on site
- [**374**Star][12d] [Py] [ebranca/owasp-pysec](https://github.com/ebranca/owasp-pysec) OWASP Python Security Project
- [**374**Star][2y] [Py] [cclabsinc/rfcrack](https://github.com/cclabsinc/rfcrack) A Software Defined Radio Attack Tool
- [**373**Star][12d] [Py] [sethblack/python-seo-analyzer](https://github.com/sethblack/python-seo-analyzer) An SEO tool that analyzes the structure of a site, crawls the site, count words in the body of the site and warns of any technical SEO issues.
- [**373**Star][10d] [JS] [cabal-club/cabal-cli](https://github.com/cabal-club/cabal-cli) Terminal client for Cabal, the p2p chat platform.
- [**373**Star][3m] [Py] [eqblog/91_porn_spider](https://github.com/eqblog/91_porn_spider) 91porn爬虫
- [**373**Star][20d] [JS] [fsecurelabs/dref](https://github.com/FSecureLABS/dref) DNS Rebinding Exploitation Framework
- [**373**Star][1y] [c] [cryptsetup/cryptsetup](https://gitlab.com/cryptsetup/cryptsetup) 
- [**373**Star][13d] [C] [royhills/arp-scan](https://github.com/royhills/arp-scan) The ARP Scanner
- [**373**Star][10d] [Py] [initstring/linkedin2username](https://github.com/initstring/linkedin2username) Generate username lists for companies on LinkedIn
- [**373**Star][13d] [hannob/vulns](https://github.com/hannob/vulns) Named vulnerabilities and their practical impact
- [**373**Star][11d] [Java] [esapi/esapi-java-legacy](https://github.com/esapi/esapi-java-legacy) ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
- [**373**Star][2y] [Py] [c0ny1/xxe-lab](https://github.com/c0ny1/xxe-lab) 一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
- [**373**Star][14d] [Py] [admintony/svnexploit](https://github.com/admintony/svnexploit) SvnExploit支持SVN源代码泄露全版本Dump源码
- [**372**Star][3y] [C++] [saantiaguilera/android-api-securekeys](https://github.com/saantiaguilera/android-api-securekeys) Store data in a simple and secure way
- [**372**Star][9m] [Shell] [maldevel/pentestkit](https://github.com/maldevel/pentestkit) Useful tools and scripts used during Penetration Tests.
- [**372**Star][1m] [Ruby] [jjyg/metasm](https://github.com/jjyg/metasm) This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby
- [**372**Star][2m] [Py] [internetarchive/brozzler](https://github.com/internetarchive/brozzler) brozzler - distributed browser-based web crawler
- [**372**Star][4m] [C#] [fuzzysecurity/sharp-suite](https://github.com/fuzzysecurity/sharp-suite) My musings with C#
- [**372**Star][2y] [Shell] [functionclub/yankeebbr](https://github.com/functionclub/yankeebbr) 来自Loc大佬Yankee魔改的BBR的Debian一键安装包
- [**372**Star][11d] [C] [emptymonkey/revsh](https://github.com/emptymonkey/revsh) A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
- [**372**Star][1y] [Assembly] [egebalci/amber](https://github.com/egebalci/amber) a reflective PE packer for bypassing security products and mitigations
- [**372**Star][2m] [C] [brl/obfuscated-openssh](https://github.com/brl/obfuscated-openssh) strengthens the initial SSH handshake against systems that identify or classify various network protocols by examining data in  transit for static signatures
- [**372**Star][15d] [C] [bretley/how2exploit_binary](https://github.com/bretley/how2exploit_binary) An in depth tutorial on how to do binary exploitation
- [**372**Star][10m] [b3nac/android-reports-and-resources](https://github.com/b3nac/android-reports-and-resources) A big list of Android Hackerone disclosed reports and other resources.
- [**372**Star][12d] [Py] [androidhooker/hooker](https://github.com/androidhooker/hooker) Hooker is an opensource project for dynamic analyses of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application.
- [**372**Star][2y] [Go] [alexkohler/prealloc](https://github.com/alexkohler/prealloc) prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
- [**372**Star][1y] [Py] [ajinabraham/xenotix-python-keylogger](https://github.com/ajinabraham/xenotix-python-keylogger) Xenotix Python Keylogger for Windows.
- [**371**Star][12d] [Py] [ankane/s3tk](https://github.com/ankane/s3tk) A security toolkit for Amazon S3
- [**371**Star][17d] [C] [tboox/vm86](https://github.com/tboox/vm86) a very simple and lightweight x86 virtual machine
- [**371**Star][4y] [Py] [ywolf/f-nascan](https://github.com/ywolf/f-nascan) Scanning a network asset information script
- [**371**Star][10m] [Py] [xtiankisutsa/mara_framework](https://github.com/xtiankisutsa/mara_framework) MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
- [**371**Star][11d] [Py] [theopolis/uefi-firmware-parser](https://github.com/theopolis/uefi-firmware-parser) Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc
- [**371**Star][1m] [Py] [roglew/pappy-proxy](https://github.com/roglew/pappy-proxy) An intercepting proxy for web application testing
- [**371**Star][21d] [C] [psgroove/psgroove](https://github.com/psgroove/psgroove) PSGroove
- [**371**Star][11d] [Py] [peplin/pygatt](https://github.com/peplin/pygatt) Python wrapper for gatttool (a deprecated tool from BlueZ) and the BGAPI for accessing Bluetooth LE Devices
- [**371**Star][1m] [Py] [openrce/pydbg](https://github.com/openrce/pydbg) A pure-python win32 debugger interface.
- [**371**Star][4m] [PS] [netspi/pesecurity](https://github.com/netspi/pesecurity) PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
- [**371**Star][2m] [TS] [cazala/coin-hive-stratum](https://github.com/cazala/coin-hive-stratum) use CoinHive's JavaScript miner on any stratum pool
- [**370**Star][22d] [Go] [vishvananda/wormhole](https://github.com/vishvananda/wormhole) A smart proxy to connect docker containers.
- [**370**Star][19d] [Shell] [orlikoski/skadi](https://github.com/orlikoski/Skadi) collection, processing and advanced analysis of forensic artifacts and images.
- [**370**Star][18d] [trevp/double_ratchet](https://github.com/trevp/double_ratchet) Double Ratchet Algorithm
- [**370**Star][10d] [C] [trailofbits/cb-multios](https://github.com/trailofbits/cb-multios) DARPA Challenges Sets for Linux, Windows, and macOS
- [**370**Star][12d] [Py] [sangaline/advanced-web-scraping-tutorial](https://github.com/sangaline/advanced-web-scraping-tutorial) The Zipru scraper developed in the Advanced Web Scraping Tutorial.
- [**370**Star][14d] [Py] [rek7/fireelf](https://github.com/rek7/fireelf) Fileless Linux Malware Framework
- [**370**Star][4m] [C] [lemire/code-used-on-daniel-lemire-s-blog](https://github.com/lemire/code-used-on-daniel-lemire-s-blog) This is a repository for the code posted on my blog
- [**370**Star][14d] [C] [google/safeside](https://github.com/google/safeside) Understand and mitigate software-observable side-channels
- [**370**Star][10d] [Ruby] [calebfenton/dex-oracle](https://github.com/calebfenton/dex-oracle) A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
- [**370**Star][10d] [C#] [andrew-schofield/keepass2-haveibeenpwned](https://github.com/andrew-schofield/keepass2-haveibeenpwned) Simple Have I Been Pwned checker for KeePass
- [**369**Star][23d] [my8100/files](https://github.com/my8100/files) Docs and files for ScrapydWeb, Scrapyd, Scrapy, and other projects
- [**369**Star][12d] [Go] [quay/jwtproxy](https://github.com/quay/jwtproxy) An HTTP-Proxy that adds AuthN through JWTs
- [**369**Star][18d] [Py] [bugscanteam/hackhttp](https://github.com/bugscanteam/hackhttp) Hackhttp is an HTTP library, written in Python.
- [**369**Star][12d] [TeX] [vlsergey/infosec](https://github.com/vlsergey/infosec) Учебное пособие по защите информации кафедры радиотехники и систем управления МФТИ
- [**369**Star][4m] [stardustsky/saidict](https://github.com/stardustsky/saidict) 弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
- [**369**Star][13d] [Py] [stamusnetworks/scirius](https://github.com/stamusnetworks/scirius) Scirius is a web application for Suricata ruleset management.
- [**369**Star][12d] [Java] [rsmudge/cortana-scripts](https://github.com/rsmudge/cortana-scripts) A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.
- [**369**Star][30d] [C] [rafael-santiago/pig](https://github.com/rafael-santiago/pig) A Linux packet crafting tool.
- [**369**Star][12d] [Java] [neo4j-contrib/neo4j-mazerunner](https://github.com/neo4j-contrib/neo4j-mazerunner) Mazerunner extends a Neo4j graph database to run scheduled big data graph compute algorithms at scale with HDFS and Apache Spark.
- [**369**Star][4m] [C] [mattiwatti/efiguard](https://github.com/mattiwatti/efiguard) Disable PatchGuard and DSE at boot time
- [**369**Star][13d] [Py] [maldevel/gdog](https://github.com/maldevel/gdog) A fully featured Windows backdoor that uses Gmail as a C&C server
- [**369**Star][3m] [Haskell] [lambdahack/lambdahack](https://github.com/lambdahack/lambdahack) Haskell game engine library for roguelike dungeon crawlers; please offer feedback, e.g., after trying out the sample game with the web frontend at
- [**369**Star][10d] [Py] [joxeankoret/pigaios](https://github.com/joxeankoret/pigaios) A tool for matching and diffing source codes directly against binaries.
- [**369**Star][23d] [Py] [jasonstrimpel/volatility-trading](https://github.com/jasonstrimpel/volatility-trading) A complete set of volatility estimators based on Euan Sinclair's Volatility Trading
- [**369**Star][13d] [C] [e-ago/bitcracker](https://github.com/e-ago/bitcracker) BitCracker is the first open source password cracking tool for memory units encrypted with BitLocker
- [**368**Star][3m] [stuxnet999/memlabs](https://github.com/stuxnet999/memlabs) Educational, CTF-styled labs for individuals interested in Memory Forensics
- [**368**Star][15d] [Elixir] [danielberkompas/cloak](https://github.com/danielberkompas/cloak) Elixir encryption library designed for Ecto
- [**368**Star][11d] [Swift] [cosmicmind/samples](https://github.com/cosmicmind/samples) Sample projects using Material, Graph, and Algorithm.
- [**368**Star][11d] [Py] [lucifer1993/tpscan](https://github.com/lucifer1993/tpscan) 一键ThinkPHP漏洞检测
- [**368**Star][13d] [C++] [thosakwe/t2b](https://github.com/thosakwe/t2b) A wicked-powerful text macro language for building binary files.
- [**368**Star][10d] [Py] [teamhg-memex/scrapy-rotating-proxies](https://github.com/teamhg-memex/scrapy-rotating-proxies) use multiple proxies with Scrapy
- [**368**Star][3y] [Java] [ssun125/lanmitm](https://github.com/ssun125/lanmitm) Android中间人攻击测试工具
- [**368**Star][15d] [Shell] [r00t-3xp10it/backdoorppt](https://github.com/r00t-3xp10it/backdoorppt) transform your payload.exe into one fake word doc (.ppt)
- [**368**Star][13d] [Py] [opsdisk/pagodo](https://github.com/opsdisk/pagodo) pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
- [**368**Star][10d] [HCL] [nozaq/terraform-aws-secure-baseline](https://github.com/nozaq/terraform-aws-secure-baseline) Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations.
- [**368**Star][19d] [Erlang] [ernw/ss7maper](https://github.com/ernw/ss7maper) SS7 MAP (pen-)testing toolkit. 
- [**368**Star][6m] [chenerlich/fcl](https://github.com/chenerlich/fcl) FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
- [**368**Star][4m] [C++] [cedarctic/digispark-scripts](https://github.com/cedarctic/digispark-scripts) USB Rubber Ducky type scripts written for the DigiSpark.
- [**367**Star][11d] [Go] [kanocz/lcvpn](https://github.com/kanocz/lcvpn) Decentralized VPN in golang
- [**367**Star][18d] [C] [fcambus/logswan](https://github.com/fcambus/logswan) Fast Web log analyzer using probabilistic data structures
- [**367**Star][15d] [JS] [whitequark/ipaddr.js](https://github.com/whitequark/ipaddr.js) IP address manipulation library in JavaScript
- [**367**Star][13d] [Go] [sysdream/hershell](https://github.com/sysdream/hershell)  a simple TCP reverse shell written in Go.
- [**367**Star][10d] [enzet/symbolic-execution](https://github.com/enzet/symbolic-execution) History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)
- [**367**Star][11d] [Py] [disclose/disclose](https://github.com/disclose/disclose) Driving safety, simplicity, and standardization in vulnerability disclosure.
- [**367**Star][11d] [C] [diegocr/netcat](https://github.com/diegocr/netcat) NetCat for Windows
- [**367**Star][2m] [Py] [defaultnamehere/cookie_crimes](https://github.com/defaultnamehere/cookie_crimes) Read local Chrome cookies without root or decrypting
- [**367**Star][11d] [C] [chion82/kcptun-raw](https://github.com/chion82/kcptun-raw) Kcptun with raw socket and fake TCP headers.
- [**367**Star][11d] [Py] [amimo/dcc](https://github.com/amimo/dcc) DCC (Dex-to-C Compiler) is method-based aot compiler that can translate DEX code to C code.
- [**366**Star][12d] [Py] [splunk/attack_range](https://github.com/splunk/attack_range) A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
- [**366**Star][2y] [wtsxdev/malware-analysis](https://github.com/wtsxdev/malware-analysis) List of awesome malware analysis tools and resources
- [**366**Star][4m] [C++] [witnessmenow/universal-arduino-telegram-bot](https://github.com/witnessmenow/universal-arduino-telegram-bot) Use Telegram on your Arduino (ESP8266 or Wifi-101 boards)
- [**366**Star][16d] [C] [vmprof/vmprof-python](https://github.com/vmprof/vmprof-python) vmprof - a statistical program profiler
- [**366**Star][4m] [C++] [steven-michaud/hookcase](https://github.com/steven-michaud/hookcase) Tool for reverse engineering macOS/OS X
- [**366**Star][4m] [smokemonsterpacks/super-nt-jailbreak](https://github.com/smokemonsterpacks/super-nt-jailbreak) Custom "Jailbreak" firmware for the Analogue Super NT
- [**366**Star][1y] [JS] [nikolayit/openjudgesystem](https://github.com/nikolayit/openjudgesystem) An open source system for online algorithm competitions for Windows, written in ASP.NET MVC
- [**366**Star][3m] [C#] [leaguesandbox/gameserver](https://github.com/leaguesandbox/gameserver) League Sandbox's Game Server
- [**366**Star][3m] [C#] [l0ss/grouper2](https://github.com/l0ss/grouper2) Find vulnerabilities in AD Group Policy
- [**366**Star][5m] [Py] [i3visio/osrframework](https://github.com/i3visio/osrframework)  providing API and tools to perform more accurate online researches.
- [**366**Star][12d] [C] [flightaware/dump1090](https://github.com/flightaware/dump1090) Dump1090 is a simple Mode S decoder for RTLSDR devices
- [**366**Star][10d] [fireeye/iocs](https://github.com/fireeye/iocs) FireEye Publicly Shared Indicators of Compromise (IOCs)
- [**366**Star][27d] [C] [crmulliner/ddi](https://github.com/crmulliner/ddi) Dynamic Dalvik Instrumentation Toolkit
- [**366**Star][11d] [Java] [c0ny1/jsencrypter](https://github.com/c0ny1/jsencrypter) 一个用于前端加密Fuzz的Burp Suite插件
- [**366**Star][10m] [Py] [a3sal0n/cyberthreathunting](https://github.com/a3sal0n/cyberthreathunting) A collection of resources for Threat Hunters
- [**365**Star][17d] [Py] [dannyvai/reddit_crawlers](https://github.com/dannyvai/reddit_crawlers) will try to make interesting reddit crawlers that give some insight
- [**365**Star][10d] [Vue] [zerx0r/kage](https://github.com/Zerx0r/Kage) Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler
- [**365**Star][4m] [Go] [vertamedia/chproxy](https://github.com/vertamedia/chproxy) ClickHouse http proxy and load balancer
- [**365**Star][10d] [Py] [vector35/binaryninja-api](https://github.com/vector35/binaryninja-api) Public API, examples, documentation and issues for Binary Ninja
- [**365**Star][2y] [Ruby] [jobertabma/virtual-host-discovery](https://github.com/jobertabma/virtual-host-discovery) A script to enumerate virtual hosts on a server.
- [**365**Star][4m] [Rust] [cloud-hypervisor/rust-hypervisor-firmware](https://github.com/cloud-hypervisor/rust-hypervisor-firmware) a simple KVM firmware that is designed to be launched from anything that supports loading ELF binaries and running them with the Linux kernel loading standard.
- [**365**Star][3m] [Py] [adrianvollmer/powerhub](https://github.com/adrianvollmer/powerhub) A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
- [**364**Star][4m] [Go] [google/schedviz](https://github.com/google/schedviz) A tool for gathering and visualizing kernel scheduling traces on Linux machines
- [**364**Star][4y] [C] [xiaoweime/wprotect](https://github.com/xiaoweime/wprotect)  uses code-virtualization technic to protect binary from being reverse-engineered or unwanted modified. 
- [**364**Star][13d] [Shell] [swoodford/aws](https://github.com/swoodford/aws) A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
- [**364**Star][2y] [PS] [rootclay/powershell-attack-guide](https://github.com/rootclay/powershell-attack-guide) Powershell Attack Guide
- [**364**Star][1y] [C] [p0cl4bs/kadimus](https://github.com/p0cl4bs/kadimus) Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...
- [**364**Star][16d] [C] [natebrune/silk-guardian](https://github.com/natebrune/silk-guardian) an anti-forensic kill-switch that waits for a change on your usb ports and then wipes your ram, deletes precious files, and turns off your computer.
- [**364**Star][4m] [Batchfile] [mitchellkrogza/ultimate.hosts.blacklist](https://github.com/mitchellkrogza/ultimate.hosts.blacklist) The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.
- [**364**Star][19d] [C] [inquisb/shellcodeexec](https://github.com/inquisb/shellcodeexec) Script to execute in memory a sequence of opcodes
- [**364**Star][3y] [C++] [gamehackingbook/gamehackingcode](https://github.com/gamehackingbook/gamehackingcode) Code for the book 《Game Hacking: Developing Autonomous Bots for Online Games.》 
- [**364**Star][12d] [Go] [fairwindsops/rbac-lookup](https://github.com/fairwindsops/rbac-lookup) Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster
- [**364**Star][13d] [HTML] [eugenekolo/sec-tools](https://github.com/eugenekolo/sec-tools) A set of security related tools
- [**364**Star][2m] [Elm] [elm-community/elm-test](https://github.com/elm-community/elm-test) moved to elm-explorations/test
- [**364**Star][16d] [Ruby] [dev-sec/chef-os-hardening](https://github.com/dev-sec/chef-os-hardening) This chef cookbook provides numerous security-related configurations, providing all-round base protection.
- [**363**Star][1m] [Go] [inconshreveable/srvdir](https://github.com/inconshreveable/srvdir) Expose any folder as an HTTPS fileserver
- [**363**Star][1m] [agoric/ses](https://github.com/agoric/ses) MOVED to @agoric/ses-shim. SES (Secure EcmaScript) is a secure runtime for running third-party code safely
- [**363**Star][2y] [Py] [ustayready/credking](https://github.com/ustayready/credking) Password spraying using AWS Lambda for IP rotation
- [**363**Star][10m] [Py] [swisskyrepo/wordpresscan](https://github.com/swisskyrepo/wordpresscan) WPScan rewritten in Python + some WPSeku ideas
- [**363**Star][4m] [C++] [safebreach-labs/pinjectra](https://github.com/safebreach-labs/pinjectra) Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
- [**363**Star][10d] [C] [rhdunn/espeak](https://github.com/rhdunn/espeak) eSpeak NG is an open source speech synthesizer that supports 101 languages and accents.
- [**363**Star][6m] [ObjC] [prateek147/dvia](https://github.com/prateek147/dvia) Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10…
- [**363**Star][5m] [Py] [lockgit/hacking](https://github.com/lockgit/hacking) hacking is a kind of spirit !
- [**363**Star][11d] [Shell] [koenbuyens/kalirouter](https://github.com/koenbuyens/kalirouter) intercepting kali router
- [**363**Star][4m] [Perl] [keydet89/regripper2.8](https://github.com/keydet89/regripper2.8)  extracting/parsing information (keys, values, data) from the Registry and presenting it for analysis.
- [**363**Star][4m] [C++] [joaolopesf/remotedebug](https://github.com/joaolopesf/remotedebug) Library for Arduino to debug projects over WiFi, with web app or telnet, with print commands like Serial Monitor
- [**362**Star][13d] [Java] [huomen/highdsa](https://github.com/huomen/highdsa) 2018年本科毕设项目，已更新所有开发和部署文档。基于Dubbo、SSM、Shiro、ELK、ActiveMQ、Redis等实现的一套高可用、高性能、高可扩展的分布式系统架构，实现可支持业务的基础公共服务,API使用Restful风格对外暴露。已经实现的包括：发送邮件服务、FastDFS文件存储服务、ELK实时日志查询服务、Redis缓存服务、Mybatis数据库、阿里短信推送、Goeasy消息推送、Druid监控、ActiveMQ消息队列、shiro权限认证、cas单点登录、权限配置web系统、移动端后台系统。持续更新中......
- [**362**Star][3m] [cydefunicorn/oscp-archives](https://github.com/cydefunicorn/oscp-archives) An archive of everything related to OSCP
- [**362**Star][26d] [JS] [withspectrum/micro-open-graph](https://github.com/withspectrum/micro-open-graph) A tiny Node.js microservice to scrape open graph data with joy.
- [**362**Star][8d] [JS] [fantasticlbp/anti-webspider](https://github.com/fantasticlbp/anti-webspider) Web 端反爬技术方案
- [**362**Star][19d] [Java] [droidefense/engine](https://github.com/droidefense/engine) Droidefense: Advance Android Malware Analysis Framework
- [**362**Star][4m] [C#] [rasta-mouse/tikitorch](https://github.com/rasta-mouse/tikitorch) Process Injection
- [**362**Star][13d] [push0ebp/sig-database](https://github.com/push0ebp/sig-database) IDA FLIRT Signature Database
- [**362**Star][11d] [C] [phaag/nfdump](https://github.com/phaag/nfdump) Netflow processing tools
- [**362**Star][14d] [Go] [nhoya/gosint](https://github.com/nhoya/gosint) OSINT Swiss Army Knife
- [**362**Star][4m] [PS] [mgeeky/penetration-testing-tools](https://github.com/mgeeky/penetration-testing-tools) A collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
- [**362**Star][10d] [JS] [kspearrin/ff-password-exporter](https://github.com/kspearrin/ff-password-exporter) Easily export your passwords from Firefox.
- [**362**Star][4m] [PS] [kmkz/pentesting](https://github.com/kmkz/pentesting) Tricks for penetration testing
- [**362**Star][12d] [C] [jedisct1/swift-sodium](https://github.com/jedisct1/swift-sodium) Safe and easy to use crypto for iOS and macOS
- [**362**Star][11m] [Shell] [hackplayers/4nonimizer](https://github.com/hackplayers/4nonimizer) A bash script for anonymizing the public IP used to browsing Internet, managing the connection to TOR network and to different VPNs providers (OpenVPN)
- [**362**Star][12d] [C] [earthquake/chw00t](https://github.com/earthquake/chw00t)  Unices chroot breaking tool
- [**362**Star][10d] [JS] [doyensec/electronegativity](https://github.com/doyensec/electronegativity) Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
- [**362**Star][24d] [Go] [cmpxchg16/gobench](https://github.com/cmpxchg16/gobench) HTTP/HTTPS load testing and benchmarking tool
- [**362**Star][1y] [C] [buspirate/bus_pirate](https://github.com/buspirate/bus_pirate) Community driven firmware and hardware for Bus Pirate version 3 and 4
- [**361**Star][23d] [JS] [zeit/micro-proxy](https://github.com/zeit/micro-proxy) [DEPRECATED] Simplest proxy server for microservices
- [**361**Star][4m] [Shell] [mjstealey/wordpress-nginx-docker](https://github.com/mjstealey/wordpress-nginx-docker) Wordpress (php7.3-fpm) using Nginx and MariaDB - deployed with docker-compose - Let's Encrypt enabled
- [**361**Star][16d] [Py] [aoncyberlabs/evilabigail](https://github.com/AonCyberLabs/EvilAbigail) Automated Linux evil maid attack
- [**361**Star][13d] [Py] [varbaek/xsser](https://github.com/varbaek/xsser) From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
- [**361**Star][10d] [Py] [rackerlabs/scantron](https://github.com/rackerlabs/scantron) A distributed nmap / masscan scanning framework
- [**361**Star][14d] [C#] [mvelazc0/defcon27_csharp_workshop](https://github.com/mvelazc0/defcon27_csharp_workshop) Writing custom backdoor payloads with C# - Defcon 27
- [**361**Star][4m] [C#] [malware-dev/mdk-se](https://github.com/malware-dev/mdk-se) Malware's Development Kit for SE
- [**361**Star][10d] [Py] [google/turbinia](https://github.com/google/turbinia) Automation and Scaling of Digital Forensics Tools
- [**361**Star][12d] [Py] [devrandom/gitian-builder](https://github.com/devrandom/gitian-builder) Build packages in a secure deterministic fashion inside a VM
- [**361**Star][13d] [Go] [cloudflare/circl](https://github.com/cloudflare/circl) Cloudflare Interoperable Reusable Cryptographic Library
- [**360**Star][3m] [Java] [eclipse/steady](https://github.com/eclipse/steady) Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy.
- [**360**Star][12d] [JS] [hakluke/weaponised-xss-payloads](https://github.com/hakluke/weaponised-xss-payloads) XSS payloads designed to turn alert(1) into P1
- [**360**Star][16d] [jjqqkk/android-vpn](https://github.com/jjqqkk/android-vpn) VPN and video downloader for Android
- [**360**Star][10d] [JS] [adamwalach/openvpn-web-ui](https://github.com/adamwalach/openvpn-web-ui) Web interface (with golang backend) for monitoring and administration of OpenVPN server
- [**360**Star][18d] [Ruby] [sunitparekh/data-anonymization](https://github.com/sunitparekh/data-anonymization) helps you build anonymized production data dumps which you can use for performance testing, security testing, debugging and development.
- [**360**Star][15d] [Shell] [cyb0r9/socialbox](https://github.com/Cyb0r9/SocialBox) SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi
- [**360**Star][13d] [C++] [qax-a-team/eventcleaner](https://github.com/QAX-A-Team/EventCleaner) A tool mainly to erase specified records from Windows event logs, with additional functionalities.
- [**360**Star][12d] [Py] [taizilongxu/scrapy_jingdong](https://github.com/taizilongxu/scrapy_jingdong) 用scrapy写的京东爬虫
- [**360**Star][10d] [C++] [rampagex/firmware-mod-kit](https://github.com/rampagex/firmware-mod-kit) Automatically exported from code.google.com/p/firmware-mod-kit
- [**360**Star][4m] [C#] [nyan-x-cat/asyncrat-c-sharp](https://github.com/nyan-x-cat/asyncrat-c-sharp) Open-Source Remote Administration Tool For Windows C# (RAT)
- [**360**Star][11d] [JS] [mike-goodwin/owasp-threat-dragon](https://github.com/mike-goodwin/owasp-threat-dragon) An open source, online threat modelling tool from OWASP
- [**360**Star][19d] [C] [merces/pev](https://github.com/merces/pev) The PE file analysis toolkit
- [**360**Star][6m] [Py] [darryllane/bluto](https://github.com/darryllane/bluto) DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking
- [**360**Star][12d] [Go] [anshumanbh/tko-subs](https://github.com/anshumanbh/tko-subs) A tool that can help detect and takeover subdomains with dead DNS records
- [**360**Star][1y] [Py] [aancw/belati](https://github.com/aancw/belati) The Traditional Swiss Army Knife for OSINT
- [**359**Star][4m] [Jupyter Notebook] [shaohua0116/iclr2019-openreviewdata](https://github.com/shaohua0116/iclr2019-openreviewdata) Script that crawls meta data from ICLR OpenReview webpage. Tutorials on installing and using Selenium and ChromeDriver on Ubuntu.
- [**359**Star][3y] [C++] [zerosum0x0/winrepl](https://github.com/zerosum0x0/winrepl) x86 and x64 assembly "read-eval-print loop" shell for Windows
- [**359**Star][3y] [HTML] [webbluetoothcg/demos](https://github.com/webbluetoothcg/demos) Demo applications showing off Web Bluetooth
- [**359**Star][4y] [JS] [taisel/gameboy-online](https://github.com/taisel/gameboy-online) JavaScript GameBoy Color emulator.
- [**359**Star][4m] [C#] [steamdatabase/valveresourceformat](https://github.com/steamdatabase/valveresourceformat) Valve's Source 2 resource file format (also known as Stupid Valve Format) parser and decompiler.
- [**359**Star][11d] [PHP] [scheb/two-factor-bundle](https://github.com/scheb/two-factor-bundle) Two-factor authentication for Symfony applications (bunde version ≤ 4)
- [**359**Star][16d] [C++] [nativescript/android-runtime](https://github.com/nativescript/android-runtime) Android runtime for NativeScript (based on V8)
- [**359**Star][4m] [Julia] [memoiry/lightml.jl](https://github.com/memoiry/lightml.jl) Minimal and clean examples of machine learning algorithms implemented in Julia
- [**359**Star][11d] [Makefile] [justinmeiners/lc3-vm](https://github.com/justinmeiners/lc3-vm) Write your own virtual machine for the LC-3 computer!
- [**359**Star][11d] [Go] [goproxy/goproxy](https://github.com/goproxy/goproxy) A minimalist Go module proxy handler.
- [**359**Star][10d] [Go] [carbonblack/binee](https://github.com/carbonblack/binee) binary emulation environment
- [**359**Star][2y] [C++] [can1357/cve-2018-8897](https://github.com/can1357/cve-2018-8897) Arbitrary code execution with kernel privileges using CVE-2018-8897.
- [**359**Star][4m] [Shell] [al0ne/linuxcheck](https://github.com/al0ne/linuxcheck) linux信息收集/应急响应/常见后门检测脚本
- [**359**Star][10d] [C] [adtac/fssb](https://github.com/adtac/fssb) A filesystem sandbox for Linux using syscall intercepts.
- [**358**Star][10d] [ring04h/pentest](https://github.com/ring04h/pentest) pentest stuff
- [**358**Star][2m] [Py] [spender-sandbox/cuckoo-modified](https://github.com/spender-sandbox/cuckoo-modified) Modified edition of cuckoo
- [**358**Star][12d] [Shell] [nsakey/nsa-rules](https://github.com/nsakey/nsa-rules) Password cracking rules and masks for hashcat that I generated from cracked passwords.
- [**358**Star][10d] [C++] [nevermoe/unity_metadata_loader](https://github.com/nevermoe/unity_metadata_loader)  load strings and method/class names in global-metadata.dat to IDA
- [**358**Star][17d] [Dockerfile] [mykings/docker-vulnerability-environment](https://github.com/mykings/docker-vulnerability-environment) Use the docker to build a vulnerability environment
- [**358**Star][29d] [mozilla/minion](https://github.com/mozilla/minion) a security testing framework built by Mozilla to bridge the gap between developers and security testers.
- [**358**Star][14d] [Augeas] [hercules-team/augeas](https://github.com/hercules-team/augeas) A configuration editing tool and API
- [**358**Star][8m] [Py] [hell0w0rld0/github-hunter](https://github.com/hell0w0rld0/github-hunter) This tool is for sensitive information searching on Github - The Fast Version here:
- [**358**Star][2y] [C] [codermjlee/mjcodeobfuscation](https://github.com/codermjlee/mjcodeobfuscation) 一个用于代码混淆和字符串加密的Mac小Demo
- [**358**Star][10d] [Py] [cisco-talos/mutiny-fuzzer](https://github.com/cisco-talos/mutiny-fuzzer) a network fuzzer that operates by replaying PCAPs through a mutational fuzzer.
- [**357**Star][10d] [Go] [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) OpenSSL bindings for Go
- [**357**Star][11d] [PHP] [scotteh/php-goose](https://github.com/scotteh/php-goose) Readability / Html Content / Article Extractor & Web Scrapping library written in PHP
- [**357**Star][11d] [Ruby] [tuwukee/jwt_sessions](https://github.com/tuwukee/jwt_sessions) XSS/CSRF safe JWT auth designed for SPA
- [**357**Star][18d] [Shell] [mobilejazz/docker-ipsec-vpn-server](https://github.com/mobilejazz/docker-ipsec-vpn-server) Multi-user IPSec server docker image
- [**357**Star][12d] [Py] [romanz/trezor-agent](https://github.com/romanz/trezor-agent) Hardware-based SSH/PGP agent
- [**357**Star][1y] [C] [vulnreproduction/linuxflaw](https://github.com/vulnreproduction/linuxflaw) This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
- [**357**Star][4m] [C#] [tmoonlight/nsmartproxy](https://github.com/tmoonlight/nsmartproxy) reverse proxy tool that creates a secure tunnel from a public endpoint to a locally service
- [**357**Star][10m] [Py] [tatanus/spf](https://github.com/tatanus/spf) SpeedPhishing Framework
- [**357**Star][19d] [Py] [ropnop/windapsearch](https://github.com/ropnop/windapsearch) Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
- [**357**Star][2m] [Go] [propervillain/moistpetal](https://github.com/propervillain/moistpetal) Open source offensive security platform for red team, by red team.
- [**357**Star][11y] [C#] [moserware/aes-illustrated](https://github.com/moserware/aes-illustrated) An implementation of the Advanced Encryption Standard (AES) algorithm meant for study to go along with "A Stick Figure Guide to the Advanced Encryption Standard (AES)" blog post at
- [**357**Star][26d] [Haskell] [jpmorganchase/constellation](https://github.com/jpmorganchase/constellation) Peer-to-peer encrypted message exchange
- [**357**Star][19d] [Brainfuck] [hexhive/printbf](https://github.com/hexhive/printbf) Brainfuck interpreter inside printf
- [**357**Star][6m] [D] [cybershadow/rabcdasm](https://github.com/cybershadow/rabcdasm) Robust ABC (ActionScript Bytecode) [Dis-]Assembler
- [**357**Star][6m] [Go] [quay/jwtproxy](https://github.com/quay/jwtproxy) An HTTP-Proxy that adds AuthN through JWTs
- [**356**Star][14d] [C] [angt/glorytun](https://github.com/angt/glorytun) Multipath UDP tunnel
- [**356**Star][4m] [Py] [aas-n/spraykatz](https://github.com/aas-n/spraykatz) Credentials gathering tool automating remote procdump and parse of lsass process.
- [**356**Star][9m] [Py] [mitmproxy/pathod](https://github.com/mitmproxy/pathod) 
- [**356**Star][8d] [C++] [spacehuhntech/wifiduck](https://github.com/SpacehuhnTech/WiFiDuck) Wireless keystroke injection attack platform
- [**356**Star][10d] [C] [seemoo-lab/owl](https://github.com/seemoo-lab/owl) An open Apple Wireless Direct Link (AWDL) implementation written in C
- [**356**Star][14d] [C++] [wangyu-/udp2raw-multiplatform](https://github.com/wangyu-/udp2raw-multiplatform) multi-platform(cross-platform) version of udp2raw-tunnel, which supports Windows/Mac/BSD natively
- [**356**Star][12d] [JS] [pubkey/eth-crypto](https://github.com/pubkey/eth-crypto) Cryptographic javascript-functions for ethereum and tutorials to use them with web3js and solidity
- [**356**Star][18d] [TS] [timkpaine/algo-coin](https://github.com/timkpaine/algo-coin) Python library for algorithmic trading cryptocurrencies across multiple exchanges
- [**356**Star][17d] [C] [solus-project/linux-steam-integration](https://github.com/solus-project/linux-steam-integration) Helper for enabling better Steam integration on Linux
- [**356**Star][12d] [Py] [romanvm/python-web-pdb](https://github.com/romanvm/python-web-pdb) Web-based remote UI for Python's PDB debugger
- [**356**Star][4y] [Py] [nccgroup/abptts](https://github.com/nccgroup/abptts) TCP tunneling over HTTP/HTTPS for web application servers
- [**356**Star][3y] [ObjC] [naituw/hackingfacebook](https://github.com/naituw/hackingfacebook) Kill Facebook for iOS's SSL Pinning
- [**356**Star][10d] [Py] [mozillasecurity/dharma](https://github.com/mozillasecurity/dharma) Generation-based, context-free grammar fuzzer.
- [**356**Star][2y] [Py] [mazen160/struts-pwn](https://github.com/mazen160/struts-pwn) An exploit for Apache Struts CVE-2017-5638
- [**356**Star][16d] [Batchfile] [lmc999/auto-add-routes](https://github.com/lmc999/auto-add-routes) China Route for VPN
- [**356**Star][12d] [C++] [leoetlino/project-restoration](https://github.com/leoetlino/project-restoration) A Majora's Mask 3D patch that restores some mechanics from the original game to get the best of both worlds
- [**356**Star][4m] [leelikar/deepweb](https://github.com/leelikar/deepweb) 暗网网址大全TOR
- [**356**Star][2y] [ObjC] [biscuitehh/marzipanplatter](https://github.com/biscuitehh/marzipanplatter) UIKit + macOS
- [**355**Star][7d] [Py] [symbo1/wsltools](https://github.com/symbo1/wsltools) Web Scan Lazy Tools - Python Package
- [**355**Star][3m] [koenkk/z-stack-firmware](https://github.com/koenkk/z-stack-firmware) Compilation instructions and hex files for Z-Stack firmwares
- [**355**Star][8d] [TS] [javascript-obfuscator/webpack-obfuscator](https://github.com/javascript-obfuscator/webpack-obfuscator) javascript-obfuscator plugin for Webpack
- [**355**Star][10d] [JS] [aws-samples/aws-serverless-security-workshop](https://github.com/aws-samples/aws-serverless-security-workshop) In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
- [**355**Star][10d] [TS] [dozennn/steam-rom-manager](https://github.com/doZennn/steam-rom-manager) An app for managing ROMs in Steam
- [**355**Star][11d] [C++] [thalium/icebox](https://github.com/thalium/icebox) Virtual Machine Introspection, Tracing & Debugging
- [**355**Star][3y] [Py] [pepitoh/vbad](https://github.com/pepitoh/vbad) VBA Obfuscation Tools combined with an MS office document generator
- [**355**Star][17d] [Shell] [marshyski/quick-secure](https://github.com/marshyski/quick-secure) Quickly secure UNIX/Linux systems
- [**355**Star][7m] [Py] [m8r0wn/nullinux](https://github.com/m8r0wn/nullinux) Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
- [**355**Star][2m] [TeX] [haifengl/bigdata](https://github.com/haifengl/bigdata) Introduction to Big Data
- [**355**Star][2y] [C++] [glsl-debugger/glsl-debugger](https://github.com/glsl-debugger/glsl-debugger) GLSL source level debugger.
- [**355**Star][5m] [C] [cr4sh/smmbackdoor](https://github.com/cr4sh/smmbackdoor) System Management Mode backdoor for UEFI
- [**355**Star][2m] [JS] [antimalware/manul](https://github.com/antimalware/manul) Antimalware tool for websites
- [**354**Star][3y] [stacygohyunsi/algorithms-primer](https://github.com/stacygohyunsi/algorithms-primer) A consolidated collection of resources for you to learn and understand algorithms and data structures easily.
- [**354**Star][20d] [trustedsec/physical-docs](https://github.com/trustedsec/physical-docs) This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselves when conducting physical security assessments.
- [**354**Star][13d] [Py] [xinsss/conf-for-surge-shadowrocket](https://github.com/xinsss/conf-for-surge-shadowrocket) Surge Shadowrocket conf
- [**354**Star][5m] [virajkulkarni14/webdevelopersecuritychecklist](https://github.com/virajkulkarni14/webdevelopersecuritychecklist) A checklist of important security issues you should consider when creating a web application.
- [**354**Star][10m] [tanprathan/owasp-testing-checklist](https://github.com/tanprathan/owasp-testing-checklist) OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
- [**354**Star][5m] [Go] [ropnop/kerbrute](https://github.com/ropnop/kerbrute) A tool to perform Kerberos pre-auth bruteforcing
- [**354**Star][6y] [C] [rentzsch/mach_override](https://github.com/rentzsch/mach_override) runtime function overriding for Mac OS X
- [**354**Star][17d] [Ruby] [owasp/glue](https://github.com/owasp/glue) Application Security Automation
- [**354**Star][16d] [JS] [mhzed/wstunnel](https://github.com/mhzed/wstunnel) tunnel over websocket
- [**354**Star][13d] [C++] [m0n0ph1/malware-1](https://github.com/m0n0ph1/malware-1) Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
- [**354**Star][11d] [JS] [kamikat/tttfi](https://github.com/kamikat/tttfi) Middleware for IFTTT.
- [**354**Star][2y] [C] [hfiref0x/dsefix](https://github.com/hfiref0x/dsefix) Windows x64 Driver Signature Enforcement Overrider
- [**354**Star][15d] [Shell] [extremeshok/clamav-unofficial-sigs](https://github.com/extremeshok/clamav-unofficial-sigs) ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com
- [**354**Star][2m] [JS] [evilcos/cookiehacker](https://github.com/evilcos/cookiehacker) Chrome extension, very easy to use. Cookies from: JavaScript document.cookie/Wireshark Cookies etc.
- [**354**Star][10d] [Py] [clemfromspace/scrapy-selenium](https://github.com/clemfromspace/scrapy-selenium) Scrapy middleware to handle javascript pages using selenium
- [**354**Star][13d] [Py] [chris408/ct-exposer](https://github.com/chris408/ct-exposer) An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
- [**354**Star][11d] [Py] [bishopfox/spoofcheck](https://github.com/bishopfox/spoofcheck) Simple script that checks a domain for email protections
- [**353**Star][15d] [C++] [can1357/byepg](https://github.com/can1357/byepg) Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI
- [**353**Star][10d] [Py] [twelvesec/gasmask](https://github.com/twelvesec/gasmask) Information gathering tool - OSINT
- [**353**Star][2y] [Py] [quickbreach/smbetray](https://github.com/quickbreach/smbetray) SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
- [**353**Star][10d] [Py] [mitre-attack/car](https://github.com/mitre-attack/car) Cyber Analytics Repository
- [**353**Star][30d] [Lua] [marcoskirsch/nodemcu-httpserver](https://github.com/marcoskirsch/nodemcu-httpserver) A (very) simple web server written in Lua for the ESP8266 firmware NodeMCU.
- [**353**Star][10d] [Py] [leitbogioro/ssr.go](https://github.com/leitbogioro/ssr.go) A new shadowsocksR config manager
- [**352**Star][21d] [Go] [bitly/go-hostpool](https://github.com/bitly/go-hostpool) Intelligently and flexibly pool among multiple hosts from your Go application
- [**352**Star][15d] [Py] [leapsecurity/inspy](https://github.com/leapsecurity/InSpy) A python based LinkedIn enumeration tool
- [**352**Star][12d] [PS] [fortynorthsecurity/egress-assess](https://github.com/FortyNorthSecurity/Egress-Assess) Egress-Assess is a tool used to test egress data detection capabilities
- [**352**Star][2y] [PS] [outflanknl/invoke-adlabdeployer](https://github.com/outflanknl/invoke-adlabdeployer) Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
- [**352**Star][2y] [Shell] [mazen160/firefox-security-toolkit](https://github.com/mazen160/firefox-security-toolkit) A tool that transforms Firefox browsers into a penetration testing suite
- [**352**Star][2y] [PS] [fuzzysecurity/pskernel-primitives](https://github.com/fuzzysecurity/pskernel-primitives) Exploit primitives for PowerShell
- [**352**Star][3m] [Shell] [fanyueciyuan/eazy-for-ss](https://github.com/fanyueciyuan/eazy-for-ss) A Bypassgfw Collection
- [**352**Star][14d] [Py] [boy-hack/w8fuckcdn](https://github.com/boy-hack/w8fuckcdn) Get website IP address by scanning the entire net 
- [**352**Star][3m] [Shell] [archstrike/archstrike](https://github.com/archstrike/archstrike) An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
- [**352**Star][4y] [Py] [animeshshaw/hash-algorithm-identifier](https://github.com/animeshshaw/hash-algorithm-identifier) A python tool to identify different Hash Function Algorithms
- [**351**Star][3m] [Lua] [group-butler/groupbutler](https://github.com/group-butler/groupbutler) This bot can help you in managing your group with rules, anti-flood, description, custom triggers, and much more!
- [**351**Star][12d] [JS] [straker/css-style-guide-audit](https://github.com/straker/css-style-guide-audit) Audit the CSS on a page to see what elements are using styles from the style guide and which styles are overriding them
- [**351**Star][7m] [Py] [ym2011/pest](https://github.com/ym2011/PEST) Here is some simple and useful scripts for penetration.
- [**351**Star][8m] [C] [thorkill/eresi](https://github.com/thorkill/eresi) The ERESI Reverse Engineering Software Interface
- [**351**Star][10d] [HTML] [thelinuxchoice/shellphish](https://github.com/thelinuxchoice/shellphish) 19 Social Media Phishing Pages #phishing #shellphish #phish
- [**351**Star][23d] [Py] [skorov/ridrelay](https://github.com/skorov/ridrelay) Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
- [**351**Star][12d] [Shell] [mitchellkrogza/apache-ultimate-bad-bot-blocker](https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker) Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
- [**351**Star][3y] [Py] [bugscanteam/githack](https://github.com/bugscanteam/githack) .git 泄漏利用工具，可还原历史版本
- [**351**Star][13d] [Shell] [brannondorsey/mitm-router](https://github.com/brannondorsey/mitm-router) 将任何一台Linux 计算机转变成公开的 Wi-Fi 网络，并且默认Man-in-the-middle 所有 http 流量
- [**350**Star][13d] [Py] [yanzhou/cnkispider](https://github.com/yanzhou/cnkispider) 中国知网爬虫
- [**350**Star][10d] [Py] [qiskit/qiskit-aqua](https://github.com/Qiskit/qiskit-aqua) Quantum Algorithms & Applications in Python
- [**350**Star][14d] [yarnpkg/rfcs](https://github.com/yarnpkg/rfcs) RFCs for changes to Yarn
- [**350**Star][11d] [Py] [tophanttechnology/osprey](https://github.com/tophanttechnology/osprey) vul detect framework
- [**350**Star][4m] [Py] [securityinnovation/authmatrix](https://github.com/securityinnovation/authmatrix) AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
- [**350**Star][10d] [Py] [online-judge-tools/oj](https://github.com/online-judge-tools/oj) Tools for various online judges. Downloading sample cases, generating additional test cases, testing your code, and submitting it.
- [**350**Star][1m] [Py] [joxeankoret/nightmare](https://github.com/joxeankoret/nightmare) A distributed fuzzing testing suite with web administration
- [**350**Star][12d] [C] [eduardsui/tlse](https://github.com/eduardsui/tlse) Single C file TLS 1.2/1.3 implementation, using tomcrypt as crypto library
- [**350**Star][10d] [Py] [adferrand/dnsrobocert](https://github.com/adferrand/dnsrobocert) Orchestrate Certbot and Lexicon together to provide Let's Encrypt TLS certificates validated by DNS challenges
- [**349**Star][22d] [C] [adamlaurie/rfidler](https://github.com/AdamLaurie/RFIDler) RFIDler - Software defined RFID (LF) Reader/Writer/Emulator
- [**349**Star][11d] [Py] [datadriventests/ddt](https://github.com/datadriventests/ddt) Data-Driven Tests for Python Unittest
- [**349**Star][1y] [C] [wapiflapi/exrs](https://github.com/wapiflapi/exrs) Exercises for learning Reverse Engineering and Exploitation.
- [**349**Star][1y] [Py] [mdsecactivebreach/linkedint](https://github.com/mdsecactivebreach/linkedint) A LinkedIn scraper for reconnaissance during adversary simulation
- [**349**Star][12d] [JS] [jesusprubio/strong-node](https://github.com/jesusprubio/strong-node) 
- [**349**Star][4m] [C] [hfiref0x/syscalltables](https://github.com/hfiref0x/syscalltables) Windows NT x64 Syscall tables
- [**349**Star][16d] [Go] [dhiltgen/docker-machine-kvm](https://github.com/dhiltgen/docker-machine-kvm) KVM driver for docker-machine
- [**348**Star][10d] [HTML] [covidatlas/coronadatascraper](https://github.com/covidatlas/coronadatascraper) COVID-19 Coronavirus data scraped from government and curated data sources.
- [**348**Star][10d] [C#] [xabre/xamarin-bluetooth-le](https://github.com/xabre/xamarin-bluetooth-le) Bluetooth LE plugin for Xamarin
- [**348**Star][6m] [C++] [thezdi/poc](https://github.com/thezdi/poc) Proofs-of-concept
- [**348**Star][15d] [Py] [strazzere/golang_loader_assist](https://github.com/strazzere/golang_loader_assist) Making GO reversing easier in IDA Pro
- [**348**Star][10d] [Nim] [status-im/nimbus](https://github.com/status-im/nimbus) an Ethereum 1.0 & 2.0 Client for Resource-Restricted Devices
- [**348**Star][25d] [Py] [secwiki/office-exploits](https://github.com/secwiki/office-exploits) office-exploits Office漏洞集合
- [**348**Star][6y] [Py] [neohapsis/neopi](https://github.com/neohapsis/neopi) a Python script that uses a variety of statistical methods to detect obfuscated and encrypted content within text/script files
- [**348**Star][3y] [mikesiko/practicalmalwareanalysis-labs](https://github.com/mikesiko/practicalmalwareanalysis-labs) Binaries for the book Practical Malware Analysis
- [**348**Star][15d] [C++] [ele7enxxh/poc-exp](https://github.com/ele7enxxh/poc-exp) poc or exp of android vulnerability
- [**348**Star][2m] [C] [dyninst/dyninst](https://github.com/dyninst/dyninst) Tools for binary instrumentation, analysis, and modification.
- [**348**Star][10d] [HTML] [coinbase/salus](https://github.com/coinbase/salus) Security scanner coordinator
- [**348**Star][11d] [Py] [census/shadow](https://github.com/census/shadow) jemalloc heap exploitation framework
- [**347**Star][3m] [C++] [secure-software-engineering/phasar](https://github.com/secure-software-engineering/phasar) A LLVM-based static analysis framework.
- [**347**Star][17d] [Shell] [zw963/asuswrt-merlin-transparent-proxy](https://github.com/zw963/asuswrt-merlin-transparent-proxy) transparent proxy base on ss, v2ray, ipset, iptables, chinadns on asuswrt merlin.
- [**347**Star][11d] [JS] [yndi/darkjpeg](https://github.com/yndi/darkjpeg) JPEG steganography web service
- [**347**Star][7d] [Go] [velocidex/velociraptor](https://github.com/velocidex/velociraptor) Digging Deeper....
- [**347**Star][10d] [Py] [target/strelka](https://github.com/target/strelka) Real-time, container-based file scanning at enterprise scale
- [**347**Star][13d] [Go] [rapidloop/vlan-nats](https://github.com/rapidloop/vlan-nats) Virtual LAN over NATS
- [**347**Star][11d] [Py] [ptoomey3/evilarc](https://github.com/ptoomey3/evilarc) Create tar/zip archives that can exploit directory traversal vulnerabilities
- [**347**Star][1m] [TeX] [plailect/keyshuffling](https://github.com/plailect/keyshuffling) Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain
- [**347**Star][14d] [Py] [nopernik/sshpry](https://github.com/nopernik/sshpry) Seamlessly spy on SSH session like it is your tty
- [**347**Star][16d] [C++] [bastilleresearch/gr-lora](https://github.com/bastilleresearch/gr-lora) GNU Radio OOT module implementing the LoRa PHY, based on
- [**346**Star][4m] [Arduino] [kmanoz/sonoff-homeassistant](https://github.com/kmanoz/sonoff-homeassistant) Firmware for ESP8266 based itead Sonoff switches for use with HomeAssistant
- [**346**Star][9d] [Py] [maicius/qqzonemood](https://github.com/maicius/qqzonemood) QQZone mood spider and analysis. QQ空间多线程爬虫和数据挖掘，并做了大量数据可视化。提供线上服务，扫码登陆即可自动爬取和分析数据；使用docker-compose打包程序，方便部署；额外提供QQ空间抽奖小程序。
- [**346**Star][13d] [PHP] [yan68/xcrawler](https://github.com/yan68/xcrawler) 快速、简洁且强大的PHP爬虫框架
- [**346**Star][15d] [JS] [ning1022/sqlinjectionwiki](https://github.com/ning1022/SQLInjectionWiki) 一个专注于聚合和记录各种SQL注入方法的wiki
- [**346**Star][9d] [Java] [wiglenet/wigle-wifi-wardriving](https://github.com/wiglenet/wigle-wifi-wardriving) Nethugging client for Android, from wigle.net
- [**346**Star][5m] [HTML] [superkieran/wooyundrops](https://github.com/superkieran/wooyundrops) Wooyun知识库，乌云知识库，
- [**346**Star][6m] [C++] [silverf0x/rpcview](https://github.com/silverf0x/rpcview) RpcView is a free tool to explore and decompile Microsoft RPC interfaces
- [**346**Star][4m] [Java] [nordicsemiconductor/android-scanner-compat-library](https://github.com/nordicsemiconductor/android-scanner-compat-library) A compat library for Bluetooth Low Energy scanning on Android.
- [**346**Star][5m] [C] [libimobiledevice/idevicerestore](https://github.com/libimobiledevice/idevicerestore) idevicerestore：iOS 设备固件恢复/更新
- [**346**Star][4y] [PS] [kevin-robertson/tater](https://github.com/kevin-robertson/tater) Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from
- [**346**Star][1y] [C#] [ghostpack/sharpdump](https://github.com/ghostpack/sharpdump) SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
- [**346**Star][1y] [Py] [darkspiritz/darkspiritz](https://github.com/darkspiritz/darkspiritz) A penetration testing framework for Linux, MacOS, and Windows systems.
- [**346**Star][1m] [benvium/libimobiledevice-macosx](https://github.com/benvium/libimobiledevice-macosx) Binary distribution of the libimobiledevice library for Mac OS X
- [**346**Star][22d] [TS] [algolia/hn-search](https://github.com/algolia/hn-search) Hacker News Search
- [**346**Star][1y] [Py] [alessandroz/lazagneforensic](https://github.com/alessandroz/lazagneforensic) Windows passwords decryption from dump files
- [**345**Star][7d] [Java] [x-falcon/virtual-hosts](https://github.com/x-falcon/virtual-hosts) hosts for android,implement by vpn mode,supports wildcard DNS records
- [**345**Star][4m] [valvesoftware/source-1-games](https://github.com/valvesoftware/source-1-games) Source 1 based games such as TF2 and Counter-Strike: Source
- [**345**Star][16d] [Py] [chenjiandongx/bili-spider](https://github.com/chenjiandongx/bili-spider) B 站全站视频信息爬虫
- [**345**Star][20d] [Shell] [greenwolf/spray](https://github.com/Greenwolf/Spray) A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
- [**345**Star][10d] [JS] [lair-framework/lair](https://github.com/lair-framework/lair) Lair is a reactive attack collaboration framework and web application built with meteor.
- [**345**Star][4m] [C] [theofficialflow/trinity](https://github.com/theofficialflow/trinity) Trinity Exploit - Emulator Escape
- [**345**Star][2y] [Java] [rub-nds/ws-attacker](https://github.com/rub-nds/ws-attacker)  a modular framework for web services penetration testing.
- [**345**Star][13d] [C++] [hasherezade/libpeconv](https://github.com/hasherezade/libpeconv) A library to load, manipulate, dump PE files. See also:
- [**345**Star][1y] [C] [blendin/3snake](https://github.com/blendin/3snake) reads memory from sshd and sudo system calls that handle password based authentication
- [**345**Star][11d] [HTML] [balsn/ctf_writeup](https://github.com/balsn/ctf_writeup) CTF writeups from Balsn
- [**345**Star][18d] [Py] [baldassarrefe/deep-koalarization](https://github.com/baldassarrefe/deep-koalarization) Keras/Tensorflow implementation of our paper Grayscale Image Colorization using deep CNN and Inception-ResNet-v2 (
- [**345**Star][8m] [Py] [3ndg4me/autoblue-ms17-010](https://github.com/3ndg4me/autoblue-ms17-010) This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
- [**345**Star][4m] [Shell] [1n3/goohak](https://github.com/1n3/goohak) Automatically Launch Google Hacking Queries Against A Target Domain
- [**344**Star][3m] [Py] [vulmon/vulmap](https://github.com/vulmon/vulmap) Vulmap Online Local Vulnerability Scanners Project
- [**344**Star][4m] [C++] [psi-rockin/dobiestation](https://github.com/psi-rockin/dobiestation) A dog-themed PS2 emulator
- [**344**Star][1m] [PHP] [opsxcq/exploit-cve-2016-10033](https://github.com/opsxcq/exploit-cve-2016-10033) PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
- [**344**Star][16d] [offensive-security/kali-linux-recipes](https://github.com/offensive-security/kali-linux-recipes) Kali Linux Recipes
- [**344**Star][7m] [Shell] [nullarray/roothelper](https://github.com/nullarray/roothelper) A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
- [**344**Star][5m] [Go] [inconshreveable/slt](https://github.com/inconshreveable/slt) A TLS reverse proxy with SNI multiplexing in Go
- [**344**Star][7m] [CSS] [guyoung/captfencoder](https://github.com/guyoung/captfencoder) CaptfEncoder是一款跨平台网络安全工具套件，提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具，并聚合各类在线工具。
- [**344**Star][14d] [Py] [graydon/bors](https://github.com/graydon/bors) Integration robot for buildbot and github
- [**344**Star][2y] [C#] [foxglovesec/rottenpotato](https://github.com/foxglovesec/rottenpotato) RottenPotato local privilege escalation from service account to SYSTEM
- [**344**Star][4y] [Py] [fengxuangit/fox-scan](https://github.com/fengxuangit/fox-scan) Fox-scan is a initiative and passive SQL Injection vulnerable Test tools.
- [**344**Star][2y] [Py] [eplox/tcp-starvation](https://github.com/eplox/tcp-starvation) TCP-Starvation vulnerability
- [**344**Star][12d] [C#] [dynatrace/superdump](https://github.com/dynatrace/superdump) A service for automated crash-dump analysis
- [**344**Star][5y] [C] [cturt/cinoop](https://github.com/cturt/cinoop) Multiplatform Game Boy emulator
- [**344**Star][10d] [Py] [countercept/python-exe-unpacker](https://github.com/countercept/python-exe-unpacker) A helper script for unpacking and decompiling EXEs compiled from python code.
- [**344**Star][26d] [Py] [christophetd/censys-subdomain-finder](https://github.com/christophetd/censys-subdomain-finder) 利用搜索引擎 Censys 提供的 certificate transparency 日志, 实现子域名枚举. (Censys: 搜索联网设备信息的搜索引擎)
- [**343**Star][2m] [Py] [ollypwn/smbghost](https://github.com/ollypwn/smbghost) Scanner for CVE-2020-0796 - SMBv3 RCE
- [**343**Star][14d] [Py] [anasaboureada/penetration-testing-study-notes](https://github.com/AnasAboureada/Penetration-Testing-Study-Notes) Penetration Testing notes, resources and scripts
- [**343**Star][11d] [C] [tomac/yersinia](https://github.com/tomac/yersinia) A framework for layer 2 attacks
- [**343**Star][4m] [C] [svf-tools/svf](https://github.com/svf-tools/svf) Static Value-Flow Analysis for C and C++ Programs
- [**343**Star][11m] [Go] [saturnsvoid/gobot2](https://github.com/saturnsvoid/gobot2) Second Version of The GoBot Botnet, But more advanced.
- [**343**Star][15d] [Py] [n0fate/chainbreaker](https://github.com/n0fate/chainbreaker) Mac OS X Keychain Forensic Tool
- [**343**Star][1y] [JS] [gabemarshall/brosec](https://github.com/gabemarshall/brosec) An interactive reference tool to help security professionals utilize useful payloads and commands.
- [**343**Star][15d] [Go] [capsule8/capsule8](https://github.com/capsule8/capsule8) cloud-native behavioral security monitoring
- [**343**Star][10d] [TS] [acekyd/made-in-nigeria](https://github.com/acekyd/made-in-nigeria) It is rumored that Nigerians only know how to consume tools and not create them. Here is a curation of awesome tools built by Nigerians that can be used by anybody and from anywhere in the world.
- [**342**Star][11d] [C++] [usb-tools/usbproxy-legacy](https://github.com/usb-tools/USBProxy-legacy) A proxy for USB devices, libUSB and gadgetFS - this project is unmaintained, try here:
- [**342**Star][4m] [Py] [tern-tools/tern](https://github.com/tern-tools/tern) Open Source compliance for containers
- [**342**Star][1m] [Ruby] [srcclr/commit-watcher](https://github.com/srcclr/commit-watcher) Find interesting and potentially hazardous commits in git projects
- [**342**Star][4m] [Java] [spongepowered/mixin](https://github.com/spongepowered/mixin) Mixin is a trait/mixin and bytecode weaving framework for Java using ASM
- [**342**Star][23d] [Py] [sarfata/voodooprivacy](https://github.com/sarfata/voodooprivacy) Roll your own VPN server on Amazon EC2 and battle-ready firewall for OS X
- [**342**Star][3y] [Py] [pathetiq/burpsmartbuster](https://github.com/pathetiq/burpsmartbuster) A Burp Suite content discovery plugin that add the smart into the Buster!
- [**342**Star][4m] [Py] [hash3lizer/wifibroot](https://github.com/hash3lizer/wifibroot) A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication)
- [**342**Star][5m] [Py] [fbkcs/thunderdns](https://github.com/fbkcs/thunderdns) This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support.
- [**342**Star][15d] [C] [chobits/tapip](https://github.com/chobits/tapip) user-mode TCP/IP stack based on linux tap device
- [**342**Star][12d] [Logos] [bishopfox/ispy](https://github.com/bishopfox/ispy) A reverse engineering framework for iOS
- [**342**Star][2y] [PS] [arno0x/powershellscripts](https://github.com/arno0x/powershellscripts) Collection of PowerShell scripts
- [**341**Star][20d] [Py] [samhaxr/hackbox](https://github.com/samhaxr/hackbox) HackBox is the combination of awesome techniques. [1] - Xss [2] - Exploits [3] - Subdomain scanner [4] - Whois Lookup [5] - SSRF Injection [6] - Nmap Auto banner [7] - Js Url parser [8] - Web Headers [9] - Listener [10] - Current Network Stats [11] - CORS Misconfig [12] - AWS S3 Misconfig
- [**341**Star][13d] [Py] [salesforce/hassh](https://github.com/salesforce/hassh) a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations.
- [**341**Star][9d] [Rust] [pravic/winapi-kmd-rs](https://github.com/pravic/winapi-kmd-rs) Windows Kernel-Mode Drivers written in Rust
- [**341**Star][5m] [hannob/meltdownspectre-patches](https://github.com/hannob/meltdownspectre-patches) Summary of the patch status for Meltdown / Spectre
- [**341**Star][11d] [C] [frida/frida-core](https://github.com/frida/frida-core) Frida core library intended for static linking into bindings
- [**341**Star][13d] [Py] [fox-it/aclpwn.py](https://github.com/fox-it/aclpwn.py) Active Directory ACL exploitation with BloodHound
- [**341**Star][2y] [Py] [flipkart-incubator/rta](https://github.com/flipkart-incubator/rta) Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
- [**341**Star][4m] [JS] [dns-oarc/packetq](https://github.com/dns-oarc/packetq) A tool that provides a basic SQL-frontend to PCAP-files
- [**341**Star][15d] [C++] [alicanakyol/sems](https://github.com/alicanakyol/sems) Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools
- [**340**Star][3m] [Py] [dataabc/weibo-crawler](https://github.com/dataabc/weibo-crawler) 新浪微博爬虫，用python爬取新浪微博数据
- [**340**Star][13d] [PHP] [insolita/unused-scanner](https://github.com/insolita/unused-scanner) Detect unused composer dependencies
- [**340**Star][11d] [JS] [luminati-io/luminati-proxy](https://github.com/luminati-io/luminati-proxy) Luminati HTTP/HTTPS Proxy manager
- [**340**Star][10d] [Py] [duo-labs/parliament](https://github.com/duo-labs/parliament) AWS IAM linting library
- [**340**Star][18d] [C] [xelerance/xl2tpd](https://github.com/xelerance/xl2tpd) an implementation of the Layer 2 Tunnelling Protocol (RFC 2661)
- [**340**Star][2y] [Py] [sslab-gatech/drk](https://github.com/sslab-gatech/drk) breaks kernel address space layout randomization (KASLR) by exploiting TLB and decoded i-cache side channel.
- [**340**Star][3m] [C] [spurious/sdl-mirror](https://github.com/spurious/sdl-mirror) An unofficial, automated SDL2 and SDL1.2 HG mirror.
- [**340**Star][3y] [Pascal] [malwares/remote-access-trojan](https://github.com/malwares/remote-access-trojan) Windows Remote-Access-Trojan
- [**340**Star][10d] [TeX] [ivyl/rootkit](https://github.com/ivyl/rootkit) Sample Rootkit for Linux
- [**340**Star][12d] [Java] [erudika/para](https://github.com/erudika/para) Open source back-end server for web, mobile and IoT. The backend for busy developers. (self-hosted or hosted)
- [**340**Star][1m] [JS] [clux/decay](https://github.com/clux/decay) Famous sorting algorithms based on vote popularity and time implemented for nodejs
- [**340**Star][12d] [Py] [bishopfox/eyeballer](https://github.com/bishopfox/eyeballer) Convolutional neural network for analyzing pentest screenshots
- [**340**Star][11d] [Py] [astrand/pyobfuscate](https://github.com/astrand/pyobfuscate) a source code obfuscator
- [**340**Star][11d] [C] [aflsmart/aflsmart](https://github.com/aflsmart/aflsmart) Smart Greybox Fuzzing (
- [**340**Star][13d] [Py] [a1ext/auto_re](https://github.com/a1ext/auto_re) IDA PRO auto-renaming plugin with tagging support
- [**339**Star][2y] [C++] [m0n0ph1/process-hollowing](https://github.com/m0n0ph1/process-hollowing) Great explanation of Process Hollowing (a Technique often used in Malware)
- [**339**Star][14d] [C++] [kirillkovalenko/nssm](https://github.com/kirillkovalenko/nssm) Non-Sucking Service Manager
- [**339**Star][4m] [PS] [joelgmsec/autordpwn](https://github.com/joelgmsec/autordpwn) The Shadow Attack Framework
- [**339**Star][13d] [JS] [jivesearch/jivesearch](https://github.com/jivesearch/jivesearch) A search engine that doesn't track you.
- [**339**Star][10d] [Py] [ius/rsatool](https://github.com/ius/rsatool) rsatool can be used to calculate RSA and RSA-CRT parameters
- [**339**Star][4m] [Java] [exalab/anlinux-app](https://github.com/exalab/anlinux-app) AnLinux allow you to run Linux on Android without root access.
- [**339**Star][5y] [Py] [byt3bl33d3r/pth-toolkit](https://github.com/byt3bl33d3r/pth-toolkit) Modified version of the passing-the-hash tool collection made to work straight out of the box
- [**339**Star][4y] [C#] [ben0xa/nps](https://github.com/ben0xa/nps) Not PowerShell
- [**338**Star][1m] [TS] [plasma-umass/bleak](https://github.com/plasma-umass/bleak) Automatically Debugging Memory Leaks in Web Applications
- [**338**Star][1y] [Py] [s0md3v/jshell](https://github.com/s0md3v/JShell) JShell - Get a JavaScript shell with XSS.
- [**338**Star][11d] [JS] [taniarascia/sandbox](https://github.com/taniarascia/sandbox) Development sandbox for front end projects and tutorials.
- [**338**Star][11d] [C++] [knxd/knxd](https://github.com/knxd/knxd) a very common building automation protocol which runs on dedicated 9600-baud wire as well as IP multicast
- [**338**Star][12d] [Py] [kahunalu/pwnbin](https://github.com/kahunalu/pwnbin) Python Pastebin Webcrawler that returns list of public pastebins containing keywords
- [**338**Star][10d] [Py] [justicerage/freedomfighting](https://github.com/justicerage/freedomfighting) A collection of scripts which may come in handy during your freedom fighting activities.
- [**338**Star][13d] [Py] [appsecco/the-art-of-subdomain-enumeration](https://github.com/appsecco/the-art-of-subdomain-enumeration) This repository contains all the supplement material for the book "The art of sub-domain enumeration"
- [**337**Star][3y] [C] [fedjmike/mini-c](https://github.com/fedjmike/mini-c) Dr Strangehack, or: how to write a self-hosting C compiler in 10 hours
- [**337**Star][10d] [Go] [grafeas/kritis](https://github.com/grafeas/kritis) Deploy-time Policy Enforcer for Kubernetes applications
- [**337**Star][9d] [Py] [0xinfection/xsrfprobe](https://github.com/0xInfection/XSRFProbe) The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
- [**337**Star][10d] [Py] [williballenthin/python-idb](https://github.com/williballenthin/python-idb)  a library for accessing the contents of IDA Pro databases
- [**337**Star][1m] [slowmist/eos-bp-nodes-security-checklist](https://github.com/slowmist/eos-bp-nodes-security-checklist) EOS bp nodes security checklist
- [**337**Star][11d] [Java] [shengqi158/fastjson-remote-code-execute-poc](https://github.com/shengqi158/fastjson-remote-code-execute-poc) fastjson remote code execute poc 
- [**337**Star][10d] [JS] [pownjs/pown-recon](https://github.com/pownjs/pown-recon) A powerful target reconnaissance framework powered by graph theory.
- [**337**Star][12d] [C] [pmem/syscall_intercept](https://github.com/pmem/syscall_intercept) The system call intercepting library
- [**337**Star][10d] [Lua] [pentesteracademy/patoolkit](https://github.com/pentesteracademy/patoolkit) a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the macro analyzer and threat hunter.
- [**337**Star][11d] [Kotlin] [ollide/intellij-java2smali](https://github.com/ollide/intellij-java2smali) A plugin for IntelliJ IDEA & Android Studio to easily compile Java & Kotlin files to smali.
- [**337**Star][13d] [PHP] [offensive-security/masscan-web-ui](https://github.com/offensive-security/masscan-web-ui) MASSCAN Web UI
- [**337**Star][19d] [Java] [nationalsecurityagency/timely](https://github.com/nationalsecurityagency/timely) Accumulo backed time series database
- [**337**Star][4m] [C] [mbevand/silentarmy](https://github.com/mbevand/silentarmy) Zcash miner optimized for AMD & Nvidia GPUs
- [**337**Star][20d] [Py] [dpwe/audfprint](https://github.com/dpwe/audfprint) Landmark-based audio fingerprinting
- [**337**Star][11d] [Java] [denimgroup/threadfix](https://github.com/denimgroup/threadfix) a software vulnerability management platform. This GitHub site is far out of date. Please go to
- [**337**Star][17d] [C] [ascii-boxes/boxes](https://github.com/ascii-boxes/boxes) Command line ASCII boxes unlimited!
- [**337**Star][10d] [TeX] [alobbs/macchanger](https://github.com/alobbs/macchanger) makes the maniputation of MAC addresses of network interfaces easier.
- [**337**Star][4m] [Shell] [0xm3r/cgpwn](https://github.com/0xm3r/cgpwn) A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks
- [**336**Star][10d] [Go] [p4gefau1t/trojan-go](https://github.com/p4gefau1t/trojan-go) Go实现的Trojan代理，支持自动证书申请/多路复用/路由功能/CDN中转，多平台，无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW.
- [**336**Star][4m] [Py] [yzddmr6/webcrack](https://github.com/yzddmr6/webcrack) WebCrack是一款web后台弱口令/万能密码批量检测工具，在工具中导入后台地址即可进行自动化检测。
- [**336**Star][2y] [Java] [ysrc/liudao](https://github.com/ysrc/liudao) “六道”实时业务风控系统
- [**336**Star][12d] [waylau/vpngate-mirrors](https://github.com/waylau/vpngate-mirrors) Here are the newset VPN Gate web site’s mirrors .With the VPN Gate, you can get through your government's firewall to browse restricted websites.提供最新的访问 VPN Gate 镜像网站,通过使用 VPN 自由访问互联网(翻墙)！
- [**336**Star][11d] [Shell] [vanhoefm/modwifi](https://github.com/vanhoefm/modwifi) Advanced Wi-Fi Attacks Using Commodity Hardware
- [**336**Star][4m] [PHP] [tanjiti/webshellsample](https://github.com/tanjiti/webshellsample) webshell sample for WebShell Log Analysis
- [**336**Star][4y] [C] [steakknife/unsign](https://github.com/steakknife/unsign) Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)
- [**336**Star][4m] [Py] [sofianehamlaoui/lockdoor-framework](https://github.com/sofianehamlaoui/lockdoor-framework) 
- [**336**Star][16d] [PHP] [snoopysecurity/dvws](https://github.com/snoopysecurity/dvws) Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is out of date, please use
- [**336**Star][4m] [PS] [nettitude/poshc2](https://github.com/nettitude/PoshC2) A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
- [**336**Star][4m] [PS] [nettitude/poshc2](https://github.com/nettitude/poshc2) Python Server for PoshC2
- [**336**Star][3y] [C#] [liberxue/wechatyunchart](https://github.com/liberxue/wechatyunchart) 微信多开多账号机器人 云客服系统 微商营销 系统web协议一键登录 非公众号微信机器人微信群管家 微信自动回复 微信定时发送消息 微信多账号登录 微信网页版本协议多开 一键登录 红包数量提醒 微信用户识别男女签名备注地理位置等，群发 自动发消息 定时发消息 群消息监控 机器人回复 ，定时回复，超时回复 聊天记录保存，聊天记录查看
- [**336**Star][9m] [PS] [kevin-robertson/powermad](https://github.com/kevin-robertson/powermad) PowerShell MachineAccountQuota and DNS exploit tools
- [**336**Star][11d] [Py] [hacktoolspack/hack-tools](https://github.com/hacktoolspack/hack-tools) hack tools
- [**336**Star][4m] [C#] [fireeye/sharpersist](https://github.com/fireeye/sharpersist) Windows persistence toolkit 
- [**336**Star][5m] [Java] [datatheorem/trustkit-android](https://github.com/datatheorem/trustkit-android) Easy SSL pinning validation and reporting for Android.
- [**336**Star][2m] [HTML] [cxxr/lostpass](https://github.com/cxxr/lostpass) Pixel-perfect LastPass phishing
- [**336**Star][18d] [Java] [adjust/android_sdk](https://github.com/adjust/android_sdk) This is the Android SDK of Adjust
- [**335**Star][14d] [Java] [widdix/aws-s3-virusscan](https://github.com/widdix/aws-s3-virusscan) Free Antivirus for S3 Buckets
- [**335**Star][6m] [HTML] [vanhauser-thc/thc-archive](https://github.com/vanhauser-thc/thc-archive) All releases of the security research group (a.k.a. hackers) The Hacker's Choice
- [**335**Star][17d] [Go] [square/sharkey](https://github.com/square/sharkey) Sharkey is a service for managing certificates for use by OpenSSH
- [**335**Star][1m] [pxlpnk/awesome-ruby-security](https://github.com/pxlpnk/awesome-ruby-security) Awesome Ruby Security resources
- [**335**Star][15d] [Ruby] [packetfu/packetfu](https://github.com/packetfu/packetfu) a mid-level packet manipulation library for Ruby
- [**335**Star][12d] [PHP] [nakiami/mellivora](https://github.com/nakiami/mellivora) Mellivora is a CTF engine written in PHP
- [**335**Star][11d] [Py] [kootenpv/gittyleaks](https://github.com/kootenpv/gittyleaks) Discover where your sensitive data has been leaked.
- [**335**Star][4y] [Visual Basic .NET] [khr0x40sh/macroshop](https://github.com/khr0x40sh/macroshop) Collection of scripts to aid in delivering payloads via Office Macros. Most are python. See
- [**335**Star][10d] [Py] [j91321/rext](https://github.com/j91321/rext) Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices.
- [**335**Star][14d] [Py] [efforg/starttls-everywhere](https://github.com/efforg/starttls-everywhere) A system for ensuring & authenticating STARTTLS encryption between mail servers
- [**335**Star][15d] [Java] [brutall/brut.apktool](https://github.com/brutall/brut.apktool) A tool for reverse engineering Android apk files
- [**335**Star][6m] [Jupyter Notebook] [beeva/beeva-best-practices](https://github.com/beeva/beeva-best-practices) Best Practices and Style Guides in BEEVA
- [**335**Star][10d] [Py] [baderj/domain_generation_algorithms](https://github.com/baderj/domain_generation_algorithms) Some results of my DGA reversing efforts
- [**334**Star][25d] [Py] [evilcos/crawlers](https://github.com/evilcos/crawlers) Some crawlers u know it:-)
- [**334**Star][15d] [vysecurity/domainfrontinglists](https://github.com/vysecurity/DomainFrontingLists) A list of Domain Frontable Domains by CDN
- [**334**Star][6m] [Go] [wangyihang/platypus](https://github.com/wangyihang/platypus)  A modern multiple reverse shell sessions/clients manager via terminal written in go
- [**334**Star][12d] [JS] [vngkv123/asiagaming](https://github.com/vngkv123/asiagaming) Chrome, Safari Exploitation
- [**334**Star][2y] [Py] [tnich/honssh](https://github.com/tnich/honssh)  log all SSH communications between a client and server.
- [**334**Star][1m] [snyk/vulnerabilitydb](https://github.com/snyk/vulnerabilitydb) Snyk's public vulnerability database
- [**334**Star][2y] [JS] [shmakov/honeypot](https://github.com/shmakov/honeypot) Low interaction honeypot that displays real time attacks
- [**334**Star][27d] [C] [pwarren/rtl-entropy](https://github.com/pwarren/rtl-entropy) An entropy generator using SDR peripherals, including rtl-sdr and BladeRF
- [**334**Star][2y] [C++] [polidea/siriusobfuscator](https://github.com/polidea/siriusobfuscator) a tool for performing source-to-source obfuscation of Swift projects
- [**334**Star][5m] [Py] [pfalcon/scratchabit](https://github.com/pfalcon/scratchabit) Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
- [**334**Star][16d] [PHP] [pan-unit42/iocs](https://github.com/pan-unit42/iocs) Indicators from Unit 42 Public Reports
- [**334**Star][4m] [C] [olimex/diy-laptop](https://github.com/olimex/diy-laptop) Do It Yourself Open Source Hardware and Software Modular Hacker's Friendly Laptop
- [**334**Star][11d] [Py] [nightbringer21/fridump](https://github.com/nightbringer21/fridump) A universal memory dumper using Frida
- [**334**Star][12d] [PHP] [grt1st/wooyun_search](https://github.com/grt1st/wooyun_search) 乌云公开漏洞、知识库搜索 search from wooyun.org
- [**334**Star][8d] [C] [eua/wxhexeditor](https://github.com/eua/wxhexeditor) wxHexEditor official GIT repo
- [**334**Star][6m] [C] [dhuertas/aes](https://github.com/dhuertas/aes) AES algorithm implementation in C
- [**334**Star][3y] [Py] [cyberheartmi9/cve-2017-12617](https://github.com/cyberheartmi9/cve-2017-12617) Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
- [**333**Star][12d] [Py] [0xb0bb/pwndra](https://github.com/0xb0bb/pwndra) A collection of pwn/CTF related utilities for Ghidra
- [**333**Star][3m] [Shell] [kennyn510/wpa2-wordlists](https://github.com/kennyn510/wpa2-wordlists) A collection of wordlists dictionaries for password cracking
- [**333**Star][11d] [Java] [ztosec/secscan-authcheck](https://github.com/ztosec/secscan-authcheck) 越权检测工具
- [**333**Star][13d] [wallarm/awesome-nginx-security](https://github.com/wallarm/awesome-nginx-security) A curated list of awesome links related to application/API security in NGINX environment.
- [**333**Star][8d] [Py] [travitch/whole-program-llvm](https://github.com/travitch/whole-program-llvm) A wrapper script to build whole-program LLVM bitcode files
- [**333**Star][3y] [Java] [seven456/safewebview](https://github.com/seven456/safewebview) Android Safe WebView、解决WebView的Js对象注入漏洞、支持网页将JS函数（function）传到Java层，方便回调；
- [**333**Star][2y] [JS] [nccgroup/wssip](https://github.com/nccgroup/wssip) Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
- [**333**Star][12d] [Py] [knipknap/exscript](https://github.com/knipknap/exscript) A Python module making Telnet and SSH easy
- [**333**Star][2m] [Py] [jandre/safe-commit-hook](https://github.com/jandre/safe-commit-hook) pre-commit hook for Git that checks for suspicious files.
- [**333**Star][11d] [Py] [immunit/drupwn](https://github.com/immunit/drupwn) Drupal enumeration & exploitation tool
- [**333**Star][3y] [Py] [faizann24/fwaf-machine-learning-driven-web-application-firewall](https://github.com/faizann24/fwaf-machine-learning-driven-web-application-firewall) Machine learning driven web application firewall to detect malicious queries with high accuracy.
- [**333**Star][4m] [PS] [canix1/adaclscanner](https://github.com/canix1/adaclscanner) Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
- [**333**Star][2m] [TeX] [boazbk/crypto](https://github.com/boazbk/crypto) Lecture notes for a course on cryptography
- [**332**Star][6m] [Go] [gchaincl/sqlhooks](https://github.com/gchaincl/sqlhooks) Attach hooks to any database/sql driver
- [**332**Star][10d] [TS] [patrickjuchli/basic-ftp](https://github.com/patrickjuchli/basic-ftp) FTP client for Node.js, supports explicit FTPS over TLS, passive mode over IPv6, async/await, and Typescript.
- [**332**Star][13d] [PHP] [kelunik/acme-client](https://github.com/kelunik/acme-client) Let's Encrypt / ACME client written in PHP for the CLI.
- [**332**Star][10d] [JS] [lirantal/lockfile-lint](https://github.com/lirantal/lockfile-lint) Lint an npm or yarn lockfile to analyze and detect security issues
- [**332**Star][4m] [JS] [womenwhocodenyc/algorithms](https://github.com/womenwhocodenyc/algorithms) This monthly meetup focuses on white boarding algorithms.
- [**332**Star][18d] [PHP] [voku/anti-xss](https://github.com/voku/anti-xss) 
- [**332**Star][2y] [Py] [vmware/liota](https://github.com/vmware/liota)  offering some convenience for IoT solution developers in creating IoT Edge System data orchestration applications
- [**332**Star][11d] [Py] [thunderex/py-kms](https://github.com/thunderex/py-kms) A KMS server written in python.
- [**332**Star][4m] [Py] [securing/dumpsterdiver](https://github.com/securing/dumpsterdiver) Tool to search secrets in various filetypes.
- [**332**Star][4m] [Py] [owasp/owasp-vwad](https://github.com/owasp/owasp-vwad) The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
- [**332**Star][25d] [Py] [nneonneo/sha1collider](https://github.com/nneonneo/sha1collider) Build two PDFs that have different content but identical SHA1 sums.
- [**332**Star][11d] [Java] [mp911de/logstash-gelf](https://github.com/mp911de/logstash-gelf) Graylog Extended Log Format (GELF) implementation in Java for all major logging frameworks: log4j, log4j2, java.util.logging, logback, JBossAS7 and WildFly 8-12
- [**332**Star][4m] [Java] [mar-v-in/arthook](https://github.com/mar-v-in/arthook) Library for hooking on ART
- [**332**Star][16d] [HTML] [intezer/linux-explorer](https://github.com/intezer/linux-explorer) Easy-to-use live forensics toolbox for Linux endpoints
- [**332**Star][3m] [JS] [hr/crypter](https://github.com/hr/crypter) An innovative, convenient and secure cross-platform encryption app
- [**332**Star][13d] [JS] [ethereum/devp2p](https://github.com/ethereum/devp2p) Ethereum peer-to-peer networking specifications
- [**332**Star][12d] [C++] [crosire/d3d8to9](https://github.com/crosire/d3d8to9) A D3D8 pseudo-driver which converts API calls and bytecode shaders to equivalent D3D9 ones.
- [**332**Star][4m] [Py] [coalfire-research/slackor](https://github.com/coalfire-research/slackor) A Golang implant that uses Slack as a command and control server
- [**332**Star][4m] [Shell] [1n3/reverseapk](https://github.com/1n3/reverseapk) Quickly analyze and reverse engineer Android packages
- [**332**Star][1y] [c] [tildeslash/monit](https://bitbucket.org/tildeslash/monit) for managing and monitoring, processes, programs, files, directories and filesystems on a UNIX system. 
- [**331**Star][13d] [Py] [edwardz246003/shadowsocks](https://github.com/edwardz246003/shadowsocks) Redirect attack on Shadowsocks stream ciphers
- [**331**Star][9d] [C] [mwarning/kadnode](https://github.com/mwarning/kadnode) P2P DNS with content key, crypto key and PKI support. DynDNS alternative.
- [**331**Star][21d] [C++] [xilun/cbwin](https://github.com/xilun/cbwin) Launch Windows programs from "Bash on Ubuntu on Windows" (WSL)
- [**331**Star][12d] [Py] [trustedsec/nps_payload](https://github.com/trustedsec/nps_payload) This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (
- [**331**Star][4m] [Py] [thekingofduck/easyxsspayload](https://github.com/thekingofduck/easyxsspayload) XssPayload List . Usage:
- [**331**Star][9d] [Go] [openzipkin/zipkin-go](https://github.com/openzipkin/zipkin-go) Zipkin tracer library for go
- [**331**Star][13d] [C] [jvinet/knock](https://github.com/jvinet/knock) A port-knocking daemon
- [**331**Star][18d] [C++] [fdiskyou/hunter](https://github.com/fdiskyou/hunter) (l)user hunter using WinAPI calls only
- [**331**Star][12d] [Ruby] [evait-security/envizon](https://github.com/evait-security/envizon) network visualization & vulnerability management/reporting
- [**331**Star][4m] [C] [dlxg/linux-netspeed](https://github.com/dlxg/linux-netspeed) BBR+BBR魔改+Lotsever(锐速)一键脚本 for Centos/Debian/Ubuntu
- [**331**Star][27d] [Py] [cisco-sas/kitty](https://github.com/cisco-sas/kitty) Fuzzing framework written in python
- [**331**Star][2y] [JS] [arno0x/dnsexfiltrator](https://github.com/arno0x/dnsexfiltrator) Data exfiltration over DNS request covert channel
- [**330**Star][12d] [jetlinks/jetlinks](https://github.com/jetlinks/jetlinks) JetLinks Core
- [**330**Star][20d] [Go] [muka/go-bluetooth](https://github.com/muka/go-bluetooth) Golang bluetooth client based on bluez DBus interfaces
- [**330**Star][8d] [Go] [colettecontreras/v2ray-poseidon](https://github.com/colettecontreras/v2ray-poseidon) An Enhanced V2Ray(based on v2ray-core) for VNetPanel, SSRPanel, V2board and SSPanel-v3-Uim to sync users from database to v2ray, to log traffics/system info
- [**330**Star][14d] [JS] [asoul/tsrtc](https://github.com/asoul/tsrtc) 台灣股票即時爬蟲。Taiwan Stock Exchange Real Time Crawler
- [**330**Star][21d] [C] [coinfoundry/miningcore](https://github.com/coinfoundry/miningcore) Miningcore is a high-performance Mining-Pool Engine that runs on Linux and Windows and supports a variety of crypto-currencies.
- [**330**Star][9d] [Py] [tzuhsial/instagramcrawler](https://github.com/tzuhsial/instagramcrawler) A non API python program to crawl public photos, posts or followers
- [**330**Star][21d] [Solidity] [provable-things/ethereum-examples](https://github.com/provable-things/ethereum-examples) Code examples showing how to use the Provable API on Ethereum
- [**330**Star][12d] [Py] [ztrix/zio](https://github.com/ztrix/zio) easy-to-use io library for pwning development, supporting an unified interface for local process pwning and TCP socket io
- [**330**Star][7y] [JS] [toolness/security-adventure](https://github.com/toolness/security-adventure) Go on an educational Web security adventure!
- [**330**Star][12d] [Go] [tmc/grpc-websocket-proxy](https://github.com/tmc/grpc-websocket-proxy) A proxy to transparently upgrade grpc-gateway streaming endpoints to use websockets
- [**330**Star][5m] [Py] [sharadkumar97/osint-spy](https://github.com/sharadkumar97/osint-spy) Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY.
- [**330**Star][22d] [Py] [sgayou/medfusion-4000-research](https://github.com/sgayou/medfusion-4000-research) Medfusion 4000 security research & a MQX RCE.
- [**330**Star][11d] [Py] [saghul/aiodns](https://github.com/saghul/aiodns) Simple DNS resolver for asyncio
- [**330**Star][4m] [JS] [pglombardo/passwordpusher](https://github.com/pglombardo/passwordpusher) 
- [**330**Star][11m] [Py] [mvrozanti/rat-via-telegram](https://github.com/mvrozanti/rat-via-telegram) Windows Remote Administration Tool via Telegram
- [**330**Star][17d] [HTML] [mozillasecurity/fuzzdata](https://github.com/mozillasecurity/fuzzdata) Fuzzing resources for feeding various fuzzers with input.
- [**330**Star][7y] [C#] [moserware/skills](https://github.com/moserware/skills) A detailed implementation of the TrueSkill algorithm to go along with my "Computing Your Skill" blog post
- [**330**Star][8d] [Go] [colettecontreras/v2ray-poseidon](https://github.com/ColetteContreras/v2ray-poseidon) An Enhanced V2Ray(based on v2ray-core) for VNetPanel, SSRPanel, V2board and SSPanel-v3-Uim to sync users from database to v2ray, to log traffics/system info
- [**329**Star][12d] [Py] [mbinary/netease-music-cracker](https://github.com/mbinary/netease-music-cracker) 
- [**329**Star][7m] [Java] [iot-technology/iot-technical-guide](https://github.com/iot-technology/iot-technical-guide) 最好的物联网技术指南 - 抽丝拨茧Thingsboard和思考阿里云物联网平台
- [**329**Star][8d] [JS] [zhuyingda/webster](https://github.com/zhuyingda/webster) a reliable high-level web crawling & scraping framework for Node.js.
- [**329**Star][4m] [Shell] [wuseman/emagnet](https://github.com/wuseman/emagnet) find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks.
- [**329**Star][10d] [trimstray/technical-whitepapers](https://github.com/trimstray/technical-whitepapers) Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
- [**329**Star][12d] [Py] [r3vn/badkarma](https://github.com/r3vn/badkarma) network reconnaissance toolkit
- [**329**Star][13d] [Py] [punch-cyber/stoq](https://github.com/punch-cyber/stoq) simplify the mundane and repetitive tasks an analyst is required to do
- [**329**Star][3m] [C++] [niemand-sec/anticheat-testing-framework](https://github.com/niemand-sec/anticheat-testing-framework) Framework to test any Anti-Cheat
- [**329**Star][18d] [Py] [hequan2017/autoops](https://github.com/hequan2017/autoops) linux资产管理,cmdb,django, webssh,运维管理平台，数据库操作平台 本项目已停止开发！因长时间未对代码进行维护，可能会造成项目在不同环境上无法部署、运行BUG等问题，请知晓！项目仅供参考！
- [**329**Star][2m] [C++] [hasherezade/bearparser](https://github.com/hasherezade/bearparser) Portable Executable parsing library (from PE-bear)
- [**329**Star][1y] [cryin/paper](https://github.com/cryin/paper) Web Security Technology & Vulnerability Analysis Whitepapers
- [**329**Star][6m] [C#] [ch0pin/aviator](https://github.com/ch0pin/aviator) Antivirus evasion project
- [**329**Star][13d] [C] [caseyscarborough/keylogger](https://github.com/caseyscarborough/keylogger) A no-frills keylogger for Mac OS X.
- [**328**Star][4m] [C] [linushenze/fugu](https://github.com/linushenze/fugu) Fugu is the first open source jailbreak based on the checkm8 exploit
- [**328**Star][10d] [Py] [kimmeen/weibo-analyst](https://github.com/kimmeen/weibo-analyst) Social media (Weibo) comments analyzing toolbox in Chinese 
- [**328**Star][13d] [C++] [valvesoftware/csgo-demoinfo](https://github.com/valvesoftware/csgo-demoinfo) CS:GO demo parsing tool
- [**328**Star][9d] [Py] [hatching/vmcloak](https://github.com/hatching/vmcloak) Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
- [**328**Star][13d] [Py] [klsecservices/rpivot](https://github.com/klsecservices/rpivot) socks4 reverse proxy for penetration testing
- [**328**Star][6m] [Shell] [zmarch/orc](https://github.com/zmarch/orc) Orc is a post-exploitation framework for Linux written in Bash
- [**328**Star][2y] [Py] [stormshadow07/hacktheworld](https://github.com/stormshadow07/hacktheworld) An Python Script For Generating Payloads that Bypasses All Antivirus so far .
- [**328**Star][12d] [Java] [shred/acme4j](https://github.com/shred/acme4j) a protocol that a certificate authority (CA) and an applicant can use to automate the process of verification and certificate issuance
- [**328**Star][2m] [JS] [qgy18/pangolin](https://github.com/qgy18/pangolin) A light weight http tunnels to localhost.
- [**328**Star][5m] [QMake] [ncatlin/rgat](https://github.com/ncatlin/rgat) An instruction trace visualisation tool for dynamic program analysis
- [**328**Star][5m] [VBA] [itm4n/vba-runpe](https://github.com/itm4n/vba-runpe) A VBA implementation of the RunPE technique or how to bypass application whitelisting.
- [**328**Star][1m] [C] [ioerror/tlsdate](https://github.com/ioerror/tlsdate) secure parasitic rdate replacement
- [**328**Star][4m] [crazywa1ker/darthsidious-chinese](https://github.com/crazywa1ker/darthsidious-chinese) DarthSidious 中文版
- [**328**Star][3m] [Py] [christhecoolhut/firmware_slap](https://github.com/christhecoolhut/firmware_slap) Discovering vulnerabilities in firmware through concolic analysis and function clustering.
- [**328**Star][4y] [Ruby] [antisnatchor/phishlulz](https://github.com/antisnatchor/phishlulz)  a Ruby toolset aimed at automating Phishing activities.
- [**327**Star][3m] [Py] [baekalfen/pyboy](https://github.com/baekalfen/pyboy) Game Boy emulator written in Python
- [**327**Star][23d] [C++] [mempko/firestr](https://github.com/mempko/firestr) The Grass Computing Platform
- [**327**Star][15d] [Go] [benjojo/bgp-battleships](https://github.com/benjojo/bgp-battleships) Play battleships using BGP
- [**327**Star][4m] [C++] [trailofbits/pe-parse](https://github.com/trailofbits/pe-parse) Principled, lightweight C/C++ PE parser
- [**327**Star][2m] [C] [smartdone/dexdump](https://github.com/smartdone/dexdump) 快速脱一代壳的xposed插件
- [**327**Star][23d] [Py] [sebdah/scrapy-mongodb](https://github.com/sebdah/scrapy-mongodb) MongoDB pipeline for Scrapy. This module supports both MongoDB in standalone setups and replica sets. scrapy-mongodb will insert the items to MongoDB as soon as your spider finds data to extract.
- [**327**Star][11d] [Ruby] [michenriksen/birdwatcher](https://github.com/michenriksen/birdwatcher) Data analysis and OSINT framework for Twitter
- [**327**Star][16d] [C] [bcoles/kernel-exploits](https://github.com/bcoles/kernel-exploits) Various kernel exploits
- [**327**Star][1y] [C++] [anhkgg/superdllhijack](https://github.com/anhkgg/superdllhijack) A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 
- [**327**Star][14d] [Shell] [0ki/mikrotik-tools](https://github.com/0ki/mikrotik-tools) Tools for Mikrotik devices -  universal jailbreak tool
- [**326**Star][14d] [Py] [fankcoder/findtrip](https://github.com/fankcoder/findtrip) flight tickets multiple webspider.(scrapy + selenium + phantomjs + mongodb)
- [**326**Star][11d] [PHP] [steverobbins/magescan](https://github.com/steverobbins/magescan) Scan a Magento site for information
- [**326**Star][4m] [JS] [smartdone/frida-scripts](https://github.com/smartdone/frida-scripts) frida scripts
- [**326**Star][5y] [shadowsocksr-rm/shadowsocks-rss](https://github.com/shadowsocksr-rm/shadowsocks-rss) ShadowsocksR update rss, SSR organization
- [**326**Star][10d] [Py] [salls/angrop](https://github.com/salls/angrop) a tool to automatically generate rop chains, built on top of angr's symbolic execution engine, and uses constraint solving for generating chains and understanding the effects of gadgets.
- [**326**Star][4m] [Shell] [qax-a-team/luwu](https://github.com/qax-a-team/luwu) 红队基础设施自动化部署工具
- [**326**Star][4y] [JS] [pwnsdx/randomdns](https://github.com/pwnsdx/randomdns) improve the security, privacy and anonymity of DNSCrypt
- [**326**Star][4y] [C#] [koczkatamas/cve-2016-0051](https://github.com/koczkatamas/cve-2016-0051) EoP (Win7) & BSoD (Win10) PoC for CVE-2016-0051 (MS-016)
- [**326**Star][3m] [C] [jakeajames/rootlessjb3](https://github.com/jakeajames/rootlessjb3) hahh
- [**326**Star][11d] [Py] [fireeye/flare-emu](https://github.com/fireeye/flare-emu) marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks
- [**326**Star][12d] [cryptax/confsec](https://github.com/cryptax/confsec) Security, hacking conferences (list)
- [**326**Star][3m] [Py] [cisco-talos/ghida](https://github.com/cisco-talos/ghida) an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
- [**326**Star][13d] [PHP] [bepsvpt/secure-headers](https://github.com/bepsvpt/secure-headers) PHP Secure Headers
- [**326**Star][11d] [C#] [azuread/azure-activedirectory-library-for-dotnet](https://github.com/azuread/azure-activedirectory-library-for-dotnet) ADAL authentication libraries for .net
- [**326**Star][16d] [Py] [algo7/bluekeep_cve-2019-0708_poc_to_exploit](https://github.com/algo7/bluekeep_cve-2019-0708_poc_to_exploit) An Attempt to Port BlueKeep PoC from
- [**325**Star][11m] [HTML] [helpsystems/pcapy](https://github.com/helpsystems/pcapy) Pcapy is a Python extension module that interfaces with the libpcap packet capture library.
- [**325**Star][1y] [C#] [yalcinyolalan/wssat](https://github.com/yalcinyolalan/wssat) web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files
- [**325**Star][12d] [Shell] [vitaly-kamluk/bitscout](https://github.com/vitaly-kamluk/bitscout) Remote forensics meta tool
- [**325**Star][2y] [C#] [spiderlabs/dohc2](https://github.com/spiderlabs/dohc2) DoHC2 allows the ExternalC2 library from Ryan Hanson (
- [**325**Star][12d] [Go] [rmikehodges/hidensneak](https://github.com/rmikehodges/hidensneak) assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services
- [**325**Star][15d] [Py] [moxie0/chapcrack](https://github.com/moxie0/chapcrack) A tool for parsing and decrypting MS-CHAPv2 network handshakes
- [**325**Star][10d] [Rust] [grapl-security/grapl](https://github.com/grapl-security/grapl) Graph platform for Detection and Response
- [**325**Star][2y] [C#] [ghostpack/sharpup](https://github.com/ghostpack/sharpup) SharpUp is a C# port of various PowerUp functionality.
- [**325**Star][12d] [Perl] [fwaeytens/dnsenum](https://github.com/fwaeytens/dnsenum) dnsenum is a perl script that enumerates DNS information
- [**325**Star][16d] [C++] [frida/cryptoshark](https://github.com/frida/cryptoshark) Self-optimizing cross-platform code tracer based on dynamic recompilation
- [**325**Star][3m] [Py] [circl/lookyloo](https://github.com/circl/lookyloo) Lookyloo is a web interface allowing to scrape a website and then displays a tree of domains calling each other.
- [**325**Star][13d] [Py] [austin-taylor/flare](https://github.com/austin-taylor/flare) An analytical framework for network traffic and behavioral analytics
- [**325**Star][3y] [Py] [allyshka/rogue-mysql-server](https://github.com/allyshka/rogue-mysql-server) MySQL fake server for read files of connected clients
- [**325**Star][17d] [C] [a1ext/labeless](https://github.com/a1ext/labeless) Seamless synchronization of labels, function names, comments and global variables (w/wo demangling); Dynamic dumping of debugged process memory regions
    - [IDA插件](https://github.com/a1ext/labeless/tree/master/labeless_ida) 
    - [OD](https://github.com/a1ext/labeless/tree/master/labeless_olly) 
    - [OD2](https://github.com/a1ext/labeless/tree/master/labeless_olly2) 
    - [x64dbg](https://github.com/a1ext/labeless/tree/master/labeless_x64dbg) 
- [**325**Star][10d] [C] [0xdea/exploits](https://github.com/0xdea/exploits) A handy collection of my public exploits, all in one place.
- [**324**Star][23d] [Py] [openwisp/django-x509](https://github.com/openwisp/django-x509) Reusable django app implementing x509 PKI certificates management
- [**324**Star][15d] [PHP] [elfsundae/laravel-hashid](https://github.com/elfsundae/laravel-hashid) Obfuscate your data by generating reversible, non-sequential, URL-safe identifiers.
- [**324**Star][10d] [C] [grapheneos/hardened_malloc](https://github.com/GrapheneOS/hardened_malloc) Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
- [**324**Star][2m] [Ruby] [carletonstuberg/browser-backdoor](https://github.com/CarletonStuberg/browser-backdoor) BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener
- [**324**Star][1m] [JS] [tes/compoxure](https://github.com/tes/compoxure) Proxy middleware for express that enables composition of microservices.
- [**324**Star][1y] [Py] [screetsec/brutesploit](https://github.com/screetsec/brutesploit) BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
- [**324**Star][14d] [Py] [rootviii/proxy_requests](https://github.com/rootviii/proxy_requests) a class that uses scraped proxies to make http GET/POST requests (Python requests)
- [**324**Star][10d] [qubesos/qubes-issues](https://github.com/qubesos/qubes-issues) The Qubes OS Project issue tracker
- [**324**Star][7m] [C] [ohjeongwook/darungrim](https://github.com/ohjeongwook/darungrim) A patch analysis tool 
    - [IDA插件](https://github.com/ohjeongwook/darungrim/tree/master/Src/IDAPlugin) 
    - [DGEngine](https://github.com/ohjeongwook/darungrim/tree/master/Src/DGEngine) 
- [**324**Star][7m] [Visual Basic .NET] [nccgroup/vcg](https://github.com/nccgroup/vcg) Code security scanning tool.
- [**324**Star][4m] [C#] [matterpreter/offensivecsharp](https://github.com/matterpreter/offensivecsharp) Collection of Offensive C# Tooling
- [**324**Star][27d] [C] [jhuisi/charm](https://github.com/jhuisi/charm) A Framework for Rapidly Prototyping Cryptosystems
- [**324**Star][3m] [C++] [horsicq/die-engine](https://github.com/horsicq/die-engine) DIE engine
- [**324**Star][19d] [TeX] [chronaeon/beigepaper](https://github.com/chronaeon/beigepaper) Rewrite of the Yellowpaper in non-Yellowpaper syntax.
- [**324**Star][2y] [burntmybagel/oscp-prep](https://github.com/burntmybagel/oscp-prep) A list of the resources I use as I get ready for the exam
- [**324**Star][10d] [C#] [adamcaudill/libsodium-net](https://github.com/adamcaudill/libsodium-net) libsodium for .NET - A secure cryptographic library
- [**323**Star][15d] [Go] [udhos/goben](https://github.com/udhos/goben) goben is a golang tool to measure TCP/UDP transport layer throughput between hosts.
- [**323**Star][10d] [C] [jeija/esp32free80211](https://github.com/jeija/esp32free80211) Send arbitrary IEEE 802.11 frames with Espressif's ESP32
- [**323**Star][13d] [C] [jedisct1/pure-ftpd](https://github.com/jedisct1/pure-ftpd) Pure FTP server
- [**323**Star][10d] [Py] [susmithkrishnan/torghost](https://github.com/SusmithKrishnan/torghost) TorGhost is an anonymization script. TorGhost redirects all internet traffic through SOCKS5 tor proxy. DNS requests are also redirected via tor, thus preventing DNSLeak. The scripts also disables unsafe packets exiting the system. Some packets like ping request can compromise your identity.
- [**323**Star][21d] [C] [vusec/revanc](https://github.com/vusec/revanc) Reverse Engineering Page Table Caches in Your Processor
- [**323**Star][4m] [C] [sinakarvandi/hypervisor-from-scratch](https://github.com/sinakarvandi/hypervisor-from-scratch) Source code of a multiple series of tutorial about hypervisor. Available at:
- [**323**Star][1m] [Py] [p1kachu/v0lt](https://github.com/p1kachu/v0lt) Security CTF Toolkit (Not maintained anymore)
- [**323**Star][22d] [HTML] [maaaaz/androwarn](https://github.com/maaaaz/androwarn) Yet another static code analyzer for malicious Android applications
- [**323**Star][17d] [Go] [kubernetes-sigs/application](https://github.com/kubernetes-sigs/application) Application metadata descriptor CRD
- [**323**Star][15d] [C] [gianlucaborello/libprocesshider](https://github.com/gianlucaborello/libprocesshider) Hide a process under Linux using the ld preloader (
- [**323**Star][11d] [Py] [gadfly0x/signature_algorithm](https://github.com/gadfly0x/signature_algorithm) 各种App、小程序、网站的请求签名或加密算法。 现已有：自如、小红书、蛋壳公寓、luckin coffee(瑞幸咖啡)、bangkokair(曼谷航空)
- [**323**Star][8d] [Ruby] [fozavci/viproy-voipkit](https://github.com/fozavci/viproy-voipkit)  Pen-Test Kit for Metasploit Framework
- [**323**Star][4y] [Py] [chinoogawa/fbht](https://github.com/chinoogawa/fbht) Facebook Hacking Tool
- [**323**Star][4m] [ObjC] [auth0/simplekeychain](https://github.com/auth0/simplekeychain) A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
- [**322**Star][12d] [ASP] [gorden5566/padavan](https://github.com/gorden5566/padavan) padavan 简体中文 & 路由器适配
- [**322**Star][14d] [Java] [yuantiku/ytk-learn](https://github.com/yuantiku/ytk-learn) Ytk-learn is a distributed machine learning library which implements most of popular machine learning algorithms(GBDT, GBRT, Mixture Logistic Regression, Gradient Boosting Soft Tree, Factorization Machines, Field-aware Factorization Machines, Logistic Regression, Softmax).
- [**322**Star][21d] [Go] [q2h1cg/dnsbrute](https://github.com/Q2h1Cg/dnsbrute) a fast domain brute tool
- [**322**Star][12d] [Java] [vmware/burp-rest-api](https://github.com/vmware/burp-rest-api) REST/JSON API to the Burp Suite security tool.
- [**322**Star][11m] [C#] [raikia/credninja](https://github.com/raikia/credninja) A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
- [**322**Star][7m] [Py] [nccgroup/pmapper](https://github.com/nccgroup/pmapper) A tool for quickly evaluating IAM permissions in AWS.
- [**322**Star][4m] [C] [nagyd/sdlpop](https://github.com/nagyd/sdlpop) An open-source port of Prince of Persia, based on the disassembly of the DOS version.
- [**322**Star][29d] [Shell] [milesrichardson/docker-onion-nmap](https://github.com/milesrichardson/docker-onion-nmap) Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
- [**322**Star][13d] [Py] [hugsy/defcon_27_windbg_workshop](https://github.com/hugsy/defcon_27_windbg_workshop) DEFCON 27 workshop - Modern Debugging with WinDbg Preview
- [**322**Star][3m] [C#] [hackplayers/salsa-tools](https://github.com/hackplayers/salsa-tools) ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
- [**322**Star][10m] [Batchfile] [frizb/windows-privilege-escalation](https://github.com/frizb/windows-privilege-escalation) Windows Privilege Escalation Techniques and Scripts
- [**322**Star][13d] [Go] [cruise-automation/fwanalyzer](https://github.com/cruise-automation/fwanalyzer) a tool to analyze filesystem images for security
- [**322**Star][26d] [Py] [andresriancho/nimbostratus](https://github.com/andresriancho/nimbostratus) Tools for fingerprinting and exploiting Amazon cloud infrastructures
- [**322**Star][13d] [C] [aanarchyy/bully](https://github.com/aanarchyy/bully) a new implementation of the WPS brute force attack
- [**322**Star][8m] [C] [9176324/shark](https://github.com/9176324/shark) Turn off PatchGuard in real time for win7 (7600) ~ win10 (18950).
- [**321**Star][12d] [C++] [morwenn/cpp-sort](https://github.com/morwenn/cpp-sort) Sorting algorithms & related tools for C++14
- [**321**Star][4m] [Lua] [theherogac/autoplugin](https://github.com/theherogac/autoplugin) Autoplugin for PSVITA
- [**321**Star][9d] [C] [revolutionary/zergrush](https://github.com/revolutionary/zergrush) Android 2.2 / 2.3 local root
- [**321**Star][5m] [C] [rehints/publications](https://github.com/rehints/publications) Conference slides and White-papers
- [**321**Star][11d] [Go] [milo2012/pathbrute](https://github.com/milo2012/pathbrute) 服务器目录/文件爆破工具
- [**321**Star][3y] [JS] [mamboleoo/infinitetubes](https://github.com/mamboleoo/infinitetubes) A tunnel experiment in WebGL inspired by the effect seen on
- [**321**Star][1y] [Py] [a2u/cve-2018-7600](https://github.com/a2u/cve-2018-7600) 
- [**321**Star][20d] [Py] [0xacb/viewgen](https://github.com/0xacb/viewgen) viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
- [**320**Star][10d] [Py] [tianhongdai/reinforcement-learning-algorithms](https://github.com/tianhongdai/reinforcement-learning-algorithms) This repository contains most of pytorch implementation based classic deep reinforcement learning algorithms, including - DQN, DDQN, Dueling Network, DDPG, SAC, A2C, PPO, TRPO. (More algorithms are still in progress)
- [**320**Star][2m] [mattnotmax/cyberchef-recipes](https://github.com/mattnotmax/cyberchef-recipes) A list of cyber-chef recipes
- [**320**Star][18d] [Py] [shuiqukeyou/e-hentaicrawler](https://github.com/shuiqukeyou/e-hentaicrawler) E绅士爬虫项目
- [**320**Star][10d] [Java] [teamwalrus/walrus](https://github.com/TeamWalrus/Walrus) An Android app that lets you use your access control card cloning devices in the field.
- [**320**Star][11d] [C] [tarsnap/scrypt](https://github.com/tarsnap/scrypt) The scrypt key derivation function was originally developed for use in the Tarsnap online backup system and is designed to be far more secure against hardware brute-force attacks than alternative functions such as PBKDF2 or bcrypt.
- [**320**Star][10d] [Go] [snwfdhmp/errlog](https://github.com/snwfdhmp/errlog) Hackable error handling package for reducing debugging time while programming. Use static and stack-trace analysis to determine which func call causes the error.
- [**320**Star][12d] [C] [sixstars/ctf](https://github.com/sixstars/ctf) A writeup summary for CTF competitions, problems.
- [**320**Star][12d] [noorqureshi/kali-linux-cheatsheet](https://github.com/noorqureshi/kali-linux-cheatsheet) Kali Linux Cheat Sheet for Penetration Testers
- [**320**Star][10d] [Py] [minio/minio-py](https://github.com/minio/minio-py) MinIO Client SDK for Python
- [**320**Star][15d] [Java] [membrane/service-proxy](https://github.com/membrane/service-proxy) API gateway for REST and SOAP written in Java.
- [**320**Star][4m] [Ruby] [m0nad/hellraiser](https://github.com/m0nad/hellraiser) Vulnerability Scanner
- [**320**Star][3y] [C] [fireeye/rvmi](https://github.com/fireeye/rvmi) A New Paradigm For Full System Analysis
- [**320**Star][2y] [C++] [exploitagency/esploitv2](https://github.com/exploitagency/esploitv2) WiFi Keystroke Injection Tool designed for an Atmega 32u4/ESP8266 Paired via Serial (Cactus WHID Firmware). Also features Serial, HTTP, and PASV FTP exfiltration methods and an integrated Credential Harvester Phishing tool called ESPortal.
- [**320**Star][3y] [PS] [dafthack/powermeta](https://github.com/dafthack/powermeta) PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonl…
- [**320**Star][4m] [PS] [cloudbase/windows-openstack-imaging-tools](https://github.com/cloudbase/windows-openstack-imaging-tools) Tools to automate the creation of a Windows image for OpenStack, supporting KVM, Hyper-V, ESXi and more.
- [**320**Star][7m] [C++] [changeofpace/viviennevmm](https://github.com/changeofpace/viviennevmm) VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
- [**320**Star][3m] [Shell] [chaifeng/ufw-docker](https://github.com/chaifeng/ufw-docker) To fix the Docker and UFW security flaw without disabling iptables
- [**320**Star][3y] [Py] [blueskyz/dhtcrawler](https://github.com/blueskyz/dhtcrawler) python 编写的DHT Crawler 网络爬虫，抓取磁力链接
- [**320**Star][2m] [JS] [bettercap/caplets](https://github.com/bettercap/caplets) bettercap scripts (caplets) and proxy modules.
- [**320**Star][21d] [C] [basil00/reqrypt](https://github.com/basil00/reqrypt) A censorship circumvention tool
- [**319**Star][10d] [Go] [ihciah/rabbit-tcp](https://github.com/ihciah/rabbit-tcp) A multi-connection TCP forwarder/accelerator
- [**319**Star][11d] [PHP] [walkor/workerman-statistics](https://github.com/walkor/workerman-statistics) 一个分布式统计监控系统 包含PHP客户端 、服务端
- [**319**Star][12d] [Py] [lengjibo/dedecmscan](https://github.com/lengjibo/dedecmscan) 织梦全版本漏洞扫描
- [**319**Star][10d] [Py] [nucypher/nucypher](https://github.com/nucypher/nucypher) A decentralized network offering accessible, intuitive, and extensible cryptographic runtimes and interfaces for secrets management and dynamic access control.
- [**319**Star][22d] [Py] [xiaomi-sa/smartdns](https://github.com/xiaomi-sa/smartdns) 基于Twisted实现的智能dns系统
- [**319**Star][25d] [Py] [timsutton/python-macadmin-tools](https://github.com/timsutton/python-macadmin-tools) List of open-source Python-based Mac sysadmin tools
- [**319**Star][7d] [C] [stephenbradshaw/vulnserver](https://github.com/stephenbradshaw/vulnserver) Vulnerable server used for learning software exploitation
- [**319**Star][3y] [C] [sdhand/x11fs](https://github.com/sdhand/x11fs) A tool for manipulating X windows
- [**319**Star][18d] [Java] [jflex-de/jflex](https://github.com/jflex-de/jflex) The fast scanner generator for Java™ with full Unicode support
- [**319**Star][11d] [TeX] [hjl-tools/x86-psabi](https://github.com/hjl-tools/x86-psabi) x86 psABI download
- [**319**Star][10d] [Assembly] [guitmz/virii](https://github.com/guitmz/virii) Collection of ancient computer virus source codes
- [**319**Star][11d] [C++] [draperlaboratory/fracture](https://github.com/draperlaboratory/fracture) an architecture-independent decompiler to LLVM IR
- [**318**Star][10d] [Py] [salesforce/cloudsplaining](https://github.com/salesforce/cloudsplaining) Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report with a triage worksheet.
- [**318**Star][4m] [Py] [pspreverse/psptool](https://github.com/pspreverse/psptool) Display, extract, and manipulate PSP firmware inside UEFI images
- [**318**Star][6m] [C#] [zodiacon/procmonx](https://github.com/zodiacon/procmonx) Extended Process Monitor-like tool based on Event Tracing for Windows
- [**318**Star][11m] [Py] [wangyihang/githacker](https://github.com/wangyihang/githacker) a multiple threads tool to detect whether a site has git source leaks,   and has the ability to download the site source to the local
- [**318**Star][4m] [C++] [tevador/randomx](https://github.com/tevador/randomx) Proof of work algorithm based on random code execution
- [**318**Star][20d] [C++] [sensepost/rattler](https://github.com/sensepost/rattler) Automated DLL Enumerator
- [**318**Star][5y] [C] [seastorm/puttyrider](https://github.com/seastorm/puttyrider) Hijack Putty sessions in order to sniff conversation and inject Linux commands.
- [**318**Star][3y] [C] [scumjr/dirtycow-vdso](https://github.com/scumjr/dirtycow-vdso) PoC for Dirty COW (CVE-2016-5195)
- [**318**Star][9m] [C++] [rolfrolles/hexraysdeob](https://github.com/rolfrolles/hexraysdeob) Hex-Rays microcode API plugin for breaking an obfuscating compiler
- [**318**Star][1m] [marcan/speculation-bugs](https://github.com/marcan/speculation-bugs) Docs and resources on CPU Speculative Execution bugs
- [**318**Star][5m] [Java] [ilmila/j2eescan](https://github.com/ilmila/j2eescan) a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
- [**318**Star][12d] [Py] [hellman/libformatstr](https://github.com/hellman/libformatstr) Simplify format string exploitation.
- [**318**Star][9m] [PS] [enigma0x3/misc-powershell-stuff](https://github.com/enigma0x3/misc-powershell-stuff) random powershell goodness
- [**318**Star][3m] [Py] [pspreverse/psptool](https://github.com/PSPReverse/psptool) Display, extract, and manipulate PSP firmware inside UEFI images
- [**317**Star][9d] [Py] [wwwpf/qzoneexporter](https://github.com/wwwpf/qzoneexporter) QQ空间爬虫，可导出并显示日志、相册、留言板、说说、照片、视频等数据。
- [**317**Star][15d] [JS] [hugetiny/negibox](https://github.com/hugetiny/negibox) All in one downloader 全能下载器
- [**317**Star][12d] [Go] [spacemeshos/go-spacemesh](https://github.com/spacemeshos/go-spacemesh) Go Implementation of the Spacemesh protocol full node.
- [**317**Star][13d] [Go] [zmap/zdns](https://github.com/zmap/zdns) Fast CLI DNS Lookup Tool
- [**317**Star][12d] [Py] [zhl2008/awd-platform](https://github.com/zhl2008/awd-platform) a project to set up your awd environment(web challenges only) quickly
- [**317**Star][12d] [C] [vusec/vuzzer](https://github.com/vusec/vuzzer) depends heavily on a modeified version of DataTracker, which in turn depends on LibDFT pintool.
- [**317**Star][15d] [C] [skx/simple.vm](https://github.com/skx/simple.vm) Simple virtual machine which inteprets bytecode.
- [**317**Star][10d] [Py] [pmsosa/duckhunt](https://github.com/pmsosa/duckhunt) Prevent RubberDucky (or other keystroke injection) attacks
- [**317**Star][1y] [HTML] [nccgroup/crosssitecontenthijacking](https://github.com/nccgroup/crosssitecontenthijacking) Content hijacking proof-of-concept using Flash, PDF and Silverlight
- [**317**Star][10d] [C++] [jmmartinez/easy-just-in-time](https://github.com/jmmartinez/easy-just-in-time) LLVM Optimization to extract a function, embedded in its intermediate representation in the binary, and execute it using the LLVM Just-In-Time compiler.
- [**317**Star][13d] [C] [firefart/dirtycow](https://github.com/firefart/dirtycow) 
- [**317**Star][3y] [Py] [ethventures/cryptotracker](https://github.com/ethventures/cryptotracker) A complete open source system for tracking and visualizing cryptocurrency price movements on leading exchanges
- [**317**Star][2m] [ObjC] [doadam/ziva](https://github.com/doadam/ziva) An iOS kernel exploit designated to work on all iOS devices <= 10.3.1
- [**317**Star][11m] [0xradi/owasp-web-checklist](https://github.com/0xradi/owasp-web-checklist) OWASP Web Application Security Testing Checklist
- [**317**Star][4m] [Py] [0xinfection/xsrfprobe](https://github.com/0xinfection/xsrfprobe) The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
- [**316**Star][4m] [Swift] [johnlui/fireupyourvpn](https://github.com/johnlui/fireupyourvpn) 在通知中心一键启用 VPN
- [**316**Star][11d] [ObjC] [toy/blueutil](https://github.com/toy/blueutil) CLI for bluetooth on OSX: power, discoverable state, list, inquire devices, connect, info, …
- [**316**Star][3y] [ysrc/f-scrack](https://github.com/ysrc/f-scrack) F-Scrack is a single file bruteforcer supports multi-protocol
- [**316**Star][1y] [Py] [wangyihang/webshell-sniper](https://github.com/wangyihang/webshell-sniper) A webshell manager via terminal
- [**316**Star][1y] [C] [tharina/blackhoodie-2018-workshop](https://github.com/tharina/blackhoodie-2018-workshop) Slides and challenges for my binary exploitation workshop at BlackHoodie 2018.
- [**316**Star][11d] [Shell] [solomonsklash/chomp-scan](https://github.com/solomonsklash/chomp-scan) A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
- [**316**Star][3y] [Shell] [screetsec/lalin](https://github.com/screetsec/lalin) automatically install any package for pentest with uptodate tools , and lazy command for run the tools like lazynmap , install another and update
- [**316**Star][9d] [Py] [ring04h/wyportmap](https://github.com/ring04h/wyportmap) 目标端口扫描+系统服务指纹识别
- [**316**Star][11d] [C++] [ramadhanamizudin/malware](https://github.com/ramadhanamizudin/malware) Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from:
- [**316**Star][1m] [C++] [pipesocks/pipesocks](https://github.com/pipesocks/pipesocks) A pipe-like SOCKS5 tunnel system.
- [**316**Star][20d] [C] [o-gs/dji-firmware-tools](https://github.com/o-gs/dji-firmware-tools) Tools for handling firmwares of DJI products, with focus on quadcopters.
- [**316**Star][4m] [ObjC] [jmpews/hookzzmodules](https://github.com/jmpews/hookzzmodules) modules deps on HookZz framework.
- [**316**Star][10d] [JS] [frenchyeti/dexcalibur](https://github.com/frenchyeti/dexcalibur) Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
- [**316**Star][25d] [HTML] [ethereum/ethereum-org](https://github.com/ethereum/ethereum-org) [ARCHIVED] ethereum.org website from 2016-2019. See
- [**316**Star][4m] [C#] [dahall/vanara](https://github.com/dahall/vanara) A set of .NET libraries for Windows implementing PInvoke calls to many native Windows APIs with supporting wrappers.
- [**315**Star][12d] [Py] [kudelskisecurity/chainoffools](https://github.com/kudelskisecurity/chainoffools) A PoC for CVE-2020-0601
- [**315**Star][2y] [Java] [zifangsky/weatherspider](https://github.com/zifangsky/weatherspider) 天气爬虫（全国城镇天气自动定时抓取更新，并开放RESTful查询接口），附带代理IP池定时更新并检测其可用性
- [**315**Star][4y] [scadastrangelove/scadapass](https://github.com/scadastrangelove/scadapass) SCADA StrangeLove Default/Hardcoded Passwords List
- [**315**Star][18d] [Py] [saelo/armpwn](https://github.com/saelo/armpwn) Repository to train/learn memory corruption on the ARM platform.
- [**315**Star][4m] [C] [outflanknl/dumpert](https://github.com/outflanknl/dumpert) LSASS memory dumper using direct system calls and API unhooking.
- [**315**Star][4m] [C] [miracl/miracl](https://github.com/miracl/miracl) MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library is a C software library that is widely regarded by developers as the gold standard open source SDK for elliptic curve cryptography (ECC).
- [**315**Star][1y] [Gherkin] [middleman/middleman-blog](https://github.com/middleman/middleman-blog) Blog Engine Extension
- [**315**Star][11d] [C] [lfittl/libpg_query](https://github.com/lfittl/libpg_query) C library for accessing the PostgreSQL parser outside of the server environment
- [**315**Star][19d] [Scala] [jmcardon/tsec](https://github.com/jmcardon/tsec) Type-safe general-cryptography library -
- [**315**Star][2y] [Java] [ebryx/aes-killer](https://github.com/ebryx/aes-killer) Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
- [**315**Star][7m] [PS] [darkoperator/posh-secmod](https://github.com/darkoperator/posh-secmod) PowerShell Module with Security cmdlets for security work
- [**315**Star][4m] [Py] [circl/circlean](https://github.com/circl/circlean) USB key cleaner
- [**315**Star][3y] [Py] [armbues/ioc_parser](https://github.com/armbues/ioc_parser) Tool to extract indicators of compromise from security reports in PDF format
- [**315**Star][23d] [Py] [arecker/bennedetto](https://github.com/arecker/bennedetto) the turn-based budget
- [**315**Star][16d] [Shell] [0x90/kali-scripts](https://github.com/0x90/kali-scripts) Some usefull scripts for KaliLinux
- [**314**Star][2m] [JS] [barretlee/algorithms](https://github.com/barretlee/algorithms) All algorithms writing with javascript in the book 'Algorithms Fourth Edition'.
- [**314**Star][9m] [C] [shadowsocks/simple-obfs-android](https://github.com/shadowsocks/simple-obfs-android) A simple obfuscating tool for Android
- [**314**Star][8d] [C++] [xmrig/xmrig-proxy](https://github.com/xmrig/xmrig-proxy) Monero (XMR) Stratum protocol proxy
- [**314**Star][11d] [C] [rhboot/shim](https://github.com/rhboot/shim) a trivial EFI application that, when run, attempts to open and execute another application
- [**314**Star][25d] [Py] [ownaginatious/fbchat-archive-parser](https://github.com/ownaginatious/fbchat-archive-parser) An application for parsing chat history from a Facebook data archive.
- [**314**Star][10d] [C++] [jts/nanopolish](https://github.com/jts/nanopolish) Signal-level algorithms for MinION data
- [**314**Star][1m] [C] [igrr/esptool-ck](https://github.com/igrr/esptool-ck) ESP8266 build/flash helper tool by Christian Klippel
- [**314**Star][10m] [JS] [hynekpetrak/malware-jail](https://github.com/hynekpetrak/malware-jail) Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
- [**314**Star][1y] [PS] [cyb3rward0g/invoke-attackapi](https://github.com/cyb3rward0g/invoke-attackapi) A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
- [**314**Star][11d] [Py] [bit4woo/passmaker](https://github.com/bit4woo/passmaker) 可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified
- [**313**Star][17d] [Py] [shadowsocks/shadowdns](https://github.com/shadowsocks/shadowdns) A DNS forwarder using Shadowsocks as the server
- [**313**Star][3m] [Py] [fsecurelabs/win_driver_plugin](https://github.com/FSecureLABS/win_driver_plugin) A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
- [**313**Star][6m] [Py] [ym2011/poc-exp](https://github.com/ym2011/poc-exp) Collecting and writing PoC or EXP for vulnerabilities on some application
- [**313**Star][4m] [Py] [websploit/websploit](https://github.com/websploit/websploit) Websploit is a high level MITM framework
- [**313**Star][2y] [Py] [tintinweb/scapy-ssl_tls](https://github.com/tintinweb/scapy-ssl_tls) SSL/TLS layers for scapy the interactive packet manipulation tool
- [**313**Star][10d] [Py] [stripe/topmodel](https://github.com/stripe/topmodel) Standard evaluations for binary classifiers so you don't have to
- [**313**Star][10d] [Go] [sensepost/godoh](https://github.com/sensepost/godoh)  A DNS-over-HTTPS Command & Control Proof of Concept 
- [**313**Star][4m] [Py] [rhinosecuritylabs/cves](https://github.com/rhinosecuritylabs/cves) A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
- [**313**Star][15d] [Py] [qubesos/qubes-secpack](https://github.com/qubesos/qubes-secpack) Qubes Security Pack
- [**313**Star][1y] [ObjC] [qhd/anymethodlog](https://github.com/qhd/anymethodlog) Log any method call of object in Objective-C
- [**313**Star][16d] [Java] [nvisium/xssvalidator](https://github.com/nvisium/xssvalidator) This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
- [**313**Star][6m] [YARA] [needmorecowbell/hamburglar](https://github.com/needmorecowbell/hamburglar)  collect useful information from urls, directories, and files
- [**313**Star][1m] [C] [miohtama/python-levenshtein](https://github.com/miohtama/python-levenshtein) The Levenshtein Python C extension module contains functions for fast computation of Levenshtein distance and string similarity
- [**313**Star][12m] [C++] [mattiwatti/pplkiller](https://github.com/mattiwatti/pplkiller) Protected Processes Light Killer
- [**313**Star][3m] [PHP] [helloxz/ipinfo](https://github.com/helloxz/ipinfo) 整合多接口的IP查询工具。
- [**313**Star][8d] [Py] [gbrindisi/xsssniper](https://github.com/gbrindisi/xsssniper) An automatic XSS discovery tool
- [**313**Star][4m] [Java] [c0ny1/fastjsonexploit](https://github.com/c0ny1/fastjsonexploit) Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
- [**313**Star][4y] [Py] [blankwall/macheap](https://github.com/blankwall/macheap) OS X malloc introspection tool
- [**313**Star][4m] [bigsinger/androididchanger](https://github.com/bigsinger/androididchanger) Xposed Module for Changing Android Device Info
- [**313**Star][4m] [Py] [basucert/winboxpoc](https://github.com/basucert/winboxpoc) Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)
- [**313**Star][2y] [1522402210/2018-blackhat-tools-list](https://github.com/1522402210/2018-blackhat-tools-list) 2018 BlackHat Tools List
- [**312**Star][8d] [C#] [v2ray/v2rayn](https://github.com/v2ray/v2rayn) A Windows GUI client for V2Ray.
- [**312**Star][11d] [JS] [joshuaferrara/node-csgo](https://github.com/joshuaferrara/node-csgo) A node-steam plugin for Counter-Strike: Global Offensive.
- [**312**Star][12d] [C#] [xenocoderce/neo-confuserex](https://github.com/xenocoderce/neo-confuserex) Updated ConfuserEX, an open-source, free obfuscator for .NET applications
- [**312**Star][16d] [C] [troglobit/nemesis](https://github.com/troglobit/nemesis) A command-line network packet crafting and injection utility
- [**312**Star][7m] [Py] [stamparm/dsxs](https://github.com/stamparm/dsxs) Damn Small XSS Scanner
- [**312**Star][2y] [Java] [s4n7h0/halcyon](https://github.com/s4n7h0/halcyon) First IDE for Nmap Script (NSE) Development.
- [**312**Star][4m] [JS] [robbendebiene/gesturefy](https://github.com/robbendebiene/gesturefy) Navigate, operate and browse faster with mouse gestures! A customizable Firefox mouse gesture add-on with a variety of different commands.
- [**312**Star][13d] [PHP] [phpmussel/phpmussel](https://github.com/phpmussel/phpmussel) PHP-based anti-virus anti-trojan anti-malware solution.
- [**312**Star][11d] [TS] [ninoseki/mitaka](https://github.com/ninoseki/mitaka) A browser extension for OSINT search
- [**312**Star][12d] [Py] [mrash/afl-cov](https://github.com/mrash/afl-cov) Produce code coverage results with gcov from afl-fuzz test cases
- [**312**Star][23d] [Py] [micropyramid/forex-python](https://github.com/micropyramid/forex-python) Foreign exchange rates, Bitcoin price index and currency conversion using ratesapi.io
- [**312**Star][13d] [geerlingguy/ansible-role-security](https://github.com/geerlingguy/ansible-role-security) Ansible Role - Security
- [**312**Star][10d] [C] [freakishfox/xanso](https://github.com/freakishfox/xanso) Android So文件浏览修复工具
- [**312**Star][4m] [C++] [dedis/dissent](https://github.com/dedis/dissent) Provably Anonymous Overlay
- [**311**Star][9d] [Swift] [lapfelix/bluetoothconnector](https://github.com/lapfelix/bluetoothconnector) Simple macOS CLI to connect/disconnect a Bluetooth device. Useful for AirPods or other Bluetooth headphones.
- [**311**Star][2m] [Py] [dhondta/dronesploit](https://github.com/dhondta/dronesploit) Drone pentesting framework console
- [**311**Star][17d] [C] [pwning/docs](https://github.com/pwning/docs) Tips, Tricks, and Suggestions for Running a CTF
- [**311**Star][5m] [C#] [vmcall/loadlibrayy](https://github.com/vmcall/loadlibrayy) x64 manualmapper with kernel elevation and thread hijacking capabilities
- [**311**Star][20d] [Py] [ustwo/mastermind](https://github.com/ustwo/mastermind) Man in the middle testing
- [**311**Star][13d] [Py] [patois/dsync](https://github.com/patois/dsync) IDAPython plugin that synchronizes disassembler and decompiler views
- [**311**Star][10d] [Rust] [myfreeweb/freepass](https://github.com/myfreeweb/freepass) [DEPRECATED] password manager thing
- [**311**Star][19d] [Go] [muraenateam/muraena](https://github.com/muraenateam/muraena) Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
- [**311**Star][4y] [OCaml] [microsoft/slayer](https://github.com/microsoft/slayer) SLAyer is an automatic formal verification tool that uses separation logic to verify memory safety of C programs.
- [**311**Star][13d] [C] [dgoulet/torsocks](https://github.com/dgoulet/torsocks) Library to torify application - NOTE: upstream has been moved to
- [**311**Star][12d] [Go] [decomp/decomp](https://github.com/decomp/decomp) Components of a decompilation pipeline.
- [**311**Star][8m] [Py] [christhecoolhut/pinctf](https://github.com/christhecoolhut/pinctf) Using Intel's PIN tool to solve CTF problems
- [**311**Star][11d] [JS] [bet4it/hyperpwn](https://github.com/bet4it/hyperpwn) A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
- [**310**Star][27d] [C] [jenssegers/rtl8188-hostapd](https://github.com/jenssegers/rtl8188-hostapd) hostapd for Realtek RTL8188
- [**310**Star][13d] [Py] [0xislamtaha/python-rootkit](https://github.com/0xIslamTaha/Python-Rootkit) Python Remote Administration Tool (RAT) to gain meterpreter session
- [**310**Star][18d] [C] [tangsilian/android-vuln](https://github.com/tangsilian/android-vuln) 安卓内核提权漏洞分析
- [**310**Star][4m] [Py] [utiso/dorkbot](https://github.com/utiso/dorkbot) Command-line tool to scan Google search results for vulnerabilities
- [**310**Star][3y] [C] [tomwimmenhove/subarufobrob](https://github.com/tomwimmenhove/subarufobrob) Hijack a Subaru's key fob and steal all the things
- [**310**Star][15d] [Py] [shaypal5/cachier](https://github.com/shaypal5/cachier) Persistent, stale-free, local and cross-machine caching for Python functions.
- [**310**Star][10d] [Py] [ricmoo/pyaes](https://github.com/ricmoo/pyaes) Pure-Python implementation of AES block-cipher and common modes of operation.
- [**310**Star][14d] [Py] [packetloop/packetpig](https://github.com/packetloop/packetpig)  Open Source Big Data Security Analytics
- [**310**Star][1y] [Py] [mseclab/pyjfuzz](https://github.com/mseclab/pyjfuzz) PyJFuzz - Python JSON Fuzzer
- [**310**Star][3y] [C++] [minhaskamal/trojancockroach](https://github.com/minhaskamal/trojancockroach) A Stealthy Trojan Spyware (keylogger-spyware-malware-worm-spy-virus-fud-undetectable-computer-windows-pc-c-c++)
- [**310**Star][4m] [Py] [macr0dev/audiobooks.bundle](https://github.com/macr0dev/audiobooks.bundle) Plex metadata scraper for Audiobooks
- [**310**Star][2y] [Java] [joaomatosf/javadeserh2hc](https://github.com/joaomatosf/javadeserh2hc) Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
- [**310**Star][10d] [C] [jmk-foofus/medusa](https://github.com/jmk-foofus/medusa) Medusa is a speedy, parallel, and modular, login brute-forcer.
- [**310**Star][12d] [JS] [jeija/bluefluff](https://github.com/jeija/bluefluff) Reverse Engineering Furby Connect's Bluetooth Protocol and Update Format
- [**310**Star][2y] [Py] [ioactive/xdiff](https://github.com/ioactive/xdiff) Extended Differential Fuzzing Framework
- [**310**Star][12d] [C] [gbps/gbhv](https://github.com/gbps/gbhv) Simple x86-64 VT-x Hypervisor with EPT Hooking
- [**310**Star][2y] [findneo/newbie-security-list](https://github.com/findneo/newbie-security-list) 网络安全学习资料，欢迎补充
- [**310**Star][3m] [Py] [elevenpaths/homepwn](https://github.com/elevenpaths/homepwn) HomePwn - Swiss Army Knife for Pentesting of IoT Devices
- [**310**Star][1y] [Ruby] [darkoperator/metasploit-plugins](https://github.com/darkoperator/metasploit-plugins) Plugins for Metasploit Framework
- [**310**Star][13d] [Shell] [checkpointsw/android_unpacker](https://github.com/checkpointsw/android_unpacker) A (hopefully) generic unpacker for packed Android apps.
- [**310**Star][4m] [C++] [artikash/textractor](https://github.com/artikash/textractor) Extracts text from video games and visual novels. Highly extensible.
- [**310**Star][10d] [C] [aabc/ipt-netflow](https://github.com/aabc/ipt-netflow) Netflow iptables module for Linux kernel (official)
- [**309**Star][2y] [Shell] [sirzdy/shadowsocks](https://github.com/sirzdy/shadowsocks) 与 ShadowSocks 有关的教程、文件等
- [**309**Star][4m] [Py] [wisedoge/proxypool](https://github.com/wisedoge/proxypool) 跨语言IP代理池，Python实现。
- [**309**Star][3y] [Shell] [ugukkylbklaom/vultr-ss-firewall](https://github.com/ugukkylbklaom/vultr-ss-firewall) 一整套网络加速方案(SS)，速度，安全，便捷 面面俱到，操作简单，适合非IT专业人士
- [**309**Star][11d] [Py] [sosreport/sos](https://github.com/sosreport/sos) A unified tool for collecting system logs and other debug information
- [**309**Star][5m] [Py] [skylined/bugid](https://github.com/skylined/bugid) Detect, analyze and uniquely identify crashes in Windows applications
- [**309**Star][7d] [C] [shchmue/lockpick_rcm](https://github.com/shchmue/lockpick_rcm) Nintendo Switch encryption key derivation bare metal RCM payload
- [**309**Star][4y] [C] [raspberrypi/maynard](https://github.com/raspberrypi/maynard) Desktop environment for Wayland
- [**309**Star][1m] [Py] [munki/createosxinstallpkg](https://github.com/munki/createosxinstallpkg) Tools for packaging OS X installers
- [**309**Star][21d] [Py] [flipkart-incubator/watchdog](https://github.com/flipkart-incubator/watchdog)  A Comprehensive Security Scanning and a Vulnerability Management Tool.
- [**309**Star][11d] [JS] [ffay/proxygateway](https://github.com/ffay/proxygateway) Proxy Gateway基于openresty（nginx lua module）开发，可以作为接口网关（api gateway）使用，整合业务模块接口，微服务治理聚合，通过web配置界面，能够轻松进行代理配置管理，支持负载均衡，服务器状态检测等
- [**309**Star][12m] [Py] [edent/bmw-i-remote](https://github.com/edent/bmw-i-remote) A reverse engineered interface for the BMW i3 Electric Car
- [**309**Star][4m] [Py] [cyberark/kubiscan](https://github.com/cyberark/kubiscan) A tool to scan Kubernetes cluster for risky permissions
- [**308**Star][10d] [wzdnzd/shadowsocksx-ng-r](https://github.com/wzdnzd/shadowsocksx-ng-r) ShadowsocksX-NG-R: Shadowsocks(R) Client for MacOS
- [**308**Star][3y] [PS] [fortynorthsecurity/wmiops](https://github.com/FortyNorthSecurity/WMIOps) This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.
- [**308**Star][10m] [Py] [zhaoweiho/securitymanageframwork](https://github.com/zhaoweiho/securitymanageframwork) Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer securit…
- [**308**Star][19d] [Py] [williballenthin/python-registry](https://github.com/williballenthin/python-registry) Pure Python parser for Windows Registry hives.
- [**308**Star][1y] [C++] [spacehuhn/deauthdetector](https://github.com/spacehuhn/deauthdetector) Detect deauthentication frames using an ESP8266
- [**308**Star][18d] [C++] [secrary/idenlib](https://github.com/secrary/idenlib) Library Function Identification [prototype project - signatures might change in future releases]
- [**308**Star][11d] [C] [pulkin/esp8266-injection-example](https://github.com/pulkin/esp8266-injection-example) Example project to demonstrate packet injection / sniffer capabilities of ESP8266 IC.
- [**308**Star][6m] [Shell] [petit-miner/blueberry-pi](https://github.com/petit-miner/blueberry-pi) Blueberry PI
- [**308**Star][12d] [C] [mboehme/aflfast](https://github.com/mboehme/aflfast) AFLFast (extends AFL with Power Schedules)
- [**308**Star][7d] [JS] [mafintosh/webrtc-swarm](https://github.com/mafintosh/webrtc-swarm) Create a swarm of p2p connections using webrtc and a signalhub
- [**308**Star][4m] [Py] [lorexxar/cobra-w](https://github.com/lorexxar/cobra-w) Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版
- [**308**Star][14d] [C++] [gamozolabs/applepie](https://github.com/gamozolabs/applepie) A hypervisor for fuzzing built with WHVP and Bochs
- [**308**Star][5m] [C++] [cyphunk/jtagenum](https://github.com/cyphunk/jtagenum) Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch…
- [**308**Star][13d] [Py] [corrad1nho/qomui](https://github.com/corrad1nho/qomui) Qomui (Qt OpenVPN Management UI)
- [**308**Star][1m] [Py] [chenjiandongx/async-proxy-pool](https://github.com/chenjiandongx/async-proxy-pool)  异步爬虫代理池，以 Python asyncio 为基础，旨在充分利用 Python 的异步性能。
- [**308**Star][4m] [Java] [c0ny1/passive-scan-client](https://github.com/c0ny1/passive-scan-client) Burp被动扫描流量转发插件
- [**307**Star][12d] [Swift] [halo/macosvpn](https://github.com/halo/macosvpn) 
- [**307**Star][11d] [C++] [loki-project/loki-network](https://github.com/loki-project/loki-network) Lokinet is an anonymous, decentralized and IP based overlay network for the internet.
- [**307**Star][4m] [enkomio/taipan](https://github.com/enkomio/Taipan) Web application vulnerability scanner
- [**307**Star][18d] [C] [thingpulse/esp8266-weather-station-color](https://github.com/ThingPulse/esp8266-weather-station-color) ESP8266 Weather Station in Color using ILI9341 TFT 240x320 display
- [**307**Star][11d] [Java] [wvengen/proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) ProGuard Maven plugin that supports modularised ProGuard packages
- [**307**Star][2y] [Py] [two06/inception](https://github.com/two06/inception) Provides In-memory compilation and reflective loading of C# apps for AV evasion.
- [**307**Star][4m] [Go] [suyashkumar/ssl-proxy](https://github.com/suyashkumar/ssl-proxy) 
- [**307**Star][3m] [C++] [squalr/squally](https://github.com/squalr/squally) 2D Platformer Game for Teaching Game Hacking - C++/cocos2d-x
- [**307**Star][3y] [Py] [spritz-research-group/skype-type](https://github.com/spritz-research-group/skype-type) Don't Skype & Type! Keyboard acoustic eavesdropping tool.
- [**307**Star][20d] [Shell] [safebreach-labs/pwndsh](https://github.com/safebreach-labs/pwndsh) Post-exploitation framework (and an interactive shell) developed in Bash shell scripting
- [**307**Star][13d] [Py] [nccgroup/fuzzowski](https://github.com/nccgroup/fuzzowski) the Network Protocol Fuzzer that we will want to use.
- [**307**Star][3y] [C] [nationalsecurityagency/dcp](https://github.com/nationalsecurityagency/dcp) Digest, stat, and copy files from one location to another in the same read pass
- [**307**Star][4m] [C#] [mkaring/confuserex](https://github.com/mkaring/confuserex) An open-source, free protector for .NET applications
- [**307**Star][10d] [Go] [lavalamp-/ipv666](https://github.com/lavalamp-/ipv666) Golang IPv6 address enumeration
- [**307**Star][1m] [Perl] [julienbedard/browsersploit](https://github.com/julienbedard/browsersploit) BrowserExploit is an advanced browser exploit pack for doing internal and external pentesting, helping gaining access to internal computers.
- [**307**Star][18d] [PHP] [interference-security/empire-web](https://github.com/interference-security/empire-web) PowerShell Empire Web Interface
- [**307**Star][17d] [C] [fail0verflow/ps4-kexec](https://github.com/fail0verflow/ps4-kexec) Implementation of the kexec system call for PS4
- [**307**Star][12m] [Shell] [eschultze/urlextractor](https://github.com/eschultze/urlextractor) Information gathering & website reconnaissance |
- [**307**Star][10d] [JS] [1egoman/debundle](https://github.com/1egoman/debundle) 
- [**306**Star][8d] [Py] [justforfunnnn/webspider](https://github.com/justforfunnnn/webspider) 本项目使用的编程语言是python3，数据库用的是MySQL, 主要用到的库是celery和requests，并实现了定时任务，出错重试，日志记录，自动更改Cookies等的功能，使用ECharts + Bootstrap 来构建前端页面。
- [**306**Star][25d] [C] [bishopfox/bfdecrypt](https://github.com/bishopfox/bfdecrypt) Utility to decrypt App Store apps on jailbroken iOS 11.x
- [**306**Star][8d] [Py] [justforfunnnn/webspider](https://github.com/JustForFunnnn/webspider) 本项目使用的编程语言是python3，数据库用的是MySQL, 主要用到的库是celery和requests，并实现了定时任务，出错重试，日志记录，自动更改Cookies等的功能，使用ECharts + Bootstrap 来构建前端页面。
- [**306**Star][7d] [PS] [microsoftdocs/windows-driver-docs](https://github.com/MicrosoftDocs/windows-driver-docs) The official Windows Driver Kit documentation sources
- [**306**Star][15d] [Py] [zer0h/httpscan](https://github.com/zer0h/httpscan) A HTTP Service detector with a crawler from IP/CIDR
- [**306**Star][2m] [Py] [xdavidhu/langhost](https://github.com/xdavidhu/langhost) A LAN dropbox chatbot controllable via Telegram
- [**306**Star][5m] [topjohnwu/magisk_files](https://github.com/topjohnwu/magisk_files) Magisk File Host
- [**306**Star][4m] [C] [tomb5/tomb5](https://github.com/tomb5/tomb5) Chronicles Disassembly translated to C source code.
- [**306**Star][11d] [rustsec/advisory-db](https://github.com/rustsec/advisory-db) Security advisory database for Rust crates published through crates.io
- [**306**Star][8m] [C#] [ossindex/devaudit](https://github.com/ossindex/devaudit) Open-source, cross-platform, multi-purpose security auditing tool
- [**306**Star][4m] [Shell] [fdiskyou/zines](https://github.com/fdiskyou/zines) Mirror of my favourite hacking Zines for the lulz, nostalgy, and reference
- [**306**Star][2m] [Py] [clusterhq/powerstrip](https://github.com/clusterhq/powerstrip) A tool for prototyping Docker extensions
- [**306**Star][10d] [HTML] [bl4de/ctf](https://github.com/bl4de/ctf) CTF (Capture The Flag) writeups, code snippets, notes, scripts
- [**306**Star][10d] [C] [beckus/qemu_stm32](https://github.com/beckus/qemu_stm32) QEMU with an STM32 microcontroller implementation
- [**305**Star][18d] [HTML] [syncsynchalt/illustrated-tls13](https://github.com/syncsynchalt/illustrated-tls13) The Illustrated TLS 1.3 Connection: Every byte explained
- [**305**Star][12d] [F#] [stevegilham/altcover](https://github.com/stevegilham/altcover) Cross-platform coverage gathering and processing tool set for .net/.net core and Mono
- [**305**Star][4m] [C++] [liulei01/drbox](https://github.com/liulei01/drbox) A deep learning based algorithm to detect rotated object, for example, objects in remote sensing images
- [**305**Star][10d] [Java] [adonespitogo/adobot](https://github.com/adonespitogo/adobot) Open-source android spyware
- [**305**Star][10d] [trustedsec/artillery](https://github.com/trustedsec/artillery) The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
- [**305**Star][2y] [swiftonsecurity/swiftfilter](https://github.com/swiftonsecurity/swiftfilter) Exchange Transport rules to detect and enable response to phishing
- [**305**Star][2m] [Dockerfile] [johackim/docker-hacklab](https://github.com/johackim/docker-hacklab) My personal hacklab, create your own.
- [**305**Star][14d] [Perl] [shirkdog/pulledpork](https://github.com/shirkdog/pulledpork) Pulled Pork for Snort and Suricata rule management (from Google code)
- [**305**Star][1y] [Ruby] [secgen/secgen](https://github.com/secgen/secgen) Generate vulnerable virtual machines on the fly (current team development is taking place in the cliffe/SecGen fork)
- [**305**Star][8d] [C++] [sam-b/windows_kernel_address_leaks](https://github.com/sam-b/windows_kernel_address_leaks) Examples of leaking Kernel Mode information from User Mode on Windows
- [**305**Star][3m] [Py] [s0md3v/mypapers](https://github.com/s0md3v/mypapers) Repository for hosting my research papers
- [**305**Star][1y] [Py] [nccgroup/cyber-defence](https://github.com/nccgroup/cyber-defence) Information released publicly by NCC Group's Cyber Defence team
- [**305**Star][11d] [Java] [nationalsecurityagency/datawave](https://github.com/nationalsecurityagency/datawave) DataWave is an ingest/query framework that leverages Apache Accumulo to provide fast, secure data access.
- [**305**Star][10d] [C] [rogandawes/logitacker](https://github.com/RoganDawes/LOGITacker) Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.
- [**305**Star][1y] [maaaaz/impacket-examples-windows](https://github.com/maaaaz/impacket-examples-windows) The great impacket example scripts compiled for Windows
- [**305**Star][4m] [Java] [kingsollyu/appenv](https://github.com/kingsollyu/appenv) 应用变量
- [**304**Star][10d] [Shell] [nicokaiser/rpi-audio-receiver](https://github.com/nicokaiser/rpi-audio-receiver) Raspberry Pi Audio Receiver with Bluetooth A2DP, AirPlay, UPnP and Spotify Connect
- [**304**Star][2y] [C#] [ezzpify/hourboostr](https://github.com/ezzpify/hourboostr) Two programs for idling Steam game hours and trading cards
- [**304**Star][10d] [Py] [m4ll0k/burpsuite-secret_finder](https://github.com/m4ll0k/burpsuite-secret_finder) Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.
- [**304**Star][4m] [JS] [w3c/webappsec-trusted-types](https://github.com/w3c/webappsec-trusted-types) A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
- [**304**Star][4m] [Shell] [venshine/decompile-apk](https://github.com/venshine/decompile-apk)  auto decompile function for produce Java source code and resources from Android Apk files that displayed on GUI.
- [**304**Star][11d] [Py] [trustedsec/tap](https://github.com/trustedsec/tap) The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.
- [**304**Star][11d] [scholtzm/awesome-steam](https://github.com/scholtzm/awesome-steam) 
- [**304**Star][11d] [Py] [pysmt/pysmt](https://github.com/pysmt/pysmt) A library for SMT formulae manipulation and solving
- [**304**Star][2y] [C] [nektra/deviare2](https://github.com/nektra/deviare2) Deviare API Hook
- [**304**Star][4m] [marcinguy/cve-2019-2107](https://github.com/marcinguy/cve-2019-2107) CVE-2019-2107
- [**304**Star][11d] [Py] [mapproxy/mapproxy](https://github.com/mapproxy/mapproxy) MapProxy is a tile cache and WMS proxy
- [**304**Star][11d] [Py] [mame82/duck2spark](https://github.com/mame82/duck2spark) Converter for raw RubberDucky payloads to Digispark Arduino IDE Sketch source.
- [**304**Star][21d] [Shell] [jobertabma/recon.sh](https://github.com/jobertabma/recon.sh) A toolset to track and organize output of reconnaissance tools
- [**304**Star][15d] [Py] [guimaizi/get_domain](https://github.com/guimaizi/get_domain) domain collect and monitor
- [**304**Star][4m] [Py] [ekultek/whatbreach](https://github.com/ekultek/whatbreach) OSINT tool to find breached emails, databases, pastes, and relevant information
- [**304**Star][12d] [Py] [dhilipsiva/webapp-checklist](https://github.com/dhilipsiva/webapp-checklist) Technical details that a programmer of a web application should consider before making the site public.
- [**304**Star][10d] [Py] [airbus-seclab/cpu_rec](https://github.com/airbus-seclab/cpu_rec) Recognize cpu instructions in an arbitrary binary file
- [**303**Star][3m] [Shell] [projectzeroindia/cve-2019-19781](https://github.com/projectzeroindia/cve-2019-19781) Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]
- [**303**Star][10d] [Shell] [yangchuansheng/love-gfw](https://github.com/yangchuansheng/love-gfw) 
- [**303**Star][1y] [Py] [mr-un1k0d3r/catmyphish](https://github.com/Mr-Un1k0d3r/CatMyPhish) Search for categorized domain
- [**303**Star][1y] [C] [str8outtaheap/heapwn](https://github.com/str8outtaheap/heapwn) Linux Heap Exploitation Practice
- [**303**Star][1m] [C++] [yahoo/monitr](https://github.com/yahoo/monitr) A Node.js process monitoring tool.
- [**303**Star][12d] [Py] [wenfengshi/ddos-dos-tools](https://github.com/wenfengshi/ddos-dos-tools) some sort of ddos-tools
- [**303**Star][11d] [C] [sensepost/hostapd-mana](https://github.com/sensepost/hostapd-mana) SensePost's modified hostapd for wifi attacks.
- [**303**Star][12d] [HTML] [s1gh/ctf-literature](https://github.com/s1gh/ctf-literature) Collection of free books, papers and articles related to CTF challenges.
- [**303**Star][10d] [Java] [rsmudge/armitage](https://github.com/rsmudge/armitage) a graphical cyber attack management tool for Metasploit that 
visualizes your targets, recommends exploits, and exposes the advanced 
capabilities of the framework.
- [**303**Star][3y] [Py] [maldevel/ipgeolocation](https://github.com/maldevel/ipgeolocation) Retrieve IP Geolocation information
- [**303**Star][13d] [JS] [kristian-lange/net-glimpse](https://github.com/kristian-lange/net-glimpse) 1) Real-time visualization of network traffic (Ethernet and Internet), and 2) Streaming of header data from your network interfaces via WebSockets
- [**303**Star][4y] [C++] [kgretzky/obfusion](https://github.com/kgretzky/obfusion)  C++ X86 Code Obfuscation Library
- [**303**Star][20d] [Shell] [geerlingguy/ansible-role-firewall](https://github.com/geerlingguy/ansible-role-firewall) Ansible Role - iptables Firewall configuration.
- [**303**Star][10d] [Go] [box/kube-iptables-tailer](https://github.com/box/kube-iptables-tailer) A service for better network visibility for your Kubernetes clusters.
- [**302**Star][15d] [C#] [protonvpn/win-app](https://github.com/protonvpn/win-app) Official ProtonVPN Windows app
- [**302**Star][11d] [Shell] [balenalabs/balena-wpe](https://github.com/balenalabs/balena-wpe) Fullscreen WebKit browser with hardware accelerated CSS, WebGL, and HTML5 video for the RaspberryPi 3.
- [**302**Star][11d] [Go] [flowerwrong/tun2socks](https://github.com/flowerwrong/tun2socks) Redirect tun flow to socks 5 in golang, support tcp and udp.
- [**302**Star][11d] [JS] [andreafioraldi/frida-fuzzer](https://github.com/andreafioraldi/frida-fuzzer) This experimetal fuzzer is meant to be used for API in-memory fuzzing.
- [**302**Star][2m] [neo23x0/auditd](https://github.com/neo23x0/auditd) Best Practice Auditd Configuration
- [**302**Star][12d] [Py] [boppreh/mouse](https://github.com/boppreh/mouse) Hook and simulate global mouse events in pure Python
- [**302**Star][11d] [Py] [ha3mrx/ddos-attack](https://github.com/ha3mrx/ddos-attack) DDos-Attack Is A Python script online Attack
- [**302**Star][19d] [Py] [voulnet/barq](https://github.com/voulnet/barq) The AWS Cloud Post Exploitation framework!
- [**302**Star][14d] [C] [s2e/s2e-old](https://github.com/s2e/s2e-old) This is the archived S2E 1.0 repo. We do not maintain it anymore.
- [**302**Star][1y] [C] [raspberrypi/quake3](https://github.com/raspberrypi/quake3) provide a baseline Quake 3 which may be used
for further development
- [**302**Star][4y] [Py] [lekensteyn/pacemaker](https://github.com/lekensteyn/pacemaker) Heartbleed (CVE-2014-0160) client exploit
- [**302**Star][2y] [Shell] [jas502n/st2-057](https://github.com/jas502n/st2-057) St2-057 Poc Example
- [**302**Star][3y] [invoke-ir/forensicposters](https://github.com/invoke-ir/forensicposters) 多种数据结构图解：MBR/GPT/...
- [**302**Star][3m] [Py] [hnfull/intensio-obfuscator](https://github.com/hnfull/intensio-obfuscator) Obfuscate a python code 2.x and 3.x
- [**302**Star][14d] [Py] [dirtyfilthy/freshonions-torscraper](https://github.com/dirtyfilthy/freshonions-torscraper) Fresh Onions is an open source TOR spider / hidden service onion crawler hosted at zlal32teyptf4tvi.onion
- [**302**Star][4m] [anyeduke/enterprise-security-skill](https://github.com/anyeduke/enterprise-security-skill) 用于记录企业安全规划，建设，运营，攻防的相关资源
- [**301**Star][5m] [C#] [yaccconstructor/quickgraph](https://github.com/yaccconstructor/quickgraph) Generic Graph Data Structures and Algorithms for .NET
- [**301**Star][10d] [asoul/tsec](https://github.com/asoul/tsec) 台灣上市上櫃股票爬蟲 Taiwan Stock Exchange Crawler
- [**301**Star][3m] [C++] [yuanyuanxiang/simpleremoter](https://github.com/yuanyuanxiang/simpleremoter) RAT based on gh0st
- [**301**Star][11d] [Py] [vulnerscom/api](https://github.com/vulnerscom/api) Python 2/3 library for the Vulners Database
- [**301**Star][4m] [ObjC] [sveinbjornt/stprivilegedtask](https://github.com/sveinbjornt/stprivilegedtask) An NSTask-like wrapper around the macOS Security Framework's AuthorizationExecuteWithPrivileges() to run shell commands with root privileges in Objective-C / Cocoa.
- [**301**Star][2y] [C++] [rootm0s/protectors](https://github.com/rootm0s/protectors) 
- [**301**Star][15d] [Py] [orf/cyborg](https://github.com/orf/cyborg) Python web scraping framework
- [**301**Star][14d] [Py] [n1nj4sec/pr0cks](https://github.com/n1nj4sec/pr0cks) python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target
- [**301**Star][12d] [C++] [justasmasiulis/lazy_importer](https://github.com/justasmasiulis/lazy_importer) library for importing functions from dlls in a hidden, reverse engineer unfriendly way
- [**301**Star][4m] [C] [jiaoxianjun/btle](https://github.com/jiaoxianjun/btle) Bluetooth Low Energy (BLE) packet sniffer and generator for both standard and non standard (raw bit).
- [**301**Star][11m] [C] [falldog/pyconcrete](https://github.com/falldog/pyconcrete) Protect your python script, encrypt it as .pye and decrypt when import it
- [**301**Star][2y] [Shell] [cryptolok/ghostinthenet](https://github.com/cryptolok/ghostinthenet) Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
- [**301**Star][10d] [Dockerfile] [cryptax/androidre](https://github.com/cryptax/androidre) Reverse engineering Android
- [**301**Star][3y] [HTML] [buddhalabs/packetstorm-exploits](https://github.com/buddhalabs/packetstorm-exploits) Collection of publicly available exploits from Packetstorm
- [**301**Star][1m] [Java] [amaembo/huntbugs](https://github.com/amaembo/huntbugs) Java bytecode static analyzer
- [**300**Star][4m] [Py] [neutree/comtool](https://github.com/neutree/comtool) Cross platform Serial Assistant （ 跨平台 串口 调试 助手 串口助手 串口调试助手 linux windows mac Raspberry Pi ）
- [**300**Star][8d] [PHP] [geerlingguy/ping](https://github.com/geerlingguy/ping) A PHP class to ping hosts.
- [**300**Star][4m] [Py] [gallopsled/pwntools-tutorial](https://github.com/gallopsled/pwntools-tutorial) Tutorials for getting started with Pwntools
- [**300**Star][10d] [HTML] [badd1e/disclosures](https://github.com/badd1e/disclosures) Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts
- [**300**Star][12d] [Py] [wwong99/pentest-notes](https://github.com/wwong99/pentest-notes)  all my penetration testing study notes, penetration testing tools, scripts, techniques, tricks and also many scripts that I found them useful from all over the internet.
- [**300**Star][16d] [Go] [rs/jaggr](https://github.com/rs/jaggr) JSON Aggregation CLI
- [**300**Star][10d] [Java] [optimatika/ojalgo](https://github.com/optimatika/ojalgo) Java code that has to do with mathematics, linear algebra and optimisation.
- [**300**Star][17d] [Elixir] [nebo15/annon.api](https://github.com/nebo15/annon.api) Configurable API gateway that acts as a reverse proxy with a plugin system.
- [**300**Star][2m] [krausefx/steal.password](https://github.com/krausefx/steal.password) Easily get the user's Apple ID password, just by asking
- [**300**Star][13d] [JS] [jlippold/tweakcompatible](https://github.com/jlippold/tweakcompatible) Adds a compatibility checker to cydia
- [**300**Star][3y] [Go] [janeczku/rancher-letsencrypt](https://github.com/janeczku/rancher-letsencrypt) A Rancher service that obtains free SSL/TLS certificates from the Let's Encrypt CA, adds them to Rancher's certificate store and manages renewal and propagation of updated certificates to load balancer
- [**300**Star][4y] [Py] [emposha/shell-detector](https://github.com/emposha/shell-detector)  a application that helps you find and identify php/cgi(perl)/asp/aspx shells. 
- [**300**Star][17d] [Py] [apache/incubator-spot](https://github.com/apache/incubator-spot) Mirror of Apache Spot
- [**299**Star][10d] [Elixir] [anonyfox/elixir-scrape](https://github.com/anonyfox/elixir-scrape) Scrape any website, article or RSS/Atom Feed with ease!
- [**299**Star][11d] [cassidoo/scrapers](https://github.com/cassidoo/scrapers) A list of scrapers from around the web.
- [**299**Star][1y] [Shell] [yw9381/burp_suite_doc_zh_cn](https://github.com/yw9381/burp_suite_doc_zh_cn) 这是基于Burp Suite官方文档翻译而来的中文版文档
- [**299**Star][2y] [valvesoftware/dota-2](https://github.com/valvesoftware/dota-2) Tracker for issues specific to Linux and Mac in the Reborn client. If you have a general issue or non-system-specific feature request please go to dev.dota2.com
- [**299**Star][23d] [C] [taviso/rbndr](https://github.com/taviso/rbndr) Simple DNS Rebinding Service
- [**299**Star][10d] [HTML] [sp1d3r/swf_json_csrf](https://github.com/sp1d3r/swf_json_csrf) simplify the SWF-based JSON CSRF exploitation
- [**299**Star][1m] [C++] [smartdec/smartdec](https://github.com/smartdec/smartdec) SmartDec decompiler
    - [IDA插件](https://github.com/smartdec/smartdec/tree/master/src/ida-plugin) 
    - [nocode](https://github.com/smartdec/smartdec/tree/master/src/nocode) 命令行反编译器
    - [smartdec](https://github.com/smartdec/smartdec/tree/master/src/smartdec) 带GUI界面的反编译器
    - [nc](https://github.com/smartdec/smartdec/tree/master/src/nc) 反编译器的核心代码
- [**299**Star][2y] [Shell] [sevagas/swap_digger](https://github.com/sevagas/swap_digger) a tool used to automate Linux swap analysis during post-exploitation or forensics.
- [**299**Star][1y] [C] [samhocevar/zzuf](https://github.com/samhocevar/zzuf) 
- [**299**Star][1y] [Py] [s0md3v/zen](https://github.com/s0md3v/zen) Find emails of Github users
- [**299**Star][2m] [C] [kholia/dedrop](https://github.com/kholia/dedrop) Looking inside the (Drop) box. Security Analysis of Dropbox. Updated WOOT '13 paper and other goodies.
- [**299**Star][2m] [Py] [kerlomz/captcha_platform](https://github.com/kerlomz/captcha_platform) This project is based on CNN+BLSTM+CTC to realize verificationtion. This projeccode identificat is only for deployment models.
- [**299**Star][11d] [Py] [fwkz/riposte](https://github.com/fwkz/riposte) Python package for wrapping applications inside a tailored interactive shell
- [**299**Star][18d] [HTML] [dxa4481/cssinjection](https://github.com/dxa4481/cssinjection) Stealing CSRF tokens with CSS injection (without iFrames)
- [**299**Star][14d] [Py] [dirkjanm/adidnsdump](https://github.com/dirkjanm/adidnsdump) Active Directory Integrated DNS dumping by any authenticated user
- [**299**Star][1y] [Go] [cloudfoundry/java-buildpack-memory-calculator](https://github.com/cloudfoundry/java-buildpack-memory-calculator) Cloud Foundry JVM Memory Calculator
- [**299**Star][2y] [Py] [bhdresh/cve-2017-8759](https://github.com/bhdresh/cve-2017-8759) Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
- [**298**Star][5m] [Jupyter Notebook] [shaohua0116/iclr2020-openreviewdata](https://github.com/shaohua0116/iclr2020-openreviewdata) Script that crawls meta data from ICLR OpenReview webpage. Tutorials on installing and using Selenium and ChromeDriver on Ubuntu.
- [**298**Star][10d] [PHP] [neerajsinghsonu/instagram-data-scraper](https://github.com/neerajsinghsonu/instagram-data-scraper) Instagram Data Scraper, Instagram Web Scraper, Instagram Super Scraper is a PHP script which takes
- [**298**Star][13d] [Go] [h12w/socks](https://github.com/h12w/socks) A SOCKS (SOCKS4, SOCKS4A and SOCKS5) Proxy Package for Go
- [**298**Star][13d] [Java] [uscdatascience/sparkler](https://github.com/uscdatascience/sparkler) Evolving Apache Nutch to run on Spark.
- [**298**Star][25d] [C++] [xmrig/xmrig-amd](https://github.com/xmrig/xmrig-amd) Monero AMD (OpenCL) miner
- [**298**Star][15d] [Py] [xdavidhu/portspider](https://github.com/xdavidhu/portspider) A lightning fast multithreaded network scanner framework with modules.
- [**298**Star][12m] [YARA] [supportintelligence/icewater](https://github.com/supportintelligence/icewater) YARA rules for the detection of malware and malicious files. the anti-virus industry prefers names for a threat
- [**298**Star][5y] [samyk/proxygambit](https://github.com/samyk/proxygambit) Anonymize and fracture network traffic/Internet access over a point-to-point wireless link or through TCP->GSM->wifi tunnel (advanced resurrection of ProxyHam)
- [**298**Star][12d] [C++] [rovo89/android_art](https://github.com/rovo89/android_art) Android ART with modifications for the Xposed framework.
- [**298**Star][4m] [JS] [ma3k4h3d/papers](https://github.com/ma3k4h3d/papers) Some papers about cyber security
- [**298**Star][3m] [Py] [lufeirider/cve-2019-2725](https://github.com/lufeirider/cve-2019-2725) CVE-2019-2725 命令回显
- [**298**Star][2y] [Shell] [ha71/namechk](https://github.com/ha71/namechk) Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.
- [**298**Star][6m] [Py] [ghostop14/sparrow-wifi](https://github.com/ghostop14/sparrow-wifi) Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- [**298**Star][4m] [Java] [dspinellis/umlgraph](https://github.com/dspinellis/umlgraph) Declarative specification and drawing of UML diagrams
- [**298**Star][18d] [HTML] [ansible/community](https://github.com/ansible/community) This repository is for management of all Ansible community related initiatives.
- [**298**Star][13d] [a2u/free-proxy-list](https://github.com/a2u/free-proxy-list) 
- [**297**Star][8d] [Shell] [dylanbai8/v2ray_h2-tls_website_onekey](https://github.com/dylanbai8/v2ray_h2-tls_website_onekey) V2RAY 基于 CADDY 的 VMESS+H2+TLS+Website(Use Host)+Rinetd BBR 一键安装脚本
- [**297**Star][10d] [Py] [usb-tools/facedancer](https://github.com/usb-tools/Facedancer) modern FaceDancer core for multiple devices-- including GreatFET
- [**297**Star][11d] [Py] [abhisharma404/vault](https://github.com/abhisharma404/vault) swiss army knife for hackers
- [**297**Star][4m] [JS] [xxxily/fiddler-plus](https://github.com/xxxily/fiddler-plus) 自定义的Fiddler规则，多环境切换、解决跨域开发、快速调试线上代码必备|高效调试分析利器
- [**297**Star][22d] [C++] [steve-m/kalibrate-rtl](https://github.com/steve-m/kalibrate-rtl) fork of
- [**297**Star][13d] [Py] [sethsec/celerystalk](https://github.com/sethsec/celerystalk) An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
- [**297**Star][2y] [C++] [paranoidninja/pandoras-box](https://github.com/paranoidninja/pandoras-box) custom scripts for Penetration Testing and Red Team Assessments.
- [**297**Star][3y] [Py] [orangetw/tiny-url-fuzzer](https://github.com/orangetw/tiny-url-fuzzer) A tiny and cute URL fuzzer
- [**297**Star][2y] [PS] [onelogicalmyth/zeroday-powershell](https://github.com/onelogicalmyth/zeroday-powershell) A PowerShell example of the Windows zero day priv esc
- [**297**Star][12d] [ntruopensourceproject/ntru-crypto](https://github.com/ntruopensourceproject/ntru-crypto) Open Source NTRU Public Key Cryptography and Reference Code
- [**297**Star][3y] [C] [matt-wu/aes](https://github.com/matt-wu/aes) Understanding AES & Rijndael
- [**297**Star][12d] [Py] [mariovilas/winappdbg](https://github.com/mariovilas/winappdbg) WinAppDbg Debugger
- [**297**Star][22d] [Py] [joxeankoret/pyew](https://github.com/joxeankoret/pyew) Official repository for Pyew.
- [**297**Star][8m] [Py] [fplyth0ner-combie/bug-project-framework](https://github.com/fplyth0ner-combie/bug-project-framework) 漏洞利用框架模块分享仓库
- [**297**Star][1y] [Py] [ciku370/osif](https://github.com/ciku370/osif) Open Source Information Facebook
- [**297**Star][2y] [C] [can1357/theperfectinjector](https://github.com/can1357/theperfectinjector) Literally, the perfect injector.
- [**296**Star][3m] [C++] [dfranx/shaderdebugger](https://github.com/dfranx/shaderdebugger) C++ library for debugging HLSL & GLSL shaders
- [**296**Star][10d] [C] [progmem/switch-fightstick](https://github.com/progmem/switch-fightstick) Proof-of-Concept LUFA Project for the Nintendo Switch. Uses reverse-engineering of the Pokken Tournament Pro Pad for the Wii U and Switch System v3.0.0
- [**296**Star][16d] [Py] [k8gege/cve-2019-0708](https://github.com/k8gege/cve-2019-0708) 3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)
- [**296**Star][12d] [C] [br101/horst](https://github.com/br101/horst) “horst” - lightweight IEEE802.11 wireless LAN analyzer with a text interface
- [**296**Star][3m] [Py] [xfreed0m/rdpassspray](https://github.com/xfreed0m/rdpassspray) Python3 tool to perform password spraying using RDP
- [**296**Star][10d] [Py] [xairy/easy-linux-pwn](https://github.com/xairy/easy-linux-pwn) A set of Linux binary exploitation tasks for beginners on various architectures
- [**296**Star][4m] [Py] [tenox7/wrp](https://github.com/tenox7/wrp) Web Rendering Proxy: Use vintage, historical, legacy browsers on modern web
- [**296**Star][10d] [C++] [souffle-lang/souffle](https://github.com/souffle-lang/souffle) Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
- [**296**Star][1y] [C] [rofl0r/microsocks](https://github.com/rofl0r/microsocks) tiny, portable SOCKS5 server with very moderate resource usage
- [**296**Star][15d] [Py] [phage-nz/ph0neutria](https://github.com/phage-nz/ph0neutria) ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability.
- [**296**Star][10d] [PHP] [incredibleindishell/ssrf_vulnerable_lab](https://github.com/incredibleindishell/ssrf_vulnerable_lab) This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
- [**296**Star][28d] [C] [firnsy/barnyard2](https://github.com/firnsy/barnyard2) Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
- [**296**Star][3y] [C++] [develbranch/tinyantivirus](https://github.com/develbranch/tinyantivirus) TinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.
- [**295**Star][18d] [lloydstubber/my-wsl-setup](https://github.com/lloydstubber/my-wsl-setup) Quick rundown on my current setup on the Windows Subsystem for Linux.
- [**295**Star][18d] [Py] [baabaaox/scrapydouban](https://github.com/baabaaox/ScrapyDouban) 豆瓣电影/豆瓣读书 Scarpy 爬虫
- [**295**Star][9d] [Java] [dena/packetproxy](https://github.com/dena/packetproxy) A local proxy written in Java
- [**295**Star][4m] [C++] [dfhack/stonesense](https://github.com/dfhack/stonesense) A retro isometric visualizer for Dwarf Fortress
- [**295**Star][20d] [Shell] [tehw0lf/airbash](https://github.com/tehw0lf/airbash) A POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing
- [**295**Star][3m] [ObjC] [strongbox-password-safe/strongbox](https://github.com/strongbox-password-safe/strongbox) A KeePass/Password Safe Client for iOS and OS X
- [**295**Star][5m] [Py] [quitten/autorize](https://github.com/quitten/autorize) Automatic authorization enforcement detection extension for burp suite written in Jython in order to ease application security people work and allow them perform an automatic authorization tests
- [**295**Star][10d] [Py] [jpcertcc/aa-tools](https://github.com/jpcertcc/aa-tools) Multiple RE plugins and scripts
    - [apt17scan.py](https://github.com/jpcertcc/aa-tools/blob/master/apt17scan.py) Volatility plugin for detecting APT17 related malware and extracting its config
    - [emdivi_postdata_decoder](https://github.com/jpcertcc/aa-tools/blob/master/emdivi_postdata_decoder.py) Python script for decoding Emdivi's post data
    - [emdivi_string_decryptor](https://github.com/jpcertcc/aa-tools/blob/master/emdivi_string_decryptor.py) IDAPython script for decrypting strings inside Emdivi
    - [citadel_decryptor](https://github.com/jpcertcc/aa-tools/tree/master/citadel_decryptor) Data decryption tool for Citadel
    - [adwind_string_decoder](https://github.com/jpcertcc/aa-tools/blob/master/adwind_string_decoder.py) Python script for decoding strings inside Adwind
    - [redleavesscan](https://github.com/jpcertcc/aa-tools/blob/master/redleavesscan.py) Volatility plugin for detecting RedLeaves and extracting its config
    - [datper_splunk](https://github.com/jpcertcc/aa-tools/blob/master/datper_splunk.py) Python script for detects Datper communication and adds result field to Splunk index
    - [datper_elk](https://github.com/jpcertcc/aa-tools/blob/master/datper_elk.py) Python script for detects Datper communication and adds result field to Elasticsearch index
    - [tscookie_decode](https://github.com/jpcertcc/aa-tools/blob/master/tscookie_decode.py) Python script for decrypting and parsing TSCookie configure data
    - [wellmess_cookie_decode](https://github.com/jpcertcc/aa-tools/blob/master/wellmess_cookie_decode.py) Python script for decoding WellMess's cookie data (support Python2)
    - [cobaltstrikescan](https://github.com/jpcertcc/aa-tools/blob/master/cobaltstrikescan.py) Volatility plugin for detecting Cobalt Strike Beacon and extracting its config
    - [tscookie_data_decode](https://github.com/jpcertcc/aa-tools/blob/master/tscookie_data_decode.py) Python script for decrypting and parsing TSCookie configure data
- [**295**Star][22d] [Py] [inaz2/roputils](https://github.com/inaz2/roputils) A Return-oriented Programming toolkit
- [**295**Star][20d] [Py] [franccesco/getaltname](https://github.com/franccesco/getaltname) Extract subdomains from SSL certificates in HTTPS sites.
- [**295**Star][4m] [C#] [fireeye/silketw](https://github.com/fireeye/silketw) flexible C# wrappers for ETW
- [**295**Star][12d] [Py] [exodus-privacy/exodus](https://github.com/exodus-privacy/exodus) Platform to audit trackers used by Android application
- [**295**Star][14d] [C] [droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) Fake sshd that logs ip addresses, usernames, and passwords.
- [**295**Star][4m] [drduh/debian-privacy-server-guide](https://github.com/drduh/debian-privacy-server-guide) Guide to using a remote Debian server for security and privacy services
- [**295**Star][1m] [Py] [covertcodes/multitun](https://github.com/covertcodes/multitun) Tunnel arbitrary traffic through an innocuous WebSocket. Clients can 'see' each other, resulting in a stealth WebSocket VPN.
- [**295**Star][8d] [Py] [b16f00t/whapa](https://github.com/b16f00t/whapa) WhatsApp Parser Toolset v1.15
- [**295**Star][3m] [aleenzz/mssql_sql_bypass_wiki](https://github.com/aleenzz/mssql_sql_bypass_wiki) MSSQL注入提权,bypass的一些总结
- [**294**Star][5m] [Shell] [pieterlange/kube-openvpn](https://github.com/pieterlange/kube-openvpn) 
- [**294**Star][2m] [thelsa/cs-checklist](https://github.com/thelsa/cs-checklist) PC客户端（C-S架构）渗透测试checklist / Client side(C-S) penestration checklist
- [**294**Star][11d] [Shell] [raspberrypi/rpi-eeprom](https://github.com/raspberrypi/rpi-eeprom) Installation scripts and binaries for the closed sourced Raspberry Pi 4 EEPROMs
- [**294**Star][10d] [Makefile] [pop-os/iso](https://github.com/pop-os/iso) ools necessary for building Pop!_OS ISOs.
- [**294**Star][13d] [JS] [wuchangming/https-mitm-proxy-handbook](https://github.com/wuchangming/https-mitm-proxy-handbook) 基于Node.js的HTTPS MITM(中间人)代理的原理和实现
- [**294**Star][14d] [JS] [ropnop/serverless_toolkit](https://github.com/ropnop/serverless_toolkit) A collection of useful Serverless functions I use when pentesting
- [**294**Star][25d] [C] [quarkslab/quarkspwdump](https://github.com/quarkslab/quarkspwdump) Dump various types of Windows credentials without injecting in any process.
- [**294**Star][4m] [JS] [owasp/dvsa](https://github.com/owasp/dvsa) a Damn Vulnerable Serverless Application
- [**294**Star][4y] [Py] [northbit/metaphor](https://github.com/northbit/metaphor) Stagefright with ASLR bypass
- [**294**Star][4m] [Ruby] [noraj/oscp-exam-report-template-markdown](https://github.com/noraj/oscp-exam-report-template-markdown) 
- [**294**Star][10d] [Py] [mozillasecurity/peach](https://github.com/mozillasecurity/peach) Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.
- [**294**Star][3y] [lucyoa/ctf-wiki](https://github.com/lucyoa/ctf-wiki) Hacking techniques useful during CTFs
- [**294**Star][2y] [ivmachiavelli/osint_team_links](https://github.com/ivmachiavelli/osint_team_links) Links for the OSINT Team
- [**294**Star][12d] [Java] [ewilded/shelling](https://github.com/ewilded/shelling) SHELLING - a comprehensive OS command injection payload generator
- [**294**Star][10d] [JS] [dpnishant/raptor](https://github.com/dpnishant/raptor) Web-based Source Code Vulnerability Scanner
- [**294**Star][5m] [Java] [cundong/memorymonitor](https://github.com/cundong/memorymonitor) Memory clean, pss monitor tool, for developer
- [**294**Star][7m] [C] [ayeks/sgx-hardware](https://github.com/ayeks/sgx-hardware) This is a list of hardware which is supports Intel SGX - Software Guard Extensions.
- [**293**Star][10d] [Go] [thehackerdev/race-the-web](https://github.com/thehackerdev/race-the-web) Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
- [**293**Star][11d] [Swift] [shadowsocksr-live/ishadowsocksr](https://github.com/shadowsocksr-live/ishadowsocksr) ShadowsocksR for iOS, come from
- [**293**Star][4m] [C] [valvesoftware/steamos_kernel](https://github.com/valvesoftware/steamos_kernel) SteamOS kernel branches
- [**293**Star][12d] [C#] [hmbsbige/nattypetester](https://github.com/hmbsbige/nattypetester) 测试当前网络的NAT类型（STUN）
- [**293**Star][25d] [Py] [hysnsec/devsecops-studio](https://github.com/hysnsec/DevSecOps-Studio) DevSecOps Distribution - Virtual Environment to learn DevSecOps
- [**293**Star][11d] [JS] [hawkeyesec/scanner-cli](https://github.com/hawkeyesec/scanner-cli) A project security/vulnerability/risk scanning tool
- [**293**Star][10d] [C] [tpm2-software/tpm2-tools](https://github.com/tpm2-software/tpm2-tools) The source repository for the Trusted Platform Module (TPM2.0) tools
- [**293**Star][4m] [Py] [ridter/exchange2domain](https://github.com/ridter/exchange2domain) CVE-2018-8581
- [**293**Star][4m] [Py] [rhinosecuritylabs/iprotate_burp_extension](https://github.com/rhinosecuritylabs/iprotate_burp_extension) Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
- [**293**Star][16d] [Py] [m4ll0k/takeover](https://github.com/m4ll0k/takeover) 子域名漏洞扫描器
- [**293**Star][3y] [Py] [kevthehermit/volutility](https://github.com/kevthehermit/volutility) Web App for Volatility framework
- [**292**Star][16d] [Go] [mercari/grpc-http-proxy](https://github.com/mercari/grpc-http-proxy) A reverse proxy server which translate JSON HTTP requests to gRPC calls based on protoreflect
- [**292**Star][8d] [Jupyter Notebook] [cyberzhg/clrs](https://github.com/cyberzhg/clrs) Some exercises and problems in Introduction to Algorithms 3rd edition.
- [**292**Star][6m] [C] [ailispaw/boot2docker-xhyve](https://github.com/ailispaw/boot2docker-xhyve) Boot2Docker running on xhyve hypervisor
- [**292**Star][16d] [C] [rhash/rhash](https://github.com/rhash/rhash) Great utility for computing hash sums
- [**292**Star][14d] [Py] [bennington-distributed-systems-2017/darkdarkgo](https://github.com/bennington-distributed-systems-2017/darkdarkgo) Modeled Google and Bing to build a distributed search engine for the dark web
- [**292**Star][21d] [JS] [akajes/marlin-config](https://github.com/akajes/marlin-config) Marlin firmware instant configurator
- [**292**Star][14d] [Py] [fsecurelabs/wepwnise](https://github.com/FSecureLABS/wePWNise) WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
- [**292**Star][11d] [w0lfschild/macos_headers](https://github.com/w0lfschild/macos_headers)  a class dump of most Apple Applications and Frameworks on macOS
- [**292**Star][4m] [Py] [shenril/sitadel](https://github.com/shenril/sitadel) Web Application Security Scanner
- [**292**Star][14d] [Ruby] [rapid7/recog](https://github.com/rapid7/recog) Pattern recognition for hosts, services, and content
- [**292**Star][11d] [Py] [pycqa/mccabe](https://github.com/pycqa/mccabe) McCabe complexity checker for Python
- [**292**Star][13d] [JS] [protofire/solhint](https://github.com/protofire/solhint) Security and Style Guide validations.
- [**292**Star][9y] [ObjC] [nst/spyphone](https://github.com/nst/spyphone) This project shows the kind of data a rogue iPhone application can collect.
- [**292**Star][8m] [Py] [meibenjin/googlesearchcrawler](https://github.com/meibenjin/googlesearchcrawler) a tool for crawl Google search results
- [**292**Star][13d] [Java] [matthiaskaiser/jmet](https://github.com/matthiaskaiser/jmet) Java Message Exploitation Tool
- [**292**Star][10m] [Go] [lesnuages/hershell](https://github.com/lesnuages/hershell) Multiplatform reverse shell generator
- [**292**Star][1y] [Py] [justicerage/ffm](https://github.com/justicerage/ffm) Freedom Fighting Mode: open source hacking harness
- [**292**Star][10d] [Py] [jakespringer/angr_ctf](https://github.com/jakespringer/angr_ctf) 
- [**292**Star][16d] [Py] [facebook/fbkutils](https://github.com/facebook/fbkutils) A variety of utilities built and maintained by Facebook's Linux Kernel Team that we wish to share with the community.
- [**292**Star][14d] [accordbox/awesome-scrapy](https://github.com/accordbox/awesome-scrapy) A curated list of awesome packages, articles, and other cool resources from the Scrapy community.
- [**291**Star][10d] [Go] [atredispartners/flamingo](https://github.com/atredispartners/flamingo) Flamingo captures credentials sprayed across the network by various IT and security products.
- [**291**Star][4m] [CSS] [w-digital-scanner/w11scan](https://github.com/w-digital-scanner/w11scan) Distributed WEB fingerprint identification platform
- [**291**Star][1m] [C] [unix-thrust/beurk](https://github.com/unix-thrust/beurk) BEURK Experimental Unix RootKit
- [**291**Star][11d] [Py] [tomato42/tlsfuzzer](https://github.com/tomato42/tlsfuzzer) SSL and TLS protocol test suite and fuzzer
- [**291**Star][15d] [Py] [mthbernardes/rsg](https://github.com/mthbernardes/rsg)  generate various ways to do a reverse shell
- [**291**Star][2y] [Shell] [m4ll0k/autonse](https://github.com/m4ll0k/autonse) Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
- [**291**Star][1y] [Java] [indywidualny/faceslim](https://github.com/indywidualny/faceslim) Web App for Facebook. Lightweight, ad-free, chat support and modern look.
- [**291**Star][2y] [C++] [godaddy/procfilter](https://github.com/godaddy/procfilter) A YARA-integrated process denial framework for Windows
- [**291**Star][11d] [Shell] [cytoscape/cytoscape](https://github.com/cytoscape/cytoscape) an open source platform for network analysis and visualization
- [**291**Star][3y] [Java] [cnfree/eclipse-class-decompiler](https://github.com/cnfree/eclipse-class-decompiler) Eclipse Class Decompiler integrates JD, Jad, FernFlower, CFR, Procyon seamlessly with Eclipse and allows Java developers to debug class files without source code directly
- [**291**Star][21d] [Py] [antojoseph/frida-android-hooks](https://github.com/antojoseph/frida-android-hooks) Lets you hook Method Calls in Frida ( Android )
- [**291**Star][16d] [Py] [aaronportnoy/toolbag](https://github.com/aaronportnoy/toolbag) The IDA Toolbag is a plugin providing supplemental functionality to Hex-Rays IDA Pro disassembler.
- [**290**Star][4y] [JS] [alanyang/dhtspider](https://github.com/alanyang/dhtspider) Bittorrent dht network spider
- [**290**Star][12d] [wangzhenjjcn/pubg_hack](https://github.com/wangzhenjjcn/pubg_hack) STOP UPDATE SINCE 2018-05===PLS SUPPORT ORIGINAL====PUBG CHEAT 绝地求生 吃鸡 作弊 外挂 チート Plug-in ADD-ON мошенничать 플러그인
- [**290**Star][7d] [Go] [mzz2017/v2raya](https://github.com/mzz2017/v2raya) A Linux web GUI client of Project V which supports V2Ray, SS, SSR, Trojan and Pingtunnel protocols
- [**290**Star][1m] [Py] [cokebar/gfwlist2dnsmasq_python](https://github.com/cokebar/gfwlist2dnsmasq_python) Just another python script to auto-generate dnsmasq ipset rules using gfwlist. Shell script version:
- [**290**Star][9d] [Java] [lilifengcode/burpsuite-plugins-usage](https://github.com/lilifengcode/burpsuite-plugins-usage) Burpsuite-Plugins-Usage
- [**290**Star][1y] [C#] [nsacyber/windows-event-log-messages](https://github.com/nsacyber/Windows-Event-Log-Messages) Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber
- [**290**Star][2y] [HTML] [googleprojectzero/p0tools](https://github.com/googleprojectzero/p0tools) Project Zero Docs and Tools
- [**290**Star][8d] [zhaoweiho/web-sec-interview](https://github.com/zhaoweiho/web-sec-interview) Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
- [**290**Star][2y] [Java] [webgoat/webgoat-legacy](https://github.com/webgoat/webgoat-legacy) Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
- [**290**Star][16d] [Perl] [rezasp/vbscan](https://github.com/rezasp/vbscan) OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
- [**290**Star][3m] [PHP] [lawrenceamer/0xsp-mongoose](https://github.com/lawrenceamer/0xsp-mongoose) Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding
- [**290**Star][11d] [C] [gpg/gnupg](https://github.com/gpg/gnupg) The GNU Privacy Guard. Mirror from:
- [**290**Star][14d] [C++] [google/syzygy](https://github.com/google/syzygy) a suite of tools for the instrumentation of COFF object files and PE binaries
- [**290**Star][15d] [C++] [fireeye/flare-wmi](https://github.com/fireeye/flare-wmi) various documentation and code projects that describe the Windows Management Instrumentation (WMI) technology
- [**290**Star][2y] [C] [creaktive/tsh](https://github.com/creaktive/tsh) Tiny SHell - An open-source UNIX backdoor
- [**290**Star][24d] [Perl] [bishopfox/theos-jailed](https://github.com/bishopfox/theos-jailed) A version of Theos/CydiaSubstrate for non-jailbroken iOS devices
- [**290**Star][10d] [C] [battelle/movfuscator](https://github.com/battelle/movfuscator) The single instruction C compiler
- [**290**Star][13d] [C] [abeluck/stegdetect](https://github.com/abeluck/stegdetect) UNMAINTAINED. USE AT OWN RISK. Stegdetect is an automated tool for detecting steganographic content in images.
- [**290**Star][17d] [Py] [18f/domain-scan](https://github.com/18f/domain-scan) A lightweight pipeline, locally or in Lambda, for scanning things like HTTPS, third party service use, and web accessibility.
- [**289**Star][10d] [Shell] [trimstray/mkchain](https://github.com/trimstray/mkchain) Open source tool to help you build a valid SSL certificate chain.
- [**289**Star][15d] [Java] [timolson/cointrader](https://github.com/timolson/cointrader) Coin Trader is a Java-based backend for algorithmically trading cryptocurrencies. It provides data collection and export, complex event processing and triggering, and backtesting - paper trading - live trading.
- [**289**Star][1y] [Rust] [superandroidanalyzer/super](https://github.com/superandroidanalyzer/super) Secure, Unified, Powerful and Extensible Rust Android Analyzer
- [**289**Star][12d] [C++] [soarqin/finalhe](https://github.com/soarqin/finalhe) Final h-encore, a tool to push h-encore exploit for PS VITA/PS TV automatically
- [**289**Star][16d] [JS] [mscdex/socksv5](https://github.com/mscdex/socksv5) SOCKS protocol version 5 server and client implementations for node.js
- [**289**Star][3m] [Py] [mcw0/poc](https://github.com/mcw0/poc) Issues has been disabled for these PoC's, as they are simply PoC, Public Domain and unsupported.
- [**289**Star][12d] [Py] [ghirensics/ghiro](https://github.com/ghirensics/ghiro) Automated image forensics tool
- [**289**Star][2y] [PS] [fox-it/invoke-aclpwn](https://github.com/fox-it/invoke-aclpwn)  a tool that automates the discovery and pwnage of ACLs in Active Directory that are unsafe configured.
- [**289**Star][15d] [Java] [fourbrother/icodetools](https://github.com/fourbrother/icodetools) Android中动态自动插入代码到apk中工具
- [**289**Star][25d] [Py] [feliam/pysymemu](https://github.com/feliam/pysymemu) An intel 64 symbolic emulator
- [**289**Star][2y] [Py] [eth0izzle/needl](https://github.com/eth0izzle/needl) Take back your privacy. Lose yourself in the haystack.
- [**289**Star][3y] [Py] [eik00d/cantoolz](https://github.com/eik00d/cantoolz) CANToolz - framework for black-box CAN network analysis
- [**289**Star][4m] [Py] [abhi-r3v0/adhrit](https://github.com/abhi-r3v0/adhrit) Android Security Suite for APK reversing, in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
- [**288**Star][8d] [Py] [zkqiang/zhihu-login](https://github.com/zkqiang/zhihu-login) 知乎模拟登录，支持提取验证码和保存 Cookies
- [**288**Star][24d] [dloss/binary-parsing](https://github.com/dloss/binary-parsing) A list of generic tools for parsing binary data structures, such as file formats, network protocols or bitstreams
- [**288**Star][15d] [Py] [rassec/pentester-fully-automatic-scanner](https://github.com/rassec/pentester-fully-automatic-scanner) DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc
- [**288**Star][4m] [C] [googleprojectzero/ktrw](https://github.com/googleprojectzero/ktrw) An iOS kernel debugger based on a KTRR bypass for A11 iPhones that works with LLDB.
- [**288**Star][15d] [Py] [rassec/pentester-fully-automatic-scanner](https://github.com/RASSec/pentestER-Fully-automatic-scanner) DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc
- [**288**Star][23d] [Py] [xoreaxeaxeax/reductio](https://github.com/xoreaxeaxeax/reductio) An exploration of code homeomorphism
- [**288**Star][11d] [paloaltonetworks/minemeld](https://github.com/paloaltonetworks/minemeld) Main MineMeld documentation repo
- [**288**Star][6m] [PS] [nullbind/powershellery](https://github.com/nullbind/powershellery) This repo contains Powershell scripts used for general hackery.
- [**288**Star][6m] [PHP] [nico3333fr/csp-useful](https://github.com/nico3333fr/csp-useful) Collection of scripts, thoughts about CSP (Content Security Policy)
- [**288**Star][20d] [Java] [nfcgate/nfcgate](https://github.com/nfcgate/nfcgate) An NFC research toolkit application for Android
- [**288**Star][1m] [Py] [mazen160/struts-pwn_cve-2018-11776](https://github.com/mazen160/struts-pwn_cve-2018-11776) An exploit for Apache Struts CVE-2018-11776
- [**288**Star][1y] [Java] [katjahahn/portex](https://github.com/katjahahn/portex) Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
- [**288**Star][12d] [Py] [jaegertracing/jaeger-client-python](https://github.com/jaegertracing/jaeger-client-python) Jaeger Bindings for Python OpenTracing API
- [**288**Star][12d] [JS] [hellgrenj/hulken](https://github.com/hellgrenj/hulken) a stress testing tool for everything speaking HTTP.
- [**288**Star][13d] [Py] [code-scan/dzscan](https://github.com/code-scan/dzscan) Dzscan
- [**288**Star][8m] [Java] [appium/sign](https://github.com/appium/sign) Sign.jar automatically signs an apk with the Android test certificate.
- [**288**Star][11d] [Py] [a13xp0p0v/kconfig-hardened-check](https://github.com/a13xp0p0v/kconfig-hardened-check) A tool for checking the hardening options in the Linux kernel config
- [**287**Star][11d] [JS] [ethereum-oasis/baseline](https://github.com/ethereum-oasis/baseline) The Baseline Protocol is an open source initiative that combines advances in cryptography, messaging, and blockchain to execute secure and private business processes at low cost via the public Ethereum Mainnet. The protocol will enable confidential and complex collaboration between enterprises without leaving any sensitive data on-chain
- [**287**Star][14d] [Java] [postaddictme/instagram-java-scraper](https://github.com/postaddictme/instagram-java-scraper) Instagram Java Scraper. Get account information, photos, videos and comments.
- [**287**Star][9d] [Py] [chenjiandongx/51job-spider](https://github.com/chenjiandongx/51job-spider) 如何使用爬虫分析 Python 岗位招聘情况
- [**287**Star][9d] [Py] [chenjiandongx/51job-spider](https://github.com/chenjiandongx/51job-spider) 
- [**287**Star][1y] [Py] [s0md3v/breacher](https://github.com/s0md3v/Breacher) An advanced multithreaded admin panel finder written in python.
- [**287**Star][11d] [C++] [xortroll/emuiibo](https://github.com/xortroll/emuiibo) Virtual amiibo (amiibo emulation) system for Nintendo Switch
- [**287**Star][3y] [Java] [simbiose/encryption](https://github.com/simbiose/encryption) Encryption is a simple way to encrypt and decrypt strings on Android and Java project.
- [**287**Star][4m] [PS] [sdcampbell/internal-pentest-playbook](https://github.com/sdcampbell/internal-pentest-playbook) Internal Network Penetration Test Playbook
- [**287**Star][10d] [sam-b/windows_kernel_resources](https://github.com/sam-b/windows_kernel_resources) Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
- [**287**Star][1m] [PHP] [psecio/parse](https://github.com/psecio/parse) A PHP Security Scanner
- [**287**Star][11d] [C] [mysql/mysql-proxy](https://github.com/mysql/mysql-proxy) MySQL Proxy is a simple program that sits between your client and MySQL server(s) and that can monitor, analyze or transform their communication. Its flexibility allows for a wide variety of uses, including load balancing, failover, query analysis, query filtering and modification, and many more.
- [**287**Star][2y] [Py] [manwhoami/mmetokendecrypt](https://github.com/manwhoami/mmetokendecrypt) Decrypts and extracts iCloud and MMe authorization tokens on Apple macOS / OS X. No user authentication needed. 🏅🌩
- [**287**Star][11d] [Py] [livz/cloacked-pixel](https://github.com/livz/cloacked-pixel) LSB steganography and detection
- [**287**Star][5y] [C++] [kennytm/miscellaneous](https://github.com/kennytm/miscellaneous) This repository contains stuff which would be helpful for jailbroken iOS development.
- [**287**Star][29d] [Ruby] [danmcinerney/pentest-machine](https://github.com/danmcinerney/pentest-machine) Automates some pentest jobs via nmap xml file
- [**287**Star][22d] [Py] [anssi-fr/polichombr](https://github.com/anssi-fr/polichombr) Collaborative malware analysis framework
- [**286**Star][10d] [Py] [xiaomifirmwareupdater/mi-firmware-updater](https://github.com/xiaomifirmwareupdater/mi-firmware-updater) Auto generates Xiaomi firmware flashable zip files every MIUI new update
- [**286**Star][2m] [Ruby] [davidesantangelo/webinspector](https://github.com/davidesantangelo/webinspector) Ruby gem to inspect completely a web page. It scrapes a given URL, and returns you its meta, links, images more.
- [**286**Star][16d] [Go] [geohot/lolrecaptcha](https://github.com/geohot/lolrecaptcha) We try to break the recaptcha for the Merry Christmas for all!
- [**286**Star][2y] [Go] [unixpickle/kahoot-hack](https://github.com/unixpickle/kahoot-hack) Reverse engineering kahoot.it
- [**286**Star][5m] [Py] [m4ll0k/konan](https://github.com/m4ll0k/Konan) Konan - Advanced Web Application Dir Scanner
- [**286**Star][12d] [Go] [zboya/gomitmproxy](https://github.com/zboya/gomitmproxy) gomitmproxy是想用golang语言实现[mitmproxy]，实现http(s)代理
- [**286**Star][11d] [Java] [vida-nyu/ache](https://github.com/vida-nyu/ache) ACHE is a web crawler for domain-specific search.
- [**286**Star][4y] [C] [swiperproxy/swiperproxy](https://github.com/swiperproxy/swiperproxy) A Python-based HTTP/HTTPS-proxy.
- [**286**Star][3y] [Py] [nanshihui/poccollect](https://github.com/nanshihui/poccollect) a plenty of poc based on python
- [**286**Star][4y] [Py] [monnappa22/limon](https://github.com/monnappa22/limon) Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open s…
- [**286**Star][2m] [Go] [longxboy/lunnel](https://github.com/longxboy/lunnel) fast reverse-proxy
- [**286**Star][4m] [Py] [hongrisec/ctf-training](https://github.com/hongrisec/ctf-training) 收集各大比赛的题目和Writeup
- [**286**Star][16d] [Py] [google/docker-explorer](https://github.com/google/docker-explorer) A tool to help forensicate offline docker acquisitions
- [**286**Star][15d] [evilsocket/bettercap-proxy-modules](https://github.com/evilsocket/bettercap-proxy-modules) This repository contains some bettercap transparent proxy example modules.
- [**286**Star][1m] [JS] [cnwhy/lib-qqwry](https://github.com/cnwhy/lib-qqwry) 用NodeJS解析纯真IP库(QQwry.dat) 支持IP段查询
- [**286**Star][10d] [JS] [chrisallenlane/novahot](https://github.com/chrisallenlane/novahot) A webshell framework for penetration testers.
- [**286**Star][2y] [beahunt3r/windows-hunting](https://github.com/beahunt3r/windows-hunting) aid windows threat hunters to look for some common artifacts during their day to day operations
- [**286**Star][10d] [aidansteele/osx-abi-macho-file-format-reference](https://github.com/aidansteele/osx-abi-macho-file-format-reference) Mirror of OS X ABI Mach-O File Format Reference
- [**285**Star][3m] [Shell] [binhex/arch-delugevpn](https://github.com/binhex/arch-delugevpn) Docker build script for Arch Linux base with Deluge, Privoxy and OpenVPN
- [**285**Star][4m] [C++] [itkindaworks/esphelper](https://github.com/itkindaworks/esphelper) A library to make using WiFi & MQTT on the ESP8266 easy.
- [**285**Star][19d] [Py] [davidfraser/pyan](https://github.com/davidfraser/pyan) pyan is a Python module that performs static analysis of Python code to determine a call dependency graph between functions and methods. This is different from running the code and seeing which functions are called and how often; there are various tools that will generate a call graph in that way, usually using debugger or profiling trace hooks …
- [**285**Star][13d] [Ruby] [zt2/sqli-hunter](https://github.com/zt2/sqli-hunter) SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
- [**285**Star][3m] [JS] [strangerealintel/cyberthreatintel](https://github.com/strangerealintel/cyberthreatintel) Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
- [**285**Star][25d] [Py] [novicelive/bintut](https://github.com/novicelive/bintut) Teach you a binary exploitation for great good.
- [**285**Star][20d] [C] [leaflabs/libmaple](https://github.com/leaflabs/libmaple) [INACTIVE] C and C++ library for STM32 ARM Cortex-M3 development boards.
- [**285**Star][3y] [Py] [iniqua/plecost](https://github.com/iniqua/plecost)  Wordpress finger printer Tool
- [**285**Star][3y] [C] [devio/walruss](https://github.com/devio/walruss) PC-Wahl 10 Hacking Tools
- [**285**Star][3y] [Java] [crowhawk/magictoe](https://github.com/crowhawk/magictoe) 基于webmagic + springboot + mybatis的Java爬虫，使用Echarts进行数据可视化分析，提供了从爬虫获取数据到数据持久化、数据可视化分析以及构建简单的代理池等一整套解决方案模板。
- [**285**Star][11d] [cpuu/awesome-fuzzing](https://github.com/cpuu/awesome-fuzzing) A curated list of awesome Fuzzing(or Fuzz Testing) for software security
- [**285**Star][10y] [Java] [cathedrow/cryptosuite](https://github.com/cathedrow/cryptosuite) Cryptographic suite for Arduino (SHA, HMAC-SHA)
- [**284**Star][14d] [assetnote/commonspeak2-wordlists](https://github.com/assetnote/commonspeak2-wordlists) Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
- [**284**Star][11d] [ObjC] [yulingtianxia/apporderfiles](https://github.com/yulingtianxia/apporderfiles) The easiest way to generate order files for Mach-O using Clang. Improving App Performance.
- [**284**Star][11d] [JS] [portswigger/hackability](https://github.com/portswigger/hackability) Probe a rendering engine for vulnerabilities and other features
- [**284**Star][8m] [Py] [pbiernat/ripr](https://github.com/pbiernat/ripr) Package Binary Code as a Python class using Binary Ninja and Unicorn Engine
- [**284**Star][11d] [Py] [hubblestack/hubble](https://github.com/hubblestack/hubble) Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe.
- [**284**Star][4m] [Ruby] [hahwul/xspear](https://github.com/hahwul/xspear) Powerfull XSS Scanning and Parameter analysis tool&gem
- [**284**Star][4y] [Py] [fuzzing/mffa](https://github.com/fuzzing/mffa) Media Fuzzing Framework for Android
- [**284**Star][4m] [C++] [fransbouma/injectablegenericcamerasystem](https://github.com/fransbouma/injectablegenericcamerasystem) This is a generic camera system to be used as the base for cameras for taking screenshots within games. The main purpose of the system is to hijack the in-game 3D camera by overwriting values in its camera structure with our own values so we can control where the camera is located, it's pitch/yaw/roll values, its FoV and the camera's look vector.
- [**284**Star][4m] [Shell] [drtyhlpr/rpi23-gen-image](https://github.com/drtyhlpr/rpi23-gen-image) Advanced Debian "stretch" and "buster" bootstrap script for RPi 0/1/2/3 and QEMU
- [**284**Star][18d] [Py] [azure/azure-storage-python](https://github.com/azure/azure-storage-python) Microsoft Azure Storage Library for Python
- [**284**Star][4y] [C] [andreafabrizi/prism](https://github.com/andreafabrizi/prism) PRISM is an user space stealth reverse shell backdoor, written in pure C.
- [**283**Star][13d] [Py] [hexhive/retrowrite](https://github.com/hexhive/retrowrite) RetroWrite -- Retrofitting compiler passes though binary rewriting
- [**283**Star][19d] [Shell] [4ch12dy/xadb](https://github.com/4ch12dy/xadb) some useful adb commands for android reversing and debugging both 32 and 64 bit and support macOS and win10's MINGW64.
- [**283**Star][21d] [Java] [thanosfisherman/wifiutils](https://github.com/thanosfisherman/wifiutils) Easily Connect to WiFi Networks
- [**283**Star][18d] [C++] [sin5678/gh0st](https://github.com/sin5678/gh0st) a open source remote administrator tool
- [**283**Star][4m] [C#] [wokhansoft/wfn](https://github.com/wokhansoft/wfn) Windows Firewall Notifier extends the default Windows embedded firewall by allowing to handle and notify about outgoing connections, offers real time connections monitoring, connections map, bandwidth usage monitoring and more...
- [**283**Star][11d] [C++] [windytan/redsea](https://github.com/windytan/redsea) A lightweight RDS to JSON decoder
- [**283**Star][29d] [Assembly] [tinysec/windows-syscall-table](https://github.com/tinysec/windows-syscall-table) windows syscall table from xp ~ 10 rs4
- [**283**Star][2y] [Py] [ssooking/ctfdefense](https://github.com/ssooking/ctfdefense) Some tools for CTF off line
- [**283**Star][5m] [Py] [sneakerhax/runbooks](https://github.com/sneakerhax/runbooks) Command references, posts, and resources for different topics
- [**283**Star][11d] [Shell] [pentester-io/commonspeak](https://github.com/pentester-io/commonspeak) Content discovery wordlists generated using BigQuery
- [**283**Star][1m] [HTML] [pagerduty/security-training](https://github.com/pagerduty/security-training) Public version of PagerDuty's employee security training courses.
- [**283**Star][4y] [Py] [mandatoryprogrammer/xssless](https://github.com/mandatoryprogrammer/xssless) An automated XSS payload generator written in python.
- [**283**Star][11d] [C] [kubo/plthook](https://github.com/kubo/plthook) Hook function calls by replacing PLT(Procedure Linkage Table) entries.
- [**283**Star][2m] [Swift] [krausefx/watch.user](https://github.com/krausefx/watch.user) Every iOS app you ever gave permission to use your camera can record you any time it runs - without notice
- [**283**Star][5m] [Py] [jjkester/django-auditlog](https://github.com/jjkester/django-auditlog) A Django app that keeps a log of changes made to an object.
- [**283**Star][14d] [TS] [httptoolkit/mockttp](https://github.com/httptoolkit/mockttp) Powerful friendly HTTP mock server & proxy
- [**283**Star][14d] [Py] [giantbranch/python-hacker-code](https://github.com/giantbranch/python-hacker-code) 《python黑帽子：黑客与渗透测试编程之道》代码及实验文件，字典等
- [**283**Star][4m] [Go] [erbbysam/dnsgrep](https://github.com/erbbysam/dnsgrep) Quickly Search Large DNS Datasets
- [**282**Star][2y] [Py] [hopetree/e-commerce-crawlers](https://github.com/hopetree/e-commerce-crawlers) 
- [**282**Star][4m] [C++] [dscharrer/innoextract](https://github.com/dscharrer/innoextract) A tool to unpack installers created by Inno Setup
- [**282**Star][14d] [C#] [fsecurelabs/sharpgpoabuse](https://github.com/FSecureLABS/SharpGPOAbuse) take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
- [**282**Star][13d] [Kotlin] [temyco/security-workshop-sample](https://github.com/temyco/security-workshop-sample) This repository has been desired to show different Android Security Approach implementations using a simple sample project.
- [**282**Star][14d] [Py] [pyhackertarget/hackertarget](https://github.com/pyhackertarget/hackertarget) attack surface discovery and identification of security vulnerabilities
- [**282**Star][1y] [Py] [wyatu/cve-2018-8581](https://github.com/wyatu/cve-2018-8581) CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability
- [**282**Star][20d] [C++] [wbenny/mini-tor](https://github.com/wbenny/mini-tor) proof-of-concept implementation of tor protocol using Microsoft CNG/CryptoAPI
- [**282**Star][1y] [C] [rieck/malheur](https://github.com/rieck/malheur) A Tool for Automatic Analysis of Malware Behavior
- [**282**Star][12d] [Py] [qunarcorp/open_dnsdb](https://github.com/qunarcorp/open_dnsdb) OpenDnsdb 是去哪儿网OPS团队开源的基于Python语言的DNS管理系统
- [**282**Star][3m] [Shell] [projectzeroindia/cve-2019-11510](https://github.com/projectzeroindia/cve-2019-11510) Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
- [**282**Star][6m] [Swift] [prateek147/dvia-v2](https://github.com/prateek147/dvia-v2) Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in t…
- [**282**Star][3y] [Java] [mateuszk87/badintent](https://github.com/mateuszk87/badintent) Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
- [**282**Star][2y] [Py] [lunarca/simpleemailspoofer](https://github.com/lunarca/simpleemailspoofer) A simple Python CLI to spoof emails.
- [**282**Star][10d] [Py] [inforion/idapython-cheatsheet](https://github.com/inforion/idapython-cheatsheet) Scripts and cheatsheets for IDAPython
- [**282**Star][14d] [C] [hypersine/how-does-navicat-encrypt-password](https://github.com/HyperSine/how-does-navicat-encrypt-password) Transferred from
- [**282**Star][13d] [Py] [dkovar/analyzemft](https://github.com/dkovar/analyzemft) fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple format
- [**282**Star][10d] [Py] [boy-hack/airbug](https://github.com/boy-hack/airbug) Airbug(空气洞)，收集漏洞poc用于安全产品
- [**282**Star][13d] [Py] [bontchev/pcodedmp](https://github.com/bontchev/pcodedmp) A VBA p-code disassembler
- [**282**Star][13d] [Java] [ata4/bspsrc](https://github.com/ata4/bspsrc) A Source engine map decompiler
- [**282**Star][14d] [Py] [armmbed/mbed-cli](https://github.com/armmbed/mbed-cli) Arm Mbed Command Line Interface
- [**281**Star][3m] [Py] [thewhiteh4t/finalrecon](https://github.com/thewhiteh4t/finalrecon) OSINT Tool for All-In-One Web Reconnaissance
- [**281**Star][13d] [JS] [roccomuso/netcat](https://github.com/roccomuso/netcat) Netcat client and server modules written in pure Javascript for Node.j
- [**281**Star][24d] [Py] [peikexin9/deepxplore](https://github.com/peikexin9/deepxplore) DeepXplore code release
- [**281**Star][8d] [C#] [mr-un1k0d3r/redteamcsharpscripts](https://github.com/mr-un1k0d3r/redteamcsharpscripts) C# Script used for Red Team
- [**281**Star][4m] [Assembly] [karawin/ka-radio](https://github.com/karawin/ka-radio) A wifi webradio with only low cost boards ESP8266 and VS1053
- [**281**Star][1m] [Py] [joxeankoret/multiav](https://github.com/joxeankoret/multiav) MultiAV scanner with Python and JSON API. Disclaimer: I don't maintain it any more.
- [**281**Star][14d] [Py] [ionelmc/python-manhole](https://github.com/ionelmc/python-manhole) Debugging manhole for python applications.
- [**281**Star][18d] [Py] [invernizzi/scapy-http](https://github.com/invernizzi/scapy-http) Support for HTTP in Scapy
- [**281**Star][3m] [Go] [hashicorp/consul-haproxy](https://github.com/hashicorp/consul-haproxy) Consul HAProxy connector for real-time configuration
- [**281**Star][2y] [C#] [ghostpack/sharpwmi](https://github.com/ghostpack/sharpwmi) SharpWMI is a C# implementation of various WMI functionality.
- [**281**Star][29d] [Py] [gbafana25/esp8266_honeypot](https://github.com/gbafana25/esp8266_honeypot) a honeypot programmed in Micropython for the ESP8266
- [**281**Star][2m] [Py] [duo-labs/dlint](https://github.com/duo-labs/dlint) Dlint is a tool for encouraging best coding practices and helping ensure we're writing secure Python code.
- [**281**Star][13d] [C] [didi/kemon](https://github.com/didi/kemon) An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring.
- [**281**Star][6m] [Py] [den1al/jsshell](https://github.com/den1al/jsshell) An interactive multi-user web JS shell
- [**281**Star][2m] [JS] [d3/d3-interpolate](https://github.com/d3/d3-interpolate) Interpolate numbers, colors, strings, arrays, objects, whatever!
- [**281**Star][1m] [Java] [commonsguy/cwac-security](https://github.com/commonsguy/cwac-security) CWAC-Security: Helping You Help Your Users Defend Their Data
- [**281**Star][19d] [Go] [brompwnie/botb](https://github.com/brompwnie/botb) A container analysis and exploitation tool for pentesters and engineers.
- [**280**Star][10d] [Java] [xiaoyaoyou1212/bluetoothchat](https://github.com/xiaoyaoyou1212/bluetoothchat) 基于Android Classic Bluetooth的蓝牙聊天软件，目前仅支持一对一实时通信、文件传输、好友添加、好友分组、好友在线状态更新等功能，其中消息发送支持文本、表情等方式。
- [**280**Star][12d] [C++] [radareorg/r2ghidra-dec](https://github.com/radareorg/r2ghidra-dec) Deep ghidra decompiler integration for radare2
- [**280**Star][8d] [C++] [trailofbits/winchecksec](https://github.com/trailofbits/winchecksec) Checksec, but for Windows: static detection of security mitigations in executables
- [**280**Star][12d] [C++] [radareorg/r2ghidra-dec](https://github.com/radareorg/r2ghidra-dec) Deep ghidra decompiler integration for radare2
- [**280**Star][4m] [JS] [nodejs/security-wg](https://github.com/nodejs/security-wg) Node.js Security Working Group
- [**280**Star][14d] [C++] [microsoft/krabsetw](https://github.com/microsoft/krabsetw) KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
- [**280**Star][4m] [Py] [liuchangfreeman/c--compiler](https://github.com/liuchangfreeman/c--compiler) C--compiler which implements LL(1)\LR(0)\SLR\LR(1) and semantic analysis and MIPS generate
- [**280**Star][25d] [Go] [kisesy/gscan_quic](https://github.com/kisesy/gscan_quic) Google Quic 扫描工具
- [**280**Star][12d] [C] [grant-h/qu1ckr00t](https://github.com/grant-h/qu1ckr00t) A PoC application demonstrating the power of an Android kernel arbitrary R/W.
- [**280**Star][11d] [Py] [firstlookmedia/gpgsync](https://github.com/firstlookmedia/gpgsync)  let users always have up-to-date OpenPGP public keys for other members of their organization.
- [**280**Star][9m] [Shell] [cryptolok/aslray](https://github.com/cryptolok/aslray) Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying
- [**279**Star][10d] [Py] [eonraider/blackhat-python3](https://github.com/eonraider/blackhat-python3) Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated modules.
- [**279**Star][5m] [C++] [freeminer/freeminer](https://github.com/freeminer/freeminer) Freeminer is an open source sandbox game inspired by Minecraft.
- [**279**Star][14d] [C] [radareorg/r2dec-js](https://github.com/radareorg/r2dec-js) radare2 plugin - converts asm to pseudo-C code.
- [**279**Star][4m] [zodiacon/alltools](https://github.com/zodiacon/alltools) All reasonably stable tools
- [**279**Star][15d] [Go] [tomsteele/blacksheepwall](https://github.com/tomsteele/blacksheepwall) blacksheepwall is a hostname reconnaissance tool
- [**279**Star][13d] [Py] [quitten/doser.py](https://github.com/quitten/doser.py) DoS tool for HTTP requests (inspired by hulk but has more functionalities)
- [**279**Star][13d] [Go] [netspi/goddi](https://github.com/netspi/goddi) goddi (go dump domain info) dumps Active Directory domain information
- [**279**Star][7m] [ApacheConf] [micahflee/fixubuntu](https://github.com/micahflee/fixubuntu) This is the code that powers https://fixubuntu.com/.
- [**279**Star][4m] [Shell] [lieanu/libcsearcher](https://github.com/lieanu/libcsearcher) glibc offset search for ctf.
- [**279**Star][2y] [PS] [invoke-ir/ace](https://github.com/invoke-ir/ace) Automated, Collection, and Enrichment Platform
- [**279**Star][5m] [Java] [florent37/android-nosql](https://github.com/florent37/android-nosql) Lightweight, simple structured NoSQL database for Android
- [**279**Star][4m] [C#] [equifox/ksdumper](https://github.com/equifox/ksdumper) Dumping processes using the power of kernel space !
- [**279**Star][2y] [C++] [dekimir/ramfuzz](https://github.com/dekimir/ramfuzz) Combining Unit Tests, Fuzzing, and AI
- [**278**Star][11d] [Py] [makerdao/market-maker-keeper](https://github.com/makerdao/market-maker-keeper) Maker Keeper Framework: Market maker keepers for OasisDEX, EtherDelta, 0x (RadarRelay, ERCdEX), Paradex, DDEX, IDEX, Bibox, Ethfinex, GoPax, HitBTC, TheOcean, OKEX and Gate.io.
- [**278**Star][15d] [C] [domistyle/docker-idrac6](https://github.com/domistyle/docker-idrac6) iDRAC 6 web interface and VNC proxy
- [**278**Star][12d] [C] [r3x/how2kernel](https://github.com/r3x/how2kernel) This Repository aims at giving a basic idea about Kernel Exploitation.
- [**278**Star][4m] [TS] [zxing-js/ngx-scanner](https://github.com/zxing-js/ngx-scanner) Angular (2+) QR code, Barcode, DataMatrix, scanner component using ZXing.
- [**278**Star][23d] [waylau/free-vpn](https://github.com/waylau/free-vpn) We Provide Newset Free VPN Service. PC, mobile phones and network appliances, no software installation. With the VPN Service,you can get through your government's firewall to browse restricted websites.提供最新的免费的 VPN 服务,通过使用 VPN 自由访问互联网(翻墙)！无论是PC端，移动端都无需安装客户端。
- [**278**Star][10d] [JS] [pandorafms/pandorafms](https://github.com/pandorafms/pandorafms) Pandora FMS is a flexible and highly scalable monitoring system ready for big environments. It uses agents (Linux, Windows, AIX, HP-UX, Solaris and BSD systems) and can do both local and remote network monitoring (SNMP v3, TCP checks, WMI, etc).
- [**278**Star][16d] [Py] [data61/python-paillier](https://github.com/data61/python-paillier) A library for Partially Homomorphic Encryption in Python
- [**278**Star][16d] [Java] [maxcamillo/android-keystore-password-recover](https://github.com/maxcamillo/android-keystore-password-recover) Automatically exported from code.google.com/p/android-keystore-password-recover
- [**278**Star][19d] [JS] [lewisardern/bxss](https://github.com/lewisardern/bxss) bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
- [**278**Star][2y] [Shell] [jgamblin/carhackingtools](https://github.com/jgamblin/carhackingtools) Install and Configure Common Car Hacking Tools.
- [**278**Star][1y] [Py] [hakril/pythonforwindows](https://github.com/hakril/pythonforwindows) A codebase aimed to make interaction with Windows and native execution easier
- [**278**Star][1m] [JS] [fix-macosx/fix-macosx](https://github.com/fix-macosx/fix-macosx) This is the code that powers https://fix-macosx.com/.
- [**278**Star][11d] [Py] [cisco-config-analysis-tool/ccat](https://github.com/cisco-config-analysis-tool/ccat) Cisco Config Analysis Tool
- [**278**Star][17d] [Py] [beaengine/beaengine](https://github.com/beaengine/beaengine) BeaEngine disasm project
- [**278**Star][4m] [C++] [aekras1a/updated-carbanak-source-with-plugins](https://github.com/aekras1a/updated-carbanak-source-with-plugins) 
- [**277**Star][12d] [Kotlin] [isupatches/wisefy](https://github.com/isupatches/wisefy) Wrapper around WifiManager and ConnectivityManager for Android
- [**277**Star][10d] [Ruby] [tidesec/mars](https://github.com/tidesec/mars) Mars(战神)——资产发现、子域名枚举、C段扫描、资产变更监测、端口变更监测、域名解析变更监测、Awvs扫描、POC检测、web指纹探测、端口指纹探测、CDN探测、操作系统指纹探测、泛解析探测、WAF探测、敏感信息检测等等
- [**277**Star][17d] [crytic/awesome-ethereum-security](https://github.com/crytic/awesome-ethereum-security) A curated list of awesome Ethereum security references
- [**277**Star][3m] [C++] [tsiv/ccminer-cryptonight](https://github.com/tsiv/ccminer-cryptonight) A modification of Christian Buchner's & Christian H.'s ccminer project by tsiv for Cryptonight mining.
- [**277**Star][1y] [Py] [trycatchhcf/packetwhisper](https://github.com/trycatchhcf/packetwhisper) Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
- [**277**Star][4m] [Shell] [screetsec/sudomy](https://github.com/screetsec/sudomy) Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format
- [**277**Star][25d] [Java] [reoky/android-crackme-challenge](https://github.com/reoky/android-crackme-challenge) A collection of reverse engineering challenges for learning about the Android operating system and mobile security.
- [**277**Star][3y] [Py] [ptr32void/ostrica](https://github.com/ptr32void/ostrica) plugin-oriented framework to collect and visualize Threat Intelligence Information
- [**277**Star][4m] [Perl] [owasp/o-saft](https://github.com/owasp/o-saft) OWASP SSL advanced forensic tool
- [**277**Star][14d] [Py] [kupferlauncher/kupfer](https://github.com/kupferlauncher/kupfer) kupfer, smart, quick launcher. `master' is kupfer's release branch.
- [**277**Star][7m] [JS] [hynekpetrak/javascript-malware-collection](https://github.com/hynekpetrak/javascript-malware-collection) Collection of almost 40.000 javascript malware samples
- [**277**Star][2y] [C++] [gellin/teamviewer_permissions_hook_v1](https://github.com/gellin/teamviewer_permissions_hook_v1) A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions.
- [**277**Star][25d] [Py] [evilmog/ntlmv1-multi](https://github.com/evilmog/ntlmv1-multi) NTLMv1 Multitool
- [**277**Star][7d] [Py] [evait-security/weeman](https://github.com/evait-security/weeman) HTTP server for phishing in python
- [**277**Star][10d] [C++] [dreamstalker/rehlds](https://github.com/dreamstalker/rehlds) Reverse-engineered HLDS
- [**277**Star][15d] [Py] [beetlechunks/redsails](https://github.com/beetlechunks/redsails) RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk:
- [**276**Star][11d] [Java] [smuyyh/crawlerforreader](https://github.com/smuyyh/crawlerforreader) Android 本地网络小说爬虫，基于jsoup及xpath
- [**276**Star][14d] [Shell] [fishdrowned/ssl](https://github.com/fishdrowned/ssl) Self-signed Wildcard SSL Certificate Generator
- [**276**Star][11d] [Java] [nats-io/nats.java](https://github.com/nats-io/nats.java) Java client for NATS
- [**276**Star][6m] [Py] [zephrfish/googd0rker](https://github.com/zephrfish/googd0rker) GoogD0rker is a tool for firing off google dorks against a target domain, it is purely for OSINT against a specific target domain. READ the readme before messaging or tweeting me.
- [**276**Star][10d] [Vim script] [superkojiman/pwnbox](https://github.com/superkojiman/pwnbox) Docker container with tools for binary reverse engineering and exploitation.
- [**276**Star][16d] [C++] [strazzere/android-scripts](https://github.com/strazzere/android-scripts) Collection of Android reverse engineering scripts
- [**276**Star][25d] [C] [robertdavidgraham/pemcrack](https://github.com/robertdavidgraham/pemcrack) Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON'T JUDGE ME!!!
- [**276**Star][28d] [Go] [pwaller/goupx](https://github.com/pwaller/goupx) Fix golang compiled binaries on x86_64 so that they can be packed with UPX
- [**276**Star][4m] [Py] [pisupply/papirus](https://github.com/pisupply/papirus) Resources for PaPiRus ePaper eInk displays
- [**276**Star][15d] [palantir/alerting-detection-strategy-framework](https://github.com/palantir/alerting-detection-strategy-framework) A framework for developing alerting and detection strategies for incident response.
- [**276**Star][17d] [Py] [jboone/tpms](https://github.com/jboone/tpms) Tire Pressure Monitoring System decoding tools.
- [**276**Star][10d] [C] [jamesbarlow/icmptunnel](https://github.com/jamesbarlow/icmptunnel) Tunnel IP over ICMP.
- [**276**Star][4y] [insidetrust/statistically-likely-usernames](https://github.com/insidetrust/statistically-likely-usernames) Wordlists for creating statistically likely username lists for use in password attacks and security testing
- [**276**Star][11d] [Shell] [gy-games/elves](https://github.com/gy-games/elves) 开源自动化运维开发平台(IT Automatic Develop Platform)
- [**276**Star][2m] [Py] [felixweyne/imaginaryc2](https://github.com/felixweyne/imaginaryc2)  a python tool which aims to help in the behavioral (network) analysis of malware
- [**276**Star][10d] [Shell] [curl/curl-for-win](https://github.com/curl/curl-for-win) Reproducible curl/libcurl (and OpenSSL) binaries for Windows
- [**275**Star][3m] [nsacyber/hardware-and-firmware-security-guidance](https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance) Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
- [**275**Star][14d] [Rust] [radareorg/radeco](https://github.com/radareorg/radeco) radare2-based decompiler and symbol executor
- [**275**Star][29d] [C++] [cisco-talos/moflow](https://github.com/Cisco-Talos/moflow) Release Branches for MoFlow
- [**275**Star][15d] [Py] [xdavidhu/probesniffer](https://github.com/xdavidhu/probesniffer) 
- [**275**Star][2y] [Py] [wipi-hunter/pidense](https://github.com/wipi-hunter/pidense) Monitor illegal wireless network activities.
- [**275**Star][5m] [ObjC] [veorq/siphash](https://github.com/veorq/siphash) High-speed pseudorandom function (reference code)
- [**275**Star][4m] [Java] [secure-software-engineering/flowdroid](https://github.com/secure-software-engineering/flowdroid) FlowDroid Static Data Flow Tracker
- [**275**Star][12d] [Go] [sachaos/tcpterm](https://github.com/sachaos/tcpterm) a packet visualizer in TUI.
- [**275**Star][4y] [Py] [quandyfactory/dicttoxml](https://github.com/quandyfactory/dicttoxml) Simple library to convert a Python dictionary or other native data type into a valid XML string.
- [**275**Star][14d] [C] [proftpd/proftpd](https://github.com/proftpd/proftpd)  a highly configurable FTP daemon for Unix and Unix-like operating systems
- [**275**Star][10d] [pe3zx/my-infosec-awesome](https://github.com/pe3zx/my-infosec-awesome) My curated list of awesome links, resources and tools on infosec related topics
- [**275**Star][2m] [offensive-security/nethunter-lrt](https://github.com/offensive-security/nethunter-lrt) The Nethunter Linux Root Toolkit is a collection of bash scripts which install Nethunter onto a supported device.
- [**275**Star][24d] [Go] [lightningnetwork/lightning-onion](https://github.com/lightningnetwork/lightning-onion) Onion Routed Micropayments for the Lightning Network
- [**275**Star][4y] [Py] [lgandx/responder-windows](https://github.com/lgandx/responder-windows) Responder Windows Version Beta
- [**275**Star][10d] [leonardonve/sslstrip2](https://github.com/leonardonve/sslstrip2) SSLStrip version to defeat HSTS
- [**275**Star][4y] [XSLT] [ironbee/ironbee](https://github.com/ironbee/ironbee) Universal web application security sensor intended for real-time monitoring and defense.
- [**275**Star][15d] [HTML] [edoverflow/bugbountyguide](https://github.com/edoverflow/bugbountyguide) Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
- [**275**Star][7m] [C] [basil00/torwall](https://github.com/basil00/torwall) Tallow - Transparent Tor for Windows
- [**274**Star][16d] [Java] [finnfu/stepcount](https://github.com/finnfu/stepcount) 一个还算准确的计步器算法／a step count algorithm
- [**274**Star][11d] [PHP] [duzun/hquery.php](https://github.com/duzun/hquery.php) An extremely fast web scraper that parses megabytes of HTML in a blink of an eye. PHP5.3+, no dependencies.
- [**274**Star][13d] [Py] [ritterhou/music-163](https://github.com/ritterhou/music-163) 爬取网易云音乐所有歌曲的评论数
- [**274**Star][25d] [HTML] [xem/minix86](https://github.com/xem/minix86) x86 (MS-DOS) documentation, disassembler and emulator - WIP
- [**274**Star][1y] [xcsh/unity-game-hacking](https://github.com/xcsh/unity-game-hacking) A guide for hacking unity games
- [**274**Star][2y] [Py] [ucsb-seclab/bootstomp](https://github.com/ucsb-seclab/bootstomp) a bootloader vulnerability finder
- [**274**Star][10d] [Py] [smaash/snitch](https://github.com/smaash/snitch) information gathering via dorks
- [**274**Star][3m] [C++] [sahilbansal17/competitive_coding](https://github.com/sahilbansal17/competitive_coding) This repository contains some useful codes, techniques, algorithms and problem solutions helpful in Competitive Coding.
- [**274**Star][7y] [C] [robertdavidgraham/isowall](https://github.com/robertdavidgraham/isowall) This is a mini-firewall that completely isolates a target device from the local network.
- [**274**Star][2y] [C++] [isometric/bucketcompressiontrick](https://github.com/isometric/bucketcompressiontrick) Cool trick to store 4 5-bit values in one 16-bit value.
- [**274**Star][3y] [C] [iaik/cjag](https://github.com/iaik/cjag) CJAG is an open-source implementation of our cache-based jamming agreement.
- [**274**Star][3y] [Py] [hadi999/nxcrypt](https://github.com/hadi999/nxcrypt) NXcrypt - 'python backdoor' framework
- [**274**Star][6m] [Py] [earthquake/xfltreat](https://github.com/earthquake/xfltreat) XFLTReaT tunnelling framework
- [**274**Star][10d] [Ruby] [davejacobs/letters](https://github.com/davejacobs/letters) A tiny debugging library for Ruby
- [**274**Star][29d] [C#] [brandonprry/gray_hat_csharp_code](https://github.com/brandonprry/gray_hat_csharp_code) This repository contains full code examples from the book Gray Hat C#
- [**274**Star][11d] [Py] [avatartwo/avatar2](https://github.com/avatartwo/avatar2) Python core of avatar²
- [**274**Star][11d] [JS] [antswordproject/ant](https://github.com/antswordproject/ant) 实时上线的 XSS 盲打平台
- [**273**Star][1m] [C++] [kmanoz/kmansonoff](https://github.com/kmanoz/kmansonoff) Firmware for ESP8266 based itead Sonoff switches for use with HomeAssistant / mqtt
- [**273**Star][11d] [JS] [yzddmr6/as_webshell_venom](https://github.com/yzddmr6/as_webshell_venom) 免杀webshell无限生成工具蚁剑版
- [**273**Star][10d] [Py] [skelsec/jackdaw](https://github.com/skelsec/jackdaw) gather gather gather
- [**273**Star][4m] [Java] [w296488320/nullproguard](https://github.com/w296488320/nullproguard) 空白混淆 源码
- [**273**Star][11d] [Java] [spring-cloud/spring-cloud-task](https://github.com/spring-cloud/spring-cloud-task) Short lived microservices with Spring Batch
- [**273**Star][4y] [C] [leechristensen/unmanagedpowershell](https://github.com/leechristensen/unmanagedpowershell) Executes PowerShell from an unmanaged process
- [**273**Star][10d] [Shell] [controlplaneio/kubesec](https://github.com/controlplaneio/kubesec) Security risk analysis for Kubernetes resources
- [**273**Star][1m] [Java] [codewatchorg/bypasswaf](https://github.com/codewatchorg/bypasswaf) Add headers to all Burp requests to bypass some WAF products
- [**273**Star][4y] [C] [cisco-talos/mbrfilter](https://github.com/cisco-talos/mbrfilter) Cisco Talos MBR Filter Driver
- [**273**Star][7m] [JS] [buildize/locus](https://github.com/buildize/locus) Locus is a debugging module for node.js
- [**273**Star][2y] [Shell] [abedalqaderswedan1/aswcrypter](https://github.com/abedalqaderswedan1/aswcrypter) An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far [FUD]
- [**272**Star][3m] [chris1111/wireless-usb-adapter](https://github.com/chris1111/wireless-usb-adapter) 
- [**272**Star][9d] [CSS] [wg-dashboard/wg-dashboard](https://github.com/wg-dashboard/wg-dashboard) an easy-to-use dashboard for wireguard vpn
- [**272**Star][8d] [PS] [darquewarrior/vsteam](https://github.com/darquewarrior/vsteam) PowerShell module for accessing TFS, Azure DevOps Service and Azure DevOps Server
- [**272**Star][1m] [JS] [danoctavian/bluntly](https://github.com/danoctavian/bluntly) serverless, encrypted, NAT-breaking p2p connections - DEPRECATED
- [**272**Star][10d] [C] [zfl9/chinadns-ng](https://github.com/zfl9/chinadns-ng) chinadns next generation, refactoring with epoll and ipset
- [**272**Star][18d] [Ruby] [v2ray/homebrew-v2ray](https://github.com/v2ray/homebrew-v2ray) The homebrew tap for v2ray-core.
- [**272**Star][2y] [Shell] [zephrfish/dockerattack](https://github.com/zephrfish/dockerattack) Various Tools and Docker Images
- [**272**Star][4y] [Java] [subgraph/vega](https://github.com/subgraph/vega) Subgraph Vega
- [**272**Star][16d] [Go] [stackexchange/wmi](https://github.com/stackexchange/wmi) WMI for Go
- [**272**Star][4m] [Go] [skx/tunneller](https://github.com/skx/tunneller) Allow internal services, running on localhost, to be accessed over the internet..
- [**272**Star][10d] [JS] [santthosh/aws-es-kibana](https://github.com/santthosh/aws-es-kibana) AWS ElasticSearch Kibana Proxy
- [**272**Star][4y] [C] [samsung/adbi](https://github.com/samsung/adbi) Android Dynamic Binary Instrumentation tool for tracing Android native layer
- [**272**Star][10d] [Py] [projectante/dnsgen](https://github.com/projectante/dnsgen) Generates combination of domain names from the provided input.
- [**272**Star][12d] [Py] [pbartek/pyobd-pi](https://github.com/pbartek/pyobd-pi) Fixes to pyobd for Raspberry Pi / BeagleBone Black
- [**272**Star][3m] [Py] [no0be/dnslivery](https://github.com/no0be/dnslivery) Easy files and payloads delivery over DNS
- [**272**Star][4m] [Vala] [naxuroqa/venom](https://github.com/naxuroqa/venom) a modern Tox client for the GNU/Linux desktop
- [**272**Star][10d] [Java] [nationalsecurityagency/lemongrenade](https://github.com/nationalsecurityagency/lemongrenade) Data-driven automation platform
- [**272**Star][15d] [Shell] [leviathan36/kaboom](https://github.com/leviathan36/kaboom) An automated pentest tool
- [**272**Star][1y] [C] [landhb/hideprocess](https://github.com/landhb/hideprocess) A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
- [**272**Star][4y] [C] [laginimaineb/extractkeymaster](https://github.com/laginimaineb/extractkeymaster) Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431
- [**272**Star][1m] [Py] [juhakivekas/multidiff](https://github.com/juhakivekas/multidiff) Binary data diffing for multiple objects or streams of data
- [**272**Star][21d] [Py] [jcesarstef/dotdotslash](https://github.com/jcesarstef/dotdotslash) Search for Directory Traversal Vulnerabilities
- [**272**Star][4m] [Py] [inquest/threatingestor](https://github.com/inquest/threatingestor) Extract and aggregate threat intelligence.
- [**272**Star][26d] [Visual Basic] [houjingyi233/office-exploit-case-study](https://github.com/houjingyi233/office-exploit-case-study) Collection of office exploit used in the real world recent years with samples and writeup
- [**272**Star][1m] [Scala] [fix-macosx/net-monitor](https://github.com/fix-macosx/net-monitor) Toolkit for auditing "phone home" behavior on Mac OS X Yosemite.
- [**272**Star][2y] [Java] [danicuestasuarez/nmapgui](https://github.com/danicuestasuarez/nmapgui) Advanced Graphical User Interface for NMap
- [**272**Star][4m] [C++] [d35ha/callobfuscator](https://github.com/d35ha/callobfuscator) Obfuscate specific windows apis with different apis
- [**272**Star][20d] [Py] [chrizator/netattack2](https://github.com/chrizator/netattack2) An advanced network scan and attack script based on GUI. 2nd version of no-GUI netattack.
- [**271**Star][8d] [Py] [jabbalaci/pythonexe](https://github.com/jabbalaci/pythonexe) How to create an executable file from a Python script?
- [**271**Star][2m] [Py] [toyakula/luna](https://github.com/toyakula/luna) luna webscanner
- [**271**Star][2m] [PHP] [sqlmapproject/testenv](https://github.com/sqlmapproject/testenv) A collection of web pages vulnerable to SQL injection flaws
- [**271**Star][3m] [Assembly] [pret/pokeyellow](https://github.com/pret/pokeyellow) Disassembly of Pokemon Yellow
- [**271**Star][5m] [Java] [nickstadb/serializationdumper](https://github.com/nickstadb/serializationdumper) A tool to dump Java serialization streams in a more human readable form.
- [**271**Star][11d] [C] [n0b0dycn/redis-rogue-server](https://github.com/n0b0dycn/redis-rogue-server) Redis(<=5.0.5) RCE
- [**271**Star][15d] [Py] [mazen160/bfac](https://github.com/mazen160/bfac) An automated tool that checks for backup artifacts that may disclose the web-application's source code.
- [**271**Star][12d] [Py] [ledger-donjon/lascar](https://github.com/ledger-donjon/lascar) Ledger's Advanced Side-Channel Analysis Repository
- [**271**Star][1m] [l1k/osxparanoia](https://github.com/l1k/osxparanoia) Preventing OS X from phoning home to Cupertino
- [**271**Star][4m] [C#] [icsharpcode/avaloniailspy](https://github.com/icsharpcode/avaloniailspy) Avalonia-based .NET Decompiler (port of ILSpy)
- [**271**Star][11d] [Py] [google/grr-doc](https://github.com/google/grr-doc) Documentation for the GRR Rapid Reponse framework
- [**271**Star][6m] [Py] [eset/ipyida](https://github.com/eset/ipyida) IPython console integration for IDA Pro
- [**271**Star][1y] [Py] [c0rel0ader/east](https://github.com/c0rel0ader/east) Exploits and Security Tools Framework 2.0.1
- [**271**Star][13d] [Py] [blark/aiodnsbrute](https://github.com/blark/aiodnsbrute) Python 3.5+ DNS asynchronous brute force utility
- [**271**Star][15d] [Go] [avahowell/masterkey](https://github.com/avahowell/masterkey) secure interactive password manager with xchacha20poly1305, argon2id, and Go
- [**271**Star][1y] [Py] [ant4g0nist/susanoo](https://github.com/ant4g0nist/susanoo) A REST API security testing framework.
- [**270**Star][8d] [Py] [byt3bl33d3r/witnessme](https://github.com/byt3bl33d3r/witnessme) Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
- [**270**Star][12d] [C] [zerosum0x0/defcon-25-workshop](https://github.com/zerosum0x0/defcon-25-workshop) Windows Post-Exploitation / Malware Forward Engineering DEF CON 25 Workshop
- [**270**Star][2y] [C] [zer0mem0ry/kernelbhop](https://github.com/zer0mem0ry/kernelbhop) Cheat that uses a driver instead WinAPI for Reading / Writing memory.
- [**270**Star][21d] [C] [w-shackleton/android-netspoof](https://github.com/w-shackleton/android-netspoof) Network Spoofer
- [**270**Star][5m] [C] [virustotal/yara-python](https://github.com/virustotal/yara-python) The Python interface for YARA
- [**270**Star][4m] [C++] [tonychen56/hackertools](https://github.com/tonychen56/hackertools) 使用MFC编写的病毒技术合集
- [**270**Star][25d] [C] [pakt/ropc](https://github.com/pakt/ropc) A Turing complete ROP compiler
- [**270**Star][14d] [Py] [nucypher/nufhe](https://github.com/nucypher/nufhe) NuCypher fully homomorphic encryption (NuFHE) library implemented in Python
- [**270**Star][18d] [Py] [needmorecowbell/sniff-paste](https://github.com/needmorecowbell/sniff-paste) Pastebin OSINT Harvester
- [**270**Star][10d] [JS] [hackademix/noscript](https://github.com/hackademix/noscript) The popular NoScript Security Suite browser extension.
- [**270**Star][2m] [C] [conradev/dumpdecrypted](https://github.com/conradev/dumpdecrypted) Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
- [**270**Star][5m] [Py] [cedricbonhomme/stegano](https://github.com/cedricbonhomme/stegano) Stegano is a pure Python steganography module.
- [**270**Star][2y] [JS] [bugbountyforum/xss-radar](https://github.com/bugbountyforum/xss-radar)  A Chrome extension for fast and easy XSS fuzzing 
- [**270**Star][19d] [C++] [antire-book/dont_panic](https://github.com/antire-book/dont_panic) Linux bind shell with anti-reverse engineering techniques
- [**270**Star][11d] [CSS] [7dog7/bottleneckosmosis](https://github.com/7dog7/bottleneckosmosis) 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
- [**269**Star][10d] [Shell] [cytopia/pwncat](https://github.com/cytopia/pwncat) pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
- [**269**Star][4m] [C++] [eqemu/server](https://github.com/eqemu/server) EQEmu - Open Source EverQuest Server
- [**269**Star][4m] [ObjC] [devaukz/macho-kit](https://github.com/devaukz/macho-kit) A C/Objective-C library for parsing Mach-O files.
- [**269**Star][13d] [Py] [darbra/geetest](https://github.com/darbra/geetest) geetest，滑动验证码
- [**269**Star][10d] [JS] [linkedtales/scrapedin](https://github.com/linkedtales/scrapedin) LinkedIn Scraper (currently working 2020)
- [**269**Star][11d] [C] [zhuhaow/tun2socks](https://github.com/zhuhaow/tun2socks) A tun2socks framework with Swift wrapper
- [**269**Star][15d] [Py] [0xeb-bp/bluekeep](https://github.com/0xeb-bp/bluekeep) Public work for CVE-2019-0708
- [**269**Star][11d] [SourcePawn] [splewis/csgo-pug-setup](https://github.com/splewis/csgo-pug-setup) CS:GO Sourcemod plugin for setting up private pug/10man games
- [**269**Star][1m] [JS] [shanelau/rssspider](https://github.com/shanelau/rssspider) Rss spider by nodejs , rss 爬虫，正文抓取
- [**269**Star][15d] [Py] [orlikoski/cdqr](https://github.com/orlikoski/CDQR) a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
- [**269**Star][13d] [HTML] [dependency-check/dependency-check-sonar-plugin](https://github.com/dependency-check/dependency-check-sonar-plugin) Integrates Dependency-Check reports into SonarQube
- [**269**Star][12d] [Shell] [feeicn/autossh](https://github.com/FeeiCN/autossh) Password-free automatic login SSH（免密登陆SSH）
- [**269**Star][3y] [Py] [lightos/panoptic](https://github.com/lightos/panoptic) Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.
- [**269**Star][10d] [JS] [lelinhtinh/de4js](https://github.com/lelinhtinh/de4js) JavaScript Deobfuscator and Unpacker
- [**269**Star][10d] [Java] [kwart/jd-cmd](https://github.com/kwart/jd-cmd) Command line Java Decompiler
- [**269**Star][4m] [jinyu121/surgerule](https://github.com/jinyu121/surgerule) Deprecate since 2016
- [**269**Star][10d] [C] [ipsn/go-libtor](https://github.com/ipsn/go-libtor) Self-contained Tor from Go
- [**269**Star][2y] [Py] [hegusung/avsignseek](https://github.com/hegusung/avsignseek) Tool written in python3 to determine where the AV signature is located in a binary/payload
- [**269**Star][28d] [PHP] [hackademic/hackademic](https://github.com/hackademic/hackademic) the main hackademic code repository
- [**269**Star][13d] [C#] [misaka-mikoto-tech/monohook](https://github.com/Misaka-Mikoto-Tech/MonoHook) hook C# method at runtime without modify dll file (such as UnityEditor.dll)
- [**269**Star][8d] [C] [devnoname120/vhbb](https://github.com/devnoname120/vhbb) Browse, download, and launch Vita homebrews!
- [**269**Star][2y] [Py] [berzerk0/bewgor](https://github.com/berzerk0/bewgor) Bull's Eye Wordlist Generator - Does your password rely on predictable patterns of accessible info?
- [**269**Star][13d] [C] [atoptool/atop](https://github.com/atoptool/atop) System and process monitor for Linux
- [**269**Star][1y] [Py] [LaNMaSteR53/recon-ng](https://bitbucket.org/lanmaster53/recon-ng) a full-featured Web Reconnaissance framework written in Python
- [**268**Star][12d] [Py] [hak5/wifipineapple-modules](https://github.com/hak5/wifipineapple-modules) The Official WiFi Pineapple Module Repository
- [**268**Star][8m] [Py] [lorentzenman/sheepl](https://github.com/lorentzenman/sheepl) Creating realistic user behaviour for supporting tradecraft development within lab environments
- [**268**Star][25d] [Rust] [falconre/falcon](https://github.com/falconre/falcon) Formal Binary Analysis Framework in Rust
- [**268**Star][1m] [Racket] [tyrchen/racket-book](https://github.com/tyrchen/racket-book) My racket study documentation
- [**268**Star][8d] [PHP] [tide-emergency/yingji](https://github.com/tide-emergency/yingji) 应急相关内容积累
- [**268**Star][13d] [Lua] [somesocks/lua-lockbox](https://github.com/somesocks/lua-lockbox) A collection of cryptographic primitives written in pure Lua
- [**268**Star][2m] [Py] [rpp0/aggr-inject](https://github.com/rpp0/aggr-inject) Remote frame injection PoC by exploiting a standard compliant A-MPDU aggregation vulnerability in 802.11n networks.
- [**268**Star][10d] [Py] [ropnop/impacket_static_binaries](https://github.com/ropnop/impacket_static_binaries) Standalone binaries for Linux/Windows of Impacket's examples
- [**268**Star][7d] [Java] [ripe-ncc/whois](https://github.com/ripe-ncc/whois) RIPE Database whois code repository
- [**268**Star][2m] [ptresearch/me-disablement](https://github.com/ptresearch/me-disablement) Disabling Intel ME
- [**268**Star][3y] [C++] [professor-plum/reflective-driver-loader](https://github.com/professor-plum/reflective-driver-loader)  injection technique base off Reflective DLL injection 
- [**268**Star][3y] [Py] [pablocelayes/rsa-wiener-attack](https://github.com/pablocelayes/rsa-wiener-attack) A Python implementation of the Wiener attack on RSA public-key encryption scheme.
- [**268**Star][12d] [Py] [netxfly/passive_scan](https://github.com/netxfly/passive_scan) 基于http代理的web漏洞扫描器的实现
- [**268**Star][11m] [CSS] [l4wio/ctf-challenges-by-me](https://github.com/l4wio/ctf-challenges-by-me) Pwnable|Web Security|Cryptography CTF-style challenges
- [**268**Star][22d] [Shell] [karek314/macos-home-call-drop](https://github.com/karek314/macos-home-call-drop) Simple shell script to fix macOS privacy issues and remove mostly useless macOS calls to cupertino
- [**268**Star][8m] [C++] [gametechdev/presentmon](https://github.com/gametechdev/presentmon) Tool for collection and processing of ETW events related to DXGI presentation.
- [**268**Star][14d] [C++] [ga0/pyprotect](https://github.com/ga0/pyprotect) A lightweight python code protector, makes your python project harder to reverse engineer
- [**268**Star][10d] [Shell] [fransr/bountyplz](https://github.com/fransr/bountyplz) Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
- [**268**Star][11d] [fkie-cad/awesome-embedded-and-iot-security](https://github.com/fkie-cad/awesome-embedded-and-iot-security) A curated list of awesome embedded and IoT security resources.
- [**268**Star][11d] [Go] [dzonerzy/gowapt](https://github.com/dzonerzy/gowapt) Go Web Application Penetration Test
- [**268**Star][12m] [Batchfile] [diogo-fernan/ir-rescue](https://github.com/diogo-fernan/ir-rescue) A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
- [**268**Star][3y] [Visual Basic .NET] [cn33liz/starfighters](https://github.com/cn33liz/starfighters) A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.
- [**268**Star][4m] [Py] [bianjiang/tweetf0rm](https://github.com/bianjiang/tweetf0rm) A twitter crawler in Python
- [**267**Star][1y] [Go] [dan-v/dosxvpn](https://github.com/dan-v/dosxvpn) Easily deploy your own personal VPN server with DNS adblocking running on DigitalOcean
- [**267**Star][11d] [Shell] [bkuhlmann/mac_os-config](https://github.com/bkuhlmann/mac_os-config) Shell scripts for customized macOS machine setup and configuration.
- [**267**Star][13d] [C++] [skiars/serialtool](https://github.com/Skiars/SerialTool) A cross platform Serial-Port/TCP/UDP debugging tool.
- [**267**Star][2y] [HTML] [wisec/domxsswiki](https://github.com/wisec/domxsswiki) Automatically exported from code.google.com/p/domxsswiki
- [**267**Star][10m] [PS] [nccgroup/azucar](https://github.com/nccgroup/azucar) Security auditing tool for Azure environments
- [**267**Star][1y] [C] [nbulischeck/tyton](https://github.com/nbulischeck/tyton) Kernel-Mode Rootkit Hunter
- [**267**Star][13d] [Py] [mzfr/gtfo](https://github.com/mzfr/gtfo) Search gtfobins and lolbas files from your terminal
- [**267**Star][13d] [C++] [mstfknn/malware-sample-library](https://github.com/mstfknn/malware-sample-library) Malware sample library.
- [**267**Star][13d] [jmpews/pwn2exploit](https://github.com/jmpews/pwn2exploit) all mine papers, pwn & exploit
- [**267**Star][17d] [C] [icing/mod_md](https://github.com/icing/mod_md) Let's Encrypt (ACME) support for Apache httpd
- [**267**Star][13d] [Py] [gdelugre/ida-arm-system-highlight](https://github.com/gdelugre/ida-arm-system-highlight) IDA script for highlighting and decoding ARM system instructions
- [**267**Star][2y] [C++] [chadski/sharpneedle](https://github.com/chadski/sharpneedle) Inject C# code into a running process
- [**267**Star][2m] [C] [cameronswinoga/yabfc](https://github.com/cameronswinoga/yabfc) Yet Another Brainfuck Compiler; No dependencies and from the ground up
- [**267**Star][4y] [C] [blankwall/macdbg](https://github.com/blankwall/macdbg) Simple easy to use C and python debugging framework for OSX
- [**267**Star][19d] [Smali] [bin4ry/deejayeye-modder](https://github.com/bin4ry/deejayeye-modder) Android加固与破解
- [**267**Star][14d] [Py] [allfro/sploitego](https://github.com/allfro/sploitego) a local pen-test transform package that uses the Canari Framework for local transform execution in Maltego.
- [**267**Star][4m] [C#] [airvpn/eddie](https://github.com/airvpn/eddie) OpenVPN UI
- [**267**Star][17d] [C] [a2nkf/macos-kernel-exploit](https://github.com/a2nkf/macos-kernel-exploit) macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to
- [**266**Star][11d] [Py] [microsoft/msticpy](https://github.com/microsoft/msticpy) Microsoft Threat Intelligence Security Tools
- [**266**Star][12d] [Go] [infinitbyte/gopa](https://github.com/infinitbyte/gopa) [WIP] GOPA, a spider written in Golang, for Elasticsearch. DEMO:
- [**266**Star][3m] [C#] [orlikoski/cylr](https://github.com/orlikoski/CyLR) CyLR - Live Response Collection Tool
- [**266**Star][12d] [Py] [stripe-ctf/stripe-ctf-2.0](https://github.com/stripe-ctf/stripe-ctf-2.0) Capture the Flag: Web Edition
- [**266**Star][4m] [Py] [rvrsh3ll/findfrontabledomains](https://github.com/rvrsh3ll/findfrontabledomains) Search for potential frontable domains
- [**266**Star][30d] [Lua] [rvn0xsy/nse_vuln](https://github.com/rvn0xsy/nse_vuln) Nmap扫描、漏洞利用脚本
- [**266**Star][10d] [Py] [rockymeza/wifi](https://github.com/rockymeza/wifi) [unmaintained] WiFi tools for linux
- [**266**Star][4m] [C++] [rob--/memoryjs](https://github.com/rob--/memoryjs) Read and write process memory in NodeJS
- [**266**Star][20d] [C] [portcullislabs/linikatz](https://github.com/portcullislabs/linikatz) attack AD on UNIX
- [**266**Star][1y] [C] [p0f/p0f](https://github.com/p0f/p0f) p0f unofficial git repo
- [**266**Star][2y] [PHP] [mrsqar-ye/badmod](https://github.com/mrsqar-ye/badmod) CMS auto detect and exploit.
- [**266**Star][3y] [Java] [l-jinbin/apksignaturekiller](https://github.com/l-jinbin/apksignaturekiller) 一键破解APK签名校验
- [**266**Star][14d] [C] [jethrogb/uefireverse](https://github.com/jethrogb/uefireverse) Tools to help with Reverse Engineering UEFI-based firmware
- [**266**Star][2y] [C++] [ewhitehats/invisiblepersistence](https://github.com/ewhitehats/invisiblepersistence) Persisting in the Windows registry "invisibly"
- [**266**Star][17d] [Shell] [essandess/macos-fortress](https://github.com/essandess/macos-fortress) Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
- [**266**Star][13d] [Py] [danigargu/dereferencing](https://github.com/danigargu/dereferencing) IDA Pro plugin that implements more user-friendly register and stack views
- [**265**Star][3m] [Go] [ma6254/fictiondown](https://github.com/ma6254/fictiondown) 小说下载|小说爬取|起点|笔趣阁|导出Markdown|导出txt|转换epub|广告过滤|自动校对
- [**265**Star][11d] [ObjC] [chenliangloveyou/easybluetooth](https://github.com/chenliangloveyou/easybluetooth) 一款iOS BLE蓝牙调试工具，非常简单容易，也可以作为一个蓝牙库，快速集成和开发。 可以两步搞定蓝牙开发操作。 第一步连接设备，第二步特征读写数据。
- [**265**Star][11d] [Py] [out0fmemory/qqwry.dat](https://github.com/out0fmemory/qqwry.dat) 自动更新的纯真ip库，每天自动更新
- [**265**Star][20d] [C] [pegasuslab/ghosttunnel](https://github.com/PegasusLab/GhostTunnel) GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment.
- [**265**Star][1y] [Py] [s0md3v/sqlmate](https://github.com/s0md3v/sqlmate) A friend of SQLmap which will do what you always expected from SQLmap.
- [**265**Star][14d] [Py] [zhangchenchen/proxyspider](https://github.com/zhangchenchen/proxyspider) 代理IP 采集程序
- [**265**Star][13d] [JS] [zer4tul/hacker-howto](https://github.com/zer4tul/hacker-howto) 本文原文由知名Hacker Eric S. Raymond 所撰写，教你如何成为一名黑客。
- [**265**Star][3y] [Py] [rolisoft/reconscan](https://github.com/rolisoft/reconscan) Network reconnaissance and vulnerability assessment tools.
- [**265**Star][9m] [ObjC] [preemptive/ppios-rename](https://github.com/preemptive/ppios-rename) Symbol obfuscator for iOS apps
- [**265**Star][16d] [Java] [portswigger/collaborator-everywhere](https://github.com/portswigger/collaborator-everywhere) A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator
- [**265**Star][10d] [Perl] [mrash/psad](https://github.com/mrash/psad) Intrusion Detection and Log Analysis with iptables
- [**265**Star][3m] [Py] [khast3x/redcloud](https://github.com/khast3x/redcloud) Automated Red Team Infrastructure deployement using Docker
- [**265**Star][2m] [Java] [isecpartners/android-ssl-bypass](https://github.com/isecpartners/android-ssl-bypass) Black box tool to bypass SSL verification on Android, even when pinning is used.
- [**265**Star][4m] [Py] [hsury/geetest3-crack](https://github.com/hsury/geetest3-crack) 
- [**265**Star][12d] [Perl] [fuzyll/defcon-vm](https://github.com/fuzyll/defcon-vm) Files from my DEFCON CTF VM.
- [**265**Star][3y] [Java] [flankerhqd/jaadas](https://github.com/flankerhqd/jaadas) Joint Advanced Defect assEsment for android applications
- [**265**Star][1m] [ObjC] [feicong/macbook](https://github.com/feicong/macbook) 《macOS软件安全与逆向分析》随书源码
- [**265**Star][12d] [Py] [dorneanu/smalisca](https://github.com/dorneanu/smalisca) Static Code Analysis for Smali files
- [**265**Star][5m] [cujanovic/open-redirect-payloads](https://github.com/cujanovic/open-redirect-payloads) Open Redirect Payloads
- [**265**Star][4m] [Py] [cloudflare/python-cloudflare](https://github.com/cloudflare/python-cloudflare) Python wrapper for the Cloudflare Client API v4
- [**265**Star][5y] [C++] [breakingmalware/powerloaderex](https://github.com/breakingmalware/powerloaderex) Advanced Code Injection Technique for x32 / x64
- [**265**Star][17d] [Ruby] [bcoles/ssrf_proxy](https://github.com/bcoles/ssrf_proxy) SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
- [**265**Star][9d] [C#] [b4rtik/redpeanut](https://github.com/b4rtik/redpeanut) RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
- [**265**Star][18d] [C] [astsam/rtl8812au](https://github.com/astsam/rtl8812au) RTL8812AU/21AU and RTL8814AU driver with monitor mode and frame injection
- [**265**Star][10d] [anudeepnd/blacklist](https://github.com/anudeepnd/blacklist) Curated and well-maintained host file to block ads, tracking, cryptomining and more! Updated regularly.
- [**264**Star][4m] [Jupyter Notebook] [algotraders/stock-analysis-engine](https://github.com/algotraders/stock-analysis-engine) Backtest 1000s of minute-by-minute trading algorithms for training AI with automated pricing data from: IEX, Tradier and FinViz. Datasets and trading performance automatically published to S3 for building AI training datasets for teaching DNNs how to trade. Runs on Kubernetes and docker-compose. >150 million trading history rows generated from +…
- [**264**Star][15d] [JS] [brendonboshell/supercrawler](https://github.com/brendonboshell/supercrawler) A web crawler. Supercrawler automatically crawls websites. Define custom handlers to parse content. Obeys robots.txt, rate limits and concurrency limits.
- [**264**Star][17d] [Assembly] [antoniond/ucity](https://github.com/antoniond/ucity) The open-source city-building game for Game Boy Color.
- [**264**Star][10d] [CSS] [weev3/lkwa](https://github.com/weev3/lkwa) Lesser Known Web Attack Lab
- [**264**Star][11d] [Shell] [hmaverickadams/breach-parse](https://github.com/hmaverickadams/breach-parse) A tool for parsing breached passwords
- [**264**Star][16d] [offensive-security/nethunter-app](https://github.com/offensive-security/nethunter-app) NetHunter android application
- [**264**Star][2m] [Py] [cisco-talos/ropmemu](https://github.com/Cisco-Talos/ROPMEMU) ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.
- [**264**Star][1m] [Py] [crytic/ethersplay](https://github.com/crytic/ethersplay) EVM dissassembler
- [**264**Star][2y] [PS] [xorrior/randomps-scripts](https://github.com/xorrior/randomps-scripts) PowerShell Scripts focused on Post-Exploitation Capabilities
- [**264**Star][2y] [Py] [thetwitchy/xxer](https://github.com/thetwitchy/xxer) A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
- [**264**Star][12d] [Py] [thekingofduck/burpfakeip](https://github.com/thekingofduck/burpfakeip) 一个用于伪造ip地址进行爆破的Burp Suite插件
- [**264**Star][9d] [C++] [smaffer/vgax](https://github.com/smaffer/vgax) VGA library for Arduino UNO
- [**264**Star][3m] [Py] [sc1341/instagramosint](https://github.com/sc1341/instagramosint) An Instagram Open Source Intelligence Tool
- [**264**Star][3m] [Py] [redteamoperations/pivotsuite](https://github.com/redteamoperations/pivotsuite) Network Pivoting Toolkit
- [**264**Star][4m] [C++] [poweradminllc/paexec](https://github.com/poweradminllc/paexec) Remote execution, like PsExec
- [**264**Star][11d] [PHP] [phpwhois/phpwhois](https://github.com/phpwhois/phpwhois) phpWhois general repository
- [**264**Star][4y] [Py] [lijiejie/iis_shortname_scanner](https://github.com/lijiejie/iis_shortname_scanner) an IIS shortname Scanner
- [**264**Star][13d] [C] [leecher1337/ntvdmx64](https://github.com/leecher1337/ntvdmx64) Run Microsoft Windows NTVDM (DOS) on 64bit Editions
- [**264**Star][14d] [Py] [johnnykv/heralding](https://github.com/johnnykv/heralding) Credentials catching honeypot
- [**264**Star][13d] [infosecn1nja/awesome-mitre-attack](https://github.com/infosecn1nja/awesome-mitre-attack) A curated list of awesome resources related to Mitre ATT&CK™ Framework
- [**264**Star][24d] [HTML] [gfw-breaker/open-proxy](https://github.com/gfw-breaker/open-proxy) 一键部署被墙网站反向代理; 免翻墙访问被禁网站
- [**264**Star][23d] [Py] [cvandeplas/pystemon](https://github.com/cvandeplas/pystemon) Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon
- [**264**Star][17d] [croqaz/awesome-decentralized](https://github.com/croqaz/awesome-decentralized) Awesome distributed, decentralized, p2p apps or tools
- [**263**Star][16d] [CSS] [woj-ciech/kamerka-gui](https://github.com/woj-ciech/kamerka-gui) Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.
- [**263**Star][12d] [Go] [wanchain/go-wanchain](https://github.com/wanchain/go-wanchain) Wanchain Client Source Code
- [**263**Star][14d] [Py] [quantopian/qdb](https://github.com/quantopian/qdb) Quantopian Remote Debugger for Python
- [**263**Star][2y] [C] [pornin/cttk](https://github.com/pornin/cttk) Constant-Time Toolkit
- [**263**Star][4m] [platomav/cpumicrocodes](https://github.com/platomav/cpumicrocodes) Intel, AMD, VIA & Freescale CPU Microcode Repositories
- [**263**Star][26d] [Dockerfile] [pgorczak/srslte-docker-emulated](https://github.com/pgorczak/srslte-docker-emulated) Minimal end-to-end LTE. Dockerized and emulated radio over shared memory.
- [**263**Star][1y] [Py] [pe3zx/huawei-block-list](https://github.com/pe3zx/huawei-block-list) Captured DNS requests from Huawei P30 Pro to a block list
- [**263**Star][1y] [Java] [owasp/owasp-java-encoder](https://github.com/owasp/owasp-java-encoder) The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
- [**263**Star][17d] [Groovy] [noveogroup/android-check](https://github.com/noveogroup/android-check) Static code analysis plugin for Android project. (Checkstyle, PMD)
- [**263**Star][6m] [Swift] [netyouli/whc_scan](https://github.com/netyouli/whc_scan) 高效强大扫描分析iOS和Android项目里没有使用的类Mac开源工具，清理项目垃圾类，让项目结构干净清爽，升级维护得心应手. Efficient and powerful scanning analysis iOS and Android project no classes used in Mac open source tools, cleaning rubbish class project, make project structure clean and relaxed, upgrade maintenance
- [**263**Star][15d] [Ruby] [lubyruffy/fofa](https://github.com/lubyruffy/fofa) fofa website
- [**263**Star][11d] [Shell] [freelancepentester/ddos-script](https://github.com/freelancepentester/ddos-script) All things to do after installing Kali Linux and Add more awesome hacking tools to your Kali Linux system
- [**263**Star][3y] [Py] [enddo/smod](https://github.com/enddo/smod) a modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol
- [**263**Star][30d] [C] [elfmaster/libelfmaster](https://github.com/elfmaster/libelfmaster) Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
- [**263**Star][8d] [PHP] [dotboris/vuejs-serverside-template-xss](https://github.com/dotboris/vuejs-serverside-template-xss) Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
- [**263**Star][4m] [Jupyter Notebook] [aws-samples/aws-security-workshops](https://github.com/aws-samples/aws-security-workshops) A collection of the latest AWS Security workshops
- [**263**Star][11d] [PHP] [78778443/xssplatform](https://github.com/78778443/xssplatform) 一个经典的XSS渗透管理平台
- [**262**Star][10d] [C] [woa-project/lumia950xlpkg](https://github.com/woa-project/lumia950xlpkg) Non-EOL (yes!) AArch64 UEFI firmware for Lumia 950 / Lumia 950 XL / Hapanero
- [**262**Star][13d] [Go] [jpillora/ipfilter](https://github.com/jpillora/ipfilter) A package for IP Filtering in Go (golang)
- [**262**Star][9d] [Kotlin] [shadowsocks/v2ray-plugin-android](https://github.com/shadowsocks/v2ray-plugin-android) A SIP003 V2ray plugin on Android
- [**262**Star][4m] [C] [radareorg/r2dec-js](https://github.com/radareorg/r2dec-js) radare2 plugin - converts asm to pseudo-C code.
- [**262**Star][3y] [Go] [netxfly/xsec-ip-database](https://github.com/netxfly/xsec-ip-database) Malicious ip database
- [**262**Star][12m] [Py] [mbro95/portablecellnetwork](https://github.com/mbro95/portablecellnetwork) Utilize a Raspberry Pi and a Nuand BladeRF to generate your own portable local cell network
- [**262**Star][11d] [Py] [lionsec/wifresti](https://github.com/lionsec/wifresti) Find your wireless network password in Windows , Linux and Mac OS
- [**262**Star][26d] [Py] [kingkaki/weblogic-scan](https://github.com/kingkaki/weblogic-scan) weblogic 漏洞扫描工具
- [**262**Star][6m] [Py] [diogo-fernan/malsub](https://github.com/diogo-fernan/malsub) A Python RESTful API framework for online malware analysis and threat intelligence services.
- [**262**Star][2y] [Py] [cryptolok/morphaes](https://github.com/cryptolok/morphaes) polymorphic shellcode engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS
- [**262**Star][1y] [TeX] [cardsagainstcryptography/cac](https://github.com/cardsagainstcryptography/cac) A party game for nerdy cryptographers. Shamelessly based on Cards Against Humanity.
- [**261**Star][12d] [OCaml] [aantron/lambdasoup](https://github.com/aantron/lambdasoup) Functional HTML scraping and rewriting with CSS in OCaml
- [**261**Star][1y] [Py] [darksand/sasila](https://github.com/darksand/sasila) 一个灵活、友好的爬虫框架
- [**261**Star][12d] [Java] [wustrive2008/aes-rsa-java](https://github.com/wustrive2008/aes-rsa-java) AES+RSA结合应用java示例
- [**261**Star][3m] [Py] [sparrow629/tumblr_crawler](https://github.com/sparrow629/tumblr_crawler) This is a Multi-thread crawler for Tumblr.
- [**261**Star][4m] [Java] [nats-io/nats.java](https://github.com/nats-io/nats.java) Java client for NATS
- [**261**Star][1m] [Shell] [nccgroup/vlan-hopping---frogger](https://github.com/nccgroup/vlan-hopping---frogger) Simple VLAN enumeration and hopping script.
- [**261**Star][24d] [eugeneching/ida-consonance](https://github.com/eugeneching/ida-consonance) Consonance, a dark color theme for IDA.
- [**261**Star][9d] [Py] [zigoo0/webpwn3r](https://github.com/zigoo0/webpwn3r) WebPwn3r - Web Applications Security Scanner.
- [**261**Star][5m] [Py] [whitepacket/zib-trojan](https://github.com/whitepacket/zib-trojan) The Open Tor Botnet (ZIB); Python-based forever-FUD IRC Trojan
- [**261**Star][2y] [TS] [srar/memcachedos](https://github.com/srar/memcachedos) Memcache 反射DDOS攻击脚本经供学习参考使用
- [**261**Star][10d] [Py] [sham00n/buster](https://github.com/sham00n/buster) An advanced tool for email reconnaissance
- [**261**Star][17d] [Py] [scrapy-plugins/scrapy-crawlera](https://github.com/scrapy-plugins/scrapy-crawlera) Crawlera middleware for Scrapy
- [**261**Star][25d] [Py] [openstack/syntribos](https://github.com/openstack/syntribos) Python API security testing tool from OpenStack Security Group
- [**261**Star][4m] [Vue] [nluedtke/linux_kernel_cves](https://github.com/nluedtke/linux_kernel_cves) Tracking CVEs for the linux Kernel
- [**261**Star][4m] [C] [nccgroup/sniffle](https://github.com/nccgroup/sniffle) A sniffer for Bluetooth 5 and 4.x LE
- [**261**Star][2y] [Py] [m4ll0k/galileo](https://github.com/m4ll0k/galileo) Galileo - Web Application Audit Framework
- [**261**Star][17d] [C++] [gametutorials/tutorials](https://github.com/gametutorials/tutorials) This holds the tutorials for GameTutorials.com
- [**261**Star][3m] [Py] [ecthros/pina-colada](https://github.com/ecthros/pina-colada) A powerful and extensible wireless drop box
- [**261**Star][2y] [C++] [dga-mi-ssi/yaco](https://github.com/dga-mi-ssi/yaco) a Hex-Rays IDA plugin enabling collaborative reverse-engineering on IDA databases for multiple users
- [**261**Star][11d] [Java] [constellation-app/constellation](https://github.com/constellation-app/constellation) A graph-focused data visualisation and interactive analysis application.
- [**261**Star][15d] [C] [ampotos/dynstruct](https://github.com/ampotos/dynstruct) Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
- [**260**Star][19d] [C] [cernekee/stoken](https://github.com/cernekee/stoken) RSA SecurID-compatible software token for Linux/UNIX systems
- [**260**Star][16d] [Py] [f0cker/crackq](https://github.com/f0cker/crackq) A Python Hashcat cracking queue system
- [**260**Star][14d] [C++] [spacehuhn/packetmonitor](https://github.com/spacehuhn/packetmonitor) ESP8266 + OLED = WiFi Packet Monitor
- [**260**Star][7d] [zardus/wargame-nexus](https://github.com/zardus/wargame-nexus) A sorted and updated list of security wargame sites.
- [**260**Star][12d] [JS] [swiftyapp/swifty](https://github.com/swiftyapp/swifty) 
- [**260**Star][13d] [Py] [stephenmcd/hot-redis](https://github.com/stephenmcd/hot-redis) Rich Python data types for Redis
- [**260**Star][13d] [C] [roxas75/rxtools](https://github.com/roxas75/rxtools) a collection of hacking tools for Nintendo 3DS/3DSXL/2DS, compatible with all the system versions from 4.1 to 9.2.
- [**260**Star][2m] [Shell] [peterpt/eternal_scanner](https://github.com/peterpt/eternal_scanner) An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)
- [**260**Star][14d] [C] [pavel-odintsov/drop_watch](https://github.com/pavel-odintsov/drop_watch) Monitor reasons why and where linux drops UDP packets
- [**260**Star][13d] [Py] [mushorg/snare](https://github.com/mushorg/snare) Super Next generation Advanced Reactive honEypot
- [**260**Star][4y] [juancgarcia/hid-relay](https://github.com/juancgarcia/hid-relay) Arduino project to convert wired USB HID device to Bluetooth (pipes USB HID reports out through a Bluetooth HID module)
- [**260**Star][20d] [Py] [itskindred/procspy](https://github.com/itskindred/procspy) Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
- [**260**Star][3m] [Elixir] [elixiumnetwork/elixium_core](https://github.com/elixiumnetwork/elixium_core) A privacy-preserving decentralized application network
- [**260**Star][28d] [Py] [danmcinerney/fakeap](https://github.com/danmcinerney/fakeap) Create fake AP in Kali with 1 command
- [**260**Star][11d] [JS] [consensys/surya](https://github.com/consensys/surya) A set of utilities for exploring Solidity contracts
- [**260**Star][1y] [C] [chef-koch/android-vulnerabilities-overview](https://github.com/chef-koch/android-vulnerabilities-overview) An small overview of known Android vulnerabilities
- [**260**Star][1m] [Py] [andsens/bootstrap-vz](https://github.com/andsens/bootstrap-vz) Bootstrap Debian images for virtualized environments
- [**260**Star][6y] [Java] [aggregateknowledge/java-hll](https://github.com/aggregateknowledge/java-hll) Java library for the HyperLogLog algorithm
- [**260**Star][2y] [Py] [1n3/wordpress-xmlrpc-brute-force-exploit](https://github.com/1n3/wordpress-xmlrpc-brute-force-exploit) Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
- [**259**Star][4m] [Py] [shadowmoose/redditdownloader](https://github.com/shadowmoose/redditdownloader) Scrapes Reddit to download media of your choice.
- [**259**Star][13d] [Go] [qieguo2016/algorithm](https://github.com/qieguo2016/algorithm) 常用算法和数据结构讲解，面试算法题/leetcode解题，提供golang/js版本
- [**259**Star][4m] [C++] [comaeio/swishdbgext](https://github.com/comaeio/SwishDbgExt) Incident Response & Digital Forensics Debugging Extension
- [**259**Star][10d] [crytic/evm-opcodes](https://github.com/crytic/evm-opcodes) Ethereum opcodes and instruction reference
- [**259**Star][4m] [Java] [xuxueli/xxl-tool](https://github.com/xuxueli/xxl-tool) a series of tools that make Java development more efficient.（Java工具类库XXL-TOOL）
- [**259**Star][1y] [Py] [xhak9x/fbi](https://github.com/xhak9x/fbi) Facebook Information
- [**259**Star][2y] [C] [v-e-o/poc](https://github.com/v-e-o/poc) PoC of CVE/Exploit
- [**259**Star][12d] [C++] [ucsb-seclab/difuze](https://github.com/ucsb-seclab/difuze) Fuzzer for Linux Kernel Drivers
- [**259**Star][3y] [Py] [thomastjdev/wmd](https://github.com/thomastjdev/wmd) Python framework for IT security tools
- [**259**Star][12d] [Dockerfile] [thinkst/canarytokens-docker](https://github.com/thinkst/canarytokens-docker) Docker configuration to quickly setup your own Canarytokens.
- [**259**Star][4m] [sab0tag3d/mitm-cheatsheet](https://github.com/sab0tag3d/mitm-cheatsheet) All MITM attacks in one place.
- [**259**Star][10m] [Py] [rrwick/basecalling-comparison](https://github.com/rrwick/basecalling-comparison) A comparison of different Oxford Nanopore basecallers
- [**259**Star][11d] [Ruby] [puppetlabs/puppetlabs-firewall](https://github.com/puppetlabs/puppetlabs-firewall) Puppet Firewall Module
- [**259**Star][2y] [Py] [kootenpv/sky](https://github.com/kootenpv/sky) a web scraping framework
- [**259**Star][9m] [Jupyter Notebook] [jmartinezheras/2018-machinelearning-lectures-esa](https://github.com/jmartinezheras/2018-machinelearning-lectures-esa) Machine Learning Lectures at the European Space Agency (ESA) in 2018
- [**259**Star][15d] [C] [espressif/esp32-nesemu](https://github.com/espressif/esp32-nesemu) Proof-of-concept NES emulator for the ESP32
- [**259**Star][2y] [Rust] [dwrensha/seer](https://github.com/dwrensha/seer) seer：Rust 语言符号执行引擎，使用 z3 做后端。以程序为输入，尝试穷举该程序的所有可能执行路径
- [**259**Star][14d] [Py] [dirkjanm/krbrelayx](https://github.com/dirkjanm/krbrelayx) Kerberos unconstrained delegation abuse toolkit
- [**259**Star][11d] [Java] [dexpatcher/dexpatcher-tool](https://github.com/dexpatcher/dexpatcher-tool) Android Dalvik bytecode patcher.
- [**258**Star][12d] [C++] [boyan-milanov/ropium](https://github.com/boyan-milanov/ropium) ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
- [**258**Star][4m] [PS] [nightroman/powershelltraps](https://github.com/nightroman/powershelltraps) Collection of PowerShell traps and oddities
- [**258**Star][4m] [Java] [c19354837/react-native-system-setting](https://github.com/c19354837/react-native-system-setting) A library to access system setting, and change it easily. eg: volume, brightness, wifi
- [**258**Star][30d] [glimpse/home](https://github.com/glimpse/home) Project Glimpse: Node Edition - Spend less time debugging and more time developing.
- [**258**Star][10d] [Mathematica] [antononcube/mathematicaforprediction](https://github.com/antononcube/mathematicaforprediction) Mathematica implementations of machine learning algorithms used for prediction and personalization.
- [**258**Star][11d] [Py] [levirve/crawlertutorial](https://github.com/levirve/crawlertutorial) 爬蟲極簡教學（fetch, parse, search, multiprocessing, API）- PTT 為例
- [**258**Star][10d] [TS] [auth0/nextjs-auth0](https://github.com/auth0/nextjs-auth0) Next.js SDK for signing in with Auth0 (Experimental)
- [**258**Star][11d] [JS] [nas5w/javascript-patterns](https://github.com/nas5w/javascript-patterns) A collection of javascript algorithms, patterns, and techniques
- [**258**Star][4m] [Shell] [ustclug/neatdns](https://github.com/ustclug/neatdns) anti-pollution DNS server
- [**258**Star][2y] [Py] [unamer/cve-2017-11882](https://github.com/unamer/cve-2017-11882) CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
- [**258**Star][7m] [TS] [tensorflow/tfjs-tsne](https://github.com/tensorflow/tfjs-tsne) a improved tSNE implementation that runs in the browser.
- [**258**Star][11m] [C] [rub-syssec/omen](https://github.com/rub-syssec/omen) Ordered Markov ENumerator - Password Guesser
- [**258**Star][4m] [Py] [platomav/mcextractor](https://github.com/platomav/mcextractor) Intel, AMD, VIA & Freescale Microcode Extraction Tool
- [**258**Star][16d] [JS] [mac-cain13/xdebug-helper-for-chrome](https://github.com/mac-cain13/xdebug-helper-for-chrome) Easily activate PHP debugging, profiling and tracing with this Xdebug Chrome extension
- [**258**Star][9m] [C#] [kevin-robertson/inveighzero](https://github.com/kevin-robertson/inveighzero) Windows C# LLMNR/mDNS/NBNS/DNS spoofer/man-in-the-middle tool
- [**258**Star][12d] [Shell] [kalilinuxtricksyt/easysploit](https://github.com/kalilinuxtricksyt/easysploit) EasySploit - Metasploit automation (EASIER and FASTER than EVER)
- [**258**Star][18d] [guardrailsio/awesome-dotnet-security](https://github.com/guardrailsio/awesome-dotnet-security) Awesome .NET Security Resources
- [**258**Star][2m] [Java] [godlikewangjun/dexknife-wj](https://github.com/godlikewangjun/dexknife-wj) apk加固插件 带签名校验、dex加密、资源混淆
- [**258**Star][6m] [Py] [frint0/email-enum](https://github.com/frint0/email-enum) Email-Enum searches mainstream websites and tells you if an email is registered! #DEPRECATED
- [**258**Star][10d] [C] [frida/frida-gum](https://github.com/frida/frida-gum) Cross-platform instrumentation and introspection library written in C
- [**258**Star][11d] [Go] [cloverstd/tcping](https://github.com/cloverstd/tcping) ping over a tcp connection
- [**258**Star][4m] [C++] [clinicallyinane/shellcode_launcher](https://github.com/clinicallyinane/shellcode_launcher) Shellcode launcher utility
- [**258**Star][12d] [Py] [census/choronzon](https://github.com/census/choronzon) An evolutionary knowledge-based fuzzer
- [**258**Star][20d] [C++] [arcemu/arcemu](https://github.com/arcemu/arcemu) World Of Warcraft 3.3.5a server package
- [**258**Star][2y] [C++] [alpha1ab/cve-2018-8120](https://github.com/alpha1ab/cve-2018-8120) CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7
- [**258**Star][12d] [Py] [airbus-seclab/ilo4_toolbox](https://github.com/airbus-seclab/ilo4_toolbox) Toolbox for HPE iLO4 & iLO5 analysis
- [**257**Star][11d] [Py] [maxhumber/gazpacho](https://github.com/maxhumber/gazpacho) 
- [**257**Star][4m] [Perl] [haroonawanofficial/tishna](https://github.com/haroonawanofficial/tishna) Complete Automated pentest framework for Web Firewals, Servers, Application Layer to Web Security
- [**257**Star][3m] [Perl] [haroonawanofficial/tishna](https://github.com/haroonawanofficial/tishna) Complete Automated pentest framework for Web Firewals, Servers, Application Layer to Web Security
- [**257**Star][29d] [Shell] [siomiz/softethervpn](https://github.com/siomiz/softethervpn) A Docker Automated Build Repository for SoftEther VPN
- [**257**Star][10d] [Jupyter Notebook] [hunters-forge/attack-python-client](https://github.com/hunters-forge/ATTACK-Python-Client) Python Script to access ATT&CK content available in STIX via a public TAXII server
- [**257**Star][15d] [C++] [revng/revng](https://github.com/revng/revng) the core repository of the rev.ng project (mirror)
- [**257**Star][11d] [Java] [usethesource/rascal](https://github.com/usethesource/rascal) The implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)
- [**257**Star][2m] [VimL] [ngmy/vim-rubocop](https://github.com/ngmy/vim-rubocop) The Vim RuboCop plugin runs RuboCop and displays the results in Vim
- [**257**Star][11d] [JS] [myetherwallet/ethereum-lists](https://github.com/myetherwallet/ethereum-lists) A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.
- [**257**Star][2m] [Py] [mindpointgroup/cloudfrunt](https://github.com/mindpointgroup/cloudfrunt) A tool for identifying misconfigured CloudFront domains
- [**257**Star][3y] [Mask] [lcatro/fuzzing-imagemagick](https://github.com/lcatro/fuzzing-imagemagick) OpenSource My ImageMagick Fuzzer ..
- [**257**Star][26d] [Py] [jamesturk/django-honeypot](https://github.com/jamesturk/django-honeypot) Django application that provides utilities for preventing automated form spam.
- [**257**Star][10d] [C] [hzqst/unicorn_pe](https://github.com/hzqst/unicorn_pe) Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
- [**257**Star][2y] [C] [hfiref0x/cve-2015-1701](https://github.com/hfiref0x/cve-2015-1701) Win32k LPE vulnerability used in APT attack
- [**257**Star][16d] [Py] [gildasio/h2t](https://github.com/gildasio/h2t) h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
- [**257**Star][1m] [Haskell] [galoisinc/haskell-tor](https://github.com/galoisinc/haskell-tor) A Haskell implementation of the Tor protocol.
- [**257**Star][14d] [Shell] [g0tmi1k/debian-ssh](https://github.com/g0tmi1k/debian-ssh) Debian OpenSSL Predictable PRNG (CVE-2008-0166)
- [**257**Star][11d] [TS] [chame1eon/jnitrace](https://github.com/chame1eon/jnitrace) A Frida based tool that traces usage of the JNI API in Android apps.
- [**257**Star][10d] [Go] [caddyserver/forwardproxy](https://github.com/caddyserver/forwardproxy) Forward proxy plugin for the Caddy web server
- [**256**Star][4m] [Py] [mez-0/ms17-010-python](https://github.com/mez-0/ms17-010-python) MS17-010: Python and Meterpreter
- [**256**Star][13d] [C] [ti-simplelink/ble_examples](https://github.com/ti-simplelink/ble_examples) Additional examples to compliment TI's Bluetooth Low Energy Stack offerings.
- [**256**Star][10d] [PHP] [pentestmonkey/php-reverse-shell](https://github.com/pentestmonkey/php-reverse-shell) php-reverse-shell
- [**256**Star][11d] [C++] [wwwg/wasmdec](https://github.com/wwwg/wasmdec) WebAssembly to C decompiler
- [**256**Star][4m] [Py] [voulnet/cve-2017-8759-exploit-sample](https://github.com/voulnet/cve-2017-8759-exploit-sample) Running CVE-2017-8759 exploit sample.
- [**256**Star][8y] [Java] [sporst/swfretools](https://github.com/sporst/swfretools) SWF file reverse engineering tools
- [**256**Star][1m] [C] [pbhogan/scrypt](https://github.com/pbhogan/scrypt) A Ruby gem with native C extension for the scrypt password hashing algorithm.
- [**256**Star][4m] [Java] [panhongwei/tracereader](https://github.com/panhongwei/tracereader) android小工具，通过读取trace文件，回溯整个整个程序执行调用树。
- [**256**Star][11d] [C] [llvm-mirror/compiler-rt](https://github.com/llvm-mirror/compiler-rt) Project moved to:
- [**256**Star][1m] [C] [leebrotherston/tls-fingerprinting](https://github.com/leebrotherston/tls-fingerprinting) TLS Fingerprinting
- [**256**Star][2y] [PS] [killswitch-gui/pentesting-scripts](https://github.com/killswitch-gui/pentesting-scripts) A ton of helpful tools
- [**256**Star][2y] [PHP] [interference-security/dvws](https://github.com/interference-security/dvws) OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
- [**256**Star][4m] [C] [guanchao/appprotect](https://github.com/guanchao/appprotect) 整理一些app常见的加固方法，包括java层、native层和资源文件加固等
- [**256**Star][10d] [Go] [gocaio/goca](https://github.com/gocaio/goca) Goca Scanner
- [**256**Star][17d] [Py] [geekwolf/fms](https://github.com/geekwolf/fms) 运维故障管理系统
- [**256**Star][17d] [C#] [brianhama/de4dot](https://github.com/brianhama/de4dot) .NET deobfuscator and unpacker.
- [**256**Star][2m] [Py] [asweigart/codebreaker](https://github.com/asweigart/codebreaker) "Hacking Secret Ciphers with Python" programs
- [**256**Star][3y] [HTML] [arno0x/embedinhtml](https://github.com/arno0x/embedinhtml) Embed and hide any file in an HTML file
- [**255**Star][15d] [alexellis/mine-with-docker](https://github.com/alexellis/mine-with-docker) Mine cryptocurrencies with Docker containers and get paid in Bitcoin (BTC)
- [**255**Star][11d] [Go] [cruise-automation/k-rail](https://github.com/cruise-automation/k-rail) Kubernetes security tool for policy enforcement
- [**255**Star][29d] [OCaml] [mirage/mirage-tcpip](https://github.com/mirage/mirage-tcpip) TCP/IP networking stack in pure OCaml, using the Mirage platform libraries. Includes IPv4/6, ICMP, and UDP/TCP support.
- [**255**Star][14d] [Py] [tencent/qt4a](https://github.com/tencent/qt4a) QTA driver for Android app
- [**255**Star][13d] [Py] [prahladyeri/hotspotd](https://github.com/prahladyeri/hotspotd) Simple daemon to create a wifi hotspot on Linux
- [**255**Star][12d] [PS] [p3nt4/invoke-piper](https://github.com/p3nt4/Invoke-Piper) Forward local or remote tcp ports through SMB pipes.
- [**255**Star][4m] [C++] [wbenny/detoursnt](https://github.com/wbenny/detoursnt) Detours with just single dependency - NTDLL
- [**255**Star][1y] [C#] [tevora-threat/sharpview](https://github.com/tevora-threat/sharpview) C# implementation of harmj0y's PowerView
- [**255**Star][3m] [CSS] [steamdatabase/gametracking-dota2](https://github.com/steamdatabase/gametracking-dota2) 
- [**255**Star][2y] [Py] [rxwx/cve-2018-0802](https://github.com/rxwx/cve-2018-0802) PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
- [**255**Star][5m] [C] [osresearch/ledscape](https://github.com/osresearch/ledscape) Beagle Bone Black cape and firmware for driving a large number of WS281x LED strips.
- [**255**Star][14d] [Py] [nteseyes/pylane](https://github.com/nteseyes/pylane) An python vm injector with debug tools, based on gdb.
- [**255**Star][11m] [JS] [natmeg/scriptedamigaemulator](https://github.com/natmeg/scriptedamigaemulator) Amiga Emulator in javascript and HTML5
- [**255**Star][17d] [Ruby] [nahamsec/lazys3](https://github.com/nahamsec/lazys3) A Ruby script to bruteforce for AWS s3 buckets using different permutations.
- [**255**Star][17d] [Py] [mwielgoszewski/python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) A portable, padding oracle exploit API
- [**255**Star][3y] [C++] [minhaskamal/stupidkeylogger](https://github.com/minhaskamal/stupidkeylogger) A Terrific Keystroke Recorder (keylogger-key-logger-spyware-spy-trojan-simple-virus-for-windows-10-7-xp-smart-c-c++-cpp-code)
- [**255**Star][2y] [PS] [mdsecresearch/lyncsniper](https://github.com/mdsecresearch/lyncsniper) a tool for penetration testing Lync and Skype for Business deployments hosted either on premise or in Office 365.
- [**255**Star][13d] [C] [linux-audit/audit-userspace](https://github.com/linux-audit/audit-userspace) Linux audit userspace repository
- [**255**Star][12d] [Py] [leonardonve/dns2proxy](https://github.com/leonardonve/dns2proxy) Offensive DNS server
- [**255**Star][15d] [C] [jakeajames/rootlessjb](https://github.com/jakeajames/rootlessjb) jailbreak without filesystem remount as r/w
- [**255**Star][7m] [Java] [fanhua1994/dzfilter](https://github.com/fanhua1994/dzfilter) 【停止维护】使用DFA算法实现的内容安全,反垃圾,智能鉴黄,敏感词过滤,不良信息检测，文本校验，敏感词检测，包括关键词提取，过滤html标签等。
- [**255**Star][12d] [C#] [erfg12/memory.dll](https://github.com/erfg12/memory.dll) C# Hacking library for making PC game trainers.
- [**255**Star][2y] [Py] [deadpix3l/cryptsky](https://github.com/deadpix3l/cryptsky) A simple, fully python ransomware PoC
- [**255**Star][21d] [JS] [danleh/wasabi](https://github.com/danleh/wasabi) A dynamic analysis framework for WebAssembly programs.
- [**255**Star][12d] [C] [compsec-snu/razzer](https://github.com/compsec-snu/razzer) A Kernel fuzzer focusing on race bugs
- [**255**Star][2y] [C] [benjamin-42/trident](https://github.com/benjamin-42/trident) exploits 
- [**255**Star][19d] [Py] [0x4d31/salt-scanner](https://github.com/0x4d31/salt-scanner) Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
- [**254**Star][11d] [VBScript] [sailay1996/awesome_windows_logical_bugs](https://github.com/sailay1996/awesome_windows_logical_bugs) collect for learning cases
- [**254**Star][17d] [Java] [tidesec/decrypt_weblogic_password](https://github.com/tidesec/decrypt_weblogic_password) 搜集了市面上绝大部分weblogic解密方式，整理了7种解密weblogic的方法及响应工具。
- [**254**Star][15d] [C] [klsecservices/invoke-vnc](https://github.com/klsecservices/Invoke-Vnc)  executes a VNC agent in-memory and initiates a reverse connection, or binds to a specified port. 
- [**254**Star][4m] [C] [pagalaxylab/unifuzzer](https://github.com/PAGalaxyLab/uniFuzzer) A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
- [**254**Star][3m] [Go] [yanc0/beeping](https://github.com/yanc0/beeping) HTTP Monitoring via API - Measure the performance of your servers
- [**254**Star][17d] [Py] [xyuanmu/checkiptools](https://github.com/xyuanmu/checkiptools) CheckIPTools 扫描谷歌IP以及实用IP转换小工具
- [**254**Star][1m] [Py] [wazuh/wazuh-ruleset](https://github.com/wazuh/wazuh-ruleset) ruleset is used to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, system anomalies or security policy violations.
- [**254**Star][10d] [C] [tishion/mmloader](https://github.com/tishion/mmloader) A library for loading dll module bypassing windows PE loader from memory (x86/x64)
- [**254**Star][11m] [HTML] [mikewest/http-state-tokens](https://github.com/mikewest/http-state-tokens) Incrementally better HTTP state management.
- [**254**Star][4m] [Py] [mez-0/ms17-010-python](https://github.com/mez-0/MS17-010-Python) MS17-010: Python and Meterpreter
- [**254**Star][1m] [C++] [kwin/macdependency](https://github.com/kwin/macdependency) MacDependency shows all dependent libraries and frameworks of a given executable, dynamic library or framework on Mac OS X
- [**254**Star][1m] [JS] [jesusprubio/bluebox-ng](https://github.com/jesusprubio/bluebox-ng) Pentesting framework using Node.js powers, focused in VoIP.
- [**254**Star][4m] [PS] [byt3bl33d3r/offensivedlr](https://github.com/byt3bl33d3r/offensivedlr) Toolbox containing research notes & PoC code for weaponizing .NET's DLR
- [**254**Star][3y] [Py] [airsage/petrel](https://github.com/airsage/petrel) Tools for writing, submitting, debugging, and monitoring Storm topologies in pure Python
- [**253**Star][12d] [JS] [microsoft/ghcrawler](https://github.com/microsoft/ghcrawler) Crawl GitHub APIs and store the discovered orgs, repos, commits, ...
- [**253**Star][10d] [Py] [d0g3-lab/h1ve](https://github.com/d0g3-lab/h1ve) An Easy / Quick / Cheap Integrated Platform
- [**253**Star][14d] [Go] [zyfworks/anothersteamcommunityfix](https://github.com/zyfworks/anothersteamcommunityfix) 通过修改hosts转发HTTP请求的方式临时性修复SteamCommunity在中国大陆无法访问的小工具
- [**253**Star][11m] [Shell] [ctfhacker/epictreasure](https://github.com/ctfhacker/EpicTreasure) Batteries included CTF VM
- [**253**Star][11d] [Py] [tipam/pi3d](https://github.com/tipam/pi3d) Simple, yet powerful, 3D Python graphics library for beginners and school children running on the Raspberry Pi.
- [**253**Star][5m] [C++] [s0uthwest/futurerestore](https://github.com/s0uthwest/futurerestore) iOS upgrade and downgrade tool utilizing SHSH blobs
- [**253**Star][16d] [Py] [rickey-g/fancybear](https://github.com/rickey-g/fancybear) Fancy Bear Source Code
- [**253**Star][12d] [Perl] [modzero/mod0burpuploadscanner](https://github.com/modzero/mod0burpuploadscanner) HTTP file upload scanner for Burp Proxy
- [**253**Star][3m] [PS] [microsoft/aaronlocker](https://github.com/microsoft/aaronlocker) Robust and practical application whitelisting for Windows
- [**253**Star][4y] [Py] [metac0rtex/githarvester](https://github.com/metac0rtex/githarvester) harvesting information from GitHub
- [**253**Star][14d] [Py] [matthewclarkmay/geoip-attack-map](https://github.com/matthewclarkmay/geoip-attack-map) Cyber security geoip attack map that follows syslog and parses IPs/port numbers to visualize attackers in real time.
- [**253**Star][11d] [Max] [maroueneboubakri/lscan](https://github.com/maroueneboubakri/lscan) lscan is a library identification tool on statically linked/stripped binaries
- [**253**Star][11d] [Py] [maaaaz/nmaptocsv](https://github.com/maaaaz/nmaptocsv) A simple python script to convert Nmap output to CSV
- [**253**Star][12d] [PS] [lukebaggett/dnscat2-powershell](https://github.com/lukebaggett/dnscat2-powershell) A Powershell client for dnscat2, an encrypted DNS command and control tool.
- [**253**Star][13d] [jesusprubio/awesome-nodejs-pentest](https://github.com/jesusprubio/awesome-nodejs-pentest) Awesome Node.js for pentesters
- [**253**Star][2y] [C#] [jephthai/openpasswordfilter](https://github.com/jephthai/openpasswordfilter) An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.
- [**253**Star][15d] [Py] [intezer/docker-ida](https://github.com/intezer/docker-ida) Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
- [**253**Star][4m] [Py] [initroot/burpjslinkfinder](https://github.com/initroot/burpjslinkfinder) Burp Extension for a passive scanning JS files for endpoint links.
- [**253**Star][10d] [Py] [hellogoldsnakeman/masnmapscan-v1.0](https://github.com/hellogoldsnakeman/masnmapscan-v1.0) 一款端口扫描器。整合了masscan和nmap两款扫描器，masscan扫描端口，nmap扫描端口对应服务，二者结合起来实现了又快又好地扫描。并且加入了防火墙的功能
- [**253**Star][22d] [Propeller Spin] [grandideastudio/jtagulator](https://github.com/grandideastudio/jtagulator) Assisted discovery of on-chip debug interfaces
- [**253**Star][1m] [Py] [donnchac/onionbalance](https://github.com/donnchac/onionbalance) OnionBalance provides load-balancing and redundancy for Tor hidden services
- [**253**Star][23d] [Py] [atexio/mercure](https://github.com/atexio/mercure) for security managers who want to train their colleague to phishing.
- [**252**Star][10d] [Jupyter Notebook] [geohot/ai-notebooks](https://github.com/geohot/ai-notebooks) Some ipython notebooks implementing AI algorithms
- [**252**Star][4m] [Shell] [sprov065/sprov-ui](https://github.com/sprov065/sprov-ui) 一个支持多协议多用户的v2ray Web面板
- [**252**Star][13d] [Shell] [zfl9/gfwlist2privoxy](https://github.com/zfl9/gfwlist2privoxy) 将 gfwlist.txt（Adblock Plus 规则）转换为 privoxy.action
- [**252**Star][3y] [PS] [und3rf10w/aggressor-scripts](https://github.com/und3rf10w/aggressor-scripts) Aggressor scripts I've made for Cobalt Strike
- [**252**Star][5m] [Shell] [thesecondsun/revssl](https://github.com/thesecondsun/revssl) A simple script that automates generation of OpenSSL reverse shells
- [**252**Star][1y] [C++] [strivexjun/xantidebug](https://github.com/strivexjun/xantidebug) VMProtect 3.x Anti-debug Method Improved
- [**252**Star][4m] [C] [dronebridge/dronebridge](https://github.com/DroneBridge/DroneBridge) DroneBridge is a system based on the WifiBroadcast approach. A bidirectional digital radio link between two endpoints is established using standard WiFi hardware and a custom protocol. DroneBridge is optimized for use in UAV applications and is a complete system. It is intended be a real alternative to other similar systems, such as DJI Lightbri…
- [**252**Star][14d] [JS] [samsung/jalangi2](https://github.com/samsung/jalangi2) Dynamic analysis framework for JavaScript
- [**252**Star][2m] [Java] [petercunha/jenkins-rce](https://github.com/petercunha/jenkins-rce) 
- [**252**Star][4m] [PS] [notmedic/netntlmtosilverticket](https://github.com/notmedic/netntlmtosilverticket) SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
- [**252**Star][3y] [Ruby] [nahamsec/hostilesubbruteforcer](https://github.com/nahamsec/hostilesubbruteforcer)  bruteforce for exisiting subdomains and provide the following information
- [**252**Star][14d] [Rust] [kzen-networks/multi-party-ecdsa](https://github.com/kzen-networks/multi-party-ecdsa) Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital signature algorithm).
- [**252**Star][12d] [Py] [hgascon/pulsar](https://github.com/hgascon/pulsar) Protocol Learning and Stateful Fuzzing
- [**252**Star][13d] [OCaml] [fstarlang/kremlin](https://github.com/fstarlang/kremlin) KreMLin is a tool for extracting low-level F* programs to readable C code
- [**252**Star][15d] [Py] [feicong/jni_helper](https://github.com/feicong/jni_helper) Android SO automatic injection
- [**251**Star][12d] [JS] [jopyth/mmm-remote-control](https://github.com/jopyth/mmm-remote-control) Magic Mirror Module to shutdown or configure your mirror
- [**251**Star][4m] [Py] [shodansploit/shodansploit](https://github.com/shodansploit/shodansploit) a search engine on the internet where you can find interesting things all over the world
- [**251**Star][11d] [Py] [darkarp/chromepass](https://github.com/darkarp/chromepass) Chromepass - Hacking Chrome Saved Passwords
- [**251**Star][2y] [Py] [warflop/cloudbunny](https://github.com/warflop/cloudbunny) apture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
- [**251**Star][16d] [PHP] [spatie/ssl-certificate-chain-resolver](https://github.com/spatie/ssl-certificate-chain-resolver) SSL certificate chain resolver
- [**251**Star][1y] [Java] [shiltemann/ctf-writeups-public](https://github.com/shiltemann/ctf-writeups-public) Writeups for infosec Capture the Flag events by team Galaxians
- [**251**Star][12d] [Py] [scrapinghub/spidermon](https://github.com/scrapinghub/spidermon) Scrapy Extension for monitoring spiders execution.
- [**251**Star][11d] [Py] [sakhnik/nvim-gdb](https://github.com/sakhnik/nvim-gdb) Neovim thin wrapper for GDB, LLDB, PDB and BashDB
- [**251**Star][4m] [o-mg/demonseed](https://github.com/o-mg/demonseed) minimal malicious USB cabl
- [**251**Star][2y] [Py] [neohapsis/creddump7](https://github.com/neohapsis/creddump7) modifications to the original 'creddump' program
- [**251**Star][2y] [Java] [nccgroup/burpsuiteloggerplusplus](https://github.com/nccgroup/burpsuiteloggerplusplus) Burp Suite Logger++: Log activities of all the tools in Burp Suite
- [**251**Star][2y] [PS] [leoloobeek/lapstoolkit](https://github.com/leoloobeek/lapstoolkit) Tool to audit and attack LAPS environments
- [**251**Star][10d] [Java] [leadroyal/fastjson-blacklist](https://github.com/leadroyal/fastjson-blacklist) 
- [**251**Star][1y] [jeffzh3ng/insectsawake](https://github.com/jeffzh3ng/insectsawake) Network Vulnerability Scanner
- [**251**Star][10d] [Py] [inquest/python-iocextract](https://github.com/inquest/python-iocextract) Defanged Indicator of Compromise (IOC) Extractor.
- [**251**Star][2y] [Py] [igio90/frick](https://github.com/igio90/frick) aka the first debugger built on top of frida
- [**251**Star][1y] [ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet](https://github.com/ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet) WordPress Plugin Security Testing Cheat Sheet
- [**251**Star][2m] [C] [dosomder/iovyroot](https://github.com/dosomder/iovyroot) CVE-2015-1805 root tool
- [**251**Star][1y] [Py] [crowdstrike/forensics](https://github.com/crowdstrike/forensics) Scripts and code referenced in CrowdStrike blog posts
- [**251**Star][3m] [basilfx/tradfri-hacking](https://github.com/basilfx/tradfri-hacking) Hacking the IKEA TRÅDFRI light bulbs and accessories.
- [**251**Star][17d] [C] [agl/curve25519-donna](https://github.com/agl/curve25519-donna) Implementations of a fast Elliptic-curve Diffie-Hellman primitive
- [**251**Star][2y] [C#] [0xbadjuju/wheresmyimplant](https://github.com/0xbadjuju/wheresmyimplant) A Bring Your Own Land Toolkit that Doubles as a WMI Provider
- [**250**Star][19d] [Py] [tiann/super-adb](https://github.com/tiann/super-adb) Enhance the adb shell using busybox, supporting vi、grep and awk etc. No need root.
- [**250**Star][20d] [dustyfresh/php-vulnerability-audit-cheatsheet](https://github.com/dustyfresh/php-vulnerability-audit-cheatsheet) This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
- [**250**Star][4m] [Ruby] [urbanesec/zackattack](https://github.com/urbanesec/ZackAttack) Unveiled at DEF CON 20, NTLM Relaying to ALL THE THINGS!
- [**250**Star][5y] [Py] [wooyun/tangscan](https://github.com/wooyun/tangscan) TangScan
- [**250**Star][10d] [Go] [valyala/goloris](https://github.com/valyala/goloris) Slowloris for nginx DoS. Written in go
- [**250**Star][4m] [Py] [timlib/webxray](https://github.com/timlib/webxray) webxray is a tool for analyzing third-party content on webpages and identifying the companies which collect user data.
- [**250**Star][3y] [Py] [tcstool/fireaway](https://github.com/tcstool/fireaway) Next Generation Firewall Audit and Bypass Tool
- [**250**Star][3y] [C#] [sparkfunx/skimmer_scanner](https://github.com/sparkfunx/skimmer_scanner) A mobile app for detecting bluetooth gas pump credit card skimmers
- [**250**Star][12d] [C] [snar/bgpq3](https://github.com/snar/bgpq3) bgp filtering automation tool 
- [**250**Star][20d] [Py] [sensepost/autodane](https://github.com/sensepost/autodane) Auto Domain Admin and Network Exploitation.
- [**250**Star][29d] [Py] [nirvik/iwant](https://github.com/nirvik/iwant) Commandline tool for searching and downloading files in LAN network, without any central server
- [**250**Star][4m] [Py] [naville/wtfjh](https://github.com/naville/wtfjh) One-step iOS binary runtime instrumentation for the lazy ones
- [**250**Star][10d] [PS] [miriamxyra/eventlist](https://github.com/miriamxyra/eventlist) help improving your Audit capabilities and to help to build your Security Operation Center.
- [**250**Star][18d] [C++] [meeloo/xspray](https://github.com/meeloo/xspray) A front end for lldb on OS X for Mac and iOS targets, with a twist
- [**250**Star][4m] [jdonsec/allthingsssrf](https://github.com/jdonsec/allthingsssrf) This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
- [**250**Star][2y] [C] [jas502n/0day-security-software-vulnerability-analysis-technology](https://github.com/jas502n/0day-security-software-vulnerability-analysis-technology) 0day安全_软件漏洞分析技术
- [**250**Star][6m] [C++] [evpo/encryptpad](https://github.com/evpo/encryptpad) Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
- [**250**Star][13d] [Py] [euphrat1ca/fuzzdb-collect](https://github.com/euphrat1ca/fuzzdb-collect) 集合github平台上的安全行业从业者自研开源扫描器的仓库，包括子域名枚举、数据库漏洞扫描、弱口令或信息泄漏扫描、端口扫描、指纹识别以及其他大型扫描器或模块化扫描器
- [**250**Star][1m] [Py] [eth0izzle/the-endorser](https://github.com/eth0izzle/the-endorser) An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.
- [**250**Star][19d] [C] [ele7enxxh/android-afl](https://github.com/ele7enxxh/android-afl) Fuzzing Android program with american fuzzy lop (AFL)
- [**250**Star][12d] [Shell] [edoverflow/megplus](https://github.com/edoverflow/megplus) Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
- [**250**Star][10d] [C] [ctz/cifra](https://github.com/ctz/cifra) A collection of cryptographic primitives targeted at embedded use.
- [**250**Star][11d] [Common Lisp] [cffi/cffi](https://github.com/cffi/cffi) The Common Foreign Function Interface
- [**250**Star][23d] [Py] [benoitc/tproxy](https://github.com/benoitc/tproxy) simple TCP routing proxy
- [**250**Star][4y] [C] [begeekmyfriend/cuckoofilter](https://github.com/begeekmyfriend/cuckoofilter) Substitute for bloom filter.
- [**250**Star][23d] [Py] [battelle/sandsifter](https://github.com/battelle/sandsifter) The x86 processor fuzzer
- [**250**Star][2y] [Py] [avramit/instahack](https://github.com/avramit/instahack) Instagram bruteforce tool
- [**250**Star][4m] [Py] [antoniococo/sharpyshell](https://github.com/antoniococo/sharpyshell) tiny and obfuscated ASP.NET webshell for C# web applications
- [**249**Star][1m] [CSS] [mehonoshin/smartvpn-billing](https://github.com/mehonoshin/smartvpn-billing) Billing and auth system for VPN provider
- [**249**Star][11d] [PS] [enjoiz/privesc](https://github.com/enjoiz/privesc) Windows batch script that finds misconfiguration issues which can lead to privilege escalation.
- [**249**Star][9d] [Py] [sethmlarson/virtualbox-python](https://github.com/sethmlarson/virtualbox-python) Complete implementation of VirtualBox's COM API with a Pythonic interface.
- [**249**Star][10d] [Py] [rpisec/llvm-deobfuscator](https://github.com/rpisec/llvm-deobfuscator) Performs the inverse operation of the control flow flattening pass performed by LLVM-Obfuscator
- [**249**Star][15d] [Py] [rockerflower/shadowsocks](https://github.com/rockerflower/shadowsocks) 
- [**249**Star][8m] [C++] [richkmeli/richkware](https://github.com/richkmeli/richkware) Framework for building Windows malware, written in C++
- [**249**Star][8y] [rentzsch/mach_star](https://github.com/rentzsch/mach_star) code injection and function overriding for Mac OS X
- [**249**Star][1y] [Py] [paradoxis/stegcracker](https://github.com/paradoxis/stegcracker) Steganography brute-force utility to uncover hidden data inside files
- [**249**Star][4y] [Java] [neophob/pixelcontroller](https://github.com/neophob/pixelcontroller) (LED) Matrix Control Software, supports various Hardware, Keywords: LED Matrix, OSC, Realtime, VJ, Arduino, Teensy, RPI
- [**249**Star][9m] [C++] [nektra/deviare-inproc](https://github.com/nektra/deviare-inproc) Deviare In Process Instrumentation Engine
- [**249**Star][23d] [Py] [mzfr/liffy](https://github.com/mzfr/liffy) Local file inclusion exploitation tool
- [**249**Star][5m] [Py] [mandatoryprogrammer/trusttrees](https://github.com/mandatoryprogrammer/trusttrees) a script to recursively follow all the possible delegation paths for a target domain and graph the relationships between various nameservers along the way.
- [**249**Star][2y] [Py] [maian-tool/maian](https://github.com/maian-tool/maian) automatic tool for finding trace vulnerabilities in Ethereum smart contracts
- [**249**Star][10d] [Makefile] [kframework/evm-semantics](https://github.com/kframework/evm-semantics) K Semantics of the Ethereum Virtual Machine (EVM)
- [**249**Star][18d] [Py] [intrepidusgroup/mallory](https://github.com/intrepidusgroup/mallory) Mallory - MiTM TCP and UDP Proxy
- [**249**Star][2y] [Py] [dionach/cmsmap](https://github.com/dionach/cmsmap) CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
- [**249**Star][21d] [Py] [dbgx/lldb.nvim](https://github.com/dbgx/lldb.nvim) Debugger integration with a focus on ease-of-use.
- [**249**Star][1y] [Py] [cryin/javaid](https://github.com/cryin/javaid) java source code static code analysis and danger function identify prog
- [**249**Star][11d] [Py] [crowdstrike/automactc](https://github.com/crowdstrike/automactc) Automated Mac Forensic Triage Collector
- [**249**Star][7m] [Py] [a3sal0n/falcongate](https://github.com/a3sal0n/falcongate) A smart gateway to stop hackers and Malware attacks
- [**248**Star][13d] [Py] [googleprojectzero/ios-messaging-tools](https://github.com/googleprojectzero/ios-messaging-tools) several tools Project Zero uses to test iPhone messaging
- [**248**Star][10d] [JS] [txthinking/blackwhite](https://github.com/txthinking/blackwhite) Domain, CIDR, IP black/white list, PAC generator
- [**248**Star][2y] [batchfile] [zerodot1/coinblockerlists](https://github.com/zerodot1/coinblockerlists) Simple lists that can help prevent cryptomining in the browser or other applications.
- [**248**Star][8d] [C] [wolfssl/wolfmqtt](https://github.com/wolfssl/wolfmqtt) wolfMQTT is a small, fast, portable MQTT client implementation, including support for TLS 1.3.
- [**248**Star][22d] [Py] [whitel1st/docem](https://github.com/whitel1st/docem) Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
- [**248**Star][4m] [JS] [we11cheng/wcshadowrocket](https://github.com/we11cheng/wcshadowrocket) iOS Shadowrocket(砸壳重签,仅供参考,添加节点存在问题)。另一个fq项目potatso源码参见:
- [**248**Star][10d] [PS] [tonyphipps/meerkat](https://github.com/TonyPhipps/Meerkat) A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
- [**248**Star][20d] [Go] [stevenaldinger/decker](https://github.com/stevenaldinger/decker) Declarative penetration testing orchestration framework
- [**248**Star][11d] [Go] [masterzen/winrm](https://github.com/masterzen/winrm) Command-line tool and library for Windows remote command execution in Go
- [**248**Star][1m] [Ruby] [hakirisec/hakiri_toolbelt](https://github.com/hakirisec/hakiri_toolbelt) Secure Ruby apps with Hakiri
- [**248**Star][3y] [Shell] [h0nus/roguesploit](https://github.com/h0nus/roguesploit) Powerfull Wi-Fi trap!
- [**248**Star][1m] [Py] [cuckoosandbox/community](https://github.com/cuckoosandbox/community) Repository of modules and signatures contributed by the community
- [**248**Star][10d] [Shell] [bmaeser/iptables-boilerplate](https://github.com/bmaeser/iptables-boilerplate) rock solid default firewall-rules for webhosts
- [**248**Star][10d] [Shell] [blacktop/docker-cuckoo](https://github.com/blacktop/docker-cuckoo) Cuckoo Sandbox Dockerfile
- [**247**Star][2m] [Py] [hitfrobot/happy-spiders](https://github.com/hitfrobot/happy-spiders) 基于scrapy框架编写的，爬取各大主流网站的模板代码
- [**247**Star][10d] [Shell] [t0xst/linux](https://github.com/t0xst/linux) linux安全检查
- [**247**Star][10d] [Go] [ne1llee/v2ray2clash](https://github.com/ne1llee/v2ray2clash) V2ray、SSR subscribe convert to Clash、QuantumultX
- [**247**Star][12d] [C++] [boomerangdecompiler/boomerang](https://github.com/BoomerangDecompiler/boomerang) Boomerang Decompiler - Fighting the code-rot :)
- [**247**Star][16d] [Jupyter Notebook] [wesleyraptor/streamingphish](https://github.com/wesleyraptor/streamingphish) Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network.
- [**247**Star][4m] [Py] [webbreacher/whatsmyname](https://github.com/webbreacher/whatsmyname) This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects.
- [**247**Star][4m] [JS] [varchashva/letsmapyournetwork](https://github.com/varchashva/letsmapyournetwork) Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error
- [**247**Star][4m] [Py] [teag1e/burpcollector](https://github.com/teag1e/burpcollector) 通过BurpSuite来构建自己的爆破字典，可以通过字典爆破来发现隐藏资产。
- [**247**Star][2y] [Py] [spaze/oprah-proxy](https://github.com/spaze/oprah-proxy) Generate credentials for Opera's "browser VPN"
- [**247**Star][2y] [Py] [rub-syssec/microcode](https://github.com/rub-syssec/microcode) Microcode Updates for the USENIX 2017 paper: Reverse Engineering x86 Processor Microcode
- [**247**Star][5y] [Py] [n0tr00t/beebeeto-framework](https://github.com/n0tr00t/beebeeto-framework) Beebeeto FrameWork
- [**247**Star][5y] [Py] [jackgitgz/cnblogsspider](https://github.com/jackgitgz/cnblogsspider) 用scrapy采集cnblogs列表页爬虫
- [**247**Star][24d] [HTML] [ikarienator/phantomjs_hide_and_seek](https://github.com/ikarienator/phantomjs_hide_and_seek) Some ideas around spoofing and detecting user agents.
- [**247**Star][2m] [C++] [fireice-uk/xmr-stak-nvidia](https://github.com/fireice-uk/xmr-stak-nvidia) Monero NVIDIA miner
- [**247**Star][3m] [PHP] [enygma/expose](https://github.com/enygma/expose) An Intrusion Detection System library loosely based on PHP IDS
- [**247**Star][5m] [Go] [dengsgo/fileboy](https://github.com/dengsgo/fileboy) fileboy，文件变更监听通知系统，使用 Go 编写。Fileboy, File Change Monitoring Notification System, written with Go.
- [**247**Star][22d] [JS] [cr0hn/vulnerable-node](https://github.com/cr0hn/vulnerable-node) A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
- [**246**Star][4m] [CSS] [trustedsec/sysmoncommunityguide](https://github.com/trustedsec/sysmoncommunityguide) TrustedSec Sysinternals Sysmon Community Guide
- [**246**Star][8m] [phortx/raspberry-pi-setup-guide](https://github.com/phortx/raspberry-pi-setup-guide) A really opionionated guide how to setup a Raspberry Pi 4 with Arch Linux including WiringPi, NTP, Wi-Fi, SSH, Ruby (asdf), ZSH and more.
- [**246**Star][15d] [Clojure] [weavejester/hashp](https://github.com/weavejester/hashp) A better "prn" for debugging
- [**246**Star][2m] [JS] [paperseller/chn-iplist](https://github.com/paperseller/chn-iplist) Chnroutes rules for routers、Shadowrocket、Quantumult、Kitsunebi、acl、BifrostV、v2rayNG、clash、pac、v2ray config file.
- [**246**Star][10d] [JS] [saul/demofile](https://github.com/saul/demofile) Node.js library for parsing Counter-Strike: Global Offensive demo files
- [**246**Star][16d] [Py] [xhujoy/pysc2-agents](https://github.com/xhujoy/pysc2-agents) This is a simple implementation of DeepMind's PySC2 RL agents.
- [**246**Star][4m] [Shell] [x1mdev/reconpi](https://github.com/x1mdev/reconpi) ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
- [**246**Star][2y] [C++] [woxihuannisja/bangcle](https://github.com/woxihuannisja/bangcle) The second generation Android Hardening Protection
- [**246**Star][4m] [Rust] [tox-rs/tox](https://github.com/tox-rs/tox) toxcore implementation in Rust
- [**246**Star][16d] [C] [suvllian/process-inject](https://github.com/suvllian/process-inject) 在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
- [**246**Star][4m] [Java] [righettod/poc-graphql](https://github.com/righettod/poc-graphql) Research on GraphQL from an AppSec point of view.
- [**246**Star][19d] [Py] [jullrich/pcap2curl](https://github.com/jullrich/pcap2curl) Read a packet capture, extract HTTP requests and turn them into cURL commands for replay.
- [**246**Star][2y] [hsis007/useful_websites_for_pentester](https://github.com/hsis007/useful_websites_for_pentester) This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.
- [**246**Star][2y] [JS] [holyvier/prototype-pollution-nsec18](https://github.com/holyvier/prototype-pollution-nsec18) Content released at NorthSec 2018 for my talk on prototype pollution
- [**246**Star][11d] [Py] [feicong/lua_re](https://github.com/feicong/lua_re) reverse engineering for lua(lua/luac/luajit/lua_dec/lua_loader/lua_proc)
- [**246**Star][2y] [JS] [cryptogenic/ps4-4.55-kernel-exploit](https://github.com/cryptogenic/ps4-4.55-kernel-exploit) A fully implemented kernel exploit for the PS4 on 4.55FW
- [**246**Star][13d] [Py] [codeinthehole/purl](https://github.com/codeinthehole/purl) A simple, immutable URL class with a clean API for interrogation and manipulation.
- [**245**Star][16d] [Swift] [protonvpn/ios-app](https://github.com/protonvpn/ios-app) Official ProtonVPN iOS app
- [**245**Star][2y] [C++] [zhuhaow/libnekit](https://github.com/zhuhaow/libnekit) Efficient and Flexible Network Utility Library
- [**245**Star][4m] [aleenzz/php_bug_wiki](https://github.com/aleenzz/php_bug_wiki) 代码审计相关的一些知识
- [**245**Star][10d] [C++] [piker-alpha/macosxbootloader](https://github.com/piker-alpha/macosxbootloader) Pike's bootloader
- [**245**Star][7m] [C] [wbenny/ia32-doc](https://github.com/wbenny/ia32-doc) IA32-doc is a project which aims to put as many definitions from the Intel Manual into machine-processable format as possible
- [**245**Star][4m] [C] [vusec/ridl](https://github.com/vusec/ridl) RIDL test suite and exploits
- [**245**Star][11d] [Py] [utds3lab/multiverse](https://github.com/utds3lab/multiverse) A static binary rewriter that does not use heuristics
- [**245**Star][4y] [PHP] [tdifg/webshell](https://github.com/tdifg/webshell) WebShell Collect
- [**245**Star][4m] [C++] [rexdf/commandtrayhost](https://github.com/rexdf/commandtrayhost) A command line program monitor systray for Windows
- [**245**Star][2y] [Ruby] [rastating/joomlavs](https://github.com/rastating/joomlavs) A black box, Ruby powered, Joomla vulnerability scanner
- [**245**Star][18d] [PHP] [psecio/versionscan](https://github.com/psecio/versionscan) A PHP version scanner for reporting possible vulnerabilities
- [**245**Star][5m] [HTML] [patrowl/patrowlmanager](https://github.com/patrowl/patrowlmanager) PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
- [**245**Star][10d] [C++] [p4lang/p4c](https://github.com/p4lang/p4c) P4_16 reference compiler
- [**245**Star][2y] [Py] [nettitude/prowl](https://github.com/nettitude/prowl) an email harvesting tool that scrapes Yahoo for Linkedin profiles associated to the users search terms and identifies job titles
- [**245**Star][17d] [Ruby] [hahwul/droid-hunter](https://github.com/hahwul/droid-hunter) (deprecated) Android application vulnerability analysis and Android pentest tool
- [**245**Star][19d] [Py] [fortunec00kie/bug-monitor](https://github.com/fortunec00kie/bug-monitor) Seebug、structs、cve漏洞实时监控推送系统
- [**245**Star][15d] [Py] [epickrram/grav](https://github.com/epickrram/grav) Performance visualisation tools
- [**245**Star][3y] [Go] [egebalci/egesploit](https://github.com/egebalci/egesploit) EGESPLOIT is a golang library for malware development
- [**245**Star][5m] [cujanovic/markdown-xss-payloads](https://github.com/cujanovic/markdown-xss-payloads) XSS payloads for exploiting Markdown syntax
- [**245**Star][15d] [cr0hn/nosqlinjection_wordlists](https://github.com/cr0hn/nosqlinjection_wordlists) This repository contains payload to test NoSQL Injections
- [**245**Star][2y] [Py] [arno0x/wsc2](https://github.com/arno0x/wsc2) A WebSocket C2 Tool
- [**245**Star][2m] [JS] [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc) Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
- [**244**Star][4m] [C] [yifengyou/the-design-and-implementation-of-a-64-bit-os](https://github.com/yifengyou/The-design-and-implementation-of-a-64-bit-os) 《一个64位操作系统的设计与实现》读书笔记&随书源码
- [**244**Star][25d] [Py] [cylance/cybot](https://github.com/cylance/CyBot) Open Source Threat Intelligence Chat Bot
- [**244**Star][15d] [ludiosarchive/unfixed-security-bugs](https://github.com/ludiosarchive/unfixed-security-bugs) A list of publicly known but unfixed security bugs
- [**244**Star][4m] [Java] [xxxyanchenxxx/virtualappex](https://github.com/xxxyanchenxxx/virtualappex) VirtualApp 9.0适配
- [**244**Star][3y] [C#] [t3ntman/social-engineering-payloads](https://github.com/t3ntman/social-engineering-payloads) Collection of social engineering payloads
- [**244**Star][6m] [PS] [rsmudge/elevatekit](https://github.com/rsmudge/elevatekit) The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
- [**244**Star][1y] [Shell] [nviso-be/magisktrustusercerts](https://github.com/nviso-be/magisktrustusercerts) A Magisk module that automatically adds user certificates to the system root CA store
- [**244**Star][4y] [misterch0c/awesome-hacking](https://github.com/misterch0c/awesome-hacking) A collection of various awesome lists for hackers, pentesters and security researchers
- [**244**Star][11d] [JS] [lmammino/jwt-cracker](https://github.com/lmammino/jwt-cracker) Simple HS256 JWT token brute force cracker
- [**244**Star][19d] [Py] [initstring/uptux](https://github.com/initstring/uptux) Linux privilege escalation checks (systemd, dbus, socket fun, etc)
- [**244**Star][16d] [C] [hardenedlinux/grsecurity-101-tutorials](https://github.com/hardenedlinux/grsecurity-101-tutorials) 增强 Linux 内核安全的内核补丁集
- [**244**Star][1y] [duoergun0729/2book](https://github.com/duoergun0729/2book) 《Web安全之深度学习实战》
- [**244**Star][3y] [PS] [dafthack/hostrecon](https://github.com/dafthack/hostrecon) This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
- [**244**Star][13d] [Py] [calidog/certstream-python](https://github.com/calidog/certstream-python) Python library for connecting to CertStream
- [**243**Star][10d] [JS] [fooballz/pulsar](https://github.com/fooballz/pulsar) Network footprint scanner platform. Discover domains and run your custom checks periodically.
- [**243**Star][10d] [Go] [tnozicka/openshift-acme](https://github.com/tnozicka/openshift-acme) ACME Controller for OpenShift and Kubernetes Cluster. (Supports e.g. Let's Encrypt)
- [**243**Star][16d] [Shell] [hak5/packetsquirrel-payloads](https://github.com/hak5/packetsquirrel-payloads) The Official Packet Squirrel Payload Repository
- [**243**Star][12d] [Java] [nowsecure/android-forensics](https://github.com/nowsecure/android-forensics) Open source Android Forensics app and framework
- [**243**Star][13d] [Py] [volatilityfoundation/profiles](https://github.com/volatilityfoundation/profiles) Volatility profiles for Linux and Mac OS X
- [**243**Star][10m] [Py] [spiderlabs/hosthunter](https://github.com/spiderlabs/hosthunter) HostHunter a recon tool for discovering hostnames using OSINT techniques.
- [**243**Star][25d] [PHP] [smaash/quasibot](https://github.com/smaash/quasibot) complex webshell manager, quasi-http botnet.
- [**243**Star][11d] [C++] [shonumi/gbe-plus](https://github.com/shonumi/gbe-plus) DMG/GBC/GBA emulator and experimental NDS emulator.
- [**243**Star][10d] [Coq] [mit-plv/fiat-crypto](https://github.com/mit-plv/fiat-crypto) Cryptographic Primitive Code Generation by Fiat
- [**243**Star][4m] [C] [limneos/mobileminer](https://github.com/limneos/mobileminer) CPU Miner for ARM64 iOS Devices
- [**243**Star][10d] [Go] [lc/secretz](https://github.com/lc/secretz) secretz, minimizing the large attack surface of Travis CI
- [**243**Star][10d] [C] [larsbrinkhoff/httptunnel](https://github.com/larsbrinkhoff/httptunnel) Bidirectional data stream tunnelled in HTTP requests.
- [**243**Star][4m] [Julia] [jrevels/cassette.jl](https://github.com/jrevels/cassette.jl) Overdub Your Julia Code
- [**243**Star][12d] [C#] [jfaler/soup](https://github.com/jfaler/soup) 
- [**243**Star][3y] [C] [hyln9/vikiroot](https://github.com/hyln9/vikiroot) CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow
- [**243**Star][15d] [Rust] [gamozolabs/mesos](https://github.com/gamozolabs/mesos) Binary coverage tool without binary modification for Windows
- [**243**Star][25d] [Py] [fsgmhoward/shadowsocks-py-mu](https://github.com/fsgmhoward/shadowsocks-py-mu) A fast tunnel proxy server for multiple users
- [**243**Star][16d] [Ruby] [fabric8io/fluent-plugin-kubernetes_metadata_filter](https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter) Enrich your fluentd events with Kubernetes metadata
- [**243**Star][14d] [Py] [caringcaribou/caringcaribou](https://github.com/caringcaribou/caringcaribou) A friendly car security exploration tool for the CAN bus
- [**243**Star][4m] [Java] [0xalexei/infiltrate2019](https://github.com/0xalexei/infiltrate2019) INFILTRATE 2019 Demo Materials
- [**242**Star][13d] [Py] [ssjssh/algorithm](https://github.com/ssjssh/algorithm) 我用Python写的一些算法
- [**242**Star][7d] [Go] [benpye/wsl-ssh-pageant](https://github.com/benpye/wsl-ssh-pageant) A Pageant -> TCP bridge for use with WSL, allowing for Pageant to be used as an ssh-ageant within the WSL environment.
- [**242**Star][10d] [JS] [sjitech/proxy-login-automator](https://github.com/sjitech/proxy-login-automator) A single node.js script to automatically inject user/password to http proxy server via a local forwarder
- [**242**Star][16d] [Py] [inconvergent/sand-spline](https://github.com/inconvergent/sand-spline) generative algorithm
- [**242**Star][12d] [v2ray/dist](https://github.com/v2ray/dist) Mirror of V2Ray core releases
- [**242**Star][8m] [JS] [mattcg/socks5-http-client](https://github.com/mattcg/socks5-http-client) SOCKS v5 HTTP client implementation in JavaScript for Node.js.
- [**242**Star][28d] [Py] [brad-sp/cuckoo-modified](https://github.com/brad-sp/cuckoo-modified) Modified edition of cuckoo
- [**242**Star][13d] [Py] [beeware/bugjar](https://github.com/beeware/bugjar) A interactive graphical debugger for Python code.
- [**242**Star][6m] [Rust] [hirrolot/anevicon](https://github.com/Hirrolot/anevicon) 
- [**242**Star][7y] [Py] [xen0ph0n/yaragenerator](https://github.com/xen0ph0n/yaragenerator) quick, simple, and effective yara rule creation to isolate malware families and other malicious objects of interest
- [**242**Star][14d] [Py] [withdk/badusb2-mitm-poc](https://github.com/withdk/badusb2-mitm-poc) BadUSB 2.0 USB-HID MiTM POC
- [**242**Star][7m] [C#] [tyranid/exploitremotingservice](https://github.com/tyranid/exploitremotingservice) A tool to exploit .NET Remoting Services
- [**242**Star][3m] [Py] [secureworks/dalton](https://github.com/secureworks/dalton) Suricata and Snort IDS rule and pcap testing system
- [**242**Star][26d] [C++] [pellegre/libcrafter](https://github.com/pellegre/libcrafter) A high level C++ network packet sniffing and crafting library.
- [**242**Star][3y] [Py] [panagiks/rspet](https://github.com/panagiks/rspet) RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
- [**242**Star][27d] [Py] [minhnhat93/tf-sndcgan](https://github.com/minhnhat93/tf-sndcgan) Tensorflow Implementation of the paper "Spectral Normalization for Generative Adversarial Networks" (ICML 2017 workshop)
- [**242**Star][12d] [C++] [mapbox/jni.hpp](https://github.com/mapbox/jni.hpp) A modern, type-safe, header-only, C++14 wrapper for JNI
- [**242**Star][2y] [C#] [leechristensen/spoolsample](https://github.com/leechristensen/spoolsample) PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
- [**242**Star][1y] [harmoc/ctftools](https://github.com/harmoc/ctftools) Personal CTF Toolkit
- [**242**Star][10d] [C++] [google/libprotobuf-mutator](https://github.com/google/libprotobuf-mutator) Library for structured fuzzing with protobuffers
- [**242**Star][3m] [JS] [exodusintel/cve-2019-5786](https://github.com/exodusintel/cve-2019-5786) FileReader Exploit
- [**242**Star][2y] [C#] [djhohnstein/sharpweb](https://github.com/djhohnstein/sharpweb) .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
- [**242**Star][22d] [Perl] [daniel-nichter/hackmysql.com](https://github.com/daniel-nichter/hackmysql.com) Deprecated tools from HackMySQL.com
- [**242**Star][2m] [Arduino] [damellis/cellphone2](https://github.com/damellis/cellphone2) Second iteration of the DIY cellphone (based on the Arduino GSM shield).
- [**242**Star][14d] [JS] [cliqz-oss/local-sheriff](https://github.com/cliqz-oss/local-sheriff) Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII) are being shared / leaked to which all third-parties.
- [**242**Star][12d] [C] [cathugger/mkp224o](https://github.com/cathugger/mkp224o) vanity address generator for tor onion v3 (ed25519) hidden services
- [**242**Star][11d] [Py] [boy-hack/hack-requests](https://github.com/boy-hack/hack-requests) 给黑客们使用的http底层网络库
- [**241**Star][1m] [Py] [shellphish/ictf-framework](https://github.com/shellphish/ictf-framework) The iCTF Framework, presented by Shellphish!
- [**241**Star][1m] [C++] [facebookarchive/ds2](https://github.com/facebookarchive/ds2) Debug server for lldb.
- [**241**Star][13d] [Visual Basic] [kylebanks/xorencryption](https://github.com/kylebanks/xorencryption) XOR encryption implementations for several languages.
- [**241**Star][4m] [Py] [jessemelpolio/faster_rcnn_for_dota](https://github.com/jessemelpolio/faster_rcnn_for_dota) Code used for training Faster R-CNN on DOTA
- [**241**Star][1y] [ObjC] [lmirosevic/gbping](https://github.com/lmirosevic/gbping) Highly accurate ICMP Ping controller for iOS
- [**241**Star][20d] [Java] [googlearchive/android-bluetoothadvertisements](https://github.com/googlearchive/android-BluetoothAdvertisements) Migrated:
- [**241**Star][28d] [Java] [schibsted/strongbox](https://github.com/schibsted/strongbox) A secret manager for AWS
- [**241**Star][7m] [Java] [samlraider/samlraider](https://github.com/samlraider/samlraider) SAML2 Burp Extension
- [**241**Star][13d] [Py] [q3k/chubby75](https://github.com/q3k/chubby75) Linsn RV901T HUB75 LED "Receiver Card" Reverse Engineering
- [**241**Star][11d] [Py] [preempt/credssp](https://github.com/preempt/credssp) A code demonstrating CVE-2018-0886
- [**241**Star][16d] [Py] [nethunteros/punter](https://github.com/nethunteros/punter) Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, Shodan, Crimeflare
- [**241**Star][2y] [Py] [nccgroup/shocker](https://github.com/nccgroup/shocker) A tool to find and exploit servers vulnerable to Shellshock
- [**241**Star][10d] [C++] [mxmssh/manul](https://github.com/mxmssh/manul) Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS
- [**241**Star][8m] [JS] [martinzhou2015/srcms](https://github.com/martinzhou2015/srcms) SRCMS企业应急响应与缺陷管理系统
- [**241**Star][25d] [JS] [liyangready/multiple-host](https://github.com/liyangready/multiple-host) 虚拟host解决方案，轻松实现两套host环境
- [**241**Star][4y] [Py] [ftramer/steal-ml](https://github.com/ftramer/steal-ml) Model extraction attacks on Machine-Learning-as-a-Service platforms.
- [**241**Star][10d] [OCaml] [fkie-cad/cwe_checker](https://github.com/fkie-cad/cwe_checker) cwe_checker finds vulnerable patterns in binary executables
- [**241**Star][1m] [C++] [facebookarchive/ds2](https://github.com/facebookarchive/ds2) Debug server for lldb.
- [**241**Star][1y] [PHP] [delight-im/php-privacypolicy](https://github.com/delight-im/php-privacypolicy) Programmatically composable privacy policies for humans and machines
- [**241**Star][13d] [Perl] [davidpepper/fierce-domain-scanner](https://github.com/davidpepper/fierce-domain-scanner) Fierce.pl Domain Scanner
- [**241**Star][10d] [Py] [atlas0fd00m/rfcat](https://github.com/atlas0fd00m/rfcat) swiss-army knife of ISM band radio
- [**241**Star][1y] [psiphon/psiphon-circumvention-system](https://bitbucket.org/psiphon/psiphon-circumvention-system) a relay-based Internet censorship circumventer.
- [**240**Star][2y] [Py] [3summer/ctf-rsa-tool](https://github.com/3summer/CTF-RSA-tool) a little tool help CTFer solve RSA problem
- [**240**Star][4m] [security-checklist/php-security-check-list](https://github.com/security-checklist/php-security-check-list) PHP Security Check List [ EN ]
- [**240**Star][5y] [C] [softethervpn/win10pcap](https://github.com/softethervpn/win10pcap) WinPcap for Windows 10 (NDIS 6.x driver model)
- [**240**Star][16d] [saswatanand/symexbib](https://github.com/saswatanand/symexbib) A bibliography of papers related to symbolic execution
- [**240**Star][12d] [Py] [robotattackorg/robot-detect](https://github.com/robotattackorg/robot-detect) Detection script for the ROBOT vulnerability
- [**240**Star][10d] [Py] [rhinosecuritylabs/ccat](https://github.com/rhinosecuritylabs/ccat) Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
- [**240**Star][10d] [JS] [owasp/samm](https://github.com/owasp/samm) Software Assurance Maturity Model 
- [**240**Star][15d] [Py] [nyxgeek/lyncsmash](https://github.com/nyxgeek/lyncsmash) locate and attack Lync/Skype for Business
- [**240**Star][2y] [kinimiwar/penetration-testing](https://github.com/kinimiwar/penetration-testing) List of awesome penetration testing resources, tools and other shiny things
- [**240**Star][4m] [Java] [jieyushi/luffy](https://github.com/jieyushi/luffy) Android字节码插件，编译期间动态修改代码，改造添加全埋点日志采集功能模块，对常见控件进行监听处理
- [**240**Star][11d] [PHP] [gallopyd/domain-tool](https://github.com/gallopyd/domain-tool) 微信域名拦截检测、QQ域名拦截检测、域名Whois查询：
- [**240**Star][11d] [Py] [famavott/osint-scraper](https://github.com/famavott/osint-scraper) Social Recon
- [**240**Star][4m] [Py] [daenerys-sre/source](https://github.com/daenerys-sre/source)  A framework for interoperability between IDA and Ghidra
- [**240**Star][14d] [PHP] [cuckoosandbox/monitor](https://github.com/cuckoosandbox/monitor) The new Cuckoo Monitor.
- [**240**Star][4m] [Go] [cloudflare/xdpcap](https://github.com/cloudflare/xdpcap) tcpdump like XDP packet capture
- [**239**Star][1m] [Shell] [mobtitude/docker-vpn-pptp](https://github.com/mobtitude/docker-vpn-pptp) Simple VPN (PPTP) server in Docker
- [**239**Star][14d] [lanjelot/kb](https://github.com/lanjelot/kb) Respositoy of all my notes on infosec I have been building up over the years
- [**239**Star][24d] [C] [cmu-sei/scale](https://github.com/cmu-sei/scale) SCALe (Source Code Analysis Lab) is a static analysis aggregator/correlator which enables a source code analyst to combine static analysis results from multiple tools into one interface, and also provides mappings for diagnostics from the tools to the SEI CERT Secure Coding standards.
- [**239**Star][3y] [wizardforcel/web-hacking-101-zh](https://github.com/wizardforcel/web-hacking-101-zh) 
- [**239**Star][1m] [JS] [whizzzkid/instagram-proxy-api](https://github.com/whizzzkid/instagram-proxy-api) CORS compliant API to access Instagram's public data
- [**239**Star][28d] [vschiavoni/sgx-papers](https://github.com/vschiavoni/sgx-papers) A list of system papers using/about Intel SGX
- [**239**Star][4m] [Java] [virb3/trustmealready](https://github.com/virb3/trustmealready) 
- [**239**Star][4m] [C#] [thrdev/socks5](https://github.com/thrdev/socks5) A full-fledged high-performance socks5 proxy server written in C#. Plugin support included.
- [**239**Star][10m] [Java] [thisislibra/androidprojectcreator](https://github.com/thisislibra/androidprojectcreator) Convert an APK to an Android Studio Project using multiple open-source decompilers
- [**239**Star][19d] [C] [sleinen/samplicator](https://github.com/sleinen/samplicator) Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing
- [**239**Star][20d] [HTML] [sectalks/sectalks](https://github.com/sectalks/sectalks) CTFs, solutions and presentations
- [**239**Star][16d] [Py] [scrapy-plugins/scrapy-jsonrpc](https://github.com/scrapy-plugins/scrapy-jsonrpc) Scrapy extension to control spiders using JSON-RPC
- [**239**Star][10d] [Java] [rohanpadhye/jqf](https://github.com/rohanpadhye/jqf) JQF + Zest: Coverage-guided semantic fuzzing for Java.
- [**239**Star][13d] [PHP] [ripsscanner/rips](https://github.com/ripsscanner/rips) RIPS - A static source code analyser for vulnerabilities in PHP scripts
- [**239**Star][12d] [Shell] [nccgroup/metasploitavevasion](https://github.com/nccgroup/metasploitavevasion) Metasploit AV Evasion Tool
- [**239**Star][12d] [Py] [mgeeky/tomcatwardeployer](https://github.com/mgeeky/tomcatwardeployer) Apache Tomcat auto WAR deployment & pwning penetration testing tool.
- [**239**Star][3y] [Visual Basic .NET] [malwares/crypter](https://github.com/malwares/crypter) Windows Crypter
- [**239**Star][6y] [C] [conix-security/zer0m0n](https://github.com/conix-security/zer0m0n) zer0m0n driver for cuckoo sandbox
- [**239**Star][6y] [Py] [adastra-thw/pyhacks](https://github.com/adastra-thw/pyhacks) Python Scripts for Hacking .
- [**238**Star][11d] [PHP] [cuijun123/phpdhtspider](https://github.com/cuijun123/phpdhtspider) php实现的dht爬虫
- [**238**Star][12d] [JS] [dukweeno/duckuino](https://github.com/Dukweeno/Duckuino) Simple DuckyScript to Arduino C converter.
- [**238**Star][4m] [JS] [freedomprevails/jsmtproxy](https://github.com/freedomprevails/jsmtproxy) High Performance NodeJS MTProto Proxy
- [**238**Star][16d] [Scala] [vinyldns/vinyldns](https://github.com/vinyldns/vinyldns) DNS Governance for streamlining DNS operations and enabling safe and secure DNS self-service
- [**238**Star][3m] [JS] [tomaszrewak/ml-games](https://github.com/tomaszrewak/ml-games) Machine learning games. Use combination of genetic algorithms and neural networks to control the behaviour of in-game objects.
- [**238**Star][1m] [C] [rkx1209/kernel_exploit_world](https://github.com/rkx1209/kernel_exploit_world) Tutorial for writing kernel exploits
- [**238**Star][11d] [C++] [checkpointsw/invizzzible](https://github.com/CheckPointSW/InviZzzible) InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
- [**238**Star][12d] [JS] [dukweeno/duckuino](https://github.com/dukweeno/duckuino) Simple DuckyScript to Arduino C converter.
- [**238**Star][28d] [JS] [chokcoco/cnblogspider](https://github.com/chokcoco/cnblogspider) 基于nodejs 的博客园爬虫项目
- [**238**Star][19d] [C++] [ucsb-seclab/dr_checker](https://github.com/ucsb-seclab/dr_checker)  A Soundy Vulnerability Detection Tool for Linux Kernel Drivers
- [**238**Star][14d] [C] [trailofbits/krf](https://github.com/trailofbits/krf) A kernelspace syscall interceptor and randomized faulter
- [**238**Star][1m] [ObjC] [sticktron/g0blin](https://github.com/sticktron/g0blin) a work-in-progress jailbreak for iOS 10.3.x (A7-A9)
- [**238**Star][18d] [ObjC] [rickyzhang82/tethering](https://github.com/rickyzhang82/tethering) Proxy and DNS Server on iOS
- [**238**Star][10d] [Py] [mazen160/server-status_pwn](https://github.com/mazen160/server-status_pwn) A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
- [**238**Star][11d] [Py] [matrix1001/welpwn](https://github.com/matrix1001/welpwn) make pwnning an art, freeing you from dozens of meaningless jobs
- [**238**Star][1m] [C] [libyal/libfvde](https://github.com/libyal/libfvde) Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes
- [**238**Star][1m] [C] [jduck/asus-cmd](https://github.com/jduck/asus-cmd) ASUS Router infosvr UDP Broadcast root Command Execution
- [**238**Star][19d] [Go] [fardog/secureoperator](https://github.com/fardog/secureoperator) A DNS-protocol proxy for DNS-over-HTTPS providers, such as Google and Cloudflare
- [**238**Star][3m] [JS] [eosio/eosjs-ecc](https://github.com/eosio/eosjs-ecc) Elliptic curve cryptography functions: Private Key, Public Key, Signature, AES, Encryption, Decryption
- [**238**Star][9m] [C] [dongdongshe/neuzz](https://github.com/dongdongshe/neuzz) neural network assisted fuzzer
- [**238**Star][4m] [Py] [brent-stone/can_reverse_engineering](https://github.com/brent-stone/can_reverse_engineering) Automated Payload Reverse Engineering Pipeline for the Controller Area Network (CAN) protocol
- [**238**Star][29d] [Go] [apuigsech/seekret](https://github.com/apuigsech/seekret) Go library and command line to seek for secrets on various sources.
- [**237**Star][10d] [TS] [nwtgck/actions-comment-run](https://github.com/nwtgck/actions-comment-run) Execute any script in a GitHub issue comment
- [**237**Star][11d] [Py] [ganeti/ganeti](https://github.com/ganeti/ganeti) Ganeti is a virtual machine cluster management tool built on top of existing virtualization technologies such as Xen or KVM and other open source software.
- [**237**Star][5m] [Java] [owasp/mstg-hacking-playground](https://github.com/OWASP/MSTG-Hacking-Playground) 不安全的iOS/Android App集合
- [**237**Star][3m] [Py] [x25/coinhive-stratum-mining-proxy](https://github.com/x25/coinhive-stratum-mining-proxy) Browser mining on any pool using CoinHive.js library
- [**237**Star][2m] [TS] [weichx/cerialize](https://github.com/weichx/cerialize) Easy serialization through ES7/Typescript annotations
- [**237**Star][11m] [HTML] [rootup/bfuzz](https://github.com/rootup/bfuzz) Fuzzing Browsers
- [**237**Star][2y] [C++] [nickcano/xenoscan](https://github.com/nickcano/xenoscan) Open source memory scanner written in C++
- [**237**Star][2m] [PHP] [mtdowling/transducers.php](https://github.com/mtdowling/transducers.php) Composable algorithmic transformations in PHP
- [**237**Star][12d] [OCaml] [mirleft/ocaml-tls](https://github.com/mirleft/ocaml-tls) TLS in pure OCaml
- [**237**Star][7d] [C#] [med0x2e/gadgettojscript](https://github.com/med0x2e/gadgettojscript) A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
- [**237**Star][16d] [Py] [ivanvza/arpy](https://github.com/ivanvza/arpy) Mac OSX ARP spoof (MiTM) tool that can also plug into Gource
- [**237**Star][7y] [Py] [gifts/rogue-mysql-server](https://github.com/gifts/rogue-mysql-server) Rogue MySql Server
- [**237**Star][1y] [C] [geosn0w/osirisjailbreak12](https://github.com/geosn0w/osirisjailbreak12) iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)
- [**237**Star][23d] [Py] [elevenpaths/ibombshell](https://github.com/elevenpaths/ibombshell) Tool to deploy a post-exploitation prompt at any time
- [**237**Star][11d] [Py] [duo-labs/isthislegit](https://github.com/duo-labs/isthislegit) Dashboard to collect, analyze, and respond to reported phishing emails.
- [**237**Star][2y] [Java] [difcareer/sqlmap4burp](https://github.com/difcareer/sqlmap4burp) sqlmap embed in burpsuite
- [**237**Star][20d] [Java] [commonsguy/cwac-netsecurity](https://github.com/commonsguy/cwac-netsecurity) CWAC-NetSecurity: Simplifying Secure Internet Access
- [**237**Star][16d] [C] [cloudflare/keyless](https://github.com/cloudflare/keyless) Cloudflare's Keyless SSL Server Reference Implementation
- [**237**Star][15d] [Py] [automatingosint/osint_public](https://github.com/automatingosint/osint_public) 
- [**236**Star][11d] [Py] [scriptsmith/socialreaper](https://github.com/scriptsmith/socialreaper) Social media scraping / data collection library for Facebook, Twitter, Reddit, YouTube, Pinterest, and Tumblr APIs
- [**236**Star][4m] [C++] [google/path-auditor](https://github.com/google/path-auditor) 
- [**236**Star][24d] [C] [iceonsun/rsock](https://github.com/iceonsun/rsock) The best companion of kcptun
- [**236**Star][16d] [ignitetechnologies/hackthebox-ctf-writeups](https://github.com/ignitetechnologies/hackthebox-ctf-writeups) This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.
- [**236**Star][15d] [C++] [googleprojectzero/bochspwn-reloaded](https://github.com/googleprojectzero/bochspwn-reloaded) A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
- [**236**Star][12d] [Py] [ydkhatri/mac_apt](https://github.com/ydkhatri/mac_apt) macOS Artifact Parsing Tool
- [**236**Star][1y] [C] [wkz/ply](https://github.com/wkz/ply) Light-weight Dynamic Tracer for Linux
- [**236**Star][14d] [Py] [pcbje/gransk](https://github.com/pcbje/gransk) Document processing for investigations
- [**236**Star][30d] [JS] [pavanw3b/sh00t](https://github.com/pavanw3b/sh00t) Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
- [**236**Star][15d] [Py] [marekrei/sequence-labeler](https://github.com/marekrei/sequence-labeler) Neural network sequence labeling model
- [**236**Star][2y] [Shell] [linuz/sticky-keys-slayer](https://github.com/linuz/sticky-keys-slayer) Scans for accessibility tools backdoors via RDP
- [**236**Star][10d] [C] [libyal/libesedb](https://github.com/libyal/libesedb) Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
- [**236**Star][9m] [Py] [isaacdelly/plutus](https://github.com/isaacdelly/plutus) An automated bitcoin wallet collider that brute forces random wallet addresses
- [**236**Star][13d] [Py] [initstring/cloud_enum](https://github.com/initstring/cloud_enum) Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
- [**236**Star][2y] [JS] [google/password-alert](https://github.com/google/password-alert) A Chrome Extension to help protect against phishing attacks.
- [**236**Star][10d] [JS] [firewalla/firewalla](https://github.com/firewalla/firewalla) 
- [**236**Star][2y] [C++] [fireeye/simplifygraph](https://github.com/fireeye/simplifygraph) IDA Pro plugin to assist with complex graphs
- [**236**Star][4y] [C] [canbus-triple/canbus-triple](https://github.com/canbus-triple/canbus-triple) CANBus Triple – The car hacking platform
- [**236**Star][11d] [Py] [alibaba/iossecaudit](https://github.com/alibaba/iossecaudit) iOS Security Audit Toolit - A semi-automatic tool for iOS App security audit and iOS reverse engineering
- [**235**Star][10d] [C++] [nccgroup/socksoverrdp](https://github.com/nccgroup/SocksOverRDP) Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services
- [**235**Star][14d] [C#] [shinlor/v2rays](https://github.com/shinlor/v2rays) 一个V2Ray的Windows客户端
- [**235**Star][7d] [PHP] [wofeiwo/webcgi-exploits](https://github.com/wofeiwo/webcgi-exploits) Multi-language web CGI interfaces exploits.
- [**235**Star][15d] [Py] [the-useless-one/pywerview](https://github.com/the-useless-one/pywerview) A (partial) Python rewriting of PowerSploit's PowerView
- [**235**Star][19d] [C] [sztupy/luadec51](https://github.com/sztupy/luadec51) Lua Decompiler for Lua version 5.1
- [**235**Star][3y] [C++] [silentbreaksec/throwback](https://github.com/silentbreaksec/throwback) HTTP/S Beaconing Implant
- [**235**Star][11d] [Py] [ruped24/toriptables2](https://github.com/ruped24/toriptables2) Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the Tor network.
- [**235**Star][11m] [Py] [rub-nds/corstest](https://github.com/rub-nds/corstest) A simple CORS misconfiguration scanner
- [**235**Star][14d] [Py] [requests/requests-ntlm](https://github.com/requests/requests-ntlm) NTLM authentication support for Requests.
- [**235**Star][4y] [Py] [pyana/pyana](https://github.com/pyana/pyana) Analyzing the Windows shellcode
- [**235**Star][25d] [C] [opsxcq/exploit-cve-2017-7494](https://github.com/opsxcq/exploit-cve-2017-7494) SambaCry exploit and vulnerable container (CVE-2017-7494)
- [**235**Star][1y] [C++] [microsoft/windbg-samples](https://github.com/microsoft/windbg-samples) Sample extensions, scripts, and API uses for WinDbg.
- [**235**Star][10d] [Py] [martinvigo/email2phonenumber](https://github.com/martinvigo/email2phonenumber) A OSINT tool to obtain a target's phone number just by having his email address
- [**235**Star][5y] [C] [maijin/workshop2015](https://github.com/maijin/workshop2015) Radare2 Workshop
- [**235**Star][4y] [PS] [invoke-ir/uproot](https://github.com/invoke-ir/uproot) Currently not updated for WMIEvent module...
- [**235**Star][2m] [Py] [honeynet/beeswarm](https://github.com/honeynet/beeswarm) Honeypot deployment made easy
- [**235**Star][19d] [Java] [h3xstream/http-script-generator](https://github.com/h3xstream/http-script-generator) ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
- [**235**Star][14d] [C++] [emsec/hal](https://github.com/emsec/hal) HAL – The Hardware Analyzer
- [**235**Star][13d] [cure53/browser-sec-whitepaper](https://github.com/cure53/browser-sec-whitepaper) Cure53 Browser Security White Paper
- [**235**Star][3y] [Perl] [brendangregg/heatmap](https://github.com/brendangregg/heatmap) Heat map generation tools
- [**235**Star][16d] [axi0mx/alloc8](https://github.com/axi0mx/alloc8) Write-up for alloc8 untethered bootrom exploit for iPhone 3GS
- [**235**Star][2y] [Shell] [aplura/tango](https://github.com/aplura/tango) Honeypot Intelligence with Splunk
- [**235**Star][8m] [Py] [anon-exploiter/sitebroker](https://github.com/anon-exploiter/sitebroker) A cross-platform python based utility for information gathering and penetration testing automation!
- [**234**Star][4m] [C] [pbatard/uefi-ntfs](https://github.com/pbatard/uefi-ntfs) UEFI:NTFS - Boot NTFS partitions from UEFI
- [**234**Star][14d] [C] [gjedeer/tuntox](https://github.com/gjedeer/tuntox) Tunnel TCP connections over the Tox protocol
- [**234**Star][10d] [C] [trezor/trezor-firmware](https://github.com/trezor/trezor-firmware) 
- [**234**Star][2m] [TS] [epiqueras/getsy](https://github.com/epiqueras/getsy) A simple browser/client-side web scraper.
- [**234**Star][4m] [PS] [tonyphipps/meerkat](https://github.com/tonyphipps/meerkat) A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
- [**234**Star][19d] [Py] [tkcert/mail-security-tester](https://github.com/tkcert/mail-security-tester) A testing framework for mail security and filtering solutions.
- [**234**Star][12d] [Py] [threatresponse/aws_ir](https://github.com/threatresponse/aws_ir) Python installable command line utiltity for mitigation of host and key compromises.
- [**234**Star][1m] [Py] [rivermont/spidy](https://github.com/rivermont/spidy) The simple, easy to use command line web crawler.
- [**234**Star][1y] [C] [reisyukaku/reinand](https://github.com/reisyukaku/reinand) Minimalist 3DS custom firmware.
- [**234**Star][4m] [Py] [rajeshmajumdar/brutexss](https://github.com/rajeshmajumdar/brutexss) BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience.
- [**234**Star][1y] [Shell] [r00t-3xp10it/meterpreter_paranoid_mode-ssl](https://github.com/r00t-3xp10it/meterpreter_paranoid_mode-ssl) Meterpreter Paranoid Mode - SSL/TLS connections
- [**234**Star][11d] [C] [open-mpi/hwloc](https://github.com/open-mpi/hwloc) Hardware locality (hwloc)
- [**234**Star][10d] [Py] [malicialab/avclass](https://github.com/malicialab/avclass) AVClass malware labeling tool
- [**234**Star][12d] [Go] [jasonish/evebox](https://github.com/jasonish/evebox) Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
- [**234**Star][2y] [Java] [ikkisoft/serialkiller](https://github.com/ikkisoft/serialkiller) Look-Ahead Java Deserialization Library
- [**234**Star][14d] [C] [dpw/kvm-hello-world](https://github.com/dpw/kvm-hello-world) A minimal kvm example
- [**234**Star][26d] [C] [david942j/ctf-writeups](https://github.com/david942j/ctf-writeups) Collection of scripts and writeups
- [**234**Star][3m] [Py] [cyberreboot/poseidon](https://github.com/cyberreboot/poseidon) Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict both the type of device and if the device is acting normally or abnormally.
- [**234**Star][18d] [Py] [bhavsec/reconspider](https://github.com/bhavsec/reconspider) most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources.
- [**234**Star][2y] [PHP] [adamdoupe/wackopicko](https://github.com/adamdoupe/wackopicko) WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
- [**233**Star][11d] [C] [libusb/hidapi](https://github.com/libusb/hidapi) A Simple library for communicating with USB and Bluetooth HID devices on Linux, Mac and Windows.
- [**233**Star][15d] [Go] [yinghuocho/gotun2socks](https://github.com/yinghuocho/gotun2socks) A Golang implementation of tun2socks
- [**233**Star][15d] [Go] [koding/websocketproxy](https://github.com/koding/websocketproxy) WebSocket reverse proxy handler for Go
- [**233**Star][5m] [Py] [stamparm/identywaf](https://github.com/stamparm/identywaf) Blind WAF identification tool
- [**233**Star][5m] [squonk42/tl-wr703n](https://github.com/squonk42/tl-wr703n) Reverse Engineering work on the TP-LINK TL-WR703N 150M 802.11n Wi-Fi Router
- [**233**Star][16d] [Go] [seeleteam/go-seele](https://github.com/seeleteam/go-seele) Seele is an open source blockchain project which consists of advanced sharding technology and our innovative anti-asic MPoW consensus algorithm. The ONLY official website is
- [**233**Star][6y] [Shell] [s3jensen/iret](https://github.com/s3jensen/iret)  a toolkit designed to automate many of the common tasks associated with iOS penetration testing
- [**233**Star][14d] [Py] [rub-syssec/syntia](https://github.com/rub-syssec/syntia) Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"
- [**233**Star][13d] [TS] [conetproject/qtgate-desktop-client](https://github.com/CoNETProject/QTGate-Desktop-Client) A revolutionary internet infrastructure enabling a truly free Network, that offers Stability, Trust, Privacy, and Security
- [**233**Star][1m] [JS] [ozaki-r/arm-js](https://github.com/ozaki-r/arm-js) An ARM emulator written in JavaScript
- [**233**Star][2y] [Py] [nccgroup/driverbuddy](https://github.com/nccgroup/driverbuddy) IDA Python script to assist with the reverse engineering of Windows kernel drivers.
- [**233**Star][3y] [Batchfile] [mdsecactivebreach/rdpinception](https://github.com/mdsecactivebreach/rdpinception) A proof of concept for the RDP Inception Attack
- [**233**Star][15d] [Py] [mazen160/struts-pwn_cve-2017-9805](https://github.com/mazen160/struts-pwn_cve-2017-9805) An exploit for Apache Struts CVE-2017-9805
- [**233**Star][2m] [Jupyter Notebook] [james91b/ida_ipython](https://github.com/james91b/ida_ipython) An IDA Pro Plugin for embedding an IPython Kernel
- [**233**Star][1y] [C++] [ionescu007/simpleator](https://github.com/ionescu007/simpleator) Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
- [**233**Star][15d] [Py] [gilligan/vim-lldb](https://github.com/gilligan/vim-lldb) lldb debugger integration plugin for vim
- [**233**Star][17d] [foobarto/redteam-notebook](https://github.com/foobarto/redteam-notebook) Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.
- [**233**Star][12d] [Py] [cheetz/sslscrape](https://github.com/cheetz/sslscrape) SSLScrape | A scanning tool for scaping hostnames from SSL certificates.
- [**233**Star][10d] [JS] [antoinevastel/fpscanner](https://github.com/antoinevastel/fpscanner) detect bots and crawlers using browser fingerprinting.
- [**232**Star][4m] [JS] [apifytech/proxy-chain](https://github.com/apifytech/proxy-chain) Node.js implementation of a proxy server (think Squid) with support for SSL, authentication and upstream proxy chaining.
- [**232**Star][11d] [Go] [inlets/inletsctl](https://github.com/inlets/inletsctl) Create inlets tunnel servers in the cloud
- [**232**Star][12d] [itrump/shadowsocksrss](https://github.com/itrump/shadowsocksrss) shadowsocksR backup, windows / android / mac downloads, source code backup
- [**232**Star][4m] [Shell] [xu-jian/vps](https://github.com/xu-jian/vps) 个人笔记汇总
- [**232**Star][2m] [Py] [trustedsec/spraywmi](https://github.com/trustedsec/spraywmi) SprayWMI is an easy way to get mass shells on systems that support WMI.
- [**232**Star][2y] [Shell] [simonclausen/dnscrypt-autoinstall](https://github.com/simonclausen/dnscrypt-autoinstall) Automatic installation and configuration of DNSCrypt (on Debian + Redhat like systems). This script will install DNSCrypt and configure it to start on boot and use an optional dnscrypt service.
- [**232**Star][16d] [HTML] [mxmssh/drltrace](https://github.com/mxmssh/drltrace) Drltrace is a library calls tracer for Windows and Linux applications.
- [**232**Star][2m] [HTML] [munter/fusile](https://github.com/munter/fusile) A web asset precompiling file system proxy.
- [**232**Star][21d] [HTML] [mongodb-labs/disasm](https://github.com/mongodb-labs/disasm) Interactive Disassembler GUI - This Repository is NOT a supported MongoDB product
- [**232**Star][4y] [C] [markjandrews/wrk-v1.2](https://github.com/markjandrews/wrk-v1.2) Windows Research Kernel
- [**232**Star][22d] [Py] [leapsecurity/libssh-scanner](https://github.com/leapsecurity/libssh-scanner) Script to identify hosts vulnerable to CVE-2018-10933
- [**232**Star][15d] [keesj/gomo](https://github.com/keesj/gomo) Wiki pages about Android internals
- [**232**Star][23d] [Go] [justmao945/mallory](https://github.com/justmao945/mallory) HTTP/HTTPS proxy over SSH
- [**232**Star][15d] [Java] [ewilded/psychopath](https://github.com/ewilded/psychopath) psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.
- [**232**Star][18d] [Py] [dowjones/hammer](https://github.com/dowjones/hammer) Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
- [**232**Star][14d] [Py] [danmcinerney/elite-proxy-finder](https://github.com/danmcinerney/elite-proxy-finder) Finds public elite anonymity proxies and concurrently tests them
- [**232**Star][16d] [d33tah/call-for-wpa3](https://github.com/d33tah/call-for-wpa3) Call for WPA3 - what's wrong with WPA2 security and how to fix it
- [**232**Star][4m] [Py] [az0ne/github_nuggests](https://github.com/az0ne/github_nuggests) 自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱
- [**232**Star][7d] [Shell] [aress31/wirespy](https://github.com/aress31/wirespy) Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
- [**231**Star][14d] [C++] [ylcangel/crack_dexhelper](https://github.com/ylcangel/crack_dexhelper) 梆梆企业加固详细逆向分析过程， 包含两种对该加固的脱壳机（直接解密classes0.jar和基于frida hook）
- [**231**Star][10d] [Shell] [valian/docker-nginx-auto-ssl](https://github.com/valian/docker-nginx-auto-ssl) Docker image for automatic generation of SSL certs using Let's encrypt and Open Resty
- [**231**Star][10d] [Rust] [etcdevteam/sputnikvm](https://github.com/etcdevteam/sputnikvm) A Blockchain Virtual Machine
- [**231**Star][10d] [JS] [feross/p2p-graph](https://github.com/feross/p2p-graph) Real-time P2P network visualization with D3
- [**231**Star][8d] [Shell] [91yun/91yuntest](https://github.com/91yun/91yuntest) 91云服务器一键测试包
- [**231**Star][2m] [HTML] [nicehash/excavator](https://github.com/nicehash/excavator) NiceHash's proprietary low-level CUDA miner
- [**231**Star][16d] [C++] [apt69/comahawk](https://github.com/apt69/comahawk) Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322
- [**231**Star][18d] [jiansiting/kali-windows](https://github.com/jiansiting/kali-windows) Kali Windows
- [**231**Star][2m] [Py] [praetorian-code/pyshell](https://github.com/praetorian-code/pyshell) PyShell makes interacting with web-based command injection less painful, emulating the feel of an interactive shell as much as possible.
- [**231**Star][29d] [GLSL] [westpointltd/tls_prober](https://github.com/westpointltd/tls_prober) A tool to fingerprint SSL/TLS servers
- [**231**Star][10d] [Shell] [vedetta-com/vedetta](https://github.com/vedetta-com/vedetta) OpenBSD Router Boilerplate
- [**231**Star][15d] [Py] [uber/focuson](https://github.com/uber/focuson) A tool to surface security issues in python code
- [**231**Star][3y] [Swift] [trailofbits/secureenclavecrypto](https://github.com/trailofbits/secureenclavecrypto) Demonstration library for using the Secure Enclave on iOS
- [**231**Star][2m] [JS] [firebug/firebug.next](https://github.com/firebug/firebug.next) Next Firebug generation built on top of native Firefox developer tools
- [**231**Star][16d] [XSLT] [ernw/nmap-parse-output](https://github.com/ernw/nmap-parse-output) Converts/manipulates/extracts data from a Nmap scan output.
- [**231**Star][14d] [C] [ehsahil/recon-my-way](https://github.com/ehsahil/recon-my-way) This repository created for personal use and added tools from my latest blog post.
- [**230**Star][4m] [PHP] [nikic/php-fuzzer](https://github.com/nikic/php-fuzzer) Experimental fuzzer for PHP libraries
- [**230**Star][12d] [Py] [eracle/linkedin](https://github.com/eracle/linkedin) Linkedin Scraper using Selenium Web Driver, Chromium headless, Docker and Scrapy
- [**230**Star][4m] [Shell] [suniceman/ss-fly](https://github.com/suniceman/ss-fly) 一键脚本搭建ss/ssr并开启bbr内核加速（Ubuntu/CentOS/Debian）
- [**230**Star][14d] [HTML] [izar/pytm](https://github.com/izar/pytm) A Pythonic framework for threat modeling
- [**230**Star][10d] [Rust] [jedisct1/encrypted-dns-server](https://github.com/jedisct1/encrypted-dns-server) An easy to install, high-performance, zero maintenance proxy to run an encrypted DNS server.
- [**230**Star][4m] [PS] [xyntax/badusb-code](https://github.com/xyntax/badusb-code) 收集badusb的一些利用方式及代码
- [**230**Star][13d] [Py] [volatilityfoundation/community](https://github.com/volatilityfoundation/community) Volatility plugins developed and maintained by the community
- [**230**Star][4y] [Ruby] [strazzere/apkfuscator](https://github.com/strazzere/apkfuscator) A generic DEX file obfuscator and munger
- [**230**Star][1m] [Ruby] [sophsec/ruby-nmap](https://github.com/sophsec/ruby-nmap) A Rubyful interface to the Nmap exploration tool and security / port scanner.
- [**230**Star][3y] [C++] [secrary/infectpe](https://github.com/secrary/infectpe) Inject custom code into PE file [This project is not maintained anymore]
- [**230**Star][24d] [C] [rapid7/meterpreter](https://github.com/rapid7/meterpreter) THIS REPO IS OBSOLETE. USE
- [**230**Star][2y] [JS] [quickbreach/exchangerelayx](https://github.com/quickbreach/exchangerelayx) An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.
- [**230**Star][18d] [Py] [pynetwork/pypcap](https://github.com/pynetwork/pypcap) python libpcap module, forked from code.google.com/p/pypcap, now actively maintained
- [**230**Star][1m] [C] [muquit/mailsend](https://github.com/muquit/mailsend) A program to send mail via SMTP from command line
- [**230**Star][7m] [C++] [kalymos/psnee](https://github.com/kalymos/psnee) PsNee, an open source stealth modchip for the Sony Playstation 1
- [**230**Star][26d] [Py] [internetarchive/warcprox](https://github.com/internetarchive/warcprox) WARC writing MITM HTTP/S proxy
- [**230**Star][5m] [JS] [giper45/dockersecurityplayground](https://github.com/giper45/dockersecurityplayground) A Microservices-based framework for the study of Network Security and Penetration Test techniques
- [**230**Star][3y] [Lua] [centos-bz/httpguard](https://github.com/centos-bz/httpguard) prevent cc attack
- [**230**Star][4m] [JS] [brainshave/ancient-oak](https://github.com/brainshave/ancient-oak) Immutable data trees in JavaScript.
- [**230**Star][5y] [Py] [allfro/pymetasploit](https://github.com/allfro/pymetasploit) A full-fledged msfrpc library for Metasploit framework.
- [**229**Star][10d] [Go] [nange/gospider](https://github.com/nange/gospider) golang实现的爬虫框架，使用者只需关心页面规则，提供web管理界面。基于colly开发。
- [**229**Star][14d] [Py] [anubhavshrimal/data-structures-algorithms](https://github.com/anubhavshrimal/data-structures-algorithms) My implementation of 85+ popular data structures and algorithms and interview questions in Python 3 and C++
- [**229**Star][12d] [Py] [elmundio87/terraform_validate](https://github.com/elmundio87/terraform_validate) Assists in the enforcement of user-defined standards in Terraform
- [**229**Star][12d] [Ruby] [pwnwiki/q](https://github.com/pwnwiki/q) Exploit Pack for Metasploit - Collection of modules gathered across time and internets
- [**229**Star][1y] [ObjC] [uliwitness/ulikit](https://github.com/uliwitness/ulikit) Miscellaneous open-sourced MacOS Cocoa code by yours truly.
- [**229**Star][10d] [Java] [spring-cloud-samples/spring-cloud-contract-samples](https://github.com/spring-cloud-samples/spring-cloud-contract-samples) Samples for Spring Cloud Contract project
- [**229**Star][25d] [Scala] [sotera/spark-distributed-louvain-modularity](https://github.com/sotera/spark-distributed-louvain-modularity) Spark / graphX implementation of the distributed louvain modularity algorithm
- [**229**Star][11d] [C] [owasp/igoat](https://github.com/owasp/igoat) OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar
- [**229**Star][3y] [C] [omriiluz/nrf24-btle-decoder](https://github.com/omriiluz/nrf24-btle-decoder) Sniff and decode NRF24L01+ and Bluetooth Low Energy using RTL-SDR
- [**229**Star][11m] [ANTLR] [myriadrf/limesdr-usb](https://github.com/myriadrf/limesdr-usb) USB 3.0 version of the LimeSDR board
- [**229**Star][18d] [JS] [jtmelton/appsensor](https://github.com/jtmelton/appsensor) A toolkit for building self-defending applications through real-time event detection and response
- [**229**Star][8m] [Py] [jordanpotti/cloudscraper](https://github.com/jordanpotti/cloudscraper) Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
- [**229**Star][19d] [Rust] [jedisct1/rust-doh](https://github.com/jedisct1/rust-doh) A fast and secure DoH (DNS-over-HTTP) server proxy written in Rust.
- [**229**Star][2m] [C] [iaik/armageddon](https://github.com/iaik/armageddon) This repository contains tools to perform modern cache attacks on ARM.
- [**229**Star][4y] [Py] [hood3drob1n/jsrat-py](https://github.com/hood3drob1n/jsrat-py) This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.
- [**229**Star][2y] [C] [hashcat/princeprocessor](https://github.com/hashcat/princeprocessor) Standalone password candidate generator using the PRINCE algorithm
- [**229**Star][15d] [Py] [fox-it/adconnectdump](https://github.com/fox-it/adconnectdump) Dump Azure AD Connect credentials for Azure AD and Active Directory
- [**229**Star][2y] [Shell] [ctfs/write-ups-2018](https://github.com/ctfs/write-ups-2018) Wiki-like CTF write-ups repository, maintained by the community. 2018
- [**229**Star][17d] [Go] [cloudflare/tls-tris](https://github.com/cloudflare/tls-tris) crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED.
- [**229**Star][23d] [Py] [chris408/known_hosts-hashcat](https://github.com/chris408/known_hosts-hashcat) A guide and tool for cracking ssh known_hosts files with hashcat
- [**229**Star][4m] [Go] [brimstone/go-shellcode](https://github.com/brimstone/go-shellcode) Load shellcode into a new process
- [**229**Star][15d] [Rust] [bazelbuild/sandboxfs](https://github.com/bazelbuild/sandboxfs) A virtual file system for sandboxing
- [**229**Star][4m] [Py] [amiller/honeybadgerbft](https://github.com/amiller/honeybadgerbft) The Honey Badger of BFT Protocols
- [**229**Star][13d] [Py] [0xr0/shellver](https://github.com/0xr0/shellver) Reverse Shell Cheat Sheet TooL
- [**228**Star][2m] [Py] [soskek/bookcorpus](https://github.com/soskek/bookcorpus) Crawl BookCorpus
- [**228**Star][4m] [Shell] [pihomeserver/kupiki-hotspot-script](https://github.com/pihomeserver/kupiki-hotspot-script) Create automatically a full Wifi Hotspot on Raspberry Pi including a Captive Portal
- [**228**Star][13d] [popcorner/cernet-ipv6-hosts](https://github.com/popcorner/cernet-ipv6-hosts) Lightweight IPv6 hosts! Access to Google, YouTube, Facebook, Wikipedia via IPv6 and avoid unnecessary block.
- [**228**Star][10d] [Py] [joeyism/linkedin_scraper](https://github.com/joeyism/linkedin_scraper) A library that scrapes Linkedin for user data
- [**228**Star][4m] [C++] [acidanthera/airportbrcmfixup](https://github.com/acidanthera/airportbrcmfixup) An open source kernel extension providing a set of patches required for non-native Airport Broadcom Wi-Fi cards.
- [**228**Star][4m] [Swift] [apple/swift-nio-ssl](https://github.com/apple/swift-nio-ssl) TLS Support for SwiftNIO, based on BoringSSL.
- [**228**Star][16d] [PHP] [opensec-cn/chip](https://github.com/opensec-cn/chip) a simple tool to detect potential security threat in php code
- [**228**Star][20d] [ObjC] [ripperhe/debugo](https://github.com/ripperhe/Debugo) 一个可能有点用的 iOS 调试工具~
- [**228**Star][11d] [newbee119/threat-intelligence](https://github.com/NewBee119/threat-intelligence) 收集的一些国外能提供提供威胁情报的公司，涵盖网络安全、工控安全、终端安全、移动安全等领域
- [**228**Star][4m] [PHP] [wmjonssen/centcount-analytics](https://github.com/wmjonssen/centcount-analytics) An open-source web analytics software. Developed by PHP + MySQL + Redis, Can be easily deployed on your own server, 100% data ownership.
- [**228**Star][28d] [Py] [trustedsec/egressbuster](https://github.com/trustedsec/egressbuster) Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.
- [**228**Star][4m] [C++] [spacehuhn/arduinopcap](https://github.com/spacehuhn/arduinopcap) A library for creating and sending .pcap files for Wireshark and other programms.
- [**228**Star][11d] [Perl] [portcullislabs/enum4linux](https://github.com/portcullislabs/enum4linux) enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.
- [**228**Star][1m] [Go] [netxfly/sec_check](https://github.com/netxfly/sec_check) Cross platform security detection tool
- [**228**Star][6y] [Py] [nccgroup/umap](https://github.com/nccgroup/umap) The USB host security assessment tool
- [**228**Star][12d] [C++] [marcosd4h/memhunter](https://github.com/marcosd4h/memhunter) Live hunting of code injection techniques
- [**228**Star][20d] [C] [lgeek/spec_poc_arm](https://github.com/lgeek/spec_poc_arm) Dump privileged ARM system registers from usermode using variant 3a of Meltdown
- [**228**Star][5m] [Shell] [johnnyxmas/scancannon](https://github.com/johnnyxmas/scancannon) Combines the speed of masscan with the reliability and detailed enumeration of nmap
- [**228**Star][4m] [ivan1ee/net-deserialize](https://github.com/ivan1ee/net-deserialize) 总结了十篇.Net反序列化文章，持续更新
- [**228**Star][21d] [C++] [ha7ilm/qtcsdr](https://github.com/ha7ilm/qtcsdr) It turns your Raspberry Pi 2 and RTL-SDR into an amateur radio transceiver! (Released under BSD license.)
- [**228**Star][4m] [Go] [gamexg/proxyclient](https://github.com/gamexg/proxyclient) golang 代理库，和net一致的API。支持 socks4、socks4a、socks5、http、https 等代理协议。
- [**228**Star][3y] [fuzzysecurity/defcon25](https://github.com/fuzzysecurity/defcon25) UAC 0day, all day!
- [**228**Star][13d] [chaitin/sqlchop](https://github.com/chaitin/sqlchop) [DEPRECATED]A novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis.
- [**227**Star][9d] [C++] [wunkolo/uwpdumper](https://github.com/wunkolo/uwpdumper) DLL and Injector for dumping UWP applications at run-time to bypass encrypted file system protection.
- [**227**Star][7d] [C#] [monomod/monomod](https://github.com/monomod/monomod) A C# modding swiss army knife, powered by cecil.
- [**227**Star][16d] [Go] [knownsec/gsm](https://github.com/knownsec/gsm) 使用树莓派配合硬件来进行短信转发
- [**227**Star][4m] [Py] [skewwg/vulscan](https://github.com/skewwg/vulscan) 漏洞扫描：st2、tomcat、未授权访问等等
- [**227**Star][17d] [Py] [si9int/cc.py](https://github.com/si9int/cc.py) Extracting URLs of a specific target based on the results of "commoncrawl.org"
- [**227**Star][12m] [Java] [shuihuadx/xposedhook](https://github.com/shuihuadx/xposedhook) 免重启Xposed模块改进
- [**227**Star][22d] [C++] [shinnok/johnny](https://github.com/shinnok/johnny) The GUI frontend to the John the Ripper password cracker
- [**227**Star][12d] [PHP] [paragonie/anti-csrf](https://github.com/paragonie/anti-csrf) Full-Featured Anti-CSRF Library
- [**227**Star][27d] [Go] [kotakanbe/go-cve-dictionary](https://github.com/kotakanbe/go-cve-dictionary) Build a local copy of CVE (NVD and Japanese JVN). Server mode for easy querying.
- [**227**Star][2y] [PS] [cobbr/psamsi](https://github.com/cobbr/psamsi) PSAmsi is a tool for auditing and defeating AMSI signatures.
- [**227**Star][1y] [bhdresh/dejavu](https://github.com/bhdresh/dejavu) deception framework which can be used to deploy decoys across the infrastructure
- [**227**Star][13d] [TS] [bevry/getmac](https://github.com/bevry/getmac) Get the mac address of the current machine you are on via Node.js
- [**227**Star][13d] [PHP] [aszone/avenger-sh](https://github.com/aszone/avenger-sh) Project for finding vunerabilities in mass.
- [**227**Star][22d] [CoffeeScript] [521xueweihan/shadowsocks-heroku](https://github.com/521xueweihan/shadowsocks-heroku) 本项目已删除
- [**226**Star][16d] [Rascal] [googlehosts/hosts-ipv6](https://github.com/googlehosts/hosts-ipv6) 镜像：
- [**226**Star][4m] [PS] [nemosminer/nemosminer](https://github.com/nemosminer/nemosminer) NemosMiner multi algo profit switching NVIDIA miner
- [**226**Star][1m] [JS] [kewitz/dat-medium](https://github.com/kewitz/dat-medium) P2P Markdown Blog for Beaker inspired by Medium.
- [**226**Star][13d] [ObjC] [shadowsocksr-live/ssrmac](https://github.com/shadowsocksr-live/ssrmac) ShadowsocksR (SSR) client for macOS
- [**226**Star][16d] [C++] [s1lentq/regamedll_cs](https://github.com/s1lentq/regamedll_cs) a result of reverse engineering of original library mod HLDS (build 6153beta) using DWARF debug info embedded into linux version of HLDS, cs.so
- [**226**Star][21d] [C++] [lifting-bits/grr](https://github.com/lifting-bits/grr) High-throughput fuzzer and emulator of DECREE binaries
- [**226**Star][4m] [PHP] [wapmorgan/phpcodefixer](https://github.com/wapmorgan/phpcodefixer) Analyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.
- [**226**Star][5m] [vixentael/my-talks](https://github.com/vixentael/my-talks) List of my talks and workshops: security engineering, applied cryptography, secure software development
- [**226**Star][10d] [valvesoftware/steamlink-sdk](https://github.com/valvesoftware/steamlink-sdk) SDK for the Valve Steam Link
- [**226**Star][5y] [Py] [trevp/tlslite](https://github.com/trevp/tlslite) TLS Library in python
- [**226**Star][26d] [PHP] [softius/php-cross-domain-proxy](https://github.com/softius/php-cross-domain-proxy) PHP Proxy for Cross Domain Requests
- [**226**Star][2y] [Py] [sensepost/spartan](https://github.com/sensepost/spartan) Frontpage and Sharepoint fingerprinting and attack tool.
- [**226**Star][11d] [JS] [roccomuso/kickthemout](https://github.com/roccomuso/kickthemout)  Kick devices off your network by performing an ARP Spoof attack with Node.js.
- [**226**Star][2y] [Shell] [r00t-3xp10it/trojanizer](https://github.com/r00t-3xp10it/trojanizer) Trojanize your payload - WinRAR (SFX) automatization - under Linux distros
- [**226**Star][7y] [C] [mirror/firmware-mod-kit](https://github.com/mirror/firmware-mod-kit) 
- [**226**Star][12m] [Py] [malwarecantfly/vba2graph](https://github.com/malwarecantfly/vba2graph) Generate call graphs from VBA code, for easier analysis of malicious documents.
- [**226**Star][5m] [ObjC] [limneos/weak_classdump](https://github.com/limneos/weak_classdump) Cycript real-time classdump . An alternative for encrypted binaries
- [**226**Star][4m] [AppleScript] [lifepillar/csvkeychain](https://github.com/lifepillar/csvkeychain) Import/export between Apple Keychain.app and plain CSV file.
- [**226**Star][2y] [C++] [intelpt/windowsintelpt](https://github.com/intelpt/windowsintelpt) This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows
- [**226**Star][2m] [Py] [inquest/omnibus](https://github.com/inquest/omnibus) The OSINT Omnibus (beta release)
- [**226**Star][10m] [Py] [infosecn1nja/maliciousmacromsbuild](https://github.com/infosecn1nja/maliciousmacromsbuild) Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
- [**226**Star][18d] [iamcryptoki/snowden-archive](https://github.com/iamcryptoki/snowden-archive) 
- [**226**Star][1y] [C] [gkdr/lurch](https://github.com/gkdr/lurch) OMEMO Encryption for libpurple.
- [**226**Star][16d] [Py] [eset/malware-research](https://github.com/eset/malware-research) Code written as part of our various malware investigations
- [**226**Star][4y] [Py] [dxa4481/snapper](https://github.com/dxa4481/snapper) A security tool for grabbing screenshots of many web hosts
- [**226**Star][4m] [C++] [d3v1l401/findcrypt-ghidra](https://github.com/d3v1l401/findcrypt-ghidra) IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database
- [**226**Star][12d] [C] [cybergrandchallenge/samples](https://github.com/cybergrandchallenge/samples) DARPA Cyber Grand Challenge Sample Challenges
- [**226**Star][13d] [Py] [c0rvax/project-black](https://github.com/c0rvax/project-black) Pentest/BugBounty progress control with scanning modules
- [**226**Star][4m] [brucetg/app_security](https://github.com/brucetg/app_security) 
- [**226**Star][10d] [C++] [ahxr/ghost](https://github.com/ahxr/ghost) a light RAT that gives the server/attacker full remote access to the user's command-line interprete
- [**226**Star][3m] [Py] [9b/chirp](https://github.com/9b/chirp) Interface to manage and centralize Google Alert information
- [**226**Star][3y] [1u4nx/exploit-exercises-nebula](https://github.com/1u4nx/exploit-exercises-nebula) Exploit-Exercises Nebula全攻略——Linux平台下的漏洞分析入门
- [**225**Star][1m] [avishayil/caponeme](https://github.com/avishayil/caponeme) Repository demonstrating the Capital One breach on your AWS account
- [**225**Star][12m] [C] [coreos/grub](https://github.com/coreos/grub) GRand Unified Bootloader
- [**225**Star][10d] [Go] [sun8911879/shadowsocksr](https://github.com/sun8911879/shadowsocksr) ShadowsocksR(SSR) for Go library
- [**225**Star][7d] [Py] [volatilityfoundation/volatility3](https://github.com/volatilityfoundation/volatility3) Volatility 3.0 development
- [**225**Star][7m] [PHP] [zigoo0/jsonbee](https://github.com/zigoo0/jsonbee) A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
- [**225**Star][20d] [JS] [zhuyingda/veneno](https://github.com/zhuyingda/veneno) 用Node.js编写的Web安全测试框架
- [**225**Star][12d] [C] [yifanlu/taihen](https://github.com/yifanlu/taihen) CFW framework for PS Vita
- [**225**Star][11d] [Go] [txthinking/socks5](https://github.com/txthinking/socks5) SOCKS Protocol Version 5 Library in Go. Full TCP/UDP and IPv4/IPv6 support
- [**225**Star][7m] [C++] [ss-abramchuk/openvpnadapter](https://github.com/ss-abramchuk/openvpnadapter) Objective-C wrapper for OpenVPN library. Compatible with iOS and macOS.
- [**225**Star][9m] [C] [semmle/securityexploits](https://github.com/semmle/securityexploits) This repo has been migrated to
- [**225**Star][4m] [PS] [outflanknl/excel4-dcom](https://github.com/outflanknl/excel4-dcom) PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)
- [**225**Star][5y] [Py] [nanyomy/dht-woodworm](https://github.com/nanyomy/dht-woodworm) this python repo is used to get the info_hash from DHT network, enjoy it
- [**225**Star][6m] [Py] [m4ll0k/smbrute](https://github.com/m4ll0k/smbrute) SMB Protocol Bruteforce
- [**225**Star][11d] [JS] [loki-project/session-desktop](https://github.com/loki-project/session-desktop) Session Desktop - Onion routing based messenger
- [**225**Star][10d] [Java] [ldtteam/minecolonies](https://github.com/ldtteam/minecolonies) Minecolonies minecraft mod
- [**225**Star][3y] [Py] [jianyangzhang/self-driving-car-ai](https://github.com/jianyangzhang/self-driving-car-ai) A simple self-driving car AI python script using the deep Q-learning algorithm
- [**225**Star][2m] [JS] [jameshabben/evolve](https://github.com/jameshabben/evolve) Web interface for the Volatility Memory Forensics Framework
- [**225**Star][12d] [C] [hunter-ht-2018/ptfuzzer](https://github.com/hunter-ht-2018/ptfuzzer) Improving AFL by using Intel PT to collect branch information
- [**225**Star][4m] [Py] [ghostmanager/ghostwriter](https://github.com/ghostmanager/ghostwriter) The SpecterOps project management and reporting engine
- [**225**Star][1m] [SourcePawn] [fnmsd/awvs_script_decode](https://github.com/fnmsd/awvs_script_decode) 解密好的AWVS10.5 data/script/目录下的脚本
- [**225**Star][2m] [Shell] [entynetproject/ehtools](https://github.com/entynetproject/ehtools) Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set …
- [**225**Star][7y] [Shell] [brav0hax/easy-creds](https://github.com/brav0hax/easy-creds) leverages tools for stealing credentials during a pen test
- [**225**Star][4m] [C++] [boyan-milanov/ropium](https://github.com/Boyan-MILANOV/ropium) ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
- [**224**Star][3m] [gloxec/crossc2](https://github.com/gloxec/crossc2) generate CobaltStrike's cross-platform payload
- [**224**Star][4m] [C#] [0xthirteen/sharprdp](https://github.com/0xthirteen/sharprdp) Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
- [**224**Star][24d] [Ruby] [pixielabs/letsencrypt-rails-heroku](https://github.com/pixielabs/letsencrypt-rails-heroku) Automatic LetsEncrypt SSL certificates in your Rails app on Heroku.
- [**224**Star][11d] [JS] [xmcp/gofw](https://github.com/xmcp/gofw) Chrome 扩展：麻麻再也不用担心 Google API 抽风了
- [**224**Star][10d] [Shell] [snail007/proxy_admin_free](https://github.com/snail007/proxy_admin_free) Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理，代理API认证，全能跨平台代理服务器。
- [**224**Star][5m] [Go] [go4org/go4](https://github.com/go4org/go4) go4 hosts the go4.org packages.
- [**224**Star][12d] [C#] [rainwayapp/warden](https://github.com/rainwayapp/warden) Warden.NET is an easy to use process management library for keeping track of processes on Windows.
- [**224**Star][1m] [Go] [orderbynull/lottip](https://github.com/orderbynull/lottip) Simple MySQL proxy for query logging with web GUI
- [**224**Star][2m] [Go] [opennota/check](https://github.com/opennota/check) A set of utilities for checking Go sources. This repository has migrated to
- [**224**Star][15d] [C++] [kelvinhack/khypervisor](https://github.com/kelvinhack/khypervisor) kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x
- [**224**Star][20d] [C] [hashcat/kwprocessor](https://github.com/hashcat/kwprocessor) Advanced keyboard-walk generator with configureable basechars, keymap and routes
- [**224**Star][15d] [Py] [djm/python-scrapyd-api](https://github.com/djm/python-scrapyd-api) A Python wrapper for working with Scrapyd's API.
- [**224**Star][23d] [Perl] [csirtgadgets/massive-octo-spice](https://github.com/csirtgadgets/massive-octo-spice) DEPRECATED - USE v3 (bearded-avenger)
- [**224**Star][26d] [Py] [coffeehb/tools](https://github.com/coffeehb/tools) 一些实用的python脚本
- [**224**Star][16d] [C] [aircrack-ng/mdk4](https://github.com/aircrack-ng/mdk4) a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses.
- [**223**Star][1y] [journeyover/ctrpf-ar-cheat-codes](https://github.com/journeyover/ctrpf-ar-cheat-codes) [Database] CTRPF AR CHEAT CODES TO BE USED WITH CTRPF WITH ACTION REPLAY SUPPORT
- [**223**Star][13d] [JS] [chenquincy/app-info-parser](https://github.com/chenquincy/app-info-parser) A javascript parser for parsing .ipa or .apk files.
- [**223**Star][18d] [Go] [kataras/muxie](https://github.com/kataras/muxie) Muxie is a modern, fast and light HTTP multiplexer for Go. Fully compatible with the http.Handler interface. Written for everyone.
- [**223**Star][12d] [JS] [oyyd/http-proxy-to-socks](https://github.com/oyyd/http-proxy-to-socks) hpts(http-proxy-to-socks) is a nodejs client to convert socks proxy into http proxy
- [**223**Star][15d] [bo0om/waf-bypass-cheat-sheet](https://github.com/bo0om/waf-bypass-cheat-sheet) Another way to bypass WAF Cheat Sheet (draft)
- [**223**Star][13d] [Go] [boppreh/steamgrid](https://github.com/boppreh/steamgrid) Downloads images to fill your Steam grid view
- [**223**Star][4m] [Py] [pret/pokemon-reverse-engineering-tools](https://github.com/pret/pokemon-reverse-engineering-tools) Tools for compiling and disassembling Pokémon Red and Pokémon Crystal
- [**223**Star][16d] [Py] [newbee119/telnet-scanner](https://github.com/NewBee119/telnet-scanner) telnet服务密码撞库
- [**223**Star][3y] [Py] [viralmaniar/wifi-dumper](https://github.com/viralmaniar/wifi-dumper) This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.
- [**223**Star][2y] [Go] [vedhavyas/zwfp](https://github.com/vedhavyas/zwfp) Zero-Width fingerprinting
- [**223**Star][12d] [shogunlab/awesome-hyper-v-exploitation](https://github.com/shogunlab/awesome-hyper-v-exploitation) A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.
- [**223**Star][2y] [sh4hin/mobileapp-pentest-cheatsheet](https://github.com/sh4hin/mobileapp-pentest-cheatsheet) The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
- [**223**Star][4m] [JS] [rotonde/rotonde-client](https://github.com/rotonde/rotonde-client) Rotonde Base Client
- [**223**Star][1y] [puresec/awesome-serverless-security](https://github.com/puresec/awesome-serverless-security) A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
- [**223**Star][2m] [Py] [ofek/privy](https://github.com/ofek/privy) An easy, fast lib to correctly password-protect your data
- [**223**Star][10m] [Shell] [neo23x0/fenrir](https://github.com/neo23x0/fenrir) Simple Bash IOC Scanner
- [**223**Star][7y] [Perl] [llaera/slowloris.pl](https://github.com/llaera/slowloris.pl) A new DOS Perl Programm
- [**223**Star][4y] [lavalamp-/password-lists](https://github.com/lavalamp-/password-lists) Password lists for use in penetration testing situations, broken up by TLD.
- [**223**Star][4m] [Py] [jackeriss/email_my_pc](https://github.com/jackeriss/email_my_pc) 远程监控电脑，也许一切只需要一封邮件。
- [**223**Star][10d] [Shell] [ginjachris/pentmenu](https://github.com/ginjachris/pentmenu) A bash script for recon and DOS attacks
- [**223**Star][12d] [Go] [ezekg/git-hound](https://github.com/ezekg/git-hound) Git plugin that prevents sensitive data from being committed.
- [**223**Star][20d] [Puppet] [dev-sec/puppet-os-hardening](https://github.com/dev-sec/puppet-os-hardening) This puppet module provides numerous security-related configurations, providing all-round base protection.
- [**223**Star][10d] [C] [beave/sagan](https://github.com/beave/sagan) Sagan uses a 'Snort like' engine and rules to analyze logs (syslog/event log/snmptrap/netflow/etc)
- [**223**Star][10d] [Smarty] [analytically/haproxy-ddos](https://github.com/analytically/haproxy-ddos) DDOS and attack resilient HAProxy configuration. To be used behind CloudFlare.
- [**222**Star][12d] [plexvpn/plex](https://github.com/plexvpn/plex) PlexVPN
- [**222**Star][11d] [hmaverickadams/tcm-security-sample-pentest-report](https://github.com/hmaverickadams/tcm-security-sample-pentest-report) Sample pentest report provided by TCM Security
- [**222**Star][15d] [PHP] [defuse/crackstation-hashdb](https://github.com/defuse/crackstation-hashdb) CrackStation.net's Lookup Table Implementation.
- [**222**Star][12d] [JS] [maxmeng93/get-free-ss](https://github.com/maxmeng93/get-free-ss) Node爬虫学习：自动爬取网络上公开的免费 SS\SSR 账号密码，并替换掉软件中旧的账号。
- [**222**Star][17d] [PS] [qax-a-team/cobaltstrike-toolset](https://github.com/QAX-A-Team/CobaltStrike-Toolset) Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
- [**222**Star][17d] [C] [xyzz/gamecard-microsd](https://github.com/xyzz/gamecard-microsd) microSD adapter for PlayStation Vita
- [**222**Star][4m] [C++] [xdnice/pcshare](https://github.com/xdnice/pcshare) PCShare是一款强大的远程控制软件，可以监视目标机器屏幕、注册表、文件系统等。
- [**222**Star][2y] [C++] [wnagzihxa1n/browsersecurity](https://github.com/wnagzihxa1n/browsersecurity) 我在学习浏览器安全过程中整理的漏洞分析笔记与相关的学习资料
- [**222**Star][10d] [Java] [uprootlabs/gngr](https://github.com/uprootlabs/gngr) a cross-platform browser focussed on privacy.
- [**222**Star][8d] [Py] [ultrasecurity/webkiller](https://github.com/ultrasecurity/webkiller) 多功能渗透测试辅助脚本
- [**222**Star][1y] [opennetworkingfoundation/delta](https://github.com/opennetworkingfoundation/delta) PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
- [**222**Star][1m] [letoram/senseye](https://github.com/letoram/senseye) Dynamic Visual Debugging / Reverse Engineering Toolsuite
- [**222**Star][2y] [Py] [kbdancer/tplinkkey](https://github.com/kbdancer/tplinkkey) 根据TPLINK系列路由器存在的漏洞批量扫描获取wifi密码
- [**222**Star][4m] [hannoch/scaner](https://github.com/hannoch/scaner) scanner collection
- [**222**Star][7d] [JS] [fuzzysecurity/fermion](https://github.com/fuzzysecurity/fermion) Fermion, an electron wrapper for Frida & Monaco.
- [**222**Star][4m] [C++] [eternityx/deadcell-csgo](https://github.com/eternityx/deadcell-csgo) Full source to the CS:GO cheat
- [**222**Star][8d] [Py] [ctfs/write-ups-2013](https://github.com/ctfs/write-ups-2013) Wiki-like CTF write-ups repository, maintained by the community. 2013
- [**222**Star][1y] [Py] [coalfire-research/deathmetal](https://github.com/coalfire-research/deathmetal) Red team & penetration testing tools to exploit the capabilities of Intel AMT
- [**222**Star][29d] [Ruby] [bdmac/strong_password](https://github.com/bdmac/strong_password) Entropy-based password strength checking for Ruby and Rails.
- [**222**Star][2m] [Py] [artkond/cisco-snmp-rce](https://github.com/artkond/cisco-snmp-rce) Cisco IOS SNMP RCE PoC
- [**222**Star][29d] [C++] [altf4/untwister](https://github.com/altf4/untwister) Seed recovery tool for PRNGs
- [**222**Star][2y] [Py] [003random/003recon](https://github.com/003random/003recon) Some tools to automate recon - 003random
- [**221**Star][12d] [JS] [enokidotsite/enoki](https://github.com/enokidotsite/enoki) ultralight tools for creating p2p sites
- [**221**Star][1m] [alulsh/personal-security-checklist](https://github.com/alulsh/personal-security-checklist) Personal security checklist for securing your devices and accounts.
- [**221**Star][12d] [C++] [stelgenhof/ailight](https://github.com/stelgenhof/ailight) AiLight is a custom firmware for the esp8266 based Ai-Thinker (or equivalent) RGBW WiFi light bulbs
- [**221**Star][12d] [Shell] [thelinuxchoice/locator](https://github.com/thelinuxchoice/locator) Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok)
- [**221**Star][5m] [404notf0und/always-learning](https://github.com/404notf0und/always-learning) 404 Not Found的知识库：计算机理论基础、计算机技术基础、底层研究、安全技术、安全研究、人工智能、企业安全建设、安全发展、职业规划、综合素质、国内外优秀技术人
- [**221**Star][20d] [Py] [mzfr/rsh](https://github.com/mzfr/rsh) generate reverse shell from CLI for linux and Windows.
- [**221**Star][10d] [payloadbox/sql-injection-payload-list](https://github.com/payloadbox/sql-injection-payload-list) SQL Injection Payload List
- [**221**Star][15d] [Py] [fsecurelabs/jandroid](https://github.com/fsecurelabs/jandroid) A tool for template matching against apps.
- [**221**Star][16d] [security-cheatsheet/reverse-shell-cheatsheet](https://github.com/security-cheatsheet/reverse-shell-cheatsheet) 
- [**221**Star][12d] [C] [meliot/filewatcher](https://github.com/meliot/filewatcher) A simple auditing utility for macOS
- [**221**Star][10d] [C] [vincentbernat/rfc5077](https://github.com/vincentbernat/rfc5077) Various tools for testing RFC 5077
- [**221**Star][4m] [Py] [thesph1nx/absolutezero](https://github.com/thesph1nx/absolutezero) Python APT Backdoor 1.0.0.1
- [**221**Star][12d] [Java] [tdunning/log-synth](https://github.com/tdunning/log-synth) Generates more or less realistic log data for testing simple aggregation queries.
- [**221**Star][4y] [C] [sslab-gatech/opensgx](https://github.com/sslab-gatech/opensgx) An open platform for Intel SGX Environments & Prerequisites 
- [**221**Star][25d] [sigp/solidity-security-blog](https://github.com/sigp/solidity-security-blog) Comprehensive list of known attack vectors and common anti-patterns
- [**221**Star][29d] [Go] [raz-varren/xsshell](https://github.com/raz-varren/xsshell) XSS反向Shell框架
- [**221**Star][1y] [Shell] [proxycannon/proxycannon-ng](https://github.com/proxycannon/proxycannon-ng) A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference
- [**221**Star][4m] [Verilog] [opencomputeproject/project-zipline](https://github.com/opencomputeproject/project-zipline) Defines a lossless compressed data format that is independent of CPU type, operating system, file system, and character set, and is suitable for compression using the XP10 algorithm.
- [**221**Star][12d] [C] [nowsecure/frida-cycript](https://github.com/nowsecure/frida-cycript) Cycript fork powered by Frida.
- [**221**Star][12d] [Go] [joncooperworks/judas](https://github.com/joncooperworks/judas) a phishing proxy
- [**221**Star][4m] [Java] [jikesrvm/jikesrvm](https://github.com/jikesrvm/jikesrvm) Jikes RVM (Research Virtual Machine)
- [**221**Star][3m] [C++] [ion28/bluespawn](https://github.com/ion28/bluespawn) Windows-based Active Defense and EDR tool to empower Blue Teams
- [**221**Star][7m] [C] [hyc/fcrackzip](https://github.com/hyc/fcrackzip) A braindead program for cracking encrypted ZIP archives. Forked from
- [**221**Star][15d] [C] [google/kasan](https://github.com/google/kasan) KernelAddressSanitizer, a fast memory error detector for the Linux kernel
- [**221**Star][12d] [C] [dns-oarc/dnscap](https://github.com/dns-oarc/dnscap) Network capture utility designed specifically for DNS traffic
- [**221**Star][22d] [C++] [azonenberg/openfpga](https://github.com/azonenberg/openfpga) Open FPGA tools
- [**220**Star][2m] [Ruby] [alaa/oh-my-vpn](https://github.com/alaa/oh-my-vpn) Setup your own OpenVPN server in 30 seconds!
- [**220**Star][15d] [Java] [guardianproject/lildebi](https://github.com/guardianproject/lildebi) UNMAINTAINED please adopt! we can no longer maintain this
- [**220**Star][14d] [C] [tiiffi/mcrcon](https://github.com/tiiffi/mcrcon) Rcon client for Minecraft
- [**220**Star][11d] [Rust] [phra/rustbuster](https://github.com/phra/rustbuster) A Comprehensive Web Fuzzer and Content Discovery Tool
- [**220**Star][5m] [C++] [chuyu-team/mint](https://github.com/Chuyu-Team/MINT) Contains the definitions for the Windows Internal UserMode API from ntdll.dll, samlib.dll and winsta.dll.
- [**220**Star][12d] [C++] [googleprojectzero/bochspwn](https://github.com/googleprojectzero/bochspwn) A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
- [**220**Star][11m] [Java] [xdtianyu/phonenumber](https://github.com/xdtianyu/phonenumber) 一个获取号码归属地和其他信息（诈骗、骚扰等）的开源库 [重构中]
- [**220**Star][3y] [Py] [vlall/darksearch](https://github.com/vlall/darksearch) query cached onion sites, irc chatrooms, various pdfs, game chats, blackhat forums etc
- [**220**Star][11d] [swannman/ircapabilities](https://github.com/swannman/ircapabilities) Incident Response Hierarchy of Needs
- [**220**Star][24d] [C] [royhills/ike-scan](https://github.com/royhills/ike-scan) The IKE Scanner
- [**220**Star][2m] [Standard ML] [rootkovska/codehash.db](https://github.com/rootkovska/codehash.db) A public database for software and firmware hashes
- [**220**Star][9m] [PHP] [rizer0/log-killer](https://github.com/rizer0/log-killer) Clear all your logs in [linux/windows] servers
- [**220**Star][3y] [Py] [maxwellkoh/2fassassin](https://github.com/maxwellkoh/2fassassin) Bypass Two-Factor-Authentication
- [**220**Star][2y] [Go] [maksadbek/tcpovericmp](https://github.com/maksadbek/tcpovericmp) TCP implementation over ICMP protocol to bypass firewalls
- [**220**Star][2y] [Py] [kurobeats/fimap](https://github.com/kurobeats/fimap) fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
- [**220**Star][5y] [PS] [jseidl/babadook](https://github.com/jseidl/babadook) Connection-less Powershell Persistent and Resilient Backdoor
- [**220**Star][24d] [Py] [icsec/airpwn-ng](https://github.com/icsec/airpwn-ng) force the target's browser to do what we want 
- [**220**Star][4m] [Py] [hyperspy/hyperspy](https://github.com/hyperspy/hyperspy) Multidimensional data analysis
- [**220**Star][2y] [C] [gtoad/android_inline_hook](https://github.com/gtoad/android_inline_hook) Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
- [**220**Star][11d] [Py] [danigargu/explodingcan](https://github.com/danigargu/explodingcan) An implementation of NSA's ExplodingCan exploit in Python
- [**220**Star][2y] [C++] [bromiumlabs/packerattacker](https://github.com/bromiumlabs/packerattacker) C++ application that uses memory and code hooks to detect packers
- [**220**Star][3y] [C++] [bee13oy/av_kernel_vulns](https://github.com/bee13oy/av_kernel_vulns) Pocs for Antivirus Software‘s Kernel Vulnerabilities
- [**220**Star][12d] [Py] [angr/angr-management](https://github.com/angr/angr-management) A GUI for angr. Being developed *very* slowly.
- [**219**Star][12d] [Py] [blackarrowsec/mssqlproxy](https://github.com/blackarrowsec/mssqlproxy) mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
- [**219**Star][1m] [C++] [linrongbin16/way-to-algorithm](https://github.com/linrongbin16/way-to-algorithm) Algorithm Tutorial and Source Code
- [**219**Star][4m] [Py] [thehive-project/thehivedocs](https://github.com/TheHive-Project/TheHiveDocs) Documentation of TheHive
- [**219**Star][6y] [Shell] [silverfoxx/pwnstar](https://github.com/silverfoxx/pwnstar) PwnSTAR (Pwn SofT-Ap scRipt) - for all your fake-AP needs!
- [**219**Star][4m] [C] [silight-jp/mactype-patch](https://github.com/silight-jp/mactype-patch) MacType Patch for DirectWrite Hook
- [**219**Star][11d] [C#] [shanek2/invtero.net](https://github.com/shanek2/invtero.net) A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
- [**219**Star][4m] [Py] [pventuzelo/octopus](https://github.com/pventuzelo/octopus) Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
- [**219**Star][2y] [Py] [pirate-crew/iptv](https://github.com/pirate-crew/iptv) Search and perform brute force attacks on illegal IPTV Servers
- [**219**Star][1y] [Py] [nullarray/dorknet](https://github.com/nullarray/dorknet) Selenium powered Python script to automate searching for vulnerable web apps.
- [**219**Star][10d] [Py] [niklasrosenstein/pydoc-markdown](https://github.com/niklasrosenstein/pydoc-markdown) Create Python API documentation in Markdown format.
- [**219**Star][4y] [Py] [mkorman90/volatilitybot](https://github.com/mkorman90/volatilitybot) An automated memory analyzer for malware samples and memory dumps
- [**219**Star][4m] [Py] [mateuszk87/pcapviz](https://github.com/mateuszk87/pcapviz) Visualize network topologies and collect graph statistics based on pcap files
- [**219**Star][10d] [Py] [lingerhk/hacking_script](https://github.com/lingerhk/hacking_script) 开发或收集的一些网络安全方面的脚本、小工具
- [**219**Star][1m] [liinnux/awesome-crawler-cn](https://github.com/liinnux/awesome-crawler-cn) 互联网爬虫，蜘蛛，数据采集器，网页解析器的汇总，因新技术不断发展，新框架层出不穷，此文会不断更新...
- [**219**Star][5m] [Py] [jpcertcc/malconfscan](https://github.com/jpcertcc/malconfscan) Volatility plugin for extracts configuration data of known malware
- [**219**Star][19d] [Go] [improbable-eng/kedge](https://github.com/improbable-eng/kedge) kEdge - Kubernetes Edge Proxy for gRPC and HTTP Microservices
- [**219**Star][1m] [Py] [gosecure/php7-opcache-override](https://github.com/gosecure/php7-opcache-override) Security-related PHP7 OPcache abuse tools and demo
- [**219**Star][2y] [emilyanncr/windows-post-exploitation](https://github.com/emilyanncr/windows-post-exploitation) Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
- [**219**Star][12d] [VBA] [dragokas/hijackthis](https://github.com/dragokas/hijackthis) A free utility that finds malware, adware and other security threats
- [**219**Star][6y] [Py] [bonsaiviking/nfspy](https://github.com/bonsaiviking/nfspy) ID-spoofing NFS client
- [**219**Star][3y] [PS] [arno0x/dbc2](https://github.com/arno0x/dbc2) DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication.
- [**219**Star][13d] [Shell] [anshumanbh/brutesubs](https://github.com/anshumanbh/brutesubs) An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker Compose
- [**218**Star][11m] [Ruby] [zeisler/visualize_ruby](https://github.com/zeisler/visualize_ruby) Transform code into a flowchart and experimentally trace the execution path through it
- [**218**Star][10d] [Py] [alltheplaces/alltheplaces](https://github.com/alltheplaces/alltheplaces) A set of spiders and scrapers to extract location information from places that post their location on the internet.
- [**218**Star][1m] [Py] [darryllane/bluto-old](https://github.com/darryllane/Bluto-Old) Recon, Subdomain Bruting, Zone Transfers
- [**218**Star][10d] [Py] [mhaskar/octopus](https://github.com/mhaskar/octopus) Open source pre-operation C2 server based on python and powershell
- [**218**Star][1m] [Go] [cloudflare/cloudflare-ingress-controller](https://github.com/cloudflare/cloudflare-ingress-controller) A Kubernetes ingress controller for Cloudflare's Argo Tunnels
- [**218**Star][14d] [Py] [woosoftware/shadowsocksr-origin](https://github.com/woosoftware/shadowsocksr-origin) Python port of ShadowsocksR
- [**218**Star][3m] [C++] [udosteinberg/nova](https://github.com/udosteinberg/nova) NOVA Microhypervisor
- [**218**Star][12d] [C++] [rainers/cv2pdb](https://github.com/rainers/cv2pdb) converter of DMD CodeView/DWARF debug information to PDB files
- [**218**Star][12d] [JS] [popomore/koa-proxy](https://github.com/popomore/koa-proxy) Proxy middleware for koa
- [**218**Star][10d] [C++] [panda-re/lava](https://github.com/panda-re/lava) 大规模自动化漏洞Addition工具
- [**218**Star][16d] [PHP] [momosecurity/rhizobia_p](https://github.com/momosecurity/rhizobia_p) PHP安全SDK及编码规范
- [**218**Star][19d] [Py] [mitsuhiko/python-regex-scanner](https://github.com/mitsuhiko/python-regex-scanner) Demo of how to use the underlying SRE engine to build a regex scanner
- [**218**Star][3y] [Py] [mailinneberg/blueborne](https://github.com/mailinneberg/blueborne) Purpose only! The dangers of Bluetooth implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks.
- [**218**Star][13d] [TS] [helmetjs/csp](https://github.com/helmetjs/csp) Content Security Policy middleware
- [**218**Star][5m] [C] [haakonnessjoen/mac-telnet](https://github.com/haakonnessjoen/mac-telnet) Open source MAC Telnet client and server for connecting to Microtik RouterOS routers and Posix machines via MAC address.
- [**218**Star][7m] [C] [feexd/pocs](https://github.com/feexd/pocs) 
- [**218**Star][10m] [Java] [dschanoeh/kayak](https://github.com/dschanoeh/kayak) Kayak is a CAN bus analysis tool based on SocketCAN
- [**218**Star][12d] [C] [derrekr/fastboot3ds](https://github.com/derrekr/fastboot3ds) A homebrew bootloader for the Nintendo 3DS that is similar to android's fastboot.
- [**218**Star][4m] [PHP] [cyrus-and/fracker](https://github.com/cyrus-and/fracker) PHP function tracker
- [**218**Star][11d] [Assembly] [cybereason/siofra](https://github.com/cybereason/siofra) a tool designed to identify and exploit DLL hijacking vulnerabilities in Windows programs
- [**218**Star][4m] [cryptoseb/cryptopaper](https://github.com/cryptoseb/cryptopaper) Privacy, Security, and Anonymity For Every Internet User.
- [**218**Star][1m] [Py] [chromium/web-page-replay](https://github.com/chromium/web-page-replay) Record live Web pages and use them for local performance testing!
- [**218**Star][8d] [Py] [athre0z/wasm](https://github.com/athre0z/wasm) WebAssembly decoder & disassembler library
- [**218**Star][19d] [Py] [angr/cle](https://github.com/angr/cle) CLE Loads Everything (at least, many binary formats!)
- [**218**Star][10m] [HTML] [ajinabraham/droid-application-fuzz-framework](https://github.com/ajinabraham/droid-application-fuzz-framework) Android application fuzzing framework with fuzzers and crash monitor.
- [**217**Star][10d] [Go] [jaeles-project/gospider](https://github.com/jaeles-project/gospider) Gospider - Fast web spider written in Go
- [**217**Star][4m] [Py] [qnrq/panic_bcast](https://github.com/qnrq/panic_bcast) Decentralized opsec panic button operating over UDP broadcasts and HTTP. Provides automatic ejection of encrypted drives as a safe-measure against cold-boot attacks.
- [**217**Star][19d] [sderosiaux/every-single-day-i-tldr](https://github.com/sderosiaux/every-single-day-i-tldr) A daily digest of the articles or videos I've found interesting, that I want to share with you.
- [**217**Star][11d] [analysis-tools-dev/dynamic-analysis](https://github.com/analysis-tools-dev/dynamic-analysis) A curated list of dynamic analysis tools for various programming languages
- [**217**Star][8d] [Rich Text Format] [gnodipac886/matebookxpro-hackintosh](https://github.com/gnodipac886/matebookxpro-hackintosh) Hackintosh Solution for the Huawei Matebook X Pro
- [**217**Star][10d] [Py] [securisec/chepy](https://github.com/securisec/chepy) Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
- [**217**Star][14d] [SourcePawn] [splewis/csgo-retakes](https://github.com/splewis/csgo-retakes) CS:GO Sourcemod plugin for a site-retake gamemode
- [**217**Star][1m] [Py] [newbee119/ti_collector](https://github.com/NewBee119/Ti_Collector) 本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。
- [**217**Star][12d] [C] [fsecurelabs/osxfuzz](https://github.com/FSecureLABS/OSXFuzz) macOS Kernel Fuzzer
- [**217**Star][9d] [Py] [mckinsey666/vocabs](https://github.com/Mckinsey666/vocabs) A lightweight online dictionary integration to the command line
- [**217**Star][12d] [JS] [sixstars/starctf2019](https://github.com/sixstars/starctf2019) official source code of *CTF2019
- [**217**Star][2m] [Go] [google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) Auditing for TLS certificates (Go code)
- [**217**Star][10d] [Shell] [fics/atcmd](https://github.com/fics/atcmd) Android AT command scripts and firmware extraction
- [**217**Star][2m] [Py] [evict/poc_cve-2018-1002105](https://github.com/evict/poc_cve-2018-1002105) PoC for CVE-2018-1002105.
- [**217**Star][4y] [Py] [darryllane/bluto-old](https://github.com/darryllane/bluto-old) Recon, Subdomain Bruting, Zone Transfers
- [**217**Star][15d] [C] [coolervoid/raptor_waf](https://github.com/coolervoid/raptor_waf) Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta
- [**217**Star][2y] [Py] [bluscreenofjeff/malleable-c2-randomizer](https://github.com/bluscreenofjeff/malleable-c2-randomizer) A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
- [**217**Star][2y] [Py] [arno0x/ntlmrelaytoews](https://github.com/arno0x/ntlmrelaytoews) ntlm relay attack to Exchange Web Services
- [**217**Star][11d] [JS] [aqiongbei/buy_pig_plan](https://github.com/aqiongbei/buy_pig_plan) 电话攻击(电话轰炸、可代替短信轰炸)、留言攻击工具 | 随缘维护，佛系更新
- [**217**Star][13d] [ObjC] [alonemonkey/dumpdecrypted](https://github.com/alonemonkey/dumpdecrypted) Dumps decrypted mach-o files from encrypted applications、framework or app extensions.
- [**216**Star][13d] [Java] [yanximin/weibopicdownloader](https://github.com/yanximin/weibopicdownloader) 免登录下载微博图片 爬虫 Download Weibo Images without Logging-in
- [**216**Star][13d] [Dockerfile] [zeddyu/http-smuggling-lab](https://github.com/zeddyu/http-smuggling-lab) Use HTTP Smuggling Lab to learn HTTP Smuggling.
- [**216**Star][4m] [C++] [atxsinn3r/vulncases](https://github.com/atxsinn3r/VulnCases) Oh it's just a bunch of vulns for references.
- [**216**Star][14d] [Shell] [hak5/lanturtle-modules](https://github.com/hak5/lanturtle-modules) The Official LAN Turtle Module Repository
- [**216**Star][3y] [Java] [zhengmin1989/wechatsportcheat](https://github.com/zhengmin1989/wechatsportcheat) 手把手教你当微信运动第一名 – 利用Android Hook进行微信运动作弊
- [**216**Star][3m] [YARA] [th3hurrican3/pepper](https://github.com/th3hurrican3/pepper) An open source script to perform malware static analysis on Portable Executable
- [**216**Star][16d] [C] [snare/ida-efiutils](https://github.com/snare/ida-efiutils) Some scripts for IDA Pro to assist with reverse engineering EFI binaries
- [**216**Star][3m] [Java] [rolfrolles/ghidrapal](https://github.com/rolfrolles/ghidrapal) Ghidra Program Analysis Library(No Doc)
- [**216**Star][8d] [C] [rokups/virtual-reality](https://github.com/rokups/virtual-reality) Stealthy backdoor for Windows operating systems
- [**216**Star][17d] [Shell] [rand0m1ze/ezsploit](https://github.com/rand0m1ze/ezsploit) Linux bash script automation for metasploit
- [**216**Star][5y] [Py] [qgriffith/openeats](https://github.com/qgriffith/openeats) Recipe Management Site created in Django
- [**216**Star][5m] [HTML] [ppeccin/webmsx](https://github.com/ppeccin/webmsx) WebMSX - Online MSX Emulator
- [**216**Star][22d] [Perl] [petdance/bobby-tables](https://github.com/petdance/bobby-tables) bobby-tables.com, the site for preventing SQL injections
- [**216**Star][4m] [PS] [mkellerman/invoke-commandas](https://github.com/mkellerman/invoke-commandas) Invoke Command As System/Interactive/GMSA/User on Local/Remote machine & returns PSObjects.
- [**216**Star][1y] [Py] [medbenali/cyberscan](https://github.com/medbenali/cyberscan) Network's Forensics ToolKit
- [**216**Star][5m] [Py] [lennonchin/code-confuse-plugin](https://github.com/lennonchin/code-confuse-plugin) A plugin to confuse codes in iOS Platform.
- [**216**Star][17d] [Shell] [lateralblast/lunar](https://github.com/lateralblast/lunar) A UNIX security auditing tool based on several security frameworks
- [**216**Star][4m] [Julia] [juliaci/benchmarktools.jl](https://github.com/juliaci/benchmarktools.jl) A benchmarking framework for the Julia language
- [**216**Star][3y] [C++] [jamesp6000/wsprrypi](https://github.com/jamesp6000/wsprrypi) Raspberry Pi WSPR transmitter using NTP based frequency calibration
- [**216**Star][11m] [Py] [gmr/queries](https://github.com/gmr/queries) PostgreSQL database access simplified
- [**216**Star][18d] [Py] [g0tmi1k/exe2hex](https://github.com/g0tmi1k/exe2hex) encodes an executable binary file into ASCII text format
- [**216**Star][10d] [Ruby] [devise-security/devise-security](https://github.com/devise-security/devise-security) A security extension for devise, meeting industrial standard security demands for web applications.
- [**216**Star][29d] [Py] [corelan/windbglib](https://github.com/corelan/windbglib) Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py
- [**216**Star][11d] [Go] [cloudfoundry-incubator/cfdev](https://github.com/cloudfoundry-incubator/cfdev) A fast and easy local Cloud Foundry experience on native hypervisors, powered by LinuxKit with VPNKit
- [**216**Star][12d] [VBA] [christophetd/spoofing-office-macro](https://github.com/christophetd/spoofing-office-macro) a VBA macro spawning a process with a spoofed parent and command line.
- [**216**Star][8m] [adguardteam/adguardforwindows](https://github.com/adguardteam/adguardforwindows) AdGuard for Windows open bug tracker
- [**216**Star][12d] [C#] [0xd4d/antinet](https://github.com/0xd4d/antinet) .NET anti-managed debugger and anti-profiler code
- [**215**Star][12d] [Py] [google/ukip](https://github.com/google/ukip) USB Keystroke Injection Protection
- [**215**Star][10d] [C++] [cseagle/blc](https://github.com/cseagle/blc) Integrate Ghidra's decompiler as an Ida plugin
- [**215**Star][13d] [HTML] [zkwlx/droidtelescope](https://github.com/zkwlx/droidtelescope) DroidTelescope（DT），Android端App性能监控框架
- [**215**Star][23d] [Go] [facebookincubator/fbender](https://github.com/facebookincubator/fbender) A load-testing command line tool for generic network protocols
- [**215**Star][10d] [C] [iqiyi/qnsm](https://github.com/iqiyi/qnsm) QNSM is network security monitoring framework based on DPDK.
- [**215**Star][2y] [C#] [spiderlabs/sharpcompile](https://github.com/spiderlabs/sharpcompile) SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…
- [**215**Star][4m] [C++] [rogue-kdc/cve-2019-0841](https://github.com/rogue-kdc/cve-2019-0841) PoC code for CVE-2019-0841 Privilege Escalation vulnerability
- [**215**Star][11d] [Ruby] [puppetlabs/puppetlabs-postgresql](https://github.com/puppetlabs/puppetlabs-postgresql) Puppet module for managing PostgreSQL
- [**215**Star][1y] [Java] [neo23x0/fnord](https://github.com/neo23x0/fnord) Pattern Extractor for Obfuscated Code
- [**215**Star][19d] [Py] [neex/gifoeb](https://github.com/neex/gifoeb) exploit for ImageMagick's uninitialized memory disclosure in gif coder
- [**215**Star][2y] [MATLAB] [lts4/deepfool](https://github.com/lts4/deepfool) A simple and accurate method to fool deep neural networks
- [**215**Star][11d] [C] [labapart/gattlib](https://github.com/labapart/gattlib) Library to access GATT information from BLE (Bluetooth Low Energy) devices
- [**215**Star][3y] [Py] [kamorin/dhcpig](https://github.com/kamorin/dhcpig) DHCP exhaustion script written in python using scapy network library
- [**215**Star][3y] [k0keoyo/some-kernel-fuzzing-paper](https://github.com/k0keoyo/some-kernel-fuzzing-paper) Some kernel fuzzing paper about windows and linux
- [**215**Star][28d] [C#] [jrowberg/bglib](https://github.com/jrowberg/bglib) BGLib implementation for Bluegiga BLE Bluetooth Smart modules
- [**215**Star][4m] [C] [jas502n/cve-2019-13272](https://github.com/jas502n/cve-2019-13272) Linux 4.10 < 5.1.17 PTRACE_TRACEME local root
- [**215**Star][10m] [PS] [harmj0y/damp](https://github.com/harmj0y/damp) The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
- [**215**Star][7d] [furrtek/dmg-cpu-inside](https://github.com/furrtek/dmg-cpu-inside) Reverse-engineered schematics for DMG-CPU-B
- [**215**Star][18d] [Dockerfile] [eadom/ctf_xinetd](https://github.com/eadom/ctf_xinetd) A docker repository for deploying pwnable challenges in CTF
- [**215**Star][20d] [C#] [dxflatline/flatpipes](https://github.com/dxflatline/flatpipes) A TCP proxy over named pipes. Originally created for maintaining a meterpreter session over 445 for less network alarms.
- [**214**Star][4m] [Shell] [xl-tech/openvpn-easy-setup](https://github.com/xl-tech/openvpn-easy-setup) Bash script for easy and fast OpenVPN deploy
- [**214**Star][10d] [Py] [howie6879/magic_google](https://github.com/howie6879/magic_google) Google search results crawler, get google search results that you need
- [**214**Star][10d] [Shell] [rdbox-intec/rdbox](https://github.com/rdbox-intec/rdbox) RDBOX is a standard IT infrastructure for ROS robots and IoT devices. From education to industrial use, continuously.
- [**214**Star][21d] [C] [tonyp7/esp32-wifi-manager](https://github.com/tonyp7/esp32-wifi-manager) Allows an ESP32 to connect to a saved wifi or start an access point where you can connect to existing wifis
- [**214**Star][14d] [Rust] [briansmith/webpki](https://github.com/briansmith/webpki) WebPKI X.509 Certificate Validation in Rust
- [**214**Star][9d] [HTML] [roleoroleo/yi-hack-mstar](https://github.com/roleoroleo/yi-hack-mstar) Custom firmware for Yi 1080p camera based on MStar platform
- [**214**Star][17d] [Py] [fox-it/cve-2019-1040-scanner](https://github.com/fox-it/cve-2019-1040-scanner) 
- [**214**Star][13d] [Py] [fireeye/fidl](https://github.com/fireeye/fidl) A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
- [**214**Star][20d] [Go] [praetorian-code/trudy](https://github.com/praetorian-code/trudy) A transparent proxy that can modify and drop traffic for arbitrary TCP connections.
- [**214**Star][18d] [Ruby] [vonahisec/leprechaun](https://github.com/vonahisec/leprechaun) This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.
- [**214**Star][27d] [HTML] [yaseng/iot-security-wiki](https://github.com/yaseng/iot-security-wiki) IOT security wiki
- [**214**Star][2y] [Py] [thiber-org/userline](https://github.com/thiber-org/userline) Query and report user logons relations from MS Windows Security Events
- [**214**Star][2y] [C#] [them4hd1/vayne-rat](https://github.com/them4hd1/vayne-rat) An Advanced C# .NET Rat, It’s Stable and Contains Many Features.
- [**214**Star][11d] [Py] [technicaldada/hackerpro](https://github.com/technicaldada/hackerpro) All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog
- [**214**Star][17d] [stuhirst/awssecurity](https://github.com/stuhirst/awssecurity) for AWS Security material
- [**214**Star][28d] [C] [sorbo/tcpcrypt](https://github.com/sorbo/tcpcrypt) a protocol that attempts to encrypt (almost) all of your network traffic
- [**214**Star][10d] [Shell] [roddhjav/pass-tomb](https://github.com/roddhjav/pass-tomb) A pass extension that helps you to keep the whole tree of password encrypted inside a tomb.
- [**214**Star][17d] [C] [peperunas/injectopi](https://github.com/peperunas/injectopi) A set of tutorials about code injection for Windows.
- [**214**Star][6m] [Py] [patois/idacyber](https://github.com/patois/idacyber) Data Visualization Plugin for IDA Pro
- [**214**Star][1m] [Go] [ooclab/otunnel](https://github.com/ooclab/otunnel) peer-to-peer tunnel tool
- [**214**Star][1m] [C++] [nu1lctf/n1ctf-2018](https://github.com/nu1lctf/n1ctf-2018) Official repository containing files related to N1CTF 2018.
- [**214**Star][11d] [OCaml] [montyly/gueb](https://github.com/montyly/gueb) Static analyzer detecting Use-After-Free on binary
- [**214**Star][12d] [Py] [malwaredllc/bamf](https://github.com/malwaredllc/bamf) BAMF (Backdoor Access Machine Farmer)
- [**214**Star][21d] [Go] [liamg/furious](https://github.com/liamg/furious) Golang IP/port scanner with SYN (stealth) scanning and device manufacturer identification
- [**214**Star][18d] [C#] [labo89/adbgui](https://github.com/labo89/adbgui) Wrapper for Android Debug Bridge (ADB) written in C#
- [**214**Star][15d] [Rust] [kpcyrd/badtouch](https://github.com/kpcyrd/badtouch) 可编程的网络验证破解的库, Rust编写
- [**214**Star][12d] [Py] [jrspruitt/ubi_reader](https://github.com/jrspruitt/ubi_reader) Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.
- [**214**Star][18d] [C] [joyent/mdb_v8](https://github.com/joyent/mdb_v8) postmortem debugging for Node.js and other V8-based programs
- [**214**Star][4m] [jeansgit/redteam](https://github.com/jeansgit/redteam) RedTeam资料收集整理
- [**214**Star][4y] [C] [fuzzysecurity/unix-privesc](https://github.com/fuzzysecurity/unix-privesc) Local UNIX PrivEsc Aggregation
- [**214**Star][17d] [Java] [facebookresearch/asynchronousratchetingtree](https://github.com/facebookresearch/asynchronousratchetingtree) On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees
- [**214**Star][15d] [C#] [enkomio/shed](https://github.com/enkomio/shed) .NET runtime inspector
- [**214**Star][17d] [JS] [dirtbags/pcapdb](https://github.com/dirtbags/pcapdb) A Distributed, Search-Optimized Full Packet Capture System
- [**214**Star][4m] [Shell] [cryptolok/crykex](https://github.com/cryptolok/crykex) Linux Memory Cryptographic Keys Extractor
- [**214**Star][4m] [HCL] [byt3bl33d3r/red-baron](https://github.com/byt3bl33d3r/red-baron) Automate creating resilient, disposable, secure and agile infrastructure for Red Teams
- [**214**Star][4m] [F#] [b2r2-org/b2r2](https://github.com/b2r2-org/b2r2) B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.
- [**214**Star][12d] [Py] [auth0/auth0-python](https://github.com/auth0/auth0-python) All information regarding using Auth0 with Python
- [**214**Star][2y] [Py] [ak1t4/open-redirect-scanner](https://github.com/ak1t4/open-redirect-scanner) open-redirect-scanner：open redirect subdomains scanner
- [**213**Star][10d] [Go] [berty/berty](https://github.com/berty/berty) Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network
- [**213**Star][29d] [Go] [vancluever/terraform-provider-acme](https://github.com/vancluever/terraform-provider-acme) ACME (Let's Encrypt) Support for Terraform
- [**213**Star][1y] [R] [salimk/rcrawler](https://github.com/salimk/rcrawler) An R web crawler and scraper
- [**213**Star][10d] [Lua] [ntop/wireshark-ntop](https://github.com/ntop/wireshark-ntop) Extensions for Wireshark
- [**213**Star][12d] [PS] [vysecurity/angrypuppy](https://github.com/vysecurity/ANGRYPUPPY) Bloodhound Attack Path Automation in CobaltStrike
- [**213**Star][19d] [D] [dlang-community/d-scanner](https://github.com/dlang-community/D-Scanner) Swiss-army knife for D source code
- [**213**Star][11d] [offensive-security/exploitdb-papers](https://github.com/offensive-security/exploitdb-papers) exploit-database-papers
- [**213**Star][20d] [Shell] [tomdev/teh_s3_bucketeers](https://github.com/tomdev/teh_s3_bucketeers) S3 bucket 搜索引擎
- [**213**Star][2y] [C++] [tandasat/pgresarch](https://github.com/tandasat/pgresarch) PatchGuard Research
- [**213**Star][4m] [C++] [rfidtool/esp-rfid-tool](https://github.com/rfidtool/esp-rfid-tool) A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37…
- [**213**Star][13d] [Py] [osquery/osquery-python](https://github.com/osquery/osquery-python) Python bindings for osquery's Thrift API
- [**213**Star][1m] [HTML] [musalbas/address-spoofing-poc](https://github.com/musalbas/address-spoofing-poc) Chrome address spoofing vulnerability proof-of-concept for HTTPS. (Original by David Leo.)
- [**213**Star][11d] [Py] [leancloud/satori](https://github.com/leancloud/satori) LeanCloud 维护的监控系统
- [**213**Star][3m] [ObjC] [isecpartners/ssl-conservatory](https://github.com/isecpartners/ssl-conservatory) Sample SSL client code for correct endpoint validation.
- [**213**Star][1m] [Py] [infamoussyn/rogue](https://github.com/infamoussyn/rogue) An extensible toolkit providing penetration testers an easy-to-use platform to deploy Access Points during penetration testing and red team engagements.
- [**213**Star][12d] [Py] [in-toto/in-toto](https://github.com/in-toto/in-toto) in-toto is a framework to protect supply chain integrity.
- [**213**Star][13d] [Py] [endgameinc/dga_predict](https://github.com/endgameinc/dga_predict) Predicting Domain Generation Algorithms using LSTMs 
- [**213**Star][10d] [0x4d31/deception-as-detection](https://github.com/0x4d31/deception-as-detection) Deception based detection techniques mapped to the MITRE’s ATT&CK framework
- [**212**Star][10d] [Go] [lc/subjs](https://github.com/lc/subjs) Fetches javascript file from a list of URLS or subdomains.
- [**212**Star][11d] [C] [mwaylabs/fruitymesh](https://github.com/mwaylabs/fruitymesh) FruityMesh - The first completely connection-based open source mesh on top of Bluetooth Low Energy (4.1/5.0 or higher)
- [**212**Star][10d] [Py] [intrig-unicamp/mininet-wifi](https://github.com/intrig-unicamp/mininet-wifi) Emulator for Software-Defined Wireless Networks
- [**212**Star][14d] [Java] [windwant/spring-dubbo-service](https://github.com/windwant/spring-dubbo-service) 微服务 spring dubbo项目：dubbo rpc；druid数据源连接池；mybatis配置集成，多数据源；jmx监控MBean；定时任务；aop；ftp；测试；Metrics监控；参数验证；跨域处理；shiro权限控制；consul服务注册，发现；redis分布式锁；SPI服务机制；cat监控；netty服务代理；websocket；disconf；mongodb集成；rest；docker；fescar
- [**212**Star][3m] [C#] [komefai/ps4macro](https://github.com/komefai/ps4macro) Automation utility for PS4 Remote Play written in C#
- [**212**Star][11d] [JS] [mitre-attack/tram](https://github.com/mitre-attack/tram) aid analyst in mapping finished reports to ATT&CK.
- [**212**Star][11d] [Py] [th3unkn0n/telegram-scraper](https://github.com/th3unkn0n/telegram-scraper) telegram group scraper tool. fetch all information about group members
- [**212**Star][16d] [PHP] [0blio/caesar](https://github.com/0blio/Caesar) An HTTP based RAT (Remote Administration Tool) that allows you to remotely control devices from your browser
- [**212**Star][4y] [Shell] [ztgrace/sticky_keys_hunter](https://github.com/ztgrace/sticky_keys_hunter) A script to test an RDP host for sticky keys and utilman backdoor.
- [**212**Star][11m] [C#] [zodiacon/drivermon](https://github.com/zodiacon/drivermon) Monitor activity of any driver
- [**212**Star][2y] [HTML] [xsscx/commodity-injection-signatures](https://github.com/xsscx/commodity-injection-signatures) Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
- [**212**Star][16d] [Go] [ullaakut/nmap](https://github.com/ullaakut/nmap) Idiomatic nmap library for go developers
- [**212**Star][11d] [TS] [tensult/cloud-reports](https://github.com/tensult/cloud-reports) Scans your AWS cloud resources and generates reports. Check out free hosted version:
- [**212**Star][3y] [C] [silvermoonsecurity/passivefuzzframeworkosx](https://github.com/silvermoonsecurity/passivefuzzframeworkosx) This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.
- [**212**Star][14d] [JS] [shutterstock/lil-brother](https://github.com/shutterstock/lil-brother) Track clicks and other client-side events on web pages
- [**212**Star][4m] [Py] [seemoo-lab/internalblue](https://github.com/seemoo-lab/internalblue) Bluetooth experimentation framework for Broadcom and Cypress chips.
- [**212**Star][4m] [Py] [seahoh/gotox](https://github.com/seahoh/gotox) 本地自动代理，修改自 goagent。
- [**212**Star][28d] [PHP] [samdark/yii2-webshell](https://github.com/samdark/yii2-webshell) Web shell allows to run yii console commands using a browser
- [**212**Star][3m] [Py] [rndinfosecguy/scavenger](https://github.com/rndinfosecguy/scavenger) Crawler (Bot) searching for credential leaks on different paste sites.
- [**212**Star][10d] [Py] [rhinosecuritylabs/cloud-security-research](https://github.com/rhinosecuritylabs/cloud-security-research) Cloud-related research releases from the Rhino Security Labs team.
- [**212**Star][4m] [Kotlin] [paphonb/androidp-ify](https://github.com/paphonb/androidp-ify) [Xposed] Use features introduced in Android P on your O+ Device!
- [**212**Star][5m] [Java] [owasp/benchmark](https://github.com/owasp/benchmark) OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…
- [**212**Star][4m] [Py] [orf/xcat](https://github.com/orf/xcat) Automate XPath injection attacks to retrieve documents
- [**212**Star][4m] [C#] [omarelabd/objectexporter](https://github.com/omarelabd/objectexporter) Object Exporter lets you export out an object while debugging in Visual Studio, the object can be serialized in either C#, JSON or XML.
- [**212**Star][2y] [Go] [netxfly/xsec-proxy-scanner](https://github.com/netxfly/xsec-proxy-scanner) proxy canner
- [**212**Star][5y] [PS] [mattifestation/wmi_backdoor](https://github.com/mattifestation/wmi_backdoor) A PoC WMI backdoor presented at Black Hat 2015
- [**212**Star][3y] [Shell] [jakewmeyer/geo](https://github.com/jakewmeyer/geo) A Bash utility for easy wan, lan, router, dns, mac address, and geolocation output,
- [**212**Star][14d] [Py] [hynek/argon2-cffi](https://github.com/hynek/argon2-cffi) Secure Password Hashes for Python
- [**212**Star][2y] [faizann24/resources-for-learning-hacking](https://github.com/faizann24/resources-for-learning-hacking) All the resources I could find for learning Ethical Hacking and penetration testing.
- [**212**Star][12d] [Py] [eth-sri/debin](https://github.com/eth-sri/debin) Machine Learning to Deobfuscate Binaries
- [**212**Star][3m] [C#] [dotnet-security-guard/roslyn-security-guard](https://github.com/dotnet-security-guard/roslyn-security-guard) Roslyn analyzers that aim to help security audit on .NET applications.
- [**212**Star][13d] [C] [david-reguera-garcia-dreg/anticuckoo](https://github.com/david-reguera-garcia-dreg/anticuckoo) A tool to detect and crash Cuckoo Sandbox
- [**212**Star][11d] [C] [curl/doh](https://github.com/curl/doh) stand-alone application for DoH (DNS-over-HTTPS) name resolves and lookups
- [**212**Star][3m] [PLpgSQL] [cseagle/freedom](https://github.com/cseagle/freedom) capstone based disassembler for extracting to binnavi
- [**212**Star][11d] [C] [aflgo/aflgo](https://github.com/aflgo/aflgo) Directed Greybox Fuzzing with AFL
- [**211**Star][2m] [Shell] [eustasy/bubbly](https://github.com/eustasy/bubbly) Better SSL in Nginx in 10 minutes. Configuration files and setup scripts for Certbot.
- [**211**Star][17d] [Py] [kevthehermit/ducktoolkit](https://github.com/kevthehermit/ducktoolkit) Encoding Tools for Rubber Ducky
- [**211**Star][14d] [Py] [tkmru/nao](https://github.com/tkmru/nao) Simple No-meaning Assembly Omitter for IDA Pro (This is just a prototype)
- [**211**Star][4m] [Java] [subgraph/orchid](https://github.com/subgraph/orchid) 
- [**211**Star][3m] [C#] [secana/penet](https://github.com/secana/penet) Portable Executable (PE) library written in .Net
- [**211**Star][5m] [Shell] [ryran/xsos](https://github.com/ryran/xsos)  instantaneously gather information about a system together in an easy-to-read-summary, whether that system is the localhost on which xsos is being run or a system for which you have an unpacked sosreport
- [**211**Star][16d] [Py] [nolze/msoffcrypto-tool](https://github.com/nolze/msoffcrypto-tool) Python tool and library for decrypting MS Office files with passwords or other keys
- [**211**Star][14d] [C++] [movsb/common](https://github.com/movsb/common) Yet another serial port debugger.
- [**211**Star][4m] [Py] [jwilk/python-afl](https://github.com/jwilk/python-afl) American Fuzzy Lop fork server and instrumentation for pure-Python code
- [**211**Star][4m] [Py] [jas502n/cnvd-c-2019-48814](https://github.com/jas502n/cnvd-c-2019-48814) WebLogic wls9-async反序列化远程命令执行漏洞
- [**211**Star][7d] [C] [ionescu007/winipt](https://github.com/ionescu007/winipt) The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool.
- [**211**Star][12d] [C++] [hiitiger/gelectron](https://github.com/hiitiger/gelectron) gameoverlay solution for Electron, Qt and CEF, just like discord game overlay and steam game overlay, inject any app to overlay in your game
- [**211**Star][10d] [C] [hashcat/maskprocessor](https://github.com/hashcat/maskprocessor) High-Performance word generator with a per-position configureable charset
- [**211**Star][5m] [Py] [danmcinerney/msf-autoshell](https://github.com/danmcinerney/msf-autoshell) Feed the tool a .nessus file and it will automatically get you MSF shell
- [**211**Star][15d] [C] [cloudflare/mmproxy](https://github.com/cloudflare/mmproxy) mmproxy, the magical PROXY protocol gateway
- [**211**Star][4m] [1hack0/facebook-bug-bounty-write-ups](https://github.com/1hack0/facebook-bug-bounty-write-ups) Hunting Bugs for Fun and Profit
- [**210**Star][9d] [HCL] [secdevops-cuse/cyberrange](https://github.com/secdevops-cuse/cyberrange) The Open-Source AWS Cyber Range
- [**210**Star][25d] [Java] [tongxiji/shadowsocks-java](https://github.com/tongxiji/shadowsocks-java) shadowsocks server base on netty4 , tcp & udp full support,
- [**210**Star][3y] [hackathonhackers/groups](https://github.com/hackathonhackers/groups) A listing of all the subgroups of Hackathon Hackers
- [**210**Star][16d] [Py] [cortesi/sortvis](https://github.com/cortesi/sortvis) Sorting algorithm visualisation with Cairo
- [**210**Star][1y] [HTML] [facebook/delegatedrecoveryspecification](https://github.com/facebook/DelegatedRecoverySpecification) Allows an application to delegate the capability to recover an account to an account controlled by the same user or entity at a third party service provider.
- [**210**Star][12m] [C] [zombiecraig/icsim](https://github.com/zombiecraig/icsim) Instrument Cluster Simulator
- [**210**Star][18d] [Py] [xairy/mipt-ctf](https://github.com/xairy/mipt-ctf) A small course on CTF (wargames) for beginners [in Russian]
- [**210**Star][11d] [Batchfile] [tai7sy/fuckcdn](https://github.com/tai7sy/fuckcdn) CDN真实IP扫描，易语言开发
- [**210**Star][4m] [C] [niluje/kindletool](https://github.com/niluje/kindletool) A tool for creating & extracting Kindle updates and more
- [**210**Star][6m] [Py] [miketeo/pysmb](https://github.com/miketeo/pysmb) pysmb is an experimental SMB/CIFS library written in Python. It implements the client-side SMB/CIFS protocol (SMB1 and SMB2) which allows your Python application to access and transfer files to/from SMB/CIFS shared folders like your Windows file sharing and Samba folders.
- [**210**Star][8m] [Shell] [keepwannabe/remot3d](https://github.com/keepwannabe/remot3d) is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors
- [**210**Star][4y] [C++] [k2/ehtrace](https://github.com/k2/ehtrace) ATrace is a tool for tracing execution of binaries on Windows.
- [**210**Star][3m] [Py] [invictus1306/beebug](https://github.com/invictus1306/beebug) A tool for checking exploitability
- [**210**Star][26d] [CSS] [hongkonggong/tldr-digital-security](https://github.com/hongkonggong/tldr-digital-security) TLDR Digital Safety Checklist
- [**210**Star][5m] [C#] [ghostpack/sharpdpapi](https://github.com/ghostpack/sharpdpapi) SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
- [**210**Star][3m] [CoffeeScript] [fw42/honeymap](https://github.com/fw42/honeymap) Real-time websocket stream of GPS events on a fancy SVG world map
- [**210**Star][8m] [Py] [dionach/phemail](https://github.com/dionach/phemail) PhEmail is a python open source phishing email tool that automates the process of sending phishing emails as part of a social engineering test
- [**210**Star][26d] [Ruby] [crowecybersecurity/ps1encode](https://github.com/crowecybersecurity/ps1encode) Script used to generate and encode a PowerShell based Metasploit payloads.
- [**210**Star][26d] [Py] [blackarch/wordlistctl](https://github.com/blackarch/wordlistctl) Fetch, install and search wordlist archives from websites and torrent peers.
- [**210**Star][12d] [Go] [asciimoo/morty](https://github.com/asciimoo/morty) Privacy aware web content sanitizer proxy as a service
- [**210**Star][10d] [JS] [78778443/permeate](https://github.com/78778443/permeate) 一个用于渗透透测试演练的WEB系统,用于提升寻找网站能力,也可以用于web安全教学
- [**210**Star][15d] [Go] [0x4d31/honeybits](https://github.com/0x4d31/honeybits) A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
- [**209**Star][4m] [Shell] [pinto0309/tensorflow-bin](https://github.com/pinto0309/tensorflow-bin) Prebuilt binary with Tensorflow Lite enabled (native build). For RaspberryPi / Jetson Nano. And, solved Tensorflow issues #15062,#21574,#21855,#23082,#25120,#25748,#29617,#29704,#30359.
- [**209**Star][11d] [dgiese/dustcloud-documentation](https://github.com/dgiese/dustcloud-documentation) Xiaomi Smart Home Device Reverse Engineering and Hacking - Documentation Repo
- [**209**Star][21d] [Perl] [portswigger/upload-scanner](https://github.com/portswigger/upload-scanner) HTTP file upload scanner for Burp Proxy
- [**209**Star][1m] [Py] [aoncyberlabs/xxe-recursive-download](https://github.com/AonCyberLabs/xxe-recursive-download) exploits XXE to retrieve files from a target server.
- [**209**Star][4m] [JS] [thaliproject/thali_cordovaplugin](https://github.com/thaliproject/thali_cordovaplugin) Thali p2p plugin
- [**209**Star][19d] [Py] [skyscanner/cfripper](https://github.com/skyscanner/cfripper) Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
- [**209**Star][1m] [Py] [sec-bit/awesome-buggy-erc20-tokens](https://github.com/sec-bit/awesome-buggy-erc20-tokens) A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
- [**209**Star][16d] [C] [rfc1036/whois](https://github.com/rfc1036/whois) Intelligent WHOIS client
- [**209**Star][10d] [Py] [pymetrics/audit-ai](https://github.com/pymetrics/audit-ai) detect demographic differences in the output of machine learning models or other assessments
- [**209**Star][11d] [Py] [pstirparo/mac4n6](https://github.com/pstirparo/mac4n6) Collection of forensics artifacs location for Mac OS X and iOS
- [**209**Star][22d] [pochubs/pochubs](https://github.com/pochubs/pochubs) PocHubs是为了整合网上知名开源框架的漏洞详细和POC
- [**209**Star][14d] [Py] [phype/telnet-iot-honeypot](https://github.com/phype/telnet-iot-honeypot) Python telnet honeypot for catching botnet binaries
- [**209**Star][18d] [Ruby] [philnash/pwned](https://github.com/philnash/pwned) An easy, Ruby way to use the Pwned Passwords API.
- [**209**Star][2y] [JS] [jpcertcc/sysmonsearch](https://github.com/jpcertcc/sysmonsearch) Investigate suspicious activity by visualizing Sysmon's event log
- [**209**Star][7y] [haohaolee/shadowsocks-openwrt](https://github.com/haohaolee/shadowsocks-openwrt) A package of shadowsocks for OpenWrt
- [**209**Star][17d] [Py] [googlecloudplatform/appengine-guestbook-python](https://github.com/googlecloudplatform/appengine-guestbook-python) Guestbook is an example application showing basic usage of Google App Engine
- [**209**Star][22d] [Py] [emersonelectricco/fsf](https://github.com/emersonelectricco/fsf) File Scanning Framework
- [**209**Star][2y] [C] [crozone/spectrepoc](https://github.com/crozone/spectrepoc) Proof of concept code for the Spectre CPU exploit.
- [**209**Star][1m] [Ruby] [choria-legacy/marionette-collective](https://github.com/choria-legacy/marionette-collective) The Marionette Collective
- [**209**Star][12d] [Py] [blueboxgroup/ursula](https://github.com/blueboxgroup/ursula) Ansible playbooks for operating OpenStack - Powering Blue Box Cloud.
- [**209**Star][11m] [Py] [ares-x/awd-predator-framework](https://github.com/ares-x/awd-predator-framework) AWD攻防赛webshell批量利用框架
- [**209**Star][4m] [JS] [409h/etheraddresslookup](https://github.com/409h/etheraddresslookup) Adds links to strings that look like Ethereum addresses to your favourite blockchain explorer. Adds protection against private key phishing. Offers custom site bookmarks.
- [**208**Star][11d] [JS] [cert-polska/drakvuf-sandbox](https://github.com/cert-polska/drakvuf-sandbox) DRAKVUF Sandbox - automated hypervisor-level malware analysis system
- [**208**Star][3m] [PHP] [zrashwani/arachnid](https://github.com/zrashwani/arachnid) Crawl all unique internal links found on a given website, and extract SEO related information - supports javascript based sites
- [**208**Star][19d] [Java] [hemin1003/java-spider](https://github.com/hemin1003/java-spider) 一个基于webmagic框架二次开发的java爬虫框架实战，已实现能爬取腾讯，搜狐，今日头条（单独集成功能）等资讯内容，配合elasticsearch框架用法，实现了自动爬虫，已投入线上生产使用。
- [**208**Star][1m] [C#] [atonasting/marysue-encoder](https://github.com/atonasting/marysue-encoder) 把任意文字和玛丽苏体的姓名进行加密转换
- [**208**Star][1m] [JS] [redco/goose-parser](https://github.com/redco/goose-parser) Universal scrapping tool, which allows you to extract data using multiple environments
- [**208**Star][10d] [JS] [beepisla/csgo-commend-bot](https://github.com/beepisla/csgo-commend-bot) Commend/Report bot in NodeJS
- [**208**Star][8d] [HTML] [01ly/dpspider](https://github.com/01ly/dpspider) 大众点评爬虫、API，可以进行单独城市、单独地区、单独商铺的爬取、搜索、多类型地区搜索、信息获取、提供MongoDB数据库存储支持，可以进行点评文本解密的爬取、存储
- [**208**Star][24d] [Py] [edboffical/bsp](https://github.com/edboffical/bsp) shadowsocks多用户、流量、限时管理接口
- [**208**Star][14d] [Go] [koding/tunnel](https://github.com/koding/tunnel) Tunnel proxy package in Go
- [**208**Star][2y] [C] [cheesecakeufo/saigon](https://github.com/cheesecakeufo/saigon) iOS 10.2.1 - Discontinued version
- [**208**Star][9m] [Py] [yelp/threat_intel](https://github.com/yelp/threat_intel) Threat Intelligence APIs
- [**208**Star][4m] [JS] [xiaokanghub/frida-android-unpack](https://github.com/xiaokanghub/frida-android-unpack) this unpack script for Android O and Android P
- [**208**Star][3m] [Py] [skyscanner/lambdaguard](https://github.com/skyscanner/lambdaguard) AWS Serverless Security
- [**208**Star][16d] [JS] [rook2pawn/node-ddos](https://github.com/rook2pawn/node-ddos) Stop denial of service attacks, configurable allowable burst rate.
- [**208**Star][12d] [r0ah/vitacheat](https://github.com/r0ah/vitacheat) FinalCheat / VitaCheat Database
- [**208**Star][2y] [Py] [omergunal/pot](https://github.com/omergunal/pot) Phishing on Twitter
- [**208**Star][18d] [C++] [oisf/libhtp](https://github.com/oisf/libhtp) LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
- [**208**Star][2y] [Py] [linw1995/lightsocks-python](https://github.com/linw1995/lightsocks-python) 
- [**208**Star][4m] [Py] [lazza/recuperabit](https://github.com/lazza/recuperabit) A tool for forensic file system reconstruction.
- [**208**Star][25d] [Erlang] [kudelskisecurity/scannerl](https://github.com/kudelskisecurity/scannerl) The modular distributed fingerprinting engine
- [**208**Star][11d] [C#] [jamesjlinden/unity-decompiled](https://github.com/jamesjlinden/unity-decompiled) Unity C# code decompiled in Resharper.
- [**208**Star][1m] [Py] [isofew/sssniff](https://github.com/isofew/sssniff) ShadowSocks(SS) traffic sniffer
- [**208**Star][21d] [C++] [isecpartners/jailbreak](https://github.com/isecpartners/jailbreak) Jailbreak
- [**208**Star][2y] [Py] [fireeye/idawasm](https://github.com/fireeye/idawasm) IDA Pro loader and processor modules for WebAssembly
- [**208**Star][18d] [JS] [dvandal/cryptonote-nodejs-pool](https://github.com/dvandal/cryptonote-nodejs-pool) Mining pool for all CryptoNote based coins using Cryptonight, Cryptonight Light and Cryptonight Heavy algorithms
- [**208**Star][2y] [Py] [dragen1860/learningtocompare-pytorch](https://github.com/dragen1860/learningtocompare-pytorch) Pytorch Implementation for CVPR2018 Paper: Learning to Compare: Relation Network for Few-Shot Learning
- [**208**Star][6m] [Py] [doomedraven/virustotalapi](https://github.com/doomedraven/virustotalapi) VirusTotal Full api
- [**208**Star][11d] [Py] [crowecybersecurity/ad-ldap-enum](https://github.com/crowecybersecurity/ad-ldap-enum) An LDAP based Active Directory user and group enumeration tool
- [**208**Star][4m] [C] [crowdstrike/tortilla](https://github.com/crowdstrike/tortilla) solution for Windows that transparently routes all TCP and DNS traffic through Tor
- [**208**Star][10d] [Shell] [controlplaneio/netassert](https://github.com/controlplaneio/netassert) Network security testing for DevSecOps workflows
- [**208**Star][6m] [Py] [agoragames/kairos](https://github.com/agoragames/kairos) Python module for time series data in Redis and Mongo
- [**207**Star][18d] [Py] [alephdata/memorious](https://github.com/alephdata/memorious) Distributed crawling framework for documents and structured data.
- [**207**Star][1m] [Py] [sean-public/python-hashes](https://github.com/sean-public/python-hashes) Interesting (non-cryptographic) hashes implemented in pure Python.
- [**207**Star][13d] [C] [waterjuice/wjcryptlib](https://github.com/waterjuice/wjcryptlib) Public Domain C Library of Cryptographic functions. Including: MD5, SHA1, SHA256, SHA512, RC4, AES, AES-CTR, AES-OFB, AES-CBC
- [**207**Star][13d] [C#] [microfisher/strong-web-crawler](https://github.com/microfisher/strong-web-crawler) 基于C#.NET+PhantomJS+Sellenium的高级网络爬虫程序。可执行Javascript代码、触发各类事件、操纵页面Dom结构。
- [**207**Star][12d] [Py] [dreamer/boxtron](https://github.com/dreamer/boxtron) Steam Play compatibility tool to run DOS games using native Linux DOSBox
- [**207**Star][20d] [Py] [abdulrah33m/cl0nemast3r](https://github.com/Abdulrah33m/Cl0neMast3r) Git all your favorite tools in one click
- [**207**Star][4y] [Py] [tuuunya/webdirscan](https://github.com/TuuuNya/webdirscan) 跨平台的web目录扫描工具
- [**207**Star][12d] [Py] [zhangslob/awesome_crawl](https://github.com/zhangslob/awesome_crawl) 腾讯新闻、知乎话题、微博粉丝，Tumblr爬虫、斗鱼弹幕、妹子图爬虫、分布式设计等
- [**207**Star][15d] [Py] [toxygen-project/toxygen](https://github.com/toxygen-project/toxygen) Toxygen is pythonic Tox client
- [**207**Star][1y] [PS] [sud0woodo/dcomrade](https://github.com/sud0woodo/dcomrade) Powershell script for enumerating vulnerable DCOM Applications
- [**207**Star][17d] [JS] [nowsecure/node-applesign](https://github.com/nowsecure/node-applesign) NodeJS module and commandline utility for re-signing iOS applications (IPA files).
- [**207**Star][11y] [C] [nextgens/tor](https://github.com/nextgens/tor) Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.
- [**207**Star][4y] [Py] [m57/ardt](https://github.com/m57/ardt) Akamai Reflective DDoS Tool - Attack the origin host behind the Akamai Edge hosts and DDoS protection offered by Akamai services.
- [**207**Star][4m] [Shell] [lis912/evaluation_tools](https://github.com/lis912/evaluation_tools) 测评工具
- [**207**Star][10d] [Shell] [lavabit/robox](https://github.com/lavabit/robox) The tools needed to robotically create/configure/provision a large number of operating systems, for a variety of hypervisors, using packer.
- [**207**Star][2m] [JS] [konklone/shaaaaaaaaaaaaa](https://github.com/konklone/shaaaaaaaaaaaaa) Check if a website has weak SHA-1 TLS certificates.
- [**207**Star][15d] [C#] [jaegertracing/jaeger-client-csharp](https://github.com/jaegertracing/jaeger-client-csharp) C# client (tracer) for Jaeger
- [**207**Star][11d] [Py] [google/in-silico-labeling](https://github.com/google/in-silico-labeling) Code for In silico labeling: Predicting fluorescent labels in unlabeled images
- [**207**Star][27d] [Py] [euske/pyrexecd](https://github.com/euske/pyrexecd) Standalone SSH server for Windows
- [**207**Star][6m] [C] [denandz/fuzzotron](https://github.com/denandz/fuzzotron) A TCP/UDP based network daemon fuzzer
- [**207**Star][2y] [C#] [damonmohammadbagher/nativepayload_dns](https://github.com/damonmohammadbagher/nativepayload_dns) C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses
- [**207**Star][2m] [Py] [countercept/doublepulsar-c2-traffic-decryptor](https://github.com/countercept/doublepulsar-c2-traffic-decryptor) A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implant
- [**207**Star][22d] [C] [cnlohr/espthernet](https://github.com/cnlohr/espthernet) ESP8266 10-Base-T Ethernet Driver
- [**207**Star][28d] [JS] [chichou/etacsufbo](https://github.com/chichou/etacsufbo) 基于 AST 变换的简易 Javascript 反混淆辅助工具
- [**207**Star][4m] [C#] [bedthegod/confuserex-mod-by-bed](https://github.com/bedthegod/confuserex-mod-by-bed) Beds Protector | Best free obfuscation out right now
- [**207**Star][2y] [Go] [akagi201/cryptotrader](https://github.com/akagi201/cryptotrader) A cryptocurrency trader for all famous exchanges
- [**206**Star][11d] [Go] [ysmood/rod](https://github.com/ysmood/rod) A chrome devtools driver to make web automation and scraping easy
- [**206**Star][11d] [Swift] [passepartoutvpn/passepartout-ios](https://github.com/passepartoutvpn/passepartout-ios) User-friendly OpenVPN client app for iOS.
- [**206**Star][16d] [Go] [cjimti/iotwifi](https://github.com/cjimti/iotwifi) Raspberry Pi (arm) wifi configuration container. Configure and control wifi connectivity with a JSON based REST api.
- [**206**Star][26d] [Py] [falseen/shadowsocks-pyqt](https://github.com/falseen/shadowsocks-pyqt) 一个用PyQt5实现的shadowsocks 客户端, 可以在 windows、linux、OSX 等平台上运行
- [**206**Star][27d] [JS] [snipa22/xmr-node-proxy](https://github.com/snipa22/xmr-node-proxy) 
- [**206**Star][5m] [toleda/wireless_half-mini](https://github.com/toleda/wireless_half-mini) macOS Airport Half Mini (WiFi and Bluetooth)
- [**206**Star][3y] [tuuunya/fuzz_dict](https://github.com/TuuuNya/fuzz_dict) 常用的一些fuzz及爆破字典，欢迎大神继续提供新的字典及分类。
- [**206**Star][4m] [Shell] [unbinilium/twist](https://github.com/unbinilium/twist) A light script for you to setup shadowsocks-libev server with high-speed connections and newest powerful features
- [**206**Star][7y] [Lua] [spiderlabs/nmap-tools](https://github.com/spiderlabs/nmap-tools) SpiderLabs shared Nmap Tools
- [**206**Star][18d] [JS] [satya164/web-worker-proxy](https://github.com/satya164/web-worker-proxy) A better way of working with web workers
- [**206**Star][11d] [random-robbie/bugbounty-scans](https://github.com/random-robbie/bugbounty-scans) aquatone results for sites with bug bountys
- [**206**Star][14d] [HTML] [openvizsla/ov_ftdi](https://github.com/openvizsla/ov_ftdi) FT2232H-based USB sniffer
- [**206**Star][12d] [Py] [mike01/pypacker](https://github.com/mike01/pypacker) packet manipulation lib for Python
- [**206**Star][12d] [JS] [mattgodbolt/jsbeeb](https://github.com/mattgodbolt/jsbeeb) Javascript BBC micro emulator
- [**206**Star][4m] [kaonashi-passwords/kaonashi](https://github.com/kaonashi-passwords/kaonashi) Wordlist, rules and masks from Kaonashi project (RootedCON 2019)
- [**206**Star][21d] [JS] [jwhitehorn/jsminer](https://github.com/jwhitehorn/jsminer) A Javascript Bitcoin miner
- [**206**Star][18d] [Py] [he1m4n6a/findwebshell](https://github.com/he1m4n6a/findwebshell) 基于python开发的webshell检测工具。
- [**206**Star][3m] [PS] [gimini/mimidbg](https://github.com/gimini/mimidbg) PowerShell oneliner to retrieve wdigest passwords from the memory
- [**206**Star][4m] [ObjC] [everettjf/yolo](https://github.com/everettjf/yolo) Scripts or demo projects on iOS development or reverse engineering
- [**206**Star][4m] [enovella/tee-reversing](https://github.com/enovella/tee-reversing) A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices
- [**206**Star][3m] [Perl] [do-know/crypt-le](https://github.com/do-know/crypt-le) Crypt::LE - Let's Encrypt client and library in Perl for obtaining free SSL certificates (inc. generating RSA/ECC keys and CSRs). HTTP/DNS verification is supported out of the box, easily extended with plugins, easily dockerized.
- [**206**Star][4m] [Logos] [creantan/lookinloader](https://github.com/creantan/lookinloader) Lookin - iOS UI Debugging Tweak LookinLoader,Compatible with iOS 8~13
- [**206**Star][3y] [Java] [cgutman/adblib](https://github.com/cgutman/adblib) A Java library implementation of the ADB network protocol
- [**206**Star][22d] [C] [cbuchner1/ccminer](https://github.com/cbuchner1/ccminer) Christian Buchner's & Christian H.'s CUDA miner project
- [**206**Star][2y] [Py] [brucetg/pentest-tools](https://github.com/brucetg/pentest-tools) 内网渗透工具
- [**206**Star][20d] [C] [bazad/blanket](https://github.com/bazad/blanket) CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.
- [**205**Star][16d] [Shell] [z0ph/aws-security-toolbox](https://github.com/z0ph/aws-security-toolbox) AWS Security Tools (AST) in a simple Docker container.
- [**205**Star][1m] [Swift] [frugghi/swiftlcs](https://github.com/frugghi/swiftlcs) Swift implementation of the longest common subsequence (LCS) algorithm.
- [**205**Star][10d] [m0nad/awesome-privilege-escalation](https://github.com/m0nad/awesome-privilege-escalation) A curated list of awesome privilege escalation
- [**205**Star][12d] [OCaml] [mirage/alcotest](https://github.com/mirage/alcotest) A lightweight and colourful test framework
- [**205**Star][12m] [Py] [qzcool/tianyancha](https://github.com/qzcool/tianyancha) pip安装的天眼查爬虫API，指定的单个/多个企业工商信息一键保存为Excel/JSON格式。A Battery-included Scraper API of Tianyancha, the best Chinese business data and investigation platform.
- [**205**Star][15d] [C] [paradoxis/php-backdoor](https://github.com/Paradoxis/PHP-Backdoor) Your interpreter isn’t safe anymore  —  The PHP module backdoor
- [**205**Star][2y] [Py] [wipi-hunter/pikarma](https://github.com/WiPi-Hunter/PiKarma)  Detects wireless network attacks performed by KARMA module
- [**205**Star][5m] [JS] [wingleung/save-page-state](https://github.com/wingleung/save-page-state) A chrome extension to save the state of a page for further analysis
- [**205**Star][3y] [C++] [zhouhan0126/wifimanager-esp32](https://github.com/zhouhan0126/wifimanager-esp32) wifimanager－esp32
- [**205**Star][18d] [uninett/mod_auth_mellon](https://github.com/uninett/mod_auth_mellon) An Apache module with a simple SAML 2.0 service provider
- [**205**Star][2y] [Java] [udark/underdark-android](https://github.com/udark/underdark-android) Bluetooth peer-to-peer mesh networking for Android
- [**205**Star][17d] [threatexpress/malleable-c2](https://github.com/threatexpress/malleable-c2) Cobalt Strike Malleable C2 Design and Reference Guide
- [**205**Star][7m] [Py] [so87/oscp-pwk](https://github.com/so87/oscp-pwk) This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
- [**205**Star][10m] [Py] [s0md3v/orbit](https://github.com/s0md3v/orbit) Blockchain Transactions Investigation Tool
- [**205**Star][12d] [C] [piconomix/piconomix-fwlib](https://github.com/piconomix/piconomix-fwlib) open source bare-metal C firmware and documentation for microcontrollers
- [**205**Star][18d] [C++] [mubix/netview](https://github.com/mubix/netview) Netview enumerates systems using WinAPI calls
- [**205**Star][2m] [Py] [mseclab/nathan](https://github.com/mseclab/nathan) Android Emulator for mobile security testing
- [**205**Star][13d] [C] [lsds/spectre-attack-sgx](https://github.com/lsds/spectre-attack-sgx) Spectre attack against SGX enclave
- [**205**Star][22d] [C] [jasonwhite/ducible](https://github.com/jasonwhite/ducible) A tool to make Windows builds reproducible.
- [**205**Star][12d] [C#] [ioncodes/dnpatch](https://github.com/ioncodes/dnpatch) .NET Patcher library using dnlib
- [**205**Star][30d] [Py] [greekn/rce-bug](https://github.com/greekn/rce-bug) 新漏洞感知项目 主要帮助大家 记录一些重大漏洞 漏洞方面的细节
- [**205**Star][1m] [evnm/research-in-production](https://github.com/evnm/research-in-production) A collection of research papers categorized by real-world systems that enact them
- [**205**Star][12d] [Shell] [duy13/vddos-protection](https://github.com/duy13/vddos-protection) Welcome to vDDoS, a HTTP(S) DDoS Protection Reverse Proxy. Thank you for using!
- [**205**Star][2m] [Py] [detuxsandbox/detux](https://github.com/detuxsandbox/detux) The Multiplatform Linux Sandbox
- [**205**Star][3y] [C] [deadbits/insecureprogramming](https://github.com/deadbits/insecureprogramming) mirror of gera's insecure programming examples |
- [**205**Star][14d] [Py] [carlashley/tccprofile](https://github.com/carlashley/tccprofile) Creates a TCC profile for new Privacy Payloads in macOS Mojave
- [**204**Star][3m] [Jupyter Notebook] [malrev/abd](https://github.com/malrev/abd) Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
- [**204**Star][12d] [Shell] [abdulr7mann/hackerenv](https://github.com/abdulr7mann/hackerenv) 
- [**204**Star][4m] [C#] [zhupingqi/ruiji.net](https://github.com/zhupingqi/ruiji.net) crawler framework, distributed crawler extractor
- [**204**Star][12d] [Go] [merklecounty/rget](https://github.com/merklecounty/rget) download URLs and verify the contents against a publicly recorded cryptographic log
- [**204**Star][7d] [Go] [ph4ntonn/stowaway](https://github.com/ph4ntonn/stowaway) 
- [**204**Star][11d] [Py] [delvelabs/batea](https://github.com/delvelabs/batea) AI-based, context-driven network device ranking
- [**204**Star][2m] [C#] [azure99/shadowsocksrcsm](https://github.com/azure99/shadowsocksrcsm) SSRC#魔改版，修复原版链接并进行人性化修改
- [**204**Star][28d] [C++] [mc-imperial/jfs](https://github.com/mc-imperial/jfs) an experimental constraint solverdesigned to investigate using coverage guided fuzzing as an incomplete strategyfor solving boolean, BitVector, and floating-point constraints.
- [**204**Star][11d] [Py] [openstack/hacking](https://github.com/openstack/hacking) OpenStack Hacking Style Checks
- [**204**Star][5m] [JS] [ret2jazzy/disasm.pro](https://github.com/ret2jazzy/disasm.pro) A realtime assembler/disassembler (formerly known as disasm.ninja)
- [**204**Star][8m] [PS] [wiredpulse/posh-r2](https://github.com/wiredpulse/posh-r2) PowerShell - Rapid Response... For the incident responder in you!
- [**204**Star][13d] [Py] [veeti/manuale](https://github.com/veeti/manuale) A fully manual Let's Encrypt/ACME client
- [**204**Star][6m] [Py] [tarcisio-marinho/gonnacry](https://github.com/tarcisio-marinho/gonnacry) A Linux Ransomware
- [**204**Star][11d] [PHP] [scr34m/php-malware-scanner](https://github.com/scr34m/php-malware-scanner) Scans PHP files for malwares and known threats
- [**204**Star][5m] [PS] [r3mrum/psdecode](https://github.com/r3mrum/psdecode) PowerShell script for deobfuscating encoded PowerShell scripts
- [**204**Star][10d] [Py] [mozillasecurity/grizzly](https://github.com/mozillasecurity/grizzly) A cross-platform browser fuzzing framework
- [**204**Star][11d] [Py] [michyamrane/okadminfinder3](https://github.com/michyamrane/okadminfinder3) [ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву
- [**204**Star][14d] [lucifer1993/cmsprint](https://github.com/lucifer1993/cmsprint) CMS和中间件指纹库
- [**204**Star][10d] [Java] [hotelsdotcom/styx](https://github.com/hotelsdotcom/styx) Programmable, asynchronous, event-based reverse proxy for JVM.
- [**204**Star][4y] [C] [dismantl/linux-injector](https://github.com/dismantl/linux-injector) Utility for injecting executable code into a running process on x86/x64 Linux
- [**204**Star][12d] [Go] [cuishark/cuishark](https://github.com/cuishark/cuishark) A protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets.
- [**204**Star][4m] [C++] [blackint3/openark](https://github.com/blackint3/openark) OpenArk is a open source anti-rookit(ARK) tool on Windows.
- [**203**Star][4m] [Py] [caoz/fast-lianjia-crawler](https://github.com/caoz/fast-lianjia-crawler) 直接通过链家 API 抓取数据的极速爬虫，宇宙最快~~
- [**203**Star][2y] [Py] [alienvault-otx/apiv2](https://github.com/AlienVault-OTX/ApiV2) quickly identify related infrastructure and malware
- [**203**Star][14d] [Py] [sheldoncoupeheure/autosqli](https://github.com/sheldoncoupeheure/AutoSQLi) An automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
- [**203**Star][1m] [JS] [eddiejibson/limitrr](https://github.com/eddiejibson/limitrr) Light NodeJS rate limiting and response delaying using Redis - including Express middleware.
- [**203**Star][4m] [whoisflynn/oscp-exam-report-template](https://github.com/whoisflynn/oscp-exam-report-template) Modified template for the OSCP Exam and Labs. Used during my passing attempt
- [**203**Star][2y] [Py] [rootlabs/smap](https://github.com/suraj-root/smap) Handy tool for shellcode analysis
- [**203**Star][29d] [JS] [sindresorhus/internal-ip](https://github.com/sindresorhus/internal-ip) Get your internal IP address
- [**203**Star][2y] [Py] [shaohua0116/group-normalization-tensorflow](https://github.com/shaohua0116/group-normalization-tensorflow) A TensorFlow implementation of Group Normalization on the task of image classification
- [**203**Star][11d] [TS] [sereneblue/chameleon](https://github.com/sereneblue/chameleon) A WebExtension port of Random Agent Spoofer
- [**203**Star][11d] [C++] [rebzzel/kiero](https://github.com/rebzzel/kiero) Universal graphical hook for a D3D9-D3D12, OpenGL and Vulcan based games.
- [**203**Star][4y] [Java] [pwntester/serialkillerbypassgadgetcollection](https://github.com/pwntester/serialkillerbypassgadgetcollection) Collection of bypass gadgets to extend and wrap ysoserial payloads
- [**203**Star][2m] [PS] [hansesecure/credgrap_ie_edge](https://github.com/hansesecure/credgrap_ie_edge) Extract stored credentials from Internet Explorer and Edge
- [**203**Star][3y] [Py] [faizann24/using-machine-learning-to-detect-malicious-urls](https://github.com/faizann24/using-machine-learning-to-detect-malicious-urls) Machine Learning and Security | Using machine learning to detect malicious URLs
- [**203**Star][4m] [Py] [f5networks/f5-common-python](https://github.com/f5networks/f5-common-python) Python SDK for configuration and monitoring of F5® BIG-IP® devices via the iControl® REST API.
- [**203**Star][19d] [Ruby] [delvelabs/vane](https://github.com/delvelabs/vane) A GPL fork of the popular wordpress vulnerability scanner WPScan
- [**203**Star][4y] [JS] [cturt/ps4-playground](https://github.com/cturt/ps4-playground) A set of PS4 experiments using the WebKit exploit
- [**203**Star][2m] [Ruby] [appfolio/gemsurance](https://github.com/appfolio/gemsurance) Gem vulnerability checker using rubysec/ruby-advisory-db
- [**202**Star][12d] [Py] [bomquote/transistor](https://github.com/bomquote/transistor) Transistor, a Python web scraping framework for intelligent use cases.
- [**202**Star][10d] [Py] [changemyusername/algorithms-sedgewick-python](https://github.com/changemyusername/algorithms-sedgewick-python) Algorithms(4th edition) by Robert Sedgewick and Kevin Wayne exercises in python
- [**202**Star][10d] [portswigger/xss-cheatsheet-data](https://github.com/portswigger/xss-cheatsheet-data) This repository contains all the XSS cheatsheet data to allow contributions from the community.
- [**202**Star][3y] [weilaihui/ss-net](https://github.com/weilaihui/ss-net) 共享shadowsocks主机
- [**202**Star][16d] [ObjC] [tihmstar/doubleh3lix](https://github.com/tihmstar/doubleh3lix) Jailbreak for iOS 10.x 64bit devices without KTRR
- [**202**Star][9d] [ObjC] [siguza/v0rtex](https://github.com/siguza/v0rtex) IOSurface exploit
- [**202**Star][18d] [C] [siguza/ios-kern-utils](https://github.com/siguza/ios-kern-utils) iOS Kernel utilities
- [**202**Star][25d] [C++] [quarkslab/binmap](https://github.com/quarkslab/binmap) system scanner
- [**202**Star][1y] [PS] [powershell/operation-validation-framework](https://github.com/powershell/operation-validation-framework) executing validation of the operation of a system
- [**202**Star][19d] [Lua] [ocsaf/freevulnsearch](https://github.com/ocsaf/freevulnsearch) Free and open NMAP NSE script to query vulnerabilities via the cve-search.org API.
- [**202**Star][5m] [ObjC] [lmsgsendnilself/hookstatistics](https://github.com/lmsgsendnilself/hookstatistics) Logging args based on AOP（Aspectoriented programming）by Method Swizzling
- [**202**Star][2y] [Py] [frizb/bypassing-web-application-firewalls](https://github.com/frizb/bypassing-web-application-firewalls) A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
- [**202**Star][2y] [Java] [ernw/androtickler](https://github.com/ernw/androtickler) Penetration testing and auditing toolkit for Android apps.
- [**202**Star][6m] [Shell] [drduh/purse](https://github.com/drduh/purse) GPG asymmetric (YubiKey) password manager
- [**202**Star][4m] [Java] [derekbabb/cybersecurity](https://github.com/derekbabb/cybersecurity) A curriculum for a high school cyber security course.
- [**202**Star][9m] [TeX] [decrypto-org/rupture](https://github.com/decrypto-org/rupture) A framework for BREACH and other compression-based crypto attacks
- [**202**Star][8m] [Py] [cisco-talos/decept](https://github.com/cisco-talos/decept) Decept Network Protocol Proxy
- [**202**Star][17d] [Py] [certcc/certfuzz](https://github.com/certcc/certfuzz) This project contains the source code for the CERT Basic Fuzzing Framework (BFF) and the CERT Failure Observation Engine (FOE).
- [**202**Star][2m] [Lua] [arunpatala/captcha.irctc](https://github.com/arunpatala/captcha.irctc) Reading irctc captchas with 98% accuracy using deep learning
- [**202**Star][8m] [04x/icg-autoexploiterbot](https://github.com/04x/icg-autoexploiterbot) Wordpress
- [**201**Star][19d] [Shell] [al0ne/nginx_log_check](https://github.com/al0ne/nginx_log_check) Nginx日志安全分析脚本
- [**201**Star][12d] [Go] [mvdan/garble](https://github.com/mvdan/garble) Obfuscate Go builds
- [**201**Star][10d] [Go] [aquasecurity/tracee](https://github.com/aquasecurity/tracee) [EXPERIMENTAL] Container tracing using eBPF
- [**201**Star][9d] [Py] [tylous/vibe](https://github.com/tylous/vibe) A framework for stealthy domain reconnaissance
- [**201**Star][16d] [Py] [hackatnow/djangohunter](https://github.com/hackatnow/djangohunter) Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.
- [**201**Star][21d] [Java] [nvisium-jack-mannino/owasp-goatdroid-project](https://github.com/nvisium-jack-mannino/OWASP-GoatDroid-Project) *This project is no longer maintained* OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, …
- [**201**Star][4m] [rutkai/pentest-bookmarks](https://github.com/rutkai/pentest-bookmarks) A collection of penetration testing related sites
- [**201**Star][20d] [C] [linklayer/cantact-fw](https://github.com/linklayer/cantact-fw) Firmware source files for the CANtact tool
- [**201**Star][11d] [Py] [wavestone-cdt/hadoop-attack-library](https://github.com/wavestone-cdt/hadoop-attack-library) A collection of pentest tools and resources targeting Hadoop environments
- [**201**Star][3y] [Assembly] [vector35/pwnadventurez](https://github.com/vector35/pwnadventurez) NES zombie survival game made to be hacked
- [**201**Star][10d] [Ruby] [tresacton/dspectrumgui](https://github.com/tresacton/dspectrumgui) The goal of this app is to make it trivial to demodulate most basic RF transmission, and provide a digital worksheet for your reverse engineering efforts.
- [**201**Star][2m] [Py] [tintinweb/pub](https://github.com/tintinweb/pub) Vulnerability Notes, PoC Exploits and Write-Ups for security issues disclosed by tintinweb
- [**201**Star][3m] [Py] [swisskyrepo/graphqlmap](https://github.com/swisskyrepo/graphqlmap) GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
- [**201**Star][9m] [Py] [shon/httpagentparser](https://github.com/shon/httpagentparser) Python HTTP Agent Parser
- [**201**Star][1m] [C] [saaramar/execve_exploit](https://github.com/saaramar/execve_exploit) Hardcore corruption of my execve() vulnerability in WSL
- [**201**Star][4m] [Py] [pure-l0g1c/loki](https://github.com/pure-l0g1c/loki) Remote Access Tool/Botnet
- [**201**Star][10d] [HTML] [proabiral/inception](https://github.com/proabiral/inception) A highly configurable Framework for easy automated web scanning
- [**201**Star][11d] [Py] [ninijay/pycurity](https://github.com/ninijay/pycurity) Python Security Scripts
- [**201**Star][21d] [Py] [nettitude/scrounger](https://github.com/nettitude/scrounger) Mobile application testing toolkit
- [**201**Star][3y] [C#] [nccgroup/wmicmd](https://github.com/nccgroup/wmicmd) A command shell wrapper using only WMI for Microsoft Windows
- [**201**Star][11d] [Py] [mxdg/passbytcp](https://github.com/mxdg/passbytcp) 内网 tcp 穿透
- [**201**Star][17d] [Py] [meejah/txtorcon](https://github.com/meejah/txtorcon) Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction.
- [**201**Star][2y] [Py] [joker25000/devploit](https://github.com/joker25000/devploit) 
- [**201**Star][2y] [C#] [jaredhaight/psattackbuildtool](https://github.com/jaredhaight/psattackbuildtool) A tool for building PS>Attack, an offensive PowerShell console that makes it easy for pentesters to use PowerShell.
- [**201**Star][3m] [Py] [climate-mirror/datasets](https://github.com/climate-mirror/datasets) For tracking data mirroring progress
- [**201**Star][3m] [Visual Basic .NET] [blackhacker511/blacknet](https://github.com/blackhacker511/blacknet) Free advanced and modern Windows botnet with a nice and secure PHP panel.
- [**201**Star][16d] [Py] [hackatnow/djangohunter](https://github.com/hackatnow/djangohunter) Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.
- [**200**Star][11d] [allsafecybersecurity/awesome-ghidra](https://github.com/allsafecybersecurity/awesome-ghidra) A curated list of awesome Ghidra materials
- [**200**Star][3m] [bighuang624/time-series-papers](https://github.com/bighuang624/time-series-papers) List of awesome papers about time series, mainly including algorithms based on machine learning
- [**200**Star][2m] [Ruby] [zed-0xff/pedump](https://github.com/zed-0xff/pedump) dump windows PE files using ruby
- [**200**Star][4m] [PHP] [ym2011/securitytechnique](https://github.com/ym2011/securitytechnique) Security technique research and some funny work on it !
- [**200**Star][4m] [Py] [unipacker/unipacker](https://github.com/unipacker/unipacker) Automatic and platform-independent unpacker for Windows binaries based on emulation
- [**200**Star][12d] [Py] [tothi/pwn-hisilicon-dvr](https://github.com/tothi/pwn-hisilicon-dvr) 
- [**200**Star][5m] [ObjC] [sunweiliang/neteasemusiccrack](https://github.com/sunweiliang/neteasemusiccrack) iOS网易云音乐 免VIP下载、去广告、去更新 无需越狱...
- [**200**Star][1m] [Ruby] [spiderlabs/malware-analysis](https://github.com/spiderlabs/malware-analysis) A repository of tools and scripts related to malware analysis
- [**200**Star][4m] [C++] [secrary/drsemu](https://github.com/secrary/drsemu) 根据动态行为检测恶意代码并进行分类
- [**200**Star][12d] [Py] [scanlime/coastermelt](https://github.com/scanlime/coastermelt) An effort to make open source firmware for burning anything other than Blu-Ray data onto plastic discs with a BD-R drive.
- [**200**Star][16d] [C++] [scanlime/arduino-lelo-remote](https://github.com/scanlime/arduino-lelo-remote) Arduino library for remote-control Lelo vibrators
- [**200**Star][3m] [C] [robertdavidgraham/telnetlogger](https://github.com/robertdavidgraham/telnetlogger) Simulates enough of a Telnet connection in order to log failed login attempts.
- [**200**Star][1m] [JS] [quarkslab/irma](https://github.com/quarkslab/irma) IRMA is an asynchronous & customizable analysis system for suspicious files.
- [**200**Star][3m] [proteas/native-lldb-for-ios](https://github.com/proteas/native-lldb-for-ios) native LLDB(v3.8) for iOS
- [**200**Star][1m] [JS] [pillarjs/csrf](https://github.com/pillarjs/csrf) Logic behind CSRF token creation and verification.
- [**200**Star][1y] [Py] [nccgroup/g-scout](https://github.com/nccgroup/g-scout) Google Cloud Platform Security Tool
- [**200**Star][13d] [HTML] [natlas/natlas](https://github.com/natlas/natlas) Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
- [**200**Star][4m] [Py] [misp/misp-galaxy](https://github.com/misp/misp-galaxy) Clusters and elements to attach to MISP events or attributes (like threat actors)
- [**200**Star][10d] [Py] [markbaggett/srum-dump](https://github.com/markbaggett/srum-dump) A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
- [**200**Star][3m] [Go] [magoo/authtables](https://github.com/magoo/authtables) AuthTables is a microservice that helps detect "Account Take Over" caused by simple credential theft. If bad actors are stealing your users passwords, AuthTables may be useful.
- [**200**Star][21d] [C] [kriswebdev/android_aircrack](https://github.com/kriswebdev/android_aircrack) Aircrack-ng command-line for Android. Binaries & source.
- [**199**Star][4m] [PHP] [jaybizzle/laravel-crawler-detect](https://github.com/jaybizzle/laravel-crawler-detect) A Laravel wrapper for CrawlerDetect - the web crawler detection library
- [**199**Star][4m] [Pascal] [mahdisafsafi/ddetours](https://github.com/mahdisafsafi/ddetours) Delphi Detours Library
- [**199**Star][5m] [Go] [songtianyi/laosj](https://github.com/songtianyi/laosj) golang light-weight image crawler
- [**199**Star][11d] [yangliang1415/awesome-risk-control](https://github.com/yangliang1415/awesome-risk-control) 风控知识总结
- [**199**Star][11d] [Py] [vector35/community-plugins](https://github.com/vector35/community-plugins) Repository for community provided Binary Ninja plugins
- [**199**Star][2y] [Py] [s1kr10s/apache-struts-v3](https://github.com/s1kr10s/apache-struts-v3) Script contiene la fusión de 3 vulnerabilidades de tipo RCE sobre ApacheStruts, además tiene la capacidad de crear shell servidor. 
- [**199**Star][3m] [PHP] [redteamsecuritytraining/plugbot-plug](https://github.com/redteamsecuritytraining/PlugBot-Plug) The "bot" component of the PlugBot project
- [**199**Star][8m] [C#] [rasta-mouse/amsiscanbufferbypass](https://github.com/rasta-mouse/amsiscanbufferbypass) Circumvent AMSI by patching AmsiScanBuffer
- [**199**Star][2m] [Ruby] [presidentbeef/inject-some-sql](https://github.com/presidentbeef/inject-some-sql) Have fun injecting SQL into a Ruby on Rails application!
- [**199**Star][12d] [Java] [patrickfav/armadillo](https://github.com/patrickfav/armadillo) A shared preference implementation for confidential data. Per default uses AES-GCM, BCrypt and HKDF as cryptographic primitives. Uses the concept of Fingerprinting combined with optional user provided passwords.
- [**199**Star][18d] [C] [odzhan/shellcode](https://github.com/odzhan/shellcode) Shellcodes for Windows/Linux/BSD running on x86, AMD64, ARM, ARM64
- [**199**Star][2y] [Java] [nocheatplus/nocheatplus](https://github.com/nocheatplus/nocheatplus) Anti cheating plugin for Minecraft (Bukkit/Spigot).
- [**199**Star][14d] [Py] [lijiejie/idea_exploit](https://github.com/lijiejie/idea_exploit) Gather sensitive information from (.idea) folder for pentesters
- [**199**Star][12d] [javierolmedo/shodan-filters](https://github.com/javierolmedo/shodan-filters) A list of shodan filters
- [**199**Star][3y] [iaik/kaiser](https://github.com/iaik/kaiser) Kernel Address Isolation to have Side-channels Efficiently Removed
- [**199**Star][29d] [Shell] [gaenserich/hostsblock](https://github.com/gaenserich/hostsblock) an ad- and malware-blocking script for Linux
- [**199**Star][4y] [Py] [f8left/decllvm](https://github.com/f8left/decllvm) IDA plugin for OLLVM analysis
- [**199**Star][2y] [PS] [cybereason/invoke-wmilm](https://github.com/cybereason/invoke-wmilm) a PoC script for various methods to acheive authenticated remote code execution via WMI
- [**199**Star][29d] [Shell] [b3rito/yodo](https://github.com/b3rito/yodo) Local Privilege Escalation
- [**199**Star][16d] [C#] [andrewlock/netescapades.aspnetcore.securityheaders](https://github.com/andrewlock/netescapades.aspnetcore.securityheaders) Small package to allow adding security headers to ASP.NET Core websites
- [**199**Star][14d] [C] [andikleen/simple-pt](https://github.com/andikleen/simple-pt) Simple Intel CPU processor tracing on Linux
- [**199**Star][10d] [Py] [alainiamburg/sniffrom](https://github.com/alainiamburg/sniffrom) A tool for passive data capture and reconnaissance of serial flash chips. It is used in conjunction with a Saleae logic analyzer to reconstruct flash memory contents and extract contextual information about device operations.
- [**198**Star][4m] [C] [pannzh/p2p-over-middleboxes-demo](https://github.com/pannzh/p2p-over-middleboxes-demo) A simple demo of P2P communication over middle boxes such as NAT
- [**198**Star][5m] [JS] [xiqingliu/videoserver](https://github.com/xiqingliu/videoserver) 以Node.js基于express以及爬虫实现的视频资源后端
- [**198**Star][10d] [PHP] [spatie/uptime-monitor-app](https://github.com/spatie/uptime-monitor-app) A PHP application to monitor uptime and ssl certificates
- [**198**Star][16d] [Py] [lc/theftfuzzer](https://github.com/lc/theftfuzzer) TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
- [**198**Star][19d] [C++] [wapiflapi/veles](https://github.com/wapiflapi/veles) Visual reverse engineering tool.
- [**198**Star][4m] [ObjC] [riusksk/secconarchive](https://github.com/riusksk/secconarchive) Security Conference Archive
- [**198**Star][11d] [C++] [mipt-ilab/mipt-mips](https://github.com/mipt-ilab/mipt-mips) Cycle-accurate pre-silicon simulator of RISC-V and MIPS CPUs
- [**198**Star][4m] [miaomiaosoft/acrylic-dns-proxy-gui](https://github.com/miaomiaosoft/acrylic-dns-proxy-gui) Acrylic DNS Proxy GUI
- [**198**Star][4y] [mechaphish/mecha-docs](https://github.com/mechaphish/mecha-docs) Documentation for the Mechanical Phish.
- [**198**Star][4m] [C++] [linushenze/keysteal](https://github.com/linushenze/keysteal) A macOS <= 10.14.3 Keychain exploit
- [**198**Star][1y] [Batchfile] [knightmare2600/shadowbrokers](https://github.com/knightmare2600/shadowbrokers) Guides, Tools, Tips and such for working with the Shadow Brokers dumps
- [**198**Star][1m] [Py] [joxeankoret/cosa-nostra](https://github.com/joxeankoret/cosa-nostra) Cosa Nostra, a FOSS graph based malware clusterization toolkit.
- [**198**Star][11d] [JS] [i18next/i18next-scanner](https://github.com/i18next/i18next-scanner) Scan your code, extract translation keys/values, and merge them into i18n resource files.
- [**198**Star][19d] [C] [domblack/php-scrypt](https://github.com/domblack/php-scrypt) A PHP wrapper fo the scrypt hashing algorithm
- [**198**Star][21d] [Clojure] [clojurewerkz/meltdown](https://github.com/clojurewerkz/meltdown) Clojure interface to Reactor, an event-driven programming and stream processing toolkit for the JVM
- [**198**Star][8m] [ObjC] [alexxy/netdiscover](https://github.com/alexxy/netdiscover) a network address discovering tool
- [**198**Star][16d] [Java] [abstractj/kalium](https://github.com/abstractj/kalium) Java binding to the Networking and Cryptography (NaCl) library with the awesomeness of libsodium
- [**198**Star][2y] [PS] [absolomb/windowsenum](https://github.com/absolomb/windowsenum) A Powershell Privilege Escalation Enumeration Script.
- [**197**Star][13d] [Py] [sachinkamath/ntlmrecon](https://github.com/sachinkamath/ntlmrecon) A tool to enumerate information from NTLM authentication enabled web endpoints
- [**197**Star][20d] [Py] [absozed/dockerpwn.py](https://github.com/absozed/dockerpwn.py) Python automation of Docker.sock abuse
- [**197**Star][14d] [SourcePawn] [splewis/csgo-multi-1v1](https://github.com/splewis/csgo-multi-1v1) CS:GO Sourcemod plugin to create multi-1v1 arena servers
- [**197**Star][1m] [Py] [liuxingming/tmall1212](https://github.com/liuxingming/tmall1212) 天猫双12爬虫，附商品数据。
- [**197**Star][12d] [Go] [gavinguan24/ahri](https://github.com/gavinguan24/ahri) Ahri is an intranet sharing tool. Like VPN
- [**197**Star][2y] [C] [sud01oo/processinjection](https://github.com/sud01oo/ProcessInjection) Some ways to inject a DLL into a alive process
- [**197**Star][5y] [Py] [offensivepython/pinject](https://github.com/OffensivePython/Pinject) Raw Packet Injection tool
- [**197**Star][4m] [Swift] [auth0/lock.swift](https://github.com/auth0/Lock.swift) A Swift & iOS framework to authenticate using Auth0 and with a Native Look & Feel
- [**197**Star][2y] [Py] [computationalprivacy/bandicoot](https://github.com/computationalprivacy/bandicoot) an open-source python toolbox to analyze mobile phone metadata
- [**197**Star][17d] [C] [theofficialflow/h-encore-2](https://github.com/theofficialflow/h-encore-2) Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.73
- [**197**Star][10d] [Py] [testerting/hacker101-ctf](https://github.com/testerting/hacker101-ctf) Hacker101 CTF Writeup
- [**197**Star][8m] [Py] [swisskyrepo/damnwebscanner](https://github.com/swisskyrepo/damnwebscanner) Another web vulnerabilities scanner, this extension works on Chrome and Opera
- [**197**Star][2m] [Py] [sqlab/symgdb](https://github.com/sqlab/symgdb) symbolic execution plugin for gdb
- [**197**Star][12d] [Py] [savio-code/ghost-phisher](https://github.com/savio-code/ghost-phisher) 带 GUI的钓鱼工具
- [**197**Star][7m] [PS] [sadprocessor/somestuff](https://github.com/sadprocessor/somestuff) Some PowerShell Stuff
- [**197**Star][5y] [C++] [rwfpl/rewolf-x86-virtualizer](https://github.com/rwfpl/rewolf-x86-virtualizer) Simple VM based x86 PE (portable exectuable) protector.
- [**197**Star][5m] [C++] [netflix/nfwebcrypto](https://github.com/netflix/nfwebcrypto) Web Cryptography API Polyfill
- [**197**Star][5m] [Py] [mpgn/cve-2019-0192](https://github.com/mpgn/cve-2019-0192) RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl
- [**197**Star][1m] [Go] [minio/concert](https://github.com/minio/concert) Concert is a console based certificate generation tool for letsencrypt.org. 
- [**197**Star][1m] [Py] [keithjjones/hostintel](https://github.com/keithjjones/hostintel) A modular Python application to collect intelligence for malicious hosts.
- [**197**Star][29d] [Visual Basic] [joesecurity/pafishmacro](https://github.com/joesecurity/pafishmacro) Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques implemented by malicious documents.
- [**197**Star][8m] [C#] [jakobbotsch/fuzzlyn](https://github.com/jakobbotsch/fuzzlyn) Fuzzer for the .NET toolchains, developed as a project for the 2018 Language-Based Security course at Aarhus University.
- [**197**Star][12d] [Assembly] [herumi/mcl](https://github.com/herumi/mcl) a portable and fast pairing-based cryptography library
- [**197**Star][13d] [Py] [hanul93/kicomav](https://github.com/hanul93/kicomav) KicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
- [**197**Star][11d] [Shell] [giovtorres/kvm-install-vm](https://github.com/giovtorres/kvm-install-vm) Bash script to build local virtual machines using KVM/libvirt and cloud-init.
- [**197**Star][2m] [gdbinit/firmware_vault](https://github.com/gdbinit/firmware_vault) A repo for all Apple EFI firmware files
- [**197**Star][3m] [Py] [fgsect/unicorefuzz](https://github.com/fgsect/unicorefuzz) Fuzzing the Kernel Using Unicornafl and AFL++
- [**197**Star][2y] [Py] [f3d0x0/gpon](https://github.com/f3d0x0/gpon) Exploit for Remote Code Execution on GPON home routers (CVE-2018-10562) written in Python. Initially disclosed by VPNMentor (
- [**197**Star][4m] [Java] [bypass007/nessus_to_report](https://github.com/bypass007/nessus_to_report) Nessus中文报告自动化脚本
- [**197**Star][11d] [Py] [bullseye0/shodan-eye](https://github.com/bullseye0/shodan-eye) Shodan Eye This tool collects all the information about all devices directly connected to the internet using the specified keywords that you enter. Author: Jolanda de Koff
- [**197**Star][11d] [Pascal] [bowlofstew/rootkit.com](https://github.com/bowlofstew/rootkit.com) Mirror of users section of rootkit.com
- [**197**Star][14d] [C] [altramayor/gatekeeper](https://github.com/altramayor/gatekeeper) First open-source DDoS protection system
- [**196**Star][22d] [Py] [talhashraf/major-scrapy-spiders](https://github.com/talhashraf/major-scrapy-spiders) Scrapy spiders of major websites. Google Play Store, Facebook, Instagram, Ebay, YTS Movies, Amazon
- [**196**Star][29d] [D] [libmir/mir](https://github.com/libmir/mir) Mir (backports): Sparse tensors, Hoffman
- [**196**Star][11d] [Py] [aqua-dream/tieba_spider](https://github.com/aqua-dream/tieba_spider) 百度贴吧爬虫(基于scrapy和mysql)
- [**196**Star][11d] [Java] [imperva/automatic-api-attack-tool](https://github.com/imperva/automatic-api-attack-tool) Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
- [**196**Star][12d] [C] [px4/flow](https://github.com/px4/flow) Firmware for PX4FLOW board
- [**196**Star][4m] [JS] [noahziheng/ssr-helper](https://github.com/noahziheng/ssr-helper) A CLI helper of ShadowsocksR Python
- [**196**Star][4m] [Verilog] [zephray/verilogboy](https://github.com/zephray/verilogboy) A Pi emulating a GameBoy sounds cheap. What about an FPGA?
- [**196**Star][7m] [Py] [yingcong/facelet_bank](https://github.com/yingcong/facelet_bank) Facelet-Bank for Fast Portrait Manipulation (pytorch)
- [**196**Star][4y] [Py] [xyntax/dirbrute](https://github.com/xyntax/dirbrute) 多线程WEB目录爆破工具 [Multi-thread WEB directory blasting tool(with dics inside) ]
- [**196**Star][2y] [C++] [unapibageek/cbm](https://github.com/unapibageek/cbm) Car Backdoor Maker
- [**196**Star][11m] [C] [therealsaumil/static-arm-bins](https://github.com/therealsaumil/static-arm-bins) 静态编译的arm二进制文件, 用于调试和运行时分析
- [**196**Star][14d] [Smali] [sslab-gatech/avpass](https://github.com/sslab-gatech/avpass) Tool for leaking and bypassing Android malware detection system
- [**196**Star][13d] [proteas/unstripped-ios-kernels](https://github.com/proteas/unstripped-ios-kernels) Unstripped iOS Kernels
- [**196**Star][6y] [C#] [nccgroup/upnp-pentest-toolkit](https://github.com/nccgroup/upnp-pentest-toolkit) UPnP Pentest Toolkit for Windows
- [**196**Star][20d] [Py] [leeyiw/cgdb-manual-in-chinese](https://github.com/leeyiw/cgdb-manual-in-chinese) 《CGDB中文手册》
- [**196**Star][11d] [C#] [hunniccyber/sharpsniper](https://github.com/hunniccyber/sharpsniper) Find specific users in active directory via their username and logon IP address
- [**196**Star][7m] [C++] [googleprojectzero/street-party](https://github.com/googleprojectzero/street-party) Street Party is a suite of tools that allows the RTP streams of video conferencing implementations to be viewed and modified.
- [**196**Star][28d] [Shell] [edoverflow/contact.sh](https://github.com/edoverflow/contact.sh) An OSINT tool to find contacts in order to report security vulnerabilities.
- [**196**Star][4m] [PS] [dviros/credsleaker](https://github.com/dviros/credsleaker) Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
- [**196**Star][1m] [Py] [duo-labs/idapython](https://github.com/duo-labs/idapython)  a few Python modules developed for use with IDA Pro from the researchers at Duo Labs.
    - [cortex_m_firmware](https://github.com/duo-labs/idapython/blob/master/cortex_m_firmware.py) grooms an IDA Pro database containing firmware from an ARM Cortex M microcontroller.
    - [amnesia](https://github.com/duo-labs/idapython/blob/master/amnesia.py)  an IDAPython module designed to use byte level heuristics to find ARM thumb instructions in undefined bytes in an IDA Pro database
    - [REobjc](https://github.com/duo-labs/idapython/blob/master/reobjc.py)  an IDAPython module designed to make proper cross references between calling functions and called functions in Objective-C methods
- [**196**Star][6y] [C] [datasoft/honeyd](https://github.com/datasoft/honeyd) virtual honeypots
- [**196**Star][1y] [JS] [comotion/vsf](https://github.com/comotion/vsf) Varnish Security Firewall
- [**196**Star][4y] [C#] [codeshark-dev/nofuserex](https://github.com/codeshark-dev/nofuserex) Free deobfuscator for ConfuserEx.
- [**196**Star][4m] [Py] [claudiugeorgiu/obfuscapk](https://github.com/claudiugeorgiu/obfuscapk) A black-box obfuscation tool for Android apps
- [**196**Star][1y] [C++] [cararasu/holodec](https://github.com/cararasu/holodec) Decompiler for x86 and x86-64 ELF binaries
- [**196**Star][4m] [OCaml] [bitblaze-fuzzball/fuzzball](https://github.com/bitblaze-fuzzball/fuzzball) Vine-based Binary Symbolic Execution
- [**196**Star][30d] [Py] [antonin-deniau/cave_miner](https://github.com/antonin-deniau/cave_miner) Search for code cave in all binaries
- [**195**Star][2m] [Nginx] [awslabs/ecs-nginx-reverse-proxy](https://github.com/awslabs/ecs-nginx-reverse-proxy) Reference architecture for deploying Nginx on ECS, both as a basic static resource server, and as a reverse proxy in front of a dynamic application server.
- [**195**Star][11d] [JS] [fcavallarin/domdig](https://github.com/fcavallarin/domdig) DOM XSS scanner for Single Page Applications
- [**195**Star][2y] [wooyundota/droiddrops](https://github.com/wooyundota/droiddrops) 梳理下自己之前写过的文章
- [**195**Star][3y] [Go] [woj-ciech/osint](https://github.com/woj-ciech/osint) 
- [**195**Star][1m] [Py] [welchbj/bscan](https://github.com/welchbj/bscan) an asynchronous target enumeration tool
- [**195**Star][4m] [Py] [webfp/tor-browser-selenium](https://github.com/webfp/tor-browser-selenium) Tor Browser automation with Selenium.
- [**195**Star][4m] [Shell] [steamdatabase/gametracking](https://github.com/steamdatabase/gametracking) Dumping things, so you don't have to
- [**195**Star][12d] [Py] [sherjilozair/dqn](https://github.com/sherjilozair/dqn) Basic DQN implementation
- [**195**Star][7m] [C#] [samueltulach/virustotaluploader](https://github.com/samueltulach/virustotaluploader) C# Open-Source Winforms application for uploading files to VirusTotal
- [**195**Star][3m] [Py] [rastating/shiva](https://github.com/rastating/shiva) An Ansible playbook to provision a host for penetration testing and CTF challenges
- [**195**Star][5m] [Java] [panhongwei/androidmethodhook](https://github.com/panhongwei/androidmethodhook) android art hook like Sophix
- [**195**Star][2m] [JS] [or3stis/apparatus](https://github.com/or3stis/apparatus) A graphical security analysis tool for IoT networks
- [**195**Star][2y] [Py] [mr-un1k0d3r/unibyav](https://github.com/mr-un1k0d3r/unibyav)  a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.
- [**195**Star][12m] [Py] [metachar/mercury](https://github.com/metachar/mercury) Mercury is a hacking tool used to collect information and use the information to further hurt the target
- [**195**Star][8d] [JS] [knownsec/wam](https://github.com/knownsec/wam) Web App Monitor
- [**195**Star][8m] [Shell] [jagerzhang/cckiller](https://github.com/jagerzhang/cckiller) Linux轻量级CC攻击防御工具脚本
- [**195**Star][13d] [C++] [jacob-baines/elfparser](https://github.com/jacob-baines/elfparser) Cross Platform ELF analysis
- [**195**Star][5y] [JS] [isecpartners/introspy-analyzer](https://github.com/isecpartners/introspy-analyzer) a set of iOS and Android tools designed to help understand what an iOS or Android application is doing at runtime and assist in the identification of potential security issues.
- [**195**Star][4m] [C#] [fullmetalcache/powerline](https://github.com/fullmetalcache/powerline) 
- [**195**Star][3y] [Py] [francisck/danderspritz_docs](https://github.com/francisck/danderspritz_docs) The goal of this project is to examine, reverse, and document the different modules available in the Equation Group's DanderSpritz post-exploitation framework leaked by the ShadowBrokers
- [**195**Star][2y] [Py] [foospidy/dbdat](https://github.com/foospidy/dbdat) performs numerous checks on a database to evaluate security.
- [**195**Star][1y] [Py] [fastly/ftw](https://github.com/fastly/ftw) Framework for Testing WAFs (FTW!)
- [**195**Star][13d] [Py] [critical-start/pastebin_scraper](https://github.com/critical-start/pastebin_scraper) monitor pastebin for interesting information
- [**195**Star][12d] [Java] [comsecuris/gdbghidra](https://github.com/comsecuris/gdbghidra)  a visual bridge between a GDB session and GHIDRA
- [**194**Star][3m] [Java] [perye/dokit](https://github.com/perye/dokit) 基于 Spring Boot2、 Jpa、 Spring Security、JWT、redis、Vue的前后端分离的后台管理系统开发平台， 用户管理、菜单管理、角色管理、字典管理、权限控制的方式为RBAC，操作日志、异常日志、接口限流、项目支持数据权限管理，支持一键生成前后端代码（支持在线预览及打包下载），支持前端菜单动态路由 可一键部署服务器应用，数据库。系统中活跃用户状态监控，监视当前系统CPU、内存、磁盘、堆栈等相关信息,基于Element UI在线表单设计及生成Vue代码。
- [**194**Star][10d] [PHP] [openibc/ohsce](https://github.com/openibc/ohsce) PHP HI-REL SOCKET TCP/UDP/ICMP/Serial .高可靠性PHP通信&控制框架SOCKET-TCP/UDP/ICMP/硬件Serial-RS232/RS422/RS485 AND MORE!
- [**194**Star][4m] [Kotlin] [iammert/applocker](https://github.com/iammert/applocker) 
- [**194**Star][10d] [C#] [wombatfromhell/originsteamoverlaylauncher](https://github.com/wombatfromhell/originsteamoverlaylauncher) An executable wrapper for Steam to make third-party launchers more convenient to use with a Steam Controller
- [**194**Star][1m] [Py] [isecpartners/libtech-auditing-cheatsheet](https://github.com/isecpartners/libtech-auditing-cheatsheet) 
- [**194**Star][10d] [CSS] [kali-docs-cn/kali-linux-cookbook-zh](https://github.com/kali-docs-cn/kali-linux-cookbook-zh) 
- [**194**Star][4m] [Lua] [automayt/ics-pcap](https://github.com/automayt/ics-pcap) A collection of ICS/SCADA PCAPs
- [**194**Star][10d] [TeX] [hackl/tikz-network](https://github.com/hackl/tikz-network) A tool to visualize complex networks in LaTeX
- [**194**Star][2y] [Rust] [genet-app/genet](https://github.com/genet-app/genet) 网络分析工具, 界面版, 跨平台
- [**194**Star][17d] [Py] [spamscope/spamscope](https://github.com/spamscope/spamscope) Fast Advanced Spam Analysis Tool
- [**194**Star][10m] [Ruby] [sfeley/candy](https://github.com/sfeley/candy) Transparent persistence for MongoDB
- [**194**Star][18d] [Go] [rverton/webanalyze](https://github.com/rverton/webanalyze) Port of Wappalyzer (uncovers technologies used on websites) in Go to automate scanning.
- [**194**Star][17d] [Vala] [ricotz/plank](https://github.com/ricotz/plank) the simplest dock on the planet
- [**194**Star][2y] [PS] [peewpw/invoke-bsod](https://github.com/peewpw/invoke-bsod) For when you want a computer to be done - without admin!
- [**194**Star][4m] [onesecure/shadowagentnotes](https://github.com/onesecure/shadowagentnotes) 
- [**194**Star][3y] [JS] [mhils/honeyproxy](https://github.com/mhils/honeyproxy) This project is now part of
- [**194**Star][10d] [C] [libressl-portable/openbsd](https://github.com/libressl-portable/openbsd) Source code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to tech@openbsd.org, instead of submitting pull requests, since this tree is often rebased.
- [**194**Star][2y] [C++] [killvxk/disablewin10patchguardpoc](https://github.com/killvxk/disablewin10patchguardpoc) pseudo-code to show how to disable patchguard with win10
- [**194**Star][10d] [C++] [justasmasiulis/nt_wrapper](https://github.com/justasmasiulis/nt_wrapper) A wrapper library around native windows sytem APIs
- [**194**Star][12d] [C] [jakeajames/jelbreklib](https://github.com/jakeajames/jelbreklib) Give me tfp0, I give you jelbrek
- [**194**Star][16d] [Java] [gantman/jail-monkey](https://github.com/gantman/jail-monkey) A React Native library for identifying if a phone is rooted or mocking locations
- [**194**Star][20d] [gajos112/oscp](https://github.com/gajos112/oscp) Materials for OSCP exam
- [**194**Star][5y] [ActionScript] [cure53/flashbang](https://github.com/cure53/flashbang) Project "Flashbang" - An open-source Flash-security helper
- [**194**Star][18d] [Py] [bash-c/pwn_repo](https://github.com/bash-c/pwn_repo) To store some CTF_pwn_bins and exploits for self-practice
- [**194**Star][27d] [Py] [anantshri/svn-extractor](https://github.com/anantshri/svn-extractor) simple script to extract all web resources by means of .SVN folder exposed over network.
- [**194**Star][11d] [Groovy] [alvarosanchez/grails-spring-security-rest](https://github.com/alvarosanchez/grails-spring-security-rest) Grails plugin to implement token-based, RESTful authentication using Spring Security
- [**194**Star][20d] [TS] [acro5piano/graphql-rest-proxy](https://github.com/acro5piano/graphql-rest-proxy) Turn your REST API into GraphQL - A Proxy Server that pipes request from GraphQL to REST with GraphQL DSL, performant nested children, mutations, input types, and more.
- [**194**Star][13d] [Py] [acceis/leakscraper](https://github.com/acceis/leakscraper) LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
- [**193**Star][13d] [C++] [cloudfuzz/android-kernel-exploitation](https://github.com/cloudfuzz/android-kernel-exploitation) Android Kernel Exploitation
- [**193**Star][11d] [Go] [darkr4y/geacon](https://github.com/darkr4y/geacon) Practice Go programming and implement CobaltStrike's Beacon in Go
- [**193**Star][13d] [Rust] [changlan/kytan](https://github.com/changlan/kytan) kytan: High Performance Peer-to-Peer VPN in Rust
- [**193**Star][4m] [Shell] [ant-thomas/zsgx1hacks](https://github.com/ant-thomas/zsgx1hacks) Hacks for ZS-GX1 IP Camera and various Goke GK7102 based IP Cameras
- [**193**Star][10d] [Go] [wumansgy/goencrypt](https://github.com/wumansgy/goencrypt) go语言封装的各种对称加密和非对称加密，可以直接使用，包括3重DES，AES的CBC和CTR模式，还有RSA非对称加密,ECC椭圆曲线的加密和数字签名
- [**193**Star][9d] [C++] [t-vk/esp32-ble-keyboard](https://github.com/t-vk/esp32-ble-keyboard) Bluetooth LE Keyboard library for the ESP32 (Arduino IDE compatible)
- [**193**Star][9d] [C#] [justcoding121/windows-user-action-hook](https://github.com/justcoding121/windows-user-action-hook) A .NET library to subscribe for Windows operating system global user actions such mouse, keyboard, clipboard & print events
- [**193**Star][10d] [Scala] [shiftleftsecurity/joern](https://github.com/shiftleftsecurity/joern) Open-source code analysis platform for C/C++ based on code property graphs
- [**193**Star][4y] [Go] [vesche/lonely-shell](https://github.com/vesche/lonely-shell) poc https reverse shell
- [**193**Star][12d] [HTML] [trishmapow/rf-jam-replay](https://github.com/trishmapow/rf-jam-replay) Jam and replay attack on vehicle keyless entry systems.
- [**193**Star][1m] [Py] [tenrec-builders/pi-scan](https://github.com/tenrec-builders/pi-scan) Pi Scan is a simple, robust capture appliance for book scanners. It runs on a Raspberry Pi 2.
- [**193**Star][3m] [Lua] [steamdatabase/gametracking-csgo](https://github.com/steamdatabase/gametracking-csgo) 
- [**193**Star][6y] [Py] [smeegesec/hashtag](https://github.com/smeegesec/hashtag) Password Hash Identification
- [**193**Star][4m] [Shell] [securityriskadvisors/vectr](https://github.com/securityriskadvisors/vectr) VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
- [**193**Star][4m] [PS] [phink-team/cobaltstrike-ms17-010](https://github.com/phink-team/cobaltstrike-ms17-010) cobaltstrike ms17-010 module and some other
- [**193**Star][29d] [PS] [phillips321/adaudit](https://github.com/phillips321/adaudit) 自动域名审计
- [**193**Star][5y] [Py] [paulsec/hqlmap](https://github.com/paulsec/hqlmap) (Deprecated) HQLmap, Automatic tool to exploit HQL injections
- [**193**Star][4m] [Py] [naategh/pyck](https://github.com/naategh/pyck) A collection of useful Python hacking scripts for beginners
- [**193**Star][4m] [Py] [milo2012/cve-2018-13379](https://github.com/milo2012/cve-2018-13379) CVE-2018-13379
- [**193**Star][12d] [Java] [mcdcorp/opentest](https://github.com/mcdcorp/opentest) Open source test automation tool for web applications, mobile apps and APIs
- [**193**Star][30d] [Py] [kokjo/universalrop](https://github.com/kokjo/universalrop) Small tool for generating ropchains using unicorn and z3
- [**193**Star][7m] [Py] [jymcheong/autottp](https://github.com/jymcheong/autottp) Automated Tactics Techniques & Procedures
- [**193**Star][1m] [HTML] [jeffxue/web-log-parser](https://github.com/jeffxue/web-log-parser) An open source analysis web log tool
- [**193**Star][11d] [C] [fullmetal5/bluebomb](https://github.com/fullmetal5/bluebomb) A Bluetooth exploit for the Nintendo Wii.
- [**193**Star][19d] [fdiskyou/threat-intel](https://github.com/fdiskyou/threat-intel) Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).
- [**193**Star][4y] [HTML] [faber03/androidmalwareevaluatingtools](https://github.com/faber03/androidmalwareevaluatingtools) Evaluation tools for malware Android
- [**193**Star][1y] [Py] [d4vinci/pastejacker](https://github.com/d4vinci/pastejacker) Hacking systems with the automation of PasteJacking attacks.
- [**193**Star][16d] [Py] [codewatchorg/sqlipy](https://github.com/codewatchorg/sqlipy) a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
- [**193**Star][10d] [Py] [cert-polska/mquery](https://github.com/cert-polska/mquery) YARA malware query accelerator (web frontend)
- [**193**Star][7y] [Py] [andrewf/pcap2har](https://github.com/andrewf/pcap2har) A convertor from .pcap network capture files to HTTP Archive files.
- [**193**Star][14d] [Py] [abdulgaphy/r3con1z3r](https://github.com/abdulgaphy/r3con1z3r) R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence (OSINT) web-based footprinting can be conducted quickly and thoroughly.
- [**192**Star][13d] [JS] [gahabeen/jsonframe-cheerio](https://github.com/gahabeen/jsonframe-cheerio) simple multi-level scraper json input/output for Cheerio
- [**192**Star][10d] [Go] [cad/ovpm](https://github.com/cad/ovpm) OpenVPN Management Server - Effortless and free OpenVPN server administration
- [**192**Star][11d] [blacckhathaceekr/osint_tips](https://github.com/blacckhathaceekr/osint_tips) This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of TIPS reach 1000 TIPS .Learn Ethical Hacking and penetration testing.and of course OSINT
- [**192**Star][11d] [Py] [hasecuritysolutions/logstash](https://github.com/hasecuritysolutions/logstash) Contains Logstash related content including tons of Logstash configurations
- [**192**Star][2y] [Java] [p3gleg/pwnback](https://github.com/P3GLEG/PwnBack) Burp Extender plugin that generates a sitemap of a website using Wayback Machine
- [**192**Star][15d] [Py] [ex0dus-0x/doxbox](https://github.com/ex0dus-0x/doxbox) web-based OSINT and reconaissance toolkit
- [**192**Star][10d] [C] [ciyze/windows-rootkits](https://github.com/ciyze/Windows-Rootkits) Windows-Rootkits
- [**192**Star][4m] [Py] [zerokeeper/webeye](https://github.com/zerokeeper/webeye) 快速简单地识别WEB服务器类型、CMS类型、WAF类型、WHOIS信息、以及语言框架的小脚本 
- [**192**Star][1m] [C++] [zecure/shadowd](https://github.com/zecure/shadowd) The Shadow Daemon web application firewall server
- [**192**Star][18d] [yellowbyte/analysis-of-anti-analysis](https://github.com/yellowbyte/analysis-of-anti-analysis) writings on anti-reverse engineering
- [**192**Star][3y] [Shell] [wismna/hackpi](https://github.com/wismna/hackpi) Hacking tool inside a Raspberry Pi zero
- [**192**Star][13d] [Py] [valdikss/aceproxy](https://github.com/valdikss/aceproxy) Ace Stream HTTP Proxy. ABANDONED! NO SUPPORT WHATSOEVER!
- [**192**Star][12d] [Py] [staticafi/symbiotic](https://github.com/staticafi/symbiotic) Symbiotic is a tool for finding bugs in computer programs based on instrumentation, program slicing and KLEE
- [**192**Star][2y] [PHP] [smarttang/w3a_soc](https://github.com/smarttang/w3a_soc) Web日志审计与网络监控集合一身的平台
- [**192**Star][7m] [Py] [scwuaptx/ctf](https://github.com/scwuaptx/ctf) Some CTF write up
- [**192**Star][1m] [Py] [scrapy/queuelib](https://github.com/scrapy/queuelib) Collection of persistent (disk-based) queues
- [**192**Star][2y] [PS] [samratashok/admodule](https://github.com/samratashok/admodule) Microsoft signed ActiveDirectory PowerShell module
- [**192**Star][1y] [Py] [s0md3v/bolt](https://github.com/s0md3v/bolt) CSRF Scanner
- [**192**Star][12d] [C] [reswitched/libtransistor](https://github.com/reswitched/libtransistor) Open source toolchain for Switch development
- [**192**Star][2y] [Perl] [moham3driahi/xbruteforcer](https://github.com/moham3driahi/xbruteforcer) X Brute Forcer Tool
- [**192**Star][4m] [lengjibo/att-ck-cn](https://github.com/lengjibo/att-ck-cn) 将https://attack.mitre.org/ 上的方法进行了实现
- [**192**Star][25d] [C] [laanwj/etna_viv](https://github.com/laanwj/etna_viv) Etnaviv is a project to build a FOSS driver for the Vivante GCxxx series of embedded GPUs - laanwj's personal fork - upstream is
- [**192**Star][16d] [Py] [jduck/cve-2015-1538-1](https://github.com/jduck/cve-2015-1538-1) An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution
- [**192**Star][1m] [C#] [goldshtn/minidumper](https://github.com/goldshtn/minidumper) Write minidumps of .NET processes with full memory, only CLR heaps, or no memory at all
- [**192**Star][2m] [Py] [fnk0c/cangibrina](https://github.com/fnk0c/cangibrina) A fast and powerfull dashboard (admin) finder
- [**192**Star][6m] [Py] [fireeye/pwnauth](https://github.com/fireeye/pwnauth) A web application framework for launching and managing OAuth abuse campaigns.
- [**192**Star][4m] [feeicn/securityinterviewquestions](https://github.com/feeicn/securityinterviewquestions) 网络信息安全从业者面试指南（持续补充各公司招聘题目和侧重点）
- [**192**Star][2m] [C] [fate0/xmark](https://github.com/fate0/xmark) A PHP7 extension that can hook most functions/classes and parts of opcodes
- [**192**Star][21d] [Go] [eahydra/socks](https://github.com/eahydra/socks) socks -- a proxy server.
- [**192**Star][11d] [Py] [droope/pwlist](https://github.com/droope/pwlist) Password lists obtained from strangers attempting to log in to my server.
- [**192**Star][13d] [Py] [danmcinerney/dnsspoof](https://github.com/danmcinerney/dnsspoof) DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
- [**192**Star][15d] [Py] [ctxis/wsuspect-proxy](https://github.com/ctxis/wsuspect-proxy) WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections
- [**192**Star][19d] [Py] [csababarta/ntdsxtract](https://github.com/csababarta/ntdsxtract) Active Directory forensic framework
- [**192**Star][3y] [C++] [caledoniaproject/xlcloudclient](https://github.com/caledoniaproject/xlcloudclient) 迅雷离线Linux客户端，多种漏洞利用 ；-P 大家慢慢挖掘吧 哈哈 觉得好就点下 Star / Fork 吧
- [**192**Star][12m] [Py] [3xp10it/xcdn](https://github.com/3xp10it/xcdn) Try to find out the real ip behind cdn
- [**191**Star][10d] [Go] [hahwul/dalfox](https://github.com/hahwul/dalfox) 
- [**191**Star][10d] [C] [binji/binjgb](https://github.com/binji/binjgb) Gameboy emulator implemented in C
- [**191**Star][8d] [Rust] [manuels/wireguard-p2p](https://github.com/manuels/wireguard-p2p) A tool for setting up WireGuard connections from peer to peer.
- [**191**Star][3m] [Java] [tim232385/webvideobot](https://github.com/tim232385/webvideobot) Web crawler.
- [**191**Star][20d] [offensive-security/nethunter-devices](https://github.com/offensive-security/nethunter-devices) NetHunter Devices
- [**191**Star][13d] [Batchfile] [pr0cf5/kernel-exploit-practice](https://github.com/pr0cf5/kernel-exploit-practice) repository for kernel exploit practice
- [**191**Star][11d] [Py] [travisfoley/dfirtriage](https://github.com/travisfoley/dfirtriage) Digital forensic acquisition tool for Windows based incident response.
- [**191**Star][28d] [PS] [fsecurelabs/azurite](https://github.com/FSecureLABS/Azurite) Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
- [**191**Star][13d] [winmin/awesome-vm-exploit](https://github.com/winmin/awesome-vm-exploit) share some useful archives about vm and qemu escape exploit.
- [**191**Star][4m] [Py] [tuhinshubhra/extanalysis](https://github.com/tuhinshubhra/extanalysis) Browser Extension Analysis Framework - Scan, Analyse Chrome and firefox extensions for vulnerabilities and intels
- [**191**Star][1m] [Py] [trailofbits/binjascripts](https://github.com/trailofbits/binjascripts) Scripts for Binary Ninja
- [**191**Star][19d] [Java] [sensepost/mallet](https://github.com/sensepost/mallet) Mallet is an intercepting proxy for arbitrary protocols
- [**191**Star][11d] [Py] [riramar/hsecscan](https://github.com/riramar/hsecscan) A security scanner for HTTP response headers.
- [**191**Star][12d] [C] [pavsa/hackrf-spectrum-analyzer](https://github.com/pavsa/hackrf-spectrum-analyzer) Spectrum Analyzer GUI for hackrf_sweep for Windows/Linux
- [**191**Star][3y] [C] [nongiach/cve](https://github.com/nongiach/cve) 
- [**191**Star][4m] [Py] [milo2012/metasploithelper](https://github.com/milo2012/metasploithelper) metasploitHelper
- [**191**Star][2m] [Ruby] [miketierney/artii](https://github.com/miketierney/artii) A small gem to generate ASCII art from text fed in to it
- [**191**Star][2m] [Java] [mesosphere/cassandra-mesos-deprecated](https://github.com/mesosphere/cassandra-mesos-deprecated) [DEPRECATED] This project is deprecated. It will be archived on December 1, 2017.
- [**191**Star][11d] [Go] [lukasikic/subzy](https://github.com/lukasikic/subzy) Subdomain takeover vulnerability checker
- [**191**Star][12d] [Arduino] [knoy/icloudhacker](https://github.com/knoy/icloudhacker) Arduino code to brute force Macbook's 4-digit iCloud PINs
- [**191**Star][17d] [JS] [keen/keen-tracking.js](https://github.com/keen/keen-tracking.js) A light, fast and flexible javascript tracking library
- [**191**Star][16d] [Java] [jsontest/jsontest](https://github.com/jsontest/jsontest) JSON Testing Service - JSONTest.com
- [**191**Star][11d] [C] [jeija/esp8266-smartwatch](https://github.com/jeija/esp8266-smartwatch) ESP8266 DIY WiFi Smartwatch with MPU-9250, RTC, OLED, FT232, ...
- [**191**Star][12d] [Java] [jchambers/java-otp](https://github.com/jchambers/java-otp) A one-time password (HOTP/TOTP) library for Java
- [**191**Star][3m] [Go] [gravitational/cve-2018-1002105](https://github.com/gravitational/cve-2018-1002105) Test utility for cve-2018-1002105
- [**191**Star][3m] [Swift] [codesourse/iinjection](https://github.com/codesourse/iinjection)  an app for OS X that can inject dylib and (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
- [**190**Star][29d] [Py] [taoget/livetv_mining](https://github.com/taoget/livetv_mining) 直播网站数据采集
- [**190**Star][10d] [Py] [scriptsmith/reaper](https://github.com/scriptsmith/reaper) Social media scraping / data collection tool for the Facebook, Twitter, Reddit, YouTube, Pinterest, and Tumblr APIs
- [**190**Star][14d] [Dockerfile] [acris/docker-shadowsocks-libev](https://github.com/acris/docker-shadowsocks-libev) Build a docker image for shadowsocks-libev with v2ray-plugin, based on Alpine Linux.
- [**190**Star][4m] [Py] [apoorvavinod/real_time_object_detection_and_tracking](https://github.com/apoorvavinod/real_time_object_detection_and_tracking) YOLOv2 and MobileNet_SSD detection algorithms used along with KCF object tracker
- [**190**Star][10d] [C++] [hzphreak/vminjector](https://github.com/hzphreak/VMInjector) DLL Injection tool to unlock guest VMs
- [**190**Star][10d] [Rust] [nebgnahz/cv-rs](https://github.com/nebgnahz/cv-rs) Rust wrapper for OpenCV (manual at this point)
- [**190**Star][1m] [C++] [facebookarchive/udppinger](https://github.com/facebookarchive/udppinger) UdpPinger is a high performance packet generation and reflection library.
- [**190**Star][7m] [Rust] [ajmwagar/stego](https://github.com/ajmwagar/stego) 🦕 stego is a steganographic swiss army knife.
- [**190**Star][3y] [Py] [xyntax/filesensor](https://github.com/xyntax/filesensor) Dynamic file detection tool based on crawler 
- [**190**Star][11d] [Py] [threatexpress/cs2modrewrite](https://github.com/threatexpress/cs2modrewrite) Convert Cobalt Strike profiles to modrewrite scripts
- [**190**Star][10d] [Py] [rpp0/scapy-fakeap](https://github.com/rpp0/scapy-fakeap) Fake wireless Access Point (AP) implementation using Python and Scapy, intended for convenient testing of 802.11 protocols and implementations.
- [**190**Star][2y] [Java] [rebeyond/memshell](https://github.com/rebeyond/memshell) a webshell resides in the memory of java web server
- [**190**Star][7y] [mynameismeerkat/pyretic](https://github.com/mynameismeerkat/pyretic) pyREtic is an extensible framework for in-memory Python bytecode reverse engineering
- [**190**Star][15d] [Py] [maldevel/canisrufus](https://github.com/maldevel/canisrufus) A stealthy Python based Windows backdoor that uses Github as a command and control server
- [**190**Star][2m] [Ruby] [m4rco-/dorothy2](https://github.com/m4rco-/dorothy2) A malware/botnet analysis framework written in Ruby.
- [**190**Star][11d] [ASP] [lowleveldesign/debug-recipes](https://github.com/lowleveldesign/debug-recipes) My notes collected while debugging various .NET and Windows problems.
- [**190**Star][12d] [HTML] [liveoverflow/lo_nintendoswitch](https://github.com/liveoverflow/lo_nintendoswitch) Some of my PoC stuff for the Nintendo Switch
- [**190**Star][3y] [Py] [hatbashbr/shodanhat](https://github.com/hatbashbr/shodanhat) search for hosts info with shodan
- [**190**Star][12d] [JS] [friedrith/node-wifi](https://github.com/friedrith/node-wifi) 
- [**190**Star][11d] [Java] [fengyouchao/sockslib](https://github.com/fengyouchao/sockslib) A Java library of SOCKS5 protocol including client and server
- [**190**Star][4m] [Ruby] [erwanlr/fingerprinter](https://github.com/erwanlr/fingerprinter) CMS/LMS/Library etc Versions Fingerprinter
- [**190**Star][3y] [Py] [drizzlerisk/tunpacker](https://github.com/drizzlerisk/tunpacker) TUnpacker是一款Android脱壳工具
- [**190**Star][4m] [C#] [djkaty/il2cppinspector](https://github.com/djkaty/il2cppinspector) The easy way to extract types and metadata from Unity IL2CPP binaries
- [**190**Star][1y] [Haskell] [cifasis/quickfuzz](https://github.com/cifasis/quickfuzz) An experimental grammar fuzzer in Haskell using QuickCheck
- [**190**Star][10d] [cbailes/awesome-deep-trading](https://github.com/cbailes/awesome-deep-trading) List of awesome resources for machine learning-based algorithmic trading
- [**190**Star][2y] [C] [bindecy/hugedirtycowpoc](https://github.com/bindecy/hugedirtycowpoc) A POC for the Huge Dirty Cow vulnerability (CVE-2017-1000405)
- [**190**Star][4m] [C++] [aslody/elfhook](https://github.com/aslody/elfhook) modify PLT to hook api, supported android 5\6.
- [**190**Star][22d] [JS] [asfktz/devtools-playground](https://github.com/asfktz/devtools-playground) Standalone Devtools for prototyping & debugging
- [**190**Star][3y] [Py] [andy10101/apkdetecter](https://github.com/andy10101/apkdetecter) Android Apk查壳工具及源代码
- [**190**Star][4m] [JS] [0vercl0k/cve-2019-9810](https://github.com/0vercl0k/cve-2019-9810) Exploit for CVE-2019-9810 Firefox on Windows 64-bit.
- [**189**Star][16d] [JS] [yatsenkolesh/instagram-nodejs](https://github.com/yatsenkolesh/instagram-nodejs) Simple library for auth, get followers, search by hashtags and locations, like posts, follow, get user feed of instagram with nodejs
- [**189**Star][11d] [C] [zhaozg/lua-openssl](https://github.com/zhaozg/lua-openssl) Openssl binding for Lua
- [**189**Star][8d] [PS] [dtw-danward/powershell-beautifier](https://github.com/dtw-danward/powershell-beautifier) A whitespace reformatter and code cleaner for Windows PowerShell and PowerShell Core
- [**189**Star][18d] [Py] [kong36088/zhihuspider](https://github.com/kong36088/zhihuspider) 多线程知乎用户爬虫，基于python3
- [**189**Star][28d] [Kotlin] [borisf/classyshark-bytecode-viewer](https://github.com/borisf/classyshark-bytecode-viewer) Browse your Java/Kotlin compiled code
- [**189**Star][2m] [shadowsocks/papers](https://github.com/shadowsocks/papers) List of papers related to shadowsocks
- [**189**Star][3m] [C] [tunz/afl-fuzz-js](https://github.com/tunz/afl-fuzz-js) afl-fuzz for javascript
- [**189**Star][18d] [Py] [daeken/httprebind](https://github.com/daeken/httprebind) Automatic tool for DNS rebinding-based SSRF attacks
- [**189**Star][3m] [zekesnider/nintendoswitchrestapi](https://github.com/zekesnider/nintendoswitchrestapi) Reverse engineered REST API used in the Nintendo Switch app for iOS. Includes documentation on Splatoon 2's API.
- [**189**Star][15d] [Py] [yelp/py_zipkin](https://github.com/yelp/py_zipkin) Provides utilities to facilitate the usage of Zipkin in Python
- [**189**Star][10d] [Py] [x64dbg/x64dbgida](https://github.com/x64dbg/x64dbgida) Official x64dbg plugin for IDA Pro.
- [**189**Star][11d] [Py] [x4nth055/pythoncode-tutorials](https://github.com/x4nth055/pythoncode-tutorials) The Python Code Tutorials
- [**189**Star][5y] [JS] [wzyy2/pibox](https://github.com/wzyy2/pibox) PiBox is a web control Interface written to control Embedded Board(Raspberry Pi).
- [**189**Star][4m] [C#] [wohlstand/destroy-windows-10-spying](https://github.com/wohlstand/destroy-windows-10-spying) Destroy Windows Spying tool
- [**189**Star][2y] [Py] [thesecondsun/shellab](https://github.com/thesecondsun/shellab) Linux and Windows shellcode enrichment utility
- [**189**Star][2m] [Java] [spring-io/nohttp](https://github.com/spring-io/nohttp) A project for ensuring that https is used
- [**189**Star][8m] [slowmist/papers](https://github.com/slowmist/papers) SlowMist Vulnerability Research Advisories
- [**189**Star][11d] [Shell] [rocky/zshdb](https://github.com/rocky/zshdb) gdb-like "trepan" debugger for zsh
- [**189**Star][1m] [Java] [ripe-ncc/hadoop-pcap](https://github.com/ripe-ncc/hadoop-pcap) Hadoop library to read packet capture (PCAP) files
- [**189**Star][1y] [Py] [r4stl1n/ssh-brute-forcer](https://github.com/r4stl1n/ssh-brute-forcer) A Simple Multi-Threaded SSH Brute Forcer
- [**189**Star][2y] [Py] [paulsec/api-dnsdumpster.com](https://github.com/paulsec/api-dnsdumpster.com) (Unofficial) Python API for
- [**189**Star][10d] [Py] [noraj/flask-session-cookie-manager](https://github.com/noraj/flask-session-cookie-manager) 
- [**189**Star][3m] [Py] [nladuo/taobao_bra_crawler](https://github.com/nladuo/taobao_bra_crawler) a taobao web crawler just for fun.
- [**189**Star][6y] [C++] [nihilus/scyllahide](https://github.com/nihilus/scyllahide) an x64/x86 usermode Anti-Anti-Debug library
- [**189**Star][4m] [C#] [marx-yu/wopihost](https://github.com/marx-yu/wopihost) Office Online Server Wopi Host implement, No need Cobalt. Support DOCX, XLSX, PPTX online editing.
- [**189**Star][3m] [krmaxwell/coding-entertainment](https://github.com/krmaxwell/coding-entertainment) Puzzles, challenges, games, CTFs, and other entertainment via coding
- [**189**Star][22d] [Py] [joxeankoret/idamagicstrings](https://github.com/joxeankoret/idamagicstrings) An IDA Python script to extract information from string constants.
- [**189**Star][8y] [C++] [hzphreak/vminjector](https://github.com/hzphreak/vminjector) DLL Injection tool to unlock guest VMs
- [**189**Star][25d] [Go] [floyernick/fleep-go](https://github.com/floyernick/fleep-go) 根据文件的"magic number"判定文件的格式, Go语言编写
- [**189**Star][1m] [PS] [decoder-it/psgetsystem](https://github.com/decoder-it/psgetsystem) getsystem via parent process using ps1 & embeded c#
- [**189**Star][11d] [chbrian/awesome-adversarial-examples-dl](https://github.com/chbrian/awesome-adversarial-examples-dl) A curated list of awesome resources for adversarial examples in deep learning
- [**189**Star][3m] [borisf/classyshark-user-guide](https://github.com/borisf/classyshark-user-guide) Everything you want to know how to use ClassyShark
- [**189**Star][2m] [PHP] [automattic/camptix](https://github.com/automattic/camptix) an easy to use and flexible event ticketing plugin created
- [**189**Star][10d] [PS] [antoniococo/conptyshell](https://github.com/antoniococo/conptyshell) ConPtyShell - Fully Interactive Reverse Shell for Windows
- [**189**Star][12d] [C] [acama/xrop](https://github.com/acama/xrop) Tool to generate ROP gadgets for ARM, AARCH64, x86, MIPS, PPC, RISCV, SH4 and SPARC
- [**189**Star][1m] [Py] [4w4k3/repy2exe](https://github.com/4w4k3/repy2exe) A Reverse Engineering Tool for py2exe applications.
- [**188**Star][4m] [HTML] [microsoft/whatthehack](https://github.com/microsoft/whatthehack) A collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates.
- [**188**Star][4m] [PHP] [bonny/wordpress-simple-history](https://github.com/bonny/wordpress-simple-history) WordPress audit log that track user changes in WordPress admin using a nice activity feed.
- [**188**Star][16d] [Scala] [saurfang/spark-knn](https://github.com/saurfang/spark-knn) k-Nearest Neighbors algorithm on Spark
- [**188**Star][13d] [HTML] [rehansaeed/.net-big-o-algorithm-complexity-cheat-sheet](https://github.com/rehansaeed/.net-big-o-algorithm-complexity-cheat-sheet) Big-O complexities of common algorithms used in .NET and Computer Science.
- [**188**Star][1m] [Py] [f-secure/mittn](https://github.com/f-secure/mittn) Security test tool runner for test automation in CI
- [**188**Star][1m] [Lua] [zhaojh329/wifidog-ng](https://github.com/zhaojh329/wifidog-ng) Next generation WifiDog implemented in Lua.
- [**188**Star][4m] [Py] [angr/pyvex](https://github.com/angr/pyvex) Python bindings for Valgrind's VEX IR.
- [**188**Star][4m] [JS] [zjonsson/node-unzipper](https://github.com/zjonsson/node-unzipper) node.js cross-platform unzip using streams
- [**188**Star][1m] [Java] [yubico/ykneo-openpgp](https://github.com/yubico/ykneo-openpgp) OpenPGP applet for the YubiKey NEO
- [**188**Star][6m] [Py] [thekingofduck/filemonitor](https://github.com/thekingofduck/filemonitor) 文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
- [**188**Star][1m] [Py] [syworks/wireless-ids](https://github.com/syworks/wireless-ids) Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets.
- [**188**Star][5m] [Py] [solusipse/spectrology](https://github.com/solusipse/spectrology) Images to audio files with corresponding spectrograms encoder.
- [**188**Star][3y] [PS] [sekirkity/browsergather](https://github.com/sekirkity/browsergather) Fileless web browser information extraction
- [**188**Star][4m] [sapphirex00/threat-hunting](https://github.com/sapphirex00/threat-hunting) Personal compilation of APT malware from whitepaper releases, documents and own research
- [**188**Star][10m] [JS] [s0md3v/quark](https://github.com/s0md3v/quark) Quark is a data visualization framework.
- [**188**Star][3y] [C#] [ryhanson/externalc2](https://github.com/ryhanson/externalc2) A library for integrating communication channels with the Cobalt Strike External C2 server
- [**188**Star][28d] [C++] [rumpkernel/rumprun-packages](https://github.com/rumpkernel/rumprun-packages) Ready-made packages of software for running on the Rumprun unikernel
- [**188**Star][1m] [rapid7/sonar](https://github.com/rapid7/sonar) Project Sonar
- [**188**Star][5m] [osvt/pkuremote](https://github.com/osvt/pkuremote) A port rewritting utility to modify the source or destination port for packets on Windows.
- [**188**Star][16d] [open-network-insight/open-network-insight](https://github.com/open-network-insight/open-network-insight) leveraging insights from flow and packet analysis
- [**188**Star][13d] [Go] [nats-io/nats-top](https://github.com/nats-io/nats-top) A top-like tool for monitoring NATS servers.
- [**188**Star][10d] [JS] [mozilla/fxa](https://github.com/mozilla/fxa) Monorepo for Firefox Accounts
- [**188**Star][1m] [Py] [misterch0c/firminator_backend](https://github.com/misterch0c/firminator_backend) The first open source vulnerability scanner for firmwares
- [**188**Star][2y] [Perl] [microsoft/pqcrypto-vpn](https://github.com/microsoft/pqcrypto-vpn) Post-quantum Cryptography VPN
- [**188**Star][2y] [Py] [malwarereversebrasil/malwaresearch](https://github.com/malwarereversebrasil/malwaresearch) A command line tool to find malwares on http://openmalware.org
- [**188**Star][14d] [Tcl] [imunes/imunes](https://github.com/imunes/imunes) Integrated Multiprotocol Network Emulator/Simulator
- [**188**Star][12d] [Shell] [halpomeranz/lmg](https://github.com/halpomeranz/lmg) Script for automating Linux memory capture and analysis
- [**188**Star][11d] [JS] [eggjs/egg-security](https://github.com/eggjs/egg-security) Security plugin for egg, force performance too.
- [**188**Star][4m] [Py] [delvelabs/tachyon](https://github.com/delvelabs/tachyon) Fast http dead file finder.
- [**188**Star][26d] [PHP] [danwin/hosting](https://github.com/danwin/hosting) This is a setup for a TOR based shared hosting server
- [**188**Star][4y] [Py] [crown-prince/python_poc](https://github.com/crown-prince/python_poc) 一款python编写的Web安全检测PoC&&EXP框架
- [**188**Star][15d] [Py] [cldrn/macphish](https://github.com/cldrn/macphish) Office for Mac Macro Payload Generator
- [**188**Star][1m] [C#] [chmorgan/packetnet](https://github.com/chmorgan/packetnet) Official repository - High performance .Net assembly for dissecting and constructing network packets such as ethernet, ip, tcp, udp etc.
- [**188**Star][3m] [Py] [breenmachine/dnsftp](https://github.com/breenmachine/dnsftp) Client/Server scripts to transfer files over DNS. Client scripts are small and only use native tools on the host OS.
- [**188**Star][3y] [CSS] [bhdresh/socialengineeringpayloads](https://github.com/bhdresh/socialengineeringpayloads) This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
- [**188**Star][20d] [JS] [authcov/authcov](https://github.com/authcov/authcov) Web app authorization coverage scanning
- [**188**Star][9d] [PS] [ankh2054/windows-pentest](https://github.com/ankh2054/windows-pentest) Windows Pentest Scripts
- [**188**Star][2y] [PS] [3gstudent/list-rdp-connections-history](https://github.com/3gstudent/list-rdp-connections-history) Use powershell to list the RDP Connections History of logged-in users or all users
- [**188**Star][21d] [Shell] [0xmachos/mosl](https://github.com/0xmachos/mosl) Bash script to audit and fix macOS Catalina (10.15.x) security settings
- [**188**Star][4y] [Py] [0vercl0k/z3-playground](https://github.com/0vercl0k/z3-playground) A repository to store Z3-python scripts you can use as examples, reminders, whatever.
- [**187**Star][25d] [TS] [f111fei/article_spider](https://github.com/f111fei/article_spider) 微信公众号爬虫
- [**187**Star][12d] [Batchfile] [nguyentumine/aio-boot](https://github.com/nguyentumine/aio-boot) AIO Boot is an All-in-One bootable software for USB and HDD. Is one of the best Multiboot USB Creator for Windows.
- [**187**Star][11d] [stonedreamforest/mirage](https://github.com/stonedreamforest/mirage) kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
- [**187**Star][11d] [Py] [vysecurity/linkedint](https://github.com/vysecurity/linkedint) LinkedIn Recon Tool
- [**187**Star][11d] [PS] [dsccommunity/activedirectorydsc](https://github.com/dsccommunity/ActiveDirectoryDsc) contains DSC resources for deployment and configuration of Active Directory.
- [**187**Star][13d] [C] [noracodes/crackmes](https://github.com/NoraCodes/crackmes) Some CrackMe codes for Linux x86/x86_64
- [**187**Star][2y] [PHP] [yaofeifly/vub_env](https://github.com/yaofeifly/vub_env) 跟踪真实漏洞相关靶场环境搭建
- [**187**Star][10d] [Py] [tijme/angularjs-csti-scanner](https://github.com/tijme/angularjs-csti-scanner) Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
- [**187**Star][1m] [Py] [spiderlabs/ikeforce](https://github.com/spiderlabs/ikeforce)  a command line IPSEC VPN brute forcing tool for Linux that allows group name/ID enumeration and XAUTH brute forcing capabilities.
- [**187**Star][2y] [C++] [sidechannelmarvels/tracer](https://github.com/sidechannelmarvels/tracer) Set of Dynamic Binary Instrumentation and visualization tools for execution traces.
- [**187**Star][21d] [C] [saelo/cve-2014-0038](https://github.com/saelo/cve-2014-0038) Linux local root exploit for CVE-2014-0038
- [**187**Star][4y] [pwnsdx/badcode](https://github.com/pwnsdx/badcode) (Discontinued) BadCode is a signature database for static source code scanner that identify bad security practices.
- [**187**Star][3y] [C] [phoenixos/kernel](https://github.com/phoenixos/kernel) PhoenixOS Kernel Open Source Code
- [**187**Star][1y] [C] [owasp/igoat-swift](https://github.com/owasp/igoat-swift) OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
- [**187**Star][4m] [PS] [olafhartong/attackdatamap](https://github.com/olafhartong/attackdatamap) A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
- [**187**Star][5y] [Java] [netspi/weblogicpassworddecryptor](https://github.com/netspi/weblogicpassworddecryptor) PowerShell script and Java code to decrypt WebLogic passwords
- [**187**Star][1m] [Shell] [nccgroup/cisco-snmp-enumeration](https://github.com/nccgroup/cisco-snmp-enumeration) Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking
- [**187**Star][12d] [C] [lttng/lttng-tools](https://github.com/lttng/lttng-tools) The lttng-tools project provides a session daemon (lttng-sessiond) that acts as a tracing registry, the "lttng" command line for tracing control, a lttng-ctl library for tracing control and a lttng-relayd for network streaming.
- [**187**Star][19d] [Py] [ivandokov/phockup](https://github.com/ivandokov/phockup) Media sorting tool to organize photos and videos from your camera in folders by year, month and day.
- [**187**Star][4m] [C++] [hoangprod/andrewspecial](https://github.com/hoangprod/andrewspecial) AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
- [**187**Star][25d] [PHP] [divineomega/password_exposed](https://github.com/divineomega/password_exposed) 
- [**187**Star][22d] [C++] [darkwallet/darkleaks](https://github.com/darkwallet/darkleaks) Decentralised Information Black Market
- [**187**Star][4y] [PHP] [chuckfw/owaspbwa](https://github.com/chuckfw/owaspbwa) OWASP Broken Web Applications Project
- [**187**Star][29d] [Ruby] [brav0hax/smbexec](https://github.com/brav0hax/smbexec)  A rapid psexec style attack with samba tools 
- [**187**Star][14d] [Shell] [brannondorsey/sniff-probes](https://github.com/brannondorsey/sniff-probes) Plug-and-play bash script for sniffing 802.11 probes requests
- [**187**Star][4y] [C] [bastilleresearch/nrf-research-firmware](https://github.com/bastilleresearch/nrf-research-firmware) Firmware and research tools for Nordic Semiconductor nRF24LU1+ based USB dongles and breakout boards.
- [**187**Star][3y] [ObjC] [alonemonkey/macreverse](https://github.com/alonemonkey/macreverse) MacReverse Tools and Demo
- [**187**Star][4m] [C++] [aderusha/mqttcarpresence](https://github.com/aderusha/mqttcarpresence) WiFi device to announce the presence of a car for garage door automation
- [**186**Star][5m] [JS] [chauffer/steamsummerminigame](https://github.com/chauffer/steamsummerminigame) 
- [**186**Star][27d] [C++] [samyk/combobreaker](https://github.com/samyk/combobreaker) Motorized, portable, 3D printed, Arduino-based combination lock cracker
- [**186**Star][10d] [C++] [spacehuhn/packetmonitor32](https://github.com/spacehuhn/packetmonitor32) ESP32 Packet Monitor + SD card!
- [**186**Star][4m] [C++] [chrisps/hexext](https://github.com/chrisps/Hexext) a plugin to improve the output of the hexrays decompiler through microcode manipulation.
- [**186**Star][2y] [PS] [xtr4nge/fruityc2](https://github.com/xtr4nge/fruityc2) FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines. Agents are managed from a web interface under the control of an operator.
- [**186**Star][5y] [Py] [xen0ph0n/virustotal_api_tool](https://github.com/xen0ph0n/virustotal_api_tool) A Tool To Leverage Virus Total's Private API Key
- [**186**Star][2y] [Py] [woj-ciech/daily-dose-of-malware](https://github.com/woj-ciech/daily-dose-of-malware) Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cybercrime tracker and c2 for Pony.
- [**186**Star][4m] [C] [wizardmac/readstat](https://github.com/wizardmac/readstat) Command-line tool (+ C library) for converting SAS, Stata, and SPSS files
- [**186**Star][2y] [Shell] [tokyoneon/armor](https://github.com/tokyoneon/armor) Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.
- [**186**Star][7m] [Go] [staaldraad/xxeserv](https://github.com/staaldraad/xxeserv) A mini webserver with FTP support for XXE payloads
- [**186**Star][8m] [JS] [sindresorhus/is-reachable](https://github.com/sindresorhus/is-reachable) Check if servers are reachable
- [**186**Star][1m] [Go] [pipehub/pipehub](https://github.com/pipehub/pipehub) A programmable proxy server
- [**186**Star][3y] [Go] [petercunha/goat](https://github.com/petercunha/goat) a trojan created in Go, using Twitter as a the C&C server
- [**186**Star][4m] [Py] [odboy/shadowproxy](https://github.com/odboy/shadowproxy) 
- [**186**Star][7m] [ObjC] [nakiostudio/twitterx](https://github.com/nakiostudio/twitterx) Keeping Twitter for macOS alive with code injection
- [**186**Star][1y] [Py] [metachar/hatch](https://github.com/metachar/hatch) Hatch is a brute force tool that is used to brute force most websites
- [**186**Star][13d] [Py] [lmco/dart](https://github.com/lmco/dart) DART is a test documentation tool created by the Lockheed Martin Red Team to document and report on penetration tests, especially in isolated network environments.
- [**186**Star][1y] [C#] [krzys-h/undertalemodtool](https://github.com/krzys-h/undertalemodtool) The most complete tool for modding, decompiling and unpacking Undertale (and other Game Maker: Studio games!)
- [**186**Star][13d] [Py] [jasonish/py-idstools](https://github.com/jasonish/py-idstools) idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
- [**186**Star][11d] [Java] [j256/two-factor-auth](https://github.com/j256/two-factor-auth) Two Factor Authentication Java code implementing the Time-based One-time Password Algorithm
- [**186**Star][1y] [Py] [hexhive/t-fuzz](https://github.com/hexhive/t-fuzz) a fuzzing tool based on program transformation, and a tool that verifies whether crashes found transformed programs are true bugs in the original program or not (coming soon).
- [**186**Star][2y] [Shell] [ha71/whatcms](https://github.com/ha71/whatcms) CMS Detection and Exploit Kit based on Whatcms.org API
- [**186**Star][1y] [PS] [felixweyne/processspawncontrol](https://github.com/felixweyne/processspawncontrol) a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launched processes, and gives the analyst the option to either keep the process suspended, or to resume it.
- [**186**Star][9d] [HTML] [decal/werdlists](https://github.com/decal/werdlists) 
- [**186**Star][4m] [HTML] [cryptogenic/ps4-6.20-webkit-code-execution-exploit](https://github.com/cryptogenic/ps4-6.20-webkit-code-execution-exploit) A WebKit exploit using CVE-2018-4441 to obtain RCE on PS4 6.20.
- [**186**Star][17d] [Py] [bazad/ida_kernelcache](https://github.com/bazad/ida_kernelcache) An IDA Toolkit for analyzing iOS kernelcaches
- [**186**Star][21d] [TSQL] [baidu-security/app-env-docker](https://github.com/baidu-security/app-env-docker) 基于 Docker 的真实应用测试环境
- [**186**Star][15d] [Py] [antichown/subdomain-takeover](https://github.com/antichown/subdomain-takeover) Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
- [**185**Star][24d] [C++] [rcx/classinformer-ida7](https://github.com/rcx/classinformer-ida7) ClassInformer backported for IDA Pro 7.0
- [**185**Star][3m] [Perl] [haroonawanofficial/reconcobra](https://github.com/haroonawanofficial/reconcobra) Complete Automated pentest framework for Information Gathering
- [**185**Star][11d] [Go] [defenxor/dsiem](https://github.com/defenxor/dsiem) Security event correlation engine for ELK stack
- [**185**Star][10d] [Go] [fnzv/net-shield](https://github.com/fnzv/net-Shield) An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices - Beta
- [**185**Star][12d] [Py] [zeropwn/spyse.py](https://github.com/zeropwn/spyse.py) Python API wrapper and command-line client for the tools hosted on spyse.com.
- [**185**Star][23d] [HTML] [zaproxy/zap-core-help](https://github.com/zaproxy/zap-core-help) The help files for the OWASP ZAP core
- [**185**Star][14d] [Py] [virtuesecurity/aws-extender](https://github.com/virtuesecurity/aws-extender) a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
- [**185**Star][2m] [Py] [tr3jer/dnsautorebinding](https://github.com/tr3jer/dnsautorebinding) ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
- [**185**Star][9m] [C++] [strivexjun/aheadlib-x86-x64](https://github.com/strivexjun/aheadlib-x86-x64) hijack dll Source Code Generator. support x86/x64
- [**185**Star][1m] [CoffeeScript] [shadowsocks/shadowsocks-dotcloud](https://github.com/shadowsocks/shadowsocks-dotcloud) a port of shadowsocks via websockets protocol, able to tunnel through HTTP proxy
- [**185**Star][18d] [Py] [rsmusllp/termineter](https://github.com/rsmusllp/termineter) Smart Meter Security Testing Framework
- [**185**Star][5y] [Py] [secforce/snmp-brute](https://github.com/secforce/snmp-brute) Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.
- [**185**Star][11d] [Shell] [recolic/awesome-hust](https://github.com/recolic/awesome-hust) HUST experiments, reports, and useful tools.
- [**185**Star][11m] [C#] [nettitude/sharpsocks](https://github.com/nettitude/sharpsocks) Tunnellable HTTP/HTTPS socks4a proxy written in C# and deployable via PowerShell
- [**185**Star][6m] [Py] [meliht/mr.sip](https://github.com/meliht/mr.sip) SIP-Based Audit and Attack Tool
- [**185**Star][2y] [Py] [joxeankoret/cve-2017-7494](https://github.com/joxeankoret/cve-2017-7494) Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
- [**185**Star][19d] [C++] [jonatan1024/clrinject](https://github.com/jonatan1024/clrinject) 将 C＃EXE 或 DLL 程序集注入任意CLR 运行时或者其他进程的 AppDomain
- [**185**Star][4y] [Shell] [jivoi/openssh-backdoor-kit](https://github.com/jivoi/openssh-backdoor-kit) 
- [**185**Star][25d] [Py] [hasherezade/ida_ifl](https://github.com/hasherezade/ida_ifl) IFL - Interactive Functions List (plugin for IDA Pro)
- [**185**Star][24d] [C++] [rcx/classinformer-ida7](https://github.com/rcx/classinformer-ida7) ClassInformer backported for IDA Pro 7.0
- [**185**Star][21d] [C] [david942j/kvm-kernel-example](https://github.com/david942j/kvm-kernel-example) Examples for: Learning KVM - implement your own kernel
- [**185**Star][3y] [PS] [cobbr/obfuscatedempire](https://github.com/cobbr/obfuscatedempire) ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.
- [**185**Star][3y] [Py] [cldrn/rainmap-lite](https://github.com/cldrn/rainmap-lite) Web界面,从浏览器中启动Nmap扫描. 界面是响应式, 可在手机/平板/PC浏览器中使用
- [**185**Star][13d] [Py] [citizenlab/test-lists](https://github.com/citizenlab/test-lists) URL testing lists intended for discovering website censorship
- [**185**Star][11d] [ObjC] [chichou/sploits](https://github.com/chichou/sploits) CVE-2018-4310 
- [**185**Star][11d] [JS] [bkimminich/juice-shop-ctf](https://github.com/bkimminich/juice-shop-ctf) Juice Shop CTF 环境配置工具
- [**185**Star][1y] [Java] [anbai-inc/javaweb-codereview](https://github.com/anbai-inc/javaweb-codereview) 演示java代码审计的示例程序
- [**185**Star][2m] [5loyd/xsocks](https://github.com/5loyd/xsocks) This project closed.
- [**184**Star][14d] [C++] [ray-cp/browser_pwn](https://github.com/ray-cp/browser_pwn) browser pwn, main work now
- [**184**Star][3m] [PS] [davidprowe/badblood](https://github.com/davidprowe/badblood) BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each t…
- [**184**Star][14d] [Py] [getsenic/gatt-python](https://github.com/getsenic/gatt-python) Bluetooth GATT SDK for Python
- [**184**Star][1m] [Go] [alash3al/lightify](https://github.com/alash3al/lightify) a reverse proxy that boosts the web app performance!
- [**184**Star][5m] [JS] [openwisp/netjsongraph.js](https://github.com/openwisp/netjsongraph.js) NetJSON NetworkGraph visualizer based on d3.js
- [**184**Star][2m] [C++] [westerndigitalcorporation/swerv-iss](https://github.com/westerndigitalcorporation/swerv-iss) Western Digital’s Open Source RISC-V SweRV Instruction Set Simulator
- [**184**Star][8m] [Py] [stixproject/python-stix](https://github.com/stixproject/python-stix) A Python library for parsing, manipulating, and generating STIX content.
- [**184**Star][2y] [spacehuhn/arduinoarpspoof](https://github.com/spacehuhn/arduinoarpspoof) Kicks out everyone in your LAN via with an enc28j60 ethernet controller and Arduino.
- [**184**Star][15d] [PHP] [robocoder/rips-scanner](https://github.com/robocoder/rips-scanner) RIPS - A static source code analyser for vulnerabilities in PHP scripts
- [**184**Star][5y] [rmusser01/cheatsheets](https://github.com/rmusser01/cheatsheets) Penetration Testing/Security Cheatsheets
- [**184**Star][3y] [Py] [redteamsecurity/autonessus](https://github.com/redteamsecurity/autonessus) This script communicates with the Nessus API in an attempt to help with automating scans. Depending on the flag issued with the script, you can list all scans, list all policies, start, stop, pause, and resume a scan.
- [**184**Star][4y] [CSS] [r00tkillah/horsepill](https://github.com/r00tkillah/horsepill) a PoC of a ramdisk based containerizing root kit
- [**184**Star][15d] [offensive-security/cryptsetup-nuke-keys](https://github.com/offensive-security/cryptsetup-nuke-keys) A patch for cryptsetup which adds the option to nuke all keyslots given a certain passphrase.
- [**184**Star][12d] [JS] [nospaceships/node-net-ping](https://github.com/nospaceships/node-net-ping) Ping and trace route to many hosts at once.
- [**184**Star][17d] [Java] [joychou93/webshell](https://github.com/joychou93/webshell) 入侵分析时发现的Webshell后门
- [**184**Star][11m] [C++] [jackullrich/shellcodestdio](https://github.com/jackullrich/shellcodestdio) An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
- [**184**Star][3m] [C] [gdbinit/onyx-the-black-cat](https://github.com/gdbinit/onyx-the-black-cat) Kernel extension to disable anti-debug tricks and other useful XNU "features"
- [**184**Star][3y] [Ruby] [fuzzapi/api-fuzzer](https://github.com/fuzzapi/api-fuzzer) API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
- [**184**Star][7m] [C++] [fuwaneko/node-protobuf](https://github.com/fuwaneko/node-protobuf) Google Protocol Buffers wrapper for Node.js [UNMAINTAINED]
- [**184**Star][2y] [Dockerfile] [cboin/re_lab](https://github.com/cboin/re_lab) 包含一些逆向工具的Docker容器
- [**184**Star][26d] [Py] [bishopfox/rickmote](https://github.com/bishopfox/rickmote) The Rickmote Controller: Hijack TVs using Google Chromecast
- [**184**Star][3m] [C#] [bhdresh/lazykatz](https://github.com/bhdresh/lazykatz) Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.
- [**184**Star][18d] [JS] [bencoder/js13k-2019](https://github.com/bencoder/js13k-2019) xx142-b2.exe. An entry for js13kgames 2019
- [**184**Star][1y] [Py] [andreafioraldi/idangr](https://github.com/andreafioraldi/idangr) Use angr in the IDA Pro debugger generating a state from the current debug session
- [**183**Star][5m] [C] [sailay1996/uac_bypass_windows_store](https://github.com/sailay1996/uac_bypass_windows_store) Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)
- [**183**Star][12d] [TS] [httptoolkit/httptoolkit-desktop](https://github.com/httptoolkit/httptoolkit-desktop) Electron wrapper to build and distribute HTTP Toolkit for the desktop
- [**183**Star][17d] [HTML] [myvyang/chromium_for_spider](https://github.com/myvyang/chromium_for_spider) dynamic crawler for web vulnerability scanner
- [**183**Star][4m] [Py] [dmrfcoder/algorithmanddatastructure](https://github.com/dmrfcoder/algorithmanddatastructure) 互联网行业研发岗面试必备算法题配图解析及代码
- [**183**Star][11d] [Groovy] [jeremylong/dependency-check-gradle](https://github.com/jeremylong/dependency-check-gradle) The dependency-check gradle plugin allows projects to monitor dependent libraries for known, published vulnerabilities.
- [**183**Star][4m] [microsvuln/awesome-afl](https://github.com/microsvuln/awesome-afl) A curated list of different AFL forks and AFL inspired fuzzers with detailed equivalent academic papers with AFL-fuzzing tutorials
- [**183**Star][13d] [Py] [cve-search/git-vuln-finder](https://github.com/cve-search/git-vuln-finder) Finding potential software vulnerabilities from git commit messages
- [**183**Star][2y] [Py] [0x09al/wordsteal](https://github.com/0x09AL/WordSteal) This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.
- [**183**Star][2m] [Py] [videns/vulners-scanner](https://github.com/videns/vulners-scanner) Vulnerability scanner based on vulners.com audit API
- [**183**Star][10d] [C++] [thiagoralves/openplc_v3](https://github.com/thiagoralves/openplc_v3) OpenPLC Runtime version 3
- [**183**Star][15d] [Go] [sysdiglabs/kube-psp-advisor](https://github.com/sysdiglabs/kube-psp-advisor) Help building an adaptive and fine-grained pod security policy
- [**183**Star][11d] [JS] [sentinel-official/sentinel](https://github.com/sentinel-official/sentinel) Sentinel is an interoperable secure network layer offering the Sentinel Service Chain exclusively for distributed & decentralized native services like - dVPN, Sentrix (dChat and dVoIP) and more.
- [**183**Star][3m] [Rust] [rabbitstack/rabbitc](https://github.com/rabbitstack/rabbitc) Micro container runtime
- [**183**Star][3y] [Py] [plazmaz/lnkup](https://github.com/plazmaz/lnkup) Generates malicious LNK file payloads for data exfiltration
- [**183**Star][25d] [Py] [paloaltonetworks/ansible-pan](https://github.com/paloaltonetworks/ansible-pan) Ansible modules for Palo Alto Networks NGFWs
- [**183**Star][15d] [Py] [mschwager/gitem](https://github.com/mschwager/gitem) A Github organization reconnaissance tool.
- [**183**Star][1m] [Py] [ma3str0/kimsufi-crawler](https://github.com/ma3str0/kimsufi-crawler) Crawler that will send you an email alert as soon as servers on OVH/Kimsufi become available for purchase
- [**183**Star][17d] [C] [0xkira/qemu-vm-escape](https://github.com/0xKira/qemu-vm-escape)  an exploit for CVE-2019-6778
- [**183**Star][19d] [kayrus/kubelet-exploit](https://github.com/kayrus/kubelet-exploit) 
- [**183**Star][2y] [Py] [johnlatwc/pypowershellxray](https://github.com/johnlatwc/pypowershellxray) Python script to decode common encoded PowerShell scripts
- [**183**Star][4m] [ObjC] [iosre/hippocamphairsalon](https://github.com/iosre/hippocamphairsalon) A simple universal memory editor (game trainer) on OSX/iOS
- [**183**Star][15d] [JS] [infusion/node-dhcp](https://github.com/infusion/node-dhcp) A DHCP server and client written in pure JavaScript
- [**183**Star][1m] [Ruby] [espreto/wpsploit](https://github.com/espreto/wpsploit) Exploiting Wordpress With Metasploit
- [**183**Star][18d] [C] [droe/xnumon](https://github.com/droe/xnumon) monitor macOS for malicious activity
- [**183**Star][9m] [C#] [dionach/ntdsaudit](https://github.com/dionach/ntdsaudit) An Active Directory audit utility
- [**183**Star][4m] [Pascal] [chiggins/malware_sources](https://github.com/chiggins/malware_sources)  I found all of these samples on MalwareTech through Twitter somewhere
- [**183**Star][24d] [C++] [bayshorenetworks/yextend](https://github.com/bayshorenetworks/yextend) Yara integrated software to handle archive file data.
- [**183**Star][15d] [Shell] [0x90/wps-scripts](https://github.com/0x90/wps-scripts) WPS hacking scripts
- [**183**Star][4m] [Py] [0x27/ciscorv320dump](https://github.com/0x27/ciscorv320dump) CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!
- [**182**Star][11d] [Py] [guardicore/vmware_vcenter_cve_2020_3952](https://github.com/guardicore/vmware_vcenter_cve_2020_3952) Exploit for CVE-2020-3952 in vCenter 6.7
- [**182**Star][2m] [JS] [anyisalin/zhihu_fun](https://github.com/anyisalin/zhihu_fun) 基于 Selenium 的知乎关键词爬虫
- [**182**Star][1m] [Py] [offlinemark/poet](https://github.com/offlinemark/poet) Post-exploitation tool
- [**182**Star][10d] [C#] [infosecn1nja/sharpdoor](https://github.com/infosecn1nja/sharpdoor) SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.
- [**182**Star][18d] [Java] [fuzzitdev/javafuzz](https://github.com/fuzzitdev/javafuzz) coverage guided fuzz testing for java
- [**182**Star][1m] [Py] [offlinemark/poet](https://github.com/offlinemark/poet) Post-exploitation tool
- [**182**Star][9d] [C++] [4d61726b/virtualkd-redux](https://github.com/4d61726b/virtualkd-redux) VirtualKD-Redux - A revival and modernization of VirtualKD
- [**182**Star][5m] [Py] [alienvault-otx/otx-python-sdk](https://github.com/AlienVault-OTX/OTX-Python-SDK) The Python SDK for AlienVault OTX
- [**182**Star][10d] [C] [radareorg/radare2-extras](https://github.com/radareorg/radare2-extras) Source graveyard and random candy for radare2
- [**182**Star][2y] [C++] [ysrc/antivirtualapp](https://github.com/ysrc/antivirtualapp) 检测当前app是否运行在VirtualApp虚拟机中
- [**182**Star][2y] [PS] [ubeeri/invoke-usersimulator](https://github.com/ubeeri/invoke-usersimulator) Simulates common user behaviour on local and remote Windows hosts.
- [**182**Star][9d] [Arduino] [spacehuhn/wifi_keylogger](https://github.com/spacehuhn/wifi_keylogger) DIY Arduino Wi-Fi Keylogger (Proof of Concept)
- [**182**Star][4m] [Shell] [silverpoision/rock-on](https://github.com/silverpoision/rock-on) Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.
- [**182**Star][8m] [PS] [shiva108/ctf-notes](https://github.com/shiva108/ctf-notes) Everything needed for doing CTFs
- [**182**Star][10d] [JS] [securecodebox/securecodebox](https://github.com/securecodebox/securecodebox) secureCodeBox (SCB) - continuous secure delivery out of the box
- [**182**Star][19d] [radareorg/r2con](https://github.com/radareorg/r2con) Radare Congress Stuff
- [**182**Star][1y] [pandazheng/threat-intelligence-analyst](https://github.com/pandazheng/threat-intelligence-analyst) 威胁情报，恶意样本分析，开源Malware代码收集
- [**182**Star][3y] [Py] [nopernik/sshpry2.0](https://github.com/nopernik/sshpry2.0) SSHPry v2 - Spy & Control os SSH Connected client's TTY
- [**182**Star][2m] [C] [neurodroid/cryptonite](https://github.com/neurodroid/cryptonite) EncFS and TrueCrypt on Android
- [**182**Star][4m] [C] [microsoft/pqcrypto-sidh](https://github.com/microsoft/pqcrypto-sidh) SIDH Library is a fast and portable software library that implements state-of-the-art supersingular isogeny cryptographic schemes. The chosen parameters aim to provide security against attackers running a large-scale quantum computer, and security against classical algorithms.
- [**182**Star][11d] [Shell] [mbahadou/postenum](https://github.com/mbahadou/postenum) Linux privilege escalation tool.
- [**182**Star][3y] [PHP] [lcatro/php-webshell-bypass-waf](https://github.com/lcatro/php-webshell-bypass-waf) Share some experience about PHP WebShell bypass WAF and Anti-AV
- [**182**Star][11d] [C] [heimdal/heimdal](https://github.com/heimdal/heimdal) a Kerberos 5 implementation
- [**182**Star][14d] [guardrailsio/awesome-java-security](https://github.com/guardrailsio/awesome-java-security) Awesome Java Security Resources
- [**182**Star][12d] [Py] [gprmax/gprmax](https://github.com/gprmax/gprmax) gprMax is open source software that simulates electromagnetic wave propagation using the Finite-Difference Time-Domain (FDTD) method for numerical modelling of Ground Penetrating Radar (GPR)
- [**182**Star][18d] [Py] [gdbinit/lldbinit](https://github.com/gdbinit/lldbinit) A gdbinit clone for LLDB
- [**182**Star][11d] [C++] [fritzone/obfy](https://github.com/fritzone/obfy) A tiny C++ obfuscation framework
- [**182**Star][12d] [C] [carolemieux/afl-rb](https://github.com/carolemieux/afl-rb) AFL Fuzz 工具的修改版，针对 Rare Branches
- [**182**Star][20d] [Go] [c-sto/recursebuster](https://github.com/c-sto/recursebuster) rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
- [**182**Star][17d] [Shell] [backlion/hack-for-tools](https://github.com/backlion/hack-for-tools) 常用的黑客神器
- [**182**Star][1m] [Py] [awhitehatter/mailoney](https://github.com/awhitehatter/mailoney) An SMTP Honeypot
- [**182**Star][1y] [C++] [arsenalrecon/arsenal-image-mounter](https://github.com/arsenalrecon/arsenal-image-mounter) Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.
- [**182**Star][9m] [Py] [anssi-fr/secuml](https://github.com/anssi-fr/secuml) Machine Learning for Computer Security
- [**182**Star][4m] [Java] [adolfintel/openpods](https://github.com/adolfintel/openpods) The Free and Open Source app for monitoring your AirPods on Android
- [**181**Star][4m] [Py] [ollypwn/bluegate](https://github.com/ollypwn/bluegate) PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE
- [**181**Star][3m] [C#] [wangkanai/detection](https://github.com/wangkanai/detection) ASP.NET Core Detection with Responsive View for identifying details about client device, browser, engine, platform, & crawler. Responsive middleware for routing base upon request client device detection to specific view.
- [**181**Star][4m] [Py] [siegfried415/portia-dashboard](https://github.com/siegfried415/portia-dashboard) portia-dashboard is a visual web crawler based on scrapinghub/portia
- [**181**Star][19d] [TS] [bettercap/ui](https://github.com/bettercap/ui) bettercap's web UI
- [**181**Star][1m] [C] [bytecode77/r77-rootkit](https://github.com/bytecode77/r77-rootkit) Ring 3 Rootkit DLL
- [**181**Star][22d] [Py] [ecstatic-nobel/osweep](https://github.com/ecstatic-nobel/OSweep) Don't Just Search OSINT. Sweep It.
- [**181**Star][11d] [PHP] [securitypaper/mail_fishing](https://github.com/SecurityPaper/mail_fishing) 甲方安全工程师必备，内部钓鱼系统
- [**181**Star][2m] [Py] [hpfeeds/hpfeeds](https://github.com/hpfeeds/hpfeeds) Honeynet Project generic authenticated datafeed protocol
- [**181**Star][29d] [ObjC] [x43x61x69/otx](https://github.com/x43x61x69/otx) The Mach-O disassembler. Now 64bit and Xcode 6 compatible.
- [**181**Star][4m] [Py] [soynatan/django-easy-audit](https://github.com/soynatan/django-easy-audit) Yet another Django audit log app, hopefully the simplest one.
- [**181**Star][12d] [Rust] [rust-fuzz/honggfuzz-rs](https://github.com/rust-fuzz/honggfuzz-rs) Fuzz your Rust code with Google-developed Honggfuzz !
- [**181**Star][12d] [PHP] [paralax/lfi-labs](https://github.com/paralax/lfi-labs) small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
- [**181**Star][1m] [PHP] [paragonie/password_lock](https://github.com/paragonie/password_lock) Wraps Bcrypt-SHA2 in Authenticated Encryption
- [**181**Star][10d] [C++] [nitrokey/nitrokey-app](https://github.com/nitrokey/nitrokey-app) Nitrokey's Application (Win, Linux, Mac)
- [**181**Star][15d] [Py] [mykings/python-masscan](https://github.com/mykings/python-masscan) python-masscan is a python library which helps in using masscan port scanner.
- [**181**Star][4m] [Py] [mrschyte/nmap-converter](https://github.com/mrschyte/nmap-converter) Python script for converting nmap reports into XLS
- [**181**Star][19d] [jasonqng/chinese-keywords](https://github.com/jasonqng/chinese-keywords) Collected sensitive Chinese keywords from various sources; for censorship testing and searching for sensitive content
- [**181**Star][4m] [Py] [j3ssie/iposint](https://github.com/j3ssie/iposint) 
- [**181**Star][9d] [JS] [htfy96/v2ray-config-gen](https://github.com/htfy96/v2ray-config-gen) V2Ray Configuration generator
- [**181**Star][10d] [Py] [googlecloudplatform/psq](https://github.com/googlecloudplatform/psq) Cloud Pub/Sub Task Queue for Python
- [**181**Star][12d] [C#] [ektrah/nsec](https://github.com/ektrah/nsec) A modern and easy-to-use cryptographic library for .NET Core based on libsodium
- [**181**Star][24d] [Py] [dictation-toolbox/aenea](https://github.com/dictation-toolbox/aenea) Client-server library for using voice macros from Dragon NaturallySpeaking and Dragonfly on remote/non-windows hosts.
- [**181**Star][6y] [C] [devttys0/littleblackbox](https://github.com/devttys0/littleblackbox) Database of private SSL/SSH keys for embedded devices
- [**181**Star][12d] [C#] [cyberark/zbang](https://github.com/cyberark/zbang) zBang is a risk assessment tool that detects potential privileged account threats
- [**181**Star][4m] [cptgibbon/house-of-corrosion](https://github.com/cptgibbon/house-of-corrosion) A description of the "House of Corrosion" GLIBC heap exploitation technique.
- [**181**Star][27d] [Shell] [brandonprry/wicked_cool_shell_scripts_2e](https://github.com/brandonprry/wicked_cool_shell_scripts_2e) Full shell scripts for the second edition of Wicked Cool Shell Scripts
- [**181**Star][1y] [Py] [boy-hack/gwhatweb](https://github.com/boy-hack/gwhatweb) 网站CMS识别
- [**181**Star][21d] [Shell] [b4b4r07/httpstat](https://github.com/b4b4r07/httpstat) It's like curl -v, with graphs and colors
- [**181**Star][2m] [Go] [adohe/kube2haproxy](https://github.com/adohe/kube2haproxy) High Availability HAProxy auto configuration and auto service discovery for Kubernetes.
- [**180**Star][2m] [Py] [xen0l/aws-gate](https://github.com/xen0l/aws-gate) Better AWS SSM Session manager CLI client
- [**180**Star][25d] [Dockerfile] [easypi/docker-shadowsocks-libev](https://github.com/easypi/docker-shadowsocks-libev) 
- [**180**Star][4m] [JS] [rannn505/node-powershell](https://github.com/rannn505/node-powershell) Easily run PowerShell from your NodeJS app
- [**180**Star][11d] [C++] [px4/eigen](https://github.com/px4/eigen) Eigen is a C++ template library for linear algebra: matrices, vectors, numerical solvers, and related algorithms.
- [**180**Star][10d] [C#] [fireeye/duedlligence](https://github.com/fireeye/duedlligence) Shellcode runner for all application whitelisting bypasses
- [**180**Star][20d] [Py] [baidu-security/openrasp-iast](https://github.com/baidu-security/openrasp-iast) IAST 灰盒扫描工具
- [**180**Star][18d] [PS] [gpoguy/getvulnerablegpo](https://github.com/gpoguy/getvulnerablegpo) PowerShell script to find 'vulnerable' security-related GPOs that should be hardended
- [**180**Star][17d] [JS] [wuchangming/node-mitmproxy](https://github.com/wuchangming/node-mitmproxy) node-mitmproxy is an extensible man-in-the-middle(MITM) proxy server for HTTP/HTTPS base on Node.js.
- [**180**Star][15d] [Py] [tweksteen/jenkins-decrypt](https://github.com/tweksteen/jenkins-decrypt) Credentials dumper for Jenkins
- [**180**Star][10d] [Shell] [trustedsec/hardcidr](https://github.com/trustedsec/hardcidr) hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime.
- [**180**Star][4m] [C] [soxrok2212/pskracker](https://github.com/soxrok2212/pskracker) An all-in-one WPA/WPS toolkit
- [**180**Star][6y] [Py] [smarnach/pyexiftool](https://github.com/smarnach/pyexiftool) a Python library to communicate with an instance of Phil Harvey's excellent ExifTool command-line application.
- [**180**Star][3y] [C] [riscure/rhme-2016](https://github.com/riscure/rhme-2016) Rhme2 challenge (2016)
- [**180**Star][10d] [Py] [racepwn/racepwn](https://github.com/racepwn/racepwn)  a librace library and a racepwn utility that are designed to test a race condition attack through protocols that use a TCP connection
- [**180**Star][11d] [C] [netoptimizer/network-testing](https://github.com/netoptimizer/network-testing) Network Testing Tools for testing the Linux network stack
- [**180**Star][4m] [Py] [misp/pymisp](https://github.com/misp/pymisp) Python library using the MISP Rest API
- [**180**Star][3m] [malwarearchaeology/attack](https://github.com/malwarearchaeology/attack) MITRE ATT&CK Windows Logging Cheat Sheets
- [**180**Star][1m] [Shell] [malaohu/ssr-with-net-speeder](https://github.com/malaohu/ssr-with-net-speeder) Shadowsocksr with net speeder
- [**180**Star][14d] [Py] [kuburan/txtool](https://github.com/kuburan/txtool) an easy pentesting tool.
- [**180**Star][14d] [Shell] [kabiroberai/theos-jailed](https://github.com/kabiroberai/theos-jailed) A Theos module to develop jailed tweaks for iOS 8 and up
- [**180**Star][14d] [HTML] [ihebski/angryfuzzer](https://github.com/ihebski/angryfuzzer) Tools for information gathering
- [**180**Star][17d] [Go] [ice3man543/hawkeye](https://github.com/ice3man543/hawkeye) Hawkeye filesystem analysis tool
- [**180**Star][2m] [C] [hugsy/proxenet](https://github.com/hugsy/proxenet) The ONLY hacker friendly proxy for webapp pentests.
- [**180**Star][4m] [hexorg/cheatenginetables](https://github.com/hexorg/cheatenginetables) Repository of tables for CheatEngine
- [**180**Star][1y] [Py] [githacktools/billcipher](https://github.com/githacktools/billcipher) Information Gathering tool for a Website or IP address
- [**180**Star][13d] [Py] [facert/github_search](https://github.com/facert/github_search) 根据 keywords 搜索 github 上面的 repos, 并通过 web 展示
- [**180**Star][3m] [dhaval17/awsome-security-write-ups-and-pocs](https://github.com/dhaval17/awsome-security-write-ups-and-pocs) Awesome Writeups and POCs
- [**180**Star][19d] [C] [beehive-lab/mambo](https://github.com/beehive-lab/mambo) ARM运行时二进制文件修改工具，低耗版。
- [**180**Star][9m] [Swift] [arslan2012/lazy-hackintosh-image-generator](https://github.com/arslan2012/lazy-hackintosh-image-generator) This automatical app makes Hackintosh installer from original Macintosh Installer app/disk image.
- [**179**Star][16d] [Swift] [ramshandilya/bezier](https://github.com/ramshandilya/bezier) Algorithm to draw smooth bezier curves through a set of points
- [**179**Star][15d] [Java] [546669204/wechatbot-xposed](https://github.com/546669204/wechatbot-xposed) A WeChat robot unit ,based on the android xposed framework hook to implement WeChat app robot functions
- [**179**Star][1m] [C++] [bnosac/image](https://github.com/bnosac/image) Computer Vision and Image Recognition algorithms for R users
- [**179**Star][16d] [JS] [theriley106/outcaptcha](https://github.com/theriley106/outcaptcha) Chrome Extension that Solves reCAPTCHA 2.0 Without Human Interaction
- [**179**Star][15d] [Py] [billvsme/videospider](https://github.com/billvsme/videospider) 抓取豆瓣，bilibili等中的电视剧、电影、动漫演员等信息
- [**179**Star][12d] [CSS] [kali-docs-cn/kali-linux-web-pentest-cookbook-zh](https://github.com/kali-docs-cn/kali-linux-web-pentest-cookbook-zh) 
- [**179**Star][1y] [C++] [zsshen/probedroid](https://github.com/zsshen/probedroid) A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.
- [**179**Star][11m] [Shell] [yangmame/arch-linux-installer](https://github.com/yangmame/arch-linux-installer) Arch-Linux-Install-Script/Arch Linux 安装脚本
- [**179**Star][10d] [Makefile] [trojan-gfw/openwrt-trojan](https://github.com/trojan-gfw/openwrt-trojan) trojan and its dependencies for OpenWrt
- [**179**Star][17d] [JS] [sindresorhus/ipify](https://github.com/sindresorhus/ipify) Get your public IP address
- [**179**Star][3y] [Java] [secure-software-engineering/droidbench](https://github.com/secure-software-engineering/droidbench) A micro-benchmark suite to assess the stability of taint-analysis tools for Android
- [**179**Star][2m] [C] [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
- [**179**Star][10d] [Verilog] [osresearch/spispy](https://github.com/osresearch/spispy) An open source SPI flash emulator and monitor
- [**179**Star][3y] [Java] [ms0x0/dayu](https://github.com/ms0x0/dayu) 一款开源指纹识别工具。
- [**179**Star][5y] [Py] [offlinemark/poet](https://github.com/offlinemark/poet) Post-exploitation tool
- [**179**Star][2y] [PS] [mattifestation/pic_bindshell](https://github.com/mattifestation/pic_bindshell) Position Independent Windows Shellcode Written in C
- [**179**Star][4m] [JS] [interference-security/frida-scripts](https://github.com/interference-security/frida-scripts) Frida Scripts
- [**179**Star][10d] [JS] [gamexg/shadowsocks_admin](https://github.com/gamexg/shadowsocks_admin) 一个 shadowsocks 服务器多账号管理系统，后端使用 shadowsocks-go 。支持多节点、流量限制等功能。
- [**179**Star][29d] [Py] [d0c-s4vage/gramfuzz](https://github.com/d0c-s4vage/gramfuzz) gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats.
- [**179**Star][28d] [Java] [calebfenton/apkfile](https://github.com/calebfenton/apkfile) Android app analysis and feature extraction library
- [**179**Star][8m] [Py] [busescanfly/pretty](https://github.com/busescanfly/pretty) "PRinter Exploitation Toolkit" LAN automation tool
- [**179**Star][3y] [Shell] [bitvijays/pentest-scripts](https://github.com/bitvijays/pentest-scripts) 渗透用脚本
- [**179**Star][11d] [Shell] [aturl/awesome-anti-gfw](https://github.com/aturl/awesome-anti-gfw) Awesome GFW Bypass
- [**178**Star][10d] [Py] [amimo/ollvm-breaker](https://github.com/amimo/ollvm-breaker) 使用Binary Ninja去除ollvm流程平坦混淆
- [**178**Star][5m] [ObjC] [welkinxie/aescipher-ios](https://github.com/welkinxie/aescipher-ios) AES encryption working between Objective-C and Java.
- [**178**Star][4m] [C++] [fireice-uk/xmr-stak-amd](https://github.com/fireice-uk/xmr-stak-amd) Monero AMD miner
- [**178**Star][29d] [Go] [inconshreveable/go-vhost](https://github.com/inconshreveable/go-vhost) HTTP/TLS hostname multiplexing library for Go
- [**178**Star][11d] [WebAssembly] [bytecodealliance/wasmparser](https://github.com/bytecodealliance/wasmparser) A simple event-driven library for parsing WebAssembly binary files
- [**178**Star][6m] [Java] [0kee-team/javaprobe](https://github.com/0kee-team/javaprobe) A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
- [**178**Star][2m] [C] [xerub/extra_recipe](https://github.com/xerub/extra_recipe) Exception-oriented exploitation by Ian Beer
- [**178**Star][3m] [valdikss/super-uefiinsecureboot-disk](https://github.com/valdikss/super-uefiinsecureboot-disk) Super UEFIinSecureBoot Disk: Boot any OS or .efi file without disabling UEFI Secure Boot
- [**178**Star][4m] [Py] [techbliss/python_editor](https://github.com/techbliss/python_editor) Better CodeEditor for Ida Pro.
- [**178**Star][2y] [C++] [sparkfun/makeymakey](https://github.com/sparkfun/makeymakey) The main branch for MaKey MaKey firmware on SparkFun's version of the board.
- [**178**Star][4m] [sie504/struts-s2-xxx](https://github.com/sie504/struts-s2-xxx) 整理收集Struts2漏洞环境
- [**178**Star][11d] [HTML] [samuraiwtf/samuraiwtf](https://github.com/samuraiwtf/samuraiwtf) The main SamuraiWTF collaborative distro repo.
- [**178**Star][19d] [C] [rapid7/mettle](https://github.com/rapid7/mettle) This is an implementation of a native-code Meterpreter, designed for portability, embeddability, and low resource utilization.
- [**178**Star][13d] [Ruby] [r00t-3xp10it/msf-auxiliarys](https://github.com/r00t-3xp10it/msf-auxiliarys) My collection of metasploit auxiliary post-modules
- [**178**Star][5y] [Py] [osandamalith/lfifreak](https://github.com/osandamalith/lfifreak) A unique automated LFi Exploiter with Bind/Reverse Shells
- [**178**Star][2y] [Swift] [nvisium/swift.nv](https://github.com/nvisium/swift.nv) Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOS
- [**178**Star][2m] [Py] [netflix-skunkworks/repulsive-grizzly](https://github.com/netflix-skunkworks/repulsive-grizzly) Application Layer DoS Testing Framework
- [**178**Star][4m] [C#] [n0dec/malwless](https://github.com/n0dec/malwless) Test Blue Team detections without running any attack.
- [**178**Star][25d] [Shell] [munki/bootstrappr](https://github.com/munki/bootstrappr) A bare-bones tool to install a set of packages on a target volume.
- [**178**Star][2y] [C#] [jaredhaight/sharpattack](https://github.com/jaredhaight/sharpattack) A simple wrapper for C# tools
- [**178**Star][1m] [Py] [infodox/python-dll-injection](https://github.com/infodox/python-dll-injection) Python toolkit for injecting DLL files into running processes on Windows
- [**178**Star][4y] [PS] [infocyte/pshunt](https://github.com/infocyte/pshunt) Powershell Threat Hunting Module
- [**178**Star][6m] [Py] [iagcl/watchmen](https://github.com/iagcl/watchmen) (Not maintained anymore) Watchmen - AWS account compliance using centrally managed Config Rules
- [**178**Star][22d] [C++] [gregwar/fatcat](https://github.com/gregwar/fatcat) FAT filesystems explore, extract, repair, and forensic tool
- [**178**Star][1m] [Py] [gleeda/memtriage](https://github.com/gleeda/memtriage) Allows you to quickly query a Windows machine for RAM artifacts
- [**178**Star][2m] [C] [gat3way/hashkill](https://github.com/gat3way/hashkill) hashkill password recovery tool
- [**178**Star][28d] [C#] [gangzhuo/kcptun-gui-windows](https://github.com/gangzhuo/kcptun-gui-windows) GUI for kcptun (
- [**178**Star][2m] [Shell] [floyd-fuh/tiny-mitm-proxy](https://github.com/floyd-fuh/tiny-mitm-proxy) Probably one of the smallest SSL MITM proxies you can make
- [**178**Star][4m] [eoftedal/writings](https://github.com/eoftedal/writings) blog posts
- [**178**Star][4m] [Py] [echowei/deeptraffic](https://github.com/echowei/deeptraffic) Deep Learning models for network traffic classification
- [**178**Star][10d] [C++] [dfir-orc/dfir-orc](https://github.com/dfir-orc/dfir-orc) Forensics artefact collection tool for systems running Microsoft Windows
- [**178**Star][15d] [C] [christian-roggia/open-myrtus](https://github.com/christian-roggia/open-myrtus) RCEed version of computer malware / rootkit MyRTUs / Stuxnet.
- [**178**Star][3y] [aozhimin/mosec-2017](https://github.com/aozhimin/mosec-2017) 盘古团队和 POC 主办的移动安全技术峰会
- [**177**Star][3y] [Py] [arno0x/shellcodewrapper](https://github.com/arno0x/shellcodewrapper) Shellcode wrapper with encryption for multiple target languages
- [**177**Star][15d] [Py] [avidlearnerinprogress/python-automation-scripts](https://github.com/avidlearnerinprogress/python-automation-scripts) Simple yet powerful automation stuffs.
- [**177**Star][12d] [Shell] [dnephin/pre-commit-golang](https://github.com/dnephin/pre-commit-golang) Golang hooks for pre-commit
- [**177**Star][4m] [C++] [abforce/xposed_art_n](https://github.com/abforce/xposed_art_n) ART module for a built-in enabled Xposed firmware based on AOSP 7
- [**177**Star][13d] [Go] [antchfx/antch](https://github.com/antchfx/antch) Antch, a fast, powerful and extensible web crawling & scraping framework for Go
- [**177**Star][11d] [JS] [norma-inc/atear](https://github.com/norma-inc/atear) Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration
- [**177**Star][5m] [C++] [threeme3/wsprrypi](https://github.com/threeme3/wsprrypi) Bareback LF/MF/HF/VHF WSPR transmitter using a Raspberry Pi
- [**177**Star][18d] [Shell] [therealsaumil/armx](https://github.com/therealsaumil/armx) ARM-X Firmware Emulation Framework
- [**177**Star][1y] [thehackingsage/hackdroid](https://github.com/thehackingsage/hackdroid) Penetration Testing Apps for Android
- [**177**Star][11m] [C++] [strivexjun/driverinjectdll](https://github.com/strivexjun/driverinjectdll) Using Driver Global Injection dll, it can hide DLL modules
- [**177**Star][19d] [Go] [sonatype-nexus-community/nancy](https://github.com/sonatype-nexus-community/nancy) A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
- [**177**Star][2m] [JS] [samyk/quickjack](https://github.com/samyk/quickjack) Quickjack is a point-and-click tool for intuitively producing advanced clickjacking and frame slicing attacks.
- [**177**Star][12d] [C++] [samyk/frisky](https://github.com/samyk/frisky) Instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS and macOS
- [**177**Star][4m] [rust-fuzz/trophy-case](https://github.com/rust-fuzz/trophy-case) 
- [**177**Star][10d] [Py] [pybind/python_example](https://github.com/pybind/python_example) Example pybind11 module built with a Python-based build system
- [**177**Star][3y] [C] [pustladi/windows-2000](https://github.com/pustladi/windows-2000) Microsoft Windows 2000 Professional — (Source Codes)
- [**177**Star][12d] [Go] [palantir/policy-bot](https://github.com/palantir/policy-bot) A GitHub App that enforces approval policies on pull requests
- [**177**Star][3m] [JS] [outflanknl/scripts](https://github.com/outflanknl/scripts) Small scripts that make life better
- [**177**Star][1m] [C] [octomagon/davegrohl](https://github.com/octomagon/davegrohl) A Password Cracker for macOS
- [**177**Star][9m] [Dockerfile] [obscuritylabs/rai](https://github.com/obscuritylabs/rai) Rapid Attack Infrastructure (RAI)
- [**177**Star][27d] [Py] [nforest/droidimg](https://github.com/nforest/droidimg) Android/Linux vmlinux loader
- [**177**Star][2y] [Py] [monrocoury/forensic-tools](https://github.com/monrocoury/forensic-tools) A collection of tools for forensic analysis
- [**177**Star][3y] [C] [mcarpenter/afl](https://github.com/mcarpenter/afl) DEPRECATED. Will be removed 09/2019. Please see
- [**177**Star][3m] [C#] [maxburaot/smartsteamemu](https://github.com/maxburaot/smartsteamemu) SSELauncher Comfy Edition 2018 By LoodBot/Syahmixp (Steam Emulator)
- [**177**Star][4m] [Shell] [lcashdol/exploits](https://github.com/lcashdol/exploits) Exploits for various CVEs
- [**177**Star][25d] [C] [jdbirdwell/afl](https://github.com/jdbirdwell/afl) american fuzzy lop for network fuzzing (unofficial) -- official afl site is
- [**177**Star][3y] [Shell] [ioactive/repossessed](https://github.com/ioactive/repossessed) A project designed to parse public source code repositories and find various types of vulnerabilities.
- [**177**Star][1m] [C] [hvqzao/foolav](https://github.com/hvqzao/foolav) Pentest tool for antivirus evasion and running arbitrary payload on target Wintel host
- [**177**Star][3m] [hl2guide/all-in-one-customized-adblock-list](https://github.com/hl2guide/all-in-one-customized-adblock-list) An all-in-one adblock list that thoroughly blocks trackers, popup ads, ads, unwanted cookies, fake news, cookie warning messages, typosquatters, unwanted comment sections, crypto-coin mining, YouTube clutter, Twitter guff and social network hassles.
- [**177**Star][2m] [Rust] [hjr3/weldr](https://github.com/hjr3/weldr) A HTTP 1.1 proxy written in Rust using tokio.
- [**177**Star][12d] [Py] [grutz/h3c-pt-tools](https://github.com/grutz/h3c-pt-tools) Huawei/H3C/HP Penetration Testing Tools
- [**177**Star][4y] [Shell] [googlecloudplatform/nginx-ssl-proxy](https://github.com/googlecloudplatform/nginx-ssl-proxy) build a Docker image that acts as an HTTP reverse proxy with optional (but strongly encouraged) support for acting as an SSL termination proxy
- [**177**Star][8y] [Py] [gdssecurity/gwt-penetration-testing-toolset](https://github.com/gdssecurity/gwt-penetration-testing-toolset) A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here:
- [**177**Star][12d] [C] [dhalperi/linux-80211n-csitool](https://github.com/dhalperi/linux-80211n-csitool) 802.11n CSI Tool based on iwlwifi and Linux
- [**177**Star][7d] [PHP] [cryin/assetsview](https://github.com/cryin/assetsview) Assets View资产发现、网络拓扑管理系统
- [**177**Star][8m] [Py] [comthings/pandwarf](https://github.com/comthings/pandwarf) RF analysis tool with a sub-1 GHz wireless transceiver controlled by a smartphone or
- [**177**Star][17d] [Py] [comsecuris/shannonre](https://github.com/comsecuris/shannonre) Helpful scripts for various tasks performed during reverse engineering the Shannon Baseband with the goal to exploit the Samsung Galaxy S6
- [**176**Star][10d] [bosefirmware/ced](https://github.com/bosefirmware/ced) Bose Firmware / Software - ced (AE2, Frames, Noise Cancelling Headphones 700, OE, On-Ear Wireless, QuietComfort 35 II / QC35 / QC35II, QuietControl 30 / QC30, SoundLink Color II, Micro, SL Mini Special Edition, Mini II, Revolve, SoundSport Free, Pulse, Wireless, SoundWear Companion, connect)
- [**176**Star][14d] [Rust] [qaul/qaul.net](https://github.com/qaul/qaul.net) Internet independent, decentralised ad-hoc wireless communication application (ONLY A MIRROR FOR
- [**176**Star][5m] [Py] [elliotxx/zhihu-crawler-people](https://github.com/elliotxx/zhihu-crawler-people) A simple distributed crawler for zhihu && data analysis
- [**176**Star][9d] [Shell] [xyene/wsl-dotfiles](https://github.com/xyene/wsl-dotfiles) My dotfiles for running an i3-based environment within the Windows Subsystem for Linux (WSL).
- [**176**Star][26d] [C++] [serge1/elfio](https://github.com/serge1/elfio) ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a header only C++ library
- [**176**Star][17d] [Py] [thoxvi/mycar_python](https://github.com/thoxvi/mycar_python) 自动发车爬虫
- [**176**Star][4y] [Shell] [praetorian-code/mitm-vm](https://github.com/praetorian-code/mitm-vm) An easy-to-deploy virtual machine that can provide flexible man-in-the-middle capabilities.
- [**176**Star][11d] [Py] [wish-i-was/femida](https://github.com/wish-i-was/femida) Automated blind-xss search for Burp Suite
- [**176**Star][2m] [Py] [vergl4s/instarecon](https://github.com/vergl4s/instarecon) Automated digital reconnaissance
- [**176**Star][17d] [C] [trailofbits/onesixtyone](https://github.com/trailofbits/onesixtyone) Fast SNMP Scanner
- [**176**Star][1m] [sysml/lightvm](https://github.com/sysml/lightvm) a virtualization solution based on Xen that is optimized to offer fast boot-times regardless of the number of active VMs
- [**176**Star][4m] [Scheme] [siraben/zkeme80](https://github.com/siraben/zkeme80) An assembler and operating system for the TI-84+ written in Scheme, Forth and Z80 assembly.
- [**176**Star][2m] [Py] [securingsam/krackdetector](https://github.com/securingsam/krackdetector) a Python script to detect possible KRACK attacks against client devices on your network
- [**176**Star][11d] [Py] [sch3m4/androidpatternlock](https://github.com/sch3m4/androidpatternlock) A little Python tool to crack the Pattern Lock on Android devices
- [**176**Star][12m] [Java] [ota4j-team/opentest4j](https://github.com/ota4j-team/opentest4j) Open Test Alliance for the JVM
- [**176**Star][11d] [C] [naworkcaj/bdvl](https://github.com/naworkcaj/bdvl) LD_PRELOAD Linux rootkit (x86 & ARM)
- [**176**Star][2y] [Py] [mdsecactivebreach/chameleon](https://github.com/mdsecactivebreach/chameleon) A tool for evading Proxy categorisation
- [**176**Star][2y] [Py] [manisso/crips](https://github.com/manisso/crips) IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
- [**176**Star][2y] [ObjC] [macmade/filevaultcracker](https://github.com/macmade/filevaultcracker) macOS FileVault cracking tool
- [**176**Star][1m] [Java] [k-tamura/easybuggy](https://github.com/k-tamura/easybuggy) Too buggy web application
- [**176**Star][27d] [Go] [jrozner/sonar](https://github.com/jrozner/sonar) Self contained cross platform DNS recon tool
- [**176**Star][12d] [ObjC] [inds-team/inds](https://github.com/inds-team/inds) Revival of the Nintendo DS emulator for iOS
- [**176**Star][16d] [C] [henkaku/offline-installer](https://github.com/henkaku/offline-installer) HENkaku Offline Installer
- [**176**Star][1m] [C++] [google/pawn](https://github.com/google/pawn) 从基于 Intel 的工作站和笔记本电脑中提取 BIOS 固件
- [**176**Star][4m] [Py] [gnebbia/pdlist](https://github.com/gnebbia/pdlist) A passive subdomain finder
- [**176**Star][1m] [JS] [fnando/password_strength](https://github.com/fnando/password_strength) Check password strength against several rules. Includes ActiveRecord/ActiveModel support.
- [**176**Star][15d] [C++] [devinacker/bsnes-plus](https://github.com/devinacker/bsnes-plus) debug-oriented fork of bsnes
- [**176**Star][19d] [Py] [belane/linux-soft-exploit-suggester](https://github.com/belane/linux-soft-exploit-suggester) Search Exploitable Software on Linux
- [**176**Star][18d] [Py] [alpha1e0/kiwi](https://github.com/alpha1e0/kiwi) 安全源码审计工具
- [**176**Star][1y] [Java] [aalhuz/navex](https://github.com/aalhuz/navex) is an exploit generation framework for web applications.
- [**176**Star][3y] [Py] [4shadoww/hakkuframework](https://github.com/4shadoww/hakkuframework) Hakku Framework penetration testing
- [**176**Star][3y] [C++] [0x09al/dns-persist](https://github.com/0x09al/dns-persist) DNS-Persist is a post-exploitation agent which uses DNS for command and control.
- [**175**Star][19d] [Py] [ridter/cve-2020-0688](https://github.com/ridter/cve-2020-0688) cve-2020-0688
- [**175**Star][19d] [Swift] [protonvpn/mac-app](https://github.com/protonvpn/mac-app) Official ProtonVPN macOS app
- [**175**Star][4m] [Py] [guapier/zi5book](https://github.com/guapier/zi5book) book.zi5.me全站kindle电子书籍爬取，按照作者书籍名分类，每本书有mobi和equb两种格式，采用分布式进行全站爬取
- [**175**Star][1m] [TS] [joshglazebrook/socks](https://github.com/joshglazebrook/socks) Fully featured SOCKS proxy client supporting SOCKSv4, SOCKSv4a, and SOCKSv5. Includes Bind and Associate functionality.
- [**175**Star][10d] [Py] [paralelo14/google_explorer](https://github.com/paralelo14/google_explorer) Mass exploitation tool in python
- [**175**Star][4m] [uknowsec/sharpdecryptpwd](https://github.com/uknowsec/sharpdecryptpwd) 对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。
- [**175**Star][10d] [ckjbug/xmind-learning](https://github.com/ckjbug/xmind-learning) 各种安全相关思维导图整理收集
- [**175**Star][16d] [uknowsec/sharptoolsaggressor](https://github.com/uknowsec/sharptoolsaggressor) 内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
- [**175**Star][4m] [Swift] [paradiseduo/shadowsocksx-ng-r8](https://github.com/paradiseduo/shadowsocksx-ng-r8) ShadowsocksX-NG-R for MacOS
- [**175**Star][1y] [Py] [osirislab/ctf-solutions](https://github.com/osirislab/CTF-Solutions) Solutions to a variety of Capture The Flag challenges from different competitions.
- [**175**Star][15d] [Py] [wipi-hunter/pisavar](https://github.com/WiPi-Hunter/PiSavar) Detects PineAP module and starts deauthentication attack
- [**175**Star][10d] [Py] [paralelo14/google_explorer](https://github.com/paralelo14/google_explorer) Mass exploitation tool in python
- [**175**Star][7m] [C#] [zodiacon/kernelexplorer](https://github.com/zodiacon/kernelexplorer) 
- [**175**Star][30d] [HTML] [yaph/domxssscanner](https://github.com/yaph/domxssscanner) DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
- [**175**Star][30d] [Go] [vyrus001/go-mimikatz](https://github.com/vyrus001/go-mimikatz) A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
- [**175**Star][4m] [C] [uofw/uofw](https://github.com/uofw/uofw) The unofficial Official FirmWare, a complete latest PSP firmware reverse engineering project
- [**175**Star][10d] [Shell] [teracow/googliser](https://github.com/teracow/googliser) a fast BASH multiple-image downloader
- [**175**Star][29d] [Java] [spring-cloud/spring-cloud-vault](https://github.com/spring-cloud/spring-cloud-vault) Configuration Integration with HashiCorp Vault
- [**175**Star][4m] [C#] [smartproxy/smartproxy](https://github.com/smartproxy/smartproxy) HTTP(S) Rotating Residential proxies - Code examples & General information
- [**175**Star][12d] [secwiki/hack-movie](https://github.com/secwiki/hack-movie) 黑客相关的电视剧/电影/纪录片
- [**175**Star][3y] [PHP] [rpisec/hackthevote](https://github.com/rpisec/hackthevote) Handouts, setup scripts, sources, and solutions for challenges from Hack The Vote
- [**175**Star][2m] [HTML] [purpleteam/snarf](https://github.com/purpleteam/snarf) Snarf man-in-the-middle / relay suite
- [**175**Star][2y] [Py] [niloofarkheirkhah/nili](https://github.com/niloofarkheirkhah/nili) Nili is a Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing.
- [**175**Star][12d] [Java] [netsoss/headless-burp](https://github.com/netsoss/headless-burp) Automate security tests using Burp Suite.
- [**175**Star][6m] [C++] [nervanasystems/he-transformer](https://github.com/nervanasystems/he-transformer) nGraph-HE: Deep learning with Homomorphic Encryption (HE) through Intel nGraph
- [**175**Star][2y] [Py] [nccgroup/aws-recipes](https://github.com/nccgroup/aws-recipes) A number of Recipes for AWS
- [**175**Star][1y] [Py] [mpgn/poodle-poc](https://github.com/mpgn/poodle-poc) 
- [**175**Star][10d] [C] [kubo/funchook](https://github.com/kubo/funchook) Hook function calls by inserting jump instructions at runtime
- [**175**Star][2y] [Dockerfile] [kozmic/laravel-poc-cve-2018-15133](https://github.com/kozmic/laravel-poc-cve-2018-15133) PoC for CVE-2018-15133 (Laravel unserialize vulnerability)
- [**175**Star][23d] [JS] [hapijs/crumb](https://github.com/hapijs/crumb) CSRF crumb generation and validation for hapi
- [**175**Star][3y] [C] [geosn0w/reverse-engineering-tutorials](https://github.com/geosn0w/reverse-engineering-tutorials) Some Reverse Engineering Tutorials for Beginners
- [**175**Star][13d] [gaerae/awesome-algorithms-education](https://github.com/gaerae/awesome-algorithms-education) A curated list to learning and practicing about algorithm.
- [**175**Star][21d] [Shell] [dshield-isc/dshield](https://github.com/dshield-isc/dshield) DShield Raspberry Pi Sensor
- [**175**Star][5y] [Py] [dc3l1ne/blasting_dictionary](https://github.com/dc3l1ne/blasting_dictionary) 爆破字典
- [**175**Star][10m] [C++] [creddefense/creddefense](https://github.com/creddefense/creddefense) Credential and Red Teaming Defense for Windows Environments
- [**175**Star][25d] [JS] [brannondorsey/host-validation](https://github.com/brannondorsey/host-validation) Express.js middleware for "Host" and "Referer" header validation to protect against DNS rebinding attacks.
- [**175**Star][19d] [azure/azure-storage-java](https://github.com/azure/azure-storage-java) Microsoft Azure Storage Library for Java
- [**175**Star][19d] [JS] [ant4g0nist/vegvisir](https://github.com/ant4g0nist/vegvisir) 基于浏览器的LLDB 调试器
- [**175**Star][5y] [C#] [alphadelta/secure-desktop](https://github.com/alphadelta/secure-desktop) Anti-keylogger/anti-rat application for Windows
- [**175**Star][3y] [Py] [4w4k3/insanity-framework](https://github.com/4w4k3/insanity-framework) Generate Payloads and Control Remote Machines. [Discontinued]
- [**175**Star][2y] [Py] [0xbug/biu-framework](https://github.com/0xbug/biu-framework) Security Scan Framework For Enterprise Intranet Based Services 
- [**174**Star][11d] [C++] [outflanknl/recon-ad](https://github.com/outflanknl/recon-ad) Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
- [**174**Star][11d] [Py] [zhovner/mfdread](https://github.com/zhovner/mfdread) Mifare 1k/4k dumps parser in human readable format
- [**174**Star][10m] [Shell] [weaveworks/tcptracer-bpf](https://github.com/weaveworks/tcptracer-bpf) eBPF program using kprobes to trace TCP events without run-time compilation dependencies
- [**174**Star][1m] [Py] [wafpassproject/wafpass](https://github.com/wafpassproject/wafpass) Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
- [**174**Star][4m] [ObjC] [subito-it/sbtuitesttunnel](https://github.com/subito-it/sbtuitesttunnel) Enable network mocks and more in UI Tests
- [**174**Star][13d] [JS] [skycrab/leakscan](https://github.com/skycrab/leakscan) 在线漏洞扫描
- [**174**Star][1m] [Py] [shadowsocks-backup/shadowsocks](https://github.com/shadowsocks-backup/shadowsocks) 
- [**174**Star][2y] [ramen0x3f/aggressorscripts](https://github.com/ramen0x3f/aggressorscripts)  audit your machines or machines you're authorized to audit
- [**174**Star][7m] [JS] [puresec/serverless-puresec-cli](https://github.com/puresec/serverless-puresec-cli) Serverless plugin for least privileges.
- [**174**Star][1m] [Shell] [pr0x13/ibrutr](https://github.com/pr0x13/ibrutr) iCloud Bruteforce PoC - with MultiCurl
- [**174**Star][1m] [JS] [philbooth/escomplex](https://github.com/philbooth/escomplex) Software complexity analysis of JavaScript-family abstract syntax trees
- [**174**Star][1m] [C#] [ikende/beetle.dt](https://github.com/ikende/beetle.dt) 分布式压力测试工具
- [**174**Star][3y] [Shell] [functionclub/fail2ban](https://github.com/functionclub/fail2ban) 最简单的防止SSH暴力破解的脚本
- [**174**Star][12d] [Jupyter Notebook] [dchad/malware-detection](https://github.com/dchad/malware-detection) Malware Detection and Classification Using Machine Learning
- [**174**Star][21d] [Perl] [datacharmer/mysql-sandbox](https://github.com/datacharmer/mysql-sandbox) Quick and painless install of one or more MySQL servers in the same host.
- [**174**Star][13d] [chryzsh/awesome-windows-security](https://github.com/chryzsh/awesome-windows-security) List of Awesome Windows Security Resources
- [**174**Star][3m] [Go] [bifurcation/mint](https://github.com/bifurcation/mint) A Minimal TLS 1.3 Implementation in Go
- [**174**Star][13d] [C] [autopear/ipainstaller](https://github.com/autopear/ipainstaller) Install IPA from command line
- [**174**Star][11d] [Go] [arwmq9b6/dnsproxy](https://github.com/arwmq9b6/dnsproxy) 防 DNS 缓存污染，兼顾查询质量与速度
- [**174**Star][10d] [Py] [arch4ngel/eavesarp](https://github.com/arch4ngel/eavesarp) Analyze ARP requests to identify intercommunicating hosts and stale network address configurations (SNACs)
- [**174**Star][2y] [Py] [3gstudent/worse-pdf](https://github.com/3gstudent/worse-pdf) Turn a normal PDF file into malicious.Use to steal Net-NTLM Hashes from windows machines.
- [**173**Star][12d] [C] [redcanaryco/chain-reactor](https://github.com/redcanaryco/chain-reactor) Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
- [**173**Star][7m] [Py] [gotcha/vimpdb](https://github.com/gotcha/vimpdb) Pdb and Vim integration
- [**173**Star][19d] [Lua] [libremesh/lime-packages](https://github.com/libremesh/lime-packages) OpenWrt packages composing LibreMesh meta-firmware for wireless mesh networking
- [**173**Star][22d] [Go] [liamg/scout](https://github.com/liamg/scout) 
- [**173**Star][2y] [Go] [out0fmemory/goproxy-always-available](https://github.com/out0fmemory/goproxy-always-available) fork from goproxy Becaust it closed!! 1632版本自动扫描可用ip
- [**173**Star][11d] [PHP] [curtbraz/phishing-api](https://github.com/curtbraz/phishing-api) Comprehensive Web Based Phishing Suite of Tools for Rapid Deployment and Real-Time Alerting!
- [**173**Star][10d] [Py] [zricethezav/h1domains](https://github.com/zricethezav/h1domains) HackerOne "in scope" domains
- [**173**Star][4m] [C++] [zer0mem0ry/runpe](https://github.com/zer0mem0ry/runpe) Code that allows running another windows PE in the same address space as the host process.
- [**173**Star][13d] [C#] [x41sec/browser-security-whitepaper-2017](https://github.com/x41sec/browser-security-whitepaper-2017) X41 Browser Security White Paper - Tools and PoCs
- [**173**Star][1m] [HTML] [tylert/pocorgtfo](https://github.com/tylert/pocorgtfo) International Journal of Proof-of-Concept or Get The F*** Out (PoC||GTFO or PoC or GTFO)
- [**173**Star][16d] [C] [scen/osxinj](https://github.com/scen/osxinj) osx dylib injection
- [**173**Star][16d] [Py] [rvn0xsy/cooolis-ms](https://github.com/rvn0xsy/cooolis-ms) Cooolis-ms is a server that supports the Metasploit Framework RPC. It is used to work with the Shellcode and PE loader. To some extent, it bypasses the static killing of anti-virus software, and allows the Cooolis-ms server to communicate with the Metasploit server. Separation.
- [**173**Star][4y] [C++] [phat3/pindemonium](https://github.com/phat3/pindemonium) A pintool in order to unpack malware
- [**173**Star][4m] [C] [jovanbulck/sgx-step](https://github.com/jovanbulck/sgx-step) A practical attack framework for precise enclave execution control
- [**173**Star][2m] [HTML] [jensvoid/lorg](https://github.com/jensvoid/lorg) Apache Logfile Security Analyzer
- [**173**Star][3m] [Py] [itsmehacker/darkscrape](https://github.com/itsmehacker/darkscrape) OSINT Tool For Scraping Dark Websites
- [**173**Star][4m] [HTML] [c4o/chinesedarkwebcrawler](https://github.com/c4o/chinesedarkwebcrawler) 中文暗网爬虫
- [**173**Star][19d] [C++] [bastibl/gr-ieee802-15-4](https://github.com/bastibl/gr-ieee802-15-4) IEEE 802.15.4 ZigBee Transceiver
- [**173**Star][2m] [Py] [adamcaudill/yawast](https://github.com/adamcaudill/yawast) YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
- [**172**Star][8d] [C++] [bendr0id/xmrigcc](https://github.com/bendr0id/xmrigcc) Highly optimized Cryptonight / RandomX / Argon2 CPU miner with Command&Control (CC) Server and Monitoring
- [**172**Star][12d] [Rust] [probe-rs/probe-rs](https://github.com/probe-rs/probe-rs) A debugging toolset and library for debugging ARM cores on a separate host
- [**172**Star][10d] [C] [slimbootloader/slimbootloader](https://github.com/slimbootloader/slimbootloader) Visit
- [**172**Star][11d] [C] [nordicsemiconductor/pc-ble-driver](https://github.com/nordicsemiconductor/pc-ble-driver) Desktop library for Bluetooth low energy development
- [**172**Star][24d] [C#] [0xd4d/jitdasm](https://github.com/0xd4d/jitdasm) Disassemble jitted .NET methods
- [**172**Star][11d] [Java] [java-decompiler/jd-core](https://github.com/java-decompiler/jd-core) JD-Core is a JAVA decompiler written in JAVA.
- [**172**Star][15d] [Py] [chenjiandongx/github-spider](https://github.com/chenjiandongx/Github-spider) Github 仓库及用户分析爬虫
- [**172**Star][11d] [C++] [taskexplorer/taskexplorer](https://github.com/taskexplorer/TaskExplorer) Power full Task Manager
- [**172**Star][23d] [C] [ray-cp/vm-escape](https://github.com/ray-cp/vm-escape) some interesting vm-escape game
- [**172**Star][14d] [Py] [tulpar/tulpar](https://github.com/tulpar/tulpar) Tulpar - Web Vulnerability Scanner
- [**172**Star][29d] [Py] [zerosteiner/mayhem](https://github.com/zerosteiner/mayhem) Runtime Process Manipulation
- [**172**Star][16d] [C] [yifanlu/psvimgtools](https://github.com/yifanlu/psvimgtools) Decrypt Vita CMA backups
- [**172**Star][11d] [C] [vlad902/hacking-team-windows-kernel-lpe](https://github.com/vlad902/hacking-team-windows-kernel-lpe) Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar.
- [**172**Star][6m] [Py] [tonybeltramelli/deep-spying](https://github.com/tonybeltramelli/deep-spying) Spying using Smartwatch and Deep Learning
- [**172**Star][2y] [Py] [tintinweb/ida-batch_decompile](https://github.com/tintinweb/ida-batch_decompile) IDA Batch Decompile plugin and script for Hex-Ray's IDA Pro that adds the ability to batch decompile multiple files and their imports with additional annotations (xref, stack var size) to the pseudocode .c file
- [**172**Star][3y] [Java] [the404hacking/androrat](https://github.com/the404hacking/androrat) AndroRAT | Remote Administrator Tool for Android OS Hacking
- [**172**Star][4m] [Java] [superblaubeere27/obfuscator](https://github.com/superblaubeere27/obfuscator) A java obfuscator (GUI)
- [**172**Star][4m] [sumas/oscp-cheatsheet-god](https://github.com/sumas/oscp-cheatsheet-god) multiple OSCP cheatsheet
- [**172**Star][12d] [Py] [spiderlabs/scavenger](https://github.com/spiderlabs/scavenger) is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.
- [**172**Star][3y] [Ruby] [section9labs/cartero](https://github.com/section9labs/cartero) Cartero - Social Engineering Framework
- [**172**Star][12d] [C] [scslab/tcpcrypt](https://github.com/scslab/tcpcrypt) Fast TCP encryption
- [**172**Star][3m] [Py] [rams3sh/aaia](https://github.com/rams3sh/aaia) AWS Identity and Access Management Visualizer and Anomaly Finder
- [**172**Star][6y] [Py] [paulsec/csrft](https://github.com/paulsec/csrft) A lightweight CSRF Toolkit for easy Proof of concept
- [**172**Star][1m] [Py] [betab0t/cve-2017-7494](https://github.com/betab0t/cve-2017-7494) Samba 漏洞（CVE-2017-7494）PoC
- [**172**Star][2y] [Py] [omergunal/hackerbot](https://github.com/omergunal/hackerbot) chatbot 和 hacking 工具的结合版
- [**172**Star][2y] [ObjC] [objective-see/donotdisturb](https://github.com/objective-see/donotdisturb) Detect Evil Maid Attacks
- [**172**Star][11y] [C#] [moserware/tls-1.0-analyzer](https://github.com/moserware/tls-1.0-analyzer) A simple tool to go along with "The First Few Milliseconds of an HTTPS Connection" blog post on moserware.com
- [**172**Star][26d] [Py] [mnkgrover08-zz/whatsapp_automation](https://github.com/mnkgrover08-zz/whatsapp_automation) Whatsapp Automation is a collection of APIs that interact with WhatsApp messenger running in an Android emulator, allowing developers to build projects that automate sending and receiving messages, adding new contacts and broadcasting messages multiple contacts.
- [**172**Star][17d] [C] [microchiptech/cryptoauthlib](https://github.com/microchiptech/cryptoauthlib) Library for interacting with the Crypto Authentication secure elements
- [**172**Star][14d] [C++] [mharjac/bad_ducky](https://github.com/mharjac/bad_ducky) Rubber Ducky compatible clone based on CJMCU BadUSB HW.
- [**172**Star][16d] [C++] [jrfonseca/drmingw](https://github.com/jrfonseca/drmingw) Postmortem debugging tools for MinGW.
- [**172**Star][2y] [PS] [javelinnetworks/honeypotbuster](https://github.com/javelinnetworks/honeypotbuster) Microsoft PowerShell module designed for red teams that can be used to find honeypots and honeytokens in the network or at the host.
- [**172**Star][5m] [C++] [immunant/selfrando](https://github.com/immunant/selfrando) Function order shuffling to defend against ROP and other types of code reuse
- [**172**Star][3y] [C++] [hussein-aitlahcen/blackhole](https://github.com/hussein-aitlahcen/blackhole) C# RAT (Remote Administration Tool)
- [**172**Star][18d] [JS] [grempe/diceware](https://github.com/grempe/diceware) A tool for generating strong Diceware passwords, with entropy and crack time estimates.
- [**172**Star][11d] [C] [elementsproject/secp256k1-zkp](https://github.com/elementsproject/secp256k1-zkp) Experimental fork of libsecp256k1 with support for pedersen commitments and range proofs.
- [**172**Star][12d] [Shell] [diladele/websafety](https://github.com/diladele/websafety) Simple and powerful web filter for HTTP and HTTPS traffic
- [**172**Star][4y] [cn33liz/msbuildshell](https://github.com/cn33liz/msbuildshell) MSBuildShell, a Powershell Host running within MSBuild.exe
- [**172**Star][9d] [Py] [blacktop/virustotal-api](https://github.com/blacktop/virustotal-api) Virus Total Public/Private/Intel API
- [**172**Star][11m] [PHP] [blackhole1/webrtcxss](https://github.com/blackhole1/webrtcxss) 利用XSS入侵内网(Use XSS automation Invade intranet)
- [**172**Star][17d] [Py] [alephsecurity/abootool](https://github.com/alephsecurity/abootool) Simple tool to dynamically discover hidden fastboot OEM commands based on static knowledge
- [**171**Star][10d] [notasausage/pi-hole-unbound-wireguard](https://github.com/notasausage/pi-hole-unbound-wireguard) Turning your Raspberry Pi into an ad-blocking VPN with built-in DNS resolution using Pi-Hole, Unbound & WireGuard.
- [**171**Star][25d] [Ruby] [mehonoshin/smartvpn-http-hooks](https://github.com/mehonoshin/smartvpn-http-hooks) OpenVPN server hooks
- [**171**Star][11d] [Py] [martinthoma/algorithms](https://github.com/martinthoma/algorithms) This repository is for learning and understanding how algorithms work.
- [**171**Star][14d] [TS] [skycoin/skywire](https://github.com/skycoin/skywire) Skywire Meshnet and VPN
- [**171**Star][12d] [spaze/hashes](https://github.com/spaze/hashes) Magic hashes – PHP hash "collisions"
- [**171**Star][19d] [Shell] [raggi/openssl-osx-ca](https://github.com/raggi/openssl-osx-ca) Simple periodic task to sync OSX Keychain certs to Homebrew installed OpenSSL & LibreSSL
- [**171**Star][1m] [C] [immunityinc/libptrace](https://github.com/immunityinc/libptrace) An event driven multi-core process debugging, tracing, and manipulation framework.
- [**171**Star][25d] [Kotlin] [gosecure/dtd-finder](https://github.com/gosecure/dtd-finder) List DTDs and generate XXE payloads using those local DTDs.
- [**171**Star][3m] [SourcePawn] [splewis/csgo-practice-mode](https://github.com/splewis/csgo-practice-mode) CS:GO Sourcemod plugin for private team/individual practice servers
- [**171**Star][19d] [HTML] [xianyunyh/spider_job](https://github.com/xianyunyh/spider_job) 基于boss直聘网数据的上海地区PHP职位情况的分析
- [**171**Star][4m] [Go] [remeh/sizedwaitgroup](https://github.com/remeh/sizedwaitgroup) SizedWaitGroup has the same role and close to the same API as the Golang sync.WaitGroup but it adds a limit on the amount of goroutines started concurrently.
- [**171**Star][7m] [vysecurity/cve-2017-8759](https://github.com/vysecurity/CVE-2017-8759) CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.
- [**171**Star][2y] [C] [ardupilot/sik](https://github.com/ArduPilot/SiK) Tools and firmware for the Si1000
- [**171**Star][1m] [Py] [q2h1cg/cms-exploit-framework](https://github.com/Q2h1Cg/CMS-Exploit-Framework) CMS Exploit Framework
- [**171**Star][15d] [Py] [praetorian-code/gladius](https://github.com/praetorian-code/gladius) Automated Responder/secretsdump.py cracking
- [**171**Star][1m] [C++] [zerocoin/libzerocoin](https://github.com/zerocoin/libzerocoin)  C++ lib for anonymous extension to bitcoin
- [**171**Star][17d] [Clojure] [weavejester/crypto-password](https://github.com/weavejester/crypto-password) Library for securely hashing passwords
- [**171**Star][4m] [Shell] [viralmaniar/i-see-you](https://github.com/viralmaniar/i-see-you) ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
- [**171**Star][13d] [C] [tyranid/windows-logical-eop-workshop](https://github.com/tyranid/windows-logical-eop-workshop) source code for my Windows Logical Privilege Escalation workshop examples
- [**171**Star][4m] [AGS Script] [tinyfpga/tinyfpga-bootloader](https://github.com/tinyfpga/tinyfpga-bootloader) An open source USB bootloader for FPGAs
- [**171**Star][4m] [Py] [tamimibrahim17/list-of-user-agents](https://github.com/tamimibrahim17/list-of-user-agents) List of major web + mobile browser user agent strings. +1 Bonus script to scrape :)
- [**171**Star][11d] [splunk/botsv1](https://github.com/splunk/botsv1) A sample security dataset and CTF platform
- [**171**Star][1m] [C] [silver13/h8mini-acro](https://github.com/silver13/h8mini-acro) acro firmware for eachine H8 mini
- [**171**Star][14d] [Py] [saucer-man/saucerframe](https://github.com/saucer-man/saucerframe) python3批量poc检测工具
- [**171**Star][15d] [Py] [regala/burp-scope-monitor](https://github.com/regala/burp-scope-monitor) Burp Suite Extension to monitor new scope
- [**171**Star][12d] [Py] [opentimestamps/opentimestamps-client](https://github.com/opentimestamps/opentimestamps-client) Command-line tool to create and validate timestamp proofs with the OpenTimestamps protocol
- [**171**Star][18d] [Py] [nucypher/pyumbral](https://github.com/nucypher/pyumbral) NuCypher's reference implementation of Umbral (threshold proxy re-encryption) using OpenSSL and Cryptography.io
- [**171**Star][3m] [CSS] [nknetobserver/nknetobserver.github.io](https://github.com/nknetobserver/nknetobserver.github.io) Scans of North Korean IP Space
- [**171**Star][1y] [Py] [mosuan/filescan](https://github.com/mosuan/filescan) 敏感文件扫描 / 二次判断降低误报率 / 扫描内容规则化 / 多目录扫描
- [**171**Star][4m] [Shell] [moexin/easy-v2ray](https://github.com/moexin/easy-v2ray) 简单的V2ray一键配置包，小白也能简单上手。
- [**171**Star][22d] [Py] [madengr/ham2mon](https://github.com/madengr/ham2mon) GNU Radio based SDR scanner for narrow band FM demodulation
- [**171**Star][3y] [Py] [luyishisi/nyspider](https://github.com/luyishisi/nyspider) 各种爬虫---大众点评,安居客，58，人人贷，拍拍贷, IT桔子,拉勾网，豆瓣,搜房网,ASO100,气象数据,猫眼电影,链家,PM25.in...
- [**171**Star][22d] [leonjza/awesome-nmap-grep](https://github.com/leonjza/awesome-nmap-grep) Awesome Nmap Grep
- [**171**Star][16d] [Ruby] [kost/dockscan](https://github.com/kost/dockscan) dockscan is security vulnerability and audit scanner for Docker installations
- [**171**Star][10d] [C++] [grammatech/ddisasm](https://github.com/grammatech/ddisasm) A fast and accurate disassembler
- [**171**Star][2y] [Py] [googulator/teslacrack](https://github.com/googulator/teslacrack) Decryptor for the TeslaCrypt malware
- [**171**Star][12d] [fabionoth/awesome-cyber-security](https://github.com/fabionoth/awesome-cyber-security) A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
- [**171**Star][3y] [C] [cyrus-and/mysql-unsha1](https://github.com/cyrus-and/mysql-unsha1) 无需明文密码，认证MySQL服务器
- [**171**Star][3y] [PS] [cyberark/riskyspn](https://github.com/cyberark/riskyspn) Detect and abuse risky SPNs
- [**171**Star][1y] [Py] [bilelmoussaoui/authenticator](https://github.com/bilelmoussaoui/authenticator) 2FA code generator for GNOME
- [**171**Star][2y] [Py] [azizaltuntas/camelishing](https://github.com/azizaltuntas/camelishing) Social Engineering Tool
- [**171**Star][6m] [Py] [andresriancho/enumerate-iam](https://github.com/andresriancho/enumerate-iam) Enumerate the permissions associated with AWS credential set
- [**171**Star][8m] [Shell] [1n3/massbleed](https://github.com/1n3/massbleed) MassBleed SSL Vulnerability Scanner
- [**170**Star][11d] [Py] [dessa-oss/atlas](https://github.com/dessa-oss/atlas) An Open Source, Self-Hosted Platform For Applied Deep Learning Development
- [**170**Star][11d] [Py] [city-bureau/city-scrapers](https://github.com/city-bureau/city-scrapers) Scrape, standardize and share public meetings from local government websites
- [**170**Star][1m] [Py] [zhanghe06/news_spider](https://github.com/zhanghe06/news_spider) 新闻抓取（微信、微博、头条...）
- [**170**Star][16d] [JS] [ensingm2/saliengame_idler](https://github.com/ensingm2/saliengame_idler) A Javascript Idler for the 2018 Steam Summer 'Salien' Minigame
- [**170**Star][10d] [TSQL] [cisagov/cset](https://github.com/cisagov/cset) Cybersecurity Evaluation Tool
- [**170**Star][11d] [C++] [ajkhoury/sigmaker-x64](https://github.com/ajkhoury/SigMaker-x64) IDA Pro 7.0 compatible SigMaker plugin
- [**170**Star][3y] [HTML] [threatexpress/metatwin](https://github.com/threatexpress/metatwin) The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
- [**170**Star][2y] [Py] [undeadsec/debinject](https://github.com/undeadsec/debinject) Inject malicious code into *.debs
- [**170**Star][20d] [Py] [trivio/common_crawl_index](https://github.com/trivio/common_crawl_index) billions of pages randomly crawled from the internet
- [**170**Star][13d] [TSQL] [sjvermeu/cvechecker](https://github.com/sjvermeu/cvechecker) Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
- [**170**Star][4m] [shramos/awesome-cybersecurity-datasets](https://github.com/shramos/awesome-cybersecurity-datasets) A curated list of amazingly awesome Cybersecurity datasets
- [**170**Star][3y] [Py] [northernsec/cve-scan](https://github.com/northernsec/cve-scan) Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's
- [**170**Star][11d] [Py] [netevert/pockint](https://github.com/netevert/pockint) A portable OSINT Swiss Army Knife for DFIR/OSINT professionals
- [**170**Star][3y] [C++] [mortenschenk/bhusa2017](https://github.com/mortenschenk/bhusa2017) Content from presentation at BHUSA 2017
- [**170**Star][12d] [Shell] [maldevel/blue-team](https://github.com/maldevel/blue-team) Blue Team Scripts
- [**170**Star][2m] [Rust] [loggerhead/shadowsocks-rust](https://github.com/loggerhead/shadowsocks-rust) Oh my implementation of Shadowsocks in Rust
- [**170**Star][14d] [JS] [k4m4/dcipher-cli](https://github.com/k4m4/dcipher-cli) Crack hashes using online rainbow & lookup table attack services, right from your terminal
- [**170**Star][20d] [joychou93/sks](https://github.com/joychou93/sks) Security Knowledge Structure(安全知识汇总)
- [**170**Star][1m] [Py] [nccgroup/keimpx](https://github.com/nccgroup/keimpx) Check for valid credentials across a network over SMB
- [**170**Star][1m] [C] [hrvach/espple](https://github.com/hrvach/espple) Apple 1 Emulator with wireless PAL RF Output
- [**170**Star][10d] [Py] [hkm/whoishere.py](https://github.com/hkm/whoishere.py) WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.
- [**170**Star][2m] [C] [gdbinit/readmem](https://github.com/gdbinit/readmem) A small OS X/iOS userland util to dump processes memory
- [**170**Star][16d] [LLVM] [galoisinc/reopt](https://github.com/galoisinc/reopt) A tool for analyzing x86-64 binaries.
- [**170**Star][19d] [JS] [evilcos/xssprobe](https://github.com/evilcos/xssprobe) xss probe to steal page info: browser, ua, lang, referer, location, toplocation, cookie, domain, title, screen, flash, etc.
- [**170**Star][27d] [Py] [certcc/keyfinder](https://github.com/certcc/keyfinder) A tool for finding and analyzing private (and public) key files, including support for Android APK files.
- [**170**Star][12d] [Java] [c0ny1/sqlmap4burp-plus-plus](https://github.com/c0ny1/sqlmap4burp-plus-plus) 一款兼容Windows，mac，linux多个系统平台的Burp与sqlmap联动插件
- [**170**Star][12d] [Py] [bugcrowd/vulnerability-rating-taxonomy](https://github.com/bugcrowd/vulnerability-rating-taxonomy) Bugcrowd’s baseline priority ratings for common security vulnerabilities
- [**170**Star][1m] [Py] [botherder/targetedthreats](https://github.com/botherder/targetedthreats) Collection of IOCs related to targeting of civil society
- [**170**Star][1m] [Go] [botherder/kraken](https://github.com/botherder/kraken) Cross-platform Yara scanner written in Go
- [**170**Star][3m] [Jupyter Notebook] [arunpatala/captcha](https://github.com/arunpatala/captcha) Breaking captchas using torch
- [**169**Star][21d] [JS] [macacajs/nosmoke](https://github.com/macacajs/nosmoke) A cross platform UI crawler which scans view trees then generate and execute UI test cases.
- [**169**Star][4m] [Py] [zhangbohan/fun_crawler](https://github.com/zhangbohan/fun_crawler) Crawl some picture for fun
- [**169**Star][14d] [Py] [arch4ngel/peasant](https://github.com/arch4ngel/peasant) LinkedIn reconnaissance tool
- [**169**Star][17d] [HTML] [v2ray/v2ray.github.io](https://github.com/v2ray/v2ray.github.io) V2Ray Portal
- [**169**Star][3m] [C#] [vivami/sauroneye](https://github.com/vivami/sauroneye) Search tool to find specific files containing specific words, i.e. files containing passwords..
- [**169**Star][11d] [C++] [momo5502/cod-exploits](https://github.com/momo5502/cod-exploits) 
- [**169**Star][22d] [Py] [vanpersiexp/expcamera](https://github.com/vanpersiexp/expcamera) Exploit Netwave and GoAhead IP Camera
- [**169**Star][1m] [Py] [trustedsec/ridenum](https://github.com/trustedsec/ridenum) Rid_enum is a null session RID cycle attack for brute forcing domain controllers.
- [**169**Star][3y] [Py] [smokeleeteveryday/ctf_writeups](https://github.com/smokeleeteveryday/ctf_writeups) CTF Writeups
- [**169**Star][25d] [Assembly] [smealum/butthax](https://github.com/smealum/butthax) lovense hush buttplug exploit chain
- [**169**Star][2m] [PHP] [secrule/falcon](https://github.com/secrule/falcon) 基于inotify-tools 开发的Web服务器文件监控平台 能够实时监控Web目录文件变化(新增，修改，删除)，判断文件内容是否包含恶意代码，自动隔离常见Webshell，保证Web目录文件安全
- [**169**Star][16d] [Py] [secdec/adapt](https://github.com/secdec/adapt) WebApp自动化渗透测试工具
- [**169**Star][4m] [samanl33t/awesome-mainframe-hacking](https://github.com/samanl33t/awesome-mainframe-hacking) List of Awesome Mainframe Hacking/Pentesting Resources
- [**169**Star][1y] [Py] [ridter/cve-2018-15982_exp](https://github.com/ridter/cve-2018-15982_exp) exp of CVE-2018-15982
- [**169**Star][1y] [C#] [mysterydash/offline-ps4-remote-play](https://github.com/mysterydash/offline-ps4-remote-play) Enjoy playing on your PS4 from your computer (WLAN/Ad-hoc) without the need of an Internet connection.
- [**169**Star][1y] [Go] [mimah/gomet](https://github.com/mimah/gomet) Multi-platform agent written in Golang. TCP forwarding, socks5, tunneling, pivoting, shell, download, exec
- [**169**Star][2y] [PS] [mattifestation/pssysmontools](https://github.com/mattifestation/pssysmontools) Sysmon Tools for PowerShell
- [**169**Star][4m] [C#] [kefniark/unitybarcodescanner](https://github.com/kefniark/unitybarcodescanner) Simple Unity Barcode Scanner
- [**169**Star][23d] [C++] [kaiserfarrell/malware](https://github.com/kaiserfarrell/malware) virus collection source code
- [**169**Star][10d] [C] [ifding/radare2-tutorial](https://github.com/ifding/radare2-tutorial) Reverse Engineering using Radare2
- [**169**Star][1m] [C] [hc0d3r/mysql-magic](https://github.com/hc0d3r/mysql-magic) dump mysql client password from memory
- [**169**Star][1m] [Py] [hanc00l/weblogic_unserialize_exploit](https://github.com/hanc00l/weblogic_unserialize_exploit) java unserialize vul for weblogic exploit
- [**169**Star][6y] [Puppet] [garethr/pentesting-playground](https://github.com/garethr/pentesting-playground) Code for installing various security minded tools onto Vagrant powered virtual machines
- [**169**Star][4y] [Go] [filosottile/cve-2016-2107](https://github.com/filosottile/cve-2016-2107) Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107)
- [**169**Star][30d] [Py] [epsylon/cintruder](https://github.com/epsylon/cintruder) Captcha Intruder (CIntrud3r) is an automatic pentesting tool to bypass captchas.
- [**169**Star][7m] [Visual Basic .NET] [dzzie/sysanalyzer](https://github.com/dzzie/sysanalyzer) Automated malcode analysis system - read more ->
- [**169**Star][4y] [Py] [dynetics/malfunction](https://github.com/dynetics/malfunction) Malware Analysis Tool using Function Level Fuzzy Hashing
- [**169**Star][1m] [C++] [cr4sh/fwexpl](https://github.com/cr4sh/fwexpl) PC firmware exploitation tool and library
- [**169**Star][10d] [TeX] [antelle/argon2-browser](https://github.com/antelle/argon2-browser) Argon2 library compiled for browser runtime
- [**169**Star][29d] [Py] [angr/heaphopper](https://github.com/angr/heaphopper) HeapHopper is a bounded model checking framework for Heap-implementations
- [**169**Star][13d] [C] [alex3434/wmi-static-spoofer](https://github.com/alex3434/wmi-static-spoofer) Spoofing the Windows 10 HDD/diskdrive serialnumber from kernel without hooking
- [**169**Star][4m] [C++] [a5-/gamerfood_csgo](https://github.com/a5-/gamerfood_csgo) Fully featured CSGO cheat by Team Gamerfood
- [**168**Star][7d] [Pascal] [vtereshkov/xdpw](https://github.com/vtereshkov/xdpw) XD Pascal: A small embeddable self-hosting Pascal compiler for Windows. Supports Go-style methods and interfaces
- [**168**Star][19d] [Shell] [mkropat/sslfie](https://github.com/mkropat/sslfie) Generate self-signed x.509 certificates for use with SSL/TLS
- [**168**Star][10d] [JS] [lgraubner/sitemap-generator-cli](https://github.com/lgraubner/sitemap-generator-cli) Creates an XML-Sitemap by crawling a given site.
- [**168**Star][1m] [Py] [osirislab/fentanyl](https://github.com/osirislab/Fentanyl) an IDAPython script that makes patching significantly easier
- [**168**Star][6m] [JS] [facebookarchive/puewue-frontend](https://github.com/facebookarchive/puewue-frontend) The front-end to a simple application that displays Facebook's datacenter power consumption and other information.
- [**168**Star][6m] [Rust] [hirrolot/finshir](https://github.com/Hirrolot/finshir) 
- [**168**Star][1m] [Py] [zynamics/objc-helper-plugin-ida](https://github.com/zynamics/objc-helper-plugin-ida) Simplifies working with Objective-C binaries in IDA Pro
- [**168**Star][4m] [Py] [yuxiaokui/intranet-penetration](https://github.com/yuxiaokui/intranet-penetration) 内网渗透必备工具。
- [**168**Star][1m] [Perl] [xme/hoover](https://github.com/xme/hoover) Wireless Probe Requests Sniffer
- [**168**Star][24d] [Py] [wenzel/pyvmidbg](https://github.com/wenzel/pyvmidbg) LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger
- [**168**Star][1m] [Swift] [rlovelett/langserver-swift](https://github.com/rlovelett/langserver-swift) A Swift implementation of the open Language Server Protocol.
- [**168**Star][4m] [Java] [reddr/libscout](https://github.com/reddr/libscout) Third-party library detector for Java/Android apps
- [**168**Star][4m] [Py] [ragibson/steganography](https://github.com/ragibson/steganography) Least Significant Bit Steganography for bitmap images (.bmp and .png), WAV sound files, and byte sequences. Simple LSB Steganalysis (LSB extraction) for bitmap images.
- [**168**Star][2y] [Py] [priyankgada/python-for-hackers](https://github.com/priyankgada/python-for-hackers) Python for Hackers - Youtube Tutorials - Priyank Gada
- [**168**Star][4m] [Groff] [opendns/security_ninjas_appsec_training](https://github.com/opendns/security_ninjas_appsec_training) OpenDNS application security training program
- [**168**Star][3y] [netbiosx/default-credentials](https://github.com/netbiosx/default-credentials) Default usernames and passwords for various systems (VoIP,IPMI,Oracle).
- [**168**Star][29d] [Rust] [net-reflow/reflow](https://github.com/net-reflow/reflow) Content-routable socks5 proxy switcher for your entire LAN.
- [**168**Star][4m] [mdrights/digital-rights](https://github.com/mdrights/digital-rights) Promote digital rights in China
- [**168**Star][28d] [Py] [juancarlospaco/css-html-js-minify](https://github.com/juancarlospaco/css-html-js-minify) StandAlone Async cross-platform Minifier for the Web.
- [**168**Star][15d] [Shell] [hiroshimanrise/anonym8](https://github.com/hiroshimanrise/anonym8) Sets Transparent proxy tunnel through Tor, I2P, Privoxy, Polipo and modify DNS; Include Anonymizing Relay Monitor (arm), macchanger and wipe (Cleans ram/cache & swap-space) features, ID spoofing has never been so easy.
- [**168**Star][1y] [Py] [ghostmanager/domaincheck](https://github.com/ghostmanager/domaincheck) DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.
- [**168**Star][1m] [Standard ML] [gamelinux/prads](https://github.com/gamelinux/prads) Passive Real-time Asset Detection System
- [**168**Star][2m] [Java] [eth-sri/securify](https://github.com/eth-sri/securify) [DEPRECATED] Security Scanner for Ethereum Smart Contracts
- [**168**Star][15d] [C] [defuse/sockstress](https://github.com/defuse/sockstress) Sockstress (TCP DoS) implementation.
- [**168**Star][10d] [dckc/awesome-ocap](https://github.com/dckc/awesome-ocap) Awesome Object Capabilities andCapability-based Security
- [**168**Star][3m] [C] [cyassl/cyassl](https://github.com/cyassl/cyassl) Please use wolfSSL now instead:
- [**168**Star][19d] [Java] [cryptocubik/browserprint](https://github.com/cryptocubik/browserprint) An open-source browser fingerprinting suite.
- [**168**Star][4m] [Haskell] [corsis/portfusion](https://github.com/corsis/portfusion) Haskell-powered cross-platform transport-layer distributed reverse / forward proxy & tunneling solution
- [**168**Star][2m] [Java] [christian-posta/envoy-microservices-patterns](https://github.com/christian-posta/envoy-microservices-patterns) Set of demos to demonstrate Envoy Proxy for resilient microservices patterns
- [**168**Star][2y] [Py] [c0ny1/pwcracker](https://github.com/c0ny1/pwcracker) 一款插件化的密码爆破框架
- [**168**Star][10d] [Shell] [bitnami/bitnami-docker-nginx](https://github.com/bitnami/bitnami-docker-nginx) Bitnami nginx Docker Image
- [**167**Star][2y] [Shell] [loganstellway/self-signed-ssl](https://github.com/loganstellway/self-signed-ssl) Generate self-signed TLS certificate using OpenSSL
- [**167**Star][18d] [HTML] [hyundotio/magicpad](https://github.com/hyundotio/magicpad) MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).
- [**167**Star][4m] [Py] [chenjiandongx/github-spider](https://github.com/chenjiandongx/github-spider) Github 仓库及用户分析爬虫
- [**167**Star][12d] [C] [mdlayher/wifi](https://github.com/mdlayher/wifi) Package wifi provides access to IEEE 802.11 WiFi device actions and statistics. MIT Licensed.
- [**167**Star][22d] [Clojure] [markmandel/brute](https://github.com/markmandel/brute) A simple and lightweight Entity Component System library for writing games with Clojure and ClojureScript.
- [**167**Star][26d] [C] [nordicsemiconductor/nordic-thingy52-fw](https://github.com/nordicsemiconductor/nordic-thingy52-fw) Nordic Thingy:52 software development kit. This kit is designed to assist users in developing their own custom firmware for Thingy. Please see
- [**167**Star][21d] [C] [zeek/packet-bricks](https://github.com/zeek/packet-bricks) A netmap-based packet layer for distributing and filtering traffic.
- [**167**Star][10d] [firmianay/security-paper](https://github.com/firmianay/security-paper) （与本人兴趣强相关的）各种安全or计算机资料收集
- [**167**Star][5y] [Py] [willseph/raspberrypithermostat](https://github.com/willseph/raspberrypithermostat) A Raspberry Pi-powered smart thermostat written in Python and PHP.
- [**167**Star][11d] [C++] [vtraag/leidenalg](https://github.com/vtraag/leidenalg) Implementation of the Leiden algorithm for various quality functions to be used with igraph in Python.
- [**167**Star][4m] [SystemVerilog] [ufrisk/pcileech-fpga](https://github.com/ufrisk/pcileech-fpga) FPGA 模块，可与 PCILeech DMA（Direct Memory Access ）攻击软件组合使用
- [**167**Star][4y] [Py] [sowish/lnscan](https://github.com/sowish/lnscan) 详细的内部网络信息扫描器
- [**167**Star][4m] [F#] [softsec-kaist/codealchemist](https://github.com/softsec-kaist/codealchemist) Semantics-aware Code Generation for Finding JS engine Vulnerabilities
- [**167**Star][5m] [Swift] [ryasnoy/applocker](https://github.com/ryasnoy/applocker) AppLocker - simple lock screen for iOS Application ( Swift 4+, iOS 9.0+) Touch ID / Face ID
- [**167**Star][2y] [Py] [rxwx/cve-2017-8570](https://github.com/rxwx/cve-2017-8570) Proof of Concept exploit for CVE-2017-8570
- [**167**Star][3y] [C++] [rossja/tinynuke](https://github.com/rossja/tinynuke) zeus-style banking trojan
- [**167**Star][11d] [Py] [reddelexc/hackerone-reports](https://github.com/reddelexc/hackerone-reports) Top disclosed reports from HackerOne
- [**167**Star][4m] [Java] [pwittchen/reactivewifi](https://github.com/pwittchen/reactivewifi) Android library listening available WiFi Access Points and related information with RxJava Observables
- [**167**Star][19d] [JS] [pownjs/pown](https://github.com/pownjs/pown) Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.
- [**167**Star][9m] [Py] [pinterest/thrift-tools](https://github.com/pinterest/thrift-tools) thrift-tools is a library and a set of tools to introspect Apache Thrift traffic.
- [**167**Star][10d] [C] [phhusson/super-bootimg](https://github.com/phhusson/super-bootimg) Tools to edit Android boot.img. NDK buildable, to be usable in an update.zip
- [**167**Star][10d] [C] [openmpt/openmpt](https://github.com/openmpt/openmpt) Official read-only git mirror of the OpenMPT and libopenmpt subversion repository at
- [**167**Star][11d] [JS] [nvisium/django.nv](https://github.com/nvisium/django.nv) Vulnerable Django Application
- [**167**Star][5m] [Py] [navdeep-g/showme](https://github.com/navdeep-g/showme) Quick application debugging and analysis for Python
- [**167**Star][3m] [Py] [milo2012/pentest_scripts](https://github.com/milo2012/pentest_scripts) 
- [**167**Star][1y] [marcosvalle/awesome-windows-red-team](https://github.com/marcosvalle/awesome-windows-red-team) A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
- [**167**Star][16d] [Go] [ls0f/gortcp](https://github.com/ls0f/gortcp) 内网穿透、远程文件上传下载、命令执行
- [**167**Star][2y] [JS] [logicalhacking/dvhma](https://github.com/logicalhacking/dvhma) Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
- [**167**Star][1m] [leezj9671/offensiveinterview](https://github.com/leezj9671/offensiveinterview) 翻译国外的
- [**167**Star][4m] [Py] [leeon123/cc-attack](https://github.com/leeon123/cc-attack) Using Socks4/5 proxy to make a multithread Http-flood/Https-flood (cc) attack.
- [**167**Star][16d] [Makefile] [kost/nmap-android](https://github.com/kost/nmap-android) Nmap on Android - Makefile/diff/scripts to build it with Android NDK
- [**167**Star][2y] [jnusimba/linuxsecnotes](https://github.com/jnusimba/linuxsecnotes) some learning notes about Linux Security
- [**167**Star][2y] [C] [jioundai/bluedroid](https://github.com/jioundai/bluedroid) PoCs of Vulnerabilities on Bluedroid
- [**167**Star][1m] [XSLT] [ironbee/waf-research](https://github.com/ironbee/waf-research) WAF Research
- [**167**Star][12d] [HTML] [googlecloudplatform/cloud-code-samples](https://github.com/googlecloudplatform/cloud-code-samples) Code templates to make working with Kubernetes feel like editing and debugging local code.
- [**167**Star][6m] [Java] [ge0rg/memorizingtrustmanager](https://github.com/ge0rg/memorizingtrustmanager) A "plugin" for Android Java to allow asking the user about SSL certificates
- [**167**Star][2y] [Py] [fs0c131y/aadhaarsearchengine](https://github.com/fs0c131y/aadhaarsearchengine) Find Aadhaar cards thanks to Google
- [**167**Star][5m] [Py] [fleetcaptain/turbolist3r](https://github.com/fleetcaptain/turbolist3r) Subdomain enumeration tool with analysis features for discovered domains
- [**167**Star][4m] [Py] [dyboy2017/wtf_scan](https://github.com/dyboy2017/wtf_scan) 一款WEB端的在线敏感资产扫描器，扫描网站中的指纹、漏洞及相关敏感信息，针对已经识别的CMS指纹，进行二次0day扫描利用，一键GetShell也不是不可能！！！
- [**167**Star][2y] [C++] [doublelabyrinth/010editor-keygen](https://github.com/doublelabyrinth/010editor-keygen) A keygen for 010Editor
- [**167**Star][16d] [Py] [chtd/psycopg2cffi](https://github.com/chtd/psycopg2cffi) Port to cffi with some speed improvements
- [**167**Star][13d] [Shell] [cfn-modules/docs](https://github.com/cfn-modules/docs) Rapid CloudFormation: Modular, production ready, open source.
- [**167**Star][11d] [ObjC] [bluecocoa/class-dump](https://github.com/bluecocoa/class-dump) Generate Objective-C headers from Mach-O files.
- [**167**Star][19d] [Py] [bayotop/off-by-slash](https://github.com/bayotop/off-by-slash) Burp extension to detect alias traversal via NGINX misconfiguration at scale.
- [**167**Star][1m] [Py] [hackatnow/shodanwave](https://github.com/hackatnow/shodanwave) Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
- [**166**Star][12d] [Py] [containernet/containernet](https://github.com/containernet/containernet) Mininet fork adding support for container-based (e.g. Docker) emulated hosts.
- [**166**Star][4m] [Py] [vaibhav/stock-analysis](https://github.com/vaibhav/stock-analysis) Regression, Scrapers, and Visualization
- [**166**Star][7d] [Py] [marin-m/vmlinux-to-elf](https://github.com/marin-m/vmlinux-to-elf) A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)
- [**166**Star][1m] [JS] [ma63d/leetcode-spider](https://github.com/ma63d/leetcode-spider) 用 node.js 爬你自己的 leetcode 解题源码
- [**166**Star][3m] [Shell] [shengqiangzhang/drcom-gdut-hc5661a-openwrt](https://github.com/shengqiangzhang/drcom-gdut-hc5661a-openwrt) 在Dr.COM下使用路由器上校园网WIFI(以广东工业大学、极路由1S HC5661A、OpenWrt为例)
- [**166**Star][1m] [Shell] [icy/google-group-crawler](https://github.com/icy/google-group-crawler) Get (almost) original messages from google group archives. Your data is yours.
- [**166**Star][15d] [Shell] [reb311ion/tornado](https://github.com/reb311ion/tornado) All in one MITM tool
- [**166**Star][5m] [Perl] [yuri-gushin/roboo](https://github.com/yuri-gushin/roboo)  uses advanced non-interactive HTTP challenge/response mechanisms to detect and subsequently mitigate HTTP robots
- [**166**Star][18d] [Ruby] [waterlink/rack-reverse-proxy](https://github.com/waterlink/rack-reverse-proxy) A Reverse Proxy for Rack
- [**166**Star][4m] [Py] [walkerfuz/morph](https://github.com/walkerfuz/morph) An open source fuzzing framework for fun.
- [**166**Star][4m] [Py] [vinayakumarr/network-intrusion-detection](https://github.com/vinayakumarr/network-intrusion-detection) Network Intrusion Detection KDDCup '99', NSL-KDD and UNSW-NB15
- [**166**Star][27d] [Go] [skx/simple-vpn](https://github.com/skx/simple-vpn) A simple VPN allowing mesh-like communication between nodes, over websockets
- [**166**Star][23d] [Assembly] [peterferrie/win-exec-calc-shellcode](https://github.com/peterferrie/win-exec-calc-shellcode) A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)
- [**166**Star][4m] [C++] [okcerg/sortfilterproxymodel](https://github.com/okcerg/sortfilterproxymodel) A nicely exposed QSortFilterProxyModel for QML
- [**166**Star][2y] [C] [oalabs/blobrunner](https://github.com/oalabs/blobrunner) Quickly debug shellcode extracted during malware analysis
- [**166**Star][18d] [Go] [jetstack/kube-oidc-proxy](https://github.com/jetstack/kube-oidc-proxy) Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.
- [**166**Star][5y] [C++] [ewimberley/advancedmemorychallenges](https://github.com/ewimberley/advancedmemorychallenges) Advanced buffer overflow and memory corruption security challenges
- [**166**Star][2y] [C#] [eaglexiang/eagle.tunnel.dotnet.core](https://github.com/eaglexiang/eagle.tunnel.dotnet.core) 稳定易用的代理工具
- [**166**Star][12d] [Ruby] [dev-sec/ansible-nginx-hardening](https://github.com/dev-sec/ansible-nginx-hardening) This Ansible role provides secure nginx configurations.
- [**166**Star][2m] [C] [davidgfnet/wireshark-whatsapp](https://github.com/davidgfnet/wireshark-whatsapp) Whatsapp dissector plugin for wireshark
- [**166**Star][4y] [Py] [ctfs/write-ups-tools](https://github.com/ctfs/write-ups-tools) A collection of tools used to maintain and create CTF write-up folders
- [**166**Star][2y] [Py] [boy-hack/poc-t](https://github.com/boy-hack/poc-t) 基于poc-t 并在此基础上增加批量功能！
- [**166**Star][7m] [C++] [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120) 
- [**166**Star][15d] [Ruby] [bahaabdelwahed/killshot](https://github.com/bahaabdelwahed/killshot) A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
- [**166**Star][1m] [Py] [artkond/cisco-rce](https://github.com/artkond/cisco-rce) CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC
- [**166**Star][30d] [C] [armadito/armadito-av](https://github.com/armadito/armadito-av) Armadito antivirus main repository
- [**166**Star][19d] [Py] [appsecco/vulnerable-apps](https://github.com/appsecco/vulnerable-apps) 
- [**166**Star][12m] [PS] [alsidofficial/wsuspendu](https://github.com/alsidofficial/wsuspendu) Implement WSUSpendu attack
- [**166**Star][3y] [Py] [504ensicslabs/damm](https://github.com/504ensicslabs/damm) Differential Analysis of Malware in Memory
- [**166**Star][12m] [0xbug/biu](https://github.com/0xbug/biu) 网络资产发现、漏洞扫描
- [**165**Star][1m] [Makefile] [kerberos-io/kios](https://github.com/kerberos-io/kios) A Linux OS created by Buildroot which runs Kerberos.io out-of-the-box.
- [**165**Star][12d] [Py] [d4em0n/exrop](https://github.com/d4em0n/exrop) Automatic ROPChain Generation
- [**165**Star][4m] [Py] [yagamiilight/cerberus](https://github.com/yagamiilight/cerberus) 一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
- [**165**Star][2m] [C++] [lxrite/azure-http-proxy](https://github.com/lxrite/azure-http-proxy) A fast, secure, lightweight and cross-platform HTTP proxy written in C++.
- [**165**Star][9d] [Py] [yukiarrr/il2cppspy](https://github.com/yukiarrr/il2cppspy) Unity IL2CPP Disassembler (for apk)
- [**165**Star][1m] [Py] [crytic/ida-evm](https://github.com/crytic/ida-evm) IDA Processor Module for the Ethereum Virtual Machine (EVM)
- [**165**Star][12d] [Go] [wille/cry](https://github.com/wille/cry) Cross platform PoC ransomware written in Go
- [**165**Star][1m] [JS] [zsoltszabo/node-uglifier](https://github.com/zsoltszabo/node-uglifier) Fully auto merging and obfuscating (uglify) a whole NodeJs project into one file with external files option. Thieves lose the module name and structure information, code runs faster. Makes deployement super easy! It can also separate a project's original files based on the dependency tree.
- [**165**Star][1y] [C] [zhuhuibeishadiao/newhidedriverex](https://github.com/zhuhuibeishadiao/newhidedriverex) Hide Driver By MiProcessLoaderEntry
- [**165**Star][3y] [ysrc/androidobfusedictionary](https://github.com/ysrc/androidobfusedictionary) Android ProGuard变态混淆字典
- [**165**Star][1m] [C] [xiphosresearch/netelf](https://github.com/xiphosresearch/netelf) Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
- [**165**Star][4m] [JS] [tidesec/proxy_pool](https://github.com/tidesec/proxy_pool) Proxy_Pool（代理资源池），一个小巧的代理ip抓取+评估+存储+展示的一体化的工具，包括了web展示和接口。
- [**165**Star][11d] [Shell] [systematicat/hack-captive-portals](https://github.com/systematicat/hack-captive-portals) Hack any Captive portal using MAC-spoofing technique
- [**165**Star][3y] [Py] [sourcekris/rsactftool](https://github.com/sourcekris/rsactftool) RSA CTF Tool - Tool to attack RSA public keys and ciphertexts in common ways
- [**165**Star][3y] [Py] [rajeshmajumdar/ploitkit](https://github.com/rajeshmajumdar/ploitkit) The Hacker's ToolBox
- [**165**Star][4m] [Batchfile] [pyn3rd/cve-2019-0232](https://github.com/pyn3rd/cve-2019-0232) Apache Tomcat Remote Code Execution on Windows
- [**165**Star][12d] [Py] [pybind/cmake_example](https://github.com/pybind/cmake_example) Example pybind11 module built with a CMake-based build system
- [**165**Star][6m] [PS] [plagueho/labbuilder](https://github.com/plagueho/labbuilder) PowerShell Module for building a Hyper-V Lab environment from a simple XML configuration file.
- [**165**Star][15d] [Go] [medcl/elasticsearch-proxy](https://github.com/medcl/elasticsearch-proxy) A lightweight elasticsearch proxy written in golang
- [**165**Star][2y] [Java] [lightless233/java-unserialization-study](https://github.com/lightless233/java-unserialization-study) QAQ Just study unserialize vulnerabilities in Java :)
- [**165**Star][3y] [C++] [l3cr0f/dccwbypassuac](https://github.com/l3cr0f/dccwbypassuac) Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
- [**165**Star][8y] [C++] [kavika13/remcom](https://github.com/kavika13/remcom) Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)
- [**165**Star][15d] [Ruby] [jekyll/github-metadata](https://github.com/jekyll/github-metadata) Jekyll plugin to propagate the `site.github` namespace and set default values for use with GitHub Pages.
- [**165**Star][4m] [C] [jedisct1/blacknurse](https://github.com/jedisct1/blacknurse) BlackNurse attack PoC
- [**165**Star][5m] [Java] [itzsomebody/radon](https://github.com/itzsomebody/radon) A crappy Java bytecode obfuscator (meaning: not for production use)
- [**165**Star][4m] [Py] [iamblackhacker/facebook-bruteforce](https://github.com/iamblackhacker/facebook-bruteforce) Bruteforce attack on Facebook account using python script
- [**165**Star][5y] [PS] [harmj0y/powerup](https://github.com/harmj0y/powerup) This version of PowerUp is now unsupported. See
- [**165**Star][15d] [grrrdog/weird_proxies](https://github.com/grrrdog/weird_proxies) Reverse proxies cheatsheet
- [**165**Star][4m] [ObjC] [gaoshilei/mmplugin](https://github.com/gaoshilei/mmplugin) 微信自动抢红包、防消息撤回、修改运动步数、朋友圈小视频转发等功能（无需越狱），附微信重签名教程
- [**165**Star][17d] [Go] [fuzzitdev/fuzzit](https://github.com/fuzzitdev/fuzzit) CLI to integrate continuous fuzzing with Fuzzit
- [**165**Star][24d] [C] [dyne/dnscrypt-proxy](https://github.com/dyne/dnscrypt-proxy) DNSCrypt-Proxy repository, frankly maintained for what it does (no new features planned)
- [**165**Star][3y] [Shell] [danilabs/tools-tbhm](https://github.com/danilabs/tools-tbhm) Tools of "The Bug Hunters Methodology V2 by
- [**165**Star][27d] [C++] [creepsky/creepminer](https://github.com/creepsky/creepminer) Burstcoin C++ CPU and GPU Miner
- [**165**Star][1y] [C++] [changeofpace/self-remapping-code](https://github.com/changeofpace/self-remapping-code) This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
- [**165**Star][3y] [Py] [aim4r/voldiff](https://github.com/aim4r/voldiff) Malware Memory Footprint Analysis based on Volatility
- [**164**Star][4m] [Py] [eight04/comiccrawler](https://github.com/eight04/comiccrawler) An image crawler written in Python.
- [**164**Star][9m] [Shell] [smashwilson/lets-nginx](https://github.com/smashwilson/lets-nginx) Push button, get TLS
- [**164**Star][1m] [Py] [kishanbagaria/airdos](https://github.com/kishanbagaria/airdos) 
- [**164**Star][12d] [Java] [iqiyi/dexsplitter](https://github.com/iqiyi/dexsplitter) Analyze contribution rate of each module to the apk size
- [**164**Star][10d] [JS] [quinton-ashley/nostlan](https://github.com/quinton-ashley/nostlan) Nostlan is a high quality front-end launcher for video game emulators! Available on Linux, macOS, and Windows!
- [**164**Star][25d] [C] [ninjaprawn/async_wake-fun](https://github.com/ninjaprawn/async_wake-fun) iOS/MacOS 11 内核双释放漏洞 exp
- [**164**Star][12m] [C#] [xorrior/random-csharptools](https://github.com/xorrior/random-csharptools) Collection of CSharp Assemblies focused on Post-Exploitation Capabilities
- [**164**Star][13d] [C] [wmkhoo/taintgrind](https://github.com/wmkhoo/taintgrind) A taint-tracking plugin for the Valgrind memory checking tool
- [**164**Star][3m] [Py] [veorq/blueflower](https://github.com/veorq/blueflower) a grep -r for secrets
- [**164**Star][2m] [C] [uptimejp/sql_firewall](https://github.com/uptimejp/sql_firewall) SQL Firewall Extension for PostgreSQL
- [**164**Star][1m] [C] [teran-mckinney/raru](https://github.com/teran-mckinney/raru) run as random user
- [**164**Star][1y] [C] [tboox/itrace](https://github.com/tboox/itrace) Trace objc method call for ios and mac
- [**164**Star][13d] [Py] [samyoyo/weeman](https://github.com/samyoyo/weeman) HTTP Server for phishing in Python
- [**164**Star][1m] [Py] [saltstack/salt-contrib](https://github.com/saltstack/salt-contrib) Salt Module Contributions
- [**164**Star][2y] [PS] [psconfeu/2018](https://github.com/psconfeu/2018) PowerShell Conference Europe 2018 Slides and Demo Scripts
- [**164**Star][23d] [C#] [openssl-net/openssl-net](https://github.com/openssl-net/openssl-net) C# wrapper for the popular OpenSSL libraries
- [**164**Star][2y] [C++] [openats/openats](https://github.com/openats/openats) 天线追踪系统
- [**164**Star][10m] [Java] [netspi/javaserialkiller](https://github.com/netspi/javaserialkiller) Burp extension to perform Java Deserialization Attacks
- [**164**Star][6m] [Py] [neo23x0/yaranalyzer](https://github.com/neo23x0/yaranalyzer) Yara Rule Analyzer and Statistics
- [**164**Star][12d] [HTML] [neal1991/gshark](https://github.com/neal1991/gshark) Scan for sensitive information easily and effectively.
- [**164**Star][8m] [JS] [mrgeffitas/ironsquirrel](https://github.com/mrgeffitas/ironsquirrel) Encrypted exploit delivery for the masses
- [**164**Star][7d] [misterch0c/what_is_this_c2](https://github.com/misterch0c/what_is_this_c2) For all these times you're asking yourself "what is this panel again?"
- [**164**Star][11d] [Py] [iluxonchik/blackhat-python-book](https://github.com/iluxonchik/blackhat-python-book) Code from Blackhat Python book
- [**164**Star][2m] [Py] [galkan/flashlight](https://github.com/galkan/flashlight) Pentesters spend too much time during information gathering phase. Flashlight (Fener) provides services to scan network/ports and gather information rapidly on target networks. So Flashlight should be the choice to automate discovery step during a penetration test. In this article, usage of Flashligh application will be explained.
- [**164**Star][1m] [C] [gabrielrcouto/reaver-wps](https://github.com/gabrielrcouto/reaver-wps) Brute force attack against Wifi Protected Setup
- [**164**Star][15d] [Py] [fireeye/pywintrace](https://github.com/fireeye/pywintrace) Python 编写的 ETW（Event Tracing for Windows） Wrapper
- [**164**Star][2m] [Go] [elithrar/simple-scrypt](https://github.com/elithrar/simple-scrypt) A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go
- [**164**Star][26d] [JS] [dzt/easy-proxy](https://github.com/dzt/easy-proxy) Make mass proxies easily. (DigitalOcean)
- [**164**Star][6m] [Py] [davedoesdev/python-jwt](https://github.com/davedoesdev/python-jwt) Python module for generating and verifying JSON Web Tokens
- [**164**Star][1y] [ObjC] [charlymr/irldocumentscanner](https://github.com/charlymr/irldocumentscanner) A drop-in Objective-C ViewController that will Automatically scan a document for you you.
- [**164**Star][23d] [JS] [certsocietegenerale/swordphish-awareness](https://github.com/certsocietegenerale/swordphish-awareness) Swordphish Phishing Awareness Tool
- [**164**Star][15d] [Py] [biosbits/bits](https://github.com/biosbits/bits) BIOS Implementation Test Suite
- [**164**Star][12d] [Py] [arxsys/dff](https://github.com/arxsys/dff) a Forensics Framework coming with command line and graphical interfaces. 
- [**164**Star][19d] [Py] [argp/iboot64helper](https://github.com/argp/iboot64helper) IDAPython loader to help with AArch64 iBoot, iBEC, and SecureROM reverse engineering
- [**164**Star][23d] [Scala] [albuch/sbt-dependency-check](https://github.com/albuch/sbt-dependency-check) SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs).
- [**163**Star][11d] [Py] [chenjiandongx/stackoverflow-spider](https://github.com/chenjiandongx/stackoverflow-spider) 爬取 Stackoverflow 1m 条问答
- [**163**Star][14d] [C++] [prime-project/primestereomatch](https://github.com/prime-project/primestereomatch) A heterogeneous and fully parallel stereo matching algorithm for depth estimation, implementing a local adaptive support weight (ADSW) Guided Image Filter (GIF) cost aggregation stage. Developed in both C++ and OpenCL.
- [**163**Star][13d] [Py] [vikwin/pcapfex](https://github.com/vikwin/pcapfex) 'Packet Capture Forensic Evidence eXtractor' is a tool that finds and extracts files from packet capture files
- [**163**Star][5m] [Go] [armon/go-proxyproto](https://github.com/armon/go-proxyproto) Golang package to handle HAProxy Proxy Protocol
- [**163**Star][10d] [PS] [gtworek/psbits](https://github.com/gtworek/psbits) Simple (relatively) things allowing you to dig a bit deeper than usual.
- [**163**Star][4m] [Py] [hackatnow/shodanwave](https://github.com/hackatnow/shodanwave) Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
- [**163**Star][11d] [Py] [chenjiandongx/stackoverflow-spider](https://github.com/chenjiandongx/stackoverflow-spider) 爬取 Stackoverflow 1m 条问答
- [**163**Star][3m] [sniperoj/attack-defense-framework](https://github.com/SniperOJ/Attack-Defense-Framework) 
- [**163**Star][21d] [Visual Basic] [mwsrc/plasmarat](https://github.com/mwsrc/PlasmaRAT) Remote Access Trojan(RAT), Miner, DDoS
- [**163**Star][14d] [han0nly/securityrss](https://github.com/Han0nly/SecurityRSS) 网络安全相关的RSS订阅列表
- [**163**Star][4m] [HTML] [zer0yu/berserker](https://github.com/zer0yu/berserker) A list of useful payloads for Web Application Security and Pentest/CTF
- [**163**Star][4m] [Py] [yassineaboukir/cve-2018-0296](https://github.com/yassineaboukir/cve-2018-0296) Script to test for Cisco ASA path traversal vulnerability (CVE-2018-0296) and extract system information.
- [**163**Star][11d] [TS] [xiyuan-fengyu/ppspider](https://github.com/xiyuan-fengyu/ppspider) web spider built by puppeteer, support task-queue and task-scheduling by decorators，support nedb / mongodb, support data visualization; 基于puppeteer的web爬虫框架，提供灵活的任务队列管理调度方案，提供便捷的数据保存方案（nedb/mongodb），提供数据可视化和用户交互的实现方案
- [**163**Star][13d] [Shell] [thelinuxchoice/facebash](https://github.com/thelinuxchoice/facebash) Facebook Brute Forcer in shellscript using TOR
- [**163**Star][4m] [Py] [thehive-project/cortex-analyzers](https://github.com/thehive-project/cortex-analyzers) Cortex Analyzers Repository
- [**163**Star][4m] [HTML] [retest/recheck-web](https://github.com/retest/recheck-web) recheck for web apps – change comparison tool with local Golden Masters, Git-like ignore syntax and "Unbreakable Selenium" tests.
- [**163**Star][18d] [Shell] [petermosmans/security-scripts](https://github.com/petermosmans/security-scripts) A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
- [**163**Star][4y] [Go] [openwhitebox/aes](https://github.com/openwhitebox/aes) Implementations of white-box AES constructions and their cryptanalyses.
- [**163**Star][17d] [Py] [nccgroup/thetick](https://github.com/nccgroup/thetick) A simple embedded Linux backdoor.
- [**163**Star][2y] [msuhanov/regf](https://github.com/msuhanov/regf) Windows registry file format specification
- [**163**Star][12m] [mrmugiwara/ctf-tools](https://github.com/mrmugiwara/ctf-tools) Useful CTF Tools
- [**163**Star][14d] [CSS] [m6a-uds/ssrf-lab](https://github.com/m6a-uds/ssrf-lab) Lab for exploring SSRF vulnerabilities
- [**163**Star][13d] [Perl] [henshin/filebuster](https://github.com/henshin/filebuster) An extremely fast and flexible web fuzzer
- [**163**Star][10d] [HTML] [exploitprotocol/mobile-security-wiki](https://github.com/exploitprotocol/mobile-security-wiki) 
- [**163**Star][1m] [C] [dhavalkapil/libdheap](https://github.com/dhavalkapil/libdheap) A shared (dynamic) library that can be transparently injected into different processes to detect memory corruption in glibc heap
- [**163**Star][11m] [Py] [cvandeplas/elk-forensics](https://github.com/cvandeplas/elk-forensics) ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)
- [**163**Star][3m] [Py] [censys/censys-python](https://github.com/censys/censys-python) Python Library for Censys
- [**163**Star][1y] [Py] [ankeshanand/neural-cryptography-tensorflow](https://github.com/ankeshanand/neural-cryptography-tensorflow) Neural Networks that invent their own encryption
- [**163**Star][2m] [C] [angr/patcherex](https://github.com/angr/patcherex) Shellphish's automated patching engine, originally created for the Cyber Grand Challenge.
- [**163**Star][3y] [Py] [4w4k3/umbrella](https://github.com/4w4k3/umbrella) A Phishing Dropper designed to Pentest.
- [**163**Star][13d] [C++] [3dem/relion](https://github.com/3dem/relion) Image-processing software for cryo-electron microscopy
- [**162**Star][11d] [JS] [seemoo-lab/frankenstein](https://github.com/seemoo-lab/frankenstein) Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging
- [**162**Star][8d] [Roff] [ttmo-o/x86-manpages](https://github.com/ttmo-o/x86-manpages) x86 and amd64 instruction reference manual pages
- [**162**Star][10d] [HTML] [freelawproject/juriscraper](https://github.com/freelawproject/juriscraper) An API to scrape American court websites for metadata.
- [**162**Star][1y] [Py] [henryhaohao/wenshu_spider](https://github.com/henryhaohao/wenshu_spider) Scrapy框架爬取中国裁判文书网案件数据
- [**162**Star][21d] [Py] [bukson/steampy](https://github.com/bukson/steampy) A Steam trading library for python 3
- [**162**Star][4m] [C] [ruiqimao/qmkbuilder](https://github.com/ruiqimao/qmkbuilder) Online GUI for QMK Firmware
- [**162**Star][12d] [Py] [deanishe/alfred-pwgen](https://github.com/deanishe/alfred-pwgen) Generate passwords with Alfred
- [**162**Star][13d] [Go] [misecurity/exchange_proxy](https://github.com/misecurity/exchange_proxy) Security proxy server for Exchange server
- [**162**Star][4m] [PS] [nickrod518/powershell-scripts](https://github.com/nickrod518/powershell-scripts) PowerShell scripts ranging from SCCM, MSO, AD, and other corporate enterprise uses... to sending cat facts to coworkers.
- [**162**Star][18d] [suricata-rules/suricata-rules](https://github.com/suricata-rules/suricata-rules) Suricata IDS rules
- [**162**Star][14d] [Ruby] [arkadiyt/bounty-targets](https://github.com/arkadiyt/bounty-targets) This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/etc) hourly and dumps them into the bounty-targets-data repo
- [**162**Star][11d] [Rust] [amaurymartiny/check-if-email-exists](https://github.com/amaurymartiny/check-if-email-exists) Check if an email address exists without sending any email, written in Rust.
- [**162**Star][2y] [JS] [aghorler/webrtc-leak-prevent](https://github.com/aghorler/WebRTC-Leak-Prevent) Prevent WebRTC leaks in Chromium browsers.
- [**162**Star][4m] [C] [iaik/sgxrop](https://github.com/IAIK/sgxrop) The code to the SGX-ROP paper
- [**162**Star][23d] [Py] [wh1t3rh1n0/air-hammer](https://github.com/wh1t3rh1n0/air-hammer) A WPA Enterprise horizontal brute-force attack tool 
- [**162**Star][7d] [Py] [vulnerscom/zabbix-threat-control](https://github.com/vulnerscom/zabbix-threat-control) Zabbix vulnerability assessment plugin
- [**162**Star][10d] [C] [twogood/unshield](https://github.com/twogood/unshield) Tool and library to extract CAB files from InstallShield installers
- [**162**Star][3y] [ASP] [testsecer/webshell](https://github.com/testsecer/webshell) 这是一个WebShell收集项目
- [**162**Star][25d] [PS] [stealthbits/poshkatz](https://github.com/stealthbits/poshkatz) PowerShell module for Mimikatz
- [**162**Star][16d] [Shell] [spiderlabs/jboss-autopwn](https://github.com/spiderlabs/jboss-autopwn) A JBoss script for obtaining remote shell access
- [**162**Star][1m] [Py] [secretsquirrel/fido](https://github.com/secretsquirrel/fido) Teaching old shellcode new tricks
- [**162**Star][2m] [Py] [sa7mon/miniprint](https://github.com/sa7mon/miniprint) A medium interaction printer honeypot
- [**162**Star][11d] [Java] [rednaga/axmlprinter](https://github.com/rednaga/axmlprinter) Library for parsing and printing compiled Android manifest files
- [**162**Star][13d] [C++] [raspberrypi/piserver](https://github.com/raspberrypi/piserver) Raspberry Pi Server wizard to serve Raspbian to network booting Pis
- [**162**Star][4m] [C#] [radiowar/nfcgui](https://github.com/radiowar/nfcgui) GUI tool for NFC protocol analysis
- [**162**Star][14d] [Py] [perfectblue/ctf-writeups](https://github.com/perfectblue/ctf-writeups) Perfect Blue's CTF Writeups
- [**162**Star][3y] [Py] [pentesteres/delorean](https://github.com/pentesteres/delorean) NTP Main-in-the-Middle tool
- [**162**Star][2m] [owenliang/php-fpm-code-analysis](https://github.com/owenliang/php-fpm-code-analysis) php-fpm源码分析
- [**162**Star][10d] [C] [nomorefood/putty-cac](https://github.com/nomorefood/putty-cac) Windows Secure Shell Client With Support For Smart Cards & Certificates
- [**162**Star][5y] [Py] [netspi/sshkey-grab](https://github.com/netspi/sshkey-grab) Grab ssh keys from ssh-agent
- [**162**Star][19d] [Py] [moyix/creddump](https://github.com/moyix/creddump) Automatically exported from code.google.com/p/creddump
- [**162**Star][3y] [miserlou/mackenzie](https://github.com/miserlou/mackenzie) AWS Lambda Infection Toolkit // Persistent Lambda Malware PoC
- [**162**Star][2y] [Py] [matiasb/unpy2exe](https://github.com/matiasb/unpy2exe) Extract .pyc files from executables created with py2exe
- [**162**Star][13d] [Scala] [maif/otoroshi](https://github.com/maif/otoroshi) Lightweight api management on top of a modern http reverse proxy
- [**162**Star][6m] [mac4n6/presentations](https://github.com/mac4n6/presentations) Presentation Archives for my macOS and iOS Related Research
- [**162**Star][10d] [C] [libimobiledevice/libirecovery](https://github.com/libimobiledevice/libirecovery) Library and utility to talk to iBoot/iBSS via USB on Mac OS X, Windows, and Linux
- [**162**Star][2y] [Py] [joker25000/optiva-framework](https://github.com/joker25000/optiva-framework) Optiva-Framework
- [**162**Star][1y] [Py] [jerrychan807/wspih](https://github.com/jerrychan807/wspih) Website Sensitive Personal Information Hunter 网站个人敏感信息文件扫描器
- [**162**Star][11d] [Shell] [hiruna/wifi-txpower-unlocker](https://github.com/hiruna/wifi-txpower-unlocker) bash 脚本, 从 Central Regulatory Domain Agent 和 Wireles Regulatory Database 获取源, 生成修改版的 regulatory.bin 并 patch 内核, 以解锁 WiFi TX power
- [**162**Star][4m] [C] [hfiref0x/ntcall64](https://github.com/hfiref0x/ntcall64) Windows NT x64 syscall fuzzer
- [**162**Star][4m] [JS] [henices/chrome-proxy-helper](https://github.com/henices/chrome-proxy-helper) Chrome PROXY extension, set proxy for Chrome browser
- [**162**Star][1y] [hd421/monitoring-systems-cheat-sheet](https://github.com/hd421/monitoring-systems-cheat-sheet) A cheat sheet for pentesters and researchers about vulnerabilities in well-known monitoring systems.
- [**162**Star][14d] [Ruby] [hatlord/snmpwn](https://github.com/hatlord/snmpwn) An SNMPv3 User Enumerator and Attack tool
- [**162**Star][2y] [C++] [encounter/futurerestore](https://github.com/encounter/futurerestore) (unmaintained) iOS upgrade and downgrade tool utilizing SHSH blobs (unofficial fork supporting iOS 11 and newer devices)
- [**162**Star][20d] [Py] [dvopsway/datasploit](https://github.com/dvopsway/datasploit) A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.
- [**162**Star][2m] [Py] [blazeinfosec/bt2](https://github.com/blazeinfosec/bt2) Blaze Telegram Backdoor Toolkit is a post-exploitation tool that leverages the infrastructure of Telegram as a C&C
- [**162**Star][1m] [Shell] [anapsix/zabbix-haproxy](https://github.com/anapsix/zabbix-haproxy) HAProxy Zabbix Discovery and Template
- [**161**Star][8d] [Shell] [jasonacox/build-openssl-curl](https://github.com/jasonacox/build-openssl-curl) Scripts to build OpenSSL, HTTP/2 (nghttp2) and cURL (libcurl) for MacOS, iOS and tvOS devices (x86_64, armv7, armv7s, arm64, arm64e). Now Supporting OpenSSL 1.1.1 with TLS 1.3.
- [**161**Star][18d] [mr-bt/raspberrypi-timemachine](https://github.com/mr-bt/raspberrypi-timemachine) Apple Time Machine with raspberry Pi
- [**161**Star][11d] [Elixir] [oltarasenko/crawly](https://github.com/oltarasenko/crawly) Crawly, a high-level web crawling & scraping framework for Elixir.
- [**161**Star][11d] [C] [emilwallner/corewar](https://github.com/emilwallner/corewar) A reproduction of the Core War game. Assembly compiler, Virtual Machine and GUI.
- [**161**Star][12d] [Py] [ripxorip/aerojump.nvim](https://github.com/ripxorip/aerojump.nvim) Aerojump is a fuzzy-match searcher/jumper for Neovim with the goal of quick keyboard navigation
- [**161**Star][9m] [C] [ajkhoury/uefi-bootkit](https://github.com/ajkhoury/UEFI-Bootkit) A small bootkit which does not rely on x64 assembly.
- [**161**Star][17d] [Py] [reb311ion/rebel-framework](https://github.com/reb311ion/rebel-framework) Advanced and easy to use penetration testing framework
- [**161**Star][15d] [Py] [z0noxz/powerstager](https://github.com/z0noxz/powerstager) A payload stager using PowerShell
- [**161**Star][14d] [C] [x0rz/ssh-honeypot](https://github.com/x0rz/ssh-honeypot) Fake sshd that logs ip addresses, usernames, and passwords.
- [**161**Star][11d] [Go] [txn2/txeh](https://github.com/txn2/txeh) Go library and CLI utilty for /etc/hosts management.
- [**161**Star][2m] [Py] [tintinweb/ecdsa-private-key-recovery](https://github.com/tintinweb/ecdsa-private-key-recovery) A simple library to recover the private key of ECDSA and DSA signatures sharing the same nonce k and therefore having identical signature parameter r
- [**161**Star][4y] [C++] [sakshamsharma/http-over-protocol](https://github.com/sakshamsharma/http-over-protocol) HOP: A proxy server to enable arbitrary protocols behind an HTTP proxy
- [**161**Star][3m] [Py] [richiercyrus/venator](https://github.com/richiercyrus/venator) Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
- [**161**Star][12d] [Dockerfile] [remnux/docker](https://github.com/remnux/docker) This repository contains Dockerfiles for building Docker images of popular malware analysis tools. See
- [**161**Star][9y] [C] [poelzi/openchronos](https://github.com/poelzi/openchronos)  Open Source Firmware for the TI EZ430-Chronos Watch
- [**161**Star][13d] [Py] [paulperry/quant](https://github.com/paulperry/quant) Quantitative Finance and Algorithmic Trading
- [**161**Star][25d] [Py] [nccgroup/idahunt](https://github.com/nccgroup/idahunt) a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
- [**161**Star][7d] [JS] [mike-works/web-security-fundamentals](https://github.com/mike-works/web-security-fundamentals) 
- [**161**Star][15d] [C] [matthiaskramm/swftools](https://github.com/matthiaskramm/swftools) Utilities for editing and generating Adobe Flash (SWF) files.
- [**161**Star][11d] [Py] [m8r0wn/crosslinked](https://github.com/m8r0wn/crosslinked) LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
- [**161**Star][5m] [klionsec/redteammanual](https://github.com/klionsec/redteammanual) 
- [**161**Star][22d] [C#] [juunas11/aspnetcore-security-headers](https://github.com/juunas11/aspnetcore-security-headers) Middleware for adding security headers to an ASP.NET Core application.
- [**161**Star][3y] [C++] [gbonacini/cve-2016-5195](https://github.com/gbonacini/cve-2016-5195) A CVE-2016-5195 exploit example.
- [**161**Star][1y] [C] [eniac/faas](https://github.com/eniac/faas) Factoring as a Service
- [**161**Star][4m] [Py] [d4stiny/dell-support-assist-rce-poc](https://github.com/d4stiny/dell-support-assist-rce-poc) 
- [**161**Star][3m] [TS] [cupslab/password_meter](https://github.com/cupslab/password_meter) 数据驱动的密码测量仪表，可对密码进行强度和可用性检测
- [**161**Star][1y] [C#] [cobbr/sharpgen](https://github.com/cobbr/sharpgen) SharpGen is a .NET Core console application that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applications or libraries.
- [**161**Star][1m] [Go] [cloudfoundry/bosh-bootloader](https://github.com/cloudfoundry/bosh-bootloader) Command line utility for standing up a BOSH director on an IAAS of your choice.
- [**161**Star][11d] [Py] [byt3bl33d3r/chrome-decrypter](https://github.com/byt3bl33d3r/chrome-decrypter) Python script to decrypt saved Chrome usernames and passwords on windows
- [**161**Star][4m] [Java] [bareinhard/hacktoberfest-data-structure-and-algorithms](https://github.com/bareinhard/hacktoberfest-data-structure-and-algorithms) A repo to contains data structure s and algorithms, regardless of language.
- [**161**Star][18d] [Py] [anselal/antminer-monitor](https://github.com/anselal/antminer-monitor) Cryptocurrency ASIC mining hardware monitor using a simple web interface
- [**161**Star][10d] [Shell] [anandkumar11u/oscp-60days](https://github.com/anandkumar11u/oscp-60days) OSCP All Tools are Here ...!! ***
- [**161**Star][2m] [Go] [alexellis/spotminer](https://github.com/alexellis/spotminer) Golang automation for mining cryptocurrencies on the Spot Market
- [**161**Star][1y] [Go] [adguardteam/adguarddns](https://github.com/adguardteam/adguarddns) Public DNS resolver that protects you from ad trackers
- [**160**Star][11d] [Go] [heroku/terrier](https://github.com/heroku/terrier) Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of specific files according to their hashes.
- [**160**Star][10d] [JS] [cabal-club/cabal-core](https://github.com/cabal-club/cabal-core) Core database and replication for cabal.
- [**160**Star][15d] [Py] [charnley/rmsd](https://github.com/charnley/rmsd) Calculate Root-mean-square deviation (RMSD) of two molecules, using rotation, in xyz or pdb format
- [**160**Star][16d] [feeicn/vulture](https://github.com/feeicn/vulture) 分布式近实时全覆盖资产和漏洞扫描器
- [**160**Star][10d] [Dart] [orchidtechnologies/orchid](https://github.com/OrchidTechnologies/orchid) Orchid: VPN, Personal Firewall
- [**160**Star][5y] [Py] [appknox/afe](https://github.com/appknox/AFE) Android Framework for Exploitation, is a framework for exploiting android based devices
- [**160**Star][11d] [Py] [mdudek-ics/trisis-triton-hatman](https://github.com/MDudek-ICS/TRISIS-TRITON-HATMAN) Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
- [**160**Star][4m] [C++] [lifting-bits/rellic](https://github.com/lifting-bits/rellic) Rellic produces goto-free C output from LLVM bitcode
- [**160**Star][14d] [HTML] [you0708/ida](https://github.com/you0708/ida) A Python implementation of FindCrypt plugin.
    - [IDA主题](https://github.com/you0708/ida/tree/master/theme) 
    - [findcrypt](https://github.com/you0708/ida/tree/master/idapython_tools/findcrypt) IDA FindCrypt/FindCrypt2 插件的Python版本
- [**160**Star][2m] [Py] [tintinweb/striptls](https://github.com/tintinweb/striptls) proxy poc implementation of STARTTLS stripping attacks
- [**160**Star][2m] [Shell] [theresalu/rspiducky](https://github.com/theresalu/rspiducky) a Raspberry Pi distro based on Minibian which allows the Raspberry Pi Zero to behave similar to a USB Rubber Ducky
- [**160**Star][2m] [Py] [theevilbit/exploit_generator](https://github.com/theevilbit/exploit_generator) Automated Exploit generation with WinDBG
- [**160**Star][4m] [Py] [swimlane/pyattck](https://github.com/swimlane/pyattck) A Python package to interact with the Mitre ATT&CK Framework
- [**160**Star][5y] [PHP] [spiderlabs/cryptomg](https://github.com/spiderlabs/cryptomg) CryptOMG is a configurable CTF style test bed that highlights common flaws in cryptographic implementations.
- [**160**Star][10d] [Py] [phishai/phish-ai-api](https://github.com/phishai/phish-ai-api) phish.ai 公开和私有的API接口, Python编写
- [**160**Star][1y] [Shell] [nullarray/intrec-pack](https://github.com/nullarray/intrec-pack) Intelligence and Reconnaissance Package/Bundle installer.
- [**160**Star][13d] [Lua] [nnposter/nndefaccts](https://github.com/nnposter/nndefaccts) nnposter's alternate fingerprint dataset for Nmap script http-default-accounts
- [**160**Star][3m] [Py] [nneonneo/eqgrp-free-file](https://github.com/nneonneo/eqgrp-free-file) Free sampling of files from the purported Equation Group hack.
- [**160**Star][14d] [Py] [moyix/pdbparse](https://github.com/moyix/pdbparse) Python code to parse Microsoft PDB files
- [**160**Star][3y] [Py] [moha99sa/evilap_defender](https://github.com/moha99sa/evilap_defender) Protect your Wireless Network from Evil Access Points!
- [**160**Star][10d] [Go] [mimoo/disco](https://github.com/mimoo/disco) a protocol to encrypt communications and a cryptographic library based on Disco
- [**160**Star][10d] [Jupyter Notebook] [kelu124/echomods](https://github.com/kelu124/echomods) Open source ultrasound processing modules and building blocks
- [**160**Star][1m] [Shell] [julianoliver/dropkick.sh](https://github.com/julianoliver/dropkick.sh) Detect and disconnect hidden WiFi cameras in that AirBnB you're staying in
- [**160**Star][3y] [HTML] [jonnyhightower/neet](https://github.com/jonnyhightower/neet) Neet - Network Enumeration and Exploitation Tool
- [**160**Star][2m] [Scala] [input-output-hk/mantis](https://github.com/input-output-hk/mantis) A Scala based client for Ethereum Classic.
- [**160**Star][18d] [C++] [hzeller/txtempus](https://github.com/hzeller/txtempus) A DCF77, WWVB, JJY and MSF clock LF-band signal transmitter using the Raspberry Pi
- [**160**Star][2y] [Py] [hadiasghari/pyasn](https://github.com/hadiasghari/pyasn) Python IP address to Autonomous System Number lookup module. (Supports fast local lookups, and historical lookups using archived BGP dumps.)
- [**160**Star][1y] [Py] [githacktools/leaked](https://github.com/githacktools/leaked) Leaked? 2.1 - A Checking tool for Hash codes, Passwords and Emails leaked
- [**160**Star][1m] [JS] [escomplex/complexity-report](https://github.com/escomplex/complexity-report) **UNMAINTAINED** Software complexity analysis for JavaScript projects
- [**160**Star][13d] [dsignr/disallowed-usernames](https://github.com/dsignr/disallowed-usernames) An open source database of disallowed usernames for software projects to prevent phishing and impersonation.
- [**160**Star][12d] [C] [dekunukem/duckypad](https://github.com/dekuNukem/duckypad) Do-It-All Scriptable Mechanical Macropad
- [**160**Star][10m] [Py] [certcc/trommel](https://github.com/certcc/trommel) Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators
- [**159**Star][17d] [C++] [guidovranken/vfuzz](https://github.com/guidovranken/vfuzz) vfuzz
- [**159**Star][3m] [Py] [ascotbe/medusa](https://github.com/ascotbe/medusa) 
- [**159**Star][12d] [TS] [jacktuck/unfurl](https://github.com/jacktuck/unfurl) Scraper for oEmbed, Twitter Cards and Open Graph metadata - fast and Promise-based
- [**159**Star][10d] [C++] [tlx/tlx](https://github.com/tlx/tlx) TLX - A Collection of Sophisticated C++ Data Structures, Algorithms, and Miscellaneous Helpers
- [**159**Star][3m] [Py] [jamesturk/scrapelib](https://github.com/jamesturk/scrapelib) a library for making requests to less-than-reliable websites
- [**159**Star][18d] [PS] [nickrod518/migrate-windowsuserprofile](https://github.com/nickrod518/migrate-windowsuserprofile) Migrate Windows user profile to a new machine using Microsoft USMT with a PowerShell GUI.
- [**159**Star][18d] [Go] [dreddsa5dies/algorithm](https://github.com/dreddsa5dies/algorithm) The repository algorithms implemented on the Go
- [**159**Star][20d] [C++] [darthton/polychaos](https://github.com/darthton/polychaos) PE permutation library
- [**159**Star][27d] [Rust] [aep/elfkit](https://github.com/aep/elfkit) rust elf parsing, manipulation and (re)linking toolkit
- [**159**Star][9d] [C++] [tenzir/vast](https://github.com/tenzir/vast)  a scalable foundation for a security operations center (SOC): a rich data model for security data, high-throughput ingestion of telemetry, low-latency search, and flexible export in various formats.
- [**159**Star][16d] [C] [t57root/pwnginx](https://github.com/t57root/pwnginx) Pwn nginx - a nginx backdoor provides shell access, socks5 tunneling, http password sniffing.
- [**159**Star][1y] [Py] [sublimelinter/sublimelinter-shellcheck](https://github.com/sublimelinter/sublimelinter-shellcheck) This linter plugin for SublimeLinter provides an interface to shellcheck.
- [**159**Star][7m] [smilezxlee/crackediosapps](https://github.com/smilezxlee/crackediosapps) iOS端破解版App集合，包含破解版QQ、破解版抖音、破解版百度网盘、破解版麻花、钉钉打卡助手、破解版墨墨背单词、破解版网易云音乐、破解版芒果TV
- [**159**Star][13d] [C++] [scateu/kalibrate-hackrf](https://github.com/scateu/kalibrate-hackrf) kalibrate for hackrf
- [**159**Star][14d] [CSS] [saadeghi/browser-hack-sass-mixins](https://github.com/saadeghi/browser-hack-sass-mixins) Browser hack sass mixin - Apply your SCSS to a specific browser - CSS hacks for: IE, Chrome, Firefox, Edge, Opera
- [**159**Star][25d] [Py] [rogerhu/gdb-heap](https://github.com/rogerhu/gdb-heap) Heap Analyzer for Python
- [**159**Star][4m] [Pascal] [passbyyou888/zserver4d](https://github.com/passbyyou888/zserver4d) ZServer4D 是一套从商业项目剥离而出的云服务器中间件，可以承载百万级的分布式负载服务，并且支持IoT及内网穿透
- [**159**Star][10d] [nathanchance/android-kernel-clang](https://github.com/nathanchance/android-kernel-clang) Information on compiling Android kernels with Clang
- [**159**Star][1m] [Java] [mwielgoszewski/jython-burp-api](https://github.com/mwielgoszewski/jython-burp-api) Develop Burp extensions in Jython
- [**159**Star][4m] [Py] [musicmancorley/briarids](https://github.com/musicmancorley/briarids) An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
- [**159**Star][30d] [HTML] [mpirnat/lets-be-bad-guys](https://github.com/mpirnat/lets-be-bad-guys) A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
- [**159**Star][2y] [YARA] [mikesxrs/open-source-yara-rules](https://github.com/mikesxrs/open-source-yara-rules) YARA Rules I come across on the internet
- [**159**Star][10d] [leomaurodesenv/game-datasets](https://github.com/leomaurodesenv/game-datasets) 
- [**159**Star][11m] [C] [kkamagui/shadow-box-for-x86](https://github.com/kkamagui/shadow-box-for-x86) Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)
- [**159**Star][10m] [AutoIt] [jschicht/rawcopy](https://github.com/jschicht/rawcopy) copy files off NTFS volumes by using low level disk reading method
- [**159**Star][5m] [C#] [jlospinoso/beamgun](https://github.com/jlospinoso/beamgun) A rogue-USB-device defeat program for Windows.
- [**159**Star][5m] [TS] [handsomeone/scout](https://github.com/handsomeone/scout) 可能是东半球最灵活的 URL 监控系统
- [**159**Star][2y] [Py] [fireeye/geologonalyzer](https://github.com/fireeye/geologonalyzer) a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
- [**159**Star][4y] [Py] [fire30/ps4-3.55-code-execution-poc](https://github.com/fire30/ps4-3.55-code-execution-poc) 
- [**159**Star][10d] [Py] [reconinfosec/web-traffic-generator](https://github.com/ReconInfoSec/web-traffic-generator) A quick and dirty HTTP/S "organic" traffic generator.
- [**159**Star][4m] [C#] [anthemtotheego/sharpexec](https://github.com/anthemtotheego/sharpexec) an offensive security C# tool designed to aid with lateral movement
- [**159**Star][2y] [C#] [anthemtotheego/sharpcradle](https://github.com/anthemtotheego/sharpcradle) 
- [**159**Star][4m] [PLpgSQL] [1eez/103976](https://github.com/1eez/103976) 103976个英语单词库（sql版，csv版，Excel版）包含英文单词，中文翻译，单词的词性及多种词义,执行SQL语句就可以生成表，支持SQL Server，MySQL等多种数据库
- [**159**Star][4y] [Makefile] [0x36/vpnpivot](https://github.com/0x36/vpnpivot) Explore the network using VPNPivot tool
- [**158**Star][10d] [Go] [mdlayher/vsock](https://github.com/mdlayher/vsock) Package vsock provides access to Linux VM sockets (AF_VSOCK) for communication between a hypervisor and its virtual machines. MIT Licensed.
- [**158**Star][6y] [Java] [rharter/viewpager-android](https://github.com/rharter/viewpager-android) Based on the Android support library's ViewPager class, this ViewPager supports both horizontal and vertical paging views.
- [**158**Star][12d] [Go] [gin-gonic/autotls](https://github.com/gin-gonic/autotls) Support Let's Encrypt for a Go server application.
- [**158**Star][1m] [ObjC] [hoiberg/hm10-bluetoothserial-ios](https://github.com/hoiberg/hm10-bluetoothserial-ios) An iOS 10 app to communicate with a HM10 Bluetooth module
- [**158**Star][4m] [C] [alexreinert/pivccu](https://github.com/alexreinert/pivccu) piVCCU is a project to install the original Homematic CCU2 firmware inside a virtualized container (lxc) on ARM based single board computers.
- [**158**Star][1m] [Py] [hrwhisper/algorithm_course](https://github.com/hrwhisper/algorithm_course) 国科大 算法分析与设计 卜东波 作业答案整理(2016)
- [**158**Star][14d] [PS] [nsacyber/pass-the-hash-guidance](https://github.com/nsacyber/pass-the-hash-guidance) Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
- [**158**Star][12d] [C] [px4/bootloader](https://github.com/px4/bootloader) PX4 Bootloader for PX4FMU, PX4IO and PX4FLOW
- [**158**Star][25d] [Go] [getlantern/http-proxy](https://github.com/getlantern/http-proxy) HTTP Proxy with TLS support
- [**158**Star][10d] [C] [aircrack-ng/rtl8188eus](https://github.com/aircrack-ng/rtl8188eus) RealTek RTL8188eus WiFi driver with monitor mode & frame injection support
- [**158**Star][6y] [Ruby] [resque/resque-loner](https://github.com/resque/resque-loner) Support for unique jobs in Resque: Only one job with the same payload per queue.
- [**158**Star][8d] [Shell] [wazuh/wazuh-docker](https://github.com/wazuh/wazuh-docker) Wazuh - Docker containers
- [**158**Star][27d] [Py] [wangshub/hmpa-pi](https://github.com/wangshub/hmpa-pi) 在树莓派上，利用 Wireshark 扫描附近网络 WiFi 设备，并对扫描结果通过邮件或者微信进行推送
- [**158**Star][29d] [Py] [trailofbits/protofuzz](https://github.com/trailofbits/protofuzz) Google Protocol Buffers message generator
- [**158**Star][1y] [C] [soldierx/libhijack](https://github.com/soldierx/libhijack) Runtime Process Infection Made Easy
- [**158**Star][6m] [Py] [shirosaidev/sharesniffer](https://github.com/shirosaidev/sharesniffer) 远程文件系统自动嗅探、挂载和爬取
- [**158**Star][1m] [HTML] [secmob/pwnfest2016](https://github.com/secmob/pwnfest2016) full exploit of pwnfest2016, slide and full text of syscan2017
- [**158**Star][13d] [Java] [psiinon/bodgeit](https://github.com/psiinon/bodgeit) The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
- [**158**Star][5y] [Py] [plaguescanner/plaguescanner](https://github.com/plaguescanner/plaguescanner) Open source multiple AV scanner framework
- [**158**Star][13d] [PHP] [pentestgeek/phishing-frenzy-templates](https://github.com/pentestgeek/phishing-frenzy-templates) Phishing Scenarios Used for Phishing Frenzy
- [**158**Star][1y] [Common Lisp] [oblivia-simplex/roper](https://github.com/oblivia-simplex/roper) Return Oriented Programme Evolution with ROPER
- [**158**Star][10d] [Py] [oasis-open/cti-python-stix2](https://github.com/oasis-open/cti-python-stix2) OASIS TC Open Repository: Python APIs for STIX 2
- [**158**Star][4m] [JS] [mrokas/smartdebug.js](https://github.com/mrokas/smartdebug.js) Next-generation debugging for javascript!
- [**158**Star][3y] [Py] [mpgn/padding-oracle-attack](https://github.com/mpgn/padding-oracle-attack)  An exploit for the Padding Oracle Attack
- [**158**Star][12d] [C] [libyal/libpff](https://github.com/libyal/libpff) Library and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format
- [**158**Star][3y] [C] [lctf/lctf2017](https://github.com/lctf/lctf2017) Source code, writeups and exps in LCTF2017.
- [**158**Star][10d] [C++] [yshshrm/data-structures-and-algorithms-hacktoberfest18](https://github.com/yshshrm/Data-Structures-And-Algorithms-Hacktoberfest18) List of data structures and algorithms. Feel free to contribute under Hacktoberfest '18!
- [**158**Star][1y] [Py] [jiangsir404/php-code-audit](https://github.com/jiangsir404/php-code-audit) php code audit for cms vulnerabilities / 代码审计，对一些大型cms漏洞的复现研究，更新源码和漏洞exp
- [**158**Star][3m] [Go] [j3ssie/metabigor](https://github.com/j3ssie/metabigor) Intelligence tool but without API key
- [**158**Star][16d] [Py] [initstring/evil-ssdp](https://github.com/initstring/evil-ssdp) Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
- [**158**Star][1m] [Java] [googlecloudplatform/endpoints-codelab-android](https://github.com/googlecloudplatform/endpoints-codelab-android) endpoints-codelab-android
- [**158**Star][6y] [C] [fuzion24/androidobfuscation-ndk](https://github.com/fuzion24/androidobfuscation-ndk) Example of obfuscating an Android NDK project using O-LLVM
- [**158**Star][7y] [evilcos/xss.swf](https://github.com/evilcos/xss.swf) a tiny tool for swf hacking, just browse it:)
- [**158**Star][21d] [Py] [eth-sri/diffai](https://github.com/eth-sri/diffai) 用于保护神经网络抵御攻击的库
- [**158**Star][30d] [dotfighter/torshammer](https://github.com/dotfighter/torshammer) Tor's hammer. Slow post DDOS tool written in python.
- [**158**Star][1m] [C] [dannvix/keylogger-osx](https://github.com/dannvix/keylogger-osx) Very simple keylogger for self-quantifying on Mac OS X
- [**158**Star][4m] [Shell] [countercept/snake](https://github.com/countercept/snake) snake - a malware storage zoo
- [**158**Star][2y] [Ruby] [chrislee35/passivedns-client](https://github.com/chrislee35/passivedns-client) passivedns-client provides a library and a query tool for querying several passive DNS providers
- [**158**Star][22d] [Shell] [buguroo/cuckooautoinstall](https://github.com/buguroo/cuckooautoinstall) Auto Installer Script for Cuckoo Sandbox
- [**158**Star][14d] [Rust] [brycx/orion](https://github.com/brycx/orion) Usable, easy and safe pure-Rust crypto
- [**158**Star][12d] [Py] [atlassian/localstack](https://github.com/atlassian/localstack) 
- [**158**Star][2m] [C] [arisada/midgetpack](https://github.com/arisada/midgetpack) midgetpack is a multiplatform secure ELF packer
- [**158**Star][18d] [Py] [aipengjie/sensitivefilescan](https://github.com/aipengjie/sensitivefilescan) 
- [**158**Star][2y] [Ruby] [0x09al/cve-2018-8174-msf](https://github.com/0x09al/cve-2018-8174-msf) CVE-2018-8174 - VBScript memory corruption exploit.
- [**157**Star][17d] [HTML] [dwmkerr/effective-shell](https://github.com/dwmkerr/effective-shell) Text, samples and website for my 'Effective Shell' series.
- [**157**Star][19d] [JS] [bahmutov/pre-git](https://github.com/bahmutov/pre-git) Automatically install pre-commit / pre-push hooks in your git repo
- [**157**Star][24d] [Ruby] [mgleon08/instagram-crawler](https://github.com/mgleon08/instagram-crawler) Crawl instagram photos, posts and videos for download.
- [**157**Star][4m] [Shell] [lhmouse/poseidon](https://github.com/lhmouse/poseidon) Poseidon Server Framework (refactor WIP)
- [**157**Star][4m] [Java] [nexenio/ble-indoor-positioning](https://github.com/nexenio/ble-indoor-positioning) Multilateration using bluetooth beacons
- [**157**Star][4m] [Swift] [zntfdr/selenops](https://github.com/zntfdr/selenops) A Swift Web Crawler
- [**157**Star][19d] [TeX] [nblock/pdb-cheatsheet](https://github.com/nblock/pdb-cheatsheet) A cheatsheet for the Python Debugger (pdb)
- [**157**Star][4m] [Go] [cubicdaiya/slackboard](https://github.com/cubicdaiya/slackboard) A slack proxy server
- [**157**Star][7d] [icehacks/survivcheatinjector](https://github.com/icehacks/survivcheatinjector) An actual, updated, surviv.io cheat. Works great and we reply fast.
- [**157**Star][2m] [Rust] [m4b/faerie](https://github.com/m4b/faerie) Magical ELF and Mach-o object file writer backend
- [**157**Star][16d] [Py] [xzkzdx/weixin-spider](https://github.com/xzkzdx/weixin-spider) 微信公众号爬虫，公众号历史文章，文章评论，文章阅读及在看数据，可视化web页面，可部署于Windows服务器。基于Python3之flask/mysql/redis/mitmproxy/pywin32等实现，高效微信爬虫，微信公众号爬虫，历史文章，文章评论，数据更新。
- [**157**Star][14d] [Py] [kulovecc/jandan_spider](https://github.com/kulovecc/jandan_spider) 使用Python3爬取煎蛋妹纸图片
- [**157**Star][1m] [Go] [trailofbits/audit-kubernetes](https://github.com/trailofbits/audit-kubernetes) k8s audit repo
- [**157**Star][14d] [JS] [radareorg/radare2-r2pipe](https://github.com/radareorg/radare2-r2pipe) Access radare2 via pipe from any programming language!
- [**157**Star][5m] [C] [processhacker/plugins-extra](https://github.com/processhacker/plugins-extra) These are highly unstable, buggy, incomplete plugins that are not included with Process Hacker by default.
- [**157**Star][16d] [crytic/blockchain-security-contacts](https://github.com/crytic/blockchain-security-contacts) Directory of security contacts for blockchain companies
- [**157**Star][12d] [Go] [virustotal/vt-cli](https://github.com/virustotal/vt-cli) VirusTotal Command Line Interface
- [**157**Star][4y] [Ruby] [urbanadventurer/username-anarchy](https://github.com/urbanadventurer/username-anarchy) Username tools for penetration testing
- [**157**Star][15d] [Py] [sviehb/jefferson](https://github.com/sviehb/jefferson) JFFS2 filesystem extraction tool
- [**157**Star][3y] [C] [stonedreamforest/naiheqiao](https://github.com/stonedreamforest/naiheqiao) open-source x86/x64 usermode anti-anti-debug plugin
- [**157**Star][1y] [Py] [sabri-zaki/easy_hack](https://github.com/sabri-zaki/easy_hack) Hack the World using Termux
- [**157**Star][12d] [Py] [renatahodovan/fuzzinator](https://github.com/renatahodovan/fuzzinator) Fuzzinator Random Testing Framework
- [**157**Star][4m] [Shell] [realtho/partyloud](https://github.com/realtho/partyloud) A simple tool to generate fake web browsing and mitigate tracking
- [**157**Star][13d] [Ruby] [palkan/n_plus_one_control](https://github.com/palkan/n_plus_one_control) RSpec and Minitest matchers to prevent N+1 queries problem
- [**157**Star][4y] [PS] [onelogicalmyth/automated-ad-setup](https://github.com/onelogicalmyth/automated-ad-setup) A PowerShell script that aims to have a fully configured domain built in under 10 minutes, but also apply security configuration and hardening.
- [**157**Star][23d] [PS] [nyxgeek/o365recon](https://github.com/nyxgeek/o365recon) retrieve information via O365 with a valid cred
- [**157**Star][4y] [Py] [kbandla/immunitydebugger](https://github.com/kbandla/immunitydebugger) ImmunityDebugger
- [**157**Star][12d] [Py] [julieeen/kleefl](https://github.com/julieeen/kleefl) Seeding fuzzers with symbolic execution
- [**157**Star][1m] [C] [ixty/xarch_shellcode](https://github.com/ixty/xarch_shellcode) Cross Architecture Shellcode in C
- [**157**Star][1m] [Shell] [hellman/fixenv](https://github.com/hellman/fixenv) A script to make stack addresses the same when running a program under gdb,ltrace,strace or without debugging (without ASLR of course).
- [**157**Star][9m] [C] [hasherezade/process_doppelganging](https://github.com/hasherezade/process_doppelganging) 进程注入技术 Process Doppelganging 的实现代码
- [**157**Star][17d] [Go] [golang/debug](https://github.com/golang/debug) [mirror] debugging tools
- [**157**Star][28d] [C] [elfmaster/skeksi_virus](https://github.com/elfmaster/skeksi_virus) Devestating and awesome Linux X86_64 ELF Virus
- [**157**Star][8m] [Py] [decoxviii/karma](https://github.com/decoxviii/karma) Find leaked emails with your passwords
- [**157**Star][10y] [C] [comex/star](https://github.com/comex/star) the code behind the second incarnation of jailbreakme.com
- [**157**Star][1m] [JS] [cazala/react-coin-hive](https://github.com/cazala/react-coin-hive) Mine cryptocurrency while your users haven't engaged with your content lately
- [**157**Star][4y] [Py] [borjamerino/pazuzu](https://github.com/borjamerino/pazuzu) Reflective DLL to run binaries from memory
- [**157**Star][10d] [C] [alexdenisov/bitcode_retriever](https://github.com/alexdenisov/bitcode_retriever) Retrieves Bitcode from Mach-O binaries
- [**156**Star][14d] [TS] [scriptsmith/instamancer](https://github.com/scriptsmith/instamancer) Scrape Instagram's API with Puppeteer
- [**156**Star][20d] [C] [furiousmac/continuity](https://github.com/furiousmac/continuity) Apple Continuity Protocol Reverse Engineering and Dissector
- [**156**Star][11d] [Shell] [foodeas/raspberrypi-ua-netinst](https://github.com/foodeas/raspberrypi-ua-netinst) RaspberryPi (minimal) unattended netinstaller
- [**156**Star][4y] [HTML] [farjump/fwtr](https://github.com/farjump/fwtr) Open Database of Firmware Test Results
- [**156**Star][10d] [Java] [xmtggh/videocalling](https://github.com/xmtggh/videocalling) 局域网p2p视频聊天
- [**156**Star][1m] [Go] [ihciah/go-shadowsocks-magic](https://github.com/ihciah/go-shadowsocks-magic) A shadowsocks implementation in golang with Multi-connection Acceleration
- [**156**Star][11d] [Java] [m35/jpsxdec](https://github.com/m35/jpsxdec) cross-platform PlayStation 1 audio and video converter
- [**156**Star][15d] [C#] [mr-un1k0d3r/maliciousclickoncegenerator](https://github.com/Mr-Un1k0d3r/MaliciousClickOnceGenerator) Quick Malicious ClickOnceGenerator for Red Team
- [**156**Star][5m] [zbetcheckin/pdf_analysis](https://github.com/zbetcheckin/pdf_analysis) Several PDF analysis reassembled with additional tips and tools
- [**156**Star][5m] [trietptm/sql-injection-payloads](https://github.com/trietptm/sql-injection-payloads) SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
- [**156**Star][11d] [C] [trailofbits/osquery-extensions](https://github.com/trailofbits/osquery-extensions) osquery extensions by Trail of Bits
- [**156**Star][1m] [Py] [swehner/foos](https://github.com/swehner/foos) Instant replay system for foosball table
- [**156**Star][9m] [Py] [stuhli/dfirtrack](https://github.com/stuhli/dfirtrack) The Incident Response Tracking Application
- [**156**Star][2y] [C] [spajed/processrefund](https://github.com/spajed/processrefund) An attempt at Process Doppelgänging
- [**156**Star][2y] [Py] [sensepost/userenum](https://github.com/sensepost/userenum) Domain user enumeration tool
- [**156**Star][4m] [C] [pkroma/processhacker](https://github.com/pkroma/processhacker) A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware—mirror of
- [**156**Star][12d] [Py] [misterch0c/twitterbftd](https://github.com/misterch0c/twitterbftd) Twitter Back From The Dead looks in a user tweets history for domain names that are available for registration
- [**156**Star][3y] [Py] [malwaretech/trickbot-toolkit](https://github.com/malwaretech/trickbot-toolkit) A collection of tools for dealing with TrickBot
- [**156**Star][21d] [Py] [lakiw/pcfg_cracker](https://github.com/lakiw/pcfg_cracker) Probabilistic Context Free Grammar (PCFG) password guess generator
- [**156**Star][13d] [Py] [k4m4/dymerge](https://github.com/k4m4/dymerge) takes given wordlists and merges them into one dynamic dictionary that can then be used as ammunition for a successful dictionary based (or bruteforce) attack.
- [**156**Star][10y] [Py] [jonty/idiocy](https://github.com/jonty/idiocy) Idiocy is a warning shot to people browsing the internet insecurely.
- [**156**Star][4m] [Go] [jollheef/out-of-tree](https://github.com/jollheef/out-of-tree) out-of-tree kernel {module, exploit} development tool
- [**156**Star][23d] [Py] [jeffball55/rop_compiler](https://github.com/jeffball55/rop_compiler) An open source, multi-architecture ROP compiler written in python
- [**156**Star][4m] [JS] [ijpiantanida/talkback](https://github.com/ijpiantanida/talkback) A simple HTTP proxy that records and playbacks requests
- [**156**Star][1m] [Shell] [dhavalkapil/luaver](https://github.com/dhavalkapil/luaver) Lua Version Manager - Managing and switching between different versions of Lua, LuaJIT and Luarocks made easy
- [**156**Star][30d] [C] [caesar0301/http-sniffer](https://github.com/caesar0301/http-sniffer) A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in json format.
- [**156**Star][3y] [PHP] [bo0om/cve-2017-5124](https://github.com/bo0om/cve-2017-5124) Chrome < 62 uxss exploit (CVE-2017-5124)
- [**156**Star][2y] [Py] [0xalexei/windowsdefendertools](https://github.com/0xalexei/windowsdefendertools) Tools for instrumenting Windows Defender's mpengine.dll
- [**155**Star][13d] [Py] [0xb0bb/karkinos](https://github.com/0xb0bb/karkinos) A thorough library database to assist with binary exploitation tasks.
- [**155**Star][4m] [C++] [yshshrm/data-structures-and-algorithms-hacktoberfest18](https://github.com/yshshrm/data-structures-and-algorithms-hacktoberfest18) List of data structures and algorithms. Feel free to contribute under Hacktoberfest '18!
- [**155**Star][8d] [Py] [zstu-lly/jd_mask_robot](https://github.com/zstu-lly/JD_MASK_Robot) 京东口罩库存监控爬虫(非selenium)，扫码登录、查价、加购、下单、秒杀
- [**155**Star][1m] [JS] [sebinsua/scrape-twitter](https://github.com/sebinsua/scrape-twitter)  Access Twitter data without an API key
- [**155**Star][1y] [C] [valvesoftware/steamos_mesa](https://github.com/valvesoftware/steamos_mesa) Patched branches of Mesa used in SteamOS
- [**155**Star][1m] [C#] [lithnet/ad-password-protection](https://github.com/lithnet/ad-password-protection) Active Directory password filter featuring breached password checking and custom complexity rules
- [**155**Star][2y] [Perl] [noxxi/p5-ssl-tools](https://github.com/noxxi/p5-ssl-tools) various standalone perl scripts
- [**155**Star][16d] [C] [airspy/airspyone_host](https://github.com/airspy/airspyone_host) AirSpy's usemode driver and associated tools
- [**155**Star][2y] [Java] [zjlywjh001/phrackctf-platform-team](https://github.com/zjlywjh001/phrackctf-platform-team) CTF platfrom(Team Version) developed by Jarvis from Phrack Team. 做一个功能最全的CTF平台。
- [**155**Star][17d] [PHP] [webshellpub/awsome-webshell](https://github.com/webshellpub/awsome-webshell) webshell样本大合集。收集各种webshell用于webshell分析与发现
- [**155**Star][9m] [Java] [shack2/javaserializetools](https://github.com/shack2/javaserializetools) Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具
- [**155**Star][1m] [C] [rsmudge/metasploit-loader](https://github.com/rsmudge/metasploit-loader) A client compatible with Metasploit's staging protocol
- [**155**Star][9d] [Py] [qiyeboy/baseproxy](https://github.com/qiyeboy/baseproxy) Asynchronous HTTP/HTTPS proxy that intercepts and modifies messages
- [**155**Star][2m] [olafhartong/sysmon-cheatsheet](https://github.com/olafhartong/sysmon-cheatsheet) All sysmon event types and their fields explained
- [**155**Star][11d] [C] [ntpsec/ntpsec](https://github.com/ntpsec/ntpsec) The Network Time Protocol suite, refactored GitHub is a mirror of
- [**155**Star][4y] [Py] [n0tr00t/beehive](https://github.com/n0tr00t/beehive) Beehive is an open-source vulnerability detection framework based on Beebeeto-framework. Security researcher can use it to find vulnerability, exploits, subsequent attacks, etc.
- [**155**Star][13d] [Py] [mgeeky/expdevbadchars](https://github.com/mgeeky/expdevbadchars) Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
- [**155**Star][2y] [Swift] [malcommac/swiftscanner](https://github.com/malcommac/swiftscanner) String Scanner in pure Swift (supports unicode)
- [**155**Star][15d] [HTML] [landley/aboriginal](https://github.com/landley/aboriginal) provides virtual Linux images you can boot under QEMU,  within which you can compile and test any software you like.
- [**155**Star][2m] [Go] [kudelskisecurity/cdf](https://github.com/kudelskisecurity/cdf)  automatically test the correctness and security of cryptographic software
- [**155**Star][3m] [Py] [kacperszurek/exploits](https://github.com/kacperszurek/exploits) exploits
- [**155**Star][11d] [Py] [k0retux/fuddly](https://github.com/k0retux/fuddly) Fuzzing/数据操纵(Data Manipulation)框架
- [**155**Star][4m] [C++] [hiwincn/htran](https://github.com/hiwincn/htran) HTran is a connection bouncer, a kind of proxy server. A “listener” program is hacked stealthily onto an unsuspecting host anywhere on the Internet. When it receives signals from the actual target system, it redirects it to the hacker’s server.
- [**155**Star][4m] [C++] [googleprojectzero/comparecoverage](https://github.com/googleprojectzero/comparecoverage) Clang instrumentation module for tracing variable and buffer comparisons in C/C++ and saving the coverage data to .sancov files
- [**155**Star][11d] [Py] [futuresharks/rpi-security](https://github.com/futuresharks/rpi-security) A security system written in python to run on a Raspberry Pi with motion detection and mobile notifications
- [**155**Star][29d] [Shell] [essandess/macos-openvpn-server](https://github.com/essandess/macos-openvpn-server) macOS OpenVPN Server and Client Configuration (OpenVPN, Tunnelblick, PF)
- [**155**Star][10d] [C++] [earthquake/universaldvc](https://github.com/earthquake/universaldvc) Universal Dynamic Virtual Channel connector for Remote Desktop Services
- [**155**Star][13d] [Ruby] [dev-sec/ssh-baseline](https://github.com/dev-sec/ssh-baseline) DevSec SSH Baseline - InSpec Profile
- [**155**Star][5m] [C] [cyrus-and/zizzania](https://github.com/cyrus-and/zizzania) Automated DeAuth attack
- [**155**Star][2y] [C#] [codewhitesec/lethalhta](https://github.com/codewhitesec/lethalhta) Lateral Movement technique using DCOM and HTA
- [**155**Star][3m] [Py] [chrispetrou/hrshell](https://github.com/chrispetrou/hrshell) HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
- [**155**Star][4m] [C++] [benkrasnow/dsky_el_replica](https://github.com/benkrasnow/dsky_el_replica) Schematic, PCB layout, mechanical CAD, and firmware to create a replica of the DSKY with electroluminescent display
- [**155**Star][7m] [C] [airbus-seclab/crashos](https://github.com/airbus-seclab/crashos) A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations.
- [**154**Star][10d] [Py] [cq674350529/deflat](https://github.com/cq674350529/deflat) use angr to deobfuscation
- [**154**Star][2m] [Go] [pottava/aws-s3-proxy](https://github.com/pottava/aws-s3-proxy) Reverse proxy for AWS S3 with basic authentication.
- [**154**Star][11d] [JS] [mysteriumnetwork/mysterium-vpn](https://github.com/mysteriumnetwork/mysterium-vpn) Mysterium VPN is desktop application to access Mysterium Network - decentralized VPN built on blockchain.
- [**154**Star][4m] [JS] [w8r/greinerhormann](https://github.com/w8r/greinerhormann) Greiner-Hormann polygon clipping algorithm. Does AND, OR, XOR. Plays nicely with Leaflet. Handles non-convex polygons and multiple clipping areas. ~3kb footprint, no dependencies
- [**154**Star][14d] [Py] [michaelklishin/tls-gen](https://github.com/michaelklishin/tls-gen) Generates self-signed x509/TLS/SSL certificates useful for development
- [**154**Star][17d] [Py] [algolia/docsearch-scraper](https://github.com/algolia/docsearch-scraper) DocSearch - Scraper
- [**154**Star][4m] [JS] [pearinc/peardownloader.js](https://github.com/pearinc/peardownloader.js) 一个支持多协议、多源、混合P2P-CDN的下载器
- [**154**Star][2m] [Java] [stevenkin/zhihuquestionsspider](https://github.com/stevenkin/zhihuquestionsspider) 知乎问题爬虫
- [**154**Star][18d] [C++] [virustotal/qt-virustotal-uploader](https://github.com/virustotal/qt-virustotal-uploader) VirusTotal Uploader written in C++ using QT framework
- [**154**Star][1m] [Py] [0ang3el/websocket-smuggle](https://github.com/0ang3el/websocket-smuggle) Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
- [**154**Star][11d] [Java] [astrelsky/ghidra-cpp-class-analyzer](https://github.com/astrelsky/ghidra-cpp-class-analyzer) Ghidra C++ Class and Run Time Type Information Analyzer
- [**154**Star][1m] [Py] [0xbing/wukong-agent](https://github.com/0xbing/wukong-agent) Web scan foundation framework
- [**154**Star][14d] [C] [cntools/cnping](https://github.com/cntools/cnping) Minimal Graphical IPV4 Ping Tool
- [**154**Star][17d] [TS] [xyfir/ptorx](https://github.com/xyfir/ptorx) 
- [**154**Star][3y] [Py] [vasishtduddu/malware](https://github.com/vasishtduddu/Malware) Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
- [**154**Star][2y] [Py] [valardragon/ctf-crypto](https://github.com/valardragon/ctf-crypto) Contains tools for solving RSA and other crypto problems in CTFs.
- [**154**Star][2m] [Rust] [trailofbits/flying-sandbox-monster](https://github.com/trailofbits/flying-sandbox-monster)  sandboxes the Malware Protection engine in an AppContainer on Windows, written in Rust.
- [**154**Star][16d] [Shell] [shellhub/shellhub](https://github.com/shellhub/shellhub) shell script hub
- [**154**Star][5m] [Assembly] [onx/cih](https://github.com/onx/cih) The source code of the CIH virus
- [**154**Star][2y] [PS] [nexxai/cryptoblocker](https://github.com/nexxai/cryptoblocker) A script to deploy File Server Resource Manager and associated scripts to block infected users
- [**154**Star][5m] [JS] [newbranltd/gulp-server-io](https://github.com/newbranltd/gulp-server-io) Standalone / gulp (stream) / delivery server setup with Proxy options remote debugger and more
- [**154**Star][1m] [C++] [mothran/aflpin](https://github.com/mothran/aflpin) aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.
- [**154**Star][4m] [ASP] [misterch0c/apt34](https://github.com/misterch0c/apt34) APT34/OILRIG leak
- [**154**Star][16d] [C] [mate-desktop/caja](https://github.com/mate-desktop/caja) Caja, the file manager for the MATE desktop
- [**154**Star][19d] [Py] [mandiant/ioc_writer](https://github.com/mandiant/ioc_writer) 
- [**154**Star][14d] [C++] [macmade/dyld_cache_extract](https://github.com/macmade/dyld_cache_extract) A macOS utility to extract dynamic libraries from the dyld_shared_cache of macOS and iOS.
- [**154**Star][12d] [Py] [landgrey/abuse-ssl-bypass-waf](https://github.com/landgrey/abuse-ssl-bypass-waf) Bypassing WAF by abusing SSL/TLS Ciphers
- [**154**Star][4y] [PS] [johnnydep/owa-toolkit](https://github.com/johnnydep/owa-toolkit) Powershell module to assist in attacking Exchange/Outlook Web Access
- [**154**Star][4m] [jeremymain/gpuprofiler](https://github.com/jeremymain/gpuprofiler) Understand your application and workflow resource requirements
- [**154**Star][16d] [Py] [jekil/hardentheworld](https://github.com/jekil/hardentheworld) Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
- [**154**Star][30d] [C] [ixty/mandibule](https://github.com/ixty/mandibule) 向远程进程注入ELF文件
- [**154**Star][22d] [Py] [intrepidusgroup/imdmtools](https://github.com/intrepidusgroup/imdmtools) Intrepidus Group's iOS MDM tools
- [**154**Star][2m] [Py] [hugsy/binja-retdec](https://github.com/hugsy/binja-retdec) Binary Ninja plugin to decompile binaries using RetDec API
- [**154**Star][6y] [Py] [hiddenillusion/analyzepe](https://github.com/hiddenillusion/analyzepe) Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
- [**154**Star][8m] [C] [greggersaurus/opensteamcontroller](https://github.com/greggersaurus/opensteamcontroller) Steam Controller reverse engineering and customization project.
- [**154**Star][10d] [C++] [grammatech/gtirb](https://github.com/grammatech/gtirb) Intermediate Representation for Binary analysis and transformation
- [**154**Star][2y] [Java] [floyd-fuh/jks-private-key-cracker-hashcat](https://github.com/floyd-fuh/jks-private-key-cracker-hashcat) Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file
- [**154**Star][12d] [Py] [domainaware/parsedmarc](https://github.com/domainaware/parsedmarc) A Python package and CLI for parsing aggregate and forensic DMARC reports
- [**154**Star][27d] [C] [darkabode/zerokit](https://github.com/darkabode/zerokit) Zerokit/GAPZ rootkit (non buildable and only for researching)
- [**154**Star][11d] [Shell] [binhex/arch-rtorrentvpn](https://github.com/binhex/arch-rtorrentvpn) Docker build script for Arch Linux base with ruTorrent, rTorrent, autodl-irssi, Privoxy and OpenVPN
- [**154**Star][1m] [Py] [alschwalm/foresight](https://github.com/alschwalm/foresight) A tool for predicting the output of random number generators
- [**153**Star][8m] [Swift] [e-sites/bluetonium](https://github.com/e-sites/bluetonium) Bluetooth mapping in Swift
- [**153**Star][10d] [Py] [asdf2014/algorithm](https://github.com/asdf2014/algorithm) Leetcode 组队刷题
- [**153**Star][15d] [C] [mity/mctrl](https://github.com/mity/mctrl) C library providing set of additional user interface controls for Windows, intended to be complementary to standard Win32API controls from USER32.DLL and COMCTL32.DLL.
- [**153**Star][5m] [PS] [poshsec/poshsec](https://github.com/poshsec/poshsec) PoshSec PowerShell Module
- [**153**Star][11d] [ObjC] [timoliver/tosmbclient](https://github.com/timoliver/tosmbclient) An Objective-C binding around the libDSM SMB client library.
- [**153**Star][10d] [Scala] [linkedin/scanns](https://github.com/linkedin/scanns) A scalable nearest neighbor search library in Apache Spark
- [**153**Star][12d] [Java] [licoy/encrypt-body-spring-boot-starter](https://github.com/licoy/encrypt-body-spring-boot-starter) SpringBoot控制器统一的响应体加密与请求体解密的注解处理方式，支持MD5/SHA/AES/DES/RSA
- [**153**Star][10d] [Py] [davidteather/tiktok-api](https://github.com/davidteather/tiktok-api) The Unoffical TikTok API Wrapper In Python
- [**153**Star][4y] [Go] [inconshreveable/go-tunnel](https://github.com/inconshreveable/go-tunnel) [DEPRECATED] Tunnel to localhost as a library
- [**153**Star][2y] [voidfyoo/cve-2018-3191](https://github.com/voidfyoo/cve-2018-3191) CVE-2018-3191 payload generator
- [**153**Star][2y] [Py] [undeadsec/enigma](https://github.com/undeadsec/enigma) Multiplatform payload dropper
- [**153**Star][5y] [thecreeper/privacyfox](https://github.com/thecreeper/privacyfox) PrivacyFox tweaks various preferences in Firefox in order to enhance the privacy of users; it will also try to enforce these changes to maintain your privacy online.
- [**153**Star][2y] [Py] [souhardya/zerodoor](https://github.com/souhardya/zerodoor) A script written lazily for generating cross-platform backdoors on the go :)
- [**153**Star][4m] [Py] [rhinosecuritylabs/gcpbucketbrute](https://github.com/rhinosecuritylabs/gcpbucketbrute) A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
- [**153**Star][2m] [Py] [rep/dionaea](https://github.com/rep/dionaea) dionaea low interaction honeypot (forked from dionaea.carnivore.it)
- [**153**Star][22d] [pomerium/awesome-security-audits](https://github.com/pomerium/awesome-security-audits) A collection of public security audits.
- [**153**Star][20d] [Py] [nightnord/ljd](https://github.com/nightnord/ljd) LuaJIT raw-bytecode decompiler
- [**153**Star][12d] [Py] [netflix-skunkworks/policyuniverse](https://github.com/netflix-skunkworks/policyuniverse) Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
- [**153**Star][10d] [Java] [lanchon/haystack](https://github.com/lanchon/haystack) Signature Spoofing Patcher for Android
- [**153**Star][1m] [Py] [kacperszurek/burp_wp](https://github.com/kacperszurek/burp_wp) Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
- [**153**Star][4m] [Shell] [joukewitteveen/netctl](https://github.com/joukewitteveen/netctl) Profile based systemd network management
- [**153**Star][20d] [C] [fgont/ipv6toolkit](https://github.com/fgont/ipv6toolkit) SI6 Networks' IPv6 Toolkit
- [**153**Star][16d] [JS] [djadmin/passw0rd](https://github.com/djadmin/passw0rd) 
- [**153**Star][16d] [C++] [cybermaggedon/cyberprobe](https://github.com/cybermaggedon/cyberprobe) Capturing, analysing and responding to cyber attacks
- [**153**Star][1y] [Py] [bloodhoundad/bloodhound-tools](https://github.com/bloodhoundad/bloodhound-tools) Miscellaneous tools for BloodHound
- [**153**Star][20d] [Py] [batuhaniskr/twitter-intelligence](https://github.com/batuhaniskr/twitter-intelligence) Twitter Intelligence OSINT project performs tracking and analysis of the Twitter
- [**153**Star][12d] [Java] [baidu-security/openrasp-testcases](https://github.com/baidu-security/openrasp-testcases) OpenRASP 漏洞测试环境
- [**153**Star][9m] [JS] [arunoda/meteor-ddp-analyzer](https://github.com/arunoda/meteor-ddp-analyzer) Simple DDP Proxy which logs DDP messages
- [**153**Star][2m] [C++] [alschwalm/dwarfexport](https://github.com/alschwalm/dwarfexport) Export dwarf debug information from IDA Pro
- [**153**Star][1y] [Py] [649/crashcast-exploit](https://github.com/649/crashcast-exploit) This tool allows you mass play any YouTube video, terminate apps and rename Chromecast device(s) obtained from Shodan.io
- [**153**Star][29d] [Shell] [0xmitsurugi/gimmecredz](https://github.com/0xmitsurugi/gimmecredz) You're a #pentester and you totally pwn that linux box, congrats! Now what? You can launch gimmecredz.sh which will try to extract all passwords from known locations.
- [**152**Star][12d] [Go] [flyingmutant/rapid](https://github.com/flyingmutant/rapid) Rapid is a Go library for property-based testing
- [**152**Star][10d] [Java] [xjtushilei/scriptspider](https://github.com/xjtushilei/scriptspider) 一个java版本的分布式的通用爬虫，可以插拔各个组件（提供默认的）
- [**152**Star][17d] [Java] [zhangjiupeng/agentx](https://github.com/zhangjiupeng/agentx) Shadowsocks升级版，支持协议伪装和流量压缩，易于扩展，可统计流量
- [**152**Star][10d] [Rust] [plsyssec/haybale](https://github.com/plsyssec/haybale) Symbolic execution of LLVM IR with an engine written in Rust
- [**152**Star][18d] [PS] [nsacyber/applocker-guidance](https://github.com/nsacyber/applocker-guidance) Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber
- [**152**Star][11d] [Shell] [sclorg/s2i-python-container](https://github.com/sclorg/s2i-python-container) Python container images based on Red Hat Software Collections and intended for OpenShift and general usage, that provide a platform for building and running Python applications. Users can choose between Red Hat Enterprise Linux, Fedora, and CentOS based images.
- [**152**Star][14d] [Kotlin] [babylonhealth/certificate-transparency-android](https://github.com/babylonhealth/certificate-transparency-android) Certificate transparency for Android and Java
- [**152**Star][25d] [Go] [znly/strobfus](https://github.com/znly/strobfus) String obfuscation
- [**152**Star][3y] [JS] [ubercomp/jslm32](https://github.com/ubercomp/jslm32) Javascript emulator for the LatticeMico platform
- [**152**Star][17d] [C] [theofficialflow/update365](https://github.com/theofficialflow/update365) Custom Firmware 3.65 HENkaku Ensō Updater for PS Vita
- [**152**Star][10d] [tarraschk/richelieu](https://github.com/tarraschk/richelieu) List of the most common French passwords
- [**152**Star][2y] [JS] [snooze6/fios](https://github.com/snooze6/fios) small proof of concept gui for auditing iOS applications based on objection
- [**152**Star][11d] [Py] [scrapinghub/python-scrapinghub](https://github.com/scrapinghub/python-scrapinghub) A client interface for Scrapinghub's API
- [**152**Star][12d] [C] [ruby/openssl](https://github.com/ruby/openssl) Provides SSL, TLS and general purpose cryptography.
- [**152**Star][6y] [C] [rflynn/lanmap2](https://github.com/rflynn/lanmap2) builds database/visualizations of LAN structure from passively sifted information
- [**152**Star][2y] [Py] [packtpublishing/mastering-machine-learning-for-penetration-testing](https://github.com/packtpublishing/mastering-machine-learning-for-penetration-testing) Mastering Machine Learning for Penetration Testing, published by Packt
- [**152**Star][1m] [Py] [orppra/ropa](https://github.com/orppra/ropa) ROP 链创建工具, 带界面, 基于 Ropper
- [**152**Star][1y] [ObjC] [objective-see/reikey](https://github.com/objective-see/reikey) Malware and other applications may install persistent keyboard "event taps" to intercept your keystrokes. ReiKey can scan, detect, and monitor for such taps!
- [**152**Star][23d] [Py] [nuid/nebulousad](https://github.com/nuid/nebulousad) NebulousAD automated credential auditing tool.
- [**152**Star][2m] [JS] [nowsecure/owasp-password-strength-test](https://github.com/nowsecure/owasp-password-strength-test) OWASP Password Strength Test for Node.js
- [**152**Star][27d] [Py] [nashcontrol/bounty-monitor](https://github.com/nashcontrol/bounty-monitor) Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
- [**152**Star][24d] [Py] [mveytsman/dilettante](https://github.com/mveytsman/dilettante) Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.
- [**152**Star][20d] [PS] [milo2012/portia](https://github.com/milo2012/portia) Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
- [**152**Star][18d] [C++] [lcatro/network_backdoor_scanner](https://github.com/lcatro/network_backdoor_scanner) This is a backdoor about discover network device ,and it can hidden reverse connecting the hacker's server with encrypt commuication 后渗透后门程序,适合在已经攻陷的内网中做下一步的网络信息扫描..
- [**152**Star][20d] [landgrey/upload-labs-writeup](https://github.com/landgrey/upload-labs-writeup) upload-labs writeup
- [**152**Star][3y] [Py] [laie/worldsfirstsha2vulnerability](https://github.com/laie/worldsfirstsha2vulnerability) Sha256 vulnerability for full rounds. Circular hash attack.
- [**152**Star][20d] [Go] [greenboxal/dns-heaven](https://github.com/greenboxal/dns-heaven) 通过/etc/resolv.conf 启用本地 DNS stack 来修复（愚蠢的） macOS DNS stack
- [**152**Star][5m] [Py] [ga-ryo/idafuzzy](https://github.com/ga-ryo/idafuzzy) Fuzzy search tool for IDA Pro.
- [**152**Star][2m] [Py] [ethereum/evmlab](https://github.com/ethereum/evmlab) Utilities for interacting with the Ethereum virtual machine
- [**152**Star][13d] [PS] [danmcinerney/pymetasploit3](https://github.com/danmcinerney/pymetasploit3) Automation library for Metasploit
- [**152**Star][14d] [Py] [cyb0r9/ispy](https://github.com/cyb0r9/ispy) Eternalblue(ms17-010)/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )
- [**152**Star][4y] [HTML] [code-scan/brodomain](https://github.com/code-scan/brodomain) 兄弟域名查询
- [**152**Star][5m] [C++] [checkpointsw/invizzzible](https://github.com/checkpointsw/invizzzible) InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
- [**152**Star][5m] [Py] [bruce30262/twindbg](https://github.com/bruce30262/twindbg) PEDA-like debugger UI for WinDbg
- [**152**Star][4m] [C] [adrianyy/eacreversing](https://github.com/adrianyy/eacreversing) Reversing EasyAntiCheat.
- [**152**Star][5m] [Java] [1998lixin/wechat-database](https://github.com/1998lixin/wechat-database) 破解微信数据库 获取想要的数据
- [**151**Star][3m] [randomuserid/adama](https://github.com/randomuserid/adama) Searches For Threat Hunting and Security Analytics
- [**151**Star][10d] [C] [thesofproject/sof](https://github.com/thesofproject/sof) Sound Open Firmware
- [**151**Star][4m] [C++] [rstephan/artnetwifi](https://github.com/rstephan/artnetwifi) Arduino library for Art-Net (artnet) over WiFi, send and receive DMX data. Runs on ESP8266, ESP32, WiFi101 and WiFiNINA devices.
- [**151**Star][12d] [Java] [gayanvoice/android-vpn-client-ics-openvpn](https://github.com/gayanvoice/android-vpn-client-ics-openvpn) 
- [**151**Star][9d] [Py] [hanc00l/wifitest](https://github.com/hanc00l/wifitest) 一个简单的wifi弱口令暴破的python脚本，可自动实时破解，不需要使用aircrack-ng抓包
- [**151**Star][10d] [C++] [ntop/bro-pf_ring](https://github.com/ntop/bro-pf_ring) Zeek (formerly Bro) plugin to capture packets through PF_RING
- [**151**Star][7d] [C#] [tyranid/windowsrpcclients](https://github.com/tyranid/windowsrpcclients) This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.
- [**151**Star][11d] [PHP] [backdoorhub/shell-backdoor-list](https://github.com/backdoorhub/shell-backdoor-list) a malicious piece of code (e.g. PHP, Python, Ruby) that can be uploaded to a site to gain access to files stored on that site.
- [**151**Star][5m] [C] [zmrbak/pcwechathook](https://github.com/zmrbak/pcwechathook) 云课堂《2019 PC微信 探秘》示例代码
- [**151**Star][3m] [Shell] [weaknetlabs/penetration-testing-grimoire](https://github.com/weaknetlabs/penetration-testing-grimoire) Custom Tools and Notes from my own Penetration Testing Experience
- [**151**Star][3m] [C] [valdikss/openvpn-fix-dns-leak-plugin](https://github.com/valdikss/openvpn-fix-dns-leak-plugin) OpenVPN plugin to fix Windows DNS Leaks
- [**151**Star][2m] [Py] [threatresponse/margaritashotgun](https://github.com/threatresponse/margaritashotgun) Remote Memory Acquisition Tool
- [**151**Star][14d] [C] [thispc/psiphon](https://github.com/thispc/psiphon) A multi-functional version of a popular network circumvention tool
- [**151**Star][4m] [Py] [t4d/stalkphish](https://github.com/t4d/stalkphish) StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
- [**151**Star][4y] [C] [sysprogs/virtualkd](https://github.com/sysprogs/virtualkd) 
- [**151**Star][13d] [spoock1024/web-security](https://github.com/spoock1024/web-security) Web安全中比较好的文章
- [**151**Star][28d] [Py] [snare/binjatron](https://github.com/snare/binjatron) Binary Ninja plugin for Voltron integration
- [**151**Star][1m] [JS] [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233) Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018
- [**151**Star][29d] [JS] [rwjblue/ember-cli-content-security-policy](https://github.com/rwjblue/ember-cli-content-security-policy) use Content Security Policy (CSP) in your project
- [**151**Star][8m] [CSS] [rubyfu/rubyfu](https://github.com/rubyfu/rubyfu) Rubyfu, where Ruby goes evil!
- [**151**Star][3y] [Py] [reswitched/cagetheunicorn](https://github.com/reswitched/cagetheunicorn) Debugging/emulating environment for Switch code
- [**151**Star][25d] [Py] [paloaltonetworks/pandevice](https://github.com/paloaltonetworks/pandevice) The Device Framework is a mechanism for interacting with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The Device Framework is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.
- [**151**Star][14d] [Py] [op1hacks/op1repacker](https://github.com/op1hacks/op1repacker) 
- [**151**Star][7d] [C] [notgiven688/webminerpool](https://github.com/notgiven688/webminerpool) Complete sources for a monero webminer.
- [**151**Star][16d] [C++] [nihilus/hexrays_tools](https://github.com/nihilus/hexrays_tools) Assist in creation of new structure definitions / virtual calls detection
- [**151**Star][4m] [mpgn/cve-2019-5418](https://github.com/mpgn/cve-2019-5418) CVE-2019-5418 - File Content Disclosure on Ruby on Rails
- [**151**Star][11d] [Py] [mhelwig/apk-anal](https://github.com/mhelwig/apk-anal) Android APK analyzer based on radare2 and others.
- [**151**Star][2y] [Py] [marty90/pychromedevtools](https://github.com/marty90/pychromedevtools) PyChromeDevTools is a python module that allows one to interact with Google Chrome using Chrome DevTools Protocol within a Python script.
- [**151**Star][1m] [Go] [magisterquis/sshhipot](https://github.com/magisterquis/sshhipot) High-interaction MitM SSH honeypot
- [**151**Star][4m] [Py] [macr0phag3/githubmonitor](https://github.com/macr0phag3/githubmonitor) 根据关键字与 hosts 生成的关键词，利用 github 提供的 api，监控 git 泄漏。
- [**151**Star][3y] [C++] [lducas/fhew](https://github.com/lducas/fhew) 
- [**151**Star][10d] [Rust] [kpcyrd/rshijack](https://github.com/kpcyrd/rshijack) TCP连接劫持
- [**151**Star][10d] [C] [koutto/ioctlbf](https://github.com/koutto/ioctlbf) Windows Kernel Drivers fuzzer
- [**151**Star][25d] [Shell] [kevlar1818/is_my_password_pwned](https://github.com/kevlar1818/is_my_password_pwned) How often does your password appear in the Pwned Passwords database? Uses the k-anonymity API.
- [**151**Star][27d] [C] [jongates/jon](https://github.com/jongates/jon) jon 是一款LINUX系统攻防工具箱，包含扫描，入侵，痕迹清理，木马，网站测试等各种黑客工具。Jon is a toolbox of Linux, including scanning, intrusion, trace cleaning, Trojan horse, website testing and other hacker tools.
- [**151**Star][4m] [JS] [gabemarshall/microctfs](https://github.com/gabemarshall/microctfs) Small CTF challenges running on Docker
- [**151**Star][2y] [css] [eun/ctf.tf](https://github.com/eun/ctf.tf) A database of collected CTFs and their solutions.
- [**151**Star][2m] [Py] [elcodigok/wphardening](https://github.com/elcodigok/wphardening) Wordpress 安全加固工具
- [**151**Star][3y] [Py] [drizzlerisk/bunpacker](https://github.com/drizzlerisk/bunpacker) BUnpacker是一款Android脱壳工具
- [**151**Star][28d] [Py] [cls1991/ng](https://github.com/cls1991/ng) 获取未连接的 Wifi 的密码
- [**151**Star][3m] [Shell] [cihanmehmet/sub.sh](https://github.com/cihanmehmet/sub.sh) Online Subdomain Detect Script
- [**151**Star][2y] [JS] [alexzzz9/ps4-5.01-webkit-exploit-poc](https://github.com/alexzzz9/ps4-5.01-webkit-exploit-poc) PS4 5.01 WebKit Exploit PoC
- [**151**Star][2y] [PS] [airbus-seclab/powersap](https://github.com/airbus-seclab/powersap) Powershell SAP assessment tool
- [**150**Star][16d] [C#] [josephkingstone/cobalt_strike_extension_kit](https://github.com/josephkingstone/cobalt_strike_extension_kit) Tired of typing execute-assembly everytime you use Cobalt Strike? Clone this.
- [**150**Star][14d] [Py] [mattmurray/juno_crawler](https://github.com/mattmurray/juno_crawler) Scrapy crawler to collect data on the back catalog of songs listed for sale.
- [**150**Star][4m] [0xdidu/reverse-engineering-intel-x64-101](https://github.com/0xdidu/reverse-engineering-intel-x64-101) Material for a RE 101 class on Intel x64 binaries
- [**150**Star][5m] [Java] [luohaha/jlitespider](https://github.com/luohaha/jlitespider) A lite distributed Java spider framework :-)
- [**150**Star][8d] [Kotlin] [mazenrashed/printooth](https://github.com/mazenrashed/printooth) A well documented, high-level Android interface that makes printing via bluetooth printers easier
- [**150**Star][16d] [Py] [arry-lee/wereader](https://github.com/arry-lee/wereader) 一个功能全面的微信读书爬虫 wereader
- [**150**Star][11d] [Py] [austinoboyle/scrape-linkedin-selenium](https://github.com/austinoboyle/scrape-linkedin-selenium) `scrape_linkedin` is a python package that allows you to scrape personal LinkedIn profiles & company pages - turning the data into structured json.
- [**150**Star][12d] [PS] [nsacyber/nsacyber.github.io](https://github.com/nsacyber/nsacyber.github.io) NSA Cybersecurity. Formerly known as NSA Information Assurance and the Information Assurance Directorate
- [**150**Star][11d] [C] [vmcall/dxgkrnl_hook](https://github.com/vmcall/dxgkrnl_hook) C++ graphics kernel subsystem hook
- [**150**Star][18d] [Py] [fuzzitdev/pythonfuzz](https://github.com/fuzzitdev/pythonfuzz) coverage guided fuzz testing for python
- [**150**Star][23d] [Py] [vysecurity/ipfuscator](https://github.com/vysecurity/IPFuscator) IPFuscator - A tool to automatically generate alternative IP representations
- [**150**Star][1y] [Java] [wnagzihxa1n/ctf-mobile](https://github.com/wnagzihxa1n/CTF-Mobile) CTF Solutions by me
- [**150**Star][13d] [Py] [checkymander/imessagesbackdoor](https://github.com/checkymander/iMessagesBackdoor) A script to help set up an event handler in order to install a persistent backdoor that can be activated by sending a message.
- [**150**Star][20d] [Py] [und3rf10w/external_c2_framework](https://github.com/und3rf10w/external_c2_framework) Python api for usage with cobalt strike's External C2 specification
- [**150**Star][11d] [Jupyter Notebook] [threathuntingproject/hunter](https://github.com/threathuntingproject/hunter) A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
- [**150**Star][4y] [PS] [sw4mpf0x/powerlurk](https://github.com/sw4mpf0x/powerlurk) Malicious WMI Events using PowerShell
- [**150**Star][6y] [C] [strazzere/android-lkms](https://github.com/strazzere/android-lkms) Android Loadable Kernel Modules - mostly used for reversing and debugging on controlled systems/emulators
- [**150**Star][2y] [Py] [stfpeak/ctf](https://github.com/stfpeak/ctf) some experience in CTFs
- [**150**Star][14d] [Py] [skyplabs/probequest](https://github.com/skyplabs/probequest) Toolkit for Playing with Wi-Fi Probe Requests
- [**150**Star][2y] [Py] [shawarkhanethicalhacker/d-tect](https://github.com/shawarkhanethicalhacker/d-tect) D-TECT - Pentesting the Modern Web
- [**150**Star][2m] [JS] [reggino/jsc64](https://github.com/reggino/jsc64) The JavaScript Commodore 64 emulator
- [**150**Star][2m] [Py] [realpython/stack-spider](https://github.com/realpython/stack-spider) 
- [**150**Star][2m] [HTML] [pwnwiki/kaliwiki](https://github.com/pwnwiki/kaliwiki) Unofficial Kali Documentation Project
- [**150**Star][17d] [osm0sis/android-busybox-ndk](https://github.com/osm0sis/android-busybox-ndk) Keeping track of instructions and patches for building busybox with the Android NDK
- [**150**Star][1m] [C] [ortegaalfredo/kscope](https://github.com/ortegaalfredo/kscope) Small tool to visualize small differences on syscall timing
- [**150**Star][3y] [Py] [nullarray/pycat](https://github.com/nullarray/pycat) Python network tool, similar to Netcat with custom features.
- [**150**Star][3y] [Shell] [n0pe-sled/postfix-server-setup](https://github.com/n0pe-sled/postfix-server-setup) 
- [**150**Star][4m] [C#] [mihaifm/hibpofflinecheck](https://github.com/mihaifm/hibpofflinecheck) Keepass plugin that performs offline and online checks against HaveIBeenPwned passwords
- [**150**Star][11d] [C#] [metalnem/sharpfuzz](https://github.com/metalnem/sharpfuzz) AFL-based fuzz testing for .NET
- [**150**Star][4m] [PHP] [mebjas/csrf-protector-php](https://github.com/mebjas/csrf-protector-php) CSRF Protector library: standalone library for CSRF mitigation
- [**150**Star][20d] [Py] [karmenzind/fp-server](https://github.com/karmenzind/fp-server) Free proxy server, continuously crawling and providing proxies, based on Tornado and Scrapy. 
- [**150**Star][15d] [Makefile] [jonathansalwan/binary-samples](https://github.com/jonathansalwan/binary-samples) Samples of binary with different formats and architectures. A test suite for your binary analysis tools.
- [**150**Star][2m] [Shell] [jed/certbot-route53](https://github.com/jed/certbot-route53) Helping create Let's Encrypt certificates for AWS Route53
- [**150**Star][10m] [Py] [ionelmc/python-remote-pdb](https://github.com/ionelmc/python-remote-pdb) Remote vanilla PDB (over TCP sockets).
- [**150**Star][4m] [ignitetechnologies/ctf-difficulty](https://github.com/ignitetechnologies/ctf-difficulty) This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
- [**150**Star][5m] [Shell] [hardenedlinux/debian-gnu-linux-profiles](https://github.com/hardenedlinux/debian-gnu-linux-profiles) Debian GNU/Linux based Services Profiles
- [**150**Star][11d] [Py] [google/tcp_killer](https://github.com/google/tcp_killer) 关闭 Linux或 MacOS 的 Tcp 端口
- [**150**Star][25d] [C] [glv2/bruteforce-wallet](https://github.com/glv2/bruteforce-wallet) Try to find the password of an encrypted Peercoin (or Bitcoin, Litecoin, etc...) wallet file.
- [**150**Star][20d] [CSS] [epfl-vlsc/memoro](https://github.com/epfl-vlsc/memoro) 堆详情查探器, 可查看进程分配堆的位置和时间, 以及进程如何使用堆内存
- [**150**Star][2y] [dragonquesthero/awesome-windows-security-development](https://github.com/dragonquesthero/awesome-windows-security-development) awesome-windows-security-development
- [**150**Star][6m] [C++] [dekuan/vwfirewall](https://github.com/dekuan/vwfirewall) 微盾®VirtualWall®防火墙整套源代码
- [**150**Star][14d] [Lua] [davidm/lua-inspect](https://github.com/davidm/lua-inspect) Lua code analysis, with plugins for HTML and SciTE
- [**150**Star][15d] [Py] [ctxis/canape](https://github.com/ctxis/canape) CANAPE Network Testing Tool
- [**150**Star][1m] [Rust] [bryant/argon2rs](https://github.com/bryant/argon2rs) The pure-Rust password hashing library running on Argon2.
- [**150**Star][1m] [Py] [blackye/lalascan](https://github.com/blackye/lalascan) 自主开发的分布式web漏洞扫描框架，集合webkit爬虫，Subdomain子域名发现，sqli、反射xss、Domxss等owasp top10漏洞扫描和边界资产发现能力。同时为通用CMS POC扫描提供了插件扩展平台
- [**150**Star][2y] [Py] [ax330d/hrdev](https://github.com/ax330d/hrdev) Hex-Rays Decompiler Enhanced View
- [**150**Star][18d] [JS] [as0ler/frida-scripts](https://github.com/as0ler/frida-scripts) Repository including some useful frida script for iOS Reversing
- [**150**Star][12d] [Go] [arnaucube/go-snark](https://github.com/arnaucube/go-snark) zkSNARK library implementation in Go from scratch
- [**150**Star][11d] [Java] [al3xtjames/ghidra-firmware-utils](https://github.com/al3xtjames/ghidra-firmware-utils) Ghidra utilities for analyzing PC firmware
- [**150**Star][1y] [C] [0x00pf/0x00sec_code](https://github.com/0x00pf/0x00sec_code) Code for my 0x00sec.org posts
- [**149**Star][11d] [Py] [hexway/r00kie-kr00kie](https://github.com/hexway/r00kie-kr00kie) PoC exploit for the CVE-2019-15126 kr00k vulnerability
- [**149**Star][1m] [Go] [t94j0/satellite](https://github.com/t94j0/satellite) easy-to-use payload hosting
- [**149**Star][4m] [C++] [yjjnls/d.s.a-leet](https://github.com/yjjnls/d.s.a-leet) References and summary for leetcode high-frequency algorithm problems
- [**149**Star][7d] [C++] [yuepanedward/gh-icp](https://github.com/yuepanedward/gh-icp) GH-ICP: Iterative Closest Point algorithm with global optimal matching and hybrid metric
- [**149**Star][16d] [Py] [ring04h/thorns](https://github.com/ring04h/thorns) thorns_project 分布式异步队列系统
- [**149**Star][1m] [Py] [ring04h/rtcp2udp](https://github.com/ring04h/rtcp2udp) Reverse TCP Port to UDP Forwarding Tools
- [**149**Star][25d] [PHP] [dunglas/dunglasangularcsrfbundle](https://github.com/dunglas/dunglasangularcsrfbundle) Automatic CSRF protection for JavaScript apps using a Symfony API
- [**149**Star][11d] [JS] [jesusprubio/shodan-client](https://github.com/jesusprubio/shodan-client) 
- [**149**Star][17d] [Shell] [zxui/shell](https://github.com/zxui/shell) 
- [**149**Star][1y] [C++] [zombiecraig/udsim](https://github.com/zombiecraig/udsim) a graphical simulator that can emulate different modules in a vehicle and respond to UDS request.
- [**149**Star][17d] [C] [ud2/advisories](https://github.com/ud2/advisories) Security advisories
- [**149**Star][2y] [ObjC] [tihmstar/jelbrektime](https://github.com/tihmstar/jelbrektime) An developer jailbreak for Apple watch S3 watchOS 4.1
- [**149**Star][2y] [C++] [tandasat/memorymon](https://github.com/tandasat/memorymon) Detecting execution of kernel memory where is not backed by any image file
- [**149**Star][1y] [Py] [t4d/phishingkithunter](https://github.com/t4d/phishingkithunter) Find phishing kits which use your brand/organization's files and image.
- [**149**Star][8m] [Py] [safebreach-labs/sireprat](https://github.com/safebreach-labs/sireprat) Remote Command Execution as SYSTEM on Windows IoT Core
- [**149**Star][5m] [C] [r-a-w/torproxy](https://github.com/r-a-w/torproxy) TorProxy is a tool which uses netfilter hooks in the linux kernel to route all network traffic through the Tor network
- [**149**Star][4m] [ObjC] [qusic/traceutility](https://github.com/qusic/traceutility) Extract data from .trace documents generated by Instruments
- [**149**Star][29d] [C] [quarkslab/dreamboot](https://github.com/quarkslab/dreamboot) UEFI bootkit
- [**149**Star][11d] [Dockerfile] [peterdavehello/tor-socks-proxy](https://github.com/peterdavehello/tor-socks-proxy) 
- [**149**Star][2m] [Arduino] [offensive-security/hid-backdoor-peensy](https://github.com/offensive-security/hid-backdoor-peensy) Reliable Teensy Penetration Testing Payload
- [**149**Star][14d] [Py] [mitre/cascade-server](https://github.com/mitre/cascade-server) a research project at MITRE which seeks to automate much of the investigative work a “blue-team” team would perform to determine the scope and maliciousness of suspicious behavior on a network using host data
- [**149**Star][3y] [Py] [mdsecactivebreach/powerdns](https://github.com/mdsecactivebreach/powerdns) Powershell DNS Delivery
- [**149**Star][2y] [PS] [mattifestation/psreflect](https://github.com/mattifestation/psreflect) Easily define in-memory enums, structs, and Win32 functions in PowerShell
- [**149**Star][27d] [C] [mak-/mak_it-linux-rootkit](https://github.com/mak-/mak_it-linux-rootkit) This is a linux rootkit using many of the techniques described on
- [**149**Star][4m] [HTML] [luxiaok/dnsmasqweb](https://github.com/luxiaok/dnsmasqweb) 基于DNSmasq的DNS解析、以及DHCP地址分配系统
- [**149**Star][10m] [HTML] [l4bf0x/phishingpretexts](https://github.com/l4bf0x/phishingpretexts) A library of pretexts to use on offensive phishing engagements.
- [**149**Star][4m] [Roff] [kirtar22/litmus_test](https://github.com/kirtar22/litmus_test) Detecting ATT&CK techniques & tactics for Linux
- [**149**Star][24d] [Java] [kantega/notsoserial](https://github.com/kantega/notsoserial) Java Agent which mitigates deserialisation attacks by making certain classes unserializable
- [**149**Star][1m] [Go] [justinazoff/bro-pdns](https://github.com/justinazoff/bro-pdns) Passive DNS collection using Bro
- [**149**Star][4m] [JS] [june07/nim](https://github.com/june07/nim) Streamline Your Node.js Debugging Workflow with Chromium (Chrome, Edge, More) DevTools.
- [**149**Star][16d] [jlopp/physical-bitcoin-attacks](https://github.com/jlopp/physical-bitcoin-attacks) A list of known attacks against Bitcoin / crypto asset owning entities that occurred in meatspace.
- [**149**Star][10d] [Shell] [itskindred/jalesc](https://github.com/itskindred/jalesc) Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box
- [**149**Star][4m] [AutoIt] [igromanru/dark-souls-iii-cheat-engine-guide](https://github.com/igromanru/dark-souls-iii-cheat-engine-guide) Latest CE table and guide for Dark Souls 3
- [**149**Star][2y] [C++] [honorarybot/pulsedbg](https://github.com/honorarybot/pulsedbg) Hypervisor-based debugger
- [**149**Star][1m] [halit/hackercamp](https://github.com/halit/hackercamp) Enine boyuna siber güvenlik
- [**149**Star][30d] [C++] [finixbit/elf-parser](https://github.com/finixbit/elf-parser) Lightweight elf binary parser with no external dependencies - Sections, Symbols, Relocations, Segments
- [**149**Star][3y] [Py] [enginebai/pymedium](https://github.com/enginebai/pymedium) Unofficial Medium Python Flask API and SDK
- [**149**Star][3y] [C#] [endgameinc/py2exedecompiler](https://github.com/endgameinc/py2exedecompiler) Decompiles Exe created by Py2Exe using uncompyle6 for both python 2 and 3.
- [**149**Star][17d] [Visual Basic] [dzzie/pdfstreamdumper](https://github.com/dzzie/pdfstreamdumper) research tool for the analysis of malicious pdf documents. make sure to run the installer first to get all of the 3rd party dlls installed correctly.
- [**149**Star][27d] [C] [dsnezhkov/zombieant](https://github.com/dsnezhkov/zombieant) Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
- [**149**Star][5y] [Py] [devttys0/wps](https://github.com/devttys0/wps) WPS related utilities
- [**149**Star][4m] [Py] [derekhe/proxypool](https://github.com/derekhe/proxypool) 高质量免费代理池——每日1w+代理资源滚动更新
- [**149**Star][25d] [Shell] [depoon/iosdylibinjectiondemo](https://github.com/depoon/iosdylibinjectiondemo) Using this Repository to demo how to inject dynamic libraries into cracked ipa files for jailed iOS devices
- [**149**Star][3y] [Py] [davidpany/wmi_forensics](https://github.com/davidpany/wmi_forensics)  scripts used to find evidence in WMI repositories, specifically OBJECTS.DATA files
- [**149**Star][1y] [Ruby] [darkoperator/meterpreter-scripts](https://github.com/darkoperator/meterpreter-scripts) Meterpreter Scripts that I'm working on
- [**149**Star][1m] [Rust] [d0nutptr/sic](https://github.com/d0nutptr/sic) A tool to perform Sequential Import Chaining
- [**149**Star][14d] [C] [clearlinux/cve-check-tool](https://github.com/clearlinux/cve-check-tool) Original Automated CVE Checking Tool
- [**149**Star][1m] [Py] [brain-research/tensorfuzz](https://github.com/brain-research/tensorfuzz) A library for performing coverage guided fuzzing of neural networks
- [**149**Star][5y] [C++] [blankwall/python_pin](https://github.com/blankwall/python_pin) 
- [**149**Star][23d] [Py] [blackploit/hash-identifier](https://github.com/blackploit/hash-identifier) Software to identify the different types of hashes used to encrypt data and especially passwords
- [**149**Star][30d] [C++] [aclements/libelfin](https://github.com/aclements/libelfin) C++11 ELF/DWARF parser
- [**148**Star][9d] [Go] [rupor-github/wsl-ssh-agent](https://github.com/rupor-github/wsl-ssh-agent) Helper to interface with Windows ssh-agent.exe service from Windows Subsystem for Linux (WSL)
- [**148**Star][9d] [PS] [evotecit/testimo](https://github.com/evotecit/testimo) Testimo is PowerShell module for running health checks for Active Directory (and later on any other server type) against a bunch of different tests
- [**148**Star][4m] [C++] [andrivet/advi3pp](https://github.com/andrivet/advi3pp) ADVi3++, an alternative and better firmware for Wanhao i3 Plus printers and clones. Fork of Marlin Firmware.
- [**148**Star][13d] [Ruby] [tonytonyjan/jaro_winkler](https://github.com/tonytonyjan/jaro_winkler) Ruby & C implementation of Jaro-Winkler distance algorithm which supports UTF-8 string.
- [**148**Star][9d] [payloadbox/xxe-injection-payload-list](https://github.com/payloadbox/xxe-injection-payload-list) XML External Entity (XXE) Injection Payload List
- [**148**Star][12d] [Java] [nordicsemiconductor/android-nrf-mesh-library](https://github.com/nordicsemiconductor/android-nrf-mesh-library) Preview version of the Bluetooth Mesh Provisioner and Configurator library
- [**148**Star][13d] [C#] [virb3/de4dot-cex](https://github.com/virb3/de4dot-cex) 
- [**148**Star][12d] [Py] [prodigysml/dr.-watson](https://github.com/prodigysml/dr.-watson) a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information!
- [**148**Star][6m] [JS] [dfirkuiper/kuiper](https://github.com/dfirkuiper/kuiper) a digital investigation platform that provides a capabilities for the investigation team and individuals to parse, search, visualize collected evidences (evidences could be collected by fast traige script like Hoarder)
- [**148**Star][2m] [C] [sciencemanx/dress](https://github.com/sciencemanx/dress) add symbols back into a stripped ELF binary (~strip)
- [**148**Star][4m] [Java] [zhouat/inject-hook](https://github.com/zhouat/inject-hook) for android
- [**148**Star][12d] [Py] [wmliang/pe-afl](https://github.com/wmliang/pe-afl) 
- [**148**Star][4m] [ObjC] [ursachec/cpaproxy](https://github.com/ursachec/cpaproxy) A thin Objective-C wrapper around Tor.
- [**148**Star][21d] [Go] [ullaakut/camerattack](https://github.com/ullaakut/camerattack) An attack tool designed to remotely disable CCTV camera streams (like in spy movies)
- [**148**Star][2m] [Py] [secureworks/flowsynth](https://github.com/secureworks/flowsynth) a network packet capture compiler
- [**148**Star][17d] [Java] [sectooladdict/wavsep](https://github.com/sectooladdict/wavsep) The Web Application Vulnerability Scanner Evaluation Project
- [**148**Star][12d] [Rust] [rust-ammonia/ammonia](https://github.com/rust-ammonia/ammonia) Repair and secure untrusted HTML
- [**148**Star][17d] [Py] [ripe-atlas-community/ripe-atlas-community-contrib](https://github.com/ripe-atlas-community/ripe-atlas-community-contrib) Repository for links towards tools written during hackathons, and a collection of contributions by the community of the RIPE Atlas visualizations, tools for analysing measurements data and other scripts
- [**148**Star][16d] [Py] [revng/llvmcpy](https://github.com/revng/llvmcpy) Python bindings for LLVM auto-generated from the LLVM-C API
- [**148**Star][2y] [Py] [raminfp/linux_exploit_development](https://github.com/raminfp/linux_exploit_development) Linux Exploit Development Techniques
- [**148**Star][11d] [Java] [quentinhardy/jndiat](https://github.com/quentinhardy/jndiat) 渗透工具, 通过T3协议攻击Weblogic服务器
- [**148**Star][12d] [C++] [oatpp/oatpp-examples](https://github.com/oatpp/oatpp-examples) List of example projects of how to use oat++ framework
- [**148**Star][3y] [C] [nccgroup/triforcelinuxsyscallfuzzer](https://github.com/nccgroup/triforcelinuxsyscallfuzzer) A linux system call fuzzer using TriforceAFL
- [**148**Star][2y] [Ruby] [nccgroup/binproxy](https://github.com/nccgroup/binproxy) BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.
- [**148**Star][17d] [HTML] [maestron/hacking-tutorials](https://github.com/maestron/hacking-tutorials) hacking-tutorials
- [**148**Star][4y] [Py] [kgretzky/python-x86-obfuscator](https://github.com/kgretzky/python-x86-obfuscator) This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
- [**148**Star][2y] [PS] [jepaynemsft/weffles](https://github.com/jepaynemsft/weffles) Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
- [**148**Star][3m] [Shell] [izzysoft/adebar](https://github.com/izzysoft/adebar) Android DEvice Backup And Report, using Bash and ADB
- [**148**Star][7y] [PHP] [ircmaxell/php-cryptlib](https://github.com/ircmaxell/php-cryptlib) A Cryptography Library for PHP
- [**148**Star][4m] [PHP] [incredibleindishell/cors-vulnerable-lab](https://github.com/incredibleindishell/cors-vulnerable-lab) Sample vulnerable code and its exploit code
- [**148**Star][16d] [C++] [herumi/msoffice](https://github.com/herumi/msoffice) A tool/lib to encrypt/decrypt Microsoft Office Document
- [**148**Star][4m] [guanchao/androidchecklist](https://github.com/guanchao/androidchecklist) Android应用审计checklist整理
- [**148**Star][5m] [C] [grimm-co/killerbeez](https://github.com/grimm-co/killerbeez) A distributed fuzzer which aims to pull in the best technologies, make them play nicely together, and run on multiple O/Ses.
- [**148**Star][8m] [Py] [frint0/mass-pwn-vbulletin](https://github.com/frint0/mass-pwn-vbulletin) Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan (CVE-2019-16759)
- [**148**Star][6m] [C] [felixwilhelm/mario_baslr](https://github.com/felixwilhelm/mario_baslr) PoC for breaking hypervisor ASLR using branch target buffer collisions
- [**148**Star][6y] [C++] [f-secure/sulo](https://github.com/f-secure/sulo) Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin
- [**148**Star][8m] [Pascal] [coldzer0/cmulator](https://github.com/coldzer0/cmulator) ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript
- [**148**Star][6m] [Py] [blueudp/deep-explorer](https://github.com/blueudp/deep-explorer) Deep Explorer is a tool developed in python which purpose is the search of hidden services in tor network, using Ahmia Browser and crawling the links obtained
- [**148**Star][20d] [bin2415/fuzzing_paper](https://github.com/bin2415/fuzzing_paper) puzzing related paper
- [**147**Star][17d] [Java] [threedr3am/gadgetinspector](https://github.com/threedr3am/gadgetinspector) 一个通过分析字节码进行污点分析的静态代码审计应用（添加了大量代码注释，适合大家进行源码学习）。加入了挖掘Fastjson反序列化gadget chains（曾使用它挖掘到了Fastjson、Jackson通用的gadget chain）和SQLInject（JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等）静态检测功能。
- [**147**Star][8d] [C#] [dotnet/kerberos.net](https://github.com/dotnet/Kerberos.NET) A Kerberos implementation built entirely in managed code.
- [**147**Star][6m] [Java] [silencedut/router](https://github.com/silencedut/router) Router —— A substitute good of EventBus similar implemented by dynamic proxy
- [**147**Star][18d] [Ruby] [aeris/cryptcheck](https://github.com/aeris/cryptcheck) Verify some SSL/TLS website or XMPP implementation
- [**147**Star][4m] [JS] [amilajack/js-algorithms](https://github.com/amilajack/js-algorithms) A collection of algorithms written in javascript
- [**147**Star][20d] [JS] [cn-panda/javacodeaudit](https://github.com/cn-panda/javacodeaudit) Getting started with java code auditing 代码审计入门的小项目
- [**147**Star][16d] [Py] [thelinuxchoice/pyrat](https://github.com/thelinuxchoice/pyrat) Windows Remote Administration Tool (RAT)
- [**147**Star][4m] [C] [rohde-schwarz/trustedgrub2](https://github.com/Rohde-Schwarz/TrustedGRUB2) TPM enabled GRUB2 Bootloader
- [**147**Star][6m] [PS] [lazywinadmin/monitor-adgroupmembership](https://github.com/lazywinadmin/Monitor-ADGroupMembership) PowerShell script to monitor Active Directory groups and send an email when someone is changing the membership
- [**147**Star][11d] [Shell] [newbee119/ssh-scanner](https://github.com/NewBee119/ssh-scanner) ssh password guessing，ssh登录密码破解
- [**147**Star][1y] [Shell] [wazehell/pe-linux](https://github.com/wazehell/pe-linux) Linux Privilege Escalation Tool By WazeHell
- [**147**Star][9m] [Py] [wangyihang/sourceleakhacker](https://github.com/wangyihang/sourceleakhacker) a muilt-thread web source leak detector
- [**147**Star][2y] [Py] [viralmaniar/remote-desktop-caching-](https://github.com/viralmaniar/remote-desktop-caching-) This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely u…
- [**147**Star][14d] [C] [treehacks/botnet-hackpack](https://github.com/treehacks/botnet-hackpack) Build a basic Command & Control botnet in C
- [**147**Star][4m] [C#] [talaloni/smblibrary](https://github.com/talaloni/smblibrary) Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0 and SMB 2.1 Server Library
- [**147**Star][23d] [Py] [spiderlabs/cribdrag](https://github.com/spiderlabs/cribdrag) cribdrag - an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys
- [**147**Star][1m] [Py] [skochinsky/me-tools](https://github.com/skochinsky/me-tools) Tools for working with Intel ME
- [**147**Star][2m] [C] [saleemrashid/ledger-mcu-backdoor](https://github.com/saleemrashid/ledger-mcu-backdoor) Proof of Concept for Ledger Nano S MCU exploit
- [**147**Star][4y] [Py] [risksense-ops/cve-2016-6366](https://github.com/risksense-ops/cve-2016-6366) Public repository for improvements to the EXTRABACON exploit
- [**147**Star][2y] [ObjC] [psychotea/meridianjb](https://github.com/psychotea/meridianjb) An iOS 10.x Jailbreak for all 64-bit devices.
- [**147**Star][4m] [Py] [omegak2/pypoe](https://github.com/omegak2/pypoe) Collection of Python Tools for Path of Exile
- [**147**Star][3y] [Java] [nickstadb/deserlab](https://github.com/nickstadb/deserlab) Java deserialization exploitation lab.
- [**147**Star][13d] [Shell] [nccgroup/chuckle](https://github.com/nccgroup/chuckle) An automated SMB relay exploitation script.
- [**147**Star][1m] [Go] [mylxsw/remote-tail](https://github.com/mylxsw/remote-tail) RemoteTail用于同步监控多台服务器日志文件变更，一句话说就是多主机的远程tail。
- [**147**Star][4m] [Py] [myaooo/rnnvis](https://github.com/myaooo/rnnvis) A visualization tool for understanding and debugging RNNs
- [**147**Star][4m] [C#] [microsoft/windowsprotocoltestsuites](https://github.com/microsoft/windowsprotocoltestsuites) Windows Protocol Test Suites provide interoperability testing against an implementation of the Windows open specifications.
- [**147**Star][15d] [Ruby] [michenriksen/searchpass](https://github.com/michenriksen/searchpass) A simple tool for offline searching of default credentials for network devices, web applications and more.
- [**147**Star][27d] [Py] [m8r0wn/subscraper](https://github.com/m8r0wn/subscraper) External pentest and bug bounty tool to perform subdomain enumeration through various techniques. SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps.
- [**147**Star][13d] [Py] [m8r0wn/enumdb](https://github.com/m8r0wn/enumdb) MySQL/MSSQL 爆破和后渗透工具, 搜索数据库并提取敏感信息
- [**147**Star][16d] [C] [keenerd/rtl-sdr-misc](https://github.com/keenerd/rtl-sdr-misc) A bucket of various work-in-progress rtl-sdr ideas.
- [**147**Star][12d] [JS] [jupyterhub/configurable-http-proxy](https://github.com/jupyterhub/configurable-http-proxy) node-http-proxy plus a REST API
- [**147**Star][7m] [PS] [jaredcatkinson/psreflect-functions](https://github.com/jaredcatkinson/psreflect-functions) Module to provide PowerShell functions that abstract Win32 API functions
- [**147**Star][11d] [inquest/yara-rules](https://github.com/inquest/yara-rules) A collection of YARA rules we wish to share with the world, most probably referenced from
- [**147**Star][9m] [PostScript] [guardianproject/orfox](https://github.com/guardianproject/orfox) UPDATE: Orfox is being replaced by Tor Browser for Android. All future work and comments will be handled by Tor Project.
- [**147**Star][2m] [CoffeeScript] [furqansoftware/node-whois](https://github.com/furqansoftware/node-whois) A simple WHOIS client for NodeJS
- [**147**Star][10d] [C] [dgiardini/rtl-ais](https://github.com/dgiardini/rtl-ais) A simple AIS tuner and generic dual-frequency FM demodulator
- [**147**Star][1m] [Ruby] [conradirwin/dotgpg](https://github.com/conradirwin/dotgpg) A secure and easy-to-use store for your production secrets
- [**147**Star][11m] [Py] [codingo/minesweeper](https://github.com/codingo/minesweeper) A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
- [**147**Star][17d] [Makefile] [cirosantilli/arm-assembly-cheat](https://github.com/cirosantilli/arm-assembly-cheat) MOVED TO:
- [**147**Star][2m] [Ruby] [chendo/airchat](https://github.com/chendo/airchat) AirChat lets you chat to nearby users by abusing the AirDrop interface on OS X.
- [**147**Star][2m] [Ruby] [bitzesty/devise_zxcvbn](https://github.com/bitzesty/devise_zxcvbn) Devise plugin to reject weak passwords using zxcvbn
- [**147**Star][19d] [C++] [b4rtik/metasploit-execute-assembly](https://github.com/b4rtik/metasploit-execute-assembly) Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
- [**147**Star][11d] [Java] [apache/commons-compress](https://github.com/apache/commons-compress) Mirror of Apache Commons Compress
- [**147**Star][1m] [Ruby] [aidanns/vagrant-reload](https://github.com/aidanns/vagrant-reload) A plugin that allows you to reload a Vagrant plugin as a provisioning step.
- [**147**Star][12d] [C] [adrianyy/rw_socket_driver](https://github.com/adrianyy/rw_socket_driver) Driver that uses network sockets to communicate with client and read/ write protected process memory.
- [**146**Star][14d] [Lua] [infosecmatter/default-http-login-hunter](https://github.com/infosecmatter/default-http-login-hunter) Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
- [**146**Star][12d] [Py] [epi052/recon-pipeline](https://github.com/epi052/recon-pipeline) An automated target reconnaissance pipeline.
- [**146**Star][4m] [JS] [michael-yin/scrapy_guru](https://github.com/michael-yin/scrapy_guru) Everybody can be scrapy guru
- [**146**Star][4m] [PS] [itm4n/privesccheck](https://github.com/itm4n/privesccheck) Privilege Escalation Enumeration Script for Windows
- [**146**Star][4m] [PHP] [shadz3rg/phpstamp](https://github.com/shadz3rg/phpstamp) The XSL-way templating library for MS Office Word DOCX documents.
- [**146**Star][4m] [jayboxyz/websites-and-tools](https://github.com/jayboxyz/websites-and-tools) 
- [**146**Star][4m] [PHP] [knyzorg/sitemap-generator-crawler](https://github.com/knyzorg/sitemap-generator-crawler) Script that generates a sitemap by crawling a given URL
- [**146**Star][14d] [Go] [skx/go.vm](https://github.com/skx/go.vm) A simple virtual machine - compiler & interpreter - written in golang
- [**146**Star][14d] [neo23x0/vti-dorks](https://github.com/neo23x0/vti-dorks) Awesome VirusTotal Intelligence Search Queries
- [**146**Star][21d] [Rust] [gamozolabs/fzero_fuzzer](https://github.com/gamozolabs/fzero_fuzzer) A fast Rust-based safe and thead-friendly grammar-based fuzz generator
- [**146**Star][23d] [Py] [mubix/osx-wificleaner](https://github.com/mubix/osx-wificleaner) Cleans out "open" wireless connections from OSX machine
- [**146**Star][2m] [Shell] [adroitadorkhan/energizedprotection](https://github.com/AdroitAdorKhan/EnergizedProtection) A merged collection of hosts from reputable sources. #StayEnergized!
- [**146**Star][3m] [Java] [zaproxy/zap-hud](https://github.com/zaproxy/zap-hud) 看ZAP如何解决安全工具的UX特别难用的问题
- [**146**Star][8d] [JS] [theori-io/zer0con2018_bpak](https://github.com/theori-io/zer0con2018_bpak) 为Google Chrome创建1-dayExploit(Zer0Con)
- [**146**Star][4m] [Py] [swisskyrepo/vulny-code-static-analysis](https://github.com/swisskyrepo/vulny-code-static-analysis) Basic script to detect vulnerabilities into a PHP source code using statical analysis, based on regex
- [**146**Star][5y] [C++] [stevenhickson/findtheghost](https://github.com/stevenhickson/findtheghost) Quick example of how to break Snapchat's Captcha
- [**146**Star][16d] [sky8964/home](https://github.com/sky8964/home) 【墙外到墙内搬运工】郭文贵 推特党 兲朝浮世绘 小民之心 辛灏年 曹长青 袁红冰 旗袍 袁腾飞 翻墙 科学上网 | 搬运工 自由 民主 法治 宪政 人权 平等 视频 音频 文字版 在线 播放 下载 民运 维权 王岐山 孟建柱 孙力军 傅振华 江棉恒 江泽民 习近平 温家宝 王芳 董卿 杨澜 周小平 吴征 唐柏桥 e租宝 泛亚 共产党 赵家 盜国贼 内幕 黑暗 灾难 专政 上访 游行 暴乱 欺骗 谎言 腐败 通奸 权贵 马航 老兵 活摘 启蒙 墙外 墙内 防火墙 防火长城 功夫网 党文化 民阵 爆料 九评 杨建利 郭宝胜 昭明 反共 法轮功 自媒体 Youtube 油管 推特 Twitter 网盘 传播 关注 五毛 自干五 特务 红二代 红三代 官二代 土共 共匪
- [**146**Star][1y] [Py] [ritiek/scribd-downloader](https://github.com/ritiek/scribd-downloader) A scribd-downloader that just works
- [**146**Star][4m] [Py] [ridter/cve-2019-1040](https://github.com/ridter/cve-2019-1040) CVE-2019-1040 with Exchange
- [**146**Star][2m] [Assembly] [ricardojrdez/anti-analysis-tricks](https://github.com/ricardojrdez/anti-analysis-tricks) Bunch of techniques potentially used by malware to detect analysis environments
- [**146**Star][13d] [Py] [rastrea2r/rastrea2r](https://github.com/rastrea2r/rastrea2r) Collecting & Hunting for IOCs with gusto and style
- [**146**Star][9d] [HTML] [mxk/win10-secure-baseline-gpo](https://github.com/mxk/win10-secure-baseline-gpo) Windows 10 and Server 2016 Secure Baseline Group Policy
- [**146**Star][4m] [Py] [misp/misp-modules](https://github.com/misp/misp-modules) Modules for expansion services, import and export in MISP
- [**146**Star][2m] [Shell] [madmantm/ubuntu-pentest-tools](https://github.com/madmantm/ubuntu-pentest-tools) Script to install security tools, on ubuntu, i follow each new releases.
- [**146**Star][18d] [Py] [igio90/uddbg](https://github.com/igio90/uddbg) A gdb like debugger that provide a runtime env to unicorn emulator and additionals features!
- [**146**Star][14d] [JS] [h3xstream/burp-retire-js](https://github.com/h3xstream/burp-retire-js) Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
- [**146**Star][2y] [C] [geosn0w/osiris-jailbreak](https://github.com/geosn0w/osiris-jailbreak) An incomplete iOS 11.2 -> iOS 11.3.1 Jailbreak
- [**146**Star][15d] [C] [gentilkiwi/wanadecrypt](https://github.com/gentilkiwi/wanadecrypt) A decryptor for Wanacry (you need the private key!)
- [**146**Star][16d] [C++] [f4exb/dsdcc](https://github.com/f4exb/dsdcc) Digital Speech Decoder (DSD) rewritten as a C++ library
- [**146**Star][2m] [C] [esxgx/easy-ecc](https://github.com/esxgx/easy-ecc) Simple and secure ECC and ECDSA
- [**146**Star][15d] [ellerbrock/docker-security-images](https://github.com/ellerbrock/docker-security-images) 
- [**146**Star][4y] [C] [dismantl/improvedreflectivedllinjection](https://github.com/dismantl/improvedreflectivedllinjection) An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
- [**146**Star][13d] [Py] [cyberark/shimit](https://github.com/cyberark/shimit) A tool that implements the Golden SAML attack
- [**146**Star][3m] [Py] [containers/udica](https://github.com/containers/udica) This repository contains a tool for generating SELinux security profiles for containers
- [**146**Star][15d] [Py] [commoncrawl/cc-mrjob](https://github.com/commoncrawl/cc-mrjob) Demonstration of using Python to process the Common Crawl dataset with the mrjob framework
- [**146**Star][3y] [chan9390/awesome-mitm](https://github.com/chan9390/awesome-mitm) Curated List of MitM frameworks on GitHub
- [**146**Star][22d] [Lua] [bobsayshilol/luajit-decomp](https://github.com/bobsayshilol/luajit-decomp) LuaJIT decompiler
- [**146**Star][4y] [JS] [atiger77/dionaea](https://github.com/atiger77/dionaea) 基于Docker的蜜罐系统
- [**146**Star][1m] [aqzt/sso](https://github.com/aqzt/sso) 项目主要是汇集整理服务器安全运维规范，包括运维工程师必须遵守的规范、服务器运维中注意事项、故障避免手段等文档，帮助运维工程师避免服务器安全和运维故障，方便运维工程师学习成长。
- [**146**Star][19d] [Py] [andresriancho/race-condition-exploit](https://github.com/andresriancho/race-condition-exploit) Tool to help with the exploitation of web application race conditions
- [**146**Star][1y] [Py] [airbuscyber/grap](https://github.com/airbuscyber/grap) define and match graph patterns within binaries
- [**146**Star][15d] [Go] [0xrawsec/whids](https://github.com/0xrawsec/whids) Open Source Endpoint Detection System for Windows
- [**145**Star][3y] [PHP] [zseano/inputscanner](https://github.com/zseano/inputscanner) 
- [**145**Star][4y] [Go] [cathalgarvey/sqrape](https://github.com/cathalgarvey/sqrape) Simple Query Scraping with CSS and Go Reflection (MOVED to Gitlab)
- [**145**Star][1m] [JS] [aquigorka/webrtc-qr](https://github.com/aquigorka/webrtc-qr) WebRTC Connect Experiment -
- [**145**Star][10d] [Go] [gnur/demeter](https://github.com/gnur/demeter) Demeter is a tool for scraping the calibre web ui
- [**145**Star][5m] [ObjC] [project-imas/security-check](https://github.com/project-imas/security-check) Application level, attached debug detect and jailbreak checking
- [**145**Star][12d] [TS] [ediardo/kmdr-cli](https://github.com/ediardo/kmdr-cli) 
- [**145**Star][13d] [Py] [unfetter-discover/unfetter-analytic](https://github.com/unfetter-discover/unfetter-analytic) a framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine (Windows 7) and performing CAR analytics to detect potential adversary activity
- [**145**Star][12d] [Haskell] [luxmiranda/herms](https://github.com/LuxMiranda/herms) a Haskell-based Recipe Manager (yes, food recipes) for the command line
- [**145**Star][10d] [Rust] [zcash/librustzcash](https://github.com/zcash/librustzcash) Rust-language assets for Zcash
- [**145**Star][3y] [C] [yepher/razberry](https://github.com/yepher/razberry) Notes About ZWave and RazBerry
- [**145**Star][11d] [wufengxue/android-reverse](https://github.com/wufengxue/android-reverse) 安卓逆向工具汇总 / Awsome Android Reverse Tools
- [**145**Star][13d] [JS] [usscltd/dorks](https://github.com/usscltd/dorks) google hack database automation tool
- [**145**Star][8m] [Py] [usableprivacy/upribox](https://github.com/usableprivacy/upribox) Usable Privacy Box
- [**145**Star][1m] [Go] [target/portauthority](https://github.com/target/portauthority) API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities
- [**145**Star][1m] [C++] [talos-vulndev/afl-dyninst](https://github.com/talos-vulndev/afl-dyninst) American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
- [**145**Star][8m] [Ruby] [seattlerb/ruby2ruby](https://github.com/seattlerb/ruby2ruby) a means of generating pure ruby code easily from RubyParser compatible
- [**145**Star][2m] [Shell] [projectatomic/container-storage-setup](https://github.com/projectatomic/container-storage-setup) Service to set up storage for Docker and other container systems
- [**145**Star][1m] [C++] [nitram2342/degate](https://github.com/nitram2342/degate) Open source software for chip reverse engineering.
- [**145**Star][11d] [HTML] [momenbasel/keyfinder](https://github.com/momenbasel/keyfinder) Keyfinder
- [**145**Star][7m] [R] [mlsecproject/tiq-test](https://github.com/mlsecproject/tiq-test) Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds
- [**145**Star][10d] [Shell] [maravento/blackweb](https://github.com/maravento/blackweb) Blacklist for Squid
- [**145**Star][3y] [PHP] [laurent22/so-sql-injections](https://github.com/laurent22/so-sql-injections) SQL injection vulnerabilities in Stack Overflow PHP questions
- [**145**Star][27d] [Go] [lanrat/certgraph](https://github.com/lanrat/certgraph) 抓取 SSL 证书并创建有向图, 图中每个域都是一个节点, 域的证书的替代名称作为节点的边
- [**145**Star][2m] [l3m0n/linux_information](https://github.com/l3m0n/linux_information) 自动化收集linux信息
- [**145**Star][5m] [JS] [koenkivits/x-nes](https://github.com/koenkivits/x-nes) A NES emulator web component
- [**145**Star][1m] [Shell] [kirovair/delectra](https://github.com/kirovair/delectra) An uninstaller script for Coolstars' Electra iOS 11.0 - 11.1.2 jailbreak.
- [**145**Star][2m] [Java] [joshjdevl/libsodium-jni](https://github.com/joshjdevl/libsodium-jni) (Android) Networking and Cryptography Library (NaCL) JNI binding. JNI is utilized for fastest access to native code. Accessible either in Android or Java application. Uses SWIG to generate Java JNI bindings. SWIG definitions are extensible to other languages.
- [**145**Star][12d] [C] [johnath/beep](https://github.com/johnath/beep) beep is a command line tool for linux that beeps the PC speaker
- [**145**Star][9m] [Gherkin] [iphoting/ovpnmcgen.rb](https://github.com/iphoting/ovpnmcgen.rb) An OpenVPN iOS Configuration Profile (.mobileconfig) Utility—Configures OpenVPN for use with VPN-on-Demand that are not exposed through Apple Configurator 2.
- [**145**Star][19d] [Py] [iphelix/ida-sploiter](https://github.com/iphelix/ida-sploiter) a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's capabilities as an exploit development and vulnerability research tool.
- [**145**Star][11d] [C] [guillem96/argon-nx](https://github.com/guillem96/argon-nx) an immutable payload which is injected to your Nintendo Switch via Fusee Gelee exploit.
- [**145**Star][2m] [C] [glv2/bruteforce-luks](https://github.com/glv2/bruteforce-luks) Try to find the password of a LUKS encrypted volume.
- [**145**Star][11d] [JS] [fransr/template-generator](https://github.com/fransr/template-generator) A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates.
- [**145**Star][3m] [Go] [facebookincubator/nvdtools](https://github.com/facebookincubator/nvdtools) A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)
- [**145**Star][4m] [JS] [exodusintel/chromium-941743](https://github.com/exodusintel/chromium-941743) Chrome v8 1Day Exploit by István Kurucsai
- [**145**Star][1y] [Py] [dlcowen/fseventsparser](https://github.com/dlcowen/fseventsparser) Parser for OSX/iOS FSEvents Logs
- [**145**Star][1y] [Py] [danieliu/play-scraper](https://github.com/danieliu/play-scraper) A web scraper to retrieve application data from the Google Play Store.
- [**145**Star][14d] [PS] [cyberark/ketshash](https://github.com/cyberark/ketshash) 基于事件查看器日志,检测可疑的特权 NTLM 连接, 尤其是 Pass-The-Hash 攻击
- [**145**Star][1m] [C] [covertcodes/freqwatch](https://github.com/covertcodes/freqwatch) Keep track of the airwaves with RTL-SDR; snoop and capture everything into a DB
- [**145**Star][4m] [Py] [bo0om/parampampam](https://github.com/bo0om/parampampam)  brute discover GET and POST parameters.
- [**145**Star][1y] [Py] [bignerd95/winboxexploit](https://github.com/bignerd95/winboxexploit) Proof of Concept of Winbox Critical Vulnerability
- [**145**Star][2m] [JS] [ben174/hsts-cookie](https://github.com/ben174/hsts-cookie) Creates a HSTS Supercookie to fingerprint a browser
- [**145**Star][18d] [Py] [alephsecurity/firehorse](https://github.com/alephsecurity/firehorse) 漏洞开发与利用之: 在紧急加载模式(EDM,Emergency Download Mode)下刷机时使用的固件包(高通)
- [**144**Star][10d] [Py] [blackarrowsec/pivotnacci](https://github.com/blackarrowsec/pivotnacci) A tool to make socks connections through HTTP agents
- [**144**Star][5m] [PS] [pkisolutions/pspki](https://github.com/pkisolutions/pspki) PowerShell PKI Module
- [**144**Star][17d] [Go] [capitalone/fpe](https://github.com/capitalone/fpe) A format-preserving encryption implementation in Go
- [**144**Star][1m] [Shell] [starttoaster/docker-traefik](https://github.com/starttoaster/docker-traefik) Script to setup Traefik reverse-proxy in Docker with Compose
- [**144**Star][1m] [Ruby] [yahooarchive/rtrace](https://github.com/yahooarchive/rtrace) Rtrace is an x86/x86_64 native code debugger written in Ruby with zero dependencies
- [**144**Star][4m] [PS] [vysecurity/aggressor-vysec](https://github.com/vysecurity/Aggressor-VYSEC) CobaltStrike Aggressor Scripts
- [**144**Star][23d] [Shell] [tacticthreat/penetrationtesting-notes](https://github.com/tacticthreat/PenetrationTesting-Notes) Penetration Testing Notes and Playbook (PTP)
- [**144**Star][11d] [C++] [ajayrandhawa/keylogger](https://github.com/ajayrandhawa/Keylogger) Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Blackcat keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
- [**144**Star][14d] [nsacyber/unfetter](https://github.com/nsacyber/unfetter) Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber
- [**144**Star][2y] [Py] [youngyangyang04/nosqlattack](https://github.com/youngyangyang04/nosqlattack) NoSQLAttack is an open source Python tool to automate exploit MongoDB server IP on Internet and disclose the database data by MongoDB default configuration weaknesses and injection attacks.
- [**144**Star][4m] [C] [valdikss/p0f-mtu](https://github.com/valdikss/p0f-mtu) p0f with patches to save MTU value and export it via API (for VPN detection)
- [**144**Star][11d] [C++] [thefox/keylogger](https://github.com/thefox/keylogger) Keylogger for Windows.
- [**144**Star][11d] [Shell] [tenable/router_badusb](https://github.com/tenable/router_badusb) BadUSB in Routers
- [**144**Star][5m] [Rust] [system76/firmware-update](https://github.com/system76/firmware-update) System76 Firmware Update Utility
- [**144**Star][2m] [Py] [shengqi158/pyvulhunter](https://github.com/shengqi158/pyvulhunter) python audit tool 审计 注入 inject
- [**144**Star][4y] [CSS] [sensepost/jack](https://github.com/sensepost/jack) Drag and Drop ClickJacking PoC development assistance tool.
- [**144**Star][4m] [Py] [safebreach-labs/pacdoor](https://github.com/safebreach-labs/pacdoor) Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File
- [**144**Star][3y] [C] [rodionovd/liblorgnette](https://github.com/rodionovd/liblorgnette) Interprocess dlsym() for OS X & iOS
- [**144**Star][25d] [Py] [redaelli/imago-forensics](https://github.com/redaelli/imago-forensics) a python tool that extract digital evidences from images.
- [**144**Star][4m] [PHP] [openzipkin/zipkin-php](https://github.com/openzipkin/zipkin-php) official PHP Tracer implementation for Zipkin
- [**144**Star][15d] [ObjC] [objective-see/sniffmk](https://github.com/objective-see/sniffmk) sniff mouse and keyboard events
- [**144**Star][4m] [C++] [nettitude/simplepeloader](https://github.com/nettitude/simplepeloader) In-Memory PE Loader
- [**144**Star][9m] [Py] [nccgroup/umap2](https://github.com/nccgroup/umap2) Umap2 is the second revision of NCC Group's python based USB host security assessment tool.
- [**144**Star][17d] [Go] [kubernetes/kube-aggregator](https://github.com/kubernetes/kube-aggregator) Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy
- [**144**Star][1m] [kevinsbobo/cheat-sheet](https://github.com/kevinsbobo/cheat-sheet) 速查表包括了 Vim, Git, Shell, Gcc, Gdb 常用命令及快捷键
- [**144**Star][2m] [PHP] [k4mpr3t/b4tm4n](https://github.com/k4mpr3t/b4tm4n) Php webshell
- [**144**Star][2y] [Py] [jrbancel/chromagnon](https://github.com/jrbancel/chromagnon) Chrome/Chromium Forensic Tool : Parses History, Visited Links, Downloaded Files and Cache
- [**144**Star][2y] [ObjC] [jiangbolee/changelocation](https://github.com/jiangbolee/changelocation) 改变自己的定位地址(免越狱打卡)
- [**144**Star][2m] [Java] [isstac/kelinci](https://github.com/isstac/kelinci) AFL-based fuzzing for Java
- [**144**Star][2m] [Py] [integrity-sa/burpcollaborator-docker](https://github.com/integrity-sa/burpcollaborator-docker) a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate
- [**144**Star][11d] [Py] [infosec-au/enumxff](https://github.com/infosec-au/enumxff) Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
- [**144**Star][2y] [C++] [hjc4869/uacbypass](https://github.com/hjc4869/uacbypass) A demo to bypass windows 10 default UAC configuration using IFileOperation and dll hijacking
- [**144**Star][3m] [C] [hfiref0x/wdextract](https://github.com/hfiref0x/wdextract) Extract Windows Defender database from vdm files and unpack it
- [**144**Star][15d] [PHP] [gwen001/s3-buckets-finder](https://github.com/gwen001/s3-buckets-finder) Find aws s3 buckets and extract datas.
- [**144**Star][3m] [C++] [guidovranken/libfuzzer-gv](https://github.com/guidovranken/libfuzzer-gv) enhanced fork of libFuzzer
- [**144**Star][9d] [CSS] [gbrindisi/wordpot](https://github.com/gbrindisi/wordpot) A Wordpress Honeypot
- [**144**Star][10d] [JS] [feross/cs253.stanford.edu](https://github.com/feross/cs253.stanford.edu) CS 253 Web Security course at Stanford University
- [**144**Star][24d] [Go] [fanpei91/gap-proxy](https://github.com/fanpei91/gap-proxy) gap-proxy 是一个加速网络的 SOCKS5 安全代理工具。
- [**144**Star][16d] [Shell] [europa502/sharp](https://github.com/europa502/sharp) An anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.
- [**144**Star][30d] [Py] [ethanhs/pyhooked](https://github.com/ethanhs/pyhooked) Pure Python hotkey hook, with thanks to pyHook and pyhk
- [**144**Star][12d] [enovella/r2frida-wiki](https://github.com/enovella/r2frida-wiki) This repo aims at providing practical examples on how to use r2frida
- [**144**Star][4m] [PS] [empireproject/psinject](https://github.com/empireproject/psinject) Inject PowerShell into any process
- [**144**Star][4m] [ObjC] [eddyverbruggen/sslcertificatechecker-phonegap-plugin](https://github.com/eddyverbruggen/sslcertificatechecker-phonegap-plugin) 
- [**144**Star][21d] [Swift] [danleechina/mixplaintext](https://github.com/danleechina/mixplaintext) 可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆，提高逆向分析难度。
- [**144**Star][10d] [JS] [crowdstrike/falcon-orchestrator](https://github.com/crowdstrike/falcon-orchestrator) CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities
- [**144**Star][4m] [C] [coolervoid/hiddenwall](https://github.com/coolervoid/hiddenwall) Tool to generate a Linux kernel module for custom rules with Netfilter hooking. (block ports, Hidden mode, functions to protect etc)
- [**144**Star][3m] [Py] [codexgigassys/codex-backend](https://github.com/codexgigassys/codex-backend) Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in malware hunting.
- [**144**Star][3m] [C#] [chrisnas/debuggingextensions](https://github.com/chrisnas/debuggingextensions) Host of debugging-related extensions such as post-mortem tools or WinDBG extensions
- [**144**Star][2y] [Py] [c0r3dump3d/osueta](https://github.com/c0r3dump3d/osueta) A simple Python script to exploit the OpenSSH User Enumeration Timing Attack.
- [**144**Star][3m] [Shell] [beta-tester/rpi-pxe-server](https://github.com/beta-tester/rpi-pxe-server) setup a Raspberry Pi as an PXE-Server
- [**144**Star][2m] [Py] [balidani/tinyctf-platform](https://github.com/balidani/tinyctf-platform) Yet another CTF platform
- [**144**Star][12d] [Py] [andreafioraldi/angrgdb](https://github.com/andreafioraldi/angrgdb) Use angr inside GDB. Create an angr state from the current debugger state.
- [**144**Star][4m] [C] [alephsecurity/xnu-qemu-arm64](https://github.com/alephsecurity/xnu-qemu-arm64) 
- [**144**Star][2m] [Shell] [adi90x/rancher-active-proxy](https://github.com/adi90x/rancher-active-proxy) All in one active reverse proxy for Rancher ! For Kubernetes :
- [**144**Star][2y] [Py] [aatlasis/chiron](https://github.com/aatlasis/chiron)  An IPv6 Security Assessment framework with advanced IPv6 Extension Headers manipulation capabilities.
- [**144**Star][18d] [Py] [3xpl017/netpwn](https://github.com/3xpl017/netpwn) Tool made to automate tasks of pentesting.
- [**143**Star][7d] [HTML] [jakobzhao/virus](https://github.com/jakobzhao/virus) Noval Coronavirus Infection Map
- [**143**Star][4m] [Py] [lwzsoviet/noxss](https://github.com/lwzsoviet/noxss) Faster xss scanner,support reflected-xss and dom-xss
- [**143**Star][12d] [gwlim/openwrt-sfe-flowoffload](https://github.com/gwlim/openwrt-sfe-flowoffload) Openwrt firmware with SFE and FlowOffload
- [**143**Star][15d] [Py] [n1nj4sec/mimipy](https://github.com/n1nj4sec/mimipy) port of mimipenguin.sh in python with some additional protection features
- [**143**Star][2m] [JS] [urinx/browspy](https://github.com/urinx/browspy) 浏览器用户全部信息收集js
- [**143**Star][2m] [ObjC] [etsy/bughunt-ios](https://github.com/etsy/bughunt-ios) 
- [**143**Star][10d] [C++] [hmbsbige/getcndomainsandipv4](https://github.com/hmbsbige/getcndomainsandipv4) 获取国内 IP 和域名，生成路由表和 PAC 文件
- [**143**Star][5m] [Py] [we5ter/gsdf](https://github.com/We5ter/GSDF) 基于谷歌SSL透明证书的子域名查询工具
- [**143**Star][10d] [Julia] [alertot/detectem](https://github.com/alertot/detectem) detect software and its version on websites.
- [**143**Star][19d] [Java] [tomsteele/burpbuddy](https://github.com/tomsteele/burpbuddy) burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any language without the restrictions of the JVM
- [**143**Star][11d] [Py] [zxlie/website-ssl.sh](https://github.com/zxlie/website-ssl.sh) 低门槛跨入Https大门！网站ssl证书自动生成工具（http到https的转变），燥起来吧！
- [**143**Star][11d] [Go] [storyicon/golang-proxy](https://github.com/storyicon/golang-proxy) Golang version of proxy mining tool with evaluation system
- [**143**Star][22d] [Dockerfile] [shuhaoliu/docker-clion-dev](https://github.com/shuhaoliu/docker-clion-dev) Debugging C++ in a Docker Container with CLion IDE
- [**143**Star][3y] [HTML] [secmob/badkernel](https://github.com/secmob/badkernel) Full exploit of CVE-2016-6754(BadKernel) and slide of SyScan360 2016
- [**143**Star][16d] [Py] [scrapinghub/scrapy-training](https://github.com/scrapinghub/scrapy-training) Scrapy Training companion code
- [**143**Star][3y] [C] [salls/kernel-exploits](https://github.com/salls/kernel-exploits) Some kernel exploits
- [**143**Star][12d] [Go] [saferwall/saferwall](https://github.com/saferwall/saferwall) A hackable malware sandbox for the 21st Century
- [**143**Star][2y] [Py] [ridter/rtf_11882_0802](https://github.com/ridter/rtf_11882_0802) PoC for CVE-2018-0802 And CVE-2017-11882
- [**143**Star][4m] [Java] [rani-i/mi365locker](https://github.com/rani-i/mi365locker) Xiaomi Mi365 Scooter locker
- [**143**Star][5m] [Erlang] [random-liu/erlang-in-docker](https://github.com/random-liu/erlang-in-docker) Enable connection between Erlang VMs from different docker containers on different hosts by reimplementing the distributed connection protocol used by net_kernel.
- [**143**Star][4m] [CMake] [pothosware/pothossdr](https://github.com/pothosware/pothossdr) Pothos SDR windows development environment
- [**143**Star][1y] [Py] [payloadsecurity/vxapi](https://github.com/payloadsecurity/vxapi) A generic interface and CLI for all endpoints of the Falcon Sandbox API
- [**143**Star][1m] [HTML] [nusenu/ansible-relayor](https://github.com/nusenu/ansible-relayor) An Ansible Role for Tor Relay Operators
- [**143**Star][3y] [C] [mdsecresearch/publications](https://github.com/mdsecresearch/publications) A list of published research documents
- [**143**Star][17d] [Java] [lorenzoongithub/nudge4j](https://github.com/lorenzoongithub/nudge4j) Get inside your JVM
- [**143**Star][2y] [laxa/hackingtools](https://github.com/laxa/hackingtools) Exhaustive list of hacking tools
- [**143**Star][7d] [Go] [l3m0n/whatweb](https://github.com/l3m0n/whatweb) 更快速的进行Web应用指纹识别
- [**143**Star][23d] [Tcl] [koto/mosquito](https://github.com/koto/mosquito) XSS exploitation tool - access victims through HTTP proxy
- [**143**Star][1m] [Go] [jordan-wright/elastichoney](https://github.com/jordan-wright/elastichoney) A Simple Elasticsearch Honeypot
- [**143**Star][12d] [C#] [jitbit/aspnetsaml](https://github.com/jitbit/aspnetsaml) Very simple SAML 2.0 consumer module for ASP.NET/C#
- [**143**Star][3m] [Py] [jaxbcd/zeebsploit](https://github.com/jaxbcd/zeebsploit) web scanner - exploitation - information gathering
- [**143**Star][27d] [Py] [jas502n/cve-2019-2618](https://github.com/jas502n/cve-2019-2618) Weblogic Upload Vuln(Need username password)-CVE-2019-2618
- [**143**Star][1m] [Py] [itskindred/moddetective](https://github.com/itskindred/moddetective) modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity.
- [**143**Star][13d] [C] [isc-projects/bind9](https://github.com/isc-projects/bind9) a complete, highly portable implementation of the DNS (Domain Name System) protocol.
- [**143**Star][29d] [Java] [gnaixx/hidex-hack](https://github.com/gnaixx/hidex-hack) anti reverse by hack dex file
- [**143**Star][12d] [JS] [gasman/jsspeccy2](https://github.com/gasman/jsspeccy2) Ground-up rewrite of the Javascript Spectrum emulator
- [**143**Star][10d] [Py] [flosell/trailscraper](https://github.com/flosell/trailscraper) A command-line tool to get valuable information out of AWS CloudTrail
- [**143**Star][2y] [PHP] [drego85/ddos-php-script](https://github.com/drego85/ddos-php-script) Script to perform a DoS or DDoS UDP Flood by PHP
- [**143**Star][1m] [C] [drahnr/oregano](https://github.com/drahnr/oregano) Schematic capture and circuit simulator
- [**143**Star][14d] [Perl] [davisjam/vuln-regex-detector](https://github.com/davisjam/vuln-regex-detector) Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
- [**143**Star][1y] [C] [cloudflare/pmtud](https://github.com/cloudflare/pmtud) Path MTU daemon - broadcast lost ICMP packets on ECMP networks
- [**143**Star][10d] [Go] [cloudflare/certmgr](https://github.com/cloudflare/certmgr) Automated certificate management using a CFSSL CA.
- [**143**Star][10d] [Py] [cisco-talos/fnc-1](https://github.com/cisco-talos/fnc-1) Fake News Challenge
- [**143**Star][3y] [Java] [chora10/fuzzdomain](https://github.com/chora10/fuzzdomain) FuzzDomain
- [**143**Star][2m] [Py] [cboesecurity/password_pwncheck](https://github.com/cboesecurity/password_pwncheck) Kerberos / Windows AD / Linux PAM password change check against breached lists (HIBP), and other rules
- [**143**Star][4m] [Py] [cbhue/pyfuscation](https://github.com/cbhue/pyfuscation) Obfuscate powershell scripts by replacing Function names, Variables and Parameters.
- [**143**Star][4m] [Shell] [capt-meelo/lazyrecon](https://github.com/capt-meelo/lazyrecon) An automated approach to performing recon for bug bounty hunting and penetration testing.
- [**143**Star][22d] [Py] [ashdnazg/pyreshark](https://github.com/ashdnazg/pyreshark) A Wireshark plugin providing a simple interface for writing dissectors in Python.
- [**143**Star][10d] [Assembly] [antoniond/gbt-player](https://github.com/antoniond/gbt-player) A music player library for Game Boy.
- [**143**Star][3y] [Visual Basic .NET] [alibawazeeer/rat-njrat-0.7d-modded-source-code](https://github.com/alibawazeeer/rat-njrat-0.7d-modded-source-code) NJR
- [**143**Star][25d] [0xghostwriter/public](https://github.com/0xghostwriter/public) stuff i'm willing to share with the world lol
- [**142**Star][10d] [Java] [graxcode/threadtear](https://github.com/graxcode/threadtear) Multifunctional java deobfuscation tool suite
- [**142**Star][3m] [C++] [progerxp/notepad2e](https://github.com/progerxp/notepad2e) Notepad2 eXtended – word highlighting, simultaneous editing, math evaluation, un/grep, UAC elevation, complete regexps (PCRE), DPI awareness and more (XP+)
- [**142**Star][3m] [C] [antoniococo/mapping-injection](https://github.com/antoniococo/mapping-injection) Just another Windows Process Injection
- [**142**Star][19d] [Rust] [quininer/tokio-rustls](https://github.com/quininer/tokio-rustls) Asynchronous TLS/SSL streams for Tokio using Rustls.
- [**142**Star][20d] [Py] [sensiblecodeio/scraperwiki-python](https://github.com/sensiblecodeio/scraperwiki-python) ScraperWiki Python library for scraping and saving data
- [**142**Star][1m] [Rust] [quininer/sarkara](https://github.com/quininer/sarkara) [unmaintenance] A experimental post-quantum cryptography library
- [**142**Star][19d] [C#] [robthree/twofactorauth.net](https://github.com/robthree/twofactorauth.net) .Net library for Two Factor Authentication (TFA / 2FA)
- [**142**Star][15d] [Shell] [g666gle/basequery](https://github.com/g666gle/basequery) BaseQuery is a way to organize public combo-lists and data breaches in a way that you can easily search through, giving you better insight into your exposure online.
- [**142**Star][4m] [Py] [kkevsterrr/geneva](https://github.com/kkevsterrr/geneva) client-side censorship evasion engine from the Geneva AI
- [**142**Star][8m] [JS] [demandio/ember-prerender](https://github.com/demandio/ember-prerender) Make your Ember.js web apps crawlable by rendering static HTML on the server.
- [**142**Star][1y] [Shell] [vcheckzen/familycloudspeederinshell](https://github.com/vcheckzen/familycloudspeederinshell) [ 天翼家庭云/天翼云盘提速 Shell 版 ] A Shell Implementation of FamilyCloudSpeeder, ESurfing
- [**142**Star][21d] [Dockerfile] [theonemule/docker-waf](https://github.com/theonemule/docker-waf) An NGINX and ModSecurity based Web Application Firewall for Docker
- [**142**Star][12d] [Shell] [takeshixx/redstar-tools](https://github.com/takeshixx/redstar-tools) Tools for Red Star OS (붉은별)
- [**142**Star][8m] [HTML] [sundaysec/android-exploits](https://github.com/sundaysec/android-exploits) A collection of android Exploits and Hacks
- [**142**Star][16d] [Py] [sumanj/frankencert](https://github.com/sumanj/frankencert) Adversarial Testing of Certificate Validation in SSL/TLS Implementations
- [**142**Star][4m] [PHP] [spidermate/b-xssrf](https://github.com/spidermate/b-xssrf) Toolkit to detect and keep track on Blind XSS, XXE & SSRF
- [**142**Star][15d] [Java] [secarmalabs/psychopath](https://github.com/secarmalabs/psychopath) psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & web file upload implementations allowing to write files into the webroot (aka document root). The "blind" aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source …
- [**142**Star][5y] [Shell] [s7ephen/osx-sandbox--seatbelt--profiles](https://github.com/s7ephen/osx-sandbox--seatbelt--profiles) A repository for configuration profiles for OSX's Seatbelt Application Sandbox
- [**142**Star][20d] [Py] [nviso-be/binsnitch](https://github.com/nviso-be/binsnitch) Detect silent (unwanted) changes to files on your system
- [**142**Star][2m] [Py] [mtivadar/qiew](https://github.com/mtivadar/qiew) Home of Qiew - Reverse engineering tool
- [**142**Star][14d] [JS] [mazen160/xless](https://github.com/mazen160/xless) The Serverless Blind XSS App
- [**142**Star][10m] [PS] [leechristensen/random](https://github.com/leechristensen/random) Assorted scripts and one off things
- [**142**Star][6m] [PS] [lazywinadmin/adsips](https://github.com/lazywinadmin/adsips) PowerShell module to interact with Active Directory using ADSI and the System.DirectoryServices namespace (.NET Framework)
- [**142**Star][4m] [ObjC] [icepa/tor.framework](https://github.com/icepa/tor.framework) Tor framework for the iCepa project
- [**142**Star][25d] [HTML] [hexgolems/schem](https://github.com/hexgolems/schem) A debugger frontend
- [**142**Star][14d] [C++] [hasherezade/tiny_tracer](https://github.com/hasherezade/tiny_tracer) A Pin Tool for tracing API calls etc
- [**142**Star][2y] [Py] [gumblex/ptproxy](https://github.com/gumblex/ptproxy) Turn any pluggable transport for Tor into an obfuscating TCP tunnel.
- [**142**Star][10d] [Py] [forth-ics-inspire/artemis](https://github.com/forth-ics-inspire/artemis) ARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking. This is the main ARTEMIS repository that composes artemis-frontend, artemis-backend, artemis-monitor and other needed containers.
- [**142**Star][14d] [C] [eterna1/puszek-rootkit](https://github.com/eterna1/puszek-rootkit) linux rootkit
- [**142**Star][4y] [Batchfile] [eliteandroidapps/whatsapp-key-db-extractor](https://github.com/eliteandroidapps/whatsapp-key-db-extractor) Allows WhatsApp users to extract their cipher key and databases on non-rooted Android devices.
- [**142**Star][12m] [C] [dzzie/scdbg](https://github.com/dzzie/scdbg) note: current build is VS_LIBEMU project. This cross platform gcc build is for Linux users but is no longer updated. modification of the libemu sctest project to add basic debugger capabilities and more output useful for manual RE. The newer version will run under WINE
- [**142**Star][2y] [Py] [duoergun0729/3book](https://github.com/duoergun0729/3book) 《Web安全之强化学习与GAN》
- [**142**Star][2y] [C] [dots-tb/lolicon](https://github.com/dots-tb/lolicon) Small vita shell ran from kernel that allows for actual overclocking
- [**142**Star][18d] [Py] [csirtgadgets/bearded-avenger](https://github.com/csirtgadgets/bearded-avenger) CIF v3 -- the fastest way to consume threat intelligence
- [**142**Star][2y] [Py] [codypierce/hackers-grep](https://github.com/codypierce/hackers-grep) hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols
- [**142**Star][19d] [Go] [cloudflare/cfssl_trust](https://github.com/cloudflare/cfssl_trust) CFSSL's CA trust store repository
- [**142**Star][14d] [Py] [byt3bl33d3r/sslstrip2](https://github.com/byt3bl33d3r/sslstrip2) A mirror of the original SSLstrip+ code by Leonardo Nve
- [**142**Star][4y] [Py] [blackye/jenkins](https://github.com/blackye/jenkins) Jenkins漏洞探测、用户抓取爆破
- [**142**Star][11d] [Scala] [azure/azure-cosmosdb-spark](https://github.com/azure/azure-cosmosdb-spark) Apache Spark Connector for Azure Cosmos DB
- [**142**Star][22d] [Go] [aprosvetova/xiaomi-kettle](https://github.com/aprosvetova/xiaomi-kettle) Xiaomi Kettle BLE protocol reverse-engineered
- [**142**Star][7m] [anurse/git-credential-winstore](https://github.com/anurse/git-credential-winstore) Little app for use as a HTTPS Credential Cache helper that uses the Windows Credential Store.
- [**142**Star][4m] [C#] [3xpl01tc0d3r/processinjection](https://github.com/3xpl01tc0d3r/processinjection) This program is designed to demonstrate various process injection techniques
- [**141**Star][12d] [Py] [kevinzg/facebook-scraper](https://github.com/kevinzg/facebook-scraper) Scrape Facebook public pages without an API key
- [**141**Star][15d] [Jupyter Notebook] [jin10086/pachong](https://github.com/jin10086/pachong) 一些爬虫的代码
- [**141**Star][21d] [C] [devicehive/esp8266-firmware](https://github.com/devicehive/esp8266-firmware) DeviceHive esp8266 firmware. Control hardware via clouds with DeviceHive!
- [**141**Star][10d] [Py] [wenhaoliang/netease-music-spider](https://github.com/wenhaoliang/netease-music-spider) netease-music-spider is a sipder that you can find beautiful girlfriend or handsome boyfriend.
- [**141**Star][2m] [Java] [nationalsecurityagency/emissary](https://github.com/nationalsecurityagency/emissary) Distributed P2P Data-driven Workflow Framework
- [**141**Star][3m] [JS] [spongenobody/clashy](https://github.com/spongenobody/clashy) A GUI proxy client for Windows / Mac / Ubuntu Desktop based on Clash and Electron. Windows / Mac / Ubuntu 适用的Clash客户端.
- [**141**Star][10d] [sectool/redteam-hardware-toolkit](https://github.com/sectool/redteam-hardware-toolkit) 
- [**141**Star][2y] [HTML] [xhak9x/socialphish](https://github.com/xhak9x/socialphish) The most complete Phishing Tool, with 32 templates +1 customizable
- [**141**Star][5y] [PHP] [veerupandey/penetration-testing-toolkit](https://github.com/veerupandey/penetration-testing-toolkit) A web interface to automate Scanning, Generating metasploit payload, Network Testing,Exploring CMS,Information Gathering and much more
- [**141**Star][13d] [thetorproject/gettorbrowser](https://github.com/thetorproject/gettorbrowser) This is a repository to provide links for downloading Tor Browser from Github.
- [**141**Star][12m] [Py] [tarlogicsecurity/chankro](https://github.com/tarlogicsecurity/chankro) Herramienta para evadir disable_functions y open_basedir
- [**141**Star][28d] [Rust] [shnatsel/libdiffuzz](https://github.com/shnatsel/libdiffuzz) Custom memory allocator that helps discover reads from uninitialized memory
- [**141**Star][4m] [Py] [shieldersec/webtech](https://github.com/shieldersec/webtech) Identify technologies used on websites.
- [**141**Star][3y] [Py] [sarah314/spypi](https://github.com/sarah314/spypi) An (un-)ethical hacking-station based on Raspberry Pi and Python
- [**141**Star][5y] [Java] [retme7/cve-2014-7911_poc](https://github.com/retme7/cve-2014-7911_poc) Local root exploit for Nexus5 Android 4.4.4(KTU84P)
- [**141**Star][24d] [C++] [quarkslab/arybo](https://github.com/quarkslab/arybo) Manipulation, canonicalization and identification of mixed boolean-arithmetic symbolic expressions
- [**141**Star][1m] [C++] [pichi-router/pichi](https://github.com/pichi-router/pichi) Flexible Rule-Based Proxy
- [**141**Star][12m] [Py] [owasp/serverless-goat](https://github.com/owasp/serverless-goat) a serverless application demonstrating common serverless security flaws
- [**141**Star][1m] [PS] [nccgroup/accomplice](https://github.com/nccgroup/accomplice) Tools for discovery and abuse of COM hijacks
- [**141**Star][11d] [TeX] [misp/misp-training](https://github.com/misp/misp-training) MISP trainings, threat intel and information sharing training materials with source code
- [**141**Star][11d] [Go] [liudanking/quic-proxy](https://github.com/liudanking/quic-proxy) A http/https proxy using QUIC as transport layer
- [**141**Star][10d] [Py] [lightswitch05/hosts](https://github.com/lightswitch05/hosts) Hostfile blocklist for ads and tracking, updated regularly
- [**141**Star][11d] [C] [klsfct/getshell](https://github.com/klsfct/getshell) 各大平台提权工具
- [**141**Star][2m] [Shell] [junbaor/shell_script](https://github.com/junbaor/shell_script) 一键安装 shadowsocks，支持 chacha20-ietf-poly1305 加密方式
- [**141**Star][11d] [Java] [helios-decompiler/standalone-app](https://github.com/helios-decompiler/standalone-app) All-in-one Java reverse engineering tool
- [**141**Star][5m] [C++] [hasherezade/iat_patcher](https://github.com/hasherezade/iat_patcher) Persistent IAT hooking application - based on bearparser
- [**141**Star][24d] [C] [gkaindl/meltdown-poc](https://github.com/gkaindl/meltdown-poc) A quick PoC to try out the "meltdown" timing attack.
- [**141**Star][2m] [Py] [gawen/virustotal](https://github.com/gawen/virustotal) 
- [**141**Star][4m] [Java] [games647/fastlogin](https://github.com/games647/fastlogin) Checks if a minecraft player has a valid paid account. If so, they can skip offline authentication automatically. (premium auto login)
- [**141**Star][2m] [Py] [dzonerzy/acunetix_0day](https://github.com/dzonerzy/acunetix_0day) Acunetix 0day RCE
- [**141**Star][18d] [Ruby] [dry-rb/dry-auto_inject](https://github.com/dry-rb/dry-auto_inject) Container-agnostic constructor injection mixin
- [**141**Star][19d] [Py] [dionach/reposcanner](https://github.com/dionach/reposcanner) Python script to scan Git repos for interesting strings
- [**141**Star][2y] [PHP] [bugku/bwvs](https://github.com/bugku/bwvs) Web漏洞渗透测试靶场
- [**141**Star][16d] [Py] [armijnhemel/binaryanalysis-ng](https://github.com/armijnhemel/binaryanalysis-ng) Binary Analysis Next Generation (BANG)
- [**141**Star][12d] [Go] [aiportal/wechat-proxy](https://github.com/aiportal/wechat-proxy) 微信代理服务。提供简单易用的 HTTP 接口，简化微信公众号后台开发。
- [**140**Star][11d] [0xsha/sweetie-data](https://github.com/0xsha/sweetie-data) This repo contains logstash of various honeypots
- [**140**Star][2m] [PS] [dafthack/msolspray](https://github.com/dafthack/msolspray) A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
- [**140**Star][12d] [Shell] [hwdsl2/setup-ghost-blog](https://github.com/hwdsl2/setup-ghost-blog) Script to install your own Ghost blog, with Nginx and ModSecurity/Naxsi web application firewall. Supports multiple blogs.
- [**140**Star][10d] [Java] [littleredhat1997/crowdfunding](https://github.com/littleredhat1997/crowdfunding) 基于区块链（以太坊）技术的安全众筹系统
- [**140**Star][13d] [lyricyang/internet-recruiting-algorithm-problems](https://github.com/lyricyang/internet-recruiting-algorithm-problems) 《程序员代码面试指南》、公司招聘笔试题、《剑指Offer》、算法、数据结构
- [**140**Star][4m] [Py] [xyele/secretx](https://github.com/xyele/secretx) Extracting api keys and secrets by requesting each url at the your list.
- [**140**Star][1m] [C] [espressif/esp-gdbstub](https://github.com/espressif/esp-gdbstub) 
- [**140**Star][15d] [C] [seemoo-lab/bcm-rpi3](https://github.com/seemoo-lab/bcm-rpi3) DEPRECATED: Monitor Mode and Firmware patching framework for the Raspberry Pi 3, development moved to:
- [**140**Star][7m] [valvesoftware/steamworks-vr-api](https://github.com/valvesoftware/steamworks-vr-api) Source for the Steamworks VR API
- [**140**Star][19d] [PS] [dafthack/check-localadminhash](https://github.com/dafthack/check-localadminhash) Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It's useful if you obtain a password hash for a user and want to see where they are local admin on a network. It is essentially a Frankenstein of …
- [**140**Star][11d] [Go] [snail007/shadowtunnel](https://github.com/snail007/shadowtunnel) secure tunnel which help you protecting your tcp traffic between your machine and your service on remote.
- [**140**Star][8d] [Py] [boypt/vmess2json](https://github.com/boypt/vmess2json) Scripts parse vmess:// links into v2ray config json and vice versa.
- [**140**Star][1m] [Shell] [onmyway133/swiftsnippets](https://github.com/onmyway133/SwiftSnippets) A collection of Swift snippets to be used in Xcode 
- [**140**Star][2y] [C++] [vmcall/latebros](https://github.com/vmcall/latebros) x64 usermode rootkit
- [**140**Star][2m] [Bro] [crowdstrike/cs-bro](https://github.com/CrowdStrike/cs-bro) Bro scripts written by CrowdStrike Services
- [**140**Star][10d] [HTML] [mitre-attack/attack-website](https://github.com/mitre-attack/attack-website) MITRE ATT&CK Website
- [**140**Star][4y] [ObjC] [zhengmin1989/os-x-10.11.6-exp-via-pegasus](https://github.com/zhengmin1989/os-x-10.11.6-exp-via-pegasus) Local privilege escalation for OS X 10.11.6 via PEGASUS
- [**140**Star][21d] [C] [xvortex/ps4-hen-vtx](https://github.com/xvortex/ps4-hen-vtx) A fully implemented kernel exploit for the PS4 with HEN
- [**140**Star][25d] [C++] [xorrior/raven](https://github.com/xorrior/raven) CobaltStrike External C2 for Websockets
- [**140**Star][3y] [Py] [vvalien/sharpmeter](https://github.com/vvalien/sharpmeter) A Simple Way To Make Meterpreter Reverse Payloads
- [**140**Star][1m] [thec00n/smart-contract-honeypots](https://github.com/thec00n/smart-contract-honeypots) a collection of smart contract honeypots.
- [**140**Star][11d] [Go] [stefanoj3/dirstalk](https://github.com/stefanoj3/dirstalk) a multi threaded application designed to brute force paths on web servers.
- [**140**Star][9y] [stefanesser/ida-ios-toolkit](https://github.com/stefanesser/ida-ios-toolkit) Collection of idapython scripts for dealing with the iOS kernelcache
- [**140**Star][13d] [Py] [servian/aws-auto-remediate](https://github.com/servian/aws-auto-remediate) Open source application to instantly remediate common security issues through the use of AWS Config
- [**140**Star][13d] [Py] [safebreach-labs/pyekaboo](https://github.com/safebreach-labs/pyekaboo) Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable
- [**140**Star][10d] [Go] [qubitproducts/exporter_exporter](https://github.com/qubitproducts/exporter_exporter) A reverse proxy designed for Prometheus exporters
- [**140**Star][5y] [Py] [puniaze/portdog](https://github.com/puniaze/portdog)  network anomaly detector aimed to detect port scanning techniques
- [**140**Star][12d] [C++] [phildo/expandpass](https://github.com/phildo/expandpass) Implements a simple nested grammar for expanding passwords
- [**140**Star][3y] [Py] [nullarray/cypher](https://github.com/nullarray/cypher) Pythonic ransomware proof of concept.
- [**140**Star][2m] [Py] [nopernik/mpdns](https://github.com/nopernik/mpdns) Multi-Purpose DNS Server
- [**140**Star][5m] [Shell] [nccgroup/bkscan](https://github.com/nccgroup/bkscan) BlueKeep scanner supporting NLA
- [**140**Star][1y] [HTML] [minhaskamal/cuteviruscollection](https://github.com/minhaskamal/cuteviruscollection) A Collection of Cute But Deadly Viruses (small-unharmful-annoying-harmless-funny-malware-virus-worm-windows-xp-7-10)
- [**140**Star][10d] [Py] [matrix1001/heapinspect](https://github.com/matrix1001/heapinspect) 
- [**140**Star][12d] [Go] [malfunkt/arpfox](https://github.com/malfunkt/arpfox) An arpspoof alternative (written in Go) that injects spoofed ARP packets into a LAN.
- [**140**Star][1m] [mafutian/software](https://github.com/mafutian/software) 破解版工具/软件
- [**140**Star][4m] [C++] [itm4n/usodllloader](https://github.com/itm4n/usodllloader) Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
- [**140**Star][16d] [Ruby] [hahwul/mad-metasploit](https://github.com/hahwul/mad-metasploit) Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
- [**140**Star][13d] [C] [ebursztein/malusb](https://github.com/ebursztein/malusb) Malicious USB
- [**140**Star][6m] [C] [davidbuchanan314/tardis](https://github.com/davidbuchanan314/tardis) Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
- [**140**Star][2y] [PS] [darkoperator/posh-sysmon](https://github.com/darkoperator/posh-sysmon) PowerShell module for creating and managing Sysinternals Sysmon config files.
- [**140**Star][4m] [Haskell] [cpeikert/lol](https://github.com/cpeikert/lol) Functional Lattice Cryptography
- [**140**Star][18d] [Py] [comsecuris/gdbida](https://github.com/comsecuris/gdbida) a visual bridge between a GDB session and IDA Pro's disassembler
    - [IDA插件](https://github.com/comsecuris/gdbida/blob/master/ida_gdb_bridge.py) 
    - [GDB脚本](https://github.com/comsecuris/gdbida/blob/master/gdb_ida_bridge_client.py) 
- [**140**Star][15d] [JS] [chris-barry/darkweb-everywhere](https://github.com/chris-barry/darkweb-everywhere) HTTPS Everywhere rulesets for hidden services and eepsites.
- [**140**Star][10m] [JS] [chabou/hyper-pane](https://github.com/chabou/hyper-pane) Extension for Hyper.app to enhance pane navigation.
- [**140**Star][4m] [PHP] [btoplak/joomla-anti-malware-scan-script--jamss-](https://github.com/btoplak/joomla-anti-malware-scan-script--jamss-) a Joomla! and WordPress Security script that automatically scans the Joomla! or Wordpress files for some patterns and "fingerprints" of malware, trojans or other injections into PHP code
- [**140**Star][25d] [Go] [appleboy/easyssh-proxy](https://github.com/appleboy/easyssh-proxy) easyssh-proxy provides a simple implementation of some SSH protocol features in Go
- [**140**Star][4m] [Py] [anhkgg/pyrat](https://github.com/anhkgg/pyrat) PyRat，a rat by python xmlrpc
- [**140**Star][1m] [Py] [ale5000-git/tingle](https://github.com/ale5000-git/tingle) Android patcher
- [**140**Star][24d] [JS] [0vercl0k/windbg-scripts](https://github.com/0vercl0k/windbg-scripts) A bunch of JavaScript extensions for WinDbg.
- [**139**Star][9m] [Java] [dakhnod/meshenger](https://github.com/dakhnod/meshenger) open source, P2P messenger without centralized server that works in a local network.
- [**139**Star][17d] [C++] [kashimastro/ofxgpio](https://github.com/kashimastro/ofxgpio) Library C++ for raspberrypi and orangepi, GPIO interfaces compatible with openframeworks.
- [**139**Star][15d] [Go] [trandoshan-io/crawler](https://github.com/trandoshan-io/crawler) Go process used to crawl websites
- [**139**Star][13d] [Ruby] [astro/socksify-ruby](https://github.com/astro/socksify-ruby) Redirect any TCP connection initiated by a Ruby script through a SOCKS5 proxy
- [**139**Star][24d] [Py] [chasedehan/boostaroota](https://github.com/chasedehan/boostaroota) A fast xgboost feature selection algorithm
- [**139**Star][4m] [Py] [pentestmonkey/pysecdump](https://github.com/pentestmonkey/pysecdump) Python-based tool to dump security information from Windows systems
- [**139**Star][4m] [JS] [snyk/goof](https://github.com/snyk/goof) Super vulnerable todo list application
- [**139**Star][25d] [Py] [chenjiandongx/soksaccounts](https://github.com/chenjiandongx/soksaccounts) Shadowsocks 账号爬虫
- [**139**Star][15d] [chryzsh/awesome-bloodhound](https://github.com/chryzsh/awesome-bloodhound) A curated list of awesome BloodhoundAD resources
- [**139**Star][10d] [PHP] [zsxsoft/my-ctf-challenges](https://github.com/zsxsoft/my-ctf-challenges) My CTF Challenges
- [**139**Star][15d] [Shell] [cloudfoundry-incubator/docker-boshrelease](https://github.com/cloudfoundry-incubator/docker-boshrelease) Docker BOSH Release
- [**139**Star][7m] [Py] [wudimahua/firewall](https://github.com/wudimahua/firewall) 美国国家安全局NSA下属方程式黑客组织（Equation Group）被The Shadow Brokers（影子经纪人）hack出来的并免费分享的源码
- [**139**Star][23d] [Py] [vinta/haul](https://github.com/vinta/haul) An Extensible Image Crawler
- [**139**Star][16d] [Py] [veerendra2/wifi-deauth-attack](https://github.com/veerendra2/wifi-deauth-attack) An automated script for deauthentication attack
- [**139**Star][10m] [C#] [unknownv2/corehook](https://github.com/unknownv2/corehook) A library that simplifies intercepting application function calls using managed code and the .NET Core runtime
- [**139**Star][2y] [Java] [tinylcy/classanalyzer](https://github.com/tinylcy/classanalyzer) A Java Class File Disassembler
- [**139**Star][15d] [Py] [svenito/exploit-pattern](https://github.com/svenito/exploit-pattern) generate and search pattern string for exploit development
- [**139**Star][1m] [JS] [substack/node-password-reset](https://github.com/substack/node-password-reset) middleware for password reset emails
- [**139**Star][6m] [Py] [santatic/web2attack](https://github.com/santatic/web2attack) Web hacking framework with tools, exploits by python
- [**139**Star][14d] [C] [rohanpadhye/fuzzfactory](https://github.com/rohanpadhye/fuzzfactory) Domain-Specific Fuzzing with Waypoints
- [**139**Star][4m] [PHP] [radenvodka/recsech](https://github.com/radenvodka/recsech) Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
- [**139**Star][27d] [JS] [owasp/passfault](https://github.com/owasp/passfault) OWASP Passfault evaluates passwords and enforces password policy in a completely different way.
- [**139**Star][18d] [ObjC] [objective-see/processmonitor](https://github.com/objective-see/processmonitor) Process Monitor Library (based on Apple's new Endpoint Security Framework)
- [**139**Star][26d] [nagwww/s3-leaks](https://github.com/nagwww/s3-leaks) List of S3 Hacks
- [**139**Star][25d] [Shell] [munki/installr](https://github.com/munki/installr) A tool designed for use in Recovery boot to do a "fresh" install of macOS and additional packages.
- [**139**Star][2y] [Py] [mohamednourtn/terminator](https://github.com/mohamednourtn/terminator) Terminator metasploit payload generator
- [**139**Star][4y] [Py] [lauixdata/wechat_hack](https://github.com/lauixdata/wechat_hack) 微信黑客攻击平台 - 已经废弃
- [**139**Star][22d] [Py] [korelogicsecurity/mastiff](https://github.com/korelogicsecurity/mastiff) Malware static analysis framework
- [**139**Star][3m] [C] [jgm/lunamark](https://github.com/jgm/lunamark) Lua library for conversion between markup formats
- [**139**Star][2m] [C] [goldshtn/windbg-extensions](https://github.com/goldshtn/windbg-extensions) Various extensions for WinDbg
- [**139**Star][17d] [Go] [go-xorm/cmd](https://github.com/go-xorm/cmd) Command line tools for database operation written by Go, moved to
- [**139**Star][1y] [Py] [giovanifss/gitmails](https://github.com/giovanifss/gitmails) An information gathering tool to collect git commit emails in version control host services
- [**139**Star][2m] [Py] [gdssecurity/wifitap](https://github.com/gdssecurity/wifitap) wifitap updated for BT5r3
- [**139**Star][1m] [Py] [elceef/bitlocker](https://github.com/elceef/bitlocker) Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)
- [**139**Star][2y] [Py] [ekultek/dagon](https://github.com/ekultek/dagon) Advanced Hash Manipulation
- [**139**Star][4y] [Java] [dodola/deepinvirtualapp](https://github.com/dodola/deepinvirtualapp) VirtualApp的技术文档和各个技术点拆解demo
- [**139**Star][4y] [C] [cr4sh/peibackdoor](https://github.com/cr4sh/peibackdoor) PEI stage backdoor for UEFI compatible firmware
- [**139**Star][20d] [Java] [codahale/shamir](https://github.com/codahale/shamir) A Java implementation of Shamir's Secret Sharing algorithm over GF(256).
- [**139**Star][3y] [C#] [cn33liz/cscriptshell](https://github.com/cn33liz/cscriptshell) CScriptShell, a Powershell Host running within cscript.exe
- [**139**Star][12d] [Py] [blacknbunny/mcreator](https://github.com/blacknbunny/mcreator) 反向Shell生成器, 自带AV绕过技术
- [**139**Star][1m] [akibsayyed/safeseven](https://github.com/akibsayyed/safeseven) SS7 Assessment Tool
- [**138**Star][10d] [Py] [entynetproject/proton](https://github.com/entynetproject/proton) Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Window…
- [**138**Star][4m] [HTML] [luc-github/repetier-firmware-4-davinci](https://github.com/luc-github/repetier-firmware-4-davinci) Repetier-Firmware-0.92 based for DaVinci printer (Beta - so far so good)
- [**138**Star][11d] [HTML] [itswadesh/sapper-ecommerce](https://github.com/itswadesh/sapper-ecommerce) Svelte ecommerce - Headless, Authentication, Cart & Checkout, TailwindCSS, Server Rendered, Proxy + API Integrated, Animations, Stores, Lazy Loading, Loading Indicators, Carousel, Instant Search, Faceted Filters, 1 command deploy to production, Open Source, MIT license. Join us as contributor (support@codenx.com)
- [**138**Star][4m] [C#] [rflechner/scrapysharp](https://github.com/rflechner/scrapysharp) reborn of https://bitbucket.org/rflechner/scrapysharp
- [**138**Star][18d] [Julia] [scrapingdance/scrapingoutsourcing](https://github.com/scrapingdance/ScrapingOutsourcing) ScrapingOutsourcing专注分享爬虫代码 尽量每周更新一个
- [**138**Star][13d] [TS] [eddyverbruggen/nativescript-bluetooth](https://github.com/eddyverbruggen/nativescript-bluetooth) 
- [**138**Star][23d] [C] [fastfilter/xor_singleheader](https://github.com/fastfilter/xor_singleheader) Header-only Xor Filter library
- [**138**Star][15d] [Py] [landgrey/classhound](https://github.com/landgrey/classhound) 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码
- [**138**Star][1m] [Py] [tunz/binch](https://github.com/tunz/binch) A light ELF binary patch tool in python urwid
- [**138**Star][16d] [Py] [kootenpv/access_points](https://github.com/kootenpv/access_points) Scan your WiFi and get access point information and signal quality
- [**138**Star][11d] [Go] [zhshch2002/goribot](https://github.com/zhshch2002/goribot) [Crawler/Scraper for Golang]
- [**138**Star][13d] [PHP] [m0xiaoxi/ctf_web_docker](https://github.com/m0xiaoxi/ctf_web_docker) dockers for CTF_Web.
- [**138**Star][10d] [Java] [grapheneos/auditor](https://github.com/GrapheneOS/Auditor) Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
- [**138**Star][11d] [Py] [secureauthcorp/pysap](https://github.com/SecureAuthCorp/pysap) pysap is an open source Python library that provides modules for crafting and sending packets using SAP's NI, Diag, Enqueue, Router, Message Server, SNC, IGS and RFC protocols.
- [**138**Star][25d] [Py] [yymax/x509test](https://github.com/yymax/x509test) A Python3 software that validates a client's side SSL/TLS application's X509 verification process
- [**138**Star][4m] [Py] [yt1g3r/cve-2019-3396_exp](https://github.com/yt1g3r/cve-2019-3396_exp) CVE-2019-3396 confluence SSTI RCE
- [**138**Star][1y] [C] [yadutaf/tracepkt](https://github.com/yadutaf/tracepkt) Trace a ping packet journey across network interfaces and namespace on recent Linux. Supports IPv4 and IPv6.
- [**138**Star][1m] [Py] [wfzsec/awd_attack_framework](https://github.com/wfzsec/awd_attack_framework) awd攻防常用脚本+不死马+crontab+防御方法
- [**138**Star][2y] [Py] [wangyihang/reverse-shell-manager](https://github.com/wangyihang/reverse-shell-manager) 
- [**138**Star][2y] [Py] [ultimatelabs/zoom](https://github.com/ultimatelabs/zoom) Automatic & lightning fast wordpress vulnerability scanner
- [**138**Star][1m] [C++] [tromp/equihash](https://github.com/tromp/equihash) multi-parameter Equihash proof-of-work multi-threaded C solvers
- [**138**Star][1y] [C] [tharina/35c3ctf](https://github.com/tharina/35c3ctf) 35C3 Junior CTF pwnables
- [**138**Star][3m] [Ruby] [tagomoris/fluent-plugin-secure-forward](https://github.com/tagomoris/fluent-plugin-secure-forward) input/output plugin to forward fluentd messages over SSL with authentication.
- [**138**Star][7m] [Py] [stratosphereips/stratospherelinuxips](https://github.com/stratosphereips/stratospherelinuxips) an intrusion prevention system that is based on behavioral detections and machine learning algorithms
- [**138**Star][1y] [C++] [schnocker/noeye](https://github.com/schnocker/noeye) An usermode BE Rootkit Bypass
- [**138**Star][12d] [sashs/arm_exploitation](https://github.com/sashs/arm_exploitation) Exploitation on ARM-based Systems (Troopers18)
- [**138**Star][2y] [Java] [netspi/wsdler](https://github.com/netspi/wsdler) WSDL Parser extension for Burp
- [**138**Star][3y] [Java] [mwsrc/betterandrorat](https://github.com/mwsrc/betterandrorat) Android Remote Access Trojan
- [**138**Star][23d] [Ruby] [mubix/vt-notify](https://github.com/mubix/vt-notify) Get email notification when Virus Total has a copy of your binary.
- [**138**Star][2m] [Java] [mogwaisec/mjet](https://github.com/mogwaisec/mjet) Mogwai Java Management Extensions (JMX) Exploitation Toolkit
- [**138**Star][1y] [C#] [livingcomputermuseum/contralto](https://github.com/livingcomputermuseum/contralto) This repository contains the source code for Living Computers: Museum+Labs's Xerox Alto emulator, ContrAlto.
- [**138**Star][4m] [PHP] [ksanchezcld/hacking_cheat_sheet](https://github.com/ksanchezcld/hacking_cheat_sheet) All my Hacking|Pentesting Notes
- [**138**Star][4y] [ObjC] [kpwn/935csbypass](https://github.com/kpwn/935csbypass) codesign bypass (get out of rop without JIT)
- [**138**Star][1y] [PS] [klionsec/decryption-tool](https://github.com/klionsec/decryption-tool) 
- [**138**Star][18d] [PHP] [jorijn/laravel-security-checker](https://github.com/jorijn/laravel-security-checker) Added Laravel functionality to SensioLabs Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.
- [**138**Star][1y] [Py] [johndekroon/serializekiller](https://github.com/johndekroon/serializekiller) Mass scanner for the Java serialize bug
- [**138**Star][5y] [C] [hiteshd/android-rootkit](https://github.com/hiteshd/android-rootkit) A rootkit for Android. Based on "Android platform based linux kernel rootkit" from Phrack Issue 68
- [**138**Star][16d] [Py] [hasameli/foghorn](https://github.com/hasameli/foghorn) The foghorn project is a DNS proxy intended to reduce user exposure to phishing and other malicious items that can be interdicted by DNS greylisting
- [**138**Star][10d] [Java] [frpccluster/frpc-android](https://github.com/frpccluster/frpc-android) Android,安卓版frpc，一个快速反向代理，可帮助您将NAT或防火墙后面的本地服务器暴露给Internet。
- [**138**Star][10d] [Py] [entynetproject/proton](https://github.com/entynetproject/proton) Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Window…
- [**138**Star][3m] [Ruby] [dev-sec/chef-ssh-hardening](https://github.com/dev-sec/chef-ssh-hardening) This chef cookbook provides secure ssh-client and ssh-server configurations.
- [**138**Star][11m] [PHP] [designsecurity/progpilot](https://github.com/designsecurity/progpilot) A static analysis tool for security
- [**138**Star][4m] [Py] [defense-cyber-crime-center/dc3-mwcp](https://github.com/defense-cyber-crime-center/dc3-mwcp) 
- [**138**Star][18d] [C] [davidbuchanan314/pwn-mbr](https://github.com/davidbuchanan314/pwn-mbr) A simple MBR hijack demonstration
- [**138**Star][15d] [YARA] [citizenlab/malware-indicators](https://github.com/citizenlab/malware-indicators) Citizen Lab Malware Reports
- [**138**Star][3y] [C] [chris-johnston/binarykeyboard](https://github.com/chris-johnston/binarykeyboard) A keyboard with two buttons that types in binary.
- [**138**Star][4m] [chef-koch/online-privacy-test-resource-list](https://github.com/chef-koch/online-privacy-test-resource-list) Privacy Online Test and Resource Compendium (POTARC) 🕵🏻
- [**138**Star][12m] [Perl] [caledoniaproject/jenkins-cli-exploit](https://github.com/caledoniaproject/jenkins-cli-exploit) Jenkins CommonCollections Exploit
- [**138**Star][12d] [C] [arsv/minibase](https://github.com/arsv/minibase) small static userspace tools for Linux
- [**138**Star][4m] [PS] [anssi-fr/adtimeline](https://github.com/anssi-fr/adtimeline) PowerShell script creating a timeline of Active Directory changes with replication metadata
- [**137**Star][11d] [C++] [hlldz/pickl3](https://github.com/hlldz/pickl3) Windows active user credential phishing tool
- [**137**Star][6m] [nebutech/nbminer](https://github.com/nebutech/nbminer) GPU Miner for CKB, GRIN, AE, BTM, ETH
- [**137**Star][8d] [Swift] [pujiaxin33/jxpatternlock](https://github.com/pujiaxin33/jxpatternlock) An easy-to-use, powerful, customizable pattern lock view in swift. 图形解锁／手势解锁 / 手势密码 / 图案密码 / 九宫格密码
- [**137**Star][13d] [Go] [genkiroid/cert](https://github.com/genkiroid/cert) Cert is the Go tool to get TLS certificate information.
- [**137**Star][2y] [C] [firmianay/life-long-learner](https://github.com/firmianay/life-long-learner) Personal Notes About Everything.
- [**137**Star][2m] [Shell] [coldhakca/tor-relay-bootstrap](https://github.com/coldhakca/tor-relay-bootstrap) Script to bootstrap a Debian server to be a set-and-forget Tor relay
- [**137**Star][1m] [C#] [m0xiaoxi/ctftools](https://github.com/m0xiaoxi/CTFtools) 本项目主要搜集一些关于信息安全攻防相关的知识与工具，便于个人的渗透工作。
- [**137**Star][28d] [Py] [crytic/rattle](https://github.com/crytic/rattle) evm binary static analysis
- [**137**Star][17d] [Py] [bit4woo/code2sec.com](https://github.com/bit4woo/code2sec.com) xmind\code\articles for my personal blog 个人博客上的资源备份存储，也是个人分享的汇总
- [**137**Star][15d] [JS] [walkdoer/life-time-tracker](https://github.com/walkdoer/Life-Time-Tracker) 个人时间跟踪，可视化个人活动数据，管理个人生活，利用过去来指导未来，基于柳比歇夫的统计方法
- [**137**Star][3y] [Java] [ysrc/anti-emulator](https://github.com/ysrc/anti-emulator) 基于文件特征的Android模拟器检测
- [**137**Star][16d] [Shell] [xvass/vscan](https://github.com/xvass/vscan) vulnerability scanner tool using nmap and nse scripts
- [**137**Star][26d] [Shell] [xmikos/cryptboot](https://github.com/xmikos/cryptboot) Encrypted boot partition manager with UEFI Secure Boot support
- [**137**Star][4y] [C] [xairy/kaslr-bypass-via-prefetch](https://github.com/xairy/kaslr-bypass-via-prefetch) A proof-of-concept KASLR bypass for the Linux kernel via timing prefetch (dilettante implementation, better read the original paper:
- [**137**Star][4m] [TS] [wkovacs64/pwned](https://github.com/wkovacs64/pwned) A command-line tool for querying the 'Have I been pwned?' service.
- [**137**Star][6y] [ObjC] [tyranid/ie11sandboxescapes](https://github.com/tyranid/ie11sandboxescapes) Some example source code for fixed IE11 sandbox escapes.
- [**137**Star][16d] [JS] [thx/magix-inspector](https://github.com/thx/magix-inspector) magix项目调试分析工具
- [**137**Star][5y] [C++] [slauc91/anticheat](https://github.com/slauc91/anticheat)  scan for certain malicious activity that occur in the gaming median.
- [**137**Star][8m] [Py] [seomoz/reppy](https://github.com/seomoz/reppy) Modern robots.txt Parser for Python
- [**137**Star][5y] [PS] [secabstraction/wmisploit](https://github.com/secabstraction/wmisploit) a small set of PowerShell scripts that leverage the WMI service, for post-exploitation use
- [**137**Star][3m] [C] [rmmh/abbrase](https://github.com/rmmh/abbrase) password generation based on abbreviating phrases made with markov chains
- [**137**Star][22d] [Shell] [reider-roque/linpostexp](https://github.com/reider-roque/linpostexp) Linux post exploitation enumeration and exploit checking tools
- [**137**Star][4m] [Py] [quentinhardy/scriptsandexploits](https://github.com/quentinhardy/scriptsandexploits) Some scripts and exploits
- [**137**Star][5y] [osandamalith/exe2image](https://github.com/osandamalith/exe2image) A simple utility to convert EXE files to JPEG images and vice versa.
- [**137**Star][1m] [Go] [ns3777k/go-shodan](https://github.com/ns3777k/go-shodan) Shodan API client
- [**137**Star][1y] [Py] [nh2/strace-pipes-presentation](https://github.com/nh2/strace-pipes-presentation) 利用strace+管道/socket进行调试
- [**137**Star][17d] [Go] [mritd/idgen](https://github.com/mritd/idgen) 一个使用 golang 编写的大陆身份证生成器
- [**137**Star][5m] [Go] [massung/chip-8](https://github.com/massung/chip-8) Assembler and Emulator in Go
- [**137**Star][2y] [C] [limiter121/esp32-obd2-emulator](https://github.com/limiter121/esp32-obd2-emulator) Open-source OBD-II emulator based on an ESP32 + CAN transceiver IC, controllable via WiFi through a simple web UI (or via API)
- [**137**Star][18d] [C] [libyal/libewf](https://github.com/libyal/libewf) Libewf is a library to access the Expert Witness Compression Format (EWF)
- [**137**Star][1m] [Py] [laginimaineb/android_fde_bruteforce](https://github.com/laginimaineb/android_fde_bruteforce) Scripts to bruteforce Android's Full Disk Encryption off the device
- [**137**Star][23d] [Py] [jzadeh/aktaion](https://github.com/jzadeh/aktaion) Open Source ML tool and data samples for Exploit and Phishing Research
- [**137**Star][1m] [C] [jvoisin/pangu](https://github.com/jvoisin/pangu) Toolkit to detect/crash/attack GNU debugging-related tools
- [**137**Star][5m] [Py] [jezdez/django-discover-runner](https://github.com/jezdez/django-discover-runner) A Django test runner based on unittest2's test discovery.
- [**137**Star][11d] [HTML] [intel/generic-sensor-demos](https://github.com/intel/generic-sensor-demos) applications that demonstrate how to use the Generic Sensor API.
- [**137**Star][3y] [greymd/cve-2017-1000117](https://github.com/greymd/cve-2017-1000117) Check Git's vulnerability CVE-2017-1000117
- [**137**Star][2y] [Py] [gradiusx/hevd-python-solutions](https://github.com/gradiusx/hevd-python-solutions) Python solutions for the HackSysTeam Extreme Vulnerable Driver
- [**137**Star][6y] [C] [elima/filetea](https://github.com/elima/filetea) Web-based anonymous file-sharing service
- [**137**Star][8m] [Py] [decoxviii/userrecon-py](https://github.com/decoxviii/userrecon-py) Username recognition on various websites.
- [**137**Star][22d] [Py] [danigargu/syms2elf](https://github.com/danigargu/syms2elf) A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table
- [**137**Star][15d] [Py] [ctxis/beemka](https://github.com/ctxis/beemka) Basic Electron Exploitation
- [**137**Star][1m] [C] [bwall/pemcracker](https://github.com/bwall/pemcracker) Tool to crack encrypted PEM files
- [**137**Star][4m] [Py] [arizvisa/ida-minsc](https://github.com/arizvisa/ida-minsc) a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler.
- [**137**Star][8y] [Perl] [anestisb/webacoo](https://github.com/anestisb/webacoo) Web Backdoor Cookie Script-Kit
- [**137**Star][11m] [C] [akayn/demos](https://github.com/akayn/demos) Windows Kernel Exploitation. Static & dynamic analysis, exploits & vuln research. Mitigations bypass's, genric bug-class's.
- [**137**Star][13d] [Shell] [91yun/vpn](https://github.com/91yun/vpn) vpn一键安装包
- [**137**Star][15d] [Java] [0ffffffffh/dragondance](https://github.com/0ffffffffh/dragondance) Binary code coverage visualizer plugin for Ghidra
    - [Ghidra插件](https://github.com/0ffffffffh/dragondance/blob/master/README.md) 
    - [coverage-pin](https://github.com/0ffffffffh/dragondance/blob/master/coveragetools/README.md) 使用Pin收集信息
- [**136**Star][10d] [Lua] [lanoox/luject](https://github.com/lanoox/luject) A static injector of dynamic library for application (android, iphoneos, macOS, windows, linux)
- [**136**Star][3m] [x0uid/spotifyadblock](https://github.com/x0uid/spotifyadblock) Protect your privacy by blocking all annoying Spotify ads & analytics in Linux, OSX and Windows with hosts file.
- [**136**Star][2y] [Java] [yuger/vpn_2017](https://github.com/yuger/vpn_2017) Android open source VPN client released on Google Play store.
- [**136**Star][11d] [Py] [hbldh/bleak](https://github.com/hbldh/bleak) Bluetooth Low Energy platform Agnostic Klient for Python
- [**136**Star][11d] [C++] [taligentx/dsckeybusinterface](https://github.com/taligentx/dsckeybusinterface) An Arduino/esp8266 library to directly interface with DSC security systems.
- [**136**Star][16d] [PHP] [multiotp/multiotp](https://github.com/multiotp/multiotp) multiOTP open source strong two factor authentication PHP library, OATH certified, with TOTP, HOTP, Mobile-OTP, YubiKey, SMS, QRcode provisioning, etc.
- [**136**Star][14d] [Py] [chxj1992/hortor-cheater](https://github.com/chxj1992/hortor-cheater) 头脑王者作弊辅助工具
- [**136**Star][18d] [C] [xhuvom/darknetfaceid](https://github.com/xhuvom/darknetfaceid) A YOLO darknet implementation of facial recognition from automatic annotation of facial images.
- [**136**Star][13d] [optixal/cehv10-notes](https://github.com/Optixal/CEHv10-Notes) 
- [**136**Star][6y] [Py] [osirislab/ctf-challenges](https://github.com/osirislab/CTF-Challenges) A repository of challenges from various CTF competitions.
- [**136**Star][6y] [C++] [zer0fl4g/nanomite](https://github.com/zer0fl4g/nanomite) Graphical Debugger for x64 and x86 on Windows
- [**136**Star][2m] [Py] [zcutlip/bowcaster](https://github.com/zcutlip/bowcaster)  Exploit Development Framework
- [**136**Star][11d] [Java] [yandex/burp-molly-scanner](https://github.com/yandex/burp-molly-scanner) Turn your Burp suite into headless active web application vulnerability scanner
- [**136**Star][12d] [Py] [t3st0r-git/hackmysql](https://github.com/T3st0r-Git/HackMySQL) Using To MySQL Elevate Privileges.
- [**136**Star][4m] [HTML] [trendmicro/securecodingdojo](https://github.com/trendmicro/securecodingdojo) a platform for delivering secure coding training
- [**136**Star][2y] [Py] [thehive-project/hippocampe](https://github.com/thehive-project/hippocampe) Threat Feed Aggregation, Made Easy
- [**136**Star][11d] [C] [spotify/linux](https://github.com/spotify/linux) Spotify's Linux kernel for Debian-based systems
- [**136**Star][14d] [soffensive/windowsblindread](https://github.com/soffensive/windowsblindread) A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
- [**136**Star][10d] [Py] [skelsec/msldap](https://github.com/skelsec/msldap) 从Active Directory中获取用户对象, 并将重要内容存储在一个大型电子表格中. 用于渗透期间快速识别易受攻击的用户设置
- [**136**Star][3m] [C] [silentsignal/sheep-wolf](https://github.com/silentsignal/sheep-wolf) 现实中早已有MD5 碰撞攻击的实例，然而一些安全软件依然已 MD5 标识恶意样本。此工具用于检测安全工具内部是否使用 MD5 标识样本
- [**136**Star][23d] [C] [siguza/cl0ver](https://github.com/siguza/cl0ver) tfp0 for iOS 9.0-9.3.4
- [**136**Star][29d] [shipcod3/mysapadventures](https://github.com/shipcod3/mysapadventures) A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters
- [**136**Star][1y] [PS] [securemode/invoke-apex](https://github.com/securemode/invoke-apex) A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
- [**136**Star][24d] [Py] [schumilo/vusbf](https://github.com/schumilo/vusbf) 
- [**136**Star][16d] [Py] [ropnop/windows_sshagent_extract](https://github.com/ropnop/windows_sshagent_extract) PoC code to extract private keys from Windows 10's built in ssh-agent service
- [**136**Star][9d] [PS] [rgl/windows-vagrant](https://github.com/rgl/windows-vagrant) Windows 2012R2/10/2016/2019 Base Vagrant Box (
- [**136**Star][2y] [Py] [random-robbie/jira-scan](https://github.com/random-robbie/jira-scan) CVE-2017-9506 - SSRF
- [**136**Star][21d] [Py] [pwning/defcon25-public](https://github.com/pwning/defcon25-public) Publicly released tools/plugins from PPP for DEFCON 25 CTF Finals
- [**136**Star][2y] [C#] [poshsec/poshsecframework](https://github.com/poshsec/poshsecframework) A framework for PowerShell and PoshSec scripts for network management, security, and maintenance.
- [**136**Star][3y] [Py] [pjlantz/hale](https://github.com/pjlantz/hale) Botnet command & control monitor
- [**136**Star][3y] [Shell] [pasahitz/zirikatu](https://github.com/pasahitz/zirikatu) Fud Payload generator script
- [**136**Star][9m] [JS] [owasp/securetea-project](https://github.com/owasp/securetea-project) The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
- [**136**Star][1y] [Shell] [nullarray/mida-multitool](https://github.com/nullarray/mida-multitool) Bash script purposed for system enumeration, vulnerability identification and privilege escalation.
- [**136**Star][1y] [Py] [nirizr/rematch](https://github.com/nirizr/rematch) REmatch, a complete binary diffing framework that is free and strives to be open source and community driven.
- [**136**Star][13d] [HTML] [nette/sandbox](https://github.com/nette/sandbox) Nette Framework sandbox project.
- [**136**Star][4m] [Py] [nanonets/raspberrypi-objectdetection-tensorflow](https://github.com/nanonets/raspberrypi-objectdetection-tensorflow) Object Detection using TensorFlow on a Raspberry Pi
- [**136**Star][10d] [Go] [mhmdiaa/second-order](https://github.com/mhmdiaa/second-order) 爬取web app, 收集 URL, 扫描second-order 子域名接管
- [**136**Star][4m] [maddiestone/conpresentations](https://github.com/maddiestone/conpresentations) Slide decks from my conference presentations
- [**136**Star][17d] [Py] [log2timeline/dfvfs](https://github.com/log2timeline/dfvfs) Digital Forensics Virtual File System (dfVFS)
- [**136**Star][8m] [Go] [leviathan1995/fari-proxy](https://github.com/leviathan1995/fari-proxy) To freedom
- [**136**Star][4y] [kurobeats/pentest-bookmarks](https://github.com/kurobeats/pentest-bookmarks) Open Penetration Testing Bookmarks Collection
- [**136**Star][1y] [Py] [kd8bny/limeaide](https://github.com/kd8bny/limeaide) A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host.
- [**136**Star][11d] [TS] [justinpealing/html-query-plan](https://github.com/justinpealing/html-query-plan) Display SQL Server Execution Plans in HTML
- [**136**Star][13d] [Py] [jinmo/ctfs](https://github.com/jinmo/ctfs) ctf exploit codes or writeups
- [**136**Star][20d] [C] [jcadduono/android_external_dirtycow](https://github.com/jcadduono/android_external_dirtycow) CVE-2016-5195 (dirtycow/dirtyc0w) - recowvery fork
- [**136**Star][8m] [Py] [ivan1ee/struts2-057-exp](https://github.com/ivan1ee/struts2-057-exp) s2-057 最新漏洞分析和EXP脚本
- [**136**Star][2y] [Py] [ihack4falafel/osce](https://github.com/ihack4falafel/osce) Collection of things made during my preparation to take on OSCE
- [**136**Star][4m] [C] [hoshimin/hooklib](https://github.com/hoshimin/hooklib) The functions interception library written on pure C and NativeAPI with UserMode and KernelMode support
- [**136**Star][22d] [C] [gamozolabs/falkervisor_grilled_cheese](https://github.com/gamozolabs/falkervisor_grilled_cheese) 
- [**136**Star][2m] [C] [emptymonkey/mimic](https://github.com/emptymonkey/mimic) Hide processes as a normal user in Linux.
- [**136**Star][1y] [C#] [davidfowl/multiprotocolaspnetcore](https://github.com/davidfowl/multiprotocolaspnetcore) Multi-protocol Server with ASP.NET Core and Kestrel
- [**136**Star][30d] [C] [cryptosphere/sysrandom](https://github.com/cryptosphere/sysrandom) Secure random number generation for Ruby using system RNG facilities
- [**136**Star][4y] [Shell] [commonexploits/port-scan-automation](https://github.com/commonexploits/port-scan-automation) Automate NMAP Scans and Generate Custom Nessus Policies Automatically
- [**136**Star][3y] [HTML] [chybeta/waf-bypass](https://github.com/chybeta/waf-bypass) WAF Bypass Cheatsheet
- [**136**Star][2y] [C] [catid/zpng](https://github.com/catid/zpng) Better lossless compression than PNG with a simpler algorithm
- [**136**Star][8d] [Py] [bishopfox/zigdiggity](https://github.com/bishopfox/zigdiggity) A ZigBee hacking toolkit by Bishop Fox
- [**136**Star][10m] [Go] [bearded-web/bearded](https://github.com/bearded-web/bearded) 
- [**136**Star][4y] [Py] [andrewmohawk/rfcathelpers](https://github.com/andrewmohawk/rfcathelpers) Helper scripts for RfCat devices
- [**136**Star][3y] [HTML] [4b5f5f4b/exploits](https://github.com/4b5f5f4b/exploits) 
- [**136**Star][9m] [Py] [1n3/exploits](https://github.com/1n3/exploits) Exploits by 1N3 @CrowdShield
- [**135**Star][2m] [Go] [openayame/ayame](https://github.com/openayame/ayame) WebRTC Signaling Server Ayame
- [**135**Star][3m] [C++] [huoji120/antivirus_r3_bypass_demo](https://github.com/huoji120/antivirus_r3_bypass_demo) 分别用R3的0day与R0的0day来干掉杀毒软件
- [**135**Star][2m] [Java] [developerpaul123/simplebluetoothlibrary](https://github.com/developerpaul123/simplebluetoothlibrary) Android library for simplifying bluetooth usage.
- [**135**Star][7d] [PHP] [binarymaster/3wifi](https://github.com/binarymaster/3wifi) 3WiFi Wireless Database
- [**135**Star][25d] [Py] [yuawn/ctf](https://github.com/yuawn/CTF) CTF write-ups and some wargame sites write-ups.
- [**135**Star][2m] [Ruby] [dradis/dradis-legacy](https://github.com/dradis/dradis-legacy) This is a LEGACY repo head to
- [**135**Star][3y] [HTML] [yoghurtjia/zhihu_bigdata](https://github.com/yoghurtjia/zhihu_bigdata) 使用scrapy和pandas完成对知乎300w用户的数据分析。首先使用scrapy爬取知乎网的300w，用户资料，最后使用pandas对数据进行过滤，找出想要的知乎大牛，并用图表的形式可视化。
- [**135**Star][20d] [wpvsyou/mprop](https://github.com/wpvsyou/mprop) 修改Android prop脚本工具
- [**135**Star][5y] [Java] [wanchouchou/apkprotect](https://github.com/wanchouchou/apkprotect) 通付盾第一代安全加固方案
- [**135**Star][2m] [v-p-b/avpwn](https://github.com/v-p-b/avpwn) List of real-world threats against endpoint protection software
- [**135**Star][3m] [PHP] [tools2/zend-decoder](https://github.com/tools2/zend-decoder) 还原ZendGuard处理后的php代码
- [**135**Star][1m] [Go] [stalkr/dns-reverse-proxy](https://github.com/stalkr/dns-reverse-proxy) DNS Reverse Proxy
- [**135**Star][13d] [Py] [spotify/gcp-audit](https://github.com/spotify/gcp-audit) A tool for auditing security properties of GCP projects.
- [**135**Star][4m] [JS] [smartcontractsecurity/swc-registry](https://github.com/smartcontractsecurity/swc-registry) Smart Contract Weakness Classification and Test Cases
- [**135**Star][10d] [Py] [renatahodovan/grammarinator](https://github.com/renatahodovan/grammarinator) ANTLR v4 grammar-based test generator
- [**135**Star][23d] [HTML] [ppeccin/javatari.js](https://github.com/ppeccin/javatari.js) Javatari - Online Atari 2600 Emulator
- [**135**Star][20d] [C++] [phackt/stager.dll](https://github.com/phackt/stager.dll) Code from this article:
- [**135**Star][14d] [Go] [mushorg/glutton](https://github.com/mushorg/glutton) Generic Low Interaction Honeypot
- [**135**Star][15d] [Py] [misp/misp-taxonomies](https://github.com/misp/misp-taxonomies) Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
- [**135**Star][1y] [PS] [logrhythm-labs/pie](https://github.com/logrhythm-labs/pie) Phishing Intelligence Engine 
- [**135**Star][4y] [PS] [latkin/1poshword](https://github.com/latkin/1poshword) PowerShell client for 1Password
- [**135**Star][2m] [Shell] [jsitech/relayer](https://github.com/jsitech/relayer) SMB Relay Attack Script
- [**135**Star][11d] [jonaschn/awesome-he](https://github.com/jonaschn/awesome-he)    A curated list of amazing Homomorphic Encryption libraries, software and resources
- [**135**Star][6y] [Py] [hiddenillusion/analyzepdf](https://github.com/hiddenillusion/analyzepdf) Tool to help analyze PDF files
- [**135**Star][10d] [Py] [hannob/optionsbleed](https://github.com/hannob/optionsbleed)  a proof of concept code to test for the Optionsbleed bug in Apache httpd (CVE-2017-9798)
- [**135**Star][1m] [C] [gsmk/hexagon](https://github.com/gsmk/hexagon) IDA processor module for the hexagon (QDSP6) processor
- [**135**Star][2m] [HTML] [edoverflow/proof-of-concepts](https://github.com/edoverflow/proof-of-concepts) A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
- [**135**Star][15d] [Py] [cr0hn/enteletaor](https://github.com/cr0hn/enteletaor) Message Queue & Broker Injection tool
- [**135**Star][19d] [C] [cisco-talos/file2pcap](https://github.com/cisco-talos/file2pcap)  make various types of packet captures containing the content of any file that you specify
- [**135**Star][4m] [Py] [chrispetrou/fdsploit](https://github.com/chrispetrou/fdsploit) File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
- [**135**Star][4m] [C++] [chenenyu/androidsecurity](https://github.com/chenenyu/androidsecurity) Android安全实践
- [**135**Star][4m] [Py] [certcc/tapioca](https://github.com/certcc/tapioca) CERT Tapioca for MITM network analysis
- [**135**Star][4m] [Py] [binarydefense/auto-ossec](https://github.com/binarydefense/auto-ossec)  automatically provision OSSEC agents for both Linux and Windows
- [**135**Star][1m] [Shell] [bet4it/build-an-efficient-pwn-environment](https://github.com/bet4it/build-an-efficient-pwn-environment) How to build an efficient pwn development environment in 2020
- [**135**Star][19d] [atimorin/scada-tools](https://github.com/atimorin/scada-tools) 
- [**135**Star][2m] [C] [adamcaudill/ccsrch](https://github.com/adamcaudill/ccsrch) Cross-platform credit card (PAN) search tool for security assessments
- [**135**Star][2y] [C++] [3gstudent/eventlogedit-evtx--evolution](https://github.com/3gstudent/eventlogedit-evtx--evolution) Remove individual lines from Windows XML Event Log (EVTX) files
- [**134**Star][3m] [PS] [hausec/powerzure](https://github.com/hausec/powerzure) PowerShell script to interact with Azure
- [**134**Star][18d] [CSS] [davesteele/comitup](https://github.com/davesteele/comitup) Bootstrap Wifi support over Wifi
- [**134**Star][17d] [JS] [toobigdata/papa](https://github.com/toobigdata/papa) 一个浏览器端数据爬虫，做每个人的数据助手
- [**134**Star][3m] [Py] [lossme/tencentcomicbook](https://github.com/lossme/tencentcomicbook) 腾讯漫画、哔哩哔哩漫画、有妖气漫画爬虫 ac.qq.com / manga.bilibili.com / u17.com Crawler
- [**134**Star][3m] [C++] [michalmonday/supremeduck](https://github.com/michalmonday/supremeduck) USB keystroke injector controlled by smartphone.
- [**134**Star][1m] [C++] [qihoo360/artdumper](https://github.com/qihoo360/artdumper) 从oat文件中dump出来dex的工具
- [**134**Star][25d] [Go] [v2ray/ext](https://github.com/v2ray/ext) Utilities to support Project V
- [**134**Star][3m] [Py] [nccgroup/susanrtti](https://github.com/nccgroup/SusanRTTI) Another RTTI Parsing IDA plugin
- [**134**Star][1y] [c] [gnutls/gnutls](https://gitlab.com/gnutls/gnutls) 
- [**134**Star][10d] [Shell] [wmal/kodachi](https://github.com/wmal/kodachi) Linux Kodachi operating system, based on Xubuntu 18.04, provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
- [**134**Star][11d] [HTML] [wifiphisher/extra-phishing-pages](https://github.com/wifiphisher/extra-phishing-pages) Community-built scenarios for Wifiphisher
- [**134**Star][29d] [C#] [v2ray/v2ray-panel-master](https://github.com/v2ray/v2ray-panel-master) Deprecated
- [**134**Star][1m] [PS] [tevora-threat/eternal_blue_powershell](https://github.com/tevora-threat/eternal_blue_powershell) Port of eternal blue exploits to powershell
- [**134**Star][4m] [Go] [teknogeek/ssrf-sheriff](https://github.com/teknogeek/ssrf-sheriff) A simple SSRF-testing sheriff written in Go
- [**134**Star][4m] [C#] [sh0wdown/unofficialcrusaderpatch](https://github.com/sh0wdown/unofficialcrusaderpatch) Unofficial balancing patch installer for Stronghold Crusader 1
- [**134**Star][1m] [secure-data-analysis-data-sharing/data-analysis](https://github.com/secure-data-analysis-data-sharing/data-analysis) 资料分享
- [**134**Star][5y] [scfwse/blockchinasoftware](https://github.com/scfwse/blockchinasoftware) 国产安全软件免疫补丁
- [**134**Star][16d] [Rust] [rub-syssec/nautilus](https://github.com/rub-syssec/nautilus) a grammar based feedback fuzzer
- [**134**Star][2m] [pwnwiki/webappdefaultsdb](https://github.com/pwnwiki/webappdefaultsdb) A DB of known Web Application Admin URLS, Username/Password Combos and Exploits
- [**134**Star][18d] [C] [potmdehex/multipath_kfree](https://github.com/potmdehex/multipath_kfree) low effort jb
- [**134**Star][20d] [C] [poliva/ldpreloadhook](https://github.com/poliva/ldpreloadhook) a quick open/close/ioctl/read/write/free function hooker
- [**134**Star][4m] [Py] [picoctf/picoctf](https://github.com/picoctf/picoctf) The platform used to run picoCTF. A great framework to host any CTF.
- [**134**Star][5y] [PHP] [phith0n/xsshtml](https://github.com/phith0n/xsshtml) php富文本过滤类，XSS Filter
- [**134**Star][17d] [payloadbox/open-redirect-payload-list](https://github.com/payloadbox/open-redirect-payload-list) 
- [**134**Star][16d] [Gherkin] [owasp-cloud-security/owasp-cloud-security](https://github.com/owasp-cloud-security/owasp-cloud-security) OWASP Cloud Security - Enabling conversations through threat and control stories
- [**134**Star][17d] [C++] [nezha-dt/nezha](https://github.com/nezha-dt/nezha) Differential fuzzing for the masses!
- [**134**Star][16d] [Shell] [mrschyte/dockerpot](https://github.com/mrschyte/dockerpot) A docker based honeypot.
- [**134**Star][1y] [Py] [mitrecnd/whodat](https://github.com/mitrecnd/whodat) Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT)
- [**134**Star][9m] [PS] [mikefrobbins/powershell](https://github.com/mikefrobbins/powershell) PowerShell scripts and functions
- [**134**Star][2m] [mawenjian/china-cdn-domain-whitelist](https://github.com/mawenjian/china-cdn-domain-whitelist) 中国CDN服务提供商域名白名单（China CDN Service Providers' Domain Whitelist）
- [**134**Star][1m] [C] [matrixssl/matrixssl](https://github.com/matrixssl/matrixssl) Lightweight Embedded SSL/TLS Implementation for IoT Devices
- [**134**Star][3y] [C#] [m0xiaoxi/ctftools](https://github.com/m0xiaoxi/ctftools) 本项目主要搜集一些关于信息安全攻防相关的知识与工具，便于个人的渗透工作。
- [**134**Star][12d] [Py] [google/ctfscoreboard](https://github.com/google/ctfscoreboard) Scoreboard for Capture The Flag competitions.
- [**134**Star][12d] [Py] [flathub/com.valvesoftware.steam](https://github.com/flathub/com.valvesoftware.steam) 
- [**134**Star][2m] [C++] [felixwilhelm/xenpwn](https://github.com/felixwilhelm/xenpwn) Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization
- [**134**Star][2y] [JS] [etherdream/webscrypt](https://github.com/etherdream/webscrypt) a fast and lightweight scrypt hash algorithm for browser
- [**134**Star][1m] [PHP] [edsonmedina/php_testability](https://github.com/edsonmedina/php_testability) Analyses and reports testability issues of a php codebase
- [**134**Star][2y] [Py] [comsecuris/ida_strcluster](https://github.com/comsecuris/ida_strcluster) extending IDA's string navigation capabilities
- [**134**Star][2y] [Py] [carlosgprado/jarvis](https://github.com/carlosgprado/jarvis) "Just Another ReVersIng Suite" or whatever other bullshit you can think of
    - [IDA插件](https://github.com/carlosgprado/jarvis/tree/master/IDAPlugin) 
    - [PinTracer](https://github.com/carlosgprado/jarvis/tree/master/PinTracer) 
- [**134**Star][2m] [Py] [blacktop/malice](https://github.com/blacktop/malice) VirusTotal Wanna Be
- [**134**Star][3y] [Py] [bharshbarger/autosint](https://github.com/bharshbarger/autosint) Tool to automate common OSINT tasks
- [**134**Star][3m] [Go] [benjojo/dos_ssh](https://github.com/benjojo/dos_ssh) Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
- [**134**Star][5m] [Py] [benjeems/packetstrider](https://github.com/benjeems/packetstrider) A network packet forensics tool for SSH
- [**134**Star][14d] [Py] [axt/angr-utils](https://github.com/axt/angr-utils) Handy utilities for the angr binary analysis framework, most notably CFG visualization
- [**134**Star][2y] [C#] [anthemtotheego/sharpsploitconsole](https://github.com/anthemtotheego/sharpsploitconsole) 
- [**134**Star][10d] [Py] [andrewhilts/snifflab](https://github.com/andrewhilts/snifflab) Scripts to create your own MITM'ing, packet sniffing WiFi access point
- [**134**Star][2y] [Py] [0x09al/dropboxc2c](https://github.com/0x09al/dropboxc2c) DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.
- [**133**Star][6m] [Py] [kingname/sourcecodeofbook](https://github.com/kingname/sourcecodeofbook) 《Python爬虫开发 从入门到实战》配套源代码。
- [**133**Star][4m] [C++] [alexhude/peculiarlog](https://github.com/alexhude/peculiarlog) Lightweight log filtering tool supporting regular expressions and instant (as-you-type) results.
- [**133**Star][1m] [Py] [dev-techmoe/python-dcdownloader](https://github.com/dev-techmoe/python-dcdownloader) 由Python编写的全异步实现的动漫之家(dmzj)漫画批量下载器（爬虫）
- [**133**Star][2m] [C] [dyne/dowse](https://github.com/dyne/dowse) The Awareness Hub for the Internet of Things
- [**133**Star][11d] [Py] [splitline/phpfuck](https://github.com/splitline/phpfuck) PHPFuck: ([+.^]) / Using only 7 different characters to write and execute php.
- [**133**Star][1m] [whid-injector/awesome-go-offensive-tools](https://github.com/whid-injector/awesome-go-offensive-tools) List of Awesome Offensive Tools written in GO
- [**133**Star][12d] [Vim script] [logico/typewriter](https://github.com/logico/typewriter) An iA Writer inspired color scheme. It has support for vim, vim airline, vim lightline, tmux and urxvt/xterm.
- [**133**Star][3y] [C] [airbus-seclab/ramooflax](https://github.com/airbus-seclab/ramooflax) a bare metal (type 1) VMM (hypervisor) with a python remote control API
- [**133**Star][3m] [ActionScript] [wordpress/secure-swfupload](https://github.com/wordpress/secure-swfupload) A fork of the long-abandoned SWFUpload project, maintained by WordPress and others to ensure that a secure version of SWFUpload exists. Report security vulnerabilities to swfupload-security@wordpress.org.
- [**133**Star][6m] [Py] [wangyihang/exploit-framework](https://github.com/wangyihang/exploit-framework) 
- [**133**Star][2m] [Py] [urule99/jsunpack-n](https://github.com/urule99/jsunpack-n) Automatically exported from code.google.com/p/jsunpack-n
- [**133**Star][10d] [CSS] [tox/tox.chat](https://github.com/tox/tox.chat) The Tox Project's official website
- [**133**Star][13d] [Py] [teamhg-memex/aquarium](https://github.com/teamhg-memex/aquarium) Splash + HAProxy + Docker Compose
- [**133**Star][10d] [Py] [t0thkr1s/revshellgen](https://github.com/t0thkr1s/revshellgen) Reverse shell generator written in Python 3.
- [**133**Star][2y] [Py] [soledad208/cve-2018-10933](https://github.com/soledad208/cve-2018-10933) CVE-2018-10933 very simple POC
- [**133**Star][1m] [C] [saurik/mempodroid](https://github.com/saurik/mempodroid) 
- [**133**Star][1m] [Shell] [peterjaric/archaeologit](https://github.com/peterjaric/archaeologit) 扫描GitHub repo的历史, 按指定模式查找敏感信息, 例如用户名密码
- [**133**Star][5m] [PS] [netspi/powershell](https://github.com/netspi/powershell) NetSPI PowerShell Scripts
- [**133**Star][9m] [Py] [mvelazc0/oriana](https://github.com/mvelazc0/oriana) Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
- [**133**Star][1y] [Py] [mschwager/0wned](https://github.com/mschwager/0wned) Code execution via Python package installation.
- [**133**Star][15d] [mitre/brawl-public-game-001](https://github.com/mitre/brawl-public-game-001) Data from a BRAWL Automated Adversary Emulation Exercise
- [**133**Star][1m] [OCaml] [mirage/qubes-mirage-firewall](https://github.com/mirage/qubes-mirage-firewall) A Mirage firewall VM for QubesOS
- [**133**Star][5y] [Eagle] [mharizanov/esp8266_relay_board](https://github.com/mharizanov/esp8266_relay_board) Three Channel WiFi Relay/Thermostat Board
- [**133**Star][5m] [C++] [luis-hebendanz/0pack](https://github.com/luis-hebendanz/0pack) A novel technique to hide code from debuggers
- [**133**Star][4m] [Java] [kyhsgeekcode/android-disassembler](https://github.com/kyhsgeekcode/android-disassembler) Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱
- [**133**Star][13d] [TS] [kwonoj/rx-sandbox](https://github.com/kwonoj/rx-sandbox) Marble diagram DSL based test suite for RxJS 6
- [**133**Star][3y] [Swift] [kidneyband/potatso-ios](https://github.com/kidneyband/potatso-ios) Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework in iOS 9.
- [**133**Star][2m] [C] [jnider/delinker](https://github.com/jnider/delinker) Unlinks a binary executable to get back a set of .o object files for further transformation and re-linking.
- [**133**Star][12d] [Shell] [jgamblin/quickinstall](https://github.com/jgamblin/quickinstall) A Shell Script To Take Care Of Ubuntu Basics
- [**133**Star][12d] [C] [ionescu007/hdk](https://github.com/ionescu007/hdk) (unofficial) Hyper-V® Development Kit
- [**133**Star][3m] [JS] [gmarty/jssms](https://github.com/gmarty/jssms) JavaScript Sega Master System & Game Gear dynamic recompiling emulator.
- [**133**Star][17d] [gfwlist/tinylist](https://github.com/gfwlist/tinylist) Tiny version of gfwlist, focusing on common websites ONLY
- [**133**Star][15d] [Go] [evilsocket/dirsearch](https://github.com/evilsocket/dirsearch) A Go implementation of dirsearch.
- [**133**Star][11d] [Py] [dragon2fly/vpngate-with-proxy](https://github.com/dragon2fly/vpngate-with-proxy) vpn gate client for linux, be able to connect to open vpn server through proxy
- [**133**Star][2y] [Py] [deepzec/grok-backdoor](https://github.com/deepzec/grok-backdoor) Simple python backdoor with Ngrok tunnel support
- [**133**Star][3m] [Py] [darkarnium/secpub](https://github.com/darkarnium/secpub) Published security vulnerabilities, research, and associated information.
- [**133**Star][4y] [Py] [caijiji/vulscritp](https://github.com/caijiji/vulscritp) 内网渗透脚本
- [**133**Star][4m] [PS] [borntoberoot/powershell_ipv4networkscanner](https://github.com/borntoberoot/powershell_ipv4networkscanner) Powerful asynchronus IPv4 Network Scanner for PowerShell
- [**133**Star][16d] [Py] [apperian/ios-checkipa](https://github.com/apperian/ios-checkipa) Scans an IPA file and parses its Info.plist and embedded.mobileprovision files. Performs checks of expected key/value relationships and displays the results.
- [**133**Star][11d] [ajvb/awesome-tor](https://github.com/ajvb/awesome-tor) A list of awesome Tor related projects, articles, papers, etc
- [**132**Star][3m] [euphrat1ca/cve-2020-0618](https://github.com/euphrat1ca/cve-2020-0618) SQL Server Reporting Services(CVE-2020-0618)中的RCE
- [**132**Star][2y] [Java] [tihomcode/tihom-security](https://github.com/tihomcode/tihom-security) 基于SpringBoot+SpringSecurity+SpringSocial+JWT等的第三方登录(微信QQ)和安全认证框架
- [**132**Star][21d] [C] [hc0d3r/tas](https://github.com/hc0d3r/tas) A tiny framework for easily manipulate the tty and create fake binaries.
- [**132**Star][3m] [HTML] [ookangzheng/blahdns](https://github.com/ookangzheng/blahdns) A small hobby ads block dns project with doh, dot, dnscrypt support.
- [**132**Star][8d] [Py] [project-alice-assistant/projectalice](https://github.com/project-alice-assistant/projectalice) Main repository of Project Alice, contains main unit source code
- [**132**Star][1m] [C++] [lincolnhard/openpose-darknet](https://github.com/lincolnhard/openpose-darknet) Openpose implementation using darknet
- [**132**Star][13d] [Go] [bechurch/reverse-proxy-demo](https://github.com/bechurch/reverse-proxy-demo) 
- [**132**Star][1m] [JS] [oyyd/encryptsocks](https://github.com/oyyd/encryptsocks) Encrypt your socks transmission.
- [**132**Star][8d] [Py] [w-digital-scanner/w12scan-client](https://github.com/w-digital-scanner/w12scan-client) 网络资产搜索发现引擎，w12scan 扫描端程序
- [**132**Star][5m] [C++] [zencashofficial/zen_archived](https://github.com/zencashofficial/zen_archived) TLS integration and more!
- [**132**Star][2m] [Py] [tensorflow/tensorboard-plugin-example](https://github.com/tensorflow/tensorboard-plugin-example) 
- [**132**Star][1m] [C] [regehr/ub-canaries](https://github.com/regehr/ub-canaries) collection of C/C++ programs that try to get compilers to exploit undefined behavior
- [**132**Star][15d] [C] [rednaga/native-shim](https://github.com/rednaga/native-shim) A "shim" for loading native jni files for Android active debugging
- [**132**Star][17d] [C#] [padovah4ck/cve-2019-1253](https://github.com/padovah4ck/cve-2019-1253) Poc for CVE-2019-1253
- [**132**Star][16d] [Shell] [oktasecuritylabs/passprotect-js](https://github.com/oktasecuritylabs/passprotect-js) A simple JavaScript library to help you protect your users' passwords
- [**132**Star][8m] [C#] [nyan-x-cat/lime-crypter](https://github.com/nyan-x-cat/lime-crypter) Simple obfuscation tool
- [**132**Star][22d] [C++] [nospaceships/node-raw-socket](https://github.com/nospaceships/node-raw-socket) Raw sockets for Node.js.
- [**132**Star][16d] [Visual Basic] [mwsrc/njrat](https://github.com/mwsrc/njrat) njRAT SRC Extract
- [**132**Star][1y] [C++] [mq1n/nomercy](https://github.com/mq1n/nomercy) Open source anti cheat
- [**132**Star][3y] [mandatoryprogrammer/russiadnsleak](https://github.com/mandatoryprogrammer/russiadnsleak) Summary and archives of leaked Russian TLD DNS data
- [**132**Star][4m] [PHP] [malwares/exploitkit](https://github.com/malwares/exploitkit) Exploitkit
- [**132**Star][2y] [C++] [m0n0ph1/iat-hooking-revisited](https://github.com/m0n0ph1/iat-hooking-revisited) Import address table (IAT) hooking is a well documented technique for intercepting calls to imported functions.
- [**132**Star][10d] [HTML] [b1ueb0ne/kali-tools-zh](https://github.com/B1ueB0ne/kali-tools-zh) 
- [**132**Star][2y] [PS] [itm4n/ikeext-privesc](https://github.com/itm4n/ikeext-privesc) Windows IKEEXT DLL Hijacking Exploit Tool
- [**132**Star][3y] [C++] [ioactive/i-know-where-your-page-lives](https://github.com/ioactive/i-know-where-your-page-lives) I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016
- [**132**Star][10d] [Perl] [infoslack/sec-tools](https://github.com/infoslack/sec-tools) Docker images for infosec tools
- [**132**Star][10d] [Dockerfile] [harvard-itsecurity/docker-misp](https://github.com/harvard-itsecurity/docker-misp) Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
- [**132**Star][1m] [Lua] [glennzw/shodan-hq-nse](https://github.com/glennzw/shodan-hq-nse) Shodan HQ nmap plugin - passively scan targets
- [**132**Star][1m] [C++] [floodyberry/ed25519-donna](https://github.com/floodyberry/ed25519-donna) Implementations of a fast Elliptic-curve Digital Signature Algorithm
- [**132**Star][25d] [Py] [erdiaker/torrequest](https://github.com/erdiaker/torrequest) Simple Python interface for HTTP(s) requests over Tor
- [**132**Star][4m] [C++] [detexploit/detexploit](https://github.com/detexploit/detexploit) OSS Vulnerability Scanner for Windows Platform
- [**132**Star][16d] [JS] [danielstjules/blankshield](https://github.com/danielstjules/blankshield) Prevent reverse tabnabbing phishing attacks caused by _blank
- [**132**Star][12d] [Go] [cyberark/secretless-broker](https://github.com/cyberark/secretless-broker) Secure your apps by making them Secretless
- [**132**Star][4y] [C] [ctxis/rdp-replay](https://github.com/ctxis/rdp-replay) Replay RDP traffic from PCAP
- [**132**Star][3y] [Py] [chrisrimondi/vulntoes](https://github.com/chrisrimondi/vulntoes) Vulnerability Data in ES
- [**132**Star][4m] [C] [celesteblue-dev/psvita-re-tools](https://github.com/celesteblue-dev/psvita-re-tools) A bundle of RE tools for analyzing and modding PSVita OS
- [**132**Star][12d] [JS] [antojoseph/diff-gui](https://github.com/antojoseph/diff-gui) GUI for Frida -Scripts
- [**132**Star][5m] [Py] [andrewaeva/dga](https://github.com/andrewaeva/dga) The repository that contains the algorithms for generating domain names, dictionaries of malicious domain names. Developed to research the possibility of applying machine learning and neural networks to detect and classify malicious domains.
- [**132**Star][5m] [Java] [aaronjwood/portauthority](https://github.com/aaronjwood/portauthority) A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.
- [**131**Star][1m] [Shell] [iamckn/backdoors](https://github.com/iamckn/backdoors) Simple linux backdoors and hiding techniques
- [**131**Star][13d] [C#] [microsoft/vssetup.powershell](https://github.com/microsoft/vssetup.powershell) PowerShell module to interact with Visual Studio Setup
- [**131**Star][3m] [pafnuty/onlineconsultantblocker](https://github.com/pafnuty/onlineconsultantblocker) hosts-файл для блокировки онлайн-консультантов и виджетов обратного звонка
- [**131**Star][6m] [JS] [lidong1665/wx_ble](https://github.com/lidong1665/wx_ble) 微信小程序 蓝牙实现
- [**131**Star][14d] [PHP] [walkor/php-socks5](https://github.com/walkor/php-socks5) socks5 proxy written in PHP based on workerman.
- [**131**Star][10m] [okturtles/blockchainid](https://github.com/okturtles/blockchainid) Decentralized alternative to Facebook Login and OpenID
- [**131**Star][5y] [Py] [ricterz/websocket-injection](https://github.com/ricterz/websocket-injection) WebSocket 中转注入工具
- [**131**Star][15d] [Py] [mazen160/jwt-pwn](https://github.com/mazen160/jwt-pwn) Security Testing Scripts for JWT
- [**131**Star][2m] [PHP] [breach-tw/breach.tw](https://github.com/breach-tw/breach.tw) A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
- [**131**Star][2y] [C#] [xenocoderce/noisette-obfuscator](https://github.com/xenocoderce/noisette-obfuscator) An Obfuscator for .NET assembly
- [**131**Star][9d] [Py] [xajkep/wordlists](https://github.com/xajkep/wordlists) Infosec Wordlists
- [**131**Star][2y] [wpscanteam/wpscan-v3](https://github.com/wpscanteam/wpscan-v3) THIS REPOSITORY HAS BEEN MOVED TO
- [**131**Star][21d] [HTML] [theori-io/chakra-2016-11](https://github.com/theori-io/chakra-2016-11) Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)
- [**131**Star][4m] [C] [smealum/ninjhax](https://github.com/smealum/ninjhax) 3ds homebrew-enabling exploit for 4.0-9.2
- [**131**Star][4y] [HTML] [skylined/localnetworkscanner](https://github.com/skylined/localnetworkscanner) PoC Javascript that scans your local network when you open a webpage
- [**131**Star][8m] [Py] [shellster/ldapper](https://github.com/shellster/ldapper) AD LDAP Command Line Searching that doesn't suck.
- [**131**Star][16d] [CSS] [shellntel/vcr](https://github.com/shellntel/vcr) Vulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.
- [**131**Star][12m] [C++] [saaramar/deterministic_lfh](https://github.com/saaramar/deterministic_lfh) Have fun with the LowFragmentationHeap
- [**131**Star][5m] [CSS] [redhatofficial/redhatofficial.github.io](https://github.com/redhatofficial/redhatofficial.github.io) The official Red Hat project page.
- [**131**Star][4y] [PHP] [ramadhanamizudin/wordpress-scanner](https://github.com/ramadhanamizudin/wordpress-scanner) Wordpress Vulnerability Scanner
- [**131**Star][4m] [Shell] [pssss/security-baseline](https://github.com/pssss/security-baseline) Linux/Windows 安全加固脚本
- [**131**Star][6m] [PHP] [propaganistas/laravel-fakeid](https://github.com/propaganistas/laravel-fakeid) Automatic model ID obfuscation in routes for Laravel 5
- [**131**Star][8m] [Py] [platomav/biosutilities](https://github.com/platomav/biosutilities) Various BIOS Utilities for Modding/Research
- [**131**Star][6m] [Perl] [philsmd/7z2hashcat](https://github.com/philsmd/7z2hashcat) extract information from password-protected .7z archives (and .sfx files) such that you can crack these "hashes" with hashcat
- [**131**Star][9m] [Py] [paulsec/det](https://github.com/paulsec/det) (extensible) Data Exfiltration Toolkit (DET)
- [**131**Star][28d] [Java] [openzipkin/brave-webmvc-example](https://github.com/openzipkin/brave-webmvc-example) See how much time Spring services spend on an http request. — Edit
- [**131**Star][2m] [Py] [manifoldai/docker-cookiecutter-data-science](https://github.com/manifoldai/docker-cookiecutter-data-science) A fork of the cookiecutter-data-science leveraging Docker for local development.
- [**131**Star][3y] [MATLAB] [lts4/universal](https://github.com/lts4/universal) Universal adversarial perturbations
- [**131**Star][2y] [Py] [leezj9671/socialdb_vue_flask](https://github.com/leezj9671/socialdb_vue_flask) 一个小型的较为简陋的社工库查询系统,使用Vue.js+Flask+MongoDB.可用52g, 本人不提供任何社工库资源. A tiny social engineering database system, including backend and frontend.
- [**131**Star][23d] [HTML] [jlleitschuh/zoom_vulnerability_poc](https://github.com/jlleitschuh/zoom_vulnerability_poc) 
- [**131**Star][2y] [PHP] [hcamael/ctf_repo](https://github.com/hcamael/ctf_repo) 
- [**131**Star][1y] [C++] [gossip-sjtu/tripledoggy](https://github.com/gossip-sjtu/tripledoggy) 基于clang static analyzer的源码漏洞检测插件
- [**131**Star][6y] [Java] [fuzion24/androidziparbitrage](https://github.com/fuzion24/androidziparbitrage) Exploit for Android Zip bugs: 8219321, 9695860, and 9950697
- [**131**Star][3y] [Py] [friedappleteam/frapl](https://github.com/friedappleteam/frapl) a reverse engineering framework created to simplify dynamic instrumentation with Frida
    - [IDA插件](https://github.com/FriedAppleTeam/FRAPL/tree/master/Framework/FridaLink) 
    - [Frida脚本](https://github.com/FriedAppleTeam/FRAPL/tree/master/Framework/FRAPL) 
- [**131**Star][28d] [Py] [fireeye/flare-dbg](https://github.com/fireeye/flare-dbg) to aid malware reverse engineers in rapidly developing debugger scripts.
- [**131**Star][12m] [Go] [empijei/wapty](https://github.com/empijei/wapty) Go语言编写的Burp的替代品。（已不再维护）
- [**131**Star][1y] [PHP] [damianofalcioni/ip-biter](https://github.com/damianofalcioni/ip-biter) The Hacker-friendly E-Mail (but not only) Tracking Framework
- [**131**Star][10d] [Py] [coldcard/firmware](https://github.com/coldcard/firmware) 
- [**131**Star][4m] [HCL] [cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms](https://github.com/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms) Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.
- [**131**Star][2y] [Py] [cisco-talos/bass](https://github.com/cisco-talos/bass) a framework designed to automatically generate antivirus signatures from samples belonging to previously generated malware clusters
- [**131**Star][2m] [Shell] [chrisfosterelli/dockerrootplease](https://github.com/chrisfosterelli/dockerrootplease) Gives you root on the hostOS, if you're a member of the 'docker' group.
- [**131**Star][9m] [C] [changeofpace/overwatch-dump-fix](https://github.com/changeofpace/overwatch-dump-fix) x64dbg plugin which removes anti-dumping and obfuscation techniques from the popular FPS game Overwatch.
- [**131**Star][12d] [C++] [binspector/binspector](https://github.com/binspector/binspector) A binary format analysis tool
- [**131**Star][4m] [JS] [baronpan/sysmonhunter](https://github.com/baronpan/sysmonhunter) An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
- [**131**Star][13d] [HTML] [b-mueller/smashing-smart-contracts](https://github.com/b-mueller/smashing-smart-contracts) (HITBSecConf 2018)smashing smart contracts
- [**131**Star][12d] [Py] [ashleysommer/sanic-cors](https://github.com/ashleysommer/sanic-cors) A Sanic extension for handling Cross Origin Resource Sharing (CORS), making cross-origin AJAX possible. Based on flask-cors by Cory Dolphin.
- [**131**Star][3y] [PHP] [anssi-fr/ad-permissions](https://github.com/anssi-fr/ad-permissions) Active Directory permissions (ACL/ACE) auditing tools
- [**131**Star][10d] [Java] [androidthings/sample-bluetooth-le-gattserver](https://github.com/androidthings/sample-bluetooth-le-gattserver) Build a Bluetooth GATT server with Android Things
- [**131**Star][11m] [C] [abhishekkr/n00brat](https://github.com/abhishekkr/n00brat) Remote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service
- [**130**Star][10d] [Py] [elvisyjlin/media-scraper](https://github.com/elvisyjlin/media-scraper) Scrapes all photos and videos in a web page / Instagram / Twitter / Tumblr / Reddit / pixiv / TikTok
- [**130**Star][17d] [JS] [manrajgrover/algorithms-js](https://github.com/manrajgrover/algorithms-js) Consumable Data Structures and Algorithms library in JavaScript
- [**130**Star][4m] [Java] [maxpoon/data-structure-and-algorithms](https://github.com/maxpoon/data-structure-and-algorithms) Every thing related to data structure and algorithms.
- [**130**Star][4m] [Batchfile] [watzon/wsl-proxy](https://github.com/watzon/wsl-proxy) WSL proxy files for editor/linux interop
- [**130**Star][1m] [Shell] [pschmitt/pia-tools](https://github.com/pschmitt/pia-tools) Shell script to automate privateinternetaccess port forwarding and starting/stopping transmission when connected/disconnected and other stuff
- [**130**Star][4m] [Java] [douglasjunior/androidbluetoothlibrary](https://github.com/douglasjunior/androidbluetoothlibrary) A Library for easy implementation of Serial Bluetooth Classic and Low Energy on Android.
- [**130**Star][1m] [Go] [jcbsmpsn/golang-https-example](https://github.com/jcbsmpsn/golang-https-example) Extremely simple HTTPS client in Go, along with all the openssl commands to make certs work. Errors and solutions in the documentation.
- [**130**Star][3m] [Py] [snare/idiot](https://github.com/snare/idiot) Your best is an idiot
- [**130**Star][14d] [Py] [pagalaxylab/vxhunter](https://github.com/PAGalaxyLab/vxhunter) A ToolSet for VxWorks Based Embedded Device Analyses.
    - [R2](https://github.com/PAGalaxyLab/vxhunter/blob/master/firmware_tools/vxhunter_r2_py2.py) 
    - [IDA插件](https://github.com/PAGalaxyLab/vxhunter/blob/master/firmware_tools/vxhunter_ida.py) 
    - [Ghidra插件](https://github.com/PAGalaxyLab/vxhunter/tree/master/firmware_tools/ghidra) 
- [**130**Star][4y] [Ruby] [elastic/logstash-contrib](https://github.com/elastic/logstash-contrib) THIS REPOSITORY IS NO LONGER USED.
- [**130**Star][14d] [PS] [xor-function/fathomless](https://github.com/xor-function/fathomless) A collection of post-exploitation tools for network red teaming. (Migrating to Fathomless Project)
- [**130**Star][2y] [C#] [xiaoxiaoleo/windows_pentest_tools](https://github.com/xiaoxiaoleo/windows_pentest_tools) My pentest tools used two years ago. Part1
- [**130**Star][2y] [C++] [urshadow/stringobfuscator](https://github.com/urshadow/stringobfuscator) Compile-time string obfuscation (C++14)
- [**130**Star][1y] [Py] [stamparm/hontel](https://github.com/stamparm/hontel) Telnet Honeypot
- [**130**Star][1m] [JS] [sowdust/searchbook](https://github.com/sowdust/searchbook) A Firefox extension for executing some Graph-like searches against Facebook.
- [**130**Star][14d] [PHP] [realender/dwpa](https://github.com/realender/dwpa) Distributed WPA PSK auditor
- [**130**Star][14d] [Ruby] [rapid7/nexpose-client](https://github.com/rapid7/nexpose-client) DEPRECATED: Rapid7 Nexpose API client library written in Ruby
- [**130**Star][12m] [PHP] [radenvodka/svscanner](https://github.com/radenvodka/svscanner) SVScanner - Scanner Vulnerability And MaSsive Exploit.
- [**130**Star][1m] [Py] [brodderickrodriguez/cassowary](https://github.com/brodderickrodriguez/cassowary) A pure python implementation of the Cassowary constraint solving algorithm.
- [**130**Star][5m] [C] [projecthorus/radiosonde_auto_rx](https://github.com/projecthorus/radiosonde_auto_rx) Automatically Track Radiosonde Launches using RTLSDR
- [**130**Star][6m] [pouyadarabi/instagram_ssl_pinning](https://github.com/pouyadarabi/instagram_ssl_pinning) Bypassing SSL Pinning in Instagram Android App
- [**130**Star][1y] [OCaml] [plum-umd/redexer](https://github.com/plum-umd/redexer) The Redexer binary instrumentation framework for Dalvik bytecode
- [**130**Star][2m] [TS] [phiresky/nmap-log-parse](https://github.com/phiresky/nmap-log-parse) Logs which devices are in your local network and draws graphs
- [**130**Star][13d] [Go] [panjf2000/goproxy](https://github.com/panjf2000/goproxy) 
- [**130**Star][2y] [Go] [netxfly/xsec-traffic](https://github.com/netxfly/xsec-traffic) 恶意流量分析程序
- [**130**Star][4m] [Shell] [moreseclab/ddg_malware_clean_tool](https://github.com/moreseclab/ddg_malware_clean_tool) Watchdogs 、kthrotlds 挖矿蠕虫清理脚本。
- [**130**Star][4m] [C++] [monoxgas/flyingafalseflag](https://github.com/monoxgas/flyingafalseflag) Slides and Code for the BHUSA 2019 talk: Flying a False Flag
- [**130**Star][1m] [TeX] [maxking/linux-vulnerabilities-10-years](https://github.com/maxking/linux-vulnerabilities-10-years) My MS thesis on survey of a decade fo Linux Kernel CVEs, their categories and various mitigations that exist.
- [**130**Star][1m] [PHP] [lietdai/doom](https://github.com/lietdai/doom) DOOM是在thorn上实现的分布式任务分发的ip端口漏洞扫描器
- [**130**Star][1m] [Py] [leastauthority/ethereum-analyses](https://github.com/leastauthority/ethereum-analyses) 
- [**130**Star][4m] [klionsec/mitre-att-ck-cn](https://github.com/klionsec/mitre-att-ck-cn) MITRE | ATT&CK-CN 中文站 中的所有原图下载 ,
- [**130**Star][9d] [Py] [jamesjgoodwin/wreckuests](https://github.com/jamesjgoodwin/wreckuests) Wreckuests — yet another one hard-hitting tool to run DDoS atacks with HTTP-flood
- [**130**Star][10d] [PHP] [io-developer/php-whois](https://github.com/io-developer/php-whois) PHP WHOIS provides parsed and raw whois lookup of domains and ASN routes. PHP 5.4+ and 7+ compatible
- [**130**Star][21d] [Rust] [indutny/dumb-crypto](https://github.com/indutny/dumb-crypto) Dumb, but easily verifiable implementations of crypto algorithms
- [**130**Star][2y] [PHP] [incredibleindishell/sqlite-lab](https://github.com/incredibleindishell/sqlite-lab) This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
- [**130**Star][11d] [C] [hydrabus/hydrafw](https://github.com/hydrabus/hydrafw) HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
- [**130**Star][2y] [C] [hfiref0x/zeroaccess](https://github.com/hfiref0x/zeroaccess) ZeroAccess v3 toolkit
- [**130**Star][1m] [C++] [gitmirar/meltdown-poc](https://github.com/gitmirar/meltdown-poc) A PoC implementation of the meltdown attack described in
- [**130**Star][1y] [Ruby] [firefart/wordpresspingbackportscanner](https://github.com/firefart/wordpresspingbackportscanner) WordpressPingbackPortScanner
- [**130**Star][2m] [Go] [eaglexiang/eagle.tunnel.go](https://github.com/eaglexiang/eagle.tunnel.go) 稳定的代理工具，比.NET版本更轻量和易用
- [**130**Star][17d] [Perl] [dave-theunsub/clamtk](https://github.com/dave-theunsub/clamtk) An easy to use, light-weight, on-demand virus scanner for Linux systems
- [**130**Star][1y] [Py] [chg-hou/enmicromsg.db-password-cracker](https://github.com/chg-hou/enmicromsg.db-password-cracker) Crack the password of EnMicroMsg.db with brute-force attack.
- [**130**Star][4m] [C++] [chago/advmp](https://github.com/chago/advmp) 大自然的搬运工-Android虚拟机保护Demo
- [**130**Star][12m] [Py] [c0ny1/workscripts](https://github.com/c0ny1/workscripts) 信息安全工程师工作常用脚本
- [**130**Star][1m] [Py] [bwall/bamfdetect](https://github.com/bwall/bamfdetect) Identifies and extracts information from bots and other malware
- [**130**Star][21d] [Java] [brompwnie/uitkyk](https://github.com/brompwnie/uitkyk) Android Frida库, 用于分析App查找恶意行为
- [**130**Star][10d] [Py] [brieflyx/ctf-pwns](https://github.com/brieflyx/ctf-pwns) Some pwn challenges selected for training and education.
- [**130**Star][26d] [Ruby] [benlaurie/objecthash](https://github.com/benlaurie/objecthash) A way to cryptographically hash objects (in the JSON-ish sense) that works cross-language. And, therefore, cross-encoding.
- [**130**Star][10d] [Shell] [adi1090x/hackapk](https://github.com/adi1090x/hackapk) An Advanced Tool For Complete Apk-Modding In Termux ...
- [**130**Star][4m] [CMake] [abhi-r3v0/evabs](https://github.com/abhi-r3v0/evabs) An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
- [**130**Star][6y] [Py] [0xpoly/centry](https://github.com/0xpoly/centry) Panic button for protection against cold boot attacks
- [**129**Star][3m] [Py] [random-robbie/cve-2020-0688](https://github.com/random-robbie/cve-2020-0688) cve-2020-0688
- [**129**Star][3m] [C#] [dewera/lunar](https://github.com/dewera/lunar) A lightweight native DLL mapping library that supports mapping directly from memory
- [**129**Star][5m] [C] [rodionovd/rd_route](https://github.com/rodionovd/rd_route) Function hooking for macOS
- [**129**Star][2m] [JS] [dermike/slide-beacon-app](https://github.com/dermike/slide-beacon-app) Share links from your Mac using this app to broadcast them as a Physical Web Eddystone URL bluetooth beacon or mDNS.
- [**129**Star][17d] [Py] [getway/diting](https://github.com/getway/diting) 运维面板，运维导航，统一账号平台，运维统一平台，LDAP管理平台
- [**129**Star][4m] [C] [zkwlx/adi](https://github.com/zkwlx/adi) ADI(Android Debug Intensive) 是通过 JVMTI 实现的 Android 应用开发调试的增强工具集，目前主要提供性能相关的监控能力。
- [**129**Star][10d] [JS] [dangosky/algorithm](https://github.com/dangosky/algorithm) 算法和数据结构练习（Leetcode）
- [**129**Star][3m] [Rust] [liboctavo/octavo](https://github.com/liboctavo/octavo) Highly modular & configurable hash & crypto library
- [**129**Star][10d] [Elixir] [dwyl/phoenix-ecto-encryption-example](https://github.com/dwyl/phoenix-ecto-encryption-example) 
- [**129**Star][4m] [Py] [philipodonnell/paperbroker](https://github.com/philipodonnell/paperbroker) An open source simulated options brokerage and UI for paper trading, algorithmic interfaces and backtesting.
- [**129**Star][13d] [Py] [chrismuir/zillow](https://github.com/chrismuir/zillow) Zillow Scraper for Python using Selenium
- [**129**Star][12d] [JS] [travisghansen/external-auth-server](https://github.com/travisghansen/external-auth-server) easy auth for reverse proxies
- [**129**Star][2m] [Py] [byt3bl33d3r/arpspoof](https://github.com/byt3bl33d3r/arpspoof) Python clone of arpspoof that can poison hosts via arp-requests as well as arp-replies
- [**129**Star][10d] [Py] [sleuthkit/autopsy_addon_modules](https://github.com/sleuthkit/autopsy_addon_modules) Repo to store compiled modules or links to 3rd party add-on modules.
- [**129**Star][26d] [C++] [googleprojectzero/drsancov](https://github.com/googleprojectzero/drsancov) DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
- [**129**Star][2m] [C] [stefanesser/opensource_taig](https://github.com/stefanesser/opensource_taig) Lets create an open source version of the latest TaiG jailbreak.
- [**129**Star][3m] [internetwache/ct_subdomains](https://github.com/internetwache/ct_subdomains) An hourly updated list of subdomains gathered from certificate transparency logs
- [**129**Star][7m] [Swift] [magic-akari/wannacry](https://github.com/magic-akari/wannacry) 
- [**129**Star][3m] [JS] [wisdom/regex-dos](https://github.com/Wisdom/RegEx-DoS) 
- [**129**Star][2m] [CSS] [merces/aleph](https://github.com/merces/aleph) An Open Source Malware Analysis Pipeline System
- [**129**Star][16d] [Py] [v3aqb/fwlite](https://github.com/v3aqb/fwlite) A anti-censorship HTTP proxy with builtin shadowsocks support.
- [**129**Star][2y] [C#] [ustayready/casperstager](https://github.com/ustayready/casperstager) PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
- [**129**Star][9m] [C] [unbound-tech/blockchain-crypto-mpc](https://github.com/unbound-tech/blockchain-crypto-mpc) Protecting cryptographic signing keys and seed secrets with Multi-Party Computation.
- [**129**Star][11d] [Go] [tutumcloud/ngrok](https://github.com/tutumcloud/ngrok) Introspected tunnels to localhost
- [**129**Star][3m] [Java] [turing-technician/virtualfasthook](https://github.com/turing-technician/virtualfasthook) Android application hooking tool based on FastHook + VirtualApp
- [**129**Star][4m] [Py] [tidesec/web_pwd_common_crack](https://github.com/tidesec/web_pwd_common_crack) 通用web弱口令破解脚本，旨在批量检测那些没有验证码的管理后台，可用于刷分~
- [**129**Star][16d] [JS] [thepacketgeek/cloud-pcap](https://github.com/thepacketgeek/cloud-pcap) Web PCAP storage and analytics
- [**129**Star][4m] [Py] [thekingofduck/mysqlmonitor](https://github.com/thekingofduck/mysqlmonitor) MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具)
- [**129**Star][2y] [C] [smeso/mtpwn](https://github.com/smeso/mtpwn) PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
- [**129**Star][11d] [JS] [salesforce/secure-filters](https://github.com/salesforce/secure-filters) Anti-XSS Security Filters for EJS and More
- [**129**Star][1y] [C++] [s3team/vmhunt](https://github.com/s3team/vmhunt) Extraction and Simplification of Virtualized Binary Code
- [**129**Star][10d] [C] [rmind/npf](https://github.com/rmind/npf) packet filter with stateful inspection, NAT, IP sets, etc.
- [**129**Star][22d] [PS] [dsccommunity/xwebadministration](https://github.com/dsccommunity/xWebAdministration) This module contains DSC resources for deploying and configuring web servers and related components.
- [**129**Star][4m] [C++] [mactec0/kernelmode-manual-mapping-through-iat](https://github.com/mactec0/kernelmode-manual-mapping-through-iat) Manual mapping without creating any threads, with rw only access
- [**129**Star][4y] [PS] [maaaaz/crackmapexecwin](https://github.com/maaaaz/crackmapexecwin) The great CrackMapExec tool compiled for Windows
- [**129**Star][4m] [C#] [lowleveldesign/process-governor](https://github.com/lowleveldesign/process-governor) This application allows you to put various limits on a Windows process.
- [**129**Star][15d] [Py] [jlospinoso/memcachedump](https://github.com/jlospinoso/memcachedump) Use your Shodan API Key to dump all the contents of exposed memcached servers.
- [**129**Star][2m] [PHP] [jamalc0m/wphunter](https://github.com/jamalc0m/wphunter) WPHunter A Wordpress Vulnerability Scanner
- [**129**Star][2m] [PHP] [ikoniaris/kippo-graph](https://github.com/ikoniaris/kippo-graph) Visualize statistics from a Kippo SSH honeypot
- [**129**Star][1m] [C] [hardenedlinux/offensive_poc](https://github.com/hardenedlinux/offensive_poc) Writing PoC for fun and educate people take security seriously;-)
- [**129**Star][3m] [Java] [florent37/rxlifecycle](https://github.com/florent37/rxlifecycle) Rx binding of stock Android Activities & Fragment Lifecycle, avoiding memory leak
- [**129**Star][15d] [Py] [ex0dus-0x/dedsploit](https://github.com/ex0dus-0x/dedsploit) Network protocol auditing framework
- [**129**Star][2y] [Py] [dviros/rat-via-telegram](https://github.com/dviros/rat-via-telegram) Windows Remote Post Breach Tool via Telegram
- [**129**Star][14d] [Go] [digineo/go-ping](https://github.com/digineo/go-ping) A simple ping library using ICMP echo requests.
- [**129**Star][19d] [Shell] [concourse/git-resource](https://github.com/concourse/git-resource) tracks commits in a branch of a Git repository
- [**129**Star][11d] [C] [b-mueller/frida-detection-demo](https://github.com/b-mueller/frida-detection-demo) Some examples for detecting frida on Android
- [**129**Star][3y] [PS] [arno0x/dnsdelivery](https://github.com/arno0x/dnsdelivery) delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.
- [**129**Star][3m] [C] [agl/ctgrind](https://github.com/agl/ctgrind) Checking that functions are constant time with Valgrind
- [**129**Star][2m] [C] [aczid/crypto1_bs](https://github.com/aczid/crypto1_bs) Bitsliced Crypto-1 brute-forcer
- [**129**Star][4m] [C++] [aappleby/metroboy](https://github.com/aappleby/metroboy) MetroBoy - A playable, circuit-level simulation of an entire Game Boy
- [**129**Star][4m] [Py] [82flex/dcrm](https://github.com/82flex/dcrm) Darwin Cydia Repo (APT) Manager - v4 redesigned in Django.
- [**128**Star][10d] [HTML] [thelinuxchoice/lockphish](https://github.com/thelinuxchoice/lockphish) Lockphish is a tool for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode
- [**128**Star][13d] [Py] [motion-planning/rrt-algorithms](https://github.com/motion-planning/rrt-algorithms) n-dimensional RRT, RRT* (RRT-Star)
- [**128**Star][13d] [C++] [song940/node-bluetooth](https://github.com/song940/node-bluetooth) 
- [**128**Star][4m] [Swift] [pureswift/bluetoothlinux](https://github.com/pureswift/bluetoothlinux) Pure Swift Linux Bluetooth Stack
- [**128**Star][17d] [Go] [2young2simple/yispider](https://github.com/2young2simple/yispider) 一款分布式爬虫平台，帮助你更好的管理和开发爬虫。 内置一套爬虫定义规则（模版），可使用模版快速定义爬虫，也可当作框架手动开发爬虫。(兴趣使然的项目，用的不爽了就更新)
- [**128**Star][16d] [JS] [jasonnor/th-music-video-generator](https://github.com/jasonnor/th-music-video-generator) Touhou Project random music video generator/player, crawling image and video from websites to generate MV.
- [**128**Star][2m] [l3m0n/webfuzzattack](https://github.com/l3m0n/webfuzzattack) web模糊测试 - 将漏洞可能性放大
- [**128**Star][27d] [Py] [sektioneins/sandbox_toolkit](https://github.com/sektioneins/sandbox_toolkit) Toolkit for binary iOS / OS X sandbox profiles
- [**128**Star][15d] [Assembly] [osirislab/shellcode](https://github.com/osirislab/Shellcode) a repository of Shellcode written by students in NYU-Polytechnic's ISIS lab.
- [**128**Star][1m] [C++] [lifting-bits/codereason](https://github.com/lifting-bits/codereason) Semantic Binary Code Analysis Framework
- [**128**Star][10d] [Py] [zsdlove/apkvulcheck](https://github.com/zsdlove/apkvulcheck) This is a tool to help androidcoder to check the flaws in their projects.
- [**128**Star][1m] [C] [zombiecraig/uds-server](https://github.com/zombiecraig/uds-server) CAN UDS Simulator and Fuzzer
- [**128**Star][4m] [Py] [yulin12345/sneaker-notify](https://github.com/yulin12345/sneaker-notify) Sneaker/Restock/Monitor Notify via Twitter coded in Python using Scrapy.
- [**128**Star][12d] [Assembly] [yaseng/pentest](https://github.com/yaseng/pentest) some pentest scripts & tools by yaseng@uauc.net
- [**128**Star][10d] [Py] [yarox24/attack_monitor](https://github.com/yarox24/attack_monitor) Endpoint detection & Malware analysis software
- [**128**Star][18d] [Py] [webarx-security/wpbullet](https://github.com/webarx-security/wpbullet) A static code analysis for WordPress (and PHP)
- [**128**Star][3m] [we5ter/awesome-platforms](https://github.com/we5ter/awesome-platforms) A curated list of awesome security platforms,including CTF/Security Response Center/Bug Tracker and so on.
- [**128**Star][26d] [Py] [ucsb-seclab/leakless](https://github.com/ucsb-seclab/leakless) Function redirection via ELF tricks.
- [**128**Star][1m] [C] [twelvesec/passcat](https://github.com/twelvesec/passcat) Passwords Recovery Tool
- [**128**Star][6m] [Py] [tuuunya/webpocket](https://github.com/tuuunya/webpocket) Exploit management framework
- [**128**Star][12d] [tuupola/branca-spec](https://github.com/tuupola/branca-spec) Authenticated and encrypted API tokens using modern crypto
- [**128**Star][3m] [Go] [stripe-ctf/octopus](https://github.com/stripe-ctf/octopus) Many-armed network simulator
- [**128**Star][16d] [PS] [silverhack/voyeur](https://github.com/silverhack/voyeur)  generate a fast (and pretty) Active Directory report.
- [**128**Star][11d] [Go] [segmentio/fasthash](https://github.com/segmentio/fasthash) Go package porting the standard hashing algorithms to a more efficient implementation.
- [**128**Star][13d] [Py] [rsc-dev/loophole](https://github.com/rsc-dev/loophole) Polar devices Python API and CLI.
- [**128**Star][4m] [Py] [redhuntlabs/burpsuite-asset_discover](https://github.com/redhuntlabs/burpsuite-asset_discover) Burp Suite extension to discover assets from HTTP response.
- [**128**Star][17d] [Shell] [patpadgett/corkscrew](https://github.com/patpadgett/corkscrew) Corkscrew is a tool for tunneling SSH through HTTP proxies.
- [**128**Star][1y] [Py] [niklasb/3dpwn](https://github.com/niklasb/3dpwn) VirtualBox 3D exploits & PoCs
- [**128**Star][5m] [C] [lctf/lctf2018](https://github.com/lctf/lctf2018) Source code, writeups and exps in LCTF2018.
- [**128**Star][16d] [Shell] [lavalamp-/ws-docker-community](https://github.com/lavalamp-/ws-docker-community) Web Sight Docker Deployment
- [**128**Star][13d] [Go] [istio/cni](https://github.com/istio/cni) Istio CNI to setup kubernetes pod namespaces to redirect traffic to sidecar proxy.
- [**128**Star][16d] [JS] [google/csp-evaluator](https://github.com/google/csp-evaluator) check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks
- [**128**Star][4m] [Go] [furduhlutur/yar](https://github.com/furduhlutur/yar) Yar is a tool for plunderin' organizations, users and/or repositories.
- [**128**Star][13d] [C++] [frida/frida-node](https://github.com/frida/frida-node) Frida Node.js bindings
- [**128**Star][2m] [Py] [fox-it/cryptophp](https://github.com/fox-it/cryptophp) CryptoPHP Indicators of Compromise
- [**128**Star][16d] [Pascal] [fenix01/cheatengine-library](https://github.com/fenix01/cheatengine-library) Cheat Engine Library is based on CheatEngine a debugger and coding environment particularly aimed at games, but can also be used for other purposes like debugging applications and used in schools for teaching how computers work
- [**128**Star][1m] [evilcos/python-webshell](https://github.com/evilcos/python-webshell) webshell writen in python
- [**128**Star][5m] [JS] [electrode-io/electrode-csrf-jwt](https://github.com/electrode-io/electrode-csrf-jwt) Stateless Cross-Site Request Forgery (CSRF) protection with JWT
- [**128**Star][3y] [HTML] [danladi/httppwnly](https://github.com/danladi/httppwnly) "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
- [**128**Star][12d] [Rust] [dalek-cryptography/subtle](https://github.com/dalek-cryptography/subtle) Pure-Rust traits and utilities for constant-time cryptographic implementations.
- [**128**Star][2y] [C] [cylancevulnresearch/reflectivedllrefresher](https://github.com/cylancevulnresearch/reflectivedllrefresher) Universal Unhooking
- [**128**Star][5m] [cujanovic/content-bruteforcing-wordlist](https://github.com/cujanovic/content-bruteforcing-wordlist) Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
- [**128**Star][7y] [C++] [crowdstrike/crowddetox](https://github.com/crowdstrike/crowddetox) CrowdStrike CrowdDetox Plugin for Hex-Rays，automatically removes junk code and variables from Hex-Rays function decompilation
- [**128**Star][2y] [C#] [codecracker-tools/megadumper](https://github.com/codecracker-tools/megadumper) Dump native and .NET assemblies
- [**128**Star][15d] [C++] [cheetahsec/avmdbg](https://github.com/cheetahsec/avmdbg) a lightweight debugger for android virtual machine.
- [**128**Star][9m] [Go] [bshuster-repo/logrus-logstash-hook](https://github.com/bshuster-repo/logrus-logstash-hook) 
- [**128**Star][2y] [Java] [bmax121/budhook](https://github.com/bmax121/budhook) An Android hook framework written like Xposed,based on YAHFA.
- [**128**Star][3y] [Py] [alonemonkey/antiantidebug](https://github.com/alonemonkey/antiantidebug) tweak、 lldb python for anti anti debug
- [**128**Star][3y] [HTML] [alienwithin/owasp-mth3l3m3nt-framework](https://github.com/alienwithin/owasp-mth3l3m3nt-framework) 辅助渗透测试与漏洞利用
- [**128**Star][21d] [C++] [0vercl0k/blazefox](https://github.com/0vercl0k/blazefox) Blazefox exploits for Windows 10 RS5 64-bit.
- [**128**Star][2y] [Py] [0ang3el/easycsrf](https://github.com/0ang3el/easycsrf) 
- [**127**Star][11d] [Perl] [linuxhw/hw-probe](https://github.com/linuxhw/hw-probe) Probe for hardware, check operability and find drivers
- [**127**Star][7d] [CSS] [daginatsuko/www-rpcs3](https://github.com/daginatsuko/www-rpcs3) This is a responsive website designed to house and promote the progress of RPCS3, an open-source PlayStation 3 emulator and debugger written in C++. This repository is regularly updated.
- [**127**Star][10d] [Py] [jarvis73/moving-least-squares](https://github.com/jarvis73/moving-least-squares) Implementation of three algorithms of image deformation using moving least squares.
- [**127**Star][13d] [Java] [patrickfav/bcrypt](https://github.com/patrickfav/bcrypt) A Java standalone implementation of the bcrypt password hash function. Based on the Blowfish cipher it is the default password hash algorithm for OpenBSD and other systems including some Linux distributions. Includes a CLI Tool.
- [**127**Star][30d] [Go] [chanyipiaomiao/hltool](https://github.com/chanyipiaomiao/hltool) Go 开发常用工具库, Google2步验证客户端,AES加密解密,RSA加密解密,钉钉机器人,邮件发送,JWT生成解析,Log,BoltDB操作,图片操作,json操作,struct序列化
- [**127**Star][27d] [C#] [usecodelee/encryption-algorithm](https://github.com/usecodelee/encryption-algorithm) DES、AES、Present、Extended Euclidean Algorithm、Miller-Rabin（ 常用密码学算法）推荐书籍《现代密码学趣味之旅》---彭长根
- [**127**Star][30d] [Py] [alephdata/opensanctions](https://github.com/alephdata/opensanctions) An open database of persons of interest and politically exposed persons
- [**127**Star][4m] [C#] [stulzq/httpcode.core](https://github.com/stulzq/httpcode.core) 简单、易用、高效 一个有态度的开源.Net Http请求框架!可以用制作爬虫，api请求等等。
- [**127**Star][1m] [Go] [inconshreveable/mousetrap](https://github.com/inconshreveable/mousetrap) Detect starting from Windows explorer
- [**127**Star][28d] [JS] [bakerface/wireless-tools](https://github.com/bakerface/wireless-tools) Wireless tools for Node.js
- [**127**Star][2y] [Py] [opensourcesec/forager](https://github.com/opensourcesec/Forager) Multithreaded threat Intelligence gathering built with Python3
- [**127**Star][2m] [Py] [klsecservices/bat-armor](https://github.com/klsecservices/bat-armor) Encode powershell payload into bat files
- [**127**Star][1m] [Py] [yelp/amira](https://github.com/yelp/amira) Automated Malware Incident Response & Analysis
- [**127**Star][3m] [Py] [valdikss/billgates-botnet-tracker](https://github.com/valdikss/billgates-botnet-tracker) Some tools to monitor BillGates CnC servers
- [**127**Star][2m] [Java] [thesp0nge/owasp-orizon](https://github.com/thesp0nge/owasp-orizon) Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
- [**127**Star][4m] [C#] [terribledev/hardhat](https://github.com/terribledev/hardhat) Help secure .net core apps with various HTTP headers (such as CSP's)
- [**127**Star][3y] [Py] [sparksharly/sharly](https://github.com/sparksharly/sharly) 基于HMM的web异常参数检测
- [**127**Star][13d] [C] [siguza/imobax](https://github.com/siguza/imobax) iOS Mobile Backup Extractor
- [**127**Star][2y] [Py] [rootlabs/nwatch](https://github.com/rootlabs/nwatch) a handy tool for host discovery, portscanning and operating system fingerprinting.
- [**127**Star][10d] [Py] [ring04h/dirfuzz](https://github.com/ring04h/dirfuzz) 多线程网站目录穷举扫描
- [**127**Star][12d] [C#] [retirenet/dotnet-retire](https://github.com/retirenet/dotnet-retire) Open source vulnerability scanner for .NET Core projects
- [**127**Star][4m] [Py] [rabbitmask/weblogicscanlot](https://github.com/rabbitmask/weblogicscanlot) WeblogicScanLot系列，Weblogic漏洞批量检测工具，V2.2
- [**127**Star][19d] [C] [marsyy/littl_tools](https://github.com/marsyy/littl_tools) 
- [**127**Star][18d] [Py] [mandatoryprogrammer/xsshunter_client](https://github.com/mandatoryprogrammer/xsshunter_client) Correlated injection proxy tool for XSS Hunter
- [**127**Star][20d] [Py] [malus-security/sandblaster](https://github.com/malus-security/sandblaster) Reversing the Apple sandbox
- [**127**Star][4m] [Py] [m8r0wn/activereign](https://github.com/m8r0wn/activereign) A Network Enumeration and Attack Toolset
- [**127**Star][2y] [Py] [kaniini/antissh](https://github.com/kaniini/antissh) An IRC bot which monitors for compromised embedded devices being used as proxies.
- [**127**Star][11m] [AutoIt] [jschicht/mft2csv](https://github.com/jschicht/mft2csv) Extract $MFT record info and log it to a csv file.
- [**127**Star][4y] [C] [jndok/stfusip](https://github.com/jndok/stfusip) System Integrity Protection (SIP) bypass for OSX 10.11.1 - 10.11.2 - 10.11.3
- [**127**Star][25d] [Py] [ickerwx/tcpproxy](https://github.com/ickerwx/tcpproxy) Intercepting TCP proxy to modify raw TCP streams using modules on incoming or outgoing traffic
- [**127**Star][10d] [Py] [gridsync/gridsync](https://github.com/gridsync/gridsync) Synchronize local directories with Tahoe-LAFS storage grids
- [**127**Star][4m] [C] [gl-sergei/u2f-token](https://github.com/gl-sergei/u2f-token) u2f token firmware for stm32f103 and efm32hg boards
- [**127**Star][2m] [Py] [fireeye/flare-qdb](https://github.com/fireeye/flare-qdb) Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.
- [**127**Star][5y] [C] [fi01/cve-2015-3636](https://github.com/fi01/cve-2015-3636) PoC code for 32 bit Android OS
- [**127**Star][3m] [PHP] [dragonbe/hibp](https://github.com/dragonbe/hibp) A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.
- [**127**Star][4m] [PHP] [dhayalanb/windows-php-reverse-shell](https://github.com/dhayalanb/windows-php-reverse-shell) Simple php reverse shell implemented using binary .
- [**127**Star][1m] [Py] [deroko/lldbinit](https://github.com/deroko/lldbinit) Similar implementation of .gdbinit from fG
- [**127**Star][22d] [PHP] [dermotblair/webvulscan](https://github.com/dermotblair/webvulscan) Web Application Vulnerability Scanner.
- [**127**Star][3y] [Py] [codypierce/pyemu](https://github.com/codypierce/pyemu) x86 Emulator in Python
- [**127**Star][20d] [Go] [cllunsford/aws-signing-proxy](https://github.com/cllunsford/aws-signing-proxy) Golang http proxy to transparently sign requests to AWS endpoints
- [**127**Star][8d] [Py] [anon-exploiter/suid3num](https://github.com/anon-exploiter/suid3num) A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
- [**127**Star][12d] [Java] [5up3rc/weblogic_cmd](https://github.com/5up3rc/weblogic_cmd) weblogic t3 deserialization rce
- [**126**Star][8m] [C#] [wbglil/iis_backdoor](https://github.com/wbglil/iis_backdoor) backdoor
- [**126**Star][10d] [Py] [entynetproject/mouse](https://github.com/entynetproject/mouse) Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command executio…
- [**126**Star][1m] [C] [tidyjiang8/esp32-projects](https://github.com/tidyjiang8/esp32-projects) ESP32 好玩、有趣、实用的项目
- [**126**Star][4m] [Py] [zkeeer/ipproxy](https://github.com/zkeeer/ipproxy) 爬虫所需要的IP代理，抓取九个网站的代理IP检测/清洗/入库/更新，添加调用接口
- [**126**Star][1y] [Swift] [devaukz/macho-explorer](https://github.com/devaukz/macho-explorer) A graphical Mach-O viewer for macOS. Powered by Mach-O Kit.
- [**126**Star][5m] [Py] [moranzcw/zhihu-spider](https://github.com/moranzcw/zhihu-spider) 一个获取知乎用户主页信息的多线程Python爬虫程序。
- [**126**Star][14d] [Java] [c0ny1/captcha-killer](https://github.com/c0ny1/captcha-killer) burp验证码识别接口调用插件
- [**126**Star][13d] [Java] [bighuang624/algorithms-notes](https://github.com/bighuang624/algorithms-notes) 《算法（第4版）》笔记及代码 | 《Algorithms(Fourth Edition)》notes & code
- [**126**Star][11d] [Py] [fuzzywalls/ghidra_scripts](https://github.com/fuzzywalls/ghidra_scripts) Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well.
- [**126**Star][1m] [C] [trustedsec/pivoter](https://github.com/trustedsec/pivoter) Pivoter is a proxy tool for pentesters to have easier lateral movement.
- [**126**Star][10d] [Py] [landgrey/taoman](https://github.com/landgrey/taoman) 快速收集
- [**126**Star][18d] [Shell] [fox-it/linux-luks-tpm-boot](https://github.com/fox-it/linux-luks-tpm-boot) A guide for setting up LUKS boot with a key from TPM in Linux
- [**126**Star][4m] [C] [jollheef/lpe](https://github.com/jollheef/lpe) collection of verified Linux kernel exploits
- [**126**Star][11d] [Shell] [cyb0r9/winspy](https://github.com/Cyb0r9/winspy) WinSpy a Windows reverse shell Backdoor creator with an Automatic IP Poisener
- [**126**Star][2y] [zonksec/persistence-aggressor-script](https://github.com/zonksec/persistence-aggressor-script) initial commit
- [**126**Star][4m] [Java] [zjlywjh001/phrackctf-platform-personal](https://github.com/zjlywjh001/phrackctf-platform-personal) CTF platfrom developed by Jarvis from Phrack Team. 做一个功能最全的CTF平台。
- [**126**Star][2y] [Py] [wossl33/wossl](https://github.com/wossl33/wossl) OpenSSL对称算法、哈希校验、非对称算法、证书管理、SSL安全
- [**126**Star][4m] [Shell] [wicg/ua-client-hints](https://github.com/wicg/ua-client-hints) Wouldn't it be nice if `User-Agent` was a (set of) client hints?
- [**126**Star][3y] [JS] [vtky/swizzler2](https://github.com/vtky/swizzler2) Swizzler2 - Hacking iOS applications
- [**126**Star][11d] [Py] [riverloopsec/tumblerf](https://github.com/riverloopsec/tumblerf) a unified fuzzing framework for low-level RF and HW protocol/PHY/MAC analysis
- [**126**Star][2y] [Py] [pyn3rd/cve-2018-3245](https://github.com/pyn3rd/cve-2018-3245) CVE-2018-3245-PoC
- [**126**Star][4y] [Java] [pwntester/jre8u20_rce_gadget](https://github.com/pwntester/jre8u20_rce_gadget) JRE8u20_RCE_Gadget
- [**126**Star][13d] [Roff] [pcengines/apu2-documentation](https://github.com/pcengines/apu2-documentation) Documentation and scripts for building and adjusting PC Engines APU2 firmware
- [**126**Star][12d] [Py] [orange-cyberdefense/fenrir-ocd](https://github.com/orange-cyberdefense/fenrir-ocd) 
- [**126**Star][5m] [C++] [omenscan/achoir](https://github.com/omenscan/achoir) Windows Live Artifacts Acquisition Script
- [**126**Star][19d] [C#] [mr-un1k0d3r/minidump](https://github.com/mr-un1k0d3r/minidump) alternative to procdump
- [**126**Star][3y] [malwares/dangerouszone](https://github.com/malwares/dangerouszone) Dangerous Malwares
- [**126**Star][15d] [Py] [lubosson/webinfo-crawler](https://github.com/lubosson/webinfo-crawler) 企业信息爬虫，关键字爬取公司信息
- [**126**Star][19d] [Py] [lambdaconcept/minerva](https://github.com/lambdaconcept/minerva) A 32-bit RISC-V soft processor
- [**126**Star][11d] [Shell] [konstruktoid/ansible-role-hardening](https://github.com/konstruktoid/ansible-role-hardening) Ansible role to apply a security baseline. Systemd edition.
- [**126**Star][1m] [Assembly] [koenkivits/nesnes](https://github.com/koenkivits/nesnes) New EcmaScript NES emulator
- [**126**Star][9m] [k0rz3n/googlehacking-page](https://github.com/k0rz3n/googlehacking-page) This is a summary of my study and use of Google hacking. I hope I can share it with you. If you like, please give me a star or fork it, thank you.
- [**126**Star][5y] [Py] [jakecooper/oneplustwobot](https://github.com/jakecooper/oneplustwobot) A series of exploits used to jump the OnePlus reservation queue.
- [**126**Star][13d] [Py] [ikotler/hackersh](https://github.com/ikotler/hackersh) A free and open source command-line shell and scripting language designed especially for security testing
- [**126**Star][5m] [Py] [highmeh/pentest_scripts](https://github.com/highmeh/pentest_scripts) penetration testing scripts
- [**126**Star][2m] [C++] [greatscottgadgets/gr-bluetooth](https://github.com/greatscottgadgets/gr-bluetooth) A Bluetooth receiver implementation for GNU Radio
- [**126**Star][3y] [C++] [gpoulios/ropinjector](https://github.com/gpoulios/ropinjector) Patching ROP-encoded shellcodes into PEs
- [**126**Star][8d] [C++] [ez8-co/yapi](https://github.com/ez8-co/yapi) fusion injector that reduce differences between x64, wow64 and x86 processes
- [**126**Star][17d] [Lua] [exploitagency/github-proxmark3-standalone-lf-emulator](https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator) Pre-compiled proxmark3 firmware with LF standalone emulation and LF standalone cloning also included is a version of proxbrute ported to latest code with a CDC bootloader and Iceman's Fork as well as Easy Flasher tool
- [**126**Star][11m] [Py] [davidjacobson/safetext](https://github.com/davidjacobson/safetext) Script to remove homoglyphs and zero-width characters to allow for safe distribution of documents from anonymous sources.
- [**126**Star][5y] [C++] [critters/twang](https://github.com/critters/twang) Arduino-based 1D dungeon crawler
- [**126**Star][2y] [C] [coolervoid/mosca](https://github.com/coolervoid/mosca) Manual search tool to find bugs like a grep unix command - Beta
- [**126**Star][10d] [cloudsec/research](https://github.com/cloudsec/research) the core papers i researched about kernel security.
- [**126**Star][1m] [Py] [blazeinfosec/pcrappyfuzzer](https://github.com/blazeinfosec/pcrappyfuzzer) Script to perform quick 'n dirty fuzzing of PCAPs with radamsa and Scapy.
- [**126**Star][8m] [Zeek] [blacktop/docker-bro](https://github.com/blacktop/docker-bro) Bro IDS Dockerfile
- [**126**Star][2m] [Shell] [antonlindstrom/passpwn](https://github.com/antonlindstrom/passpwn) 检查Unix密码管理器(pass)中的密码是否发生过泄露
- [**126**Star][28d] [Py] [animalize/qqwry-python3](https://github.com/animalize/qqwry-python3) 在纯真IP数据库（qqwry.dat）查询IP归属地， for python 3.0+，已上传至pypi。
- [**126**Star][9d] [PHP] [ahref-group/ss-panel-smarty-edition](https://github.com/ahref-group/ss-panel-smarty-edition) Forked from
- [**126**Star][6m] [C++] [adamyaxley/obfuscate](https://github.com/adamyaxley/obfuscate) Guaranteed compile-time string literal obfuscation header-only library for C++14
- [**126**Star][3y] [Batchfile] [3gstudent/clr-injection](https://github.com/3gstudent/clr-injection) Use CLR to inject all the .NET apps
- [**125**Star][10d] [Shell] [s1l3nt78/sifter](https://github.com/s1l3nt78/sifter) Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for we…
- [**125**Star][1y] [Py] [tehmaze/ipcalc](https://github.com/tehmaze/ipcalc) Python IP Calculator
- [**125**Star][1y] [C#] [nirklav/tcpchat](https://github.com/nirklav/tcpchat) Multi user client-server voice chat, with elements of P2P
- [**125**Star][10d] [Shell] [s1l3nt78/sifter](https://github.com/s1l3nt78/sifter) Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for we…
- [**125**Star][7d] [C++] [horsicq/x64dbg-plugin-manager](https://github.com/horsicq/x64dbg-plugin-manager) Plugin manager for x64dbg
- [**125**Star][3m] [JS] [yangfan0095/guwen-spider](https://github.com/yangfan0095/guwen-spider) 一个完整的nodeJs 串行爬虫 抓取3万多个页面。
- [**125**Star][19d] [Java] [anthonynsimon/java-ds-algorithms](https://github.com/anthonynsimon/java-ds-algorithms) Data Structures and Algorithms in Java
- [**125**Star][13d] [Shell] [acris/shadowsocks-asuswrt-merlin](https://github.com/acris/shadowsocks-asuswrt-merlin) Shadowsock for Asuswrt-Merlin New Gen
- [**125**Star][14d] [C] [saelo/35c3ctf](https://github.com/saelo/35c3ctf) Source code and exploits for some 35c3ctf challenges.
- [**125**Star][13d] [JS] [codeudan/crawler-china-mainland-universities](https://github.com/codeudan/crawler-china-mainland-universities) 中国大陆大学列表爬虫
- [**125**Star][3y] [Go] [zxsecurity/steamer](https://github.com/zxsecurity/steamer) For importing, searching, and managing public password breach data
- [**125**Star][7m] [Go] [yahoo/yfuzz](https://github.com/yahoo/yfuzz) 利用 Kubernetes 实现分布式 fuzzing
- [**125**Star][4y] [Py] [y1ng1996/f-scrack](https://github.com/y1ng1996/f-scrack) 服务弱口令检测脚本
- [**125**Star][2m] [Shell] [vishnudxb/automated-pentest](https://github.com/vishnudxb/automated-pentest) Minimal docker container of Parrot OS for running an automated scan & pentest report.
- [**125**Star][3y] [vidar-team/hctf2017](https://github.com/vidar-team/hctf2017) 
- [**125**Star][4m] [Go] [u-root/u-bmc](https://github.com/u-root/u-bmc) Open-source firmware for your baseboard management controller (BMC)
- [**125**Star][10d] [tiaotiaolong/sec_interview_know_list](https://github.com/tiaotiaolong/sec_interview_know_list) 信息安全方面面试清单
- [**125**Star][1m] [PS] [thom-s/netsec-ps-scripts](https://github.com/thom-s/netsec-ps-scripts) Collection of PowerShell network security scripts for system administrators.
- [**125**Star][2y] [Go] [t94j0/airmaster](https://github.com/t94j0/airmaster) Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
- [**125**Star][2m] [Py] [sysdream/pysqli](https://github.com/sysdream/pysqli) Python SQL injection framework
- [**125**Star][30d] [steamedfish/gfwiplist](https://github.com/steamedfish/gfwiplist) 可用于翻墙路由表的墙外IP列表
- [**125**Star][27d] [Shell] [shubhampathak/autosetup](https://github.com/shubhampathak/autosetup) Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
- [**125**Star][1m] [Py] [radare/radare2ida](https://github.com/radare/radare2ida) Tools, documentation and scripts to move projects from IDA to R2 and viceversa
- [**125**Star][4m] [PS] [dsccommunity/xpsdesiredstateconfiguration](https://github.com/dsccommunity/xPSDesiredStateConfiguration) DSC resources for configuring common operating systems features, files and settings.
- [**125**Star][15d] [Py] [pentestmonkey/gateway-finder](https://github.com/pentestmonkey/gateway-finder) Tool to identify routers on the local LAN and paths to the Internet
- [**125**Star][8m] [XSLT] [pcapng/pcapng](https://github.com/pcapng/pcapng) PCAP next generation file format specification
- [**125**Star][4m] [JS] [p3nt4/nuages](https://github.com/p3nt4/nuages) A modular C2 framework
- [**125**Star][17d] [C] [opsxcq/docker-tor-hiddenservice-nginx](https://github.com/opsxcq/docker-tor-hiddenservice-nginx) Easily setup a hidden service inside the Tor network
- [**125**Star][2y] [Shell] [niclet/xiaomi_hack](https://github.com/niclet/xiaomi_hack) Xiaomi common hack for cameras (Mijia 360)
- [**125**Star][11d] [Py] [neuroo/grabber](https://github.com/neuroo/grabber) [DON'T USE ME] plain ol' web apps scanner
- [**125**Star][15d] [Ruby] [mttkay/replicant](https://github.com/mttkay/replicant) A REPL for the Android Debug Bridge (ADB)
- [**125**Star][1m] [Py] [mostawesomedude/construct](https://github.com/mostawesomedude/construct) Python binary parsing library
- [**125**Star][14d] [JS] [misp/misp-dashboard](https://github.com/misp/misp-dashboard) A dashboard for a real-time overview of threat intelligence from MISP instances
- [**125**Star][1y] [Shell] [mi-al/wifi-autopwner](https://github.com/mi-al/wifi-autopwner) script to automate searching and auditing Wi-Fi networks with weak security
- [**125**Star][6y] [jacobsoo/androidslides](https://github.com/jacobsoo/androidslides) 
- [**125**Star][1m] [JS] [infosec-au/little-doctor](https://github.com/infosec-au/little-doctor) a JavaScript worm that can exfiltrate files, microphone, webcam, and other data
- [**125**Star][2y] [C] [holbertonschool/hack-the-virtual-memory](https://github.com/holbertonschool/hack-the-virtual-memory) This is a series of small articles / tutorials based around virtual memory. The goal is to learn some CS basics, but in a different and more practical way.
- [**125**Star][13d] [JS] [hadynz/xss-keylogger](https://github.com/hadynz/xss-keylogger) A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only
- [**125**Star][12d] [Java] [graylog2/graylog-plugin-threatintel](https://github.com/graylog2/graylog-plugin-threatintel) Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
- [**125**Star][3m] [Py] [githacktools/brutedum](https://github.com/githacktools/brutedum) BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
- [**125**Star][18d] [C] [gdabah/distormx](https://github.com/gdabah/distormx) The ultimate hooking library
- [**125**Star][3y] [PS] [fuzzysecurity/hacksysteam-pskernelpwn](https://github.com/fuzzysecurity/hacksysteam-pskernelpwn) Accompanying blog posts on using PowerShell to exploit the @HackSysTeam Extreme Vulnerable Driver (HEVD).
- [**125**Star][1m] [Shell] [feicong/ida_for_mac_green](https://github.com/feicong/ida_for_mac_green) IDAPro for macOS
- [**125**Star][5y] [Py] [equalitie/learn2ban](https://github.com/equalitie/learn2ban) Open source machine learning DDOS detection tool
- [**125**Star][10d] [Py] [entynetproject/quack](https://github.com/entynetproject/quack) Quack Toolkit is a set of tools to provide denial of service attacks. Quack Toolkit includes SMS attack tool, HTTP attack tool and many other attack tools.
- [**125**Star][3m] [Ruby] [ehloonion/onionmx](https://github.com/ehloonion/onionmx) Onion delivery, so delicious
- [**125**Star][9d] [HTML] [dxa4481/windowhijacking](https://github.com/dxa4481/windowhijacking) A demo of altering an opened tab after a timer
- [**125**Star][1m] [Shell] [dtag-dev-sec/t-pot-autoinstall](https://github.com/dtag-dev-sec/t-pot-autoinstall) Deprecated - Please use T-Pot Universal Installer
- [**125**Star][4m] [Py] [doyler/securitytools](https://github.com/doyler/securitytools) A single repository for any security tools, scripts, documentation, etc. that I add
- [**125**Star][2y] [Py] [c0mmand3ropsec/cve-2017-10271](https://github.com/c0mmand3ropsec/cve-2017-10271) WebLogic Exploit
- [**125**Star][2y] [Java] [b3dk7/stegexpose](https://github.com/b3dk7/stegexpose) A steganalysis tool for detecting LSB steganography in images
- [**125**Star][4m] [PS] [awsmhacks/crackmapextreme](https://github.com/awsmhacks/crackmapextreme) For all your network pentesting needs
- [**125**Star][2y] [Java] [androidthings/sample-bluetooth-audio](https://github.com/androidthings/sample-bluetooth-audio) Bluetooth A2DP sample using Android Things
- [**124**Star][11d] [Py] [jsbroks/imantics](https://github.com/jsbroks/imantics) 
- [**124**Star][6m] [Java] [dingprog/networkcaptureself](https://github.com/dingprog/networkcaptureself) 基于OKHttp的实用抓包小工具，你值得拥有
- [**124**Star][29d] [jdauphant/ansible-role-ssl-certs](https://github.com/jdauphant/ansible-role-ssl-certs) Generate and/or deploy SSL certificate
- [**124**Star][10d] [C++] [xiangweizeng/darknet2ncnn](https://github.com/xiangweizeng/darknet2ncnn) Darknet2ncnn converts the darknet model to the ncnn model
- [**124**Star][3y] [Shell] [averagesecurityguy/cheat-sheets](https://github.com/averagesecurityguy/cheat-sheets) Various Cheat Sheets related to development and security
- [**124**Star][12d] [C#] [n1xbyte/donutcs](https://github.com/n1xbyte/donutcs) dem sharp donuts
- [**124**Star][7d] [C] [danielkrupinski/vac-bypass](https://github.com/danielkrupinski/vac-bypass) Valve Anti-Cheat bypass written in C.
- [**124**Star][10d] [Py] [fsecurelabs/z3_and_angr_binary_analysis_workshop](https://github.com/FSecureLABS/z3_and_angr_binary_analysis_workshop) Code and exercises for a workshop on z3 and angr
- [**124**Star][10d] [PHP] [sansecio/magevulndb](https://github.com/sansecio/magevulndb) List of Magento extensions with known security issues.
- [**124**Star][1y] [C] [wenzel/r2vmi](https://github.com/wenzel/r2vmi) Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins
- [**124**Star][10d] [Py] [w3h/isf](https://github.com/w3h/isf) ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.
- [**124**Star][3m] [Lua] [ulissescastro/linux-native-backdoors](https://github.com/ulissescastro/linux-native-backdoors) Repository holding all alternatives of *nix backdoors.
- [**124**Star][6y] [tombkeeper/shellcode_template_in_c](https://github.com/tombkeeper/shellcode_template_in_c) 
- [**124**Star][2y] [C] [sqlmapproject/udfhack](https://github.com/sqlmapproject/udfhack) Database takeover user-defined functions for MySQL and PostgreSQL
- [**124**Star][3y] [C#] [schnocker/hleaker](https://github.com/schnocker/hleaker) An usermode alternative for DuplicateHandle.
- [**124**Star][2m] [Shell] [rjanicek/vice.js](https://github.com/rjanicek/vice.js) Versatile Commodore Emulator for JavaScript
- [**124**Star][1m] [Py] [raffaele-forte/climber](https://github.com/raffaele-forte/climber) Check UNIX/Linux systems for privilege escalation
- [**124**Star][4m] [Shell] [qax-a-team/weblogicenvironment](https://github.com/qax-a-team/weblogicenvironment) Weblogic环境搭建工具
- [**124**Star][30d] [Py] [packz/ropeme](https://github.com/packz/ropeme) ROPME is a set of python scripts to generate ROP gadgets and payload.
- [**124**Star][4m] [PS] [p0w3rsh3ll/autoruns](https://github.com/p0w3rsh3ll/autoruns) help do live incident response and enumerate autoruns artifacts that may be used by legitimate programs as well as malware to achieve persistence.
- [**124**Star][3y] [JS] [openmarshall/shortcutss](https://github.com/openmarshall/shortcutss) This is a Mac Shadowsocks client equipped with global shortcuts to switch proxy mode !
- [**124**Star][3y] [Shell] [nccgroup/lazydroid](https://github.com/nccgroup/lazydroid) bash script to facilitate some aspects of an Android application assessment
- [**124**Star][4y] [Py] [moloch--/csp-bypass](https://github.com/moloch--/csp-bypass) A Burp Plugin for Detecting Weaknesses in Content Security Policies
- [**124**Star][14d] [Py] [mikesiegel/ews-crack](https://github.com/mikesiegel/ews-crack) 利用 EWS 绕过 Office365 2FA/MDM
- [**124**Star][20d] [Py] [mdiazcl/fuzzbunch-debian](https://github.com/mdiazcl/fuzzbunch-debian) Fuzzbunch deployment for Debian - Intructions: Readme.md
- [**124**Star][3y] [C] [ipankajg/ceed](https://github.com/ipankajg/ceed) A tiny x86 compiler with ELF and PE target
- [**124**Star][4m] [Rust] [kanishkarj/snoopy](https://github.com/kanishkarj/snoopy) A highly configurable multi-threaded packet sniffer and parser build in rust-lang.
- [**124**Star][29d] [Py] [jzadeh/chiron-elk](https://github.com/jzadeh/chiron-elk) Chiron Home Based ML Intrusion Detection System
- [**124**Star][1m] [CoffeeScript] [joyqi/socket-pipe](https://github.com/joyqi/socket-pipe) forward your socket from one address to anoter without any configs
- [**124**Star][2y] [Shell] [joanbono/snorter](https://github.com/joanbono/snorter) Snort + Barnyard2 + Pulledpork → The easy way!
- [**124**Star][11d] [C] [jimstudt/ook-decoder](https://github.com/jimstudt/ook-decoder) Ook-decoder reads On-Off Keying radio data commonly used in the 433MHz ISM bands using a software defined radio (SDR).
- [**124**Star][4m] [C++] [intel/opencl-intercept-layer](https://github.com/intel/opencl-intercept-layer) Intercept Layer for Debugging and Analyzing OpenCL Applications
- [**124**Star][1m] [Py] [infodox/exploits](https://github.com/infodox/exploits) Some exploits and exploit development stuff.
- [**124**Star][1m] [Py] [honeynet/cuckooml](https://github.com/honeynet/cuckooml) Machine Learning for Cuckoo Sandbox
- [**124**Star][4m] [hasherezade/pe-bear-releases](https://github.com/hasherezade/pe-bear-releases) PE-bear (builds only)
- [**124**Star][5m] [Shell] [hardenedlinux/stig-4-debian](https://github.com/hardenedlinux/stig-4-debian) Security Technical Implementation Guide for Debian
- [**124**Star][18d] [C] [greatscottgadgets/libbtbb](https://github.com/greatscottgadgets/libbtbb) A Bluetooth baseband decoding library
- [**124**Star][1y] [Py] [ghostmanager/shepherd](https://github.com/ghostmanager/shepherd) A Django application to help red team operators manage a library of domain names
- [**124**Star][11d] [HTML] [freedom-wy/js-reverse](https://github.com/freedom-wy/js-reverse) JS逆向研究
- [**124**Star][3m] [Py] [fengxuangit/dede_exp_collect](https://github.com/fengxuangit/dede_exp_collect) collection dedecms exp use pocsuite framework 收集织梦的一些漏洞，并用pocsuite框架写出利用程序。打造一键日dede
- [**124**Star][7y] [PHP] [disk0nn3ct/cookiecatcher](https://github.com/disk0nn3ct/cookiecatcher)  assist in the exploitation of XSS (Cross Site Scripting) vulnerabilities within web applications to steal user session IDs 
- [**124**Star][5y] [Py] [davidoren/cuckoosploit](https://github.com/davidoren/cuckoosploit) An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.
- [**124**Star][2m] [Py] [danmcinerney/device-pharmer](https://github.com/danmcinerney/device-pharmer) Opens 1K+ IPs or Shodan search results and attempts to login
- [**124**Star][1m] [Py] [cvvt/dumpdex](https://github.com/cvvt/dumpdex) IDA python script to dynamically dump DEX in memory
- [**124**Star][19d] [JS] [cloudtracer/paskto](https://github.com/cloudtracer/paskto) Paskto - Passive Web Scanner
- [**124**Star][4m] [Java] [aramrami/owasp-csrfguard](https://github.com/aramrami/owasp-csrfguard) OWASP CSRFGuard 3.1.0
- [**124**Star][9m] [Java] [andprox/andprox](https://github.com/andprox/andprox) Native Android Proxmark3 client (no root required)
- [**124**Star][4m] [PHP] [a0xnirudh/kurukshetra](https://github.com/a0xnirudh/kurukshetra) A framework for teaching secure coding by means of interactive problem solving.
- [**124**Star][12d] [Py] [1111joe1111/tuts](https://github.com/1111joe1111/tuts) Reverse engineering tutorials
- [**123**Star][4m] [PS] [esoso/logging](https://github.com/esoso/logging) Powershell Logging Module
- [**123**Star][4m] [C#] [atvaark/bindertool](https://github.com/atvaark/bindertool) Dark Souls II / Dark Souls III / Bloodborne bdt, bhd, bnd, dcx, tpf, fmg and param unpacking tool
- [**123**Star][4m] [Py] [01ly/fooproxy](https://github.com/01ly/fooproxy) 稳健高效的评分制-针对性- IP代理池 + API服务，可以自己插入采集器进行代理IP的爬取，针对你的爬虫的一个或多个目标网站分别生成有效的IP代理数据库，支持MongoDB 4.0 使用 Python3.7（Scored IP proxy pool ,customise proxy data crawler can be added anytime）
- [**123**Star][7d] [C++] [wuuhii/qtswissarmyknife](https://github.com/wuuhii/qtswissarmyknife) This is a qt project, it supports serialport debugging, udp debugging, tcp debugging...
- [**123**Star][13d] [Py] [decalage2/olefile](https://github.com/decalage2/olefile) olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-2003 documents, vbaProject.bin in MS Office 2007+ files, Image Composer and FlashPix files, Outlook messages, StickyNotes, several Microscopy file fo…
- [**123**Star][4m] [Shell] [wulabing/ssr-manyuser_glzjin_shell](https://github.com/wulabing/ssr-manyuser_glzjin_shell) sspanel v3 魔改版 后端一键安装配置管理脚本
- [**123**Star][15d] [Py] [cwjokaka/ok_ip_proxy_pool](https://github.com/cwjokaka/ok_ip_proxy_pool) 一个还ok的IP代理池
- [**123**Star][10d] [Shell] [greycatz/cloudunflare](https://github.com/greycatz/cloudunflare) Reconnaissance Real IP address for Cloudflare Bypass
- [**123**Star][14d] [C++] [mafiahub/openmf-archived](https://github.com/MafiaHub/OpenMF-Archived) Abandoned C++ version. Contains useful format utils and parsers.
- [**123**Star][3y] [C] [nsacyber/control-flow-integrity](https://github.com/nsacyber/Control-Flow-Integrity) A proposed hardware-based method for stopping known memory corruption exploitation techniques. #nsacyber
- [**123**Star][2y] [Py] [wipi-hunter/pifinger](https://github.com/WiPi-Hunter/PiFinger) determine whether the network we are connected for is opened by Wifi- Pineapple
- [**123**Star][1m] [Ruby] [chef/knife-openstack](https://github.com/chef/knife-openstack) Chef Infra knife plug-in for OpenStack
- [**123**Star][13d] [ObjC] [zydeco/aah](https://github.com/zydeco/aah) arm64 architecture handler
- [**123**Star][1m] [C++] [zachriggle/ida-splode](https://github.com/zachriggle/ida-splode) Augmenting Static Reverse Engineering with Dynamic Analysis and Instrumentation
    - [IDA插件](https://github.com/zachriggle/ida-splode/tree/master/py) 
    - [PinTool](https://github.com/zachriggle/ida-splode/tree/master/src) 
- [**123**Star][11d] [Py] [whtsky/maga](https://github.com/whtsky/maga) Another DHT crawler written in Python using asyncio
- [**123**Star][2y] [Py] [wavestone-cdt/wavecrack](https://github.com/wavestone-cdt/wavecrack) 多用户之间共享Hastcat cracking box 的 Web 界面
- [**123**Star][2y] [C#] [vulnerator/vulnerator](https://github.com/vulnerator/vulnerator) The official distribution of the vulnerability parsing utility.
- [**123**Star][19d] [Py] [vanhoefm/blackhat17-pocs](https://github.com/vanhoefm/blackhat17-pocs) Proof of concepts of attacks against Wi-Fi implementations
- [**123**Star][2y] [Jupyter Notebook] [teamhg-memex/deep-deep](https://github.com/teamhg-memex/deep-deep) Adaptive crawler which uses Reinforcement Learning methods
- [**123**Star][2m] [Go] [sohlich/nats-proxy](https://github.com/sohlich/nats-proxy) http-nats proxy
- [**123**Star][4m] [ObjC] [smilezxlee/zxhookdetection](https://github.com/smilezxlee/zxhookdetection) 【iOS应用安全】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议示例)
- [**123**Star][1m] [C] [secmobi/amatutor](https://github.com/secmobi/amatutor) Android恶意代码分析教程
- [**123**Star][15d] [Py] [nitr4x/whichcdn](https://github.com/nitr4x/whichcdn) WhichCDN allows to detect if a given website is protected by a Content Delivery Network
- [**123**Star][15d] [Go] [netevert/dnsmorph](https://github.com/netevert/dnsmorph) 域名排列(permutation)引擎, Go编写
- [**123**Star][4m] [HTML] [mozillasecurity/fuzzmanager](https://github.com/mozillasecurity/fuzzmanager) A fuzzing management tools collection
- [**123**Star][3m] [Ruby] [melvinsh/vcsmap](https://github.com/melvinsh/vcsmap) vcsmap is a plugin-based tool to scan public version control systems for sensitive information.
- [**123**Star][2y] [PS] [mattifestation/bhusa2018_sysmon](https://github.com/mattifestation/bhusa2018_sysmon) All materials from our Black Hat 2018 "Subverting Sysmon" talk
- [**123**Star][1y] [Pascal] [mahdisafsafi/debugengine](https://github.com/mahdisafsafi/debugengine) Delphi debug framework
- [**123**Star][4m] [Swift] [lxdcn/nepackettunnelvpndemo](https://github.com/lxdcn/nepackettunnelvpndemo) iOS VPN client implementation demo based on iOS9 NetworkExtension NETunnelProvider APIs
- [**123**Star][3y] [Py] [lujqme/proxy_pool](https://github.com/lujqme/proxy_pool) ip proxy pool
- [**123**Star][10m] [Ruby] [livingsocial/keyspace](https://github.com/livingsocial/keyspace) Capability-based secure key management and credential storage
- [**123**Star][17d] [Py] [leveldown-security/svd-loader-ghidra](https://github.com/leveldown-security/svd-loader-ghidra) 
- [**123**Star][7m] [JS] [jonaslejon/tor-fingerprint](https://github.com/jonaslejon/tor-fingerprint) Tor Browser and Tails version fingerprint PoC
- [**123**Star][3m] [C++] [ivildeed/vmw_vmx_overloader](https://github.com/ivildeed/vmw_vmx_overloader) Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
- [**123**Star][8m] [Py] [inguma/bokken](https://github.com/inguma/bokken) Dear user: This is a git mirror of our Mercurial repository in
- [**123**Star][2m] [JS] [fergarrui/ethereum-security](https://github.com/fergarrui/ethereum-security) Security issues in Ethereum demonstrated in mocha tests. The fix is also demonstrated
- [**123**Star][8d] [Py] [felamos/weirdhta](https://github.com/felamos/weirdhta) A python tool to create obfuscated HTA script.
- [**123**Star][2y] [Java] [ezequielpereira/gae-rce](https://github.com/ezequielpereira/gae-rce) Google App Engine - Remote Code Execution bug ($36k bug bounty)
- [**123**Star][4m] [JS] [ernw/windows-insight](https://github.com/ernw/windows-insight) The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Microsoft Windows operating system. This repository stores relevant documentation as well as executable files needed for conducting analysis studies.
- [**123**Star][4m] [Py] [endermanch/malwaredatabase](https://github.com/endermanch/malwaredatabase) This repository is one of a few malware collections on the GitHub.
- [**123**Star][12d] [duyetdev/awesome-web-scraper](https://github.com/duyetdev/awesome-web-scraper) A collection of awesome web scaper, crawler.
- [**123**Star][2m] [C] [dschanoeh/socketcand](https://github.com/dschanoeh/socketcand) A deprecated fork of socketcand. Please got to linux-can for the latest version.
- [**123**Star][2m] [C] [d00rt/emotet_research](https://github.com/d00rt/emotet_research)  documentation about the packer of Emotet and its unpacker.
- [**123**Star][27d] [C] [cr4sh/ioctlfuzzer](https://github.com/cr4sh/ioctlfuzzer) Automatically exported from code.google.com/p/ioctlfuzzer
- [**123**Star][3y] [JS] [cn33liz/jsmeter](https://github.com/cn33liz/jsmeter) JavaScript Reversed TCP Meterpreter Stager
- [**123**Star][25d] [carloop/simulator](https://github.com/carloop/simulator) CAN bus simulator on the Rasperry Pi
- [**123**Star][4m] [byt3bl33d3r/ansibleplaybooks](https://github.com/byt3bl33d3r/ansibleplaybooks) A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
- [**123**Star][11d] [bobnisco/adblocking-vpn](https://github.com/bobnisco/adblocking-vpn) 
- [**123**Star][4m] [C#] [akaion/jupiter](https://github.com/akaion/jupiter) A Windows virtual memory editing library with support for pattern scanning.
- [**123**Star][24d] [Shell] [a-dma/yubitouch](https://github.com/a-dma/yubitouch) Bash script for setting or clearing touch requirements for # cryptographic operations the OpenPGP application on a YubiKey 4
- [**122**Star][14d] [Go] [x1sec/commit-stream](https://github.com/x1sec/commit-stream) #OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
- [**122**Star][20d] [llamasoft/polyshell](https://github.com/llamasoft/polyshell) A Bash/Batch/PowerShell polyglot!
- [**122**Star][4m] [C] [puxxustc/muon](https://github.com/puxxustc/muon) A fast stateless VPN with simple obfuscation
- [**122**Star][4m] [meandni/algorithms4-common](https://github.com/meandni/algorithms4-common) 
- [**122**Star][3m] [Py] [brucedone/scrapy_demo](https://github.com/brucedone/scrapy_demo) all kinds of scrapy demo
- [**122**Star][20d] [Swift] [lettleprince/qladder](https://github.com/lettleprince/qladder) QLadder is a project for iOS client. It uses shadowsocks as server-side.
- [**122**Star][16d] [Go] [genuinetools/certok](https://github.com/genuinetools/certok) Command line tool to check the validity and expiration dates of SSL certificates.
- [**122**Star][4m] [ashemery/linuxforensics](https://github.com/ashemery/LinuxForensics) Everything related to Linux Forensics
- [**122**Star][27d] [Py] [meizjm3i/ctf-challenge](https://github.com/meizjm3i/CTF-Challenge) CTF题目收集
- [**122**Star][4m] [C] [zyw-200/firmafl](https://github.com/zyw-200/firmafl) FIRM-AFL is the first high-throughput greybox fuzzer for IoT firmware.
- [**122**Star][3y] [C#] [zerosum0x0/runshellcode](https://github.com/zerosum0x0/runshellcode) .NET GUI program that runs shellcode
- [**122**Star][4m] [Py] [yeggor/uefi_retool](https://github.com/yeggor/uefi_retool) finding proprietary protocols in UEFI firmware and UEFI modules analysing
- [**122**Star][18d] [xiangbab/web-hack](https://github.com/xiangbab/web-hack) 一份网络安全入门的资料。
- [**122**Star][14d] [Py] [wetw0rk/malicious-wordpress-plugin](https://github.com/wetw0rk/malicious-wordpress-plugin) Simply generates a wordpress plugin that will grant you a reverse shell once uploaded. I recommend installing Kali Linux, as msfvenom is used to generate the payload.
- [**122**Star][3m] [C] [tylabs/quicksand_lite](https://github.com/tylabs/quicksand_lite) Command line tool for scanning streams within office documents plus xor db attack
- [**122**Star][12d] [Go] [sero-cash/go-sero](https://github.com/sero-cash/go-sero) The Total Solution for Blockchain with Privacy Protecting
- [**122**Star][1y] [Java] [securityfirst/umbrella_android](https://github.com/securityfirst/umbrella_android) Digital and Physical Security Advice App
- [**122**Star][10m] [C] [ryanries/passfiltex](https://github.com/ryanries/passfiltex) PassFiltEx. An Active Directory Password Filter.
- [**122**Star][4m] [AppleScript] [rtrouton/payload-free-package-creator](https://github.com/rtrouton/payload-free-package-creator)  Payload-Free Package Creator.app
- [**122**Star][2y] [Py] [ridter/mailget](https://github.com/ridter/mailget) 通过脉脉用户猜测企业邮箱
- [**122**Star][1m] [Py] [powdahound/redis-collectd-plugin](https://github.com/powdahound/redis-collectd-plugin) A Redis plugin for collectd.
- [**122**Star][29d] [Py] [penafieljlm/inquisitor](https://github.com/penafieljlm/inquisitor) Opinionated organisation-centric OSINT footprinting inspired from recon-ng and Maltego
- [**122**Star][1m] [C] [mniip/spectre-meltdown-poc](https://github.com/mniip/spectre-meltdown-poc) spectre meltdown poc
- [**122**Star][1m] [Py] [meatballs1/burp-extensions](https://github.com/meatballs1/burp-extensions) Burp Suite Extensions
- [**122**Star][3y] [malwares/webshell](https://github.com/malwares/webshell) WebShell Dump
- [**122**Star][18d] [Py] [liato/android-market-api-py](https://github.com/liato/android-market-api-py) A Python port of the java Android Market API.
- [**122**Star][18d] [jyny/pasc2at](https://github.com/jyny/pasc2at) 高级PHP应用程序漏洞审核技术 by 80vul
- [**122**Star][5y] [irsl/adb-backup-apk-injection](https://github.com/irsl/adb-backup-apk-injection) Android ADB backup APK Injection POC
- [**122**Star][14d] [Shell] [immmx/ubnt-mips-shadowsocks-libev](https://github.com/immmx/ubnt-mips-shadowsocks-libev) Cross complie shadowsocks for UBNT devices based on mipsel or mips64
- [**122**Star][1y] [Py] [grunny/zap-cli](https://github.com/grunny/zap-cli) A simple tool for interacting with OWASP ZAP from the commandline.
- [**122**Star][4y] [Py] [grazfather/practicalmalwarelabs](https://github.com/grazfather/practicalmalwarelabs) Keep track of the labs from the book "Practical Malware Analysis"
- [**122**Star][3y] [C] [glacierw/mba](https://github.com/glacierw/mba) Malware Behavior Analyzer
- [**122**Star][4m] [Py] [functionclub/uping](https://github.com/functionclub/uping) 一个24小时监测VPS延迟的工具
- [**122**Star][3y] [Py] [exp-db/ai-driven-waf](https://github.com/exp-db/ai-driven-waf) Artificial intelligence-driven Web Firewall
- [**122**Star][5m] [enigmabridge/javacard-curated-list](https://github.com/enigmabridge/javacard-curated-list) Curated list of open-source Java Card applets and related applications for cryptographic smartcards
- [**122**Star][2y] [Go] [egebalci/arcanus](https://github.com/egebalci/arcanus) ARCANUS is a customized payload generator/handler.
- [**122**Star][10d] [Py] [duanhongyi/gmssl](https://github.com/duanhongyi/gmssl) a python crypto for sm2/sm3/sm4
- [**122**Star][1y] [C] [dimopouloselias/alpc-mmc-uac-bypass](https://github.com/dimopouloselias/alpc-mmc-uac-bypass) UAC Bypass with mmc via alpc
- [**122**Star][17d] [Py] [danielplohmann/apiscout](https://github.com/danielplohmann/apiscout) simplifying Windows API import recovery on arbitrary memory dumps
- [**122**Star][6m] [HTML] [chromium/trickuri](https://github.com/chromium/trickuri) to allow testing of applications' display of URLs.
- [**122**Star][4y] [Batchfile] [brianwrf/winsystemhelper](https://github.com/brianwrf/winsystemhelper) A tool that checks and downloads scripts that will aid with privilege escalation on a Windows system.
- [**122**Star][15d] [JS] [brannondorsey/distributed-password-cracking](https://github.com/brannondorsey/distributed-password-cracking) Borrow CPU cycles from visitor's web browsers to crack MD5 password hashes
- [**122**Star][2m] [Py] [bjmayor/hacker](https://github.com/bjmayor/hacker) python绝技:运用python成为顶级黑客 这本书的源码
- [**122**Star][22d] [Py] [anssi-fr/bmc-tools](https://github.com/anssi-fr/bmc-tools) RDP Bitmap Cache parser
- [**122**Star][2y] [CSS] [0xbug/orangescan](https://github.com/0xbug/orangescan) 在线子域名信息收集工具
- [**121**Star][9d] [Go] [a-0-e/writeups](https://github.com/a-0-e/writeups) Write-ups from A*0*E.
- [**121**Star][16d] [C] [hc0d3r/tea](https://github.com/hc0d3r/tea) ssh-client worm
- [**121**Star][10d] [pandavpn/panda](https://github.com/pandavpn/panda) Panda VPN
- [**121**Star][26d] [Shell] [openwisp/ansible-openwisp2-imagegenerator](https://github.com/openwisp/ansible-openwisp2-imagegenerator) Automatically build several openwisp2 firmware images for different organizations while keeping track of their differences
- [**121**Star][4m] [PHP] [auraphp/aura.auth](https://github.com/auraphp/aura.auth) Provides a unified interface to local and remote authentication systems.
- [**121**Star][21d] [JS] [c-geek/merkle](https://github.com/c-geek/merkle) Node.js module implementing Merkle tree algorithm
- [**121**Star][12d] [C] [v-e-o/rdp2tcp](https://github.com/v-e-o/rdp2tcp) rdp2tcp: open tcp tunnel through remote desktop connection.
- [**121**Star][1m] [Py] [nict-csl/exist](https://github.com/nict-csl/exist) EXIST is a web application for aggregating and analyzing cyber threat intelligence.
- [**121**Star][28d] [C++] [moxie0/tortunnel](https://github.com/moxie0/tortunnel) A partial Onion Proxy implementation that's designed to build single-hop circuits through Tor exit nodes
- [**121**Star][19d] [C] [olimex/esp32-evb](https://github.com/olimex/esp32-evb) ESP32 WiFi / BLE Development board with Ethernet interface, Relays, microSD card
- [**121**Star][23d] [Makefile] [honwen/openwrt-shadowsocksr](https://github.com/honwen/openwrt-shadowsocksr) ShadowsocksR-libev for OpenWrt/LEDE
- [**121**Star][20d] [C++] [barakat/cve-2019-16098](https://github.com/barakat/cve-2019-16098) Local privilege escalation PoC exploit for CVE-2019-16098
- [**121**Star][11d] [Py] [realsanjay/domainrecon](https://github.com/realsanjay/DomainRecon) Based on URL and Organization Name, collect the IP Ranges, subdomains using various tools like Amass, subfinder, etc.. And check for uphost and Run Masscan to grap CNAME entries, take the screenshot of all the found subdomains using WebScreeShot and more...
- [**121**Star][2m] [Py] [fsecurelabs/drozer-modules](https://github.com/FSecureLABS/drozer-modules) leading security testing framework for Android.
- [**121**Star][15d] [C] [cuckoosandbox/cuckoomon](https://github.com/cuckoosandbox/cuckoomon) DEPRECATED - replaced with "monitor"
- [**121**Star][1m] [Shell] [wknapik/vpnfailsafe](https://github.com/wknapik/vpnfailsafe) IP leak prevention for OpenVPN
- [**121**Star][16d] [Py] [williballenthin/process-forest](https://github.com/williballenthin/process-forest) Reconstruct process trees from event logs
- [**121**Star][2y] [Shell] [theflakes/ultimate-forensics-vm](https://github.com/theflakes/ultimate-forensics-vm) Evolving directions on building the best Open Source Forensics VM
- [**121**Star][5y] [Py] [synack/dylibhijack](https://github.com/synack/dylibhijack) python utilities related to dylib hijacking on OS X
- [**121**Star][7y] [Py] [stephenbrannon/iocextractor](https://github.com/stephenbrannon/iocextractor) IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.
- [**121**Star][2m] [C++] [stealth/lophttpd](https://github.com/stealth/lophttpd) lots of performance (or lots of porn, if you prefer) httpd: Easy, chrooted, fast and simple to use HTTP server for static content. Runs on Linux, BSD, Android and OSX/Darwin. It's free but if you like it, consider donating to the EFF:
- [**121**Star][19d] [Py] [securityclippy/elasticintel](https://github.com/securityclippy/elasticintel) Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
- [**121**Star][4y] [sandysekharan/ctf-tool](https://github.com/sandysekharan/ctf-tool) A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.
- [**121**Star][2m] [Py] [sagehack/cloud-buster](https://github.com/sagehack/cloud-buster) A Cloudflare resolver that works
- [**121**Star][1y] [CSS] [rootkiter/earthworm](https://github.com/rootkiter/earthworm) Tool for tunnel
- [**121**Star][23d] [Py] [raw-packet/raw-packet](https://github.com/raw-packet/raw-packet) Raw-packet Project
- [**121**Star][2m] [Arduino] [randdruid/esp8266-deauth](https://github.com/randdruid/esp8266-deauth) Multi target De-Auth attack implementation for ESP8266 module.
- [**121**Star][16d] [Java] [rafaeltoledo/android-security](https://github.com/rafaeltoledo/android-security) An app showcase of some techniques to improve Android app security
- [**121**Star][17d] [Nim] [parrotsec/anonsurf](https://github.com/parrotsec/anonsurf) parrot anonymous mode
- [**121**Star][25d] [C] [nospaceships/raw-socket-sniffer](https://github.com/nospaceships/raw-socket-sniffer) Packet capture on Windows without a kernel driver
- [**121**Star][6m] [Java] [nccgroup/decoder-improved](https://github.com/nccgroup/decoder-improved) Improved decoder for Burp Suite
- [**121**Star][11d] [Py] [mkorman90/regipy](https://github.com/mkorman90/regipy) Regipy is an os independent python library for parsing offline registry hives
- [**121**Star][3m] [Java] [mkopylec/charon-spring-boot-starter](https://github.com/mkopylec/charon-spring-boot-starter) Reverse proxy implementation in form of a Spring Boot starter.
- [**121**Star][2y] [Py] [khast3x/offensive-dockerfiles](https://github.com/khast3x/offensive-dockerfiles) Offensive tools as Dockerfiles. Lightweight & Ready to go
- [**121**Star][10d] [C] [jedisct1/libhydrogen](https://github.com/jedisct1/libhydrogen) A lightweight, secure, easy-to-use crypto library suitable for constrained environments.
- [**121**Star][4m] [Py] [h0nus/qrgen](https://github.com/h0nus/qrgen) Simple script for generating Malformed QRCodes.
- [**121**Star][8m] [Scala] [guillaumebort/scasm](https://github.com/guillaumebort/scasm) A a dynamic x86_64 assembler in Scala — Code for the live coding session @ Devoxx france 2016
- [**121**Star][8m] [Perl] [gottburgm/exploits](https://github.com/gottburgm/exploits) Containing Self Made Perl Reproducers / PoC Codes
- [**121**Star][15d] [JS] [duo-labs/phinn](https://github.com/duo-labs/phinn) A toolkit to generate an offline Chrome extension to detect phishing attacks using a bespoke convolutional neural network.
- [**121**Star][5m] [Java] [bouncestorage/chaos-http-proxy](https://github.com/bouncestorage/chaos-http-proxy) Introduce failures into HTTP requests via a proxy server
- [**121**Star][22d] [C] [bob-beck/libtls](https://github.com/bob-beck/libtls) libtls tutorial, exercises, test CA and exercise solutions
- [**121**Star][2y] [Py] [amossys/memitm](https://github.com/amossys/memitm) Tool to make in memory man in the middle
- [**121**Star][17d] [Py] [alanvivona/pwnshop](https://github.com/alanvivona/pwnshop) Exploit Development and Reverse Engineering topics
- [**121**Star][15d] [C] [a13xp0p0v/kernel-hack-drill](https://github.com/a13xp0p0v/kernel-hack-drill) Linux kernel exploitation experiments
- [**120**Star][3m] [Go] [projectdiscovery/shuffledns](https://github.com/projectdiscovery/shuffledns) shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
- [**120**Star][1m] [Py] [hrwhisper/twitterdatamining](https://github.com/hrwhisper/twitterdatamining) Twitter数据挖掘及其可视化
- [**120**Star][12d] [Rust] [driftluo/p2p](https://github.com/driftluo/p2p) A multiplexed p2p network framework that supports custom protocols
- [**120**Star][4m] [HTML] [rootkiter/termite](https://github.com/rootkiter/termite) Tool for tunnel (Version 2)
- [**120**Star][4m] [C++] [pranavgulati/rf24ble](https://github.com/pranavgulati/rf24ble) RF24BLE is the library that makes an nrf24L01+ chip (1$) into a BLE advertising beacon and can be used for LOW payload advertising like sensor data etc.
- [**120**Star][17d] [Go] [cactus/go-camo](https://github.com/cactus/go-camo) A secure image proxy server
- [**120**Star][8d] [Py] [gaussic/weibo_wordcloud](https://github.com/gaussic/weibo_wordcloud) 根据关键词抓取微博数据，再生成词云
- [**120**Star][14d] [Py] [rehmatworks/serverpilot-letsencrypt](https://github.com/rehmatworks/serverpilot-letsencrypt) Automate the installation of Let's Encrypt SSL on the free plan of ServerPilot
- [**120**Star][13d] [Shell] [merces/bashacks](https://github.com/merces/bashacks) Set of functions to increase productivity while hacking with Bash
- [**120**Star][18d] [Shell] [cisco-talos/vboxhardening](https://github.com/cisco-talos/vboxhardening) 
- [**120**Star][6m] [Ruby] [phatworx/easy_captcha](https://github.com/phatworx/easy_captcha) Captcha-Plugin for Rails
- [**120**Star][27d] [Py] [vstinner/python-ptrace](https://github.com/vstinner/python-ptrace) a debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python
- [**120**Star][4m] [C++] [ze0r/cve-2018-8639-exp](https://github.com/ze0r/cve-2018-8639-exp) 
- [**120**Star][2y] [Py] [yt1g3r/cve-2018-8174_exp](https://github.com/yt1g3r/cve-2018-8174_exp) CVE-2018-8174_python
- [**120**Star][14d] [C++] [yanncam/exe2powershell](https://github.com/yanncam/exe2powershell) exe2powershell - exe2bat reborn for modern Windows
- [**120**Star][3y] [JS] [wofeiwo/website-analyzer](https://github.com/wofeiwo/website-analyzer) Analyze and display the Web technology of current page.
- [**120**Star][2y] [Py] [williballenthin/indxparse](https://github.com/williballenthin/indxparse) Tool suite for inspecting NTFS artifacts.
- [**120**Star][4m] [we5ter/flerken](https://github.com/we5ter/flerken) A Solution For Cross-Platform Obfuscated Commands Detection
- [**120**Star][10d] [Java] [sable/heros](https://github.com/sable/heros) IFDS/IDE Solver for Soot
- [**120**Star][4m] [PS] [roflsandwich/chrome-password-dumper](https://github.com/roflsandwich/chrome-password-dumper) 
- [**120**Star][10d] [Go] [refraction-networking/utls](https://github.com/refraction-networking/utls) Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
- [**120**Star][3m] [Shell] [qinghuas/ss-panel-and-ss-py-mu](https://github.com/qinghuas/ss-panel-and-ss-py-mu) SS Panel V3 前端/节点端安装脚本，及相关附属工具管理
- [**120**Star][3y] [Swift] [nsexceptional/runtime](https://github.com/nsexceptional/runtime) An Objective-C simulator written in Swift.
- [**120**Star][7y] [Lua] [nixuehan/belial](https://github.com/nixuehan/belial) 基于nginx lua module 的一个 waf .
- [**120**Star][13d] [Shell] [merces/bashacks](https://github.com/merces/bashacks) Set of functions to increase productivity while hacking with Bash
- [**120**Star][4m] [C++] [melonwxd/elfhooker](https://github.com/melonwxd/elfhooker) 兼容Android 32位和64位。基于EFL文件格式Hook的demo，hook了SurfaceFlinger进程的eglSwapBuffers函数，替换为new_eglSwapBuffers
- [**120**Star][18d] [Py] [matiskay/html-similarity](https://github.com/matiskay/html-similarity) Compare html similarity using structural and style metrics
- [**120**Star][2y] [C#] [malcomvetter/csexec](https://github.com/malcomvetter/csexec) An implementation of PSExec in C#
- [**120**Star][2m] [C] [magkopian/keepassxc-debian](https://github.com/magkopian/keepassxc-debian) Debian source package for the KeePassXC password manager.
- [**120**Star][3m] [Go] [lloydlabs/elf-strings](https://github.com/lloydlabs/elf-strings)  read an ELF binary's string sections within a given binary. This is meant to be much like the strings UNIX utility, however is purpose built for ELF binaries.
- [**120**Star][21d] [Go] [lkesteloot/trs80](https://github.com/lkesteloot/trs80) TRS-80 Model III emulator in Go with a web interface
- [**120**Star][2y] [Java] [liqinew/myutils](https://github.com/liqinew/myutils) 包含全方位的工具的工具项目
- [**120**Star][5m] [C#] [linhlhq/cve-2019-0604](https://github.com/linhlhq/cve-2019-0604) CVE-2019-0604
- [**120**Star][25d] [C++] [lcatro/vuln_javascript](https://github.com/lcatro/vuln_javascript) a JavaScript Execute Envirment which study browser vuln and how to write Shellcode
- [**120**Star][2m] [Py] [kmkz/exploit](https://github.com/kmkz/exploit) Exploits and advisories
- [**120**Star][6y] [C#] [jerryhoff/webgoat.net](https://github.com/jerryhoff/webgoat.net) OWASP WebGoat.NET
- [**120**Star][2y] [Py] [graniet/inspector](https://github.com/graniet/inspector) The Inspector tool is a privilege escalation helper (PoC), easy to deployed on web server, this tool can list process running with root, check kernel version, check history file, get possible exploit ...
- [**120**Star][4m] [govanguard/list-pentest-tools](https://github.com/govanguard/list-pentest-tools) A curated list of network penetration testing tools.
- [**120**Star][10d] [Py] [flyingcircusio/vulnix](https://github.com/flyingcircusio/vulnix) Vulnerability (CVE) scanner for Nix/NixOS.
- [**120**Star][6m] [Java] [fingerart/apidebugger](https://github.com/fingerart/apidebugger) A IDEA plug-in to help you easily complete the API debugging.
- [**120**Star][1m] [Py] [evilsocket/ergo-pe-av](https://github.com/evilsocket/ergo-pe-av) 
- [**120**Star][2y] [C] [endgameinc/clrguard](https://github.com/endgameinc/clrguard) a proof of concept project to explore instrumenting the Common Language Runtime (CLR) for security purposes. 
- [**120**Star][11d] [Ruby] [edthamm/lootbooty](https://github.com/edthamm/lootbooty) WIreless Hacking Tools
- [**120**Star][2m] [Shell] [dholm/dotgdb](https://github.com/dholm/dotgdb) GDB scripts to add support for low level debugging and reverse engineering
- [**120**Star][7m] [Shell] [darkerego/mips-binaries](https://github.com/darkerego/mips-binaries) Various binaries for the mips architecture.
- [**120**Star][5y] [Shell] [d4rkcat/handshaker](https://github.com/d4rkcat/handshaker) Detect, capture, crack WPA/2 handshakes, WEP Keys and geotag with Android GPS
- [**120**Star][5m] [C] [cr4sh/s6_pcie_microblaze](https://github.com/cr4sh/s6_pcie_microblaze) PCI Express DIY hacking toolkit for Xilinx SP605
- [**120**Star][15d] [Py] [coffeehb/struts2_check](https://github.com/coffeehb/struts2_check) 一个用于识别目标网站是否采用Struts2框架开发的工具demo
- [**120**Star][22d] [Go] [cjongseok/mtproto](https://github.com/cjongseok/mtproto) Telegram MTProto and its proxy (over gRPC) in Go (golang). API Layer: 71
- [**120**Star][5y] [Py] [breenmachine/javaunserializeexploits](https://github.com/breenmachine/javaunserializeexploits) 
- [**120**Star][27d] [JS] [austintgriffith/bouncer-proxy](https://github.com/austintgriffith/bouncer-proxy) 👮🏻
- [**120**Star][10m] [Go] [appnician/pastor](https://github.com/appnician/pastor) Pastor stores all your passwords without storing them anywhere.
- [**120**Star][1m] [Ruby] [airbus-seclab/warbirdvm](https://github.com/airbus-seclab/warbirdvm) An analysis of the Warbird virtual-machine protection for the CI!g_pStore
- [**119**Star][10d] [Shell] [solomonsklash/htbenum](https://github.com/solomonsklash/htbenum) A Linux enumeration script for Hack The Box
- [**119**Star][11d] [C++] [guidobartoli/sherloq](https://github.com/guidobartoli/sherloq) An open-source digital image forensic toolset
- [**119**Star][13d] [chrislockard/api_wordlist](https://github.com/chrislockard/api_wordlist) A wordlist of API names for web application assessments
- [**119**Star][30d] [C] [davidbuchanan314/libleakmydata](https://github.com/davidbuchanan314/libleakmydata) A simple LD_PRELOAD library to disable SSL certificate verification. Inspired by libeatmydata.
- [**119**Star][2m] [Java] [whilu/lmbluetoothsdk](https://github.com/whilu/lmbluetoothsdk) A library to make classic bluetooth or BLE easier to use in Android.
- [**119**Star][19d] [JS] [gao715108023/monitor](https://github.com/gao715108023/monitor) 监控服务器（包括Linux和Windows）的资源：CPU\内存\磁盘IO\网络带宽\端口的连接数\进程级别的CPU使用率和内存占用，请配合前台展示monitorweb使用，效果更佳。
- [**119**Star][10d] [zhoushuai0207/ladder](https://github.com/zhoushuai0207/ladder) 梯子整理，科学上网
- [**119**Star][11d] [Go] [smallstep/autocert](https://github.com/smallstep/autocert) 
- [**119**Star][15d] [C] [hasherezade/chimera_pe](https://github.com/hasherezade/chimera_pe) ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
- [**119**Star][12d] [SourcePawn] [shavitush/bhoptimer](https://github.com/shavitush/bhoptimer) A bunnyhop timer plugin for Counter-Strike: Source, Counter-Strike: Global Offensive and Team Fortress 2.
- [**119**Star][7d] [Java] [gedsh/invizible](https://github.com/gedsh/invizible) Android application for Internet privacy and security
- [**119**Star][11d] [Py] [jgilhutton/pyxiewps](https://github.com/jgilhutton/PyxieWPS) Pyxiewps is a wireless attack tool to retrieve the WPS pin in seconds.
- [**119**Star][17d] [imfht/educn-sqlscan](https://github.com/imfht/educn-sqlScan) 对全国edu域名以及其二级域名进行的一次Sql注入，预计花费时间为三天，结束时候将提交至漏洞平台
- [**119**Star][2m] [Rust] [zcash-hackworks/bn](https://github.com/zcash-hackworks/bn) Pairing cryptography library in Rust
- [**119**Star][5y] [C++] [zyantific/retypedef](https://github.com/zyantific/retypedef) Name substitution plugin for IDA Pro
- [**119**Star][4y] [Ruby] [yangbh/hammer](https://github.com/yangbh/hammer) A web vulnerability scanner framework
- [**119**Star][16d] [Py] [xerub/idastuff](https://github.com/xerub/idastuff) IDA Pro/Hexrays plugins, mainly targeted at ARM processors
- [**119**Star][4m] [Py] [woj-ciech/pepe](https://github.com/woj-ciech/pepe) Collect information about email addresses from Pastebin
- [**119**Star][2y] [Py] [winheapexplorer/winheap-explorer](https://github.com/winheapexplorer/winheap-explorer) heap-based bugs detection in x86 machine code for Windows applications.
- [**119**Star][1y] [Py] [webbreacher/tilde_enum](https://github.com/webbreacher/tilde_enum) Takes a URL and checks the system for the tilde enum vuln and then find the files.
- [**119**Star][16d] [Py] [victims/victims-cve-db](https://github.com/victims/victims-cve-db) CVE database store
- [**119**Star][2y] [C] [valentinbreiz/ps4-linux-loader](https://github.com/valentinbreiz/ps4-linux-loader) A simple payload that let you run Linux on your 4.05 / 4.55 / 5.01 / 5.05 PS4
- [**119**Star][2m] [ObjC] [theori-io/zer0con2018_singi](https://github.com/theori-io/zer0con2018_singi) 
- [**119**Star][9m] [C++] [tandasat/simplesvm](https://github.com/tandasat/simplesvm) A minimalistic educational hypervisor for Windows on AMD processors.
- [**119**Star][4m] [Py] [szcf-weiya/sinaspider](https://github.com/szcf-weiya/sinaspider) 动态IP解决新浪的反爬虫机制，快速抓取内容。
- [**119**Star][29d] [C++] [sysml/clickos](https://github.com/sysml/clickos) The Click modular router: fast modular packet processing and analysis
- [**119**Star][5m] [Java] [stringcare/androidlibrary](https://github.com/stringcare/androidlibrary) Android library to reveal or obfuscate strings and assets at runtime
- [**119**Star][10m] [Java] [spoofzu/deepviolet](https://github.com/spoofzu/deepviolet) Tool for introspection of SSL\TLS sessions
- [**119**Star][4y] [Py] [shiva-spampot/shiva](https://github.com/shiva-spampot/shiva) Spam Honeypot with Intelligent Virtual Analyzer
- [**119**Star][1m] [Shell] [shipcod3/mazda_getinfo](https://github.com/shipcod3/mazda_getinfo) A PoC that the USB port is an attack surface for a Mazda car's infotainment system and how Mazda hacks are made
- [**119**Star][2m] [C] [shellntel/backdoors](https://github.com/shellntel/backdoors) a sniffing, non binding, reverse down/exec, portknocking service * Based on cd00r.c
- [**119**Star][1m] [Ruby] [sensepost/heartbleed-poc](https://github.com/sensepost/heartbleed-poc) Test for SSL heartbeat vulnerability (CVE-2014-0160)
- [**119**Star][1m] [Py] [ruped24/killchain](https://github.com/ruped24/killchain) A unified console to perform the "kill chain" stages of attacks.
- [**119**Star][16d] [Clojure] [rm-hull/lein-nvd](https://github.com/rm-hull/lein-nvd) National Vulnerability Database dependency-checker plugin for Leiningen
- [**119**Star][3m] [Java] [rastapasta/pokemon-go-xposed](https://github.com/rastapasta/pokemon-go-xposed) 
- [**119**Star][4m] [C] [nese-team/ourchallenges](https://github.com/nese-team/ourchallenges) writeups for our challenges
- [**119**Star][18d] [Py] [nccgroup/typofinder](https://github.com/nccgroup/typofinder) A finder of domain typos showing country of IP address
- [**119**Star][4y] [Py] [nccgroup/hodor](https://github.com/nccgroup/hodor) Hodor! Fuzzer..
- [**119**Star][1m] [Py] [nasa/pvslib](https://github.com/nasa/pvslib) NASA PVS Library of Formal Developments
- [**119**Star][11m] [Py] [n4nu/reversing-challenges-list](https://github.com/n4nu/reversing-challenges-list) CTF Reversing Challenges List
- [**119**Star][12d] [Ruby] [m4sc3r4n0/avoidz](https://github.com/m4sc3r4n0/avoidz) Avoidz tool to bypass most A.V softwares
- [**119**Star][5m] [C#] [joelverhagen/torsharp](https://github.com/joelverhagen/torsharp) Use Tor for your C# HTTP clients. Tor + Privoxy =
- [**119**Star][18d] [Py] [jirutka/ldap-passwd-webui](https://github.com/jirutka/ldap-passwd-webui) Very simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).
- [**119**Star][3y] [PS] [javelinnetworks/ir-tools](https://github.com/javelinnetworks/ir-tools)  forensics of domain based attacks on an infected host
- [**119**Star][3m] [Shell] [itskindred/portpush](https://github.com/itskindred/portpush) A small Bash utility used for pivoting into internal networks upon compromising a public-facing host.
- [**119**Star][2m] [C++] [iaik/drama](https://github.com/iaik/drama) This repository contains examples of DRAMA reverse-engineering and side-channel attacks
- [**119**Star][8m] [Py] [hugsy/stuff](https://github.com/hugsy/stuff) Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest
- [**119**Star][15d] [C] [hasherezade/chimera_pe](https://github.com/hasherezade/chimera_pe) ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports payload-side
- [**119**Star][13d] [C++] [google/crunchy](https://github.com/google/crunchy) CrunchyCrypt - Safe and Simple Cryptography
- [**119**Star][2m] [gasche/popl2016-papers](https://github.com/gasche/popl2016-papers) Links to publicly available preprints for the POPL'16 conference
- [**119**Star][1y] [PS] [fox-it/invoke-credentialphisher](https://github.com/fox-it/invoke-credentialphisher) 
- [**119**Star][14d] [Ruby] [dev-sec/ansible-mysql-hardening](https://github.com/dev-sec/ansible-mysql-hardening) This Ansible role provides security configuration for MySQL.
- [**119**Star][1m] [C#] [decoder-it/powershellveryless](https://github.com/decoder-it/powershellveryless) Constrained Language Mode + AMSI bypass all in one
- [**119**Star][4m] [C#] [dannythesloth/vanillarat](https://github.com/dannythesloth/vanillarat) VanillaRat is an advanced remote administration tool completely coded in C# for Windows.
- [**119**Star][1m] [Py] [danmcinerney/wifi-monitor](https://github.com/danmcinerney/wifi-monitor) Prints the IPs on your local network that're sending the most packets
- [**119**Star][10m] [C++] [danielcardeenas/audiostego](https://github.com/danielcardeenas/audiostego) Audio file steganography. Hides files or text inside audio files and retrieve them automatically
- [**119**Star][5y] [C++] [breakingmalware/selfie](https://github.com/breakingmalware/selfie) A Tool to Unpack Self-Modifying Code using DynamoRIO
- [**119**Star][1m] [Py] [bastibl/gr-keyfob](https://github.com/bastibl/gr-keyfob) Transceiver for Hella wireless car key fobs.
- [**119**Star][4m] [Py] [b3-v3r/hunner](https://github.com/b3-v3r/hunner) Hacking framework
- [**119**Star][12d] [Py] [apg-intel/ipv6tools](https://github.com/apg-intel/ipv6tools) IPv6Tools is a robust modular framework that enables the ability to visually audit an IPv6 enabled network.
- [**119**Star][9d] [Py] [alienvault-otx/yabin](https://github.com/alienvault-otx/yabin) A Yara rule generator for finding related samples and hunting
- [**119**Star][6m] [alecmuffett/the-onion-diaries](https://github.com/alecmuffett/the-onion-diaries) Blog-type notes about building Onion sites
- [**119**Star][26d] [Py] [5alt/ultrarelay](https://github.com/5alt/ultrarelay) poison and relay NTLM credentials
- [**118**Star][7d] [Py] [p0cl4bs/wifipumpkin3](https://github.com/p0cl4bs/wifipumpkin3) Powerful framework for rogue access point attack.
- [**118**Star][10d] [Shell] [htr-tech/nexphisher](https://github.com/htr-tech/nexphisher) Advanced Phishing tool for Linux & Termux
- [**118**Star][2y] [Java] [sriharia/sharethem](https://github.com/sriharia/sharethem) File Sharing & Transfer made a lot easier
- [**118**Star][3y] [JS] [wintergatan/midi-to-laser-cutter](https://github.com/wintergatan/midi-to-laser-cutter) 
- [**118**Star][13d] [geerlingguy/ansible-role-logstash](https://github.com/geerlingguy/ansible-role-logstash) Ansible Role - Logstash
- [**118**Star][1m] [Go] [deckarep/easycert](https://github.com/deckarep/easycert) EasyCert quickly generates web server TLS certificates that have been self-signed by a private certificate authority that it also creates.
- [**118**Star][12d] [C++] [antoniococo/roguewinrm](https://github.com/antoniococo/roguewinrm) Windows Local Privilege Escalation from Service Account to System
- [**118**Star][21d] [Shell] [seajaysec/cypheroth](https://github.com/seajaysec/cypheroth) Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
- [**118**Star][11d] [Py] [petercunha/pine](https://github.com/petercunha/pine) 
- [**118**Star][1m] [C] [fsecurelabs/xrulez](https://github.com/FSecureLABS/XRulez) A command line tool for creating malicious outlook rules
- [**118**Star][22d] [3had0w/fuzzing-dicts](https://github.com/3had0w/Fuzzing-Dicts) Web Security Dictionary
- [**118**Star][8m] [C++] [x64dbg/scripts](https://github.com/x64dbg/scripts) A collection of x64dbg scripts. Feel free to submit a pull request to add your script.
- [**118**Star][11d] [C] [wonderkun/ctfenv](https://github.com/wonderkun/ctfenv) 为应对CTF比赛而搭建的各种环境
- [**118**Star][2y] [Py] [willphillipscvdemo/raspberry-pi-camera-motion-detection.](https://github.com/willphillipscvdemo/raspberry-pi-camera-motion-detection.) Using Python code with a Raspberry-Pi, PIR motion and a Picamera, you can create a device which will email you a snapshot image when someone enters your room.
- [**118**Star][2y] [C++] [waryas/eupmaccess](https://github.com/waryas/eupmaccess) This DKOM exploit enables any app in usermode to access physical memory directly
- [**118**Star][3y] [Py] [violentshell/rollmac](https://github.com/violentshell/rollmac) Automated WiFi limit evasion
- [**118**Star][2m] [Py] [unixfreak0037/officeparser](https://github.com/unixfreak0037/officeparser) Extract embedded files and macros from office documents.
- [**118**Star][3y] [C] [timwr/cve-2014-3153](https://github.com/timwr/cve-2014-3153) CVE-2014-3153 aka towelroot
- [**118**Star][2y] [lua] [tanjiti/icstools](https://github.com/tanjiti/icstools) ics security tools
- [**118**Star][2y] [C++] [skylined/edgedbg](https://github.com/skylined/edgedbg) A simple command line exe to start and debug the Microsoft Edge browser.
- [**118**Star][12d] [JS] [skepticfx/hookish](https://github.com/skepticfx/hookish) Hooks in to interesting functions and helps reverse the web app faster.
- [**118**Star][6m] [Py] [skelsec/pypykatz_server](https://github.com/skelsec/pypykatz_server) the server part of a server-agent model credential acquiring tool based on pypykatz
- [**118**Star][4m] [C++] [sensorsiot/https-for-makers](https://github.com/sensorsiot/https-for-makers) HTTPS sketches for ESP8266 and ESP32
- [**118**Star][6m] [C] [scribery/tlog](https://github.com/scribery/tlog) Terminal I/O logger
- [**118**Star][5m] [sapran/dontclickshit](https://github.com/sapran/dontclickshit) Як не стати кібер-жертвою
- [**118**Star][13d] [JS] [ryanmarcus/dirty-json](https://github.com/ryanmarcus/dirty-json) A parser for invalid JSON
- [**118**Star][19d] [C] [rup0rt/pcapfix](https://github.com/rup0rt/pcapfix) repair corrupted pcap files
- [**118**Star][28d] [Go] [remogatto/gospeccy](https://github.com/remogatto/gospeccy) A ZX Spectrum Emulator written in Go
- [**118**Star][1m] [Shell] [pimps/wsuxploit](https://github.com/pimps/wsuxploit) This is a weaponized WSUS exploit
- [**118**Star][26d] [Py] [pavelrevak/pystlink](https://github.com/pavelrevak/pystlink) Python tool for flashing and debugging STM32 devices using ST-LINK/V2
- [**118**Star][1m] [Py] [p4-team/crypto-commons](https://github.com/p4-team/crypto-commons) Small python module for common CTF crypto functions
- [**118**Star][12d] [C++] [not-wlan/drvmap](https://github.com/not-wlan/drvmap) driver mapper / capcom wrapper
- [**118**Star][2y] [C#] [nccgroup/outlookleaktest](https://github.com/nccgroup/outlookleaktest) The Outlook HTML Leak Test Project
- [**118**Star][4m] [Shell] [misp/misp-book](https://github.com/misp/misp-book) User guide of MISP
- [**118**Star][3y] [Java] [mbechler/serianalyzer](https://github.com/mbechler/serianalyzer) A static byte code analyzer for Java deserialization gadget research
- [**118**Star][7m] [Py] [markmckinnon/autopsy-plugins](https://github.com/markmckinnon/autopsy-plugins) Autopsy Python Plugins
- [**118**Star][1m] [C] [mariovilas/shellcode_tools](https://github.com/mariovilas/shellcode_tools) Miscellaneous tools written in Python, mostly centered around shellcodes.
- [**118**Star][3m] [C#] [manlymarco/runtimeunityeditor](https://github.com/manlymarco/runtimeunityeditor) In-game inspector and debugging tools for applications made with Unity3D game engine
- [**118**Star][2y] [C#] [malcomvetter/managedinjection](https://github.com/malcomvetter/managedinjection) A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge
- [**118**Star][11d] [Py] [m4cs/traxss](https://github.com/m4cs/traxss) traxss | Automated XSS Vulnerability Scanner Currently In Development
- [**118**Star][2y] [Py] [landgrey/cve-2018-2894](https://github.com/landgrey/cve-2018-2894) CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script
- [**118**Star][2m] [Batchfile] [kow/glinetpineapple](https://github.com/kow/glinetpineapple) Wifi Pineapple firmware for for GL.iNet GL-AR150
- [**118**Star][2m] [Java] [kakawait/cas-security-spring-boot-starter](https://github.com/kakawait/cas-security-spring-boot-starter) Spring boot starter for Apereo CAS client fully integrated with Spring security
- [**118**Star][20d] [Py] [jpdias/botnet-lab](https://github.com/jpdias/botnet-lab) An IRC based tool for testing the capabilities of a botnet.
- [**118**Star][1m] [PHP] [joecampo/random-user-agent](https://github.com/joecampo/random-user-agent) Generate real random user-agents
- [**118**Star][1m] [Py] [jin10086/ico-spider](https://github.com/jin10086/ico-spider) download ICO source code from etherscan
- [**118**Star][5y] [Py] [h01/proxyscanner](https://github.com/h01/proxyscanner) python HTTP代理扫描
- [**118**Star][12d] [Go] [grepplabs/kafka-proxy](https://github.com/grepplabs/kafka-proxy) Proxy connections to Kafka cluster. Connect through SOCKS Proxy, HTTP Proxy or to cluster running in Kubernetes.
- [**118**Star][30d] [C] [govolution/avepoc](https://github.com/govolution/avepoc) some pocs for antivirus evasion
- [**118**Star][5y] [Py] [gdssecurity/jetleak-testing-script](https://github.com/gdssecurity/jetleak-testing-script) Script to test if a server is vulnerable to the JetLeak vulnerability
- [**118**Star][2y] [funnykun/nessusreportinchinese](https://github.com/funnykun/nessusreportinchinese) 半自动化将 Nessus 英文报告（csv格式）生成中文 excel ，中文漏洞库已有700多条常见漏洞，后续再进一步加上新漏洞自动翻译，实现全自动化
- [**118**Star][16d] [edoverflow/bugbountywiki](https://github.com/edoverflow/bugbountywiki) The Bug Bounty Wiki
- [**118**Star][12m] [Py] [drego85/joomlascan](https://github.com/drego85/joomlascan) A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.
- [**118**Star][21d] [Shell] [denny0223/scrabble](https://github.com/denny0223/scrabble) Simple tool to recover .git folder from remote server
- [**118**Star][16d] [Py] [ddcc/microparse](https://github.com/ddcc/microparse) Microcode parser for AMD, Intel, and VIA processors
- [**118**Star][2m] [Py] [dakotanelson/sneaky-creeper](https://github.com/dakotanelson/sneaky-creeper) Get your APT on using social media as a tool for data exfiltration.
- [**118**Star][3m] [JS] [coryshaw1/saliens-hack](https://github.com/coryshaw1/saliens-hack) Hack for Sailens, the game of Steam Summer Sale 2018 - AutoSelect Planet, Invincibility, and InstaKill
- [**118**Star][24d] [Py] [cornell-brg/pydgin](https://github.com/cornell-brg/pydgin) A (Py)thon (D)SL for (G)enerating (In)struction set simulators.
- [**118**Star][2y] [Py] [blueudp/dorkme](https://github.com/blueudp/dorkme) [WORKING IN V2, WITH PROXIES, CUSTOM USER AGENT... TO MUCH BETTER!]DorkMe is a tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities.
- [**118**Star][9d] [C] [awakened1712/cve-2019-11932](https://github.com/awakened1712/cve-2019-11932) Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif
- [**118**Star][5y] [Shell] [anbud/droidducky](https://github.com/anbud/droidducky) SImple duckyscript interpreter in Bash.
- [**118**Star][7m] [Go] [ammario/isokey](https://github.com/ammario/isokey) Self-contained API keys via cryptographic signatures
- [**118**Star][2m] [Py] [ambionics/magento-exploits](https://github.com/ambionics/magento-exploits) Exploits for Magento 2.3.0 and lower
- [**118**Star][10d] [Py] [altjx/ipwn](https://github.com/altjx/ipwn) 
- [**118**Star][1y] [Py] [alexmyg/andropytool](https://github.com/alexmyg/andropytool) A framework for automated extraction of static and dynamic features from Android applications
- [**118**Star][2y] [C++] [0xphoenix/mazewalker](https://github.com/0xphoenix/mazewalker) Toolkit for enriching and speeding up static malware analysis
    - [mazeui](https://github.com/0xphoenix/mazewalker/blob/master/MazeUI/mazeui.py) 在IDA中显示界面
    - [PyScripts](https://github.com/0xPhoeniX/MazeWalker/tree/master/MazeTracer/PyScripts) Python脚本，处理收集到的数据
    - [PinClient](https://github.com/0xPhoeniX/MazeWalker/tree/master/MazeTracer/src) 
- [**117**Star][1m] [JS] [fyxtc/soul-manga](https://github.com/fyxtc/soul-manga) react + flask + scrapy 构建的单页应用漫画网站
- [**117**Star][4m] [Go] [wgliang/pgproxy](https://github.com/wgliang/pgproxy) PostgreSQL proxy server.
- [**117**Star][11d] [Swift] [passepartoutvpn/tunnelkit](https://github.com/passepartoutvpn/tunnelkit) Non-official OpenVPN client library for Apple platforms.
- [**117**Star][13d] [Py] [dhondta/python-sploitkit](https://github.com/dhondta/python-sploitkit) Devkit for building Metasploit-like consoles
- [**117**Star][28d] [wtsxdev/vehicle-security](https://github.com/wtsxdev/vehicle-security) List of resources for learning about vehicle security and car hacking
- [**117**Star][10d] [Py] [intel/cve-bin-tool](https://github.com/intel/cve-bin-tool) This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
- [**117**Star][7d] [ObjC] [gssdromen/v2rayc](https://github.com/gssdromen/v2rayc) a GUI for v2ray on Mac
- [**117**Star][10d] [thespeedx/proxy-list](https://github.com/TheSpeedX/PROXY-List) Get PROXY List that gets updated everyday
- [**117**Star][25d] [ObjC] [rightpoint/rzbluetooth](https://github.com/Rightpoint/RZBluetooth) Core Bluetooth helper library
- [**117**Star][1y] [Ruby] [hdm/inetdata](https://github.com/hdm/inetdata) Internet data acquisition
- [**117**Star][12d] [Py] [paulc/dnslib](https://github.com/paulc/dnslib) A Python library to encode/decode DNS wire-format packets
- [**117**Star][16d] [Py] [zrools/spider](https://github.com/zrools/spider) 一些爬虫类的脚本/资料
- [**117**Star][7d] [CSS] [woj-ciech/socialpath](https://github.com/woj-ciech/socialpath) Track users across social media platforms
- [**117**Star][1y] [Py] [williballenthin/evtxtract](https://github.com/williballenthin/evtxtract) EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
- [**117**Star][5m] [Py] [verctor/cs_xor64](https://github.com/verctor/cs_xor64) cobaltstrike xor64.bin补完计划
- [**117**Star][5m] [C#] [tyranid/canape.core](https://github.com/tyranid/canape.core) A network proxy library written in C# for .NET Core based on CANAPE
- [**117**Star][2y] [C#] [tandasat/dotnethooking](https://github.com/tandasat/dotnethooking) Sample use cases of the .NET native code hooking technique
- [**117**Star][5y] [C] [squiffy/masochist](https://github.com/squiffy/masochist) XNU Rootkit Framework
- [**117**Star][12d] [Py] [samsung/cotopaxi](https://github.com/samsung/cotopaxi) Set of tools for security testing of Internet of Things devices using specific network IoT protocols
- [**117**Star][21d] [Perl] [reider-roque/pentest-tools](https://github.com/reider-roque/pentest-tools) Penetration testing scripts
- [**117**Star][4m] [C++] [pref/pref](https://github.com/pref/pref) Portable Reverse Engineering Framework
- [**117**Star][2m] [C++] [praetorian-code/vulcan](https://github.com/praetorian-code/vulcan) a tool to make it easy and fast to test various forms of injection
- [**117**Star][14d] [PS] [dsccommunity/networkingdsc](https://github.com/dsccommunity/NetworkingDsc) DSC resources for configuring settings related to networking.
- [**117**Star][2m] [Shell] [peterpt/eternal_check](https://github.com/peterpt/eternal_check) 检查指定IP是否有某些SMB漏洞, 比如永恒之蓝. 基于nmap
- [**117**Star][28d] [opendns/public-domain-lists](https://github.com/opendns/public-domain-lists) OpenDNS public domain lists of domain names for training/testing classifiers
- [**117**Star][1y] [HTML] [mpgn/byp-sop](https://github.com/mpgn/byp-sop) 🏴‍☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴‍☠️
- [**117**Star][4m] [Py] [mozilla-services/github-audit](https://github.com/mozilla-services/github-audit) Collection of Tools & Procedures for double checking GitHub configurations
- [**117**Star][10m] [Py] [marcoramilli/malwaretrainingsets](https://github.com/marcoramilli/malwaretrainingsets) Free Malware Training Datasets for Machine Learning
- [**117**Star][1m] [C] [libyal/libbde](https://github.com/libyal/libbde) Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes
- [**117**Star][12d] [Shell] [leviathan36/trigmap](https://github.com/leviathan36/trigmap) A wrapper for Nmap to automate penetration testing
- [**117**Star][2m] [JS] [landgrey/dnstricker](https://github.com/landgrey/dnstricker) A simple dns resolver of dns-record and web-record log server for pentesting
- [**117**Star][12d] [Py] [kapytein/jsonp](https://github.com/kapytein/jsonp) a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
- [**117**Star][5m] [C#] [gaprogman/owaspheaders.core](https://github.com/gaprogman/owaspheaders.core) A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
- [**117**Star][13d] [Py] [fox-it/danderspritz-evtx](https://github.com/fox-it/danderspritz-evtx) Parse evtx files and detect use of the DanderSpritz eventlogedit module
- [**117**Star][9m] [JS] [elkentaro/kismetmobiledashboard](https://github.com/elkentaro/kismetmobiledashboard) Mobile UI for kismet
- [**117**Star][16d] [TS] [eddyverbruggen/nativescript-fingerprint-auth](https://github.com/eddyverbruggen/nativescript-fingerprint-auth) 
- [**117**Star][12m] [PS] [dviros/excalibur](https://github.com/dviros/excalibur) Excalibur is an Eternalblue exploit payload based "Powershell" for the Bashbunny project.
- [**117**Star][1y] [C++] [dragonquesthero/pubg-pak-hacker](https://github.com/dragonquesthero/pubg-pak-hacker) use windows kernel deriver hidden file and itself to Bypass BE
- [**117**Star][2y] [Java] [dannagle/packetsender-android](https://github.com/dannagle/packetsender-android) Packet Sender for Android, Send/Receive UDP/TCP
- [**117**Star][6y] [caomulaodao/xss-filter-evasion-cheat-sheet-cn](https://github.com/caomulaodao/xss-filter-evasion-cheat-sheet-cn) XSS_Filter_Evasion_Cheat_Sheet 中文版
- [**117**Star][2y] [Py] [cantoolz/cantoolz](https://github.com/cantoolz/cantoolz) CANToolz - Black-box CAN network analysis framework
- [**117**Star][8m] [bugcrowd/disclosure-policy](https://github.com/bugcrowd/disclosure-policy) Open Source Vulnerability Disclosure Framework. Maintained by Bugcrowd.
- [**117**Star][3m] [Ruby] [bsidessf/ctf-2017-release](https://github.com/bsidessf/ctf-2017-release) Our released code for BSidesSF CTF 2017
- [**117**Star][12d] [binject/awesome-go-security](https://github.com/binject/awesome-go-security) A dedicated place for cool golang security projects
- [**117**Star][9m] [Py] [360netlab/dga](https://github.com/360netlab/dga) Suspicious DGA from PDNS and Sandbox.
- [**116**Star][4m] [C++] [bluefrostsecurity/cve-2019-1215](https://github.com/bluefrostsecurity/cve-2019-1215) 
- [**116**Star][10d] [Ruby] [kollegorna/active_hash_relation](https://github.com/kollegorna/active_hash_relation) ActiveHash Relation: Simple gem that allows you to run multiple ActiveRecord::Relation using hash. Perfect for APIs.
- [**116**Star][10d] [Py] [seldonio/alibi-detect](https://github.com/seldonio/alibi-detect) Algorithms for outlier and adversarial instance detection, concept drift and metrics.
- [**116**Star][19d] [Py] [learntechwithus/stereo-vision](https://github.com/learntechwithus/stereo-vision) This program has been developed as part of a project at the University of Karlsruhe in Germany. The final purpose of the algorithm is to measure the distance to an object by combining two webcams and use them as a Stereo Camera.
- [**116**Star][2m] [C#] [nexussays/ble.net](https://github.com/nexussays/ble.net) Cross-platform Bluetooth Low Energy (BLE) library for Android, iOS, and UWP
- [**116**Star][11d] [Py] [gxfxyz/unblockchn](https://github.com/gxfxyz/unblockchn) Unblock CHN - Shadowsocks 回国解锁代理分流配置工具 (路由器 & Surge) - Unblock Youku 衍生工具
- [**116**Star][18d] [Py] [kibodwapon/axis-1.4-rce-poc](https://github.com/kibodwapon/axis-1.4-rce-poc) Axis <=1.4 远程命令执行（RCE） POC
- [**116**Star][9m] [Py] [in3tinct/see-surf](https://github.com/in3tinct/see-surf) Python based scanner to find potential SSRF parameters
- [**116**Star][15d] [C] [wifiphisher/roguehostapd](https://github.com/wifiphisher/roguehostapd) Hostapd fork including Wi-Fi attacks and providing Python bindings with ctypes.
- [**116**Star][7m] [PHP] [ircmaxell/stauros](https://github.com/ircmaxell/stauros) A fast XSS sanitization library for PHP
- [**116**Star][10d] [C] [px4/sapog](https://github.com/px4/sapog) Sapog - advanced multiplatform ESC firmware
- [**116**Star][10d] [Java] [nordicsemiconductor/android-nrf-blinky](https://github.com/nordicsemiconductor/android-nrf-blinky) nRF Blinky is an application developed targeting an audience of developers who are new to Bluetooth Low Energy
- [**116**Star][6m] [Py] [meliot/shcheck](https://github.com/meliot/shcheck) check security headers on a target website
- [**116**Star][1m] [Objective-C++] [yonsm/ipafine](https://github.com/yonsm/ipafine) iOS IPA package refine and resign
- [**116**Star][5y] [C] [wireshark/winpcap](https://github.com/wireshark/winpcap) The WinPcap packet capture library
- [**116**Star][11d] [Py] [thewhiteh4t/killcast](https://github.com/thewhiteh4t/killcast) Manipulate Chromecast Devices in your Network
- [**116**Star][6m] [C] [tarlogicsecurity/tickey](https://github.com/tarlogicsecurity/tickey) Tool to extract Kerberos tickets from Linux kernel keys.
- [**116**Star][6y] [CSS] [syphon1c/threatelligence](https://github.com/syphon1c/threatelligence) Threatelligence is a simple cyber threat intelligence feed collector, using Elasticsearch, Kibana and Python to automatically collect intelligence from custom or public sources. Automatically updates feeds and tries to further enhance data for dashboards.
- [**116**Star][11d] [C] [sipcapture/captagent](https://github.com/sipcapture/captagent)  a powerful, flexible, completely modular HEP packet capture and mirroring framework for RTC, ready for (virtually) any kind of IP protocol and encapsulation method - past, present - and future.
- [**116**Star][2m] [C++] [scgywx/fooking](https://github.com/scgywx/fooking) distributed gateway server(php game server, tcp server, websocket server)
- [**116**Star][1y] [Py] [saaramar/35c3_modern_windows_userspace_exploitation](https://github.com/saaramar/35c3_modern_windows_userspace_exploitation) 
- [**116**Star][10d] [Assembly] [platypew/picoctf-2018-writeup](https://github.com/platypew/picoctf-2018-writeup) Writeup for picoCTF 2018
- [**116**Star][21d] [C#] [p0cl4bs/hanzoinjection](https://github.com/p0cl4bs/hanzoinjection) injecting arbitrary codes in memory to bypass common antivirus solutions
- [**116**Star][13d] [Py] [mushorg/tanner](https://github.com/mushorg/tanner) He who flays the hide
- [**116**Star][4m] [Shell] [mattymcfatty/honeypi](https://github.com/mattymcfatty/honeypi) 
- [**116**Star][1m] [Go] [mattbostock/go-ldpreload-backdoor](https://github.com/mattbostock/go-ldpreload-backdoor) LD_PRELOAD libc hooking using Go
- [**116**Star][5m] [Py] [lucifer1993/alb](https://github.com/lucifer1993/alb) 攻击日志分析工具
- [**116**Star][3m] [Go] [jmpsec/osctrl](https://github.com/jmpsec/osctrl) Fast and efficient osquery management
- [**116**Star][4m] [Py] [jtibaquira/nsearch](https://github.com/jtibaquira/nsearch) minimal script to help find script into the nse database
- [**116**Star][8m] [PS] [jcqsteven/ghosttunnel](https://github.com/jcqsteven/ghosttunnel) 基于360提出的Ghost Tunnel攻击复现
- [**116**Star][18d] [C] [jakkarth/icmptx](https://github.com/jakkarth/icmptx) IP-over-ICMP tunnel
- [**116**Star][19d] [Py] [hook-s3c/blueborne-scanner](https://github.com/hook-s3c/blueborne-scanner) Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit
- [**116**Star][2m] [Py] [hackstoic/eqgrp-free-file](https://github.com/hackstoic/eqgrp-free-file) Free sampling of files from the purported Equation Group hack.
- [**116**Star][12d] [C] [gvb84/pbscan](https://github.com/gvb84/pbscan) Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
- [**116**Star][1m] [C] [greensea/mptunnel](https://github.com/greensea/mptunnel) MPUDP Tunnel (User space MultiPath UDP)
- [**116**Star][10d] [Haskell] [galoisinc/macaw](https://github.com/galoisinc/macaw) Open source binary analysis tools.
- [**116**Star][4m] [Ruby] [encrypt-to/encrypt.to](https://github.com/encrypt-to/encrypt.to) Send encrypted PGP messages with one click
- [**116**Star][4m] [JS] [demi6od/chromefuzzer](https://github.com/demi6od/chromefuzzer) fuzz
- [**116**Star][5m] [C] [david-reguera-garcia-dreg/dbgchild](https://github.com/david-reguera-garcia-dreg/dbgchild) Debug Child Process Tool (auto attach)
- [**116**Star][10d] [C++] [cyclops-community/ctf](https://github.com/cyclops-community/ctf) Cyclops Tensor Framework: parallel arithmetic on multidimensional arrays
- [**116**Star][4y] [C++] [chengchengcc/ark-tools](https://github.com/chengchengcc/ark-tools) Windows Ark tools and demo
- [**116**Star][10y] [C] [chaoslawful/tcc](https://github.com/chaoslawful/tcc) track of Tiny C Compiler
- [**116**Star][11d] [C] [c0d3z3r0/sudo-cve-2017-1000367](https://github.com/c0d3z3r0/sudo-cve-2017-1000367) 
- [**116**Star][2y] [Py] [bo0om/safiler](https://github.com/bo0om/safiler) Safari local file reader
- [**116**Star][3y] [Batchfile] [bartblaze/disable-intel-amt](https://github.com/bartblaze/disable-intel-amt) Tool to disable Intel AMT on Windows
- [**116**Star][5m] [Java] [auth0/lock.android](https://github.com/auth0/lock.android) Android Library to authenticate using Auth0 and with a Native Look & Feel
- [**116**Star][2m] [ObjC] [anders/pwgen](https://github.com/anders/pwgen) macOS password generator
- [**116**Star][10d] [C++] [adamkramer/dll_hijack_detect](https://github.com/adamkramer/dll_hijack_detect) Detects DLL hijacking in running processes on Windows systems
- [**115**Star][11d] [Py] [reb311ion/replica](https://github.com/reb311ion/replica) Ghidra Analysis Enhancer
- [**115**Star][11d] [C++] [solemnwarning/rehex](https://github.com/solemnwarning/rehex) Reverse Engineers' Hex Editor
- [**115**Star][4m] [HTML] [romanemelyanov/cobaltstrikeforensic](https://github.com/romanemelyanov/cobaltstrikeforensic) Toolset for research malware and Cobalt Strike beacons
- [**115**Star][1m] [C] [vladrico/apache2_backdoormod](https://github.com/vladrico/apache2_backdoormod) A backdoor module for Apache2
- [**115**Star][2m] [Py] [univ-of-utah-marriott-library-apple/firmware_password_manager](https://github.com/univ-of-utah-marriott-library-apple/firmware_password_manager) A Python script to help Macintosh administrators manage the firmware passwords of their computers.
- [**115**Star][17d] [Java] [guokaide/algorithm](https://github.com/guokaide/algorithm) 「面试算法练级攻略」 - 「LeetCode题解」 - 「剑指offer题解」
- [**115**Star][18d] [Py] [luengwaiban/instagram-python-scraper](https://github.com/luengwaiban/instagram-python-scraper) A instagram scraper wrote in python. Similar to instagram-php-scraper.Usages are in example.py. Enjoy it!
- [**115**Star][10d] [C] [antoniond/giibiiadvance](https://github.com/antoniond/giibiiadvance) A GB, GBC and GBA emulator with GB Camera support.
- [**115**Star][10d] [Py] [pkozul/ha-tts-bluetooth-speaker](https://github.com/pkozul/ha-tts-bluetooth-speaker) TTS Bluetooth Speaker for Home Assistant
- [**115**Star][10d] [C] [xilinx/qemu](https://github.com/xilinx/qemu) Xilinx's fork of Quick EMUlator (QEMU) with improved support and modelling for the Xilinx platforms.
- [**115**Star][16d] [PHP] [olssonm/l5-very-basic-auth](https://github.com/olssonm/l5-very-basic-auth) Stateless HTTP basic auth for Laravel without the need for a database.
- [**115**Star][10d] [Py] [wangyu-/udpping](https://github.com/wangyu-/udpping) ping with UDP packets
- [**115**Star][29d] [JS] [shadowsocks/shadowsocks-hub](https://github.com/shadowsocks/shadowsocks-hub) A web app managing shadowsocks users, servers, nodes, products, accounts, and traffic. Suitable for internal use by companies, organizations, and friends.
- [**115**Star][26d] [Py] [fboldewin/com-code-helper](https://github.com/fboldewin/com-code-helper) Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
- [**115**Star][4y] [C++] [cisco-talos/tesladecrypt](https://github.com/Cisco-Talos/TeslaDecrypt) Decryption Tool
- [**115**Star][1m] [Py] [nccgroup/zulu](https://github.com/nccgroup/zulu) The Zulu fuzzer
- [**115**Star][11d] [w-digital-scanner/w10scan](https://github.com/w-digital-scanner/w10scan) 全自动搜索互联网漏洞
- [**115**Star][2m] [PHP] [xplico/xplico](https://github.com/xplico/xplico) Open Source Network Forensic Analysis Tool (NFAT)
- [**115**Star][4m] [HTML] [wangweianger/apubplat](https://github.com/wangweianger/apubplat) Devops自动化部署、堡垒机开源项目、Web Terminal
- [**115**Star][20d] [Py] [virb3/apk-utilities](https://github.com/virb3/apk-utilities) A cross-platform suite of scripts and utilities for working with APK files
- [**115**Star][12d] [Py] [unkn0wnh4ckr/hackers-tool-kit](https://github.com/unkn0wnh4ckr/hackers-tool-kit) Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on insta…
- [**115**Star][11m] [Vue] [tevora-threat/dragnet](https://github.com/tevora-threat/dragnet) Your Social Engineering Sidekick
- [**115**Star][25d] [Py] [tbgsecurity/splunk_shells](https://github.com/tbgsecurity/splunk_shells) Weaponizing Splunk with reverse and bind shells.
- [**115**Star][1y] [C] [strivexjun/memorymodulepp](https://github.com/strivexjun/memorymodulepp) Library to load a DLL from memory
- [**115**Star][7y] [spiderlabs/sqlol](https://github.com/spiderlabs/sqlol) A configurable SQL injection test-bed
- [**115**Star][2m] [Py] [shizzz477/msploitego](https://github.com/shizzz477/msploitego) 将Metasploit数据库导入到数据挖掘工具Maltego并进行分析的框架
- [**115**Star][1m] [C] [rpi-distro/firmware-nonfree](https://github.com/rpi-distro/firmware-nonfree) 
- [**115**Star][2y] [ridter/cs_chinese_support](https://github.com/ridter/cs_chinese_support) Cobalt strike 修改支持回显中文。
- [**115**Star][1m] [Ruby] [rapid7/metasploit-omnibus](https://github.com/rapid7/metasploit-omnibus) Packaging metasploit-framework with omnibus
- [**115**Star][4y] [Java] [njfox/java-deserialization-exploit](https://github.com/njfox/java-deserialization-exploit) 
- [**115**Star][4m] [netbiosx/pentest-bookmarks](https://github.com/netbiosx/pentest-bookmarks) Database of websites for penetration testing
- [**115**Star][29d] [Haskell] [msakai/toysolver](https://github.com/msakai/toysolver) My sandbox for experimenting solver algorithms.
- [**115**Star][7y] [C] [mncoppola/rpef](https://github.com/mncoppola/rpef) Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers
- [**115**Star][12d] [Java] [mebigfatguy/fb-contrib](https://github.com/mebigfatguy/fb-contrib) a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
- [**115**Star][5y] [Py] [mdegrazia/sqlite-deleted-records-parser](https://github.com/mdegrazia/sqlite-deleted-records-parser) recover deleted entries in an SQLite database and places the output into either a TSV file or text file (-r)
- [**115**Star][23d] [C#] [matterpreter/shhmon](https://github.com/matterpreter/shhmon) Neutering Sysmon via driver unload
- [**115**Star][1y] [HTML] [m4cs/blackeye-python](https://github.com/m4cs/blackeye-python) BlackEye Phishing Kit in Python w Serveo Subdomain Creation | Educational Purposes Only
- [**115**Star][14d] [JS] [liyangready/mini-proxy](https://github.com/liyangready/mini-proxy) A very mini transparent proxy for http/https by NodeJS.Just like squid. 基于nodejs的迷你易用的proxy
- [**115**Star][4y] [C#] [leurak/trollrat](https://github.com/leurak/trollrat) a Remote Administration Tool (RAT) which follows a different approach than the other RATs
- [**115**Star][21d] [Java] [ledgerhq/ledger-javacard](https://github.com/ledgerhq/ledger-javacard) Ledger Unplugged - Java Card implementation of Ledger Bitcoin Hardware Wallet
- [**115**Star][25d] [Py] [kudelskisecurity/sgxfun](https://github.com/kudelskisecurity/sgxfun) SGX command-line tools and paper
- [**115**Star][2y] [C] [jas502n/cve-2018-17182](https://github.com/jas502n/cve-2018-17182) Linux 内核VMA-UAF 提权漏洞（CVE-2018-17182）,0day
- [**115**Star][11d] [Py] [githubmaidou/tools](https://github.com/githubmaidou/tools) Python渗透漏洞工具
- [**115**Star][4y] [PS] [fuzzysecurity/defcon24](https://github.com/fuzzysecurity/defcon24) DefCon24
- [**115**Star][3m] [Java] [evilsocket/pdusms](https://github.com/evilsocket/pdusms) PoC app for raw pdu manipulation on Android.
- [**115**Star][2y] [Java] [despector/despector](https://github.com/despector/despector) Java / Kotlin Decompiler and AST Library
- [**115**Star][2y] [C#] [damonmohammadbagher/meterpreter_payload_detection](https://github.com/damonmohammadbagher/meterpreter_payload_detection) Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
- [**115**Star][1m] [Py] [commoncrawl/cc-pyspark](https://github.com/commoncrawl/cc-pyspark) Process Common Crawl data with Python and Spark
- [**115**Star][2m] [Py] [codepr/creak](https://github.com/codepr/creak) Poison, reset, spoof, redirect MITM script
- [**115**Star][14d] [Py] [chaitanyaharitash/kimi](https://github.com/chaitanyaharitash/kimi) Script to generate malicious debian packages (debain trojans).
- [**115**Star][19d] [Py] [cfsworks/wavebird-reversing](https://github.com/cfsworks/wavebird-reversing) Reverse-engineering the WaveBird protocol for the betterment of mankind
- [**115**Star][9y] [PHP] [cdhowie/bitcoin-mining-proxy](https://github.com/cdhowie/bitcoin-mining-proxy) Multi-pool, multi-worker proxy for Bitcoin miners, supporting long polling and pool failover
- [**115**Star][20d] [Py] [androidsecuritytools/lobotomy](https://github.com/androidsecuritytools/lobotomy) Android Security Toolkit
- [**115**Star][3m] [Shell] [adrelanos/vpn-firewall](https://github.com/adrelanos/vpn-firewall) Leak Protection (Fail Safe Mechanism) for (Open)VPN
- [**114**Star][7d] [HTML] [owasp/www-community](https://github.com/owasp/www-community) OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
- [**114**Star][11d] [Py] [g123n1nj4/c2hack](https://github.com/g123n1nj4/c2hack) C2Hack, sharing tips and tricks for pentesters
- [**114**Star][13d] [inlets/inlets-pro](https://github.com/inlets/inlets-pro) Cloud Native Tunnel for L4 TCP
- [**114**Star][4m] [nomadcn112/chinese-translation-att-ck-framework](https://github.com/nomadcn112/chinese-translation-att-ck-framework) ATT&CK 框架图中文翻译版 原为安恒奖品，自我二次翻译，修改了一些小的翻译错误问题，自我保存即可
- [**114**Star][17d] [Scala] [dyweb/scrala](https://github.com/dyweb/scrala) Unmaintained
- [**114**Star][1m] [Shell] [tommarshall/git-good-commit](https://github.com/tommarshall/git-good-commit) Git hook to help you write good commit messages, with no external dependencies.
- [**114**Star][9m] [Py] [ecoron/serpscrap](https://github.com/ecoron/serpscrap) SEO python scraper to extract data from major searchengine result pages.
- [**114**Star][2m] [arniex/swifitch](https://github.com/arniex/swifitch) Swifitch is ESP8266 based relay board that could be used to turn any light or any wall socket into smart one!
- [**114**Star][16d] [paralax/awesome-cybersecurity-internships](https://github.com/paralax/awesome-cybersecurity-internships) a list of cybersecurity internships
- [**114**Star][1m] [C++] [openthread/wpantund](https://github.com/openthread/wpantund) Wireless Network Interface Daemon for Low-Power Wireless SoCs
- [**114**Star][25d] [Py] [hanc00l/captcha-python-test](https://github.com/hanc00l/captcha-python-test) 学习验证码识别的相关技术，包括opencv、tesseract、机器学习算法（kNN和SVM）等，将原作者的算法改为python
- [**114**Star][2m] [Ruby] [spiderlabs/beef_injection_framework](https://github.com/spiderlabs/beef_injection_framework) Inject beef hooks into HTTP traffic and track hooked systems from cmdline
- [**114**Star][19d] [Java] [varunon9/remote-control-pc](https://github.com/varunon9/remote-control-pc) Control Laptop using Android. Remote control PC consists of android as well as desktop app written in Java to control laptop using phone.
- [**114**Star][1m] [PHP] [shimmeris/ctf-web-challenges](https://github.com/shimmeris/CTF-Web-Challenges) 
- [**114**Star][6m] [Py] [chyroc/jdong](https://github.com/chyroc/jdong) 京东数据爬虫接口
- [**114**Star][10d] [C++] [cisco/mercury](https://github.com/cisco/mercury) network fingerprinting and packet metadata capture
- [**114**Star][4m] [Py] [vallejocc/reverse-engineering-arsenal](https://github.com/vallejocc/Reverse-Engineering-Arsenal) Useful Scripts for helping in reverse engeenering
    - [WinDbg](https://github.com/vallejocc/Reverse-Engineering-Arsenal/blob/master/WinDbg) WinDBG script collection
    - [IDA-set_symbols_for_addresses](https://github.com/vallejocc/Reverse-Engineering-Arsenal/blob/master/IDA/set_symbols_for_addresses.py) asks you for a file containing pairs address - symbol. It walks all segments searching for DWORDs matching the addresses of the given file of pairs address - symbols, and it will name the variable containing the address with the symbol name
    - [IDA-stack_strings_deobfuscator_1](https://github.com/vallejocc/Reverse-Engineering-Arsenal/blob/master/IDA/stack_strings_deobfuscator_1.py) Some malware families construct strings into the stack
    - [RevealPE](https://github.com/vallejocc/Reverse-Engineering-Arsenal/tree/master/Standalone/RevealPE) 
- [**114**Star][1m] [JS] [fsecurelabs/cve-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121) macOS 10.13.3 (17D47) Safari Wasm Exploit
- [**114**Star][15d] [TS] [aigoncharov/cls-proxify](https://github.com/aigoncharov/cls-proxify) Logging on steroids with CLS and Proxy. Integrated with express, koa, fastify.
- [**114**Star][12d] [C++] [zeutro/openabe](https://github.com/zeutro/openabe) The OpenABE library - open source cryptographic library with attribute-based encryption implementations in C/C++
- [**114**Star][11d] [webbreacher/orcs](https://github.com/webbreacher/orcs) OSINT Resource Classification System
- [**114**Star][4m] [C] [wbenny/ksocket](https://github.com/wbenny/ksocket) KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK
- [**114**Star][4m] [Swift] [tuluobo/leiter](https://github.com/tuluobo/leiter) 一个基于 NEKit 的网络 Proxy App。
- [**114**Star][1m] [Py] [shogunlab/shuriken](https://github.com/shogunlab/shuriken) Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
- [**114**Star][4y] [C] [rosgos/mirai-source-code](https://github.com/rosgos/mirai-source-code) 
- [**114**Star][1m] [Py] [rootbsd/fridump3](https://github.com/rootbsd/fridump3) A universal memory dumper using Frida for Python 3
- [**114**Star][26d] [C++] [quarkslab/android-restriction-bypass](https://github.com/quarkslab/android-restriction-bypass) PoC to bypass Android restrictions
- [**114**Star][1y] [Py] [plazmaz/sublist3r](https://github.com/plazmaz/sublist3r) Fast subdomains enumeration tool for penetration testers
- [**114**Star][4m] [Ruby] [patio11/wrightverification](https://github.com/patio11/wrightverification) (Failed) verification of the signature posted by Craig Wright on May 2, 2016
- [**114**Star][2m] [C] [openjailbreak/evasi0n6](https://github.com/openjailbreak/evasi0n6) Evasi0n6 Jailbreak by Evad3rs for iOS 6.0-6.1.2
- [**114**Star][13d] [PHP] [ollyxar/php-malware-detector](https://github.com/ollyxar/php-malware-detector) PHP malware detector
- [**114**Star][1m] [PHP] [nu1lctf/n1ctf-2019](https://github.com/nu1lctf/n1ctf-2019) 
- [**114**Star][4y] [Java] [nil1666/auditdroid](https://github.com/nil1666/auditdroid) AduitDroid
- [**114**Star][4y] [Py] [mthbernardes/artlas](https://github.com/mthbernardes/artlas) Apache Real Time Logs Analyzer System
- [**114**Star][4m] [Py] [mpgn/cve-2019-7238](https://github.com/mpgn/cve-2019-7238) 🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
- [**114**Star][28d] [C] [mirror/reactos](https://github.com/mirror/reactos) svn://svn.reactos.org/reactos/trunk
- [**114**Star][1y] [C++] [lynnux/xspy](https://github.com/lynnux/xspy) Spy for MFC/ATL/WTL window
- [**114**Star][4m] [ktecv2000/how-to-play-ctf](https://github.com/ktecv2000/how-to-play-ctf) CTF入門建議
- [**114**Star][5y] [C] [kpwn/nullguard](https://github.com/kpwn/nullguard) kext kills all 32bit binaries lacking __PAGEZERO (required for exploitation of kernel NULL derefs)
- [**114**Star][7m] [PS] [jrentenaar/office-365-extractor](https://github.com/jrentenaar/office-365-extractor) The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
- [**114**Star][9m] [JS] [jaimehgb/raiwebwallet](https://github.com/jaimehgb/raiwebwallet) Raiblocks raiwallet.com wallet source code
- [**114**Star][1m] [C] [ice799/ltrace](https://github.com/ice799/ltrace) ltrace intercepts and records dynamic library calls which are called by an executed process and the signals received by that process. It can also intercept and print the system calls executed by the program.
- [**114**Star][24d] [Py] [guyingbo/shadowproxy](https://github.com/guyingbo/shadowproxy) A proxy server that implements Socks5/Shadowsocks/Redirect/HTTP (tcp) and Shadowsocks/TProxy/Tunnel (udp) protocols.
- [**114**Star][11m] [Java] [guardianproject/iocipher](https://github.com/guardianproject/iocipher) make non-root mountable encrypted disk shares
- [**114**Star][17d] [Shell] [giantbranch/pwn-env-init](https://github.com/giantbranch/pwn-env-init) CTF PWN 做题环境一键搭建脚本
- [**114**Star][28d] [Py] [fail0verflow/radeon-tools](https://github.com/fail0verflow/radeon-tools) Radeon reverse engineering tools
- [**114**Star][2m] [Py] [ethereum/eth-tester](https://github.com/ethereum/eth-tester) Tool suite for testing ethereum applications.
- [**114**Star][10d] [Haxe] [empirectf/empirectf](https://github.com/empirectf/empirectf) EmpireCTF – write-ups, videos, capture the flag, cybersecurity
- [**114**Star][4m] [Py] [ekultek/graffiti](https://github.com/ekultek/graffiti) A tool to generate obfuscated one liners to aid in penetration testing
- [**114**Star][4m] [Visual Basic] [dzzie/comraider](https://github.com/dzzie/comraider) ActiveX Fuzzing tool with GUI, object browser, system scanner, and distributed auditing capabilities
- [**114**Star][6y] [Py] [digital4rensics/malformity](https://github.com/digital4rensics/malformity) Malformity is a Maltego project based on the Canari framework for malicious binary and infrastructure research.
- [**114**Star][2y] [JS] [cannc4/siren](https://github.com/cannc4/siren) Algorithmic Composition Interface
- [**114**Star][3y] [C++] [brock7/xdbg](https://github.com/brock7/xdbg) Open-source user-mode Anti-Anti-Debug plugin for x64dbg & cheatengine.
- [**114**Star][2y] [Py] [abhinavbom/threat-intelligence-hunter](https://github.com/abhinavbom/threat-intelligence-hunter) TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs. The idea behind the tool is to facilitate searching and storing of frequently added IOCs for creating your own local database of indicators.
- [**113**Star][1m] [Py] [simon987/od-database](https://github.com/simon987/od-database) Distributed crawler, database and web frontend for public directories indexing
- [**113**Star][2m] [Py] [alessandrodd/apk_api_key_extractor](https://github.com/alessandrodd/apk_api_key_extractor) Automatically extracts API Keys from APK files
- [**113**Star][3m] [JS] [csgofloat/csgofloat-inspect](https://github.com/csgofloat/CSGOFloat-Inspect) Source Code that Powers the CSGOFloat Inspect Link API
- [**113**Star][1m] [Py] [slapbot/sounder](https://github.com/slapbot/sounder) An intent recognizing algorithm to predict the intent of a given text.
- [**113**Star][10d] [Rust] [tkaitchuck/ahash](https://github.com/tkaitchuck/ahash) aHash is a non-cryptographic hashing algorithm that uses the AES hardware instruction
- [**113**Star][4m] [PHP] [lndj/lcrawl](https://github.com/lndj/lcrawl) 一只优雅的正方教务系统爬虫。
- [**113**Star][1m] [R] [stephenturner/annotables](https://github.com/stephenturner/annotables) R data package for annotating/converting Gene IDs
- [**113**Star][11d] [Shell] [trojan-gfw/trojan-quickstart](https://github.com/trojan-gfw/trojan-quickstart) A simple installation script for trojan server.
- [**113**Star][12d] [JS] [vksrc/captcha_orz](https://github.com/vksrc/captcha_orz) 验证码识别
- [**113**Star][10d] [JS] [lyft/presto-gateway](https://github.com/lyft/presto-gateway) A load balancer / proxy / gateway for prestodb
- [**113**Star][18d] [searking/ggfwzs_in_hack](https://github.com/searking/ggfwzs_in_hack) hack VIP for chrome-extension 谷歌访问助手
- [**113**Star][2y] [Py] [simplysecurity/simplytemplate](https://github.com/SimplySecurity/SimplyTemplate) Phishing Template Generation Made Easy
- [**113**Star][3y] [Py] [cylance/introductiontomachinelearningforsecuritypros](https://github.com/cylance/IntroductionToMachineLearningForSecurityPros) Example code for our book Introduction to Artificial Intelligence for Security Professionals
- [**113**Star][3m] [C] [vusec/hammertime](https://github.com/vusec/hammertime)  a software suite for testing, profiling and simulating the Rowhammer DRAM defect, built on top of the RAMSES address translation library.
- [**113**Star][3y] [PS] [vletoux/ntlminjector](https://github.com/vletoux/ntlminjector) In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)
- [**113**Star][1m] [Go] [twistlock/cloud-discovery](https://github.com/twistlock/cloud-discovery) Cloud Discovery provides a point in time enumeration of all the cloud native platform services
- [**113**Star][2m] [C++] [thomasdullien/heap_history_viewer](https://github.com/thomasdullien/heap_history_viewer) A program to draw rectangles from heap traces.
- [**113**Star][9m] [C++] [tandasat/simplesvmhook](https://github.com/tandasat/simplesvmhook) SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.
- [**113**Star][11m] [Go] [sudosammy/knary](https://github.com/sudosammy/knary) A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
- [**113**Star][2m] [Py] [sroberts/malwarehouse](https://github.com/sroberts/malwarehouse) A warehouse for your malware
- [**113**Star][2m] [Shell] [spf-tools/spf-tools](https://github.com/spf-tools/spf-tools) Shell scripts for taming the SPF (Sender Policy Framework) records in order to fight 10-maximum-DNS-look-ups limit.
- [**113**Star][15d] [Ruby] [skahwah/wordsmith](https://github.com/skahwah/wordsmith) The aim of Wordsmith is to assist with creating tailored wordlists. This is mostly based on geolocation.
- [**113**Star][1m] [Java] [securityriskadvisors/cmd.jsp](https://github.com/securityriskadvisors/cmd.jsp) A super small jsp webshell with file upload capabilities.
- [**113**Star][2m] [C] [rsmusllp/syringe](https://github.com/rsmusllp/syringe) A General Purpose DLL & Code Injection Utility
- [**113**Star][1m] [Emacs Lisp] [rubocop-hq/rubocop-emacs](https://github.com/rubocop-hq/rubocop-emacs) An Emacs interface for RuboCop
- [**113**Star][2y] [Perl] [raikia/smbcrunch](https://github.com/raikia/smbcrunch) 3 tools that work together to simplify reconaissance of Windows File Shares
- [**113**Star][10d] [Go] [privacypass/challenge-bypass-server](https://github.com/privacypass/challenge-bypass-server) a TCP server that is compatible with the Privacy Pass browser extension
- [**113**Star][4m] [C] [pqclean/pqclean](https://github.com/pqclean/pqclean) Clean, portable, tested implementations of post-quantum cryptography
- [**113**Star][1m] [C] [pbatard/bootimg-tools](https://github.com/pbatard/bootimg-tools) Android boot.img creation and extraction tools [NOTE: This project is NO LONGER maintained]
- [**113**Star][2m] [C#] [oj/clr-meterpreter](https://github.com/oj/clr-meterpreter) The full story of the CLR implementation of Meterpreter
- [**113**Star][11d] [Ruby] [naxg/cve_2019_0708_bluekeep_rce](https://github.com/naxg/cve_2019_0708_bluekeep_rce) bluekeep exploit
- [**113**Star][15d] [Py] [rapid7/mybff](https://github.com/rapid7/myBFF) myBFF - a Brute Force Framework
- [**113**Star][2m] [HTML] [mofosyne/arduino-gameboy-printer-emulator](https://github.com/mofosyne/arduino-gameboy-printer-emulator) Code to emulate a gameboy printer via the gameboy link cable
- [**113**Star][10d] [Go] [likexian/whois-go](https://github.com/likexian/whois-go) Go module for domain and ip whois info query
- [**113**Star][4m] [Py] [lcatro/php_source_audit_tools](https://github.com/lcatro/php_source_audit_tools) PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能
- [**113**Star][18d] [Py] [lanmaster53/honeybadger](https://github.com/lanmaster53/honeybadger) a framework for targeted geolocation
- [**113**Star][5m] [Py] [kxxoling/ptable](https://github.com/kxxoling/ptable) PrettyTable is a simple Python library designed to make it quick and easy to represent tabular data in visually appealing ASCII tables.
- [**113**Star][22d] [C] [kohsuke/com4j](https://github.com/kohsuke/com4j) Type-safe Java/COM binding
- [**113**Star][14d] [Java] [jpmorganchase/tessera](https://github.com/jpmorganchase/tessera) Enterprise Implementation of Quorum's transaction manager
- [**113**Star][5m] [Scala] [johnreedlol/scala-trace-debug](https://github.com/johnreedlol/scala-trace-debug) Macro based print debugging. Locates log statements in your IDE.
- [**113**Star][7d] [Ruby] [joernchen/xxeserve](https://github.com/joernchen/xxeserve) XXE Out of Band Server.
- [**113**Star][4m] [Py] [hanc00l/some_pocsuite](https://github.com/hanc00l/some_pocsuite) 用于漏洞排查的pocsuite3验证POC代码
- [**113**Star][2m] [C#] [goldshtn/etrace](https://github.com/goldshtn/etrace) Command-line tool for ETW tracing on files and real-time events
- [**113**Star][11d] [Py] [ghostlulzhacks/waybacksqliscanner](https://github.com/ghostlulzhacks/waybacksqliscanner) 
- [**113**Star][1y] [Py] [fupinglee/mypython](https://github.com/fupinglee/mypython) 一些常用的Python脚本
- [**113**Star][1m] [Common Lisp] [froydnj/ironclad](https://github.com/froydnj/ironclad) A cryptographic toolkit written in Common Lisp
- [**113**Star][13d] [Arduino] [fjvva/ecu-tool](https://github.com/fjvva/ecu-tool) Tool to communicate with vehicle ECUs based on Arduino
- [**113**Star][9m] [Py] [exodusintel/disclosures](https://github.com/exodusintel/disclosures) all of Exodus Intelligence's disclosure material
- [**113**Star][16d] [Java] [dogangcr/vulnerable-sso](https://github.com/dogangcr/vulnerable-sso) vulnerable single sign on
- [**113**Star][3m] [Py] [cert-w/certitude](https://github.com/cert-w/certitude) The Seeker of IOC
- [**113**Star][12d] [C++] [agwa/titus](https://github.com/agwa/titus) Totally Isolated TLS Unwrapping Server
- [**113**Star][12d] [ActionScript] [adobe/avmplus](https://github.com/adobe/avmplus) Source code for the Actionscript virtual machine
- [**113**Star][30d] [JS] [adelphes/android-dev-ext](https://github.com/adelphes/android-dev-ext) Android debugging support for VS Code
- [**112**Star][11d] [Py] [quantumcored/paradoxia](https://github.com/quantumcored/paradoxia) Advanced Attack toolkit, Native C++ RAT, Instagram Brute Force and Password Spraying over Tor, Mass Emailer, Malicious file Sentinel and more.
- [**112**Star][2m] [Py] [damian89/extended-xss-search](https://github.com/damian89/extended-xss-search) A better version of my xssfinder tool - scans for different types of xss on a list of urls.
- [**112**Star][4m] [Py] [ultramangaia/xiaomi_mi_wifi_r3g_vulnerability_poc](https://github.com/ultramangaia/xiaomi_mi_wifi_r3g_vulnerability_poc) A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to version 2.28.23.
- [**112**Star][1m] [Py] [mazzzystar/proxy](https://github.com/mazzzystar/proxy) A simple tool for fetching usable proxies from several websites.
- [**112**Star][3m] [Py] [jaychsu/algorithm](https://github.com/jaychsu/algorithm) The challenges for algorithm contests, and summary the implementation.
- [**112**Star][1m] [Java] [zhangyingwei/cockroach](https://github.com/zhangyingwei/cockroach) 又一个 java 内容（pa）获取（chong）工具
- [**112**Star][18d] [Py] [deanishe/alfred-vpn-manager](https://github.com/deanishe/alfred-vpn-manager) Manage Tunnelblick & Viscosity VPN connections from Alfred
- [**112**Star][14d] [Go] [qdm12/private-internet-access-docker](https://github.com/qdm12/private-internet-access-docker) Private internet access + Mullvad vpn client in a thin Docker container
- [**112**Star][4m] [C++] [orchidtechnologies/orchid](https://github.com/orchidtechnologies/orchid) Orchid: VPN, Personal Firewall
- [**112**Star][15d] [Ruby] [bl4de/dictionaries](https://github.com/bl4de/dictionaries) Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
- [**112**Star][2m] [JS] [greatfire/freegoogle](https://github.com/greatfire/freegoogle) Google mirror that can be used to make Google search etc available in places where it is blocked, eg China
- [**112**Star][2m] [Py] [vulhub/metadockers](https://github.com/vulhub/metadockers) Responsible for visualization the vulhub and docker
- [**112**Star][16d] [Assembly] [wolfssl/wolfssl-examples](https://github.com/wolfssl/wolfssl-examples) Example applications using the wolfSSL lightweight SSL/TLS library
- [**112**Star][23d] [akenofu/oscp-cheat-sheet](https://github.com/akenofu/oscp-cheat-sheet) This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
- [**112**Star][11m] [v2rayv3/v2ray-sspanel-v3-mod_uim-plugin](https://github.com/v2rayv3/v2ray-sspanel-v3-mod_uim-plugin) 
- [**112**Star][1y] [HTML] [xuechiyaobai/cve-2017-7092-poc](https://github.com/xuechiyaobai/CVE-2017-7092-PoC) This is the Pwn2Own 2017 Safari backup vul's exploit.
- [**112**Star][2m] [C++] [josh0xa/threadboat](https://github.com/josh0xA/ThreadBoat) uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application
- [**112**Star][5y] [Ruby] [facebookarchive/puewue-backend](https://github.com/facebookarchive/puewue-backend) The back-end to a simple application that displays Facebook's datacenter power consumption and other information.
- [**112**Star][12d] [JS] [frida/frida-java-bridge](https://github.com/frida/frida-java-bridge) Java runtime interop from Frida
- [**112**Star][2y] [Smali] [xxxyanchenxxx/sigkill](https://github.com/xxxyanchenxxx/sigkill) 一键绕过App签名验证
- [**112**Star][4m] [Java] [x-ai/burpunlimitedre](https://github.com/x-ai/burpunlimitedre) This project !replace! BurpUnlimited of depend (BurpSutie version 1.7.27). It is NOT intended to replace them!
- [**112**Star][11d] [Py] [wangyihang/ccupp](https://github.com/wangyihang/ccupp) 基于社会工程学的弱口令密码字典生成工具
- [**112**Star][2y] [JS] [voidsec/webrtc-leak](https://github.com/voidsec/webrtc-leak) Check if your VPN leaks your IP address via the WebRTC technology
- [**112**Star][2m] [C++] [vegard/prog-fuzz](https://github.com/vegard/prog-fuzz) Compiler/source code fuzzing tool using AFL instrumentation
- [**112**Star][1y] [Py] [tkisason/unhash](https://github.com/tkisason/unhash) unhash is a set of tools designed to enable better password auditing
- [**112**Star][23d] [Py] [teemu-l/execution-trace-viewer](https://github.com/teemu-l/execution-trace-viewer) Tool for viewing and analyzing execution traces
- [**112**Star][2y] [Py] [sithis993/crypter](https://github.com/sithis993/crypter) Crypter - Python-based builder and ransomware compiled to Windows executable using PyInstaller
- [**112**Star][10d] [C] [sfan5/fi6s](https://github.com/sfan5/fi6s) IPV6扫描器
- [**112**Star][24d] [JS] [sensepost/wadi](https://github.com/sensepost/wadi) Wadi Fuzzing Harness
- [**112**Star][2y] [ObjC] [rozbo/ios-pubgm-hack](https://github.com/rozbo/ios-pubgm-hack) iOS吃鸡辅助
- [**112**Star][19d] [C] [ret2p4nda/kernel-pwn](https://github.com/ret2p4nda/kernel-pwn) 
- [**112**Star][21d] [Py] [ray-cp/pwn_debug](https://github.com/ray-cp/pwn_debug) Aim to help building exploitation of CTFs pwn game quickly
- [**112**Star][3y] [PS] [proxb/powershell_scripts](https://github.com/proxb/powershell_scripts) Miscellaneous scripts for things that I have done; more scripts will arrive as I get time to update this repo.
- [**112**Star][3y] [Ruby] [porterhau5/bloodhound-owned](https://github.com/porterhau5/bloodhound-owned) A collection of files for adding and leveraging custom properties in BloodHound.
- [**112**Star][30d] [Py] [njcx/pocsuite_poc_collect](https://github.com/njcx/pocsuite_poc_collect) collection poc use pocsuite framework 
- [**112**Star][4m] [Java] [ozzi-/jwt4b](https://github.com/ozzi-/JWT4B) JWT Support for Burp
- [**112**Star][7m] [JS] [mrluit/etherscamdb](https://github.com/mrluit/etherscamdb) Keep track of all current ethereum scams in a large database
- [**112**Star][15d] [C++] [misson20000/twili](https://github.com/misson20000/twili) Homebrew debug monitor for the Nintendo Switch.
- [**112**Star][4m] [Py] [misp/misp-warninglists](https://github.com/misp/misp-warninglists) Warning lists to inform users of MISP about potential false-positives or other information in indicators
- [**112**Star][13d] [Go] [magnusbaeck/logstash-filter-verifier](https://github.com/magnusbaeck/logstash-filter-verifier) 
- [**112**Star][1m] [Py] [lonely-night/fastjson_gadgets_scanner](https://github.com/lonely-night/fastjson_gadgets_scanner) 
- [**112**Star][18d] [PHP] [langleyfoxall/laravel-nist-password-rules](https://github.com/langleyfoxall/laravel-nist-password-rules) 
- [**112**Star][14d] [Go] [koenrh/s3enum](https://github.com/koenrh/s3enum) Fast Amazon S3 bucket enumeration tool for pentesters.
- [**112**Star][4m] [Py] [jmortega/osint_tools_security_auditing](https://github.com/jmortega/osint_tools_security_auditing) osint_tools_security_auditing
- [**112**Star][8y] [Py] [jgeralnik/pytroj](https://github.com/jgeralnik/pytroj) A tool for infected .pyc files with arbitrary code that spreads out to infect all other .pyc files
- [**112**Star][1m] [ios-reverse-engineering-dev/swift-apps-reverse-engineering](https://github.com/ios-reverse-engineering-dev/swift-apps-reverse-engineering) Swift Apps Reverse Engineering reading book
- [**112**Star][3m] [CSS] [httphacker/gethead](https://github.com/httphacker/gethead) HTTP Header Analysis Vulnerability Tool
- [**112**Star][2y] [Py] [hook-s3c/cve-2018-11776-python-poc](https://github.com/hook-s3c/cve-2018-11776-python-poc) Working Python test and PoC for CVE-2018-11776, includes Docker lab
- [**112**Star][5m] [hongrisec/ai-machine-learning-security](https://github.com/hongrisec/ai-machine-learning-security) 一个关于人工智能渗透测试分析系列
- [**112**Star][4m] [Pascal] [hongludianxue/bailu-sed-tool](https://github.com/hongludianxue/bailu-sed-tool) 白鹿社工字典生成器，灵活与易用兼顾。
- [**112**Star][2y] [Py] [hansesecure/exploitdev](https://github.com/hansesecure/exploitdev) 
- [**112**Star][1y] [Py] [ghost123gg/wep](https://github.com/ghost123gg/wep) A generator to weaponize Macro payloads that can evade EMET and utilises native VB migration.
- [**112**Star][12d] [Java] [felberj/gotools](https://github.com/felberj/gotools) Plugin for Ghidra to assist reversing Golang binaries
- [**112**Star][2m] [C++] [decred/gominer](https://github.com/decred/gominer) Go (golang) based GPU miner for Decred.
- [**112**Star][2y] [cujanovic/crlf-injection-payloads](https://github.com/cujanovic/crlf-injection-payloads) Payloads for CRLF Injection
- [**112**Star][4m] [Go] [crabkun/switcher](https://github.com/crabkun/switcher) 一个多功能的端口转发/端口复用工具，支持转发本地或远程地址的端口，支持正则表达式转发（实现端口复用）。
- [**112**Star][3y] [C++] [codewatchorg/sidestep](https://github.com/codewatchorg/sidestep) Yet another AV evasion tool
- [**112**Star][8m] [checkmarx/js-scp](https://github.com/checkmarx/js-scp) JavaScript Secure Coding Practices guide
- [**112**Star][21d] [Go] [bnagy/gapstone](https://github.com/bnagy/gapstone) gapstone is a Go binding for the capstone disassembly library
- [**112**Star][7m] [blankapp/flutter-debugger](https://github.com/blankapp/flutter-debugger) A standalone app for debugging Flutter apps (Based on Flipper)
- [**112**Star][4m] [JS] [acmbvp/hacktoberfest](https://github.com/acmbvp/hacktoberfest) Make your first PR! ~ A beginner friendly repository made specifically for open source beginners. Add your profile, a blog or any program under any language (it can be anything from a hello-world program to a complex data structure algorithm) or update the existing one. Just make sure to add the file under the correct directory. Happy hacking!
- [**112**Star][4y] [Py] [1n3/xsstracer](https://github.com/1n3/xsstracer) A small python script to check for Cross-Site Tracing (XST)
- [**112**Star][8m] [Py] [0x27/gitpass](https://github.com/0x27/gitpass) Open Source Your Password (Mismanagement)!
- [**111**Star][13d] [C++] [haram/splendid_implanter](https://github.com/haram/splendid_implanter) BattlEye compatible injector, done completely from user-mode, project by secret.club
- [**111**Star][3y] [CSS] [zseano/js-scan](https://github.com/zseano/js-scan) a .js scanner, built in php. designed to scrape urls and other info
- [**111**Star][1m] [C++] [djcsdy/swfmill](https://github.com/djcsdy/swfmill) Generate or decompile Adobe Flash SWF files using an XML dialect. Inspect and modify the XML by hand, or by using a built in XSLT processor.
- [**111**Star][4m] [Py] [getdock/whitelist](https://github.com/getdock/whitelist) whitelist.dock.io backend service
- [**111**Star][11d] [C++] [openvpn/openvpn3-linux](https://github.com/openvpn/openvpn3-linux) OpenVPN 3 Linux client
- [**111**Star][3m] [Go] [schollz/linkcrawler](https://github.com/schollz/linkcrawler) Cross-platform persistent and distributed web crawler
- [**111**Star][27d] [Ruby] [axsuul/rails-reverse-proxy](https://github.com/axsuul/rails-reverse-proxy) A reverse proxy for Ruby on Rails
- [**111**Star][17d] [Py] [plazmaz/leaky-repo](https://github.com/plazmaz/leaky-repo) Benchmarking repo for secrets scanning
- [**111**Star][2m] [fqshare/free-ssr-v2ray-vpn](https://github.com/fqshare/free-ssr-v2ray-vpn) ssr/酸酸乳/v2ray/shadowsocks节点/vpn/机场搬运分享
- [**111**Star][12d] [Shell] [nfc-tools/milazycracker](https://github.com/nfc-tools/milazycracker) Mifare Classic Plus - Hardnested Attack Implementation for SCL3711 LibNFC USB reader
- [**111**Star][13d] [Py] [thelinuxchoice/anonymouse](https://github.com/thelinuxchoice/anonymouse) Python script to send anonymous email using anonymouse.org
- [**111**Star][1m] [xyntax/security-conference-archive](https://github.com/xyntax/security-conference-archive) Collection of Security Conference Slides/Papers
- [**111**Star][2m] [C++] [marcosd4h/sysmonx](https://github.com/marcosd4h/sysmonx) An Augmented Drop-In Replacement of Sysmon
- [**111**Star][4m] [Py] [devploit/xorpass](https://github.com/devploit/xorpass) Encoder to bypass WAF filters using XOR operations
- [**111**Star][4y] [C] [nsacyber/maplesyrup](https://github.com/nsacyber/Maplesyrup) Assesses CPU security of embedded devices. #nsacyber
- [**111**Star][22d] [C++] [ze0r/cve-2018-8453-exp](https://github.com/ze0r/cve-2018-8453-exp) cve-2018-8453 exp
- [**111**Star][1m] [C] [xobs/fernly](https://github.com/xobs/fernly)  a simple operating system designed for use in the reverse engineering of the Fernvale CPU
- [**111**Star][22d] [C] [xerpi/ds4vita](https://github.com/xerpi/ds4vita) 
- [**111**Star][18d] [Py] [williballenthin/shellbags](https://github.com/williballenthin/shellbags) Cross-platform, open-source shellbag parser
- [**111**Star][29d] [C++] [tyilo/macho_edit](https://github.com/tyilo/macho_edit) Command line utility for modifying Mach-O binaries in various ways.
- [**111**Star][2m] [HTML] [theori-io/cve-2016-0189](https://github.com/theori-io/cve-2016-0189) Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)
- [**111**Star][6m] [PHP] [tgalopin/simhashphp](https://github.com/tgalopin/simhashphp) SimHash similarities algorithm implementation for PHP
- [**111**Star][2y] [Py] [seifreed/malware-scripts](https://github.com/seifreed/malware-scripts) Useful scripts related with malware
- [**111**Star][23d] [sdnewhop/sdwannewhope](https://github.com/sdnewhop/sdwannewhope) 通过分析不同的SD-WAN解决方案, 回答SD-WAN安全性方面的问题(SD-WAN: 软件定义的广域网)
- [**111**Star][14d] [Py] [saferman/cupper](https://github.com/saferman/cupper) 社工密码生成器
- [**111**Star][3m] [Py] [roglew/guppy-proxy](https://github.com/roglew/guppy-proxy) 用于WebApp安全测试的拦截代理(intercepting proxy)
- [**111**Star][17d] [Py] [realpython/image-fingerprinting](https://github.com/realpython/image-fingerprinting) 
- [**111**Star][11d] [JS] [rapid7/awsaml](https://github.com/rapid7/awsaml) Awsaml is an application for providing automatically rotated temporary AWS credentials.
- [**111**Star][7m] [PS] [powershell/windowscompatibility](https://github.com/powershell/windowscompatibility) Module that allows Windows PowerShell Modules to be used from PSCore6
- [**111**Star][10d] [Py] [plizonczyk/noiseprotocol](https://github.com/plizonczyk/noiseprotocol) Noise Protocol Framework - Python 3 implementation
- [**111**Star][2y] [pgarba/switchidaproloader](https://github.com/pgarba/switchidaproloader) Loader for IDA Pro to support the Nintendo Switch NRO binaries
- [**111**Star][12d] [palmercluff/qemu-images](https://github.com/palmercluff/qemu-images) A collection of disk images and virtual machines that can be used by the QEMU emulator
- [**111**Star][2y] [TeX] [p4t12ick/ypsilon](https://github.com/p4t12ick/ypsilon) Automated Use Case Testing
- [**111**Star][1m] [Py] [ohmyadd/wetland](https://github.com/ohmyadd/wetland) A high interaction SSH honeypot
- [**111**Star][10m] [C++] [niklasb/hack2win-chrome](https://github.com/niklasb/hack2win-chrome) This is collaborative work of Ned Williamson and Niklas Baumstark
- [**111**Star][4m] [Java] [mindmac/intentfuzzer](https://github.com/mindmac/intentfuzzer) A Tool to fuzz Intent on Android
- [**111**Star][4m] [Py] [matrix07ksa/brute_force](https://github.com/matrix07ksa/brute_force) Brute_Force_Attack Gmail Hotmail Twitter Facebook Netflix
- [**111**Star][23d] [Py] [lucasg/findrpc](https://github.com/lucasg/findrpc) Ida script to extract RPC interface from binaries
- [**111**Star][10d] [Py] [log2timeline/dftimewolf](https://github.com/log2timeline/dftimewolf) A framework for orchestrating forensic collection, processing and data export
- [**111**Star][3m] [Py] [lizhongnian/btpanel-ss](https://github.com/lizhongnian/btpanel-ss) 基于宝塔Linux面板的shadowsocks可视化管理插件,本人博客,欢迎大家指导
- [**111**Star][27d] [Shell] [leitbogioro/fuck_aliyun](https://github.com/leitbogioro/fuck_aliyun) 
- [**111**Star][1m] [lattera/articles](https://github.com/lattera/articles) Various articles I've written
- [**111**Star][2m] [Java] [jgillam/burp-co2](https://github.com/jgillam/burp-co2) A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
- [**111**Star][12d] [C++] [iceb0y/windows-container](https://github.com/iceb0y/windows-container) A lightweight sandbox for Windows application
- [**111**Star][16d] [Py] [hivesolutions/netius](https://github.com/hivesolutions/netius) Readable, simple and fast asynchronous non-blocking network apps
- [**111**Star][2m] [Py] [graph-x/davscan](https://github.com/graph-x/davscan) Fingerprints servers, finds exploits, scans WebDAV. May or may not also make coffee.
- [**111**Star][8m] [Py] [google/clusterfuzz-tools](https://github.com/google/clusterfuzz-tools) Bugs are inevitable. Suffering is optional.
- [**111**Star][12d] [Py] [giantbranch/pwn_deploy_chroot](https://github.com/giantbranch/pwn_deploy_chroot) 可以方便地部署一个或者多个pwn题到一个docker容器中（使用chroot，并可以设置是否使用我自己写的catflag程序替换默认的/bin/sh程序，以增加安全性）
- [**111**Star][20d] [Pascal] [fdiskyou/www.rootkit.com](https://github.com/fdiskyou/www.rootkit.com) 
- [**111**Star][11d] [PS] [equk/windows](https://github.com/equk/windows)  tweaks for Windows
- [**111**Star][4y] [C] [emptymonkey/shelljack](https://github.com/emptymonkey/shelljack) A keystroke / terminal logger for Linux.
- [**111**Star][1y] [Py] [egaus/maliciousmacrobot](https://github.com/egaus/maliciousmacrobot) Malicious Macro Bot Project
- [**111**Star][12d] [JS] [detroitenglish/pw-pwnage-cfworker](https://github.com/detroitenglish/pw-pwnage-cfworker) Deploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
- [**111**Star][6y] [Py] [behindthefirewalls/parsero](https://github.com/behindthefirewalls/parsero) Parsero | Robots.txt audit tool
- [**111**Star][10d] [JS] [ayastreb/bandwidth-hero-proxy](https://github.com/ayastreb/bandwidth-hero-proxy) 
- [**111**Star][5m] [C++] [arno0x/tcprelayinjecter](https://github.com/arno0x/tcprelayinjecter) Tool for injecting a "TCP Relay" managed assembly into unmanaged processes
- [**111**Star][1m] [CSS] [0xitx/ida_nightfall](https://github.com/0xitx/ida_nightfall) A dark color theme for IDA Pro
- [**110**Star][3m] [C++] [monoxgas/koppeling](https://github.com/monoxgas/koppeling) Adaptive DLL hijacking / dynamic export forwarding
- [**110**Star][2y] [Py] [wen-fei/cnkispider](https://github.com/wen-fei/cnkispider) a spider for cnki patent content, just for study and commucation, no use for business.
- [**110**Star][2y] [C#] [dustinmoris/firewall](https://github.com/dustinmoris/firewall) ASP.NET Core middleware for IP address filtering.
- [**110**Star][3m] [TS] [owasp/riskassessmentframework](https://github.com/owasp/riskassessmentframework) Static Application Security Testing
- [**110**Star][10d] [TS] [etienne-martin/device-detector-js](https://github.com/etienne-martin/device-detector-js) A precise user agent parser and device detector written in TypeScript
- [**110**Star][2m] [Swift] [taggon/coffeefy](https://github.com/taggon/coffeefy) 스타벅스 Wifi 자동접속 맥 애플리케이션
- [**110**Star][12d] [C] [mrpre/atls](https://github.com/mrpre/atls) A light TLS implementation used for learning: TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3 GMSSL 1.1(国密SSL) based on libcrypto.so.
- [**110**Star][1m] [Go] [azure/kubernetes-kms](https://github.com/azure/kubernetes-kms) 
- [**110**Star][20d] [Py] [ivopetiz/algotrading](https://github.com/ivopetiz/algotrading) Algorithmic trading framework for cryptocurrencies.
- [**110**Star][11d] [Py] [francozappa/knob](https://github.com/francozappa/knob) Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
- [**110**Star][10d] [Py] [imtiazkarimik23/atfuzzer](https://github.com/imtiazkarimik23/atfuzzer) "Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
- [**110**Star][7d] [C] [danielkrupinski/vac-bypass-loader](https://github.com/danielkrupinski/vac-bypass-loader) Loader for VAC Bypass written in C.
- [**110**Star][2m] [houjingyi233/cpu-vulnerability-collections](https://github.com/houjingyi233/CPU-vulnerability-collections) 
- [**110**Star][15d] [Shell] [aoncyberlabs/cexigua](https://github.com/AonCyberLabs/Cexigua) Linux based inter-process code injection without ptrace(2)
- [**110**Star][5m] [PHP] [walkor/php-http-proxy](https://github.com/walkor/php-http-proxy) HTTP proxy written in PHP based on workerman.
- [**110**Star][19d] [C++] [thewhiteh4t/flashsploit](https://github.com/thewhiteh4t/flashsploit) Exploitation Framework for ATtiny85 Based HID Attacks
- [**110**Star][1m] [C] [sploitfun/lsploits](https://github.com/sploitfun/lsploits) Linux Exploits
- [**110**Star][4m] [PHP] [sniperoj/attack-defense-challenges](https://github.com/sniperoj/attack-defense-challenges) Challenges of CTF Attack with Defense mode
- [**110**Star][1y] [C++] [sidechannelmarvels/daredevil](https://github.com/sidechannelmarvels/daredevil) A tool to perform (higher-order) correlation power analysis attacks (CPA).
- [**110**Star][16d] [C++] [sensepost/gdi-palettes-exp](https://github.com/sensepost/gdi-palettes-exp) 滥用 GDI 对象来揭示内核漏洞利用
- [**110**Star][12d] [Py] [sandialabs/dr_robot](https://github.com/sandialabs/dr_robot) This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Intelligence) tools.
- [**110**Star][4y] [Py] [samgranger/eqgrp](https://github.com/samgranger/eqgrp) Mirror
- [**110**Star][1y] [rose-compiler/rose-develop](https://github.com/rose-compiler/rose-develop) The latest development version of rose. It may not pass all regression tests.
- [**110**Star][4m] [HTML] [pebble/pebble-ios-sdk](https://github.com/pebble/pebble-ios-sdk) iOS PebbleKit SDK to talk to the Pebble via Bluetooth
- [**110**Star][2y] [PS] [nettitude/invoke-powerthief](https://github.com/nettitude/invoke-powerthief) The PowerThIEf, an Internet Explorer Post Exploitation library
- [**110**Star][20d] [Py] [needmorecowbell/giggity](https://github.com/needmorecowbell/giggity) Wraps github api for openly available information about an organization, user, or repo
- [**110**Star][5m] [Roff] [nb-star/security-operation](https://github.com/nb-star/security-operation) 安全运维技巧整理
- [**110**Star][5m] [Py] [mazzzystar/baiducrawler](https://github.com/mazzzystar/baiducrawler) Sample of using proxies to crawl baidu search results.
- [**110**Star][1y] [Py] [m4cs/darkspiritz](https://github.com/m4cs/darkspiritz) 
- [**110**Star][10d] [C] [libyal/libevtx](https://github.com/libyal/libevtx) Library and tools to access the Windows XML Event Log (EVTX) format
- [**110**Star][29d] [krishnakumarsekar/awesome-machine-learning-deep-learning-mathematics](https://github.com/krishnakumarsekar/awesome-machine-learning-deep-learning-mathematics) A curated list of mathematics documents ,Concepts, Study Materials , Algorithms and Codes available across the internet for machine learning and deep learning
- [**110**Star][7m] [C] [jwbensley/etherate](https://github.com/jwbensley/etherate) Linux CLI Ethernet and MPLS Testing Tool
- [**110**Star][2m] [C++] [joxeankoret/membugtool](https://github.com/joxeankoret/membugtool) A DBI tool to discover heap memory related bugs
- [**110**Star][2y] [Shell] [jgamblin/blackhat-macos-config](https://github.com/jgamblin/blackhat-macos-config) Configure Your Macbook For Blackhat
- [**110**Star][20d] [Py] [ivopetiz/algotrading](https://github.com/ivopetiz/algotrading) Algorithmic trading framework for cryptocurrencies.
- [**110**Star][2m] [C] [infodox/tsh-sctp](https://github.com/infodox/tsh-sctp)  An open-source UNIX backdoor
- [**110**Star][1m] [C] [hc0d3r/sudohulk](https://github.com/hc0d3r/sudohulk) 使用ptraceHook系统调用execve, 监控并修改sudo命令的参数
- [**110**Star][19d] [C++] [glmcdona/strings2](https://github.com/glmcdona/strings2) extracting strings from binary data
- [**110**Star][12d] [fox-it/cobaltstrike-extraneous-space](https://github.com/fox-it/cobaltstrike-extraneous-space) Historical list of {Cobalt Strike,NanoHTTPD} servers
- [**110**Star][1m] [Py] [fireeye/flashmingo](https://github.com/fireeye/flashmingo) Automatic analysis of SWF files based on some heuristics. Extensible via plugins.
- [**110**Star][29d] [fail0verflow/ps4-radeon-patches](https://github.com/fail0verflow/ps4-radeon-patches) Small patches to add PS4 support to Linux userspace libraries
- [**110**Star][3y] [HTML] [dxa4481/xssjacking](https://github.com/dxa4481/xssjacking) Abusing Self-XSS and Clickjacking to trigger XSS
- [**110**Star][3m] [Py] [d4vinci/pyflooder](https://github.com/d4vinci/pyflooder) A http flood python script that could stop a normal website in 10s
- [**110**Star][4m] [PS] [cyberark/skyark](https://github.com/cyberark/skyark) SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
- [**110**Star][18d] [ckjbug/kali-linux-learning](https://github.com/ckjbug/kali-linux-learning) 
- [**110**Star][15d] [HTML] [cj123/canijailbreak.com](https://github.com/cj123/canijailbreak.com) a website which tells you whether you can jailbreak your iOS device.
- [**110**Star][2m] [Vim script] [chr4/sslsecure.vim](https://github.com/chr4/sslsecure.vim) Highlight insecure SSL configuration in Vim (works for all OpenSSL/ LibreSSL cipher strings, independent of the filetype)
- [**110**Star][10d] [C] [boochow/micropython-raspberrypi](https://github.com/boochow/micropython-raspberrypi) bare metal Raspberry Pi Zero / Zero W port of MicroPython
- [**110**Star][1m] [Py] [binarydefense/goatrider](https://github.com/binarydefense/goatrider) GoatRider is a simple tool that will dynamically pull down Artillery Threat Intelligence Feeds, TOR, AlienVaults OTX, and the Alexa top 1 million websites and do a comparison to a hostname file or IP file.
- [**110**Star][2m] [Shell] [b3rito/yotter](https://github.com/b3rito/yotter) Bash 脚本, 执行侦察，然后使用 dirb 发现可能导致信息泄露的目录
- [**110**Star][13d] [Pascal] [artlav/meteor_decoder](https://github.com/artlav/meteor_decoder) A portable decoder for METEOR M weather satellite LRPT signal
- [**110**Star][2m] [Py] [aeondave/doork](https://github.com/aeondave/doork) Passive Vulnerability Auditor
- [**110**Star][7y] [C++] [abhisek/pe-loader-sample](https://github.com/abhisek/pe-loader-sample) Proof of concept implementation of in-memory PE Loader based on ReflectiveDLLInjection Technique
- [**109**Star][12d] [Go] [inguardians/peirates](https://github.com/inguardians/peirates) Peirates - Kubernetes Penetration Testing tool
- [**109**Star][15d] [Py] [liranbg/linkedin-learning-downloader](https://github.com/liranbg/linkedin-learning-downloader) Linkedin Learning videos downloader
- [**109**Star][28d] [Py] [micahflee/passphraseme](https://github.com/micahflee/passphraseme) A quick and simple cryptographically secure script to generate high entropy passphrases using EFF's wordlists
- [**109**Star][5m] [C] [yours3lf/rpi-vk-driver](https://github.com/yours3lf/rpi-vk-driver) VK driver for the Raspberry Pi (Broadcom Videocore IV)
- [**109**Star][10d] [Java] [alternadom/wififlutter](https://github.com/alternadom/wififlutter) Plugin Flutter which can handle WiFi connections (AP, STA)
- [**109**Star][4m] [Py] [quark-engine/quark-engine](https://github.com/quark-engine/quark-engine) 
- [**109**Star][11d] [Py] [rocky/python-decompile3](https://github.com/rocky/python-decompile3) Python decompiler for 3.7+. Stripped down from uncompyle6 so we can refactor and fix up some long-standing problems
- [**109**Star][16d] [JS] [paulsec/shodan-firefox-addon](https://github.com/paulsec/shodan-firefox-addon) Shodan Firefox Add-on
- [**109**Star][20d] [C] [hasherezade/module_overloading](https://github.com/hasherezade/module_overloading) A more stealthy variant of "DLL hollowing"
- [**109**Star][4m] [Py] [quarkslab/legu_unpacker_2019](https://github.com/quarkslab/legu_unpacker_2019) Scripts to unpack APK protected by Legu
- [**109**Star][13d] [pluwen/china-domain-whitelist](https://github.com/pluwen/china-domain-whitelist) 常用中国网站白名单，纯列表，用于 SwitchyOmega，控制不走代理的网站。
- [**109**Star][11d] [Py] [radareorg/r2con2019](https://github.com/radareorg/r2con2019) slides and materials
- [**109**Star][3m] [raikia/recon-ng-api-key-creation](https://github.com/raikia/recon-ng-api-key-creation) One of the biggest annoyances of using Recon-ng is getting everything set up to use it. So here I’ll outline the different API keys it can use and where to get them yourself.
- [**109**Star][3y] [Py] [opensourcesec/cirtkit](https://github.com/opensourcesec/CIRTKit) Tools for the Computer Incident Response Team
- [**109**Star][13d] [Assembly] [intel/intel-sgx-ssl](https://github.com/intel/intel-sgx-ssl) Intel® Software Guard Extensions SSL
- [**109**Star][23d] [C] [unicornteam/hackcube-special](https://github.com/unicornteam/hackcube-special) 
- [**109**Star][4y] [Jupyter Notebook] [stitchfix/algorithms-notebooks](https://github.com/stitchfix/algorithms-notebooks) Algorithm's team Jupyter Notebooks
- [**109**Star][3y] [Py] [souhardya/warchild](https://github.com/souhardya/warchild) War Child denial of service testing suite
- [**109**Star][11d] [HTML] [skiptomyliu/solutions-bwapp](https://github.com/skiptomyliu/solutions-bwapp) In progress rough solutions to bWAPP / bee-box
- [**109**Star][2y] [Py] [sidechannelmarvels/jeangrey](https://github.com/sidechannelmarvels/jeangrey) A tool to perform differential fault analysis attacks (DFA).
- [**109**Star][3m] [Java] [quarantyne/quarantyne](https://github.com/quarantyne/quarantyne) Modern Web Firewall: stop account takeovers, weak passwords, cloud IPs, DoS attacks, disposable emails
- [**109**Star][10d] [JS] [oznu/dns-zone-blacklist](https://github.com/oznu/dns-zone-blacklist) This project generates dnsmasq, bind and unbound zone files to be used in DNS based AD Blockers.
- [**109**Star][17d] [Py] [nccgroup/blackboxprotobuf](https://github.com/nccgroup/blackboxprotobuf) Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.
- [**109**Star][1y] [C] [mudongliang/linuxflaw](https://github.com/mudongliang/linuxflaw) This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
- [**109**Star][5y] [C] [malwaretech/tinyxpb](https://github.com/malwaretech/tinyxpb) Windows XP 32-Bit Bootkit
- [**109**Star][1y] [linking12/tesla](https://github.com/linking12/tesla) Tesla is a gateway service that provides dynamic routing,waf,support spring cloud,gRPC,DUBBO and more.
- [**109**Star][15d] [Go] [kubernetes-sigs/aws-encryption-provider](https://github.com/kubernetes-sigs/aws-encryption-provider) APIServer encryption provider, backed by AWS KMS
- [**109**Star][4m] [Rich Text Format] [koush/efi-x99](https://github.com/koush/efi-x99) Hackintosh Guide: Gigabyte X99P-SLI, Intel 6950X, Nvidia Titan Xp
- [**109**Star][4m] [Py] [infertux/zeyple](https://github.com/infertux/zeyple) Postfix filter/hook to automatically encrypt outgoing emails with PGP/GPG
- [**109**Star][2y] [geosn0w/myriam](https://github.com/geosn0w/myriam) A vulnerable iOS App with Security Challenges for the Security Researcher inside you.
- [**109**Star][19d] [Py] [eset/vba-dynamic-hook](https://github.com/eset/vba-dynamic-hook) dynamically analyzes VBA macros inside Office documents by hooking function calls
- [**109**Star][16d] [Java] [duo-labs/xray](https://github.com/duo-labs/xray) X-Ray allows you to scan your Android device for security vulnerabilities that put your device at risk.
- [**109**Star][10d] [Py] [duo-labs/twitterbots](https://github.com/duo-labs/twitterbots) The code used in the "Don't @ Me: Hunting Twitter Bots at Scale" Black Hat presentation
- [**109**Star][11d] [Java] [dexpatcher/dex2jar](https://github.com/dexpatcher/dex2jar) Unofficial dex2jar builds
- [**109**Star][14d] [JS] [chatziko/location-guard](https://github.com/chatziko/location-guard) Hide your geographic location from websites.
- [**109**Star][3y] [Py] [blindfuzzy/lhf](https://github.com/blindfuzzy/lhf) A modular recon tool for pentesting
- [**109**Star][12d] [Py] [bannsec/stegoveritas](https://github.com/bannsec/stegoveritas) Yet another Stego Tool
- [**109**Star][10m] [Py] [atlas0fd00m/cancat](https://github.com/atlas0fd00m/cancat) swiss army knife of Controller Area Networks (CAN) often used in cars and building automation, etc...
- [**109**Star][3m] [JS] [asmblah/jemul8](https://github.com/asmblah/jemul8) An object-oriented JavaScript x86 Emulator for Node.js and the browser
- [**109**Star][3m] [Py] [aboutsecurity/rastrea2r](https://github.com/aboutsecurity/rastrea2r) Collecting & Hunting for IOCs with gusto and style
- [**108**Star][1m] [Py] [akabe1/windows_exploit_dowser](https://github.com/akabe1/windows_exploit_dowser) A simple tool which could be useful to identify the exploits afflicting a Windows OS
- [**108**Star][19d] [Assembly] [dmitrystu/sboot_stm32](https://github.com/dmitrystu/sboot_stm32) Secure USB DFU1.1 bootloader for STM32
- [**108**Star][9d] [Java] [codeplutos/cve-2019-12086-jackson-databind-file-read](https://github.com/codeplutos/cve-2019-12086-jackson-databind-file-read) 
- [**108**Star][20d] [C#] [ngenerics/ngenerics](https://github.com/ngenerics/ngenerics) Data structures and algorithms for .NET
- [**108**Star][3m] [Py] [mgp25/re-whatsapp](https://github.com/mgp25/re-whatsapp) Reverse engineering WhatsApp. Documentation and protocols.
- [**108**Star][13d] [C] [olimex/esp32-gateway](https://github.com/olimex/esp32-gateway) ESP32 IoT Gateway board with BLE WIFI and Ethernet
- [**108**Star][15d] [Go] [ouqiang/mars](https://github.com/ouqiang/mars) HTTP(S)代理, 用于抓包调试
- [**108**Star][11d] [Dockerfile] [gonzih/docker-csgo-server](https://github.com/gonzih/docker-csgo-server) Dockerfile for the CSGO server
- [**108**Star][14d] [payloadbox/rfi-lfi-payload-list](https://github.com/payloadbox/rfi-lfi-payload-list) RFI/LFI Payload List
- [**108**Star][10d] [Py] [daeken/ssrftest](https://github.com/daeken/ssrftest) SSRF testing tool
- [**108**Star][28d] [Py] [qwertyuiop6/mm131](https://github.com/qwertyuiop6/mm131) MM131网站图片爬取
- [**108**Star][4m] [Py] [xct/ropstar](https://github.com/xct/ropstar) Automatic exploit generation for simple linux pwn challenges.
- [**108**Star][1m] [Brainfuck] [tegmen/regex-brainfuck-interpreter](https://github.com/Tegmen/RegEx-Brainfuck-Interpreter) A Brainfuck interpreter in RegEx only (using Find/Replace)
- [**108**Star][3y] [vidar-team/hctf2016](https://github.com/vidar-team/HCTF2016) HCTF 2016 CHALLENGES
- [**108**Star][24d] [C++] [atxsinn3r/amsiscanner](https://github.com/atxsinn3r/amsiscanner) A C/C++ implementation of Microsoft's Antimalware Scan Interface
- [**108**Star][3y] [Shell] [xillwillx/cactustorch_ddeauto](https://github.com/xillwillx/cactustorch_ddeauto) OFFICE DDEAUTO Payload Generation script
- [**108**Star][6m] [HTML] [w3c/webappsec-csp](https://github.com/w3c/webappsec-csp) WebAppSec Content Security Policy
- [**108**Star][10d] [Shell] [trimstray/massh-enum](https://github.com/trimstray/massh-enum) OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
- [**108**Star][4y] [C++] [timeweb/ddosdetector](https://github.com/timeweb/ddosdetector) A flexible tool for analyzing network traffic and automation of the process of protection against DDoS attacks.
- [**108**Star][16d] [Shell] [thelinuxchoice/keydroid](https://github.com/thelinuxchoice/keydroid) Android Keylogger + Reverse Shell
- [**108**Star][26d] [Py] [thehappydinoa/iosrestrictionbruteforce](https://github.com/thehappydinoa/iosrestrictionbruteforce) Crack iOS Restriction Passcodes with Python
- [**108**Star][9d] [Go] [superfly/wormhole](https://github.com/superfly/wormhole) Fly.io secure tunnel
- [**108**Star][7y] [Py] [secretsquirrel/recomposer](https://github.com/secretsquirrel/recomposer) Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
- [**108**Star][1m] [C] [s0lst1c3/silentbridge](https://github.com/s0lst1c3/silentbridge) Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
- [**108**Star][4m] [Py] [r00ts3c/ddos-rootsec](https://github.com/r00ts3c/ddos-rootsec) DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
- [**108**Star][4y] [projectretroscope/retroscope](https://github.com/projectretroscope/retroscope) Public release of the RetroScope Android memory forensics framework
- [**108**Star][2m] [Py] [preos-security/fwaudit](https://github.com/preos-security/fwaudit) Platform Firmware Auditing Tool
- [**108**Star][24d] [JS] [offdev/zwsp-steg-js](https://github.com/offdev/zwsp-steg-js) 零宽度空间隐写术, 将隐藏的消息编码/解码为不可打印/可读的字符
- [**108**Star][14d] [Go] [nray-scanner/nray](https://github.com/nray-scanner/nray) nray distributed port scanner
- [**108**Star][6y] [Py] [mspreitz/adel](https://github.com/mspreitz/adel) dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow
- [**108**Star][29d] [TeX] [monero-project/research-lab](https://github.com/monero-project/research-lab) A general repo for Monero Research Lab work in progress and completed work
- [**108**Star][5y] [Py] [mit-ll/ll-fuzzer](https://github.com/mit-ll/ll-fuzzer) An automated NFC fuzzing framework for Android devices.
- [**108**Star][1m] [Assembly] [mborgbrant/c64js](https://github.com/mborgbrant/c64js) A commodore 64 emulator written in vanilla JavaScript
- [**108**Star][2m] [Ruby] [lubyruffy/wyquery](https://github.com/lubyruffy/wyquery) Wooyun查询系统
- [**108**Star][5m] [Py] [leoid/cve-2019-0708](https://github.com/leoid/cve-2019-0708) Only Hitting PoC [Tested on Windows Server 2008 r2]
- [**108**Star][3m] [Go] [jthomas/serverless-pwned-passwords](https://github.com/jthomas/serverless-pwned-passwords) Using serverless functions to provide an API for checking potential passwords against an enormous corpus of passwords leaked from security breaches.
- [**108**Star][6y] [Java] [isecpartners/android-opendebug](https://github.com/isecpartners/android-opendebug) Make any application debuggable
- [**108**Star][6m] [ianvollick/animation-proxy](https://github.com/ianvollick/animation-proxy) Accelerated Web Worker Animations
- [**108**Star][5m] [Py] [guedou/jupyter-radare2](https://github.com/guedou/jupyter-radare2) Just a simple radare2 Jupyter kernel
- [**108**Star][8d] [C++] [google/vxsig](https://github.com/google/vxsig) Automatically generate AV byte signatures from sets of similar binaries.
- [**108**Star][11d] [Py] [fgsect/scat](https://github.com/fgsect/scat) 通过USB解析Qualcomm和Samsung基带的诊断消息，并生成包含蜂窝控制平面消息的GSMTAP数据包流
- [**108**Star][14d] [Objective-C++] [electrajailbreak/cydia](https://github.com/electrajailbreak/cydia) Cydia modified for iOS 11/Electra
- [**108**Star][2m] [ObjC] [devapple/yalu103](https://github.com/devapple/yalu103) incomplete iOS 10.3Betas jailbreak for 64 bit devices by qwertyoruiopz, marcograssi, and devapple (personal use)
- [**108**Star][4m] [Py] [cs01/pygdbmi](https://github.com/cs01/pygdbmi) A library to parse gdb mi output and interact with gdb subprocesses
- [**108**Star][2m] [Shell] [clion007/dnsmasq](https://github.com/clion007/dnsmasq) 全自动dnsmasq及hosts科学上网，防DNS劫持及全面广告屏蔽脚本（ADSI）
- [**108**Star][3y] [JS] [attekett/nodefuzz](https://github.com/attekett/nodefuzz) 
- [**108**Star][4m] [Py] [angr/claripy](https://github.com/angr/claripy) An abstraction layer for constraint solvers.
- [**108**Star][2y] [Py] [anbai-inc/cve-2018-4878](https://github.com/anbai-inc/cve-2018-4878) CVE-2018-4878 样本
- [**108**Star][2m] [Py] [adulau/cve-search](https://github.com/adulau/cve-search) cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.
- [**107**Star][10d] [Go] [ameenmaali/qsfuzz](https://github.com/ameenmaali/qsfuzz) qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
- [**107**Star][12d] [Py] [nautilus-fuzz/nautilus](https://github.com/nautilus-fuzz/nautilus) A grammar based feedback Fuzzer
- [**107**Star][4m] [jeremyblackthorne/rpisec-courses](https://github.com/jeremyblackthorne/rpisec-courses) 
- [**107**Star][3m] [C++] [horsicq/xopcodecalc](https://github.com/horsicq/xopcodecalc) Opcode calculator
- [**107**Star][11d] [raoenhui/awssetup](https://github.com/raoenhui/awssetup) 用亚马逊云AWS搭建免费VPN服务
- [**107**Star][7d] [Java] [lfcnassif/iped](https://github.com/lfcnassif/iped) IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
- [**107**Star][2m] [wtsxdev/list-of-web-application-security](https://github.com/wtsxdev/list-of-web-application-security) List of web application security
- [**107**Star][30d] [Py] [bignerd95/routeros-backup-tools](https://github.com/bignerd95/routeros-backup-tools) Tools to encrypt/decrypt and pack/unpack RouterOS v6.13+ backup files
- [**107**Star][24d] [C++] [lifting-bits/microx](https://github.com/lifting-bits/microx) Safely execute an arbitrary x86 instruction
- [**107**Star][14d] [C++] [intel/ad-rss-lib](https://github.com/intel/ad-rss-lib) Library implementing the Responsibility Sensitive Safety model (RSS) for Autonomous Vehicles
- [**107**Star][14d] [PS] [littl3field/audix](https://github.com/littl3field/audix) Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring
- [**107**Star][10d] [JS] [adonespitogo/adobot-io](https://github.com/adonespitogo/adobot-io) Android Spyware Server
- [**107**Star][4m] [JS] [javascript-obfuscator/javascript-obfuscator-ui](https://github.com/javascript-obfuscator/javascript-obfuscator-ui) A web UI to the JavaScript Obfuscator node.js package.
- [**107**Star][9d] [ObjC] [colemancda/wi-fi-crack](https://github.com/colemancda/wi-fi-crack) OS X GUI for Aircrack-NG
- [**107**Star][26d] [C] [yurushao/droid_injectso](https://github.com/yurushao/droid_injectso) A shared libraries injection tool.
- [**107**Star][24d] [HTML] [xinali/wooyun](https://github.com/xinali/wooyun) wooyun public information backup
- [**107**Star][4m] [HTML] [we45/threatplaybook](https://github.com/we45/threatplaybook) A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
- [**107**Star][7y] [Py] [uber/py-find-injection](https://github.com/uber/py-find-injection) Look for SQL injection attacks in python source code
- [**107**Star][3y] [JS] [trustedsec/ships](https://github.com/trustedsec/ships) The Shared Host Integrated Password System (SHIPS) is a solution to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Clients may be configured to rotate passwords automatically. Stored passwords can be retrieved by desktop support …
- [**107**Star][27d] [C] [tecknicaltom/dsniff](https://github.com/tecknicaltom/dsniff) dsniff is a collection of tools for network auditing and penetration testing.
- [**107**Star][1m] [Py] [syss-research/outis](https://github.com/syss-research/outis)  a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
- [**107**Star][15d] [Java] [summitt/burp-ysoserial](https://github.com/summitt/burp-ysoserial) YSOSERIAL Integration with burp suite
- [**107**Star][10d] [Go] [sroberts/cacador](https://github.com/sroberts/cacador) 从文本块中提取常见的IoC
- [**107**Star][3y] [Py] [sparksharly/dl_for_xss](https://github.com/sparksharly/dl_for_xss) Deep learnning for detection with xss
- [**107**Star][1m] [Go] [sakeven/httpproxy](https://github.com/sakeven/httpproxy) 基于 Go 开发，支持 http/1.1 以上版本的 HTTP(S) 代理。（Why not try out Mika?）
- [**107**Star][2y] [Py] [redlectroid/overthruster](https://github.com/redlectroid/overthruster) HID attack payload generator for Arduinos
- [**107**Star][12m] [PS] [r4wd3r/rid-hijacking](https://github.com/r4wd3r/rid-hijacking) Windows RID Hijacking persistence technique
- [**107**Star][3m] [R] [r-lib/debugme](https://github.com/r-lib/debugme) Easy and efficient debugging for R packages
- [**107**Star][8m] [PHP] [psecio/jwt](https://github.com/psecio/jwt) A JWT (JSON Web Token) Encoder & Decoder
- [**107**Star][11d] [Rust] [pop-os/firmware-manager](https://github.com/pop-os/firmware-manager) Generic framework and GTK UI for firmware updates from system76-firmware and fwupd, written in Rust.
- [**107**Star][1m] [Rust] [polaris64/syswall](https://github.com/polaris64/syswall) Work in progress firewall for Linux syscalls, written in Rust
- [**107**Star][1m] [Py] [pjialin/pyproxy-async](https://github.com/pjialin/pyproxy-async) 基于 Python Asyncio + Redis 实现的代理池
- [**107**Star][1y] [PS] [p3nt4/invoke-tmpdavfs](https://github.com/p3nt4/invoke-tmpdavfs) Memory Backed Powershell WebDav Server
- [**107**Star][29d] [C++] [oxagast/ansvif](https://github.com/oxagast/ansvif) A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
- [**107**Star][5m] [C#] [neowutran/shinrameter](https://github.com/neowutran/shinrameter) Tera DPS Meter
- [**107**Star][7m] [Py] [neatmonster/amie](https://github.com/neatmonster/amie) A Minimalist Instruction Extender for the ARM architecture and IDA Pro
- [**107**Star][2m] [Py] [mozilla/django-session-csrf](https://github.com/mozilla/django-session-csrf) CSRF protection for Django without cookies.
- [**107**Star][20d] [C++] [mfontanini/dot11decrypt](https://github.com/mfontanini/dot11decrypt) An 802.11 WEP/WPA2 on-the-fly decrypter.
- [**107**Star][13d] [Py] [mbevilacqua/appcompatprocessor](https://github.com/mbevilacqua/appcompatprocessor) "Evolving AppCompat/AmCache data analysis beyond grep"
- [**107**Star][4m] [C++] [martin-pr/possumwood](https://github.com/martin-pr/possumwood) Possumwood is a graph-based procedural authoring tool, in concept not dissimilar to popular CG packages like Houdini, Blender or Maya. It is intended to serve as a sandbox for computer graphics algorithms and libraries, providing a user-friendly and coding-free UI for libraries that would otherwise be inaccessible for an average user.
- [**107**Star][21d] [C] [madeye/tcp_china](https://github.com/madeye/tcp_china) TCP China congestion control algorithm
- [**107**Star][2m] [Py] [lingerhk/fshell](https://github.com/lingerhk/fshell) 基于机器学习的分布式webshell检测系统
- [**107**Star][14d] [Rust] [kzen-networks/curv](https://github.com/kzen-networks/curv) Rust language general purpose elliptic curve cryptography.
- [**107**Star][2y] [Py] [kkirsche/cve-2017-10271](https://github.com/kkirsche/cve-2017-10271) Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)
- [**107**Star][6y] [C] [ioactive/melkor_elf_fuzzer](https://github.com/ioactive/melkor_elf_fuzzer) Melkor is a very intuitive and easy-to-use ELF file format fuzzer to find functional and security bugs in ELF parsers.
- [**107**Star][7y] [intrepidusgroup/trustme](https://github.com/intrepidusgroup/trustme) Disable certificate trust checks on iOS devices.
- [**107**Star][6m] [Py] [imjdl/wcnife](https://github.com/imjdl/wcnife) Web版中國菜刀
- [**107**Star][2y] [Java] [realbearcat/oracle-weblogic-cve-2017-10271](https://github.com/RealBearcat/Oracle-WebLogic-CVE-2017-10271) WebLogic Wls-wsat XMLDecoder 反序列化
- [**107**Star][25d] [Kotlin] [heimashi/debug_view_kotlin](https://github.com/heimashi/debug_view_kotlin) 用kotlin实现的Android浮层调试控制台，实时的显示内存、FPS、文字log、app启动时间、Activity启动时间
- [**107**Star][2y] [PS] [harmj0y/asreproast](https://github.com/harmj0y/asreproast) Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
- [**107**Star][12d] [Ruby] [green-m/green-hat-suite](https://github.com/green-m/green-hat-suite) Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.
- [**107**Star][29d] [Java] [ggrandes/bouncer](https://github.com/ggrandes/bouncer) Bouncer is a network TCP port redirector/forward proxy (like rinetd) with extra features like Reverse tunneling (like ssh -R), SSL tunneling (like stunnel), connection Failover, LoadBalancing and Clustering. In pure Java (BIO)
- [**107**Star][2y] [C] [formyown/alesense-antivirus](https://github.com/formyown/alesense-antivirus) 一款拥有完整交互界面与驱动级拦截能力的开源杀毒软件
- [**107**Star][4m] [Perl] [fastvpseestiou/antidoto](https://github.com/fastvpseestiou/antidoto) Linux antimalware and antirootkit tool
- [**107**Star][5m] [Py] [falseen/pysocket](https://github.com/falseen/pysocket) 通过monkey patch动态修改 socket 的项目。在不修改源码的情况下给 socket 增加一些诸如限制客户端数量、前置代理之类的功能。让我们将 Monkey Patch 进行到底吧！
- [**107**Star][1m] [F#] [enkomio/sacara](https://github.com/enkomio/sacara) A stack based intermediate language aimed at software protection by running in a software VM
- [**107**Star][2y] [JS] [eboda/34c3ctf](https://github.com/eboda/34c3ctf) Challenge Sources & Exploits for the 34C3 CTF
- [**107**Star][4m] [dxxzst/free-proxy-list](https://github.com/dxxzst/free-proxy-list) Free proxy list 免费的代理IP，定时更新，优先更新
- [**107**Star][13d] [C] [cnlohr/fx3fun](https://github.com/cnlohr/fx3fun) Charles's playground for the Cypress FX3
- [**107**Star][16d] [C] [caerbannog/esphttpclient](https://github.com/caerbannog/esphttpclient) A simple ESP8266 http client library to make GET and POST requests with the native SDK
- [**107**Star][5m] [Java] [codeplutos/cve-2019-12086-jackson-databind-file-read](https://github.com/codeplutos/CVE-2019-12086-jackson-databind-file-read) 
- [**107**Star][1m] [JS] [blackhole1/autofindxssandcsrf](https://github.com/blackhole1/autofindxssandcsrf) 自动化检测页面是否存在XSS和CSRF漏洞的浏览器插件(A plugin for browser that checks automatically whether a page haves XSS and CSRF vulnerabilities)
- [**107**Star][6m] [C] [biswa96/wslinstall](https://github.com/biswa96/wslinstall) Install any GNU/Linux userspace in WSL
- [**107**Star][23d] [JS] [avlidienbrunn/bountydash](https://github.com/avlidienbrunn/bountydash) 从所有BugBounty平台收集你获取的奖励信息, 生成进度和漏洞类型信息图表等
- [**107**Star][11d] [Py] [aparsons/bag-of-holding](https://github.com/aparsons/bag-of-holding) An application to assist in the organization and prioritization of software security activities.
- [**107**Star][3y] [Py] [andrewdcampbell/opencv-document-scanner](https://github.com/andrewdcampbell/opencv-document-scanner) An interactive document scanner built in Python using OpenCV featuring automatic corner detection, image sharpening, and color thresholding.
- [**107**Star][4m] [Py] [ajinabraham/webappsec](https://github.com/ajinabraham/webappsec) Web Application Security
- [**107**Star][13d] [HTML] [ahmia/search](https://github.com/ahmia/search) Ahmia - Search Engine for onion services.
- [**107**Star][2m] [Py] [acceis/crypto_identifier](https://github.com/acceis/crypto_identifier) Crypto tool for pentest and ctf : try to uncipher data using multiple algorithms and block chaining modes. Usefull for a quick check on unknown cipher text and key dictionnary
- [**107**Star][3y] [Py] [3gstudent/smbtouch-scanner](https://github.com/3gstudent/smbtouch-scanner) Automatically scan the inner network to detect whether they are vulnerable.
- [**106**Star][11d] [YARA] [netspooky/inhale](https://github.com/netspooky/inhale) A malware analysis and classification tool.
- [**106**Star][10d] [Go] [chenboxing/punching](https://github.com/chenboxing/punching) P2P TCP NAT穿透 P2P TCP NET Punching hold
- [**106**Star][4m] [R] [schochastics/networkdata](https://github.com/schochastics/networkdata) R package containing several network datasets
- [**106**Star][24d] [HTML] [zerobranch/android-remote-debugger](https://github.com/zerobranch/android-remote-debugger) A library for remote logging, database debugging, shared preferences and network requests
- [**106**Star][12d] [C] [andreafioraldi/qasan](https://github.com/andreafioraldi/qasan) QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
- [**106**Star][12d] [Py] [voliveirajr/seleniumcrawler](https://github.com/voliveirajr/seleniumcrawler) An example using Selenium webdrivers for python and Scrapy framework to create a web scraper to crawl an ASP site
- [**106**Star][4m] [C#] [washi1337/oldrod](https://github.com/washi1337/oldrod) An automated KoiVM devirtualisation utility
- [**106**Star][7d] [JS] [tharyckgusmao/skill-share-crawler---dl](https://github.com/tharyckgusmao/skill-share-crawler---dl) Download Videos Skill Share per ID or per Class
- [**106**Star][2m] [zhucola/advanced-nginx](https://github.com/zhucola/advanced-nginx) nginx的基础操作与总结、HTTP缓存、OpenSSL
- [**106**Star][8d] [C#] [techyian/mmalsharp](https://github.com/techyian/mmalsharp) C# wrapper to Broadcom's MMAL with an API to the Raspberry Pi camera.
- [**106**Star][5m] [Go] [rincliu/go-algorithm](https://github.com/rincliu/go-algorithm) Implementations of data structures & algorithms written in Golang.
- [**106**Star][28d] [Java] [pqpo/methodhook](https://github.com/pqpo/methodhook) hook java methods
- [**106**Star][21d] [Visual Basic] [catboy96/automator](https://github.com/catboy96/automator) 
- [**106**Star][2m] [Py] [ehco1996/shadowsocksr-deprecated](https://github.com/ehco1996/shadowsocksr-deprecated) ssr mod version for django-sspanel
- [**106**Star][21d] [Shell] [nahamsec/crtndstry](https://github.com/nahamsec/crtndstry) Yet another subdomain finder
- [**106**Star][2y] [Py] [zwq0320/malicious_dynamic_behavior_detection_by_cnn](https://github.com/zwq0320/malicious_dynamic_behavior_detection_by_cnn) 使用CNN进行样本恶意动态行为检测
- [**106**Star][3y] [HTML] [ziplokk1/incapsula-cracker-py3](https://github.com/ziplokk1/incapsula-cracker-py3) Python3 compatible way to bypass sites guarded with Incapsula
- [**106**Star][4y] [Eagle] [zapta/linbus](https://github.com/zapta/linbus) An Arduino based LINBUS stack and signal interceptor/injector.
- [**106**Star][2y] [Py] [xme/toolbox](https://github.com/xme/toolbox) Miscelaneous useful scripts for my day to day projects
- [**106**Star][14d] [C] [vmonaco/kloak](https://github.com/vmonaco/kloak) Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
- [**106**Star][3y] [Py] [tkcert/testssl.sh-webfrontend](https://github.com/tkcert/testssl.sh-webfrontend) Web Frontend for testssl.sh
- [**106**Star][13d] [Py] [thelsa/tp5-getshell](https://github.com/thelsa/tp5-getshell) thinkphp5 rce getshell
- [**106**Star][4m] [JS] [thecjw/frida-android-scripts](https://github.com/thecjw/frida-android-scripts) Some frida scripts
- [**106**Star][28d] [C] [secwiki/android-kernel-exploits](https://github.com/secwiki/android-kernel-exploits) android kernel exploits漏洞集合
- [**106**Star][1m] [PS] [secvulture/dvta](https://github.com/secvulture/dvta) Damn Vulnerable Thick Client App
- [**106**Star][16d] [Java] [secureskytechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095](https://github.com/secureskytechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095) Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告
- [**106**Star][6y] [santoku/santoku-linux](https://github.com/santoku/santoku-linux) Linux Distro for Mobile Security, Malware Analysis, and Forensics
- [**106**Star][4m] [rub-nds/tls-padding-oracles](https://github.com/rub-nds/tls-padding-oracles) New TLS Padding Oracles
- [**106**Star][1y] [PHP] [rub-nds/metadata-attacker](https://github.com/rub-nds/metadata-attacker) A tool to generate media files with malicious metadata
- [**106**Star][1y] [Shell] [rpranshu/eternalview](https://github.com/rpranshu/eternalview) EternalView is an all in one basic information gathering and vulnerability assessment tool
- [**106**Star][4y] [C] [rootkitsmm/win32k-fuzzer](https://github.com/rootkitsmm/win32k-fuzzer) Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )
- [**106**Star][1y] [Py] [re4son/kali-pi](https://github.com/re4son/kali-pi) Sticky Fingers Kali Pi
- [**106**Star][1y] [C#] [r-smith/splice-admin](https://github.com/r-smith/splice-admin) A remote Windows administration tool. You know you want it.
- [**106**Star][15d] [Py] [quantika14/guasap-whatsapp-foresincs-tool](https://github.com/quantika14/guasap-whatsapp-foresincs-tool) WhatsApp Forensic Tool
- [**106**Star][5m] [Py] [phith0n/python-xss-filter](https://github.com/phith0n/python-xss-filter) Based on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
- [**106**Star][11d] [paralax/awesome-internet-scanning](https://github.com/paralax/awesome-internet-scanning) A curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
- [**106**Star][12d] [Py] [operatorequals/httpimport](https://github.com/operatorequals/httpimport) Module for remote in-memory Python package/module loading through HTTP/S
- [**106**Star][1m] [Shell] [niclet/yi-hack-v2](https://github.com/niclet/yi-hack-v2) Xiaomi Yi Ants Camera 2 hack
- [**106**Star][4m] [Go] [netxfly/transparent-proxy-scanner](https://github.com/netxfly/transparent-proxy-scanner) 基于vpn和透明代理的web漏洞扫描器的实现思路及demo
- [**106**Star][23d] [Py] [nccgroup/gitpwnd](https://github.com/nccgroup/gitpwnd) GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines
- [**106**Star][4y] [Py] [mozilla/garmr](https://github.com/mozilla/garmr)  inspect the responses from websites for basic security requirements.
- [**106**Star][2m] [Py] [mehdilauters/wifiscanmap](https://github.com/mehdilauters/wifiscanmap) an other wifi mapping tool
- [**106**Star][6m] [Py] [mapleray/proxy_pool](https://github.com/mapleray/proxy_pool) python 代理池
- [**106**Star][14d] [JS] [mandatoryprogrammer/tarnish](https://github.com/mandatoryprogrammer/tarnish) A Chrome extension static analysis tool to help aide in security reviews.
- [**106**Star][4m] [C++] [m2team/privexec](https://github.com/m2team/privexec) Run the program with the specified permission level (C++17 required)
- [**106**Star][4m] [Go] [lu4p/torat](https://github.com/lu4p/torat)  a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
- [**106**Star][4y] [Java] [liuyufei/sslkiller](https://github.com/liuyufei/sslkiller) SSLKiller is used for killing SSL verification functions on Android client side. With SSLKiller, You can intercept app's HTTPS communication packages between the client and server.
- [**106**Star][4y] [liuchenx/surgeconfig](https://github.com/liuchenx/surgeconfig) surge app shadowsocks config
- [**106**Star][14d] [Shell] [jbreed/apkwash](https://github.com/jbreed/apkwash) Android APK Antivirus evasion for msfvenom generated payloads.
- [**106**Star][3m] [Py] [janniskirschner/horn3t](https://github.com/janniskirschner/horn3t) Powerful Visual Subdomain Enumeration at the Click of a Mouse
- [**106**Star][4m] [C] [intelfsp/fsp](https://github.com/intelfsp/fsp) Intel(R) Firmware Support Package (FSP)
- [**106**Star][4m] [Pascal] [greatis/anti-webminer](https://github.com/greatis/anti-webminer) Anti-WebMiner protects your PC against web cryptocurrency miners (JS scripts like Coinhive executed in the browser) by modifying Windows hosts file
- [**106**Star][14d] [C] [comsecuris/luaqemu](https://github.com/comsecuris/luaqemu) QEMU-based framework exposing several of QEMU-internal APIs to a LuaJIT core injected into QEMU itself. Among other things, this allows fast prototyping of target systems without any native code and minimal effort in Lua.
- [**106**Star][9m] [C++] [comaeio/hibr2bin](https://github.com/comaeio/hibr2bin) Comae Hibernation File Decompressor
- [**106**Star][1m] [C] [codelion/pathgrind](https://github.com/codelion/pathgrind) Path based Dynamic Analysis
- [**106**Star][6y] [C++] [clymb3r/misc-windows-hacking](https://github.com/clymb3r/misc-windows-hacking) Miscellaneous projects related to attacking Windows.
- [**106**Star][3y] [Ruby] [chrisallenlane/watchtower](https://github.com/chrisallenlane/watchtower) Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is platform- and language-agnostic.
- [**106**Star][4m] [C] [checkpointsw/scout](https://github.com/checkpointsw/scout) Instruction based research debugger
- [**106**Star][2y] [Java] [caledoniaproject/cve-2018-1270](https://github.com/caledoniaproject/cve-2018-1270) Spring messaging STOMP protocol RCE
- [**106**Star][10d] [C++] [bro/bro](https://github.com/bro/bro) Mirror of
- [**106**Star][6m] [JS] [boy-hack/webshellmanager](https://github.com/boy-hack/webshellmanager) w8ay 一句话WEB端管理工具
- [**106**Star][13d] [HTML] [blukat29/search-libc](https://github.com/blukat29/search-libc) Web wrapper of niklasb/libc-database
- [**106**Star][4y] [PS] [ben0xa/powershelldefense](https://github.com/ben0xa/powershelldefense) Some PowerShell Defensive Scripts
- [**106**Star][5m] [Py] [algorhythms/hackerrankalgorithms](https://github.com/algorhythms/hackerrankalgorithms) 
- [**106**Star][5m] [Py] [0xdezzy/cve-2019-11539](https://github.com/0xdezzy/cve-2019-11539) Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect
- [**105**Star][2m] [Py] [life4/django-bruteforce-protection](https://github.com/life4/django-bruteforce-protection) Bruteforce protection for Django projects based on Redis. Simple, powerful, extendable.
- [**105**Star][5m] [C++] [thomasjacquin/allsky](https://github.com/thomasjacquin/allsky) A Raspberry Pi operated Wireless Allsky Camera
- [**105**Star][3y] [JS] [guerrerocarlos/wikipediap2p](https://github.com/guerrerocarlos/wikipediap2p) WikipediaP2P.org Chrome Extension
- [**105**Star][20d] [PHP] [hedii/php-crawler](https://github.com/hedii/php-crawler) A php crawler that finds emails on the internets
- [**105**Star][28d] [JS] [herteby/vue-clicky](https://github.com/herteby/vue-clicky) Handy debugging function for Vue
- [**105**Star][1m] [JS] [nacimgoura/instagram-profilecrawl](https://github.com/nacimgoura/instagram-profilecrawl) Quickly crawl the information (e.g. followers, tags, mentions, date, etc...) of an instagram profile. No login required!
- [**105**Star][12d] [JS] [linkedtales/scrapedin-linkedin-crawler](https://github.com/linkedtales/scrapedin-linkedin-crawler) Crawler for LinkedIn full profiles 2019
- [**105**Star][11d] [Java] [thatcherdev/betterbackdoor](https://github.com/thatcherdev/betterbackdoor) A backdoor with a multitude of features.
- [**105**Star][12d] [PS] [hackplayers/empire-mod-hackplayers](https://github.com/hackplayers/empire-mod-hackplayers) PowerShell Empire mod to post-exploit the World!
- [**105**Star][16d] [Shell] [thelinuxchoice/evilpdf](https://github.com/thelinuxchoice/evilpdf) Embedding executable files in PDF Documents
- [**105**Star][13d] [ObjC] [objective-see/whatsyoursign](https://github.com/objective-see/whatsyoursign) WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing information!
- [**105**Star][1m] [C] [virtualabs/radiobit](https://github.com/virtualabs/radiobit) Micro:Bit Radio framework
- [**105**Star][3y] [C++] [zerosum0x0/puppetstrings](https://github.com/zerosum0x0/puppetstrings) Hitch a free ride to Ring 0 on Windows
- [**105**Star][3y] [C++] [y3t1y3t/csgo-dumper](https://github.com/y3t1y3t/csgo-dumper) CSGO Offset Dumper
- [**105**Star][9m] [xx0hcd/malleable-c2-profiles](https://github.com/xx0hcd/malleable-c2-profiles) Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike
- [**105**Star][2y] [Py] [wonderqs/blade](https://github.com/wonderqs/blade) A webshell connection tool with customized WAF bypass payloads
- [**105**Star][6m] [JS] [wilddeer/sniffer](https://github.com/wilddeer/sniffer) browser/engine/os/device detection tool
- [**105**Star][21d] [utkusen/eda2](https://github.com/utkusen/eda2) a more complex ransomware honeypot
- [**105**Star][14d] [Kotlin] [uber/crumb](https://github.com/uber/crumb) An annotation processor for breadcrumbing metadata across compilation boundaries.
- [**105**Star][3y] [C#] [tyranid/deviceguardbypasses](https://github.com/tyranid/deviceguardbypasses) A repository of some of my Windows 10 Device Guard Bypasses
- [**105**Star][4y] [C++] [trailofbits/appjaillauncher](https://github.com/trailofbits/appjaillauncher) CTF Challenge Framework for Windows 8 and above
- [**105**Star][3y] [Shell] [thor27/steam-login](https://github.com/thor27/steam-login) Put STEAM BigPicture mode at login screen
- [**105**Star][3y] [Py] [tengzhangchao/struts2_045-poc](https://github.com/tengzhangchao/struts2_045-poc) Struts2-045 POC
- [**105**Star][4m] [Py] [songguoxiong/wenshu_utils](https://github.com/songguoxiong/wenshu_utils) 裁判文书网 参数加解密工具库 for Python and Java
- [**105**Star][2m] [Py] [smythtech/sdnpwn](https://github.com/smythtech/sdnpwn) An SDN penetration testing toolkit
- [**105**Star][5m] [Py] [sibears/hrast](https://github.com/sibears/hrast) PoC of modifying HexRays AST
- [**105**Star][5y] [C++] [secmob/pocforcve-2015-1528](https://github.com/secmob/pocforcve-2015-1528) I'll submit the poc after blackhat
- [**105**Star][5m] [C++] [secmob/mosec2016](https://github.com/secmob/mosec2016) The slides and exploit of mosec2016
- [**105**Star][23d] [Go] [root4loot/rescope](https://github.com/root4loot/rescope) defining scopes for Burp Suite and OWASP ZAP.
- [**105**Star][18d] [Go] [ribbybibby/ssl_exporter](https://github.com/ribbybibby/ssl_exporter) Exports Prometheus metrics for SSL certificates
- [**105**Star][4m] [C] [ps3xploit/ps3hen](https://github.com/ps3xploit/ps3hen) PS3 Homebrew ENabler [Supports 4.84 HFW and 4.85 HFW]
- [**105**Star][14d] [Jupyter Notebook] [positivetechnologies/seq2seq-web-attack-detection](https://github.com/positivetechnologies/seq2seq-web-attack-detection) The implementation of the Seq2Seq model for web attack detection. The Seq2Seq model is usually used in Neural Machine Translation. The main goal of this project is to demonstrate the relevance of the NLP approach for web security.
- [**105**Star][3y] [Py] [picoctf/picoctf-platform-2](https://github.com/picoctf/picoctf-platform-2) A genericized version of picoCTF 2014 that can be easily adapted to host CTF or programming competitions.
- [**105**Star][4m] [Py] [patois/idapyhelper](https://github.com/patois/idapyhelper) IDAPyHelper is a script for the Interactive Disassembler that helps writing IDAPython scripts and plugins.
- [**105**Star][2m] [Py] [life4/django-bruteforce-protection](https://github.com/life4/django-bruteforce-protection) Bruteforce protection for Django projects based on Redis. Simple, powerful, extendable.
- [**105**Star][7m] [Java] [netspi/burp-extensions](https://github.com/netspi/burp-extensions) Central Repo for Burp extensions
- [**105**Star][2m] [Py] [n0fate/volafox](https://github.com/n0fate/volafox) Mac OS X Memory Analysis Toolkit
- [**105**Star][3y] [Py] [n00py/norknork](https://github.com/n00py/norknork) Powershell Empire Persistence finder
- [**105**Star][2y] [C++] [mlghuskie/nobastian](https://github.com/mlghuskie/nobastian) NoBastian - Universal Ring3 IPC based BattlEye/EAC/FaceIt/ESEA/MRAC bypass
- [**105**Star][6m] [HTML] [lz1y/cve-2018-8420](https://github.com/lz1y/cve-2018-8420) 原PoC甚至符号都打错了！太不走心了！
- [**105**Star][5m] [Shell] [luyg24/it_security](https://github.com/luyg24/it_security) 业内信息安全标准
- [**105**Star][4m] [PS] [leeberg/bluehive](https://github.com/leeberg/bluehive) PowerShell based Active Directory Honey User Account Management with Universal Dashboards
- [**105**Star][3m] [JS] [jkingsman/bishop](https://github.com/jkingsman/bishop) Hunt for vulnerable websites as you browse.
- [**105**Star][4m] [ihebski/a-red-teamer-diaries](https://github.com/ihebski/a-red-teamer-diaries) RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
- [**105**Star][12m] [PS] [homjxi0e/poweravails](https://github.com/homjxi0e/poweravails) PowerAvails Powershell .NET Operating system
- [**105**Star][2m] [Java] [gosecure/csp-auditor](https://github.com/gosecure/csp-auditor) Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
- [**105**Star][14d] [Py] [gelim/censys](https://github.com/gelim/censys) Python code to query the Censys public scan database.
- [**105**Star][10d] [geeksonsecurity/vuln-web-apps](https://github.com/geeksonsecurity/vuln-web-apps) A curated list of vulnerable web applications.
- [**105**Star][1m] [Py] [gaasedelen/prefix](https://github.com/gaasedelen/prefix) Function Prefixing for IDA Pro
- [**105**Star][11d] [TS] [fttx/barcode-to-pc-app](https://github.com/fttx/barcode-to-pc-app) Barcode to PC app
- [**105**Star][5m] [JS] [fpass/fpass](https://github.com/fpass/fpass) 类似于 LastPass的密码管理工具
- [**105**Star][5y] [Py] [fooying/3102](https://github.com/fooying/3102) A domain/ip fuzzing tool for vulnerability mining
- [**105**Star][2y] [Swift] [ehrishirajsharma/swiftness](https://github.com/ehrishirajsharma/swiftness) A note-taking macOS app for penetration-testers.
- [**105**Star][1m] [Ruby] [dryruby/tor.rb](https://github.com/dryruby/tor.rb) Tor.rb is a Ruby library for interacting with the Tor anonymity network.
- [**105**Star][13d] [Py] [dipcore/mstar-bin-tool](https://github.com/dipcore/mstar-bin-tool) Scripts to manipulate Mstar firmware binaries (e.g. MstarUpgrade.bin, LetvUpgrade.bin etc)
- [**105**Star][2y] [Py] [danigargu/idatropy](https://github.com/danigargu/idatropy) a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib.
- [**105**Star][4y] [Shell] [cornerpirate/socat-shell](https://github.com/cornerpirate/socat-shell) Socat can be used to establish a reverse shell with bash tab completion and full shell functionality
- [**105**Star][2y] [Java] [cornerpirate/java-stager](https://github.com/cornerpirate/java-stager) A PoC Java Stager which can download, compile, and execute a Java file in memory.
- [**105**Star][4m] [C#] [codingadventures/linqbridgevs](https://github.com/codingadventures/linqbridgevs) Dumps the content of variables during debugging in Visual Studio to LINQPad
- [**105**Star][4y] [C++] [cn33liz/tpminituacbypass](https://github.com/cn33liz/tpminituacbypass) Bypassing User Account Control (UAC) using TpmInit.exe
- [**105**Star][15d] [Shell] [chorankates/h4ck](https://github.com/chorankates/h4ck) a collection of writeups and tools related to ~embedded device ~hacking
- [**105**Star][2y] [Py] [ceh-tn/the-axer](https://github.com/ceh-tn/the-axer) replace the manual procedure of creating your payloads with msfvenom , making it easier and a lot quicker 
- [**105**Star][11d] [caledoniaproject/awesome-opensource-security](https://github.com/caledoniaproject/awesome-opensource-security) A list of interesting stuffs that I have no time to test/review
- [**105**Star][16d] [Py] [c0demap/codemap](https://github.com/c0demap/codemap) a binary analysis tool for "run-trace visualization" provided as IDA plugin.
    - [IDA插件](https://github.com/c0demap/codemap/blob/master/idapythonrc.py) 
    - [Web服务器](https://github.com/c0demap/codemap/tree/master/codemap/server) 
- [**105**Star][6m] [Py] [buffer/pylibemu](https://github.com/buffer/pylibemu) A Libemu Cython wrapper
- [**105**Star][11d] [Scala] [bigdatagenomics/mango](https://github.com/bigdatagenomics/mango) A scalable genome browser. Apache 2 licensed.
- [**105**Star][3y] [C++] [azuregreen/injectcollection](https://github.com/azuregreen/injectcollection) A collection of injection via vc++ in ring3
- [**105**Star][3m] [Swift] [auth0/auth0.swift](https://github.com/auth0/auth0.swift) Swift toolkit for Auth0 API
- [**105**Star][2m] [1hack0/bug-bounty-101](https://github.com/1hack0/bug-bounty-101) Happy Hunting
- [**105**Star][4m] [Py] [0xprateek/stardox](https://github.com/0xprateek/stardox) Github stargazers information gathering tool
- [**104**Star][11d] [Go] [benjojo/six-onions](https://github.com/benjojo/six-onions) Like Tor2Web, but not just HTTP ( using IPv6 )
- [**104**Star][19d] [Go] [portshift/kubei](https://github.com/portshift/kubei) Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:
- [**104**Star][16d] [TS] [sonatype-nexus-community/auditjs](https://github.com/sonatype-nexus-community/auditjs) Audits an NPM package.json file to identify known vulnerabilities.
- [**104**Star][12d] [Py] [tenzir/threatbus](https://github.com/tenzir/threatbus) 
- [**104**Star][4m] [boseji/ch341-store](https://github.com/boseji/ch341-store) Documents and Software Related to the famous CH341a used in I2C/SPI Flash Programmers also called as Bios Programmers
- [**104**Star][13d] [TS] [ethereumjs/ethereumjs-devp2p](https://github.com/ethereumjs/ethereumjs-devp2p) A JavaScript implementation of ÐΞVp2p
- [**104**Star][4m] [Py] [monkey-soft/moivesspider](https://github.com/monkey-soft/moivesspider) 爬取电影天堂的电影爬虫
- [**104**Star][10d] [HTML] [usnistgov/mobile-threat-catalogue](https://github.com/usnistgov/mobile-threat-catalogue) NIST/NCCoE Mobile Threat Catalogue
- [**104**Star][15d] [Shell] [functionclub/localecn](https://github.com/functionclub/localecn) 更改Linux服务器终端显示语言为中文的脚本
- [**104**Star][12d] [C] [siguza/iometa](https://github.com/siguza/iometa) arm64 IOKit class dumper
- [**104**Star][12d] [C] [aquynh/unidos](https://github.com/aquynh/unidos) MSDOS emulator built on top of Unicorn engine
- [**104**Star][14d] [C] [martin-ger/esp_slip_router](https://github.com/martin-ger/esp_slip_router) A SLIP to WiFi router
- [**104**Star][1m] [C] [ssd-secure-disclosure/advisories](https://github.com/ssd-secure-disclosure/advisories) SSD Secure Disclosure Advisories
- [**104**Star][25d] [Py] [b17zr/ntlm_challenger](https://github.com/b17zr/ntlm_challenger) Parse NTLM challenge messages over HTTP and SMB
- [**104**Star][7d] [mohitkhemchandani/oscp-complete-guide](https://github.com/mohitkhemchandani/oscp-complete-guide) How to prepare for OSCP complete guide
- [**104**Star][6m] [Py] [nkargas/gen2-uhf-rfid-reader](https://github.com/nkargas/Gen2-UHF-RFID-Reader) Gen2 UHF RFID reader with USRP and GNU Radio. Tested with USRPN200 and GNU Radio v3.7.4
- [**104**Star][24d] [PS] [mgreen27/invoke-liveresponse](https://github.com/mgreen27/Invoke-LiveResponse) Invoke-LiveResponse
- [**104**Star][2m] [JS] [phishai/phish-protect](https://github.com/phishai/phish-protect) 警报并可能阻止IDN/Unicode域名的网站
- [**104**Star][11d] [Py] [znuh/re-dected](https://github.com/znuh/re-dected) tools for playing with DECT
- [**104**Star][3m] [Ruby] [zcgonvh/cve-2017-7269](https://github.com/zcgonvh/cve-2017-7269) fixed msf module for cve-2017-7269
- [**104**Star][14d] [Py] [tintinweb/electron-inject](https://github.com/tintinweb/electron-inject) Inject javascript into closed source electron applications e.g. to enable developer tools for debugging.
- [**104**Star][4m] [Py] [timvideos/hdmi2usb-litex-firmware](https://github.com/timvideos/hdmi2usb-litex-firmware) A version of the HDMI2USB firmware based around LiteX tools produced by
- [**104**Star][15d] [Py] [themadinventor/ida-xtensa](https://github.com/themadinventor/ida-xtensa) IDAPython plugin for Tensilica Xtensa (as seen in ESP8266)
- [**104**Star][29d] [Go] [subutai-io/p2p](https://github.com/subutai-io/p2p) P2P Cloud project allows users to build their private networks.
- [**104**Star][3y] [Java] [spiderlabs/airachnid-burp-extension](https://github.com/spiderlabs/airachnid-burp-extension) A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
- [**104**Star][11m] [Py] [skysider/vulnpoc](https://github.com/skysider/vulnpoc) Vulnerability Verification Environment based on Docker
- [**104**Star][19d] [Ruby] [simp/simp-core](https://github.com/simp/simp-core) The base SIMP build repository
- [**104**Star][13d] [shirosaidev/diskover-web](https://github.com/shirosaidev/diskover-web) Web file manager, disk space usage, storage search engine and file system analytics for diskover
- [**104**Star][11d] [Rust] [sgayou/rbasefind](https://github.com/sgayou/rbasefind) A firmware base address search tool.
- [**104**Star][18d] [JS] [scravy/node-macaddress](https://github.com/scravy/node-macaddress) Get the MAC addresses (hardware addresses) of the hosts network interfaces.
- [**104**Star][1m] [C] [ryd/chaosvpn](https://github.com/ryd/chaosvpn) Config generator for chaos vpn
- [**104**Star][29d] [Py] [roglew/wifikill](https://github.com/roglew/wifikill) A python program to kick people off of wifi
- [**104**Star][5y] [Java] [rednaga/dexhook](https://github.com/rednaga/dexhook) DexHook is a xposed module for capturing dynamically loaded dex files.
- [**104**Star][2m] [Py] [pwnieexpress/pwn_plug_sources](https://github.com/pwnieexpress/pwn_plug_sources) Public source repository for the Pwn Plug platform.
- [**104**Star][16d] [TS] [sonatype-nexus-community/auditjs](https://github.com/sonatype-nexus-community/auditjs) Audits an NPM package.json file to identify known vulnerabilities.
- [**104**Star][27d] [C] [onotelli/justniffer](https://github.com/onotelli/justniffer) Justniffer Just A Network TCP Packet Sniffer .Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic
- [**104**Star][12d] [C++] [nmulasmajic/syscall_exploit_cve-2018-8897](https://github.com/nmulasmajic/syscall_exploit_cve-2018-8897) Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).
- [**104**Star][2y] [C++] [nccgroup/tpmgenie](https://github.com/nccgroup/tpmgenie) TPM Genie is an I2C bus interposer for discrete Trusted Platform Modules
- [**104**Star][1y] [Perl] [mustlive/davoset](https://github.com/mustlive/davoset) DDoS attacks via other sites execution tool (DAVOSET) - it is command line tool for conducting DDoS attacks on the sites via Abuse of Functionality and XML External Entities vulnerabilities at other sites.
- [**104**Star][2y] [Py] [mr-un1k0d3r/windows-signedbinary](https://github.com/mr-un1k0d3r/windows-signedbinary) Generate Windows Signed Binary With a Different Hash
- [**104**Star][4m] [C++] [mixaill/fakepdb](https://github.com/mixaill/fakepdb) 通过IDA数据库生成PDB文件
- [**104**Star][17d] [Py] [magicming200/tomcat-weak-password-scanner](https://github.com/magicming200/tomcat-weak-password-scanner) 醉考拉tomcat后台弱口令扫描器，命令行版+图形界面版。
- [**104**Star][5y] [C] [m0n0ph1/win64-rovnix-vbr-bootkit](https://github.com/m0n0ph1/win64-rovnix-vbr-bootkit) Win64/Rovnix - Volume Boot Record Bootkit
- [**104**Star][17d] [Rust] [loiclec/fuzzcheck-rs](https://github.com/loiclec/fuzzcheck-rs) Structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.
- [**104**Star][7m] [Py] [jssimporter/jssimporter](https://github.com/jssimporter/jssimporter) Upload packages made with AutoPkg to your Jamf Pro server with customizable policies.
- [**104**Star][4m] [Shell] [johanlike/djy-oneplus6-or-oneplus6t-nethunter-andrax-kernel](https://github.com/johanlike/djy-oneplus6-or-oneplus6t-nethunter-andrax-kernel) DJY Nethunter And Andrax Kernel Oneplus6-Oneplus6T
- [**104**Star][8m] [Go] [jessfraz/tupperwarewithspears](https://github.com/jessfraz/tupperwarewithspears) Distributed load testing with containers, Apache benchmark, with OpenVSwitch for networking.
- [**104**Star][1y] [JS] [jasonsheh/sitescan](https://github.com/jasonsheh/sitescan) A tool help get the basic information of one site
- [**104**Star][7m] [Py] [huuck/adbhoney](https://github.com/huuck/adbhoney) Low interaction honeypot designed for Android Debug Bridge over TCP/IP
- [**104**Star][27d] [C++] [hasherezade/snippets](https://github.com/hasherezade/snippets) Various code snippets and small PoCs, to be used for tests or as ready-made skeletons.
- [**104**Star][4m] [gossithedog/threathunting](https://github.com/gossithedog/threathunting) Tools for hunting for threats.
- [**104**Star][2m] [C] [google/pg_page_verification](https://github.com/google/pg_page_verification) verify checksums on PostgreSQL data pages without having to load each page into shared buffer cache
- [**104**Star][3y] [glinares/officemalware](https://github.com/glinares/officemalware) 
- [**104**Star][8m] [C++] [giovannidicanio/winreg](https://github.com/giovannidicanio/winreg) Convenient high-level C++ wrapper around the Windows Registry API
- [**104**Star][1m] [C++] [fvantienen/dji_rev](https://github.com/fvantienen/dji_rev) DJI Reverse engineering
- [**104**Star][22d] [feicong/android-app-sec](https://github.com/feicong/android-app-sec) ISC 2016安全训练营－安卓app逆向与安全防护 ppt
- [**104**Star][4y] [Makefile] [dtrukr/flex_injected](https://github.com/dtrukr/flex_injected) Injecting FLEX with MobileSubstrate. Inject FLEX library into 3rd party apps.
- [**104**Star][9m] [C#] [damonmohammadbagher/nativepayload_reverse_tcp](https://github.com/damonmohammadbagher/nativepayload_reverse_tcp) Meterpreter Encrypted Payload by C#
- [**104**Star][4y] [Java] [cvvt/apptroy](https://github.com/cvvt/apptroy) An Online Analysis System for Packed Android Malware
- [**104**Star][2y] [Py] [coco413/discoversubdomain](https://github.com/coco413/discoversubdomain) 前渗透信息探测工具集-子域名
- [**104**Star][2y] [Java] [clr2of8/gathercontacts](https://github.com/clr2of8/gathercontacts) A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
- [**104**Star][18d] [C] [chef-koch/malware-research](https://github.com/chef-koch/malware-research) Samples, research and documents about any kind of malware and misc source which should be released to the public
- [**104**Star][14d] [C] [capstone-rust/capstone-rs](https://github.com/capstone-rust/capstone-rs) high-level Capstone system bindings for Rust
- [**104**Star][15d] [Py] [botherder/vxcage](https://github.com/botherder/vxcage) REST API based malware repository (abandoned)
- [**104**Star][6m] [Py] [b1eed/vulrec](https://github.com/b1eed/vulrec) 漏洞复现记录
- [**104**Star][11d] [Ruby] [auth0/ruby-auth0](https://github.com/auth0/ruby-auth0) Ruby toolkit for Auth0 API
- [**103**Star][4m] [Py] [will4906/patentcrawler](https://github.com/will4906/patentcrawler) scrapy专利爬虫（停止维护）
- [**103**Star][2m] [JS] [scholtzm/vapor](https://github.com/scholtzm/vapor) a lightweight Steam client framework for node.js which provides unified API for writing custom extensions
- [**103**Star][16d] [Go] [philippgille/ln-paywall](https://github.com/philippgille/ln-paywall) Go middleware for monetizing your API on a per-request basis with Bitcoin and Lightning
- [**103**Star][18d] [C++] [peculiarventures/node-webcrypto-ossl](https://github.com/peculiarventures/node-webcrypto-ossl) A WebCrypto Polyfill for Node in TypeScript built on OpenSSL.
- [**103**Star][3m] [Py] [brantou/crawler](https://github.com/brantou/crawler) 爬虫, http代理, 模拟登陆!
- [**103**Star][26d] [PHP] [spatie/robots-txt](https://github.com/spatie/robots-txt) Determine if a page may be crawled from robots.txt, robots meta tags and robot headers
- [**103**Star][16d] [Py] [tonyseek/rsocks](https://github.com/tonyseek/rsocks) A SOCKS 4/5 reverse proxy server
- [**103**Star][2m] [Java] [naveenrudra/rttm](https://github.com/naveenrudra/rttm) Real Time Threat Monitoring Tool
- [**103**Star][17d] [JS] [lowpowerlab/raspberrypi-gateway](https://github.com/lowpowerlab/raspberrypi-gateway) RaspberryPi socket webserver for home automation
- [**103**Star][5m] [Swift] [nordicsemiconductor/ios-nrf-mesh-library](https://github.com/nordicsemiconductor/ios-nrf-mesh-library) The Bluetooth Mesh Provisioner and Configurator library.
- [**103**Star][15d] [Shell] [honwen/luci-app-shadowsocksr](https://github.com/honwen/luci-app-shadowsocksr) OpenWrt/LEDE LuCI for ShadowsocksR-libev
- [**103**Star][11d] [JS] [xiaozhongliu/taobao-live-crawler](https://github.com/xiaozhongliu/taobao-live-crawler) A crawler on taobao live barrages.
- [**103**Star][2m] [Py] [lintbin/1024crawer](https://github.com/lintbin/1024crawer) 基于python的1024爬虫，可爬下1024的文章和图片放到当前目录上。
- [**103**Star][1m] [Shell] [cyb0r9/quasar](https://github.com/Cyb0r9/quasar) An Information Gathering Framework For Lazy Penetration Testers
- [**103**Star][2m] [CSS] [owasp/owasp-summit-2017](https://github.com/OWASP/owasp-summit-2017) Content for OWASP Summit 2017 site
- [**103**Star][19d] [Java] [open-keychain/openpgp-api](https://github.com/open-keychain/openpgp-api) OpenPGP API library
- [**103**Star][1m] [Py] [ubuntu-mate/mate-dock-applet](https://github.com/ubuntu-mate/mate-dock-applet) application dock for the MATE panel
- [**103**Star][11d] [Java] [yandex/burp-molly-pack](https://github.com/yandex/burp-molly-pack) Security checks pack for Burp Suite
- [**103**Star][28d] [C] [x41sec/x41-smartcard-fuzzing](https://github.com/x41sec/x41-smartcard-fuzzing) X41 Smartcard Fuzzer
- [**103**Star][11d] [Py] [woanware/usbdeviceforensics](https://github.com/woanware/usbdeviceforensics) Python script for extracting USB information from Windows registry hives
- [**103**Star][3m] [JS] [webadb/webadb.js](https://github.com/webadb/webadb.js) ADB host implementation based on WebUSB
- [**103**Star][18d] [Py] [vmavromatis/absolutely-proprietary](https://github.com/vmavromatis/absolutely-proprietary) Proprietary package detector for arch-based distros. Compares your installed packages against Parabola's package blacklist and then prints your Stallman Freedom Index (free/total).
- [**103**Star][5y] [Py] [tripwire/tardis](https://github.com/tripwire/tardis) Threat Analysis, Reconnaissance, and Data Intelligence System
- [**103**Star][12d] [Py] [trendmicro/defplorex](https://github.com/trendmicro/defplorex) defplorex for BlackHat Arsenal
- [**103**Star][11d] [Shell] [thelinuxchoice/infog](https://github.com/thelinuxchoice/infog) Information Gathering Tool
- [**103**Star][17d] [Py] [soroco/pyce](https://github.com/soroco/pyce) Encrypted Python Execution
- [**103**Star][2m] [Py] [rsmusllp/eapeak](https://github.com/rsmusllp/eapeak) Analysis Suite For EAP Enabled Wireless Networks
- [**103**Star][1m] [C++] [sdhash/sdhash](https://github.com/sdhash/sdhash) allows two arbitrary blobs of data to be compared for similarity based on common strings of binary data
- [**103**Star][3y] [Py] [samratashok/continuousintrusion](https://github.com/samratashok/continuousintrusion) Material related to my talks at various conferences on using Continuous Integration tools (Jenkins, Teamcity, Go, Hudson, CruiseControl) for penetration testing
- [**103**Star][13d] [C++] [romainthomas/pyjadx](https://github.com/romainthomas/pyjadx) Jadx Python Binding
- [**103**Star][4m] [Py] [robindavid/idasec](https://github.com/robindavid/idasec) IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform
- [**103**Star][12d] [Py] [powergo/pytracking](https://github.com/powergo/pytracking) Email open and click tracking library
- [**103**Star][4m] [C++] [peterth/gamemaniptutorial](https://github.com/peterth/gamemaniptutorial) A tutorial for manipulating the rendering of a game (generally to increase its quality) if you only have a binary available
- [**103**Star][3m] [C] [peterbjornx/meloader](https://github.com/peterbjornx/meloader) Linux i386 tool to load and execute ME modules.
- [**103**Star][4m] [YARA] [nsacyber/walkoff-apps](https://github.com/nsacyber/walkoff-apps) WALKOFF-enabled applications. #nsacyber
- [**103**Star][6m] [Py] [noplay/scrapy-mongodb](https://github.com/noplay/scrapy-mongodb) Mongodb support for scrapy
- [**103**Star][17d] [Go] [netxfly/crack_ssh](https://github.com/netxfly/crack_ssh) go写的协程版的ssh\redis\mongodb弱口令破解工具
- [**103**Star][3m] [Shell] [mitchellkrogza/phishing.database](https://github.com/mitchellkrogza/phishing.database) Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
- [**103**Star][8m] [C#] [mihazupan/httptosocks5proxy](https://github.com/mihazupan/httptosocks5proxy) C# Http to Socks5 proxy implementation
- [**103**Star][2m] [JS] [malwarelu/malwasm](https://github.com/malwarelu/malwasm) Offline debugger for malware's reverse engineering
- [**103**Star][11d] [C++] [malus-security/iextractor](https://github.com/malus-security/iextractor) Automate extraction from iOS firmware files (.ipsw)
- [**103**Star][4m] [Perl] [m8r0wn/pymeta](https://github.com/m8r0wn/pymeta) 搜索某域名网站的文件,下载并提取元数据, 例如: 域名、用户名、软件版本号、命名约定等
- [**103**Star][5m] [PS] [leeberg/bluecommand](https://github.com/leeberg/bluecommand) Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard
- [**103**Star][12m] [Py] [kibodwapon/noeye](https://github.com/kibodwapon/noeye) A blind mode exploit framework (a dns server and a web app) that like wvs's AcuMonitor Service or burpsuite's collabrator or cloudeye
- [**103**Star][1m] [Py] [jonathansalwan/abf](https://github.com/jonathansalwan/abf) Abstract Binary Format Manipulation - ELF, PE and Mach-O format
- [**103**Star][1y] [Py] [johntroony/blisqy](https://github.com/johntroony/blisqy) Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
- [**103**Star][4m] [Shell] [joarleymoraes/net_guard](https://github.com/joarleymoraes/net_guard) A command line tool to detect new unknown device in your network using ARP protocol
- [**103**Star][2m] [Java] [jkinder/jakstab](https://github.com/jkinder/jakstab) The Jakstab static analysis platform for binaries
- [**103**Star][17d] [C] [jedisct1/encpipe](https://github.com/jedisct1/encpipe) The dum^H^H^Hsimplest encryption tool in the world.
- [**103**Star][2y] [C#] [holly-hacker/eazfixer](https://github.com/holly-hacker/eazfixer) A deobfuscation tool for Eazfuscator.
- [**103**Star][30d] [Py] [he1m4n6a/btscan](https://github.com/he1m4n6a/btscan) 批量漏洞扫描框架
- [**103**Star][1m] [JS] [google/service-worker-detector](https://github.com/google/service-worker-detector) This extension detects if a website registers a Service Worker.
- [**103**Star][14d] [Py] [google/closure-linter](https://github.com/google/closure-linter) Automatically exported from code.google.com/p/closure-linter
- [**103**Star][24d] [Shell] [gavinlyonsrepo/cylon](https://github.com/gavinlyonsrepo/cylon) A CLI TUI menu driven bash shell script supporting updates, maintenance, backups and system checks for an Arch based Linux distro
- [**103**Star][4m] [Java] [ganyao114/va_doc](https://github.com/ganyao114/va_doc) VirtualApp 代码注释
- [**103**Star][1y] [fuchsia-mirror/garnet](https://github.com/fuchsia-mirror/garnet) 
- [**103**Star][23d] [Py] [fox-it/mkyara](https://github.com/fox-it/mkyara) Generating YARA rules based on binary code
- [**103**Star][23d] [Py] [fdiskyou/kcshell](https://github.com/fdiskyou/kcshell) 交互式汇编/反汇编 Shell，Python3编写，基于Keystone/Capstone
- [**103**Star][14d] [Py] [escapingbug/ancypwn](https://github.com/escapingbug/ancypwn) Script to setup pwn environment for CTF with Docker
- [**103**Star][4m] [Py] [elevenpaths/uac-a-mola](https://github.com/elevenpaths/uac-a-mola) 
- [**103**Star][24d] [Py] [debasishm89/burpy](https://github.com/debasishm89/burpy)  parses Burp Suite log and performs various tests depending on the module provided and finally generate a HTML report.
- [**103**Star][4m] [PS] [darkoperator/defcon25_ps_workshop](https://github.com/darkoperator/defcon25_ps_workshop) Materials of Workshop presented at DEFCON 25
- [**103**Star][10d] [PHP] [commixproject/commix-testbed](https://github.com/commixproject/commix-testbed) A collection of web pages, vulnerable to command injection flaws.
- [**103**Star][2y] [C#] [chrismaddalena/sharpcloud](https://github.com/chrismaddalena/sharpcloud) Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.
- [**103**Star][5m] [C++] [cbayet/exploit-cve-2017-6008](https://github.com/cbayet/exploit-cve-2017-6008) Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.
- [**103**Star][27d] [PS] [australiancybersecuritycentre/windows_event_logging](https://github.com/australiancybersecuritycentre/windows_event_logging) Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
- [**103**Star][13d] [Py] [appsecco/spaces-finder](https://github.com/appsecco/spaces-finder) A tool to hunt for publicly accessible DigitalOcean Spaces
- [**103**Star][5y] [Py] [ajinabraham/static-dom-xss-scanner](https://github.com/ajinabraham/static-dom-xss-scanner) Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the given directory and will list out all the possible sources and sinks that may cause DOM XSS. At the end of the scan, the tool will generate an HTML report.
- [**102**Star][10d] [Go] [projectdiscovery/dnsprobe](https://github.com/projectdiscovery/dnsprobe) DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
- [**102**Star][16d] [C] [bcoles/kasld](https://github.com/bcoles/kasld) [ KASLD ] Kernel Address Space Layout Derandomization - A collection of various techniques to bypass Linux Kernel Address Space Layout Randomization (KASLR) and retrieve the kernel base virtual address on x86 / x86_64 architectures as an unprivileged local user.
- [**102**Star][22d] [Java] [sojamo/oscp5](https://github.com/sojamo/oscp5) An Open Sound Control (OSC) implementation for Java and Processing
- [**102**Star][2y] [Py] [linukey/datamining-and-social-sentiment-analysis-based-on-weibo](https://github.com/linukey/datamining-and-social-sentiment-analysis-based-on-weibo) 基于微博的数据挖掘与社交舆情分析
- [**102**Star][10m] [Py] [imflyn/decoration-design-crawler](https://github.com/imflyn/decoration-design-crawler) 土巴兔和谷居装修网站爬虫
- [**102**Star][10d] [Py] [entynetproject/phonia](https://github.com/entynetproject/phonia) Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
- [**102**Star][10d] [PHP] [jikan-me/jikan-rest](https://github.com/jikan-me/jikan-rest) The REST API for Jikan
- [**102**Star][13d] [Rust] [omerbenamram/evtx](https://github.com/omerbenamram/evtx) A Fast (and safe) parser for the Windows XML Event Log (EVTX) format
- [**102**Star][4m] [C++] [barbatunnelcoder/barbatunnel](https://github.com/barbatunnelcoder/barbatunnel) A layer that hide, redirect. forward, re-encrypt internet packet to keep VPN, Proxies and other p2p software hidden from Firewall. Free implementation for HTTP-Tunnel, UDP-Tunnel, port forwarding, port redirecting and packet re-encryption that can work in network data-link layer and transport layer
- [**102**Star][10d] [JS] [sonnylazuardi/reactriot2017-dotamania](https://github.com/sonnylazuardi/reactriot2017-dotamania) eb scraping made easy with the visual  mind map editor to JSON
- [**102**Star][14d] [Java] [grammarviz2/grammarviz2_src](https://github.com/grammarviz2/grammarviz2_src) GrammarViz 2.0 public release:
- [**102**Star][5m] [Py] [zhao94254/pspider](https://github.com/zhao94254/pspider) 一个简单的分布式爬虫框架
- [**102**Star][1m] [zhangslob/docs](https://github.com/zhangslob/docs) 《数据采集从入门到放弃》源码。内容简介：爬虫介绍、就业情况、爬虫工程师面试题 ；HTTP协议介绍； Requests使用 ；解析器Xpath介绍； MongoDB与MySQL； 多线程爬虫； Scrapy介绍 ；Scrapy-redis介绍； 使用docker部署； 使用nomad管理docker集群； 使用EFK查询docker日志
- [**102**Star][11d] [bat67/awesome-algorithm-books](https://github.com/bat67/awesome-algorithm-books) 
- [**102**Star][12d] [Py] [dangsh/hive](https://github.com/dangsh/hive) lots of spider (很多爬虫）
- [**102**Star][2m] [C] [ktls/af_ktls](https://github.com/ktls/af_ktls) Linux Kernel TLS/DTLS Module
- [**102**Star][15d] [CSS] [gh0stkey/ahrid](https://github.com/gh0stkey/ahrid) AHRID - Analysis Hacker's Real-ID Platform 黑客攻击画像分析系统
- [**102**Star][11d] [C] [taviso/cefdebug](https://github.com/taviso/cefdebug) Minimal code to connect to a CEF debugger.
- [**102**Star][11d] [Py] [duo-labs/secret-bridge](https://github.com/duo-labs/secret-bridge) Monitors Github for leaked secrets
- [**102**Star][13d] [C++] [whid-injector/whid-31337](https://github.com/whid-injector/whid-31337) WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
- [**102**Star][11d] [Py] [elliiot/ghidra_darknight](https://github.com/elliiot/ghidra_darknight) DarkNight theme for Ghidra
- [**102**Star][15d] [Py] [furniel/apk-changer](https://github.com/furniel/apk-changer) Command line program for modifying apk files
- [**102**Star][2m] [polarislab/secpaper](https://github.com/PolarisLab/SecPaper) SecurityPaper For
- [**102**Star][21d] [Py] [demantz/frizzer](https://github.com/demantz/frizzer) Frida-based general purpose fuzzer
- [**102**Star][24d] [Py] [presto412/captcha-cracker](https://github.com/Presto412/Captcha-Cracker) Cracks the Captcha at VIT University's Academics Portal
- [**102**Star][4m] [PS] [dsccommunity/computermanagementdsc](https://github.com/dsccommunity/ComputerManagementDsc) DSC resources for for configuration of a Windows computer. These DSC resources allow you to perform computer management tasks, such as renaming the computer, joining a domain and scheduling tasks as well as configuring items such as virtual memory, event logs, time zones and power settings.
- [**102**Star][27d] [ObjC] [kealdishx/icmethoddigger](https://github.com/kealdishx/ICMethodDigger) An easy way to print almost methods including private methods (supported arm64 architecture devices).
- [**102**Star][4m] [Py] [hackthissite/ctf-writeups](https://github.com/HackThisSite/CTF-Writeups) Things we learned from Capture The Flag hacking competitions we participated in.
- [**102**Star][12d] [Py] [lorentzenman/youzer](https://github.com/lorentzenman/youzer) Fake User Generator for Active Directory Environments
- [**102**Star][3m] [Py] [rapid7/le](https://github.com/rapid7/le) A command line utility for a convenient access to Logentries logging infrastructure.
- [**102**Star][4y] [yoojinl/fuzzdb](https://github.com/yoojinl/fuzzdb) Use
- [**102**Star][4y] [Go] [zaf/sipshock](https://github.com/zaf/sipshock) A scanner for SIP proxies vulnerable to Shellshock
- [**102**Star][7m] [Py] [wstart/db_baseline](https://github.com/wstart/db_baseline) 数据库基线检查工具
- [**102**Star][4m] [woolabs/reverseng](https://github.com/woolabs/reverseng) 《Reverse Engineering for Beginners》翻译
- [**102**Star][2y] [JS] [warflop/fireshodanmap](https://github.com/warflop/fireshodanmap) FireShodanMap is a Realtime map that integrates Firebase, Google Maps and Shodan. A search is carried out using Shodan searching vulnerable devices and they are showed on the map for analysis. All data updated in Firebase are Realtime.
- [**102**Star][3y] [veramine/detections](https://github.com/veramine/detections) 
- [**102**Star][16d] [C++] [stealth/fraud-bridge](https://github.com/stealth/fraud-bridge) ICMP and DNS tunneling via IPv4 and IPv6
- [**102**Star][26d] [Py] [spring-epfl/lightnion](https://github.com/spring-epfl/lightnion) A light version of Tor portable to the browser
- [**102**Star][2y] [PS] [rhinosecuritylabs/aggressor-scripts](https://github.com/rhinosecuritylabs/aggressor-scripts) Aggregation of Cobalt Strike's aggressor scripts.
- [**102**Star][2m] [Go] [renatoathaydes/go-hash](https://github.com/renatoathaydes/go-hash) Small utility to store secret information like passwords.
- [**102**Star][2y] [JS] [rassec/a_scan_framework](https://github.com/rassec/a_scan_framework) Network Security Vulnerability Manage
- [**102**Star][10d] [Shell] [ppabc/security_check](https://github.com/ppabc/security_check) LINUX安全检查脚本，支持centos5,centos6,ubuntu
- [**102**Star][1y] [C] [nowrep/vita-shellbat](https://github.com/nowrep/vita-shellbat) taiHEN plugin that shows battery percent in statusbar
- [**102**Star][1m] [CSS] [nonce-disrespect/nonce-disrespect](https://github.com/nonce-disrespect/nonce-disrespect) Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
- [**102**Star][2y] [Java] [mystech7/burp-hunter](https://github.com/mystech7/burp-hunter) XSS Hunter Burp Plugin
- [**102**Star][4m] [Py] [milo2012/cve-2018-13382](https://github.com/milo2012/cve-2018-13382) CVE-2018-13382
- [**102**Star][1y] [Go] [milo2012/cve-2018-0296](https://github.com/milo2012/cve-2018-0296) Test CVE-2018-0296 and extract usernames
- [**102**Star][14d] [Py] [martinvigo/voicemailautomator](https://github.com/martinvigo/voicemailautomator) A tool that serves as a Proof of Concept for the research I presented at DEF CON 26, "Compromising online accounts by cracking voicemail systems"
- [**102**Star][5m] [Py] [macr0phag3/sniffer](https://github.com/macr0phag3/sniffer) A Sniffer for Open-WLAN
- [**102**Star][1m] [Py] [localh0t/backfuzz](https://github.com/localh0t/backfuzz) protocol fuzzing toolkit
- [**102**Star][19d] [CSS] [lmy375/pinvmp](https://github.com/lmy375/pinvmp) 虚拟化代码辅助分析工具
- [**102**Star][1y] [C] [joel16/psv-vsh-menu](https://github.com/joel16/psv-vsh-menu) A VSH menu tai-hen plugin for the PS VITA.
- [**102**Star][2m] [C] [jndok/iokit-dumper-arm64](https://github.com/jndok/iokit-dumper-arm64) tool for statically reconstructing the IOKit classes hierarchy from iOS kernelcache dumps
- [**102**Star][9m] [PS] [jaredhaight/windowsattackanddefenselab](https://github.com/jaredhaight/windowsattackanddefenselab) 
- [**102**Star][4m] [Py] [itsmehacker/cardpwn](https://github.com/itsmehacker/cardpwn) OSINT Tool to find Breached Credit Cards Information
- [**102**Star][2m] [C] [iaik/flush_flush](https://github.com/iaik/flush_flush) This repository contains examples of Flush+Flush cache attacks
- [**102**Star][1y] [Py] [hegusung/webhashcat](https://github.com/hegusung/webhashcat) Hashcat web interface
- [**102**Star][20d] [Ruby] [hahwul/metasploit-autopwn](https://github.com/hahwul/metasploit-autopwn) db_autopwn plugin of metasploit
- [**102**Star][3m] [C] [gdbinit/hydra](https://github.com/gdbinit/hydra) A kernel extension and userland daemon to patch applications
- [**102**Star][2m] [C] [enzolovesbacon/inficere](https://github.com/enzolovesbacon/inficere) Mac OS X rootkit - for learning purposes
- [**102**Star][4y] [PS] [enigma0x3/invoke-loginprompt](https://github.com/enigma0x3/invoke-loginprompt) Invokes a Windows Security Login Prompt and outputs the clear text password.
- [**102**Star][10m] [Ruby] [emboss/heartbeat](https://github.com/emboss/heartbeat) Ruby script to test your server for the TLS Heartbleed attack.
- [**102**Star][14d] [JS] [ehmicky/unix-permissions](https://github.com/ehmicky/unix-permissions) Swiss Army knife for Unix permissions
- [**102**Star][28d] [Shell] [dylanaraps/bin](https://github.com/dylanaraps/bin) 
- [**102**Star][13d] [Py] [dugsong/pypcap](https://github.com/dugsong/pypcap) a simplified object-oriented Python wrapper for libpcap 
- [**102**Star][4m] [C] [djrbliss/libplayground](https://github.com/djrbliss/libplayground) A simple framework for developing Linux kernel heap exploit techniques
- [**102**Star][12d] [PS] [darkoperator/powershell_scripts](https://github.com/darkoperator/powershell_scripts) Powershell Scripts
- [**102**Star][24d] [Py] [danmcinerney/msf-autopwn](https://github.com/danmcinerney/msf-autopwn) Autoexploitation of some of the most common vulnerabilities in wild
- [**102**Star][4y] [Py] [cr4sh/uefi_boot_script_expl](https://github.com/cr4sh/uefi_boot_script_expl) CHIPSEC module that exploits UEFI boot script table vulnerability
- [**102**Star][4m] [Shell] [conanwhf/raspberrypi-script](https://github.com/conanwhf/raspberrypi-script) RaspberryPi 2-B script
- [**102**Star][17d] [chrisdiana/awesome-odroid-go](https://github.com/chrisdiana/awesome-odroid-go)  A collection of awesome ODROID-GO emulators, games and resources
- [**102**Star][5m] [C++] [cea-list/cingulata](https://github.com/cea-list/cingulata) Cingulata (pronounced "tchingulata") is a compiler toolchain and RTE for running C++ programs over encrypted data by means of fully homomorphic encryption techniques.
- [**102**Star][10d] [PS] [carbonblack/tau-tools](https://github.com/carbonblack/tau-tools) A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit
- [**102**Star][1m] [Shell] [baguswiratmaadi/catnip](https://github.com/baguswiratmaadi/catnip) Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux
- [**102**Star][2y] [C#] [atredispartners/cve-2018-0952-systemcollector](https://github.com/atredispartners/cve-2018-0952-systemcollector) PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service
- [**102**Star][4m] [Shell] [arthastang/iot-implant-toolkit](https://github.com/arthastang/iot-implant-toolkit) Toolkit for implant attack of IoT devices
- [**102**Star][2m] [Py] [anx1ang/poc_pentest](https://github.com/anx1ang/poc_pentest) 
- [**102**Star][1m] [Java] [andrewmichaelsmith/bluepot](https://github.com/andrewmichaelsmith/bluepot) Bluetooth Honeypot
- [**102**Star][4y] [Py] [alexplaskett/qnxsecurity](https://github.com/alexplaskett/qnxsecurity) QNX and BB10 Security Tools
- [**102**Star][14d] [Py] [akamai-threat-research/mqtt-pwn](https://github.com/akamai-threat-research/mqtt-pwn) MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
- [**102**Star][10d] [Py] [airbus-cert/regrippy](https://github.com/airbus-cert/regrippy)  a framework for reading and extracting useful forensics data from Windows registry hives
- [**101**Star][3m] [Py] [digitalcriminal/onlyfans](https://github.com/digitalcriminal/onlyfans) Scrape all the media from a OnlyFans account
- [**101**Star][2m] [JS] [magnolia1234/bypass-paywalls-chrome-clean](https://github.com/magnolia1234/bypass-paywalls-chrome-clean) Bypass Paywalls Clean for Chrome (no Google Analytics, lot of updates and bug-fixes)
- [**101**Star][4m] [JS] [masahiro331/cve-2019-10758](https://github.com/masahiro331/cve-2019-10758) 
- [**101**Star][2y] [JS] [joekarlsson/data-structures](https://github.com/joekarlsson/data-structures) Common data structures and algorithms implemented in JavaScript
- [**101**Star][22d] [C++] [kaidul/data_structure_and_algorithms_library](https://github.com/kaidul/data_structure_and_algorithms_library) A collection of classical algorithms and data-structures implementation in C++ for coding interview and competitive programming
- [**101**Star][13d] [Py] [williamgilpin/pypdb](https://github.com/williamgilpin/pypdb) A Python API for the RCSB Protein Data Bank (PDB)
- [**101**Star][11d] [Py] [webbreacher/osinttools](https://github.com/webbreacher/osinttools) A collection of random OSINT scripts
- [**101**Star][4m] [Py] [fanhuaandluomu/pkulaw_spider](https://github.com/fanhuaandluomu/pkulaw_spider) 爬取北大法宝网
- [**101**Star][14d] [C] [caesar0301/pkt2flow](https://github.com/caesar0301/pkt2flow) A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the tra…
- [**101**Star][21d] [isecpartners/jailbreak-windows](https://github.com/isecpartners/jailbreak-windows) Certificate extraction tool for Windows
- [**101**Star][11d] [amimo/goron](https://github.com/amimo/goron) Yet another llvm based obfuscator
- [**101**Star][8m] [Py] [6e726d/wig](https://github.com/6e726d/wig) Tools for 802.11 information gathering.
- [**101**Star][5m] [smi1esec/web-security-note](https://github.com/Smi1eSEC/Web-Security-Note) Record some common Web security sites
- [**101**Star][1y] [C#] [zodiacon/peexplorer](https://github.com/zodiacon/peexplorer) Portable Executable Explorer
- [**101**Star][3y] [Py] [wolph/python-statsd](https://github.com/wolph/python-statsd) Python Client for the Etsy NodeJS Statsd Server
- [**101**Star][12d] [C] [vulhub/redis-rogue-getshell](https://github.com/vulhub/redis-rogue-getshell) redis 4.x/5.x master/slave getshell module
- [**101**Star][2m] [Shell] [vishnudxb/docker-blackeye](https://github.com/vishnudxb/docker-blackeye) Docker container for creating the phishing sites using Blackeye
- [**101**Star][4m] [Py] [violentshell/rover](https://github.com/violentshell/rover) Proof of Concept code for CVE-2016-5696
- [**101**Star][5m] [C++] [trailofbits/sienna-locomotive](https://github.com/trailofbits/sienna-locomotive) A user-friendly fuzzing and crash triage tool for Windows
- [**101**Star][13d] [C++] [trailofbits/llvm-sanitizer-tutorial](https://github.com/trailofbits/llvm-sanitizer-tutorial) An LLVM sanitizer tutorial
- [**101**Star][16d] [Shell] [thelinuxchoice/brutecms](https://github.com/thelinuxchoice/brutecms) Multi-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart
- [**101**Star][16d] [Py] [tehsyntx/loffice](https://github.com/tehsyntx/loffice) Lazy Office Analyzer
- [**101**Star][17d] [Go] [tbiehn/curryfinger](https://github.com/tbiehn/curryfinger) CURRYFINGER - SNI & Host header spoofing utility.
- [**101**Star][10d] [Go] [tarampampam/mikrotik-hosts-parser](https://github.com/tarampampam/mikrotik-hosts-parser) 
- [**101**Star][21d] [Go] [subgraph/fw-daemon](https://github.com/subgraph/fw-daemon) Subgraph Application Firewall
- [**101**Star][2m] [C] [stonedreamforest/re_sysdiag](https://github.com/stonedreamforest/re_sysdiag) 逆向火绒安全软件驱动——sysdiag
- [**101**Star][3m] [Java] [skjolber/3d-bin-container-packing](https://github.com/skjolber/3d-bin-container-packing) A variant of the Largest Area Fit First (LAFF) algorithm + brute force algorithm
- [**101**Star][2y] [C] [shellster/dcsyncmonitor](https://github.com/shellster/dcsyncmonitor) Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.
- [**101**Star][5y] [Ruby] [sam-b/hashdata](https://github.com/sam-b/hashdata) A command line Hash Identifying tool.
- [**101**Star][3y] [PS] [russelltomkins/active-directory](https://github.com/russelltomkins/active-directory) Collection of scripts for Querying and Managing Active Directory and Domain Controllers
- [**101**Star][4y] [Py] [ridter/myjsrat](https://github.com/ridter/myjsrat) This is JSRat.ps1 in Python
- [**101**Star][15d] [Py] [pyudev/pyudev](https://github.com/pyudev/pyudev) Python bindings to libudev (with support for PyQt4, PySide, pygobject and wx)
- [**101**Star][2y] [Py] [pure-l0g1c/pulse](https://github.com/pure-l0g1c/pulse) Brute Force For Facebook,Instagram & Twitter
- [**101**Star][8m] [polarislab/secpaper](https://github.com/polarislab/secpaper) SecurityPaper For
- [**101**Star][17d] [Py] [pnfsoftware/jeb2-samplecode](https://github.com/pnfsoftware/jeb2-samplecode) Sample extensions for JEB Decompiler
- [**101**Star][3y] [Py] [ncouture/mockssh](https://github.com/ncouture/mockssh) Mock an SSH server and define all commands it supports (Python, Twisted)
- [**101**Star][12m] [mr-xn/hackbar2.1.3](https://github.com/mr-xn/hackbar2.1.3) the free firefox extions of hackbar v2.1.3 ,hackbar 插件未收费的免费版本
- [**101**Star][3y] [Py] [mr-un1k0d3r/sct-obfuscator](https://github.com/mr-un1k0d3r/sct-obfuscator) Cobalt Strike SCT payload obfuscator
- [**101**Star][1m] [momika233/joomla-3.4.6-rce](https://github.com/momika233/joomla-3.4.6-rce) Joomla 3.4.6 – Remote Code Execution
- [**101**Star][3y] [C] [micropython/micropython-unicorn](https://github.com/micropython/micropython-unicorn) 基于 Unicorn 模拟器的虚拟微控制器（virtual microcontroller），以及针对此虚拟微控制器的 MicroPython。
- [**101**Star][3y] [mattifestation/deviceguardbypassmitigationrules](https://github.com/mattifestation/deviceguardbypassmitigationrules) A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses
- [**101**Star][12d] [Py] [matt-kempster/mips_to_c](https://github.com/matt-kempster/mips_to_c) A MIPS decompiler.
- [**101**Star][2m] [Go] [marinx/keylogger](https://github.com/marinx/keylogger) Basic keylogger in Go (no C deps)
- [**101**Star][3m] [Go] [ls0f/cracker](https://github.com/ls0f/cracker) tunnel over http[s]
- [**101**Star][26d] [Py] [le4f/dnsmaper](https://github.com/le4f/dnsmaper) 子域名枚举与地图标记
- [**101**Star][2m] [C] [itemir/dump1090_sdrplus](https://github.com/itemir/dump1090_sdrplus) Dump1090_sdrplus is a Mode S decoder for Software Defined Radio (SDR) devices including RTL SDR, HackRF, Airspy and SDRplay.
- [**101**Star][27d] [Java] [irsl/jackson-rce-via-spel](https://github.com/irsl/jackson-rce-via-spel) An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
- [**101**Star][4m] [ignitetechnologies/vulnhub-ctf-writeups](https://github.com/ignitetechnologies/vulnhub-ctf-writeups) This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
- [**101**Star][1y] [C++] [huanghongkai/game-helper](https://github.com/huanghongkai/game-helper) 介绍入门级游戏辅助的原理，内附有2018年2月dnf辅助C++源码
- [**101**Star][2y] [Py] [g0rx/cve-2018-7600-drupal-rce](https://github.com/g0rx/cve-2018-7600-drupal-rce) CVE-2018-7600 Drupal RCE
- [**101**Star][5y] [Java] [finn-no/xss-html-filter](https://github.com/finn-no/xss-html-filter) Open Sourced HTML filtering utility for Java. Used to parse user-submitted input and sanitize it against potential cross site scripting attacks, malicious html, or simply badly formed html.
- [**101**Star][5m] [C++] [fdiskyou/iris](https://github.com/fdiskyou/iris) WinDbg extension to display Windows process mitigations
- [**101**Star][11d] [Java] [ekreutz/react-native-barcode-scanner-google](https://github.com/ekreutz/react-native-barcode-scanner-google) Barcode scanner for react native, which implements barcode detection from Google's Vision API.
- [**101**Star][3y] [C] [codecat/clawsearch](https://github.com/codecat/clawsearch) A memory scanner plugin for x64dbg, inspired by Cheat Engine.
- [**101**Star][2m] [Py] [blasty/moneyshot](https://github.com/blasty/moneyshot) A collection of python scripts to aid you in the final steps of binary exploitation or during the construction of buffers.
- [**101**Star][15d] [C] [benjibobs/async_wake](https://github.com/benjibobs/async_wake) iOS 11.1.2 kernel exploit and PoC local kernel debugger by
- [**101**Star][12d] [Py] [arbazkiraak/certasset](https://github.com/arbazkiraak/certasset) Takes ip range, Scan all open SSL Certs, Grab Cnames
- [**101**Star][13d] [Py] [andresriancho/websocket-fuzzer](https://github.com/andresriancho/websocket-fuzzer) HTML5 WebSocket message fuzzer
- [**101**Star][4y] [Py] [allyshka/pwngitmanager](https://github.com/allyshka/pwngitmanager) Git manager for pentesters
- [**101**Star][14d] [Py] [alanscodelog/blender-debugger-for-vscode](https://github.com/alanscodelog/blender-debugger-for-vscode) Blender addon for remote debugging Blender with VS Code (and Visual Studio)
- [**101**Star][3y] [C] [akayn/postexploits](https://github.com/akayn/postexploits) post exploitation: Keyloggers, UacByPass etc..
- [**101**Star][4y] [C#] [aaaddress1/my-little-ransomware](https://github.com/aaaddress1/my-little-ransomware) easy ransomware module base on csharp.
- [**101**Star][4m] [Shell] [52fancy/google-bbr](https://github.com/52fancy/google-bbr) GooGle开源TCP加速算法
- [**101**Star][21d] [001spartan/aggressor_scripts](https://github.com/001spartan/aggressor_scripts) A collection of useful scripts for Cobalt Strike
- [**100**Star][1y] [Go] [covenantsql/covenantforum](https://github.com/covenantsql/covenantforum) CovenantForum is a simple Decentralized forum powered by CovenantSQL.
- [**100**Star][16d] [Go] [mxssl/tg-captcha-bot](https://github.com/mxssl/tg-captcha-bot) Telegram Сaptcha Bot
- [**100**Star][10d] [Py] [zhang0peter/bilibili-user-information-spider](https://github.com/zhang0peter/bilibili-user-information-spider) B站3亿用户信息爬虫（mid号，昵称，性别，关注，粉丝，等级）
- [**100**Star][4m] [Py] [1061700625/wechat_article](https://github.com/1061700625/wechat_article) 爬取微信公众号文章
- [**100**Star][21d] [JS] [jtangming/algorithms](https://github.com/jtangming/algorithms) Algorithms and data structures implemented in JavaScript with explanations, for further readings
- [**100**Star][27d] [C] [gildor2/fast_zlib](https://github.com/gildor2/fast_zlib) Heavily optimized zlib compression algorithm
- [**100**Star][8d] [C#] [springhgui/fasttunnel](https://github.com/springhgui/fasttunnel) expose a local server behind a NAT or firewall to the internet like ngrok and frp. NAT ssh proxy tunnel reverse-proxy 跨平台内网穿透工具 远程内网计算机 域名访问内网站点 反向代理内网服务 花生壳 端口转发 http代理 微信 小程序
- [**100**Star][1m] [Ruby] [sous-chefs/openvpn](https://github.com/sous-chefs/openvpn) Development repository for the openvpn cookbook
- [**100**Star][30d] [Py] [sshell/reddit-analyzer](https://github.com/sshell/reddit-analyzer) find out when and where someone is posting to reddit
- [**100**Star][1m] [Py] [caesar0301/graphsim](https://github.com/caesar0301/graphsim) Graph similarity algorithms based on NetworkX.
- [**100**Star][21d] [v2ray/discussion](https://github.com/v2ray/discussion) For general discussion over Project V development and usage.
- [**100**Star][14d] [Shell] [shibli2700/rekon](https://github.com/shibli2700/rekon) The project contains multiple shell scripts for automating the tasks which most of the hackers struggle during their recon phase.
- [**100**Star][1y] [winterssy/miui-purify](https://github.com/winterssy/miui-purify) 个人兴趣项目存档，使用 apktool 魔改 MIUI ROM，去除 MIUI 系统新增的广告。
- [**100**Star][4m] [PHP] [cybercog/laravel-optimus](https://github.com/cybercog/laravel-optimus) Transform your internal id's to obfuscated integers based on Knuth's integer hash. Laravel wrapper for the Optimus Library by Jens Segers with multiple connections support.
- [**100**Star][16d] [C++] [tihmstar/ra1nsn0w](https://github.com/tihmstar/ra1nsn0w) A tethered booter for 64bit iOS devices vulnerable to checkm8
- [**100**Star][26d] [Py] [lockedbyte/cryptovenom](https://github.com/lockedbyte/cryptovenom) Cryptovenom: The Cryptography Swiss Army Knife
- [**100**Star][1m] [antid0tecom/ios-kerneldocs](https://github.com/Antid0teCom/ios-kerneldocs) Various files helping to better understand the iOS / WatchOS / tvOS kernels
- [**100**Star][5m] [C] [sciencemanx/ctf_import](https://github.com/sciencemanx/ctf_import) Run basic functions from stripped binaries cross platform
- [**100**Star][4m] [Go] [zonedb/zonedb](https://github.com/zonedb/zonedb) Public Zone Database
- [**100**Star][4y] [Py] [ym2011/scanbackdoor](https://github.com/ym2011/scanbackdoor) Webshell扫描工具，通过各种规则和算法实现服务器脚本后门查杀
- [**100**Star][4m] [C#] [xxxthedarkprogramerxxx/ps3tools](https://github.com/xxxthedarkprogramerxxx/ps3tools) Open Source PlayStation Tools
- [**100**Star][14d] [Batchfile] [tresacton/passwordstealer](https://github.com/tresacton/passwordstealer) USB / CD / DVD autorun password stealer
- [**100**Star][3y] [Java] [tengzhangchao/pycmd](https://github.com/tengzhangchao/pycmd) python+php+jsp WebShell（一句话木马）
- [**100**Star][17d] [Py] [takuzoo3868/penta](https://github.com/takuzoo3868/penta) Open source all-in-one CLI tool to semi-automate pentesting.
- [**100**Star][29d] [C#] [stufus/reconerator](https://github.com/stufus/reconerator) C# Targeted Attack Reconnissance Tools
- [**100**Star][3m] [Py] [sonickun/ctf-crypto-writeups](https://github.com/sonickun/ctf-crypto-writeups) 
- [**100**Star][20d] [JS] [sk4ddy/remediatetheflag](https://github.com/sk4ddy/remediatetheflag) RTF is an open source Practical AppSec Training platform.
- [**100**Star][4y] [PHP] [silentbreaksec/throwbacklp](https://github.com/silentbreaksec/throwbacklp) Listening Post for Throwback Implant
- [**100**Star][11d] [Go] [richardlehane/siegfried](https://github.com/richardlehane/siegfried) signature-based file format identification
- [**100**Star][4y] [Py] [racwn/wp-file-analyser](https://github.com/racwn/wp-file-analyser) Find modified, missing and extra files in a WordPress directory
- [**100**Star][14d] [JS] [phusion/node-sha3](https://github.com/phusion/node-sha3) SHA3 for JavaScript - The Keccak family of hash algorithms
- [**100**Star][4m] [Py] [phith0n/realworldctf](https://github.com/phith0n/realworldctf) My Real World CTF challenges
- [**100**Star][2m] [Py] [onesourcecat/scan-framework](https://github.com/onesourcecat/scan-framework) A framework used for Vulnerability scanning
- [**100**Star][4m] [Java] [odrin/droid-watcher](https://github.com/odrin/droid-watcher) [OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application
- [**100**Star][25d] [TS] [nowsecure/airspy](https://github.com/nowsecure/airspy) AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training
- [**100**Star][2y] [Lua] [niallmcl/deep-android-malware-detection](https://github.com/niallmcl/deep-android-malware-detection) Code for Deep Android Malware Detection paper
- [**100**Star][4m] [JS] [n0tan3rd/squidwarc](https://github.com/n0tan3rd/squidwarc) Squidwarc is a high fidelity, user scriptable, archival crawler that uses Chrome or Chromium with or without a head
- [**100**Star][2y] [Go] [mxi4oyu/dockerxscan](https://github.com/mxi4oyu/dockerxscan) DockerXScan——Docker镜像漏洞扫描器
- [**100**Star][4m] [Py] [mr-un1k0d3r/shellcoding](https://github.com/mr-un1k0d3r/shellcoding) Shellcoding utilities
- [**100**Star][11d] [Java] [mnemonic-no/act-platform](https://github.com/mnemonic-no/act-platform) Open platform for collection and exchange of threat intelligence information
- [**100**Star][2m] [Py] [matonis/page_brute](https://github.com/matonis/page_brute)  a digital forensic tool purposed to analyze and categorize individual paged memory frames from Windows Page Files by appying YARA-based signatures to fix-sized blocks of pagefile.sys
- [**100**Star][3m] [Py] [matiasb/demiurge](https://github.com/matiasb/demiurge) PyQuery-based scraping micro-framework.
- [**100**Star][10m] [Py] [marcog3/whatsdump](https://github.com/marcog3/whatsdump) Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)
- [**100**Star][10d] [Py] [majimboo/mviewer](https://github.com/majimboo/mviewer) Reverse Engineer MView 3D File Format
- [**100**Star][1y] [Py] [krintoxi/noobsec-toolkit](https://github.com/krintoxi/noobsec-toolkit) NoobSecToolkit is a Python Based Tool kit that brings together powerful security and anonymity tools and scripts with predefined security configurations and modifications. Making it very simple for students and the inexperienced to get started with offensive security!
- [**100**Star][4m] [Swift] [kofktu/sniffer](https://github.com/kofktu/sniffer) Networking activity logger for Swift
- [**100**Star][1y] [C] [kirillwow/ids_bypass](https://github.com/kirillwow/ids_bypass) 入侵检测系统(IDS)绕过PoC
- [**100**Star][4m] [C#] [iceman1001/chameleonmini-rebootedgui](https://github.com/iceman1001/chameleonmini-rebootedgui) Windows based GUI for Chameleon Mini, the contactless smartcard emulator (NFC/RFID)
- [**100**Star][19d] [Py] [highmeh/lure](https://github.com/highmeh/lure) Lure - User Recon Automation for GoPhish
- [**100**Star][29d] [C++] [hasherezade/pe_recovery_tools](https://github.com/hasherezade/pe_recovery_tools) Helper tools for recovering dumped PE files
- [**100**Star][5m] [JS] [harthur/firefox-client](https://github.com/harthur/firefox-client) [UNMAINTAINED] Node.js remote debugging client for Firefox
- [**100**Star][11d] [Java] [hao117/bee-apm](https://github.com/hao117/bee-apm) BeeAPM is a distributed tracing system and APM ( Application Performance Monitoring )
- [**100**Star][13d] [Py] [fr0gger/vthunting](https://github.com/fr0gger/vthunting) Vthunting is a tiny script used to generate report about Virus Total hunting and send it by email, slack or telegram.
- [**100**Star][3y] [Py] [foospidy/grepbugs](https://github.com/foospidy/grepbugs) A regex based source code scanner.
- [**100**Star][2m] [Py] [fmk0/scripts](https://github.com/fmk0/scripts) 
- [**100**Star][2m] [C] [elfmaster/dsym_obfuscate](https://github.com/elfmaster/dsym_obfuscate) Obfuscates dynamic symbol table
- [**100**Star][15d] [JS] [desudesutalk/desudesutalk](https://github.com/desudesutalk/desudesutalk) Steganography for imageboards
- [**100**Star][2m] [Py] [cx9527/strongdb](https://github.com/cx9527/strongdb) gdb plugin for android debugging
- [**100**Star][4m] [Go] [covenantsql/cookiescanner](https://github.com/covenantsql/cookiescanner) Cookie Scanner for GDPR compliance
- [**100**Star][5m] [PS] [cottinghamd/hardeningauditor](https://github.com/cottinghamd/hardeningauditor) Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides
- [**100**Star][21d] [JS] [consensys/truffle-security](https://github.com/consensys/truffle-security) MythX smart contract security verification plugin for Truffle Framework
- [**100**Star][4m] [Py] [circl/url-abuse](https://github.com/circl/url-abuse)  A Versatile Software for URL review, analysis and black-list reporting
- [**100**Star][2y] [C] [cetfor/antidbg](https://github.com/cetfor/antidbg) A bunch of Windows anti-debugging tricks.
- [**100**Star][2m] [Py] [atarantini/wpbf](https://github.com/atarantini/wpbf) Remotely test password strength of WordPress bloging software
- [**100**Star][7m] [C++] [artsabintsev/ethminer-for-macos](https://github.com/artsabintsev/ethminer-for-macos) Ethereum GPU Miner for macOS.
- [**100**Star][27d] [JS] [anttikurittu/kirjuri](https://github.com/anttikurittu/kirjuri) a web application for managing cases and physical forensic evidence items.
- [**100**Star][1y] [Assembly] [86hh/dreamloader](https://github.com/86hh/dreamloader) Simple 32/64-bit PEs loader.
- [**99**Star][2m] [Py] [damian89/extended-ssrf-search](https://github.com/damian89/extended-ssrf-search) Smart ssrf scanner using different methods like parameter brute forcing in post and get...
- [**99**Star][3m] [0nise/cve-2020-1938](https://github.com/0nise/cve-2020-1938) CVE-2020-1938
- [**99**Star][18d] [Py] [ambionics/mt_rand-reverse](https://github.com/ambionics/mt_rand-reverse) Script to recover mt_rand()'s seed with only two outputs and without any bruteforce.
- [**99**Star][2m] [Go] [mercari/certificate-expiry-monitor-controller](https://github.com/mercari/certificate-expiry-monitor-controller) Certificate Expiry Monitor Controller monitors the expiration of TLS certificates used in Ingress.
- [**99**Star][13d] [Py] [cocrawler/cocrawler](https://github.com/cocrawler/cocrawler) CoCrawler is a versatile web crawler built using modern tools and concurrency.
- [**99**Star][13d] [Kotlin] [skrapeit/skrape.it](https://github.com/skrapeit/skrape.it) A Kotlin-based testing/scraping/parsing library providing the ability to analyze and extract data from HTML (server & client-side rendered). It places particular emphasis on ease of use and a high level of readability by providing an intuitive DSL. First and foremost it aims to be a testing lib, but it can also be used to scrape websites in a co…
- [**99**Star][13d] [Shell] [lakinduakash/linux-wifi-hotspot](https://github.com/lakinduakash/linux-wifi-hotspot) Create virtual wifi hotspot using same wifi card which is connected to an AP + many features (a GUI tool)
- [**99**Star][6m] [coxylicacid/xposed-fast-repo](https://github.com/coxylicacid/xposed-fast-repo) EdXposed Repo
- [**99**Star][6m] [JS] [wuomzfx/zhihu-spider](https://github.com/wuomzfx/zhihu-spider) 知乎爬虫程序，定时跟踪问题数据，定时推送热门话题
- [**99**Star][3m] [JS] [aaron-bird/ivy](https://github.com/aaron-bird/ivy) Visualization of sorting algorithm
- [**99**Star][3m] [Py] [binux/pyproxy](https://github.com/binux/pyproxy) HTTP(s) proxy server base on tornado, in one file!
- [**99**Star][3y] [Java] [abola/crawlerpack](https://github.com/abola/crawlerpack) Java 網路資料爬蟲包
- [**99**Star][5m] [Py] [ucsb-seclab/karonte](https://github.com/ucsb-seclab/karonte) Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
- [**99**Star][17d] [Shell] [hak5darren/wp6](https://github.com/hak5darren/wp6) Linux Internet Connection Sharing script for 6th generation WiFi Pineapples
- [**99**Star][20d] [Batchfile] [mr-xn/kms-server-deploy](https://github.com/mr-xn/kms-server-deploy) 一键搭建kms激活服务端&&Windows客户端一键激活脚本
- [**99**Star][10d] [Rust] [warner/magic-wormhole.rs](https://github.com/warner/magic-wormhole.rs) NOT FUNCTIONAL YET. Slowly porting magic-wormhole to Rust. See wiki for game plan.
- [**99**Star][4m] [Java] [guardianproject/pixelknot](https://github.com/guardianproject/pixelknot) Image stego app using the F5 algorithm
- [**99**Star][26d] [Py] [npist/v2rayms](https://github.com/npist/v2rayms) v2ray whmcs 多用户后端
- [**99**Star][4m] [six2dez/oscp-human-guide](https://github.com/six2dez/oscp-human-guide) My own OSCP guide
- [**99**Star][29d] [Go] [asche910/flynet](https://github.com/asche910/flynet) A powerful TCP/UDP tool, which support socks5 proxy by tcp and udp, http proxy and NAT traversal. This tool can help you bypass gfw easily
- [**99**Star][3y] [HTML] [sewellding/lfiboomctf](https://github.com/SewellDinG/LFIboomCTF) 本地文件包含漏洞&&PHP利用协议&&实践源码
- [**99**Star][15d] [Py] [0xbharath/censys-enumeration](https://github.com/0xbharath/censys-enumeration) A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys
- [**99**Star][3m] [Py] [ziconius/fudgec2](https://github.com/ziconius/fudgec2) FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
- [**99**Star][3m] [Py] [gmdutra/cryptondie](https://github.com/gmdutra/cryptondie) PoC - cryptonDie is a ransomware developed for study purposes.
- [**99**Star][1m] [Java] [zencodex/hack-android](https://github.com/zencodex/hack-android) Collection tools for hack android, java
- [**99**Star][4m] [C++] [woxihuannisja/stormhook](https://github.com/woxihuannisja/stormhook) StormHook is a Android Hook Framework for Dalvik and Art
- [**99**Star][2y] [C] [wangyihang/apache-http-server-module-backdoor](https://github.com/wangyihang/apache-http-server-module-backdoor) Apache_HTTP_Server_Module_Backdoor
- [**99**Star][26d] [Py] [tomato42/tlslite-ng](https://github.com/tomato42/tlslite-ng) New home of the TLS implementation in pure python
- [**99**Star][11d] [Py] [tijme/not-your-average-web-crawler](https://github.com/tijme/not-your-average-web-crawler) A web crawler (for bug hunting) that gathers more than you can imagine.
- [**99**Star][12d] [Go] [thekvs/microproxy](https://github.com/thekvs/microproxy) Lightweight non-caching HTTP(S) proxy server
- [**99**Star][2y] [PS] [testingpens/malwarepersistencescripts](https://github.com/testingpens/malwarepersistencescripts) A collection of scripts I've written to help red and blue teams with malware persistence techniques.
- [**99**Star][1y] [target/webbreaker](https://github.com/target/webbreaker) Dynamic Application Security Test Orchestration (DASTO)
- [**99**Star][3y] [C++] [tandasat/exploitcapcom](https://github.com/tandasat/exploitcapcom) This is a standalone exploit for a vulnerable feature in Capcom.sys
- [**99**Star][2m] [PS] [stefanscherer/adfs2](https://github.com/stefanscherer/adfs2) Multi Vagrant environment with Active Directory
- [**99**Star][4m] [Shell] [sskaje/6in4](https://github.com/sskaje/6in4) IPv6-in-IPv4 Tunnel Server
- [**99**Star][3y] [singe/wifi-frequency-hacker](https://github.com/singe/wifi-frequency-hacker) A modified frequency regulatory domain configuration that doesn't limit you.
- [**99**Star][10d] [Go] [schollz/find3-cli-scanner](https://github.com/schollz/find3-cli-scanner) The command-line scanner that supports Bluetooth and WiFi
- [**99**Star][7d] [santosomar/who_and_what_to_follow](https://github.com/santosomar/who_and_what_to_follow) Who and what to follow in the world of cyber security
- [**99**Star][3m] [Shell] [qubesos/qubes-antievilmaid](https://github.com/qubesos/qubes-antievilmaid) an implementation of a TPM-based dynamic (Intel TXT) trusted
boot for dracut/initramfs-based OSes (Fedora, Qubes, etc.) with a primary goal
to prevent Evil Maid attacks.
- [**99**Star][3y] [Java] [pwntester/s2-046-poc](https://github.com/pwntester/s2-046-poc) S2-046-PoC
- [**99**Star][2y] [Java] [piasy/fridaandroidtracer](https://github.com/piasy/fridaandroidtracer) A runnable jar that generate Javascript hook script to hook Android classes.
- [**99**Star][27d] [Go] [phillipmartin/gopassivedns](https://github.com/phillipmartin/gopassivedns) Network-based DNS logging in Go
- [**99**Star][13d] [Java] [oliverklee/pixy](https://github.com/oliverklee/pixy) Pixy is a scanner static code analysis tools that scans PHP applications for security vulnerabilities.
- [**99**Star][1y] [HTML] [nytrorst/xssfuzzer](https://github.com/nytrorst/xssfuzzer) XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.
- [**99**Star][2y] [Py] [mrmtwoj/0day-mikrotik](https://github.com/mrmtwoj/0day-mikrotik) 
- [**99**Star][4y] [Py] [merculite/ble-security](https://github.com/merculite/ble-security) Hacking Bluetooth Low Energy Locks
- [**99**Star][10d] [Py] [mattcurrie/mgbdis](https://github.com/mattcurrie/mgbdis) Game Boy ROM disassembler with RGBDS compatible output
- [**99**Star][29d] [Py] [localh0t/wildpwn](https://github.com/localh0t/wildpwn) unix wildcard attacks
- [**99**Star][4y] [C] [ionescu007/hookingnirvana](https://github.com/ionescu007/hookingnirvana) Recon 2015 Presentation from Alex Ionescu
- [**99**Star][8m] [Py] [intezer/memorypatchdetector](https://github.com/intezer/memorypatchdetector) Detects code differentials between executables in disk and the corresponding processes/modules in memory
- [**99**Star][3m] [C] [guidovranken/cryptofuzz](https://github.com/guidovranken/cryptofuzz) 
- [**99**Star][9y] [Java] [gadgetfactory/openbench-logic-sniffer](https://github.com/gadgetfactory/openbench-logic-sniffer) OLS is a $50 32 channel Logic Analyzer
- [**99**Star][10m] [C++] [djformby/grfics](https://github.com/djformby/grfics) Graphical Realism Framework for Industrial Control Simulations
- [**99**Star][2m] [C++] [designer1337/aristois-legit](https://github.com/designer1337/aristois-legit) Full project files for aristois, Counter-Strike: Global Offensive cheat.
- [**99**Star][2y] [Py] [darx0r/stingray](https://github.com/darx0r/stingray) IDAPython plugin for finding function strings recursively
- [**99**Star][4y] [C#] [cyberpoint/ruxcon2016etw](https://github.com/cyberpoint/ruxcon2016etw) Ruxcon2016 POC Code
- [**99**Star][6y] [Py] [crowdstrike/crowdfms](https://github.com/crowdstrike/crowdfms) CrowdStrike Feed Management System
- [**99**Star][13d] [C++] [cojocar/bin2llvm](https://github.com/cojocar/bin2llvm) A binary to LLVM translator
- [**99**Star][1y] [bughunterid/hackeronedb](https://github.com/bughunterid/hackeronedb) The unofficial HackerOne disclosure Timeline
- [**99**Star][10m] [Py] [bontchev/wlscrape](https://github.com/bontchev/wlscrape) A tool for scrapping the possible malware from the Wikileaks AKP leak
- [**99**Star][11d] [bkimminich/pwning-juice-shop](https://github.com/bkimminich/pwning-juice-shop) GitBook markdown content for the eBook "Pwning OWASP Juice Shop"
- [**99**Star][12d] [C] [bitcraze/crazyradio-firmware](https://github.com/bitcraze/crazyradio-firmware) Crazyradio firmware, programming scripts and driver.
- [**99**Star][3m] [JS] [bishopfox/cve-2016-1764](https://github.com/bishopfox/cve-2016-1764) Recovery of Plaintext iMessage Data Without Breaking Crypto
- [**99**Star][1y] [Py] [attactics/nmapgrapher](https://github.com/attactics/nmapgrapher) A tool to generate graph and other output from NMAP XML files
- [**99**Star][4y] [C] [arno0x/diverttcpconn](https://github.com/arno0x/diverttcpconn) A TCP packet diverter for Windows platform
- [**98**Star][11d] [C] [microsoft/etl2pcapng](https://github.com/microsoft/etl2pcapng) Utility that converts an .etl file containing a Windows network packet capture into .pcapng format.
- [**98**Star][16d] [JS] [mastert/bandcamp-scraper](https://github.com/mastert/bandcamp-scraper) A scraper for
- [**98**Star][11d] [Swift] [pia-foss/vpn-ios](https://github.com/pia-foss/vpn-ios) Private Internet Access - PIA VPN for iOS
- [**98**Star][24d] [C] [glouw/andvaranaut](https://github.com/glouw/andvaranaut) A dungeon crawler
- [**98**Star][19d] [C++] [chuyangliu/tastylib](https://github.com/chuyangliu/tastylib) C++ implementations of data structures, algorithms, and system designs.
- [**98**Star][1m] [Py] [pritunl/pritunl-client](https://github.com/pritunl/pritunl-client) Pritunl GTK OpenVPN client
- [**98**Star][10d] [Vue] [lt0/sysmon](https://github.com/lt0/sysmon) A B/S mode system monitor for linux (demo
- [**98**Star][15d] [TS] [aedron/luoo.spider](https://github.com/aedron/luoo.spider) 为 Luoo.qy 提供数据
- [**98**Star][16d] [Go] [medcl/gopa-abandoned](https://github.com/medcl/gopa-abandoned) GOPA, a spider written in Go.（NOTE: this project moved to
- [**98**Star][20d] [PHP] [bueltge/debug-objects](https://github.com/bueltge/debug-objects) WordPress Plugin for debugging and learning with and at the application.
- [**98**Star][17d] [JS] [loginov-rocks/web-bluetooth-terminal](https://github.com/loginov-rocks/web-bluetooth-terminal) Progressive Web Application for serial communication with your own Bluetooth Low Energy (Smart) devices
- [**98**Star][22d] [Py] [cwjokaka/bilibili_member_crawler](https://github.com/cwjokaka/bilibili_member_crawler) B站用户爬虫 好耶~是爬虫
- [**98**Star][8d] [Java] [rajatgoyal715/hackerrank](https://github.com/rajatgoyal715/hackerrank) 
- [**98**Star][8d] [C] [abhijeet2096/tl-wn722n-v2](https://github.com/abhijeet2096/tl-wn722n-v2) Drivers for TP-LINK TL-WN722N version 2 .Clean ported for kernel 4.4, 4.8, 4.10 ,4.13 ,4.14 & 4.15 from source which was at 4.3
- [**98**Star][23d] [C] [spritetm/hadbadge2019_fpgasoc](https://github.com/spritetm/hadbadge2019_fpgasoc) FPGA SoC code and application example for Hackaday Supercon 2019 badge
- [**98**Star][8m] [C#] [shack2/struts2vulstools](https://github.com/shack2/struts2vulstools) Struts2系列漏洞检查工具
- [**98**Star][1y] [Py] [knownsec/zoomeye](https://github.com/knownsec/zoomeye) ZoomEye API SDK
- [**98**Star][1m] [JS] [nswbmw/micro-scraper](https://github.com/nswbmw/micro-scraper) Node.js 爬虫示例 （for：百度百科）
- [**98**Star][11d] [PHP] [fuko-php/masked](https://github.com/fuko-php/masked) Mask sensitive data: replace blacklisted elements with redacted values
- [**98**Star][11d] [HTML] [trojan-tutor/trojan-tutor.github.io](https://github.com/trojan-tutor/trojan-tutor.github.io) trojan 教程 自建梯子教程 trojan教程 trojan-gfw 科学上网 代理工具 翻墙 Ubuntu Debian 小白教程 https伪装
- [**98**Star][1m] [C] [adamlaurie/chronic](https://github.com/AdamLaurie/ChronIC) A wearable Sub-GHz RF hacking tool
- [**98**Star][13d] [C] [wubingzheng/libleak](https://github.com/wubingzheng/libleak) detect memory leak by LD_PRELOAD, without changing the target program
- [**98**Star][7d] [PHP] [whitewinterwolf/wwwolf-php-webshell](https://github.com/whitewinterwolf/wwwolf-php-webshell) WhiteWinterWolf's PHP web shell
- [**98**Star][10d] [C++] [wallix/redemption](https://github.com/wallix/redemption) A GPL RDP proxy
- [**98**Star][3y] [Py] [torque59/nosqlpot](https://github.com/torque59/nosqlpot) The NoSQL Honeypot Framework
- [**98**Star][9m] [Go] [tillson/git-hound](https://github.com/tillson/git-hound) GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and a unique result scoring system. A batch-catching, pattern-matching, patch-attacking secret snatcher.
- [**98**Star][2y] [C#] [them4hd1/pencrawler](https://github.com/them4hd1/pencrawler) An Advanced Web Crawler and DirBuster
- [**98**Star][2m] [Java] [tdy218/ysoserial-cve-2018-2628](https://github.com/tdy218/ysoserial-cve-2018-2628) Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch
- [**98**Star][1y] [C] [stintel/vallumd](https://github.com/stintel/vallumd) Centralize or distribute IPset blacklists
- [**98**Star][4m] [F#] [softsec-kaist/eclipser](https://github.com/softsec-kaist/eclipser) Grey-box Concolic Testing on Binary Code
- [**98**Star][12m] [shumnot/vitacheatdatabase](https://github.com/shumnot/vitacheatdatabase) 
- [**98**Star][7m] [JS] [securityrat/securityrat](https://github.com/securityrat/securityrat) OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
- [**98**Star][2m] [C] [scumjr/the-sea-watcher](https://github.com/scumjr/the-sea-watcher) Implementation of the SMM rootkit "The Watcher"
- [**98**Star][2y] [Py] [scottgarner/beetbox](https://github.com/scottgarner/beetbox) Python code that powers the BeetBox.
- [**98**Star][3m] [Rust] [redsift/ingraind](https://github.com/redsift/ingraind) Data first monitoring agent using (e)BPF, built on RedBPF
- [**98**Star][28d] [pe3zx/mthc](https://github.com/pe3zx/mthc) All-in-one bundle of MISP, TheHive and Cortex
- [**98**Star][1y] [pagalaxylab/vulinfo](https://github.com/pagalaxylab/vulinfo) These are the vulnerabilities discovered by Galaxy Lab.
- [**98**Star][1m] [Py] [p3pperp0tts/leaks_parser](https://github.com/p3pperp0tts/leaks_parser) Parser for data dumps Collection #1 / Collection #2-5
- [**98**Star][4m] [PS] [p3nt4/magiccopy](https://github.com/p3nt4/magiccopy) Powershell script to exfiltrate large files quickly and securely
- [**98**Star][15d] [Py] [naivenom/exploiting](https://github.com/naivenom/exploiting) Exploiting challenges in Linux and Windows
- [**98**Star][2y] [Py] [n4xh4ck5/cmssc4n](https://github.com/n4xh4ck5/cmssc4n) Tool to identify if a domain is a CMS such as Wordpress, Moodle, Joomla, Drupal or Prestashop
- [**98**Star][23d] [Go] [mauri870/powershell-reverse-http](https://github.com/mauri870/powershell-reverse-http) 
- [**98**Star][5y] [C++] [malwaretech/fakembr](https://github.com/malwaretech/fakembr) TDL4 style rootkit to spoof read/write requests to master boot record
- [**98**Star][3y] [C++] [luctalpe/wmimon](https://github.com/luctalpe/wmimon) Tool to monitor WMI activity on Windows
- [**98**Star][3y] [lorexxar/feigong](https://github.com/lorexxar/feigong) Feigong，针对各种情况自由变化的mysql注入脚本,In view of the different things freely change the mysql injection script
- [**98**Star][4m] [Swift] [liruqi/mume-ios](https://github.com/liruqi/mume-ios) an iOS client that implements custom proxies with the leverage of Network Extension framework introduced by Apple since iOS 9
- [**98**Star][2y] [Py] [leesoh/yams](https://github.com/leesoh/yams) A collection of Ansible roles for automating infosec builds.
- [**98**Star][3y] [Py] [kitctf/writeups](https://github.com/kitctf/writeups) CTF writeups
- [**98**Star][16d] [PHP] [jas502n/fuzz-wooyun-org](https://github.com/jas502n/fuzz-wooyun-org) WooYun Fuzz 库
- [**98**Star][25d] [C++] [igh0st/gh0st3.6_src](https://github.com/igh0st/gh0st3.6_src) 
- [**98**Star][4m] [C++] [hlldz/apc-ppid](https://github.com/hlldz/apc-ppid) Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
- [**98**Star][28d] [Py] [hgn/captcp](https://github.com/hgn/captcp) A open source program for TCP analysis of PCAP files
- [**98**Star][3y] [Py] [google/legilimency](https://github.com/google/legilimency) A Memory Research Platform for iOS
- [**98**Star][2y] [ObjC] [geosn0w/yalu-jailbreak-ios-10.2](https://github.com/geosn0w/yalu-jailbreak-ios-10.2) My own fork of (Beta) Yalu Jailbreak for iOS 10.0 to 10.2 by
- [**98**Star][3m] [Shell] [gebl/dirtycow-docker-vdso](https://github.com/gebl/dirtycow-docker-vdso) 
- [**98**Star][3y] [PS] [fuzzysecurity/capcom-rootkit](https://github.com/fuzzysecurity/capcom-rootkit) Capcom Rootkit POC
- [**98**Star][5y] [PS] [enigma0x3/invoke-altdsbackdoor](https://github.com/enigma0x3/invoke-altdsbackdoor)  obtain persistence on a Windows 7+ machine under both Standard and Administrative accounts by using two Alternate Data Streams
- [**98**Star][11d] [C] [eklitzke/ptrace-call-userspace](https://github.com/eklitzke/ptrace-call-userspace) Example of how to use the ptrace(2) system call to call a userspace method.
- [**98**Star][11d] [Shell] [edu4rdshl/tor-router](https://github.com/edu4rdshl/tor-router) A tool that allow you to make TOR your default gateway and send all internet connections under TOR (as transparent proxy) for increase privacy/anonymity without extra unnecessary code.
- [**98**Star][12m] [Swift] [depoon/networkinterceptor](https://github.com/depoon/networkinterceptor) iOS URLRequest interception framework
- [**98**Star][4m] [Py] [cisco-talos/ghidraaas](https://github.com/cisco-talos/ghidraaas) a simple web server that exposes Ghidra analysis through REST APIs
- [**98**Star][8m] [byt3bl33d3r/slides](https://github.com/byt3bl33d3r/slides) Slides from various talks that I've given over the years
- [**98**Star][11d] [Py] [brean/python-pathfinding](https://github.com/brean/python-pathfinding) Implementation of common pathfinding algorithms
- [**98**Star][4m] [Shell] [antitree/private-tor-network](https://github.com/antitree/private-tor-network) Run an isolated instance of a tor network in Docker containers
- [**98**Star][1y] [C] [aasthayadav/compsecattacklabs](https://github.com/aasthayadav/compsecattacklabs) Contains Attack labs
- [**98**Star][14d] [Go] [0x09al/go-deliver](https://github.com/0x09al/go-deliver) Go-deliver is a payload delivery tool coded in Go.
- [**98**Star][2m] [0day1day/mwcrawler](https://github.com/0day1day/mwcrawler) Python Malware Crawler for Zoos and Repositories
- [**97**Star][8m] [PS] [rvrsh3ll/cplresourcerunner](https://github.com/rvrsh3ll/cplresourcerunner) Run shellcode from resource
- [**97**Star][12d] [Java] [meshenger-app/meshenger-android](https://github.com/meshenger-app/meshenger-android) P2P Audio/Video call people over local networks. No server or Internet access needed.
- [**97**Star][10d] [Lua] [edubart/nelua-lang](https://github.com/edubart/nelua-lang) Optionally typed compiled systems programming language with Lua syntax and semantics
- [**97**Star][9m] [C#] [obscuritylabs/hastyseries](https://github.com/obscuritylabs/hastyseries) ObscurityLabs RedTeam C# Toolkit
- [**97**Star][13d] [C] [zfl9/ipt2socks](https://github.com/zfl9/ipt2socks) utility for converting iptables(redirect/tproxy) to socks5
- [**97**Star][4m] [ObjC] [skavinvarnan/cross-platform-aes](https://github.com/skavinvarnan/cross-platform-aes) Simple cross-platform encryption and decryption using AES
- [**97**Star][6m] [Py] [gmdutra/cryptondie](https://github.com/gmdutra/cryptondie) PoC - cryptonDie is a ransomware developed for study purposes.
- [**97**Star][4m] [Py] [skelsec/minikerberos](https://github.com/skelsec/minikerberos) Kerberos manipulation library in pure Python
- [**97**Star][2m] [Py] [google/python_portpicker](https://github.com/google/python_portpicker) A module to find available network ports for testing.
- [**97**Star][2m] [ObjC] [iosre/wxaccountswitcher](https://github.com/iosre/wxaccountswitcher) Fast switch WeiXin account
- [**97**Star][12d] [C++] [foxhex0ne/hyperviper](https://github.com/foxhex0ne/hyperviper) Toolkit for Hyper-V security research
- [**97**Star][6m] [HCL] [nccgroup/sadcloud](https://github.com/nccgroup/sadcloud) A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
- [**97**Star][1m] [C] [duraki/virtualcar](https://github.com/duraki/virtualcar) A virtual car. Because you wouldn't download a car, would you?
- [**97**Star][11d] [Py] [duo-labs/phish-collect](https://github.com/duo-labs/phish-collect) Python script to hunt phishing kits
- [**97**Star][1m] [C] [wi-fi-analyzer/mdk3-master](https://github.com/wi-fi-analyzer/mdk3-master) 
- [**97**Star][1m] [C] [weirdnox/emacs-gdb](https://github.com/weirdnox/emacs-gdb) GDB graphical interface for GNU Emacs
- [**97**Star][12d] [HTML] [w3c/editing](https://github.com/w3c/editing) Specs and explainers maintained by the editing task force
- [**97**Star][3y] [Py] [v1cker/src_edu](https://github.com/v1cker/src_edu) 为各位出色的渗透工程师提供攻击目标。
- [**97**Star][2y] [Py] [unix-ninja/shellfire](https://github.com/unix-ninja/shellfire) Exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
- [**97**Star][5y] [sooshie/security-data-analysis](https://github.com/sooshie/security-data-analysis) A series of labs that will help users apply various data science techniques to security related data.
- [**97**Star][4m] [C++] [sinakarvandi/process-magics](https://github.com/sinakarvandi/process-magics) This is a collection of interesting codes about Windows Process creation.
- [**97**Star][4m] [PHP] [sanix-darker/antiddos-system](https://github.com/sanix-darker/antiddos-system) 
- [**97**Star][3y] [C] [s4n7h0/practical-reverse-engineering-using-radare2](https://github.com/s4n7h0/practical-reverse-engineering-using-radare2) Training Materials of Practical Reverse Engineering using Radare2
- [**97**Star][2y] [PS] [rasta-mouse/aggressor-script](https://github.com/rasta-mouse/aggressor-script) Collection of Aggressor Scripts for Cobalt Strike
- [**97**Star][4m] [Py] [raikia/kali-setup](https://github.com/raikia/kali-setup) Script for Kali that adds a bunch of tools and customizes it to be much better
- [**97**Star][5y] [C++] [quarkslab/qb-sync](https://github.com/quarkslab/qb-sync) add some helpful glue between IDA Pro and Windbg
    - [GDB插件](https://github.com/quarkslab/qb-sync/tree/master/ext_gdb) 
    - [IDA插件](https://github.com/quarkslab/qb-sync/tree/master/ext_ida) 
    - [LLDB](https://github.com/quarkslab/qb-sync/tree/master/ext_lldb) 
    - [OD2](https://github.com/quarkslab/qb-sync/tree/master/ext_olly2) 
    - [WinDbg](https://github.com/quarkslab/qb-sync/tree/master/ext_windbg/sync) 
    - [x64dbg](https://github.com/quarkslab/qb-sync/tree/master/ext_x64dbg) 
- [**97**Star][25d] [C] [planetbeing/ios-jailbreak-patchfinder](https://github.com/planetbeing/ios-jailbreak-patchfinder) Analyzes a binary iOS kernel to determine function offsets and where to apply the canonical jailbreak patches.
- [**97**Star][4m] [C] [ntraiseharderror/antimalware-research](https://github.com/ntraiseharderror/antimalware-research) Research on Anti-malware and other related security solutions
- [**97**Star][4y] [Py] [nowsecure/samsung-ime-rce-poc](https://github.com/nowsecure/samsung-ime-rce-poc) Samsung Remote Code Execution as System User
- [**97**Star][18d] [C++] [niklasb/sploits](https://github.com/niklasb/sploits) 
- [**97**Star][2m] [Py] [neuroo/equip](https://github.com/neuroo/equip) Python bytecode instrumentation library
- [**97**Star][2m] [Shell] [nccgroup/port-scan-automation](https://github.com/nccgroup/port-scan-automation) Automate NMAP Scans and Generate Custom Nessus Policies Automatically
- [**97**Star][24d] [JS] [multiparty/jiff](https://github.com/multiparty/jiff) JavaScript library for building web-based applications that employ secure multi-party computation (MPC).
- [**97**Star][1y] [C] [mthbernardes/sshlooterc](https://github.com/mthbernardes/sshlooterc) It's the C version of
- [**97**Star][26d] [Py] [mitshell/libmich](https://github.com/mitshell/libmich) Easy developpement of formats [de]coding for network protocols (IP, mobile...) and files
- [**97**Star][3m] [JS] [microsoftedge/jsdbg](https://github.com/microsoftedge/jsdbg) Debugging extensions for Microsoft Edge and other Chromium-based browsers
- [**97**Star][25d] [Py] [lcatro/browser_vuln_check](https://github.com/lcatro/browser_vuln_check) 利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等
- [**97**Star][4m] [ObjC] [lacertosusrepo/open-source-tweaks](https://github.com/lacertosusrepo/open-source-tweaks) Tweaks I've left open, maybe someone can learn from/correct them.
- [**97**Star][10m] [knownsec/ethereum-smart-contracts-security-checklist](https://github.com/knownsec/ethereum-smart-contracts-security-checklist) Ethereum Smart Contracts Security CheckList From Knownsec 404 Team
- [**97**Star][20d] [kai5263499/awesome-container-security](https://github.com/kai5263499/awesome-container-security) Awesome list of resources related to container security
- [**97**Star][7y] [Py] [k3170makan/goodork](https://github.com/k3170makan/goodork) Command line go0gle dorking tool
- [**97**Star][4y] [Shell] [jlrodriguezf/whatspwn](https://github.com/jlrodriguezf/whatspwn) Linux tool used to extract sensitive data, inject backdoor or drop remote shells on android devices.
- [**97**Star][2y] [Shell] [jgamblin/awsscripts](https://github.com/jgamblin/awsscripts) Various AWS Automation Scripts
- [**97**Star][2y] [C++] [jeremywildsmith/x86devirt](https://github.com/jeremywildsmith/x86devirt) A project that aims to automatically devirtualize code that has been virtualized using x86virt
- [**97**Star][4m] [Shell] [jedisct1/bitbar-dnscrypt-proxy-switcher](https://github.com/jedisct1/bitbar-dnscrypt-proxy-switcher) BitBar plugin to control dnscrypt-proxy usage
- [**97**Star][16d] [C#] [jbe2277/dotnetpad](https://github.com/jbe2277/dotnetpad) The Waf DotNetPad is a simple and fast code editor that makes fun to program with C# or Visual Basic.
- [**97**Star][4y] [ObjC] [insidegui/darkmode](https://github.com/insidegui/darkmode) Enable "real dark mode" on OS X / macOS
- [**97**Star][10d] [C] [horsicq/stringsx64dbg](https://github.com/horsicq/stringsx64dbg) Strings plugin for x64dbg
- [**97**Star][23d] [guardianproject/tor-browser](https://github.com/guardianproject/tor-browser) UPDATE: Orfox is being replaced by Tor Browser for Android. All future work and comments will be handled by Tor Project.
- [**97**Star][3y] [C] [georgenicolaou/w64owow64](https://github.com/georgenicolaou/w64owow64) Library that allows you to run 64bit code on a Wow64 32bit process
- [**97**Star][3m] [flothrone/bootguard](https://github.com/flothrone/bootguard) 
- [**97**Star][22d] [Scala] [criteo/cuttle](https://github.com/criteo/cuttle) An embedded job scheduler.
- [**97**Star][1m] [HTML] [chrisallenlane/drek](https://github.com/chrisallenlane/drek) A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
- [**97**Star][3y] [PS] [chango77747/adenumerator](https://github.com/chango77747/adenumerator) Active Directory enumeration from non-domain system.
- [**97**Star][16d] [Py] [chaitin/pro](https://github.com/chaitin/pro) A crappy tool used in our private PS4 jailbreak
- [**97**Star][14d] [Py] [ccied/tripwire](https://github.com/ccied/tripwire) Public crawler and data from Tripwire: Inferring Internet Site Compromise
- [**97**Star][3y] [Py] [arno0x/webdavc2](https://github.com/arno0x/webdavc2) A WebDAV PROPFIND C2 tool
- [**97**Star][16d] [Py] [aress31/jwtcat](https://github.com/aress31/jwtcat) JSON Web Token (JWT) cracker.
- [**97**Star][18d] [C] [abelcheung/rifiuti2](https://github.com/abelcheung/rifiuti2) Windows Recycle Bin analyser
- [**97**Star][19d] [C++] [0vercl0k/ollydbg2-python](https://github.com/0vercl0k/ollydbg2-python) Scripting OllyDBG2 using Python is now possible!
- [**96**Star][13d] [Py] [mabangde/pentesttools](https://github.com/mabangde/pentesttools) redteam
- [**96**Star][20d] [haidragon/study_frida](https://github.com/haidragon/study_frida) frida视频教程
- [**96**Star][3m] [JS] [fengkx/noderssbot](https://github.com/fengkx/noderssbot) Another Telegram RSSBot but in Node.js Telegram RSS 机器人
- [**96**Star][30d] [Py] [mr-canoehead/vpn_client_gateway](https://github.com/mr-canoehead/vpn_client_gateway) Pi-Powered VPN Client Gateway: installation documentation and related files.
- [**96**Star][13d] [Dockerfile] [wemake-services/caddy-gen](https://github.com/wemake-services/caddy-gen) Automated Caddy reverse proxy for docker containers
- [**96**Star][7d] [MATLAB] [thealgorithms/matlab-octave](https://github.com/thealgorithms/matlab-octave) This repository contains algorithms written in MATLAB/Octave. Developing algorithms in the MATLAB environment empowers you to explore and refine ideas, and enables you test and verify your algorithm.
- [**96**Star][22d] [Py] [huyvohcmc/coursera-dsa](https://github.com/huyvohcmc/coursera-dsa) Coursera's Data Structures and Algorithms Specialization
- [**96**Star][6m] [Ruby] [kvm-vmi/kvm-vmi](https://github.com/kvm-vmi/kvm-vmi) KVM-based Virtual Machine Introspection
- [**96**Star][12d] [Java] [moruoyiming/blueutils](https://github.com/moruoyiming/blueutils) 经典蓝牙搜索，连接，数据传输封装依赖库
- [**96**Star][5m] [gwlim/fast-path-lede-openwrt](https://github.com/gwlim/fast-path-lede-openwrt) PLEASE GO TO NEW OPENWRT TRUNK BASED SFE FIRMWARE ->
- [**96**Star][1m] [Go] [monochromegane/smux](https://github.com/monochromegane/smux) smux is a socket multiplexer written in Golang. It provides fast communication by efficiently a single connection.
- [**96**Star][1m] [PHP] [mvied/wordpress-https](https://github.com/mvied/wordpress-https) WordPress HTTPS is intended to be an all-in-one solution to using SSL on WordPress sites.
- [**96**Star][8d] [C] [jonathanmetzman/wasm-fuzzing-demo](https://github.com/jonathanmetzman/wasm-fuzzing-demo) Demos of and walkthroughs on in-browser fuzzing using WebAssembly
- [**96**Star][11d] [Py] [threezh1/sitecopy](https://github.com/threezh1/sitecopy) sitecopy is a tool that facilitates personal website backup and network data collection
- [**96**Star][11d] [C] [sensepost/wpa_sycophant](https://github.com/sensepost/wpa_sycophant) Evil client portion of EAP relay attack
- [**96**Star][29d] [PS] [besimorhino/pause-process](https://github.com/besimorhino/pause-process) PowerShell script which allows pausing\unpausing Win32/64 exes
- [**96**Star][2m] [Py] [hyuunnn/hyara](https://github.com/hyuunnn/hyara) Yara rule making tool (IDA Pro & Binary Ninja Plugin)
- [**96**Star][23d] [Py] [angelkitty/bilibili-smallvideo](https://github.com/angelkitty/bilibili-smallvideo) 
- [**96**Star][10d] [Shell] [phspade/automated-scanner](https://github.com/phspade/automated-scanner) Trying to make automated recon for bug bounties
- [**96**Star][10d] [PS] [s3cur3th1ssh1t/creds](https://github.com/S3cur3Th1sSh1t/Creds) Some usefull Scripts and Executables for Pentest & Forensics
- [**96**Star][4y] [PS] [nsacyber/certificate-authority-situational-awareness](https://github.com/nsacyber/Certificate-Authority-Situational-Awareness) Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber
- [**96**Star][7d] [aquasecurity/vuln-list](https://github.com/aquasecurity/vuln-list) NVD, RedHat, Debian, Ubuntu, Alpine
- [**96**Star][19d] [C] [radareorg/radare2-bindings](https://github.com/radareorg/radare2-bindings) Bindings of the r2 api for Valabind and friends
- [**96**Star][2m] [dr-orlovsky/library](https://github.com/dr-orlovsky/library) Collection of papers in the field of distributed systems, game theory, cryptography, cryptoeconomics, zero knowledge
- [**96**Star][2y] [C] [zcgonvh/ntdsdumpex](https://github.com/zcgonvh/ntdsdumpex) NTDS.dit offline dumper with non-elevated
- [**96**Star][23d] [Py] [willbengtson/trailblazer-aws](https://github.com/willbengtson/trailblazer-aws) Blazing CloudTrail since 2018
- [**96**Star][3m] [JS] [w00dl3cs/exploit_playground](https://github.com/w00dl3cs/exploit_playground) 
- [**96**Star][11d] [Py] [vuvova/gdb-tools](https://github.com/vuvova/gdb-tools) Various tools to improve the gdb experience
- [**96**Star][12d] [C++] [vusec/vuzzer64](https://github.com/vusec/vuzzer64) This implements a 64-bit version of vusec/vuzzer fuzzing tool.
- [**96**Star][30d] [Go] [tsurubee/sshr](https://github.com/tsurubee/sshr) Proxy server for routing SSH connections
- [**96**Star][1m] [HTML] [struct/research](https://github.com/struct/research) A repo for various research
- [**96**Star][1y] [Py] [stratosphereips/manati](https://github.com/stratosphereips/manati) A web-based tool to assist the work of the intuitive threat analysts.
- [**96**Star][3y] [Py] [sogeti-esec-lab/rpcforge](https://github.com/sogeti-esec-lab/rpcforge) Windows RPC Python fuzzer
- [**96**Star][29d] [Shell] [shadowhatesyou/pipetap.sh](https://github.com/shadowhatesyou/pipetap.sh) This script invokes tcpdump over ssh piping to STDOUT, allowing remote use of wireshark
- [**96**Star][18d] [C] [session-replay-tools/intercept](https://github.com/session-replay-tools/intercept) An auxiliary tool for tcpcopy and tcpburn
- [**96**Star][27d] [JS] [rsmusllp/king-phisher-templates](https://github.com/rsmusllp/king-phisher-templates) Templates for the King Phisher open source phishing campaign toolkit.
- [**96**Star][9m] [secmobi/slides](https://github.com/secmobi/slides) My presentations in some recent security conferences
- [**96**Star][2m] [Py] [sashs/filebytes](https://github.com/sashs/filebytes) Library to read and edit files in the following formats: Executable and Linking Format (ELF), Portable Executable (PE), MachO and OAT (Android Runtime)
- [**96**Star][24d] [rust-in-blockchain/awesome-blockchain-rust](https://github.com/rust-in-blockchain/awesome-blockchain-rust) Collect libraries and packages about blockchain/cryptography in Rust
- [**96**Star][21d] [Py] [regit/pshitt](https://github.com/regit/pshitt) Passwords of SSH Intruders Transferred to Text
- [**96**Star][2y] [HTML] [rajat-dhyani/stock-price-predictor](https://github.com/rajat-dhyani/stock-price-predictor) This project seeks to utilize Deep Learning models, Long-Short Term Memory (LSTM) Neural Network algorithm, to predict stock prices.
- [**96**Star][4m] [PHP] [ph-7/obfuscator-class](https://github.com/ph-7/obfuscator-class) Simple and effective Obfuscator PHP class (this is not a stupid base64 encoding script, but a real and effective obfuscation script)
- [**96**Star][27d] [Hack] [oracle/kernel-fuzzing](https://github.com/oracle/kernel-fuzzing) Fuzzers for the Linux kernel
- [**96**Star][12d] [C#] [octokit/octokit.graphql.net](https://github.com/octokit/octokit.graphql.net) A GitHub GraphQL client library for .NET
- [**96**Star][6y] [Py] [nihilus/ida-idc-scripts](https://github.com/nihilus/ida-idc-scripts) Varoius IDC-scripts I've collected during the years.
- [**96**Star][8m] [nightowl131/aapg](https://github.com/nightowl131/aapg) [A]ndroid [A]pplication [P]entest [G]uide
- [**96**Star][1m] [Go] [nearform/gammaray](https://github.com/nearform/gammaray) Node.js vulnerability scanner
- [**96**Star][17d] [JS] [mozillasecurity/octo](https://github.com/mozillasecurity/octo) A fuzzing library in JavaScript.
- [**96**Star][4m] [Go] [mame82/unifyingvulnsdisclosurerepo](https://github.com/mame82/unifyingvulnsdisclosurerepo) Formerly private repository for discussion, knowledge- and code-sharing around new Unifying vulns, as announced on Twitter
- [**96**Star][2m] [Py] [leonjza/ooktools](https://github.com/leonjza/ooktools) help with the reverse engineering of on-off keying data sources
- [**96**Star][1m] [C++] [kentonv/dvorak-qwerty](https://github.com/kentonv/dvorak-qwerty) "Dvorak-Qwerty ⌘" (DQ) keyboard layout for Windows and Unix/Linux/X
- [**96**Star][11d] [Py] [jupyterhub/jupyter-server-proxy](https://github.com/jupyterhub/jupyter-server-proxy) Jupyter notebook server extension to proxy web services.
- [**96**Star][3y] [Py] [jjf012/passivescanner](https://github.com/jjf012/passivescanner) a passive scanner based on Mitmproxy and Arachni
- [**96**Star][1m] [C] [jcs/login_duress](https://github.com/jcs/login_duress) A BSD authentication module for duress passwords
- [**96**Star][2y] [Py] [jas502n/2018-qwb-ctf](https://github.com/jas502n/2018-qwb-ctf) 2018强网杯CTF___题目整理
- [**96**Star][1m] [C] [jakeajames/multi_path](https://github.com/jakeajames/multi_path) multi_path with root and sandbox escape
- [**96**Star][12d] [C++] [iseekwonderful/csgoglow](https://github.com/iseekwonderful/csgoglow) Simple macOS CSGO glow hack
- [**96**Star][3m] [Py] [integrity-sa/droidstatx](https://github.com/integrity-sa/droidstatx) Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
- [**96**Star][2m] [Py] [hyuunnn/hyara](https://github.com/hyuunnn/Hyara) IDA Plugin that provides convenience when writing yararule.
    - [IDA插件](https://github.com/hy00un/hyara/tree/master/IDA%20Plugin) 
    - [BinaryNinja插件](https://github.com/hy00un/hyara/tree/master/BinaryNinja%20Plugin) 
- [**96**Star][2y] [C] [hjudges/norway](https://github.com/hjudges/norway) PS3 NOR flasher tool for Teensy++ 2.0
- [**96**Star][1m] [C] [harvardpl/shill](https://github.com/harvardpl/shill) Scripting with Least Privilege
- [**96**Star][1y] [Roff] [gynvael/stream-en](https://github.com/gynvael/stream-en) Sourcecode created during my Livestream (English)
- [**96**Star][3m] [Py] [groundworkstech/pybfd](https://github.com/groundworkstech/pybfd) A Python interface to the GNU Binary File Descriptor (BFD) library.
- [**96**Star][4m] [Java] [graxcode/cafebabe](https://github.com/graxcode/cafebabe) Easy-to-use java bytecode editor - successor of JByteMod!
- [**96**Star][12d] [Ruby] [fugacious/fugacious](https://github.com/fugacious/fugacious) OSSSM (awesome). Open source short-term secure messaging
- [**96**Star][2y] [HTML] [frizb/sourcecodesniffer](https://github.com/frizb/sourcecodesniffer) The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
- [**96**Star][7y] [JS] [feross/fullscreen-api-attack](https://github.com/feross/fullscreen-api-attack) Demo of phishing attack on the native HTML5 full screen API.
- [**96**Star][12d] [PHP] [fakhrizulkifli/defeating-php-gd-imagecreatefromjpeg](https://github.com/fakhrizulkifli/defeating-php-gd-imagecreatefromjpeg) Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromjpeg()
- [**96**Star][6y] [Py] [eugeniodelfa/smali-cfgs](https://github.com/eugeniodelfa/smali-cfgs) Smali Control Flow Graph's
- [**96**Star][12d] [Py] [eth0izzle/cracke-dit](https://github.com/eth0izzle/cracke-dit) cracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
- [**96**Star][7m] [C++] [dzzie/vs_libemu](https://github.com/dzzie/vs_libemu) Visual Studio 2008 port of the libemu library that includes scdbg.exe, a modification of the sctest project, that includes more hooks, interactive debugging, reporting features, and ability to work with file format exploit shellcode.
- [**96**Star][10d] [Java] [doyensec/burpdeveltraining](https://github.com/doyensec/burpdeveltraining) Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
- [**96**Star][6m] [C#] [djhohnstein/eventlogparser](https://github.com/djhohnstein/eventlogparser) Parse PowerShell and Security event logs for sensitive information.
- [**96**Star][1y] [Java] [cspf-founder/javavulnerablelab](https://github.com/cspf-founder/javavulnerablelab) Vulnerable Java based Web Application
- [**96**Star][1m] [Shell] [corbanworks/aws-blocker](https://github.com/corbanworks/aws-blocker) A simple bash script to block all AWS IP ranges using iptables.
- [**96**Star][3y] [JS] [compewter/copycat](https://github.com/compewter/copycat) Universal MITM web server
- [**96**Star][15d] [VimL] [citizenlab/malware-signatures](https://github.com/citizenlab/malware-signatures) Yara rules for malware families seen as part of targeted threats project
- [**96**Star][1m] [Py] [chrizator/netattack](https://github.com/chrizator/netattack) A simple python script to scan and attack wireless networks.
- [**96**Star][4m] [PS] [borntoberoot/powershell_ipv4portscanner](https://github.com/borntoberoot/powershell_ipv4portscanner) Powerful asynchronus IPv4 Port Scanner for PowerShell
- [**96**Star][4m] [Py] [blackye/webdirdig](https://github.com/blackye/webdirdig) web敏感目录、信息泄漏批量扫描脚本，结合爬虫、目录深度遍历。
- [**96**Star][2y] [Py] [blackthorne/codetective](https://github.com/blackthorne/codetective) a tool to determine the crypto/encoding algorithm used according to traces from its representation
- [**96**Star][9m] [C#] [bitbeans/streamcryptor](https://github.com/bitbeans/streamcryptor) Stream encryption & decryption with libsodium and protobuf
- [**96**Star][9m] [Java] [bastienjalbert/topguw](https://github.com/bastienjalbert/topguw) A software to make easier some cracking GSM steps (known plaintext attack vector)
- [**96**Star][1m] [appsecco/defcon24-infra-monitoring-workshop](https://github.com/appsecco/defcon24-infra-monitoring-workshop) Defcon24 Workshop Contents : Ninja Level Infrastructure Monitoring
- [**96**Star][5m] [Java] [an0nymous0/mybatisplugin-crack-javassist](https://github.com/an0nymous0/mybatisplugin-crack-javassist) Javassist实现的破解IDEA MybatisPlugin修改字节码工具，仅供学习用途。
- [**96**Star][4m] [Java] [adubbz/ghidra-switch-loader](https://github.com/adubbz/ghidra-switch-loader) Nintendo Switch loader for Ghidra
- [**96**Star][1m] [Py] [abusesa/abusehelper](https://github.com/abusesa/abusehelper) A framework for receiving and redistributing abuse feeds
- [**95**Star][21d] [Py] [kjam/wswp](https://github.com/kjam/wswp) Code for the second edition Web Scraping with Python book by Packt Publications
- [**95**Star][4m] [Go] [xlstudio/wxbizdatacrypt](https://github.com/xlstudio/wxbizdatacrypt) 微信小程序加密数据解密算法Go版
- [**95**Star][11d] [Py] [tonywangcn/scaleable-crawler-with-docker-cluster](https://github.com/tonywangcn/scaleable-crawler-with-docker-cluster) a scaleable and efficient crawelr with docker cluster , crawl million pages in 2 hours with a single machine
- [**95**Star][4m] [Go] [luzifer/vault-openvpn](https://github.com/luzifer/vault-openvpn) Small wrapper utility to manage OpenVPN configuration combined with a Vault PKI
- [**95**Star][13d] [C#] [icelanguage/linhowe_gamealgorithm](https://github.com/icelanguage/linhowe_gamealgorithm) Based on Unity to simply implement algorithms commonly used in game program development;基于Unity简单地实现游戏程序开发中常用的算法
- [**95**Star][5m] [PS] [itskindred/malware-analysis-writeups](https://github.com/itskindred/malware-analysis-writeups) A repository of my completed writeups, along with the samples themselves.
- [**95**Star][14d] [Py] [lgandx/ccrawldns](https://github.com/lgandx/ccrawldns) This small utility retrieves from the CommonCrawl data set unique subdomains for a given domain name.
- [**95**Star][2m] [C#] [rasta-mouse/cookiemonster](https://github.com/rasta-mouse/cookiemonster) 
- [**95**Star][13d] [404notf0und/my-security-algorithm-architecture](https://github.com/404notf0und/my-security-algorithm-architecture) 安全和算法面试题库（面试前必看一遍！！！）
- [**95**Star][1m] [Py] [s0md3v/proxify](https://github.com/s0md3v/proxify) A python module for dumping usable proxies.
- [**95**Star][11d] [C] [alxbrn/gdrv-loader](https://github.com/alxbrn/gdrv-loader) Kernel driver loader using vulnerable gigabyte driver (
- [**95**Star][4m] [HTML] [roleoroleo/yi-hack-mstar](https://github.com/roleoroleo/yi-hack-MStar) Custom firmware for Yi 1080p camera based on MStar platform
- [**95**Star][17d] [JS] [makuga01/dnsfookup](https://github.com/makuga01/dnsfookup) DNS rebinding toolkit
- [**95**Star][1y] [C] [sagaantheepic/sagaan-anticheat-v2.0](https://github.com/ContionMig/ContionMig-AntiCheat) Anti Cheat i made in my free time. Credits to everyone who helped are in the files and some are in the code. I will definitely improve this Anti Cheat along the way, now its just beta. Enjoy.
- [**95**Star][3y] [Py] [radareorg/r2con2017](https://github.com/radareorg/r2con2017) r2con 2017 September 6-9
- [**95**Star][22d] [Py] [mzfr/ctf-writeups](https://github.com/mzfr/ctf-writeups) Writeups of Capture The Flag Competitions
- [**95**Star][27d] [Java] [llvm-but-worse/java-disassembler](https://github.com/LLVM-but-worse/java-disassembler) The Java Disassembler
- [**95**Star][2m] [Py] [vysecurity/genhta](https://github.com/vysecurity/genHTA) Generates anti-sandbox analysis HTA files without payloads
- [**95**Star][27d] [JS] [ettic-team/dnsbin](https://github.com/ettic-team/dnsbin) The request.bin of DNS request
- [**95**Star][28d] [C] [yaoyumeng/adore-ng](https://github.com/yaoyumeng/adore-ng) linux rootkit adapted for 2.6 and 3.x
- [**95**Star][12d] [Java] [yunxu1/jboss-_cve-2017-12149](https://github.com/yunxu1/jboss-_cve-2017-12149) CVE-2017-12149 jboss反序列化 可回显
- [**95**Star][11d] [ObjC] [xslim/mobiledevicemanager](https://github.com/xslim/mobiledevicemanager) Manage iOS devices through iTunes lib
- [**95**Star][2m] [Shell] [xme/misp-docker](https://github.com/xme/misp-docker) Docker container for MISP
- [**95**Star][8d] [vegabird/xvna](https://github.com/vegabird/xvna) 带漏洞的Node App
- [**95**Star][2y] [C++] [tandasat/guardmon](https://github.com/tandasat/guardmon) Hypervisor based tool for monitoring system register accesses.
- [**95**Star][10d] [PS] [suriyaakudoisc/keylogger](https://github.com/suriyaakudoisc/keylogger) A Simple Python Keylogger 
- [**95**Star][3m] [HTML] [stixproject/stix-viz](https://github.com/stixproject/stix-viz) STIX Visualization Tool
- [**95**Star][4y] [Py] [stamparm/tsusen](https://github.com/stamparm/tsusen) Network traffic sensor
- [**95**Star][2y] [Pascal] [senjaxus/allakore_remote](https://github.com/senjaxus/allakore_remote) Open Source Remote Access software written in Delphi Seattle.
- [**95**Star][11d] [C++] [saml1er/gta-reversed](https://github.com/saml1er/gta-reversed) Reversed code of GTA:SA executable (gta_sa.exe) 1.0 US
- [**95**Star][4m] [TS] [salarcode/smartproxy](https://github.com/salarcode/smartproxy) Firefox/Chrome browser extension. SmartProxy will automatically enable/disable proxy for the sites you visit, based on customizable patterns.
- [**95**Star][2y] [Py] [safebreach-labs/mkmalwarefrom](https://github.com/safebreach-labs/mkmalwarefrom) Proof-of-concept two-stage dropper generator that uses bits from external sources
- [**95**Star][11d] [AGS Script] [rapid7/embedded-tools](https://github.com/rapid7/embedded-tools) 
- [**95**Star][1y] [Java] [pengzhile/atlassian-agent](https://github.com/pengzhile/atlassian-agent) Atlassian's productions crack.
- [**95**Star][1m] [nusr/awesome-macos-command-line-zh](https://github.com/nusr/awesome-macos-command-line-zh) Use your macOS terminal shell to do awesome things
- [**95**Star][3y] [PS] [netbiosx/digital-signature-hijack](https://github.com/netbiosx/digital-signature-hijack) Binaries, PowerShell scripts and information about Digital Signature Hijacking.
- [**95**Star][13d] [Ruby] [nbulaj/proxy_fetcher](https://github.com/nbulaj/proxy_fetcher) 
- [**95**Star][1m] [C] [mrdoulestar/whatminer](https://github.com/mrdoulestar/whatminer) 整理和收集遇见的各种恶意挖矿样本以供研究和学习（欢迎小伙伴们一起维护）
- [**95**Star][1y] [Batchfile] [mdsecactivebreach/sharppack](https://github.com/mdsecactivebreach/sharppack)  insider threat assessments that lets you defeat application whitelisting to execute arbitrary DotNet and PowerShell tools.
- [**95**Star][5m] [C] [m0nad/dns-discovery](https://github.com/m0nad/dns-discovery) DNS-Discovery is a multithreaded subdomain bruteforcer.
- [**95**Star][3m] [Py] [lorenzog/dns-parallel-prober](https://github.com/lorenzog/dns-parallel-prober) PoC for an adaptive parallelised DNS prober
- [**95**Star][18d] [Py] [localh0t/m4ngl3m3](https://github.com/localh0t/m4ngl3m3) 使用字符串列表的通用密码模式生成器
- [**95**Star][8d] [Go] [likexian/whois-parser-go](https://github.com/likexian/whois-parser-go) Go module for domain whois info parse
- [**95**Star][12d] [C] [libyal/liblnk](https://github.com/libyal/liblnk) Library and tools to access the Windows Shortcut File (LNK) format
- [**95**Star][4m] [lgrangeia/cupid](https://github.com/lgrangeia/cupid) Patch for hostapd and wpa_supplicant to attempt to exploit heartbleed on EAP-PEAP/TLS/TTLS connections
- [**95**Star][3y] [Py] [lcatro/webshell-detect-by-machine-learning](https://github.com/lcatro/webshell-detect-by-machine-learning) Use AI to identify WebShell
- [**95**Star][4y] [Py] [knownsec/vxpwn](https://github.com/knownsec/vxpwn) VxWorks漏洞挖掘相关
- [**95**Star][1m] [JS] [k4m4/dcipher](https://github.com/k4m4/dcipher) Decipher hashes using online rainbow & lookup table attack services.
- [**95**Star][15d] [C++] [jnastarot/furikuri](https://github.com/jnastarot/furikuri) (In dev)furikuri is framework for code protection
- [**95**Star][26d] [Java] [jenkinsci/groovy-sandbox](https://github.com/jenkinsci/groovy-sandbox) Compile-time transformer to run Groovy code in a restrictive sandbox
- [**95**Star][4m] [Py] [jeffbryner/pyioc](https://github.com/jeffbryner/pyioc) Python tools for IOC (Indicator of Compromise) handling
- [**95**Star][2y] [Py] [invictus1306/workshop-bsidesmunich2018](https://github.com/invictus1306/workshop-bsidesmunich2018) ARM shellcode and exploit development - BSidesMunich 2018
- [**95**Star][7y] [C#] [ilikenwf/darkagent](https://github.com/ilikenwf/darkagent) DarkAgent Remote Administration Tool RAT by DragonHunter
- [**95**Star][15d] [Batchfile] [huntresslabs/evading-autoruns](https://github.com/huntresslabs/evading-autoruns) 几种用于逃避常见的驻留枚举工具的技术（Evading Autoruns，Derbycon 2017）
- [**95**Star][10d] [C] [horsicq/nfdx64dbg](https://github.com/horsicq/nfdx64dbg) Plugin for x64dbg Linker/Compiler/Tool detector.
- [**95**Star][3y] [Ruby] [hanshaze/ms17-010-eternalblue-winxp-win10](https://github.com/hanshaze/ms17-010-eternalblue-winxp-win10) EternalBlue Metasploit Port to various Windows Versions from Windows XP SP2 up to Windows 10 Pro
- [**95**Star][3y] [C] [hacksysteam/exploitation](https://github.com/hacksysteam/exploitation) Windows Software Exploitation
- [**95**Star][2m] [Go] [google/minions](https://github.com/google/minions) Distributed filesystem scanner
- [**95**Star][27d] [C] [fireyfly/hexd](https://github.com/fireyfly/hexd) 
- [**95**Star][8y] [Py] [firefart/hashcollision-dos-poc](https://github.com/firefart/hashcollision-dos-poc) Proof of Concept for the PHP and JAVA Hashcollision Denial of service attack
- [**95**Star][4m] [F#] [enkomio/sojobo](https://github.com/enkomio/sojobo) A binary analysis framework
- [**95**Star][21d] [PS] [ecstatic-nobel/posint](https://github.com/ecstatic-nobel/posint) Gather Open-Source Intelligence using PowerShell.
- [**95**Star][12m] [Visual Basic .NET] [dzzie/idacompare](https://github.com/dzzie/idacompare) a plugin for IDA which is designed to help you  line up functions across two separate disassemblies
- [**95**Star][20d] [diablohorn/yara4pentesters](https://github.com/diablohorn/yara4pentesters) rules to identify files containing juicy information like usernames, passwords etc
- [**95**Star][3m] [TS] [dharmaprotocol/charta](https://github.com/dharmaprotocol/charta) New & improved contracts for Dharma protocol
- [**95**Star][3m] [JS] [devexpress/testcafe-hammerhead](https://github.com/devexpress/testcafe-hammerhead) A powerful web-proxy used as a core for the TestCafe testing framework.
- [**95**Star][4m] [PS] [dbheise/vm_setup](https://github.com/dbheise/vm_setup) A collection of scripts to initialize a windows VM to run all the malwares!
- [**95**Star][13d] [Py] [danmcinerney/fast-recon](https://github.com/danmcinerney/fast-recon) Does some google dorks against a domain
- [**95**Star][4m] [C++] [cyberark/dllspy](https://github.com/cyberark/dllspy) DLL Hijacking Detection Tool
- [**95**Star][6m] [C++] [cossacklabs/0fc](https://github.com/cossacklabs/0fc) Anonymous web chat server, built on top of Themis/WebThemis
- [**95**Star][4m] [C#] [cobbr/elite](https://github.com/cobbr/elite) Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
- [**95**Star][3m] [Py] [cfpb/clouseau](https://github.com/cfpb/clouseau) Search your repository's git history for undesirable text patterns such as passwords, ssh keys and othe personal identifiable information
- [**95**Star][3y] [Ruby] [carnal0wnage/metasploit-code](https://github.com/carnal0wnage/metasploit-code) Metasploit modules that didn't make it into trunk for some reason or the other
- [**95**Star][4m] [Py] [b1n4ry4rms/redteam-pentest-cheatsheets](https://github.com/b1n4ry4rms/redteam-pentest-cheatsheets) Red Teaming :: Penetration Testing :: Offensive Security :: OSCP :: OSCE :: CheatSheets :: Tools :: etc...
- [**95**Star][15d] [TS] [auth0-blog/mean-rsvp-auth0](https://github.com/auth0-blog/mean-rsvp-auth0) MEAN stack application with Auth0 (see sample deployed at
- [**95**Star][1m] [Py] [0x27/ssh_keyscanner](https://github.com/0x27/ssh_keyscanner) ssh public host key scanner using shodan
- [**94**Star][10d] [Py] [papermtn/slack-watchman](https://github.com/papermtn/slack-watchman) Monitoring you Slack workspaces for sensitive information
- [**94**Star][5m] [Perl] [ology/chess-inspector](https://github.com/ology/chess-inspector) Visualize move, protection and threat status
- [**94**Star][3m] [C++] [rodrigocfd/winlamb](https://github.com/rodrigocfd/winlamb) A lightweight modern C++11 library for Win32 API, using lambdas to handle Windows messages.
- [**94**Star][19d] [JS] [akrylysov/lambda-phantom-scraper](https://github.com/akrylysov/lambda-phantom-scraper) PhantomJS/Node.js web scraper for AWS Lambda
- [**94**Star][10d] [Shell] [magisk-modules-repo/wifi-bonding](https://github.com/magisk-modules-repo/wifi-bonding) Double your bandwith on your Qualcomm devices.
- [**94**Star][1m] [Java] [ron-from-nl/finalcrypt](https://github.com/ron-from-nl/finalcrypt) FinalCrypt - The World's Strongest Encryption
- [**94**Star][14d] [JS] [toyodadoubi/ssrstatus](https://github.com/toyodadoubi/ssrstatus) Shadowsocks/ShadowsocksR 账号在线监控
- [**94**Star][30d] [Ruby] [shopify/browser_sniffer](https://github.com/shopify/browser_sniffer) Properly detect what browser you are dealing with
- [**94**Star][6m] [Java] [snail007/goproxy-jui](https://github.com/snail007/goproxy-jui) Desktop version of
- [**94**Star][20d] [Py] [bkerler/oppo_ozip_decrypt](https://github.com/bkerler/oppo_ozip_decrypt) Oppo Firmware .ozip decrypter
- [**94**Star][11d] [C++] [leoloobeek/comproxy](https://github.com/leoloobeek/comproxy) PoC for proxying COM objects when hijacking
- [**94**Star][1m] [C++] [outflanknl/netshhelperbeacon](https://github.com/outflanknl/NetshHelperBeacon) Example DLL to load from Windows NetShell
- [**94**Star][4m] [Py] [ecstatic-nobel/analyst-arsenal](https://github.com/ecstatic-nobel/Analyst-Arsenal) A toolkit for Security Researchers
- [**94**Star][2m] [Shell] [offxec/thedoc](https://github.com/OffXec/TheDoc) TheDoc is a simple but very useful SQLMAP automator with built in admin finder, hash cracker(using hashca) and more!
- [**94**Star][19d] [Rust] [mozilla/authenticator-rs](https://github.com/mozilla/authenticator-rs) Rust library to interact with Security Keys, used by Firefox
- [**94**Star][4m] [C] [zoloziak/winnt4](https://github.com/zoloziak/winnt4) Windows NT4 Kernel Source code
- [**94**Star][3m] [Java] [vpnht/android](https://github.com/vpnht/android) VPN.ht Android Application. Based on ics-openvpn.
- [**94**Star][1y] [PS] [vletoux/smbscanner](https://github.com/vletoux/smbscanner) Smb Scanner from PingCastle
- [**94**Star][2m] [Shell] [vincentbernat/eudyptula-boot](https://github.com/vincentbernat/eudyptula-boot) Boot a Linux kernel in a VM without a dedicated root filesystem.
- [**94**Star][6m] [Py] [thuxnder/dalvik-obfuscator](https://github.com/thuxnder/dalvik-obfuscator) a set of tools/scripts to obfuscate and manipulate dex files
- [**94**Star][2y] [Py] [thehive-project/thehive4py](https://github.com/thehive-project/thehive4py) Python API Client for TheHive
- [**94**Star][2y] [Go] [tarlogicsecurity/sasshimi](https://github.com/tarlogicsecurity/sasshimi) SSH Tunnelling in "RAW mode", via STDIN/OUT without using forwarding channels
- [**94**Star][5m] [Py] [takahiroharuyama/ida_haru](https://github.com/takahiroharuyama/ida_haru) scripts/plugins for IDA Pro
    - [bindiff](https://github.com/takahiroharuyama/ida_haru/blob/master/bindiff/README.org) BinDiff wrapper script for multiple binary diffing
    - [eset_crackme](https://github.com/takahiroharuyama/ida_haru/blob/master/eset_crackme/README.org) IDA Pro loader/processor modules for ESET CrackMe driver VM
    - [fn_fuzzy](https://github.com/takahiroharuyama/ida_haru/blob/master/fn_fuzzy/README.org) IDAPython script for fast multiple binary diffing triage
    - [stackstring_static](https://github.com/takahiroharuyama/ida_haru/blob/master/stackstring_static/README.org) IDAPython script statically-recovering strings constructed in stack
- [**94**Star][6m] [Py] [sjord/jwtcrack](https://github.com/sjord/jwtcrack) Crack the shared secret of a HS256-signed JWT
- [**94**Star][2y] [Java] [sirmordred/angelaroot](https://github.com/sirmordred/angelaroot) An app which escalates root privilege on device and installs SuperSU through newly vulnerability "angela root" without unlocking bootloader
- [**94**Star][4m] [simonmerrett/soicbite](https://github.com/simonmerrett/soicbite) A compact PCB footprint which allows SOIC test clips to be used as a space-efficient programming and debugging connector
- [**94**Star][3y] [C++] [screetsec/pateensy](https://github.com/screetsec/pateensy) Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy
- [**94**Star][3y] [PS] [sadprocessor/empiredog](https://github.com/sadprocessor/empiredog) A collection of PowerShell Modules for BloodHound/Empire Orchestration
- [**94**Star][15d] [JS] [richinfante/iphonebackuptools](https://github.com/richinfante/iphonebackuptools) iOS Backup Data Extraction
- [**94**Star][2y] [ObjC] [r0ysue/osg-teams](https://github.com/r0ysue/osg-teams) 希望大家在合作中学习姿势、提升技术、交流感情。比赛第二，友谊第一。
- [**94**Star][2y] [Py] [pry0cc/proxydock](https://github.com/pry0cc/proxydock) ProxyDock is a Dockerfile and Bash script that converts your OpenVPN files into local proxies.
- [**94**Star][7d] [TS] [novage/wt-tracker](https://github.com/novage/wt-tracker) High-performance WebTorrent tracker
- [**94**Star][5y] [Py] [neo23x0/dllrunner](https://github.com/neo23x0/dllrunner) Smart DLL execution for malware analysis in sandbox systems
- [**94**Star][1y] [Py] [n00py/hwacha](https://github.com/n00py/hwacha) Deploy payloads to *Nix systems en masse
- [**94**Star][3y] [mubix/akb](https://github.com/mubix/akb) Attack Knowledge Base
- [**94**Star][1y] [Shell] [mindpointgroup/rhel6-stig](https://github.com/mindpointgroup/rhel6-stig) Ansible role for Red Hat 6 DISA STIG
- [**94**Star][13d] [C] [milabs/khook](https://github.com/milabs/khook) Linux Kernel hooking engine (x86)
- [**94**Star][4m] [CSS] [malaohu/arukas-api](https://github.com/malaohu/arukas-api) Arukas API 自动获取IP和端口，SSR服务器订阅，Arukas 监测启动
- [**94**Star][4m] [Shell] [louwrentius/ppss](https://github.com/louwrentius/ppss) Parallel Processing Shell Script
- [**94**Star][3y] [C++] [liulilittle/paperairplane](https://github.com/liulilittle/paperairplane) 一个类似于Proxifier的SOCKS5代理工具
- [**94**Star][12d] [MATLAB] [ktekeli/audio-steganography-algorithms](https://github.com/ktekeli/audio-steganography-algorithms) A Library of Audio Steganography & Watermarking Algorithms
- [**94**Star][23d] [C++] [kimci86/bkcrack](https://github.com/kimci86/bkcrack) Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
- [**94**Star][16d] [Py] [ifghou/wapiti](https://github.com/ifghou/wapiti) A web-application vulnerability scanner
- [**94**Star][30d] [Py] [hvqzao/liffy](https://github.com/hvqzao/liffy) Local File Inclusion Exploitation Tool (mirror)
- [**94**Star][15d] [Py] [huntergregal/scansploit](https://github.com/huntergregal/scansploit) Exploit using barcodes, QRcodes, earn13, datamatrix
- [**94**Star][3m] [C] [hdm/juniper-cve-2015-7755](https://github.com/hdm/juniper-cve-2015-7755) Notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS
- [**94**Star][15d] [C++] [hasherezade/persistence_demos](https://github.com/hasherezade/persistence_demos) Demos of various (also non standard) persistence methods used by malware
- [**94**Star][18d] [Go] [gyyyy/footprint](https://github.com/gyyyy/footprint) 个人笔记
- [**94**Star][1m] [Go] [glen-mac/gogetbucket](https://github.com/glen-mac/gogetbucket) A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
- [**94**Star][3y] [C++] [gdbinit/efiswissknife](https://github.com/gdbinit/efiswissknife) An IDA plugin to improve (U)EFI reversing
- [**94**Star][27d] [Rust] [flxo/rogcat](https://github.com/flxo/rogcat) A `adb logcat` wrapper
- [**94**Star][1m] [C] [fireeye/flare-kscldr](https://github.com/fireeye/flare-kscldr) 内核中加载Shellcode: 实例、方法与工具
- [**94**Star][17d] [Ruby] [ffleming/timing_attack](https://github.com/ffleming/timing_attack) Perform timing attacks against web applications
- [**94**Star][3m] [Py] [fengyouchao/webzmap](https://github.com/fengyouchao/webzmap) 通过web方式管理运行zmap扫描任务， 并提供 RESTful API 方便第三方程序调用控制zmap任务
- [**94**Star][1m] [C] [dugsong/libdnet](https://github.com/dugsong/libdnet) a simplified, portable interface to several low-level
networking routines
- [**94**Star][11m] [Py] [donnchac/ubuntu-apport-exploitation](https://github.com/donnchac/ubuntu-apport-exploitation) This project contains a PoC and exploit generator for a code execution bug in Ubuntu's Apport crash reporter
- [**94**Star][12m] [Java] [docbleach/docbleach](https://github.com/docbleach/docbleach) 
- [**94**Star][3y] [Py] [cymmetria/mtpot](https://github.com/cymmetria/mtpot) Open Source Telnet Honeypot
- [**94**Star][6y] [C#] [codesinchaos/chaos.nacl](https://github.com/codesinchaos/chaos.nacl) Chaos.NaCl cryptography library
- [**94**Star][5y] [Shell] [ckuethe/usbarmory](https://github.com/ckuethe/usbarmory) Scripts, learnings, sample configurations, and random whining
- [**94**Star][4m] [Py] [chadsr/nordvpn-networkmanager](https://github.com/chadsr/nordvpn-networkmanager) A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.
- [**94**Star][19d] [C++] [azirevpn/azclient](https://github.com/azirevpn/azclient) Customizable VPN client, meant to be simple and sleek.
- [**94**Star][21d] [Go] [asciimoo/filtron](https://github.com/asciimoo/filtron) Filtering reverse HTTP proxy
- [**94**Star][30d] [Py] [angr/phuzzer](https://github.com/angr/phuzzer) The new phuzzing framework!
- [**94**Star][2y] [PS] [alsidofficial/uncoverdcshadow](https://github.com/alsidofficial/uncoverdcshadow) A PowerShell utility to dynamically uncover a DCShadow attack
- [**94**Star][2y] [Java] [airman604/jdbc-backdoor](https://github.com/airman604/jdbc-backdoor) A fake JDBC driver that allows OS command execution.
- [**94**Star][4m] [Py] [aedoo/allscanner](https://github.com/aedoo/allscanner) 数据库和其他服务的弱端口的弱口令检测以及未授权访问的集成检测工具。 Weak password blasting of weak ports and integrated detection tools for unauthorized access.
- [**94**Star][10m] [adguardteam/adguardformac](https://github.com/adguardteam/adguardformac) Open bug tracker for Mac version of AdGuard
- [**94**Star][4m] [C++] [adafruit/adafruit_io_arduino](https://github.com/adafruit/adafruit_io_arduino) Arduino library to access Adafruit IO from WiFi, cellular, and ethernet modules.
- [**94**Star][12m] [Py] [abaykan/crawlbox](https://github.com/abaykan/crawlbox) Web目录爆破脚本
- [**94**Star][11d] [PHP] [10up/restricted-site-access](https://github.com/10up/restricted-site-access) Limit access to visitors who are logged in or allowed by IP addresses. Includes many options for handling blocked visitors.
- [**93**Star][11m] [Py] [wqh0109663/jobspiders](https://github.com/wqh0109663/jobspiders) scrapy框架爬取51job(scrapy.Spider)，智联招聘(扒接口)，拉勾网(CrawlSpider)
- [**93**Star][10d] [C] [snopf/snopf](https://github.com/snopf/snopf) snopf USB password token
- [**93**Star][10d] [Py] [entynetproject/entropy](https://github.com/entynetproject/entropy) Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP Webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
- [**93**Star][2y] [JS] [eshengsky/hostsdock](https://github.com/eshengsky/hostsdock) 
- [**93**Star][12d] [Go] [corellium/corellium-android-unpacking](https://github.com/corellium/corellium-android-unpacking) Android Unpacking Automation using Corellium Devices
- [**93**Star][12d] [JS] [laixin86714802/spider-platform](https://github.com/laixin86714802/spider-platform) 可视化爬虫自动采集平台
- [**93**Star][11d] [Py] [cisagov/check-cve-2019-19781](https://github.com/cisagov/check-cve-2019-19781) Test a host for susceptibility to CVE-2019-19781
- [**93**Star][14d] [Py] [kevin-cherish/geetest](https://github.com/kevin-cherish/geetest) 滑动验证码，希望对你们有所帮助
- [**93**Star][4m] [JS] [zjuchenyuan/notebook](https://github.com/zjuchenyuan/notebook) 我的技术笔记本~
- [**93**Star][19d] [Java] [patrickfav/uber-adb-tools](https://github.com/patrickfav/uber-adb-tools) A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go. Written in Java so it should run on your platform.
- [**93**Star][1y] [JS] [turbomack/koa-sslify](https://github.com/turbomack/koa-sslify) Enforce HTTPS in node.js koa projects
- [**93**Star][17d] [Shell] [alekslitvinenk/docker-openvpn](https://github.com/alekslitvinenk/docker-openvpn) 
- [**93**Star][18d] [Java] [tripflex/wifiwizard2](https://github.com/tripflex/wifiwizard2) A Cordova plugin for managing Wifi networks (new version of WiFiWizard) - Latest is version 3+
- [**93**Star][14d] [Go] [liamhaworth/go-tproxy](https://github.com/liamhaworth/go-tproxy) Linux Transparent Proxy library for Golang
- [**93**Star][2m] [Go] [alash3al/httpsify](https://github.com/alash3al/httpsify) a transparent HTTPS termination proxy using letsencrypt with auto certification renewal
- [**93**Star][11d] [Kotlin] [m1dr05/istheapp](https://github.com/m1dr05/istheapp) Open-source android spyware
- [**93**Star][11d] [TS] [pengchujin/onesubscribe](https://github.com/pengchujin/onesubscribe) ss ssr v2ray 订阅管理 node 后端
- [**93**Star][12d] [ivbeg/awesome-forensicstools](https://github.com/ivbeg/awesome-forensicstools) Awesome list of digital forensic tools
- [**93**Star][4y] [C] [codebndr/ariadne-bootloader](https://github.com/codebndr/Ariadne-Bootloader) A little less unfinished TFTP bootloader for Arduino Ethernet or Arduino with Ethernet Shield
- [**93**Star][15d] [Ruby] [eurialo/vsaudit](https://github.com/eurialo/vsaudit) VOIP Security Audit Framework
- [**93**Star][4m] [security-cheatsheet/metasploit-cheat-sheet](https://github.com/security-cheatsheet/metasploit-cheat-sheet) Metasploit Cheat Sheet
- [**93**Star][23d] [Py] [wiredcraft/dopy](https://github.com/wiredcraft/dopy) Digital Ocean Python
- [**93**Star][21d] [JS] [watson/monster-drift](https://github.com/watson/monster-drift) a radio controlled car with Node.js and HackRF.
- [**93**Star][10d] [C++] [velocidex/c-aff4](https://github.com/velocidex/c-aff4) An AFF4 C++ implementation.
- [**93**Star][24d] [JS] [vagusx/koa-proxies](https://github.com/vagusx/koa-proxies) a koa@2.x proxy middleware
- [**93**Star][20d] [Java] [twjitm/afhq](https://github.com/twjitm/afhq) 类似于腾讯手机管家，360安全卫士等软件系。可以进行木马扫描，网络端口扫描，支付环境扫描，漏洞检测，短信电话拦截，垃圾清理，和手机防盗，利用反射和内容提供者实现电话短信拦截，采用iptable实现网络拦截过滤
- [**93**Star][17d] [Py] [tum-i22/macke](https://github.com/tum-i22/macke) Modular And Compositional analysis with KLEE Engine
- [**93**Star][5m] [JS] [tinysec/vulnerability](https://github.com/tinysec/vulnerability) windows kernel vulnerability found by me
- [**93**Star][20d] [Py] [utkusen/firstorder](https://github.com/utkusen/firstorder) A traffic analyzer to evade Empire's communication from Anomaly-Based IDS
- [**93**Star][2m] [Go] [smiegles/mass3](https://github.com/smiegles/mass3) 使用DNS和一堆DNS解析器, 快速枚举预定义的AWS S3 bucket
- [**93**Star][5m] [C++] [sharepub/checkvm-sandbox](https://github.com/sharepub/checkvm-sandbox) source code
- [**93**Star][10d] [Py] [sdnewhop/grinder](https://github.com/sdnewhop/grinder) 
- [**93**Star][10d] [HTML] [sam-b/windbg-plugins](https://github.com/sam-b/windbg-plugins) Any useful windbg plugins I've written.
- [**93**Star][5m] [JS] [ro31337/hacktunnel](https://github.com/ro31337/hacktunnel) HackTunnel is web-based peer-to-peer chat software for anonymous and encrypted communication written with Go language
- [**93**Star][7m] [C] [rinnegatamante/vitaquake](https://github.com/rinnegatamante/vitaquake) Port of Quake for Playstation Vita
- [**93**Star][2y] [PS] [realparisi/wmi_monitor](https://github.com/realparisi/wmi_monitor) Log newly created WMI consumers and processes to the Windows Application event log
- [**93**Star][6m] [C] [plusvic/yara](https://github.com/plusvic/yara) The pattern matching swiss knife
- [**93**Star][15d] [Py] [pdjstone/wsuspect-proxy](https://github.com/pdjstone/wsuspect-proxy) Python tool to inject fake updates into unencrypted WSUS traffic
- [**93**Star][1y] [pandazheng/securitysite](https://github.com/pandazheng/securitysite) 收集了一些安全公司的博客
- [**93**Star][4y] [C] [osandamalith/ipobfuscator](https://github.com/osandamalith/ipobfuscator) A simple tool to convert the IP to a DWORD IP
- [**93**Star][1m] [Ruby] [openwiresec/metasploit](https://github.com/openwiresec/metasploit) 
- [**93**Star][15d] [Py] [ofek/userpath](https://github.com/ofek/userpath) Cross-platform tool for adding locations to the user PATH, no elevated privileges required!
- [**93**Star][1m] [JS] [oalabs/frida-wshook](https://github.com/oalabs/frida-wshook) Script analysis tool based on Frida.re
- [**93**Star][12d] [JS] [oalabs/frida-extract](https://github.com/oalabs/frida-extract) Frida.re based RunPE (and MapViewOfSection) extraction tool
- [**93**Star][4m] [C#] [notsosecure/blacklist3r](https://github.com/notsosecure/blacklist3r) project-blacklist3r
- [**93**Star][8y] [C] [neuroo/runtime-tracer](https://github.com/neuroo/runtime-tracer) Dynamic tracing for binary applications (using PIN), IDA plugin to visualize and interact with the traces
    - [PinTool](https://github.com/neuroo/runtime-tracer/tree/master/tracer) 
    - [IDA插件](https://github.com/neuroo/runtime-tracer/tree/master/ida-pin) 
- [**93**Star][2y] [C] [mrschyte/pentestkoala](https://github.com/mrschyte/pentestkoala) Modified dropbear server which acts as a client and allows authless login
- [**93**Star][2y] [Swift] [ming1016/smck](https://github.com/ming1016/smck) 用 Swift 编写的工程代码静态分析命令行工具 smck
- [**93**Star][4y] [PS] [matthastings/dscompromised](https://github.com/matthastings/dscompromised) managing and infecting systems via Windows Desired State Configuration (DSC)
- [**93**Star][11d] [Py] [markbaggett/domain_stats](https://github.com/markbaggett/domain_stats) 
- [**93**Star][11d] [Go] [linuxboot/fiano](https://github.com/linuxboot/fiano) Go-based tools for modifying UEFI firmware
- [**93**Star][4y] [C] [kr105-zz/ps4-dlclose](https://github.com/kr105-zz/ps4-dlclose) Fully implemented dlclose exploit for PS4 fw 1.76 with included linux loader
- [**93**Star][2m] [C++] [k33nteam/cc-shellcoding](https://github.com/k33nteam/cc-shellcoding) 
- [**93**Star][12d] [ivbeg/awesome-forensicstools](https://github.com/ivbeg/awesome-forensicstools) Awesome list of digital forensic tools
- [**93**Star][2y] [C] [hfiref0x/vmde](https://github.com/hfiref0x/vmde) Source from VMDE paper, adapted to 2015
- [**93**Star][2y] [Shell] [henryho2006/rpiproxy](https://github.com/henryho2006/rpiproxy) Make a Raspberry PI as a proxy route, work with shadowsocks server, provide clean dns/proxy service
- [**93**Star][3m] [C] [gitdurandal/dbd](https://github.com/gitdurandal/dbd) Durandal's Backdoor
- [**93**Star][2m] [C++] [gdelugre/shell-factory](https://github.com/gdelugre/shell-factory) C++-based shellcode builder
- [**93**Star][2m] [Py] [gdanezis/petlib](https://github.com/gdanezis/petlib) A python library that implements a number of Privacy Enhancing Technolgies
- [**93**Star][4m] [Py] [fortynorthsecurity/aggressorassessor](https://github.com/fortynorthsecurity/aggressorassessor) Aggressor scripts for phases of a pen test or red team assessment
- [**93**Star][3y] [C++] [femto-dev/femto](https://github.com/femto-dev/femto) Sequence Indexing and Search
- [**93**Star][14d] [fademind/hosts.extras](https://github.com/fademind/hosts.extras) Extra rules for
- [**93**Star][5m] [JS] [etherdream/https_hijack_demo](https://github.com/etherdream/https_hijack_demo) HTTPS Frontend Hijack
- [**93**Star][25d] [C++] [epam/nfstrace](https://github.com/epam/nfstrace) Network file system monitor and analyzer
- [**93**Star][13d] [Py] [elttam/advisories](https://github.com/elttam/advisories) 
- [**93**Star][7m] [Rust] [ekse/unicorn-rs](https://github.com/ekse/unicorn-rs) Rust bindings for the unicorn CPU emulator
- [**93**Star][13d] [Py] [dirkjanm/impacket](https://github.com/dirkjanm/impacket) Impacket is a collection of Python classes for working with network protocols.
- [**93**Star][12d] [C] [devanlai/dap42](https://github.com/devanlai/dap42) CMSIS-DAP debugger firmware for STM32F042Fx and STM32F103xx
- [**93**Star][17d] [Go] [coinbase/dexter](https://github.com/coinbase/dexter) Forensics acquisition framework designed to be extensible and secure
- [**93**Star][4m] [Clojure] [clojure-goes-fast/clj-java-decompiler](https://github.com/clojure-goes-fast/clj-java-decompiler) REPL-integrated Clojure-to-Java decompiler
- [**93**Star][4m] [claucece/useful-crypto-resources](https://github.com/claucece/useful-crypto-resources) A place for useful crypto-related resources plus some of my fav stuff
- [**93**Star][5m] [Py] [callmefeifei/svnhack](https://github.com/callmefeifei/svnhack) 一个Svn信息泄露辅助工具，可以使用这个脚本列取网站目录，读取源码文件以及下载整站代码。
- [**93**Star][2y] [PS] [bkup/slackshell](https://github.com/bkup/slackshell) PowerShell to Slack C2
- [**93**Star][4y] [Ruby] [awslabs/logstash-input-dynamodb](https://github.com/awslabs/logstash-input-dynamodb) This input plugin for Logstash scans a specified DynamoDB table and then reads changes to a DynamoDB table from the associated DynamoDB Stream.This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline. This gem is not a stand-alone program.
- [**93**Star][4m] [JS] [assnctr/unfx-proxy-checker](https://github.com/assnctr/unfx-proxy-checker) Unfx Proxy Checker - Powerful proxy checker with huge features and beautiful design. Easy sorting and filtering by all parameters.
- [**93**Star][18d] [Py] [airbus-seclab/bta](https://github.com/airbus-seclab/bta) Open source Active Directory security audit framework.
- [**93**Star][2m] [JS] [adafruit/adafruit-io-node](https://github.com/adafruit/adafruit-io-node) A Node.js Adafruit IO Node.js Client, Local Server, & io.adafruit.com TLS Tunnel.
- [**93**Star][1y] [Py] [0x00-0x00/fakepip](https://github.com/0x00-0x00/fakepip) Pip install exploit package
- [**92**Star][10d] [Shell] [intel/kernel-fuzzer-for-xen-project](https://github.com/intel/kernel-fuzzer-for-xen-project) VMI Kernel Fuzzer for Xen Project: VM forking, VMI & AFL integration demo
- [**92**Star][11d] [Java] [rsrdesarrollo/generator-burp-extension](https://github.com/rsrdesarrollo/generator-burp-extension) Everything you need about Burp Extension Generation
- [**92**Star][12d] [Java] [yworks/yguard](https://github.com/yworks/yguard) The open-source Java obfuscation tool working with Ant and Gradle by yWorks - the diagramming experts
- [**92**Star][12d] [Java] [jaeyeophan/algorithm_basic_java](https://github.com/jaeyeophan/algorithm_basic_java) 
- [**92**Star][3m] [Py] [ryu22e/django_cve_2019_19844_poc](https://github.com/ryu22e/django_cve_2019_19844_poc) PoC for CVE-2019-19844(
- [**92**Star][1m] [Py] [wulc/thesaurusspider](https://github.com/wulc/thesaurusspider) 下载搜狗、百度、QQ输入法的词库文件的 python 爬虫，可用于构建不同行业的词汇库
- [**92**Star][12d] [Java] [x-dea/flutter-vpn](https://github.com/x-dea/flutter-vpn) Plugin to access VPN service for Flutter | Flutter 的 VPN 插件
- [**92**Star][23d] [PHP] [amphp/socket](https://github.com/amphp/socket) Non-blocking socket and TLS functionality for PHP based on Amp.
- [**92**Star][14d] [Py] [greenbone/autohooks](https://github.com/greenbone/autohooks) Library for managing git hooks
- [**92**Star][1m] [C++] [roboremo/esp8266-wifi-uart-bridge](https://github.com/roboremo/esp8266-wifi-uart-bridge) Transparent WiFi (TCP, UDP) to UART Bridge, in AP or STATION mode
- [**92**Star][21d] [JS] [beepisla/csgo-crash-exploit](https://github.com/beepisla/csgo-crash-exploit) Allows you to crash any Windows user
- [**92**Star][4m] [Java] [rikkaapps/wadb](https://github.com/rikkaapps/wadb) A simple switch for adb (Android Debug Bridge) over network.
- [**92**Star][1m] [0xd4d/dnspy-unity-mono](https://github.com/0xd4d/dnspy-unity-mono) Fork of Unity mono that's used to compile mono.dll with debugging support enabled
- [**92**Star][1m] [C] [merbanan/rfid_app](https://github.com/merbanan/rfid_app) Linux version for China 125kHz rfid reader/writer (RFID_APP_EN)
- [**92**Star][2m] [Java] [nordicsemiconductor/android-nrf-beacon](https://github.com/nordicsemiconductor/android-nrf-beacon) The nRF Beacon application lets you explore the full range of possibilities for beacons using Bluetooth Smart technology. The application has been designed to demonstrate all features of the nRF8122 Bluetooth® Smart Beacon Kit.
- [**92**Star][23d] [Shell] [infoslack/docker-dvwa](https://github.com/infoslack/docker-dvwa) Docker image for DVWA(Damn Vulnerable Web Application)
- [**92**Star][6m] [PS] [adamdriscoll/snek](https://github.com/adamdriscoll/snek) PowerShell wrapper around Python for .NET to invoke Python from PowerShell
- [**92**Star][9d] [Py] [leonv024/raasnet](https://github.com/leonv024/raasnet) Open-Source Ransomware As A Service for Linux, MacOS and Windows
- [**92**Star][10d] [Perl] [jetmore/swaks](https://github.com/jetmore/swaks) Swaks - Swiss Army Knife for SMTP
- [**92**Star][18d] [Shell] [cyb0r9/androspy](https://github.com/Cyb0r9/Androspy) Androspy framework is a Backdoor Crypter & Creator with Automatic IP Poisener
- [**92**Star][1y] [Py] [lc/230-oob](https://github.com/lc/230-OOB) An Out-of-Band XXE server for retrieving file contents over FTP.
- [**92**Star][12d] [C++] [fsecurelabs/viridianfuzzer](https://github.com/FSecureLABS/ViridianFuzzer) Kernel driver to fuzz Hyper-V hypercalls
- [**92**Star][12d] [C#] [fsecurelabs/sharpcliphistory](https://github.com/FSecureLABS/SharpClipHistory) SharpClipHistory is a .NET application written in C# that can be used to read the contents of a user's clipboard history in Windows 10 starting from the 1809 Build.
- [**92**Star][2m] [Py] [icchy/tracecorn](https://github.com/icchy/tracecorn) Windows API tracer for malware (oldname: unitracer)
- [**92**Star][1m] [C] [zerosteiner/reflective-polymorphism](https://github.com/zeroSteiner/reflective-polymorphism) Reflective Polymorphism
- [**92**Star][3m] [ObjC] [zhengmin1989/macos-10.12.2-exp-via-mach_voucher](https://github.com/zhengmin1989/macos-10.12.2-exp-via-mach_voucher) Local Privilege Escalation for macOS 10.12.2 via mach_voucher and XNU port Feng Shui
- [**92**Star][1m] [Py] [zachriggle/peda](https://github.com/zachriggle/peda) PEDA - Python Exploit Development Assistance for GDB
- [**92**Star][1m] [Py] [youmengxuefei/web_vul_scan](https://github.com/youmengxuefei/web_vul_scan) 基于爬虫的web漏洞扫描器
- [**92**Star][4m] [ObjC] [wooyundota/dumpdex](https://github.com/wooyundota/dumpdex) Android Unpack tool based on Cydia
- [**92**Star][2y] [C++] [waryas/umpmlib](https://github.com/waryas/umpmlib) A library to manipulate physical memory from usermode.
- [**92**Star][26d] [C] [vmcall/ayyxam](https://github.com/vmcall/ayyxam) Bypass for The Digital Exam Monitor developed by the Danish Ministry of Education (Den Digitale Prøvevagt) and ExamCookie
- [**92**Star][1m] [Shell] [viralpoetry/packer-bare-metal](https://github.com/viralpoetry/packer-bare-metal) Building bare metal OS images with Packer, VirtualBox and qemu-img
- [**92**Star][10m] [Py] [tomchop/volatility-autoruns](https://github.com/tomchop/volatility-autoruns) Autoruns plugin for the Volatility framework
- [**92**Star][9m] [Py] [tomchop/unxor](https://github.com/tomchop/unxor) unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
- [**92**Star][6m] [HTML] [thezdi/abusing-silent-mitigations](https://github.com/thezdi/abusing-silent-mitigations) Understanding weaknesses within Internet Explorer's Isolated Heap and MemoryProtection
- [**92**Star][4y] [PS] [thepaulbenoit/winpirate](https://github.com/thepaulbenoit/winpirate) Automated sticky keys hack. Post exploitation it grabs browser passwords, history, and network passwords
- [**92**Star][1m] [Rust] [tbrand/dystopia](https://github.com/tbrand/dystopia) Anonymity on the Internet by Transparent way.
- [**92**Star][3y] [C++] [shmuelyr/captainhook](https://github.com/shmuelyr/captainhook) CaptainHook is perfect x86/x64 hook environment
- [**92**Star][1m] [secwiki/macos-kernel-exploits](https://github.com/secwiki/macos-kernel-exploits) macos-kernel-exploits MacOS平台提权漏洞集合
- [**92**Star][1m] [Scala] [scala/jardiff](https://github.com/scala/jardiff) A tool for comparing JAR files, including Scala pickled signatures and method code
- [**92**Star][23d] [TeX] [rudymatela/concise-cheat-sheets](https://github.com/rudymatela/concise-cheat-sheets) Cheat Sheets for programming languages and tools
- [**92**Star][4m] [Py] [rub-syssec/password-guessing-framework](https://github.com/rub-syssec/password-guessing-framework) A Framework for Comparing Password Guessing Strategies
- [**92**Star][1y] [reconjson/reconjson](https://github.com/reconjson/reconjson) ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.
- [**92**Star][4m] [Shell] [ossiozac/raspberry-pi-zero-rubber-ducky-duckberry-pi](https://github.com/ossiozac/raspberry-pi-zero-rubber-ducky-duckberry-pi) A £10 Rubber Ducky USB HID! A USB device which emulates a keyboard and automates key entry.
- [**92**Star][1m] [Py] [oreilly-japan/black-hat-python-jp-support](https://github.com/oreilly-japan/black-hat-python-jp-support) 『サイバーセキュリティプログラミング』のサポートページ
- [**92**Star][23d] [C] [ningzhenyu/nailgun](https://github.com/ningzhenyu/nailgun) Nailgun attack on ARM devices.
- [**92**Star][8y] [Ruby] [mubix/not-in-pentesting-class](https://github.com/mubix/not-in-pentesting-class) The Dirty Secrets They Didn't Teach You In Pentesting Class
- [**92**Star][3y] [Java] [mingyuan-xia/patdroid](https://github.com/mingyuan-xia/patdroid) A Program Analysis Toolkit for Android
- [**92**Star][13d] [Py] [malwaremusings/unpacker](https://github.com/malwaremusings/unpacker) Automated malware unpacker
- [**92**Star][2m] [Py] [keithjjones/fileintel](https://github.com/keithjjones/fileintel) A modular Python application to pull intelligence about malicious files
- [**92**Star][4m] [PS] [jborean93/packer-windoze](https://github.com/jborean93/packer-windoze) Packer templates to create Windows vagrant box images
- [**92**Star][2m] [Ruby] [hdm/metasploit-framework](https://github.com/hdm/metasploit-framework) Metasploit Framework
- [**92**Star][12d] [Py] [gast04/r4ge](https://github.com/gast04/r4ge) Symbolic Execution Tool in r2
- [**92**Star][30d] [JS] [fgsect/fexm](https://github.com/fgsect/fexm) Automated fuzzing framework
- [**92**Star][1m] [Go] [equim-chan/h2s](https://github.com/equim-chan/h2s) 
- [**92**Star][3m] [Py] [dionysio/haveibeenpwned_lastpass](https://github.com/dionysio/haveibeenpwned_lastpass) Check if your lastpass passwords have been pwned by someone
- [**92**Star][2m] [dantaler/detectionstring](https://github.com/dantaler/detectionstring) list of sql-injection and XSS strings
- [**92**Star][4m] [PS] [compwiz32/psadhealth](https://github.com/compwiz32/psadhealth) A toolkit of AD specific health checks that you can run in your environment to ensure your Active Directory is running optimally.
- [**92**Star][2m] [Py] [circl/bgp-ranking](https://github.com/circl/bgp-ranking) BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN).
- [**92**Star][5y] [Py] [cheetz/brutescrape](https://github.com/cheetz/brutescrape) A web scraper for generating password files based on plain text found
- [**92**Star][11d] [Py] [carmaa/nacker](https://github.com/carmaa/nacker) Nacker is a tool to circumvent 802.1x Network Access Control (NAC) on a wired LAN. Nacker will help you locate any non-802.1x configurable hosts on your subnet, and spoof their MAC address so that you appear authenticated to the switch.
- [**92**Star][5m] [Py] [bindog/toymalwareclassification](https://github.com/bindog/toymalwareclassification) Kaggle微软恶意代码分类
- [**92**Star][21d] [JS] [beepisla/csgo-crash-exploit](https://github.com/BeepIsla/csgo-crash-exploit) Allows you to crash any Windows user
- [**92**Star][10d] [C++] [aap/librw](https://github.com/aap/librw) A (partial) re-implementation of RenderWare Graphics
- [**92**Star][4m] [Java] [5gsd/aimsicdl](https://github.com/5gsd/aimsicdl) AIMSICD Lite (Android IMSI-Catcher Detector) - reloaded!
- [**92**Star][2y] [C] [3gstudent/inject-dll-by-process-doppelganging](https://github.com/3gstudent/inject-dll-by-process-doppelganging) Process Doppelgänging
- [**91**Star][10d] [C] [chompie1337/s8_2019_2215_poc](https://github.com/chompie1337/s8_2019_2215_poc) PoC 2019-2215 exploit for S8/S8 active with DAC + SELinux + Knox/RKP bypass
- [**91**Star][12d] [Shell] [thelinuxchoice/getdroid](https://github.com/thelinuxchoice/getdroid) FUD Android Payload and Listener
- [**91**Star][3y] [C#] [technitiumsoftware/bitchatclient](https://github.com/technitiumsoftware/bitchatclient) Technitium Bit Chat, a secure, peer-to-peer, instant messenger!
- [**91**Star][4m] [TS] [chichou/vscode-frida](https://github.com/chichou/vscode-frida) WIP
- [**91**Star][4m] [0xthirteen/staykit](https://github.com/0xthirteen/staykit) Cobalt Strike kit for Persistence
- [**91**Star][29d] [Go] [go-crawler/douban-movie](https://github.com/go-crawler/douban-movie) Golang爬虫 爬取豆瓣电影Top250
- [**91**Star][4m] [Py] [happyjared/python-learning](https://github.com/happyjared/python-learning) Those years of learning Python - 这些年学习的Python
- [**91**Star][26d] [JS] [dytttf/antispider](https://github.com/dytttf/antispider) 碰到过的反爬虫措施和解决办法
- [**91**Star][28d] [JS] [cubicdaiya/onp](https://github.com/cubicdaiya/onp) The implementations of "An O(NP) Sequence Comparison Algorithm"
- [**91**Star][17d] [Shell] [googlecloudplatform/gke-networking-demos](https://github.com/googlecloudplatform/gke-networking-demos) This project presents a number of best practices for establishing network links between Kubernetes Engine clusters, and exposing cluster services across Google Cloud projects. You will use a set of Deployment Manager templates to create networks, subnets, vpn connections, and Kubernetes Engine clusters.
- [**91**Star][18d] [CSS] [hahaha108/copybook](https://github.com/hahaha108/copybook) 用爬虫爬取小说网站上所有小说，存储到数据库中，并用爬到的数据构建自己的小说网站
- [**91**Star][1m] [Go] [getamis/eth-indexer](https://github.com/getamis/eth-indexer) An Ethereum project to crawl blockchain states into database
- [**91**Star][1m] [C++] [kefir500/apk-icon-editor](https://github.com/kefir500/apk-icon-editor) APK editor to easily change APK icons, name and version.
- [**91**Star][12d] [ignitetechnologies/web-application-cheatsheet](https://github.com/ignitetechnologies/web-application-cheatsheet) This cheatsheet is aimed at the CTF Players and Beginners to help them understand Web Application Vulnerablity with examples.
- [**91**Star][16d] [PHP] [automattic/vip-coding-standards](https://github.com/automattic/vip-coding-standards) PHP_CodeSniffer ruleset to enforce WordPress.com VIP and VIP Go coding standards
- [**91**Star][24d] [C++] [px4/opticalflow](https://github.com/px4/opticalflow) This repository contains different algorithms to calculate the optical flow. It can be used as input for a position estimator
- [**91**Star][1m] [Dockerfile] [leezj9671/secdevices_docker](https://github.com/leezj9671/secdevices_docker) 自行编写的工作中使用到的安全设备Dockerfile
- [**91**Star][17d] [C] [jtesta/rainbowcrackalack](https://github.com/jtesta/rainbowcrackalack) Rainbow table generation & lookup tools. Make Rainbow Tables Great Again!
- [**91**Star][2m] [Py] [hackatnow/cromos](https://github.com/hackatnow/cromos) Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application.
- [**91**Star][2m] [TS] [redpointgames/pkgsign](https://github.com/redpointgames/pkgsign) A CLI tool for signing and verifying npm and yarn packages.
- [**91**Star][15d] [Shell] [radareorg/radare2-pm](https://github.com/radareorg/radare2-pm) Package Manager for Radare2
- [**91**Star][13d] [Py] [lich4/personal_script](https://github.com/lich4/personal_script) 010Editor/BurpSuite/Frida/IDA tools and scripts collection
    - [010Editor](https://github.com/lich4/personal_script/tree/master/010Editor_Script) 010Editor scripts
    - [ParamChecker](https://github.com/lich4/personal_script/tree/master/BurpSuite_Script) Burp插件
    - [Frida](https://github.com/lich4/personal_script/tree/master/Frida_script) Frida Scripts
    - [IDA](https://github.com/lich4/personal_script/tree/master/IDA_Script) IDA Scripts
    - [IDA-read_unicode.py](https://github.com/lich4/personal_script/blob/master/IDA_Script/read_unicode.py) When there is chinese unicode character in programe, due to python's shortage, ida could not recongnized them correctly, it's what my script just do
    - [IDA-add_xref_for_macho](https://github.com/lich4/personal_script/blob/master/IDA_Script/add_xref_for_macho.py)  When you deal with macho file with ida, you'll find out that it's not easy to find Objc-Class member function's caller and callee, (because it use msgSend instead of direct calling  convention), so we need to make some connection between the selector names and member function  pointers, it's what my script just do
    - [IDA-add_info_for_androidgdb](https://github.com/lich4/personal_script/blob/master/IDA_Script/add_info_for_androidgdb.py) When you debug android with IDA and gdbserver, you'd find that the module list and segment is empy, while we can read info from /proc/[pid]/,
    - [IDA-trace_instruction](https://github.com/lich4/personal_script/blob/master/IDA_Script/trace_instruction.py) this script is to trace instruction stream in one run 
    - [IDA-detect_ollvm](https://github.com/lich4/personal_script/blob/master/IDA_Script/detect_ollvm.py) this script is to detect ollvm and fix it in some extent, apply to android and ios
    - [IDA-add_block_for_macho](https://github.com/lich4/personal_script/blob/master/IDA_Script/add_block_for_macho.py) this script is used to analysis block structure exist in macho file, target NSConcreteStackBlock/NSConcreteGlobalBlock currently, also contain some wonderful skills
- [**91**Star][2m] [Py] [blacknbunny/peanalyzer](https://github.com/blacknbunny/peanalyzer) Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit
- [**91**Star][3m] [Py] [am0nsec/exploit](https://github.com/am0nsec/exploit) Collection of different exploits
- [**91**Star][4m] [Py] [wagiro/pintool](https://github.com/wagiro/pintool) This tool can be useful for solving some reversing challenges in CTFs events.
- [**91**Star][2y] [C] [vv1ld/ps4hen](https://github.com/vv1ld/ps4hen) PS4 Homebrew ENabler based on Flatz writeup and using IDC's codebase
- [**91**Star][2y] [Py] [viralmaniar/smwyg-show-me-what-you-got](https://github.com/viralmaniar/smwyg-show-me-what-you-got) This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before.
- [**91**Star][4m] [Py] [viralmaniar/peekaboo](https://github.com/viralmaniar/peekaboo) PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.
- [**91**Star][6m] [C] [vigem/hidguardian](https://github.com/vigem/hidguardian) Windows kernel-mode driver for controlling access to various input devices.
- [**91**Star][1m] [C++] [versprite/research](https://github.com/versprite/research) VerSprite Security Research
- [**91**Star][1m] [HTML] [tigzy/malware-repo](https://github.com/tigzy/malware-repo) Malware Repository Framework
- [**91**Star][16d] [Go] [systemboot/systemboot](https://github.com/systemboot/systemboot) SystemBoot is a LinuxBoot distribution that works as a system firmware + bootloader, based on u-root
- [**91**Star][3y] [swiftonsecurity/phishingregex](https://github.com/swiftonsecurity/phishingregex) Backup of my phishing regular expression testing bench
- [**91**Star][12d] [C] [strobejb/winspy](https://github.com/strobejb/winspy) WinSpy++
- [**91**Star][4y] [C#] [smartbooks/smartspider](https://github.com/smartbooks/smartspider) 网络信息智能采集系统，是一款基于http协议的Web信息采集软件，应用于网站信息采集，信息安全监控等领域。
- [**91**Star][1y] [C] [siguza/iokit-utils](https://github.com/siguza/iokit-utils) Dev tools for probing IOKit
- [**91**Star][2y] [Py] [sigploiter/gtscan](https://github.com/sigploiter/gtscan) The Nmap Scanner for Telco
- [**91**Star][10d] [C] [sensepost/ms16-098](https://github.com/sensepost/ms16-098) Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow
- [**91**Star][2m] [Py] [sensepost/birp](https://github.com/sensepost/birp) Big Iron Recon & Pwnage
- [**91**Star][1y] [Shell] [secthemall/secthemall](https://github.com/secthemall/secthemall) A Bash script that automatically blocks IP using iptables. It distributes each blocked IP on all your Linux server.
- [**91**Star][2y] [C++] [rub-syssec/marx](https://github.com/rub-syssec/marx) Uncovering Class Hierarchies in C++ Programs
    - [IDA导出](https://github.com/rub-syssec/marx/blob/master/ida_export/export.py) 
    - [IDA导入插件](https://github.com/rub-syssec/marx/tree/master/ida_import) 
    - [core](https://github.com/rub-syssec/marx/tree/master/src) 
- [**91**Star][2m] [Scala] [rsertelon/android-keystore-recovery](https://github.com/rsertelon/android-keystore-recovery) A tool to recover your lost Android keystore password
- [**91**Star][2y] [Shell] [rpranshu/autopwn](https://github.com/rpranshu/autopwn) A simple bash based metasploit automation tool!
- [**91**Star][1m] [C++] [rmitton/goaldis](https://github.com/rmitton/goaldis) Jak & Daxter GOAL disassembler
- [**91**Star][19d] [Shell] [rhaidiz/dribble](https://github.com/rhaidiz/dribble) A small project for stealing Wi-Fi passwords via browser's cache poisoning
- [**91**Star][3m] [C] [rchiossi/dexterity](https://github.com/rchiossi/dexterity) Dex manipulation library
- [**91**Star][4m] [Py] [patois/hrdevhelper](https://github.com/patois/hrdevhelper) HexRays decompiler plugin that visualizes the ctree of decompiled functions.
- [**91**Star][11d] [Py] [patois/genmc](https://github.com/patois/genmc) Display Hex-Rays Microcode
- [**91**Star][10d] [Py] [opengeovis/pvgeo](https://github.com/opengeovis/pvgeo) Python package of VTK-based algorithms to analyze geoscientific data and models
- [**91**Star][2m] [HTML] [openatx/wdaproxy](https://github.com/openatx/wdaproxy) WebDriverAgent Proxy
- [**91**Star][6y] [JS] [nihgwu/nevermore](https://github.com/nihgwu/nevermore) a shadowsocks client powered by node-webkit
- [**91**Star][3y] [nccgroup/cve-2017-8759](https://github.com/nccgroup/cve-2017-8759) NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements
- [**91**Star][3y] [Py] [n3tc4t/instabrute](https://github.com/n3tc4t/instabrute) Instagram password bruteforcer
- [**91**Star][13d] [Py] [mitre-attack/attack-scripts](https://github.com/mitre-attack/attack-scripts) Scripts and a (future) library to improve users' interactions with the ATT&CK content
- [**91**Star][14d] [Py] [mgoffin/malwarecookbook](https://github.com/mgoffin/malwarecookbook) Malware Analyst's Cookbook stuffs
- [**91**Star][8d] [Py] [lnxg33k/webhandler](https://github.com/lnxg33k/webhandler) Bash simulator to control a server using PHP system functions.
- [**91**Star][2m] [JS] [laktak/vanilla-chrome](https://github.com/laktak/vanilla-chrome) Vanilla Cookie Manager is a Whitelist Manager that helps protect your privacy. Automatically removes unwanted cookies.
- [**91**Star][1m] [Py] [laconicwolf/burp-extensions](https://github.com/laconicwolf/burp-extensions) A collection of scripts to extend Burp Suite
- [**91**Star][22d] [C] [kelvinhack/devicemon](https://github.com/kelvinhack/devicemon) VT-based PCI device monitor (SPI)
- [**91**Star][8m] [Java] [julietkilo/canbabel](https://github.com/julietkilo/canbabel) Translator for several Controller Area Network (CAN) description formats
- [**91**Star][2m] [jollheef/libreoffice-remote-arbitrary-file-disclosure](https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure) Proof of concept of LibreOffice remote arbitrary file disclosure vulnerability
- [**91**Star][4m] [HTML] [jbman223/earlyap](https://github.com/jbman223/earlyap) Proxy specifically available for AP scores to enable simple early access to your scores without any storing of your College Board account details or dealing with untrustable proxies.
- [**91**Star][16d] [C] [javierhonduco/write-a-strace-and-gdb](https://github.com/javierhonduco/write-a-strace-and-gdb) A tiny system call tracer and debugger implementation
- [**91**Star][4m] [Py] [jas502n/cve-2019-3396](https://github.com/jas502n/cve-2019-3396) Confluence 未授权 RCE (CVE-2019-3396) 漏洞
- [**91**Star][3m] [Ruby] [isecpartners/tlspretense](https://github.com/isecpartners/tlspretense) A test framework for testing SSL/TLS client certificate validation.
- [**91**Star][12d] [realbearcat/fastjson-payload](https://github.com/RealBearcat/Fastjson-Payload) Fastjson 反序列化
- [**91**Star][1m] [Py] [houqp/shell.py](https://github.com/houqp/shell.py) shell power for python
- [**91**Star][14d] [Shell] [hannob/tlshelpers](https://github.com/hannob/tlshelpers) A collection of shell scripts that help handling X.509 certificate and TLS issues
- [**91**Star][3y] [grrrdog/tls-redirection](https://github.com/grrrdog/tls-redirection) raise awareness of a little-known group of attacks, TLS redirection / Virtual Host Confusion, and to bring all the information related to this topic together.
- [**91**Star][10d] [C] [greenbone/gvmd](https://github.com/greenbone/gvmd) Greenbone Vulnerability Manager
- [**91**Star][2y] [Py] [getsecnow/instagram-py](https://github.com/getsecnow/instagram-py) Simple Instagram brute force script written in python
- [**91**Star][13d] [JS] [gajus/global-agent](https://github.com/gajus/global-agent) Global HTTP/HTTPS proxy agent configurable using environment variables.
- [**91**Star][18d] [Clojure] [funcool/buddy-core](https://github.com/funcool/buddy-core) Cryptographic api for Clojure
- [**91**Star][2y] [Java] [federicodotta/handycollaborator](https://github.com/federicodotta/handycollaborator) Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!
- [**91**Star][30d] [C#] [dsnezhkov/typhoon](https://github.com/dsnezhkov/typhoon) recon under the radar 
- [**91**Star][4m] [Go] [devanshbatham/gorecon](https://github.com/devanshbatham/gorecon) Gorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
- [**91**Star][1m] [Py] [debasishm89/hack_audio_captcha](https://github.com/debasishm89/hack_audio_captcha) Collection of Scripts written to Solve/Crack Audio reCapcha Challenges
- [**91**Star][1m] [C++] [deadash/pbb_crack](https://github.com/deadash/pbb_crack) PBB视频解密
- [**91**Star][11d] [Shell] [daradib/sidedoor](https://github.com/daradib/sidedoor) SSH connection daemon for Debian/Raspbian/Ubuntu/etc
- [**91**Star][11d] [Py] [danielplohmann/smda](https://github.com/danielplohmann/smda) SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
- [**91**Star][19d] [d3sre/use_case_applicability](https://github.com/d3sre/use_case_applicability) Security Monitoring Resolution Categories
- [**91**Star][4m] [Py] [calidog/axeman](https://github.com/calidog/axeman) Axeman is a utility to retrieve certificates from Certificate Transparency Lists (CTLs)
- [**91**Star][9m] [C] [brainsmoke/ptrace-burrito](https://github.com/brainsmoke/ptrace-burrito) a friendly wrapper around ptrace
- [**91**Star][3y] [Java] [blackarbiter/android_code_arbiter](https://github.com/blackarbiter/android_code_arbiter) 针对Android Studio的源码扫描工具
- [**91**Star][7m] [Py] [assurancemaladiesec/certstreammonitor](https://github.com/assurancemaladiesec/certstreammonitor) Monitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.
- [**91**Star][11m] [C] [arduino-libraries/wifi101](https://github.com/arduino-libraries/wifi101) Wifi library for the Arduino WiFi 101 Shield
- [**90**Star][17d] [Py] [my8100/scrapyd-cluster-on-heroku](https://github.com/my8100/scrapyd-cluster-on-heroku) Set up free and scalable Scrapyd cluster for distributed web-crawling with just a few clicks. DEMO
- [**90**Star][4m] [VBA] [dzzie/map](https://github.com/dzzie/map) Malcode Analyst Pack - make sure to run installer ->
- [**90**Star][4m] [Ruby] [haseeb-qureshi/algorithms-study-group](https://github.com/haseeb-qureshi/algorithms-study-group) Study group for algorithms in Ruby, hosted at App Academy
- [**90**Star][2m] [Kotlin] [pacien/tincapp](https://github.com/pacien/tincapp) Android binding and user interface for the tinc mesh VPN daemon.
- [**90**Star][14d] [TS] [pdupavillon/express-recaptcha](https://github.com/pdupavillon/express-recaptcha) Implementation of google recaptcha v2 & V3 solutions for express.js
- [**90**Star][23d] [C] [feghal/fgroute](https://github.com/feghal/fgroute) Get your device ip address, router ip or wifi ssid
- [**90**Star][4m] [Py] [haroonawanofficial/xss-finder](https://github.com/haroonawanofficial/xss-finder) World's most Powerful and Advanced Cross Site Scripting Software
- [**90**Star][1m] [Py] [hackatnow/stretcher](https://github.com/hackatnow/stretcher) Tool designed to help identify open Elasticsearch servers that are exposing sensitive information
- [**90**Star][10d] [Shell] [thelinuxchoice/clipboardme](https://github.com/thelinuxchoice/clipboardme) Grab and Inject clipboard content by link
- [**90**Star][11d] [Py] [reswitched/loaders](https://github.com/reswitched/loaders) IDA Loaders for Switch binaries(NSO / NRO)
- [**90**Star][26d] [Py] [meituan-dianping/lyrebird-android](https://github.com/meituan-dianping/lyrebird-android) 本程序是一个Lyrebird的插件，用于支持获取Android设备信息。
- [**90**Star][8m] [uknowsec/loginlog_windows](https://github.com/uknowsec/loginlog_windows) 读取登录过本机的登录失败或登录成功的所有计算机信息，在内网渗透中快速定位运维管理人员。
- [**90**Star][24d] [Go] [liamg/pax](https://github.com/liamg/pax) 
- [**90**Star][10d] [Jupyter Notebook] [misinfosecproject/amitt_framework](https://github.com/misinfosecproject/amitt_framework) AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools.
- [**90**Star][11d] [C] [contionmig/kernelmode-bypass](https://github.com/ContionMig/KernelMode-Bypass) This is a source to a bypass i made for some games, for now this should work f or VAC, BE and EAC. The only downside is that you will need to find a exploit to load the driver
- [**90**Star][17d] [Py] [acmesec/ctfcracktools-v2](https://github.com/Acmesec/CTFCrackTools-V2) China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
- [**90**Star][30d] [Py] [securisec/r2wiki](https://github.com/securisec/r2wiki) Radare 2 wiki
- [**90**Star][1y] [CSS] [tomlowenthal/privacy-policy-template](https://github.com/tomlowenthal/privacy-policy-template) A template and some tips for making privacy policies more easily.
- [**90**Star][3m] [TeX] [zxgio/r2-cheatsheet](https://github.com/zxgio/r2-cheatsheet) Radare2 cheat-sheet
- [**90**Star][4m] [C] [zouxianyu/kernelhiddenexecute](https://github.com/zouxianyu/kernelhiddenexecute) Execute kernel code with page separation
- [**90**Star][5m] [C++] [zibility/remote](https://github.com/zibility/remote) 参考Gh0st源码，实现的一款PC远程协助软件，拥有远程Shell、文件管理、桌面管理、消息发送等功能。
- [**90**Star][4y] [Java] [zerothoughts/spring-jndi](https://github.com/zerothoughts/spring-jndi) Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
- [**90**Star][3y] [Py] [yehia-mamdouh/xssya](https://github.com/yehia-mamdouh/xssya) XSSYA (Cross Site Scripting Scanner & Vulnerability Confirmation)
- [**90**Star][20d] [C++] [wpo-foundation/win-shaper](https://github.com/wpo-foundation/win-shaper) Windows traffic-shaping packet filter
- [**90**Star][1m] [Py] [woj-ciech/kupa3](https://github.com/woj-ciech/kupa3) Tracking the trackers. Draw connections between scripts and domains on website.
- [**90**Star][24d] [wbierbower/awesome-physics](https://github.com/wbierbower/awesome-physics) A collaborative list of awesome software for exploring Physics concepts
- [**90**Star][23d] [Py] [wasiher/chrome_remote_interface_python](https://github.com/wasiher/chrome_remote_interface_python) Chrome Debugging Protocol interface for Python
- [**90**Star][6m] [CSS] [uvasrg/evademl](https://github.com/uvasrg/evademl) An evolutionary framework for evading machine learning-based malware classifiers.
- [**90**Star][13d] [Py] [uploadcare/pyuploadcare](https://github.com/uploadcare/pyuploadcare) Python library for uploadcare
- [**90**Star][2m] [C] [ufrisk/kaslrfinder](https://github.com/ufrisk/kaslrfinder) find where in memory the Windows 10 kernel and its drivers are loaded 
- [**90**Star][19d] [Py] [tlkh/prowler](https://github.com/tlkh/prowler) Distributed Network Vulnerability Scanner
- [**90**Star][14d] [tkmru/awesome-linux-rootkits](https://github.com/tkmru/awesome-linux-rootkits) Awesome Linux Rootkits
- [**90**Star][2m] [ActionScript] [timkurvers/as3-crypto](https://github.com/timkurvers/as3-crypto) Fork of Henri Torgemane's excellent as3 cryptography library
- [**90**Star][14d] [Py] [therook/nsshell](https://github.com/therook/nsshell) A DNS connectback shell executed by strings in payloads.txt
- [**90**Star][20d] [Go] [subfinder/goaltdns](https://github.com/subfinder/goaltdns) A permutation generation tool written in golang
- [**90**Star][9y] [Java] [securitycompass/androidlabs](https://github.com/securitycompass/androidlabs) Android security labs
- [**90**Star][2m] [C] [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844) 
- [**90**Star][1m] [Py] [regebro/pyroma](https://github.com/regebro/pyroma) Rate your Python packages package friendliness
- [**90**Star][4m] [Py] [rassec/yandi-scanner](https://github.com/rassec/yandi-scanner) Network Security Vulnerability Scanner
- [**90**Star][4m] [Rust] [ragnaroek/mithril](https://github.com/ragnaroek/mithril) Pure Rust Monero Miner
- [**90**Star][10m] [ObjC] [project-imas/app-password](https://github.com/project-imas/app-password) Custom iOS user authentication mechanism (password with security questions for self reset)
- [**90**Star][2m] [Shell] [primaryobjects/vpndemon](https://github.com/primaryobjects/vpndemon) Monitor a VPN connection on Linux and kill a process upon disconnect
- [**90**Star][2m] [Py] [peterpt/fuzzbunch](https://github.com/peterpt/fuzzbunch) Shadow Brokers NSA fuzzbunch tool leak . With windows auto instalation script
- [**90**Star][1y] [C++] [pelock/pelock-software-protection-and-licensing-sdk](https://github.com/pelock/pelock-software-protection-and-licensing-sdk) Software copy protection against cracking & reverse engineering with anti-cracking & anti-debugging techniques. Software license key system with time trial options.
- [**90**Star][4m] [Shell] [nullarray/netset](https://github.com/nullarray/netset) Operational Security utility and automator.
- [**90**Star][6m] [C] [nukem9/swissarmyknife](https://github.com/nukem9/swissarmyknife) x64dbg utility for linker map files, diff files, PEiD/IDA signatures, and code signature generation
- [**90**Star][2m] [C++] [nlitsme/idbutil](https://github.com/nlitsme/idbutil) extracting information from IDA databases
- [**90**Star][18d] [Py] [nightwatchcybersecurity/truegaze](https://github.com/nightwatchcybersecurity/truegaze) Static analysis tool for Android/iOS apps focusing on security issues outside the source code
- [**90**Star][1m] [Py] [necst/aamo](https://github.com/necst/aamo) Another Android Malware Obfuscator
- [**90**Star][10d] [Go] [moriyoshi/s3-sftp-proxy](https://github.com/moriyoshi/s3-sftp-proxy) An AWS S3 gateway proxying SFTP connections.
- [**90**Star][8m] [Py] [malshare/malshare-toolkit](https://github.com/malshare/malshare-toolkit) Set of tools for interacting with Malshare
- [**90**Star][2m] [Java] [magiczer0/fastjson-rce-exploit](https://github.com/magiczer0/fastjson-rce-exploit) exploit for fastjson remote code execution vulnerability
- [**90**Star][10d] [Go] [lzjluzijie/websocks](https://github.com/lzjluzijie/websocks) A secure proxy based on WebSocket. 一个基于 WebSocket 的代理工具
- [**90**Star][18d] [C++] [koemeet/rtti-obfuscator](https://github.com/koemeet/rtti-obfuscator) Obfuscates all RTTI (Run-time type information) inside a binary
- [**90**Star][28d] [PS] [kacperszurek/gpg_reaper](https://github.com/kacperszurek/gpg_reaper) 从gpg-agent缓存/内存中获取/窃取/恢复GPG私钥
- [**90**Star][1y] [Shell] [jseidl/multi-tor](https://github.com/jseidl/multi-tor) Shellscript opens multiple TOR instances
- [**90**Star][17d] [inodee/threathunting-spl](https://github.com/inodee/threathunting-spl) Splunk code (SPL) useful for serious threat hunters.
- [**90**Star][4m] [C] [grimm-co/notquite0dayfriday](https://github.com/grimm-co/notquite0dayfriday) This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
- [**90**Star][14d] [Py] [greenwolf/social_attacker](https://github.com/greenwolf/social_attacker) An Open Source Multi Site Automated Social Media Phishing Framework
- [**90**Star][11d] [grapheneos/platform_manifest](https://github.com/grapheneos/platform_manifest) Repo manifest for the GrapheneOS mobile privacy and security hardening project.
- [**90**Star][10d] [HTML] [google/rekall-profiles](https://github.com/google/rekall-profiles) Public Profile Repository for Rekall Memory Forensic.
- [**90**Star][2y] [PS] [gimini/noah](https://github.com/gimini/noah) an agentless open source Incident Response framework based on PowerShell
- [**90**Star][1m] [C] [friendlyarm/h3_lichee](https://github.com/friendlyarm/h3_lichee) BSP for FriendlyARM NanoPi H3
- [**90**Star][16d] [Py] [erforschr/bruteforce-http-auth](https://github.com/erforschr/bruteforce-http-auth) Bruteforce HTTP Authentication
- [**90**Star][2m] [Py] [endgameinc/eqllib](https://github.com/endgameinc/eqllib) 
- [**90**Star][3y] [C++] [egebalci/cminer](https://github.com/egebalci/cminer) Cminer is a tool for enumerating the code caves in PE files.
- [**90**Star][16d] [C] [dword1511/onewire-over-uart](https://github.com/dword1511/onewire-over-uart) Access Dallas 1-Wire bus on your PC via low-cost USB to UART bridge.
- [**90**Star][2m] [Go] [dutchcoders/ares](https://github.com/dutchcoders/ares) Phishing toolkit for red teams and pentesters.
- [**90**Star][3y] [Java] [dobin/burpsentinel](https://github.com/dobin/burpsentinel) GUI Burp Plugin to ease discovering of security holes in web applications
- [**90**Star][2y] [PS] [deepzec/win-portfwd](https://github.com/deepzec/win-portfwd) Powershell script to setup windows port forwarding using native netsh client
- [**90**Star][5y] [Py] [cubicalabs/idasynergy](https://github.com/cubicalabs/idasynergy) IDA Plugin with svn integerted
- [**90**Star][3y] [C#] [cubecoders/confuserex-reborn](https://github.com/cubecoders/confuserex-reborn) An open-source, free protector for .NET applications
- [**90**Star][14d] [ObjC] [cmackay/google-analytics-plugin](https://github.com/cmackay/google-analytics-plugin) Cordova Google Analytics Plugin for Android & iOS
- [**90**Star][4m] [C] [cgcl-codes/vuldeepecker](https://github.com/cgcl-codes/vuldeepecker) A Deep Learning-Based System for Vulnerability Detection
- [**90**Star][12d] [blockchainlabsnz/awesome-solidity](https://github.com/blockchainlabsnz/awesome-solidity) A curated list of awesome Solidity resources
- [**90**Star][5m] [JS] [beameio/beame-sdk](https://github.com/beameio/beame-sdk) HTTPS Server without a public/static IP. TLS Tunnels with decentralized credentials.
- [**90**Star][4m] [Py] [balika011/selfblow](https://github.com/balika011/selfblow) CVE‑2019‑5680
- [**90**Star][3y] [Py] [azizaltuntas/network-analysis-tools](https://github.com/azizaltuntas/network-analysis-tools) Pcap (capture file) Analysis Toolkit(v.1)
- [**90**Star][19d] [Py] [audreyr/binaryornot](https://github.com/audreyr/binaryornot) Ultra-lightweight pure Python package to check if a file is binary or text.
- [**90**Star][1y] [aprilahijriyan/w3brute](https://github.com/aprilahijriyan/w3brute) Automatic Web Application Brute Force Attack Tool
- [**90**Star][1m] [C++] [amrthabet/winsrdf](https://github.com/amrthabet/winsrdf) Security Research and Development Framework
- [**90**Star][14d] [Go] [alphasoc/nfr](https://github.com/alphasoc/nfr) A lightweight tool to score network traffic and flag anomalies
- [**90**Star][1m] [Py] [hackatnow/stretcher](https://github.com/hackatnow/stretcher) Tool designed to help identify open Elasticsearch servers that are exposing sensitive information
- [**90**Star][3m] [Py] [hackatnow/cromos](https://github.com/hackatnow/cromos) Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application.
- [**90**Star][9d] [Py] [0xffff0800/muddyc3v1.0.1-](https://github.com/0xffff0800/muddyc3v1.0.1-) This is the MuddyWater APT C3 v1.0.1 Source
- [**90**Star][1m] [C] [0xcpu/winaltsyscallhandler](https://github.com/0xcpu/winaltsyscallhandler) Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
- [**89**Star][9d] [JS] [snyk/vulncost](https://github.com/snyk/vulncost) Find security vulnerabilities in open source npm packages while you code
- [**89**Star][13d] [Shell] [thelinuxchoice/evilreg](https://github.com/thelinuxchoice/evilreg) Reverse shell using Windows Registry files (.reg)
- [**89**Star][1m] [JS] [lewis617/javascript-datastructures-algorithms](https://github.com/lewis617/javascript-datastructures-algorithms) JavaScript Data Structures and Algorithms in Chinese
- [**89**Star][2m] [Go] [buraksezer/gsocks5](https://github.com/buraksezer/gsocks5) Secure SOCKS5 server in Go
- [**89**Star][8m] [C#] [bertjohnson/opaquemail](https://github.com/bertjohnson/opaquemail) .NET email library and proxy supporting IMAP, POP3, and SMTP with S/MIME and PGP.
- [**89**Star][20d] [C++] [plapointe6/espmqttclient](https://github.com/plapointe6/espmqttclient) Wifi and MQTT handling for ESP8266 and ESP32
- [**89**Star][24d] [Dockerfile] [codesuki/ecs-nginx-proxy](https://github.com/codesuki/ecs-nginx-proxy) Reverse proxy for AWS ECS. Lets you address your docker containers by sub domain.
- [**89**Star][16d] [Java] [thelinuxchoice/droidtracker](https://github.com/thelinuxchoice/droidtracker) Script to generate an Android App to track location in real time
- [**89**Star][3m] [Py] [openai/neural-gpu](https://github.com/openai/neural-gpu) Code for the Neural GPU model originally described in "Neural GPUs Learn Algorithms"
- [**89**Star][2m] [JS] [seclab-ucr/tcp_exploit](https://github.com/seclab-ucr/tcp_exploit) Off-Path TCP Exploit: How Wireless Routers Can Jeopardize Your Secret
- [**89**Star][4m] [C++] [valvesoftware/steamvr_unreal_plugin](https://github.com/valvesoftware/steamvr_unreal_plugin) SteamVR Input Unreal Plugin - Documentation at:
- [**89**Star][5m] [Swift] [kjcracks/swift-dump](https://github.com/kjcracks/swift-dump) Generate readable Swift code from binaries
- [**89**Star][12d] [snoopysecurity/osce-prep](https://github.com/snoopysecurity/osce-prep) A list of freely available resources that can be used as a prerequisite before taking OSCE.
- [**89**Star][11d] [Py] [k8gege/scrun](https://github.com/k8gege/scrun) BypassAV ShellCode Loader (Cobaltstrike/Metasploit)
- [**89**Star][10d] [C++] [trailofbits/polytracker](https://github.com/trailofbits/polytracker) An LLVM-based instrumentation tool for universal taint analysis.
- [**89**Star][1y] [Py] [lopseg/jsdir](https://github.com/Lopseg/Jsdir) a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.
- [**89**Star][2m] [HTML] [illikainen/exploits](https://github.com/illikainen/exploits) 
- [**89**Star][4m] [PHP] [zendframework/zend-crypt](https://github.com/zendframework/zend-crypt) Cryptographic component from Zend Framework
- [**89**Star][1m] [C] [xpn/ssh-inject](https://github.com/xpn/ssh-inject) A ptrace POC by hooking SSH to reveal provided passwords
- [**89**Star][11d] [Py] [x56/airpyrt-tools](https://github.com/x56/airpyrt-tools) Python module and client for the AirPort device management interface
- [**89**Star][3m] [C] [waterslidelts/waterslide](https://github.com/waterslidelts/waterslide) WaterSlide is a streaming event-at-a-time architecture for processing metadata. It is designed to take in a set of streaming events from multiple sources, process them through a set of modules ("kids"), and return meaningful outputs.
- [**89**Star][2m] [Py] [wanjunzh/ssct](https://github.com/wanjunzh/ssct) A wrapper tool for shadowsocks to consistently bypass firewalls.
- [**89**Star][22d] [Go] [vpn-kill-switch/killswitch](https://github.com/vpn-kill-switch/killswitch) VPN kill switch for macOS
- [**89**Star][2y] [PS] [vletoux/spoolerscanner](https://github.com/vletoux/spoolerscanner) Check if MS-RPRN is remotely available with powershell/c#
- [**89**Star][5m] [uniking/dingding](https://github.com/uniking/dingding) 免root远程钉钉打卡，支持wifi和gps定位，仅支持android系统。本项目出于学习目的，仅用于学习玩耍,请于24小时后自行删除。xposed, crack,package,dingtalk,remote control
- [**89**Star][1y] [Dart] [undeadsec/socialfishmobile](https://github.com/undeadsec/socialfishmobile) 
- [**89**Star][17d] [Ruby] [travis-ci/packer-templates](https://github.com/travis-ci/packer-templates) Templates for Packer!
- [**89**Star][5y] [C++] [timchurches/mutated-mutables](https://github.com/timchurches/mutated-mutables) Various enhancements, experiments and outright hacks of Mutable instruments firmware code
- [**89**Star][6m] [Py] [thomaspatzke/wase](https://github.com/thomaspatzke/wase) The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
- [**89**Star][5m] [CSS] [sniperoj/jeopardy-dockerfiles](https://github.com/sniperoj/jeopardy-dockerfiles) 
- [**89**Star][14d] [PHP] [simplito/elliptic-php](https://github.com/simplito/elliptic-php) Fast, general Elliptic Curve Cryptography library. Supports curves used in Bitcoin, Ethereum and other cryptocurrencies (secp256k1, ed25519, ..)
- [**89**Star][2m] [Java] [silentsignal/burp-image-size](https://github.com/silentsignal/burp-image-size) Image size issues plugin for Burp Suite
- [**89**Star][2m] [Go] [seborama/govcr](https://github.com/seborama/govcr) HTTP mock for Golang: record and replay HTTP/HTTPS interactions for offline testing
- [**89**Star][10d] [Java] [schollz/find3-android-scanner](https://github.com/schollz/find3-android-scanner) An android app that scans Bluetooth and WiFi for FIND3
- [**89**Star][2y] [C#] [schillings/swordphish](https://github.com/schillings/swordphish) Schillings SwordPhish empowers organisations and engages its employees to establish the key component of any cyber security strategy: the Human Firewall.
- [**89**Star][4m] [JS] [sak32009/getdlcinfofromsteamdb](https://github.com/sak32009/getdlcinfofromsteamdb) It is a userscript able to extract all the information of the DLCs Games from SteamDB and are exported in various formats.
- [**89**Star][11m] [Java] [rub-nds/burpssoextension](https://github.com/rub-nds/burpssoextension) An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
- [**89**Star][17d] [Py] [rocky/python2-trepan](https://github.com/rocky/python2-trepan) A gdb-like Python 2.x Debugger in the Trepan family
- [**89**Star][26d] [Py] [rk700/attackrsa](https://github.com/rk700/attackrsa) An all-in-one tool including many common attacks against RSA problems in CTF.
- [**89**Star][5y] [C] [retme7/cve-2014-4322_poc](https://github.com/retme7/cve-2014-4322_poc) Gain privileges:system -> root,as a part of
- [**89**Star][1y] [PS] [realoriginal/reflectivepotato](https://github.com/realoriginal/reflectivepotato) MSFRottenPotato built as a Reflective DLL.
- [**89**Star][4m] [C] [pvvx/sdknowifi](https://github.com/pvvx/sdknowifi) ESP8266 Open SDK without WiFi (startup < 30 ms to complete the flash cache)
- [**89**Star][6m] [pouyadarabi/facebook_ssl_pinning](https://github.com/pouyadarabi/facebook_ssl_pinning) Bypassing SSL Pinning in Facebook Android App
- [**89**Star][9y] [poerschke/uniscan](https://github.com/poerschke/uniscan) Uniscan web vulnerability scanner
- [**89**Star][4m] [Rust] [pinkp4nther/erodir](https://github.com/pinkp4nther/erodir) A fast web directory/file enumeration tool written in Rust
- [**89**Star][3m] [C] [petermosmans/openssl](https://github.com/petermosmans/openssl) 'Extra featured' OpenSSL with ChaCha20 and Poly1305 support
- [**89**Star][4m] [Ruby] [pedrib/poc](https://github.com/pedrib/poc) 
- [**89**Star][6m] [JS] [particle-iot/spark-protocol](https://github.com/particle-iot/spark-protocol) Node.JS module for hosting direct encrypted CoAP socket connections
- [**89**Star][17d] [JS] [nowsecure/frida-trace](https://github.com/nowsecure/frida-trace) Trace APIs declaratively through Frida.
- [**89**Star][2m] [nongiach/awesome-cryptocurrency-security](https://github.com/nongiach/awesome-cryptocurrency-security) Awesome cryptocurrency security
- [**89**Star][4m] [nccgroup/onelogicalmyth_shell](https://github.com/nccgroup/onelogicalmyth_shell) A HTA shell to assist with breakout assessments.
- [**89**Star][1y] [Py] [nccgroup/blesuite](https://github.com/nccgroup/blesuite) BLESuite is a Python package that provides an easier way to test Bluetooth Low Energy (BLE) device
- [**89**Star][2y] [nanopool/claymore-xmr-miner](https://github.com/nanopool/claymore-xmr-miner) Claymore's CryptoNote GPU Miner
- [**89**Star][5y] [Py] [mothran/unicorn-decoder](https://github.com/mothran/unicorn-decoder) Simple shellcode decoder using unicorn-engine
- [**89**Star][5m] [Py] [maltelligence/maltelligence](https://github.com/maltelligence/maltelligence) a Malware/Threat Analyst Desktop
- [**89**Star][3y] [JS] [lovetingyuan/fq](https://github.com/lovetingyuan/fq) fq应用，基于nodejs和shadowsocks
- [**89**Star][1m] [PS] [kromerm/adflab](https://github.com/kromerm/adflab) Azure Data Factory hands-on lab, self-paced. Learn how to lift & shift SSIS packages to the Cloud with ADF. Build new ETL pipelines in ADF, transform data at scale, load Azure Data Warehouse data marts. Also walks through operationalizing ADF pipelines with scheduling and monitoring modules.
- [**89**Star][4m] [Py] [juniorn1003/faitagram](https://github.com/juniorn1003/faitagram) Welp, This failed. Go find another one.
- [**89**Star][19d] [Py] [jordan-wright/python-wireless-attacks](https://github.com/jordan-wright/python-wireless-attacks) Wireless Attacks in Python (Based on Blog Series)
- [**89**Star][5m] [C#] [jnqpblc/sharpspray](https://github.com/jnqpblc/sharpspray) SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike.
- [**89**Star][3y] [ObjC] [jamie72/ipapatch](https://github.com/jamie72/ipapatch) Patch iOS Apps, The Easy Way, Without Jailbreak.
- [**89**Star][6y] [Py] [iphelix/ida-patcher](https://github.com/iphelix/ida-patcher) a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's ability to patch binary files and memory.
- [**89**Star][3y] [PHP] [graniet/gshark-framework](https://github.com/graniet/gshark-framework) This framework can be perform web post exploitation, with this you can interact with multiple web backdoor and execute custom module, script.
- [**89**Star][14d] [JS] [ehmicky/test-each](https://github.com/ehmicky/test-each) 
- [**89**Star][10m] [Ruby] [digininja/rsmangler](https://github.com/digininja/rsmangler) RSMangler will take a wordlist and perform various manipulations on it similar to those done by John the Ripper with a few extras.
- [**89**Star][3y] [C] [danluu/malloc-tutorial](https://github.com/danluu/malloc-tutorial) A quick tutorial on how to implement malloc/free/calloc/realloc
- [**89**Star][3y] [PS] [danielbohannon/out-fincodedcommand](https://github.com/danielbohannon/out-fincodedcommand) POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's stdin command invocation capabilities
- [**89**Star][4m] [Go] [cogolabs/transcend](https://github.com/cogolabs/transcend) BeyondCorp-inspired Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
- [**89**Star][4y] [Py] [cognosec/secbee](https://github.com/cognosec/secbee) a ZigBee security testing tool developed
- [**89**Star][11d] [Py] [ciscodevnet/virlutils](https://github.com/ciscodevnet/virlutils) 
- [**89**Star][17d] [JS] [chichou/wiggle](https://github.com/chichou/wiggle) A self hosted executable binary metadata search engine
- [**89**Star][3y] [Py] [cheeky4n6monkey/4n6-scripts](https://github.com/cheeky4n6monkey/4n6-scripts) Forensic Scripts
- [**89**Star][20d] [Py] [bwesterb/py-seccure](https://github.com/bwesterb/py-seccure) SECCURE compatible Elliptic Curve cryptography in Python
- [**89**Star][1m] [HTML] [amolnaik4/bodhi](https://github.com/amolnaik4/bodhi) Bodhi - Client-side Vulnerability Playground
- [**89**Star][4m] [Py] [alset0326/peda-arm](https://github.com/alset0326/peda-arm) GDB plugin peda for arm
- [**89**Star][5m] [C++] [3gstudent/homework-of-c-language](https://github.com/3gstudent/homework-of-c-language) C/C++ code examples of my blog.
- [**89**Star][2y] [HTML] [0xcl/clang-cfi-bypass-techniques](https://github.com/0xcl/clang-cfi-bypass-techniques) 三种利用漏洞绕过Clang Control Flow Integrity (CFI)的技巧(应用于Chromium时)
- [**89**Star][5m] [Ruby] [0x09al/cve-2017-11882-metasploit](https://github.com/0x09al/cve-2017-11882-metasploit) This is a Metasploit module which exploits CVE-2017-11882 using the POC released here :
- [**88**Star][13d] [C++] [bruce30262/libprotobuf-mutator_fuzzing_learning](https://github.com/bruce30262/libprotobuf-mutator_fuzzing_learning) Learn how to combine libprotobuf-mutator with libfuzzer & AFL++
- [**88**Star][3m] [JS] [holochain/clutter](https://github.com/holochain/clutter) Fully distributed twitter built on holochain
- [**88**Star][2y] [Py] [laurivosandi/certidude](https://github.com/laurivosandi/certidude) Easy to use Certificate Authority web service for OpenVPN, StrongSwan and HTTPS
- [**88**Star][4m] [Smali] [d3vl/l3mon](https://github.com/d3vl/l3mon) L3MON - Remote Android Managment Suite
- [**88**Star][15d] [Java] [marianobarrios/tls-channel](https://github.com/marianobarrios/tls-channel) A Java library that implements a ByteChannel interface over SSLEngine, enabling easy-to-use (socket-like) TLS for Java applications.
- [**88**Star][3m] [Go] [beluganos/beluganos](https://github.com/beluganos/beluganos) The new network OS designed for white-box switches based on open API.
- [**88**Star][4m] [R] [lorenzwalthert/precommit](https://github.com/lorenzwalthert/precommit) pre-commit hooks for R projects
- [**88**Star][14d] [C++] [revsic/antidebugging](https://github.com/revsic/antidebugging) AntiDebugging sample sources written in C++
- [**88**Star][2m] [Go] [dawei101/tongsheclient.shadowsocks-go-ui](https://github.com/dawei101/tongsheclient.shadowsocks-go-ui) shadowsocks client for all desktop platform(mac osx/windows/linux) with golang
- [**88**Star][4m] [Py] [luxux/spider](https://github.com/luxux/spider) 简简单单spider
- [**88**Star][15d] [Go] [ring04h/s5.go](https://github.com/ring04h/s5.go) Socks5 proxy server by golang
- [**88**Star][14d] [JS] [thekingofduck/logontracer](https://github.com/thekingofduck/logontracer) Windows系统安全登录日志分析工具logonTracer汉化修正版
- [**88**Star][3y] [C++] [rootm0s/cheats](https://github.com/rootm0s/cheats) Source code of ring0/ring3 cheats in Counter-Strike Global Offensive.
- [**88**Star][25d] [ObjC] [hikariobfuscator/hanabi](https://github.com/hikariobfuscator/hanabi) Apple Clang Loader
- [**88**Star][16d] [C#] [0xfireball/modphuserex](https://github.com/0xfireball/modphuserex) A .NET protector supporting .NET Core forked from the discontinued ConfuserEx
- [**88**Star][2m] [Py] [justsoos/ss-ssr-v2ray-gadget](https://github.com/justsoos/ss-ssr-v2ray-gadget) merge, deduplicate, backup, convert and online benchmark tools set for shadowsocks/shadowsocksR, v2ray. by python3
- [**88**Star][1y] [C++] [nccgroup/dibf](https://github.com/nccgroup/DIBF) Windows NT ioctl bruteforcer and modular fuzzer
- [**88**Star][5m] [C#] [zawawawa/gatelessgatesharp](https://github.com/zawawawa/gatelessgatesharp) Gateless Gate Sharp is an user-friendly yet extremely powerful open-source multi-algorithm miner for Windows operating systems.
- [**88**Star][11d] [Py] [zaproxy/zap-api-python](https://github.com/zaproxy/zap-api-python) OWASP ZAP Python API
- [**88**Star][5m] [Py] [xfreed0m/katzkatz](https://github.com/xfreed0m/katzkatz) Python script to parse txt files containing Mimikatz output
- [**88**Star][5m] [C++] [xennygrimmato/data-structures-and-algorithms](https://github.com/xennygrimmato/data-structures-and-algorithms) A collection of some implementations of data structures and algorithms.
- [**88**Star][3y] [JS] [unrealakama/nightshade](https://github.com/unrealakama/nightshade) A simple capture the flag framework.
- [**88**Star][1m] [C] [tinysec/iathook](https://github.com/tinysec/iathook) windows kernelmode and usermode IAT hook
- [**88**Star][5m] [Logos] [thomasfinch/priorityhub](https://github.com/thomasfinch/priorityhub) Sorted notifications jailbreak tweak
- [**88**Star][8m] [Py] [si9int/acamar](https://github.com/si9int/acamar) A Python3 based single-file subdomain enumerator
- [**88**Star][23d] [shodan-labs/iotdb](https://github.com/shodan-labs/iotdb) Nmap scans of Internet of Things devices
- [**88**Star][18d] [Py] [securitystreak/security-scripts](https://github.com/securitystreak/security-scripts) A collection of public offensive and defensive security related scripts for InfoSec students.
- [**88**Star][2y] [Py] [se55i0n/awvs_nessus_scanner_api](https://github.com/se55i0n/awvs_nessus_scanner_api) 扫描器Awvs 11和Nessus 7 Api利用脚本
- [**88**Star][7y] [Py] [rjw57/hdcp-genkey](https://github.com/rjw57/hdcp-genkey) Generate HDCP source and sink keys from the leaked master key
- [**88**Star][3y] [PS] [re4lity/schtasks-backdoor](https://github.com/re4lity/schtasks-backdoor) Powershell 权限维持后门
- [**88**Star][29d] [HTML] [radareorg/r2con2018](https://github.com/radareorg/r2con2018) 
- [**88**Star][14d] [C] [pannzh/hidemyass](https://github.com/pannzh/hidemyass) A post-exploit tool that carefully clean *NIX access logs
- [**88**Star][1m] [Py] [omererdem/honeything](https://github.com/omererdem/honeything) TR-069 Honeypot
- [**88**Star][5y] [PS] [netspi/powershell-modules](https://github.com/netspi/powershell-modules) 
- [**88**Star][19d] [Py] [nccgroup/requests-racer](https://github.com/nccgroup/requests-racer) Small Python library that makes it easy to exploit race conditions in web apps with Requests.
- [**88**Star][15d] [Py] [naivenom/reversing-list](https://github.com/naivenom/reversing-list) Reversing list
- [**88**Star][25d] [JS] [mirkoschubert/gdpr-cli](https://github.com/mirkoschubert/gdpr-cli) A command line tool for checking your website for GDPR compliance.
- [**88**Star][2y] [Py] [mind0xp/frida-python-binding](https://github.com/mind0xp/frida-python-binding) Easy to use Frida python binding script
- [**88**Star][4m] [Py] [menkrep1337/xsscon](https://github.com/menkrep1337/xsscon) Simple XSS Scanner tool
- [**88**Star][16d] [JS] [mathiscode/password-leak](https://github.com/mathiscode/password-leak) A library to check for compromised passwords
- [**88**Star][5m] [C++] [marcandrysco/errol](https://github.com/marcandrysco/errol) Binary floating-point to decimal string conversion algorithm.
- [**88**Star][4m] [Py] [manulqwerty/evil-winrar-gen](https://github.com/manulqwerty/evil-winrar-gen) Generator of malicious Ace files for WinRAR < 5.70 beta 1
- [**88**Star][1y] [C++] [malwaretech/appcontainersandbox](https://github.com/malwaretech/appcontainersandbox) An example sandbox using AppContainer (Windows 8+)
- [**88**Star][12d] [Py] [maldroid/maldrolyzer](https://github.com/maldroid/maldrolyzer) Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)
- [**88**Star][9m] [m507/awae-preparation](https://github.com/m507/awae-preparation) This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.
- [**88**Star][2y] [C] [lloydlabs/windows-api-hashing](https://github.com/lloydlabs/windows-api-hashing) This is a simple example and explanation of obfuscating API resolution via hashing
- [**88**Star][4y] [Py] [laginimaineb/msm8974_exploit](https://github.com/laginimaineb/msm8974_exploit) Full TrustZone exploit for MSM8974
- [**88**Star][3m] [C] [laginimaineb/cve-2015-6639](https://github.com/laginimaineb/cve-2015-6639) QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)
- [**88**Star][25d] [Go] [kahlys/proxy](https://github.com/kahlys/proxy) A simple golang tcp proxy.
- [**88**Star][4m] [Jupyter Notebook] [k-vitali/malware-misc-re](https://github.com/k-vitali/malware-misc-re) Miscellaneous Malware RE
- [**88**Star][27d] [idapython/bin](https://github.com/idapython/bin) IDAPython binaries
- [**88**Star][2y] [Py] [hi-wenr0/mlcheckwebshell](https://github.com/hi-wenr0/mlcheckwebshell) 机器学习检测Webshell
- [**88**Star][6m] [Py] [hexhive/bopc](https://github.com/hexhive/bopc) Block Oriented Programming -- Compiler
- [**88**Star][3m] [hannob/tls-what-can-go-wrong](https://github.com/hannob/tls-what-can-go-wrong) TLS可能存在的问题
- [**88**Star][13d] [Dockerfile] [hackerhouse-opensource/cve-2018-10933](https://github.com/hackerhouse-opensource/cve-2018-10933) cve-2018-10933 libssh authentication bypass
- [**88**Star][11d] [JS] [greenbone/gsa](https://github.com/greenbone/gsa) Greenbone Security Assistant
- [**88**Star][18d] [gouveaheitor/awesome-biohacking](https://github.com/gouveaheitor/awesome-biohacking)  a awesome collection about Biohacking.
- [**88**Star][2m] [C++] [google/aff4](https://github.com/google/aff4) The Advanced Forensic File Format
- [**88**Star][14d] [C] [frangarcj/oclockvita](https://github.com/frangarcj/oclockvita) Simple Overclock Plugin for Taihen
- [**88**Star][21d] [Py] [foospidy/web-cve-tests](https://github.com/foospidy/web-cve-tests) A simple framework for sending test payloads for known web CVEs.
- [**88**Star][6m] [Shell] [firecracker-microvm/firecracker-demo](https://github.com/firecracker-microvm/firecracker-demo) A demo running 4000 Firecracker microVMs.
- [**88**Star][11d] [Go] [dsnet/udptunnel](https://github.com/dsnet/udptunnel) Daemon for creating a simple VPN over UDP.
- [**88**Star][1y] [Py] [dcsync/pycobalt](https://github.com/dcsync/pycobalt) Cobalt Strike API, Python版本
- [**88**Star][7y] [Py] [dc414/upnp-exploiter](https://github.com/dc414/upnp-exploiter) A Upnp exploitation tool.
- [**88**Star][2y] [Py] [dc3l1ne/weblogic-weakpassword-scnner](https://github.com/dc3l1ne/weblogic-weakpassword-scnner) 
- [**88**Star][2y] [Java] [cunninglogic/dumlracer](https://github.com/cunninglogic/dumlracer) Root Exploit for DJI Drones and Controllers (up to and including v01.04.0200)
- [**88**Star][1m] [JS] [contentacms/contentajs](https://github.com/contentacms/contentajs) A nodejs server that proxies to Contenta CMS and holds custom code.
- [**88**Star][11d] [Java] [commoncrawl/news-crawl](https://github.com/commoncrawl/news-crawl) News crawling with Storm-crawler - stores content as WARC
- [**88**Star][8m] [PS] [clr2of8/slackextract](https://github.com/clr2of8/slackextract) A PowerShell script to download all files, messages and user profiles that a user has access to in slack.
- [**88**Star][5m] [Py] [clirimemini/keye](https://github.com/clirimemini/keye) Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
- [**88**Star][6y] [C] [chokepoint/crypthook](https://github.com/chokepoint/crypthook) TCP/UDP symmetric encryption tunnel wrapper
- [**88**Star][2y] [chihebchebbi/internet-of-things-pentesting-framework](https://github.com/chihebchebbi/internet-of-things-pentesting-framework) 
- [**88**Star][22d] [Ruby] [chef-cookbooks/firewall](https://github.com/chef-cookbooks/firewall) Development repository for generic firewall cookbook
- [**88**Star][4m] [Py] [bsmali4/sicklepoc](https://github.com/bsmali4/sicklepoc) 
- [**88**Star][2m] [Py] [brutemap-dev/brutemap](https://github.com/brutemap-dev/brutemap) Let's find someone's account
- [**88**Star][5m] [Py] [boy-hack/pythonwebhack](https://github.com/boy-hack/pythonwebhack) 用python实现的web框架建立的在线渗透平台
- [**88**Star][3y] [C#] [basic4/widucky](https://github.com/basic4/widucky) WiFi Enabled USB Rubber Ducky
- [**88**Star][3y] [ObjC] [bahome/batouchid](https://github.com/bahome/batouchid) git 最全面的支付宝 指纹解锁 和 手势解锁 封装以及逻辑处理！
- [**88**Star][12d] [C++] [arashpartow/proxy](https://github.com/arashpartow/proxy) C++ TCP Proxy Server
- [**88**Star][4m] [Py] [alexpark07/armscgen](https://github.com/alexpark07/armscgen) ARM Shellcode Generator
- [**88**Star][7m] [C++] [adalenv/cve-2019-0708-tool](https://github.com/adalenv/cve-2019-0708-tool) A social experiment
- [**88**Star][6y] [Py] [adafruit/freqshow](https://github.com/adafruit/freqshow) Raspberry Pi & PiTFT-based RTL-SDR frequency scanning and display tool.
- [**87**Star][12d] [Dockerfile] [avasdream/pentesting-dockerfiles](https://github.com/avasdream/pentesting-dockerfiles) Pentesting/Bugbounty Dockerfiles.
- [**87**Star][29d] [Py] [miyagi1024/exgdb](https://github.com/miyagi1024/exgdb) Extension for GDB
- [**87**Star][3m] [Py] [yt1g3r/cve-2020-0688_exp](https://github.com/yt1g3r/cve-2020-0688_exp) CVE-2020-0688_EXP Auto trigger payload & encrypt method
- [**87**Star][2y] [Java] [yuger/vpn2018](https://github.com/yuger/vpn2018) One Click VPN for Android. 一键连接VPN Android 专用.
- [**87**Star][3m] [Kotlin] [npryce/snodge](https://github.com/npryce/snodge) Randomly mutate JSON, XML, HTML forms, text and binary data for fuzz testing
- [**87**Star][13d] [C] [snawoot/hisilicon-dvr-telnet](https://github.com/snawoot/hisilicon-dvr-telnet) PoC materials for article
- [**87**Star][4m] [Py] [obsidianforensics/unfurl](https://github.com/obsidianforensics/unfurl) Extract and Visualize Data from URLs using Unfurl
- [**87**Star][3y] [Py] [inconvergent/fracture](https://github.com/inconvergent/fracture) generative algorithm
- [**87**Star][12d] [Py] [strongbugman/ant_nest](https://github.com/strongbugman/ant_nest) Simple, clear and fast Web Crawler framework build on python3.6+, powered by asyncio.
- [**87**Star][22d] [C++] [itm4n/cdpsvcdllhijacking](https://github.com/itm4n/cdpsvcdllhijacking) Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM
- [**87**Star][1m] [Go] [empathyco/aws-vpn](https://github.com/empathyco/aws-vpn) Serverless OpenVPN Certificate Authority running on AWS
- [**87**Star][2m] [Swift] [antonthedev/extendable](https://github.com/antonthedev/extendable) Blocks Based Bluetooth LE Connectivity framework for iOS/watchOS/tvOS/OSX. Quickly configure centrals & peripherals, perform read/write operations, and respond characteristic updates.
- [**87**Star][27d] [Shell] [01rabbit/pakuri](https://github.com/01rabbit/pakuri) Penetration test Achieve Knowledge Unite Rapid Interface
- [**87**Star][8d] [Py] [jas502n/cve-2019-12409](https://github.com/jas502n/cve-2019-12409) Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")
- [**87**Star][16d] [k8gege/aggressor](https://github.com/k8gege/aggressor) Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force
- [**87**Star][24d] [Py] [lanjelot/albatar](https://github.com/lanjelot/albatar) Albatar is a SQLi exploitation framework in Python
- [**87**Star][1m] [C] [chroblert/domainweakpasswdcheck](https://github.com/chroblert/domainweakpasswdcheck) 内网安全·域账号弱口令审计
- [**87**Star][16d] [k8gege/aggressor](https://github.com/k8gege/Aggressor) Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force
- [**87**Star][10d] [Py] [p1g3/jsinfo-scan](https://github.com/p1g3/jsinfo-scan) 递归式寻找域名和api。
- [**87**Star][11d] [Go] [aau-network-security/haaukins](https://github.com/aau-network-security/haaukins) A Highly Accessible and Automated Virtualization Platform for Security Education
- [**87**Star][1m] [Py] [facert/ziroom_realtime_spider](https://github.com/facert/ziroom_realtime_spider) 自如实时房源提醒
- [**87**Star][1m] [JS] [rockdai/haixiu](https://github.com/rockdai/haixiu) 豆瓣害羞组爬虫
- [**87**Star][10m] [Py] [aanarchyy/wifite-mod-pixiewps](https://github.com/aanarchyy/wifite-mod-pixiewps) 
- [**87**Star][13d] [Py] [abss0x7tbh/bass](https://github.com/abss0x7tbh/bass) Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
- [**87**Star][4y] [JS] [nsacyber/locklevel](https://github.com/nsacyber/LOCKLEVEL) A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
- [**87**Star][15d] [Py] [aoncyberlabs/ssh-weak-dh](https://github.com/AonCyberLabs/SSH-Weak-DH) 
- [**87**Star][10d] [Py] [helpsystems/wiwo](https://github.com/helpsystems/wiwo) wiwo is a distributed 802.11 monitoring and injecting system that was designed to be simple and scalable, in which all workers (nodes) can be managed by a Python framework.
- [**87**Star][23d] [JS] [polymathnetwork/polymath-token](https://github.com/PolymathNetwork/polymath-token) Ethereum contracts for the official Polymath token (POLY) and token distribution
- [**87**Star][22d] [C++] [zcash-hackworks/pay-to-sudoku](https://github.com/zcash-hackworks/pay-to-sudoku) Pay for the solution to a sudoku puzzle with a zero-knowledge contingent payment
- [**87**Star][1m] [Py] [stevenseeley/heaper](https://github.com/stevenseeley/heaper) heaper, an advanced heap analysis plugin for Immunity Debugger
- [**87**Star][20d] [JS] [dmarcos/aframe-motion-capture-components](https://github.com/dmarcos/aframe-motion-capture-components) Capture entity motions and replay them on other entities
- [**87**Star][3m] [Py] [zmap/ztag](https://github.com/zmap/ztag) Tagging and annotation framework for scan data
- [**87**Star][2y] [C#] [zacbrown/powerkrabsetw](https://github.com/zacbrown/powerkrabsetw) PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
- [**87**Star][2m] [JS] [yosuke-furukawa/httpstat](https://github.com/yosuke-furukawa/httpstat) httpstat node implementation
- [**87**Star][20d] [Py] [wez3/msfenum](https://github.com/wez3/msfenum) 在特定目标集上自动运行多个 Metasploit auxiliary 模块
- [**87**Star][2m] [Py] [ucsb-seclab/baredroid](https://github.com/ucsb-seclab/baredroid) bare-metal analysis on Android devices
- [**87**Star][14d] [Rust] [trailofbits/molasses](https://github.com/trailofbits/molasses) A Rust implementation of the Message Layer Security group messaging protocol
- [**87**Star][11d] [Py] [tozny/rancher-lets-encrypt](https://github.com/tozny/rancher-lets-encrypt) Automatically create and manage certificates in Rancher using Let's Encrypt webroot verification via a minimal service
- [**87**Star][4m] [C] [tedsluis/dump1090](https://github.com/tedsluis/dump1090) Dump1090 is a simple Mode S decoder for RTLSDR devices
- [**87**Star][1m] [C] [stealth/troubleshooter](https://github.com/stealth/troubleshooter) setroubleshootd xSports
- [**87**Star][5y] [Py] [sogeti-esec-lab/lkd](https://github.com/sogeti-esec-lab/lkd) Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll
- [**87**Star][4m] [C] [skgleba/itls-enso](https://github.com/skgleba/itls-enso) Adds TLS v1.2 to Enso enabled devices
- [**87**Star][6y] [C] [shjalayeri/drivecrypt](https://github.com/shjalayeri/drivecrypt) DriveCrypt Dcr.sys vulnerability exploit
- [**87**Star][25d] [Py] [ryanohoro/csbruter](https://github.com/ryanohoro/csbruter) Cobalt Strike team server password brute force tool
- [**87**Star][5y] [C++] [piscou/fuzzwin](https://github.com/piscou/fuzzwin) 
- [**87**Star][4m] [Py] [piranhalysis/pirogue](https://github.com/piranhalysis/pirogue) PiRogue is a small device meant to ease network interception and analysis.
- [**87**Star][17d] [Py] [palkeo/pakala](https://github.com/palkeo/pakala) Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine
- [**87**Star][4m] [C#] [padovah4ck/psbypassclm](https://github.com/padovah4ck/psbypassclm) Bypass for PowerShell Constrained Language Mode
- [**87**Star][2y] [Py] [oalabs/findyara](https://github.com/oalabs/findyara) IDA python plugin to scan your binary with yara rules
- [**87**Star][14d] [C] [neural75/gqrx-scanner](https://github.com/neural75/gqrx-scanner) A frequency scanner for Gqrx Software Defined Radio receiver
- [**87**Star][10d] [netstalking-core/netstalking-catalogue](https://github.com/netstalking-core/netstalking-catalogue) Каталог нетсталкерских ресурсов, команд, инструментов, источников контента.
- [**87**Star][4m] [Py] [scitime/scitime](https://github.com/scitime/scitime) Training time estimation for scikit-learn algorithms
- [**87**Star][6y] [Ruby] [moosedojo/praedasploit](https://github.com/moosedojo/praedasploit) 
- [**87**Star][8m] [JS] [mitchmoser/sputnik](https://github.com/mitchmoser/sputnik) Open Source Intelligence Browser Extension
- [**87**Star][5m] [Py] [misterch0c/githubleakalert](https://github.com/misterch0c/githubleakalert) 
- [**87**Star][5y] [Java] [mauro-g/snuck](https://github.com/mauro-g/snuck) Automatic XSS filter bypass
- [**87**Star][4m] [C] [marcusbotacin/branchmonitoringproject](https://github.com/marcusbotacin/branchmonitoringproject) A branch-monitor-based solution for process monitoring.
- [**87**Star][2y] [C++] [jiaoxianjun/gnss-gps-sdr](https://github.com/jiaoxianjun/gnss-gps-sdr) Some efferts on GPS replay, receive and test.
- [**87**Star][4m] [TS] [jedisct1/wasm-crypto](https://github.com/jedisct1/wasm-crypto) A WebAssembly (via AssemblyScript) set of cryptographic primitives for building authentication and key exchange protocols.
- [**87**Star][24d] [Py] [januzellij/hopperscripts](https://github.com/januzellij/hopperscripts) Collection of scripts I use in the Hopper disassembler
- [**87**Star][5m] [Shell] [jakewharton/dalvik-dx](https://github.com/jakewharton/dalvik-dx) A standalone packaging of AOSP's platform/dalvik dx library.
- [**87**Star][12d] [Py] [imiyoo2010/teye_scanner_for_book](https://github.com/imiyoo2010/teye_scanner_for_book) 《白帽子讲Web扫描》书籍参考代码
- [**87**Star][2m] [Py] [idanr1986/cuckoodroid-2.0](https://github.com/idanr1986/cuckoodroid-2.0) Automated Android Malware Analysis with Cuckoo Sandbox.
- [**87**Star][8y] [Py] [iamultra/ssrfsocks](https://github.com/iamultra/ssrfsocks) Creates a SOCK proxy server that transmits data over an SSRF vulnerability
- [**87**Star][2m] [C] [hvqzao/foolavc](https://github.com/hvqzao/foolavc) foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
- [**87**Star][13d] [Go] [go-httpproxy/httpproxy](https://github.com/go-httpproxy/httpproxy) Go HTTP proxy server library
- [**87**Star][8y] [Py] [globaleaks/globaleaks-0.1](https://github.com/globaleaks/globaleaks-0.1) Initial prototype of the GlobaLeaks application, now superseaded.
- [**87**Star][5y] [Go] [filosottile/berserk](https://github.com/filosottile/berserk) A Go implementation of the BERserk attack against Mozilla NSS ASN.1 parsing of PKCS#1 RSA signatures with e = 3. Complete of a certificate generation tool, works with CAs in the trust store.
- [**87**Star][4y] [exp-sky/hitcon-2016-windows-10-x64-edge-0day-and-exploit](https://github.com/exp-sky/hitcon-2016-windows-10-x64-edge-0day-and-exploit) HitCon 2016 Windows 10 x64 edge 0day and exploit
- [**87**Star][2y] [Ruby] [enjoiz/bsqlinjector](https://github.com/enjoiz/bsqlinjector) Blind SQL injection exploitation tool written in ruby.
- [**87**Star][3m] [C] [electrojustin/triad-decompiler](https://github.com/electrojustin/triad-decompiler) TRiad Is A Decompiler. Triad is a tiny, free and open source, Capstone based x86 decompiler for ELF binaries.
- [**87**Star][4m] [dwizzzle/presentations](https://github.com/dwizzzle/presentations) A repository of my presentations
- [**87**Star][1m] [C++] [djhohnstein/processreimaging](https://github.com/djhohnstein/processreimaging) Process reimaging proof of concept code
- [**87**Star][5m] [Scala] [criteo/lolhttp](https://github.com/criteo/lolhttp) An HTTP Server and Client library for Scala.
- [**87**Star][2m] [C] [countercept/doublepulsar-usermode-injector](https://github.com/countercept/doublepulsar-usermode-injector) A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use in testing detection techniques or other security research.
- [**87**Star][3m] [cneill/appsec-resources](https://github.com/cneill/appsec-resources) Resources for developers and security engineers to learn the ropes of application security
- [**87**Star][3y] [Py] [claudioviviani/wordbrutepress](https://github.com/claudioviviani/wordbrutepress) Wordpress Brute Force Multithreading with standard and xml-rpc login
- [**87**Star][4m] [C++] [c3d/elfe](https://github.com/c3d/elfe) Extensible Language for Everyday
- [**87**Star][3y] [bones-codes/bombs](https://github.com/bones-codes/bombs) A few files for decompression bomb testing –––
- [**87**Star][4m] [C++] [basketwill/sysmon_reverse](https://github.com/basketwill/sysmon_reverse) 
- [**87**Star][15d] [Py] [austin-taylor/bluewall](https://github.com/austin-taylor/bluewall) Bluewall is a firewall framework designed for offensive and defensive cyber professionals.
- [**87**Star][14d] [HTML] [anquanquantao/pentraining](https://github.com/anquanquantao/pentraining) 一个网络安全基础知识的教程。内容比较杂，好在都是实验视频和工具提供，可以自行动手完成实验。
- [**87**Star][2m] [Shell] [anexia-it/winshock-test](https://github.com/anexia-it/winshock-test) Bash script that tests if a system is Winshock (MS14-066) vulnerable
- [**87**Star][2y] [Py] [andresriancho/jwt-fuzzer](https://github.com/andresriancho/jwt-fuzzer) JWT fuzzer
- [**87**Star][6m] [Py] [abarker/pdfcropmargins](https://github.com/abarker/pdfcropmargins) pdfCropMargins -- a program to crop the margins of PDF files
- [**87**Star][3y] [Py] [1n3/httpoxyscan](https://github.com/1n3/httpoxyscan) HTTPoxy Exploit Scanner by 1N3 @CrowdShield
- [**87**Star][2y] [Go] [003random/getjs](https://github.com/003random/getjs) A tool to fastly get all javascript sources/files
- [**86**Star][17d] [Py] [xelzmm/proxy_server_crawler](https://github.com/xelzmm/proxy_server_crawler) an awesome public proxy server crawler based on scrapy framework
- [**86**Star][14d] [Elixir] [tsurupin/job_search](https://github.com/tsurupin/job_search) An app to search startup jobs scraped from websites written in Elixir, Phoenix, React and styled-components.
- [**86**Star][1m] [JS] [jaxqin/electron-spider-jinshuju](https://github.com/jaxqin/electron-spider-jinshuju) nodejs爬取金数据表格，进行下载，封装到electron，提供可视化界面，方便用户操作
- [**86**Star][10d] [TS] [openzim/mwoffliner](https://github.com/openzim/mwoffliner) Scrape any online Mediawiki motorised wiki (like Wikipedia) to your local filesystem
- [**86**Star][27d] [JS] [chxj1992/shadowsocks-manager-docker](https://github.com/chxj1992/shadowsocks-manager-docker) 这是一个基于 shadowsocks-manager webui 插件开发的shadowsocks账号售卖网站的Docker镜像
- [**86**Star][1m] [C] [mr-un1k0d3r/maliciousdllgenerator](https://github.com/mr-un1k0d3r/maliciousdllgenerator) DLL Generator for side loading attack
- [**86**Star][10d] [Ruby] [shopify/toxiproxy-ruby](https://github.com/shopify/toxiproxy-ruby) A ruby api for Toxiproxy that can be used for resiliency testing.
- [**86**Star][4m] [PS] [kmkz/powershell](https://github.com/kmkz/powershell) Some .ps1 scripts for pentesting
- [**86**Star][4m] [C++] [project-artist/artist](https://github.com/project-artist/artist) ARTist's core implementation meant to be included in the art project. Provides ARTist APIs and boilerplate code for modules.
- [**86**Star][11m] [Shell] [zerobyte-id-bak/bashter](https://github.com/zerobyte-id-bak/Bashter) Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
- [**86**Star][7m] [Shell] [devploit/put2win](https://github.com/devploit/put2win) Script to automate PUT HTTP method exploitation to get shell
- [**86**Star][2y] [Go] [rancher/lb-controller](https://github.com/rancher/lb-controller) Load Balancer for Rancher services via ingress controllers backed up by a Load Balancer provider of choice
- [**86**Star][4m] [Py] [openpreserve/fido](https://github.com/openpreserve/fido) Format Identification for Digital Objects (FIDO) is a Python command-line tool to identify the file formats of digital objects. It is designed for simple integration into automated work-flows.
- [**86**Star][16d] [Py] [zznop/bnida](https://github.com/zznop/bnida) Suite of plugins that provide the ability to transfer analysis data between Binary Ninja and IDA
    - [ida_export](https://github.com/zznop/bnida/blob/master/ida/ida_export.py) 将数据从IDA中导入
    - [ida_import](https://github.com/zznop/bnida/blob/master/ida/ida_import.py) 将数据导入到IDA
    - [binja_export](https://github.com/zznop/bnida/blob/master/binja_export.py) 将数据从BinaryNinja中导出
    - [binja_import](https://github.com/zznop/bnida/blob/master/binja_import.py) 将数据导入到BinaryNinja
- [**86**Star][3y] [C] [zerosum0x0/threadcontinue](https://github.com/zerosum0x0/threadcontinue) Reflective DLL injection using SetThreadContext() and NtContinue()
- [**86**Star][3y] [PS] [winscripting/uac-bypass](https://github.com/winscripting/uac-bypass) 
- [**86**Star][21d] [Go] [whyrusleeping/zmsg](https://github.com/whyrusleeping/zmsg) A small program for sending messages via zcash encrypted memo fields
- [**86**Star][21d] [C++] [watersalesman/aura-botnet](https://github.com/watersalesman/aura-botnet) A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
- [**86**Star][2y] [JS] [vspandan/ifuzzer](https://github.com/vspandan/ifuzzer) 
- [**86**Star][5y] [Visual Basic .NET] [vozzie/uacscript](https://github.com/vozzie/uacscript) Windows 7 UAC Bypass Vulnerability in the Windows Script Host
- [**86**Star][2y] [Py] [undeadsec/idisagree](https://github.com/undeadsec/idisagree) Control remote computers using discord bot and python 3.
- [**86**Star][12d] [Py] [turr0n/firebase](https://github.com/turr0n/firebase) Exploiting misconfigured firebase databases
- [**86**Star][1m] [PHP] [tuhinshubhra/shellstack](https://github.com/tuhinshubhra/shellstack) A PHP Based Tool That Helps You To Manage All Your Backdoored Websites Efficiently.
- [**86**Star][3m] [tonyphipps/siem](https://github.com/tonyphipps/siem) SIEM Tactics, Techiques, and Procedures
- [**86**Star][3m] [Java] [thomascannon/android-sms-spoof](https://github.com/thomascannon/android-sms-spoof) PoC app which takes advantage of Android's SmsReceiverService being exported to fake an incoming SMS with no permissions.
- [**86**Star][3y] [Swift] [tendigi/xmrminer](https://github.com/tendigi/xmrminer) An embeddable Monero miner written in Swift.
- [**86**Star][5y] [Py] [techbliss/frida_for_ida_pro](https://github.com/techbliss/frida_for_ida_pro) plugin for ida pro thar uses the Frida api
- [**86**Star][2m] [Py] [t-s-a/smbspider](https://github.com/t-s-a/smbspider) SMB Spider is a lightweight python utility for searching SMB/CIFS/Samba file shares. While performing a penetration test, the need to search hundreds of hosts for sensitive password files resulted in this project.
- [**86**Star][2m] [Java] [sysdream/fino](https://github.com/sysdream/fino) Android small footprint inspection tool
- [**86**Star][22d] [C] [stef/libsphinx](https://github.com/stef/libsphinx) Sphinx-based Password Storage and OPAQUE low-level library
- [**86**Star][2y] [Py] [silascutler/lnkparse](https://github.com/silascutler/lnkparse) Windows Shortcut file (LNK) parser
- [**86**Star][3y] [ObjC] [siguza/phoenixnonce](https://github.com/siguza/phoenixnonce) 64-bit nonce setter for iOS 9.3.4-9.3.5
- [**86**Star][2m] [shjalayeri/sysret](https://github.com/shjalayeri/sysret) Windows Kernel Intel x64 SYSRET Vulnerability Exploit
- [**86**Star][4m] [C] [scriptingxss/iotgoat](https://github.com/scriptingxss/iotgoat) IoTGoat is a deliberately insecure firmware based on OpenWrt.
- [**86**Star][9m] [Py] [safebreach-labs/bitsinject](https://github.com/safebreach-labs/bitsinject) A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as the NT AUTHORITY/SYSTEM account
- [**86**Star][5y] [PHP] [rickgray/bypass-php-gd-process-to-rce](https://github.com/rickgray/bypass-php-gd-process-to-rce) Reference:
- [**86**Star][2y] [Go] [random-robbie/aws-scanner](https://github.com/random-robbie/aws-scanner) Scans a list of websites for Cloudfront or S3 Buckets
- [**86**Star][12d] [Py] [r3nt0n/bopscrk](https://github.com/r3nt0n/bopscrk) A tool to generate smart and powerful wordlists
- [**86**Star][2y] [Py] [pyn3rd/cve-2018-3191](https://github.com/pyn3rd/cve-2018-3191) CVE-2018-3191-PoC
- [**86**Star][4m] [Java] [pwntester/dupekeyinjector](https://github.com/pwntester/dupekeyinjector) DupeKeyInjector
- [**86**Star][1y] [Py] [purduepaml/trojannn](https://github.com/purduepaml/trojannn) Trojan Attack on Neural Network
- [**86**Star][17d] [Py] [ptresearch/mmdetect](https://github.com/ptresearch/mmdetect) Intel ME Manufacturing Mode Detection Tools
- [**86**Star][2y] [Jupyter Notebook] [poteman/alibaba-3rd-security-algorithm-challenge](https://github.com/poteman/alibaba-3rd-security-algorithm-challenge) 第三届阿里云安全算法挑战赛冠军代码
- [**86**Star][7m] [Py] [pgaref/http_request_randomizer](https://github.com/pgaref/http_request_randomizer) Proxying Python Requests
- [**86**Star][4m] [JS] [peehaa/mailgrab](https://github.com/peehaa/mailgrab) Simple and easy to use catch-all SMTP mail server and debugging tool
- [**86**Star][10d] [Py] [owasp/threat-model-cookbook](https://github.com/owasp/threat-model-cookbook) This project is about creating and publishing threat model examples.
- [**86**Star][18d] [C#] [outflanknl/net-gpppassword](https://github.com/outflanknl/net-gpppassword) .NET implementation of Get-GPPPassword. Retrieves the plaintext password and other information for accounts pushed through Group Policy Preferences.
- [**86**Star][1m] [C] [oblique/wificurse](https://github.com/oblique/wificurse) WiFi Jamming tool
- [**86**Star][5y] [C] [nyx0/rovnix](https://github.com/nyx0/rovnix) Rovnix Bootkit
- [**86**Star][1y] [Py] [nullarray/mimir](https://github.com/nullarray/mimir) OSINT Threat Intel Interface - CLI for HoneyDB
- [**86**Star][2m] [C] [nowsecure/dirtycow](https://github.com/nowsecure/dirtycow) radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
- [**86**Star][1m] [Py] [nlitsme/pyidbutil](https://github.com/nlitsme/pyidbutil) extracting information from IDA databases
- [**86**Star][15d] [Go] [netxfly/x-proxy](https://github.com/netxfly/x-proxy) honeypot proxy
- [**86**Star][7m] [JS] [mlgualtieri/css-exfil-protection](https://github.com/mlgualtieri/css-exfil-protection) Official repository for the CSS Exfil Protection browser extensions.
- [**86**Star][11d] [Dockerfile] [mko-x/docker-clamav](https://github.com/mko-x/docker-clamav) Dockerized open source antivirus for use with file sharing containers, REST API or TCP.
- [**86**Star][3y] [Ruby] [mavproxyuser/p0vsredherring](https://github.com/mavproxyuser/p0vsredherring) "Luckily, there are underground 0day exploits for FTPD for path traversal." #FakeNews #DotDotWontPwn
- [**86**Star][4m] [Py] [leoid/matchandreplace](https://github.com/leoid/matchandreplace) Match and Replace script used to automatically generate JSON option file to BurpSuite
- [**86**Star][4m] [Py] [laconicwolf/nmap-scan-to-csv](https://github.com/laconicwolf/nmap-scan-to-csv) Converts Nmap XML output to csv file, and other useful functions
- [**86**Star][6m] [PHP] [klaubert/waf-fle](https://github.com/klaubert/waf-fle) WAF-FLE, ModSecurity Console
- [**86**Star][2m] [Makefile] [kingsquare/docker-tunnel](https://github.com/kingsquare/docker-tunnel) a (simple) dockerized ssh tunnel
- [**86**Star][2m] [justinsteven/advisories](https://github.com/justinsteven/advisories) 
- [**86**Star][24d] [jeanlouisferey/aws-securitygroup-grapher](https://github.com/jeanlouisferey/aws-securitygroup-grapher) This ansible role gets information from an AWS VPC and generate a graphical representation of security groups
- [**86**Star][10d] [PHP] [irelance/jsc-decompile-mozjs-34](https://github.com/irelance/jsc-decompile-mozjs-34) A javascript bytecode decoder for mozilla spider-monkey version 34. May decompile jsc file compile by cocos-2dx
- [**86**Star][11d] [Py] [ionelmc/python-aspectlib](https://github.com/ionelmc/python-aspectlib) An aspect-oriented programming, monkey-patch and decorators library. It is useful when changing behavior in existing code is desired. It includes tools for debugging and testing: simple mock/record and a complete capture/replay framework.
- [**86**Star][21d] [Java] [i2p/i2p.i2p-bote](https://github.com/i2p/i2p.i2p-bote) I2P-Bote is a serverless, encrypted e-mail application.
- [**86**Star][5m] [Py] [haotianteng/chiron](https://github.com/haotianteng/chiron) A basecaller for Oxford Nanopore Technologies' sequencers
- [**86**Star][1m] [Go] [grantseltzer/karn](https://github.com/grantseltzer/karn) Simplifying Seccomp enforcement in containerized or non-containerized apps
- [**86**Star][6m] [JS] [glamrock/cupcake](https://github.com/glamrock/cupcake) Create new pathways into Tor
- [**86**Star][1m] [geerlingguy/ansible-role-haproxy](https://github.com/geerlingguy/ansible-role-haproxy) Ansible Role - HAProxy
- [**86**Star][9m] [Py] [findneo/rsa-attack](https://github.com/findneo/rsa-attack) RSA加密应用常见缺陷的原理与实践
- [**86**Star][15d] [Shell] [f5networks/f5-aws-cloudformation](https://github.com/f5networks/f5-aws-cloudformation) CloudFormation Templates for quickly deploying BIG-IP services in Amazon Web Services EC2
- [**86**Star][3y] [Py] [davexpro/pochunter](https://github.com/davexpro/pochunter) 一个适配器模块，用于调用市面上流行的PoC框架(Beebeeto/PocSuite/TangScan/KsPoc)下的PoC.
- [**86**Star][5m] [Java] [col-e/jremapper](https://github.com/col-e/jremapper) Remapping tool for compiled java programs.
- [**86**Star][5m] [C++] [codersforlife/data-structures-algorithms](https://github.com/codersforlife/data-structures-algorithms) Your personal library of every algorithm and data structure code that you will ever encounter
- [**86**Star][21d] [Go] [cloudflare/jgc-talks](https://github.com/cloudflare/jgc-talks) Code samples and data used in talk preparation by John Graham-Cumming
- [**86**Star][4m] [CSS] [cleverbao/webrange](https://github.com/cleverbao/webrange) 一个Web版的docker管理程序，可以用来运行各种docker漏洞环境和CTF环境。
- [**86**Star][14d] [C] [bytebandits/writeups](https://github.com/bytebandits/writeups) Wiki-like CTF write-ups repository by ByteBandits
- [**86**Star][11m] [Shell] [butteff/ubuntu-telemetry-free-privacy-secure](https://github.com/butteff/ubuntu-telemetry-free-privacy-secure) This Bash script just removes a pre-installed Telemetry, a pre-installed software and libs with some potentional or high risk. Script removes them to make your experience better and more secure. Also, the script installs an additional software for the protection. You will find more advices in Readme file about "what you can do more".
- [**86**Star][2m] [HTML] [bruceye777/cronmon](https://github.com/bruceye777/cronmon) 定时任务执行状态监控
- [**86**Star][1m] [C] [bluekezhou/binarywaf](https://github.com/bluekezhou/binarywaf) CTF线下赛流量记录工具
- [**86**Star][19d] [Py] [bannsec/autopwn](https://github.com/bannsec/autopwn) Automate repetitive tasks for fuzzing
- [**86**Star][4m] [C] [bagder/spindly](https://github.com/bagder/spindly) a portable C library for SPDY transport (DEAD project!)
- [**86**Star][2m] [Ruby] [argos83/ritm](https://github.com/argos83/ritm) Ruby In The Middle (HTTP/HTTPS interception proxy)
- [**86**Star][2y] [Ruby] [anbai-inc/attackfilter](https://github.com/anbai-inc/attackfilter) Logstash 日志安全攻击分析插件
- [**86**Star][3y] [aidanharris/free-security-ebooks-from-packtpub](https://github.com/aidanharris/free-security-ebooks-from-packtpub) Collection of free Security eBooks from Packt Publishing [Regularly Updated]
- [**86**Star][3y] [advanced-threat-research/efi-whitelist](https://github.com/advanced-threat-research/efi-whitelist)  information about known EFI executable binaries extracted from (U)EFI firmware update images gathered from platform vendors' web-sites.
- [**86**Star][12d] [Py] [aaronst/macholibre](https://github.com/aaronst/macholibre) Mach-O & Universal Binary Parser
- [**86**Star][3m] [Py] [401trg/detections](https://github.com/401trg/detections) This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
- [**85**Star][10d] [Py] [dariusztytko/token-reverser](https://github.com/dariusztytko/token-reverser) Words list generator to crack security tokens
- [**85**Star][13d] [may215/awesome-termux-hacking](https://github.com/may215/awesome-termux-hacking) 
- [**85**Star][3m] [Jupyter Notebook] [yiranjing/coronavirus-epidemic-2019-ncov](https://github.com/yiranjing/coronavirus-epidemic-2019-ncov) 👩🏻‍⚕️Covid-19 estimation and forecast using statistical model; 新型冠状病毒武汉肺炎统计模型预测
- [**85**Star][2m] [Py] [crabcamp/lexrank](https://github.com/crabcamp/lexrank) LexRank algorithm for text summarization
- [**85**Star][4m] [C] [zero-tang/noirvisor](https://github.com/zero-tang/noirvisor) Hardware-Accelerated Hypervisor solution with support to complex functions and purposes.
- [**85**Star][1m] [Kotlin] [jillesvangurp/geogeometry](https://github.com/jillesvangurp/geogeometry) GeoGeometry is a set of algorithms and functions for manipulating geo hashes and geometric shapes with geo coordinates.
- [**85**Star][2m] [Java] [neilalexander/jnacl](https://github.com/neilalexander/jnacl) Pure Java implementation of curve25519, salsa20, hsalsa20, xsalsa20 and poly1305 cryptographic primitives, along with a NaCl "Box" implementation
- [**85**Star][5m] [Kotlin] [martinstyk/androidapkanalyzer](https://github.com/martinstyk/androidapkanalyzer) Android application for analyzing installed apps
- [**85**Star][13d] [C] [sahlberg/libsmb2](https://github.com/sahlberg/libsmb2) SMB2/3 userspace client
- [**85**Star][28d] [Jupyter Notebook] [supercowpowers/workbench](https://github.com/supercowpowers/workbench) A scalable python framework for security research and development teams.
- [**85**Star][12d] [Go] [pires/go-proxyproto](https://github.com/pires/go-proxyproto) A Go library implementation of the PROXY protocol, versions 1 and 2.
- [**85**Star][14d] [Py] [skelsec/kerberoast](https://github.com/skelsec/kerberoast) Kerberoast attack -pure python-
- [**85**Star][11d] [Py] [ehco1996/aioshadowsocks](https://github.com/ehco1996/aioshadowsocks) 用 asyncio 重写 shadowsocks ~
- [**85**Star][17d] [Go] [v2ray/geoip](https://github.com/v2ray/geoip) 
- [**85**Star][20d] [Py] [utkusen/rhodiola](https://github.com/utkusen/rhodiola) Personalized wordlist generator with NLP, by analyzing tweets. (A.K.A crunch2049)
- [**85**Star][1m] [comwrg/fuck-gfw](https://github.com/comwrg/fuck-gfw) 记录各个包管理器使用代理的方法, 因为GFW已经浪费了已经数不清的时间, FUCK GFW
- [**85**Star][12d] [Solidity] [dharma-eng/dharma-smart-wallet](https://github.com/dharma-eng/dharma-smart-wallet) An upgradeable, meta-transaction-enabled smart wallet for earning interest on stablecoins while retaining custody of funds, with an added security backstop provided by Dharma Labs.
- [**85**Star][10d] [C] [trailofbits/mishegos](https://github.com/trailofbits/mishegos) A differential fuzzer for x86 decoders
- [**85**Star][11m] [Py] [jakobrpennington/information-security](https://github.com/JakobRPennington/information-security) A place where I can create, collect and share tooling, resources and knowledge about information security.
- [**85**Star][20d] [Py] [nordicsemiconductor/nrf-sniffer-for-802.15.4](https://github.com/NordicSemiconductor/nRF-Sniffer-for-802.15.4) nRF-based 802.15.4 sniffer (firmware and software)
- [**85**Star][1y] [ruby] [pikatrack/pikatrack](https://gitlab.com/pikatrack/pikatrack) 
- [**85**Star][3y] [Py] [zhangzhenfeng/anyscan](https://github.com/zhangzhenfeng/anyscan) AnyScan
- [**85**Star][19d] [C] [yohanes/pgpemu](https://github.com/yohanes/pgpemu) Pokemon GO Plus emulator using ESP32
- [**85**Star][12d] [C++] [xforce/anno1800-mod-loader](https://github.com/xforce/anno1800-mod-loader) The one and only mod loader for Anno 1800, supports loading of unpacked RDA files, XML merging and Python mods.
- [**85**Star][2m] [C#] [virb3/dneditor](https://github.com/virb3/dneditor) 
- [**85**Star][2y] [C] [vim2meta/keylogger](https://github.com/vim2meta/keylogger) A powerful C keylogger for Windows.
- [**85**Star][3y] [Kotlin] [viktordegtyarev/callreclib](https://github.com/viktordegtyarev/callreclib) Call Recorder fix for Android 7 and Android 6
- [**85**Star][3y] [Py] [vector35/binaryninja-plugins](https://github.com/vector35/binaryninja-plugins) Repository to track Binary Ninja Plugins, Themes, and other related tools
- [**85**Star][1m] [Py] [trolldbois/python-haystack](https://github.com/trolldbois/python-haystack) Process heap analysis framework - Windows/Linux - record type inference and forensics
- [**85**Star][4m] [Py] [tp7309/ttdedroid](https://github.com/tp7309/ttdedroid) 一键反编译工具One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify/cfr.
- [**85**Star][20d] [Py] [utkusen/rhodiola](https://github.com/utkusen/rhodiola) Personalized wordlist generator with NLP, by analyzing tweets. (A.K.A crunch2049)
- [**85**Star][3m] [C++] [tandasat/findpg](https://github.com/tandasat/findpg) Windbg extension to find PatchGuard pages
- [**85**Star][3y] [Py] [superspytx/hack-yak](https://github.com/superspytx/hack-yak) My work on reverse engineering Yik Yak's protocol.
- [**85**Star][12d] [XSLT] [spring-cloud/spring-cloud-stream-starters](https://github.com/spring-cloud/spring-cloud-stream-starters) 
- [**85**Star][10d] [Dockerfile] [smallwat3r/docker-nginx-gunicorn-flask-letsencrypt](https://github.com/smallwat3r/docker-nginx-gunicorn-flask-letsencrypt) Boilerplate code for setting up Nginx + Gunicorn + Flask + LetsEncrypt certificates using docker-compose.
- [**85**Star][3m] [PHP] [slims/slims8_akasia](https://github.com/slims/slims8_akasia) SLiMS 8 Akasia official source code repository
- [**85**Star][2y] [Py] [silascutler/malpipe](https://github.com/silascutler/malpipe) Malware/IOC ingestion and processing engine
- [**85**Star][4m] [C++] [sepehrdaddev/xerxes](https://github.com/sepehrdaddev/xerxes) Xerxes dos tool enhanced
- [**85**Star][11m] [HTML] [secmob/cansecwest2016](https://github.com/secmob/cansecwest2016) slide and full exploit
- [**85**Star][3y] [Shell] [scotthelme/lets-encrypt-smart-renew](https://github.com/scotthelme/lets-encrypt-smart-renew) Check the remaining validity period of a certificate before renewing.
- [**85**Star][3m] [C++] [scanlime/facewhisperer](https://github.com/scanlime/facewhisperer) USB host add-on for the ChipWhisperer side-channel analysis tool
- [**85**Star][2y] [Py] [s3rvac/retdec-python](https://github.com/s3rvac/retdec-python) A Python library and tools providing easy access to the retdec.com decompilation service through their REST API.
- [**85**Star][4m] [Ruby] [rtfpessoa/dependency_spy](https://github.com/rtfpessoa/dependency_spy) Find known vulnerabilities in your dependencies
- [**85**Star][3y] [risksense-ops/ms17-010](https://github.com/risksense-ops/ms17-010) MS17-010 Research
- [**85**Star][28d] [JS] [rapid7/jsobfu](https://github.com/rapid7/jsobfu) Obfuscate JavaScript (beyond repair) with Ruby
- [**85**Star][4m] [Py] [qianniaoge/f-scrack](https://github.com/qianniaoge/f-scrack) 一款python编写的轻量级弱口令检测脚本，目前支持以下服务：FTP、MYSQL、MSSQL、MONGODB、REDIS、TELNET、ELASTICSEARCH、POSTGRESQL。
- [**85**Star][1y] [ObjC] [pwnsdx/unsecure](https://github.com/pwnsdx/unsecure) (Released in December 2016) Bypass security alerts of Little Flocker / Little Snitch / HandsOff! / BlockBlock (same concept can be applied to other security tools) on macOS.
- [**85**Star][12d] [Py] [pinnace/burp-jwt-fuzzhelper-extension](https://github.com/pinnace/burp-jwt-fuzzhelper-extension) JWT Fuzzer for BurpSuite
- [**85**Star][19d] [Py] [paolomonti42/salt](https://github.com/paolomonti42/salt) SALT - SLUB ALlocator Tracer for the Linux kernel
- [**85**Star][19d] [PS] [palantir/exploitguard](https://github.com/palantir/exploitguard) Documentation and supporting script sample for Windows Exploit Guard
- [**85**Star][4m] [owasp/owasp-testing-guide](https://github.com/owasp/owasp-testing-guide) OWASP Testing Guide
- [**85**Star][3m] [Py] [oseid/facebom](https://github.com/oseid/facebom) A Python script for Brute Force Attack On Facebook Account :)
- [**85**Star][16d] [PHP] [opsxcq/docker-vulnerable-dvwa](https://github.com/opsxcq/docker-vulnerable-dvwa) Damn Vulnerable Web Application Docker container
- [**85**Star][24d] [Ruby] [openzipkin/zipkin-ruby](https://github.com/openzipkin/zipkin-ruby) zipkin-tracer ruby gem
- [**85**Star][5y] [C++] [ohjeongwook/flashhacker](https://github.com/ohjeongwook/flashhacker) Flash Instrumentation Tool
- [**85**Star][4m] [Py] [nullarray/archivist](https://github.com/nullarray/archivist) A ctypes powered python keylogger.
- [**85**Star][1m] [C] [nsacyber/netfil](https://github.com/nsacyber/netfil) A kernel network manager with monitoring and limiting capabilities for macOS. #nsacyber
- [**85**Star][4m] [C++] [nemerle/dcc](https://github.com/nemerle/dcc) This is a heavily updated version of the old DOS executable decompiler DCC
- [**85**Star][4m] [PS] [nbeede/boombox](https://github.com/nbeede/boombox) Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
- [**85**Star][3m] [Go] [mtojek/aws-lambda-go-proxy](https://github.com/mtojek/aws-lambda-go-proxy) 
- [**85**Star][1m] [JS] [megmage/chrome-export-passwords](https://github.com/megmage/chrome-export-passwords) Show all your chromium passwords in format ready to import in other browser like FireFox
- [**85**Star][1m] [matt-knight/research](https://github.com/matt-knight/research) Matt's security publications and related materials
- [**85**Star][19d] [Py] [marco-lancini/docker_offensive_elk](https://github.com/marco-lancini/docker_offensive_elk) Elasticsearch for Offensive Security
- [**85**Star][1m] [Py] [llsourcell/antivirus_demo](https://github.com/llsourcell/antivirus_demo) Antivirus Demo for Fresh Machine Learning #7
- [**85**Star][5y] [Py] [liuhui0613/thewind](https://github.com/liuhui0613/thewind) a MITM attack tool
- [**85**Star][3m] [Py] [krmaxwell/tinfoleak](https://github.com/krmaxwell/tinfoleak) Get detailed information about a Twitter user activity
- [**85**Star][12m] [PS] [kieranwalsh/powershell](https://github.com/kieranwalsh/powershell) My PowerShell stuff
- [**85**Star][3m] [Java] [jgillam/burp-paramalyzer](https://github.com/jgillam/burp-paramalyzer) Burp extension for parameter analysis of large-scale web application penetration tests.
- [**85**Star][12d] [C++] [jaegertracing/jaeger-client-cpp](https://github.com/jaegertracing/jaeger-client-cpp) C++ OpenTracing binding for Jaeger
- [**85**Star][4m] [Py] [huntergregal/png-idat-payload-generator](https://github.com/huntergregal/png-idat-payload-generator) Generate a PNG with a payload embedded in the IDAT chunk (Based off of previous concepts and code -- credit in README)
- [**85**Star][3y] [Py] [hoststools/windows-python](https://github.com/hoststools/windows-python) 翻墙小工具，适合学术粉使用
- [**85**Star][16d] [Py] [hackndo/krack-poc](https://github.com/hackndo/krack-poc) Krack POC
- [**85**Star][3y] [C] [evil-e/sdb-explorer](https://github.com/evil-e/sdb-explorer) Tool to view and create Microsoft shim database files (SDB).
- [**85**Star][1m] [C] [elfmaster/saruman](https://github.com/elfmaster/saruman) ELF anti-forensics exec, for injecting full dynamic executables into process image (With thread injection)
- [**85**Star][11d] [JS] [elboletaire/password-strength-meter](https://github.com/elboletaire/password-strength-meter) 
- [**85**Star][2m] [Py] [rcx/tcpbin](https://github.com/rcx/tcpbin) Very crude and poorly written HTTP(s) and SMTP bin
- [**85**Star][1m] [Py] [duo-labs/apple-t2-xpc](https://github.com/duo-labs/apple-t2-xpc) Tools to explore the XPC interface of Apple's T2 chip
- [**85**Star][1m] [Py] [dtag-dev-sec/explo](https://github.com/dtag-dev-sec/explo) Human and machine readable web vulnerability testing format
- [**85**Star][5y] [Swift] [deniskr/keychainswiftapi](https://github.com/deniskr/keychainswiftapi) This Keychain Swift API library is a wrapper of iOS C Keychain Framework. It allows easily and securely storing sensitive data in secure keychain store.
- [**85**Star][22d] [Py] [crackmes/crackmes](https://github.com/crackmes/crackmes) Open and censorship resistant crackmes repository
- [**85**Star][2y] [C++] [cinquemb/firmware-mod-kit-osx](https://github.com/cinquemb/firmware-mod-kit-osx) Firmware Modification Kit forked from
- [**85**Star][1m] [Shell] [chunkingz/linsetmv1-2](https://github.com/chunkingz/linsetmv1-2) Linset is a WPA/WPA2 phishing tool (evil twin)
- [**85**Star][6y] [C] [chokepoint/beleth](https://github.com/chokepoint/beleth) Multi-threaded SSH Password Auditor
- [**85**Star][5y] [Py] [bwall/ircsnapshot](https://github.com/bwall/ircsnapshot) Tool to gather information from IRC servers
- [**85**Star][18d] [Py] [busindre/dumpzilla](https://github.com/busindre/dumpzilla) Extract all forensic interesting information of Firefox, Iceweasel and Seamonkey browsers
- [**85**Star][3y] [PHP] [bug7sec/ransomware](https://github.com/bug7sec/ransomware) Bug7sec Team - ransomware open source (web)
- [**85**Star][10d] [Py] [boyan-soubachov/tastyworks_api](https://github.com/boyan-soubachov/tastyworks_api) An unofficial, reverse-engineered Python API for tastyworks.
- [**85**Star][4y] [Py] [blackye/bkscanner](https://github.com/blackye/bkscanner) BkScanner 分布式、插件化web漏洞扫描器
- [**85**Star][3y] [C++] [benjaminsoelberg/reflectivepeloader](https://github.com/benjaminsoelberg/reflectivepeloader) Reflective PE loader for DLL injection
- [**85**Star][3y] [Py] [anonion0/nsec3map](https://github.com/anonion0/nsec3map) a tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain
- [**85**Star][5m] [Py] [abaykan/53r3n17y](https://github.com/abaykan/53r3n17y) Python based script for Information Gathering.
- [**85**Star][18d] [Py] [ab77/black.box](https://github.com/ab77/black.box) Plug-and-Play VPN router and unblocker
- [**85**Star][3y] [Py] [5up3rc/nagascan](https://github.com/5up3rc/nagascan) NagaScan is a distributed passive scanner for Web application.
- [**85**Star][3y] [Py] [3xp10it/mytoolkit](https://github.com/3xp10it/mytoolkit) 【Not maintained】sqlmap对所有目标及其所有旁站批量自动化sqli
- [**85**Star][1y] [Shell] [1n3/prism-ap](https://github.com/1n3/prism-ap) An automated Wireless RogueAP MITM attack framework.
- [**84**Star][9m] [s3cur3th1ssh1t/amsi-bypass-powershell](https://github.com/s3cur3th1ssh1t/amsi-bypass-powershell) This repo contains some Amsi Bypass methods i found on different Blog Posts.
- [**84**Star][3m] [Rust] [rphmeier/jobsteal](https://github.com/rphmeier/jobsteal) A work-stealing fork-join threadpool written in Rust.
- [**84**Star][14d] [Py] [brianhornsby/script.openvpn](https://github.com/brianhornsby/script.openvpn) A script that allows you to control OpenVPN from within Kodi.
- [**84**Star][26d] [Py] [brendan-myers/rpi3-wifi-conf](https://github.com/brendan-myers/rpi3-wifi-conf) A simple Python script to configure wifi over bluetooth for a Raspberry Pi 3
- [**84**Star][4m] [Py] [openstates/billy](https://github.com/openstates/billy) legacy backend for Open States
- [**84**Star][3y] [Py] [cvangysel/sert](https://github.com/cvangysel/sert) Semantic Entity Retrieval Toolkit
- [**84**Star][9m] [Py] [sailay1996/fileless_uac_bypass_wsreset](https://github.com/sailay1996/fileless_uac_bypass_wsreset) I created the python script to bypass UAC to get system shell .
- [**84**Star][4m] [Assembly] [baron-von-riedesel/dos64-stub](https://github.com/baron-von-riedesel/dos64-stub) small stub that allows to run "bare" 64-bit PE binaries in DOS
- [**84**Star][4m] [Java] [welk1n/jndi-injection-exploit](https://github.com/welk1n/jndi-injection-exploit) JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）
- [**84**Star][17d] [Java] [denghuichao/proxy-pool](https://github.com/denghuichao/proxy-pool) 爬虫代理IP池服务，可供其他爬虫程序通过restapi获取
- [**84**Star][4m] [Py] [monkey-soft/scrapy_ipproxypool](https://github.com/monkey-soft/scrapy_ipproxypool) 免费 IP 代理池。Scrapy 爬虫框架插件
- [**84**Star][2m] [Py] [pinto0309/mobilenet-ssd](https://github.com/pinto0309/mobilenet-ssd) MobileNet-SSD(MobileNetSSD) + Neural Compute Stick(NCS) Faster than YoloV2 + Explosion speed by RaspberryPi · Multiple moving object detection with high accuracy.
- [**84**Star][25d] [Java] [zeevy/grblcontroller](https://github.com/zeevy/grblcontroller) Compact android mobile application for gcode streaming and controlling a cnc machine with grbl firmware
- [**84**Star][1m] [Shell] [openwisp/openwisp-firmware](https://github.com/openwisp/openwisp-firmware) A OpenWRT based firmware to be used with OpenWISP Manager
- [**84**Star][13d] [C++] [kefir500/apk-editor-studio](https://github.com/kefir500/apk-editor-studio) Powerful yet easy to use APK editor.
- [**84**Star][29d] [Shell] [alexdoesh/mtproxy](https://github.com/alexdoesh/mtproxy) Alpine-based Docker Image for Telegram MTProto Proxy
- [**84**Star][14d] [Shell] [elevenpaths/thethe](https://github.com/elevenpaths/thethe) thethe
- [**84**Star][18d] [Py] [n1ckdunn/exploitivator](https://github.com/n1ckdunn/exploitivator) Automate Metasploit scanning and exploitation
- [**84**Star][12d] [rootsongjc/cloud-native-sandbox](https://github.com/rootsongjc/cloud-native-sandbox) Cloud Native Sandbox can help you setup a standalone Kubernetes and Istio environment with Docker on you own laptop.
- [**84**Star][1m] [CSS] [s0md3v/predator](https://github.com/s0md3v/predator) Anti-Automation System
- [**84**Star][2m] [Py] [mr-un1k0d3r/redteamscripts](https://github.com/mr-un1k0d3r/redteamscripts) Repo with various Red Team scripts
- [**84**Star][3m] [Py] [mame82/duckencoder.py](https://github.com/mame82/duckencoder.py) Python port of infamous duckencoder for RubberDucky
- [**84**Star][2m] [Kotlin] [linkedin/dex-test-parser](https://github.com/linkedin/dex-test-parser) Find all test methods in an Android instrumentation APK
- [**84**Star][16d] [Py] [k8gege/k8portscan](https://github.com/k8gege/k8portscan) 跨平台大型网络端口扫描器(支持批量A段/B段/C段/IP列表(TXT)/端口列表,Banner识别比S扫描器加强版更准)
- [**84**Star][20d] [C++] [moemod/csmoe](https://github.com/moemod/csmoe) Cross-platform Counter-Strike mod based on Xash3D (previously named CSBTE-Mobile)
- [**84**Star][10d] [PHP] [michyamrane/wso-webshell](https://github.com/mIcHyAmRaNe/wso-webshell) php webshell
- [**84**Star][13d] [JS] [googlechromelabs/rowing-monitor](https://github.com/GoogleChromeLabs/rowing-monitor) The Rowing Monitor is a Progressive Web App that uses Web Bluetooth to connect to a PM5 Monitor and track exercises.
- [**84**Star][16d] [C] [brandonplank/rootlessjb4](https://github.com/brandonplank/rootlessJB4) rootlessJB that supports iOS 12.0 - 12.2 & 12.4
- [**84**Star][3m] [Py] [ctfhacker/ctf-writeups](https://github.com/ctfhacker/ctf-writeups) 
- [**84**Star][5y] [Ruby] [ztgrace/pwn_lab](https://github.com/ztgrace/pwn_lab) a collection of Vagrant scripts and boxes to create security training environments
- [**84**Star][2y] [Py] [zhkl0228/androidattacher](https://github.com/zhkl0228/androidattacher) IDA debugging plugin for android armv7 so
- [**84**Star][3y] [Py] [yehia-mamdouh/xssya-v-2.0](https://github.com/yehia-mamdouh/xssya-v-2.0) 
- [**84**Star][18d] [JS] [xuanhuan/ss-panel](https://github.com/xuanhuan/ss-panel) !
- [**84**Star][3m] [xoreaxeaxeax/vimmmex](https://github.com/xoreaxeaxeax/vimmmex) The vim execution engine
- [**84**Star][4m] [C] [xobs/novena-linux](https://github.com/xobs/novena-linux) Linux kernel with Novena patches -- expect frequent rebases!
- [**84**Star][4y] [C++] [wjp/idados](https://github.com/wjp/idados) Eric Fry's IDA/DOSBox debugger plugin
- [**84**Star][8d] [Py] [vrachieru/xiaomi-flower-care-api](https://github.com/vrachieru/xiaomi-flower-care-api) Xiaomi Flower Care (MiFlora) API wrapper.
- [**84**Star][1m] [C] [tyilo/asm_repl](https://github.com/tyilo/asm_repl) A REPL for assembly
- [**84**Star][12d] [Py] [turnerlabs/antiope](https://github.com/turnerlabs/antiope) AWS Inventory and Compliance Framework
- [**84**Star][2y] [JS] [tingge/web-analytics](https://github.com/tingge/web-analytics) 监测分析、异常监测、广告验证、访客唯一标识
- [**84**Star][10d] [Py] [theevilbit/kex](https://github.com/theevilbit/kex) python kernel exploit library
- [**84**Star][14d] [C++] [sidyhe/dxx](https://github.com/sidyhe/dxx) Windows Kernel Driver with C++ runtime
- [**84**Star][16d] [Py] [shendo/websnort](https://github.com/shendo/websnort) Web service for scanning pcaps with snort
- [**84**Star][2m] [Go] [sensepost/liniaal](https://github.com/sensepost/liniaal) Liniaal - A communication extension to Ruler
- [**84**Star][23d] [C++] [securesystemslab/multicompiler](https://github.com/securesystemslab/multicompiler) LLVM-based compiler to create artificial software diversity to protect software from code-reuse attacks.
- [**84**Star][17d] [C++] [rodneyviana/netext](https://github.com/rodneyviana/netext) WinDbg extension for data mining managed heap. It also includes commands to list http request, wcf services, WIF tokens among others
- [**84**Star][4m] [Java] [recihub/funnyalgorithms](https://github.com/recihub/funnyalgorithms) A repository with a bunch of funny algorithms, beginners friendly
- [**84**Star][4m] [Kotlin] [pvasa/easycrypt](https://github.com/pvasa/easycrypt) Android cryptography library with SecureRandom patches.
- [**84**Star][5y] [Py] [pinperepette/geotweet_gui](https://github.com/pinperepette/geotweet_gui) Social engineering tool for human hacking
- [**84**Star][5m] [Py] [patrowl/patrowlengines](https://github.com/patrowl/patrowlengines) PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
- [**84**Star][11d] [Dockerfile] [owasp/sonarqube](https://github.com/owasp/sonarqube) OWASP SonarQube Project
- [**84**Star][14d] [TS] [oleavr/frida-agent-example](https://github.com/oleavr/frida-agent-example) Example Frida agent written in TypeScript
- [**84**Star][1y] [Py] [niklasb/35c3ctf-challs](https://github.com/niklasb/35c3ctf-challs) 
- [**84**Star][11m] [Go] [nanopack/redundis](https://github.com/nanopack/redundis) Redis high-availability cluster using Sentinel to transparently proxy connections to the active primary member.
- [**84**Star][2m] [Shell] [naltun/eyes.sh](https://github.com/naltun/eyes.sh) Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
- [**84**Star][5y] [C#] [monoxgas/trebuchet](https://github.com/monoxgas/trebuchet) MS15-076 Privilege Escalation
- [**84**Star][6m] [JS] [mattgodbolt/miracle](https://github.com/mattgodbolt/miracle) JavaScript Sega Master System Emulator
- [**84**Star][21d] [C] [marfjeh/coinhive-block](https://github.com/marfjeh/coinhive-block) To block the malware domains of coin-hive systemwide.
- [**84**Star][21d] [Py] [marcobellaccini/pyaescrypt](https://github.com/marcobellaccini/pyaescrypt) A Python 3 module and script that uses AES256-CBC to encrypt/decrypt files and streams in AES Crypt file format (version 2).
- [**84**Star][1y] [Java] [lufeirider/project](https://github.com/lufeirider/project) 
- [**84**Star][11d] [Go] [letsencrypt/ct-woodpecker](https://github.com/letsencrypt/ct-woodpecker) A tool to monitor a certificate transparency log for operational problems
- [**84**Star][1m] [Java] [kingsabri/godofwar](https://github.com/kingsabri/godofwar) GodOfWar - Malicious Java WAR builder with built-in payloads
- [**84**Star][4m] [Py] [kcarretto/arsenal](https://github.com/kcarretto/arsenal) Extensible Red Team Framework
- [**84**Star][19d] [Py] [k8scop/k8s-security-dashboard](https://github.com/k8scop/k8s-security-dashboard) A security monitoring solution for Kubernetes
- [**84**Star][19d] [k33nteam/ie9-ie11-vulnerability-advanced-exploitation](https://github.com/k33nteam/ie9-ie11-vulnerability-advanced-exploitation) Public slides and demo code of bypassing security protection in the latest Windows Internet Explorer.
- [**84**Star][5m] [Py] [jiangsir404/s7scan](https://github.com/jiangsir404/s7scan) a pentest scanner / 一个漏洞综合利用工具轮子，大佬请忽略
- [**84**Star][7y] [JS] [hive13/canibus](https://github.com/hive13/canibus) CAN Device Vehicle Research Server (OpenGarages.org)
- [**84**Star][5y] [C++] [hackedteam/scout-win](https://github.com/hackedteam/scout-win) Scout backdoor for Windows
- [**84**Star][2y] [C] [gossithedog/zeroday](https://github.com/gossithedog/zeroday) 
- [**84**Star][21d] [JS] [garethflowers/tor-browser-portable](https://github.com/garethflowers/tor-browser-portable) Portable version of the Tor Browser, for Windows
- [**84**Star][JS] [feeicn/papers](https://github.com/feeicn/papers) 个人博客，在企业安全、软件研发和个人思考的一些文章
- [**84**Star][2y] [exp-sky/asiasecwest-2018-chakra-vulnerability-and-exploit-bypass-all-system-mitigation](https://github.com/exp-sky/asiasecwest-2018-chakra-vulnerability-and-exploit-bypass-all-system-mitigation) Chakra vulnerability and exploit bypass all system mitigation
- [**84**Star][11d] [JS] [esapi/owasp-esapi-js](https://github.com/esapi/owasp-esapi-js) Automatically exported from code.google.com/p/owasp-esapi-js
- [**84**Star][5m] [elephantos/elephant](https://github.com/elephantos/elephant) 操作系统真象还原
- [**84**Star][2m] [Py] [devopshq/artifactory](https://github.com/devopshq/artifactory) dohq-artifactory: a Python client for Artifactory
- [**84**Star][2m] [Groff] [ddos-defense/bohatei](https://github.com/ddos-defense/bohatei) Bohatei is a first of its kind platform that enables flexible and elastic DDoS defense using SDN and NFV.
- [**84**Star][2m] [Ruby] [davidegrayson/ruby_ecdsa](https://github.com/davidegrayson/ruby_ecdsa) This gem implements the Elliptic Curve Digital Signature Algorithm (ECDSA) almost entirely in pure Ruby.
- [**84**Star][17d] [Py] [damian89/xssfinder](https://github.com/damian89/xssfinder) Toolset for detecting reflected xss in websites
- [**84**Star][4m] [C++] [csersoft/hwfw_gui](https://github.com/csersoft/hwfw_gui) HuaWei ONT Firmware Editor - GUI
- [**84**Star][1m] [Py] [coldfusion39/domi-owned](https://github.com/coldfusion39/domi-owned) IBM/Lotus Domino exploitation
- [**84**Star][18d] [Py] [busescanfly/rpi-hunter](https://github.com/busescanfly/rpi-hunter) Auto discover and exploit LAN raspberry pi's
- [**84**Star][2m] [C] [bishopfox/firecat](https://github.com/bishopfox/firecat) Firecat is a penetration testing tool that allows you to punch reverse TCP tunnels out of a compromised network.
- [**84**Star][16d] [Py] [bgulla/boozer](https://github.com/bgulla/boozer) Kegerator Monitoring Platform. RPi + Docker + Beer + Metrics + Slack. k3s kubernetes friendly.
- [**84**Star][3m] [C] [armenb/sharktools](https://github.com/armenb/sharktools) Tools for programmatic parsing of packet captures using Wireshark functionality
- [**84**Star][4m] [Scala] [arguslab/argus-saf](https://github.com/arguslab/argus-saf) Argus static analysis framework
- [**84**Star][15d] [JS] [anmavrid/smart-contracts](https://github.com/anmavrid/smart-contracts) 
- [**84**Star][5m] [Java] [7ym0n/security](https://github.com/7ym0n/security) Happy Hacker
- [**84**Star][4m] [Py] [7rillionaire/search4](https://github.com/7rillionaire/search4) A tool to search a particular username on almost every social platform and tell , whether the user with that username exists on that site or not.
- [**84**Star][1y] [Py] [422926799/python](https://github.com/422926799/python) python黑客与一些脚本
- [**84**Star][2y] [Go] [0x09al/browser-c2](https://github.com/0x09al/browser-c2) Post Exploitation agent which uses a browser to do C2 operations.
- [**83**Star][16d] [PHP] [reliqarts/laravel-scavenger](https://github.com/reliqarts/laravel-scavenger) The most integrated web scraper package for Laravel.
- [**83**Star][17d] [Py] [utkusen/jeopardize](https://github.com/utkusen/jeopardize) a low(zero) cost threat intelligence&response tool against phishing domains
- [**83**Star][3m] [JS] [vpnht/desktop-legacy](https://github.com/vpnht/desktop-legacy) VPN.ht Desktop Application for Windows and Mac OS X built on top of Electron
- [**83**Star][2m] [Py] [gmdutra/aws-report](https://github.com/gmdutra/aws-report) AWS Report is a tool for analyzing amazon resources.
- [**83**Star][2m] [JS] [bitcoinjs/bip38](https://github.com/bitcoinjs/bip38) BIP38 is a standard process to encrypt Bitcoin and crypto currency private keys that is less susceptible to brute force attacks thus protecting the user.
- [**83**Star][4m] [Py] [wulio/coeus](https://github.com/wulio/coeus) Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
- [**83**Star][16d] [Java] [geguofeng/algorithm-learning](https://github.com/geguofeng/algorithm-learning) 
- [**83**Star][13d] [Go] [wadahiro/go-transproxy](https://github.com/wadahiro/go-transproxy) Transparent proxy servers for HTTP, HTTPS, DNS and TCP.
- [**83**Star][3m] [JS] [ruanyf/user-tracking-demos](https://github.com/ruanyf/user-tracking-demos) demos of tracking users with JavaScript
- [**83**Star][4m] [JS] [webbreacher/yoga](https://github.com/webbreacher/yoga) Your OSINT Graphical Analyzer
- [**83**Star][29d] [PHP] [shadowsocks/shadow-shop](https://github.com/shadowsocks/shadow-shop) Building highly customizable e-commerce websites selling shadowsocks services, using Wordpress and WooCommerce
- [**83**Star][30d] [Jupyter Notebook] [bukosabino/btctrading](https://github.com/bukosabino/btctrading) Time Series Forecast with Bitcoin value, to detect upward/down trends with Machine Learning Algorithms
- [**83**Star][2y] [Py] [danmcinerney/search-google](https://github.com/danmcinerney/search-google) Scrape google search results
- [**83**Star][1m] [JS] [andreafioraldi/frida-js-afl-instr](https://github.com/andreafioraldi/frida-js-afl-instr) An example on how to do performant in-memory fuzzing with AFL++ and Frida
- [**83**Star][4m] [JS] [zswang/jfogs](https://github.com/zswang/jfogs) JavaScript Obfuscator
- [**83**Star][1m] [Py] [rmanluo/ml_malware_detect](https://github.com/RManLuo/ML_Malware_detect) 阿里云安全恶意程序检测比赛
- [**83**Star][5y] [Py] [n0tr00t/wvs_patcher](https://github.com/n0tr00t/WVS_Patcher) Script to run wvs in queue, and send mails to you on ending.
- [**83**Star][2y] [Shell] [offxec/pavelow](https://github.com/OffXec/PAVELOW) PAVELOW Exploit Toolbox is a BASH script that corresponds with your KALI distro to better help your vulnerability hunting and exploiting proccess with a few other goodies added to aid your fight.
- [**83**Star][9d] [security-cheatsheet/wireshark-cheatsheet](https://github.com/security-cheatsheet/wireshark-cheatsheet) Wireshark Cheat Sheet
- [**83**Star][19d] [Lua] [jpalanco/nmap-scada](https://github.com/jpalanco/nmap-scada) nse scripts for scada identification
- [**83**Star][2m] [Py] [android-dtf/dtf](https://github.com/android-dtf/dtf) Android Device Testing Framework ("dtf")
- [**83**Star][3y] [Py] [z00nx/reversemap](https://github.com/z00nx/reversemap) Analyse SQL injection attempts in web server logs
- [**83**Star][2m] [Py] [yzyio/adidas-multi-session](https://github.com/yzyio/adidas-multi-session) (Python) Program to simulate multiple sessions on adidas queue pages.
- [**83**Star][6y] [Py] [xypiie/webshell](https://github.com/xypiie/webshell) a web-based ssh shell.
- [**83**Star][2y] [Py] [viralmaniar/in-spectre-meltdown](https://github.com/viralmaniar/in-spectre-meltdown) This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs …
- [**83**Star][11d] [C] [vanhoefm/dragonslayer](https://github.com/vanhoefm/dragonslayer) 
- [**83**Star][5m] [Shell] [trailofbits/ios-integrity-validator](https://github.com/trailofbits/ios-integrity-validator) Integrity validator for iOS devices
- [**83**Star][2y] [Py] [threatexpress/tinyshell](https://github.com/threatexpress/tinyshell) 
- [**83**Star][1m] [Shell] [te-papa/aws-key-disabler](https://github.com/te-papa/aws-key-disabler) A small lambda script that will disable access keys older than a given amount of days.
- [**83**Star][2m] [spiderlabs/msfrpc](https://github.com/spiderlabs/msfrpc) Perl/Python modules for interfacing with Metasploit MSGRPC
- [**83**Star][11d] [Go] [snail007/autostart](https://github.com/snail007/autostart) autostart tools to set your application auto startup after desktop login,only for desktop version of linux , windows , mac.
- [**83**Star][5m] [Py] [smxlabs/gibbersense](https://github.com/smxlabs/gibbersense) Extract Sense out of Gibberish stuff
- [**83**Star][14d] [C] [smealum/udsploit](https://github.com/smealum/udsploit) UDS exploit + kernel hooks for 11.3
- [**83**Star][4y] [Py] [sjhilt/gaspot](https://github.com/sjhilt/gaspot) GasPot Released at Blackhat 2015
- [**83**Star][7y] [Java] [schierlm/javapayload](https://github.com/schierlm/javapayload) JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
- [**83**Star][26d] [C++] [rwhitcroft/dnschan](https://github.com/rwhitcroft/dnschan) A remote access trojan over DNS
- [**83**Star][4y] [Vim script] [rjohnsondev/vim-compiler-go](https://github.com/rjohnsondev/vim-compiler-go) Vim compiler plugin for Go (golang)
- [**83**Star][1y] [C] [realtalk/cve-2013-2094](https://github.com/realtalk/cve-2013-2094) original cve-2013-2094 exploit and a rewritten version for educational purposes
- [**83**Star][19d] [Ruby] [r00t-3xp10it/resource_files](https://github.com/r00t-3xp10it/resource_files) mosquito - Automating reconnaissance and brute force attacks
- [**83**Star][5m] [Py] [pingxcpost/f-nascan-plus](https://github.com/pingxcpost/f-nascan-plus) F-NAScan-PLUS 安服资产搜集
- [**83**Star][9m] [CSS] [pielco11/doge](https://github.com/pielco11/doge) Darknet Osint Graph Explorer
- [**83**Star][6m] [Py] [phantom0301/vulcloud](https://github.com/phantom0301/vulcloud) A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
- [**83**Star][11d] [Py] [openitsystem/itops](https://github.com/openitsystem/itops) 基于Python + Django的AD\Exchange管理系统
- [**83**Star][17d] [C] [oleavr/ios-inject-custom](https://github.com/oleavr/ios-inject-custom) Example showing how to use Frida for standalone injection of a custom payload
- [**83**Star][8m] [C++] [nitskmos/algorithms](https://github.com/nitskmos/algorithms) In case you want to contribute, ping on
- [**83**Star][3y] [Py] [nickstadb/serialbrute](https://github.com/nickstadb/serialbrute) Java serialization brute force attack tool.
- [**83**Star][2m] [Py] [nccgroup/argumentinjectionhammer](https://github.com/nccgroup/argumentinjectionhammer) A Burp Extension designed to identify argument injection vulnerabilities.
- [**83**Star][5m] [Py] [mwielgoszewski/burp-protobuf-decoder](https://github.com/mwielgoszewski/burp-protobuf-decoder) A simple Google Protobuf Decoder for Burp
- [**83**Star][1m] [C++] [mback2k/wiasane](https://github.com/mback2k/wiasane) Scanner Access Now Easy - WIA Driver
- [**83**Star][3y] [C] [maximehip/safari-ios10.3.2-macos-10.12.4-exploit-bugs](https://github.com/maximehip/safari-ios10.3.2-macos-10.12.4-exploit-bugs) 
- [**83**Star][2m] [Shell] [m4sc3r4n0/astroid](https://github.com/m4sc3r4n0/astroid) ASTROID v 1.2 bypass most A.V softwares
- [**83**Star][8m] [C] [lsds/talos](https://github.com/lsds/talos) Efficient TLS termination inside Intel SGX enclaves for existing applications
- [**83**Star][13d] [lcamry/sqli-labs](https://github.com/lcamry/sqli-labs) sqli-labs中文使用手册，详细讲解了mysql注入的各种手段。
- [**83**Star][21d] [Py] [krmaxwell/dns-exfiltration](https://github.com/krmaxwell/dns-exfiltration) Exfiltrate files via DNS
- [**83**Star][12d] [TeX] [kramse/security-courses](https://github.com/kramse/security-courses) various courses, presentation etc.
- [**83**Star][8m] [JS] [kmowery/canvas-fingerprinting](https://github.com/kmowery/canvas-fingerprinting) A framework for collecting and viewing graphical browser fingerprints.
- [**83**Star][9m] [Shell] [juxhindb/oob-server](https://github.com/juxhindb/oob-server) A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
- [**83**Star][2m] [ObjC] [jonwil/unlinker](https://github.com/jonwil/unlinker) Unlinker is a tool that can rip functions out of Visual C++ compiled binaries and produce Visual C++ COFF object files
- [**83**Star][20d] [igorbrigadir/twitter-advanced-search](https://github.com/igorbrigadir/twitter-advanced-search) Advanced Search for Twitter.
- [**83**Star][12d] [Go] [huandu/go-tls](https://github.com/huandu/go-tls) A bit safer approach to implement Thread Local Storage (TLS) for Go 1.7+.
- [**83**Star][2y] [github-classroom-cybros/ethical-hacking](https://github.com/github-classroom-cybros/ethical-hacking) This repository contains reference material & links for people willing to learn Ethical Hacking
- [**83**Star][25d] [Py] [gelim/nmap-erpscan](https://github.com/gelim/nmap-erpscan) Nmap custom probes for better detecting SAP services
- [**83**Star][2y] [R] [fujitsulaboratories/comevizz](https://github.com/fujitsulaboratories/comevizz) COMEVIZZ is COde MEtrics VIsualiZation with Z-Score.
- [**83**Star][11d] [JS] [fastify/light-my-request](https://github.com/fastify/light-my-request) Fake HTTP injection library
- [**83**Star][18d] [C] [etnaviv/etna_viv](https://github.com/etnaviv/etna_viv) Etnaviv is a project to build an FOSS driver for the Vivante GCxxx series of embedded GPUs - Tools and reverse engineering repository
- [**83**Star][4m] [Shell] [esemeniuc/ezpptp](https://github.com/esemeniuc/ezpptp) Easy PPTP VPN setup script for Debian based VPS
- [**83**Star][29d] [Py] [enigmabridge/certbot-external-auth](https://github.com/enigmabridge/certbot-external-auth) Certbot external DNS, HTTP, TLSSNI domain validation plugin with JSON output and scriptable hooks, with Dehydrated compatibility
- [**83**Star][2y] [Py] [endgameinc/youarespecial](https://github.com/endgameinc/youarespecial) 
- [**83**Star][2y] [Lua] [duoergun0729/4book](https://github.com/duoergun0729/4book) 《企业安全建设入门:基于开源软件打造企业网络安全》
- [**83**Star][5m] [Ruby] [dirtyfilthy/metassh](https://github.com/dirtyfilthy/metassh) ssh session type for metasploit
- [**83**Star][14d] [jaegeral/companies-hiring-security-remote](https://github.com/jaegeral/companies-hiring-security-remote) This repo is meant to be a list of companies that hire security people full remote.
- [**83**Star][13d] [Py] [dannycork/python-whois](https://github.com/dannycork/python-whois) Python module/library for retrieving WHOIS information of domains
- [**83**Star][4m] [citybasebrooks/siac](https://github.com/citybasebrooks/siac) SIAC is an enterprise SIEM built on open-source technology.
- [**83**Star][2m] [Py] [cifasis/neural-fuzzer](https://github.com/cifasis/neural-fuzzer) an experimental fuzzer designed to use state-of-the-art Machine Learning to learn from a set of initial files
- [**83**Star][23d] [Py] [catch-up-tv-and-more/plugin.video.catchuptvandmore](https://github.com/catch-up-tv-and-more/plugin.video.catchuptvandmore) Replay, Live TV and websites videos addon for Kodi
- [**83**Star][11d] [Go] [calidog/certstream-go](https://github.com/calidog/certstream-go) Go library for connecting to CertStream
- [**83**Star][2y] [Py] [brandonasuncion/reverse-engineering-bluetooth-protocols](https://github.com/brandonasuncion/reverse-engineering-bluetooth-protocols) Intercepting Bluetooth device communication and simulating packet responses of an iPhone from a Raspberry Pi 3
- [**83**Star][1m] [Go] [binject/binjection](https://github.com/binject/binjection) Injects additional machine instructions into various binary formats.
- [**83**Star][2y] [Py] [billyv4/id-entify](https://github.com/billyv4/id-entify) Search for information related to a domain: Emails - IP addresses - Domains - Information on WEB technology - Type of Firewall - NS and MX records - Nmap to IP addresses and Domains.
- [**83**Star][10d] [Shell] [bigdargon/hostsvn](https://github.com/bigdargon/hostsvn) Hosts block ads of Vietnamese
- [**83**Star][4m] [Py] [bambish/scanqli](https://github.com/bambish/scanqli) SQLi scanner to detect SQL vulns
- [**83**Star][20d] [C] [axi0mx/ios-kexec-utils](https://github.com/axi0mx/ios-kexec-utils) boot LLB/iBoot/iBSS/iBEC image from a jailbroken iOS kernel
- [**83**Star][3m] [JS] [avian2/noscript](https://github.com/avian2/noscript) A Firefox extension for whitelist driven safe JavaScript execution.
- [**83**Star][7m] [Go] [assafmo/xioc](https://github.com/assafmo/xioc) Extract indicators of compromise from text, including "escaped" ones.
- [**83**Star][30d] [Py] [anssi-fr/tabi](https://github.com/anssi-fr/tabi) BGP Hijack Detection
- [**83**Star][1m] [233boy/chinaip](https://github.com/233boy/chinaip) 中国大陆 IP 列表(已优化)
- [**83**Star][2y] [C] [0ffffffffh/api-break-for-x64dbg](https://github.com/0ffffffffh/api-break-for-x64dbg) x64dbg plugin to set breakpoints automatically to Win32/64 APIs
- [**83**Star][1y] [java] [JesusFreke/smali](https://bitbucket.org/jesusfreke/smali) 
- [**82**Star][27d] [C++] [echo-devim/fhex](https://github.com/echo-devim/fhex) A Full-Featured HexEditor compatible with Linux/Windows/MacOS
- [**82**Star][12d] [Py] [morpheusthewhite/nordpy](https://github.com/morpheusthewhite/nordpy) A python application with gui to connect automatically to the recommended NordVPN server of a certain type
- [**82**Star][9d] [Jupyter Notebook] [greydanus/visualize_atari](https://github.com/greydanus/visualize_atari) Code for our paper "Visualizing and Understanding Atari Agents" (
- [**82**Star][2m] [Go] [bishopfox/dufflebag](https://github.com/bishopfox/dufflebag) Search exposed EBS volumes for secrets
- [**82**Star][3m] [Py] [yelp/fuzz-lightyear](https://github.com/yelp/fuzz-lightyear) A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.
- [**82**Star][1m] [Shell] [nstinus/nordvpn](https://github.com/nstinus/nordvpn) Nordvpn.com helper script for openvpn
- [**82**Star][4m] [JS] [hrt/wheelchair](https://github.com/hrt/wheelchair) An introduction to the battle between JavaScript cheats and anti cheats.
- [**82**Star][9d] [JS] [vkaravir/jsav](https://github.com/vkaravir/jsav) JavaScript Algorithm Visualization library
- [**82**Star][2m] [C++] [emuradaisuke/sortingalgorithm.hayateshiki](https://github.com/emuradaisuke/sortingalgorithm.hayateshiki) Hayate-Shiki is an improved merge sort algorithm with the goal of "faster than quick sort".
- [**82**Star][22d] [PHP] [cretueusebiu/laravel-spark-google2fa](https://github.com/cretueusebiu/laravel-spark-google2fa) Google Authenticator support for Laravel Spark
- [**82**Star][4m] [Py] [abbeyokgo/tumblr_crawler](https://github.com/abbeyokgo/tumblr_crawler) tumblr解析网站
- [**82**Star][8d] [C] [aymanbagabas/huawei-wmi](https://github.com/aymanbagabas/huawei-wmi) Huawei WMI laptop extras linux driver
- [**82**Star][11d] [cisco-talos/snort-faq](https://github.com/cisco-talos/snort-faq) Snort FAQ
- [**82**Star][18d] [C] [virustotal/c-vtapi](https://github.com/virustotal/c-vtapi) Official implementation of the VirusTotal API in C programming language
- [**82**Star][2m] [Py] [bishopfox/anti-anti-automation](https://github.com/bishopfox/anti-anti-automation) Anti-Anti-Automation Framework
- [**82**Star][8d] [C++] [x64dbg/xedparse](https://github.com/x64dbg/xedparse)  A MASM-like, single-line plaintext assembler
- [**82**Star][23d] [C#] [lazocoder/winapi-wrapper](https://github.com/lazocoder/winapi-wrapper) Windows API wrapper class for simulating mouse movement, clicking, and more.
- [**82**Star][3y] [Go] [mushorg/go-dpi](https://github.com/mushorg/go-dpi) Application layer protocol identification of traffic flows
- [**82**Star][18d] [zbetcheckin/ipv6](https://github.com/zbetcheckin/ipv6) Playing with IPv6 for fun and profit
- [**82**Star][6m] [C++] [nefarius/injector](https://github.com/nefarius/injector) Command line utility to inject and eject DLLs
- [**82**Star][4m] [Go] [oftn-oswg/zerodrop](https://github.com/oftn-oswg/zerodrop) A stealth URL toolkit optimized for bypassing censorship filters and/or dropping malware
- [**82**Star][10d] [TS] [kishanbagaria/padding-oracle-attacker](https://github.com/kishanbagaria/padding-oracle-attacker) 
- [**82**Star][23d] [Shell] [kiyadesu/android](https://github.com/kiyadesu/Android) walk into Android security step by step
- [**82**Star][17d] [Go] [lc/hacks](https://github.com/lc/hacks) Repo of useful scripts
- [**82**Star][4y] [C#] [saneki-discontinued/flatui](https://github.com/saneki-discontinued/FlatUI) Flat UI theme for .NET applications
- [**82**Star][1y] [Py] [siberas/sjet](https://github.com/siberas/sjet) siberas JMX exploitation toolkit
- [**82**Star][30d] [C] [hc0d3r/alfheim](https://github.com/hc0d3r/alfheim) a linux process hacker tool
- [**82**Star][8m] [Java] [nats-io/stan.java](https://github.com/nats-io/stan.java) NATS Streaming Java Client
- [**82**Star][29d] [C] [silver13/h8mini-dual](https://github.com/silver13/h8mini-dual) Level+Acro version of H8 mini firmware
- [**82**Star][18d] [Java] [ysrc/obfusesmalitext](https://github.com/ysrc/obfusesmalitext) smali文件，jar包字符串混淆，支持gradle插件
- [**82**Star][4y] [yeyintminthuhtut/awesome-study-resources-for-kernel-hacking](https://github.com/yeyintminthuhtut/awesome-study-resources-for-kernel-hacking) Kernel Hacking study materials collection
- [**82**Star][14d] [Ruby] [xc0d3rz/metasploit-apk-embed-payload](https://github.com/xc0d3rz/metasploit-apk-embed-payload) Embed a Metasploit Payload in an Original .Apk File
- [**82**Star][4m] [Rust] [willglynn/pdb](https://github.com/willglynn/pdb) A parser for Microsoft PDB (Program Database) debugging information
- [**82**Star][4y] [HTML] [vah13/avdetection](https://github.com/vah13/avdetection) A simple way for detection the remote user's antivirus
- [**82**Star][4m] [Py] [thundergunexpress/badministration](https://github.com/thundergunexpress/badministration) a tool which interfaces with management or administration applications from an offensive standpoint.
- [**82**Star][29d] [PS] [thom-s/docx-embeddedhtml-injection](https://github.com/thom-s/docx-embeddedhtml-injection) Word 2016 vulnerability allows injecting HTML/JS code into a docx file's embeddedHTML="" tags.
- [**82**Star][1m] [CSS] [talater/chrome-is-listening](https://github.com/talater/chrome-is-listening) Chrome Speech Recognition exploit demo
- [**82**Star][3y] [Py] [superponible/volatility-plugins](https://github.com/superponible/volatility-plugins) Plugins I've written for Volatility
- [**82**Star][23d] [Go] [signalfx/gateway](https://github.com/signalfx/gateway) A proxy to buffer and forward metrics, events, and traces.
- [**82**Star][18d] [Ruby] [siberas/watobo](https://github.com/siberas/watobo)  a security tool for testing web applications
- [**82**Star][4m] [HTML] [securityautomation/dumpthegit](https://github.com/securityautomation/dumpthegit) DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
- [**82**Star][2m] [Jupyter Notebook] [sebdraven/hack_lu_2017](https://github.com/sebdraven/hack_lu_2017) Python and Machine Learning Workshop at Hack.lu 2017
- [**82**Star][2m] [sderosiaux/guidelines-to-create-a-strong-website](https://github.com/sderosiaux/guidelines-to-create-a-strong-website) A list of all things to consider when making a website or webapp of quality.
- [**82**Star][5m] [Py] [scwuaptx/lazyfragmentationheap](https://github.com/scwuaptx/lazyfragmentationheap) WCTF 2019 challenge
- [**82**Star][13d] [Py] [rsc-dev/pbd](https://github.com/rsc-dev/pbd) Pbd is a Python module to disassemble serialized protocol buffers descriptors (
- [**82**Star][27d] [C] [rlarabee/exploits](https://github.com/rlarabee/exploits) 
- [**82**Star][12d] [Py] [lightless233/geye](https://github.com/lightless233/geye) 
- [**82**Star][1y] [Py] [r3dxpl0it/apache-superset-remote-code-execution-poc-cve-2018-8021](https://github.com/r3dxpl0it/apache-superset-remote-code-execution-poc-cve-2018-8021) CVE-2018-8021 Proof-Of-Concept and Exploit
- [**82**Star][1m] [JS] [pnigos/hookjs](https://github.com/pnigos/hookjs) javascript function hook
- [**82**Star][14d] [C++] [paulsapps/msgi](https://github.com/paulsapps/msgi) Metal Gear Solid Integral PC reversing, efforts moved to
- [**82**Star][28d] [PHP] [ostark/upper](https://github.com/ostark/upper) Integrates Edge Caches like Fastly, KeyCDN, Cloudflare and Varnish with Craft.
- [**82**Star][2m] [C] [oranav/i9300_emmc_toolbox](https://github.com/oranav/i9300_emmc_toolbox) Samsung Galaxy S3 GT-I9300 eMMC toolbox
- [**82**Star][3m] [Batchfile] [op7ic/edr-testing-script](https://github.com/op7ic/edr-testing-script) Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
- [**82**Star][5m] [offensive-security/kali-cloud-build](https://github.com/offensive-security/kali-cloud-build) Script to create Kali Linux Amazon Machine Images (AMIs)
- [**82**Star][5y] [C] [nukem9/virtualdbghide](https://github.com/nukem9/virtualdbghide) Windows kernel mode driver to prevent detection of debuggers.
- [**82**Star][2y] [Dockerfile] [nitr4x/reverse-me](https://github.com/nitr4x/reverse-me) This repository contains a docker container dedicated to reverse engineering
- [**82**Star][4m] [C] [nginx-modules/ngx_cache_purge](https://github.com/nginx-modules/ngx_cache_purge) nginx module which support to purge ngx_http_(fastcgi|proxy|scgi|uwsgi)_module cache backend
- [**82**Star][13d] [Go] [netxfly/xsec-dns-proxy](https://github.com/netxfly/xsec-dns-proxy) DNS代理服务器，可以记录log到数据库中
- [**82**Star][2m] [PHP] [nao-sec/ektotal](https://github.com/nao-sec/ektotal) 分析Drive-by Download攻击的集成工具
- [**82**Star][4m] [Py] [mrh0wl/cloudmare](https://github.com/mrh0wl/cloudmare) Cloudflare real IP tracker.
- [**82**Star][6y] [PS] [mmessano/powershell](https://github.com/mmessano/powershell) 
- [**82**Star][2y] [Py] [m4ll0k/wpsploit](https://github.com/m4ll0k/wpsploit) Wordpress主题/插件代码扫描
- [**82**Star][3y] [Py] [lz1y/cve-2017-8759](https://github.com/lz1y/cve-2017-8759) CVE-2017-8759
- [**82**Star][4m] [Py] [liuhuanyong/eventmonitor](https://github.com/liuhuanyong/eventmonitor) Event monitor based on online news corpus including event storyline and analysis，基于给定事件关键词，采集事件资讯，对事件进行挖掘和分析。
- [**82**Star][4y] [Py] [jinhang/12306_captcha](https://github.com/jinhang/12306_captcha) CNN对12306、sina、baidu的验证码破解。
- [**82**Star][2m] [Java] [jenkinsci/dependency-check-plugin](https://github.com/jenkinsci/dependency-check-plugin) Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
- [**82**Star][10m] [Py] [indicodatasolutions/enso](https://github.com/indicodatasolutions/enso) An Open Source Library for Benchmarking Embeddings + Transfer Learning Methods
- [**82**Star][2m] [OCaml] [heidihoward/ocaml-raft](https://github.com/heidihoward/ocaml-raft) Implementation of Raft consensus algorithm
- [**82**Star][19d] [Py] [guedou/r2m2](https://github.com/guedou/r2m2) radare2 + miasm2 =
- [**82**Star][10d] [Go] [google/gonids](https://github.com/google/gonids) gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups:
- [**82**Star][4m] [Py] [google/giftstick](https://github.com/google/giftstick) 1-Click push forensics evidence to the cloud
- [**82**Star][3m] [JS] [frida/frida-presentations](https://github.com/frida/frida-presentations) Public presentations given on Frida at conferences
- [**82**Star][24d] [Java] [fooock/phone-tracker](https://github.com/fooock/phone-tracker) Phone tracker is an Android library to gather environment signals, like cell towers, wifi access points and gps locations.
- [**82**Star][3m] [C++] [fastvpseestiou/fastnetmon](https://github.com/fastvpseestiou/fastnetmon) This is old freezed version! Please use
- [**82**Star][16d] [Py] [evilsocket/coffee](https://github.com/evilsocket/coffee) Smarter Coffee terminal client.
- [**82**Star][2m] [Java] [enovella/jebscripts](https://github.com/enovella/jebscripts) A set of JEB Python/Java scripts for reverse engineering Android obfuscated code
- [**82**Star][5m] [Py] [einstein-/hexrays-python](https://github.com/einstein-/hexrays-python) Python bindings for the Hexrays Decompiler
- [**82**Star][10d] [Py] [drewsif/wipedicks](https://github.com/drewsif/wipedicks) Wipe files and drives securely with randoms ASCII dicks
- [**82**Star][4m] [Rust] [doyoubi/undermoon](https://github.com/doyoubi/undermoon) Server-side redis proxy
- [**82**Star][23d] [C#] [davotronic5000/powershell_credential_manager](https://github.com/davotronic5000/powershell_credential_manager) PowerShell Module to Read and Write Credentials from the Windows Credential Manager
- [**82**Star][1m] [Py] [david942j/defcon-2017-tools](https://github.com/david942j/defcon-2017-tools) DEFCON CTF 2017 Stuff of Shit by HITCON
- [**82**Star][5y] [C#] [david-risney/csp-fiddler-extension](https://github.com/david-risney/csp-fiddler-extension) Content Security Policy rule collector extension for Fiddler
- [**82**Star][4m] [Py] [danieluhricek/lisa](https://github.com/danieluhricek/lisa) Sandbox for automated Linux malware analysis.
- [**82**Star][1y] [C] [comaeio/livecloudkd](https://github.com/comaeio/livecloudkd) Hyper-V Research is trendy now
- [**82**Star][19d] [Py] [citellusorg/citellus](https://github.com/citellusorg/citellus) Automation Troubleshooting Framework to validate configuration and log files with bash, python, ruby and others
- [**82**Star][7y] [Py] [chrisjohnriley/random_code](https://github.com/chrisjohnriley/random_code) Random Code, POC Scripts and other things (Your Mileage May Vary)
- [**82**Star][22d] [C++] [cherrypill/system_info](https://github.com/cherrypill/system_info) Hardware information tool for Windows
- [**82**Star][4m] [C++] [changeofpace/mouclassinputinjection](https://github.com/changeofpace/mouclassinputinjection) MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
- [**82**Star][18d] [Py] [cdhowie/netflix-no-ipv6-dns-proxy](https://github.com/cdhowie/netflix-no-ipv6-dns-proxy) Fix for Netflix blocking various IPv6 tunnels by returning no results for AAAA queries of Netflix domains
- [**82**Star][16d] [Shell] [breadtk/onion_pi](https://github.com/breadtk/onion_pi) Make a Raspberry Pi into a Anonymizing Tor Proxy!
- [**82**Star][2y] [C#] [baibaomen/baibaomen.httphijacker](https://github.com/baibaomen/baibaomen.httphijacker) 一个通过网络包嗅探攻击HTTP协议，从而对其它电脑上用户的网站登录会话进行劫持的演示程序。教程参见链接：
- [**82**Star][4m] [Py] [ax330d/functions-plus](https://github.com/ax330d/functions-plus) IDA Pro plugin to show functions in a tree view
- [**82**Star][29d] [asuri-team/pwn-sandbox](https://github.com/asuri-team/pwn-sandbox) A sandbox to protect your pwn challenges being pwned in CTF AWD.
- [**82**Star][11d] [JS] [antoinevastel/fp-collect](https://github.com/antoinevastel/fp-collect) Fingerprinting script of Fingerprint-Scanner
- [**82**Star][2m] [Py] [anfractuosity/ultrasonicnetworking](https://github.com/anfractuosity/ultrasonicnetworking) Ultrasonic networking - Transmitting TCP/IP via Ultrasound
- [**82**Star][12d] [HTML] [android-x86/android-x86.github.io](https://github.com/android-x86/android-x86.github.io) Official Website for Android-x86 Project
- [**82**Star][5m] [C] [andreybazhan/symstore](https://github.com/andreybazhan/symstore) The history of Windows Internals via symbols.
- [**82**Star][2y] [java] [anbai-inc/cobaltstrike_hanization](https://github.com/anbai-inc/cobaltstrike_hanization) CobaltStrike 2.5中文汉化版
- [**82**Star][3y] [Py] [alyakhtar/katastrophe](https://github.com/alyakhtar/katastrophe) Command Line Tool to download torrents
- [**82**Star][5y] [Py] [allglorytothehypnotoad/black-hat-python](https://github.com/allglorytothehypnotoad/black-hat-python) black hat python
- [**82**Star][4m] [C#] [advancedhacker101/c-sharp-r.a.t-server](https://github.com/advancedhacker101/c-sharp-r.a.t-server) a remote administration tool built with c#
- [**82**Star][4y] [C] [abdsec/cve-2016-0801](https://github.com/abdsec/cve-2016-0801) 
- [**81**Star][11m] [Ruby] [arkanis/minidyndns](https://github.com/arkanis/minidyndns) A simple DynDNS server with an build in HTTP interface to update IPs
- [**81**Star][15d] [Perl] [ko-ichi-h/khcoder](https://github.com/ko-ichi-h/khcoder) KH Coder: for Quantitative Content Analysis or Text Mining
- [**81**Star][4m] [Java] [ohohcakester/any-angle-pathfinding](https://github.com/ohohcakester/any-angle-pathfinding) A collection of algorithms used for any-angle pathfinding with visualisations.
- [**81**Star][11d] [Py] [codingforentrepreneurs/web-scraping](https://github.com/codingforentrepreneurs/web-scraping) Learn how to leverage Python's amazing tools to scrape data from other websites. The end goal of this course is to scrape blogs to analyze trending keywords and phrases. We'll be using Python 3.6, Requests, BeautifulSoup, Asyncio, Pandas, Numpy, and more!
- [**81**Star][1m] [JS] [roccomuso/is-google](https://github.com/roccomuso/is-google) Verify that a request is from Google crawlers using Google's DNS verification steps
- [**81**Star][12d] [JS] [stoimen/algorithms](https://github.com/stoimen/algorithms) Port of
- [**81**Star][1m] [Go] [alash3al/scraply](https://github.com/alash3al/scraply) Scraply a simple dom scraper to fetch information from any html based website and convert that info to JSON APIs
- [**81**Star][3y] [C#] [chelh/vbasync](https://github.com/chelh/vbasync) Cross-platform tool to synchronize macros from an Office VBA-enabled file with a version-controlled folder
- [**81**Star][2m] [arves100/llvm-vs2017-integration](https://github.com/arves100/llvm-vs2017-integration) MSBuild 15.0 Toolset integration for multiple LLVM (From v5 to v8)
- [**81**Star][24d] [Ruby] [dbz/algorithms](https://github.com/dbz/algorithms) Data Structures & Algorithms. Includes solutions for Cracking the Coding Interview 6th Edition
- [**81**Star][14d] [Py] [kevinsss/csdn-spider](https://github.com/kevinsss/csdn-spider) 爬取CSDN上的博客文章
- [**81**Star][2m] [Shell] [mikegleasonjr/ansible-role-firewall](https://github.com/mikegleasonjr/ansible-role-firewall) A role to manage iptables rules which doesn't suck.
- [**81**Star][8d] [PHP] [kaex/insta-mass-account-creator](https://github.com/kaex/Insta-mass-account-creator) User Friendly - Instagram Auto Account Creation Bot
- [**81**Star][1m] [C++] [sepehrdaddev/hashcobra](https://github.com/sepehrdaddev/hashcobra) HashCobra Hash Cracking tool.
- [**81**Star][27d] [bkimminich/it-security-lecture](https://github.com/bkimminich/it-security-lecture) University lecture on "IT Security" as Open Educational Resources material
- [**81**Star][2m] [Py] [consensys/defi-score](https://github.com/consensys/defi-score) DeFi Score: An open framework for evaluating DeFi protocols
- [**81**Star][1m] [Ruby] [intrigueio/tapir](https://github.com/intrigueio/tapir) An easy-to-use and extensible framework for OSINT - REPLACED BY INTRIGUE-CORE
- [**81**Star][12d] [CSS] [thekingofduck/domain_screen](https://github.com/thekingofduck/domain_screen) 站点批量截图
- [**81**Star][8m] [Java] [googlecreativelab/tunnelvision](https://github.com/googlecreativelab/tunnelvision) Distort your surroundings through a collection of transformative filters
- [**81**Star][4y] [bastilleresearch/keysniffer](https://github.com/bastilleresearch/keysniffer) KeySniffer device discovery tools and public advisories
- [**81**Star][15d] [Java] [static-flow/burpsuite-team-extension](https://github.com/static-flow/burpsuite-team-extension) This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
- [**81**Star][17d] [Py] [momika233/clamav_0day_exploit](https://github.com/momika233/clamav_0day_exploit) ClamAV_0Day_exploit
- [**81**Star][30d] [C++] [helpsystems/agafi](https://github.com/helpsystems/Agafi) A gadget finder and a ROP-Chainer tool for x86 platforms
- [**81**Star][15d] [Py] [shmilylty/cheetah-gui](https://github.com/shmilylty/cheetah-gui) Cheetah GUI
- [**81**Star][21d] [Py] [zer1t0/ticket_converter](https://github.com/zer1t0/ticket_converter) A little tool to convert ccache tickets into kirbi (KRB-CRED) and vice versa based on impacket.
- [**81**Star][6y] [C++] [zer0mem/minihypervisorproject](https://github.com/zer0mem/minihypervisorproject) IntelVT-X nice feature -> tool
- [**81**Star][8m] [Py] [zcutlip/exploit-poc](https://github.com/zcutlip/exploit-poc) Proof-of-Concept code for exploits
- [**81**Star][2m] [C#] [zcgonvh/cve-2017-7269-tool](https://github.com/zcgonvh/cve-2017-7269-tool) CVE-2017-7269 to webshell or shellcode loader
- [**81**Star][7d] [Go] [xsec-lab/x-waf-admin](https://github.com/xsec-lab/x-waf-admin) x-waf的web管理后台
- [**81**Star][16d] [Py] [trolldbois/sslsnoop](https://github.com/trolldbois/sslsnoop) Live SSH/SSL/TLS decryption - extraction of secret keys from live process memory
- [**81**Star][2m] [Assembly] [thecodeartist/elf-parser](https://github.com/thecodeartist/elf-parser) Identifying/Extracting various sections of an ELF file
- [**81**Star][16d] [PHP] [subtlescope/bash-ransomware](https://github.com/subtlescope/bash-ransomware) Simple Bash Rasomware for use in Cyber Exercises
- [**81**Star][2m] [C#] [skelsec/pypykatz_agent_dn](https://github.com/skelsec/pypykatz_agent_dn) Pypykatz agent implemented in .NET
- [**81**Star][2y] [Py] [sh4rk0-666/spykeyboard](https://github.com/sh4rk0-666/spykeyboard) keylogger which sends us the data to our gmail.
- [**81**Star][4y] [PHP] [secwiki/webshell-2](https://github.com/secwiki/webshell-2) Webshell
- [**81**Star][3y] [Py] [se55i0n/portscanner](https://github.com/se55i0n/portscanner) 目标tcp端口快速扫描、banner识别、cdn检测
- [**81**Star][4m] [PHP] [s9mf/s9mf-php-webshell-bypass](https://github.com/s9mf/s9mf-php-webshell-bypass) 为方便WAF入库的项目 | 分享PHP免杀大马 | 菜是原罪 | 多姿势(假的就一个)
- [**81**Star][3m] [C++] [rjhansen/nsrllookup](https://github.com/rjhansen/nsrllookup) Checks with NSRL RDS servers looking for for hash matches
- [**81**Star][5m] [C] [riscure/rhme-2015](https://github.com/riscure/rhme-2015) RHme+ 2015 challenge
- [**81**Star][4y] [C++] [radiowar/firegoose](https://github.com/radiowar/firegoose) 中国烧鹅 FireGoose Just like USB Rubber Ducky
- [**81**Star][3m] [JS] [qgy18/proxy-demo](https://github.com/qgy18/proxy-demo) Node.js 实现两种 WEB 代理的演示程序。
- [**81**Star][3y] [Py] [pythonone/ms17-010](https://github.com/pythonone/ms17-010) MS17-010 exploits, payloads, and scanners
- [**81**Star][6m] [Py] [prezi/reddalert](https://github.com/prezi/reddalert) AWS risky security change detector based on EDDA.
- [**81**Star][11m] [PS] [powershell/psdscresources](https://github.com/powershell/psdscresources) 
- [**81**Star][4m] [ObjC] [poomsmart/idaobjctypes](https://github.com/poomsmart/idaobjctypes) A collection of types & functions definitions useful for Objective-C binaries analysis.
- [**81**Star][2y] [C#] [parsingteam/redlogin](https://github.com/parsingteam/redlogin) SSH Brute-force Tools
- [**81**Star][1m] [C] [open-power/skiboot](https://github.com/open-power/skiboot) OPAL boot and runtime firmware for POWER
- [**81**Star][10m] [Py] [oinume/tomahawk](https://github.com/oinume/tomahawk) A simple ssh wrapper to execute commands into many hosts.
- [**81**Star][1m] [PHP] [nixawk/fuzzdb](https://github.com/nixawk/fuzzdb) Web Fuzzing Discovery and Attack Pattern Database
- [**81**Star][2m] [Py] [netflix-skunkworks/aws-credential-compromise-detection](https://github.com/netflix-skunkworks/aws-credential-compromise-detection) Example detection of compromise credentials in AWS
- [**81**Star][1y] [misterch0c/crimeboards](https://github.com/misterch0c/crimeboards) A list of private and public (more or less) blackhat boards
- [**81**Star][16d] [Go] [matiasinsaurralde/transports](https://github.com/matiasinsaurralde/transports) A HTTP proxy that aims to support different transports.
- [**81**Star][4y] [Py] [lukasikic/hacoder.py](https://github.com/lukasikic/hacoder.py) FUD Backdoor Generator / Remote Administration Tool
- [**81**Star][4m] [JS] [leogx9r/discordcrypt](https://github.com/leogx9r/discordcrypt) End-To-End File & Message Encryption For Discord
- [**81**Star][4m] [Py] [julienpalard/ashttp](https://github.com/julienpalard/ashttp) Shell command, that expose any other command as http. To expose top as http, try : ashttp -p8080 top ; then try http://localhost/8080 and hit F5 to refresh your top :)
- [**81**Star][1m] [HTML] [jmortega/python-pentesting](https://github.com/jmortega/python-pentesting) python-pentesting-tool
- [**81**Star][4m] [HTML] [jenyraval/phishing-simulation](https://github.com/jenyraval/phishing-simulation) Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment
- [**81**Star][18d] [imp0wd3r/active-directory-pentest](https://github.com/imp0wd3r/active-directory-pentest) Windows域渗透学习笔记
- [**81**Star][2y] [iamhdt/ecommerce-website-security-checklist](https://github.com/iamhdt/ecommerce-website-security-checklist) List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
- [**81**Star][2m] [C] [gregvish/l1tf-poc](https://github.com/gregvish/l1tf-poc) L1TF (Foreshadow) VM guest to host memory read PoC
- [**81**Star][4m] [JS] [fasttime/jscrewit](https://github.com/fasttime/jscrewit) Write any JavaScript with six characters: ! ( ) + [ ]
- [**81**Star][2m] [fabiobaroni/awesome-chinese-infosec-websites](https://github.com/fabiobaroni/awesome-chinese-infosec-websites) A curated list of Chinese websites and personal blogs about ethical hacking and pentesting
- [**81**Star][17d] [C] [ez-flash/omega-kernel](https://github.com/ez-flash/omega-kernel) EZ-FLASH OMEGA Kernel
- [**81**Star][1y] [C#] [djhohnstein/.net-profiler-dll-hijack](https://github.com/djhohnstein/.net-profiler-dll-hijack) Implementation of the .NET Profiler DLL hijack in C#
- [**81**Star][4m] [C] [digimend/usbhid-dump](https://github.com/digimend/usbhid-dump) USB HID device dumping utility
- [**81**Star][1m] [C] [derrekr/android_security](https://github.com/derrekr/android_security) Public Android Vulnerability Information (CVE PoCs etc)
- [**81**Star][14d] [Py] [cymmetria/honeycomb](https://github.com/cymmetria/honeycomb) An extensible honeypot framework
- [**81**Star][4m] [HTML] [cyberheartmi9/payloadsallthethings](https://github.com/cyberheartmi9/payloadsallthethings) 
- [**81**Star][8m] [C] [cyberdefenseinstitute/cdir](https://github.com/cyberdefenseinstitute/cdir) CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
- [**81**Star][24d] [Java] [creactiviti/spring-boot-starter-acme](https://github.com/creactiviti/spring-boot-starter-acme) Generate SSL certs easily for Spring Boot apps
- [**81**Star][3y] [Py] [coffeehb/ocift](https://github.com/coffeehb/ocift) 一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)
- [**81**Star][11d] [Rust] [cambrian/accumulator](https://github.com/cambrian/accumulator) Cryptographic accumulators in Rust.
- [**81**Star][2m] [Java] [calaylin/bda](https://github.com/calaylin/bda) Programmer De-anonymization from Binary Executables
- [**81**Star][1y] [JS] [bkth/attacking-edge-through-the-javascript-compiler](https://github.com/bkth/attacking-edge-through-the-javascript-compiler) Attacking-Edge-Through-the-JavaScript-Compiler
- [**81**Star][1m] [TS] [auth0-blog/angular-auth0-aside](https://github.com/auth0-blog/angular-auth0-aside) Aside: Angular with Auth0 and an authenticated Node API.
- [**81**Star][1m] [Go] [audibleblink/letsproxy](https://github.com/audibleblink/letsproxy) Quickly fetch Let's Encrypt certs and serve a reverse proxy
- [**81**Star][4m] [PHP] [atmoner/nodecrypto](https://github.com/atmoner/nodecrypto) Ransomware written in NodeJs
- [**81**Star][4m] [C] [angelkitty/computer-virus](https://github.com/angelkitty/computer-virus) 
- [**81**Star][11d] [Shell] [andyt530/az2tf](https://github.com/andyt530/az2tf) See the new version here:
- [**81**Star][4m] [C] [adangert/spytag-wifi-game](https://github.com/adangert/spytag-wifi-game) WIFI hide and seek tag
- [**81**Star][4m] [C] [adafruit/adafruit_nrf52_bootloader](https://github.com/adafruit/adafruit_nrf52_bootloader) USB-enabled bootloaders for the nRF52 BLE SoC chips
- [**80**Star][4m] [Go] [victpork/sshsyrup](https://github.com/victpork/sshsyrup) A low-to-medium interaction SSH Honeypot with features to capture terminal activity and upload to asciinema.org
- [**80**Star][14d] [Py] [rcx/shellcode_encoder](https://github.com/rcx/shellcode_encoder) x64 printable shellcode encoder
- [**80**Star][17d] [HCL] [pumasecurity/serverless-prey](https://github.com/pumasecurity/serverless-prey) Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions
- [**80**Star][2y] [C] [alexdenisov/segment_dumper](https://github.com/alexdenisov/segment_dumper) Simple example of a Mach-O parser
- [**80**Star][25d] [Go] [nacmartin/gop2p](https://github.com/nacmartin/gop2p) simple p2p project to learn go
- [**80**Star][4m] [PHP] [rajkumardusad/ip-tracer](https://github.com/rajkumardusad/ip-tracer) Track any ip address with IP-Tracer. IP-Tracer is developed for linux and android terminal like Termux and GNURoot Debian. you can retrieve any ip address information using IP-Tracer.
- [**80**Star][28d] [Py] [virustotal/vt-ida-plugin](https://github.com/virustotal/vt-ida-plugin) Official VirusTotal plugin for IDA Pro
- [**80**Star][28d] [JS] [patrickschur/pappet](https://github.com/patrickschur/pappet) A command-line tool to crawl websites using puppeteer.
- [**80**Star][21d] [Py] [mahdisadjadi/arxivscraper](https://github.com/mahdisadjadi/arxivscraper) A python module to scrape arxiv.org for specific date range and categories
- [**80**Star][19d] [Go] [yangxikun/gsproxy](https://github.com/yangxikun/gsproxy) golang simple proxy
- [**80**Star][5m] [JS] [poshaughnessy/web-bluetooth-parrot-drone](https://github.com/poshaughnessy/web-bluetooth-parrot-drone) Control a Parrot Mini Drone from your web browser using Web Bluetooth
- [**80**Star][2m] [JS] [dchest/blake2s-js](https://github.com/dchest/blake2s-js) BLAKE2s cryptographic hash function in JavaScript
- [**80**Star][4m] [C++] [klausahrenberg/wthermostatbeca](https://github.com/klausahrenberg/wthermostatbeca) Replaces original Tuya firmware on Beca thermostat with ESP8266 wifi module
- [**80**Star][2m] [Shell] [iaik/ios-analysis](https://github.com/iaik/ios-analysis) Automated Binary Analysis on iOS
- [**80**Star][12d] [Rust] [io12/pwninit](https://github.com/io12/pwninit) pwninit - automate starting binary exploit challenges
- [**80**Star][13d] [scriptingxss/embedos](https://github.com/scriptingxss/embedos) EmbedOS - Embedded security testing virtual machine
- [**80**Star][2y] [JS] [vmikhav/antipacman](https://github.com/vmikhav/AntiPacMan) HTML5 Pac-Man game with gesture recognition
- [**80**Star][16d] [Go] [ying32/rproxy](https://github.com/ying32/rproxy) 简单的反向代理用于内网穿透，支持HTTP/HTTPS转发
- [**80**Star][1m] [Py] [xyzz/rop-rpc](https://github.com/xyzz/rop-rpc) 
- [**80**Star][4y] [Py] [xyntax/bingc](https://github.com/xyntax/bingc) 基于Bing搜索引擎的C段/旁站查询，多线程，支持API
- [**80**Star][12d] [xinali/articles](https://github.com/xinali/articles) Personal Blog/主记录漏洞挖掘相关研究
- [**80**Star][6m] [Py] [xfreed0m/smtptester](https://github.com/xfreed0m/smtptester) small python3 tool to check common vulnerabilities in SMTP servers
- [**80**Star][30d] [C++] [x64dbg/snowman](https://github.com/x64dbg/snowman) Snowman Decompiler for x64dbg (LOOKING FOR MAINTAINER)
- [**80**Star][1m] [Assembly] [vergl4s/pentesting-dump](https://github.com/vergl4s/pentesting-dump) Scripts, tools, and proof-of-concepts to aid in a penetration test.
- [**80**Star][3y] [Py] [va5c0/steghide-brute-force-tool](https://github.com/va5c0/steghide-brute-force-tool) Execute a brute force attack with Steghide to file with hide information and password established
- [**80**Star][5m] [Py] [udayraj123/omrchecker](https://github.com/udayraj123/omrchecker) Grade exams fast and accurately using a scanner
- [**80**Star][2y] [Go] [tleyden/keynuker](https://github.com/tleyden/keynuker) 
- [**80**Star][29d] [tianjifou/ios-security-attack-and-prevent](https://github.com/tianjifou/ios-security-attack-and-prevent) iOS安全攻与防,详细的列出了，在iOS开发中，项目会存在的安全漏洞以及解决办法。
- [**80**Star][4m] [Py] [tenable/tenable.io-sdk-for-python](https://github.com/tenable/tenable.io-sdk-for-python) Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
- [**80**Star][4m] [Py] [sup3ria/atlantr](https://github.com/sup3ria/atlantr) Fastes Email:Pass Checker on the planet.
- [**80**Star][2m] [Py] [str4d/zcash-pow](https://github.com/str4d/zcash-pow) The proof-of-work algorithm for Zcash
- [**80**Star][5m] [Py] [shengqi158/svn_git_scanner](https://github.com/shengqi158/svn_git_scanner) 用于扫描git，svn泄露
- [**80**Star][9m] [sbousseaden/panache_sysmon](https://github.com/sbousseaden/panache_sysmon) A Sysmon Config for APTs Techniques Detection
- [**80**Star][9m] [PHP] [rizer0/blind-bash](https://github.com/rizer0/blind-bash) Obfuscate your Bash Code
- [**80**Star][27d] [JS] [retirejs/grunt-retire](https://github.com/retirejs/grunt-retire) Grunt plugin for retire.
- [**80**Star][3y] [Py] [ratty3697/hackspy-trojan-exploit](https://github.com/ratty3697/hackspy-trojan-exploit) This tool creates almost undetectabe trojan virus to exploit windows machine.
- [**80**Star][2y] [Py] [pyn3rd/cve-2018-2893](https://github.com/pyn3rd/cve-2018-2893) CVE-2018-2893-PoC
- [**80**Star][6m] [Py] [programa-stic/security-advisories](https://github.com/programa-stic/security-advisories) A database of published security advisories reported by the Programa STIC Team at Fundación Sadosky
- [**80**Star][4m] [PS] [dsccommunity/xhyper-v](https://github.com/dsccommunity/xHyper-V) This module contains DSC resources for deployment and configuration of Microsoft Hyper-V.
- [**80**Star][13d] [JS] [polaris64/web_exploit_detector](https://github.com/polaris64/web_exploit_detector) The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
- [**80**Star][12d] [Py] [phackt/pentest](https://github.com/phackt/pentest) Custom tools and projects about security
- [**80**Star][3y] [Py] [mozilla/http-observatory-cli](https://github.com/mozilla/http-observatory-cli) The command line tool for the HTTP Observatory
- [**80**Star][4m] [Go] [victpork/sshsyrup](https://github.com/victpork/sshsyrup) A low-to-medium interaction SSH Honeypot with features to capture terminal activity and upload to asciinema.org
- [**80**Star][11m] [JS] [microsoft/adfswebcustomization](https://github.com/microsoft/adfswebcustomization) A repository of useful Web Customizations for Active Directory Federation Services
- [**80**Star][13d] [Py] [mgeide/poortego](https://github.com/mgeide/poortego) Open-source python project to handle the storage and linking of open-source intelligence (ala Maltego)
- [**80**Star][11d] [Java] [matthewvita/spring-boot-private-chat](https://github.com/matthewvita/spring-boot-private-chat) 1-1 instant messaging project designed to demonstrate WebSockets in a load-balanced environment.
- [**80**Star][3y] [HTML] [malqr/malqr.github.io](https://github.com/malqr/malqr.github.io) MalQR is a collection of malicious QR Codes and Barcodes you can use to test the security of your scanners.
- [**80**Star][17d] [Ruby] [logstash-plugins/logstash-filter-grok](https://github.com/logstash-plugins/logstash-filter-grok) Grok plugin to parse unstructured (log) data into something structured.
- [**80**Star][3y] [C] [lflare/picoctf_2017_writeup](https://github.com/lflare/picoctf_2017_writeup) PicoCTF 2017 Writeup
- [**80**Star][9m] [C++] [legitbs/quals-2017](https://github.com/legitbs/quals-2017) 
- [**80**Star][2y] [Py] [lcatro/cve-2017-7269-echo-poc](https://github.com/lcatro/cve-2017-7269-echo-poc) CVE-2017-7269 回显PoC ,用于远程漏洞检测..
- [**80**Star][2y] [Java] [kepeng1019/smartpaperscan](https://github.com/kepeng1019/smartpaperscan) this is an android project write in kotlin which detect paper or rectangle by opencv, you can take a picture and crop it
- [**80**Star][22d] [JS] [jshttp/proxy-addr](https://github.com/jshttp/proxy-addr) Determine address of proxied request
- [**80**Star][4m] [JS] [jacobreynolds/ssrfdetector](https://github.com/jacobreynolds/ssrfdetector) Server-side request forgery detector
- [**80**Star][6m] [Py] [inquest/python-sandboxapi](https://github.com/inquest/python-sandboxapi) Minimal, consistent Python API for building integrations with malware sandboxes.
- [**80**Star][3y] [Py] [hatriot/shellme](https://github.com/hatriot/shellme) simple shellcode generator
- [**80**Star][12d] [Py] [hak5darren/bashbunny-payloads](https://github.com/hak5darren/bashbunny-payloads) Payloads for the Hak5 Bash Bunny
- [**80**Star][12d] [Py] [greenbone/gvm-tools](https://github.com/greenbone/gvm-tools) Remote control your Greenbone Vulnerability Manager (GVM)
- [**80**Star][11m] [ObjC] [google/gscxscanner](https://github.com/google/gscxscanner) iOS Accessibility Scanner
- [**80**Star][1m] [C] [gdbinit/mach_race](https://github.com/gdbinit/mach_race) Exploit code for CVE-2016-1757
- [**80**Star][2y] [Ruby] [frohoff/ciphr](https://github.com/frohoff/ciphr) CLI crypto swiss-army knife for performing and composing encoding, decoding, encryption, decryption, hashing, and other various cryptographic operations on streams of data from the command line; mostly intended for ad hoc, infosec-related uses.
- [**80**Star][4m] [Py] [ekultek/xanxss](https://github.com/ekultek/xanxss) A simple XSS finding tool
- [**80**Star][14d] [Py] [rcx/shellcode_encoder](https://github.com/rcx/shellcode_encoder) x64 printable shellcode encoder
- [**80**Star][13d] [Py] [dr0op/bufferfly](https://github.com/dr0op/bufferfly) 攻防演习/渗透测试资产处理小工具，对攻防演习/渗透测试前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测等。
- [**80**Star][2m] [TS] [dormd/rich-logger-decorator](https://github.com/dormd/rich-logger-decorator) Rich Logger Typescript Decorator for Easy Coding & Debugging
- [**80**Star][17d] [Py] [dgunter/evtxtoelk](https://github.com/dgunter/evtxtoelk) A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
- [**80**Star][1m] [C] [devnoname120/vitabright](https://github.com/devnoname120/vitabright) Experimental minimum brightness lowering plugin
- [**80**Star][4m] [JS] [de1ta-team/de1ctf2019](https://github.com/de1ta-team/de1ctf2019) De1CTF2019
- [**80**Star][4y] [Py] [davidkorczynski/repeconstruct](https://github.com/davidkorczynski/repeconstruct)  automatically unpacking binaries and rebuild the binaries in a manner well-suited for further analysis, specially focused on further manual analysis in IDA pro.
- [**80**Star][3m] [C] [danielkrupinski/vac](https://github.com/danielkrupinski/vac) Source code of Valve Anti-Cheat obtained from disassembly of compiled modules
- [**80**Star][3y] [Py] [dancezarp/tbdex](https://github.com/dancezarp/tbdex) 
- [**80**Star][5m] [C++] [daizhongyin/securitysdk](https://github.com/daizhongyin/securitysdk) Android安全SDK，提供基础的安全防护能力，如安全webview、IPC安全通信、应用和插件安全更新、威胁情报搜集等等
- [**80**Star][4m] [C#] [certsocietegenerale/notifysecurity](https://github.com/certsocietegenerale/notifysecurity) Outlook add-in companion to report suspicious mail easily
- [**80**Star][5m] [C++] [cbayet/poolsprayer](https://github.com/cbayet/poolsprayer) Simple library to spray the Windows Kernel Pool
- [**80**Star][2m] [Py] [asherags/amzsear](https://github.com/asherags/amzsear) The unofficial Amazon search CLI & Python API
- [**80**Star][4m] [Batchfile] [aghorler/windows-10-hardening](https://github.com/aghorler/windows-10-hardening) An admittedly frivolous (and infrequently updated) attempt to harden Windows 10.
- [**80**Star][4m] [C] [adafruit/adafruit_blesniffer_python](https://github.com/adafruit/adafruit_blesniffer_python) Python API for Adafruit's Bluefruit LE Sniffer
- [**79**Star][2m] [JS] [tomeshnet/p2p-internet-workshop](https://github.com/tomeshnet/p2p-internet-workshop) Building the Peer-to-Peer Internet workshop series
- [**79**Star][1y] [C] [anhtvc/openvpn-ios](https://github.com/anhtvc/openvpn-ios) Build OpenVPN source for IOS
- [**79**Star][4m] [PHP] [warifp/facebooktoolkit](https://github.com/warifp/facebooktoolkit) a tool to get Facebook data, and some Facebook bots, and extra tools found on Facebook Toolkit ++.
- [**79**Star][14d] [Py] [yechez/wow-fish-bot](https://github.com/yechez/wow-fish-bot) World of Warcraft ( WoW ) Fish BOT. Python. Simple. For me.
- [**79**Star][6m] [PHP] [gumslone/gumcp](https://github.com/gumslone/gumcp) Web Control Panel for Raspberry Pi
- [**79**Star][5m] [Py] [ken-ljq/zhihuspider](https://github.com/ken-ljq/zhihuspider) 知乎用户公开个人信息爬虫, 能够爬取用户关注关系，基于Python、使用代理、多线程
- [**79**Star][19d] [Rust] [airtrack/stunnel](https://github.com/airtrack/stunnel) Simple SOCKS5 tunnel
- [**79**Star][7d] [Py] [mryuan0428/house-price-prediction](https://github.com/mryuan0428/house-price-prediction) 房价预测完整项目：1.爬取链家网数据 2.处理后，用sklearn中几个逻辑回归机器学习模型和keras神经网络搭建模型预测房价 最终结果神经网络效果更好，R^2值0.75左右
- [**79**Star][1m] [Java] [kshoji/ble-midi-for-android](https://github.com/kshoji/ble-midi-for-android) MIDI over Bluetooth LE driver for Android 4.3 or later
- [**79**Star][22d] [Jupyter Notebook] [pinto0309/keras-oneclassanomalydetection](https://github.com/pinto0309/keras-oneclassanomalydetection) [5 FPS - 150 FPS] Learning Deep Features for One-Class Classification (AnomalyDetection). Corresponds RaspberryPi3. Convert to Tensorflow, ONNX, Caffe, PyTorch. Implementation by Python + OpenVINO/Tensorflow Lite.
- [**79**Star][3m] [Kotlin] [tomoima525/debot](https://github.com/tomoima525/debot) A simple Android library to create Debugging menu
- [**79**Star][1m] [Java] [kongqw/androidwifimanager](https://github.com/kongqw/androidwifimanager) Android WiFi Manager
- [**79**Star][8d] [Py] [bao7uo/rau_crypto](https://github.com/bao7uo/rau_crypto) Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)
- [**79**Star][25d] [Py] [openscap/openscap-daemon](https://github.com/openscap/openscap-daemon) Manages continuous scans of your infrastructure
- [**79**Star][2m] [C] [iaik/cache_template_attacks](https://github.com/iaik/cache_template_attacks) This repository contains several tools to perform Cache Template Attacks
- [**79**Star][1m] [Go] [rancher/remotedialer](https://github.com/rancher/remotedialer) HTTP in TCP in Websockets in HTTP in TCP, Tunnel all the things!
- [**79**Star][13d] [opentoallctf/tips](https://github.com/opentoallctf/tips) 
- [**79**Star][12d] [Pascal] [delphilite/delphihookutils](https://github.com/delphilite/delphihookutils) Delphi Hooking Library by Lsuper
- [**79**Star][2m] [C++] [fsecurelabs/cve-2016-7255](https://github.com/FSecureLABS/CVE-2016-7255) An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit
- [**79**Star][4m] [thehive-project/cortexdocs](https://github.com/TheHive-Project/CortexDocs) Documentation of Cortex
- [**79**Star][3m] [Py] [q2h1cg/xss_scan](https://github.com/Q2h1Cg/xss_scan) XSS Scan
- [**79**Star][2m] [Py] [lazorfuzz/python-hacklib](https://github.com/lazorfuzz/python-hacklib) hacklib - pentesting, port scanning, and logging in anywhere with Python
- [**79**Star][2y] [HTML] [tc39/proposal-regexp-dotall-flag](https://github.com/tc39/proposal-regexp-dotall-flag) Proposal to add the `s` (`dotAll`) flag to regular expressions in ECMAScript.
- [**79**Star][23d] [Py] [nickw444/home](https://github.com/nickw444/home) Monorepo for all home automation related development, including integrated firmware, PCBs, configuration, and bridges
- [**79**Star][4m] [Batchfile] [phoenix1747/fake-sandbox](https://github.com/Phoenix1747/fake-sandbox) 
- [**79**Star][13d] [b-mueller/awesome-mythx-smart-contract-security-tools](https://github.com/b-mueller/awesome-mythx-smart-contract-security-tools) A curated list of resources and tools for the MythX smart contract security API
- [**79**Star][4m] [Py] [zenix-blurryface/sneakyexe](https://github.com/zenix-blurryface/sneakyexe) Embedding a "UAC-Bypassing" function into your custom payload
- [**79**Star][2y] [C] [yifanlu/uvloader](https://github.com/yifanlu/uvloader) Userland Vita Loader for loading unsigned executables on your Vita
- [**79**Star][4m] [Go] [yashpl/mongobuster](https://github.com/yashpl/mongobuster) Hunt Open MongoDB instances
- [**79**Star][9d] [wazuh/wazuh-ansible](https://github.com/wazuh/wazuh-ansible) Wazuh - Ansible playbook
- [**79**Star][5m] [C#] [vahidn/process-proxifier](https://github.com/vahidn/process-proxifier) Using FiddlerCore to add proxy settings to the Windows applications
- [**79**Star][5y] [Visual Basic .NET] [twi1ight/ad-pentest-script](https://github.com/twi1ight/ad-pentest-script) Active Directory pentest scripts
- [**79**Star][13d] [Rust] [trailofbits/siderophile](https://github.com/trailofbits/siderophile) Find the ideal fuzz targets in a Rust codebase
- [**79**Star][30d] [C++] [torps/torps](https://github.com/torps/torps) The Tor Path Simulator
- [**79**Star][20d] [Py] [timbo05sec/autocrack](https://github.com/timbo05sec/autocrack) Hashcat wrapper to help automate the cracking process
- [**79**Star][1m] [JS] [thetoxproject/client](https://github.com/thetoxproject/client) The Universal Tox client. Platform-agnostic Tox client with user-friendlyness in mind!
- [**79**Star][16d] [Shell] [thelinuxchoice/getwin](https://github.com/thelinuxchoice/getwin) FUD Win32 payload generator and listener
- [**79**Star][5m] [HTML] [szimeus/evalyzer](https://github.com/szimeus/evalyzer) Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection
- [**79**Star][3y] [C] [stevemk14ebr/unihook](https://github.com/stevemk14ebr/unihook) Intercept arbitrary functions at run-time, without knowing their typedefs
- [**79**Star][4m] [Py] [shashank-in/travisleaks](https://github.com/shashank-in/travisleaks) A tool to find sensitive keys and passwords in Travis logs
- [**79**Star][2m] [ActionScript] [sethsec/crossdomain-exploitation-framework](https://github.com/sethsec/crossdomain-exploitation-framework) Everything you need to exploit overly permissive crossdomain.xml files
- [**79**Star][2y] [Py] [sawzeeyy/sanitiz3r](https://github.com/sawzeeyy/sanitiz3r) A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status
- [**79**Star][1m] [Py] [rub-syssec/grimoire](https://github.com/rub-syssec/grimoire) 
- [**79**Star][27d] [Go] [rickgray/vscan-go](https://github.com/rickgray/vscan-go) golang version for nmap service and application version detection (without nmap installation)
- [**79**Star][2y] [ObjC] [ret2/p2o_2018](https://github.com/ret2/p2o_2018) 
- [**79**Star][10d] [radareorg/cutter-plugins](https://github.com/radareorg/cutter-plugins) A curated list of Community Plugins and Scripts written for Cutter
- [**79**Star][4y] [Py] [qtek/qradio](https://github.com/qtek/qradio) QRadio ~ Best Threat Intelligence Radio ~ Tune In!
- [**79**Star][12d] [C] [pythonmaster41/go-for-oscp](https://github.com/pythonmaster41/go-for-oscp) a couple of things that I think helped me preparing OSCP
- [**79**Star][23d] [PS] [pwdrkeg/honeyport](https://github.com/pwdrkeg/honeyport) A powershell script for creating a Windows honeyport.
- [**79**Star][2m] [Py] [pinkflawd/r2graphity](https://github.com/pinkflawd/r2graphity) Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators
- [**79**Star][11d] [C] [pimoroni/keybow-firmware](https://github.com/pimoroni/keybow-firmware) Keybow Firmware for the Raspberry Pi Zero
- [**79**Star][1m] [Rust] [phayes/sidefuzz](https://github.com/phayes/sidefuzz) Fuzzer to automatically find side-channel (timing) vulnerabilities
- [**79**Star][7m] [C] [peterfillmore/removepie](https://github.com/peterfillmore/removepie) changes the MH_PIE flag of the MACH-O header on iOS applications to disable ASLR on applications
- [**79**Star][6y] [Py] [owasp/ninja-pingu](https://github.com/owasp/ninja-pingu) a free open-source high performance network scanner tool for large scale analyses
- [**79**Star][6m] [Makefile] [onioniot/openwrt-packages](https://github.com/onioniot/openwrt-packages) Onion Packages Feed for OpenWRT
- [**79**Star][2m] [PHP] [nmalcolm/ipcamshell](https://github.com/nmalcolm/ipcamshell) IP Cam Shell is a command line script for testing and exploiting a wide range of IP cameras as demonstrated by Craig Heffner in "Exploiting Surveillance Cameras Like a Hollywood Hacker". See the slides here:
- [**79**Star][2y] [nhoya/pastebinmarkdownxss](https://github.com/nhoya/pastebinmarkdownxss) XSS in pastebin.com and reddit.com via unsanitized markdown output
- [**79**Star][2m] [Shell] [neohapsis/suddensix](https://github.com/neohapsis/suddensix) IPV6 MITM attack tool
- [**79**Star][2m] [nanqinlang-mogic/v2ray](https://github.com/nanqinlang-mogic/v2ray) template with websocket+tls+nginx of v2ray
- [**79**Star][8d] [C] [miguelangel-nubla/videop2proxy](https://github.com/miguelangel-nubla/videop2proxy) Proxy to enable P2P only cameras to work with standard protocols.
- [**79**Star][23d] [C] [makefu/dnsmap](https://github.com/makefu/dnsmap) fork of
- [**79**Star][7y] [Zeek] [liamrandall/bromalware-exercise](https://github.com/liamrandall/bromalware-exercise) 
- [**79**Star][4m] [Py] [keybase/python-triplesec](https://github.com/keybase/python-triplesec) A Python port of the triplesec library.
- [**79**Star][3y] [C++] [jeffbryner/nbdserver](https://github.com/jeffbryner/nbdserver) Network Block Device Server for windows with a DFIR/forensic focus.
- [**79**Star][2m] [Java] [incredibleindishell/exploit-code-by-me](https://github.com/incredibleindishell/exploit-code-by-me) Exploit code developed/reproduced by me
- [**79**Star][12d] [hugsy/gdb-static](https://github.com/hugsy/gdb-static) Public repository of static GDB and GDBServer
- [**79**Star][22d] [Zeek] [hosom/file-extraction](https://github.com/hosom/file-extraction) Extract files from network traffic with Bro.
- [**79**Star][3y] [Objective-C++] [hexploitable/memscan](https://github.com/hexploitable/memscan) A memory scanning tool which uses mach_vm* to either dump memory or look for a specific sequence of bytes.
- [**79**Star][4y] [PS] [harmj0y/misc-powershell](https://github.com/harmj0y/misc-powershell) Misc. PowerShell scripts
- [**79**Star][2m] [hardhatdigital/rails-security-audit](https://github.com/hardhatdigital/rails-security-audit) A checklist of Rails security audit
- [**79**Star][4m] [Py] [hameda2/zydra](https://github.com/hameda2/zydra) 
- [**79**Star][11d] [Py] [ha3mrx/facebook-cracker](https://github.com/ha3mrx/facebook-cracker) Facebook Cracker Version 1.0 can crack into Facebook Database 100% without Interruption By Facebook Firewall
- [**79**Star][3y] [glinares/hephaestus](https://github.com/glinares/hephaestus) Open Source Office Malware Generation & Polymorphic Engine for Red Teams and QA testing
- [**79**Star][2m] [edelahozuah/awesome-wifi-security](https://github.com/edelahozuah/awesome-wifi-security) A collection of awesome resources related to 802.11 security, tools and other things
- [**79**Star][1y] [Py] [dylanmc/cryptobook](https://github.com/dylanmc/cryptobook) Learning Cryptography, math and programming with Cryptol (and maybe some Python)
- [**79**Star][22d] [Py] [dobin/ffw](https://github.com/dobin/ffw) A fuzzing framework for network servers
- [**79**Star][3m] [C] [dinotools/sslscan](https://github.com/dinotools/sslscan) SSLScan tests SSL/TLS enabled services to discover supported cipher suites
- [**79**Star][11d] [ObjC] [derekselander/mobdevim](https://github.com/derekselander/mobdevim) Command line utility that interacts with plugged in iOS devices. Uses Apple's MobileDevice framework
- [**79**Star][2y] [Go] [derekchiang/mesos-bitcoin-miner](https://github.com/derekchiang/mesos-bitcoin-miner) A bitcoin mining framework on Mesos
- [**79**Star][16d] [Shell] [dbezemer/rpm-haproxy](https://github.com/dbezemer/rpm-haproxy) HAproxy RPM spec and builds for CentOS 6/7
- [**79**Star][20d] [JS] [cveproject/automation-working-group](https://github.com/cveproject/automation-working-group) CVE Automation Working Group
- [**79**Star][12m] [Py] [cve-search/via4cve](https://github.com/cve-search/via4cve) Vulnerability Information Aggregator for CVEs
- [**79**Star][3m] [C#] [csmacnz/coveralls.net](https://github.com/csmacnz/coveralls.net) Coveralls uploader for .Net Code coverage
- [**79**Star][1m] [C++] [cseagle/collabreate](https://github.com/cseagle/collabreate) IDA Pro Collaboration/Synchronization Plugin
- [**79**Star][10m] [Py] [corelan/dnshjmon](https://github.com/corelan/dnshjmon) dnshjmon is a free tool to monitor public DNS records and report hijacks
- [**79**Star][4y] [PHP] [coderpirata/xpl-search](https://github.com/coderpirata/xpl-search) Search exploits in multiple exploit databases!
- [**79**Star][4m] [Py] [cea-sec/torpylle](https://github.com/cea-sec/torpylle) A Python / Scapy implementation of the OR (TOR) protocol.
- [**79**Star][2y] [Py] [blacknbunny/shellcode2assembly](https://github.com/blacknbunny/shellcode2assembly) 
- [**79**Star][19d] [Py] [blackarch/sploitctl](https://github.com/blackarch/sploitctl) Fetch, install and search exploit archives from exploit sites.
- [**79**Star][5m] [C] [apriorit/mhook](https://github.com/apriorit/mhook) A Windows API hooking library
- [**79**Star][8m] [JS] [anvilresearch/webcrypto](https://github.com/anvilresearch/webcrypto) W3C Web Cryptography API for Node.js
- [**79**Star][4m] [Shell] [ank1036official/git_pentesting_toolkit](https://github.com/ank1036official/git_pentesting_toolkit) Exploit pack for pentesters and ethical hackers.
- [**79**Star][2y] [C] [alpha1ab/win2016lpe](https://github.com/alpha1ab/win2016lpe) Windows10 & Windows Server 2016 LPE Exploit (use schedsvc!SchRpcSetSecurity())
- [**79**Star][6m] [Swift] [aidevjoe/sandboxbrowser](https://github.com/aidevjoe/sandboxbrowser) A simple iOS sandbox file browser, you can share files through AirDrop
- [**79**Star][8m] [C] [ahmadmansoor/advancedscript](https://github.com/ahmadmansoor/advancedscript) Add More Features for x64dbg Script System,with some Functions which will help Plugin Coder
- [**79**Star][24d] [Go] [0xrawsec/golang-evtx](https://github.com/0xrawsec/golang-evtx) a parsing library for Windows EVTX log files.
- [**79**Star][1m] [C#] [0xbadjuju/rundotnetdll32](https://github.com/0xbadjuju/rundotnetdll32) A tool to run .Net DLLs from the command line
- [**78**Star][2m] [Py] [zeropointdynamics/zelos](https://github.com/zeropointdynamics/zelos) A comprehensive binary emulation and instrumentation platform.
- [**78**Star][3m] [Py] [voulnet/desharialize](https://github.com/voulnet/desharialize) Easy mode to Exploit CVE-2019-0604 (Sharepoint XML Deserialization Unauthenticated RCE) 
- [**78**Star][20d] [Go] [rnbguy/figo](https://github.com/rnbguy/figo) P2P file transfer utility
- [**78**Star][20d] [Java] [biezhi/telegram-bot-api](https://github.com/biezhi/telegram-bot-api)  Telegram 的机器人库
- [**78**Star][27d] [Py] [iofu728/spider](https://github.com/iofu728/spider) 
- [**78**Star][13d] [Py] [fillll/reddit2telegram](https://github.com/fillll/reddit2telegram) Bot to supply telegram channel with hot reddit submissions
- [**78**Star][10d] [C] [justcallmekoko/esp32marauder](https://github.com/justcallmekoko/esp32marauder) A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32
- [**78**Star][3m] [kccat/drop-isp-tcp-hijacking](https://github.com/kccat/drop-isp-tcp-hijacking) 过滤运营商的劫持包
- [**78**Star][8d] [Shell] [evilfreelancer/docker-routeros](https://github.com/evilfreelancer/docker-routeros) Mikrotik RouterOS inside Docker container
- [**78**Star][5m] [Java] [0nise/shell-plus](https://github.com/0nise/shell-plus) 
- [**78**Star][5m] [JS] [qious/ss-panel-server](https://github.com/qious/ss-panel-server) 基于企业微信的科学上网分享站点 - 后端
- [**78**Star][20d] [Java] [sukaralin/cve-2019-2890](https://github.com/sukaralin/cve-2019-2890) 
- [**78**Star][2m] [Py] [galkan/tools](https://github.com/galkan/tools) Tools that are related to pentest and network security
- [**78**Star][1m] [Py] [programa-stic/hexag00n](https://github.com/programa-stic/hexag00n) A collection of reverse engineering tools for the Qualcomm Digital Signal Proccesor (QDSP6)
- [**78**Star][3m] [Vue] [pengchujin/subscribevue](https://github.com/pengchujin/subscribevue) ss ssr v2ray 订阅管理 vue前端界面
- [**78**Star][13d] [rarecoil/pantagrule](https://github.com/rarecoil/pantagrule) hashcat rules generated from over 840 million compromised passwords
- [**78**Star][4m] [JS] [piyush97/algorithms-hacktoberfest](https://github.com/piyush97/algorithms-hacktoberfest) Write Algorithm in any language and contribute to HacktoberFest
- [**78**Star][5y] [Py] [cylance/smbtrap](https://github.com/cylance/SMBTrap) Tools developed to test the Redirect to SMB issue
- [**78**Star][20d] [C] [enjoy-digital/pcie_screamer](https://github.com/enjoy-digital/pcie_screamer) PCIe Screamer - TLPs experiments...
- [**78**Star][9y] [Py] [ts-way/gerix-wifi-cracker](https://github.com/ts-way/gerix-wifi-cracker) A graphical user interface for aircrack-ng and pyrit.
- [**78**Star][10d] [Py] [jpylypiw/easywall](https://github.com/jpylypiw/easywall) Software for simple control of Linux firewalls via configuration files written in Python.
- [**78**Star][15d] [CSS] [yingshang/banruo](https://github.com/yingshang/banruo) 
- [**78**Star][14d] [Py] [x0rz/tweetentropy](https://github.com/x0rz/tweetentropy) Twitter as an extra entropy source
- [**78**Star][12d] [Go] [wendigo/chrome-protocol-proxy](https://github.com/wendigo/chrome-protocol-proxy) Chrome DevTools Protocol Proxy - intelligent proxy for debugging purposes
- [**78**Star][4m] [Py] [thombashi/allpairspy](https://github.com/thombashi/allpairspy) A python library for test combinations generator. The generator allows one to create a set of tests using "pairwise combinations" method, reducing a number of combinations of variables into a lesser set that covers most situations.
- [**78**Star][2m] [Py] [the-c0d3r/admin-finder](https://github.com/the-c0d3r/admin-finder) Blazing fast admin panel finder with multi-threading
- [**78**Star][2y] [Py] [stasinopoulos/jaidam](https://github.com/stasinopoulos/jaidam) Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan.
- [**78**Star][2y] [Py] [softsec-kaist/imf](https://github.com/softsec-kaist/imf) Inferred Model-based Fuzzer
- [**78**Star][12d] [C++] [ronangaillard/logitech-mouse](https://github.com/ronangaillard/logitech-mouse) Use an arduino as a logitech wireless
- [**78**Star][8m] [C#] [realalexandergeorgiev/tempracer](https://github.com/realalexandergeorgiev/tempracer) A Windows priviledge escalation tool (abusing race conditions)
- [**78**Star][2m] [JS] [purplei2p/i2pdbrowser](https://github.com/purplei2p/i2pdbrowser) i2pd browser bundle
- [**78**Star][8m] [JS] [pownjs/pown-whoarethey](https://github.com/pownjs/pown-whoarethey) 
- [**78**Star][2y] [Py] [pielco11/dot](https://github.com/pielco11/dot) Darknet OSINT Transform
- [**78**Star][5m] [Py] [pfalcon/scratchablock](https://github.com/pfalcon/scratchablock) Yet another crippled decompiler project
- [**78**Star][18d] [Perl] [pepelux/sippts](https://github.com/pepelux/sippts) Set of tools to audit SIP based VoIP Systems
- [**78**Star][11d] [Shell] [orjail/orjail](https://github.com/orjail/orjail) a more secure way to force programs to exclusively use tor network
- [**78**Star][3m] [Shell] [opsxcq/exploit-cve-2014-6271](https://github.com/opsxcq/exploit-cve-2014-6271) Shellshock exploit + vulnerable environment
- [**78**Star][3m] [CoffeeScript] [olegberman/mitm-omegle](https://github.com/olegberman/mitm-omegle) Watch strangers talk on Omegle (man in the middle attack)
- [**78**Star][4y] [oguzhantopgul/vezir-project](https://github.com/oguzhantopgul/vezir-project) Yet Another Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis
- [**78**Star][4m] [Visual Basic] [nyan-x-cat/lime-miner](https://github.com/nyan-x-cat/lime-miner) a simple hidden silent XMR miner.
- [**78**Star][30d] [JS] [nxtedition/node-http2-proxy](https://github.com/nxtedition/node-http2-proxy) A simple http/2 & http/1.1 to http/1.1 spec compliant proxy helper for Node.
- [**78**Star][16d] [Py] [nukeop/hide.py](https://github.com/nukeop/hide.py) A steganographic program that encodes files in pictures
- [**78**Star][5y] [C] [nihilus/ida_signsrch](https://github.com/nihilus/ida_signsrch) IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool.
- [**78**Star][2y] [C++] [nezza/sdqanalyzer](https://github.com/nezza/sdqanalyzer) A Saleae analyzer plugin for the SDQ (Apple Lightning, MagSafe, Battery) protocol.
- [**78**Star][2y] [JS] [mtjailed/jailbreakme](https://github.com/mtjailed/jailbreakme) A webbased jailbreak solution unifying existing jailbreak me solutions and new ones.
- [**78**Star][19d] [JS] [mljs/knn](https://github.com/mljs/knn) A k-nearest neighboor classifier algorithm.
- [**78**Star][10d] [Zeek] [mitre-attack/bzar](https://github.com/mitre-attack/bzar) A set of Zeek scripts to detect ATT&CK techniques.
- [**78**Star][2m] [mi3security/su-a-cyder](https://github.com/mi3security/su-a-cyder) Home-Brewed iOS Malware PoC Generator (BlackHat ASIA 2016)
- [**78**Star][2m] [Go] [mattevans/pwned-passwords](https://github.com/mattevans/pwned-passwords) 
- [**78**Star][2y] [Go] [m4ll0k/aron](https://github.com/m4ll0k/aron) Aron is a GO script for finding hidden GET & POST parameters
- [**78**Star][4y] [C++] [lcatro/sise_traning_ctf_re](https://github.com/lcatro/sise_traning_ctf_re) SNST Traning RE Project .华软网络安全小组逆向工程训练营,尝试以CTF 的形式来使大家可以动手训练快速提升自己的逆向工程水平.CTF 的训练程序又浅到深,没有使用太复杂的算法,在逆向的过程中遇到的难关都是在分析病毒和破解中遇到的实际情况,注重于实用.训练营还包含有源代码文件,训练程序和思路.希望可以帮助小伙伴们入门逆向工程这个神奇的世界..
- [**78**Star][12d] [HTML] [l3m0n/wooyun-wiki](https://github.com/l3m0n/wooyun-wiki) wiki.wooyun.org的部分快照网页
- [**78**Star][20d] [C] [kala13x/scap](https://github.com/kala13x/scap) Network Sniffer (Scan and Capture Incoming Packets)
- [**78**Star][4y] [C] [jndok/pegasusx](https://github.com/jndok/pegasusx) OS X 10.11.6 LPE PoC for CVE-2016-4655 / CVE-2016-4656
- [**78**Star][5m] [JS] [j0nathanj/publications](https://github.com/j0nathanj/publications) Slides, exploits and PoCs :)
- [**78**Star][4y] [Py] [j0bin/pentest-resources](https://github.com/j0bin/pentest-resources) 
- [**78**Star][3m] [C] [igrr/axtls-8266](https://github.com/igrr/axtls-8266) axTLS port for ESP8266
- [**78**Star][8m] [Py] [idanr1986/cuckoo](https://github.com/idanr1986/cuckoo) A Cuckoo Sandbox Extension for Android
- [**78**Star][2y] [Py] [hadojae/data](https://github.com/hadojae/data) Credential Phish Analysis and Automation
- [**78**Star][10d] [C] [gpg/libgcrypt](https://github.com/gpg/libgcrypt) The GNU crypto library. Mirror from:
- [**78**Star][6y] [CSS] [gajus/bugger](https://github.com/gajus/bugger) Bugger is a collection of functions for debugging PHP code.
- [**78**Star][6y] [Go] [gabrielg/cve-2014-1266-poc](https://github.com/gabrielg/cve-2014-1266-poc) Apple OS X/iOS SSL flaw demonstration
- [**78**Star][7y] [C#] [g0tmi1k/vulninjector](https://github.com/g0tmi1k/vulninjector) Generates a Windows 'vulnerable' machine from ISOs
- [**78**Star][2y] [f0rgetting/presentations](https://github.com/f0rgetting/presentations) 
- [**78**Star][3y] [C] [ernacktob/esp8266_wifi_raw](https://github.com/ernacktob/esp8266_wifi_raw) ESP8266 wifi packet injection and receiving experiment
- [**78**Star][3m] [PHP] [dunglas/php-torcontrol](https://github.com/dunglas/php-torcontrol) PHP TorControl, a library to control TOR
- [**78**Star][22d] [Go] [drael/gonetstat](https://github.com/drael/gonetstat) Netstat implementation in Go
- [**78**Star][2m] [C++] [hypersine/sdokeycrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation) CVE-2019-9729. Transferred from
- [**78**Star][6m] [Shell] [demonsec666/secist_script](https://github.com/demonsec666/secist_script) 
- [**78**Star][13d] [Ruby] [david942j/heapinfo](https://github.com/david942j/heapinfo) An interactive memory info for pwning / exploiting
- [**78**Star][3y] [Go] [cyphar/mkonion](https://github.com/cyphar/mkonion) A simple way to create a Tor onion service for existing Docker containers.
- [**78**Star][1m] [PHP] [curlyboi/hashtopus](https://github.com/curlyboi/hashtopus) Distributed wrapper around oclHashcat
- [**78**Star][2y] [C] [brl/grlh](https://github.com/brl/grlh) 
- [**78**Star][3y] [Py] [brianwrf/hackrequests](https://github.com/brianwrf/hackrequests) It is a dedicated requests lib that supports cookie, headers, get/post, etc. And it also supports rendering the response (e.g. Javascript, CSS, etc.) of GET requests by using PhantomJs enginee.
- [**78**Star][19d] [Shell] [brainfucksec/archtorify](https://github.com/brainfucksec/archtorify) Transparent proxy through Tor for Arch Linux OS
- [**78**Star][1m] [Java] [bigsizeme/burplugin-java-rce](https://github.com/bigsizeme/burplugin-java-rce) Burp plugin, Java RCE
- [**78**Star][10d] [Py] [bao7uo/dp_crypto](https://github.com/bao7uo/dp_crypto) Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)
- [**78**Star][3y] [Assembly] [azeria-labs/arm-assembly-examples](https://github.com/azeria-labs/arm-assembly-examples) Snippets from ARM assembly tutorials
- [**78**Star][1m] [axiomzen/eth-random](https://github.com/axiomzen/eth-random) commit-reveal RNG method in Ethereum
- [**78**Star][2y] [C] [alex9191/kernel-dll-injector](https://github.com/alex9191/kernel-dll-injector) Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
- [**78**Star][19d] [C++] [undefinedidentifier/lcx](https://github.com/UndefinedIdentifier/LCX) 自修改免杀lcx端口转发工具
- [**77**Star][11d] [Py] [fedecalendino/nintendeals](https://github.com/fedecalendino/nintendeals) Library with a set of tools for scraping information about Nintendo games and its prices across all regions (NA, EU and JP).
- [**77**Star][1y] [C#] [adrenak/univoice](https://github.com/adrenak/univoice) P2P VoIP in Unity
- [**77**Star][1m] [Py] [dagrha/pypia](https://github.com/dagrha/pypia) Configuration of Private Internet Access VPN routes for Linux
- [**77**Star][2m] [Py] [lorien/daysandbox_bot](https://github.com/lorien/daysandbox_bot) Telegram bot that deletes messages with URL from users joined in less than 24 hours
- [**77**Star][2m] [Shell] [rodtreweek/castle-winbuntu](https://github.com/rodtreweek/castle-winbuntu) Homesick Castle for use on WSL.
- [**77**Star][12d] [githubixx/ansible-role-wireguard](https://github.com/githubixx/ansible-role-wireguard) Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora and CentOS.
- [**77**Star][2m] [Shell] [khavishbhundoo/obfsproxy-openvpn](https://github.com/khavishbhundoo/obfsproxy-openvpn) Bash script to setup openvpn with obfsproxy to defeat censorship
- [**77**Star][1m] [Java] [welkinxie/aescipher-java](https://github.com/welkinxie/aescipher-java) AES encryption working between Objective-C and Java.
- [**77**Star][21d] [C++] [onekiloparsec/swiftaa](https://github.com/onekiloparsec/swiftaa) The most comprehensive collection of accurate astronomical algorithms in (C++, Objective-C and) Swift.
- [**77**Star][12d] [PS] [cutaway-security/chaps](https://github.com/cutaway-security/chaps) Configuration Hardening Assessment PowerShell Script (CHAPS)
- [**77**Star][21d] [C] [zhengshoujian/darknet-yolo-segmentation](https://github.com/zhengshoujian/darknet-yolo-segmentation) This project is based on darknet to get image segmentation
- [**77**Star][3m] [Java] [guardianproject/cacheword](https://github.com/guardianproject/cacheword) a password caching and management service for Android
- [**77**Star][11d] [Shell] [espressif/esp32-wifi-lib](https://github.com/espressif/esp32-wifi-lib) ESP32 WiFi stack precompiled libraries
- [**77**Star][4m] [gossip-sjtu/gossip_blog](https://github.com/gossip-sjtu/gossip_blog) 每周定期更新论文笔记分享的markdown以及图片
- [**77**Star][15d] [Shell] [thelinuxchoice/self-xss](https://github.com/thelinuxchoice/self-xss) Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code
- [**77**Star][30d] [JS] [valeriansaliou/node-fast-ratelimit](https://github.com/valeriansaliou/node-fast-ratelimit) Fast and efficient in-memory rate-limit, used to alleviate most common DOS attacks.
- [**77**Star][7d] [C++] [jeefo/yapb](https://github.com/jeefo/yapb) AI opponent for Counter-Strike based on POD-Bot 2.6
- [**77**Star][16d] [Py] [ivanlei/airodump-iv](https://github.com/ivanlei/airodump-iv) A python implementation of airodump-ng
- [**77**Star][19d] [Go] [edoverflow/csp](https://github.com/edoverflow/csp) Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
- [**77**Star][14d] [JS] [aceforth/nuxt-netlify](https://github.com/aceforth/nuxt-netlify) Dynamically generate `_headers` and `_redirects` files for Netlify in your Nuxt.js projects
- [**77**Star][29d] [Shell] [sclorg/s2i-php-container](https://github.com/sclorg/s2i-php-container) PHP container images based on Red Hat Software Collections and intended for OpenShift and general usage, that provide a platform for building and running PHP applications. Users can choose between Red Hat Enterprise Linux, Fedora, and CentOS based images.
- [**77**Star][11d] [Rust] [easyctf/librectf](https://github.com/easyctf/librectf) CTF in a box. Minimal setup required. (not production-ready yet)
- [**77**Star][2m] [Assembly] [zznop/pop-nedry](https://github.com/zznop/pop-nedry) x86-64 Windows shellcode that recreates the Jurassic Park hacking scene (Ah, ah, ah... you didn't' say the magic word!)
- [**77**Star][1y] [Py] [ztgrace/red_team_telemetry](https://github.com/ztgrace/red_team_telemetry) 
- [**77**Star][1m] [JS] [zencashofficial/arizen](https://github.com/zencashofficial/arizen) Arizen is the API wallet for Horizen with encrypted and only locally stored files!
- [**77**Star][4m] [C++] [yveaux/nrf24_sniffer](https://github.com/yveaux/nrf24_sniffer) Sniffer for Nordic NRF24L01+ modules with MySensors support
- [**77**Star][3y] [Py] [wofeiwo/webshell-find-tools](https://github.com/wofeiwo/webshell-find-tools) 分析web访问日志以及web目录文件属性，用于根据查找可疑后门文件的相关脚本。
- [**77**Star][3m] [Py] [wied03/centos-package-cron](https://github.com/wied03/centos-package-cron) A security update tool for CentOS
- [**77**Star][21d] [Py] [tonybaloney/retox](https://github.com/tonybaloney/retox) For running a local continuous testing environment with tox
- [**77**Star][3y] [Py] [tezukanice/office8570](https://github.com/tezukanice/office8570) CVE20178570
- [**77**Star][5y] [Py] [tandasat/winioctldecoder](https://github.com/tandasat/winioctldecoder) IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
- [**77**Star][18d] [sukkaw/cloudflare-block-bad-bot-ruleset](https://github.com/sukkaw/cloudflare-block-bad-bot-ruleset) 
- [**77**Star][5m] [sevagas/windowsdefender_asr_bypass-offensivecon2019](https://github.com/sevagas/windowsdefender_asr_bypass-offensivecon2019) Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.
- [**77**Star][10d] [Shell] [selivan/https-ssl-cert-check-zabbix](https://github.com/selivan/https-ssl-cert-check-zabbix) Script to check validity and expiration of TLS/SSL certificate on site. May be used with Zabbix or standalone.
- [**77**Star][12d] [scubsrgroup/automatic-exploit-generation](https://github.com/scubsrgroup/automatic-exploit-generation) Something about AEG
- [**77**Star][4m] [PS] [samratashok/race](https://github.com/samratashok/race) RACE is a PowerShell module for executing ACL attacks against Windows targets.
- [**77**Star][2m] [Py] [safebreach-labs/spacebin](https://github.com/safebreach-labs/spacebin) Spacebin is a proof-of-concept malware that exfiltrates data (from No Direct Internet Access environments) via triggering AV on the endpoint and then communicating back from the AV's cloud component.
- [**77**Star][3y] [Py] [ropnop/xxetimes](https://github.com/ropnop/xxetimes) An interactive OOB XXE data exfiltration tool
- [**77**Star][9d] [randomuserid/tylium](https://github.com/randomuserid/tylium) Primary data pipelines for intrusion detection, security analytics and threat hunting
- [**77**Star][4m] [JS] [ralphwetzel/theonionbox](https://github.com/ralphwetzel/theonionbox) Dashboard to monitor Tor node operations
- [**77**Star][13d] [C] [ps4dev/ps4sdk](https://github.com/ps4dev/ps4sdk) Modular open source ps4 sdk with user and kernel space support
- [**77**Star][2m] [C++] [niklasb/bspfuzz](https://github.com/niklasb/bspfuzz) 
- [**77**Star][5m] [nezteb/i_hate_wordpress](https://github.com/nezteb/i_hate_wordpress) I used to hate Wordpress until I had created this repo. This is me documenting how to make WordPress not suck like everyone thinks it does.
- [**77**Star][4m] [JS] [mubaidr/javascript-barcode-reader](https://github.com/mubaidr/javascript-barcode-reader) Simple and Fast Barcode decoder with support of Code128, Code93, Code39, Standard/Industrial 2 of 5, Interleaved 2 of 5, Codabar, EAN-13, EAN-8 barcodes in javascript.
- [**77**Star][5y] [Py] [mncoppola/linux-kernel-ctf](https://github.com/mncoppola/linux-kernel-ctf) Helper scripts for hosting a Linux kernel exploitation CTF challenge
- [**77**Star][16d] [Crystal] [maxfierke/fincher](https://github.com/maxfierke/fincher) A steganography tool for text
- [**77**Star][4m] [C++] [macmade/unicorn-bios](https://github.com/macmade/unicorn-bios) Basic BIOS emulator for Unicorn Engine.
- [**77**Star][24d] [lgg/awesome-keepass](https://github.com/lgg/awesome-keepass) Curated list of KeePass-related projects
- [**77**Star][1m] [Go] [lesnuages/go-execute-assembly](https://github.com/lesnuages/go-execute-assembly) Allow a Go process to dynamically load .NET assemblies
- [**77**Star][19d] [C#] [leoloobeek/csharp](https://github.com/leoloobeek/csharp) Various C# projects for offensive security
- [**77**Star][2m] [C] [klks/checksec](https://github.com/klks/checksec) x64dbg plugin to check security settings
- [**77**Star][4y] [PS] [jaredhaight/invoke-metasploitpayload](https://github.com/jaredhaight/invoke-metasploitpayload) Powershell script to download and kick off Metasploit payloads.
- [**77**Star][18d] [Py] [internetarchive/warctools](https://github.com/internetarchive/warctools) Command line tools and libraries for handling and manipulating WARC files (and HTTP contents)
- [**77**Star][2m] [Shell] [inquisb/unix-privesc-check](https://github.com/inquisb/unix-privesc-check) Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurations that could allow local unprivileged user to escalate to other users (e.g. root) or to access local apps (e.g. databases). This is a collaborative rework of version 1.0
- [**77**Star][1y] [C++] [hzqst/fuckcertverifytimevalidity](https://github.com/hzqst/fuckcertverifytimevalidity) This tiny project prevents the signtool from verifing cert time validity and let you sign your bin with outdated cert without changing system time manually
- [**77**Star][2y] [homjxi0e/apt](https://github.com/homjxi0e/apt) APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )
- [**77**Star][14d] [Shell] [hassio-addons/addon-nginx-proxy-manager](https://github.com/hassio-addons/addon-nginx-proxy-manager) Nginx Proxy Manager - Home Assistant Community Add-ons
- [**77**Star][1m] [Java] [hackthelegacy/hack400tool](https://github.com/hackthelegacy/hack400tool) security handling tools for IBM Power Systems (formerly known as AS/400)
- [**77**Star][1m] [Ruby] [hacken-in/hacken-in](https://github.com/hacken-in/hacken-in) An event calendar for nerds, geeks & hackers
- [**77**Star][4m] [C] [gdbinit/gopher](https://github.com/gdbinit/gopher) A OS X crypto ransomware PoC
- [**77**Star][1m] [C++] [gamebooster/dota2-lua-engine](https://github.com/gamebooster/dota2-lua-engine) Lua Scripting Engine for Dota 2
- [**77**Star][4m] [Py] [funilrys/pyfunceble](https://github.com/funilrys/pyfunceble) The tool to check the availability or syntax of domains, IPv4, IPv6 or URL.
- [**77**Star][1y] [foolmitah/cve-2018-14729](https://github.com/foolmitah/cve-2018-14729) Discuz backend getshell
- [**77**Star][4m] [Makefile] [florianutz/ubuntu1604-cis](https://github.com/florianutz/ubuntu1604-cis) Ubuntu CIS Hardening Ansible Role
- [**77**Star][22d] [Ruby] [fbkcs/msf-elf-in-memory-execution](https://github.com/fbkcs/msf-elf-in-memory-execution) Post module for Metasploit to execute ELF in memory
- [**77**Star][1m] [HTML] [f47h3r/hackingteam_exploits](https://github.com/f47h3r/hackingteam_exploits) Initial Collection of HackingTeam Exploits
- [**77**Star][3m] [Java] [evilsocket/nikeplus-fuelband-se-reversed](https://github.com/evilsocket/nikeplus-fuelband-se-reversed) A a proof of concept application that uses BLE api and the Nike+ FuelBand SE protocol to communicate with Nike BLE devices.
- [**77**Star][15d] [Java] [ethackdotorg/orwall](https://github.com/ethackdotorg/orwall) Put your apps behind Orbot, and block all unwanted traffic in one row.
- [**77**Star][1m] [JS] [envkey/envkey-app](https://github.com/envkey/envkey-app) Secure, human-friendly, cross-platform secrets and config.
- [**77**Star][5m] [Java] [dschadow/javasecurity](https://github.com/dschadow/javasecurity) Java web and command line applications demonstrating various security topics
- [**77**Star][16d] [C] [dodola/fbhookfork](https://github.com/dodola/fbhookfork) 从 fb 的 profilo 项目里提取出来的hook 库，自己用
- [**77**Star][3m] [Lua] [dns-oarc/drool](https://github.com/dns-oarc/drool) DNS Replay Tool
- [**77**Star][4m] [C] [dimopouloselias/simpleshellcodeinjector](https://github.com/dimopouloselias/simpleshellcodeinjector) receives as an argument a shellcode in hex and executes it
- [**77**Star][3y] [dictionaryhouse/dirpath_list](https://github.com/dictionaryhouse/dirpath_list) Dirpath_List 目录扫描字典
- [**77**Star][3m] [Py] [denglend/decode345](https://github.com/denglend/decode345) Honeywell 345 Mhz decoding
- [**77**Star][4y] [C] [decryptoniteteam/decryptonite](https://github.com/decryptoniteteam/decryptonite) Ransomware Detection and Mitigation Software
- [**77**Star][21d] [Nix] [dapphub/ds-math](https://github.com/dapphub/ds-math) Safe arithmetic
- [**77**Star][24d] [Py] [d4vinci/elpscrk](https://github.com/d4vinci/elpscrk) A Common User Passwords generator script that looks like the tool Eliot used it in Mr.Robot Series Episode 01 :D :v
- [**77**Star][9m] [Py] [cybereason/linux_plumber](https://github.com/cybereason/linux_plumber) A python implementation of a grep friendly ftrace wrapper
- [**77**Star][2m] [HTML] [cooolis/cooolis.github.io](https://github.com/cooolis/cooolis.github.io) Cooolis是一个操作系统命令技巧备忘录
- [**77**Star][8m] [Py] [coldzer0/ida-for-delphi](https://github.com/coldzer0/ida-for-delphi) IDA Python Script to Get All function names from Event Constructor (VCL)
- [**77**Star][3y] [ObjC] [cocoahuke/ioskextdump](https://github.com/cocoahuke/ioskextdump) Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory
- [**77**Star][4y] [Py] [carlosgprado/brundlefuzz](https://github.com/carlosgprado/brundlefuzz) BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.
- [**77**Star][3m] [PHP] [bugsafe/wereport](https://github.com/bugsafe/wereport) WeReport
- [**77**Star][2y] [Java] [bit4woo/u2c](https://github.com/bit4woo/u2c) A burpsuite Extender That Convert Unicode To Chinese
- [**77**Star][16d] [C] [bazad/x18-leak](https://github.com/bazad/x18-leak) CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.
- [**77**Star][10d] [autodesk/continuous-threat-modeling](https://github.com/autodesk/continuous-threat-modeling) A Continuous Threat Modeling methodology
- [**77**Star][4y] [Py] [ahhh/reverse_https_bot](https://github.com/ahhh/reverse_https_bot) A python based https remote access trojan for penetration testing
- [**77**Star][1m] [C++] [0xeb/ida-qscripts](https://github.com/0xeb/ida-qscripts) An IDA plugin to increase productivity when developing scripts for IDA
- [**77**Star][1m] [Go] [0x9ef/golang-uacbypasser](https://github.com/0x9ef/golang-uacbypasser) UAC bypass techniques implemented and written in Go
- [**76**Star][7d] [Shell] [avilum/waycup](https://github.com/avilum/waycup) A minimal tool that hides your online assets from online security scanners, researchers and hackers.
- [**76**Star][2y] [Jupyter Notebook] [zgbgx/p2pda](https://github.com/zgbgx/p2pda) use the data scrapied from a third-party website to analyse chinese P2P industry(使用从第三方数据网站爬取的数据分析中国P2P)
- [**76**Star][16d] [Bro] [salesforce/bro-sysmon](https://github.com/salesforce/bro-sysmon) How to Zeek Sysmon Logs!
- [**76**Star][4m] [Py] [viralmaniar/xposedornot](https://github.com/viralmaniar/xposedornot) XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
- [**76**Star][4m] [C] [jfreegman/toxbot](https://github.com/jfreegman/toxbot) A groupchat control bot for Tox
- [**76**Star][12d] [Py] [xnathan/squid_proxy_pool](https://github.com/xnathan/squid_proxy_pool) Squid 代理池搭建
- [**76**Star][3m] [Java] [mvdan/accesspoint](https://github.com/mvdan/accesspoint) Manage wireless access points in Android (abandoned)
- [**76**Star][10d] [Clojure] [athos/postmortem](https://github.com/athos/postmortem) A tiny value-oriented debugging tool for Clojure(Script), powered by transducers
- [**76**Star][14d] [TS] [adumont/tplink-cloud-api](https://github.com/adumont/tplink-cloud-api) A node.js npm module to remotely control TP-Link smartplugs (HS100, HS110) and smartbulbs (LB100, LB110, LB120, LB130) using their cloud web service (no need to be on the same wifi/lan)
- [**76**Star][10d] [Py] [howie6879/itbooks](https://github.com/howie6879/itbooks) Get itbooks from ebooks's website for free,such as allitebooks,digilibraries,etc
- [**76**Star][7d] [Py] [fullshade/osce](https://github.com/FULLSHADE/OSCE) Developed proof-of-concept exploits for various types of vulnerabilities and mitigation bypasses with user-mode Windows applications, New CVE's produced via this repo: CVE-2019-16724, CVE-2019-17181
- [**76**Star][11d] [Swift] [ibm-swift/bluesslservice](https://github.com/ibm-swift/bluesslservice) SSL/TLS Add-in for BlueSocket using Secure Transport and OpenSSL
- [**76**Star][10d] [Py] [dorianbrown/rank_bm25](https://github.com/dorianbrown/rank_bm25) A collection of BM25 algorithm variants
- [**76**Star][4m] [Py] [wulc/amazonrobot](https://github.com/wulc/amazonrobot) Amazon商品引流的 python 爬虫
- [**76**Star][8d] [C++] [onecodemonkey/algorithm](https://github.com/onecodemonkey/algorithm) 
- [**76**Star][3m] [C] [vnik5287/kernel_rop](https://github.com/vnik5287/kernel_rop) 
- [**76**Star][4m] [Py] [guardianfirewall/grandmaster](https://github.com/guardianfirewall/grandmaster) A simplistic python tool that assists in automating iOS firmware decryption.
- [**76**Star][19d] [Go] [harleo/asnip](https://github.com/harleo/asnip) ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
- [**76**Star][12d] [C++] [secrary/hooking-via-instrumentationcallback](https://github.com/secrary/hooking-via-instrumentationcallback) codes for my blog post:
- [**76**Star][1m] [Py] [tribler/dispersy](https://github.com/tribler/dispersy) The elastic database system. A database designed for P2P-like scenarios, where potentially millions of computers send database updates around.
- [**76**Star][23d] [JS] [nccgroup/datajackproxy](https://github.com/nccgroup/datajackproxy) Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms
- [**76**Star][4m] [valvesoftware/dota-2-vulkan](https://github.com/valvesoftware/dota-2-vulkan) Tracker for issues specific to the Vulkan version of Dota 2 on Windows, Linux, and macOS
- [**76**Star][16d] [C] [nordicsemiconductor/nrf-ieee-802.15.4-radio-driver](https://github.com/nordicsemiconductor/nrf-ieee-802.15.4-radio-driver) A generic, stack independent and system independent IEEE 802.15.4 radio driver, intended for nRF SoCs with IEEE 802.15.4 radio. It contains a built-in support for multiprotocol, allowing for concurrent operation of IEEE 802.15.4-based stacks (e.g. Thread, ZigBee) with Bluetooth LE
- [**76**Star][16d] [JS] [medicean/as_bypass_php_disable_functions](https://github.com/medicean/as_bypass_php_disable_functions) antsword bypass PHP disable_functions
- [**76**Star][19d] [Py] [k8gege/cve-2019-0604](https://github.com/k8gege/cve-2019-0604) cve-2019-0604 SharePoint RCE exploit
- [**76**Star][13d] [Py] [trailofbits/polyfile](https://github.com/trailofbits/polyfile) A utility for mapping the file formats embedded within a single file
- [**76**Star][7d] [Py] [fullshade/osce](https://github.com/FULLSHADE/OSCE) Developed proof-of-concept exploits for various types of vulnerabilities and mitigation bypasses with user-mode Windows applications, New CVE's produced via this repo: CVE-2019-16724, CVE-2019-17181
- [**76**Star][16d] [zntfdr/awesome-twitter-bots](https://github.com/zntfdr/awesome-twitter-bots) A Curated Collection of the Best Twitter Bots
- [**76**Star][11d] [Py] [zhanghangorg/sqlinj-ant](https://github.com/zhanghangorg/sqlinj-ant) 伪分布式SQL注入自动扫描
- [**76**Star][2m] [Py] [vvalien/win_exp](https://github.com/vvalien/win_exp) 
- [**76**Star][4y] [C] [viralsecuritygroup/knoxout](https://github.com/viralsecuritygroup/knoxout) A PoC of KNOXout (CVE-2016-6584) - bypassing Samsung KNOX protections and root Samsung Galaxy S6 Android Device.
- [**76**Star][19d] [Shell] [violentlydave/mkhtaccess_red](https://github.com/violentlydave/mkhtaccess_red) Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been seen before, and redirects them to a benign payload.
- [**76**Star][4m] [PHP] [vidar-team/hctf2015-all-problems](https://github.com/vidar-team/hctf2015-all-problems) hctf2015 all problems and writeups from authors
- [**76**Star][2m] [PHP] [v0s/plus22](https://github.com/v0s/plus22) Tool to analyze 64-bit binaries with 32-bit Hex-Rays Decompiler
- [**76**Star][1y] [Shell] [ttffdd/xbadmanners](https://github.com/ttffdd/xbadmanners) Tool for CVE-2018-16323
- [**76**Star][20d] [Dart] [timsneath/github-tracker](https://github.com/timsneath/github-tracker) Grabs some useful information from GitHub.
- [**76**Star][4m] [C++] [thomasthelen/antidebugging](https://github.com/thomasthelen/antidebugging) A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
- [**76**Star][11m] [Jupyter Notebook] [surajr/url-classification](https://github.com/surajr/url-classification) Machine learning to classify Malicious (Spam)/Benign URL's
- [**76**Star][14d] [Shell] [srvrco/checkssl](https://github.com/srvrco/checkssl) checks ssl certs for a set of domains
- [**76**Star][3m] [Py] [spotify/gcp-firewall-enforcer](https://github.com/spotify/gcp-firewall-enforcer) A toolbox to enforce firewall rules across multiple GCP projects.
- [**76**Star][19d] [Py] [soinull/assimilate](https://github.com/soinull/assimilate) Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
- [**76**Star][29d] [JS] [sindresorhus/debounce-fn](https://github.com/sindresorhus/debounce-fn) Debounce a function
- [**76**Star][1y] [Py] [secrary/ida-scripts](https://github.com/secrary/ida-scripts) IDAPro scripts/plugins
    - [dumpDyn](https://github.com/secrary/ida-scripts/blob/master/dumpDyn/README.md) IDAPython plugin(script) which saves comments, names, breakpoints, functions from one execution to another.
    - [idenLib](https://github.com/secrary/ida-scripts/blob/master/idenLib/README.md) Library Function Identification
    - [IOCTL_decode](https://github.com/secrary/ida-scripts/blob/master/IOCTL_decode.py) Windows Device IO Control Code
    - [XORCheck](https://github.com/secrary/ida-scripts/blob/master/XORCheck.py) check xor
- [**76**Star][11d] [Py] [scy-phy/minicps](https://github.com/scy-phy/minicps) MiniCPS: a framework for Cyber-Physical Systems real-time simulation, built on top of mininet
- [**76**Star][4m] [Py] [scumsec/recon-ng-modules](https://github.com/scumsec/recon-ng-modules) Additional modules for recon-ng
- [**76**Star][16d] [Bro] [salesforce/bro-sysmon](https://github.com/salesforce/bro-sysmon) How to Zeek Sysmon Logs!
- [**76**Star][4m] [Py] [s2e/docs](https://github.com/s2e/docs) Documentation and Quick Start Guides for the S2E Symbolic Execution Platform
- [**76**Star][11d] [C++] [rwfpl/rewolf-dllpackager](https://github.com/rwfpl/rewolf-dllpackager) Simple tool to bundle windows DLLs with PE executable
- [**76**Star][4y] [Shell] [rossmairm/pentools](https://github.com/rossmairm/pentools) This is a bundle of python and bash penetration testing tools for recon and information gathering.
- [**76**Star][4m] [C++] [rigtorp/udpreplay](https://github.com/rigtorp/udpreplay) Replay UDP packets from a pcap file
- [**76**Star][2y] [Shell] [re4son/wsl-kali-x](https://github.com/re4son/wsl-kali-x) Tweaks to run Kali Linux desktop panels and gui apps on Windows 10
- [**76**Star][10d] [Java] [radioegor146/native-obfuscator](https://github.com/radioegor146/native-obfuscator) Java .class to .cpp converter for use with JNI
- [**76**Star][2m] [Shell] [ppabc/cc_iptables](https://github.com/ppabc/cc_iptables) 收集处理DDOS、CC攻击各类脚本，包括NGINX日志中的CC攻击IP处理。
- [**76**Star][13d] [C++] [powerdns/weakforced](https://github.com/powerdns/weakforced) Anti-Abuse for servers at authentication time
- [**76**Star][29d] [Java] [portswigger/json-web-token-attacker](https://github.com/portswigger/json-web-token-attacker) 
- [**76**Star][1m] [Py] [patois/mrspicky](https://github.com/patois/mrspicky) An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions.
- [**76**Star][5m] [JS] [palindrom/jsonpatcherproxy](https://github.com/palindrom/jsonpatcherproxy) ES6 proxy powered JSON Object observer that emits JSON patches when changes occur to your object tree.
- [**76**Star][25d] [C] [outflanknl/external_c2](https://github.com/outflanknl/external_c2) POC for Cobalt Strike external C2
- [**76**Star][11d] [Go] [nokka/d2s](https://github.com/nokka/d2s) Diablo II file format binary parser written in Go.
- [**76**Star][20d] [JS] [nmaier/about-addons-memory](https://github.com/nmaier/about-addons-memory) Tiny prototype Firefox extension presenting the memory usage of all active add-ons
- [**76**Star][5m] [Ruby] [ninoseki/miteru](https://github.com/ninoseki/miteru) An experimental phishing kit detection tool
- [**76**Star][2y] [JS] [mtjailed/unjailme](https://github.com/mtjailed/unjailme) A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)
- [**76**Star][12d] [Py] [msuhanov/yarp](https://github.com/msuhanov/yarp) Yet another registry parser
- [**76**Star][4y] [Py] [moosd/needle](https://github.com/moosd/needle) Android framework injection made easy
- [**76**Star][18d] [Shell] [mkottman/luacrypto](https://github.com/mkottman/luacrypto) Fork of LuaCrypto, which enables encryption and decryption through OpenSSL
- [**76**Star][1m] [Py] [milo2012/ipv4bypass](https://github.com/milo2012/ipv4bypass) 利用ipV6绕过安全防护
- [**76**Star][19d] [Ruby] [melvinsh/subresolve](https://github.com/melvinsh/subresolve) Resolve and quickly portscan a list of (sub)domains.
- [**76**Star][5y] [C++] [malwaretech/zombifyprocess](https://github.com/malwaretech/zombifyprocess) Inject code into a legitimate process
- [**76**Star][2m] [Go] [maliceio/malice-av](https://github.com/maliceio/malice-av) Malice AntiVirus Plugins
- [**76**Star][4y] [magoo/incident-response-plan](https://github.com/magoo/incident-response-plan) Boilerplate Incident Response Plan from "Starting Up Security"
- [**76**Star][6m] [Java] [lianglixin/sandvxposed](https://github.com/lianglixin/sandvxposed) Xposed environment without root (OS 5.0 - 10.0)
- [**76**Star][5m] [AutoIt] [jschicht/logfileparser](https://github.com/jschicht/logfileparser) Parser for $LogFile on NTFS
- [**76**Star][4m] [Shell] [joshuamart/autorecon](https://github.com/joshuamart/autorecon) Simple shell script for automated domain recognition with some tools
- [**76**Star][2m] [Py] [joridos/custom-ssh-backdoor](https://github.com/joridos/custom-ssh-backdoor) Custom ssh backdoor, coded in python using Paramiko
- [**76**Star][11d] [PHP] [joesmithjaffa/jenkins-shell](https://github.com/joesmithjaffa/jenkins-shell) Automating Jenkins Hacking using Shodan API
- [**76**Star][8y] [ObjC] [jils/flashbackchecker](https://github.com/jils/flashbackchecker) Quick and easy checker for Mac Flashback malware variants
- [**76**Star][4m] [jawz101/mobileadtrackers](https://github.com/jawz101/mobileadtrackers) Taken from DNS logs while actively using Android apps over the years. Formatted in hostfile format.
- [**76**Star][1y] [Ruby] [iagox86/poracle](https://github.com/iagox86/poracle) 
- [**76**Star][29d] [Java] [i2p/i2p.android.base](https://github.com/i2p/i2p.android.base) I2P for Android
- [**76**Star][6y] [Py] [hiddenillusion/ipinfo](https://github.com/hiddenillusion/ipinfo) Searches various online resources to try and get as much info about an IP/domain as possible.
- [**76**Star][1m] [Py] [hamz-a/jeb2frida](https://github.com/hamz-a/jeb2frida) Automated Frida hook generation with JEB
- [**76**Star][18d] [JS] [gitsquared/sherlock-js](https://github.com/gitsquared/sherlock-js) Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
- [**76**Star][3m] [Py] [ganapati/crawlic](https://github.com/ganapati/crawlic) Web recon tool (find temporary files, parse robots.txt, search some folders, google dorks and search domains hosted on same server)
- [**76**Star][4m] [Py] [gadiluna/safe](https://github.com/gadiluna/safe) Self-Attentive Function Embeddings for binary similarity
- [**76**Star][1y] [Py] [fs0c131y/cve-2018-20555](https://github.com/fs0c131y/cve-2018-20555) Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
- [**76**Star][6m] [Py] [fopina/kdbxpasswordpwned](https://github.com/fopina/kdbxpasswordpwned) Check KeePass passwords against
- [**76**Star][7m] [C#] [ffxivapp/sharlayan](https://github.com/ffxivapp/sharlayan) Visit us on Discord!
- [**76**Star][4y] [C++] [feross/wiresheep](https://github.com/feross/wiresheep) WireSheep shows you each user on the network and all the HTTP requests they're making in a pretty News Feed, a la Facebook.
- [**76**Star][5y] [PHP] [fakhrizulkifli/defeating-php-gd-imagecreatefromgif](https://github.com/fakhrizulkifli/defeating-php-gd-imagecreatefromgif) Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromgif()
- [**76**Star][2y] [Java] [exploitr/deautherdroid](https://github.com/exploitr/deautherdroid) Additional android app for SpaceHunn's ESP8266 DeAuther.
- [**76**Star][15d] [PHP] [digininja/nosqlilab](https://github.com/digininja/nosqlilab) A lab for playing with NoSQL Injection
- [**76**Star][9m] [M4] [dennisyurichev/yurichev.com](https://github.com/dennisyurichev/yurichev.com) my website
- [**76**Star][2m] [Verilog] [denandz/lpc_sniffer_tpm](https://github.com/denandz/lpc_sniffer_tpm) A low pin count sniffer for ICEStick - targeting TPM chips
- [**76**Star][7d] [C] [danielkrupinski/vac-hooks](https://github.com/danielkrupinski/vac-hooks) Hook WinAPI functions used by Valve Anti-Cheat. Log calls and intercept arguments & return values. DLL written in C.
- [**76**Star][13d] [Py] [d3vzer0/reternal-quickstart](https://github.com/d3vzer0/reternal-quickstart) Repo containing docker-compose files and setup scripts without having to clone the individual reternal components
- [**76**Star][10d] [C#] [codedx/codepulse](https://github.com/codedx/codepulse) Code Pulse is a real-time code coverage tool for penetration testing activities
- [**76**Star][5m] [C++] [clrx/clrx-mirror](https://github.com/clrx/clrx-mirror) CLRadeonExtender (GCN assembler, Radeon assembler) mirror
- [**76**Star][2m] [JS] [chrisyer/lightsocks-nodejs](https://github.com/chrisyer/lightsocks-nodejs) It's a simple socks5 proxy tool which based on lightsocks
- [**76**Star][10m] [Logos] [chichou/globalwebinspect](https://github.com/chichou/globalwebinspect) Enable WebView remote inspector for every app
- [**76**Star][20d] [Shell] [bishopfox/pwn-pulse](https://github.com/bishopfox/pwn-pulse) Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
- [**76**Star][23d] [Batchfile] [azmatt/windowsenum](https://github.com/azmatt/windowsenum) Batch file to help automate Windows enumeration for privilege escalation
- [**76**Star][5m] [C#] [antoniococo/runascs](https://github.com/antoniococo/runascs) RunasCs - Csharp and open version of windows builtin runas.exe
- [**76**Star][25d] [C] [adulau/ssldump](https://github.com/adulau/ssldump) ssldump - (de-facto repository gathering patches around the cyberspace)
- [**76**Star][3m] [Py] [7h3ram/flowinspect](https://github.com/7h3ram/flowinspect) A Network Inspection Tool
- [**76**Star][2m] [JS] [hackatnow/certstreamcatcher](https://github.com/hackatnow/certstreamcatcher) This tool is based on regex with effective standards for detecting phishing sites in real time using certstream and can also detect punycode (IDNA) attacks.
- [**76**Star][4y] [Py] [1an0rmus/tekdefense](https://github.com/1an0rmus/tekdefense) Open Development projects for TekDefense
- [**75**Star][19d] [Shell] [dark-warlord14/ffufplus](https://github.com/dark-warlord14/ffufplus) You can read the writeup on this script here
- [**75**Star][16d] [Go] [ropnop/go-clr](https://github.com/ropnop/go-clr) A PoC package for hosting the CLR and executing .NET from Go
- [**75**Star][10d] [C] [shreeyak/cleargrasp](https://github.com/shreeyak/cleargrasp) Official repository for the paper "ClearGrasp: 3D Shape Estimation of Transparent Objects for Manipulation"
- [**75**Star][2m] [Jupyter Notebook] [kengoa/fantasy-basketball](https://github.com/kengoa/fantasy-basketball) Scraping statistics, predicting NBA player performance with neural networks and boosting algorithms, and optimising lineups for Draft Kings with genetic algorithm. Capstone Project for Machine Learning Engineer Nanodegree by Udacity.
- [**75**Star][19d] [JS] [cblgh/datradio](https://github.com/cblgh/datradio) p2p music player for beaker and dat
- [**75**Star][6m] [ObjC] [smilezxlee/ipadownloadtool](https://github.com/smilezxlee/ipadownloadtool) 输入下载页面链接自动获取ipa下载地址，支持本地下载，支持蒲公英和fir及其他所有自定义下载页面(由于是通过拦截webView的itms-services://请求获取plist文件，因此理论上可无视所有的请求加密、校验措施)
- [**75**Star][2y] [HTML] [diegorbaquero/peerfast](https://github.com/diegorbaquero/peerfast) 
- [**75**Star][7m] [Py] [milindpurswani/syborg](https://github.com/milindpurswani/syborg) Recursive DNS Subdomain Enumerator with dead-end avoidance system (BETA)
- [**75**Star][1m] [Py] [papermtn/lil-pwny](https://github.com/papermtn/lil-pwny) Auditing Active Directory passwords using multiprocessing in Python.
- [**75**Star][4m] [Py] [initial-h/alphazero_gomoku_mpi](https://github.com/initial-h/alphazero_gomoku_mpi) An asynchronous/parallel method of AlphaGo Zero algorithm with Gomoku
- [**75**Star][16d] [TS] [y21/discordcaptcha](https://github.com/y21/discordcaptcha) Verification bot for Discord
- [**75**Star][9d] [Py] [jfrascon/slam_and_path_planning_algorithms](https://github.com/jfrascon/slam_and_path_planning_algorithms) This repository contains the solutions to all the exercises for the MOOC about SLAM and PATH-PLANNING algorithms given by professor Claus Brenner at Leibniz University. This repository also contains my personal notes, most of them in PDF format, and many vector graphics created by myself to illustrate the theoretical concepts. Hope you enjoy it! :)
- [**75**Star][7m] [Go] [sri-csl/gllvm](https://github.com/sri-csl/gllvm) Whole Program LLVM: wllvm ported to go
- [**75**Star][12d] [Java] [jpa99/algorithms](https://github.com/jpa99/algorithms) A collection of various useful algorithms and data structures along with their Java implementations.
- [**75**Star][12d] [agucova/awesome-esp](https://github.com/agucova/awesome-esp) 
- [**75**Star][10d] [Java] [yechaoa/printerdemo](https://github.com/yechaoa/printerdemo) Android蓝牙连打印机
- [**75**Star][1m] [Go] [vardius/gorouter](https://github.com/vardius/gorouter) Go Server/API micro framework, HTTP request router, multiplexer, mux
- [**75**Star][13d] [Java] [liangchengcheng/logindemo](https://github.com/liangchengcheng/logindemo) Android登录、注册、设置密码、短信验证码简单逻辑界面等
- [**75**Star][3m] [Shell] [ketchoop/letsencrypt-to-vault](https://github.com/ketchoop/letsencrypt-to-vault) Renew or get Let's Encrypt certificates and send it to Hashicorp Vault
- [**75**Star][10d] [yasongxu/container-monitor](https://github.com/yasongxu/container-monitor) 容器监控方案汇总
- [**75**Star][27d] [Py] [erilyth/flappy-bird-genetic-algorithms](https://github.com/erilyth/flappy-bird-genetic-algorithms) Use genetic algorithms to train flappy bird
- [**75**Star][30d] [Rust] [leo-lb/wpbrute-rs](https://github.com/leo-lb/wpbrute-rs) High performance WordPress login bruteforcer with automatic concurrency for maximum amount of tries per second.
- [**75**Star][11d] [C] [cloudsec/exploit](https://github.com/cloudsec/exploit) Some kernel exploit i wrote
- [**75**Star][2m] [C] [betaflight/betaflight-esc](https://github.com/betaflight/betaflight-esc) Open source ESC firmware.
- [**75**Star][3m] [wtsxdev/android-security-list](https://github.com/wtsxdev/android-security-list) Collection of Android security related resources
- [**75**Star][2m] [HTML] [dxa4481/damn-vulnerable-redis-container](https://github.com/dxa4481/damn-vulnerable-redis-container) An example of obtaining RCE via Redis and CSRF
- [**75**Star][4m] [Go] [wallix/triplestore](https://github.com/wallix/triplestore) Nifty library to manage, query and store RDF triples. Make RDF great again!
- [**75**Star][16d] [C] [liji32/mip](https://github.com/liji32/mip) MIP – macOS Injection Platform
- [**75**Star][16d] [Py] [dta0502/nbsprc-spider](https://github.com/dta0502/nbsprc-spider) 国家统计用区划代码和城乡划分代码---爬虫及数据
- [**75**Star][8m] [C] [osirislab/csaw-ctf-2016-quals](https://github.com/osirislab/CSAW-CTF-2016-Quals) Repo for CSAW CTF 2016 Quals challenges
- [**75**Star][10m] [HTML] [ph0en1x-xmu/awesome-ctf-book](https://github.com/Ph0en1x-XMU/Awesome-CTF-Book) Study CTF, study security
- [**75**Star][1m] [PHP] [intelisecurelabs/web-interface](https://github.com/InteliSecureLabs/web-interface) The TPLink WiFi Pineapple's web-interface
- [**75**Star][1m] [Py] [mushorg/buttinsky](https://github.com/mushorg/buttinsky) Botnet monitoring is a crucial part in threat analysis and often neglected due to the lack of proper open source tools. Our tool will provide an open source framework for automated botnet monitoring. The modular design will allow full customization of the used protocols, the monitoring clients behavior, how we log the collected information, proc…
- [**75**Star][3y] [ywolf/f-middlewarescan](https://github.com/ywolf/f-middlewarescan) A vulnerability detection scripts for middleware services
- [**75**Star][4y] [Pascal] [xlinshan/coldroot](https://github.com/xlinshan/coldroot) Mac OS Trojan (RAT) made with love <3
- [**75**Star][4y] [C] [vnik5287/kernel_rop](https://github.com/vnik5287/kernel_rop) 
- [**75**Star][20d] [Py] [v-p-b/pecloakcapstone](https://github.com/v-p-b/pecloakcapstone) Platform independent peCloak fork based on Capstone
- [**75**Star][10m] [Java] [unchartedsoftware/aperture-tiles](https://github.com/unchartedsoftware/aperture-tiles) Aperture-Tiles uses familiar web-based map interactions to allow exploration of arbitrary huge data sets.
- [**75**Star][15d] [Zeek] [tylabs/dovehawk](https://github.com/tylabs/dovehawk) Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
- [**75**Star][1y] [Py] [toxydose/duckyspark](https://github.com/toxydose/duckyspark) Translator from USB-Rubber-Ducky payloads to a Digispark code.
- [**75**Star][21d] [Py] [tintinweb/ethereum-dasm](https://github.com/tintinweb/ethereum-dasm) An ethereum evm bytecode disassembler and static/dynamic analysis tool
- [**75**Star][1m] [C] [tillmannw/honeytrap](https://github.com/tillmannw/honeytrap) a low-interaction honeypot
- [**75**Star][8d] [Shell] [sukkaw/zsh-proxy](https://github.com/sukkaw/zsh-proxy) 
- [**75**Star][2m] [Ruby] [spiderlabs/cve_server](https://github.com/spiderlabs/cve_server) Simple REST-style web service for the CVE searching
- [**75**Star][1m] [Java] [spiderlabs/burplay](https://github.com/spiderlabs/burplay) a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.
- [**75**Star][8m] [C++] [shellvm/shellvm](https://github.com/shellvm/shellvm) A collection of LLVM transform and analysis passes to write shellcode in regular C
- [**75**Star][2m] [C] [securifera/servicefu](https://github.com/securifera/servicefu) Automates credential skimming from service accounts in Windows Registry
- [**75**Star][3y] [C] [rtlsdrblog/tempestsdr](https://github.com/rtlsdrblog/tempestsdr) Remote video eavesdropping using a software-defined radio platform
- [**75**Star][4y] [C++] [razzile/liberation](https://github.com/razzile/liberation) A runtime patching library for iOS. Major rework on unfinished branch
- [**75**Star][5y] [C++] [quangnh89/ollycapstone](https://github.com/quangnh89/ollycapstone) This is a plugin for OllyDbg 1.10 to replace the old disasm engine by Capstone disassembly/disassembler framework.
- [**75**Star][4m] [C] [puppet-meteor/mopt-afl](https://github.com/puppet-meteor/mopt-afl) MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers"
- [**75**Star][22d] [PHP] [phith0n/b374k](https://github.com/phith0n/b374k) PHP Webshell with handy features
- [**75**Star][13d] [C] [oandrew/ipod-gadget](https://github.com/oandrew/ipod-gadget) iPod usb gadget for audio playback
- [**75**Star][26d] [ObjC] [mubix/ditto](https://github.com/mubix/ditto) Binary resource copier
- [**75**Star][4m] [Dockerfile] [misp/misp-docker](https://github.com/misp/misp-docker) MISP Docker (XME edition)
- [**75**Star][1m] [Py] [meejah/carml](https://github.com/meejah/carml) Command-line utility to control Tor.
- [**75**Star][17d] [C] [lucamassarelli/yarasafe](https://github.com/lucamassarelli/yarasafe) SAFE embeddings to match functions in yara
- [**75**Star][17d] [C] [lnslbrty/ptunnel-ng](https://github.com/lnslbrty/ptunnel-ng) Tunnel TCP connections through ICMP.
- [**75**Star][27d] [C] [librecore-org/librecore](https://github.com/librecore-org/librecore) 
- [**75**Star][4y] [lcatro/hacker_document](https://github.com/lcatro/hacker_document) 收集一些以前看过对于入门和进阶很有用的攻击原理文档..
- [**75**Star][6y] [l3m0n/xss-filter-evasion-cheat-sheet-cn](https://github.com/l3m0n/xss-filter-evasion-cheat-sheet-cn) XSS_Filter_Evasion_Cheat_Sheet 中文版
- [**75**Star][1m] [Py] [koutheir/libcxx-pretty-printers](https://github.com/koutheir/libcxx-pretty-printers) GDB Pretty Printers for libc++ of Clang/LLVM
- [**75**Star][2y] [Shell] [kolargol/openvpn](https://github.com/kolargol/openvpn) Build your own private VPN server. OpenVPN, Scramblesuit and DNS up in less then 5 minutes
- [**75**Star][4m] [kingzd/wxdemo](https://github.com/kingzd/wxdemo) 学习练手
- [**75**Star][5y] [C#] [khr0x40sh/whitelistevasion](https://github.com/khr0x40sh/whitelistevasion) Collection of scripts, binaries and the like to aid in WhiteList Evasion on a Microsoft Windows Network.
- [**75**Star][2y] [C++] [kasperskylab/forensicstools](https://github.com/kasperskylab/forensicstools) Tools for DFIR
- [**75**Star][3m] [C] [jtripper/sslnuke](https://github.com/jtripper/sslnuke) Transparent proxy that decrypts SSL traffic and prints out IRC messages.
- [**75**Star][6m] [Py] [jpcertcc/malconfscan-with-cuckoo](https://github.com/jpcertcc/malconfscan-with-cuckoo) Cuckoo Sandbox plugin for extracts configuration data of known malware
- [**75**Star][2y] [HTML] [johnlatwc/msrc](https://github.com/johnlatwc/msrc) Scripts for interacting with MSRC portal data
- [**75**Star][12d] [YARA] [itayc0hen/apt-ecosystem](https://github.com/itayc0hen/apt-ecosystem) This repository contains the website and the tools which are part of the joint research between Check Point Research and Intezer to map the connections inside the APT Ecosystem of Russia.
- [**75**Star][4m] [Py] [ioactive/laf](https://github.com/ioactive/laf) This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.
- [**75**Star][5m] [Py] [incredibleindishell/windows-ad-environment-related](https://github.com/incredibleindishell/windows-ad-environment-related) This Repository contains the stuff related to windows Active directory environment exploitation
- [**75**Star][5m] [Py] [huaisha1224/shadowsocks-client](https://github.com/huaisha1224/shadowsocks-client) The ShadowSocks client is a support multiple server port and password
- [**75**Star][2y] [C++] [hrbust86/hookmsrbysvm](https://github.com/hrbust86/hookmsrbysvm) hook msr by amd svm
- [**75**Star][2m] [Py] [hlldz/wildpwn](https://github.com/hlldz/wildpwn) Brute forcer and shell deployer for WildFly
- [**75**Star][2m] [Py] [gento/dionaea](https://github.com/gento/dionaea) dionaea low interaction honeypot (forked from dionaea.carnivore.it)
- [**75**Star][2m] [Ruby] [geerlingguy/drupal-pi](https://github.com/geerlingguy/drupal-pi) Drupal on Docker on a Raspberry Pi. Pi Dramble's little brother.
- [**75**Star][3m] [C] [forte-research/untracer-afl](https://github.com/forte-research/untracer-afl) An AFL implementation with UnTracer (our coverage-guided tracer)
- [**75**Star][3y] [C++] [eyeofra/winconmon](https://github.com/eyeofra/winconmon) Windows Console Monitoring
- [**75**Star][4m] [JS] [exodusintel/cve-2019-0808](https://github.com/exodusintel/cve-2019-0808) Win32k Exploit by Grant Willcox
- [**75**Star][7y] [JS] [evilpacket/xss.io](https://github.com/evilpacket/xss.io) 
- [**75**Star][17d] [Py] [esecuritylab/kostebek](https://github.com/esecuritylab/kostebek) 
- [**75**Star][4y] [Java] [directdefense/superserial](https://github.com/directdefense/superserial) SuperSerial - Burp Java Deserialization Vulnerability Identification
- [**75**Star][4m] [Py] [dionach/panhunt](https://github.com/dionach/panhunt) PANhunt searches for credit card numbers (PANs) in directories.
- [**75**Star][8d] [davidfowl/windbgcheatsheet](https://github.com/davidfowl/windbgcheatsheet) This is a cheat sheet for windbg
- [**75**Star][2m] [Py] [dantangfan/ddos](https://github.com/dantangfan/ddos) ddos attact
- [**75**Star][11d] [Py] [daniellerch/aletheia](https://github.com/daniellerch/aletheia) Image steganalysis using state-of-the-art machine learning techniques
- [**75**Star][3y] [C] [dadas190/heavens-gate-2.0](https://github.com/dadas190/heavens-gate-2.0) Executes 64bit code from a 32bit process
- [**75**Star][4m] [Py] [d4vinci/pyloggy](https://github.com/d4vinci/pyloggy) A python keylogger that does more than any other keylogger - Key logger, Clicks logger and Screenshots
- [**75**Star][6y] [C] [cooloppo/reclass](https://github.com/cooloppo/reclass) A tool for reconstructing data types based on memory - [Outdated; use ReClassEx]
- [**75**Star][2y] [C] [chinatiny/inlinehooklib](https://github.com/chinatiny/inlinehooklib) 同时支持用户和内核模式的Inlinehook库
- [**75**Star][5y] [PS] [cheetz/powertools](https://github.com/cheetz/powertools) Veil's PowerTools are a collection of PowerShell projects with a focus on offensive operations.
- [**75**Star][25d] [JS] [certtools/intelmq-manager](https://github.com/certtools/intelmq-manager) IntelMQ Manager is a graphical interface to manage configurations for IntelMQ framework.
- [**75**Star][14d] [Py] [cert-polska/n6](https://github.com/cert-polska/n6) Automated handling of data feeds for security teams
- [**75**Star][12d] [Shell] [bcapptain/dockernymous](https://github.com/bcapptain/dockernymous) A script used to create a whonix like gateway/workstation environment with docker containers.
- [**75**Star][28d] [Py] [bbva/deeptracy](https://github.com/bbva/deeptracy) The Security Dependency Orchestrator Service
- [**75**Star][1m] [Java] [aress31/swurg](https://github.com/aress31/swurg) Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments
- [**75**Star][7m] [Py] [anvilventures/lookinsidethebox](https://github.com/anvilventures/lookinsidethebox) Breaks the encryption and obfuscation layers that Dropbox applies to their modified Python interpreter.
- [**75**Star][1m] [Py] [antojoseph/diff-droid](https://github.com/antojoseph/diff-droid) Various Scripts for Mobile Pen-testing with Frida
- [**75**Star][6m] [C] [anssi-fr/oradad](https://github.com/anssi-fr/oradad) Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active Directory data
- [**75**Star][19d] [Py] [anssi-fr/bootcode_parser](https://github.com/anssi-fr/bootcode_parser) A boot record parser that identifies known good signatures for MBR, VBR and IPL.
- [**75**Star][18d] [C] [alexwebr/salsa20](https://github.com/alexwebr/salsa20) An implementation of the Salsa20 stream cipher in C99
- [**75**Star][4m] [Py] [alexdetrano/4can](https://github.com/alexdetrano/4can) 
- [**75**Star][6m] [Batchfile] [0xcoto/evilusb](https://github.com/0xcoto/evilusb) Turn an ordinary USB drive into a malicious social-engineering USB
- [**74**Star][5m] [hydrabus/hydrabus](https://github.com/hydrabus/hydrabus) HydraBus an open source multi-tool hardware for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
- [**74**Star][5m] [Py] [yangjianxin1/qqmusicspider](https://github.com/yangjianxin1/qqmusicspider) 基于Scrapy的QQ音乐爬虫(QQ Music Spider)，爬取歌曲信息、歌词、精彩评论等，并且分享了QQ音乐中排名前6400名的内地和港台歌手的49万+的音乐语料
- [**74**Star][6m] [Elixir] [cit/mldht](https://github.com/cit/mldht) MLDHT is an elixir package that provides a mainline DHT implementation according to BEP 05.
- [**74**Star][23d] [C] [geniosa/qbot](https://github.com/geniosa/qbot) Qbot Botnet. Telnet botnet, most powerfull and strong botnet. requirements: 2 linux server.
- [**74**Star][19d] [Shell] [paul-nelson-baker/git-openssl-shellscript](https://github.com/paul-nelson-baker/git-openssl-shellscript) Shellscript to compile git with OpenSSL
- [**74**Star][11d] [Go] [v-braun/go2p](https://github.com/v-braun/go2p) Simple to use but full configurable p2p framework
- [**74**Star][23d] [Go] [thumbai/thumbai](https://github.com/thumbai/thumbai) Go Mod Repository, Go Vanity Server and Proxy Server
- [**74**Star][24d] [Py] [mondeja/pymarketcap](https://github.com/mondeja/pymarketcap) Python3 API wrapper and web scraper for
- [**74**Star][12d] [JS] [ecmadao/algorithms](https://github.com/ecmadao/algorithms) Algorithms notes & LeetCode/Codewars solutions by Node.js, Swift and Haskell
- [**74**Star][20d] [C#] [ravahn/machina](https://github.com/ravahn/machina) Network capture library for realtime TCP/IP decoding from a windows application. Includes an extension library to support FFXIV data capture.
- [**74**Star][12d] [Java] [blue-troy/91porn-crawler](https://github.com/blue-troy/91porn-crawler) 91 porn crawler. 自动爬取并下载你想要的91porn热门视频。Automatically download your "favorite" 91porn hot movies.
- [**74**Star][2m] [Py] [tzw0745/tumblr-crawler-cli](https://github.com/tzw0745/tumblr-crawler-cli) Tumblr Download Tool with High Speed and Customization. 高性能&高定制化的Tumblr下载工具。
- [**74**Star][28d] [Swift] [amosavian/amsmb2](https://github.com/amosavian/amsmb2) Swift framework to connect SMB2/3 shares
- [**74**Star][14d] [Java] [neykov/extract-tls-secrets](https://github.com/neykov/extract-tls-secrets) Decrypt HTTPS/TLS connections on the fly with Wireshark
- [**74**Star][29d] [Shell] [pwdonald/chromeos-qemu-docker](https://github.com/pwdonald/chromeos-qemu-docker) WIP instructions to run docker inside of a QEMU environment on ChromeOS using Termux.
- [**74**Star][11d] [Jupyter Notebook] [mithi/algorithm-playground](https://github.com/mithi/algorithm-playground) An (old) and unstructured (messy tbh) collection of programming exercises.
- [**74**Star][4m] [Py] [golismero/openvas_lib](https://github.com/golismero/openvas_lib) OpenVAS connector for versions 6, 7, 8 and 9
- [**74**Star][2m] [Py] [jiansiting/wpa2-krack](https://github.com/jiansiting/wpa2-krack) 
- [**74**Star][8y] [Ruby] [pentestgeek/scripts](https://github.com/pentestgeek/scripts) A collection of useful scripts for penetration testers
- [**74**Star][27d] [C] [shellphish/afl-other-arch](https://github.com/shellphish/afl-other-arch) AFL, with scripts to support other architectures.
- [**74**Star][2y] [CSS] [facert/scrapy_helper](https://github.com/facert/scrapy_helper) Dynamic configurable crawl (动态可配置化爬虫)
- [**74**Star][29d] [Shell] [threatexpress/pasties](https://github.com/threatexpress/pasties) A collection of random bits of information common to many individual penetration tests, red teams, and other assessments
- [**74**Star][13d] [Py] [feeicn/exif](https://github.com/feeicn/exif) EXIF information viewer(查看照片中隐藏的各类信息)
- [**74**Star][3m] [Shell] [shadowsocks/stackscript](https://github.com/shadowsocks/stackscript) 
- [**74**Star][12d] [C++] [cmu-sei/biggrep](https://github.com/cmu-sei/biggrep) A scalable search index for binary files
- [**74**Star][13d] [Py] [ma1co/fwtool.py](https://github.com/ma1co/fwtool.py) A tool to unpack Sony camera firmware images
- [**74**Star][11d] [Py] [lylemi/browser-fuzz-summarize](https://github.com/lylemi/browser-fuzz-summarize) Browser Fuzz Summarize / 浏览器模糊测试综述
- [**74**Star][1y] [C#] [checkymander/sharp-smbexec](https://github.com/checkymander/Sharp-SMBExec) SMBExec C# module
- [**74**Star][15d] [C] [deeptechlabs/meltdown](https://github.com/deeptechlabs/meltdown) Local Exploit for Meltdown
- [**74**Star][19d] [Py] [zsxsoft/regeorg](https://github.com/zsxsoft/regeorg) A modified reGeorg for One-line PHP Shell.
- [**74**Star][13d] [Go] [yryz/httpproxy](https://github.com/yryz/httpproxy) 一个轻量级HTTP代理，支持shadowsocks服务，方便命令行、开发环境使用。
- [**74**Star][2y] [Py] [yoda66/androidembedit](https://github.com/yoda66/androidembedit) A quick and dirty python script to embed a Metasploit generated APK file into another APK for fun.
- [**74**Star][2y] [C++] [xrobots/robotx](https://github.com/xrobots/robotx) All the things for RobotX
- [**74**Star][23d] [Ruby] [weppos/whois-parser](https://github.com/weppos/whois-parser) An intelligent — pure Ruby — WHOIS parser.
- [**74**Star][1m] [JS] [webxscan/linux_rat](https://github.com/webxscan/linux_rat) Linux Reverse Shell RAT
- [**74**Star][3m] [C++] [vusec/guardion](https://github.com/vusec/guardion) Android GuardION patches to mitigate DMA-based Rowhammer attacks on ARM
- [**74**Star][12m] [PHP] [vlucas/pikirasa](https://github.com/vlucas/pikirasa) PKI public/private RSA key encryption using the OpenSSL extension
- [**74**Star][1y] [Py] [viperbluff/portwitness](https://github.com/viperbluff/portwitness) Tool for checking Whether a domain or its multiple sub-domains are up and running.
- [**74**Star][6y] [Java] [veeti/disableflagsecure](https://github.com/veeti/disableflagsecure) 
- [**74**Star][2m] [Py] [takeshixx/knxmap](https://github.com/takeshixx/knxmap) KNXnet/IP scanning and auditing tool for KNX home automation installations.
- [**74**Star][5m] [Py] [sumoprojects/sumoeasyminer](https://github.com/sumoprojects/sumoeasyminer) The most easy, intuitive CPU miner for cryptonote-based cryptocurrency
- [**74**Star][4m] [Assembly] [siguza/aprr](https://github.com/siguza/aprr) Apple hardware secrets
- [**74**Star][1y] [PHP] [rajkumrdusad/ip-tracer](https://github.com/rajkumrdusad/ip-tracer) Track any ip address with IP-Tracer. IP-Tracer is developed for linux and android terminal like Termux and GNURoot Debian. you can retrieve any ip address information using IP-Tracer.
- [**74**Star][3m] [Py] [pyobfx/pyobfx](https://github.com/pyobfx/pyobfx) Python Obfuscator & Packer
- [**74**Star][13d] [C] [pvachon/tsl-sdr](https://github.com/pvachon/tsl-sdr) Software Defined Radio Demodulation and Decoding Tools
- [**74**Star][6m] [JS] [nv/console.js](https://github.com/nv/console.js) Crossbrowser Firebug console API. Improves Opera Dragonfly and IE developer tools.
- [**74**Star][1m] [Java] [novoda/dojos](https://github.com/novoda/dojos) This is where the Novoda team do all their hacking
- [**74**Star][2m] [Shell] [nodesocket/cryptr](https://github.com/nodesocket/cryptr) A simple shell utility for encrypting and decrypting files using OpenSSL.
- [**74**Star][2m] [C++] [noddos/noddos](https://github.com/noddos/noddos) Noddos client
- [**74**Star][4y] [Py] [nccgroup/ble-replay](https://github.com/nccgroup/ble-replay) BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool
- [**74**Star][10m] [Java] [nccgroup/berserko](https://github.com/nccgroup/berserko) Burp Suite extension to perform Kerberos authentication
- [**74**Star][3y] [C] [moyix/panda](https://github.com/moyix/panda) Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository
- [**74**Star][6m] [Py] [matir/pwnableweb](https://github.com/matir/pwnableweb) PwnableWeb is a suite of web applications for use in information security training.
- [**74**Star][25d] [Py] [marekrei/theano-tutorial](https://github.com/marekrei/theano-tutorial) Basic Theano code samples
- [**74**Star][18d] [Py] [m8r0wn/ldap_search](https://github.com/m8r0wn/ldap_search) Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
- [**74**Star][2m] [JS] [kn9ts/dumb-passwords](https://github.com/kn9ts/dumb-passwords) Don't let your user be a victim of their own action
- [**74**Star][2y] [Py] [kdaoudieh/bella](https://github.com/kdaoudieh/bella) Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS.
- [**74**Star][4m] [Kotlin] [jire/overwatcheat](https://github.com/jire/overwatcheat) Free, open-source undetected color cheat!
- [**74**Star][12m] [C++] [invictus1306/functrace](https://github.com/invictus1306/functrace) A function tracer
- [**74**Star][5y] [Py] [integrissecurity/carbonator](https://github.com/integrissecurity/carbonator) The Burp Suite Pro extension that automates scope, spider & scan from the command line. 
- [**74**Star][10d] [Py] [integeruser/on-pwning](https://github.com/integeruser/on-pwning) My solutions to some CTF challenges and a list of interesting resources about pwning stuff
- [**74**Star][22d] [Py] [inayatkh/tracking-python3](https://github.com/inayatkh/tracking-python3) In this repository I will give some implementation of single and multiple object tracking algorithms. These include meanShift, CamShift, Boosting, MIL, KCF, TLD , GoTurn, and MedianFlow. Additionally I will show you how to grab frames at a very high FPS from camera and videos.
- [**74**Star][4m] [Java] [ikkisoft/bradamsa](https://github.com/ikkisoft/bradamsa) Burp Suite extension to generate Intruder payloads using Radamsa
- [**74**Star][16d] [JS] [hugsy/windbg_js_scripts](https://github.com/hugsy/windbg_js_scripts) Toy scripts for playing with WinDbg JS API
- [**74**Star][8y] [Py] [hellais/buckle-up](https://github.com/hellais/buckle-up) Script for running Mac OS X applications in a sandbox and a collection of seatbelt profiles
- [**74**Star][4m] [JS] [hapijs/good-console](https://github.com/hapijs/good-console) Console reporting for Good process monitor
- [**74**Star][15d] [Java] [gmu-swe/phosphor](https://github.com/gmu-swe/phosphor) Phosphor: Dynamic Taint Tracking for the JVM
- [**74**Star][3m] [PHP] [geekchannel/webmap](https://github.com/geekchannel/webmap) NMAP via web
- [**74**Star][2m] [Py] [exp0se/harbinger](https://github.com/exp0se/harbinger) Harbinger Threat Intelligence
- [**74**Star][3m] [Py] [embedi/meloader](https://github.com/embedi/meloader) Intel Management Engine firmware loader plugin for IDA
- [**74**Star][6m] [Py] [dmayer/time_trial](https://github.com/dmayer/time_trial) Time Trial - A tool for performing feasibility analyses of timing attacks
- [**74**Star][6m] [Go] [dlion/guesstor](https://github.com/dlion/guesstor) Bruteforces [.onion] domains
- [**74**Star][2m] [Ruby] [devunwired/apktools](https://github.com/devunwired/apktools) Ruby library for reading/parsing APK resource data
- [**74**Star][3m] [Ruby] [dev-sec/chef-windows-hardening](https://github.com/dev-sec/chef-windows-hardening) This chef cookbook provides windows hardening configurations for the DevSec Windows baseline profile.
- [**74**Star][2m] [PS] [decoder-it/psportfwd](https://github.com/decoder-it/psportfwd) a simple portforwarder in ps1 with embeded c# code
- [**74**Star][1m] [HTML] [cytoscape/cytoscape.js-cose-bilkent](https://github.com/cytoscape/cytoscape.js-cose-bilkent) The CoSE layout for Cytoscape.js by Bilkent with enhanced compound node placement.
- [**74**Star][17d] [HTML] [cybersaxostiger/pervertgram](https://github.com/cybersaxostiger/pervertgram) A project for stalking people on Instagram.
- [**74**Star][1y] [Go] [coreos/torcx](https://github.com/coreos/torcx) torcx is a boot-time addon manager for immutable systems
- [**74**Star][22d] [Java] [chhsiao90/nitmproxy](https://github.com/chhsiao90/nitmproxy) Proxy server based on netty
- [**74**Star][13d] [Elixir] [calidog/certstream-server](https://github.com/calidog/certstream-server) Certificate Transparency Log aggregation, parsing, and streaming service written in Elixir
- [**74**Star][5y] [Py] [binsigma/binsourcerer](https://github.com/binsigma/binsourcerer) Assembly to Source Code Matching Framework for IDA Pro.
- [**74**Star][1m] [Shell] [baguswiratmaadi/reverie](https://github.com/baguswiratmaadi/reverie) Automated Pentest Tools Designed For Parrot Linux
- [**74**Star][1m] [Py] [antojoseph/droid-ff](https://github.com/antojoseph/droid-ff) Android File Fuzzing Framework
- [**74**Star][1m] [Shell] [andrewmichaelsmith/honeypot-setup-script](https://github.com/andrewmichaelsmith/honeypot-setup-script) Honeypot (Dionaea and kippo) setup script
- [**74**Star][1m] [Py] [aliasrobotics/aztarna](https://github.com/aliasrobotics/aztarna) aztarna, a footprinting tool for robots.
- [**74**Star][17d] [aldelaro5/ghidra-gekko-broadway-lang](https://github.com/aldelaro5/ghidra-gekko-broadway-lang) Ghidra language definition for the Gekko and Broadway CPU variant used in the Nintendo GameCube and Nintendo Wii respectively
- [**74**Star][2m] [80vul/pasc2at](https://github.com/80vul/pasc2at) Php Application Source Code Audits Advanced Technology
- [**74**Star][2y] [C++] [3gstudent/inject-dll-by-apc](https://github.com/3gstudent/inject-dll-by-apc) Asynchronous Procedure Calls
- [**74**Star][11d] [Py] [04x/instagramcracker](https://github.com/04x/instagramcracker) Full Speed Instagram Cracker
- [**73**Star][10d] [C] [zznop/drow](https://github.com/zznop/drow) Injects code into ELF executables post-build
- [**73**Star][4m] [C#] [0xthirteen/movekit](https://github.com/0xthirteen/movekit) Cobalt Strike kit for Lateral Movement
- [**73**Star][4m] [Py] [vernamlab/tpm-fail](https://github.com/vernamlab/tpm-fail) TPM-Fail Attack code & data
- [**73**Star][11d] [JS] [melphi/algobox](https://github.com/melphi/algobox) Open Source algorithmic trading platform in Java / Python
- [**73**Star][2y] [Py] [taiwanstat/taiwan-news-crawlers](https://github.com/taiwanstat/taiwan-news-crawlers) Scrapy-based Crawlers for news of Taiwan
- [**73**Star][4m] [OCaml] [hannesm/tlstunnel](https://github.com/hannesm/tlstunnel) TLS tunnel -- an alternative to stud / stunnel
- [**73**Star][1m] [C#] [xboxeer/nscrapy](https://github.com/xboxeer/nscrapy) NScrapy is a .net core corss platform Distributed Spider Framework which provide an easy way to write your own Spider
- [**73**Star][25d] [C] [tostercx/ssocks](https://github.com/tostercx/ssocks) sSocks fork for windows support; original:
- [**73**Star][7d] [C] [henryrlee/pokerhandevaluator](https://github.com/henryrlee/pokerhandevaluator) An efficient poker hand evaluation algorithm and its implementation in multiple programming languages
- [**73**Star][3m] [PHP] [mpyw/php-hyper-builtin-server](https://github.com/mpyw/php-hyper-builtin-server) Reverse proxy for PHP built-in server which supports multiprocessing and TLS/SSL encryption
- [**73**Star][8m] [Py] [veil-framework/veil-catapult](https://github.com/veil-framework/veil-catapult) Veil Catapult is no longer supported
- [**73**Star][6m] [Py] [splewis/get5-web](https://github.com/splewis/get5-web) An unsupported, proof-of-concept webpanel for servers using the get5 CS:GO server plugin. Please don't use it.
- [**73**Star][11d] [Java] [ayrx/jnianalyzer](https://github.com/ayrx/jnianalyzer) Analysis scripts for Ghidra to work with Android NDK libraries.
- [**73**Star][12d] [JS] [groundcat/shadowsocks-back-china-pac](https://github.com/groundcat/Shadowsocks-Back-China-PAC) 翻墙回国 Clash, PEPI, PAC 规则
- [**73**Star][3m] [motherfuzzers/meetups](https://github.com/motherfuzzers/meetups) Materials from Fuzzing Bay Area meetups
- [**73**Star][12d] [Py] [giantbranch/mipsaudit](https://github.com/giantbranch/mipsaudit) IDA script to assist in MIPS static scan
- [**73**Star][21d] [vysecurity/cve-2018-4878](https://github.com/vysecurity/CVE-2018-4878) Aggressor Script to launch IE driveby for CVE-2018-4878
- [**73**Star][13d] [Py] [philomathic-guy/malicious-web-content-detection-using-machine-learning](https://github.com/philomathic-guy/Malicious-Web-Content-Detection-Using-Machine-Learning) Chrome extension for detecting phishing web sites
- [**73**Star][14d] [PS] [dsccommunity/certificatedsc](https://github.com/dsccommunity/CertificateDsc) DSC resources to simplify administration of certificates on a Windows Server.
- [**73**Star][4m] [Go] [qax-a-team/ntlmsocks](https://github.com/QAX-A-Team/NtlmSocks) a pass-the-hash tool
- [**73**Star][7m] [Shell] [ctfhacker/ctf-vagrant-64](https://github.com/ctfhacker/ctf-vagrant-64) 
- [**73**Star][30d] [C] [zhuowei/qemu](https://github.com/zhuowei/qemu) Patched version of QEMU for exploring XNU arm64 emulation.
- [**73**Star][3m] [C] [yrp604/atc-sources](https://github.com/yrp604/atc-sources) Attacking the Core associated source files
- [**73**Star][2m] [Java] [yolosec/routerkeygenandroid](https://github.com/yolosec/routerkeygenandroid) Router Keygen generate default WPA/WEP keys for several routers.
- [**73**Star][24d] [yassergersy/cazador_unr](https://github.com/yassergersy/cazador_unr) Simple Hacking tools
- [**73**Star][2y] [HTML] [xuechiyaobai/v8_november_2017](https://github.com/xuechiyaobai/v8_november_2017) 
- [**73**Star][2m] [C++] [waleedassar/antidebug](https://github.com/waleedassar/antidebug) Collection Of Anti-Debugging Tricks
- [**73**Star][4y] [vrtadmin/first](https://github.com/vrtadmin/first) Function Identification and Recovery Signature Tool
- [**73**Star][1m] [vanhauser-thc/afl-patches](https://github.com/vanhauser-thc/afl-patches) Patches to afl to fix bugs or add enhancements
- [**73**Star][7d] [Py] [usyd-blockchain/vandal](https://github.com/usyd-blockchain/vandal) Static program analysis framework for Ethereum smart contract bytecode.
- [**73**Star][4m] [tigaxmt/hackerone-lessons](https://github.com/tigaxmt/hackerone-lessons) Transcribed video lessons of HackerOne to pdf's
- [**73**Star][28d] [Py] [tengzhangchao/microsoftspider](https://github.com/tengzhangchao/microsoftspider) 爬取微软漏洞信息，MS对应的每个版本操作系统KB号以及补丁下载地址。
- [**73**Star][16d] [C] [siguza/hsp4](https://github.com/siguza/hsp4) macOS kext for host_special_port(4) patch
- [**73**Star][2y] [C] [shift-crops/escapeme](https://github.com/shift-crops/escapeme) TokyoWestens CTF 4th 2018 EscapeMe challenge
- [**73**Star][6y] [C++] [sherifeldeeb/inmet](https://github.com/sherifeldeeb/inmet) A multi-purpose meterpreter executable (inline, many transports, msfpayload)
- [**73**Star][27d] [JS] [saelo/jscpwn](https://github.com/saelo/jscpwn) PoC exploit for CVE-2016-4622
- [**73**Star][4m] [Py] [s1egesystems/ghostdelivery](https://github.com/s1egesystems/ghostdelivery) .vbs script to deliver payload with persistence.
- [**73**Star][4y] [C++] [rrbranco/blackhat2016](https://github.com/rrbranco/blackhat2016) Black Hat 2016 Slides, Paper and Code
- [**73**Star][19d] [C++] [rrbranco/blackhat2012](https://github.com/rrbranco/blackhat2012) Blackhat 2012 Sample Codes
- [**73**Star][5m] [Py] [rocky/python3-trepan](https://github.com/rocky/python3-trepan) A gdb-like Python3 Debugger in the Trepan family
- [**73**Star][4m] [Java] [pibigstar/parsevip](https://github.com/pibigstar/parsevip) 解析VIP资源，解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
- [**73**Star][4m] [outflanknl/presentations](https://github.com/outflanknl/presentations) 
- [**73**Star][3m] [HTML] [onplus/shadowsocks-websocket-python](https://github.com/onplus/shadowsocks-websocket-python) shadowsocks over WebSocket, support Heroku.
- [**73**Star][3y] [Py] [nmalcolm/inventus](https://github.com/nmalcolm/inventus) Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.
- [**73**Star][2y] [C++] [nickcano/relocbonus](https://github.com/nickcano/relocbonus) An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.
- [**73**Star][12d] [netstalking-core/netstalking-osint](https://github.com/netstalking-core/netstalking-osint) Коллекция материалов по OSINT для нетсталкинга
- [**73**Star][20d] [C] [nektra/vtbl-ida-pro-plugin](https://github.com/nektra/vtbl-ida-pro-plugin) Identifying Virtual Table Functions using VTBL IDA Pro Plugin + Deviare Hooking Engine
- [**73**Star][9m] [C++] [nayuki/bitcoin-cryptography-library](https://github.com/nayuki/bitcoin-cryptography-library) Nayuki's implementation of cryptographic primitives used in Bitcoin.
- [**73**Star][2y] [Py] [n4xh4ck5/rastleak](https://github.com/n4xh4ck5/rastleak) Tool to automatic leak information using Hacking with engine searches
- [**73**Star][11d] [Py] [mwleeds/android-malware-analysis](https://github.com/mwleeds/android-malware-analysis) This project seeks to apply machine learning algorithms to Android malware classification.
- [**73**Star][4y] [PHP] [moserware/phpskills](https://github.com/moserware/phpskills) An implementation of the TrueSkill algorithm in PHP
- [**73**Star][23d] [Assembly] [mist64/c64rom](https://github.com/mist64/c64rom) Commodore 64 BASIC and KERNAL Source
- [**73**Star][Py] [minisafe/microscan](https://github.com/minisafe/microscan) MicroScan 基于B/S架构微扫描器
- [**73**Star][2y] [Kotlin] [menjoo/android-ssl-pinning-webviews](https://github.com/menjoo/android-ssl-pinning-webviews) A simple demo app that demonstrates Certificate pinning and scheme/domain whitelisting in Android WebViews
- [**73**Star][5m] [PS] [mdavis332/domainpasswordspray](https://github.com/mdavis332/domainpasswordspray) DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts that are expired, disabled locked out, or within 1 lockout attempt.
- [**73**Star][6y] [PS] [mattifestation/powerworm](https://github.com/mattifestation/powerworm) Analysis, detection, and removal of the "Power Worm" PowerShell-based malware
- [**73**Star][1m] [Py] [mak/ekdeco](https://github.com/mak/ekdeco) Scripts for dealing with various ek's
- [**73**Star][1y] [TS] [louisvillemetro/wazeccpprocessor](https://github.com/louisvillemetro/wazeccpprocessor) Waze WARP takes your CCP data feed and processes it into your cloud provider for access, analysis, and visualization. An Open Government Coalition (OGC) project.
- [**73**Star][4y] [Py] [lorexxar/bscanner](https://github.com/lorexxar/bscanner) 一直没有顺手的扫描器，那就自己写一个吧
- [**73**Star][4m] [Py] [loolzec/asu](https://github.com/loolzec/asu) facebook hacking toolkit
- [**73**Star][4m] [Py] [jiangsir404/pbscan](https://github.com/jiangsir404/pbscan) 基于burpsuite headless 的代理式被动扫描系统
- [**73**Star][1y] [Py] [itsmehacker/ducky-exploit](https://github.com/itsmehacker/ducky-exploit) Arduino Rubber Ducky Framework
- [**73**Star][6y] [Java] [irsdl/burpsuitejsbeautifier](https://github.com/irsdl/burpsuitejsbeautifier) Burp Suite JS Beautifier
- [**73**Star][30d] [Go] [ihciah/inner-shadowsocks](https://github.com/ihciah/inner-shadowsocks) Shadowsocks -> socks5 on server. (Created for providing socks5 proxy for Telegram)
- [**73**Star][10d] [Py] [idapython/pyhexraysdeob](https://github.com/idapython/pyhexraysdeob) A port of Rolf Rolles hexraysdeob
- [**73**Star][14d] [C#] [holly-hacker/dnspy.extension.holly](https://github.com/holly-hacker/dnspy.extension.holly) A dnSpy extension to aid reversing of obfuscated assemblies
- [**73**Star][13d] [JS] [himadriganguly/sqlilabs](https://github.com/himadriganguly/sqlilabs) Lab set-up for learning SQL Injection Techniques
- [**73**Star][18d] [Assembly] [hardenedlinux/firmware-anatomy](https://github.com/hardenedlinux/firmware-anatomy) Tear the firmware apart with your bare hands;-)
- [**73**Star][6m] [Go] [grahamedgecombe/ct-submit](https://github.com/grahamedgecombe/ct-submit) A program for submitting X.509 certificate chains to Certificate Transparency log servers.
- [**73**Star][16d] [TS] [geeksonsecurity/illuminatejs](https://github.com/geeksonsecurity/illuminatejs) IlluminateJs is a static JavaScript deobfuscator
- [**73**Star][3y] [C#] [foxglovesec/hpwn](https://github.com/foxglovesec/hpwn) HP printer security research code
- [**73**Star][1m] [C] [flxwu/spectre-attack-demo](https://github.com/flxwu/spectre-attack-demo) Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack
- [**73**Star][21d] [Go] [evilsocket/sum](https://github.com/evilsocket/sum) A specialized database server for linear algebra and machine learning.
- [**73**Star][2m] [Py] [entynetproject/arissploit](https://github.com/entynetproject/arissploit) Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
- [**73**Star][6y] [enigma0x3/powershell-payload-excel-delivery](https://github.com/enigma0x3/powershell-payload-excel-delivery) Uses Invoke-Shellcode to execute a payload and persist on the system.
- [**73**Star][3m] [C] [elfmaster/kdress](https://github.com/elfmaster/kdress) Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore
- [**73**Star][15d] [Py] [einstein-/poodle](https://github.com/einstein-/poodle) A Proof of Concept for the POODLE vulnerability in SSLv3
- [**73**Star][2y] [Ruby] [dyjakan/interpreter-bugs](https://github.com/dyjakan/interpreter-bugs) Fuzzing results for various interpreters.
- [**73**Star][4y] [PS] [darkoperator/posh-virustotal](https://github.com/darkoperator/posh-virustotal) PowerShell Module to interact with VirusTotal
- [**73**Star][4m] [C] [danielkrupinski/memject](https://github.com/danielkrupinski/memject) Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.
- [**73**Star][4m] [HTML] [crackinglandia/pype32](https://github.com/crackinglandia/pype32) Yet another Python library to read and write PE/PE+ files.
- [**73**Star][4m] [Py] [compoterhacker/mehrai](https://github.com/compoterhacker/mehrai) docker based telnet honeypot
- [**73**Star][4m] [HTML] [clr2of8/cookiecrimesjs](https://github.com/clr2of8/cookiecrimesjs) A cross-platform one-liner to steal a user's cookies from Chrome <- cool
- [**73**Star][2y] [Py] [chrispcampbell/qrocodile](https://github.com/chrispcampbell/qrocodile) A kid-friendly system for controlling Sonos with QR codes
- [**73**Star][4m] [PS] [chef-koch/windows-10-hardening](https://github.com/chef-koch/windows-10-hardening) Windows 10 hardening guide without gimmicks
- [**73**Star][4m] [chef-koch/projectx](https://github.com/chef-koch/projectx) DarkWeb Overview
- [**73**Star][5m] [C#] [c4bbage/pentestscripts](https://github.com/c4bbage/pentestscripts) 白名单利用代码、渗透工具
- [**73**Star][2y] [Batchfile] [b4rtik/hiddenpowershelldll](https://github.com/b4rtik/hiddenpowershelldll) 
- [**73**Star][3y] [androidtamer/androidtamer](https://github.com/androidtamer/androidtamer) We Use Github Extensively and openly. So it becomes dificult to track what's what and what's where. This repository is a master repo to Help with that.
- [**73**Star][3m] [Makefile] [adamdoupe/ctf-training](https://github.com/adamdoupe/ctf-training) 
- [**73**Star][18d] [Py] [0xsearches/sandcastle](https://github.com/0xsearches/sandcastle) 
- [**72**Star][10d] [C] [antoineco/broadcom-wl](https://github.com/antoineco/broadcom-wl) Broadcom Linux hybrid wireless driver (64-bit)
- [**72**Star][3y] [Py] [aaldaber/distributed-multi-user-scrapy-system-with-a-web-ui](https://github.com/aaldaber/distributed-multi-user-scrapy-system-with-a-web-ui) Django based application that allows creating, deploying and running Scrapy spiders in a distributed manner
- [**72**Star][2m] [C#] [komefai/ps4remoteplayinterceptor](https://github.com/komefai/ps4remoteplayinterceptor) A small .NET library to intercept and inject controls on PS4 Remote Play for Windows
- [**72**Star][4m] [Py] [bartdag/pylinkvalidator](https://github.com/bartdag/pylinkvalidator) pylinkvalidator is a standalone and pure python link validator and crawler that traverses a web site and reports errors (e.g., 500 and 404 errors) encountered.
- [**72**Star][10d] [JS] [miguelmota/sobel](https://github.com/miguelmota/sobel) Sobel Filter algorithm in JavaScript.
- [**72**Star][8d] [C++] [danielkrupinski/goesp](https://github.com/danielkrupinski/goesp) Free open source stream-proof ESP hack for Counter-Strike: Global Offensive, written in modern C++. Rendering and GUI powered by imgui.
- [**72**Star][3m] [JS] [rohanrhu/gdb-frontend](https://github.com/rohanrhu/gdb-frontend) ☕ GDBFrontend is an easy, flexible and extensionable gui debugger.
- [**72**Star][1m] [ObjC] [cocoajin/security-ios](https://github.com/cocoajin/security-ios) some NSData Category for doing RSA,AES,MD5,SHA1,SHA256,Sign,Verify on iOS Cryptography
- [**72**Star][14d] [Makefile] [tlswg/draft-ietf-tls-esni](https://github.com/tlswg/draft-ietf-tls-esni) Encrypted Server Name Indication for TLS 1.3
- [**72**Star][29d] [C] [heiher/hev-socks5-tproxy](https://github.com/heiher/hev-socks5-tproxy) A simple, lightweight socks5 transparent proxy for Linux
- [**72**Star][25d] [Ruby] [etsy/chef-whitelist](https://github.com/etsy/chef-whitelist) Simple library to enable host based rollouts of changes
- [**72**Star][2m] [Py] [tum-vision/captcha_recognition](https://github.com/tum-vision/captcha_recognition) CAPTCHA Recognition with Active Deep Learning
- [**72**Star][3m] [Nginx] [localtunnel/nginx](https://github.com/localtunnel/nginx) nginx container used as the localtunnel load balancer
- [**72**Star][28d] [Hack] [defuse/crackstation](https://github.com/defuse/crackstation) Source code for my crackstation.net website.
- [**72**Star][18d] [Py] [0x90/wifi-scripts](https://github.com/0x90/wifi-scripts) Misc scripts and tools for WiFi
- [**72**Star][25d] [Py] [gosecure/freshonions-torscraper](https://github.com/gosecure/freshonions-torscraper) Fresh Onions is an open source TOR spider / hidden service onion crawler
- [**72**Star][2m] [JS] [phith0n/xray-poc-generation](https://github.com/phith0n/xray-poc-generation) 
- [**72**Star][16d] [JS] [danyshaanan/osx-wifi-cli](https://github.com/danyshaanan/osx-wifi-cli) 
- [**72**Star][3y] [C++] [wyexe/lol_china](https://github.com/wyexe/LOL_China) 
- [**72**Star][1m] [Jupyter Notebook] [mozilla/overscripted](https://github.com/mozilla/overscripted) Repository for the Mozilla Overscripted Data Mining Challenge
- [**72**Star][5m] [Py] [bbva/patton](https://github.com/BBVA/patton) The clever vulnerability dependency finder
- [**72**Star][20d] [Py] [chris-rands/emojify](https://github.com/chris-rands/emojify) Obfuscate your python script by converting it to emoji icons
- [**72**Star][23d] [Java] [lmax-exchange/disruptor-proxy](https://github.com/LMAX-Exchange/disruptor-proxy) Byte-code generator to create Disruptor-backed proxies
- [**72**Star][29d] [shmilylty/awesome-malware-analysis](https://github.com/shmilylty/awesome-malware-analysis) A curated list of awesome malware analysis tools and resources
- [**72**Star][3m] [C++] [avatarone/avatar-python](https://github.com/avatarone/avatar-python) Dynamic security analysis of embedded systems’ firmwares
- [**72**Star][1m] [Py] [ziirish/burp-ui](https://github.com/ziirish/burp-ui) a web-ui for burp backup written in python with Flask and jQuery/Bootstrap
- [**72**Star][3y] [C++] [zcgonvh/ms16-032](https://github.com/zcgonvh/ms16-032) MS16-032(CVE-2016-0099) for SERVICE ONLY
- [**72**Star][1m] [PS] [xillwillx/tricky.lnk](https://github.com/xillwillx/tricky.lnk) Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Payload is a powershell webdl and execute
- [**72**Star][2y] [Py] [x64dbg/mona](https://github.com/x64dbg/mona) Fork of mona.py with x64dbg support
- [**72**Star][10m] [C] [windworst/lcx](https://github.com/windworst/lcx) My LCX, PortMaper. used in Windows,Linux,Android,Mac
- [**72**Star][12d] [JS] [windard/sm4](https://github.com/windard/sm4) SM4 by JavaScript
- [**72**Star][2m] [Py] [war-and-code/jawfish](https://github.com/war-and-code/jawfish) Tool for breaking into web applications.
- [**72**Star][3y] [C++] [vecna/sniffjoke](https://github.com/vecna/sniffjoke) a client-only layer of protection from the wiretap/sniff/IDS analysis
- [**72**Star][3m] [Go] [urld/passmgr](https://github.com/urld/passmgr) a simple, portable password manager
- [**72**Star][21d] [C++] [trevd/android_root](https://github.com/trevd/android_root) Got Root!
- [**72**Star][1m] [C++] [trailofbits/clang-cfi-showcase](https://github.com/trailofbits/clang-cfi-showcase) Sample programs that illustrate how to use control flow integrity with the clang compiler
- [**72**Star][4y] [Perl] [tanjiti/fingerprint](https://github.com/tanjiti/fingerprint) web应用指纹识别
- [**72**Star][6m] [ObjC] [sunweiliang/baiduyuncrack](https://github.com/sunweiliang/baiduyuncrack) iOS百度云盘 破解速度限制、去广告、去更新 无需越狱~
- [**72**Star][4m] [Py] [stixproject/openioc-to-stix](https://github.com/stixproject/openioc-to-stix) Generate STIX XML from OpenIOC XML
- [**72**Star][11d] [JS] [snail007/anytunnel](https://github.com/snail007/anytunnel) 内网穿透，内网穿透代理服务器，商用内网穿透代理系统，内网穿透平台，内网穿透多用户会员系统。
- [**72**Star][2y] [Py] [skelsec/cve-2017-12542](https://github.com/skelsec/cve-2017-12542) Test and exploit for CVE-2017-12542
- [**72**Star][4m] [Py] [sensepost/autoresponder](https://github.com/sensepost/autoresponder) Quick python script to automatically load NTLM hashes from Responder logs and fires up Hashcat to crack them
- [**72**Star][1m] [Rust] [rust-fuzz/targets](https://github.com/rust-fuzz/targets) 
- [**72**Star][4m] [Py] [roothaxor/ransom](https://github.com/roothaxor/ransom) Various codes related to Ransomware Developement
- [**72**Star][4y] [C] [rcvalle/vmmfuzzer](https://github.com/rcvalle/vmmfuzzer) A hypervisor or virtual machine monitor (VMM) fuzzer.
- [**72**Star][3m] [JS] [rameshaditya/ducky](https://github.com/rameshaditya/ducky) Chrome extension to overlay a (super adorable) rubber duck, as a virtual companion during rubber duck debugging.
- [**72**Star][2y] [Py] [r0oth3x49/xpath](https://github.com/r0oth3x49/xpath) Xpath is a python based open source Sql injection tool that automates the process of detecting and exploiting error-based injection security flaws.
- [**72**Star][10d] [Py] [pure-l0g1c/hyprpulse](https://github.com/pure-l0g1c/hyprpulse) Brute force multiple accounts at once
- [**72**Star][3m] [Py] [programa-stic/marvin-django](https://github.com/programa-stic/marvin-django) Marvin-django is the UI/database part of the Marvin project. Marvin is a platform for security analysis of Android apps.
- [**72**Star][3m] [Py] [piccimario/iphone-backup-analyzer-2](https://github.com/piccimario/iphone-backup-analyzer-2) iPBA, Qt version
- [**72**Star][3y] [Java] [panagiotisdrakatos/javaransomware](https://github.com/panagiotisdrakatos/javaransomware) Simple Ransomware Tool in Pure Java
- [**72**Star][27d] [Rust] [ovh/beamium](https://github.com/ovh/beamium) Prometheus to Warp10 metrics forwarder
- [**72**Star][23d] [Py] [odensc/janus](https://github.com/odensc/janus) Python script to create an Android APK exploiting the Janus vulnerability.
- [**72**Star][23d] [Py] [network-automation/ansible-napalm-samples](https://github.com/network-automation/ansible-napalm-samples) GitHub Repo comparing NAPALM and Ansible on Cisco NXOSv and Arista vEOS
- [**72**Star][5y] [C++] [nccgroup/windowsdaclenumproject](https://github.com/nccgroup/windowsdaclenumproject) A collection of tools to enumerate and analyse Windows DACLs
- [**72**Star][4y] [Py] [monnappa22/hollowfind](https://github.com/monnappa22/hollowfind) a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect and divert the forensic analysis techniques
- [**72**Star][3m] [Shell] [mitchellkrogza/the-big-list-of-hacked-malware-web-sites](https://github.com/mitchellkrogza/the-big-list-of-hacked-malware-web-sites) This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
- [**72**Star][2m] [PHP] [markri/wp-sec](https://github.com/markri/wp-sec) Wp-sec is an exentsion for wp-cli which checks for Wordpress CVE security issues at wpvulndb.com
- [**72**Star][7y] [C] [machn1k/scalpel-2.0](https://github.com/machn1k/scalpel-2.0) Scalpel; File Carving. Configuration files are modified.
- [**72**Star][2y] [Py] [lixmk/concierge](https://github.com/lixmk/concierge) Physical Access Control Identification and Exploitation
- [**72**Star][21d] [Py] [ledgerhq/blue-loader-python](https://github.com/ledgerhq/blue-loader-python) Python Loader for Ledger Blue and Nano S
- [**72**Star][15d] [latestalexey/awesome-web-hacking](https://github.com/latestalexey/awesome-web-hacking) A list of web application security
- [**72**Star][2m] [C++] [laginimaineb/cve-2014-7920-7921](https://github.com/laginimaineb/cve-2014-7920-7921) Exploit code for CVE-2014-7920 and CVE-2014-7921 - code-exec in mediaserver up to Android 5.1
- [**72**Star][3m] [JS] [kureev/react-native-network-proxy](https://github.com/kureev/react-native-network-proxy) Network debugger (logger) for React Native apps
- [**72**Star][6m] [Py] [ksoona/attackvector](https://github.com/ksoona/attackvector) AttackVector Linux
- [**72**Star][4m] [Py] [kevsersrca/2016lykagguvenligivesizmatestleri](https://github.com/kevsersrca/2016lykagguvenligivesizmatestleri) Network Security Notes
- [**72**Star][12d] [C] [jovanbulck/nemesis](https://github.com/jovanbulck/nemesis) Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic
- [**72**Star][4y] [Py] [johnmaguire/cardinal](https://github.com/johnmaguire/cardinal) A Python IRC bot, designed to make adding functionality quick and simple.
- [**72**Star][1m] [Py] [itskindred/redviper](https://github.com/itskindred/redviper) redViper is a proof of concept Command & Control framework that utilizes Reddit for communications.
- [**72**Star][4y] [Py] [internetwache/internetwache-ctf-2016](https://github.com/internetwache/internetwache-ctf-2016) The Internetwache CTF 2016 repository
- [**72**Star][6m] [C++] [illidans4/ysf](https://github.com/illidans4/ysf) YSF - kurta999's version
- [**72**Star][18d] [C++] [hurley25/sniffer](https://github.com/hurley25/sniffer) 一个跨平台的网络数据嗅探&抓包程序，基于Qt 4.x 以及 libpcap 库（Linux下）和 Winpcap库（Windows 下）。
- [**72**Star][2y] [Jupyter Notebook] [hmishra2250/botnet-detection-using-machine-learning](https://github.com/hmishra2250/botnet-detection-using-machine-learning) Repository of Bachelor's Major Project on Botnet Detection
- [**72**Star][4m] [Shell] [hirbodbehnam/shadowsocks-cloak-installer](https://github.com/hirbodbehnam/shadowsocks-cloak-installer) A one-key script to setup Cloak plugin with Shadowsocks on your server
- [**72**Star][2y] [C++] [hexhive/hextype](https://github.com/hexhive/hextype) Efficient Detection of Type Confusion Errors for C++
- [**72**Star][4m] [C] [getdrive/lazy-rdp](https://github.com/getdrive/lazy-rdp) Script for automatic scanning & brute-force RDP
- [**72**Star][13d] [funkmyster/awesome-cloud-security](https://github.com/funkmyster/awesome-cloud-security) Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
- [**72**Star][10d] [Go] [fideliscyber/x509](https://github.com/fideliscyber/x509) 用X.509数字证书建立隐蔽数据交换通道 PoC
- [**72**Star][6y] [Py] [feliam/cve-2014-4377](https://github.com/feliam/cve-2014-4377) 
- [**72**Star][11d] [exitmsconfig/engineering-box](https://github.com/exitmsconfig/engineering-box) engineering Box (简称 - engineering) 是一个集合github平台上的安全行业从业者自研开源扫描器的仓库，包括子域名枚举、数据库漏洞扫描、弱口令或信息泄漏扫描、端口扫描、指纹识别以及其他大型扫描器或模块化扫描器，同时该仓库只收录各位安全行业从业者自己编写的一般性开源扫描器，类似awvs、nmap、w3af等知名扫描工具不收录，收集全球各位同仁爱好者维护项目
- [**72**Star][4m] [drduh/pc-engines-apu-router-guide](https://github.com/drduh/pc-engines-apu-router-guide) Guide to building a Linux or BSD router on the PC Engines APU platform
- [**72**Star][3y] [Visual Basic .NET] [cn33liz/vbsmeter](https://github.com/cn33liz/vbsmeter) VBS Reversed TCP Meterpreter Stager
- [**72**Star][2y] [Roff] [cloudsriseup/hacker_ezines](https://github.com/cloudsriseup/hacker_ezines) A collection of electronic hacker magazines carefully curated over the years from multiple sources
- [**72**Star][19d] [PHP] [geek-at/proxycheck_script](https://github.com/geek-at/proxycheck_script) Proxy checking script
- [**72**Star][4m] [C] [certificate-helper/tls-inspector](https://github.com/certificate-helper/tls-inspector) Easily view and inspect X.509 certificates on your iOS device.
- [**72**Star][14d] [C] [casanovg/timonel](https://github.com/casanovg/timonel) ATtiny85/45/25 I2C bootloader
- [**72**Star][3m] [C] [cappsule/cappsule-hypervisor](https://github.com/cappsule/cappsule-hypervisor) 
- [**72**Star][1m] [bmaia/cross-utils](https://github.com/bmaia/cross-utils) Cross compiling Utils (ARMEB, ARMEL, MIPS, MIPSEL)
- [**72**Star][17d] [PHP] [bediger4000/php-malware-analysis](https://github.com/bediger4000/php-malware-analysis) Deobfuscation and analysis of PHP malware captured by a WordPress honey pot
- [**72**Star][2m] [CMake] [bastilleresearch/gr-nordic](https://github.com/bastilleresearch/gr-nordic) GNU Radio module and Wireshark dissector for the Nordic Semiconductor nRF24L Enhanced Shockburst protocol.
- [**72**Star][3y] [Py] [angr/simuvex](https://github.com/angr/simuvex) [DEPRECATED] A symbolic execution engine for the VEX IR
- [**72**Star][12d] [HTML] [an0nud4y/blackeye](https://github.com/an0nud4y/blackeye) The ultimate phishing tool with 38 websites available!
- [**72**Star][1y] [Shell] [agolo/logstash-test-runner](https://github.com/agolo/logstash-test-runner) Logstash configuration testing framework
- [**72**Star][4m] [C] [adafruit/adafruit-trinket-gemma-bootloader](https://github.com/adafruit/adafruit-trinket-gemma-bootloader) 
- [**72**Star][4m] [Py] [activecm/passer](https://github.com/activecm/passer) Passive service locator, a python sniffer that identifies servers, clients, names and much more
- [**72**Star][2m] [0xfe/hacking-stellar](https://github.com/0xfe/hacking-stellar) A hacker's guide to using the Stellar blockchain platform.
- [**72**Star][2m] [Py] [0xdevalias/sparty](https://github.com/0xdevalias/sparty) Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
- [**72**Star][28d] [Go] [0c34/govwa](https://github.com/0c34/govwa) 
- [**71**Star][11d] [C++] [qtfreet00/llvm-obfuscator](https://github.com/qtfreet00/llvm-obfuscator) ollvm based on llvm 5.0 release
- [**71**Star][3m] [Py] [mpgn/cve-2019-19781](https://github.com/mpgn/cve-2019-19781) CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit
- [**71**Star][13d] [JS] [tdr130/assetnote](https://github.com/tdr130/assetnote) Push notifications for passive DNS data
- [**71**Star][11d] [Py] [cro-thehacker/fsociety3](https://github.com/cro-thehacker/fsociety3) fsociety Hacking Tools Pack – A Penetration Testing Framework - Python3 Update
- [**71**Star][12d] [JS] [iteratec/multi-juicer](https://github.com/iteratec/multi-juicer) Run Capture the Flags and Security Trainings with OWASP Juice Shop
- [**71**Star][1m] [Py] [jonhadfield/python-hosts](https://github.com/jonhadfield/python-hosts) a hosts file manager library written in python
- [**71**Star][26d] [C] [gsingh93/simple-key-logger](https://github.com/gsingh93/simple-key-logger) A simple keylogger for Linux systems
- [**71**Star][24d] [TS] [googlecloudplatform/wombat-dressing-room](https://github.com/googlecloudplatform/wombat-dressing-room) proxy designed to reduce the attack surface of npm publish
- [**71**Star][9m] [JS] [zhang2333/light-crawler](https://github.com/zhang2333/light-crawler) a simplified directed customizable website crawler
- [**71**Star][6m] [Py] [daddycocoaman/beacongraph](https://github.com/daddycocoaman/beacongraph) Graph visualization of wireless client and access point relationships
- [**71**Star][17d] [TS] [cubbit/enigma](https://github.com/cubbit/enigma) A fast, native, cryptographic engine for the web
- [**71**Star][11d] [Swift] [pia-foss/tunnel-apple](https://github.com/pia-foss/tunnel-apple) Private Internet Access - Tunnel for Apple platforms
- [**71**Star][12d] [C] [prbinu/tls-scan](https://github.com/prbinu/tls-scan) An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
- [**71**Star][2m] [Batchfile] [undertrey/farmwatchbot](https://github.com/undertrey/farmwatchbot) FarmWatchBot for Ewbf & Claymore & Dstm & CCminer & Bminer & Ethminer & Cast XMR & Phoenix
- [**71**Star][26d] [Py] [jimsunjing/douban_crawler](https://github.com/jimsunjing/douban_crawler) 备份豆瓣计划
- [**71**Star][10d] [C++] [crownstone/bluenet](https://github.com/crownstone/bluenet) Bluenet is the in-house firmware on Crownstone hardware. Functions: switching, dimming, energy monitoring, presence detection, indoor localization, switchcraft.
- [**71**Star][2m] [Py] [twi1ight/tspider](https://github.com/twi1ight/tspider) Yet Another Web Spider
- [**71**Star][3m] [worawit/cve-2019-0708](https://github.com/worawit/cve-2019-0708) CVE-2019-0708 (BlueKeep)
- [**71**Star][1m] [Java] [ac-pm/proxyon](https://github.com/ac-pm/proxyon) Android Xposed Module to apply proxy for a specific app.
- [**71**Star][8d] [Kotlin] [v2ray/v2rayng](https://github.com/v2ray/v2rayng) This project is currently discontinued. Please use this code with care and considering adopt it.
- [**71**Star][2m] [Go] [mmcloughlin/cryptofuzz](https://github.com/mmcloughlin/cryptofuzz) Fuzzing Go crypto
- [**71**Star][19d] [C++] [functionclub/memtester](https://github.com/functionclub/memtester) 检测VPS真实可分配内存的小工具，适用于检测VPS超售情况。
- [**71**Star][12d] [Py] [clong/modlogin](https://github.com/clong/modlogin) Quickly check credentials against multiple websites and identify instances of credential reuse
- [**71**Star][12d] [JS] [nordicsemiconductor/pc-nrfconnect-ble](https://github.com/nordicsemiconductor/pc-nrfconnect-ble) Bluetooth low energy app for nRF Connect for Desktop
- [**71**Star][14d] [Java] [nsacyber/hirs](https://github.com/nsacyber/hirs) Trusted Computing based services supporting TPM provisioning and supply chain validation concepts. #nsacyber
- [**71**Star][23d] [TS] [javascript-obfuscator/react-native-obfuscating-transformer](https://github.com/javascript-obfuscator/react-native-obfuscating-transformer) Obfuscation for React Native bundles
- [**71**Star][4m] [splunk/ta-microsoft-sysmon](https://github.com/splunk/ta-microsoft-sysmon) TA-microsoft-sysmon
- [**71**Star][11d] [mohitkhemchandani/oscp_bible](https://github.com/mohitkhemchandani/oscp_bible) This is a collection of resources, scripts, bookmarks, writeups, notes, cheatsheets that will help you in OSCP Preparation as well as for general pentesting and learning. If you feel like you can contribute in it. Please do that, I'll appreciate you.
- [**71**Star][14d] [appsecco/defcon-26-workshop-attacking-and-auditing-docker-containers](https://github.com/appsecco/defcon-26-workshop-attacking-and-auditing-docker-containers) DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
- [**71**Star][10d] [Py] [technowlogy-pushpender/technowhorse](https://github.com/technowlogy-pushpender/technowhorse) TechNowHorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.
- [**71**Star][10d] [C++] [jocover/openusrp](https://github.com/jocover/OpenUSRP) using LimeSDR to simulate USRP B210
- [**71**Star][6m] [C#] [firebaseextended/unity-solutions](https://github.com/FirebaseExtended/unity-solutions) Use Firebase tools to incorporate common features into your games!
- [**71**Star][1m] [C] [zyantific/zyan-hook-engine](https://github.com/zyantific/zyan-hook-engine) Advanced x86/x86-64 hooking library (WIP).
- [**71**Star][13d] [Py] [zxsecurity/gpsnitch](https://github.com/zxsecurity/gpsnitch) GPS Spoofer Catcher, the GPS IDS.
- [**71**Star][2y] [C++] [zodiacon/poolmonx](https://github.com/zodiacon/poolmonx) A GUI version of the classic PoolMon tool
- [**71**Star][1m] [Py] [vesche/histstat](https://github.com/vesche/histstat) history for netstat
- [**71**Star][2m] [Py] [thehappydinoa/rootos](https://github.com/thehappydinoa/rootos) macOS Root Helper
- [**71**Star][3y] [C++] [tandasat/eopmon](https://github.com/tandasat/eopmon) Elevation of privilege detector based on HyperPlatform
- [**71**Star][1y] [sukaralin/php_code_audit_project](https://github.com/sukaralin/php_code_audit_project) 该项目用来记录，我用来练手的PHP代码审计项目。
- [**71**Star][20d] [Ruby] [skahwah/automato](https://github.com/skahwah/automato) automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.
- [**71**Star][6m] [HTML] [sisoc-tokyo/real-timedetectionad_ver2](https://github.com/sisoc-tokyo/real-timedetectionad_ver2) 
- [**71**Star][3y] [screetsec/wordlist-dracos](https://github.com/screetsec/wordlist-dracos) Collection My Wordlist
- [**71**Star][18d] [Py] [scipag/btle-sniffer](https://github.com/scipag/btle-sniffer) Passively scan for Bluetooth Low Energy devices and attempt to fingerprint them
- [**71**Star][18d] [Go] [sandertv/gophertunnel](https://github.com/sandertv/gophertunnel) A Minecraft (Bedrock Edition) library written in Go used for creating proxies, servers, clients and tools
- [**71**Star][2y] [JS] [samhaxr/xxrf-shots](https://github.com/samhaxr/xxrf-shots) XXRF Shots - Useful for testing SSRF vulnerability
- [**71**Star][4m] [C#] [sailro/bdtunnel](https://github.com/sailro/bdtunnel) BoutDuTunnel is able to create virtual connections tunnelled in HTTP requests.
- [**71**Star][4m] [s9mf/xss_test](https://github.com/s9mf/xss_test) 记录个人XSS学习
- [**71**Star][2y] [HTML] [rvrsh3ll/word-doc-video-embed-exe-poc](https://github.com/rvrsh3ll/word-doc-video-embed-exe-poc) 
- [**71**Star][4m] [YARA] [rootkiter/binary-files](https://github.com/rootkiter/binary-files) EarthWorm/Termite 停止更新
- [**71**Star][5y] [Py] [robbyfux/ragpicker](https://github.com/robbyfux/ragpicker) Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.
- [**71**Star][7m] [retme7/my-slides](https://github.com/retme7/my-slides) My slides
- [**71**Star][2y] [Py] [rassec/rasscan](https://github.com/rassec/rasscan) Port service SCan
- [**71**Star][2m] [Py] [quantumliu/antibtchack](https://github.com/quantumliu/antibtchack) 破解5.12比特币勒索软件
- [**71**Star][3m] [Java] [portswigger/command-injection-attacker](https://github.com/portswigger/command-injection-attacker) SHELLING - a comprehensive OS command injection payload generator
- [**71**Star][13d] [C++] [petrgeorgievsky/gtarenderhook](https://github.com/petrgeorgievsky/gtarenderhook) GTA SA rendering hook
- [**71**Star][1m] [C++] [oyyd/nysocks](https://github.com/oyyd/nysocks) Nysocks binds kcp and libuv to provide an aggressive tcp tunnel in nodejs.
- [**71**Star][2m] [C#] [oleavr/ospy](https://github.com/oleavr/ospy) Automatically exported from code.google.com/p/ospy
- [**71**Star][3m] [Swift] [nwhacks-loki/loki](https://github.com/nwhacks-loki/loki) Proof-of-concept of emotion-targeted content delivery using machine learning and ARKit.
- [**71**Star][6m] [C++] [nmgwddj/learn-windows-drivers](https://github.com/nmgwddj/learn-windows-drivers) Windows drivers 开发的各个基础示例，包含进程、内存、注册表、回调等管理
- [**71**Star][5m] [Py] [nmantani/fileinsight-plugins](https://github.com/nmantani/fileinsight-plugins) a decoding toolbox of McAfee FileInsight hex editor for malware analysis
- [**71**Star][18d] [C] [nihilus/idastealth](https://github.com/nihilus/idastealth) 
- [**71**Star][8m] [Java] [netspi/burpcollaboratordnstunnel](https://github.com/netspi/burpcollaboratordnstunnel) A DNS tunnel utilizing the Burp Collaborator
- [**71**Star][15d] [C] [nanoporetech/scrappie](https://github.com/nanoporetech/scrappie) Scrappie is a technology demonstrator for the Oxford Nanopore Research Algorithms group
- [**71**Star][5m] [PHP] [nairuzabulhul/roadmap](https://github.com/nairuzabulhul/roadmap) GitBook: OSCP RoadMap
- [**71**Star][25d] [HTML] [mtesauro/owasp-wte](https://github.com/mtesauro/owasp-wte) Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice..
- [**71**Star][8m] [Py] [mrnasro/zynos-attacker](https://github.com/mrnasro/zynos-attacker) ZynOS tool for automated attack on a range of IPs, find more informations at :
- [**71**Star][3y] [Py] [mgeeky/exploit-development-tools](https://github.com/mgeeky/exploit-development-tools) A bunch of my exploit development helper tools, collected in one place.
- [**71**Star][2y] [Py] [mazenelzanaty/twlocation](https://github.com/mazenelzanaty/twlocation) Python script that gets Twitter users' tweets location
- [**71**Star][1m] [C] [marcan/lsirec](https://github.com/marcan/lsirec) LSI SAS2008/SAS2108 low-level recovery tool for Linux
- [**71**Star][1m] [Go] [lubyruffy/tcptunnel](https://github.com/lubyruffy/tcptunnel) 将本地内网服务器映射到公网。
- [**71**Star][4y] [Py] [kkar/vbs-obfuscator-in-python](https://github.com/kkar/vbs-obfuscator-in-python) VBScript obfuscation to allow PenTesters bypass countermeasures.
- [**71**Star][7y] [C] [kholia/rc4-40-brute-office](https://github.com/kholia/rc4-40-brute-office) Guaranteed cracking of M$ Office files using RC4 40-bit encryption
- [**71**Star][16d] [Shell] [kevthehermit/pentest](https://github.com/kevthehermit/pentest) Just a collection of pentest stuffs
- [**71**Star][6y] [C] [kedebug/scdetective](https://github.com/kedebug/scdetective) A kernel level anti-rootkit tool which runs on the windows platform.
- [**71**Star][3m] [C] [joswr1ght/cowpatty](https://github.com/joswr1ght/cowpatty) WPA2-PSK Cracking
- [**71**Star][12d] [JS] [iteratec/multi-juicer](https://github.com/iteratec/multi-juicer) Run Capture the Flags and Security Trainings with OWASP Juice Shop
- [**71**Star][7m] [C++] [isecpartners/publications](https://github.com/isecpartners/publications) iSEC Partners' research publications
- [**71**Star][11m] [Py] [idiom/pftriage](https://github.com/idiom/pftriage) Python tool and library to help analyze files during malware triage and analysis.
- [**71**Star][4y] [Py] [icewall/bindifffilter](https://github.com/icewall/bindifffilter) IDA Pro plugin making easier work on BinDiff results
- [**71**Star][6m] [PS] [iamrootsh3ll/anchorwatch](https://github.com/iamrootsh3ll/anchorwatch) A Rogue Device Detection Script with Email Alerts Functionality for Windows Subsystem
- [**71**Star][3y] [C] [henkaku/vitashell](https://github.com/henkaku/vitashell) This is a fork of
- [**71**Star][1y] [C] [heidsoft/devops](https://github.com/heidsoft/devops) 系统架构实践
- [**71**Star][4m] [Shell] [hax4us/apkmod](https://github.com/hax4us/apkmod) Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP
- [**71**Star][15d] [hacker0x01/h1-212-ctf-solutions](https://github.com/hacker0x01/h1-212-ctf-solutions) A collection of the solutions people wrote for the H1-212 Capture The Flag event
- [**71**Star][4y] [Py] [grazfather/blackhatpython](https://github.com/grazfather/blackhatpython) Black Hat Python Labs
- [**71**Star][1y] [Py] [grayddq/publicsecscan](https://github.com/grayddq/publicsecscan) 针对大量WEB资产进行分布式WEB安全扫描，发现web环境下常规的一些安全漏洞
- [**71**Star][20d] [C] [fvollmer/open-desk-lamp-firmware](https://github.com/fvollmer/open-desk-lamp-firmware) Open source firmware for the xiaomi desk lamp
- [**71**Star][1m] [Py] [fox-it/bloodhound-import](https://github.com/fox-it/bloodhound-import) Python based BloodHound data importer
- [**71**Star][3m] [C] [fireeye/tools](https://github.com/fireeye/tools) general purpose and malware specific analysis tools
- [**71**Star][4m] [Py] [esser420/eviltwinframework](https://github.com/esser420/eviltwinframework) A framework for pentesters that facilitates evil twin attacks as well as exploiting other wifi vulnerabilities
- [**71**Star][21d] [Py] [esmog/nodexp](https://github.com/esmog/nodexp) NodeXP - A Server Side Javascript Injection tool capable of detecting and exploiting Node.js vulnerabilities
- [**71**Star][19d] [Shell] [ernw/static-toolbox](https://github.com/ernw/static-toolbox) A collection of statically compiled tools like Nmap and Socat.
- [**71**Star][6m] [C] [ericalcaide/rosetta_project](https://github.com/ericalcaide/rosetta_project) Algorithms implemented in Python, JS and Go. Feel free to add another language!
- [**71**Star][3y] [C++] [endgameinc/maxwell](https://github.com/endgameinc/maxwell) 
- [**71**Star][2m] [doctorwebltd/malware-iocs](https://github.com/doctorwebltd/malware-iocs) 
- [**71**Star][1m] [Py] [dekunukem/facepunch](https://github.com/dekunukem/facepunch) Raspberry Pi based facial recognition punch clock
- [**71**Star][5m] [david415/ansible-tor](https://github.com/david415/ansible-tor) An Ansible role for using tor!
- [**71**Star][2m] [Py] [danmcinerney/autorelay](https://github.com/danmcinerney/autorelay) Automatically performs the SMB relay attack
- [**71**Star][4m] [Py] [dai-lab/steganogan](https://github.com/dai-lab/steganogan) SteganoGAN is a tool for creating steganographic images using adversarial training.
- [**71**Star][14d] [Crystal] [cloudamqp/amqproxy](https://github.com/cloudamqp/amqproxy) An intelligent AMQP proxy, with connection and channel pooling/reusing
- [**71**Star][11m] [Java] [codeplutos/java-security-manager-bypass](https://github.com/codeplutos/java-security-manager-bypass) 
- [**71**Star][23d] [HTML] [brampat/security](https://github.com/brampat/security) Collection of links to Security stuff
- [**71**Star][12m] [C++] [blitzcode/ghc-stack](https://github.com/blitzcode/ghc-stack) Hacking GHC's Stack for Fun and Profit (featuring The Glorious Haskell Debugger v0.0.1 Pre-alpha)
- [**71**Star][3m] [Py] [birchjd/piobdii](https://github.com/birchjd/piobdii) ODBII graphic interface on a Raspberry Pi computer, using an ELM327 Bluetooth/USB device. Read and display engine data, OBDII Trouble Codes & Descriptions Using Python. YouTube video:
- [**71**Star][1y] [C] [begriffs/gitftp](https://github.com/begriffs/gitftp) Browse git over anonymous FTP
- [**71**Star][6m] [Java] [beardypig/ghidra-emotionengine](https://github.com/beardypig/ghidra-emotionengine) Ghidra Processor for the Play Station 2's Emotion Engine MIPS based CPU
- [**71**Star][3y] [C] [azuregreen/arkprotect](https://github.com/azuregreen/arkprotect) An Ark tool project，run on Win7 x86/x64
- [**71**Star][3y] [JS] [attekett/surku](https://github.com/attekett/surku) Surku is a general-purpose mutation-based fuzzer.
- [**71**Star][5m] [ascotbe/osmographic-brain-mapping](https://github.com/ascotbe/osmographic-brain-mapping) 渗透脑图(渗透步骤)
- [**71**Star][29d] [C] [aerosoul94/ida_gel](https://github.com/aerosoul94/ida_gel) A collection of IDA loaders for various game console ELF's. (PS3, PSVita, WiiU)
- [**71**Star][3y] [Perl] [0x90/vpn-arsenal](https://github.com/0x90/vpn-arsenal) VPN pentest tools and scripts
- [**70**Star][26d] [Py] [enul1ttle/myfuzz](https://github.com/enul1ttle/myfuzz) 从总多目录字典中合并提取的高效目录爆破字典
- [**70**Star][10d] [Py] [artssec/burp-exporter](https://github.com/artssec/burp-exporter) Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
- [**70**Star][5m] [Jupyter Notebook] [scrapingdance/dspider](https://github.com/scrapingdance/dspider) DSpider = Daily Spider 一直更新平时外包爬虫项目，欢迎Star
- [**70**Star][5m] [Py] [jhao104/spider](https://github.com/jhao104/spider) python crawler spider
- [**70**Star][5m] [PHP] [nicolasbeauvais/laravel-botscout](https://github.com/nicolasbeauvais/laravel-botscout) Block malicious scripts using botscout.com protection for your laravel app
- [**70**Star][4m] [C++] [landbroken/basicknowledge](https://github.com/landbroken/basicknowledge) Data struct, algorithm, LeetCode and DesignPattern introduction and implementation in Cpp and C#
- [**70**Star][3m] [Py] [feiskyer/scrapy-examples](https://github.com/feiskyer/scrapy-examples) Some scrapy and web.py exmaples
- [**70**Star][16d] [Shell] [sam-hosseini/dotfiles](https://github.com/sam-hosseini/dotfiles) Build a macOS Empire
- [**70**Star][19d] [Py] [offensive-hub/black-widow](https://github.com/offensive-hub/black-widow) GUI based offensive penetration testing tool (Open Source)
- [**70**Star][18d] [CSS] [panagiotisdrakatos/springboot-registration-login-theperfectexample](https://github.com/panagiotisdrakatos/springboot-registration-login-theperfectexample) Login & Signup tutorial for every website ,mixes a lot of microservices together with the latest spring framework api in combined with full security
- [**70**Star][4m] [diy-electronics/raspberrypi-b-plus-case](https://github.com/diy-electronics/raspberrypi-b-plus-case) A simple lasercut case for the Raspberry Pi Model B+, 2 B and 3 B
- [**70**Star][12d] [C++] [cpetrich/counterfeit_ds18b20](https://github.com/cpetrich/counterfeit_ds18b20) How to tell original from fake DS18B20 temperature sensors.
- [**70**Star][1m] [JS] [javascript-obfuscator/gulp-javascript-obfuscator](https://github.com/javascript-obfuscator/gulp-javascript-obfuscator) Gulp plugin for javascript-obfuscator package.
- [**70**Star][4y] [C#] [cn33liz/smashedpotato](https://github.com/cn33liz/smashedpotato) 
- [**70**Star][9d] [C#] [mdsecactivebreach/wmipersistence](https://github.com/mdsecactivebreach/wmipersistence) WMI Event Subscription Persistence in C#
- [**70**Star][1m] [dnscrypt/dnscrypt-protocol](https://github.com/dnscrypt/dnscrypt-protocol) DNSCrypt protocol specification
- [**70**Star][1m] [Py] [feeicn/webproxy](https://github.com/feeicn/webproxy) Create an HTTP / HTTPS proxy server based on MITMProxy and log all requests to the log file and parse the log for rewriting into the database.
- [**70**Star][19d] [darkoperator/vscode-language-aggressor](https://github.com/darkoperator/vscode-language-aggressor) Cobalt Strike Aggressor extension for Visual Studio Code
- [**70**Star][13d] [C++] [rek7/ddoor](https://github.com/rek7/ddoor) DDoor - cross platform backdoor using dns txt records
- [**70**Star][2m] [JS] [hacker0x01/docs.hackerone.com](https://github.com/hacker0x01/docs.hackerone.com) HackerOne Platform Documentation
- [**70**Star][15d] [Ruby] [tintoser/bluekeep-exploit](https://github.com/tintoser/bluekeep-exploit) Bluekeep(CVE 2019-0708) exploit released
- [**70**Star][10d] [C] [zzhouhe/pg1903](https://github.com/zzhouhe/pg1903) Disable PatchGuard in real time for Win10 1903.
- [**70**Star][19d] [Py] [offensive-hub/black-widow](https://github.com/offensive-hub/black-widow) GUI based offensive penetration testing tool (Open Source)
- [**70**Star][27d] [Py] [mozilla/frost](https://github.com/mozilla/frost) Unit testing framework for test driven security of AWS, GCP, Heroku and more.
- [**70**Star][1m] [C] [yabits/uefi](https://github.com/yabits/uefi) Fast and lightweight yet another UEFI implementation
- [**70**Star][13d] [Py] [xyntax/baiduyun-brute](https://github.com/xyntax/baiduyun-brute) [已失效] 多线程百度云(私密分享)密码爆破工具 pan.baidu.com
- [**70**Star][1m] [PHP] [xsuperbug/payloads](https://github.com/xsuperbug/payloads) 
- [**70**Star][16d] [Py] [xmikos/soapy_power](https://github.com/xmikos/soapy_power) Obtain power spectrum from SoapySDR devices (RTL-SDR, Airspy, SDRplay, HackRF, bladeRF, USRP, LimeSDR, etc.)
- [**70**Star][2y] [Py] [wazehell/cve-2018-6389](https://github.com/wazehell/cve-2018-6389) CVE-2018-6389 Exploit In WordPress DoS
- [**70**Star][11d] [vagnerpilar/windbgtree](https://github.com/vagnerpilar/windbgtree) A command tree based on commands and extensions for Windows Kernel Debugging.
- [**70**Star][13d] [CMake] [tkuester/gr-reveng](https://github.com/tkuester/gr-reveng) Utilities to help with reverse engineering RF protocols.
- [**70**Star][5m] [C] [the-cracker-technology/andrax-mobile-pentest](https://github.com/the-cracker-technology/andrax-mobile-pentest) ANDRAX Advanced Penetration Testing Platform for Android Smartphones
- [**70**Star][4m] [Shell] [tasket/qubes-vpn-support](https://github.com/tasket/qubes-vpn-support) VPN configuration in Qubes OS
- [**70**Star][2m] [Py] [syss-research/nrf24-playset](https://github.com/syss-research/nrf24-playset) Software tools for Nordic Semiconductor nRF24-based devices like wireless keyboards, mice, and presenters
- [**70**Star][1m] [Py] [stayliv3/burpsuite-changeu](https://github.com/stayliv3/burpsuite-changeu) burpsuite 插件。将返回值中的unicode明文
- [**70**Star][6m] [Py] [spesmilo/electrum-docs](https://github.com/spesmilo/electrum-docs) Electrum
- [**70**Star][4y] [HTML] [skylined/bugs](https://github.com/skylined/bugs) Collection of software bugs found by SkyLined
- [**70**Star][10d] [C++] [signetlabdei/lorawan](https://github.com/signetlabdei/lorawan) An ns-3 module for simulation of LoRaWAN networks.
- [**70**Star][29d] [Rust] [shssoichiro/zxcvbn-rs](https://github.com/shssoichiro/zxcvbn-rs) Port of Dropbox's zxcvbn password strength library for Rust
- [**70**Star][14d] [Py] [securityautomation/autosource](https://github.com/securityautomation/autosource) Automated SonarQube
- [**70**Star][6m] [PS] [samratashok/deploy-deception](https://github.com/samratashok/deploy-deception) A PowerShell module to deploy active directory decoy objects.
- [**70**Star][2y] [Shell] [samhaxr/takeover-v1](https://github.com/samhaxr/takeover-v1) Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdomain takeover vulnerability.
- [**70**Star][3y] [C++] [rwfpl/rewolf-gogogadget](https://github.com/rwfpl/rewolf-gogogadget) kernel exploitation helper class
- [**70**Star][12d] [Rust] [rustcrypto/stream-ciphers](https://github.com/rustcrypto/stream-ciphers) Collection of stream cipher algorithms
- [**70**Star][1y] [Py] [romanking98/house-of-roman](https://github.com/romanking98/house-of-roman) RCE through Leakless HeapFengShui, fastbin alloc anywhere.
- [**70**Star][10d] [Py] [rocky/python-xdis](https://github.com/rocky/python-xdis) Python cross-version bytecode library and disassembler
- [**70**Star][11d] [Py] [rahmatnazali/image-copy-move-detection](https://github.com/rahmatnazali/image-copy-move-detection) Copy-move forgery detection on digital image using Python
- [**70**Star][1y] [Py] [r3vn/punk.py](https://github.com/r3vn/punk.py) unix SSH post-exploitation 1337 tool
- [**70**Star][7y] [JS] [qburst/penq](https://github.com/qburst/penq) PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
- [**70**Star][2y] [Py] [qazbnm456/vwgen](https://github.com/qazbnm456/vwgen) Vulnerable Web applications Generator
- [**70**Star][4m] [Py] [python-trio/trustme](https://github.com/python-trio/trustme) #1 quality TLS certs while you wait, for the discerning tester
- [**70**Star][6m] [C] [ptrrkssn/pnscan](https://github.com/ptrrkssn/pnscan) Peter's Network Scanner
- [**70**Star][1y] [Py] [poorbillionaire/usn-journal-parser](https://github.com/poorbillionaire/usn-journal-parser) Python script to parse the NTFS USN Journal
- [**70**Star][3m] [PHP] [philipjohn/exploit-scanner-hashes](https://github.com/philipjohn/exploit-scanner-hashes) Hashes files for the WordPress Exploit Scanner plugin
- [**70**Star][3y] [C] [payatu/emffuzzer](https://github.com/payatu/emffuzzer) Enhanced Meta File Fuzzer based on Peach Fuzzing Framework
- [**70**Star][5m] [Py] [orleven/tentacle](https://github.com/orleven/tentacle) Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets.
- [**70**Star][2y] [C++] [nmulasmajic/cve-2018-8897](https://github.com/nmulasmajic/cve-2018-8897) Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).
- [**70**Star][2m] [Py] [necst/crave](https://github.com/necst/crave) Framework to automatically test and explore the capabilities of generic AV engines
- [**70**Star][3y] [Py] [minervalabsresearch/mystique](https://github.com/minervalabsresearch/mystique) Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malicious sample and automatically generates a list of mutexes that could be used to as “vaccines” against the sample.
- [**70**Star][1m] [Py] [mcdallas/cryptotools](https://github.com/mcdallas/cryptotools) 
- [**70**Star][2y] [Py] [malwarereversebrasil/maltran](https://github.com/malwarereversebrasil/maltran) A command line tool to download malware exercises from malware-traffic-analysis.net
- [**70**Star][10d] [Py] [lunixbochs/revsync](https://github.com/lunixbochs/revsync) realtime cross-tool collaborative reverse engineering
- [**70**Star][1y] [Py] [lucasg/idamagnum](https://github.com/lucasg/idamagnum)  a plugin for integrating MagnumDB requests within IDA
- [**70**Star][15d] [Py] [lief-project/tutorials](https://github.com/lief-project/tutorials) Materials for LIEF tutorials
- [**70**Star][8m] [JS] [lfzark/cookie-injecting-tools](https://github.com/lfzark/cookie-injecting-tools) A chrome extension ,cookie injecting tool includeing injecting ,editing ,adding ,removeing cookies.
- [**70**Star][2m] [Py] [laanwj/decuda](https://github.com/laanwj/decuda) Decuda and cudasm, the CUDA binary utilities package. Low-level tools for NVidia G80 GPUs.
- [**70**Star][1y] [Py] [l4ys/ctf](https://github.com/l4ys/ctf) Some of my CTF solutions
- [**70**Star][3m] [C] [jonoberheide/ksymhunter](https://github.com/jonoberheide/ksymhunter) Routines for hunting down kernel symbols.
- [**70**Star][8m] [Py] [jas502n/cve-2018-2628](https://github.com/jas502n/cve-2018-2628) Weblogic 反序列化漏洞(CVE-2018-2628)
- [**70**Star][1y] [Py] [intel/resilient-ml-research-platform](https://github.com/intel/resilient-ml-research-platform) 
- [**70**Star][30d] [Py] [hxer/vulnapp](https://github.com/hxer/vulnapp) use docker to attack web as a demo
- [**70**Star][2y] [C] [hfiref0x/stryker](https://github.com/hfiref0x/stryker) Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303
- [**70**Star][12d] [C] [grate-driver/grate](https://github.com/grate-driver/grate) Grate: Open source Tegra2+ 2D/3D user-space
- [**70**Star][2m] [Py] [google/certificate-transparency-rfcs](https://github.com/google/certificate-transparency-rfcs) Certificate Transparency RFC
- [**70**Star][4m] [Go] [gen0cide/laforge](https://github.com/gen0cide/laforge) Competition Infrastructure Management
- [**70**Star][2m] [Java] [flankerhqd/bindump4j](https://github.com/flankerhqd/bindump4j) A portable utility to locate android binder service
- [**70**Star][13d] [JS] [etherdream/mitm-http-cache-poisoning](https://github.com/etherdream/mitm-http-cache-poisoning) HTTP Cache Poisoning Demo
- [**70**Star][5y] [Py] [el3ct71k/subdomain-analyzer](https://github.com/el3ct71k/subdomain-analyzer) Subdomain Analyzer
- [**70**Star][3y] [Py] [dxwu/binderfilter](https://github.com/dxwu/binderfilter) A Linux kernel IPC firewall and logger for Android and Binder
- [**70**Star][12d] [Py] [dogoncouch/logdissect](https://github.com/dogoncouch/logdissect) CLI utility and Python module for analyzing log files and other data.
- [**70**Star][2m] [C] [dns-oarc/dsc](https://github.com/dns-oarc/dsc) DNS Statistics Collector
- [**70**Star][1y] [dkhuuthe/madlira](https://github.com/dkhuuthe/madlira) Malware detection using learning and information retrieval for Android
- [**70**Star][6m] [Isabelle] [diekmann/iptables_semantics](https://github.com/diekmann/iptables_semantics) Verified iptables Firewall Ruleset Analysis
- [**70**Star][3y] [Py] [dchrastil/ttsl](https://github.com/dchrastil/ttsl) Tool to scrape LinkedIn
- [**70**Star][3y] [C++] [coldzer0/ammyy-v3](https://github.com/coldzer0/ammyy-v3) Ammyy v3 Source Code leak , with
- [**70**Star][1y] [C#] [cobbr/sharpshell](https://github.com/cobbr/sharpshell) SharpShell is a proof-of-concept offensive C# scripting engine that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framework console applications or libraries.
- [**70**Star][19d] [chryzsh/practical-hacking](https://github.com/chryzsh/practical-hacking) Repo for the Gitbook Practical Hacking
- [**70**Star][5m] [Py] [chipik/sap_gw_rce_exploit](https://github.com/chipik/sap_gw_rce_exploit) SAP Gateway RCE exploits
- [**70**Star][14d] [Go] [c-sto/gosecretsdump](https://github.com/c-sto/gosecretsdump) 
- [**70**Star][3y] [HTML] [brandis-project/brandis](https://github.com/brandis-project/brandis) Brandis: End-to-end encryption for everyone
- [**70**Star][5m] [Assembly] [brainsmoke/nyanmbr](https://github.com/brainsmoke/nyanmbr) Nyancat in the MBR
- [**70**Star][4m] [Py] [biggerwing/cve-2019-0708-poc](https://github.com/biggerwing/cve-2019-0708-poc) CVE-2019-0708 远程代码执行漏洞批量检测
- [**70**Star][2m] [Shell] [bgeesaman/kube-env-stealer](https://github.com/bgeesaman/kube-env-stealer) Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env
- [**70**Star][1m] [Shell] [begriffs/microservice-template](https://github.com/begriffs/microservice-template) Basic architecture for running and monitoring workers
- [**70**Star][2y] [Py] [azizaltuntas/pymap-scanner](https://github.com/azizaltuntas/pymap-scanner) 
- [**70**Star][4m] [Java] [auth0/auth0.android](https://github.com/auth0/auth0.android) Android toolkit for Auth0 API
- [**70**Star][2m] [Go] [arlolra/meek](https://github.com/arlolra/meek) 
- [**70**Star][14d] [C++] [apexlegendsuc/anti-cheat-emulator](https://github.com/apexlegendsuc/anti-cheat-emulator) 
- [**70**Star][3y] [Py] [antelox/fopo-php-deobfuscator](https://github.com/antelox/fopo-php-deobfuscator) A simple script to deobfuscate PHP file obfuscated with FOPO Obfuscator -
- [**70**Star][4m] [Py] [angus-y/pyiris-backdoor](https://github.com/angus-y/pyiris-backdoor)  a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. 
- [**70**Star][11d] [C++] [aliveteam/alive_reversing](https://github.com/aliveteam/alive_reversing) Re-implementation of Abe's Exoddus
- [**70**Star][3m] [Py] [alexander-hanel/idapython6to7](https://github.com/alexander-hanel/idapython6to7) 
- [**70**Star][2y] [Py] [3xp10it/xwifi](https://github.com/3xp10it/xwifi) Auto crack wifi in macOS
- [**70**Star][3y] [PS] [1ricardotavares/offensive-powershell](https://github.com/1ricardotavares/offensive-powershell) 
- [**70**Star][6m] [Py] [0xcite/fingerping](https://github.com/0xcite/fingerping) A security tool to fingerprint PNG libraries used by web applications
- [**69**Star][1m] [PS] [nviso-be/posh-dsc-windows-hardening](https://github.com/NVISO-BE/posh-dsc-windows-hardening) Windows OS Hardening with PowerShell DSC
- [**69**Star][3y] [Py] [kadnan/olxscraper](https://github.com/kadnan/olxscraper) OLX Scraper in Python Scrapy
- [**69**Star][11d] [C++] [maciejczyzewski/airtrash](https://github.com/maciejczyzewski/airtrash) 
- [**69**Star][4m] [Py] [j-rios/tlg_joincaptchabot](https://github.com/j-rios/tlg_joincaptchabot) Telegram Bot to verify if users that join a group, are humans. The Bot send an image captcha for each new user, and kick any of them that can't solve the captcha in a specified time.
- [**69**Star][2y] [C] [james34602/upx-visual-studio](https://github.com/james34602/upx-visual-studio) Compile UPX 3.95 and belong librarys on Visual Studio! Source also include LZMA, UCL and zlib
- [**69**Star][27d] [ObjC] [frostney/react-native-bluetooth-state](https://github.com/frostney/react-native-bluetooth-state) 
- [**69**Star][9d] [Pawn] [nexiustailer/nex-ac](https://github.com/nexiustailer/nex-ac) Anticheat system
- [**69**Star][10d] [Lua] [mrthesoulz/nerdpack](https://github.com/mrthesoulz/nerdpack) All your nerd tools for World of Warcraft!
- [**69**Star][24d] [C++] [miskcoo/rubik-cube](https://github.com/miskcoo/rubik-cube) Rubik's Cube solver implemented by C++ and OpenGL using Krof/Kociemba algorithm.
- [**69**Star][10d] [Py] [lodour/weibo-album-crawler](https://github.com/lodour/weibo-album-crawler) 新浪微博相册大图多线程爬虫。
- [**69**Star][14d] [PHP] [spatie/mixed-content-scanner](https://github.com/spatie/mixed-content-scanner) Scan a HTTPS-site for mixed content
- [**69**Star][10m] [Py] [vfaronov/turq](https://github.com/vfaronov/turq) Mock HTTP server
- [**69**Star][11d] [Py] [logicjake/webmonitor](https://github.com/logicjake/webmonitor) 实时监控网页变化，并发送通知
- [**69**Star][9m] [Jupyter Notebook] [sangaline/reverse-engineering-the-hacker-news-ranking-algorithm](https://github.com/sangaline/reverse-engineering-the-hacker-news-ranking-algorithm) An analysis of historical Hacker News data to determine the ranking algorithm
- [**69**Star][3m] [Py] [yourtion/alfred_shadowsockscontroller](https://github.com/yourtion/alfred_shadowsockscontroller) ShadowsocksX controller for Alfred
- [**69**Star][1m] [HTML] [mohitdabas/malwinx](https://github.com/mohitdabas/malwinx) Just a normal flask web app to understand win32api with code snippets and references.
- [**69**Star][11d] [Go] [zmap/zcrypto](https://github.com/zmap/zcrypto) Liberal Go TLS + X.509 Library for Research
- [**69**Star][13d] [Go] [dvyukov/go-fuzz-corpus](https://github.com/dvyukov/go-fuzz-corpus) Corpus for github.com/dvyukov/go-fuzz examples
- [**69**Star][11d] [Shell] [snail007/goproxy-heroku](https://github.com/snail007/goproxy-heroku) goproxy heroku 一键部署套装，把heroku变为免费的http(s)\socks5代理，搜索学习资料。
- [**69**Star][11d] [JS] [fsecurelabs/android-keystore-audit](https://github.com/fsecurelabs/android-keystore-audit) 
- [**69**Star][2m] [JS] [skepticfx/arpjs](https://github.com/skepticfx/arpjs) Send ARP packets and read ARP tables using Javascript
- [**69**Star][3m] [Py] [phxbandit/scripts-and-tools](https://github.com/phxbandit/scripts-and-tools) Scripts and utilities to help your hacking needs
- [**69**Star][1y] [Py] [s0md3v/shiva](https://github.com/s0md3v/Shiva) Improved DOS exploit for wordpress websites (CVE-2018-6389)
- [**69**Star][3m] [Py] [phxbandit/scripts-and-tools](https://github.com/phxbandit/scripts-and-tools) Scripts and utilities to help your hacking needs
- [**69**Star][6m] [C] [radareorg/radare2-regressions](https://github.com/radareorg/radare2-regressions) Regression Tests for the Radare2 Reverse Engineer's Debugger
- [**69**Star][10d] [JS] [redocly/openapi-sampler](https://github.com/Redocly/openapi-sampler) 
- [**69**Star][2m] [Py] [hatching/httpreplay](https://github.com/hatching/httpreplay) Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.
- [**69**Star][3m] [Py] [adamlaurie/hdmi-sniff](https://github.com/AdamLaurie/hdmi-sniff) sniff HDMI DDC (I2C) traffic
- [**69**Star][13d] [LLVM] [lifting-bits/fennec](https://github.com/lifting-bits/fennec) Rewriting functions in compiled binaries using McSema
- [**69**Star][1m] [Java] [octopus-platform/bjoern](https://github.com/octopus-platform/bjoern) Binary analysis platform based on Octopus and Radare2
- [**69**Star][4m] [C] [zer0mem0ry/kernelreadwritememory](https://github.com/zer0mem0ry/kernelreadwritememory) Simple code to manipulate the memory of a usermode process from kernel.
- [**69**Star][4m] [Py] [yelp/osxcollector_output_filters](https://github.com/yelp/osxcollector_output_filters) Filters that process and transform the output of osxcollector
- [**69**Star][10m] [Ruby] [wyhaines/swiftiply](https://github.com/wyhaines/swiftiply) A high performance clustering proxy / web server for web applications.
- [**69**Star][21d] [C] [wekillpeople/browser-dumpwd](https://github.com/wekillpeople/browser-dumpwd) Dump browser passwords(chrome, firefox) with sqlite3 lib.
- [**69**Star][3m] [Py] [we45/dvfaas-damn-vulnerable-functions-as-a-service](https://github.com/we45/dvfaas-damn-vulnerable-functions-as-a-service) Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
- [**69**Star][11m] [QML] [turanmahmudov/instagraph](https://github.com/turanmahmudov/instagraph) Unofficial Instagram Client
- [**69**Star][4m] [C++] [tobozo/esp32-blecollector](https://github.com/tobozo/esp32-blecollector) ᛡᛒ BLE Scanner + Data persistence on SD Card for M5Stack, Odroid-Go, ESP32-Wrover-Kit and other models
- [**69**Star][4m] [C#] [thorgeirk11/rex-diagnostics](https://github.com/thorgeirk11/rex-diagnostics) Unity extension that enables expression evaluation at runtime to facilitate testing and debugging.
- [**69**Star][21d] [Shell] [thestr4ng3r/arcore-patch](https://github.com/thestr4ng3r/arcore-patch) Attempt to get ARCore Preview 2 running on unsupported devices
- [**69**Star][4m] [Py] [thesph1nx/spacecow](https://github.com/thesph1nx/spacecow) Windows Rootkit written in Python
- [**69**Star][19d] [Elixir] [tallarium/reverse_proxy_plug](https://github.com/tallarium/reverse_proxy_plug) 
- [**69**Star][2m] [C#] [stphivos/rat-shell](https://github.com/stphivos/rat-shell) Windows Remote Access Trojan (RAT)
- [**69**Star][4m] [C] [stealth/plasmapulsar](https://github.com/stealth/plasmapulsar) PLASMA PULSAR
- [**69**Star][11d] [C] [spacial/csirt](https://github.com/spacial/csirt) CSIRT is an awesome curated list of links and resources in security and csirt daily activities.
- [**69**Star][28d] [Py] [sowdust/ffff](https://github.com/sowdust/ffff) FFFF Finds Facebook Friends
- [**69**Star][4m] [C] [sonertari/sslproxy](https://github.com/sonertari/sslproxy) Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection
- [**69**Star][3y] [Shell] [emilgus/install_raspi-config](https://github.com/EmilGus/install_raspi-config) Script to install raspi-config on Raspberry Pi devices with an Linux OS that's missing it, like Kali Linux.
- [**69**Star][1m] [JS] [simplerisk/code](https://github.com/simplerisk/code) The currently released SimpleRisk source code.
- [**69**Star][2y] [C] [shay-gueron/aes-gcm-siv](https://github.com/shay-gueron/aes-gcm-siv) AES-GCM-SIV implementations (128 and 256 bit)
- [**69**Star][3y] [Py] [secwiki/vulscritp](https://github.com/secwiki/vulscritp) 内网渗透脚本
- [**69**Star][12d] [Py] [secfree/bcrpscan](https://github.com/secfree/bcrpscan) Base on crawler result web path scanner.
- [**69**Star][2m] [Shell] [scipag/nac_bypass](https://github.com/scipag/nac_bypass) Script collection to bypass Network Access Control (NAC, 802.1x)
- [**69**Star][15d] [Py] [s0lst1c3/sentrygun](https://github.com/s0lst1c3/sentrygun) Rogue AP killer
- [**69**Star][4m] [Py] [robertbasic/pugdebug](https://github.com/robertbasic/pugdebug) pugdebug is a standalone debugging client for PHP applications that uses XDebug as the debugging engine.
- [**69**Star][29d] [PS] [rgl/windows-domain-controller-vagrant](https://github.com/rgl/windows-domain-controller-vagrant) Example Windows Domain Controller
- [**69**Star][4m] [Py] [remg427/misp42splunk](https://github.com/remg427/misp42splunk) A Splunk app to use MISP in background
- [**69**Star][1m] [Dockerfile] [rancher/runc-cve](https://github.com/rancher/runc-cve) CVE patches for legacy runc packaged with Docker
- [**69**Star][12d] [TS] [conetproject/conet](https://github.com/CoNETProject/CoNET) What is possible, not what is What it could be, not what it is A more secure way of doing… everything
- [**69**Star][1y] [Py] [pure-l0g1c/instaburst](https://github.com/pure-l0g1c/instaburst) Brute force Instagram
- [**69**Star][3y] [Py] [planet-work/php-malware-scanner](https://github.com/planet-work/php-malware-scanner) PHP files analyzer for malware detection
- [**69**Star][2y] [Py] [pimps/cve-2018-7600](https://github.com/pimps/cve-2018-7600) Exploit for Drupal 7 <= 7.57 CVE-2018-7600
- [**69**Star][1m] [pfalcon/awesome-linux-android-hacking](https://github.com/pfalcon/awesome-linux-android-hacking) List of hints and Q&As to get most of your Linux/Android device
- [**69**Star][2m] [Py] [passivetotal/python_api](https://github.com/passivetotal/python_api) Python abstract API for PassiveTotal services in the form of libraries and command line utilities.
- [**69**Star][2y] [C#] [parsingteam/teleshadow2](https://github.com/parsingteam/teleshadow2) TeleShadow - Telegram Desktop Session Stealer (Windows)
- [**69**Star][1m] [C] [microwave89/rtsectiontest](https://github.com/microwave89/rtsectiontest) An Attempt to Bypass Memory Scanners By Misusing the ntdll.dll "RT" Section.
- [**69**Star][18d] [HTML] [michenriksen/bucketlist](https://github.com/michenriksen/bucketlist) Amazon S3 bucket spelunking!
- [**69**Star][4m] [JS] [matiasinsaurralde/evilredis](https://github.com/matiasinsaurralde/evilredis) Script for doing evil stuff to Redis servers (for educational purposes only).
- [**69**Star][2y] [C++] [lynnux/windbg_hilight](https://github.com/lynnux/windbg_hilight) A windbg plugin to hilight text in Disassembly and Command windows. Support x86 and x64.
- [**69**Star][15d] [Py] [lukebaggett/google_socks](https://github.com/lukebaggett/google_socks) A proof of concept demonstrating the use of Google Drive for command and control.
- [**69**Star][2m] [JS] [luin/serialize](https://github.com/luin/serialize) Serialize an object including it's function into a JSON.
- [**69**Star][2m] [Go] [lair-framework/go-nmap](https://github.com/lair-framework/go-nmap) Nmap XML parsing library for Go
- [**69**Star][10d] [JS] [kkthxbye-code/csgo_bugs](https://github.com/kkthxbye-code/csgo_bugs) Random CSGO stuff
- [**69**Star][30d] [Py] [jpsenior/threataggregator](https://github.com/jpsenior/threataggregator) Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.
- [**69**Star][4m] [C] [jowinter/qemu-trustzone](https://github.com/jowinter/qemu-trustzone) Experimental version of QEMU with basic support for ARM TrustZone (security extensions)
- [**69**Star][4m] [PHP] [josecl/cool-php-captcha](https://github.com/josecl/cool-php-captcha) This is the official GitHub project from code.google.com/p/cool-php-captcha
- [**69**Star][6m] [PS] [itskindred/winportpush](https://github.com/itskindred/winportpush) A simple PowerShell utility used for pivoting into internal networks via a compromised Windows host.
- [**69**Star][2y] [Py] [iotsec/z3sec](https://github.com/iotsec/z3sec) Penetration testing framework for ZigBee security research.
- [**69**Star][2y] [C] [invictus1306/arm-episodes](https://github.com/invictus1306/arm-episodes) Arm Episodes
- [**69**Star][6m] [C] [ichooseyou/reclass64](https://github.com/ichooseyou/reclass64) A port of DrunkenCheetah's Project to x64
- [**69**Star][15d] [C++] [hexhive/malwash](https://github.com/hexhive/malwash) 
- [**69**Star][2m] [C] [hc0d3r/sshd-poison](https://github.com/hc0d3r/sshd-poison) a tool to get creds of pam based sshd authentication
- [**69**Star][3m] [JS] [gbaptista/luminous](https://github.com/gbaptista/luminous) Identify, analyze and block code execution and event collection through JavaScript in your browser with code interception.
- [**69**Star][2m] [C] [gabrtv/shocker](https://github.com/gabrtv/shocker) Shocker / Docker Breakout PoC
- [**69**Star][13d] [C] [fuzzstati0n/fuzzgoat](https://github.com/fuzzstati0n/fuzzgoat) A vulnerable C program for testing fuzzers.
- [**69**Star][4m] [TS] [flathub/linux-store-frontend](https://github.com/flathub/linux-store-frontend) A web application to browse and install applications present in Flatpak repositories. Powers
- [**69**Star][1m] [PHP] [dpiekacz/gixlg](https://github.com/dpiekacz/gixlg) GIXLG - Looking Glass
- [**69**Star][14d] [C#] [cs-util-com/cscore](https://github.com/cs-util-com/cscore) cscore is a minimal-footprint library providing commonly used helpers & patterns for your C# projects. It can be used in both pure C# and Unity projects.
- [**69**Star][3m] [Py] [crs-support/ftw](https://github.com/crs-support/ftw) Framework for Testing WAFs (FTW!)
- [**69**Star][24d] [Py] [crange/crange](https://github.com/crange/crange) Crange is a tool to index and cross-reference C/C++ source code
- [**69**Star][14d] [Py] [ch3k1/squidmagic](https://github.com/ch3k1/squidmagic) analyze a web-based network traffic
- [**69**Star][4m] [Java] [c0ny1/httpheadmodifer](https://github.com/c0ny1/httpheadmodifer) 一款快速修改HTTP数据包头的Burp Suite插件
- [**69**Star][1y] [Java] [bolexliu/apptrack](https://github.com/bolexliu/apptrack) Xposed HookAPP逆向跟踪工具，跟踪Activity与Fragment启动信息等
- [**69**Star][17d] [Makefile] [blacktop/docker-ghidra](https://github.com/blacktop/docker-ghidra) Ghidra Client/Server Docker Image
- [**69**Star][2m] [Py] [binaryanalysisplatform/bap-ida-python](https://github.com/binaryanalysisplatform/bap-ida-python) interoperatibility between BAP and IDA Pro
- [**69**Star][3m] [Py] [bear/s3scan](https://github.com/bear/s3scan) scan s3 buckets for security issues
- [**69**Star][18d] [Py] [b-mueller/scrooge-mcetherface](https://github.com/b-mueller/scrooge-mcetherface) Attack tool that loots Ether from vulnerable smart contracts
- [**69**Star][6m] [Py] [arvinddoraiswamy/slid](https://github.com/arvinddoraiswamy/slid) detect static lib
- [**69**Star][14d] [Py] [archlinux/arch-security-tracker](https://github.com/archlinux/arch-security-tracker) Arch Linux Security Tracker
- [**69**Star][14d] [anhkgg/awesome-windbg-extensions](https://github.com/anhkgg/awesome-windbg-extensions) awesome windbg extensions
- [**69**Star][4y] [C] [angelkillah/zer0m0n](https://github.com/angelkillah/zer0m0n) zer0m0n driver for cuckoo sandbox
- [**69**Star][2y] [Haskell] [adjoint-io/pedersen-commitment](https://github.com/adjoint-io/pedersen-commitment) Cryptographic Commitment Schemes
- [**69**Star][1m] [Py] [3xp10it/xdump](https://github.com/3xp10it/xdump) Drag database with "one sentence" webshell
- [**69**Star][7m] [Java] [1135/equationexploit](https://github.com/1135/equationexploit) Eternalblue Doublepulsar exploit
- [**69**Star][19d] [Go] [0xrawsec/gene](https://github.com/0xrawsec/gene) Signature Engine for Windows Event Logs
- [**68**Star][9d] [kaimi-io/web-fuzz-wordlists](https://github.com/kaimi-io/web-fuzz-wordlists) Common Web Managers Fuzz Wordlists
- [**68**Star][3m] [Py] [leadroyal/ss-redirect-vuln-exp](https://github.com/leadroyal/ss-redirect-vuln-exp) 
- [**68**Star][17d] [C] [srcclr/bughunt](https://github.com/srcclr/bughunt) A weekly challenge where we share some code and you find a bug in it.
- [**68**Star][3m] [Ruby] [tuwukee/blab](https://github.com/tuwukee/blab) A debugging tool
- [**68**Star][14d] [Py] [evanleungc/ctrip_spider](https://github.com/evanleungc/ctrip_spider) 携程爬虫(破解eleven, ctrip_cookie)
- [**68**Star][17d] [C] [silgy/silgy](https://github.com/silgy/silgy) Asynchronous HTTP(S) engine for C/C++ projects
- [**68**Star][2m] [Py] [levirve/dcard-spider](https://github.com/levirve/dcard-spider) A spider on Dcard. Strong and speedy.
- [**68**Star][13d] [C++] [62726164/dpg](https://github.com/62726164/dpg) The Deterministic Password Generator
- [**68**Star][7m] [lixiangyun/envoyproxy_doc_zh_cn](https://github.com/lixiangyun/envoyproxy_doc_zh_cn) envoyproxy 智能代理中文参考文档 v1.5.0
- [**68**Star][11d] [JS] [isard-vdi/isard](https://github.com/isard-vdi/isard) Isard VDI Project. Open Source KVM Virtual Desktops based on KVM Linux and dockers
- [**68**Star][22d] [Shell] [stanback/alpine-strongswan-vpn](https://github.com/stanback/alpine-strongswan-vpn) Dockerfile and related configuration for setting up a roadwarrior IKEv2-based VPN
- [**68**Star][2m] [PHP] [carlalexander/passwords-evolved](https://github.com/carlalexander/passwords-evolved) WordPress password authentication for the modern era
- [**68**Star][16d] [C++] [araffin/arduino-robust-serial](https://github.com/araffin/arduino-robust-serial) A simple and robust serial communication protocol. It was designed for Arduino but can be used for other purposes (e.g. bluetooth, sockets). Implementation in C Arduino, C++, Python and Rust.
- [**68**Star][26d] [Java] [vinnyoodles/algorithms](https://github.com/vinnyoodles/algorithms) Interview prep with algorithms and data structures
- [**68**Star][4m] [Batchfile] [c0nw0nk/steamcmd-autoupdate-any-gameserver](https://github.com/c0nw0nk/steamcmd-autoupdate-any-gameserver) Windows SteamCMD to autoupdate and install any game server steam cmd settings configurable lots of useful features. This batch script will keep your game servers automaticly updated updating intervals announce the server is shutting down for updates etc all configurable.
- [**68**Star][4m] [Py] [fsciety/thealgorithms](https://github.com/fsciety/thealgorithms) Algorithms repository.
- [**68**Star][11d] [C] [tidesec/peach_fuzzing](https://github.com/tidesec/peach_fuzzing) 在学习使用peach进行模糊测试时，搜集到的一些不错的资料，以及配套的一些软件或脚本。
- [**68**Star][3m] [dekunukem/powerduino](https://github.com/dekunukem/powerduino) A user-programmable power strip with energy monitoring and wireless connectivity.
- [**68**Star][4m] [Py] [mitmproxy/netlib](https://github.com/mitmproxy/netlib) 
- [**68**Star][23d] [Py] [mozillasecurity/lithium](https://github.com/mozillasecurity/lithium) Line-based testcase reducer
- [**68**Star][22d] [C] [shellphish/driller-afl](https://github.com/shellphish/driller-afl) A version of AFL tailored for Driller's use in analyzing CGC binaries.
- [**68**Star][12d] [Py] [tribler/py-ipv8](https://github.com/tribler/py-ipv8) Python implementation of the IPv8 layer
- [**68**Star][4m] [Py] [ehco1996/lazyspider](https://github.com/ehco1996/lazyspider) 爬虫的各种坑 我来填 :)
- [**68**Star][29d] [Py] [skelsec/responder3](https://github.com/skelsec/responder3) Responder for Python3
- [**68**Star][20d] [bastilleresearch/keyjack](https://github.com/bastilleresearch/keyjack) Device discovery tools and encrypted keystroke injection advisories for Logitech, Dell, Lenovo and AmazonBasics
- [**68**Star][14d] [Py] [shadowsocksr-live/shadowsocksr](https://github.com/shadowsocksr-live/shadowsocksr) 
- [**68**Star][20d] [Py] [thelsa/ueditor-getshell](https://github.com/thelsa/ueditor-getshell) ueditor .net getshell
- [**68**Star][4m] [Py] [jedahan/haiku-wifi](https://github.com/jedahan/haiku-wifi) turn your wireless router's extra radios into a public billboard!
- [**68**Star][4m] [JS] [substack/wit](https://github.com/substack/wit) command-line wifi manager for linux
- [**68**Star][16d] [Py] [silverbooker/ofospider](https://github.com/silverbooker/ofospider) ofo共享单车爬虫
- [**68**Star][4m] [Py] [misp/misp-maltego](https://github.com/misp/misp-maltego) Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
- [**68**Star][27d] [Py] [landgrey/cve-2019-7609](https://github.com/landgrey/cve-2019-7609) exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
- [**68**Star][6m] [ObjC] [synacktiv-contrib/cve-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193) exploit for CVE-2018-4193
- [**68**Star][1m] [Py] [plantdaddy/fuzzap](https://github.com/PlantDaddy/FuzzAP) A python script for obfuscating wireless networks
- [**68**Star][19d] [C] [0e85dc6eaf/ctf-writeups](https://github.com/0e85dc6eaf/CTF-Writeups) Writeups/solutions
- [**68**Star][17d] [Py] [crytic/pyevmasm](https://github.com/crytic/pyevmasm) Ethereum Virtual Machine (EVM) disassembler and assembler
- [**68**Star][2y] [Py] [zldww2011/cve-2018-0802_poc](https://github.com/zldww2011/cve-2018-0802_poc) Exploit the vulnerability to execute the calculator
- [**68**Star][4m] [C++] [zenlulz/fasm.net](https://github.com/zenlulz/fasm.net) A managed wrapper to use FASM compiler from .NET applications.
- [**68**Star][7d] [Java] [wkgcass/vproxy](https://github.com/wkgcass/vproxy) 1) proxy: LB,DNS,Socks. 2) k8s: CRD and Controllers. 3) sdn: L3 Stackable Virtual Switch.
- [**68**Star][26d] [C++] [velocityra/pctation](https://github.com/velocityra/pctation) PlayStation emulator & debugger in C++17
- [**68**Star][3y] [Shell] [trpt/usbdeath](https://github.com/trpt/usbdeath) anti-forensic tool that writes udev rules for known usb devices and do some things at unknown usb insertion or specific usb device removal
- [**68**Star][2y] [Py] [theevilbit/workshops](https://github.com/theevilbit/workshops) 
- [**68**Star][2y] [tevora-threat/powerview3-aggressor](https://github.com/tevora-threat/powerview3-aggressor) Cobalt Strike Aggressor script menu for Powerview/SharpView
- [**68**Star][10d] [Py] [sysopfb/malware_decoders](https://github.com/sysopfb/malware_decoders) Static based decoders for malware samples
- [**68**Star][2m] [JS] [sergejmueller/wpcheck](https://github.com/sergejmueller/wpcheck) Vulnerability scanner for WordPress based on Node.js
- [**68**Star][4m] [JS] [serain/netmap.js](https://github.com/serain/netmap.js) Fast browser-based network discovery module
- [**68**Star][13d] [Shell] [security-onion-solutions/securityonion-saltstack](https://github.com/security-onion-solutions/securityonion-saltstack) 
- [**68**Star][1y] [C#] [securifybv/shelllink](https://github.com/securifybv/shelllink) A .NET Class Library for processing ShellLink (LNK) files
- [**68**Star][1y] [JS] [saelo/v9](https://github.com/saelo/v9) Files for the "v9" challenge of 34C3 CTF. See the greeting message in server.go for more information about the challenge
- [**68**Star][25d] [Shell] [rfxn/advanced-policy-firewall](https://github.com/rfxn/advanced-policy-firewall) Advanced Policy Firewall (APF)
- [**68**Star][2m] [C] [quokkalight/rkduck](https://github.com/quokkalight/rkduck) Linux v4.x.x Rootkit
- [**68**Star][14d] [Rust] [poc-consortium/scavenger](https://github.com/poc-consortium/scavenger) A fast Burstcoin miner written in Rust
- [**68**Star][1y] [JS] [plazmaz/mongodb-honeyproxy](https://github.com/plazmaz/mongodb-honeyproxy) A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
- [**68**Star][4m] [Py] [piratesonlinerewritten/pirates-online-rewritten](https://github.com/piratesonlinerewritten/pirates-online-rewritten) Official repository for the Pirates Online Rewritten source code.
- [**68**Star][1y] [C] [phonegapx/airplay](https://github.com/phonegapx/airplay) 关于AirPlay的一些逆向研究成果。
- [**68**Star][7m] [HTML] [patrowl/patrowldocs](https://github.com/patrowl/patrowldocs) PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
- [**68**Star][1m] [C++] [not-wlan/driver-hijack](https://github.com/not-wlan/driver-hijack) 
- [**68**Star][16d] [Lua] [netxfly/nginx_lua_security](https://github.com/netxfly/nginx_lua_security) 浅谈nginx+lua在安全中的应用
- [**68**Star][2m] [Py] [nccgroup/hashcrack](https://github.com/nccgroup/hashcrack) Guesses hash types, picks some sensible dictionaries and rules for hashcat
- [**68**Star][12d] [Go] [moriyoshi/devproxy](https://github.com/moriyoshi/devproxy) A swiss army knife of forward HTTP proxies
- [**68**Star][2y] [Perl] [mobrine-mob/m0b-tool](https://github.com/mobrine-mob/m0b-tool) exploit
- [**68**Star][2m] [Go] [mmcloughlin/pearl](https://github.com/mmcloughlin/pearl) Tor relay implementation in Golang
- [**68**Star][27d] [ASP] [merttasci/weapons4pentester](https://github.com/merttasci/weapons4pentester) 
- [**68**Star][12d] [PHP] [mbolli/nfsen-ng](https://github.com/mbolli/nfsen-ng) Responsive NetFlow visualizer built on top of nfdump tools.
- [**68**Star][2y] [Py] [martinoj2009/icmpexfil](https://github.com/martinoj2009/icmpexfil) Exfiltrate data with ICMP
- [**68**Star][4m] [PHP] [marcocesarato/php-antimalware-scanner](https://github.com/marcocesarato/php-antimalware-scanner) AMWSCAN (Antimalware Scanner) is a php antimalware/antivirus scanner console script written in php for scan your project. This can work on php projects and a lot of others platform.
- [**68**Star][4m] [C#] [maraudershell/marauder](https://github.com/maraudershell/marauder) A .NET agent for the Faction C2 Framework
- [**68**Star][9m] [C#] [malwarialabs/derbycon2019](https://github.com/malwarialabs/derbycon2019) Code & Slides For DerbyCon 2019
- [**68**Star][2m] [C++] [m000/dtracker](https://github.com/m000/dtracker) DataTracker: A Pin tool for collecting high-fidelity data provenance from unmodified programs.
- [**68**Star][21d] [C] [luigirizzo/netmap-libpcap](https://github.com/luigirizzo/netmap-libpcap) Automatically exported from code.google.com/p/netmap-libpcap
- [**68**Star][18d] [C] [libyal/libfsntfs](https://github.com/libyal/libfsntfs) Library and tools to access the Windows New Technology File System (NTFS)
- [**68**Star][4m] [Go] [konimarti/opc](https://github.com/konimarti/opc) OPC DA client in Golang for monitoring and analyzing process data based on Windows COM.
- [**68**Star][4m] [Terra] [kitware/smqtk](https://github.com/kitware/smqtk) Python toolkit for pluggable algorithms and data structures for multimedia-based machine learning.
- [**68**Star][6y] [MATLAB] [jiaoxianjun/rtl-sdr-lte](https://github.com/jiaoxianjun/rtl-sdr-lte) Play with LTE signal (especially China TD-LTE) captured by rtl-sdr
- [**68**Star][5m] [Py] [jgamblin/badactors](https://github.com/jgamblin/badactors) Create a list of bad actors from public IP blacklist.
- [**68**Star][1y] [Java] [javabeanz/owasp-security-logging](https://github.com/javabeanz/owasp-security-logging) OWASP Security Logging library for Java
- [**68**Star][6m] [intrepidusgroup/rpi-atv](https://github.com/intrepidusgroup/rpi-atv) David Schuetz's Raspberry Pi/Apple TV talk at Derbycon
- [**68**Star][14d] [C] [ilammy/ftrace-hook](https://github.com/ilammy/ftrace-hook) Using ftrace for function hooking in Linux kernel
- [**68**Star][27d] [PHP] [googleinurl/routerhunterbr](https://github.com/googleinurl/routerhunterbr) TOOL - Unauthenticated Remote DNS , Scanner ranger IP.
- [**68**Star][1y] [C++] [fr0gger/rocprotect-v1](https://github.com/fr0gger/rocprotect-v1) Emulating Virtual Environment to stay protected against advanced malware
- [**68**Star][1m] [Py] [fossfreedom/coverart-browser](https://github.com/fossfreedom/coverart-browser) Browse your cover-art albums in Rhythmbox v2.96 - 3.0+
- [**68**Star][23d] [Py] [forallsecure/bncov](https://github.com/forallsecure/bncov) Scriptable Binary Ninja plugin for coverage analysis and visualization
- [**68**Star][2m] [Py] [falcon-lnhg/mwebfp](https://github.com/falcon-lnhg/mwebfp) LNHG - Mass Web Fingerprinter
- [**68**Star][1m] [Shell] [f5networks/f5-azure-arm-templates](https://github.com/f5networks/f5-azure-arm-templates) Azure Resource Manager Templates for quickly deploying BIG-IP services in Azure
- [**68**Star][4m] [C++] [explife0011/cve-2019-0803](https://github.com/explife0011/cve-2019-0803) Win32k Elevation of Privilege Poc
- [**68**Star][3m] [Py] [evilsocket/fang](https://github.com/evilsocket/fang) A multi service threaded MD5 cracker
- [**68**Star][4y] [CSS] [enddo/cjexploiter](https://github.com/enddo/cjexploiter) Drag and Drop ClickJacking exploit development assistance tool.
- [**68**Star][12m] [Py] [deptofdefense/salsa](https://github.com/deptofdefense/salsa) Salvaging Static Analysis
- [**68**Star][4m] [HTML] [deadlyelder/tools-for-cryptanalysis](https://github.com/deadlyelder/tools-for-cryptanalysis) A repository that aims to provide tools for cryptography and cryptanalysis
- [**68**Star][3y] [HTML] [davevs/dvxte](https://github.com/davevs/dvxte) Damn Vulnerable Xebia Training Environment
- [**68**Star][3y] [Eagle] [dangrie158/esptool](https://github.com/dangrie158/esptool) 
- [**68**Star][14d] [Py] [d-rickyy-b/pastepwn](https://github.com/d-rickyy-b/pastepwn) Python framework to scrape Pastebin pastes and analyze them
- [**68**Star][23d] [Py] [cyboxproject/python-cybox](https://github.com/cyboxproject/python-cybox) A Python library for parsing, manipulating, and generating CybOX content.
- [**68**Star][2y] [Py] [crescentvenus/walb](https://github.com/crescentvenus/walb) WALB is raspberry Pi and HackRF based Wireless Attack LaunchBox.
- [**68**Star][1y] [JS] [cookiengineer/adblock-proxy](https://github.com/cookiengineer/adblock-proxy) 
- [**68**Star][2y] [C++] [codewhitesec/unmarshalpwn](https://github.com/codewhitesec/unmarshalpwn) POC for CVE-2018-0824
- [**68**Star][11d] [Java] [codelion/gramtest](https://github.com/codelion/gramtest) GramTest: A tool for Grammar based Test case generation
- [**68**Star][30d] [Py] [cleanunicorn/karl](https://github.com/cleanunicorn/karl) Monitor smart contracts deployed on blockchain and test against vulnerabilities with Mythril
- [**68**Star][3m] [Py] [claudioviviani/ms17-010-m4ss-sc4nn3r](https://github.com/claudioviviani/ms17-010-m4ss-sc4nn3r) MS17-010 multithreading scanner written in python.
- [**68**Star][18d] [Py] [christophetd/firepwned](https://github.com/christophetd/firepwned) 
- [**68**Star][3m] [Py] [cerbo/aws-waf-security-automation](https://github.com/cerbo/aws-waf-security-automation) Amazon WAF Security Automation deployment (modular with Terraform)
- [**68**Star][18d] [Py] [byt3bl33d3r/duckhunter](https://github.com/byt3bl33d3r/duckhunter) Converts a USB Rubber ducky script into a Kali Nethunter friendly format for the HID attack
- [**68**Star][5y] [Py] [byt3bl33d3r/beef-api](https://github.com/byt3bl33d3r/beef-api) Python library that facilitates interfacing with BeEF via it's RESTful API
- [**68**Star][1m] [Py] [bwall/ssdc](https://github.com/bwall/ssdc) ssdeep based clustering tool
- [**68**Star][2m] [C] [bskari/sqlassie](https://github.com/bskari/sqlassie) database firewall
- [**68**Star][10m] [Py] [brakmic/sinkholes](https://github.com/brakmic/sinkholes) 
- [**68**Star][2m] [Py] [bluebird75/winpdb](https://github.com/bluebird75/winpdb) Fork of the official winpdb with improvements
- [**68**Star][2y] [Lua] [beaujeant/pwnadventure3](https://github.com/beaujeant/pwnadventure3) Resources for the Pwn Adventure 3 challenges from GITS'15 (
- [**68**Star][7y] [atimorin/poc2013](https://github.com/atimorin/poc2013) Power of Community 2013 conference special release of ICS/SCADA toolkit
- [**68**Star][29d] [Py] [armbues/deep_cyber](https://github.com/armbues/deep_cyber) A recurrent neural network trained with tweets from #cyber #security companies
- [**68**Star][1m] [Shell] [ankh2054/linux-pentest](https://github.com/ankh2054/linux-pentest) Linux pentest tools
- [**68**Star][1m] [Shell] [angr/angr-dev](https://github.com/angr/angr-dev) Some helper scripts to set up an environment for angr development.
- [**68**Star][5m] [ObjC] [alexdenisov/fuzzer](https://github.com/alexdenisov/fuzzer) Do not crash when your server lies
- [**68**Star][2y] [C] [akayn/kbmon](https://github.com/akayn/kbmon) Kernel Mode, driver only, ring O, remote UDP ,windows 10, keylogger. (no data needs to be writen to disk..).
- [**68**Star][6y] [C] [akamajoris/php-extension-backdoor](https://github.com/akamajoris/php-extension-backdoor) Simple php backdoor based on extension
- [**68**Star][5y] [Py] [ajinabraham/xenotix-apk-reverser](https://github.com/ajinabraham/xenotix-apk-reverser) Xenotix APK Reverser is an OpenSource Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core.
- [**68**Star][5m] [abazhaniuk/publications](https://github.com/abazhaniuk/publications) Slides, Papers, Links to CVEs and advisories
- [**67**Star][9d] [JS] [lordfriky/web-cfw-loader](https://github.com/lordfriky/web-cfw-loader) A payload launcher made in javascript for the Nintendo Switch
- [**67**Star][12d] [Java] [nccgroup/pcap-burp](https://github.com/nccgroup/pcap-burp) Pcap importer for Burp
- [**67**Star][3m] [Py] [preempt/ntlm-scanner](https://github.com/preempt/ntlm-scanner) A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities
- [**67**Star][4m] [C#] [m0rv4i/sharpcookiemonster](https://github.com/m0rv4i/sharpcookiemonster) Extracts cookies from Chrome.
- [**67**Star][1m] [C++] [p2psp/core](https://github.com/p2psp/core) Implementation of P2PSP: An application layer protocol for the real-time streaming of multimedia content over the Internet.
- [**67**Star][4m] [Py] [lumyjuwon/koreanewscrawler](https://github.com/lumyjuwon/koreanewscrawler) 대량의 뉴스 데이터를 수집하기 위해 만들어진 뉴스 크롤러입니다.
- [**67**Star][11d] [d1nfinite/sec-interview](https://github.com/d1nfinite/sec-interview) 信息安全面试题汇总
- [**67**Star][2m] [C++] [ytsutano/axmldec](https://github.com/ytsutano/axmldec) Stand-alone binary AndroidManifest.xml decoder
- [**67**Star][10m] [PHP] [gidlov/copycat](https://github.com/gidlov/copycat) A PHP Scraping Class
- [**67**Star][16d] [Py] [philipperemy/amazon-reviews-scraper](https://github.com/philipperemy/amazon-reviews-scraper) Yet another multi language scraper for Amazon targeting reviews.
- [**67**Star][2m] [Py] [wisedoge/crawler_examples](https://github.com/WiseDoge/crawler_examples) Some classic web crawler projects.一些经典的爬虫
- [**67**Star][1m] [Py] [halit/isip](https://github.com/halit/isip) Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks.
- [**67**Star][2m] [JS] [jiang-xuan/deepinss](https://github.com/jiang-xuan/deepinss) Deep in shadowsocks.
- [**67**Star][1m] [Ruby] [p3nt4/metasploit-modules](https://github.com/p3nt4/metasploit-modules) Collection of metasploit modules
- [**67**Star][2m] [ObjC] [project-imas/memory-security](https://github.com/project-imas/memory-security) Tools for securely clearing and validating iOS application memory
- [**67**Star][21d] [Eagle] [blacksphere/blackmagic-hardware](https://github.com/blacksphere/blackmagic-hardware) Hardware design files for the Black Magic Probe
- [**67**Star][3m] [Py] [hasherezade/password_scrambler](https://github.com/hasherezade/password_scrambler) Password scrambler - small util to make your easy passwords complicated!
- [**67**Star][6m] [Ruby] [achillean/shodan-ruby](https://github.com/achillean/shodan-ruby) Ruby library for SHODAN
- [**67**Star][24d] [PHP] [wifidog/wifidog-auth-laravel](https://github.com/wifidog/wifidog-auth-laravel) Rework wifidog-auth by Laravel
- [**67**Star][10d] [C#] [easyhook/easyhook-tutorials](https://github.com/easyhook/easyhook-tutorials) Contains the source code for the EasyHook tutorials found at
- [**67**Star][4y] [jipegit/irnotes](https://github.com/jipegit/irnotes) Some IR notes
- [**67**Star][5m] [Rust] [rabbitstack/cubostratus](https://github.com/rabbitstack/cubostratus) Blazingly fast Linux syscall collector
- [**67**Star][1m] [Py] [jas502n/solr_rce](https://github.com/jas502n/solr_rce) Apache Solr RCE via Velocity template
- [**67**Star][10d] [fatihh92/hackthebox-writeups](https://github.com/fatihh92/hackthebox-writeups) 
- [**67**Star][7m] [Py] [nccgroup/gtfoblookup](https://github.com/nccgroup/gtfoblookup) Offline command line lookup utility for GTFOBins (
- [**67**Star][11d] [Py] [chenqing/spider](https://github.com/chenqing/spider) 爬一些常用的电影网站的连接
- [**67**Star][9d] [JS] [lordfriky/web-cfw-loader](https://github.com/lordfriky/web-cfw-loader) A payload launcher made in javascript for the Nintendo Switch
- [**67**Star][12d] [ds19991999/secbox](https://github.com/ds19991999/SecBox) 
- [**67**Star][1y] [JS] [radareorg/radare2-webui](https://github.com/radareorg/radare2-webui) webui repository for radare2
- [**67**Star][23d] [Py] [crytic/etheno](https://github.com/crytic/etheno) Simplify Ethereum security analysis and testing
- [**67**Star][3y] [Java] [fsecurelabs/drozer-agent](https://github.com/FSecureLABS/drozer-agent) The Android Agent for the Mercury Security Assessment Framework.
- [**67**Star][3m] [Py] [yelp/parcelgen](https://github.com/yelp/parcelgen) Helpful tool to make data objects easier for Android
- [**67**Star][30d] [C++] [xpn/getsystem-offline](https://github.com/xpn/getsystem-offline) Small tool to get a SYSTEM shell
- [**67**Star][5m] [xnymia/suricata-signatures](https://github.com/xnymia/suricata-signatures) Suricata rules for Emerging Threats and funkyness
- [**67**Star][4m] [C] [xiao70/x70fsd](https://github.com/xiao70/x70fsd) Windows file system filter drivers(minifilter) to encrypt, compress, or otherwise modify file-based data require some of the most complex kernel software developed for Windows.
- [**67**Star][4m] [C#] [viniciuschiele/scrypt](https://github.com/viniciuschiele/scrypt) A .NET implementation of scrypt password hash algorithm.
- [**67**Star][4m] [Py] [ultrasecurity/telekiller](https://github.com/ultrasecurity/telekiller) A Tools Session Hijacking And Stealer Local Passcode Telegram Windows
- [**67**Star][4m] [C] [ufrisk/leechcore](https://github.com/ufrisk/leechcore) LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent
- [**67**Star][2m] [Py] [tycx2ry/docker_api_vul](https://github.com/tycx2ry/docker_api_vul) docker 未授权访问漏洞利用脚本
- [**67**Star][11m] [C++] [troybowman/dtxmsg](https://github.com/troybowman/dtxmsg) an IDA plugin that helped me reverse-engineer the DTXConnectionServices framework.
- [**67**Star][12d] [Lua] [tkcert/winnti-nmap-script](https://github.com/tkcert/winnti-nmap-script) Nmap Script to scan for Winnti infections
- [**67**Star][6y] [Java] [ssexxe/xxebugfind](https://github.com/ssexxe/xxebugfind) A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
- [**67**Star][18d] [JS] [smarttang/sosrp](https://github.com/smarttang/sosrp) SOSRP Security 安全平台
- [**67**Star][28d] [C] [skeeto/ptrace-examples](https://github.com/skeeto/ptrace-examples) Examples for Linux ptrace(2)
- [**67**Star][2y] [Py] [shengqi158/cve-2018-2628](https://github.com/shengqi158/cve-2018-2628) CVE-2018-2628 & CVE-2018-2893
- [**67**Star][1m] [HTML] [secwiki/ipot](https://github.com/secwiki/ipot) Honeypot Research Blog 
- [**67**Star][5m] [C] [seanheelan/heaplayout](https://github.com/seanheelan/heaplayout) Source code for paper 'Automatic Heap Layout Manipulation for Exploitation'
- [**67**Star][16d] [Assembly] [scorchsecurity/systorm](https://github.com/scorchsecurity/systorm) NASM Standard Library for shellcode
- [**67**Star][5m] [Py] [sapir/sonare](https://github.com/sapir/sonare) A Qt-based disassembly viewer based on radare2
- [**67**Star][4m] [PS] [sadprocessor/cypherdog](https://github.com/sadprocessor/cypherdog) PoSh BloodHound Dog Whisperer
- [**67**Star][3y] [Lua] [s4n7h0/nse](https://github.com/s4n7h0/nse) Some of my work on Nmap Scripts (NSE)
- [**67**Star][4m] [C] [rydoginator/acnl-ntr-cheats](https://github.com/rydoginator/acnl-ntr-cheats) A combination of cheats that I've been creating with NTR
- [**67**Star][1m] [Shell] [ropnop/kerberos_windows_scripts](https://github.com/ropnop/kerberos_windows_scripts) Collection of scripts for interacting with AD Kerberos from Linux
- [**67**Star][1m] [C] [riscure/optee_fuzzer](https://github.com/riscure/optee_fuzzer) This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.
- [**67**Star][3y] [richinseattle/evolutionarykernelfuzzing](https://github.com/richinseattle/evolutionarykernelfuzzing) Materials for the Evolutionary Kernel Fuzzing talk at Black Hat USA 2017
- [**67**Star][2y] [Py] [ralphje/imagemounter](https://github.com/ralphje/imagemounter) Command line utility and Python package to ease the (un)mounting of forensic disk images
- [**67**Star][11d] [C] [rahra/onioncat](https://github.com/rahra/onioncat) Official repository of OnionCat, the VPN adapter for Tor and I2P.
- [**67**Star][1m] [C] [qwaz/solved-hacking-problem](https://github.com/qwaz/solved-hacking-problem) 
- [**67**Star][3y] [JS] [pythonran/pcap_tools](https://github.com/pythonran/pcap_tools) 网络流量可配置嗅探，流量包解析，漏洞规则扫描，生成报告
- [**67**Star][1y] [Java] [pyn3rd/cve-2018-3252](https://github.com/pyn3rd/cve-2018-3252) CVE-2018-3252-PoC
- [**67**Star][28d] [Ruby] [puppetlabs/puppetlabs-inifile](https://github.com/puppetlabs/puppetlabs-inifile) Resource types for managing settings in INI files
- [**67**Star][7y] [PHP] [pshep/anubis](https://github.com/pshep/anubis) Web front-end (api interface) to CGMINER
- [**67**Star][9m] [HTML] [project-prismatica/prismatica](https://github.com/project-prismatica/prismatica) Responsive Command and Control System
- [**67**Star][14d] [Lua] [pr4jwal/quick-scripts](https://github.com/pr4jwal/quick-scripts) A collection of my quick and dirty scripts for vulnerability POC and detections
- [**67**Star][2m] [pinkp4nther/aws-testing-notes](https://github.com/pinkp4nther/aws-testing-notes) Notes as I learn basic AWS penetration testing
- [**67**Star][10d] [Shell] [pansen/macos-sandbox-profiles](https://github.com/pansen/macos-sandbox-profiles) sandbox files for some applications running on osx for more security
- [**67**Star][3m] [oj/bsides-2017-ctf-docker](https://github.com/oj/bsides-2017-ctf-docker) BSidesCBR CTF docker compose files
- [**67**Star][15d] [Py] [nlitsme/ubidump](https://github.com/nlitsme/ubidump) Tool for viewing and extracting files from an UBIFS image
- [**67**Star][1m] [C] [nccgroup/cachegrab](https://github.com/nccgroup/cachegrab) 执行和可视化针对软件的由 trace 驱动的缓存攻击(需要启用TrustZone 的 ARMv8 内核)
- [**67**Star][5m] [C#] [muraad/mime-detective](https://github.com/muraad/mime-detective) Mime type for files.
- [**67**Star][8m] [Go] [mozilla/audit-go](https://github.com/mozilla/audit-go) Linux Audit Plugin for heka written using netlink Protocol in golang and Lua
- [**67**Star][20d] [Py] [milesrichardson/docker-nfqueue-scapy](https://github.com/milesrichardson/docker-nfqueue-scapy) Docker容器，使用python脚本在netfilter队列中监听数据包，并使用scapy操作数据包。
- [**67**Star][2m] [C] [merlijnwajer/tracy](https://github.com/merlijnwajer/tracy) tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
- [**67**Star][24d] [Ruby] [mephux/ruby-nessus](https://github.com/mephux/ruby-nessus) Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner.
- [**67**Star][5m] [Kotlin] [mangatmodi/randomjson](https://github.com/mangatmodi/randomjson) Provides a Kotlin/Java library to create a random json string
- [**67**Star][5y] [C] [malwaretech/basichook](https://github.com/malwaretech/basichook) x86 Inline hooking engine (using trampolines)
- [**67**Star][13d] [C] [luoyanbei/testhookzz](https://github.com/luoyanbei/testhookzz) iOS逆向：使用HookZz框架hook游戏“我的战争”，进入上帝模式
- [**67**Star][4m] [PS] [luciusbono/packer-windows10](https://github.com/luciusbono/packer-windows10) A Packer build for Windows 10
- [**67**Star][2y] [C++] [leeqwind/holicpoc](https://github.com/leeqwind/holicpoc) POC and exploitation of vulnerabilities
- [**67**Star][2y] [Swift] [ktakayama/notificationcrash](https://github.com/ktakayama/notificationcrash) 
- [**67**Star][11d] [Py] [klsecservices/s7scan](https://github.com/klsecservices/s7scan) The tool for enumerating Siemens S7 PLCs through TCP/IP or LLC network
- [**67**Star][7y] [Py] [kevthehermit/yarapcap](https://github.com/kevthehermit/yarapcap) Process HTTP Pcaps With YARA
- [**67**Star][1y] [Py] [k4yt3x/scutum](https://github.com/k4yt3x/scutum) Linux Automatic ARP (TCP / UDP / ICMP) Firewall
- [**67**Star][4m] [Py] [josue87/boomer](https://github.com/josue87/boomer) Framework for exploiting local vulnerabilities
- [**67**Star][16d] [ObjC] [iscanner/iscanner_ios](https://github.com/iscanner/iscanner_ios) An easy-to-use scanner app for iOS.
- [**67**Star][4m] [Py] [immunit/xip](https://github.com/immunit/xip) XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc.
- [**67**Star][5m] [Py] [ianmiell/autotrace](https://github.com/ianmiell/autotrace) Runs a process, and gives you the output along with other telemetry on the process, all in one terminal window.
- [**67**Star][3m] [Ruby] [hercules-team/augeasproviders](https://github.com/hercules-team/augeasproviders) Alternative Augeas-based providers for Puppet
- [**67**Star][3y] [Py] [harmj0y/impdump](https://github.com/harmj0y/impdump) This is a simple parser for/decrypter for Impacket's esentutl.py utility. It assists with decrypting hashes and hash histories from ntds.dit databases.
- [**67**Star][1m] [Py] [halit/isip](https://github.com/halit/isip) Interactive sip toolkit for packet manipulations, sniffing, man in the middle attacks, fuzzing, simulating of dos attacks.
- [**67**Star][12d] [JS] [gwilken/ariadne-io](https://github.com/gwilken/ariadne-io) A wireless hardware and software IoT project that monitors multiple streams of data from a sailboat. Access realtime information on any web enabled device. Built with React, Node.js, MongoDB, and Express
- [**67**Star][21d] [HTML] [gwen001/actarus](https://github.com/gwen001/actarus) Actarus is a custom tool for bug bounty
- [**67**Star][2m] [Py] [gr4ym4ntx/attackintel](https://github.com/gr4ym4ntx/attackintel) A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
- [**67**Star][22d] [JS] [es-community/nsecure](https://github.com/es-community/nsecure) Node.js security CLI / API that allow you to deeply analyze the dependency tree of a given package / directory
- [**67**Star][4m] [Go] [dsnezhkov/sshorty](https://github.com/dsnezhkov/sshorty) A progressive, customizable armored SSH tunnel implant for Linux and MacOS systems
- [**67**Star][11d] [d1nfinite/sec-interview](https://github.com/d1nfinite/sec-interview) 信息安全面试题汇总
- [**67**Star][2y] [Py] [debasishm89/openxmolar](https://github.com/debasishm89/openxmolar) A MS OpenXML Format Fuzzing Framework
- [**67**Star][23d] [Py] [daniestevez/free-outernet](https://github.com/daniestevez/free-outernet) Free Software Outernet receiver
- [**67**Star][13d] [danielmiessler/blackhat-arsenal-tools](https://github.com/danielmiessler/blackhat-arsenal-tools) Official Black Hat Arsenal Security Tools Repository
- [**67**Star][15d] [cujanovic/subdomain-bruteforce-list](https://github.com/cujanovic/subdomain-bruteforce-list) subdomain bruteforce list
- [**67**Star][2m] [Py] [cryptax/dextools](https://github.com/cryptax/dextools) Miscellaenous DEX (Dalvik Executable) tools
- [**67**Star][27d] [Py] [coalfire-research/sqlinator](https://github.com/coalfire-research/sqlinator) Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
- [**67**Star][1m] [Py] [circl/cve-portal](https://github.com/circl/cve-portal) Common Vulnerabilities and Exposures - Portal
- [**67**Star][20d] [Py] [cdisselkoen/pitchfork](https://github.com/cdisselkoen/pitchfork) Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr)
- [**67**Star][29d] [Py] [bkerler/oppo_decrypt](https://github.com/bkerler/oppo_decrypt) Oppo/Oneplus .ops Firmware decrypter
- [**67**Star][6m] [JS] [bitsofinfo/stateful-process-command-proxy](https://github.com/bitsofinfo/stateful-process-command-proxy) node.js module for executing os commands against a pool of stateful child processes such as bash or powershell via stdout and stderr streams
- [**67**Star][14d] [CMake] [argilo/gr-elster](https://github.com/argilo/gr-elster) A GNU Radio block that decodes packets transmitted by Elster R2S smart meters
- [**67**Star][24d] [CSS] [appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows](https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows) Repository for all the workshop content delivered at nullcon X on 1st of March 2019
- [**67**Star][5m] [JS] [alexisdanizan/checklist-tools-website](https://github.com/alexisdanizan/checklist-tools-website) 
- [**67**Star][11d] [C++] [ahupowerdns/galmon](https://github.com/ahupowerdns/galmon) galileo open source monitoring
- [**67**Star][1m] [C++] [agustingianni/retools](https://github.com/agustingianni/retools) retools: a reverse engineering toolkit for normies
- [**67**Star][5m] [Py] [agroce/tstl](https://github.com/agroce/tstl) Template Scripting Testing Language tool: automated test generation for Python
- [**67**Star][14d] [Py] [adamchainz/patchy](https://github.com/adamchainz/patchy) 
- [**67**Star][2y] [C++] [3gstudent/use-com-objects-to-bypass-uac](https://github.com/3gstudent/use-com-objects-to-bypass-uac) 
- [**67**Star][3m] [Go] [0xfe/lumen](https://github.com/0xfe/lumen) A commandline client for the Stellar blockchain
- [**66**Star][4m] [YARA] [fuzzysecurity/bluehatil-2020](https://github.com/fuzzysecurity/bluehatil-2020) BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET
- [**66**Star][1m] [Go] [optimatiq/threatbite](https://github.com/optimatiq/threatbite) ThreatBite is a real-time service that detects unwanted web users.
- [**66**Star][4m] [HTML] [cyc10n3/wpscan_web_interface](https://github.com/cyc10n3/wpscan_web_interface) A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
- [**66**Star][3m] [C++] [v-p-b/cve-2019-12750](https://github.com/v-p-b/cve-2019-12750) sploit
- [**66**Star][2m] [HTML] [sschuberth/gfw-msys1-sdk](https://github.com/sschuberth/gfw-msys1-sdk) This is an Inno Setup based wrapper around mingw-get which installs a development environment based on MSYS1 for building Git for Windows using GCC.
- [**66**Star][4m] [Swift] [netguru/blueswift](https://github.com/netguru/blueswift) Swift framework for easy connection with Bluetooth peripherals.
- [**66**Star][11d] [Go] [nooncall/shazam](https://github.com/nooncall/shazam) mysql proxy and platform
- [**66**Star][4m] [Java] [solinor/react-native-bluetooth-status](https://github.com/solinor/react-native-bluetooth-status) React-Native library to query and manage bluetooth state of the device (iOS and Android)
- [**66**Star][21d] [Java] [mincong-h/algorithm-princeton](https://github.com/mincong-h/algorithm-princeton) Coursera - Introduction to Algorithms
- [**66**Star][4m] [Py] [ice-tong/tumblrspider](https://github.com/ice-tong/tumblrspider) 汤不热爬虫，使用scrapy编写的python爬虫，爬取汤不热上用户发布的图片与视频，下载到本地，无需cookies。
- [**66**Star][17d] [Erlang] [deadtrickster/ssl_verify_fun.erl](https://github.com/deadtrickster/ssl_verify_fun.erl) Collection of ssl verification functions for Erlang
- [**66**Star][4m] [C++] [clownacy/cave-story-engine-2](https://github.com/clownacy/cave-story-engine-2) Decompilation of Cave Story (v1.0.0.6)
- [**66**Star][4m] [Go] [tinycedar/lily](https://github.com/tinycedar/lily) Hosts管理工具，双击切换立即生效，告别重启浏览器！ Hosts manager takes effect immediately on switch
- [**66**Star][1m] [JS] [jxlarrea/ha-bt-proximity](https://github.com/jxlarrea/ha-bt-proximity) Distributed Bluetooth Room Presence Sensor for Home Assistant
- [**66**Star][10d] [Py] [haddocking/pdb-tools](https://github.com/haddocking/pdb-tools) A dependency-free cross-platform swiss army knife for PDB files.
- [**66**Star][5m] [Py] [opendevops-cn/codo-tools](https://github.com/opendevops-cn/codo-tools) CODO运维工具支持：告警管理、告警自愈、项目管理、事件管理、加密解密、随机密码、提醒管理等
- [**66**Star][4m] [Kotlin] [glodanif/bluetoothchat](https://github.com/glodanif/bluetoothchat) Messaging over Bluetooth (Android)
- [**66**Star][2m] [Kotlin] [s1monw1/tlslibrary](https://github.com/s1monw1/tlslibrary) Simple TlsLibrary written in Kotlin - Provides DSL for creating TLS connections
- [**66**Star][11d] [Py] [mbinary/algorithm](https://github.com/mbinary/algorithm) 
- [**66**Star][11d] [ASP] [koolshare/ttsoft](https://github.com/koolshare/ttsoft) app plugin/softcenter for tomato firmware.
- [**66**Star][1m] [Py] [adamlaurie/sjcam](https://github.com/adamlaurie/sjcam) A python CLI tool for controlling SJCAM WiFi Sports Cameras
- [**66**Star][11d] [Scala] [linkedin/isolation-forest](https://github.com/linkedin/isolation-forest) A Spark/Scala implementation of the isolation forest unsupervised outlier detection algorithm.
- [**66**Star][10d] [Perl] [dfhack/df-structures](https://github.com/dfhack/df-structures) Dwarf Fortress data structure descriptions
- [**66**Star][10d] [Py] [byt3bl33d3r/dhcpshock](https://github.com/byt3bl33d3r/dhcpshock) Spoofs a DHCP server and exploits all clients vulnerable to the 'ShellShock' bug
- [**66**Star][19d] [Py] [fireeye/adfspoof](https://github.com/fireeye/adfspoof)  forge AD FS security tokens
- [**66**Star][16d] [Ruby] [danielmiessler/caparser](https://github.com/danielmiessler/caparser) A quick and dirty PCAP parser that helps you identify who your applications are sending sensitive data to without encryption.
- [**66**Star][6m] [Py] [gojhonny/pentesting-scripts](https://github.com/gojhonny/pentesting-scripts) Useful pentesting scripts
- [**66**Star][18d] [Py] [evilsocket/pwnagotchi-plugins-contrib](https://github.com/evilsocket/pwnagotchi-plugins-contrib) User contributed Pwnagotchi plugins.
- [**66**Star][12d] [wtsxdev/fuzzing-resources](https://github.com/wtsxdev/fuzzing-resources) List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis
- [**66**Star][29d] [Java] [asamy/p2p-chat](https://github.com/asamy/p2p-chat) Peer-to-peer Chat Application written in Java. This application uses the hybrid model to retrieve a list of available peers.
- [**66**Star][19d] [Py] [dafthack/rdpspray](https://github.com/dafthack/rdpspray) Tool for password spraying RDP
- [**66**Star][1m] [shadowsocks/tun2socks-ios](https://github.com/shadowsocks/tun2socks-ios) tun2socks as a library for iOS apps
- [**66**Star][1m] [Py] [ubernostrum/pwned-passwords-django](https://github.com/ubernostrum/pwned-passwords-django) Utilities for working with the Pwned Passwords database from Django.
- [**66**Star][23d] [Py] [synacktiv-contrib/modmobmap](https://github.com/Synacktiv-contrib/Modmobmap) Map 2G/3G/4G and more cellular networks in real live with a simple smart phone, pretty much like osmocomBB monitoring feature.
- [**66**Star][3m] [C] [robclemons/arpspoof](https://github.com/robclemons/Arpspoof) Android port of Arpspoof
- [**66**Star][2m] [Shell] [m4lv0id/lare](https://github.com/m4lv0id/LARE) [L]ocal [A]uto [R]oot [E]xploiter is a simple bash script that helps you deploy local root exploits from your attacking machine when your victim machine do not have internet connectivity.
- [**66**Star][11d] [C] [tqsoft-gmbh/mod_authn_ntlm](https://github.com/TQsoft-GmbH/mod_authn_ntlm) Apache 2.4 SSPI NTLM based authentication module for windows
- [**66**Star][3y] [Shell] [yukinoshita47/pentest-tools-auto-installer](https://github.com/yukinoshita47/pentest-tools-auto-installer) Tool sederhana buat install tool-tool pentest dan forensic bagi pengguna linux yang jenis nya non-pentest OS
- [**66**Star][19d] [JS] [ysocorp/koa2-ratelimit](https://github.com/ysocorp/koa2-ratelimit) Rate-limiting middleware for Koa2 ES6. Use to limit repeated requests to APIs and/or endpoints such as password reset.
- [**66**Star][5y] [Assembly] [yifanlu/spider3dstools](https://github.com/yifanlu/spider3dstools) Tools to work with 3DS 9.x Spider exploit
- [**66**Star][23d] [yeti-791/apt-guide](https://github.com/yeti-791/apt-guide) APT学习指南（Advanced persistent threat learning Guide）
- [**66**Star][14d] [Py] [xorond/sudo-snooper](https://github.com/xorond/sudo-snooper) Python script that acts like the original sudo binary to fool users into entering their passwords
- [**66**Star][14d] [Perl] [xlogicx/m2elf](https://github.com/xlogicx/m2elf) Converts Machine Code to x86 (32-bit) Linux executable (auto-wrapping with ELF headers)
- [**66**Star][18d] [C] [wolfssl/wolfboot](https://github.com/wolfssl/wolfboot) wolfBoot is a portable, OS-agnostic, secure bootloader for microcontrollers, supporting firmware authentication and firmware update mechanisms.
- [**66**Star][4m] [Py] [vysecurity/att-ck_analysis](https://github.com/vysecurity/att-ck_analysis) Repository for my ATT&CK analysis research.
- [**66**Star][17d] [Lua] [trisulnsm/trisul-scripts](https://github.com/trisulnsm/trisul-scripts) Ready to run scripts for network analysis
- [**66**Star][4y] [Py] [tony1016/burplogfilter](https://github.com/tony1016/burplogfilter) A python3 program to filter Burp Suite log file.
- [**66**Star][4m] [Visual Basic] [thesph1nx/rt-101](https://github.com/thesph1nx/rt-101) VB.net Remote Administrator Tool (RAT)
- [**66**Star][8y] [JS] [therook/csrf-request-builder](https://github.com/therook/csrf-request-builder) 
- [**66**Star][2m] [Py] [temesgeny/ppsx-file-generator](https://github.com/temesgeny/ppsx-file-generator) ppsx file generator for cve-2017-8570 (based on bhdresh/cve-2017-8570)
- [**66**Star][2m] [FORTRAN] [tabacof/adversarial](https://github.com/tabacof/adversarial) Exploring the Space of Adversarial Images
- [**66**Star][26d] [JS] [switchbrew/nx-hbexploit300](https://github.com/switchbrew/nx-hbexploit300) Homebrew exploit for 3.0.0
- [**66**Star][4m] [Java] [stefano-lupo/java-proxy-server](https://github.com/stefano-lupo/java-proxy-server) This is a simple HTTP/HTTPS proxy server written in Java
- [**66**Star][4m] [Go] [stakater/gitwebhookproxy](https://github.com/stakater/gitwebhookproxy) A proxy to let webhooks reach running services behind a firewall – [✩Star] if you're using it!
- [**66**Star][22d] [Rust] [sorz/moproxy](https://github.com/sorz/moproxy) A transparent TCP to SOCKSv5/HTTP proxy on Linux written in Rust.
- [**66**Star][2y] [Java] [sola-da/synode](https://github.com/sola-da/synode) Automatically Preventing Code Injection Attacks on Node.js
- [**66**Star][1m] [C++] [soarlab/maline](https://github.com/soarlab/maline) Android Malware Detection Framework
- [**66**Star][22d] [PHP] [smaash/fuckshitup](https://github.com/smaash/fuckshitup) php-cli vulnerability scanner
- [**66**Star][12d] [PHP] [sirbrillig/phpcs-variable-analysis](https://github.com/sirbrillig/phpcs-variable-analysis) Find undefined and unused variables with the PHP Codesniffer static analysis tool.
- [**66**Star][1y] [JS] [sindresorhus/p-debounce](https://github.com/sindresorhus/p-debounce) Debounce promise-returning & async functions
- [**66**Star][16d] [YARA] [sfaci/masc](https://github.com/sfaci/masc) 扫描网站中的恶意软件, 以及其他一些网站维护功能
- [**66**Star][2m] [Py] [sensepost/anapickle](https://github.com/sensepost/anapickle) Toolset for writing shellcode in Python's Pickle language and for manipulating pickles to inject shellcode.
- [**66**Star][5m] [Py] [redcanaryco/redcanary-response-utils](https://github.com/redcanaryco/redcanary-response-utils) Tools to automate and/or expedite response.
- [**66**Star][25d] [C] [programa-stic/ropc-llvm](https://github.com/programa-stic/ropc-llvm) ropc-llvm is a PoC of a Turing complete ROP compiler with support for a subset of LLVM IR. It is an extension of ropc.
- [**66**Star][15d] [Ruby] [picatz/shodanz](https://github.com/picatz/shodanz) 
- [**66**Star][13d] [Py] [pdkt-team/ctf](https://github.com/pdkt-team/ctf) CTF write-ups by PDKT team with English and Indonesian language
- [**66**Star][2y] [C++] [paranoidninja/scriptdotsh-malwaredevelopment](https://github.com/paranoidninja/scriptdotsh-malwaredevelopment) This repo will contain code snippets for blogs: Malware on Steroids written by me at
- [**66**Star][4y] [Java] [palmerc/securewebsockets](https://github.com/palmerc/securewebsockets) Add SSL support to the Autobahn WebSocket library
- [**66**Star][1m] [pakt/decv](https://github.com/pakt/decv) Decompiler for Code Virtualizer 1.3.8 (Oreans)
- [**66**Star][4m] [JS] [owasp/appsec-browser-bundle](https://github.com/owasp/appsec-browser-bundle) The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.
- [**66**Star][11d] [Py] [opsdisk/metagoofil](https://github.com/opsdisk/metagoofil) An updated version of metagoofil
- [**66**Star][12d] [Go] [openprovider/whoisd](https://github.com/openprovider/whoisd) Openprovider WHOIS server/daemon
- [**66**Star][3m] [Erlang] [okeuday/pest](https://github.com/okeuday/pest) 
- [**66**Star][2m] [Py] [nullhypothesis/scramblesuit](https://github.com/nullhypothesis/scramblesuit) The ScrambleSuit traffic obfuscation protocol.
- [**66**Star][14d] [Ruby] [ninoseki/mihari](https://github.com/ninoseki/mihari) A helper to run OSINT queries & manage results continuously
- [**66**Star][2m] [YARA] [nheijmans/malzoo](https://github.com/nheijmans/malzoo) Mass static malware analysis tool
- [**66**Star][4m] [C++] [nccgroup/xendbg](https://github.com/nccgroup/xendbg) A feature-complete reference implementation of a modern Xen VMI debugger.
- [**66**Star][6m] [JS] [nccgroup/goatcasino](https://github.com/nccgroup/goatcasino) This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.
- [**66**Star][1y] [mitchellkrogza/fail2ban-blacklist-jail-for-repeat-offenders-with-perma-extended-banning](https://github.com/mitchellkrogza/fail2ban-blacklist-jail-for-repeat-offenders-with-perma-extended-banning) A customised jail with action and filter file for Fail2Ban. This jail is based on the recidive jail but makes use of a simple text file to enable extended and permanent bans.
- [**66**Star][1m] [Go] [matishsiao/goinfo](https://github.com/matishsiao/goinfo) get os information use golang
- [**66**Star][13d] [Py] [markclayton/bumpster](https://github.com/markclayton/bumpster) The Unofficial Burp Extension for DNSDumpster.com
- [**66**Star][5m] [HCL] [mantvydasb/red-team-infrastructure-automation](https://github.com/mantvydasb/red-team-infrastructure-automation) Disposable and resilient red team infrastructure with Terraform
- [**66**Star][13d] [Py] [leonjza/qrxfer](https://github.com/leonjza/qrxfer) Transfer files from Air gapped machines using QR codes
- [**66**Star][14d] [kutim/docker-security](https://github.com/kutim/docker-security) docker 安全基线规范
- [**66**Star][1y] [Ruby] [kingsabri/cve-in-ruby](https://github.com/kingsabri/cve-in-ruby) Exploits written & ported to Ruby - no Metasploit
- [**66**Star][3m] [C] [kakaroto/ps3xport](https://github.com/kakaroto/ps3xport) PS3 Backup Manipulation Tool
- [**66**Star][2y] [HTML] [jianmou/vulnctf](https://github.com/jianmou/vulnctf) MiniProject_VulnCTF | A CTF practice environment that links Dockerhub through Github
- [**66**Star][5m] [C++] [jacksonvd/pwnedpasswordsdll](https://github.com/jacksonvd/pwnedpasswordsdll) Open source solution to check prospective AD passwords against previously breached passwords
- [**66**Star][4m] [Java] [isacan/andzu](https://github.com/isacan/andzu) In-App Android Debugging Tool With Enhanced Logging, Networking Info, Crash reporting And More.
- [**66**Star][5y] [JS] [indeedops/shadowbuster](https://github.com/indeedops/shadowbuster) 
- [**66**Star][7y] [Java] [ibrahimbalic/androidrat](https://github.com/ibrahimbalic/androidrat) Android RAT
- [**66**Star][2y] [Java] [realbearcat/s2-055](https://github.com/RealBearcat/S2-055) S2-055 反序列化 CVE-2017-7525
- [**66**Star][5y] [Py] [hikerell/bfuzzer](https://github.com/hikerell/bfuzzer) A Browser Fuzzer for Vulnerbilities
- [**66**Star][1m] [Py] [funoverip/mcafee-sitelist-pwd-decryption](https://github.com/funoverip/mcafee-sitelist-pwd-decryption) Password decryption tool for the McAfee SiteList.xml file
- [**66**Star][7m] [Py] [firefart/cve-2018-7600](https://github.com/firefart/cve-2018-7600) CVE-2018-7600 - Drupal 7.x RCE
- [**66**Star][4m] [JS] [exposejs/expose](https://github.com/exposejs/expose) A Dynamic Symbolic Execution (DSE) engine for JavaScript
- [**66**Star][4y] [PS] [dlwyatt/protecteddata](https://github.com/dlwyatt/protecteddata) PowerShell Module for securely encrypting and sharing secret data such as passwords.
- [**66**Star][10m] [Shell] [developerkunal/converto](https://github.com/developerkunal/converto) Installing Kali linux on Vps Server
- [**66**Star][3y] [Py] [darkquasar/wmi_persistence](https://github.com/darkquasar/wmi_persistence) A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
- [**66**Star][4m] [PHP] [cosasdepuma/securitynotfound](https://github.com/cosasdepuma/securitynotfound) 
- [**66**Star][11m] [Batchfile] [cornerpirate/reportcompiler](https://github.com/cornerpirate/reportcompiler) A tool for importing vulnerability scanner data and then allowing you to manipulate the risks, affected hosts, and create risk ordered output.
- [**66**Star][4m] [Java] [coreyd97/stepper](https://github.com/coreyd97/stepper) A natural evolution of Burp Suite's Repeater tool
- [**66**Star][19d] [OCaml] [copy/gdbprofiler](https://github.com/copy/gdbprofiler) Rich man's profiler, a profiler for native OCaml and other executables
- [**66**Star][15d] [C] [coolervoid/payloadmask](https://github.com/coolervoid/payloadmask) Web Payload list editor to use techniques to try bypass web application firewall - version 0.2
- [**66**Star][2m] [C] [convisoappsec/firefox_tunnel](https://github.com/convisoappsec/firefox_tunnel) use firefox to make a tunnel to remote communication
- [**66**Star][2m] [cmatthewbrooks/r2kit](https://github.com/cmatthewbrooks/r2kit) A set of scripts for a radare-based malware code analysis workflow
- [**66**Star][7y] [C] [chokepoint/jynx2](https://github.com/chokepoint/jynx2) JynxKit2 is an LD_PRELOAD userland rootkit based on the original JynxKit. The backdoor has been replaced with an "accept()" system hook.
- [**66**Star][4m] [C] [carmaa/interrogate](https://github.com/carmaa/interrogate)  a proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage.
- [**66**Star][23d] [Py] [brianwarehime/insp3ctor](https://github.com/brianwarehime/insp3ctor) AWS S3 Bucket/Object Finder
- [**66**Star][3y] [Shell] [bluscreenofjeff/ccdc-scripts](https://github.com/bluscreenofjeff/ccdc-scripts) Scripts and resources for Red Teaming at CCDC competitions
- [**66**Star][6m] [Visual Basic .NET] [blackhacker511/blackworm](https://github.com/blackhacker511/blackworm) Black Worm Offical Repo
- [**66**Star][3y] [Lua] [bastilleresearch/cabletap](https://github.com/bastilleresearch/cabletap) CableTap public disclosure documents.
- [**66**Star][4y] [C] [basil00/pseudonode](https://github.com/basil00/pseudonode) PseudoNode - A full node emulator.
- [**66**Star][2y] [avast-tl/capstone2llvmir](https://github.com/avast-tl/capstone2llvmir) Library for Capstone instruction to LLVM IR translation.
- [**66**Star][11d] [C] [arkq/openaptx](https://github.com/arkq/openaptx) Reverse-engineered apt-X audio codec
- [**66**Star][1y] [C] [0x36/cve-pocs](https://github.com/0x36/cve-pocs) This repo contains some of my vuln research findings
- [**65**Star][10d] [Ruby] [vifreefly/rubium](https://github.com/vifreefly/rubium) Rubium is a lightweight alternative to Selenium/Capybara/Watir if you need to perform some operations (like web scraping) using Headless Chromium and Ruby
- [**65**Star][12d] [Py] [multiversecoder/darknet.py](https://github.com/multiversecoder/darknet.py) darknet.py is a network application with no dependencies other than Python and Tor, useful to anonymize the traffic of linux servers and workstations.
- [**65**Star][8m] [Py] [dongweiming/daenerys](https://github.com/dongweiming/daenerys) Scraping and Web Crawling Framework For Zhihu Live
- [**65**Star][11d] [C] [vusec/trrespass](https://github.com/vusec/trrespass) TRRespass
- [**65**Star][1y] [Py] [jinzhen-lin/scrapy_waimai](https://github.com/jinzhen-lin/scrapy_waimai) 基于Scrapy的外卖平台商家信息爬虫
- [**65**Star][21d] [ASP] [tasooshi/pentesting-cookbook](https://github.com/tasooshi/pentesting-cookbook) A set of recipes useful in fast-paced pentesting / red teaming scenarios
- [**65**Star][13d] [JS] [openzim/gutenberg](https://github.com/openzim/gutenberg) Scraper for downloading the entire ebooks repository of project Gutenberg
- [**65**Star][5m] [JS] [oosalt/shadowsocks-back-china-pac](https://github.com/oosalt/shadowsocks-back-china-pac) 翻墙回国 Clash, PEPI, PAC 规则
- [**65**Star][25d] [C] [pornin/curve9767](https://github.com/pornin/curve9767) 
- [**65**Star][4m] [JS] [softsec-kaist/fuzzing-survey](https://github.com/softsec-kaist/fuzzing-survey) The Art, Science, and Engineering of Fuzzing: A Survey
- [**65**Star][4m] [C] [darvincisec/detectfrida](https://github.com/darvincisec/detectfrida) Detect Frida for Android
- [**65**Star][4m] [Swift] [biatoms/sqlite.viewer](https://github.com/biatoms/sqlite.viewer) An elegant library for debugging sqlite databases in iOS applications
- [**65**Star][1m] [Go] [xtaci/tcpraw](https://github.com/xtaci/tcpraw) Sending packets through TCP
- [**65**Star][5m] [ObjC] [pkuoliver/easyaes](https://github.com/pkuoliver/easyaes) AES encrypt/decrypt, Android, iOS, php compatible(兼容php, Android, iOS平台)
- [**65**Star][5m] [C++] [sisong/apkdiffpatch](https://github.com/sisong/apkdiffpatch) a C++ library and command-line tools for Zip(Jar,Apk) file Diff & Patch; create minimal delta/differential; support Jar sign(apk v1 sign) & apk v2,v3 sign .
- [**65**Star][6m] [Java] [izhangzhihao/forcestopgb](https://github.com/izhangzhihao/forcestopgb) Xposed插件 阻止运行
- [**65**Star][13d] [JS] [ziyi2/algorithms](https://github.com/ziyi2/algorithms) 
- [**65**Star][4m] [C] [glouw/weaver](https://github.com/glouw/weaver) A spider tapestry weaver
- [**65**Star][2y] [C++] [isotoxin/isotoxin](https://github.com/isotoxin/isotoxin) Isotoxin source
- [**65**Star][4m] [C] [vi/tcpsocks](https://github.com/vi/tcpsocks) Redirect traffic to SOCKS5 server with iptables, epoll based, single threaded.
- [**65**Star][2m] [C++] [fupengfei058/algorithm](https://github.com/fupengfei058/algorithm) Leetcode/剑指offer/经典算法题型
- [**65**Star][11d] [Py] [merubokkusu/discord-spam-bots](https://github.com/merubokkusu/discord-spam-bots) Discord spam bots with multiple account support, account creator, auto-join, proxies, mass direct message and more.
- [**65**Star][2m] [JS] [klren0312/stm32_wifi](https://github.com/klren0312/stm32_wifi) stm32 + esp8266 + Express + MySQL + AngularJS + MUI +Maibu(技术过于陈旧, 仅供参考)
- [**65**Star][24d] [Py] [marnix/synology-decrypt](https://github.com/marnix/synology-decrypt) An open source implementation/description of the Synology Cloud Sync encryption/decryption algorithm
- [**65**Star][1y] [JS] [nemo/scrape](https://github.com/nemo/scrape) Distributed Scraper
- [**65**Star][17d] [alexanderstonec/top-100-hacking-security-e-books-free-download-2019](https://github.com/alexanderstonec/top-100-hacking-security-e-books-free-download-2019) Hacking and Cyber Security Ebooks | For More Visit -
- [**65**Star][11d] [PHP] [thekingofduck/bypassavaddusers](https://github.com/thekingofduck/bypassavaddusers) 绕过杀毒软件添加用户
- [**65**Star][1m] [Shell] [nccgroup/asafw](https://github.com/nccgroup/asafw) Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]
- [**65**Star][20d] [Go] [evilsocket/pwngrid](https://github.com/evilsocket/pwngrid) (⌐■_■) - API server for pwnagotchi.ai
- [**65**Star][1y] [zhengmin1989/ios-10-decrypted-kernel-cache](https://github.com/zhengmin1989/ios-10-decrypted-kernel-cache) iOS 10 Decrypted Kernel Cache
- [**65**Star][2m] [xairy/ubuntu-hardening](https://github.com/xairy/ubuntu-hardening) Random tips on how to improve security of Ubuntu Desktop
- [**65**Star][24d] [Dockerfile] [winterssy/ssr-docker](https://github.com/winterssy/ssr-docker) 使用Docker部署ShadowsocksR服务端
- [**65**Star][1m] [Ruby] [gushmazuko/winbypass](https://github.com/gushmazuko/winbypass) Windows UAC Bypass
- [**65**Star][17d] [alexanderstonec/top-100-hacking-security-e-books-free-download-2019](https://github.com/alexanderstonec/Top-100-Hacking-Security-E-Books-Free-Download-2019) Hacking and Cyber Security Ebooks | For More Visit -
- [**65**Star][11d] [Py] [nerrorsec/googledorker](https://github.com/nerrorsec/GoogleDorker) This is a simple tool to automate google hacking when doing web penetration testing or bug hunting.
- [**65**Star][4y] [Py] [nsacyber/splunk-assessment-of-mitigation-implementations](https://github.com/nsacyber/Splunk-Assessment-of-Mitigation-Implementations) Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
- [**65**Star][13d] [Shell] [offxec/samurai](https://github.com/OffXec/Samurai) Samurai Email Discovery - SED is a email discovery framework that grabs emails via google dork, company name, or domain name.
- [**65**Star][2y] [C] [freescale/u-boot-fslc](https://github.com/Freescale/u-boot-fslc) U-Boot tree to host pending fixes and improvements
- [**65**Star][1y] [HTML] [zadewg/livebox-0day](https://github.com/zadewg/livebox-0day) Arcadyan ARV7519RW22-A-L T VR9 1.2 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.
- [**65**Star][4m] [C] [yuawn/hitcon-badge-2019](https://github.com/yuawn/hitcon-badge-2019) HITCON Badge for HITCON CMT 2019.
- [**65**Star][2y] [Go] [yara-rules/yara-endpoint](https://github.com/yara-rules/yara-endpoint) Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
- [**65**Star][19d] [Go] [wrfly/gus-proxy](https://github.com/wrfly/gus-proxy) "打一枪换一个地方" 一个HTTP代理
- [**65**Star][8y] [C++] [wisec/dominator](https://github.com/wisec/dominator) 
- [**65**Star][5y] [C#] [wintellect/procmondebugoutput](https://github.com/wintellect/procmondebugoutput) See your trace statements in Sysinternals Process Monitor
- [**65**Star][11d] [JS] [webbreacher/untappdscraper](https://github.com/webbreacher/untappdscraper) Script to scrape untappd.com content
- [**65**Star][24d] [Py] [wavestone-cdt/dyode](https://github.com/wavestone-cdt/dyode) A low-cost, DIY data diode for ICS
- [**65**Star][3m] [Visual Basic] [visualbasic6/chatter](https://github.com/visualbasic6/chatter) internet monitoring osint tool for windows
- [**65**Star][1m] [Py] [viele/onionskinrenderer](https://github.com/viele/onionskinrenderer) This is an Onion Skin Renderer for Autodesk Maya
- [**65**Star][18d] [Shell] [vay3t/hax0rpi](https://github.com/vay3t/hax0rpi) A Raspberry Pi Hacker Tools suite
- [**65**Star][5m] [C++] [unprovable/lorachat](https://github.com/unprovable/lorachat) LoRa Chat firmware for Heltec ESP32 LoRa boards (w/ the onboard OLED)
- [**65**Star][10d] [timip/osee](https://github.com/timip/osee) OSEE Preparation
- [**65**Star][4m] [thyrlian/charles-proxy-mobile-guide](https://github.com/thyrlian/charles-proxy-mobile-guide) The mobile hackers' guide to Charles Proxy
- [**65**Star][4m] [HTML] [tgeaus/weak-password](https://github.com/tgeaus/weak-password)  dictionary
- [**65**Star][3m] [Py] [tbarabosch/quincy](https://github.com/tbarabosch/quincy) 在内存转储中检测基于主机的代码注入攻击
- [**65**Star][8m] [Py] [t4mo/http-proxy-scan](https://github.com/t4mo/http-proxy-scan) Use Censys.io Scan Http Proxy
- [**65**Star][2m] [Py] [sysinsider/usbtracker](https://github.com/sysinsider/usbtracker) Quick & dirty coded incident response and forensics python script to track USB devices events and artifacts in a Windows OS (Vista and later).
- [**65**Star][1m] [Haskell] [snoyberg/markdown](https://github.com/snoyberg/markdown) Convert Markdown to HTML, with XSS protection
- [**65**Star][3m] [Go] [smithclay/faassh](https://github.com/smithclay/faassh) simple go SSH server with reverse tunneling designed for running in cloud functions like AWS lambda
- [**65**Star][2y] [Py] [skelsec/pykerberoast](https://github.com/skelsec/pykerberoast) Implementing Kerberoast attack fully in python
- [**65**Star][2m] [C] [sha0/winvblock](https://github.com/sha0/winvblock) WinVBlock (derived from WinAoE) AoE, MEMDISK, GRUB4DOS RAM Disk, File-Backed Disk Driver
- [**65**Star][10m] [sh1n0g1/shinobot](https://github.com/sh1n0g1/shinobot) RAT / Botnet Simulator for pentest / education
- [**65**Star][3y] [Py] [sethsec/pycodeinjection](https://github.com/sethsec/pycodeinjection) Automated Python Code Injection Tool
- [**65**Star][2m] [Go] [sensepost/notruler](https://github.com/sensepost/notruler) The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
- [**65**Star][3m] [secdr/sec-ml](https://github.com/secdr/sec-ml) security machine learning
- [**65**Star][2m] [HTML] [santandersecurityresearch/asvs](https://github.com/santandersecurityresearch/asvs) A simple web app that helps developers understand the ASVS requirements.
- [**65**Star][2y] [C#] [rvrsh3ll/sharpfruit](https://github.com/rvrsh3ll/sharpfruit) A C# penetration testing tool to discover low-haning web fruit via web requests.
- [**65**Star][14d] [C] [rmusser01/hyperdbg](https://github.com/rmusser01/hyperdbg) Automatically exported from code.google.com/p/hyperdbg
- [**65**Star][4y] [redhatproductsecurity/cve-howto](https://github.com/redhatproductsecurity/cve-howto) CVE assignment documentation
- [**65**Star][3m] [C++] [premgopalan/svinet](https://github.com/premgopalan/svinet) This package implements algorithms for identifying overlapping communities in large undirected networks. The sampling based algorithms derive from stochastic variational inference under the (assortative) mixed-membership stochastic blockmodel. For details see the following reference:
- [**65**Star][1m] [Java] [pranav-patil/spring-microservices](https://github.com/pranav-patil/spring-microservices) Spring Cloud Micro Services with Eureka Discovery, Zuul Proxy, OAuth2 Security, Hystrix CircuitBreaker, Sleuth Zipkin, ELK Stack Logging, Kafka, Docker and many new features
- [**65**Star][26d] [Go] [pieterlouw/caddy-net](https://github.com/pieterlouw/caddy-net) Proxy server type for Caddy server (
- [**65**Star][11m] [PHP] [owasp/owaspwebgoatphp](https://github.com/owasp/owaspwebgoatphp) A deliberately vulnerable web application for learning web application security.
- [**65**Star][13d] [Go] [openbazaar/go-onion-transport](https://github.com/openbazaar/go-onion-transport) Tor onion transport for IPFS
- [**65**Star][3y] [Py] [ojasookert/cve-2017-0781](https://github.com/ojasookert/cve-2017-0781) Blueborne CVE-2017-0781 Android heap overflow vulnerability
- [**65**Star][2y] [Py] [oalabs/pyiatrebuild](https://github.com/oalabs/pyiatrebuild) Automatically rebuild Import Address Table for dumped PE file. With python bindings!
- [**65**Star][5y] [PHP] [nyx0/tinba](https://github.com/nyx0/tinba) Tinba Banking Trojan
- [**65**Star][11d] [JS] [niklasvh/html2canvas-proxy-nodejs](https://github.com/niklasvh/html2canvas-proxy-nodejs) Express middleware proxy for html2canvas
- [**65**Star][19d] [Py] [nccgroup/ssh_user_enum](https://github.com/nccgroup/ssh_user_enum) SSH User Enumeration Script in Python Using The Timing Attack
- [**65**Star][3m] [Vue] [nao-sec/tknk_scanner](https://github.com/nao-sec/tknk_scanner) 基于社区的集成恶意软件识别系统
- [**65**Star][3m] [C] [mrrraou/waithax](https://github.com/mrrraou/waithax) An implementation of the waithax / slowhax 3DS Kernel11 exploit.
- [**65**Star][1y] [Gherkin] [minishift/minishift-addons](https://github.com/minishift/minishift-addons) A repository for the community to exchange Minishift add-ons
- [**65**Star][4m] [Shell] [mdrights/liveslak](https://github.com/mdrights/liveslak) 中文化的隐私加强 GNU/Linux 系统 - Forked from Alien Bob's powerful building script for Slackware Live.
- [**65**Star][1y] [Pascal] [mahdisafsafi/univdisasm](https://github.com/mahdisafsafi/univdisasm) x86 Disassembler and Analyzer
- [**65**Star][3m] [C] [m-pays/m-cpuminer-v2](https://github.com/m-pays/m-cpuminer-v2) Latest miner (m-minerd)
- [**65**Star][5m] [Java] [lovejj1994/simplify-core](https://github.com/lovejj1994/simplify-core) Simplify 为简化重复的JAVA代码而生，基于JDK8，无其它jar包依赖，提供序列化，json parse/generator，日期处理,asm && jdkproxy 实现动态代理功能 等常见操作。
- [**65**Star][25d] [Py] [lorexxar/redis-rogue-server](https://github.com/lorexxar/redis-rogue-server) Redis 4.x & 5.x RCE
- [**65**Star][26d] [Shell] [liuzhengyang/hsdis](https://github.com/liuzhengyang/hsdis) hotspot disassembler hsdis
- [**65**Star][13d] [Rust] [limeth/ethaddrgen](https://github.com/limeth/ethaddrgen) Custom Ethereum vanity address generator made in Rust
- [**65**Star][1m] [Py] [lclevy/unarcrypto](https://github.com/lclevy/unarcrypto) unarcrypto is an educational tool to depict cryptography usage in zip, rar and 7zip archives
- [**65**Star][4m] [C] [lazenca/kernel-exploit-tech](https://github.com/lazenca/kernel-exploit-tech) Linux Kernel exploitation Tutorial.
- [**65**Star][4m] [Py] [ktbyers/netmiko_tools](https://github.com/ktbyers/netmiko_tools) Command line tools built on Netmiko to simplify information gathering
- [**65**Star][13d] [C] [koodous/androguard-yara](https://github.com/koodous/androguard-yara) Module to use Androguard with Yara
- [**65**Star][1m] [Go] [knqyf263/gost](https://github.com/knqyf263/gost) Build a local copy of Security Tracker. Notify via E-mail/Slack if there is an update.
- [**65**Star][2y] [Py] [kasperskylab/vbscriptinternals](https://github.com/kasperskylab/vbscriptinternals) Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
- [**65**Star][12d] [Rust] [alacritty/vte](https://github.com/alacritty/vte) Parser for virtual terminal emulators
- [**65**Star][20d] [Dockerfile] [john-lin/docker-snort](https://github.com/john-lin/docker-snort) Snort in Docker for Network Functions Virtualization (NFV)
- [**65**Star][19d] [C++] [jesseemond/cheat-and-gin](https://github.com/jesseemond/cheat-and-gin) C++ cheat engine (memory scanner)
- [**65**Star][3m] [Java] [jaxio/celerio](https://github.com/jaxio/celerio) Celerio is a code generator tool for data-driven application.
- [**65**Star][17d] [Py] [initstring/lxd_root](https://github.com/initstring/lxd_root) Linux privilege escalation via LXD
- [**65**Star][15d] [TSQL] [horsicq/xntsv](https://github.com/horsicq/xntsv) XNTSV program for detailed viewing of system structures for Windows.
- [**65**Star][1m] [C] [hiikezoe/android_run_root_shell](https://github.com/hiikezoe/android_run_root_shell) 
- [**65**Star][20d] [YARA] [hestat/lw-yara](https://github.com/hestat/lw-yara) Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
- [**65**Star][4m] [Py] [ha3mrx/hacking](https://github.com/ha3mrx/hacking) Ha3Mrx Pentesting and Security Hacking
- [**65**Star][4m] [guyanqi/awesome-privacy](https://github.com/guyanqi/awesome-privacy) Repository for collection of research papers on privacy.
- [**65**Star][28d] [C#] [guillac/wsmanager](https://github.com/guillac/wsmanager) Webshell Manager
- [**65**Star][6y] [Java] [guardianproject/trustedintents](https://github.com/guardianproject/trustedintents) library for flexible trusted interactions between Android apps
- [**65**Star][4m] [Java] [ghosts/maus](https://github.com/ghosts/maus) Lightweight remote administrative client written in Java.
- [**65**Star][8y] [C] [gdbinit/pydbg64](https://github.com/gdbinit/pydbg64) PyDBG64 - OS X PyDbg with 64 bits support
- [**65**Star][1m] [Shell] [galeone/letsencrypt-lighttpd](https://github.com/galeone/letsencrypt-lighttpd) Renew your let's encrypt certificates monthly, using lighttpd as webserver.
- [**65**Star][4m] [JS] [freethenation/dfpm](https://github.com/freethenation/dfpm) DFPM is a browser extension for detecting browser fingerprinting.
- [**65**Star][5m] [Shell] [floyd-fuh/crass](https://github.com/floyd-fuh/crass) Code Review Audit Script Scanner
- [**65**Star][4m] [C++] [fare9/anbu](https://github.com/fare9/anbu) ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
- [**65**Star][2m] [C] [emptymonkey/drinkme](https://github.com/emptymonkey/drinkme) A shellcode testing harness.
- [**65**Star][1y] [emadshanab/facebook-bug-bounty-writeups](https://github.com/emadshanab/facebook-bug-bounty-writeups) Facebook Bug Bounties
- [**65**Star][13d] [PHP] [divineomega/laravel-password-exposed-validation-rule](https://github.com/divineomega/laravel-password-exposed-validation-rule) 
- [**65**Star][4y] [Shell] [da667/667s_shitlist](https://github.com/da667/667s_shitlist) Hi kids, do you like cyber violence? Wanna see me destroy evil in the blink of an eyelid?
- [**65**Star][3y] [PHP] [cymmetria/strutshoneypot](https://github.com/cymmetria/strutshoneypot) Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers
- [**65**Star][12d] [Py] [command-tab/awesome-n64-development](https://github.com/command-tab/awesome-n64-development) A curated list of Nintendo 64 development resources including toolchains, documentation, emulators, and more
- [**65**Star][4m] [Py] [charlysan/pyrfidhid](https://github.com/charlysan/pyrfidhid) Python library to control Chinese USB HID 125Khz RFID Reader/Writer
- [**65**Star][7m] [Py] [carlospolop/legion](https://github.com/carlospolop/legion) Automatic Enumeration Tool based in Open Source tools
- [**65**Star][2y] [Py] [capt-meelo/telewreck](https://github.com/capt-meelo/telewreck) A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.
- [**65**Star][1m] [Java] [calebwhiting/java-asm-obfuscator](https://github.com/calebwhiting/java-asm-obfuscator) Obfuscates compiled java code to make it harder to reverse engineer.
- [**65**Star][3m] [Lua] [c0nw0nk/nginx-lua-anti-ddos](https://github.com/c0nw0nk/nginx-lua-anti-ddos) A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack mode an Anti-DDoS authentication page protect yourself from every attack type All Layer 7 Attacks Mitigating Historic Attacks DoS DoS Implications DDoS All Brute Force Attacks Zero day exploits Soc…
- [**65**Star][13d] [C] [buffer/libemu](https://github.com/buffer/libemu) x86 emulation and shellcode detection
- [**65**Star][15d] [Go] [botherder/snoopdigg](https://github.com/botherder/snoopdigg) Simple utility to ease the process of collecting evidence to find infections
- [**65**Star][4m] [bc-security/defcon27](https://github.com/bc-security/defcon27) 
- [**65**Star][13d] [Py] [attackercan/teamviewer-dumper](https://github.com/attackercan/teamviewer-dumper) Dump TeamViewer ID and password from memory. Works much better than other tools.
- [**65**Star][4m] [ObjC] [antoinet/valora](https://github.com/antoinet/valora) WiFi Tracker Confuser
- [**65**Star][6y] [Py] [anbc/andbug](https://github.com/anbc/andbug) Android Debugging Library
- [**65**Star][17d] [C++] [alphaseclab/anti-debug](https://github.com/alphaseclab/anti-debug) 
- [**65**Star][10d] [Py] [afagarap/gru-svm](https://github.com/afagarap/gru-svm) [ICMLC 2018] A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection
- [**65**Star][4m] [Py] [adulau/malwareclassifier](https://github.com/adulau/malwareclassifier) Malware Classifier From Network Captures
- [**65**Star][6m] [Shell] [adhdproject/buildkit](https://github.com/adhdproject/buildkit) 
- [**65**Star][4m] [C++] [abenkhadra/spedi](https://github.com/abenkhadra/spedi) Speculative disassembly, CFG recovery, and call-graph recovery from stripped binaries.
- [**65**Star][4m] [Java] [aagarwal1012/image-steganography-library-android](https://github.com/aagarwal1012/image-steganography-library-android) 
- [**65**Star][21d] [Py] [cyber-prog0x/poc-bank](https://github.com/cyber-prog0x/PoC-Bank) Focus on cybersecurity | collection of PoC and Exploits
- [**65**Star][5m] [C] [0xabu/qemu](https://github.com/0xabu/qemu) OLD qemu with Raspberry Pi 2 and Windows on ARM support. Retained for reference purposes only -- most of this has been merged upstream.
- [**64**Star][12d] [Py] [tg12/rapid7_osint](https://github.com/tg12/rapid7_osint) All the tools you need to make your own mind up from the Open Data Sets
- [**64**Star][10d] [C++] [ivan-sincek/invoker](https://github.com/ivan-sincek/invoker) Penetration testing utility.
- [**64**Star][9m] [Py] [dwarfthief/raspagem-de-dados-para-iniciantes](https://github.com/dwarfthief/raspagem-de-dados-para-iniciantes) Raspagem de dados para iniciante usando Scrapy e outras libs básicas
- [**64**Star][11m] [Jupyter Notebook] [cuhksz-tql/weibospider_sentimentanalysis](https://github.com/cuhksz-tql/weibospider_sentimentanalysis) 借助Python抓取微博数据，并对抓取的数据进行情绪分析
- [**64**Star][1y] [Java] [linyaotian/p2pchat](https://github.com/linyaotian/p2pchat) 一个基于局域网的 Android P2P 聊天系统
- [**64**Star][1m] [R] [jennybc/debugging](https://github.com/jennybc/debugging) Talk about general debugging strategies. How to be less confused and frustrated.
- [**64**Star][4m] [Java] [kangu4/bigdataplatform](https://github.com/kangu4/bigdataplatform) 基于大数据、数据平台、微服务、机器学习、商城、自动化运维、DevOps、容器部署平台、数据平台采集、数据平台存储、数据平台计算、数据平台开发、数据平台应用搭建的大数据解决方案。
- [**64**Star][10d] [Py] [kenneth663/gaode_spider](https://github.com/kenneth663/gaode_spider) 高德poi爬虫(elasticsearch mongodb)
- [**64**Star][13d] [JS] [transitive-bullshit/sms-number-verifier](https://github.com/transitive-bullshit/sms-number-verifier) Allows you to spoof SMS number verification.
- [**64**Star][1m] [Go] [mozilla/libaudit-go](https://github.com/mozilla/libaudit-go) go package for interfacing with Linux audit
- [**64**Star][23d] [Py] [quarkslab/samsung-trustzone-research](https://github.com/quarkslab/samsung-trustzone-research) Reverse-engineering tools and exploits for Samsung's implementation of TrustZone
- [**64**Star][3m] [Jupyter Notebook] [5agado/conversation-analyzer](https://github.com/5agado/conversation-analyzer) Analyzer and statistics generator for text-based conversations. Includes Facebook scraper and parser
- [**64**Star][3m] [Java] [srsandy/data-structures-and-algorithms-in-java-2nd-edition-by-robert-lafore](https://github.com/srsandy/data-structures-and-algorithms-in-java-2nd-edition-by-robert-lafore) Data Structures and Algorithms in Java 2nd Edition by Robert Lafore
- [**64**Star][15d] [Py] [mirceaulinic/salt-sproxy](https://github.com/mirceaulinic/salt-sproxy) Salt plugin to automate the management and configuration of (network) devices at scale, without running (Proxy) Minions.
- [**64**Star][25d] [Shell] [rockchip-linux/rkbin](https://github.com/rockchip-linux/rkbin) Firmware and Tool Binarys
- [**64**Star][10d] [PHP] [r-a-y/mobile-hosts](https://github.com/r-a-y/mobile-hosts) HOSTS files converted or sourced from various filter lists to prevent ads and tracking.
- [**64**Star][5m] [Py] [not-kennethreitz/pysoundcloud](https://github.com/not-kennethreitz/pysoundcloud) Scraping the Un–scrapable™
- [**64**Star][2m] [Java] [novacrypto/bip39](https://github.com/novacrypto/bip39) Java Microlibrary implementation of BIP0039
- [**64**Star][18d] [C#] [mehmetozkaya/dotnetcrawler](https://github.com/mehmetozkaya/dotnetcrawler) DotnetCrawler is a straightforward, lightweight web crawling/scrapying library for Entity Framework Core output based on dotnet core. This library designed like other strong crawler libraries like WebMagic and Scrapy but for enabling extandable your custom requirements. Medium link :
- [**64**Star][1m] [Elixir] [marcelog/logger_logstash_backend](https://github.com/marcelog/logger_logstash_backend) Logstash backend for the Elixir Logger
- [**64**Star][2y] [ipl/fraud-detection-papers](https://github.com/ipl/fraud-detection-papers) A collection of research and survey papers of fraud detection mainly in advertising.
- [**64**Star][14d] [Shell] [125k/pwrdeauther](https://github.com/125k/pwrdeauther) 
- [**64**Star][19d] [ga1ois/bluehat-2019-seattle](https://github.com/ga1ois/bluehat-2019-seattle) All the materials in BlueHat 2019 Seattle will be realeased here.
- [**64**Star][3m] [C++] [zyantific/remodel](https://github.com/zyantific/remodel) Data and class remodeling library
- [**64**Star][14d] [Shell] [r00t-3xp10it/netool-toolkit](https://github.com/r00t-3xp10it/netool-toolkit) MitM pentesting opensource toolkit (scan/sniff/exploit) -- NOT SUPORTED ANYMORE --
- [**64**Star][1y] [nationalsecurityagency/ghidra-data](https://github.com/nationalsecurityagency/ghidra-data) a companion repository to the Ghidra source code repository, as a place to put data sets that improve Ghidra
- [**64**Star][19d] [JS] [rhinosecuritylabs/swagger-ez](https://github.com/rhinosecuritylabs/swagger-ez) A tool geared towards pentesting APIs using OpenAPI definitions.
- [**64**Star][1m] [JS] [ethjs/ethjs-provider-signer](https://github.com/ethjs/ethjs-provider-signer) A simple web3 standard provider that signs eth_sendTransaction payloads.
- [**64**Star][1m] [C] [juniorjacob/readwrite-kernel-stable](https://github.com/juniorjacob/readwrite-kernel-stable) a more stable & secure read/write virtual memory for kernel mode drivers
- [**64**Star][2m] [Py] [cortexelus/dadabots](https://github.com/cortexelus/dadabots) Soundcloud bots that spider soundcloud remixing tracks.
- [**64**Star][5m] [Py] [joshvillbrandt/wireless](https://github.com/joshvillbrandt/wireless) A dead simple, cross-platform Python library to connect to wireless networks.
- [**64**Star][11d] [bslassey/privacy-budget](https://github.com/bslassey/privacy-budget) 
- [**64**Star][12d] [Py] [hamz-a/frida-android-helper](https://github.com/hamz-a/frida-android-helper) Frida Android utilities
- [**64**Star][20d] [Py] [vysecurity/maiint](https://github.com/vysecurity/MaiInt) OSINT Organization Employee Profiling Tool for MaiMai
- [**64**Star][2m] [Shell] [cyb0r9/dvr-exploiter](https://github.com/Cyb0r9/DVR-Exploiter) DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995
- [**64**Star][14d] [Shell] [125k/pwrdeauther](https://github.com/125K/PwrDeauther) 
- [**64**Star][2m] [Java] [qiuming/zhihuwebspider](https://github.com/qiuming/zhihuwebspider) 知乎爬虫，基于webmagic框架 .A java web spider base on webmagic.
- [**64**Star][10d] [Py] [opencybersecurityalliance/stix-shifter](https://github.com/opencybersecurityalliance/stix-shifter) This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
- [**64**Star][1m] [C++] [helpsystems/sentinel](https://github.com/helpsystems/sentinel) Sentinel is a command line tool able to protect Windows 32 bit programs against exploits targeted by attackers or viruses. It can protect your programs against 0-day attacks or publicly known bugs.
- [**64**Star][17d] [C] [zigzagsecurity/survival-guide-radare2](https://github.com/zigzagsecurity/survival-guide-radare2) Basic tutorials for reverse engineer with radare2
- [**64**Star][4m] [Py] [zhongzhi107/raspberry-pi-tutorials](https://github.com/zhongzhi107/raspberry-pi-tutorials) 面向软件工程师的树莓派入门教程
- [**64**Star][1m] [Ruby] [zed-0xff/ctf](https://github.com/zed-0xff/ctf) some tasks/solutions from CTF challenges
- [**64**Star][8y] [Java] [yifanlu/psxperia](https://github.com/yifanlu/psxperia) This tool will take a PSX image that you legally own and convert it to be playable on the Xperia Play with the emulator extracted from the packaged game "Crash Bandicoot."
- [**64**Star][1m] [C] [xyzz/amonet](https://github.com/xyzz/amonet) A bootrom exploit for MediaTek devices
- [**64**Star][1y] [Py] [xorpd/idsearch](https://github.com/xorpd/idsearch) A search tool for IDA
- [**64**Star][5m] [Py] [xnffdd/proxypool](https://github.com/xnffdd/proxypool) 自建免费IP代理池。
- [**64**Star][12d] [PS] [wortell/azsentinel](https://github.com/wortell/azsentinel) PowerShell module for Azure Sentinel
- [**64**Star][2m] [Py] [wazehell/metateta](https://github.com/wazehell/metateta) Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit
- [**64**Star][1y] [Shell] [vs4vijay/swissarmypi](https://github.com/vs4vijay/swissarmypi) A set of utility/tools to make Raspberry Pi [Zero W] into Swiss Army Knife
- [**64**Star][17d] [JS] [try-to/electron-proxy](https://github.com/try-to/electron-proxy) 基于electron开发的内网穿透工具，支持多系统，支持任意本地端口.
- [**64**Star][1y] [Py] [treussart/probemanager](https://github.com/treussart/probemanager) Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
- [**64**Star][4m] [PS] [texhex/biossledgehammer](https://github.com/texhex/biossledgehammer) Automated BIOS, ME, TPM firmware update and BIOS settings for HP devices
- [**64**Star][2y] [Go] [tengzhangchao/portscan](https://github.com/tengzhangchao/portscan) 端口扫描器
- [**64**Star][21d] [Py] [teknogeek/fresh.py](https://github.com/teknogeek/fresh.py) An efficient multi-threaded DNS resolver validator
- [**64**Star][2m] [Ruby] [tallakt/modbus-cli](https://github.com/tallakt/modbus-cli) Modbus command line utility
- [**64**Star][3y] [Py] [syss-research/radio-hackbox](https://github.com/syss-research/radio-hackbox) PoC tool to demonstrate vulnerabilities in wireless input devices
- [**64**Star][26d] [Py] [switchbrew/nx-hbexploit300-obf](https://github.com/switchbrew/nx-hbexploit300-obf) Homebrew exploit for 3.0.0
- [**64**Star][16d] [OCaml] [stephenrkell/libcrunch](https://github.com/stephenrkell/libcrunch) Runtime + instrumentation adding precise, accurate and fash(-ish) dynamic checking to C (bounds errors, type confusion, ...).
- [**64**Star][2y] [Py] [srounet/pymem](https://github.com/srounet/pymem) A python library for windows, providing the needed functions to start working on your own with memory editing.
- [**64**Star][6y] [Py] [sqall01/zwoelf](https://github.com/sqall01/zwoelf) An ELF parsing and manipulation library for Python
- [**64**Star][17d] [C] [smihica/pyminizip](https://github.com/smihica/pyminizip) To create a password encrypted zip file in python.
- [**64**Star][4m] [C] [shuax/locateip](https://github.com/shuax/locateip) 高效的IP数据库解析库
- [**64**Star][20d] [C] [seemoo-lab/bcm-public](https://github.com/seemoo-lab/bcm-public) DEPRECATED: Monitor Mode and Firmware patching framework for the Google Nexus 5, development moved to:
- [**64**Star][26d] [JS] [secgroup/flower](https://github.com/secgroup/flower) TCP flow analyzer with sugar for A/D CTF
- [**64**Star][5m] [Ruby] [rhtconsulting/cfme-rhconsulting-scripts](https://github.com/rhtconsulting/cfme-rhconsulting-scripts) 
- [**64**Star][1y] [Py] [reptilehaus/eternal-blue](https://github.com/reptilehaus/eternal-blue) REPTILEHAUS' simplified build process of Worawit Wang' (@sleepya_) version of EternalBlue.. The NSA exploit brought to you by the ShadowBrokers for exploiting MS17-010
- [**64**Star][6m] [Py] [pylyf/networm](https://github.com/pylyf/networm) Python network worm that spreads on the local network and gives the attacker control of these machines.
- [**64**Star][27d] [Java] [psycopaths/jdart](https://github.com/psycopaths/jdart) A dynamic symbolic analysis tool for Java
- [**64**Star][4m] [PS] [psconfeu/2019](https://github.com/psconfeu/2019) Code, Materials and Slides for psconf.eu 2019
- [**64**Star][15d] [Assembly] [pret/pokepinball](https://github.com/pret/pokepinball) disassembly of pokémon pinball
- [**64**Star][4y] [Py] [poorbillionaire/windows-prefetch-parser](https://github.com/poorbillionaire/windows-prefetch-parser) Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
- [**64**Star][6m] [C] [plashchynski/viewssld](https://github.com/plashchynski/viewssld) viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detection Systems (IDS).
- [**64**Star][6y] [Py] [paulsec/spipscan](https://github.com/paulsec/spipscan) SPIP (CMS) Scanner for penetration testing purpose written in Python
- [**64**Star][5m] [opsxcq/proxy-list](https://github.com/opsxcq/proxy-list) A curated list of free public proxy servers
- [**64**Star][10d] [C++] [openorbis/mira-project](https://github.com/openorbis/mira-project) mira rewrite in cxx
- [**64**Star][3m] [Py] [nicksanzotta/wifisuite](https://github.com/nicksanzotta/wifisuite) Enterprise WPA Wireless Tool Suite
- [**64**Star][10d] [Go] [netflix-skunkworks/aws-metadata-proxy](https://github.com/netflix-skunkworks/aws-metadata-proxy) AWS Metadata Proxy for protection against SSRF
- [**64**Star][1m] [Py] [n00py/post-ex](https://github.com/n00py/post-ex) Post-exploitation scripts for OS X persistence and privesc
- [**64**Star][2y] [Py] [mthbernardes/whoamimailbot](https://github.com/mthbernardes/whoamimailbot) 
- [**64**Star][1y] [C] [mthbernardes/qmkhuehuebr](https://github.com/mthbernardes/qmkhuehuebr) Trying to hack into keyboards
- [**64**Star][5m] [Py] [mh4x0f/b1tifi](https://github.com/mh4x0f/b1tifi) ssh management tool to provides commandline access to a remote system running SSH server
- [**64**Star][5m] [Py] [martinohanlon/bluedot](https://github.com/martinohanlon/bluedot) A zero boiler plate bluetooth remote
- [**64**Star][2y] [Py] [lbarman/kali-tools](https://github.com/lbarman/kali-tools) Run Kali tools on all distributions. Offline search, including in package descriptions.
- [**64**Star][12m] [Py] [jvns/zine-formatter](https://github.com/jvns/zine-formatter) Small Python script for formatting zines into booklets
- [**64**Star][2m] [Go] [johnsonz/go-sni-detector](https://github.com/johnsonz/go-sni-detector) A go application to scan sni ip
- [**64**Star][27d] [JS] [joevennix/lan-js](https://github.com/joevennix/lan-js) Probe LAN devices from a web browser.
- [**64**Star][6m] [ObjC] [javerous/torchat-mac](https://github.com/javerous/torchat-mac) macOS native TorChat client
- [**64**Star][2m] [Py] [jaksi/awslog](https://github.com/jaksi/awslog) Show the history and changes between configuration versions of AWS resources
- [**64**Star][4m] [JS] [jake-cryptic/absolutedoubletrace](https://github.com/jake-cryptic/absolutedoubletrace) A web extension to block browser fingerprinting
- [**64**Star][7m] [HTML] [j3ers3/passlist](https://github.com/j3ers3/passlist) 
- [**64**Star][12d] [C++] [henrypp/errorlookup](https://github.com/henrypp/errorlookup) Simple tool for retrieving information about Windows errors codes.
- [**64**Star][10m] [Smali] [hellohudi/androidreversenotes](https://github.com/hellohudi/androidreversenotes) Android逆向笔记---从入门到入土
- [**64**Star][1m] [Py] [he1m4n6a/dictbuilder](https://github.com/he1m4n6a/dictbuilder) 渗透测试中字典生成工具
- [**64**Star][1m] [PS] [harmj0y/cortana](https://github.com/harmj0y/cortana) This is a pack of Cortana scripts commonly used on our pentests.
- [**64**Star][2m] [hannob/apache-uaf](https://github.com/hannob/apache-uaf) Apache use after free bug infos / ASAN stack traces
- [**64**Star][2m] [Dockerfile] [hangim/kcp-shadowsocks-docker](https://github.com/hangim/kcp-shadowsocks-docker) A docker image for shadowsocks server with KCPTUN support
- [**64**Star][15d] [C] [hackedteam/soldier-win](https://github.com/hackedteam/soldier-win) RCS Soldier for Windows
- [**64**Star][1m] [C] [gnaixx/anti-debug](https://github.com/gnaixx/anti-debug) Android detect debugger
- [**64**Star][4m] [Java] [globalpolicy/phonemonitor](https://github.com/globalpolicy/phonemonitor) A Remote Administration Tool for Android devices
- [**64**Star][3y] [C] [georgeargyros/snowflake](https://github.com/georgeargyros/snowflake) Snowflake is a tool for exploiting randomness vulnerabilities by seed recovery attacks targetting the rand() and mt_rand() generators in PHP applications.
- [**64**Star][6m] [Py] [fnmsd/chunkedhttpadapter](https://github.com/fnmsd/chunkedhttpadapter) 参考《利用分块传输吊打所有WAF》修改的requests的Adapter
- [**64**Star][16d] [Shell] [evyatarmeged/stegextract](https://github.com/evyatarmeged/stegextract) Detect hidden files and text in images
- [**64**Star][4m] [C#] [eternalc0der/teleshadow3](https://github.com/eternalc0der/teleshadow3) Telegram Desktop Session Stealer
- [**64**Star][5y] [PS] [enigma0x3/outlookpersistence](https://github.com/enigma0x3/outlookpersistence) 
- [**64**Star][1y] [Py] [engmaher/baf](https://github.com/engmaher/baf) Blind Attacking Framework
- [**64**Star][23d] [Go] [notdodo/pastego](https://github.com/notdodo/pastego) Scrape/Parse Pastebin using GO and expression grammar (PEG)
- [**64**Star][1y] [FreeMarker] [dvdandroid/xposedmoduletemplate](https://github.com/dvdandroid/xposedmoduletemplate) Easily create a Xposed Module with Android Studio
- [**64**Star][3m] [Py] [dogoncouch/logesp](https://github.com/dogoncouch/logesp) Open Source SIEM (Security Information and Event Management system).
- [**64**Star][27d] [Py] [dmuhs/pastebin-scraper](https://github.com/dmuhs/pastebin-scraper) Live-scraping pastebin to fight boredom.
- [**64**Star][3m] [Py] [deepdivesec/gitmad](https://github.com/deepdivesec/gitmad) Monitor, Alert, and Discover sensitive info and data leakage on Github.
- [**64**Star][11d] [Py] [danghvu/pwp](https://github.com/danghvu/pwp) Python Web framework P0wner
- [**64**Star][14d] [JS] [coolervoid/nozes](https://github.com/coolervoid/nozes) Pentest cmd manager- ALpha
- [**64**Star][12d] [Py] [cisco-sas/katnip](https://github.com/cisco-sas/katnip) Extension library for the Kitty fuzzing framework
- [**64**Star][4m] [C++] [changeofpace/mouhidinputhook](https://github.com/changeofpace/mouhidinputhook) MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
- [**64**Star][10d] [C++] [cert-polska/ursadb](https://github.com/cert-polska/ursadb) Trigram database written in C++, suited for malware indexing
- [**64**Star][1m] [bash-c/slides](https://github.com/bash-c/slides) won't maintain
- [**64**Star][14d] [Verilog] [azonenberg/antikernel](https://github.com/azonenberg/antikernel) The Antikernel operating system project
- [**64**Star][2m] [Py] [az0ne/python_backdoor](https://github.com/az0ne/python_backdoor) 过360主动防御360杀毒以前99%杀软的python后门
- [**64**Star][4m] [Py] [arthastang/iot-home-guard](https://github.com/arthastang/iot-home-guard) A tool for malicious behavior detection in IoT devices
- [**64**Star][19d] [Go] [appliscale/cloud-security-audit](https://github.com/appliscale/cloud-security-audit) A command line security audit tool for Amazon Web Services
- [**64**Star][11d] [anudeepnd/pihole-unbound](https://github.com/anudeepnd/pihole-unbound) Guide to setup Unbound recursive DNS resolver with Pi-Hole. With additional configs for speed and security!!
- [**64**Star][11d] [C#] [andychiare/netcore2-reverse-proxy](https://github.com/andychiare/netcore2-reverse-proxy) An example of how to implement a reverse proxy in .NET Core 2
- [**64**Star][6y] [Py] [andrew-morris/stupid_malware](https://github.com/andrew-morris/stupid_malware) Python malware for pentesters that bypasses most antivirus (signature and heuristics) and IPS using sheer stupidity
- [**64**Star][4m] [albertzsigovits/malware-writeups](https://github.com/albertzsigovits/malware-writeups) Personal research and publication on malware families
- [**64**Star][10m] [al0ne/nmap_bypass_ids](https://github.com/al0ne/nmap_bypass_ids) bypass IDS
- [**64**Star][3y] [Batchfile] [absolomb/pentesting](https://github.com/absolomb/pentesting) Pentesting Cheatsheets and Guides
- [**64**Star][2m] [Shell] [abs0/wargames](https://github.com/abs0/wargames) Shell script to simulate the W.O.P.R. computer from WarGames (wopr)
- [**64**Star][1m] [Py] [9b/netinfo](https://github.com/9b/netinfo) Simple IP enrichment service and API wrapping PyASN and MaxMind GeoIP.
- [**64**Star][2y] [AutoIt] [9aylas/shortcut-payload-generator](https://github.com/9aylas/shortcut-payload-generator) AutoIt HackTool, Shortcuts .lnk Payloads Generator As LNK-KISSER.
- [**64**Star][6m] [Shell] [91yun/uml](https://github.com/91yun/uml) 
- [**63**Star][11d] [JS] [northwavenl/fridax](https://github.com/northwavenl/fridax) Fridax enables you to read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.
- [**63**Star][10d] [PHP] [lightswitch05/php-version-audit](https://github.com/lightswitch05/php-version-audit) Audit your PHP version for known CVEs and patches
- [**63**Star][11d] [Shell] [ph4r05/android-openssl](https://github.com/ph4r05/android-openssl) OpenSSL build for Android (arm, armv7, x86)
- [**63**Star][1y] [Py] [cyber-prog0x/poc-bank](https://github.com/cyber-prog0x/poc-bank) Focus on cybersecurity | collection of PoC and Exploits
- [**63**Star][4m] [Shell] [dylanbai8/onekey_openvz_install_windows](https://github.com/dylanbai8/onekey_openvz_install_windows) OpenVZ虚拟化（架构）VPS 一键安装 Windows 系统
- [**63**Star][4m] [C] [bl4ck5un/mbedtls-sgx](https://github.com/bl4ck5un/mbedtls-sgx) mbedtls-SGX: a SGX-friendly TLS stack (ported from mbedtls)
- [**63**Star][6m] [C++] [sparkfun/sparkfun_esp8266_at_arduino_library](https://github.com/sparkfun/sparkfun_esp8266_at_arduino_library) WiFi and TCP drivers for an ESP8266 running AT firmware.
- [**63**Star][12d] [Shell] [wanjunlengfeng/goodyesmarket](https://github.com/wanjunlengfeng/goodyesmarket) WhatsVPN Free Download (萝卜加速器免费版)-打造全球免费的加速器VPN公司
- [**63**Star][7m] [Java] [mrjiao/spiderjackson](https://github.com/mrjiao/spiderjackson) 一个简单易用的爬虫框架,内置代理管理模块,灵活设置多线程爬取
- [**63**Star][2m] [Py] [ityouknow/python-crawler](https://github.com/ityouknow/python-crawler) Python Crawler
- [**63**Star][15d] [C++] [125k/esp8266_wifi_captive_portal](https://github.com/125k/esp8266_wifi_captive_portal) 
- [**63**Star][17d] [C#] [two06/amsi_handler](https://github.com/two06/amsi_handler) Automate AV evasion by calling AMSI
- [**63**Star][21d] [Py] [netflix-skunkworks/cloudtrail-anomaly](https://github.com/netflix-skunkworks/cloudtrail-anomaly) 
- [**63**Star][1m] [Py] [yandex/tcplanz](https://github.com/yandex/tcplanz) TCPDump latency analyzer
- [**63**Star][2m] [tmk/usb2usb_converter](https://github.com/tmk/usb2usb_converter) USB to USB keyboard protocol converter supported by TMK keyboard firmware
- [**63**Star][2m] [C] [taviso/dbusmap](https://github.com/taviso/dbusmap) This is a simple utility for enumerating D-Bus endpoints, an nmap for D-Bus.
- [**63**Star][6m] [Py] [shellphish/shellphish-afl](https://github.com/shellphish/shellphish-afl) A pip wrapper around AFL.
- [**63**Star][5m] [sbousseaden/slides](https://github.com/sbousseaden/slides) 
- [**63**Star][11d] [Py] [webrecorder/browsertrix](https://github.com/webrecorder/browsertrix) Browsertrix: Containerized High-Fidelity Browser-Based Automated Crawling + Behavior System
- [**63**Star][16d] [Java] [giovannicolonna/msfvenom-backdoor-android](https://github.com/giovannicolonna/msfvenom-backdoor-android) Android backdoored app, improved source code of msfvenom android .apk
- [**63**Star][4m] [JS] [enablesecurity/webapp-exploit-payloads](https://github.com/EnableSecurity/Webapp-Exploit-Payloads) a collection of payloads for common webapps
- [**63**Star][1m] [redteamwing/pentest_wiki](https://github.com/RedTeamWing/Pentest_WiKi) 你所不知道的渗透测试
- [**63**Star][1m] [C] [secureauthcorp/sap-dissection-plug-in-for-wireshark](https://github.com/SecureAuthCorp/SAP-Dissection-plug-in-for-Wireshark) This Wireshark plugin provides dissection of SAP's NI, Diag, Enqueue, Router, Message Server, SNC and IGS protocols.
- [**63**Star][15d] [C++] [125k/esp8266_wifi_captive_portal](https://github.com/125K/ESP8266_WiFi_Captive_Portal) 
- [**63**Star][10d] [HTML] [canonical-web-and-design/ubuntu.com](https://github.com/canonical-web-and-design/ubuntu.com) The official website for the Ubuntu operating system
- [**63**Star][1m] [Py] [pyca/service-identity](https://github.com/pyca/service-identity) Service Identity Verification for Python
- [**63**Star][3m] [C++] [imugee/pegasus](https://github.com/imugee/pegasus) reverse engineering extension plugin for windbg
- [**63**Star][2m] [Shell] [praetorian-code/epictreasure](https://github.com/praetorian-code/epictreasure) radare, angr, pwndbg, binjitsu, ect in a box ready for pwning
- [**63**Star][3m] [Lua] [yelp/casper](https://github.com/yelp/casper) Yelp's internal caching proxy, powered by Nginx and OpenResty at its core
- [**63**Star][1m] [Go] [wickett/lambhack](https://github.com/wickett/lambhack) A very vulnerable serverless application in AWS Lambda
- [**63**Star][5m] [C] [vnik5287/kaslr_tsx_bypass](https://github.com/vnik5287/kaslr_tsx_bypass) Linux kASLR (Intel TSX/RTM) bypass static library
- [**63**Star][5y] [Py] [veil-framework/veil-ordnance](https://github.com/veil-framework/veil-ordnance) Veil-Ordnance is a tool designed to quickly generate MSF stager shellcode
- [**63**Star][4m] [C++] [urshadow/urmem](https://github.com/urshadow/urmem) C++11 cross-platform library for working with memory (hooks, patches, pointer's wrapper, signature scanner etc.)
- [**63**Star][3m] [ObjC] [tihmstar/v3ntex](https://github.com/tihmstar/v3ntex) getf tfp0 on iOS 12.0 - 12.1.2
- [**63**Star][1y] [Py] [th3j0kr/jtb_investigator](https://github.com/th3j0kr/jtb_investigator) A tool to speed up the process of doing the same simple IP/Domain Name lookups over and over again.
- [**63**Star][11d] [JS] [silverwind/oui](https://github.com/silverwind/oui) Look up MAC addresses for their vendor in the IEEE OUI database
- [**63**Star][10d] [Py] [shaanen/osint-combiner](https://github.com/shaanen/osint-combiner) Combining OSINT sources in Elastic Stack
- [**63**Star][9m] [Py] [sfahl/mallodroid](https://github.com/sfahl/mallodroid) Find broken SSL certificate validation in Android Apps
- [**63**Star][1m] [TeX] [season-lab/survey-symbolic-execution](https://github.com/season-lab/survey-symbolic-execution) 对有关符号执行相关工具和技术的调查
- [**63**Star][27d] [Py] [samyk/awesome-vehicle-security](https://github.com/samyk/awesome-vehicle-security) A curated list of awesome resources, books, hardware, software, applications, people to follow, and more cool stuff about vehicle security, car hacking, and tinkering with the functionality of your car.
- [**63**Star][2y] [PHP] [raesene/bwapp](https://github.com/raesene/bwapp) 
- [**63**Star][4m] [Py] [push0ebp/allirt](https://github.com/push0ebp/allirt) Tool that converts All of libc to signatures for IDA Pro FLIRT Plugin. and utility make sig with FLAIR easily
- [**63**Star][4m] [PHP] [owasp/vulnerable-web-application](https://github.com/owasp/vulnerable-web-application) OWASP Vulnerable Web Application Project
- [**63**Star][5y] [CSS] [opensecurityresearch/fsexploitme](https://github.com/opensecurityresearch/fsexploitme) Purposely vulnerable ActiveX Control to teach about exploitation in a browser-based environment.
- [**63**Star][2m] [Assembly] [nootropicdesign/lumazoid](https://github.com/nootropicdesign/lumazoid) Firmware for the Lumazoid realtime music visualizer board
- [**63**Star][17d] [Shell] [noob-hackers/kalimux](https://github.com/noob-hackers/kalimux) Install kali linux in termux with desktop environment from kalimux oneclick installation tool no root required
- [**63**Star][4m] [Py] [nonenotnull/ssrfx](https://github.com/nonenotnull/ssrfx) CVE-2014-4210+Redis未授权访问
- [**63**Star][2y] [Go] [mwgg/passera](https://github.com/mwgg/passera) [UNSUPPORTED] A small tool to turn any entered passphrase into a strong secure password, allowing you to easily use different strong passwords for different websites without storing them
- [**63**Star][5m] [Go] [moldabekov/virusgotal](https://github.com/moldabekov/virusgotal) 
- [**63**Star][19d] [Shell] [moki-ics/moki](https://github.com/moki-ics/moki) Moki Distribution - ICS/SCADA Tools
- [**63**Star][4m] [Py] [mogwailabs/mjet](https://github.com/mogwailabs/mjet) MOGWAI LABS JMX exploitation toolkit
- [**63**Star][20d] [mikerah/awesome-privacy-on-blockchains](https://github.com/mikerah/awesome-privacy-on-blockchains) A curated list of privacy on blockchains resources
- [**63**Star][11d] [Shell] [matrix1001/glibc-all-in-one](https://github.com/matrix1001/glibc-all-in-one) 
- [**63**Star][1y] [marchowardbegins/algohive](https://github.com/marchowardbegins/algohive) Crowdsourcing cryptocurrency prediction algorithms.
- [**63**Star][6m] [C] [maldiohead/cve-2019-6207](https://github.com/maldiohead/cve-2019-6207) xnu kernel heap info leak
- [**63**Star][20d] [C++] [maldevel/driver-loader](https://github.com/maldevel/driver-loader) Windows驱动加载器
- [**63**Star][6m] [Ruby] [livingsocial/bundler-patch](https://github.com/livingsocial/bundler-patch) Update your gems conservatively to deal with vulnerable gems or just get more current.
- [**63**Star][5y] [Py] [linvex/discoverhiddenssid](https://github.com/linvex/discoverhiddenssid) this project is targetting that Discover the Hidden SSID.
- [**63**Star][1m] [Py] [lijiejie/struts2_045_scan](https://github.com/lijiejie/struts2_045_scan) Struts2-045 Scanner
- [**63**Star][4m] [Matlab] [konstantinberlin/malware-windows-audit-log-detection](https://github.com/konstantinberlin/malware-windows-audit-log-detection) Detection of malware using dynamic behavior and Windows audit logs
- [**63**Star][11d] [Py] [kevcui/mitm-scripts](https://github.com/kevcui/mitm-scripts) 
- [**63**Star][2y] [josephlhall/dc25-votingvillage-report](https://github.com/josephlhall/dc25-votingvillage-report) A report to synthesize findings from the Defcon 25 Voting Machine Hacking Village
- [**63**Star][24d] [JS] [joliss/js-string-escape](https://github.com/joliss/js-string-escape) Escape strings for use as JavaScript string literals
- [**63**Star][12d] [C] [jessfraz/tor](https://github.com/jessfraz/tor) Development fork of
- [**63**Star][5y] [C#] [jaredcatkinson/evilnetconnectionwmiprovider](https://github.com/jaredcatkinson/evilnetconnectionwmiprovider) 
- [**63**Star][1m] [C++] [ivanfratric/ropguard](https://github.com/ivanfratric/ropguard) Runtime Prevention of Return-Oriented Programming Attacks
- [**63**Star][24d] [Py] [isra17/nrs](https://github.com/isra17/nrs) NSIS Reversing Suite with IDA Plugins
- [**63**Star][2y] [C] [ioactive/fuzzndis](https://github.com/ioactive/fuzzndis) A Fuzzer for Windows NDIS Drivers OID Handlers
- [**63**Star][4m] [Java] [intrepidusgroup/iglogger](https://github.com/intrepidusgroup/iglogger) Class to help with adding logging function in smali output from 3rd party Android apps.
- [**63**Star][8m] [C] [inndy/ctf-writeup](https://github.com/inndy/ctf-writeup) My CTF write-up collection
- [**63**Star][4m] [infosec-community/apac-conferences](https://github.com/infosec-community/apac-conferences) A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
- [**63**Star][24d] [C] [ibm-security-innovation/goldy](https://github.com/ibm-security-innovation/goldy) Lightweight DTLS proxy
- [**63**Star][9m] [Py] [hacksysteam/wpadescape](https://github.com/hacksysteam/wpadescape) Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service
- [**63**Star][4m] [Py] [hackinglab/mobilesf](https://github.com/hackinglab/mobilesf) HackingLab定制版Mobile Safe Framework
- [**63**Star][12d] [Assembly] [guitmz/memrun](https://github.com/guitmz/memrun) Small tool to run ELF binaries from memory with a given process name
- [**63**Star][1m] [Assembly] [gamozolabs/falkervisor_beta](https://github.com/gamozolabs/falkervisor_beta) 
- [**63**Star][4m] [Kotlin] [fs0c131y/samsunglocker](https://github.com/fs0c131y/samsunglocker) Samsung ContainerAgent Vulnerability - Local DoS for Samsung smartphone
- [**63**Star][2y] [Shell] [faf0/thinkpad-scripts](https://github.com/faf0/thinkpad-scripts) Scripts for fixing TrackPointers and touchpads under Ubuntu 14.04 and 16.04 or similar distributions on Lenovo ThinkPads (tested on X1 Carbon 2nd Generation and reported to work on X240)
- [**63**Star][2m] [C] [evilsocket/libpe](https://github.com/evilsocket/libpe) A C/C++ library to parse Windows portable executables written with speed and stability in mind.
- [**63**Star][14d] [C++] [erickutcher/httpdownloader](https://github.com/erickutcher/httpdownloader) HTTP(S) download manager that uses input/output completion ports (IOCP).
- [**63**Star][3m] [C] [dorneanu/ixkeylog](https://github.com/dorneanu/ixkeylog) *NIX X11 Keylogger
- [**63**Star][10d] [HTML] [dobin/yookiterm-slides](https://github.com/dobin/yookiterm-slides) Exploitation and Mitigation Slides
- [**63**Star][12d] [Java] [cwtsleiden/networkanalysis](https://github.com/cwtsleiden/networkanalysis) Java package that provides data structures and algorithms for network analysis.
- [**63**Star][6m] [JS] [curiousdannii/ifvms.js](https://github.com/curiousdannii/ifvms.js) The Interactive Fiction Virtual Machines Suite - in Javascript
- [**63**Star][21d] [Assembly] [cturt/ps2-yabasic-exploit](https://github.com/cturt/ps2-yabasic-exploit) PS2 exploit for demo discs containing Yabasic that allows arbitrary code execution.
- [**63**Star][29d] [Assembly] [cranklin/cranky-data-virus](https://github.com/cranklin/cranky-data-virus) Educational virus written in Assembly that infects 32-bit ELF executables on Linux using the data segment infection method
- [**63**Star][15d] [C] [coolervoid/ninja_shell](https://github.com/coolervoid/ninja_shell) Port Knocking technique with AES256-GCM
- [**63**Star][3m] [C] [cn-uofbasel/ccn-lite](https://github.com/cn-uofbasel/ccn-lite) CCN-lite, a lightweight implementation of the CCNx protocol and its variations
- [**63**Star][19d] [JS] [chick-fil-a/bovine](https://github.com/chick-fil-a/bovine) Building Operational Visibility Into (n) Environments
- [**63**Star][10m] [Py] [c01db33f/concolica](https://github.com/c01db33f/concolica) Python concolic execution framework for program analysis
- [**63**Star][8m] [C++] [breakingmalwareresearch/eleven](https://github.com/breakingmalwareresearch/eleven) Elevation by environment variable expansion
- [**63**Star][2m] [Py] [bolunwang/backdoor](https://github.com/bolunwang/backdoor) Code implementation of the paper "Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks", at IEEE Security and Privacy 2019.
- [**63**Star][21d] [Shell] [bkerler/ghidra_installer](https://github.com/bkerler/ghidra_installer) Helper scripts to set up OpenJDK 11 and scale Ghidra for 4K on Ubuntu 18.04 / 18.10
- [**63**Star][10m] [basketwill/z0bpctools](https://github.com/basketwill/z0bpctools) 一个windows反汇编工具，界面风格防OllyDbg 利用业余开发了一款类似仿OLlyDbg界面的 IDA静态反编译工具，目前是1.0版本，功能不是很强大但是基本功能有了
- [**63**Star][4m] [C#] [b4rtik/sharpadidnsdump](https://github.com/b4rtik/sharpadidnsdump) c# implementation of Active Directory Integrated DNS dumping (authenticated user)
- [**63**Star][24d] [Py] [anteater/anteater](https://github.com/anteater/anteater) Anteater - CI/CD Gate Check Framework
- [**63**Star][4m] [C++] [alf45tar/pedalino](https://github.com/alf45tar/pedalino) Smart wireless MIDI foot controller for guitarists and more.
- [**63**Star][4m] [Java] [ajnas/wifips](https://github.com/ajnas/wifips) WiFi Based Indoor Positioning System, A MVP android Application
- [**63**Star][28d] [Rust] [ajmwagar/lor-axe](https://github.com/ajmwagar/lor-axe) 
- [**63**Star][16d] [15pb/wechat_tools](https://github.com/15pb/wechat_tools) 微信插件，微信辅助工具
- [**62**Star][12d] [Go] [whiteblock/genesis](https://github.com/whiteblock/genesis) Genesis is an end-to-end development sandbox and testing platform for Web3 and blockchain-based distributed systems.
- [**62**Star][5m] [JS] [meehow/2read](https://github.com/meehow/2read) Convert article in current tab to readable form and upload it to P2P network - IPFS
- [**62**Star][30d] [HTML] [seagatesoft/webdext](https://github.com/seagatesoft/webdext) Intelligent Web Data Extractor
- [**62**Star][3m] [JS] [swaponline/multicurrencywallet](https://github.com/swaponline/multicurrencywallet) FROK THIS! Main repo For wallet and swap.core. Last build here
- [**62**Star][14d] [C#] [reconness/reconness](https://github.com/reconness/reconness) ReconNess Web App Tool
- [**62**Star][16d] [C] [xerub/ropc](https://github.com/xerub/ropc) meine kleine rop compiler, circa 2012
- [**62**Star][1m] [redogwu/pdf](https://github.com/redogwu/pdf) [+] Exploit code or poc code for pdf vulnerability
- [**62**Star][4m] [Py] [sunhailin-leo/alipayspider-scrapy](https://github.com/sunhailin-leo/alipayspider-scrapy) AlipaySpider on Scrapy(use chrome driver); 支付宝爬虫(基于Scrapy)
- [**62**Star][4m] [Java] [jflavio11/wificonnector](https://github.com/jflavio11/wificonnector) Library to manage Wi-Fi Connections on Android
- [**62**Star][22d] [Java] [tang-jie/nettygateway](https://github.com/tang-jie/nettygateway) NettyGateway is a HTTP proxy server with flexible routing rules.
- [**62**Star][18d] [Go] [dmhao/hgw](https://github.com/dmhao/hgw) hgw是由gateway网关服务、manager控制服务构成的一套轻量级网关系统。目前支持http/https协议的服务控制
- [**62**Star][8d] [Py] [ling7334/novel-crawler](https://github.com/ling7334/novel-crawler) 这是一个用Python写的小说爬虫软件
- [**62**Star][8d] [C++] [bertmelis/vitowifi](https://github.com/bertmelis/vitowifi) Communicate with Viessmann boilers using the optolink for ESP8266 and ESP32
- [**62**Star][11d] [Rust] [diodesign/diosix](https://github.com/diodesign/diosix) A lightweight, secure, multiprocessor bare-metal hypervisor written in Rust for RISC-V
- [**62**Star][4m] [Py] [justanotherarchivist/snscrape](https://github.com/justanotherarchivist/snscrape) A social networking service scraper in Python
- [**62**Star][15d] [Py] [chuanenlin/shutterscrape](https://github.com/chuanenlin/shutterscrape) Speedy, lightweight web scrapper for Shutterstock.
- [**62**Star][17d] [Py] [philipperemy/expressvpn-python](https://github.com/philipperemy/expressvpn-python) ExpressVPN - Python Wrapper (public IP auto fetch)
- [**62**Star][23d] [Py] [pinto0309/tpu-mobilenetssd](https://github.com/pinto0309/tpu-mobilenetssd) Edge TPU Accelerator / Multi-TPU + MobileNet-SSD v2 + Python + Async + LattePandaAlpha/RaspberryPi3/LaptopPC
- [**62**Star][4m] [Go] [wilfreddenton/udp-hole-punching](https://github.com/wilfreddenton/udp-hole-punching) An experimental P2P encrypted chat app created to show UDP hole punching in action
- [**62**Star][15d] [C++] [adjacentlink/emane](https://github.com/adjacentlink/emane) Distributed wireless network emulation framework
- [**62**Star][19d] [JS] [mourner/quickselect](https://github.com/mourner/quickselect) A fast selection algorithm in JavaScript.
- [**62**Star][10d] [Py] [vonsdite/auto_shadowsocks](https://github.com/vonsdite/auto_shadowsocks) Shadowsocks. 科学上网, 仅供学习。是免费的服务器，可能存在科学上网不稳定。
- [**62**Star][13d] [PHP] [michaelfranzl/no.php](https://github.com/michaelfranzl/no.php) Transparent reverse proxy written in PHP
- [**62**Star][2m] [Py] [jeanphorn/common-password](https://github.com/jeanphorn/common-password) 字典生成脚本, 用python语言写成的可交互性的字典生成脚本。尤其适合社会工程学，当你收集到目标的具体信息后，你就可以通过这个脚本来智能化生成关于目标的字典。
- [**62**Star][5m] [Py] [salesforce/threatshell](https://github.com/salesforce/threatshell) 
- [**62**Star][5m] [Py] [draios/sysdigcloud-kubernetes](https://github.com/draios/sysdigcloud-kubernetes) Sysdig Cloud on Kubernetes
- [**62**Star][4m] [Shell] [hak5/sharkjack-payloads](https://github.com/hak5/sharkjack-payloads) The Official Hak5 Shark Jack Payload Repository
- [**62**Star][17d] [TS] [paulsec/shodan.io-mobile-app](https://github.com/paulsec/shodan.io-mobile-app) Official repository for the Shodan.io mobile Application
- [**62**Star][2m] [HTML] [kevthehermit/spearphisher](https://github.com/kevthehermit/spearphisher) A Web Application to Send and Track Spear Phishing Campaigns
- [**62**Star][21d] [C] [angr/vex](https://github.com/angr/vex) A patched version of VEX to work with PyVEX.
- [**62**Star][22d] [Shell] [lozzd/autonmap](https://github.com/lozzd/autonmap) Automated daily scan using Nmap and report on the differences
- [**62**Star][4m] [C++] [eyalz800/zpp_hypervisor](https://github.com/eyalz800/zpp_hypervisor) A very simple hypervisor for learning experience.
- [**62**Star][4m] [Java] [cuyler36/ghidra-gamecube-loader](https://github.com/cuyler36/ghidra-gamecube-loader) A Nintendo GameCube binary loader for Ghidra
- [**62**Star][17d] [C#] [ohjeongwook/powershellrunbox](https://github.com/ohjeongwook/powershellrunbox) Dynamic PowerShell analysis framework
- [**62**Star][4y] [Py] [tuter/monmob](https://github.com/tuter/monmob) 
- [**62**Star][25d] [HCL] [jordanpotti/offensiveclouddistribution](https://github.com/jordanpotti/offensiveclouddistribution) Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
- [**62**Star][8d] [JS] [eu-edps/website-evidence-collector](https://github.com/eu-edps/website-evidence-collector) The tool Website Evidence Collector (WEC) automates the website evidence collection of storage and transfer of personal data.
- [**62**Star][3y] [shmilylty/sec-box](https://github.com/shmilylty/Sec-Box) information security Tools Box （信息安全工具集合）
- [**62**Star][13d] [C#] [fsecurelabs/sharpgpo-remoteaccesspolicies](https://github.com/FSecureLABS/SharpGPO-RemoteAccessPolicies) A C# tool for enumerating remote access policies through group policy.
- [**62**Star][1y] [weekend-hub/pentest-tools](https://github.com/weekEND-hub/pentest-tools) PenTest Tools
- [**62**Star][2m] [Py] [feexd/vbg](https://github.com/feexd/vbg) Visual Basic GUI: A Tool to Inject Keystrokes on a SSH Client via an X11 Forwarded Session
- [**62**Star][4y] [Py] [fsecurelabs/peas](https://github.com/FSecureLABS/peas) PEAS is a Python 2 library and command line application for running commands on an ActiveSync server e.g. Microsoft Exchange.
- [**62**Star][2m] [ObjC] [zhengmin1989/yalu102](https://github.com/zhengmin1989/yalu102) incomplete iOS 10.2 jailbreak for 64 bit devices by qwertyoruiopz and marcograssi
- [**62**Star][4m] [C] [zfigura/semblance](https://github.com/zfigura/semblance) Disassembler for Windows executables. Supports 16-bit NE (New Executable), MZ (DOS), and PE (Portable Executable, i.e. Win32) files.
- [**62**Star][5y] [Py] [xipiter/idiotic](https://github.com/xipiter/idiotic) Simple ways to 0wn simple IOT devices
- [**62**Star][1m] [C] [xerpi/vita-linux-loader](https://github.com/xerpi/vita-linux-loader) Linux Loader for the PlayStation Vita
- [**62**Star][11d] [Go] [x-way/iptables-tracer](https://github.com/x-way/iptables-tracer) Insert trace-points into the running configuration to observe the path of packets through the iptables chains.
- [**62**Star][2m] [wjpdeveloper/my-action-github](https://github.com/wjpdeveloper/my-action-github) awesome github
- [**62**Star][1m] [Py] [wind-river/crypto-detector](https://github.com/wind-river/crypto-detector) Cryptography detection tool
- [**62**Star][14d] [Py] [williballenthin/python-sdb](https://github.com/williballenthin/python-sdb) Pure Python parser for Application Compatibility Shim Databases (.sdb files)
- [**62**Star][3y] [C++] [tyranid/zeronights2017](https://github.com/tyranid/zeronights2017) Some sample code from my Zero Nights 2017 presentation.
- [**62**Star][2y] [tyranid/windows-attacksurface-workshop](https://github.com/tyranid/windows-attacksurface-workshop) Workshop material for a Windows Attack Surface Analysis Workshop
- [**62**Star][4m] [C] [tobaljackson/2017-sit-re-presentation](https://github.com/tobaljackson/2017-sit-re-presentation) Intro to radare2 presentation files.
- [**62**Star][1m] [JS] [thekashey/proxyequal](https://github.com/thekashey/proxyequal) There is a bit more smart way to compare things, than a shallow equal.
- [**62**Star][2y] [PS] [tenable/posh-nessus](https://github.com/tenable/posh-nessus) PowerShell Module for automating Tenable Nessus Vulnerability Scanner.
- [**62**Star][26d] [C#] [tech-srl/esh](https://github.com/tech-srl/esh) statistical similarity of binaries (Esh)
- [**62**Star][4m] [HTML] [team-su/suctf-2019](https://github.com/team-su/suctf-2019) 
- [**62**Star][2y] [Py] [tarlogicsecurity/arecibo](https://github.com/tarlogicsecurity/arecibo) Arecibo: Endpoint for Out-of-Band Exfiltration (DNS & HTTP)
- [**62**Star][2y] [C] [synestraa/highcall-library](https://github.com/synestraa/highcall-library) usermode standalone kernel interface
- [**62**Star][4m] [Py] [slrbl/intrusion-and-anomaly-detection-with-machine-learning](https://github.com/slrbl/intrusion-and-anomaly-detection-with-machine-learning) Machine learning algorithms applied on log analysis to detect intrusions and suspicious activities.
- [**62**Star][1m] [Py] [secretsquirrel/backdoor-pyc](https://github.com/secretsquirrel/backdoor-pyc) Patch pyc files with your code. Fairly lame.
- [**62**Star][3y] [Lua] [scipag/httprecon-nse](https://github.com/scipag/httprecon-nse) Advanced web server fingerprinting for Nmap
- [**62**Star][1m] [Py] [samvartaka/malware](https://github.com/samvartaka/malware) Various malware, packer, crypter, etc. detection and analysis tools
- [**62**Star][23d] [Py] [s2e/s2e-env](https://github.com/s2e/s2e-env) Your S2E project management tools. Visit
- [**62**Star][24d] [JS] [roccomuso/alveare](https://github.com/roccomuso/alveare) 
- [**62**Star][3y] [ObjC] [rickhe/rhwechat](https://github.com/rickhe/rhwechat) iOS 无需越狱逆向微信：自动抢红包
- [**62**Star][3m] [PS] [quake4/mindminer](https://github.com/quake4/mindminer) MindMiner - the miner manager programm with online monitoring
- [**62**Star][15d] [Py] [psychomario/pyinject](https://github.com/psychomario/pyinject) A python module to help inject shellcode/DLLs into windows processes
- [**62**Star][15d] [Py] [prouast/coinmarketcap-scraper](https://github.com/prouast/coinmarketcap-scraper) Python-based scraper for market cap, supply, exchange price, and exchange volume data from coinmarketcap.com
- [**62**Star][10m] [PHP] [pklink/ppma](https://github.com/pklink/ppma) [INACTIVE] PHP Password Manager
- [**62**Star][2y] [ophirharpaz/patched-minesweeper](https://github.com/ophirharpaz/patched-minesweeper) I hacked Minesweeper into putting flags on all the mined squares when starting. Yoohoo.
- [**62**Star][4y] [C++] [oowoodone/vmp_odplugin](https://github.com/oowoodone/vmp_odplugin) VMProtect OD Plugin
- [**62**Star][2y] [C] [noloader/sha-intrinsics](https://github.com/noloader/sha-intrinsics) SHA-1, SHA-256 and SHA-512 compression functions using Intel, ARMv8 and Power8 SHA intrinsics
- [**62**Star][2m] [Py] [netflix-skunkworks/cloudaux](https://github.com/netflix-skunkworks/cloudaux) Cloud Auxiliary is a python wrapper and orchestration module for interacting with cloud providers
- [**62**Star][15d] [Java] [mp911de/spring-cloud-vault-config-samples](https://github.com/mp911de/spring-cloud-vault-config-samples) Examples for Spring Vault and Spring Cloud Vault Config
- [**62**Star][6m] [C++] [meitu/mtgldebug](https://github.com/meitu/mtgldebug) An OpenGL debugging tool for iOS.
- [**62**Star][21d] [JS] [mdslab/wstun](https://github.com/mdslab/wstun) Tunnels and reverse tunnels over WebSocket
- [**62**Star][4m] [Py] [leipzig/awesome-reproducible-research](https://github.com/leipzig/awesome-reproducible-research) A curated list of reproducible research case studies, projects, tutorials, and media
- [**62**Star][5m] [C#] [kuoruan/shadowsocksr-csharp](https://github.com/kuoruan/shadowsocksr-csharp) ShadowsocksR for Windows
- [**62**Star][8m] [C] [kubo/injector](https://github.com/kubo/injector) Library for injecting a shared library into a Linux or Windows process
- [**62**Star][13d] [TS] [kennbroorg/iky](https://github.com/kennbroorg/iky) OSINT Project
- [**62**Star][2m] [ObjC] [julbouln/ice40_eink_controller](https://github.com/julbouln/ice40_eink_controller) ice40 FPGA eink controller
- [**62**Star][16d] [JS] [jsyang/gearvr-controller-webbluetooth](https://github.com/jsyang/gearvr-controller-webbluetooth) Gear VR controller web bluetooth demo
- [**62**Star][6m] [C] [jiayy/lkm-rootkit](https://github.com/jiayy/lkm-rootkit) an lkm rootkit support x86/64,arm,mips
- [**62**Star][11d] [jhaddix/bug-bounty-reference](https://github.com/jhaddix/bug-bounty-reference) Inspired by
- [**62**Star][13d] [jcesarstef/ghhdb-github-hacking-database](https://github.com/jcesarstef/ghhdb-github-hacking-database) Github Hacking Database - My personal collection of Github Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)
- [**62**Star][2y] [Java] [java-deobfuscator/deobfuscator-gui](https://github.com/java-deobfuscator/deobfuscator-gui) An awesome GUI for an awesome deobfuscator
- [**62**Star][6y] [Java] [isecpartners/android-killpermandsigchecks](https://github.com/isecpartners/android-killpermandsigchecks) Bypass signature and permission checks for IPCs
- [**62**Star][4m] [im-bug/blockchain-security-list](https://github.com/im-bug/blockchain-security-list) 
- [**62**Star][4y] [Py] [iamckn/mousejack_transmit](https://github.com/iamckn/mousejack_transmit) Wireless mouse/keyboard attack with replay/transmit poc
- [**62**Star][1m] [Py] [hgascon/adagio](https://github.com/hgascon/adagio) Structural Analysis and Detection of Android Malware
- [**62**Star][12d] [JS] [hamz-a/frida-android-libbinder](https://github.com/hamz-a/frida-android-libbinder) PoC Frida script to view Android libbinder traffic
- [**62**Star][1m] [C] [gravity-postquantum/gravity-sphincs](https://github.com/gravity-postquantum/gravity-sphincs) Signature scheme submitted to NIST's Post-Quantum Cryptography Project
- [**62**Star][28d] [HTML] [google/security-crawl-maze](https://github.com/google/security-crawl-maze) Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
- [**62**Star][12d] [Shell] [gentoo/libressl](https://github.com/gentoo/libressl) [MIRROR] LibreSSL ebuilds testing repository
- [**62**Star][8m] [C] [gdbinit/osx_boubou](https://github.com/gdbinit/osx_boubou) A PoC Mach-O infector via library injection
- [**62**Star][3m] [Assembly] [gdbinit/mpress_dumper](https://github.com/gdbinit/mpress_dumper) MPRESS dumper for OS X
- [**62**Star][19d] [TS] [functionalone/aws-least-privilege](https://github.com/functionalone/aws-least-privilege) Use AWS X-Ray to reach Least Privilege
- [**62**Star][3y] [Py] [frky/scat](https://github.com/frky/scat) Dynamic analysis of binary programs to retrieve function-related information (arity, type of parameters, coupling).
- [**62**Star][4y] [Py] [fireeye/volatility-plugins](https://github.com/fireeye/volatility-plugins)  plugins for the Volatility Framework.
- [**62**Star][1m] [C++] [eternalsakura/ctf_pwn](https://github.com/eternalsakura/ctf_pwn) 
- [**62**Star][12d] [JS] [essandess/easylist-pac-privoxy](https://github.com/essandess/easylist-pac-privoxy) EasyList Tracker and Adblocks to Proxy Auto Configuration (PAC) File and Privoxy Actions and Filters
- [**62**Star][14d] [JS] [eslint/eslint-scope](https://github.com/eslint/eslint-scope) eslint-scope: ECMAScript scope analyzer
- [**62**Star][4y] [Py] [epinna/stegosip](https://github.com/epinna/stegosip) TCP tunnel over RTP/SIP
- [**62**Star][3m] [Ruby] [engineyard/engineyard-serverside](https://github.com/engineyard/engineyard-serverside) This gem deploys your application on Engine Yard Cloud.
- [**62**Star][19d] [C++] [dishather/richprint](https://github.com/dishather/richprint) Print compiler information stored in Rich Header of PE executables.
- [**62**Star][1y] [C] [darm64/xnu](https://github.com/darm64/xnu) Research into porting the XNU kernel to ARM devices.
- [**62**Star][2y] [PS] [curi0usjack/adimporter](https://github.com/curi0usjack/adimporter) Credit to Helge Klein -
- [**62**Star][6m] [HTML] [cudeso/tools](https://github.com/cudeso/tools) Different tools, koen.vanimpe@cudeso.be
- [**62**Star][3y] [Py] [csong27/membership-inference](https://github.com/csong27/membership-inference) Code for Membership Inference Attack against Machine Learning Models (in Oakland 2017)
- [**62**Star][3y] [C] [croemheld/lkm-rootkit](https://github.com/croemheld/lkm-rootkit) A LKM rootkit for most newer kernel versions.
- [**62**Star][4m] [HTML] [crocs-muni/jcalgtest](https://github.com/crocs-muni/jcalgtest) Automated testing tool for algorithms from JavaCard API supported by particular smart card. Performance testing of almost all available methods. The results for more than 90+ cards.
- [**62**Star][27d] [Java] [contrast-security-oss/contrast-ro0](https://github.com/contrast-security-oss/contrast-ro0) A tiny Java agent that blocks attacks against unsafe deserialization
- [**62**Star][4m] [Py] [christophetd/ipv6teal](https://github.com/christophetd/ipv6teal) 
- [**62**Star][5m] [Py] [catalyst256/myjunk](https://github.com/catalyst256/myjunk) Just random files I've stored here for people to get access to because wordpress doesn't like python.
- [**62**Star][2m] [Py] [carnal0wnage/pentesty_scripts](https://github.com/carnal0wnage/pentesty_scripts) scripts for pentesting
- [**62**Star][1m] [C] [bsidessf/ctf-2019-release](https://github.com/bsidessf/ctf-2019-release) BSidesSF CTF 2019 release
- [**62**Star][5m] [breaktoprotect/cve-2017-12615](https://github.com/breaktoprotect/cve-2017-12615) POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.
- [**62**Star][13d] [Py] [bez0r/pdns2](https://github.com/bez0r/pdns2) Passive DNS V2
- [**62**Star][7m] [JS] [auth0/webtask-scripts](https://github.com/auth0/webtask-scripts) 
- [**62**Star][1m] [Py] [argp/unmask_jemalloc](https://github.com/argp/unmask_jemalloc) De Mysteriis Dom jemalloc
- [**62**Star][1y] [Py] [andy10101/apksecurityanalysis](https://github.com/andy10101/apksecurityanalysis) ApkSecurityAnalysis
- [**62**Star][2y] [Py] [anbai-inc/cve-2018-2893](https://github.com/anbai-inc/cve-2018-2893) CVE-2018-2893
- [**62**Star][2y] [HTML] [aglcaicai/kalitoolsmanual](https://github.com/aglcaicai/kalitoolsmanual) Kali Linux 工具合集中文说明书
- [**62**Star][4m] [PHP] [adrianbj/tracydebugger](https://github.com/adrianbj/tracydebugger) The ultimate debugging and development tool for ProcessWire
- [**62**Star][1y] [Py] [cse-assemblyline/assemblyline](https://bitbucket.org/cse-assemblyline/assemblyline) 
- [**61**Star][13d] [C] [pioneerhfy/keylogoverhttp](https://github.com/pioneerhfy/keylogoverhttp) Different keylogger that uses HTTP Requests to exilftrate keystrokes from victim machine.
- [**61**Star][11d] [C] [sslab-gatech/hydra](https://github.com/sslab-gatech/hydra) Hydra: an Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems
- [**61**Star][4m] [PHP] [aaronpk/ownyourgram](https://github.com/aaronpk/ownyourgram) 
- [**61**Star][10d] [Nim] [status-im/nim-libp2p](https://github.com/status-im/nim-libp2p) libp2p implementation in Nim
- [**61**Star][3m] [Assembly] [danluu/sega-system-for-fpga](https://github.com/danluu/sega-system-for-fpga) FPGA Sega in Verilog, for Xilinx Virtex, circa 2002. Has an emulator thrown in, to simplify FPGA debugging.
- [**61**Star][21d] [C] [malisal/loaders](https://github.com/malisal/loaders) Tiny loaders for various binary formats.
- [**61**Star][1m] [JS] [orbitdb/orbit-core](https://github.com/orbitdb/orbit-core) Orbit communication protocol and library
- [**61**Star][10m] [C] [ivan386/shareaza](https://github.com/ivan386/shareaza) Shareaza is a peer-to-peer client for Windows that allows you to download any file-type found on several popular P2P networks.
- [**61**Star][12m] [PS] [ahhh/psse](https://github.com/ahhh/psse) PowerShell Scripting Expert repository, contains template code for security and administrative scripting, largely derived through taking the SecurityTube PowerShell for Pentesters course
- [**61**Star][24d] [C#] [empireworld/unity-dijkstras-pathfinding](https://github.com/empireworld/unity-dijkstras-pathfinding) Dijkstra's Pathfinding Algorithm Unity Implementation. (Not being maintained by me, it is just an experiment.)
- [**61**Star][19d] [Py] [tonyseek/openvpn-status](https://github.com/tonyseek/openvpn-status) Parse OpenVPN status logs in Python
- [**61**Star][2m] [Crystal] [watzon/arachnid](https://github.com/watzon/arachnid) Powerful web scraping framework for Crystal
- [**61**Star][3m] [Py] [darksand/fetchman](https://github.com/darksand/fetchman) fetchman is a simple crawler system/简单好用的爬虫框架
- [**61**Star][1y] [Java] [dminerjackie/jewelcrawler](https://github.com/dminerjackie/jewelcrawler) 豆瓣电影爬虫——a crawler which is able to crawl movie detail and short comments, save them to database mysql, also include Sentiment analysis based on comments
- [**61**Star][12m] [PHP] [icinga/icingaweb2-module-x509](https://github.com/icinga/icingaweb2-module-x509) Keeps track of certificates as they are deployed in a network environment.
- [**61**Star][5m] [C#] [nyan-x-cat/mass-rat](https://github.com/nyan-x-cat/mass-rat) Basic Multiplatform Remote Administration Tool - Xamarin
- [**61**Star][28d] [C] [termux/termux-elf-cleaner](https://github.com/termux/termux-elf-cleaner) Utility to remove unused ELF sections causing warnings.
- [**61**Star][19d] [C] [namjaejeon/cifsd](https://github.com/namjaejeon/cifsd) cifsd kernel server(SMB/CIFS server)
- [**61**Star][26d] [Java] [igoticecream/snorlax](https://github.com/igoticecream/snorlax) Xposed module (Android) to check pokemons stats
- [**61**Star][2m] [Py] [vhdmsm/tg_crawler](https://github.com/vhdmsm/tg_crawler) Just a messy crawler based on tg-cli for Telegram. Deprecated by now, please use telegram-export.
- [**61**Star][14d] [Go] [professionallyevil/harpoon](https://github.com/professionallyevil/harpoon) A collection post-exploitation scripts for determining if that shell you just got is in a container, what kind, and ways to escape.
- [**61**Star][8d] [Shell] [mack-a/v2ray-agent](https://github.com/mack-a/v2ray-agent) 本项目旨在突破固有的网络限制。采用CDN+TLS+Nginx+V2Ray、Trojan进行模拟正常网站并突破防火墙，同时包含优化方法、简单的原理讲解，欢迎加入TG群讨论（群主和管理基本随时在线）。
- [**61**Star][11d] [C] [vanhoefm/dragondrain-and-time](https://github.com/vanhoefm/dragondrain-and-time) 
- [**61**Star][8d] [Go] [shopify/voucher](https://github.com/shopify/voucher) 
- [**61**Star][15d] [HTML] [csploit/csploit.github.io](https://github.com/csploit/csploit.github.io) website for cSploit organization
- [**61**Star][6m] [C++] [cmu-sei/gbtl](https://github.com/cmu-sei/gbtl) GraphBLAS Template Library (GBTL): graph algorithms and primitives using semiring algebra as defined at graphblas.org
- [**61**Star][6m] [ObjC] [project-imas/securefoundation](https://github.com/project-imas/securefoundation) Secure components enabling application authentication, secure file storage, app level file-based keychain, and shredding for files on disk
- [**61**Star][17d] [Assembly] [vxunderground/family](https://github.com/vxunderground/family) Collection of Malware source code by Language and Family.
- [**61**Star][1m] [Py] [littlevege/pixiv_crawl](https://github.com/littlevege/pixiv_crawl) 基于Scrapy的Pixiv热榜爬虫
- [**61**Star][15d] [JS] [zibri/cloudflare-cors-anywhere](https://github.com/zibri/cloudflare-cors-anywhere) CORS "anywhere" proxy in a Cloudflare worker. DEMO at:
- [**61**Star][10d] [JS] [tserkov/vue-plugin-load-script](https://github.com/tserkov/vue-plugin-load-script) A Vue plugin for injecting remote scripts.
- [**61**Star][2y] [Py] [avicoder/spoodle](https://github.com/avicoder/spoodle) A mass subdomain (Subbrute) + poodle vulnerability scanner
- [**61**Star][1m] [Py] [hatching/sflock](https://github.com/hatching/sflock) Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.
- [**61**Star][1y] [C++] [intel/satt](https://github.com/intel/satt) 
- [**61**Star][1m] [Py] [ghostlulzhacks/rolljam](https://github.com/ghostlulzhacks/rolljam) rolljam
- [**61**Star][7m] [PS] [danmcinerney/msfbot](https://github.com/DanMcInerney/msfbot) WORK IN PROGRESS. Waits for MSF session then automatically gets domain admin
- [**61**Star][2m] [Py] [vysecurity/checko365](https://github.com/vysecurity/checkO365) checkO365 is a tool to check if a target domain is using O365
- [**61**Star][6m] [Java] [censorship-no-archive/ceno1](https://github.com/censorship-no-archive/ceno1) (Deprecated PoC) Innovative censorship evading technology based on p2p distributed caching network
- [**61**Star][2y] [Py] [yassergersy/sub6](https://github.com/yassergersy/sub6) Web App Scanner
- [**61**Star][1y] [C++] [yajs/nikpeviewer](https://github.com/yajs/nikpeviewer) NikPEViewer a PE viewer source code
- [**61**Star][4m] [PHP] [xplico/capanalysis](https://github.com/xplico/capanalysis) CapAnalysis source code repository
- [**61**Star][3m] [xenithlabs/rfid-workshop](https://github.com/xenithlabs/rfid-workshop) 
- [**61**Star][27d] [C] [wlach/orangutan](https://github.com/wlach/orangutan) Simulate native events on Android-like devices
- [**61**Star][10d] [TS] [wkovacs64/hibp](https://github.com/wkovacs64/hibp) A Promise-based client for the 'Have I been pwned?' service.
- [**61**Star][4m] [C] [watf-team/watf-bank](https://github.com/watf-team/watf-bank) WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS
- [**61**Star][3y] [Lua] [waffles-2/sambacry](https://github.com/waffles-2/sambacry) CVE-2017-7494 - Detection Scripts
- [**61**Star][19d] [Py] [upgoingstar/hackerone_public_reports](https://github.com/upgoingstar/hackerone_public_reports) Finds all public bug reports on reported on Hackerone
- [**61**Star][6y] [C++] [tyranid/exploitdotnetdcom](https://github.com/tyranid/exploitdotnetdcom) A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.
- [**61**Star][2y] [HTML] [trustedsec/cors-poc](https://github.com/trustedsec/cors-poc) 
- [**61**Star][8m] [Py] [trailofbits/deceptiveidn](https://github.com/trailofbits/deceptiveidn) Use computer vision to determine if an IDN can be interpreted as something it's not
- [**61**Star][4m] [Visual Basic] [thesph1nx/slickermaster-rev4](https://github.com/thesph1nx/slickermaster-rev4) NSA Hacking Tool Recreation UnitedRake
- [**61**Star][27d] [tea-deliverers/ctf-writeups](https://github.com/tea-deliverers/ctf-writeups) 
- [**61**Star][2y] [C++] [tandasat/debuglogger](https://github.com/tandasat/debuglogger) A software driver that lets you log kernel-mode debug output into a file on Windows.
- [**61**Star][4m] [C++] [t-vk/memory-hacking-class](https://github.com/t-vk/memory-hacking-class) Easy-to-use class to read and modify other processes memory.
- [**61**Star][1y] [PS] [swizzlez/invoke-enumsecuritytools](https://github.com/swizzlez/invoke-enumsecuritytools) 
- [**61**Star][11m] [C++] [strozfriedberg/ntfs-linker](https://github.com/strozfriedberg/ntfs-linker) An NTFS journal parser
- [**61**Star][10d] [Rust] [str4d/ire](https://github.com/str4d/ire) I2P router implementation in Rust
- [**61**Star][4m] [steamdatabase/undocumentedapi](https://github.com/steamdatabase/undocumentedapi) 
- [**61**Star][5y] [CoffeeScript] [sroberts/hubot-vtr-scripts](https://github.com/sroberts/hubot-vtr-scripts) Scripts for making Hubot a CND Sidekick
- [**61**Star][3y] [Py] [sirusdv/edgehttp2fuzzer](https://github.com/sirusdv/edgehttp2fuzzer) Peach Pit for HTTP/2 Targeting Microsoft Edge
- [**61**Star][2m] [Py] [simplysecurity/simplydomain](https://github.com/simplysecurity/simplydomain) Subdomain brute force focused on speed and data serialization
- [**61**Star][25d] [Py] [siberas/arpwn](https://github.com/siberas/arpwn) Analysis tools and exploit sample scripts for Adobe Reader 10/11 and Acrobat Reader DC
- [**61**Star][18d] [Java] [scriptjunkie/msfgui](https://github.com/scriptjunkie/msfgui) The Metasploit GUI
- [**61**Star][20d] [C] [saaras-io/yastack](https://github.com/saaras-io/yastack) YAStack: User-space network-stack based on DPDK, FreeBSD TCP/IP Stack, EnvoyProxy
- [**61**Star][24d] [C] [rub-syssec/antifuzz](https://github.com/rub-syssec/antifuzz) Impeding Fuzzing Audits of Binary Executables
- [**61**Star][3y] [C++] [rprichard/win32-console-docs](https://github.com/rprichard/win32-console-docs) Win32 Console Documentation -- in particular, console/standard handles and CreateProcess inheritance
- [**61**Star][4y] [Py] [rich5/harness](https://github.com/rich5/harness) Interactive remote PowerShell Payload
- [**61**Star][2m] [Java] [pnfsoftware/jeb2-androsig](https://github.com/pnfsoftware/jeb2-androsig) Android Library Code Recognition
- [**61**Star][5y] [Py] [phith0n/xdctf2015](https://github.com/phith0n/xdctf2015) writeup about XDCTF 2015
- [**61**Star][4y] [HTML] [payatu/cve-2015-6086](https://github.com/payatu/cve-2015-6086) PoC for CVE-2015-6086
- [**61**Star][15d] [Py] [paulsec/metasearch-public](https://github.com/paulsec/metasearch-public) Stop searching for sample hashes on 10 different sites.
- [**61**Star][1m] [oznu/docker-dns-ad-blocker](https://github.com/oznu/docker-dns-ad-blocker) A lightweight dnsmasq DNS server to block traffic to known ad servers with optional DNSCrypt support. Supports x86_64 and Raspberry Pi (armhf).
- [**61**Star][11d] [HCL] [opszero/auditkube](https://github.com/opszero/auditkube) Kubernetes (AWS EKS, Azure AKS, Google GKE) Terraform Modules for HIPAA/PCI/SOC2 Compliance and Cloud Security
- [**61**Star][8m] [Shell] [nviso-be/sec599](https://github.com/nviso-be/sec599) SEC599 supporting GitHub repository
- [**61**Star][5y] [C++] [null--/graviton](https://github.com/null--/graviton) Cross Platform Malware Development Framework
- [**61**Star][4m] [Py] [neonprimetime/phishingkittracker](https://github.com/neonprimetime/phishingkittracker) Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit , maintained by
- [**61**Star][6y] [PHP] [nccgroup/webfeet](https://github.com/nccgroup/webfeet) Web Filter External Enumeration Tool (WebFEET)
- [**61**Star][3y] [nanopool/claymore-xmr-cpu-miner](https://github.com/nanopool/claymore-xmr-cpu-miner) Claymore's CryptoNote Windows CPU Miner
- [**61**Star][1m] [C] [mrgeffitas/hwfwbypass](https://github.com/mrgeffitas/hwfwbypass) 
- [**61**Star][2m] [PHP] [mougrim/php-xdebug-proxy](https://github.com/mougrim/php-xdebug-proxy) PHP xdebug (dbgp) proxy server
- [**61**Star][2y] [JS] [monkeym4ster/domainfuzz](https://github.com/monkeym4ster/domainfuzz) Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
- [**61**Star][4m] [HTML] [micyo202/yan-demo](https://github.com/micyo202/yan-demo) 本项目是基于 SpringMVC+Spring+MyBatis （SSM） 架构的高效率便捷开发框架
- [**61**Star][4y] [Py] [michael-yip/maltegovt](https://github.com/michael-yip/maltegovt) A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.
- [**61**Star][2y] [PS] [mattifestation/pocsubjectinterfacepackage](https://github.com/mattifestation/pocsubjectinterfacepackage) A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
- [**61**Star][4m] [C] [marcan/rtlmic](https://github.com/marcan/rtlmic) Wireless FM microphone receiver for RTL-SDR
- [**61**Star][10d] [Py] [rogandawes/p4wnp1_nexmon_additions](https://github.com/RoganDawes/P4wnP1_nexmon_additions) 
- [**61**Star][14d] [Py] [m4sc3r4n0/spyrat](https://github.com/m4sc3r4n0/spyrat) Python Remote Access Trojan
- [**61**Star][12d] [Shell] [lanjelot/twisted-honeypots](https://github.com/lanjelot/twisted-honeypots) SSH, FTP and Telnet honeypots based on Twisted
- [**61**Star][4y] [PS] [kevin-robertson/conveigh](https://github.com/kevin-robertson/conveigh) Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool
- [**61**Star][1m] [Py] [jx-sec/jxotp](https://github.com/jx-sec/jxotp) 企业SSH登陆双因素认证系统
- [**61**Star][4m] [Py] [josephlai241/universal-reddit-scraper](https://github.com/josephlai241/universal-reddit-scraper) Scrape Subreddits, Redditors, and comments on posts. A command-line tool written in Python (PRAW).
- [**61**Star][2y] [Py] [jeremyngalloway/mod_plaintext.py](https://github.com/jeremyngalloway/mod_plaintext.py) AKA "Internet Chemotherapy"
- [**61**Star][5m] [Py] [jas502n/cve-2019-11580](https://github.com/jas502n/cve-2019-11580) CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE
- [**61**Star][12d] [Batchfile] [islamadel/bat2exe](https://github.com/islamadel/bat2exe) Automatically exported from code.google.com/p/bat2exe
- [**61**Star][12d] [Rust] [ironcorelabs/recrypt-rs](https://github.com/ironcorelabs/recrypt-rs) A set of cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.
- [**61**Star][11m] [Py] [intrinsec/comission](https://github.com/intrinsec/comission) WhiteBox CMS analysis
- [**61**Star][11d] [Vue] [idiidk/kahoot-tools](https://github.com/idiidk/kahoot-tools) A website for interacting and fucking with kahoot games.
- [**61**Star][6m] [Py] [hq6/gdbshellpipe](https://github.com/hq6/gdbshellpipe) Enable piping of internal command output to external commands
- [**61**Star][1m] [Py] [howie6879/hproxy](https://github.com/howie6879/hproxy) hproxy - Asynchronous IP proxy pool, aims to make getting proxy as convenient as possible.(异步爬虫代理池)
- [**61**Star][1m] [Py] [hasherezade/crypto_utils](https://github.com/hasherezade/crypto_utils) Set of my small utils related to cryptography, encoding, decoding etc
- [**61**Star][5y] [Py] [hamiltoniancycle/classnamedeobfuscator](https://github.com/hamiltoniancycle/classnamedeobfuscator) Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
- [**61**Star][16d] [Py] [stahlz/jqshell](https://github.com/Stahlz/JQShell) A weaponized version of CVE-2018-9206
- [**61**Star][1y] [Py] [grocid/ctf](https://github.com/grocid/ctf) 
- [**61**Star][4m] [C] [grehack/ctf-challs](https://github.com/grehack/ctf-challs) Here are the challenges (including sources) of the GreHack CTF.
- [**61**Star][1y] [Py] [graniet/operative-framework-hd](https://github.com/graniet/operative-framework-hd) operative framework HD is the digital investigation framework, you can interact with websites, email address, company, people, ip address, vulnerability fuzzing ... interact with basic/graphical view and export with XML, JSON, use database management...
- [**61**Star][9d] [C#] [gigajew/powerdropper](https://github.com/gigajew/powerdropper) App that generates PowerShell dropper scripts for .NET executables
- [**61**Star][23d] [Java] [geeksonsecurity/android-overlay-malware-example](https://github.com/geeksonsecurity/android-overlay-malware-example) Harmless Android malware using the overlay technique to steal user credentials.
- [**61**Star][30d] [C++] [finixbit/ftrace](https://github.com/finixbit/ftrace) Simple Function calls tracer
- [**61**Star][4m] [PS] [eclypsium/screwed-drivers](https://github.com/eclypsium/screwed-drivers) a centralized source of knowledge which contains a list of drivers determined to be vulnerable as well as example code for how to use this kind of functionality.
- [**61**Star][1y] [JS] [dxa4481/xssoauthpersistence](https://github.com/dxa4481/xssoauthpersistence) Maintaining account persistence via XSS and Oauth
- [**61**Star][3y] [Java] [dodola/simplesmali](https://github.com/dodola/simplesmali) 通过精简Smali语法细节来增强反编译代码阅读性，自定义了一种简单语法
- [**61**Star][2m] [Py] [disruptops/cred_scanner](https://github.com/disruptops/cred_scanner) A simple file-based scanner to look for potential AWS access and secret keys in files
- [**61**Star][2y] [Swift] [devxoul/blockchain](https://github.com/devxoul/blockchain) A blockchain simulator written in Swift
- [**61**Star][5y] [C++] [datasoft/nova](https://github.com/datasoft/nova) Repo for the Open Source version of NOVA
- [**61**Star][2y] [Py] [cybercitizen7/ps1jacker](https://github.com/cybercitizen7/Ps1jacker) Ps1jacker is a tool for generating COM Hijacking payload.
- [**61**Star][2m] [C] [coolervoid/rootstealer](https://github.com/coolervoid/rootstealer) X11 trick to inject commands on root terminal.
- [**61**Star][1y] [Py] [conix-security/btg](https://github.com/conix-security/btg) BTG's purpose is to make fast and efficient search on IOC
- [**61**Star][1m] [Go] [cloudposse/sudosh](https://github.com/cloudposse/sudosh) Shell wrapper to run a login shell with `sudo` as the current user for the purpose of audit logging
- [**61**Star][2y] [C++] [cisco-talos/thanatosdecryptor](https://github.com/cisco-talos/thanatosdecryptor) ThanatosDecryptor is an executable program that attempts to decrypt certain files encrypted by the Thanatos malware.
- [**61**Star][8m] [Py] [cifasis/nosy-newt](https://github.com/cifasis/nosy-newt) Nosy Newt is a simple concolic execution tool for exploring the input space of a binary executable program based in Triton
- [**61**Star][6m] [C] [chronic-dev/bootrom-dumper](https://github.com/chronic-dev/bootrom-dumper) Utility to Dump iPhone Bootrom
- [**61**Star][2y] [HTML] [azure/azurechestxray](https://github.com/azure/azurechestxray) Intelligent disease prediction system that can help radiologists review Chest X-rays more efficiently.
- [**61**Star][3y] [C] [arvanaghi/windows-dll-injector](https://github.com/arvanaghi/windows-dll-injector) A basic Windows DLL injector in C using CreateRemoteThread and LoadLibrary. Implemented for educational purposes.
- [**61**Star][18d] [Java] [veracode-research/actuator-testbed](https://github.com/veracode-research/actuator-testbed) A vulnerable application exposing Spring Boot Actuators
- [**61**Star][2m] [Py] [anssi-fr/audit-radius](https://github.com/anssi-fr/audit-radius) A RADIUS authentication server audit tool
- [**61**Star][10d] [C++] [angorafuzzer/libdft64](https://github.com/angorafuzzer/libdft64) libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
- [**61**Star][1y] [aliasrobotics/rsf](https://github.com/aliasrobotics/rsf) The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
- [**61**Star][12d] [Rust] [ajmwagar/merino](https://github.com/ajmwagar/merino) 
- [**61**Star][5m] [C] [abderraouf-adjal/arduinospritzcipher](https://github.com/abderraouf-adjal/arduinospritzcipher) Arduino encryption library; Spritz library for Arduino, CSPRNG, cryptographic hash and MAC functions, symmetric-key data encryption, and general-purpose functions.
- [**61**Star][3y] [abatchy17/introduction-to-manual-backdooring](https://github.com/abatchy17/introduction-to-manual-backdooring) Executables created while writing "Introduction to Manual Backdooring".
- [**61**Star][23d] [3gstudent/bitsadminexec](https://github.com/3gstudent/bitsadminexec) 利用bitsadmin 实现驻留，以及自动运行
- [**60**Star][3m] [Java] [p2p-today/p2p-project](https://github.com/p2p-today/p2p-project) A peer-to-peer networking framework to work across languages
- [**60**Star][10m] [JS] [poga/hyperfeed](https://github.com/poga/hyperfeed) decentralized rss publishing
- [**60**Star][2m] [Java] [ksahin/introwebscraping](https://github.com/ksahin/introwebscraping) Code exemple for my blog posts
- [**60**Star][4m] [VBScript] [djhohnstein/scatterbrain](https://github.com/djhohnstein/scatterbrain) Suite of Shellcode Running Utilities
- [**60**Star][4m] [TeX] [david-oswald/hwsec_lecture_notes](https://github.com/david-oswald/hwsec_lecture_notes) Lecture notes for the Hardware and Embedded Systems Security lecture
- [**60**Star][4m] [Py] [ohjeongwook/shellcodeemulator](https://github.com/ohjeongwook/shellcodeemulator) Shellcode emulator written with Unicorn
- [**60**Star][4m] [shadow-horse/cve-2019-17571](https://github.com/shadow-horse/cve-2019-17571) Apache Log4j 1.2.X存在反序列化远程代码执行漏洞
- [**60**Star][3m] [HTML] [elemental-attack/elemental](https://github.com/elemental-attack/elemental) Elemental - An ATT&CK Threat Library
- [**60**Star][11m] [Java] [pencilso/manyblue](https://github.com/pencilso/manyblue) Android 低功耗Ble 蓝牙4.0多连接 开源框架
- [**60**Star][2m] [PHP] [lorenzo/audit-stash](https://github.com/lorenzo/audit-stash) Flexible and rock solid audit log tracking for CakePHP 3
- [**60**Star][8m] [C] [openpaperwork/libpillowfight](https://github.com/openpaperwork/libpillowfight) Small library containing various image processing algorithms (+ Python 3 bindings) that has almost no dependencies -- Moved to Gnome's Gitlab
- [**60**Star][2m] [Py] [estin/pomp](https://github.com/estin/pomp) Screen scraping and web crawling framework
- [**60**Star][1m] [C] [tpm2-software/tpm2-tss-engine](https://github.com/tpm2-software/tpm2-tss-engine) OpenSSL Engine for TPM2 devices
- [**60**Star][7m] [JS] [apinf/platform](https://github.com/apinf/platform) Apinf - Open source API management platform with multi proxy and protocol support
- [**60**Star][4m] [C#] [indieteur/globalhooks](https://github.com/indieteur/globalhooks) Allows you to create global keyboard events
- [**60**Star][19d] [Java] [chuyangliu/tastysnake](https://github.com/chuyangliu/tastysnake) A two-player (Bluetooth) game on Android.
- [**60**Star][4m] [Java] [daggerok/streaming-file-server](https://github.com/daggerok/streaming-file-server) full-stack java file server with no limitation for files uploads and downloads: spring-boot + Gradle Kotlin DSL, Gradle buildSrc, postgres / h2, apache fileUpload, lombok, mustache, docker, jgiven, powermock, gradle, CI, bootstrap 4, bootstrap-filelinput, webjars, maven github-release-plugin, nginx, haproxy, reverse-proxy
- [**60**Star][15d] [hack-with-github/awesome-hacking-tools](https://github.com/hack-with-github/awesome-hacking-tools) A collection of various hacking and exploitation tools for hackers and pentesters.
- [**60**Star][30d] [JS] [hmbsbige/text_translation](https://github.com/hmbsbige/text_translation) 简体中文翻译&&一些文本
- [**60**Star][4m] [C++] [emmericp/flowscope](https://github.com/emmericp/flowscope) FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to disk on trigger events.
- [**60**Star][16d] [C] [hak5/wifipineapple-openwrt](https://github.com/hak5/wifipineapple-openwrt) OpenWrt Chaos Calmer with WiFi Pineapple NANO and TETRA board support
- [**60**Star][2m] [Kotlin] [jonatino/xena](https://github.com/jonatino/xena) Lightweight, lighting-fast Java Based Cross-Platform CSGO Cheat
- [**60**Star][11d] [Py] [pomo-mondreganto/forcad](https://github.com/pomo-mondreganto/forcad) Pure-python distributable Attack-Defence CTF platform, created to be easily set up.
- [**60**Star][1m] [C++] [xfgryujk/cheatingtutorial](https://github.com/xfgryujk/cheatingtutorial) 一个游戏修改器制作教程的例程
- [**60**Star][3m] [Java] [gat3way/airpirate](https://github.com/gat3way/airpirate) Android 802.11 pentesting tool
- [**60**Star][2m] [Go] [giuliocomi/backoori](https://github.com/giuliocomi/backoori) Tool aided persistence via Windows URI schemes abuse
- [**60**Star][25d] [PHP] [x-o-r-r-o/php-webshells-collection](https://github.com/x-o-r-r-o/php-webshells-collection) Most Wanted Private and Public PHP Web Shells Can Be Downloaded Here. (Educational Purpose Only)
- [**60**Star][28d] [lucasgdb/useful-dev-tools](https://github.com/lucasgdb/useful-dev-tools) 
- [**60**Star][12d] [Rust] [scipr-lab/poly-commit](https://github.com/scipr-lab/poly-commit) A Rust library for polynomial commitments
- [**60**Star][17d] [C] [thibault-69/rat-hodin-v2.9](https://github.com/Thibault-69/RAT-Hodin-v2.9) Remote Administration Tool for Linux
- [**60**Star][2y] [C] [samuelpowell/cx10-fnrf](https://github.com/samuelpowell/CX10-FNRF) Cheerson CX10 rate mode firmware with integrated RF
- [**60**Star][26d] [pegasuslab/pegasusteam](https://github.com/PegasusLab/PegasusTeam) PegasusTeam is a group that focuses on WLAN security and Wi-Fi Pentesting.
- [**60**Star][30d] [Makefile] [genuinetools/upmail](https://github.com/genuinetools/upmail) Email notification hook for
- [**60**Star][20d] [Ruby] [hammackj/risu](https://github.com/hammackj/risu) Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
- [**60**Star][4m] [Ruby] [zombiecraig/c0f](https://github.com/zombiecraig/c0f) CAN of Fingers (c0f) creates passive fingerprints of Make and Model over CAN bus
- [**60**Star][2y] [C] [zhechkoz/pwin](https://github.com/zhechkoz/pwin) Security Evaluation of Dynamic Binary Instrumentation Engines
- [**60**Star][5m] [Java] [zd2100/pscout](https://github.com/zd2100/pscout) 
- [**60**Star][5m] [Rust] [zcash-hackworks/sapling-crypto](https://github.com/zcash-hackworks/sapling-crypto) Zcash "Sapling" cryptography
- [**60**Star][1m] [Py] [yenchenlin/rl-attack-detection](https://github.com/yenchenlin/rl-attack-detection) Code for "Detecting Adversarial Attacks on Neural Network Policies with Visual Foresight"
- [**60**Star][12d] [C++] [yandex/argon2](https://github.com/yandex/argon2) Implementation of argon2 (i, d, id) algorithms with CPU dispatching
- [**60**Star][10m] [Assembly] [xyzz/ghidra-mep](https://github.com/xyzz/ghidra-mep) Toshiba MeP processor module for GHIDRA
- [**60**Star][2y] [C#] [wledfor2/playhooky](https://github.com/wledfor2/playhooky) C# Runtime Hooking Library for .NET/Mono/Unity.
- [**60**Star][12d] [wangyihang/awesome-web-security](https://github.com/wangyihang/awesome-web-security) Awesome Web Security
- [**60**Star][4m] [Py] [w181496/ctf](https://github.com/w181496/ctf) My CTF writeups
- [**60**Star][3y] [Py] [vivami/ms17-010](https://github.com/vivami/ms17-010) MS17-010
- [**60**Star][3m] [tyranid/infosec-presentations](https://github.com/tyranid/infosec-presentations) A repository of previous info-sec presentations I've presented.
- [**60**Star][9m] [PHP] [tuurlijk/typo3scan](https://github.com/tuurlijk/typo3scan) Scans TYPO3 extensions for usage of deprecated and or changed code
- [**60**Star][3y] [Py] [tmr232/idabuddy](https://github.com/tmr232/idabuddy)  a reverse-engineer's best friend. Designed to be everything Clippy the Office Assistant was, and more!
- [**60**Star][3y] [Shell] [tanprathan/fridpa](https://github.com/tanprathan/fridpa) An automated wrapper script for patching iOS applications (IPA files) and work on non-jailbroken device
- [**60**Star][5m] [Py] [superhuahua/xunfenges](https://github.com/superhuahua/xunfenges) 
- [**60**Star][6m] [Objective-C++] [steven-michaud/reverse-engineering-on-osx](https://github.com/steven-michaud/reverse-engineering-on-osx) Reverse Engineering on OS X
- [**60**Star][27d] [C] [sslab-gatech/perf-fuzz](https://github.com/sslab-gatech/perf-fuzz) 
- [**60**Star][2y] [C] [sourceincite/cve-2018-8440](https://github.com/sourceincite/cve-2018-8440) CVE-2018-8440 standalone exploit
- [**60**Star][4m] [PHP] [slangji/wp-missed-schedule](https://github.com/slangji/wp-missed-schedule) Find only missed schedule posts, every 15 minutes, and republish correctly 10 items each session. The Original plugin (only this) no longer available on WordPress.org for explicit author request! Compatible with WP 2.1+ to 4.9+ and 5.0-beta3 (100.000+ installs 300.000+ downloads 2016-04-13) Please: do not install unauthorized malware cloned forked!
- [**60**Star][10d] [C++] [rwfpl/rewolf-msi-exploit](https://github.com/rwfpl/rewolf-msi-exploit) MSI NTIOLib/WinIO Local Privilege Escalation exploit
- [**60**Star][5m] [C#] [rvrsh3ll/sharpexcel4-dcom](https://github.com/rvrsh3ll/sharpexcel4-dcom) Port of Invoke-Excel4DCOM
- [**60**Star][4m] [OCaml] [rolfrolles/pandemicml](https://github.com/rolfrolles/pandemicml) Pandemic binary program analysis framework in OCaml (abandoned)
- [**60**Star][2m] [Py] [roberteldersoftware/roberteldersoftwarediff](https://github.com/roberteldersoftware/roberteldersoftwarediff) 
- [**60**Star][2m] [C] [robertdavidgraham/cve-2015-5477](https://github.com/robertdavidgraham/cve-2015-5477) PoC exploit for CVE-2015-5477 BIND9 TKEY assertion failure
- [**60**Star][4m] [C] [respeak/ts3hook](https://github.com/respeak/ts3hook) Teamspeak 3 Hook
- [**60**Star][4y] [rehints/windbg](https://github.com/rehints/windbg) 
- [**60**Star][5m] [JS] [rastating/xss-chef](https://github.com/rastating/xss-chef) A web application for generating custom XSS payloads
- [**60**Star][2m] [Arduino] [randdruid/esp8266-deauth2](https://github.com/randdruid/esp8266-deauth2) Deauthentication attack with two ESP8266 modules
- [**60**Star][29d] [Haskell] [raaz-crypto/raaz](https://github.com/raaz-crypto/raaz) Cryptographic library for Haskell
- [**60**Star][4m] [C] [qssec/hades-lite](https://github.com/qssec/hades-lite) Hades-lite 青松云安全开源的一个内核级 Anti-ddos 的驱动程序，轻量且高效，构建高性能代理防御，单机可抵御7Gb DDoS攻击
- [**60**Star][12d] [C] [pymumu/jail-shell](https://github.com/pymumu/jail-shell) Jail-shell is a linux security tool mainly using chroot, namespaces technologies, limiting users to perform specific commands, and access sepcific directories.
- [**60**Star][2m] [Py] [pirate/mesh-botnet](https://github.com/pirate/mesh-botnet) 
- [**60**Star][3y] [Shell] [p292/nackered](https://github.com/p292/nackered) This is a bash script to bypass 802.1x NAC
- [**60**Star][6m] [Py] [openpaperwork/pyinsane](https://github.com/openpaperwork/pyinsane) Python library to access and use image scanners (Linux/Windows/etc) (Sane/WIA) -- Moved to Gnome's Gitlab
- [**60**Star][5m] [Py] [offensivepython/sniffy](https://github.com/offensivepython/sniffy) A Simple network sniffer implemented on Python 3
- [**60**Star][4m] [C#] [nyan-x-cat/limeusb-csharp](https://github.com/nyan-x-cat/limeusb-csharp) Malware USB Spread | Example C#
- [**60**Star][1y] [Py] [nwmonster/applysig](https://github.com/nwmonster/applysig) Apply IDA FLIRT signatures for Ghidra
- [**60**Star][2m] [Java] [nikolamilosevic86/owasp-seraphimdroid](https://github.com/nikolamilosevic86/owasp-seraphimdroid) OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
- [**60**Star][27d] [Py] [newlog/exploiting](https://github.com/newlog/exploiting) Stuff you might use when exploiting software
- [**60**Star][17d] [Java] [netflix/iep](https://github.com/netflix/iep) Insight Engineering Platform Components
- [**60**Star][3m] [Go] [nebulouslabs/entropy-mnemonics](https://github.com/nebulouslabs/entropy-mnemonics) Human readable entropy.
- [**60**Star][11d] [Py] [narbehaj/ssl-checker](https://github.com/narbehaj/ssl-checker) Python script that collects SSL information from hosts
- [**60**Star][13d] [mrash/afl-cve](https://github.com/mrash/afl-cve) A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz)
- [**60**Star][13d] [Java] [modzero/modjoda](https://github.com/modzero/modjoda) Java Object Deserialization on Android
- [**60**Star][4m] [C++] [mireado/ithvnr](https://github.com/mireado/ithvnr) feature/engine update for ITHVNR
- [**60**Star][2y] [Visual Basic .NET] [mgeeky/robustpentestmacro](https://github.com/mgeeky/robustpentestmacro) This is a rich-featured Visual Basic macro code for use during Penetration Testing assignments, implementing various advanced post-exploitation techniques.
- [**60**Star][4m] [Py] [mavenlin/dll_wrapper_gen](https://github.com/mavenlin/dll_wrapper_gen) Automatic generation of Dll wrapper for both 32 bit and 64 bit Dll
- [**60**Star][2m] [C++] [markhc/windbg_to_c](https://github.com/markhc/windbg_to_c) Translates WinDbg "dt" structure dump to a C structure
- [**60**Star][10m] [mandiant/openioc_1.1](https://github.com/mandiant/openioc_1.1) 
- [**60**Star][6y] [C++] [malwaretech/uacelevator](https://github.com/malwaretech/uacelevator) Passive UAC elevation using dll infection
- [**60**Star][1m] [Py] [malwarelu/tools](https://github.com/malwarelu/tools) Malware.lu tools
- [**60**Star][11d] [CoffeeScript] [lupino/shadowsocks-gui](https://github.com/lupino/shadowsocks-gui) Shadowsocks GUI client
- [**60**Star][10m] [Py] [lion-gu/ioc-explorer](https://github.com/lion-gu/ioc-explorer) Explore Indicators of Compromise Automatically
- [**60**Star][13d] [Py] [linuxacademy/la-aws-security_specialty](https://github.com/linuxacademy/la-aws-security_specialty) Learning Activities for the AWS Security Specialty Course
- [**60**Star][12d] [krisives/d2s-format](https://github.com/krisives/d2s-format) Diablo II Save File Format (.d2s format)
- [**60**Star][2m] [ObjC] [kpwn/vpwn](https://github.com/kpwn/vpwn) xnu local privilege escalation via cve-2015-1140 IOHIDSecurePromptClient injectStringGated heap overflow | poc||gtfo
- [**60**Star][12d] [Ruby] [kobaltz/clamby](https://github.com/kobaltz/clamby) ClamAV interface to your Ruby on Rails project.
- [**60**Star][2y] [C++] [jmasterx/agui](https://github.com/jmasterx/agui) C++ GUI API Aimed at Games
- [**60**Star][14d] [Go] [jgrahamc/torhoney](https://github.com/jgrahamc/torhoney) Gets the list of TOR exit nodes and matches them with Project Honeypot data
- [**60**Star][1y] [JS] [jbuck/input.js](https://github.com/jbuck/input.js) Input.js is a JavaScript library to map controller and OS-specific USB enumerations provided by the Gamepad API in Mozilla Firefox to an ideal virtual gamepad.
- [**60**Star][16d] [C++] [jaybosamiya/busysteg](https://github.com/jaybosamiya/busysteg) 
- [**60**Star][4m] [Swift] [jasonnam/navajo-swift](https://github.com/jasonnam/navajo-swift) Password Validator & Strength Evaluator
- [**60**Star][4y] [C] [hoshimin/enjoythering0](https://github.com/hoshimin/enjoythering0) Шаблон полнофункционального драйвера и обёртки над ядерным API
- [**60**Star][7m] [Py] [hood3drob1n/cve-2016-3714](https://github.com/hood3drob1n/cve-2016-3714) ImaegMagick Code Execution (CVE-2016-3714)
- [**60**Star][3m] [C] [honeynet/ghost-usb-honeypot](https://github.com/honeynet/ghost-usb-honeypot) A honeypot for malware that propagates via USB storage devices
- [**60**Star][3y] [C++] [hasherezade/mypintools](https://github.com/hasherezade/mypintools) Tools to run with Intel PIN
- [**60**Star][17d] [gy-games/shield](https://github.com/gy-games/shield) 基于Strom的日志实时流量分析主动防御(CCFirewall)系统
- [**60**Star][11m] [PS] [gnieboer/gnuradio_windows_build_scripts](https://github.com/gnieboer/gnuradio_windows_build_scripts) A series of Powershell scripts to automatically download, build from source, and install GNURadio and -all- it's dependencies as 64-bit native binaries then package as an msi using Visual Studio 2015
- [**60**Star][23d] [Shell] [ge0rg/samsung-nx-hacks](https://github.com/ge0rg/samsung-nx-hacks) Firmware Hacks for the Linux-based Samsung NX mirrorless camera models (NX300, NX2000, ???)
- [**60**Star][9y] [Py] [gdssecurity/sqlbrute](https://github.com/gdssecurity/sqlbrute) SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities.
- [**60**Star][2m] [C] [freewaf/waf-pe](https://github.com/freewaf/waf-pe) Open Source Web Application Firewall Protection Engine
- [**60**Star][2y] [C++] [fjh658/hexrayscodexplorer](https://github.com/fjh658/hexrayscodexplorer) Hex-Rays Decompiler plugin for better code navigation. Add support ida7.0/7.1/7.2 for macOS
- [**60**Star][5y] [PHP] [filetofirewall/fof](https://github.com/filetofirewall/fof) Filet-O-Firewall Vulnerability PoC
- [**60**Star][11d] [Nim] [federicoceratto/nim-httpauth](https://github.com/federicoceratto/nim-httpauth) HTTP Authentication library for Nim
- [**60**Star][3m] [Py] [eykd/owyl](https://github.com/eykd/owyl) A python behavior tree for implementing fast and flexible AI.
- [**60**Star][3m] [Go] [evilsocket/ftrace](https://github.com/evilsocket/ftrace) Go library to trace Linux syscalls using the FTRACE kernel framework.
- [**60**Star][1y] [HTML] [dustyfresh/honeypress](https://github.com/dustyfresh/honeypress) python based WordPress honeypot in a docker container
- [**60**Star][4y] [Py] [dotcppfile/serbot](https://github.com/dotcppfile/serbot) Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python
- [**60**Star][21d] [Perl] [dnsmichi/manubulon-snmp](https://github.com/dnsmichi/manubulon-snmp) Set of Icinga/Nagios plugins to check hosts and hardware with the SNMP protocol.
- [**60**Star][1y] [Py] [destine21/zipfileraider](https://github.com/destine21/zipfileraider) ZIP File Raider - Burp Extension for ZIP File Payload Testing
- [**60**Star][2m] [HTML] [daxio/k8s-lemp](https://github.com/daxio/k8s-lemp) LEMP stack in a Kubernetes cluster
- [**60**Star][12d] [Py] [cortesi/mitmproxy](https://github.com/cortesi/mitmproxy) An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
- [**60**Star][2y] [JS] [coincoin7/wireless-router-vulnerability](https://github.com/coincoin7/wireless-router-vulnerability) Vulnerability and exploiting
- [**60**Star][3m] [C] [cisco-talos/locky](https://github.com/cisco-talos/locky) 
- [**60**Star][4m] [Batchfile] [chef-koch/chromium-hardening](https://github.com/chef-koch/chromium-hardening) Hardens Chrome & Chromium based Browsers
- [**60**Star][6y] [Py] [bwall/extracthosts](https://github.com/bwall/extracthosts) Extracts hosts (IP/Hostnames) from files
- [**60**Star][3y] [DTrace] [brendangregg/dtrace-tools](https://github.com/brendangregg/dtrace-tools) DTrace tools for FreeBSD
- [**60**Star][2y] [Py] [blackholesec/wifigod](https://github.com/blackholesec/wifigod) Wireless Security Testing v1.5
- [**60**Star][10d] [Py] [bbva/apicheck](https://github.com/bbva/apicheck) The DevSecOps toolset for REST APIs
- [**60**Star][29d] [Py] [azure-samples/python-docs-hello-world](https://github.com/azure-samples/python-docs-hello-world) A simple python application for docs
- [**60**Star][4y] [Batchfile] [ayra/zipbomb](https://github.com/ayra/zipbomb) About an old technology that still screws up some anti virus software
- [**60**Star][4m] [Java] [appsecco/vyapi](https://github.com/appsecco/vyapi) VyAPI - A cloud based vulnerable hybrid Android App
- [**60**Star][1m] [annsec/awesome-cybersecurity](https://github.com/annsec/awesome-cybersecurity) Curated list of awesome cybersecurity companies and solutions.
- [**60**Star][14d] [Shell] [xwmx/hosts](https://github.com/xwmx/hosts) A command line hosts file editor in a single portable script.
- [**60**Star][3m] [Shell] [abhisek/pwnworks](https://github.com/abhisek/pwnworks) Exploitation challenges for CTF
- [**59**Star][10d] [C] [noptrix/lulzbuster](https://github.com/noptrix/lulzbuster) A very fast and smart web directory and file enumeration tool written in C.
- [**59**Star][1m] [Py] [sailay1996/tokenx_privesc](https://github.com/sailay1996/tokenx_privesc) with metasploit
- [**59**Star][30d] [mengtingwan/bittersweet-phd](https://github.com/mengtingwan/bittersweet-phd) useful technical tips I wish I knew earlier in my phd life (latex, python/R visualization, web crawling/scraping, etc.)
- [**59**Star][23d] [bhanupratapys/dnswarden](https://github.com/bhanupratapys/dnswarden) Adblocking dns, Uncensored dns server and Adult-filter dns. Supports Dns-over-TLS , Dns-over-HTTPS and DNSCrypt with DNSSEC enabled and no logging.
- [**59**Star][2y] [Py] [dfdeshom/scrapy-kafka](https://github.com/dfdeshom/scrapy-kafka) Kafka-based components for Scrapy
- [**59**Star][1m] [JS] [ahhh/gscripts](https://github.com/ahhh/gscripts) A repo full of example gscripts
- [**59**Star][12d] [C++] [philipperemy/easy-encryption](https://github.com/philipperemy/easy-encryption) A very simple C++ module to encrypt/decrypt strings based on B64 and Vigenere ciper.
- [**59**Star][6m] [ObjC] [cityleaf/lypaymentfield](https://github.com/cityleaf/lypaymentfield) 多种风格的支付框控件，可定制加密图片，也可使用带动画的弹窗。A variety of styles of payment box controls can be customized to encrypt pictures, can also be used with animated alert.
- [**59**Star][16d] [TS] [rvhuang/pathfinding-lab](https://github.com/rvhuang/pathfinding-lab) Run, test and compare all algorithms and heuristic functions
- [**59**Star][2m] [JS] [nodertc/dtls](https://github.com/nodertc/dtls) Datagram Transport Layer Security (DTLS) client.
- [**59**Star][11m] [Elixir] [verypossible-labs/harald](https://github.com/verypossible-labs/harald) An Elixir Bluetooth Host library.
- [**59**Star][10d] [C++] [bloodstalker/mutator](https://github.com/bloodstalker/mutator) mutator is an experimental suite of tools aimed at analysis and automation of C/C++ code development
- [**59**Star][8d] [Py] [emilyedna/ss-ssr-v2ray](https://github.com/emilyedna/ss-ssr-v2ray) SS-SSR-V2RAY 订阅
- [**59**Star][3m] [C] [pannous/xipher](https://github.com/pannous/xipher) 
- [**59**Star][29d] [Java] [alexliusheng/easybluetoothframe](https://github.com/alexliusheng/easybluetoothframe) 经典（传统）蓝牙快速开发框架，A fast develop frame of classic bluetooth
- [**59**Star][18d] [Py] [51j0/android-certkiller](https://github.com/51j0/android-certkiller) Script to Bypass SSL/Certificate Pinning in Android
- [**59**Star][13d] [Elixir] [voltone/x509](https://github.com/voltone/x509) Elixir package for working with X.509 certificates, Certificate Signing Requests (CSRs), Certificate Revocation Lists (CRLs) and RSA/ECC key pairs
- [**59**Star][10d] [Py] [th3unkn0n/osi.ig](https://github.com/th3unkn0n/osi.ig) Information Gathering Instagram.
- [**59**Star][10d] [zscdumin/vpn](https://github.com/zscdumin/vpn) ShadowSocks 翻墙
- [**59**Star][4m] [Swift] [chengluffy/shadowsocksfree](https://github.com/chengluffy/shadowsocksfree) Try Yourself.
- [**59**Star][1m] [JS] [pownjs/pown-cdb](https://github.com/pownjs/pown-cdb) Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP requests and responses.
- [**59**Star][14d] [Py] [frida/frida-tools](https://github.com/frida/frida-tools) Frida CLI tools
- [**59**Star][28d] [C] [buserror/minifs](https://github.com/buserror/minifs) minifs is a linux distribution maker to create very tight & compact monolithic firmwares
- [**59**Star][5m] [JS] [shadowsocks/shadowsocks-restful-api](https://github.com/shadowsocks/shadowsocks-restful-api) Secure, reliable, standard restful api for managing shadowsocks-libev
- [**59**Star][1y] [C++] [mozillasecurity/libfuzzer-python-bridge](https://github.com/mozillasecurity/libfuzzer-python-bridge) A Python3 bridge for implementing custom libFuzzer mutators
- [**59**Star][1m] [Py] [rabbitmask/weblogicscanserver](https://github.com/rabbitmask/weblogicscanserver) 开启WeblogicScanV3.*系列，采用Server部署，支持远程Weblogic漏洞扫描
- [**59**Star][27d] [MATLAB] [seemoo-lab/mobisys2018_nexmon_channel_state_information_extractor](https://github.com/seemoo-lab/mobisys2018_nexmon_channel_state_information_extractor) Example project for extracting channel state information of up to 80 MHz wide 802.11ac Wi-Fi transmissions using the BCM4339 Wi-Fi chip of Nexus 5 smartphones.
- [**59**Star][4m] [JS] [doctormckay/node-globaloffensive](https://github.com/doctormckay/node-globaloffensive) A Node.js module to connect to and interact with the CS:GO game coordinator. Mostly used to get item data.
- [**59**Star][1m] [PS] [nickrod518/create-exefromps1](https://github.com/nickrod518/create-exefromps1) Takes one PowerShell script and any number of supplementary files or even a directory and creates an exe using Windows's built in iexpress program. The exe will run on any machine with PowerShell 2.0+.
- [**59**Star][2m] [Py] [test-pipeline/orthrus](https://github.com/test-pipeline/orthrus) A tool to manage, conduct, and assess dictionary-based fuzz testing
- [**59**Star][2m] [C++] [vlad-tri/cve-2019-1132](https://github.com/vlad-tri/cve-2019-1132) EoP POC for CVE-2019-1132
- [**59**Star][1m] [C] [resilar/crchack](https://github.com/resilar/crchack) Reversing CRC for fun and profit
- [**59**Star][17d] [Py] [packettotal/honeybot](https://github.com/PacketTotal/HoneyBot) Capture, upload and analyze network traffic; powered by PacketTotal.com.
- [**59**Star][2m] [Py] [k4yt3x/defense-matrix](https://github.com/k4yt3x/defense-matrix) Express security essentials deployment for Linux Servers
- [**59**Star][1m] [Py] [gh0stkey/jsonandhttpp](https://github.com/gh0stkey/JSONandHTTPP) Burp Suite Plugin to convert the json text that returns the body into HTTP request parameters.
- [**59**Star][4m] [imfht/scansql](https://github.com/imfht/ScanSql) 利用sqlmap和URL去重的爬虫写的一个大规模扫描的脚本
- [**59**Star][5y] [JS] [auth0-blog/react-flux-debug-actions-sample](https://github.com/auth0-blog/react-flux-debug-actions-sample) This repository shows how you can use Flux actions to reproduce your user's issues in your own browser
- [**59**Star][2m] [JS] [auth0-samples/auth0-sso-dashboard](https://github.com/auth0-samples/auth0-sso-dashboard) [DEPRECATED] App Single Sign On Dashboard using Auth0
- [**59**Star][1m] [JS] [yusukeshibata/express-fingerprint](https://github.com/yusukeshibata/express-fingerprint) Server-side fingerprinting
- [**59**Star][3y] [JS] [xtr4nge/fruityc2-client](https://github.com/xtr4nge/fruityc2-client) FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines. Agents are managed from a web interface under the control of an operator.
- [**59**Star][4y] [PS] [xorrior/emailraider](https://github.com/xorrior/emailraider) Powershell MS Outlook enumeration and phishing tool
- [**59**Star][10m] [Shell] [wuseman/wbruter](https://github.com/wuseman/wbruter) Crack your non-rooted android device pin code with 100% guarantee aslong as usb debugging has been enable. Wbruter also has support for parallel ssh brute forcing via pssh
- [**59**Star][6m] [Ruby] [wuntee/androidaudittools](https://github.com/wuntee/androidaudittools) 
- [**59**Star][5m] [CSS] [wizardforcel/sploitfun-linux-x86-exp-tut-zh](https://github.com/wizardforcel/sploitfun-linux-x86-exp-tut-zh) 
- [**59**Star][4m] [C] [winbagility/winbagility](https://github.com/winbagility/winbagility) [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;
- [**59**Star][7m] [Py] [williballenthin/idawilli](https://github.com/williballenthin/idawilli) IDA Pro resources, scripts, and configurations
    - [hint_calls](https://github.com/williballenthin/idawilli/blob/master/plugins/hint_calls/readme.md) IDA plugin to display the calls and strings referenced by a function as hints.
    - [dynamic_hints](https://github.com/williballenthin/idawilli/blob/master/plugins/dynamic_hints/readme.md) an example plugin that demonstrates how to provide custom hints with dynamic data.
    - [add_segment](https://github.com/williballenthin/idawilli/tree/master/scripts/add_segment) IDAPython plugin that adds the contents of a file as a new segment in an existing idb
    - [color](https://github.com/williballenthin/idawilli/tree/master/scripts/color) IDAPython script that colors instructions
    - [find_ptrs](https://github.com/williballenthin/idawilli/tree/master/scripts/find_ptrs) IDAPython script that scans through the .text section for values that could be pointers (32-bit).
    - [yara_fn](https://github.com/williballenthin/idawilli/tree/master/scripts/yara_fn) IDAPython script that generates a YARA rule to match against the basic blocks of the current function
    - [idawilli](https://github.com/williballenthin/idawilli/tree/master/idawilli) a python module that contains utilities for working with the idapython scripting interface.
    - [themes](https://github.com/williballenthin/idawilli/tree/master/themes) colors and skins
- [**59**Star][1m] [Shell] [wh1t3rh1n0/ssh-phone-home](https://github.com/wh1t3rh1n0/ssh-phone-home) Pentest dropbox setup scripts for Kali Linux
- [**59**Star][2y] [Py] [warflop/whoisleak](https://github.com/warflop/whoisleak) This tool queries the emails that registered the domain and verifies if they were leaked in some data leak.
- [**59**Star][10m] [C++] [walkingcat/symdiff](https://github.com/walkingcat/symdiff) Diff tool for comparing symbols in PDB files
- [**59**Star][4m] [Java] [vulnerscom/burp-dirbuster](https://github.com/vulnerscom/burp-dirbuster) Dirbuster plugin for Burp Suite
- [**59**Star][1y] [Py] [s0md3v/infinity](https://github.com/ultimatehackers/infinity) Infinity can get phone numbers from facebook accounts with some maths and shit.
- [**59**Star][26d] [Py] [tuxsh/firmtool](https://github.com/tuxsh/firmtool) A tool to parse, extract, and builds 3DS firmware files
- [**59**Star][2y] [Py] [tiaotiaolong/ttlscan](https://github.com/tiaotiaolong/ttlscan) 一款简易的插件化的漏洞扫描器框架
- [**59**Star][1y] [Py] [thom-s/httphish](https://github.com/thom-s/httphish) Quickly clone a website and launch an HTTP server to phish information with httphish.py
- [**59**Star][15d] [Ruby] [tduehr/buby](https://github.com/tduehr/buby) A JRuby implementation of the BurpExtender interface for PortSwigger Burp Suite.
- [**59**Star][4m] [Py] [tcpiplab/web-app-hacking-notes](https://github.com/tcpiplab/web-app-hacking-notes) Notes I've taken while working through various web app pentesting labs.
- [**59**Star][10m] [Shell] [tapio/nautilus-git-scripts](https://github.com/tapio/nautilus-git-scripts) Nautilus scripts for interacting with a Git repository.
- [**59**Star][3m] [Java] [strazzere/dehoser](https://github.com/strazzere/dehoser) Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header
- [**59**Star][3m] [Py] [snowflakedb/snowalert](https://github.com/snowflakedb/snowalert) Security Analytics Using The Snowflake Data Warehouse
- [**59**Star][4m] [Shell] [securityriskadvisors/talr](https://github.com/securityriskadvisors/talr) Threat Alert Logic Repository
- [**59**Star][3m] [Verilog] [scarv/xcrypto](https://github.com/scarv/xcrypto) XCrypto: a cryptographic ISE for RISC-V
- [**59**Star][2m] [Kotlin] [sawankumarbundelkhandi/edge_detection](https://github.com/sawankumarbundelkhandi/edge_detection) This is a flutter plugin to detect edges in a live camera, take the picture of detected edges object, crop it and save.
- [**59**Star][5m] [rub-nds/johnny-you-are-fired](https://github.com/rub-nds/johnny-you-are-fired) Artifacts for the USENIX publication.
- [**59**Star][10d] [humblelad/shodan-dorks](https://github.com/humblelad/Shodan-Dorks) Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
- [**59**Star][12d] [Java] [righettod/virtualhost-payload-generator](https://github.com/righettod/virtualhost-payload-generator) BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolution.
- [**59**Star][26d] [C] [rgerganov/nfqsed](https://github.com/rgerganov/nfqsed) Modify network traffic with netfilter_queue
- [**59**Star][30d] [reabout/datacon](https://github.com/reabout/datacon) datacon比赛方向三-攻击源与攻击者分析writeup
- [**59**Star][12d] [Shell] [r0hi7/tortipi](https://github.com/r0hi7/tortipi) Tor based Raspberry π hotspot
- [**59**Star][4m] [Py] [quarkslab/lldbagility](https://github.com/quarkslab/lldbagility) A tool for debugging macOS virtual machines
- [**59**Star][1y] [JS] [pownjs/pown-proxy](https://github.com/pownjs/pown-proxy) Pown Proxy is a versatile web application security testing proxy with cool TUI features.
- [**59**Star][15d] [C] [poliva/dexinfo](https://github.com/poliva/dexinfo) A very rudimentary Android DEX file parser
- [**59**Star][2y] [HTML] [octosavvi/espkey](https://github.com/octosavvi/espkey) Wiegand data logger, replay device and micro door-controller
- [**59**Star][11d] [ntdiff/headers](https://github.com/ntdiff/headers) 
- [**59**Star][23d] [C] [nsacyber/netman](https://github.com/nsacyber/netman) A userland network manager with monitoring and limiting capabilities for macOS. #nsacyber
- [**59**Star][3y] [PS] [nettitude/powershell](https://github.com/nettitude/powershell) 
- [**59**Star][1m] [C] [mwpcheung/ssl-kill-switch2](https://github.com/mwpcheung/ssl-kill-switch2) Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
- [**59**Star][4m] [Java] [mozilla/zest](https://github.com/mozilla/zest) 
- [**59**Star][2m] [C] [mikeryan/uberducky](https://github.com/mikeryan/uberducky) 将Ubertooth转换为通过BLE触发的无线USB橡皮鸭
- [**59**Star][1m] [JS] [maltek/swift-frida](https://github.com/maltek/swift-frida) Frida library for interacting with Swift programs.
- [**59**Star][16d] [C] [leoetlino/botw-re-notes](https://github.com/leoetlino/botw-re-notes) Reverse engineering notes and tools for The Legend of Zelda: Breath of the Wild
- [**59**Star][1m] [Shell] [laserbat/vpnify](https://github.com/laserbat/vpnify) vpnify - transparently route traffic of a process through VPN
- [**59**Star][4m] [Java] [kxcode/jndi-exploit-bypass-demo](https://github.com/kxcode/jndi-exploit-bypass-demo) Demo code for post <Restrictions of JNDI Manipulation RCE & Bypass>
- [**59**Star][12m] [C#] [klionsec/bypassav-allthings](https://github.com/klionsec/bypassav-allthings) 
- [**59**Star][4m] [Py] [keeper-security/commander](https://github.com/keeper-security/commander) Keeper Commander
- [**59**Star][4y] [C] [k2/admmutate](https://github.com/k2/admmutate) Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others
- [**59**Star][6m] [Go] [jijinggang/golocproxy](https://github.com/jijinggang/golocproxy) 轻量级超强反向代理软件，用go语言开发，通过公共可知的服务器端口代理，把局域网内任何主机的本地服务发布给局域网外的用户，可用来跨越各种防火墙。
- [**59**Star][2y] [C] [jas502n/ubuntu-0day](https://github.com/jas502n/ubuntu-0day) all 4.4 ubuntu aws instances are vulnerable
- [**59**Star][6m] [Py] [jas502n/cve-2019-6340](https://github.com/jas502n/cve-2019-6340) Drupal8's REST RCE, SA-CORE-2019-003, CVE-2019-6340
- [**59**Star][2y] [Py] [jas502n/cve-2018-3191](https://github.com/jas502n/cve-2018-3191) Weblogic-CVE-2018-3191远程代码命令执行漏洞
- [**59**Star][10d] [Jupyter Notebook] [instapy/instapy-research](https://github.com/instapy/instapy-research) 
- [**59**Star][4y] [C] [infosecguerrilla/reflectivesoinjection](https://github.com/infosecguerrilla/reflectivesoinjection) Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
- [**59**Star][4y] [hduffddybz/linux_websites](https://github.com/hduffddybz/linux_websites) Commonly used kernel hacking site
- [**59**Star][4m] [Go] [hashmatter/p3lib](https://github.com/hashmatter/p3lib) privacy preserving primitives and protocols (p3) for routing and messaging in P2P networks
- [**59**Star][16d] [C#] [guardicore/azure_password_harvesting](https://github.com/guardicore/azure_password_harvesting) Plaintext Password harvesting from Azure Windows VMs
- [**59**Star][3m] [JS] [gattermeier/nodejs-virus](https://github.com/gattermeier/nodejs-virus) A Node.js Proof of Concept Virus
- [**59**Star][2y] [Py] [flo354/androick](https://github.com/flo354/androick) 
- [**59**Star][17d] [C++] [fireeye/unicorn-libemu-shim](https://github.com/fireeye/unicorn-libemu-shim) libemu shim layer and win32 environment for Unicorn Engine
- [**59**Star][14d] [Py] [ezelf/f5_cookieleaks](https://github.com/ezelf/f5_cookieleaks) Decode the cookies set by balancer F5, and disclousure all pool ip
- [**59**Star][4m] [Java] [exalab/anlinux-adfree](https://github.com/exalab/anlinux-adfree) AnLinux, Ad free version.
- [**59**Star][5m] [JS] [evyatarmeged/humanoid](https://github.com/evyatarmeged/humanoid) Node.js package to bypass CloudFlare's anti-bot JavaScript challenges
- [**59**Star][18d] [C#] [ericzimmerman/bstrings](https://github.com/ericzimmerman/bstrings) A better strings utility!
- [**59**Star][30d] [JS] [enovella/androidtrainings](https://github.com/enovella/androidtrainings) Mobile security trainings based on android
- [**59**Star][1y] [C] [depletionmode/wsipc](https://github.com/depletionmode/wsipc) Working Set Page Cache side-channel IPC PoC
- [**59**Star][1m] [PHP] [cspf-founder/btslab](https://github.com/cspf-founder/btslab) Vulnerable web application
- [**59**Star][9y] [C++] [cr4sh/drvhide-poc](https://github.com/cr4sh/drvhide-poc) Hidden kernel mode code execution for bypassing modern anti-rootkits.
- [**59**Star][14d] [TS] [conversationai/perspective-viewership-extension](https://github.com/conversationai/perspective-viewership-extension) Tune is a Chrome extension that allows users set the "volume" of comment threads online by choosing what comments to read based on Toxicity scores provided by the Perspective API.
- [**59**Star][4m] [Java] [cognifide/aem-rules-for-sonarqube](https://github.com/cognifide/aem-rules-for-sonarqube) SonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.
- [**59**Star][28d] [C++] [codereversing/directx9hook](https://github.com/codereversing/directx9hook) Runtime DirectX9 Hooking
- [**59**Star][2m] [C] [codectile/paradise](https://github.com/codectile/paradise) x86/x86-64 hooking library
- [**59**Star][4m] [Py] [cnotin/splunkwhisperer2](https://github.com/cnotin/splunkwhisperer2) Local privilege escalation, or remote code execution, through Splunk Universal Forwarder (UF) misconfigurations
- [**59**Star][10m] [Py] [chrismaddalena/goreport](https://github.com/chrismaddalena/goreport) A Python script to collect campaign data from Gophish and generate a report
- [**59**Star][13d] [Java] [chinatso/-v1.0](https://github.com/chinatso/-v1.0) 冰蝎v1.0
- [**59**Star][24d] [Py] [bvanheu/stratatools](https://github.com/bvanheu/stratatools) Stratasys EEPROM tool
- [**59**Star][2m] [PS] [bromiley/olaf](https://github.com/bromiley/olaf) Office365 Log Analysis Framework
- [**59**Star][5m] [C++] [benkrasnow/el_driver_multi](https://github.com/benkrasnow/el_driver_multi) Schematic, PCB, and firmware to build a multi-channel electroluminescent driver
- [**59**Star][1m] [Shell] [bagder/keyfreq](https://github.com/bagder/keyfreq) Logs all key presses with a timestamp
- [**59**Star][3y] [C++] [azerg/remote_dll_injector](https://github.com/azerg/remote_dll_injector) Stealth DLL injector
- [**59**Star][18d] [Go] [averagesecurityguy/c2](https://github.com/averagesecurityguy/c2) A simple, extensible C&C beaconing system.
- [**59**Star][3m] [Java] [armenak/datadefender](https://github.com/armenak/datadefender) Sensitive Data Management: Data Discovery and Anonymization toolkit
- [**59**Star][3m] [Py] [antitree/manitree](https://github.com/antitree/manitree) AndroidManifest.xml security auditor
- [**59**Star][15d] [Py] [angr/tracer](https://github.com/angr/tracer) Utilities for generating dynamic traces
- [**59**Star][3y] [Py] [amoulu/tinysmaliemulator](https://github.com/amoulu/tinysmaliemulator) A very minimalist smali emulator that could be used to "decrypt" obfuscated strings
- [**59**Star][19d] [Java] [amotzte/android-mock-location-for-development](https://github.com/amotzte/android-mock-location-for-development) allows to change mock location from command line on real devices
- [**59**Star][3y] [C++] [alexhude/loadprocconfig](https://github.com/alexhude/loadprocconfig) IDA Plugin to load processor configuration files.
- [**59**Star][7m] [JS] [alexcn/onestack](https://github.com/alexcn/onestack) IT管理系统，实现自动化运维，整合CMDB和监控，实现自动化部署，打通开发、运维和测试的边界，实现一栈式管理。
- [**59**Star][4m] [Py] [afagarap/malware-classification](https://github.com/afagarap/malware-classification) Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine for Malware Classification
- [**59**Star][2m] [Rich Text Format] [adamshostack/eop](https://github.com/adamshostack/eop) The Elevation of Privilege Threat Modeling Game
- [**59**Star][8m] [Go] [acalephstorage/rudder](https://github.com/acalephstorage/rudder) RESTful API Proxy for Helm
- [**58**Star][3m] [Java] [jas502n/cve-2020-8840](https://github.com/jas502n/cve-2020-8840) FasterXML/jackson-databind 远程代码执行漏洞
- [**58**Star][12d] [Py] [saleemrashid/badecparams](https://github.com/saleemrashid/badecparams) Proof of Concept for CVE-2020-0601
- [**58**Star][4m] [Jupyter Notebook] [heerozh/spectre](https://github.com/heerozh/spectre) GPU-accelerated Factors analysis library and Backtester
- [**58**Star][4m] [Py] [cytopia/urlbuster](https://github.com/cytopia/urlbuster) Powerful mutable web directory fuzzer to bruteforce existing and/or hidden files or directories.
- [**58**Star][12d] [Py] [magic890/tripadvisor-scraper](https://github.com/magic890/tripadvisor-scraper) TripAdvisor scraper
- [**58**Star][3y] [Py] [blackyukun/163music](https://github.com/blackyukun/163music) 163music spider by scrapy.
- [**58**Star][16d] [Py] [hysios/coronavirus](https://github.com/hysios/coronavirus) 2019 nCoV realtime track system based Scrapy + influxdb + grafana + NLTK + Stanford CoreNLP
- [**58**Star][4m] [JS] [sixdub/minions](https://github.com/sixdub/minions) Collaborative Distributed Scanning Application (Uses modified DNmap on backend)
- [**58**Star][3m] [C] [openevse/esp8266_wifi_v2.x](https://github.com/openevse/esp8266_wifi_v2.x) ESP8266 WiFi for OpenEVSE Version 2.x
- [**58**Star][3m] [C] [processone/fast_tls](https://github.com/processone/fast_tls) TLS / SSL OpenSSL-based native driver for Erlang / Elixir
- [**58**Star][4m] [Go] [nknorg/nnet](https://github.com/nknorg/nnet) nnet: a fast, scalable, and developer-friendly p2p overlay network stack
- [**58**Star][13d] [Java] [kirillzyusko/react-native-wifi-p2p](https://github.com/kirillzyusko/react-native-wifi-p2p) Library that provide access for working with wi-fi direct (p2p) module in android.
- [**58**Star][23d] [Py] [cyubuchen/proxyspider_spys](https://github.com/cyubuchen/proxyspider_spys) 从spys.one获取socks/http代理并验证是否可用，500个代理验证耗时20秒以内
- [**58**Star][27d] [Go] [badoux/goscraper](https://github.com/badoux/goscraper) Golang pkg to quickly return a preview of a webpage (title/description/images)
- [**58**Star][16d] [JS] [nuxt-contrib/redirect-ssl](https://github.com/nuxt-contrib/redirect-ssl) Connect/Express middleware to enforce https using is-https
- [**58**Star][27d] [JS] [approov/react-native-cert-pinner](https://github.com/approov/react-native-cert-pinner) Strengthens TLS in React Native through Certificate Pinning
- [**58**Star][1m] [OCaml] [mirage/digestif](https://github.com/mirage/digestif) Simple hash algorithms in OCaml
- [**58**Star][18d] [Py] [boquete/google-arts-crawler](https://github.com/boquete/google-arts-crawler) Google Arts & Culture high quality image downloader
- [**58**Star][10d] [Py] [technowlogy-pushpender/technowlogger](https://github.com/technowlogy-pushpender/technowlogger) TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info
- [**58**Star][11d] [Py] [adhorn/aws-chaos-scripts](https://github.com/adhorn/aws-chaos-scripts) Collection of python scripts to run failure injection on AWS infrastructure
- [**58**Star][1m] [victorqribeiro/bruteforcetv](https://github.com/victorqribeiro/bruteforcetv) Let's brute force this hotel's tv.
- [**58**Star][7m] [v2ray/planning](https://github.com/v2ray/planning) Deprecated. Please use v2ray-core for feature requests
- [**58**Star][29d] [C] [pmem/vltrace](https://github.com/pmem/vltrace) Tool tracing syscalls in a fast way using eBPF linux kernel feature
- [**58**Star][23d] [Ruby] [trustedsec/honeybadger](https://github.com/trustedsec/honeybadger) 
- [**58**Star][15d] [Lua] [dsasmblr/cheat-engine](https://github.com/dsasmblr/cheat-engine) Cheat Engine scripts, tutorials, tools, and more.
- [**58**Star][1m] [TS] [igio90/hooah-trace](https://github.com/igio90/hooah-trace) Instructions tracing powered by frida
- [**58**Star][2m] [C++] [svenstaro/dwarf_fortress_unfuck](https://github.com/svenstaro/dwarf_fortress_unfuck) Unfucking Dwarf Fortress
- [**58**Star][26d] [Py] [tobefuturer/ida-swift-demangle](https://github.com/tobefuturer/ida-swift-demangle) A tool to demangle Swift function names in IDA.
- [**58**Star][12d] [Py] [yadox666/wifi_ccc](https://github.com/yadox666/wifi_ccc) Wi-Fi Covert Channel Chat demo application
- [**58**Star][25d] [C++] [kylesanderson/steamworks](https://github.com/kylesanderson/steamworks) Exposing SteamWorks functions to SourcePawn.
- [**58**Star][19d] [C#] [epicrouterss/mssql-fileless-rootkit-warsqlkit](https://github.com/epicrouterss/mssql-fileless-rootkit-warsqlkit) Bildiğiniz üzere uzun zamandır MSSQL üzerine çalışmalar yapmaktayım. Bu yazımda uzun zamandır uğraştığım bir konuyu ele alacağım, MSSQL Rootkit. Bildiğiniz üzere şimdiye kadar MS-SQL için anlatılan post-exploitation işlemlerinin büyük çoğunluğu “xp_cmdshell” ve “sp_OACreate” stored procedure’lerini kullanarak anlatılır. Peki xp_cmdshell ve sp_OA…
- [**58**Star][14d] [Java] [aws-samples/aws-service-catalog-terraform-reference-architecture](https://github.com/aws-samples/aws-service-catalog-terraform-reference-architecture) Apply Terraform configurations using CloudFormation through a proxy lambda
- [**58**Star][14d] [HTML] [usnistgov/acvp](https://github.com/usnistgov/acvp) Industry Working Group on Automated Cryptographic Algorithm Validation
- [**58**Star][4m] [C] [cisco-talos/daemonlogger](https://github.com/Cisco-Talos/Daemonlogger) Simple packet logging & soft tap daemon.
- [**58**Star][22d] [C#] [southpolenator/sharpdebug](https://github.com/southpolenator/SharpDebug) C# debugging automation tool
- [**58**Star][5m] [Py] [deadbits/intersect-2.5](https://github.com/deadbits/Intersect-2.5) Post-Exploitation Framework
- [**58**Star][2m] [PS] [obscuritylabs/infophish](https://github.com/obscuritylabs/InfoPhish) InfoPath Phishing Repo Resource
- [**58**Star][15d] [Shell] [malscan/malscan](https://github.com/malscan/malscan) A fully featured malware scanner for Linux desktops and servers.
- [**58**Star][1y] [HTML] [leonwxqian/lucky-js-fuzz](https://github.com/leonwxqian/lucky-js-fuzz) A web page based fuzzer that generates random JS statements then fuzz in the web-browser.
- [**58**Star][21d] [shmilylty/awesome-application-security](https://github.com/shmilylty/awesome-application-security) awesome application security chinese version
- [**58**Star][1m] [JS] [znetstar/tor-router](https://github.com/znetstar/tor-router) A SOCKS, HTTP and DNS proxy for distributing traffic across multiple instances of Tor
- [**58**Star][2m] [PS] [xan7r/kerberoast](https://github.com/xan7r/kerberoast) 
- [**58**Star][24d] [C#] [voided/steamstatus](https://github.com/voided/steamstatus) A quick and dirty POC website to view the status of Steam CM servers. Precursor to steamstat.us
- [**58**Star][15d] [PS] [vletoux/ms17-010-scanner](https://github.com/vletoux/ms17-010-scanner) 
- [**58**Star][2y] [JS] [vah13/win_zip_password](https://github.com/vah13/win_zip_password) Python script to hook ZIP files passwords in Windows 10
- [**58**Star][3m] [Py] [uninett/nav](https://github.com/uninett/nav) Network Administration Visualized
- [**58**Star][1m] [Py] [truneski/external_c2_framework](https://github.com/truneski/external_c2_framework) Python api for usage with cobalt strike's External C2 specification
- [**58**Star][3y] [JS] [transparencytoolkit/harvester](https://github.com/transparencytoolkit/harvester) Web crawling and document processing through a usable interface.
- [**58**Star][10d] [stamparm/blackbook](https://github.com/stamparm/blackbook) Blackbook of malware domains
- [**58**Star][6y] [Java] [spiderlabs/burpnotesextension](https://github.com/spiderlabs/burpnotesextension) a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created during penetration testing.
- [**58**Star][2m] [Perl] [sourceperl/mbtget](https://github.com/sourceperl/mbtget) A simple modbus/TCP client write in pure Perl.
- [**58**Star][3y] [C++] [sigint9/yaragui](https://github.com/sigint9/yaragui) 
- [**58**Star][5m] [she11c0der/scanners-box](https://github.com/she11c0der/scanners-box) 安全从业人员常用开源工具资料合集
- [**58**Star][4m] [Py] [shauryabhandari/machine-learning](https://github.com/shauryabhandari/machine-learning) Python implementation of machine learning algorithms
- [**58**Star][3y] [Py] [sensepost/xrdp](https://github.com/sensepost/xrdp) A rudimentary remote desktop tool for the X11 protocol exploiting unauthenticated x11 sessions
- [**58**Star][6m] [TS] [richienb/iplocation](https://github.com/Richienb/iplocation) Get ip location information.
- [**58**Star][5y] [C++] [rootkitsmm/win10pcap-exploit](https://github.com/rootkitsmm/win10pcap-exploit) Exploit Win10Pcap Driver to enable some Privilege in our process token ( local Privilege escalation )
- [**58**Star][3y] [C] [riscybusiness/riscypacker](https://github.com/riscybusiness/riscypacker) Process Hollowing Packer
- [**58**Star][5y] [Py] [rehints/blackhat_2015](https://github.com/rehints/blackhat_2015) Distributing the REconstruction of High-Level IR for Large Scale Malware Analysis
- [**58**Star][7y] [Java] [pwntester/xmldecoder](https://github.com/pwntester/xmldecoder) RCE Exploit PoC for XMLDecoder
- [**58**Star][5m] [C#] [protyposis/aurio](https://github.com/protyposis/aurio) Audio Fingerprinting & Retrieval for .NET
- [**58**Star][2y] [PS] [powershell/gpregistrypolicy](https://github.com/powershell/gpregistrypolicy) 
- [**58**Star][27d] [Java] [portswigger/replicator](https://github.com/portswigger/replicator) Burp extension to help developers replicate findings from pen tests
- [**58**Star][12d] [C] [phdphuc/mac-a-mal](https://github.com/phdphuc/mac-a-mal) 追踪macOS恶意软件的内核驱动, 与Cuckoo沙箱组合使用
- [**58**Star][1m] [Py] [owtf/wafbypasser](https://github.com/owtf/wafbypasser) 
- [**58**Star][5m] [Shell] [ouspg/libfuzzerfication](https://github.com/ouspg/libfuzzerfication) libfuzzerfication - fuzzing for the rest of us!
- [**58**Star][2m] [C] [opsxcq/exploit-blacknurse](https://github.com/opsxcq/exploit-blacknurse) Black Nurse DOS attack
- [**58**Star][16d] [Py] [opensecurityresearch/pentest-scripts](https://github.com/opensecurityresearch/pentest-scripts) 
- [**58**Star][3y] [C++] [openjailbreak/jailbreakme-1.0](https://github.com/openjailbreak/jailbreakme-1.0) The first publicly available userland jailbreak for iPhoneOS 1.0.2/1.1.1 by cmw and dre
- [**58**Star][4y] [C++] [nukem9/virtualdbg](https://github.com/nukem9/virtualdbg) Test code only. Not reliable for actual use.
- [**58**Star][2y] [Py] [nopernik/fuzzbunch_wrapper](https://github.com/nopernik/fuzzbunch_wrapper) Fuzzbunch Python-Wine wrapper
- [**58**Star][7m] [Java] [nightoftwelve/virtualhookex](https://github.com/nightoftwelve/virtualhookex) Android application hooking tool based on VirtualHook/VirtualApp
- [**58**Star][10m] [nidom/buff](https://github.com/nidom/buff) A proxy tool for macOS.
- [**58**Star][3m] [Py] [neo23x0/exotron](https://github.com/neo23x0/exotron) Sandbox feature upgrade with the help of wrapped samples
- [**58**Star][5y] [HTML] [nccgroup/iodide](https://github.com/nccgroup/iodide) The Cisco IOS Debugger and Integrated Disassembler Environment
- [**58**Star][6m] [C++] [my-first-pr/hacktoberfest-2018](https://github.com/my-first-pr/hacktoberfest-2018) 
- [**58**Star][4m] [C] [molnarg/dead0007](https://github.com/molnarg/dead0007) Decompiler for SpiderMonkey 1.8 XDR bytecode
- [**58**Star][1y] [Go] [mikkolehtisalo/cvesync](https://github.com/mikkolehtisalo/cvesync) CVE feed synchronization to issue management system
- [**58**Star][30d] [Py] [mikeperry-tor/vanguards](https://github.com/mikeperry-tor/vanguards) Vanguards help guard you from getting vanned...
- [**58**Star][1y] [C#] [mdsecactivebreach/browser-externalc2](https://github.com/mdsecactivebreach/browser-externalc2) External C2 Using IE COM Objects
- [**58**Star][2y] [C#] [mch2112/sharp80](https://github.com/mch2112/sharp80) TRS80 Emulator for Windows
- [**58**Star][29d] [Ruby] [luizluca/bridge](https://github.com/luizluca/bridge) brigde is a dynamic port forwarder over HTTP (with HTTP PROXY support)
- [**58**Star][11d] [C#] [lontivero/vinchuca](https://github.com/lontivero/vinchuca) A resilient peer-to-peer botnet agent in .NET
- [**58**Star][1m] [Java] [llvm-but-worse/maple-ir](https://github.com/llvm-but-worse/maple-ir) Industrial IR-based static analysis framework for Java bytecode
- [**58**Star][3y] [Java] [littlerich/wechatluckymoney](https://github.com/littlerich/wechatluckymoney) 本开源项目为Xposed练手代码，可以从中深入了解使用Xposed的用法和源码逆向分析能力
- [**58**Star][3y] [Go] [linkedin/jaqen](https://github.com/linkedin/jaqen) Simple DNS rebinding
- [**58**Star][22d] [C++] [lemire/testingrng](https://github.com/lemire/testingrng) Testing common random-number generators (RNG)
- [**58**Star][4y] [PS] [killswitch-gui/persistence-survivability](https://github.com/killswitch-gui/persistence-survivability) Powershell Persistence Locator
- [**58**Star][21d] [Go] [kevinmahaffey/tescat](https://github.com/kevinmahaffey/tescat) A tool to identify unique UDP payloads developed in order to audit the Tesla Model S's onboard ethernet traffic.
- [**58**Star][20d] [Shell] [justintime/docker-airsonos](https://github.com/justintime/docker-airsonos) Expose Sonos over Airplay via a Docker container
- [**58**Star][3m] [C++] [jspspemu/jspspemu](https://github.com/jspspemu/jspspemu) typescript psp emulator
- [**58**Star][10m] [AutoIt] [jschicht/extractusnjrnl](https://github.com/jschicht/extractusnjrnl) Tool to extract the $UsnJrnl from an NTFS volume
- [**58**Star][13d] [JS] [jpenalbae/r2-scripts](https://github.com/jpenalbae/r2-scripts) Multiple radare2 rpipe scripts
- [**58**Star][2m] [PHP] [jcarlosn/gzip-http-time](https://github.com/jcarlosn/gzip-http-time) PoC for getting remote HTTP Server date using gzip compressed HTTP Response
- [**58**Star][2m] [Ruby] [jbjonesjr/letsencrypt-manual-hook](https://github.com/jbjonesjr/letsencrypt-manual-hook) Allows you to use dehydrated (a Let's Encrypt/Acme Client) and DNS challenge response with a DNS provider that requires manual intervention
- [**58**Star][11d] [Py] [jay-johnson/train-ai-with-django-swagger-jwt](https://github.com/jay-johnson/train-ai-with-django-swagger-jwt) Train AI (Keras + Tensorflow) to defend apps with Django REST Framework + Celery + Swagger + JWT - deploys to Kubernetes and OpenShift Container Platform
- [**58**Star][5m] [PS] [jaapbrasser/sharedscripts](https://github.com/jaapbrasser/sharedscripts) This is a collection of scripts that I have shared online
- [**58**Star][4m] [JS] [iriscouch/request_jquery](https://github.com/iriscouch/request_jquery) request (NodeJS http client) API using jQuery back-end
- [**58**Star][2y] [C++] [int0/processisolator](https://github.com/int0/processisolator) Utility to hook SSDT of specific process and transfer control to a service (usermode app) for handling to determine action allow/deny API call etc.
- [**58**Star][5m] [C] [iliasam/laser_tape_reverse_engineering](https://github.com/iliasam/laser_tape_reverse_engineering) Alternative firmware for a cheap X-40 laser tape measure
- [**58**Star][3m] [JS] [hownetworks/uriteller](https://github.com/hownetworks/uriteller) A service for monitoring whether chat apps etc. leak URLs
- [**58**Star][16d] [JS] [hoch/canopy](https://github.com/hoch/canopy) Web Audio API programming/debugging suite
- [**58**Star][6y] [Shell] [hclx/dell_power_spoofer](https://github.com/hclx/dell_power_spoofer) A MSP430 based design spoofing dell power adapter identification
- [**58**Star][4m] [hackstar7/wanacry](https://github.com/hackstar7/wanacry) WannaCry Ransomware
- [**58**Star][15d] [Assembly] [hackedteam/core-win64](https://github.com/hackedteam/core-win64) RCS Agent for Windows (64bit)
- [**58**Star][7y] [gynophage/solarized_ida](https://github.com/gynophage/solarized_ida) "Solarized Dark" color scheme for IDA Pro.
- [**58**Star][4m] [Rust] [guitmz/fe2o3](https://github.com/guitmz/fe2o3) Simple prepender virus written in Rust
- [**58**Star][23d] [Py] [foreni-packages/dhcpig](https://github.com/foreni-packages/dhcpig) initiates an advanced DHCP exhaustion attack
- [**58**Star][10d] [C++] [fishstiqz/poolinfo](https://github.com/fishstiqz/poolinfo) kernel pool windbg extension
- [**58**Star][3m] [JS] [firebug/pixel-perfect](https://github.com/firebug/pixel-perfect) 
- [**58**Star][18d] [JS] [fedora-infra/asknot-ng](https://github.com/fedora-infra/asknot-ng) What can I do for $ORGANIZATION?
- [**58**Star][1m] [Shell] [emirozer/nixarmor](https://github.com/emirozer/nixarmor) nixarmor is a linux hardening automation project
- [**58**Star][1y] [C#] [egorbo/intrinsicsplayground](https://github.com/egorbo/intrinsicsplayground) My toys to play with SSE/AVX in pure C# (.NET Core 2.1)
- [**58**Star][2m] [Shell] [dg92/node-express-postgres-redis-starter-kit](https://github.com/dg92/node-express-postgres-redis-starter-kit) This is a starter kit that help you get started with node, express, postgresql, redis. Node.js / Express / PostgreSQL / Authentication API Starter Kit
- [**58**Star][12d] [C] [devzero2000/shellcoderhandbook](https://github.com/devzero2000/shellcoderhandbook) shellcoderhandbook source code : "The Shellcoder's Handbook: Discovering and Exploiting Security Holes"
- [**58**Star][4m] [Py] [devsecops/defcon-workshop](https://github.com/devsecops/defcon-workshop) 
- [**58**Star][10d] [C] [dev-zzo/exploits-nt-privesc](https://github.com/dev-zzo/exploits-nt-privesc) Exploit collection for NT privilege escalation
- [**58**Star][4m] [Py] [dedsecinside/awesome-scripts](https://github.com/dedsecinside/awesome-scripts) A collection of awesome scripts from developers around the globe.
- [**58**Star][1m] [JS] [davepacheco/node-heap-dump](https://github.com/davepacheco/node-heap-dump) Testing node heap dumps
- [**58**Star][11m] [Shell] [d4rk007/blueghost](https://github.com/d4rk007/blueghost) A network tool designed to assist blue teams in banning attackers from linux servers.
- [**58**Star][1m] [Py] [cuppa-joe/dsame](https://github.com/cuppa-joe/dsame) Python EAS SAME Alert Message Decoder
- [**58**Star][5m] [Rust] [ctsrc/pgen](https://github.com/ctsrc/pgen) Command-line passphrase generator
- [**58**Star][10d] [JS] [coston/react-obfuscate](https://github.com/coston/react-obfuscate) An intelligent React component to obfuscate any contact link!
- [**58**Star][3y] [Py] [circl/pymisp](https://github.com/circl/pymisp) Please use this repository instead:
- [**58**Star][5y] [Py] [cc06/dns_transfer_check](https://github.com/cc06/dns_transfer_check) 一个用来批量检测网站是否存在域传送漏洞的Python脚本
- [**58**Star][15d] [Py] [carnal0wnage/malicious_file_maker](https://github.com/carnal0wnage/malicious_file_maker) malicious file maker/sender to create and send malicious attachments to test your email filter/alerting
- [**58**Star][6m] [Shell] [buginux/flexloader](https://github.com/buginux/flexloader) 使用 FLEX 调试任意第三方应用
- [**58**Star][2y] [Py] [bonkc/bugbountysubdomains](https://github.com/bonkc/bugbountysubdomains) Tools to gather subdomains from Bug Bounty programs
- [**58**Star][1m] [blackint3/awesome-debugging](https://github.com/blackint3/awesome-debugging) Why Debugging?（为什么要调试？）
- [**58**Star][6y] [C] [axoltl/hubcap](https://github.com/axoltl/hubcap) ChromeCast HubCap exploit
- [**58**Star][18d] [Py] [angr/archinfo](https://github.com/angr/archinfo) Classes with architecture-specific information useful to other projects.
- [**58**Star][3y] [PHP] [alisummer/qqipdetector](https://github.com/alisummer/qqipdetector) 探测某个或某些QQ用户的IP。 代码非常烂，也没有注释。
- [**58**Star][3y] [3gstudent/cve-2017-8464-exp](https://github.com/3gstudent/cve-2017-8464-exp) Support x86 and x64
- [**57**Star][10d] [Ruby] [entynetproject/thoron](https://github.com/entynetproject/thoron) Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to generate simple payloads to provide Linux TCP attack.
- [**57**Star][2y] [Py] [odiogosilva/trifusion](https://github.com/odiogosilva/trifusion) Streamlining phylogenomic data gathering, processing and visualization
- [**57**Star][4m] [C++] [spriteovo/telegram-anti-revoke](https://github.com/spriteovo/telegram-anti-revoke) Telegram anti-revoke plugin. | Telegram 防撤回插件。
- [**57**Star][2m] [ahhh/phish_composer](https://github.com/ahhh/phish_composer) Automatically spin up infra for phishing
- [**57**Star][4m] [Py] [malwaretech/rdgscanner](https://github.com/malwaretech/rdgscanner) A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.
- [**57**Star][8m] [C#] [rvrsh3ll/sharpcom](https://github.com/rvrsh3ll/sharpcom) CSHARP DCOM Fun
- [**57**Star][3y] [C] [alex-sector/dns2tcp](https://github.com/alex-sector/dns2tcp) 
- [**57**Star][23d] [Py] [deadbits/mimir](https://github.com/deadbits/mimir) Smart OSINT collection of common IOC types
- [**57**Star][12d] [C++] [haidragon/study_obscure](https://github.com/haidragon/study_obscure) 混淆反混淆
- [**57**Star][3m] [C#] [kudaes/lolbits](https://github.com/kudaes/lolbits) C# reverse shell using Background Intelligent Transfer Service (BITS) as communication protocol.
- [**57**Star][3m] [Py] [romis2012/aiohttp-socks](https://github.com/romis2012/aiohttp-socks) Proxy (HTTP, SOCKS) connector for aiohttp
- [**57**Star][4m] [Java] [luborliu/traclusalgorithm](https://github.com/luborliu/traclusalgorithm) This is an implementation for TraClus algorithm in Java. A GUI was added.
- [**57**Star][16d] [C#] [kpol/trie](https://github.com/kpol/trie) Trie (a.k.a. prefix tree) C# implementation. Has constant-time string prefix lookup.
- [**57**Star][19d] [Py] [jpf/lokey](https://github.com/jpf/lokey) A tool that makes it easy to work with and convert between cryptographic key formats
- [**57**Star][15d] [Swift] [unixzii/swiftui-hooks](https://github.com/unixzii/swiftui-hooks) A PoC for implementing hooks in SwiftUI
- [**57**Star][10d] [Java] [rxgirlz/openyspider](https://github.com/rxgirlz/openyspider) 千万级图片爬虫、视频爬虫 [开源版本] Image Spider
- [**57**Star][11d] [Java] [jimseker/bluetooth](https://github.com/jimseker/bluetooth) Android Bluetooth examples
- [**57**Star][1y] [Java] [spring-avengers/influx-proxy](https://github.com/spring-avengers/influx-proxy) A proxy for InfluxDB
- [**57**Star][10d] [Py] [carsonscott/online-category-learning](https://github.com/carsonscott/online-category-learning) ML algorithm for real-time classification
- [**57**Star][7m] [Py] [yangzheng10/ss](https://github.com/yangzheng10/ss) 利用爬虫科学上网
- [**57**Star][1m] [Go] [ironsmile/nedomi](https://github.com/ironsmile/nedomi) Highly performant HTTP reverse proxy with efficient caching of big files
- [**57**Star][5m] [Py] [michoo/pci](https://github.com/michoo/pci) Packet communication investigator
- [**57**Star][14d] [JS] [instantwebp2p/peer-proxy](https://github.com/instantwebp2p/peer-proxy) Light on hidden web service - Expose web service from Peer
- [**57**Star][20d] [Ruby] [michenriksen/hibp](https://github.com/michenriksen/hibp) A simple tool to check a bunch of email addresses against the Have I Been Pwned API.
- [**57**Star][2m] [Py] [ztgrace/pwnboard](https://github.com/ztgrace/pwnboard) CCDC Red Team PWNboard
- [**57**Star][12d] [C++] [x64dbg/titanengine](https://github.com/x64dbg/titanengine) 
- [**57**Star][1m] [Py] [genymobile/copydeps](https://github.com/genymobile/copydeps) Analyze and copy library dependencies of ELF binaries
- [**57**Star][2m] [mubix/open-ssids](https://github.com/mubix/open-ssids) SSIDs for the Hak5 Wifi Pineapple's PineAP setup
- [**57**Star][10d] [Py] [osirislab/csaw-ctf-2018-finals](https://github.com/osirislab/csaw-ctf-2018-finals) Repo for CSAW CTF 2018 Finals challenges
- [**57**Star][10d] [C#] [netspi/daft](https://github.com/netspi/daft) DAFT: Database Audit Framework & Toolkit
- [**57**Star][2m] [Py] [secwiki/ctf-hub](https://github.com/secwiki/ctf-hub) CTF 题目列表
- [**57**Star][21d] [Py] [0x90/wpsik](https://github.com/0x90/wpsik) WPS scan and pwn tool
- [**57**Star][12d] [Java] [thisislibra/genesis](https://github.com/thisislibra/genesis) A framework to generate unique test cases based on code snippets to test techniques
- [**57**Star][12d] [scriptingxss/owasp-fstm](https://github.com/scriptingxss/owasp-fstm) The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security professionals with conducting firmware security assessments.
- [**57**Star][2m] [Py] [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm) TPM vulnerability checking tool for CVE-2018-6622. This tool will be published at Black Hat Asia 2019 and Black Hat Europe 2019
- [**57**Star][4m] [Py] [geovation/wifispy](https://github.com/geovation/wifispy) Sniff Wifi traffic, log device addresses.
- [**57**Star][12d] [Py] [muteb/hoarder](https://github.com/muteb/hoarder) This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive.
- [**57**Star][8d] [C++] [rathoresrikant/hacktoberfestcontribute](https://github.com/rathoresrikant/hacktoberfestcontribute) Contribute codes on Data Structures and Algorithms. #HacktoberFest
- [**57**Star][10d] [Java] [graxcode/java-unpacker](https://github.com/GraxCode/java-unpacker) Extract Crypted Jar Archives
- [**57**Star][2m] [PHP] [wkcaj/safecurl](https://github.com/wkcaj/safecurl) SSRF Protection Library for PHP -
- [**57**Star][3m] [C] [jar-o/osxinj_tut](https://github.com/jar-o/osxinj_tut) OSX injection tutorial: Hello World
- [**57**Star][2m] [Shell] [cyb0r9/network-attacker](https://github.com/Cyb0r9/network-attacker) Programmed For Penetration Testing Beginners . This Program Based on Mdk3 . "WiFi Stress Testing Beacon Flooding & Deauthentication Attack "
- [**57**Star][7m] [Go] [zond/qisniff](https://github.com/zond/qisniff) 
- [**57**Star][3y] [C] [zerosum0x0/shellcodedriver](https://github.com/zerosum0x0/shellcodedriver) Windows driver to execute arbitrary usermode code (essentially same vulnerability as capcom.sys)
- [**57**Star][13d] [Shell] [yulewang/brook](https://github.com/yulewang/brook) Brook 端口转发 一键管理脚本修改版 增加了对动态域名的支持 基于逗比版本修改而来
- [**57**Star][19d] [Shell] [xhorak/firefox-devedition-flatpak](https://github.com/xhorak/firefox-devedition-flatpak) Flatpak manifest and patches to build Firefox
- [**57**Star][16d] [JS] [userlandkernel/jailbreakme-unified](https://github.com/userlandkernel/jailbreakme-unified) Framework for iOS browser exploitation to kernel privileges and rootfs remount
- [**57**Star][3y] [HTML] [troydo42/cia-hacking-tools](https://github.com/troydo42/cia-hacking-tools) WikiLeaks Vault 7 CIA Hacking Tools
- [**57**Star][4m] [Py] [tr3jer/incextensivelist](https://github.com/tr3jer/incextensivelist) 从扫描器结果分离出的一些大公司泛解析ip列表
- [**57**Star][2y] [C] [tandasat/fu_hypervisor](https://github.com/tandasat/fu_hypervisor) A hypervisor hiding user-mode memory using EPT
- [**57**Star][4y] [Py] [t3rry7f/badtunnel_exp](https://github.com/t3rry7f/badtunnel_exp) Usage: python badtunnel.py wpad_server_ip
- [**57**Star][27d] [C] [synack/chaoticmarch](https://github.com/synack/chaoticmarch) A mechanism for automating input events on iOS
- [**57**Star][2m] [Py] [spritz-research-group/ctf-writeups](https://github.com/spritz-research-group/ctf-writeups) SPRITZ plays CTFs! Writeups by spritzers
- [**57**Star][13d] [C] [sistr0/ps4-hen-vtx](https://github.com/sistr0/ps4-hen-vtx) A fully implemented kernel exploit for the PS4 with HEN - Only for 5.05
- [**57**Star][5y] [C++] [scadacs/plcinject](https://github.com/scadacs/plcinject) 
- [**57**Star][3y] [C] [samlarenn/callbackdisabler](https://github.com/samlarenn/callbackdisabler) Disable Driver Callbacks
- [**57**Star][2y] [Py] [s1kr10s/struts2shell](https://github.com/s1kr10s/struts2shell) 
- [**57**Star][2m] [TS] [rpgeeganage/ifto](https://github.com/rpgeeganage/ifto) A simple debugging module for AWS Lambda (λ) timeout
- [**57**Star][17d] [HTML] [r3kapig/writeup](https://github.com/r3kapig/writeup) CTF challenges writeup
- [**57**Star][2y] [Py] [programa-stic/marvin-static-analyzer](https://github.com/programa-stic/marvin-static-analyzer) Marvin static analyzer is an Android application vulnerability scanner. The framework uses androguard and Static Android Analysis Framework (SAAF).
- [**57**Star][4m] [C] [praneethkarnena/ddos-scripts](https://github.com/praneethkarnena/ddos-scripts) This repo consists of various DDoS scripts, collected from internet. Layer-4 and Layer-7 levels can be targeted using these scripts.
- [**57**Star][23d] [Java] [owasp-ruhrpott/owasp-workshop-android-pentest](https://github.com/owasp-ruhrpott/owasp-workshop-android-pentest) Learning Penetration Testing of Android Applications
- [**57**Star][16d] [C] [outscale/packetgraph](https://github.com/outscale/packetgraph) Packetgraph library is a collection of network bricks you can connect to form a network graph.
- [**57**Star][2m] [ouspg/fuzz-testing-beginners-guide](https://github.com/ouspg/fuzz-testing-beginners-guide) Fuzz testing: Beginner's guide
- [**57**Star][2m] [Py] [nikallass/sharesearch](https://github.com/nikallass/sharesearch) Samba, NFS shares spider and grepper
- [**57**Star][3m] [Py] [nezza/scada-stuff](https://github.com/nezza/scada-stuff) A collection of scripts & tools for reverse-engineering & hacking SCADA/ICS devices.
- [**57**Star][3m] [Py] [nelenkov/android-device-check](https://github.com/nelenkov/android-device-check) Check Android device security settings
- [**57**Star][3m] [C] [nanxiao/umalloc](https://github.com/nanxiao/umalloc) A tiny Unix dynamic memory allocator library.
- [**57**Star][4m] [myndtt/ctf-site](https://github.com/myndtt/ctf-site) 介绍一些CTF训练的站点
- [**57**Star][1y] [muhammd/awesome-pentest](https://github.com/muhammd/awesome-pentest) Awesome Penetration Testing A collection of awesome penetration testing resources
- [**57**Star][13d] [Perl] [msimerson/sentry](https://github.com/msimerson/sentry) Bruteforce attack blocker (ssh, FTP, SMTP, and more)
- [**57**Star][4m] [Py] [msfidelis/kill-router-](https://github.com/msfidelis/kill-router-) Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
- [**57**Star][4m] [Shell] [mitchellkrogza/badd-boyz-hosts](https://github.com/mitchellkrogza/badd-boyz-hosts) A hosts file for use on any operating system to block bad domains out of your servers or devices.
- [**57**Star][2y] [Java] [mirsamantajbakhsh/onionharvester](https://github.com/mirsamantajbakhsh/onionharvester) A small TOR Onion Address harvester for checking if the address is available or not.
- [**57**Star][2m] [mindpointgroup/ansible-vmware-provisioning](https://github.com/mindpointgroup/ansible-vmware-provisioning) Some basic Ansible content to help get more out of VMware. Developed for AnsibleFest San Francisco 2017.
- [**57**Star][19d] [PS] [microsoftedge/dev.microsoftedge.com-vms](https://github.com/microsoftedge/dev.microsoftedge.com-vms) Scripts used to generate the free VMs available at
- [**57**Star][1m] [Shell] [mempodippy/snodew](https://github.com/mempodippy/snodew) PHP root (suid) reverse shell
- [**57**Star][11m] [C++] [mefistotelis/ida-pro-loadmap](https://github.com/mefistotelis/ida-pro-loadmap) Plugin for IDA Pro disassembler which allows loading .map files.
- [**57**Star][16d] [Shell] [meedan/check](https://github.com/meedan/check) Development environment for Meedan Check, a collaborative media annotation platform
- [**57**Star][19d] [PHP] [medariox/scrapeer](https://github.com/medariox/scrapeer) Scrapeer, a tiny PHP library that lets you scrape HTTP(S) and UDP trackers for torrent information.
- [**57**Star][1m] [Py] [masood-m/yalih](https://github.com/masood-m/yalih) a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques
- [**57**Star][2m] [Java] [lizhangqu/android-bundle-support](https://github.com/lizhangqu/android-bundle-support) 增强型apk analyzer，支持ap_, ap, aar, aab, jar, so, awb, aab, apks等zip文件使用apk analyzer打开, android studio插件
- [**57**Star][2m] [Shell] [letssudormrf/ssr-bbr-docker](https://github.com/letssudormrf/ssr-bbr-docker) Dockerfile for ssr+bbr_powered
- [**57**Star][4m] [Py] [leoid/b1tmass](https://github.com/leoid/b1tmass) Multiple Weaknesses Checking for Mass Subdomains [Deprecated]
- [**57**Star][30d] [C] [kkamagui/shadow-box-for-arm](https://github.com/kkamagui/shadow-box-for-arm) Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)
- [**57**Star][23d] [C++] [slyd0g/primarytokentheft](https://github.com/slyd0g/PrimaryTokenTheft) Steal a primary token and spawn cmd.exe using the stolen token.
- [**57**Star][ObjC] [jrock007/tob](https://github.com/jrock007/tob) Free, open-source and ad-less Tor web browser for iOS
- [**57**Star][4m] [Java] [jogolden/ghidraps4loader](https://github.com/jogolden/ghidraps4loader) A Ghidra loader for PlayStation 4 binaries.
- [**57**Star][6m] [Shell] [jmcerrejon/pikiss](https://github.com/jmcerrejon/pikiss) PiKISS for Raspberry Pi & ODROID-C1: A bunch of scripts with menu to make your life easier.
- [**57**Star][10d] [Py] [jflyup/goms17-010](https://github.com/jflyup/goms17-010) Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)
- [**57**Star][24d] [JS] [jes/chess-steg](https://github.com/jes/chess-steg) Steganography in chess games
- [**57**Star][1m] [Ruby] [jekil/hostmap](https://github.com/jekil/hostmap) 
- [**57**Star][2y] [PS] [invokethreatguy/csasc](https://github.com/invokethreatguy/csasc) Cobalt Strike Aggressor Script Collection
- [**57**Star][4m] [Jupyter Notebook] [hija/malwaredatascience](https://github.com/hija/malwaredatascience) Malware Data Science Reading Diary / Notes
- [**57**Star][29d] [C] [hbowden/nextgen](https://github.com/hbowden/nextgen) A Genetic File, Syscall and Network Fuzzer.
- [**57**Star][5m] [C] [gosecure/dllpasswordfilterimplant](https://github.com/gosecure/dllpasswordfilterimplant) DLL Password Filter Implant with Exfiltration Capabilities
- [**57**Star][12d] [Py] [gh2o/rvi_capture](https://github.com/gh2o/rvi_capture) rvictl for Linux and Windows: capture packets sent/received by iOS devices
- [**57**Star][7m] [Go] [flynaj/kcptun](https://github.com/flynaj/kcptun) A Secure Tunnel Based On KCP with N:M Multiplexing
- [**57**Star][2m] [Py] [fkasler/dolos_cloak](https://github.com/fkasler/dolos_cloak) Automated 802.1x Bypass
- [**57**Star][10d] [Ruby] [entynetproject/thoron](https://github.com/entynetproject/thoron) Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to generate simple payloads to provide Linux TCP attack.
- [**57**Star][6m] [F#] [enkomio/anathema](https://github.com/enkomio/anathema) .NET instrumentation framework
- [**57**Star][2m] [Py] [dmazzella/uble](https://github.com/dmazzella/uble) Lightweight Bluetooth Low Energy driver written in pure python for micropython
- [**57**Star][3m] [JS] [detroitenglish/haveibeenpwned-zxcvbn-lambda-api](https://github.com/detroitenglish/haveibeenpwned-zxcvbn-lambda-api) Deploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately
- [**57**Star][16d] [Ruby] [depthsecurity/dahua_dvr_auth_bypass](https://github.com/depthsecurity/dahua_dvr_auth_bypass) Dahua CCTV DVR Authentication Bypass Metasploit Scanning Module
- [**57**Star][18d] [Py] [deadbits/malware-analysis-scripts](https://github.com/deadbits/malware-analysis-scripts) Collection of scripts for different malware analysis tasks
- [**57**Star][1m] [JS] [danigargu/urlfuzz](https://github.com/danigargu/urlfuzz) Another web fuzzer written in NodeJS
- [**57**Star][3y] [JS] [cryptogenic/ps4-4.0x-code-execution-poc](https://github.com/cryptogenic/ps4-4.0x-code-execution-poc) My edit of qwertyoruiopz 4.0x exploit PoC from
- [**57**Star][8y] [Py] [cranklin/python-virus](https://github.com/cranklin/python-virus) This is an educational computer virus written in Python to demonstrate how replication is done.
- [**57**Star][8y] [Py] [cr4sh/ida-vmware-gdb](https://github.com/cr4sh/ida-vmware-gdb) Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub
- [**57**Star][4m] [Py] [coddingtonbear/ircpdb](https://github.com/coddingtonbear/ircpdb) Remotely and collaboratively debug your Python application via an IRC channel.
- [**57**Star][21d] [Shell] [cignoraptor-ita/cignotrack](https://github.com/cignoraptor-ita/cignotrack) OSINT tool for testing privacy and social engineering vulnerability of organizations.
- [**57**Star][17d] [Py] [chadillac/mdns_recon](https://github.com/chadillac/mdns_recon) Multicast DNS and DNS service discovery daemons deployed on various systems across the Internet are misconfigured and reply to queries targeting their unicast addresses, including requests from their WAN interface. These daemons could be leveraged by attackers for sensitive information disclosure and potentially used in DDoS campaigns for reflec…
- [**57**Star][3y] [HTML] [bo0om/cve-2017-7089](https://github.com/bo0om/cve-2017-7089) Webkit uxss exploit (CVE-2017-7089)
- [**57**Star][2m] [C] [bazad/physmem](https://github.com/bazad/physmem) Local privilege escalation through macOS 10.12.1 via CVE-2016-1825 or CVE-2016-7617.
- [**57**Star][2m] [JS] [az0ne/simple_zoomeye](https://github.com/az0ne/simple_zoomeye) 一个还正在完善的项目，采用分布式python扫描全国的HTTP服务
- [**57**Star][2m] [Elm] [auth0-blog/elm-with-jwt-api](https://github.com/auth0-blog/elm-with-jwt-api) 
- [**57**Star][4m] [aungthurhahein/red-team-curation-list](https://github.com/aungthurhahein/red-team-curation-list) A list to discover work of red team tooling and methodology for penetration testing and security assessment
- [**57**Star][25d] [Makefile] [armbian/firmware](https://github.com/armbian/firmware) Armbian firmware
- [**57**Star][4m] [Java] [arloor/httpproxy](https://github.com/arloor/httpproxy) a netty-based http proxy that breaks the GFW。
- [**57**Star][2m] [Py] [acama/ctf](https://github.com/acama/ctf) Exploits for interesting CTF challenges I have worked on
- [**57**Star][3m] [TeX] [abertaymachinelearninggroup/network-threats-taxonomy](https://github.com/abertaymachinelearninggroup/network-threats-taxonomy) Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies
- [**57**Star][7y] [IntrepidusGroup/mallory](https://bitbucket.org/intrepidusgroup/mallory) 
- [**56**Star][7d] [Go] [asutorufa/yuhaiin](https://github.com/asutorufa/yuhaiin) a proxy client by golang for linux
- [**56**Star][21d] [noffle/p2p-faq](https://github.com/noffle/p2p-faq) 
- [**56**Star][11m] [PHP] [dalaizhao/phpspidermagnetbittorrent](https://github.com/dalaizhao/phpspidermagnetbittorrent) php实现p2p中DHT网络爬虫，并提供搜索下载
- [**56**Star][2m] [Java] [amdelamar/jhash](https://github.com/amdelamar/jhash) 
- [**56**Star][3y] [HTML] [winlwinoonet/aspnetcoreactivedirectorystarterkit](https://github.com/winlwinoonet/aspnetcoreactivedirectorystarterkit) Starter kit to quickly create ASP.NET Core with On-Premises Active Directory Authentication.
- [**56**Star][21d] [Py] [ohyee/documentdownloader](https://github.com/ohyee/documentdownloader) download document from book118 for free
- [**56**Star][5m] [Go] [terraform-providers/terraform-provider-tls](https://github.com/terraform-providers/terraform-provider-tls) Terraform TLS provider
- [**56**Star][2m] [HTML] [webcoding/js_block](https://github.com/webcoding/js_block) 研究学习各种拦截：反爬虫、拦截ad、防广告注入、斗黄牛等
- [**56**Star][1m] [Go] [hijkzzz/dht-crawler](https://github.com/hijkzzz/dht-crawler) A DHT Crawler based on Goroutine
- [**56**Star][14d] [Py] [ajalt/python-sha1](https://github.com/ajalt/python-sha1) An implementation of the SHA-1 hashing algorithm in pure python.
- [**56**Star][4m] [djmpink/taillog](https://github.com/djmpink/taillog) 实时日志（tail log）查看监控客户端工具
- [**56**Star][20d] [C] [wlanslovenija/tunneldigger](https://github.com/wlanslovenija/tunneldigger) L2TPv3 VPN tunneling solution
- [**56**Star][16d] [Shell] [frugghi/issh2](https://github.com/frugghi/issh2) A bash script to compile Libssh2 (and OpenSSL) for iOS, macOS, watchOS and tvOS.
- [**56**Star][9d] [JS] [kylart/malscraper](https://github.com/kylart/malscraper) Scrap everything you can from MyAnimeList.net
- [**56**Star][30d] [Shell] [la3ar0v/tuxresponse](https://github.com/la3ar0v/tuxresponse) Linux Incident Response
- [**56**Star][2m] [C#] [c4bbage/xrat](https://github.com/c4bbage/xrat) xRAT 2.0 - Free, Open-Source Remote Administration Tool
- [**56**Star][8d] [CSS] [evilsocket/www.pwnagotchi.ai](https://github.com/evilsocket/www.pwnagotchi.ai) (⌐■_■) - pwnagotchi.ai
- [**56**Star][2m] [Py] [nixawk/hello-python2](https://github.com/nixawk/hello-python2) Python libraries demos
- [**56**Star][23d] [C] [timwr/cve-2019-2215](https://github.com/timwr/cve-2019-2215) 
- [**56**Star][12d] [C] [hak5/pineapple-packages-community](https://github.com/hak5/pineapple-packages-community) WiFi Pineapple Community Packages
- [**56**Star][15d] [PS] [dafthack/powerwebshot](https://github.com/dafthack/powerwebshot) A PowerShell tool for taking screenshots of multiple web servers quickly.
- [**56**Star][2m] [C] [pwning/plaidctf2014](https://github.com/pwning/plaidctf2014) Source for some problems from PlaidCTF 2014.
- [**56**Star][1y] [Go] [ffay/lanproxy-go-client](https://github.com/ffay/lanproxy-go-client) Lanproxy is a reverse proxy to help you expose a local server behind a NAT or firewall to the internet. it supports any protocols over tcp (http https ssh ...)
- [**56**Star][6m] [C#] [0xbadjuju/sharpire](https://github.com/0xbadjuju/sharpire) A C# implementation of the PowerShell Empire Agent
- [**56**Star][14d] [C#] [damonmohammadbagher/nativepayload_reverseshell](https://github.com/damonmohammadbagher/nativepayload_reverseshell) This is Simple C# Source code to Bypass almost "all" AVS, (kaspersky v19, Eset v12 v13 ,Trend-Micro v16, Comodo & Windows Defender Bypassed via this method Very Simple)
- [**56**Star][3m] [C++] [m0n73/dc26_badgeemulator](https://github.com/m0n73/dc26_badgeemulator) This code was used with Arduino Nano to create the OG defcon 26 badge emulator.
- [**56**Star][7d] [Go] [asutorufa/yuhaiin](https://github.com/Asutorufa/yuhaiin) a proxy client by golang for linux
- [**56**Star][18d] [HTML] [aravinthpanch/rssi](https://github.com/aravinthpanch/rssi) Indoor localisation using RSSI. RSSI is received signal strength indicator in IEEE 802.11 beacon packet to announce the presence of WiFi.This tool was built to study & visualize the data collected in the experiments. This was done at Telecommunications Network Group (TKN), Berlin as part of EVARILOS.
- [**56**Star][2m] [Py] [zhovner/airport-sniffer](https://github.com/zhovner/airport-sniffer) Very simple Wi-Fi sniffer and dumps parser for built-in macbook AirPort Extreme card. Only native MacOS tools used.
- [**56**Star][16d] [Py] [cyberreboot/networkml](https://github.com/CyberReboot/NetworkML) Machine learning plugins for network traffic
- [**56**Star][18d] [Java] [guardianproject/tor-android](https://github.com/guardianproject/tor-android) Tor binary and library for Android
- [**56**Star][1m] [Java] [subutai-io/peer-os](https://github.com/subutai-io/peer-os) Subutai is a next generation peer to peer (P2P) cloud computing and Internet of Things platform. Subutai peers collaborate and share resources to create secure virtual environments tying together the shared network and machine resources across peers.
- [**56**Star][2m] [C] [deeptechlabs/cyberweapons](https://github.com/deeptechlabs/cyberweapons) Automated Cyber Offense
- [**56**Star][10d] [Assembly] [drenn1/oracles-disasm](https://github.com/Drenn1/oracles-disasm) Disassembly of Oracle of Ages and Seasons
- [**56**Star][7m] [zephrfish/xsspayloads](https://github.com/zephrfish/xsspayloads) Cross Site Scripting Payloads -- Variations
- [**56**Star][10m] [Ruby] [zenvdeluca/net_healer](https://github.com/zenvdeluca/net_healer) NET HEALER receive DDoS Attack reports from FastNetMon collectors allowing custom triggers on a per stage based actions.
- [**56**Star][2y] [Py] [zardus/idalink](https://github.com/zardus/idalink) idalink arose of the need to easily use IDA's API for analysis without wanting to be stuck in the IDA interface
- [**56**Star][3y] [yrzx404/free-security-resources](https://github.com/yrzx404/free-security-resources) 安全总是无处不在...
- [**56**Star][4m] [Shell] [xalfie/nix-auditor](https://github.com/xalfie/nix-auditor) Nix Audit made easier (RHEL, CentOS)
- [**56**Star][3y] [Py] [wraith-wireless/pyric](https://github.com/wraith-wireless/pyric) Python wireless library for Linux
- [**56**Star][2y] [Py] [wangyihang/find-php-vulnerabilities](https://github.com/wangyihang/find-php-vulnerabilities) 
- [**56**Star][2m] [Java] [vy/hrrs](https://github.com/vy/hrrs) Record, transform, and replay HTTP requests in Java EE and Spring applications.
- [**56**Star][1m] [Go] [vuvuzela/alpenhorn](https://github.com/vuvuzela/alpenhorn) Bootstrapping Secure Communication without Leaking Metadata
- [**56**Star][2y] [Py] [vulnerscom/vulners-scanner](https://github.com/vulnerscom/vulners-scanner) Vulnerability scanner based on vulners.com audit API
- [**56**Star][3y] [C#] [vmcall/mapdetection](https://github.com/vmcall/mapdetection) Detect manualmapped images remotely, without hassle
- [**56**Star][13d] [Py] [virtuesecurity/aws-extender-cli](https://github.com/virtuesecurity/aws-extender-cli) AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.
- [**56**Star][6m] [Ruby] [vault12/zax](https://github.com/vault12/zax) NaCl-based Cryptographic Relay
- [**56**Star][3m] [Py] [ucsb-seclab/agrigento](https://github.com/ucsb-seclab/agrigento) Agrigento is a tool to identify privacy leaks in Android apps by performing black-box differential analysis on the network traffic.
- [**56**Star][9m] [Py] [trickster0/enyx](https://github.com/trickster0/enyx) Enyx SNMP IPv6 Enumeration Tool
- [**56**Star][7m] [C] [toucan-system/pmcma](https://github.com/toucan-system/pmcma) Post Memory Corruption Memory Analyzer
- [**56**Star][4m] [Py] [torque59/garfield](https://github.com/torque59/garfield) An offensive attack framework for Distributed Layer of Modern Applications
- [**56**Star][2y] [JS] [tinysec/jsrt](https://github.com/tinysec/jsrt) javascript runtime ( JSRT ) project for windows , based on chakra
- [**56**Star][13d] [Py] [teal33t/poopak](https://github.com/teal33t/poopak) POOPAK - TOR Hidden Service Crawler
- [**56**Star][17d] [Py] [taokong/group_normalization](https://github.com/taokong/group_normalization) pytorch implementation of group normalization in
- [**56**Star][22d] [Shell] [t3chnocat/oscp-ctf](https://github.com/t3chnocat/oscp-ctf) oscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.
- [**56**Star][4m] [C] [strivexjun/hidedll](https://github.com/strivexjun/hidedll) Hide DLL / Hide Module / Hide Dynamic Link Library
- [**56**Star][10m] [Py] [stef/pyrsp](https://github.com/stef/pyrsp) python implementation of the GDB Remote Serial Protocol
- [**56**Star][2m] [C++] [stealth/crash](https://github.com/stealth/crash) crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX
- [**56**Star][8y] [C] [soulxu/kvmsample](https://github.com/soulxu/kvmsample) minivm based on kvm
- [**56**Star][10m] [Py] [sneakerhax/pyphisher](https://github.com/sneakerhax/pyphisher) A simple python tool for phishing
- [**56**Star][4m] [C] [shunix/tinyinjector](https://github.com/shunix/tinyinjector) Shared Library Injector on Android
- [**56**Star][2y] [WebAssembly] [seccon/seccon2017_online_ctf](https://github.com/seccon/seccon2017_online_ctf) 
- [**56**Star][13d] [Py] [samuelcolvin/dnserver](https://github.com/samuelcolvin/dnserver) Simple development DNS server written in python
- [**56**Star][1m] [Py] [romankh/gsm-assessment-toolkit](https://github.com/romankh/gsm-assessment-toolkit) GSM Assessment Toolkit - A security evaluation framework for GSM networks
- [**56**Star][15d] [Py] [ritvikb99/dark-fantasy-hack-tool](https://github.com/ritvikb99/dark-fantasy-hack-tool) DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking in…
- [**56**Star][16d] [Go] [retailnext/hllpp](https://github.com/retailnext/hllpp) HyperLogLog cardinality estimation algorithm in go/golang!
- [**56**Star][4m] [Py] [reorx/python-terminal-color](https://github.com/reorx/python-terminal-color) Drop-in single file library for printing color in terminal
- [**56**Star][2m] [JS] [rdegges/ss-auth](https://github.com/rdegges/ss-auth) Stupid Simple Authentication
- [**56**Star][13d] [C] [rc0r/afl-fuzz](https://github.com/rc0r/afl-fuzz) Non-official repository for lcamtuf's American Fuzzy Lop
- [**56**Star][3y] [C++] [raymon-tian/wfpfirewall](https://github.com/raymon-tian/wfpfirewall) 基于WFP(Windows Filter Platform)的个人防火墙系统
- [**56**Star][1m] [Ruby] [rapid7/ruby_smb](https://github.com/rapid7/ruby_smb) A native Ruby implementation of the SMB Protocol Family
- [**56**Star][1y] [C] [rapid7/reflectivedllinjection](https://github.com/rapid7/reflectivedllinjection) Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
- [**56**Star][16d] [Java] [pegacat/jxplorer](https://github.com/pegacat/jxplorer) A free java ldap client with LDIF support, security (inc SSL, SASL & GSSAPI), translated into many languages (inc. Chinese), online help, user forms and many other features.
- [**56**Star][6m] [Py] [p1kachu/talking-with-cars](https://github.com/p1kachu/talking-with-cars) CAN analysis - Use your car as a gamepad!
- [**56**Star][11d] [C++] [osrdrivers/kmexts](https://github.com/osrdrivers/kmexts) Simple driver to register all available process, thread, image, Registry, and Object callbacks
- [**56**Star][3m] [C] [opensuse/wicked](https://github.com/opensuse/wicked) Framework for network configuration
- [**56**Star][2m] [JS] [ollseg/ttt-ext](https://github.com/ollseg/ttt-ext) Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.
- [**56**Star][11d] [Py] [ocatak/malware_api_class](https://github.com/ocatak/malware_api_class) Malware dataset for security researchers, data scientists. Public malware dataset generated by Cuckoo Sandbox based on Windows OS API calls analysis for cyber security researchers
- [**56**Star][1y] [JS] [obscuritylabs/os-cfdb](https://github.com/obscuritylabs/os-cfdb) Open Source - Common Findings DataBase (JSON & MD)
- [**56**Star][30d] [Py] [nottinghamprisateam/pyersinia](https://github.com/nottinghamprisateam/pyersinia) Herramienta escrita en Python y utilizando la librería Scapy basada en Yersinia para la implementación de ataques de capa de enlace de datos
- [**56**Star][3m] [C#] [nccgroup/mnemosyne](https://github.com/nccgroup/mnemosyne) A Generic Windows Memory Scraping Tool
- [**56**Star][15d] [Rust] [nccgroup/assethook](https://github.com/nccgroup/assethook) LD_PRELOAD magic for Android's AssetManager
- [**56**Star][4m] [Julia] [nassarhuda/matrixnetworks.jl](https://github.com/nassarhuda/matrixnetworks.jl) Graph and Network algorithms in Julia
- [**56**Star][9m] [Shell] [nameles-org/nameles](https://github.com/nameles-org/nameles) Open source entropy based invalid traffic detection and pre-bid filtering.
- [**56**Star][15d] [Py] [n0fate/ichainbreaker](https://github.com/n0fate/ichainbreaker) Breaking the iCloud Keychain Artifacts
- [**56**Star][3y] [Py] [mzeyong/cve-2017-13089](https://github.com/mzeyong/cve-2017-13089) CVE-2017-13089
- [**56**Star][7m] [C] [msftserver/ravencoin-wallet-with-miners](https://github.com/msftserver/ravencoin-wallet-with-miners) RavenCoin Wallet including CPU and GPU miners! programs are directly from Ravencoin and official miner sources
- [**56**Star][3y] [C++] [mq1n/dllthreadinjectiondetector](https://github.com/mq1n/dllthreadinjectiondetector) 
- [**56**Star][18d] [JS] [moneroocean/xmr-node-proxy](https://github.com/moneroocean/xmr-node-proxy) Cryptonote/Forknote/Cryptonight/Light/Heavy coin proxy for nodejs-pool
- [**56**Star][13d] [JS] [marco-lancini/offensive-infrastructure](https://github.com/marco-lancini/offensive-infrastructure) Offensive Infrastructure with Modern Technologies
- [**56**Star][7y] [C++] [makerbot/miracle-grue](https://github.com/makerbot/miracle-grue) Workspace for new Toolpathing software.
- [**56**Star][5y] [C++] [m0n0ph1/basic-file-crypter](https://github.com/m0n0ph1/basic-file-crypter) Process Hollowing techniques as used in many file Crypters (C/C++)
- [**56**Star][2m] [Java] [linkedin/sometime](https://github.com/linkedin/sometime) A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
- [**56**Star][1m] [PHP] [kulisu/metasploit-pro-trial-grabber](https://github.com/kulisu/metasploit-pro-trial-grabber) This is a PHP command-line script to auto-grab the metasploit 14-DAYs pro trial key.
- [**56**Star][2m] [TS] [kombustor/antd-password-input-strength](https://github.com/kombustor/antd-password-input-strength) AntD Input component with password-strength indicator.
- [**56**Star][12d] [klaver/sysctl](https://github.com/klaver/sysctl) Linux/BSD kernel tuning and network security hardening optimizations, improving the performance of server systems via optimized sysctl tweaks
- [**56**Star][29d] [Py] [justfoxing/ghidra_bridge](https://github.com/justfoxing/ghidra_bridge) Python 3 bridge to Ghidra's Python scripting
- [**56**Star][7m] [Py] [joxeankoret/maltindex](https://github.com/joxeankoret/maltindex) Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns
- [**56**Star][4m] [Java] [johnjohndoe/proguard](https://github.com/johnjohndoe/proguard) Java class file shrinker, optimizer, obfuscator, and preverifier
- [**56**Star][1y] [C++] [jnferguson/double-free-examples](https://github.com/jnferguson/double-free-examples) Basic examples of double free exploitation/etc functionality in glibc/jemalloc/tcmalloc
- [**56**Star][2y] [jkpang/timliu-ios](https://github.com/jkpang/timliu-ios) iOS开发常用三方库、插件、知名博客等等
- [**56**Star][3y] [jas502n/st2-052](https://github.com/jas502n/st2-052) St2-052
- [**56**Star][3m] [Shell] [itskindred/pyembed](https://github.com/itskindred/pyembed) Elementary bash script that embeds malicious python code within another piece of inconspicuous python code.
- [**56**Star][2y] [C++] [huoji120/av-killer](https://github.com/huoji120/av-killer) Antivirus Killer
- [**56**Star][12m] [C] [hfiref0x/mpenum](https://github.com/hfiref0x/mpenum) Enumerate Windows Defender threat families and dump their names according category
- [**56**Star][2y] [hack-with-github/infosec-badges](https://github.com/hack-with-github/infosec-badges) Badges for your GitHub tool presented at InfoSec Conference
- [**56**Star][29d] [JS] [h43z/dns-rebinding-tool](https://github.com/h43z/dns-rebinding-tool) dns rebind tool with custom scripts
- [**56**Star][4m] [C#] [googlecloudplatform/stackdriver-sandbox](https://github.com/googlecloudplatform/stackdriver-sandbox) Stackdriver Sandbox is an open source tool that helps practitioners to learn Service Reliability Engineering practices from Google and apply them on their cloud services using Stackdriver.
- [**56**Star][11d] [C] [gluster/gluster-block](https://github.com/gluster/gluster-block) A framework for gluster block storage
- [**56**Star][1m] [C++] [feliam/klee-taint](https://github.com/feliam/klee-taint) KLEE-TAINT - Klee with taint analysis support
- [**56**Star][4y] [Shell] [epinna/unusedpkg](https://github.com/epinna/unusedpkg) Diagnostic tool to find unused packages
- [**56**Star][2m] [Py] [elevenpaths/neto](https://github.com/elevenpaths/neto) Neto | A tool to analyse browser extensions
- [**56**Star][2y] [Py] [elevenpaths/dirtytooth-raspberrypi](https://github.com/elevenpaths/dirtytooth-raspberrypi) Exploit the hack for IOS 11.1.2 and earlier to collect leaked information.
- [**56**Star][12m] [Py] [edent/renault-zoe-api](https://github.com/edent/renault-zoe-api) A basic API for getting information about your Renault Zoe Electric Vehicle.
- [**56**Star][6m] [Shell] [digitalocean/debian-sys-maint-roll-passwd](https://github.com/digitalocean/debian-sys-maint-roll-passwd) Script to update password for MySQL user "debian-sys-maint"
- [**56**Star][5y] [C++] [datachi/memdb](https://github.com/datachi/memdb) Tools to track memory accesses in applications and visualize the patterns to reveal opportunities for optimization.
- [**56**Star][12d] [Py] [crond-jaist/cyris](https://github.com/crond-jaist/cyris) CyRIS: Cyber Range Instantiation System
- [**56**Star][3y] [cn33liz/ms17-012](https://github.com/cn33liz/ms17-012) MS17-012 - COM Session Moniker EoP Exploit running within MSBuild.exe
- [**56**Star][4m] [Py] [cleanunicorn/theo](https://github.com/cleanunicorn/theo) Ethereum recon and exploitation tool.
- [**56**Star][6y] [Py] [bwall/bamf](https://github.com/bwall/bamf) Botnet Analysis Modular Framework
- [**56**Star][27d] [C] [bazad/threadexec](https://github.com/bazad/threadexec) A library to execute code in the context of other processes on iOS 11.
- [**56**Star][1m] [Py] [b-mueller/laser-ethereum](https://github.com/b-mueller/laser-ethereum) Symbolic virtual machine for Ethereum
- [**56**Star][4m] [Py] [az0ne/jboss_autoexploit](https://github.com/az0ne/jboss_autoexploit) JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution​ 漏洞批量检测
- [**56**Star][4m] [Self] [ayoul3/privesc](https://github.com/ayoul3/privesc) Privilege escalation tools on Mainframe
- [**56**Star][2y] [Py] [averagesecurityguy/ptnotes](https://github.com/averagesecurityguy/ptnotes) 
- [**56**Star][20d] [Py] [andreafioraldi/cve_searchsploit](https://github.com/andreafioraldi/cve_searchsploit) Search an exploit in the local exploitdb database by its CVE
- [**56**Star][2m] [Java] [ajohnston9/ciscorouter](https://github.com/ajohnston9/ciscorouter) Tool for scanning Cisco router products over SSH
- [**56**Star][3y] [Py] [ahm3dhany/ids-evasion](https://github.com/ahm3dhany/ids-evasion) Evading Snort Intrusion Detection System.
- [**56**Star][8d] [Py] [73696e65/windows-exploits](https://github.com/73696e65/windows-exploits) Used for the osce exam preparation
- [**56**Star][4m] [Py] [5alt/zeroscan](https://github.com/5alt/zeroscan) ZeroScan is a tool that auto gathers subdomains and scan ports
- [**56**Star][3y] [KiCad Layout] [1bitsy/1bitsy-hardware](https://github.com/1bitsy/1bitsy-hardware) Small breadboard friendly STM32 (eventually other mcu's too) eval boards with exposed JTAG and SWD for the use with Black Magic Probe and others!
- [**56**Star][4m] [1135/1135-cobaltstrike-toolkit](https://github.com/1135/1135-cobaltstrike-toolkit) about CobaltStrike
- [**56**Star][2m] [Py] [0xd012/wifuzzit](https://github.com/0xd012/wifuzzit) a 802.11 wireless fuzzer
- [**56**Star][18d] [Py] [0x01h/pyddoz](https://github.com/0x01h/pyddoz) PyDDoZ is a powerful, human-friendly DDoS tool using application layer (L7) attack techniques.
- [**55**Star][12d] [TS] [chame1eon/jnitrace-engine](https://github.com/chame1eon/jnitrace-engine) Engine used by jnitrace to intercept JNI API calls.
- [**55**Star][28d] [C] [kfiros/execmon](https://github.com/kfiros/execmon) Advanced process execution monitoring utility for linux (procmon like)
- [**55**Star][2y] [C#] [extremecodetv/sockssharp](https://github.com/extremecodetv/sockssharp) SocksSharp provides support for Socks4/4a/5 proxy servers to HttpClient
- [**55**Star][2y] [Py] [zhangslob/taobao_duoshou](https://github.com/zhangslob/taobao_duoshou) 使用Scrapy采集淘宝数据，Flask展示
- [**55**Star][10m] [Py] [pannous/tensorpeers](https://github.com/pannous/tensorpeers) p2p peer-to-peer training of tensorflow models
- [**55**Star][4m] [Java] [igio90/fridaandroidinjector](https://github.com/igio90/fridaandroidinjector) Inject frida agents on local processes through an Android app
- [**55**Star][8m] [C++] [bigballon/ghost](https://github.com/bigballon/ghost) An AI search algorithm demo
- [**55**Star][10d] [C#] [kevinwg/oss.common](https://github.com/kevinwg/oss.common) oss基础类库，主要涉及基础实体，加密算法，xml序列化，以及其他扩展方法等
- [**55**Star][4m] [HTML] [monkey-soft/schweizermesser](https://github.com/monkey-soft/schweizermesser) Python3网络爬虫实战
- [**55**Star][26d] [Java] [catherine22/classloader](https://github.com/catherine22/classloader) Loading apks or classes without reinstalling your app.
- [**55**Star][4m] [Py] [howie6879/talospider](https://github.com/howie6879/talospider) talospider - A simple,lightweight scraping micro-framework
- [**55**Star][12d] [Py] [barneygale/elevate](https://github.com/barneygale/elevate) Python library for requesting root privileges
- [**55**Star][11d] [thehive-project/awesome](https://github.com/thehive-project/awesome) A curated list of awesome things related to TheHive & Cortex
- [**55**Star][4m] [Swift] [git-kevinchuang/potatso-swift5](https://github.com/git-kevinchuang/potatso-swift5) Potatso compiled with swift5 xcode 10.2.1 mojave 10.14.5
- [**55**Star][17d] [jyvsectec/phr-model](https://github.com/jyvsectec/phr-model) Prepare, Hunt, and Respond - Conceptual model against cyber attacks by JYVSECTEC
- [**55**Star][4m] [C++] [trojan-gfw/trojan-qt](https://github.com/trojan-gfw/trojan-qt) GUI server and client of Trojan in Qt C++
- [**55**Star][13d] [C++] [px4/driverframework](https://github.com/px4/driverframework) Operating system and flight stack agnostic driver framework for POSIX (Linux, NuttX, Mac OS, QNX, VxWorks).
- [**55**Star][1y] [Py] [moosedojo/spotter](https://github.com/moosedojo/spotter) Targeted Payload Execution
- [**55**Star][13d] [Go] [onplus/v2ray-sitedat](https://github.com/onplus/v2ray-sitedat) 
- [**55**Star][10d] [Py] [valvepython/csgo](https://github.com/valvepython/csgo) 
- [**55**Star][1m] [Makefile] [artem-panchenko/counter-strike-docker](https://github.com/artem-panchenko/counter-strike-docker) Docker image for Counter-Strike 1.6 server
- [**55**Star][4m] [C] [bmegli/wifi-scan](https://github.com/bmegli/wifi-scan) A nl80211 C/C++ library for monitoring signal strength of WiFi networks
- [**55**Star][12d] [ObjC] [geosn0w/chaos](https://github.com/geosn0w/chaos) Chaos iOS < 12.1.2 PoC by
- [**55**Star][18d] [C] [contionmig/sagaantheepic-millin-hack-smh-kernel](https://github.com/ContionMig/SagaanTheEpic-Millin-Hack-SMH-Kernel) Just a thing i am trying to do, testing some things out and so on. This is for a game called csgo and basically are for people how knows what they are doing.
- [**55**Star][10m] [Py] [re4lity/pocorexp](https://github.com/re4lity/PoCorExp) PoC or Exp Of Vulnerability
- [**55**Star][4m] [C#] [z3prover/firewallchecker](https://github.com/z3prover/firewallchecker) A self-contained firewall checker
- [**55**Star][1m] [Shell] [w3c/device-memory](https://github.com/w3c/device-memory) Device Memory
- [**55**Star][4m] [Py] [unamer/pwnsandboxforctf](https://github.com/unamer/pwnsandboxforctf) Yet another sandbox for CTF challenge in AWD mode
- [**55**Star][2y] [JS] [ubeacsec/silverdog](https://github.com/ubeacsec/silverdog) An audio firewall for Chrome!
- [**55**Star][2y] [C#] [tyranid/windowsruntimesecuritydemos](https://github.com/tyranid/windowsruntimesecuritydemos) Demos for Presentation on Windows Runtime Security
- [**55**Star][29d] [JS] [twz915/django-minicms](https://github.com/twz915/django-minicms) Django 开发简易的内容管理系统
- [**55**Star][5y] [PHP] [troyhunt/pineapplesurprise](https://github.com/troyhunt/pineapplesurprise) Pineapple Surprise! is a PHP implementation for the Wi-Fi Pineapple or "Jasager". Used in conjunction with dnsspoof it will serve a "surprise" to any clients connected to the device when they make an HTTP request.
- [**55**Star][3y] [trietptm/security-news](https://github.com/trietptm/security-news) Information Security News
- [**55**Star][9d] [C++] [trendmicro/rfquack](https://github.com/trendmicro/rfquack) RFQuack: the versatile RF-analysis tool that quacks!
- [**55**Star][22d] [Py] [trailofbits/ctf-challenges](https://github.com/trailofbits/ctf-challenges) CTF Challenges
- [**55**Star][14d] [Py] [thez3ro/gogsownz](https://github.com/thez3ro/gogsownz) Gogs CVEs
- [**55**Star][2y] [C#] [them4hd1/jcs](https://github.com/them4hd1/jcs) Joomla Vulnerability Component Scanner
- [**55**Star][5m] [Shell] [thelinuxchoice/tweetshell](https://github.com/thelinuxchoice/tweetshell) Multi-thread Twitter BruteForcer in Shell Script
- [**55**Star][4m] [PS] [tasox/logrm](https://github.com/tasox/logrm) LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
- [**55**Star][4m] [C] [ssbssa/heob](https://github.com/ssbssa/heob) Detects buffer overruns and memory leaks.
- [**55**Star][1m] [Py] [sowish/sqlmapapi_pi](https://github.com/sowish/sqlmapapi_pi) 利用sqlmapapi进行批量检测sql注入
- [**55**Star][4m] [HTML] [sophoslabs/cve-2018-18500](https://github.com/sophoslabs/cve-2018-18500) PoC for CVE-2018-18500 - Firefox Use-After-Free
- [**55**Star][2y] [C++] [sisoma2/shellcodeloader](https://github.com/sisoma2/shellcodeloader) Small tool to load shellcodes or PEs to analyze them
- [**55**Star][2m] [C] [sciencemanx/ftrace](https://github.com/sciencemanx/ftrace) trace local function calls like strace and ltrace
- [**55**Star][13d] [Ruby] [saz/puppet-memcached](https://github.com/saz/puppet-memcached) Puppet module for memcached
- [**55**Star][4y] [C++] [s-kanev/xiosim](https://github.com/s-kanev/xiosim) A detailed michroarchitectural x86 simulator
- [**55**Star][3m] [Py] [royalbhati/violent-python-companion-files](https://github.com/royalbhati/violent-python-companion-files) Violent Python scripts used in book and few other required files
- [**55**Star][2m] [Py] [rodionovd/cuckoo-osx-analyzer](https://github.com/rodionovd/cuckoo-osx-analyzer) An OS X analyzer for Cuckoo Sandbox project
- [**55**Star][1m] [Java] [rapid7/metasploit-javapayload](https://github.com/rapid7/metasploit-javapayload) This repository has been merged into metasploit-payloads
- [**55**Star][1y] [ObjC] [rani-i/bluetoothdpoc](https://github.com/rani-i/bluetoothdpoc) CVE-2018-4087 PoC
- [**55**Star][3y] [Py] [rafiot/kittengroomer](https://github.com/rafiot/kittengroomer) USB key cleaner
- [**55**Star][22d] [Py] [prncc/steam-scraper](https://github.com/prncc/steam-scraper) A pair of spiders for scraping product data and reviews from Steam.
- [**55**Star][4y] [Py] [pidydx/smrt](https://github.com/pidydx/smrt) Sublime Malware Research Tool
- [**55**Star][6m] [Shell] [phoeagon/libfuckit](https://github.com/phoeagon/libfuckit) The best-effort C/C++ error steamrolloer.
- [**55**Star][3y] [Py] [patois/drgadget](https://github.com/patois/drgadget) IDAPython plugin for the Interactive Disassembler 
- [**55**Star][2y] [ObjC] [objective-see/aurevoir](https://github.com/objective-see/aurevoir) View and remove notification messages from Apple's "Notification Database"
- [**55**Star][6m] [Pascal] [nyx0/pony](https://github.com/nyx0/pony) Pony 2.0 Stealer
- [**55**Star][4m] [JS] [niegowski/node-daemonize2](https://github.com/niegowski/node-daemonize2) Node module for easy creation of daemons for Node 0.8.x and above
- [**55**Star][1m] [DIGITAL Command Language] [nahsra/antisamy](https://github.com/nahsra/antisamy) a library for performing fast, configurable cleansing of HTML coming from untrusted sources
- [**55**Star][3m] [Py] [mvantellingen/psycopg2-ctypes](https://github.com/mvantellingen/psycopg2-ctypes) ctypes port of psycopg2 (see
- [**55**Star][3y] [Py] [mseclab/burp-pyjfuzz](https://github.com/mseclab/burp-pyjfuzz) Burp Suite plugin which implement PyJFuzz for fuzzing web application.
- [**55**Star][13d] [Perl] [mrash/fwsnort](https://github.com/mrash/fwsnort) Application Layer IDS/IPS with iptables
- [**55**Star][2y] [PS] [mr-un1k0d3r/base64-obfuscator](https://github.com/mr-un1k0d3r/base64-obfuscator) Simple PowerShell Base64 encoder to avoid detection of your malicious payload
- [**55**Star][28d] [Py] [metalnas/loubia](https://github.com/metalnas/loubia) Python script to exploit java unserialize on t3 (Weblogic)
- [**55**Star][21d] [Py] [metachar/pyhawk](https://github.com/metachar/pyhawk) Searches the directory of choice for interesting files. Such as database files and files with passwords stored on them
- [**55**Star][3y] [JS] [marknote/teleshellbot](https://github.com/marknote/teleshellbot) A simple Telegram Bot to run shell commands remotely
- [**55**Star][5y] [C++] [malwaretech/fsthook](https://github.com/malwaretech/fsthook) A library for intercepting native functions by hooking KiFastSystemCall
- [**55**Star][2m] [C#] [lordgreggreg/skype-log-viewer](https://github.com/lordgreggreg/skype-log-viewer) Download and View Skype History Without Skype
- [**55**Star][4y] [Py] [lokifer/blindelephant](https://github.com/lokifer/blindelephant) Getting BlindElephant into a working state, and updating the plugin files
- [**55**Star][2y] [JS] [leocardoso94/push-notification-demo](https://github.com/leocardoso94/push-notification-demo) Demonstrate how to receive notifications using Firebase
- [**55**Star][4y] [Py] [laginimaineb/alohamora](https://github.com/laginimaineb/alohamora) Bootloader unlocking code for Motorola devices
- [**55**Star][2m] [HTML] [knrdl/yamot](https://github.com/knrdl/yamot) Yet Another MOnitoring Tool
- [**55**Star][9d] [Py] [kavishgr/xmlrpc-bruteforcer](https://github.com/kavishgr/xmlrpc-bruteforcer) An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)
- [**55**Star][7m] [C++] [kakaroto/ps3ida](https://github.com/kakaroto/ps3ida) IDA scripts and plugins for PS3
- [**55**Star][10d] [C++] [jinmo/ifred](https://github.com/jinmo/ifred) IDA command palette & more (Ctrl+Shift+P, Ctrl+P)
- [**55**Star][4m] [jfromaniello/pswatch](https://github.com/jfromaniello/pswatch) Powershell cmdlet to monitor file changes in a directory tree.
- [**55**Star][2y] [C] [jduck/canhazaxs](https://github.com/jduck/canhazaxs) A tool for enumerating the access to entries in the file system of an Android device.
- [**55**Star][3m] [jas502n/cve-2019-11581](https://github.com/jas502n/cve-2019-11581) Atlassian JIRA Template injection vulnerability RCE
- [**55**Star][2y] [C#] [jamessmith2/ethmonitoring](https://github.com/jamessmith2/ethmonitoring) Miner monitoring software with different notifications support
- [**55**Star][2y] [Py] [inurlx/cloudkill3r](https://github.com/inurlx/cloudkill3r) CLOUDKiLL3R bypasses Cloudflare protection service via TOR Browser using crimeflare !
- [**55**Star][5m] [intelstormteam/papers](https://github.com/intelstormteam/papers) Papers written (and released) by the Team
- [**55**Star][4m] [Py] [importctf/instagram-hacker](https://github.com/importctf/instagram-hacker) This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!
- [**55**Star][21d] [Go] [hectane/go-acl](https://github.com/hectane/go-acl) Go library for manipulating ACLs on Windows
- [**55**Star][1m] [Py] [harmj0y/pylnker](https://github.com/harmj0y/pylnker) This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
- [**55**Star][4m] [Py] [hannob/superfishy](https://github.com/hannob/superfishy) Archive of software and other data involved in the Superfish / Komodia incident
- [**55**Star][2m] [C++] [hackedteam/core-win32](https://github.com/hackedteam/core-win32) RCS Agent for Windows (32bit)
- [**55**Star][4m] [Py] [gray-panda/grayrepo](https://github.com/gray-panda/grayrepo) Personal repository for all ctf related stuffs
- [**55**Star][14d] [Shell] [goffinet/virt-scripts](https://github.com/goffinet/virt-scripts) Bash scripts for Linux KVM labs. Only for educational purposes.
- [**55**Star][2m] [C++] [gkvjwa/vmp](https://github.com/gkvjwa/vmp) A Demo
- [**55**Star][3m] [PHP] [gfoss/phpmyadmin_honeypot](https://github.com/gfoss/phpmyadmin_honeypot) phpmyadmin honeypot
- [**55**Star][25d] [Go] [gehaxelt/ds_store](https://github.com/gehaxelt/ds_store) GO - Minimal parser for .DS_Store files
- [**55**Star][5m] [g-solaria/osintforpentests](https://github.com/g-solaria/osintforpentests) Slides from my ShellCon Talk, OSINT for Pen Tests, given 10/19.
- [**55**Star][3m] [Java] [frank-zhu/androidhttpsdemo](https://github.com/frank-zhu/androidhttpsdemo) Android https SSL config demo
- [**55**Star][4y] [JS] [femtoduino/imuduino-btle](https://github.com/femtoduino/imuduino-btle) ATmega32u4 (Leonardo) with Nordic nRF8001 Bluetooth LE and 9/10 DOM/DOF orientation-sensing IMU
- [**55**Star][13d] [Java] [fabiomsr/okhttp-peer-certificate-extractor](https://github.com/fabiomsr/okhttp-peer-certificate-extractor) This tool extracts peer certificates from given certificates.
- [**55**Star][12d] [Py] [duo-labs/cloudtrail-partitioner](https://github.com/duo-labs/cloudtrail-partitioner) 
- [**55**Star][6m] [Shell] [docker-linux/kali-metasploit](https://github.com/docker-linux/kali-metasploit) 
- [**55**Star][19d] [Py] [disk0nn3ct/linkedin-gatherer](https://github.com/disk0nn3ct/linkedin-gatherer) Linkedin tool to gather profile data, emphasis in network connections
- [**55**Star][8m] [Py] [dhn/osee](https://github.com/dhn/osee) Collection of resources for my preparation to take the OSEE certification.
- [**55**Star][23d] [Py] [dfirfpi/dpapilab](https://github.com/dfirfpi/dpapilab) Windows DPAPI laboratory
- [**55**Star][2y] [PHP] [daudmalik06/reconcat](https://github.com/daudmalik06/reconcat) A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
- [**55**Star][18d] [Py] [databricks/mlflow](https://github.com/databricks/mlflow) Open source platform for the machine learning lifecycle
- [**55**Star][1m] [Nix] [dapphub/ds-auth](https://github.com/dapphub/ds-auth) Updatable, unobtrusive Solidity authorization pattern
- [**55**Star][13d] [Py] [cisco-talos/dotnet_windbg](https://github.com/cisco-talos/dotnet_windbg) 
- [**55**Star][4m] [Py] [circl/potiron](https://github.com/circl/potiron) Potiron - Normalize, Index and Visualize Network Capture
- [**55**Star][2y] [C++] [caseysmithrc/memmitm](https://github.com/caseysmithrc/memmitm) SSL In Memory Inspection - Proof Of Concept.
- [**55**Star][1y] [bughunterid/bughunterid](https://github.com/bughunterid/bughunterid) Para pencari bug / celah kemanan bisa bergabung.
- [**55**Star][4y] [Java] [bsmali4/checksql](https://github.com/bsmali4/checksql) 
- [**55**Star][1m] [Rust] [brycx/checkpwn](https://github.com/brycx/checkpwn) Check Have I Been Pwned and see if it's time for you to change passwords.
- [**55**Star][1m] [Py] [brianloveswords/python-jws](https://github.com/brianloveswords/python-jws) python implementation of JSON Web Signatures
- [**55**Star][2m] [C++] [blt4linux/blt4l](https://github.com/blt4linux/blt4l) PAYDAY 2 SteamOS/Linux LUA loader.
- [**55**Star][18d] [Py] [awnumar/blind-sql-bitshifting](https://github.com/awnumar/blind-sql-bitshifting) A blind SQL injection module that uses bitshfting to calculate characters.
- [**55**Star][23d] [Go] [aschzero/hera](https://github.com/aschzero/hera) Automated secure tunnels for containers using Cloudflare Argo
- [**55**Star][2m] [Py] [anssi-fr/route_leaks](https://github.com/anssi-fr/route_leaks) BGP Route Leaks Detection
- [**55**Star][1m] [C] [anestisb/melkor-android](https://github.com/anestisb/melkor-android) An Android port of the melkor ELF fuzzer
- [**55**Star][13d] [Py] [ahmia/ahmia-crawler](https://github.com/ahmia/ahmia-crawler) Collection of crawlers used by the ahmia search engine
- [**55**Star][5y] [Py] [ahhh/ntp_trojan](https://github.com/ahhh/ntp_trojan) Reverse NTP remote access trojan in python, for penetration testers
- [**55**Star][5m] [agahlot/rtfm](https://github.com/agahlot/rtfm) Red Team Field Manual
- [**55**Star][2m] [Py] [aeondave/tilt](https://github.com/aeondave/tilt) Terminal Ip Lookup Tool
- [**55**Star][4m] [C#] [advancedhacker101/c-sharp-r.a.t-client](https://github.com/advancedhacker101/c-sharp-r.a.t-client) This is a c# client for the c# R.A.T server
- [**55**Star][4m] [PS] [adrecon/adrecon](https://github.com/adrecon/adrecon) ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
- [**55**Star][2y] [Py] [5alt/vulhint](https://github.com/5alt/vulhint) VulHint是辅助代码审计的 sublime text 3 插件
- [**55**Star][3y] [Py] [4w4k3/knockmail](https://github.com/4w4k3/knockmail) Verify if email exists
- [**55**Star][27d] [0xhjk/caidao](https://github.com/0xhjk/caidao) 中国菜刀及其衍生版本的Webshell管理工具收集
- [**55**Star][18d] [Py] [0x4d31/sqhunter](https://github.com/0x4d31/sqhunter) A simple threat hunting tool based on osquery, Salt Open and Cymon API
- [**54**Star][4m] [sv3nbeast/cve-2019-1388](https://github.com/sv3nbeast/cve-2019-1388) guest→system（UAC手动提权）
- [**54**Star][4m] [Scala] [xxf098/shadowsocksr-v2ray-android](https://github.com/xxf098/shadowsocksr-v2ray-android) A ShadowsocksR and V2Ray client for Android
- [**54**Star][2m] [OCaml] [yannham/mechaml](https://github.com/yannham/mechaml) OCaml functional web scraping library
- [**54**Star][1y] [Py] [toadlybroodle/spam-bot-3000](https://github.com/toadlybroodle/spam-bot-3000) Social media research and promotion, semi-autonomous CLI bot
- [**54**Star][13d] [Shell] [citrix/ioc-scanner-cve-2019-19781](https://github.com/citrix/ioc-scanner-cve-2019-19781) Indicator of Compromise Scanner for CVE-2019-19781
- [**54**Star][11d] [Py] [t0thkr1s/gtfo](https://github.com/t0thkr1s/gtfo) Search for Unix binaries that can be exploited to bypass system security restrictions.
- [**54**Star][1y] [Py] [jacen789/newscrawler](https://github.com/jacen789/newscrawler) 新闻爬虫，爬取新浪、搜狐、新华网即时财经新闻。
- [**54**Star][30d] [PHP] [mmerian/phpcrawl](https://github.com/mmerian/phpcrawl) Copy of
- [**54**Star][22d] [JS] [networkcube/vistorian](https://github.com/networkcube/vistorian) Interactive open source visualization platform for multivariate dynamic networks.
- [**54**Star][26d] [C++] [adamstelmaszczyk/gtsa](https://github.com/adamstelmaszczyk/gtsa) Game Tree Search Algorithms - C++ library for AI bot programming
- [**54**Star][19d] [JS] [gokhansengun/twitter-flood-generator](https://github.com/gokhansengun/twitter-flood-generator) Simple Command Line Utility for Generating Twitter Floods
- [**54**Star][30d] [Py] [arm-software/cloud-iot-core-kit-examples](https://github.com/arm-software/cloud-iot-core-kit-examples) Example projects and code are supplied to support the Arm-based IoT Kit for Cloud IoT Core
- [**54**Star][22d] [Py] [itemir/rpi_boat_utils](https://github.com/itemir/rpi_boat_utils) Utilities for Raspberry Pi, mostly for usage on a boat. Includes UART control scripts, AIS wireless daemon, AIS decoder and an extensible boat & IoT sensor daemon for Signal K.
- [**54**Star][2m] [Java] [jkennethcarino/droidovpn](https://github.com/jkennethcarino/droidovpn) An unofficial VPN Gate client for Android.
- [**54**Star][3m] [C] [loimu/rtbth-dkms](https://github.com/loimu/rtbth-dkms) Linux Bluetooth driver for Ralink (Mediatek) RT3290/RT3298LE wireless module
- [**54**Star][2m] [Go] [dsnezhkov/deepsea](https://github.com/dsnezhkov/deepsea) DeepSea Phishing Gear
- [**54**Star][23d] [Assembly] [86hh/poc-viruses](https://github.com/86hh/poc-viruses) POC viruses I have created to demo some ideas
- [**54**Star][21d] [C] [olimex/esp32-poe](https://github.com/olimex/esp32-poe) ESP32 IoT development board with 100Mb Ethernet and 802.3 Power Over Ethernet (POE)
- [**54**Star][16d] [Perl] [theos/logos](https://github.com/theos/logos) Preprocessor that simplifies Objective-C hooking.
- [**54**Star][1m] [HTML] [jpcertcc/cordova](https://github.com/jpcertcc/cordova) Vulnerability Analysis of Hybrid Applications using Apache Cordova
- [**54**Star][18d] [C] [lowpowerlab/dualoptiboot](https://github.com/lowpowerlab/dualoptiboot) Custom Optiboot to add wireless programming capability to Moteino
- [**54**Star][1m] [Py] [mushorg/oschameleon](https://github.com/mushorg/oschameleon) OS Fingerprint Obfuscation for modern Linux Kernels
- [**54**Star][26d] [C] [valdikss/huawei_oled_hijack](https://github.com/valdikss/huawei_oled_hijack) Advanced on-screen menu for Huawei E5372, E5577, E5377, E5770, E5885 (and probably others) portable LTE routers
- [**54**Star][19d] [icymind/hackintosh](https://github.com/icymind/hackintosh) Minimal Clover Config and Drivers for Gigabyte Z390 I WIFI
- [**54**Star][5y] [Py] [ryhanson/keyslack](https://github.com/ryhanson/keyslack) Slack client used to encrypt/decrypt and send/receive Keybase PGP messages through a Slack private group.
- [**54**Star][1m] [HTML] [jgamblin/nmapnetworkinventorycontainer](https://github.com/jgamblin/nmapnetworkinventorycontainer) A Docker Container To Continually Scan Your Network And Display Findings Cleanly.
- [**54**Star][16d] [Shell] [thelinuxchoice/phurious](https://github.com/thelinuxchoice/phurious) Phishing any website to delivery Windows Reverse Shell payload through DATA URI
- [**54**Star][2m] [PS] [elevenpaths/telefonica-wannacry-filerestorer](https://github.com/elevenpaths/telefonica-wannacry-filerestorer) Tool to restore some WannaCry files which encryption weren't finish properly
- [**54**Star][2m] [HTML] [konklone/cdns-to-https](https://github.com/konklone/cdns-to-https) (Retired.) Testing HTTP->HTTPS redirects for CDNs.
- [**54**Star][4m] [C] [ixzzving/ssr-vpn](https://github.com/ixzzving/ssr-vpn) Shadowsocks & ShadowsocksR & V2Ray & V2RayNG & VNET/酸酸乳节点及客户端
- [**54**Star][1m] [Java] [casterwx/java-crawler](https://github.com/casterwx/java-crawler) 
- [**54**Star][26d] [Go] [abguthrie/goquery](https://github.com/abguthrie/goquery) Provide a shell like interface by utilizing osquery's distributed API
- [**54**Star][1m] [Py] [kc0bfv/pcode-emulator](https://github.com/kc0bfv/pcode-emulator) A PCode Emulator for Ghidra.
- [**54**Star][15d] [JS] [smallmi/omms](https://github.com/smallmi/omms) OMMS运维监控系统，功能介绍: 资产管理 应用管理 任务执行 权限管理等
- [**54**Star][10d] [Shell] [masssmith/smgate](https://github.com/masssmith/smgate) 用树莓派做v2ray透明翻墙网关
- [**54**Star][4m] [HTML] [0xbird/0xbird.github.io](https://github.com/0xbird/0xbird.github.io) 欢迎关注小鸟的技术博客！（Pwn/智能硬件安全/AI安全/移动设备/内核/虚拟机/容器安全/浏览器/CPU/安全开发/漏洞挖掘/安全学术）
- [**54**Star][1m] [Py] [synacktiv-contrib/stuffz](https://github.com/Synacktiv-contrib/stuffz) Repository containing many useful scripts
- [**54**Star][3y] [fsecurelabs/defcon25_uac_workshop](https://github.com/FSecureLABS/defcon25_uac_workshop) UAC 0Day all day!
- [**54**Star][3y] [Java] [zyrikby/fsquadra](https://github.com/zyrikby/fsquadra) Fast detection of repackaged Android applications based on the comparison of resource files included into the package.
- [**54**Star][8m] [PS] [whitehat-zero/powenum](https://github.com/whitehat-zero/powenum) Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.
- [**54**Star][19d] [HTML] [whatwg/mimesniff](https://github.com/whatwg/mimesniff) MIME Sniffing Standard
- [**54**Star][11d] [C] [w1nds/dll2shellcode](https://github.com/w1nds/dll2shellcode) dll转shellcode工具
- [**54**Star][1y] [PS] [vtagion/scripts](https://github.com/vtagion/scripts) 
- [**54**Star][5m] [Visual Basic] [vbgamer45/semi-vb-decompiler](https://github.com/vbgamer45/semi-vb-decompiler) Partial decompiler for Visual Basic. Code source of file struture infomation.
- [**54**Star][2y] [Py] [undeadsec/herakeylogger](https://github.com/undeadsec/herakeylogger) Chrome Keylogger Extension | Post Exploitation Tool
- [**54**Star][2y] [C++] [tomladder/winlib](https://github.com/tomladder/winlib) Windows Manipulation Library (x64, User/Kernelmode)
- [**54**Star][25d] [C++] [thisgamesux/linux-csgo-external](https://github.com/thisgamesux/linux-csgo-external) Linux x86 cheat/hack for x86 and x64 linux systems (compiled + tested on Xubuntu)
- [**54**Star][1m] [Py] [tgianko/deemon](https://github.com/tgianko/deemon) Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs" by G. Pellegrino, M. Johns, S. Koch, M. Backes, and C. Rossow.
- [**54**Star][4m] [Jupyter Notebook] [tamimmirza/intrusion-detection-system-using-deep-learning](https://github.com/tamimmirza/intrusion-detection-system-using-deep-learning) VGG-19 deep learning model trained using ISCX 2012 IDS Dataset
- [**54**Star][2y] [Py] [stormshadow07/beef-over-wan](https://github.com/stormshadow07/beef-over-wan) Browser Exploitation Framework is a Open-source penetration testing tool that focuses on browser-based vulnerabilities .This Python Script does the changes Required to make hooked Linked Accessible Over WAN .So anyone can use this framework and Attack Over WAN without Port Forwarding [NGROK or any Localhost to Webhost Service Required ]
- [**54**Star][30d] [JS] [soluto/webdriverio-zap-proxy](https://github.com/soluto/webdriverio-zap-proxy) Demo - how to easily build security testing for Web App, using Zap and Glue
- [**54**Star][3y] [smapper/logstash-configs](https://github.com/smapper/logstash-configs) Contains log parsers for Logstash for many systems and applications. Also contains many methods of augmenting logs.
- [**54**Star][2m] [Perl] [slashbeast/grsecurity-scrape](https://github.com/slashbeast/grsecurity-scrape) [No more new test patches, repo will remain as archive] Unofficial grsecurity test patch archive.
- [**54**Star][2m] [JS] [silverwind/default-gateway](https://github.com/silverwind/default-gateway) Get the default network gateway, cross-platform.
- [**54**Star][10m] [Py] [sherlly/pcrt](https://github.com/sherlly/pcrt) PCRT (PNG Check & Repair Tool), a tool to help check and fix the error in a PNG image.
- [**54**Star][2y] [Py] [se55i0n/webfinger](https://github.com/se55i0n/webfinger) web指纹识别
- [**54**Star][28d] [Py] [scwuaptx/peda](https://github.com/scwuaptx/peda) PEDA - Python Exploit Development Assistance for GDB
- [**54**Star][4m] [JS] [saucelabs/foxdriver](https://github.com/saucelabs/foxdriver) Foxdriver is a Node library which provides a high-level API to control Firefox over the Remote Debugging Protocol
- [**54**Star][2m] [Shell] [samoshkin/docker-letsencrypt-certgen](https://github.com/samoshkin/docker-letsencrypt-certgen) Docker image to generate, renew, revoke RSA and/or ECDSA SSL certificates from LetsEncrypt CA using certbot and acme.sh clients in automated fashion
- [**54**Star][1m] [Shell] [rustybird/corridor](https://github.com/rustybird/corridor) Tor traffic whitelisting gateway
- [**54**Star][2m] [Java] [ruedigergad/clj-net-pcap](https://github.com/ruedigergad/clj-net-pcap) A wrapper/facade/whatever to enable/ease the use of jNetPcap (a libpcap based packet sniffing lib) in Clojure
- [**54**Star][2y] [Py] [rolfrolles/finspyvm](https://github.com/rolfrolles/finspyvm) Static unpacker for FinSpy VM
- [**54**Star][9m] [ObjC] [rinnegatamante/vita2pc](https://github.com/rinnegatamante/vita2pc) Stream PSVITA gaming sessions over WiFi.
- [**54**Star][2m] [Py] [red-team-labs/waldo](https://github.com/red-team-labs/waldo) 
- [**54**Star][1y] [MATLAB] [professormahi/ctf](https://github.com/professormahi/ctf) CTF (Capture The Flag Writeups and Tools)
- [**54**Star][5m] [C] [passingtheknowledge/ganxo](https://github.com/passingtheknowledge/ganxo) An opensource API hooking framework
- [**54**Star][11d] [C++] [pantyusha/nesca](https://github.com/pantyusha/nesca) The legendary netstalking NEtwork SCAnner
- [**54**Star][4m] [Java] [p1sec/sigfw](https://github.com/p1sec/sigfw) Open Source Signaling Firewall for SS7, Diameter filtering, antispoof and antisniff
- [**54**Star][7y] [C#] [owasp/webgoat.net](https://github.com/owasp/webgoat.net) OWASP WebGoat.NET
- [**54**Star][3m] [C++] [osql/osql](https://github.com/osql/osql) SQL powered operating system instrumentation, monitoring, and analytics.
- [**54**Star][12d] [C] [orbisdev/liborbis](https://github.com/orbisdev/liborbis) Libraries and samples for PlayStation 4
- [**54**Star][25d] [opensourcepentest/tools](https://github.com/opensourcepentest/tools) Tools used for Penetration testing / Red Teaming
- [**54**Star][11m] [Py] [nnewsom/webbies](https://github.com/nnewsom/webbies) Collection of tools for web recon and enumeration.
- [**54**Star][2m] [PHP] [nextras/secured-links](https://github.com/nextras/secured-links) CSRF protection for Nette Framework presenters' signals.
- [**54**Star][10m] [Emacs Lisp] [nelhage/reverse-android](https://github.com/nelhage/reverse-android) Reverse-engineering tools for Android applications
- [**54**Star][1y] [Shell] [mzpqnxow/embedded-toolkit](https://github.com/mzpqnxow/embedded-toolkit) Prebuilt statically linked gdbserver and gawk executables for Linux on ARMEL, MIPS/MIPSEL and more platforms for use on embedded devices, including for systems with many different ABIs (including more than 20 statically linked gdbserver executables)
- [**54**Star][3m] [Ruby] [myfreeweb/freshcerts](https://github.com/myfreeweb/freshcerts) ACME certificate protocol (Let's Encrypt) proxy client with a dashboard and monitoring
- [**54**Star][14d] [Py] [muscledreamer/twitter_scrapy](https://github.com/muscledreamer/twitter_scrapy) Use Scrapy to crwal Twitter .THE 1.0 Edition
- [**54**Star][25d] [C++] [ms-iot/imx-iotcore](https://github.com/ms-iot/imx-iotcore) Windows 10 IoT Core BSP for NXP i.MX Processors
- [**54**Star][3m] [JS] [mcollina/docker-loghose](https://github.com/mcollina/docker-loghose) Collect all the logs from all docker containers
- [**54**Star][8m] [Py] [matejbasic/pythonscrapybasicsetup](https://github.com/matejbasic/pythonscrapybasicsetup) Basic setup with random user agents and IP addresses for Python Scrapy Framework.
- [**54**Star][4m] [Py] [maoqyhz/droidcc](https://github.com/maoqyhz/droidcc) Android malware detection using deep learning, contains android malware samples, papers, tools etc.
- [**54**Star][23d] [JS] [macabeus/klo-gba.js](https://github.com/macabeus/klo-gba.js) 
- [**54**Star][1m] [Py] [lxiaogirl/cc_attack](https://github.com/lxiaogirl/cc_attack) CC attack using python scripting programming language.
- [**54**Star][1m] [C] [lgeek/dynamorio_pin_escape](https://github.com/lgeek/dynamorio_pin_escape) Escaping DynamoRIO and Pin
- [**54**Star][10d] [Py] [laincode/shodan-seeker](https://github.com/laincode/shodan-seeker) Command-line tool using Shodan API. Generates and downloads CSV results, diffing of historic scanning results, alerts and monitoring of specific ports/IPs, etc.
- [**54**Star][2y] [C++] [k0keoyo/dark_composition_case_study_integer_overflow](https://github.com/k0keoyo/dark_composition_case_study_integer_overflow) 
- [**54**Star][24d] [C++] [jieyu/maple](https://github.com/jieyu/maple) A dynamic analysis framework for concurrent programs (x86 binaries). It is shipped with a few tools written using this framework for testing concurrent programs.
- [**54**Star][2y] [JS] [jeffbryner/mozdef](https://github.com/jeffbryner/mozdef) MozDef: The Mozilla Defense Platform
- [**54**Star][2y] [Shell] [jaybrown/dnscrypt-menu](https://github.com/jaybrown/dnscrypt-menu) Manage DNSCrypt from the macOS menu bar (BitBar plugin)
- [**54**Star][3m] [Py] [jaxbcd/ultimate-dork](https://github.com/jaxbcd/ultimate-dork) Web Crawler
- [**54**Star][9y] [Shell] [ioerror/crlwatch](https://github.com/ioerror/crlwatch) Collect, watch, and analyze SSL/TLS CRL data
- [**54**Star][11d] [Go] [inszva/tap0901](https://github.com/inszva/tap0901) Go语言虚拟网卡库，可用于制作对战平台、加速器、防火墙、VPN等
- [**54**Star][2y] [Py] [hiddenillusion/nomorexor](https://github.com/hiddenillusion/nomorexor) Tool to help guess a files 256 byte XOR key by using frequency analysis
- [**54**Star][7m] [Py] [heurs/parsentfs](https://github.com/heurs/parsentfs) Simple NTFS crawler.
- [**54**Star][1m] [C++] [hasherezade/mal_unpack](https://github.com/hasherezade/mal_unpack) Dynamic unpacker based on PE-sieve
- [**54**Star][4m] [harshilpatel007/hackinglabs](https://github.com/harshilpatel007/hackinglabs) A List Of Labs For People (Students) Who Want Learn OR Practice IT Security / Hacking / Penetration Testing In Ethical Way.
- [**54**Star][10m] [Go] [hailocab/logslam](https://github.com/hailocab/logslam) A lightweight lumberjack protocol compliant logstash indexer
- [**54**Star][1y] [JS] [gettyio/tronwallet-mobile](https://github.com/gettyio/tronwallet-mobile) TronWallet is a fully decentralized P2P crypto wallet for TRON (TRX)
- [**54**Star][17d] [C] [gentilkiwi/spectre_meltdown](https://github.com/gentilkiwi/spectre_meltdown) 
- [**54**Star][10d] [Swift] [frida/frida-swift](https://github.com/frida/frida-swift) Frida Swift bindings
- [**54**Star][5m] [JS] [firesuncn/my_ctf_challenges](https://github.com/firesuncn/my_ctf_challenges) 
- [**54**Star][3m] [C++] [filcab/patchdiff2](https://github.com/filcab/patchdiff2) IDA binary differ. Since code.google.com/p/patchdiff2/ seemed abandoned, I did the obvious thing…
- [**54**Star][1y] [Py] [dylankilkenny/coinmarketcap-historical-prices](https://github.com/dylankilkenny/coinmarketcap-historical-prices) Makes use of python3 and bs4 to scrape historical cryptocurrency prices, volume and market caps from coinmarketcap.com
- [**54**Star][3m] [Go] [diogomonica/actuary](https://github.com/diogomonica/actuary) An actuary is a business professional who analyzes the financial consequences of risk.
- [**54**Star][29d] [Shell] [denizparlak/hayat](https://github.com/denizparlak/hayat) Hayat is a script for report and analyze Google Cloud Platform resources.
- [**54**Star][2m] [Py] [crond-jaist/cytrone](https://github.com/crond-jaist/cytrone) CyTrONE: Integrated Cybersecurity Training Framework
- [**54**Star][2m] [C++] [cn33liz/p0shkiller](https://github.com/cn33liz/p0shkiller) 
- [**54**Star][2y] [C] [cn33liz/hsevd-stackoverflowx64](https://github.com/cn33liz/hsevd-stackoverflowx64) HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass
- [**54**Star][28d] [Go] [cmars/ormesh](https://github.com/cmars/ormesh) onion-routed mesh
- [**54**Star][1m] [Go] [cj123/allthefirmwares](https://github.com/cj123/allthefirmwares) Go! Get all the firmwares!
- [**54**Star][3m] [C++] [cirosantilli/algorithm-cheat](https://github.com/cirosantilli/algorithm-cheat) MOVING TO:
- [**54**Star][2m] [JS] [christophetd/docker-python-sandbox](https://github.com/christophetd/docker-python-sandbox) A Docker-powered NodeJS sandbox to execute untrusted python code.
- [**54**Star][2m] [JS] [cerebral/webpack-packager](https://github.com/cerebral/webpack-packager) A service that packages DLL bundles and manifests
- [**54**Star][5m] [C++] [census/windows_10_rs2_rs3_exploitation_primitives](https://github.com/census/windows_10_rs2_rs3_exploitation_primitives) Windows 10 RS2/RS3 exploitation primitives based on the OffensiveCon 2018 talk
- [**54**Star][1y] [JS] [cat-team-mmc/lysec](https://github.com/cat-team-mmc/lysec) 一个基于docker的安全培训系统
- [**54**Star][3y] [Assembly] [casperreverser/casperreverse](https://github.com/casperreverser/casperreverse) Here's a quick rundown of how I reversed the Casper API (
- [**54**Star][3y] [PS] [byt3bl33d3r/invoke-autoit](https://github.com/byt3bl33d3r/invoke-autoit) Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes
- [**54**Star][27d] [Clojure] [bronsa/tools.decompiler](https://github.com/bronsa/tools.decompiler) A decompiler for clojure, in clojure
- [**54**Star][26d] [C++] [bishopfox/untwister](https://github.com/bishopfox/untwister) Seed recovery tool for PRNGs
- [**54**Star][13d] [PHP] [backlion/webshell](https://github.com/backlion/webshell) 这是一些常用的webshell
- [**54**Star][4m] [Py] [attackanddefencesecuritylab/ad_webscanner](https://github.com/attackanddefencesecuritylab/ad_webscanner) AD工作室精心研发漏洞安全扫描器
- [**54**Star][2y] [Py] [aserper/ddetect](https://github.com/aserper/ddetect) Simple DDE object detector
- [**54**Star][2m] [C] [anestisb/radamsa-android](https://github.com/anestisb/radamsa-android) An Android port of radamsa fuzzer
- [**54**Star][29d] [Py] [alexknvl/fuzzball](https://github.com/alexknvl/fuzzball) Scala fuzzer
- [**54**Star][4m] [Py] [alephsecurity/xnu-qemu-arm64-tools](https://github.com/alephsecurity/xnu-qemu-arm64-tools) 
- [**54**Star][1m] [Shell] [alephsecurity/initroot](https://github.com/alephsecurity/initroot) Motorola Untethered Jailbreak: Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass
- [**54**Star][5m] [C] [0cch/0cchext](https://github.com/0cch/0cchext) 0CCh Windbg extension
- [**53**Star][1m] [JS] [sitespeedio/pagexray](https://github.com/sitespeedio/pagexray) Xray your HAR file and know all about the page
- [**53**Star][8m] [JS] [cdnbye/p2p-dplayer](https://github.com/cdnbye/p2p-dplayer) DPLayer powered by CDNBye P2P Engine
- [**53**Star][11d] [C] [hexkyz/hexfw](https://github.com/hexkyz/hexfw) hexFW - A custom firmware framework for the Wii U
- [**53**Star][6m] [Go] [henrylee2cn/algorithm](https://github.com/henrylee2cn/algorithm) algorithm library
- [**53**Star][4m] [Java] [lyric315/uiperforance](https://github.com/lyric315/uiperforance) Android 性能监控：FPS、CPU、Memory
- [**53**Star][23d] [Py] [briandconnelly/pyfttt](https://github.com/briandconnelly/pyfttt) Python tools for interacting with IFTTT Webhooks Channel
- [**53**Star][4m] [Py] [worldwonderer/proxy_tower](https://github.com/worldwonderer/proxy_tower) A proxy load balance server allows web crawlers to use proxy pool more effectively
- [**53**Star][7d] [C++] [rjdekker/mhi2mqtt](https://github.com/rjdekker/mhi2mqtt) Arduino-based WiFi/MQTT controller for wireless operation of a Mitsubishi Heavy Industries air conditioner through its serial CNS port
- [**53**Star][11d] [Java] [comp500/sslsocks](https://github.com/comp500/sslsocks) stunnel for Android GUI, allows tunneling over HTTPS
- [**53**Star][1m] [Py] [netcan/mycrawler](https://github.com/netcan/mycrawler) 我的爬虫合集
- [**53**Star][4m] [Java] [preferredai/venom](https://github.com/preferredai/venom) Your preferred open source focused crawler for the deep web.
- [**53**Star][4m] [Py] [jiezhi/just-a-spider](https://github.com/jiezhi/just-a-spider) 
- [**53**Star][6m] [Py] [cls1991/x-proxies](https://github.com/cls1991/x-proxies) Usable ip proxies, crawling from some proxy websites.
- [**53**Star][4m] [Java] [sdwfqin/classicbluetooth](https://github.com/sdwfqin/classicbluetooth) Android经典蓝牙工具类(cbt)------开关蓝牙、扫描蓝牙设备、连接配对、发送数据、接收数据、获取已配对设备
- [**53**Star][7m] [Py] [sflaqiu/spiderdemo](https://github.com/sflaqiu/spiderdemo) 
- [**53**Star][1m] [JS] [sameralsayegh/node-steam-bot-manager](https://github.com/sameralsayegh/node-steam-bot-manager) A NodeJS Steam Community Bot Management tool.
- [**53**Star][16d] [Shell] [garywill/linux-router](https://github.com/garywill/linux-router) Set Linux as router in one command. Support Internet sharing, redsocks, Wifi hotspot, IPv6. Can also be used for routing VM/containers
- [**53**Star][4m] [Java] [xausky/shadowsocksgostplugin](https://github.com/xausky/shadowsocksgostplugin) Gost 的 Shadowsocks 安卓插件，可以直接在 Shadowsocks 安卓客户端上连接 Gost 服务器
- [**53**Star][2m] [Py] [sensepost/peanuts](https://github.com/sensepost/peanuts) Peanuts is a free and open source wifi tracking tool. Based on the SensePosts Snoopy-NG project that is now closed.
- [**53**Star][3m] [Py] [lijiejie/outlook_webapp_brute](https://github.com/lijiejie/outlook_webapp_brute) Microsoft Outlook WebAPP Brute
- [**53**Star][3m] [Py] [lijiejie/wifipass](https://github.com/lijiejie/wifipass) decrypt all saved WIFI passwords on your PC
- [**53**Star][2m] [Shell] [sektioneins/micro-ca-tool](https://github.com/sektioneins/micro-ca-tool) Small-scale CA with SmartCard support - CLI wrapper for OpenSSL and OpenSC
- [**53**Star][11d] [Vue] [fireeye/gocrack-ui](https://github.com/fireeye/gocrack-ui) The User Interface for GoCrack
- [**53**Star][2m] [HTML] [qinyuhang/network-knowledge](https://github.com/qinyuhang/network-knowledge) 前端必备网络基础知识
- [**53**Star][7m] [JS] [yandex/csp-tester](https://github.com/yandex/csp-tester) This extension helps web masters to test web application behaviour with Content Security Policy (CSP) ver. 1.0 implemented.
- [**53**Star][10d] [Jupyter Notebook] [calebmadrigal/radio-hacking-scripts](https://github.com/calebmadrigal/radio-hacking-scripts) Scripts to aid in the manipulation of electromagnetic radiation (for use with gnu_radio and SDR).
- [**53**Star][2y] [C] [shadowsocks/libsscrypto](https://github.com/shadowsocks/libsscrypto) Build libsscrypto.dll for shadowsocks-windows.
- [**53**Star][16d] [Shell] [danielmiessler/iptables](https://github.com/danielmiessler/iptables) An iptables firewall configuration template.
- [**53**Star][30d] [Py] [xiphosresearch/steelcon-python-injection](https://github.com/xiphosresearch/steelcon-python-injection) Python Process Injection PoC Code from my SteelCon talk in 2014
- [**53**Star][8d] [Py] [fireeye/win10_volatility](https://github.com/fireeye/win10_volatility) An advanced memory forensics framework
- [**53**Star][11d] [Assembly] [vxunderground/vx-engines](https://github.com/vxunderground/vx-engines) Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
- [**53**Star][3m] [PHP] [ahref-group/superpanel](https://github.com/ahref-group/superpanel) A new shadowsocks panel based on ThinkPHP
- [**53**Star][1y] [Shell] [criteo/kerberos-docker](https://github.com/criteo/kerberos-docker) Run kerberos environment in docker containers
- [**53**Star][27d] [C#] [nyan-x-cat/uac-escaper](https://github.com/nyan-x-cat/uac-escaper) Escalation / Bypass Windows UAC
- [**53**Star][27d] [Java] [portswigger/stepper](https://github.com/portswigger/stepper) A natural evolution of Burp Suite's Repeater tool
- [**53**Star][23d] [Py] [yahooarchive/pyioce](https://github.com/YahooArchive/PyIOCe) Python IOC Editor
- [**53**Star][30d] [C] [lab313ru/smd_ida_tools](https://github.com/lab313ru/smd_ida_tools) Special IDA Pro tools for the Sega Genesis/Megadrive romhackers
- [**53**Star][1m] [JS] [lukechilds/onionite](https://github.com/lukechilds/onionite) Explore the Tor network
- [**53**Star][19d] [TS] [kruegerrobotics/lan-monitor](https://github.com/kruegerrobotics/lan-monitor) Simple website to display the LAN status based on a nmap scan
- [**53**Star][2y] [Py] [synacktiv-contrib/kernelcache-laundering](https://github.com/Synacktiv-contrib/kernelcache-laundering) load iOS12 kernelcaches and PAC code in IDA
- [**53**Star][9m] [HTML] [jm33-m0/gfw_scripts](https://github.com/jm33-m0/gfw_scripts) added shadowsocks plugin for gee 4
- [**53**Star][19d] [C#] [zodiacon/windbgx](https://github.com/zodiacon/windbgx) An attempt to create a friendly version of WinDbg
- [**53**Star][11m] [C#] [zodiacon/gflagsx](https://github.com/zodiacon/gflagsx) Enhanced version of the GFlags tool
- [**53**Star][3m] [Logos] [zhaochengxiang/ioswechatfakelocation](https://github.com/zhaochengxiang/ioswechatfakelocation) A tweak that can fake location info in WeChat
- [**53**Star][4m] [Py] [zdresearch/owasp-honeypot](https://github.com/zdresearch/owasp-honeypot) OWASP Honeypot
- [**53**Star][1m] [C++] [vmcall/eye_mapper](https://github.com/vmcall/eye_mapper) BattlEye x64 usermode injector
- [**53**Star][4m] [C++] [virgilsecurity/virgil-crypto](https://github.com/virgilsecurity/virgil-crypto) Virgil Crypto is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant. Crypto Library is written in C++, suitable for mobile and server platforms and supports bindings with: Swift, Obj-C, Java (Android), С#/.NET, …
- [**53**Star][2y] [Py] [uzetta27/easyrop](https://github.com/uzetta27/easyrop) A Python tool to generate ROP chains
- [**53**Star][13d] [Py] [utkonos/lst2x64dbg](https://github.com/utkonos/lst2x64dbg) Extract labels from IDA .lst or Ghidra .csv file and export x64dbg database.
- [**53**Star][4m] [Dockerfile] [trojan-gfw/trojan-docker](https://github.com/trojan-gfw/trojan-docker) Dockerfile for building a trojan docker image.
- [**53**Star][4m] [Py] [tna0y/python-random-module-cracker](https://github.com/tna0y/python-random-module-cracker) Predict python's random module generated values.
- [**53**Star][5y] [Java] [thuxnder/androiddevice.info](https://github.com/thuxnder/androiddevice.info) Android app collecting device information and submiting it to
- [**53**Star][21d] [PS] [thecjw/scoop-retools](https://github.com/thecjw/scoop-retools) Scoop bucket for reverse engineering tools
- [**53**Star][26d] [Java] [stevespringett/threatmodel-sdk](https://github.com/stevespringett/threatmodel-sdk) A Java library for parsing and programmatically using threat models
- [**53**Star][10d] [Py] [softscheck/scff](https://github.com/softscheck/scff) softScheck Cloud Fuzzing Framework
- [**53**Star][7m] [C#] [smourier/tracespy](https://github.com/smourier/tracespy) TraceSpy is a pure .NET, 100% free and open source, alternative to the very popular SysInternals DebugView tool.
- [**53**Star][4m] [ObjC] [smilezxlee/zxhookutil](https://github.com/smilezxlee/zxhookutil) 【iOS逆向】Tweak工具函数集，基于theos、monkeyDev
- [**53**Star][3y] [ObjC] [skelsec/biterrant](https://github.com/skelsec/biterrant) BitErrant
- [**53**Star][2y] [Java] [shengqi158/jackson-databind-rce-poc](https://github.com/shengqi158/jackson-databind-rce-poc) 
- [**53**Star][19d] [C] [shenghe/pcmanager](https://github.com/shenghe/pcmanager) 金山卫士开源代码。同步于Hg源。为了方便查看和学习，同步到Github
- [**53**Star][2m] [Py] [serain/kubelet-anon-rce](https://github.com/serain/kubelet-anon-rce) Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)
- [**53**Star][1m] [Java] [sensepost/apostille](https://github.com/sensepost/apostille) 
- [**53**Star][4y] [Py] [secwiki/some-poc-or-exp](https://github.com/secwiki/some-poc-or-exp) 各种漏洞poc、Exp的收集或编写
- [**53**Star][26d] [Py] [scy-phy/scapy-cip-enip](https://github.com/scy-phy/scapy-cip-enip) EtherNet/IP+CIP dissector for Scapy
- [**53**Star][3y] [rehints/blackhat_2017](https://github.com/rehints/blackhat_2017) Betraying the BIOS: Where the Guardians of the BIOS are Failing
- [**53**Star][11d] [C++] [redogwu/windows_kernel_exploit](https://github.com/redogwu/windows_kernel_exploit) windows kernel exploit
- [**53**Star][4m] [Shell] [piffall/pxesetupwizard](https://github.com/piffall/pxesetupwizard) PXE Setup Wizard. Netboot Debian, Ubuntu, System Rescue CD, FreeDOS and more.
- [**53**Star][4m] [Shell] [pierregode/linux-active-directory-join-script](https://github.com/pierregode/linux-active-directory-join-script) Active directory Join script for Ubuntu, Debian, CentOS, Linux Mint, Fedora, Kali, Elementary OS and Raspbian with built in failchcheck and debugmode for Ubuntu. "The most advanced and updated AD join script on GITHUB for Linux"
- [**53**Star][27d] [Py] [pentestpartners/mykali](https://github.com/pentestpartners/mykali) Linux setup tool for Kali Linux
- [**53**Star][1y] [Py] [payatu/cve-2018-14442](https://github.com/payatu/cve-2018-14442) PoC for Foxit Reader CVE-2018-14442
- [**53**Star][4m] [Py] [patois/xray](https://github.com/patois/xray) Hexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions
- [**53**Star][2y] [Py] [osuseclab/sgxpectre](https://github.com/osuseclab/sgxpectre) 
- [**53**Star][20d] [Dockerfile] [osminogin/docker-tor-simple](https://github.com/osminogin/docker-tor-simple) Simplest minimal container for Tor anonymity software
- [**53**Star][4y] [C] [osbock/baldwisdom](https://github.com/osbock/baldwisdom) Kevin's hacking projects code
- [**53**Star][5y] [Py] [osandamalith/chromefreak](https://github.com/osandamalith/chromefreak) A Cross-Platform Forensic Framework for Google Chrome
- [**53**Star][29d] [Go] [opencoff/go-tunnel](https://github.com/opencoff/go-tunnel) TLS/SSL Tunnel - A modern STunnel replacement written in golang
- [**53**Star][4y] [Shell] [nvssks/android-responder](https://github.com/nvssks/android-responder) Scripts for running Responder.py in an Android (rooted) device.
- [**53**Star][4m] [PHP] [northwind6/webbug](https://github.com/northwind6/webbug) WebBug漏洞练习平台
- [**53**Star][1m] [Py] [nixawk/nmap_vscan](https://github.com/nixawk/nmap_vscan) nmap service and application version detection (without nmap installation)
- [**53**Star][2m] [Py] [nccgroup/asadbg](https://github.com/nccgroup/asadbg) asadbg is a framework of tools to aid in automating live debugging of Cisco ASA devices
- [**53**Star][3y] [Py] [n0pe-sled/apache2-mod-rewrite-setup](https://github.com/n0pe-sled/apache2-mod-rewrite-setup) Quickly Implement Mod-Rewrite in your infastructure
- [**53**Star][1m] [Go] [mrexodia/haxxmap](https://github.com/mrexodia/haxxmap) Some simple go tools to perform a Man-in-the-middle (MITM) attack on your IMAP server in case you forgot your password.
- [**53**Star][9m] [CSS] [mobsf/capfuzz](https://github.com/mobsf/capfuzz) CapFuzz - capture, fuzz & intercept web traffic.
- [**53**Star][4m] [PS] [miladmsft/threathunt](https://github.com/miladmsft/threathunt) ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
- [**53**Star][2m] [Py] [matthewdunwoody/block-parser](https://github.com/matthewdunwoody/block-parser) Parser for Windows PowerShell script block logs
- [**53**Star][1y] [Py] [matonis/yara_tools](https://github.com/matonis/yara_tools) Create an entire YARA rule via Python? Whhhhhhaatttt?
- [**53**Star][4m] [Py] [marten4n6/tinytor](https://github.com/marten4n6/tinytor) A tiny Tor client implementation (in pure python).
- [**53**Star][2y] [Py] [m4ll0k/icloudbrutter](https://github.com/m4ll0k/icloudbrutter) AppleID Bruteforce
- [**53**Star][2m] [AutoIt] [lordfish/win10privacyfix](https://github.com/lordfish/win10privacyfix) Windows 10 Privacy Fixer
- [**53**Star][8y] [C] [kmcallister/alameda](https://github.com/kmcallister/alameda) Linux kernel JIT spray for SMEP / KERNEXEC bypass
- [**53**Star][6m] [PS] [kfosaaen/get-lapspasswords](https://github.com/kfosaaen/get-lapspasswords) Powershell function to pull the local admin passwords from LDAP, stored there by LAPS.
- [**53**Star][4y] [Py] [juliocesarfort/netscreen-shodan-scanner](https://github.com/juliocesarfort/netscreen-shodan-scanner) A SHODAN/Censys + Paramiko scanner to check for backdoored Internet-facing Juniper ScreenOS devices
- [**53**Star][11d] [jsecurity101/windows-api-to-sysmon-events](https://github.com/jsecurity101/windows-api-to-sysmon-events) A repository that maps API calls to Sysmon Event ID's.
- [**53**Star][4m] [C] [jonathanopalise/ppengine](https://github.com/jonathanopalise/ppengine) 3D remake of Atari's Pole Position coin-op, using game logic reverse engineered from the arcade ROMs
- [**53**Star][24d] [JS] [johnhhorton/node-nmap](https://github.com/johnhhorton/node-nmap) NPM package for interfacing with local NMAP installation
- [**53**Star][2m] [Shell] [jgamblin/curluseragent](https://github.com/jgamblin/curluseragent) Curl Script To Change User Agent
- [**53**Star][2m] [Py] [jeffreysasaki/backdoor](https://github.com/jeffreysasaki/backdoor) Linux backdoor implementation written in Python
- [**53**Star][30d] [C] [jdmccalpin/low-overhead-timers](https://github.com/jdmccalpin/low-overhead-timers) Very low-overhead timer/counter interfaces for C on Intel 64 processors.
- [**53**Star][2y] [ObjC] [iabem97/securityd-racer2](https://github.com/iabem97/securityd-racer2) PoC vulnerability in securityd
- [**53**Star][30d] [hitripod/awesome-blockchain](https://github.com/hitripod/awesome-blockchain) Curated list of blockchain, Awesome Awesomeness
- [**53**Star][6m] [C++] [hasherezade/vidi](https://github.com/hasherezade/vidi) ViDi Visual Disassembler (experimental)
- [**53**Star][2y] [C] [hasherezade/process_chameleon](https://github.com/hasherezade/process_chameleon) A process overwriting its own PEB to make an illusion that it has been loaded from a different path.
- [**53**Star][2m] [HTML] [hakanson/ng-owasp](https://github.com/hakanson/ng-owasp) OWASP Top 10 for AngularJS Applications
- [**53**Star][2y] [Py] [h-j-13/malicious_domain_whois](https://github.com/h-j-13/malicious_domain_whois) 
- [**53**Star][16d] [JS] [gnijuohz/awesome-developers](https://github.com/gnijuohz/awesome-developers) A list of awesome developers
- [**53**Star][6y] [C#] [glmcdona/functionhacker](https://github.com/glmcdona/functionhacker) Maintaining an official release at
- [**53**Star][28d] [JS] [frida/frida-compile](https://github.com/frida/frida-compile) Compile a Frida script comprised of one or more Node.js modules
- [**53**Star][1m] [Py] [firmadyne/scraper](https://github.com/firmadyne/scraper) Firmware scraper
- [**53**Star][16d] [Shell] [finalduty/cis_benchmarks_audit](https://github.com/finalduty/cis_benchmarks_audit) Simple command line tool to check for compliance against CIS Benchmarks
- [**53**Star][8y] [C++] [eschweiler/proreversing](https://github.com/eschweiler/proreversing) Open and generic Anti-Anti Reversing Framework. Works in 32 and 64 bits.
- [**53**Star][6y] [Py] [enthought/python-2.7.3](https://github.com/enthought/python-2.7.3) 
- [**53**Star][1y] [Java] [empireproject/empiremobile](https://github.com/empireproject/empiremobile) Android and iOS source for the Empire mobile app
- [**53**Star][3m] [CSS] [dxa4481/whatsinmyredis](https://github.com/dxa4481/whatsinmyredis) A CSRF demonstration of stealing local Redis data, and encrypting all Redis instances on a local network
- [**53**Star][2m] [Go] [dsopas/rfd-checker](https://github.com/dsopas/rfd-checker) RFD Checker - security CLI tool to test Reflected File Download issues
- [**53**Star][7m] [Py] [didierstevens/beta](https://github.com/didierstevens/beta) Beta versions of my software
- [**53**Star][4m] [C] [dgoulet/kjackal](https://github.com/dgoulet/kjackal) Linux Rootkit Scanner
- [**53**Star][4m] [C] [dennypage/dpinger](https://github.com/dennypage/dpinger) Pinger engine for monitoring latency and loss
- [**53**Star][14d] [Py] [debasishm89/iofuzz](https://github.com/debasishm89/iofuzz) A mutation based user mode (ring3) dumb in-memory Windows Kernel (IOCTL) Fuzzer/Logger. This script attach it self to any given process and hooks DeviceIoControl!Kernel32 API and try to log or fuzz all I/O Control code I/O Buffer pointer, I/O buffer length that process sends to any Kernel driver.
- [**53**Star][26d] [PHP] [danwin/onion-link-list](https://github.com/danwin/onion-link-list) A set of scripts to list tor hidden services
- [**53**Star][4y] [Shell] [danielmiessler/honeycrediptracker](https://github.com/danielmiessler/honeycrediptracker) Quick script to gather stats on incoming credentials and IPs for a honey listener.
- [**53**Star][1y] [Shell] [damonmohammadbagher/nativepayload_image](https://github.com/damonmohammadbagher/nativepayload_image) Transferring Backdoor Payloads with BMP Image Pixels
- [**53**Star][7m] [HTML] [d1str0/drupot](https://github.com/d1str0/drupot) Drupal Honeypot
- [**53**Star][3m] [Go] [cyrus-and/gdb](https://github.com/cyrus-and/gdb) Go GDB/MI interface
- [**53**Star][9y] [Py] [crossbowerbt/gdb-python-utils](https://github.com/crossbowerbt/gdb-python-utils) A library for GDB (with python support), that adds useful functions to the standard 'gdb' library.
- [**53**Star][1m] [C] [cossacklabs/hermes-core](https://github.com/cossacklabs/hermes-core) Security framework for building multi-user end-to-end encrypted data storage and sharing/processing with zero leakage risks from storage and transport infrastructure.
- [**53**Star][2y] [Py] [coffeehb/sstif](https://github.com/coffeehb/sstif) 一个Fuzzing服务器端模板注入漏洞的半自动化工具
- [**53**Star][3y] [Visual Basic .NET] [cn33liz/macrometer](https://github.com/cn33liz/macrometer) VBA Reversed TCP Meterpreter Stager
- [**53**Star][27d] [TS] [chuot/rdio-scanner](https://github.com/chuot/rdio-scanner) Rdio Scanner is a progressive web interface designed to act as an old school police radio scanner. It integrates all frontend / backend components to manage audio files from different sources.
- [**53**Star][1m] [Lua] [christophetd/nmap-nse-info](https://github.com/christophetd/nmap-nse-info) Browse and search through nmap's NSE scripts.
- [**53**Star][2y] [C] [chen-charles/pedetour](https://github.com/chen-charles/pedetour) modify binary Portable Executable to hook its export functions
- [**53**Star][15d] [JS] [blockadeio/chrome_extension](https://github.com/blockadeio/chrome_extension) Browser extension that uses intelligence to combat malicious websites by blocking them in real-time.
- [**53**Star][4m] [Java] [blackhacker511/blackrat](https://github.com/blackhacker511/blackrat) BlackRAT - Java Based Remote Administrator Tool
- [**53**Star][4m] [Py] [bkerler/mr](https://github.com/bkerler/mr) Mobile Revelator
- [**53**Star][10d] [Py] [behavior3/behavior3py](https://github.com/behavior3/behavior3py) Behavior3 client library for Python (Behavior Tree for Python)
- [**53**Star][2m] [Py] [ayoul3/cicspwn](https://github.com/ayoul3/cicspwn) CICSpwn is a tool to pentest a CICS Transaction servers on z/OS.
- [**53**Star][4m] [C++] [antscode/macwifi](https://github.com/antscode/macwifi) A wifi system menu extension for 68k Macs.
- [**53**Star][3y] [C++] [aixxe/chameleon](https://github.com/aixxe/chameleon) Basic skin & knife changer for Counter-Strike: Global Offensive
- [**53**Star][5m] [C] [adrianyy/keinject](https://github.com/adrianyy/keinject) Kernel LdrLoadDll injector
- [**53**Star][4m] [JS] [adamalawrence/ostia](https://github.com/adamalawrence/ostia) Ostia is a cryptocurrency trading platform that allows you to run algorithmic trading strategies across all major exchanges.
- [**53**Star][5m] [C#] [9ee1/capstone.net](https://github.com/9ee1/capstone.net) .NET Core and .NET Framework binding for the Capstone Disassembly Framework
- [**53**Star][1m] [Py] [9b/pdfxray_public](https://github.com/9b/pdfxray_public) Public version of PDF X-RAY
- [**53**Star][5m] [1522402210/blockchain-security-list](https://github.com/1522402210/blockchain-security-list) BlockChain-Security-List
- [**53**Star][2y] [Py] [0xd34db33f/gfyp](https://github.com/0xd34db33f/gfyp) Unification of dnstwist + SQLite + Email reporting. Set it as a cron job that runs every hour, give it a list of domains and email addresses for reporting, then watch it go find stuff.
- [**52**Star][2m] [lololosys/awesome-baseband-research](https://github.com/lololosys/awesome-baseband-research) A curated list of awesome baseband research resources
- [**52**Star][10d] [C++] [enazoe/yolo-tensorrt](https://github.com/enazoe/yolo-tensorrt) darknet -> tensorrt. TensorRT yoloV23 use raw darknet *.weights and *.cfg fils. If the wrapper is useful to you,please Star it.
- [**52**Star][10d] [parthdmaniar/coronavirus-covid-19-sars-cov-2-iocs](https://github.com/parthdmaniar/coronavirus-covid-19-sars-cov-2-iocs) All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns
- [**52**Star][Java] [veracode-research/actuator-testbed](https://github.com/veracode-research/actuator-testbed) A vulnerable application exposing Spring Boot Actuators
- [**52**Star][11m] [C] [scola/twittrouter](https://github.com/scola/twittrouter) replace the wifi password verification with twitter friends,works on openwrt router
- [**52**Star][4m] [Py] [entrepreneur-interet-general/openscraper](https://github.com/entrepreneur-interet-general/openscraper) An open source webapp for scraping: towards a public service for webscraping
- [**52**Star][2y] [Swift] [xcoo/upupu](https://github.com/xcoo/upupu) Simple camera application for iOS that uploads pictures to WebDAV server or Dropbox quickly. Available on the AppStore.
- [**52**Star][2y] [C++] [huwb/jitternator](https://github.com/huwb/jitternator) Lessons learnt from hunting jitter issues
- [**52**Star][17d] [Java] [harry1453/android-bluetooth-serial](https://github.com/harry1453/android-bluetooth-serial) A library for Android to simplify basic serial communication over Bluetooth, for example when communicating with Arduinos.
- [**52**Star][27d] [ObjC] [dcsch/macho-browser](https://github.com/dcsch/macho-browser) Mac browser for Mach-O binaries (macOS, iOS, watchOS, and tvOS)
- [**52**Star][3m] [TS] [openbytedev/sourcescraper](https://github.com/openbytedev/sourcescraper) Simple library which helps you to retrieve the source of various video streaming sites.
- [**52**Star][23d] [Jupyter Notebook] [isaacmg/fb_scraper](https://github.com/isaacmg/fb_scraper) a Facebook scraping system and analysis system.
- [**52**Star][2m] [Go] [google/sshkey-audit](https://github.com/google/sshkey-audit) Automate SSH key management
- [**52**Star][18d] [JS] [classy11/steam-ts](https://github.com/Classy11/steam-ts) Steam integration for TeamSpeak 3
- [**52**Star][2m] [Go] [mengzhuo/nabhash](https://github.com/mengzhuo/nabhash) An extremely fast Non-crypto-safe AES Based Hash algorithm for Big Data
- [**52**Star][1m] [C] [nplab/dtls-examples](https://github.com/nplab/dtls-examples) Examples for DTLS via SCTP and UDP using OpenSSL
- [**52**Star][12d] [Go] [sethvargo/go-diceware](https://github.com/sethvargo/go-diceware) Golang library for generating passphrases via the diceware algorithm.
- [**52**Star][3m] [C] [xueeinstein/darknet-vis](https://github.com/xueeinstein/darknet-vis) Visualize YOLO feature map in prediction for easily checking your model performance
- [**52**Star][12d] [pbnj/infosec-interview-questions](https://github.com/pbnj/infosec-interview-questions) 
- [**52**Star][16d] [Shell] [thelinuxchoice/badlnk](https://github.com/thelinuxchoice/badlnk) Reverse Shell in Shortcut File (.lnk)
- [**52**Star][13d] [TS] [whid-injector/whid-mobile-connector](https://github.com/whid-injector/whid-mobile-connector) Android Mobile App for Controlling WHID Injector remotely.
- [**52**Star][27d] [JS] [hacker0x01/helpful-recon-data](https://github.com/hacker0x01/helpful-recon-data) This information provides helpful information to make it easier to discover new attack surface on HackerOne.com.
- [**52**Star][1m] [C++] [martin-ger/esp8266-wifi-socket](https://github.com/martin-ger/esp8266-wifi-socket) Custom SW for the OBI "Wifi Stecker Schuko"
- [**52**Star][20d] [HTML] [nsacyber/bitlocker-guidance](https://github.com/nsacyber/bitlocker-guidance) Configuration guidance for implementing BitLocker. #nsacyber
- [**52**Star][19d] [PS] [nsacyber/http-connectivity-tester](https://github.com/nsacyber/http-connectivity-tester) Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber
- [**52**Star][2m] [Shell] [functionclub/easycdn](https://github.com/functionclub/easycdn) CDN 服务器自动安装脚本
- [**52**Star][17d] [espressif/esp32-bt-lib](https://github.com/espressif/esp32-bt-lib) ESP32 Bluetooth stack (below HCI layer) precompiled libraries
- [**52**Star][28d] [C] [pwn20wndstuff/injector](https://github.com/pwn20wndstuff/injector) 
- [**52**Star][7m] [Shell] [ullaakut/awesome-macos-setup](https://github.com/ullaakut/awesome-macos-setup) A repository with tools to automatically make any Mac awesome in a few minutes
- [**52**Star][2m] [Kotlin] [cbeuw/cloak-android](https://github.com/cbeuw/cloak-android) Android client of Cloak
- [**52**Star][1m] [Py] [circl/douglas-quaid](https://github.com/circl/douglas-quaid) Open source software for image correlation, distance and analysis
- [**52**Star][30d] [Go] [dreadl0ck/ja3](https://github.com/dreadl0ck/ja3) Go package for Ja3 TLS client and server hello fingerprints
- [**52**Star][11d] [Go] [v2ray/experiments](https://github.com/v2ray/experiments) Repository for experimental code
- [**52**Star][5m] [h2hconference/2019](https://github.com/h2hconference/2019) H2HC 2019 Slides/Materials/Presentations
- [**52**Star][15d] [Jupyter Notebook] [vrthra/f1](https://github.com/vrthra/f1) 
- [**52**Star][14d] [Py] [lorenzb/libsubmarine](https://github.com/lorenzb/libsubmarine) Implementation of a novel practical scheme for submarine commitments
- [**52**Star][2y] [Jupyter Notebook] [incertum/cyber-matrix-ai](https://github.com/incertum/cyber-matrix-ai) Collection of cyber security and "AI" relevant topics
- [**52**Star][7m] [Shell] [mwz1tn/free-v2ray](https://github.com/mwz1tn/free-v2ray) 免费v2ray分享，V2ray安装使用教程，墙裂的购买使用教程
- [**52**Star][4m] [r0x4r/d4rkxss](https://github.com/r0x4r/d4rkxss) A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
- [**52**Star][12d] [C++] [contionmig/lsass-usermode-bypass](https://github.com/ContionMig/LSASS-Usermode-Bypass) This bypass is for anti cheats like battleye and EAC. All this does is abuse lsass's handles and use them for yourself. This is quite useful as this is usermode which doesnt require you to find a way to load a driver
- [**52**Star][18d] [Assembly] [borjamerino/windows-one-way-stagers](https://github.com/BorjaMerino/Windows-One-Way-Stagers) Windows Stagers to circumvent restrictive network environments
- [**52**Star][2m] [ajayrandhawa/cryptolocker](https://github.com/ajayrandhawa/Cryptolocker) CryptoLocker is open source files encrypt-er. Crypto is developed in Visual C++. It has features encrypt all file, lock down the system and send keys back to the server. Multi-threaded functionality helps to this tool make encryption faster.
- [**52**Star][2m] [wh1t3p1g/struts2environment](https://github.com/wh1t3p1g/Struts2Environment) Struts2 历史版本的漏洞环境
- [**52**Star][14d] [Py] [cylance/mitmcanary](https://github.com/cylance/mitmcanary) Tool/service to detect Man in the Middle attacks with Canary Requests
- [**52**Star][3m] [Go] [zredshift/mimemagic](https://github.com/zredshift/mimemagic) Powerful and versatile MIME sniffing package using pre-compiled glob patterns, magic number signatures, XML document namespaces, and tree magic for mounted volumes, generated from the XDG shared-mime-info database.
- [**52**Star][4y] [C] [zhuhuibeishadiao/pfhook](https://github.com/zhuhuibeishadiao/pfhook) Page fault hook use ept (Intel Virtualization Technology)
- [**52**Star][8d] [Java] [zerokilo/n64loaderwv](https://github.com/zerokilo/n64loaderwv) Ghidra Loader Module for N64 ROMs
- [**52**Star][3y] [C++] [zer0mem0ry/standardinjection](https://github.com/zer0mem0ry/standardinjection) A simple Dll Injection demonstration
- [**52**Star][24d] [Py] [zenfish/ipmi](https://github.com/zenfish/ipmi) IPMI stuff from DARPA work
- [**52**Star][4m] [Verilog] [z4yx/naivemips-hdl](https://github.com/z4yx/naivemips-hdl) Naïve MIPS32 SoC implementation
- [**52**Star][3y] [xssninja/alexa-hacker-mode](https://github.com/xssninja/alexa-hacker-mode) Node JS code for a set of Alexa voice skills designed to assist hackers and developers with common tasks
- [**52**Star][6y] [Py] [x0day/multiproxies](https://github.com/x0day/multiproxies) penetration testing framework that can use socks4/socks5 proxy.
- [**52**Star][4m] [JS] [whichbrowser/parser-javascript](https://github.com/whichbrowser/parser-javascript) Browser sniffing gone too far — A useragent parser library for JavaScript
- [**52**Star][3m] [Go] [weppos/dnscaa](https://github.com/weppos/dnscaa) 
- [**52**Star][4m] [Py] [vrtadmin/first-plugin-ida](https://github.com/vrtadmin/first-plugin-ida) Function Identification and Recovery Signature Tool
- [**52**Star][29d] [Go] [vishnudxb/docker-mkcert](https://github.com/vishnudxb/docker-mkcert) Docker container for creating valid local ssl certificates
- [**52**Star][11d] [Py] [virtadpt/exocortex-halo](https://github.com/virtadpt/exocortex-halo) Various and sundry additional pieces of software I've written to incorporate into my exocortex.
- [**52**Star][6m] [tyrmars/websafe-steppitguide](https://github.com/tyrmars/websafe-steppitguide) Web前后端漏洞分析与防御-知识梳理
- [**52**Star][10d] [tw-ncert/ctifeeds](https://github.com/tw-ncert/ctifeeds) Cyber Threat Intelligence Feeds
- [**52**Star][4m] [PHP] [tsug0d/myawesomewebchallenge](https://github.com/tsug0d/myawesomewebchallenge) Collection of my capture-the-flag web challenge in any levels
- [**52**Star][2m] [Java] [tlamb96/kgb_messenger](https://github.com/tlamb96/kgb_messenger) An Android CTF practice challenge
- [**52**Star][10d] [tias/android-busybox-ndk](https://github.com/tias/android-busybox-ndk) Keeping track of instructions and patches for building busybox with the android NDK
- [**52**Star][18d] [Ruby] [thezdi/derbycon2017](https://github.com/thezdi/derbycon2017) DerbyCon 2017 Presentation VMware Escapology: How to Houdini the Hypervisor
- [**52**Star][12d] [Py] [t0kx/exploit-cve-2015-3306](https://github.com/t0kx/exploit-cve-2015-3306) ProFTPd 1.3.5 - (mod_copy) Remote Command Execution exploit and vulnerable container
- [**52**Star][2y] [Py] [sysopfb/malware_scripts](https://github.com/sysopfb/malware_scripts) Various scripts for different malware families
- [**52**Star][2m] [C] [stonedreamforest/re_avkmgr](https://github.com/stonedreamforest/re_avkmgr) 逆向小红伞杀毒软件驱动——avkmgr
- [**52**Star][4m] [Go] [stakater/proxyinjector](https://github.com/stakater/proxyinjector) A Kubernetes controller to inject an authentication proxy container to relevant pods - [✩Star] if you're using it!
- [**52**Star][11d] [C++] [sri-csl/stegotorus](https://github.com/sri-csl/stegotorus) A Camouflage Proxy for the Tor Anonymity System
- [**52**Star][2m] [C++] [silica/sandbox](https://github.com/silica/sandbox) Application virtualization tool for Windows
- [**52**Star][4m] [Py] [sfwishes/ollvm_de_fla](https://github.com/sfwishes/ollvm_de_fla) deobfuscation ollvm's fla
- [**52**Star][5y] [Py] [sensepost/wifi-rifle](https://github.com/sensepost/wifi-rifle) Creating a wireless rifle de-authentication gun, which utilized a yagi antenna and a Raspberry Pi.
- [**52**Star][3y] [C++] [sektioneins/wwcd](https://github.com/sektioneins/wwcd) Capstone powered IDA view
- [**52**Star][11d] [JS] [segmentio/metalsmith-markdown](https://github.com/segmentio/metalsmith-markdown) A Metalsmith plugin to convert markdown files.
- [**52**Star][1y] [Shell] [screetsec/imr0t](https://github.com/screetsec/imr0t) imR0T: Send a quick message with simple text encryption to your whatsapp contact and protect your text by encrypting and decrypting, basically in ROT13 with new multi encryption based algorithm on ASCII and Symbols Substitution
- [**52**Star][1y] [Py] [scarvell/grandstream_exploits](https://github.com/scarvell/grandstream_exploits) 
- [**52**Star][3m] [Py] [sanix-darker/brute-force-login](https://github.com/sanix-darker/brute-force-login) Brute Force Login in a web site with Python, hack accounts on any website with a good dictionary of words
- [**52**Star][4m] [Py] [saeeddhqan/maryam](https://github.com/saeeddhqan/maryam) Open-source Intelligence(OSINT) Framework
- [**52**Star][7m] [Java] [rub-nds/tls-scanner](https://github.com/rub-nds/tls-scanner) The TLS-Scanner Module from TLS-Attacker
- [**52**Star][15d] [JS] [ronomon/mime](https://github.com/ronomon/mime) Fast, robust, standards-compliant MIME decoder. Ships with extensive tests and fuzz tests.
- [**52**Star][2m] [JS] [rnehra01/arp-validator](https://github.com/rnehra01/arp-validator) 检测ARP 投毒攻击
- [**52**Star][2y] [riscure/rhme-2017](https://github.com/riscure/rhme-2017) Riscure Hack Me embedded hardware CTF 2017-2018.
- [**52**Star][4m] [C] [rek7/postshell](https://github.com/rek7/postshell) PostShell - Post Exploitation Bind/Backconnect Shell
- [**52**Star][3m] [Py] [q3k/m16c-interface](https://github.com/q3k/m16c-interface) A Serial IO programmer for Renesas M16C, includes security PIN bypass.
- [**52**Star][2y] [PS] [pldmgg/winadmincenterps](https://github.com/pldmgg/winadmincenterps) Copy of Windows Admin Center (
- [**52**Star][1y] [JS] [platdrag/unblockablechains](https://github.com/platdrag/unblockablechains) Unblockable Chains - A POC on using blockchain as infrastructure for malware operations
- [**52**Star][12d] [pbnj/infosec-interview-questions](https://github.com/pbnj/infosec-interview-questions) 
- [**52**Star][29d] [Go] [petaki/probe](https://github.com/petaki/probe) 
- [**52**Star][4y] [ASP] [pentesthub/priviledgebook](https://github.com/pentesthub/priviledgebook) 提权的文档
- [**52**Star][5m] [Py] [orweis/winpcapy](https://github.com/orweis/winpcapy) A Modern Python wrapper for WinPcap
- [**52**Star][3y] [Py] [neo23x0/radiocarbon](https://github.com/neo23x0/radiocarbon) Leak File Analyzer
- [**52**Star][5m] [C] [nccgroup/ncloader](https://github.com/nccgroup/ncloader) A session-0 capable dll injection utility
- [**52**Star][17d] [mykings/security-study-tutorial](https://github.com/mykings/security-study-tutorial) Summary of online learning materials
- [**52**Star][8y] [Ruby] [medelibero/ddos-tools](https://github.com/medelibero/ddos-tools) Tools that were created to help with Distributed Denial of Service testing
- [**52**Star][2y] [JS] [mattbrailsford/imprintjs](https://github.com/mattbrailsford/imprintjs) Javascript library for browser fingerprinting
- [**52**Star][4y] [PS] [m-dwyer/cryptoblocker](https://github.com/m-dwyer/cryptoblocker) A script to deploy File Server Resource Manager and associated scripts to block infected users
- [**52**Star][23d] [JS] [lirantal/nodejssecurity](https://github.com/lirantal/nodejssecurity) Documentation for Essential Node.js Security
- [**52**Star][17d] [C] [linaro-swg/optee_examples](https://github.com/linaro-swg/optee_examples) OP-TEE Sample Applications
- [**52**Star][2y] [Py] [libraggbond/cve-2018-3191](https://github.com/libraggbond/cve-2018-3191) CVE-2018-3191 反弹shell
- [**52**Star][27d] [Go] [leoleovich/grafsy](https://github.com/leoleovich/grafsy) Graphite client/proxy which listens locally on server and buffers data
- [**52**Star][8m] [Roff] [ldbfpiaoran/websearch](https://github.com/ldbfpiaoran/websearch) Search engine for web assets
- [**52**Star][4y] [Py] [kovige/netscan](https://github.com/kovige/netscan) 配合reGeorg使用的内网扫描工具
- [**52**Star][7y] [Py] [kevthehermit/maildb](https://github.com/kevthehermit/maildb) Python Web App to Parse and Track Email and http Pcap Files.
- [**52**Star][4m] [C#] [kentico/kinspector](https://github.com/kentico/kinspector) KInspector is an application for analyzing health, performance and security of your Kentico solution.
- [**52**Star][5m] [Swift] [joncardasis/to-the-apples-core](https://github.com/joncardasis/to-the-apples-core) A collection of non-jailbroken code snippets on reverse-engineered iOS private apis
- [**52**Star][2y] [Py] [jfoote/burp-git-bridge](https://github.com/jfoote/burp-git-bridge) Store Burp data and collaborate via git
- [**52**Star][2m] [Py] [jevinskie/emusca](https://github.com/jevinskie/emusca) Power trace simulator using Unicorn Engine for side channel analysis attack testing
- [**52**Star][10m] [Java] [jenkinsci/logstash-plugin](https://github.com/jenkinsci/logstash-plugin) Jenkins plugin to ship the console log off to Logstash
- [**52**Star][4m] [Go] [jakewins/findbtc](https://github.com/jakewins/findbtc) Find bitcoin wallets on corrupt, formatted or overwritten drives
- [**52**Star][1m] [Py] [ivrodriguezca/decrypt-ios-apps-script](https://github.com/ivrodriguezca/decrypt-ios-apps-script) Python script to SSH into your jailbroken device, decrypt an iOS App and transfer it to your local machine
- [**52**Star][12d] [C] [ivanfratric/winafl](https://github.com/ivanfratric/winafl) Windows 二进制文件fuzz工具
- [**52**Star][16d] [Shell] [infosecn1nja/ycsm](https://github.com/infosecn1nja/ycsm) This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
- [**52**Star][2y] [PHP] [httpoxy/php-fpm-httpoxy-poc](https://github.com/httpoxy/php-fpm-httpoxy-poc) A PoC for exploiting Guzzle's HTTP_PROXY untrusted read
- [**52**Star][1y] [Py] [hack-hut/crabstick](https://github.com/hack-hut/crabstick) Automatic remote/local file inclusion vulnerability analysis and exploit tool
- [**52**Star][9m] [Py] [grrrdog/tacotaco](https://github.com/grrrdog/tacotaco) Some scripts for attacks on Tacacs+ protocol
- [**52**Star][4y] [Py] [gideonn/insta-gallery-downloader](https://github.com/gideonn/insta-gallery-downloader) This is a bot to download all your instagram gallery pictures in a single folder
- [**52**Star][6y] [C++] [georgenicolaou/heaveninjector](https://github.com/georgenicolaou/heaveninjector) Simple proof of concept code for injecting libraries on 64bit processes from a 32bit process
- [**52**Star][10m] [C++] [gaypig/directx11-hook-with-discord](https://github.com/gaypig/directx11-hook-with-discord) DirectX11 hook with discord
- [**52**Star][6y] [Py] [fuzzynop/fiveonceinyourlife](https://github.com/fuzzynop/fiveonceinyourlife) Local osx dialog box phishing using osascript. Easier than keylogging on osx. Simply ask for the passwords you want.
- [**52**Star][12d] [PHP] [fortrabbit/craft-copy](https://github.com/fortrabbit/craft-copy) Deployment tools for Craft on fortrabbit
- [**52**Star][6m] [Py] [fideliscyber/indicators](https://github.com/fideliscyber/indicators) Indicators from FTAs and Blog Posts
- [**52**Star][1y] [feicong/zsxq_archives](https://github.com/feicong/zsxq_archives) 【软件安全与知识星球】精华文章列表
- [**52**Star][4m] [C] [eeply/ps4-linux](https://github.com/eeply/ps4-linux) Linux kernel fork with PS4 support (work in progress)
- [**52**Star][7m] [Shell] [edoverflow/smith](https://github.com/edoverflow/smith) Simple wrapper for meg that sieves through meg's output for you.
- [**52**Star][3y] [PHP] [edent/tweeview](https://github.com/edent/tweeview) A Tree View For Tweets
- [**52**Star][2m] [lololosys/awesome-baseband-research](https://github.com/lololosys/awesome-baseband-research) A curated list of awesome baseband research resources
- [**52**Star][1m] [JS] [davidaq/vodo](https://github.com/davidaq/vodo) 开源HTTP抓包
- [**52**Star][5m] [Py] [cseagle/ida_clemency](https://github.com/cseagle/ida_clemency) IDA cLEMENCy Tools
    - [clemency_ldr](https://github.com/cseagle/ida_clemency/blob/master/clemency_ldr.py) IDA loader module to create the basic memory layout and handle the loading of 9-bit, middle-endian, cLEMENCy executables.
    - [clemency_proc](https://github.com/cseagle/ida_clemency/blob/master/clemency_proc.py) IDA processor module to handle disassembly and assembly tasks
    - [clemency_dump](https://github.com/cseagle/ida_clemency/blob/master/clemency_dump.py) IDA plugin to allow for dumping modified database content back to a packed 9-bit, middle-endian file 
    - [clemency_fix](https://github.com/cseagle/ida_clemency/blob/master/clemency_fix.py)  IDA plugin to assist with fixing up poorly disassembled functions that might branch/call into regions that continue to be marked as data blocks.
- [**52**Star][14d] [Py] [cryptax/angeapk](https://github.com/cryptax/angeapk) Encrypting a PNG into an Android application
- [**52**Star][2y] [C] [coolervoid/firefox_tunnel](https://github.com/coolervoid/firefox_tunnel) The way to use firefox to make a tunnel to remote communication, bypass any firewall
- [**52**Star][3y] [Py] [citp/thewebneverforgets](https://github.com/citp/thewebneverforgets) Public code release for The Web Never Forgets paper
- [**52**Star][11d] [Java] [ciscopsirt/openvulnapi](https://github.com/ciscopsirt/openvulnapi) Documentation and Tools for Cisco's PSIRT openVuln API
- [**52**Star][10d] [Py] [cisco-talos/pylocky_decryptor](https://github.com/cisco-talos/pylocky_decryptor) 
- [**52**Star][1y] [Py] [cisco-talos/dyndataresolver](https://github.com/cisco-talos/dyndataresolver) Dynamic Data Resolver (DDR) IDA Pro Plug-in
    - [DDR](https://github.com/cisco-talos/dyndataresolver/blob/master/VS_project/ddr/ddr.sln) 基于DyRIO的Client
    - [IDA插件](https://github.com/cisco-talos/dyndataresolver/tree/master/IDAplugin) 
- [**52**Star][7y] [Py] [chrisjohnriley/scythe](https://github.com/chrisjohnriley/scythe) scythe: account enumerator
- [**52**Star][2m] [PS] [chrisad/wiki-dictionary-creator](https://github.com/chrisad/wiki-dictionary-creator) Creates dictionaries based on Wikipedia titles
- [**52**Star][19d] [Py] [bisoncorps/signalum](https://github.com/bisoncorps/signalum) To explore creating an application that detects available connections at once from wifi and bluetooth
- [**52**Star][3y] [Py] [attify/attify-zigbee-framework](https://github.com/attify/attify-zigbee-framework) GUI Framework on top of Killerbee
- [**52**Star][3y] [Py] [apkjet/trustlookwannacrytoolkit](https://github.com/apkjet/trustlookwannacrytoolkit) WannaCryToolkit scanner and removal toolkit
- [**52**Star][3m] [PS] [api0cradle/poweral](https://github.com/api0cradle/poweral) A Powershell module that helps you identify AppLocker weaknesses
- [**52**Star][2m] [Py] [alessandroz/pupy](https://github.com/alessandroz/pupy) Pupy is an opensource, multi-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) mainly written in python.
- [**52**Star][3m] [Go] [agilebits/crackme](https://github.com/agilebits/crackme) Password cracking challenges
- [**52**Star][15d] [Haskell] [adjoint-io/double-ratchet](https://github.com/adjoint-io/double-ratchet) Double ratchet algorithm for E2E encryption
- [**52**Star][4m] [C] [ademakov/mainmemory](https://github.com/ademakov/mainmemory) Wannabe Main Memory Database and More
- [**51**Star][4m] [Go] [42wim/gomphs](https://github.com/42wim/gomphs) A tool to ping multiple hosts at once with a CLI and web-based overview
- [**51**Star][1m] [Py] [huangtao1208/scrapy_spider](https://github.com/huangtao1208/scrapy_spider) 
- [**51**Star][4m] [Py] [kivy/oscpy](https://github.com/kivy/oscpy) An efficient OSC implementation compatible with python2.7 and 3.5+
- [**51**Star][4m] [Go] [snow-hardwolf/vulnerability-goapp](https://github.com/snow-hardwolf/vulnerability-goapp) Web application build Golang with Vulnerability
- [**51**Star][1m] [Py] [littlecraft/phony](https://github.com/littlecraft/phony) Easy to use bluetooth hands free telephony, with python
- [**51**Star][2m] [Py] [kevinjqiu/tangerine](https://github.com/kevinjqiu/tangerine) Tangerine Bank scraper
- [**51**Star][2m] [JS] [yinhangcode/homebridge-raspberrypi-temperature](https://github.com/yinhangcode/homebridge-raspberrypi-temperature) a homebridge plugin that gets raspberry pi CPU temperatures.
- [**51**Star][2m] [JS] [flowchain/flowchain-ledger](https://github.com/flowchain/flowchain-ledger) A distributed ledger for the p2p and decentralized IoT devices in JavaScript.
- [**51**Star][13d] [C++] [evolsoft/wifi-password-recovery](https://github.com/evolsoft/wifi-password-recovery) A free utility to recover the passwords of the wireless networks saved on your computer.
- [**51**Star][12d] [Jupyter Notebook] [dustyposa/gospider](https://github.com/dustyposa/gospider) some small project and some articles
- [**51**Star][4m] [salusasecondus/cryptogotchas](https://github.com/salusasecondus/cryptogotchas) A collection of common (interesting) cryptographic mistakes.
- [**51**Star][2m] [Java] [tadasr/react-native-iot-wifi](https://github.com/tadasr/react-native-iot-wifi) Simple wifi configuration manager for IOT devices.
- [**51**Star][13d] [goldweavers/bose_qc35-ubuntu](https://github.com/goldweavers/bose_qc35-ubuntu) Pair Bose QuietComfort 35 with Ubuntu over Bluetooth
- [**51**Star][3m] [Shell] [witee/note-shadowsocks](https://github.com/witee/note-shadowsocks) 公司网关使用 shadowsocks 搭建翻墙网络
- [**51**Star][10d] [C] [iaik/transientfail](https://github.com/iaik/transientfail) Website and PoC collection for transient execution attacks
- [**51**Star][23d] [Shell] [streaak/pastebin-scraper](https://github.com/streaak/pastebin-scraper) Pastebin-scraper tool leverages the API of
- [**51**Star][2m] [Py] [secgroundzero/tetanus](https://github.com/secgroundzero/tetanus) Helper script for mangling CS payloads
- [**51**Star][2y] [Shell] [hdb-li/lliconversioning](https://github.com/hdb-li/lliconversioning) A script that automatically creates an appIcon with debugging information
- [**51**Star][2m] [HTML] [iaik/jstemplate](https://github.com/iaik/jstemplate) JavaScript Template Attack proof-of-concept implementation
- [**51**Star][17d] [Lua] [ricterz/my-nse-scripts](https://github.com/ricterz/my-nse-scripts) My NSE Scripts
- [**51**Star][1m] [Py] [g0tmi1k/boot2root-scripts](https://github.com/g0tmi1k/boot2root-scripts) Homemade scripts to-do various vulnerable challenges
- [**51**Star][4m] [Py] [nccgroup/sshession](https://github.com/nccgroup/sshession) The SSH Multiplex Backdoor Tool
- [**51**Star][7m] [ObjC] [kpwn/inj](https://github.com/kpwn/inj) task_for_pid injection that doesn't suck
- [**51**Star][1m] [C] [pwn20wndstuff/rollectra11](https://github.com/pwn20wndstuff/rollectra11) 
- [**51**Star][2m] [PHP] [nkkollaw/reserved-subdomains](https://github.com/nkkollaw/reserved-subdomains) List of subdomains that could be candidates for reservation in multitenant app/ subdomain validator for multitenant apps
- [**51**Star][14d] [Py] [vainlystrain/vaile](https://github.com/vainlystrain/vaile) Metasploit-like pentest framework derived from TIDoS (
- [**51**Star][3m] [Java] [mogwailabs/rmi-deserialization](https://github.com/mogwailabs/rmi-deserialization) Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
- [**51**Star][1m] [JS] [luckman666/devops_kkit](https://github.com/luckman666/devops_kkit) django2.1写的自动化运维系统
- [**51**Star][12d] [Visual Basic] [vysecurity/cactustorch](https://github.com/vysecurity/CACTUSTORCH) Payload Generation for Adversary Simulations
- [**51**Star][3m] [Py] [anouarbensaad/honeypot-iot](https://github.com/anouarbensaad/honeypot-iot) This tool to simulate http server attacks in Python which logs HackerIP and all the tracing he does into a Logfile then a database.
- [**51**Star][3m] [TS] [tjson/tjson.js](https://github.com/tjson/tjson.js) JavaScript-compatible implementation of Tagged JSON (TJSON), written in TypeScript.
- [**51**Star][2y] [Py] [qax-a-team/redis_lua_exploit](https://github.com/QAX-A-Team/redis_lua_exploit) 
- [**51**Star][14d] [Py] [koromodako/mkctf](https://github.com/koromodako/mkctf) A CTF framework to create, build, deploy and monitor challenges
- [**51**Star][1m] [Dockerfile] [crytic/eth-security-toolbox](https://github.com/crytic/eth-security-toolbox) A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.
- [**51**Star][18d] [TeX] [zxgio/gdb_gef-cheatsheet](https://github.com/zxgio/gdb_gef-cheatsheet) GDB + GEF cheatsheet for reversing binaries
- [**51**Star][5y] [Py] [znb/malware](https://github.com/znb/malware) Malware related code
- [**51**Star][11d] [C] [zhichao281/duilib-miniblinkbrowser](https://github.com/zhichao281/duilib-miniblinkbrowser) 用duilib做的miniblink的浏览器
- [**51**Star][7m] [C#] [zeropointsecurity/goldenticket](https://github.com/zeropointsecurity/goldenticket) 
- [**51**Star][1m] [Py] [zengqiu/study](https://github.com/zengqiu/study) 
- [**51**Star][2m] [PS] [xme/powershell_scripts](https://github.com/xme/powershell_scripts) Miscellaneous PowerShell scripts
- [**51**Star][3m] [Shell] [xaqron/stunnel](https://github.com/xaqron/stunnel) Wrapping openvpn with stunnel
- [**51**Star][26d] [Py] [virink/awd_auto_attack_framework](https://github.com/virink/awd_auto_attack_framework) AWD 自动化攻击框架
- [**51**Star][2y] [JS] [vegabird/prithvi](https://github.com/vegabird/prithvi) A Report Generation Tool for Security Assessment
- [**51**Star][3y] [vasishtduddu/deepweblinks](https://github.com/vasishtduddu/DeepWebLinks) A huge dump of deep web links
- [**51**Star][1m] [Py] [vasco2016/shellsploit-framework](https://github.com/vasco2016/shellsploit-framework) New Generation Exploit Development Kit
- [**51**Star][4y] [C++] [uitra/injectora](https://github.com/uitra/injectora) x86/x64 manual mapping injector using the JUCE library
- [**51**Star][4m] [JS] [tuhinshubhra/wpintel](https://github.com/tuhinshubhra/wpintel) Chrome extension designed for WordPress Vulnerability Scanning and information gathering!
- [**51**Star][2m] [Ruby] [tresacton/dspectrum](https://github.com/tresacton/dspectrum) Automated RF/SDR Signal Analysis [Reverse Engineering]
- [**51**Star][2m] [Go] [threatstack/deputize](https://github.com/threatstack/deputize) Manage an on-call LDAP group based on PagerDuty on-call status
- [**51**Star][27d] [Py] [thelsa/awbruter](https://github.com/thelsa/awbruter) 千倍速一句话木马密码爆破工具
- [**51**Star][22d] [C] [sycloversecurity/ctf](https://github.com/sycloversecurity/ctf) Syclover(三叶草安全小组)承办的ctf比赛集合
- [**51**Star][1y] [ObjC] [ssyzh/weworktweak](https://github.com/ssyzh/weworktweak) 逆向破解企业微信定位，在家就能打卡了！
- [**51**Star][2m] [Jupyter Notebook] [sroberts/jager](https://github.com/sroberts/jager) Hunting IOCs all day every day...
- [**51**Star][1y] [sourcingdenis/free-online-competitive-intelligence](https://github.com/sourcingdenis/free-online-competitive-intelligence) #OSINT
- [**51**Star][7m] [Py] [snovvcrash/fwdsh3ll](https://github.com/snovvcrash/fwdsh3ll) Forward shell generation framework
- [**51**Star][7m] [C] [snare/kernelresolver](https://github.com/snare/kernelresolver) Example Mac OS X kernel extension that resolves symbols from the running kernel image
- [**51**Star][4m] [ObjC] [smilezxlee/zxrequestblock](https://github.com/smilezxlee/zxrequestblock) 一句话实现iOS应用底层所有网络请求拦截(如ajax请求拦截)，包含http-dns解决方法，有效防止DNS劫持，用于分析http，https请求，禁用/允许代理，防抓包等
- [**51**Star][27d] [Go] [slowmist/blockchain-threat-intelligence](https://github.com/slowmist/blockchain-threat-intelligence) Blockchain Threat Intelligence Sharing Platform（区块链威胁情报共享平台）
- [**51**Star][3y] [C] [sidechannelmarvels/stark](https://github.com/sidechannelmarvels/stark) Repository of small utilities related to key recovery
- [**51**Star][4m] [Shell] [shiva108/waes](https://github.com/shiva108/waes) CPH:SEC WAES: Web Auto Enum & Scanner - Auto enums website(s) and dumps files as result
- [**51**Star][26d] [JS] [shadow-workers/shadow-workers](https://github.com/shadow-workers/shadow-workers) C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
- [**51**Star][4m] [Java] [securenetwork/nfcult](https://github.com/securenetwork/nfcult) NFC Ultralight Toolkit
- [**51**Star][13d] [Py] [savio-code/hexorbase](https://github.com/savio-code/hexorbase) Automatically exported from code.google.com/p/hexorbase
- [**51**Star][2y] [Shell] [r1b/cve-2017-13089](https://github.com/r1b/cve-2017-13089) PoC for wget v1.19.1
- [**51**Star][9m] [HTML] [pwnsdx/ios-uri-schemes-abuse-poc](https://github.com/pwnsdx/ios-uri-schemes-abuse-poc) A set of URI schemes bugs that lead Safari to crash/freeze.
- [**51**Star][2y] [C] [pwn20wndstuff/osiris](https://github.com/pwn20wndstuff/osiris) Osiris developer jailbreak for iOS 11.0 - 11.4b3
- [**51**Star][2m] [Ruby] [puppetlabs/puppetlabs-puppetdb](https://github.com/puppetlabs/puppetlabs-puppetdb) A puppet module for installing and managing puppetdb
- [**51**Star][3m] [C] [psilupan/fray](https://github.com/psilupan/fray) Recompilable version of Super Smash Bros. Melee 1.02 based on the LibOGC project.
- [**51**Star][14d] [Java] [portswigger/authz](https://github.com/portswigger/authz) 
- [**51**Star][10m] [C] [pinkp4nther/sutekh](https://github.com/pinkp4nther/sutekh) An example rootkit that gives a userland process root permissions
- [**51**Star][2y] [pimps/cve-2017-5645](https://github.com/pimps/cve-2017-5645) CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization
- [**51**Star][2m] [TS] [phenomnomnominal/ineeda](https://github.com/phenomnomnominal/ineeda) Mocking library for TypeScript and JavaScript using Proxies!
- [**51**Star][2m] [JS] [pauljt/scanjs](https://github.com/pauljt/scanjs) Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.
- [**51**Star][18d] [C++] [papadp/reflective-injection-detection](https://github.com/papadp/reflective-injection-detection) a program to detect reflective dll injection on a live machine
- [**51**Star][3y] [p292/ddeautocs](https://github.com/p292/ddeautocs) A cobaltstrike script that integrates DDEAuto Attacks
- [**51**Star][3m] [offensive-security/nethunter-utils](https://github.com/offensive-security/nethunter-utils) Kali Linux NetHunter utils package
- [**51**Star][3m] [Shell] [nodiscc/xsrv](https://github.com/nodiscc/xsrv) [mirror] Run your own network services/applications, on a server you control.
- [**51**Star][3m] [C] [niklasb/elgoog](https://github.com/niklasb/elgoog) elgoog/searchme challenge from 34C3 CTF / WCTF 2018: sources & exploit
- [**51**Star][2y] [Java] [netspi/burpextractor](https://github.com/netspi/burpextractor) A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
- [**51**Star][20d] [C] [netmap-unipi/netmap-tutorial](https://github.com/netmap-unipi/netmap-tutorial) Netmap tutorial at SIGCOMM 2017 and AsiaBSDCon 2018
- [**51**Star][2y] [Py] [n4xh4ck5/n4xd0rk](https://github.com/n4xh4ck5/n4xd0rk) Listing subdomains about a main domain
- [**51**Star][7y] [CSS] [mubix/whitechapel](https://github.com/mubix/whitechapel) password cracking front end
- [**51**Star][4m] [Py] [mr-un1k0d3r/spfabuse](https://github.com/mr-un1k0d3r/spfabuse) SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp
- [**51**Star][1m] [Py] [mnrkbys/vss_carver](https://github.com/mnrkbys/vss_carver) Carves and recreates VSS catalog and store from Windows disk image.
- [**51**Star][4m] [Py] [miladdiaz/mikrotikexploit](https://github.com/miladdiaz/mikrotikexploit) Scan and Export RouterOS Password
- [**51**Star][4m] [Shell] [menzow/sn1per-docker](https://github.com/menzow/sn1per-docker) Dockerized version of Sn1per (
- [**51**Star][25d] [PS] [mburrough/pentestingazureapps](https://github.com/mburrough/pentestingazureapps) Script samples from the book Pentesting Azure Applications (2018, No Starch Press)
- [**51**Star][3m] [JS] [mattcg/socks5-client](https://github.com/mattcg/socks5-client) SOCKS v5 client socket implementation in JavaScript for Node.JS.
- [**51**Star][6y] [JS] [mandatoryprogrammer/rage](https://github.com/mandatoryprogrammer/rage) A hacked together PHP shell designed to be stealthy and portable
- [**51**Star][13d] [C] [limithit/ngx_dynamic_limit_req_module](https://github.com/limithit/ngx_dynamic_limit_req_module) The ngx_dynamic_limit_req_module module is used to dynamically lock IP and release it periodically.
- [**51**Star][26d] [Py] [lanjelot/ctfs](https://github.com/lanjelot/ctfs) notes and code on past CTFs
- [**51**Star][21d] [Py] [la0/garmin-uploader](https://github.com/la0/garmin-uploader) Garmin Connect Python Uploader
- [**51**Star][3m] [HTML] [klionsec/klionsec.github.io](https://github.com/klionsec/klionsec.github.io) 
- [**51**Star][6y] [C++] [jyang772/xor_crypter](https://github.com/jyang772/xor_crypter) XOR encryption, malware crypter
- [**51**Star][4y] [C] [jianqiangzhao/cve-2016-2434](https://github.com/jianqiangzhao/cve-2016-2434) 
- [**51**Star][5y] [C++] [ikoz/androidsubstrate_hookingc_examples](https://github.com/ikoz/androidsubstrate_hookingc_examples) AndroidSubstrate_hookingC_examples
- [**51**Star][9m] [Py] [huntcve/exploit](https://github.com/huntcve/exploit) 
- [**51**Star][2m] [Py] [hrkfdn/deckard](https://github.com/hrkfdn/deckard) Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks
- [**51**Star][1y] [C] [hfiref0x/sxsexp](https://github.com/hfiref0x/sxsexp) Expand compressed files from WinSxS folder
- [**51**Star][3m] [Jupyter Notebook] [harrisonpim/bookworm](https://github.com/harrisonpim/bookworm) 
- [**51**Star][11d] [hardenedlinux/embedded-iot_profile](https://github.com/hardenedlinux/embedded-iot_profile) embedded-iot_profile
- [**51**Star][15d] [C] [hackedteam/vector-edk](https://github.com/hackedteam/vector-edk) EFI Development Kit
- [**51**Star][20d] [Py] [grierforensics/officedissector](https://github.com/grierforensics/officedissector) Static analysis tools for Microsoft Office Open XML files and documents
- [**51**Star][2m] [Py] [ggusoft/inforfinder](https://github.com/ggusoft/inforfinder) Inforfinder is a tool to collect information of any domains pointing at some server (ip, domain, range, file).
- [**51**Star][2y] [JS] [firegpg/firegpg](https://github.com/firegpg/firegpg) FireGPG is no longer supported. Please see the README for information on WebPG.
- [**51**Star][28d] [Java] [fergarrui/custom-bytecode-analyzer](https://github.com/fergarrui/custom-bytecode-analyzer) Java bytecode analyzer customizable via JSON rules
- [**51**Star][4m] [Py] [etingof/snmpfwd](https://github.com/etingof/snmpfwd) SNMP Proxy Forwarder
- [**51**Star][2m] [JS] [ericr/sol-function-profiler](https://github.com/ericr/sol-function-profiler) Solidity Contract Function Profiler
- [**51**Star][10d] [Py] [ercoppa/symbolic-execution-tutorial](https://github.com/ercoppa/symbolic-execution-tutorial) Tutorial on Symbolic Execution. Hands-on session is based on the angr framework.
- [**51**Star][4y] [C++] [enigma0x3/messagebox](https://github.com/enigma0x3/messagebox) PoC dlls for Task Scheduler COM Hijacking
- [**51**Star][1y] [Py] [engelsjo/raspireader](https://github.com/engelsjo/raspireader) 3D models and code for building your own fingerprint reader
- [**51**Star][4y] [Py] [el3ct71k/autobrowser](https://github.com/el3ct71k/autobrowser) AutoBrowser Screenshot
- [**51**Star][2y] [PS] [dstaulcu/ta-sigma-searches](https://github.com/dstaulcu/ta-sigma-searches) A Splunk app with saved reports derived from Sigma rules
- [**51**Star][5m] [C++] [drizzlerisk/ntpdoser](https://github.com/drizzlerisk/ntpdoser) NTP Doser is a NTP Amplification DoS/DDoS attack tool for penttesting
- [**51**Star][4m] [Py] [devalone/proxy_py](https://github.com/devalone/proxy_py) Proxy collector
- [**51**Star][2m] [Nix] [dapphub/ds-proxy](https://github.com/dapphub/ds-proxy) a proxy object that can compose transactions on owner's behalf
- [**51**Star][8m] [Py] [cytopia/crawlpy](https://github.com/cytopia/crawlpy) Scrapy python crawler/spider with post/get login (handles CSRF), variable level of recursions and optionally save to disk
- [**51**Star][9m] [Py] [cve-search/pycvesearch](https://github.com/cve-search/pycvesearch) Python wrapper for the API of cve-search
- [**51**Star][11d] [cisofy/cisofy-security-policy](https://github.com/cisofy/cisofy-security-policy) This is the public security policy of CISOfy, with extra resources like security tools.
- [**51**Star][3y] [Py] [cisco-talos/smi_check](https://github.com/cisco-talos/smi_check) Smart Install Client Scanner
- [**51**Star][2m] [Java] [channingbj/meerkat](https://github.com/channingbj/meerkat) meerkat 是用于服务监控以及服务降级基础组件，主要为了解决调用外部接口的时候进行成功率，响应时间，QPS指标的监控，同时在成功率下降到预设的阈值以下的时候自动切断外部接口的调用，外部接口成功率恢复后自动恢复请求
- [**51**Star][1m] [Py] [capeleidokos/elf_diff](https://github.com/capeleidokos/elf_diff) A tool to compare ELF binaries
- [**51**Star][4y] [breakingmalwareresearch/captain-hook](https://github.com/breakingmalwareresearch/captain-hook) 
- [**51**Star][9d] [JS] [brangerbriz/wifi-data-safari](https://github.com/brangerbriz/wifi-data-safari) WiFi Data Safari Workshop
- [**51**Star][3y] [bluscreenofjeff/metasploit-resource-scripts](https://github.com/bluscreenofjeff/metasploit-resource-scripts) A repo for any Metasploit resource scripts that I've found useful
- [**51**Star][8m] [HTML] [beep3r/poc-exp](https://github.com/beep3r/poc-exp) 
- [**51**Star][2m] [Assembly] [azya52/seiko](https://github.com/azya52/seiko) Seiko uc-2000 reverse engineering
- [**51**Star][6y] [Perl] [awakecoding/freerdp-manuals](https://github.com/awakecoding/freerdp-manuals) FreeRDP Manuals
- [**51**Star][4m] [C++] [anubisss/szimatszatyor](https://github.com/anubisss/szimatszatyor) World of Warcraft (WoW): SzimatSzatyor is an injector sniffer written in C++
- [**51**Star][2m] [Py] [cyberinstructor/arpag](https://github.com/cyberinstructor/arpag) Otomatik exploit aracı
- [**51**Star][30d] [C] [andy928/xpenology](https://github.com/andy928/xpenology) XPEnology Project
- [**51**Star][3m] [TeX] [amet13/master-thesis](https://github.com/amet13/master-thesis) Выпускная квалификационная работа (ВКР) магистра в LaTeX, оформленная в соответствии с нормоконтролем Севастопольского государственного университета в 2017 г.
- [**51**Star][7m] [C] [alainesp/hashsuitedroid](https://github.com/alainesp/hashsuitedroid) Hash Suite for Android
- [**51**Star][4m] [Py] [5alt/lianwifi](https://github.com/5alt/lianwifi) wifi万能钥匙api
- [**51**Star][4m] [JS] [4k-developer/4k-botnet](https://github.com/4k-developer/4k-botnet) A simple and easy to use JS Botnet
- [**51**Star][7y] [C++] [1184893257/simplesniffer](https://github.com/1184893257/simplesniffer) 基于 WinPcap 的网络抓包软件，使用 MFC 做界面
- [**51**Star][1y] [c] [NtQuery/scyllahide](https://bitbucket.org/ntquery/scyllahide) 
- [**50**Star][17d] [Kotlin] [silentsignal/burp-piper](https://github.com/silentsignal/burp-piper) Piper Burp Suite Extender plugin
- [**50**Star][9m] [NSIS] [gigi81/elk-windows-installer](https://github.com/gigi81/elk-windows-installer) Elasticsearch Logstash Kibana Windows Installer
- [**50**Star][2y] [Java] [yaphets1/wifi-direct-file-transfer-app](https://github.com/yaphets1/wifi-direct-file-transfer-app) WiFi Direct File Transfer is a experimental app that will allow sharing of data between Android devices running Android 4.0 or higher using a WiFi direct connection without the use of a WiFi access point. This will enable data transfer between devices without relying on any existing network infrastructure
- [**50**Star][4m] [Py] [mufeedvh/cve-2019-8449](https://github.com/mufeedvh/cve-2019-8449) CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
- [**50**Star][9m] [R] [jonasschroeder/instacrawlr](https://github.com/jonasschroeder/instacrawlr) Crawl public Instagram data using R scripts without API access token. See InstaCrawlR Instructions.pdf
- [**50**Star][9m] [sailay1996/gui_uac_bypassx](https://github.com/sailay1996/gui_uac_bypassx) gui uac bypass (netplwiz.exe)
- [**50**Star][4m] [Py] [ivanlei/threatbutt](https://github.com/ivanlei/threatbutt) Threatbutt python client and Maltego transforms
- [**50**Star][4m] [PS] [pwndexter/invoke-edrchecker](https://github.com/pwndexter/invoke-edrchecker) Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
- [**50**Star][19d] [Go] [gslabdev/terraform-provider-ad](https://github.com/gslabdev/terraform-provider-ad) Automates the Active Directory resource creation during Infrastructure build using Terraform Provider.
- [**50**Star][3m] [Py] [bhavinjawade/advanced-data-structures-with-python](https://github.com/bhavinjawade/advanced-data-structures-with-python) Self written codes for Advanced Data Structures and Algorithms using Python. With each code, there is an associated markdown for explanation and applicaitions of that algorithm or data structure.
- [**50**Star][4m] [Eagle] [sparkfun/esp32_thing](https://github.com/sparkfun/esp32_thing) Development platform for the Espressif ESP32 WiFi/Microcontroller SoC
- [**50**Star][7d] [Java] [law-unimi/bubing](https://github.com/law-unimi/bubing) The LAW next generation crawler.
- [**50**Star][3y] [Py] [infra-intern/scrapy-demos](https://github.com/infra-intern/scrapy-demos) scrapy demo
- [**50**Star][24d] [Go] [qkraudghgh/algorithms](https://github.com/qkraudghgh/algorithms) Minimal examples of data structures and algorithms in Golang
- [**50**Star][1m] [Go] [go-crawler/car-prices](https://github.com/go-crawler/car-prices) Golang爬虫 爬取汽车之家 二手车产品库
- [**50**Star][1m] [shyjal/reactnative-android-production](https://github.com/shyjal/reactnative-android-production) Step by step guid for compiling and installing React Native Android app [ bundled release version ] to your test device.
- [**50**Star][3m] [Py] [jantman/python-wifi-survey-heatmap](https://github.com/jantman/python-wifi-survey-heatmap) A Python application for Linux machines to perform WiFi site surveys and present the results as a heatmap overlayed on a floorplan
- [**50**Star][1m] [C++] [koba/overhead-camera-people-counter](https://github.com/koba/overhead-camera-people-counter) People counting algorithm using an overhead video camera
- [**50**Star][18d] [JS] [jefferyhus/es6-crawler-detect](https://github.com/jefferyhus/es6-crawler-detect) is an ES6 version of the original PHP class @CrawlerDetect, it helps you detect bots/crawlers and spiders only by scanning the user-agent string or from the global request.headers.
- [**50**Star][2m] [C++] [mertenats/ai-thinker_rgbw_bulb](https://github.com/mertenats/ai-thinker_rgbw_bulb) Alternative firmware for AI-Thinker RGBW bulbs, based on the MQTT protocol and a TLS connection
- [**50**Star][5m] [Go] [heetch/lapjv](https://github.com/heetch/lapjv) Go implementation of the LAPJV algorithm
- [**50**Star][4m] [Java] [fengzhizi715/piccrawler](https://github.com/fengzhizi715/piccrawler) 使用RxJava2 和 Java 8的特性开发的图片爬虫
- [**50**Star][2m] [awesome-doge/breaking-gfw-book](https://github.com/awesome-doge/breaking-gfw-book) 整理所有的翻墙方法，持续更新....欢迎PR
- [**50**Star][6m] [danielmiessler/securitytools](https://github.com/danielmiessler/securitytools) A repo for collecting and organizing security tools of various types. As new ones come out, they get added to the list.
- [**50**Star][25d] [Assembly] [t00sh/assembly](https://github.com/t00sh/assembly) Collection of Linux shellcodes
- [**50**Star][4m] [Py] [asamy/x86-64-pe-emu](https://github.com/asamy/x86-64-pe-emu) AMD64 PE Emulator in Python.
- [**50**Star][21d] [Py] [warner/python-spake2](https://github.com/warner/python-spake2) pure-python implementation of the SPAKE2 Password-Authenticated Key Exchange algorithm
- [**50**Star][13d] [Shell] [firesuncn/hiwifi_smart_toolbox](https://github.com/firesuncn/hiwifi_smart_toolbox) 极路由器root后一键工具箱
- [**50**Star][18d] [JS] [ibm/cloudland](https://github.com/ibm/cloudland) Cloudland, a light weight infrastructure as a service project, plus OpenShift 4 platform as a service deployment engine, is a system framework to manage VM instances, software defined networks (SDN), volumes ..., It can handle over 10 thousand hypervisors in one cluster so it can be a base of large scale public cloud. More over, with multi-tenan…
- [**50**Star][27d] [Py] [wapiflapi/wsym](https://github.com/wapiflapi/wsym) Adds symbols to a ELF file.
- [**50**Star][15d] [Py] [hacker0x01/hacker101coursework](https://github.com/hacker0x01/hacker101coursework) Deprecated coursework from first iteration of Hacker101
- [**50**Star][2m] [C++] [avast/pelib](https://github.com/avast/pelib) PE file manipulation library.
- [**50**Star][13d] [Java] [thelinuxchoice/droidcam](https://github.com/thelinuxchoice/droidcam) Script to generate an Android App to take photos from Cameras
- [**50**Star][3m] [mitmproxy/docker-releases](https://github.com/mitmproxy/docker-releases) 
- [**50**Star][11d] [Py] [liang2580/btpanel-ss](https://github.com/liang2580/btpanel-ss) 基于宝塔Linux面板的shadowsocks可视化管理插件
- [**50**Star][22d] [tewki/csgo-item-floats-from-inspect-links](https://github.com/tewki/csgo-item-floats-from-inspect-links) cuz bored as fuck, how to get the item floats from inspect links aka the market float "method"
- [**50**Star][22d] [Py] [emreovunc/python-syn-flood-attack-tool](https://github.com/emreovunc/python-syn-flood-attack-tool) Python SYN Flood Attack Tool, you can start SYN Flood attack with this tool. Simple and efficient.
- [**50**Star][9d] [Py] [stef/wireless-radar](https://github.com/stef/wireless-radar) DF and other tools to explore a 2.4GHz environment.
- [**50**Star][19d] [Py] [xteddie/scrapstagram](https://github.com/xteddie/scrapstagram) An Instagram Scrapper
- [**50**Star][11d] [Java] [usdag/cstc](https://github.com/usdag/cstc) CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
- [**50**Star][26d] [Py] [bcopeland/speccy](https://github.com/bcopeland/speccy) Visualization tool for ath spectral scan
- [**50**Star][3m] [bcosorg/whitepaper](https://github.com/bcosorg/whitepaper) whitepaper
- [**50**Star][2m] [mpgn/cve-2018-17246](https://github.com/mpgn/cve-2018-17246) CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13
- [**50**Star][1m] [jaxbcd/recscansec](https://github.com/jaxBCD/RecScanSec) reconnaisance - footprinting - information disclosure (0.7)
- [**50**Star][4m] [C#] [brunull/pace](https://github.com/brunull/pace) A Remote Access Tool for Windows.
- [**50**Star][3m] [C] [zodiacon/regeditx](https://github.com/zodiacon/regeditx) Enhanced Registry Editor
- [**50**Star][5m] [C] [zerbea/hcxkeys](https://github.com/zerbea/hcxkeys) Small set of tools to generate plainmasterkeys (rainbowtables) and hashes for the use with latest hashcat and John the Ripper.
- [**50**Star][3y] [C++] [zcgonvh/cve-2017-0213](https://github.com/zcgonvh/cve-2017-0213) CVE-2017-0213 for command line
- [**50**Star][2m] [Py] [xnianq/awd-frame](https://github.com/xnianq/awd-frame) ctf awd framework
- [**50**Star][8m] [C] [williamshowalter/hdroot-bootkit-analysis](https://github.com/williamshowalter/hdroot-bootkit-analysis) Supporting Files on my analysis of the malware designated hdroot.
- [**50**Star][1y] [Py] [villanch/scraplat](https://github.com/villanch/scraplat) I'm trying to finish the scraplat as a scraper platform
- [**50**Star][3y] [C] [vikasnkumar/wisecracker](https://github.com/vikasnkumar/wisecracker) Wisecracker is a high performance distributed cryptanalysis framework.
- [**50**Star][10d] [Py] [trullj/ssllabs](https://github.com/trullj/ssllabs) Python module for the Qualys SSL Labs Server Test
- [**50**Star][6m] [PHP] [taogogo/taocms](https://github.com/taogogo/taocms) taocms is a very very small CMS( Content Management System) ,base on php,support mysql/sqlite
- [**50**Star][9y] [C] [stephenfewer/ollysockettrace](https://github.com/stephenfewer/ollysockettrace) OllySocketTrace is a plugin for OllyDbg to trace the socket operations being performed by a process.
- [**50**Star][2y] [Py] [steinsgatep001/binary](https://github.com/steinsgatep001/binary) Sleep_Pwn_f1sh
- [**50**Star][15d] [C++] [stealth/fernmelder](https://github.com/stealth/fernmelder) async mass DNS resolver
- [**50**Star][9y] [Perl] [spiderlabs/thicknet](https://github.com/spiderlabs/thicknet) TCP session interception and injection framework
- [**50**Star][2y] [JS] [sola-da/redos-vulnerabilities](https://github.com/sola-da/redos-vulnerabilities) A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-concept exploit, showing how the slowdown may occur. The resources in this repository are provided for research purpose only. Please read below for more details.
- [**50**Star][13d] [Py] [signalsec/kirlangic-ttf-fuzzer](https://github.com/signalsec/kirlangic-ttf-fuzzer) TrueType Font Fuzzer
- [**50**Star][3m] [PHP] [shenzhenjinma/aliredenvelope](https://github.com/shenzhenjinma/aliredenvelope) 支付宝红包破解算法
- [**50**Star][2y] [JS] [secureskytechnology/badlibrary](https://github.com/secureskytechnology/badlibrary) vulnerable web application for training
- [**50**Star][1m] [Java] [secdec/attack-surface-detector-burp](https://github.com/secdec/attack-surface-detector-burp) The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
- [**50**Star][3y] [C] [ryanmallon/thelostvikingstools](https://github.com/ryanmallon/thelostvikingstools) Reverse Engineered Tools/Library for the DOS game The Lost Vikings
- [**50**Star][3y] [Py] [rubenespadas/dionaeafr](https://github.com/rubenespadas/dionaeafr) Front Web to Dionaea low-interaction honeypot.
- [**50**Star][26d] [IDL] [riverloopsec/apimote](https://github.com/riverloopsec/apimote) ApiMote IEEE 802.15.4/ZigBee Sniffing Hardware
- [**50**Star][5m] [Java] [retme7/broadanywhere_poc_by_retme_bug_17356824](https://github.com/retme7/broadanywhere_poc_by_retme_bug_17356824) a poc of Android bug 17356824
- [**50**Star][1y] [C] [realoriginal/reflective-rewrite](https://github.com/realoriginal/reflective-rewrite) Attempt to rewrite StephenFewers Reflective DLL Injection to make it a little more stealthy. Some code taken from Meterpreter & sRDI. Currently a work in progress.
- [**50**Star][10d] [TS] [raagh/angular-karma_test-explorer](https://github.com/raagh/angular-karma_test-explorer) vscode extension for easy angular testing and debugging
- [**50**Star][15d] [C++] [psychotropos/xhunter1_privesc](https://github.com/psychotropos/xhunter1_privesc) (Ab)using the XIGNCODE3 driver to open a handle to any process.
- [**50**Star][2m] [C++] [pstolarz/dumpext](https://github.com/pstolarz/dumpext) WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both 32 (PE) and 64-bit (PE+) platforms.
- [**50**Star][2m] [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc) Proof of calc for CVE-2019-6453
- [**50**Star][4m] [C#] [osoykan/fluentassemblyscanner](https://github.com/osoykan/fluentassemblyscanner) Fluent assembly and type scanner
- [**50**Star][3y] [Shell] [osm0sis/apk-patcher](https://github.com/osm0sis/apk-patcher) Patch APKs on-the-fly from Android recovery (Proof of Concept)
- [**50**Star][10d] [olbat/nvdcve](https://github.com/olbat/nvdcve) NVD/CVE as JSON files
- [**50**Star][1m] [Shell] [nyxgeek/dumpsniffer](https://github.com/nyxgeek/dumpsniffer) tools for analyzing strings from password lists
- [**50**Star][4m] [C] [nyx0/kins](https://github.com/nyx0/kins) KINS Banking Trojan
- [**50**Star][15d] [nullsecuritynet/papers](https://github.com/nullsecuritynet/papers) Papers about known hacking, security, hardware, software, computer, network and other ressources.
- [**50**Star][2y] [newlog/r2_malware_unpacking_training](https://github.com/newlog/r2_malware_unpacking_training) 使用 r2 脱壳恶意代码教程
- [**50**Star][10d] [ObjC] [neutrinosplatform/cordova-plugin-document-scanner](https://github.com/neutrinosplatform/cordova-plugin-document-scanner) cordova plugin for document scan
- [**50**Star][4y] [Java] [necst/heldroid](https://github.com/necst/heldroid) Dissect Android Apps Looking for Ransomware Functionalities
- [**50**Star][2y] [Py] [neargle/pil-rce-by-ghostbutt](https://github.com/neargle/pil-rce-by-ghostbutt) Exploiting Python PIL Module Command Execution Vulnerability
- [**50**Star][2y] [Py] [navytitanium/dnsmasterchef](https://github.com/navytitanium/dnsmasterchef) Selective DNS proxy forwarding based on DNS threat blocking providers intelligence.
- [**50**Star][24d] [CMake] [mhostetter/gr-adsb](https://github.com/mhostetter/gr-adsb) GNU Radio OOT module for demodulating and decoding ADS-B packets
- [**50**Star][2m] [C++] [metrodango/pip3line](https://github.com/metrodango/pip3line) Swiss Army knife for raw bytes manipulation & interception
- [**50**Star][2m] [Ruby] [mcpa-stlouis/hack-the-arch](https://github.com/mcpa-stlouis/hack-the-arch) Welcome to HackTheArch! A free open source scoring server for cyber Capture the Flag competitions!
- [**50**Star][3y] [HTML] [mburakergenc/malware-detection-using-machine-learning](https://github.com/mburakergenc/malware-detection-using-machine-learning) Malware detection project on Android devices using machine learning classification algorithms.
- [**50**Star][8m] [C] [leonnewton/selfmodify](https://github.com/leonnewton/selfmodify) Dalvik字节码自篡改原理及实现
- [**50**Star][4m] [C] [knnspeed/simple-uefi-bootloader](https://github.com/knnspeed/simple-uefi-bootloader) A UEFI bootloader for bare-metal x86-64 applications, including a minimal cross-platform UEFI development environment
- [**50**Star][4m] [Py] [kisspeter/apifuzzer](https://github.com/kisspeter/apifuzzer) Fuzz your application using you Swagger or API Blueprint definition without coding
- [**50**Star][4m] [Py] [juga0/dhcpcanon](https://github.com/juga0/dhcpcanon) DHCP client disclosing less identifying information.
- [**50**Star][5y] [Py] [jpyorre/intelligenthoneynet](https://github.com/jpyorre/intelligenthoneynet) The Intelligent Honey Net Project attempts to create actionable information from honeypots
- [**50**Star][2y] [Py] [joker25000/dzjecter](https://github.com/joker25000/dzjecter) 
- [**50**Star][15d] [HTML] [jgamblin/nmaptable](https://github.com/jgamblin/nmaptable) Transform NMap Scans to an D3.js HTML Table
- [**50**Star][4m] [Py] [jaredlgillespie/proxyscrape](https://github.com/jaredlgillespie/proxyscrape) Python library for retrieving free proxies (HTTP, HTTPS, SOCKS4, SOCKS5).
- [**50**Star][23d] [Py] [jackeriss/keyboard_recording_trojan](https://github.com/jackeriss/keyboard_recording_trojan) 一个可以记录键盘输入并发送到指定邮箱的简单木马。
- [**50**Star][1m] [Rust] [tarcieri/ithos](https://github.com/tarcieri/ithos) A cryptographically verifiable access control and directory system for Linux servers
- [**50**Star][5m] [Py] [isecpartners/rtspfuzzer](https://github.com/isecpartners/rtspfuzzer) RTSP network protocol fuzzer
- [**50**Star][11d] [C] [imbushuo/boot-shim](https://github.com/imbushuo/boot-shim) Bootstraps ARM32/ARM64 ELF payloads on Qualcomm Windows platforms
- [**50**Star][10m] [C] [ihack4falafel/osee](https://github.com/ihack4falafel/osee) Collection of things made during my preparation to take on OSEE
- [**50**Star][16d] [Py] [hvqzao/report-ng](https://github.com/hvqzao/report-ng) Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
- [**50**Star][4m] [PS] [hiltongiesenow/poshmon](https://github.com/hiltongiesenow/poshmon) A PowerShell-based server and farm monitoring solution
- [**50**Star][5m] [Go] [heroku/shaas](https://github.com/heroku/shaas) Shell as a Service: API to inspect and execute scripts in a server's environment via HTTP and WebSockets
- [**50**Star][2y] [Py] [h2hconference/2017](https://github.com/h2hconference/2017) H2HC 2017 Slides/Materials/Presentations
- [**50**Star][3y] [Py] [h0nus/backtome](https://github.com/h0nus/backtome) Little tool made in python to create payloads for Linux, Windows and OSX with unique handler
- [**50**Star][10d] [Shell] [gusbemacbe/suru-plus-dark](https://github.com/gusbemacbe/suru-plus-dark) Suru++ 25 Dark — A full dark cyberpunk, elegant, futuristic and Papirus-like third-party icons theme
- [**50**Star][4m] [PHP] [gsoros/gtrader](https://github.com/gsoros/gtrader) a trading strategy trainer, back-tester and bot
- [**50**Star][3y] [PS] [gobiasinfosec/wireless_query](https://github.com/gobiasinfosec/wireless_query) Query Active Directory for Workstations and then pull their Wireless Network Passwords
- [**50**Star][12d] [githubixx/ansible-role-harden-linux](https://github.com/githubixx/ansible-role-harden-linux) Ansible role for hardening Linux (targeting Ubuntu 16.04/18.04/20.04)
- [**50**Star][2m] [JS] [freddyb/html2dom](https://github.com/freddyb/html2dom) generates JavaScript source code to create Elements from a given html string
- [**50**Star][1m] [C++] [frankstain/pe-loader](https://github.com/frankstain/pe-loader) library, which help to describe or load and execute PE files.
- [**50**Star][2y] [JS] [fortiguard-lion/frida-scripts](https://github.com/fortiguard-lion/frida-scripts) some FRIDA scripts used for Android RE
- [**50**Star][6m] [Visual Basic] [fireeye/remote_lookup](https://github.com/fireeye/remote_lookup) Resolves DLL API entrypoints for a process w/ remote query capabilities.
- [**50**Star][5m] [fesh0r/010editor](https://github.com/fesh0r/010editor) Templates and scripts for 010 editor
- [**50**Star][1m] [Haskell] [essandess/adblock2privoxy](https://github.com/essandess/adblock2privoxy) Convert adblock config files to privoxy format
- [**50**Star][3y] [PS] [enclaveconsulting/crypto-pki](https://github.com/enclaveconsulting/crypto-pki) Scripts related to Windows cryptography and PKI.
- [**50**Star][2y] [PS] [dgg-it/match-adhashes](https://github.com/dgg-it/match-adhashes) Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the AD NTLM hashmap
- [**50**Star][2m] [Shell] [danielfree/asus-v2ray-transparent-proxy](https://github.com/danielfree/asus-v2ray-transparent-proxy) transparent proxy with v2ray, iptables, ipset 无线路由器 v2ray 透明代理
- [**50**Star][28d] [Rust] [cbourjau/cargo-with](https://github.com/cbourjau/cargo-with) A third-party cargo extension to run the build artifacts through tools like `gdb`
- [**50**Star][1m] [Py] [bwall/markovobfuscate](https://github.com/bwall/markovobfuscate) Python library and tools to obfuscate data based on Markov models built off shared data
- [**50**Star][5m] [Java] [bit4woo/java_deserialize_vuln_lab](https://github.com/bit4woo/java_deserialize_vuln_lab) Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
- [**50**Star][2y] [Py] [bignerd95/chimay-blue](https://github.com/bignerd95/chimay-blue) Mikrotik SMB buffer overflow exploit
- [**50**Star][25d] [Go] [averagesecurityguy/scrape](https://github.com/averagesecurityguy/scrape) Extensible paste site scraper written in Golang.
- [**50**Star][1m] [Ruby] [averagesecurityguy/prometheus](https://github.com/averagesecurityguy/prometheus) Prometheus Firewall Analyzer
- [**50**Star][9m] [Py] [aramosf/recoversqlite](https://github.com/aramosf/recoversqlite) recover deleted information from sqlite files.
- [**50**Star][11d] [C] [amosnier/sha-2](https://github.com/amosnier/sha-2) SHA-2 algorithm implementations
- [**50**Star][1m] [Py] [allyshka/vhostbrute](https://github.com/allyshka/vhostbrute) Virtual host bruteforcer
- [**50**Star][15d] [Py] [alfa-group/robust-adv-malware-detection](https://github.com/alfa-group/robust-adv-malware-detection) Code repository for the paper "Adversarial Deep Learning for Robust Detection of Binary Encoded Malware"
- [**50**Star][4m] [Py] [alexfrancow/a-detector](https://github.com/alexfrancow/a-detector) 
- [**50**Star][3m] [Py] [adrianherrera/virustotal](https://github.com/adrianherrera/virustotal) A simple command-line script to interact with the virustotal-api
- [**50**Star][5y] [Shell] [adafruit/adafruit-pi-externalroot-helper](https://github.com/adafruit/adafruit-pi-externalroot-helper) A shell script to configure a USB drive as root filesystem.
- [**50**Star][5m] [C] [acoinfo/kidvpn](https://github.com/acoinfo/kidvpn) The world's smallest VPN server and client.
- [**50**Star][6m] [Py] [0blio/filegps](https://github.com/0blio/filegps) A tool that help you to guess how your shell was renamed after the server-side script of the file uploader saved it
- [**50**Star][2m] [001spartan/csfm](https://github.com/001spartan/csfm) Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.
- [**49**Star][10d] [PS] [ivan-sincek/powershell-reverse-tcp](https://github.com/ivan-sincek/powershell-reverse-tcp) PowerShell script for connecting to a remote host.
- [**49**Star][14d] [Go] [hahwul/s3reverse](https://github.com/hahwul/s3reverse) The format of various s3 buckets is convert in one format. for bugbounty and security testing.
- [**49**Star][3m] [Swift] [suprhackersteve/crescendo](https://github.com/suprhackersteve/crescendo) Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
- [**49**Star][16d] [JS] [kodedninja/orkl](https://github.com/kodedninja/orkl) Simple peer-to-peer blogging site
- [**49**Star][11d] [C] [tzvisor/ltzvisor](https://github.com/tzvisor/ltzvisor) LTZVisor: a Lightweight TrustZone-assisted Hypervisor
- [**49**Star][1y] [bobbygr/aiominer](https://github.com/bobbygr/aiominer) AIOMiner - A GPU Mining Management Application for AMD/NVIDIA
- [**49**Star][5m] [CSS] [scrapinghub/learn.scrapinghub.com](https://github.com/scrapinghub/learn.scrapinghub.com) Scrapinghub Learning Center. Report issues in Jira: Report issues in Jira:
- [**49**Star][18d] [Java] [binstreamio/tvbus.android](https://github.com/binstreamio/tvbus.android) tvbus.android is a live streaming android SDK based on P2P technology.
- [**49**Star][11d] [Py] [boudinfl/ake-datasets](https://github.com/boudinfl/ake-datasets) Large, curated set of benchmark datasets for evaluating automatic keyphrase extraction algorithms.
- [**49**Star][1m] [Go] [schollz/crawdad](https://github.com/schollz/crawdad) Cross-platform persistent and distributed web crawler
- [**49**Star][10d] [Py] [jpryda/facebook-multi-scraper](https://github.com/jpryda/facebook-multi-scraper) Multi-threaded Facebook scraper for social analytics of public and owned pages
- [**49**Star][12d] [C] [vonger/vocore2](https://github.com/vonger/vocore2) VoCore2 firmware drivers
- [**49**Star][21d] [Shell] [hassio-addons/addon-wireguard](https://github.com/hassio-addons/addon-wireguard) WireGuard - Home Assistant Community Add-ons
- [**49**Star][4m] [JS] [brainfoolong/rcon-web-admin](https://github.com/brainfoolong/rcon-web-admin) Self hosted, online RCON administration tool for your game server.
- [**49**Star][25d] [PHP] [kerberos-io/docker](https://github.com/kerberos-io/docker) Run Kerberos Open Source inside a docker container.
- [**49**Star][21d] [Py] [sangaline/scrapy-wayback-machine](https://github.com/sangaline/scrapy-wayback-machine) A Scrapy middleware for scraping time series data from Archive.org's Wayback Machine.
- [**49**Star][1m] [Elixir] [kazucocoa/http_proxy](https://github.com/kazucocoa/http_proxy) http proxy with Elixir. wait request with multi port and forward to each URIs
- [**49**Star][18d] [Shell] [michaeljclark/busybear-linux](https://github.com/michaeljclark/busybear-linux) busybear-linux is a tiny RISC-V Linux root filesystem image that targets the VirtIO board in riscv-qemu.
- [**49**Star][18d] [C] [ibm-swift/openssl](https://github.com/ibm-swift/openssl) Swift modulemaps for libSSL and libcrypto
- [**49**Star][22d] [Py] [ankanch/tieba-zhuaqu](https://github.com/ankanch/tieba-zhuaqu) 百度贴吧分布式爬虫，用于贴吧数据挖掘。从贴吧维度和用户维度进行数据分析
- [**49**Star][19d] [C#] [linkey0811/intercept-netkeeper-account](https://github.com/linkey0811/intercept-netkeeper-account) 截取NetKeeper拨号时的真实账号，截获到的账号可以用于路由器、电脑等的pppoe拨号，可用4.9及其以下版本的NetKeeper
- [**49**Star][20d] [C++] [torxgewinde/desk-lamp-alternative-firmware](https://github.com/torxgewinde/desk-lamp-alternative-firmware) An alternative firmware for the Mijia Xiaomi Desk Lamp
- [**49**Star][7d] [CSS] [hacks-guide/guide_wiiu-old](https://github.com/hacks-guide/Guide_WiiU-OLD) (OUTDATED) A complete guide to Wii U custom firmware, from stock to Coldboot Haxchi.
- [**49**Star][3m] [C++] [neman-io/bleeper](https://github.com/neman-io/bleeper) Library to manage your firmware configurations written in C++
- [**49**Star][12d] [Py] [zhang0peter/bilibili-video-information-spider](https://github.com/zhang0peter/bilibili-video-information-spider) B站2千万视频信息爬虫
- [**49**Star][4m] [Py] [sahilmgandhi/iotshark](https://github.com/sahilmgandhi/iotshark) IotShark - Monitoring and Analyzing IoT Traffic
- [**49**Star][12d] [Shell] [sclorg/nginx-container](https://github.com/sclorg/nginx-container) Nginx high-performance HTTP server and reverse proxy container images based on Red Hat Software Collections and intended for OpenShift and general usage. Users can choose between Red Hat Enterprise Linux, Fedora, and CentOS based images.
- [**49**Star][27d] [Py] [f-secure/mqtt_fuzz](https://github.com/f-secure/mqtt_fuzz) A simple fuzzer for the MQTT protocol
- [**49**Star][16d] [Shell] [yeyintminthuhtut/lazy-redteamer-scripts](https://github.com/yeyintminthuhtut/lazy-redteamer-scripts) 
- [**49**Star][10d] [C] [seemoo-lab/nexmon_csi](https://github.com/seemoo-lab/nexmon_csi) Channel State Information Extraction on Various Broadcom Wi-Fi Chips
- [**49**Star][3m] [C++] [0x00-0x00/cve-2019-0841-bypass](https://github.com/0x00-0x00/cve-2019-0841-bypass) A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.
- [**49**Star][5m] [Py] [mothran/apkminer](https://github.com/mothran/apkminer) Parallel APK analyzer
- [**49**Star][4m] [Py] [bastilleresearch/scapy-radio](https://github.com/bastilleresearch/scapy-radio) scapy-radio (from original Hg repo)
- [**49**Star][11d] [Py] [grayddq/eburst](https://github.com/grayddq/eburst) 这个脚本主要提供对Exchange邮件服务器的账户爆破功能，集成了现有主流接口的爆破方式。
- [**49**Star][2m] [C#] [guibacellar/dnci](https://github.com/guibacellar/dnci) DNCI - Dot Net Code Injector
- [**49**Star][8m] [Py] [fpfeng/g2w.online](https://github.com/fpfeng/g2w.online) 域名已被DNS污染，水表已拆
- [**49**Star][23d] [C#] [advancedhacker101/c-sharp-proxy-server](https://github.com/advancedhacker101/c-sharp-proxy-server) A proxy server built with c# can be both normal and MITM Proxy
- [**49**Star][1y] [C] [cnlohr/wifirxpower](https://github.com/cnlohr/wifirxpower) Linux-based WiFi RX Power Grapher
- [**49**Star][12d] [Swift] [fonta1n3/fullynoded](https://github.com/fonta1n3/fullynoded) A Bitcoin Core GUI for iOS devices. Allows you to connect to and control multiple nodes via Tor
- [**49**Star][5m] [C] [tripplet/adium-steam-im](https://github.com/tripplet/adium-steam-im) Adium protocol plugin to support Steam instant messaging
- [**49**Star][3y] [Ruby] [mrbrutti/cartero](https://github.com/mrbrutti/Cartero) Mailing Phishing Framework - This Branch is UNSTABLE :: Official STABLE master branch at
- [**49**Star][6m] [Perl] [bigsen/crack-file](https://github.com/bigsen/Crack-file) Theos File
- [**49**Star][4m] [PHP] [szepeviktor/waf4wordpress](https://github.com/szepeviktor/waf4wordpress) WAF for WordPress
- [**49**Star][19d] [Py] [threatexpress/subshell](https://github.com/threatexpress/subshell)  a python command shell used to control and execute commands through HTTP requests to a webshell. 
- [**49**Star][4m] [Py] [pwnlandia/shockpot](https://github.com/pwnlandia/shockpot) WebApp Honeypot for detecting Shell Shock exploit attempts
- [**49**Star][12d] [Py] [ctf-o-matic/capture-the-flag](https://github.com/ctf-o-matic/capture-the-flag) Helper scripts to remaster Linux Live CD images for the purpose of creating ready to use security wargames with pre-installed vulnerabilities to exploit.
- [**49**Star][3y] [C++] [zodiacon/dllinjectionwiththreadcontext](https://github.com/zodiacon/dllinjectionwiththreadcontext) This is a sample that shows how to leverage SetThreadContext for DLL injection
- [**49**Star][17d] [yesnet0/bounty](https://github.com/yesnet0/bounty) Misc bounty and vulndisc things
- [**49**Star][12d] [PHP] [yaofeifly/php_code_challenge](https://github.com/yaofeifly/php_code_challenge) 总结一些php代码审计ctf练习题
- [**49**Star][5m] [Py] [xuchaoa/ctf_awd_platform](https://github.com/xuchaoa/ctf_awd_platform) CTF 攻防对抗平台
- [**49**Star][2y] [Py] [xl7dev/icsecurity](https://github.com/xl7dev/icsecurity) Industrial control Security Tool
- [**49**Star][29d] [Perl] [wireghoul/doona](https://github.com/wireghoul/doona) Network based protocol fuzzer
- [**49**Star][1y] [Py] [wetw0rk/exploit-development](https://github.com/wetw0rk/exploit-development) CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002
- [**49**Star][1y] [Py] [viperbluff/waf_buster](https://github.com/viperbluff/waf_buster) Disrupt WAF by abusing SSL/TLS Ciphers
- [**49**Star][2y] [C] [vallejocc/poc-inject-data-wm_copydata](https://github.com/vallejocc/poc-inject-data-wm_copydata) A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext
- [**49**Star][2m] [Go] [unixpickle/cve-2018-4407](https://github.com/unixpickle/cve-2018-4407) Crash macOS and iOS devices with one packet
- [**49**Star][1m] [uefitech/resources](https://github.com/uefitech/resources) One-stop shop for UEFI/BIOS specifications/utilities by UEFI.Tech community
- [**49**Star][25d] [C] [tleonhardt/practical_cryptography_engineering](https://github.com/tleonhardt/practical_cryptography_engineering) Cryptography code examples using libsodium and mbedtls C libraries and Python cryptography and PyNaCl modules
- [**49**Star][3m] [Py] [thcipriani/sshecret](https://github.com/thcipriani/sshecret) I can keep a SSHecret
- [**49**Star][2y] [java] [toufikairane/andromalware](https://github.com/tfairane/andromalware) Android Malware for educational purpose
- [**49**Star][1m] [Java] [terl/lazysodium-android](https://github.com/terl/lazysodium-android) An Android implementation of the Libsodium cryptography library. For the lazy dev.
- [**49**Star][19d] [Py] [te-k/analyst-scripts](https://github.com/te-k/analyst-scripts) Scripts to analyze stuff
- [**49**Star][6y] [Perl] [tanjiti/waftest](https://github.com/tanjiti/waftest) WAF测试工具
- [**49**Star][14d] [Shell] [taherio/redi](https://github.com/taherio/redi) Automated script for setting up CobaltStrike redirectors (nginx reverse proxy, letsencrypt)
- [**49**Star][11d] [C] [stefanberger/libtpms](https://github.com/stefanberger/libtpms) The libtpms library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0)
- [**49**Star][12m] [C] [sqdwr/hidedriver](https://github.com/sqdwr/hidedriver) 之前那份是7600的，每次编译搞得好麻烦。更新一个VS2017可以直接编译的。
- [**49**Star][17d] [Py] [spiderlabs/groupenum](https://github.com/spiderlabs/groupenum) 
- [**49**Star][5m] [Py] [softsec-kaist/gitctf](https://github.com/softsec-kaist/gitctf) Git-based CTF
- [**49**Star][10d] [Py] [skoolkid/skoolkit](https://github.com/skoolkid/skoolkit) A suite of tools for creating disassemblies of ZX Spectrum games.
- [**49**Star][20d] [JS] [sinakarvandi/windbg2ida](https://github.com/sinakarvandi/windbg2ida) dump each step in Windbg then shows these steps in IDA Windbg2ida
    - [Windbg脚本](https://github.com/sinakarvandi/windbg2ida/blob/master/windbg2ida.js) JavaScript
    - [IDA脚本](https://github.com/sinakarvandi/windbg2ida/blob/master/IDAScript.py) 
- [**49**Star][11m] [Py] [silentsignal/duncan](https://github.com/silentsignal/duncan) Duncan - Blind SQL injector skeleton
- [**49**Star][1y] [Swift] [sherlouk/swiftprovisioningprofile](https://github.com/sherlouk/swiftprovisioningprofile) Parse iOS mobile provisioning files into Swift models
- [**49**Star][4m] [sekhan/nightpi](https://github.com/sekhan/nightpi) An all-in-one briefcase for pentesting, OSINT and radio exploration
- [**49**Star][4m] [Py] [seekintoo/chimay-red](https://github.com/seekintoo/chimay-red) Mikrotik RouterOS (6.x < 6.38.5) exploit kit. Reverse engineered from the "Vault 7" WikiLeaks publication.
- [**49**Star][4y] [Py] [secrary/ellascanner](https://github.com/secrary/ellascanner) Passive web scanner [This project is not maintained anymore]
- [**49**Star][1m] [Py] [secdec/xssmap](https://github.com/secdec/xssmap) Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
- [**49**Star][19d] [Go] [scrapinghub/crawlera-headless-proxy](https://github.com/scrapinghub/crawlera-headless-proxy) A complimentary proxy to help to use Crawlera with headless browsers
- [**49**Star][13d] [Ruby] [salemove/jaeger-client-ruby](https://github.com/salemove/jaeger-client-ruby) OpenTracing Tracer implementation for Jaeger in Ruby
- [**49**Star][10y] [C] [s7ephen/sandkit](https://github.com/s7ephen/sandkit) A Toolkit to assist with the investigation of Sandboxing software
- [**49**Star][9m] [ObjC] [roronoaxyz/wmdebugassistant](https://github.com/roronoaxyz/wmdebugassistant) CPU 内存（Memory）Network FPS 实时监测 查看沙盒sandbox
- [**49**Star][4y] [C++] [rolisoft/host-scanner](https://github.com/rolisoft/host-scanner) Active/passive network scanner and autonomous vulnerability assessment application.
- [**49**Star][4y] [C] [rodrigoalvesvieira/soundkeylogger](https://github.com/rodrigoalvesvieira/soundkeylogger) An experimental project to demonstrate how a user keyboard input may be sniffed through the pattern analysis of the sounds emitted by the keystrokes.
- [**49**Star][5y] [C] [relys/3ds_multi_decryptor](https://github.com/relys/3ds_multi_decryptor) 
- [**49**Star][26d] [C] [realoriginal/alpc-diaghub](https://github.com/realoriginal/alpc-diaghub) Utilizing the ALPC Flaw in combiniation with Diagnostics Hub as found in Server 2016 and Windows 10.
- [**49**Star][1y] [JS] [radenvodka/pentol](https://github.com/radenvodka/pentol) PENTOL - Pentester Toolkit for Fiddler2
- [**49**Star][5m] [C] [r3kapig/wctf-2019](https://github.com/r3kapig/wctf-2019) WCTF 2019 Onsite(Master) Challenge
- [**49**Star][2m] [Py] [pun1sh3r/facebot](https://github.com/pun1sh3r/facebot) A facebook profile and reconnaissance system
- [**49**Star][5m] [C++] [progmboy/cansecwest2017](https://github.com/progmboy/cansecwest2017) 
- [**49**Star][3m] [JS] [pownjs/pown-duct](https://github.com/pownjs/pown-duct) Essential tool for finding blind injection attacks.
- [**49**Star][1m] [Java] [portswigger/httpoxy-scanner](https://github.com/portswigger/httpoxy-scanner) A Burp Suite extension that checks for the HTTPoxy vulnerability.
- [**49**Star][1m] [Perl] [philsmd/itunes_backup2hashcat](https://github.com/philsmd/itunes_backup2hashcat) Extract the information needed from the Manifest.plist files to convert it to hashes compatible with hashcat
- [**49**Star][5m] [JS] [phantom0301/pteye](https://github.com/phantom0301/pteye) Phantom eye——A passive business logic vulnerability auditing tool
- [**49**Star][1m] [Ruby] [pentestgeek/burpcommander](https://github.com/pentestgeek/burpcommander) Ruby command-line interface to Burp Suite's REST API
- [**49**Star][4m] [Py] [paloaltonetworks/splunkforpaloaltonetworks](https://github.com/paloaltonetworks/splunkforpaloaltonetworks) Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
- [**49**Star][20d] [Py] [pagalaxylab/ghidra_scripts](https://github.com/pagalaxylab/ghidra_scripts) Scripts for the Ghidra.
    - [AnalyzeOCMsgSend](https://github.com/pagalaxylab/ghidra_scripts/blob/master/AnalyzeOCMsgSend.py) 
    - [trace_function_call_parm_value](https://github.com/pagalaxylab/ghidra_scripts/blob/master/trace_function_call_parm_value.py) 
- [**49**Star][3m] [Shell] [pablomansanet/c0toolkit](https://github.com/pablomansanet/c0toolkit) Miscellaneous pentesting scripts for OSCP
- [**49**Star][1m] [Py] [olipratt/swagger-conformance](https://github.com/olipratt/swagger-conformance) Python based tool for testing whether your API conforms to its Swagger schema
- [**49**Star][20d] [Lua] [nozominetworks/tricotools](https://github.com/nozominetworks/tricotools) Triconex TriStation utilities and tools
- [**49**Star][30d] [Java] [nowsecure/cybertruckchallenge19](https://github.com/nowsecure/cybertruckchallenge19) Android security workshop material taught during the CyberTruck Challenge 2019 (Detroit USA).
- [**49**Star][15d] [C] [nil0x42/duplicut](https://github.com/nil0x42/duplicut) Quickly remove duplicates, without changing the order, and without getting OOM on huge wordlists.
- [**49**Star][11d] [Jupyter Notebook] [nfrumkin/forecast-prometheus](https://github.com/nfrumkin/forecast-prometheus) A collection of analysis, and machine learning techniques for time series forecasting w/ Prometheus metrics
- [**49**Star][3m] [Py] [neohapsis/mptcp-abuse](https://github.com/neohapsis/mptcp-abuse) A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014.
- [**49**Star][3m] [Java] [nalen98/ebpf-for-ghidra](https://github.com/nalen98/ebpf-for-ghidra) eBPF Processor for Ghidra
- [**49**Star][15d] [Go] [mysteriumnetwork/go-openvpn](https://github.com/mysteriumnetwork/go-openvpn) 
- [**49**Star][4m] [Py] [mubix/pykek](https://github.com/mubix/pykek) Kerberos Exploitation Kit
- [**49**Star][10m] [Shell] [mthbernardes/lfi-enum](https://github.com/mthbernardes/lfi-enum) Scripts to execute enumeration via LFI
- [**49**Star][4y] [mrvaughan/defcon2016gsmdata](https://github.com/mrvaughan/defcon2016gsmdata) Just a place to dump the cdma data I collected while at Defcon 2016
- [**49**Star][2y] [PHP] [mrsqar-ye/door404](https://github.com/mrsqar-ye/door404) Web application backdoor builder
- [**49**Star][2y] [Py] [mrschyte/socksmon](https://github.com/mrschyte/socksmon) Monitor arbitrary TCP traffic using your HTTP interception proxy of choice
- [**49**Star][2y] [PS] [mmotti/mmotti-host-file](https://github.com/mmotti/mmotti-host-file) Heavily optimised, wildcard enabled host file for use with Samsung Knox Firewall.
- [**49**Star][1m] [C#] [micli/netcoredebugging](https://github.com/micli/netcoredebugging) A repository maintains the book of ".NET Core application debugging" sample code.
- [**49**Star][5y] [Py] [michael-yip/threattracker](https://github.com/michael-yip/threattracker) 监控由一组自定义谷歌搜索引擎索引的IoC，并生成告警
- [**49**Star][18d] [C] [mempodippy/cub3](https://github.com/mempodippy/cub3) Proof of concept for LD_PRELOAD malware that uses extended attributes to protect files.
- [**49**Star][3y] [maldevel/rootkits-list-download](https://github.com/maldevel/rootkits-list-download) A curated list of rootkits found on Github and other sites.
- [**49**Star][2y] [Py] [luis-hebendanz/msf-remote-console](https://github.com/luis-hebendanz/msf-remote-console) A remote msfconsole written in Python 2.7 to connect to the msfrcpd server of metasploit. This tool gives you the ability to load modules permanently as daemon on your server like autopwn2.
- [**49**Star][12d] [PS] [loadenmb/tvasion](https://github.com/loadenmb/tvasion) 
- [**49**Star][7m] [Go] [kuiperbelt/kuiperbelt](https://github.com/kuiperbelt/kuiperbelt) The proxy server that converts WebSocket to HTTP/1.x.
- [**49**Star][3y] [Py] [kudelskisecurity/eddsa-fault-attack](https://github.com/kudelskisecurity/eddsa-fault-attack) Fault attack agaisnt EdDSA demonstrated on an Arduino Nano board, allowing for partial key recovery and fake signatures.
- [**49**Star][2y] [Java] [kaushikravikumar/realtimetaxiandroiddemo](https://github.com/kaushikravikumar/realtimetaxiandroiddemo) PubNub Demo that uses a Publish/Subscribe model to implement a realtime map functionality similar to Lyft/Uber.
- [**49**Star][5m] [Py] [k1p0d/h264_dvr_rce](https://github.com/k1p0d/h264_dvr_rce) Remote Code Execution exploit on TVT DVR
- [**49**Star][5m] [JS] [jpenalbae/rarop](https://github.com/jpenalbae/rarop) Graphical ROP chain builder using radare2 and r2pipe
- [**49**Star][4m] [JS] [jeremyfetiveau/turbofan-exploit-for-issue-762874](https://github.com/jeremyfetiveau/turbofan-exploit-for-issue-762874) Exploit for a bug in TurboFan's typing of JSCall nodes for builtins kStringLastIndexOf and kStringIndexOf
- [**49**Star][1y] [jeremyblackthorne/ghidra-keybindings](https://github.com/jeremyblackthorne/ghidra-keybindings) 
- [**49**Star][19d] [Java] [jenkinsci/zap-plugin](https://github.com/jenkinsci/zap-plugin) The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.
- [**49**Star][3m] [ishift/docker-compose-mtproxy](https://github.com/ishift/docker-compose-mtproxy) docker-compose file for telegram mtproto proxy autoupdate
- [**49**Star][19d] [Py] [intrd/nozzlr](https://github.com/intrd/nozzlr) Nozzlr is a bruteforce framework, trully modular and script-friendly
- [**49**Star][2y] [JS] [idan5x/switcheroo](https://github.com/idan5x/switcheroo) Exploiting CVE-2016-4657 to JailBreak the Nintendo Switch
- [**49**Star][20d] [Go] [ice-ice/dnstunnel](https://github.com/ice-ice/dnstunnel) dns tunnel backdoor DNS隧道后门
- [**49**Star][10d] [Erlang] [homas/ioc2rpz](https://github.com/homas/ioc2rpz) ioc2rpz is a place where threat intelligence meets DNS.
- [**49**Star][1m] [Py] [hillsbird/db_security](https://github.com/hillsbird/db_security) 数据库安全审计平台
- [**49**Star][19d] [Go] [heptiolabs/ironclad](https://github.com/heptiolabs/ironclad) Web Application Firewall (WAF) on Kubernetes
- [**49**Star][2m] [Py] [hansesecure/metasploit-modules](https://github.com/hansesecure/metasploit-modules) 
- [**49**Star][1m] [Py] [gyim/stupidgit](https://github.com/gyim/stupidgit) A cross-platform git GUI with strong submodule support
- [**49**Star][13d] [Shell] [gushmazuko/metasploit_in_termux](https://github.com/gushmazuko/metasploit_in_termux) Install Metasploit Framework 5 in Termux
- [**49**Star][1m] [Py] [gosecure/break-fast-serial](https://github.com/gosecure/break-fast-serial) A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
- [**49**Star][12d] [Py] [githacktools/githacktools](https://github.com/githacktools/githacktools) The best Hacking and PenTesting tools installer on the world
- [**49**Star][4m] [Py] [githacktools/ftpbruter](https://github.com/githacktools/ftpbruter) A FTP Server brute forcing tool written in Python 3
- [**49**Star][4m] [C] [gerhart01/livecloudkd](https://github.com/gerhart01/livecloudkd) Hyper-V Research is trendy now
- [**49**Star][7m] [PHP] [fastly/wordpress-plugin](https://github.com/fastly/wordpress-plugin) The Official Fastly WordPress Plugin
- [**49**Star][18d] [C] [enferex/asrepl](https://github.com/enferex/asrepl) asrepl: x86-64 assembly REPL
- [**49**Star][21d] [Py] [embedi/amt_auth_bypass_poc](https://github.com/embedi/amt_auth_bypass_poc) CVE-2017-5689 Proof-of-Concept exploit
- [**49**Star][26d] [dmitryfillo/nginx-proxy-pitfalls](https://github.com/dmitryfillo/nginx-proxy-pitfalls) I noticed that many people can be confused about how nginx proxy works so this repository was emerged
- [**49**Star][2y] [Batchfile] [dflabs/nat](https://github.com/dflabs/nat) No-Script Automation Tool
- [**49**Star][7m] [Ruby] [dev-sec/chef-nginx-hardening](https://github.com/dev-sec/chef-nginx-hardening) This chef cookbook provides secure nginx configurations.
- [**49**Star][4m] [C] [david-reguera-garcia-dreg/enyelkm](https://github.com/david-reguera-garcia-dreg/enyelkm) LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.
- [**49**Star][4m] [C++] [danielkrupinski/anubis](https://github.com/danielkrupinski/anubis) Free open-source training software / cheat for Counter-Strike: Global Offensive, written in C.
- [**49**Star][1y] [Shell] [damonmohammadbagher/nativepayload_bssid](https://github.com/damonmohammadbagher/nativepayload_bssid) Transferring Backdoor Payload by BSSID and Wireless traffic
- [**49**Star][14d] [Dockerfile] [cowrie/docker-cowrie](https://github.com/cowrie/docker-cowrie) Cowrie Docker GitHub repository
- [**49**Star][1m] [C++] [codereversing/runfromreg](https://github.com/codereversing/runfromreg) Run executables from the Windows registry
- [**49**Star][2y] [C#] [cobbr/insecurepowershell](https://github.com/cobbr/insecurepowershell) InsecurePowerShell is PowerShell with some security features removed.
- [**49**Star][27d] [Py] [cmu-sei/cyobstract](https://github.com/cmu-sei/cyobstract) A tool to extract structured cyber information from incident reports.
- [**49**Star][4m] [C] [chentingz/snifferui](https://github.com/chentingz/snifferui) 基于MFC和WinPcap库开发的网络抓包和协议分析软件
- [**49**Star][4m] [C++] [chaitin/yanshi](https://github.com/chaitin/yanshi) A regular language recognizer generater like Ragel, enhanced with features to approximate context-free grammars and substring grammars
- [**49**Star][2m] [JS] [cerebral/webpack-dll](https://github.com/cerebral/webpack-dll) A service that converts a package into a DLL and manifest
- [**49**Star][3m] [C] [can1357/safe_capcom](https://github.com/can1357/safe_capcom) Capcom wrapper with safety in mind
- [**49**Star][15d] [Go] [boy-hack/gowhatweb](https://github.com/boy-hack/gowhatweb) [学习GO] go语言写的web指纹识别 - Identify websites by go language
- [**49**Star][5m] [PHP] [bediger4000/reverse-php-malware](https://github.com/bediger4000/reverse-php-malware) De-obfuscate and reverse engineer PHP malware
- [**49**Star][5m] [JS] [auth0-blog/serverless-stories-lambda](https://github.com/auth0-blog/serverless-stories-lambda) Serverless app built with AWS Lambda
- [**49**Star][2y] [PHP] [auraphp/aura.payload](https://github.com/auraphp/aura.payload) A Domain Payload implementation.
- [**49**Star][2m] [Py] [attify/attify-badge](https://github.com/attify/attify-badge) Attify Badge GUI tool to interact over UART, SPI, JTAG, GPIO etc.
- [**49**Star][16d] [Dockerfile] [antswordproject/antsword-labs](https://github.com/antswordproject/antsword-labs) Awesome environment for antsword tests
- [**49**Star][3y] [Py] [alessandrogario/ida-function-tagger](https://github.com/alessandrogario/ida-function-tagger) This IDAPython script tags subroutines according to their use of imported functions
- [**49**Star][3y] [C#] [aleksk/lazycopy](https://github.com/aleksk/lazycopy) NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.
- [**49**Star][1y] [Py] [agustingianni/utilities](https://github.com/agustingianni/utilities) Uncategorized utilities
    - [DumpFunctionBytes](https://github.com/agustingianni/utilities/blob/master/DumpFunctionBytes.py)  dumps the current function (you need to position the cursor on the start of the function) as a shellcode. It does a very limited analysis of the function in order to let you know that you need to fix call sites to functions
    - [func_references](https://github.com/agustingianni/utilities/blob/master/func_references.py) print all the function calls to a given function. This is generally used to look for calls to malloc like function
    - [arm_frequency](https://github.com/agustingianni/utilities/blob/master/arm_frequency.py) takes as input the output of objdump on an ARM binary. It will show the ammount of times every instruction was used, sorted by the most used ones.
    - [struct_hint](https://github.com/agustingianni/utilities/blob/master/struct_hint.py) infer what's the underlying structure used by a function. Highly heuristic. Don't trust it blindly, just try to use what it gives you and work from that.
    - [string_finder](https://github.com/agustingianni/utilities/blob/master/string_finder.py) Utility to find all the strings inside an ill formed IDA Database
    - [simple_jack](https://github.com/agustingianni/utilities/blob/master/simple_jack.py) Simple Jack symbol porting tool by goose
    - [renamer](https://github.com/agustingianni/utilities/blob/master/renamer.py) Rename files in a directory to its sha1 sum plus an extension.
    - [prolog_finder](https://github.com/agustingianni/utilities/blob/master/prolog_finder.py) Find potential ARM procedures prolog
    - [minset](https://github.com/agustingianni/utilities/blob/master/minset.py) Tool to calculate the minimum set of files that have approximatelly the best coverage.
    - [mark_interesting](https://github.com/agustingianni/utilities/blob/master/mark_interesting.py) Small idapython script that finds all the signed comparisions and marks them with a color.
    - [machofinder](https://github.com/agustingianni/utilities/blob/master/machofinder.py) Hacky script to gather all the mach-o file (and fat).
    - [find_hardref](https://github.com/agustingianni/utilities/blob/master/find_hardref.py) Script to find hardcoded references inside an IDA database.
- [**49**Star][2m] [Ruby] [activeadmin-plugins/active_admin_role](https://github.com/activeadmin-plugins/active_admin_role) Role based authorization with CanCanCan for Active Admin
- [**48**Star][14d] [C] [jafarlihi/connmap](https://github.com/jafarlihi/connmap) connmap is an X11 desktop widget that shows location of your current network peers on a world map
- [**48**Star][13d] [Py] [nickstadb/patch-apk](https://github.com/nickstadb/patch-apk) Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.
- [**48**Star][2m] [C#] [fox-it/ldapfragger](https://github.com/fox-it/ldapfragger) 
- [**48**Star][1y] [C#] [stbrenner/silentcmd](https://github.com/stbrenner/silentcmd) SilentCMD executes a batch file without opening the command prompt window.
- [**48**Star][1m] [he-wenjian/igpu-leak](https://github.com/he-wenjian/igpu-leak) [CVE-2019-14615] iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU
- [**48**Star][2m] [Py] [sammyfung/hk0weather](https://github.com/sammyfung/hk0weather) Web scraper project to collect the useful Hong Kong weather data from HKO website
- [**48**Star][2y] [JS] [layr-team/layr](https://github.com/layr-team/layr) A decentralized (p2p) file storage system built atop Kademlia DHT that enforces data integrity, privacy, and availability through sharding, proofs of retrievability, redundancy, and encryption, with smart-contract powered incentive scheme
- [**48**Star][2y] [Py] [teamhg-memex/scrapy-crawl-once](https://github.com/teamhg-memex/scrapy-crawl-once) Scrapy middleware which allows to crawl only new content
- [**48**Star][3y] [Java] [linsea/apkcompare](https://github.com/linsea/apkcompare) A tool to compare 2 version APKs to find out files change. 比较两个版本的APK以找出文件大小变化的工具
- [**48**Star][20d] [Shell] [onbiron/apk-resigner](https://github.com/onbiron/apk-resigner) A bash script utility for resining Android Package (APK) files.
- [**48**Star][2m] [Scheme] [weinholt/industria](https://github.com/weinholt/industria) Cryptographic libraries for R6RS Scheme
- [**48**Star][5m] [Java] [1ilsang/study](https://github.com/1ilsang/study) Algorithm / Book Reviews / Interview / ETC
- [**48**Star][27d] [Py] [thor77/blueproximity](https://github.com/thor77/blueproximity) Run a command once a bluetooth device is in/out of a range
- [**48**Star][6m] [Shell] [professionallyevil/c4](https://github.com/professionallyevil/c4) Cyberdelia, a Collection of Command and Control frameworks
- [**48**Star][25d] [Py] [drewsif/pysecretsocks](https://github.com/drewsif/pysecretsocks) A python socks server for tunneling a connection over another channel
- [**48**Star][3m] [JS] [tywei90/lmlcspider_production](https://github.com/tywei90/lmlcspider_production) 
- [**48**Star][2m] [C++] [avplayer/avpn](https://github.com/avplayer/avpn) a simple vpn implemented based on c++ asio.
- [**48**Star][24d] [C] [fac/auth-script-openvpn](https://github.com/fac/auth-script-openvpn) OpenVPN plugin to auth connections using non-blocking external script
- [**48**Star][2m] [C] [cilynx/rtl88x2bu_wifi_linux_v5.2.4.4_26334.20180126_coex20171012-5044](https://github.com/cilynx/rtl88x2bu_wifi_linux_v5.2.4.4_26334.20180126_coex20171012-5044) rtl88x2bu driver updated for modern kernels.
- [**48**Star][17d] [C++] [fffaraz/cppdes](https://github.com/fffaraz/cppdes) C++ implementation of Data Encryption Standard (DES, 3DES) (ECB, CBC)
- [**48**Star][6m] [TS] [srar/socks2shadowsocks](https://github.com/srar/socks2shadowsocks) 单Socks5 转换 多Shadowsocks端口 流量统计 抓包分析 TypeScript
- [**48**Star][2m] [C++] [grcasanova/badusb](https://github.com/grcasanova/badusb) Personal implementation of the BadUSB exploit with an Atmel 8-bit AVR ATTiny85 acting as a HID keyboard
- [**48**Star][1m] [HTML] [jpcertcc/owaspdocuments](https://github.com/jpcertcc/owaspdocuments) Japanese translation of OWASP documents
- [**48**Star][1m] [Makefile] [shadowsocks/openwrt-feeds](https://github.com/shadowsocks/openwrt-feeds) OpenWrt/LEDE feeds
- [**48**Star][8m] [Go] [jpillora/scraper](https://github.com/jpillora/scraper) A configuration based HTML to JSON API server
- [**48**Star][1m] [HCL] [trailofbits/algo-ng](https://github.com/trailofbits/algo-ng) Experimental version of Algo built on Terraform
- [**48**Star][29d] [wtsxdev/exploit-development](https://github.com/wtsxdev/exploit-development) Resources for learning about Exploit Development
- [**48**Star][1y] [JS] [cyrus-and/gproxy](https://github.com/cyrus-and/gproxy) googleusercontent.com as HTTP(S) proxy
- [**48**Star][20d] [Perl] [cldrn/davtest](https://github.com/cldrn/davtest) davtest (improved)- Exploits WebDAV folders
- [**48**Star][3m] [YARA] [decalage2/balbuzard](https://github.com/decalage2/balbuzard) Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
- [**48**Star][4m] [Shell] [soaringswine/lazyrecon_docker](https://github.com/soaringswine/lazyrecon_docker) Containerized version of my fork of Nahamsec's Lazyrecon.
- [**48**Star][16d] [C#] [k8gege/porttran](https://github.com/k8gege/porttran) PortTran (.NET端口转发工具,支持任意权限)
- [**48**Star][23d] [Perl] [t3hp0rp/hitcondockerfile](https://github.com/t3hp0rp/hitcondockerfile) Dockerfile for hitcon
- [**48**Star][2m] [HTML] [c0nw0nk/coinhive](https://github.com/c0nw0nk/coinhive) A nice friendly simple and easly customizable GUI for coinhives javascript miner to embed onto websites so users of your site can interact with features of the miner on every single page this javascript miner is to help those who have problems with advertisements/advertising/ads popups banners mobile redirects malvertising/malware etc and provid…
- [**48**Star][28d] [Py] [t7hm1/pyddos](https://github.com/t7hm1/pyddos) DDOS python script
- [**48**Star][1m] [leotsui/cs259d_notes_hw_cn](https://github.com/leotsui/cs259d_notes_hw_cn) 本笔记是对课程CS 259D中涉及的论文和讲义的扩展，建议阅读原始论文和讲义。
- [**48**Star][1m] [CSS] [pockry/tv-crawler](https://github.com/pockry/tv-crawler) 英美剧 TV Show 信息爬虫。 nodejs + mongoose + superagent + Vue.js
- [**48**Star][5m] [Py] [beaugunderson/wifi-heatmap](https://github.com/beaugunderson/wifi-heatmap) 
- [**48**Star][5m] [securitytube/wifiscanvisualizer](https://github.com/securitytube/wifiscanvisualizer) Wi-Fi Scan Visualizer by Pentester Academy
- [**48**Star][1m] [C++] [vulcainreo/dvid](https://github.com/vulcainreo/dvid) Damn Vulnerable IoT Device
- [**48**Star][11d] [security-prince/resources-for-application-security](https://github.com/security-prince/Resources-for-Application-Security) Some good resources for getting started with application security
- [**48**Star][12d] [Py] [casterwx/python-maoyan-spider](https://github.com/casterwx/python-maoyan-spider) 
- [**48**Star][5m] [Py] [nyxgeek/ntlmscan](https://github.com/nyxgeek/ntlmscan) scan for NTLM directories
- [**48**Star][17d] [C#] [cristianst85/quickconnectplugin](https://github.com/cristianst85/quickconnectplugin) A KeePass plugin that allows you to connect to Windows/Linux/ESXi hosts.
- [**48**Star][4m] [C#] [ernado-x/x.web.sitemap](https://github.com/ernado-x/x.web.sitemap) Simple sitemap generator for .NET and .NET Core
- [**48**Star][13d] [Assembly] [pelock/simple-polymorphic-engine-spe32](https://github.com/pelock/simple-polymorphic-engine-spe32) Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
- [**48**Star][1m] [C++] [notglop/sysexec](https://github.com/NotGlop/SysExec) [Windows] Local Privilege Escalation - WebClient
- [**48**Star][5y] [Java] [gdssecurity/gds-pmd-security-rules](https://github.com/GDSSecurity/GDS-PMD-Security-Rules) Custom security ruleset for the popular Java static analysis tool PMD.
- [**48**Star][12d] [Java] [hsiafan/cute-proxy](https://github.com/hsiafan/cute-proxy) A Man-In-The-Middle Proxy as Fiddle and Charles, using Netty, JavaFX
- [**48**Star][11m] [HTML] [yahooarchive/csptester](https://github.com/YahooArchive/csptester) A quick and easy way to test CSP behavior on modern browsers
- [**48**Star][4y] [C] [zerosum0x0/loadlibrary-getprocaddress-replacements](https://github.com/zerosum0x0/loadlibrary-getprocaddress-replacements) LoadLibrary() and GetProcAddress() Replacement Functions
- [**48**Star][4y] [C] [yolosec/upcgen](https://github.com/yolosec/upcgen) Proof of concept for UPC UBEE router hack - WPA2 password generator
- [**48**Star][2y] [html] [wzw19890321/exploits](https://github.com/wzw19890321/exploits) 
- [**48**Star][16d] [Py] [withzombies/bnil-graph](https://github.com/withzombies/bnil-graph) A BinaryNinja plugin to graph a BNIL instruction tree
- [**48**Star][2y] [C++] [wanttobeno/win_driver_mouse_and_key](https://github.com/wanttobeno/win_driver_mouse_and_key) 驱动模拟键鼠，支持64位，附代码
- [**48**Star][5y] [Go] [violetyk/graid](https://github.com/violetyk/graid) Graid is an image proxy daemon.
- [**48**Star][3y] [C++] [vdalibard/boat](https://github.com/vdalibard/boat) 
- [**48**Star][1m] [C++] [vanhauser-thc/afl-pin](https://github.com/vanhauser-thc/afl-pin) run AFL with pintool
- [**48**Star][10d] [Py] [tufin/pytos](https://github.com/tufin/pytos) A Python SDK for Tufin Orchestration Suite
- [**48**Star][4m] [Py] [trinitronx/vncpasswd.py](https://github.com/trinitronx/vncpasswd.py) A Python implementation of vncpasswd, w/decryption abilities & extra features ;-)
- [**48**Star][2y] [Py] [towerofhanoi/ctfsubmitter](https://github.com/towerofhanoi/ctfsubmitter) A flag submitter service with distributed attackers for attack/defense CTF games.
- [**48**Star][4y] [Py] [topshed/rpi_8x8griddraw](https://github.com/topshed/rpi_8x8griddraw) A Python Pygame application for creating 8x8 images to load onto the Astro-Pi LED matrix
- [**48**Star][3y] [C++] [tonyzesto/pubgprivxcode85](https://github.com/tonyzesto/pubgprivxcode85) Player ESP 3D Box ESP Nametag ESP Lightweight Code Secure Injection Dedicated Cheat Launcher Secured Against Battleye Chicken Dinner Every Day. Win more matches than ever before with CheatAutomation’s Playerunknown’s Battlegrounds cheat! Our stripped down, ESP only cheat gives you the key features you need to take out your opponents and be eatin…
- [**48**Star][2m] [Py] [supernothing/sergio-proxy](https://github.com/supernothing/sergio-proxy) Automatically exported from code.google.com/p/sergio-proxy
- [**48**Star][19d] [Shell] [sundowndev/covermyass](https://github.com/sundowndev/covermyass) Shell script to cover your tracks on UNIX systems. Designed for pen testing "covering tracks" phase, before exiting the infected server. Or, permanently disable system logs for post-exploitation.
- [**48**Star][4m] [C++] [stoyan-shopov/troll](https://github.com/stoyan-shopov/troll) A source level debugger for C programs running on ARM Cortex-M parts. Utilizes the *blackmagic* probe and the *Qt* framework
- [**48**Star][17d] [HTML] [steamdatabase/steamstat.us](https://github.com/steamdatabase/steamstat.us) 
- [**48**Star][27d] [Go] [staaldraad/tcpprox](https://github.com/staaldraad/tcpprox) Simple TCP proxy. Allows you to intercept/inspect TCP traffic.
- [**48**Star][5m] [C] [squalr/selfhackingapp](https://github.com/squalr/selfhackingapp) Self Assembling/Disassembling C++ App Reference Code
- [**48**Star][8m] [C++] [sogeti-esec-lab/android-fde](https://github.com/sogeti-esec-lab/android-fde) Tools to work on Android Full Disk Encryption (FDE).
- [**48**Star][4m] [C] [shunix/androidgothook](https://github.com/shunix/androidgothook) GOT Hook implemented in Android
- [**48**Star][1m] [sergk/cheatsheat-tcpdump](https://github.com/sergk/cheatsheat-tcpdump) cheatsheat-tcpdump
- [**48**Star][2m] [Py] [rsmusllp/king-phisher-plugins](https://github.com/rsmusllp/king-phisher-plugins) Plugins for the King Phisher open source phishing campaign toolkit.
- [**48**Star][5m] [saaramar/publications](https://github.com/saaramar/publications) 
- [**48**Star][4m] [Visual Basic] [s1egesystems/ghostsquadhackers-javascript-encrypter-encoder](https://github.com/s1egesystems/ghostsquadhackers-javascript-encrypter-encoder) Encrypt/Encode your Javascript code. (Windows Scripting)
- [**48**Star][24d] [Shell] [rumesh986/wifianalyse](https://github.com/rumesh986/wifianalyse) simple bash script to monitor wifi signal and ping time
- [**48**Star][2m] [Assembly] [raspberrypi/rpi-sense](https://github.com/raspberrypi/rpi-sense) Sense HAT firmware and driver
- [**48**Star][1m] [PHP] [pupi1985/marfil](https://github.com/pupi1985/marfil) Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers.
- [**48**Star][5m] [Py] [psiphitheta/hfcrypto](https://github.com/psiphitheta/hfcrypto) Machine-learning based high frequency trading algorithm for altcoin cryptocurrencies [moved to closed source]
- [**48**Star][3y] [PS] [proxb/poshprivilege](https://github.com/proxb/poshprivilege) Manage user privileges on a local machine or view applied privileges on local or remote system
- [**48**Star][15d] [Py] [phage-nz/infosec-bazaar](https://github.com/phage-nz/infosec-bazaar) A collection of infosec related scripts and information.
- [**48**Star][2m] [C] [petabi/sniffles](https://github.com/petabi/sniffles) Packet Capture Generator for IDS and Regular Expression Evaluation
- [**48**Star][1y] [Py] [pdasilva/vtrace_scripts](https://github.com/pdasilva/vtrace_scripts) 
- [**48**Star][10d] [Java] [openjsse/openjsse](https://github.com/openjsse/openjsse) OpenJSSE: A JSSE provider that supports TLS 1.3 on Java SE 8
- [**48**Star][10m] [Java] [opencryptoproject/jcmathlib](https://github.com/opencryptoproject/jcmathlib) Implementation of mathematical operations with big numbers and elliptic curve points for smart cards with JavaCard platform.
- [**48**Star][11d] [ObjC] [ooni/probe-ios](https://github.com/ooni/probe-ios) OONI Probe iOS
- [**48**Star][2m] [JS] [oasis-open/cti-stix-visualization](https://github.com/oasis-open/cti-stix-visualization) OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships
- [**48**Star][1y] [Py] [nowsecure/r2lldb](https://github.com/nowsecure/r2lldb) radare2-lldb integration
- [**48**Star][2y] [C++] [notscimmy/libelevate](https://github.com/notscimmy/libelevate) Handle elevation DKOM against ObRegisterCallbacks
- [**48**Star][3m] [Py] [nocomplexity/securityprivacyreferencearchitecture](https://github.com/nocomplexity/securityprivacyreferencearchitecture) Open Repository for the Open Security and Privacy Reference Architecture
- [**48**Star][19d] [network-automation/networking-icons](https://github.com/network-automation/networking-icons) Repo containing various networking icons including routers, switches, servers, firewalls, load balancers and more. Icons are provided in png and svg formats.
- [**48**Star][2m] [C++] [nccgroup/psr](https://github.com/nccgroup/psr) Pointer Sequence Reverser - enable you to see how Windows C++ application is accessing a particular data member or object.
- [**48**Star][7y] [nccgroup/frisbeelite](https://github.com/nccgroup/frisbeelite) A GUI-based USB device fuzzer
- [**48**Star][3m] [C++] [ncatlin/exilesniffer](https://github.com/ncatlin/exilesniffer) A protocol decryption and dissection tool for the game 'Path of Exile'
- [**48**Star][4m] [C] [myfreeer/chrome-pak-customizer](https://github.com/myfreeer/chrome-pak-customizer) a simple command-line tool to pack and unpack pak files in chrome or chromium-based browser
- [**48**Star][14d] [Py] [mthbernardes/fses](https://github.com/mthbernardes/fses) Fucking Search Engines Scraper - python library to scrap url's from search engines
- [**48**Star][2m] [Java] [monstersb/hijackandroidpoweroff](https://github.com/monstersb/hijackandroidpoweroff) Android hijack power off
- [**48**Star][10d] [Py] [monrocoury/admin-panel-finder](https://github.com/monrocoury/admin-panel-finder) A powerful admin login page finder in python
- [**48**Star][1m] [C] [mobileforensicsresearch/mem](https://github.com/mobileforensicsresearch/mem) Tool used for dumping memory from Android devices
- [**48**Star][8m] [Shell] [mkdesu/cables](https://github.com/mkdesu/cables) Cables Communication, secure and anonymous communication using email-like addresses.
- [**48**Star][24d] [Py] [misp/mail_to_misp](https://github.com/misp/mail_to_misp) Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
- [**48**Star][3m] [mikewest/cookies-over-http-bad](https://github.com/mikewest/cookies-over-http-bad) Archived proposal from 2018. Perhaps the approach in mikewest/scheming-cookies will be more successful!
- [**48**Star][26d] [mikalv/awesome-i2p](https://github.com/mikalv/awesome-i2p) A curated list of awesome I2P implementations, libraries, resources, projects, and shiny things. I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs.
- [**48**Star][25d] [C] [davlxd/simple-vpn-demo](https://github.com/davlxd/simple-vpn-demo) A Simple Point-to-Point tunnelling implementation in C
- [**48**Star][26d] [Go] [luc10/struts-rce-cve-2017-9805](https://github.com/luc10/struts-rce-cve-2017-9805) Apache Struts CVE 2017-9805 漏洞利用代码（Go语言）
- [**48**Star][4m] [PS] [lkys37en/start-adenum](https://github.com/lkys37en/start-adenum) Tool that automates Active Directory enumeration
- [**48**Star][19d] [Shell] [lephleg/nano-node-docker](https://github.com/lephleg/nano-node-docker) Setup a fully automated NANO cryptocurrency node as part of an dockerized ecosystem with fast-syncing and easy SSL support.
- [**48**Star][2y] [lcatro/think-in-security](https://github.com/lcatro/think-in-security) 从二进制到WEB ,分享我在安全路上的思考与点滴,后面会不断地更新..
- [**48**Star][23d] [Py] [kukfa/bindbg](https://github.com/kukfa/bindbg) Binary Ninja plugin that syncs WinDbg to Binary Ninja
- [**48**Star][2y] [C++] [kristopher/ps2-mouse-arduino](https://github.com/kristopher/ps2-mouse-arduino) Arduino/Wiring Library for interfacing with a PS2 mouse.
- [**48**Star][1y] [Go] [konstantin8105/ddos](https://github.com/konstantin8105/ddos) DDoS attack. Creating infinite http GET requests.
- [**48**Star][2y] [C] [kkamagui/iron-hid](https://github.com/kkamagui/iron-hid) Create Your Own Bad USB Device (Presented at HITBSecConf 2016)
- [**48**Star][26d] [Go] [kerbyj/golazagne](https://github.com/kerbyj/golazagne) Go library for credentials recovery
- [**48**Star][4m] [TSQL] [kacos2000/windowstimeline](https://github.com/kacos2000/windowstimeline) SQLite query & Powershell scripts to parse the Windows 10 (v1803+) ActivitiesCache.db
- [**48**Star][5m] [C] [jthuraisamy/dirt](https://github.com/jthuraisamy/dirt) Driver Initial Reconnaissance Tool
- [**48**Star][4y] [Shell] [jdsecurity/cryptotrooper](https://github.com/jdsecurity/cryptotrooper) The world's first Linux white-box ransomware
- [**48**Star][1m] [C] [jay/gethooks](https://github.com/jay/gethooks) GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
- [**48**Star][4m] [Go] [jakejarvis/subtake](https://github.com/jakejarvis/subtake) Automatic finder for subdomains vulnerable to takeover. Written in Go, based on
- [**48**Star][4m] [C] [invictus-0x90/vulnerable_linux_driver](https://github.com/invictus-0x90/vulnerable_linux_driver) An intentionally vulnerable linux driver for research purposes/practice in kernel exploit dev
- [**48**Star][3y] [Java] [inode-/attackselector](https://github.com/inode-/attackselector) Burp Suite Attack Selector Plugin
- [**48**Star][3y] [PHP] [incredibleindishell/ldap-credentials-collector-backdoor-generator](https://github.com/incredibleindishell/ldap-credentials-collector-backdoor-generator) This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
- [**48**Star][15d] [Py] [ikoz/jdwp-lib-injector](https://github.com/ikoz/jdwp-lib-injector) inject native shared libraries into debuggable Android applications
- [**48**Star][4y] [JS] [huangwc94/scraping-helper-chrome-extension](https://github.com/huangwc94/scraping-helper-chrome-extension) Scraping Helper will help you to find out the best html/css selector for certain elements
- [**48**Star][5m] [C] [hexhive/smotherspectre](https://github.com/hexhive/smotherspectre) Proof-of-concept code for the SMoTherSpectre exploit.
- [**48**Star][2m] [C++] [hackedteam/core-macos](https://github.com/hackedteam/core-macos) RCS Agent for Mac
- [**48**Star][13d] [C] [groupgets/purethermal1-firmware](https://github.com/groupgets/purethermal1-firmware) Reference firmware for PureThermal 1 FLIR Lepton Dev Kit
- [**48**Star][5m] [Java] [greywolf007/mobileq750hook](https://github.com/greywolf007/mobileq750hook) MobileQ750Hook
- [**48**Star][2y] [grayddq/hids](https://github.com/grayddq/hids) 基于主机型入侵检测系统，HIDS运行依赖这样一个原理：一个成功的入侵者一般而言都会留下他们入侵的痕迹。
- [**48**Star][2m] [Py] [grant-olson/pyasm](https://github.com/grant-olson/pyasm) Dynamic inline x86 assembler for python.
- [**48**Star][12d] [JS] [github/enable-security-alerts-sample](https://github.com/github/enable-security-alerts-sample) This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.
- [**48**Star][15d] [Py] [funsecurity/apk_binder_script](https://github.com/funsecurity/apk_binder_script) apk binder script
- [**48**Star][12d] [Py] [fnzv/trsh](https://github.com/fnzv/trsh) Telegram Remote-Shell
- [**48**Star][2m] [Perl] [fnord0/hurl](https://github.com/fnord0/hurl) hexadecimal & URL encoder + decoder
- [**48**Star][1y] [Go] [filosottile/openbsd-fde-crack](https://github.com/filosottile/openbsd-fde-crack) Some code to bruteforce OpenBSD softraid encrypted drives - NOT A READY-TO-USE TOOL
- [**48**Star][1m] [JS] [dkoluris/pseudo-js](https://github.com/dkoluris/pseudo-js) PLAYSTATION emulator in JavaScript
- [**48**Star][2y] [Py] [devgc/eventmonkey](https://github.com/devgc/eventmonkey) A Windows Event Processing Utility
- [**48**Star][4m] [Ruby] [dev-sec/ssl-baseline](https://github.com/dev-sec/ssl-baseline) DevSec SSL/TLS Baseline - InSpec Profile
- [**48**Star][4m] [CSS] [destructivevoice/destructivefarm](https://github.com/destructivevoice/destructivefarm) 
- [**48**Star][3y] [Py] [debasishm89/iefuzz](https://github.com/debasishm89/iefuzz) A static Internet Explorer Fuzzer.
- [**48**Star][7y] [C++] [cr4sh/msfontsfuzz](https://github.com/cr4sh/msfontsfuzz) OpenType font file format fuzzer for Windows
- [**48**Star][7y] [C++] [cr4sh/code-coverage-analysis-tools](https://github.com/cr4sh/code-coverage-analysis-tools) Code coverage analysis tools for the PIN Toolkit
- [**48**Star][2y] [C++] [collin80/m2ret](https://github.com/collin80/m2ret) GVRET fork to Macchina M2 board
- [**48**Star][17d] [codworth/esp-host](https://github.com/codworth/esp-host) Serve payloads using the esp8266
- [**48**Star][2y] [PS] [clr2of8/detect-sslmitm](https://github.com/clr2of8/detect-sslmitm) This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.
- [**48**Star][3m] [Py] [cisco-talos/re2pcap](https://github.com/cisco-talos/re2pcap) Create PCAP file from raw HTTP request or response in seconds
- [**48**Star][2m] [Py] [cert-polska/malwarecage](https://github.com/cert-polska/malwarecage) Malware repository component for samples & static configuration with REST API interface
- [**48**Star][25d] [Go] [carloop/simulator-program](https://github.com/carloop/simulator-program) Software for the CAN bus simulator on the Rasperry Pi
- [**48**Star][11d] [C#] [blackvikingpro/aresskit](https://github.com/blackvikingpro/aresskit) Next Generation Remote Administration Tool (RAT)
- [**48**Star][4m] [Py] [bitthebyte/bitblinder](https://github.com/bitthebyte/bitblinder) Burp extension helps in finding blind xss vulnerabilities
- [**48**Star][14d] [C++] [bareflank/standalone_cxx](https://github.com/bareflank/standalone_cxx) run C++ from anywhere
- [**48**Star][14d] [JS] [bahmutov/ban-sensitive-files](https://github.com/bahmutov/ban-sensitive-files) Checks filenames to be committed against a library of filename rules to prevent sensitive files in Git
- [**48**Star][2m] [JS] [awalgarg/devtools-timing-attack](https://github.com/awalgarg/devtools-timing-attack) timing attack to check if devtools are open
- [**48**Star][4m] [Py] [arthastang/router-exploit-shovel](https://github.com/arthastang/router-exploit-shovel) Automated Application Generation for Stack Overflow Types on Wireless Routers
- [**48**Star][1y] [Shell] [appsecconsulting/pentest-tools](https://github.com/appsecconsulting/pentest-tools) Penetration Testing Tools Developed by AppSec Consulting.
- [**48**Star][1m] [Py] [anssi-fr/bits_parser](https://github.com/anssi-fr/bits_parser) Extract BITS jobs from QMGR queue and store them as CSV records
- [**48**Star][5m] [C] [andnxor/andnxor_dc25_badge](https://github.com/andnxor/andnxor_dc25_badge) AND!XOR Unofficial DEF CON 25 Badge
- [**48**Star][2y] [java] [anbai-inc/burpstart](https://github.com/anbai-inc/burpstart) Burp 启动加载器
- [**48**Star][6y] [C++] [amrthabet/pysrdf](https://github.com/amrthabet/pysrdf) This is the python wrapper for The Security Framework SRDF
- [**48**Star][5y] [Py] [allfro/pcappy](https://github.com/allfro/pcappy) A pure Python libpcap wrapper!
- [**48**Star][4m] [C] [alexdenisov/modernstickies](https://github.com/alexdenisov/modernstickies) Reverse Engineering Stickies.app
- [**48**Star][4y] [JS] [akras14/memory-leak-example](https://github.com/akras14/memory-leak-example) 
- [**48**Star][3y] [Py] [agusmakmun/python-wordlist-generator](https://github.com/agusmakmun/python-wordlist-generator) Create awesome wordlist with python - demo:
- [**47**Star][17d] [C++] [angr/angr-z3](https://github.com/angr/angr-z3) The Z3 Theorem Prover - repository for staging python distributions
- [**47**Star][4m] [Go] [selvakn/p2p-port-forward](https://github.com/selvakn/p2p-port-forward) Command line utility to forward ports between two hosts across different networks/subnets, in a peer-to-peer fashion using zerotier, without sudo privileges
- [**47**Star][22d] [Py] [0x0ptim0us/twpy](https://github.com/0x0ptim0us/twpy) Twitter High level scraper for humans.
- [**47**Star][3y] [Py] [gotrained/scrapy-craigslist](https://github.com/gotrained/scrapy-craigslist) Web Scraping Craigslist's Engineering Jobs in NY with Scrapy
- [**47**Star][2m] [C++] [rust-fuzz/libfuzzer](https://github.com/rust-fuzz/libfuzzer) Rust bindings and utilities for LLVM’s libFuzzer
- [**47**Star][6m] [pymoe/secbox](https://github.com/pymoe/secbox) 
- [**47**Star][21d] [Rust] [internet-of-people/mercury-rust](https://github.com/internet-of-people/mercury-rust) A distributed network with a unique identity and networking model. Focus is on privacy, P2P communication and encryption to make the Internet ours again.
- [**47**Star][28d] [Java] [artsploit/yaml-payload](https://github.com/artsploit/yaml-payload) A tiny project for generating SnakeYAML deserialization payloads
- [**47**Star][15d] [Dockerfile] [tiredofit/docker-self-service-password](https://github.com/tiredofit/docker-self-service-password) Docker LDAP Toolbox Self-Service Password changer Image w/nginx, php-fpm with S6 overlay, and Zabbix monitoring support based on Alpine
- [**47**Star][4m] [Jupyter Notebook] [decalogue/algorithmmap](https://github.com/decalogue/algorithmmap) 建立你的算法地图：如何高效学习算法；算法工程师：从小白到专家
- [**47**Star][2m] [PHP] [he426100/alipay-crawler](https://github.com/he426100/alipay-crawler) 支付宝账单爬虫
- [**47**Star][2m] [Rust] [currysoftware/rust-stemmers](https://github.com/currysoftware/rust-stemmers) A rust implementation of some popular snowball stemming algorithms
- [**47**Star][14d] [Py] [scivision/pybluez-examples](https://github.com/scivision/pybluez-examples) Example Bluetooth tasks using the Python PyBluez module
- [**47**Star][11d] [Go] [tnychn/torrodle](https://github.com/tnychn/torrodle) 
- [**47**Star][1m] [Py] [koplyf/gplaycrawler](https://github.com/koplyf/gplaycrawler) 
- [**47**Star][11d] [Py] [graysilver/wencai](https://github.com/graysilver/wencai) This is a wencai crawler.（i问财的策略回测接口的Pythonic工具包）
- [**47**Star][14d] [Go] [cornelk/goscrape](https://github.com/cornelk/goscrape) Web scraper that can create an offline readable version of a website
- [**47**Star][9m] [C#] [benjibobs/steam-shutdown](https://github.com/benjibobs/steam-shutdown) A simple and lightweight program that will shutdown your PC after Steam has finished all of its downloads
- [**47**Star][27d] [C++] [minhaskamal/algorithmimplementations](https://github.com/minhaskamal/algorithmimplementations) Implementation of Elementary Algorithms (infix-prefix-postfix-evaluation-to-longest-common-increasing-sub-sequence-activity-selection-balance-kd-binary-heap-binomial-tree-breath-depth-first-search-max-flow-shortest-path-topological-sort-calculus-derivative-integration-forward-interpolation-simpson-rule-intersecting-area-non-linear-equation-jacob…
- [**47**Star][12d] [TS] [actions-rs/audit-check](https://github.com/actions-rs/audit-check) 
- [**47**Star][13d] [C] [questescape/exploit](https://github.com/questescape/exploit) Kernel exploits for the Oculus Quest
- [**47**Star][1y] [lololosys/awesome-baseband-research](https://github.com/lololosys/awesome-baseband-research) A curated list of awesome baseband research resources
- [**47**Star][2m] [fkie-cad/destroid](https://github.com/fkie-cad/destroid) Fighting String Encryption in Android Malware
- [**47**Star][10d] [Py] [adhorn/aws-lambda-chaos-injection](https://github.com/adhorn/aws-lambda-chaos-injection) Chaos Injection library for AWS Lambda
- [**47**Star][1y] [PHP] [cloudsec/aioshell](https://github.com/cloudsec/aioshell) A php webshell run under linux based webservers. v0.05
- [**47**Star][26d] [JS] [skreweverything/command-cache](https://github.com/skreweverything/command-cache) GUI program that logs a detailed history of executed terminal commands for easier access.
- [**47**Star][1m] [bagder/trrprefs](https://github.com/bagder/trrprefs) (unofficial) docs for Firefox TRR (DNS-over-HTTPS)
- [**47**Star][26d] [OCaml] [binaryanalysisplatform/bap-plugins](https://github.com/binaryanalysisplatform/bap-plugins) BAP Plugins Repository
- [**47**Star][3m] [Py] [hatriot/peachorchard](https://github.com/hatriot/peachorchard) Peach Fuzzer Web Frontend
- [**47**Star][21d] [Lua] [whitequark/zmtp-wireshark](https://github.com/whitequark/zmtp-wireshark) A Wireshark dissector for ZMTP version 3.0 and later (ZeroMQ 4 and later)
- [**47**Star][1m] [Py] [sharkdp/stack-inspector](https://github.com/sharkdp/stack-inspector) A gdb command to inspect the size of objects on the stack
- [**47**Star][2m] [C#] [3gstudent/apt34-jason](https://github.com/3gstudent/apt34-jason) Use to perform Microsoft exchange account brute-force.
- [**47**Star][16d] [Py] [undeadsec/checkurl](https://github.com/undeadsec/checkurl) Detect evil urls that uses IDN Homograph Attack.
- [**47**Star][2m] [Shell] [ticarpi/my-pentesting-repo](https://github.com/ticarpi/my-pentesting-repo) This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds the reminders useful, then enjoy! A few links for useful tools and files. Some tools written by me.
- [**47**Star][21d] [Py] [oasis-open/cti-taxii-client](https://github.com/oasis-open/cti-taxii-client) OASIS TC Open Repository: TAXII 2 Client Library Written in Python
- [**47**Star][17d] [Go] [ehco1996/v2scar](https://github.com/ehco1996/v2scar) sidecar for V2ray
- [**47**Star][29d] [Py] [k8gege/ciscoexploit](https://github.com/k8gege/ciscoexploit) Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution/CVE-2019-1653/Cisco SNMP RCE/Dump Cisco RV320 Password)
- [**47**Star][6m] [Py] [paulmcmillan/kismetclient](https://github.com/paulmcmillan/kismetclient) A Python client for the Kismet server protocol
- [**47**Star][25d] [C] [gdbinit/efi_dxe_emulator](https://github.com/gdbinit/efi_dxe_emulator) EFI DXE Emulator and Interactive Debugger
- [**47**Star][2m] [PHP] [kurtcoke/demonhunter_exploitkit](https://github.com/kurtcoke/demonhunter_exploitkit) Source code to the Malicious Demon Hunter Exploit Kit
- [**47**Star][12d] [PS] [neal1991/htb](https://github.com/neal1991/htb) The walkthrough of hack the box
- [**47**Star][10d] [Py] [safebreach-labs/backdoros](https://github.com/safebreach-labs/backdoros) backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
- [**47**Star][12d] [C++] [johnsonjason/rvdbg](https://github.com/johnsonjason/RVDbg) RVDbg is a debugger/exception handler for Windows processes and has the capability to circumvent anti-debugging techniques. (Cleaner, documented code base being worked on in: core branch)
- [**47**Star][2m] [C++] [3gstudent/windows-eventlog-bypass](https://github.com/3gstudent/Windows-EventLog-Bypass) Use subProcessTag Value From TEB to identify Event Log Threads
- [**47**Star][23d] [C++] [lifting-bits/klee](https://github.com/lifting-bits/klee) KLEE Symbolic Execution Engine
- [**47**Star][4y] [Py] [jjo-sec/idataco](https://github.com/jjo-sec/idataco) IDATACO IDA Pro Plugin
- [**47**Star][2m] [Py] [miss-d/blindy](https://github.com/miss-d/blindy) Simple script to automate brutforcing blind sql injection vulnerabilities
- [**47**Star][2m] [C] [zznop/flyr](https://github.com/zznop/flyr) Block-based software vulnerability fuzzing framework
- [**47**Star][1y] [Py] [zev3n/shodan_so](https://github.com/zev3n/shodan_so) Search Assistant: Searching shodan via API.
- [**47**Star][9m] [Py] [zer0yu/zeroscan](https://github.com/zer0yu/zeroscan) Multi-Thread Vulnerability Verify Framework
- [**47**Star][1y] [C] [yifanlu/3ds_injector](https://github.com/yifanlu/3ds_injector) Open source implementation of loader module with code injection support
- [**47**Star][6m] [Assembly] [xem/nes](https://github.com/xem/nes) NES emulation cheat sheet & tiny JS NES emulator
- [**47**Star][5m] [PHP] [xchwarze/cain](https://github.com/xchwarze/cain) Password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncover…
- [**47**Star][3y] [Py] [wpentester/linkedin_profiles](https://github.com/wpentester/linkedin_profiles) scrapes Linkedin for company employee profiles
- [**47**Star][5m] [C] [wallarm/libdetection](https://github.com/wallarm/libdetection) Signature-free approach library to detect injection and commanding attacks
- [**47**Star][1y] [C++] [vletoux/detectpasswordviantlminflow](https://github.com/vletoux/detectpasswordviantlminflow) Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test passwords
- [**47**Star][2y] [Py] [vah13/sap_exploit](https://github.com/vah13/sap_exploit) Here you can get full exploit for SAP NetWeaver AS JAVA
- [**47**Star][1y] [Ruby] [uploadcare/uploadcare-rails](https://github.com/uploadcare/uploadcare-rails) Rails wrapper for Uploadcare
- [**47**Star][4m] [turing-chain/honeypots-on-blockchain](https://github.com/turing-chain/honeypots-on-blockchain) This repo collects almost all the smart contract honeypots that you could find in the first three pages of Google search.
- [**47**Star][4y] [Py] [tribalchicken/volatility-filevault2](https://github.com/tribalchicken/volatility-filevault2) Volatility plugin to extract FileVault 2 VMK's
- [**47**Star][1y] [Go] [threeaccents/botnet](https://github.com/threeaccents/botnet) A tcp botnet written in golang
- [**47**Star][6m] [threatminer/aptnotes](https://github.com/threatminer/aptnotes) Various public documents, whitepapers and articles about APT campaigns
- [**47**Star][4m] [thomasthelen/ollydbg-scripts](https://github.com/thomasthelen/ollydbg-scripts) Unpacking scripts for Ollydbg.
- [**47**Star][22d] [C++] [thebabush/dumb-obfuscator](https://github.com/thebabush/dumb-obfuscator) Tutorial on how to write the dumbest obfuscator I could think of.
- [**47**Star][24d] [the-blockchain-bible/readme](https://github.com/the-blockchain-bible/readme) The Blockchain Bible,a collections for blockchain tech,bitcoin,ethereum,crypto currencies,cryptography,decentralized solutions,business scenarios,hyperledger tech,meetups,区块链,数字货币,加密货币,比特币,以太坊,密码学,去中心化,超级账本
- [**47**Star][16d] [Rust] [teovoinea/steganography](https://github.com/teovoinea/steganography) A simple steganography library written in rust
- [**47**Star][2y] [C] [tamirzb/cve-2018-9411](https://github.com/tamirzb/cve-2018-9411) Exploit code for CVE-2018-9411 for MediaCasService
- [**47**Star][10m] [C++] [talvos/talvos](https://github.com/talvos/talvos) Talvos is a dynamic-analysis framework and debugger for Vulkan/SPIR-V programs.
- [**47**Star][5m] [C] [sunnyki/bareboot](https://github.com/sunnyki/bareboot) Bare Boot. EFI bootloader for Mac OS, Windows, Linux etc
- [**47**Star][8y] [spiderlabs/korelogic-rules](https://github.com/spiderlabs/korelogic-rules) Updated version of the 2010 KoreLogic password cracking rules for John the Ripper
- [**47**Star][8m] [C] [simsong/afflibv3](https://github.com/simsong/afflibv3) AFF is now being maintained at
- [**47**Star][25d] [JS] [silverwind/tcpie](https://github.com/silverwind/tcpie) CLI tool to ping any TCP port
- [**47**Star][3y] [silvermoonsecurity/security-misc](https://github.com/silvermoonsecurity/security-misc) # Full overview of current vulnerability, exploit , fuzz, mitigation of current major Operation System(Windows, macOS, Linux, Android,iOS and so forath) and popular applicaiton
- [**47**Star][4y] [Py] [secwiki/scaing-backdoor](https://github.com/secwiki/scaing-backdoor) 新一代Webshell扫描工具
- [**47**Star][2y] [Py] [se55i0n/cwebscanner](https://github.com/se55i0n/cwebscanner) 快速扫描C段web应用，获取请求状态code、server、title信息
- [**47**Star][3y] [Py] [salesforce/autotriagebot](https://github.com/salesforce/autotriagebot) AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.
- [**47**Star][5m] [Py] [safebreach-labs/altfs](https://github.com/safebreach-labs/altfs) The Alternative Fileless File System
- [**47**Star][2m] [C] [s-macke/starflight-reverse](https://github.com/s-macke/starflight-reverse) Reversed engineered game Starflight (1986)
- [**47**Star][5m] [rustemsoft/skater-.net-obfuscator](https://github.com/rustemsoft/skater-.net-obfuscator) Skater .NET Obfuscator is an obfuscation tool for .NET code protection. It implements all known software protection techniques and obfuscation algorithms.
- [**47**Star][5m] [C] [rpcapd-linux/rpcapd-linux](https://github.com/rpcapd-linux/rpcapd-linux) a daemon that provides remote traffic capture for Windows version of Wireshark protocol analyzer
- [**47**Star][3m] [C] [rpaleari/qtrace](https://github.com/rpaleari/qtrace) QTrace, a "zero knowledge" system call tracer
- [**47**Star][2y] [Py] [riscure/drop-ida-plugin](https://github.com/riscure/drop-ida-plugin) Experimental opaque predicate detection for IDA Pro
- [**47**Star][2m] [JS] [rewanth1997/vuln-headers-extension](https://github.com/rewanth1997/vuln-headers-extension) Firefox extension which parses the headers of all the requests which are being flowing through your firefox browser to detect for vulnerabilities.
- [**47**Star][2y] [Swift] [remaerd/keys](https://github.com/remaerd/keys) Uncomplicated cryptography frameworks base on CommonCrypto
- [**47**Star][4y] [C++] [reevesrs24/winmacspoofer](https://github.com/reevesrs24/winmacspoofer) Windows application for spoofing the MAC address
- [**47**Star][21d] [C#] [rciworks/rci.tutorials.csgo.cheat.external](https://github.com/rciworks/rci.tutorials.csgo.cheat.external) "Counter-Strike: Global Offensive" External Cheat
- [**47**Star][8y] [Py] [radare/bokken](https://github.com/radare/bokken) python-gtk UI for radare2
- [**47**Star][2y] [CSS] [pure-l0g1c/apex](https://github.com/pure-l0g1c/apex) Using Social Engineering To Obtain WiFi Passwords
- [**47**Star][2m] [HTML] [paloaltonetworks/aws-elb-autoscaling](https://github.com/paloaltonetworks/aws-elb-autoscaling) Auto Scaling VM-Series firewalls in AWS
- [**47**Star][5y] [Py] [p0cl4bs/facebrute](https://github.com/p0cl4bs/facebrute) Bruteforce to facebook accounts
- [**47**Star][11m] [Py] [ostorlab/jniostorlab](https://github.com/ostorlab/jniostorlab) JNI method enumeration in ELF files
- [**47**Star][7y] [Java] [o2platform/defcon_resting](https://github.com/o2platform/defcon_resting) Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro
- [**47**Star][2y] [C] [ntraiseharderror/anti-delete](https://github.com/ntraiseharderror/anti-delete) Protects deletion of files with a specified extension using a kernel-mode driver.
- [**47**Star][6m] [Java] [netspi/awssigner](https://github.com/netspi/awssigner) Burp Extension for AWS Signing
- [**47**Star][2m] [Py] [nelenkov/aboot-parser](https://github.com/nelenkov/aboot-parser) Android bootloader (aboot) parser
- [**47**Star][3y] [Py] [nanshihui/android-reverse-tool](https://github.com/nanshihui/android-reverse-tool) Android reverse tool
- [**47**Star][2y] [Py] [mthbernardes/ipchecker](https://github.com/mthbernardes/ipchecker) Check if a IP is from tor or is a malicious proxy
- [**47**Star][5y] [C++] [mozmark/ringleader](https://github.com/mozmark/ringleader) A tool for configuring and using MITM proxies from firefox
- [**47**Star][15d] [Py] [modzero/interestingfilescanner](https://github.com/modzero/interestingfilescanner) Burp extension to scans for interesting files and directories
- [**47**Star][16d] [TS] [midwayjs/sandbox](https://github.com/midwayjs/sandbox) Sandbox is a Node.js application monitoring platform, which allows the application to be deployed in its own environment, combined with the data source to generate a comprehensive application report.
- [**47**Star][8y] [Shell] [metricsgrimoire/cmetrics](https://github.com/metricsgrimoire/cmetrics) CMetrics measures size and complexity for C files
- [**47**Star][1m] [Go] [rogandawes/munifying](https://github.com/RoganDawes/munifying) 
- [**47**Star][3m] [C] [malwarelu/malware-lu](https://github.com/malwarelu/malware-lu) Automatically exported from code.google.com/p/malware-lu
- [**47**Star][4m] [JS] [lwindolf/polscan](https://github.com/lwindolf/polscan) Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
- [**47**Star][25d] [Go] [lunatic-cat/xxhashdir](https://github.com/lunatic-cat/xxhashdir) 
- [**47**Star][8m] [C] [lukasikic/unix-privilege-escalation-exploits-pack](https://github.com/lukasikic/unix-privilege-escalation-exploits-pack) Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
- [**47**Star][2m] [Java] [logstash-plugins/logstash-filter-geoip](https://github.com/logstash-plugins/logstash-filter-geoip) 
- [**47**Star][3y] [Shell] [leanvel/iinject](https://github.com/leanvel/iinject) Tool to automate the process of embedding dynamic libraries into iOS applications from GNU/Linux
- [**47**Star][4y] [PS] [lazywinadmin/winformps](https://github.com/lazywinadmin/winformps) PowerShell functions for Windows Forms controls
- [**47**Star][12d] [Go] [lafolle/flen](https://github.com/lafolle/flen) Flen provides stats on functions/methods lengths in a Golang package.
- [**47**Star][5m] [Py] [kwilczynski/packer-templates](https://github.com/kwilczynski/packer-templates) Packer templates for creating Amazon EC2 images, Proxmox templates and Vagrant boxes
- [**47**Star][1m] [Py] [koboi137/darksplitz](https://github.com/koboi137/darksplitz) Exploit Framework
- [**47**Star][30d] [JS] [kingsabri/sqlmap-tamper-api](https://github.com/kingsabri/sqlmap-tamper-api) SQLMap tamper api to accept tamper scripts from all languages
- [**47**Star][3y] [C] [jyao1/stm](https://github.com/jyao1/stm) 
- [**47**Star][12d] [Java] [jwnie/proxyservice](https://github.com/jwnie/proxyservice) 抓取网上公开代理，维护可供爬虫使用的IP池，区分墙内墙外、http/https/socks代理。
- [**47**Star][4m] [Java] [jreframeworker/jreframeworker](https://github.com/jreframeworker/jreframeworker) A practical tool for bytecode manipulation and creating Managed Code Rootkits (MCRs) in the Java Runtime Environment
- [**47**Star][8m] [JS] [jonathankingston/ember-cli-sri](https://github.com/jonathankingston/ember-cli-sri) Generation of SRI hashes for ember
- [**47**Star][6m] [Py] [jessfraz/strace2elastic](https://github.com/jessfraz/strace2elastic) Strace container output to a file, then shove the syscalls into elastic search.
- [**47**Star][19d] [Java] [jenkinsci/parameterized-scheduler-plugin](https://github.com/jenkinsci/parameterized-scheduler-plugin) A Jenkins Plugin to support setting parameters in the build schedule
- [**47**Star][5m] [PS] [jaykul/tunable-ssl-validator](https://github.com/jaykul/tunable-ssl-validator) A .Net class and PowerShell module to enable best practices for SSL validation even with self-signed certificates.
- [**47**Star][1y] [jameshabben/sysmon-queries](https://github.com/jameshabben/sysmon-queries) Queries to parse sysmon event log file with microsoft logparser
- [**47**Star][1m] [Ruby] [j-0-t/staekka](https://github.com/j-0-t/staekka) Stækka Metasploit - Extenting Metasploit
- [**47**Star][7m] [Java] [iflody/mybuganalyze](https://github.com/iflody/mybuganalyze) 一些漏洞分析
- [**47**Star][10m] [JS] [hackvertor/visualfuzzer](https://github.com/hackvertor/visualfuzzer) A visual fuzzer written in NodeJS to find Zalgo characters
- [**47**Star][4m] [Py] [guoruibiao/crosswall](https://github.com/guoruibiao/crosswall) 
- [**47**Star][3m] [grapheneos/vanadium](https://github.com/grapheneos/vanadium) Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS repositories and doesn't include patches not relevant to the build targets used on GrapheneOS.
- [**47**Star][22d] [Perl] [gouveaheitor/spellbook](https://github.com/GouveaHeitor/spellbook) My collection of custom scripts, plugins, exploits and others small things 🧙🏼‍♂️
- [**47**Star][1m] [Py] [gnebbia/halive](https://github.com/gnebbia/halive) A fast http and https prober, to check which URLs are alive
- [**47**Star][2m] [C] [gentilkiwi/basic_rpc](https://github.com/gentilkiwi/basic_rpc) Samples about Microsoft RPC and native API calls in Windows C
- [**47**Star][5y] [C] [gdbinit/gatekeerper](https://github.com/gdbinit/gatekeerper) A kernel extension to mitigate Gatekeeper bypasses
- [**47**Star][1y] [C] [gdbinit/extractmacho](https://github.com/gdbinit/extractmacho) IDA plugin to extract Mach-O binaries located in the disassembly or data
- [**47**Star][1m] [Py] [fygrave/honeyntp](https://github.com/fygrave/honeyntp) NTP logger/honeypot
- [**47**Star][3m] [Pascal] [felipedaragon/huntpad](https://github.com/felipedaragon/huntpad) 开源的Notepad,有很多有助于渗透测试的特性
- [**47**Star][11m] [C] [fail0verflow/switch-arm-trusted-firmware](https://github.com/fail0verflow/switch-arm-trusted-firmware) ARM Trusted Firmware-A for the Switch
- [**47**Star][10m] [C#] [ericzimmerman/prefetch](https://github.com/ericzimmerman/prefetch) Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.
- [**47**Star][5m] [Go] [emicklei/zazkia](https://github.com/emicklei/zazkia) tcp proxy to simulate connection problems
- [**47**Star][5m] [ember-cli/rfcs](https://github.com/ember-cli/rfcs) Archive of RFCs for changes to ember-cli (for current RFC repo see
- [**47**Star][13d] [edoverflow/bug-bounty-responses](https://github.com/edoverflow/bug-bounty-responses) A collection of response templates for invalid bug bounty reports.
- [**47**Star][4m] [easonwang01/introduction-to-cryptography](https://github.com/easonwang01/introduction-to-cryptography) 密碼學筆記，使用 Node.js 與 OpenSSL
- [**47**Star][2m] [Java] [doyensec/ajpfuzzer](https://github.com/doyensec/ajpfuzzer) A command-line fuzzer for the Apache JServ Protocol (ajp13)
- [**47**Star][4m] [Shell] [doomedraven/tools](https://github.com/doomedraven/tools) Combination of different utilities, have fun!
- [**47**Star][4m] [Py] [disappeerlabs/disappeer](https://github.com/disappeerlabs/disappeer) A pure Python GUI app for GPG functionality and peer-to-peer encrypted messaging over Tor
- [**47**Star][2m] [Shell] [devilbox/cert-gen](https://github.com/devilbox/cert-gen) Generate CA and self-signed SSL certificates usable in your browser for local development.
- [**47**Star][4m] [Java] [devadvance/rootcloakplus](https://github.com/devadvance/rootcloakplus) 
- [**47**Star][2y] [PS] [dafthack/passphrasegen](https://github.com/dafthack/passphrasegen) A script for generating custom passphrase lists to be used for password cracking with hashcat rules
- [**47**Star][4m] [Py] [chriswmorris/metaforge](https://github.com/chriswmorris/metaforge) An OSINT Metadata analyzing tool that filters through tags and creates reports
- [**47**Star][2y] [Py] [chrismaddalena/fox](https://github.com/chrismaddalena/fox) A companion tool for BloodHound offering Active Directory statistics and number crunching
- [**47**Star][1m] [C++] [cedarctic/digiquack](https://github.com/cedarctic/digiquack) DuckyScript language to DigiSpark payload converter (Online / C++)
- [**47**Star][18d] [Scala] [ccied/ugforum-analysis](https://github.com/ccied/ugforum-analysis) Tools for Automated Analysis of Cybercriminal Markets
- [**47**Star][4y] [Py] [breakingmalware/avulnerabilitychecker](https://github.com/breakingmalware/avulnerabilitychecker) Tool to check if your computer is likely to be vulnerable to exploitable constant Read-Write-Execute (RWX) addresses (AVs vulnerability)
- [**47**Star][7m] [PS] [azure/health-data-and-ai-blueprint](https://github.com/azure/health-data-and-ai-blueprint) Azure Security and Compliance Blueprint - HIPAA/HITRUST Health Data and AI - deployment, and demo that Predicts the Length of Stay in Hospitals
- [**47**Star][2m] [HTML] [ashleyf/ozobot](https://github.com/ashleyf/ozobot) Reverse engineering the Ozobot
- [**47**Star][2m] [Elixir] [appunite/imager](https://github.com/appunite/imager) Image processing proxy
- [**47**Star][1m] [C++] [antid0tecom/aarch64_armv81extension](https://github.com/antid0tecom/aarch64_armv81extension) IDA AArch64 processor extender extension: Adding support for ARMv8.1 opcodes
- [**47**Star][2m] [Py] [andrew-morris/kippo_detect](https://github.com/andrew-morris/kippo_detect) Quick proof of concept to detect a Kippo SSH honeypot instance externally
- [**47**Star][2y] [HTML] [an0nud4y/socialfish](https://github.com/an0nud4y/socialfish) Modern phishing tool with advanced functionality
- [**47**Star][3y] [C#] [amarkulo/openpasswordfilter](https://github.com/amarkulo/openpasswordfilter) An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.
- [**47**Star][4m] [Py] [aliasrobotics/rvd](https://github.com/aliasrobotics/rvd) Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.
- [**47**Star][1m] [akhepcat/bridgeap](https://github.com/akhepcat/bridgeap) Automagically bridge any live interface to any idle interface using NATS, DHCP, and HostAP where applicable
- [**47**Star][2m] [Py] [aaaddress1/vtmal](https://github.com/aaaddress1/vtmal) Malware Sandbox Emulation in Python @ HITCON 2018
- [**47**Star][3m] [Py] [5alt/emu](https://github.com/5alt/emu) code emulator base on unicorn engine
- [**47**Star][7m] [PS] [3gstudent/code-execution-and-process-injection](https://github.com/3gstudent/code-execution-and-process-injection) Powershell to CodeExecution and ProcessInjection
- [**46**Star][6m] [C] [cleric-k/flyskyrxfirmwarerssimod](https://github.com/cleric-k/flyskyrxfirmwarerssimod) Patched firmwares for the various FlySky receivers to inject RSSI in IBUS channel 14
- [**46**Star][20d] [bakke92/awesome-gdpr](https://github.com/bakke92/awesome-gdpr) Protection of natural persons with regard to the processing of personal data and on the free movement of such data.
- [**46**Star][4m] [C++] [timelifeczy/sheller](https://github.com/timelifeczy/sheller) 一键加壳/脱壳，混淆，花指令，反调试等
- [**46**Star][1m] [canarytail/standard](https://github.com/canarytail/standard) 
- [**46**Star][14d] [Dockerfile] [crs-support/modsecurity-docker](https://github.com/crs-support/modsecurity-docker) The official ModSecurity Docker images
- [**46**Star][23d] [JS] [zhaodahai/wx-ant-ble](https://github.com/zhaodahai/wx-ant-ble) 微信、支付宝小程序BLE蓝牙SDK
- [**46**Star][3m] [C#] [midlevel/ruffles](https://github.com/midlevel/ruffles) Lightweight and fully managed reliable UDP library.
- [**46**Star][1m] [TS] [gitduckhq/vscode-extension](https://github.com/gitduckhq/vscode-extension) Link your code and commits to a video recording and explain your code with video.
- [**46**Star][2y] [TS] [rolling-scopes/karate](https://github.com/rolling-scopes/karate) Webscraper
- [**46**Star][4m] [humblelad/shodan-dorks](https://github.com/humblelad/shodan-dorks) Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
- [**46**Star][4m] [chef-koch/ck-s-raspberry-pi-3-config](https://github.com/chef-koch/ck-s-raspberry-pi-3-config) Raspberry Pi 3 + Pi-Hole + OpenVPN & DNSCrypt
- [**46**Star][3m] [Java] [amanjeetsingh150/algo-explorer](https://github.com/amanjeetsingh150/algo-explorer) Android app for learning algorithms in Computer Science
- [**46**Star][25d] [C#] [darkr4y/sharpoffensiveshell](https://github.com/darkr4y/sharpoffensiveshell) A sort of simple shell which support multiple protocols.
- [**46**Star][25d] [Py] [willamesoares/lyrics-crawler](https://github.com/willamesoares/lyrics-crawler) Get the lyrics for the song currently playing on Spotify
- [**46**Star][13d] [Shell] [eduvpn/documentation](https://github.com/eduvpn/documentation) eduVPN documentation
- [**46**Star][2m] [Ruby] [jaysonvirissimo/practice-thy-algorithms](https://github.com/jaysonvirissimo/practice-thy-algorithms) Practice algorithms by making the tests pass in JavaScript or Ruby.
- [**46**Star][1m] [Py] [nightmarcher/zhihu-crawler](https://github.com/NightMarcher/zhihu-crawler) 徒手实现定时爬取知乎，从中发掘有价值的信息，并可视化爬取的数据作网页展示。项目目前正在开发，欢迎前来交流学习！
- [**46**Star][10d] [Py] [m3talstorm/foe-decryption](https://github.com/m3talstorm/foe-decryption) 
- [**46**Star][1m] [C] [aabc/ipt-ratelimit](https://github.com/aabc/ipt-ratelimit) An implementation of committed access rate, or simply rate limiting, or policing for Linux iptables, implemented with high performance in mind.
- [**46**Star][27d] [Go] [phpgao/proxy_pool](https://github.com/phpgao/proxy_pool) A simple proxy pool
- [**46**Star][2m] [Go] [artyom/leproxy](https://github.com/artyom/leproxy) https reverse proxy with automatic Letsencrypt usage for multiple hostnames/backends
- [**46**Star][10d] [JS] [threatexpress/aggressor-scripts](https://github.com/threatexpress/aggressor-scripts) Cobalt Strike Aggressor Scripts
- [**46**Star][6m] [Shell] [zricethezav/gitleaks-ci](https://github.com/zricethezav/gitleaks-ci) gitleaks, but for PRs
- [**46**Star][2m] [Go] [ring04h/wyproxy2](https://github.com/ring04h/wyproxy2) golang high performance version
- [**46**Star][1m] [Py] [s0md3v/locky](https://github.com/s0md3v/locky) Locky generates "really" strong yet easy to remember passwords.
- [**46**Star][11d] [C#] [cmu-sei/ghosts](https://github.com/cmu-sei/ghosts) GHOSTS is a framework for highly-complex, realistic NPC orchestration
- [**46**Star][11d] [Java] [nordicsemiconductor/android-ble-common-library](https://github.com/nordicsemiconductor/android-ble-common-library) A companion library for the Android BLE Library. Contains parsers for common Bluetooth SIG characteristics.
- [**46**Star][11d] [C] [intel/kernelflinger](https://github.com/intel/kernelflinger)  the Intel UEFI bootloader for AndroidTM/BrilloTM
- [**46**Star][11d] [C++] [uxmal/nucleus](https://github.com/uxmal/nucleus) Clone of "Compiler-Agnostic Function Detection in Binaries" source code
- [**46**Star][11d] [JS] [0xsobky/anontab](https://github.com/0xsobky/anontab) let AnonTab = `${NoScript + HTTPSEverywhere + PrivateBrowsing + proxy}`;
- [**46**Star][1m] [VHDL] [texane/vpcie](https://github.com/texane/vpcie) implement PCIE devices using C or VHDL and test them against a QEMU virtualized architecture
- [**46**Star][16d] [Py] [danmcinerney/get_proxy](https://github.com/danmcinerney/get_proxy) Py class that returns fastest http proxy
- [**46**Star][19d] [C] [p0cl4bs/shellcodes](https://github.com/p0cl4bs/shellcodes) 
- [**46**Star][3m] [C] [shadowsocks/iptables](https://github.com/shadowsocks/iptables) iptables is the userspace command line program used to configure the Linux 2.4.x and later packet filtering ruleset. It is targeted towards system administrators.
- [**46**Star][2m] [Py] [enablesecurity/tftptheft](https://github.com/enablesecurity/tftptheft) TFTP Theft is a tool which allows one to quickly scan/bruteforce a tftp server for files and download them instantly
- [**46**Star][10d] [Shell] [ibm/cloud-pak](https://github.com/ibm/cloud-pak) IBM Cloud Paks are enterprise-grade containerized software by combining container images with enterprise capabilities for deployment in production use cases with integrations for management and lifecycle operations. Features such as pre-configured deployments based on product expertise, rolling upgrades, rollbacks, security/vulnerability testing…
- [**46**Star][1y] [Perl] [gamelinux/echidna](https://github.com/gamelinux/echidna) Network Security Monitoring Framework
- [**46**Star][4m] [cloudsploit/security-remediation-guides](https://github.com/cloudsploit/security-remediation-guides) Security Remediation Guides
- [**46**Star][29d] [Ruby] [k8gege/zimbraexploit](https://github.com/k8gege/zimbraexploit) Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
- [**46**Star][25d] [C] [kangtastic/cve-2019-2215](https://github.com/kangtastic/cve-2019-2215) Temproot for Pixel 2 and Pixel 2 XL via CVE-2019-2215
- [**46**Star][4m] [Py] [kehao95/thu_learn](https://github.com/kehao95/thu_learn) 清华大学网络学堂爬虫 Tsinghua Web Learning (deprecated)
- [**46**Star][1m] [Java] [flankerhqd/vendor-android-cves](https://github.com/flankerhqd/vendor-android-cves) Collections of my POCs for android vendor CVEs
- [**46**Star][11d] [Py] [kryptoslogic/rdppot](https://github.com/kryptoslogic/rdppot) RDP honeypot
- [**46**Star][14d] [Kotlin] [dniel/traefik-forward-auth0](https://github.com/dniel/traefik-forward-auth0) A backend for performing forward authentication with Auth0 using the Traefik reverse proxy.
- [**46**Star][3y] [hdm/2017-bsideslv-modern-recon](https://github.com/hdm/2017-BSidesLV-Modern-Recon) Materials related to the 2017 BSides Las Vegas presentation
- [**46**Star][2y] [C] [robotpy/robotpy-crio](https://github.com/robotpy/robotpy-crio) Obsolete. Python 3 port for cRIO for use in the FIRST Robotics Competition (FRC)
- [**46**Star][5m] [C] [intel/qemu-lite](https://github.com/intel/qemu-lite) 
- [**46**Star][2m] [Py] [klsecservices/ios_mips_gdb](https://github.com/klsecservices/ios_mips_gdb) Cisco MIPS debugger
- [**46**Star][1y] [Go] [caarlos0-graveyard/gravekeeper](https://github.com/caarlos0-graveyard/gravekeeper) Informs users that a repo is not maintained anymore.
- [**46**Star][1m] [Java] [flankerhqd/vendor-android-cves](https://github.com/flankerhqd/vendor-android-cves) Collections of my POCs for android vendor CVEs
- [**46**Star][4m] [C] [zhangboyang/pal3patch](https://github.com/zhangboyang/pal3patch) 《仙剑奇侠传三》《仙剑奇侠传三外传·问情篇》分辨率补丁
- [**46**Star][30d] [JS] [yinzhixin/scanner](https://github.com/yinzhixin/scanner) 网站漏洞扫描平台
- [**46**Star][1y] [YARA] [xumeiquer/yara-forensics](https://github.com/xumeiquer/yara-forensics) Set of Yara rules for finding files using magics headers
- [**46**Star][1y] [Go] [xpn/blockchainc2](https://github.com/xpn/blockchainc2) A POC C2 server and agent to explore just if/how the Ethereum blockchain can be used for C2
- [**46**Star][18d] [Assembly] [xkeeper0/smb2](https://github.com/xkeeper0/smb2) Super Mario Bros. 2, discombobulated
- [**46**Star][3m] [Py] [x0day/bannerscan](https://github.com/x0day/bannerscan) 
- [**46**Star][4m] [C] [wuseman/tg799vac-xtreme-17.2-mint](https://github.com/wuseman/tg799vac-xtreme-17.2-mint) My personal unique wiki for hacking the router firmware used by (Telia)TG799vac Xtream v17.2-MINT delivered from Technicolor
- [**46**Star][26d] [C++] [wanttobeno/x64_aob_search](https://github.com/wanttobeno/x64_aob_search) 快速内存搜索算法，商用级别
- [**46**Star][3m] [Shell] [vtky/resign](https://github.com/vtky/resign) XCode Project to resign .ipa files
- [**46**Star][16d] [Swift] [vixentael/zka-example](https://github.com/vixentael/zka-example) Zero Knowledge Application example, iOS, notes sharing, Firebase backend
- [**46**Star][8m] [Py] [v-p-b/kaspy_toolz](https://github.com/v-p-b/kaspy_toolz) 
- [**46**Star][4m] [HTML] [thehackingsage/fluxion](https://github.com/thehackingsage/fluxion) WiFi Cracking Tool (Using Evil Twin Attack) With Some Modification. (Only For Legal Purposes)
- [**46**Star][5y] [C++] [tandasat/remotewritemonitor](https://github.com/tandasat/remotewritemonitor) A tool to help malware analysts tell that the sample is injecting code into other process.
- [**46**Star][4m] [Java] [talentica/wifiindoorpositioning](https://github.com/talentica/wifiindoorpositioning) 
- [**46**Star][5y] [t3kn1cs/infosec-rss-feeds](https://github.com/t3kn1cs/infosec-rss-feeds) Information Security RSS Feeds OMPL format
- [**46**Star][11d] [C] [smh17/bitcoin-hacking-tools](https://github.com/smh17/bitcoin-hacking-tools) The source code of main tools used in Bitcoin "non-malware-based" attacks.
- [**46**Star][17d] [Batchfile] [simplevulnerabilitymanager/svm](https://github.com/simplevulnerabilitymanager/svm) Program to perform vulnerability analysis and automatically generate a report
- [**46**Star][8y] [C] [shjalayeri/mcedp](https://github.com/shjalayeri/mcedp) Malicious Code Execution Detection Prevention (MCEDP) High Interaction Client Honeypot
- [**46**Star][5y] [JS] [shd101wyy/python_reverse_tcp](https://github.com/shd101wyy/python_reverse_tcp) simple reverse tcp backdoor hack
- [**46**Star][4m] [Py] [sh1nu11bi/routerhunter-2.0](https://github.com/sh1nu11bi/routerhunter-2.0) Testing vulnerabilities in devices and routers connected to the Internet.
- [**46**Star][6m] [setuid0-sec/swiss_e-voting_publications](https://github.com/setuid0-sec/swiss_e-voting_publications) Our publications of the Swiss E-Voting Public Intrusion Test (PIT)
- [**46**Star][2y] [Py] [sentenza/gimp-ela](https://github.com/sentenza/gimp-ela) A JPEG Error Level Analysis forensic plugin for the GNU Image Manipulation Program (GIMP)
- [**46**Star][1y] [C] [sensepost/frida-windows-playground](https://github.com/sensepost/frida-windows-playground) A collection of Frida hooks for experimentation on Windows platforms.
- [**46**Star][5m] [securitytube/pcap2xml](https://github.com/securitytube/pcap2xml) Convert 802.11 Packet Traces to XML and SQLITE Format
- [**46**Star][5y] [C++] [rootkitsmm/ms15-061](https://github.com/rootkitsmm/ms15-061) Exploiting MS15-061 local Privilege escalation
- [**46**Star][6m] [Shell] [rokasurbelis/system-security-testing](https://github.com/rokasurbelis/system-security-testing) 
- [**46**Star][7m] [C] [rodionovd/task_vaccine](https://github.com/rodionovd/task_vaccine) Yet another code injection library for OS X
- [**46**Star][2m] [C] [rbaron/fitless](https://github.com/rbaron/fitless) A collection of toy firmwares for the ID115 fitness tracker
- [**46**Star][15d] [Shell] [pyllyukko/harden.sh](https://github.com/pyllyukko/harden.sh) Slackware hardening script
- [**46**Star][1y] [Py] [platypew/digispark-duckduino](https://github.com/platypew/digispark-duckduino) Poor man's rubber ducky
- [**46**Star][3y] [pentestpartners/ptp-rat](https://github.com/pentestpartners/ptp-rat) Exfiltrate data over screen interfaces
- [**46**Star][1m] [TeX] [pclubiitk/puppy-love](https://github.com/pclubiitk/puppy-love) A cryptographically secure couple matching platform with strong guarantees
- [**46**Star][5m] [Go] [oscp/openshift-monitoring](https://github.com/oscp/openshift-monitoring) A realtime distributed monitoring tool for OpenShift Enterprise
- [**46**Star][24d] [oscarakaelvis/game-of-thrones-hacking-ctf](https://github.com/oscarakaelvis/game-of-thrones-hacking-ctf) Game of Thrones hacking CTF (Capture the flag)
- [**46**Star][4m] [JS] [oguzy/ovizart](https://github.com/oguzy/ovizart) Open VİZual Analsis foR network Traffic
- [**46**Star][1m] [Shell] [obscuresec/random](https://github.com/obscuresec/random) Scripts that aren't PowerShell
- [**46**Star][1m] [Java] [narkisr/nmap4j](https://github.com/narkisr/nmap4j) A Java Nmap wrapper
- [**46**Star][1y] [PS] [n3l5/irfartpull](https://github.com/n3l5/irfartpull) PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
- [**46**Star][1y] [Shell] [mzpqnxow/gdb-static-cross](https://github.com/mzpqnxow/gdb-static-cross) Shell scripts, sourceable "activate" scripts and instructions for building a statically linked gdb-7.12 gdbserver using cross-compile toolchains. Includes more than 20 statically linked gdbserver executables for different architectures, byte orders and ABIs
- [**46**Star][25d] [PHP] [mrsqar-ye/wpcrack](https://github.com/mrsqar-ye/wpcrack) wordpress hash cracker .
- [**46**Star][13d] [JS] [morris/vstools](https://github.com/morris/vstools) Toolset for Vagrant Story (2000, Square), written in JavaScript with Three.js
- [**46**Star][3m] [Rust] [moosingin3space/hyproxy](https://github.com/moosingin3space/hyproxy) A reverse proxy built with hyper and tokio.
- [**46**Star][10d] [Dockerfile] [misp/docker-misp](https://github.com/misp/docker-misp) Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
- [**46**Star][3y] [C] [maximehip/mach_portal](https://github.com/maximehip/mach_portal) iOS 10.1.1 Kernel exploit by Project Zero
- [**46**Star][2y] [PS] [markekraus/bettertls](https://github.com/markekraus/bettertls) PowerShell Module to Enable TLS 1.1 and 1.2 for Use in Windows PowerShell Where Neither are Enabled by Default
- [**46**Star][16d] [Shell] [maravento/blackip](https://github.com/maravento/blackip) IPs Blacklist for Ipset/Squid
- [**46**Star][26d] [Lua] [mame82/misc](https://github.com/mame82/misc) 
- [**46**Star][2m] [Batchfile] [maldiohead/idapin](https://github.com/maldiohead/idapin) plugin of ida with pin
- [**46**Star][12d] [Dockerfile] [mablanco/docker-osmedeus](https://github.com/mablanco/docker-osmedeus) Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
- [**46**Star][4m] [Java] [m301/rdroid](https://github.com/m301/rdroid) [Android RAT] Remotely manage your android phone using PHP Interface
- [**46**Star][10m] [ObjC] [logicalparadox/apnagent-ios](https://github.com/logicalparadox/apnagent-ios) iOS application for testing Apple Push Notification (APN) service payloads.
- [**46**Star][4m] [C++] [lianglixin/memdllloader](https://github.com/lianglixin/memdllloader) 加载内存当中的DLL文件
- [**46**Star][4y] [C] [laginimaineb/fuzz_zone](https://github.com/laginimaineb/fuzz_zone) Fuzzing utility which enables sending arbitrary SCMs to TrustZone
- [**46**Star][1m] [Py] [kaorz/exploits_challenges](https://github.com/kaorz/exploits_challenges) Challenges and vulnerabilities exploitation.
- [**46**Star][18d] [Py] [kandru/ts3proxy](https://github.com/kandru/ts3proxy) Teamspeak 3 Server Proxy
- [**46**Star][3y] [C] [jzdziarski/mod_evasive](https://github.com/jzdziarski/mod_evasive) Apache mod_evasive module
- [**46**Star][3m] [C] [junxzm1990/pomp](https://github.com/junxzm1990/pomp) 在 Linux 系统上开发 POMP 系统，分析崩溃后的 artifacts
- [**46**Star][1y] [JS] [jsdelivr/dns-openmix](https://github.com/jsdelivr/dns-openmix) DEPRECATED - jsDelivr's load balancing algorithm
- [**46**Star][30d] [Shell] [jbreed/apkinjector](https://github.com/jbreed/apkinjector) Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.
- [**46**Star][3m] [Go] [iovisor/iovisor-ovn](https://github.com/iovisor/iovisor-ovn) IOVisor OVN integration
- [**46**Star][2y] [Py] [illusivenetworks-labs/historicprocesstree](https://github.com/illusivenetworks-labs/historicprocesstree) An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
- [**46**Star][2m] [Py] [ihaveamac/switchfs](https://github.com/ihaveamac/switchfs) FUSE (Filesystem in Userspace) scripts for Nintendo Switch files
- [**46**Star][12m] [Py] [hucmosin/purelove](https://github.com/hucmosin/purelove) Purelove is a lightweight penetration testing framework, in order to better security testers testing holes with use.
- [**46**Star][2m] [Ruby] [hammackj/uirusu](https://github.com/hammackj/uirusu) A rubygem for interacting with Virustotal.com's public API v2
- [**46**Star][7m] [C++] [gzorin/rsxgl](https://github.com/gzorin/rsxgl) Hardware accelerated 3D graphics library for the PS3.
- [**46**Star][16d] [Dockerfile] [gradiuscypher/grids](https://github.com/gradiuscypher/grids) My network monitoring solution and tools that go along with it.
- [**46**Star][2y] [Haskell] [giovanifss/dumb](https://github.com/giovanifss/dumb) Dumain Bruteforcer - a fast and flexible domain bruteforcer
- [**46**Star][1m] [Py] [giantbranch/gray-hat-python-src](https://github.com/giantbranch/gray-hat-python-src) python灰帽子--黑客与逆向工程师的Python编程之道的课本各章源码，我实验的程序等
- [**46**Star][3y] [gdssecurity/whitepapers](https://github.com/gdssecurity/whitepapers) A collection of publicly released whitepapers
- [**46**Star][1m] [C] [gdbinit/gimmedebugah](https://github.com/gdbinit/gimmedebugah) A small utility to inject a Info.plist into binaries.
- [**46**Star][1m] [C] [gdbinit/gdb-ng](https://github.com/gdbinit/gdb-ng) Apple's gdb fork with some fixes and enhancements
- [**46**Star][2m] [Py] [gcmartinelli/entropy](https://github.com/gcmartinelli/entropy) Binary file entropy visualizer written in Python
- [**46**Star][3y] [Py] [g4lb1t/smoothcriminal](https://github.com/g4lb1t/smoothcriminal) Detect sandbox by cursor movement speed
- [**46**Star][6y] [Ruby] [fingertips/wad](https://github.com/fingertips/wad) WAD is a little script that speeds up test runs on Travis-CI by caching the installed bundle on S3.
- [**46**Star][8m] [Py] [erevus-cn/scan_webshell](https://github.com/erevus-cn/scan_webshell) 很简单的webshell扫描
- [**46**Star][1m] [Shell] [elithrar/dotfiles](https://github.com/elithrar/dotfiles) dotfiles for my macOS & Linux environments
- [**46**Star][4m] [Shell] [dominikstyp/auto-reaver](https://github.com/dominikstyp/auto-reaver) Auto Reaver - multiple access point attack using Reaver
- [**46**Star][21d] [C] [dnsdb/dnsdbq](https://github.com/dnsdb/dnsdbq) DNSDB API Client, C Version
- [**46**Star][5m] [C++] [diocles/apt-transport-tor](https://github.com/diocles/apt-transport-tor) Tor support for apt
- [**46**Star][4m] [PHP] [davidtavarez/pinky](https://github.com/davidtavarez/pinky) pinky - The PHP mini RAT (Remote Administration Tool)
- [**46**Star][4m] [JS] [davidstutz/password-score](https://github.com/davidstutz/password-score) Password scoring library written in Javascript.
- [**46**Star][4m] [Py] [daddycocoaman/ironpentest](https://github.com/daddycocoaman/ironpentest) Collection of IronPython scripts and executables for penetration testing
- [**46**Star][5m] [Py] [d4-project/ipasn-history](https://github.com/d4-project/ipasn-history) IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date
- [**46**Star][7y] [JS] [cyberpython/wifiscanandmap](https://github.com/cyberpython/wifiscanandmap) A Linux Python application to create maps of 802.11 networks
- [**46**Star][3y] [Py] [coolervoid/vision2](https://github.com/coolervoid/vision2) Nmap's XML result parse and NVD's CPE correlation to search CVE.
- [**46**Star][4m] [Py] [contrast-security-oss/djangoat](https://github.com/contrast-security-oss/djangoat) Python and Django implementation of the OWASP RailsGoat project
- [**46**Star][3m] [Py] [coalfire-research/vampire](https://github.com/coalfire-research/vampire) Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
- [**46**Star][10m] [Lua] [charlemaznable/lua-resty-wechat](https://github.com/charlemaznable/lua-resty-wechat) 使用Lua编写的nginx服务器微信公众平台代理.
- [**46**Star][7y] [Py] [carlosgprado/milf](https://github.com/carlosgprado/milf) An IDA Pro swiss army knife 
    - [milf](https://github.com/carlosgprado/MILF/blob/master/milf.py) Some useful methods in vulnerability discovery
- [**46**Star][2y] [Py] [br3akp0int/gqlparser](https://github.com/br3akp0int/gqlparser) A repository for GraphQL Extension for Burp Suite
- [**46**Star][13d] [Py] [bonelee/dns_tunnel_dectect_with_cnn](https://github.com/bonelee/dns_tunnel_dectect_with_cnn) dns tunnel dectect with CNN
- [**46**Star][2m] [C] [bazad/xpc-string-leak](https://github.com/bazad/xpc-string-leak) CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.
- [**46**Star][3m] [C] [bazad/launchd-portrep](https://github.com/bazad/launchd-portrep) macOS 10.13.5 Mach端口替换漏洞, 可导致提权和SIP绕过(CVE-2018-4280)
- [**46**Star][2y] [C] [bartblaze/matire](https://github.com/bartblaze/matire) Malware Analysis, Threat Intelligence and Reverse Engineering: LABS
- [**46**Star][5m] [PS] [automatedlab/automatedlab.common](https://github.com/automatedlab/automatedlab.common) PowerShell module for daily administrative tasks and general helper functions
- [**46**Star][1m] [JS] [auth0-blog/aliens-go-home-part-1](https://github.com/auth0-blog/aliens-go-home-part-1) GitHub repository that accompanies the first article of the "Developing Games with React, Redux, and SVG" series.
- [**46**Star][1m] [C] [ashishraste/minifirewall](https://github.com/ashishraste/minifirewall) A simple packet filtering firewall for Linux
- [**46**Star][25d] [JS] [ascendr/spectre-chrome](https://github.com/ascendr/spectre-chrome) Spectre JS PoC for Chrome
- [**46**Star][16d] [CSS] [appsecco/practical-recon-levelup0x02](https://github.com/appsecco/practical-recon-levelup0x02) This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd LevelUp 0x02 virtual conference
- [**46**Star][2y] [ActionScript] [appsecco/json-flash-csrf-poc](https://github.com/appsecco/json-flash-csrf-poc) This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
- [**46**Star][20d] [Py] [andreafioraldi/angrdbg](https://github.com/andreafioraldi/angrdbg) Abstract library to generate angr states from a debugger state
- [**46**Star][2m] [Py] [aencode/elf_analysis](https://github.com/aencode/elf_analysis) Perform Static and dynamic analysis on 32 bit ELF binary, and automate the process of stack based overflow exploitation.
- [**46**Star][4y] [C++] [55-aa/cve-2016-3308](https://github.com/55-aa/cve-2016-3308) Use CVE-2016-3308 corrupt win32k desktop heap
- [**46**Star][5m] [Pascal] [0x48piraj/malwarex](https://github.com/0x48piraj/malwarex) Collection of killers
- [**45**Star][11d] [Groovy] [r3dy/capsulecorp-pentest](https://github.com/r3dy/capsulecorp-pentest) Vagrant VirtualBox environment for conducting an internal network penetration test
- [**45**Star][1y] [Java] [hclproducts/altoroj](https://github.com/hclproducts/altoroj) WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
- [**45**Star][10d] [Py] [my8100/logparser](https://github.com/my8100/logparser) A tool for parsing Scrapy log files periodically and incrementally, extending the HTTP JSON API of Scrapyd.
- [**45**Star][7m] [Go] [alash3al/scrapyd-go](https://github.com/alash3al/scrapyd-go) a simple & tiny scrapy clustering solution, considered a drop-in replacement for scrapyd
- [**45**Star][3m] [Py] [lki/wescraper](https://github.com/lki/wescraper) 依赖Scrapy和搜狗搜索微信公众号文章
- [**45**Star][3y] [C#] [alekseynemiro/nemiro.oauth.dll](https://github.com/alekseynemiro/nemiro.oauth.dll) Nemiro.OAuth is a class library for authorization via OAuth protocol in .NET Framework
- [**45**Star][1m] [JS] [my0419/myvpn-desktop](https://github.com/my0419/myvpn-desktop) Desktop application for creating a personal VPN server. L2TP, PPTP, OpenVPN, WireGuard. | Providers: DigitalOcean, Linode, CryptoServers, Hetzner Cloud
- [**45**Star][11d] [Go] [bttown/torrent-spider](https://github.com/bttown/torrent-spider) 基于DHT的p2p网络资源爬虫
- [**45**Star][7d] [TS] [egoist/virtual-module](https://github.com/egoist/virtual-module) Run code in sandbox with in-memory module resolution
- [**45**Star][4m] [Java] [motikan2010/cve-2020-5398](https://github.com/motikan2010/cve-2020-5398) CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC
- [**45**Star][1m] [Java] [androguide/dsploit](https://github.com/androguide/dsploit) dSploit - The most complete and advanced IT security professional toolkit on Android.
- [**45**Star][13d] [Dart] [gyrdym/ml_algo](https://github.com/gyrdym/ml_algo) Machine learning algorithms with dart
- [**45**Star][23d] [Py] [nish1001/medium-crawler](https://github.com/nish1001/medium-crawler) A crawler for scraping posts from medium.com
- [**45**Star][2m] [Jupyter Notebook] [amirziai/learning](https://github.com/amirziai/learning) Walkthrough notebooks for Deep Learning, Machine Learning, Reinforcement Learning, Spark, Statistics, Algorithms, Scala, Python
- [**45**Star][2m] [Py] [arlieu/interview-guide](https://github.com/arlieu/interview-guide) Coding/technical interview guide: data structures, algorithms, complexity analyses, interview questions
- [**45**Star][1m] [ObjC] [manofit/gjlightbluetooth](https://github.com/manofit/gjlightbluetooth) 自己封装的基于CoreBluetooth的蓝牙开发库，内附CoreBluetooth使用demo。数据传递基本上使用Block，还使用了Runtime等技术。
- [**45**Star][1m] [C] [jmpews/evilelf](https://github.com/jmpews/evilelf) Malicious use of ELF such as .so inject, func hook and so on.
- [**45**Star][13d] [PHP] [awssat/laravel-blade-audit](https://github.com/awssat/laravel-blade-audit) 
- [**45**Star][10d] [Java] [hakky54/mutual-tls-ssl](https://github.com/hakky54/mutual-tls-ssl) Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient,…
- [**45**Star][17d] [Shell] [binhex/arch-qbittorrentvpn](https://github.com/binhex/arch-qbittorrentvpn) Docker build script for Arch Linux base with qBittorrent, Privoxy and OpenVPN
- [**45**Star][27d] [Py] [arch4ngel/parsuite](https://github.com/arch4ngel/parsuite) Simple parser framework.
- [**45**Star][2m] [Lua] [hackertarget/nmap-nse-scripts](https://github.com/hackertarget/nmap-nse-scripts) Nmap NSE scripts that have been customised or created
- [**45**Star][1m] [HTML] [zkeeer/shadowsocks-manager](https://github.com/zkeeer/shadowsocks-manager) shadowsocks多用户管理，可视化管理，轻量级，一键安装shadowsocks和ssadmin，控制端口流量/速度，查看端口状态，修改ss配置
- [**45**Star][22d] [JS] [sterlingbutters/ip-kvm-interface](https://github.com/sterlingbutters/ip-kvm-interface) DIY IP-KVM for Remote Desktop Access
- [**45**Star][7m] [C#] [uknowsec/sharpcheckinfo](https://github.com/uknowsec/sharpcheckinfo) 收集目标主机信息，包括最近打开文件，系统环境变量和回收站文件等等
- [**45**Star][16d] [PS] [hackplayers/reverseshell](https://github.com/hackplayers/reverseshell) A simple PowerShell script that we can use for easing the process of creating a reverse shell and automating Meterpreter update
- [**45**Star][17d] [C] [intel/mptcpd](https://github.com/intel/mptcpd) The Multipath TCP Daemon - mptcpd - is a daemon for Linux based operating systems that performs multipath TCP path management related operations in the user space. It interacts with the Linux kernel through a generic netlink connection to track per-connection information (e.g. available remote addresses), available network interfaces, request ne…
- [**45**Star][2m] [JS] [zneak/jsx](https://github.com/zneak/jsx) A Playstation 1 emulator written in Javascript
- [**45**Star][13d] [C] [awslabs/aws-c-io](https://github.com/awslabs/aws-c-io) This is a module for the AWS SDK for C. It handles all IO and TLS work for application protocols.
- [**45**Star][11d] [Go] [qihoo360/influx-proxy](https://github.com/qihoo360/influx-proxy) influxdb HA
- [**45**Star][1m] [Py] [cisco-talos/covnavi](https://github.com/cisco-talos/covnavi) 
- [**45**Star][3m] [ObjC] [project-imas/passcode-check](https://github.com/project-imas/passcode-check) iMAS pascode-check, set passcode config profiles and check for conformance
- [**45**Star][21d] [Py] [vdoo-connected-trust/ghidra-pyi-generator](https://github.com/vdoo-connected-trust/ghidra-pyi-generator) Generates `.pyi` type stubs for the entire Ghidra API
- [**45**Star][4m] [Py] [jmagnusson/bgtunnel](https://github.com/jmagnusson/bgtunnel) Initiate SSH tunnels in the background in python
- [**45**Star][12d] [jaeles-project/jaeles-signatures](https://github.com/jaeles-project/jaeles-signatures) Default signature for Jaeles Scanner
- [**45**Star][18d] [SourcePawn] [splewis/csgo-executes](https://github.com/splewis/csgo-executes) CS:GO SourceMod plugin for a site-execute practice gamemode
- [**45**Star][1m] [Py] [twtrubiks/csrf-tutorial](https://github.com/twtrubiks/csrf-tutorial) Use Django To Introduce CSRF and Cookies , Session
- [**45**Star][2m] [Java] [scalesec/vulnado](https://github.com/scalesec/vulnado) Purposely vulnerable Java application to help lead secure coding workshops
- [**45**Star][5y] [Py] [nims11/hostapd.py](https://github.com/nims11/hostapd.py) Python script to make using and configuring hostapd easier
- [**45**Star][5m] [C++] [gdabah/win32k-bugs](https://github.com/gdabah/win32k-bugs) Dump of win32k POCs for bugs I've found
- [**45**Star][1m] [JS] [developmint/vue-if-bot](https://github.com/developmint/vue-if-bot) Hide stuff from bots (especially cookie consents)
- [**45**Star][22d] [vysecurity/cobaltsplunk](https://github.com/vysecurity/CobaltSplunk) Splunk Dashboard for CobaltStrike logs
- [**45**Star][18d] [Py] [eteissonniere/elidecode](https://github.com/ETeissonniere/EliDecode) The tool to decode obfuscated shellcodes using the unicorn and capstone engine
- [**45**Star][15d] [Go] [controlplaneio/kubesec-webhook](https://github.com/controlplaneio/kubesec-webhook) Security risk analysis for Kubernetes resources
- [**45**Star][15d] [Py] [cr0n1c/dlink_shell_poc](https://github.com/Cr0n1c/dlink_shell_poc) Dlink 615/815 shell PoC
- [**45**Star][8m] [Py] [zynamics/msdn-plugin-ida](https://github.com/zynamics/msdn-plugin-ida) Imports MSDN documentation into IDA Pro
- [**45**Star][4m] [C] [zouxianyu/physicalmemoryrw](https://github.com/zouxianyu/physicalmemoryrw) the basic version of the ring0 physical memory read/write tool
- [**45**Star][14d] [Py] [zedshaw/zadm4py](https://github.com/zedshaw/zadm4py) Zed's Awesome Debug Macros for Python
- [**45**Star][5m] [ywdblog/httpsbook](https://github.com/ywdblog/httpsbook) 《深入浅出HTTPS：从原理到实战》代码示例、勘误、反馈、讨论
- [**45**Star][4y] [yeahwu/google-ip-range](https://github.com/yeahwu/google-ip-range) 一个超大的 Google 全球 IP 扫描范围库
- [**45**Star][1m] [Py] [xme/mime2vt](https://github.com/xme/mime2vt) Unpack MIME attachments from a file and check them against virustotal.com
- [**45**Star][4m] [C] [wongsyrone/transocks-wong](https://github.com/wongsyrone/transocks-wong) A redsocks-like transparent IPv4/IPv6 TCP-to-SOCKS5 redirector (for Linux only)
- [**45**Star][29d] [Py] [wizh/rop-chainer](https://github.com/wizh/rop-chainer) static program analysis tool that generates return-oriented exploits for ELF binaries
- [**45**Star][2m] [Perl] [wireghoul/lbmap](https://github.com/wireghoul/lbmap) Advanced HTTP fingerprinting PoC
- [**45**Star][3y] [Py] [williballenthin/python-ntfs](https://github.com/williballenthin/python-ntfs) Open source Python library for NTFS analysis
- [**45**Star][10d] [Rust] [whitfin/s3-meta](https://github.com/whitfin/s3-meta) Gather metadata about your S3 buckets
- [**45**Star][6m] [C] [wangyinuo/fixelfsection](https://github.com/wangyinuo/fixelfsection) 
- [**45**Star][10m] [C#] [userr00t/universalunityhooks](https://github.com/userr00t/universalunityhooks) A framework designed to hook into and modify methods in unity games via dlls
- [**45**Star][2y] [Py] [unkl4b/gitbackdorizer](https://github.com/unkl4b/gitbackdorizer) GitBackdorizer (bad name, I know!) Is a proof of concept from Ulisses Castro's talk - 50 ton of backdoors (
- [**45**Star][5y] [Py] [thomaspatzke/poodleattack](https://github.com/thomaspatzke/poodleattack) PoC implementation of the POODLE attack
- [**45**Star][2m] [HTML] [theori-io/jscript9-typedarray](https://github.com/theori-io/jscript9-typedarray) Proof-of-Concept exploit for jscript9 bug (MS16-063)
- [**45**Star][4m] [HTML] [terjanq/flag-capture](https://github.com/terjanq/flag-capture) Solutions and write-ups from security-based competitions also known as Capture The Flag competition
- [**45**Star][8m] [Py] [stasinopoulos/ztexploit](https://github.com/stasinopoulos/ztexploit) ZTE ZXV10 H108L Router with <= V1.0.01_WIND_A01 - Remote root RCE Exploit
- [**45**Star][1y] [Perl] [spiderlabs/modsecurity-apache](https://github.com/spiderlabs/modsecurity-apache) ModSecurity v3 Apache Connector
- [**45**Star][2m] [JS] [sofish/imagexss.js](https://github.com/sofish/imagexss.js) 防止外部链接通过图片进行 XSS 攻击
- [**45**Star][17d] [ApacheConf] [smikims/arpspoof](https://github.com/smikims/arpspoof) Performs an ARP spoofing attack using the Linux kernel's raw sockets
- [**45**Star][4m] [Py] [sinfulz/justtryharder](https://github.com/sinfulz/justtryharder) JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
- [**45**Star][4m] [C] [simonwunderlich/fft_eval](https://github.com/simonwunderlich/fft_eval) FFT evaluation
- [**45**Star][4m] [Py] [sh3llcod3/airscript-ng](https://github.com/sh3llcod3/airscript-ng) A python script to simplify the process of auditing wireless networks.
- [**45**Star][1m] [JS] [sensepost/wsproxy](https://github.com/sensepost/wsproxy) A websocket proxy
- [**45**Star][2m] [C++] [scen/ionlib](https://github.com/scen/ionlib) c++11 reverse engineering library. bootstraps common tasks in game hacking and reverse engineering
- [**45**Star][1m] [Shell] [rordi/docker-antivirus](https://github.com/rordi/docker-antivirus) Docker antivirus & malware scanning (antivirus as a microservice / antivirus as a container)
- [**45**Star][11m] [Ruby] [rootup/autosploit](https://github.com/rootup/autosploit) Autosploit = Automating Metasploit Modules.
- [**45**Star][13d] [Makefile] [revng/orchestra](https://github.com/revng/orchestra) Helper repository to easily build all the rev.ng components
- [**45**Star][2m] [Py] [rapid7/vm-automation](https://github.com/rapid7/vm-automation) Created to simplify interactions with virtual machines
- [**45**Star][6y] [JS] [rapid7/dllhijackauditkit](https://github.com/rapid7/dllhijackauditkit) This toolkit detects applications vulnerable to DLL hijacking (released in 2010)
- [**45**Star][2y] [Shell] [qiang-yu/shadowsocksvpn-openwrt](https://github.com/qiang-yu/shadowsocksvpn-openwrt) Shadowsocks-libev-full for OpenWrt
- [**45**Star][5m] [Rust] [ps1dr3x/lachesis](https://github.com/ps1dr3x/lachesis) 
- [**45**Star][2m] [Shell] [philcryer/wpa2own](https://github.com/philcryer/wpa2own) Use hashcat to crack WPA2 PSK (Pre-Shared Key) passwords!
- [**45**Star][16d] [Py] [ph4r05/kismet-deauth-wpa2-handshake-plugin](https://github.com/ph4r05/kismet-deauth-wpa2-handshake-plugin) Python plugin for Kismet to perform deauthentication to collect WPA2 handshakes
- [**45**Star][2m] [Lua] [hackertarget/nmap-nse-scripts](https://github.com/hackertarget/nmap-nse-scripts) Nmap NSE scripts that have been customised or created
- [**45**Star][4m] [pentestmonkey/timing-attack-checker](https://github.com/pentestmonkey/timing-attack-checker) Tool to help identify timing attacks
- [**45**Star][8m] [orangetw/bug-bounty-reference](https://github.com/orangetw/bug-bounty-reference) Inspired by
- [**45**Star][9m] [C] [operationnt414c/shellsecbat](https://github.com/operationnt414c/shellsecbat) Henkaku plugin which displays seconds and battery percent in status bar
- [**45**Star][5m] [ole00/zd-20u](https://github.com/ole00/zd-20u) Alternative firmware for USB powered soldering iron ZD-20U.
- [**45**Star][5m] [C#] [nyan-x-cat/lime-downloader](https://github.com/nyan-x-cat/lime-downloader) Simple Malware Downloader
- [**45**Star][1m] [Py] [ntddk/virustream](https://github.com/ntddk/virustream) A script to track malware IOCs with OSINT on Twitter.
- [**45**Star][2m] [C] [noahhhryan/krackattacks-test](https://github.com/noahhhryan/krackattacks-test) 
- [**45**Star][4y] [C] [nextsecurity/gozi-mbr-rootkit](https://github.com/nextsecurity/gozi-mbr-rootkit) Gozi-MBR-rootkit Bootkit Modified
- [**45**Star][2m] [Py] [neverlovelynn/chrome_headless_xss](https://github.com/neverlovelynn/chrome_headless_xss) A plugin to check xss by using chrome_headless
- [**45**Star][4y] [C#] [nccgroup/ransomware-simulator](https://github.com/nccgroup/ransomware-simulator) NCC Group Ransomware Simulator
- [**45**Star][7y] [Perl] [nccgroup/ip-reputation-snort-rule-generator](https://github.com/nccgroup/ip-reputation-snort-rule-generator) A tool to generate Snort rules based on public IP reputation data
- [**45**Star][3m] [HTML] [mrluanma/shadowsocks-websocket-python](https://github.com/mrluanma/shadowsocks-websocket-python) shadowsocks over WebSocket, support Heroku.
- [**45**Star][1m] [Java] [miracle963/zjdroid](https://github.com/miracle963/zjdroid) 基于Xposed Framewrok的动态逆向分析模块
- [**45**Star][5m] [Py] [milo2012/nmap2nessus](https://github.com/milo2012/nmap2nessus) 
- [**45**Star][4m] [Java] [maxieds/chameleonminilivedebugger](https://github.com/maxieds/chameleonminilivedebugger) User-friendly GUI for the Chameleon Mini. Android app that connects to the ChameleonMini via USB and displays the live NFC frame logging stats output by the device. This app is much more convenient than having a terminal connection on a large-ish laptop for reconnaissance purposes.
- [**45**Star][14d] [Shell] [masterbutcher/kali-cleaner](https://github.com/masterbutcher/kali-cleaner) Little cleaner script for Kali linux.Clean apt cache,Removing old config files,Removing old kernels,Emptying every trashes.
- [**45**Star][4m] [Assembly] [martinvelez/w32evol](https://github.com/martinvelez/w32evol) An obfuscation engine which obfuscates Intel x86 32-bit binary code.
- [**45**Star][2y] [Py] [l4ys/idasignsrch](https://github.com/l4ys/idasignsrch) IDAPython Plugin for searching signatures, use xml signature database from IDA_Signsrch
- [**45**Star][5y] [Py] [kyrus/ida-translator](https://github.com/kyrus/ida-translator) A plugin for IDA Pro that assists in decoding arbitrary character sets in an IDA Pro database into Unicode, then automatically invoking a web-based translation service (currently Google Translate) to translate that foreign text into English.
- [**45**Star][5y] [joshbegley/nsa-stories](https://github.com/joshbegley/nsa-stories) Every document published from the Snowden archive
- [**45**Star][2m] [Go] [johnsonz/go-checkiptools](https://github.com/johnsonz/go-checkiptools) A go application to scan google ip.
- [**45**Star][1m] [Py] [johndoe31415/joeecc](https://github.com/johndoe31415/joeecc) Elliptic Curve Cryptography playground/toolkit written in pure Python
- [**45**Star][1y] [Go] [joanbono/gurp](https://github.com/joanbono/gurp) Burp Commander written in Go
- [**45**Star][4m] [C#] [jnqpblc/sharptask](https://github.com/jnqpblc/sharptask) SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.
- [**45**Star][6m] [Dockerfile] [jmg87/redteam-k8spwn](https://github.com/jmg87/redteam-k8spwn) Reverse shell container for k8s deployments
- [**45**Star][5m] [C#] [jacobmisirian/dbltekgoippwn](https://github.com/jacobmisirian/dbltekgoippwn) Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, send SMS messages from the system, execute remote commands botnet style, and generate responses to challenges.
- [**45**Star][2m] [C++] [iricartb/buffer-overflow-vulnerability-services-tester-tool](https://github.com/iricartb/buffer-overflow-vulnerability-services-tester-tool) Ivan Ricart Borges - Program to detect the existence of remote/local stack-based buffer-overflow vulnerabilities using the standard communication protocol for each service.
- [**45**Star][4m] [C#] [im0qianqian/codeforceseduhacking](https://github.com/im0qianqian/codeforceseduhacking) 
- [**45**Star][5y] [Java] [ikkisoft/parrotng](https://github.com/ikkisoft/parrotng) ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461
- [**45**Star][6y] [C++] [igororlov/trafficlight](https://github.com/igororlov/trafficlight) Detection of traffic lights and driving on red light.
- [**45**Star][3m] [C] [horsicq/pex64dbg](https://github.com/horsicq/pex64dbg) pe viewer
- [**45**Star][4y] [PS] [harmj0y/encryptedstore](https://github.com/harmj0y/encryptedstore) Offensive Data Storage
- [**45**Star][4m] [PS] [hackplayers/pscabesha-tools](https://github.com/hackplayers/pscabesha-tools) Powershell crazy and sometimes diabolic scripts
- [**45**Star][11d] [C#] [greycorbel/admpwd](https://github.com/greycorbel/admpwd) AdmPwd project
- [**45**Star][3m] [Py] [gregversteeg/gaussianize](https://github.com/gregversteeg/gaussianize) Transforms univariate data into normally distributed data
- [**45**Star][2y] [Py] [grayddq/pubilcassetinfo](https://github.com/grayddq/pubilcassetinfo) 以甲方安全人员的视角，尽可能收集发现企业的域名和服务器公网IP资产
- [**45**Star][12m] [PS] [golem445/bunny_payloads](https://github.com/golem445/bunny_payloads) Bash Bunny fun!
- [**45**Star][4m] [Py] [gojek/dollhouse](https://github.com/gojek/dollhouse) 
- [**45**Star][6m] [C] [geosn0w/ios-10.1.1-project-0-exploit-fork](https://github.com/geosn0w/ios-10.1.1-project-0-exploit-fork) iOS 10.1.1 Project 0 Exploit Compatible with All arm64 devices for Jailbreak Development
- [**45**Star][4y] [TeX] [gannimo/maldiv](https://github.com/gannimo/maldiv) Malware diversity
- [**45**Star][3m] [Ruby] [gabamnml/hoper](https://github.com/gabamnml/hoper) Security tool to trace URL's jumps across the rel links to obtain the last URL
- [**45**Star][2y] [Py] [fvrmatteo/dmnp](https://github.com/fvrmatteo/dmnp) Resources of the "Dissecting mobile native code packers. A case study." Zimperium's blogpost.
- [**45**Star][3m] [Matlab] [flyers/drone-tracking](https://github.com/flyers/drone-tracking) DTB70 -- A Drone Tracking Benchmark
- [**45**Star][1m] [C++] [flankerhqd/mediacodecoob](https://github.com/flankerhqd/mediacodecoob) Infoleak and PC control poc for CVE-2015-6620 (24445127), I'll add after conference
- [**45**Star][11d] [Ruby] [fishermansenemy/bucket_finder](https://github.com/fishermansenemy/bucket_finder) Amazon bucket brute force tool
- [**45**Star][4y] [Py] [fabiobaroni/was](https://github.com/fabiobaroni/was) Automatic USB drive malware scanning tool for the security-minded person
- [**45**Star][2y] [c] [f0rb1dd3n/papers](https://github.com/f0rb1dd3n/papers) Some papers and talks that I have done
- [**45**Star][3y] [Py] [evi1clay/coolpool](https://github.com/evi1clay/coolpool) 仓库已经废弃，新仓库地址
- [**45**Star][5y] [Py] [equ1nox/srop-poc](https://github.com/equ1nox/srop-poc) 
- [**45**Star][3m] [Go] [dsopas/h1-search](https://github.com/dsopas/h1-search) Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
- [**45**Star][2y] [Py] [dhn/osce](https://github.com/dhn/osce) Some exploits, which I’ve created during my OSCE preparation.
- [**45**Star][10m] [JS] [dermike/physical-web-scan-app](https://github.com/dermike/physical-web-scan-app) Mac OSX desktop client app to scan for Physical Web (Eddystone) bluetooth beacons
- [**45**Star][2y] [C++] [coltonon/reghookex](https://github.com/coltonon/reghookex) External mid-function hooking method to retrieve register data
- [**45**Star][3y] [codemaxx/binary-exploitation](https://github.com/codemaxx/binary-exploitation) Good to know, easy to forget information about binaries and their exploitation!
- [**45**Star][4m] [C] [changeofpace/force-page-protection](https://github.com/changeofpace/force-page-protection) This x64dbg plugin sets the page protection for memory mapped views in scenarios which cause NtProtectVirtualMemory to fail.
- [**45**Star][7m] [Py] [cdhigh/forwarder](https://github.com/cdhigh/forwarder) 简单的HTTP请求转发服务器，配合KIndleEar翻入墙内或绕过部分网站对GAE的IP地址的封锁。灵感来自
- [**45**Star][1m] [Py] [ccapton/brook-ok](https://github.com/ccapton/brook-ok) brook程序服务端配置程序，一键搭建brook / Shadowsocks / Socks5服务用于科学上网
- [**45**Star][6m] [Go] [c-bata/systracer](https://github.com/c-bata/systracer) Yet another system call tracer written in Go.
- [**45**Star][1y] [bugbountyresources/resources](https://github.com/bugbountyresources/resources) A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Watch and Star this repo for all latest guides, tools, methodology, platforms tips, and tricks curated by us.
- [**45**Star][3m] [Py] [binaryanalysisplatform/bap-tutorial](https://github.com/binaryanalysisplatform/bap-tutorial) The BAP tutorial
- [**45**Star][9m] [Py] [bieberg0n/bjdns](https://github.com/bieberg0n/bjdns) A dns server which can protect yourself against DNS poisoning in China. / 抗污染 带缓存的dns服务器
- [**45**Star][25d] [Py] [bayotop/sink-logger](https://github.com/bayotop/sink-logger) Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
- [**45**Star][1m] [Ruby] [b1ack0wl/linux_mint_poc](https://github.com/b1ack0wl/linux_mint_poc) 
- [**45**Star][2m] [Py] [anvilventures/dawgmon](https://github.com/anvilventures/dawgmon) dawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software
- [**45**Star][2m] [TS] [ajaysinghj8/osham](https://github.com/ajaysinghj8/osham) A Configurable Proxy + Cache Server.
- [**45**Star][14d] [Py] [agrawalsmart7/autorecon](https://github.com/agrawalsmart7/autorecon) 自动化渗透初期的一些手动工作，是我们可专注于主要目标
- [**45**Star][5m] [HTML] [advanced-threat-research/iocs](https://github.com/advanced-threat-research/iocs) Repository containing IOCs, CSV and MISP JSON from our blogs
- [**45**Star][3m] [Shell] [adityashrm21/raspberrypi-packet-sniffer](https://github.com/adityashrm21/raspberrypi-packet-sniffer) An HTTP and HTTPS sniffing tool created using a Raspberry Pi
- [**45**Star][4m] [Py] [4n4nk3/tinkerershell](https://github.com/4n4nk3/tinkerershell) A simple python reverse shell written just for fun.
- [**45**Star][11d] [C++] [0xeb/ida-climacros](https://github.com/0xeb/ida-climacros) Create and use macros in IDA's CLIs
- [**45**Star][3m] [Py] [0x4d31/honeyku](https://github.com/0x4d31/honeyku) A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
- [**45**Star][11d] [Py] [0vercl0k/pywinhv](https://github.com/0vercl0k/pywinhv) Python bindings for the Microsoft Hypervisor Platform APIs.
- [**44**Star][29d] [Assembly] [grompe/kbdasm](https://github.com/grompe/kbdasm) Assembler/disassembler of Windows keyboard layouts in flat assembler
- [**44**Star][25d] [C] [l1nuxdotfun/spacehook](https://github.com/l1nuxdotfun/spacehook) minecraft premium undeteck cheat!
- [**44**Star][26d] [snyk/exploit-workshop](https://github.com/snyk/exploit-workshop) A step by step workshop to exploit various vulnerabilities in Node.js and Java applications
- [**44**Star][3m] [Py] [saferman/cve-2020-7471](https://github.com/saferman/cve-2020-7471) django 漏洞：CVE-2020-7471 Potential SQL injection via StringAgg(delimiter) 的漏洞环境和 POC
- [**44**Star][2m] [Shell] [rexim/qemu-android-x86-runner](https://github.com/rexim/qemu-android-x86-runner) Quick Start on How to Run Android x86 in QEMU
- [**44**Star][2y] [Py] [vicety/pixiv-crawler](https://github.com/vicety/pixiv-crawler) Scrapy框架下的pixiv多功能爬虫
- [**44**Star][12d] [JS] [xujingguo58/tinysearchengine](https://github.com/xujingguo58/tinysearchengine) 基于vue前端框架/scrapy爬虫框架/结巴分词实现的小型搜索引擎
- [**44**Star][3m] [HTML] [brandonprry/yaml-fuzz](https://github.com/brandonprry/yaml-fuzz) A generated corpus, seed, and target for a fuzz job
- [**44**Star][2m] [Py] [ledger-donjon/rainbow](https://github.com/ledger-donjon/rainbow) Makes Unicorn traces. Generic Side-Channel and Fault Injection simulator
- [**44**Star][4m] [Py] [offsecginger/pythonaesobfuscate](https://github.com/offsecginger/pythonaesobfuscate) Obfuscates a Python Script and the accompanying Shellcode.
- [**44**Star][19d] [Py] [stufus/egresscheck-framework](https://github.com/stufus/egresscheck-framework) Used to check for TCP and UDP egress filtering on both windows and unix client systems
- [**44**Star][2m] [jas502n/fastjson-rce](https://github.com/jas502n/fastjson-rce) fastjson-1.2.47
- [**44**Star][5m] [C#] [nickbabcock/farmhash.sharp](https://github.com/nickbabcock/farmhash.sharp) Port of Google's farmhash algorithm to .NET
- [**44**Star][1m] [Py] [icsec/pydot11](https://github.com/icsec/pydot11) Encrypt and Decrypt 802.11 on-the-fly
- [**44**Star][1m] [Shell] [cardi/qemu-windows-10](https://github.com/cardi/qemu-windows-10) running a windows 10 guest on a linux host with pci passthrough
- [**44**Star][12d] [C++] [thingsboard/thingsboard-arduino-mqtt-sdk](https://github.com/thingsboard/thingsboard-arduino-mqtt-sdk) Arduino libarary to connect with ThingsBoard IoT Platform
- [**44**Star][19d] [JS] [legend80s/commit-msg-linter](https://github.com/legend80s/commit-msg-linter) git commit message linter hook
- [**44**Star][8d] [Py] [pinto0309/tensorflowlite-bin](https://github.com/pinto0309/tensorflowlite-bin) Prebuilt binary for TensorflowLite's standalone installer. Fast tuning with MultiTread. For RaspberryPi. A very lightweight installer.
- [**44**Star][8d] [C++] [whitefield-framework/whitefield](https://github.com/whitefield-framework/whitefield) Whitefield provides a simulation environment for wireless sensor networks by combining RF simulation provided by NS3 and network stack provided by popular IoT OSes such as Contiki/RIOT/OpenThread.
- [**44**Star][8d] [PHP] [iinc0gnit0/blackphish](https://github.com/iinc0gnit0/blackphish) 
- [**44**Star][10d] [C++] [kriskasprzak/ebyte](https://github.com/kriskasprzak/ebyte) Libraries to program and use UART-based EBYTE wireless data transceivers
- [**44**Star][23d] [Py] [beanwei/wechatbot4xianyu](https://github.com/beanwei/wechatbot4xianyu) 
- [**44**Star][2m] [JS] [guoaihua/main_project](https://github.com/guoaihua/main_project) 基于nodejs的网络聊天室、爬虫，vue音乐播放器，及php后台开发的管理系统等项目
- [**44**Star][10d] [Go] [stellarproject/guard](https://github.com/stellarproject/guard) GRPC Wireguard Server to manage tunnels
- [**44**Star][13d] [JS] [website-scraper/website-scraper-puppeteer](https://github.com/website-scraper/website-scraper-puppeteer) Plugin for website-scraper which returns html for dynamic websites using puppeteer
- [**44**Star][13d] [C#] [sailro/dexer](https://github.com/sailro/dexer) Dexer is an open source framework, written in C#, that reads and writes .DEX files (Dalvik Executable Format) used by the Android Open Source Project.
- [**44**Star][22d] [HCL] [lmammino/terraform-openvpn](https://github.com/lmammino/terraform-openvpn) A sample terraform setup for OpenVPN using Let's Encrypt and Certbot to generate certificates
- [**44**Star][18d] [C++] [wireless-rc-adapter/wireless-rc-adapter](https://github.com/wireless-rc-adapter/wireless-rc-adapter) 
- [**44**Star][1m] [Scala] [dmarcous/spark-betweenness](https://github.com/dmarcous/spark-betweenness) k Betweenness Centrality algorithm for Spark using GraphX
- [**44**Star][30d] [Py] [lexuge/l-spider](https://github.com/lexuge/l-spider) A DHT Spider allows you to sniff the torrents and magnets.You can download them directly.
- [**44**Star][26d] [Py] [meituan-dianping/lyrebird-ios](https://github.com/meituan-dianping/lyrebird-ios) 本程序是Lyrebird插件，您可以在插件中快速查看已连接iOS设备的详细设备信息，截取屏幕快照，以及查看已连接设备的应用信息。
- [**44**Star][8m] [JS] [pwnlandia/mhn-splunk](https://github.com/pwnlandia/mhn-splunk) Modern Honey Network App for Splunk
- [**44**Star][11d] [Py] [tidesec/common_spider](https://github.com/tidesec/common_spider) 一个还算通用的爬虫脚本，可自己设定爬取的深度，可以把动态页面和外链单独分出来~
- [**44**Star][1m] [PS] [jaredhaight/powerpunch](https://github.com/jaredhaight/powerpunch) A collection of PowerScripts for Pentesting
- [**44**Star][11d] [ObjC] [its-a-feature/bifrost](https://github.com/its-a-feature/bifrost) Objective-C library and console to interact with Heimdal APIs for macOS Kerberos
- [**44**Star][2m] [kungfu-pro/kungfu-pro-issues](https://github.com/kungfu-pro/kungfu-pro-issues) kungfu pro 透明代理, 企业科学上网解决方案
- [**44**Star][18d] [JS] [vjechsmayr/javascriptalgorithms](https://github.com/vjechsmayr/javascriptalgorithms) All Algorithms implemented in JavaScript
- [**44**Star][6m] [Groovy] [robertoschwald/grails-audit-logging-plugin](https://github.com/robertoschwald/grails-audit-logging-plugin) The Grails Audit Logging Plugin
- [**44**Star][3y] [feeicn/wsvd](https://github.com/FeeiCN/WSVD) White hat Speaks Vulnerabilities Defence《白帽子讲漏洞防御》
- [**44**Star][3y] [shmilylty/nmap-reference-guide](https://github.com/shmilylty/Nmap-Reference-Guide) Nmap Reference Guide(Nmap参考指南)
- [**44**Star][4y] [JS] [bivainis/ng6-starter-sass](https://github.com/bivainis/NG6-starter-sass) An AngularJS Starter repo for Angular + ES6 + (Webpack or JSPM) by
- [**44**Star][4m] [Dockerfile] [ironpeakservices/iron-alpine](https://github.com/ironPeakServices/iron-alpine) Hardened alpine linux baseimage for Docker.
- [**44**Star][1y] [Py] [expliot_framework/expliot](https://gitlab.com/expliot_framework/expliot) 
- [**44**Star][7y] [C++] [zer0mem/showmeyourgongfu](https://github.com/zer0mem/showmeyourgongfu) OpenSrc projects; common multiprojects headers store to ./Common/*category*/
- [**44**Star][22d] [Py] [yang3yen/pysm4](https://github.com/yang3yen/pysm4) Python SM4
- [**44**Star][2m] [Shell] [xtiankisutsa/twiga](https://github.com/xtiankisutsa/twiga) A tool that enumerates Android devices for information useful in understanding its internals and for exploit development. It supports android 4.2 to android 7.1.1
- [**44**Star][1y] [YARA] [x64dbg/yarasigs](https://github.com/x64dbg/yarasigs) Various Yara signatures (possibly to be included in a release later).
- [**44**Star][7m] [C++] [wopss/renhook](https://github.com/wopss/renhook) An open-source x86 / x86-64 hooking library for Windows.
- [**44**Star][6y] [Lua] [wenjun1055/httpguard](https://github.com/wenjun1055/httpguard) prevent cc attack
- [**44**Star][1m] [C++] [vusec/dangsan](https://github.com/vusec/dangsan) DangSan instruments programs written in C or C++ to invalidate pointers whenever a block of memory is freed, preventing dangling pointers.
- [**44**Star][14d] [C++] [vlad902/findcrypt2-with-mmx](https://github.com/vlad902/findcrypt2-with-mmx) IDA Pro findcrypt2 plug-in with MMX AES instruction finding support
- [**44**Star][4m] [Jupyter Notebook] [urcuqui/whitehat](https://github.com/urcuqui/whitehat) Information about my experiences in ethical hacking
- [**44**Star][9m] [HTML] [unk9vvn/andtroj](https://github.com/unk9vvn/andtroj) A tool for integrating the Metasploit payload with Android's healthy programs and bypassing antivirus
- [**44**Star][25d] [Py] [trailofbits/manticore-examples](https://github.com/trailofbits/manticore-examples) Example Manticore scripts
- [**44**Star][3y] [C#] [tkyu/shadowsocks-csharp-mod](https://github.com/tkyu/shadowsocks-csharp-mod) Shadowsocks for Windows
- [**44**Star][1m] [JS] [tineola/tineola](https://github.com/tineola/tineola) Blockchains. Destruction. Mayhem.
- [**44**Star][10d] [HTML] [tevora-threat/splunk_pentest_app](https://github.com/tevora-threat/splunk_pentest_app) splunk_pentest_app
- [**44**Star][4m] [HTML] [tennc/1000php](https://github.com/tennc/1000php) 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
- [**44**Star][12m] [Py] [tengzhangchao/pyshell](https://github.com/tengzhangchao/pyshell) python backdoor
- [**44**Star][3y] [C++] [technikempire/httpfilteringengine](https://github.com/technikempire/httpfilteringengine) Transparent filtering TLS proxy.
- [**44**Star][2y] [tbgsecurity/weaponize_splunk](https://github.com/tbgsecurity/weaponize_splunk) Weaponizing Splunk Presentation including Splunk Apps for penetration testing.
- [**44**Star][4m] [Shell] [tasket/qubes-vm-hardening](https://github.com/tasket/qubes-vm-hardening) Fend off malware at Qubes VM startup
- [**44**Star][4y] [Py] [strazzere/idant-wanna](https://github.com/strazzere/idant-wanna) ELF header abuse
- [**44**Star][4m] [C] [souhailhammou/drivers](https://github.com/souhailhammou/drivers) Windows Drivers
- [**44**Star][4y] [Shell] [shotokanzh/pa-th-zuzu](https://github.com/shotokanzh/pa-th-zuzu) Checks for PATH substitution vulnerabilities and logs the commands executed by the vulnerable executables
- [**44**Star][2y] [C] [shipcod3/irc-bot-hunters](https://github.com/shipcod3/irc-bot-hunters) a collection of Metasploit PoC exploits for IRC Botnets that allows RCE
- [**44**Star][2m] [C] [sesuperuser/super-bootimg](https://github.com/sesuperuser/super-bootimg) Tools to edit Android boot.img. NDK buildable, to be usable in an update.zip
- [**44**Star][19d] [Py] [sendgrid/krampus](https://github.com/sendgrid/krampus) The original AWS security enforcer™
- [**44**Star][12d] [Py] [scrapbird/sarlacc](https://github.com/scrapbird/sarlacc) SMTP server / sinkhole for collecting spam
- [**44**Star][6m] [C] [samdmarshall/machodiff](https://github.com/samdmarshall/machodiff) mach-o diffing tool
- [**44**Star][27d] [C++] [rootkitsmm/cve-2016-0040](https://github.com/rootkitsmm/cve-2016-0040) Exploiting CVE-2016-0040 uninitialized pointer
- [**44**Star][4m] [Batchfile] [romanzaikin/ollydbg-v1.10-with-best-plugins-and-immunity-debugger-theme-](https://github.com/romanzaikin/ollydbg-v1.10-with-best-plugins-and-immunity-debugger-theme-) Make OllyDbg v1.10 Look like Immunity Debugger & Best Plugins
- [**44**Star][19d] [Py] [romanvm/kodi.web-pdb](https://github.com/romanvm/kodi.web-pdb) Web-based remote Python debugger for Kodi addons
- [**44**Star][1m] [Py] [robertbaruch/polychip](https://github.com/robertbaruch/polychip) Python app to extract a netlist of NMOS transistors from an Inkscape diagram.
- [**44**Star][4m] [PS] [robbridgeman/adimporter](https://github.com/robbridgeman/adimporter) Credit to Helge Klein -
- [**44**Star][2m] [Py] [rikonaka/katoolin4china](https://github.com/rikonaka/katoolin4china) Kali tools installer
- [**44**Star][23d] [Py] [raz0r/aemscan](https://github.com/raz0r/aemscan) Adobe Experience Manager Vulnerability Scanner
- [**44**Star][3y] [Ruby] [rapid7/metasploit-aggregator](https://github.com/rapid7/metasploit-aggregator) Created by Jeffrey Martin via the GitHub Connector
- [**44**Star][2m] [Py] [ramadhanamizudin/python-icap-yara](https://github.com/ramadhanamizudin/python-icap-yara) An ICAP Server with yara scanner for URL and content.
- [**44**Star][4m] [pyn3rd/cve-2019-2618](https://github.com/pyn3rd/cve-2019-2618) Weblogic Unrestricted File Upload
- [**44**Star][6m] [puuoi/ss-r-4in1](https://github.com/puuoi/ss-r-4in1) 由于秋水逸冰网站国内无法访问，所以为有需要的朋友复制发布到github
- [**44**Star][14d] [Swift] [pabloroca/obfuscateapi](https://github.com/pabloroca/obfuscateapi) Mac OSX, Command line Swift 4 Utility for obfuscate / defuscate strings (API endpoints) in AES128 format.
- [**44**Star][2y] [Go] [ocmdev/rita](https://github.com/ocmdev/rita) This repo is deprecated. Please use activecm/rita instead.
- [**44**Star][2y] [Py] [nullbites/snakeeater](https://github.com/nullbites/snakeeater) Python implementation of the reflective SO injection technique
- [**44**Star][17d] [R] [nth-iteration-labs/contextual](https://github.com/nth-iteration-labs/contextual) Contextual Bandits in R - simulation and evaluation of Multi-Armed Bandit Policies
- [**44**Star][11d] [C] [ntddk/temu](https://github.com/ntddk/temu) TEMU: The BitBlaze Dynamic Analysis Component (with some patches).
- [**44**Star][2y] [C] [nixawk/awesome-windows-debug](https://github.com/nixawk/awesome-windows-debug) Debug Windows Application / Kernel
- [**44**Star][3y] [Go] [nicholasjackson/cnitch](https://github.com/nicholasjackson/cnitch) Container Snitch checks running processes under the Docker Engine and alerts if any are found to be running as root
- [**44**Star][3y] [Py] [neo23x0/imphash-generator](https://github.com/neo23x0/imphash-generator) PE Import Hash Generator
- [**44**Star][4m] [C] [n30m1nd/linux_heap_exploitation_intro_series](https://github.com/n30m1nd/linux_heap_exploitation_intro_series) Various PoCs and challenges regarding heap userland exploitation
- [**44**Star][3y] [C#] [mythicmaniac/keyboard-minigames](https://github.com/mythicmaniac/keyboard-minigames) A snake game for the corsair RGB keyboards
- [**44**Star][26d] [Shell] [mueller-ma/block-ads-via-dns](https://github.com/mueller-ma/block-ads-via-dns) Block ads and malware via local DNS server
- [**44**Star][1y] [Py] [misp/misp-stix-converter](https://github.com/misp/misp-stix-converter) A utility repo to assist with converting between MISP and STIX formats
- [**44**Star][5m] [C] [mimoo/disco-c](https://github.com/mimoo/disco-c) A tiny C cryptographic library to encrypt sessions, authenticate messages, sign, hash, etc. based only on SHA-3 and Curve25519
- [**44**Star][1y] [PS] [mattifestation/bcd](https://github.com/mattifestation/bcd) BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functionality of the functions in this module mirror that of bcdedit.exe.
- [**44**Star][10d] [Py] [m57/piescan](https://github.com/m57/piescan) A simple fast port scanner for when you cant use Nmap on a pentest.
- [**44**Star][18d] [JS] [lydell/eslump](https://github.com/lydell/eslump) Fuzz testing JavaScript parsers and suchlike programs.
- [**44**Star][7m] [TSQL] [leveryd/vulndocker](https://github.com/leveryd/vulndocker) 漏洞靶场平台
- [**44**Star][6m] [C] [kudelskisecurity/sgx-reencrypt](https://github.com/kudelskisecurity/sgx-reencrypt) PoC of an SGX enclave performing symmetric reencryption
- [**44**Star][4m] [PS] [kacos2000/win10](https://github.com/kacos2000/win10) Win 10 related research
- [**44**Star][2y] [Py] [jpcertcc/impfuzzy](https://github.com/jpcertcc/impfuzzy) Fuzzy Hash calculated from import API of PE files
- [**44**Star][2m] [jonbruner/twitter-analysis](https://github.com/jonbruner/twitter-analysis) The original dataset for my 2013 article on Twitter's network patterns
- [**44**Star][10d] [Py] [jbremer/pyasm2](https://github.com/jbremer/pyasm2) An easy and powerful assembler engine in python.
- [**44**Star][2m] [Py] [jamespayor/vector-homomorphic-encryption](https://github.com/jamespayor/vector-homomorphic-encryption) 6.857 project - implementation of scheme for encrypting integer vectors that allows addition, linear transformation, and weighted inner products.
- [**44**Star][1m] [ipopov/starttls-mitm](https://github.com/ipopov/starttls-mitm) A starttls-capable transparent man-in-the-middle proxy
- [**44**Star][4y] [PS] [invoke-ir/wmievent](https://github.com/invoke-ir/wmievent) A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions
- [**44**Star][1m] [Py] [initstring/lyricpass](https://github.com/initstring/lyricpass) Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
- [**44**Star][6y] [Py] [husam212/mitmer](https://github.com/husam212/mitmer) Automated man-in-the-middle attack tool.
- [**44**Star][3m] [Jupyter Notebook] [httparchive/bigquery](https://github.com/httparchive/bigquery) BigQuery import and processing pipelines
- [**44**Star][4m] [Py] [hewlettpackard/reconbf](https://github.com/hewlettpackard/reconbf) Recon system hardening scanner
- [**44**Star][2m] [Perl] [hackerdom/checksystem](https://github.com/hackerdom/checksystem) Checksystem for attack-defense CTF
- [**44**Star][12d] [Py] [guptachetan1997/crawling-projects](https://github.com/guptachetan1997/crawling-projects) Web scraping and automation using python
- [**44**Star][1m] [Java] [guolei1130/global_httpdns](https://github.com/guolei1130/global_httpdns) 全局HttpDns替换方案
- [**44**Star][4m] [Py] [girishp92/human-activity-recognition-using-recurrent-neural-nets-rnn-lstm-and-tensorflow-on-smartphones](https://github.com/girishp92/human-activity-recognition-using-recurrent-neural-nets-rnn-lstm-and-tensorflow-on-smartphones) This was my Master's project where i was involved using a dataset from Wireless Sensor Data Mining Lab (WISDM) to build a machine learning model to predict basic human activities using a smartphone accelerometer, Using Tensorflow framework, recurrent neural nets and multiple stacks of Long-short-term memory units(LSTM) for building a deep networ…
- [**44**Star][1m] [C] [gcwnow/linux](https://github.com/gcwnow/linux) Linux kernel for GCW Zero (Ingenic JZ4770)
- [**44**Star][1m] [Go] [function61/holepunch-client](https://github.com/function61/holepunch-client) Totally self-contained SSH reverse tunnel written in Go
- [**44**Star][2m] [Pascal] [felipedaragon/plua-xe](https://github.com/felipedaragon/plua-xe) Embed Lua into Delphi, FreePascal or Lazarus projects
- [**44**Star][10d] [Erlang] [etnt/edbg](https://github.com/etnt/edbg) A simple tty interface to the Erlang debugger and tracer.
- [**44**Star][5m] [Py] [ethvpn/code](https://github.com/ethvpn/code) The sourecode
- [**44**Star][2y] [Py] [erpscanteam/cve-2018-2380](https://github.com/erpscanteam/cve-2018-2380) PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM
- [**44**Star][4m] [JS] [envkey/envkey-node](https://github.com/envkey/envkey-node) EnvKey's official Node.js client library
- [**44**Star][2y] [C#] [enkomio/rundotnetdll](https://github.com/enkomio/rundotnetdll) A simple utility to list all methods of a given .NET Assembly and to invoke them
- [**44**Star][3m] [OpenEdge ABL] [englehardt/cookies-that-give-you-away](https://github.com/englehardt/cookies-that-give-you-away) Code release for: Cookies that give you away: The surveillance implications of web tracking
- [**44**Star][4m] [C] [encounter/tsschecker](https://github.com/encounter/tsschecker) Check TSS signing status of iOS firmwares and save SHSH blobs
- [**44**Star][27d] [C#] [emoose/xvdtool](https://github.com/emoose/xvdtool) A command-line tool for manipulating Xbox One XVD & XVC files.
- [**44**Star][1y] [PHP] [eboda/35c3](https://github.com/eboda/35c3) Challenges I created for 35c3
- [**44**Star][1m] [Py] [dissectmalware/batch_deobfuscator](https://github.com/dissectmalware/batch_deobfuscator) Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
- [**44**Star][11d] [Py] [desword/shellcode_tools](https://github.com/desword/shellcode_tools) Useful tools for writing shellcode
- [**44**Star][8m] [Py] [depthsecurity/haveibeenharvested](https://github.com/depthsecurity/haveibeenharvested) Automated HaveIbeenPwned lookups using theharvester results
- [**44**Star][15d] [Erlang] [darkkey/erlamsa](https://github.com/darkkey/erlamsa) Erlang port of famous radamsa fuzzzer.
- [**44**Star][5y] [Py] [danse-macabre/ida-efitools](https://github.com/danse-macabre/ida-efitools) Some scripts for IDA Pro to assist with reverse engineering EFI binaries
- [**44**Star][2m] [Py] [cryptokrishtopher/binancescanner](https://github.com/cryptokrishtopher/binancescanner) 
- [**44**Star][1y] [C++] [crankz/screensharing-filetransfer-in-lan](https://github.com/crankz/screensharing-filetransfer-in-lan) a screen-sharing&FileTransfer software in LAN
- [**44**Star][2m] [C++] [cr4sh/secretnet_expl](https://github.com/cr4sh/secretnet_expl) LPE exploits for Secret Net and Secret Net Studio
- [**44**Star][29d] [Java] [coveros/zap-sonar-plugin](https://github.com/coveros/zap-sonar-plugin) Integrates OWASP Zed Attack Proxy reports into SonarQube
- [**44**Star][2y] [Py] [christhecoolhut/easy-pickings](https://github.com/christhecoolhut/easy-pickings) Automatic function exporting and linking for fuzzing cross-architecture binaries.
- [**44**Star][3y] [C] [changeofpace/pe-header-dump-utilities](https://github.com/changeofpace/pe-header-dump-utilities) This x64dbg plugin adds several commands for dumping PE header information by address.
- [**44**Star][23d] [C] [cemeyer/msp430-emu-uctf](https://github.com/cemeyer/msp430-emu-uctf) msp430 emulator for uctf (with remote GDB debugging, reverse debugging, and optional symbolic execution)
- [**44**Star][2y] [C++] [can1357/physical_mem_controller](https://github.com/can1357/physical_mem_controller) A library to read physical memory and system-wide virtual memory.
- [**44**Star][7m] [Py] [bsdphk/pyreveng](https://github.com/bsdphk/pyreveng) Software Reverse Engineering toolkit in python
- [**44**Star][22d] [Py] [bones-codes/the_colonel](https://github.com/bones-codes/the_colonel) an experimental linux kernel module (rootkit) with a keylogger and built-in IRC bot
- [**44**Star][5m] [Py] [bit4woo/dnslog](https://github.com/bit4woo/dnslog) DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。
- [**44**Star][4m] [JS] [bismay4u/appserver](https://github.com/bismay4u/appserver) AppServer is a Desktop Proxy + App Server for HTML, MD files for Developers and Enthusiasts.
- [**44**Star][1m] [PHP] [auth0/auth0-drupal](https://github.com/auth0/auth0-drupal) Auth0 Drupal Plugin - Single Sign On, Social Login, SAML and AD/LDAP Integration, User Management
- [**44**Star][7m] [PS] [attackdebris/babel-sf](https://github.com/attackdebris/babel-sf) Babel Scripting Framework
- [**44**Star][9m] [Go] [armanshan12/rkms](https://github.com/armanshan12/rkms) RKMS is a highly available key management service, built on top of AWS's KMS.
- [**44**Star][2m] [C] [anthonywei/rc4](https://github.com/anthonywei/rc4) rc4 java c++ python php
- [**44**Star][4y] [C++] [andreybazhan/dbgext](https://github.com/andreybazhan/dbgext) Debugger extension for the Debugging Tools for Windows (WinDbg, KD, CDB, NTSD).
- [**44**Star][5m] [Py] [andompesta/come](https://github.com/andompesta/come) Implementation of ComE algorithm
- [**44**Star][3m] [Rust] [alexcrichton/socks5-rs](https://github.com/alexcrichton/socks5-rs) Implementation of a socks5 proxy server in Rust
- [**44**Star][2y] [akayn/vault](https://github.com/akayn/resources) Old Code.... and a never-ending reading list.
- [**44**Star][4y] [Py] [aikinogard/5th_place_solution_facebook_check_ins](https://github.com/aikinogard/5th_place_solution_facebook_check_ins) My solution rank 5th/1212 in Facebook check ins prediction competition at Kaggle
- [**44**Star][13d] [Py] [ahmia/ahmia-site](https://github.com/ahmia/ahmia-site) Ahmia.fi - Hidden service search engine
- [**44**Star][1m] [C] [aerosoul94/dynlib](https://github.com/aerosoul94/dynlib) IDA Pro plugin to aid PS4 user mode ELF reverse engineering.
- [**44**Star][1y] [JS] [adguardteam/stealthmode](https://github.com/adguardteam/stealthmode) a browser extension to stop all kinds of online trackers from receiving any information about you and your actions on the Internet
- [**44**Star][2y] [Py] [649/apache-struts-shodan-exploit](https://github.com/649/apache-struts-shodan-exploit) This tool takes advantage of CVE-2018-11776 and Shodan to perform mass exploitation of verified and vulnerable Apache Struts servers.
- [**44**Star][3y] [PS] [3gstudent/windows-user-clone](https://github.com/3gstudent/windows-user-clone) Create a hidden account
- [**44**Star][3y] [PS] [3gstudent/dump-clear-password-after-kb2871997-installed](https://github.com/3gstudent/dump-clear-password-after-kb2871997-installed) 
- [**44**Star][1m] [JS] [0katz/cve-2019-12476](https://github.com/0katz/cve-2019-12476) 
- [**43**Star][16d] [Py] [nyxgeek/onedrive_user_enum](https://github.com/nyxgeek/onedrive_user_enum) pentest tool to enumerate valid onedrive users
- [**43**Star][10d] [Java] [threedr3am/marshalsec](https://github.com/threedr3am/marshalsec) 一个Java编码、解码漏洞利用工具，加入了Dubbo-Hessian2和Apache Shiro PaddingOracle CBC的exploits，并修改了RMIRefServer，使用tomcat-el依赖，实现RMI攻击8u191以上版本jdk服务（TomcatELRMIRefServer）
- [**43**Star][20d] [Py] [namuyan/p2p-python](https://github.com/namuyan/p2p-python) Simple peer2peer library. designed for bc4py project.
- [**43**Star][13d] [JS] [website-scraper/node-website-scraper-phantom](https://github.com/website-scraper/node-website-scraper-phantom) Plugin for website-scraper which returns html for dynamic websites using PhantomJS.
- [**43**Star][2m] [Py] [xugongli/poi_spider](https://github.com/xugongli/poi_spider) 使用scrapy采集中国指定行政区域内的所有兴趣点数据，如学校、便利店、甜品店等
- [**43**Star][11d] [HTML] [brandonrobertz/autoscrape-py](https://github.com/brandonrobertz/autoscrape-py) An automated, programming-free web scraper for interactive sites
- [**43**Star][5m] [Py] [zyunh/mini-spider](https://github.com/zyunh/mini-spider) 简单、实用的爬虫工具，仅需四步创建属于你的爬虫程序！
- [**43**Star][20d] [Java] [sputnikdev/bluetooth-manager](https://github.com/sputnikdev/bluetooth-manager) Java Bluetooth Manager. A library/framework for managing bluetooth adapters, bluetooth devices, GATT services and characteristics
- [**43**Star][1m] [Py] [secxena/credcheck](https://github.com/secxena/credcheck) Credentials Checking Framework
- [**43**Star][23d] [Swift] [millertechnologyperu/hcitool](https://github.com/millertechnologyperu/hcitool) Bluetooth Host Controller Interface Command Line Tool for for sending HCI commands on macOS and Linux
- [**43**Star][12d] [Go] [ma6174/myhttpdns](https://github.com/ma6174/myhttpdns) DNS 服务器，接收标准 DNS 查询请求，然后通过查询 http dns 获取结果返回给客户端。
- [**43**Star][2m] [Java] [sputnikdev/eclipse-smarthome-bluetooth-binding](https://github.com/sputnikdev/eclipse-smarthome-bluetooth-binding) Eclipse SmartHome Bluetooth Binding
- [**43**Star][2y] [HTML] [chain-zhang/ispider](https://github.com/chain-zhang/ispider) 简单爬虫实现
- [**43**Star][16d] [Java] [eduvpn/android](https://github.com/eduvpn/android) Android eduVPN application
- [**43**Star][1m] [C] [jens-maus/amissl](https://github.com/jens-maus/amissl) 
- [**43**Star][1m] [Go] [luzifer/go-openssl](https://github.com/luzifer/go-openssl) go-openssl is a small library wrapping the crypto/aes functions in a way the output is compatible to OpenSSL
- [**43**Star][18d] [JS] [jiqsaw/code-challenges](https://github.com/jiqsaw/code-challenges) algorithm code challenges solutions (codility / hackerrank / eular / topcoder)
- [**43**Star][22d] [Java] [douglasjunior/react-native-easybluetooth-classic](https://github.com/douglasjunior/react-native-easybluetooth-classic) 
- [**43**Star][11d] [Groovy] [tomasbjerre/jenkins-configuration-as-code-sandbox](https://github.com/tomasbjerre/jenkins-configuration-as-code-sandbox) Jenkins Configuration as Code, JCasC, Job DSL, Pipeline, Shared library
- [**43**Star][1m] [Py] [ysh329/darknet2caffe](https://github.com/ysh329/darknet2caffe) Convert Darknet model to Caffe's
- [**43**Star][3m] [Shell] [jseidl/torblock](https://github.com/jseidl/torblock) TORBlock is a BASH script to automatically download the list of TOR exit-nodes and add them to your IPTables ruleset.
- [**43**Star][8y] [C] [hellman/shtest](https://github.com/hellman/shtest) Simple shellcode testing tool.
- [**43**Star][29d] [Py] [v2ray/v2ray-shell_alpha](https://github.com/v2ray/v2ray-shell_alpha) A GUI for V2Ray-core, written in PyQt5
- [**43**Star][2m] [Go] [madeye/obfs4-tunnel](https://github.com/madeye/obfs4-tunnel) obfs4 tunnel
- [**43**Star][16d] [Py] [simsong/dfxml](https://github.com/simsong/dfxml) Digital Forensics XML project and library
- [**43**Star][1m] [TS] [icodesign/proxy-uri](https://github.com/icodesign/proxy-uri) Helper to generate/parse Shadowsocks(R)/HTTP(S) URI
- [**43**Star][28d] [Py] [tarunkant/endpoint-finder](https://github.com/tarunkant/endpoint-finder) Finds the End-Points in JavaScript files
- [**43**Star][4m] [Go] [dreadl0ck/gopcap](https://github.com/dreadl0ck/gopcap) Fast Golang PCAP Reader & Benchmark Comparison
- [**43**Star][3y] [Py] [tylerha97/findevil](https://github.com/tylerha97/findevil) Volatility plugin to find evil
- [**43**Star][17d] [nicehash/specifications](https://github.com/nicehash/specifications) Protocol specifications for various algorithms used @ NiceHash
- [**43**Star][2m] [Py] [wibiti/evedec](https://github.com/wibiti/evedec) Eve Online decrypter/decompiler
- [**43**Star][14d] [Py] [pagekite/pysocksipychain](https://github.com/pagekite/pysocksipychain) Modified socks.py which supports chained proxies
- [**43**Star][13d] [JS] [snyk/broker](https://github.com/snyk/broker) A broker system between a public service and a private service
- [**43**Star][3m] [Verilog] [lvd2/ay-3-8910_reverse_engineered](https://github.com/lvd2/ay-3-8910_reverse_engineered) The reverse-engineered AY-3-8910 chip. Transistor-level schematics, verilog model and a testbench with tools, that can render register dump files into .flac soundtrack.
- [**43**Star][12d] [starnightcyber/subdomains](https://github.com/starnightcyber/subdomains) 互联网公司子域名收集
- [**43**Star][13d] [Java] [mwarning/trigger](https://github.com/mwarning/trigger) Android app to lock/unlock/ring doors.
- [**43**Star][29d] [Java] [x41sec/beanstack](https://github.com/x41sec/beanstack) X41 BeanStack - Stack Trace Fingerprinting BETA
- [**43**Star][21d] [grapheneos/os_issue_tracker](https://github.com/grapheneos/os_issue_tracker) Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
- [**43**Star][13d] [PS] [0x6d69636b/windows_hardening](https://github.com/0x6d69636b/windows_hardening) Windows Hardening settings and configurations
- [**43**Star][16d] [HTML] [madhuakula/security-automation-with-ansible-2](https://github.com/madhuakula/security-automation-with-ansible-2) Ansible Playbooks for Security Automation with Ansible2 book
- [**43**Star][5m] [C++] [newbee119/deceptive-document](https://github.com/NewBee119/Deceptive-document) 通过在U盘中伪装正常文件，欺骗用户点击，传播木马的一个demo程序~just for fun~
- [**43**Star][3y] [Jupyter Notebook] [rmax/scrapydo](https://github.com/rmax/scrapydo) Crochet-based blocking API for Scrapy.
- [**43**Star][6m] [JS] [praetorian-code/hashcatjs](https://github.com/praetorian-code/hashcatJS) An implementation of the hashcat rules engine in javascript
- [**43**Star][11m] [JS] [nvisium/grails-nv](https://github.com/nVisium/grails-nV) Vulnerable Grails application
- [**43**Star][11m] [Py] [secarmalabs/dns-parallel-prober](https://github.com/SecarmaLabs/dns-parallel-prober) PoC for an adaptive parallelised DNS prober
- [**43**Star][7m] [C#] [zacbrown/hiddentreasure-etw-demo](https://github.com/zacbrown/hiddentreasure-etw-demo) Basic demo for Hidden Treasure talk.
- [**43**Star][6m] [Py] [yelp/mycroft](https://github.com/yelp/mycroft) 
- [**43**Star][4y] [Py] [xyntax/drystan](https://github.com/xyntax/drystan) Automated information gathering tool for pentest
- [**43**Star][4m] [HTML] [xiaoyanguoke/ciahackingtools](https://github.com/xiaoyanguoke/ciahackingtools) WikiLeaks Vault 7 CIA Hacking Tools
- [**43**Star][16d] [C] [xerpi/linux_vita](https://github.com/xerpi/linux_vita) Linux kernel source tree (PlayStation Vita port)
- [**43**Star][8m] [xazlsec/pentest-project-lists](https://github.com/xazlsec/pentest-project-lists) 由信安之路团队成员收集整理的与渗透测试相关的 Github 项目地址
- [**43**Star][2m] [Py] [x64dbg/x64dbgpylib](https://github.com/x64dbg/x64dbgpylib) Port of windbglib to x64dbgpy, in an effort to support mona.py in x64dbg.
- [**43**Star][14d] [Lua] [wubonetcn/luawaf](https://github.com/wubonetcn/luawaf) A secure and privately deployable web application firewall(WAF).一个安全、可私有部署的Web应用防火墙(WAF)。
- [**43**Star][16d] [HTML] [wolfram77web/app-peid](https://github.com/wolfram77web/app-peid) PEiD detects most common packers, cryptors and compilers for PE files.
- [**43**Star][2y] [Shell] [wh1t3rh1n0/pentest-scripts](https://github.com/wh1t3rh1n0/pentest-scripts) Miscellaneous scripts for pentesting
- [**43**Star][14d] [HTML] [voidhack/write-ups](https://github.com/voidhack/write-ups) 
- [**43**Star][15d] [C] [vincentbernat/ssl-dos](https://github.com/vincentbernat/ssl-dos) Various tools related to SSL denial of service
- [**43**Star][21d] [veliovgroup/ostrio](https://github.com/veliovgroup/ostrio) ▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON
- [**43**Star][20d] [t3st0r-git/hack_postgres](https://github.com/T3st0r-Git/hack_postgres) 便捷地使用PostgreSQL自定义函数来执行系统命令，适用于数据库管理员知道postgres密码却不知道ssh或RDP密码的时候在服务器执行系统命令。
- [**43**Star][4y] [Py] [uber/usb2fac](https://github.com/uber/usb2fac) Enabling 2fac confirmation for newly connected USB devices
- [**43**Star][11d] [C] [tum-i22/obfuscation-benchmarks](https://github.com/tum-i22/obfuscation-benchmarks) A set of programs used for benchmarking the strength of obfuscation
- [**43**Star][2m] [Assembly] [therealsaumil/arm_shellcode](https://github.com/therealsaumil/arm_shellcode) Make ARM Shellcode Great Again
- [**43**Star][21d] [tevora-threat/aggressor-powerview](https://github.com/tevora-threat/aggressor-powerview) PowerView menu for Cobalt Strike
- [**43**Star][4m] [C#] [testsecer/md5decrypt](https://github.com/testsecer/md5decrypt) MD5多接口解密工具（插件式）
- [**43**Star][4y] [Py] [techwizrd/gitkraken](https://github.com/techwizrd/gitkraken) A Git client for the GNOME Desktop.
- [**43**Star][3m] [Elixir] [tatsuya6502/recon_ex](https://github.com/tatsuya6502/recon_ex) Elixir wrapper for Recon, tools to diagnose Erlang VM safely in production
- [**43**Star][2y] [Py] [talos-vulndev/fuzzflow](https://github.com/talos-vulndev/fuzzflow) 
- [**43**Star][8m] [Pawn] [stypr/tmpleak](https://github.com/stypr/tmpleak) Leak off used temporary workspaces for ctf and wargames!
- [**43**Star][11d] [JS] [strongcourage/fuzzing-corpus](https://github.com/strongcourage/fuzzing-corpus) My fuzzing corpus
- [**43**Star][2y] [Shell] [stayliv3/embedded-device-lab](https://github.com/stayliv3/embedded-device-lab) 利用qemu模拟真实世界中物联网漏洞的测试环境。由于物联网架构的特殊性，调试分析漏洞通常需要使用qemu模拟执行不同架构的可执行文件。而各种搭建环境，交叉编译是一件费事费力，令人忧伤的工作。 embedded-device-lab利用docker-compose，将各种漏洞调试环境一键化。简单使用两条命令，就可以直接使用gdb或者IDA动态分析相关漏洞。
- [**43**Star][7y] [Py] [sketchymoose/totalrecall](https://github.com/sketchymoose/totalrecall) Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
- [**43**Star][4m] [C] [shellbombs/strongod](https://github.com/shellbombs/strongod) StrongOD(anti anti-debug plugin) driver source code.
- [**43**Star][4y] [C++] [sekoialab/binaryinjectionmitigation](https://github.com/sekoialab/binaryinjectionmitigation) Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.
- [**43**Star][16d] [Shell] [security-onion-solutions/securityonion-elastic](https://github.com/security-onion-solutions/securityonion-elastic) Security Onion Elastic Stack
- [**43**Star][4y] [KiCad Layout] [salmg/magspoofpi](https://github.com/salmg/magspoofpi) MagSpoof for Raspberry PI GPIO
- [**43**Star][27d] [Go] [rookmoot/proxifier](https://github.com/rookmoot/proxifier) A fast, modern and intelligent proxy rotator perfect for crawling and scraping public data.
- [**43**Star][9m] [Go] [ritterhou/stinger](https://github.com/ritterhou/stinger) Across the Great Wall, we can reach every corner in the world.
- [**43**Star][10d] [Py] [ring04h/wyscan](https://github.com/ring04h/wyscan) WooYun Network Scanner
- [**43**Star][26d] [Shell] [riftbit/docker-3proxy](https://github.com/riftbit/docker-3proxy) Smallest and Fastest Docker container for fast proxy setup based on 3proxy SOCKS5 proxy
- [**43**Star][4m] [Py] [q3k/tpm2137](https://github.com/q3k/tpm2137) Hardware task for WCTF2019
- [**43**Star][3y] [PS] [proxb/serverinventoryreport](https://github.com/proxb/serverinventoryreport) A set of scripts to create an inventory report using PowerShell, SQL and WPF
- [**43**Star][1m] [Java] [pnfsoftware/jnihelper](https://github.com/pnfsoftware/jnihelper) jeb-plugin-android-jni-helper
- [**43**Star][6m] [PS] [pcgeek86/powerevents](https://github.com/pcgeek86/powerevents) PowerEvents is a PowerShell module that assists in the registration of WMI permanent event subscriptions.
- [**43**Star][3m] [HTML] [pcchou/ctf-writeups](https://github.com/pcchou/ctf-writeups) 練習解題跟練習寫 writeups 的地方（？
- [**43**Star][7m] [Py] [partoftheworld/ghidrapy_functionstringassociate](https://github.com/partoftheworld/ghidrapy_functionstringassociate) It does the same thing as plugin FunctionStringAssociate for IDA, Now the script just works, in the future it is planned to increase the speed of work and bring it closer to the speed of the plugin.
- [**43**Star][2m] [C] [opsxcq/exploit-cve-2017-5715](https://github.com/opsxcq/exploit-cve-2017-5715) Spectre exploit
- [**43**Star][12d] [Py] [opendns/og-miner](https://github.com/opendns/og-miner) OpenDNS Graph Miner
- [**43**Star][3m] [olafhartong/detection-sources](https://github.com/olafhartong/detection-sources) 
- [**43**Star][6m] [Py] [ntdiff/ntdiff](https://github.com/ntdiff/ntdiff) 
- [**43**Star][9m] [Py] [nirizr/pytest-idapro](https://github.com/nirizr/pytest-idapro) A pytest module for The Interactive Disassembler and IDAPython; Record and Replay IDAPython API, execute inside IDA or use mockups of IDAPython API.
- [**43**Star][2y] [Py] [nikshepsvn/scatterfly](https://github.com/nikshepsvn/scatterfly) An attempt to improve user privacy by intelligent data obfuscation.
- [**43**Star][4y] [C] [nikolajschlej/zeronights2015](https://github.com/nikolajschlej/zeronights2015) My UEFI security talk on ZeroNights 2015
- [**43**Star][9m] [Shell] [netspi/heapdump-ios](https://github.com/netspi/heapdump-ios) Dump IOS application heap space from memory
- [**43**Star][2y] [Py] [nccgroup/royal_apt](https://github.com/nccgroup/royal_apt) Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
- [**43**Star][4m] [munsiwoo/ctf-web-prob](https://github.com/munsiwoo/ctf-web-prob) My web prob collections
- [**43**Star][11m] [mrowensnobody/presentation](https://github.com/mrowensnobody/presentation) 
- [**43**Star][3y] [Py] [mrgeffitas/sandbox_tester](https://github.com/mrgeffitas/sandbox_tester) 
- [**43**Star][4m] [TSQL] [monarc-project/monarcappfo](https://github.com/monarc-project/monarcappfo) MONARC - Method for an Optimised aNAlysis of Risks by
- [**43**Star][9m] [Py] [momalab/icsref](https://github.com/momalab/icsref) A tool for reverse engineering industrial control systems binaries.
- [**43**Star][1y] [Py] [misp/misp-taxii-server](https://github.com/misp/misp-taxii-server) An OpenTAXII Configuration for MISP
- [**43**Star][22d] [mentebinaria/fundamentos-engenharia-reversa](https://github.com/mentebinaria/fundamentos-engenharia-reversa) Livro: Fundamentos de Engenharia Reversa
- [**43**Star][15d] [JS] [meltingice/nanocrawler](https://github.com/meltingice/nanocrawler) Web-based front end for viewing information about your Nano node and exploring the Nano network
- [**43**Star][18d] [Py] [mcw0/pwn-hisilicon-dvr](https://github.com/mcw0/pwn-hisilicon-dvr) 
- [**43**Star][26d] [Go] [maxlaverse/reverse-shell](https://github.com/maxlaverse/reverse-shell) A reverse-shell agent, master and rendezvous point written in Go
- [**43**Star][11d] [CSS] [m6a-uds/dvca](https://github.com/m6a-uds/dvca) Damn Vulnerable Cloud Application
- [**43**Star][1y] [C++] [luciouskami/xigncode3bypass](https://github.com/luciouskami/xigncode3bypass) 
- [**43**Star][7m] [Ruby] [lucifer1993/lasercrack](https://github.com/lucifer1993/lasercrack) Lasercrack-可扩展的Ruby暴力破解框架
- [**43**Star][3m] [Py] [kokokuo/scraper-fourone-jobs](https://github.com/kokokuo/scraper-fourone-jobs) This is a anti-scraping cracker for extracting apply information of one of Taiwan jobs recruiting website.
- [**43**Star][2m] [Py] [kivy-garden/garden.zbarcam](https://github.com/kivy-garden/garden.zbarcam) Migrated to
- [**43**Star][12m] [Shell] [kitsun3sec/pentest-cheat-sheets](https://github.com/kitsun3sec/pentest-cheat-sheets) A collection of snippets of codes and commands to make your life easier!
- [**43**Star][4m] [C#] [killeroo/powerping](https://github.com/killeroo/powerping) Advanced command-line ping tool
- [**43**Star][13d] [PHP] [jsmitty12/phpwhois](https://github.com/jsmitty12/phpwhois) phpWhois general repository
- [**43**Star][11m] [AutoIt] [jschicht/usnjrnl2csv](https://github.com/jschicht/usnjrnl2csv) Parser for $UsnJrnl on NTFS
- [**43**Star][11d] [JS] [issue-db/issue-db](https://github.com/issue-db/issue-db) 
- [**43**Star][7m] [JS] [intoli/slice](https://github.com/intoli/slice) A JavaScript implementation of Python's negative indexing and extended slice syntax.
- [**43**Star][15d] [C] [in7egral/taig8-ios-jailbreak-patchfinder](https://github.com/in7egral/taig8-ios-jailbreak-patchfinder) Analyzes a binary iOS kernel to determine function offsets and where to apply the canonical jailbreak patches.
- [**43**Star][2y] [Py] [imp0wd3r/scanner](https://github.com/imp0wd3r/scanner) 端口扫描 + 敏感文件扫描 + POC批量调用框架
- [**43**Star][3m] [C] [idc/ps4-fake-405](https://github.com/idc/ps4-fake-405) 
- [**43**Star][1m] [Py] [ibm-security-intelligence/data-import](https://github.com/ibm-security-intelligence/data-import) 
- [**43**Star][20d] [Py] [houbbit/haveibeenpwned](https://github.com/houbbit/haveibeenpwned) Python script to verify multiple email addresses for pwnage
- [**43**Star][11d] [Java] [harryfrey/fakegumtree](https://github.com/harryfrey/fakegumtree) Investigating an Android spyware and phishing application.
- [**43**Star][3y] [C] [hamza-megahed/ctfs](https://github.com/hamza-megahed/ctfs) Walkthrough some CTFs
- [**43**Star][2y] [Py] [grayddq/passiveseccheck](https://github.com/grayddq/passiveseccheck) 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于漏洞验证部分，根据提供的数据进行分布式安全验证，确定是否包含相关严重漏洞。
- [**43**Star][3y] [godaddy/yara-rules](https://github.com/godaddy/yara-rules) YARA rules for use with ProcFilter
- [**43**Star][2m] [Py] [gauthamgoli/rarpasswordcracker](https://github.com/gauthamgoli/rarpasswordcracker) Bruteforces a password protected rar/zip file with specified charset.
- [**43**Star][1y] [Shell] [forte-research/forte-fuzzbench](https://github.com/forte-research/forte-fuzzbench) FoRTE-Research's fuzzing benchmarks
- [**43**Star][2m] [Java] [fooock/jshodan](https://github.com/fooock/jshodan) Powerful Shodan API client using RxJava and Retrofit
- [**43**Star][4m] [C] [fi01/backdoor_mmap_tools](https://github.com/fi01/backdoor_mmap_tools) Unlock security module, obtain root privilege and so on.
- [**43**Star][6y] [Py] [federicoceratto/firelet](https://github.com/federicoceratto/firelet) Distributed Linux-based firewall management
- [**43**Star][4m] [C] [fail0verflow/switch-u-boot](https://github.com/fail0verflow/switch-u-boot) "Das U-Boot" Source Tree for the Switch
- [**43**Star][4m] [C#] [equifox/minjector](https://github.com/equifox/minjector) Mono Framework Injector (C#) using MInject Library
- [**43**Star][17d] [Py] [edeca/rtfraptor](https://github.com/edeca/rtfraptor) Extract OLEv1 objects from RTF files by instrumenting Word
- [**43**Star][19d] [dustyfresh/dictionaries](https://github.com/dustyfresh/dictionaries) curated password lists and various other lists/dictionaries for security things
- [**43**Star][18d] [OCaml] [draperlaboratory/cbat_tools](https://github.com/draperlaboratory/cbat_tools) Program analysis tools developed at Draper on the CBAT project.
- [**43**Star][3y] [HTML] [digitalinterruption/fridaworkshop](https://github.com/digitalinterruption/fridaworkshop) Break Apps with Frida workshop material
- [**43**Star][4m] [Py] [dhondta/rpl-attacks](https://github.com/dhondta/rpl-attacks) RPL attacks framework for simulating WSN with a malicious mote based on Contiki
- [**43**Star][3y] [Py] [danmcinerney/smb-reverse-brute](https://github.com/danmcinerney/smb-reverse-brute) Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords
- [**43**Star][1m] [JS] [cxueqin/falcon](https://github.com/cxueqin/falcon) 猎鹰网络安全工具，核心功能DOS测试，支持端口扫描，支持CentOS/Ubuntu/MacOS系统
- [**43**Star][26d] [Py] [crypto101/exercises](https://github.com/crypto101/exercises) The exercises for Crypto 101.
- [**43**Star][2m] [C++] [corelan/pin](https://github.com/corelan/pin) Collection of pin tools
- [**43**Star][2m] [Batchfile] [chrisad/ads-payload](https://github.com/chrisad/ads-payload) Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using environment variables, alternating data streams and wmic.
- [**43**Star][20d] [Py] [certsocietegenerale/fame_modules](https://github.com/certsocietegenerale/fame_modules) Community modules for FAME
- [**43**Star][1y] [bulentrahimkazanci/windbg-cheat-sheet](https://github.com/bulentrahimkazanci/windbg-cheat-sheet) A practical guide to analyze memory dumps of .Net applications by using Windbg
- [**43**Star][4y] [Shell] [brianwrf/roothelper](https://github.com/brianwrf/roothelper) A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
- [**43**Star][1m] [Py] [borjamerino/tlsinjector](https://github.com/borjamerino/tlsinjector) Python script to inject and run shellcodes through TLS callbacks
- [**43**Star][8y] [Py] [bonsaiviking/tarpyt](https://github.com/bonsaiviking/tarpyt) A web spider's worst nightmare.
- [**43**Star][2y] [HCL] [bneg/redteam-automation](https://github.com/bneg/redteam-automation) Automating those tasks which can or should be automated
- [**43**Star][3y] [Rust] [bheisler/corrosion](https://github.com/bheisler/corrosion) NES Emulator in Rust
- [**43**Star][30d] [JS] [bendrucker/hapi-require-https](https://github.com/bendrucker/hapi-require-https) hapi http -> https redirection for servers behind a reverse proxy
- [**43**Star][3y] [Py] [azure/embarrassingly-parallel-image-classification](https://github.com/azure/embarrassingly-parallel-image-classification) Walkthrough demonstrating how trained DNNs (CNTK and TensorFlow) can be applied to massive image sets in ADLS using PySpark on Azure HDInsight clusters
- [**43**Star][5m] [SystemVerilog] [azonenberg/starshipraider](https://github.com/azonenberg/starshipraider) High performance embedded systems debug/reverse engineering platform
- [**43**Star][2y] [C++] [azerg/packerpe](https://github.com/azerg/packerpe) simple PE packer written in C++
- [**43**Star][1m] [Py] [aptnotes/tools](https://github.com/aptnotes/tools) Tools to interact with APTnotes reporting/index.
- [**43**Star][14d] [C] [antoniond/gbcam-rev-engineer](https://github.com/antoniond/gbcam-rev-engineer) Tools used to reverse engineer the GB Camera using Arduino UNO.
- [**43**Star][2m] [OCaml] [anssi-fr/mabo](https://github.com/anssi-fr/mabo) MRT Parser
- [**43**Star][4m] [Perl] [anon6372098/fazscan](https://github.com/anon6372098/fazscan) | FazScan is a Perl program to do some vulnerability scanning and pentesting |
- [**43**Star][2y] [Py] [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits) Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)
- [**43**Star][2m] [Py] [alexbredo/honeypot-camera](https://github.com/alexbredo/honeypot-camera) observation camera honeypot
- [**43**Star][12d] [Py] [agustingianni/memrepl](https://github.com/agustingianni/memrepl) a frida based script that aims to help a researcher in the task of exploitation of memory corruption related bugs
- [**43**Star][8m] [TSQL] [abrignoni/dfir-sql-query-repo](https://github.com/abrignoni/dfir-sql-query-repo) Collection of SQL query templates for digital forensics use by platform and application.
- [**43**Star][12d] [Py] [abdilahrf/shania](https://github.com/abdilahrf/shania) Scan secrets from Continuous Integration Build Logs
- [**43**Star][1m] [Py] [abdesslem/malwarehunter](https://github.com/abdesslem/malwarehunter) Static and automated/dynamic malware analysis
- [**43**Star][2y] [Py] [abdesslem/ctf](https://github.com/abdesslem/ctf) Flask platform for Capture The Flag challenges
- [**43**Star][4m] [Py] [aaronsoria/panalizer](https://github.com/aaronsoria/panalizer) 
- [**43**Star][2m] [C#] [aaaddress1/puzzcode](https://github.com/aaaddress1/puzzcode) simple compiler based on mingw to build uncrackable windows application against analysis tools
- [**43**Star][5m] [Py] [9b/malpdfobj](https://github.com/9b/malpdfobj) Builds json representation of PDF malware sample
- [**43**Star][2y] [Py] [649/memfixed-mitigation-tool](https://github.com/649/memfixed-mitigation-tool) DDoS mitigation tool for sending flush or shutdown commands to vulnerable Memcached servers obtained using Shodan API
- [**43**Star][6y] [1an0rmus/yara](https://github.com/1an0rmus/yara) Yara rules
- [**43**Star][16d] [C] [0x7ff/dimentio](https://github.com/0x7ff/dimentio) PoC tool for setting nonce without triggering KPP/KTRR/PAC. (requires tfp0)
- [**42**Star][10d] [Py] [cwolff411/powerob](https://github.com/cwolff411/powerob) An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity.
- [**42**Star][14d] [Py] [eth-sri/securify2](https://github.com/eth-sri/securify2) Securify v2.0
- [**42**Star][6m] [Py] [embedded-sec/halucinator](https://github.com/embedded-sec/halucinator) 
- [**42**Star][13d] [C] [xairy/unlockdown](https://github.com/xairy/unlockdown) Disabling kernel lockdown on Ubuntu without physical access
- [**42**Star][12d] [C++] [mbruel/ngpost](https://github.com/mbruel/ngpost) Command Line (or minimalist GUI) usenet poster for binaries developped in C++/QT designed to be as fast as possible and offer all the main features to post data easily and safely. Releases for Linux, Windows and MacOS are available.
- [**42**Star][8m] [C] [priyankchheda/ssh_brute_force](https://github.com/priyankchheda/ssh_brute_force) Crack SSH Password using Dictionary and Brute Force Method
- [**42**Star][6m] [Py] [hacker900123/xss-freak](https://github.com/hacker900123/xss-freak) XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible links and directories to expand its attack scope. then it searches them for inputs tags and then launches a bunch of xss payloads. if an inputs is not sanitized and vulnerable to xss attacks, the tool will discove…
- [**42**Star][3m] [C#] [v1v1/decryptteamviewer](https://github.com/v1v1/decryptteamviewer) Enumerate and decrypt TeamViewer credentials from Windows registry
- [**42**Star][10d] [HTML] [djaodjin/djaoapp](https://github.com/djaodjin/djaoapp) User login, billing, access control as part of a session proxy
- [**42**Star][3m] [Rich Text Format] [badruzeus/cloverefi-4mu](https://github.com/badruzeus/cloverefi-4mu) Manually install Clover EFI Bootloader via Linux System on Legacy BIOS or UEFI Firmware.
- [**42**Star][6m] [Swift] [clarkio/macos-wifiname](https://github.com/clarkio/macos-wifiname) Display the currently connected WiFi name (SSID) in the menu bar on macOS
- [**42**Star][4m] [Py] [manassra/lz77-compressor](https://github.com/manassra/lz77-compressor) A simplified implementation of the LZ77 compression algorithm
- [**42**Star][21d] [Swift] [friedrichweise/wechsel](https://github.com/friedrichweise/wechsel) use your keyboard to manage bluetooth connections on macOS
- [**42**Star][28d] [Rust] [benwebber/tunnelblickctl](https://github.com/benwebber/tunnelblickctl) 
- [**42**Star][26d] [Py] [grimlockrocks/pi-bluetooth-obd](https://github.com/grimlockrocks/pi-bluetooth-obd) Connect Raspberry Pi with Bluetooth OBD adapter and collect real-time car data.
- [**42**Star][4m] [C#] [toolgood/toolgood.algorithm](https://github.com/toolgood/toolgood.algorithm) 支持四则运算、Excel函数，并支持自定义参数。
- [**42**Star][1m] [Go] [icexin/sockhttp](https://github.com/icexin/sockhttp) A HTTP&HTTPS proxy over SOCK5
- [**42**Star][3m] [Go] [pyed/ipfilter](https://github.com/pyed/ipfilter) ipfilter is a middleware for Caddy that blocks or allows requests based on the client's IP
- [**42**Star][4m] [Java] [qlcchain/qwallet-android](https://github.com/qlcchain/QWallet-Android) Q-Wallet is a mobile wallet in the QLC Chain ecosystem which aims to build an open communication resource marketplace globally.
- [**42**Star][16d] [Py] [m4cs/pixcryption](https://github.com/m4cs/pixcryption) 
- [**42**Star][3m] [JS] [donmccurdy/aframe-proxy-controls](https://github.com/donmccurdy/aframe-proxy-controls) A-Frame component to proxy keyboard/gamepad controls between devices over WebRTC.
- [**42**Star][1m] [Py] [omarabid59/tensorflowdeepsorttracking](https://github.com/omarabid59/tensorflowdeepsorttracking) Tensorflow object detection with tracking based on the DeepSort algorithm
- [**42**Star][1m] [Py] [quantumliu/comicspider](https://github.com/quantumliu/comicspider) 动漫之家漫画站电脑版原图爬虫
- [**42**Star][5m] [C#] [iansavchenko/blelab](https://github.com/iansavchenko/blelab) Bluetooth LE Lab - UWP application for interaction with BLE GATT devices
- [**42**Star][11d] [Go] [tjfoc/gmtls](https://github.com/tjfoc/gmtls) GM TLS/SSL Based on Golang (基于国密算法的TLS/SSL代码库)
- [**42**Star][2m] [Py] [saferman/super-spider](https://github.com/saferman/super-spider) 根据腾讯安全应急响应中心的架构编写的一款超强爬虫（广度优先搜索）
- [**42**Star][28d] [Go] [isfonzar/cryptogo](https://github.com/isfonzar/cryptogo) Protect your sensitive files with a password using this simple and easy file encrypter
- [**42**Star][4m] [Jupyter Notebook] [jrc1995/textrank-keyword-extraction](https://github.com/jrc1995/textrank-keyword-extraction) Keyword extraction using TextRank algorithm after pre-processing the text with lemmatization, filtering unwanted parts-of-speech and other techniques.
- [**42**Star][1m] [C] [brandon-bailey/rtl8822bu](https://github.com/brandon-bailey/rtl8822bu) RTL8822BU Wireless Driver for Linux
- [**42**Star][2m] [Scala] [alonsoir/awesome-recommendation-engine](https://github.com/alonsoir/awesome-recommendation-engine) The purpose of this tiny project is to put things together with the know how that i learned from the course big data expert from formacionhadoop.com The idea is to show how to play with apache spark streaming, kafka,mongo, spark machine learning algorithms.
- [**42**Star][1m] [Java] [symb1os/blackdesert-fishbot](https://github.com/symb1os/blackdesert-fishbot) Fishing bot for Black Desert Online with a block to bypass the protection of the game from keyboard and mouse emulation.
- [**42**Star][1m] [Lua] [evandrolg/computer_science_in_lua](https://github.com/evandrolg/computer_science_in_lua) 
- [**42**Star][22d] [Py] [mcbarlowe/nba_scraper](https://github.com/mcbarlowe/nba_scraper) A scraper to scrape the NBA API and compile a play by play file
- [**42**Star][14d] [Py] [cheeky4n6monkey/ios_sysdiagnose_forensic_scripts](https://github.com/cheeky4n6monkey/ios_sysdiagnose_forensic_scripts) Scripts to parse various iOS sysdiagnose logs. Based upon the forensic research of Mattia Epifani, Heather Mahalik and Cheeky4n6monkey.
- [**42**Star][11d] [Go] [alash3al/droxy](https://github.com/alash3al/droxy) a transparent standalone http reverse proxy for docker containers
- [**42**Star][15d] [Rust] [verideth/dll_hook-rs](https://github.com/verideth/dll_hook-rs) Rust code to show how hooking in rust with a dll works.
- [**42**Star][3m] [6r6/ssr-ml-docker](https://github.com/6r6/ssr-ml-docker) ShadowsockR-Server docker container.
- [**42**Star][2m] [Shell] [tozd/docker-nginx-proxy](https://github.com/tozd/docker-nginx-proxy) Dockerized nginx reverse proxy.
- [**42**Star][10m] [Go] [arnaucube/flock-botnet](https://github.com/arnaucube/flock-botnet) Twitter botnet with autonomous bots replying tweets with text generated based on probabilities in Markov chains
- [**42**Star][11d] [snail007/goproxy-cn](https://github.com/snail007/goproxy-cn) 高性能的http代理、https代理、socks5代理、ss代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、游戏盾、游戏高防、游戏代理，支持API代理认证
- [**42**Star][11m] [nicehash/nicehashminer2](https://github.com/nicehash/nicehashminer2) 
- [**42**Star][4m] [robertdavidgraham/hamster](https://github.com/robertdavidgraham/hamster) A proxy server for cookie sidejacking. Works with 'ferret'.
- [**42**Star][24d] [aquynh/ivm](https://github.com/aquynh/ivm) Run iOS on Android! (QEMU-s5l89xx-port)
- [**42**Star][2m] [C++] [apitrace/dxsdk](https://github.com/apitrace/dxsdk) Collection of DirectX SDK headers to facilitate the build of Apitrace
- [**42**Star][17d] [CSS] [frida/frida-website](https://github.com/frida/frida-website) Frida's website
- [**42**Star][5y] [Lua] [fireeye/synfulknock](https://github.com/fireeye/synfulknock) 
- [**42**Star][15d] [C++] [meituan-dianping/vision-ui](https://github.com/Meituan-Dianping/vision-ui) Vision-ui is a series algorithms for mobile UI testing
- [**42**Star][4m] [C++] [avast/yaracpp](https://github.com/avast/yaracpp) C++ wrapper for YARA.
- [**42**Star][4m] [OCaml] [mirage/wodan](https://github.com/mirage/wodan) A Mirage filesystem library
- [**42**Star][14d] [C] [purplei2p/openssl-for-android-prebuilt](https://github.com/purplei2p/openssl-for-android-prebuilt) openssl for android
- [**42**Star][5m] [C#] [zyfworks/steamhosts](https://github.com/zyfworks/steamhosts) Find available Steam IPs and modify hosts for it.
- [**42**Star][17d] [Ruby] [urbanadventurer/urlcrazy](https://github.com/urbanadventurer/urlcrazy) Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
- [**42**Star][7m] [C] [wireghoul/sploit-dev](https://github.com/wireghoul/sploit-dev) Exploits and research stuffs
- [**42**Star][19d] [Py] [rabbitmask/whoisweblogic](https://github.com/rabbitmask/whoisweblogic) 提供Weblogic批量模糊指纹识别
- [**42**Star][20d] [Py] [mehulj94/snatch](https://github.com/mehulj94/snatch) Python code to extract chrome cookie, history and login data files
- [**42**Star][2m] [Java] [zhongxunking/ids](https://github.com/zhongxunking/ids) 高效的分布式id生成器，每个客户端实例tps可达到100万，服务端毫无压力。即使服务端宕机了，id生成依然可用。支持多数据中心，支持id加密。
- [**42**Star][21d] [numfocus/algorithm-ethics](https://github.com/numfocus/algorithm-ethics) A collection of resources and tools designed to provide guidelines for ethical modeling.
- [**42**Star][2m] [Py] [xinqiu/kechenggezi-spider](https://github.com/xinqiu/kechenggezi-spider) 第一次写爬虫，爬课程格子的校花榜，比较简陋，没用多线程。
- [**42**Star][12d] [C++] [chickenhook/chickenhook](https://github.com/chickenhook/chickenhook) A linux / android / MacOS hooking framework
- [**42**Star][10d] [Py] [bing0o/python-scripts](https://github.com/bing0o/python-scripts) some scripts for penetration testing
- [**42**Star][1m] [Shell] [itshaadi/torbox](https://github.com/itshaadi/torbox) Container-based Tor access point (Anonymizing Middlebox).
- [**42**Star][2m] [kd1991/oxul103-jailbreak](https://github.com/KD1991/OXUL103-Jailbreak) A NEW 64-bit JAILBREAK FOR iOS 10.3,10.3.1,10.3.2,10.3.x. (Untethered).
- [**42**Star][4y] [Py] [cylance/markovobfuscate](https://github.com/cylance/MarkovObfuscate) Use Markov Chains to obfuscate data as other data
- [**42**Star][1m] [vpnguy-zz/snmpdos](https://github.com/vpnguy-zz/snmpdos) Create a DDOS attack using SNMP servers
- [**42**Star][1y] [C++] [bytecode77/slui-file-handler-hijack-privilege-escalation](https://github.com/bytecode77/slui-file-handler-hijack-privilege-escalation) 利用 slui.exe 的文件 Handler 劫持漏洞实现 UAC 绕过和本地提权
- [**42**Star][3m] [C] [synacktiv-contrib/lightspeed](https://github.com/Synacktiv-contrib/lightspeed) PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio
- [**42**Star][20d] [Py] [robotools/defcon](https://github.com/robotools/defcon) A set of UFO based objects for use in font editing applications.
- [**42**Star][14d] [Py] [newbee119/ctf_ics_traffic](https://github.com/NewBee119/ctf_ics_traffic) 工控CTF比赛工具，各种网络数据包处理脚本
- [**42**Star][2m] [Go] [lc/cspparse](https://github.com/lc/cspparse) A tool to evaluate Content Security Policies.
- [**42**Star][3y] [C++] [zer0mem0ry/manualmap](https://github.com/zer0mem0ry/manualmap) A Simple demonstration of manual dll injector
- [**42**Star][6y] [C++] [zer0mem/hypervisor](https://github.com/zer0mem/hypervisor) microVM
- [**42**Star][3y] [C] [z4ziggy/zigfrid](https://github.com/z4ziggy/zigfrid) A Passive RFID fuzzer
- [**42**Star][20d] [C] [yosqueoy/ditsnap](https://github.com/yosqueoy/ditsnap) An inspection tool for Active Directory database
- [**42**Star][1m] [Py] [yingshang/hack](https://github.com/yingshang/hack) crawl hackerone reports
- [**42**Star][1y] [Py] [xme/tweetsniff](https://github.com/xme/tweetsniff) Grab a Twitter user timeline for further processing (storing to Elasticsearch, highligthing, etc)
- [**42**Star][2m] [xisigr/paper](https://github.com/xisigr/paper) Web&Browser Security
- [**42**Star][8m] [C] [priyankchheda/ssh_brute_force](https://github.com/priyankchheda/ssh_brute_force) Crack SSH Password using Dictionary and Brute Force Method
- [**42**Star][1y] [x41sec/slides](https://github.com/x41sec/slides) 
- [**42**Star][1m] [C++] [wildbydesign/appcontainer-launcher](https://github.com/WildByDesign/AppContainer-Launcher) AppContainer and LPAC (Less Privileged AppContainer) Launcher with Capabilities
- [**42**Star][3y] [C#] [wearelegal/cinarat](https://github.com/wearelegal/cinarat) CinaRAT - Cina Is Not A Remote Administration Tool
- [**42**Star][2y] [C] [wanttobeno/dllprotect](https://github.com/wanttobeno/dllprotect) dll文件加解密和内存加载
- [**42**Star][2y] [Py] [wangyihang/codiad-remote-code-execute-exploit](https://github.com/wangyihang/codiad-remote-code-execute-exploit) A simple exploit to execute system command on codiad
- [**42**Star][4m] [SystemVerilog] [wangxuan95/ustc-rvsoc](https://github.com/wangxuan95/ustc-rvsoc) 一个用 SystemVerilog 编写的，RISC-V 架构的 CPU + SoC
- [**42**Star][10d] [Py] [villanch/g3ar](https://github.com/villanch/g3ar) 渗透测试编程工具包
- [**42**Star][2y] [C++] [userexistserror/dllloadershellcode](https://github.com/userexistserror/dllloadershellcode) Shellcode to load an appended Dll
- [**42**Star][2m] [Py] [tylerwince/flake8-bandit](https://github.com/tylerwince/flake8-bandit) Automated security testing using bandit and flake8.
- [**42**Star][10d] [JS] [tryghost/gscan](https://github.com/tryghost/gscan) Ghost theme scanner - checks for errors and feature support
- [**42**Star][2m] [Py] [trustedsec/auto_settingcontent-ms](https://github.com/trustedsec/auto_settingcontent-ms) This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remote code execution. This automates generating an HTA downloader and embeds it in the SettingContent-ms file for you and starts Apache.
- [**42**Star][4m] [traceflight/android-malware-datasets](https://github.com/traceflight/android-malware-datasets) Popular Android malware datasets
- [**42**Star][9m] [Lua] [theherogac/tf-card-plugin-tool](https://github.com/theherogac/tf-card-plugin-tool) TF Card Plugin Tool is an excellent tool developed with the OneLua Team interpreter that allows you to simplify the installation and management of the drivers of the SD2VITA adapter and of the official PSVITA memory in the ux0: / uma0 paths
- [**42**Star][1y] [C#] [thaisenpm/loader3](https://github.com/thaisenpm/loader3) A self leak of a loader I sold on Selly for easy money to open a business. I got enough, it was leaked to shit. Enjoy
- [**42**Star][4y] [team-firebugs/burp-lfi-tests](https://github.com/team-firebugs/burp-lfi-tests) Fuzzing for LFI using Burpsuite
- [**42**Star][8m] [Java] [ssilence/scotty](https://github.com/ssilence/scotty) java proxy
- [**42**Star][13d] [Py] [spring-epfl/mia](https://github.com/spring-epfl/mia) A library for running membership inference attacks against ML models
- [**42**Star][2y] [Ruby] [sophsec/ffi-pcap](https://github.com/sophsec/ffi-pcap) Ruby FFI bindings for libpcap.
- [**42**Star][1y] [Shell] [sonofagl1tch/awsdetonationlab](https://github.com/sonofagl1tch/awsdetonationlab) This script is used to generate some basic detections of the aws security services
- [**42**Star][1m] [PHP] [sjord/jwtdemo](https://github.com/sjord/jwtdemo) Practice hacking JWT tokens
- [**42**Star][2m] [Go] [sensepost/go-out](https://github.com/sensepost/go-out) 
- [**42**Star][19d] [Py] [scottjpack/shellshock_scanner](https://github.com/scottjpack/shellshock_scanner) Python Scanner for "ShellShock" (CVE-2014-6271)
- [**42**Star][7m] [Shell] [sandrokeil/yubikey-full-disk-encryption-secure-boot-uefi](https://github.com/sandrokeil/yubikey-full-disk-encryption-secure-boot-uefi) Tutorial to create full disk encryption with YubiKey, encrypted boot partition and secure boot with UEFI
- [**42**Star][5m] [Py] [sadfud/exploits](https://github.com/sadfud/exploits) Real world and CTFs exploiting web/binary POCs.
- [**42**Star][4m] [C#] [ryuzakih/cloudflaresolverre](https://github.com/ryuzakih/cloudflaresolverre) Cloudflare Javascript & reCaptcha challenge (I'm Under Attack Mode or IUAM) solving / bypass .NET Standard library.
- [**42**Star][3y] [C++] [rootkiter/reverse-engineering](https://github.com/rootkiter/reverse-engineering) 软件逆向
- [**42**Star][2y] [Shell] [rogdham/cve-2018-11235](https://github.com/rogdham/cve-2018-11235) PoC exploit for CVE-2018-11235 allowing RCE on git clone --recurse-submodules
- [**42**Star][21d] [Py] [roddhjav/pass-audit](https://github.com/roddhjav/pass-audit) A pass extension for auditing your password repository.
- [**42**Star][4y] [C] [rfdesign/sik](https://github.com/rfdesign/sik) Tools and firmware for the Si1000 - Si102x/3x
- [**42**Star][5m] [Py] [restran/web-proxy](https://github.com/restran/web-proxy) 
- [**42**Star][10d] [Py] [realitynet/kobackupdec](https://github.com/realitynet/kobackupdec) Huawei backup decryptor
- [**42**Star][4m] [ranginang67/firecrack](https://github.com/ranginang67/firecrack) 
- [**42**Star][3y] [Lua] [r00t-3xp10it/rc-exploiter](https://github.com/r00t-3xp10it/rc-exploiter) NOT SUPORTED ANYMORE -- try resource_files repository (mosquito)
- [**42**Star][1m] [Py] [proteansec/fuzzyftp](https://github.com/proteansec/fuzzyftp) The FTP fuzzer for Sulley and Peach.
- [**42**Star][5m] [VHDL] [pedrorivera/siafpgaminer](https://github.com/pedrorivera/siafpgaminer) VHDL FPGA design of an optimized Blake2b pipeline to mine Siacoin
- [**42**Star][23d] [Py] [pchaigno/dga-collection](https://github.com/pchaigno/dga-collection) A collection of known Domain Generation Algorithms
- [**42**Star][4m] [PHP] [paragonie/hpkp-builder](https://github.com/paragonie/hpkp-builder) Build HTTP Public-Key-Pinning headers from a JSON file (or build them programmatically)
- [**42**Star][11d] [C++] [paragon-software-group/paragon_apfs_sdk_ce](https://github.com/paragon-software-group/paragon_apfs_sdk_ce) Paragon APFS SDK Free
- [**42**Star][2y] [Py] [oways/sa-core-2018-004](https://github.com/oways/sa-core-2018-004) SA-CORE-2018-004 POC #drupalgeddon3
- [**42**Star][3y] [JS] [opsxcq/exploit-cve-2016-6515](https://github.com/opsxcq/exploit-cve-2016-6515) OpenSSH remote DOS exploit and vulnerable container
- [**42**Star][2m] [CSS] [oasis-open/cti-documentation](https://github.com/oasis-open/cti-documentation) OASIS TC Open Repository: GitHub Pages site for STIX, CybOX, and TAXII
- [**42**Star][2y] [nsp/jskills](https://github.com/nsp/jskills) A detailed implementation of the TrueSkill algorithm in the Java language.
- [**42**Star][5m] [CSS] [nourabusoud/password-genie](https://github.com/nourabusoud/password-genie) 
- [**42**Star][1y] [Py] [normaldotcom/canard](https://github.com/normaldotcom/canard) A fork of CANard with various tweaks and improvements implemented
- [**42**Star][6y] [Py] [nihilus/idasimulator](https://github.com/nihilus/idasimulator) a plugin that extends IDA's conditional breakpoint support, making it easy to augment / replace complex executable code inside a debugged process with Python code.
- [**42**Star][7m] [Py] [nickstadb/poc](https://github.com/nickstadb/poc) Repo for proof of concept exploits and tools.
- [**42**Star][8m] [Py] [neglectos/conpan](https://github.com/neglectos/conpan) ConPan: Analyze your Docker container in peace
- [**42**Star][5y] [Py] [nanopony/apache-scalp](https://github.com/nanopony/apache-scalp) Scalp!/Anathema is a log analyzer for web server (Apache, nginx) [Python3]
- [**42**Star][4y] [C++] [mrexodia/idapatch](https://github.com/mrexodia/idapatch) IDA plugin to patch IDA Pro in memory.
- [**42**Star][1m] [Py] [mixkorshun/django-antispam](https://github.com/mixkorshun/django-antispam) Spam protection tools for django applications.
- [**42**Star][2y] [milkdevil/ultimateapplockerbypasslist](https://github.com/milkdevil/ultimateapplockerbypasslist) 
- [**42**Star][6m] [PHP] [mddanish/vulnerable-otp-application](https://github.com/mddanish/vulnerable-otp-application) Vulnerable OTP/2FA Application written in PHP using Google Authenticator
- [**42**Star][2m] [Dockerfile] [marco-lancini/docker_burp](https://github.com/marco-lancini/docker_burp) Burp Pro as a Docker Container
- [**42**Star][3y] [Py] [m0rtem/mailfail](https://github.com/m0rtem/mailfail) Proof of Concept - Utilize misconfigured newsletter forms to spam / deny service to an inbox
- [**42**Star][10m] [Py] [lorentzenman/payday](https://github.com/lorentzenman/payday) Payload generator that uses Metasploit and Veil. Takes IP address as input and calls Veil. Use msfvenom to create payloads and writes resource handler files.
- [**42**Star][28d] [JS] [lmammino/webhook-tunnel](https://github.com/lmammino/webhook-tunnel) A little HTTP proxy suitable to create tunnels for webhook endpoints protected behind a firewall or a VPN
- [**42**Star][30d] [Tcl] [llir/grammar](https://github.com/llir/grammar) EBNF grammar of LLVM IR assembly.
- [**42**Star][7m] [PHP] [linuxsec/indoxploit-shell](https://github.com/linuxsec/indoxploit-shell) IndoXploit Webshell V.3
- [**42**Star][4m] [C++] [lianglixin/sksocks](https://github.com/lianglixin/sksocks) SKSocks, for proxy, firewall penetration, data encryption and speeding up internet accessing.
- [**42**Star][4m] [C#] [kwsch/remasters](https://github.com/kwsch/remasters) Reverse Engineering Pokémon Masters
- [**42**Star][9m] [PS] [kkkgo/cloudxns-ddns-with-powershell](https://github.com/kkkgo/cloudxns-ddns-with-powershell) The CloudXNS DDNS with PowerShell
- [**42**Star][1m] [PHP] [keyus/xss](https://github.com/keyus/xss) php写的个人研究测试用的 xss cookie 攻击管理平台,开源出来
- [**42**Star][27d] [Py] [karttoon/trigen](https://github.com/karttoon/trigen) Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
- [**42**Star][11d] [Py] [karttoon/binsequencer](https://github.com/karttoon/binsequencer) BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified pattern.
- [**42**Star][24d] [C] [kanglictf/afl-qai](https://github.com/kanglictf/afl-qai) A demo project for AFL with QEMU Augmented Instrumentation (qai)
- [**42**Star][2y] [Java] [k0r0pt/project-tauro](https://github.com/k0r0pt/project-tauro) A Router WiFi key recovery/cracking tool with a twist.
- [**42**Star][29d] [Rust] [jwillbold/rusty-jsyc](https://github.com/jwillbold/rusty-jsyc) JavaScript-To-Bytecode compiler written in Rust
- [**42**Star][1m] [Py] [jpiechowka/jenkins-cve-2016-0792](https://github.com/jpiechowka/jenkins-cve-2016-0792) Exploit for Jenkins serialization vulnerability - CVE-2016-0792
- [**42**Star][9y] [jonoberheide/stackjacking](https://github.com/jonoberheide/stackjacking) PoC code for our presentation titled "Stackjacking Your Way to grsec/PaX Bypass"
- [**42**Star][3m] [Shell] [jivoi/ansible-pentest-with-tor](https://github.com/jivoi/ansible-pentest-with-tor) Use Tor for anonymous scanning with nmap
- [**42**Star][1y] [Py] [jh00nbr/phishruffus](https://github.com/jh00nbr/phishruffus) Intelligent threat hunter and phishing servers
- [**42**Star][3m] [JS] [jeremyfetiveau/pwn-just-in-time-exploit](https://github.com/jeremyfetiveau/pwn-just-in-time-exploit) Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)
- [**42**Star][6m] [Py] [jas502n/cve-2019-7238](https://github.com/jas502n/cve-2019-7238) Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0
- [**42**Star][4m] [Ruby] [janlelis/debugging](https://github.com/janlelis/debugging) Improve your Print Debugging
- [**42**Star][4m] [JS] [iriscouch/audit_couchdb](https://github.com/iriscouch/audit_couchdb) Detect security issues, large or small, in a CouchDB server
- [**42**Star][3y] [Py] [inaz2/unico](https://github.com/inaz2/unico) Unicorn PE function runner
- [**42**Star][5m] [Go] [icchy/wctf2019-gtf](https://github.com/icchy/wctf2019-gtf) WCTF2019 challenge: Gyotaku The Flag
- [**42**Star][2y] [C] [hannob/bignum-fuzz](https://github.com/hannob/bignum-fuzz) Code to fuzz bignum libraries
- [**42**Star][15d] [Py] [hackedteam/test-av2](https://github.com/hackedteam/test-av2) Automated antivirus test environment (new version)
- [**42**Star][8m] [Ruby] [guidovranken/rpcbomb](https://github.com/guidovranken/rpcbomb) RPCBOMB + patches
- [**42**Star][3y] [grrrdog/zeronights-hackquest-2016](https://github.com/grrrdog/zeronights-hackquest-2016) 2 web tasks from ZeroNights HackQuest 2016
- [**42**Star][12d] [C] [greenbone/gvm-libs](https://github.com/greenbone/gvm-libs) Greenbone Vulnerability Management Libraries
- [**42**Star][9y] [Py] [gdssecurity/add-trusted-certificate-to-ios-simulator](https://github.com/gdssecurity/add-trusted-certificate-to-ios-simulator) Script for easily importing a trusted CA certificate into the iOS Simulator's trust store. This provides application testers the ability to intercept SSL traffic when using the simulator for testing.
- [**42**Star][2m] [freewaf/waf-anti-tamper](https://github.com/freewaf/waf-anti-tamper) Open Source Web Application Firewall Anti Tamper
- [**42**Star][2m] [C++] [feruxmax/meltdown](https://github.com/feruxmax/meltdown) Meltdown/Spectre experiments
- [**42**Star][2m] [Go] [felipejfc/udpx](https://github.com/felipejfc/udpx) A Fast UDP Proxy written in Golang
- [**42**Star][3m] [PHP] [farisv/cj2018-final-ctf](https://github.com/farisv/cj2018-final-ctf) Cyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
- [**42**Star][17d] [C++] [ez8-co/emock](https://github.com/ez8-co/emock) 
- [**42**Star][21d] [Py] [extremecoders-re/bytecode_simplifier](https://github.com/extremecoders-re/bytecode_simplifier) A generic deobfuscator for PjOrion obfuscated python scripts
- [**42**Star][4m] [Arduino] [exploitagency/github-esploit](https://github.com/exploitagency/github-esploit) !!! Deprecated See ESPloitV2 !!! Original PoC(Released: Sep 11, 2016) - WiFi controlled keystroke injection Using ESP8266 and 32u4 based Arduino HID Keyboard Emulator
- [**42**Star][8m] [Swift] [etienne-martin/cryptojs.swift](https://github.com/etienne-martin/cryptojs.swift) Cross-platform cryptographic functions in swift
- [**42**Star][27d] [Dockerfile] [elejke/docker-socks5](https://github.com/elejke/docker-socks5) Docker для поднятия socks5 proxy сервера
- [**42**Star][4m] [C++] [egebalci/keylogger](https://github.com/egebalci/keylogger) Simple C++ Keylogger...
- [**42**Star][12m] [Visual Basic .NET] [dzzie/re_plugins](https://github.com/dzzie/re_plugins) misc reverse engineering plugins
    - [IDASrvr](https://github.com/dzzie/re_plugins/tree/master/IDASrvr) wm_copydata IPC server running in IDA. allows you to send commands to IDA from another   process to query data and control interface display
    - [IDA_JScript](https://github.com/dzzie/re_plugins/tree/master/IDA_JScript) Script IDA in Javascript
    - [IDA_JScript_w_DukDbg](https://github.com/dzzie/re_plugins/tree/master/IDA_JScript_w_DukDbg) same as IDA_JScript, but using the dukdbg.ocx as full on javascript debugger
    - [IDASrvr2](https://github.com/dzzie/re_plugins/tree/master/IDASrvr2) support x64
    - [IdaUdpBridge](https://github.com/dzzie/re_plugins/tree/master/IdaUdpBridge) this replaces the udp command socket in idavbscript which was crashy
    - [IdaVbScript](https://github.com/dzzie/re_plugins/tree/master/IdaVbScript)  ton of small tools for IDA all thrown into one interface
    - [OllySrvr](https://github.com/dzzie/re_plugins/tree/master/OllySrvr)  wm_copydata IPC server running in olly
    - [Olly_hittrace](https://github.com/dzzie/re_plugins/tree/master/Olly_hittrace) You set breakpoints in the UI and it will then run   the app automating it and logging which ones were hit.
    - [Olly_module_bpx](https://github.com/dzzie/re_plugins/tree/master/Olly_module_bpx)    allow you to set breakpoints within modules which have not yet been loaded.
    - [Olly_vbscript](https://github.com/dzzie/re_plugins/tree/master/Olly_vbscript) vbscript automation capability for olly including working across breakpoint events.
    - [PyIDAServer](https://github.com/dzzie/re_plugins/tree/master/PyIDAServer) experiment to test a python based IPC server running in IDA that remote process clients can control and query IDA with.
    - [Wingraph32](https://github.com/dzzie/re_plugins/tree/master/Wingraph32) This is another experiment at a wingraph32 replacement for ida. This one has more features to hide nodes, and can also navigate IDA to the selected function when you click on it in the graph. 
    - [rabc_gui](https://github.com/dzzie/re_plugins/tree/master/flash_tools/rabc_gui) this is a GUI front end for RABCDAsm to disasm, reasm, and reinsert  modified script blocks back into flash files.
    - [swfdump_gui](https://github.com/dzzie/re_plugins/tree/master/flash_tools/swfdump_gui) when run against a target swf, it will create a decompressed version of the swf and a .txt disasm log file these files will be cached and used on subsequent loads. if you wish to start over from scratch use the tools->delete cached * options.
    - [gleegraph](https://github.com/dzzie/re_plugins/tree/master/gleegraph) a quick Wingraph32/qwingraph replacement that has some extra features such as being able to navigate IDA to the selected nodes when they are clicked on in graph view, as well as being able to rename the selected node from the  graph, or adding a prefix to all child nodes below it.
    - [hidden_strings](https://github.com/dzzie/re_plugins/tree/master/misc_tools/hidden_strings) scans for strings being build up in char arrays at runtime to hide from traditional strings output
    - [memdump_conglomerate](https://github.com/dzzie/re_plugins/tree/master/misc_tools/memdump_conglomerate) reads a folder full of memory dumps and puts them  all into a single dll husk so they will disassemble at the proper offsets.
    - [memdump_embedder](https://github.com/dzzie/re_plugins/tree/master/misc_tools/memdump_embedder) takes a memory dump and embeds it into a dummy dll husk so that you can disassemble it at the target base address without having to manually reset it everytime
    - [rtf_hexconvert](https://github.com/dzzie/re_plugins/tree/master/misc_tools/rtf_hexconvert) small tool to extract hex strings from a rtf document and show them in a listview. click on listitem to see decoded data in a hexeditor pane where you can save it
    - [uGrapher](https://github.com/dzzie/re_plugins/tree/master/uGrapher) rename real wingraph32.exe to _wingraph.exe and put this one in its place.
    - [wininet_hooks](https://github.com/dzzie/re_plugins/tree/master/wininet_hooks) httpsendhook.dll hooks the following wininet api calls:HttpOpenRequest,InternetConnect,InternetReadFile,InternetCrackUrl,HttpSendRequest
- [**42**Star][1y] [C] [dzzie/hookexplorer](https://github.com/dzzie/hookexplorer) technical tool to analyze a process trying to find various types of runtime hooks. Interface and output is geared torwards security experts. Average users wont be able to decipher its output.
- [**42**Star][1m] [Go] [dutchcoders/troje](https://github.com/dutchcoders/troje) Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.
- [**42**Star][2m] [Py] [duo-labs/mysslstrip](https://github.com/duo-labs/mysslstrip) CVE-2015-3152 PoC
- [**42**Star][6m] [ObjC] [dineshshetty/ios-sandbox-dumper](https://github.com/dineshshetty/ios-sandbox-dumper) SandBox-Dumper makes use of multiple private libraries to provide exact locations of the application sandbox, application bundle and some other interesting information
- [**42**Star][3m] [Py] [devttys0/botox](https://github.com/devttys0/botox) SIGSTOPing ELF binaries since 0x7E1
- [**42**Star][5m] [Rust] [dentrax/netlyser](https://github.com/dentrax/netlyser) Lightweight, a simple yet, Presence Detection Tool written in Rust, based on nmap, built for UNIX, made with <3
- [**42**Star][16d] [Py] [deadpix3l/pydhe](https://github.com/deadpix3l/pydhe) a fully python Diffie-Hellman Library
- [**42**Star][24d] [C] [david-reguera-garcia-dreg/lsrootkit](https://github.com/david-reguera-garcia-dreg/lsrootkit) Rootkit Detector for UNIX
- [**42**Star][4m] [Py] [cyubuchen/free_proxy_website](https://github.com/cyubuchen/free_proxy_website) 获取免费socks/https/http代理的网站集合
- [**42**Star][26d] [Py] [cudeso/cudeso-honeypot](https://github.com/cudeso/cudeso-honeypot) Honeypot repo
- [**42**Star][2m] [ctftime/ctftime.org](https://github.com/ctftime/ctftime.org) meta repository for ctftime.org issues, feature-requests etc
- [**42**Star][5m] [Py] [crowdstrike/pyspresso](https://github.com/crowdstrike/pyspresso) The pyspresso package is a Python-based framework for debugging Java.
- [**42**Star][3y] [PS] [colemination/poweroutlook](https://github.com/colemination/poweroutlook) Sample code from Owning MS Outlook with Powershell
- [**42**Star][10d] [certtools/intelmq-feeds-documentation](https://github.com/certtools/intelmq-feeds-documentation) Cyber Threat Intelligence Feeds
- [**42**Star][4m] [certcc/vulnerability-data-archive](https://github.com/certcc/vulnerability-data-archive) With the hope that someone finds the data useful, we're publishing an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database. See also
- [**42**Star][4y] [C++] [c4bbage/webrobot-v1.8.2](https://github.com/c4bbage/webrobot-v1.8.2) 网络安全检测工具WebRobot
- [**42**Star][2y] [btkrausen/aws](https://github.com/btkrausen/aws) 
- [**42**Star][1m] [C#] [azure/reverse-proxy-dotnet](https://github.com/azure/reverse-proxy-dotnet) Reverse Proxy agent
- [**42**Star][1m] [Go] [averagesecurityguy/searchscan](https://github.com/averagesecurityguy/searchscan) Search Nmap and Metasploit scanning scripts.
- [**42**Star][1m] [JS] [auth0/shiny-auth0](https://github.com/auth0/shiny-auth0) Auth0 shiny proxy
- [**42**Star][3m] [C] [asm/deep_spectre](https://github.com/asm/deep_spectre) Deep learning side channel privileged memory reader
- [**42**Star][1m] [Roff] [apxar/xlog](https://github.com/apxar/xlog) web日志扫描工具
- [**42**Star][3y] [Py] [anemonelabs/unmessage](https://github.com/anemonelabs/unmessage) Privacy enhanced instant messenger
- [**42**Star][2y] [Py] [andreafioraldi/pwntrace](https://github.com/andreafioraldi/pwntrace) Use ltrace with pwnlib.tubes.process instances, useful for heap exploitation. Pwntools rocks!
- [**42**Star][5y] [C#] [alphadelta/dumb](https://github.com/alphadelta/dumb) A fast and advanced ransomware PoC
- [**42**Star][4y] [AutoIt] [ajmartel/irtriage](https://github.com/ajmartel/irtriage) Incident Response Triage - Windows Evidence Collection for Forensic Analysis
- [**42**Star][26d] [Py] [agroce/universalmutator](https://github.com/agroce/universalmutator) Regexp based tool for mutating generic source code across numerous languages
- [**42**Star][2m] [ab1gale/phpcms-2008-cve-2018-19127](https://github.com/ab1gale/phpcms-2008-cve-2018-19127) 
- [**41**Star][3m] [imanfeng/cve-2020-1947](https://github.com/imanfeng/cve-2020-1947) CVE-2020-1947 poc
- [**41**Star][4m] [YARA] [te-k/pecli](https://github.com/te-k/pecli) CLI tool to analyze PE files
- [**41**Star][6y] [Java] [boyliang/hijack_ams_broadintent](https://github.com/boyliang/hijack_ams_broadintent) 
- [**41**Star][4m] [Py] [jselliott/nsacodebreaker19](https://github.com/jselliott/nsacodebreaker19) Scripts and Writeups for the NSA Codebreaker Challenge 2019
- [**41**Star][4m] [Py] [21superman/hessian-deserialize-rce](https://github.com/21superman/hessian-deserialize-rce) Hession-Deserialize-RCE 反序列化命令执行
- [**41**Star][18d] [ObjC] [hansemannn/titanium-bluetooth](https://github.com/hansemannn/titanium-bluetooth) 
- [**41**Star][11d] [C++] [agamnentzar/bluetooth-serial-port](https://github.com/agamnentzar/bluetooth-serial-port) multi-platform bluetooth serial port library for C++
- [**41**Star][5m] [C#] [lsamu/v5_datacollection](https://github.com/lsamu/v5_datacollection) V5数据采集器,爬虫,采集,行业软件,欢迎Star! 交流群:392498279 解决问题&接受各种意见建议.
- [**41**Star][4m] [C#] [vcsjones/fiddlercert](https://github.com/vcsjones/fiddlercert) A Fiddler extension for examining certificates.
- [**41**Star][7m] [JS] [jinzhuming/algorithm](https://github.com/jinzhuming/algorithm) 使用 JavaScript 完成大多数的常用算法
- [**41**Star][4m] [ObjC] [banchichen/captiveportalcheck](https://github.com/banchichen/captiveportalcheck) 一个检测当前WIFI是否需要认证的小Demo
- [**41**Star][18d] [Py] [iamtodor/angel.co-companies-list-scraping](https://github.com/iamtodor/angel.co-companies-list-scraping) 
- [**41**Star][15d] [Java] [itsdax/runescape-web-walker-engine](https://github.com/itsdax/runescape-web-walker-engine) A world walker for Rune Scape written for TriBot
- [**41**Star][12d] [Kotlin] [mysteriumnetwork/mysterium-vpn-mobile](https://github.com/mysteriumnetwork/mysterium-vpn-mobile) Mobile client for Mysterium Network
- [**41**Star][2m] [PHP] [hekuntong/easyswoole3_demo](https://github.com/hekuntong/easyswoole3_demo) Jd spider example base on easyswoole framework
- [**41**Star][26d] [C] [leereindeer/lightsocks-c](https://github.com/leereindeer/lightsocks-c) 
- [**41**Star][6m] [Java] [marcelo-s/a-star-java-implementation](https://github.com/marcelo-s/a-star-java-implementation) A*or A Star algorithm java implementation
- [**41**Star][15d] [Swift] [vpnht/ios](https://github.com/vpnht/ios) VPN Client iOS
- [**41**Star][11d] [C++] [cvsandbox/cvsandbox](https://github.com/cvsandbox/cvsandbox) Open source software package, which aims to allow solving different tasks related to computer vision areas, like video surveillance, vision based automation/robotics, different sorts of image/video processing, etc.
- [**41**Star][30d] [Rust] [saurvs/hypervisor-rs](https://github.com/saurvs/hypervisor-rs) Rust API to the OS X Hypervisor framework for hardware-accelerated virtualization
- [**41**Star][23d] [Jupyter Notebook] [jasonhavend/djh-spider](https://github.com/jasonhavend/djh-spider) Python爬虫：基础，进阶，框架, csdn,糗事百科,百度贴吧.淘宝MM ,豆瓣电影排行榜 ,腾讯招聘网站,斗鱼主播,汽车网站,百度学术, 必应学术,百科 ,金融实体关系,微博(用户,微博,评论,社交网络)，推特Twitter
- [**41**Star][20d] [Py] [eth-sri/ilf](https://github.com/eth-sri/ilf) AI based fuzzer based on imitation learning
- [**41**Star][17d] [C++] [mjx0/kittymemory](https://github.com/mjx0/kittymemory) This library aims for runtime code patching for both Android and iOS
- [**41**Star][27d] [Py] [riverloopsec/hashashin](https://github.com/riverloopsec/hashashin) Hashashin: A Fuzzy Matching Tool for Binary Ninja
- [**41**Star][28d] [HTML] [cases-lu/mosp](https://github.com/cases-lu/mosp) A platform for creating, editing and sharing JSON objects.
- [**41**Star][3y] [Py] [xl7dev/sectools](https://github.com/xl7dev/sectools) Pentests tools
- [**41**Star][21d] [Lua] [asamy/forgottenmapeditor](https://github.com/asamy/forgottenmapeditor) Map editor written in lua for Open Tibia. Written with OtClient's framework.
- [**41**Star][4m] [Go] [zmap/zannotate](https://github.com/zmap/zannotate) Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
- [**41**Star][3y] [Py] [moosedojo/legion](https://github.com/moosedojo/legion) Distributed computing environment that can be used for both academic and pen testing purposes.
- [**41**Star][1m] [PS] [threatexpress/invoke-pipeshell](https://github.com/threatexpress/invoke-pipeshell) SMB Named Pipe shell
- [**41**Star][1m] [Shell] [lowpowerlab/atx-raspi](https://github.com/lowpowerlab/atx-raspi) ATXRaspi is a smart power controller for RaspberryPi that allows you to have an external ATX style shutdown button
- [**41**Star][1y] [PHP] [spiderlabs/upnp-request-generator](https://github.com/spiderlabs/upnp-request-generator) A tool to parse UPnP descriptor XML files and generate SOAP control requests for use with Burp Suite or netcat
- [**41**Star][17d] [Shell] [samyk/easel-driver](https://github.com/samyk/easel-driver) Easel driver for Linux (and Mac/Windows) + remote access to CNC controller
- [**41**Star][11d] [C] [arm-software/scp-firmware](https://github.com/arm-software/scp-firmware) System Control Processor (SCP) firmware
- [**41**Star][8m] [C] [l3m0n/my_ctf_challenges](https://github.com/l3m0n/my_ctf_challenges) 
- [**41**Star][13d] [Py] [skelsec/aiosmb](https://github.com/skelsec/aiosmb) Fully asynchronous SMB library written in pure python
- [**41**Star][22d] [Shell] [sensepost/shinai-fi](https://github.com/sensepost/shinai-fi) Docker images for learning wifi hacking
- [**41**Star][1m] [Java] [consensys/wittgenstein](https://github.com/consensys/wittgenstein) Simulator for some PoS or consensus algorithms. Includes dfinity, casper IMD and others
- [**41**Star][5m] [Ruby] [gallopsled/pwntools-binutils](https://github.com/gallopsled/pwntools-binutils) Building binutils for pwntools
- [**41**Star][2m] [C] [jovanbulck/0xbadc0de](https://github.com/jovanbulck/0xbadc0de) A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
- [**41**Star][26d] [Java] [alexatiks/spring-security-jwt-csrf](https://github.com/alexatiks/spring-security-jwt-csrf) A demonstration of stateless JWT authentication with Spring Security, Spring Boot and Vue js
- [**41**Star][15d] [gfwlist/tsilwfg](https://github.com/gfwlist/tsilwfg) Reverse list for netizens overseas
- [**41**Star][19d] [Py] [torpyorg/torpy](https://github.com/torpyorg/torpy) Pure python Tor client implementation of the Tor protocol
- [**41**Star][5m] [Shell] [nick-the-greek/aerial](https://github.com/nick-the-greek/aerial) Multi-mode wireless LAN Based on a Software Access point for Kali Linux.
- [**41**Star][14d] [Jupyter Notebook] [hunters-forge/notebooks-forge](https://github.com/hunters-forge/notebooks-forge) A collection of notebooks built for defensive and offensive operations.
- [**41**Star][17d] [Ruby] [trailofbits/rubysec](https://github.com/trailofbits/rubysec) RubySec Field Guide
- [**41**Star][12d] [Shell] [virb3/magisk-frida](https://github.com/virb3/magisk-frida) 
- [**41**Star][16d] [C#] [denikson/cm3d2.maidfiddler](https://github.com/denikson/cm3d2.maidfiddler) A real-time game editor for CM3D2
- [**41**Star][4m] [C] [fsecurelabs/3d-accelerated-exploitation](https://github.com/FSecureLABS/3d-accelerated-exploitation) 3D Accelerated Exploitation
- [**41**Star][30d] [JS] [osirislab/csaw-ctf-2017-quals](https://github.com/osirislab/CSAW-CTF-2017-Quals) Repo for CSAW CTF 2018 Quals challenges
- [**41**Star][15d] [Lua] [aoncyberlabs/nmap-scripts](https://github.com/AonCyberLabs/Nmap-Scripts) 
- [**41**Star][4m] [Java] [tacixat/cfgscandroid](https://github.com/TACIXAT/CFGScanDroid) Control Flow Graph Scanning for Android
- [**41**Star][2y] [cmu-18739l-s15/18739l-s15-coursedocs](https://github.com/CMU-18739L-S15/18739L-s15-coursedocs) 
- [**41**Star][9m] [TS] [verifynpm/tbv](https://github.com/verifynpm/tbv) Package verification for npm
- [**41**Star][1y] [Java] [tijme/similar-request-excluder](https://github.com/tijme/similar-request-excluder) A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
- [**41**Star][10m] [KiCad] [myriadrf/reference-development-kit](https://github.com/myriadrf/reference-development-kit) The Myriad-RF Reference Hardware design files and firmware
- [**41**Star][5m] [Rust] [rair-project/rair-core](https://github.com/Rair-Project/rair-core) RAIR: RAdare In Rust
- [**41**Star][1m] [C++] [busyluo/netassistant](https://github.com/busyluo/NetAssistant) A UDP/TCP Assistant. 网络调试助手
- [**41**Star][10m] [Ruby] [sharpstone/heroku-bouncer](https://github.com/sharpstone/heroku-bouncer) A Heroku OAuth middleware with no other work to do
- [**41**Star][2m] [HTML] [rsec/firmware_security_docs](https://github.com/rsec/firmware_security_docs) 
- [**41**Star][5m] [C++] [zodiacon/apisetview](https://github.com/zodiacon/apisetview) API Set Viewer
- [**41**Star][13d] [Py] [zephrfish/burpfeed](https://github.com/zephrfish/burpfeed) Hacked together script for feeding urls into Burp's Sitemap
- [**41**Star][12d] [C++] [yejiansnake/windows-sys-base](https://github.com/yejiansnake/windows-sys-base) windows 系统API C++封装库，包含进程间通讯，互斥，内存队列等通用功能
- [**41**Star][28d] [Py] [xiphosresearch/phuzz](https://github.com/xiphosresearch/phuzz) Find exploitable PHP files by parameter fuzzing and function call tracing
- [**41**Star][13d] [Py] [xiphosresearch/dnsbrute](https://github.com/xiphosresearch/dnsbrute) DNS Sub-domain brute forcer, in Python + gevent
- [**41**Star][5y] [PHP] [xibijj/awvscan](https://github.com/xibijj/awvscan) New On Live Web Vul Scan
- [**41**Star][25d] [C#] [woanware/autorunner](https://github.com/woanware/autorunner) Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
- [**41**Star][12d] [JS] [wazuh/wazuh-api](https://github.com/wazuh/wazuh-api) Wazuh - RESTful API
- [**41**Star][6m] [Py] [wangyihang/pwnme](https://github.com/wangyihang/pwnme) 二进制渗透题目汇总
- [**41**Star][1m] [Shell] [waja/maldetect](https://github.com/waja/maldetect) Debian packaging of Linux Malware Detect (
- [**41**Star][10d] [Swift] [vixentael/ios-datasec-basics](https://github.com/vixentael/ios-datasec-basics) iOS data security basics: key management, workshop for iOS Con UK
- [**41**Star][2y] [Py] [v1v1/sleight](https://github.com/v1v1/sleight) Empire HTTP(S) C2 redirector setup script
- [**41**Star][5m] [C++] [typicalhog/thcrypt](https://github.com/typicalhog/thcrypt) C++ console application that features unique (at least I think so) symmetric key based file encryption algorithm.
- [**41**Star][4y] [C] [tylous/auto_eap](https://github.com/tylous/auto_eap) Automated Brute-Force Login Attacks Against EAP Networks.
- [**41**Star][4m] [C] [twistlock/runc-cve-2019-5736](https://github.com/twistlock/runc-cve-2019-5736) CVE-2019-5736 POCs
- [**41**Star][4m] [Go] [tripwire/padcheck](https://github.com/tripwire/padcheck) TLS CBC Padding Oracle Checker
- [**41**Star][4m] [HCL] [traveloka/terraform-aws-waf-owasp-top-10-rules](https://github.com/traveloka/terraform-aws-waf-owasp-top-10-rules) A Terraform module to create AWF WAF Rules for OWASP Top 10 security risks protection.
- [**41**Star][5m] [Py] [tmr232/brutal-ida](https://github.com/tmr232/brutal-ida) Block Redo & Undo To Achieve Legacy IDA
- [**41**Star][1m] [Go] [timothyye/namebeta](https://github.com/timothyye/namebeta) A command line domain query tool.
- [**41**Star][9m] [Go] [threatstack/authkeys](https://github.com/threatstack/authkeys) A tool for getting SSH keys out of LDAP
- [**41**Star][2m] [Java] [thomasdarimont/spring-boot-admin-keycloak-example](https://github.com/thomasdarimont/spring-boot-admin-keycloak-example) Example for protecting Spring Boot Admin & Spring Boot Actuator endpoints with Keycloak
- [**41**Star][4y] [Py] [tengzhangchao/websniff](https://github.com/tengzhangchao/websniff) 局域网http流量嗅探，并获取登陆的账号密码
- [**41**Star][5y] [Py] [techbliss/adb_helper_qt_super_version](https://github.com/techbliss/adb_helper_qt_super_version) All You Need For Ida Pro And Android Debugging
- [**41**Star][4m] [YARA] [te-k/pecli](https://github.com/Te-k/pecli) CLI tool to analyze PE files
- [**41**Star][2m] [C++] [taintdroid/android_platform_dalvik](https://github.com/taintdroid/android_platform_dalvik) Mirror of git://android.git.kernel.org/platform/dalvik.git with TaintDroid additions (mirror lags official Android)
- [**41**Star][24d] [Shell] [superkojiman/rfishell](https://github.com/superkojiman/rfishell) Provide a shell-like interface for exploiting Remote File Inclusion vulnerabilities.
- [**41**Star][9y] [C] [stephenfewer/ollyheaptrace](https://github.com/stephenfewer/ollyheaptrace) OllyHeapTrace is a plugin for OllyDbg to trace the heap operations being performed by a process.
- [**41**Star][2y] [Py] [spiderlabs/firework](https://github.com/spiderlabs/firework) Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.
- [**41**Star][6m] [PS] [sikkandar-sha/sec-audit](https://github.com/sikkandar-sha/sec-audit) PowerShell Script for Windows Server Compliance / Security Configuration Audit
- [**41**Star][7y] [Py] [shadsidd/automated-xss-finder](https://github.com/shadsidd/automated-xss-finder) Automated XSS Finder
- [**41**Star][7m] [C] [seemoo-lab/nexmon_debugger](https://github.com/seemoo-lab/nexmon_debugger) Debugger with hardware breakpoints and memory watchpoints for BCM4339 Wi-Fi chips
- [**41**Star][2y] [Py] [securifera/cve-2018-6546-exploit](https://github.com/securifera/cve-2018-6546-exploit) CVE-2018-6546-Exploit
- [**41**Star][7m] [seadog007/noxctf-2018-psrf-as-pwn](https://github.com/seadog007/noxctf-2018-psrf-as-pwn) 
- [**41**Star][1y] [Java] [scriptjunkie/kcap](https://github.com/scriptjunkie/kcap) 
- [**41**Star][3y] [HTML] [scorelab/androphsy](https://github.com/scorelab/androphsy) An Open Source Mobile Forensics Investigation Tool for Android Platform
- [**41**Star][5m] [C++] [rr-/crc-manipulator](https://github.com/rr-/crc-manipulator) Change CRC checksums of your files.
- [**41**Star][2m] [Py] [rooklabs/milano](https://github.com/rooklabs/milano) Hacking Team Malware Detection Utility
- [**41**Star][2y] [C++] [rokups/reflectiveldr](https://github.com/rokups/reflectiveldr) Position-idependent Windows DLL loader based on ReflectiveDLL project.
- [**41**Star][4y] [ActionScript] [riusksk/flashscanner](https://github.com/riusksk/flashscanner) Flash XSS Scanner
- [**41**Star][4m] [Java] [revolver-ocelot-saa/ghidrax64dbg](https://github.com/revolver-ocelot-saa/ghidrax64dbg) Extract annoations from Ghidra into an X32/X64 dbg database
- [**41**Star][5m] [C++] [regehr/compiler-crashes](https://github.com/regehr/compiler-crashes) 60 artisanal compiler crashes
- [**41**Star][16d] [Java] [rashidi/spring-boot-data-audit](https://github.com/rashidi/spring-boot-data-audit) Sample project for Spring Boot with Spring Data Audit enabled.
- [**41**Star][2y] [C#] [rappayne/webgoat.net](https://github.com/rappayne/webgoat.net) OWASP's official repository for WebGoat (ASP.NET version)
- [**41**Star][14d] [Py] [random-robbie/bugbountydork](https://github.com/random-robbie/bugbountydork) Bug Bounty Dork
- [**41**Star][7m] [Shell] [r0bag/pentest](https://github.com/r0bag/pentest) 
- [**41**Star][5m] [HTML] [q1271964185/cyberspace_security_learning](https://github.com/q1271964185/cyberspace_security_learning) 在学习CTF、网络安全路上整合自己博客和一些资料，持续更新~
- [**41**Star][5m] [Ruby] [pwnieexpress/metasploit-framework](https://github.com/pwnieexpress/metasploit-framework) Unofficial fork of the Rapid7 metasploit-framework, pruned for minimal size.
- [**41**Star][3y] [C#] [phylliida/unityvoip](https://github.com/phylliida/unityvoip) [Doesn't work now sorry] Real time peer to peer voice chat in Unity, using CSCore, NSpeex, and UnityP2P
- [**41**Star][2y] [Shell] [petrockblog/retropie-setup](https://github.com/petrockblog/retropie-setup) Shell script to set up a Raspberry Pi/Odroid/PC with RetroArch emulator and various cores
- [**41**Star][11d] [PLpgSQL] [percona-qa/percona-qa](https://github.com/percona-qa/percona-qa) Percona QA is a suite of scripts and utilities that assists in building, continuous integration, automated testing & bug reporting for Percona Server, Percona XtraDB Cluster, Percona XtraBackup, Percona Server for MongoDB, as well as other flavors of MySQL (Oracle, Facebook MyQSL, WebScaleSQL, MariaDB) etc.
- [**41**Star][14d] [C++] [peperunas/pasticciotto](https://github.com/peperunas/pasticciotto) Polymorphic VM and PoliCTF '17 reversing challenge.
- [**41**Star][4y] [Ruby] [openshift/openshift-extras](https://github.com/openshift/openshift-extras) Unofficial tools for use with OpenShift
- [**41**Star][5m] [Py] [ocadotechnology/gcp-census](https://github.com/ocadotechnology/gcp-census) GAE python based app which regularly collects information about GCP resources and stores them in BigQuery
- [**41**Star][4m] [C] [ntraiseharderror/antihook](https://github.com/ntraiseharderror/antihook) PoC designed to evade userland-hooking anti-virus.
- [**41**Star][1m] [Py] [northbit/bulletin-scraper](https://github.com/northbit/bulletin-scraper) Download all of Microsoft's security updates and symbols
- [**41**Star][2m] [Py] [noobscode/kalel](https://github.com/noobscode/kalel) Kal El Network Stress Test and Penetration Testing Toolkit
- [**41**Star][3m] [Py] [nonenotnull/regeorg](https://github.com/nonenotnull/regeorg) The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
- [**41**Star][7m] [Py] [nimai/mptcp-scapy](https://github.com/nimai/mptcp-scapy) MPTCP firewall tester based on scapy
- [**41**Star][4y] [C++] [nihilus/guid-finder](https://github.com/nihilus/guid-finder) find GUID/UUIDs
- [**41**Star][1m] [PHP] [nightlionsecurity/phpstress](https://github.com/nightlionsecurity/phpstress) PHP denial of service / stress test for Web Servers running PHP-FPM or PHP-CGI
- [**41**Star][1y] [ASP] [netspi/cmdsql](https://github.com/netspi/cmdsql) 
- [**41**Star][4y] [C] [nccgroup/triforceopenbsdfuzzer](https://github.com/nccgroup/triforceopenbsdfuzzer) System call fuzzing of OpenBSD amd64 using TriforceAFL (i.e. AFL and QEMU)
- [**41**Star][3y] [nao-sec/rigek](https://github.com/nao-sec/rigek) Analyzing Rig Exploit Kit
- [**41**Star][3m] [Py] [nanshihui/normal_hark_lite](https://github.com/nanshihui/normal_hark_lite) 通用的POC检测框架，有足够的POC，就可以找出相应的漏洞
- [**41**Star][7m] [Py] [n3k/pentest](https://github.com/n3k/pentest) Notes/Tools for pentesting
- [**41**Star][4m] [C#] [n0ise9914/rdpchecker](https://github.com/n0ise9914/rdpchecker) Stable and reliable multiple RDP checker written in C#
- [**41**Star][2y] [Py] [mxmssh/idametrics](https://github.com/mxmssh/idametrics)  static software complexity metrics collection
- [**41**Star][3y] [Perl] [mtve/yazecminer](https://github.com/mtve/yazecminer) yet another ZEC miner
- [**41**Star][2y] [Py] [mthbernardes/houseproxy](https://github.com/mthbernardes/houseproxy) Protect your parents from phishing
- [**41**Star][6m] [JS] [moloch--/cve-2016-1764](https://github.com/moloch--/cve-2016-1764) Extraction of iMessage Data via XSS
- [**41**Star][2y] [Java] [miwong/intellidroid](https://github.com/miwong/intellidroid) A targeted input generator for Android that improves the effectiveness of dynamic malware analysis.
- [**41**Star][5m] [Shell] [mitchellkrogza/fail2ban.webexploits](https://github.com/mitchellkrogza/fail2ban.webexploits) This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.
- [**41**Star][3y] [minisafe/microweb](https://github.com/minisafe/microweb) MicroScan 的web端，正在改bug
- [**41**Star][4m] [PS] [mikefrobbins/activedirectory](https://github.com/mikefrobbins/activedirectory) PowerShell Scripts, Functions, and Modules for managing Active Directory
- [**41**Star][23d] [Py] [matthewdfuller/intellifuzz-xss](https://github.com/matthewdfuller/intellifuzz-xss) An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
- [**41**Star][4m] [C#] [mashed-potatoes/usbtrojan](https://github.com/mashed-potatoes/usbtrojan) Super simple loader that spreads over removable drives (USB flash drives, portable and network drives, SD cards). Features: You can add the HWID of your PC to the whitelist and trojan will ignore it; You can add any payload (executable file); Slient work. Ideal for school, university or office.
- [**41**Star][3m] [JS] [mafintosh/ws-to-tcp](https://github.com/mafintosh/ws-to-tcp) Proxy from WebSockets to TCP
- [**41**Star][7m] [maecproject/malware-behaviors](https://github.com/maecproject/malware-behaviors) A taxonomy and dictionary of malware behaviors.
- [**41**Star][14d] [Py] [m4n3dw0lf/sslkill](https://github.com/m4n3dw0lf/sslkill) Forced Man-In-The-Middle HTTPs-Avoiding Reverse Proxy
- [**41**Star][4y] [Py] [lukasikic/kodi-backdoor-generator](https://github.com/lukasikic/kodi-backdoor-generator) Kodi Reverse Shell
- [**41**Star][1y] [Py] [llt4l/iculeak.py](https://github.com/llt4l/iculeak.py) Tool to find and extract credentials from phone configuration files hosted on CUCM
- [**41**Star][2y] [Py] [linted/linuxprivchecker](https://github.com/linted/linuxprivchecker) linuxprivchecker.py -- a Linux Privilege Escalation Check Script
- [**41**Star][3m] [C] [lillypad/badger](https://github.com/lillypad/badger) A Swiss Army Knife for Windows Exploit Development.
- [**41**Star][3m] [Shell] [leviathan36/ska](https://github.com/leviathan36/ska) Simple Karma Attack
- [**41**Star][20d] [JS] [laomu1988/koa2-proxy](https://github.com/laomu1988/koa2-proxy) 基于koa@next的代理工具，支持http和https，并且可以当做本地服务器使用
- [**41**Star][11d] [C++] [kurapicabs/x64_tracer](https://github.com/kurapicabs/x64_tracer) x64dbg conditional branches logger [Plugin]
- [**41**Star][2m] [C] [kitctf/nginxpwn](https://github.com/kitctf/nginxpwn) Exploitation Training -- CVE-2013-2028: Nginx Stack Based Buffer Overflow
- [**41**Star][2m] [Py] [killswitch-gui/lterm](https://github.com/killswitch-gui/lterm) lterm is a small script built to install a bash hook for full terminal logging.
- [**41**Star][4y] [C] [killswitch-gui/hotload-driver](https://github.com/killswitch-gui/hotload-driver) C++
- [**41**Star][4m] [C#] [kevingosse/windbg-extensions](https://github.com/kevingosse/windbg-extensions) Extensions for the new WinDbg
- [**41**Star][15d] [Py] [hugsy/gef-extras](https://github.com/hugsy/gef-extras) Extra goodies for GEF: Open repository for unfiltered contributions to the project.
- [**41**Star][6m] [hook-s3c/cve-2019-0708-poc](https://github.com/hook-s3c/cve-2019-0708-poc) proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability
- [**41**Star][4m] [C] [hlandau/ortega](https://github.com/hlandau/ortega) Ortega FDK
- [**41**Star][2y] [JS] [hfiprogramming/custom-uptimerobot](https://github.com/hfiprogramming/custom-uptimerobot) custom uptime-robot public page with php proxy
- [**41**Star][23d] [Shell] [hestat/blazescan](https://github.com/hestat/blazescan) Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.
- [**41**Star][3m] [C++] [hackshields/antivirus](https://github.com/hackshields/antivirus) 
- [**41**Star][5m] [Jupyter Notebook] [h21lab/anomaly-detection](https://github.com/h21lab/anomaly-detection) Scripts to help to detect anomalies in pcap file. Anomaly Detection using tensorflow and tshark.
- [**41**Star][1m] [C++] [guohaodongpu/huangyexingdong-bug](https://github.com/guohaodongpu/huangyexingdong-bug) 荒野行动辅助，透视穿墙。我把源码发出来，
- [**41**Star][5m] [JS] [gaoding-inc/runtime-hooks](https://github.com/gaoding-inc/runtime-hooks) 
- [**41**Star][2m] [C] [gamelinux/cxtracker](https://github.com/gamelinux/cxtracker) Connection Tracker is a passive network connection tracker for profiling, history, auditing and network discovery.
- [**41**Star][29d] [ObjC] [frpccluster/frpc-ios](https://github.com/frpccluster/frpc-ios) IOS,苹果版frpc.一个快速反向代理，可帮助您将NAT或防火墙后面的本地服务器暴露给Internet。
- [**41**Star][7y] [Py] [flyr4nk/xssscaner](https://github.com/flyr4nk/xssscaner) Xss Scaner
- [**41**Star][5m] [Py] [fireeye/chopshop](https://github.com/fireeye/chopshop) Protocol Analysis/Decoder Framework
- [**41**Star][3m] [JS] [firebug/devtools-extension-examples](https://github.com/firebug/devtools-extension-examples) Extension examples for Firefox developer tools
- [**41**Star][1m] [Go] [evilsocket/brutemachine](https://github.com/evilsocket/brutemachine) A Go library which main purpose is giving an interface to loop over a dictionary and use those words/lines as input for some custom logic such as HTTP file bruteforcing, DNS bruteforcing, etc.
- [**41**Star][4m] [C++] [equalitie/ouinet](https://github.com/equalitie/ouinet) Library to enable decentralized web requests
- [**41**Star][3y] [Go] [empty-nest/emptynest](https://github.com/empty-nest/emptynest) a plugin based C2 server framework
- [**41**Star][1y] [Java] [dxsdyhm/gwelldemo](https://github.com/dxsdyhm/gwelldemo) a demo to use P2P-Core
- [**41**Star][21d] [Py] [draios/python-sdc-client](https://github.com/draios/python-sdc-client) Sysdig Monitor/Secure Python client library
- [**41**Star][4y] [Py] [dnlongen/reglister](https://github.com/dnlongen/reglister) Recurse through a registry, identifying values with large data -- a registry malware hunter
- [**41**Star][13d] [Py] [digidotcom/python-wpa-supplicant](https://github.com/digidotcom/python-wpa-supplicant) WPA Supplicant wrapper for Python
- [**41**Star][11d] [C] [dhn/exploits](https://github.com/dhn/exploits) Some personal exploits/pocs
- [**41**Star][6m] [deep-security/aws-waf](https://github.com/deep-security/aws-waf) Deep Security's APIs make it simple to integration with a variety of AWS Services
- [**41**Star][2y] [deadbits/analyst-casefile](https://github.com/deadbits/analyst-casefile) Maltego CaseFile entities for information security investigations, malware analysis and incident response
- [**41**Star][5y] [JS] [csh/stegosploit](https://github.com/csh/stegosploit) IMAJS meet <img>
- [**41**Star][1m] [C] [csandker/inmemoryshellcode](https://github.com/csandker/inmemoryshellcode) A Collection of In-Memory Shellcode Execution Techniques for Windows
- [**41**Star][11m] [Py] [crysys/membrane](https://github.com/crysys/membrane) Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis
- [**41**Star][9y] [C++] [cr4sh/ptbypass-poc](https://github.com/cr4sh/ptbypass-poc) Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
- [**41**Star][13d] [PS] [countercept/ppid-spoofing](https://github.com/countercept/ppid-spoofing) Scripts for performing and detecting parent PID spoofing
- [**41**Star][4y] [Go] [codedust/webtox](https://github.com/codedust/webtox) A web based graphical user interface for Tox - contributions welcome!
- [**41**Star][8m] [C] [cocoahuke/mackextdump](https://github.com/cocoahuke/mackextdump) Dump Kext information from Macos. Support batch analysis. The disassembly framework used is Capstone
- [**41**Star][25d] [Py] [cclgroupltd/ccl-bplist](https://github.com/cclgroupltd/ccl-bplist) Python Module for parsing Binary Property List and NSKeyedArchiver files
- [**41**Star][2m] [C] [boywhp/wifi_crack_windows](https://github.com/boywhp/wifi_crack_windows) wifi crack project for windows
- [**41**Star][3y] [bluscreenofjeff/malleablec2profiles](https://github.com/bluscreenofjeff/malleablec2profiles) Malleable C2 profiles for Cobalt Strike
- [**41**Star][8m] [C] [bluec0re/reversing-radare2](https://github.com/bluec0re/reversing-radare2) A reversing series with radare2
- [**41**Star][12d] [Py] [bltsec/violent-python3](https://github.com/bltsec/violent-python3) Python 3 scripts based on lessons learned from Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers by TJ O'Connor.
- [**41**Star][11m] [C] [blankwall/offensive-con](https://github.com/blankwall/offensive-con) Talk and materials for Offensive Con presentation - Privileged Helper Tools
- [**41**Star][2m] [Java] [bit4woo/burp_collaborator_http_api](https://github.com/bit4woo/burp_collaborator_http_api) Burp Suite Collaborator HTTP API
- [**41**Star][4m] [Assembly] [battelle/repsych](https://github.com/battelle/repsych) Psychological warfare in reverse engineering
- [**41**Star][6m] [Py] [backto17/sinahousecrawler](https://github.com/backto17/sinahousecrawler) 基于scrapy,scrapy-redis实现的一个分布式网络爬虫,爬取了新浪房产的楼盘信息及户型图片,实现了常用的爬虫功能需求.
- [**41**Star][11m] [C++] [baarsik/tauros-v2](https://github.com/baarsik/tauros-v2) 
- [**41**Star][4y] [C++] [avdbg/saber](https://github.com/avdbg/saber) 《macOS软件安全与逆向分析》随书的调试器代码
- [**41**Star][3y] [Visual Basic .NET] [arno0x/webdavdelivery](https://github.com/arno0x/webdavdelivery) A WebDAV PROPFIND covert channel to deliver payloads
- [**41**Star][2y] [Py] [aqcurate/lsb-steganography](https://github.com/aqcurate/lsb-steganography) Least-Significant-Bit tool for steganography
- [**41**Star][1m] [Py] [anic/ida2pwntools](https://github.com/anic/ida2pwntools) a IDA 7.0 plugins that helps to attach process created by pwntools and debug pwn
- [**41**Star][1y] [C] [android-rooting-tools/libpingpong_exploit](https://github.com/android-rooting-tools/libpingpong_exploit) CVE-2015-3636 exploit
- [**41**Star][3y] [Java] [alepacheco/androrw](https://github.com/alepacheco/androrw) PoC Ransomware for android
- [**41**Star][2m] [JS] [ahoog42/ios-triage](https://github.com/ahoog42/ios-triage) incident response tool for iOS devices
- [**41**Star][4m] [Erlang] [afiskon/erlang-http-proxy](https://github.com/afiskon/erlang-http-proxy) Nontrivial HTTP proxy server in Erlang
- [**41**Star][4m] [Py] [adguardteam/adguardsdnsfilter](https://github.com/adguardteam/adguardsdnsfilter) AdGuard Simplified Domain names filter
- [**41**Star][2m] [Py] [a7vinx/swarm](https://github.com/a7vinx/swarm) A modular distributed penetration testing tool.
- [**41**Star][5m] [54yimeng/sia-websites](https://github.com/54yimeng/sia-websites) 这里是我在youtube等上收集的一些科学上网网站的集合,以各自的网站名命名文件夹。
- [**41**Star][2m] [Py] [0x90/upnp-arsenal](https://github.com/0x90/upnp-arsenal) UPnP hacking scripts and tools
- [**41**Star][4y] [Java] [0ang3el/hqli-playground](https://github.com/0ang3el/hqli-playground) 
- [**40**Star][10d] [TS] [jvandenaardweg/linkedin-profile-scraper](https://github.com/jvandenaardweg/linkedin-profile-scraper) 
- [**40**Star][19d] [Dart] [cdnbye/flutter-p2p-engine](https://github.com/cdnbye/flutter-p2p-engine) Live/VOD P2P Engine for Flutter App powered by WebRTC Datachannel.
- [**40**Star][5m] [Py] [glucee/unblock_youku_gateway](https://github.com/glucee/unblock_youku_gateway) Unblock-Youku in Gateway Server 在网关服务器中实现Unblock Youku功能，让所有设备都可以自动分流到国内服务器，方便海外华人观看国内音视频
- [**40**Star][1m] [JS] [democracyearth/self](https://github.com/democracyearth/self) 
- [**40**Star][3m] [C] [memfault/interrupt](https://github.com/memfault/interrupt) A community for embedded software makers.
- [**40**Star][5m] [C++] [strikerx3/strikebox](https://github.com/strikerx3/strikebox) StrikeBox - Original Xbox emulator
- [**40**Star][4m] [Shell] [bountystrike/bountystrike-sh](https://github.com/bountystrike/bountystrike-sh) Poor (rich?) man's bug bounty pipeline
- [**40**Star][14d] [JS] [fire30/bad_hoist](https://github.com/fire30/bad_hoist) 
- [**40**Star][4m] [Py] [pinto0309/mobilenet-ssdlite-realsense-tf](https://github.com/pinto0309/mobilenet-ssdlite-realsense-tf) RaspberryPi3(Raspbian Stretch) + MobileNetv2-SSDLite(Tensorflow/MobileNetv2SSDLite) + RealSense D435 + Tensorflow1.11.0 + without Neural Compute Stick(NCS)
- [**40**Star][8m] [Java] [inovait/neatle](https://github.com/inovait/neatle) A Neat BluetoothLE library for Android
- [**40**Star][11d] [C] [uclinux-dev/elf2flt](https://github.com/uclinux-dev/elf2flt) ELF to bFLT (binary flat) converter for no-mmu Linux targets
- [**40**Star][29d] [Py] [harryandriyan/warta-scrap](https://github.com/harryandriyan/warta-scrap) Indonesia Index News Crawler, including 10 online media
- [**40**Star][5m] [Kotlin] [wandersnail/easyble](https://github.com/wandersnail/easyble) A simple framework for Android Bluetooth Low Energy (BLE)
- [**40**Star][18d] [Py] [adrianherrera/afl-mutation-graph](https://github.com/adrianherrera/afl-mutation-graph) Recover mutation graph from an AFL seed
- [**40**Star][1m] [Py] [liangwenpeng/scrapy-admin](https://github.com/liangwenpeng/scrapy-admin) A django admin site for scrapy
- [**40**Star][1m] [maxking/linux-security-papers](https://github.com/maxking/linux-security-papers) Research paper collection for Linux kernel security from top security conferences.
- [**40**Star][4m] [HTML] [link-/uber_data](https://github.com/link-/uber_data) Uber web interface crawler / scraper - Convert the trips table into a CSV file
- [**40**Star][4m] [C] [ph4r05/php_aho_corasick](https://github.com/ph4r05/php_aho_corasick) Aho-Corasick string search algorithm PHP extension implementation.
- [**40**Star][7d] [C#] [dragonspit/hpcsharp](https://github.com/dragonspit/hpcsharp) High performance algorithms in C#: SIMD/SSE, multi-core and faster
- [**40**Star][2m] [PHP] [zhucola/the-algorithms-php](https://github.com/zhucola/the-algorithms-php) PHP也可以写数据结构和算法
- [**40**Star][4m] [JS] [chill117/proxy-verifier](https://github.com/chill117/proxy-verifier) NodeJS module to check proxies: if functional, anonymity level, tunneling, supported protocols.
- [**40**Star][12d] [C#] [13xforever/ps3-disc-dumper](https://github.com/13xforever/ps3-disc-dumper) A handy utility to make decrypted PS3 disc dumps
- [**40**Star][4m] [Py] [kamingchan/shadowsocks-munager](https://github.com/kamingchan/shadowsocks-munager) Middleware of shadowsocks-libev and sspanel
- [**40**Star][18d] [Py] [adrianherrera/afl-mutation-graph](https://github.com/adrianherrera/afl-mutation-graph) Recover mutation graph from an AFL seed
- [**40**Star][11d] [C++] [pgigioli/darknet_ros](https://github.com/pgigioli/darknet_ros) YOLO integration with ROS for real-time object detection
- [**40**Star][15d] [Shell] [m507/kali-tx](https://github.com/m507/kali-tx) Customized Kali Linux - Ansible playbook
- [**40**Star][2m] [Lua] [chaitin/safeline-open-platform](https://github.com/chaitin/safeline-open-platform) 
- [**40**Star][15d] [HTML] [twintproject/twint-explorer](https://github.com/twintproject/twint-explorer) TWINT Graph Visualizer
- [**40**Star][29d] [C++] [paranoidninja/botnet-blogpost](https://github.com/paranoidninja/botnet-blogpost) This repo basically contains the code that was mentioned in the blogposts that was written by me at:
- [**40**Star][11d] [JS] [javascript-obfuscator/obfuscator-loader](https://github.com/javascript-obfuscator/obfuscator-loader) A webpack loader for obfuscating single modules using javascript-obfuscator
- [**40**Star][3m] [Shell] [zerobyte-id/netass2](https://github.com/zerobyte-id/netass2) Network Assessment Assistance Framework (PenTest Toolkit).
- [**40**Star][21d] [SourcePawn] [rogeraabbccdd/kento-rankme](https://github.com/rogeraabbccdd/kento-rankme) Rankme for CSGO
- [**40**Star][2m] [Py] [flankerhqd/wifimonster](https://github.com/flankerhqd/wifimonster) Wifi sniffing and hijacking tool
- [**40**Star][21d] [Shell] [jessestuart/unifi_exporter](https://github.com/jessestuart/unifi_exporter) Multiarch images for scraping Prometheus metrics from a Unifi Controller. Kubernetes / prometheus-operator compatible.
- [**40**Star][8m] [JS] [iwinston/javascript-code-protection-example](https://github.com/iwinston/javascript-code-protection-example) An example of JavaScript code protection
- [**40**Star][12d] [Go] [paraterraform/para](https://github.com/paraterraform/para) Para - community plugin manager and a "swiss army knife" for Terraform/Terragrunt - just 1 tool to facilitate all your workflows.
- [**40**Star][5y] [Java] [paloaltonetworks/installerhijackingvulnerabilityscanner](https://github.com/PaloAltoNetworks/InstallerHijackingVulnerabilityScanner) 
- [**40**Star][3y] [Visual Basic .NET] [mwsrc/betterrat](https://github.com/mwsrc/BetterRAT) Better Remote Access Trojan
- [**40**Star][3y] [PS] [n0pe-sled/wmi-persistence](https://github.com/n0pe-sled/WMI-Persistence) 
- [**40**Star][1m] [Py] [coalfire-research/doozer](https://github.com/Coalfire-Research/Doozer) Password cracking utility
- [**40**Star][12d] [Py] [pegasuslab/wifi-miner-detector](https://github.com/PegasusLab/WiFi-Miner-Detector) Detecting malicious WiFi with mining cryptocurrency.
- [**40**Star][8d] [Py] [projecthorus/wenet](https://github.com/projecthorus/wenet) Wenet ("The Swift One") - Transmit and Receive code for the Project Horus High-Speed Imagery Payload.
- [**40**Star][2m] [C] [dadas190/penetrator-wps](https://github.com/dadas190/penetrator-wps) 实时攻击多个启用了WPS的AP
- [**40**Star][8m] [JS] [auth0-blog/hapi-jwt-authentication](https://github.com/auth0-blog/hapi-jwt-authentication) 
- [**40**Star][1y] [scheme] [aki helin/radamsa](https://gitlab.com/akihe/radamsa) a general-purpose fuzzer
- [**40**Star][3m] [Py] [zynga/hiccup](https://github.com/zynga/hiccup) [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool,
- [**40**Star][10d] [Go] [zpsean/go4api](https://github.com/zpsean/go4api) Go4Api - an API testing tool written in Go
- [**40**Star][3y] [Py] [zjx20/socks-cli](https://github.com/zjx20/socks-cli) A solution to make CLI commands use socks5 proxy.
- [**40**Star][4y] [C++] [zibility/anti-rootkits](https://github.com/zibility/anti-rootkits) 内核级ARK工具。
- [**40**Star][2m] [Py] [zeroq/amun](https://github.com/zeroq/amun) Amun Honeypot
- [**40**Star][2y] [Shell] [zephrfish/attackdeploy](https://github.com/zephrfish/attackdeploy) Scripts for Deploying new server
- [**40**Star][3y] [Lua] [z-0ne/scans2-045-nmap](https://github.com/z-0ne/scans2-045-nmap) Struts2 S2-045-Nmap NSE script
- [**40**Star][2m] [Py] [ytisf/muninn](https://github.com/ytisf/muninn) A short and small memory forensics helper.
- [**40**Star][2y] [C++] [yifengyou/code-virtualization-and-automation-analysis](https://github.com/yifengyou/code-virtualization-and-automation-analysis) 代码虚拟化与自动化分析
- [**40**Star][3y] [C++] [x64dbg/interobfu](https://github.com/x64dbg/interobfu) Intermediate x86 instruction representation for use in obfuscation/deobfuscation.
- [**40**Star][7y] [Java] [wuntee/burpauthzplugin](https://github.com/wuntee/burpauthzplugin) Burp plugin to test for authorization flaws
- [**40**Star][4y] [PHP] [wso-shell/wso](https://github.com/wso-shell/wso) WSO SHELL , wso shell , WSO.php , wso.php , webshell , wso-shell веб-шелл , шелл , WSO2.5 , WSO2.5.1 , WSO2.php , Shell download, C99 , r57 , bypass shell , P.A.S. (php web-shell) , PPS 4.0 , Скачать WSO Web Shell , Скачать wso.php , Скачать Web Shell
- [**40**Star][4m] [Py] [wraith-wireless/wraith](https://github.com/wraith-wireless/wraith) Wireless Reconnaissance And Intelligent Target Harvesting
- [**40**Star][7y] [C++] [wirepair/idapinlogger](https://github.com/wirepair/idapinlogger) Logs instruction hits to a file which can be fed into IDA Pro to highlight which instructions were called.
- [**40**Star][27d] [C] [wi-fi-analyzer/wifi-arsenal](https://github.com/wi-fi-analyzer/wifi-arsenal) WiFi arsenal
- [**40**Star][4m] [Py] [weebsec/weebdns](https://github.com/weebsec/weebdns) DNS Enumeration with Asynchronicity
- [**40**Star][4m] [Visual Basic] [visualbasic6/subdomain-bruteforce](https://github.com/visualbasic6/subdomain-bruteforce) a subdomain brute forcing tool for windows
- [**40**Star][6m] [JS] [vigneshsrao/cve-2019-11707](https://github.com/vigneshsrao/cve-2019-11707) Exploit code for CVE-2019-11707 on Firefox 66.0.3 running on Ubuntu
- [**40**Star][19d] [Py] [viaforensics/android-encryption](https://github.com/viaforensics/android-encryption) Brute force and decryption of Android's Full Device Encryption
- [**40**Star][12d] [Batchfile] [vanhauser-thc/audit_scripts](https://github.com/vanhauser-thc/audit_scripts) Scripts to gather system configuration information for offline/remote auditing
- [**40**Star][1m] [C++] [vanhauser-thc/afl-dyninst](https://github.com/vanhauser-thc/afl-dyninst) American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
- [**40**Star][4m] [Shell] [userlandkernel/plataoplomo](https://github.com/userlandkernel/plataoplomo) Collection of (at time of release) iOS bugs I found
- [**40**Star][16d] [Shell] [tjluoma/bash-fix](https://github.com/tjluoma/bash-fix) Download and compile a new version of bash to replace vulnerable one
- [**40**Star][11d] [Py] [the-c0d3r/sqli-scanner](https://github.com/the-c0d3r/sqli-scanner) A tool to mass scan SQL Injection Vulnerable websites from a file.
- [**40**Star][29d] [JS] [thauex/ffrk-proxy](https://github.com/thauex/ffrk-proxy) Proxy for Final Fantasy Record Keeper written in node.js
- [**40**Star][3m] [C] [techgaun/mirai](https://github.com/techgaun/mirai) Mirai related codes and stuff
- [**40**Star][3y] [C++] [tanninone/usvfs](https://github.com/tanninone/usvfs) library using api hooking to implement process-local filesystem-independent file links.
- [**40**Star][3y] [Py] [stratosphereips/stratospheretestingframework](https://github.com/stratosphereips/stratospheretestingframework) The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere IPS.
- [**40**Star][2m] [C] [stephenrkell/libsystrap](https://github.com/stephenrkell/libsystrap) Monitor, rewrite and/or otherwise trap system calls... on Linux/x86-64 only, for now.
- [**40**Star][4m] [Shell] [steamdatabase/gametracking-tf2](https://github.com/steamdatabase/gametracking-tf2) 
- [**40**Star][5m] [HTML] [sophoslabs/cve-2019-0888](https://github.com/sophoslabs/cve-2019-0888) PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)
- [**40**Star][6m] [sinsoul/sinsoulwebremotecontrol](https://github.com/sinsoul/sinsoulwebremotecontrol) 在任何地方通过网页控制和管理自己的计算设备
- [**40**Star][11m] [Py] [silv3rhorn/artifactextractor](https://github.com/silv3rhorn/artifactextractor) Extract common Windows artifacts from source images and VSCs
- [**40**Star][2y] [Elixir] [sikanhe/acme](https://github.com/sikanhe/acme) Acme (Let's Encrypt) Client for Elixir
- [**40**Star][7y] [C] [shjalayeri/pwnypot](https://github.com/shjalayeri/pwnypot) PwnyPot, High Interaction Client Honeypot
- [**40**Star][2m] [C] [securesystemslab/periscope](https://github.com/securesystemslab/periscope) An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
- [**40**Star][4m] [Py] [secgroup/mignis](https://github.com/secgroup/mignis) Mignis is a semantic based tool for firewall configuration.
- [**40**Star][3y] [C] [scubsrgroup/taint-analyse](https://github.com/scubsrgroup/taint-analyse) Windows平台下的细粒度污点分析工具
- [**40**Star][2y] [C#] [scavanger/memorymodule.net](https://github.com/scavanger/memorymodule.net) Loading a native DLL in the memory.
- [**40**Star][6m] [Py] [s2e/pykvm](https://github.com/s2e/pykvm) A tiny KVM hypervisor written in Python
- [**40**Star][19d] [Py] [ruped24/tor_ip_switcher](https://github.com/ruped24/tor_ip_switcher) tor_ip_switcher is useful for making any DoS attack look like a DDoS attack. Works with toriptables2.
- [**40**Star][9m] [C++] [rub-nds/ms-rms-attacks](https://github.com/rub-nds/ms-rms-attacks) Breaking the security of Microsoft's RMS
- [**40**Star][1y] [Py] [rr-/ida-images](https://github.com/rr-/ida-images) Image preview plugin for IDA disassembler.
- [**40**Star][3y] [Py] [roothaxor/pystat](https://github.com/roothaxor/pystat) Advanced Netstat Using Python For Windows
- [**40**Star][2y] [Py] [robputt796/py-dns-over-https-proxy](https://github.com/robputt796/py-dns-over-https-proxy) Provides a simple Python based proxy for running DNS over HTTPS to Google's DNS over HTTPS service.
- [**40**Star][10d] [C] [rinnegatamante/vitaquakeiii](https://github.com/rinnegatamante/vitaquakeiii) ioquake3 port for PSVITA (Currently supporting Quake III: Arena, Quake III: Team Arena, OpenArena, Urban Terror and Q3Rally)
- [**40**Star][28d] [Java] [righettod/pst-digger](https://github.com/righettod/pst-digger) Program to analyze mails stored into a Microsoft Outlook PST file and find one based on search keywords.
- [**40**Star][5m] [PHP] [ridter/webshell](https://github.com/ridter/webshell) This is a webshell open source project
- [**40**Star][4m] [C] [reversingid/crackmes-repository](https://github.com/reversingid/crackmes-repository) Initiative to collect and preserve crackmes for learning and practice in reverse engineering
- [**40**Star][4m] [C++] [rebzzel/universal-d3d11-hook](https://github.com/rebzzel/universal-d3d11-hook) Universal hook for DX11 based games written in C++
- [**40**Star][1m] [Lua] [r00t-3xp10it/nmap-nse-modules](https://github.com/r00t-3xp10it/nmap-nse-modules) My collection of nmap nse modules
- [**40**Star][1m] [Py] [qwj/python-esp](https://github.com/qwj/python-esp) IPSec IKE(v1,v2) PSK VPN implemented in pure Python. (For Research Purposes Only)
- [**40**Star][3m] [TS] [pshihn/byproxy](https://github.com/pshihn/byproxy) A different way of thinking of web client-server RPC
- [**40**Star][25d] [C++] [prekageo/winhook](https://github.com/prekageo/winhook) 
- [**40**Star][2m] [Elixir] [paulzql/shadowsocks-ex](https://github.com/paulzql/shadowsocks-ex) elixir port of shadowsocks
- [**40**Star][3m] [C++] [patois/nesldr](https://github.com/patois/nesldr) Nintendo Entertainment System (NES) ROM loader module for IDA Pro (for IDA 4.9)
- [**40**Star][28d] [C] [pathway27/bookr-mod-vita](https://github.com/pathway27/bookr-mod-vita) A book reader for the Vita. Still a work in progress
- [**40**Star][4m] [Py] [paradoxis/flask-unsign](https://github.com/paradoxis/flask-unsign) Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
- [**40**Star][9m] [Py] [outflanknl/redfile](https://github.com/outflanknl/redfile) A flask wsgi application that serves files with intelligence, good for serving conditional RedTeam payloads
- [**40**Star][2m] [ObjC] [omerporze/brokentooth](https://github.com/omerporze/brokentooth) POC for CVE-2018-4327
- [**40**Star][1m] [C++] [notscimmy/pplib](https://github.com/notscimmy/pplib) Elevate a process to be a protected process
- [**40**Star][6y] [Py] [neuman/python-carteblanche](https://github.com/neuman/python-carteblanche) Module to align code with thoughts of users and designers. Also magically handles navigation and permissions.
- [**40**Star][2y] [C#] [nccgroup/scomdecrypt](https://github.com/nccgroup/scomdecrypt) SCOMDecrypt is a tool to decrypt stored RunAs credentials from SCOM servers
- [**40**Star][7y] [Py] [nccgroup/lapith](https://github.com/nccgroup/lapith) A simple Nessus results viewer
- [**40**Star][2y] [n3uz/elastic-x-pack-crack](https://github.com/n3uz/elastic-x-pack-crack) 破解 x-pack 授权时间限制，白金版到2050年，仅做研究用途
- [**40**Star][2m] [Py] [muodov/sqlmapchik](https://github.com/muodov/sqlmapchik) cross-platform sqlmap GUI aimed to mobile devices
- [**40**Star][30d] [JS] [moustachauve/cookie-editor](https://github.com/moustachauve/cookie-editor) A powerful browser extension to create, edit and delete cookies
- [**40**Star][16d] [PHP] [mortedamos/vehicle-hacking](https://github.com/mortedamos/vehicle-hacking) Guides and scripts for vehicle cybersecurity research
- [**40**Star][25d] [Py] [moohax/proof-pudding](https://github.com/moohax/proof-pudding) Copy cat model for Proofpoint
- [**40**Star][5m] [C] [mlafeldt/ps2rd](https://github.com/mlafeldt/ps2rd) Collection of tools to remotely debug PS2 games
- [**40**Star][12m] [HTML] [mindflavor/tdsbridge](https://github.com/mindflavor/tdsbridge) TDS Proxy library
- [**40**Star][5y] [michael-yip/aptmalwarenotes](https://github.com/michael-yip/aptmalwarenotes) A repository of open source reports on different malware families used in targeted cyber intrusions ("APT").
- [**40**Star][3m] [Perl] [micahflee/trollwot](https://github.com/micahflee/trollwot) Trolling the Web of Trust
- [**40**Star][10d] [fabacab/awesome-malware](https://github.com/fabacab/awesome-malware) 
- [**40**Star][1y] [Shell] [mavrepis/shodanvulncheck](https://github.com/mavrepis/shodanvulncheck) bash script to enumerate vulnerabilities on specific year through Shodan API
- [**40**Star][4m] [mailinneberg/broadpwn](https://github.com/mailinneberg/broadpwn) Broadpwn bug (CVE-2017-9417)
- [**40**Star][15d] [Py] [lukacci/cpuhunter](https://github.com/lukacci/cpuhunter) 
- [**40**Star][21d] [C] [luigirizzo/netmap-ipfw](https://github.com/luigirizzo/netmap-ipfw) Automatically exported from code.google.com/p/netmap-ipfw
- [**40**Star][1y] [Py] [luh2/detectdynamicjs](https://github.com/luh2/detectdynamicjs) Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and aid in finding user/session data.
- [**40**Star][1m] [Py] [lnxg33k/misc](https://github.com/lnxg33k/misc) Collection of useful scripts.
- [**40**Star][5y] [C++] [lingerhk/0net](https://github.com/lingerhk/0net) 一个简单的Windows远程控制后门
- [**40**Star][4y] [PHP] [lcatro/xss-hunter](https://github.com/lcatro/xss-hunter) XSS hunter 收集Webview 页面上存在的反射,储存型XSS ,方便应急APP 和前端页面在发布时遇到XSS 安全问题..
- [**40**Star][1y] [C] [laginimaineb/cve-2016-2431](https://github.com/laginimaineb/cve-2016-2431) Qualcomm TrustZone kernel privilege escalation
- [**40**Star][5m] [C++] [kelvinhack/notruth](https://github.com/kelvinhack/notruth) 
- [**40**Star][1y] [PS] [k2/scripting](https://github.com/k2/scripting) PS / Bash / Python / Other scripts For FUN!
- [**40**Star][4m] [Ruby] [jurmous/logstash-log4j2](https://github.com/jurmous/logstash-log4j2) Log4j2 plugin for logstash
- [**40**Star][2y] [Py] [jimmy-sonny/yayagen](https://github.com/jimmy-sonny/yayagen) Yet Another YARA rule Generator
- [**40**Star][13d] [Java] [javafxports/javafxmobile-plugin](https://github.com/javafxports/javafxmobile-plugin) A gradle plugin for building mobile applications in java.
- [**40**Star][2y] [PS] [jaredhaight/powershellclasslab](https://github.com/jaredhaight/powershellclasslab) 
- [**40**Star][8m] [Java] [ivianuu/contributer](https://github.com/ivianuu/contributer) Inject all types like views or a conductor controllers with @ContributesAndroidInjector
- [**40**Star][24d] [Perl] [interference-security/kali-windows-binaries](https://github.com/interference-security/kali-windows-binaries) Windows binaries from Kali Linux :
- [**40**Star][1m] [Shell] [installation/rkhunter](https://github.com/installation/rkhunter) Rootkit Hunter install script
- [**40**Star][3y] [PHP] [incredibleindishell/local-file-disclosure-sql-injection-lab](https://github.com/incredibleindishell/local-file-disclosure-sql-injection-lab) This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. If you have any doubt, ping me at
- [**40**Star][5m] [Assembly] [ilovepp/firminsight](https://github.com/ilovepp/firminsight) Automatic collect firmwares from internet,decompress,find binary code,extract info,file relation and function relation
- [**40**Star][5m] [PHP] [ikkez/cryptdown](https://github.com/ikkez/cryptdown) client-side AES-encrypted Markdown pastebin clone
- [**40**Star][5y] [C++] [igorkorkin/hypervisorsdetection](https://github.com/igorkorkin/hypervisorsdetection) This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.
- [**40**Star][1m] [C] [idc/ps4-payload-sdk](https://github.com/idc/ps4-payload-sdk) Open source PS4 SDK
- [**40**Star][6m] [Py] [icanhasfay/pypwned](https://github.com/icanhasfay/pypwned) A Python client for the HaveIBeenPwned REST API
- [**40**Star][1m] [HTML] [hugsy/codebro](https://github.com/hugsy/codebro) Web based code browser using clang to provide basic code analysis.
- [**40**Star][2m] [Py] [hcamael/ctf-library](https://github.com/hcamael/ctf-library) 之Crypto
- [**40**Star][3y] [Py] [h0nus/spynoteshell](https://github.com/h0nus/spynoteshell) Simple Python tool for backdooring apks files (with meterpreter or shell of Metasploit)
- [**40**Star][6m] [C] [grayhatter/utox](https://github.com/grayhatter/utox) EVERYTHING MOVED TO
- [**40**Star][5m] [C] [geosn0w/geofilza](https://github.com/geosn0w/geofilza) Filza No Jailbreak
- [**40**Star][2y] [Shell] [g763007297/gqresign](https://github.com/g763007297/gqresign) ipa重签名(resign),只需一个证书的p12和一个mobileprovision文件就可以实现ipa的重签名
- [**40**Star][4y] [Py] [fire30/ps4-2014-1303-poc](https://github.com/fire30/ps4-2014-1303-poc) 
- [**40**Star][3y] [Py] [fideliscyber/yalda](https://github.com/fideliscyber/yalda) Automated Bulk Intelligence
- [**40**Star][19d] [JS] [evilpacket/redis-sha-crack](https://github.com/evilpacket/redis-sha-crack) node / redis sha hash cracker
- [**40**Star][7y] [Py] [evilcry/pythonscripts](https://github.com/evilcry/pythonscripts) Collection of my Python Scripts
- [**40**Star][11m] [evi1m0/webshell](https://github.com/evi1m0/webshell) This is a webshell open source project
- [**40**Star][17d] [JS] [eshengsky/noginx](https://github.com/eshengsky/noginx) High performance HTTP and reverse proxy server based on Node.js. 基于 Node.js 的高性能 HTTP 及反向代理服务器，类似nginx。
- [**40**Star][2y] [C] [en14c/pivirus](https://github.com/en14c/pivirus) sample linux x86_64 ELF virus
- [**40**Star][3y] [c++] [embedi/meitools](https://github.com/embedi/meitools) Tools for communicating with Intel Management Engine through MEI (HECI)
- [**40**Star][9m] [Groovy] [elastic/elasticsearch-groovy](https://github.com/elastic/elasticsearch-groovy) Elasticsearch Groovy client
- [**40**Star][1m] [C] [efficios/babeltrace](https://github.com/efficios/babeltrace) Babeltrace /ˈbæbəltreɪs/ is an open-source trace manipulation toolkit.
- [**40**Star][2y] [C] [dubaurazvan/esp8266-wireless-switcher](https://github.com/dubaurazvan/esp8266-wireless-switcher) A custom firmware to transform the ESP8266 wifi module into a wifi http based switcher
- [**40**Star][2y] [C#] [drewnoakes/il-visualizer](https://github.com/drewnoakes/il-visualizer) .NET debugging visualiser for runtime-generated IL code (via DynamicMethod, etc) for VS2017 and VS2015
- [**40**Star][2y] [Ruby] [dreadlocked/ssrfmap](https://github.com/dreadlocked/ssrfmap) Simple Server Side Request Forgery services enumeration tool.
- [**40**Star][4m] [Py] [dionach/passhunt](https://github.com/dionach/passhunt) Search drives for documents containing passwords
- [**40**Star][2m] [JS] [digitalbond/canbus-utils](https://github.com/digitalbond/canbus-utils) Command line utilities for analyzing CANbus traffic
- [**40**Star][3m] [dfw1n/dfw1n-osint](https://github.com/dfw1n/dfw1n-osint) Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
- [**40**Star][6m] [Py] [debasishm89/dotnetfuzz](https://github.com/debasishm89/dotnetfuzz) A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
- [**40**Star][4m] [C++] [dbtsai/libdai](https://github.com/dbtsai/libdai) A free and open source C++ library for Discrete Approximate Inference in graphical models
- [**40**Star][1m] [C++] [davidstutz/seeds-revised](https://github.com/davidstutz/seeds-revised) Implementation of the superpixel algorithm called SEEDS [1].
- [**40**Star][6y] [Julia] [danluu/fuzz.jl](https://github.com/danluu/fuzz.jl) World's dumbest fuzzer
- [**40**Star][C] [d1w0u/arp-rootkit](https://github.com/d1w0u/arp-rootkit) An open source rootkit for the Linux Kernel to develop new ways of infection/detection.
- [**40**Star][2m] [C] [cylancevulnresearch/osx_runbin](https://github.com/cylancevulnresearch/osx_runbin) 
- [**40**Star][2m] [C] [cyanogenmod/android_external_openssl](https://github.com/cyanogenmod/android_external_openssl) OpenSSL for Android
- [**40**Star][25d] [PS] [curtbraz/invoke-neutralizeav](https://github.com/curtbraz/invoke-neutralizeav) Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting
- [**40**Star][4m] [PS] [cube0x0/security-assessment](https://github.com/cube0x0/security-assessment) Scripts to automate some part of Security/Vulnerability Assessment
- [**40**Star][12d] [Py] [cryptax/droidlysis](https://github.com/cryptax/droidlysis) Property extractor for Android apps
- [**40**Star][11d] [Go] [cretz/tor-static](https://github.com/cretz/tor-static) Helpers to build Tor statically
- [**40**Star][2y] [Java] [codewhitesec/coldfusionpwn](https://github.com/codewhitesec/coldfusionpwn) Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12
- [**40**Star][13d] [Scala] [codacy/codacy-analysis-cli](https://github.com/codacy/codacy-analysis-cli) Command line interface to execute Codacy code analysis locally
- [**40**Star][2y] [HTML] [chybeta/cve-2018-1000006-demo](https://github.com/chybeta/cve-2018-1000006-demo) The Demo for CVE-2018-1000006
- [**40**Star][1y] [Py] [christhecoolhut/rocket-shot](https://github.com/christhecoolhut/rocket-shot) Backwards program slice stitching for automatic CTF problem solving.
- [**40**Star][4m] [TS] [chef-koch/ffck](https://github.com/chef-koch/ffck) 
- [**40**Star][5m] [Py] [cetfor/papermachete](https://github.com/cetfor/papermachete) A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.
- [**40**Star][4m] [C++] [carbonblack/hexraysdeob](https://github.com/carbonblack/hexraysdeob) Hex-Rays microcode API plugin for breaking an obfuscating compiler
- [**40**Star][3m] [Py] [blazeinfosec/ssrf-ntlm](https://github.com/blazeinfosec/ssrf-ntlm) Proof of concept written in Python to show that in some situations a SSRF vulnerability can be used to steal NTLMv1/v2 hashes.
- [**40**Star][9y] [bes/keystorebrute](https://github.com/bes/keystorebrute) A Keystore Brute-force attacker.
- [**40**Star][30d] [OCaml] [berke/jsure](https://github.com/berke/jsure) JSure is a fast, standalone Javascript checker.
- [**40**Star][8y] [C++] [bend/rar_crack](https://github.com/bend/rar_crack) A rar password cracker using brute force attack
- [**40**Star][10d] [Py] [bbva/patton-cli](https://github.com/bbva/patton-cli) The knife of the Admin & Security auditor
- [**40**Star][3m] [C++] [attackercan/cpp-sql-fuzzer](https://github.com/attackercan/cpp-sql-fuzzer) 
- [**40**Star][19d] [Py] [att/docker-forensics](https://github.com/att/docker-forensics) Tools to assist in forensicating docker
- [**40**Star][2y] [CoffeeScript] [atom/loophole](https://github.com/atom/loophole) A hack to enable use of libraries that depend on a basic form of eval in Atom with CSP enabled
- [**40**Star][4m] [PS] [asymmetric-infosec/power-response](https://github.com/asymmetric-infosec/power-response) Powering Up Incident Response with Power-Response
- [**40**Star][2y] [JS] [arno0x/reflectivednsexfiltrator](https://github.com/arno0x/reflectivednsexfiltrator) Data exfiltration using reflective DNS resolution covert channel
- [**40**Star][22d] [Py] [arbazkiraak/hackbot](https://github.com/arbazkiraak/hackbot) Telegram Bot (Initial Development)
- [**40**Star][6y] [C++] [anwarmohamed/packetyzer](https://github.com/anwarmohamed/packetyzer) Packetyzer is a high level library for C++ designed to make easier the forging and decoding of network packets. It has the ability to decode packets of most common network protocols, capture them and send them on the wire. This capability allows construction of tools that can probe, scan or attack networks.
- [**40**Star][13d] [JS] [anseki/gnirts](https://github.com/anseki/gnirts) Obfuscate string literals in JavaScript code.
- [**40**Star][1m] [Py] [andreafortuna/autotimeliner](https://github.com/andreafortuna/autotimeliner) Automagically extract forensic timeline from volatile memory dump
- [**40**Star][25d] [HTML] [adulau/misp-osint-collection](https://github.com/adulau/misp-osint-collection) Collection of best practices to add OSINT into MISP and/or MISP communities
- [**40**Star][29d] [Perl] [abarisani/abarisani.github.io](https://github.com/abarisani/abarisani.github.io) 
- [**40**Star][2m] [Go] [9seconds/httransform](https://github.com/9seconds/httransform) A framework to build precise and fast HTTP proxies.
- [**40**Star][18d] [PHP] [233sec/laravel-src](https://github.com/233sec/laravel-src) 基于 LARAVEL 打造的安全应急响应中心平台
- [**39**Star][1m] [Py] [akabe1/kr00ker](https://github.com/akabe1/kr00ker) An experimental script PoC for Kr00k vulnerability (CVE-2019-15126)
- [**39**Star][3m] [Py] [nibiwodong/cnvd-2020-10487-tomcat-ajp-poc](https://github.com/nibiwodong/cnvd-2020-10487-tomcat-ajp-poc) CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc
- [**39**Star][22d] [Py] [scrapinghub/arche](https://github.com/scrapinghub/arche) Analyze scraped data
- [**39**Star][2m] [Py] [malrev/avclassplusplus](https://github.com/malrev/avclassplusplus) AVCLASS++: Yet Another Massive Malware Labeling Tool
- [**39**Star][2m] [Shell] [jamesmacwhite/ipset-netgear-r7000-dd-wrt](https://github.com/jamesmacwhite/ipset-netgear-r7000-dd-wrt) Packages and kernel modules for ipset support for the Netgear R7000 running DD-WRT firmware
- [**39**Star][26d] [C++] [dthuerck/mapmap_cpu](https://github.com/dthuerck/mapmap_cpu) A high-performance general-purpose MRF MAP solver, heavily exploiting SIMD instructions.
- [**39**Star][4m] [ObjC] [lszzy/fwdebug](https://github.com/lszzy/fwdebug) iOS debugging library, support for iOS9 +, without adding any code to facilitate iOS development and testing.
- [**39**Star][1m] [C] [ultraembedded/usb_sniffer](https://github.com/ultraembedded/usb_sniffer) High Speed USB 2.0 capture device based on miniSpartan6+
- [**39**Star][14d] [Py] [simfin/pdf-crawler](https://github.com/simfin/pdf-crawler) SimFin's open source PDF crawler
- [**39**Star][21d] [Jupyter Notebook] [williamscott701/information-retrieval](https://github.com/williamscott701/information-retrieval) Information Retrieval algorithms developed in python. To follow the blog posts, click on the link:
- [**39**Star][17d] [Py] [polyrabbit/accelerated-http-proxy](https://github.com/polyrabbit/accelerated-http-proxy) 
- [**39**Star][2m] [Py] [zhangslob/web-crawler-engineer-for-python](https://github.com/zhangslob/web-crawler-engineer-for-python) Web-crawler-engineer-for-Python
- [**39**Star][7m] [Shell] [jenh/sevenminutevpn](https://github.com/jenh/sevenminutevpn) Seven Minute VPN: Launch and connect to a personal OpenVPN instance on AWS in minutes
- [**39**Star][4m] [Swift] [pureswift/bluetooth](https://github.com/pureswift/bluetooth) Pure Swift Bluetooth library
- [**39**Star][16d] [Py] [snawoot/rsp](https://github.com/snawoot/rsp) Rapid SSH Proxy
- [**39**Star][3m] [TS] [blueberryapps/vcr.js](https://github.com/blueberryapps/vcr.js) Mock server with Proxy and Record support inspired by ruby VCR.
- [**39**Star][27d] [Py] [jwenjian/usda-fruit-img-spider](https://github.com/jwenjian/usda-fruit-img-spider) Python spider to save fruit img from USDA's website
- [**39**Star][4m] [C] [rt-thread-packages/nimble](https://github.com/rt-thread-packages/nimble) An Apache open-source Bluetooth 5.0 stack porting on RT-Thread
- [**39**Star][5m] [Go] [googlecloudplatform/stackdriver-reverse-proxy](https://github.com/googlecloudplatform/stackdriver-reverse-proxy) Simple HTTP proxy to automatically traces the incoming requests
- [**39**Star][11d] [Py] [noob-hackers/ipdrone](https://github.com/noob-hackers/ipdrone) get your victim's location by his/her ip address in Termux from ipdrone
- [**39**Star][25d] [Shell] [125k/wifi-spam](https://github.com/125k/wifi-spam) 
- [**39**Star][1m] [Dockerfile] [cooptilleuls/docker-varnish](https://github.com/cooptilleuls/docker-varnish) Docker image for Varnish Cache (caching HTTP reverse proxy)
- [**39**Star][4m] [Py] [coolervoid/codecat](https://github.com/coolervoid/codecat) Tool to help in static analysis
- [**39**Star][17d] [CSS] [cw1997/mysql-monitor](https://github.com/cw1997/mysql-monitor) MySQL服务器执行SQL记录实时监控（WEB版本）
- [**39**Star][23d] [Py] [joxeankoret/tahh](https://github.com/joxeankoret/tahh) Source codes for "The Antivirus Hackers Handbook" book.
- [**39**Star][5y] [Py] [honeynet/yapdns](https://github.com/honeynet/yapdns) YAPDNS
- [**39**Star][21d] [C] [dodola/traphook](https://github.com/dodola/traphook) 
- [**39**Star][11d] [Java] [codahale/fast-uuid](https://github.com/codahale/fast-uuid) A fast random UUID generator.
- [**39**Star][26d] [C] [bkerler/opencl_brute](https://github.com/bkerler/opencl_brute) MD5,SHA1,SHA256,SHA512,HMAC,PBKDF2,SCrypt Bruteforcing tools using OpenCL (GPU, yay!) and Python
- [**39**Star][3m] [HTML] [cryptogenic/ps4-playground-3.55](https://github.com/cryptogenic/ps4-playground-3.55) A 3.55 implementation of PS4 Playground (based on CTurt's 1.76 original)
- [**39**Star][5y] [Py] [internetwache/ssh-honeypot](https://github.com/internetwache/ssh-honeypot) Simple SSH Honeypot in Python
- [**39**Star][19d] [JS] [threatexpress/portplow](https://github.com/threatexpress/portplow) PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and services from multiple systems managed by a central console.
- [**39**Star][14d] [C] [pmem/valgrind](https://github.com/pmem/valgrind) Enhanced Valgrind for Persistent Memory
- [**39**Star][13d] [Py] [angr/archr](https://github.com/angr/archr) Target-centric program analysis.
- [**39**Star][2m] [seemoo-lab/wireshark-awdl](https://github.com/seemoo-lab/wireshark-awdl) Wireshark Dissector for Apple Wireless Direct Link (AWDL) and Apple's CoreCapture logging framework. Note: the AWDL dissector is part of Wireshark 3.0!
- [**39**Star][22d] [C++] [parkovski/wsudo](https://github.com/parkovski/wsudo) Proof of concept sudo for Windows
- [**39**Star][18d] [Go] [linus4/csgoverview](https://github.com/linus4/csgoverview) A 2D demo replay tool for Counter Strike: Global Offensive.
- [**39**Star][3m] [Py] [pilgun/acvtool](https://github.com/pilgun/acvtool) ACVTool is a novel tool for measuring black-box code coverage of Android applications.
- [**39**Star][29d] [hax4us/termux-x](https://github.com/hax4us/termux-x) it is unofficial repository maintained by me
- [**39**Star][18d] [Java] [fornwall/jelf](https://github.com/fornwall/jelf) ELF parsing library in java.
- [**39**Star][10d] [C++] [lasselukkari/duinodcx](https://github.com/lasselukkari/duinodcx) WiFi remote controller for the Behringer Ultradrive.
- [**39**Star][1m] [Py] [oasis-open/cti-taxii-server](https://github.com/oasis-open/cti-taxii-server) OASIS TC Open Repository: TAXII 2 Server Library Written in Python
- [**39**Star][2m] [kiyadesu/android-reversing-challenges](https://github.com/kiyadesu/android-reversing-challenges) there are some CTF challenges or some other things helping improving android reversing skills.
- [**39**Star][2m] [Py] [armysheng/tech163newsspider](https://github.com/armysheng/tech163newsspider) 爬取网易新闻，存储到本地的mongodb
- [**39**Star][11d] [Py] [hiteshchoudhary/airvengers](https://github.com/hiteshchoudhary/airvengers) A GUI to pentest wifi Network, based on Aircrack-ng tools
- [**39**Star][28d] [ObjC] [proteas/ios13-sandbox-profile-format](https://github.com/proteas/ios13-sandbox-profile-format) Binary Format of iOS 13 Sandbox Profile Collection
- [**39**Star][1m] [Py] [pnfsoftware/jeb-golang-analyzer](https://github.com/pnfsoftware/jeb-golang-analyzer) JEB scripts for Golang executables analysis
- [**39**Star][10m] [JS] [jarrekk/saplatform](https://github.com/jarrekk/saplatform) auto ops platform,include assets,releases,execute sqls,optimise permissions and user management, not in maintenance now.
- [**39**Star][1m] [jasonniebauer/nmap-cheatsheet](https://github.com/jasonniebauer/nmap-cheatsheet) Reference guide for scanning networks with Nmap.
- [**39**Star][11d] [C] [phenomite/amp-research](https://github.com/phenomite/amp-research) Research on UDP/TCP amplification vectors, payloads and mitigations against their use in DDoS Attacks
- [**39**Star][4m] [hrt/anticheatjs](https://github.com/hrt/anticheatjs) Javascript Anti Cheats 101
- [**39**Star][7y] [Shell] [intelisecurelabs/pineapple-confs](https://github.com/InteliSecureLabs/Pineapple-Confs) TPLink Pineapple Mods
- [**39**Star][3y] [PS] [msadministrator/pprt](https://github.com/MSAdministrator/PPRT) This module is used to report phishing URLs to their WHOIS/RDAP abuse contact information.
- [**39**Star][5m] [C++] [hluwa/smali-anti-usageseach](https://github.com/hluwa/Smali-Anti-UsageSeach) 隐藏关键方法的相关调用
- [**39**Star][2y] [HTML] [electroniccats/samykamtools](https://github.com/ElectronicCats/SamyKamTools) Magnetic Pentesting tool for Raspberry Pi
- [**39**Star][25d] [Shell] [125k/wifi-spam](https://github.com/125K/WiFi-Spam) 
- [**39**Star][13d] [Jupyter Notebook] [aicoe/prometheus-data-science](https://github.com/AICoE/prometheus-data-science) A collection of analysis, analytics, and machine learning techniques for time series forecasting w/ Prometheus metrics
- [**39**Star][3m] [C++] [lijuno/nrf24_ble](https://github.com/lijuno/nRF24_BLE) Hacking nRF24L01+ as a low-cost BLE beacon
- [**39**Star][5m] [Ruby] [fsecurelabs/honeypot_recipes](https://github.com/FSecureLABS/honeypot_recipes) A chef cookbook which can be used to quickly deploy a high interaction honeypot, using the sysdig and falco tools
- [**39**Star][1m] [HTML] [cveproject/cveproject.github.io](https://github.com/CVEProject/cveproject.github.io) CVE Project Documentation
- [**39**Star][12d] [Py] [hash3lizer/airpydump](https://github.com/hash3liZer/airpydump) Analyze Wireless Packets on the fly. Currently supporting three working Modes (Reader, Live, Stealth)
- [**39**Star][8m] [Py] [zynamics/bincrowd-plugin-ida](https://github.com/zynamics/bincrowd-plugin-ida) BinCrowd Plugin for IDA Pro
- [**39**Star][1m] [JS] [zhuzhibo0/sslcloud](https://github.com/zhuzhibo0/sslcloud) 
- [**39**Star][5m] [Py] [ydkhatri/macforensics](https://github.com/ydkhatri/macforensics) Scripts to process OSX forensic artifacts
- [**39**Star][11m] [Perl] [xme/cuckoomx](https://github.com/xme/cuckoomx) CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)
- [**39**Star][2m] [JS] [wahengchang/nodejs-security-must-know](https://github.com/wahengchang/nodejs-security-must-know) It is a note about security on nodejs
- [**39**Star][1y] [PHP] [vanvan/ipfsproxyhttp](https://github.com/vanvan/ipfsproxyhttp) InterPlanetary File System HTTP Proxy
- [**39**Star][2y] [Py] [vah13/sap_vulnerabilities](https://github.com/vah13/sap_vulnerabilities) DoS PoC's for SAP products
- [**39**Star][15d] [unicornsasfuel/sqlite_sqli_cheat_sheet](https://github.com/unicornsasfuel/sqlite_sqli_cheat_sheet) A cheat sheet for attacking SQLite via SQLi
- [**39**Star][2m] [Py] [toperaproject/topera](https://github.com/toperaproject/topera) IPv6 analysis tool: the other side
- [**39**Star][3y] [Py] [tomasreimers/tensorflow-graph-compression](https://github.com/tomasreimers/tensorflow-graph-compression) Compress graph files for tensorflow.
- [**39**Star][3y] [Java] [tiked/androrw](https://github.com/tiked/androrw) PoC Ransomware for android
- [**39**Star][25d] [Py] [thelsa/cmsidentification](https://github.com/thelsa/cmsidentification) 多模式cms识别脚本
- [**39**Star][3y] [Py] [thecjw/ida_android_script](https://github.com/thecjw/ida_android_script) some idapython scripts for android debugging.
- [**39**Star][2m] [Py] [takeshixx/deen](https://github.com/takeshixx/deen) Generic data DEcoding/ENcoding application built with PyQt5.
- [**39**Star][4y] [Py] [takahiroharuyama/openioc_scan](https://github.com/takahiroharuyama/openioc_scan) openioc_scan Volatility Framework plugin
- [**39**Star][1m] [Py] [tahz7/traffic_analyser](https://github.com/tahz7/traffic_analyser) Retrieve useful information from apache/nginx access logs to help troubleshoot traffic related problems
- [**39**Star][5m] [Py] [swordf1sh/moderat](https://github.com/swordf1sh/moderat) Experimental Windows Remote Administration and Spy Tool in Python + GUI
- [**39**Star][2y] [Py] [sundaysec/andspoilt](https://github.com/sundaysec/andspoilt) Run interactive android exploits in linux.
- [**39**Star][2y] [C++] [struct/hardenedpartitionalloc](https://github.com/struct/hardenedpartitionalloc) A forked and hardened version of PartitionAlloc from Chrome's Blink engine
- [**39**Star][9y] [C] [stephenfewer/ollycalltrace](https://github.com/stephenfewer/ollycalltrace) OllyCallTrace is a plugin for OllyDbg to trace the call chain of a thread.
- [**39**Star][4m] [Py] [static-flow/cloudcopy](https://github.com/static-flow/cloudcopy) This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.
- [**39**Star][4m] [spiderlabs/iocs-idps](https://github.com/spiderlabs/iocs-idps) This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
- [**39**Star][2m] [C] [spender-sandbox/cuckoomon-modified](https://github.com/spender-sandbox/cuckoomon-modified) Modified edition of cuckoomon
- [**39**Star][21d] [JS] [sotera/newman](https://github.com/sotera/newman) Quickly analyze and explore email with advanced analytics and visualization.
- [**39**Star][4y] [C#] [sneaksensed/hiddentear](https://github.com/sneaksensed/hiddentear) HiddenTear Cyan Edition - A real life ransomware coded in C#
- [**39**Star][9m] [C] [smartinm/diskcryptor](https://github.com/smartinm/diskcryptor) DiskCryptor - Open source partition encryption solution
- [**39**Star][5m] [C] [skgleba/imcunlock](https://github.com/skgleba/imcunlock) Internal ux storage enabler/manager for Playstation Vita
- [**39**Star][24d] [TS] [sipcapture/homer-ui](https://github.com/sipcapture/homer-ui) HOMER Front-End Application (UI)
- [**39**Star][5y] [Pascal] [senjaxus/delphi_remote_access_pc](https://github.com/senjaxus/delphi_remote_access_pc) Remote access in Delphi 7 and Delphi XE5 (With sharer files, CHAT and Forms Inheritance) || Acesso Remoto em Delphi 7 e Delphi XE5 (Com Compartilhador de Arquivos, CHAT e Herança de Formulários)
- [**39**Star][2y] [secgroundzero/cs-aggressor-scripts](https://github.com/secgroundzero/cs-aggressor-scripts) Aggressor Scripts for Cobalt Strike
- [**39**Star][2m] [JS] [sauldoescode/rilti.js](https://github.com/sauldoescode/rilti.js) a small opinionated future forward front-end framework
- [**39**Star][3y] [C++] [sam-b/hacksysdriverexploits](https://github.com/sam-b/hacksysdriverexploits) 
- [**39**Star][4y] [C++] [sam-b/cve-2014-4113](https://github.com/sam-b/cve-2014-4113) Trigger and exploit code for CVE-2014-4113
- [**39**Star][2m] [JS] [saelo/foxpwn](https://github.com/saelo/foxpwn) Exploit code for CVE-2016-9066
- [**39**Star][11d] [Shell] [rtrouton/create_macos_recovery](https://github.com/rtrouton/create_macos_recovery) Tool for repairing the Recovery volume (APFS) or partition (HFS+) on Macs running macOS 10.13.x or later.
- [**39**Star][8m] [Py] [resultsmayvary/ctf](https://github.com/resultsmayvary/ctf) CTF Writeups
- [**39**Star][4y] [Py] [rebootuser/hashmash](https://github.com/rebootuser/hashmash) Hashmash is a tool to aid in generating hashes from user supplied values and Epochs
- [**39**Star][1m] [Java] [ravn/jsocks](https://github.com/ravn/jsocks) Updates for
- [**39**Star][1y] [M4] [raspberrypi/usbbootgui](https://github.com/raspberrypi/usbbootgui) GUI for booting a Raspberry Pi device like Pi Zero or compute module as a device
- [**39**Star][3m] [Ruby] [rapid7/rex-powershell](https://github.com/rapid7/rex-powershell) Rex library for dealing with Powershell Scripts
- [**39**Star][2m] [quarkslab/conf-presentations](https://github.com/quarkslab/conf-presentations) 
- [**39**Star][28d] [JS] [qazbnm456/ctf-course](https://github.com/qazbnm456/ctf-course) 
- [**39**Star][2m] [PS] [ptylenda/kubernetes-for-windows](https://github.com/ptylenda/kubernetes-for-windows) Ansible playbooks and Packer templates for creating hybrid Windows/Linux Kubernetes 1.10+ cluster with experimental Flannel pod network (host-gw backend)
- [**39**Star][2m] [Py] [psmiraglia/ctf](https://github.com/psmiraglia/ctf) My solutions of CTFs
- [**39**Star][11d] [Go] [projectcalico/typha](https://github.com/projectcalico/typha) Calico's datastore fan-out daemon.
- [**39**Star][3y] [Py] [programa-stic/marvin-dynamic-analyzer](https://github.com/programa-stic/marvin-dynamic-analyzer) Dynamic android vulnerability scanner using OpenNebula and Android-x86 emulators.
- [**39**Star][23d] [PS] [dsccommunity/xfailovercluster](https://github.com/dsccommunity/xFailOverCluster) This module contains DSC resources for deployment and configuration of Windows Server Failover Cluster.
- [**39**Star][28d] [Java] [portswigger/distribute-damage](https://github.com/portswigger/distribute-damage) Evenly distributes scanner load across targets
- [**39**Star][2m] [plutochiou/shadowsocks-rss](https://github.com/plutochiou/shadowsocks-rss) shadowsocks update rss
- [**39**Star][1m] [Jupyter Notebook] [pirataspinhal/algorithms](https://github.com/pirataspinhal/algorithms) 
- [**39**Star][2y] [PS] [outflanknl/doh_c2_trigger](https://github.com/outflanknl/doh_c2_trigger) Code for blogpost:
- [**39**Star][4m] [optixal/oscp-pwk-notes-public](https://github.com/optixal/oscp-pwk-notes-public) OSCP Notes
- [**39**Star][28d] [Go] [nytimes/gcs-helper](https://github.com/nytimes/gcs-helper) Tool for proxying and mapping HTTP requests to Google Cloud Storage (GCS).
- [**39**Star][5m] [C#] [nyan-x-cat/disable-windows-defender](https://github.com/nyan-x-cat/disable-windows-defender) Changing values to bypass windows defender C#
- [**39**Star][11m] [Go] [northern-lights/yara-parser](https://github.com/northern-lights/yara-parser) Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
- [**39**Star][16d] [Go] [netxfly/docker-remote-api-exp](https://github.com/netxfly/docker-remote-api-exp) docker remote api未授权访问的利用代码
- [**39**Star][2y] [Py] [netspi/spoofspotter](https://github.com/netspi/spoofspotter) A tool to catch spoofed NBNS responses.
- [**39**Star][19d] [Py] [netkiller/firewall](https://github.com/netkiller/firewall) Python Firewall Library
- [**39**Star][3m] [C++] [nccgroup/pip3line](https://github.com/nccgroup/pip3line) The Swiss army knife of byte manipulation
- [**39**Star][2y] [PHP] [nao-sec/mal_getter](https://github.com/nao-sec/mal_getter) Tool for dropping malware from EK
- [**39**Star][4m] [JS] [naman14/gnome-android-tool](https://github.com/naman14/gnome-android-tool) Gnome shell extension for adb tools
- [**39**Star][8m] [Ruby] [mrackwitz/jeroboam](https://github.com/mrackwitz/jeroboam) Check all your apps on macOS for vulnerable Sparkle updaters
- [**39**Star][1y] [Py] [mpgn/beast-poc](https://github.com/mpgn/beast-poc) 
- [**39**Star][1y] [PS] [minervalabsresearch/blogposts](https://github.com/minervalabsresearch/blogposts) Code examples from recent blog posts by minerva labs.
- [**39**Star][2m] [C#] [mili-tan/mv2rayconfig](https://github.com/mili-tan/mv2rayconfig) 
- [**39**Star][4m] [Py] [michaelstott/crlf-injection-scanner](https://github.com/michaelstott/crlf-injection-scanner) Command line tool for testing CRLF injection on a list of domains.
- [**39**Star][15d] [Go] [metalnem/zinio](https://github.com/metalnem/zinio) This command line tool removes DRM from magazines in your digital Zinio library
- [**39**Star][4m] [Assembly] [marespiaut/rayman_disasm](https://github.com/marespiaut/rayman_disasm) Reverse-engineering effort for the 1995 MS-DOS game “Rayman”
- [**39**Star][20d] [C++] [manux81/canspy](https://github.com/manux81/canspy) Very simple tool for users who need to interface with a device based on CAN (CAN/CANopen/J1939/NMEA2000/DeviceNet) such as motors, sensors and many other devices.
- [**39**Star][3y] [Assembly] [macmade/obfuscate](https://github.com/macmade/obfuscate) C/C++ machine code obfuscation.
- [**39**Star][5m] [C#] [luciouskami/apex-eacbypass](https://github.com/luciouskami/apex-eacbypass) APEX-EACBypass(usermode)
- [**39**Star][4m] [Java] [lmax-exchange/angler](https://github.com/lmax-exchange/angler) A utility for monitoring UDP message-processing
- [**39**Star][11m] [lj147/awesome-wechat](https://github.com/lj147/awesome-wechat) 技术型干货分享公众号集合，点击公众号链接即可扫描快速二维码。
- [**39**Star][5m] [Py] [lifetyper/asynchttpsdns](https://github.com/lifetyper/asynchttpsdns) DNS Over Https Powered By Asyncio
- [**39**Star][30d] [C] [libyal/libolecf](https://github.com/libyal/libolecf) Library and tools to access the OLE 2 Compound File (OLECF) format
- [**39**Star][6m] [Shell] [lawliet89/llvm-obfuscator](https://github.com/lawliet89/llvm-obfuscator) LLVM Obfuscator
- [**39**Star][4y] [C] [laginimaineb/waroftheworlds](https://github.com/laginimaineb/waroftheworlds) QSEE Shellcode to directly hijack the "Normal World" Linux Kernel
- [**39**Star][9m] [Py] [ktenzer/openshift-on-openstack-123](https://github.com/ktenzer/openshift-on-openstack-123) Deploy OpenShift on OpenStack
- [**39**Star][1m] [Py] [kernelmachine/haveibeenpwned](https://github.com/kernelmachine/haveibeenpwned) Python interface to Have I Been Pwned API
- [**39**Star][1y] [Py] [keli/furion](https://github.com/keli/furion) Socks5 + SSL Proxy
- [**39**Star][4m] [HTML] [keenrivals/bugsite-index](https://github.com/keenrivals/bugsite-index) Index of websites publishing bugs along the lines of heartbleed.com
- [**39**Star][19d] [Shell] [keeganjk/kali-anonymous](https://github.com/keeganjk/kali-anonymous) 
- [**39**Star][4y] [Java] [kdkanishka/virustotal-public-api-v2.0-client](https://github.com/kdkanishka/virustotal-public-api-v2.0-client) VirusTotal public API 2.0 implementation in Java
- [**39**Star][3m] [Py] [johnnykv/mnemosyne](https://github.com/johnnykv/mnemosyne) Normalizer for honeypot data.
- [**39**Star][1y] [C] [joel16/vitabackup](https://github.com/joel16/vitabackup) A backup/restore tool for the PlayStation VITA/ PlayStation VITA TV. (Design created by Berion)
- [**39**Star][23d] [Py] [jevalenciap/iptodomain](https://github.com/jevalenciap/iptodomain) This tool extract domains from IP address based in the information saved in virustotal.
- [**39**Star][1m] [Shell] [jceminer/cn_cpu_miner](https://github.com/jceminer/cn_cpu_miner) Cryptonote CPU Miner
- [**39**Star][1y] [Py] [jas502n/st2-048](https://github.com/jas502n/st2-048) st2-048
- [**39**Star][11y] [izsh/ida-python-scripts](https://github.com/izsh/ida-python-scripts) IDA Python Scripts
- [**39**Star][9m] [Clojure] [isecpartners/scout](https://github.com/isecpartners/scout) AWS EC2 and S3 Security Auditing Tool
- [**39**Star][19d] [Py] [iiseymour/game-of-life](https://github.com/iiseymour/game-of-life) Conway's Game Of Life with a small evolutionary twist.
- [**39**Star][4y] [hexx0r/cve-2016-0051](https://github.com/hexx0r/cve-2016-0051) 
- [**39**Star][9m] [hackingthings/publications](https://github.com/hackingthings/publications) All related files and slides for past talks
- [**39**Star][2m] [C] [gnoxter/mountain_goat](https://github.com/gnoxter/mountain_goat) A PoC demonstrating techniques exploiting CVE-2016-5696 Off-Path TCP Exploits: Global Rate Limit Considered Dangerous
- [**39**Star][2y] [Dockerfile] [gmdutra/docker-inurlbr](https://github.com/gmdutra/docker-inurlbr) Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.
- [**39**Star][2y] [gcpartners/etlparser](https://github.com/gcpartners/etlparser) Binary commandline executable to parse ETL files
- [**39**Star][2m] [Py] [ganapati/wpyscan](https://github.com/ganapati/wpyscan) Wordpress pentest tool (because i don't like ruby)
- [**39**Star][1m] [Py] [fotisl/utimaco](https://github.com/fotisl/utimaco) Tools for reverse engineering the Utimaco Firmware
- [**39**Star][19d] [C++] [flier/zipkin-cpp](https://github.com/flier/zipkin-cpp) Zipkin tracing library for C/C++
- [**39**Star][2y] [Py] [fallengavin/srcinfo](https://github.com/fallengavin/srcinfo) 作为白帽子，手上有很多应急响应中心接受漏洞的范围和一些网站信息，为了便于管理，自己动手写了一个信息管理的平台，感兴趣的可以自己改改，制作自己的信息库
- [**39**Star][1m] [C++] [f18m/large-pcap-analyzer](https://github.com/f18m/large-pcap-analyzer) A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to manipulate very large PCAP files that cannot be easily handled with other software like Wireshark (or tshark). Supports filtering encapsulated GTPu frames. Easily extendible.
- [**39**Star][3y] [Py] [extremecoders-re/pjorion-deobfuscator](https://github.com/extremecoders-re/pjorion-deobfuscator) A deobfuscator for PjOrion, python cfg generator and more
- [**39**Star][3y] [Py] [exploitx3/fuzzbunch](https://github.com/exploitx3/fuzzbunch) FUZZBUNCH - NSA security tools
- [**39**Star][2m] [Py] [efficios/barectf](https://github.com/efficios/barectf) Generator of ANSI C tracers which output CTF
- [**39**Star][2m] [Shell] [e-f-a/v3](https://github.com/e-f-a/v3) E.F.A version 3.x.x.x
- [**39**Star][4y] [Py] [dungtv543/dutas](https://github.com/dungtv543/dutas) Analysis PE file or Shellcode
- [**39**Star][3y] [C++] [droidninja/document-scanner](https://github.com/droidninja/document-scanner) OPENCV Framework based document scanner
- [**39**Star][1m] [Py] [dmaasland/mcfridafee](https://github.com/dmaasland/mcfridafee) 
- [**39**Star][1m] [Shell] [dlshad/openvpn-shapeshifter](https://github.com/dlshad/openvpn-shapeshifter) This script will automatically guide you to install and configure your OpenVPN server with Shapeshifter Dispatcher (obfuscation) which will allow you to bypass the DPI blockage on OpenVPN. This setup will offer the users the freedom to choose between regular OpenVPN connection or obfuscated one, they actually can use both! OpenVPN is the VPN pro…
- [**39**Star][2y] [Py] [dissectmalware/malwarecmdmonitor](https://github.com/dissectmalware/malwarecmdmonitor) Shows command lines used by latest instances analyzed on Hybrid-Analysis
- [**39**Star][4y] [Java] [directdefense/superserial-active](https://github.com/directdefense/superserial-active) SuperSerial-Active - Java Deserialization Vulnerability Active Identification Burp Extender
- [**39**Star][4y] [PS] [dfinke/onegetgistprovider](https://github.com/dfinke/onegetgistprovider) Gist-as-a-Package - PackageManagement PowerShell Provider to interop with Github Gists
- [**39**Star][21d] [Py] [deep-fingerprinting/df](https://github.com/deep-fingerprinting/df) The source code and dataset are used to demonstrate the DF model, and reproduce the results of the ACM CCS2018 paper
- [**39**Star][18d] [Ruby] [david942j/gdb-ruby](https://github.com/david942j/gdb-ruby) It's time for Ruby lovers to use Ruby in gdb, and gdb in Ruby!
- [**39**Star][4y] [Py] [cysinfo/pymal](https://github.com/cysinfo/pymal)  a python based interactive Malware Analysis Framework
- [**39**Star][17d] [Shell] [cyb3r3x3r/kalilinuxnethunter-termux](https://github.com/cyb3r3x3r/kalilinuxnethunter-termux) Install Kali Linux Nethunter in termux - orginal by
- [**39**Star][5m] [Py] [curehsu/ez-wave](https://github.com/curehsu/ez-wave) Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios.
- [**39**Star][6m] [Py] [csecgroup/wafid](https://github.com/csecgroup/wafid) Wafid identify and fingerprint Web Application Firewall (WAF) products.
- [**39**Star][3y] [C] [cn33liz/hsevd-arbitraryoverwritegdi](https://github.com/cn33liz/hsevd-arbitraryoverwritegdi) HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit using GDI
- [**39**Star][7m] [cmlh/maltego-haveibeenpwned](https://github.com/cmlh/maltego-haveibeenpwned) Maltego integration of
- [**39**Star][2y] [chichou/10.13.5-sip-bypass](https://github.com/chichou/10.13.5-sip-bypass) 
- [**39**Star][5m] [Py] [cerberussecurity/cve-2017-5689](https://github.com/cerberussecurity/cve-2017-5689) 
- [**39**Star][8m] [Py] [brianwrf/sambahunter](https://github.com/brianwrf/sambahunter) It is a simple script to exploit RCE for Samba (CVE-2017-7494 ).
- [**39**Star][3y] [JS] [breach/mod_strip](https://github.com/breach/mod_strip) Breach default layout / tabbing module
- [**39**Star][1y] [Shell] [bourgeoisbear/openbsdfirewall](https://github.com/bourgeoisbear/openbsdfirewall) Simple OpenBSD Home Firewall Config for ALIX Board
- [**39**Star][2m] [C] [bmx-routing/bmx7](https://github.com/bmx-routing/bmx7) BMX7 / SEMTOR Securely Entrusted Mesh Routing Protocol
- [**39**Star][6m] [binarymist/holisticinfosec-for-webdevelopers-fascicle0](https://github.com/binarymist/holisticinfosec-for-webdevelopers-fascicle0) 
- [**39**Star][2m] [C] [bi-zone/rdtsc-checkvirt-poc](https://github.com/bi-zone/rdtsc-checkvirt-poc) Virtualization detection through speculative execution PoCs and papers
- [**39**Star][4m] [Py] [benmezger/pydebug](https://github.com/benmezger/pydebug) Decorators for debugging Python
- [**39**Star][3m] [C] [bdutro/ibm_pw_clear](https://github.com/bdutro/ibm_pw_clear) Small EFI utility that clears the power-on and setup passwords in IBM x3550/x3650 M3 servers
- [**39**Star][7m] [Lua] [bcsecorg/ethereum_devp2p_wireshark_dissector](https://github.com/bcsecorg/ethereum_devp2p_wireshark_dissector) This is Ethereum devp2p protocol dissector plugin for wireshark.
- [**39**Star][2y] [Py] [ax330d/ida_pdb_loader](https://github.com/ax330d/ida_pdb_loader) IDA PDB Loader
- [**39**Star][4y] [JS] [auth0-blog/nodejs-awesome-polls](https://github.com/auth0-blog/nodejs-awesome-polls) 
- [**39**Star][3m] [Java] [augustd/burp-suite-error-message-checks](https://github.com/augustd/burp-suite-error-message-checks) Burp Suite extension to passively scan for applications revealing server error messages
- [**39**Star][2y] [JS] [ash47/omeglemiddleman](https://github.com/ash47/omeglemiddleman) Lets you connect strangers to each other, and intercept messages AKA Man in the Middle Attack
- [**39**Star][3y] [Java] [aninstein/network-security-situation-awareness-system](https://github.com/aninstein/network-security-situation-awareness-system) 综合了资产检测，主机扫描，流量分析等技术，通过这些技术取得网络资产，脆弱性，威胁等指标，从而根据这些指标计算出当前网络的网络安全态势。
- [**39**Star][3y] [C] [andnxor/andnxor_dc24_badge](https://github.com/andnxor/andnxor_dc24_badge) AND!XOR DEFCON 24 Badge HW and SW
- [**39**Star][1m] [PHP] [ambulong/phpmyxss](https://github.com/ambulong/phpmyxss) A XSS Project
- [**39**Star][4m] [Py] [am0nt31r0/osint-search](https://github.com/am0nt31r0/osint-search) Useful for digital forensics investigations or initial black-box pentest footprinting.
- [**39**Star][4m] [Py] [alttch/pptop](https://github.com/alttch/pptop) Open, extensible Python injector/profiler/analyzer
- [**39**Star][7m] [Logos] [ahmadhashemi/immortal](https://github.com/ahmadhashemi/immortal) Prevent expiration of signed iOS applications & bypass 3 free signed applications per device limit
- [**39**Star][3m] [C] [adulau/dcfldd](https://github.com/adulau/dcfldd) enhanced version of dd for forensics and security
- [**39**Star][4m] [Java] [adrianbzg/twitter-follow-exploit](https://github.com/adrianbzg/twitter-follow-exploit) Automated Twitter mass account creation and follow using Selenium and Tor VPN
- [**39**Star][7m] [PS] [absozed/steamprivesc](https://github.com/absozed/steamprivesc) Simple tool collection for escalation to NT AUTHORITY\SYSTEM from recently disclosed Steam Client Zero Day
- [**39**Star][2y] [dcid/ossec-hids](https://bitbucket.org/dcid/ossec-hids) 
- [**38**Star][14d] [JS] [sutanlab/kampus-scraper](https://github.com/sutanlab/kampus-scraper) Scraper & GraphQL API untuk data Perguruan Tinggi di Indonesia berdasarkan dari website Kementrian RISTEKDIKTI.
- [**38**Star][10d] [C++] [designer1337/csgo-cheat-base](https://github.com/designer1337/csgo-cheat-base) simple csgo internal base.
- [**38**Star][21d] [Py] [dfirence/drone](https://github.com/dfirence/drone) TTP0 Custom Python Client for SOC Work - Using TheHive Incident Management Platform
- [**38**Star][15d] [Go] [kcarretto/paragon](https://github.com/kcarretto/paragon) Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
- [**38**Star][10d] [Py] [noptrix/sshprank](https://github.com/noptrix/sshprank) A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan and shodan module.
- [**38**Star][3y] [C++] [shashwatdixit124/ipconnect](https://github.com/shashwatdixit124/ipconnect) P2P Chat and File Transfer Desktop Application
- [**38**Star][1m] [JS] [lucasem/magnet](https://github.com/lucasem/magnet) Search for a torrent from the command-line and start streaming
- [**38**Star][26d] [HTML] [pujinxiao/project_pjx](https://github.com/pujinxiao/project_pjx) Python分布式爬虫打造搜索引擎
- [**38**Star][14d] [JS] [sutanlab/kampus-scraper](https://github.com/sutanlab/kampus-scraper) Scraper & GraphQL API untuk data Perguruan Tinggi di Indonesia berdasarkan dari website Kementrian RISTEKDIKTI.
- [**38**Star][13d] [Shell] [yunohost-apps/peertube_ynh](https://github.com/yunohost-apps/peertube_ynh) Federated (ActivityPub) video streaming platform using P2P for YunoHost
- [**38**Star][2y] [HTML] [liyaopinner/articlespider](https://github.com/liyaopinner/articlespider) 慕课网python分布式爬虫源码-长期更新维护
- [**38**Star][3m] [Py] [orangain/scrapy-s3pipeline](https://github.com/orangain/scrapy-s3pipeline) Scrapy pipeline to store chunked items into AWS S3 bucket.
- [**38**Star][2m] [Go] [matir/webborer](https://github.com/matir/webborer) WebBorer is a directory-enumeration tool written in Go.
- [**38**Star][5m] [JS] [passer6y/crawlervuln](https://github.com/passer6y/crawlervuln) 一个NodeJS实现的漏扫动态爬虫
- [**38**Star][14d] [C] [jackarain/socks_server](https://github.com/jackarain/socks_server) 一个socks服务器的实现.
- [**38**Star][1m] [C] [gco/srelay](https://github.com/gco/srelay) Srelay - the SOCKS proxy and Relay (imported from sourceforge)
- [**38**Star][3m] [Java] [nielsutrecht/spark-of-life](https://github.com/nielsutrecht/spark-of-life) Example of running a Genetic Algorithm (Travelling Salesman) on Apache Spark
- [**38**Star][29d] [Py] [bsab/django-unifi-portal](https://github.com/bsab/django-unifi-portal) Authenticate Unifi WiFi Guests with Django
- [**38**Star][19d] [Shell] [taylorcoffelt/macos-docker](https://github.com/taylorcoffelt/macos-docker) Runs a macOS image on QEMU in a docker container, with VNC, SSH and SPICE access
- [**38**Star][2y] [JS] [zengj8/javascript-datastructures-algorithms](https://github.com/zengj8/javascript-datastructures-algorithms) 
- [**38**Star][22d] [Py] [naqushab/searchenginescrapy](https://github.com/naqushab/searchenginescrapy) Scrape data from Google.com, Bing.com, Baidu.com, Ask.com, Yahoo.com, Yandex.com
- [**38**Star][10d] [Matlab] [clarkzinzow/nonlinear-optimization-algorithms](https://github.com/clarkzinzow/nonlinear-optimization-algorithms) MATLAB implementations of a variety of nonlinear programming algorithms.
- [**38**Star][1m] [C] [j256/dmalloc](https://github.com/j256/dmalloc) Debug Malloc memory allocation debugging C library
- [**38**Star][1m] [HTML] [kichman/jdy-08](https://github.com/kichman/jdy-08) JDY-08 Bluetooth transparent transmission module, with resource for KiCAD
- [**38**Star][21d] [Shell] [matthewvance/nginx-build](https://github.com/matthewvance/nginx-build) Build NGINX with latest OpenSSL from source on Raspberry Pi
- [**38**Star][3m] [Jupyter Notebook] [civictechto/ttc_subway_times](https://github.com/civictechto/ttc_subway_times) A scraper to grab and publish TTC subway arrival times.
- [**38**Star][15d] [C++] [nitram2342/bruteforce-crc](https://github.com/nitram2342/bruteforce-crc) Brute-forcing CRC parameters
- [**38**Star][7m] [Java] [timelessmemory/neteasecloudmusiccrawler](https://github.com/timelessmemory/neteasecloudmusiccrawler) HttpClient + Jsoup + Queue
- [**38**Star][1m] [Assembly] [tinyclub/cs630-qemu-lab](https://github.com/tinyclub/cs630-qemu-lab) Qemu Based X86/Linux/AT&T Assembly Development Lab
- [**38**Star][26d] [JS] [mindaugaskasp/discord-music-bot](https://github.com/mindaugaskasp/discord-music-bot) Node.js / Discord.js / Discord.js-Commando based bot solely for the purpose of playing audio stream to Discord
- [**38**Star][4y] [Go] [kkomelin/insecres](https://github.com/kkomelin/insecres) A console tool that finds insecure resources on HTTPS sites
- [**38**Star][2m] [Go] [sausheong/hs1xxplug](https://github.com/sausheong/hs1xxplug) Go library for TP-Link HS100 and HS110 WiFi smart plug
- [**38**Star][24d] [Py] [tegal1337/shelly](https://github.com/tegal1337/shelly) Simple Backdoor Manager with Python (based on weevely)
- [**38**Star][1m] [Py] [portswigger/js-link-finder](https://github.com/portswigger/js-link-finder) Burp Extension for a passive scanning JS files for endpoint links.
- [**38**Star][14d] [C] [atrosinenko/kbdysch](https://github.com/atrosinenko/kbdysch) A collection of user-space Linux kernel specific guided fuzzers based on LKL
- [**38**Star][3m] [noneage/blockchainsecuritytutorial](https://github.com/noneage/blockchainsecuritytutorial) NoneAge Blockchain Security Tutorial
- [**38**Star][2m] [C++] [cisco-talos/clamav-bytecode-compiler](https://github.com/cisco-talos/clamav-bytecode-compiler) ClamAV ByteCode Compiler
- [**38**Star][20d] [C] [mak-/reverse-shell-access-kernel-module](https://github.com/mak-/reverse-shell-access-kernel-module) This is a kernel module invoked reverse shell proof of concept.
- [**38**Star][16d] [Shell] [hak5/signalowl-payloads](https://github.com/hak5/signalowl-payloads) The Official Hak5 Signal Owl Payload Repository
- [**38**Star][20d] [C] [ctcaer/minerva_tc](https://github.com/ctcaer/minerva_tc) Nvidia Tegra X1 DRAM trainer
- [**38**Star][1m] [xyntax/waf-bypass](https://github.com/xyntax/waf-bypass) 
- [**38**Star][2m] [C] [dynamorio/drk](https://github.com/dynamorio/drk) Dynamic instrumentation of the Linux kernel
- [**38**Star][2m] [C] [cn33liz/easysystem](https://github.com/cn33liz/easysystem) Quick and dirty System (Power)Shell using NamedPipe impersonation.
- [**38**Star][11d] [Py] [nccgroup/nobex](https://github.com/nccgroup/nobex) nOBEX allows emulating the PBAP, MAP, and HFP profiles to test vehicle infotainment systems and similar devices using these profiles
- [**38**Star][4m] [C#] [cn33liz/sharpcat](https://github.com/cn33liz/sharpcat) SharpCat - A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker)
- [**38**Star][6m] [Py] [thekingofduck/bcscan](https://github.com/thekingofduck/bcscan) 网站批量探测中间件信息 获取网页标题 挂马检查
- [**38**Star][10d] [C++] [ganyao114/sandboxhookplugin](https://github.com/ganyao114/sandboxhookplugin) demo for inject & hook in sandbox
- [**38**Star][7m] [Py] [wapiflapi/gxf](https://github.com/wapiflapi/gxf) Gdb Extension Framework is a bunch of python code around the gdb api.
- [**38**Star][2m] [Go] [localtunnel/go-localtunnel](https://github.com/localtunnel/go-localtunnel) golang client library for localtunnel.me
- [**38**Star][2m] [PS] [vletoux/bluekeep-scanner](https://github.com/vletoux/bluekeep-scanner) BlueKeep powershell scanner (based on c# code)
- [**38**Star][11d] [Go] [sadicann/andor](https://github.com/sadicann/andor) Blind SQL Injection Tool with Golang
- [**38**Star][13d] [C] [root670/cheatdeviceps2](https://github.com/root670/cheatdeviceps2) Game enhancer for PlayStation 2 similar to Action Replay, GameShark, and CodeBreaker.
- [**38**Star][9m] [C++] [aliyuchang33/hv2ray](https://github.com/aliyuchang33/hv2ray) A linux GUI tool for v2ray base on QT.
- [**38**Star][1m] [Assembly] [danielkrupinski/inflame](https://github.com/danielkrupinski/inflame) User-mode Windows DLL injector written in Assembly language (FASM syntax) with WinAPI.
- [**38**Star][18d] [Shell] [lbp0200/v2ray-vultr](https://github.com/lbp0200/v2ray-vultr) 在vultr上，在线自动部署v2ray
- [**38**Star][2m] [Shell] [privacyint/appdata-environment-desktop](https://github.com/privacyint/appdata-environment-desktop) A selection of script and the manual for Privacy International's data interception environment
- [**38**Star][1m] [Rust] [archer884/harsh](https://github.com/archer884/harsh) Hashids implementation in Rust
- [**38**Star][13d] [C++] [shivaylamba/hacktoberfest](https://github.com/shivaylamba/hacktoberfest) Make your first PR! ~ A beginner friendly repository made specifically for open source beginners. Add any program under any language (it can be anything from a hello-world program to a complex data structure algorithm) or update the existing one. Just make sure you add the program under the correct language directory. Happy coding
- [**38**Star][4m] [security-prince/resources-for-application-security](https://github.com/security-prince/resources-for-application-security) Some good resources for getting started with application security
- [**38**Star][2y] [Py] [walkerfuz/pydbgeng](https://github.com/walkerfuz/PyDbgEng) a python wrapper of debug engines on windows, linux or osx, it's only aim to auto fuzzing.
- [**38**Star][19d] [Py] [sewellding/sitepathscan](https://github.com/SewellDinG/SitePathScan) 
- [**38**Star][24d] [Assembly] [muffins/rookit_playground](https://github.com/muffins/rookit_playground) Educational repository for learning about rootkits and Windows Kernel Hooks.
- [**38**Star][6y] [C++] [livemirror/pcshare](https://github.com/LiveMirror/pcshare) 
- [**38**Star][26d] [Go] [62726164/netscan](https://github.com/62726164/netscan) A fast TCP port scanner
- [**38**Star][2m] [rivaill/blockchain-security-awesome](https://github.com/Rivaill/blockchain-security-awesome) A curated list of awesome things related to blockchain security
- [**38**Star][1y] [Py] [initstring/evil-ssdp](https://gitlab.com/initstring/evil-ssdp) 
- [**38**Star][2m] [zoranpandovski/awesome-testing-tools](https://github.com/zoranpandovski/awesome-testing-tools) 
- [**38**Star][5m] [C++] [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc) cve-2019-0808-poc
- [**38**Star][12d] [Haskell] [ymherklotz/verismith](https://github.com/ymherklotz/verismith) Verilog Fuzzer to test the major simulators and sythesisers by generating random, valid Verilog.
- [**38**Star][3m] [Py] [yanceyblog/scrapy-multi](https://github.com/yanceyblog/scrapy-multi) 实现多个爬虫共同工作的scrapy爬虫实例
- [**38**Star][6m] [Py] [yaleimeng/free_proxy_pool](https://github.com/yaleimeng/free_proxy_pool) 对免费代理IP网站进行爬取，收集汇总为自己的代理池。关键是验证代理的有效性、匿名性、去重复
- [**38**Star][4y] [Java] [xyntax/jboss-exp](https://github.com/xyntax/jboss-exp) java反序列化漏洞利用－JBOSS(含payload生成的java项目，漏洞利用py脚本，shodan部分目标主机搜索结果)
- [**38**Star][5y] [C] [xvilka/hacklu](https://github.com/xvilka/hacklu) 
- [**38**Star][2m] [ObjC] [xpreeks/g0blin](https://github.com/xpreeks/g0blin) v0rtex + yalu102
- [**38**Star][5y] [PHP] [xpaw/httpsys](https://github.com/xpaw/httpsys) 
- [**38**Star][6m] [ObjC] [xmartlabs/metalperformanceshadersproxy](https://github.com/xmartlabs/metalperformanceshadersproxy) A proxy for MetalPerformanceShaders which takes to a stub on a simulator and to the real implementation on iOS devices.
- [**38**Star][10m] [xionox/moz-tor-relays](https://github.com/xionox/moz-tor-relays) 
- [**38**Star][5m] [Shell] [xhak9x/hak9tools](https://github.com/xhak9x/hak9tools) All Hak9 Tools
- [**38**Star][6y] [C] [x43x61x69/mach-o-prettifier](https://github.com/x43x61x69/mach-o-prettifier) A Mach-O Load Command deobfuscator.
- [**38**Star][1m] [C] [x43x61x69/codeunsign](https://github.com/x43x61x69/codeunsign) A Mach-O binary codesign remover.
- [**38**Star][1m] [Py] [warner/petmail](https://github.com/warner/petmail) secure messaging, file-transfer, and directory synchronization
- [**38**Star][3y] [Py] [wal99d/slowloris](https://github.com/wal99d/slowloris) Python code demonstrating the how-to part of L7 Application DDoS Attack called SlowLoris
- [**38**Star][9m] [Java] [voorivex/andrill](https://github.com/voorivex/andrill) a vulnerable mobile application interacting with a back-end API
- [**38**Star][3m] [Ruby] [veeral-patel/incidents](https://github.com/veeral-patel/incidents) Collaborative, web-based case management for incident response
- [**38**Star][4m] [SystemVerilog] [trivialmips/trivialmips](https://github.com/trivialmips/trivialmips) MIPS32 CPU implemented in SystemVerilog, with superscalar and FPU support
- [**38**Star][1m] [travisfsmith/mitre_attack](https://github.com/travisfsmith/mitre_attack) A listing of JSON files which can be used with the ATT&CK Navigator 
- [**38**Star][5m] [Go] [tomsteele/pen-utils](https://github.com/tomsteele/pen-utils) Trivial unixey pentest utilities
- [**38**Star][5m] [Py] [ticosax/pseud](https://github.com/ticosax/pseud) Pythonic bi-directional RPC API built on top of ØMQ.
- [**38**Star][6m] [CSS] [thundercls/x64dbg_vs_dark](https://github.com/thundercls/x64dbg_vs_dark) x64dbg stylesheet like visual studio dark theme
- [**38**Star][2y] [HTML] [thugs-rumal/rumal](https://github.com/thugs-rumal/rumal) Thug's Rumāl: a Thug's dress & weapon
- [**38**Star][3m] [Shell] [taylanbildik/linux_dersleri](https://github.com/taylanbildik/linux_dersleri) Kali Linux Üzerinden İşlenen Linux Komut Satırı Dersleri Dokümantasyon Kaynağı
- [**38**Star][18d] [Bro] [tatsui-geek/rpot](https://github.com/tatsui-geek/rpot) Real-time Packet Observation Tool
- [**38**Star][2y] [Py] [tanc7/arms-commander](https://github.com/tanc7/arms-commander) Malware Suite/Menu designed for "Speedy and No-Mistakes Penetration Testing", written in Python 2.7.13 and tested on Kali Linux 4.6 & 4.9, originally intended to only perform the Reconnaissance and Enumeration Stages (it's role is dramatically expanded now). Requires Python 2.7 + Pip + Termcolor Module. All code is entirely free to be used in yo…
- [**38**Star][5m] [Py] [talos/no.js](https://github.com/talos/no.js) chat. no javascript.
- [**38**Star][10m] [C] [taichisocks/shadowsocks](https://github.com/taichisocks/shadowsocks) Lightweight shadowsocks client for iOS and Mac OSX base on shadowsocks-libev
- [**38**Star][4m] [C] [sud0man/pac4mac](https://github.com/sud0man/pac4mac) Automatically exported from code.google.com/p/pac4mac
- [**38**Star][27d] [JS] [stdarg/tcp-port-used](https://github.com/stdarg/tcp-port-used) A simple Node.js module to check if a TCP port is already bound.
- [**38**Star][2y] [PS] [sqlcollaborative/invoke-sqlcmd2](https://github.com/sqlcollaborative/invoke-sqlcmd2) PowerShell module containing Invoke-SqlCmd2
- [**38**Star][16d] [JS] [snyk/serverless-snyk](https://github.com/snyk/serverless-snyk) Serverless plugin for securing your dependencies with Snyk
- [**38**Star][3m] [C] [sk4ld/gridpot](https://github.com/sk4ld/gridpot) Open source tools for realistic-behaving electric grid honeynets
- [**38**Star][3m] [C++] [simutrace/simutrace](https://github.com/simutrace/simutrace) Tracing framework for full system simulators
- [**38**Star][3m] [Assembly] [sh3llc0d3r1337/windows_reverse_shell_1](https://github.com/sh3llc0d3r1337/windows_reverse_shell_1) Windows Reverse Shell shellcode
- [**38**Star][4m] [C#] [sf197/telegra_csharp_c2](https://github.com/sf197/telegra_csharp_c2) Command and Control for C# Writing
- [**38**Star][2m] [HTML] [secwiki/iot](https://github.com/secwiki/iot) IOT Research Blog 物联网安全技术研究小组
- [**38**Star][5m] [C++] [scalys7/privilege-escalation-framework](https://github.com/scalys7/privilege-escalation-framework) Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitation methods(which are CVE-independent.)
- [**38**Star][12d] [Py] [sc0tfree/netbyte](https://github.com/sc0tfree/netbyte) Netbyte is a Netcat-style tool that facilitates probing proprietary TCP and UDP services. It is lightweight, fully interactive and provides formatted output in both hexadecimal and ASCII.
- [**38**Star][7m] [Py] [saelo/ida_scripts](https://github.com/saelo/ida_scripts) Collection of IDA scripts
    - [kernelcache](https://github.com/saelo/ida_scripts/blob/master/kernelcache.py) Identify and rename function stubs (plt entries) in an iOS kernelcache. ARM64 only.
    - [ssdt](https://github.com/saelo/ida_scripts/blob/master/ssdt.py) Resolve syscall table entries in the Windows kernel.
- [**38**Star][1m] [Shell] [rust-fuzz/book](https://github.com/rust-fuzz/book) 
- [**38**Star][3y] [C++] [rprop/cppdll](https://github.com/rprop/cppdll) CppDLL a small tool that will help you generate Cpp Header(.h) and Import Library(.lib) from Dynamic Link Library(.dll)
- [**38**Star][1y] [PS] [rootup/redteam](https://github.com/rootup/redteam) One line PS scripts that may come handy during your network assesment
- [**38**Star][26d] [C++] [rolfrolles/wbdeshook](https://github.com/rolfrolles/wbdeshook) DLL-injection based solution to Brecht Wyseur's wbDES challenge (based on SysK's Phrack article)
- [**38**Star][10d] [Shell] [robertohuertasm/apk-decompiler](https://github.com/robertohuertasm/apk-decompiler) Small Rust utility to decompile Android apks
- [**38**Star][7m] [C] [rishabh-malik/hacktoberfest-2018](https://github.com/rishabh-malik/hacktoberfest-2018) A simple code repository for algorithms in various languages.
- [**38**Star][3m] [HTML] [rh0dev/expdev](https://github.com/rh0dev/expdev) exploit development
- [**38**Star][3m] [Py] [rahiel/firectl](https://github.com/rahiel/firectl) Control Firejail desktop integration.
- [**38**Star][1m] [Java] [radare/ghidra-r2web](https://github.com/radare/ghidra-r2web) Ghidra plugin to start an r2 webserver to let r2 interact with it
- [**38**Star][12d] [Py] [r35tart/redisdirscan](https://github.com/r35tart/redisdirscan) 此脚本用于测试 Rdies 未授权访问，在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下，进行WEB目录探测
- [**38**Star][5m] [Java] [quhw/xtunnel](https://github.com/quhw/xtunnel) An useful TCP/SSL tunnel utility.
- [**38**Star][2y] [Py] [pure-l0g1c/spectre](https://github.com/pure-l0g1c/spectre) A simple phishing tool that can phish almost any website
- [**38**Star][2m] [C++] [progmboy/win32kext](https://github.com/progmboy/win32kext) windbg plugin for win32k debugging
- [**38**Star][5m] [PS] [politoinc/elk-hunting](https://github.com/politoinc/elk-hunting) Threat Hunting with ELK Workshop (InfoSecWorld 2017)
- [**38**Star][8m] [JS] [pietgeursen/patch-gatherings](https://github.com/pietgeursen/patch-gatherings) A patchcore plugin for arranging gatherings on secure scuttlebutt
- [**38**Star][7m] [Py] [phishai/idn_generator](https://github.com/phishai/idn_generator) Utility to generate similar IDN domain names
- [**38**Star][25d] [Java] [openzipkin/zipkin-finagle](https://github.com/openzipkin/zipkin-finagle) Integration between Finagle tracing to Zipkin transports such as http and kafka
- [**38**Star][3m] [oldbonhart/osint-resources](https://github.com/oldbonhart/osint-resources) Data collected from publicly available sources to be used in an intelligence context
- [**38**Star][8m] [ObjC] [nzn/nsuserdefaults-aesencryptor](https://github.com/nzn/nsuserdefaults-aesencryptor) NSUserDefaults category with AES encrypt/decrypt keys and values.
- [**38**Star][1y] [C] [ntraiseharderror/kaiser](https://github.com/ntraiseharderror/kaiser) Fileless persistence, attacks and anti-forensic capabilties.
- [**38**Star][1m] [C] [ns1/xdp-workshop](https://github.com/ns1/xdp-workshop) Velocity SJC 2019 - DDoS mitigation made easy with XDP and eBPF
- [**38**Star][3m] [Py] [nevillegrech/madmax](https://github.com/nevillegrech/madmax) Ethereum Static Vulnerability Detector for Gas-Focussed Vulnerabilities
- [**38**Star][1y] [C] [netfuture/tlsinterposer](https://github.com/netfuture/tlsinterposer) OpenSSL library interposer to make existing binary software use more secure TLS protocol variants
- [**38**Star][2m] [Java] [netcrusherorg/netcrusher-java](https://github.com/netcrusherorg/netcrusher-java) NetCrusher is a TCP/UDP proxy that allows to test services for failover
- [**38**Star][1m] [Ruby] [neinwechter/metasploit-framework](https://github.com/neinwechter/metasploit-framework) Metasploit Framework
- [**38**Star][14d] [Py] [mthbernardes/strutszeiro](https://github.com/mthbernardes/strutszeiro) Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)
- [**38**Star][3y] [C++] [mstefanowich/filesignaturehijack](https://github.com/mstefanowich/filesignaturehijack) C proof-of-concept of Mattifestations paper on signature hijacking
- [**38**Star][15d] [Py] [mozillasecurity/quokka](https://github.com/mozillasecurity/quokka) Quokka is a utility to launch and monitor application for faults.
- [**38**Star][10m] [Py] [mozilla/minion-backend](https://github.com/mozilla/minion-backend) Minion Backend
- [**38**Star][3y] [HTML] [mortenschenk/rtlcapturecontext-cfg-bypass](https://github.com/mortenschenk/rtlcapturecontext-cfg-bypass) Internet Explorer Exploit with CFG bypass for Windows 10
- [**38**Star][10d] [Go] [mondoolabs/mondoo](https://github.com/mondoolabs/mondoo) 
- [**38**Star][1m] [Go] [mojachieee/go-honeypot](https://github.com/mojachieee/go-honeypot) A honeypot server written in Go.
- [**38**Star][2m] [mimoo/crypto_blogs](https://github.com/mimoo/crypto_blogs) Blogs about Cryptography/Security to follow
- [**38**Star][1m] [JS] [mephistools/diablo2-protocol](https://github.com/mephistools/diablo2-protocol) Diablo 2 network protocol
- [**38**Star][4m] [Py] [mechpen/sockdump](https://github.com/mechpen/sockdump) Dump unix domain socket traffic with bpf
- [**38**Star][11m] [Shell] [mcous/kicad-lib](https://github.com/mcous/kicad-lib) Repository for my KiCad components and footprints
- [**38**Star][23d] [Shell] [marcinbojko/hv-packer](https://github.com/marcinbojko/hv-packer) Hyper-V Generation 2 Packer Templates for Windows 2016/2019, Windows Server and CentOS 7.x/8.x
- [**38**Star][5m] [JS] [mapbox/link-hijacker](https://github.com/mapbox/link-hijacker) Hijack clicks on and within links, probably for client-side routing
- [**38**Star][9m] [Py] [mainframed/mfsniffer](https://github.com/mainframed/mfsniffer) Mainframe TN3270 unencrypted TSO session user ID and password sniffer
- [**38**Star][3y] [PS] [machosec/mystique](https://github.com/machosec/mystique) PowerShell module to play with Kerberos S4U extensions
- [**38**Star][24d] [Py] [loggerhead/shadowsocks](https://github.com/loggerhead/shadowsocks) 
- [**38**Star][6y] [Shell] [linkp2p/wps-pin](https://github.com/linkp2p/wps-pin) # This scripts is edited under the General Public License as defined by the Free software foundation. # This package is distributed in the hope that it will be useful, but without any warranty; It can be used and modified and shared but should be referenced to, it CANNOT be # sold or be used for a commercial-economical purpose. # See the detail…
- [**38**Star][14d] [Go] [leoloobeek/keyserver](https://github.com/leoloobeek/keyserver) Easily serve HTTP and DNS keys for proper payload protection
- [**38**Star][2y] [Py] [leeyis/ip_proxy_pool](https://github.com/leeyis/ip_proxy_pool) Generating spiders dynamically to crawl and check those free proxy ip on the internet with scrapy.
- [**38**Star][4m] [Py] [lavalamp-/ws-backend-community](https://github.com/lavalamp-/ws-backend-community) Web Sight Back-end Community Edition
- [**38**Star][1m] [Py] [lasq88/deobfuscate](https://github.com/lasq88/deobfuscate) Python script to automatically deobfuscate malware code
- [**38**Star][2m] [Go] [kung-foo/freki](https://github.com/kung-foo/freki) Freki is a tool to manipulate packets in usermode using NFQUEUE and golang.
- [**38**Star][2m] [Rust] [kpcyrd/boxxy-rs](https://github.com/kpcyrd/boxxy-rs) Linkable sandbox explorer
- [**38**Star][11d] [C++] [kingron/s](https://github.com/kingron/s) The simple, fast, powerful SYN/TCP port scanner source code
- [**38**Star][2y] [Java] [kingkaki/struts2-vulenv](https://github.com/kingkaki/struts2-vulenv) struts2 漏洞环境源代码
- [**38**Star][4m] [Py] [kevthehermit/volatility_plugins](https://github.com/kevthehermit/volatility_plugins) Volatility Plugins
- [**38**Star][4m] [Shell] [kawaxi/kali-setup](https://github.com/kawaxi/kali-setup) Bash script to fully setup your kali system.
- [**38**Star][4y] [C++] [k2/languagebackdoors](https://github.com/k2/languagebackdoors) Compiler exploits and exploitable non-obvious source code back doors.
- [**38**Star][1y] [Rust] [juxhindb/synner](https://github.com/juxhindb/synner) A TCP SYN flood client written in Rust, powered by libpnet
- [**38**Star][3y] [Visual Basic .NET] [johnlatwc/macrojob](https://github.com/johnlatwc/macrojob) Proof of concept VBA code to add to Normal.dot to put restrictions on Word
- [**38**Star][26d] [Go] [jmpews/goscan](https://github.com/jmpews/goscan) golang的扫描框架, 支持协程池和自动调节协程个数.
- [**38**Star][2m] [Shell] [jay-johnson/owasp-jenkins](https://github.com/jay-johnson/owasp-jenkins) Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker?
- [**38**Star][3y] [Py] [jasondoyle/google-nest-cam-bug-disclosures](https://github.com/jasondoyle/google-nest-cam-bug-disclosures) 
- [**38**Star][6y] [Py] [jakev/oat2dex-python](https://github.com/jakev/oat2dex-python) Extract DEX files from an ART ELF binary
- [**38**Star][8m] [Py] [isgroup-srl/openmagic](https://github.com/isgroup-srl/openmagic) OpenSSL TLS heartbeat read overrun (CVE-2014-0160)
- [**38**Star][1m] [Py] [isecpartners/fuzzbox](https://github.com/isecpartners/fuzzbox) A multi-codec media fuzzing tool.
- [**38**Star][4m] [Rust] [io12/unf](https://github.com/io12/unf) UNixize Filename -- replace annoying anti-unix characters in filenames
- [**38**Star][5m] [JS] [inquest/threatkb](https://github.com/inquest/threatkb) Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
- [**38**Star][2m] [Lua] [igalia/snabb](https://github.com/igalia/snabb) Snabb Switch: Fast open source packet processing
- [**38**Star][3m] [JS] [idc/ps4-entrypoint-405](https://github.com/idc/ps4-entrypoint-405) A fully implemented kernel exploit for the PS4 on 4.05FW
- [**38**Star][5m] [Py] [hook-s3c/cve-2018-18852](https://github.com/hook-s3c/cve-2018-18852) CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.
- [**38**Star][13d] [C++] [hatriot/bugs](https://github.com/hatriot/bugs) public bugs/proof of concepts
- [**38**Star][5m] [C++] [hasherezade/petya_recovery](https://github.com/hasherezade/petya_recovery) Application for cracking Red Petya key based on genetic algorithms.
- [**38**Star][8m] [Java] [guardicore/labs_campaigns](https://github.com/guardicore/labs_campaigns) 
- [**38**Star][3m] [gsurma/password_cracker](https://github.com/gsurma/password_cracker) Char-level RNN LSTM password cracker
- [**38**Star][13d] [Jupyter Notebook] [gcrahay/otx_misp](https://github.com/gcrahay/otx_misp) Imports Alienvault OTX pulses to a MISP instance
- [**38**Star][27d] [Go] [fuzzitdev/example-go](https://github.com/fuzzitdev/example-go) Go Fuzzit Example
- [**38**Star][1m] [Go] [freach/docker-image-policy-plugin](https://github.com/freach/docker-image-policy-plugin) Docker authentication plugin to enforce a image pull policy. Whitelist Docker images allowed to be pulled.
- [**38**Star][1m] [Py] [fr0gger/unprotect](https://github.com/fr0gger/unprotect) Unprotect is a python tool for parsing PE malware and extract evasion techniques.
- [**38**Star][2y] [c++] [fluc-uc/emusdk](https://github.com/fluc-uc/emusdk) A simple SDK intended for people new to internal cheats. Written while I was drunk.
- [**38**Star][1y] [C++] [firelizzard18/dc26-badge](https://github.com/firelizzard18/dc26-badge) DefCon 26 Badge Hacking
- [**38**Star][1m] [Py] [fabio-d/honeypot](https://github.com/fabio-d/honeypot) Honeypot that emulates several protocols (incl. SSH, telnet, SMTP, HTTP, SSL and SIP)
- [**38**Star][17d] [Py] [ernw/dizzy](https://github.com/ernw/dizzy) Network and USB protocol fuzzing toolkit.
- [**38**Star][4m] [Rebol] [ericzimmerman/recmd](https://github.com/ericzimmerman/recmd) Command line access to the Registry
- [**38**Star][2m] [ekoparty/ekolabs](https://github.com/ekoparty/ekolabs) EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
- [**38**Star][5m] [Java] [egguncle/xposednavigationbar](https://github.com/egguncle/xposednavigationbar) Xposed导航栏功能拓展模块
- [**38**Star][11m] [Shell] [eforce21/letsencrypt-nginx-proxy](https://github.com/eforce21/letsencrypt-nginx-proxy) reverse proxy with automated vHost and SSL-cert generation
- [**38**Star][2y] [PS] [dmb2168/oauthhunting](https://github.com/dmb2168/oauthhunting) 
- [**38**Star][1m] [HTML] [devnetsandbox/sbx_multi_ios](https://github.com/devnetsandbox/sbx_multi_ios) Sample code, examples, and resources for use with the DevNet Multi-IOS Sandbox
- [**38**Star][1y] [Py] [decal/ssltest-stls](https://github.com/decal/ssltest-stls) 
- [**38**Star][2y] [PHP] [dcid/doh-php-client](https://github.com/dcid/doh-php-client) DoH (DNS over HTTPS) PHP Client
- [**38**Star][6m] [Py] [danmcinerney/autoresp](https://github.com/danmcinerney/autoresp) Runs Responder, uploads hashes for cracking, alerts when cracked
- [**38**Star][4y] [C#] [cweb/unicode-hax](https://github.com/cweb/unicode-hax) A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.
- [**38**Star][1m] [PHP] [ctubio/php-proxy-keyserver](https://github.com/ctubio/php-proxy-keyserver) PHP proxy and extensible web interface forwarding standard HKP requests to a local or remote SKS OpenPGP Keyserver.
- [**38**Star][11d] [C++] [creaink/ucom](https://github.com/creaink/ucom) A simple Serial-Port/TCP/UDP debugging tool.
- [**38**Star][1y] [C] [commonexploits/icmpsh](https://github.com/commonexploits/icmpsh) Simple reverse ICMP shell
- [**38**Star][18d] [Shell] [cloudalchemy/ansible-blackbox-exporter](https://github.com/cloudalchemy/ansible-blackbox-exporter) Blackbox prober exporter
- [**38**Star][19d] [Java] [cliqz-oss/browser-android](https://github.com/cliqz-oss/browser-android) CLIQZ for Android
- [**38**Star][2y] [chenjiandongx/awesome-spider](https://github.com/chenjiandongx/awesome-spider) 爬虫集合
- [**38**Star][12d] [Go] [cha87de/kvmtop](https://github.com/cha87de/kvmtop) A monitoring tool for black box virtual machines from KVM hypervisor level
- [**38**Star][8m] [PHP] [cesnet/pakiti-server](https://github.com/cesnet/pakiti-server) Pakiti provides a monitoring mechanism to check the patching status of Linux systems.
- [**38**Star][6m] [Py] [bytesoverbombs/virusshare-search](https://github.com/bytesoverbombs/virusshare-search) Downloads VirusShare hashes (
- [**38**Star][4m] [Py] [bx/bootloader_instrumentation_suite](https://github.com/bx/bootloader_instrumentation_suite) Bootloader 研究工具
- [**38**Star][18d] [Java] [bpilania/interview](https://github.com/bpilania/interview) My interview documents, algorithm implementations, etc
- [**38**Star][4m] [C++] [bobotig/cracker-ng](https://github.com/bobotig/cracker-ng) ZIP cracker, CCRYPT cracker, and others to come.
- [**38**Star][2m] [C++] [blackint3/none](https://github.com/blackint3/none) UNONE and KNONE is a couple of open source base library that makes it easy to develop software on Windows.
- [**38**Star][27d] [Py] [bkerler/dump_avb_signature](https://github.com/bkerler/dump_avb_signature) Dump Android Verified Boot Signature
- [**38**Star][26d] [JS] [auth0/auth0-cordova](https://github.com/auth0/auth0-cordova) Auth0 integration for Cordova apps
- [**38**Star][3y] [C++] [aurel26/ts-security-editor](https://github.com/aurel26/ts-security-editor) Terminal Service (RDP) Security Editor
- [**38**Star][4y] [C] [arodland/haproxy](https://github.com/arodland/haproxy) Experiment with haproxy
- [**38**Star][2m] [arnaudsoullie/ics-default-passwords](https://github.com/arnaudsoullie/ics-default-passwords) List of default passwords for Industrial Control Systems
- [**38**Star][5m] [C] [arinerron/cve-2016-5195](https://github.com/arinerron/cve-2016-5195) Automated Android root via CVE-2016-5195 (dirtycow/dirtyc0w PoC)
- [**38**Star][29d] [C] [aloz77/hiktools](https://github.com/aloz77/hiktools) Tools for Hikvision IP cameras
- [**38**Star][4m] [Makefile] [alectrocute/unboundbl](https://github.com/alectrocute/unboundbl) 
- [**38**Star][10d] [JS] [agjmills/form-scrape](https://github.com/agjmills/form-scrape) An example chrome extension to demonstrate the dangers of injecting javascript and html into a page
- [**38**Star][6m] [C++] [adamkramer/rapid_env](https://github.com/adamkramer/rapid_env) Rapid deployment of Windows environment (files, registry keys, mutex etc) to facilitate malware analysis
- [**38**Star][6y] [C++] [adamkramer/jmp2it](https://github.com/adamkramer/jmp2it) Transfer EIP control to shellcode during malware analysis investigation
- [**38**Star][1m] [C] [adamgreen/mri](https://github.com/adamgreen/mri) MRI - Monitor for Remote Inspection. The gdb compatible debug monitor for Cortex-M devices.
- [**38**Star][6m] [Java] [5gsd/aicdm](https://github.com/5gsd/aicdm) AICDL collector services and modules
- [**38**Star][9d] [PS] [5alt/zerorat](https://github.com/5alt/zerorat) ZeroRAT是一款windows上的一句话远控
- [**38**Star][2y] [C++] [3gstudent/eventlogedit-evt--general](https://github.com/3gstudent/eventlogedit-evt--general) Remove individual lines from Windows Event Viewer Log (EVT) files
- [**38**Star][2y] [Py] [1337g/cve-2017-10271](https://github.com/1337g/cve-2017-10271) CVE-2017-10271 WEBLOGIC RCE (TESTED)
- [**38**Star][8m] [Py] [0x90/routerz](https://github.com/0x90/routerz) Some exploits for ZeroNights 0x03
- [**38**Star][2y] [C] [0x4a47/sectalks-mel0x14-ctf](https://github.com/0x4a47/sectalks-mel0x14-ctf) Sectalks MEL0x14 CTF
- [**37**Star][2m] [Rust] [getreu/stringsext](https://github.com/getreu/stringsext) Find multi-byte-encoded strings in binary data.
- [**37**Star][3m] [Go] [lz1y/gecc](https://github.com/lz1y/gecc) Cobalt Strike - Go External C2 Client
- [**37**Star][17d] [Java] [cdnbye/android-p2p-engine](https://github.com/cdnbye/android-p2p-engine) Live/VOD P2P Engine for Android and Android TV
- [**37**Star][3y] [Java] [fatal0/xvoicechanger](https://github.com/fatal0/xvoicechanger) Instant messaging voice changer based on SoundTouch library and Xposed framework
- [**37**Star][14d] [JS] [adamsiwiec/glaze](https://github.com/adamsiwiec/glaze) 
- [**37**Star][2m] [Py] [antitree/syscall2seccomp](https://github.com/antitree/syscall2seccomp) Build custom Docker seccomp profiles for containers by finding syscalls it uses.
- [**37**Star][4m] [C++] [jpcertcc/emocheck](https://github.com/jpcertcc/emocheck) Emotet detection tool for Windows OS
- [**37**Star][1m] [JS] [huntzou/cloudmusicspider](https://github.com/huntzou/cloudmusicspider) 网易云音乐爬虫
- [**37**Star][4m] [Java] [qiaojim/bluetoothstudy](https://github.com/qiaojim/bluetoothstudy) android 传统蓝牙开发实践，详细开发步骤参考博客：
- [**37**Star][2m] [Go] [kevinburke/hostsfile](https://github.com/kevinburke/hostsfile) go tool for working with /etc/hosts files
- [**37**Star][4m] [C#] [mkropat/mlkpwgen](https://github.com/mkropat/mlkpwgen) Secure random password generator for .NET and PowerShell
- [**37**Star][5m] [Lua] [esreverwow/classicthreatmeter](https://github.com/esreverwow/classicthreatmeter) A simple threat meter for WoW Classic (1.13.2)
- [**37**Star][22d] [PS] [dsccommunity/activedirectorycsdsc](https://github.com/dsccommunity/activedirectorycsdsc) DSC resources for installing or uninstalling Active Directory Certificate Services components in Windows Server.
- [**37**Star][14d] [Java] [bluetata/crawler-jsoup-maven](https://github.com/bluetata/crawler-jsoup-maven) This is a crawler(reptile)
- [**37**Star][14d] [JS] [luckyhh/webspider](https://github.com/luckyhh/webspider) 基于Nodejs,superagent,cheerio的在线web爬虫项目，支持生成API
- [**37**Star][4m] [C#] [xoofx/libobjectfile](https://github.com/xoofx/libobjectfile) LibObjectFile is a .NET library to read, manipulate and write linker and executable object files (e.g ELF, DWARF, ar...)
- [**37**Star][1m] [Java] [ibotasky/cyberble](https://github.com/ibotasky/cyberble) This is a Android bluetooth demo with an lib named cyberble
- [**37**Star][15d] [Py] [zkqiang/awesome-python-primer](https://github.com/zkqiang/awesome-python-primer) 自学入门 Python 优质中文资源索引，包含 书籍 / 文档 / 视频，适用于 爬虫 / Web / 数据分析 / 机器学习 方向
- [**37**Star][17d] [Py] [threebarber/shopifyscraper](https://github.com/threebarber/shopifyscraper) Shopify Scraper (not monitor)
- [**37**Star][6m] [Jupyter Notebook] [jiezhi/housespider](https://github.com/jiezhi/housespider) 
- [**37**Star][18d] [Py] [mrzhangfelix/m3u8downloader](https://github.com/mrzhangfelix/m3u8downloader) meijuba.net,Python crawler,M3U8格式视频下载，桌面应用
- [**37**Star][7d] [C#] [adrenak/unidll](https://github.com/adrenak/unidll) Editor window to create DLLs from C# code in Unity
- [**37**Star][5m] [JS] [ellery0924/jerry](https://github.com/ellery0924/jerry) 集成了HostManager和Charles功能的代理服务器
- [**37**Star][15d] [Shell] [bcoles/local-exploits](https://github.com/bcoles/local-exploits) Various local exploits
- [**37**Star][8m] [Shell] [northox/openbsd-apu2](https://github.com/northox/openbsd-apu2) Configuration files to setup PC Engines' APU2 as a WIFI router running OpenBSD
- [**37**Star][4m] [AutoHotkey] [fuckpubg/ahk](https://github.com/fuckpubg/ahk) some dot AHK scripts from UC or MPGH for PUBG Game,and compiled to EXE by me
- [**37**Star][14d] [Rust] [spk/maman](https://github.com/spk/maman) Rust Web Crawler saving pages on Redis
- [**37**Star][5m] [C] [nabto/unabto](https://github.com/nabto/unabto) uNabto SDK - direct P2P connectivity for embedded devices (and more)
- [**37**Star][2m] [TeX] [hengxin/algorithm-ta-tutorial](https://github.com/hengxin/algorithm-ta-tutorial) Tutorials given as one of the TAs for the class "Algorithm Design and Analysis" at Nanjing University
- [**37**Star][6m] [sparkfun/esp8266_thing](https://github.com/sparkfun/esp8266_thing) A breakout and development board for the ESP8266 WiFi SoC.
- [**37**Star][19d] [Py] [georgeseif/python-machine-learning](https://github.com/georgeseif/python-machine-learning) Python Machine Learning Algorithms
- [**37**Star][1m] [Py] [zerovar/zomatodata](https://github.com/zerovar/zomatodata) A Scrapy project for scraping restaurant information from zomato.com
- [**37**Star][4m] [Py] [echocipher/subdomain-takeover](https://github.com/echocipher/subdomain-takeover) 一个子域名接管检测工具
- [**37**Star][3m] [C++] [pushkalkatara/darknet_ros](https://github.com/pushkalkatara/darknet_ros) Robotics Operating System Package for Yolo v3 based on darknet with optimized tracking using Kalman Filter and Optical Flow.
- [**37**Star][17d] [C++] [bennetthardwick/darknet.js](https://github.com/bennetthardwick/darknet.js) A NodeJS wrapper of pjreddie's darknet / yolo.
- [**37**Star][19d] [PHP] [cvar1984/liteotp](https://github.com/cvar1984/liteotp) Multi Spam SMS OTP
- [**37**Star][2m] [Py] [k0fin/eternalrelayx](https://github.com/k0fin/eternalrelayx) eternalrelayx
- [**37**Star][1m] [C] [trailofbits/sixtyfour](https://github.com/trailofbits/sixtyfour) How fast can we brute force a 64-bit comparison?
- [**37**Star][8m] [PHP] [snifer/l4bsforshell](https://github.com/snifer/l4bsforshell) 
- [**37**Star][3m] [Go] [yandex/pgcheck](https://github.com/yandex/pgcheck) Tool for monitoring backend databases from PL/Proxy hosts and changing plproxy.get_cluster_partitions() output
- [**37**Star][29d] [Py] [misterbianco/wifijammer-ng](https://github.com/misterbianco/wifijammer-ng) Dan McInerney's Wifijammer - rewritten
- [**37**Star][5m] [JS] [daviddias/webrtc-ring](https://github.com/daviddias/webrtc-ring) Chord inspired ring DHT algorithm using WebRTC as transport layer for P2P in the browser
- [**37**Star][6m] [Py] [mak-/scanomaly](https://github.com/mak-/scanomaly) This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
- [**37**Star][3m] [Py] [danmcinerney/autobloodhound](https://github.com/danmcinerney/autobloodhound) Automatically parses and attacks BloodHound-generated graphs
- [**37**Star][3m] [C] [jhallen/cpm](https://github.com/jhallen/cpm) Run CP/M commands in Linux/Cygwin with this Z80 / BDOS / ADM-3A emulator.
- [**37**Star][9m] [rednaga/disclosures](https://github.com/rednaga/disclosures) A place for disclosing things
- [**37**Star][17d] [Py] [owasp/honeypot-project](https://github.com/owasp/honeypot-project) to identify emerging attacks against web applications and report them to the community, in order to facilitate protection against such targeted attacks.
- [**37**Star][27d] [Go] [arnaucube/cryptofun](https://github.com/arnaucube/cryptofun) Crypto algorithms from scratch. Learning purposes only. ECC, BN128 pairing, Paillier, RSA, Homomorphic computation, ElGamal, Schnorr, ECDSA, BLS, ...
- [**37**Star][2m] [Shell] [pwnieexpress/pwn_pad_sources](https://github.com/pwnieexpress/pwn_pad_sources) Public source repository for the Pwn Pad platform.
- [**37**Star][20d] [JS] [michenriksen/hackpad](https://github.com/michenriksen/hackpad) A web application hacker's toolbox. Base64 encoding/decoding, URL encoding/decoding, MD5/SHA1/SHA256/HMAC hashing, code deobfuscation, formatting, highlighting and much more.
- [**37**Star][16d] [C++] [hsluoyz/rmtsvc](https://github.com/hsluoyz/rmtsvc) A web-based remote desktop & control service for Windows.
- [**37**Star][11d] [JS] [josephpei/uv2ray](https://github.com/josephpei/uv2ray) Electron V2ray Client (mostly for Linux)
- [**37**Star][2y] [C#] [codeofdark/panda-obfuscator](https://github.com/codeofdark/panda-obfuscator) PandaObfuscator an simple Obfuscator, free, OpenSource for .Net Applications
- [**37**Star][3m] [Shell] [secfathy/bugzee](https://github.com/secfathy/bugzee) Simple Script to install recommended Bug Bounty Hunting Tools In Your Linux Disto
- [**37**Star][2m] [Py] [wudaown/konachandl](https://github.com/wudaown/konachandl) K站爬虫
- [**37**Star][3y] [vasishtduddu/pentestresources](https://github.com/vasishtduddu/PentestResources) A list of resources for Pentesting from various sources
- [**37**Star][1y] [Go] [prsecurity/golang_c2](https://github.com/prsecurity/golang_c2) Boilerplate C2 written in Go for red teams
- [**37**Star][12d] [Dockerfile] [kizzx2/docker-openvpn-client-socks](https://github.com/kizzx2/docker-openvpn-client-socks) Expose an OpenVPN tunnel as a SOCKS proxy
- [**37**Star][1m] [C++] [frextrite/data-structures-algorithms-hacktoberfest-2k19](https://github.com/frextrite/data-structures-algorithms-hacktoberfest-2k19) collection of data structures and algorithms in different languages - created by the community during Hacktoberfest 2019
- [**37**Star][18d] [Vim script] [fabi1cazenave/suckless.vim](https://github.com/fabi1cazenave/suckless.vim) Tiling window management that sucks less. Inpired by wmii and i3.
- [**37**Star][1m] [Groovy] [chocolateboy/pmsencoder](https://github.com/chocolateboy/pmsencoder) Web video plugin for PS3 Media Server
- [**37**Star][8d] [Py] [hash3lizer/wifijammer](https://github.com/hash3lizer/wifijammer) Wireless Jammer to Disconnect Nearby Access-Points and Stations.
- [**37**Star][4m] [Go] [pierre-emmanuelj/iptv-proxy](https://github.com/pierre-emmanuelj/iptv-proxy) Reverse proxy on iptv m3u file and xtream codes server api
- [**37**Star][22d] [PS] [dsccommunity/activedirectorycsdsc](https://github.com/dsccommunity/ActiveDirectoryCSDsc) DSC resources for installing or uninstalling Active Directory Certificate Services components in Windows Server.
- [**37**Star][12m] [Py] [carstein/annotator](https://github.com/carstein/Annotator) Binary Ninja Function Annotator
- [**37**Star][3m] [C] [intel/kvmgt-kernel](https://github.com/intel/KVMGT-kernel) 
- [**37**Star][20d] [returnvar/wce](https://github.com/returnvar/wce) Windows Credentials Editor v1.3beta
- [**37**Star][6m] [Py] [soscleaner/soscleaner](https://github.com/soscleaner/soscleaner) A python application to clean sensitive and un-wanted data from an existing sosreport
- [**37**Star][3m] [Ruby] [opensourcesec/malstrom](https://github.com/opensourcesec/malstrom) Cyber Intel Management
- [**37**Star][3m] [C++] [zer0mem/libc](https://github.com/zer0mem/libc) Kernel C++ driver developing library; std & boost partially supported
- [**37**Star][6y] [C++] [zer0mem/kernelproject](https://github.com/zer0mem/kernelproject) Plain project for usege with github/zer0mem/common.git
- [**37**Star][3m] [Go] [yvesago/shodan-cli](https://github.com/yvesago/shodan-cli) Simple golang shodan cli
- [**37**Star][4m] [yuvadm/dg-m1q](https://github.com/yuvadm/dg-m1q) DG-M1Q IP camera alternative usage
- [**37**Star][30d] [Py] [yall/scrapy-twitter](https://github.com/yall/scrapy-twitter) A lightweight wrapper over python-twitter library to use it in scrapy projects.
- [**37**Star][3y] [PS] [wkleinhenz/powershell-botnet](https://github.com/wkleinhenz/powershell-botnet) A POC powershell botnet
- [**37**Star][22d] [CSS] [wizardforcel/kali-linux-cookbook-zh](https://github.com/wizardforcel/kali-linux-cookbook-zh) 
- [**37**Star][1m] [vu-aml/adlib](https://github.com/vu-aml/adlib) Game-Theoretic Adversarial Machine Learning Library
- [**37**Star][6m] [Py] [villanch/pr0xy](https://github.com/villanch/pr0xy) 教学用多线程扫描框架（代理扫描）
- [**37**Star][3m] [C++] [verizondigital/waflz](https://github.com/verizondigital/waflz) multitenant ModSecurity compatible WAF engine from Verizon Digital Media Services
- [**37**Star][3y] [vasishtduddu/pentestresources](https://github.com/vasishtduddu/PentestResources) A list of resources for Pentesting from various sources
- [**37**Star][3m] [HTML] [umbertocicero/coinhive-monero](https://github.com/umbertocicero/coinhive-monero) 
- [**37**Star][2m] [Py] [trylinux/lift](https://github.com/trylinux/lift) Low-Impact Fingerprint Tool
- [**37**Star][24d] [JS] [truework/lambda-s3-antivirus](https://github.com/truework/lambda-s3-antivirus) Lambda Function to scan incoming S3 uploads by Truework
- [**37**Star][4m] [C++] [tlgyt/absent-loader](https://github.com/tlgyt/absent-loader) Example Loader to be used as a learning resource for people interested in how commercially available malware is made.
- [**37**Star][26d] [Py] [tenable/audit_scripts](https://github.com/tenable/audit_scripts) Scripts to help work with configuration audit files
- [**37**Star][5y] [C] [tandasat/scavenger](https://github.com/tandasat/scavenger) A minifilter driver preserves all modified and deleted files.
- [**37**Star][15d] [Py] [syss-research/dns-mitm](https://github.com/syss-research/dns-mitm) A minimal DNS service that can provide spoofed replies
- [**37**Star][2y] [Shell] [syncsrc/microrenovator](https://github.com/syncsrc/microrenovator) Pre-OS microcode updater
- [**37**Star][5m] [Py] [superbuker/camhell](https://github.com/superbuker/camhell) Ingenic T10 IP camera crawler
- [**37**Star][17d] [Py] [spuerbread/kun](https://github.com/spuerbread/kun) 插件化漏洞扫描器
- [**37**Star][5m] [C++] [spacehuhn/wifisatellite](https://github.com/spacehuhn/wifisatellite) WiFi Satellite Project - as seen on the Chaos Communication Congress
- [**37**Star][1m] [C] [snorez/exploits](https://github.com/snorez/exploits) practice
- [**37**Star][1m] [Shell] [snawoot/linux-secureboot-kit](https://github.com/snawoot/linux-secureboot-kit) Tool for complete hardening of Linux boot chain with UEFI Secure Boot
- [**37**Star][2m] [smithersec/bug-bounty-resources](https://github.com/smithersec/bug-bounty-resources) Resources I consider useful for security research of web applications
- [**37**Star][7m] [SourcePawn] [shanapu/myjailbreak](https://github.com/shanapu/myjailbreak) A rewrite of Franugs Special Jailbreak and merge of eccas, ESK0s & zipcores Jailbreak Warden
- [**37**Star][1m] [Go] [sensepost/common-substr](https://github.com/sensepost/common-substr) Simple awk script to extract the most common substrings from an input text. Built for password cracking.
- [**37**Star][5m] [Perl] [sensepost/bile-suite](https://github.com/sensepost/bile-suite) The Bi-directional Link Extractor.
- [**37**Star][4m] [C] [sektioneins/xpwntool-lite](https://github.com/sektioneins/xpwntool-lite) Lightweight version of xpwntool just for decrypting IMG3 firmware files
- [**37**Star][2m] [C] [sduverger/ld-shatner](https://github.com/sduverger/ld-shatner) ld-linux code injector
- [**37**Star][30d] [Assembly] [sdasgup3/binary-decompilation](https://github.com/sdasgup3/binary-decompilation) Extracting high level semantic information from binary code
- [**37**Star][2y] [C] [satoshinm/pill_duck](https://github.com/satoshinm/pill_duck) Scriptable USB HID device for STM32F103 blue pill (inspired by USB Rubber Ducky) ⛺
- [**37**Star][2m] [Shell] [samyoyo/flux](https://github.com/samyoyo/flux) Flux is a [WIFI CRACKER]
- [**37**Star][6m] [JS] [saelo/feuerfuchs](https://github.com/saelo/feuerfuchs) Files for the "feuerfuchs" challenge of 33C3 CTF. See the greeting message in server.py for more information about the challenge
- [**37**Star][1y] [Py] [s0md3v/entropy](https://github.com/s0md3v/entropy) Entropy is a (prototype) WAF driven by maths.
- [**37**Star][3m] [Py] [raymanfx/android-cve-checker](https://github.com/raymanfx/android-cve-checker) Python tool to check your Android kernel for missing CVE patches.
- [**37**Star][5m] [Py] [r0oth3x49/tor](https://github.com/r0oth3x49/tor) Tor is a python based module for using tor proxy/network services on windows, osx, linux with just one click.
- [**37**Star][7y] [JS] [ptcoresec/ctf-scoreboard](https://github.com/ptcoresec/ctf-scoreboard) A scoreboard for Security CTF events
- [**37**Star][12d] [JS] [psych0tr1a/elscripto](https://github.com/psych0tr1a/elscripto) XSS explot kit/Blind XSS framework/BurpSuite extension
- [**37**Star][1m] [Py] [portswigger/active-scan-plus-plus](https://github.com/portswigger/active-scan-plus-plus) ActiveScan++ Burp Suite Plugin
- [**37**Star][6m] [Py] [philwantsfish/gdb_commands](https://github.com/philwantsfish/gdb_commands) GDB commands to aid exploit development
- [**37**Star][1m] [Py] [peterhinch/micropython-fourier](https://github.com/peterhinch/micropython-fourier) Fast Fourier transform in MicroPython's inline ARM assembler.
- [**37**Star][28d] [C] [pentesteracademy/linux-rootkits-red-blue-teams](https://github.com/pentesteracademy/linux-rootkits-red-blue-teams) Linux Rootkits (4.x Kernel)
- [**37**Star][5m] [C] [particle-iot-archived/bootloader](https://github.com/particle-iot-archived/bootloader) USB Bootloader for Spark Firmware
- [**37**Star][19d] [Py] [parasimpaticki/sandcastle](https://github.com/parasimpaticki/sandcastle) 
- [**37**Star][4y] [C] [p0cl4bs/thanos](https://github.com/p0cl4bs/thanos) Thanos is a tool made for scan a range of IP's and get the banners of the running services. The main function is do banner grabber, but you also can use this for exploit vulnerabilities, find proxy servers, or simply check for open ports.
- [**37**Star][2m] [C#] [sonatype-nexus-community/audit.net](https://github.com/sonatype-nexus-community/audit.net) Identify known vulnerabilities in .net nuget dependencies
- [**37**Star][4m] [Py] [oros42/dns_sniffer](https://github.com/oros42/dns_sniffer) A python DNS sniffer
- [**37**Star][2m] [Go] [orbs-network/lean-helix-go](https://github.com/orbs-network/lean-helix-go) Go implementation of the Lean Helix Byzantine fault tolerant consensus algorithm
- [**37**Star][3y] [Java] [onurkarasalihoglu/pentest-tools](https://github.com/onurkarasalihoglu/pentest-tools) 
- [**37**Star][3m] [JS] [one-com/one-validation](https://github.com/one-com/one-validation) Regexp based validation collection for common internet validation tasks
- [**37**Star][4m] [Py] [oddcoder/cutterdrcov](https://github.com/oddcoder/cutterdrcov) DynamoRIO coverage visualization for cutter
- [**37**Star][3m] [Ruby] [nopernik/msfvenom-bc-generator](https://github.com/nopernik/msfvenom-bc-generator) Metasploit msfvenom Bash Completions Generator
- [**37**Star][5y] [C++] [nihilus/ida_classinformer](https://github.com/nihilus/ida_classinformer) IDA ClassInformer PlugIn
- [**37**Star][4m] [C++] [niemand-sec/directx11hook](https://github.com/niemand-sec/directx11hook) Hooking Game Graphic Engines!
- [**37**Star][2y] [Py] [nhoya/mycroftai-rce](https://github.com/nhoya/mycroftai-rce) "Zero Click" Remote Code Execution in Mycroft AI vocal assistant
- [**37**Star][4y] [C] [nexusbots/umbreon-rootkit](https://github.com/nexusbots/umbreon-rootkit) 
- [**37**Star][1m] [JS] [newfuture/pac](https://github.com/newfuture/pac) Proxy Auto Config generator,自动代理配置生成PAC,可配合ss小飞机使用
- [**37**Star][16d] [Py] [netxfly/eventlog-audit](https://github.com/netxfly/eventlog-audit) Windows事件日志审计系统，支持以WEB的方式审计日志
- [**37**Star][4m] [Py] [neargle/tips-note](https://github.com/neargle/tips-note) 做过的实验，踩过的坑
- [**37**Star][4m] [C++] [nanoric/pkn](https://github.com/nanoric/pkn) core of pkn game hacking project. Including mainly for process management, memory management, and DLL injecttion. Also PE analysis, windows registry management, compile-time sting encryption, byte-code emulator, etc. Most of them can run under kernel mode.
- [**37**Star][3y] [C] [mwsrc/mass-malicious-script-dump](https://github.com/mwsrc/mass-malicious-script-dump) Mass malicious script dump/Malware src dump
- [**37**Star][2y] [JS] [mudynamics/pcapr-local](https://github.com/mudynamics/pcapr-local)  browsing and managing a large repository of packet capture files 
- [**37**Star][17d] [Py] [mrts/burp-suite-http-proxy-history-converter](https://github.com/mrts/burp-suite-http-proxy-history-converter) Python script that converts Burp Suite HTTP proxy history files to CSV or HTML
- [**37**Star][5m] [Go] [mongodb-labs/mongoproxy](https://github.com/mongodb-labs/mongoproxy) A server that speaks the MongoDB wire protocol and can analyze/transform requests and responses - This Repository is NOT a supported MongoDB product
- [**37**Star][12m] [Arduino] [modustrialmaker/rings-of-saturn-led-light-music-visualizer](https://github.com/modustrialmaker/rings-of-saturn-led-light-music-visualizer) This is the code that is used for my "Rings of Saturn" light. It is very crude code right now, and there are a couple bugs, but it works for the most part. I used an electret microphone input, and a 6-channel RF receiver with remote, connected to an Arduino Mega. I plan to port this to an ESP8266 for Wifi control at some point.
- [**37**Star][1m] [Shell] [mjg59/xevilteddy](https://github.com/mjg59/xevilteddy) An evil teddy bear that steals your secrets
- [**37**Star][5m] [C] [microsoft/cfu](https://github.com/microsoft/cfu) Component Firmware Update
- [**37**Star][2m] [Ruby] [miaout17/lolize](https://github.com/miaout17/lolize) Colorize your ruby output with rainbow
- [**37**Star][4m] [C#] [mgeeky/stracciatella](https://github.com/mgeeky/stracciatella) OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI and Script Block Logging disabled at startup
- [**37**Star][11m] [Batchfile] [meesong/nt-crucial-modules](https://github.com/meesong/nt-crucial-modules) Collect different versions of Crucial modules.
- [**37**Star][7m] [Py] [medicean/sublimexssencode](https://github.com/medicean/sublimexssencode) Converts characters from one encoding to another using a transformation.
- [**37**Star][4m] [C] [mboehme/pythia](https://github.com/mboehme/pythia) Pythia (extends AFL with Predictions)
- [**37**Star][16d] [JS] [makerdiary/web-device-cli](https://github.com/makerdiary/web-device-cli) A Web Command Line Interface via NUS (Nordic UART Service) using Web Bluetooth
- [**37**Star][3y] [Py] [luckygeck/ycmdcompletion](https://github.com/luckygeck/ycmdcompletion) Sublime Text 3 plugin for C++ code completion and error highlighting, based on Ycmd server
- [**37**Star][3m] [C] [long123king/tokenext](https://github.com/long123king/tokenext) A windbg extension, extracting token related contents
- [**37**Star][6y] [C++] [lallousx86/graphslick](https://github.com/lallousx86/graphslick) IDA Plugin - GraphSlick
- [**37**Star][6m] [C] [korczis/upx](https://github.com/korczis/upx) UPX is a free, portable, extendable, high-performance executable packer for several executable formats. See
- [**37**Star][13d] [Py] [k-tamura/easybuggy4django](https://github.com/k-tamura/easybuggy4django) EasyBuggy clone built on Django
- [**37**Star][4y] [Java] [julianschuette/condroid](https://github.com/julianschuette/condroid) Symbolic/concolic execution of Android apps
- [**37**Star][4y] [Java] [joelwass/android-ble-scan-example](https://github.com/joelwass/android-ble-scan-example) This is a simple example app that turns on ble and scans for devices, listing them out. It's for Android API 23
- [**37**Star][2m] [Py] [jasonhinds13/hackable](https://github.com/jasonhinds13/hackable) A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
- [**37**Star][12m] [Eagle] [jamesgao/kiln_controller](https://github.com/jamesgao/kiln_controller) Implement a wifi-connected controller for a propane kiln
- [**37**Star][2m] [JS] [jackgu1988/dsploit-scripts](https://github.com/jackgu1988/dsploit-scripts) Scripts that could be injected in MITM attacks using dSploit
- [**37**Star][6m] [Kotlin] [itznotabug/checkoutverifier](https://github.com/itznotabug/checkoutverifier) Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
- [**37**Star][28d] [C++] [isoadam/gina_public](https://github.com/isoadam/gina_public) Prototype of hijacking Windows driver dispatch routines in unmapped discardable sections
- [**37**Star][3m] [CMake] [intel/torch](https://github.com/intel/torch) Torch is a scientific computing framework with wide support for machine learning algorithms. It is easy to use and efficient, thanks to an easy and fast scripting language, LuaJIT, and an underlying C/CUDA implementation.
- [**37**Star][24d] [C] [intel/kvm-sgx](https://github.com/intel/kvm-sgx) 
- [**37**Star][4m] [Java] [imaprincess/algorithms-4-everyone](https://github.com/imaprincess/algorithms-4-everyone) Various algorithms
- [**37**Star][26d] [Java] [realbearcat/cve-2017-12615](https://github.com/RealBearcat/CVE-2017-12615) Tomcat 远程代码执行漏洞 Exploit
- [**37**Star][15d] [Py] [huntergregal/bothunter](https://github.com/huntergregal/bothunter) Scans the internet for open FTP servers looking for common malware bot droppers and grabs them for sampling. Also provides support for uploading samples to VirusTotal
- [**37**Star][2y] [Java] [htbridge/pivaa](https://github.com/htbridge/pivaa) Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
- [**37**Star][4m] [Shell] [hromie/obfs4proxy-openvpn](https://github.com/hromie/obfs4proxy-openvpn) Obfuscating OpenVPN traffic using obfs4proxy
- [**37**Star][3m] [C] [happy-bubbles/presence-firmware](https://github.com/happy-bubbles/presence-firmware) 
- [**37**Star][2m] [Py] [gdssecurity/burpee](https://github.com/gdssecurity/burpee) Python object interface to requests/responses recorded by Burp Suite
- [**37**Star][3m] [C] [gdbinit/kextstat_aslr](https://github.com/gdbinit/kextstat_aslr) Implementation of kexstat via /dev/kmem with kernel ASLR support
- [**37**Star][4y] [C++] [flankerhqd/cve-2015-6620-poc](https://github.com/flankerhqd/cve-2015-6620-poc) POC for CVE-2015-6620, AMessage unmarshal arbitrary write
- [**37**Star][12m] [Py] [fkie-cad/luckycat](https://github.com/fkie-cad/luckycat) A distributed fuzzing management framework
- [**37**Star][18d] [C++] [ez8-co/xpjson](https://github.com/ez8-co/xpjson) 
- [**37**Star][4y] [Py] [exploit-install/shellsploit-framework](https://github.com/exploit-install/shellsploit-framework) New Generation Exploit Development Kit
- [**37**Star][4m] [C] [egguncle/ptraceinject](https://github.com/egguncle/ptraceinject) 进程注入
- [**37**Star][3m] [edoverflow/legal-bug-bounty](https://github.com/edoverflow/legal-bug-bounty) #legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
- [**37**Star][18d] [Go] [dwin/gosecretboxpassword](https://github.com/dwin/gosecretboxpassword) A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.
- [**37**Star][11d] [C] [dns-oarc/dnsjit](https://github.com/dns-oarc/dnsjit) Engine for capturing, parsing and replaying DNS
- [**37**Star][2y] [C] [dlrobertson/sylkie](https://github.com/dlrobertson/sylkie) IPv6 address spoofing with the Neighbor Discovery Protocol
- [**37**Star][3m] [Py] [disruptops/resource-counter](https://github.com/disruptops/resource-counter) This command line tool counts the number of resources in different categories across Amazon regions.
- [**37**Star][4m] [Py] [darksecdevelopers/absorber](https://github.com/darksecdevelopers/absorber) An advance keylogger that works and also logs special keys including uppercase letters as well.
- [**37**Star][5m] [C++] [dankirk/regslscan](https://github.com/dankirk/regslscan) A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
- [**37**Star][1m] [JS] [dangkyokhoang/man-in-the-middle](https://github.com/dangkyokhoang/man-in-the-middle) Modify requests, inject JavaScript and CSS into pages
- [**37**Star][4y] [Awk] [d3sre/understanding_the_ndis_6_stack](https://github.com/d3sre/understanding_the_ndis_6_stack) Public documents about bachelor thesis "Reverse Engineering Analysis of the NDIS 6.* stack"
- [**37**Star][14d] [Py] [csababarta/volatility_plugins](https://github.com/csababarta/volatility_plugins) Volatility plugins created by the author
- [**37**Star][10d] [Rust] [citahub/libsm](https://github.com/citahub/libsm) A Rust Library of China's Standards of Encryption Algorithms (SM2/3/4)
- [**37**Star][2y] [Py] [cr4sh/smram_parse](https://github.com/cr4sh/smram_parse) System Management RAM analysis tool
- [**37**Star][3y] [PS] [clr2of8/commentator](https://github.com/clr2of8/commentator) 
- [**37**Star][1m] [Py] [cheery/spirthon](https://github.com/cheery/spirthon) Python bytecode to SPIR-V -translation.
- [**37**Star][12m] [Batchfile] [cervoise/abuse-bash-for-windows](https://github.com/cervoise/abuse-bash-for-windows) Pentest scripts for abuse Bash on Windows (Cygwin/WSL) - HackLu 2018
- [**37**Star][3m] [C++] [celestialpaler/cthackframework](https://github.com/celestialpaler/cthackframework) 游戏外挂通用框架，快速构建外挂程序。
- [**37**Star][7m] [Makefile] [c0deh4cker/pwnableharness](https://github.com/c0deh4cker/pwnableharness) Manage building and deploying exploitation challenges with ease
- [**37**Star][2m] [Py] [byt3bl33d3r/toby](https://github.com/byt3bl33d3r/toby) Recursively searches a directory for any file containing a specified string
- [**37**Star][3y] [Py] [brianwrf/s2-053-cve-2017-12611](https://github.com/brianwrf/s2-053-cve-2017-12611) A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)
- [**37**Star][4y] [C++] [breakingmalwareresearch/cfgexceptions](https://github.com/breakingmalwareresearch/cfgexceptions) Adding exceptions to Microsoft's Control Flow Guard (CFG)
- [**37**Star][11d] [C] [br101/libuwifi](https://github.com/br101/libuwifi) Userspace Wifi Library
- [**37**Star][2y] [JS] [blackhole1/fecm](https://github.com/blackhole1/fecm) 前端XSS防火墙及后台报警系统(front-end XSS firewall and back-end alarm system)
- [**37**Star][2m] [Py] [bfosterjr/ufgraph](https://github.com/bfosterjr/ufgraph) 
- [**37**Star][3m] [C] [bartobri/mrrcrypt](https://github.com/bartobri/mrrcrypt) A command line encryption/decryption tool using an adaptive mirror field algorithm.
- [**37**Star][3y] [Py] [b4rd4k/vproxy](https://github.com/b4rd4k/vproxy) Forward HTTP/S Traffic To Proxy Instance
- [**37**Star][3m] [Shell] [armourbird/csf](https://github.com/armourbird/csf) ArmourBird CSF - Container Security Framework
- [**37**Star][2m] [Py] [armissecurity/urgent11-detector](https://github.com/armissecurity/urgent11-detector) URGENT/11 detection tool by Armis
- [**37**Star][4m] [Ruby] [appspector/ios-sdk](https://github.com/appspector/ios-sdk) AppSpector is a debugging service for mobile apps
- [**37**Star][23d] [Py] [alexbers/exploit_farm](https://github.com/alexbers/exploit_farm) The utility for CTF hacker competition for team hacking and flag submitting
- [**37**Star][2m] [Py] [alessiovierti/blindpie](https://github.com/alessiovierti/blindpie) Automatically exploit time-based blind SQL injection vulnerabilities.
- [**37**Star][2m] [C] [abiondo/afl](https://github.com/abiondo/afl) My fork of American Fuzzy Lop
- [**37**Star][3y] [C++] [3gstudent/shellcode-generater](https://github.com/3gstudent/shellcode-generater) No inline asm,support x86/x64
- [**37**Star][6m] [C++] [3gstudent/from-system-authority-to-medium-authority](https://github.com/3gstudent/from-system-authority-to-medium-authority) Penetration test
- [**37**Star][4y] [C] [0xbadc0de1/vmp_dbg](https://github.com/0xbadc0de1/vmp_dbg) This is a VmProtect integrated debugger, that will essentially allow you to disasm and debug vmp partially virtualized functions at the vmp bytecode level. It was made using TitanEngine for the debug engine and Qt for the gui. Do not expect much of it and feel free to report any bugs.
- [**36**Star][19d] [Go] [porech/engarde](https://github.com/porech/engarde) A go network utility to create a reliable IP tunnel over multiple connections
- [**36**Star][27d] [JS] [openzeppelin/exploit-uniswap](https://github.com/openzeppelin/exploit-uniswap) Exploiting a Uniswap exchange that uses an ERC777 token by leveraging the reentrant microtrading attack vector
- [**36**Star][3m] [C#] [bloodhoundad/sharphound3](https://github.com/bloodhoundad/sharphound3) 
- [**36**Star][12m] [HTML] [athityakumar/tvseries](https://github.com/athityakumar/tvseries) TV Series is a tool that scrapes Episode Synopsis' of popular TV Series' from websites like Wikipedia / IMDb and show in one place with a user-friendly navigation UI.
- [**36**Star][17d] [Py] [kovinevmv/getcontact](https://github.com/kovinevmv/getcontact) Find info about user by phone using GetContact API
- [**36**Star][20d] [Dockerfile] [ruimarinho/docker-openvpn-monitor](https://github.com/ruimarinho/docker-openvpn-monitor) Run the web-based OpenVPN Monitor in Docker
- [**36**Star][1m] [Py] [hl10502/scrapy_site](https://github.com/hl10502/scrapy_site) 使用Scrapy框架，通过关键字检索，爬取招标网站的招投标信息，每天定时发送Email
- [**36**Star][26d] [C] [exeinspa/exein-openwrt-public](https://github.com/exeinspa/exein-openwrt-public) Openwrt 18.06.5 featured with the Exein's security framework
- [**36**Star][8m] [JS] [filp/oversmash](https://github.com/filp/oversmash) Overwatch API library for player details and career stats
- [**36**Star][1m] [Py] [pengzhaoqing/scrapy-housepricing](https://github.com/pengzhaoqing/scrapy-housepricing) A data extraction tool for HousePricing(
- [**36**Star][2m] [C] [cloudbase/qemu](https://github.com/cloudbase/qemu) Fork of git://git.qemu.org/qemu.git
- [**36**Star][4m] [Py] [securityriskadvisors/pdblaster](https://github.com/securityriskadvisors/pdblaster) 
- [**36**Star][5m] [C#] [falahati/uachelper](https://github.com/falahati/uachelper) A helper class library to detect, manage and use UAC functionalities in your program.
- [**36**Star][20d] [C++] [kzemek/etls](https://github.com/kzemek/etls) An alternative NIF-based implementation of Erlang ssl module.
- [**36**Star][28d] [Java] [crazyacking/zeekeye](https://github.com/crazyacking/zeekeye) 轻量级垂直爬虫，针对但不限于新浪微博
- [**36**Star][2m] [Py] [jin10086/copyheaders](https://github.com/jin10086/copyheaders) 方便的从浏览器复制浏览器头
- [**36**Star][4m] [chris1111/wifi-dlink-catalina-panel-v2](https://github.com/chris1111/wifi-dlink-catalina-panel-v2) 
- [**36**Star][2m] [Java] [heyingcai/cetty](https://github.com/heyingcai/cetty) 基于事件分发的爬虫框架
- [**36**Star][2m] [TS] [planarnetwork/raptor](https://github.com/planarnetwork/raptor) Implementation of the Route Based Public Transit Algorithm (Raptor)
- [**36**Star][14d] [Scala] [mrpowers/spark-stringmetric](https://github.com/mrpowers/spark-stringmetric) Spark functions to run popular phonetic and string matching algorithms
- [**36**Star][10m] [Java] [bootsrc/algorithm4j](https://github.com/bootsrc/algorithm4j) 用java实现的算法 Algorithm implemented by Java
- [**36**Star][2m] [Rust] [iankronquist/rustyvisor](https://github.com/iankronquist/rustyvisor) A hypervisor written in Rust. A work in progress.
- [**36**Star][2m] [Go] [neighborhood999/fiven1-rent-scraper](https://github.com/neighborhood999/fiven1-rent-scraper) 
- [**36**Star][3m] [TS] [conorgil/2fa-notifier](https://github.com/conorgil/2fa-notifier) 2FA Notifier is a web extension that notifies users whether or not the sites they visit support two factor authentication (2FA).
- [**36**Star][4m] [Kotlin] [typeerror/bookmarks](https://github.com/typeerror/bookmarks) A Burp Suite Extension to take back your repeater tabs
- [**36**Star][8d] [Ada] [componolit/recordflux](https://github.com/componolit/recordflux) Formal message specification and generation of verifiable binary parsers and message generators
- [**36**Star][9d] [Py] [pinto0309/openvino-emotionrecognition](https://github.com/pinto0309/openvino-emotionrecognition) OpenVINO+NCS2/NCS+MutiModel(FaceDetection, EmotionRecognition)+MultiStick+MultiProcess+MultiThread+USB Camera/PiCamera. RaspberryPi 3 compatible. Async.
- [**36**Star][22d] [C] [rt-thread-packages/webclient](https://github.com/rt-thread-packages/webclient) http client library by RT-Thread
- [**36**Star][27d] [C] [homeaccessorykid/life-cycle-manager](https://github.com/homeaccessorykid/life-cycle-manager) Initial install, WiFi settings and over the air firmware upgrades for any esp-open-rtos repository on GitHub
- [**36**Star][16d] [Swift] [pureswift/gatt](https://github.com/pureswift/gatt) Bluetooth Generic Attribute Profile (GATT) for Swift (Supports Linux)
- [**36**Star][5m] [JS] [jsnomad/google-scraper](https://github.com/jsnomad/google-scraper) Extract links from Google SERP
- [**36**Star][14d] [C#] [emoacht/managednativewifi](https://github.com/emoacht/managednativewifi) A managed implementation of Native Wifi API
- [**36**Star][30d] [C] [martinribelotta/elfloader](https://github.com/martinribelotta/elfloader) ARMv7M ELF loader
- [**36**Star][1y] [PHP] [elboletaire/php-crawler](https://github.com/elboletaire/php-crawler) 
- [**36**Star][17d] [Java] [scaleunlimited/flink-crawler](https://github.com/scaleunlimited/flink-crawler) Continuous scalable web crawler built on top of Flink and crawler-commons
- [**36**Star][6m] [Go] [qvl/httpsyet](https://github.com/qvl/httpsyet) Crawler to find links you can update to HTTPS
- [**36**Star][17d] [C++] [alphaseclab/bypass-uac](https://github.com/alphaseclab/bypass-uac) 
- [**36**Star][1m] [PHP] [d0g3-lab/i-soon_ctf_2019](https://github.com/d0g3-lab/i-soon_ctf_2019) 2019 第二届安洵杯 题目环境/源码
- [**36**Star][12d] [Go] [moov-io/watchman](https://github.com/moov-io/watchman) AML/CTF/KYC/OFAC Search of global watchlist, sanctions, and politically exposed person (PEP)
- [**36**Star][12m] [Go] [davidqhr/socccks](https://github.com/davidqhr/socccks) Socccks is a shadowsocks like separated socks5 proxy
- [**36**Star][27d] [Py] [cameronlonsdale/mtp](https://github.com/cameronlonsdale/mtp) Many-Time Pad Interactive
- [**36**Star][5m] [ObjC] [billy-ellis/ios-file-explorer](https://github.com/billy-ellis/ios-file-explorer) No-jailbreak file explorer application for iOS
- [**36**Star][8d] [Py] [byt3bl33d3r/wifi-graper](https://github.com/byt3bl33d3r/wifi-graper) Automatically get internetz from access points that have MAC based filtering enabled
- [**36**Star][10m] [Py] [vulnerscom/scripts](https://github.com/vulnerscom/scripts) Some useful scripts for penetration testing
- [**36**Star][11d] [Py] [averagesecurityguy/exfil](https://github.com/averagesecurityguy/exfil) Modular tool to test exfiltration techniques.
- [**36**Star][4m] [KiCad] [sektioneins/ipod-serial-adapter](https://github.com/sektioneins/ipod-serial-adapter) circuit board (PCB) schematics for 30-pin iPod serial debugging
- [**36**Star][12d] [Ruby] [intrigueio/intrigue-ident](https://github.com/intrigueio/intrigue-ident) Application and Service Fingerprinting Library
- [**36**Star][25d] [Py] [angr/angr-platforms](https://github.com/angr/angr-platforms) A collection of extensions to angr to handle new platforms
- [**36**Star][11d] [Py] [michenriksen/maltego](https://github.com/michenriksen/maltego) Custom Maltego transforms
- [**36**Star][7m] [Py] [minimaxir/facebook-ad-library-scraper](https://github.com/minimaxir/facebook-ad-library-scraper) A Python scraper for the Facebook Ad Library, using the official Facebook Ad Library API.
- [**36**Star][2m] [C] [stealth/injectso](https://github.com/stealth/injectso) 
- [**36**Star][1m] [C] [nordicsemiconductor/pynrfjprog](https://github.com/nordicsemiconductor/pynrfjprog) Python wrapper around the nrfjprog dynamic link library (DLL)
- [**36**Star][4m] [LLVM] [galoisinc/llvm-pretty-bc-parser](https://github.com/galoisinc/llvm-pretty-bc-parser) Parser for the llvm bitcode format
- [**36**Star][1m] [Py] [robindavid/captcha-basic-recognition](https://github.com/robindavid/captcha-basic-recognition) Python module that intent to crack basic captcha engines using OpenCV and Pytesser
- [**36**Star][1m] [Py] [danmcinerney/best-channel](https://github.com/danmcinerney/best-channel) Find wifi channel with least interference
- [**36**Star][2m] [Shell] [mthbernardes/fsudo](https://github.com/mthbernardes/fsudo) Steal users password with a fake sudo function.
- [**36**Star][7m] [C++] [blole/injectory](https://github.com/blole/injectory) command-line interface dll injector
- [**36**Star][3m] [JS] [andrewda/csgoitemdb](https://github.com/andrewda/csgoitemdb) An API to retrieve accurate CS:GO prices for high- and low-tier items
- [**36**Star][2m] [C] [xerpi/vita-libbaremetal](https://github.com/xerpi/vita-libbaremetal) PSVita bare-metal payload library and sample
- [**36**Star][19d] [Go] [tismayil/rsdl](https://github.com/tismayil/rsdl) Subdomain Scan With Ping Method.
- [**36**Star][11d] [awsmhacks/awsmbloodhoundcustomqueries](https://github.com/awsmhacks/awsmbloodhoundcustomqueries) Collection of cyphers for bloodhound
- [**36**Star][2m] [C] [xerpi/vita-libbaremetal](https://github.com/xerpi/vita-libbaremetal) PSVita bare-metal payload library and sample
- [**36**Star][20d] [JS] [learn-crypto-trading/learn-crypto-trading.github.io](https://github.com/learn-crypto-trading/learn-crypto-trading.github.io) valuable sources for TA, FA, Algorithmic \ Quant Trading
- [**36**Star][12d] [Go] [geek1011/easy-novnc](https://github.com/geek1011/easy-novnc) Single-binary noVNC instance, web UI, and multi-host proxy.
- [**36**Star][14d] [Shell] [bypassrg/att](https://github.com/bypassrg/att) Using Asuswrt-Merlin to bypass AT&T's residential gateway
- [**36**Star][14d] [TS] [paulmillr/noble-ed25519](https://github.com/paulmillr/noble-ed25519) Noble ed25519 + ristretto255. Fast, high-security, easily auditable, 0-dep, 1-file pubkey, scalarmult & EDDSA
- [**36**Star][17d] [travisbgreen/hunting-rules](https://github.com/travisbgreen/hunting-rules) Suricata 4.1.2+ rules for network anomaly detection
- [**36**Star][2y] [Shell] [re4son/pocket-kali-live-build](https://github.com/Re4son/Pocket-Kali-live-build) Debian live build for the Pocket-Kali
- [**36**Star][1m] [HTML] [raidandfade/hacktoberchallenges2018](https://github.com/RaidAndFade/HacktoberChallenges2018) Welcome! I need some help making my list... Learn how in the README
- [**36**Star][3y] [Py] [lightless233/pansidong](https://github.com/lightless233/Pansidong) 盘丝洞 - 自动化WEB漏洞扫描器
- [**36**Star][1m] [Shell] [blackgeneration/uncle-spufus](https://github.com/blackgeneration/uncle-spufus) A tool that automates MAC address and hostname spoofing
- [**36**Star][5m] [Go] [joshrendek/hnypots-agent](https://github.com/joshrendek/hnypots-agent) A SSH Server in Go that logs username/password combos
- [**36**Star][17d] [JS] [googleapis/cloud-profiler-nodejs](https://github.com/googleapis/cloud-profiler-nodejs) Node.js library for Stackdriver Profiler. Continuous CPU and heap profiling to improve performance and reduce costs.
- [**36**Star][20d] [HTML] [zhuowei/worthdoingbadly.com](https://github.com/zhuowei/worthdoingbadly.com) My blog where I make a new coding project every Thursday.
- [**36**Star][5m] [Py] [yaokaiyang-assaultmaster/pythonportscanner](https://github.com/yaokaiyang-assaultmaster/pythonportscanner) 
- [**36**Star][1m] [C] [xvortex/ps4-payload-sdk](https://github.com/xvortex/ps4-payload-sdk) Open source PS4 SDK
- [**36**Star][2y] [Visual Basic] [xiaoxiaoleo/windows_privilege_escalation](https://github.com/xiaoxiaoleo/windows_privilege_escalation) The memory of a generation of script kid.
- [**36**Star][2m] [C] [xerpi/vita-libbaremetal](https://github.com/xerpi/vita-libbaremetal) PSVita bare-metal payload library and sample
- [**36**Star][4m] [JS] [xaeroxe/featherpasswordmanager](https://github.com/xaeroxe/featherpasswordmanager) Highly portable extremely light-weight password manager that stores all your passwords in a local encrypted file.
- [**36**Star][3m] [Py] [x0rloser/ps4_wifi_bt](https://github.com/x0rloser/ps4_wifi_bt) PS4 wifi/bluetooth firmware ~~reversing~~ h4x
- [**36**Star][4m] [Py] [x-vector/x-rsa](https://github.com/x-vector/x-rsa) Cryptography Tool | RSA Attacks
- [**36**Star][4m] [Shell] [wombat94/eficlone](https://github.com/wombat94/eficlone) macOS Shell Scripts to clone the EFI partition automatically from either Carbon Copy Cloner or SuperDuper! when run on a Hackintosh
- [**36**Star][4m] [Pascal] [winkelsdorf/delphiencryptioncompendium](https://github.com/winkelsdorf/delphiencryptioncompendium) Automatically exported from code.google.com/p/delphidec
- [**36**Star][1m] [Py] [whitequark/binja_itanium_cxx_abi](https://github.com/whitequark/binja_itanium_cxx_abi) Binary Ninja Itanium C++ ABI Plugin
- [**36**Star][5m] [JS] [websecurify/acme-no-login](https://github.com/websecurify/acme-no-login) Demonstrates a login bypass attack against a sample MongoDB/NodeJS application
- [**36**Star][10m] [C#] [vahidn/dntscanner.core](https://github.com/vahidn/dntscanner.core) DNTScanner.Core is a .NET 4x and .NET Core 2x+ wrapper for the Windows Image Acquisition library.
- [**36**Star][8m] [Py] [tromey/gdb-gui](https://github.com/tromey/gdb-gui) A gdb gui written in Python, running inside gdb itself.
- [**36**Star][2m] [Go] [traetox/sshforshits](https://github.com/traetox/sshforshits) framework for a high interaction SSH honeypot
- [**36**Star][2m] [Go] [tomnomnom/rawhttp](https://github.com/tomnomnom/rawhttp) A Go library for making HTTP requests with complete control
- [**36**Star][4m] [C#] [tlgyt/wibr](https://github.com/tlgyt/wibr) Wifi Bruteforce (WiBr) is a wifi cracking tool written in c#.
- [**36**Star][6m] [C++] [titzanyic/clover](https://github.com/titzanyic/clover) 我的黑苹果配置列表
- [**36**Star][4m] [Py] [tianzheng4/distributionally-adversarial-attack](https://github.com/tianzheng4/distributionally-adversarial-attack) AAAI-19 oral presentation
- [**36**Star][3y] [C] [thomasking2014/reversetinytooldemo](https://github.com/thomasking2014/reversetinytooldemo) 
- [**36**Star][11d] [Java] [thecyaniteproject/exit_code_java](https://github.com/thecyaniteproject/exit_code_java) ExitCode - The Free, Open-Source, Desktop & Hacking Simulator Game.
- [**36**Star][5m] [Py] [testingpens/constole](https://github.com/testingpens/constole) Scan for and exploit Consul agents
- [**36**Star][4m] [Py] [teebytes/tnt-fuzzer](https://github.com/teebytes/tnt-fuzzer) OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
- [**36**Star][5m] [technicaldada/best-hacking-tools](https://github.com/technicaldada/best-hacking-tools) BEST HACKING TOOLS..For more tools visit our blog for Hackers
- [**36**Star][1m] [tdifg/payloads](https://github.com/tdifg/payloads) for burp
- [**36**Star][3y] [C++] [tartanllama/libelfin](https://github.com/tartanllama/libelfin) C++11 ELF/DWARF parser
- [**36**Star][6m] [JS] [taisel/iodinegba](https://github.com/taisel/iodinegba) JavaScript GameBoy Advance emulator.
- [**36**Star][4m] [TeX] [sympy/sympy-paper](https://github.com/sympy/sympy-paper) Repo for the paper "SymPy: symbolic computing in python"
- [**36**Star][6m] [C++] [steven-michaud/sandboxmirror](https://github.com/steven-michaud/sandboxmirror) Tool for reverse-engineering Apple's sandbox
- [**36**Star][1y] [Py] [spiderlabs/owasp-crs-documentation](https://github.com/spiderlabs/owasp-crs-documentation) Documentation for the OWASP CRS project
- [**36**Star][2m] [Perl] [spiderlabs/ackack](https://github.com/spiderlabs/ackack) A program to monitor network traffic and detect unauthorized sessions.
- [**36**Star][2m] [PHP] [smaash/kunai](https://github.com/smaash/kunai) pwning & info gathering via user browser
- [**36**Star][6m] [PHP] [skoerfgen/certle](https://github.com/skoerfgen/certle) A Let's Encrypt PHP Command Line (ACME v1) Client
- [**36**Star][6m] [Vue] [shallownight/dns-analysis](https://github.com/shallownight/dns-analysis) 非法域名挖掘与画像系统。
- [**36**Star][3y] [Java] [serval-snt-uni-lu/droidra](https://github.com/serval-snt-uni-lu/droidra) Taming Reflection to Support Whole-Program Analysis of Android Apps
- [**36**Star][1m] [Shell] [seanheelan/funserialize](https://github.com/seanheelan/funserialize) Scripts and auxiliary files for fuzzing PHP's unserialize function
- [**36**Star][2y] [Py] [rxwx/cve-2017-11882](https://github.com/rxwx/cve-2017-11882) Proof-of-Concept exploits for CVE-2017-11882
- [**36**Star][2y] [PS] [rvrsh3ll/pentesting-scripts](https://github.com/rvrsh3ll/pentesting-scripts) A ton of helpful tools
- [**36**Star][2y] [C#] [roshly/ayyhook-loader](https://github.com/roshly/ayyhook-loader) A Free Open Source Cheat Loader
- [**36**Star][20d] [Shell] [rithvikvibhu/nh-magisk-wifi-firmware](https://github.com/rithvikvibhu/nh-magisk-wifi-firmware) This Magisk module adds the required firmware for external wireless adapters to be used with NetHunter.
- [**36**Star][3m] [C] [rems-project/sail-arm](https://github.com/rems-project/sail-arm) Sail version of ARM ISA definition, currently for ARMv8.5-A
- [**36**Star][8m] [Py] [redforcesec/dumpit](https://github.com/redforcesec/dumpit) An exploit for SHAREit <= v 4.0.38
- [**36**Star][25d] [PHP] [qilinbaoleiji/baoleiji](https://github.com/qilinbaoleiji/baoleiji) 麒麟堡垒机。主要包含：堡垒机运维模块（支持RDP/SSH/SFTP/FTP/TELNET）、动态口令模块、网管监控模块、日志分析模块、3A模块等
- [**36**Star][4y] [Shell] [pwnagentsmith/ir_tool](https://github.com/pwnagentsmith/ir_tool) Script for Forensic on Linux
- [**36**Star][29d] [C] [psxdev/ps4sdk](https://github.com/psxdev/ps4sdk) Modular open source ps4 sdk with user and kernel space support
- [**36**Star][1m] [Shell] [plenumlab/lazyrecon](https://github.com/plenumlab/lazyrecon) This script is intended to automate your reconnaissance process in an organized fashion
- [**36**Star][1y] [Py] [phar/eyephish](https://github.com/phar/eyephish) OpenCV based IDN option generator PoC
- [**36**Star][29d] [Go] [pbnj/s3-fuzzer](https://github.com/pbnj/s3-fuzzer) A concurrent, command-line AWS S3 Fuzzer.
- [**36**Star][4m] [C] [pearinc/fogconnect](https://github.com/pearinc/fogconnect) 提供企业级网络设备之间数据的快速，安全，可靠的P2P传输协议
- [**36**Star][4y] [C++] [paulmehta/ablation](https://github.com/paulmehta/ablation) Augmenting Static Analysis Using Pintool: Ablation
- [**36**Star][1y] [Java] [onionmail/onionmail](https://github.com/onionmail/onionmail) TOR Mail encrypted server for Hidden Services
- [**36**Star][4y] [C] [ofercas/ransomware_begone](https://github.com/ofercas/ransomware_begone) ransomware_begone
- [**36**Star][18d] [Go] [nucypher/goumbral](https://github.com/nucypher/goumbral) Umbral implementation in Golang
- [**36**Star][11m] [C#] [not-matthias/nemesis](https://github.com/not-matthias/nemesis) A customizable process dumper.
- [**36**Star][19d] [Shell] [nicoulaj/broom](https://github.com/nicoulaj/broom) A disk cleaning utility for developers.
- [**36**Star][5m] [Go] [netevert/delator](https://github.com/netevert/delator) Golang-based subdomain miner leveraging certificate transparency logs
- [**36**Star][1y] [C#] [netcorestack/proxy](https://github.com/netcorestack/proxy) The type-safe REST library for .NET Standard 2.0 (NetCoreStack Flying Proxy)
- [**36**Star][4y] [C++] [n3k/ekoparty2015_windows_smep_bypass](https://github.com/n3k/ekoparty2015_windows_smep_bypass) Windows SMEP Bypass U=S
- [**36**Star][28d] [Py] [n1nj4sec/pymemimporter](https://github.com/n1nj4sec/pymemimporter) import pyd or execute PE all from memory using only pure python code and some shellcode tricks
- [**36**Star][10d] [mzet-/ctf-writeups](https://github.com/mzet-/ctf-writeups) My writeups of various CTFs & security challenges
- [**36**Star][7y] [C] [mubix/fakenetbios](https://github.com/mubix/fakenetbios) See here:
- [**36**Star][3m] [Py] [mrwn007/m3m0](https://github.com/mrwn007/m3m0) M3m0 Tool
- [**36**Star][3y] [Py] [mr-un1k0d3r/searchipowner](https://github.com/mr-un1k0d3r/searchipowner) Search public IP owner through ARIN
- [**36**Star][3y] [Assembly] [mortenschenk/token-stealing-shellcode](https://github.com/mortenschenk/token-stealing-shellcode) 
- [**36**Star][4m] [Py] [moheshmohan/pyssltest](https://github.com/moheshmohan/pyssltest) A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws
- [**36**Star][3m] [Py] [misp/misp-objects](https://github.com/misp/misp-objects) Definition, description and relationship types of MISP objects
- [**36**Star][4m] [Py] [mikemeliz/torcrawl.py](https://github.com/mikemeliz/torcrawl.py) Crawl and extract (regular or onion) webpages through TOR network
- [**36**Star][16d] [C] [mborgerson/gdbstub](https://github.com/mborgerson/gdbstub) A simple, dependency-free GDB stub that can be easily dropped in to your project.
- [**36**Star][11d] [Shell] [mbauhardt/pass-keybase](https://github.com/mbauhardt/pass-keybase) A pass extension to re-encrypt and decrypt pass entries via keybase
- [**36**Star][2m] [Py] [mattbierner/urban-dictionary-word-list](https://github.com/mattbierner/urban-dictionary-word-list) Script and sample dataset of all urban dictionary entry names (around 1.4 million total)
- [**36**Star][3m] [C#] [m4ndingo/radare2gui_dotnet](https://github.com/m4ndingo/radare2gui_dotnet) Another radare2 gui for windows
- [**36**Star][4y] [Py] [luyishisi/webcrawlers](https://github.com/luyishisi/webcrawlers) 
- [**36**Star][11d] [Makefile] [lukaszlach/kali-desktop](https://github.com/lukaszlach/kali-desktop) 
- [**36**Star][2m] [JS] [lmammino/distributed-jwt-cracker](https://github.com/lmammino/distributed-jwt-cracker) An experimental distributed JWT token cracker built using Node.js and ZeroMQ
- [**36**Star][19d] [Py] [leonardonve/edm](https://github.com/leonardonve/edm) Encima De la Mosca HTTP proxy POC for infecting files on-the-fly and SSLstrip2
- [**36**Star][2y] [Go] [leoloobeek/gogreen](https://github.com/leoloobeek/gogreen) Environmental (and http) keying for scripting languages
- [**36**Star][1m] [C++] [klaasnicolaas/ha_nfc_scanner](https://github.com/klaasnicolaas/ha_nfc_scanner) Scan
- [**36**Star][6y] [C++] [kkar/teamviewer-dumper-in-cpp](https://github.com/kkar/teamviewer-dumper-in-cpp) Dumps TeamViewer ID,Password and account settings from a running TeamViewer instance by enumerating child windows.
- [**36**Star][3m] [Py] [kitctf/ctfcode](https://github.com/kitctf/ctfcode) Collection of somewhat useful stuff for CTF events
- [**36**Star][1m] [JS] [kevva/caw](https://github.com/kevva/caw) Construct HTTP/HTTPS agents for tunneling proxies
- [**36**Star][6m] [JS] [jrjr/paw.js](https://github.com/jrjr/paw.js) Passwordless Authentication Wallet (PAW) is key-based authentication for the web. The library helps manage identities, their associated public/private keypairs, and signing operations in the browser.
- [**36**Star][7m] [jpcoin/jpcoin](https://github.com/jpcoin/jpcoin) the cyber crypto cryptocoin
- [**36**Star][1m] [jgor/php-jpeg-shell](https://github.com/jgor/php-jpeg-shell) Simple PHP webshell with a JPEG header to bypass weak image verification checks
- [**36**Star][1y] [JS] [jamiebuilds/guarded-string](https://github.com/jamiebuilds/guarded-string) Prevent accidentally introducing XSS holes with the strings in your app
- [**36**Star][5m] [PHP] [isometriks/isometriksspambundle](https://github.com/isometriks/isometriksspambundle) Symfony3 Form Spam Protection
- [**36**Star][5y] [C] [in12hacker/vt_64_ept](https://github.com/in12hacker/vt_64_ept) createfile
- [**36**Star][5m] [Py] [immunio/apache-struts2-cve-2017-5638](https://github.com/immunio/apache-struts2-cve-2017-5638) Demo Application and Exploit
- [**36**Star][2y] [C++] [illusivenetworks-labs/getconsolehistoryandoutput](https://github.com/illusivenetworks-labs/getconsolehistoryandoutput) An Incident Response tool to extract console command history and screen output buffer
- [**36**Star][5m] [Java] [ikkisoft/blazer](https://github.com/ikkisoft/blazer) Burp Suite AMF Extension
- [**36**Star][15d] [Py] [idhyt/jeb-keygen](https://github.com/idhyt/jeb-keygen) JEB install env
- [**36**Star][10d] [Shell] [hybtoy/ssrrmu](https://github.com/hybtoy/ssrrmu) ShadowsocksRR (shadowsocksr/ssr) multi-user and single-user install scripts
- [**36**Star][6m] [hwroot/presentations](https://github.com/hwroot/presentations) 
- [**36**Star][20d] [JS] [honeypotio/techmap](https://github.com/honeypotio/techmap) Honeypot's Tech Map
- [**36**Star][4m] [C++] [hitanshu-dhawan/imagesteganography](https://github.com/hitanshu-dhawan/imagesteganography) 
- [**36**Star][4m] [Py] [henryhaohao/slider_captcha_crack](https://github.com/henryhaohao/slider_captcha_crack) 某教育网站滑动验证码破解 - 识别率100%
- [**36**Star][3m] [Py] [he1m4n6a/dcweb](https://github.com/he1m4n6a/dcweb) 三方依赖库扫描系统
- [**36**Star][5m] [PHP] [havysec/vulnerable-scene](https://github.com/havysec/vulnerable-scene) 一些漏洞场景的还原，基于
- [**36**Star][4m] [Py] [hash3lizer/subrake](https://github.com/hash3lizer/subrake) A powerful Subdomain Scanner & Validator for Reconnaissance.
- [**36**Star][26d] [C] [harvie/libpurple-core-answerscripts](https://github.com/harvie/libpurple-core-answerscripts) Most-hackable Pidgin plugin! Framework for hooking scripts to respond received messages for various libpurple clients such as pidgin or finch
- [**36**Star][3m] [hardenedlinux/armv7-nexus7-grsec](https://github.com/hardenedlinux/armv7-nexus7-grsec) Hardened PoC: PaX for Android
- [**36**Star][15d] [Py] [hackedteam/test-av](https://github.com/hackedteam/test-av) Automated antivirus test environment
- [**36**Star][3m] [Py] [ha71/pywhatcms](https://github.com/ha71/pywhatcms) Unofficial WhatCMS API package
- [**36**Star][19d] [Py] [gry/shellshock-scanner](https://github.com/gry/shellshock-scanner) A simple Shellshock scanner in python
- [**36**Star][4m] [C#] [greavesy1899/mafia2toolkit](https://github.com/greavesy1899/mafia2toolkit) Open source toolkit for Mafia 2.
- [**36**Star][2m] [Py] [gioyik/getexploit](https://github.com/gioyik/getexploit) 
- [**36**Star][2m] [Py] [geek-repo/c2-blockchain](https://github.com/geek-repo/c2-blockchain) This is a concept poc of command and control server implemented over blockchain
- [**36**Star][9y] [C#] [gdssecurity/wcf-binary-soap-plug-in](https://github.com/gdssecurity/wcf-binary-soap-plug-in) a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1)
- [**36**Star][3y] [C#] [gdssecurity/psattack](https://github.com/gdssecurity/psattack) A portable console aimed at making pentesting with PowerShell a little easier.
- [**36**Star][3m] [C] [gdbinit/crackme_nr1](https://github.com/gdbinit/crackme_nr1) fG!'s crackme #1 source code
- [**36**Star][2y] [fuzzysecurity/defcon-beijing-uac](https://github.com/fuzzysecurity/defcon-beijing-uac) Slide deck for DefCon Beijing
- [**36**Star][24d] [JS] [franciscoknebel/nginx-reverseproxy](https://github.com/franciscoknebel/nginx-reverseproxy) A simple implementation of a multidomain nginx reverse proxy, using Node apps.
- [**36**Star][2y] [C++] [fdiskyou/dbi](https://github.com/fdiskyou/dbi) Files for
- [**36**Star][5m] [TS] [fasibio/graphqldockerproxy](https://github.com/fasibio/graphqldockerproxy) A generic Graphql API for Docker and Kubernetes
- [**36**Star][1y] [PHP] [farisv/prestashop-cve-2018-19126](https://github.com/farisv/prestashop-cve-2018-19126) PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
- [**36**Star][2y] [D] [f-secure/reflash](https://github.com/f-secure/reflash) ActionScript3 dynamic instrumentation tool
- [**36**Star][19d] [C++] [ez8-co/unlocker](https://github.com/ez8-co/unlocker) 
- [**36**Star][30d] [Py] [eurecom-s3/linux_screenshot_xwindows](https://github.com/eurecom-s3/linux_screenshot_xwindows) Volatility plugin to extract X screenshots from a memory dump
- [**36**Star][6m] [Py] [eurecom-s3/actaeon](https://github.com/eurecom-s3/actaeon) Memory forensics of virtualization environments
- [**36**Star][1y] [enovella/ida2ghidra-kb](https://github.com/enovella/ida2ghidra-kb) 在Ghidra中应用部分IDA的键盘绑定
- [**36**Star][4m] [Java] [eclipse-cognicrypt/cognicrypt](https://github.com/eclipse-cognicrypt/cognicrypt) CogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.
- [**36**Star][7m] [Py] [ec-digit-csirc/virustotal-tools](https://github.com/ec-digit-csirc/virustotal-tools) 
- [**36**Star][20d] [Visual Basic] [dzzie/myaut_contrib](https://github.com/dzzie/myaut_contrib) mod to myaut2exe decompiler
- [**36**Star][6m] [Assembly] [dpt/the-great-escape](https://github.com/dpt/the-great-escape) Reverse engineering classic ZX Spectrum game "The Great Escape"
- [**36**Star][4m] [Visual Basic] [doctorlai/vbscript_obfuscator](https://github.com/doctorlai/vbscript_obfuscator) The VBScript Obfuscator written in VBScript
- [**36**Star][5y] [Py] [dionach/codeigniterxor](https://github.com/dionach/codeigniterxor) CodeIgniter <=2.1.4 session cookie decryption vulnerability
- [**36**Star][4m] [Shell] [diekmann/net-network](https://github.com/diekmann/net-network) Public collection of firewall dumps.
- [**36**Star][3y] [TS] [didinj/ionic3-cordova-barcode-qrcode-scanner](https://github.com/didinj/ionic3-cordova-barcode-qrcode-scanner) Ionic 3, Angular 4 and Cordova Barcode QRCode Scanner App Example
- [**36**Star][28d] [Java] [devadvance/rootinspector](https://github.com/devadvance/rootinspector) Advanced detection of rooting
- [**36**Star][13d] [Py] [davidwittman/wpxmlrpcbrute](https://github.com/davidwittman/wpxmlrpcbrute) Brute force WordPress sites vulnerabile to XML-RPC amplification.
- [**36**Star][2y] [C] [davidbuchanan314/fusee-nano](https://github.com/davidbuchanan314/fusee-nano) A minimalist re-implementation of the Fusée Gelée exploit (
- [**36**Star][3m] [Ruby] [danielmenezesbr/modernie-winrm](https://github.com/danielmenezesbr/modernie-winrm) This Vagrantfile is able to configure WinRM automatically on the box distributed by Microsoft.
- [**36**Star][6m] [Py] [dahua966/web-awd-framework](https://github.com/dahua966/web-awd-framework) AWD framework for web in CTF by HuaSir
- [**36**Star][4y] [Objective-C++] [cyhe/iossecurity-attack](https://github.com/cyhe/iossecurity-attack) APP安全(逆向攻击篇)
- [**36**Star][7y] [Perl] [cyberisltd/egresser](https://github.com/cyberisltd/egresser) Client/server scripts designed to test outbound (egress) firewall rules.
- [**36**Star][1m] [C] [ctxis/capemon](https://github.com/ctxis/capemon) CAPE monitor DLLs
- [**36**Star][6m] [Py] [concinnity-risks/ransomcoinpublic](https://github.com/concinnity-risks/ransomcoinpublic) A DFIR tool to extract cryptocoin addresses and other indicators of compromise from binaries.
- [**36**Star][3m] [C++] [cnrig/cnrig](https://github.com/cnrig/cnrig) Static CryptoNight CPU miner for Linux + automatic updates
- [**36**Star][4y] [C++] [cn33liz/tpminituacanniversarybypass](https://github.com/cn33liz/tpminituacanniversarybypass) Bypassing User Account Control (UAC) using TpmInit.exe
- [**36**Star][17d] [PHP] [cms-garden/cmsscanner](https://github.com/cms-garden/cmsscanner) Detects FOSS CMS in the local filesystem
- [**36**Star][1y] [Py] [claudiugeorgiu/riskindroid](https://github.com/claudiugeorgiu/riskindroid) A tool for quantitative risk analysis of Android applications based on machine learning techniques
- [**36**Star][7m] [C++] [chinatiny/gameanticheat](https://github.com/chinatiny/gameanticheat) 反外挂
- [**36**Star][5m] [Java] [cert-se/megatron-java](https://github.com/cert-se/megatron-java) Megatron - A System for Abuse- and Incident Handling
- [**36**Star][28d] [Go] [brimstone/rsocks](https://github.com/brimstone/rsocks) Tiny little reverse socks5 client & server
- [**36**Star][4y] [C] [brad-anton/proxbrute](https://github.com/brad-anton/proxbrute) Modified proxmark3 firmware to perform brute forcing of 26-Bit ProxCards
- [**36**Star][4m] [brad-anton/freeradius-wpe](https://github.com/brad-anton/freeradius-wpe) 
- [**36**Star][9m] [C] [border/wifihack](https://github.com/border/wifihack) wifihack
- [**36**Star][6m] [bkth/tale-of-chakra-bugs](https://github.com/bkth/tale-of-chakra-bugs) 
- [**36**Star][10d] [C] [bartavelle/rulesfinder](https://github.com/bartavelle/rulesfinder) [deprecated] see README
- [**36**Star][24d] [Dockerfile] [asuri-team/ctf-xinetd](https://github.com/asuri-team/ctf-xinetd) A docker image to hold pwn challenges in ctf war
- [**36**Star][2m] [OCaml] [artris/algorithms](https://github.com/artris/algorithms) Algorithms and Data Structures in ReasonML
- [**36**Star][1m] [Go] [artemisc/libgodium](https://github.com/artemisc/libgodium) Pure Go implementation of cryptographic APIs found in libsodium
- [**36**Star][4m] [Perl] [aron-tn/mega-bot](https://github.com/aron-tn/mega-bot) [NEW] : Mega Bot ☣ Scanner & Auto Exploiter
- [**36**Star][9m] [Py] [arbazkiraak/burpblh](https://github.com/arbazkiraak/burpblh) Broken Link Hijacking Burp Extension
- [**36**Star][4m] [Shell] [ank1036official/cloudcheck](https://github.com/ank1036official/cloudcheck) Checks using a test string if a Cloudflare DNS bypass is possible using CloudFail.
- [**36**Star][4m] [angelkitty/ida7.0](https://github.com/angelkitty/ida7.0) 
- [**36**Star][6m] [Py] [anantshri/ds_store_crawler_parser](https://github.com/anantshri/ds_store_crawler_parser) a parser + crawler for .DS_Store files exposed publically
- [**36**Star][4m] [Py] [amossys/fragscapy](https://github.com/amossys/fragscapy) Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
- [**36**Star][2m] [C] [alanquatermain/appencryptor](https://github.com/alanquatermain/appencryptor) A command-line tool to apply or remove Apple Binary Protection from an application.
- [**36**Star][4y] [7iosecurity/xss-payloads](https://github.com/7iosecurity/xss-payloads) XSS Payloads
- [**36**Star][3y] [Batchfile] [3gstudent/winpcap_install](https://github.com/3gstudent/winpcap_install) Auto install WinPcap on Windows(command line)
- [**36**Star][6m] [Py] [0ang3el/unsafe-jax-rs-burp](https://github.com/0ang3el/unsafe-jax-rs-burp) Burp Suite extension for JAX-RS
- [**36**Star][1y] [Py] [04x/wpscan](https://github.com/04x/wpscan) 渗透+信息收集
- [**35**Star][15d] [Py] [bot3939/hashcracker](https://github.com/bot3939/hashcracker) python hash cracker
- [**35**Star][4m] [Rascal] [lillecarl/ros_scripts](https://github.com/lillecarl/ros_scripts) Scripts for RouterOS (MikroTik devices)
- [**35**Star][2y] [ObjC] [antidote-for-tox/objctox](https://github.com/antidote-for-tox/objctox) No longer maintained
- [**35**Star][1y] [Py] [15920036578/jd_spider](https://github.com/15920036578/jd_spider) 
- [**35**Star][4m] [Py] [zoranpandovski/bookingscraper](https://github.com/zoranpandovski/bookingscraper) 
- [**35**Star][19d] [Py] [borzacchiello/seninja](https://github.com/borzacchiello/seninja) symbolic execution plugin for binary ninja
- [**35**Star][2m] [Go] [skx/evalfilter](https://github.com/skx/evalfilter) A bytecode-based virtual machine to implement scripting/filtering support in your golang project.
- [**35**Star][16d] [Py] [schedutron/chirps](https://github.com/schedutron/chirps) Twitter bot powering @arichduvet
- [**35**Star][4m] [C#] [ericzimmerman/evtx](https://github.com/ericzimmerman/evtx) C# based evtx parser with lots of extras
- [**35**Star][10d] [Makefile] [prsecurity/macos_execute_from_memory](https://github.com/prsecurity/macos_execute_from_memory) PoC of macho loading from memory
- [**35**Star][1m] [C] [milabs/lkrg-bypass](https://github.com/milabs/lkrg-bypass) LKRG bypass methods
- [**35**Star][4m] [C#] [codefoundryde/legacywrapper](https://github.com/codefoundryde/legacywrapper) LegacyWrapper uses a x86 wrapper to call legacy dlls from a 64 bit process (or vice versa).
- [**35**Star][2m] [Jupyter Notebook] [bjarten/alvito](https://github.com/bjarten/alvito) Alvito - An Algorithm Visualization Tool for Python
- [**35**Star][3m] [Java] [isku/algorithm](https://github.com/isku/algorithm) Algorithmic problem solving
- [**35**Star][2m] [Py] [taseikyo/crawler](https://github.com/taseikyo/crawler) 
- [**35**Star][5m] [Py] [flexwang/baiduimagecrawler](https://github.com/flexwang/baiduimagecrawler) A multithreaded tool for downloading search results of Baidu image search.
- [**35**Star][2m] [Py] [barseghyanartur/ska](https://github.com/barseghyanartur/ska) Sign data using symmetric-key algorithm encryption. Validate signed data and identify possible validation errors. Uses sha-(1, 224, 256, 385 and 512)/hmac for signature encryption. Custom hash algorithms are allowed. Useful shortcut functions for signing (and validating) dictionaries and URLs.
- [**35**Star][19d] [Py] [mbelmadani/moead-py](https://github.com/mbelmadani/moead-py) A Python implementation of the decomposition based multi-objective evolutionary algorithm (MOEA/D)
- [**35**Star][2m] [Kotlin] [eo/bluetooth-state-view](https://github.com/eo/bluetooth-state-view) Material design animated Bluetooth state view for Android
- [**35**Star][5m] [Swift] [colemancda/demoperipheral](https://github.com/colemancda/demoperipheral) Swift 3.0 Bluetooth LE Peripheral for ARM Linux device (e.g. BeagleBone, Raspberry Pi, Orange Pi)
- [**35**Star][4m] [Java] [wendux/dspiderdemo-android](https://github.com/wendux/dspiderdemo-android) 客户端爬虫安卓端demo
- [**35**Star][1y] [JS] [winglight/soducrawler](https://github.com/winglight/soducrawler) 
- [**35**Star][4m] [Py] [kumailn/algorithms](https://github.com/kumailn/algorithms) 
- [**35**Star][5m] [TS] [lukasbombach/sblendid](https://github.com/lukasbombach/sblendid) A JavaScript Bluetooth Low Energy (BLE) Library
- [**35**Star][2m] [Go] [shikanon/socks5proxy](https://github.com/shikanon/socks5proxy) 一个简单的socks5代理转发服务(VPN)
- [**35**Star][6m] [unbinilium/surge](https://github.com/unbinilium/surge) Shadowsocks Encrypt Support Module for Surge APP, iOS & MacOS Configuration
- [**35**Star][12d] [C#] [bitbrute/evillimiter-windows](https://github.com/bitbrute/evillimiter-windows) Tool that limits bandwidth of devices on the same network without access.
- [**35**Star][6m] [Go] [famasoon/crtsh](https://github.com/famasoon/crtsh) This tool shows the result of crt.sh
- [**35**Star][11d] [Py] [skybulk/bin2sc](https://github.com/skybulk/bin2sc) Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
- [**35**Star][22d] [bishopfox/cyberdic](https://github.com/bishopfox/cyberdic) An auxiliary spellcheck dictionary that corresponds with the Bishop Fox Cybersecurity Style Guide
- [**35**Star][22d] [screetsec/dracos](https://github.com/screetsec/dracos) Dracos Linux (
- [**35**Star][3m] [C] [uwnetworkslab/cordova-plugin-tun2socks](https://github.com/uwnetworkslab/cordova-plugin-tun2socks) Cordova plugin to enable a system-wide VPN for Android devices.
- [**35**Star][3m] [Py] [landgrey/toolsparty](https://github.com/landgrey/toolsparty) A collection of script tools for pentesting
- [**35**Star][6m] [C++] [armmbed/mbed-os-example-bootloader](https://github.com/armmbed/mbed-os-example-bootloader) 
- [**35**Star][4y] [offensive-security/kali-scripts](https://github.com/offensive-security/kali-scripts) Various Kali Scripts
- [**35**Star][5m] [C++] [taviso/sharapi](https://github.com/taviso/sharapi) Simpsons: Hit & Run JavaScript API
- [**35**Star][1m] [C] [robertdavidgraham/wifi-mon](https://github.com/robertdavidgraham/wifi-mon) Web-based WiFi monitor
- [**35**Star][6m] [Java] [snail007/goproxy-android](https://github.com/snail007/goproxy-android) snail007/goproxy全能代理服务器安卓版。高性能的http代理、https代理、socks5代理、ss代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、游戏盾、游戏高防、游戏代理，支持API代理认证。websocke代理、tcp代理、udp代理、socket代理、高仿服务器。支持正向代理、反向代理、透明代理、TCP内网穿透、UDP内网穿透、HTTP内网穿透、HTTPS内网穿透、https代理负载均衡、http代理负载均衡、socks5代理负载均衡、socket代理负载均衡、ss代理负载均衡、TCP/UDP端口映射、SSH中转、TLS加密传输、协议转换、防污染DNS代理，限速，限连接数。
- [**35**Star][16d] [HTML] [jipegit/twintelligence](https://github.com/jipegit/twintelligence) Twintelligence is a free Twitter OSINT tool
- [**35**Star][1y] [Kotlin] [cbeuw/goquiet-android](https://github.com/cbeuw/goquiet-android) GoQuiet plugin on android
- [**35**Star][12d] [C] [angr/binaries](https://github.com/angr/binaries) A repository with binaries for angr tests and examples.
- [**35**Star][17d] [tidesec/auto_pentest_tool_course](https://github.com/tidesec/auto_pentest_tool_course) 《自动化漏洞挖掘技术实践》相关资料及脚本
- [**35**Star][6m] [TeX] [openssl/openssl-book](https://github.com/openssl/openssl-book) 
- [**35**Star][2m] [Py] [fallibleinc/retirejslib](https://github.com/fallibleinc/retirejslib) Scan for vulnerabilities in JavaScript libraries you use (Python port of retirejs)
- [**35**Star][19d] [Py] [snowming04/cipher_encryption_type_identification](https://github.com/snowming04/cipher_encryption_type_identification) 对密文的加密类型进行判断的命令行工具。
- [**35**Star][6m] [Py] [lanjelot/web-hunter](https://github.com/lanjelot/web-hunter) Crawl Google and Bing to find emails, subdomains and URLs associated to a target domain
- [**35**Star][8m] [Go] [cnlh/httpmonitor](https://github.com/cnlh/httpmonitor) http、api接口监控系统,可监控各种http请求，支持header、data设置，支持腾讯云短信和邮件警告通知。
- [**35**Star][8m] [C#] [0xbadjuju/tellmeyoursecrets](https://github.com/0xbadjuju/tellmeyoursecrets) A C# DLL to Dump LSA Secrets
- [**35**Star][2m] [Py] [airbus-seclab/elfesteem](https://github.com/airbus-seclab/elfesteem) ELF/PE/Mach-O parsing library
- [**35**Star][2m] [JS] [pirate/django-concurrency-talk](https://github.com/pirate/django-concurrency-talk) 
- [**35**Star][4m] [Rust] [timvisee/pixelpwnr](https://github.com/timvisee/pixelpwnr) 
- [**35**Star][22d] [CSS] [koala633/hostbase](https://github.com/koala633/hostbase) A Ruby GUI based on advanced rogue AP attack
- [**35**Star][14d] [Py] [oxyda-fox/oxidtools](https://github.com/oxyda-fox/oxidtools) 200 TOOLS BY 0XID4FF0X FOR TERMUX
- [**35**Star][29d] [Go] [hahwul/ras-fuzzer](https://github.com/hahwul/ras-fuzzer) RAS(RAndom Subdomain) Fuzzer
- [**35**Star][18d] [JS] [balthazar/csgo-float](https://github.com/balthazar/csgo-float) 
- [**35**Star][8m] [Shell] [da667/ciderpress](https://github.com/da667/ciderpress) Wordpress automation and hardening
- [**35**Star][11d] [JS] [pathwar/pathwar](https://github.com/pathwar/pathwar) 
- [**35**Star][4m] [Java] [juxstin/edxposed-snapchat-bypass](https://github.com/juxstin/edxposed-snapchat-bypass) Elder driver Xposed Framework. W / Snapchat Bypass
- [**35**Star][4m] [C] [nttiton/malware](https://github.com/NTTITON/Malware) 
- [**35**Star][2m] [sin5678/a-protect](https://github.com/sin5678/A-Protect) A-Protect Anti Rootkit Tool
- [**35**Star][5m] [Py] [newbee119/ip-location](https://github.com/NewBee119/IP-location) batch query IP location information，批量查询IP地理位置信息，解析pcap包中IP地址的地理信息
- [**35**Star][3y] [polarislab/aesgfic](https://github.com/PolarisLab/AESGFIC) 互联网企业安全高级指南读书笔记脑图 -
- [**35**Star][2y] [Py] [mac4n6/mac-locations-scraper](https://github.com/mac4n6/Mac-Locations-Scraper) macOS/iOS database location scraper to extract location data
- [**35**Star][4m] [Py] [fortynorthsecurity/hasher](https://github.com/FortyNorthSecurity/Hasher) Hasher is designed to be a tool that allows you to quickly hash plaintext strings, or compare hashed values with a plaintext locally. Not meant to crack passwords, but designed for local checks.
- [**35**Star][2y] [Java] [bit4woo/resign](https://github.com/bit4woo/ReSign) A burp extender that recalculate signature value automatically after you modified request parameter value.
- [**35**Star][2m] [JS] [yxhsea/xss](https://github.com/yxhsea/xss) web安全之模拟xss攻击
- [**35**Star][6m] [C++] [lostutils/suex](https://github.com/lostutils/suex) execute commands as another user
- [**35**Star][10m] [Shell] [rumpkernel/rumpctrl](https://github.com/rumpkernel/rumpctrl) Control and diagnostic applications for rump kernels
- [**35**Star][8m] [PHP] [rickmacgillis/hackfastalgos](https://github.com/rickmacgillis/hackfastalgos) A library of various fast algorithms written in Hack
- [**35**Star][2m] [Py] [damziobro/gdb-automatic-deadlock-detector](https://github.com/DamZiobro/gdb-automatic-deadlock-detector) Script adds new command to GDB which allows automatically detect C/C++ thread locking and deadlocks in GDB debugger
- [**35**Star][20d] [Py] [dd4rk/ctfwebscan](https://github.com/dd4rk/ctfwebscan) CTF比赛中web源码泄露扫描
- [**35**Star][2m] [Py] [newbee119/check_ip](https://github.com/NewBee119/check_ip) check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
- [**35**Star][28d] [Java] [bit4woo/burp-api-drops](https://github.com/bit4woo/burp-api-drops) burp suite API 处理http请求和响应的基本流程
- [**35**Star][8y] [Py] [zynamics/ida2sql-plugin-ida](https://github.com/zynamics/ida2sql-plugin-ida) 
- [**35**Star][4m] [Perl] [zhou0/shadowsocks-perl](https://github.com/zhou0/shadowsocks-perl) An asynchronous, non-blocking shadowsocks client and server written in Perl.
- [**35**Star][11m] [C] [yuange75/aspcode](https://github.com/yuange75/aspcode) aspcode堆溢出利用代码
- [**35**Star][4m] [C++] [xrivendell/pcsgolh](https://github.com/xrivendell/pcsgolh) PCSGOLH - Pointless Counter-Strike: Global Offensive Lua Hooks. A open-source Lua API for CS:GO hacking written in modern C++
- [**35**Star][3y] [C] [weaknetlabs/byteforce](https://github.com/weaknetlabs/byteforce) Offline Digital Forensics Tool for Binary Files
- [**35**Star][6m] [JS] [victor0210/slim](https://github.com/victor0210/slim) Centralized State Management With Proxy, State-Non-Editable.
- [**35**Star][2y] [C++] [venam/browser](https://github.com/venam/browser) A Simple to use yet efficient headers only library ( wrapped over libcurl / curl wrapper ) to do browser emulation (emulate) or web interaction in C++.
- [**35**Star][2y] [ustayready/cloudburst](https://github.com/ustayready/cloudburst) CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.
- [**35**Star][4y] [C++] [uncseclab/vmxxnr](https://github.com/uncseclab/vmxxnr) Implementation of a thin hypervisor
- [**35**Star][8m] [Py] [tp7309/ttpassgen](https://github.com/tp7309/ttpassgen) flexiable and scriptable password dictionary generator which can support brute-force、combination、complex rule mode etc...
- [**35**Star][6m] [C] [topcss/wannacry](https://github.com/topcss/wannacry) 勒索病毒WannaCry反编译源码
- [**35**Star][2y] [Perl] [tls-check/tls-check](https://github.com/tls-check/tls-check) TLS-Check – a security/encryption scanner and framework for checking IT Security and the capability to be innovative
- [**35**Star][7m] [Py] [tidesec/tdscanner](https://github.com/tidesec/tdscanner) 自动化检测小工具，主要实现了域名枚举、链接爬取、注入检测、主机扫描、目录枚举、敏感信息检测等功能~
- [**35**Star][3y] [Py] [thomaspatzke/burp-sessionauthtool](https://github.com/thomaspatzke/burp-sessionauthtool) Burp plugin which supports in finding privilege escalation vulnerabilities
- [**35**Star][2y] [C++] [tarlogicsecurity/eoploaddriver](https://github.com/tarlogicsecurity/eoploaddriver) Proof of concept for abusing SeLoadDriverPrivilege (Privilege Escalation in Windows)
- [**35**Star][2m] [C++] [swwwolf/obderef](https://github.com/swwwolf/obderef) Decrement Windows Kernel for fun and profit
- [**35**Star][5m] [Shell] [swisskyrepo/chocolatine](https://github.com/swisskyrepo/chocolatine) When you forget to lock your computer .. you will have to pay some "French Croissants"
- [**35**Star][5m] [PS] [swisscom/powergrr](https://github.com/swisscom/powergrr) PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
- [**35**Star][2m] [Shell] [superkojiman/snuff](https://github.com/superkojiman/snuff) Automate ARP poisoning, ssltrip, and ettercap.
- [**35**Star][3m] [Shell] [springlie/smart_switcher](https://github.com/springlie/smart_switcher) [TERMINAL ONLY] Auto-detect proxy switcher for http, https, ftp, rsync, git protocols. It supports many tools such as wget, yum, portage, brew ...
- [**35**Star][2m] [Py] [spencerdodd/pysploit](https://github.com/spencerdodd/pysploit) Remote exploitation framework written in Python
- [**35**Star][2y] [PHP] [spatie/email-concealer](https://github.com/spatie/email-concealer) Conceal e-mail addresses in a string by replacing their domain
- [**35**Star][3y] [Py] [webr0ck/waf_bypass_helper](https://github.com/sndvul/waf_bypass_helper) Python script for generating bypass of your attack
- [**35**Star][3y] [Py] [smeegesec/smeegescrape](https://github.com/smeegesec/smeegescrape) File/Web Text Scraper and Wordlist Generator
- [**35**Star][23d] [Ruby] [skulltech/apk-payload-injector](https://github.com/skulltech/apk-payload-injector) POC for injecting Metasploit payloads on arbitrary APKs
- [**35**Star][16d] [Java] [silentsignal/burp-requests](https://github.com/silentsignal/burp-requests) Copy as requests plugin for Burp Suite
- [**35**Star][6y] [Py] [siberas/ida2sym](https://github.com/siberas/ida2sym) IDAScript to create Symbol file which can be loaded in WinDbg via AddSyntheticSymbol
- [**35**Star][3y] [C++] [siberas/cve-2016-3309_reloaded](https://github.com/siberas/cve-2016-3309_reloaded) Exploits for the win32kfull!bFill vulnerability on Win10 x64 RS2 using Bitmap or Palette techniques
- [**35**Star][12d] [Py] [shendo/netsink](https://github.com/shendo/netsink) Network sinkhole for isolated malware analysis
- [**35**Star][1m] [Java] [secdec/attack-surface-detector-zap](https://github.com/secdec/attack-surface-detector-zap) The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
- [**35**Star][4m] [C++] [seancline/pyext](https://github.com/seancline/pyext) WinDbg Extensions for Python
- [**35**Star][2m] [Py] [sammdu/pyimgscan](https://github.com/sammdu/pyimgscan) Take any phone-taken picture and turn it into a document scan.
- [**35**Star][12d] [Py] [rofl0r/nat-tunnel](https://github.com/rofl0r/nat-tunnel) NAT Tunnel: to effortlessly serve from behind NAT
- [**35**Star][3y] [ritiek/rat-via-telegram](https://github.com/ritiek/rat-via-telegram) Removed according to regulations
- [**35**Star][4m] [Java] [righettod/log-requests-to-sqlite](https://github.com/righettod/log-requests-to-sqlite) BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
- [**35**Star][4m] [C] [reverselab/kernel-pwn-challenge](https://github.com/reverselab/kernel-pwn-challenge) Source code for building an exploitable linux kernel challenge iso.
- [**35**Star][3m] [C] [reinhardvz/wsk](https://github.com/reinhardvz/wsk) Automatically exported from code.google.com/p/wskudp
- [**35**Star][6y] [C#] [redth/android.signature.tool](https://github.com/redth/android.signature.tool) Simple GUI tool for Mac and Windows to help find the SHA1 and MD5 hashes of your Android keystore's and apk's
- [**35**Star][1m] [Ruby] [rapid7/metasploit_data_models](https://github.com/rapid7/metasploit_data_models) MSF database code, gemified
- [**35**Star][1m] [Verilog] [q3k/ctf](https://github.com/q3k/ctf) Stuff from CTF contests
- [**35**Star][7m] [PHP] [propaganistas/email-obfuscator](https://github.com/propaganistas/email-obfuscator) A text filter for automatic email obfuscation using the well-established Javascript and a CSS fallback:
- [**35**Star][4m] [Rust] [proot-me/proot-rs](https://github.com/proot-me/proot-rs) Rust implementation of PRoot, a ptrace-based sandbox
- [**35**Star][8m] [C] [prodicode/arppd](https://github.com/prodicode/arppd) An ARP Poisoning Defender script
- [**35**Star][1m] [Py] [prevade/cloudjack](https://github.com/prevade/cloudjack) Route53/CloudFront Vulnerability Assessment Utility
- [**35**Star][8y] [Ruby] [postmodern/rprogram](https://github.com/postmodern/rprogram) A library for creating wrappers around command-line programs.
- [**35**Star][18d] [Go] [pkgems/npm-cache-proxy](https://github.com/pkgems/npm-cache-proxy) Ultra-fast NPM caching proxy with Redis
- [**35**Star][2y] [Py] [peewpw/domainfrontdiscover](https://github.com/peewpw/domainfrontdiscover) Scripts and results for finding domain frontable CloudFront domains
- [**35**Star][4m] [C++] [olegzhr/altprobe](https://github.com/olegzhr/altprobe) Alertflex IDS collector (Altprobe)
- [**35**Star][2m] [Py] [obscuritylabs/pefixup](https://github.com/obscuritylabs/pefixup) PE File Blessing - To continue or not to continue
- [**35**Star][4m] [Py] [oalieno/ctf](https://github.com/oalieno/ctf) CTF writeups
- [**35**Star][5m] [HTML] [o0xmuhe/realworldpwn](https://github.com/o0xmuhe/realworldpwn) vulns I found or I collect
- [**35**Star][2m] [Shell] [nyxgeek/nyxgeek-rules](https://github.com/nyxgeek/nyxgeek-rules) Custom rules for Hashcat and John the Ripper
- [**35**Star][4m] [JS] [nv/setinterval-sniffer](https://github.com/nv/setinterval-sniffer) Keep tabs on your uncleared intervals. Hunt down lags and memory leaks.
- [**35**Star][2m] [Go] [nullhypothesis/zoossh](https://github.com/nullhypothesis/zoossh) Parsing library for Tor-specific data formats.
- [**35**Star][5m] [CSS] [nowsecure/r2frida-book](https://github.com/nowsecure/r2frida-book) The radare2 + frida book for Mobile Application assessment
- [**35**Star][4y] [C] [nnamon/practicalret2libc](https://github.com/nnamon/practicalret2libc) Practical Return to Libc in 12 Minutes Presentation + practice for CS3235 YouTeach project.
- [**35**Star][2y] [C++] [nickcano/reloadlibrary](https://github.com/nickcano/reloadlibrary) A quick-and-dirty anti-hook library proof of concept.
- [**35**Star][1y] [Shell] [ncsa/ossec-tools](https://github.com/ncsa/ossec-tools) Scripts and integrations for OSSEC
- [**35**Star][1m] [Go] [mwitkow/go-http-dialer](https://github.com/mwitkow/go-http-dialer) Go net.Dialer for HTTP(S) CONNECT Tunneling.
- [**35**Star][10d] [Shell] [mozillasecurity/orion](https://github.com/mozillasecurity/orion) CI/CD pipeline for building and publishing multiple
- [**35**Star][18d] [JS] [mozfreddyb/webext-firstpartyisolation](https://github.com/mozfreddyb/webext-firstpartyisolation) Enable First Party Isolation Pref
- [**35**Star][5y] [C] [motazreda/malwarefragmentationtool](https://github.com/motazreda/malwarefragmentationtool) Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for people who do malware research or analysis for pe_files
- [**35**Star][27d] [C#] [mohawkmedic/omrmarkengine](https://github.com/mohawkmedic/omrmarkengine) This project is designed to allow easy creation of OMR (Optical Mark Recognition) templates and provides a bulk scanner which can be used for processing large amounts of images from a tray fed scanner.
- [**35**Star][2m] [TS] [mitre/attack-navigator](https://github.com/mitre/attack-navigator) Web app that provides basic navigation and annotation of ATT&CK matrices
- [**35**Star][2y] [Java] [minervalabsresearch/coffeeshot](https://github.com/minervalabsresearch/coffeeshot) CoffeeShot: Avoid Detection with Memory Injection
- [**35**Star][27d] [Java] [mindawei/aliyun-safe-match](https://github.com/mindawei/aliyun-safe-match) Webshell和钓鱼网站检测（阿里云安全算法挑战赛 第29名）
- [**35**Star][4m] [Py] [meyer9/ethdasm](https://github.com/meyer9/ethdasm) Tool for auditing Ethereum contracts
- [**35**Star][5m] [JS] [medicean/superterm](https://github.com/medicean/superterm) Create an interactive terminal with webshell
- [**35**Star][2y] [Swift] [maryamfekri/mfcameramanager](https://github.com/maryamfekri/mfcameramanager) MF Camera Manager
- [**35**Star][4m] [C++] [marakew/syser](https://github.com/marakew/syser) syser debugger x32/x64 ring3 with source level debugging
- [**35**Star][2m] [Jupyter Notebook] [malware-revealer/malware-revealer](https://github.com/malware-revealer/malware-revealer) Spot malwares using Machine Learning techniques
- [**35**Star][2y] [C] [mainframed/logica](https://github.com/mainframed/logica) Files compiled from the Logica breach investigation materials
- [**35**Star][4y] [Py] [madsc13ntist/idapython](https://github.com/madsc13ntist/idapython) My collection of IDAPython scripts.(No Documentation)
- [**35**Star][4m] [JS] [m1nl/pompa](https://github.com/m1nl/pompa) Fully-featured spear-phishing toolkit - web front-end
- [**35**Star][17d] [lylemi/dom-vuln-db](https://github.com/lylemi/dom-vuln-db) A collection of Browser DOM Vulnerabilities with PoCs
- [**35**Star][2m] [Ruby] [lookingglass/opentpx](https://github.com/lookingglass/opentpx) Open Threat Partner eXchange
- [**35**Star][7m] [Py] [laginimaineb/unpack_bootloader_image](https://github.com/laginimaineb/unpack_bootloader_image) Small script to unpack the bootloader image format present in Nexus 5 devices
- [**35**Star][6m] [C] [l4ys/lazyklee](https://github.com/l4ys/lazyklee) Lazy python wrapper of KLEE for solving CTF challenges
- [**35**Star][3m] [kudelskisecurity/cryptochallenge18](https://github.com/kudelskisecurity/cryptochallenge18) Kudelski Security's 2018 pre-Black Hat crypto challenge
- [**35**Star][1m] [Shell] [kissaten/heroku-zuul-server-demo](https://github.com/kissaten/heroku-zuul-server-demo) An example Zuul Server project that can easily be deploy on Heroku. It proxies requests to httpbin.org
- [**35**Star][3y] [C++] [kingsunc/minidump](https://github.com/kingsunc/minidump) windows软件崩溃解决方案
- [**35**Star][4m] [Py] [kasperskylab/actionscript3](https://github.com/kasperskylab/actionscript3) Tools for static and dynamic analysis of ActionScript3 SWF files.
- [**35**Star][2m] [Py] [junorouse/ctf](https://github.com/junorouse/ctf) 
- [**35**Star][5m] [Julia] [juliagraphs/networklayout.jl](https://github.com/juliagraphs/networklayout.jl) Layout algorithms for graphs and trees in pure Julia.
- [**35**Star][2y] [C] [jp-bennett/fwknop2](https://github.com/jp-bennett/fwknop2) A replacement fwknop client for android.
- [**35**Star][2y] [C] [jordan9001/superhide](https://github.com/jordan9001/superhide) Example of hooking a linux systemcall
- [**35**Star][2m] [Py] [jonoberheide/kstructhunter](https://github.com/jonoberheide/kstructhunter) Routines for hunting down kernel structs.
- [**35**Star][15d] [C++] [jnastarot/enma_pe](https://github.com/jnastarot/enma_pe) Cross-platform library for parsing and building PE\PE+ formats
- [**35**Star][27d] [Java] [jehy/rutracker-free](https://github.com/jehy/rutracker-free) Android thin client for rutracker.org, using Tor to avoid block.
- [**35**Star][17d] [C++] [ipbc-dev/bittube-miner](https://github.com/ipbc-dev/bittube-miner) BitTube Miner
- [**35**Star][5m] [C++] [indeedminers/xmr-aeon-stak](https://github.com/indeedminers/xmr-aeon-stak) Unified All-in-one Monero, Sumokoin, Aeon and other Cryptonote miner
- [**35**Star][3m] [Java] [ilmila/springcss-cve-2014-3625](https://github.com/ilmila/springcss-cve-2014-3625) spring mvc cve-2014-3625
- [**35**Star][7m] [Py] [ilektrojohn/creepy-plugins](https://github.com/ilektrojohn/creepy-plugins) Plugins for cree.py
- [**35**Star][5m] [Java] [idl3r/ghidravmlinuxloader](https://github.com/idl3r/ghidravmlinuxloader) 
- [**35**Star][1m] [C++] [icestudent/ontl](https://github.com/icestudent/ontl) A set of tiny C++ RAII wrappers for NT Native/Win32 APIs including its own C++0x Standard Library (formerly STL) implementation.
- [**35**Star][15d] [Shell] [huntergregal/malwaresandbox](https://github.com/huntergregal/malwaresandbox) A ready to deploy docker container for a fresh sandbox for on-the-fly malware analysis
- [**35**Star][29d] [Py] [holloway/insiderer](https://github.com/holloway/insiderer) Insiderer looks inside files for metadata and hidden content
- [**35**Star][4m] [Go] [hdiniz/rtpdump](https://github.com/hdiniz/rtpdump) Extract audio file from RTP streams in pcap format
- [**35**Star][26d] [C++] [hasherezade/funky_malware_formats](https://github.com/hasherezade/funky_malware_formats) Parsers for custom malware formats ("Funky malware formats")
- [**35**Star][2y] [Py] [hanc00l/weblogic_wls_wsat_rce](https://github.com/hanc00l/weblogic_wls_wsat_rce) forked from
- [**35**Star][4m] [hahwul/xss-payload-without-anything](https://github.com/hahwul/xss-payload-without-anything) XSS Payload without Anything.
- [**35**Star][5m] [JS] [hack4impact/maps4all](https://github.com/hack4impact/maps4all) Generalized application for displaying location-based resources on a map
- [**35**Star][8y] [Py] [grugq/buggery](https://github.com/grugq/buggery) Python wrapper for DbgEng
- [**35**Star][4y] [Java] [grrrdog/acedcup](https://github.com/grrrdog/acedcup) Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
- [**35**Star][17d] [Java] [graxcode/zelixkiller](https://github.com/graxcode/zelixkiller) Deobfuscate ZKM up to version 11
- [**35**Star][3m] [HTML] [gosecure/security-cheat-sheet](https://github.com/gosecure/security-cheat-sheet) Minimalist cheat sheet for developpers to write secure code
- [**35**Star][3m] [Py] [google/amt-forensics](https://github.com/google/amt-forensics) Retrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.
- [**35**Star][2m] [Py] [g2p/vido](https://github.com/g2p/vido) wrap commands in throwaway virtual machines — easy kernel debugging and regression testing
- [**35**Star][7m] [C#] [friedkiwi/netcrypt](https://github.com/friedkiwi/netcrypt) .NET executable packer
- [**35**Star][10d] [C] [frederic/qemu-exynos-bootrom](https://github.com/frederic/qemu-exynos-bootrom) Emulating Exynos 4210 BootROM in QEMU
- [**35**Star][2m] [Py] [fnk0c/organon](https://github.com/fnk0c/organon) This program focuses on automating the download, installation and compilation of pentest tools from source
- [**35**Star][1m] [flyfishsec/rsgen](https://github.com/flyfishsec/rsgen) An Universal Reverse Shell Command Genrator.
- [**35**Star][1m] [Py] [fkie-cad/iva](https://github.com/fkie-cad/iva) IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
- [**35**Star][4y] [C] [firebroo/screw_decode](https://github.com/firebroo/screw_decode) decode screw encode php file
- [**35**Star][3m] [Py] [eyyub/tensorflow-cyclegan](https://github.com/eyyub/tensorflow-cyclegan) Lightweight CycleGAN tensorflow implementation
- [**35**Star][3m] [Py] [evilsocket/altair](https://github.com/evilsocket/altair) A Modular Web Vulnerability Scanner
- [**35**Star][4m] [C#] [ericzimmerman/appcompatcacheparser](https://github.com/ericzimmerman/appcompatcacheparser) AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10
- [**35**Star][5m] [Go] [envkey/envkeygo](https://github.com/envkey/envkeygo) EnvKey's official Go client library
- [**35**Star][5m] [Py] [emdel/ksfinder](https://github.com/emdel/ksfinder) ksfinder - Retrieve exported kernel symbols from physical memory dumps
- [**35**Star][3y] [Py] [embedi/dir8xx_poc](https://github.com/embedi/dir8xx_poc) Proof-of-Concept exploits for D-Link DIR8xx routers
- [**35**Star][4m] [TS] [dyaa/ssl-checker](https://github.com/dyaa/ssl-checker) A tiny NodeJS module to check SSL expiry
- [**35**Star][3y] [Shell] [drrowland/rpi-bluetooth-console](https://github.com/drrowland/rpi-bluetooth-console) 
- [**35**Star][10d] [JS] [doo/scanbot-sdk-example-react-native](https://github.com/doo/scanbot-sdk-example-react-native) Document scan SDK example app for the Scanbot SDK for React Native.
- [**35**Star][20d] [Java] [dnet/burp-oauth](https://github.com/dnet/burp-oauth) OAuth plugin for Burp Suite Extender
- [**35**Star][25d] [JS] [digitalinterruption/vulnerable-xss-app](https://github.com/digitalinterruption/vulnerable-xss-app) 
- [**35**Star][2m] [JS] [dg92/fractal-tree](https://github.com/dg92/fractal-tree) Fractal tree
- [**35**Star][15d] [JS] [desudesutalk/f5stegojs](https://github.com/desudesutalk/f5stegojs) JPEG steganography for browser and node. F5 algo in pure javascript.
- [**35**Star][3m] [C] [dennisaa/patharmor](https://github.com/dennisaa/patharmor) PathArmor context-sensitive CFI implementation
- [**35**Star][2m] [PS] [demonsec666/security-toolkit](https://github.com/demonsec666/security-toolkit) Security-Toolkit
- [**35**Star][4m] [Go] [dcso/spyre](https://github.com/dcso/spyre) simple YARA-based IOC scanner
- [**35**Star][23d] [CMake] [daniestevez/gr-outernet](https://github.com/daniestevez/gr-outernet) GNUradio OOT module for Outernet
- [**35**Star][7m] [Py] [d4mianwayne/alfred](https://github.com/d4mianwayne/alfred) A friendly Toolkit for Beginner CTF players
- [**35**Star][5m] [Py] [d3vilbug/brutal_ssh](https://github.com/d3vilbug/brutal_ssh) SSH Login brute force, scan for vulnerable version and 0 day exploit (under development)
- [**35**Star][2m] [JS] [cymmetria/ciscoasa_honeypot](https://github.com/cymmetria/ciscoasa_honeypot) A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
- [**35**Star][15d] [PS] [curi0usjack/activedirectory](https://github.com/curi0usjack/activedirectory) This script runs several security checks and makes modifications (with your permission) to your Active Directory domain to improve it's security posture.
- [**35**Star][5m] [C++] [csurage/rootkit](https://github.com/csurage/rootkit) Windows Malware
- [**35**Star][2y] [Shell] [cryptolok/ghostinthechaos](https://github.com/cryptolok/ghostinthechaos) Chaotic Crypto Stealth VPN for Anonymity and Untraceable Hacking Attacks with Linux and Android
- [**35**Star][2m] [C++] [codereversing/wow64syscall](https://github.com/codereversing/wow64syscall) WoW64 Syscall Hooking
- [**35**Star][7m] [JS] [cloudflare/ipfs-ext](https://github.com/cloudflare/ipfs-ext) Validates IPFS resources served by Cloudflare's gateway.
- [**35**Star][25d] [Py] [citp/email_tracking](https://github.com/citp/email_tracking) Code and data release for our PETS 2018 paper: "I never signed up for this! Privacy implications of email tracking".
- [**35**Star][2y] [Py] [cisco-talos/casc](https://github.com/cisco-talos/casc)  IDA Pro plug-in to generate signatures
- [**35**Star][4y] [C] [choller/llcov](https://github.com/choller/llcov) LLVM-based, flexible, live coverage instrumentation for C/C++ code
- [**35**Star][7m] [C] [charlesxsh/mdk3-master](https://github.com/charlesxsh/mdk3-master) Modifications to MDK3 to reboot Access Points
- [**35**Star][2y] [JS] [cgvwzq/spectre](https://github.com/cgvwzq/spectre) My minimal PoC for spectre
- [**35**Star][13d] [Py] [certsocietegenerale/abuse_finder](https://github.com/certsocietegenerale/abuse_finder) Find abuse contacts for observables
- [**35**Star][1y] [brianwrf/cve-2018-11788](https://github.com/brianwrf/cve-2018-11788) Apache Karaf XXE Vulnerability (CVE-2018-11788)
- [**35**Star][2m] [PHP] [bogdaan/spycss](https://github.com/bogdaan/spycss) Track user interactions without JavaScript
- [**35**Star][2y] [Py] [bnbdr/ida-bpf-processor](https://github.com/bnbdr/ida-bpf-processor) BPF Processor for IDA Python
- [**35**Star][1y] [C#] [bnagy/crabstone](https://github.com/bnagy/crabstone) crabstone is a Ruby binding to the capstone disassembly library by Nguyen Anh Quynh
- [**35**Star][3y] [Shell] [bluscreenofjeff/scripts](https://github.com/bluscreenofjeff/scripts) One-off scripts
- [**35**Star][13d] [Java] [azure/azure-cosmosdb-java](https://github.com/azure/azure-cosmosdb-java) Java Async SDK for SQL API of Azure Cosmos DB
- [**35**Star][8m] [Java] [availlang/avail](https://github.com/availlang/avail) The Avail programming language. Includes the virtual machine, standard library, and standard examples.
- [**35**Star][2m] [Py] [attackercan/burp-xss-sql-plugin](https://github.com/attackercan/burp-xss-sql-plugin) Burp plugin which I used for years which helped me to find several bugbounty-worthy XSSes, OpenRedirects and SQLi.
- [**35**Star][2y] [OCaml] [argp/bap](https://github.com/argp/bap) Binary Analysis Platform -- I will try to keep this updated with patches, fixes, etc.
- [**35**Star][19d] [Py] [argilo/secplus](https://github.com/argilo/secplus) A software implementation of the Security+ system used by garage door openers
- [**35**Star][3m] [Perl] [appliedsec/forensicscanner](https://github.com/appliedsec/forensicscanner) Forensic Scanner
- [**35**Star][2y] [Py] [antriv/transfer_learning_text](https://github.com/antriv/transfer_learning_text) 
- [**35**Star][2y] [Py] [anbai-inc/secrss](https://github.com/anbai-inc/secrss) RSS安全订阅 每日安全信息推送
- [**35**Star][5m] [C#] [amitwaisel/malproxy](https://github.com/amitwaisel/malproxy) Proxy system calls over an RPC channel
- [**35**Star][4m] [Go] [amir20/sha-miner](https://github.com/amir20/sha-miner) Simple miner for understanding how cryptocurrency mining works
- [**35**Star][1m] [PHP] [alemalakra/xwaf](https://github.com/alemalakra/xwaf) xWAF 3.0 - Free Web Application Firewall, Open-Source.
- [**35**Star][1m] [Go] [akihirosuda/aspectgo](https://github.com/akihirosuda/aspectgo) Aspect-Oriented Programming framework for Go
- [**35**Star][11m] [C#] [akalankauk/keep-it-secure-file-encryption](https://github.com/akalankauk/keep-it-secure-file-encryption) Keep It Secure Private Data Encryption & Decryption Tool
- [**35**Star][4m] [C#] [akaion/juno](https://github.com/akaion/juno) A Windows managed method detouring library that supports both x86 and x64 detours.
- [**35**Star][8m] [Shell] [ac-mercury/mercuryiss-kali](https://github.com/ac-mercury/mercuryiss-kali) 部署KaliLinux Docker容器的Bash脚本
- [**35**Star][1m] [HTML] [abhijithvijayan/sherlock](https://github.com/abhijithvijayan/sherlock) 
- [**35**Star][4m] [C] [aa65535/chinadns](https://github.com/aa65535/chinadns) Protect yourself against DNS poisoning in China.
- [**35**Star][2y] [PS] [3gstudent/office-persistence](https://github.com/3gstudent/office-persistence) Use powershell to test Office-based persistence methods
- [**35**Star][3y] [C++] [3gstudent/createremotethread](https://github.com/3gstudent/createremotethread) From 32-bit process to 64-bit process
- [**35**Star][5m] [Shell] [0x00pf/stan](https://github.com/0x00pf/stan) STAN is a sTAtic aNalyser
- [**35**Star][4y] [Perl] [0ang3el/hibernate-injection-study](https://github.com/0ang3el/hibernate-injection-study) Study about HQL injection exploitation.
- [**34**Star][13d] [Py] [byzero512/winpwn](https://github.com/byzero512/winpwn) windows pwntools
- [**34**Star][10d] [Py] [chiang97912/bet365.com](https://github.com/chiang97912/bet365.com) This is a scraper of bet365.com.
- [**34**Star][14d] [C++] [xct/diaghub](https://github.com/xct/diaghub) Loads a custom dll in system32 via diaghub.
- [**34**Star][1m] [Py] [lz1y/jdwp-shellifier](https://github.com/lz1y/jdwp-shellifier) 修改利用方式为通过对Sleeping的线程发送单步执行事件，达成断点，从而可以直接获取上下文、执行命令，而不用等待断点被击中。
- [**34**Star][13d] [Py] [dariusztytko/progress-burp](https://github.com/dariusztytko/progress-burp) Burp Suite extension to track vulnerability assessment progress
- [**34**Star][2m] [Py] [wsgggws/scrapy-xxx-spiders](https://github.com/wsgggws/scrapy-xxx-spiders) Scrapy, Scrapy-Redis, Scrapy-Splash爬取网站数据案例，及ScrapyRT, Scrapyd的使用
- [**34**Star][1m] [Py] [jxltom/scrapymon](https://github.com/jxltom/scrapymon) Simple Web UI for Scrapy spider management via Scrapyd
- [**34**Star][3y] [the5heepdev/fios-g1100](https://github.com/the5heepdev/fios-g1100) All the current information on reverse engineering the FIOS-G1100 Quantum Gateway router
- [**34**Star][25d] [Py] [simonw/pge-outages](https://github.com/simonw/pge-outages) Tracking PG&E outages
- [**34**Star][10m] [JS] [vanwagonet/middle-router](https://github.com/vanwagonet/middle-router) Route urls on both client and server through middleware
- [**34**Star][2m] [C] [mempodippy/detect_preload](https://github.com/mempodippy/detect_preload) Small C application designed to detect LD_PRELOAD malware via the libdl library functions.
- [**34**Star][4m] [C#] [raikia/sharpstat](https://github.com/raikia/sharpstat) C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely
- [**34**Star][12m] [Java] [xiaoxiaohaozai/bluetoothlib](https://github.com/xiaoxiaohaozai/bluetoothlib) This is a Bluetooth Library
- [**34**Star][3m] [Py] [hjacobs/local-cname](https://github.com/hjacobs/local-cname) Helper script to emulate a local CNAME DNS by writing to /etc/hosts
- [**34**Star][4m] [Py] [scrapehero/yellowpages-scraper](https://github.com/scrapehero/yellowpages-scraper) Yellowpages.com Web Scraper written in Python and LXML to extract business details available based on a particular category and location.
- [**34**Star][3y] [Py] [anesbenmerzoug/bluetooth_hid](https://github.com/anesbenmerzoug/bluetooth_hid) A Raspberry Pi program that emulates a keyboard/mouse Bluetooth HID client
- [**34**Star][23d] [Lua] [dontbeapadavan/rublock-via-vpn](https://github.com/dontbeapadavan/rublock-via-vpn) Выборочное использование OpenVPN для определённых ресурсов
- [**34**Star][11d] [JS] [pisugar/sugar-wifi-conf](https://github.com/pisugar/sugar-wifi-conf) A BLE service on raspberry pi for wifi configuration and wireless control. 使用微信小程序随时随地设置树莓派wifi连接，控制树莓派
- [**34**Star][2m] [Py] [albertodonato/sshoot](https://github.com/albertodonato/sshoot) Manage sshuttle VPN sessions
- [**34**Star][14d] [Py] [nladuo/ustbcrawlers](https://github.com/nladuo/ustbcrawlers) 那些年，我爬过的北科。一个由浅入深的定向爬虫教程。
- [**34**Star][1y] [C] [helifu/twemproxy-163](https://github.com/helifu/twemproxy-163) twemproxy-163 supports redis-server failover by communicating with redis-sentinel
- [**34**Star][15d] [Pascal] [avk959/lgenerics](https://github.com/avk959/lgenerics) Generic algorithms and data structures for Lazarus/Free Pascal
- [**34**Star][4m] [nledford/pi-hole-vps-tutorial](https://github.com/nledford/pi-hole-vps-tutorial) Instructions on how to setup PiHole and a Wireguard VPN on a VPS
- [**34**Star][10d] [Py] [mvabdi/vsco-scraper](https://github.com/mvabdi/vsco-scraper) Easily allows for scraping a VSCO
- [**34**Star][2m] [Py] [twtrubiks/auto_crawler_ptt_beauty_image](https://github.com/twtrubiks/auto_crawler_ptt_beauty_image) Auto Crawler Ptt Beauty Image Use Python Schedule
- [**34**Star][4m] [Java] [aos3618/dumpdex](https://github.com/aos3618/dumpdex) 基于Xposed的极简易的dump dex文件脱壳工具
- [**34**Star][16d] [C] [maximkulkin/esp-wifi-config](https://github.com/maximkulkin/esp-wifi-config) Library to bootstrap WiFi-enabled accessories WiFi config
- [**34**Star][1m] [C] [keshiim/learn-algorithms](https://github.com/keshiim/learn-algorithms) 算法数据结构学习笔记-C语言
- [**34**Star][25d] [ObjC] [yaooort/openvpn-ios](https://github.com/yaooort/openvpn-ios) Objective-C OpenVpnAdapter IOS OpenVpn
- [**34**Star][3m] [TS] [xcf-babble/babble](https://github.com/xcf-babble/babble) 说都不会话了。
- [**34**Star][30d] [C] [iotwuxi/iot_security](https://github.com/iotwuxi/iot_security) 《密码技术与物联网安全——mbedtls开发实战》示例代码
- [**34**Star][3m] [Py] [montoyamoraga/scrapers](https://github.com/montoyamoraga/scrapers) scrapers for building your own image databases
- [**34**Star][24d] [Nim] [kaushalmodi/hello_musl](https://github.com/kaushalmodi/hello_musl) NimScript (config.nims) for building a static binary using Nim + musl + pcre + libressl/openssl
- [**34**Star][12d] [Py] [gavinlyonsrepo/raspberrypi_tempmon](https://github.com/gavinlyonsrepo/raspberrypi_tempmon) RPi CPU temperature monitor with many functions such as logging, GPIO output, graphing, email, alarm, notifications and stress testing. Python 3.
- [**34**Star][19d] [Py] [nicholaskajoh/devsearch](https://github.com/nicholaskajoh/devsearch) A web search engine built with Python which uses TF-IDF and PageRank to sort search results.
- [**34**Star][2m] [Py] [gaw89/dash-flask-login](https://github.com/gaw89/dash-flask-login) A plugin to integrate Dash and Flask-Login
- [**34**Star][14d] [C] [adnan-alhomssi/chrome-passwords](https://github.com/adnan-alhomssi/chrome-passwords) Recover locally saved passwords on Google Chrome.
- [**34**Star][12d] [Jupyter Notebook] [danielgatis/darknetpy](https://github.com/danielgatis/darknetpy) darknetpy is a simple binding for darknet's yolo detector
- [**34**Star][2m] [Java] [portswigger/scan-check-builder](https://github.com/portswigger/scan-check-builder) a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
- [**34**Star][18d] [Go] [bigtan/cow](https://github.com/bigtan/cow) Rule based proxy utility client
- [**34**Star][23d] [Shell] [dreadl0ck/golang-libs](https://github.com/dreadl0ck/golang-libs) List of awesome golang repositories and useful resources for development
- [**34**Star][10d] [Ruby] [stelligent/aws-devsecops-workshop](https://github.com/stelligent/aws-devsecops-workshop) A continuous security pipeline demo for the AWS DevSecOps Workshop.
- [**34**Star][6m] [Py] [angr/fidget](https://github.com/angr/fidget) A tool to add simple inline patches to a binary to rearrange its stack frames, and other things!
- [**34**Star][17d] [PHP] [bypass007/vuln](https://github.com/bypass007/vuln) Record some Vulnerabilities
- [**34**Star][2m] [Py] [shellphish/shellphish-qemu](https://github.com/shellphish/shellphish-qemu) A pip wrapper around our ridiculous amount of qemu forks.
- [**34**Star][2m] [JS] [blinksocks/blinksocks-gui](https://github.com/blinksocks/blinksocks-gui) A web based GUI wrapper for blinksocks.
- [**34**Star][1m] [C++] [lordnoteworthy/windows-exploitation](https://github.com/lordnoteworthy/windows-exploitation) My notes while studying Windows exploitation
- [**34**Star][2m] [TS] [igio90/frida-onload](https://github.com/igio90/frida-onload) Frida module to hook module initializations on android
- [**34**Star][8m] [Go] [csploit/daemon](https://github.com/csploit/daemon) the core of the cSploit project
- [**34**Star][2m] [Shell] [paranoidninja/threat-hunting](https://github.com/paranoidninja/threat-hunting) This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories which are in their own, different modules required for threat hunting. This repo will be updated as and when new changes are made.
- [**34**Star][5y] [Py] [wi-fi-analyzer/3viltwinattacker](https://github.com/wi-fi-analyzer/3viltwinattacker) 
- [**34**Star][2m] [Java] [mirfansulaiman/customheader](https://github.com/mirfansulaiman/customheader) This Burp Suite extension allows you to customize header with put a new header into HTTP REQUEST BurpSuite (Scanner, Intruder, Repeater, Proxy History)
- [**34**Star][14d] [victorkifer/clicker](https://github.com/victorkifer/clicker) Wireless Presenter for Android and iOS, supports Windows, Linux and OS X
- [**34**Star][1m] [C] [myfreeer/qbittorrent-portable](https://github.com/myfreeer/qbittorrent-portable) dll-hijack based qbittorrent portable plugin
- [**34**Star][1y] [PHP] [anyx/logingatebundle](https://github.com/anyx/logingatebundle) detects brute-force attacks on Symfony applications
- [**34**Star][22d] [Py] [cybiere/baboossh](https://github.com/cybiere/baboossh) SSH spreading made easy for red teams in a hurry
- [**34**Star][2m] [C] [scallywag/nbtscan](https://github.com/scallywag/nbtscan) NetBIOS scanning tool. Currently segfaults!
- [**34**Star][6m] [Jupyter Notebook] [tikeswar/kido](https://github.com/tikeswar/kido) White hat hacking passwords using ML
- [**34**Star][3m] [HTML] [egebalci/xss-flare](https://github.com/egebalci/xss-flare) XSS hunter on cloudflare serverless workers.
- [**34**Star][15d] [kaiiyer/awesome-vulnerable](https://github.com/kaiiyer/awesome-vulnerable) A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
- [**34**Star][28d] [C#] [axdsan/dnspy-stringsanalyzer](https://github.com/axdsan/dnspy-stringsanalyzer) Plugin for DnSpy - Analyze through assemblies and display their strings.
- [**34**Star][24d] [C++] [imugee/xdv](https://github.com/imugee/xdv) XDV is disassembler or debugger that works based on the extension plugin.
- [**34**Star][26d] [C] [rubycrypto/x25519](https://github.com/RubyCrypto/x25519) Public key cryptography library for Ruby providing the X25519 Diffie-Hellman function
- [**34**Star][12d] [C++] [teammolecule/toshiba-mep-idp](https://github.com/TeamMolecule/toshiba-mep-idp) IDA Pro module for Toshiba MeP processors
- [**34**Star][6m] [PHP] [safflower/solveme](https://github.com/safflower/solveme) SolveMe - Jeopardy CTF Platform (for wargame)
- [**34**Star][1m] [Java] [continuumsecurity/resty-burp](https://github.com/continuumsecurity/resty-burp) REST/JSON interface to Burp Suite
- [**34**Star][1y] [Ruby] [cloudfoundry-attic/dea_ng](https://github.com/cloudfoundry-attic/dea_ng) Droplet Execution Agent for Cloud Foundry v2
- [**34**Star][1m] [CMake] [zyantific/ida-cmake](https://github.com/zyantific/ida-cmake) IDA plugin CMake build-script
- [**34**Star][4m] [Java] [ztgreat/proxy](https://github.com/ztgreat/proxy) 
- [**34**Star][3y] [Py] [ywjt/dshield](https://github.com/ywjt/dshield) 
- [**34**Star][2m] [Py] [yahoo/serviceping](https://github.com/yahoo/serviceping) A ping like utility for tcp services
- [**34**Star][5m] [xxwiredxx/nintendo-switch-joycon-hack](https://github.com/xxwiredxx/nintendo-switch-joycon-hack) Hardwiring a push button in a JoyCon to grant bootloader access
- [**34**Star][3m] [C] [xerub/ibex64](https://github.com/xerub/ibex64) iBoot64 Payload Development Toolkit
- [**34**Star][8m] [Java] [wooyundota/intentmonitor](https://github.com/wooyundota/intentmonitor) Tool based xposed can monitor the android intents
- [**34**Star][4m] [Go] [udhos/conbox](https://github.com/udhos/conbox) conbox is a Go implementation of unix-like utilities as single static executable intended for small container images.
- [**34**Star][18d] [HTML] [twngo/privacytools-zh](https://github.com/twngo/privacytools-zh) privacytool.io -Traditional Chinese version
- [**34**Star][6y] [Py] [tripwire/openssl-ccs-inject-test](https://github.com/tripwire/openssl-ccs-inject-test) This script is designed for detection of vulnerable servers (CVE-2014-0224.) in a wide range of configurations. It attempts to negotiate using each affected protocol version (SSLv3, TLSv1, TLSv1.1, and TLSv1.2) advertising a comprehensive set of ciphers.
- [**34**Star][23d] [CSS] [trailofbits/nyc-infosec](https://github.com/trailofbits/nyc-infosec) Mapping the NYC Infosec Community
- [**34**Star][14d] [Go] [tomsteele/burpstaticscan](https://github.com/tomsteele/burpstaticscan) Use burp's JS static code analysis on code from your local system.
- [**34**Star][1m] [Py] [tkisason/gcrack](https://github.com/tkisason/gcrack) password cracking with the help of google's search
- [**34**Star][5m] [CMake] [tiarace/tiarace](https://github.com/tiarace/tiarace) Open-source, cross-platform reimplementation of the Halo Custom Edition engine.
- [**34**Star][1m] [Py] [thusoy/postgres-mitm](https://github.com/thusoy/postgres-mitm) Test whether your Postgres connections are vulnerable to MitM attacks
- [**34**Star][3m] [Py] [thomasw/djproxy](https://github.com/thomasw/djproxy) djproxy is a class-based generic view reverse HTTP proxy for Django.
- [**34**Star][17d] [C] [thisissecurity/malware](https://github.com/thisissecurity/malware) 
- [**34**Star][4m] [Ruby] [thesubtlety/shocens](https://github.com/thesubtlety/shocens) Query Shodan and Censys data for fast parsing
- [**34**Star][1m] [Py] [t0kx/exploit-cve-2016-9920](https://github.com/t0kx/exploit-cve-2016-9920) Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container
- [**34**Star][12m] [sourcefrenchy/certexfil.client](https://github.com/sourcefrenchy/certexfil.client) MOVED TO
- [**34**Star][10m] [C] [souhailhammou/exploits](https://github.com/souhailhammou/exploits) Exploits I've authored
- [**34**Star][6m] [C] [soufianetahiri/vault-8-hive](https://github.com/soufianetahiri/vault-8-hive) Hive solves a critical problem for the malware operators at the CIA.
- [**34**Star][2y] [JS] [sola-da/conflictjs](https://github.com/sola-da/conflictjs) Finding and Understanding Conflicts Between JavaScript Libraries
- [**34**Star][9m] [Py] [snovvcrash/tweetlord](https://github.com/snovvcrash/tweetlord) 
- [**34**Star][4m] [C++] [snoopware/usbsnoop](https://github.com/snoopware/usbsnoop) Log USB packets going from Windows device driver to hardware device and vice-versa
- [**34**Star][2m] [Java] [silentsignal/burp-collab-gw](https://github.com/silentsignal/burp-collab-gw) Simple socket-based gateway to the Burp Collaborator
- [**34**Star][2y] [Py] [sigploiter/m3uascan](https://github.com/sigploiter/m3uascan) A Scanner for M3UA protocol to detect Sigtran supporting nodes
- [**34**Star][2y] [Java] [shengqi158/s2-055-poc](https://github.com/shengqi158/s2-055-poc) S2-055的环境，基于rest-show-case改造
- [**34**Star][19d] [Py] [sf197/hashboy-tool](https://github.com/sf197/hashboy-tool) a hash query tool
- [**34**Star][2y] [Shell] [securityriskadvisors/redteamsiem](https://github.com/securityriskadvisors/redteamsiem) Repository of resources for configuring a Red Team SIEM using Elastic
- [**34**Star][4y] [C++] [secmob/cve-2016-0846](https://github.com/secmob/cve-2016-0846) arbitrary memory read/write by IMemroy OOB
- [**34**Star][6m] [Py] [sasdf/firstblood](https://github.com/sasdf/firstblood) Write exploit faster with up-to-date python 3
- [**34**Star][2y] [C++] [sarfata/kbox-firmware](https://github.com/sarfata/kbox-firmware) Open-source electronics for your boat
- [**34**Star][10m] [Py] [sangaline/svganimator](https://github.com/sangaline/svganimator) The application svganinmator attempts to build a single animated svg out of a sequence of distinct static svg files.
- [**34**Star][2y] [Py] [rvn0xsy/fastwhatwebsearch](https://github.com/rvn0xsy/fastwhatwebsearch) FastWhatWebSearch是一个能够支持搜索whatweb工具结果的一个微型平台。
- [**34**Star][2y] [Py] [rurik/java_idx_parser](https://github.com/rurik/java_idx_parser) Parses Java Cache IDX files
- [**34**Star][1m] [Py] [rudsarkar/crlf-injector](https://github.com/rudsarkar/crlf-injector) A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
- [**34**Star][3m] [Py] [rot42/gnuk-extractor](https://github.com/rot42/gnuk-extractor) Extract PGP secret keys from Gnuk / Nitrokey Start firmwares
- [**34**Star][17d] [Shell] [rocketraman/sane-scan-pdf](https://github.com/rocketraman/sane-scan-pdf) Sane command-line scan-to-pdf script on Linux with OCR and deskew support
- [**34**Star][3m] [Java] [riramar/pubkey-pin-android](https://github.com/riramar/pubkey-pin-android) Just another example for Android Public Key Pinning (based on OWASP example)
- [**34**Star][5y] [radandre/materia101](https://github.com/radandre/materia101) A Marlin firmware for Materia101
- [**34**Star][10d] [JS] [qabin/kb-proxy](https://github.com/qabin/kb-proxy) kb-proxy 是一个可本地部署的、提供代理功能、接口测试管理、支持在线Mock、Host环境管理的在线工具平台。
- [**34**Star][25d] [JS] [ptarmiganlabs/butler](https://github.com/ptarmiganlabs/butler) Node.js proxy, extending Qlik Sense with both out- and in-bound connectivity
- [**34**Star][5m] [Py] [pr0cf5/ctf-writeups](https://github.com/pr0cf5/ctf-writeups) 
- [**34**Star][4y] [Py] [politoinc/yara-scanner](https://github.com/politoinc/yara-scanner) Yara intergrated into BurpSuite
- [**34**Star][16d] [C] [plutooo/wiiu](https://github.com/plutooo/wiiu) Reversers notes on the Wii U, collected January-October 2015
- [**34**Star][1y] [Py] [penafieljlm/burp-tracer](https://github.com/penafieljlm/burp-tracer) Allows you to trace where inputs are reflected back to the user.
- [**34**Star][2m] [Go] [paultag/sniff](https://github.com/paultag/sniff) Dispatch TLS Connections based on SNI
- [**34**Star][4y] [C] [panyu6325/cve-2015-1805](https://github.com/panyu6325/cve-2015-1805) 
- [**34**Star][4m] [Java] [panagiotisdrakatos/t0rlib4j](https://github.com/panagiotisdrakatos/t0rlib4j) T0rlib4j is a Java controller library for Tor
- [**34**Star][4m] [C] [p3n3troot0r/socketv2v](https://github.com/p3n3troot0r/socketv2v) Mainline Linux Kernel integration of IEEE 802.11p, IEEE 1609.{3,4}, and developmental userspace utility for using J2735 over WAVE
- [**34**Star][4m] [Py] [osssanitizer/osspolice](https://github.com/osssanitizer/osspolice) Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
- [**34**Star][6y] [osiris123/cdriver_loader](https://github.com/osiris123/cdriver_loader) Kernel mode driver loader, injecting into the windows kernel, Rootkit. Driver injections.
- [**34**Star][6m] [C++] [orkblutt/minerlamp](https://github.com/orkblutt/minerlamp) Qt GUI for ethminer
- [**34**Star][1m] [C] [olehkulykov/libnhr](https://github.com/olehkulykov/libnhr) Tiny Network HTTP Request cross platform C library.
- [**34**Star][1y] [offensive-security/kali-wsl-chroot](https://github.com/offensive-security/kali-wsl-chroot) Kali Linux Windows App chroot builder script
- [**34**Star][5y] [C++] [nyx0/alina](https://github.com/nyx0/alina) Alina Spark - Point of Sales Trojan
- [**34**Star][7y] [C] [nwhusted/auditdandroid](https://github.com/nwhusted/auditdandroid) A Fork of Auditd geared specifically for running on the Android platform. Includes system applications, AOSP patches, and kernel patches to maximize the audit experience.
- [**34**Star][2y] [C++] [ntraiseharderror/dreadnought](https://github.com/ntraiseharderror/dreadnought) PoC for detecting and dumping code injection (built and extended on UnRunPE)
- [**34**Star][2m] [Go] [ns1/doq-proxy](https://github.com/ns1/doq-proxy) DNS-over-QUIC to UDP Proxy
- [**34**Star][10d] [nextco/android-decompiler](https://github.com/nextco/android-decompiler) A hight quality list of tools to reverse engineering code from android.
- [**34**Star][17d] [Go] [netxfly/docker_ssh_honeypot](https://github.com/netxfly/docker_ssh_honeypot) 安全开发教学 - 用Docker制作一个高交互ssh蜜罐
- [**34**Star][2m] [Py] [mvrcrypto/bitp0wn](https://github.com/mvrcrypto/bitp0wn) Algorithms to re-compute a private key, to fake signatures and some other funny things with Bitcoin.
- [**34**Star][10m] [C] [mtjailed/purplesmoke](https://github.com/mtjailed/purplesmoke) A work-in-progress repository for breaking the security of iOS 11.2 up to 11.2.6
- [**34**Star][4m] [ObjC] [mtjailed/privateapimanager](https://github.com/mtjailed/privateapimanager) A project providing usefull classes for reverse engineering iOS Private APIs on-device
- [**34**Star][3y] [HTML] [mthbernardes/leakmanager](https://github.com/mthbernardes/leakmanager) A tool to help you manage your leaks
- [**34**Star][2m] [HTML] [mthbernardes/heimdall_webserver](https://github.com/mthbernardes/heimdall_webserver) It's a tool to manage vulnerables packages in your *nix server, in a centralized way
- [**34**Star][2m] [Rust] [mortendahl/rust-paillier](https://github.com/mortendahl/rust-paillier) A pure-Rust implementation of the Paillier encryption scheme
- [**34**Star][6m] [CSS] [monosource/radare2-explorations](https://github.com/monosource/radare2-explorations) A book on learning radare2.
- [**34**Star][25d] [Py] [monolithworks/trueseeing](https://github.com/monolithworks/trueseeing) Non-decompiling Android vulnerability scanner (DC25 demo lab, CB17)
- [**34**Star][4m] [Py] [miserlou/onionchat](https://github.com/miserlou/onionchat) Anonymous chat. No Javascript.
- [**34**Star][4m] [C] [milter-manager/milter-manager](https://github.com/milter-manager/milter-manager) milter manager is a free software to protect you from spam mails and virus mails effectively with milter.
- [**34**Star][4m] [Go] [mikegleasonjr/devproxy](https://github.com/mikegleasonjr/devproxy) A local development http proxy with hosts spoofing written in Go
- [**34**Star][6m] [Py] [mhelwig/privdns](https://github.com/mhelwig/privdns) Check dns servers for reverse resolving private ips
- [**34**Star][2y] [C++] [menooker/fishhook](https://github.com/menooker/fishhook) An inline hook platform for Windows x86/x64
- [**34**Star][10d] [fabacab/awesome-pentest](https://github.com/fabacab/awesome-pentest) 
- [**34**Star][2m] [C] [mehdilauters/esp8266-wifiscanmap](https://github.com/mehdilauters/esp8266-wifiscanmap) 
- [**34**Star][11d] [Go] [mcandre/stank](https://github.com/mcandre/stank) stank: analyzers for determining whether files smell like rotten POSIX shell scripts, or faintly rosy like Ruby and Python scripts
- [**34**Star][3y] [Go] [mattiasgeniar/http-flooder](https://github.com/mattiasgeniar/http-flooder) An experiment using goroutines and channels to create a simple HTTP flooder. Mixes GET, POST, PUT, PATCH, ... to one baseline URL.
- [**34**Star][4y] [Py] [mansosec/microsoft-malware-challenge](https://github.com/mansosec/microsoft-malware-challenge) 
- [**34**Star][2m] [C++] [lr3800/teensy](https://github.com/lr3800/teensy) teensy示例代码
- [**34**Star][2y] [Ruby] [lolwaleet/reverseip](https://github.com/lolwaleet/reverseip) Ruby based reverse IP-lookup tool.
- [**34**Star][3m] [Go] [lixiangzhong/dnsutil](https://github.com/lixiangzhong/dnsutil) dns dig for golang
- [**34**Star][6m] [Py] [lazenca/exploit-tech](https://github.com/lazenca/exploit-tech) Example files to experience basic exploit techniques.
- [**34**Star][6m] [C++] [kuqadk3/ctf-and-learning](https://github.com/kuqadk3/ctf-and-learning) 
- [**34**Star][14d] [Py] [kudelskisecurity/fumblechain](https://github.com/kudelskisecurity/fumblechain) A Purposefully Vulnerable Blockchain
- [**34**Star][1y] [kiyadesu/android-reversing-challenges](https://github.com/kiyadesu/android-reversing-challenges) there are some CTF challenges or some other things helping improving android reversing skills.
- [**34**Star][5m] [PHP] [karek314/ddos-deflate-nginx-cloudflare](https://github.com/karek314/ddos-deflate-nginx-cloudflare) This is ddos-deflate version made to mitigate Layer 7 dos/ddos attacks - made to work with nginx and optionally cloudflare
- [**34**Star][8m] [Py] [kang-newbie/s-mbf](https://github.com/kang-newbie/s-mbf) Simple Multi BruteForce by KANG-NEWBIE
- [**34**Star][4m] [Go] [justinazoff/flow-indexer](https://github.com/justinazoff/flow-indexer) Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
- [**34**Star][2m] [PHP] [joostvanveen/php-security-pitfalls](https://github.com/joostvanveen/php-security-pitfalls) Code repository for Tutsplus course PHP Security Pitfalls
- [**34**Star][4m] [Rust] [joetsoi/openmoonstone](https://github.com/joetsoi/openmoonstone) Open source reimplementation of Moonstone: A Hard Day's Knight
- [**34**Star][2y] [Py] [jipegit/fect](https://github.com/jipegit/fect) Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
- [**34**Star][5m] [jianqiangzhao/mosec2016](https://github.com/jianqiangzhao/mosec2016) 
- [**34**Star][3y] [Elixir] [jclem/ot_ex](https://github.com/jclem/ot_ex) OT algorithms for Elixir
- [**34**Star][3y] [C] [jantonakos/threathuntingexcursions](https://github.com/jantonakos/threathuntingexcursions) Code, commands, and chatter about Threat Hunting.
- [**34**Star][4y] [Py] [interference-security/multiport](https://github.com/interference-security/multiport) 
- [**34**Star][15d] [JS] [impakho/ciscn2019_final_web1](https://github.com/impakho/ciscn2019_final_web1) 国赛2019决赛Web1 - 滑稽云音乐
- [**34**Star][16d] [Go] [harleo/knockknock](https://github.com/harleo/knockknock) A simple reverse whois lookup tool which returns a list of domains owned by people or companies
- [**34**Star][6m] [hacking-and-coffee/defcon-for-n00bs](https://github.com/hacking-and-coffee/defcon-for-n00bs) DEF CON for N00bs is an open guide for first time attendees to the convention.
- [**34**Star][6m] [gwerz/reverse-engineearing](https://github.com/gwerz/reverse-engineearing) 软件逆向
- [**34**Star][1m] [C] [guilhermeferreira/spikepp](https://github.com/guilhermeferreira/spikepp) SPIKE is a protocol fuzzer creation kit. It provides an API that allows a user to create their own fuzzers for network based protocols using the C++ programming language. The tool defines a number of primitives that it makes available to C coders, which allows it to construct fuzzed messages called “SPIKES” that can be sent to a network service …
- [**34**Star][12m] [JS] [gtanczyk/dupocracy](https://github.com/gtanczyk/dupocracy) Defcon clone
- [**34**Star][4m] [PHP] [gregzem/aibolit](https://github.com/gregzem/aibolit) Free malware and virus scanner for websites and ISP
- [**34**Star][4m] [C#] [globalpolicy/csarp-netcut](https://github.com/globalpolicy/csarp-netcut) An arpspoof program using Sharppcap
- [**34**Star][3m] [Rust] [gimli-rs/ddbug](https://github.com/gimli-rs/ddbug) Display debugging information
- [**34**Star][5m] [Py] [gerhart01/hyper-v-scripts](https://github.com/gerhart01/hyper-v-scripts) 
- [**34**Star][2m] [Py] [ganapati/firmflaws](https://github.com/ganapati/firmflaws) Firmware analysis website + API
- [**34**Star][17d] [fuzzysecurity/bh-arsenal-2019](https://github.com/fuzzysecurity/bh-arsenal-2019) SilkETW & SilkService
- [**34**Star][3y] [friedappleteam/blackhat-asia-2017](https://github.com/friedappleteam/blackhat-asia-2017) BlackHat Asia 2017 talk
- [**34**Star][1m] [foryujian/yujianrdpcrack](https://github.com/foryujian/yujianrdpcrack) 御剑RDP爆破工具
- [**34**Star][4m] [Java] [forprevious/attack-analysis](https://github.com/forprevious/attack-analysis) just for attack、Vulnerability，my study and research
- [**34**Star][2m] [C] [forensicitguy/libpreloadvaccine](https://github.com/forensicitguy/libpreloadvaccine) Whitelisting LD_PRELOAD libraries using LD_AUDIT
- [**34**Star][6m] [Shell] [flowztul/keyexec](https://github.com/flowztul/keyexec) Collection of Scripts to Automatically Unlock LUKS Devices on kexec Reboot
- [**34**Star][2m] [Py] [ffmancera/pentesting-multitool](https://github.com/ffmancera/pentesting-multitool) Different utility scripts for pentesting and hacking.
- [**34**Star][17d] [PHP] [fdciabdul/fbchecker](https://github.com/fdciabdul/fbchecker) Facebook Mass Account Checker
- [**34**Star][5m] [Py] [eset/volatility-browserhooks](https://github.com/eset/volatility-browserhooks) Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
- [**34**Star][30d] [Py] [enovella/re-scripts](https://github.com/enovella/re-scripts) IDA, Ghidra and Radare2 scripts(no documentation)
- [**34**Star][11d] [C] [emeb/r820t2](https://github.com/emeb/r820t2) Breakout PCB design and STM32F0 firmware for the Rafael R820T2 tuner chip
- [**34**Star][1m] [Java] [eclipse/microprofile-sandbox](https://github.com/eclipse/microprofile-sandbox) 
- [**34**Star][5y] [Shell] [easonoutlook/rasticrac](https://github.com/easonoutlook/rasticrac) Rasticrac v3.2.5 is for Crack IPA file, like Clutch, this is a copy from appaddict.org, just for study. Now support PlugIn and Watch App.
- [**34**Star][1m] [Scala] [dzufferey/psync](https://github.com/dzufferey/psync) DSL for fault-tolerant distributed algorithms using partially-synchronous communication-closed rounds
- [**34**Star][7m] [ObjC] [duo-labs/efigy-gui](https://github.com/duo-labs/efigy-gui) A Mac app that uses the Duo Labs EFIgy API to inform you about the state of your EFI firmware.
- [**34**Star][13d] [C++] [dspinellis/cqmetrics](https://github.com/dspinellis/cqmetrics) C Quality Metrics
- [**34**Star][7m] [Ruby] [dmchell/metasploit-framework](https://github.com/dmchell/metasploit-framework) Metasploit Framework
- [**34**Star][6m] [Py] [dionach/headersanalyzer](https://github.com/dionach/headersanalyzer) Burp extension that checks for interesting and security headers
- [**34**Star][4y] [Py] [darx0r/reef](https://github.com/darx0r/reef) IDAPython plugin for finding Xrefs from a function
- [**34**Star][4m] [TeX] [danpage/mascab](https://github.com/danpage/mascab) MASCAB: a Micro-Architectural Side-Channel Attack Bibliography
- [**34**Star][3m] [Py] [danilovazb/sawef](https://github.com/danilovazb/sawef) Send Attack Web Forms
- [**34**Star][4m] [C#] [dangbee/dotnethook](https://github.com/dangbee/dotnethook) A hook proof of concept with no native dependencies. Hook both .NET methods (even framework methods) and Native methods entirely in .NET.
- [**34**Star][2y] [C#] [damonmohammadbagher/nativepayload_arp](https://github.com/damonmohammadbagher/nativepayload_arp) C# code for Transferring Backdoor Payloads by ARP Traffic and Bypassing Anti-viruses (Slow)
- [**34**Star][13d] [Py] [daedalus/bitcoin-recover-privkey](https://github.com/daedalus/bitcoin-recover-privkey) Proof of concept of bitcoin private key recovery using weak ECDSA signatures
- [**34**Star][2y] [CSS] [cysca/cysca2015](https://github.com/cysca/cysca2015) Cyber Security Challenge Australia 2015 Files
- [**34**Star][1m] [Py] [cryptolu/whitebox](https://github.com/cryptolu/whitebox) White-box Analysis and Implementation Tools
- [**34**Star][4y] [Py] [cr4sh/aptiocalypsis](https://github.com/cr4sh/aptiocalypsis) Arbitrary SMM code execution exploit for AMI Aptio based firmware
- [**34**Star][10d] [JS] [codebox/monkeyshine](https://github.com/codebox/monkeyshine) A collection of slightly evil JavaScript
- [**34**Star][9m] [JS] [chrismwaite/cardboard-dungeon](https://github.com/chrismwaite/cardboard-dungeon) An experimental virtual reality dungeon crawling game built with A-Frame. Designed to work with Google Cardboard.
- [**34**Star][9m] [C] [chokepoint/jynxkit](https://github.com/chokepoint/jynxkit) JynxKit is an LD_PRELOAD userland rootkit for Linux systems with reverse connection SSL backdoor
- [**34**Star][3m] [cazala/coin-hive-proxy](https://github.com/cazala/coin-hive-proxy) Deprecated. Use CoinHive Stratum instead.
- [**34**Star][12d] [Py] [bugbounty-site/calexe](https://github.com/bugbounty-site/calexe) Calendar Exploit.
- [**34**Star][9m] [C#] [breenmachine/hpwn](https://github.com/breenmachine/hpwn) HP printer security research code
- [**34**Star][12m] [Py] [bishopfox/idontspeakssl](https://github.com/bishopfox/idontspeakssl) simple script to parse testssl.sh results
- [**34**Star][5y] [C++] [avplayer/avcamera](https://github.com/avplayer/avcamera) 一款家用安全防盗监控软件，无需额外购买昂贵的CCD监控摄像头，只需普通电脑视频聊天用的CMOS摄像头即可。
- [**34**Star][1m] [Py] [averagesecurityguy/twanalyze](https://github.com/averagesecurityguy/twanalyze) Extract useful information from a Twitter account.
- [**34**Star][3m] [C#] [atakansarioglu/bigbug](https://github.com/atakansarioglu/bigbug) Easy Microcontroller Debugging Tool
- [**34**Star][5m] [ashchan/bitcoin-ethereum-cryptography](https://github.com/ashchan/bitcoin-ethereum-cryptography) 比特币、以太坊加密技术
- [**34**Star][1m] [C] [armfazh/rfc7748_precomputed](https://github.com/armfazh/rfc7748_precomputed) Updated! (Dec2-2019) This is a C-language software library that provides optimized implementations of the Diffie-Hellman functions known as X25519 and X448 (RFC-7748) for 64-bit architectures.
- [**34**Star][1m] [Py] [antid0tecom/ipad_accessory_research](https://github.com/antid0tecom/ipad_accessory_research) Research into Security of Apple Smart Keyboard and Apple Pencil
- [**34**Star][4y] [C++] [anssi-fr/nogaxeh](https://github.com/anssi-fr/nogaxeh) Tools for analyzing hexagon code
- [**34**Star][1m] [Lua] [alpinelinux/alpine-secdb](https://github.com/alpinelinux/alpine-secdb) [MIRROR] Alpine Linux security database
- [**34**Star][7m] [C] [alon7/bbt-multiminer](https://github.com/alon7/bbt-multiminer) Start different miners from the same script. Easy and simple to get started with mining. Originally by Bits Be Trippin'
- [**34**Star][4m] [PS] [alexinslc/powershell](https://github.com/alexinslc/powershell) PowerShell functions and scripts for various sysadmin / devops tasks
- [**34**Star][28d] [Nim] [akavel/dali](https://github.com/akavel/dali) Indie assembler/linker for Dalvik VM .dex & .apk files (Work In Progress)
- [**34**Star][8y] [C#] [advtools/advsock2pipe](https://github.com/advtools/advsock2pipe) A small utility to connect a TCP socket to a Windows named pipe. It can be used, for exemple, to capture network data with tcpdump on Linux or iPhone/iPad and to see the capture in (almost) realtime in Wireshark on Windows. Released under GPLv3.
- [**34**Star][2m] [adilmajid/privacy-for-the-paranoid](https://github.com/adilmajid/privacy-for-the-paranoid) A master checklist for securing your online life.
- [**34**Star][17d] [Go] [adhocteam/certwatcher](https://github.com/adhocteam/certwatcher) TLS cert expiry early-warning service
- [**34**Star][5y] [C++] [adamkramer/handle_monitor](https://github.com/adamkramer/handle_monitor) Identifying and Disrupting Crypto-Ransomware (and Destructive Malware) using handle heurustics
- [**34**Star][4m] [JS] [acama/webkitties](https://github.com/acama/webkitties) PS Vita Webkit Exploit / Mini SDK and Testing Framework
- [**34**Star][5y] [C++] [5loyd/makecode](https://github.com/5loyd/makecode) Dll Convert to Shellcode.
- [**34**Star][3y] [PS] [3gstudent/waitfor-persistence](https://github.com/3gstudent/waitfor-persistence) Use Waitfor.exe to maintain persistence
- [**34**Star][4y] [PS] [3gstudent/ninjacopy](https://github.com/3gstudent/ninjacopy) Powershell to copy ntds.dit
- [**34**Star][5y] [Py] [0xebfe/3dsx-ida-pro-loader](https://github.com/0xebfe/3dsx-ida-pro-loader) IDA PRO Loader for 3DSX files
- [**34**Star][4m] [Rust] [0xcpu/bonomen](https://github.com/0xcpu/bonomen) BONOMEN - Hunt for Malware Critical Process Impersonation
- [**34**Star][2m] [Py] [0pc0defr/wordpress-sploit-framework](https://github.com/0pc0defr/wordpress-sploit-framework) Wordpress Sploit Framework was developed for the purpose to provide a framework which creates proof of concept when discovering vulnerability in Wordpress core and Wordpress plugin.
- [**33**Star][3m] [Py] [tegal1337/nekobotv1](https://github.com/tegal1337/nekobotv1) NekoBot | Auto Exploiter With 500+ Exploit 2000+ Shell
- [**33**Star][30d] [Shell] [bowei/k8s-custom-iptables](https://github.com/bowei/k8s-custom-iptables) How to add custom iptables rules to a Kubernetes cluster
- [**33**Star][28d] [JS] [gr2m/before-after-hook](https://github.com/gr2m/before-after-hook) wrap methods with before/after hooks
- [**33**Star][16d] [Go] [hinshun/ipcs](https://github.com/hinshun/ipcs) containerd meets ipfs to distribute content
- [**33**Star][2m] [JS] [codelytv/p2p-editor](https://github.com/codelytv/p2p-editor) Online code editor based on P2P and JavaScript. Demo:
- [**33**Star][3m] [ruanfei/shadowsocksrrshare](https://github.com/ruanfei/shadowsocksrrshare) 「科学上网」「ssr」「免费节点」「每天更新」
- [**33**Star][14d] [JS] [misterhat/livelook](https://github.com/misterhat/livelook) soulseek client in javascript
- [**33**Star][3y] [C++] [ypingcn/p2pchat-qt](https://github.com/ypingcn/p2pchat-qt) A Qt demo for p2p LAN chat and file transmission
- [**33**Star][23d] [JS] [baruchiro/israeli-bank-scrapers-desktop](https://github.com/baruchiro/israeli-bank-scrapers-desktop) Secure desktop app for retriving your transactions from all israeli banks and credit cards
- [**33**Star][12m] [Rust] [tox-rs/tox-node](https://github.com/tox-rs/tox-node) A server application to run tox node written in pure Rust
- [**33**Star][2y] [Py] [sachin-bisht/instagram_stalker_scraper](https://github.com/sachin-bisht/instagram_stalker_scraper) (UNMAINTAINED) Fetch data of any public Instagram profile, without using api
- [**33**Star][4y] [Py] [imikay/imagegrabber](https://github.com/imikay/imagegrabber) A Scrapy demo : Download all images from a site
- [**33**Star][2m] [JS] [minionsdave/live-streaming-crawler](https://github.com/minionsdave/live-streaming-crawler) 一个整合了各大直播平台直播信息的爬虫网站
- [**33**Star][4m] [Py] [gaborvecsei/youtube-live-stream-docker](https://github.com/gaborvecsei/youtube-live-stream-docker) Live stream from a USB webcam with your Raspberry Pi to Youtube
- [**33**Star][1m] [Shell] [smartupio/aws-vpn-mikrotik](https://github.com/smartupio/aws-vpn-mikrotik) Shell script to transform a Generic AWS VPN configuration guide to MikroTik specific set up commands that can be copy pasted into a mikrotik console to set up the customer end of the connection.
- [**33**Star][5m] [JS] [dwst/dwst](https://github.com/dwst/dwst) Dark WebSocket Terminal is a WS client that provides netcat like functionality for conversing with a WS server.
- [**33**Star][2m] [CSS] [mehonoshin/smartvpn](https://github.com/mehonoshin/smartvpn) SmartVPN project website and documentation
- [**33**Star][26d] [Go] [insidersec/insider](https://github.com/insidersec/insider) Insider is the CLI project from the Insider Application Security Team for the community
- [**33**Star][30d] [C#] [kant2002/ncrawler](https://github.com/kant2002/ncrawler) Web Crawler written in C#
- [**33**Star][3m] [C] [mongodb-labs/winkerberos](https://github.com/mongodb-labs/winkerberos) A native Kerberos client implementation for Python on Windows
- [**33**Star][19d] [JS] [ebay/userscript-proxy](https://github.com/ebay/userscript-proxy) HTTP proxy to inject scripts and stylesheets into existing sites.
- [**33**Star][1m] [Java] [esrrhs/texas_algorithm](https://github.com/esrrhs/texas_algorithm) texas algorithm
- [**33**Star][8m] [Java] [rayjun/awesome-algorithm](https://github.com/rayjun/awesome-algorithm) awesome algorithm
- [**33**Star][3m] [Py] [jdelic/12factor-vault](https://github.com/jdelic/12factor-vault) Integration helpers for Hashicorp Vault with 12factor and Django
- [**33**Star][1m] [Go] [suyashkumar/conduit](https://github.com/suyashkumar/conduit) 
- [**33**Star][2m] [Java] [theredheart/passwordview](https://github.com/theredheart/passwordview) 6格数字密码、验证码输入控件
- [**33**Star][8m] [JS] [tomasz-oponowicz/grunt-javascript-obfuscator](https://github.com/tomasz-oponowicz/grunt-javascript-obfuscator) Obfuscates JavaScript files using amazing javascript-obfuscator.
- [**33**Star][5m] [Py] [jameszbl/zhilian_spider](https://github.com/jameszbl/zhilian_spider) 智联招聘关键词搜索职位信息爬虫
- [**33**Star][18d] [R] [courtsbr/esaj](https://github.com/courtsbr/esaj) Scrapers for many e-SAJ systems
- [**33**Star][5m] [Py] [vi3k6i5/synonym-extractor](https://github.com/vi3k6i5/synonym-extractor) Extract synonyms, keywords from sentences using modified implementation of Aho Corasick algorithm
- [**33**Star][1m] [C++] [visualapproach/volvo-melbus](https://github.com/visualapproach/volvo-melbus) Volvo MELBUS Bluetooth audio input and remote control with Arduino Nano
- [**33**Star][18d] [Java] [luojilab/algorithm](https://github.com/luojilab/algorithm) 得到每周一算法
- [**33**Star][5m] [Py] [pringleman83/sportsbook](https://github.com/pringleman83/sportsbook) A sports data scraping and analysis tool
- [**33**Star][9m] [subins2000/phpwebcrawler](https://github.com/subins2000/phpwebcrawler) A Web Crawler Created in PHP
- [**33**Star][1m] [Java] [graylog2/graylog-plugin-auth-sso](https://github.com/graylog2/graylog-plugin-auth-sso) SSO support for Graylog through trusted HTTP headers set by load balancers or authentication proxies
- [**33**Star][23d] [JS] [stiekel/aliexpress](https://github.com/stiekel/aliexpress) An AliExpress spider for Node
- [**33**Star][27d] [Java] [cuu/ovpn_webview](https://github.com/cuu/ovpn_webview) openvpn android with webview interface 为了纪念曾经的灰产免流岁月,公开此代码,此版本与官方闭源openvpn安卓app完全一样,最强线路兼容,并且支持线路远程获取,dalo线路格式,请自行研究,不得用于非法商业活动
- [**33**Star][3m] [Java] [deysuman/android-bluetooth-printer](https://github.com/deysuman/android-bluetooth-printer) Android app for Bluetooth thermal printer
- [**33**Star][8m] [Go] [kalbhor/image-scraper](https://github.com/kalbhor/image-scraper) Fast concurrent image scraper
- [**33**Star][1m] [PHP] [podcastcrawler/podcastcrawler](https://github.com/podcastcrawler/podcastcrawler) PHP library to find podcasts
- [**33**Star][1m] [C#] [elementmo/unity-airportsimulationsystem](https://github.com/elementmo/unity-airportsimulationsystem) This is a project for practicing A* algorithm and vehicle obstacle avoiding mechanism, with a bit of atmosphere scattering shader.
- [**33**Star][2m] [Py] [omalperera/human-detection-system-with-raspberry-pi](https://github.com/omalperera/human-detection-system-with-raspberry-pi) A motion detection system with RaspberryPi, OpenCV, Python
- [**33**Star][12d] [Py] [ohjeongwook/iptanalyzer](https://github.com/ohjeongwook/iptanalyzer) Intel PT log analyzer
- [**33**Star][21d] [Rust] [felipenoris/hyper-reverse-proxy](https://github.com/felipenoris/hyper-reverse-proxy) A simple reverse proxy for use with Hyper and Tokio
- [**33**Star][3y] [archimboldimao/surgeconfig](https://github.com/archimboldimao/surgeconfig) 这是我日常使用 Surge 配置 Shadowsocks 代理翻墙的文件。
- [**33**Star][5m] [Go] [pbnj/s3-fuzzer](https://github.com/pbnj/s3-fuzzer) 
- [**33**Star][12d] [Py] [portswigger/wordpress-scanner](https://github.com/portswigger/wordpress-scanner) Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.
- [**33**Star][25d] [Py] [kpostekk/librus-tricks](https://github.com/kpostekk/Librus-Tricks) Full sized Librus Synergia API wrapper written in python
- [**33**Star][1m] [PHP] [toflar/psr6-symfony-http-cache-store](https://github.com/toflar/psr6-symfony-http-cache-store) An alternative store implementation for Symfony's HttpCache reverse proxy that supports auto-pruning of expired entries and cache invalidation by tags.
- [**33**Star][1m] [lololosys/awesome_cisco_exploitation](https://github.com/lololosys/awesome_cisco_exploitation) A curated list of awesome Cisco exploitation resources
- [**33**Star][2m] [Shell] [trinitor/netstat2neo4j](https://github.com/trinitor/netstat2neo4j) create cypher create statements for neo4j out of netstat files from multiple machines
- [**33**Star][11d] [C] [namhyung/dwarview](https://github.com/namhyung/dwarview) DWARF debug info viewer
- [**33**Star][13d] [JS] [salesforce/gquic_protocol_analyzer](https://github.com/salesforce/gquic_protocol_analyzer) GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
- [**33**Star][1m] [C++] [hikariobfuscator/core](https://github.com/hikariobfuscator/core) Shared Obfuscation Core
- [**33**Star][14d] [Java] [adolfintel/notebot](https://github.com/adolfintel/notebot) A ripoff of Microsoft Sticky Notes
- [**33**Star][1m] [C++] [cr-marcstevens/m4gb](https://github.com/cr-marcstevens/m4gb) M4GB: Efficient Groebner Basis algorithm
- [**33**Star][2y] [Shell] [jaredhaight/scripts](https://github.com/jaredhaight/scripts) A collection of scripts that I've written while pentesting.
- [**33**Star][2y] [PS] [denandz/secretserversecretstealer](https://github.com/denandz/secretserversecretstealer) Powershell script that decrypts the data stored within a Thycotic Secret Server
- [**33**Star][2m] [Py] [scwuaptx/ais3-2017](https://github.com/scwuaptx/ais3-2017) AIS3 2017 Binary Exploitation
- [**33**Star][2y] [Py] [skelsec/socksohttp](https://github.com/skelsec/socksohttp) Socks5 server over Websockets
- [**33**Star][2y] [valvesoftware/linux](https://github.com/valvesoftware/linux) SteamOS fork of the Debian kernel packaging repository at
- [**33**Star][2m] [dxa4481/cors](https://github.com/dxa4481/cors) JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
- [**33**Star][28d] [Py] [osirislab/csaw-ctf-2019-quals](https://github.com/osirislab/csaw-ctf-2019-quals) Challenge Repository for CSAW CTF Quals 2019
- [**33**Star][6m] [CSS] [osirislab/csaw-ctf-2018-quals](https://github.com/osirislab/csaw-ctf-2018-quals) Repo for CSAW CTF 2018 Quals challenges
- [**33**Star][3m] [Shell] [ytisf/randomgoodness](https://github.com/ytisf/randomgoodness) General tools and scripts i want to make public to the world.
- [**33**Star][29d] [Py] [paulsec/cybercrime-tracker.net](https://github.com/paulsec/cybercrime-tracker.net) (Unofficial) Python API for cybercrime-tracker.net
- [**33**Star][2m] [Py] [ekultek/tadpole](https://github.com/ekultek/tadpole) Download files out of open AWS buckets
- [**33**Star][6m] [Py] [rhelmot/nclib](https://github.com/rhelmot/nclib) Netcat as a python library
- [**33**Star][4m] [C#] [owenxuwei/ids4.adminui](https://github.com/owenxuwei/ids4.adminui) ids改造，增加权限认证
- [**33**Star][15d] [Go] [leeon123/golang-httpflood](https://github.com/leeon123/golang-httpflood) Golang httpflood(socket) can down a normal website in 10s with 100 connections
- [**33**Star][13d] [HTML] [evilbotnet/openpimap](https://github.com/evilbotnet/openpimap) Python3 and Raspberry Pi based NetFlow Traffic Analysis leveraging Shodan's API, Twilio, GeoIP, and Folium to produce interactive maps and threat intelligence data.
- [**33**Star][10m] [Py] [pein0119/girl-atlas-crawler](https://github.com/pein0119/girl-atlas-crawler) 
- [**33**Star][8m] [Py] [ml31415/wpscrack](https://github.com/ml31415/wpscrack) Continuation of wpscrack originally written by Stefan Viehböck
- [**33**Star][15d] [JS] [xuelangcxy/girlcrawler](https://github.com/xuelangcxy/girlcrawler) A crawler for pictures on
- [**33**Star][3m] [yeahhub/kali-linux-ebooks](https://github.com/yeahhub/kali-linux-ebooks) Top 20 Kali Linux Related E-books (Free Download)
- [**33**Star][14d] [C] [pawankolhe/c-algorithms](https://github.com/pawankolhe/c-algorithms) All algorithms implemented in C
- [**33**Star][9d] [JS] [rndinfosecguy/vulture](https://github.com/rndinfosecguy/vulture) WhatsApp Online Tracker
- [**33**Star][3y] [Pascal] [mwsrc/xtremerat](https://github.com/mwsrc/XtremeRAT) XtremeRAT SRC Extract
- [**33**Star][3y] [C++] [mojtabatajik/sandbox-detection](https://github.com/MojtabaTajik/Sandbox-Detection) Contains some tricks to detect Sandboxes and gradually completed
- [**33**Star][5m] [JS] [cylance/nmap-cluster](https://github.com/cylance/NMAP-Cluster) Clustering NMAP XML results to help make sense of large scan results.
- [**33**Star][2y] [C] [openpreserve/scape-xcorrsound](https://github.com/openpreserve/scape-xcorrsound) Suite of tools for automated quality assurance of audio migration processes.
- [**33**Star][4m] [Ruby] [praetorian-code/ruby_hashcat](https://github.com/praetorian-code/ruby_hashcat) Command line wrapper, Library, and Rest API for oclHashcat.
- [**33**Star][1y] [Assembly] [zeffy/prxdll_templates](https://github.com/zeffy/prxdll_templates) Thread-safe and deadlock free template projects for hijacking various Windows system DLLs
- [**33**Star][1m] [Shell] [exe-thumbnailer/exe-thumbnailer](https://github.com/exe-thumbnailer/exe-thumbnailer) Thumbnailer for .exe/.dll/.msi/.lnk files on Linux systems.
- [**33**Star][2m] [Py] [ytisf/hemingway](https://github.com/ytisf/hemingway) hemingway is a simple and easy to use spear phishing helper.
- [**33**Star][4y] [Py] [yixuanli/lemon](https://github.com/yixuanli/lemon) LEMON: A local algorithm for fast, high-precision overlapping community detection
- [**33**Star][4m] [Perl] [yama-natuki/2chproxy.pl](https://github.com/yama-natuki/2chproxy.pl) HTTP proxy for 2ch.net to convert the dat format.
- [**33**Star][1y] [C] [y123456yz/reading-and-comprehense-twemproxy0.4.1](https://github.com/y123456yz/reading-and-comprehense-twemproxy0.4.1) redis、memcached缓存代理twemproxy源码详细分析注释，带详尽中文注释及函数调用关系
- [**33**Star][15d] [Go] [xtrafrancyz/vk-proxy](https://github.com/xtrafrancyz/vk-proxy) Прокси-сервер для API ВКонтакте
- [**33**Star][5m] [Kotlin] [xgouchet/elmyr](https://github.com/xgouchet/elmyr) A utility to make Kotlin/Java tests random yet reproducible
- [**33**Star][4m] [PS] [wuseman/wloader](https://github.com/wuseman/wloader) Windows 10 PRO Activator - No more backdoors via loaders from China and neither you will need any crack anymore that is valid for a week or two. This is script is written for powershell/cmd. This script will also removing all bloatware from Windows 10. Edit the script after your needs.
- [**33**Star][3m] [Py] [wasapi-community/data-transfer-apis](https://github.com/wasapi-community/data-transfer-apis) WASAPI data transfer APIs
- [**33**Star][1m] [Vue] [vikramide/stock_scan1](https://github.com/vikramide/stock_scan1) Working Demo of Barcode/QR code scanner using VueJs+Quasaar+Cordova
- [**33**Star][6m] [Ruby] [versioneye/versioneye-security](https://github.com/versioneye/versioneye-security) Security Crawler for VersionEye
- [**33**Star][2m] [unapibageek/thebicho](https://github.com/unapibageek/thebicho) Hardware backdoor for CAN bus.
- [**33**Star][1y] [twelvesec/bearerauthtoken](https://github.com/twelvesec/bearerauthtoken) This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP requests.Furthermore, this solution provides a better approach to solve the problem of Burp suite automated scanning failures when Authorization tokens exist.
- [**33**Star][5y] [JS] [tweekfawkes/white_lightning](https://github.com/tweekfawkes/white_lightning) Platform for Browser Exploitation
- [**33**Star][4y] [Py] [trustedsec/crackmapexec](https://github.com/trustedsec/crackmapexec) A swiss army knife for pentesting Windows/Active Directory environments
- [**33**Star][4m] [Perl] [tripflex/cpsetup](https://github.com/tripflex/cpsetup) Intuitive bash/shell script to setup and harden/configure cPanel CentOS/RHEL server with ConfigServer Firewall, MailManage, MailQueue, Malware Detect, ClamAV, mod_cloudflare, CloudFlare RailGun, and many more applications and security tweaks
- [**33**Star][3y] [Py] [tribalchicken/volatility-bitlocker](https://github.com/tribalchicken/volatility-bitlocker) Volatility plugin to extract BitLocker Full Volume Encryption Keys (FVEK)
- [**33**Star][3m] [C++] [trailofbits/cfg-showcase](https://github.com/trailofbits/cfg-showcase) Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementation
- [**33**Star][1m] [Go] [tongxiaofeng/bitbot](https://github.com/tongxiaofeng/bitbot) A Cryptocurrency Quantitive Trading Platform. (aka trading bot, trading robot, algorithmic trading)
- [**33**Star][3m] [tom4t0/cobalt-strike-persistence](https://github.com/tom4t0/cobalt-strike-persistence) cobalt strike 自启动脚本
- [**33**Star][10m] [C++] [tienex/apfs](https://github.com/tienex/apfs) Mount, dump and analyze APFS volumes and containers
- [**33**Star][4m] [Py] [tangxiaofeng7/srcinformation-gathering](https://github.com/tangxiaofeng7/srcinformation-gathering) 挖掘SRC的信息收集
- [**33**Star][2m] [C++] [swwwolf/cbtest](https://github.com/swwwolf/cbtest) Windows kernel-mode callbacks tutorial driver
- [**33**Star][1m] [C] [surajfale/passthrough-minifilter-driver](https://github.com/surajfale/passthrough-minifilter-driver) Windows mini-filter-driver. Blocks the access to USB drives.
- [**33**Star][1m] [Xtend] [splondike/polipoid](https://github.com/splondike/polipoid) Android wrapper for the polipo proxy
- [**33**Star][13d] [Py] [spiperac/armroper](https://github.com/spiperac/armroper) ARM rop chain gadget searcher
- [**33**Star][3y] [C] [soufianetahiri/mirai-botnet](https://github.com/soufianetahiri/mirai-botnet) Mirai Botnet Client, Echo Loader and CNC source code (for the sake of knowledge)
- [**33**Star][1m] [Elixir] [smpallen99/coherence_demo](https://github.com/smpallen99/coherence_demo) A coherence demo project
- [**33**Star][1y] [Shell] [smileart/omg](https://github.com/smileart/omg) One More Gear set to follow DRY principle and stop doing things again and again (just a nice name for my dotfiles)
- [**33**Star][2y] [Py] [smile0304/technical_article_spider](https://github.com/smile0304/technical_article_spider) 一个爬取国内技术站点的技术文章
- [**33**Star][4m] [C] [simoninns/smallymouse2](https://github.com/simoninns/smallymouse2) Universal USB to quadrature mouse adapter
- [**33**Star][4m] [Py] [shouc/knicky](https://github.com/shouc/knicky) A module-based static virus generator
- [**33**Star][28d] [Go] [shift/domain_exporter](https://github.com/shift/domain_exporter) Prometheus WHOIS domain details exporter.
- [**33**Star][3y] [PHP] [shieldfy/waf-detector](https://github.com/shieldfy/waf-detector) small script to detect web application firewall on any website
- [**33**Star][2y] [Rust] [sfackler/rust-socks](https://github.com/sfackler/rust-socks) 
- [**33**Star][3m] [C#] [sergreen/appacker](https://github.com/sergreen/appacker) Tool for making single .exe application packages
- [**33**Star][5y] [Py] [sekoialab/pe-tools](https://github.com/sekoialab/pe-tools) Set of python scripts to analyse PE32/PE64 binaries and to extract VB 5/6 headers and Visual Basic p-code functions.
- [**33**Star][1m] [Py] [sdnewhop/sdwan-harvester](https://github.com/sdnewhop/sdwan-harvester) 
- [**33**Star][5m] [Go] [saturnsvoid/windows-keylogger](https://github.com/saturnsvoid/windows-keylogger) A simple Keylogger that captures window titles and all keys, uses AllenDang/w32.
- [**33**Star][8m] [Py] [sam-b/windows_syscalls_dumper](https://github.com/sam-b/windows_syscalls_dumper) A dirty IDAPython script to dump windows system call number/name pairs as JSON
- [**33**Star][8m] [HTML] [salsifis/ss64-password-generators](https://github.com/salsifis/ss64-password-generators) Standalone versions of the SS64.com password generators
- [**33**Star][2y] [Py] [s0cket7/torstat](https://github.com/s0cket7/torstat) 
- [**33**Star][6m] [Java] [rub-nds/tls-attacker-burpextension](https://github.com/rub-nds/tls-attacker-burpextension) assist in the evaluation of TLS Server configurations with Burp Suite.
- [**33**Star][2y] [C] [rsa9000/npk-tools](https://github.com/rsa9000/npk-tools) Mikrotik's NPK files managing tools
- [**33**Star][2y] [Py] [rootlabs/torstat](https://github.com/rootlabs/torstat) 
- [**33**Star][5m] [Java] [retarded-skid/skidsuite-3](https://github.com/retarded-skid/skidsuite-3) A collection of java reverse engineering tools and informational links
- [**33**Star][3y] [Py] [redteam-cyberark/google-domain-fronting](https://github.com/redteam-cyberark/google-domain-fronting) Domain fronting using Google app engine
- [**33**Star][5m] [C++] [rafaelgss/hyzmall](https://github.com/rafaelgss/hyzmall) 
- [**33**Star][12d] [C] [radareorg/ldmg](https://github.com/radareorg/ldmg) A simple library focusing on demangling symbols for different programing languages
- [**33**Star][11d] [Ruby] [puppetlabs/puppetlabs-java_ks](https://github.com/puppetlabs/puppetlabs-java_ks) Uses a combination of keytool and openssl to manage entries in a Java keystore
- [**33**Star][4m] [ptresearch/pentest-detections](https://github.com/ptresearch/pentest-detections) Repository for penetration testing tools
- [**33**Star][4m] [C] [programa-stic/pyasmjit](https://github.com/programa-stic/pyasmjit) PyAsmJIT is a Python package for x86_64/ARM assembly code generation and execution.
- [**33**Star][18d] [Java] [portswigger/xss-validator](https://github.com/portswigger/xss-validator) This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
- [**33**Star][2m] [C] [plutonium-dbg/plutonium-dbg](https://github.com/plutonium-dbg/plutonium-dbg) Kernel-based debugger for Linux applications
- [**33**Star][2y] [Py] [phdphuc/mac-a-mal-cuckoo](https://github.com/phdphuc/mac-a-mal-cuckoo) extends the open-source Cuckoo Sandbox (legacy) with functionality for analyzing macOS malware in macOS guest VM(s).
- [**33**Star][2y] [Py] [peacand/burp-pytemplate](https://github.com/peacand/burp-pytemplate) Burp extension to quickly and easily develop Python complex exploits based on Burp proxy requests.
- [**33**Star][5y] [Py] [pan0pt1c0n/python-sockstress](https://github.com/pan0pt1c0n/python-sockstress) SockStress DoS (Denial of Service) exploit written in Python |
- [**33**Star][2y] [HTML] [p3t3rp4rk3r/my_dirty_scripts](https://github.com/p3t3rp4rk3r/my_dirty_scripts) My Dirty Scriptss ..!!!!! Pentest , OSINT , Python ,, Trainings
- [**33**Star][3m] [Py] [oshp/headers](https://github.com/oshp/headers) An application to catch, search and analyze HTTP secure headers.
- [**33**Star][3m] [Py] [oasislmf/oasislmf](https://github.com/oasislmf/oasislmf) Loss modelling framework.
- [**33**Star][4m] [C++] [nuand/kalibrate-bladerf](https://github.com/nuand/kalibrate-bladerf) kalibrate-bladeRF
- [**33**Star][5y] [Py] [novetta/delilah](https://github.com/novetta/delilah) 
- [**33**Star][3m] [C++] [notscimmy/libinject](https://github.com/notscimmy/libinject) Currently supports injecting signed/unsigned DLLs in 64-bit processes
- [**33**Star][3m] [JS] [notdls/hackbar](https://github.com/notdls/hackbar) HackBar Quantum is a sidebar that assists you with web application security testing, it's aim is to help make those tedious tasks a little bit easier. This add-on is a predecessor to the original HackBar that is not compatible with Firefox Quantum.
- [**33**Star][4y] [JS] [nidem/meteorminer](https://github.com/nidem/meteorminer) Tampermonkey script to extract information from Meteor applications
- [**33**Star][2m] [netspi/skl](https://github.com/netspi/skl) strace keylogger PoC
- [**33**Star][2m] [Smarty] [nerdyprojects/hostapd-wpe-extended](https://github.com/nerdyprojects/hostapd-wpe-extended) Modification and tools for using hostapd for rogue AP attacks impersonating WPA-Enterprise networks to steal user credentials
- [**33**Star][4m] [C] [nbareil/net2pcap](https://github.com/nbareil/net2pcap)  a simple network-to-pcap capture file for Linux. Its goal is to be as simple as possible to be used in hostile environments
- [**33**Star][19d] [nats-io/nats-general](https://github.com/nats-io/nats-general) General NATS Information
- [**33**Star][2m] [Go] [naltun/eyes](https://github.com/naltun/eyes) 
- [**33**Star][2y] [C] [myriadrf/limesdr-usb_fx3](https://github.com/myriadrf/limesdr-usb_fx3) Cypress FX3 firmware for the USB 3.0 LimeSDR board
- [**33**Star][3m] [C] [mtalbi/vm_escape](https://github.com/mtalbi/vm_escape) vm escape exploit
- [**33**Star][12d] [Go] [moldabekov/whatsipp](https://github.com/moldabekov/whatsipp) 
- [**33**Star][1y] [C] [mmyydd/relative-pattern](https://github.com/mmyydd/relative-pattern) Recover control flow graph from obfuscated codes
- [**33**Star][4m] [Shell] [mirchr/security-research](https://github.com/mirchr/security-research) Security Research
- [**33**Star][3y] [Py] [mipu94/broids_unicorn](https://github.com/mipu94/broids_unicorn) simple plugin to detect shellcode on Bro IDS with Unicorn
- [**33**Star][25d] [TeX] [mimoo/timing_attack_ecdsa_tls](https://github.com/mimoo/timing_attack_ecdsa_tls) Timing Attack on TLS' ECDSA signature
- [**33**Star][3m] [ObjC] [mikaelbo/proxyswitcher](https://github.com/mikaelbo/proxyswitcher) Easily enable / disable WiFi proxy on a jailbroken iOS device
- [**33**Star][2m] [mhaggis/sysmon-splunk-app](https://github.com/mhaggis/sysmon-splunk-app) Sysmon Splunk App
- [**33**Star][28d] [mhaggis/app_splunk_sysmon_hunter](https://github.com/mhaggis/app_splunk_sysmon_hunter) Splunk App to assist Sysmon Threat Hunting
- [**33**Star][4m] [Py] [mfthomps/resim](https://github.com/mfthomps/resim) Reverse engineering software using a full system simulator
- [**33**Star][6m] [Py] [maxkrivich/slowloris](https://github.com/maxkrivich/slowloris) Small and simple tool for testing Slow Loris vulnerability
- [**33**Star][2m] [marcocanc/mi-lamp-re](https://github.com/marcocanc/mi-lamp-re) 
- [**33**Star][11d] [CSS] [malwares/malwares.github.io](https://github.com/malwares/malwares.github.io) malwares src dump
- [**33**Star][8m] [C] [maldiohead/cve-2019-8540](https://github.com/maldiohead/cve-2019-8540) Kernel Stack info leak at exportObjectToClient function
- [**33**Star][5y] [Ruby] [madirish/kojoney2](https://github.com/madirish/kojoney2) Kojoney2 is a low interaction SSH honeypot written in Python. Based on Kojoney by Jose Antonio Coret
- [**33**Star][2m] [PHP] [leebaird/assessment-manager](https://github.com/leebaird/assessment-manager) Manage all logistical information for a pentest including clients, contacts, employees, findings, projects, scoping, and vulnerabilities.
- [**33**Star][5m] [Py] [ldionmarcil/sudo-backdoor](https://github.com/ldionmarcil/sudo-backdoor) Wraps sudo; transparently steals user's credentials and exfiltrate over DNS. For those annoying times when you get a shell/file write on a sudoers account and need to leverage their credentials.
- [**33**Star][30d] [Py] [latchset/kdcproxy](https://github.com/latchset/kdcproxy) A kerberos KDC HTTP/HTTPS proxy WSGI module
- [**33**Star][2m] [Py] [krystalgamer/dec2struct](https://github.com/krystalgamer/dec2struct) Python plugin to easily setup vtables in IDA using declaration files
- [**33**Star][2m] [Ruby] [khr0x40sh/metasploit-modules](https://github.com/khr0x40sh/metasploit-modules) 
- [**33**Star][21d] [Crystal] [kcreate/stackvm](https://github.com/kcreate/stackvm) Virtual Machine with a 240x160 VRAM display.
- [**33**Star][21d] [Py] [josverl/micropython-stubber](https://github.com/josverl/micropython-stubber) Generate and use stubs for different micropython firmwares to use with vscode and/or pylint
- [**33**Star][17d] [Py] [joshzelonis/attack-eval-scoring](https://github.com/joshzelonis/attack-eval-scoring) This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out
- [**33**Star][3y] [Py] [jkkj93/mint-webshell-defender](https://github.com/jkkj93/mint-webshell-defender) 薄荷WEBSHELL防御系统，是一款WEBSHELL查杀/防御软件，采用PYTHON编写
- [**33**Star][4m] [PHP] [jhaddix/seclists](https://github.com/jhaddix/seclists) SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
- [**33**Star][17d] [C] [jaybosamiya/fuzzing-numpy](https://github.com/jaybosamiya/fuzzing-numpy) 
- [**33**Star][1m] [Go] [jaxxstorm/graphping](https://github.com/jaxxstorm/graphping) Ping a list of endpoints and write the results to statsd
- [**33**Star][4m] [japnime/google-drive-stream-proxy](https://github.com/japnime/google-drive-stream-proxy) Alternative Google Drive Stream Script
- [**33**Star][26d] [Py] [jamesacampbell/python-examples](https://github.com/jamesacampbell/python-examples) Examples for some key libraries in Python that I use all the time. A way for me to remember and hopefully get others started.
- [**33**Star][1y] [ObjC] [jakeajames/reverse-engineering](https://github.com/jakeajames/reverse-engineering) nothing important
- [**33**Star][25d] [JS] [iotaledger/curl.lib.js](https://github.com/iotaledger/curl.lib.js) IOTA Proof-of-Work algorithm ported to Javascript to work in WebGL2-enabled browsers
- [**33**Star][4y] [ObjC] [integrity-sa/introspy-ios](https://github.com/integrity-sa/introspy-ios) Security profiling for blackbox iOS
- [**33**Star][1y] [Dockerfile] [immunit/cve-2018-11759](https://github.com/immunit/cve-2018-11759) Proof of concept showing how to exploit the CVE-2018-11759
- [**33**Star][2y] [Py] [illusivenetworks-labs/webtrap](https://github.com/illusivenetworks-labs/webtrap) This project is designed to create deceptive webpages to deceive and redirect attackers away from real websites.
- [**33**Star][2y] [Py] [ice3man543/malscan](https://github.com/ice3man543/malscan) A Simple PE File Heuristics Scanners
- [**33**Star][3m] [Py] [holloway/docvert-python3](https://github.com/holloway/docvert-python3) Docvert for Python3: Converts Office files to DocBook and clean HTML, diagrams to SVG/PNG, etc.
- [**33**Star][10d] [JS] [hfreire/facebook-login-for-robots](https://github.com/hfreire/facebook-login-for-robots) Facebook Login for
- [**33**Star][1m] [Py] [heikoheiko/pyethapp](https://github.com/heikoheiko/pyethapp) 
- [**33**Star][4m] [Py] [harryr/maltrieve](https://github.com/harryr/maltrieve) A tool to retrieve malware directly from the source for security researchers.
- [**33**Star][7m] [Py] [guedou/r2scapy](https://github.com/guedou/r2scapy) a radare2 plugin that decodes packets with Scapy
- [**33**Star][2m] [Py] [ghassani/mclf-ida-loader](https://github.com/ghassani/mclf-ida-loader) An IDA file loader for Mobicore trustlet and driver binaries
- [**33**Star][2y] [PS] [g4lb1t/invoke-noshell](https://github.com/g4lb1t/invoke-noshell) All the Power with no Shell
- [**33**Star][4y] [Py] [g4hsean/binauthor](https://github.com/g4hsean/binauthor) an IDA pro plugin developped through research at concordia in the area of binary authorship identification
- [**33**Star][25d] [C] [frankmorgner/openpace](https://github.com/frankmorgner/openpace) Cryptographic library for EAC version 2
- [**33**Star][7m] [JS] [francodacosta/phmagick](https://github.com/francodacosta/phmagick) image manipulation with php and imagemagick
- [**33**Star][21d] [JS] [fireyfly/webshark](https://github.com/fireyfly/webshark) 
- [**33**Star][8y] [Shell] [firebitsbr/hardeningone](https://github.com/firebitsbr/hardeningone) Scripts-Scanner de hardening de SO (Linux, OpenBSD, FreeBSD, apache, PHP e outros)
- [**33**Star][9y] [C] [falk3n/subversive](https://github.com/falk3n/subversive) x86_64 linux rootkit using debug registers
- [**33**Star][4m] [C++] [etsubu/nanovm](https://github.com/etsubu/nanovm) PoC lightweight x64 register based VM implementation
- [**33**Star][2m] [Py] [ernw/net.tcp-proxy](https://github.com/ernw/net.tcp-proxy) A python based library to interact with .net webservices with net.tcp binding. Supports MC-NMF, MC-NMFTB and MS-NNS and contains a proxy for reading communications with webservices which require the negotiate encryption.
- [**33**Star][5m] [Py] [ernw/dizzy-legacy](https://github.com/ernw/dizzy-legacy) Network and USB protocol fuzzing toolkit.
- [**33**Star][6m] [F#] [enkomio/misc](https://github.com/enkomio/misc) A repository with simple projects created for testing/learning purpose
- [**33**Star][3y] [Go] [egebalci/the-eye](https://github.com/egebalci/the-eye) Simple security surveillance script for linux distributions.
- [**33**Star][1m] [Shell] [edoverflow/curate](https://github.com/edoverflow/curate) A tool for fetching archived URLs (to be rewritten in Go).
- [**33**Star][3y] [C++] [ecologylab/ecotuiodriver](https://github.com/ecologylab/ecotuiodriver) Diver to convert tuio touch events into windows touch events. Started as GSoC 2012 project.
- [**33**Star][2m] [dweinstein/dockerfile-androguard](https://github.com/dweinstein/dockerfile-androguard) docker file for use with androguard python android app analysis tool
- [**33**Star][1m] [lololosys/awesome_cisco_exploitation](https://github.com/lololosys/awesome_cisco_exploitation) A curated list of awesome Cisco exploitation resources
- [**33**Star][12d] [Dockerfile] [dukebarman/ghidra-builder](https://github.com/dukebarman/ghidra-builder) Docker image for building ghidra RE framework from source
- [**33**Star][25d] [Py] [donctl/sandy](https://github.com/donctl/sandy) Release of the sandy framework.
- [**33**Star][17d] [Dockerfile] [dockage/tor-privoxy](https://github.com/dockage/tor-privoxy) Docker Tor proxy (http and shell) built on Alpine Linux
- [**33**Star][4m] [Py] [derv82/werdy](https://github.com/derv82/werdy) A set of Python scripts for generating, parsing, sorting, and saving wordlists.
- [**33**Star][2y] [C] [demonsec666/secist_applocker](https://github.com/demonsec666/secist_applocker) 
- [**33**Star][2y] [Shell] [deepwn/gitpagehijack](https://github.com/deepwn/gitpagehijack) OK now. Let's hijack github user's custom domain.
- [**33**Star][2m] [Py] [deadbits/shells](https://github.com/deadbits/shells) collection of useful shells for penetration tests
- [**33**Star][1y] [Alloy] [davw/midihack](https://github.com/davw/midihack) Algorithmic music project for MIDIHACK 2014
- [**33**Star][15d] [Lua] [danilabs/scripts-nse](https://github.com/danilabs/scripts-nse) Some NSE scripts to search information from routers
- [**33**Star][3m] [JS] [d0g3-lab/i-soon_ctf_2018](https://github.com/D0g3-Lab/i-SOON_CTF_2018) 2018 第一届安洵杯 题目环境/源码/WP
- [**33**Star][7m] [cz-nic/dns-fuzzing](https://github.com/cz-nic/dns-fuzzing) Repository to store unique seeds for DNS server fuzzing
- [**33**Star][8m] [Py] [cys3c/backdoorman](https://github.com/cys3c/backdoorman) BackdoorMan is a toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination.
- [**33**Star][15d] [C] [cyclaero/void-zones-tools](https://github.com/cyclaero/void-zones-tools) Prepare a list of void zones that can be readily feed into Unbound on FreeBSD
- [**33**Star][1m] [C] [ctxis/kgdb-android](https://github.com/ctxis/kgdb-android) Patches to the Nexus 6 (Shamu) kernel source to allow KGDB over serial debug cable
- [**33**Star][3m] [TS] [xfoxfu/clover](https://github.com/xfoxfu/clover) Shadowsocks and v2ray User Interface
- [**33**Star][19d] [C++] [chiehmin/sheepwall](https://github.com/chiehmin/sheepwall) Sniff plaintext account/password/cookie on router
- [**33**Star][19d] [JS] [checkmyhttps/checkmyhttps](https://github.com/checkmyhttps/checkmyhttps) We propose a user-friendly add-on that allows you to check if your encrypted web traffic (SSL/TLS) towards secured Internet servers (HTTPS) is not intercepted (being listened to).
- [**33**Star][1y] [cert-w/hadoop-attack-library](https://github.com/cert-w/hadoop-attack-library) A collection of pentest tools and resources targeting Hadoop environments
- [**33**Star][10d] [Py] [bsvineethiitg/malwaregan](https://github.com/bsvineethiitg/malwaregan) Visualizing malware behavior, and proactive protection using GANs against zero-day attacks.
- [**33**Star][12d] [JS] [bripkens/proxrox](https://github.com/bripkens/proxrox) Proxy services, combine origins, use SSI and more during development
- [**33**Star][4m] [JS] [bowlingtoolkit/discord-bots-hack-code](https://github.com/bowlingtoolkit/discord-bots-hack-code) Discord Bots Hacking
- [**33**Star][4m] [C] [bot-man-jl/wfp-traffic-redirection-driver](https://github.com/bot-man-jl/wfp-traffic-redirection-driver) WFP Traffic Redirection Driver is used to redirect NIC traffic on network layer and framing layer, based on Windows Filtering Platform (WFP).
- [**33**Star][4m] [PHP] [bmitch/codor](https://github.com/bmitch/codor) Custom PHPCS sniffs to find Code Smells
- [**33**Star][3m] [YARA] [blacktop/docker-yara](https://github.com/blacktop/docker-yara) Yara Dockerfile
- [**33**Star][1m] [Py] [binarlyhq/binarly-query](https://github.com/binarlyhq/binarly-query) Command-line Interface for Binar.ly
- [**33**Star][5m] [C] [berkanyildiz/driver.net](https://github.com/berkanyildiz/driver.net) Driver loading library for bypassing Windows Driver Signature Enforcement.
- [**33**Star][3y] [Shell] [b3rito/trolo](https://github.com/b3rito/trolo) trolo - an easy to use script for generating Payloads that bypasses antivirus
- [**33**Star][1m] [avery3r/re-writeups](https://github.com/avery3r/re-writeups) Writeups for my reverse engineering shanenagins
- [**33**Star][1y] [C#] [arunsatyarth/oneminer](https://github.com/arunsatyarth/oneminer) 1 Click miner for Ethereum, ZCash etc on windows. Supports mixed GPUs(Nvidia & AMD)
- [**33**Star][2m] [Py] [arthaud/formatstring](https://github.com/arthaud/formatstring) Format string exploitation helper
- [**33**Star][16d] [C++] [arduino/nina-fw](https://github.com/arduino/nina-fw) Firmware for u-blox NINA W102 WiFi/BT module
- [**33**Star][5m] [amoghbl1/tor-browser](https://github.com/amoghbl1/tor-browser) Orfox - A Tor Browser for Android
- [**33**Star][6m] [Py] [akiym/pedal](https://github.com/akiym/pedal) PEDAL - Python Exploit Development Assistance for GDB Lite
- [**33**Star][4m] [HTML] [adde88/manatoolkit](https://github.com/adde88/manatoolkit) Mana Toolkit - Module for the WiFi Pineapples.
- [**33**Star][4m] [Py] [4n4nk3/wordlister](https://github.com/4n4nk3/wordlister) A simple wordlist generator and mangler written in python.
- [**33**Star][1y] [Jupyter Notebook] [404notf0und/ai-for-security-testing](https://github.com/404notf0und/ai-for-security-testing) My AI security testing projects
- [**33**Star][2m] [Py] [3xp10it/xupload](https://github.com/3xp10it/xupload) A tool for automatically testing whether the upload function can upload webshell
- [**33**Star][4y] [C#] [3gstudent/smallp0wnedshell](https://github.com/3gstudent/smallp0wnedshell) Small modification version of p0wnedShell
- [**33**Star][29d] [JS] [1lastbr3ath/drmine](https://github.com/1lastbr3ath/drmine) Dr. Mine is a node script written to aid automatic detection of in-browser cryptojacking.
- [**33**Star][2y] [16667/metasploitable-3-ctf](https://github.com/16667/metasploitable-3-ctf) Metasploitable3 CTF Write-up
- [**33**Star][1m] [Py] [0xr0/hediye](https://github.com/0xr0/hediye) Hash Generator & Cracker
- [**32**Star][25d] [Go] [nishitm/gobox](https://github.com/nishitm/gobox) GO sandbox to run untrusted code
- [**32**Star][3m] [PS] [techthoughts2/poshgram](https://github.com/techthoughts2/poshgram) Send messages via the Telegram Bot API using PowerShell
- [**32**Star][14d] [Go] [aquasecurity/harbor-scanner-trivy](https://github.com/aquasecurity/harbor-scanner-trivy) Use Trivy as a plug-in vulnerability scanner in the Harbor registry
- [**32**Star][2m] [Py] [clemfromspace/scrapy-cloudflare-middleware](https://github.com/clemfromspace/scrapy-cloudflare-middleware) A Scrapy middleware to bypass the CloudFlare's anti-bot protection
- [**32**Star][9m] [JS] [cdnbye/p2p-ckplayer](https://github.com/cdnbye/p2p-ckplayer) 嵌入P2P引擎的CKPlayer，视频网站省流量&加速神器
- [**32**Star][4m] [Shell] [owasp/d4n155](https://github.com/owasp/d4n155) OWASP D4N155 - Intelligent and dynamic wordlist using OSINT
- [**32**Star][5m] [PS] [grayfold3d/posh-triage](https://github.com/grayfold3d/posh-triage) Tools for parsing Forensic images
- [**32**Star][4m] [redwolfintelligence/open-source-security-list-](https://github.com/redwolfintelligence/open-source-security-list-) This list of tools is meant to act as a staple resource for Small to Medium businesses. We understand the hardship of not being able to afford adequate security. We are firm believers that everyone deserves to be secure at a cost effective rate.
- [**32**Star][4m] [Ruby] [s1kr10s/d-link-dir-859-rce](https://github.com/s1kr10s/d-link-dir-859-rce) D-Link DIR-859 - RCE UnAutenticated (CVE-2019–17621)
- [**32**Star][27d] [C++] [robojackets/hungarian](https://github.com/robojackets/hungarian) C++ Implementation of the hungarian algorithm
- [**32**Star][1m] [Shell] [robotpy/roborio-vm](https://github.com/robotpy/roborio-vm) Scripts to create QEMU virtual machine from the RoboRIO image file
- [**32**Star][4m] [ekristen/docker-openvpn-client](https://github.com/ekristen/docker-openvpn-client) OpenVPN Client for Docker
- [**32**Star][23d] [Py] [ijanos/ebedke](https://github.com/ijanos/ebedke) crawl pages to check what is for lunch today
- [**32**Star][1m] [C#] [zhk0603/webcrawler](https://github.com/zhk0603/webcrawler) 一个轻量级、快速、多线程、多管道、灵活配置的网络爬虫。
- [**32**Star][15d] [CMake] [viaduck/openssl-cmake](https://github.com/viaduck/openssl-cmake) CMake wrapper for OpenSSL supporting cross-compilation
- [**32**Star][4m] [Go] [changkun/occamy](https://github.com/changkun/occamy) a modern remote desktop proxy written in Go
- [**32**Star][14d] [PHP] [samaybhavsar/google-scraper](https://github.com/samaybhavsar/google-scraper) This class can retrieve search results from Google.
- [**32**Star][1m] [Java] [devicehive/android-ble](https://github.com/devicehive/android-ble) DeviceHive Bluetooth Low Energy bridge for Android
- [**32**Star][3m] [JS] [mawrkus/jason-the-miner](https://github.com/mawrkus/jason-the-miner) 
- [**32**Star][30d] [Jupyter Notebook] [charleswyt/crawler](https://github.com/charleswyt/crawler) Crawler with Python 3.
- [**32**Star][7m] [Java] [tiagohm/bluedroid](https://github.com/tiagohm/bluedroid) Android Bluetooth Library
- [**32**Star][1m] [C] [earlephilhower/bearssl-esp8266](https://github.com/earlephilhower/bearssl-esp8266) Port of
- [**32**Star][3m] [JS] [reedd/crawler](https://github.com/reedd/crawler) Chromium / Puppeteer site crawler
- [**32**Star][2y] [JS] [ken113/javlibrary-api](https://github.com/ken113/javlibrary-api) 
- [**32**Star][5m] [Java] [project-artist/dexterous](https://github.com/project-artist/dexterous) Library and standalone CLI tool for apk/dex merging, repackaging and signing. Can also get used as a dex analyzer framework.
- [**32**Star][1y] [JS] [ezraripps/csgo-overpay-bot](https://github.com/ezraripps/csgo-overpay-bot) 
- [**32**Star][4m] [PS] [wikijm/powershell-adminscripts](https://github.com/wikijm/powershell-adminscripts) PowerShell Administration scripts
- [**32**Star][11d] [HTML] [flickz/newspaperjs](https://github.com/flickz/newspaperjs) News extraction and scraping. Article Parsing
- [**32**Star][23d] [C#] [jmacato/nsubsys](https://github.com/jmacato/nsubsys) MSBuild Task for changing Windows Portable Executable (PE) subsystem. Useful for hiding console window in .NET Core GUI Apps.
- [**32**Star][10d] [Go] [forgoer/openssl](https://github.com/forgoer/openssl) A functions wrapping of OpenSSL library for symmetric and asymmetric encryption and decryption.
- [**32**Star][5m] [Py] [wangy8961/python3-algorithms](https://github.com/wangy8961/python3-algorithms) Python3 数据结构与算法的介绍及应用。1. 数据结构：顺序表、链表、栈、队列、树、图； 2. 典型的排序算法：冒泡排序、选择排序、插入排序、希尔排序、堆排序、快速排序、归并排序、计数排序、基数排序； 3. 查找算法： 顺序查找，二分查找，哈希表查找、二叉树查找
- [**32**Star][12d] [chepurko/k8s-ovpn](https://github.com/chepurko/k8s-ovpn) OpenVPN on a Kubernetes cluster. Roll your own secure VPN cluster!
- [**32**Star][2m] [Py] [tenlee2012/scrapy-kafka-redis](https://github.com/tenlee2012/scrapy-kafka-redis) Distributed crawling/scraping, Kafka And Redis based components for Scrapy
- [**32**Star][22d] [Py] [gingeleski/odds-portal-scraper](https://github.com/gingeleski/odds-portal-scraper) Sports odds and results scraping for Odds Portal (oddsportal.com).
- [**32**Star][1y] [ashuray/interviewroom](https://github.com/ashuray/interviewroom) Contains all important data structure and algorithms problems asked in interviews
- [**32**Star][14d] [Go] [issue9/mux](https://github.com/issue9/mux) 功能完备的 Go 路由器
- [**32**Star][4m] [JS] [baidu/san-devtool](https://github.com/baidu/san-devtool) Browser developer tools extension for debugging San.
- [**32**Star][1m] [Py] [zerosteiner/crimson-forge](https://github.com/zerosteiner/crimson-forge) Sustainable shellcode evasion
- [**32**Star][10d] [Shell] [idkiro/ssmgr-install](https://github.com/idkiro/ssmgr-install) shadowsocks-manager 前端+后端+魔改BBR一键部署脚本
- [**32**Star][4m] [Py] [sevro/security-utilities](https://github.com/sevro/security-utilities) Offensive Security Certified Profesional (OSCP) course scripts, some have been generalized
- [**32**Star][2m] [HTML] [tkvpn/tkvpn.github.io](https://github.com/tkvpn/tkvpn.github.io) 这里提供全球多个网络加速节点，速度极快，提供免费试用。
- [**32**Star][1m] [Rust] [katattakd/katwebx](https://github.com/katattakd/katwebx) An extremely fast static web server and reverse proxy for the modern web.
- [**32**Star][4m] [HTML] [htr-tech/zphisher](https://github.com/htr-tech/zphisher) Automated Phishing Tool
- [**32**Star][4m] [Forth] [benhoyt/third](https://github.com/benhoyt/third) Third, a small Forth compiler for 8086 DOS
- [**32**Star][3y] [Go] [serverless-ss/slss](https://github.com/serverless-ss/slss) 
- [**32**Star][13d] [Swift] [itsjohnye/lead-ios-demo](https://github.com/itsjohnye/Lead-iOS-Demo) a featherweight iOS SS proxy client
- [**32**Star][11d] [Java] [snail007/goproxy-ss-plugin-android](https://github.com/snail007/goproxy-ss-plugin-android) goproxy安卓全局代理，ss goproxy安卓插件, goproxy :
- [**32**Star][11d] [Go] [avast/apkparser](https://github.com/avast/apkparser) APK manifest & resources parsing in Golang.
- [**32**Star][28d] [rhinosecuritylabs/presentations](https://github.com/rhinosecuritylabs/presentations) A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.
- [**32**Star][2m] [Py] [certtools/malware_name_mapping](https://github.com/certtools/malware_name_mapping) A mapping of used malware names to commonly known family names
- [**32**Star][15d] [sagishahar-zz/challenges](https://github.com/sagishahar-zz/challenges) Hacking challenges
- [**32**Star][8m] [C] [a0rtega/bdldr](https://github.com/a0rtega/bdldr) bdldr is an unofficial engine loader for Bitdefender ® for Linux
- [**32**Star][11d] [Py] [warner/magic-wormhole-transit-relay](https://github.com/warner/magic-wormhole-transit-relay) Transit Relay server for Magic-Wormhole
- [**32**Star][1y] [uwnetworkslab/uproxy-networking](https://github.com/uwnetworkslab/uproxy-networking) OBSOLETE
- [**32**Star][2m] [CSS] [spiderlabs/microphisher](https://github.com/spiderlabs/microphisher) µphisher spear phishing tool (reference implementation)
- [**32**Star][3m] [TeX] [seemoo-lab/talon-tools](https://github.com/seemoo-lab/talon-tools) Talon Tools: The Framework for Practical IEEE 802.11ad Research
- [**32**Star][10d] [C] [armmbed/mbed-bootloader](https://github.com/armmbed/mbed-bootloader) Generic bootloader to be used in conjunction with Pelion Device Management Client
- [**32**Star][25d] [HTML] [infosec-au/fuzzdb](https://github.com/infosec-au/fuzzdb) Automatically exported from code.google.com/p/fuzzdb
- [**32**Star][2m] [Go] [banzaicloud/dast-operator](https://github.com/banzaicloud/dast-operator) Dynamic Application Security Testing
- [**32**Star][17d] [Py] [m57/mycvt](https://github.com/m57/mycvt) Checkpoint Firewall Ruleset Auditor ( For the HTML exports when you do not have the object files )
- [**32**Star][4m] [Py] [k8gege/solrexp](https://github.com/k8gege/solrexp) Apache Solr <=8.2.0 Velocity Template 0day Exploit
- [**32**Star][26d] [HTML] [firewalltutor/firewalltutor.github.io](https://github.com/firewalltutor/firewalltutor.github.io) fire wall tutor 自建梯子教程 Google 翻墙 科学上网 代理工具 一键安装
- [**32**Star][1m] [vgkintsugi/ghidra-segasaturn-processor](https://github.com/vgkintsugi/ghidra-segasaturn-processor) A Ghidra processor module for the Sega Saturn (SuperH SH-2)
- [**32**Star][29d] [Py] [sy-records/speech_spiders](https://github.com/sy-records/speech_spiders) 
- [**32**Star][2m] [Py] [angelkitty/stegosaurus](https://github.com/angelkitty/stegosaurus) A steganography tool for embedding payloads within Python bytecode.
- [**32**Star][7m] [Py] [carlonelong/taobaommcrawler](https://github.com/carlonelong/taobaommcrawler) A simple crawler downloading photos of Taobao girls.
- [**32**Star][3m] [Py] [probr/probr-core](https://github.com/probr/probr-core) The core-component for generic WiFi tracking: remote device management, packet capturing, packet storage
- [**32**Star][1m] [C#] [cobbr/c2bridge](https://github.com/cobbr/c2bridge) C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.
- [**32**Star][9m] [Py] [haseebt/mremoteng-decrypt](https://github.com/haseebt/mremoteng-decrypt) Python script to decrypt passwords stored by mRemoteNG
- [**32**Star][14d] [C#] [fsecurelabs/athena](https://github.com/FSecureLABS/Athena) GUI Tool to generate threat intelligence information in various formats
- [**32**Star][2y] [Shell] [xxh3x/nethunter_universal](https://github.com/XXH3X/Nethunter_Universal) Kali Nethunter for any phone (Kerneless)
- [**32**Star][23d] [C++] [fdiskyou/winalloctracer](https://github.com/fdiskyou/WinAllocTracer) Pintool that logs and tracks calls to RtlAllocateHeap, RtlReAllocateHeap, RtlFreeHeap, VirtualAllocEx, and VirtualFreeEx.
- [**32**Star][2m] [JS] [ret2jazzy/ethereum-jsonrpc-dns-rebinding](https://github.com/ret2jazzy/Ethereum-JSONRPC-DNS-Rebinding) The PoC files for ethereum client's JSON-RPC DNS Rebinding
- [**32**Star][7m] [C++] [helpsystems/gdiobjdump](https://github.com/helpsystems/GDIObjDump) 
- [**32**Star][3m] [C] [zwclose/hidusb2](https://github.com/zwclose/hidusb2) hidusb.sys source code, Windows 10 hidusb.sys fully reversed
- [**32**Star][2y] [C#] [zodiacon/perfmonx](https://github.com/zodiacon/perfmonx) PerfMonX is an enhanced Performance Monitor tool
- [**32**Star][6m] [ObjC] [zjjno/interface-inspector-hook](https://github.com/zjjno/interface-inspector-hook) Interface Inspector破解
- [**32**Star][4m] [Ruby] [zeknox/scripts](https://github.com/zeknox/scripts) a collection of useful scripts that for penetration testers
- [**32**Star][11d] [C++] [z4yx/supervisor-mips32](https://github.com/z4yx/supervisor-mips32) 计算机组成原理课程32位监控程序
- [**32**Star][3m] [ysrc/shelldaddy](https://github.com/ysrc/shelldaddy) 跨平台 webshell 静态扫描器
- [**32**Star][5m] [Py] [yassineaboukir/asnlookup](https://github.com/yassineaboukir/asnlookup) Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
- [**32**Star][2m] [Py] [yanlinlin82/plcscan](https://github.com/yanlinlin82/plcscan) Automatically exported from code.google.com/p/plcscan
- [**32**Star][2m] [Py] [xurubin/aurasium](https://github.com/xurubin/aurasium) Practical security policy enforcement for Android apps via bytecode rewriting and in-place reference monitor
- [**32**Star][7d] [C++] [xoreos/xoreos-tools](https://github.com/xoreos/xoreos-tools) Tools to help the development of xoreos
- [**32**Star][1m] [Py] [xme/dockers](https://github.com/xme/dockers) Miscelaneous Dockers
- [**32**Star][23d] [Py] [x64dbg/x64dbgbinja](https://github.com/x64dbg/x64dbgbinja) Official x64dbg plugin for Binary Ninja
- [**32**Star][2m] [PHP] [wstart/webshell](https://github.com/wstart/webshell) This is a webshell open source project
- [**32**Star][2m] [Jupyter Notebook] [wlmeng11/rtl-ultrasound](https://github.com/wlmeng11/rtl-ultrasound) 
- [**32**Star][3y] [vulnex/tintorera](https://github.com/vulnex/tintorera) Source Code Intelligence
- [**32**Star][10m] [vulnerscom/detect-rules](https://github.com/vulnerscom/detect-rules) Vulners signature-base software version detection rules
- [**32**Star][3m] [Shell] [vt-magnum-research/antimalware](https://github.com/vt-magnum-research/antimalware) Dynamic malware analysis for the Android platform
- [**32**Star][13d] [C++] [vector35/generate_assembler](https://github.com/vector35/generate_assembler) generate assemblers from disassemblers, 2018 jailbreak security summit talk
- [**32**Star][4m] [C#] [valsov/backnet](https://github.com/valsov/backnet) Remote Administration Tool with botnet capability, Windows
- [**32**Star][10m] [vah13/oracle-bi-bugs](https://github.com/vah13/oracle-bi-bugs) 
- [**32**Star][9m] [C++] [unknownv2/linuxdetours](https://github.com/unknownv2/linuxdetours) A function intercept library for Linux applications
- [**32**Star][1m] [PHP] [ubient/laravel-pwned-passwords](https://github.com/ubient/laravel-pwned-passwords) A Laravel validation rule to determine whether a given password is pwned (insecure)
- [**32**Star][3y] [C] [tlgyt/dirtycowandroid](https://github.com/tlgyt/dirtycowandroid) Repo For Working on Dirty Cow Based Android Root Method
- [**32**Star][11m] [C] [texane/nrf](https://github.com/texane/nrf) nordic semiconductor wireless chipsets related code
- [**32**Star][4y] [Py] [tengzhangchao/information](https://github.com/tengzhangchao/information) windows Server Information gathering tool (主机信息收集工具)
- [**32**Star][4m] [PHP] [teamharekaze/harekazectf2019-challenges](https://github.com/teamharekaze/harekazectf2019-challenges) Harekaze CTF 2019 challenges
- [**32**Star][6m] [talltechy/infosec_it-conferences-and-certs-usa](https://github.com/talltechy/infosec_it-conferences-and-certs-usa) USA based Information Security & I.T. Conferences
- [**32**Star][11d] [C] [sysprogs/openocd](https://github.com/sysprogs/openocd) OpenOCD shipped with VisualGDB. Built with CMake.
- [**32**Star][25d] [JS] [stephenlb/spoken](https://github.com/stephenlb/spoken) Spoken - JavaScript Text-to-Speech and Speech-to-Text for AI Artificial Intelligence Apps
- [**32**Star][2y] [Py] [starnightcyber/cve-2017-11882](https://github.com/starnightcyber/cve-2017-11882) CVE-2017-11882 exploitation
- [**32**Star][3y] [C] [srakai/adun](https://github.com/srakai/adun) A way to backdoor every process
- [**32**Star][11m] [Ruby] [shopify/ssllabs.rb](https://github.com/shopify/ssllabs.rb) 
- [**32**Star][3y] [shadowsocksrr/shadowsocksx-ng](https://github.com/shadowsocksrr/shadowsocksx-ng) Next Generation of ShadowsocksX
- [**32**Star][4m] [Py] [serpilliere/elfesteem](https://github.com/serpilliere/elfesteem) Automatically exported from code.google.com/p/elfesteem
- [**32**Star][8y] [C] [sergiocampama/launchpad](https://github.com/sergiocampama/launchpad) Launchpad mini projects. Includes mspgcc installation instructions for Ubuntu
- [**32**Star][7m] [Elixir] [sebastianszturo/bolt](https://github.com/sebastianszturo/bolt) Simple and fast http proxy living in the Erlang VM
- [**32**Star][5y] [HTML] [schmalle/nodepot](https://github.com/schmalle/nodepot) A nodejs web application honeypot
- [**32**Star][8m] [sapran/ukraine-infosec-conferences](https://github.com/sapran/ukraine-infosec-conferences) Анонси, програми та архів матеріалів українських конференцій з кібер-безпеки.
- [**32**Star][2y] [JS] [s03d4-164/hiryu](https://github.com/s03d4-164/hiryu) IOC Management and Visualization Tool
- [**32**Star][17d] [Shell] [s-o-t/telegram-3proxy-install](https://github.com/s-o-t/telegram-3proxy-install) Bash script to install socks5 proxy (3proxy) configured for telegram.
- [**32**Star][1m] [C#] [rvazarkar/antipwny](https://github.com/rvazarkar/antipwny) A host based IDS written in C# Targetted at Metasploit
- [**32**Star][3y] [Py] [rurik/pe_carver](https://github.com/rurik/pe_carver) Carves EXEs from given data files, using intelligent carving based upon PE headers
- [**32**Star][2m] [JS] [rpgeeganage/file-less-ransomware-demo](https://github.com/rpgeeganage/file-less-ransomware-demo) Demonstrate about file-less malware approach using JavaScript
- [**32**Star][7y] [PS] [roo7break/powershell-scripts](https://github.com/roo7break/powershell-scripts) List of PowerShell scripts conjured up for my consumption (you are welcome to use)
- [**32**Star][1m] [C++] [rokups/hooker](https://github.com/rokups/hooker) Minimalistic hooking library written in C
- [**32**Star][3m] [HTML] [rh0dev/shellcode2asmjs](https://github.com/rh0dev/shellcode2asmjs) Automatically generate ASM.JS JIT-Spray payloads
- [**32**Star][1m] [CSS] [remmina/et-electron](https://github.com/remmina/et-electron) Eagle Tunnel 的图形化客户端，一个简单的代理工具
- [**32**Star][8m] [PHP] [realtimeprojects/quixplorer](https://github.com/realtimeprojects/quixplorer) simply upload and download files to your webserver with a web-interface
- [**32**Star][8m] [C] [rakion99/icememe](https://github.com/rakion99/icememe) Roblox Exploit Source Code Called IceMeme with some cmds, lua c and limited lua execution with simple ui in c#
- [**32**Star][8m] [Py] [raccoons-team/ctf](https://github.com/raccoons-team/ctf) Writeups for CTF competitions.
- [**32**Star][4m] [Go] [pyinx/zk-sniffer](https://github.com/pyinx/zk-sniffer) sniffer and parse zookeeper packet
- [**32**Star][4m] [Shell] [putsi/privatecollaborator](https://github.com/putsi/privatecollaborator) A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
- [**32**Star][3m] [JS] [puritys/chromesecureshell](https://github.com/puritys/chromesecureshell) Hack chrome secure shell for improving usability
- [**32**Star][1m] [Java] [pnfsoftware/jeb2-plugin-oat](https://github.com/pnfsoftware/jeb2-plugin-oat) Android OAT Plugin for JEB
- [**32**Star][10d] [Py] [pmsosa/pylogger](https://github.com/pmsosa/pylogger) 
- [**32**Star][2m] [HTML] [plaperdr/fprandom](https://github.com/plaperdr/fprandom) A browser to counter advanced fingerprinting techniques
- [**32**Star][30d] [Py] [plaperdr/blink-docker](https://github.com/plaperdr/blink-docker) Tool to mitigate browser fingerprint tracking
- [**32**Star][2y] [PHP] [opt-oss/ng-netms](https://github.com/opt-oss/ng-netms) NG-NetMS is a new end-to-end network management platform for your Linux servers, Cisco, Juniper, HP and Extreme routers, switches and firewalls.
- [**32**Star][3m] [HCL] [opendevsecops/terraform-aws-scanner](https://github.com/opendevsecops/terraform-aws-scanner) Terraform module which provides easy to configure AWS environment for running automated security scanning solutions at scheduled intervals.
- [**32**Star][5m] [C#] [nyan-x-cat/dropless-malware](https://github.com/nyan-x-cat/dropless-malware) Download a payload and make it run from registry without droppng.
- [**32**Star][18d] [Py] [numirias/firefed](https://github.com/numirias/firefed) 
- [**32**Star][1m] [C] [nsacyber/simon-speck-supercop](https://github.com/nsacyber/simon-speck-supercop) Fast implementations of the SIMON and SPECK lightweight block ciphers for the SUPERCOP benchmark toolkit. #nsacyber
- [**32**Star][13d] [JS] [npm/npm-packlist](https://github.com/npm/npm-packlist) Walk through a folder and figure out what goes in an npm package
- [**32**Star][2m] [C++] [netdex/twinject](https://github.com/netdex/twinject) Automated player and hooking framework for bullet hell games from the Touhou Project
- [**32**Star][4m] [Py] [needmorecowbell/funnel](https://github.com/needmorecowbell/funnel) Funnel is a lightweight yara-based feed scraper
- [**32**Star][2y] [Py] [ne0nd0g/guinevere](https://github.com/ne0nd0g/guinevere) Automated Security Assessment Reporting Tool
- [**32**Star][1y] [Py] [multiangle/distributed_microblog_spider](https://github.com/multiangle/distributed_microblog_spider) 分布式新浪微博爬虫
- [**32**Star][3y] [Shell] [mseclab/ahe17](https://github.com/mseclab/ahe17) Android Hacking Event 2017 Write-up
- [**32**Star][2m] [C#] [modzero/mod0umleitung](https://github.com/modzero/mod0umleitung) modzero DNS Masquerading Server for Windows
- [**32**Star][6y] [C] [mitrecnd/pynids](https://github.com/mitrecnd/pynids) 
- [**32**Star][1y] [Py] [mimoo/rsa_pkcs1v1_5_attacks](https://github.com/mimoo/rsa_pkcs1v1_5_attacks) Implementation of Bleichenbacher, Manger and Ben-Or attacks on RSA PKCS#1 v1.5
- [**32**Star][3y] [C++] [mgeeky/hevd_kernel_exploit](https://github.com/mgeeky/hevd_kernel_exploit) Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
- [**32**Star][2y] [Py] [mgale/dhcpsnoop](https://github.com/mgale/dhcpsnoop) DHCP Snooping app - great for finding rogue DHCP servers
- [**32**Star][3y] [Py] [medhini/malicious_website_detection](https://github.com/medhini/malicious_website_detection) Uses deep learning and machine learning techniques to detect and classify web pages as spam, malware and phishing
- [**32**Star][29d] [Py] [max-andr/provably-robust-boosting](https://github.com/max-andr/provably-robust-boosting) Provably Robust Boosted Decision Stumps and Trees against Adversarial Attacks [NeurIPS 2019]
- [**32**Star][10m] [Java] [malerisch/burp-csj](https://github.com/malerisch/burp-csj) BurpCSJ extension for Burp Pro - Crawljax Selenium JUnit integration
- [**32**Star][2y] [ObjC] [lycajb/lycajb](https://github.com/lycajb/lycajb) LycaJB is a project that aims to fill the gap in iOS 11.0 - 11.3.1 jailbreaks. While this jailbreak is specifically aimed at developers it could be turned into a public stable jailbreak which includes Cydia. Right now we had to make the hard decision to remove Cydia from LycaJB as it caused our test devices to bootloop. We are working hard to ma…
- [**32**Star][3m] [Py] [luca-m/lsb-toolkit](https://github.com/luca-m/lsb-toolkit) This is a small and simple toolkit that might be useful during steganalysis, it is currently composed by several general purpose command line tools.
- [**32**Star][20d] [HTML] [locomotive-crypto/crypto_book_1st](https://github.com/locomotive-crypto/crypto_book_1st) 《深入浅出CryptoPP密码学库》随书电子文档
- [**32**Star][5m] [Shell] [lmartinking/monkey-tail](https://github.com/lmartinking/monkey-tail) A swiss army knife of commands and shell hacks, using @ as the prefix
- [**32**Star][4m] [Py] [lionheart/pwnedpasswords](https://github.com/lionheart/pwnedpasswords) A Python Library and CLI for the Pwned Passwords v2 API
- [**32**Star][6y] [Perl] [linvex/mitm-squid](https://github.com/linvex/mitm-squid) sharing some files of MITM-squid attack.
- [**32**Star][1y] [Assembly] [linuxthor/uul](https://github.com/linuxthor/uul) ELF binary that runs on several different *nix flavours. Works out which variant it's being run on and runs code specific to that.
- [**32**Star][10d] [Rust] [kugg/tclscan](https://github.com/kugg/tclscan) Scans tcl for command injection
- [**32**Star][11m] [knoobdev/bypass-facebook-ssl-pinning](https://github.com/knoobdev/bypass-facebook-ssl-pinning) Bypassing ssl pinning for facebook android app
- [**32**Star][5m] [C++] [kerlomz/captcha_library_c](https://github.com/kerlomz/captcha_library_c) 本项目可以用来调用
- [**32**Star][5m] [karelorigin/xss-problems](https://github.com/karelorigin/xss-problems) 
- [**32**Star][2m] [Py] [jwomers/many-time-pad-attack](https://github.com/jwomers/many-time-pad-attack) Attacking A Many Time Pad - Cryptography
- [**32**Star][8m] [Shell] [jriguera/coreos-usb-creator](https://github.com/jriguera/coreos-usb-creator) Coreos live image builder with cloud-config on FAT32 to easily create POC
- [**32**Star][17d] [Java] [joychou93/trident](https://github.com/joychou93/trident) Java通用漏洞修复安全组件
- [**32**Star][6y] [Py] [jonmetz/androfuzz](https://github.com/jonmetz/androfuzz) A fuzzing utility for Android that focuses on reporting and delivery portions of the fuzzing process
- [**32**Star][5m] [Py] [jofpin/fuckshell](https://github.com/jofpin/fuckshell) Simple Webshell Scanner
- [**32**Star][1m] [JS] [joeferner/node-gitgui](https://github.com/joeferner/node-gitgui) Git GUI written in node.js
- [**32**Star][1m] [Shell] [jlevitsk/lazykali](https://github.com/jlevitsk/lazykali) A refresh of LazyKali which simplifies install of tools and configuration. Original author appears missing.
- [**32**Star][17d] [Ruby] [jjyg/ssh_decoder](https://github.com/jjyg/ssh_decoder) 
- [**32**Star][2m] [C++] [jingpu/pintools](https://github.com/jingpu/pintools) 
- [**32**Star][9m] [Ruby] [jduck/addjsif](https://github.com/jduck/addjsif) Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)
- [**32**Star][2m] [C] [jcsaezal/pmctrack](https://github.com/jcsaezal/pmctrack) an OS-oriented performance monitoring tool for Linux (
- [**32**Star][3m] [Shell] [jaybrown/macos-security-updates](https://github.com/jaybrown/macos-security-updates) Notifies the user of updates to macOS Security components like Gatekeeper and XProtect
- [**32**Star][1y] [Py] [james9909/practicectf](https://github.com/james9909/practicectf) Write-ups for past CTFs done during my free time
- [**32**Star][1y] [C++] [jacksonvd/pwnedpasswordsdll-api](https://github.com/jacksonvd/pwnedpasswordsdll-api) Open source solution to check prospective AD passwords against previously breached passwords
- [**32**Star][6y] [Py] [iphelix/ida-pomidor](https://github.com/iphelix/ida-pomidor) a productivity plugin for Hex-Ray's IDA Pro disassembler.
- [**32**Star][13d] [Py] [innogames/polysh](https://github.com/innogames/polysh) Polysh, the remote shell multiplexer
- [**32**Star][5m] [PS] [improsec/get-badpasswords](https://github.com/improsec/get-badpasswords) Get insights into the actual strength and quality of passwords in Active Directory.
- [**32**Star][4m] [Shell] [illkx/smokeping-onekey](https://github.com/illkx/smokeping-onekey) 
- [**32**Star][2y] [Py] [ihack4falafel/subrosa](https://github.com/ihack4falafel/subrosa) Basic tool to automate backdooring PE files
- [**32**Star][6y] [C++] [igh0st/crypters](https://github.com/igh0st/crypters) Various Crypter Project
- [**32**Star][5m] [idkwim/frooksinatra](https://github.com/idkwim/frooksinatra) POC of sysenter x64 LSTAR MSR hook
- [**32**Star][5m] [Py] [ickerwx/pattern](https://github.com/ickerwx/pattern) Python implementation of Metasploit's pattern_create/pattern_offset.
- [**32**Star][3m] [C] [realbearcat/cve-2017-16995](https://github.com/RealBearcat/CVE-2017-16995) Linux Kernel Version 4.14 - 4.4 (Ubuntu && Debian)
- [**32**Star][4m] [C] [hklcf/mirai](https://github.com/hklcf/mirai) Source code for the Mirai botnet - Not going anywhere anytime soon
- [**32**Star][5m] [C] [hfiref0x/rocall](https://github.com/hfiref0x/rocall) ReactOS x86-32 syscall fuzzer
- [**32**Star][1m] [Py] [hchasestevens/tracing](https://github.com/hchasestevens/tracing) Utilities for tracing program execution line-by-line
- [**32**Star][4m] [MATLAB] [hcab14/tdoa](https://github.com/hcab14/tdoa) Time difference of arrival (TDoA) multi-lateration
- [**32**Star][5y] [Py] [hacksysteam/exploitreliabilitytestingsystem](https://github.com/hacksysteam/exploitreliabilitytestingsystem) Exploit Reliability Testing System
- [**32**Star][3y] [Assembly] [gyje/bios_rootkit](https://github.com/gyje/bios_rootkit) 来自Freebuf评论区,一个UEFI马.
- [**32**Star][3m] [Go] [guitmz/go-liora](https://github.com/guitmz/go-liora) Probably the first binary (PE/ELF) infector ever created in GoLang.
- [**32**Star][11m] [C] [gregoryvds/tcpsnitch](https://github.com/gregoryvds/tcpsnitch) TCPSnitch - Tracing the sockets API usage
- [**32**Star][9m] [C#] [graykernel/graystorm](https://github.com/graykernel/graystorm) In memory attack platform for C# Applications
- [**32**Star][7y] [C++] [glmcdona/malm](https://github.com/glmcdona/malm) MALM: Malware Monitor
- [**32**Star][19d] [C] [gdbinit/can_i_suid](https://github.com/gdbinit/can_i_suid) A TrustedBSD module to control execution of binaries with suid bit set
- [**32**Star][2m] [Py] [fsacer/nps_payload](https://github.com/fsacer/nps_payload) This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (
- [**32**Star][2y] [C] [freener/exploits](https://github.com/freener/exploits) 
- [**32**Star][5m] [C] [fread-ink/fread-ink](https://github.com/fread-ink/fread-ink) Staging all the fread.ink stuff here for now.
- [**32**Star][2y] [C++] [fortiguard-lion/rpcview](https://github.com/fortiguard-lion/rpcview) RpcView is a free tool to explore and decompile Microsoft RPC interfaces
- [**32**Star][4m] [Py] [forcebru/pyvm](https://github.com/forcebru/pyvm) A virtual machine written in Python that executes x86 binaries according to the Intel Software Developer Manual
- [**32**Star][5m] [HLSL] [foonull/halomd](https://github.com/foonull/halomd) New demo version of Halo for the Mac.
- [**32**Star][19d] [Py] [flo354/iosforensic](https://github.com/flo354/iosforensic) iOS forensic tool
- [**32**Star][4m] [C++] [exorxw/kylin-llvm-obfuscator](https://github.com/exorxw/kylin-llvm-obfuscator) based on llvm 5.0.1 release with ollvm
- [**32**Star][4m] [Py] [sevro/security-utilities](https://github.com/sevro/security-utilities) Offensive Security Certified Profesional (OSCP) course scripts, some have been generalized
- [**32**Star][6m] [C++] [etormadiv/hostingclr](https://github.com/etormadiv/hostingclr) Executing a .NET Assembly from C++ in Memory (CLR Hosting)
- [**32**Star][6m] [Shell] [duoduo369/oh-my-shadowsocks](https://github.com/duoduo369/oh-my-shadowsocks) shadowsocks config on server, supervisor support
- [**32**Star][10d] [Go] [devsu/grpc-proxy](https://github.com/devsu/grpc-proxy) A runnable, configurable Go reverse proxy that allows for rich routing of gRPC calls with minimum overhead. Built on top of mwitkow/grpc-proxy
- [**32**Star][4m] [defconrome/meetings-2019](https://github.com/defconrome/meetings-2019) Slides and stuffs of the meetings during the 2019
- [**32**Star][2y] [C] [defcon-russia/metasploit-payloads](https://github.com/defcon-russia/metasploit-payloads) Unified repository for different Metasploit Framework payloads
- [**32**Star][2y] [C] [deadnumbers/pegasus](https://github.com/deadnumbers/pegasus) Carbanak leaked source
- [**32**Star][29d] [Py] [deadbits/arcreactor](https://github.com/deadbits/arcreactor) open-source intelligence gathering for SIEMs <3
- [**32**Star][7m] [HTML] [ddvkid/ng-treetable](https://github.com/ddvkid/ng-treetable) A treetable module for angular 5
- [**32**Star][3y] [Py] [d4vinci/clickjacking-tester](https://github.com/d4vinci/clickjacking-tester) A python script designed to check if the website if vulnerable of clickjacking and create a poc
- [**32**Star][4y] [Py] [cryptax/fittools](https://github.com/cryptax/fittools) Wristband research tools
- [**32**Star][1m] [Shell] [crackpkcs12/crackpkcs12](https://github.com/crackpkcs12/crackpkcs12) A multithreaded program to crack PKCS#12 files (p12 and pfx extensions)
- [**32**Star][30d] [C++] [concealnetwork/conceal-desktop](https://github.com/concealnetwork/conceal-desktop) Conceal Desktop Wallet (GUI)
- [**32**Star][1y] [Py] [coldheat/quicksec](https://github.com/coldheat/quicksec) IDAPython script for quick vulnerability analysis
- [**32**Star][7m] [Py] [codingo/ransomware-json-dataset](https://github.com/codingo/ransomware-json-dataset) Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ransomware.
- [**32**Star][22d] [Py] [clarketm/s3recon](https://github.com/clarketm/s3recon) Amazon S3 bucket finder and crawler.
- [**32**Star][4m] [C] [christianpapathanasiou/apache-rootkit](https://github.com/christianpapathanasiou/apache-rootkit) A malicious Apache module with rootkit functionality
- [**32**Star][11m] [Py] [charliedean/psexecspray](https://github.com/charliedean/psexecspray) Spray SMB with hashes, Then psexec
- [**32**Star][8m] [C#] [cfwprpht/free-ps2-pub-gen](https://github.com/cfwprpht/free-ps2-pub-gen) Automated Tool for flatz PS4- PS2 Emu PKG Technic.
- [**32**Star][4m] [JS] [calidog/certstream-js](https://github.com/calidog/certstream-js) Javascript library for connecting to the CertStream network.
- [**32**Star][3y] [Py] [bwsw/webshell](https://github.com/bwsw/webshell) Docker container which includes Shellinabox and enables SSH connections to arbitrary (not where installed) servers
- [**32**Star][2m] [Go] [boxproject/voucher](https://github.com/boxproject/voucher) Enterprise-grade security solution for digital assets custody, using a cryptographically secure offline network.
- [**32**Star][4m] [Py] [bhai4you/ip-attack](https://github.com/bhai4you/ip-attack) Auto IP or Domain Attack Tool ( #1 )
- [**32**Star][2m] [Py] [bannsec/pythaw](https://github.com/bannsec/pythaw) Python Application to Reverse Freezing
- [**32**Star][3m] [Py] [as0ler/r2clutch](https://github.com/as0ler/r2clutch) r2-based tool to decrypt iOS applications
- [**32**Star][7m] [C] [arduino/tftp-bootloader](https://github.com/arduino/tftp-bootloader) An unfinished TFTP bootloader for Arduino Ethernet
- [**32**Star][2y] [applebetas/mterminal-jailed](https://github.com/applebetas/mterminal-jailed) An iOS 11 compatible fork of MTerminal using Ian Beer's tfp0 exploit
- [**32**Star][12d] [JS] [antville/antville](https://github.com/antville/antville) The Queen Mum of Weblog Hosting Systems – written in server-side JavaScript since 2001.
- [**32**Star][3y] [C] [antagon/tchunt-ng](https://github.com/antagon/tchunt-ng) Reveal encrypted files stored on a filesystem.
- [**32**Star][3m] [Go] [andrewwebber/kate](https://github.com/andrewwebber/kate) Because Clair needs a friend
- [**32**Star][11d] [Go] [ammario/ipisp](https://github.com/ammario/ipisp) Query IP address network information in Go
- [**32**Star][3m] [C] [alienrobotarmy/ctunnel](https://github.com/alienrobotarmy/ctunnel) ctunnel is a proxy and VPN software for tunneling TCP and UDP connections securely
- [**32**Star][2y] [C] [alex9191/netdriver](https://github.com/alex9191/netdriver) kernel-mode TDI client which can send and receive HTTP requests
- [**32**Star][2y] [C] [alex9191/kernelmodemonitor](https://github.com/alex9191/kernelmodemonitor) Kernel-Mode driver and User-Mode application communication project
- [**32**Star][2y] [C++] [abatchy17/hevd-exploits](https://github.com/abatchy17/hevd-exploits) Exploit code used for the HackSysExtremeVulnerableDriver.
- [**32**Star][4y] [HTML] [a0xnirudh/webxploiter](https://github.com/a0xnirudh/webxploiter) WebXploiter - An OWASP Top 10 Security scanner !
- [**32**Star][1y] [PHP] [7hxz233/ctf](https://github.com/7hxz233/ctf) This repo stores all challenges and writeups of CTFs we have participated in
- [**32**Star][4m] [KiCad Layout] [5n44p/omega-dock-new](https://github.com/5n44p/omega-dock-new) A dock for Onion omega, omega2 and omega2+. It features: Microusb for power supply, USB host, Ethernet
- [**32**Star][2m] [C#] [3gstudent/gadgettojscript](https://github.com/3gstudent/gadgettojscript) (Small change to make it easier to test the payload and combine it with SILENTTRINITY.)A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS based scripts.
- [**32**Star][4y] [C] [211217613/c-hacking](https://github.com/211217613/c-hacking) Practice and learning in the world of C RE and exploit analysis
- [**32**Star][2y] [Makefile] [1bitsy/1bitsy-examples](https://github.com/1bitsy/1bitsy-examples) Example projects for the 1BitSy development boards.
- [**32**Star][25d] [Py] [00xc/h2buster](https://github.com/00xc/h2buster) A threaded, recursive, web directory brute-force scanner over HTTP/2.
- [**32**Star][2y] [Py] [003random/icu](https://github.com/003random/icu) An Extended, Modulair, Host Discovery Framework
- [**31**Star][13d] [Py] [jomingyu/google-play-scraper](https://github.com/jomingyu/google-play-scraper) Google play scraper for Python inspired by <facundoolano/google-play-scraper>
- [**31**Star][15d] [Py] [fabriziomiano/linkedin-scraper](https://github.com/fabriziomiano/linkedin-scraper) Tool to scrape linkedin
- [**31**Star][9m] [JS] [samuelmaddock/swarm-peer-server](https://github.com/samuelmaddock/swarm-peer-server) 🖧 A network swarm for creating secure P2P connections over BitTorrent DHT, DNS, and mDNS.
- [**31**Star][27d] [HCL] [opsgang/terraform-aws-pritunl-vpn-server](https://github.com/opsgang/terraform-aws-pritunl-vpn-server) Pritunl VPN Server for your public/private like VPC on AWS
- [**31**Star][3m] [Go] [hownetworks/tracetrout](https://github.com/hownetworks/tracetrout) A magical reverse traceroute HTTP(S) server
- [**31**Star][4m] [Java] [vsch/javafx-webview-debugger](https://github.com/vsch/javafx-webview-debugger) Full Featured Google Chrome Dev Tools to JavaFX WebView browser debugging.
- [**31**Star][1y] [C] [segnolin/vobfus](https://github.com/segnolin/vobfus) virtualization obfuscator inspired by juhajong/vm-obfuscator
- [**31**Star][12d] [Py] [j3patel/linkedin-learning-video-downloader](https://github.com/j3patel/linkedin-learning-video-downloader) LinkedIn video learning video downloader July 2019
- [**31**Star][19d] [Dockerfile] [jianyan74/dockerfiles](https://github.com/jianyan74/dockerfiles) docker 快速搭建稳定安全的开发/生产环境
- [**31**Star][10d] [Java] [geektcp/alpha-serac](https://github.com/geektcp/alpha-serac) 冰塔协议-传输层协议
- [**31**Star][4m] [Py] [certego/intelowl](https://github.com/certego/intelowl) Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
- [**31**Star][15d] [Java] [qdghj/burp_data_collector](https://github.com/qdghj/burp_data_collector) A Burp plugin that collects Burp request parameters, directories, paths and file names into the database for sorting
- [**31**Star][4m] [Shell] [plazmaz/cve-2019-18634](https://github.com/plazmaz/cve-2019-18634) 
- [**31**Star][3m] [PS] [decoder-it/hyper-v-admin-eop](https://github.com/decoder-it/hyper-v-admin-eop) Small POC in powershell exploiting hardlinks during the VM deletion process
- [**31**Star][4m] [Py] [fullshade/poppopret-nullbyte-dll-bypass](https://github.com/fullshade/poppopret-nullbyte-dll-bypass) A method to bypass a null byte in a POP-POP-RETN address for exploiting local SEH overflows via DLL injection
- [**31**Star][3m] [TS] [tamarasaurus/immo-feed](https://github.com/tamarasaurus/immo-feed) A extensible app for scraping property listings
- [**31**Star][6m] [JS] [groovecoder/discord](https://github.com/groovecoder/discord) GitHub webhook that analyzes pull requests and adds comments about incompatible CSS
- [**31**Star][1m] [JS] [jesperorb/node-api-proxy](https://github.com/jesperorb/node-api-proxy) Node API Proxy server that redirects API-calls
- [**31**Star][1y] [Java] [dividiti/crowdsource-video-experiments-on-android](https://github.com/dividiti/crowdsource-video-experiments-on-android) Crowdsourcing video experiments (such as collaborative benchmarking and optimization of DNN algorithms) using Collective Knowledge Framework across diverse Android devices provided by volunteers. Results are continuously aggregated in the open repository:
- [**31**Star][24d] [JS] [loginov-rocks/bluetooth-terminal](https://github.com/loginov-rocks/bluetooth-terminal) ES6 class for serial communication with your own Bluetooth Low Energy (Smart) devices
- [**31**Star][1m] [C] [staskobzar/amiws](https://github.com/staskobzar/amiws) Asterisk Management Interface (AMI) to Web-socket proxy
- [**31**Star][4m] [Py] [neod0matrix/pixivcrawleriii](https://github.com/neod0matrix/pixivcrawleriii) A python3 crawler for crawling Pixiv ranking top and any illustrator all artworks
- [**31**Star][4m] [Java] [soberqian/java-carwler-technology](https://github.com/soberqian/java-carwler-technology) 网络数据采集技术—Java网络爬虫 (书稿完整代码，涉及网络爬虫的各种技术和知识点)
- [**31**Star][3m] [Go] [rakanalh/grawler](https://github.com/rakanalh/grawler) A web crawler / scraper engine written in Golang
- [**31**Star][27d] [C] [kzen-networks/class](https://github.com/kzen-networks/class) Rust library for building IQC: cryptography based on class groups of imaginary quadratic orders
- [**31**Star][15d] [PHP] [znerox/wifimap](https://github.com/znerox/wifimap) Data from local WiGLE db, overlayed on Google Maps
- [**31**Star][16d] [Shell] [vodker/wifimosys](https://github.com/vodker/wifimosys) Ataque EVIL TWIN
- [**31**Star][5m] [Py] [kitware/minerva](https://github.com/kitware/minerva) Minerva: client/server/services for analysis and visualization
- [**31**Star][24d] [Py] [xiantang/spider](https://github.com/xiantang/spider) web crawler(网络爬虫)
- [**31**Star][18d] [HTML] [rfussien/leboncoin-crawler](https://github.com/rfussien/leboncoin-crawler) Crawler for leboncoin.fr
- [**31**Star][6m] [Rust] [flier/rust-macho](https://github.com/flier/rust-macho) Mach-O File Format Parser for Rust
- [**31**Star][2m] [Shell] [mehedishakeel/broadcominstaller2017](https://github.com/mehedishakeel/broadcominstaller2017) Automated Shell Script Install WiFi Driver ( Broadcom ) in Kali Linux 2017.1 Made By SSTec Tutorials.
- [**31**Star][4m] [TS] [boi123212321/porn-scraper](https://github.com/boi123212321/porn-scraper) Data modeling & scraping various porn sites
- [**31**Star][11d] [Dart] [sachaarbonel/scrapy.dart](https://github.com/sachaarbonel/scrapy.dart) Scrapy, a fast high-level web crawling & scraping framework for dart and Flutter
- [**31**Star][25d] [ObjC] [cwbudde/cordova-plugin-wkwebview-inject-cookie](https://github.com/cwbudde/cordova-plugin-wkwebview-inject-cookie) Injects a cookie in order to start the sync processs with wkWebView
- [**31**Star][2m] [C] [peterpawn/decoder](https://github.com/peterpawn/decoder) "secrets" decoding for FRITZ!OS devices
- [**31**Star][7d] [C++] [mxtommy/sigksens](https://github.com/mxtommy/sigksens) ESP8266 based SignalK Wifi Sensors
- [**31**Star][12m] [Py] [iyanuashiri/wikipedia-reference-scraper](https://github.com/iyanuashiri/wikipedia-reference-scraper) Wikipedia API wrapper for references
- [**31**Star][23d] [PHP] [crawlzone/crawlzone](https://github.com/crawlzone/crawlzone) Crawlzone is a fast asynchronous internet crawling framework for PHP.
- [**31**Star][4m] [TS] [dr-nyt/novelscraper](https://github.com/dr-nyt/novelscraper) An educational project that lets you download translated novels from pirates sites like [
- [**31**Star][2m] [HTML] [tdebatty/spark-knn-graphs](https://github.com/tdebatty/spark-knn-graphs) Spark algorithms for building k-nn graphs
- [**31**Star][11m] [JS] [bartozzz/potential-duplicates-bot](https://github.com/bartozzz/potential-duplicates-bot) A configurable GitHub App which checks for potential issue duplicates using Damerau–Levenshtein distance algorithm.
- [**31**Star][3m] [C++] [manoharreddyporeddy/math-advanced-data-structures-and-algorithms](https://github.com/manoharreddyporeddy/math-advanced-data-structures-and-algorithms) Math, Advanced Data Structures & Algorithms - Please check before use
- [**31**Star][5m] [JS] [jonstuebe/scraper](https://github.com/jonstuebe/scraper) Node.js based scraper using headless chrome
- [**31**Star][3m] [PS] [metablaster/windowsfirewallruleset](https://github.com/metablaster/windowsfirewallruleset) Windows firewall ruleset powershell scripts
- [**31**Star][13d] [Py] [nasdin/videorecognition-realtime-autotrainer-alerts](https://github.com/nasdin/videorecognition-realtime-autotrainer-alerts) State of the art object detection in real-time using YOLOV3 algorithm. Augmented with a process that allows easy training of the classifier as a plug & play solution . Provides alert if an item in an alert list is detected.
- [**31**Star][1m] [C] [brucedone/darknet_demo](https://github.com/brucedone/darknet_demo) darknet yolov3 tiny train model demo
- [**31**Star][23d] [C++] [amirrezanasiri/usb-keystroke-injector](https://github.com/amirrezanasiri/usb-keystroke-injector) 
- [**31**Star][24d] [HTML] [metnew/telegram-links-nsworkspace-open](https://github.com/metnew/telegram-links-nsworkspace-open) Telegram (v4.9.155353) was rendering file:// links + opening them via NSWorkspace.open -> code execution.
- [**31**Star][18d] [JS] [shack2/jvapp](https://github.com/shack2/jvapp) Java漏洞练习程序，开发工具Eclipse，运行环境Java 1.7以上版本，Tocmat7以上。
- [**31**Star][18d] [fs0c131y/conpresentations](https://github.com/fs0c131y/conpresentations) Slide decks from my conference presentations
- [**31**Star][6m] [ObjC] [project-imas/encrypted_code_modules](https://github.com/project-imas/encrypted_code_modules) ECM - mitigates static attacks - allows sections of source code to be encrypted into a .dylib at build time and decrypted at run-time
- [**31**Star][5m] [C#] [uknowsec/sharpeventlog](https://github.com/uknowsec/sharpeventlog) c# 读取登录过本机的登录失败或登录成功（4624，4625）的所有计算机信息，在内网渗透中快速定位运维管理人员。
- [**31**Star][5m] [al0ne/suricata_optimize](https://github.com/al0ne/suricata_optimize) Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置
- [**31**Star][1m] [Py] [hubert3/isniff](https://github.com/hubert3/isniff) SSL man-in-the-middle tool targeting iOS devices < 4.3.5
- [**31**Star][2m] [offensive-security/kali-linux-preseed](https://github.com/offensive-security/kali-linux-preseed) 
- [**31**Star][2m] [Py] [infobyte/cscan](https://github.com/infobyte/cscan) Faraday Continuous Scanning
- [**31**Star][1m] [C] [gdbinit/bruteforcesysent](https://github.com/gdbinit/bruteforcesysent) Small util to discover OS X sysent via bruteforce
- [**31**Star][3m] [Py] [spiderlabs/deblaze](https://github.com/spiderlabs/deblaze) Performs method enumeration and interrogation against flash remoting end points.
- [**31**Star][1m] [JS] [song-li/dynamic_fingerprinting](https://github.com/song-li/dynamic_fingerprinting) This is a research project for dynamic fingerprinting, which means even some user change features of their computer, we can still fingerprint them
- [**31**Star][26d] [Py] [lunixbochs/mpwn](https://github.com/lunixbochs/mpwn) single file ctf/exploit client library - python3, type annotated
- [**31**Star][15d] [mandatoryprogrammer/vietnamdnsleak](https://github.com/mandatoryprogrammer/vietnamdnsleak) Summary and archives of leaked Vietnam TLD DNS data
- [**31**Star][1m] [Py] [neo23x0/ti-falsepositives](https://github.com/neo23x0/ti-falsepositives) A collection of typical false positive indicators
- [**31**Star][29d] [C] [stevemk14ebr/bf4-atombot](https://github.com/stevemk14ebr/bf4-atombot) Latest version of my personal BF4 Hack
- [**31**Star][4m] [jiansiting/cve-2019-2725](https://github.com/jiansiting/cve-2019-2725) weblogic绕过和wls远程执行
- [**31**Star][10m] [PHP] [roave/roavedevelopertools](https://github.com/roave/roavedevelopertools) A PHP application visualization/debugging tool for ZendFramework/Symfony
- [**31**Star][29d] [Java] [lamster2018/learnndk](https://github.com/lamster2018/learnndk) 学习jni及反调试策略
- [**31**Star][11d] [Go] [namhyung/elftree](https://github.com/namhyung/elftree) ELF library dependency viewer
- [**31**Star][6m] [Py] [charlie-belmer/subdomain_recon](https://github.com/charlie-belmer/subdomain_recon) A subdomain reconnaissance scanner
- [**31**Star][19d] [Py] [0xhjk/dumpall](https://github.com/0xhjk/dumpall) 一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏
- [**31**Star][2m] [Py] [d4vinci/wormy](https://github.com/d4vinci/wormy) some python3 functions to add spreading features to any python backdoor
- [**31**Star][1y] [Shell] [wongsyrone/openwrt-v2ray](https://github.com/wongsyrone/openwrt-v2ray) v2ray package example for OpenWrt/LEDE
- [**31**Star][24d] [Py] [mvelazc0/purplespray](https://github.com/mvelazc0/purplespray) PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Windows enterprise environments
- [**31**Star][11d] [C++] [hardenedlinux/srcinv](https://github.com/hardenedlinux/srcinv) source code audit tool
- [**31**Star][12d] [Py] [0xzdh/o365spray](https://github.com/0xzdh/o365spray) Username enumeration and password spraying tool aimed at Microsoft O365.
- [**31**Star][1m] [Java] [decaf-lang/decaf](https://github.com/decaf-lang/decaf) The new Decaf compiler, rewritten in "modern" Java
- [**31**Star][26d] [cypurr-collective/cypurr-prezes](https://github.com/cypurr-collective/cypurr-prezes) presentation materials for our cryptoparties
- [**31**Star][2m] [abhinavprasad47/bugbounty-starter-notes](https://github.com/abhinavprasad47/bugbounty-starter-notes) bug bounty hunters starter notes
- [**31**Star][12d] [albertzsigovits/mal-analysis-tools](https://github.com/albertzsigovits/mal-analysis-tools) A curated list of malware repositories, trackers and malware analysis tools
- [**31**Star][1y] [Ruby] [zuazo/ssl_certificate-cookbook](https://github.com/zuazo/ssl_certificate-cookbook) Chef cookbook to make it easy for other cookbooks to support SSL.
- [**31**Star][3m] [VCL] [webkul/magento2-varnish-redis-ssl-docker-compose](https://github.com/webkul/magento2-varnish-redis-ssl-docker-compose) Deploy Magento2 with Varnish Cache and Redis with SSL termination using Docker-compose tool
- [**31**Star][4m] [sektioneins/.ipa-pie-scanner](https://github.com/sektioneins/.ipa-PIE-Scanner) Scans iPhone/iPad/iPod applications for PIE flags
- [**31**Star][8m] [proappleos/upgrade-from-10.3.x-to-ios-11.1.2-on-any-64bit-device-with-blobs](https://github.com/ProAppleOS/Upgrade-from-10.3.x-to-iOS-11.1.2-on-any-64Bit-device-with-Blobs) How to Upgrade any 64Bit Device from 10.3.x to 11.1.2 with Blobs
- [**31**Star][2y] [PS] [nsacyber/detect-cve-2017-15361-tpm](https://github.com/nsacyber/Detect-CVE-2017-15361-TPM) Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
- [**31**Star][4m] [PS] [cr0n1c/sccm-enumeration](https://github.com/Cr0n1c/SCCM-Enumeration) 
- [**31**Star][18d] [Py] [calebstewart/peach](https://github.com/calebstewart/peach) Simple vulnerability scanning framework
- [**31**Star][3m] [Py] [zombiesam/wikigen](https://github.com/zombiesam/wikigen) A script to generate wordlists out of wikipedia pages. Should support most of the subdomains. Some ugly code may occur
- [**31**Star][2m] [Py] [ziozzang/flask-as-http-proxy-server](https://github.com/ziozzang/flask-as-http-proxy-server) Small HTTP Server used with Flask and werkzeug
- [**31**Star][4y] [C] [zhuhuibeishadiao/minivtx64](https://github.com/zhuhuibeishadiao/minivtx64) Intel Virtualization Technology demo
- [**31**Star][4m] [C#] [zcgonvh/ssmspwd](https://github.com/zcgonvh/ssmspwd) SQL Server Management Studio(SSMS) saved password dumper
- [**31**Star][3m] [Py] [zapatacomputing/cusp_cirq_demo](https://github.com/zapatacomputing/cusp_cirq_demo) Demonstration of CUSP algorithm using Cirq
- [**31**Star][4y] [C#] [yifanlu/vitadefiler](https://github.com/yifanlu/vitadefiler) An RPC for Vita that supports ARM userland code execution
- [**31**Star][2m] [Py] [xyntax/zzone-transfer](https://github.com/xyntax/zzone-transfer) DNS域传送漏洞探测工具。多线程，批量探测，漏洞利用，简单网页采集。(DNS zone transfer vulnerability Vulnerability detection tool, support multithreading,batch scanning and vulnerability exploitation)
- [**31**Star][1m] [Shell] [xetus-oss/docker-ossec-server](https://github.com/xetus-oss/docker-ossec-server) OSSEC server docker image
- [**31**Star][29d] [Py] [xebia/mobilehacktools](https://github.com/xebia/mobilehacktools) A repository for scripting a mobile attack toolchain
- [**31**Star][3y] [C] [x64dbg/slothbp](https://github.com/x64dbg/slothbp) Collaborative Breakpoint Manager for x64dbg.
- [**31**Star][2y] [C] [wanttobeno/win64driverstudy_src](https://github.com/wanttobeno/win64driverstudy_src) WIN64驱动编程基础教程-源码 
- [**31**Star][4m] [C++] [vertextoedge/windowfunctiontracer](https://github.com/vertextoedge/windowfunctiontracer) Window Executable file Function tracer using Debugging API
- [**31**Star][4m] [C++] [usnistgov/nfiq2](https://github.com/usnistgov/nfiq2) Biometric fingerprint quality assessment tool
- [**31**Star][2y] [PS] [tyranid/zer0con_2018](https://github.com/tyranid/zer0con_2018) Repository for my talk on Desktop Bridge at Zer0Con 2018.
- [**31**Star][7m] [Py] [tunnelshade/nightfury](https://github.com/tunnelshade/nightfury) 
- [**31**Star][3m] [troyhunt/hibp-stickers](https://github.com/troyhunt/hibp-stickers) This is artwork that can be used to create stickers for Have I Been Pwned
- [**31**Star][8m] [C] [triffid/fived_on_arduino](https://github.com/triffid/fived_on_arduino) Rewrite of reprap mendel firmware
- [**31**Star][4m] [Py] [thombashi/pingparsing](https://github.com/thombashi/pingparsing) pingparsing is a CLI-tool/Python-library parser and transmitter for ping command
- [**31**Star][27d] [HTML] [theori-io/jscript9-typedarray-cfg](https://github.com/theori-io/jscript9-typedarray-cfg) Proof-of-Concept exploit for jscript9 bug (MS16-063) with CFG Bypass
- [**31**Star][3m] [C] [themainframe/thermal-camera](https://github.com/themainframe/thermal-camera) Firmware for my ESP32-based hand-rolled LWIR camera device
- [**31**Star][1y] [Py] [thehive-project/synapse](https://github.com/thehive-project/synapse) a Meta Alert Feeder for TheHive, a Security Incident Response Platform
- [**31**Star][1y] [Eagle] [thedarknet/hhvkit](https://github.com/thedarknet/hhvkit) DefCon Hardware Hacking Village Learn To Solder Kit
- [**31**Star][1y] [C#] [thaisenpm/loader2](https://github.com/thaisenpm/loader2) Nova Hook is an open source C# cheat loader currently built for CS:GO
- [**31**Star][6y] [Assembly] [th4nat0s/no_sandboxes](https://github.com/th4nat0s/no_sandboxes) Test suite for bypassing Malware sandboxes.
- [**31**Star][4m] [Go] [telanflow/dictgenerate](https://github.com/telanflow/dictgenerate) 使用Go语言编写的社工字典生成器(The social engineering dictionary generator written by Go)
- [**31**Star][4m] [Go] [tdh8316/investigo](https://github.com/tdh8316/investigo) 
- [**31**Star][12m] [C] [tandasat/cs_driver](https://github.com/tandasat/cs_driver) A sample project for using Capstone from a driver in Visual Studio 2015
- [**31**Star][30d] [PHP] [talhasch/php-httpstat](https://github.com/talhasch/php-httpstat) PHP implementation of
- [**31**Star][4m] [Shell] [tacc/launcher](https://github.com/tacc/launcher) A simple utility for executing multiple sequential or multi-threaded applications in a single multi-node batch job
- [**31**Star][4m] [C] [swatkat/arkitlib](https://github.com/swatkat/arkitlib) Windows anti-rootkit library
- [**31**Star][4y] [Jupyter Notebook] [surajr/machine-learning-approach-for-malware-detection](https://github.com/surajr/machine-learning-approach-for-malware-detection) A Machine Learning approach for classifying a file as Malicious or Legitimate
- [**31**Star][24d] [Shell] [stevemcgrath/docker-nessus_scanner](https://github.com/stevemcgrath/docker-nessus_scanner) Nessus Scanner Docker Image
- [**31**Star][12d] [Py] [starnightcyber/findsubdomains](https://github.com/starnightcyber/findsubdomains) A tool finding sub-domains for penetesters
- [**31**Star][16d] [Rust] [stainless-steel/md5](https://github.com/stainless-steel/md5) MD5 hash function
- [**31**Star][8m] [Py] [staaldraad/fastfluxanalysis](https://github.com/staaldraad/fastfluxanalysis) Scripts to detect Fast-Flux and DGA using DNS query responses
- [**31**Star][2y] [Ruby] [st0rn/windows-10-exploit](https://github.com/st0rn/windows-10-exploit) Windows 10 Exploit
- [**31**Star][3m] [Go] [spooktheducks/local-blockchain-parser](https://github.com/spooktheducks/local-blockchain-parser) Searches for hidden files in local blockchain .DAT files.
- [**31**Star][21d] [Shell] [soluto/mobsf-ci](https://github.com/soluto/mobsf-ci) All that is required to run MobSF in the ci
- [**31**Star][27d] [solidified-platform/audits](https://github.com/solidified-platform/audits) Audits performed by Solidified
- [**31**Star][5m] [Py] [scottmudge/debugautopatch](https://github.com/scottmudge/debugautopatch) Patching system improvement plugin for IDA.
- [**31**Star][1m] [C++] [schdub/protodec](https://github.com/schdub/protodec) Protobuf decompiler
- [**31**Star][16d] [Py] [saucer-man/penetration-script](https://github.com/saucer-man/penetration-script) 渗透测试脚本
- [**31**Star][1y] [Py] [safebreach-labs/cachetalk](https://github.com/safebreach-labs/cachetalk) Proof-of-concept program that is able to read and write arbitrary bits using HTTP server-side caching
- [**31**Star][4y] [C++] [rootkitsmm/cvexx-xx](https://github.com/rootkitsmm/cvexx-xx) Windows kernel vulnerability in win32k.sys Driver
- [**31**Star][7m] [PS] [roflsandwich/steam-eop](https://github.com/roflsandwich/steam-eop) 
- [**31**Star][2m] [Py] [rmtew/peasauce](https://github.com/rmtew/peasauce) Peasauce Interactive Disassembler
- [**31**Star][2y] [Py] [righettod/owasp-cs-book](https://github.com/righettod/owasp-cs-book) Provide a utility script to build a PDF book gathering all Cheat Sheets from the project
- [**31**Star][3m] [Py] [ridter/hackredis](https://github.com/ridter/hackredis) 
- [**31**Star][2y] [Py] [revengecoming/demonhunter](https://github.com/revengecoming/demonhunter) Distributed Honeypot
- [**31**Star][12d] [Py] [regit/opensvp](https://github.com/regit/opensvp) Opensvp is a security tool implementing "attacks" to be able to test the resistance of firewall to protocol level attack.
- [**31**Star][5m] [Py] [raphaelyancey/virtual_fm_band](https://github.com/raphaelyancey/virtual_fm_band) 
- [**31**Star][3y] [randommood/fallacyoffast](https://github.com/randommood/fallacyoffast) Reference materials to this talk
- [**31**Star][5m] [JS] [r00tse7en/googlehackingtool](https://github.com/r00tse7en/googlehackingtool) 在线Google Hacking 小工具
- [**31**Star][4m] [Py] [qsecure-labs/overlord](https://github.com/qsecure-labs/overlord) Overlord - Red Teaming Infrastructure Automation
- [**31**Star][2m] [C] [qianshanhai/q-shell](https://github.com/qianshanhai/q-shell) Unix remote login tool, rootkit shell tool
- [**31**Star][27d] [C] [psxdev/liborbis](https://github.com/psxdev/liborbis) Libraries and samples for PlayStation 4
- [**31**Star][13d] [Py] [fnk0c/dot2moon](https://github.com/fnk0c/dot2moon) Tool that checks for path traversal traces in a given web application url, plus it is capable of multi-threading, set timeout and 5-layers verification.
- [**31**Star][7m] [C++] [progmboy/kernel_vul_poc](https://github.com/progmboy/kernel_vul_poc) 
- [**31**Star][5m] [Shell] [pnptutorials/pnp-portablehackingmachine](https://github.com/pnptutorials/pnp-portablehackingmachine) This script will convert your Raspberry Pi 3 into a portable hacking machine.
- [**31**Star][4y] [Pascal] [pigrecos/codedeobfuscator](https://github.com/pigrecos/codedeobfuscator) Code Deobfuscator
- [**31**Star][6m] [PHP] [phith0n/ctfdbbuilder](https://github.com/phith0n/ctfdbbuilder) a database query builder for CTFer（出题专用/开发阶段/慎用）
- [**31**Star][11d] [C#] [peterth/hexer](https://github.com/peterth/hexer) Yet another hex editor
- [**31**Star][3m] [C] [perceptionpoint/suprotect](https://github.com/perceptionpoint/suprotect) Changing memory protection in an arbitrary process
- [**31**Star][6m] [Shell] [patrickod/docker-tor-hidden-services](https://github.com/patrickod/docker-tor-hidden-services) A simple way of exposing any docker container as a tor hidden service
- [**31**Star][3m] [C++] [owodelta/coilgun](https://github.com/owodelta/coilgun) Direct WinAPI calling
- [**31**Star][10d] [C#] [ourcodeworld/csharp-scanner-wia](https://github.com/ourcodeworld/csharp-scanner-wia) A simple scanner application that implements WIA (Windows Image Acquisition).
- [**31**Star][3y] [osandamalith/apimon](https://github.com/osandamalith/apimon) A simple API monitor for Windbg
- [**31**Star][2m] [Shell] [opentoallctf/ctf-tools](https://github.com/opentoallctf/ctf-tools) Some setup scripts for security research tools.
- [**31**Star][5y] [Swift] [openscanner/xguardian](https://github.com/openscanner/xguardian) Security Scanner for OSX
- [**31**Star][1y] [Py] [northernsec/veracracker](https://github.com/northernsec/veracracker) Veracrypt Password Cracker
- [**31**Star][4y] [Py] [nopdev/binjadock](https://github.com/nopdev/binjadock) An extendable, tabbed, dockable UI widget plugin for BinaryNinja
- [**31**Star][16d] [Rust] [nixpulvis/oursh](https://github.com/nixpulvis/oursh) Your comrade through the perilous world of UNIX.
- [**31**Star][2y] [Rust] [nikomatsakis/cargo-incremental](https://github.com/nikomatsakis/cargo-incremental) A fuzzing tool for incremental compilation that walks git history
- [**31**Star][13d] [ObjC] [mtigas/onionbrowser](https://github.com/mtigas/onionbrowser) personal fork for testing and submitting diffs for review. you DEFINITELY want the OnionBrowser/OnionBrowser repo instead
- [**31**Star][3m] [ObjC] [mtigas/iobfs](https://github.com/mtigas/iobfs) Building obfs4proxy for Tor-enabled iOS apps.
- [**31**Star][4m] [Tcl] [mohemiv/tcltools](https://github.com/mohemiv/tcltools) Сollection of TCL scripts for Cisco IOS penetration testing
- [**31**Star][6m] [mmarfil/tinfoilhat](https://github.com/mmarfil/tinfoilhat) A list of privacy-respecting alternatives to apps and services that track you around.
- [**31**Star][5m] [Py] [mikepitagno/asa_cleanup](https://github.com/mikepitagno/asa_cleanup) Cisco ASA Firewall Cleanup Script.
- [**31**Star][4m] [C] [microsoft/wafbench](https://github.com/microsoft/wafbench) WAFBench (wb) is a tool to measure the performance of WAF(Web Application Firewall) . It's based on latest code of ab (ApacheBench), and adds support for real trace replaying, framework of testing waf (FTW), and some other features.
- [**31**Star][7m] [Py] [mhaskar/xssradare](https://github.com/mhaskar/xssradare) A Cross Site Scripting scanner using selenium webdriver
- [**31**Star][4m] [Py] [mhagger/diff-slider-tools](https://github.com/mhagger/diff-slider-tools) Tools for experimenting diff "slider" heuristics
- [**31**Star][2m] [Py] [meatballs1/burp_jsbeautifier](https://github.com/meatballs1/burp_jsbeautifier) js-beautifier extension for Burp Suite
- [**31**Star][4y] [Py] [mdegrazia/osx-quicklook-parser](https://github.com/mdegrazia/osx-quicklook-parser) Parse the Mac Quickook index.sqlite database
- [**31**Star][9m] [matthewrudy/fake-code4hk-app](https://github.com/matthewrudy/fake-code4hk-app) Decompiling a fake code4hk / occupy central app distributed via whatsapp
- [**31**Star][3y] [matthewdunwoody/poshspy](https://github.com/matthewdunwoody/poshspy) POSHSPY backdoor code
- [**31**Star][12d] [Py] [matrix1001/nadbg](https://github.com/matrix1001/nadbg) 
- [**31**Star][10m] [matrix1001/interactive-pwnning-tutorial](https://github.com/matrix1001/interactive-pwnning-tutorial) 
- [**31**Star][1y] [Py] [mathboy7/ctf](https://github.com/mathboy7/ctf) Exploit for hardcore pwnable
- [**31**Star][5y] [Py] [madpowah/forensicpcap](https://github.com/madpowah/forensicpcap) a Python Network Forensic tool to analyze a PCAP file.
- [**31**Star][1m] [Go] [madnikulin50/gordp](https://github.com/madnikulin50/gordp) Rdp client on pure GoLang
- [**31**Star][28d] [Py] [lxiaogirl/hack](https://github.com/lxiaogirl/hack) 渗透测试过程中使用的脚本，包括不限于针对特定程序设备的爆破脚本、利用代码，通用的脚本。
- [**31**Star][4m] [Py] [lufeirider/sqlchecker](https://github.com/lufeirider/sqlchecker) 注入检测工具
- [**31**Star][2y] [C] [lpefferkorn/ipdecap](https://github.com/lpefferkorn/ipdecap) Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works with pcap files.
- [**31**Star][1m] [Go] [lakevilladom/goskylar](https://github.com/lakevilladom/goskylar) 基于Golang开发的企业级外网端口资产扫描
- [**31**Star][10m] [Lua] [kost/nmap-nse](https://github.com/kost/nmap-nse) NMAP NSE scripts - (not all)) my contributions before merging to nmap svn
- [**31**Star][3m] [PS] [kendalvandyke/sqlpowerdoc](https://github.com/kendalvandyke/sqlpowerdoc) SQL Power Doc is a collection of Windows PowerShell scripts and modules that discover, document, and diagnose SQL Server instances and their underlying Windows OS & machine configurations.
- [**31**Star][9m] [C] [jtalowell/crackme](https://github.com/jtalowell/crackme) Source repository for my introduction to reverse engineering workshop
- [**31**Star][9m] [Py] [josue87/airopy](https://github.com/josue87/airopy) Get clients and access points.
- [**31**Star][2m] [Py] [joda32/got-responded](https://github.com/joda32/got-responded) A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)
- [**31**Star][3y] [Py] [itsreallynick/office-crackros](https://github.com/itsreallynick/office-crackros) Crack your macros like the math pros.
- [**31**Star][1y] [C] [iamgublin/ndis6.30-netmonitor](https://github.com/iamgublin/ndis6.30-netmonitor) NDIS6.30 Filter Library
- [**31**Star][1m] [Java] [hvqzao/burp-flow](https://github.com/hvqzao/burp-flow) Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.
- [**31**Star][4m] [C++] [hoangprod/leospecial-veh-hook](https://github.com/hoangprod/leospecial-veh-hook) Vectored Exception Handling Hooking Class
- [**31**Star][2m] [Shell] [hestat/minerchk](https://github.com/hestat/minerchk) Bash script to Check for malicious Cryptomining
- [**31**Star][6m] [C] [hawxchen/linux-kernel-driver-programming](https://github.com/hawxchen/linux-kernel-driver-programming) Implementation of PCI drivers, kprobe, sysfs, devfs, sensor driver, miscdevices, synchronization
- [**31**Star][8y] [C] [hackedteam/driver-win64](https://github.com/hackedteam/driver-win64) Windows (64bit) agent driver
- [**31**Star][6m] [h2hconference/2018](https://github.com/h2hconference/2018) H2HC 2018 Slides/Materials/Presentations
- [**31**Star][12d] [Ruby] [gplcc/gplcc](https://github.com/gplcc/gplcc) GPL Cooperation Commitment
- [**31**Star][7m] [Go] [fzerorubigd/go0r](https://github.com/fzerorubigd/go0r) A simple ssh honeypot in golang
- [**31**Star][23d] [Ruby] [fozavci/metasploit-framework-with-viproy](https://github.com/fozavci/metasploit-framework-with-viproy) Metasploit Framework with Viproy installed.
- [**31**Star][6m] [Py] [fist0urs/kerberom](https://github.com/fist0urs/kerberom) Kerberom is a tool aimed to retrieve ARC4-HMAC'ed encrypted Tickets Granting Service (TGS) of accounts having a Service Principal Name (SPN) within an Active Directory
- [**31**Star][10m] [JS] [fhemberger/hapi-imagemin-proxy](https://github.com/fhemberger/hapi-imagemin-proxy) Hapi proxy for serving optimized images
- [**31**Star][22d] [PHP] [ezyang/csrf-magic](https://github.com/ezyang/csrf-magic) Automatic CSRF protection for PHP applications
- [**31**Star][8m] [PHP] [eymengunay/eohoneypotbundle](https://github.com/eymengunay/eohoneypotbundle) Honeypot type for Symfony forms
- [**31**Star][4y] [Py] [endgameinc/sans_thir16](https://github.com/endgameinc/sans_thir16) SANS Hunting on the Cheap
- [**31**Star][4y] [Py] [endgameinc/instegogram](https://github.com/endgameinc/instegogram) 
- [**31**Star][5m] [Py] [emersonelectricco/boomerang](https://github.com/emersonelectricco/boomerang) A tool designed for consistent and safe capture of off network web resources.
- [**31**Star][2m] [HTML] [edoverflow/security-template](https://github.com/edoverflow/security-template) A static website template for security pages.
- [**31**Star][1y] [JS] [ecleipteon/thalos](https://github.com/ecleipteon/thalos) Secure approach to secure file storage in untrusted environments.
- [**31**Star][3m] [dwestgard/threat_hunting_tables](https://github.com/dwestgard/threat_hunting_tables) Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
- [**31**Star][22d] [HTML] [divyanshusahu/minictf](https://github.com/divyanshusahu/minictf) A platform build in django for hosting CTF events.
- [**31**Star][4m] [C] [dhuertas/des](https://github.com/dhuertas/des) DES algorithm implementation in C
- [**31**Star][27d] [Go] [dharmaofcode/gorp](https://github.com/dharmaofcode/gorp) A modular bug hunting and web application pentesting framework written in Go
- [**31**Star][6m] [dhamuharker/xss-](https://github.com/dhamuharker/xss-) Awesome XSS Payloads
- [**31**Star][13d] [Shell] [devilbox/watcherd](https://github.com/devilbox/watcherd) A shell daemon that will listen for directory changes and execute custom commands for each event.
- [**31**Star][4y] [danielmiessler/ctfsolutiontypes](https://github.com/danielmiessler/ctfsolutiontypes) A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!
- [**31**Star][8m] [C] [daft-freak/sdl-emscripten](https://github.com/daft-freak/sdl-emscripten) SDL2 emscripten port, non-upstreamed changes
- [**31**Star][1m] [Py] [cym13/vbs-reverse-shell](https://github.com/cym13/vbs-reverse-shell) VBS reverse shell scripts
- [**31**Star][7y] [Java] [cunninglogic/lgpwn](https://github.com/cunninglogic/lgpwn) LG Root Exploit
- [**31**Star][4m] [cturt/gameboy_ghidrasleigh](https://github.com/cturt/gameboy_ghidrasleigh) Ghidra Processor support for Nintendo Game Boy
- [**31**Star][5y] [C] [conorpp/mitm-http-proxy](https://github.com/conorpp/mitm-http-proxy) A simple, low level http/https proxy server with MiTM pranking features.
- [**31**Star][10d] [coky-t/owasp-mstg-ja](https://github.com/coky-t/owasp-mstg-ja) unofficial Japanese translation of OWASP Mobile Security Testing Guide.
- [**31**Star][4m] [JS] [codenothing/argv](https://github.com/codenothing/argv) Node based command line argument parser
- [**31**Star][4m] [C] [codecat007/snort-rules](https://github.com/codecat007/snort-rules) An UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases.
- [**31**Star][3m] [Py] [cloudflare/salt-cloudflare](https://github.com/cloudflare/salt-cloudflare) Cloudflare salt module allows you to manage zones on Cloudflare from salt.
- [**31**Star][20d] [PHP] [cleantalk/anti-ddos-lite](https://github.com/cleantalk/anti-ddos-lite) A small PHP app to protect your site against DDoS attack.
- [**31**Star][10m] [Ruby] [chdorner/epubinfo](https://github.com/chdorner/epubinfo) Extracts metadata information from EPUB files. Supports EPUB2 and EPUB3 formats.
- [**31**Star][18d] [C] [calebfenton/native-harness-target](https://github.com/calebfenton/native-harness-target) Android app for demonstrating native library harnessing
- [**31**Star][11d] [Py] [brunneis/scihub-downloader](https://github.com/brunneis/scihub-downloader) Sci-Hub PDF downloader through Tor Network (Docker image)
- [**31**Star][2m] [Go] [bramp/myip](https://github.com/bramp/myip) (A better) What's My IP Address web application
- [**31**Star][1m] [Py] [bnbdr/wd-rce](https://github.com/bnbdr/wd-rce) WD My Cloud PoC exploit
- [**31**Star][3m] [Go] [bnagy/afl-launch](https://github.com/bnagy/afl-launch) Boring tool to launch multiple afl-fuzz instances
- [**31**Star][3y] [Py] [blackmathit/2017-11882_generator](https://github.com/blackmathit/2017-11882_generator) CVE-2017-11882 File Generator PoC
- [**31**Star][25d] [Go] [binject/shellcode](https://github.com/binject/shellcode) Shellcode library as a Go package
- [**31**Star][5m] [Py] [benjamincrom/scrabble](https://github.com/benjamincrom/scrabble) Implements Scrabble. Also allows user to recover all game moves from given board and score list as well as brute-force find best move.
- [**31**Star][1y] [Py] [basilfx/kippo-extra](https://github.com/basilfx/kippo-extra) Set of extra commands for kippo, the SSH honeypot daemon
- [**31**Star][2y] [Java] [barro/java-afl](https://github.com/barro/java-afl) Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
- [**31**Star][4m] [badappsdevelopment/wifi-cracker](https://github.com/badappsdevelopment/wifi-cracker) Wifi Cracking
- [**31**Star][6m] [C++] [ayuto/dynamichooks](https://github.com/ayuto/dynamichooks) A C++ library to create function hooks dynamically, so you can easily embed it into other programming languages..
- [**31**Star][4m] [Py] [ayrx/tlsenum](https://github.com/ayrx/tlsenum) A command line tool to enumerate TLS cipher-suites supported by a server
- [**31**Star][11d] [JS] [auth0/passport-wsfed-saml2](https://github.com/auth0/passport-wsfed-saml2) passport strategy for both WS-fed and SAML2 protocol
- [**31**Star][2y] [Py] [aurainfosec/xss_payloads](https://github.com/aurainfosec/xss_payloads) XSS payloads for edge cases
- [**31**Star][4m] [C#] [arvindshmicrosoft/sqlcallstackresolver](https://github.com/arvindshmicrosoft/sqlcallstackresolver) Utility to resolve SQL Server callstacks to their correct symbolic form using just PDBs and without a dump file
- [**31**Star][24d] [C] [arm-software/sbsa-acs](https://github.com/arm-software/sbsa-acs) ARM Enterprise: SBSA Architecture Compliance Suite
- [**31**Star][4m] [JS] [arlolra/ctypes-otr](https://github.com/arlolra/ctypes-otr) js-ctypes wrapper for libotr
- [**31**Star][15d] [appspector/android-sdk](https://github.com/appspector/android-sdk) AppSpector is a debugging service for mobile apps
- [**31**Star][24d] [Py] [antoinet/obike](https://github.com/antoinet/obike) Reverse engineering of the oBike protocol communication (BLE and HTTP)
- [**31**Star][10m] [Py] [anilyuk/punydomaincheck](https://github.com/anilyuk/punydomaincheck) Puny Domain Name Check
- [**31**Star][1y] [C] [alex91ar/diamorphine](https://github.com/alex91ar/diamorphine) LKM rootkit for Linux Kernels 2.6.x/3.x/4.x
- [**31**Star][4m] [Py] [alberties/ghostfuscator](https://github.com/alberties/ghostfuscator) The Python Password-Protected Obfuscator
- [**31**Star][1m] [airbus-seclab/gustave](https://github.com/airbus-seclab/gustave) 
- [**31**Star][5m] [JS] [aaa4xu/pubg-lobby-proxy](https://github.com/aaa4xu/pubg-lobby-proxy) Eazy way to view and modify PLAYERUNKNOWN'S BATTLEGROUNDS lobby traffic
- [**31**Star][1m] [C] [5h311-1nj3c706/local-root-exploits](https://github.com/5h311-1nj3c706/local-root-exploits) LOCAL ROOT EXPLOITS
- [**31**Star][4m] [Go] [4396/tun](https://github.com/4396/tun) A simple and efficient reverse proxy that expose a local server behind a NAT to the internet.
- [**31**Star][1m] [0x90/nrf24-arsenal](https://github.com/0x90/nrf24-arsenal) Hacking tools and scripts for nRF24LU1+
- [**30**Star][11d] [Py] [atenreiro/opensquat](https://github.com/atenreiro/opensquat) openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as domain squatting, typo squatting, IDN homograph attacks, phishing and scams.
- [**30**Star][11d] [mgeeky/cobalt-arsenal](https://github.com/mgeeky/cobalt-arsenal) My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
- [**30**Star][18d] [Py] [2d4d/rdg_scanner_cve-2020-0609](https://github.com/2d4d/rdg_scanner_cve-2020-0609) Scanning for Remote Desktop Gateways (Potentially unpatched CVE-2020-0609 and CVE-2020-0610)
- [**30**Star][4m] [C#] [mr-un1k0d3r/remoteprocessinjection](https://github.com/mr-un1k0d3r/remoteprocessinjection) C# remote process injection utility for Cobalt Strike
- [**30**Star][6m] [LLVM] [evanmak/savior-source](https://github.com/evanmak/savior-source) source code for savior fuzzer
- [**30**Star][4m] [Py] [sinwindie/osint](https://github.com/sinwindie/osint) Collections of Javascript bookmarklets created to aid in OSINT collection
- [**30**Star][2y] [Java] [rrishabhj/instantinsta](https://github.com/rrishabhj/instantinsta) Android Application To Download and Manage Instagram Images And Videos
- [**30**Star][1y] [ObjC] [nododo/hookdouyin](https://github.com/nododo/hookdouyin) iOS逆向：如何让抖音自动播放下一个视频(懒人癌)
- [**30**Star][4m] [C#] [gameprogressive/retrospyserver](https://github.com/gameprogressive/retrospyserver) An Open source GameSpy emulator written in C#
- [**30**Star][11d] [C] [yifengyou/learn-kvm](https://github.com/yifengyou/learn-kvm) Qemu KVM(Kernel Virtual Machine)学习笔记
- [**30**Star][11d] [AppleScript] [pengelana/blocklist](https://github.com/pengelana/blocklist) 
- [**30**Star][12d] [HTML] [corydonbyte/jiamimao](https://github.com/corydonbyte/jiamimao) 加密猫：一个免费、开源的文件加密软件
- [**30**Star][2m] [Rust] [octplane/small-deployer](https://github.com/octplane/small-deployer) Git Webhook client, in rust.
- [**30**Star][2y] [JS] [hermit-crab/scrapemate](https://github.com/hermit-crab/scrapemate) Scraping assistant tool. Editing and maintaining CSS/XPath selectors across webpages.
- [**30**Star][1y] [Py] [napalm-automation-community/napalm-ros](https://github.com/napalm-automation-community/napalm-ros) MikroTik RouterOS NAPALM driver
- [**30**Star][1y] [Perl] [gnustavo/git-hooks](https://github.com/gnustavo/git-hooks) Framework for implementing Git (and Gerrit) hooks
- [**30**Star][1m] [Go] [crawlerclub/crawler](https://github.com/crawlerclub/crawler) a general purpose focused crawler
- [**30**Star][3m] [Py] [stanleylsx/app_comments_spider](https://github.com/stanleylsx/app_comments_spider) 爬取百度贴吧、TapTap、appstore、微博官方博主上的游戏评论(基于redis_scrapy)，过滤器采用了bloomfilter。
- [**30**Star][4m] [Go] [trustelem/zxcvbn](https://github.com/trustelem/zxcvbn) Go implementation of Dropbox's zxcvbn realistic password strength estimator
- [**30**Star][6m] [C++] [basemax/powerhash](https://github.com/basemax/powerhash) Design and development Crypto algorithms.
- [**30**Star][15d] [Py] [luchang-cs/news-crawler](https://github.com/luchang-cs/news-crawler) A news crawler for BBC News, Reuters and New York Times.
- [**30**Star][2m] [OCaml] [roburio/openvpn](https://github.com/roburio/openvpn) An opinionated implementation of the OpenVPN protocol
- [**30**Star][10m] [C++] [jiribilek/wifispi](https://github.com/jiribilek/wifispi) SPI library for Arduino AVR and STM32F1 to connect to ESP8266
- [**30**Star][3y] [Java] [no-go/uart-smartwatch](https://github.com/no-go/uart-smartwatch) Android App, Firmware and Circuit for a DIY Smartwatch working with Bluetooth Low Energy
- [**30**Star][30d] [libp2p/devgrants](https://github.com/libp2p/devgrants) want to hack on libp2p? this repo tracks libp2p endeavors eligible for incentivization.
- [**30**Star][3m] [Py] [s-ol/gpwfc](https://github.com/s-ol/gpwfc) openCL-accelerated python implementation of the Wave Function Collapse procgen algorithm
- [**30**Star][2m] [HTML] [david-reguera-garcia-dreg/precompiled-openssl-windows](https://github.com/david-reguera-garcia-dreg/precompiled-openssl-windows) Precompiled OpenSSL (Include Static and Dynamic Library)
- [**30**Star][1m] [C#] [131/node-winapi](https://github.com/131/node-winapi) Native windows api binding for nodejs
- [**30**Star][19d] [Java] [fengzhizi715/bytekit](https://github.com/fengzhizi715/bytekit) Java 字节的工具库(不是字节码的工具库)
- [**30**Star][2y] [Swift] [maximbilan/ios-crosswords-generator](https://github.com/maximbilan/ios-crosswords-generator) A simple algorithm for generating crosswords written on Swift. Based on Python Crossword Puzzle Generator.
- [**30**Star][19d] [JS] [mgechev/plainvm](https://github.com/mgechev/plainvm) plainvm allows you to control multiple virtual machines which are distributed among many hosts through your browser.
- [**30**Star][3m] [PHP] [juanmicl/igcreator](https://github.com/juanmicl/igcreator) Instagram mass account creator with proxies
- [**30**Star][5m] [Py] [dejonghe/kmstool](https://github.com/dejonghe/kmstool) Tool for using AWS Kms data keys to encrypt and decrypt large files.
- [**30**Star][2y] [Go] [orijtech/frontender](https://github.com/orijtech/frontender) Setup a server frontend with HTTPS that then proxies to traffic to a backend/cluster
- [**30**Star][5m] [chriso0710/pikiosk](https://github.com/chriso0710/pikiosk) Automate Chromium in kiosk mode and Eddystone beacon on Raspberry Pi Raspbian Jessie with Ansible. Use a single command to update the kiosk and Eddystone URLs on all machines.
- [**30**Star][23d] [C] [cyb70289/utf8](https://github.com/cyb70289/utf8) Fast UTF-8 validation with range algorithm (NEON+SSE4+AVX2)
- [**30**Star][1m] [Py] [vfosterm/nordvpn-networkmanager-gui](https://github.com/vfosterm/nordvpn-networkmanager-gui) A NordVPN GUI client for linux using the native Network Manager
- [**30**Star][1y] [Go] [suyuanhxx/crawler](https://github.com/suyuanhxx/crawler) 爬取tumblr关注博主图片
- [**30**Star][7m] [eon01/aws-cheatsheet](https://github.com/eon01/aws-cheatsheet) 
- [**30**Star][11d] [C++] [usetheapi/algorithms](https://github.com/usetheapi/algorithms) Study cases for Algorithms and Data Structures.
- [**30**Star][15d] [Java] [fullstackyang/weibo-crawler](https://github.com/fullstackyang/weibo-crawler) 新型的免登录微博爬虫，自动获取Cookie直接进行抓取和解析微博数据，免去了账号登录的过程，彻底摆脱账号被封的困扰
- [**30**Star][2m] [CSS] [nieheyong/myiot](https://github.com/nieheyong/myiot) 一个基于物联网的温度采集系统
- [**30**Star][18d] [Py] [xolox/python-negotiator](https://github.com/xolox/python-negotiator) Scriptable KVM/QEMU guest agent implemented in Python
- [**30**Star][2m] [Ruby] [rails-engine/audit-log](https://github.com/rails-engine/audit-log) 
- [**30**Star][2m] [JS] [apollon77/iobroker.tuya](https://github.com/apollon77/iobroker.tuya) ioBroker adapter to connect to several small and cheap Wifi devices that care connected to the Tuya Cloud and mostly use the Smartlife App/Alexa-Skill
- [**30**Star][20d] [Py] [jaredthecoder/biopy](https://github.com/jaredthecoder/biopy) Biologically-Inspired and Machine Learning Algorithms written in Python
- [**30**Star][9m] [JS] [donmccurdy/proxy-controls-server](https://github.com/donmccurdy/proxy-controls-server) Send keyboard/gamepad controls between devices, peer-to-peer, over WebRTC.
- [**30**Star][7m] [CSS] [afterflood/afterflood.in](https://github.com/afterflood/afterflood.in) A crowd sourced data hub created during Kerala Flood with information regarding all the Do's and don'ts, waste management, personal hygiene and every other aspect which needs to be kept in mind while moving back home after the flood
- [**30**Star][4m] [Java] [jasonkresch/protect](https://github.com/jasonkresch/protect) A Platform for Robust Threshold Cryptography based on Asynchronous Publicly Verifiable Secret Sharing with Tunable Security
- [**30**Star][4m] [Racket] [alexknauth/debug](https://github.com/alexknauth/debug) a racket lang-extension for debugging, and a macro for inserting a debug-repl
- [**30**Star][3m] [Go] [greenpeace/gpes-check-my-pages](https://github.com/greenpeace/gpes-check-my-pages) Scrapping script used to test the Spanish web archive and redirects system, with more than 10,000 pages. It checks redirections, http responses, analytics, files hosted in soon-to-die servers, canonical urls and more.
- [**30**Star][4m] [C] [chillancezen/zeldaos.x86_64](https://github.com/chillancezen/zeldaos.x86_64) 64bit bare metal hypervisor built from scratch with Intel VT-x
- [**30**Star][1m] [TS] [bin-huang/nodespider](https://github.com/bin-huang/nodespider) Simple, flexible, delightful web crawler/spider package
- [**30**Star][1m] [Py] [lopes/netbox-scanner](https://github.com/lopes/netbox-scanner) A scanner util for NetBox
- [**30**Star][12d] [Py] [bugbounty-site/gitsecure](https://github.com/bugbounty-site/gitsecure) Detect exposed API keys on GitHub commits.
- [**30**Star][1y] [smallstrong0/ss](https://github.com/smallstrong0/ss) I spend many ways to break the GFW,and this is my destination.
- [**30**Star][5m] [Makefile] [xc2/shadowsocks-libev-tomato](https://github.com/xc2/shadowsocks-libev-tomato) Pre-compiled shadowsocks-libev for TomatoUSB, Tomato Shibby, Toastman and Asuswrt Merlin.
- [**30**Star][2m] [C] [zhou0/mysocks](https://github.com/zhou0/mysocks) The cross-platform shadowsocks client and server with minimum dependencies.
- [**30**Star][2m] [Java] [bestoa/shadowsocks-vertx](https://github.com/bestoa/shadowsocks-vertx) Java port of shadowsocks with vertx.
- [**30**Star][2m] [Shell] [yaleh/kcp-shadowsocks-server](https://github.com/yaleh/kcp-shadowsocks-server) Docker image of a server with KCP tunnel and Shadowsocks.
- [**30**Star][23d] [C] [fatih4842/asyncrone](https://github.com/fatih4842/asyncrone) aSYNcrone is a SYN Flood DDoS Tool!
- [**30**Star][2m] [JS] [infosec-au/phishjs](https://github.com/infosec-au/phishjs) Abusing trust boundaries to deliver effective phishing payloads
- [**30**Star][4m] [JS] [mandatoryprogrammer/pers](https://github.com/mandatoryprogrammer/pers) A passive scanning tool for finding expired domain vulnerabilities while you browse.
- [**30**Star][3m] [PHP] [guelfoweb/wp-waf](https://github.com/guelfoweb/wp-waf) [PHP] WordPress Application Firewall
- [**30**Star][7m] [Java] [amitshekhariitbhu/applock](https://github.com/amitshekhariitbhu/applock) Android Application for app lock
- [**30**Star][25d] [Py] [rocky/python-spark](https://github.com/rocky/python-spark) An Earley-Algorithm Context-free grammar Parser Toolkit
- [**30**Star][4y] [Py] [yinghuocho/ghttproxy](https://github.com/yinghuocho/ghttproxy) a gevent based HTTP/HTTPS proxy with SOCKS5 forwarding.
- [**30**Star][2m] [Dockerfile] [betaflight/docker-betaflight-build](https://github.com/betaflight/docker-betaflight-build) Docker container that contains everything required to build the Betaflight firmware
- [**30**Star][16d] [Perl] [pentestmonkey/yaptest](https://github.com/pentestmonkey/yaptest) Automatically exported from code.google.com/p/yaptest
- [**30**Star][3m] [Ruby] [thesp0nge/wordstress](https://github.com/thesp0nge/wordstress) A security scanner for Wordpress blogging engine
- [**30**Star][3m] [Shell] [shadowsocks/libev](https://github.com/shadowsocks/libev) A fork of libev
- [**30**Star][5m] [PHP] [wpscanteam/vulnerablewordpress](https://github.com/wpscanteam/vulnerablewordpress) 
- [**30**Star][20d] [JS] [square/find-yarn-workspace-root](https://github.com/square/find-yarn-workspace-root) Algorithm for finding the root of a yarn workspace, extracted from yarnpkg.com
- [**30**Star][1m] [Py] [hephaest0s/creatorrc](https://github.com/hephaest0s/creatorrc) Create torrc files optimized for speed, security, or avoiding captchas
- [**30**Star][4m] [Py] [wyatu/pentestscripts](https://github.com/wyatu/pentestscripts) Some scripts for penetration testing
- [**30**Star][4m] [Py] [pyauth/pywarp](https://github.com/pyauth/pywarp) Python WebAuthn Relying Party library
- [**30**Star][7d] [Go] [influxdata/wirey](https://github.com/influxdata/wirey) Manage local wireguard interfaces in a distributed system
- [**30**Star][6m] [Py] [robindavid/pyads](https://github.com/robindavid/pyads) Python module to manipulate NTFS Alternate Data Stream (ADS) in Python
- [**30**Star][3m] [C++] [stealth/libusipp](https://github.com/stealth/libusipp) unix socket interface for C++ raw IP/IP6/UDP/TCP, Layer2 etc. framework
- [**30**Star][14d] [Py] [s0lst1c3/grey_harvest](https://github.com/s0lst1c3/grey_harvest) Scrapes the web for reliable http or https proxies and prints them to stdout. Can also be used as a python library to easily generate reliable proxies for use within Python applications.
- [**30**Star][10d] [C#] [rainkin1993/remote-access-trojan-database](https://github.com/rainkin1993/remote-access-trojan-database) A database of RAT collected from Internet
- [**30**Star][1m] [Shell] [digivill/all-in-one-wifi-cracker](https://github.com/digivill/all-in-one-wifi-cracker) Linux All in One Wifi Cracker
- [**30**Star][20d] [Go] [cs8425/go-adbbot](https://github.com/cs8425/go-adbbot) android bot based on adb and golang
- [**30**Star][17d] [xuxiaodong/v2ray-for-ansible](https://github.com/xuxiaodong/v2ray-for-ansible) V2Ray for Ansible
- [**30**Star][1m] [PS] [glenrobinson72/tableau-powershell-scripts](https://github.com/glenrobinson72/tableau-powershell-scripts) Repository of Powershell Scripts for Tableau
- [**30**Star][7m] [starriv/docker-ss](https://github.com/starriv/docker-ss) use the docker to run shadowsocksr
- [**30**Star][16d] [Java] [openindex/remotesupporttool](https://github.com/openindex/remotesupporttool) an easy single click solution for remote maintenance
- [**30**Star][2m] [Py] [fatal0/yyets-spider](https://github.com/fatal0/yyets-spider) 抓取人人影视指定美剧HR-HDTV的ed2k下载链接
- [**30**Star][6m] [Py] [acidprime/wirelessconfig](https://github.com/acidprime/wirelessconfig) A 802.1x Python wireless configuration tool with Cocoa wrappers
- [**30**Star][5m] [Py] [6e726d/pywiwi](https://github.com/6e726d/pywiwi) Python Windows Wifi
- [**30**Star][15d] [C] [hansrajdas/algorithms](https://github.com/hansrajdas/algorithms) Algorithms in python and C
- [**30**Star][12d] [ai0tsec/blog](https://github.com/AI0TSec/Blog) I wish the world continues to be lively, I wish you and me are still you and me.
- [**30**Star][28d] [PLSQL] [radoslavgatev/ssdt-continuous-deployment-project-template](https://github.com/radoslavgatev/ssdt-continuous-deployment-project-template) A project template aiming for easy Continuous Deployment of SSDT projects.
- [**30**Star][23d] [Java] [proudwind/struts2_vulns](https://github.com/proudwind/struts2_vulns) Struts2 vuln env
- [**30**Star][1m] [Shell] [dockerland/dex](https://github.com/dockerland/dex) docker executables - run applications without installing them or their dependencies
- [**30**Star][6m] [Go] [monereum/monereum](https://github.com/monereum/monereum) Monereum Network - A permissioned implementation of Ethereum supporting data privacy
- [**30**Star][21d] [Visual Basic] [henriksb/extensionspoofer](https://github.com/henriksb/extensionspoofer) Spoof file icons and extensions in Windows
- [**30**Star][8d] [Py] [squuv/wifibf](https://github.com/Squuv/WifiBF) This is a wifi Brute Force. script undetectable and secure!
- [**30**Star][9d] [Java] [wolfssl/wolfssljni](https://github.com/wolfssl/wolfssljni) Java (JNI) wrapper and JSSE provider around the lightweight wolfSSL SSL/TLS library, supporting up to TLS 1.3 and DTLS 1.2.
- [**30**Star][10d] [monsterzer0/cyber-security-guide](https://github.com/monsterzer0/Cyber-Security-Guide) The Whitepaper For Enterprise Security created by Monster Zero Team
- [**30**Star][6y] [Py] [osirislab/catfish](https://github.com/osirislab/Catfish) Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them.
- [**30**Star][4y] [Py] [tacixat/xorshift128plus](https://github.com/TACIXAT/XorShift128Plus) Symbolic execution for the XorShift128+ algorithm.
- [**30**Star][8d] [TeX] [nucypher/whitepaper](https://github.com/nucypher/whitepaper) Privacy layer for blockchain and decentralized applications based on proxy re-encryption
- [**30**Star][10d] [Java] [openjavacard/openjavacard-ndef](https://github.com/OpenJavaCard/openjavacard-ndef) NDEF tag implementation for JavaCard
- [**30**Star][1y] [Py] [zerosteiner/advancedhttpserver](https://github.com/zerosteiner/advancedhttpserver) Standalone web server built on Python's BaseHTTPServer
- [**30**Star][5m] [Java] [zerokilo/xexloaderwv](https://github.com/zerokilo/xexloaderwv) Ghidra Loader Module for X360 XEX Files
- [**30**Star][2m] [C] [zenware/bluemaho](https://github.com/zenware/bluemaho) BlueMaho is GUI-shell (interface) for suite of tools for testing security of bluetooth devices. It is freeware, opensource, written on python, uses wxPyhon. It can be used for testing BT-devices for known vulnerabilities and major thing to do – testing to find unknown vulns. Also it can form nice statistics.
- [**30**Star][3y] [C#] [zacbrown/powershellmethodauditor](https://github.com/zacbrown/powershellmethodauditor) PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
- [**30**Star][3m] [Java] [yolosec/ysoserial](https://github.com/yolosec/ysoserial) A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
- [**30**Star][3m] [PHP] [yii2tech/authlog](https://github.com/yii2tech/authlog) Identity auth tracking
- [**30**Star][2y] [C] [yifiheaven/magicwall](https://github.com/yifiheaven/magicwall) 
- [**30**Star][2y] [Py] [yehgdotnet/s3scanner](https://github.com/yehgdotnet/s3scanner) Scan for open S3 buckets and dump
- [**30**Star][3m] [Shell] [yahuiwong/docker-ss-tproxy](https://github.com/yahuiwong/docker-ss-tproxy) ss-redir 全局透明代理 (REDIRECT + TPROXY)
- [**30**Star][15d] [Py] [xiphosresearch/smsisher](https://github.com/xiphosresearch/smsisher) SMS Phishing Tools
- [**30**Star][4m] [Py] [xayon/pyrcrack](https://github.com/xayon/pyrcrack) Python Aircrack-ng bindings
- [**30**Star][7y] [JS] [x/twitter-brute-force](https://github.com/x/twitter-brute-force) Brute forces dictionaries for available twitter handles
- [**30**Star][10m] [Go] [wybiral/reverseproxy](https://github.com/wybiral/reverseproxy) Encrypted reverse proxy in Go.
- [**30**Star][6y] [web2hack/trac](https://github.com/web2hack/trac) 《Web前端黑客技术揭秘》勘误表
- [**30**Star][2y] [HTML] [vuetifyjs/simple](https://github.com/vuetifyjs/simple) The simplest possible Vue setup in a single HTML file
- [**30**Star][10m] [Shell] [vrutkovs/firefox-flatpak](https://github.com/vrutkovs/firefox-flatpak) Flatpak manifest and patches to build Firefox
- [**30**Star][3y] [C++] [vic4key/cat-driver](https://github.com/vic4key/cat-driver) CatDriver - The Kernel Mode Driver that written in C++. It is an useful driver and has the highest privilege level on the Windows platform. It can be used for Game Hacking and others.
- [**30**Star][3m] [PHP] [tuupola/whereami](https://github.com/tuupola/whereami) Common PHP interface for wifi positioning services
- [**30**Star][4y] [Shell] [tjunxiang92/android-vulnerabilities](https://github.com/tjunxiang92/android-vulnerabilities) Covers Top 10 OWASP Mobile Vulnerabilities
- [**30**Star][5m] [C] [tillmannw/prowler](https://github.com/tillmannw/prowler) Base Code for P2P Network Crawlers
- [**30**Star][4m] [C] [tigerpuma/afl_unicorn](https://github.com/tigerpuma/afl_unicorn) 
- [**30**Star][1y] [Py] [thehappydinoa/tp-link-defaults](https://github.com/thehappydinoa/tp-link-defaults) Python script for trying default passwords for some TP-Link Hotspots
- [**30**Star][4y] [techbliss/yara_mailware_quick_menu_scanner](https://github.com/techbliss/yara_mailware_quick_menu_scanner) Work Fast With the pattern matching swiss knife for malware researchers.
- [**30**Star][1y] [C++] [tai7sy/be_fuck](https://github.com/tai7sy/be_fuck) BattlEye Emulator
- [**30**Star][3m] [Py] [syworks/wpa-bruteforcer](https://github.com/syworks/wpa-bruteforcer) Attacking WPA/WPA encrypted access point without client.
- [**30**Star][13d] [BitBake] [sy3omda/burp-bounty](https://github.com/sy3omda/burp-bounty)  is extension of Burp Suite that improve Burp scanner.
- [**30**Star][4m] [Shell] [superkojiman/scanreport](https://github.com/superkojiman/scanreport) Take output from nmap and turn it into something easily searchable and readable.
- [**30**Star][2m] [Go] [stefansundin/ec2-metadata-filter](https://github.com/stefansundin/ec2-metadata-filter) Enhance the security of the EC2 metadata service. (Obsolete thanks to Instance Metadata Service Version 2, see note in README)
- [**30**Star][7y] [spiderlabs/xmlmao](https://github.com/spiderlabs/xmlmao) A configurable XPath/XML injection testbed
- [**30**Star][6y] [JS] [spiderlabs/modsecurity-status](https://github.com/spiderlabs/modsecurity-status) ModSecurity status
- [**30**Star][2m] [Py] [sooshie/packerid](https://github.com/sooshie/packerid) 
- [**30**Star][22d] [Py] [somerset-recon/blog](https://github.com/somerset-recon/blog) For code snippets and information
- [**30**Star][5m] [slowmist/ontology-triones-service-node-security-checklist](https://github.com/slowmist/ontology-triones-service-node-security-checklist) Ontology Triones Service Node security checklist（本体北斗共识集群安全执行指南）
- [**30**Star][16d] [C] [skx/pam_pwnd](https://github.com/skx/pam_pwnd) A PAM module to test passwords against previous leaks at haveibeenpwned.com
- [**30**Star][10m] [HTML] [skepticfx/damnvulnerable.me](https://github.com/skepticfx/damnvulnerable.me) A deliberately vulnerable modern day app with lots of DOM related bugs
- [**30**Star][2m] [Py] [skelsec/windows_ad_dos_poc](https://github.com/skelsec/windows_ad_dos_poc) PoC code for crashing windows active directory
- [**30**Star][8m] [C#] [shack2/swebscan](https://github.com/shack2/swebscan) SWebScan是一款基于C#的Web目录扫描器。
- [**30**Star][2y] [C++] [sentinel-one/skream](https://github.com/sentinel-one/skream) SentinelOne's KeRnel Exploits Advanced Mitigations
- [**30**Star][2m] [Ruby] [sensu-plugins/sensu-plugins-http](https://github.com/sensu-plugins/sensu-plugins-http) This plugin provides native HTTP instrumentation for monitoring and metrics collection, including: response code, JSON response, HTTP last modified, SSL expiry, and metrics via `curl`.
- [**30**Star][16d] [Py] [sensepost/punch-q](https://github.com/sensepost/punch-q) 
- [**30**Star][2m] [Shell] [security-onion-solutions/securityonion-setup](https://github.com/security-onion-solutions/securityonion-setup) 
- [**30**Star][2m] [C] [securifera/cowcron](https://github.com/securifera/cowcron) Cronbased Dirty Cow Exploit
- [**30**Star][4y] [C] [scorchsecurity/toast](https://github.com/scorchsecurity/toast) User-mode hook bypassing method
- [**30**Star][2m] [CSS] [savon-noir/nmap-webgui](https://github.com/savon-noir/nmap-webgui) Basic gui to run and display nmap scan results. Just a POC so far.
- [**30**Star][4m] [Shell] [sap/vulnerability-assessment-kb](https://github.com/sap/vulnerability-assessment-kb) This dataset contains fix commits for known vulnerabilities in open-source projects and fuels the vulnerability-assessment-tool
- [**30**Star][1m] [Logos] [ruler225/jailbreaktweaks](https://github.com/ruler225/jailbreaktweaks) All of my open source jailbreak tweaks for iOS
- [**30**Star][1y] [JS] [royale-proxy/node-cr-proxy](https://github.com/royale-proxy/node-cr-proxy) A simple Clash Royale proxy, implementing the new encryption, built on top of Node
- [**30**Star][3y] [JS] [rocketshipapps/hardenedpaste](https://github.com/rocketshipapps/hardenedpaste) [Retired] Hardened Paste is a browser extension that prevents the “pastejacking” exploit.
- [**30**Star][5y] [rafiot/hackedteamcerts](https://github.com/rafiot/hackedteamcerts) A bunch of certificates from the Hacking Team leak
- [**30**Star][6m] [C++] [psmitty7373/eif](https://github.com/psmitty7373/eif) Evil Reflective DLL Injection Finder
- [**30**Star][6y] [C++] [promised-lu/memoryprotection](https://github.com/promised-lu/memoryprotection) Internet Explorer MemoryProtection Mitigation
- [**30**Star][11d] [C++] [polycone/pe-loader](https://github.com/polycone/pe-loader) A Windows PE format file loader
- [**30**Star][2y] [pinktangent/endpoint-testing](https://github.com/pinktangent/endpoint-testing) Repository for Endpoint Security Testing
- [**30**Star][4m] [Py] [pielco11/telescan](https://github.com/pielco11/telescan) 
- [**30**Star][6m] [PHP] [php-fig-rectified/psr2r-sniffer](https://github.com/php-fig-rectified/psr2r-sniffer) A PSR-2-R code sniffer and code-style auto-correction-tool - including many useful additions
- [**30**Star][7d] [JS] [pertsev/web3_utilz](https://github.com/pertsev/web3_utilz) Useful snippets of js code for interacting with Smart Contracts
- [**30**Star][5m] [C] [patois/brahma](https://github.com/patois/brahma) Brahma - Privilege elevation exploit for Nintendo 3DS
- [**30**Star][1y] [Go] [parsiya/go-security](https://github.com/parsiya/go-security) My Go security projects
- [**30**Star][1m] [Shell] [optixal/dotfiles](https://github.com/optixal/dotfiles) 
- [**30**Star][13d] [HTML] [opsxcq/mirror-fravia](https://github.com/opsxcq/mirror-fravia) Fravia's mirror, for old times's sake !
- [**30**Star][18d] [JS] [onrik/django-webshell](https://github.com/onrik/django-webshell) Django application for running python code in your project's environment from django admin.
- [**30**Star][3m] [C++] [oct0xor/deci3dbg](https://github.com/oct0xor/deci3dbg) Ida Pro debugger module for Playstation 3
- [**30**Star][6m] [TS] [oclif/kaomoji](https://github.com/oclif/kaomoji) A simple example CLI that generates kaomoji (
- [**30**Star][2m] [Go] [nullhypothesis/sybilhunter](https://github.com/nullhypothesis/sybilhunter) Hunting for Sybils and anomalies in archived Tor network data.
- [**30**Star][2y] [C++] [ntraiseharderror/unrunpe](https://github.com/ntraiseharderror/unrunpe) PoC for detecting and dumping process hollowing code injection
- [**30**Star][5m] [Py] [nsacyber/serial2pcap](https://github.com/nsacyber/serial2pcap) Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) format. #nsacyber
- [**30**Star][27d] [Py] [nityanandagohain/proxy_configuration](https://github.com/nityanandagohain/proxy_configuration) System wide proxy configuration in a single script with options to add, remove proxy and restore system default proxy configuration
- [**30**Star][1y] [neu5ron/malware-traffic-analysis-pcaps](https://github.com/neu5ron/malware-traffic-analysis-pcaps) malware-traffic-analysis.net PCAPs repository.
- [**30**Star][2y] [C++] [nervous/greenkit-rootkit](https://github.com/nervous/greenkit-rootkit) GreenKit is an userland rootkit hiding its own files and mining bitcoins on compromised computers. Do /NOT/ download or use this rootkit for malicious purposes. Use it only for your own knowledge.
- [**30**Star][7m] [Go] [ncw/oauthproxy](https://github.com/ncw/oauthproxy) This is an oauth2 proxy server
- [**30**Star][25d] [C] [mxmssh/netafl](https://github.com/mxmssh/netafl) winAFL patch to enable network-based apps fuzzing
- [**30**Star][3y] [Py] [mvondracek/wifimitm](https://github.com/mvondracek/wifimitm) Automation of MitM Attack on Wi-Fi Networks
- [**30**Star][9m] [Py] [mstsec/mst](https://github.com/mstsec/mst) A Platform for Web Pentest From China
- [**30**Star][3m] [C] [mitrecnd/htpy](https://github.com/mitrecnd/htpy) Python bindings to libhtp
- [**30**Star][4m] [Shell] [misp/misp-cloud](https://github.com/misp/misp-cloud) misp-cloud - Cloud-ready images of MISP
- [**30**Star][3m] [michaellandi/exportstoc](https://github.com/michaellandi/exportstoc) Used to create wrappers and proxy libraries for Windows binaries.
- [**30**Star][3m] [Py] [michaeldim02/hvazard](https://github.com/michaeldim02/hvazard) Remove short passwords & duplicates, change lowercase to uppercase & reverse, combine wordlists!
- [**30**Star][4m] [Py] [michael-myers/macos-wpa-psk](https://github.com/michael-myers/macos-wpa-psk) PoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
- [**30**Star][11d] [JS] [mcibique/express-security](https://github.com/mcibique/express-security) nodejs + express security and performance boilerplate.
- [**30**Star][4y] [markofu/hackeire](https://github.com/markofu/hackeire) Challenges, notes & other stuff from the HackEire CTF.....
- [**30**Star][3m] [JS] [markelog/adit](https://github.com/markelog/adit) SSH tunnels – in any way you want it
- [**30**Star][1y] [C++] [malcomvetter/dnscache](https://github.com/malcomvetter/dnscache) 
- [**30**Star][4m] [Shell] [mainframed/enumeration](https://github.com/mainframed/enumeration) PoC REXX Script to Help with z/OS System enumeration via OMVS/TSO/JCL.
- [**30**Star][2m] [Go] [lucdew/goransomware](https://github.com/lucdew/goransomware) Ransomware written in Go language
- [**30**Star][11d] [Go] [leonlee/jrdwp](https://github.com/leonlee/jrdwp) Java Remote Debug through Websocket Proxy.
- [**30**Star][5m] [Py] [lanrat/spiderwho](https://github.com/lanrat/spiderwho) A very fast whois crawler
- [**30**Star][5m] [C] [landhb/memscan-1.0](https://github.com/landhb/memscan-1.0) Scan and edit memory using WinAPI functions such as ReadProcessMemory and WriteProcessMemory
- [**30**Star][2m] [C] [l-n-s/transmission-i2p](https://github.com/l-n-s/transmission-i2p) Anonymous torrent client Transmission-I2P [UNMAINTAINED]
- [**30**Star][18d] [kylebing/sslist](https://github.com/kylebing/sslist) 优化访问速度的小型 gfw (Great Fire Wall) 规则列表 gfwlist
- [**30**Star][4m] [Dart] [kvaibhav01/knockdown-flutter](https://github.com/kvaibhav01/knockdown-flutter) Enough exercises to knockdown the fear of Flutter in you
- [**30**Star][3m] [Py] [kcreyts/plugxdecoder](https://github.com/kcreyts/plugxdecoder) Decodes PlugX traffic and encrypted/compressed artifacts
- [**30**Star][4m] [C++] [kareldonk/quantumgate](https://github.com/kareldonk/quantumgate) QuantumGate is a peer-to-peer (P2P) communications protocol, library and API written in C++.
- [**30**Star][21d] [Clojure] [kakao/hbase-packet-inspector](https://github.com/kakao/hbase-packet-inspector) Analyzes network traffic of HBase RegionServers
- [**30**Star][1m] [Py] [joychou93/md5-extension-attack](https://github.com/joychou93/md5-extension-attack) MD5长度扩展攻击
- [**30**Star][4m] [C++] [jnastarot/soul_eater](https://github.com/jnastarot/soul_eater) it can extract functions from .dll, .exe, .sys and it be work! :)
- [**30**Star][6m] [Java] [jenly1314/baseurlmanager](https://github.com/jenly1314/baseurlmanager) 
- [**30**Star][4m] [Java] [jenkinsci/remoting-kafka-plugin](https://github.com/jenkinsci/remoting-kafka-plugin) Jenkins Remoting over Apache Kafka
- [**30**Star][9m] [Py] [jekil/udpot](https://github.com/jekil/udpot) Simple UDP honeypot script
- [**30**Star][2m] [Py] [jaky5155/cve-2019-0708-exp](https://github.com/jaky5155/cve-2019-0708-exp) 
- [**30**Star][1m] [C] [ispras/qemu](https://github.com/ispras/qemu) 
- [**30**Star][2y] [JS] [ioactive/bluecrawl](https://github.com/ioactive/bluecrawl) Frida (Android) Script for extracting bluetooth information
- [**30**Star][4m] [Py] [intezer/mop](https://github.com/intezer/mop) MoP - "Master of Puppets" - Advanced malware tracking framework
- [**30**Star][3m] [Py] [intelligent-agent/redeem](https://github.com/intelligent-agent/redeem) Firmware for Replicape
- [**30**Star][2m] [Py] [infosec-au/webappsec-toolkit](https://github.com/infosec-au/webappsec-toolkit) Web Application Security related tools. Includes backdoors, proof of concepts and tricks
- [**30**Star][6m] [Py] [immortal3/hidden-eye](https://github.com/immortal3/hidden-eye) Hide data into Picture
- [**30**Star][4m] [C++] [hempnall/broyara](https://github.com/hempnall/broyara) integrating bro into yara
- [**30**Star][5m] [Py] [haxorthematrix/loc-nogps](https://github.com/haxorthematrix/loc-nogps) 
- [**30**Star][2m] [C++] [hasherezade/petya_key](https://github.com/hasherezade/petya_key) A decoder for Petya victim keys, using the Janus' masterkey.
- [**30**Star][7m] [HTML] [h2hconference/2016](https://github.com/h2hconference/2016) H2HC 2016 Slides/Materials/Presentations
- [**30**Star][7y] [C] [gwroblew/detectxsslib](https://github.com/gwroblew/detectxsslib) 
- [**30**Star][4m] [Py] [greenbone/python-gvm](https://github.com/greenbone/python-gvm) Greenbone Vulnerability Management Python Library
- [**30**Star][27d] [PHP] [gr33ntii/malware-collection](https://github.com/gr33ntii/malware-collection) 
- [**30**Star][19d] [TeX] [gossip-sjtu/k-hunt](https://github.com/gossip-sjtu/k-hunt) K-Hunt: Pinpointing Insecure Crypto Keys
- [**30**Star][5y] [Py] [glamrock/stormy](https://github.com/glamrock/stormy) Easy creation of Tor Hidden Services
- [**30**Star][4m] [CSS] [ghacksuserjs/torzillaprint](https://github.com/ghacksuserjs/torzillaprint) Firefox & Tor Browser only, current ESR+ only, client-side only [for now], results only, fingerprint testing
- [**30**Star][4y] [PHP] [fuzzdb-project/webshell](https://github.com/fuzzdb-project/webshell) This is a webshell open source project
- [**30**Star][1m] [Visual Basic] [foryujian/ipintervalmerge](https://github.com/foryujian/ipintervalmerge) IP区间批量合并工具，合并重叠交集的IP范围
- [**30**Star][2m] [Py] [fluxchief/binaryninja_avr](https://github.com/fluxchief/binaryninja_avr) Binaryninja AVR architecture plugin with lifting
- [**30**Star][8m] [Py] [fideliscyber/data_mining](https://github.com/fideliscyber/data_mining) Data Mining Virus Total for threat feed building
- [**30**Star][10d] [Py] [fhightower/ioc-finder](https://github.com/fhightower/ioc-finder) Simple, effective, and modular package for parsing observables (indicators of compromise and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. You can test this project out here:
- [**30**Star][1m] [JS] [fcavallarin/htcrawl](https://github.com/fcavallarin/htcrawl) Htcrawl is nodejs module for the recursive crawling of single page applications (SPA) using javascript
- [**30**Star][5m] [C#] [f135ta/simpleproxy](https://github.com/f135ta/simpleproxy) Simple Proxy implementation for Net Core using Castle Dynamic Proxy
- [**30**Star][6y] [PS] [enigma0x3/powershell-c2](https://github.com/enigma0x3/powershell-c2) 
- [**30**Star][15d] [Shell] [enfuzz/enfuzz](https://github.com/enfuzz/enfuzz) 
- [**30**Star][27d] [Py] [eleemosynator/writeups](https://github.com/eleemosynator/writeups) Write-ups for crackmes and CTF challenges
- [**30**Star][20d] [edwardqiu/awesome-infosec](https://github.com/edwardqiu/awesome-infosec) A curated list of awesome infosec blog posts, courses, books and more!
- [**30**Star][10m] [PHP] [echo-devim/xbackdoor](https://github.com/echo-devim/xbackdoor) A tool for the persistent XSS exploitation with a focus for mobile web browsers
- [**30**Star][1y] [Shell] [ebelties/domainwatch](https://github.com/ebelties/domainwatch) DomainWatch allows everyone to monitor domains for possible take-overs.
- [**30**Star][2m] [Ruby] [drewlong/vbully](https://github.com/drewlong/vbully) 3.8.x - 4.2.3 ForumRunner (vBulletin) exploit Proof of Concept
- [**30**Star][3m] [Py] [dottedmag/archmage](https://github.com/dottedmag/archmage) A reader and decompiler for files in the CHM format
- [**30**Star][5m] [C] [dmsc/emu2](https://github.com/dmsc/emu2) Simple x86 and DOS emulator for the Linux terminal.
- [**30**Star][19d] [C] [devdavisnunez/vhbb](https://github.com/devdavisnunez/vhbb) Browse, download, and launch Vita homebrews!
- [**30**Star][15d] [Ruby] [dev-sec/ansible-apache-hardening](https://github.com/dev-sec/ansible-apache-hardening) 
- [**30**Star][3y] [deroko/payloadrestrictions](https://github.com/deroko/payloadrestrictions) EMET 集成到 Win10Insider 之后改名为 PayloadRestrictions，文章分析了 PayloadRestrictions.dll 的加载过程
- [**30**Star][2m] [C] [deroko/activationcontexthook](https://github.com/deroko/activationcontexthook) hook and force process to load redirected DLL.
- [**30**Star][12d] [danpage/scale](https://github.com/danpage/scale) scale: Side-Channel Attack Lab
- [**30**Star][2y] [ObjC] [dannagle/packetsender-ios](https://github.com/dannagle/packetsender-ios) Packet Sender for iOS, Send/Receive UDP/TCP
- [**30**Star][8m] [Py] [dado3212/polldaddyhack](https://github.com/dado3212/polldaddyhack) Exploit PollDaddy polls
- [**30**Star][13d] [Py] [ctxis/cbrcli](https://github.com/ctxis/cbrcli) Command line interface to Carbon Black Response
- [**30**Star][10m] [Go] [cryptogenic/rebot](https://github.com/cryptogenic/rebot) A discord bot for reverse engineers and exploit developers.
- [**30**Star][6m] [Java] [cristianturetta/mad-spy](https://github.com/cristianturetta/mad-spy) We developed a malware for educational purposes. In particular, our goal is to provide a PoC of what is known as a Repacking attack, a known technique widely used by malware cybercrooks to trojanize android apps. The answer to solve this particular goal boils down in the simplicity of APK decompiling and smali code injection.
- [**30**Star][5m] [Go] [cretz/tor-dht-poc](https://github.com/cretz/tor-dht-poc) Anonymous DHT Accessible from Executable or Tor-Enabled Browser
- [**30**Star][5m] [C++] [codeliker/mymig_meterpreter](https://github.com/codeliker/mymig_meterpreter) mig meterpreter stager
- [**30**Star][2y] [C++] [certt/1000base](https://github.com/certt/1000base) CS:GO cheat base
- [**30**Star][2m] [Py] [catalyst256/sniffmypackets](https://github.com/catalyst256/sniffmypackets) Canari local transforms pcap file analysis
- [**30**Star][2y] [Py] [carstein/burp-extensions](https://github.com/carstein/burp-extensions) Automatically exported from code.google.com/p/burp-extensions
- [**30**Star][30d] [Py] [byt3bl33d3r/dnschef](https://github.com/byt3bl33d3r/dnschef) DNSChef - DNS proxy for Penetration Testers and Malware Analysts
- [**30**Star][3m] [PHP] [bypupil/ctfhub](https://github.com/bypupil/ctfhub) Some Docker for CTF environments
- [**30**Star][19d] [Py] [bunseokbot/darklight](https://github.com/bunseokbot/darklight) Engine for collecting onion domains and crawling from webpage based on Tor network
- [**30**Star][6m] [Py] [bshastry/afl-sancov](https://github.com/bshastry/afl-sancov) AFL coverage tool using Clang SanitizerCoverage
- [**30**Star][10m] [C++] [briterator/drpdb](https://github.com/briterator/drpdb) Convert from Microsoft PDB format into a MySQL database
- [**30**Star][7m] [CSS] [botherder/flexikiller](https://github.com/botherder/flexikiller) simple removal utilities for Windows and Mac versions of the FlexiSpy trojan.
- [**30**Star][13d] [C++] [blur-network/blur](https://github.com/blur-network/blur) Blur is an experimental cryptocurrency, which employs a custom PoW algo called CryptoNight-Dynamic. Iterations adjust approx. once every five seconds, with a goal of maintaining CPU advantages over spec. mining hardware. Making use of a timestamp, block height, and the previous block’s hash, CN-Dynamic varies within & between blocks.
- [**30**Star][4m] [C] [biswa96/wslreverse](https://github.com/biswa96/wslreverse) Experiments with hidden COM interface and LxBus IPC mechanism in WSL
- [**30**Star][2y] [biprodeep/awesome-ml-for-cybersecurity](https://github.com/biprodeep/awesome-ml-for-cybersecurity) 
- [**30**Star][2y] [Py] [bandrel/ocyara](https://github.com/bandrel/ocyara) Performs OCR on image files and scans them for matches to YARA rules
- [**30**Star][24d] [JS] [b-mueller/sabre](https://github.com/b-mueller/sabre) Security analyzer for Solidity smart contracts. Uses the MythX smart contract security service.
- [**30**Star][9m] [Py] [azmatt/anaximander](https://github.com/azmatt/anaximander) Python Code to Map Cell Towers From a Cellebrite Android Dump
- [**30**Star][2m] [C++] [azadkuh/mbedcrypto](https://github.com/azadkuh/mbedcrypto) a portable, small, easy to use and fast c++14 library for cryptography.
- [**30**Star][1m] [Py] [averagesecurityguy/crack](https://github.com/averagesecurityguy/crack) XMLRPC server for password cracking
- [**30**Star][6m] [Py] [aurainfosec/burp-multi-browser-highlighting](https://github.com/aurainfosec/burp-multi-browser-highlighting) Highlight Burp proxy requests made by different browsers
- [**30**Star][4m] [atvaark/darksoulsiii.fileformats](https://github.com/atvaark/darksoulsiii.fileformats) Dark Souls III archive file information
- [**30**Star][21d] [TeX] [atomicorp/openvas-docker](https://github.com/atomicorp/openvas-docker) A docker container for openvas
- [**30**Star][23d] [Py] [androidtamer/frida-push](https://github.com/androidtamer/frida-push) Wrapper tool to identify the remote device and push device specific frida-server binary.
- [**30**Star][6m] [Py] [andrewilyas/ens-adv-train-attack](https://github.com/andrewilyas/ens-adv-train-attack) Circumventing the defense in "Ensemble Adversarial Training: Attacks and Defenses"
- [**30**Star][1m] [Shell] [digivill/all-in-one-wifi-cracker](https://github.com/Digivill/All-in-One-WiFi-Cracker) Linux All in One Wifi Cracker
- [**30**Star][9d] [Py] [alexivkin/wifipicket](https://github.com/alexivkin/wifipicket) Selective wifi jammer - control who can connect where
- [**30**Star][6m] [Swift] [alexdrone/proxy](https://github.com/alexdrone/proxy) Swift package that implements observable mutable/immutable proxy objects through @dynamicMemberLookup
- [**30**Star][19d] [JS] [alephsecurity/spectrebrowserresearch](https://github.com/alephsecurity/spectrebrowserresearch) 
- [**30**Star][15d] [Py] [al45tair/ds_store](https://github.com/al45tair/ds_store) 
- [**30**Star][2y] [JS] [akalankauk/foxss-xss-penetration-testing-tool](https://github.com/akalankauk/foxss-xss-penetration-testing-tool) Foxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.
- [**30**Star][8m] [ahmetgurel/pentest-hints](https://github.com/ahmetgurel/pentest-hints) Tips for Penetration Testing
- [**30**Star][5m] [C#] [aevitas/orion](https://github.com/aevitas/orion) Managed game manipulation framework for Counter Strike: Global Offensive in C#
- [**30**Star][2m] [Go] [adonley/ethereum-brute-force](https://github.com/adonley/ethereum-brute-force) Brute force generating ethereum private keys and check them against known addresses.
- [**30**Star][3y] [Py] [5z1punch/oracle_java_shell_client](https://github.com/5z1punch/oracle_java_shell_client) oracle 10g sys权限通过java执行命令获得一个非交互shell的客户端，通常用于正向连接
- [**30**Star][3y] [PS] [3gstudent/com-object-hijacking](https://github.com/3gstudent/com-object-hijacking) use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)
- [**30**Star][4y] [0xicf/scadashutdowntool](https://github.com/0xicf/scadashutdowntool) 
- [**30**Star][7y] [C++] [0xdabbad00/openhips](https://github.com/0xdabbad00/openhips) OpenHIPS prevents exploitation of Windows systems
- [**30**Star][2m] [Py] [0x71/cuckoo-linux](https://github.com/0x71/cuckoo-linux) Linux malware analysis based on Cuckoo Sandbox.
- [**30**Star][5m] [YARA] [0pc0defr/yararules](https://github.com/0pc0defr/yararules) Multiple rules for yara-project for detect compiler/packer/protector
- [**29**Star][10d] [Shell] [mehulpanchal007/venom](https://github.com/mehulpanchal007/venom) Auto Recon Bash Script
- [**29**Star][2m] [JS] [adzialocha/beep-beep](https://github.com/adzialocha/beep-beep) Fictional p2p protocol
- [**29**Star][12d] [Kotlin] [spypunk/sponge](https://github.com/spypunk/sponge) sponge is a website crawler and links downloader command line tool
- [**29**Star][2y] [Py] [lwl5219/ancient_chinese](https://github.com/lwl5219/ancient_chinese) 古汉语(文言文)字典-爬取文言文字典网,制作Kindle字典.
- [**29**Star][4m] [Shell] [rajkumardusad/onex](https://github.com/rajkumardusad/onex) onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.
- [**29**Star][2m] [JS] [baslr/node-qemu-server](https://github.com/baslr/node-qemu-server) Free GUI / Frontend / Management tool for simple setup, configure and control virtual machines (qemu / kvm) within your HTML5 Webbrowser. Virtualization with Node.js / Currently under complete rewrite.
- [**29**Star][4m] [OCaml] [mirleft/ocaml-x509](https://github.com/mirleft/ocaml-x509) X509 (RFC5280) handling in OCaml
- [**29**Star][4m] [C#] [eliteapi/eliteapi](https://github.com/eliteapi/eliteapi) .NET library, VoiceAttack plugin & VoiceMacro plugin for Elite: Dangerous
- [**29**Star][4m] [PHP] [bit-wasp/bitcoin-p2p-php](https://github.com/bit-wasp/bitcoin-p2p-php) Implementation of Bitcoin protocol using ReactPHP
- [**29**Star][17d] [JS] [enigmampc/enigma-p2p](https://github.com/enigmampc/enigma-p2p) The Enigma Worker Peer-to-Peer (P2P) package written in Node.js based on libp2p-js
- [**29**Star][3m] [Shell] [tep/git-templates](https://github.com/tep/git-templates) Templates / Hooks for Your Git Repositories
- [**29**Star][4m] [C] [prplfoundation/prpl-hypervisor](https://github.com/prplfoundation/prpl-hypervisor) prplHypervisor™
- [**29**Star][3m] [Py] [mnrkbys/norimaci](https://github.com/mnrkbys/norimaci) Norimaci is a simple and lightweight malware analysis sandbox for macOS
- [**29**Star][4m] [Py] [rikvanduijn/wmi-persistence](https://github.com/rikvanduijn/wmi-persistence) 
- [**29**Star][21d] [Py] [xarrow/weibo-scraper](https://github.com/xarrow/weibo-scraper) Simple Weibo Scraper
- [**29**Star][4m] [JS] [mowlc/real-estate-scraper](https://github.com/mowlc/real-estate-scraper) Web scraper that makes it easier to find real estate in Slovenia.
- [**29**Star][3m] [Java] [lemonjing/algorithm](https://github.com/lemonjing/algorithm) 
- [**29**Star][12m] [Go] [cirello-io/humorchecker](https://github.com/cirello-io/humorchecker) [Mirror] Port of Sentimental library into Go
- [**29**Star][8m] [Java] [code4everything/visual-spider](https://github.com/code4everything/visual-spider) 用JavaFX开发基于crawler4j的图形化的网络爬虫
- [**29**Star][9d] [C++] [shuhuagao/vchsm](https://github.com/shuhuagao/vchsm) C++ 11 algorithm implementation for voice conversion using harmonic plus stochastic models
- [**29**Star][12d] [Go] [albert-w/crawler-project](https://github.com/albert-w/crawler-project) Google资深工程师深度讲解Go语言 爬虫项目。
- [**29**Star][3m] [TS] [kimcoder/serverless-instagram-crawler](https://github.com/kimcoder/serverless-instagram-crawler) serverless, instagram hashtag crawler with lambda, dynamoDB
- [**29**Star][4m] [Java] [a252937166/toutiaocrawler](https://github.com/a252937166/toutiaocrawler) 头条号爬虫案例
- [**29**Star][23d] [Py] [otherofice/vpn-jail](https://github.com/otherofice/vpn-jail) 
- [**29**Star][2m] [Py] [vanyasem/vk-scraper](https://github.com/vanyasem/vk-scraper) Scrapes VK user's photos
- [**29**Star][26d] [C++] [yet-another-series/yet_another_algorithms_repository](https://github.com/yet-another-series/yet_another_algorithms_repository) Beginner friendly repo for easily contributing algorithms' implementations
- [**29**Star][24d] [Py] [lovit/naver_news_search_scraper](https://github.com/lovit/naver_news_search_scraper) 검색어 기준으로 네이버뉴스와 댓글을 수집하는 파이썬 코드
- [**29**Star][2m] [C] [ssaroussi/griffin-hypervisor](https://github.com/ssaroussi/griffin-hypervisor) An Anti-Rootkit implemented using Intel VT-x
- [**29**Star][23d] [ObjC] [rpwnage/warri0r](https://github.com/rpwnage/warri0r) ios 12 Sandbox escape POC
- [**29**Star][14d] [Py] [hongfeioo/nodepingmanage](https://github.com/hongfeioo/nodepingmanage) 可用于监控交换机／服务器／防火墙的存活状态的ping监控报警系统
- [**29**Star][27d] [Nim] [jangko/nimaes](https://github.com/jangko/nimaes) Advanced Encryption Standard, Rinjdael Algorithm written in Nim
- [**29**Star][18d] [TS] [iot-makers/sigfox-platform](https://github.com/iot-makers/sigfox-platform) Open Source platform to display and parse Sigfox messages in real time with Sigfox, GPS, WiFi & beacon geolocalisation
- [**29**Star][4m] [Py] [larrabee/freeipa-password-reset](https://github.com/larrabee/freeipa-password-reset) Self-service password reset app for FreeIPA
- [**29**Star][4m] [Py] [thunt01/sneakerbot-app](https://github.com/thunt01/sneakerbot-app) App that scrapes the Footlocker website to construct URLs for upcoming sneaker releases and adds the shoe to your cart if it is available. Uses Python and Selenium Webdriver. *Chrome and Chromedriver must be installed and Chromedriver must be on main path
- [**29**Star][22d] [Py] [synss/python-mbedtls](https://github.com/synss/python-mbedtls) Cryptographic library with an mbed TLS back end
- [**29**Star][3m] [Java] [vector4wang/vw-crawler](https://github.com/vector4wang/vw-crawler) 
- [**29**Star][10d] [C++] [nymea/nymea-networkmanager](https://github.com/nymea/nymea-networkmanager) This daemon allows to set up the wireless network using a Bluetooth LE connection.
- [**29**Star][4m] [Shell] [machou/cloudflare-block](https://github.com/machou/cloudflare-block) Cloudflare Blocking
- [**29**Star][4m] [Java] [danz1ka19/android-app-hc05-arduino](https://github.com/danz1ka19/android-app-hc05-arduino) Android Application that sends signal to Bluetooth HC05 to communicate with Arduino Module
- [**29**Star][4m] [C#] [vallens/crawlersamples](https://github.com/vallens/crawlersamples) This is a Puppeteer+AngleSharp crawler console app samples, used C# 7.1 coding and dotnet core build.
- [**29**Star][15d] [JS] [portable-cto/airtable-proxy-worker](https://github.com/portable-cto/airtable-proxy-worker) A Cloudflare Worker that allows you to make secure requests to the Airtable API from your frontend.
- [**29**Star][10m] [Java] [marcolivierarsenault/polarheartrateapplication](https://github.com/marcolivierarsenault/polarheartrateapplication) Android Application that display Polar heart rate connected by bluetooth
- [**29**Star][11m] [JS] [thunbergolle/steamtradebot](https://github.com/thunbergolle/steamtradebot) Open source steam trading bot. Accepting or declining trades based on the automatic value calculation.
- [**29**Star][5m] [TS] [videomanagertools/scraper](https://github.com/videomanagertools/scraper) A scraper that switches between normal mode and gentleman mode, built on Eletron, React
- [**29**Star][1m] [Py] [ls0f/pwm](https://github.com/ls0f/pwm) 自用的密码管理工具
- [**29**Star][4m] [C++] [quasarapp/qt-secret](https://github.com/quasarapp/qt-secret) Fast encryption library supporting RSA and AES algorithms.
- [**29**Star][1m] [PHP] [yakeing/php_jwsign](https://github.com/yakeing/php_jwsign) This is a function wrapping through the Openssl to sign and validate the data, which ensures the integrity and security of the original data.
- [**29**Star][8m] [Shell] [sphynx/wifi-select](https://github.com/sphynx/wifi-select) Tool for selecting wifi networks in ArchLinux console
- [**29**Star][1m] [Visual Basic] [zelon88/ransomware_defender](https://github.com/zelon88/ransomware_defender) A Windows Logon / Startup / Scheduled Task Script for Ransomware Detection & Early-Warning
- [**29**Star][10d] [Jupyter Notebook] [bbva/waf-brain](https://github.com/bbva/waf-brain) Machine Learning WAF Based
- [**29**Star][10d] [C#] [reloaded-project/reloaded-ii](https://github.com/reloaded-project/reloaded-ii) Next Generation Universal .NET Core Powered Mod Loader compatible with anything X86, X64.
- [**29**Star][4m] [C++] [virtualabs/btlejack-firmware](https://github.com/virtualabs/btlejack-firmware) Btlejack firmware for BBC Micro:Bit
- [**29**Star][15d] [Shell] [pirate/fish-functions](https://github.com/pirate/fish-functions) 
- [**29**Star][18d] [Java] [calebfenton/resequencer](https://github.com/calebfenton/resequencer) Configurable, flexible regex-based APK modification tool.
- [**29**Star][6m] [Java] [guardianproject/pluto](https://github.com/guardianproject/pluto) Pluggable Library (for) Using Traffic Obfuscation: DEPRECATED - SEE LINK FOR NEW PROJECT
- [**29**Star][15d] [Vue] [dnscrypt/dnscrypt-website](https://github.com/dnscrypt/dnscrypt-website) DNSCrypt website
- [**29**Star][4m] [Shell] [fail0verflow/ps4-overlay](https://github.com/fail0verflow/ps4-overlay) Gentoo Portage overlay containing PS4 specific patches and packages
- [**29**Star][4m] [valvesoftware/steam-devices](https://github.com/valvesoftware/steam-devices) List of devices Steam and SteamVR will want read/write permissions on, to help downstream distributions create udev rules/etc
- [**29**Star][2m] [JS] [samyk/crak](https://github.com/samyk/crak) Crash Royale Attack Kit
- [**29**Star][1m] [C++] [frida/v8](https://github.com/frida/v8) Frida depends on V8
- [**29**Star][5m] [Java] [dineshshetty/fridaloader](https://github.com/dineshshetty/fridaloader) A quick and dirty app to download and launch Frida on Genymotion
- [**29**Star][4m] [Go] [mpolden/nflx-proxy](https://github.com/mpolden/nflx-proxy) Netflix DNS proxy written in Go
- [**29**Star][2m] [Assembly] [fsecurelabs/avrop](https://github.com/fsecurelabs/avrop) ROP based Movfuscator VM
- [**29**Star][27d] [Ruby] [igrigorik/em-socksify](https://github.com/igrigorik/em-socksify) Transparent proxy support for any EventMachine protocol
- [**29**Star][6m] [Py] [lijiejie/chromepass](https://github.com/lijiejie/chromepass) Decrypt all saved Chrome passwords
- [**29**Star][1m] [C] [pwn20wndstuff/meridianjb](https://github.com/pwn20wndstuff/meridianjb) 
- [**29**Star][17d] [hak5darren/ducky-flasher](https://github.com/hak5darren/ducky-flasher) Automatically exported from code.google.com/p/ducky-flasher
- [**29**Star][2m] [JS] [purplei2p/i2pd-tools](https://github.com/purplei2p/i2pd-tools) Some useful tools for I2P
- [**29**Star][4m] [HTML] [cryptogenic/ps4console](https://github.com/cryptogenic/ps4console) A successor to PS4Playground, emulates a shell-like environment to interact with the PlayStation 4.
- [**29**Star][17d] [Py] [pure-l0g1c/passwords](https://github.com/pure-l0g1c/passwords) Get or generate a password list
- [**29**Star][14d] [Py] [neu-sns/intl-iot](https://github.com/neu-sns/intl-iot) Datasets and code for IMC'19 paper on information exposure from IoT devices
- [**29**Star][15d] [Shell] [honwen/openwrt-dnsmasq-extra](https://github.com/honwen/openwrt-dnsmasq-extra) Anti Pollution/ADs DNS for OpenWrt/LEDE
- [**29**Star][2m] [C] [tokenrove/niffy](https://github.com/tokenrove/niffy) NIF testing harness
- [**29**Star][4m] [Py] [5h4d0wb0y/socialbrute](https://github.com/5h4d0wb0y/socialbrute) It attempts to crack social networks using a brute force dictionary attack.
- [**29**Star][11d] [Ruby] [mitre-cyber-academy/ctf-scoreboard](https://github.com/mitre-cyber-academy/ctf-scoreboard) Repository for the MITRE Capture the Flag scoreboard.
- [**29**Star][4m] [JS] [imshubhamsingh/farmerchain](https://github.com/imshubhamsingh/farmerchain) A​ ​ collaborative​ ​ and​ ​ collective​ ​ pool​ ​ farming​ ​ system​ with​ ​ built​ ​ in​ ​ blockchain​ ​ based​ ​ self​ ​ financing​ ​ system​ ​ to​ ​ help​ ​ farmers​ ​ become​ ​ self-reliant. | ᴘʀᴏᴏꜰ ᴏꜰ ᴄᴏɴᴄᴇᴘᴛ
- [**29**Star][12d] [JS] [jscck/crack.js](https://github.com/jscck/crack.js) Tool for javascript Encryption confusion cracking
- [**29**Star][7d] [Py] [bonnetn/vba-obfuscator](https://github.com/bonnetn/vba-obfuscator) 2018 School project - PoC of malware code obfuscation in Word macros
- [**29**Star][18d] [JS] [benoitsevens/applying-ttd-to-malware-analysis](https://github.com/benoitsevens/applying-ttd-to-malware-analysis) Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
- [**29**Star][7m] [PS] [ahhh/wifi_trojans](https://github.com/ahhh/wifi_trojans) A collection of wireless based bind and reverse connect shells for penetration testers to use in demonstrating persistence to a network via rouge access points.
- [**29**Star][12d] [Py] [virustotal/vt-py](https://github.com/virustotal/vt-py) The official Python 3 client library for VirusTotal
- [**29**Star][2m] [Py] [elevenpaths/pesto](https://github.com/elevenpaths/pesto) 
- [**29**Star][4m] [C++] [3xpl017/linpwn](https://github.com/3xpl017/linpwn) Interactive Post Exploitation Tool
- [**29**Star][1m] [C] [robotn/gohook](https://github.com/robotn/gohook) GoHook, Go global keyboard and mouse hook
- [**29**Star][9d] [Kotlin] [godtoy/wework-hook-example](https://github.com/godtoy/wework-hook-example) 企业微信xposed-hook，企业微信Hook，消息收发，自动爆粉
- [**29**Star][18d] [C#] [nyan-x-cat/revengerat-stub-cssharp](https://github.com/nyan-x-cat/revengerat-stub-cssharp) Revenge-RAT C# Stub - Fixed
- [**29**Star][13d] [Py] [3xploit-db/pentest-tools-framework](https://github.com/3xploit-db/pentest-tools-framework) Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
- [**29**Star][4m] [Java] [houarizegai/spygen](https://github.com/houarizegai/spygen) 
- [**29**Star][7m] [JS] [websecurity-quiz/websecurity-quiz.github.io](https://github.com/websecurity-quiz/websecurity-quiz.github.io) Test your Web Security knowledge with OWASP exam questions.
- [**29**Star][4m] [shmilylty/kalitools](https://github.com/shmilylty/kalitools) Kali Linux工具清单
- [**29**Star][2m] [C] [intel/jit-spray-poc-for-ksp](https://github.com/intel/jit-spray-poc-for-ksp) 
- [**29**Star][4m] [Ruby] [praetorian-code/dert](https://github.com/praetorian-code/dert) DNS Enumeration and Reconnaissance Tool
- [**29**Star][11d] [Py] [data61/anonlink](https://github.com/data61/anonlink) Python implementation of anonymous linkage using cryptographic linkage keys
- [**29**Star][5m] [Py] [zkclown/getpwd](https://github.com/zkclown/getpwd) It's a tool which generate a dictionary from a csv containing personals informations. Generate all common passwords based on perso info. (leet transformations and combinatory processing)
- [**29**Star][2y] [Py] [zer0xff/ps4_db_rebuilder](https://github.com/zer0xff/ps4_db_rebuilder) ps4 built in database rebuilder has the tendency to remove fpkg from the database, this will repopulate the database with them
- [**29**Star][4m] [PHP] [zendframework/zendxml](https://github.com/zendframework/zendxml) Utility library for XML usage and best practices in PHP
- [**29**Star][10m] [Smarty] [zee-ahmed/kube-owasp-zap](https://github.com/zee-ahmed/kube-owasp-zap) Owasp Zap chart for Kubernetes
- [**29**Star][8m] [C] [zecoxao/siscon](https://github.com/zecoxao/siscon) syscon firmware decrypter for ps4
- [**29**Star][4m] [Java] [zaproxy/zap-api-java](https://github.com/zaproxy/zap-api-java) OWASP ZAP Java API
- [**29**Star][1y] [JS] [yuanzhaokang/norseattack-like](https://github.com/yuanzhaokang/norseattack-like) A system like norse attack map.
- [**29**Star][4m] [Go] [xiaoyao1991/manspreading](https://github.com/xiaoyao1991/manspreading) Manspreading is a proxy server that helps you greedily occupy a peer seat in a remote geth node
- [**29**Star][2y] [C] [x64dbg/plugintemplate](https://github.com/x64dbg/plugintemplate) Plugin template for x64dbg. Releases:
- [**29**Star][11d] [Py] [wybiral/shh](https://github.com/wybiral/shh) Create Tor hidden services in Python.
- [**29**Star][18d] [wirelesscollege/securitytools](https://github.com/wirelesscollege/securitytools) android安全工具大全
- [**29**Star][3y] [C] [wangyinuo/memdump](https://github.com/wangyinuo/memdump) android下的内存dump工具，可以dump so文件
- [**29**Star][2m] [JS] [vmware/precaution](https://github.com/vmware/precaution) Precaution provides a simple, automated code review for GitHub projects by running code linters with a security focus on pull requests.
- [**29**Star][3y] [virqdroid/android_malware](https://github.com/virqdroid/android_malware) 
- [**29**Star][2m] [Matlab] [vedaldi/visualindex](https://github.com/vedaldi/visualindex) A simple demo of visual object matching using VLFeat
- [**29**Star][25d] [Py] [v1cker/poc-exp](https://github.com/v1cker/poc-exp) 
- [**29**Star][24d] [Java] [v-p-b/oracle_forms](https://github.com/v-p-b/oracle_forms) Testing tools for Oracle Forms
- [**29**Star][10d] [v-p-b/bigiron](https://github.com/v-p-b/bigiron) Collection of materials related to IBM z/OS security
- [**29**Star][5m] [Makefile] [torbsd/openbsd-ports](https://github.com/torbsd/openbsd-ports) OpenBSD ports under development by TDP
- [**29**Star][9m] [Lua] [tinywan/openresty-project-v0.01](https://github.com/tinywan/openresty-project-v0.01) 
- [**29**Star][2m] [Py] [tildedennis/malware](https://github.com/tildedennis/malware) 
- [**29**Star][4m] [Shell] [themiddleblue/dnsenum](https://github.com/themiddleblue/dnsenum) Bash script for DNS Enumeration.
- [**29**Star][14d] [thehackingsage/burpsuite](https://github.com/thehackingsage/burpsuite) BurpSuite Pro, Plugins and Payloads
- [**29**Star][13d] [HTML] [theforeman/foreman_openscap](https://github.com/theforeman/foreman_openscap) Foreman plug-in for displaying OpenSCAP audit reports
- [**29**Star][4m] [Py] [the404hacking/windows-python-rat](https://github.com/the404hacking/windows-python-rat) A New Microsoft Windows Remote Administrator Tool [RAT] with Python by Sir.4m1R.
- [**29**Star][10m] [C++] [thalium/idatag](https://github.com/thalium/idatag) IDA plugin to explore and browse tags
- [**29**Star][5m] [PHP] [telnet22/kn0ck](https://github.com/telnet22/kn0ck) Automated Tools Pentest
- [**29**Star][1m] [Perl] [tanjiti/perl_tools](https://github.com/tanjiti/perl_tools) perl小工具
- [**29**Star][3m] [Rust] [tafia/hyper-proxy](https://github.com/tafia/hyper-proxy) A proxy connector for Hyper-based crates
- [**29**Star][9m] [sycloversecurity/papers](https://github.com/sycloversecurity/papers) Syclover PPT
- [**29**Star][11d] [HTML] [sushi2k/owasp-mstg](https://github.com/sushi2k/owasp-mstg) The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
- [**29**Star][4y] [C++] [stormshield/beholder-win32](https://github.com/stormshield/beholder-win32) A sample on how to inject a DLL from a kernel driver
- [**29**Star][2m] [Ruby] [stebbins/strigil](https://github.com/stebbins/strigil) Strigil is an OSINT tool for collecting and aggregating social media data
- [**29**Star][2m] [HTML] [spawaskar-cora/cora-docs](https://github.com/spawaskar-cora/cora-docs) CoRA Docs
- [**29**Star][4m] [C] [souhailhammou/kernelsymbolshelper](https://github.com/souhailhammou/kernelsymbolshelper) Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using the symbol server.
- [**29**Star][13d] [JS] [soprasteria/cybersecurity-dfm](https://github.com/soprasteria/cybersecurity-dfm) Data Feed Manager (news watch orchestrator to predict topic with deepdetect and store cleaned text in elasticsearch)
- [**29**Star][4m] [sophoslabs/iocs](https://github.com/sophoslabs/iocs) Sophos-originated indicators-of-compromise from published reports
- [**29**Star][4y] [Py] [smeegesec/burp-importer](https://github.com/smeegesec/burp-importer) Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
- [**29**Star][7m] [Shell] [slytomcat/uefi-boot](https://github.com/slytomcat/uefi-boot) Boot Linux directly from UEFI firmware (without any bootloader)
- [**29**Star][12m] [PHP] [slifty/tvarchive-duplitron](https://github.com/slifty/tvarchive-duplitron) 
- [**29**Star][1m] [JS] [skateman/purr](https://github.com/skateman/purr) Smuggle TCP connections through HTTP
- [**29**Star][5y] [PHP] [sinfocol/vboxdie-cracker](https://github.com/sinfocol/vboxdie-cracker) VirtualBox Disk Image Encryption password cracker
- [**29**Star][2y] [HTML] [shikarisenpai/leak-ntlm-hash-via-html](https://github.com/shikarisenpai/leak-ntlm-hash-via-html) List of HTML tags for leaking NTLM-hashes
- [**29**Star][3y] [PS] [sekirkity/seeclrly](https://github.com/sekirkity/seeclrly) Fileless SQL Server CLR-based Custom Stored Procedure Command Execution
- [**29**Star][4y] [Py] [scubsrgroup/lectures-a-weekly-information-security-knowledge-lecture-hall](https://github.com/scubsrgroup/lectures-a-weekly-information-security-knowledge-lecture-hall) “每周一讲，信息安全基础知识讲堂”由四川大学信息安全研究所漏洞挖掘和利用组同学共同创建，通过每组员每周一讲的形式展开，主要涉及信息安全的基础知识，包括windows安全、移动安全等，此外还对通过该平台对外发布一些小组的研究成果！通过知识讲座一方面对新同学起到引导作用，另一方面则是漏洞挖掘与利用研究组同学信息安全研究经验和知识的积累！
- [**29**Star][5m] [Go] [sakeven/mika](https://github.com/sakeven/mika) Mika - A Secure Proxy
- [**29**Star][7m] [rockmelodies/cve-2019-0708-exploit](https://github.com/rockmelodies/cve-2019-0708-exploit) Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System
- [**29**Star][6m] [redteamwing/cobaltstrike_wiki](https://github.com/redteamwing/cobaltstrike_wiki) Cobalt Strike 3.12中文文档
- [**29**Star][8m] [Py] [razorpay/alohomora](https://github.com/razorpay/alohomora) alohomora is razorpay's secret distribution system
- [**29**Star][5m] [Java] [rabrg/refactored-client](https://github.com/rabrg/refactored-client) Refactoring the obfuscated v317 of the RuneScape (RuneTek 3) client.
- [**29**Star][1y] [ObjC] [quellish/facebook-ios-internal-headers](https://github.com/quellish/facebook-ios-internal-headers) Headers generated by reverse engineering the Facebook iOS binary
- [**29**Star][4m] [Py] [pwn2winctf/2017](https://github.com/pwn2winctf/2017) Pwn2Win CTF 2017
- [**29**Star][11d] [Go] [pinepain/ldap-auth-proxy](https://github.com/pinepain/ldap-auth-proxy) A simple drop-in HTTP proxy for transparent LDAP authentication which is also a HTTP auth backend.
- [**29**Star][3m] [Py] [phaeilo/vol-openvpn](https://github.com/phaeilo/vol-openvpn) A Volatility plugin to extract credentials from the memory of a OpenVPN client.
- [**29**Star][4y] [Ruby] [perimeterx/logstash-output-cassandra](https://github.com/perimeterx/logstash-output-cassandra) Logstash output plug-in for cassandra
- [**29**Star][2m] [PHP] [paul-axe/ctf](https://github.com/paul-axe/ctf) CTF stuff
- [**29**Star][3m] [Dockerfile] [opsxcq/docker-metasploit](https://github.com/opsxcq/docker-metasploit) Metasploit framework with steroids
- [**29**Star][7m] [opensourcehelpcommunity/contributingtomyproject](https://github.com/opensourcehelpcommunity/contributingtomyproject) Writeup from maintainers, admins, contributors on how someone can get started with their project.
- [**29**Star][18d] [Shell] [opensecurityresearch/ciphertest](https://github.com/opensecurityresearch/ciphertest) A better SSL cipher checker using gnutls
- [**29**Star][14d] [C] [openbsm/bsmtrace](https://github.com/openbsm/bsmtrace) BSM based intrusion detection system
- [**29**Star][2m] [C++] [offlinej/ida-rpc](https://github.com/offlinej/ida-rpc) Discord rich presence plugin for IDA Pro 7.0
- [**29**Star][1m] [C++] [nihilus/ida-pro-swf](https://github.com/nihilus/ida-pro-swf) SWF Process
- [**29**Star][2m] [JS] [nickdeis/eslint-plugin-no-secrets](https://github.com/nickdeis/eslint-plugin-no-secrets) An eslint plugin to find strings that might be secrets/credentials
- [**29**Star][7y] [C++] [neuroo/pinpy](https://github.com/neuroo/pinpy) Detours from binaries method entry/exit point to Python scripts (PIN, CPython API)
- [**29**Star][1m] [C++] [namreeb/wowned](https://github.com/namreeb/wowned) Authentication bypass for outdated WoW emulation authentication servers
- [**29**Star][5y] [Ruby] [nahamsec/cmsfuzz](https://github.com/nahamsec/cmsfuzz) 
- [**29**Star][13d] [PHP] [n1215/lara-todo-persistence](https://github.com/n1215/lara-todo-persistence) LaravelとEloquentの永続化パターンサンプル
- [**29**Star][3y] [Py] [mzweilin/ipv6-attack-detector](https://github.com/mzweilin/ipv6-attack-detector) Google Summer of Code 2012 project, supported by The Honeynet Project organization.
- [**29**Star][2m] [Py] [mzfr/lswriteups](https://github.com/mzfr/lswriteups) CLI tool to get the links of original writeups from ctftime.org
- [**29**Star][5m] [C] [mrmacete/r2scripts](https://github.com/mrmacete/r2scripts) Collection of scripts for radare2
- [**29**Star][2y] [Assembly] [mrfearless/apiinfo-plugin-x86](https://github.com/mrfearless/apiinfo-plugin-x86) APIInfo Plugin (x86) - A Plugin For x64dbg
- [**29**Star][2m] [Py] [mprhode/malware-prediction-rnn](https://github.com/mprhode/malware-prediction-rnn) RNN implementation with Keras for machine activity data to predict malware
- [**29**Star][3y] [C++] [mogongtech/ransomdetection](https://github.com/mogongtech/ransomdetection) 基于行为的Ransomware检测原型
- [**29**Star][5y] [C] [mncoppola/stringipc](https://github.com/mncoppola/stringipc) CSAW CTF 2015 Linux kernel exploitation challenge
- [**29**Star][10d] [HTML] [mitre-attack/attack-evals](https://github.com/mitre-attack/attack-evals) ATT&CK Evaluations website
- [**29**Star][2y] [misterch0c/solidlity-vulnerable](https://github.com/misterch0c/solidlity-vulnerable) Vulnerable smart contracts
- [**29**Star][18d] [C] [misje/dhcpoptinj](https://github.com/misje/dhcpoptinj) DHCP option injector
- [**29**Star][4m] [Java] [minecraftforge/fernflower](https://github.com/minecraftforge/fernflower) Unofficial mirror of FernFlower Java decompiler, Subtree split of:
- [**29**Star][16d] [Shell] [mikhbur/conformer](https://github.com/mikhbur/conformer) Password Guessing for different Web Portals
- [**29**Star][12d] [michyweb/nginx-security-conf](https://github.com/michyweb/nginx-security-conf) Secure Configuration for Nginx
- [**29**Star][5m] [Java] [mhatta/orchid](https://github.com/mhatta/orchid) A Tor client implementation and library written in pure Java
- [**29**Star][17d] [C] [mferland/libzc](https://github.com/mferland/libzc) Tool and library for cracking zip files.
- [**29**Star][10m] [JS] [metarhia/sandboxed-fs](https://github.com/metarhia/sandboxed-fs) Sandboxed Wrapper for Node.js File System API
- [**29**Star][1m] [C] [matteoserva/dirtycow-arm32](https://github.com/matteoserva/dirtycow-arm32) 
- [**29**Star][4m] [Java] [martinstyk/apkanalyzer](https://github.com/martinstyk/apkanalyzer) Java tool for analyzing Android APK files
- [**29**Star][1m] [Go] [maddevsio/telegram_bbbot](https://github.com/maddevsio/telegram_bbbot) Telegram Bug Bounty Bot
- [**29**Star][4m] [C++] [m-r-j-o-h-n/swh-injector](https://github.com/m-r-j-o-h-n/swh-injector) An Injector that can inject dll into game process protected by anti cheat using SetWindowsHookEx.
- [**29**Star][2y] [Py] [luffin/cve-2017-10271](https://github.com/luffin/cve-2017-10271) CVE-2017-10271 POC
- [**29**Star][9m] [Java] [ludovicianul/geolog](https://github.com/ludovicianul/geolog) Geolocation for SSH brute force attacks
- [**29**Star][11m] [PHP] [lucasfrag/kali-linux-tools-interface](https://github.com/lucasfrag/kali-linux-tools-interface) Graphical Web interface developed to facilitate the use of security information tools.
- [**29**Star][2m] [PHP] [lloricode/ci-capstone](https://github.com/lloricode/ci-capstone) Enrollment System with CodeIgniter
- [**29**Star][9m] [C++] [lianglixin/remotecontrol-x3](https://github.com/lianglixin/remotecontrol-x3) Saurik remote control software opensource, X17 is now available.
- [**29**Star][3m] [C] [lcxl/lcxl-shadow](https://github.com/lcxl/lcxl-shadow) LCXL影子系统
- [**29**Star][7m] [C] [kusma/tegra-re](https://github.com/kusma/tegra-re) Reverse Engineering of NVIDIA's Tegra driver for Linux
- [**29**Star][5y] [Shell] [kisom/surfraw](https://github.com/kisom/surfraw) local changes to surfraw - local edits prior to sending updates to surfraw-devel
- [**29**Star][6m] [C] [karottc/linux-virus](https://github.com/karottc/linux-virus) A simple virus of linux. It can get root and destory your system.(这是一个简单的linux下的病毒，它仅能得到root权限和感染文件并进行破坏)
- [**29**Star][20d] [C++] [slyd0g/timestomper](https://github.com/slyd0g/TimeStomper) PoC that manipulates Windows file times using SetFileTime() API
- [**29**Star][4m] [C#] [juniorgasparotto/wiremockui](https://github.com/juniorgasparotto/wiremockui) Wiremock UI - Tool for creating mock servers, proxies servers and proxies servers with the option to save the data traffic from an existing API or Site.
- [**29**Star][2m] [Ruby] [jtdowney/private_address_check](https://github.com/jtdowney/private_address_check) Ruby gem to help prevent Server Side Request Forgery
- [**29**Star][30d] [PHP] [jsondeveloper/dante-gui](https://github.com/jsondeveloper/dante-gui) Dante Server (SOCKS5 Proxy) Web Interface (Telegram ready)
- [**29**Star][23d] [Java] [jruby/jruby-openssl](https://github.com/jruby/jruby-openssl) JRuby's OpenSSL gem
- [**29**Star][11m] [PS] [johnaho/cloakify-powershell](https://github.com/johnaho/cloakify-powershell) Cloak files using text based steganography output to obsfucate what data they contain. Coded in Powershell. This is a port of TryCatchHCF's Cloakify written in python
- [**29**Star][3y] [C] [jnastarot/native_peloader](https://github.com/jnastarot/native_peloader) PE(compressed dll) memory loader using nt api
- [**29**Star][4m] [jmscory/security-tool-chest](https://github.com/jmscory/security-tool-chest) A list of useful security and obvescation tools useful for red and blue teaming activities. A list made possible by the provided references.
- [**29**Star][1y] [Go] [jimyj/scanproxy](https://github.com/jimyj/scanproxy) scanproxy is auto scan IP & port,and check that is proxy if port is open...(scanproxy是一个自动扫描端口，并且检测是否是代理服务器的程序)
- [**29**Star][2y] [C++] [jiazhang0/seloader](https://github.com/jiazhang0/seloader) Secure EFI Loader designed to authenticate the non-PE files
- [**29**Star][5m] [JS] [jgegeny/gootkit-xswkit-js](https://github.com/jgegeny/gootkit-xswkit-js) 
- [**29**Star][18d] [Java] [jenkinsci/aqua-microscanner-plugin](https://github.com/jenkinsci/aqua-microscanner-plugin) Enables scanning of docker builds in Jenkins for OS package vulnerabilities.
- [**29**Star][4m] [C#] [jeffreye/avaloniailspy](https://github.com/jeffreye/avaloniailspy) Avalonia-based .NET Decompiler (port of ILSpy)
- [**29**Star][5m] [Py] [jayeshchauhan/skanda](https://github.com/jayeshchauhan/skanda) OWASP Skanda - SSRF Exploitation Framework
- [**29**Star][2m] [Py] [jamesacampbell/spry](https://github.com/jamesacampbell/spry) social media intelligence from the command line
- [**29**Star][4m] [Py] [jacobsoo/threathunting](https://github.com/jacobsoo/threathunting) This is just my personal compilation of APT malware from whitepaper releases, documents and malware samples from my personal research.
- [**29**Star][13d] [Py] [j4r3tt/gerix-wifi-cracker-2](https://github.com/j4r3tt/gerix-wifi-cracker-2) GUI wireless 802.11 penetration tool
- [**29**Star][2y] [Py] [iweizime/dbghider](https://github.com/iweizime/dbghider) hide IDA Winddows debugger from processes.
- [**29**Star][23d] [ObjC] [rpwnage/warri0r](https://github.com/RPwnage/Warri0r) ios 12 Sandbox escape POC
- [**29**Star][1m] [C] [intelpt/winafl-intelpt](https://github.com/intelpt/winafl-intelpt) A fork of AFL for fuzzing Windows binaries
- [**29**Star][7m] [Py] [inishantgrover/shodmon](https://github.com/inishantgrover/shodmon) The Shodan monitoring tools allows you to monitor shodan listed servers basis on the filter you provided
- [**29**Star][2y] [PS] [illusivenetworks-labs/get-networkconnection](https://github.com/illusivenetworks-labs/get-networkconnection) Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection
- [**29**Star][2y] [Py] [ihebski/pentest-chainsaw](https://github.com/ihebski/pentest-chainsaw) Scrapes Router Passwords From
- [**29**Star][2y] [Py] [ihack4falafel/slink](https://github.com/ihack4falafel/slink) Alphanumeric Shellcode (x86) Encoder
- [**29**Star][5m] [Java] [ibey0nd/nstproxy](https://github.com/ibey0nd/nstproxy) 一款存储HTTP请求入库的burpsuite插件
- [**29**Star][6y] [Py] [hiddenillusion/filelookup](https://github.com/hiddenillusion/filelookup) Quick & dirty script to get info on a file from online resources (VirusTotal, Team Cymru, Shadow Server etc.)
- [**29**Star][2y] [Py] [hegusung/rpcscan](https://github.com/hegusung/rpcscan) Tool to communicate with RPC services and check misconfigurations on NFS shares
- [**29**Star][10m] [C++] [heapwolf/debug](https://github.com/heapwolf/debug) A small debugging library for C++
- [**29**Star][16d] [Py] [guardicore/vmware_guest_auth_bypass](https://github.com/guardicore/vmware_guest_auth_bypass) Proof of concept of VMSA-2017-0012
- [**29**Star][10d] [C++] [grammatech/gtirb-pprinter](https://github.com/grammatech/gtirb-pprinter) Pretty printer from GTIRB to assembly code
- [**29**Star][1m] [TeX] [gpestana/p2psec](https://github.com/gpestana/p2psec) research on privacy and security in p2p and decentralised systems
- [**29**Star][3m] [Py] [ghostlulzhacks/waybackmachine](https://github.com/ghostlulzhacks/waybackmachine) 
- [**29**Star][3m] [C++] [frida/frida-clr](https://github.com/frida/frida-clr) Frida .NET bindings
- [**29**Star][6m] [Lua] [foxmole/pwnadventure3](https://github.com/foxmole/pwnadventure3) Blog series about Pwn Adventure 3
- [**29**Star][10d] [Py] [floyd-fuh/burp-httpfuzzer](https://github.com/floyd-fuh/burp-httpfuzzer) Burp plugin to do random fuzzing of HTTP requests
- [**29**Star][2m] [Py] [fireeye/vocab_scraper](https://github.com/fireeye/vocab_scraper) Vocabulary Scraper script used in FLARE's analysis of Russian-language Carbanak source code
- [**29**Star][4m] [C++] [ffiirree/capturer](https://github.com/ffiirree/capturer) Screen shot / GIF / Screen recording
- [**29**Star][2y] [C++] [fdfalcon/typeisolationdbg](https://github.com/fdfalcon/typeisolationdbg) A little WinDbg extension to help dump the state of Win32k Type Isolation structures.
- [**29**Star][2m] [C] [erriy/data_pirate](https://github.com/erriy/data_pirate) 
- [**29**Star][1y] [Py] [ernw/binja-ipython](https://github.com/ernw/binja-ipython) A plugin to integrate an IPython kernel into Binary Ninja.
- [**29**Star][4m] [C#] [ericzimmerman/amcacheparser](https://github.com/ericzimmerman/amcacheparser) Parses amcache.hve files, but with a twist!
- [**29**Star][27d] [Py] [emergingthreats/threatresearch](https://github.com/emergingthreats/threatresearch) I wanted to call this repo "Nuclear Football Codes". I was outvoted..
- [**29**Star][2y] [Shell] [earayu/fastjson_jndi_poc](https://github.com/earayu/fastjson_jndi_poc) fastjson远程命令执行漏洞，jndi方式
- [**29**Star][10d] [C] [droberson/icmp-backdoor](https://github.com/droberson/icmp-backdoor) Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
- [**29**Star][11m] [C] [dro/uac-launchinf-poc](https://github.com/dro/uac-launchinf-poc) Windows 10 UAC bypass PoC using LaunchInfSection
- [**29**Star][3m] [Py] [dqi/ctf_writeup](https://github.com/dqi/ctf_writeup) 
- [**29**Star][1m] [Smalltalk] [dorellang/hunter](https://github.com/dorellang/hunter) Hunter: a JavaScript reengineering platform.
- [**29**Star][11y] [C] [dmolnar/smartfuzz](https://github.com/dmolnar/smartfuzz) Valgrind extension for whitebox fuzz testing
- [**29**Star][5m] [Py] [dienuet/crossdomain](https://github.com/dienuet/crossdomain) CORS checking
- [**29**Star][5m] [Shell] [dcso/misp-dockerized](https://github.com/dcso/misp-dockerized) 
- [**29**Star][1m] [Py] [danmcinerney/smb-autopwn](https://github.com/danmcinerney/smb-autopwn) Discovers and exploits hosts vulnerable to MS08-067/MS17-010
- [**29**Star][2m] [JS] [danielstjules/toragent](https://github.com/danielstjules/toragent) HTTP(S) requests through Tor for Node
- [**29**Star][8m] [C] [danankers/wsprrypi](https://github.com/danankers/wsprrypi) Bareback LF/MF WSPR transmitter using a Raspberry Pi
- [**29**Star][5m] [JS] [ctxis/pac-leak-demo](https://github.com/ctxis/pac-leak-demo) PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk
- [**29**Star][20d] [Rust] [cryptouri/cryptouri.rs](https://github.com/cryptouri/cryptouri.rs) Rust implementation of CryptoURI: URN-like namespace for cryptographic objects with Bech32-based encoding
- [**29**Star][4m] [JS] [crisu83/ctf-game](https://github.com/crisu83/ctf-game) Fast-paced hot seat multiplayer game written in modern JavaScript.
- [**29**Star][4m] [comeforu2012/fq_faq](https://github.com/comeforu2012/fq_faq) 翻墙常见问题
- [**29**Star][4m] [Pascal] [coldzer0/macho-loader](https://github.com/coldzer0/macho-loader) load macho files in memory without touching the Disk
- [**29**Star][4m] [PS] [codingo/retrieve-windows-wifi-passwords](https://github.com/codingo/retrieve-windows-wifi-passwords) Retreives the SSID names and passwords in cleartext for each Wifi network stored on the computer running this powershell script and output to JSON.
- [**29**Star][1y] [Shell] [chunkingz/vmr-mdk-k2-2017r-012x4](https://github.com/chunkingz/vmr-mdk-k2-2017r-012x4) VMR-MDK is a script/tool for hacking wps wireless networks
- [**29**Star][3y] [Shell] [chichou/grab.js](https://github.com/chichou/grab.js) fast TCP banner grabbing with node.js
- [**29**Star][3m] [Swift] [captainyukinoshitahachiman/cryptography-and-privacy](https://github.com/captainyukinoshitahachiman/cryptography-and-privacy) [Accepted] The WWDC19 Scholarship Application Project
- [**29**Star][4m] [XSLT] [capt-meelo/massmap](https://github.com/capt-meelo/massmap) Combined port scanning w/ Masscan's speed & Nmap's scanning features.
- [**29**Star][6y] [Py] [c0d3sh3lf/android_forensics](https://github.com/c0d3sh3lf/android_forensics) Bypassing Android Pattern Lock
- [**29**Star][5m] [Java] [burp-hash/burp-hash](https://github.com/burp-hash/burp-hash) a Burp Suite plugin.
- [**29**Star][3y] [Assembly] [borjamerino/plcinjector](https://github.com/borjamerino/plcinjector) Modbus stager in assembly and some scripts to upload/download data to the holding register of a PLC
- [**29**Star][14d] [C++] [blitz/baresifter](https://github.com/blitz/baresifter) A bare-metal x86 instruction set fuzzer a la Sandsifter
- [**29**Star][6y] [Py] [bl4ckic3/modbus-fuzzer](https://github.com/bl4ckic3/modbus-fuzzer) Modbus Protocol Fuzzer
- [**29**Star][5m] [Shell] [bgeesaman/subpath-exploit](https://github.com/bgeesaman/subpath-exploit) Writeup of CVE-2017-1002101 with sample "exploit"/escape
- [**29**Star][2m] [Go] [benjojo/traceroute-haiku](https://github.com/benjojo/traceroute-haiku) A thing you can traceroute and it gives you a haiku inside the trace
- [**29**Star][24d] [Go] [avineshwar/slurp](https://github.com/avineshwar/slurp) S3 bucket enumerator
- [**29**Star][2y] [C#] [aviavni/nativeleakdetector](https://github.com/aviavni/nativeleakdetector) Win32 memory leak detector with ETW
- [**29**Star][7y] [C++] [avalon1610/lpc](https://github.com/avalon1610/lpc) windows LPC library
- [**29**Star][1y] [HTML] [auth0-blog/polymer-with-jwt-api](https://github.com/auth0-blog/polymer-with-jwt-api) Build an app using web components and Polymer with an API and JSON Web Token authentication.
- [**29**Star][3y] [atom0s/ceautoasm-x64dbg](https://github.com/atom0s/ceautoasm-x64dbg) An x64dbg plugin that allows users to execute Cheat Engine auto assembler scripts within x64dbg.
- [**29**Star][7y] [atlantis2013/evasion-tools](https://github.com/atlantis2013/evasion-tools) Anti-technique Codes, Detection of Anti-technique codes
- [**29**Star][2m] [astocko/json-x86-64](https://github.com/astocko/json-x86-64) x86-64 Intel instruction set in JSON format
- [**29**Star][7y] [Shell] [artemdinaburg/optimizevm](https://github.com/artemdinaburg/optimizevm) Make Windows VMs Faster
- [**29**Star][6m] [C] [arduinohannover/zpb30a1_firmware](https://github.com/arduinohannover/zpb30a1_firmware) Open-Source firmware for the ZPB30A1 electronic load (WIP)
- [**29**Star][25d] [C++] [apriorit/custom-bootloader](https://github.com/apriorit/custom-bootloader) A demo tutorial for low-level and kernel developers - developing a custom Windows boot loader
- [**29**Star][4y] [C] [android-rooting-tools/libkallsyms](https://github.com/android-rooting-tools/libkallsyms) Get symbol address and name from tables for kallsyms
- [**29**Star][2m] [Py] [andreafioraldi/r2angrdbg](https://github.com/andreafioraldi/r2angrdbg) 在 radare2 调试器中使用 angr
- [**29**Star][14d] [C++] [allocandinit/ollvm5.0.1](https://github.com/allocandinit/ollvm5.0.1) source code for LLVM, a toolkit for the construction of highly optimized compilers, optimizers, and runtime environments.
- [**29**Star][1y] [Py] [alienwithin/scripts-sploits](https://github.com/alienwithin/scripts-sploits) A number of scripts POC's and problems solved as pentests move along.
- [**29**Star][4y] [Shell] [alexoslabs/httpsscan](https://github.com/alexoslabs/httpsscan) Shell script for testing the SSL/TLS Protocols
- [**29**Star][2y] [Py] [ajinabraham/xenotix-xbot](https://github.com/ajinabraham/xenotix-xbot) Xenotix xBOT is a Cross Platform PoC Bot that abuse certain Google Services to implement it's C&C
- [**29**Star][1y] [C] [aircrack-ng/openwips-ng](https://github.com/aircrack-ng/openwips-ng) OpenWIPS-ng is an open source and modular Wireless IPS (Intrusion Prevention System)
- [**29**Star][3y] [Py] [ahmadnourallah/pysploit-framework](https://github.com/ahmadnourallah/pysploit-framework) free exploit framework written use python language version 3.3
- [**29**Star][8m] [Py] [agustingianni/symrepl](https://github.com/agustingianni/symrepl) Symbol REPL
- [**29**Star][11d] [Py] [aetf/tensorflow-tbcnn](https://github.com/aetf/tensorflow-tbcnn) Tree-based Convolutional Neural Network for SQL Injection Detect
- [**29**Star][10m] [Py] [aarreedd/arp-defense](https://github.com/aarreedd/arp-defense) ARP Poisoning Defense Scripts
- [**29**Star][1m] [C] [a7vinx/liinux](https://github.com/a7vinx/liinux) A linux rootkit works on kernel 4.0.X or higher
- [**29**Star][9y] [Py] [9b/pdfxray_lite](https://github.com/9b/pdfxray_lite) Lite version of PDF X-RAY that uses no backend
- [**29**Star][1m] [Shell] [0xtf/testmynids.org](https://github.com/0xtf/testmynids.org) A website and framework for testing NIDS detection
- [**29**Star][3m] [C++] [0xddaa/pin](https://github.com/0xddaa/pin) Use Intel Pin tools to analysis binary.
- [**29**Star][2m] [Lua] [0x4d31/hassh-utils](https://github.com/0x4d31/hassh-utils) Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (
- [**29**Star][1y] [c++] [camp0/aiengine](https://bitbucket.org/camp0/aiengine) 
- [**28**Star][17d] [Shell] [coolacid/docker-misp](https://github.com/coolacid/docker-misp) A (nearly) production ready Dockered MISP
- [**28**Star][11d] [Go] [jjf012/gopoc](https://github.com/jjf012/gopoc) 用cel-go重现了长亭xray的poc检测功能的轮子
- [**28**Star][13d] [Py] [noob-hackers/lazybee](https://github.com/noob-hackers/lazybee) Create wordlists for bruteforce attack in termux without root and with unique features from lazybee tool
- [**28**Star][7d] [Py] [dariusztytko/words-scraper](https://github.com/dariusztytko/words-scraper) Selenium based web scraper to generate passwords list
- [**28**Star][18d] [C++] [tsarpaul/llvm-string-obfuscator](https://github.com/tsarpaul/llvm-string-obfuscator) LLVM String Obfuscator
- [**28**Star][19d] [Py] [scrapingdance/aioscrapy](https://github.com/scrapingdance/aioscrapy) 基于asyncio与aiohttp的异步协程爬虫框架 欢迎Star
- [**28**Star][2m] [Java] [parsiya/eslinter](https://github.com/parsiya/eslinter) Manual JavaScript Linting is a Bug
- [**28**Star][4m] [HTML] [dragonflylxp/crawler](https://github.com/dragonflylxp/crawler) python爬虫项目集合
- [**28**Star][3m] [Go] [jarmo/secrets-web](https://github.com/jarmo/secrets-web) Not Yet Another Password Manager self-hosted Web app written in Go using libsodium
- [**28**Star][12d] [diggernaut/configs](https://github.com/diggernaut/configs) Public, free to use, repository with diggers configs for scraping / extracting data from various e-commerce websites and online stores
- [**28**Star][10d] [Go] [forensicanalysis/artifactcollector](https://github.com/forensicanalysis/artifactcollector) The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
- [**28**Star][2m] [PHP] [digitoimistodude/image-hashtag-feed](https://github.com/digitoimistodude/image-hashtag-feed) WordPress plugin to get Instagram hashtag feeds working again by bypassing the API.
- [**28**Star][4m] [Go] [jdevelop/ezovpn](https://github.com/jdevelop/ezovpn) Easy .ovpn files import/generation tool
- [**28**Star][4m] [Py] [mhaskar/blinder](https://github.com/mhaskar/blinder) A python library to automate time-based blind SQL injection
- [**28**Star][2m] [Go] [tismayil/laraveln00b](https://github.com/tismayil/laraveln00b) LaravelN00b .env Scanner
- [**28**Star][1m] [Shell] [dylanbai8/onekey_caddy_proxy](https://github.com/dylanbai8/onekey_caddy_proxy) 一键搭建基于 caddy 的 https(h2) 代理
- [**28**Star][12d] [Py] [ciku370/hasher](https://github.com/ciku370/hasher) Hash cracker with auto detect hash
- [**28**Star][26d] [Java] [hellokoding/single-sign-on-out-auth-jwt-cookie-redis-springboot-freemarker](https://github.com/hellokoding/single-sign-on-out-auth-jwt-cookie-redis-springboot-freemarker) Single Sign Out: Authentication Service Example with JSON Web Token (JWT), Spring Boot and Redis
- [**28**Star][2y] [Py] [ysharma1126/ead_attack](https://github.com/ysharma1126/ead_attack) EAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples
- [**28**Star][4m] [Julia] [quantumbfs/qualgorithmzoo.jl](https://github.com/quantumbfs/qualgorithmzoo.jl) A curated implementation of quantum algorithms with Yao.jl
- [**28**Star][1y] [C] [jollen/rtos-wot](https://github.com/jollen/rtos-wot) Open source FreeRTOS SDK for ESP8266 WiFi Module
- [**28**Star][10m] [JS] [hummer-studio/tarantula](https://github.com/hummer-studio/tarantula) 分布式爬虫
- [**28**Star][3y] [JS] [papernotes/socsjs](https://github.com/papernotes/socsjs) Simulates an API for UCSD's Schedule of Classes
- [**28**Star][11d] [C] [heiher/hev-socks5-server](https://github.com/heiher/hev-socks5-server) A simple, lightweight socks5 server for Unix (Linux/BSD/macOS)
- [**28**Star][28d] [ObjC] [silence0201/ios-category](https://github.com/silence0201/ios-category) iOS 工具分类整理
- [**28**Star][4m] [Java] [gnanquanmama/pangolin](https://github.com/gnanquanmama/pangolin) 轻量级内网穿透工具， 基于Java8，netty4.x实现，开箱即用，可转发基于TCP的应用层数据流，例如HTTP/HTTPS,SSH
- [**28**Star][1m] [Py] [colour-science/colour-analysis](https://github.com/colour-science/colour-analysis) Image analysis tools based on Colour and Vispy
- [**28**Star][16d] [Go] [mojoblanco/nuban](https://github.com/mojoblanco/nuban) Algorithm for validating NUBAN
- [**28**Star][6m] [Py] [eindex/python-algorithm](https://github.com/eindex/python-algorithm) python-algorithm
- [**28**Star][4m] [Py] [fullshade/py-memject](https://github.com/fullshade/py-memject) A Windows .DLL injector written in Python
- [**28**Star][12d] [itsmennyo/flex-anticheat](https://github.com/itsmennyo/flex-anticheat) Flex AntiCheat - Optimized Configs For Multiple AntiCheats
- [**28**Star][3m] [PHP] [spomky-labs/aes-key-wrap](https://github.com/spomky-labs/aes-key-wrap) Pure PHP library for AES Key Wrapping (RFC3394 and RFC5649)
- [**28**Star][1m] [Java] [8enet/remotelogcatviewer](https://github.com/8enet/remotelogcatviewer) websocket实现的远程查看android logcat
- [**28**Star][2m] [Py] [zjuchenyuan/easylogin](https://github.com/zjuchenyuan/easylogin) A python3 package for writing spider more easily.
- [**28**Star][1m] [Py] [opethe1st/algorithms-by-s.dasgupta](https://github.com/opethe1st/algorithms-by-s.dasgupta) Attempts to solve exercises and implementation of algorithms from Algorithms by S.Dasgupta et al.
- [**28**Star][2m] [Java] [rwth-acis/las2peer](https://github.com/rwth-acis/las2peer) A Java-based decentralized framework for distributing community services in a peer-to-peer infrastructure.
- [**28**Star][5m] [Vim script] [theshteves/vim-workshop](https://github.com/theshteves/vim-workshop) My thorough introduction to Vim
- [**28**Star][5m] [HTML] [alulsh/intro-to-security-for-developers](https://github.com/alulsh/intro-to-security-for-developers) An introduction to security for developers.
- [**28**Star][1m] [JS] [510908220/site-monitor](https://github.com/510908220/site-monitor) 监控网站的可访问性的监控系统
- [**28**Star][26d] [Py] [parths007/ali-scraper](https://github.com/parths007/ali-scraper) A scraper which scraps Ali Express
- [**28**Star][2m] [Go] [dustin-decker/saml-proxy](https://github.com/dustin-decker/saml-proxy) SAML 2.0 authentication reverse proxy with fancy features
- [**28**Star][18d] [C#] [xadamxk/usb-rubber-ducky-app](https://github.com/xadamxk/usb-rubber-ducky-app) 
- [**28**Star][1m] [Py] [beardog108/onionr](https://github.com/beardog108/onionr) Private Decentralized Communication Network
- [**28**Star][16d] [jonnybanana/essential-usb-rubber-ducky-printable-cheat-sheet](https://github.com/jonnybanana/essential-usb-rubber-ducky-printable-cheat-sheet) My personal RubberDucky Cheat Sheet, in JPG, PNG and PDF
- [**28**Star][6m] [C] [lincolnhard/facenet-darknet-inference](https://github.com/lincolnhard/facenet-darknet-inference) Face recognition using facenet
- [**28**Star][10m] [iqiancheng/shadowsocks-awesome](https://github.com/iqiancheng/shadowsocks-awesome) 一个实时更新的实用gfwlist清单。用于ss的PAC自动分流。
- [**28**Star][24d] [Go] [hahwul/websocket-connection-smuggler](https://github.com/hahwul/websocket-connection-smuggler) websocket-connection-smuggler
- [**28**Star][3m] [Go] [autom8ter/goproxy](https://github.com/autom8ter/goproxy) a reverse proxy authentication server (golang)
- [**28**Star][1m] [Py] [spiderlabs/modsecurity-log-utilities](https://github.com/spiderlabs/modsecurity-log-utilities) Set of CLI tools to transform ModSecurity logs into a meaningful information, given a context.
- [**28**Star][3m] [Py] [honeynet/checkpot](https://github.com/honeynet/checkpot) Checkpot Honeypot Checker
- [**28**Star][1m] [Java] [yahoo/yql-plus](https://github.com/yahoo/yql-plus) The YQL+ parser, execution engine, and source SDK.
- [**28**Star][6m] [C] [jonathansalwan/vmndh-2k12](https://github.com/jonathansalwan/vmndh-2k12) Emulator, debugger and compiler for the NDH architecture - Emulator for CTF NDH 2k12
- [**28**Star][2y] [JS] [cyrus-and/chrome-page-graph](https://github.com/cyrus-and/chrome-page-graph) Chrome extension to generate interactive page dependency graphs
- [**28**Star][1m] [ObjC] [nabla-c0d3/ios-reversing](https://github.com/nabla-c0d3/ios-reversing) Some iOS tools and scripts from 2014 for iOS reversing.
- [**28**Star][2m] [Java] [rub-nds/openid-attacker](https://github.com/rub-nds/openid-attacker) 
- [**28**Star][28d] [C++] [samyk/bgrid](https://github.com/samyk/bgrid) wireless balloon LED network w/ATtiny24 + nRF24L01+ (PCB + firmware + TouchDesigner)
- [**28**Star][3m] [Swift] [urinx/device-9](https://github.com/urinx/device-9) 实时监测网速，IP，内存大小，温度等设备信息并显示在通知中心的 iOS App
- [**28**Star][1m] [C++] [hikariobfuscator/noctilucence](https://github.com/hikariobfuscator/noctilucence) Embedded Bitcode Recompiler
- [**28**Star][12d] [Py] [gophish/api-client-python](https://github.com/gophish/api-client-python) A Python API Client for Gophish
- [**28**Star][13d] [Py] [awolfly9/steam](https://github.com/awolfly9/steam) 抓取 steam 商店游戏信息
- [**28**Star][7m] [snail007/goproxy-sdk](https://github.com/snail007/goproxy-sdk) all platform sdk of goproxy ,
- [**28**Star][6m] [Java] [tribler/app-to-app-communicator](https://github.com/tribler/app-to-app-communicator) Create an attack-resilient network out of smartphones, no-PC-needed (proof of concept)
- [**28**Star][2m] [jeanphorn/elk-stack](https://github.com/jeanphorn/elk-stack) Elastic logstash kibana 分布式日志收集分析，可视化展示
- [**28**Star][6m] [C] [kasif-dekel/whatsapp-rce-patched](https://github.com/kasif-dekel/whatsapp-rce-patched) cve-2019-11931
- [**28**Star][3m] [C#] [zaczero/sharploader](https://github.com/zaczero/sharploader) 
- [**28**Star][11d] [Rust] [nicohman/rust-wildbow-scraper](https://github.com/nicohman/rust-wildbow-scraper) Automatically scrapes wildbow's web serials and compiles them into ebooks
- [**28**Star][16d] [Java] [static-flow/directoryimporter](https://github.com/static-flow/directoryimporter) a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an alternative to proxying bruteforcing tools through burp to catch the results.
- [**28**Star][16d] [Py] [initbrain/python-wi-fi-positioning-system](https://github.com/initbrain/python-wi-fi-positioning-system) Python Wi-Fi Positioning System - Wi-Fi geolocation script using the Google Geolocation API
- [**28**Star][1m] [Java] [threatrack/ghidra-patchdiff-correlator](https://github.com/threatrack/ghidra-patchdiff-correlator) This project tries to provide additional Ghidra Version Tracking Correlators suitable for patch diffing.
- [**28**Star][25d] [JS] [lanmaster53/cef](https://github.com/lanmaster53/cef) Proof-of-concept CORS exploitation tool.
- [**28**Star][26d] [Py] [kaiiyer/webtech](https://github.com/kaiiyer/webtech) Identify the technologies used on websites. (Dig-deep into web tech from your terminal)
- [**28**Star][1m] [JS] [sindresorhus/leven-cli](https://github.com/sindresorhus/leven-cli) Measure the difference between two strings using the Levenshtein distance algorithm
- [**28**Star][1m] [Py] [penetrate2hack/itwsv](https://github.com/penetrate2hack/itwsv) ITWSV- Integrated Tool for Web Security Vulnerability
- [**28**Star][6m] [Py] [x1tan/cve-2019-13025](https://github.com/x1tan/cve-2019-13025) Connect Box CH7465LG (CVE-2019-13025)
- [**28**Star][6m] [Py] [vpnguy-zz/handyheaderhacker](https://github.com/vpnguy-zz/HandyHeaderHacker) Examine HTTP response headers for common security issues
- [**28**Star][1y] [C] [silver13/h101-dual](https://github.com/silver13/H101-dual) H101 & H8S alternate firmware acro + dual
- [**28**Star][2m] [Go] [newbee119/streamdump](https://github.com/NewBee119/StreamDump) tcp stream dump with BPF filter rules | bidirection | domain
- [**28**Star][6m] [C#] [geta/404handler](https://github.com/Geta/404handler) The popular 404 handler for EPiServer, enabling better control over your 404 page in addition to allowing redirects for old urls that no longer works.
- [**28**Star][1m] [Py] [blacknbunny/encdecshellcode](https://github.com/blacknbunny/encdecshellcode) Shellcode Encrypter & Decrypter via XOR Cipher
- [**28**Star][2m] [JS] [1lastbr3ath/s2o](https://github.com/1lastBr3ath/S2O) Chrome extension to inspect and find domains that don't resolve or have expired
- [**28**Star][2y] [tatsui-geek/malware-traffic-analysis.net](https://github.com/tatsui-geek/malware-traffic-analysis.net) Download pcap files from
- [**28**Star][2m] [C] [riswandans/litesploit](https://github.com/riswandans/litesploit) library and intepreter for penetration testing tools
- [**28**Star][12d] [Java] [orhun/k3pler](https://github.com/orhun/k3pler) Android network connection blocker and packet analyzer built on top of local HTTP proxy.
- [**28**Star][22d] [C] [fsecurelabs/incognito](https://github.com/FSecureLABS/incognito) One Token To Rule Them All
- [**28**Star][10d] [Py] [jofpin/backcookie](https://github.com/jofpin/backcookie) Small backdoor using cookie.
- [**28**Star][8m] [Py] [zonksec/weblogic-serialization-exploit-updated](https://github.com/zonksec/weblogic-serialization-exploit-updated) Updated the FoxGlove Security WebLogic serialization exploit.
- [**28**Star][2y] [JS] [zjlywjh001/phrackctf-team-docker](https://github.com/zjlywjh001/phrackctf-team-docker) Docker image for phrackCTF-Platform-Team Project.
- [**28**Star][2m] [Py] [zhanghaoyil/hawk-i](https://github.com/zhanghaoyil/hawk-i) Automatic extract anomalious Web attack Payloads with Unsupervised Machine Learning algorithms
- [**28**Star][3m] [C] [zerosum0x0/zeroload](https://github.com/zerosum0x0/zeroload) 
- [**28**Star][2y] [JS] [zanelackey/projects](https://github.com/zanelackey/projects) 
- [**28**Star][12d] [Scheme] [yifanlu/cgen](https://github.com/yifanlu/cgen) CGEN with support for generating IDA Pro IDP modules
- [**28**Star][2y] [C++] [yawning/obfsclient](https://github.com/yawning/obfsclient) A C++11 obfs2/3 Tor managed pluggable transport client
- [**28**Star][12m] [Py] [xyzz/vita-ida-physdump](https://github.com/xyzz/vita-ida-physdump) help with physical memory dump reversing
- [**28**Star][3m] [Py] [xajkep/xpt](https://github.com/xajkep/xpt) XPT - XSS Polyglot Tester
- [**28**Star][5y] [Py] [williballenthin/python-evt](https://github.com/williballenthin/python-evt) Pure Python parser for classic Windows Event Log files (.evt)
- [**28**Star][1y] [JS] [webpack/source-list-map](https://github.com/webpack/source-list-map) Fast line to line SourceMap generator.
- [**28**Star][4m] [Py] [w4kfu/ida_loader](https://github.com/w4kfu/ida_loader) Some loader module for IDA
- [**28**Star][1y] [C] [vusec/typearmor](https://github.com/vusec/typearmor) Implementation of our S&P16 paper: A Tough Call: Mitigating Advanced Code-Reuse Attacks
- [**28**Star][5m] [JS] [vulnogram/vulnogram](https://github.com/vulnogram/vulnogram) Vulnogram is a tool for creating and editing CVE information in CVE JSON format
- [**28**Star][9m] [PHP] [visualbasic6/google-drive-exploit](https://github.com/visualbasic6/google-drive-exploit) active exploit leaking full names associated with some email addresses including but not limited to gmail
- [**28**Star][6m] [JS] [virink/as_plugin_godofhacker](https://github.com/virink/as_plugin_godofhacker) 黑客神器，谁用谁知道！
- [**28**Star][2y] [JS] [versprite/engage](https://github.com/versprite/engage) Tools and Materials for the Frida Engage Blog Series
- [**28**Star][5m] [Shell] [veorq/fca](https://github.com/veorq/fca) free crypto audit
- [**28**Star][8m] [Logos] [uroboro/notificationexplorer](https://github.com/uroboro/notificationexplorer) See what notifications exist at runtime
- [**28**Star][2y] [Py] [undeadsec/goblinwordgenerator](https://github.com/undeadsec/goblinwordgenerator) Python wordlist generator
- [**28**Star][3y] [uber/bug-bounty-page](https://github.com/uber/bug-bounty-page) A repo to make our changes more transparent to bug bounty researchers in our program (so they can see commits, etc).
- [**28**Star][3m] [Go] [u35s/ag](https://github.com/u35s/ag) 一个用go实现的命令行下查看每个网卡详细流量的小工具
- [**28**Star][4m] [C#] [tulpep/sdelete-gui](https://github.com/tulpep/sdelete-gui) Secure delete files with right click. GUI for Sysinternals SDelete tool
- [**28**Star][7m] [Shell] [tradichel/awssecurityautomationframework](https://github.com/tradichel/awssecurityautomationframework) Framework for reviewing and responding to events in AWS Flow Logs using Lambda Function
- [**28**Star][3y] [Py] [tr3jer/autohookspider](https://github.com/tr3jer/autohookspider) 将自动爬虫的结果判断是否属于hooks，并不断抓取url爬啊爬。
- [**28**Star][7m] [Java] [toktok/toktok-android](https://github.com/toktok/toktok-android) Tox Android Client
- [**28**Star][5m] [Py] [tjcsec/ctf-platform](https://github.com/tjcsec/ctf-platform) A platform for running CTFs
- [**28**Star][5m] [Py] [tintinweb/unbox](https://github.com/tintinweb/unbox) a convenient one-click unpack and decompiler tool that wraps existing 3rd party applications like IDA Pro, JD-Cli, Dex2Src, and others to provide a convenient archiver liker command line interfaces to unpack and decompile various types of files
- [**28**Star][3m] [JS] [threatstack/pigsty](https://github.com/threatstack/pigsty) Pigsty is very efficient and customizable spooler for the unified2 file format.
- [**28**Star][2y] [PS] [thoughtfuldev/psimage-delivery](https://github.com/thoughtfuldev/psimage-delivery) Use Invoke-PSImage to deliver a payload in an Image
- [**28**Star][1y] [JS] [theiyd/jumble-password](https://github.com/theiyd/jumble-password) 
- [**28**Star][2m] [Py] [theevilbit/exploits](https://github.com/theevilbit/exploits) 
- [**28**Star][1m] [Py] [tampe125/mongodb-scraper](https://github.com/tampe125/mongodb-scraper) Scraps for publicly accessible MongoDB instances and dumps user passwords
- [**28**Star][17d] [Java] [tak31337/medusa-gui](https://github.com/tak31337/medusa-gui) A graphical user interface for the medusa brute forcing utility.
- [**28**Star][20d] [C] [t2mune/nield](https://github.com/t2mune/nield) A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
- [**28**Star][2m] [Py] [szysec/ctftest](https://github.com/szysec/ctftest) 
- [**28**Star][5m] [systemli/ansible-role-hidden-service](https://github.com/systemli/ansible-role-hidden-service) Ansible role to install & maintain Tor Hidden Services
- [**28**Star][2y] [Py] [sweetsoftware/artemis](https://github.com/sweetsoftware/artemis) Phishing webapp generator
- [**28**Star][4y] [Py] [swackhamer/vt_notification_puller](https://github.com/swackhamer/vt_notification_puller) VirusTotal Intelligence Notification Puller
- [**28**Star][1y] [Smali] [strazzere/emacs-smali](https://github.com/strazzere/emacs-smali) Smali/Baksmali mode for Emacs
- [**28**Star][1m] [Java] [sryze/wirebug](https://github.com/sryze/wirebug) Toggle Wi-Fi debugging on Android without a USB cable (needs root)
- [**28**Star][2m] [PHP] [spatie/email-concealer-cli](https://github.com/spatie/email-concealer-cli) CLI tool for concealing e-mails in a file by replacing their domain
- [**28**Star][6m] [Py] [sophoslabs/webassembly](https://github.com/sophoslabs/webassembly) Research on WebAssembly
- [**28**Star][6m] [JS] [shanselman/daskeyboard-q-nightscout](https://github.com/shanselman/daskeyboard-q-nightscout) Hooking up the DasKeyboard Q REST API to change the key colors in response to diabetic's glucose from NightScout
- [**28**Star][2y] [C] [sentinel-one/minhook](https://github.com/sentinel-one/minhook) The Minimalistic x86/x64 API Hooking Library for Windows
- [**28**Star][2m] [HTML] [secwiki/ti](https://github.com/secwiki/ti) Threat Research Blog 威胁情报提取与溯源技术研究小组
- [**28**Star][3y] [Shell] [securitygeneration/honeyport](https://github.com/securitygeneration/honeyport) Bash and Python Honeyport scripts
- [**28**Star][6m] [secarmalabs/iotchecklist](https://github.com/secarmalabs/iotchecklist) Baseline IoT security checklist. Consider security as early in development as possible and reap the rewards.
- [**28**Star][3y] [C] [salmg/audiospoof](https://github.com/salmg/audiospoof) Magnetic stripe spoofer implementing audio waves.
- [**28**Star][2m] [Go] [rverton/xssmap](https://github.com/rverton/xssmap) (DOM-)XSS fuzzer based on phantomjs and go.
- [**28**Star][1y] [Shell] [rokasurbelis/system_safety_test](https://github.com/rokasurbelis/system_safety_test) 
- [**28**Star][2y] [TS] [robinyo/ionic-angular-schematics](https://github.com/robinyo/ionic-angular-schematics) Schematics for Ionic Angular
- [**28**Star][2m] [C++] [rischardv/riscv-alphanumeric-shellcoding](https://github.com/rischardv/riscv-alphanumeric-shellcoding) Alphanumeric+1 shellcoding tools for RISC-V
- [**28**Star][8m] [Ruby] [richardc/puppet-datacat](https://github.com/richardc/puppet-datacat) Data composition types for puppet
- [**28**Star][4m] [Jupyter Notebook] [rh01/raspi-driving-car](https://github.com/rh01/raspi-driving-car) Capstone Auto RC Car
- [**28**Star][5y] [C] [rfdslabs/mimosa-framework](https://github.com/rfdslabs/mimosa-framework) Mimosa Framework to abuse EPC functionality on CISCO Routers.
- [**28**Star][1y] [C++] [rek7/descrypt-cpu-collision-cracker](https://github.com/rek7/descrypt-cpu-collision-cracker) DEScrypt CPU Collision Cracker
- [**28**Star][9m] [Java] [reactor/reactor-tools](https://github.com/reactor/reactor-tools) A set of tools to improve Project Reactor's debugging and development experience.
- [**28**Star][1y] [Go] [razc411/gobd](https://github.com/razc411/gobd) A Golang covert backdoor using raw sockets.
- [**28**Star][6m] [C] [rapid7/mimikatz](https://github.com/rapid7/mimikatz) A little tool to play with Windows security
- [**28**Star][10d] [PHP] [rakshitshah94/wordpress-wp-vcd-malware-attack-solution](https://github.com/rakshitshah94/wordpress-wp-vcd-malware-attack-solution) Another attack on wordpress 4.8
- [**28**Star][9m] [Shell] [raimue/ssl-cert-check](https://github.com/raimue/ssl-cert-check) Check expiry dates of local and remote SSL certificates
- [**28**Star][2m] [Go] [rahulwa/camouflage](https://github.com/rahulwa/camouflage) An HTTP proxy server package
- [**28**Star][3m] [C#] [raeesbhatti/ssh-agent-helper](https://github.com/raeesbhatti/ssh-agent-helper) Use SSH keys from CMD, PowerShell, etc. on Windows
- [**28**Star][5m] [Makefile] [radicallyopensecurity/netaidkit](https://github.com/radicallyopensecurity/netaidkit) Standalone VPN/Tor WiFi router for journalists and activists
- [**28**Star][5m] [C#] [raandree/managedpasswordfilter](https://github.com/raandree/managedpasswordfilter) Windows Password Filter that uses managed code internally
- [**28**Star][15d] [r3mlab/datajournalism-resources](https://github.com/r3mlab/datajournalism-resources) A compilation of links to datajournalism & OSINT tools, guides and resources I find useful to keep at hand.
- [**28**Star][1y] [CSS] [qll/attacking-browser-extensions](https://github.com/qll/attacking-browser-extensions) Test Suite and exemplary extensions of the "Attacking Browser Extensions" master's thesis
- [**28**Star][6y] [Java] [pwntester/springbreaker](https://github.com/pwntester/springbreaker) Exploit PoC for Spring RCE issue (CVE-2011-2894)
- [**28**Star][4m] [Shell] [pwittchen/android-quality-starter](https://github.com/pwittchen/android-quality-starter) setup CheckStyle, FindBugs, PMD and Lint for your Android project easily
- [**28**Star][2y] [C++] [psaneme/kung-fu-malware](https://github.com/psaneme/kung-fu-malware) 
- [**28**Star][3y] [PHP] [probely/ctf-challenges](https://github.com/probely/ctf-challenges) Capture the flag challenges
- [**28**Star][1m] [Py] [portswigger/sqli-py](https://github.com/portswigger/sqli-py) a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.
- [**28**Star][21d] [Java] [portswigger/json-web-tokens](https://github.com/portswigger/json-web-tokens) JWT Support for Burp
- [**28**Star][10m] [C#] [philiplaureano/linfu.dynamicproxy](https://github.com/philiplaureano/linfu.dynamicproxy) A small, lightweight dynamic proxy library for the .NET framework.
- [**28**Star][3y] [Py] [philarkwright/dga-detection](https://github.com/philarkwright/dga-detection) DGA Domain Detection using Bigram Frequency Analysis
- [**28**Star][2y] [Py] [paulpc/nyx](https://github.com/paulpc/nyx) Threat Intelligence distribution
- [**28**Star][2m] [Shell] [panjks/t-pot-autoinstall](https://github.com/panjks/t-pot-autoinstall) Autoinstall T-Pot on Ubuntu 16.04
- [**28**Star][7y] [Shell] [packetforger/localroot](https://github.com/packetforger/localroot) Collection of tools for privesc on Linux
- [**28**Star][29d] [Shell] [owtf/owtf-docker](https://github.com/owtf/owtf-docker) Docker repository for OWTF (64-bit Kali)
- [**28**Star][4y] [Java] [owasp/owaspbugbounty](https://github.com/owasp/owaspbugbounty) This is a container of web applications that work with OWASP Bug Bounty for Projects
- [**28**Star][23d] [Py] [orisano/owiener](https://github.com/orisano/owiener) A Python3 implementation of the Wiener attack on RSA
- [**28**Star][4m] [Java] [opticfusion1/mcantimalware](https://github.com/opticfusion1/mcantimalware) Anti-Malware for minecraft
- [**28**Star][2y] [C] [okazakinagisa/vtbaseddebuggerwin7](https://github.com/okazakinagisa/vtbaseddebuggerwin7) Simple kernelmode driver.
- [**28**Star][3m] [Py] [octobot-dev/django-rundbg](https://github.com/octobot-dev/django-rundbg) Provides a lightweight development runserver on Werkzeug with debugging
- [**28**Star][3m] [HTML] [o-o-overflow/dc2019f-super-smash-ooos](https://github.com/o-o-overflow/dc2019f-super-smash-ooos) 
- [**28**Star][1m] [Py] [nviso-be/decompile-py2exe](https://github.com/nviso-be/decompile-py2exe) Decompile py2exe Python 3 generated EXEs
- [**28**Star][4y] [Java] [nvisium/moneyx](https://github.com/nvisium/moneyx) MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.
- [**28**Star][4y] [C] [nukem9/idaskins](https://github.com/nukem9/idaskins) *DEPRECATED* Advanced skinning plugin for IDA Pro, ported to x64dbg
- [**28**Star][6m] [Java] [ninetysec/cknife](https://github.com/ninetysec/cknife) Cknife
- [**28**Star][2m] [Py] [nicksanzotta/smbshakedown](https://github.com/nicksanzotta/smbshakedown) A simplified SMB Email Client Attack script used for pentests.
- [**28**Star][4m] [Go] [nhoya/splitshare](https://github.com/nhoya/splitshare) Shamir's Secret Sharing Algorithm implementation in golang combined with PGP and a mail delivery system
- [**28**Star][2y] [Py] [netspi/jig](https://github.com/netspi/jig) Jira Information Gatherer
- [**28**Star][3m] [Py] [nccgroup/xcavator](https://github.com/nccgroup/xcavator) A network data locater using credentials obtained during penetration tests
- [**28**Star][3m] [Java] [nccgroup/jmxbf](https://github.com/nccgroup/jmxbf) A brute force program to test weak accounts configured to access a JMX Registry
- [**28**Star][3m] [Py] [nbshelton/bitdump](https://github.com/nbshelton/bitdump) A tool to extract database data from a blind SQL injection vulnerability.
- [**28**Star][6m] [Py] [multiparty/conclave](https://github.com/multiparty/conclave) Query compiler for secure multi-party computation.
- [**28**Star][6m] [ms3fgx/tsatool](https://github.com/ms3fgx/tsatool) 3D printed TSA keys in a pocketable "Swiss Army" style tool.
- [**28**Star][5m] [C] [mrmacete/r2-ios-kernelcache](https://github.com/mrmacete/r2-ios-kernelcache) Radare2 plugin to parse modern iOS 64-bit kernel caches
- [**28**Star][5m] [Py] [mosuan/auditdpy](https://github.com/mosuan/auditdpy) !!!不建议使用了，可以使用AuditBeat!!! Linux服务器命令监控辅助脚本，ElasticSearch + Logstash + Kibana + Redis + Auditd
- [**28**Star][12d] [Py] [morphuslabs/distinct](https://github.com/morphuslabs/distinct) Find potential Indicators of Compromise among similar Linux servers
- [**28**Star][29d] [Go] [mlesniak/port-scanner](https://github.com/mlesniak/port-scanner) Port scanner in Go
- [**28**Star][4m] [HTML] [misp/misp-rfc](https://github.com/misp/misp-rfc) Specifications used in the MISP project including MISP core format
- [**28**Star][6y] [Java] [mindmac/xposedautomation](https://github.com/mindmac/xposedautomation) A demo to show how to install Xposed and enable Xposed based module automatically
- [**28**Star][1y] [Go] [mimoo/eureka](https://github.com/mimoo/eureka) Need to encrypt a file before sending it to someone? This is it.
- [**28**Star][2y] [Py] [mgeeky/visualbasicobfuscator](https://github.com/mgeeky/visualbasicobfuscator) Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.
- [**28**Star][12d] [PHP] [mariusbalcytis/gentle-force](https://github.com/mariusbalcytis/gentle-force) Brute-force, error and request rate limiting
- [**28**Star][13d] [Rust] [marcograss/rust-kernelcache-extractor](https://github.com/marcograss/rust-kernelcache-extractor) Extract a decrypted iOS 64-bit kernelcache
- [**28**Star][12d] [mahmudz/malware](https://github.com/mahmudz/malware) 
- [**28**Star][2m] [Go] [magisterquis/dnsbotnet](https://github.com/magisterquis/dnsbotnet) DNS Botnet Server and Client
- [**28**Star][4m] [C++] [lurumdare/scyllahidedetector](https://github.com/lurumdare/scyllahidedetector) Anti-debugger support code
- [**28**Star][16d] [C] [lucascouto/krackattack-all-zero-tk-key](https://github.com/lucascouto/krackattack-all-zero-tk-key) This code has base on a code made by Mathy Vanhoef (
- [**28**Star][3m] [lordnoteworthy/binary-auditing-solutions](https://github.com/lordnoteworthy/binary-auditing-solutions) Learn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
- [**28**Star][5m] [long123king/grep](https://github.com/long123king/grep) Grep-like WinDbg extension
- [**28**Star][1y] [Py] [lettergram/elevatorallocation](https://github.com/lettergram/elevatorallocation) Elevator Allocation Algorithm for austingwalters.com
- [**28**Star][11d] [C] [0xdrrb/hackrf_ook](https://github.com/0xDRRB/hackrf_ook) ASK-OOK transmit tool for Great Scott Gadget HackRF
- [**28**Star][13d] [Go] [leechristensen/tgscrack](https://github.com/leechristensen/tgscrack) Kerberos TGS_REP cracker written in Golang
- [**28**Star][10d] [Shell] [kyonli/asuswrt-v2ray](https://github.com/kyonli/asuswrt-v2ray) Transparent proxy based on V2Ray
- [**28**Star][1y] [Py] [knownsec/decrypt-ransomware](https://github.com/knownsec/decrypt-ransomware) Lucky malware decrypt tools
- [**28**Star][7y] [Py] [kholia/exetractor-clone](https://github.com/kholia/exetractor-clone) Unpacker for packed Python executables. Supports PyInstaller and py2exe. This project is not updated anymore. Use "PyInstaller Extractor" and "unpy2exe" instead.
- [**28**Star][10m] [JS] [kevgk/od-search](https://github.com/kevgk/od-search) Web-Extension that builds search queries to find files on the internet.
- [**28**Star][3y] [Py] [kerrigan29a/idapython_virtualenv](https://github.com/kerrigan29a/idapython_virtualenv) Enable Virtualenv or Conda in IDAPython
- [**28**Star][14d] [Go] [kensodev/micro-auth-proxy](https://github.com/kensodev/micro-auth-proxy) Github Auth proxy designed for micro-apps with static client and an API server
- [**28**Star][2m] [Py] [keithjjones/malgazer](https://github.com/keithjjones/malgazer) A Python malware analysis library.
- [**28**Star][9m] [Py] [jumbo-wjb/jpentest](https://github.com/jumbo-wjb/jpentest) Jumbo Python Penetration testing framework
- [**28**Star][1m] [Go] [jsimonetti/tlstun](https://github.com/jsimonetti/tlstun) A socks tunnel client and server using websockets over http and tls
- [**28**Star][17d] [C] [joswr1ght/asleap](https://github.com/joswr1ght/asleap) Asleap - Cisco LEAP and Generic MS-CHAPv2 Dictionary Attack
- [**28**Star][28d] [C] [johanns/sha3](https://github.com/johanns/sha3) SHA3 for Ruby is a native (C) FIPS 202 compliant implementation of SHA3 (Keccak) cryptographic hashing algorithm.
- [**28**Star][5m] [Py] [jofpin/sack](https://github.com/jofpin/sack) Identify connection of sessions for social engineering attacks.
- [**28**Star][4m] [C] [jndok/of32](https://github.com/jndok/of32) A simple tool to find offsets needed in 32bit jailbreaks. Feel free to contribute.
- [**28**Star][2m] [Py] [jhermann/dependency-check-py](https://github.com/jhermann/dependency-check-py) 
- [**28**Star][2m] [Rust] [jedisct1/rust-sthash](https://github.com/jedisct1/rust-sthash) Very fast cryptographic hashing for large messages.
- [**28**Star][6m] [Swift] [jeanshuang/potatso](https://github.com/jeanshuang/potatso) 适配Xcode9.3 iOS11.3 Swift3.3编译通过。 (unmaintained) Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework in iOS 9.
- [**28**Star][26d] [Shell] [jchrisfarris/aws-service-control-policies](https://github.com/jchrisfarris/aws-service-control-policies) Collection of semi-useful Service Control Policies and scripts to manage them
- [**28**Star][10d] [TeX] [input-output-hk/cardano-ledger-specs](https://github.com/input-output-hk/cardano-ledger-specs) A formal specification and executable model of the ledger rules introduced by the Shelley release
- [**28**Star][3y] [Assembly] [inndy/ctf-from-zero-to-one](https://github.com/inndy/ctf-from-zero-to-one) TDOH Conf 2016 演講相關資料
- [**28**Star][3m] [Py] [initroot/fransrecon](https://github.com/initroot/fransrecon) Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.
- [**28**Star][7m] [C] [icewall/forcedelete](https://github.com/icewall/forcedelete) Windows driver including couple different techniques for file removal when regular operation isn't possible.
- [**28**Star][2m] [Py] [hydrabus/rhme-2016](https://github.com/hydrabus/rhme-2016) The RHme2 (Riscure Hack me 2) is a low level hardware CTF challenge that comes in the form of an Arduino Nano board. The new edition provides a completely different set of new challenges to test your skills in side channel, fault injection, cryptoanalysis and software exploitation attacks.
- [**28**Star][1m] [C++] [hexgolems/pint](https://github.com/hexgolems/pint) A debugger backend and LUA wrapper for PIN
- [**28**Star][3m] [Swift] [hdb-li/lldebugtoolswift](https://github.com/hdb-li/lldebugtoolswift) LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
- [**28**Star][30d] [C] [harryr/nanac](https://github.com/harryr/nanac) Tiny modular assembler & vm for lightweight control microcode
- [**28**Star][2m] [Java] [hakbot/hakbot-origin-controller](https://github.com/hakbot/hakbot-origin-controller) Vendor-Neutral Security Tool Automation Controller (over REST)
- [**28**Star][8y] [C] [hackedteam/driver-win32](https://github.com/hackedteam/driver-win32) Windows (32bit) agent driver
- [**28**Star][2m] [Py] [greysign/pysec](https://github.com/greysign/pysec) python安全编程
- [**28**Star][2y] [Py] [grayddq/passivedatasorting](https://github.com/grayddq/passivedatasorting) 自动化被动扫描系统分为数据源、数据处理、漏洞验证等三个子系统，本系统属于数据处理部分，抓取流量镜像的数据，进行分析过滤去重等操作，发送至消息队列中，等待PassiveSecCheck消费
- [**28**Star][14d] [C++] [giantpune/mailboxbomb](https://github.com/giantpune/mailboxbomb) a program used to build the mailbox bomb exploit for the Wii system menu.
- [**28**Star][2y] [C] [gdbinit/teloader](https://github.com/gdbinit/teloader) A TE executable format loader for IDA
- [**28**Star][9m] [C] [gdbinit/mario](https://github.com/gdbinit/mario) The kernel component of rootpipe fix for Mavericks
- [**28**Star][11d] [Java] [frohoff/jdeserialize](https://github.com/frohoff/jdeserialize) From
- [**28**Star][3m] [C] [fooinha/nginx-ssl-ja3](https://github.com/fooinha/nginx-ssl-ja3) nginx module for SSL/TLS ja3 fingerprint.
- [**28**Star][1m] [Py] [fitblip/pydbg](https://github.com/fitblip/pydbg) A pure-python win32 debugger interface.
- [**28**Star][5m] [Py] [fireeye/pycommands](https://github.com/fireeye/pycommands) PyCommand Scripts for Immunity Debugger
- [**28**Star][6m] [JS] [firebug/firequery](https://github.com/firebug/firequery) Firefox plugin for jQuery development
- [**28**Star][3m] [Py] [fesh0r/xnb_parse](https://github.com/fesh0r/xnb_parse) XNA xnb/xact file parser, and FEZ extractor/viewer
- [**28**Star][27d] [Py] [fengxuangit/pyshell](https://github.com/fengxuangit/pyshell) python版菜刀 连接一句话木马
- [**28**Star][4m] [Pascal] [felipedaragon/catarinka](https://github.com/felipedaragon/catarinka) A powerful set of multi-purpose libraries for Pascal/Delphi and Lua
- [**28**Star][3y] [exp-db/toolpool](https://github.com/exp-db/toolpool) 安全 & 运维小工具
- [**28**Star][2m] [JS] [eun/icmpmon](https://github.com/eun/icmpmon) A simple ICMP monitor with web interface.
- [**28**Star][5m] [JS] [ericbets/danby](https://github.com/ericbets/danby) A webserver that's also a grpc proxy for browsers
- [**28**Star][2y] [PS] [enddo/hatdbg](https://github.com/enddo/hatdbg) Minimal WIN32 Debugger in powershell
- [**28**Star][28d] [Swift] [emredurukn/betcalsa](https://github.com/emredurukn/betcalsa) Document Scanner iOS app written in Swift
- [**28**Star][12d] [Py] [embedi/ble_norton_core](https://github.com/embedi/ble_norton_core) PoC exploit for CVE-2018-5234
- [**28**Star][1y] [Java] [elynx/pokemon-go-xposed-mitm](https://github.com/elynx/pokemon-go-xposed-mitm) MITM attack on Pokemon Go (c) via XPosed framework
- [**28**Star][4m] [Go] [egebalci/ticketbleed](https://github.com/egebalci/ticketbleed) This is a tool for exploiting Ticketbleed (CVE-2016-9244) vulnerability.
- [**28**Star][5m] [Py] [duk3luk3/onion-py](https://github.com/duk3luk3/onion-py) Python wrapper for the OnionOO tor status API
- [**28**Star][3y] [C++] [dshikashio/pybag](https://github.com/dshikashio/pybag) CPython module for Windbg's dbgeng plus additional wrappers.
- [**28**Star][3m] [Java] [drme/ble-rc](https://github.com/drme/ble-rc) Control RC cars from your SmartPhone
- [**28**Star][10d] [C++] [dominictobias/detourxs](https://github.com/dominictobias/detourxs) A x86/64 library for detouring functions on Windows OS
- [**28**Star][3m] [C] [djhohnstein/wlbsctrl_poc](https://github.com/djhohnstein/wlbsctrl_poc) C++ POC code for the wlbsctrl.dll hijack on IKEEXT
- [**28**Star][2y] [defcon-russia/shortcut_auto_bind](https://github.com/defcon-russia/shortcut_auto_bind) Windows LNK/URL shortcut auto-binding hotkey (not a bug, feature)
- [**28**Star][1m] [Py] [ddbnl/office365-audit-log-collector](https://github.com/ddbnl/office365-audit-log-collector) Collector script for retrieving audit logs from the Office 365 API with file or network/graylog output.
- [**28**Star][12d] [Jupyter Notebook] [davidsbatista/machine-learning-notebooks](https://github.com/davidsbatista/machine-learning-notebooks) Assorted exercises and proof-of-concepts to understand and study machine learning and statistical learning theory
- [**28**Star][2m] [Ruby] [david942j/rbelftools](https://github.com/david942j/rbelftools) ELF parser library implemented in pure Ruby!
- [**28**Star][2m] [C] [danghvu/nginx-1.4.0](https://github.com/danghvu/nginx-1.4.0) For the analysis of CVE-2013-2028
- [**28**Star][5m] [PureBasic] [dadido3/d3hex](https://github.com/dadido3/d3hex) The first dataflow based Hex-Editor!
- [**28**Star][2m] [Py] [d4-project/d4-core](https://github.com/d4-project/d4-core) D4 core software (server and sample sensor client)
- [**28**Star][7y] [C++] [cr4sh/dbgcb](https://github.com/cr4sh/dbgcb) Engine for communication with remote kernel debugger (KD, WinDbg) from drivers and applications
- [**28**Star][12d] [Go] [cpmech/goga](https://github.com/cpmech/goga) Go evolutionary algorithm is a computer library for developing evolutionary and genetic algorithms to solve optimisation problems with (or not) many constraints and many objectives. Also, a goal is to handle mixed-type representations (reals and integers).
- [**28**Star][2m] [Java] [codehaus-plexus/plexus-archiver](https://github.com/codehaus-plexus/plexus-archiver) 
- [**28**Star][3y] [C] [cn33liz/hsevd-stackoverflow](https://github.com/cn33liz/hsevd-stackoverflow) HackSys Extreme Vulnerable Driver - StackOverflow Exploit
- [**28**Star][3m] [Py] [cleveridge/cleveridge-subdomain-scanner](https://github.com/cleveridge/cleveridge-subdomain-scanner) The Cleveridge Subdomain Scanner finds subdomains of a given domain.
- [**28**Star][13d] [Py] [chrisjd20/power_dump](https://github.com/chrisjd20/power_dump) powershell memory dumper
- [**28**Star][5y] [Py] [cheetz/icmpshock](https://github.com/cheetz/icmpshock) A scanning tool for the ShellShock bash vulnerability
- [**28**Star][1m] [JS] [chainsecurity/constantinople-reentrancy](https://github.com/chainsecurity/constantinople-reentrancy) Vulnerable code example including tests for Constantinople Reentrancy
- [**28**Star][2m] [Shell] [cert-polska/hsn2-bundle](https://github.com/cert-polska/hsn2-bundle) a highly-scalable system integrating multiple client honeypots to detect malicious websites.
- [**28**Star][3y] [C#] [cannanlly/gogotester](https://github.com/cannanlly/gogotester) 原版基础上修改bug和优化使用体验
- [**28**Star][4m] [brute-f0rce/ceh](https://github.com/brute-f0rce/ceh) Exam Prep for the Ec-council Certified Ethical Hacker 312-50
- [**28**Star][6m] [brandonprry/clamav-fuzz](https://github.com/brandonprry/clamav-fuzz) A fuzz job for ClamAV
- [**28**Star][8y] [Py] [bozhu/rc4-python](https://github.com/bozhu/rc4-python) A python implementation of the block cipher RC4
- [**28**Star][2m] [Zeek] [blacktop/docker-zeek](https://github.com/blacktop/docker-zeek) Zeek IDS Dockerfile
- [**28**Star][2m] [Visual Basic] [bitsadmin/revbshell](https://github.com/bitsadmin/revbshell) ReVBShell - Reverse VBS Shell
- [**28**Star][2y] [Java] [bit4woo/gui_burp_extender_para_encrypter](https://github.com/bit4woo/gui_burp_extender_para_encrypter) Burp_Extender_para_encrypter
- [**28**Star][7m] [PHP] [belove/avhbf](https://github.com/belove/avhbf) Advanced virtual host bruteforcer
- [**28**Star][4m] [Java] [bedrin/kerb4j](https://github.com/bedrin/kerb4j) Kerberos and SPNEGO in Java done right
- [**28**Star][9m] [Py] [baltimorechad/pyonionscan](https://github.com/baltimorechad/pyonionscan) Dark Web OSINT With Python and OnionScan
- [**28**Star][5m] [Py] [ansorren/gdpatrol](https://github.com/ansorren/gdpatrol) A Lambda-powered Security Orchestration framework for AWS GuardDuty
- [**28**Star][3y] [Java] [animeshshaw/chromeforensics](https://github.com/animeshshaw/chromeforensics) A tool to perform automated forensic analysis of Chrome Browser.
- [**28**Star][1y] [Ruby] [andrewsmhay/brisket](https://github.com/andrewsmhay/brisket) Brisket is a collection of frontend scripts for masscan, zmap, and nmap, in addition data manipulation scripts
- [**28**Star][5m] [JS] [anandtiwarics/datasploit](https://github.com/anandtiwarics/datasploit) A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.
- [**28**Star][3y] [JS] [allglorytothehypnotoad/nodescan](https://github.com/allglorytothehypnotoad/nodescan) scans network for hosts and open ports
- [**28**Star][7m] [Go] [alexakulov/hungryfox](https://github.com/alexakulov/hungryfox) Monitoring for leaks of sensitive information in git repositories
- [**28**Star][1m] [Go] [ahhh/goredshell](https://github.com/ahhh/goredshell) A cross platform tool for verifying credentials and executing single commands
- [**28**Star][17d] [Py] [aguinet/miasm-bootloader](https://github.com/aguinet/miasm-bootloader) x86 bootloader emulation with Miasm (case of NotPetya)
- [**28**Star][1m] [Java] [adorsys/datasafe](https://github.com/adorsys/datasafe) Datasafe - flexible and secure data storage and document sharing using cryptographic message syntax for data encryption
- [**28**Star][4m] [Py] [absingh31/tor_spider](https://github.com/absingh31/tor_spider) Python project to crawl and scrap the lesser known deep web or one can say dark web. Just provide the onion link and get started.
- [**28**Star][1y] [Py] [98587329/web-scan](https://github.com/98587329/web-scan) jboss，tomcat，weblogic，未授权访问扫描工具
- [**28**Star][9m] [C#] [717021/pcmgr](https://github.com/717021/pcmgr) Windows 任务管理器重制版 A rebulid version for Windows task manager.
- [**28**Star][2y] [C++] [3gstudent/hiddenntregistry](https://github.com/3gstudent/hiddenntregistry) Use NT Native Registry API to create a registry that normal user can not query.
- [**28**Star][2m] [Py] [3gstudent/fuzzbunch](https://github.com/3gstudent/fuzzbunch) NSA finest tool
- [**28**Star][2m] [Py] [0xacb/github-desktop-poc](https://github.com/0xacb/github-desktop-poc) Github Desktop RCE PoC
- [**28**Star][15d] [Shell] [0utrider/malrecon](https://github.com/0utrider/malrecon) MalRecon - Basic Malware Reconnaissance and Analysis Tool
- [**27**Star][3m] [JS] [novelcovid/api](https://github.com/novelcovid/api) API for Current cases and more stuff about COVID-19 or the Novel Coronavirus Strain
- [**27**Star][2m] [Java] [andrewrapp/arduino-remote-uploader](https://github.com/andrewrapp/arduino-remote-uploader) Over-the-air arduino programming via xbee, wifi or nordic
- [**27**Star][27d] [JS] [adblockradio/webradio-metadata](https://github.com/adblockradio/webradio-metadata) Collection of scraping recipes to get metadata about what is being streamed on webradios
- [**27**Star][2m] [Go] [vorkytaka/instagram-go-scraper](https://github.com/vorkytaka/instagram-go-scraper) Instagram Scraper for Go
- [**27**Star][10m] [Py] [iaroslavr/scrapy-mysql-pipeline](https://github.com/iaroslavr/scrapy-mysql-pipeline) scrapy mysql pipeline
- [**27**Star][6m] [Rust] [yaa110/rust-iptables](https://github.com/yaa110/rust-iptables) Rust bindings for iptables
- [**27**Star][4m] [Py] [datawizard1337/argus](https://github.com/datawizard1337/argus) ARGUS is an easy-to-use web mining tool. The program is based on the Scrapy Python framework and is able to crawl a broad range of different websites. On the websites, ARGUS is able to perform tasks like scraping texts or collecting hyperlinks between websites. See:
- [**27**Star][4m] [scriptsmith/insta-scrape](https://github.com/scriptsmith/insta-scrape) Scrape Instagram
- [**27**Star][13d] [Shell] [kintoandar/pre-commit](https://github.com/kintoandar/pre-commit) pre-commit hook terraform; pre-commit hook prometheus
- [**27**Star][1m] [JS] [poketo/poketo](https://github.com/poketo/poketo) Node library for scraping manga sites
- [**27**Star][5m] [Py] [maojui/cytro](https://github.com/maojui/cytro) Tools to solve CTF crypto challenge.
- [**27**Star][2m] [Lua] [alpinelinux/awall](https://github.com/alpinelinux/awall) Alpine Firewall (mirror)
- [**27**Star][3y] [Java] [catherine22/securitysample](https://github.com/catherine22/securitysample) (Android) Hide encrypted secret API keys in C/C++ code, retrieve and decrypt them via JNI. Google SafetyNet APIs example.
- [**27**Star][2y] [Py] [toonow/spidermanager](https://github.com/toonow/spidermanager) 爬虫管理平台
- [**27**Star][25d] [Py] [chjw8016/www_job_com](https://github.com/chjw8016/www_job_com) 爬取拉勾、BOSS直聘、智联招聘、51job、赶集招聘、58招聘等职位信息
- [**27**Star][25d] [Py] [cortexm/pyswd](https://github.com/cortexm/pyswd) Python SWD Debugging library for ST-Link/V2
- [**27**Star][22d] [Py] [invanalabs/invana-bot](https://github.com/invanalabs/invana-bot) A Web Crawler that scrapes using YAML and python code.
- [**27**Star][4m] [Py] [olympiccode/vhackxtbot-python](https://github.com/olympiccode/vhackxtbot-python) Python API for vHackXT Game
- [**27**Star][8m] [JS] [fliphub/d-l-l](https://github.com/fliphub/d-l-l) Simplified DLL config creator & handler
- [**27**Star][12d] [JS] [quantumsheep/warshield](https://github.com/quantumsheep/warshield) Warshield is a file encryption and decryption CLI using AES 256 algorithm
- [**27**Star][4y] [C++] [zengge2/machinecoderegister](https://github.com/zengge2/machinecoderegister) 基于Windows系统的激活库，本程序可以自动获取CPUID和硬盘ID作为机器码，并根据机器码利用加密算法生成注册码
- [**27**Star][1m] [Py] [gzm1997/shadow_spider](https://github.com/gzm1997/shadow_spider) 
- [**27**Star][5m] [TS] [w8r/liang-barsky](https://github.com/w8r/liang-barsky) Liang-Barsky line-clipping algorithm
- [**27**Star][3m] [watterott/esp-wroom-breakout](https://github.com/watterott/esp-wroom-breakout) Breakouts for ESP8266 and ESP32 WiFi/WLAN + Bluetooth modules from Espressif (ESP-WROOM-02, ESP-WROOM-32)
- [**27**Star][15d] [Java] [bytemine/bytemine-manager](https://github.com/bytemine/bytemine-manager) platform-independent, multilingual Java desktop-application for intuitive and easy management of your OpenVPN servers
- [**27**Star][4m] [doublehub/csgocheatmaking101](https://github.com/doublehub/csgocheatmaking101) A small uncomplete guide to start making CS:GO cheats
- [**27**Star][25d] [Kotlin] [sirvar/bluetoothkit-android](https://github.com/sirvar/bluetoothkit-android) 
- [**27**Star][27d] [Py] [arthepsy/pan-globalprotect-okta](https://github.com/arthepsy/pan-globalprotect-okta) PaloAlto Networks GlobalProtect VPN (integrated with OKTA) command-line client
- [**27**Star][14d] [JS] [vmdashboard/vmdashboard](https://github.com/vmdashboard/vmdashboard) web-based open source virtualization management interface for QEMU and KVM virtual machines
- [**27**Star][13d] [Py] [demelin/noise-contrastive-estimation-nce-for-pytorch](https://github.com/demelin/noise-contrastive-estimation-nce-for-pytorch) Re-implementation of the Noise Contrastive Estimation algorithm for pyTorch, following "Noise-contrastive estimation: A new estimation principle for unnormalized statistical models." (Gutmann and Hyvarinen, AISTATS 2010)
- [**27**Star][1m] [PHP] [snawoot/php-storageless-sessions](https://github.com/snawoot/php-storageless-sessions) Sessions handler which stores session data in HMAC-signed and encrypted cookies
- [**27**Star][5m] [Java] [kongzue/wifilinker](https://github.com/kongzue/wifilinker) 
- [**27**Star][4y] [Py] [wwj718/jobspider](https://github.com/wwj718/jobspider) jobSpider是一只scrapy爬虫，用于爬取职位信息
- [**27**Star][5m] [Go] [kbinani/win](https://github.com/kbinani/win) WinAPI wrapper (and wrapper generator) for Go
- [**27**Star][5m] [Go] [adamdecaf/cert-manage](https://github.com/adamdecaf/cert-manage) WIP x509 Certificate auditing CLI
- [**27**Star][23d] [Java] [jonatino/csgo-offset-scanner](https://github.com/jonatino/csgo-offset-scanner) Java Based Cross-Platform CSGO Offset and Netvar Scanner
- [**27**Star][19d] [C] [scribery/aushape](https://github.com/scribery/aushape) A library and a tool for converting audit logs to XML and JSON
- [**27**Star][3m] [JS] [sebastianha/um34c](https://github.com/sebastianha/um34c) A small NodeJS tool to read out and control the UM34C (or UM24C / UM25C) USB analyzer via Bluetooth
- [**27**Star][5m] [C++] [rockyqu/jnikeyprotection](https://github.com/rockyqu/jnikeyprotection) Android 使用 so 文件存储私密数据，并增加签名防盗机制
- [**27**Star][17d] [JS] [alpha-si/vpnman](https://github.com/alpha-si/vpnman) A web-based frontend for OpenVPN server management
- [**27**Star][11d] [JS] [novemberde/serverless-crawler-demo](https://github.com/novemberde/serverless-crawler-demo) Serverless Architecture Crawler demo
- [**27**Star][2y] [JS] [k1low/utsusemi](https://github.com/k1low/utsusemi) A tool to generate a static website by crawling the original site.
- [**27**Star][9m] [Rust] [olivedae/harald](https://github.com/olivedae/harald) Rust API for Bluetooth Low Energy
- [**27**Star][30d] [Py] [zegelin/qemu-affinity](https://github.com/zegelin/qemu-affinity) qemu-affinity is a tool to easily pin certain QEMU threads to select CPU cores
- [**27**Star][4m] [Py] [proxycrawl/proxycrawl-python](https://github.com/proxycrawl/proxycrawl-python) ProxyCrawl Python library for scraping and crawling
- [**27**Star][11d] [hookzof/socks5_list](https://github.com/hookzof/socks5_list) Auto-updated SOCKS5 proxy list
- [**27**Star][18d] [Scala] [endymecy/algorithmsonspark](https://github.com/endymecy/algorithmsonspark) Some popular algorithms(dbscan,knn,fm etc.) on spark
- [**27**Star][1m] [Go] [katattakd/katweb](https://github.com/katattakd/katweb) A lightweight static web server and reverse proxy designed for the modern web.
- [**27**Star][18d] [Py] [coallaoh/whitenblackbox](https://github.com/coallaoh/whitenblackbox) Towards Reverse-Engineering Black-Box Neural Networks, ICLR'18
- [**27**Star][22d] [PHP] [whunt1/sspanel_uim_port_offset](https://github.com/whunt1/sspanel_uim_port_offset) SSPanel Uim 端口偏移及教程
- [**27**Star][2m] [ObjC] [skifary/c4msis](https://github.com/skifary/c4msis) ios shadowsocks app based on NEKit
- [**27**Star][1m] [Go] [cucyber/ja3transport](https://github.com/cucyber/ja3transport) Impersonating JA3 signatures
- [**27**Star][1m] [C] [castaglia/proftpd-mod_proxy](https://github.com/castaglia/proftpd-mod_proxy) FTP proxy support for ProFTPD
- [**27**Star][2m] [C] [ufrisk/shellcode64](https://github.com/ufrisk/shellcode64) A minimal tool to extract shellcode from 64-bit PE binaries.
- [**27**Star][4m] [chokepoint/crunchpwn](https://github.com/chokepoint/crunchpwn) #Pwn Linux (CrunchPwn) is a penetration testing repository/addition for CrunchBang Linux.
- [**27**Star][23d] [Java] [nsacyber/paccor](https://github.com/nsacyber/paccor) The Platform Attribute Certificate Creator can gather component details, create, sign, and validate the TCG-defined Platform Credential. #nsacyber
- [**27**Star][10m] [Ruby] [infobyte/cve-2016-2776](https://github.com/infobyte/cve-2016-2776) CVE-2016-2776
- [**27**Star][4m] [PS] [gimini/tartarus](https://github.com/gimini/tartarus) Fileless Ransomware Example
- [**27**Star][2m] [Py] [oros42/arp_poisoning_detector](https://github.com/oros42/arp_poisoning_detector) Simple detector of ARP poisoning attack
- [**27**Star][12d] [Py] [jgamblin/kali-virtualbox](https://github.com/jgamblin/kali-virtualbox) A Python Script To Automatically Download, Provision and Update a Kali Linux VM in Virtualbox
- [**27**Star][4m] [Go] [getlantern/lampshade](https://github.com/getlantern/lampshade) Obfuscated encrypted network protocol for Lantern
- [**27**Star][2y] [C] [shadowsocksr-live/ssrdroid](https://github.com/shadowsocksr-live/ssrdroid) ShadowsocksR (SSR) for Android
- [**27**Star][3y] [C] [nicehash/sgminer-gm](https://github.com/nicehash/sgminer-gm) A multi-algo GPU miner from genesismining
- [**27**Star][1y] [Py] [averagesecurityguy/blue](https://github.com/averagesecurityguy/blue) Scripts that are suited for blue teams
- [**27**Star][10d] [C] [oracle/dtrace-utils](https://github.com/oracle/dtrace-utils) DTrace-utils contains the Userspace portion of the DTrace port to Linux
- [**27**Star][1m] [C] [dnscrypt/dnscrypt-plugin-geoip-block](https://github.com/dnscrypt/dnscrypt-plugin-geoip-block) Block DNS queries according to the country they resolve to
- [**27**Star][2m] [Py] [juju/plugins](https://github.com/juju/plugins) Basic collection of the first few plugins for Juju
- [**27**Star][5m] [Shell] [security-onion-solutions/securityonion-docker](https://github.com/security-onion-solutions/securityonion-docker) Docker files for Security Onion
- [**27**Star][23d] [C++] [henrypp/hostsmgr](https://github.com/henrypp/hostsmgr) Console tool for sysadmins and other peoples who need to autoupdate "hosts" file.
- [**27**Star][2m] [Py] [paranoidninja/pisociety](https://github.com/paranoidninja/pisociety) Inspired from Mr. Robot I started developing this framework which can create 3vil twins, ddos Wireless networks, bypass HSTS(partial) and many more.This project is a work in progress and will be updated and fixed regularly for any issues found.
- [**27**Star][24d] [Shell] [angorafuzzer/fuzzingrealprogrambenchstatistics](https://github.com/angorafuzzer/fuzzingrealprogrambenchstatistics) List the real world programs evaluated in fuzzing papers.
- [**27**Star][15d] [hack-with-github/security-bookmarks](https://github.com/hack-with-github/security-bookmarks) Single stop for security related stuff
- [**27**Star][2m] [Py] [d4vinci/reversehttp](https://github.com/d4vinci/reversehttp) Python backdoor that uses http post/get requests to communicate
- [**27**Star][1y] [offensive-security/kali-sly-pi](https://github.com/offensive-security/kali-sly-pi) kali-sly-pi
- [**27**Star][30d] [Shell] [leandromoreira/tls_certificate_generation](https://github.com/leandromoreira/tls_certificate_generation) Use temporary Amazon EC2 / Digital Ocean cloud machines to get / renew letsencrypt certificates
- [**27**Star][4m] [Shell] [1n3/supermicro-password-scanner](https://github.com/1n3/supermicro-password-scanner) Supermicro IPMI/BMC Cleartext Password Scanner
- [**27**Star][4m] [Py] [opensecurityresearch/custompassivescanner](https://github.com/opensecurityresearch/custompassivescanner) A Custom Scanner for Burp
- [**27**Star][19d] [Ruby] [ajitsing/apktojava](https://github.com/ajitsing/apktojava) View android apk as java code in gui
- [**27**Star][14d] [Ruby] [learnteachcode/code-coffee-compendium](https://github.com/learnteachcode/code-coffee-compendium) curated resource compendium, maintained by the Alhambra / El Sereno and Baldwin Park code & coffee study group
- [**27**Star][6m] [PHP] [codeling/bfstop](https://github.com/codeling/bfstop) Brute Force Stop Plugin (for Joomla!)
- [**27**Star][4m] [Py] [k8gege/sshshell](https://github.com/k8gege/sshshell) sshshell/sshcmd/sshlogin/sshcrack（SSH交互式Shell/内网渗透专用非交互式Shell/SSH密码爆破）Windows & Linux
- [**27**Star][1m] [Py] [qiaofei32/tcp-multiplexer](https://github.com/qiaofei32/tcp-multiplexer) A TCP service multiplexer in Python
- [**27**Star][2m] [Py] [k8gege/phpstudydoor](https://github.com/k8gege/phpstudydoor) PhpStudy 2016 & 2018 BackDoor Exploit
- [**27**Star][22d] [C#] [pigeonhands/confuserexplugins](https://github.com/pigeonhands/confuserexplugins) Transforms all types to generics, and all constructor calls and method calls into generic call factories.
- [**27**Star][2m] [Batchfile] [dylanbai8/c2ray](https://github.com/dylanbai8/c2ray) C2ray 一款windows下的极简 V2ray 客户端
- [**27**Star][17d] [C++] [aixxe/cstrike-basehook-linux](https://github.com/aixxe/cstrike-basehook-linux) Internal project base for Counter-Strike: Source on Linux.
- [**27**Star][4m] [Assembly] [thog/ghidra_falcon](https://github.com/thog/ghidra_falcon) Support of Nvidia Falcon processors for Ghidra (WIP)
- [**27**Star][5m] [thomasking2014/slides](https://github.com/thomasking2014/slides) 
- [**27**Star][9m] [Py] [bendemott/captiveportal](https://github.com/bendemott/captiveportal) A captive portal that can be used on most linux distributions.
- [**27**Star][5m] [C] [hypersine/windowssudo](https://github.com/HyperSine/WindowsSudo) A linux-like su/sudo on Windows. Transferred from
- [**27**Star][4m] [enciphers/mobexler](https://github.com/enciphers/mobexler) 
- [**27**Star][11d] [Py] [daskol/gdb-colour-filter](https://github.com/daskol/gdb-colour-filter) Colourify backtrace output in GDB with Python API
- [**27**Star][2m] [Shell] [nslib/devops-book](https://github.com/nslib/devops-book) 运维开发
- [**27**Star][12d] [JS] [freehuntx/frida-mono-api](https://github.com/freehuntx/frida-mono-api) All the mono c exports, ready to be used in frida!
- [**27**Star][2m] [C] [airbus-cert/pstrace](https://github.com/airbus-cert/pstrace) Trace ScriptBlock execution for powershell v2
- [**27**Star][5m] [C] [usineur/sdlpop](https://github.com/usineur/SDLPoP) An open-source port of Prince of Persia, based on the disassembly of the DOS version.
- [**27**Star][3y] [C++] [kernelm0de/runpe-processhollowing](https://github.com/kernelm0de/RunPE-ProcessHollowing) RunPE
- [**27**Star][6y] [C] [exploiteers/nestdfuattack](https://github.com/exploiteers/NestDFUAttack) Packages to attack the Google Nest's DFU mode.
- [**27**Star][7y] [Java] [alessiodallapiazza/wpscan](https://github.com/alessiodallapiazza/WPScan) 
- [**27**Star][2y] [osirislab/xnippet](https://github.com/osirislab/xnippet) A little tool to execute functions without debugging an entire executable. Originally written by Gonzalo J. Carracedo (BatchDrake).
- [**27**Star][3m] [Shell] [imwally/coffeeconnect](https://github.com/imwally/coffeeconnect) Connect to Starbucks WiFi without opening a browser.
- [**27**Star][4m] [itechub/sqlmap-wiki-zhcn](https://github.com/itechub/sqlmap-wiki-zhcn) 
- [**27**Star][2y] [Py] [taroballzchen/shecodject](https://github.com/TaroballzChen/shecodject) shecodject is a autoscript for shellcode injection by Python3 programing
- [**27**Star][2m] [PHP] [newbee119/firmware_analysis](https://github.com/NewBee119/firmware_analysis) 物联网设备分析环境搭建与工具使用，包括脚本换阿里源、binwalk的完整安装、firmwalker和rips的使用
- [**27**Star][6m] [C++] [zhaolong/libparser](https://github.com/zhaolong/libparser) 解析静态库(Lib)文件，提取出所有函数信息，组织成自定义格式文件
- [**27**Star][4y] [Java] [zerothoughts/jndipoc](https://github.com/zerothoughts/jndipoc) Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
- [**27**Star][4m] [Py] [zecure/shadowd_python](https://github.com/zecure/shadowd_python) A Shadow Daemon connector for Python applications
- [**27**Star][2m] [PHP] [xiaoxiaoleo/xiao-webshell](https://github.com/xiaoxiaoleo/xiao-webshell) a collection of webshell
- [**27**Star][3m] [Py] [xfkxfk/pyvulhunter](https://github.com/xfkxfk/pyvulhunter) python audit tool 审计 注入 inject
- [**27**Star][11m] [Py] [wwkenwong/ctf-writeup](https://github.com/wwkenwong/ctf-writeup) 
- [**27**Star][5m] [Shell] [wuseman/tg799vac-xtream-v16.2-jade](https://github.com/wuseman/tg799vac-xtream-v16.2-jade) My personal unique wiki for hacking the router firmware used by (Telia)TG799vac Xtream Version 16.2 Jade delivered from Technicolor
- [**27**Star][5m] [JS] [wuseman/sagemcom-fast-5370e-telia](https://github.com/wuseman/sagemcom-fast-5370e-telia) This is my personal wiki for hacking the router firmware used by (Sagemcom)F@ast Version 3.43.2 delivered from Sagemcom
- [**27**Star][2y] [JS] [whizkydee/type-reverse](https://github.com/whizkydee/type-reverse) 
- [**27**Star][6m] [Py] [webstersprodigy/webstersprodigy](https://github.com/webstersprodigy/webstersprodigy) misc pentest tools.
- [**27**Star][3y] [C++] [vusec/typesan](https://github.com/vusec/typesan) TypeSan checks casts in C++ code - code released for CCS 2016
- [**27**Star][1y] [Py] [vngkv123/ctf](https://github.com/vngkv123/ctf) CTF binary exploit code
- [**27**Star][6m] [Py] [vergecurrency/electrum-xvg-tor](https://github.com/vergecurrency/electrum-xvg-tor) XVG TOR Electrum Client for connecting to the VERGE XVG TOR Electrum Server
- [**27**Star][1m] [JS] [venables/node-where](https://github.com/venables/node-where) A very simple geolocation library in node.js
- [**27**Star][8m] [vah13/oraclecve](https://github.com/vah13/oraclecve) Vulnerabilities which found in Oracle products
- [**27**Star][1m] [Py] [tuxxy/hazmat-math](https://github.com/tuxxy/hazmat-math) Hazmat ECC arithmetic for Cryptography.io
- [**27**Star][3y] [Py] [toxic-ig/sql-xss](https://github.com/toxic-ig/sql-xss) A few SQL and XSS attack tools
- [**27**Star][8m] [HTML] [torque59/aws-vulnerable-lambda](https://github.com/torque59/aws-vulnerable-lambda) An AWS Lambda vulnerable application written in flask.
- [**27**Star][3m] [C] [tinysec/runwithdll](https://github.com/tinysec/runwithdll) windows create process with a dll load first time via LdrHook
- [**27**Star][15d] [ObjC] [tijme/reverse-engineering](https://github.com/tijme/reverse-engineering) This repository contains some of the executables that I've cracked.
- [**27**Star][3y] [Py] [tiankonguse/themole](https://github.com/tiankonguse/themole) Mole is an automatic SQL Injection exploitation tool. clone from sourceforge
- [**27**Star][5m] [Py] [threatresponse/mad-king](https://github.com/threatresponse/mad-king) Proof of Concept Zappa Based AWS Persistence and Attack Platform
- [**27**Star][5m] [Py] [threatminer/ioc_parser](https://github.com/threatminer/ioc_parser) Tool to extract indicators of compromise from security reports in PDF format
- [**27**Star][2y] [Py] [thesecondsun/pasm](https://github.com/thesecondsun/pasm) Linux assembler/disassembler based on Rasm2
- [**27**Star][1m] [Py] [tgalal/consonance](https://github.com/tgalal/consonance) WhatsApp's handshake implementation using Noise Protocol
- [**27**Star][12d] [Erlang] [technion/ct_advisor](https://github.com/technion/ct_advisor) A monitoring service for Certificate Transparency
- [**27**Star][2y] [C++] [tamirzb/cve-2017-13253](https://github.com/tamirzb/cve-2017-13253) PoC code for CVE-2017-13253
- [**27**Star][2m] [Perl] [t00sh/ctf](https://github.com/t00sh/ctf) Exploits used on hacking CTF's
- [**27**Star][4m] [Py] [syslog777/psak](https://github.com/syslog777/psak) The Pentester's Swiss Army Knife
- [**27**Star][27d] [Py] [sundaysec/anubis](https://github.com/sundaysec/anubis) Captive wifi hotspot bypass tool for Linux
- [**27**Star][11d] [Ruby] [sue445/ccc_privacy_crawler](https://github.com/sue445/ccc_privacy_crawler) Tカードの 個人情報提供の停止 対象企業一覧 の新着を通知するためのTwitterボットです
- [**27**Star][1m] [C++] [strobejb/sslhook](https://github.com/strobejb/sslhook) OpenSSL hooking
- [**27**Star][3m] [Py] [strawp/random-scripts](https://github.com/strawp/random-scripts) Quick and dirty scripts that don't really belong in a larger project
- [**27**Star][15d] [stayliv3/iotsec](https://github.com/stayliv3/iotsec) 收集物联网安全相关资料
- [**27**Star][11d] [C] [sslab-gatech/fuzzification](https://github.com/sslab-gatech/fuzzification) We hinder fuzzing
- [**27**Star][5m] [C] [sqdwr/loadimageinject](https://github.com/sqdwr/loadimageinject) LoadImage Routine Inject Dll
- [**27**Star][8y] [Ruby] [sophsec/wordlist](https://github.com/sophsec/wordlist) A Ruby library for generating and working with wordlists.
- [**27**Star][10d] [Py] [sim642/whatpulse](https://github.com/sim642/whatpulse) WhatPulse reverse engineered
- [**27**Star][2y] [Py] [si9int/screenshooter](https://github.com/si9int/screenshooter) Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis
- [**27**Star][2m] [Common Lisp] [shrdlu68/cl-tls](https://github.com/shrdlu68/cl-tls) An implementation of TLS and related specifications in Common Lisp
- [**27**Star][1y] [Lua] [shengnoah/riff](https://github.com/shengnoah/riff) 一个基于lua插件的pcap监控工具。
- [**27**Star][4m] [Py] [shawarkhanethicalhacker/brutexss-1](https://github.com/shawarkhanethicalhacker/brutexss-1) BruteXSS - Cross-Site Scripting Bruteforcer
- [**27**Star][5m] [Makefile] [shadowsocksr-rm/openwrt-shadowsocksr](https://github.com/shadowsocksr-rm/openwrt-shadowsocksr) ShadowsocksR-libev for OpenWrt/LEDE
- [**27**Star][8m] [PHP] [securelayer7/csv-injection-vulnerable-php-script-](https://github.com/securelayer7/csv-injection-vulnerable-php-script-) CSV injection Vulnerable Script.
- [**27**Star][26d] [Shell] [seankaiser/automation-scripts](https://github.com/seankaiser/automation-scripts) 
- [**27**Star][2m] [Py] [scanfsec/ihoneyportscan](https://github.com/scanfsec/ihoneyportscan) 轻量端口扫描器、信息泄露扫描、批量网站备份扫描
- [**27**Star][2y] [Py] [s4kur4/sepia](https://github.com/s4kur4/sepia) 一款集PoC批量验证和漏洞攻击的渗透测试工具
- [**27**Star][4m] [Go] [releasel0ck/nettracer](https://github.com/releasel0ck/nettracer) This tool is used to map out the network data flow to help penetration testers identify potentially valuable targets.
- [**27**Star][21d] [redshiftzero/awesome-threat-modeling](https://github.com/redshiftzero/awesome-threat-modeling) a curated list of useful threat modeling resources
- [**27**Star][21d] [Go] [redhat-cop/cert-operator](https://github.com/redhat-cop/cert-operator) An OpenShift controller using the Operator SDK for managing TLS certficate lifecycle
- [**27**Star][13d] [reconinfosec/rhq](https://github.com/reconinfosec/rhq) Recon Hunt Queries
- [**27**Star][6m] [re4lity/secpaper](https://github.com/re4lity/secpaper) SecurityPaper For
- [**27**Star][4m] [Shell] [rccoder/awesome-shadowsocks-qt5-installation-on-debian](https://github.com/rccoder/awesome-shadowsocks-qt5-installation-on-debian) Installation Script For shadowsocks-Qt5 on Debian
- [**27**Star][1m] [Shell] [random-robbie/kube-scan](https://github.com/random-robbie/kube-scan) Kubernetes Scanner
- [**27**Star][4m] [Java] [ramshazar/orangetsai-springboot-actuator-poc](https://github.com/ramshazar/orangetsai-springboot-actuator-poc) 
- [**27**Star][4m] [HTML] [rafaybaloch/sop-bypass-mini-test-suite](https://github.com/rafaybaloch/sop-bypass-mini-test-suite) This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing Same Origin Policy bypass issues with browsers. Due credits were given to the researchers whose Proof of concepts have been incorporated in this test suite. Please note that, this is just the beta version, the n…
- [**27**Star][7m] [Py] [qingxp9/cve-2019-6203-poc](https://github.com/qingxp9/cve-2019-6203-poc) PoC for CVE-2019-6203, works on < iOS 12.2, macOS < 10.14.4
- [**27**Star][4y] [PS] [proxb/pinvoke](https://github.com/proxb/pinvoke) One-off scripts that I have written involving PInvoke and PowerShell
- [**27**Star][3y] [PS] [powershell/dscconfigurations](https://github.com/powershell/dscconfigurations) 
- [**27**Star][3y] [Visual Basic .NET] [phreak87/espeensy-and-peensy-payload-generator-esp8266-teensy-3.5-](https://github.com/phreak87/espeensy-and-peensy-payload-generator-esp8266-teensy-3.5-) Build your own Bad USB Stick for pentesting with wifi and dip switches
- [**27**Star][1y] [C#] [padovah4ck/redsharp](https://github.com/padovah4ck/redsharp) Penetration Test / Read Team - C# tools repository
- [**27**Star][1y] [JS] [owasp/blt](https://github.com/owasp/blt) OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
- [**27**Star][2m] [Assembly] [osandamalith/bootloader](https://github.com/osandamalith/bootloader) My OS Stuff :)
- [**27**Star][5m] [C] [oracle/libdtrace-ctf](https://github.com/oracle/libdtrace-ctf) libdtrace-ctf is the Compact Type Format library used by DTrace on Linux
- [**27**Star][8m] [C] [operationnt414c/dsmotion](https://github.com/operationnt414c/dsmotion) DualShock motion control support for PlayStation TV
- [**27**Star][8m] [PS] [onelogicalmyth/invoke-gppcse](https://github.com/onelogicalmyth/invoke-gppcse) Obtains a list of GPOs based on known Client Side Extensions (CSE) that normally contain passwords
- [**27**Star][5y] [C] [olsut/kinject-x64](https://github.com/olsut/kinject-x64) Kinject - kernel dll injector, currently available in x86 version, will be updated to x64 soon.
- [**27**Star][11d] [Py] [oasis-open/cti-stix-elevator](https://github.com/oasis-open/cti-stix-elevator) OASIS TC Open Repository: Convert STIX 1.2 XML to STIX 2.0 JSON
- [**27**Star][5m] [Py] [nullpxl/nullctf](https://github.com/nullpxl/nullctf) A Discord bot that provides ctf tools for collaboration in Discord servers!
- [**27**Star][1y] [Py] [nullarray/amplispy](https://github.com/nullarray/amplispy) Check local or remote list of DNS servers for suitability in DNS Amplification DoS.
- [**27**Star][2y] [Py] [nucypher/sputnik](https://github.com/nucypher/sputnik) Sputnik is an assembly language and interpreter for Fully Homomorphic Encryption
- [**27**Star][5m] [JS] [nowsecure/frida-uikit](https://github.com/nowsecure/frida-uikit) Inspect and manipulate UIKit-based GUIs through Frida.
- [**27**Star][2m] [Py] [nixwizard/kube-alien](https://github.com/nixwizard/kube-alien) 
- [**27**Star][3m] [Py] [niexinming/safe_tool](https://github.com/niexinming/safe_tool) safe_tools
- [**27**Star][9m] [JS] [nickwb/cryptographic](https://github.com/nickwb/cryptographic) A cryptocurrency visualization
- [**27**Star][28d] [PHP] [nicecp/iyov](https://github.com/nicecp/iyov) Web proxy for http(s) for developers to analyze data between client and servers based on workerman, especailly for app developers.
- [**27**Star][3y] [Py] [netspi/asa_tools](https://github.com/netspi/asa_tools) Verification tools for CVE-2016-1287
- [**27**Star][2y] [Java] [nayuki/sorting-algorithms-demo](https://github.com/nayuki/sorting-algorithms-demo) Animated demo of sorting algorithms in Java.
- [**27**Star][10m] [Py] [n4xh4ck5/v1d0m](https://github.com/n4xh4ck5/v1d0m) Enumerate subdomains through Virustotal
- [**27**Star][3y] [Shell] [n3uz/t-pot-autoinstall](https://github.com/n3uz/t-pot-autoinstall) T-POT 针对中国区替换国内加速镜像
- [**27**Star][21d] [Java] [mx-futhark/hook-any-text](https://github.com/mx-futhark/hook-any-text) The goal of this project is to provide an alternative to well established text hookers, whose features are restrained to a certain number of game engines and emulators.
- [**27**Star][30d] [msintuneappsdk/intune-app-wrapping-tool-mac](https://github.com/msintuneappsdk/intune-app-wrapping-tool-mac) Use the Intune App Wrapping Tool for Mac to enable Mac apps to be managed by Microsoft Intune
- [**27**Star][4m] [C] [monosource/radare2-explorations-binaries](https://github.com/monosource/radare2-explorations-binaries) Supplement to radare2-explorations.
- [**27**Star][2y] [C++] [moccajoghurt/memwars](https://github.com/moccajoghurt/memwars) 
- [**27**Star][1y] [Py] [misteriouser/nextkey](https://github.com/misteriouser/nextkey) Free KeyLogger for Kali Linux and Ubuntu
- [**27**Star][9m] [Shell] [misp/misp-vagrant](https://github.com/misp/misp-vagrant) Deploy MISP Project software with Vagrant.
- [**27**Star][3m] [Makefile] [mintty/wsltty.appx](https://github.com/mintty/wsltty.appx) 
- [**27**Star][7m] [C#] [milo2012/owadump](https://github.com/milo2012/owadump) Search Email Accounts (OWA) for Passwords, PAN numbers as well as other Keywords
- [**27**Star][4m] [Py] [mikaelkall/massrecon](https://github.com/mikaelkall/massrecon) This reconissance tool is specific written for OSCP engagements.
- [**27**Star][6y] [C++] [michael4338/tdi](https://github.com/michael4338/tdi) Windows Kernel Driver - Create a driver device in TDI layer of windows kernel to capture network data packets
- [**27**Star][2y] [Py] [mdsecactivebreach/lambda-webbugs](https://github.com/mdsecactivebreach/lambda-webbugs) A proof of concept for delivering webbugs via AWS lambda
- [**27**Star][10m] [C] [mcolyer/ifuse](https://github.com/mcolyer/ifuse) No longer actively developed here, see
- [**27**Star][6m] [Py] [matonis/rippe](https://github.com/matonis/rippe) ripPE - section extractor and profiler for PE file analysis
- [**27**Star][7y] [Py] [marshyski/sshwatch](https://github.com/marshyski/sshwatch) Intrusion Prevention System (IPS) for Secure Shell (SSH)
- [**27**Star][26d] [C++] [marcnewlin/mousejack-nes-controller](https://github.com/marcnewlin/mousejack-nes-controller) MouseJack NES controller firmware and build guide.
- [**27**Star][1m] [Verilog] [lynxis/lpc_sniffer](https://github.com/lynxis/lpc_sniffer) a low pin count sniffer for icestick
- [**27**Star][4y] [C++] [luorui110120/idaplugins](https://github.com/luorui110120/idaplugins) IDA plugins, No Doc
- [**27**Star][4m] [JS] [lubyruffy/livemapdemo](https://github.com/lubyruffy/livemapdemo) 地图实时攻击演示
- [**27**Star][6m] [C++] [longsoft/pfsextractor](https://github.com/longsoft/pfsextractor) Primitive extractor for Dell PFS firmware update files
- [**27**Star][1m] [Py] [lcark/mysqlclientattack](https://github.com/lcark/mysqlclientattack) via load data local infile to attack client
- [**27**Star][4m] [Dockerfile] [kylemcc/kube-nginx-proxy](https://github.com/kylemcc/kube-nginx-proxy) Nginx reverse proxy for Kubernetes services and pods powered by annotations
- [**27**Star][2m] [C++] [kriw/ropchain](https://github.com/kriw/ropchain) ROPChain generator.
- [**27**Star][1y] [PHP] [koto/squid-imposter](https://github.com/koto/squid-imposter) Phishing attack w/HTML5 offline cache framework based on Squid proxy
- [**27**Star][8m] [C#] [kostapc/putty-tunnel-manager](https://github.com/kostapc/putty-tunnel-manager) Fixes and new release. PuTTY Tunnel Manager allows you to easily open tunnels, that are defined in a PuTTY session, from the system tray. You can also move the tunnels from PuTTY to PuTTY Tunnel Manager. This allows you to use PuTTY just for SSH shell sessions (without opening tunnels), and use PuTTY Tunnel Manager just for tunneling.
- [**27**Star][2m] [Assembly] [mwkmwkmwk/cpuadventure](https://github.com/mwkmwkmwk/cpuadventure) CPU Adventure task from Dragon CTF 2019 teaser
- [**27**Star][24d] [C#] [kerlomz/captcha_demo_csharp](https://github.com/kerlomz/captcha_demo_csharp) 本项目可以用来调用
- [**27**Star][4m] [Perl] [keith/xcode.app-strings](https://github.com/keith/xcode.app-strings) All the strings from Xcode's binaries
- [**27**Star][1y] [C++] [karaulov/warcraftiii_dll_126-127](https://github.com/karaulov/warcraftiii_dll_126-127) Improvements for Warcraft III 126a used in new DoTA (d1stats.ru). Auto unload from w3x map and load to Warcraft III !
- [**27**Star][6m] [JS] [kafuuchinoq/v2raygeokit](https://github.com/kafuuchinoq/v2raygeokit) 
- [**27**Star][6m] [Ruby] [kacperszurek/pentest_teamcity](https://github.com/kacperszurek/pentest_teamcity) Pentest TeamCity using Metasploit
- [**27**Star][1m] [C] [junxzm1990/afl-pt](https://github.com/junxzm1990/afl-pt) 
- [**27**Star][1m] [johnnydep/cobaltstrike](https://github.com/johnnydep/cobaltstrike) cobalt strike stuff I have gathered from around github
- [**27**Star][2m] [C] [jmcph4/crackerjack](https://github.com/jmcph4/crackerjack) A collection of crackmes
- [**27**Star][12d] [C++] [jlospinoso/abrade](https://github.com/jlospinoso/abrade) A fast Web API scraper written in C++ and built on Boost ASIO
- [**27**Star][1y] [C] [izsh/exploits](https://github.com/izsh/exploits) various exploits
- [**27**Star][23d] [C++] [ironsdu/grpc-gateway](https://github.com/ironsdu/grpc-gateway) GRPC HTTP Proxy - grpc-gateway
- [**27**Star][1y] [C++] [int0/ltmdm64_poc](https://github.com/int0/ltmdm64_poc) Windows 7 SP1 x64 Code Integrity Bypass POC using ltmdm64.sys
- [**27**Star][2m] [Py] [infodox/web-exploitation-engine](https://github.com/infodox/web-exploitation-engine) Generic Command Exploitation Engine for exploiting web application command-injection bugs,.
- [**27**Star][12d] [JS] [iddoeldor/mplus](https://github.com/iddoeldor/mplus) Intercept android apps based on unity3d (Mono) using Frida
- [**27**Star][4m] [Py] [ictu/zap-baseline](https://github.com/ictu/zap-baseline) Zap baseline scanner in Docker with authentication
- [**27**Star][4m] [C] [ice3man543/zeusinjector](https://github.com/ice3man543/zeusinjector) An Open Source Windows DLL Injector With All Known Techniques Available
- [**27**Star][9m] [C] [hyrathon/pocs](https://github.com/hyrathon/pocs) Some Proof-of-Concepts of bugs I found
- [**27**Star][8m] [C] [hxp2k6/smart7ec-scan-console](https://github.com/hxp2k6/smart7ec-scan-console) 基于Linux c开发的插件式扫描器(Python/lua)
- [**27**Star][2m] [R] [hrbrmstr/crafter](https://github.com/hrbrmstr/crafter) Analyze and Visualize Network Packet Capture (PCAP) Files
- [**27**Star][4m] [C] [honeynet/phoneyc](https://github.com/honeynet/phoneyc) 
- [**27**Star][4m] [Perl] [hknutzen/netspoc](https://github.com/hknutzen/netspoc) A network security policy compiler. Netspoc is targeted at large environments with a large number of firewalls and admins. Firewall rules are derived from a single rule set. Supported are Cisco IOS, NX-OS, ASA and IPTables.
- [**27**Star][2y] [Go] [heptiolabs/certstream-slack](https://github.com/heptiolabs/certstream-slack) A small daemon that watches your domains in Certificate Transparency logs and posts them into Slack
- [**27**Star][2m] [C] [hasherezade/flareon2019](https://github.com/hasherezade/flareon2019) Flare-On solutions
- [**27**Star][8m] [JS] [hans-strudle/coinjack](https://github.com/hans-strudle/coinjack) Extension to HiJack/control web miners (like CoinHive)
- [**27**Star][4m] [C] [hannob/selftls](https://github.com/hannob/selftls) Sample application to let OpenSSL talk to itself (for fuzzing)
- [**27**Star][2m] [Py] [hannob/pgpecosystem](https://github.com/hannob/pgpecosystem) Scripts to parse and analyze pgp key server data
- [**27**Star][7y] [C] [hacksysteam/shellcodeofdeath](https://github.com/hacksysteam/shellcodeofdeath) Shellcode Of Death
- [**27**Star][6m] [CSS] [hackeryunen/django-xss-platform](https://github.com/hackeryunen/django-xss-platform) 
- [**27**Star][15d] [ObjC] [hackedteam/vector-macos-root](https://github.com/hackedteam/vector-macos-root) root installation for MacOS
- [**27**Star][4m] [PHP] [gwen001/vhost-brute](https://github.com/gwen001/vhost-brute) A PHP tool to brute force vhost configured on a server.
- [**27**Star][6m] [Shell] [gustavosotnas/avd-launcher](https://github.com/gustavosotnas/avd-launcher) Front-end to Android Virtual Devices (AVDs) emulator from Google.
- [**27**Star][1y] [C] [guidovranken/openvpn](https://github.com/guidovranken/openvpn) OpenVPN is an open source VPN daemon
- [**27**Star][3m] [Go] [grocid/passdesktop](https://github.com/grocid/passdesktop) 
- [**27**Star][29d] [Groovy] [gmacario/easy-jenkins](https://github.com/gmacario/easy-jenkins) Easily deploy a Jenkins CI/CD infrastructure via docker-compose
- [**27**Star][11d] [gluk256/misc](https://github.com/gluk256/misc) text files, etc.
- [**27**Star][4m] [gitguardian/getting-started-with-the-individual-app](https://github.com/gitguardian/getting-started-with-the-individual-app) GitGuardian is at the forefront of developers' security on GitHub. API tokens, database credentials, certificates leaked on GitHub: be alerted in real-time! GitGuardian is loved by developers:
- [**27**Star][4m] [gdpraid/gdpr-claims-and-complaint-templates](https://github.com/gdpraid/gdpr-claims-and-complaint-templates) Templates to exercise GDPR rights
- [**27**Star][3m] [Py] [gdataadvancedanalytics/r2graphity](https://github.com/gdataadvancedanalytics/r2graphity) Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators
- [**27**Star][1y] [frizb/msf-venom-cheatsheet](https://github.com/frizb/msf-venom-cheatsheet) Single Page Cheatsheet for common MSF Venom One Liners
- [**27**Star][3y] [fouroctets/android-malware-samples](https://github.com/fouroctets/android-malware-samples) Android Malware Samples
- [**27**Star][5m] [HTML] [flyrabbit/winproject](https://github.com/flyrabbit/winproject) Hook, DLLInject, PE_Tool
- [**27**Star][4m] [Py] [fluxius/v2ginjector](https://github.com/fluxius/v2ginjector) V2GInjector - Tool to intrude a V2G PowerLine network, but also to capture and inject V2G packets
- [**27**Star][10m] [Py] [fare9/androidswissknife](https://github.com/fare9/androidswissknife) Framework for static and dynamic analysis in Android APKs
- [**27**Star][2m] [Py] [fabros/angr-antievasion](https://github.com/fabros/angr-antievasion) Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).
- [**27**Star][24d] [extremecoders-re/re-list](https://github.com/extremecoders-re/re-list) A list of open source reverse engineering tools with a focus on binary analysis
- [**27**Star][4m] [JS] [ettic-team/endpointfinder](https://github.com/ettic-team/endpointfinder) 
- [**27**Star][4m] [C#] [ericzimmerman/mftecmd](https://github.com/ericzimmerman/mftecmd) Parses $MFT from NTFS file systems
- [**27**Star][13d] [Py] [endgameinc/malware_evasion_competition](https://github.com/endgameinc/malware_evasion_competition) 
- [**27**Star][5y] [C] [ele7enxxh/mtkfbexploit](https://github.com/ele7enxxh/mtkfbexploit) mtkfb exploit for mt658x & mt6592
- [**27**Star][29d] [Ruby] [dreadlocked/ctf-writeups](https://github.com/dreadlocked/ctf-writeups) CTF Write-ups
- [**27**Star][5y] [C++] [dkemp/vulndev](https://github.com/dkemp/vulndev) Vulnerability research and development.
- [**27**Star][7m] [Py] [djteller/memoryanalysis](https://github.com/djteller/memoryanalysis) Automated Memory Analysis (Black Hat Arsenal 2014)
- [**27**Star][1m] [Dockerfile] [dizcza/docker-hashcat](https://github.com/dizcza/docker-hashcat) Hashcat docker for Ubuntu 18.04 OpenCL 2.1
- [**27**Star][3m] [Py] [dinotools/pysslscan](https://github.com/dinotools/pysslscan) Framework and command-line tool to scan SSL enabled services
- [**27**Star][5y] [C++] [dfct/inssidious](https://github.com/dfct/inssidious) A uniquely frustrating wireless network.
- [**27**Star][6m] [Py] [deralexxx/firemisp](https://github.com/deralexxx/firemisp) FireEye Alert json files to MISP Malware information sharing plattform (Alpha)
- [**27**Star][9m] [Verilog] [defparam/bar-tender](https://github.com/defparam/bar-tender) An FPGA I/O Device which services physical memory reads/writes via UMDF2 driver
- [**27**Star][2y] [C] [daveti/usbfilter](https://github.com/daveti/usbfilter) A USB layer firewall for the Linux kernel
- [**27**Star][9m] [PS] [danmcinerney/invoke-cats](https://github.com/danmcinerney/invoke-cats) Obfuscated Invoke-Mimikatz
- [**27**Star][4y] [danielmiessler/atm](https://github.com/danielmiessler/atm) The Adaptive Security Testing Methodology (ASTM) provides context-adjusted testing methodologies based on factors such as time available to test, platform, technology stack, versions, plugins, modules, and other variables.
- [**27**Star][5m] [Py] [cyberpunkych/attacking_mongodb](https://github.com/cyberpunkych/attacking_mongodb) Files from Zeronights presentation.
- [**27**Star][3m] [C] [cyanogenmod/android_external_bluetooth_bluedroid](https://github.com/cyanogenmod/android_external_bluetooth_bluedroid) 
- [**27**Star][29d] [C++] [curl/curl-fuzzer](https://github.com/curl/curl-fuzzer) Quality assurance testing for the curl project
- [**27**Star][2m] [C++] [cuitche/code-obfuscation](https://github.com/cuitche/code-obfuscation) 一款iOS代码混淆工具(A code obfuscation tool for iOS.)
- [**27**Star][3m] [C] [ctz/sgx-pwenclave](https://github.com/ctz/sgx-pwenclave) Using SGX to harden password hashing
- [**27**Star][7m] [PHP] [ctubio/php-proxy-stratum](https://github.com/ctubio/php-proxy-stratum) ReactPHP stratum+tcp proxy between miners and pools with database and frontend.
- [**27**Star][1m] [Py] [cryptogenic/idc_importer](https://github.com/cryptogenic/idc_importer) A Binary Ninja plugin for importing IDC database dumps from IDA.
- [**27**Star][3m] [Py] [crowdstrike/chopshop](https://github.com/crowdstrike/chopshop) Mitre chopshop network decoder framework
- [**27**Star][4m] [TeX] [cpeikert/theoryofcryptography](https://github.com/cpeikert/theoryofcryptography) Lecture notes for Chris Peikert's graduate-level Theory of Cryptography course
- [**27**Star][9m] [C++] [colagrosso/avviso](https://github.com/colagrosso/avviso) (unmaintained) Ring the red phone from your Arduino
- [**27**Star][8m] [Java] [coh7eiqu8thabu/slocker](https://github.com/coh7eiqu8thabu/slocker) Source code of the SLocker Android ransomware
- [**27**Star][3y] [C] [chuckixia/mirai-source-code](https://github.com/chuckixia/mirai-source-code) Leaked Mirai Source Code - make it vagrantized
- [**27**Star][1m] [Go] [chuan-yun/esmeralda](https://github.com/chuan-yun/esmeralda) 穿云全链路追踪监控系统日志转储、实时日志数据分析、接口数据服务。
- [**27**Star][1y] [HTML] [cainiaocome/xssgun](https://github.com/cainiaocome/xssgun) xss payloads generator
- [**27**Star][1m] [C] [brainsmoke/minemu](https://github.com/brainsmoke/minemu) Minemu is a minimal emulator for dynamic taint analysis ( this is a mirror of
- [**27**Star][2y] [Perl] [bollwarm/app-waf](https://github.com/bollwarm/app-waf) A simple waf application .用来实时探测web 非法访问，统计非法访问的ip ，web状态，访问url，来源web url。结合iptables和nginx可以实现实现实时封禁。
- [**27**Star][7m] [PHP] [blackfan/web-inf-dict](https://github.com/blackfan/web-inf-dict) List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.
- [**27**Star][4m] [Py] [bitthebyte/domainker](https://github.com/bitthebyte/domainker) BugBounty Tool
- [**27**Star][10m] [Go] [biezhi/goinx](https://github.com/biezhi/goinx) 
- [**27**Star][16d] [Go] [betalo-sweden/forwardingproxy](https://github.com/betalo-sweden/forwardingproxy) A HTTP/S forwarding proxy in Go
- [**27**Star][1y] [bcdannyboy/research](https://github.com/bcdannyboy/research) General Research Repository - Only updated when I feel like it
- [**27**Star][4m] [Assembly] [battelle/sinkhole](https://github.com/battelle/sinkhole) Architectural privilege escalation on x86
- [**27**Star][22d] [C#] [pigeonhands/confuserexplugins](https://github.com/pigeonhands/ConfuserExPlugins) Transforms all types to generics, and all constructor calls and method calls into generic call factories.
- [**27**Star][5m] [Rust] [arosspope/cipher-crypt](https://github.com/arosspope/cipher-crypt) A cryptographic tomb of ciphers forgotten by time.
- [**27**Star][1m] [PHP] [appsecco/sqlinjection-training-app](https://github.com/appsecco/sqlinjection-training-app) A simple PHP application to learn SQL Injection detection and exploitation techniques.
- [**27**Star][2m] [Shell] [angela-d/autohosts](https://github.com/angela-d/autohosts) Automate hosts file updates on Linux and MacOS. Block Firefox telemetry, Google snooping and web trackers at the root.
- [**27**Star][4y] [C] [anarcheuz/android-pocs](https://github.com/anarcheuz/android-pocs) 
- [**27**Star][6m] [alonemonkey/iosrebook-issues](https://github.com/alonemonkey/iosrebook-issues) 《iOS应用逆向与安全》 勘误
- [**27**Star][2y] [C] [alex9191/zerobank-ring0-bundle](https://github.com/alex9191/zerobank-ring0-bundle) Kernel-Mode rootkit that connects to a remote server to send & recv commands
- [**27**Star][1m] [Shell] [alephsecurity/edlrooter](https://github.com/alephsecurity/edlrooter) root exploit for Google Nexus 6 using a leaked Qualcomm Emergency Download (EDL) Mode programmer
- [**27**Star][4m] [Py] [alanshaw-github/minimips](https://github.com/alanshaw-github/minimips) Introducing the new lightweight MIPS Assembler and Disassembler, supporting syntax highlighting, code editing, file dragging and dropping, debug mode, assembly and disassembly, Molokai color matching style. Full platform support including Windows, macOS and Linux. Star now! Keep updating!
- [**27**Star][1y] [Py] [ajinabraham/poc](https://github.com/ajinabraham/poc) Proof of Concepts, Exploits
- [**27**Star][22d] [ObjC] [adegtyarev/streebog](https://github.com/adegtyarev/streebog) GOST R 34.11-2012: RFC-6986 cryptographic hash function
- [**27**Star][4m] [aadityapurani/nodejs-red-team-cheat-sheet](https://github.com/aadityapurani/nodejs-red-team-cheat-sheet) NodeJS Red-Team Cheat Sheet
- [**27**Star][1m] [C++] [3gstudent/test](https://github.com/3gstudent/test) just test
- [**27**Star][6m] [C#] [3gstudent/ewsmanage](https://github.com/3gstudent/ewsmanage) My exercise of using Exchange Web Service(EWS)
- [**27**Star][2y] [C] [1ce0ear/dllloaderunpacker](https://github.com/1ce0ear/dllloaderunpacker) a Windows malware reversing tool to unpack the DLL loader malware in runtime.
- [**27**Star][24d] [0xkiewicz/pwk-oscp](https://github.com/0xkiewicz/pwk-oscp) Empower your enumeration during OSCP
- [**27**Star][2y] [Py] [daniel_plohmann/simplifire.idascope](https://bitbucket.org/daniel_plohmann/simplifire.idascope)  An IDA Pro extension for easier (malware) reverse engineering
- [**26**Star][10d] [Vue] [jrohy/trojan-web](https://github.com/jrohy/trojan-web) trojan多用户管理程序web页面
- [**26**Star][1m] [PS] [ion-storm/emotet-malware-killer](https://github.com/ion-storm/emotet-malware-killer) 
- [**26**Star][2m] [TS] [jkanon/webmagician-ui](https://github.com/jkanon/webmagician-ui) An admin UI project for a configurable web crawler platform
- [**26**Star][19d] [Py] [x11-repo/hack-tools](https://github.com/x11-repo/hack-tools) "Кали-заменитель". Располагает в себе большое количество утилит для взлома.
- [**26**Star][2m] [Lua] [clarotyics/cve2020-0796](https://github.com/clarotyics/cve2020-0796) CVE2020-0796 SMBv3 RCE
- [**26**Star][2m] [Java] [ruil1n/after-deserialization-attack](https://github.com/ruil1n/after-deserialization-attack) Java After-Deserialization Attack
- [**26**Star][1y] [Py] [kr1shn4murt1/get_team_pass](https://github.com/kr1shn4murt1/get_team_pass) Get teamviewer's ID and password from a remote computer in the LAN
- [**26**Star][18d] [Rust] [decaf-lang/decaf-rs](https://github.com/decaf-lang/decaf-rs) The Decaf compiler, written in Rust
- [**26**Star][4m] [HTML] [bernsteining/instaloctrack](https://github.com/bernsteining/instaloctrack) An Instagram OSINT tool that allows you to collect all the location data available on an Instagram profile in order to plot them on a map, and dump them in a JSON..
- [**26**Star][1m] [Py] [yangzhedi/pythonspider](https://github.com/yangzhedi/pythonspider) 
- [**26**Star][2m] [Vim script] [yannh/openbsd_immutable_router](https://github.com/yannh/openbsd_immutable_router) Packer/Ansible configuration for the automatic generation of an immutable OpenBSD image for a full router/firewall server
- [**26**Star][10m] [Go] [de-labtory/swim](https://github.com/de-labtory/swim) Scalabe Weakly-consistent Infection-style Process Group Membership Protocol
- [**26**Star][2m] [Vue] [josw123/dart-scraper](https://github.com/josw123/dart-scraper) 한국 금융감독원에서 운영하는 다트(Dart) 시스템을 이용한 기업 재무제표 추출 프로그램
- [**26**Star][2m] [Py] [mohdsanadzakirizvi/web-scraping-magic-with-scrapy-and-python](https://github.com/mohdsanadzakirizvi/web-scraping-magic-with-scrapy-and-python) This repository contains my experiments with Scrapy for advanced web scraping in Python
- [**26**Star][1m] [Py] [nhat2008/vietnam-ecommerce-crawler](https://github.com/nhat2008/vietnam-ecommerce-crawler) Crawling the data from lazada, websosanh, compare.vn, cdiscount and cungmua with flexible configs
- [**26**Star][24d] [Scala] [garysieling/video-crawler](https://github.com/garysieling/video-crawler) Crawl websites for videos from Youtube, Vimeo, Soundcloud, etc
- [**26**Star][15d] [bulatbulat48/ru-scrapy-python](https://github.com/bulatbulat48/ru-scrapy-python) Scrapy: В этом репозитории находится полезная информация, собранная участниками telegram чата @scrapy_python
- [**26**Star][2m] [Rust] [ark0f/async-socks5](https://github.com/ark0f/async-socks5) An async/.await SOCKS5 implementation
- [**26**Star][2m] [C] [mjec/fido2-hmac-secret](https://github.com/mjec/fido2-hmac-secret) A simple way to generate password-proteceted secrets from a FIDO2 authenticator with the hmac-secret extension
- [**26**Star][1m] [Py] [lovato/hooks4git](https://github.com/lovato/hooks4git) Extensible Hook Management System for GIT
- [**26**Star][1y] [C] [pakmarkthub/dragon](https://github.com/pakmarkthub/dragon) A host-based framework that transparently extends the GPU addressable global memory space beyond the host memory using NVM-backed data pointers
- [**26**Star][11d] [JS] [tazeg/sample-web-scraping-with-electron](https://github.com/tazeg/sample-web-scraping-with-electron) Sample project for web scraping with Electron
- [**26**Star][4m] [Py] [icryo/rfcpwn](https://github.com/icryo/rfcpwn) An enumeration and exploitation toolkit using RFC calls to SAP
- [**26**Star][16d] [Ruby] [kingsabri/jwtear](https://github.com/kingsabri/jwtear) Module command-line tool to parse, create and manipulate JWT tokens for hackers
- [**26**Star][15d] [C] [jfreegman/toxcrawler](https://github.com/jfreegman/toxcrawler) A Tox DHT network crawler
- [**26**Star][11m] [Perl] [creaktive/depac](https://github.com/creaktive/depac) seamless Proxy Auto-Config (a.k.a. Web Proxy Auto Discovery) for CLI apps
- [**26**Star][13d] [Rust] [wyhaya/updns](https://github.com/wyhaya/updns) DNS proxy tool
- [**26**Star][2m] [JS] [captainsafia/ratatouille](https://github.com/captainsafia/ratatouille) A Node.js wrapper for scraping allrecipes.com
- [**26**Star][5m] [C] [cambricon/cn-gdb](https://github.com/cambricon/cn-gdb) CN-GDB, the BANG-C source-level debugger on Linux, based on GDB-7.11.
- [**26**Star][8d] [PS] [evotecit/pspasswordexpirynotifications](https://github.com/evotecit/pspasswordexpirynotifications) Following PowerShell Module provides different approach to scheduling password notifications for expiring Active Directory based accounts. While most of the scripts require knowledge on HTML... this one is just one config file and a bit of tingling around with texts. Whether this is good or bad it's up to you to decide. I do plan to add an optio…
- [**26**Star][5m] [PHP] [northox/stupid-password](https://github.com/northox/stupid-password) A library to prevent the use of easily guessed/bruteforced password and an alternative to Cracklib
- [**26**Star][11d] [Go] [trigun117/proxychecker](https://github.com/trigun117/proxychecker) Golang http/socks proxy checker
- [**26**Star][17d] [Py] [rgmining/fraudar](https://github.com/rgmining/fraudar) A wrapper of FRAUDAR algorithm
- [**26**Star][5m] [Shell] [tarunbatra/fixrtl8723be](https://github.com/tarunbatra/fixrtl8723be) Fix WiFi issue in laptops having RTL8723BE NICs and just one antenna
- [**26**Star][3m] [Py] [tooooommy/spiderman](https://github.com/tooooommy/spiderman) 爬虫项目：爬取猫眼top100、淘宝美食、微信文章、ip代理池实现、scrapy入门
- [**26**Star][1m] [Py] [harborzeng/crawler_jd_what_worthy_buying](https://github.com/harborzeng/crawler_jd_what_worthy_buying) 爬取京东商品所有评论，利用情感分析，判断商品是否值得买
- [**26**Star][10m] [JS] [dodrio/jet](https://github.com/dodrio/jet) An HTTP pre-proxy for SOCKS.
- [**26**Star][16d] [Go] [zchee/go-qcow2](https://github.com/zchee/go-qcow2) Manage the QEMU qcow2 disk image written in Go
- [**26**Star][1m] [C++] [bblanchon/dllhelper](https://github.com/bblanchon/dllhelper) How to GetProcAddress() like a boss
- [**26**Star][4m] [HCL] [terraform-community-modules/tf_aws_openvpn](https://github.com/terraform-community-modules/tf_aws_openvpn) Terraform module which creates OpenVPN on AWS
- [**26**Star][1m] [Py] [luis-hebendanz/strawpoll-voting-bot](https://github.com/luis-hebendanz/strawpoll-voting-bot) A voting bot written in python 3.x for strawpoll.de. It uses a proxy list to vote multiple times in a survey. Works on all platforms
- [**26**Star][2y] [JS] [gogoyqj/chrome-hosts](https://github.com/gogoyqj/chrome-hosts) launch chrome with separated, specified hosts & url rewrite rules
- [**26**Star][2m] [Py] [himself65/luogucrawler](https://github.com/himself65/luogucrawler) 一个python爬虫来爬取洛谷各种信息
- [**26**Star][2m] [Py] [parth-vader/fb-spider](https://github.com/parth-vader/fb-spider) Accepts a page name and shows latest posts and comments in a new browser window.
- [**26**Star][5m] [Rust] [timvisee/pixelpwnr-server](https://github.com/timvisee/pixelpwnr-server) 
- [**26**Star][4m] [Py] [cw1997/tieba-birthday-spider](https://github.com/cw1997/tieba-birthday-spider) 百度贴吧生日爬虫，可抓取贴吧内吧友生日，并且在对应日期自动发送祝福
- [**26**Star][11d] [Py] [responsiblyai/responsibly](https://github.com/responsiblyai/responsibly) Toolkit for Auditing and Mitigating Bias and Fairness of Machine Learning Systems
- [**26**Star][14d] [HTML] [sherlock-project/sherlock-project.github.io](https://github.com/sherlock-project/sherlock-project.github.io) Official repo for the Sherlock Project homepage
- [**26**Star][2m] [Py] [kkamagui/bitleaker](https://github.com/kkamagui/bitleaker) This tool can decrypt a BitLocker-locked partition with the TPM vulnerability
- [**26**Star][2m] [C#] [nytrorst/hookme](https://github.com/nytrorst/hookme) Exported from
- [**26**Star][1m] [C] [martin-ger/esp_peap_psk](https://github.com/martin-ger/esp_peap_psk) A WPA2-PEAP to WPA2-PSK converter
- [**26**Star][5m] [radareorg/r2jp](https://github.com/radareorg/r2jp) Japanese Community of radare2
- [**26**Star][2m] [Py] [mozillasecurity/laniakea](https://github.com/mozillasecurity/laniakea) Laniakea is a utility for managing instances at various cloud providers and aids in setting up a fuzzing cluster.
- [**26**Star][3m] [HTML] [seemoo-lab/fitness-firmware](https://github.com/seemoo-lab/fitness-firmware) 
- [**26**Star][2y] [Py] [corelan/certmon](https://github.com/corelan/certmon) Certificate Expiration Monitor script
- [**26**Star][10d] [Py] [intel/auto-pts](https://github.com/intel/auto-pts) The Bluetooth PTS automation framework
- [**26**Star][4m] [Py] [felixgr/pytaint](https://github.com/felixgr/pytaint) 
- [**26**Star][2m] [C++] [sweetsoftware/ftpkeylogger](https://github.com/sweetsoftware/ftpkeylogger) Simple keylogger for Windows with HTML output and FTP upload.
- [**26**Star][5m] [C#] [fuzzysecurity/dotnettojscript-languagemodebreakout](https://github.com/fuzzysecurity/dotnettojscript-languagemodebreakout) 
- [**26**Star][4m] [Py] [px4/hil](https://github.com/px4/hil) Hardware in the loop tools for PX4 Firmware
- [**26**Star][2m] [Go] [l3m0n/vulenv](https://github.com/l3m0n/vulenv) 漏洞测试环境 - 方便写扫描器利用复现
- [**26**Star][5m] [JS] [functionclub/affalarm](https://github.com/functionclub/affalarm) 
- [**26**Star][5m] [wtsxdev/application-security](https://github.com/wtsxdev/application-security) Resources for learning about application security
- [**26**Star][11m] [Shell] [infobyte/distro_checker](https://github.com/infobyte/distro_checker) Cross Distribution Exploit Testing
- [**26**Star][1m] [ObjC] [derekselander/airdrop-hack](https://github.com/derekselander/airdrop-hack) 
- [**26**Star][5y] [C] [buserror/simreprap](https://github.com/buserror/simreprap) emulates en entire reprap 3D printer running a Marlin firmware binary, renders it in opengl
- [**26**Star][4m] [Py] [ekultek/checkers](https://github.com/ekultek/checkers) Determine everything you need to know to about a system
- [**26**Star][1m] [n0tr00t/n0js](https://github.com/n0tr00t/n0js) n0js xss challenges
- [**26**Star][4y] [Py] [snifer/gpt](https://github.com/snifer/gpt) Gadget Pentesting Tool Scripts
- [**26**Star][2m] [Py] [averagesecurityguy/scapy](https://github.com/averagesecurityguy/scapy) Scapy Presentation and Code
- [**26**Star][20d] [CSS] [flatpak/flatpak.github.io](https://github.com/flatpak/flatpak.github.io) Flatpak website
- [**26**Star][13d] [robertdavidgraham/iotpasswds](https://github.com/robertdavidgraham/iotpasswds) Recording default/backdoor passwords from IoT devices I come across
- [**26**Star][2m] [Go] [henson/hosts](https://github.com/henson/hosts) 自动生成 Hosts 文件，科学上网
- [**26**Star][1m] [Py] [andresriancho/mongo-objectid-predict](https://github.com/andresriancho/mongo-objectid-predict) Predict Mongo ObjectIds
- [**26**Star][6m] [ctfd/plugins](https://github.com/ctfd/plugins) Official and Community CTFd Plugins
- [**26**Star][9m] [C] [klee/klee-uclibc](https://github.com/klee/klee-uclibc) KLEE's version of uClibc
- [**26**Star][2m] [JS] [greenwolf/eslint-security-scanner-configs](https://github.com/greenwolf/eslint-security-scanner-configs) eslintrc.js config files for running static analysis on JavaScript to identify security issues.
- [**26**Star][1m] [C++] [tasvideos/vba-rerecording](https://github.com/tasvideos/vba-rerecording) Automatically exported from code.google.com/p/vba-rerecording
- [**26**Star][8m] [PHP] [krowinski/tinyid](https://github.com/krowinski/tinyid) Shorten and obfuscate IDs
- [**26**Star][5m] [Shell] [edoverflow/h1-cli](https://github.com/edoverflow/h1-cli) A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
- [**26**Star][4m] [Visual Basic .NET] [modify24x7/ultimate-advanced-apktool](https://github.com/modify24x7/ultimate-advanced-apktool) v4.1
- [**26**Star][19d] [C] [kylekirkby/python-exploit-search-tool](https://github.com/kylekirkby/python-exploit-search-tool) A search tool that searches Offensive Securitys Exploit-db and Shodans Exploit DB using their API.
- [**26**Star][20d] [CSS] [cacti/documentation](https://github.com/cacti/documentation) Documentation for Cacti, Spine, RRDProxy and more
- [**26**Star][4m] [C++] [vivek-ramachandran/wi-door](https://github.com/vivek-ramachandran/wi-door) Wi-Fi Backdoors
- [**26**Star][5m] [Py] [dixel/wifi-linux](https://github.com/dixel/wifi-linux) Simple python script to monitor access point signal strength.
- [**26**Star][3m] [C] [andyvand/atherosromkit](https://github.com/andyvand/atherosromkit) Atheros ROM modding and recovery kit
- [**26**Star][6m] [cure53/publications](https://github.com/cure53/publications) 
- [**26**Star][1m] [arunmagesh/hw_hacking_cheatsheet](https://github.com/arunmagesh/hw_hacking_cheatsheet) Hardware Hacking Cheatsheet infograph
- [**26**Star][2m] [C#] [olliencc/winbinaryaudit](https://github.com/olliencc/winbinaryaudit) GSAudit at Symantec, ExeAudit at RIM, RECX Binary Assurance for Windows at Recx etc. - core library now WinBinaryAudit
- [**26**Star][14d] [Py] [walmartlabs/nightcall](https://github.com/walmartlabs/nightcall) Automated Enumeration Script for Pentesting
- [**26**Star][17d] [HTML] [restincode/restincode](https://github.com/restincode/restincode) A memorial site for Hackers and Infosec people who have passed
- [**26**Star][25d] [Ruby] [trailofbits/trailofphish](https://github.com/trailofbits/trailofphish) Phishing e-mail repository
- [**26**Star][1m] [C++] [freehackquest/fhq-server](https://github.com/freehackquest/fhq-server) This is an open source platform for competitions of computer security.
- [**26**Star][19d] [Py] [adriangranados/wifiexplorer-sensor](https://github.com/adriangranados/wifiexplorer-sensor) Enables remote scanning in WiFi Explorer Pro
- [**26**Star][10d] [C++] [simulpiscator/airsane](https://github.com/simulpiscator/airsane) Apple AirScan compatible SANE web frontend.
- [**26**Star][4y] [Py] [stratosphereips/stratospherewindowsips](https://github.com/stratosphereips/StratosphereWindowsIps) The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.
- [**26**Star][4y] [Assembly] [cduplooy/rootkit](https://github.com/CDuPlooy/Rootkit) 
- [**26**Star][4m] [Shell] [mzfr/hackthebox-writeups](https://github.com/mzfr/HackTheBox-writeups) Writeups for all the HTB machines I have done
- [**26**Star][10d] [C++] [vmcall/token_manipulation](https://github.com/vmcall/token_manipulation) Bypass User Account Control by manipulating tokens
- [**26**Star][8m] [Py] [meliot/ryanair-seats](https://github.com/meliot/ryanair-seats) Tool to predict which seat you will have for free
- [**26**Star][1m] [Py] [open-power/op-test](https://github.com/open-power/op-test) Testing Firmware for OpenPOWER systems
- [**26**Star][1m] [ObjC] [fsecurelabs/needle-agent](https://github.com/FSecureLABS/needle-agent) The iOS Agent for the Needle Security Assessment Framework
- [**26**Star][6m] [Py] [joesecurity/jbxapi](https://github.com/joesecurity/jbxapi) Python API wrapper for the Joe Sandbox API.
- [**26**Star][21d] [Py] [fsecurelabs/captcha_cracking](https://github.com/FSecureLABS/captcha_cracking) Helper scripts and tutorial for cracking text-based CAPTCHAs
- [**26**Star][24d] [Py] [zznop/binjago](https://github.com/zznop/binjago) Binary Ninja plugin for ROP gadget calculation
- [**26**Star][19d] [Ruby] [zidekmat/graphql_beautifier](https://github.com/zidekmat/graphql_beautifier) Burp Suite extension to help make Graphql request more readable
- [**26**Star][2y] [C] [zhuhuibeishadiao/pathmodification](https://github.com/zhuhuibeishadiao/pathmodification) Process path modification x64
- [**26**Star][11d] [C] [yugr/libdebugme](https://github.com/yugr/libdebugme) Automatically spawn gdb on error.
- [**26**Star][4y] [Java] [yolosec/upckeygen](https://github.com/yolosec/upckeygen) UPC router default WPA2 key generator
- [**26**Star][1m] [C] [yara-rules/r2yara](https://github.com/yara-rules/r2yara) r2yara - Module for Yara using radare2 information
- [**26**Star][4y] [HTML] [xyntax/campus-fakeap](https://github.com/xyntax/campus-fakeap) 针对校园网的wifi钓鱼工具
- [**26**Star][5m] [Py] [xmcp/acfan](https://github.com/xmcp/acfan) 名副其实的自动AC机
- [**26**Star][7m] [C#] [xljiulang/debugviewer](https://github.com/xljiulang/debugviewer) 用于捕获任意进程调用System.Diagnostics.Debugger.Log (level,category,message)输出的调试内容
- [**26**Star][14d] [C] [wiire-a/bully](https://github.com/wiire-a/bully) Brute force attack against WPS, that actually works
- [**26**Star][4y] [Java] [whyalwaysmea/mobilesafe](https://github.com/whyalwaysmea/mobilesafe) 这是一个android版的手机卫士，包含一下功能：1.手机防盗 2. 黑名单设置 3.软件管理 4.进程管理 5.流量统计 6.缓存清理 7.手机杀毒 8.来电归属地显示 9.号码归属地查询 10.程序锁
- [**26**Star][7d] [Shell] [wazuh/wazuh-packages](https://github.com/wazuh/wazuh-packages) Wazuh - Tools for packages creation
- [**26**Star][3m] [Java] [wavefronthq/wavefront-proxy](https://github.com/wavefronthq/wavefront-proxy) Wavefront Proxy Project
- [**26**Star][6y] [C] [varshapaidi/kernel_rootkit](https://github.com/varshapaidi/kernel_rootkit) Linux Kernel Rootkit - To hide modules and ssh service
- [**26**Star][2y] [Py] [v-p-b/windowsdefendertools](https://github.com/v-p-b/windowsdefendertools) Tools for instrumenting Windows Defender's mpengine.dll
- [**26**Star][18d] [unexpectedby/awesome-pentest-tools](https://github.com/unexpectedby/awesome-pentest-tools) List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
- [**26**Star][2y] [Java] [twilightgod/malwarebuster](https://github.com/twilightgod/malwarebuster) This is a Xposed module. It helps to prevent malwares to register service/receiver which were disabled in My Android Tools before.
- [**26**Star][9m] [C] [tumi8/zmap](https://github.com/tumi8/zmap) ZMapv6: Internet Scanner with IPv6 capabilities
- [**26**Star][4m] [Py] [toxic-ig/pythonkeylogger](https://github.com/toxic-ig/pythonkeylogger) A remote keylogger with some cool features
- [**26**Star][5m] [Go] [tomsteele/shellsquid](https://github.com/tomsteele/shellsquid) A dynamic HTTP and DNS reverse proxy
- [**26**Star][4m] [C#] [timandy/xmanagerkeygen](https://github.com/timandy/xmanagerkeygen) Xmanager Power Suit 注册机
- [**26**Star][5m] [HTML] [thoppe/5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8](https://github.com/thoppe/5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8) RNN-LSTM that learns passwords from a starting list
- [**26**Star][2y] [Py] [thegeekht/loki.rat](https://github.com/thegeekht/loki.rat) Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
- [**26**Star][2y] [Py] [the404hacking/xsscan](https://github.com/the404hacking/xsscan) XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]
- [**26**Star][4m] [Py] [the404hacking/websploit](https://github.com/the404hacking/websploit) Websploit is an advanced MITM framework.
- [**26**Star][1y] [techbliss/ida_pro_ultimate_qt_build_guide](https://github.com/techbliss/ida_pro_ultimate_qt_build_guide) Ida Pro Ultimate Qt Build Guide
- [**26**Star][2m] [C] [te-k/openssh-backdoor](https://github.com/te-k/openssh-backdoor) Openssh backdoor found with a ssh honeypot
- [**26**Star][30d] [Py] [te-k/malware-classification](https://github.com/te-k/malware-classification) Data and code for malware classification using machine learning (for fun, not production)
- [**26**Star][12m] [Py] [tarcisio-marinho/rsb-framework](https://github.com/tarcisio-marinho/rsb-framework) Windows/Linux - ReverseShellBackdoor Framework
- [**26**Star][3y] [PHP] [symphonycms/xssfilter](https://github.com/symphonycms/xssfilter) An XSS filter for Events in Symphony CMS
- [**26**Star][3y] [JS] [supersaiyansss/wechatspider](https://github.com/supersaiyansss/wechatspider) 基于中间人攻击的微信公众号爬虫 2017/9/19更新
- [**26**Star][3y] [Py] [subinacls/filibuster](https://github.com/subinacls/filibuster) 
- [**26**Star][4m] [C++] [strikerx3/whvpclient](https://github.com/strikerx3/whvpclient) Windows Hypervisor Platform client
- [**26**Star][2m] [Ruby] [spiderlabs/yara-ruby](https://github.com/spiderlabs/yara-ruby) Ruby bindings for the yara file analysis and classification library
- [**26**Star][11m] [Arduino] [sparkfun/simon-says](https://github.com/sparkfun/simon-says) Example firmware and hardware files for the Simon Says kit.
- [**26**Star][10m] [C] [souhailhammou/panda-antivirus-lpe](https://github.com/souhailhammou/panda-antivirus-lpe) The exploit for Panda AV LPE
- [**26**Star][29d] [PHP] [skyzyx/bad-passwords](https://github.com/skyzyx/bad-passwords) A list of the top 10,000 most-used passwords from hacked password lists.
- [**26**Star][13d] [Go] [skeeto/pgp-poisoner](https://github.com/skeeto/pgp-poisoner) PGP key poisoner
- [**26**Star][2m] [PHP] [sipcapture/homer-api](https://github.com/sipcapture/homer-api) HOMER 5: Back-End (API) DEPRICATED - use sipcapture/homer-app
- [**26**Star][4m] [Shell] [simonschuang/rpi-hostapd](https://github.com/simonschuang/rpi-hostapd) 
- [**26**Star][5m] [Shell] [shverni/raspberry-pi-vpn-gateway](https://github.com/shverni/raspberry-pi-vpn-gateway) Raspberry Pi VPN gateway installer for Private Internet Access
- [**26**Star][25d] [C] [shinyquagsire23/bootstrap](https://github.com/shinyquagsire23/bootstrap) ARM11 Kernel from ninjhax
- [**26**Star][4m] [C++] [shaxzy/nixware-csgo](https://github.com/shaxzy/nixware-csgo) Source code of Nixware. Cheat doesn't inject for some reason, fix it uself or just paste from it
- [**26**Star][4m] [Ruby] [sensu-plugins/sensu-plugins-network-checks](https://github.com/sensu-plugins/sensu-plugins-network-checks) This plugin provides native network instrumentation for monitoring and metrics collection, including: hardware, TCP response, RBLs, whois, port status, and more.
- [**26**Star][1m] [Java] [secdec/pen-test-automation](https://github.com/secdec/pen-test-automation) A framework for automating penetration testing using a plugin based architecture
- [**26**Star][4m] [Shell] [samuelhbne/vpn-launchpad](https://github.com/samuelhbne/vpn-launchpad) Builds VPN server on AWS EC2 with QR code support. Works on Ubuntu, OSX and Debian variants including Raspbian.
- [**26**Star][2y] [C] [s54mtb/loradunchy](https://github.com/s54mtb/loradunchy) Lora board with Arduino nano compatibile pinout and simple battery management
- [**26**Star][8m] [Py] [ryaninf/cve-2018-2893](https://github.com/ryaninf/cve-2018-2893) CVE-2018-2893 PoC
- [**26**Star][3m] [C++] [rwfpl/rewolf-pcausa-exploit](https://github.com/rwfpl/rewolf-pcausa-exploit) PCAUSA Rawether for Windows Local Privilege Escalation
- [**26**Star][5m] [Go] [root-gg/wsp](https://github.com/root-gg/wsp) HTTP tunnel over Websocket
- [**26**Star][4y] [Go] [robinmonjo/ngx_http_l](https://github.com/robinmonjo/ngx_http_l) nginx module "mostly" developed in Go
- [**26**Star][1m] [PHP] [riyazwalikar/sql-injection-training-app](https://github.com/riyazwalikar/sql-injection-training-app) A simple PHP application that can be used to demonstrate and train participants to detect and exploit SQL Injection vulnerabilities.
- [**26**Star][5m] [Ruby] [risksense-ops/metasploit-framework](https://github.com/risksense-ops/metasploit-framework) Metasploit Framework
- [**26**Star][1m] [Py] [restran/hacker-scripts](https://github.com/restran/hacker-scripts) 
- [**26**Star][20d] [Py] [remnux/distro](https://github.com/remnux/distro) This repository contains supplementary files for building and using the REMnux Linux distribution. See
- [**26**Star][23d] [C++] [regehr/opt-fuzz](https://github.com/regehr/opt-fuzz) llvm opt fuzzer and bounded exhaustive test generator
- [**26**Star][1m] [Go] [redhat-cip/skydive](https://github.com/redhat-cip/skydive) An open source real-time network topology and protocols analyzer
- [**26**Star][5m] [C++] [quangnh89/dbgsymgrabber](https://github.com/quangnh89/dbgsymgrabber) Just another tool to download specify Symbol (.pdb) files
- [**26**Star][9m] [ObjC] [qiuyuzhou/shadowsocks-ios](https://github.com/qiuyuzhou/shadowsocks-ios) No maintaining. Try this
- [**26**Star][6m] [Ruby] [qazbnm456/docker-war](https://github.com/qazbnm456/docker-war) Docker based Wargame Platform - To practice your CTF skills
- [**26**Star][21d] [pushinginertia/ip-blacklist](https://github.com/pushinginertia/ip-blacklist) An Apache httpd configuration file that rejects access to a server from a list of blacklisted IPs
- [**26**Star][4m] [Swift] [purkylin/kingproxy](https://github.com/purkylin/kingproxy) A proxy like privoxy and antinat
- [**26**Star][15d] [Py] [pinkymm/inconsistency_detection](https://github.com/pinkymm/inconsistency_detection) Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
- [**26**Star][2m] [Py] [pieterbork/blueborne](https://github.com/pieterbork/blueborne) Scan/Exploit Blueborne CVE-2017-0785
- [**26**Star][2m] [Py] [pfalcon/ida-xtensa2](https://github.com/pfalcon/ida-xtensa2) IDAPython plugin for Tensilica Xtensa (as seen in ESP8266), version 2
- [**26**Star][3m] [JS] [peterwilli/iota-ion.lib.js](https://github.com/peterwilli/iota-ion.lib.js) IOTA ION Library - Fast data-troughput in the browser, supported by the IOTA tangle.
- [**26**Star][19d] [Go] [peoples-cloud/pc](https://github.com/peoples-cloud/pc) people's cloud: using the ideas of botnets for good
- [**26**Star][4m] [F#] [paralax/burningdogs](https://github.com/paralax/burningdogs) Honeypot log processor to create OTX Pulse entries
- [**26**Star][2y] [packtpublishing/digital-forensics-with-kali-linux](https://github.com/packtpublishing/digital-forensics-with-kali-linux) Digital Forensics with Kali Linux, published by Packt
- [**26**Star][3m] [Py] [p4u/stratum-relay](https://github.com/p4u/stratum-relay) Stratum proxy relay for mining altcoin
- [**26**Star][4y] [Java] [owasp/owasp-proxy](https://github.com/owasp/owasp-proxy) Owasp Proxy
- [**26**Star][9m] [Py] [osmode/ddash](https://github.com/osmode/ddash) DDASH - Ethereum Operating System for Knowledge Creation and Sharing
- [**26**Star][3y] [Py] [open-nsm/dockoo](https://github.com/open-nsm/dockoo) Malware analysis using Docker project
- [**26**Star][2y] [omg2hei/vulnerability-env](https://github.com/omg2hei/vulnerability-env) 收集国内外开源CMS存在漏洞的各种版本
- [**26**Star][3m] [Perl] [occivink/kakoune-gdb](https://github.com/occivink/kakoune-gdb) gdb integration plugin
- [**26**Star][4m] [C++] [nx-desktop/nx-firewall](https://github.com/nx-desktop/nx-firewall) Firewall KCM
- [**26**Star][2m] [C] [nucypher/nucypher-pre-python](https://github.com/nucypher/nucypher-pre-python) NuCypher proxy re-encryption library in Python
- [**26**Star][16d] [Rust] [nixos/security](https://github.com/nixos/security) 
- [**26**Star][1y] [C++] [nixer1337/nixware-gmod](https://github.com/nixer1337/nixware-gmod) Internal c++ gmod hack
- [**26**Star][10m] [Py] [murmus/ctf](https://github.com/murmus/ctf) 
- [**26**Star][4m] [Kotlin] [mrpowergamerbr/aminoreapi](https://github.com/mrpowergamerbr/aminoreapi) 
- [**26**Star][3m] [Shell] [mricon/tor-relay-bootstrap-rpi](https://github.com/mricon/tor-relay-bootstrap-rpi) Script to bootstrap a Debian server to be a set-and-forget Tor relay
- [**26**Star][4m] [PHP] [mrahmadt/smartgw](https://github.com/mrahmadt/smartgw) Domain based VPN Gateway/Proxy for all devices
- [**26**Star][6m] [HTML] [mpgn/cve-2019-9580](https://github.com/mpgn/cve-2019-9580) CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE
- [**26**Star][2y] [Perl] [moham3driahi/wpgrabinfo](https://github.com/moham3driahi/wpgrabinfo) WP Grab Info v2
- [**26**Star][1y] [C++] [michmich/analogvoltmeterclock](https://github.com/michmich/analogvoltmeterclock) An Arduino based analog volt meter clock.
- [**26**Star][1m] [Shell] [mattcarothers/mhn-core-docker](https://github.com/mattcarothers/mhn-core-docker) Core elements of the Modern Honey Network implemented in Docker
- [**26**Star][3y] [Pascal] [martindrab/vrtuletree](https://github.com/martindrab/vrtuletree) VrtuleTree is a tool that displays information about driver and device objects present in the system and relations between them. Its functionality is very similar to famous DeviceTree, however, VrtuleTree emhasises on stability and support of latest Windows versions
- [**26**Star][3y] [Py] [marcusbotacin/anti.analysis](https://github.com/marcusbotacin/anti.analysis) Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis
- [**26**Star][4y] [Py] [mandatoryprogrammer/xcname](https://github.com/mandatoryprogrammer/xcname) A tool for enumerating expired domains in CNAME records
- [**26**Star][4m] [HTML] [lurumdare/ideas](https://github.com/lurumdare/ideas) Ideas for protecting C/C++
- [**26**Star][2m] [ANTLR] [zigastegu/limesdr-usb](https://github.com/zigastegu/LimeSDR-USB) USB 3.0 version of the LimeSDR board
- [**26**Star][2m] [lucifer1993/awesome-hacking](https://github.com/lucifer1993/awesome-hacking) awesome hacking chinese version
- [**26**Star][3m] [Shell] [leviathan36/wifibang](https://github.com/leviathan36/wifibang) wifi attacks suite
- [**26**Star][29d] [Py] [letheanmovement/lethean-vpn](https://github.com/letheanmovement/lethean-vpn) Lethean Virtual Private Network (VPN)
- [**26**Star][8m] [C#] [lennyleng/radioeye](https://github.com/lennyleng/radioeye) RFID Security Audit Tool
- [**26**Star][5m] [Perl] [kost/vulnscan-pwcrack](https://github.com/kost/vulnscan-pwcrack) Password guessers for popular vulnerability scanners and frameworks: Find the password for your favourite vulnscanners: OpenVAS, Nessus, NeXpose or Metasploit
- [**26**Star][6y] [C] [kacheo/kernelrootkit](https://github.com/kacheo/kernelrootkit) Linux kernel rootkit to hide certain files and processes.
- [**26**Star][6m] [Shell] [justsml/ssl-proxy](https://github.com/justsml/ssl-proxy) Docker https/ssl reverse proxy w/ nginx. Supports: Auto request letsencrypt cert, CORS, HTTP Auth, Real-time/Low Latency...
- [**26**Star][3m] [C] [josephjkong/designing-bsd-rootkits](https://github.com/josephjkong/designing-bsd-rootkits) Code from the book "Designing BSD Rootkits: An Introduction to Kernel Hacking"
- [**26**Star][4m] [Assembly] [joric/arduino-bitcoin-miner](https://github.com/joric/arduino-bitcoin-miner) Arduino Bitcoin Miner (plain C and AVR assembly versions)
- [**26**Star][2m] [C] [johndoe31415/ratched](https://github.com/johndoe31415/ratched) Ratched is a transparent Man-in-the-Middle TLS proxy intended for penetration testing
- [**26**Star][28d] [Py] [jmichelp/gr-wmbus](https://github.com/jmichelp/gr-wmbus) Receiver for wireless m-bus (EN 13757-4) based on the rtl-sdr
- [**26**Star][11m] [Py] [jlospinoso/unfurl](https://github.com/jlospinoso/unfurl) An Entropy-Based Link Vulnerability Tool
- [**26**Star][10m] [jgamblin/hackapie](https://github.com/jgamblin/hackapie) An Raspberry PI 2 OpenWRT Image Setup To Be A Wireless Hacking Sandbox
- [**26**Star][2y] [Shell] [jgamblin/defensive-s3-buckets](https://github.com/jgamblin/defensive-s3-buckets) Defensive S3 Bucket Squating
- [**26**Star][30d] [Py] [jfarley248/itunes_backup_reader](https://github.com/jfarley248/itunes_backup_reader) Python 3 Script to parse out iTunes backups
- [**26**Star][5m] [Py] [jacopo-j/trenitaliaapi](https://github.com/jacopo-j/trenitaliaapi) Reverse engineering dell'API dell'app di Trenitalia
- [**26**Star][3y] [C] [jacktang310/kerneldebugonnexus6p](https://github.com/jacktang310/kerneldebugonnexus6p) 
- [**26**Star][4m] [ObjC] [ipadkid358/flextotheos](https://github.com/ipadkid358/flextotheos) Turn Flex patches into Theos projects
- [**26**Star][6m] [PHP] [ip2location/ip2proxy-php](https://github.com/ip2location/ip2proxy-php) PHP module for IP2Proxy database lookup. It allows user to query an IP address if it was being used as open proxy, web proxy, VPN anonymizer and TOR exits.
- [**26**Star][4m] [Py] [initstring/pentest-tools](https://github.com/initstring/pentest-tools) General stuff for pentesting - password cracking, phishing, automation, Kali, etc.
- [**26**Star][6m] [infosec-community/apac-meetups](https://github.com/infosec-community/apac-meetups) A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
- [**26**Star][4m] [Nim] [imgp3dev/drmitm](https://github.com/imgp3dev/drmitm) DrMITM is a program designed to globally log all traffic of a website.
- [**26**Star][5m] [PHP] [imagemlt/ctf_web_dockers](https://github.com/imagemlt/ctf_web_dockers) dockerfile of CTF web practices
- [**26**Star][3y] [C++] [ilyatk/hookengine](https://github.com/ilyatk/hookengine) 
- [**26**Star][2y] [C++] [icollin/unrealenginesdkgenerator](https://github.com/icollin/unrealenginesdkgenerator) Generate SDK for PUBG.
- [**26**Star][8m] [Shell] [hrishioa/nomohead](https://github.com/hrishioa/nomohead) Simple Bash script that announces IP Address and ngrok tunnel of Raspberry Pi at boot
- [**26**Star][3y] [C++] [hpsocket/restclient-cpp](https://github.com/hpsocket/restclient-cpp) C++ winnet/winhttp api restclient
- [**26**Star][4m] [Py] [hiddenillusion/ir](https://github.com/hiddenillusion/ir) Some dfir stuff
- [**26**Star][4m] [Py] [hackingenvivo/doxing](https://github.com/hackingenvivo/doxing) Espionaje y recopilación de Información
- [**26**Star][28d] [Py] [gynvael/arcanesector](https://github.com/gynvael/arcanesector) Arcane Sector game - a CTF task, or old-school (MMO)RPG - depending on the perspective. The code is of terrible quality, you have been warned!
- [**26**Star][4m] [C++] [gtoad/android_anti_debug](https://github.com/gtoad/android_anti_debug) An example of android anti-debug.
- [**26**Star][3y] [C++] [grcasanova/supervirus](https://github.com/grcasanova/supervirus) Project aimed at creating a malware able to evolve and adapt to the various host machines through metamorphic modifications, spontaneous mutations, code imitation and DNA programming to enable/disable functionalities
- [**26**Star][5m] [Ruby] [godinezj/metasploit-framework](https://github.com/godinezj/metasploit-framework) Metasploit Framework
- [**26**Star][1m] [Go] [gnolizuh/quictun](https://github.com/gnolizuh/quictun) The simplest tunnel service based on QUIC.
- [**26**Star][5m] [PHP] [ghorbanzadeh/owaat](https://github.com/ghorbanzadeh/owaat) OWASP ASVS Assessment Tool
- [**26**Star][2m] [Go] [gen0cide/hasherbasher](https://github.com/gen0cide/hasherbasher) SQL injection via bruteforced MD5 hash reflection of random strings
- [**26**Star][3m] [Py] [gdssecurity/cloud-and-control](https://github.com/gdssecurity/cloud-and-control) 
- [**26**Star][2m] [C++] [gavinandresen/bitcoin_miningsim](https://github.com/gavinandresen/bitcoin_miningsim) Simple, fast, C++ bitcoin mining / block relay simulation code
- [**26**Star][17d] [Py] [sealgod/darkguardian](https://github.com/sealgod/DarkGuardian) RDP远程登录挂盘监控工具
- [**26**Star][4m] [Tcl] [fruho/fruhoapp](https://github.com/fruho/fruhoapp) Fruho VPN Manager - Universal VPN Client |
- [**26**Star][24d] [Assembly] [fabianishere/boot2flappy](https://github.com/fabianishere/boot2flappy) Flappy Bird as bootable UEFI executable
- [**26**Star][7m] [C] [eternityx/deadcell-oshgui](https://github.com/eternityx/deadcell-oshgui) OSHGui project files
- [**26**Star][10m] [Shell] [ericpskl/exportec2volumeimage](https://github.com/ericpskl/exportec2volumeimage) A Bash script which uses AWS CLI to create an image of an AWS EC2 volume
- [**26**Star][2m] [C++] [epsylon3/odbgscript](https://github.com/epsylon3/odbgscript) OllyDBG Script Engine
- [**26**Star][4m] [C] [enovella/exploitrainings](https://github.com/enovella/exploitrainings) Exploitation on different architectures (x86, x64, arm, mips, avr)
- [**26**Star][3y] [C] [embedi/tcl_shellcode](https://github.com/embedi/tcl_shellcode) A template project for creating a shellcode for the Cisco IOS in the C language
- [**26**Star][11m] [JS] [eligrey/libxdr](https://github.com/eligrey/libxdr) A library that implements a cross-browser XDR constructor
- [**26**Star][1m] [C] [elfmaster/static_binary_mitigations](https://github.com/elfmaster/static_binary_mitigations) applies RELRO to static binaries, and static_to_dyn.c applies ASLR to static binaries.
- [**26**Star][3y] [Ruby] [eik00d/reverse_dns_shellcode](https://github.com/eik00d/reverse_dns_shellcode) Revrese DNS payload for Metasploit: Download Exec x86 shellcode. Also DNS Handler and VBS bot (alsow working over DNS) as PoC included.
- [**26**Star][2y] [eclypsium/publications](https://github.com/eclypsium/publications) Slides, papers, etc
- [**26**Star][8m] [ebiquity/unified-cybersecurity-ontology](https://github.com/ebiquity/unified-cybersecurity-ontology) Unified Cybersecurity Ontology
- [**26**Star][5m] [Py] [dsnezhkov/octohook](https://github.com/dsnezhkov/octohook) Git Web Hook Tunnel for C2
- [**26**Star][29d] [Go] [dsnet/sshtunnel](https://github.com/dsnet/sshtunnel) SSH daemon for creating forward and reverse tunnels.
- [**26**Star][3m] [Py] [drbeni/malquarium](https://github.com/drbeni/malquarium) Malquarium - Modern Malware Repository
- [**26**Star][5m] [C++] [dragonfive/opencv_tld](https://github.com/dragonfive/opencv_tld) tracking-learning-detection 
- [**26**Star][5m] [PS] [dpaulson45/exchangelogcollector](https://github.com/dpaulson45/exchangelogcollector) Exchange Log Collection Script
- [**26**Star][29d] [Arduino] [dparnell/esp8266-ser2net](https://github.com/dparnell/esp8266-ser2net) An ESP8266 WiFi accessible serial port
- [**26**Star][15d] [C++] [dougallj/dj_ida_plugins](https://github.com/dougallj/dj_ida_plugins) Plugins for IDA Pro and Hex-Rays
- [**26**Star][11d] [C++] [dns-oarc/dnsmeter](https://github.com/dns-oarc/dnsmeter) Tool for testing performance of nameservers
- [**26**Star][4m] [digitaldisarray/osint-tools](https://github.com/digitaldisarray/osint-tools) 
- [**26**Star][3m] [TS] [dialogs/electron-ssl-pinning](https://github.com/dialogs/electron-ssl-pinning) Prevents MITM in Electron applications
- [**26**Star][4m] [JS] [dg92/graphql-nodejs-modular-kit](https://github.com/dg92/graphql-nodejs-modular-kit) 
- [**26**Star][24d] [C] [devilogic/xvirus](https://github.com/devilogic/xvirus) 一个早期的抗启发式查杀的WIN32免杀壳
- [**26**Star][1y] [Ruby] [dev-sec/chef-postgres-hardening](https://github.com/dev-sec/chef-postgres-hardening) This chef cookbook provides security configuration for PostgreSQL.
- [**26**Star][4m] [Py] [desword/pwn_execrise](https://github.com/desword/pwn_execrise) A collection of pwn execrise
- [**26**Star][1y] [C] [defuse/yescrypt](https://github.com/defuse/yescrypt) Non-C Implementations of the yescrypt KDF.
- [**26**Star][3m] [C++] [deeponion/deeponion](https://github.com/deeponion/deeponion) Official Source Repo for DeepOnion - Anonymous Cryptocurrency on TOR
- [**26**Star][20d] [Go] [darvid/nessusbeat](https://github.com/darvid/nessusbeat) A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.
- [**26**Star][4y] [Py] [cyberhatcoil/acf](https://github.com/cyberhatcoil/acf) Android Connections Forensics
- [**26**Star][2y] [JS] [cybellum/vulnerabilities](https://github.com/cybellum/vulnerabilities) Some of the vulnerabilities that were found by Cybellum platform
- [**26**Star][2y] [C++] [cyanidee/snowflake](https://github.com/cyanidee/snowflake) A simple CSGO cheat base written in mind of begginers.
- [**26**Star][4m] [Py] [cube0x8/chrome_ragamuffin](https://github.com/cube0x8/chrome_ragamuffin) Google Chrome internals analysis using Volatility
- [**26**Star][6m] [C++] [cpasjuste/scummvm](https://github.com/cpasjuste/scummvm) ScummVM main repository
- [**26**Star][3m] [JS] [coincheckup/crypto-supplies](https://github.com/coincheckup/crypto-supplies) Cryptocurrency circulating, maximum and total supplies
- [**26**Star][8m] [PS] [codingo/sharepoint-security](https://github.com/codingo/sharepoint-security) A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.
- [**26**Star][4m] [C#] [cocowalla/snifter](https://github.com/cocowalla/snifter) Snifter is a raw socket IP packet capturing tool for Windows, with a tiny CPU and memory footprint
- [**26**Star][11d] [Py] [ciscodevnet/sdwan-devops](https://github.com/ciscodevnet/sdwan-devops) SD-WAN DevOps Tools
- [**26**Star][6m] [Go] [chrisdefourire/tlsproxy](https://github.com/chrisdefourire/tlsproxy) Let's encrypt automatic Docker HTTP and TCP proxy
- [**26**Star][9m] [JS] [chaitin/sqlchop-http-proxy](https://github.com/chaitin/sqlchop-http-proxy) SQLChop reverse http proxy module
- [**26**Star][20d] [Verilog] [cebarnes/cordic](https://github.com/cebarnes/cordic) An implementation of the CORDIC algorithm in Verilog.
- [**26**Star][4m] [cbrunsch/wmbus-sniffer-muc](https://github.com/cbrunsch/wmbus-sniffer-muc) Source code of the demonstration programs showed in the Black Hat '13 presentation "Energy fraud and orchestrated blackouts: Issues with wireless metering protocols (WM-BUS)" by Cyrill Brunschwiler
- [**26**Star][14d] [JS] [calvinvon/dalao-proxy](https://github.com/calvinvon/dalao-proxy) 全新 v1.0.0-beta 版本正在测试中，首页文档还未更新(v0.9.12)
- [**26**Star][5m] [Java] [calebfenton/androidemulatordetect](https://github.com/calebfenton/androidemulatordetect) Android Emulator Detection
- [**26**Star][2y] [ObjC] [boxproject/box-staff-manager](https://github.com/boxproject/box-staff-manager) Employee App is used for initialize transactions, user management, authorise flow so that enteripise digital assets can be managed by stakeholders and partners.
- [**26**Star][3m] [bountymachine/about](https://github.com/bountymachine/about) A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
- [**26**Star][4m] [Py] [bounteous/libenom](https://github.com/bounteous/libenom) 
- [**26**Star][7m] [C++] [boegel/mica](https://github.com/boegel/mica) a Pin tool for collecting microarchitecture-independent workload characteristics
- [**26**Star][2y] [PHP] [blackfan/jpg_payload](https://github.com/blackfan/jpg_payload) 
- [**26**Star][7m] [blackbagtech/sleuthkit-apfs](https://github.com/blackbagtech/sleuthkit-apfs) A fork of The Sleuthkit with Pooled Storage and APFS support. See
- [**26**Star][6m] [JS] [bkimminich/webappsec-nutshell](https://github.com/bkimminich/webappsec-nutshell) An ultra-compact intro (or refresher) to Web Application Security.
- [**26**Star][2m] [bkerler/slides_and_papers](https://github.com/bkerler/slides_and_papers) Here be dragons. Or Slides. Or Papers. Or Nothing :)
- [**26**Star][9m] [Py] [bipabo1l/ssrf_scan](https://github.com/bipabo1l/ssrf_scan) 多线程批量扫描ssrf漏洞
- [**26**Star][18d] [C] [bfosterjr/windowsrtdev](https://github.com/bfosterjr/windowsrtdev) 
- [**26**Star][4m] [Py] [beatsbears/pkl](https://github.com/beatsbears/pkl) A simple Python Keylogger for macOS
- [**26**Star][1m] [HTML] [beardog108/snow10](https://github.com/beardog108/snow10) Use whitespace and unicode chars for steganography
- [**26**Star][2y] [C] [bazad/ctl_ctloutput-leak](https://github.com/bazad/ctl_ctloutput-leak) CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.
- [**26**Star][5y] [Py] [bastkerg/recomp](https://github.com/bastkerg/recomp) IDA recompiler（No Documentation）
- [**26**Star][3y] [C] [azuregreen/arktooldrv](https://github.com/azuregreen/arktooldrv) An ark tool's driver
- [**26**Star][2m] [Py] [az0ne/autoexp_plc](https://github.com/az0ne/autoexp_plc) omron工控设备漏洞批量验证
- [**26**Star][3y] [C] [avalon1610/alpc](https://github.com/avalon1610/alpc) Advance LPC
- [**26**Star][2m] [JS] [auth0-blog/nextjs-got](https://github.com/auth0-blog/nextjs-got) A simple nextjs application that showcases Game of Thrones Characters
- [**26**Star][4m] [Py] [aurore54f/jast](https://github.com/aurore54f/jast) Syntactic detection of malicious (obfuscated) JavaScript files
- [**26**Star][11m] [atktgs/blackhat2015arsenal](https://github.com/atktgs/blackhat2015arsenal) My Quick Note of BlackHat 2015 Arsenal
- [**26**Star][7m] [Ruby] [arkadiyt/ssrf_filter](https://github.com/arkadiyt/ssrf_filter) A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
- [**26**Star][3m] [C] [arizvisa/ndk](https://github.com/arizvisa/ndk) A local copy of Alex Ionescu's seemingly abandoned native-nt-toolkit project containing knowledge inherited from the ReactOS project.
- [**26**Star][7m] [Py] [aniketp/network-programming](https://github.com/aniketp/network-programming) Small Projects on Socket Programming, Website Scanning, Wireless & Network Security
- [**26**Star][1y] [Jupyter Notebook] [andykamath/nfl-data-hacking](https://github.com/andykamath/nfl-data-hacking) Algorithmically draft NFL players for your fantasy league!
- [**26**Star][3y] [JS] [an0ny420/ps4-4.0x--4.05-code-execution-poc](https://github.com/an0ny420/ps4-4.0x--4.05-code-execution-poc) 4.05 added support
- [**26**Star][2y] [Go] [ammario/fastpass](https://github.com/ammario/fastpass) A password manager that gets you logged in quickly
- [**26**Star][4m] [Jupyter Notebook] [amiralis/pycon2017_crypto_tutorial](https://github.com/amiralis/pycon2017_crypto_tutorial) Applied Modern Cryptography in Python (PyCon 2017)
- [**26**Star][3y] [C] [alpackers/ctf-writeups](https://github.com/alpackers/ctf-writeups) CTF Writeups
- [**26**Star][1m] [Rust] [aloxaf/rbkcrack](https://github.com/aloxaf/rbkcrack) Crack legacy zip encryption with Biham and Kocher's known plaintext attack. 使用明文攻击破解加密的 zip 文件
- [**26**Star][1m] [Py] [allglorytothehypnotoad/netscan2](https://github.com/allglorytothehypnotoad/netscan2) active / passive network scanner
- [**26**Star][5y] [Py] [alfarom/nmap](https://github.com/alfarom/nmap) python nmap tool to scan hosts and search
for CVE details based on the nmap report.
- [**26**Star][6m] [Py] [alfa100001/-cve-2017-0785-blueborne-poc](https://github.com/alfa100001/-cve-2017-0785-blueborne-poc) CVE-2017-0785 BlueBorne PoC
- [**26**Star][1y] [JS] [alexhorn/defendjs](https://github.com/alexhorn/defendjs) A free and open source JavaScript and Node.js obfuscator.
- [**26**Star][20d] [Py] [aff4/pyaff4](https://github.com/aff4/pyaff4) The Python implementation of the AFF4 standard.
- [**26**Star][10d] [Shell] [adnanhodzic/anon-hotspot](https://github.com/adnanhodzic/anon-hotspot) On demand Debian Linux (Tor) Hotspot setup tool
- [**26**Star][6m] [Py] [adanvillarreal/spydan](https://github.com/adanvillarreal/spydan) A web spider for shodan.io without using the Developer API.
- [**26**Star][4m] [Py] [abatchy17/rop-emporium](https://github.com/abatchy17/rop-emporium) Solutions for ROP Emporium challenges (
- [**26**Star][4y] [HTML] [4b5f5f4b/pocs](https://github.com/4b5f5f4b/pocs) 
- [**26**Star][5m] [PS] [3gstudent/hide-process-by-kd.exe](https://github.com/3gstudent/hide-process-by-kd.exe) powershell to hide process by kd.exe
- [**26**Star][2y] [JS] [0xsobky/regaxor](https://github.com/0xsobky/regaxor) A regular expression fuzzer.
- [**26**Star][24d] [Py] [0x00string/oldays](https://github.com/0x00string/oldays) public exploits
- [**26**Star][2y] [Py] [0verl0ad/dumb0](https://github.com/0verl0ad/dumb0) A simple tool to dump users in popular forums and CMS :)
- [**25**Star][10d] [Shell] [zricethezav/gitleaks-action](https://github.com/zricethezav/gitleaks-action) run gitleaks in a gitleaks action
- [**25**Star][12d] [dactivllc/osquery-in-a-box](https://github.com/dactivllc/osquery-in-a-box) Simple Docker-based quickstart for osquery, Fleet, and ELK stack
- [**25**Star][12d] [HTML] [muellermartin/nosystemd.org](https://github.com/muellermartin/nosystemd.org) Website for arguments against systemd and further resources
- [**25**Star][1m] [Go] [lucasmenendez/gop2p](https://github.com/lucasmenendez/gop2p) Simple Peer-to-Peer implementation in go
- [**25**Star][18d] [C++] [c4fe/glua-steal](https://github.com/c4fe/glua-steal) A cross-platform Garry's Mod tool to download a server's Lua files
- [**25**Star][23d] [C] [gentoo/pax-utils](https://github.com/gentoo/pax-utils) [MIRROR] ELF related utils for ELF 32/64 binaries that can check files for security relevant properties
- [**25**Star][10d] [Py] [torproject/chutney](https://github.com/torproject/chutney) unofficial git repo -- report bugs/issues/pull requests on
- [**25**Star][21d] [Py] [luisramirez-m/mercadolibre-scrapy](https://github.com/luisramirez-m/mercadolibre-scrapy) Tutorial de Extracción de Datos en Mercado Libre con Scrapy (Framework de Python)
- [**25**Star][5m] [C#] [nyan-x-cat/csharp-runpe](https://github.com/nyan-x-cat/csharp-runpe) Hide malware behind a legit process C#
- [**25**Star][27d] [Go] [lucasepe/go-ps4](https://github.com/lucasepe/go-ps4) Search your favorite PS4 games from Playstation Store using the Command Line
- [**25**Star][10d] [Java] [chenerzhu/common-secure](https://github.com/chenerzhu/common-secure) 提供一些加密算法java代码封装 包括 RSA/AES/DES/3DES/MD5/SHA/HmacSHA256
- [**25**Star][3m] [Py] [conan-community/conan-openssl](https://github.com/conan-community/conan-openssl) [OBSOLETE] The recipe is now in
- [**25**Star][21d] [TS] [luccasr73/ionic-escpos-bluetooth-printer-sample](https://github.com/luccasr73/ionic-escpos-bluetooth-printer-sample) Sample use of ionic 3 with a bluetooth esc/pos thermal printer
- [**25**Star][4m] [PHP] [wikimedia/ahocorasick](https://github.com/wikimedia/ahocorasick) A PHP implementation of the Aho-Corasick string search algorithm. Mirror from
- [**25**Star][19d] [Py] [misterdaneel/pysoxy](https://github.com/misterdaneel/pysoxy) A small Socks5 Proxy Server in Python
- [**25**Star][4m] [Py] [c0d3d3v/moodle-downloader](https://github.com/c0d3d3v/moodle-downloader) A Moodle Crawler that downloads course content from Moodle (eg. lecture pdfs)
- [**25**Star][3m] [Pascal] [stievie/pesp](https://github.com/stievie/pesp) Pascal Executable Parser
- [**25**Star][25d] [C] [akagi201/hmac-sha1](https://github.com/akagi201/hmac-sha1) Standalone implementation of `HMAC()` + `EVP_sha1()` in `OpenSSL`
- [**25**Star][3m] [JS] [bockp/edge-detection-project](https://github.com/bockp/edge-detection-project) Tiny Image in Javascript - Edge Detection Algorithms
- [**25**Star][1m] [Py] [alcir/microbit-ble](https://github.com/alcir/microbit-ble) Read data from micro:bit using Bluetooth from Linux
- [**25**Star][12d] [zkqiang/crawler-chrome-extensions](https://github.com/zkqiang/crawler-chrome-extensions) 爬虫工程师常用的 Chrome 插件 | Chrome extensions used by crawler developer
- [**25**Star][6m] [Java] [luborliu/dbscansd](https://github.com/luborliu/dbscansd) Java implementation for DBSCANSD, a trajectory clustering algorithm.
- [**25**Star][1m] [JS] [jcane86/motor-hat](https://github.com/jcane86/motor-hat) Node Module to control Adafruits MotorHAT for the RaspberryPi
- [**25**Star][2m] [Py] [beomi/simple_bank_korea](https://github.com/beomi/simple_bank_korea) simple crawler for Korean banks with Transactions
- [**25**Star][5m] [Py] [quangthanh010290/bl_keyboard_rpi](https://github.com/quangthanh010290/BL_keyboard_RPI) Bluetooth Keyboard Emulator on Raspberry Pi
- [**25**Star][2m] [Py] [thu-pacman/gscholar-citations-crawler](https://github.com/thu-pacman/gscholar-citations-crawler) Crawl all your citations from Google Scholar
- [**25**Star][2m] [Py] [debugtalk/webcrawler](https://github.com/debugtalk/webcrawler) A web crawler based on requests-html, mainly targets for url validation test.
- [**25**Star][30d] [Ruby] [itay-grudev/encryption](https://github.com/itay-grudev/encryption) A simple wrapper for the OpenSSL Cipher library for Ruby and Rails applications. Distributed as a Gem through Rubygems.
- [**25**Star][24d] [Py] [rldotai/rl-algorithms](https://github.com/rldotai/rl-algorithms) Reinforcement learning algorithms
- [**25**Star][10d] [C#] [algerdu/spider](https://github.com/algerdu/spider) 自定义可扩展爬虫
- [**25**Star][9m] [JS] [sbarre/proxy-local-assets](https://github.com/sbarre/proxy-local-assets) BrowserSync-based Gulpfile to inject local development assets into a remote site
- [**25**Star][2m] [Py] [hymanme/subbranch-china](https://github.com/hymanme/subbranch-china) 银行、支行名称。中国各地区各银行支行名称数据爬虫，数据来源微信商户平台，已经整理可直接导入的sql文件
- [**25**Star][16d] [v3l0c1r4pt0r/lkv-wiki](https://github.com/v3l0c1r4pt0r/lkv-wiki) LKV373A and similar reverse engineering wiki
- [**25**Star][20d] [Kotlin] [beepiz/blescancoroutines](https://github.com/beepiz/blescancoroutines) Easier and safer Bluetooth Low Energy scanning with Kotlin coroutines.
- [**25**Star][20d] [Java] [ivan-markovic/android-task-injection](https://github.com/ivan-markovic/android-task-injection) Task Hijacking in Android (somebody call it also StrandHogg vulnerability)
- [**25**Star][1m] [Go] [jamesbcook/proxy-ng](https://github.com/jamesbcook/proxy-ng) 
- [**25**Star][3m] [JS] [7596ff/listen-bot](https://github.com/7596ff/listen-bot) a dota related discord bot
- [**25**Star][6m] [JS] [situmorang-com/whatsapp-group-contacts-scraper](https://github.com/situmorang-com/whatsapp-group-contacts-scraper) How to scrap whatsapp group contacts from
- [**25**Star][4m] [Py] [mahmoudparsian/pyspark-algorithms](https://github.com/mahmoudparsian/pyspark-algorithms) PySpark Algorithms Book:
- [**25**Star][2m] [C++] [integeruser/fp-growth](https://github.com/integeruser/fp-growth) A C++ implementation of the FP-growth algorithm
- [**25**Star][2m] [typisttech/trellis-cloudflare-origin-ca](https://github.com/typisttech/trellis-cloudflare-origin-ca) Add Cloudflare Origin CA to Trellis as SSL provider
- [**25**Star][3m] [Py] [tweag/clodl](https://github.com/tweag/clodl) Turn dynamically linked ELF binaries and libraries into self-contained closures.
- [**25**Star][3m] [Stata] [uber/trucking-labor-analysis](https://github.com/uber/trucking-labor-analysis) An economic analysis of the potential effects on the trucking labor market from self-driving trucks.
- [**25**Star][9d] [Py] [elementzonline/raspberrypi-sample-codes](https://github.com/elementzonline/raspberrypi-sample-codes) samples codes for interfacing RaspberryPi with hardware modules by Elementz
- [**25**Star][5m] [Swift] [arthuryidi/bluetooth-keyboard-emulator](https://github.com/arthuryidi/bluetooth-keyboard-emulator) Swift Bluetooth HID Keyboard Emulator
- [**25**Star][1m] [Py] [wshuail/reinforcement_learning_with_tensorflow](https://github.com/wshuail/reinforcement_learning_with_tensorflow) Minimal implementations of reinforcement learning algorithms by Tensorflow
- [**25**Star][18d] [TSQL] [kangvcar/pyproject](https://github.com/kangvcar/pyproject) Python爬虫小项目汇总（招聘信息/电影信息/股票信息/天气信息/贴吧信息/图片信息/视频信息..）
- [**25**Star][4m] [Go] [saturnsvoid/live-desktop-capture](https://github.com/saturnsvoid/live-desktop-capture) A Live Desktop Capture using Go and WebSockets
- [**25**Star][7m] [Swift] [daqiuqiu/irayx](https://github.com/daqiuqiu/irayx) 
- [**25**Star][1m] [C++] [dannagle/cryptoknife](https://github.com/dannagle/cryptoknife) All-in-one, portable, collection of general-purpose cryptography tools
- [**25**Star][4m] [CSS] [hacks-guide/guide_vita](https://github.com/hacks-guide/guide_vita) A complete guide to PS Vita (TV) custom firmware, from stock to HENkaku Ensō.
- [**25**Star][4m] [Py] [zhourunlai/sentiment](https://github.com/zhourunlai/sentiment) The "citizen journalists" in the social media produce the content. This library uses Scikit-Learn and Spark MLlib to analyze the emotional sentiment of the text data.
- [**25**Star][13d] [Py] [juliettef/enkiws](https://github.com/juliettef/enkiws) Web Services for game developers on Google App Engine
- [**25**Star][1y] [Go] [wusuopubupt/go_spider](https://github.com/wusuopubupt/go_spider) A golang spider
- [**25**Star][18d] [Shell] [kennedy69/imgbackdoor](https://github.com/kennedy69/imgbackdoor) Hide your payload into .jpg file
- [**25**Star][1m] [HTML] [iaik/interruptjs](https://github.com/iaik/interruptjs) Practical Keystroke Timing Attacks in Sandboxed JavaScript
- [**25**Star][3m] [Py] [d4vinci/twitter-info](https://github.com/d4vinci/twitter-info) A simple python script to grab twitter account info just by username or profile link
- [**25**Star][18d] [HTML] [pwn20wndstuff/pwn20wndstuff.github.io](https://github.com/pwn20wndstuff/pwn20wndstuff.github.io) 
- [**25**Star][9m] [C++] [stealth/pam_schroedinger](https://github.com/stealth/pam_schroedinger) Uncertainty for brute forcers during login.
- [**25**Star][13d] [Py] [nextronsystems/valhallaapi](https://github.com/nextronsystems/valhallaapi) Valhalla API Client
- [**25**Star][15d] [Py] [mozillasecurity/avalanche](https://github.com/mozillasecurity/avalanche) Avalanche is a document generator which uses context-free grammars to generate randomized outputs for fuzz-testing.
- [**25**Star][29d] [Py] [epsylon/orb](https://github.com/epsylon/orb) Orb is a massive footprinting tool.
- [**25**Star][5m] [C#] [yck1509/dnexplorer](https://github.com/yck1509/dnexplorer) A simple viewer of modules using dnlib.
- [**25**Star][1m] [Py] [lunixbochs/meta](https://github.com/lunixbochs/meta) code sometimes leaks into the space between projects
- [**25**Star][4m] [Haskell] [galoisinc/elf-edit](https://github.com/galoisinc/elf-edit) The elf-edit library provides a datatype suitable for reading and writing Elf files.
- [**25**Star][5m] [Java] [stealthcopter/steganography](https://github.com/stealthcopter/steganography) Android Steganography Library
- [**25**Star][6m] [C++] [cr4sh/simpleunpacker](https://github.com/cr4sh/simpleunpacker) Simple tool for unpacking packed/protected malware executables.
- [**25**Star][11d] [Py] [autotest/tp-qemu](https://github.com/autotest/tp-qemu) Virt Test Provider for qemu and other related virtualization backends
- [**25**Star][11m] [gdbinit/adium-ng-preview](https://github.com/gdbinit/adium-ng-preview) Repo to dump some preview info and builds for adium-ng
- [**25**Star][2m] [C] [tmk/whitefox](https://github.com/tmk/whitefox) Keyboard firmware for matt3o's WhiteFox -- This won't be updated actively, see
- [**25**Star][5m] [AGS Script] [emsec/scatools](https://github.com/emsec/scatools) Open tools for side-channel analysis and related techniques. Currently, this repository contains: 1) A near-field EM probe amplifier circuit
- [**25**Star][2y] [ObjC] [kpwn/rapd2](https://github.com/kpwn/rapd2) simple radare2 rap:// server
- [**25**Star][3y] [Java] [travisgoodspeed/md380tool](https://github.com/travisgoodspeed/md380tool) An Android client for the patched 'md380tools' firmware.
- [**25**Star][3m] [C++] [dodola/dinlinehook](https://github.com/dodola/dinlinehook) simple art inline hook
- [**25**Star][2m] [C] [elceef/dhcpf](https://github.com/elceef/dhcpf) Passive DHCP fingerprinting implementation
- [**25**Star][12d] [JS] [xrivendell/blue-bird](https://github.com/xrivendell/blue-bird) Free open-source Counter-Strike: Global Offensive simple external cheat base created in Node.js using memory.js package.
- [**25**Star][12m] [JS] [axynos/stark](https://github.com/axynos/stark) CSGO Audio File playback and Text-to-Speech
- [**25**Star][16d] [Py] [natescarlet/gfwlist.acl](https://github.com/natescarlet/gfwlist.acl) 
- [**25**Star][8m] [C#] [zjyl1994/v2switcher](https://github.com/zjyl1994/v2switcher) 极简V2Ray配置切换器，拯救多线用户
- [**25**Star][3m] [Py] [torproject/stem](https://github.com/torproject/stem) Python controller library for Tor
- [**25**Star][24d] [JS] [immrmonero/coin-imp](https://github.com/immrmonero/coin-imp) A Simple Miner to Mine Cryptocurrencies using CoinImp in Node.js
- [**25**Star][2m] [JS] [andreas0607/coinhive-blocker](https://github.com/andreas0607/coinhive-blocker) Blocks unwanted cryptominers in your browser (plug-in)
- [**25**Star][1m] [Py] [yeswehack/yesweburp](https://github.com/yeswehack/yesweburp) YesWeHack Api Extension for Burp
- [**25**Star][9m] [C] [clockfort/wifi-locator](https://github.com/clockfort/wifi-locator) Determines physical location of station judging from 802.11 beacons' BSSID/Signal/Noise/Quality information.
- [**25**Star][7m] [Py] [kismon/kismon](https://github.com/kismon/kismon) A GUI client for kismet
- [**25**Star][11d] [the-champions-of-capua/pen-tool](https://github.com/the-champions-of-capua/pen-tool) 渗透工具使用教程，结合 vulhub, dvwa, metasploitable3 等靶场使用， 涵盖工具有菜刀，msf, sqlmap 等等。
- [**25**Star][11d] [malwaretech/beginner-reversing-challenges](https://github.com/malwaretech/beginner-reversing-challenges) 
- [**25**Star][2m] [brycethomas/liber80211](https://github.com/brycethomas/liber80211) 802.11 monitor mode for Android without root.
- [**25**Star][3m] [C] [intika-linux-proxy/proxybound](https://github.com/intika-linux-proxy/proxybound) Linux applications proxifier
- [**25**Star][26d] [Py] [circl/forensic-tools](https://github.com/circl/forensic-tools) CIRCL system forensic tools or a jumble of tools to support forensic
- [**25**Star][1m] [C#] [dotnet/symreader-converter](https://github.com/dotnet/symreader-converter) Converts between Windows PDB and Portable PDB formats.
- [**25**Star][14d] [Py] [malor/cpython-lldb](https://github.com/malor/cpython-lldb) LLDB extension for debugging of CPython processes
- [**25**Star][2m] [C#] [lowleveldesign/concerto](https://github.com/lowleveldesign/concerto) A command line tool and a library to generate TLS certificates for development purposes.
- [**25**Star][1m] [AutoIt] [yaseralnajjar/ida-msdn-helper](https://github.com/yaseralnajjar/IDA-MSDN-helper) IDA Pro MSDN Helper
- [**25**Star][2y] [Py] [avicoder/hackerone](https://github.com/avicoder/Hackerone) Hackerone disclosed report URL Aggregator
- [**25**Star][9m] [retbandit-zz/blackhat2017](https://github.com/retbandit-zz/BlackHat2017) BlackHat Europe 2017 Slides
- [**25**Star][6y] [Py] [5ee/socialengineerdbuilder](https://github.com/5ee/SocialEngineerDBuilder) 整理社工库的工具
- [**25**Star][5m] [C] [hatching/tracy](https://github.com/hatching/tracy) tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
- [**25**Star][1m] [Py] [loveraven42/tools](https://github.com/loveraven42/tools) 渗透所用小工具以及poc
- [**25**Star][1m] [Rust] [auth0-blog/rust-api-example](https://github.com/auth0-blog/rust-api-example) Example of a RESTful API in Rust
- [**25**Star][2m] [Py] [avast/retdec-regression-tests-framework](https://github.com/avast/retdec-regression-tests-framework) A framework for writing and running regression tests for RetDec and related tools.
- [**25**Star][6y] [C] [whyallyn/paythepony](https://github.com/whyallyn/paythepony) Pay the Pony is hilarityware that uses the Reflective DLL injection library to inject into a remote process, encrypt and demand a ransom for files, and inflict My Little Pony madness on a system.
- [**25**Star][2m] [zyrikby/android_permission_evolution](https://github.com/zyrikby/android_permission_evolution) Analysis of the evolution of Android permissions. This repository contains the results presented in the paper "Small Changes, Big Changes: An Updated View on the Android Permission System".
- [**25**Star][9m] [Py] [zyantific/continuum](https://github.com/zyantific/continuum) Plugin adding multi-binary project support to IDA Pro (WIP)
- [**25**Star][30d] [Py] [zigzag2050/mzphp2-deobfuscator](https://github.com/zigzag2050/mzphp2-deobfuscator) A de-obfuscate tool for code generated by mzphp2. 用于解混淆mzphp2加密的php文件的工具。
- [**25**Star][1m] [C++] [zhutoulala/vulnscan](https://github.com/zhutoulala/vulnscan) A static binary vulnerability scanner
- [**25**Star][5y] [Py] [zhengmin1989/droidanalytics](https://github.com/zhengmin1989/droidanalytics) linux version (rewrite in Python)
- [**25**Star][2m] [C] [zapotek/cdpsnarf](https://github.com/zapotek/cdpsnarf) CDPSnarf is a network sniffer exclusively written to extract information from CDP (Cisco Discovery Protocol) packets.
- [**25**Star][6m] [Py] [yannayl/ctf-writeups](https://github.com/yannayl/ctf-writeups) Write ups of solution for CTF challenges I solved
- [**25**Star][5m] [xyntax/slides](https://github.com/xyntax/slides) My public presentation slides.
- [**25**Star][1m] [JS] [xvincentx/apigateway-playground](https://github.com/xvincentx/apigateway-playground) Resilient microservice API with REST and API Gateway
- [**25**Star][5m] [C++] [xpn/rpcenum](https://github.com/xpn/rpcenum) An command-line RPC method enumerator, born out of RPCView's awesomeness
- [**25**Star][4m] [Py] [xorpd/fcatalog_server](https://github.com/xorpd/fcatalog_server) Functions Catalog
- [**25**Star][6m] [TS] [woza-lab/woza](https://github.com/woza-lab/woza) [Deprecated]Dump application ipa from jailbroken iOS based on frida. (Node edition)
- [**25**Star][4m] [woodspeed/pentest](https://github.com/woodspeed/pentest) 
- [**25**Star][11d] [Py] [webbreacher/emailwhois](https://github.com/webbreacher/emailwhois) Look up an email domain (@example.com), using Python, across all known domains.
- [**25**Star][5m] [PHP] [wapmorgan/binarystream](https://github.com/wapmorgan/binarystream) BinaryStream - a writer and reader for binary data. Best replacement for pack()/unpack().
- [**25**Star][13d] [Py] [w00t3k/insp3ctor](https://github.com/w00t3k/insp3ctor) AWS S3 Bucket/Object Finder
- [**25**Star][2m] [Dockerfile] [vmayoral/basic_robot_cybersecurity](https://github.com/vmayoral/basic_robot_cybersecurity) An introductory series of cybersecurity for robots with a somewhat comprehensive step-by-step tutorials.
- [**25**Star][5m] [C] [visweswaran1998/cybergod-ksgmprh](https://github.com/visweswaran1998/cybergod-ksgmprh) An open-source antivirus for windows
- [**25**Star][4m] [Go] [virustotal/vt-go](https://github.com/virustotal/vt-go) The official Go client library for VirusTotal API
- [**25**Star][5y] [JS] [vector35/hackinggames](https://github.com/vector35/hackinggames) Hacking Games in a Hacked Game
- [**25**Star][1y] [Java] [vankyver/burp-vulners-scanner](https://github.com/vankyver/burp-vulners-scanner) Burp scanner plugin based on Vulners.com vulnerability database
- [**25**Star][23d] [Swift] [universonic/shadowsocks-macos](https://github.com/universonic/shadowsocks-macos) Shadowsocks Client for Apple macOS
- [**25**Star][6m] [C] [underhandedcrypto/entries](https://github.com/underhandedcrypto/entries) A browsable archive of all Underhanded Crypto Contest entries.
- [**25**Star][4m] [PHP] [matricali/uboat-panel](https://github.com/matricali/UBoat-Panel) Panel for the HTTP botnet UBoat -
- [**25**Star][1m] [C++] [trustonic/trustonic-tee-user-space](https://github.com/trustonic/trustonic-tee-user-space) Android user space components for the Trustonic Trusted Execution Environment
- [**25**Star][5m] [C] [true-systems/om5p-ac-v2-unlocker](https://github.com/true-systems/om5p-ac-v2-unlocker) Open Mesh OM5P-AC v2 Unlocker (U-Boot 1.1.4 based)
- [**25**Star][6m] [Py] [trailofbits/objcgraphview](https://github.com/trailofbits/objcgraphview) A graph view plugin for Binary Ninja to visualize Objective-C
- [**25**Star][7y] [Py] [tosanjay/bopfunctionrecognition](https://github.com/tosanjay/bopfunctionrecognition) plugin to BinNavi tool to analyze a x86 binanry file to find buffer overflow prone functions. Such functions are important for vulnerability analysis.
- [**25**Star][1m] [Shell] [torworld/fastrelay](https://github.com/torworld/fastrelay) Making it easier to run your own Tor Relay Node.
- [**25**Star][6y] [Java] [thypon/androidfuzz](https://github.com/thypon/androidfuzz) JavaFuzz 4 Android
- [**25**Star][4m] [Py] [thoughtfuldev/supergirloncrypt](https://github.com/thoughtfuldev/supergirloncrypt) CryptoTrojan in Python (For educational purpose ONLY)
- [**25**Star][2m] [Py] [thomaskeck/pyshellcode](https://github.com/thomaskeck/pyshellcode) Execute ShellCode / "Inline-Assembler" in Python
- [**25**Star][14d] [C++] [thecybermind/ipredir](https://github.com/thecybermind/ipredir) IP redirection+NAT for Windows
- [**25**Star][1y] [C#] [technikempire/citadelcore](https://github.com/technikempire/citadelcore) Cross platform filtering HTTP/S proxy based on .NET Standard 2.0.
- [**25**Star][4m] [Py] [teamseri0us/pocs](https://github.com/teamseri0us/pocs) 
- [**25**Star][3y] [LLVM] [syreal17/cardinal](https://github.com/syreal17/cardinal) Similarity Analysis to Defeat Malware Compiler Variations
- [**25**Star][2y] [C#] [symbolsource/symbolsource](https://github.com/symbolsource/symbolsource) 
- [**25**Star][12d] [Py] [steved3/kit_hunter](https://github.com/steved3/kit_hunter) A basic phishing kit scanner for dedicated and semi-dedicated hosting
- [**25**Star][9m] [C] [stefanesser/serialkdpproxy](https://github.com/stefanesser/serialkdpproxy) Improved version of David Elliott's SerialKDPProxy
- [**25**Star][21d] [Java] [spring-cloud/spring-cloud-scheduler](https://github.com/spring-cloud/spring-cloud-scheduler) 
- [**25**Star][2m] [Java] [spiderlabs/deface](https://github.com/spiderlabs/deface) A Java Server Faces (JSF) testing tool for decoding view state and creating view state attack vectors.
- [**25**Star][1m] [spchal/hacklu2018](https://github.com/spchal/hacklu2018) Telco training
- [**25**Star][5m] [Java] [sonatype/plexus-archiver](https://github.com/sonatype/plexus-archiver) 
- [**25**Star][4m] [Py] [somu1795/shodan_raspi](https://github.com/somu1795/shodan_raspi) Hack Raspberry Pi(s) across the world !
- [**25**Star][7m] [Ruby] [smiegles/certs](https://github.com/smiegles/certs) Parse X509 certificates to get the (sub)domains in it.
- [**25**Star][22d] [Py] [simonuvarov/expdev](https://github.com/simonuvarov/expdev) 
- [**25**Star][4m] [Swift] [shoheiyokoyama/lldb-debugging](https://github.com/shoheiyokoyama/lldb-debugging) The LLDB Debugging in C, Swift, Objective-C, Python and Xcode
- [**25**Star][3m] [Py] [shengqi158/weak_password_detect](https://github.com/shengqi158/weak_password_detect) 多线程探测弱密码程序
- [**25**Star][7m] [Shell] [shell-script/mtprotoproxy-onekey](https://github.com/shell-script/mtprotoproxy-onekey) MTPROTOPROXY EASY TO USE.
- [**25**Star][2m] [sharsi1/sublazerwlst](https://github.com/sharsi1/sublazerwlst) Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).
- [**25**Star][9m] [Py] [shakenetwork/mimipenguin](https://github.com/shakenetwork/mimipenguin) Mimipenguin密码抓取神器
- [**25**Star][8m] [HTML] [shahril96/online-assembler-disassembler](https://github.com/shahril96/online-assembler-disassembler) Online assembler and disassembler
- [**25**Star][6m] [shadowsocksr-rm/shadowsocksx-ng](https://github.com/shadowsocksr-rm/shadowsocksx-ng) Next Generation of ShadowsocksX
- [**25**Star][6m] [Py] [sghctoma/multipass](https://github.com/sghctoma/multipass) A small wriiteup and a PoC tool about how to use SO_REUSADDR for firewall evasion
- [**25**Star][4y] [JS] [sethsec/nodejs-ssrf-app](https://github.com/sethsec/nodejs-ssrf-app) Nodejs application intentionally vulnerable to SSRF
- [**25**Star][4m] [Py] [sensepost/dnserver](https://github.com/sensepost/dnserver) Simple development DNS server written in python
- [**25**Star][5m] [PHP] [secwiki/exp](https://github.com/secwiki/exp) 收集各种各样的exp
- [**25**Star][3y] [C] [seccon/seccon2016_online_ctf](https://github.com/seccon/seccon2016_online_ctf) SECCON2016 online CTF for public
- [**25**Star][6m] [scanfsec/cve-2018-15982](https://github.com/scanfsec/cve-2018-15982) Aggressor Script to launch IE driveby for CVE-2018-15982.
- [**25**Star][5y] [Py] [sash-ko/kaggle-malware-classification](https://github.com/sash-ko/kaggle-malware-classification) Kaggle "Microsoft Malware Classification Challenge". 6th place solution
- [**25**Star][2y] [C] [ryantenney/php7](https://github.com/ryantenney/php7) Hacking the PHP compiler and standard libraries in the name of turning it into a not crappy language. (Unofficial. No warranty whatsoever.)
- [**25**Star][8m] [C#] [rummykhan/sql-nightmare](https://github.com/rummykhan/sql-nightmare) SQL SERVER Exploitation.
- [**25**Star][4m] [Go] [rsrdesarrollo/sasshimi](https://github.com/rsrdesarrollo/sasshimi) SSH Tunnelling in "RAW mode", via STDIN/OUT without using forwarding channels
- [**25**Star][5y] [C++] [rootkitsmm/winio-vidix](https://github.com/rootkitsmm/winio-vidix) Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )
- [**25**Star][21d] [Py] [roo7break/serialator](https://github.com/roo7break/serialator) Python script to exploit CVE-2015-4852.
- [**25**Star][3y] [HTML] [ring04h/cia-hacking-tools](https://github.com/ring04h/cia-hacking-tools) WikiLeaks Vault 7 CIA Hacking Tools
- [**25**Star][23d] [Py] [rceninja/re-scripts](https://github.com/rceninja/re-scripts) 
    - [Hyperv-Scripts](https://github.com/rceninja/re-scripts/tree/master/scripts/Hyperv-Scripts) 
    - [IA32-MSR-Decoder](https://github.com/rceninja/re-scripts/tree/master/scripts/IA32-MSR-Decoder) an IDA script which helps you to find and decode all MSR codes inside binary files
    - [IA32-VMX-Helper](https://github.com/rceninja/re-scripts/tree/master/scripts/IA32-VMX-Helper) an IDA script (Updated IA32 MSR Decoder) which helps you to find and decode all MSR/VMCS codes inside binary files
- [**25**Star][20d] [Py] [rbeuque74/letsencrypt-ovh-hook](https://github.com/rbeuque74/letsencrypt-ovh-hook) Let's Encrypt hook for DNS validation for OVH domains
- [**25**Star][4m] [Py] [radare/diaphora](https://github.com/radare/diaphora) Diaphora, a Free and Open Source program diffing tool
- [**25**Star][2y] [Py] [prezi/django-zipkin](https://github.com/prezi/django-zipkin) [Unmaintained] A Django middleware and api for recording and sending messages to Zipkin
- [**25**Star][20d] [Java] [portswigger/taborator](https://github.com/portswigger/taborator) A Burp extension to show the Collaborator client in a tab
- [**25**Star][4m] [Py] [portswigger/burp-smart-buster](https://github.com/portswigger/burp-smart-buster) A Burp Suite content discovery plugin that add the smart into the Buster!
- [**25**Star][4y] [Java] [pokeolaf/pokemongodecoderforburp](https://github.com/pokeolaf/pokemongodecoderforburp) A simpe decoder to decode requests/responses made by PokemonGo in burp
- [**25**Star][9m] [Py] [pentestbox/scripts](https://github.com/pentestbox/scripts) 
- [**25**Star][1m] [HTML] [pdjstone/cloudpets-web-bluetooth](https://github.com/pdjstone/cloudpets-web-bluetooth) Demo of CloudPets toy functionality using Web Bluetooth
- [**25**Star][17d] [C++] [paladin-t/framepacker](https://github.com/paladin-t/framepacker) An open source implementation of a texture bin packing algorithm. It's similar to texture tools such as TexturePacker.
- [**25**Star][8m] [Py] [owtf/ptp](https://github.com/owtf/ptp) Pentester's Tools Parser (PTP) provides an unified way to retrieve the information from all (final goal) automated pentesting tools and assign an automated ranking for each finding.
- [**25**Star][3y] [C] [osandamalith/shellcodes](https://github.com/osandamalith/shellcodes) My Shellcode Archive
- [**25**Star][5y] [C] [osandamalith/imageexploiter](https://github.com/osandamalith/imageexploiter) Hide JavaScript inside your GIF and BMP images
- [**25**Star][12d] [Py] [operatorequals/chmod-stego](https://github.com/operatorequals/chmod-stego) A PoC on passing data through UNIX file privilege bits (RWX Triplets)
- [**25**Star][4y] [C] [opensise/cve_poc_collect](https://github.com/opensise/cve_poc_collect) 这里会收集各种类型的CVE PoC 和EXP ,仅用来学习漏洞挖掘相关技术..
- [**25**Star][9m] [Go] [opennota/hydra](https://github.com/opennota/hydra) Penetration testing tool. This repository has migrated to
- [**25**Star][4m] [C#] [nyan-x-cat/bitcoin-grabber](https://github.com/nyan-x-cat/bitcoin-grabber) Replace any XMR BTC ETH address in clipboard with yours. C#
- [**25**Star][2y] [Py] [nullarray/shogun](https://github.com/nullarray/shogun) Shodan.io Command Line Interface
- [**25**Star][12d] [JS] [nowsecure/frida-uiwebview](https://github.com/nowsecure/frida-uiwebview) Inspect and manipulate UIWebView-hosted GUIs through Frida.
- [**25**Star][7m] [Py] [noobiedog/dir-xcan](https://github.com/noobiedog/dir-xcan) Python version of OWASP's DirBuster Application.
- [**25**Star][2y] [C] [nkga/cheat-driver](https://github.com/nkga/cheat-driver) Kernel mode driver for reading/writing process memory. C/Win32.
- [**25**Star][11d] [Py] [njsmith/machomachomangler](https://github.com/njsmith/machomachomangler) Tools for mangling Mach-O and PE binaries
- [**25**Star][1m] [Py] [nihilus/idascope](https://github.com/nihilus/idascope)  An IDA Pro extension for easier (malware) reverse engineering（Bitbucket has newer version）
- [**25**Star][2y] [C++] [nccgroup/bleboy](https://github.com/nccgroup/bleboy) BLEBoy is a training tool to teach users about BLE security by providing a single BLE peripheral that can be used to experiment with each BLE pairing method and demonstrates GATT security concepts.
- [**25**Star][1m] [Py] [nccgroup/binja_dynamics](https://github.com/nccgroup/binja_dynamics) A PyQt5 frontend to the binjatron plugin for Binary Ninja that includes highlighting features aimed at making it easier for beginners to learn about reverse engineering
- [**25**Star][7m] [Shell] [nanqinlang-script/defender](https://github.com/nanqinlang-script/defender) simple scripts to provide defence
- [**25**Star][4m] [Py] [nairuzabulhul/keyplexer](https://github.com/nairuzabulhul/keyplexer) Capstone: Keylogger Trojan
- [**25**Star][4m] [TS] [mvasilkov/dwarfs2019](https://github.com/mvasilkov/dwarfs2019) Dwarfs
- [**25**Star][4m] [C++] [mtk911/attiny85](https://github.com/mtk911/attiny85) RubberDucky like payloads for DigiSpark Attiny85
- [**25**Star][2y] [Assembly] [mrfearless/apisearch-plugin-x86](https://github.com/mrfearless/apisearch-plugin-x86) APISearch Plugin (x86) - A Plugin For x64dbg
- [**25**Star][2y] [HTML] [moonagirl/ctf](https://github.com/moonagirl/ctf) 
- [**25**Star][4y] [C++] [moloch--/exploit-demos](https://github.com/moloch--/exploit-demos) How to write basic memory corruption exploits on Windows
- [**25**Star][1y] [Perl] [modernistik/nmap-parser](https://github.com/modernistik/nmap-parser) Parse nmap scan data with Perl (official repo)
- [**25**Star][12m] [Shell] [mk-fg/dracut-crypt-sshd](https://github.com/mk-fg/dracut-crypt-sshd) dracut initramfs module to start sshd on early boot to enter encryption passphrase from across the internets
- [**25**Star][4y] [Py] [milo2012/social-engineering-toys](https://github.com/milo2012/social-engineering-toys) Social Engineering Toys
- [**25**Star][4m] [C] [microsoft/modsecurity](https://github.com/microsoft/modsecurity) ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
- [**25**Star][4m] [Py] [merkjinx/saddam-plus-plus](https://github.com/merkjinx/saddam-plus-plus) open source DDoS Amplification Tool with scanners.
- [**25**Star][29d] [Py] [manhnho/brutality](https://github.com/manhnho/brutality) A fuzzer for any GET entries
- [**25**Star][7m] [Visual Basic] [malwares/sql](https://github.com/malwares/sql) SQLi Tool/SQL Injection/Hijacker
- [**25**Star][7m] [Shell] [lockedbyte/ddos2track](https://github.com/lockedbyte/ddos2track) A script to avoid HTTP Floods attacks, log the attacker IP Addresses and Traffic, and Send you an email to warn that you are behind an attack.
- [**25**Star][1m] [C] [libyal/libqcow](https://github.com/libyal/libqcow) Library and tools to access the QEMU Copy-On-Write (QCOW) image format
- [**25**Star][6m] [Py] [legbacore/t2e_integrity_check](https://github.com/legbacore/t2e_integrity_check) Integrity checking script for Apple Thunderbolt to Ethernet adapters, to check for attacks similar to Thunderstrike 2
- [**25**Star][9m] [C] [leetchicken/afl](https://github.com/leetchicken/afl) Unofficial American Fuzzy Lop repo
- [**25**Star][3m] [Rust] [le-jzr/sisyphos-kernel-uefi-x86_64](https://github.com/le-jzr/sisyphos-kernel-uefi-x86_64) A Rust kernel running on bare UEFI (no separate bootloader). Very early stage.
- [**25**Star][2m] [Py] [laanwj/dwarf_to_c](https://github.com/laanwj/dwarf_to_c) Tool to recover C headers (types, function signatures) from DWARF debug data
- [**25**Star][2y] [C] [ktemkin-archive/atmosphere](https://github.com/ktemkin-archive/Atmosphere) Atmosphère is a work-in-progress customized firmware for the Nintendo Switch.
- [**25**Star][9m] [Py] [kostrin/pillage](https://github.com/kostrin/pillage) Pillage is a multithreaded enumeration python script I created for the enumeration phase of penetration tests.
- [**25**Star][3m] [Shell] [kost/docker-moloch](https://github.com/kost/docker-moloch) A Docker container for Moloch based on minimal Debian
- [**25**Star][6m] [AutoIt] [kirlovon/devil-backdoor](https://github.com/kirlovon/devil-backdoor) Simple backdoor for public places, that uses a file system for communication. Just for fun!
- [**25**Star][4y] [Py] [kingtuna/hybrid-darknet-concept](https://github.com/kingtuna/hybrid-darknet-concept) 
- [**25**Star][1y] [C] [kaist-ina/sgx-tor](https://github.com/kaist-ina/sgx-tor) Tor anonymity network for SGX
- [**25**Star][3y] [C++] [k0keoyo/hevd-arbitrary-overwrite-exploit-win10-rs3](https://github.com/k0keoyo/hevd-arbitrary-overwrite-exploit-win10-rs3) 
- [**25**Star][4m] [TS] [jvilk/mitmproxy-node](https://github.com/jvilk/mitmproxy-node) A bridge between Python's mitmproxy and Node.JS programs. Rewrite network requests using Node.JS!
- [**25**Star][2m] [Py] [jpiechowka/zip-shotgun](https://github.com/jpiechowka/zip-shotgun) Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
- [**25**Star][5m] [Py] [joxeankoret/mynav](https://github.com/joxeankoret/mynav) Automatically exported from code.google.com/p/mynav
- [**25**Star][5m] [Java] [jonas-schievink/ghidraxbe](https://github.com/jonas-schievink/ghidraxbe) A Ghidra extension for loading Xbox Executables (.xbe files)
- [**25**Star][5y] [C++] [jeremyfetiveau/exploits](https://github.com/jeremyfetiveau/exploits) Old exploits and code for my self-referencing PML4 technique (2014)
- [**25**Star][16d] [jasklabs/blackhat2017](https://github.com/jasklabs/blackhat2017) Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases
- [**25**Star][5m] [Shell] [jacksongl/npm-vuln-poc](https://github.com/jacksongl/npm-vuln-poc) Vulnerabilities discovered in npm repository [Berkeley PL & Security Research].
- [**25**Star][4m] [Py] [j40903272/malconv-keras](https://github.com/j40903272/malconv-keras) This is the implementation of MalConv proposed in [Malware Detection by Eating a Whole EXE](
- [**25**Star][4y] [PS] [invoke-ir/presentations](https://github.com/invoke-ir/presentations) 
- [**25**Star][4y] [C] [hschen0712/process-hiding](https://github.com/hschen0712/process-hiding) linux下实现进程隐藏
- [**25**Star][1m] [Py] [hoainam1989/training-application-security](https://github.com/hoainam1989/training-application-security) This repository for training application security.
- [**25**Star][5m] [Go] [himei29a/gichidan](https://github.com/himei29a/gichidan) Gichidan - CLI wrapper for Ichidan deep-web search engine.
- [**25**Star][4y] [C++] [herrcore/cmddesktopswitch](https://github.com/herrcore/cmddesktopswitch) CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to identify and watch malware that has created a hidden desktop.
- [**25**Star][11d] [henryhoggard/awesome-arm-exploitation](https://github.com/henryhoggard/awesome-arm-exploitation) A collection of awesome videos, articles, books and resources about ARM exploitation.
- [**25**Star][4m] [JS] [hdm/axman](https://github.com/hdm/axman) AxMan ActiveX Fuzzer: This is ancient, please don't use it =D
- [**25**Star][3y] [C++] [hatriot/delayloadinject](https://github.com/hatriot/delayloadinject) Code injection via delay load libraries
- [**25**Star][2m] [OCaml] [hannesm/conex](https://github.com/hannesm/conex) establish trust in community repositories, cryptographically signed by library authors
- [**25**Star][2m] [C] [hanj4096/wukong](https://github.com/hanj4096/wukong) A LKM rootkit for Linux kernel 2.6.x, 3.x and 4.x
- [**25**Star][1m] [hani1990/phith0n-mind-map](https://github.com/hani1990/phith0n-mind-map) 
- [**25**Star][1m] [Py] [guelfoweb/fbid](https://github.com/guelfoweb/fbid) Show info about the author by facebook photo url
- [**25**Star][4y] [gtank/captcha-draft](https://github.com/gtank/captcha-draft) proposal for blinded-token captchas
- [**25**Star][5y] [C] [gregwar/mitm](https://github.com/gregwar/mitm) Man in the middle tool
- [**25**Star][3y] [Py] [graniet/domff](https://github.com/graniet/domff) DOMFf is a simple IDE for extract all DOM data on a website, is perfect for all penetration testers, with this you can extract all data name, value of specific form with only one line, this tool work like a debugger
- [**25**Star][1y] [Kotlin] [gosecure/burp-ntlm-challenge-decoder](https://github.com/gosecure/burp-ntlm-challenge-decoder) Burp extension to decode NTLM SSP headers and extract domain/host information
- [**25**Star][26d] [JS] [goliatone/arpscan](https://github.com/goliatone/arpscan) Node arp-scan wrapper
- [**25**Star][2y] [C#] [glinares/cscguard](https://github.com/glinares/cscguard) Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation
- [**25**Star][5m] [Py] [ghostofgoes/adles](https://github.com/ghostofgoes/adles) Automated Deployment of Lab Environments System (ADLES)
- [**25**Star][1y] [C] [gdbinit/rex_versus_the_romans](https://github.com/gdbinit/rex_versus_the_romans) Anti Hacking Team TrustedBSD module
- [**25**Star][2m] [Rust] [gcarq/arp-spoof](https://github.com/gcarq/arp-spoof) Minimal ARP-Spoofing tool written in Rust
- [**25**Star][1y] [Py] [fygrave/dnslyzer](https://github.com/fygrave/dnslyzer) DNS traffic indexer and analyzer
- [**25**Star][3y] [Java] [fupinglee/crackcaptcahlogin](https://github.com/fupinglee/crackcaptcahlogin) CrackCaptcahLogin
- [**25**Star][3y] [PHP] [freak3dot/wp-smart-honeypot](https://github.com/freak3dot/wp-smart-honeypot) Wordpress plugin to reduce comment spam with a smarter honeypot.
- [**25**Star][3y] [foundstone/expertinvestigationguides](https://github.com/foundstone/expertinvestigationguides) Expert Investigation Guides
- [**25**Star][2m] [Py] [fmagin/angr-cli](https://github.com/fmagin/angr-cli) Repo for various angr ipython features to give it more of a cli feeling
- [**25**Star][7m] [C] [fi01/libput_user_exploit](https://github.com/fi01/libput_user_exploit) CVE-2013-6282 exploit
- [**25**Star][1m] [JS] [feedhenry/mobile-security](https://github.com/feedhenry/mobile-security) FeedHenry Mobile Security
- [**25**Star][5y] [exp-sky/hitcon-2015-spartan-0day-exploit](https://github.com/exp-sky/hitcon-2015-spartan-0day-exploit) HitCon 2015 spartan 0day & exploit
- [**25**Star][5m] [JS] [eviltik/evilwaf](https://github.com/eviltik/evilwaf) Web Application Firewall (WAF) Detection Tool
- [**25**Star][4m] [Py] [evild3ad/isodump](https://github.com/evild3ad/isodump) isodump - ISO dump utility
- [**25**Star][1m] [Py] [esss/hookman](https://github.com/esss/hookman) A plugin management system in python to applications (in totally or partially) written in C++.
- [**25**Star][2y] [JS] [erlendellingsen/digitalocean-developer-firewall](https://github.com/erlendellingsen/digitalocean-developer-firewall) Tool for developers to easily configure firewalls and gain access to their servers when using DigitalOcean cloud firewalls.
- [**25**Star][1y] [C#] [enkomio/managedinjector](https://github.com/enkomio/managedinjector) A C# DLL injection library
- [**25**Star][5m] [C] [en14c/erebus](https://github.com/en14c/erebus) Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
- [**25**Star][8m] [C++] [dydtjr1128/remoteassistance-cpp](https://github.com/dydtjr1128/remoteassistance-cpp) [WIP]RemoteAssistance like TeamViewer(C++)
- [**25**Star][10m] [HTML] [duocircle/office365-setup-dkim-dmarc-spf](https://github.com/duocircle/office365-setup-dkim-dmarc-spf) Setup guide for Office 365 Administrators who are unable to use ATP to configure SPF, DKIM and DMARC.
- [**25**Star][17d] [Py] [duchengyao/hkdvr_login](https://github.com/duchengyao/hkdvr_login) 批量扫描海康威视视频监控并尝试登录的脚本
- [**25**Star][3y] [Py] [dragoneeg/struts2-048](https://github.com/dragoneeg/struts2-048) CVE-2017-9791
- [**25**Star][14d] [C++] [domob1812/namecoin-core](https://github.com/domob1812/namecoin-core) Reimplementation of Namecoin on top of the current Bitcoin Core codebase.
- [**25**Star][3m] [Shell] [dlangille/anvil](https://github.com/dlangille/anvil) Tools for distributing ssl certificates
- [**25**Star][4m] [Py] [digiampietro/adbtools2](https://github.com/digiampietro/adbtools2) Tools for hacking ADB Epicentro routers, including firmware modification and VOIP password recovery.
- [**25**Star][2y] [ObjC] [dev-liyang/lytableviewwidget](https://github.com/dev-liyang/lytableviewwidget) 逆向微信-分析学习微信是如何快速构建静态TableView界面的
- [**25**Star][2m] [Py] [decalage2/oledump-contrib](https://github.com/decalage2/oledump-contrib) The oledump-contrib repository contains plugins and enhancements for the oledump tool published by Didier Stevens.
- [**25**Star][4m] [Ruby] [deadbits/maz](https://github.com/deadbits/maz) Malware Analysis Zoo
- [**25**Star][2m] [C] [davidbuchanan314/cowroot](https://github.com/davidbuchanan314/cowroot) Universal Android root tool based on CVE-2016-5195. Watch this space.
- [**25**Star][8m] [Py] [danmcinerney/nmap-parser](https://github.com/danmcinerney/nmap-parser) Parses Nmap XML files
- [**25**Star][2y] [C#] [damonmohammadbagher/nativepayload_ip6dns](https://github.com/damonmohammadbagher/nativepayload_ip6dns) C# code for Transferring Backdoor Payloads by IPv6 Address (AAAA) records and DNS Traffic also Bypassing Anti-viruses
- [**25**Star][3m] [Py] [damian89/commoncrawlparser](https://github.com/damian89/commoncrawlparser) Simple multi threaded tool to extract domain related data from commoncrawl.org
- [**25**Star][1m] [Go] [d4-project/sensor-d4-tls-fingerprinting](https://github.com/d4-project/sensor-d4-tls-fingerprinting) Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
- [**25**Star][7y] [PHP] [cyberisltd/gzipbloat](https://github.com/cyberisltd/gzipbloat) PHP framework to test User-Agents and intermediary content inspection devices for denial-of-service vulnerabilities with respect to HTTP response decompression.
- [**25**Star][5m] [C] [ctu-iig/802.11p-linux](https://github.com/ctu-iig/802.11p-linux) mac80211/wireless next tree
- [**25**Star][5y] [JS] [cryptographrix/hootoo_ht-tm05-hacking](https://github.com/cryptographrix/hootoo_ht-tm05-hacking) Hacking the HooToo HT-TM05
- [**25**Star][14d] [Go] [cpl/cryptor](https://github.com/cpl/cryptor) Privacy, Anonymity, Freedom - P2P network
- [**25**Star][21d] [Py] [cornerpirate/cve-offline](https://github.com/cornerpirate/cve-offline) An easy to grep dump of the NVD database showing only; CVE-ID, CVSS Risk Score, and Summary.
- [**25**Star][10m] [PS] [codewatchorg/powersniper](https://github.com/codewatchorg/powersniper) Password spraying script and helper for creating password lists
- [**25**Star][2m] [Java] [codahale/aes-gcm-siv](https://github.com/codahale/aes-gcm-siv) A Java implementation of AES-GCM-SIV (RFC 8452).
- [**25**Star][2m] [Ruby] [claudijd/bnat](https://github.com/claudijd/bnat) "Broken NAT" - A suite of tools focused on detecting and interacting with publicly available BNAT scenerios
- [**25**Star][3m] [Go] [cizixs/pxy](https://github.com/cizixs/pxy) A simple proxy server with flexibility.
- [**25**Star][9m] [Shell] [civisanalytics/iam-role-injector](https://github.com/civisanalytics/iam-role-injector) Assumes an IAM role via awscli STS call, injecting temporary credentials into shell environment
- [**25**Star][2m] [Py] [cisco-talos/oil-pumpjack](https://github.com/cisco-talos/oil-pumpjack) Oil Pumpjack: open source materials to create your own oil pumpjack managed by an Arduino
- [**25**Star][6m] [JS] [chef-koch/bypass-adblockers](https://github.com/chef-koch/bypass-adblockers) Malvertising campaign that successfully bypasses ad blockers to deliver their malicious payload
- [**25**Star][2y] [Py] [catalyst256/netscaler-cookie-decryptor](https://github.com/catalyst256/netscaler-cookie-decryptor) Python application to decrypt Netscaler Load Balancer Persistence Cookies
- [**25**Star][8m] [Shell] [cappsule/nofear](https://github.com/cappsule/nofear) Run any command transparently in a VM (this repo isn't part of Cappsule)
- [**25**Star][2y] [C++] [buseclab/paybreak](https://github.com/buseclab/paybreak) 
- [**25**Star][5y] [Py] [burningcodes/dexconfuse](https://github.com/burningcodes/dexconfuse) 简易dex混淆器
- [**25**Star][3y] [C++] [bronzeme/ssdt_hook_x64](https://github.com/bronzeme/ssdt_hook_x64) 
- [**25**Star][11m] [Py] [bnagy/francis](https://github.com/bnagy/francis) LLDB engine based tool to instrument OSX apps and triage crashes
- [**25**Star][5y] [Py] [bkerler/oregondecoder](https://github.com/bkerler/oregondecoder) Oregon Scientific V1/V2 Gnuradio Decoder
- [**25**Star][5y] [Shell] [binkybear/honeypi](https://github.com/binkybear/honeypi) Bash script to install Honeypot projects ona Raspbian System
- [**25**Star][14d] [Shell] [binhex/arch-int-openvpn](https://github.com/binhex/arch-int-openvpn) Docker build script for Arch Linux base with OpenVPN and Privoxy
- [**25**Star][4m] [C++] [behzad-a/dytan](https://github.com/behzad-a/dytan) Dytan Taint Analysis Framework on Linux 64-bit
- [**25**Star][5m] [C] [begriffs/utofu](https://github.com/begriffs/utofu) Unicode Trust on First Use (TOFU)
- [**25**Star][5m] [beerisgood/windows10_hardening](https://github.com/beerisgood/windows10_hardening) My Windows 10 x64 security hardening guide
- [**25**Star][7m] [Py] [batteryshark/miasma](https://github.com/batteryshark/miasma) Cross-Platform Binary OTF Patcher, Code Injector, Hacking Utility
- [**25**Star][3m] [b3nac/injuredandroid](https://github.com/b3nac/injuredandroid) A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
- [**25**Star][3m] [awsdocs/aws-cloudtrail-user-guide](https://github.com/awsdocs/aws-cloudtrail-user-guide) The open source version of the AWS CloudTrail User Guide. You can submit feedback & requests for changes by submitting issues in this repo or by making proposed changes & submitting a pull request.
- [**25**Star][10d] [Go] [avast/apkverifier](https://github.com/avast/apkverifier) APK Signature verification in Go. Supports scheme v1, v2 and v3 and passes Google apksig's testing suite.
- [**25**Star][9m] [JS] [auth0-blog/blog-passwordless-authentication](https://github.com/auth0-blog/blog-passwordless-authentication) Learn how to integrate passwordless authentication with Facebook Account Kit and Auth0 Passwordless
- [**25**Star][24d] [CoffeeScript] [atom/decoration-example](https://github.com/atom/decoration-example) Exercising Atom's Decoration API
- [**25**Star][3y] [Py] [atiger77/xunfeng_docker](https://github.com/atiger77/xunfeng_docker) 同程巡风项目Docker镜像版
- [**25**Star][7m] [Py] [asyne/cproto](https://github.com/asyne/cproto) Chrome Debugging client for Python
- [**25**Star][4m] [asiamina/a-course-on-digital-forensics](https://github.com/asiamina/a-course-on-digital-forensics) A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University
- [**25**Star][2y] [C++] [apriorit/svchostdemo](https://github.com/apriorit/svchostdemo) Demo service that runs in svchost.exe
- [**25**Star][25d] [aozhimin/ios-monitor-resources](https://github.com/aozhimin/ios-monitor-resources) 对各厂商的 iOS SDK 性能监控方案的整理和收集后的资源
- [**25**Star][15d] [Assembly] [antoniond/gba-switch-to-gbc](https://github.com/antoniond/gba-switch-to-gbc) Routine to switch a GBA into GBC mode by software!
- [**25**Star][1m] [Py] [ansible/ansible-blog-examples](https://github.com/ansible/ansible-blog-examples) Example playbooks from posts on the Ansible blog (
- [**25**Star][14d] [andrew-morris/presentations](https://github.com/andrew-morris/presentations) A centralized location for all presentations I've given at various conferences
- [**25**Star][2m] [Go] [andrew-d/rssh](https://github.com/andrew-d/rssh) Reverse shell over SSH
- [**25**Star][1y] [Shell] [amoghbl1/orfox](https://github.com/amoghbl1/orfox) This is my repository for the orfox browser, a browser that uses tor to communicate and Firefox for Android as it's base.
- [**25**Star][4y] [PHP] [amaurycarrade/oranjeproxy](https://github.com/amaurycarrade/oranjeproxy) OranjeProxy est un script de proxy PHP anonymisant permettant d’outrepasser les restrictions imposées à votre réseaux (comme ceux des entreprises ou des écoles).
- [**25**Star][1m] [Py] [alichtman/malware-techniques](https://github.com/alichtman/malware-techniques) A collection of techniques commonly used in malware to accomplish core tasks.
- [**25**Star][5m] [Go] [akme/get-closer](https://github.com/akme/get-closer) Find out closest hosts in terms of network latency and performance
- [**25**Star][2m] [Java] [akdeniz/mitmsocks4j](https://github.com/akdeniz/mitmsocks4j) An interceptor for SOCKS Proxy protocol to allow user to dump any connections' content even if it is secured with SSL.
- [**25**Star][4m] [TS] [airtasker/proxay](https://github.com/airtasker/proxay) Proxay is a record/replay proxy server that helps you write faster and more reliable tests.
- [**25**Star][9m] [Py] [aheadley/logitech-solar-k750-linux](https://github.com/aheadley/logitech-solar-k750-linux) Userspace "driver" for the Logitech k750 Solar Keyboard. A fork of the repo from
- [**25**Star][16d] [Shell] [aflgo/oss-fuzz](https://github.com/aflgo/oss-fuzz) OSS-Fuzz - integrated with AFLGo for Patch Testing
- [**25**Star][8m] [Go] [aead/hydrogen](https://github.com/aead/hydrogen) Go implementation of libhydrogen - a lightweight, easy-to-use crypto library
- [**25**Star][3m] [C++] [adrianyy/x64-syscall](https://github.com/adrianyy/x64-syscall) x64 syscall caller in C++.
- [**25**Star][23d] [Shell] [adon90/ip2hosts](https://github.com/adon90/ip2hosts) Dirty bash script to obtain hosts given an IP address
- [**25**Star][2y] [Py] [admintony/sql-injection](https://github.com/admintony/sql-injection) 解决sqlmap不能跑的注入
- [**25**Star][2m] [C] [50m30n3/dsptunnel](https://github.com/50m30n3/dsptunnel) IP over audio tunnel
- [**25**Star][23d] [Verilog] [1801bm1/vm80a](https://github.com/1801bm1/vm80a) i8080 precise replica in Verilog, based on reverse engineering of real die
- [**25**Star][2y] [1337g/cve-2017-17215](https://github.com/1337g/cve-2017-17215) CVE-2017-17215 HuaWei Router RCE (NOT TESTED)
- [**25**Star][2y] [C] [0x00-0x00/cve-2018-1000001](https://github.com/0x00-0x00/cve-2018-1000001) glibc getcwd() local privilege escalation compiled binaries
- [**24**Star][10d] [C++] [d35ha/xobf](https://github.com/d35ha/xobf) Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
- [**24**Star][25d] [Py] [skulltech/netmog](https://github.com/skulltech/netmog) A netcat alternative with remote code execution.
- [**24**Star][8d] [Py] [dariusztytko/vhosts-sieve](https://github.com/dariusztytko/vhosts-sieve) Searching for virtual hosts among non-resolvable domains
- [**24**Star][29d] [C] [haidragon/study_firewall](https://github.com/haidragon/study_firewall) 主动防御-网络过滤器(firewall)
- [**24**Star][3m] [C++] [0x09al/iis-raid](https://github.com/0x09al/iis-raid) A native backdoor module for Microsoft IIS (Internet Information Services)
- [**24**Star][3m] [Py] [gilsondev/buscaimoveis-scraper](https://github.com/gilsondev/buscaimoveis-scraper) Projeto que coleta anúncios de imóveis a venda em grandes plataformas como OLX, Zap Imóveis, etc
- [**24**Star][6m] [JS] [victorqribeiro/scrap](https://github.com/victorqribeiro/scrap) Scrapping Facebook with JavaScript.
- [**24**Star][3m] [ex16x41/osint](https://github.com/ex16x41/osint) just some osint stuff ;^)
- [**24**Star][1m] [JS] [cabal-club/cabal-desktop-mini](https://github.com/cabal-club/cabal-desktop-mini) [deprecated - please try `Cabal Desktop`] a minimalist desktop app for Cabal, the p2p/decentralized/local-first chat platform
- [**24**Star][1m] [Go] [audibleblink/bothan](https://github.com/audibleblink/bothan) Is this IP a C2 server?
- [**24**Star][1m] [Py] [scrapy/scrapy-bench](https://github.com/scrapy/scrapy-bench) A CLI for benchmarking Scrapy.
- [**24**Star][1y] [C++] [openbci/openbci_wifi](https://github.com/openbci/openbci_wifi) Firmware library that runs on the OpenBCI WiFi Shield
- [**24**Star][5m] [CMake] [independentcod/ccfinder](https://github.com/independentcod/ccfinder) Recursive Credit Card Searcher For Windows C++ and Linux
- [**24**Star][8m] [Py] [gisshield/douyin](https://github.com/gisshield/douyin) 抖音数据爬虫，初学python和scrapy框架的练手项目，未完善版本
- [**24**Star][19d] [Go] [x1sec/citrixmash_scanner](https://github.com/x1sec/citrixmash_scanner) A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix
- [**24**Star][10d] [Py] [dengqiangxi/zhihu_spider](https://github.com/dengqiangxi/zhihu_spider) 知乎爬虫，用于爬取用户信息以及用户之间关系。
- [**24**Star][5m] [Swift] [zerofenglee/cmdbluetooth](https://github.com/zerofenglee/cmdbluetooth) communicate with bluetooth using a simple way(Bluetooth 4.0)
- [**24**Star][18d] [Java] [yibawifi/wifisdk](https://github.com/yibawifi/wifisdk) Free WiFi Connect SDK
- [**24**Star][5m] [Py] [zkqiang/job-spider](https://github.com/zkqiang/job-spider) 多线程爬取互联网行业常用招聘网站
- [**24**Star][5m] [C#] [bisoon/ps4-netcheatapi](https://github.com/bisoon/ps4-netcheatapi) Netcheat API for PS4 4.05
- [**24**Star][2m] [Java] [aurasphere/blue-pair](https://github.com/aurasphere/blue-pair) Simple Bluetooth Android app for handling device discovery and pairing.
- [**24**Star][8m] [Py] [priyankadev/scrapit](https://github.com/priyankadev/scrapit) Scraping scripts for various websites.
- [**24**Star][3m] [digininja/leakyrepo](https://github.com/digininja/leakyrepo) A repo which contains lots of things which it shouldn't
- [**24**Star][7m] [Java] [fengtan/sophie](https://github.com/fengtan/sophie) A Solr browser and administration tool
- [**24**Star][22d] [HTML] [topvpn/topvpn.github.io](https://github.com/topvpn/topvpn.github.io) Top VPN in China (mainland) 在全球(含中国大陆)好用的国外优质付费vpn推荐
- [**24**Star][12d] [C++] [woah1337/nsloader](https://github.com/woah1337/nsloader) CS:GO Cheat Loader.
- [**24**Star][2m] [Py] [gisalgs/geom](https://github.com/gisalgs/geom) Algorithms for geometric operations
- [**24**Star][3m] [JS] [fcoury/node-anne-pro](https://github.com/fcoury/node-anne-pro) Bluetooth communication library for the Anne Pro keyboard
- [**24**Star][4m] [Py] [spinda/imagenetscraper](https://github.com/spinda/imagenetscraper) 
- [**24**Star][1m] [Shell] [sunwei/letsencrypt-www](https://github.com/sunwei/letsencrypt-www) Probably the easiest way to create | renew | deploy certificate
- [**24**Star][4m] [Haskell] [grafted-in/web-scraping-engine](https://github.com/grafted-in/web-scraping-engine) A simple web scraping engine supporting concurrent and anonymous scraping
- [**24**Star][16d] [Go] [im050/awesome-hosts](https://github.com/im050/awesome-hosts) A simple GUI for manage hosts, written in Go
- [**24**Star][5m] [ObjC] [lennonchin/lcauthmanager](https://github.com/lennonchin/lcauthmanager) 一个简单、高效、易用的权限验证库，包括手势密码、Touch ID和Face ID；A comprehensive, efficient and easy-to-use rights verification library, including Gesture Password, Touch ID and Face ID.
- [**24**Star][8m] [Py] [cnuge/email-report](https://github.com/cnuge/email-report) A modular template for scraping data from the web to send yourself scheduled email reports
- [**24**Star][2m] [Shell] [willyliu/build-openssl-android](https://github.com/willyliu/build-openssl-android) Builds openssl 1.1.0h with android ndk r17.
- [**24**Star][1m] [Shell] [mattsparks/hostsfile](https://github.com/mattsparks/hostsfile) A command line tool that simplifies working with hosts files.
- [**24**Star][11d] [Java] [treehouses/remote](https://github.com/treehouses/remote) 
- [**24**Star][1m] [C++] [mincequi/cornrow](https://github.com/mincequi/cornrow) Bluetooth Audio Daemon for Raspberry Pi
- [**24**Star][2m] [C#] [devsisters/unitysettings](https://github.com/devsisters/unitysettings) Runtime debugging menu (like setting on Android) for Unity.
- [**24**Star][1m] [Lua] [lekensteyn/wireguard-dissector](https://github.com/lekensteyn/wireguard-dissector) Wireshark dissector (written in Lua) for dissecting the WireGuard tunneling protocol.
- [**24**Star][21d] [Batchfile] [makerdiary/pitaya-go](https://github.com/makerdiary/pitaya-go) An Open-Source IoT Development Platform with Multiprotocol Wireless Connectivity
- [**24**Star][5m] [PHP] [lcp0578/php-algorithm](https://github.com/lcp0578/php-algorithm) PHP 基本排序算法
- [**24**Star][25d] [C] [elemeta/elfloader](https://github.com/elemeta/elfloader) load so file into current memory space and run function
- [**24**Star][27d] [Rust] [jd91mzm2/rot26](https://github.com/jd91mzm2/rot26) Pure rust implementation of the rot26 algorithm
- [**24**Star][1m] [Jupyter Notebook] [diogodantas/sofifa](https://github.com/diogodantas/sofifa) A SoFIFA webcrawler and Machine Learning prediction
- [**24**Star][6m] [Go] [naiba-archive/proxyinabox](https://github.com/naiba-archive/proxyinabox) 
- [**24**Star][1m] [PHP] [itinerisltd/disallow-pwned-passwords](https://github.com/itinerisltd/disallow-pwned-passwords) Disallow WordPress and WooCommerce users using pwned passwords
- [**24**Star][2m] [C] [vesvault/libves.c](https://github.com/vesvault/libves.c) VESvault End-to-End Encryption API: Encrypt Everything Without Fear of Losing the Key
- [**24**Star][5m] [Shell] [davinctor/compileffmpegwithopenssl](https://github.com/davinctor/compileffmpegwithopenssl) A bunch of scripts you can use to compile FFmpeg with OpenSSL
- [**24**Star][6m] [F#] [pkese/raspberry-fsharp](https://github.com/pkese/raspberry-fsharp) F# full-stack IoT starter project for Raspberry Pi
- [**24**Star][6m] [Go] [monkeydioude/capybara](https://github.com/monkeydioude/capybara) Capybara, simple reverse-proxy (api gateway) for localhost services
- [**24**Star][8m] [C#] [reswitched/hacversionlistbot](https://github.com/reswitched/hacversionlistbot) Versionlist update tracker for the Nintendo Switch.
- [**24**Star][11d] [Py] [yelp/hacheck](https://github.com/yelp/hacheck) HAproxy healthcheck proxying service
- [**24**Star][1y] [C++] [sektioneins/aarch64_cryptoextension](https://github.com/sektioneins/aarch64_cryptoextension) IDA AArch64 processor extender extension: Adding crypto extension instructions (AES/SHA1/SHA256)
- [**24**Star][1m] [diafygi/privacy-checklist](https://github.com/diafygi/privacy-checklist) Checklist for securing communications
- [**24**Star][1y] [Shell] [david942j/honest](https://github.com/david942j/honest) Are your installed packages _really_ the same as you saw on GitHub?
- [**24**Star][2m] [C] [the-tcpdump-group/tcpslice](https://github.com/the-tcpdump-group/tcpslice) tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.
- [**24**Star][1m] [C] [nsacyber/driver-collider](https://github.com/nsacyber/driver-collider) Blocks drivers from loading by using a name collision technique. #nsacyber
- [**24**Star][2m] [Py] [fsecurelabs/jasmin](https://github.com/fsecurelabs/jasmin) 
- [**24**Star][2m] [Py] [isecpartners/r2b2](https://github.com/isecpartners/r2b2) A brute-forcing delta robot
- [**24**Star][3m] [C] [xroche/coucal](https://github.com/xroche/coucal) Cuckoo Hashtable C Library
- [**24**Star][2m] [C#] [isecpartners/peachfarmer](https://github.com/isecpartners/peachfarmer) A log collector for Peach fuzzing in the cloud
- [**24**Star][7m] [Assembly] [rehints/bootkitsbook](https://github.com/rehints/bootkitsbook) repository with additional materials and source code
- [**24**Star][6m] [greatfire/cc](https://github.com/greatfire/cc) 
- [**24**Star][1m] [Py] [mthbernardes/demoniware](https://github.com/mthbernardes/demoniware) Telegram BotNet
- [**24**Star][5m] [Py] [jpcertcc/strelok](https://github.com/jpcertcc/strelok) Application for STIX v2.0 objects management and analysis
- [**24**Star][2m] [Go] [lunixbochs/pingbin](https://github.com/lunixbochs/pingbin) service to check internet accessibility
- [**24**Star][5m] [HTML] [649/crash-ios-exploit](https://github.com/649/crash-ios-exploit) Repository dedicated to storing a multitude of iOS/macOS/OSX/watchOS crash bugs. Some samples need to be viewed as raw in order to see the Unicode. Please do not intentionally abuse these exploits.
- [**24**Star][2y] [hikariobfuscator/swift](https://github.com/hikariobfuscator/swift) Swift Fork
- [**24**Star][5m] [C] [csploit/network-radar](https://github.com/csploit/network-radar) cSploit network radar
- [**24**Star][5m] [offensive-security/gcc-arm-linux-gnueabihf-4.7](https://github.com/offensive-security/gcc-arm-linux-gnueabihf-4.7) gcc-arm-linux-gnueabihf-4.7/
- [**24**Star][4m] [JS] [uber-common/paranoid-request](https://github.com/uber-common/paranoid-request) An SSRF-preventing wrapper around Node's request module
- [**24**Star][24d] [C] [z3apa3a/3scan](https://github.com/z3apa3a/3scan) 3Scan is fast detector for open HTTP/CONNECT/SOCKS4/SOCKS5/FTP/TELNET proxy
- [**24**Star][4m] [CSS] [ytisf/apate](https://github.com/ytisf/apate) Your Friendly Neighbourhood Honeypot Maker and Manager
- [**24**Star][1y] [offensive-security/kali-linux-docker-rolling](https://github.com/offensive-security/kali-linux-docker-rolling) 
- [**24**Star][4m] [JS] [xyntax/xctf-2019-tfboys](https://github.com/xyntax/xctf-2019-tfboys) source code of XCTF 2019 Final web task "tfboys"
- [**24**Star][3m] [Py] [evyatarmeged/rarbg-scraper](https://github.com/evyatarmeged/rarbg-scraper) With Selenium headless browsing and CAPTCHA solving
- [**24**Star][10m] [C++] [tum-vision/autonavx_ardrone](https://github.com/tum-vision/autonavx_ardrone) Code for AR.Drone Exercises
- [**24**Star][3m] [Shell] [gwolf3/visshous](https://github.com/gwolf3/visshous) 
- [**24**Star][2m] [Shell] [sparkness/v2ray-tls-docker](https://github.com/sparkness/v2ray-tls-docker) easy to use v2ray tls server
- [**24**Star][26d] [JS] [shaunlwm/node-csgo-gsi](https://github.com/shaunlwm/node-csgo-gsi) 
- [**24**Star][11d] [Py] [mvelazc0/attack2jira](https://github.com/mvelazc0/attack2jira) attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
- [**24**Star][1m] [C] [userlandkernel/usbusted](https://github.com/userlandkernel/usbusted) Research on Apple's USB protocols
- [**24**Star][2m] [C#] [tmthrgd/dll-injector](https://github.com/tmthrgd/dll-injector) Inject and detour DLLs and program functions both managed and unmanaged in other programs, written (almost) purely in C#. [Not maintained].
- [**24**Star][3m] [Py] [ptonewreckin/blindref](https://github.com/ptonewreckin/blindref) BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework
- [**24**Star][11m] [Py] [jenkstom/python-ddns](https://github.com/jenkstom/python-ddns) A self-hosted dynamic DNS service using BIND9 and python.
- [**24**Star][1m] [HTML] [0xkira/pwn-dash-docset](https://github.com/0xkira/pwn-dash-docset) latest x86_64 assembly language and pwntools dash docset
- [**24**Star][7d] [Java] [nexxado/wifipasswords](https://github.com/nexxado/wifipasswords) a completely free app that shows your device saved wifi passwords.
- [**24**Star][2m] [C] [rpp0/peapwn](https://github.com/rpp0/peapwn) Proof-of-concept implementation of the Apple relay attack in Python
- [**24**Star][2m] [TS] [lubeskih/enigma-emulator](https://github.com/lubeskih/enigma-emulator) Enigma I, Navy M3/M4 Machine Emulator
- [**24**Star][3m] [JS] [iamshakil/dbless-email-verification](https://github.com/iamshakil/dbless-email-verification) Verify user email without database using cryptography
- [**24**Star][1m] [Java] [fnplus/algorithms-hacktoberfest](https://github.com/fnplus/algorithms-hacktoberfest) This repository is a part of HacktoberFest, an event organised by DigitalOcean.
- [**24**Star][19d] [Py] [kaiiyer/backnet](https://github.com/kaiiyer/backnet) Backdoor+Botnet or BackNet is a Python Remote Access Tool.
- [**24**Star][23d] [Py] [geekscrapy/bingraph](https://github.com/geekscrapy/bingraph) Simple tool to graph files for quick analysis
- [**24**Star][5m] [PS] [nyan-x-cat/malwareshell](https://github.com/nyan-x-cat/malwareshell) Create a powershell malware loader to run C#.cs code on runtime
- [**24**Star][3m] [Java] [seungsoo-lee/delta](https://github.com/seungsoo-lee/delta) PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
- [**24**Star][11d] [Dockerfile] [random-robbie/docker-ssh-honey](https://github.com/random-robbie/docker-ssh-honey) SSH Honey pot for docker
- [**24**Star][4m] [manhnho/python-books-for-security](https://github.com/manhnho/python-books-for-security) Python Books for Security
- [**24**Star][12d] [Py] [z3pp/zfuzz](https://github.com/z3pp/zfuzz) Simple python web fuzzer
- [**24**Star][14d] [Julia] [s-broda/archmodels.jl](https://github.com/s-broda/ARCHModels.jl) A Julia package for estimating ARMA-GARCH models.
- [**24**Star][2m] [PHP] [marcocesarato/php-aio-security](https://github.com/marcocesarato/PHP-AIO-Security) The objective of this class is offer an automatic system of protection for developers's projects and simplify some security operations as the check of CSRF or XSS all in a simple class. Infact you could just call the main method to have better security yet without too much complicated operations.
- [**24**Star][2m] [C] [intel/kvmgt-qemu](https://github.com/intel/KVMGT-qemu) 
- [**24**Star][11d] [Py] [nuncan/wifite2mod](https://github.com/nuncan/wifite2mod) Rolling Release Branch for community PR's
- [**24**Star][4m] [OpenEdge ABL] [praetorian-code/ctf-writeups](https://github.com/praetorian-code/ctf-writeups) Collection of Praetorian solutions to CTF challenges
- [**24**Star][1m] [TS] [typeerror/crystalball](https://github.com/TypeError/crystalball) A Magical
- [**24**Star][21d] [C] [matricali/cbrutekrag](https://github.com/matricali/cbrutekrag) Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.
- [**24**Star][5m] [bannsec/angr-windows](https://github.com/bannsec/angr-Windows) Windows builds for use with angr framework
- [**24**Star][2m] [Go] [zxsecurity/glugger](https://github.com/zxsecurity/glugger) The fastest (and least featureful) DNS bruteforcer in the South
- [**24**Star][1y] [C++] [zsshen/yadd](https://github.com/zsshen/yadd) Yet another Android Dex bytecode Disassembler: a static Android app disassembler for fast class and method signature extraction and code structure visualization.
- [**24**Star][1m] [Py] [zedsec390/defcon23](https://github.com/zedsec390/defcon23) 
- [**24**Star][4m] [zecopro/wpa-passwords](https://github.com/zecopro/wpa-passwords) the best and small passwords lists to crack handshake wpa-wpa2
- [**24**Star][3y] [Py] [zachriggle/pwndbg](https://github.com/zachriggle/pwndbg) GDB插件，辅助漏洞开发和逆向
- [**24**Star][3y] [Assembly] [yifengyou/x86-assembly-language-from-real-mode-to-protection-mode](https://github.com/yifengyou/x86-assembly-language-from-real-mode-to-protection-mode) x86汇编语言 从实模式到保护模式
- [**24**Star][8m] [C#] [xxczaki/logger](https://github.com/xxczaki/logger) 
- [**24**Star][5m] [Py] [xme/emlrender](https://github.com/xme/emlrender) EML file rendering tool
- [**24**Star][1m] [Visual Basic] [xiaoxiaoleo/pentest-script](https://github.com/xiaoxiaoleo/pentest-script) Script for pentest
- [**24**Star][1y] [xgfan/ss-relay](https://github.com/xgfan/ss-relay) shadowsocks relay docker
- [**24**Star][7y] [C++] [wyyqyl/hidemodule](https://github.com/wyyqyl/hidemodule) The dll that can hide itself and then delete itselft.
- [**24**Star][6m] [C] [ww9210/kernel4.20_bpf_lpe](https://github.com/ww9210/kernel4.20_bpf_lpe) exploit code for a bpf heap overflow vulnerability
- [**24**Star][4m] [PS] [wurstcommander/win10appremove](https://github.com/wurstcommander/win10appremove) A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.
- [**24**Star][1y] [C] [wchill/defcon26_badgehacking](https://github.com/wchill/defcon26_badgehacking) Notes and things regarding hacking DEFCON 26's badge
- [**24**Star][25d] [JS] [wazuh/wazuh-splunk](https://github.com/wazuh/wazuh-splunk) Wazuh - Splunk app
- [**24**Star][2m] [JS] [waytai/cloudsafe](https://github.com/waytai/cloudsafe) cloudsafe 云安全扫描
- [**24**Star][5m] [Py] [vxlabinfo/signfinder](https://github.com/vxlabinfo/signfinder) Tool for easy clean PE32 from AV signature
- [**24**Star][2m] [C++] [vix597/vulny](https://github.com/vix597/vulny) Vulnerable Linux socket game for educational purposes
- [**24**Star][5m] [C#] [vchirikov/gotodnspy](https://github.com/vchirikov/gotodnspy) GoTo dnSpy for Visual Studio 2019
- [**24**Star][22d] [Py] [tyranid/canape](https://github.com/tyranid/canape) CANAPE Network Testing Tool
- [**24**Star][10m] [JS] [twilio/starter-ruby](https://github.com/twilio/starter-ruby) A starter app for Ruby developers embarking on their first Twilio quest!
- [**24**Star][7m] [Py] [tuuunya/exploit](https://github.com/tuuunya/exploit) 常用的一些Exploit，经常会更新，也欢迎各位提交新的exp给我。
- [**24**Star][4y] [C#] [tum-i22/vot4cs](https://github.com/tum-i22/vot4cs) A Virtualization Obfuscation Tool for C# programs
- [**24**Star][3y] [C] [tudinfse/sgxbounds](https://github.com/tudinfse/sgxbounds) SGXBounds: Memory Safety for Shielded Execution (compiler pass and runtime)
- [**24**Star][4m] [HTML] [tothi/ctfs](https://github.com/tothi/ctfs) some example ctf writeups
- [**24**Star][8m] [Py] [topranks/ms17-010_subnet](https://github.com/topranks/ms17-010_subnet) MS17-010 Windows SMB RCE -- Full subnet scanner
- [**24**Star][4m] [C#] [tophertimzen/shellcodetester](https://github.com/tophertimzen/shellcodetester) GUI Application in C# to run and disassemble shellcode
- [**24**Star][4m] [C] [tommythorn/yari](https://github.com/tommythorn/yari) YARI is a high performance open source FPGA soft-core RISC implementation, binary compatible with MIPS I. The distribution package includes a complete SoC, simulator, GDB stub, scripts, and various examples.
- [**24**Star][11d] [C++] [tnodir/fort](https://github.com/tnodir/fort) Fort Firewall for Windows
- [**24**Star][13d] [Py] [timip/exploit](https://github.com/timip/exploit) Just some exploits :P
- [**24**Star][1y] [Py] [thom-s/shodan-cli](https://github.com/thom-s/shodan-cli) Python command line wrapper for the shodan.io API
- [**24**Star][8m] [Py] [thelsa/ecshop-getshell](https://github.com/thelsa/ecshop-getshell) ecshop rce getshell
- [**24**Star][2y] [Py] [thekingofduck/autosploit_chs](https://github.com/thekingofduck/autosploit_chs) 渗透工具AutoSploit的汉化版
- [**24**Star][7m] [Py] [thehairyj/scout](https://github.com/thehairyj/scout) Scout - a Contactless Active Reconnaissance Tool
- [**24**Star][27d] [C#] [theenergystory/malware_analysis](https://github.com/theenergystory/malware_analysis) Tools and code snippets related to malware analysis
- [**24**Star][5m] [JS] [techgaun/xss-payloads](https://github.com/techgaun/xss-payloads) Collection of XSS Payloads from various sources
- [**24**Star][16d] [HTML] [tc39/proposal-intl-list-format](https://github.com/tc39/proposal-intl-list-format) `Intl.ListFormat` specification [draft]
- [**24**Star][4m] [Py] [tasdikrahman/thanos](https://github.com/tasdikrahman/thanos) A dead simple demonstration of SQL injection in an SQLite database
- [**24**Star][7m] [C] [talos-vulndev/advisories](https://github.com/talos-vulndev/advisories) 
- [**24**Star][6m] [Rust] [sushant94/rune](https://github.com/sushant94/rune) rune - radare2 based symbolic emulator
- [**24**Star][6m] [Shell] [superkojiman/dirtshell](https://github.com/superkojiman/dirtshell) Provide a sort of shell-ish interface to make file directory traversal quicker and easier.
- [**24**Star][7m] [Shell] [styx00/apache-vulns](https://github.com/styx00/apache-vulns) Pentest Scripts for Apache Vulnerabilities
- [**24**Star][1y] [C] [stooged/apptousb-50x](https://github.com/stooged/apptousb-50x) 5.0X
- [**24**Star][2m] [status-im/awesome-secure-messaging](https://github.com/status-im/awesome-secure-messaging) A curated collection of links for secure messaging.
- [**24**Star][1y] [Py] [st2labs/sipi](https://github.com/st2labs/sipi) Simple IP Information Tools for Reputation Data Analysis
- [**24**Star][2y] [C++] [sshsshy/zerotrace](https://github.com/sshsshy/zerotrace) 
- [**24**Star][2y] [Shell] [sourcerer-io/sourcerer-blog](https://github.com/sourcerer-io/sourcerer-blog) Assets and examples for blog.sourcerer.io
- [**24**Star][1y] [C++] [sonicrules11/barbossa](https://github.com/sonicrules11/barbossa) Macintosh MultiHack for Counter-Strike: Global Offensive
- [**24**Star][5m] [PHP] [sonertari/utmfw](https://github.com/sonertari/utmfw) UTM Firewall on OpenBSD
- [**24**Star][23d] [Gherkin] [soluto/containers-security-project](https://github.com/soluto/containers-security-project) A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
- [**24**Star][4m] [sofianehamlaoui/pentest-bookmarkz](https://github.com/sofianehamlaoui/pentest-bookmarkz) Some useful links for Pentesters
- [**24**Star][1m] [slowmist/awesome-blockchain-bug-bounty](https://github.com/slowmist/awesome-blockchain-bug-bounty) A comprehensive curated list of available Blockchain Bug Bounty Programs.
- [**24**Star][3m] [PS] [skons/ms17-0100](https://github.com/skons/ms17-0100) Mixing up CVE and MS like a pro
- [**24**Star][3y] [Py] [sizzop/hevd-exploits](https://github.com/sizzop/hevd-exploits) Various exploits for the HackSys Extreme Vulnerable Driver
- [**24**Star][3m] [Py] [sirpsycho/firecall](https://github.com/sirpsycho/firecall) Automate SSH communication with firewalls, switches, etc.
- [**24**Star][5m] [C] [sintech/flip-dot-display](https://github.com/sintech/flip-dot-display) Flip-Dot display reverse engineering, DIY adapter board, Tetris game.
- [**24**Star][3y] [silvermoonsecurity/sandboxevasion](https://github.com/silvermoonsecurity/sandboxevasion) Malware sandbox evasion tricks and solution
- [**24**Star][12d] [Java] [silentsignal/burp-uuid](https://github.com/silentsignal/burp-uuid) UUID issues for Burp Suite
- [**24**Star][3y] [Py] [silentsignal/activescan3plus](https://github.com/silentsignal/activescan3plus) Modified version of ActiveScan++ Burp Suite extension
- [**24**Star][5m] [Java] [shivam141296/android-firewall](https://github.com/shivam141296/android-firewall) Basic netguard app from playstore ,reduced to its minimum level for vpn and firewall logic
- [**24**Star][8m] [Shell] [shawnduong/pxenum](https://github.com/shawnduong/pxenum) Post eXploitation Enumeration script for Linux. Tested on Ubuntu.
- [**24**Star][3m] [Py] [seyptoo/7z-bruteforce](https://github.com/seyptoo/7z-bruteforce) This repository consists of bruteforce to a 7z file, and it can be very useful in the penetration tests
- [**24**Star][5y] [C++] [secmob/cve-2015-6612](https://github.com/secmob/cve-2015-6612) 
- [**24**Star][4y] [Py] [sciencemanx/ctf-tools](https://github.com/sciencemanx/ctf-tools) Attack-Defend CTF Tools
- [**24**Star][4m] [C#] [scenegate/yarhl](https://github.com/scenegate/yarhl) Yet Another ROM Hacking Library
- [**24**Star][6y] [ObjC] [samdmarshall/ios-internals](https://github.com/samdmarshall/ios-internals) iOS related code
- [**24**Star][2y] [Py] [rootm0s/casper](https://github.com/rootm0s/casper) 👻 Socket based RAT for Windows with evasion techniques and other features for control
- [**24**Star][3y] [Py] [ronanb96/cycflix](https://github.com/ronanb96/cycflix) Cycflix: Exercise Powered Entertainment © Ronan Byrne July 2017
- [**24**Star][7m] [C++] [robdobsn/speakupwifidetails](https://github.com/robdobsn/speakupwifidetails) Send WiFi credentials over audio to a "thing"
- [**24**Star][15d] [HTML] [ridter/cs_custom_404](https://github.com/ridter/cs_custom_404) Cobalt strike custom 404 page
- [**24**Star][2y] [Py] [ricterz/simple-dns](https://github.com/ricterz/simple-dns) A simple regular-expression based DNS server
- [**24**Star][2y] [retrogamer74/firmwarev5.05_mirahen_baseinjection](https://github.com/retrogamer74/firmwarev5.05_mirahen_baseinjection) Mira HEN 5.05 PS4 Fast developed firmware just for the basic injection
- [**24**Star][5m] [C] [renorobert/virtualbox-nat-dhcp-bugs](https://github.com/renorobert/virtualbox-nat-dhcp-bugs) 
- [**24**Star][1m] [Go] [rdkr/oniongen-go](https://github.com/rdkr/oniongen-go) 
- [**24**Star][1y] [C] [rapid7/vaccination](https://github.com/rapid7/vaccination) Vaccinating systems against VM-aware malware
- [**24**Star][4m] [Shell] [radsec/centos7-cis](https://github.com/radsec/centos7-cis) Ansible CentOS 7 - CIS Benchmark Hardening Script
- [**24**Star][2y] [ptresearch/intelme-crypto](https://github.com/ptresearch/intelme-crypto) 
- [**24**Star][5m] [Shell] [psrcek/kali-mitm-evil-twin](https://github.com/psrcek/kali-mitm-evil-twin) A script that creates a wifi hotspot on kali linux that can view usernames and passwords of ssl logins.
- [**24**Star][1y] [prsecurity/neutrino](https://github.com/prsecurity/neutrino) Neutrino C2 Source Code
- [**24**Star][10m] [C++] [pref/btvm](https://github.com/pref/btvm) C++11 implementation of 010 Editor's template language
- [**24**Star][2m] [Py] [preempt/rdpy](https://github.com/preempt/rdpy) Remote Desktop Protocol in Twisted Python
- [**24**Star][4y] [PHP] [powerscript/getdatareport](https://github.com/powerscript/getdatareport) Get information client with getdatareport (Plugin)
- [**24**Star][8m] [Java] [portswigger/freddy-deserialization-bug-finder](https://github.com/portswigger/freddy-deserialization-bug-finder) 
- [**24**Star][3y] [polarislab/s2-045](https://github.com/polarislab/s2-045) Struts2 S2-045（CVE-2017-5638）Vulnerability environment -
- [**24**Star][1y] [plenumlab/gql-helper](https://github.com/plenumlab/gql-helper) This is a small extension to make graphql readable
- [**24**Star][2y] [Java] [piashsarker/barcodeandqrreaderandroid](https://github.com/piashsarker/barcodeandqrreaderandroid) Best Barcode And QR Code Reder for Android .
- [**24**Star][6m] [Swift] [perfectlysoft/perfect-crypto](https://github.com/perfectlysoft/perfect-crypto) Cryptographic Operations
- [**24**Star][2y] [C] [p4p1/p4p1](https://github.com/p4p1/p4p1) Reverse shell for remote administration
- [**24**Star][1m] [Py] [ozzi-/tld_scanner](https://github.com/ozzi-/tld_scanner) Scan all possible TLD's for a given domain name
- [**24**Star][19d] [owasp/owasp-swag](https://github.com/owasp/owasp-swag) Swag for the OWASP projects and chapters
- [**24**Star][2m] [Py] [op7ic/shadowbroker-smb-scanner](https://github.com/op7ic/shadowbroker-smb-scanner) shadowbroker SMB exploit scanner. Scans for ETERNALSYNERGY ETERNALBLUE ETERNALROMANCE ETHERNALCHAMPION
- [**24**Star][3y] [Shell] [oniondecoy/installer](https://github.com/oniondecoy/installer) A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.
- [**24**Star][5m] [Go] [olihough86/stinkyphish](https://github.com/olihough86/stinkyphish) Monitor Certificate Transparency Logs For Phishing Domains
- [**24**Star][3m] [C#] [oct0xor/ps4_registry_editor](https://github.com/oct0xor/ps4_registry_editor) 
- [**24**Star][12m] [C] [o-o-overflow/chall-www](https://github.com/o-o-overflow/chall-www) 
- [**24**Star][26d] [Java] [nvisium/httpillage](https://github.com/nvisium/httpillage) 
- [**24**Star][1y] [Py] [noobiedog/peanuts](https://github.com/noobiedog/peanuts) Peanuts is a free and open source wifi tracking tool. Based on the SensePosts Snoopy-NG project that is now closed.
- [**24**Star][25d] [Py] [nitscan/inlinux](https://github.com/nitscan/inlinux) 内网渗透信息收集脚本
- [**24**Star][4y] [Py] [nccgroup/blesuite-cli](https://github.com/nccgroup/blesuite-cli) BLESuite_CLI is a command line tool to enable an easier way to test Bluetooth Low Energy (BLE) devices
- [**24**Star][1y] [Shell] [nathanaccidentally/osrestorex](https://github.com/nathanaccidentally/osrestorex) A semi-restore Alternative for iOS 10.
- [**24**Star][2y] [Py] [n3k/certslayer](https://github.com/n3k/certslayer) This is a tool to instantly test if an application handles SSL certificates the way it is supposed to.
- [**24**Star][1m] [Py] [mufeedvh/basecrack](https://github.com/mufeedvh/basecrack) Base Scheme Decoder
- [**24**Star][3m] [HTML] [misp/best-practices-in-threat-intelligence](https://github.com/misp/best-practices-in-threat-intelligence) Best practices in threat intelligence
- [**24**Star][13d] [Java] [michaelisvy/proxy-samples](https://github.com/michaelisvy/proxy-samples) 
- [**24**Star][6m] [Py] [miaouplop/gwt-3d](https://github.com/miaouplop/gwt-3d) aimed at helping you during penetration testing on GWT technology
- [**24**Star][4m] [Py] [mfthomps/labtainers](https://github.com/mfthomps/labtainers) Labtainers: A Docker-based cyber lab framework
- [**24**Star][12d] [Shell] [meisterp/torbrowser-overlay](https://github.com/meisterp/torbrowser-overlay) Gentoo overlay for Tor Browser related ebuilds
- [**24**Star][11m] [C] [mehqq/public_writeup](https://github.com/mehqq/public_writeup) My CTF writeup
- [**24**Star][12d] [C++] [meetpatty/basiliskii-vita](https://github.com/meetpatty/basiliskii-vita) 
- [**24**Star][5m] [Py] [marcovaldong/isgan](https://github.com/marcovaldong/isgan) Implementation of "Invisible Steganography via Generative Adversarial Networks" (
- [**24**Star][4m] [C] [marcograss/cve-2014-4323](https://github.com/marcograss/cve-2014-4323) cve-2014-4323 poc
- [**24**Star][6m] [C#] [manlymarco/koikatucheattools](https://github.com/manlymarco/koikatucheattools) Trainer for Koikatu! with inspector for debugging and further cheating
- [**24**Star][4m] [Py] [manhnho/shellsum](https://github.com/manhnho/shellsum) A defense tool - detect web shells in local directories via md5sum
- [**24**Star][15d] [C++] [malwares/malware](https://github.com/malwares/malware) Malware Samples. Uploaded to GitHub for those want to analyse the code.
- [**24**Star][4m] [C] [maikel233/x-hook-for-csgo](https://github.com/maikel233/x-hook-for-csgo) Aimtux for Windows.
- [**24**Star][2y] [PHP] [magento-engcom/php-7.2-support](https://github.com/magento-engcom/php-7.2-support) Repository for implementing support of php-7.2 support in Magento
- [**24**Star][11d] [maaaaz/weblogicpassworddecryptor](https://github.com/maaaaz/weblogicpassworddecryptor) A simple script to decrypt stored passwords from Oracle WebLogic Server configuration files
- [**24**Star][2y] [Py] [m4rktn/jogan](https://github.com/m4rktn/jogan) Pentest Tools & Packages Installer [Linux/Termux]
- [**24**Star][4y] [C] [ltangjian/firewall](https://github.com/ltangjian/firewall) Based on the research of Windows network architecture and the core packet filtering firewall technology, using NDIS intermediate driver, the article achieved the filter of the core layer, and completed the Windows Personal Firewall Design and Implementation.
- [**24**Star][1y] [PHP] [lt/php-cryptopals](https://github.com/lt/php-cryptopals) The Matasano crypto challenges completed using PHP
- [**24**Star][4y] [Py] [lolwaleet/bannergrab](https://github.com/lolwaleet/bannergrab) ~ BannerGrab
- [**24**Star][16d] [C] [logicaltrust/minerva_lib](https://github.com/logicaltrust/minerva_lib) polish fuzzy lop - fuzzer for libraries/APIs/*
- [**24**Star][5m] [Java] [lethalskillzz/android-bluetooth-fingerprint](https://github.com/lethalskillzz/android-bluetooth-fingerprint) Android Bluetooth Fingerprint
- [**24**Star][1y] [C++] [lesmargoulins/margoulineur2000](https://github.com/lesmargoulins/margoulineur2000) NFC
- [**24**Star][1m] [Py] [kx499/ostip](https://github.com/kx499/ostip) 
- [**24**Star][9m] [Dockerfile] [knqyf263/cve-2019-6467](https://github.com/knqyf263/cve-2019-6467) CVE-2019-6467 (BIND nxdomain-redirect)
- [**24**Star][8m] [Zeek] [kinomakino/threat-intelligence-data](https://github.com/kinomakino/threat-intelligence-data) Snort_rules detection bad actors.
- [**24**Star][1y] [Py] [kennell/ftpknocker](https://github.com/kennell/ftpknocker) 
- [**24**Star][2y] [C] [kelvinhack/screencapattack](https://github.com/kelvinhack/screencapattack) 
- [**24**Star][4y] [Py] [karblue/pppoe-hijack](https://github.com/karblue/pppoe-hijack) 伪装PPPoE服务器截取密码
- [**24**Star][14d] [ka0labs/ctf-writeups](https://github.com/ka0labs/ctf-writeups) CTF Writeups
- [**24**Star][6y] [C] [jyang772/hideprocesshookmdl](https://github.com/jyang772/hideprocesshookmdl) A simple rootkit to hide a process
- [**24**Star][2y] [Perl] [jusafing/pnaf](https://github.com/jusafing/pnaf) Passive Network Audit Framework
- [**24**Star][1y] [JS] [nuxt-contrib/ipx](https://github.com/nuxt-contrib/ipx) High performance, secure and easy to use image proxy based on Sharp and libvips.
- [**24**Star][6m] [Py] [jplesperance/redis-sniffer](https://github.com/jplesperance/redis-sniffer) A Redis event sniffer and logging utility.
- [**24**Star][11d] [C++] [jovibor/libpe](https://github.com/jovibor/libpe) Library for tinkering with PE/PE+ binaries.
- [**24**Star][9m] [Py] [jonathansalwan/x-tunnel-opaque-predicates](https://github.com/jonathansalwan/x-tunnel-opaque-predicates) IDA+Triton plugin in order to extract opaque predicates using a Forward-Bounded DSE. Example with X-Tunnel.
- [**24**Star][3y] [Shell] [johntroony/luks-ops](https://github.com/johntroony/luks-ops) A bash script to automate the most basic usage of LUKS volumes in Linux VPS
- [**24**Star][4m] [Py] [joelwking/phantom-cyber](https://github.com/joelwking/phantom-cyber) Phantom Playbook and App repository
- [**24**Star][4m] [Py] [joda32/certcrunchy](https://github.com/joda32/certcrunchy) Just a silly recon tool that uses data from SSL Certificates to find potential host names
- [**24**Star][2y] [PS] [jiangxianli/googlehosttool](https://github.com/jiangxianli/googlehosttool) 一键添加最新google hosts文件到本地hosts文件中，google 翻墙访问工具，适用windows、linux、mac
- [**24**Star][4m] [Py] [jiangsir404/xss-sql-fuzz](https://github.com/jiangsir404/xss-sql-fuzz) burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
- [**24**Star][4m] [Java] [jearyorg/jsp](https://github.com/jearyorg/jsp) 
- [**24**Star][12d] [Py] [jayclassless/tidypy](https://github.com/jayclassless/tidypy) A tool that executes a suite of static analysis tools upon a Python project.
- [**24**Star][7y] [Py] [izuzak/urlreq](https://github.com/izuzak/urlreq) HTTP proxy that decodes a HTTP request defined in the URL and makes that request
- [**24**Star][4m] [JS] [inverseintegral/ctf_writeups](https://github.com/inverseintegral/ctf_writeups) 
- [**24**Star][8m] [JS] [informationshallbefree/spiegel-plus-unlocker-firefox](https://github.com/informationshallbefree/spiegel-plus-unlocker-firefox) A Firefox Addon to decrypt every Spiegel Plus article without paying money.
- [**24**Star][2m] [Py] [immunio/immunio-xss-fuzzer](https://github.com/immunio/immunio-xss-fuzzer) Immunio's XSS Fuzzer tool
- [**24**Star][4m] [Py] [hongfeioo/userdevicetracker](https://github.com/hongfeioo/userdevicetracker) 快速定位一个IP或MAC在你的网络中的位置，是网络工程师提高工作效率的利器，也可以为CMDB提供基础网络数据。
- [**24**Star][4y] [C] [hedgeh/sewindows](https://github.com/hedgeh/sewindows) 在Windows上建立一个开源的强制访问控制框架及SDK。使Windows平台的应用开发者，可以不用关心操作系统底层技术，只用进行简单的SDK调用或配置就可以保护自己的应用程序。
- [**24**Star][13d] [harrytruman/logstash-vmware](https://github.com/harrytruman/logstash-vmware) Logstash configs and filters for parsing ESXi and vSphere 5.1+ messages.
- [**24**Star][1m] [C] [hardenedbsd/secadm](https://github.com/hardenedbsd/secadm) HardenedBSD Security Administration
- [**24**Star][6m] [Shell] [hannob/ctgrab](https://github.com/hannob/ctgrab) 
- [**24**Star][1m] [Kotlin] [hanjoongcho/aaf-easypassword](https://github.com/hanjoongcho/aaf-easypassword) password management application
- [**24**Star][15d] [C] [hackedteam/vector-silent](https://github.com/hackedteam/vector-silent) Silent installer
- [**24**Star][6m] [Ruby] [hackedteam/rcs-backdoor](https://github.com/hackedteam/rcs-backdoor) Backdoor implementation in Ruby (testing)
- [**24**Star][5m] [C] [h3xx/jphs](https://github.com/h3xx/jphs) jphide & seek steganography tools
- [**24**Star][1y] [C] [graykernel/grayfrost](https://github.com/graykernel/grayfrost) C++ DLL Bootstrapper for spinning up the CLR for C# Payloads
- [**24**Star][2m] [Py] [german-namestnikov/unhidens](https://github.com/german-namestnikov/unhidens) Small DNS Recon utility, allows you to obtain some useful info about NS-servers placed behind relays, firewalls, etc.
- [**24**Star][4m] [Jupyter Notebook] [geekonlinecode/malware-machine-learning](https://github.com/geekonlinecode/malware-machine-learning) Malware Machine Learning
- [**24**Star][6m] [Py] [freedomofpress/fingerprint-securedrop](https://github.com/freedomofpress/fingerprint-securedrop) A machine learning data analysis pipeline for analyzing website fingerprinting attacks and defenses.
- [**24**Star][6m] [Py] [foteinosmerg/pymerkle](https://github.com/foteinosmerg/pymerkle) Python crypto toolkit for generation and validation of Merkle-Proofs
- [**24**Star][4y] [C] [fortiguard-lion/anti-dll-hijacking](https://github.com/fortiguard-lion/anti-dll-hijacking) 
- [**24**Star][4y] [Py] [forensicmatt/pancakeviewer](https://github.com/forensicmatt/pancakeviewer) A DFVFS Backed Forensic Viewer
- [**24**Star][11d] [Py] [fluproject/flunym0us](https://github.com/fluproject/flunym0us) Flunym0us is a Vulnerability Scanner for Wordpress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle.
- [**24**Star][4y] [Py] [felmoltor/keepnote_import_nmap](https://github.com/felmoltor/keepnote_import_nmap) Plugin for keepnote to import a XML nmap file
- [**24**Star][2m] [HTML] [fastly/waf_testbed](https://github.com/fastly/waf_testbed) Chef Cookbook which provisions apache+mod_security+owasp-crs
- [**24**Star][4m] [C] [farsightsec/nmsg](https://github.com/farsightsec/nmsg) network message encapsulation library
- [**24**Star][5m] [Py] [farisv/appledos](https://github.com/farisv/appledos) Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)
- [**24**Star][4m] [C++] [fare9/pba_analysis_tools](https://github.com/fare9/pba_analysis_tools) My own versions from the programs of the book "Practical Binary Analysis"
- [**24**Star][3m] [f-secure/elevation-of-privacy](https://github.com/f-secure/elevation-of-privacy) Privacy Cards for Software Developers
- [**24**Star][6y] [exp-sky/hitcon-2014-ie-11-0day-windows-8.1-exploit](https://github.com/exp-sky/hitcon-2014-ie-11-0day-windows-8.1-exploit) HitCon 2014 : IE 11 0day & Windows 8.1 Exploit
- [**24**Star][1m] [evilmog/hashcat-hcstat](https://github.com/evilmog/hashcat-hcstat) A collection of hashcat-hcstat files
- [**24**Star][22d] [JS] [ethanent/sloww](https://github.com/ethanent/sloww) 

    Lightweight Slowloris attack CLI in Node

- [**24**Star][6m] [HTML] [equalitie/banjax](https://github.com/equalitie/banjax) Apache Traffic Server Plugin performing various anti-DDoS measures
- [**24**Star][4m] [JS] [entropystring/javascript](https://github.com/entropystring/javascript) EntropyString for JavaScript
- [**24**Star][6y] [Py] [emergingthreats/fiddler2pcap](https://github.com/emergingthreats/fiddler2pcap) fiddler output to pcap
- [**24**Star][2m] [PHP] [emanuil/php-reaper](https://github.com/emanuil/php-reaper) PHP tool to scan ADOdb code for SQL Injections
- [**24**Star][3y] [PS] [elevenpaths/usbhiddennetworks](https://github.com/elevenpaths/usbhiddennetworks) 
- [**24**Star][4m] [Java] [elechantelepate/bip_hack](https://github.com/elechantelepate/bip_hack) Sample app for hacking the BIP! card on the Santiago Public Transit system.
- [**24**Star][1y] [C++] [edix/malwareresourcescanner](https://github.com/edix/malwareresourcescanner) Scanning and identifying XOR encrypted PE files in PE resources
- [**24**Star][1m] [Go] [e3prom/ruse](https://github.com/e3prom/ruse) a secure and highly-portable reverse proxy (redirector) for your Red Team infrastructure.
- [**24**Star][2y] [C++] [dragonquesthero/kernel-force-delete](https://github.com/dragonquesthero/kernel-force-delete) force delete runing .exe application file.or delete any locked file
- [**24**Star][7y] [Py] [dkovar/ircollect](https://github.com/dkovar/ircollect) ircollect
- [**24**Star][5m] [JS] [devwerks/xss-cheatsheet](https://github.com/devwerks/xss-cheatsheet) XSS Cheatsheet - A collection of XSS attack vectors
- [**24**Star][3y] [Py] [devttys0/idascript](https://github.com/devttys0/idascript) a wrapper around IDA Pro that makes it easy to automate the execution of IDA scripts  against target files from the command line
- [**24**Star][4m] [Ruby] [defcon-russia/metasploit-framework](https://github.com/defcon-russia/metasploit-framework) Metasploit Framework
- [**24**Star][16d] [Py] [david3107/squatm3](https://github.com/david3107/squatm3) Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques
- [**24**Star][2m] [C] [david-reguera-garcia-dreg/phook](https://github.com/david-reguera-garcia-dreg/phook) Full DLL Hooking, phrack 65
- [**24**Star][1m] [Py] [danielhenrymantilla/shellcode-factory](https://github.com/danielhenrymantilla/shellcode-factory) Tool to create and test shellcodes from custom assembly sources (with some encoding options)
- [**24**Star][7m] [C#] [countercept/dotnet-gargoyle](https://github.com/countercept/dotnet-gargoyle) A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
- [**24**Star][4m] [Py] [costa-group/ethir](https://github.com/costa-group/ethir) A framework for high-level Analysis of Ethereum Bytecode
- [**24**Star][8m] [Py] [cosine0/amphitrite](https://github.com/cosine0/amphitrite) Symbolic debugging tool using JonathanSalwan/Triton
- [**24**Star][3y] [Groovy] [continuumsecurity/ropeytasks](https://github.com/continuumsecurity/ropeytasks) Deliberately vulnerable web application
- [**24**Star][3y] [Java] [commonsguy/autofillfollies](https://github.com/commonsguy/autofillfollies) Demonstration of security issues with Android 8.0 autofill
- [**24**Star][2m] [commonexploits/weape](https://github.com/commonexploits/weape) Weape-Wireless-EAP-Extractor
- [**24**Star][1m] [C] [codereba/netmon](https://github.com/codereba/netmon) network filter driver that control network send speed, based on windows tdi framework.
- [**24**Star][23d] [PHP] [codeclimate/codeclimate-phpcodesniffer](https://github.com/codeclimate/codeclimate-phpcodesniffer) Code Climate Engine for PHP Code Sniffer
- [**24**Star][4y] [C] [cngutierr/ersatzpassword](https://github.com/cngutierr/ersatzpassword) 
- [**24**Star][2y] [CSS] [citguru/jobby](https://github.com/citguru/jobby) A Job Listing Web App using NodeJS and Indreed
- [**24**Star][6m] [chrysh/ctf_writeups](https://github.com/chrysh/ctf_writeups) 
- [**24**Star][6m] [Ruby] [chrislee35/flowtag](https://github.com/chrislee35/flowtag) FlowTag visualizes pcap files for forensic analysis
- [**24**Star][5m] [Py] [chengable/safe_code](https://github.com/chengable/safe_code) absolute safe code
- [**24**Star][3m] [C] [celesteblue-dev/ps4-pkg2usb](https://github.com/celesteblue-dev/ps4-pkg2usb) PS4 payload (based on Vortex’s dumper) to dump and run fake PKGs on USB.
- [**24**Star][3m] [JS] [calmh/yardstick](https://github.com/calmh/yardstick) [UNMAINTAINED] Javascript code metrics
- [**24**Star][11m] [Py] [bwesterb/pol](https://github.com/bwesterb/pol) pol /pɵl/ is a modern command line password manager with deniable encryption
- [**24**Star][9m] [Py] [bunseokbot/androtools](https://github.com/bunseokbot/androtools) Android malware static & dynamic analysis and automated action (deprecated)
- [**24**Star][2y] [JS] [bulkan/co-sh](https://github.com/bulkan/co-sh) Using ES6 Proxies & Generators to run shell commands
- [**24**Star][2y] [Py] [buckhacker/subdomaintakeovertools](https://github.com/buckhacker/subdomaintakeovertools) 
- [**24**Star][4m] [Jupyter Notebook] [briansrebrenik/final_project](https://github.com/briansrebrenik/final_project) Using Twitter Ego Network Analysis to Detect Sources of Fake News
- [**24**Star][2m] [Py] [brenns10/pywall](https://github.com/brenns10/pywall) Python firewall.
- [**24**Star][2m] [C#] [brandonprry/vulnerable_xxe](https://github.com/brandonprry/vulnerable_xxe) A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.
- [**24**Star][12m] [Py] [brainsmoke/pub-archive](https://github.com/brainsmoke/pub-archive) 
- [**24**Star][12d] [CSS] [braindead-sec/rogue-captive](https://github.com/braindead-sec/rogue-captive) Rogue Captive Portal for Raspberry Pi
- [**24**Star][1m] [Lua] [bonidjukic/aka](https://github.com/bonidjukic/aka) Simple, single-file-executable command-line tool which lets you define per directory config files as aliases for shell commands.
- [**24**Star][8m] [JS] [aykutcevik/idn-safe](https://github.com/aykutcevik/idn-safe) "IDN Safe" is a browser extension which blocks internationalized domain names to prevent you from visiting probable fake sites
- [**24**Star][9m] [C] [arizvisa/afl-cygwin](https://github.com/arizvisa/afl-cygwin) AFL "mostly" ported to cygwin
- [**24**Star][5m] [Smali] [aress31/sci](https://github.com/aress31/sci) Framework designed to automate the process of assembly code injection (trojanising) within Android applications.
- [**24**Star][2m] [Visual Basic] [appsecco/winmanipulate](https://github.com/appsecco/winmanipulate) A simple tool to manipulate window objects in Windows
- [**24**Star][27d] [CSS] [aozhimin/ios-reverse-engineering-presentation](https://github.com/aozhimin/ios-reverse-engineering-presentation) iOS Reverse Engineering Presentation
- [**24**Star][6m] [C++] [anwi-wips/anwi](https://github.com/anwi-wips/anwi) 新型无线IDS, 基于低成本的Wi-Fi模块(ESP8266)
- [**24**Star][6y] [PS] [anweiss/dockerclientdsc](https://github.com/anweiss/dockerclientdsc) 
- [**24**Star][7m] [Py] [anssi-fr/packetweaver](https://github.com/anssi-fr/packetweaver) A Python framework for script filing and task sequencing
- [**24**Star][2m] [D] [alexa-d/alexa-openwebif](https://github.com/alexa-d/alexa-openwebif) alexa skill to control your openwebif device
- [**24**Star][4y] [JS] [aerospaceresearch/dgsn_bigwhoop](https://github.com/aerospaceresearch/dgsn_bigwhoop) BigWhoop
- [**24**Star][2m] [Go] [adewes/have-i-been-bloomed](https://github.com/adewes/have-i-been-bloomed) A Bloom filter & Golang server for checking passwords against the "Have I Been Pwned 2.0" password database.
- [**24**Star][4m] [Py] [adafruit/adafruit_circuitpython_ble](https://github.com/adafruit/adafruit_circuitpython_ble) Bluetooth Low Energy (BLE) library for CircuitPython
- [**24**Star][2m] [Go] [abrander/agento](https://github.com/abrander/agento) Client/server collecting near realtime metrics from Linux hosts. Uses influxdb as backend.
- [**24**Star][4y] [C] [93aef0ce4dd141ece6f5/packer](https://github.com/93aef0ce4dd141ece6f5/packer) PoC executable packer using resources
- [**24**Star][1m] [Shell] [8gears/keycloak-auth-proxy](https://github.com/8gears/keycloak-auth-proxy) Reverse auth proxy container for OAuth/OpenID Connect
- [**24**Star][8m] [Py] [7dog7/masscan_to_nmap](https://github.com/7dog7/masscan_to_nmap) 基于masscan和nmap的快速端口扫描和指纹识别工具，优化版本(获取标题，页面长度,过滤防火墙)
- [**24**Star][2m] [PHP] [3xp10it/xwebshell](https://github.com/3xp10it/xwebshell) 免杀webshell集合
- [**24**Star][3m] [Py] [3xp10it/exp10it](https://github.com/3xp10it/exp10it) A packege about newtork security
- [**24**Star][2y] [Py] [0xbc/chiasm-shell](https://github.com/0xbc/chiasm-shell) Python-based interactive assembler/disassembler CLI, powered by Keystone/Capstone.
- [**24**Star][2m] [Py] [0x09al/my-exploits](https://github.com/0x09al/my-exploits) My public exploit collection.
- [**23**Star][10m] [Py] [mvantellingen/django-aws-xray](https://github.com/mvantellingen/django-aws-xray) Unofficial Django app for AWS X-Ray
- [**23**Star][15d] [Py] [cocaman/malware-bazaar](https://github.com/cocaman/malware-bazaar) Python scripts for Malware Bazaar
- [**23**Star][11d] [C#] [0xph0enix/njcrypter](https://github.com/0xph0enix/njcrypter) Simple Free Crypter for .NET Trojans like njRAT
- [**23**Star][1m] [Shell] [mykeels/work-dummy](https://github.com/mykeels/work-dummy) Ever needed to faff or pretend to be seriously at work? This repository hosts a powershell script that'd make anyone think you definitely bursting your ass solving problems.
- [**23**Star][19d] [Py] [glamorous-noob/pwn_adventure_3](https://github.com/glamorous-noob/pwn_adventure_3) glamorous_noob attempts to RE pwn_adventure_3
- [**23**Star][1m] [C] [dimitrifourny/cve-2019-6207](https://github.com/dimitrifourny/cve-2019-6207) MacOS kernel memory leak (4 bytes)
- [**23**Star][3m] [Py] [xindongzhuaizhuai/cve-2020-1938](https://github.com/xindongzhuaizhuai/cve-2020-1938) 
- [**23**Star][3m] [laolisafe/cve-2020-1938](https://github.com/laolisafe/cve-2020-1938) CVE-2020-1938漏洞复现
- [**23**Star][12d] [Ruby] [orange-cyberdefense/rabid](https://github.com/orange-cyberdefense/rabid) 
- [**23**Star][7m] [JS] [talkincode/toughproxy](https://github.com/talkincode/toughproxy) ToughProxy 是一个代理服务器， 目标是提供一个综合性的代理服务软件，支持 socks5,socks4, http, https代理协议， 针对 Socks5 提供完善的认证机制，以及提供流量控制策略，访问控制策略。
- [**23**Star][1y] [cazala/minero](https://github.com/cazala/minero) a bunch of APIs mashed together
- [**23**Star][5m] [Shell] [yashvendra/autoxploit](https://github.com/yashvendra/autoxploit) Fast exploitation based on metasploit.
- [**23**Star][4m] [JS] [geut/olaf](https://github.com/geut/olaf) A P2P chat using Dat.
- [**23**Star][1m] [Py] [pcw109550/write-up](https://github.com/pcw109550/write-up) CTF write-ups
- [**23**Star][3y] [HTML] [berpj/serverless-p2p-hosting](https://github.com/berpj/serverless-p2p-hosting) 
- [**23**Star][15d] [Kotlin] [fwcd/kotlin-debug-adapter](https://github.com/fwcd/kotlin-debug-adapter) JVM debugging for Kotlin using the Debug Adapter Protocol
- [**23**Star][16d] [JS] [hyperwell/gateway](https://github.com/hyperwell/gateway) 
- [**23**Star][6m] [Py] [jerbouma/fundamentalanalysis](https://github.com/jerbouma/fundamentalanalysis) This package can scrape financial data from Yahoo Finance for multiple companies at once. This includes the ratios, balance sheets, income statements, cashflows and stock data.
- [**23**Star][6m] [Py] [rarecoil/unwebpack-sourcemap](https://github.com/rarecoil/unwebpack-sourcemap) Extract uncompiled, uncompressed SPA code from Webpack source maps.
- [**23**Star][22d] [Java] [shuaicj/http-proxy-netty](https://github.com/shuaicj/http-proxy-netty) An implementation of http/https proxy server based on Java NIO via Netty.
- [**23**Star][19d] [Rust] [madeindjs/spider](https://github.com/madeindjs/spider) Multithreaded Web spider crawler written in Rust.
- [**23**Star][4m] [Py] [penthertz/lora_craft](https://github.com/penthertz/lora_craft) Some Scapy layers and tools to study LoRa PHY and LoRaWAN
- [**23**Star][4m] [PS] [wavestone-cdt/invoke-cleverspray](https://github.com/wavestone-cdt/invoke-cleverspray) Password Spraying Script detecting current and previous passwords of Active Directory User
- [**23**Star][1m] [C] [kismetwireless/lorcon](https://github.com/kismetwireless/lorcon) LORCON 802.11 Packet Injection Library (Mirror of Kismet repository)
- [**23**Star][4m] [Shell] [m4ll0k/swfpfinder](https://github.com/m4ll0k/swfpfinder) SWFPFinder - SWF Potential Parameters Finder
- [**23**Star][4m] [Py] [tasos-py/search-engines-scraper](https://github.com/tasos-py/search-engines-scraper) Search google, bing, yahoo, and other search engines with python
- [**23**Star][1y] [Java] [shinilms/direct-net-share](https://github.com/shinilms/direct-net-share) share internet via Wifi direct on Android
- [**23**Star][16d] [Py] [jianzhichun/wallstreetcnscrapy](https://github.com/jianzhichun/wallstreetcnscrapy) a crawler for wallstreetcn,finance.sina by Scrapy-新浪财经，同花顺财经，华尔街见闻的爬虫
- [**23**Star][4m] [HTML] [aoii103/anticloudflare](https://github.com/aoii103/anticloudflare) 对抗cloudflare载入页反爬虫防护
- [**23**Star][1m] [Go] [fananchong/cstruct-go](https://github.com/fananchong/cstruct-go) a fast c-style struct packer & unpacker for golang
- [**23**Star][4m] [TS] [generalbots/botserver](https://github.com/generalbots/botserver) Ready for Bot Framework V4 run-with-F5 NPM-friendly repository package based bot factory server which includes support for Excel, an React.js bot web application & several features including Whatsapp, sql-firewall-opener and auto-ngrok.
- [**23**Star][1m] [JS] [thalkod/node-2fa](https://github.com/thalkod/node-2fa) User registration with two factor authentification with node, express, mongodb...
- [**23**Star][4m] [C] [valerio-vaccaro/loracaster](https://github.com/valerio-vaccaro/loracaster) A LoraWan TTN compatible firmware for a cheap ESP32/Lora board.
- [**23**Star][2m] [Py] [picorana/amazon-scraper](https://github.com/picorana/amazon-scraper) amazon-scraper is a command line application to collect reviews and questions/answers from amazon products.
- [**23**Star][2y] [Py] [xfgryujk/taobaoanalysis](https://github.com/xfgryujk/taobaoanalysis) 练习NLP，分析淘宝评论的项目
- [**23**Star][3m] [JS] [crawlkit/crawlkit](https://github.com/crawlkit/crawlkit) A crawler based on Phantom. Allows discovery of dynamic content and supports custom scrapers.
- [**23**Star][11d] [Go] [ejunjsh/goproxy](https://github.com/ejunjsh/goproxy) 
- [**23**Star][2m] [CSS] [mickeyuk/places-scraper](https://github.com/mickeyuk/places-scraper) An example of how to use Google Places and Hunter.io to quickly collate business contact details.
- [**23**Star][12d] [Ruby] [loadkpi/crawler_detect](https://github.com/loadkpi/crawler_detect) Ruby gem to detect bots and crawlers via the user agent
- [**23**Star][1m] [C++] [kashimastro/nnet](https://github.com/kashimastro/nnet) algorithm for study: multi-layer-perceptron, cluster-graph, cnn, rnn, restricted boltzmann machine, bayesian network
- [**23**Star][2m] [Py] [shichaoma/structure_spider](https://github.com/shichaoma/structure_spider) 组合多请求，抓取结构化数据，基于scrapy组件
- [**23**Star][20d] [Java] [asche910/httpproxy](https://github.com/asche910/httpproxy) JAVA实现的IP代理池，支持HTTP与HTTPS两种方式
- [**23**Star][2m] [Shell] [hoffa/fi.sh](https://github.com/hoffa/fi.sh) Third-party Bluetooth PS3 controllers on OS X
- [**23**Star][7m] [Py] [blockchain-etl/ethereum-scraper](https://github.com/blockchain-etl/ethereum-scraper) UNMAINTAINED! Exporter for Ethereum blocks, transactions, ERC20 transfers, contracts, using Scrapy
- [**23**Star][3m] [Shell] [geerlingguy/ansible-role-logstash-forwarder](https://github.com/geerlingguy/ansible-role-logstash-forwarder) DEPRECATED Ansible Role - Logstash Forwarder
- [**23**Star][20d] [C++] [mryndzionek/scanner](https://github.com/mryndzionek/scanner) OpenCV document scanner
- [**23**Star][7m] [ljishen/qemu-arm](https://github.com/ljishen/qemu-arm) Approximation Raspberry Pi Emulator in Docker Container
- [**23**Star][8m] [JS] [aureooms/js-algorithms](https://github.com/aureooms/js-algorithms) 
- [**23**Star][4m] [C++] [ivanfilipov/fmi-dsa](https://github.com/ivanfilipov/fmi-dsa) Some examples druing the DSA (data structures and algorithms) courses given by me (Ivan Filipov) as a teaching assistant @ Faculty of Mathematics and Informatics, Sofia University 2016-2019
- [**23**Star][4m] [JS] [sharadbhat/nodorithm](https://github.com/sharadbhat/nodorithm) NPM package for algorithms.
- [**23**Star][2m] [JS] [perguth/secure-webrtc-swarm](https://github.com/perguth/secure-webrtc-swarm) 
- [**23**Star][2m] [Jupyter Notebook] [serengil/crypto](https://github.com/serengil/crypto) Elliptic Curve Cryptography and Common Public Key Cryptography Implementations
- [**23**Star][21d] [TS] [3mcd/web-udp](https://github.com/3mcd/web-udp) Establish client/server and P2P UDP-like channels in the browser
- [**23**Star][1m] [Py] [rohbotics/pifi](https://github.com/rohbotics/pifi) A headless wifi provisioning system.
- [**23**Star][17d] [Shell] [passwordcockpit/passwordcockpit](https://github.com/passwordcockpit/passwordcockpit) Passwordcockpit is a simple, free, open source, self hosted, web based password manager for teams. It is made in PHP, Javascript, MySQL and it run on a docker service. It allows users with any kind of device to safely store, share and retrieve passwords, certificates, files and much more.
- [**23**Star][2m] [PHP] [insenseanalytics/laravel-user-audit-trails](https://github.com/insenseanalytics/laravel-user-audit-trails) Lightweight Laravel package for user audit trails.
- [**23**Star][16d] [Java] [rashidi/spring-data-envers-audit-entity](https://github.com/rashidi/spring-data-envers-audit-entity) Sample application that demonstrates entity audit with revisions using Spring Data Envers
- [**23**Star][6m] [TS] [ethereum/js-ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) Every cryptographic primitive needed to work on Ethereum, for the browser and Node.js
- [**23**Star][2m] [Jupyter Notebook] [willwang-x/algorithms-with-illustrations](https://github.com/willwang-x/algorithms-with-illustrations) Develop intuition, form the cornerstone, and make a map for algorithms - work in porgress
- [**23**Star][6m] [Py] [mahdavipanah/pynpuzzle](https://github.com/mahdavipanah/pynpuzzle) Solve and test algorithms for N-Puzzle problem with Python
- [**23**Star][16d] [Java] [codingotaku/animu-downloaderu](https://github.com/codingotaku/animu-downloaderu) An anime downloader for all otakus. Animu is Love, Animu is Life
- [**23**Star][1m] [Rust] [urschrei/polylabel-rs](https://github.com/urschrei/polylabel-rs) A Rust implementation of the Polylabel algorithm, with FFI.
- [**23**Star][19d] [C] [nginx-modules/ngx_http_hmac_secure_link_module](https://github.com/nginx-modules/ngx_http_hmac_secure_link_module) Alternative NGINX HMAC Secure Link module with support for OpenSSL hashes
- [**23**Star][6m] [PHP] [pithyone/zhihu-crawler](https://github.com/pithyone/zhihu-crawler) 轻量级知乎爬虫，支持问题、收藏夹和本月最热
- [**23**Star][4m] [lexiie/termux-apktool](https://github.com/lexiie/termux-apktool) Decompile and Recompile android aplication use termux without openjdk installed
- [**23**Star][1m] [JS] [neurosity/ganglion-ble](https://github.com/neurosity/ganglion-ble) Web Bluetooth client for the Ganglion brain-computer interface by OpenBCI
- [**23**Star][2m] [Py] [hackerdom/ructfe-2019](https://github.com/hackerdom/ructfe-2019) RuCTFE 2019. Developed with
- [**23**Star][12d] [JS] [cedx/reverse-proxy.js](https://github.com/cedx/reverse-proxy.js) Personal reverse proxy server supporting WebSockets, implemented in TypeScript.
- [**23**Star][4m] [Go] [kkty/scriproxy](https://github.com/kkty/scriproxy) Easy-to-use dynamic(scriptable) reverse proxy server
- [**23**Star][4m] [Py] [wisepythagoras/website-fingerprinting](https://github.com/wisepythagoras/website-fingerprinting) Deanonymizing Tor or VPN users with website fingerprinting and machine learning.
- [**23**Star][2m] [Go] [danielkvist/beagle](https://github.com/danielkvist/beagle) Beagle is a CLI written in Go to search for an specific username across the Internet.
- [**23**Star][2m] [C] [trusteddomainproject/opendkim](https://github.com/trusteddomainproject/opendkim) 
- [**23**Star][12d] [davidgoldman/asus-p8z68-v-pro-gen3-hackintosh](https://github.com/davidgoldman/asus-p8z68-v-pro-gen3-hackintosh) Hackintosh for ASUS P8Z68-V PRO/GEN3
- [**23**Star][3m] [Py] [manisso/fsociety-nethunter-version](https://github.com/manisso/fsociety-nethunter-version) Fsociety For Android And NetHunter Version
- [**23**Star][1m] [C] [valdikss/openvpn-radiusplugin](https://github.com/valdikss/openvpn-radiusplugin) Radiusplugin with various patches and fixes
- [**23**Star][16d] [Go] [tunz/binch-go](https://github.com/tunz/binch-go) A lightweight command-line ELF binary patch tool written in Go
- [**23**Star][4m] [Py] [epsylon/anontwi](https://github.com/epsylon/anontwi) Anontwi is a tool for OAuth2 applications (such as: GNUSocial, Twitter) that provides different layers of encryption, privacy methods and proxy features.
- [**23**Star][17d] [Java] [wrbug/charles-crack](https://github.com/wrbug/charles-crack) charles破解
- [**23**Star][7m] [C#] [lockfale/dotnetavbypass-master](https://github.com/lockfale/dotnetavbypass-master) C# AV bypass jank
- [**23**Star][1y] [C#] [kjcracks/brake](https://github.com/kjcracks/brake) Remote cracking utility
- [**23**Star][8y] [C#] [sensepost/suru](https://github.com/sensepost/suru) Suru is one of the original Man In The Middle (MITM) proxies that sits between the user's browser and the web application.
- [**23**Star][7m] [Py] [wi-fi-analyzer/boopsuite](https://github.com/wi-fi-analyzer/boopsuite) A Suite of Tools written in Python for wireless auditing and security testing.
- [**23**Star][10m] [Py] [ntkernel/cve-2019-0708](https://github.com/ntkernel/cve-2019-0708) 收集网上CVE-2018-0708的poc和exp(目前没有找到exp)
- [**23**Star][28d] [C++] [armmbed/mbed-os-example-wifi](https://github.com/armmbed/mbed-os-example-wifi) Wi-fi example for mbed OS 5.0
- [**23**Star][8m] [Py] [airbus-seclab/rebus](https://github.com/airbus-seclab/rebus) REbus facilitates the coupling of existing tools that perform specific tasks, where one's output will be used as the input of others.
- [**23**Star][6m] [Py] [andresriancho/django-moth](https://github.com/andresriancho/django-moth) A Django vulnerable Web application for testing the w3af framework
- [**23**Star][11d] [Perl] [openssl/tools](https://github.com/openssl/tools) Tools for OpenSSL committers
- [**23**Star][4m] [Java] [nordicsemiconductor/android-nrf-ble-joiner](https://github.com/nordicsemiconductor/android-nrf-ble-joiner) nRF BLE Joiner is an application that lets you add new IoT nodes to a network based on Bluetooth Smart.
- [**23**Star][2y] [Go] [inconshreveable/shroud](https://github.com/inconshreveable/shroud) [DEPRECATED] Public hidden services
- [**23**Star][2m] [C#] [functionclub/localproxy](https://github.com/functionclub/localproxy) 一键更改系统本地IE代理的小工具
- [**23**Star][5m] [C] [shadowsocks/openssl-android](https://github.com/shadowsocks/openssl-android) A fork of OpenSSL for shadowsocks-android
- [**23**Star][2m] [C] [tmk/infinity_ergodox](https://github.com/tmk/infinity_ergodox) Unofficial keyboard firmware for Input Club's Infinity Ergodox
- [**23**Star][27d] [C++] [awnumar/nixbot](https://github.com/awnumar/nixbot) Lightweight TCP botnet coded in C++
- [**23**Star][15d] [Py] [cert-polska/malduck](https://github.com/cert-polska/malduck) your ducky companion in malware analysis journeys.
- [**23**Star][11d] [JS] [its-a-feature/orchard](https://github.com/its-a-feature/orchard) JavaScript for Automation (JXA) tool to do Active Directory enumeration.
- [**23**Star][11d] [C++] [hrt/csgo](https://github.com/hrt/csgo) A CSGO "base" with aimbot, BSP parsing, bunnyhop, triggerbot, aimassist, no flash and walkbot, glow esp
- [**23**Star][8m] [Go] [tam7t/cautious-pancake](https://github.com/tam7t/cautious-pancake) github generated the repo name for me
- [**23**Star][3m] [Dockerfile] [belane/docker-bloodhound](https://github.com/belane/docker-bloodhound) BloodHound Docker Ready to Use
- [**23**Star][8m] [Go] [zubux/badbucket](https://github.com/zubux/badbucket) badbucket checks your s3 bucket for common misconfigurations
- [**23**Star][2m] [PHP] [safflower/canhackme](https://github.com/safflower/canhackme) CanHackMe - Jeopardy CTF Platform
- [**23**Star][2m] [JS] [keenwon/koa-subdomain](https://github.com/keenwon/koa-subdomain) Simple and lightweight Koa middleware to handle multilevel and wildcard subdomains
- [**23**Star][27d] [Py] [black-security/cyber-security-framework](https://github.com/black-security/cyber-security-framework) The CyberSecurity Framework (CSF for short) is a local Python3 scripting package which aims directly on Cyber Security auditing, where you can execute and create new programs for any purpuse that go under your own responsibility to fit your needs. (You can still use/extend it to fit on any unrelated needs of your own).
- [**23**Star][5m] [C++] [earlephilhower/psychoplug](https://github.com/earlephilhower/psychoplug) ESP8266 power outlet replacement firmware with standalone HTTP scheduler and MQTT integration
- [**23**Star][12d] [jqorz/biquge_crack](https://github.com/jqorz/biquge_crack) 笔趣阁_Android_去广告修改版（免费看小说！无广告！秒开无等待！）反编译学习
- [**23**Star][1m] [bash-c/pin-in-ctf](https://github.com/bash-c/pin-in-ctf) 使用intel pin来求解一部分CTF challenge
- [**23**Star][18d] [Java] [alpheratzteam/obfuscator](https://github.com/alpheratzteam/obfuscator) Java Obfuscator
- [**23**Star][22d] [PS] [steveunderscoren/windowsfirewall](https://github.com/steveunderscoren/windowsfirewall) PowerShell scripts/GUI tools for the enterprise to harden Windows Defender Firewall via group policy (GPO). These can be used together with privileged access workstations (PAW) to enforce network level application whitelisting and strengthen the security posture of devices.
- [**23**Star][8m] [Py] [vnik5287/wpa-autopwn](https://github.com/vnik5287/wpa-autopwn) WPA/WPA2 autopwn script that parses captured handshakes and sends them to the Crackq
- [**23**Star][1m] [tacticthreat/oracle-pentesting-reference](https://github.com/tacticthreat/Oracle-Pentesting-Reference) Oracle Database Penetration Testing Reference (10g/11g)
- [**23**Star][29d] [Py] [mzollin/qr-pirate](https://github.com/mzollin/qr-pirate) crawl QR-codes from search engines and look for bitcoin private keys
- [**23**Star][2m] [Shell] [lotto24/aws-ecr-http-proxy](https://github.com/Lotto24/aws-ecr-http-proxy) A nginx based pull/push through proxy for AWS ECR with support of cache and token refresh.
- [**23**Star][13d] [PHP] [coenjacobs/wp-haveibeenpwned](https://github.com/coenjacobs/wp-haveibeenpwned) Checks if the password for each WordPress user account has been compromised via haveibeenpwned.com
- [**23**Star][6m] [C++] [legendl3n/smarthooker](https://github.com/legendl3n/smarthooker) The smartest hooking library.
- [**23**Star][2y] [C++] [othernet-project/dreamcatcher-packet-tester](https://github.com/Othernet-Project/Dreamcatcher-Packet-Tester) 
- [**23**Star][12d] [Py] [clairmont32/virustotal-tools](https://github.com/clairmont32/VirusTotal-Tools) Submits multiple domains to VirusTotal API
- [**23**Star][7m] [C++] [vtsingaras/qcom-mbn-ida-loader](https://github.com/vtsingaras/qcom-mbn-ida-loader) IDA loader plugin for Qualcomm Bootloader Stages
- [**23**Star][4m] [C] [sin5678/icmp_shell](https://github.com/sin5678/icmp_shell) shell over icmp
- [**23**Star][25d] [TSQL] [aws-samples/aws-redshift-spectrum-poc](https://github.com/aws-samples/aws-redshift-spectrum-poc) Cloudformation and SQL scripts used to replicate a POC environment from the "Data Lake to Data Warehouse: Enhancing Customer 360 with Amazon Redshift Spectrum" post
- [**23**Star][3y] [Py] [znb/elastic-elephant](https://github.com/znb/elastic-elephant) Fun with Amazon AWS and Maltego
- [**23**Star][5m] [C++] [zhongyang219/simplenotepad](https://github.com/zhongyang219/simplenotepad) 这是一个可以代替Windows记事本的软件，除了包含记事本原有的功能外，还有编码格式转换、十六进制查看编辑、文件二进制比较、编码批量转换的功能。
- [**23**Star][5y] [Assembly] [zerosum0x0/slae64](https://github.com/zerosum0x0/slae64) x64 Linux Shellcode
- [**23**Star][9d] [C#] [zerokilo/pdbdumpwv](https://github.com/zerokilo/pdbdumpwv) PDB Dumping Tool
- [**23**Star][2m] [Vue] [xinali/penework](https://github.com/xinali/penework) Penetration Test Framwork
- [**23**Star][3y] [CSS] [xeushack/fake-login-page](https://github.com/xeushack/fake-login-page) A fake login page for use in a phishing attack
- [**23**Star][1y] [Dockerfile] [xavitorello/kali-full-docker](https://github.com/xavitorello/kali-full-docker) A ready to work Kali Linux full metapackage Docker container
- [**23**Star][2y] [Py] [whitel1st/gp_hijack](https://github.com/whitel1st/gp_hijack) Group Policy Hijacking
- [**23**Star][3y] [Py] [whaleshark-team/chromeheadlessinterface](https://github.com/whaleshark-team/chromeheadlessinterface) 
- [**23**Star][1y] [PHP] [weaverheavy/threat-intelligence-tradecraft](https://github.com/weaverheavy/threat-intelligence-tradecraft) 
- [**23**Star][6m] [C] [wanttobeno/wmifilter](https://github.com/wanttobeno/wmifilter) 驱动层拦截web访问源码
- [**23**Star][1y] [C++] [wanttobeno/screenshot](https://github.com/wanttobeno/screenshot) 仿QQ截图，C++实现的截图软件Demo
- [**23**Star][4m] [wangray/windbg-for-gdb-users](https://github.com/wangray/windbg-for-gdb-users) "Pwntools does not support Windows. Use a real OS ;)" — Zach Riggle, 2015
- [**23**Star][8m] [Perl] [vti/cpan-audit](https://github.com/vti/cpan-audit) Check CPAN modules for known security vulnerabilities
- [**23**Star][1y] [JS] [veggiedefender/marveloptics_malware](https://github.com/veggiedefender/marveloptics_malware) Deobfuscated + reverse engineered javascript malware
- [**23**Star][3y] [Java] [vah13/burpcrlfplugin](https://github.com/vah13/burpcrlfplugin) Another plugin for CRLF vulnerability detection
- [**23**Star][21d] [ufrisk/presentations](https://github.com/ufrisk/presentations) Conference Presentations
- [**23**Star][9m] [Py] [tylabs/quicksand_tools](https://github.com/tylabs/quicksand_tools) API access to QuickSand.io
- [**23**Star][1m] [Go] [txn2/n2proxy](https://github.com/txn2/n2proxy) Contraband filtering reverse proxy for plain http and SSL.
- [**23**Star][3m] [akando42/awesome-pen-test](https://github.com/akando42/Awesome-Pen-Test) Experiment with penetration testing Guides and Tools for WordPress, iOS, MacOS, Wifi and Car
- [**23**Star][19d] [Py] [tromey/gdb-helpers](https://github.com/tromey/gdb-helpers) GDB helper scripts
- [**23**Star][1y] [C++] [trojancyborg/ida_jni_rename](https://github.com/trojancyborg/ida_jni_rename) IDA JNI clal rename
- [**23**Star][1y] [C++] [trailofbits/clang-tidy-audit](https://github.com/trailofbits/clang-tidy-audit) Rewrite C/C++/Obj-C to Annotate Points of Interest
- [**23**Star][6m] [Py] [tomrittervg/ct-tools](https://github.com/tomrittervg/ct-tools) Random tools to perform Certificate Transparency-related stuff
- [**23**Star][2y] [C#] [thomdixon/saltwatertaffy](https://github.com/thomdixon/saltwatertaffy) An nmap wrapper library for .NET
- [**23**Star][4m] [C] [thinkycx/cve-2017-8890](https://github.com/thinkycx/cve-2017-8890) 
- [**23**Star][2m] [Py] [the-c0d3r/pynmap](https://github.com/the-c0d3r/pynmap) A serious attempt to implement multi-threading to nmap module, which would result in faster scanning speed. I know that one can write NSE scripts for multi-threaded scanning with it, but I wanted to try it on python.
- [**23**Star][1m] [Lua] [teran/deduplicator](https://github.com/teran/deduplicator) Lightroom plug-in to deduplicate images based on perceptual hash algorithms
- [**23**Star][5m] [Java] [techguy-bhushan/xssrequestfilters](https://github.com/techguy-bhushan/xssrequestfilters) Light weight library for Filter the Cross-site scripting in request For Spring Framwork / Spring-Boot, logic can be use for servlet based(without using spring framework) application
- [**23**Star][6m] [JS] [team-copper/captar](https://github.com/team-copper/captar) Augmented Reality Geolocation Capture-the-Flag Mobile Game Capstone Project
- [**23**Star][4m] [HTML] [tarafans/collections](https://github.com/tarafans/collections) A medley of PoCs and exploits
- [**23**Star][2m] [Py] [syworks/wifi-harvester](https://github.com/syworks/wifi-harvester) For collecting probed SSID name by wireless devices, Access point detail and connected clients.
- [**23**Star][1y] [XSLT] [stixproject/stix-to-html](https://github.com/stixproject/stix-to-html) Convert STIX XML to HTML
- [**23**Star][4m] [C#] [stephenhaunts/safepad](https://github.com/stephenhaunts/safepad) SafePad : Encrypted Text Editor. This text editor uses very strong encryption to let you protect your secrets. Great for storing passwords, credit card details or any else that you want to keep safe.
- [**23**Star][3y] [Py] [skiddietech/hidaaf](https://github.com/skiddietech/hidaaf) Python - Human Interface Device Android Attack Framework
- [**23**Star][3m] [Py] [sinkmanu/cookiescanner](https://github.com/sinkmanu/cookiescanner) Tool for check the cookie flag in multiple sites
- [**23**Star][22d] [Java] [silentsignal/burp-json-jtree](https://github.com/silentsignal/burp-json-jtree) JSON JTree viewer for Burp Suite
- [**23**Star][3m] [shieldfy/awesome-pentest](https://github.com/shieldfy/awesome-pentest) A collection of awesome penetration testing resources, tools and other shiny things
- [**23**Star][4m] [Go] [shakenetwork/onionscan](https://github.com/shakenetwork/onionscan) OnionScan暗网爬虫是一个免费的开源工具，用于调查黑网。 OnionScan is a free and open source tool for investigating the Dark Web
- [**23**Star][5y] [Py] [shadowsocksfork/shadowsocksfork](https://github.com/shadowsocksfork/shadowsocksfork) A fork of shadowsocks 2.8.2
- [**23**Star][4y] [C++] [sensepost/misc-windows-hacking](https://github.com/sensepost/misc-windows-hacking) Miscellaneous projects related to attacking Windows.
- [**23**Star][2m] [HTML] [secwiki/wooyun_articles](https://github.com/secwiki/wooyun_articles) drops.wooyun.org 乌云Drops文章备份
- [**23**Star][4m] [PHP] [secwiki/webshell](https://github.com/secwiki/webshell) This is a webshell open source project
- [**23**Star][1m] [Py] [securitymb/burp-exceptions](https://github.com/securitymb/burp-exceptions) Simple trick to increase readability of exceptions raised by Burp extensions written in Python
- [**23**Star][19d] [C] [scotpaul/keylog](https://github.com/scotpaul/keylog) A simple C keylogger for Linux
- [**23**Star][4m] [Shell] [samsesh/socialbox-termux](https://github.com/samsesh/socialbox-termux) 
- [**23**Star][12d] [Shell] [salimhaddou/snmp0wn-md5](https://github.com/salimhaddou/snmp0wn-md5) Bash script to bruteforce snmpv3 authentication passwords using MD5 (usmHMACMD5AuthProtocol)
- [**23**Star][4m] [C] [safecrypto/libsafecrypto](https://github.com/safecrypto/libsafecrypto) WP6 of the SAFEcrypto project - a suite of lattice-based cryptographic schemes
- [**23**Star][2m] [PS] [sadprocessor/handsonbloodhound](https://github.com/sadprocessor/handsonbloodhound) Material for the "Hands-On BloodHound" Workshop
- [**23**Star][2y] [Py] [s3xy/cve-2017-10271](https://github.com/s3xy/cve-2017-10271) Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful …
- [**23**Star][10m] [JS] [rwestergren/simple-hash-xss](https://github.com/rwestergren/simple-hash-xss) 
- [**23**Star][3m] [Py] [russianotter/networking](https://github.com/russianotter/networking) All My Main Networking Programs
- [**23**Star][7m] [JS] [roemhildtg/spectre-canjs](https://github.com/roemhildtg/spectre-canjs) A data administration component library built on the Spectre.css framework enabled with CanJS
- [**23**Star][7m] [Go] [releasel0ck/blind-sql-injector](https://github.com/releasel0ck/blind-sql-injector) 手工盲注辅助注入工具
- [**23**Star][2m] [Py] [reflare/afl-monitor](https://github.com/reflare/afl-monitor) A monitoring script for AFL
- [**23**Star][5m] [C] [rednixon/stegdetect](https://github.com/rednixon/stegdetect) Stegdetect is an automated tool for detecting steganographic content in images.
- [**23**Star][1y] [C] [rednaga/keystore-shim](https://github.com/rednaga/keystore-shim) Shim to grab keystore backed data
- [**23**Star][2m] [random-robbie/metadata-one-liners](https://github.com/random-robbie/metadata-one-liners) retrive metadata endpoint data with these one liners.
- [**23**Star][3y] [C] [raminfp/linux-4.8.0-netfilter_icmp](https://github.com/raminfp/linux-4.8.0-netfilter_icmp) Anatomy of a linux kernel development
- [**23**Star][5m] [C] [rakion99/axon](https://github.com/rakion99/axon) Unrestricted Lua Execution
- [**23**Star][4m] [PS] [raikia/get-reconinfo](https://github.com/raikia/get-reconinfo) A powershell script that prints a lot of IP and connection info to the screen
- [**23**Star][3m] [Dockerfile] [raesene/dockerized-security-tools](https://github.com/raesene/dockerized-security-tools) Dockerfiles for security tools
- [**23**Star][7m] [PHP] [r0nen/ctf](https://github.com/r0nen/ctf) CTF Writeups
- [**23**Star][1y] [proteas/afl-swift](https://github.com/proteas/afl-swift) use afl to fuzz swift program
- [**23**Star][1y] [Py] [privcount/privcount](https://github.com/privcount/privcount) Privacy-preserving Tor statistics aggregation tool that implements the secret-sharing variant of the PrivEx algorithm.
- [**23**Star][16d] [Shell] [pratiktri/server_init_harden](https://github.com/pratiktri/server_init_harden) Server hardening on 1st login as "root"
- [**23**Star][1y] [Py] [pielco11/t2b-framework](https://github.com/pielco11/t2b-framework) Cross-Platform Post Exploitation Toolkit
- [**23**Star][1y] [PHP] [phpgangsta/animatedcaptcha](https://github.com/phpgangsta/animatedcaptcha) This PHP class makes it easy to create animated GIFs, especially CAPTCHAs
- [**23**Star][2m] [Shell] [peterpt/pipe_finder](https://github.com/peterpt/pipe_finder) Automated script to search in SMB protocol for availables pipe names
- [**23**Star][2y] [C++] [penoxcn/sshweakpasswordaudit](https://github.com/penoxcn/sshweakpasswordaudit) a small tool for auditting weak ssh password
- [**23**Star][4m] [Shell] [payloadsecurity/vxcommunity](https://github.com/payloadsecurity/vxcommunity) This repository contains free Hybrid Analysis contributions to the IT-Security community
- [**23**Star][2m] [C] [paul-tew/lifer](https://github.com/paul-tew/lifer) Windows link file forensic examiner
- [**23**Star][6m] [Py] [paloaltonetworks/autofocus-lenz](https://github.com/paloaltonetworks/autofocus-lenz) A command line utility to aid in using autofocus for IR and research
- [**23**Star][2y] [Assembly] [osandamalith/pesecinfo](https://github.com/osandamalith/pesecinfo) A simple tool to view important DLL Characteristics and change DEP and ASLR
- [**23**Star][5m] [Shell] [openshift/must-gather](https://github.com/openshift/must-gather) A client tool for gathering information about an operator managed component.
- [**23**Star][10m] [C] [openjailbreak/absinthe](https://github.com/openjailbreak/absinthe) Absinthe Jailbreak. Most recent version I've maintained. Help split this up into reusable modules for future userland jailbreaks. This is archived for future generations
- [**23**Star][19d] [Py] [oasis-open/cti-stix-validator](https://github.com/oasis-open/cti-stix-validator) OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices
- [**23**Star][7y] [Ruby] [nuke99/sqlnuke](https://github.com/nuke99/sqlnuke) SQLNuke | Fast Performing MYSQL Injection load_file() Fuzzer
- [**23**Star][1m] [Py] [nirizr/idasix](https://github.com/nirizr/idasix) IDAPython compatibility library. idasix aims to create a smooth ida development process and allow a single codebase to function with multiple IDA/IDAPython versions
- [**23**Star][3m] [Py] [nightwatchcybersecurity/airflowscan](https://github.com/nightwatchcybersecurity/airflowscan) Checklist and tools for increasing security of Apache Airflow
- [**23**Star][13d] [Shell] [nicholasadamou/minipwner](https://github.com/nicholasadamou/minipwner) A script to configure a TP-Link MR3040 running OpenWRT into a simple, yet powerful penetration-testing "dropbox".
- [**23**Star][6m] [C] [neutrinolabs/neutrinordp](https://github.com/neutrinolabs/neutrinordp) This is a fork of FreeRDP 1.0.1
- [**23**Star][18d] [Py] [neurobin/letsacme](https://github.com/neurobin/letsacme) A tiny script to issue and renew TLS/SSL certificate from Let's Encrypt
- [**23**Star][4m] [PS] [netspi/sqlc2](https://github.com/netspi/sqlc2) SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent.
- [**23**Star][2m] [C#] [nccgroup/change-lockscreen](https://github.com/nccgroup/change-lockscreen) Offensive tool to trigger network authentications as SYSTEM
- [**23**Star][7y] [Py] [nccgroup/cecster](https://github.com/nccgroup/cecster) A GUI-based tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols
- [**23**Star][1y] [C] [nardholio/cve-2016-0728](https://github.com/nardholio/cve-2016-0728) 
- [**23**Star][7m] [Pascal] [nannib/imm2virtual](https://github.com/nannib/imm2virtual) This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
- [**23**Star][20d] [Py] [nabla-c0d3/nassl](https://github.com/nabla-c0d3/nassl) Experimental OpenSSL wrapper for Python 3.7+ and SSLyze.
- [**23**Star][11d] [C++] [mullvad/libwfp](https://github.com/mullvad/libwfp) C++ library for interacting with the Windows Filtering Platform (WFP)
- [**23**Star][2y] [Java] [mtxiaowangzi/java-ee-vulnweb](https://github.com/mtxiaowangzi/java-ee-vulnweb) 用于演示Java Web项目中，漏洞的成因及修复方案，可用于黑盒测试和白盒测试，部分修复方案可用于生产环境。
- [**23**Star][4m] [Shell] [msimerson/mail-toaster-6](https://github.com/msimerson/mail-toaster-6) Mail Toaster 6
- [**23**Star][23d] [Py] [mpicard/pyvas](https://github.com/mpicard/pyvas) OpenVAS Management Protocol Client for Python
- [**23**Star][3y] [HTML] [mortenschenk/bypassing_cfg_seh](https://github.com/mortenschenk/bypassing_cfg_seh) Using SEH to bypass CFG
- [**23**Star][9m] [C] [moccajoghurt/drvmap_secure](https://github.com/moccajoghurt/drvmap_secure) 
- [**23**Star][1m] [Go] [mikkolehtisalo/gssapi-proxy](https://github.com/mikkolehtisalo/gssapi-proxy) GSSAPI/Kerberos proxy
- [**23**Star][3m] [PHP] [middlewares/payload](https://github.com/middlewares/payload) PSR-15 middleware to parse the body of the request with support for json, csv and url-encode
- [**23**Star][6y] [C++] [michael4338/ndis](https://github.com/michael4338/ndis) Windows Kernel Driver - Create a driver device in intermediate layer of Windows kernel based on NDIS, which communicates with and connect upper layer (user mode applications) and lower layer (miniport driver/network card). Create self-defined protocols for transmitting data and control communications by simulating very simple HTTP, TCP and ARP p…
- [**23**Star][10m] [C++] [mbrengel/memscrimper](https://github.com/mbrengel/memscrimper) Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
- [**23**Star][4y] [C++] [matviy/leaguereplayhook](https://github.com/matviy/leaguereplayhook) Library for interacting with the League of Legends Spectator/Replay Client
- [**23**Star][14d] [Py] [matricali/brutekrag](https://github.com/matricali/brutekrag) Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.
- [**23**Star][6m] [Py] [markusteufelberger/afl-ddmin-mod](https://github.com/markusteufelberger/afl-ddmin-mod) Test case minimizer for afl-fuzz
- [**23**Star][17d] [Py] [marcolivierbouch/dirbpy](https://github.com/marcolivierbouch/dirbpy) This is the new version of dirb in python
- [**23**Star][11m] [PHP] [lxj616/dvwa-wooyun](https://github.com/lxj616/dvwa-wooyun) It is a DVWA with some plugins based on real wooyun bug reports
- [**23**Star][4m] [Py] [lockgit/py](https://github.com/lockgit/py) rsa,base64,ac,kmp,svm,knn,mitm,hash table...
- [**23**Star][1m] [liucan01/cve-list-pro](https://github.com/liucan01/cve-list-pro) 
- [**23**Star][4m] [littlecdev/jk29lp-httpdump](https://github.com/littlecdev/jk29lp-httpdump) HTTP-Dump of the configuration of a JK29LP Amazon Dash button
- [**23**Star][8y] [C] [liblit/murphy](https://github.com/liblit/murphy) language-agnostic tool that helps developers discover and isolate run-time failures in their programs by simulating difficult-to-reproduce but completely-legitimate interactions between the application and the kernel
- [**23**Star][5y] [C++] [liamkarlmitchell/signaturescanner](https://github.com/liamkarlmitchell/signaturescanner) I wanted a nicer signature scanner that worked the way I wanted. Include however you want in your own DLL project.
- [**23**Star][7m] [Go] [leoid/mysql-injection-exfiltration-optimization](https://github.com/leoid/mysql-injection-exfiltration-optimization) MySQL Injection Exfoliation Optimization
- [**23**Star][4y] [C#] [leechristensen/offensivepowershelltasking](https://github.com/leechristensen/offensivepowershelltasking) Run multiple PowerShell scripts concurrently in different app domains!
- [**23**Star][7y] [Py] [lbragues/pasteminer](https://github.com/lbragues/pasteminer) Find useful stuff in pastebin
- [**23**Star][9m] [Py] [laudarch/shellsploit](https://github.com/laudarch/shellsploit) Mutation Of Vıruses
- [**23**Star][2m] [Shell] [lamableu/morfeus_gui](https://github.com/lamableu/morfeus_gui) control your moRFeus device from your Linux-computer or Raspberry Pi
- [**23**Star][3y] [C++] [kuqadk3/winrarer-ransomware](https://github.com/kuqadk3/winrarer-ransomware) Winrar Ransomware
- [**23**Star][17d] [Py] [kres0345/katoolin4termux](https://github.com/kres0345/katoolin4termux) Termux support for katoolin
- [**23**Star][7m] [JS] [kolanich/cleanunwantedupdates](https://github.com/kolanich/cleanunwantedupdates) A set of scripts to detect updates of Microsoft (TM) Windows (TM) OS which harm users' privacy and uninstall them
- [**23**Star][1m] [C++] [kokkos/kokkos-tools](https://github.com/kokkos/kokkos-tools) Kokkos C++ Performance Portability Programming EcoSystem: Profiling and Debugging Tools
- [**23**Star][2m] [Erlang] [klarna/kastle](https://github.com/klarna/kastle) Kafka REST proxy
- [**23**Star][2m] [PHP] [k1p0d/zeus_reports_len](https://github.com/k1p0d/zeus_reports_len) Remote timing attack exploit against most Zeus/Zbot variants including Citadel, Ice9, Zeus 2.3, KINS/ZeusVM etc..
- [**23**Star][9m] [Shell] [josefkarasek/docker101](https://github.com/josefkarasek/docker101) Docker for absolute beginners. Learn how to get and run Docker containers. Created for the Brno Docker meetup group.
- [**23**Star][15d] [C++] [jnastarot/shibari](https://github.com/jnastarot/shibari) Library for linking multiple PE\PE + files to one
- [**23**Star][3m] [Go] [jgrahamc/torexit](https://github.com/jgrahamc/torexit) Small program to read lists of Tor exit nodes and draw picture showing when they join/leave list
- [**23**Star][12m] [PHP] [jgamblin/nmap-for-slack](https://github.com/jgamblin/nmap-for-slack) Custom slash command to do a basic nmap scan from within Slack
- [**23**Star][9m] [Pony] [jemc/pony-sodium](https://github.com/jemc/pony-sodium) Safe Pony FFI wrapper for the libsodium cryptography library.
- [**23**Star][11m] [Java] [jelmerro/f2utility](https://github.com/jelmerro/f2utility) An easy and effective batch file rename tool
- [**23**Star][5m] [C++] [jandre/brosquery](https://github.com/jandre/brosquery) module for osquery to load Bro logs into tables
- [**23**Star][2m] [JS] [jamesacampbell/elector](https://github.com/jamesacampbell/elector) TOR BROWSER IN ELECTRON
- [**23**Star][5m] [Java] [jackuhan/loginhook](https://github.com/jackuhan/loginhook) xposed的hook案例
- [**23**Star][2y] [C] [ioactive/kmdf_re](https://github.com/ioactive/kmdf_re) Helper idapython code for reversing kmdf drivers
- [**23**Star][2m] [Go] [integrii/wormhole](https://github.com/integrii/wormhole) 
- [**23**Star][3y] [C++] [insomnihack/teaser-2017](https://github.com/insomnihack/teaser-2017) 
- [**23**Star][5y] [Ruby] [insomnihack/insomnihack-2015](https://github.com/insomnihack/insomnihack-2015) Repository for Insomni'hack finals 2015
- [**23**Star][8m] [infosecsmith/mimikatzlite](https://github.com/infosecsmith/mimikatzlite) Minimal MimiKatz One Executable... All credits to Benjamin Delpy
- [**23**Star][1y] [Go] [impasse/google_proxy_by_golang](https://github.com/impasse/google_proxy_by_golang) A google proxy written by golang
- [**23**Star][2y] [C] [ieeeicsg/ieee_taggant_system](https://github.com/ieeeicsg/ieee_taggant_system) Taggant System developed by the Malware Working Group of ICSG (Industry Connections Security Group) under the umbrella of IEEE
- [**23**Star][7m] [Java] [realbearcat/jackson-cve-2017-17485](https://github.com/RealBearcat/Jackson-CVE-2017-17485) Jackson 反序列化
- [**23**Star][5m] [C] [iagox86/ctfworkshop-2017](https://github.com/iagox86/ctfworkshop-2017) 
- [**23**Star][4y] [KiCad] [hwstar/esp12-appliance_mod](https://github.com/hwstar/esp12-appliance_mod) Hardware implementation for the esp8266-MQTT-io-node firmware
- [**23**Star][6m] [Py] [hpd0ger/supertags](https://github.com/hpd0ger/supertags) 一个Burpsuite插件，用于检测隐藏的XSS
- [**23**Star][1y] [Py] [howmp/comfinder](https://github.com/howmp/comfinder) IDA plugin for COM
- [**23**Star][4m] [Py] [horusteknoloji/tr-phishinglist](https://github.com/horusteknoloji/tr-phishinglist) Türkiye'ye Yönelik Zararlı Bağlantı Erişim Engelleme Listesi
- [**23**Star][22d] [JS] [horpto/nodecap2](https://github.com/horpto/nodecap2) ICAP server framework for node.js - create custom HTTP proxy filters for Squid, etc.
- [**23**Star][2m] [C] [hnes/frdev](https://github.com/hnes/frdev) A high efficient ip black/white list firewall (work as a linux kernel module)
- [**23**Star][5m] [C] [hfiref0x/bsodscreen](https://github.com/hfiref0x/bsodscreen) BSOD Screensaver
- [**23**Star][1m] [JS] [hash1da1/gotanda](https://github.com/hash1da1/gotanda) Gotanda is browser Web Extension for OSINT.
- [**23**Star][4m] [Py] [harris21/afot](https://github.com/harris21/afot) Automation Forensics Tool for Windows
- [**23**Star][1y] [C] [guidovranken/openssl-x509-vulnerabilities](https://github.com/guidovranken/openssl-x509-vulnerabilities) 
- [**23**Star][3m] [Java] [guardianproject/jtorctl](https://github.com/guardianproject/jtorctl) deprecated fork of Java Tor Control Library
- [**23**Star][4m] [Py] [grosquildu/cryptoattacks](https://github.com/grosquildu/cryptoattacks) Implementation of attacks on cryptosystems
- [**23**Star][2y] [PHP] [graniet/physics-command](https://github.com/graniet/physics-command) 硬件系统分析平台(例如:树莓派3B)
- [**23**Star][1m] [Py] [gosecure/gophish-cli](https://github.com/gosecure/gophish-cli) Gophish Python cli to perform huge phishing campaigns
- [**23**Star][6m] [JS] [gnuhpc/kibana-multitenant-proxy](https://github.com/gnuhpc/kibana-multitenant-proxy) A proxy behind nginx while before kibana (4.x, 5.x) to provide data isolation for different users
- [**23**Star][1y] [BitBake] [ghsec/bbprofiles](https://github.com/ghsec/bbprofiles) a extension of Burp Suite that improve an active and passive scanner by yourself
- [**23**Star][4m] [Py] [gh0x0st/buffer_overflow](https://github.com/gh0x0st/buffer_overflow) Don't let buffer overflows overflow your mind
- [**23**Star][24d] [geerlingguy/ansible-role-clamav](https://github.com/geerlingguy/ansible-role-clamav) Ansible Role - ClamAV.
- [**23**Star][2y] [ActionScript] [ga1ois/recon-2018-montreal](https://github.com/ga1ois/recon-2018-montreal) 
- [**23**Star][3m] [Shell] [funilrys/funceble](https://github.com/funilrys/funceble) [ARCHIVED] Please report to
- [**23**Star][1y] [TS] [fugazi-io/webclient](https://github.com/fugazi-io/webclient) web based terminal application for executing local and remote commands
- [**23**Star][2y] [Py] [fjh658/hexrayspytools](https://github.com/fjh658/hexrayspytools) Ida Pro plugin
- [**23**Star][6y] [Py] [feliam/cve-2013-2729](https://github.com/feliam/cve-2013-2729) 
- [**23**Star][5m] [Shell] [fajartheggman/f-tools](https://github.com/fajartheggman/f-tools) Toolkit Hacking
- [**23**Star][5m] [Py] [f0re1gners/ejudge](https://github.com/f0re1gners/ejudge) EOJ 评测核心 沙箱接口
- [**23**Star][1y] [Go] [extremecoders-re/go-dispatch-proxy](https://github.com/extremecoders-re/go-dispatch-proxy) SOCKS5 load balancing proxy developed in Go, combines multiple internet connections
- [**23**Star][9m] [C++] [ewhitehats/kovtertools](https://github.com/ewhitehats/kovtertools) 
- [**23**Star][13d] [Py] [everping/substack](https://github.com/everping/substack) Sub-domains enumeration framework
- [**23**Star][2y] [HTML] [etherpot/contract](https://github.com/etherpot/contract) 
- [**23**Star][4m] [Java] [ernw/burpsuite-extensions](https://github.com/ernw/burpsuite-extensions) A collection of Burp Suite extensions
- [**23**Star][21d] [Java] [ericsson/ecaudit](https://github.com/ericsson/ecaudit) Ericsson Audit plug-in for Apache Cassandra
- [**23**Star][1m] [C#] [elgesl/keepass-mswifiimport](https://github.com/elgesl/keepass-mswifiimport) A plugin for KeePass 2 which allows to import the wifi profiles saved in Windows.
- [**23**Star][6m] [Py] [elespike/burp-cph](https://github.com/elespike/burp-cph) Custom Parameter Handler extension for Burp Suite.
- [**23**Star][4m] [Py] [ekiojp/dfex](https://github.com/ekiojp/dfex) DNS File EXfiltration
- [**23**Star][2m] [Py] [ehabhussein/ollydbg-binary-execution-visualizer](https://github.com/ehabhussein/ollydbg-binary-execution-visualizer) reverse engineering, visual binary analysis
- [**23**Star][2m] [C] [e3prom/bst](https://github.com/e3prom/bst) Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs.
- [**23**Star][11m] [Java] [distrinet/xsr-framework](https://github.com/distrinet/xsr-framework) A framework for automatic testing of third-party request and cookie policy implementations
- [**23**Star][2m] [JS] [digitarald/make-fxos-install](https://github.com/digitarald/make-fxos-install) Command-line tools to install packaged and hosted apps using the Firefox OS remote debugging protocols.
- [**23**Star][1y] [Ruby] [dev-sec/chef-mysql-hardening](https://github.com/dev-sec/chef-mysql-hardening) This chef cookbook provides security configuration for mysql.
- [**23**Star][10m] [Ruby] [dev-sec/chef-apache-hardening](https://github.com/dev-sec/chef-apache-hardening) 
- [**23**Star][9m] [Vue] [deturium/school-bus](https://github.com/deturium/school-bus) 浙江大学AAA战队开放 CTF 练习平台新前端
- [**23**Star][2y] [c++] [dax89/r2gui](https://github.com/dax89/r2gui) Unofficial Qt5 frontend for Radare2
- [**23**Star][2y] [Py] [dariosharp/szpy](https://github.com/dariosharp/szpy) Z3 Symbolic Execution python
- [**23**Star][4y] [Py] [d4vinci/anti_killer](https://github.com/d4vinci/anti_killer) Kill Any Antivirus Using Python For Windows Users .
- [**23**Star][3m] [Py] [d4rkcat/stackflow](https://github.com/d4rkcat/stackflow) Universal stack-based buffer overfow exploitation tool
- [**23**Star][2m] [C++] [d00rt/hijacked_lokibot_version](https://github.com/d00rt/hijacked_lokibot_version) 
- [**23**Star][7m] [Py] [cyberheartmi9/cve-2017-8295](https://github.com/cyberheartmi9/cve-2017-8295) 
- [**23**Star][7y] [C++] [cr4sh/ida-ubigraph](https://github.com/cr4sh/ida-ubigraph) IDA Pro plug-in and tools for displaying 3D graphs of procedures using UbiGraph
- [**23**Star][4m] [Py] [wisepythagoras/website-fingerprinting](https://github.com/wisepythagoras/website-fingerprinting) Deanonymizing Tor or VPN users with website fingerprinting and machine learning.
- [**23**Star][1y] [Py] [coldshell/malware-scripts](https://github.com/coldshell/malware-scripts) 
- [**23**Star][3y] [C] [cn33liz/hsevd-arbitraryoverwrite](https://github.com/cn33liz/hsevd-arbitraryoverwrite) HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit
- [**23**Star][3m] [Lua] [cloudshark/wireshark-plugin](https://github.com/cloudshark/wireshark-plugin) Upload captures directly to CloudShark from Wireshark
- [**23**Star][21d] [Java] [cloudflare/cloudflare-access-for-atlassian](https://github.com/cloudflare/cloudflare-access-for-atlassian) Authenticate Atlasssian products when using Cloudflare Access
- [**23**Star][4m] [C] [citypw/suterusu](https://github.com/citypw/suterusu) An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM
- [**23**Star][4m] [Py] [chrispetrou/fastaudit](https://github.com/chrispetrou/fastaudit) 
- [**23**Star][18d] [PHP] [chh/stack-honeypot](https://github.com/chh/stack-honeypot) Inserts a trap for spam bots into responses.
- [**23**Star][5m] [C++] [chausner/1337patch](https://github.com/chausner/1337patch) Simple command-line tool to apply patches exported by x64dbg to running processes
- [**23**Star][3m] [HTML] [charnacrypto/charnapool](https://github.com/charnacrypto/charnapool) High performance Node.js (with native C addons) mining pool for Cryptonote based coins, optimized for Charnacoin.
- [**23**Star][5y] [C++] [certcc/dranzer](https://github.com/certcc/dranzer) Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controls
- [**23**Star][2m] [Java] [cblichmann/idajava](https://github.com/cblichmann/idajava) Java integration for Hex-Rays IDA Pro
- [**23**Star][2m] [Go] [capnspacehook/taskmaster](https://github.com/capnspacehook/taskmaster) Windows Task Scheduler Library for Go
- [**23**Star][8m] [C#] [byt3bl33d3r/naga](https://github.com/byt3bl33d3r/naga) A C# stager for SILENTTRINITY (
- [**23**Star][6m] [bxlcity/malware](https://github.com/bxlcity/malware) 
- [**23**Star][4y] [brucecio9999/cryptowire-advanced-autoit-ransomware-project](https://github.com/brucecio9999/cryptowire-advanced-autoit-ransomware-project) This is a advanced ransomware example made in AutoIt
- [**23**Star][2m] [JS] [boxproject/box-appserver](https://github.com/boxproject/box-appserver) The Staff-Manager App Server for Enterprise Token Safe BOX
- [**23**Star][7d] [JS] [bongmu/opsmanage](https://github.com/bongmu/opsmanage) 自动化运维平台: 代码及应用部署CI/CD、资产管理CMDB、计划任务管理平台、SQL审核|回滚、任务调度
- [**23**Star][11m] [C] [biswa96/pdbdownloader](https://github.com/biswa96/pdbdownloader) Standalone program to download PDB Symbol files for debugging without WDK
- [**23**Star][2m] [Py] [beched/abi-decompiler](https://github.com/beched/abi-decompiler) Ethereum (EVM) smart contracts reverse engineering helper utility
- [**23**Star][11d] [Py] [battelle/reductio](https://github.com/battelle/reductio) An exploration of code homeomorphism
- [**23**Star][11m] [C++] [balika011/belf](https://github.com/balika011/belf) Balika011's PlayStation 4 ELF loader for IDA Pro 7.0/7.1
- [**23**Star][12m] [TeX] [b-g-goodell/research-lab](https://github.com/b-g-goodell/research-lab) A general repo for Monero Research Lab work in progress and completed work
- [**23**Star][20d] [Py] [axi0mx/apticket-nonce-checker](https://github.com/axi0mx/apticket-nonce-checker) Python script which parses 32-bit SHSH/APTickets and prints the APTicket nonce, if any.
- [**23**Star][3y] [JS] [auth0-blog/rottentomatoes-clone](https://github.com/auth0-blog/rottentomatoes-clone) 
- [**23**Star][2y] [Py] [aur3lius-dev/spydir](https://github.com/aur3lius-dev/spydir) BurpSuite extension to assist with Automated Forced Browsing/Endpoint Enumeration
- [**23**Star][28d] [atredispartners/advisories](https://github.com/atredispartners/advisories) Atredis Partners Security Advisories
- [**23**Star][5m] [Jupyter Notebook] [aswinzz/machine-learning-algorithms](https://github.com/aswinzz/machine-learning-algorithms) All Machine Learning Algorithms
- [**23**Star][3m] [C] [armedpot/honeytrap](https://github.com/armedpot/honeytrap) Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
- [**23**Star][6m] [C#] [arkhist/hacklinks](https://github.com/arkhist/hacklinks) Hacklinks is an open source online game about hacking.
- [**23**Star][5m] [C++] [apriorit/simple-antirootkit-sst-unhooker](https://github.com/apriorit/simple-antirootkit-sst-unhooker) This is a demo project to illustrate the way to verify and restore original SST in case of some malware hooks
- [**23**Star][9m] [ObjC] [apestalk/debugwindow](https://github.com/apestalk/debugwindow) 一个在真机上测试时方便查看输出日志的小工具。(A debug tool which helps you view the console logs on the device when you test you APP.)
- [**23**Star][2m] [Py] [antisomnus/sniffer](https://github.com/antisomnus/sniffer) Simple sniffer using scapy and PyQt5 on Windows 10
- [**23**Star][7m] [Py] [anotherik/rogueap-detector](https://github.com/anotherik/rogueap-detector) Rogue Access Point Detector
- [**23**Star][7m] [Py] [anhkgg/get52pojietools](https://github.com/anhkgg/get52pojietools) 一个批量下载52pojie爱盘中资源的小脚本。
- [**23**Star][10d] [C++] [andrewgaspar/km-stl](https://github.com/andrewgaspar/km-stl) A drop-in replacement for the C++ STL for kernel mode Windows drivers. The goal is to have implementations for things like the standard algorithms that don't require memory allocations or exceptions, and for implementations of type traits and other compile-time related headers. Full implementation of the STL is a non-goal.
- [**23**Star][9m] [Py] [alexander-hanel/hansel](https://github.com/alexander-hanel/hansel) a simple but flexible search for IDA
- [**23**Star][4m] [Py] [adafruit/adafruit_circuitpython_esp32spi](https://github.com/adafruit/adafruit_circuitpython_esp32spi) ESP32 as wifi with SPI interface
- [**23**Star][2y] [abhishekkr/eden_guide_to_hacking](https://github.com/abhishekkr/eden_guide_to_hacking) its quick to read, broadway guide to HACKING ~ for anyone to have grasp of important concepts and skills which makes up the knowledge base of a hacker
- [**23**Star][1m] [Py] [a-maumau/vesta](https://github.com/a-maumau/vesta) GPU state check script.
- [**23**Star][6m] [JS] [3rd-eden/diagnostics](https://github.com/3rd-eden/diagnostics) Tools for debugging your node.js modules
- [**23**Star][2y] [C++] [3gstudent/passwordfilter](https://github.com/3gstudent/passwordfilter) 2 ways of Password Filter DLL to record the plaintext password
- [**23**Star][1y] [JS] [0xsobky/xssbuster](https://github.com/0xsobky/xssbuster) XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!
- [**23**Star][3y] [Py] [0x024/ms](https://github.com/0x024/ms) 我的monitor system--智能家庭监控系统
- [**22**Star][23d] [Go] [tkmru/dumproid](https://github.com/tkmru/dumproid) Android process memory dump tool without ndk.
- [**22**Star][18d] [Py] [49e94b8f256530dc0d41f740dfe8a4c1/torrent-tracker-scraper](https://github.com/49e94b8f256530dc0d41f740dfe8a4c1/torrent-tracker-scraper) A UDP torrent tracker scraper library written in Python 3
- [**22**Star][11d] [Py] [tfns/writeups](https://github.com/tfns/writeups) CTF writeups from The Flat Network Society
- [**22**Star][12d] [Py] [4masaka/frida-ios-syscall-tracer](https://github.com/4masaka/frida-ios-syscall-tracer) alternative strace for iOS device(64bit)
- [**22**Star][2m] [C] [vanhauser-thc/dyntainttracer](https://github.com/vanhauser-thc/dyntainttracer) a tain tracer based on DynamoRIO, currently ARM only
- [**22**Star][3y] [Py] [pujinxiao/lagou_spider](https://github.com/pujinxiao/lagou_spider) 拉勾网全站职位抓取CrawlSpider
- [**22**Star][3m] [TS] [aholstenson/ataraxia](https://github.com/aholstenson/ataraxia) P2P messaging over mesh networks for NodeJS and browsers
- [**22**Star][4y] [C++] [superv1234/ssvscollision](https://github.com/superv1234/ssvscollision) [HEADER-ONLY] C++14 AABB simple collision detection/response framework for games. Depends on SSVStart, SFML2.0. It has nice performance. Features interchangeable spatial partitioning and resolution systems, a way to prevent the "crack problem", easy to use C++11 lambda callbacks for collision events. It's not perfect, but it should work very wel…
- [**22**Star][7m] [Shell] [industrybestpractice/bootsy](https://github.com/industrybestpractice/bootsy) Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.
- [**22**Star][16d] [Py] [greyshell/penetration_test](https://github.com/greyshell/penetration_test) Scripts to assist penetration testing and exploit development
- [**22**Star][2m] [TS] [andrelmlins/freesoccer](https://github.com/andrelmlins/freesoccer) 
- [**22**Star][6m] [JS] [stripedpajamas/gester](https://github.com/stripedpajamas/gester) scuttlebutt chat ui
- [**22**Star][27d] [Py] [stormix/pluralsight_scraper](https://github.com/Stormix/pluralsight_scraper) A course downloader/scrapper for
- [**22**Star][19d] [Go] [albert-zhan/small-proxy](https://github.com/albert-zhan/small-proxy) Go实现的一个跨平台域名式访问内网穿透工具
- [**22**Star][5m] [R] [shihjyun/pttminer](https://github.com/shihjyun/pttminer) Parallel Searching and Crawling Data from PTT
- [**22**Star][1m] [JS] [strugee/fulldom-server](https://github.com/strugee/fulldom-server) Proxy-like server that will show you the DOM of a page after JS runs
- [**22**Star][6m] [Py] [kirtar22/attack-threat_intel](https://github.com/kirtar22/attack-threat_intel) Graph Representation of MITRE ATT&CK's CTI data
- [**22**Star][2m] [HTML] [fgparamio/api-flight.com](https://github.com/fgparamio/api-flight.com) Main API Flight Git Repository
- [**22**Star][3m] [CSS] [germey/scrape](https://github.com/germey/scrape) Platform of Web Views to Scrape
- [**22**Star][2m] [Shell] [flowerwrong/ip2socks](https://github.com/flowerwrong/ip2socks) ip flow to socks, support tun and tap.
- [**22**Star][24d] [Go] [montferret/ferret-server](https://github.com/montferret/ferret-server) Advanced declarative web scraping
- [**22**Star][15d] [Go] [julienschmidt/quictun](https://github.com/julienschmidt/quictun) Hidden Tunneling using the QUIC Protocol
- [**22**Star][1m] [JS] [cuichuping/novel](https://github.com/cuichuping/novel) 小说阅读器(HTML5版/爬虫/后台管理)
- [**22**Star][3m] [JS] [nullpointer/fund-crawler](https://github.com/nullpointer/fund-crawler) 基于NodeJS的基金数据爬虫，爬取的数据存于github的@nullpointer/fund-data。
- [**22**Star][6m] [Swift] [fitnesskit/bluetoothmessageprotocol](https://github.com/fitnesskit/bluetoothmessageprotocol) Swift Implementation of Bluetooth Message Protocols. Encode and Decode BLE Characteristics
- [**22**Star][16d] [Shell] [llekn/openssl-ca](https://github.com/llekn/openssl-ca) Shell scripts to manage a private Certificate Authority using OpenSSL
- [**22**Star][4m] [Py] [fgksgf/github-trending-crawler](https://github.com/fgksgf/github-trending-crawler) Crawling GitHub Trending Pages every day.
- [**22**Star][3m] [Go] [e-xpertsolutions/go-cluster](https://github.com/e-xpertsolutions/go-cluster) k-modes and k-prototypes clustering algorithms implementation in Go
- [**22**Star][6m] [newtronlabs/easybluetooth](https://github.com/newtronlabs/easybluetooth) The EasyBluetooth library allows the fast creation of Bluetooth connections between devices.
- [**22**Star][5m] [HTML] [csurong/manyuewan](https://github.com/csurong/manyuewan) flask + 爬虫 = 小说 + 漫画
- [**22**Star][4m] [JS] [rainmaple/wifi_bussinessbigdataanalysesystem](https://github.com/rainmaple/wifi_bussinessbigdataanalysesystem) A System is designed to analyse BigData collect from Wifi probe
- [**22**Star][1m] [Shell] [gregwym/docker-v2ray](https://github.com/gregwym/docker-v2ray) A docker-compose deployment for v2ray + WebSocket + TLS setup.
- [**22**Star][9m] [C++] [sbmaruf/algorithms-code-library](https://github.com/sbmaruf/algorithms-code-library) C++ Implementation of variety of Algorithms and some must have cheetsheets for CS students.
- [**22**Star][13d] [PHP] [aoepeople/crawler](https://github.com/aoepeople/crawler) Libraries and scripts for crawling the TYPO3 page tree. Used for re-caching, re-indexing, publishing applications etc.
- [**22**Star][12d] [PHP] [vantoozz/proxy-scraper](https://github.com/vantoozz/proxy-scraper) Library for scraping free proxies lists
- [**22**Star][6m] [Py] [crackernutter/esrirestscraper](https://github.com/crackernutter/esrirestscraper) A Python class that scrapes ESRI Rest Endpoints and exports data to a geodatabase
- [**22**Star][15d] [Py] [pjhrobles/twitter-get-old-tweets-scraper](https://github.com/pjhrobles/twitter-get-old-tweets-scraper) A data scraper for retrieving old tweets in Twitter using Python3.
- [**22**Star][6m] [C] [cbdevnet/websocksy](https://github.com/cbdevnet/websocksy) Highly configurable dynamic WebSocket bridge
- [**22**Star][3m] [JS] [jawil/algorithm](https://github.com/jawil/algorithm) JS常用的数据结构和算法,链表、栈、队列、排序和查找
- [**22**Star][9m] [C] [cilynx/rtl88x2bu_wifi_linux_v5.2.4.1_22719_coex20170518-4444.20170613](https://github.com/cilynx/rtl88x2bu_wifi_linux_v5.2.4.1_22719_coex20170518-4444.20170613) rtl88x2bu driver updated for modern kernels.
- [**22**Star][2m] [JS] [d-oliveros/nest](https://github.com/d-oliveros/nest) High-level, robust framework for web scraping in Node.js
- [**22**Star][5m] [C#] [gfody/webrelay](https://github.com/gfody/webrelay) A netcat-like utility for windows for transferring files and streams over HTTP with support for relaying through a remote host (via websocket), a webclient, and a shell extension. PRs welcome!
- [**22**Star][5m] [Swift] [grandcentrix/gcxtrustpolicy](https://github.com/grandcentrix/gcxtrustpolicy) SSL pinning and trust validation framework for iOS
- [**22**Star][6m] [Ruby] [cmur2/chef-openvpn](https://github.com/cmur2/chef-openvpn) A multi-configuration OpenVPN server cookbook featuring IPv6 support and easy setup of client files.
- [**22**Star][24d] [Go] [phinexdaz/ipapk](https://github.com/phinexdaz/ipapk) ipa or apk parser written in golang, aims to extract app information
- [**22**Star][1y] [Ruby] [danielpclark/state_inspector](https://github.com/danielpclark/state_inspector) State change & method call logger. A debugging tool for instance variables and method calls.
- [**22**Star][1m] [HTML] [arallsopp/tp-link-smart-switch-web-client-](https://github.com/arallsopp/tp-link-smart-switch-web-client-) Creating a web client for the tp-link series of smart switches (HS-100, HS-110, etc).
- [**22**Star][4m] [JS] [maxnowack/node-eq3ble](https://github.com/maxnowack/node-eq3ble) node.js package to control an EQ3 bluetooth thermostat
- [**22**Star][2m] [PHP] [yiisoft/security](https://github.com/yiisoft/security) A set of classes to handle common security-related tasks
- [**22**Star][19d] [Shell] [romainreignier/minimal_raspberrypi_buildroot](https://github.com/romainreignier/minimal_raspberrypi_buildroot) Minimal Linux and Buildroot configurations for the Raspberry Pi 3
- [**22**Star][10d] [Shell] [anthonyguella/pifi](https://github.com/anthonyguella/pifi) Easily set a raspberry pi's wifi settings in a headless configuration
- [**22**Star][12m] [Shell] [avafinger/bpi-m64-firmware](https://github.com/avafinger/bpi-m64-firmware) Banana Pi M64 firmware (eMMC, Wifi, bluetooth, GbE, OV5640)
- [**22**Star][6m] [Rust] [randombit/rust-tls](https://github.com/randombit/rust-tls) TLS in Rust (eventually)
- [**22**Star][3m] [iotmakervn/iot-wifi-uno-hw](https://github.com/iotmakervn/iot-wifi-uno-hw) Open hardware ESP8266 Uno board - Internet Of Things WiFi Uno
- [**22**Star][25d] [Java] [ble180/wroup](https://github.com/ble180/wroup) Android - WiFi Direct Library
- [**22**Star][2m] [C++] [nonlinear-chaos-order-etc-etal/i2pchat](https://github.com/nonlinear-chaos-order-etc-etal/i2pchat) 
- [**22**Star][28d] [JS] [urigo/leumi-leumicard-bank-data-scraper](https://github.com/urigo/leumi-leumicard-bank-data-scraper) Open bank data for Leumi bank and Leumi card credit card
- [**22**Star][10m] [Shell] [dashdashzako/rpi3-hotspot](https://github.com/dashdashzako/rpi3-hotspot) Turns a Raspberry Pi 3 into a configurable hotspot.
- [**22**Star][28d] [Shell] [wi1dcard/kexue-gateway](https://github.com/wi1dcard/kexue-gateway) 
- [**22**Star][7m] [Py] [asoul/okcoin-socket-crawler](https://github.com/asoul/okcoin-socket-crawler) A okcoin crawler based on websocket, save data to mysql
- [**22**Star][4m] [C#] [gildedhonour/openvpnmanagement](https://github.com/gildedhonour/openvpnmanagement) C# OpenVPN interface
- [**22**Star][23d] [Py] [daemonshao/threatcollector](https://github.com/daemonshao/threatcollector) 威胁情报采集系统
- [**22**Star][1m] [Py] [tongtzeho/appcrawler](https://github.com/tongtzeho/appcrawler) Android应用市场网络爬虫
- [**22**Star][8d] [Java] [wn-upf/komondor](https://github.com/wn-upf/komondor) Komondor Wireless Networks Simulator
- [**22**Star][1m] [Shell] [pedrom34/tutoasus](https://github.com/pedrom34/tutoasus) Tutorial on how to setup a nginx reverse proxy on Asus router with Merlin firmware, and get Let's Encrypt certificate with acme.sh.
- [**22**Star][4m] [Py] [colin-guyon/py-bluetooth-utils](https://github.com/colin-guyon/py-bluetooth-utils) Python module containing bluetooth utility functions, in particular for easy BLE scanning and advertising
- [**22**Star][2m] [HTML] [jlleitschuh/security-checklist-transformer](https://github.com/jlleitschuh/security-checklist-transformer) Sqreen Security Checklist Transformer & Uploader
- [**22**Star][10d] [PHP] [ivan-sincek/php-ransomware](https://github.com/ivan-sincek/php-ransomware) PHP ransomware that encrypts your files as well as file and directory names.
- [**22**Star][18d] [Py] [lwplw/darknet2caffe](https://github.com/lwplw/darknet2caffe) Conversion of yolo from DarkNet to Caffe
- [**22**Star][1m] [Go] [contextualist/proxlet](https://github.com/contextualist/proxlet) a POC, naïve implemetation of serverless reverse proxy for any website
- [**22**Star][18d] [altaga/portable-hacking-station-rpi](https://github.com/altaga/portable-hacking-station-rpi) Station to perform WiFi network audits, using Raspberry Pi Zero W and Raspberry Pi 3, with connection from the BT or Mobile Data cell phone.
- [**22**Star][3m] [C] [rofl0r/macgeiger](https://github.com/rofl0r/macgeiger) MacGeiger - a tool to track down the location of WIFI APs with sound (Geigercounter-like)
- [**22**Star][5m] [Py] [k8gege/pyladon](https://github.com/k8gege/pyladon) Ladon For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability / exploit / detection / MS17010
- [**22**Star][6m] [Py] [ganapati/spaf](https://github.com/ganapati/spaf) Static Php Analysis and Fuzzer
- [**22**Star][5m] [JS] [tum-vision/autonavx_web](https://github.com/tum-vision/autonavx_web) interactive exercises for AUTONAVx course
- [**22**Star][3m] [Py] [juliocesarfort/webshotter](https://github.com/juliocesarfort/webshotter) A multi-threaded Python tool to generate screenshot of websites
- [**22**Star][9m] [Py] [mjg59/python-tikteck](https://github.com/mjg59/python-tikteck) Python module for controlling Tikteck Bluetooth LED bulbs
- [**22**Star][4m] [0x90/firmware-arsenal](https://github.com/0x90/firmware-arsenal) Tools and scripts for firmware reverse engeneering
- [**22**Star][2m] [Java] [spiderlabs/cerealbox](https://github.com/spiderlabs/cerealbox) Arduino-based network monitor
- [**22**Star][4m] [C] [nicehash/cpuminer-opt](https://github.com/nicehash/cpuminer-opt) 
- [**22**Star][11m] [C] [t00sh/elf-poison](https://github.com/t00sh/elf-poison) Proof Of Concept for inserting code in ELF binaries.
- [**22**Star][11m] [Py] [crits/pycrits](https://github.com/crits/pycrits) Python interface to the CRITs API
- [**22**Star][19d] [Py] [fireeye/brocapi](https://github.com/fireeye/brocapi) Bro PCAP Processing and Tagging API
- [**22**Star][4m] [JS] [solokeys/solo-webupdate](https://github.com/solokeys/solo-webupdate) Website to easily update Solo firmware on keys.
- [**22**Star][11m] [Py] [dxa4481/mimikittenz4linux](https://github.com/dxa4481/mimikittenz4linux) Steals cleartext passwords from webservices, by reading the memory of browsers
- [**22**Star][1y] [Py] [d35m0nd142/joomla-components-exploits-auto-updating-scanner](https://github.com/d35m0nd142/joomla-components-exploits-auto-updating-scanner) Auto Updater Joomla Components and Exploits Scanner
- [**22**Star][5m] [JS] [facebookincubator/memscout](https://github.com/facebookincubator/memscout) A memory allocator analysis and visualization tool that parses jemalloc statistics to aid in discovering performance bottlenecks and tuning of the allocator based on workload characteristics.
- [**22**Star][2m] [JS] [shadowsocks/shadowsocks-hub-api](https://github.com/shadowsocks/shadowsocks-hub-api) A set of open and standard restful APIs for managing shadowsocks users, servers, nodes, products, accounts, and traffic.
- [**22**Star][13d] [Shell] [anssi-fr/chipsec-check](https://github.com/anssi-fr/chipsec-check) Tools to generate a Debian Linux distribution with chipsec to test hardware requirements
- [**22**Star][1y] [Go] [nachowski/warpwallet_cracker](https://github.com/nachowski/warpwallet_cracker) A brute-force cracker in Go for the WarpWallet Challenge 2
- [**22**Star][5m] [Py] [tostapunk/pc-control-telegram-bot](https://github.com/tostapunk/pc-control-telegram-bot) Control your PC directly from Telegram!
- [**22**Star][2m] [C#] [reloaded-project/reloaded.hooks](https://github.com/reloaded-project/reloaded.hooks) Advanced native function hooks for x86, x64. Welcome to the next level!
- [**22**Star][17d] [Java] [netindev/allatori-v3.0](https://github.com/netindev/allatori-v3.0) Allatori v3.0 source code.
- [**22**Star][1m] [JS] [ajlopez/soliditysamples](https://github.com/ajlopez/soliditysamples) Solidity Smart Contracts Samples
- [**22**Star][2m] [unexpectedby/sqli-dork-repository](https://github.com/unexpectedby/sqli-dork-repository) Dorks Hacking Database for educational proposal
- [**22**Star][16d] [Py] [blechschmidt/fakeroute](https://github.com/blechschmidt/fakeroute) Simple traceroute fake hop generator through IP spoofing
- [**22**Star][13d] [JS] [wri/gfw-mapbuilder](https://github.com/wri/gfw-mapbuilder) Template for the GFW Map Builder that is available through ArcGIS Online, as a stand-alone web application, & a library to build custom Forest Atlas web applications
- [**22**Star][3m] [C] [adde88/hostapd-mana-openwrt](https://github.com/adde88/hostapd-mana-openwrt) hostapd-mana - build-files, and installation-files for OpenWRT
- [**22**Star][5m] [Shell] [tjetzinger/cloudcrackinstaller](https://github.com/tjetzinger/cloudcrackinstaller) A script to install Crunch, Pyrit and Cowpatty on a running Amazon EC2 Cluster GPU Instance to crack WPA and WPA2 keys.
- [**22**Star][4m] [JS] [lbherrera/writeups](https://github.com/lbherrera/writeups) 
- [**22**Star][1m] [foxhex0ne/slides](https://github.com/foxhex0ne/slides) Will try to put here slides from now on when I give a talk
- [**22**Star][3m] [Py] [wolfssl/wolfssl-py](https://github.com/wolfssl/wolfssl-py) Python wrapper for wolfSSL embedded SSL/TLS library.
- [**22**Star][2m] [Py] [mirhmousavi/pois](https://github.com/mirhmousavi/pois) Whois with Proxy for Python
- [**22**Star][1m] [mpgn/cve-2019-7609](https://github.com/mpgn/cve-2019-7609) RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
- [**22**Star][7m] [JS] [yuiitsu/unproxy](https://github.com/yuiitsu/unproxy) chrome代理扩展
- [**22**Star][1m] [Java] [aress31/flarequench](https://github.com/aress31/flarequench) Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.
- [**22**Star][11d] [Go] [manaelproxy/manael](https://github.com/manaelproxy/manael) Manael is a simple HTTP proxy for processing images.
- [**22**Star][19d] [PHP] [masterro94/laravel-xss-filter](https://github.com/masterro94/laravel-xss-filter) Filter user input for XSS but don't touch other html
- [**22**Star][4m] [Java] [daimler/sechub](https://github.com/daimler/sechub) SecHub - one central and easy way to use different security tools with one API/Client
- [**22**Star][26d] [HTML] [casework/case](https://github.com/casework/CASE) Cyber-investigation Analysis Standard Expression (CASE) Ontology
- [**22**Star][7m] [F#] [stijnmoreels/fsecurity](https://github.com/stijnmoreels/FSecurity) Security testing library written in F# to make writing security tests more fun.
- [**22**Star][30d] [C#] [softu2f/softu2f-win](https://github.com/SoftU2F/SoftU2F-Win) Software U2F authenticator for Windows
- [**22**Star][2m] [Py] [afang5472/tp-link-wdr-router-command-injection_poc](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC) CVE-2019-6487. A command injection vulnerability in TP-Link WDR5620 Series up to verion 3.
- [**22**Star][2m] [JS] [mindpointgroup/stig-cli](https://github.com/MindPointGroup/stig-cli) A CLI for perusing DISA STIG content Mac, Linux, and Windows Compatible
- [**22**Star][2m] [Crystal] [beyarz/portforge](https://github.com/Beyarz/Portforge) Lightweight utility to fool port scanners
- [**22**Star][1m] [Shell] [vault-cyber-security/osint](https://github.com/Vault-Cyber-Security/osint) Docker image for osint
- [**22**Star][2y] [TS] [auth0-blog/ionic2-auth](https://github.com/auth0-blog/ionic2-auth) 
- [**22**Star][5m] [Java] [ichukai/forwarder](https://github.com/ichukai/forwarder) 穿透内网的端口转发工具
- [**22**Star][25d] [Shell] [cryptomator/cryptomator-mac](https://github.com/cryptomator/cryptomator-mac) Cryptomator .dmg image for Mac
- [**22**Star][2y] [PHP] [vysecurity/basicauth](https://github.com/vysecurity/basicAuth) Basic Auth Phish page
- [**22**Star][2y] [C#] [zerokilo/directedgraphswv](https://github.com/zerokilo/directedgraphswv) Directed Graph Editor and Library, also XEX decompiler 3
- [**22**Star][12d] [C#] [zaproxy/zap-api-dotnet](https://github.com/zaproxy/zap-api-dotnet) OWASP ZAP Dot NET API
- [**22**Star][2y] [Py] [zachhuff386/dashcam](https://github.com/zachhuff386/dashcam) Raspberry Pi/BeagleBone Black dashcam
- [**22**Star][2m] [Lua] [yoshifan/ram-watch-cheat-engine](https://github.com/yoshifan/ram-watch-cheat-engine) Lua script framework for RAM watch displays using Cheat Engine, with a focus on Dolphin emulator.
- [**22**Star][1y] [C++] [y11en/pebfake](https://github.com/y11en/pebfake) PEBFake(修改PEB 伪装当前进程路径、参数等)
- [**22**Star][3m] [xxpe3/clash_raspberrypi](https://github.com/xxpe3/clash_raspberrypi) Clash for ARMv6L
- [**22**Star][3m] [Py] [xorpd/fcatalog_client](https://github.com/xorpd/fcatalog_client) fcatalog idapython client
- [**22**Star][12d] [C++] [xbased/xhook](https://github.com/xbased/xhook) Hook Windows API. supports Win7/8/10 x86 and x64 platform.
- [**22**Star][4y] [Visual Basic .NET] [wpatoolkit/cap-converter](https://github.com/wpatoolkit/cap-converter) A small GUI tool for converting between cap and hccap files.
- [**22**Star][2y] [Py] [woj-ciech/social-media-c2](https://github.com/woj-ciech/social-media-c2) Script is a proof of concept how to control your machine by using social media sites.
- [**22**Star][5y] [Py] [windbgscripts/pykd](https://github.com/windbgscripts/pykd) This contains Helpful PYKD (Python Extension for Windbg) scripts
- [**22**Star][2y] [HTML] [websecurify/acme-no-login-ng](https://github.com/websecurify/acme-no-login-ng) Demonstrates a login bypass attack against a sample MongoDB/NodeJS/AngularJS application
- [**22**Star][5y] [C] [warcraft23/virus-and-windows-api-programing](https://github.com/warcraft23/virus-and-windows-api-programing) 中科大13级计算机病毒分析与WindowsAPI编程 授课老师：郭大侠
- [**22**Star][4m] [C++] [wakbox/wakbox-evolution](https://github.com/wakbox/wakbox-evolution) Wakfu emulator sandbox written in C++/Qt supporting last client version.
- [**22**Star][3m] [C++] [voided/dota-voidhack](https://github.com/voided/dota-voidhack) Proof of concept Dota 2 hack.
- [**22**Star][5y] [C] [uvbs/vmpdbg2](https://github.com/uvbs/vmpdbg2) 
- [**22**Star][10m] [PHP] [tux-00/network_miner](https://github.com/tux-00/network_miner) Network Miner generates a network map by sending SNMP requests (LLDP/CDP/EDP).
- [**22**Star][2m] [Makefile] [tum-i22/munch](https://github.com/tum-i22/munch) Greybox fuzzer for optimizing function coverage and finding low-level vulnerabilities in C programs
- [**22**Star][1m] [JS] [toxic-johann/toxic-decorators](https://github.com/toxic-johann/toxic-decorators) Library of Javascript decorators
- [**22**Star][7m] [C#] [tjeerdhans/proxyunsetter](https://github.com/tjeerdhans/proxyunsetter) Windows tray tool to unset the system proxy.
- [**22**Star][6m] [Rust] [timmclean/rust-timing-shield](https://github.com/timmclean/rust-timing-shield) Comprehensive timing leak protection for Rust programs
- [**22**Star][27d] [C] [tianocore/edk2-test](https://github.com/tianocore/edk2-test) Test infrastructure and test cases for EDK II based firmware
- [**22**Star][30d] [Py] [threatstream/symhash](https://github.com/threatstream/symhash) 
- [**22**Star][4y] [Py] [thedr1ver/wipster](https://github.com/thedr1ver/wipster) Web Interface Portal & Security Threat Engine for REMnux
- [**22**Star][2y] [CSS] [textileio/dapp-template](https://github.com/textileio/dapp-template) a basic template to build simple ipfs-based browser dapps
- [**22**Star][2y] [C#] [technikempire/windivertsharp](https://github.com/technikempire/windivertsharp) A minimal .NET binding over WinDivert
- [**22**Star][3y] [Py] [techbliss/x64dbg_script_editor](https://github.com/techbliss/x64dbg_script_editor) x64dbg Script editor v2.0
- [**22**Star][5y] [Py] [techbliss/scylladumper](https://github.com/techbliss/scylladumper) Ida Plugin to Use the Awsome Scylla plugin
- [**22**Star][4y] [C++] [tandasat/cve-2014-0816](https://github.com/tandasat/cve-2014-0816) CVE-2014-0816
- [**22**Star][1m] [Shell] [t0kx/exploit-cve-2015-1427](https://github.com/t0kx/exploit-cve-2015-1427) Elasticsearch 1.4.0 < 1.4.2 Remote Code Execution exploit and vulnerable container
- [**22**Star][5m] [Py] [syno3/babymux](https://github.com/syno3/babymux) pentesting tool for noob hackers.Runs on linux and termux
- [**22**Star][2y] [Py] [swisskyrepo/whid_toolkit](https://github.com/swisskyrepo/whid_toolkit) Simple script for the WHID injector - a rubberducky wifi
- [**22**Star][6y] [C++] [sweetsoftware/simplebackdoor](https://github.com/sweetsoftware/simplebackdoor) Remote Windows shell
- [**22**Star][10m] [PHP] [svelizdonoso/asyrv](https://github.com/svelizdonoso/asyrv) ASYRV es una aplicación escrita en PHP/MySQL, con Servicios Web mal desarrollados(SOAP/REST/XML), esperando ayudar a los entusiastas de la seguridad informática a comprender esta tecnología tan utilizada hoy en día por las Organizaciones.
- [**22**Star][2m] [C] [superironbob/pdbwriter](https://github.com/superironbob/pdbwriter) A small tool to produce a dummy pdb for an executable with symbols at addresses from a file
- [**22**Star][11m] [superdong0/aggressor_mail](https://github.com/superdong0/aggressor_mail) beacon,aggressor-scripts,cna,cobalt-strike,email
- [**22**Star][5y] [sunkehappy/ios-reverse-engineering-tools-backup](https://github.com/sunkehappy/ios-reverse-engineering-tools-backup) Some guys find the old lsof could not be downloaded. But I have it and I want to share it.
- [**22**Star][7m] [Py] [stamparm/dnslog](https://github.com/stamparm/dnslog) Minimalistic DNS logging tool
- [**22**Star][1y] [Py] [spacepatcher/firehol-ip-aggregator](https://github.com/spacepatcher/firehol-ip-aggregator) Application for keeping feeds from FireHOL
- [**22**Star][6m] [Py] [snbig/instatrack](https://github.com/snbig/instatrack) Convert Instagram user ID to username & vice versa
- [**22**Star][27d] [Rust] [smirnovvad/rbuster](https://github.com/smirnovvad/rbuster) yet another dirbuster
- [**22**Star][4m] [Py] [slgobinath/pcap-processor](https://github.com/slgobinath/pcap-processor) Read and process pcap files using this nifty tool
- [**22**Star][8m] [Py] [siliconblade/volatility](https://github.com/siliconblade/volatility) volatility
- [**22**Star][2m] [seifreed/awesome-sandbox-evasion](https://github.com/seifreed/awesome-sandbox-evasion) A summary about different projects/presentations/tools to test how to evade malware sandbox systems
- [**22**Star][2y] [Go] [segmentio/rate-limiting-log-proxy](https://github.com/segmentio/rate-limiting-log-proxy) A syslog-compatible log proxy that limits based on syslog tag
- [**22**Star][2y] [Py] [securityinnovation/ofxpostern](https://github.com/securityinnovation/ofxpostern) Vulnerability scanner for OFX servers
- [**22**Star][2y] [Py] [sebastienbr/volatility](https://github.com/sebastienbr/volatility) Utilities for the memory forensics framework
- [**22**Star][2y] [Py] [saulty4ish/fuzzsafedog](https://github.com/saulty4ish/fuzzsafedog) 安全狗sql注入绕过
- [**22**Star][4m] [Matlab] [samhooke/steganography](https://github.com/samhooke/steganography) Image & video steganography in Matlab
- [**22**Star][9d] [Py] [sam-b/z3-stuff](https://github.com/sam-b/z3-stuff) z3 scripts and ctf challenge solutions.
- [**22**Star][4m] [TS] [sahilchaddha/rudyjs](https://github.com/sahilchaddha/rudyjs) 
- [**22**Star][3y] [C] [sagi/android_pocs](https://github.com/sagi/android_pocs) Android Vulnerability Reports and POCs.
- [**22**Star][5m] [Py] [sadeghhayeri/lol-hacking](https://github.com/sadeghhayeri/lol-hacking) My Hacking Activities!
- [**22**Star][5m] [Java] [rub-nds/joseph](https://github.com/rub-nds/joseph) 
- [**22**Star][9m] [Py] [royale-proxy/cr-proxy](https://github.com/royale-proxy/cr-proxy) A simple Clash Royale proxy, implementing the new encryption, built on top of Twisted in Python 3.5.
- [**22**Star][4m] [Smarty] [ropnop/pentest_charts](https://github.com/ropnop/pentest_charts) Some helpful Helm Charts for pentesters
- [**22**Star][1y] [rootup/phdays9](https://github.com/rootup/phdays9) My fuzzing workshop from PHDays9
- [**22**Star][18d] [Shell] [romcheckfail/shodan-ip-block-list](https://github.com/romcheckfail/shodan-ip-block-list) Used to bait shodan to scan your host, capture the IP address, then add it to a local blocklist.
- [**22**Star][1y] [C++] [rolfrolles/miscellaneous](https://github.com/rolfrolles/miscellaneous) Small programs and scripts that do not require their own repositories
- [**22**Star][6m] [C++] [robotastic/smartnet-scanner](https://github.com/robotastic/smartnet-scanner) GNURadio based scanner for SmartNet II Digital radio systems.
- [**22**Star][2m] [riverloopsec/beekeeperwids](https://github.com/riverloopsec/beekeeperwids) A IEEE 802.15.4 Wireless Intrusion Detection System, Using the KillerBee Framework
- [**22**Star][5m] [C] [riicchhaarrd/codextended](https://github.com/riicchhaarrd/codextended) Call of Duty Extended
- [**22**Star][6m] [Py] [reivhax/chimay-red-tiny](https://github.com/reivhax/chimay-red-tiny) This is a minified exploit for mikrotik routers. It does not require any aditional modules to run.
- [**22**Star][1m] [Py] [redragonx/can2rnet](https://github.com/redragonx/can2rnet) This repo has code and documentation to control power-wheelchairs with R-Net electronics.
- [**22**Star][17d] [redogwu/hyper-v](https://github.com/redogwu/hyper-v) hyper-v的一些资料
- [**22**Star][2m] [Java] [rcenvironment/rce](https://github.com/rcenvironment/rce) Distributed, workflow-driven integration environment
- [**22**Star][8y] [Ruby] [raesene/owasp_web_app_testing_cheatsheet_converter](https://github.com/raesene/owasp_web_app_testing_cheatsheet_converter) OWASP Web Application Testing Cheat Sheet converted to tool formats
- [**22**Star][7m] [Py] [quikko/buquikker](https://github.com/quikko/buquikker) Supports multi threading for the bucketeer script
- [**22**Star][1m] [C] [qmonnet/tbpoc-bpf](https://github.com/qmonnet/tbpoc-bpf) Stateful packet processing: two-color token-bucket PoC in BPF
- [**22**Star][1y] [Py] [puresec/lambda-proxy](https://github.com/puresec/lambda-proxy) Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions …
- [**22**Star][1y] [Py] [pure-l0g1c/keylogger](https://github.com/pure-l0g1c/keylogger) A simple keylogger that uses Gmail as a C&C
- [**22**Star][5y] [JS] [pubnub/realtime-raspberrypi-temperature-humidity-sensor](https://github.com/pubnub/realtime-raspberrypi-temperature-humidity-sensor) Stream live temperature and humidity readings from the Raspberry Pi and visualize through realtime charts and graphs
- [**22**Star][4m] [Py] [portswigger/aws-security-checks](https://github.com/portswigger/aws-security-checks) AWS Security Checks
- [**22**Star][8m] [JS] [polyverse/envisen](https://github.com/polyverse/envisen) ROP gadget finder and analysis in pure Javascript
- [**22**Star][11d] [Py] [pirobot/pi_trees](https://github.com/pirobot/pi_trees) A Python/ROS library for implementing Behavior Trees
- [**22**Star][3m] [Java] [piomin/sample-envoy-proxy](https://github.com/piomin/sample-envoy-proxy) custom implementation of service discovery with envoy and inter-service communication for spring-boot applications
- [**22**Star][3m] [Crystal] [picatz/packetz](https://github.com/picatz/packetz) 
- [**22**Star][1m] [Ruby] [picatz/falconz](https://github.com/picatz/falconz) 
- [**22**Star][5m] [Lua] [p0pr0ck5/lua-resty-tarpit](https://github.com/p0pr0ck5/lua-resty-tarpit) OpenResty response time inflation
- [**22**Star][5m] [Py] [ouroboros/juusankoubou](https://github.com/ouroboros/juusankoubou) 「十三工房」
- [**22**Star][3y] [Assembly] [osandamalith/anti-debug](https://github.com/osandamalith/anti-debug) Some of the Anti-Debugging Tricks
- [**22**Star][4m] [Py] [omergunal/twebit](https://github.com/omergunal/twebit) Bitcoin analysis with machine learning
- [**22**Star][3y] [PS] [oldb00t/aggressorscripts](https://github.com/oldb00t/aggressorscripts) Cobaltstrike Aggressor Scripts
- [**22**Star][26d] [Makefile] [oj/police-quest](https://github.com/oj/police-quest) Binary exploitation CTF challenge
- [**22**Star][5m] [C#] [nyan-x-cat/lime-loader](https://github.com/nyan-x-cat/lime-loader) Download a .NET payload and run it on memory
- [**22**Star][6m] [C#] [nxrighthere/hydrogen-csharp](https://github.com/nxrighthere/hydrogen-csharp) Managed C# wrapper for Hydrogen cryptographic library by Frank Denis
- [**22**Star][2y] [Shell] [nullarray/sysenum](https://github.com/nullarray/sysenum) Simple Bash script to retrieve basic system information.
- [**22**Star][24d] [C++] [nshadov/screensaver-mouse-jiggler](https://github.com/nshadov/screensaver-mouse-jiggler) Hardware arduino based mouse emulator, preventing screen saver locking (eg. during forensic investigation)
- [**22**Star][2m] [C++] [nonlinear-chaos-order-etc-etal/i2pchat](https://github.com/nonlinear-chaos-order-etc-etal/i2pchat) 
- [**22**Star][3m] [Py] [nlitsme/idascripts](https://github.com/nlitsme/idascripts) IDApro idc and idapython script collection
    - [enumerators](https://github.com/nlitsme/idascripts/blob/master/enumerators.py) Enumeration utilities for idapython
- [**22**Star][2y] [Py] [nicksanzotta/linkscrape](https://github.com/nicksanzotta/linkscrape) A LinkedIn user/company enumeration tool.
- [**22**Star][4m] [Py] [nguyenkhong/cracknetdrive3](https://github.com/nguyenkhong/cracknetdrive3) 
- [**22**Star][6y] [munmap/linux-kernel-bugs-db](https://github.com/munmap/linux-kernel-bugs-db) 
- [**22**Star][1m] [Py] [mstxq17/dbleakscan](https://github.com/mstxq17/dbleakscan) this scanner try to scan some dbbak or ctf #源码泄露
- [**22**Star][1y] [Py] [mothran/tlslite](https://github.com/mothran/tlslite) TLS Library in python
- [**22**Star][2m] [Shell] [mitchellkrogza/fail2ban-useful-scripts](https://github.com/mitchellkrogza/fail2ban-useful-scripts) A collection of useful scripts for automation of & easing maintenance of Fail2Ban
- [**22**Star][4m] [misp/misp-compliance](https://github.com/misp/misp-compliance) Legal, procedural and policies document templates for operating MISP and information sharing communities
- [**22**Star][9m] [Py] [milo2012/burpsql](https://github.com/milo2012/burpsql) Automating SQL injection using Burp Proxy Logs and SQLMap
- [**22**Star][3m] [C++] [metal-crow/dark-souls-1-overhaul](https://github.com/metal-crow/dark-souls-1-overhaul) "We're the Project M of Dark Souls!"
- [**22**Star][4m] [Go] [mesuutt/sherlock](https://github.com/mesuutt/sherlock) 
- [**22**Star][4y] [Swift] [melvinsh/burptoggle](https://github.com/melvinsh/burptoggle) Status bar application for OS X to toggle the state of the system HTTP/HTTPS proxy.
- [**22**Star][11m] [HTML] [mdn/pab](https://github.com/mdn/pab) MDN Web Docs Product Advisory Board
- [**22**Star][23d] [PHP] [mayhemiclabs/weblabyrinth](https://github.com/mayhemiclabs/weblabyrinth) A system that creates a bogus web structure to entrap and delay web scanners
- [**22**Star][2y] [matthewdemaske/threathuntingstuff](https://github.com/matthewdemaske/threathuntingstuff) Useful Threat Hunting Stuff
- [**22**Star][4m] [Ruby] [martinvigo/ransombile](https://github.com/martinvigo/ransombile) Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life when having physical access to a locked mobile device
- [**22**Star][3y] [Ruby] [martinvigo/metasploit-framework](https://github.com/martinvigo/metasploit-framework) Metasploit Framework
- [**22**Star][2y] [C#] [malcomvetter/antidebug](https://github.com/malcomvetter/antidebug) PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.
- [**22**Star][25d] [Py] [makinacorpus/spynner](https://github.com/makinacorpus/spynner) Programmatic web browsing module with AJAX support for Python
- [**22**Star][6m] [Py] [lylemi/saker](https://github.com/lylemi/saker) Flexible Penetrate Testing Auxiliary Suite
- [**22**Star][3m] [C#] [lowleveldesign/diagnostics-tools](https://github.com/lowleveldesign/diagnostics-tools) 
- [**22**Star][5m] [Py] [lorenzb/submarine_sends](https://github.com/lorenzb/submarine_sends) A proof-of-concept implementation of Submarine Sends for Ethereum
- [**22**Star][6m] [C] [lorecioni/imagesplicingdetection](https://github.com/lorecioni/imagesplicingdetection) Illuminant inconsistencies for image splicing detection in forensics
- [**22**Star][2y] [Py] [letusfsck/poc-exploit-mirror](https://github.com/letusfsck/poc-exploit-mirror) Archive Mirror for recently republished PoC/Exploit code
- [**22**Star][15d] [Py] [leonardonve/dns2proxy_hsts](https://github.com/leonardonve/dns2proxy_hsts) DNS2Proxy offensive proxy version for HSTS
- [**22**Star][9m] [Py] [leoid/encoder](https://github.com/leoid/encoder) Alphanumeric Encoder
- [**22**Star][8m] [Logos] [leavez/runmario](https://github.com/leavez/runmario) iOS jailbreak tweak that allow playing SuperMarioRun on jailbreak device
- [**22**Star][16d] [TS] [lavalamp-/ws-frontend-community](https://github.com/lavalamp-/ws-frontend-community) Web Sight Front-end Community Edition
- [**22**Star][4y] [C#] [lallousx86/wepexplorer](https://github.com/lallousx86/wepexplorer) Windows Events Providers Explorer
- [**22**Star][2y] [lac-japan/owasp-mobile-top-10-2016](https://github.com/lac-japan/owasp-mobile-top-10-2016) OWASP Mobile Top 10 2016 日本語訳
- [**22**Star][20d] [Py] [l-codes/oneshellcrack](https://github.com/l-codes/oneshellcrack) a very very fast brute force webshell password tool
- [**22**Star][1y] [Py] [kutio/liblll](https://github.com/kutio/liblll) python library to manage and reduce lattices
- [**22**Star][2m] [Py] [krrr/wstan](https://github.com/krrr/wstan) Tunneling TCP in WebSocket (ssh -D alternative)
- [**22**Star][3y] [Cycript] [keith/injecturlprotocol](https://github.com/keith/injecturlprotocol) Inject a custom NSURLProtocl into a running application
- [**22**Star][5m] [Go] [kbullaughey/warc-tools](https://github.com/kbullaughey/warc-tools) Miscellaneous tools for processing WARC files from the CommonCrawl
- [**22**Star][5y] [Scala] [katjahahn/jwscan](https://github.com/katjahahn/jwscan) Scanner for Jar to EXE wrapper like Launch4j, Exe4j, JSmooth, Jar2Exe
- [**22**Star][5m] [Ruby] [karneades/defensomania](https://github.com/karneades/defensomania) Defensomania is a card game for security monitoring and incident response teams.
- [**22**Star][4m] [C++] [k0keoyo/cve-2015-2546-exploit](https://github.com/k0keoyo/cve-2015-2546-exploit) 
- [**22**Star][5m] [Java] [k-tamura/easybuggy4sb](https://github.com/k-tamura/easybuggy4sb) EasyBuggy clone build on Spring Boot
- [**22**Star][2y] [Py] [jzadeh/aktaion2](https://github.com/jzadeh/aktaion2) Python implementation of the Aktaion project
- [**22**Star][4m] [Diff] [jrmuizel/kemufuzzer](https://github.com/jrmuizel/kemufuzzer) Automatically exported from code.google.com/p/kemufuzzer
- [**22**Star][18d] [Py] [joshwatson/binaryninja-msp430](https://github.com/joshwatson/binaryninja-msp430) msp430 Architecture plugin for Binary Ninja
- [**22**Star][3y] [Py] [jidar/smith](https://github.com/jidar/smith) A client/server style agent meant for testing connectivity to and from a machine on a network.
- [**22**Star][5m] [C] [jerome-ps/jn516xsniffer](https://github.com/jerome-ps/jn516xsniffer) Transform a Xiaomi Zigbee gadget into a Zigbee sniffer.
- [**22**Star][7m] [C++] [jbremer/pyn](https://github.com/jbremer/pyn) Awesome Python bindings for Pintool
- [**22**Star][2y] [Shell] [jas502n/st2-046-poc](https://github.com/jas502n/st2-046-poc) st2-046-poc CVE-2017-5638
- [**22**Star][27d] [C] [jackullrich/trunpe](https://github.com/jackullrich/trunpe) A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original entrypoint.
- [**22**Star][8m] [Py] [invasi0nz/lo0sr](https://github.com/invasi0nz/lo0sr) Lo0sR is a simple python Keylogger with many functions.
- [**22**Star][3m] [C] [intelstormteam/projects](https://github.com/intelstormteam/projects) Projects released by the Team
- [**22**Star][6m] [Py] [ins1gn1a/netntlm-hashcat](https://github.com/ins1gn1a/netntlm-hashcat) Converts John The Ripper/Cain format hashes (singular, or in bulk) to HashCat compatible hash format.
- [**22**Star][4y] [Py] [infectedpacket/vxvault](https://github.com/infectedpacket/vxvault) Malware management program and tools
- [**22**Star][3y] [C] [iaik/prefetch](https://github.com/iaik/prefetch) This repository contains several tools to perform Prefetch Side-Channel Attacks
- [**22**Star][10m] [Py] [hypnoze57/fshell](https://github.com/hypnoze57/fshell) My python3 implementation of a Forward Shell
- [**22**Star][2m] [Py] [hyperiongray/starbelly](https://github.com/hyperiongray/starbelly) Streaming web crawler with WebSocket API
- [**22**Star][14d] [Go] [hgfischer/domainerator](https://github.com/hgfischer/domainerator) Simple application written in Go that combines two wordlists and a list of TLDs to form domain names and check if they are already registered.
- [**22**Star][3y] [C] [hexhive/epoxy](https://github.com/hexhive/epoxy) Root Repo for the EPOXY tool that applies Privilege Overlays on bare-metal systems
- [**22**Star][7m] [C] [herwonowr/catchme](https://github.com/herwonowr/catchme) CatchME - WiFi Fun Box "Having Fun with ESP8266"
- [**22**Star][9m] [C] [hackerwarehouse/hw-dc26-badge](https://github.com/hackerwarehouse/hw-dc26-badge) Hacker Warehouse electronic badge that was made for DEF CON 26
- [**22**Star][2m] [C] [hackerdom/phdctf-2017](https://github.com/hackerdom/phdctf-2017) PHDays Online CTF 2017. Developed with
- [**22**Star][13d] [Py] [hack-all-the-things/charsetinspect](https://github.com/hack-all-the-things/charsetinspect) A script that inspects multi-byte character sets looking for characters with specific user-defined properties
- [**22**Star][1m] [AutoIt] [habohitron/habohitron](https://github.com/habohitron/habohitron) 
- [**22**Star][3y] [PS] [h3ll0world/evilusb](https://github.com/h3ll0world/evilusb) Powershell Framework to make an USB auto-executable on infected machines.
- [**22**Star][16d] [Py] [greyshell/penetration_test](https://github.com/greyshell/penetration_test) Scripts to assist penetration testing and exploit development
- [**22**Star][3y] [JS] [gregkcarson/googleappscriptse](https://github.com/gregkcarson/googleappscriptse) Social Engineering Abusing Google App Scripts
- [**22**Star][1m] [C] [gravity-postquantum/prune-horst](https://github.com/gravity-postquantum/prune-horst) Signature scheme submitted to NIST's Post-Quantum Cryptography Project
- [**22**Star][4m] [Jupyter Notebook] [grananqvist/machine-learning-web-application-firewall-and-dataset](https://github.com/grananqvist/machine-learning-web-application-firewall-and-dataset) 
- [**22**Star][6m] [Go] [ginuerzh/gosocks5](https://github.com/ginuerzh/gosocks5) golang and SOCKS5
- [**22**Star][5y] [ObjC] [gdssecurity/osx-continuity-dialer-poc](https://github.com/gdssecurity/osx-continuity-dialer-poc) 
- [**22**Star][5m] [PS] [fuzzysecurity/capstonekeystone-powershell](https://github.com/fuzzysecurity/capstonekeystone-powershell) PowerShell Module Bindings for Capstone/Keystone
- [**22**Star][6m] [Py] [freenas/middleware](https://github.com/freenas/middleware) New FreeNAS 10 Middleware
- [**22**Star][5m] [C] [flightaware/scotty](https://github.com/flightaware/scotty) A Tcl extension for building network management (SNMP, ICMP, UDP, DNS) applications
- [**22**Star][4m] [Py] [flarn2006/bhstools](https://github.com/flarn2006/bhstools) Tools for interacting with Brinks BHS-3000 and BHS-4000 / IntelliBus, custom firmware for BHS-4000
- [**22**Star][9m] [Shell] [find-evil/msf-install-script-os-x-lion-mountain-lion](https://github.com/find-evil/msf-install-script-os-x-lion-mountain-lion) Script to automate installation of Metasploit Framework on OS X Lion & Mountain Lion
- [**22**Star][2m] [fabiobaroni/awesome-pentest](https://github.com/fabiobaroni/awesome-pentest) A collection of awesome penetration testing resources, tools and other shiny things
- [**22**Star][6m] [Java] [ettic-team/endpointfinder-burp](https://github.com/ettic-team/endpointfinder-burp) burp plugin to find endpoint
- [**22**Star][8m] [JS] [ericlaw1979/moartls](https://github.com/ericlaw1979/moartls) The moarTLS Analyzer Browser Extension flags non-secure references in web pages.
- [**22**Star][3y] [Jupyter Notebook] [equalitie/bothound](https://github.com/equalitie/bothound) Automatic attack detector and botnet classifier
- [**22**Star][2m] [Ruby] [envkey/envkey-ruby](https://github.com/envkey/envkey-ruby) EnvKey's official Ruby client library
- [**22**Star][4m] [TeX] [edelahozuah/awesome-tls-security](https://github.com/edelahozuah/awesome-tls-security) A collection of (not-so, yet) awesome resources related to TLS, PKI and related stuff
- [**22**Star][3m] [C] [dsmatter/brootus](https://github.com/dsmatter/brootus) An educational Linux Kernel Rootkit
- [**22**Star][3m] [Rust] [dns0/droxy](https://github.com/dns0/droxy) "smart" DNS proxy: A different upstream server can be configured for each zone. Handles thousands of zones efficiently.
- [**22**Star][5m] [C++] [dkoluris/pseudo](https://github.com/dkoluris/pseudo) PSeudo - The world's simplest PLAYSTATION emulator
- [**22**Star][4m] [Perl] [dheiland-r7/snmp](https://github.com/dheiland-r7/snmp) SNMP data gather scripts
- [**22**Star][2m] [dfir-it/supreme-backdoor-factory](https://github.com/dfir-it/supreme-backdoor-factory) This repository contains additional files mentioned in the blog post
- [**22**Star][4m] [deepwn/dn2.io](https://github.com/deepwn/dn2.io) [ Domain Name to I/O ] Development DNS & Security Data Transportation & Pentesting with SCA and Steganography.
- [**22**Star][2y] [Smali] [dan7800/vulnerableandroidapporacle](https://github.com/dan7800/vulnerableandroidapporacle) 
- [**22**Star][1m] [C#] [damonmohammadbagher/fakefilemaker](https://github.com/damonmohammadbagher/fakefilemaker) Social Engineering: Simple way to make a fake file for Backdoors
- [**22**Star][4y] [Shell] [d3f4ultt/princesofpaypal](https://github.com/d3f4ultt/princesofpaypal) A security write-up about the Paypal API & data leakage
- [**22**Star][3y] [C++] [d35m0nd142/kadabra](https://github.com/d35m0nd142/kadabra) [DEPRECATED] Kadabra is my automatic LFI Exploiter and Scanner, written in C++ and a couple extern module in Python.
- [**22**Star][3y] [Py] [cujanovic/cve-2016-8610-poc](https://github.com/cujanovic/cve-2016-8610-poc) CVE-2016-8610 (SSL Death Alert) PoC
- [**22**Star][10d] [JS] [ctf-thanos/ctf-writeups](https://github.com/ctf-thanos/ctf-writeups) A writeup summary for CTF problems.
- [**22**Star][6m] [Scala] [criteo/vizsql](https://github.com/criteo/vizsql) Scala and SQL happy together.
- [**22**Star][6m] [Scala] [criteo/slab](https://github.com/criteo/slab) An extensible Scala framework for creating monitoring dashboards.
- [**22**Star][5m] [coldev/coldevprolayer](https://github.com/coldev/coldevprolayer) Protect your PHP code with obfuscation and encryption
- [**22**Star][9m] [Shell] [cogset/shadowsocks](https://github.com/cogset/shadowsocks) Shadowsocks in Docker
- [**22**Star][1m] [JS] [codedotjs/twifo-cli](https://github.com/codedotjs/twifo-cli) 
- [**22**Star][2y] [C#] [cobbr/insecurepowershellhost](https://github.com/cobbr/insecurepowershellhost) InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.
- [**22**Star][3m] [C] [circl/pcapdj](https://github.com/circl/pcapdj) dispatch pcap files
- [**22**Star][5m] [Py] [christhecoolhut/instruction-stomp](https://github.com/christhecoolhut/instruction-stomp) Cross-architecture instruction counting for CTF solving
- [**22**Star][10m] [Py] [catalyst256/gobbler](https://github.com/catalyst256/gobbler) Gobbling it's way through your pcap files
- [**22**Star][6y] [C++] [casualx/libex](https://github.com/casualx/libex) C++ Helper Library for myself
- [**22**Star][21d] [Go] [castaneai/hinako](https://github.com/castaneai/hinako) x86 WinAPI hook written in pure Go
- [**22**Star][4y] [Py] [camoufl4g3/sqli-payload-fuzz3r](https://github.com/camoufl4g3/sqli-payload-fuzz3r) sqli payload
- [**22**Star][26d] [Go] [c1982/ripego](https://github.com/c1982/ripego) IP Whois Golang Package
- [**22**Star][4m] [C] [bringhurst/xnufuzz](https://github.com/bringhurst/xnufuzz) An XNU kernel fuzz tool
- [**22**Star][2m] [Py] [botherder/snoopdroid](https://github.com/botherder/snoopdroid) Extract packages from an Android device
- [**22**Star][1y] [C#] [borjamerino/dns-polygraph](https://github.com/borjamerino/dns-polygraph) Tool designed to study the answers of your DNS resolver and make easier the identification of techniques such as DNS Hijacking/Poisoning
- [**22**Star][2y] [Py] [blazeinfosec/cve-2017-10366_peoplesoft](https://github.com/blazeinfosec/cve-2017-10366_peoplesoft) CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit
- [**22**Star][2m] [C] [blacchat/rkorova](https://github.com/blacchat/rkorova) ld_preload userland rootkit
- [**22**Star][2y] [C] [billy-ellis/arm-gadget-finder](https://github.com/billy-ellis/arm-gadget-finder) Work-in-progress open source ROP gadget finder for 32-bit ARM binaries
- [**22**Star][2y] [asuri-team/dproxy](https://github.com/asuri-team/dproxy) Massive Distributed Dynamic Proxy
- [**22**Star][4m] [JS] [assafmo/istorexit](https://github.com/assafmo/istorexit) Check if an IP is a Tor exit node
- [**22**Star][4m] [C++] [arsunt/tr2main](https://github.com/arsunt/tr2main) Tomb Raider II Injector Dynamic Library
- [**22**Star][5m] [C++] [arpitn30/nipper-ng](https://github.com/arpitn30/nipper-ng) Automatically exported from code.google.com/p/nipper-ng
- [**22**Star][4m] [Py] [arnoweng/pytorch-deep-image-steganography](https://github.com/arnoweng/pytorch-deep-image-steganography) A PyTorch implementation of image steganography utilizing deep convolutional neural networks
- [**22**Star][17d] [Py] [arinkverma/google-foobar](https://github.com/arinkverma/google-foobar) Read about google foobar at HackerNews
- [**22**Star][2y] [Py] [argilo/nrsc-5](https://github.com/argilo/nrsc-5) Prototype implementation of HD Radio (NRSC-5). Superseded by
- [**22**Star][2m] [Shell] [aress31/smbaudit](https://github.com/aress31/smbaudit) Perform various SMB-related attacks, particularly useful for testing large Active Directory environments.
- [**22**Star][2m] [C++] [apriorit/antirootkit-anti-splicer](https://github.com/apriorit/antirootkit-anti-splicer) The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers
- [**22**Star][2m] [Shell] [apache-labor/labor](https://github.com/apache-labor/labor) 
- [**22**Star][4m] [Java] [ankokuty/hakoniwabadstore](https://github.com/ankokuty/hakoniwabadstore) 箱庭BadStore
- [**22**Star][9m] [animeshshaw/learning-node.js-security](https://github.com/animeshshaw/learning-node.js-security) A Collection of articles, videos, blogs, talks and other materials on Node.js Security
- [**22**Star][8m] [C] [anfractuosity/procmod](https://github.com/anfractuosity/procmod) Modifies running processes on Linux
- [**22**Star][5m] [CSS] [an-ivannikov/mtproto-proxy-server](https://github.com/an-ivannikov/mtproto-proxy-server) Web Server & MTProxy MTPROTO is proxy for Telegram
- [**22**Star][9m] [ObjC] [alexmx/insider](https://github.com/alexmx/insider) Insider sets a backdoor into your app for testing tools like Appium, Calabash, Frank, etc.
- [**22**Star][11m] [Shell] [afgallo/flynn-ssl-cert](https://github.com/afgallo/flynn-ssl-cert) Generates Let's Encrypt certificates and updates flynn routes automatically :)
- [**22**Star][4m] [Py] [adafruit/adafruit_circuitpython_rfm9x](https://github.com/adafruit/adafruit_circuitpython_rfm9x) CircuitPython module for the RFM95/6/7/8 LoRa wireless 433/915mhz packet radios.
- [**22**Star][4m] [acutronicrobotics/mara_threat_model](https://github.com/acutronicrobotics/mara_threat_model) Threat Model analysis for MARA modular robot
- [**22**Star][6y] [Java] [aatxe/openmaple](https://github.com/aatxe/openmaple) A fast MapleStory emulator aiming to bring openness back to the private server community.
- [**22**Star][3y] [5z1punch/my_php_kernel_handbook_for_pwn](https://github.com/5z1punch/my_php_kernel_handbook_for_pwn) 这一切的开始，都要从我爷爷在悬崖下捡到一本白帽子讲web安全说起
- [**22**Star][2y] [PS] [3gstudent/listinstalledprograms](https://github.com/3gstudent/listinstalledprograms) List the programs that the current Windows system has installed
- [**22**Star][4m] [C++] [3d-gussner/prusa-firmware](https://github.com/3d-gussner/prusa-firmware) Firmware for Original Prusa i3 3D printer by PrusaResearch
- [**22**Star][4m] [Py] [0x90/wifuzz](https://github.com/0x90/wifuzz) Automatically exported from code.google.com/p/wifuzz
- [**22**Star][4y] [PHP] [0x584a/fuzzxssphp](https://github.com/0x584a/fuzzxssphp) PHP版本的反射型xss扫描，支持GET，POST
- [**22**Star][19d] [Py] [0x25/useful](https://github.com/0x25/useful) useful pentest note
- [**22**Star][4y] [LaNMaSteR53/honeybadger](https://bitbucket.org/lanmaster53/honeybadger) 
- [**21**Star][16d] [C++] [neg4n/tr](https://github.com/neg4n/tr) linux memory hacking library
- [**21**Star][13d] [Shell] [tclahr/uac](https://github.com/tclahr/uac) UAC is a command line shell script that makes use of built-in tools to automate the collection of Unix-like systems artifacts. The script respects the order of volatility and artifacts that are changed during the execution.
- [**21**Star][12d] [Java] [silentsignal/burp-pdml](https://github.com/silentsignal/burp-pdml) PDML importer for Burp Suite
- [**21**Star][25d] [Makefile] [whitelynx/artwiz-fonts-wl](https://github.com/whitelynx/artwiz-fonts-wl) A set of modified artwiz fonts based on artwiz-aleczapka and artwiz-latin1.
- [**21**Star][4m] [Py] [ncorbuk/subzone](https://github.com/ncorbuk/subzone) SubZone - Subdomains, Dns records, & more! || Python tutorial || Certificate authority abuse || Adavnced || Hacking/Info-Sec ||
- [**21**Star][1m] [Py] [nyxgeek/weakpass_generator](https://github.com/nyxgeek/weakpass_generator) generates weak passwords based on current date
- [**21**Star][12d] [Py] [geekori/virus_covid19](https://github.com/geekori/virus_covid19) 
- [**21**Star][21d] [ObjC] [cdnbye/ios-p2p-engine](https://github.com/cdnbye/ios-p2p-engine) iOS Video P2P Engine for Any Player
- [**21**Star][2m] [Py] [wynfred/presso](https://github.com/wynfred/presso) Event-driven backtest/realtime quantitative trading system.
- [**21**Star][5m] [C#] [technitiumsoftware/mesh](https://github.com/technitiumsoftware/mesh) A secure, anonymous, peer-to-peer, instant messenger!
- [**21**Star][28d] [Go] [irinesistiana/mos-tls-tunnel](https://github.com/irinesistiana/mos-tls-tunnel) Archived. Check this out
- [**21**Star][5m] [Py] [ncorbuk/python-ransomware](https://github.com/ncorbuk/python-ransomware) Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles
- [**21**Star][2y] [C] [shoupingshan/abnormal-behavior-detection](https://github.com/shoupingshan/abnormal-behavior-detection) Abnormal behavior detection in the video surveillance based on yolo darknet
- [**21**Star][4m] [Py] [quantumcore/supercharge](https://github.com/quantumcore/supercharge) Fully Undetectable Native C++ Remote Access Agent / Botnet.
- [**21**Star][2m] [Py] [theromanxpl0it/ghidra-emu-fun](https://github.com/theromanxpl0it/ghidra-emu-fun) Ghidra Emulates Functions
- [**21**Star][2m] [Py] [yhongm/lgcrawl](https://github.com/yhongm/lgcrawl) python+scrapy+splash 爬取拉勾全站职位信息
- [**21**Star][16d] [C++] [neg4n/tr](https://github.com/neg4n/tr) linux memory hacking library
- [**21**Star][21d] [Py] [appthreat/dep-scan](https://github.com/appthreat/dep-scan) Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required!
- [**21**Star][12d] [PHP] [wrav/oembed](https://github.com/wrav/oembed) A simple plugin to extract media information from websites, like youtube videos, twitter statuses or blog articles.
- [**21**Star][3m] [Shell] [stevemcilwain/quiver](https://github.com/stevemcilwain/quiver) Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing.
- [**21**Star][15d] [Assembly] [loreloc/mkpoly](https://github.com/loreloc/mkpoly) A simple polymorphic engine
- [**21**Star][10m] [Shell] [rcs333/vapid](https://github.com/rcs333/vapid) VAPiD: Viral Annotation and Identification Pipeline
- [**21**Star][8y] [JS] [berggren/fordropweb](https://github.com/berggren/fordropweb) Forensic Dropbox
- [**21**Star][3m] [Py] [bountystrike/injectus](https://github.com/bountystrike/injectus) CRLF and open redirect fuzzer
- [**21**Star][1m] [Java] [luker983/nsa-codebreaker-2019](https://github.com/luker983/nsa-codebreaker-2019) NSA Codebreaker Challenge 2019 write-ups.
- [**21**Star][30d] [C] [anestisb/qc_image_unpacker](https://github.com/anestisb/qc_image_unpacker) Qualcomm image unpacker
- [**21**Star][7m] [Swift] [tbxark/passwordx](https://github.com/tbxark/passwordx) Offline password manager for iOS/macOS
- [**21**Star][7m] [C#] [paskowsky/dreamprotectorfree](https://github.com/paskowsky/dreamprotectorfree) Simple protector to show how to run a payload without dropping it using RunPE Technique
- [**21**Star][11d] [HTML] [mevdschee/aoc-stats](https://github.com/mevdschee/aoc-stats) Advent of Code statistics for the first 100 submissions visualized
- [**21**Star][10m] [Py] [510908220/heartbeats](https://github.com/510908220/heartbeats) 一个基于数据上报的监控系统. 用于监控定时和定期类型服务监控状况
- [**21**Star][5m] [C#] [hellokitty/booma.proxy](https://github.com/hellokitty/booma.proxy) Collection of C#/.NET libraries for communication, understanding and emulating Phantasy Star Online Blue Burst. Both client and server.
- [**21**Star][7m] [lluisrojass/tumblr-scraper](https://github.com/lluisrojass/tumblr-scraper) Scrape a Tumblr blog for personal posts
- [**21**Star][4m] [Java] [nnjun/simpleopenvpn-android](https://github.com/nnjun/simpleopenvpn-android) 基于OpenVPN封装的Android连接库，使用非常简易。
- [**21**Star][11m] [Dylan] [dylan-hackers/network-night-vision](https://github.com/dylan-hackers/network-night-vision) IP stack written in Dylan - includes binary parsing and interactive GUI
- [**21**Star][8m] [Py] [jcesarstef/python-crawl](https://github.com/jcesarstef/python-crawl) Library to crawl and extract internal links from domain
- [**21**Star][19d] [Shell] [wknapik/openvpn-unroot](https://github.com/wknapik/openvpn-unroot) Run OpenVPN without root privileges
- [**21**Star][4m] [Py] [patricke94/pycalima](https://github.com/patricke94/pycalima) Python interface for Pax Calima Fan via Bluetooth LE
- [**21**Star][14d] [C#] [pkisolutions/pkix.net](https://github.com/pkisolutions/pkix.net) .NET PKI framework to extend cryptography support in CLR.
- [**21**Star][12d] [Nim] [jangko/nimsha2](https://github.com/jangko/nimsha2) Secure Hash Algorithm 2
- [**21**Star][2y] [C++] [patrickjahns/esp_rgbww_firmware](https://github.com/patrickjahns/esp_rgbww_firmware) Firmware for esp_rgbww_controller (
- [**21**Star][4m] [C] [wolfeidau/esp32-blufi](https://github.com/wolfeidau/esp32-blufi) This component provides bluetooth onboarding for the ESP32 boards.
- [**21**Star][5m] [Py] [pielco11/junglescam](https://github.com/pielco11/junglescam) An Amazon OSINT scraper for potential scam accounts
- [**21**Star][3m] [Go] [terorie/od-database-crawler](https://github.com/terorie/od-database-crawler) OD-Database Go crawler
- [**21**Star][27d] [Py] [sylvanassun/scrapy-picture-spider](https://github.com/sylvanassun/scrapy-picture-spider) The project is a spider that uses scrapy and beautifulsoup4 for crawl picture.
- [**21**Star][16d] [JS] [reuke/surviv.io-cheat](https://github.com/reuke/surviv.io-cheat) Cheat for surviv.io game
- [**21**Star][1m] [JS] [laverna/laverna-server](https://github.com/laverna/laverna-server) Signaling Server for Laverna's P2P Differential Synchronization
- [**21**Star][7m] [Py] [hubqin/sinacrawlerv](https://github.com/hubqin/sinacrawlerv) backup posts and comments of specify user in sina
- [**21**Star][10d] [PS] [codaamok/get-cmunusedsources](https://github.com/codaamok/get-cmunusedsources) A PowerShell script that will tell you what folders are not used by Microsoft Endpoint Manager Configuration Manager.
- [**21**Star][2m] [C] [katekovanton/ios-openvpn-sample](https://github.com/katekovanton/ios-openvpn-sample) OpenVPN/liblzo/openssl combined into a single XCode project that can be built for ios
- [**21**Star][1y] [Py] [hellflame/youdao](https://github.com/hellflame/youdao) 有道词典网页爬虫
- [**21**Star][15d] [CSS] [hacks-guide/guide_landing](https://github.com/hacks-guide/guide_landing) Complete guides to homebrew and custom firmware for various devices.
- [**21**Star][21d] [Py] [iggisv9t/imdb-spider](https://github.com/iggisv9t/imdb-spider) scrapy spider for scraping imdb {movie_id: [recommended, ...]}
- [**21**Star][3m] [Go] [b1naryth1ef/bowser](https://github.com/b1naryth1ef/bowser) a smart, friendly, secure, and auditable ssh daemon
- [**21**Star][1m] [Shell] [jellycsc/v2ray-tls-websocket-nginx](https://github.com/jellycsc/v2ray-tls-websocket-nginx) 
- [**21**Star][3m] [Py] [ioiogoo/proxies_](https://github.com/ioiogoo/proxies_) 一个简单的获取代理的类，代理来源
- [**21**Star][2m] [Py] [fportantier/vulpy](https://github.com/fportantier/vulpy) Vulnerable Python Application To Learn Secure Development
- [**21**Star][2m] [C] [geosn0w/machdump](https://github.com/geosn0w/machdump) A very basic C Mach-O Header Dump tool written for practicing purposes. Works With x86 and x86_64 binaries
- [**21**Star][11d] [C] [llubu/hypervisor](https://github.com/llubu/hypervisor) Hypervisor implementation for x86_64 ISA MIT JOS
- [**21**Star][7m] [Swift] [knightsj/data-structure-and-algorithm-in-swift](https://github.com/knightsj/data-structure-and-algorithm-in-swift) Data structure and algorithm implementation in Swift language
- [**21**Star][20d] [onecodemonkey/php-src-analysis](https://github.com/onecodemonkey/php-src-analysis) PHP源码分析注解。
- [**21**Star][2y] [PHP] [wxxiong6/crawl](https://github.com/wxxiong6/crawl) php爬虫系统
- [**21**Star][8m] [Py] [sistason/db_wlan_manager](https://github.com/sistason/db_wlan_manager) Monitors your Wifi to keep you logged in and resets your Wifi, if your data is drained
- [**21**Star][4m] [Py] [mechazawa/redbetter-wm2](https://github.com/mechazawa/redbetter-wm2) Better.php crawler for Redacted that uses WhatManager
- [**21**Star][6m] [Py] [anatman-xx/lpa](https://github.com/anatman-xx/lpa) Label-Propagation-Algorithm Python-Implementation
- [**21**Star][4m] [HTML] [qiuyy128/nova](https://github.com/qiuyy128/nova) 自动化运维管理平台
- [**21**Star][8d] [R] [packtpublishing/r-data-structures-and-algorithms](https://github.com/packtpublishing/r-data-structures-and-algorithms) R Data Structures and Algorithms, published by Packt
- [**21**Star][19d] [C] [soarqin/vita-rxcheat](https://github.com/soarqin/vita-rxcheat) VITA RxCheat
- [**21**Star][1m] [Java] [jeandersonbc/algorithms-and-ds](https://github.com/jeandersonbc/algorithms-and-ds) Algorithms and Data Structures
- [**21**Star][25d] [Py] [hydrabus-framework/framework](https://github.com/hydrabus-framework/framework) The hydrabus framework core [Not maintained anymore - see readme]
- [**21**Star][6m] [Py] [sorz/ssmanager](https://github.com/sorz/ssmanager) A python module managing large amount of running Shadowsocks server instances.
- [**21**Star][1y] [Dockerfile] [alibo/goquiet-shadowsocks-docker](https://github.com/alibo/goquiet-shadowsocks-docker) A Docker image for Shadowsocks over GoQuiet
- [**21**Star][2m] [C] [downwithup/cve-stockpile](https://github.com/downwithup/cve-stockpile) Master list of all my vulnerability discoveries. Mostly 3rd party kernel drivers.
- [**21**Star][6m] [Py] [ins1gn1a/pwdlyser-cli](https://github.com/ins1gn1a/pwdlyser-cli) Python-based CLI Password Analyser (Reporting Tool)
- [**21**Star][3y] [JS] [shangxinbo/cardinal](https://github.com/shangxinbo/cardinal) A socks and http proxy by nodejs for you to over GWF
- [**21**Star][1m] [Py] [m-zakeri/iust_deep_fuzz](https://github.com/m-zakeri/iust_deep_fuzz) A file format fuzzer base on deep neural networks.
- [**21**Star][4m] [C] [shadowsocksr-live/ssrwin](https://github.com/shadowsocksr-live/ssrwin) ShadowsocksR (SSR) client for Windows
- [**21**Star][9m] [Py] [jofpin/compaxss](https://github.com/jofpin/compaxss) Bypass XSS Reflected Cross-site scripting
- [**21**Star][1y] [Shell] [thelinuxchoice/lizard](https://github.com/thelinuxchoice/lizard) Extension spoofer and reverse shell generator
- [**21**Star][8m] [yinghuocho/download](https://github.com/yinghuocho/download) This is for binary files
- [**21**Star][1y] [Py] [f-secure/headless-scanner-driver](https://github.com/f-secure/headless-scanner-driver) A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output
- [**21**Star][4m] [valvesoftware/dota-underlords](https://github.com/valvesoftware/dota-underlords) Tracker for issues specific to the Linux and macOS client of Dota Underlords
- [**21**Star][6m] [CSS] [mitre/mitre.github.io](https://github.com/mitre/mitre.github.io) Open Source software from The MITRE Corporation
- [**21**Star][11m] [C] [maktm/time](https://github.com/maktm/time) Windows tool for measuring command/program execution speed
- [**21**Star][1y] [C] [reswitched/rcm-modchips](https://github.com/reswitched/rcm-modchips) Collection of "modchip" designs for launching payloads via the Tegra RCM bug (CVE-2018-6242)
- [**21**Star][2m] [Py] [peterbjornx/me_sa86_exploit](https://github.com/peterbjornx/me_sa86_exploit) Exploit generator for Intel ME 11 buffer overflow
- [**21**Star][6m] [bkth/optimize_rce_chakra](https://github.com/bkth/optimize_rce_chakra) keynote I gave at GreHack 2019
- [**21**Star][1m] [Java] [kant2002/ghidra](https://github.com/kant2002/ghidra) As it is obvious from the name this is version of NSA Ghidra which actually could be built from sources
- [**21**Star][3m] [Py] [verabe/veriman](https://github.com/verabe/veriman) Analysis tool for Solidity smart contracts. Prototype.
- [**21**Star][21d] [Java] [exploitr/mocksms](https://github.com/exploitr/mocksms) Android application to create/craft fake sms.
- [**21**Star][15d] [HTML] [guillac/jsbatchobfuscator](https://github.com/guillac/jsbatchobfuscator) JSBatchobfuscator is a simple obfuscator for batch script
- [**21**Star][1y] [PS] [ajackal/ideal-alligator](https://github.com/ajackal/ideal-alligator) PowerShell script to retreive wifi ESSIDs and Passwords.
- [**21**Star][29d] [C++] [coreyauger/slimhook](https://github.com/coreyauger/slimhook) Demonstration of dll injection. As well loading .net runtime and calling .net code. Example hijacking d3d9 dll and altering rendering of games.
- [**21**Star][2m] [C] [winter2020/kleespectre](https://github.com/winter2020/kleespectre) KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling
- [**21**Star][1m] [orvice/mu-one](https://github.com/orvice/mu-one) mu bundle
- [**21**Star][3m] [Py] [eternal-flame-ad/mafengwo](https://github.com/eternal-flame-ad/mafengwo) 一个基于scrapy框架编写的马蜂窝旅游网用户旅游路线爬虫，核心代码不到50行！
- [**21**Star][3m] [Py] [rdomanski/hardware_hacking](https://github.com/rdomanski/hardware_hacking) Content related to hardware hacking
- [**21**Star][7m] [Py] [rangduju/ke](https://github.com/rangduju/Ke) pip安装的贝壳网爬虫API，一行代码将指定筛选条件的全量数据保存为JSON/csv。A pip-install scraper of Beike, the best Chinese online housing platform.
- [**21**Star][4m] [CSS] [area39/webug4.0-docker](https://github.com/area39/webug4.0-docker) Docker版本的Webug4.0
- [**21**Star][29d] [Py] [oranav/ctf-writeups](https://github.com/oranav/ctf-writeups) 
- [**21**Star][11d] [C#] [decimation/razorsharp](https://github.com/decimation/razorsharp) Low-level utilities and tools for working with the CLR and memory.
- [**21**Star][4m] [Py] [mgp25/evilusb](https://github.com/mgp25/evilusb) Quick utility to craft executables for pentesting and managing reverse shells
- [**21**Star][3m] [Go] [nogoegst/onionize](https://github.com/nogoegst/onionize) create an onion site from a directory, file, zip or an HTTP(S) site
- [**21**Star][16d] [corb3nik/web-exploitation-workflow](https://github.com/corb3nik/web-exploitation-workflow) Web Exploitation Workflow for CTF Challenges
- [**21**Star][23d] [Py] [the-robot/admin-finder](https://github.com/the-robot/admin-finder) 
- [**21**Star][3m] [HTML] [pocfrance/security-workshops](https://github.com/pocfrance/security-workshops) All security workshops organized to introduce students to security with CTF-like exercices.
- [**21**Star][1m] [Py] [sakiir/timeauth](https://github.com/sakiir/timeauth) Python Time Based Authentication Attack Tool
- [**21**Star][2m] [Py] [inndy/formatstring-exploit](https://github.com/inndy/formatstring-exploit) Dead simple format string exploit payload generator
- [**21**Star][3m] [Py] [sniperoj/attack-defense-platform](https://github.com/sniperoj/attack-defense-platform) A framework that help to create CTF Attack with Defense competition quickly
- [**21**Star][5y] [Ruby] [vallejocc/hacking-busybox-control](https://github.com/vallejocc/Hacking-Busybox-Control) Some metasploit scripts to help to control busybox based embedded devices
- [**21**Star][2m] [Shell] [cyb0r9/config-exploiter](https://github.com/Cyb0r9/Config-Exploiter) Config-Exploiter Dump config.php file from joomla and wordpress websites
- [**21**Star][8m] [C] [newbee119/iot_bot](https://github.com/NewBee119/IoT_bot) A sample IoT bot origin from Mirai
- [**21**Star][4y] [ulexec/windowsmalwaresourcecode](https://github.com/ulexec/WindowsMalwareSourceCode) Collection of Source Code of Various Malware Targeting the Windows Platform
- [**21**Star][2y] [Py] [homjxi0e/empire_donation](https://github.com/homjxi0e/Empire_Donation) a group of Module Empire/Frameowrk I write it A large group of Module Empire-Powershell
- [**21**Star][3m] [C] [jianpingzju/hypro](https://github.com/jianpingzju/Hypro) VMI on BitVisor to detect hidden rootkits.
- [**21**Star][6m] [Py] [cylance/idpanel](https://github.com/cylance/IDPanel) Identify botnet panels with Ensembled Decision Trees
- [**21**Star][10d] [Shell] [polishfiltersteam/kad](https://github.com/PolishFiltersTeam/KAD) Polskie filtry do uBlocka Origin i AdGuarda, chroniące przed różnego rodzaju przekrętami i oszustwami (subskrypcje SMS, wirusy, fałszywe sklepy internetowe, itd.)
- [**21**Star][5m] [C#] [boogie-org/symbooglix](https://github.com/boogie-org/symbooglix) Symbolic Execution Engine for Boogie
- [**21**Star][2y] [Py] [cr0n1c/router_pwner](https://github.com/Cr0n1c/router_pwner) Dynamically id routers and attempt to compromise
- [**21**Star][2m] [Lua] [takeshixx/nmap-scripts](https://github.com/takeshixx/nmap-scripts) A collection of Nmap NSE scripts.
- [**21**Star][4m] [Lua] [oneinstack/ngx_lua_waf](https://github.com/oneinstack/ngx_lua_waf) ngx_lua_waf是一个基于lua-nginx-module的web应用防火墙
- [**21**Star][2m] [C] [aoncyberlabs/mbedtls-fuzz](https://github.com/AonCyberLabs/mbedtls-fuzz) 
- [**21**Star][2m] [hunter-github/evil-and-not-wholly-awesome-firefox](https://github.com/Hunter-Github/evil-and-not-wholly-awesome-firefox) [deprecated since Mozilla turned evil] A list of resources for and about Mozilla Firefox
- [**21**Star][2m] [Py] [csirtgadgets/csirtg-smrt-v1](https://github.com/csirtgadgets/csirtg-smrt-v1) the fastest way to consume threat intelligence.
- [**21**Star][2y] [JS] [wip-douile/cream-api-autoinstaller](https://github.com/wip-douile/cream-api-autoinstaller) A python script to auto install cream api for steam games
- [**21**Star][4m] [C] [mrktn/ccg](https://github.com/Mrktn/ccg) CCG is a random C Code Generator
- [**21**Star][1m] [PHP] [zzb1999/xss-platform](https://github.com/zzb1999/xss-platform) 一款基于ThinkPHP5.1的XSS管理平台。
- [**21**Star][11d] [C++] [zmom1031/bruteforce3-8remote](https://github.com/zmom1031/bruteforce3-8remote) Brute Force Attack 3 ^ 8 Remote Control
- [**21**Star][5y] [C] [zliu-fd/windivertproxy](https://github.com/zliu-fd/windivertproxy) Proxy any program via WinDivert to a specific server
- [**21**Star][4m] [ObjC] [zjjno/cornerstonehook](https://github.com/zjjno/cornerstonehook) Cornerstone破解
- [**21**Star][9m] [Java] [zhaozepeng/safewebview](https://github.com/zhaozepeng/safewebview) 修复 4.2 之下 JS 漏洞的 WebView
- [**21**Star][3y] [CSS] [youngyangyang04/nosqlinjectionattackdemo](https://github.com/youngyangyang04/nosqlinjectionattackdemo) NoSQLInjectionAttackDemo is website demo for test NoSQL Injection. There are two website demos in this project and all databases are mongoDB
- [**21**Star][4m] [Py] [ydkhatri/unifiedlogreader](https://github.com/ydkhatri/unifiedlogreader) A parser for Unified logging tracev3 files
- [**21**Star][7m] [Py] [xwings/tuya](https://github.com/xwings/tuya) 
- [**21**Star][19d] [C++] [xrivendell/acapulco-css](https://github.com/xrivendell/acapulco-css) Free open-source cheat for Counter-Strike: Source. Written in C++ with support of ImGUI libraries.
- [**21**Star][4m] [C] [xiaofen9/ssdthook](https://github.com/xiaofen9/ssdthook) An SSDT hook for Windows
- [**21**Star][7m] [xazlsec/ctf-project-lists](https://github.com/xazlsec/ctf-project-lists) 由信安之路团队成员收集整理的与 CTF 相关的 Github 项目地址
- [**21**Star][3y] [C++] [wyrover/cryptoapi-examples](https://github.com/wyrover/cryptoapi-examples) microsoft CryptoAPI examples
- [**21**Star][7m] [Shell] [wuseman/wdroid](https://github.com/wuseman/wdroid) Master your android device via command line
- [**21**Star][7m] [Shell] [wolfvan/some-samples](https://github.com/wolfvan/some-samples) Malware captured with honeypots
- [**21**Star][2m] [Py] [we8i/weblogic-exploits](https://github.com/we8i/weblogic-exploits) 
- [**21**Star][4m] [Batchfile] [warengonzaga/wifi-passview](https://github.com/warengonzaga/wifi-passview) An open source batch script based WiFi Passview for Windows!
- [**21**Star][4m] [C#] [vr-house/eazy-arcore-interface](https://github.com/vr-house/eazy-arcore-interface) Eazy ARCore Interface is a Unity3D plugin which makes development and debugging of ARCore projects easier. Specifically, it simulates how ARCore works in an Android device inside of Unity3D editor. Thus, it allows for faster development of ARCore apps, without the need to build and deploy to the device in order to test fuctionality
- [**21**Star][15d] [C++] [verideth/repen](https://github.com/verideth/repen) Simple C8 disassembler
- [**21**Star][1y] [Py] [v-p-b/similarninja](https://github.com/v-p-b/similarninja) Binary matching with Binary Ninja
- [**21**Star][6m] [Py] [unstabl3/recce](https://github.com/unstabl3/recce) Domain availbility checker
- [**21**Star][2y] [Py] [unamer/ctfhelper](https://github.com/unamer/ctfhelper) A simple Burp extension for scanning stuffs in CTF
- [**21**Star][10d] [C#] [ukncsc/mail-check](https://github.com/ukncsc/mail-check) 
- [**21**Star][5m] [Py] [ucnt/aws-s3-bruteforce](https://github.com/ucnt/aws-s3-bruteforce) (DEPRECATED) Amazon AWS S3 Bucket Name Bruteforce
- [**21**Star][3m] [PS] [trullj/sticky-keys-scanner](https://github.com/trullj/sticky-keys-scanner) A PowerShell function that scans for the existence of a Sticky Keys backdoor.
- [**21**Star][2m] [Java] [topolik/ois-dos](https://github.com/topolik/ois-dos) Java Deserialization
- [**21**Star][1m] [toolswatch/badges](https://github.com/toolswatch/badges) ToolsWatch and Black Hat Arsenal selection of badges
- [**21**Star][5m] [Py] [toolsprods/sniffvpn](https://github.com/toolsprods/sniffvpn) Traffic monitor for your VPN
- [**21**Star][23d] [C#] [thundercls/xhotspots](https://github.com/thundercls/xhotspots) xHotSpots plugin for x64dbg
- [**21**Star][1m] [C++] [swoopae/purpura-csgo-sdk](https://github.com/swoopae/purpura-csgo-sdk) small little public internal base/cheat i'm currently working on
- [**21**Star][11d] [Py] [super-l/superl-githack](https://github.com/super-l/superl-githack) .git信息泄露漏洞利用工具。可以打包完整的各个版本项目开发代码，历程。与GitHack不同的是，这个下载的更完整无错！
- [**21**Star][6y] [stolas/windbg-darktheme](https://github.com/stolas/windbg-darktheme) A dark theme for WinDBG.
- [**21**Star][2m] [Max] [stevecooley/beatseqr-software](https://github.com/stevecooley/beatseqr-software) firmware for arduino boards, and software for the desktop to talk to the beatseqr hardware
- [**21**Star][10y] [C++] [sporst/ida-pro-plugins](https://github.com/sporst/ida-pro-plugins) Collection of IDA Pro plugins I wrote over the years
- [**21**Star][2y] [Py] [spec-sec/securechat](https://github.com/spec-sec/securechat) Encrypted chat server and client written in Python
- [**21**Star][19d] [Py] [solita/blackhat-python](https://github.com/solita/blackhat-python) Black Hat Python workshop for Disobey 2019
- [**21**Star][15d] [smartdec/classification](https://github.com/smartdec/classification) Classification of smart contract vulnerabilities
- [**21**Star][4m] [Java] [skocur/image-cipher](https://github.com/skocur/image-cipher) Steganography software for encrypting text into image that uses modified version of LSB (Least Significant Bit) algorithm.
- [**21**Star][18d] [C++] [skiphansen/pano_progfpga](https://github.com/skiphansen/pano_progfpga) Flashing Pano Logic G1 devices without a programmer
- [**21**Star][3m] [JS] [skepticfx/subquest](https://github.com/skepticfx/subquest) Fast, Elegant subdomain scanner using nodejs
- [**21**Star][4m] [C++] [sinakarvandi/vmcs-auditor](https://github.com/sinakarvandi/vmcs-auditor) VMCS Auditor provides almost all of Intel's VMCS Layout checklist based on Bochs Emulator.
- [**21**Star][5m] [Shell] [shyoshyo/datacon-9102-dns](https://github.com/shyoshyo/datacon-9102-dns) DataCon 9102: DNS Analysis, THU Team 1
- [**21**Star][3y] [C#] [shadowsocks-plus/shadowsocks-plus-win](https://github.com/shadowsocks-plus/shadowsocks-plus-win) An installer for SSPlus local proxy on Windows
- [**21**Star][15d] [Py] [seymour1/label-virusshare](https://github.com/seymour1/label-virusshare) A project to label the VirusShare malware corpus using VirusTotal's public API.
- [**21**Star][10d] [Shell] [semeion/handshake-cracker](https://github.com/semeion/handshake-cracker) Handshake cracker
- [**21**Star][6m] [ActionScript] [securityobscurity/cve-2015-0313](https://github.com/securityobscurity/cve-2015-0313) 
- [**21**Star][4m] [Dockerfile] [secbone/docker-ss-libev](https://github.com/secbone/docker-ss-libev) A mini docker image of Shadowsocks-libev only 15M in size
- [**21**Star][8y] [C#] [schmalle/mysqlpot](https://github.com/schmalle/mysqlpot) A mysql honeypot, still very very early stage
- [**21**Star][2m] [C] [sanseolab/simpleavdriver](https://github.com/sanseolab/simpleavdriver) Simple AntiVirus Driver example
- [**21**Star][11m] [C++] [sanketkarpe/anwi](https://github.com/sanketkarpe/anwi) ANWI - All New Wireless IDS
- [**21**Star][5m] [Py] [saadahmedx/subdomain-takeover](https://github.com/saadahmedx/subdomain-takeover) 
- [**21**Star][3m] [Shell] [rustybird/qubes-split-browser](https://github.com/rustybird/qubes-split-browser) Tor Browser in a Qubes DisposableVM, with persistent bookmarks and login credentials
- [**21**Star][8m] [rpardini/docker-caching-proxy-multiple-private](https://github.com/rpardini/docker-caching-proxy-multiple-private) nginx-based hack to cache non-DockerHub registries (k8s.gcr.io, quay.io, your own)
- [**21**Star][3y] [C++] [riscybusiness/jadoube](https://github.com/riscybusiness/jadoube) 
- [**21**Star][4m] [PS] [rgl/visual-studio-community-vagrant](https://github.com/rgl/visual-studio-community-vagrant) Vagrant Environment for Visual Studio Community
- [**21**Star][8m] [C] [rfalke/decompiler-subjects](https://github.com/rfalke/decompiler-subjects) Tests cases for binary decompilers
- [**21**Star][5m] [C++] [revspbird/hightlight](https://github.com/revspbird/hightlight) a plugin for ida of version 7.2 to help know F5 window codes better
- [**21**Star][6y] [Java] [retme7/launchanywhere_poc_by_retme_bug_7699048](https://github.com/retme7/launchanywhere_poc_by_retme_bug_7699048) source code & PoC file of launchAnyWhere problem
- [**21**Star][4m] [Java] [redfin/fuzzy](https://github.com/redfin/fuzzy) A handy little library for writing expressive "fuzz tests" in Java
- [**21**Star][4m] [reddrip7/usb-bootkit](https://github.com/reddrip7/usb-bootkit) 
- [**21**Star][7y] [raz0r/burp-radamsa](https://github.com/raz0r/burp-radamsa) Radamsa fuzzer extension for Burp Suite
- [**21**Star][10m] [Ruby] [rapid7/msfrpc-client](https://github.com/rapid7/msfrpc-client) Rapid7 Metasploit API client library written in Ruby
- [**21**Star][1y] [Py] [random-robbie/open-redirect](https://github.com/random-robbie/open-redirect) Open Redirect Finder.
- [**21**Star][2m] [C#] [radareorg/r2wars](https://github.com/radareorg/r2wars) Corewars but within r2
- [**21**Star][2y] [Py] [r0hi7/honeysmb](https://github.com/r0hi7/honeysmb) Simple High Interaction Honeypot Solution for SMB protocol
- [**21**Star][5m] [Py] [r00t-3xp10it/samsung-tv-denial-of-service-dos-attack](https://github.com/r00t-3xp10it/samsung-tv-denial-of-service-dos-attack) Samsung TV Denial of Service (DoS) Attack
- [**21**Star][2m] [Py] [pyke369/exabgp-helpers](https://github.com/pyke369/exabgp-helpers) ExaBGP helpers scripts
- [**21**Star][7m] [Ruby] [pwelch/virustotal_api](https://github.com/pwelch/virustotal_api) Ruby Gem for VirusTotal API
- [**21**Star][6m] [Py] [pure-l0g1c/aircrack](https://github.com/pure-l0g1c/aircrack) Automatic Wifi Cracker. Uses Airodump, Aircrack, Aireplay
- [**21**Star][5m] [C++] [progmboy/vul_analyze_doc](https://github.com/progmboy/vul_analyze_doc) 
- [**21**Star][1m] [probely/security_checklist](https://github.com/probely/security_checklist) Web Application Security Checklist
- [**21**Star][6m] [C] [podonoghue/usbdm-firmware](https://github.com/podonoghue/usbdm-firmware) Firmware for USBDM BDMs
- [**21**Star][1m] [Java] [pnfsoftware/jeb-plugin-libra](https://github.com/pnfsoftware/jeb-plugin-libra) Libra decompiler plugin for JEB
- [**21**Star][4m] [HTML] [pentestbox/pentest-box-tools](https://github.com/pentestbox/pentest-box-tools) PentestBox Tools Website
- [**21**Star][3m] [C++] [patois/idaplugins](https://github.com/patois/idaplugins) Random IDA scripts, plugins, example code (some of it may be old and not working anymore)
- [**21**Star][2y] [C] [pastcompute/lca2015-radare2-tutorial](https://github.com/pastcompute/lca2015-radare2-tutorial) Examples and demos for my LCA2015 radare2 tutorial
- [**21**Star][6m] [C#] [ovidiuvio/vsdebugpro](https://github.com/ovidiuvio/vsdebugpro) Enhanced debugging for C/C++. Dump blocks of data, load data in memory and more.
- [**21**Star][4y] [Visual Basic .NET] [osandamalith/vbshellcode](https://github.com/osandamalith/vbshellcode) Making shellcode UD -
- [**21**Star][3m] [Shell] [operatorequals/oneliner-sh](https://github.com/operatorequals/oneliner-sh) oneliner is a tool that gives a list of compatible reverse-shell-string oneliners
- [**21**Star][3m] [Py] [onethawt/idapyscripts](https://github.com/onethawt/idapyscripts) IDAPython scripts
    - [DataXrefCounter ](https://github.com/onethawt/idapyscripts/blob/master/dataxrefcounter.py)  A small IDAPython plugin which enumerates all of the the x-references in a specific segment and counts the frequency of usage
- [**21**Star][2y] [C#] [olanderofc/officebrute](https://github.com/olanderofc/officebrute) OfficeBrute - brute force protected word documents
- [**21**Star][2m] [ObjC] [ogamespec/breaks](https://github.com/ogamespec/breaks) Nintendo Entertainment System (NES) / Famicom / Dendy chip reversing
- [**21**Star][3y] [Py] [odedlaz/uberlogs](https://github.com/odedlaz/uberlogs) make logging fun again
- [**21**Star][5y] [C] [nyx0/dll-inj3cti0n](https://github.com/nyx0/dll-inj3cti0n) Another dll injection tool.
- [**21**Star][6m] [C] [nviso-be/nexus_5_bootloader_unpacker](https://github.com/nviso-be/nexus_5_bootloader_unpacker) A bootloader imgdata unpacker for Nexus 4, 5 and 7 smartphones as well as imgdata tool for Nexus 5.
- [**21**Star][12d] [JS] [nowsecure/frida-screenshot](https://github.com/nowsecure/frida-screenshot) Grab screenshots using Frida.
- [**21**Star][1m] [Swift] [nmint8m/guide-charles-proxy](https://github.com/nmint8m/guide-charles-proxy) Charles - Web Debugging Proxy Application. I want to share my experiences when I worked with Charles. It is such an amazing application for debugging and testing the presentation of UI when trying different set of data. Hope you guys will master Charles after reading this section. Let’s find out!
- [**21**Star][2y] [C++] [nkga/self-updater](https://github.com/nkga/self-updater) Framework for secure self-updating software, written in C++/Win32.
- [**21**Star][6m] [JS] [nicolassiver/nodebb-plugin-ns-login](https://github.com/nicolassiver/nodebb-plugin-ns-login) External login check for your NodeBB.
- [**21**Star][10m] [Go] [netxfly/xsec-ssh-firewall](https://github.com/netxfly/xsec-ssh-firewall) 一个简易的ssh密码防暴力破解程序
- [**21**Star][5y] [Py] [neo23x0/prisma](https://github.com/neo23x0/prisma) Command Line STDOUT Colorer
- [**21**Star][2y] [Py] [ne0nd0g/adpasswordhealth](https://github.com/ne0nd0g/adpasswordhealth) A tool to evaluate the password health of Active Directory accounts.
- [**21**Star][3y] [nd13/penetration-testing-and-hacking](https://github.com/nd13/penetration-testing-and-hacking) Collection of tips, tools and tutorials around infosec
- [**21**Star][16d] [C] [nbulischeck/debugfs-backdoor](https://github.com/nbulischeck/debugfs-backdoor) PoC code using debugfs to store files in memory and execute them
- [**21**Star][13d] [C] [naworkcaj/betrayed](https://github.com/naworkcaj/betrayed) IRC-controlled LD_PRELOAD Linux rootkit
- [**21**Star][3m] [Py] [mysterymask/wooyun](https://github.com/mysterymask/wooyun) wooyun.org公开漏洞爬取
- [**21**Star][3m] [C] [mtth-bfft/ntsec](https://github.com/mtth-bfft/ntsec) Standalone tool to explore the security model of Windows and its NT kernel. Use it to introspect privilege assignments and access right assignments, enumerate attack surfaces from the point of view of a sandboxed process, etc.
- [**21**Star][3y] [C++] [mrexodia/ceautoattach](https://github.com/mrexodia/ceautoattach) Tool to automatically make Cheat Engine attach to a process via the command line.
- [**21**Star][3y] [C] [mozilla/mwos-letsencrypt-2015](https://github.com/mozilla/mwos-letsencrypt-2015) Nginx module that implements ACME for automated TLS configuration
- [**21**Star][4m] [Java] [moudoux/emc](https://github.com/moudoux/emc) The EMC Framework (Easy Minecraft Client) - An easy to use Minecraft modding framework
- [**21**Star][3y] [C++] [morpav/zceq_solver](https://github.com/morpav/zceq_solver) CPU solver for Zcash's variant of Equihash problem
- [**21**Star][3m] [Py] [monnappa22/linux_mem_diff_tool](https://github.com/monnappa22/linux_mem_diff_tool) Script to perform Linux Memory Diff Analysis Using Volatility
- [**21**Star][2y] [C#] [mojtabatajik/besafe](https://github.com/mojtabatajik/besafe) BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
- [**21**Star][4m] [Java] [mobsf/mobsf-related-materials](https://github.com/mobsf/mobsf-related-materials) MobSF related Presentations, Slides and Others.
- [**21**Star][9m] [Py] [misp/misp-workbench](https://github.com/misp/misp-workbench) MISP Workbench
- [**21**Star][1y] [JS] [mikolalysenko/lpf-ctf](https://github.com/mikolalysenko/lpf-ctf) Multiplayer capture the flag demo
- [**21**Star][1m] [Makefile] [miglen/bulgarian-wordlists](https://github.com/miglen/bulgarian-wordlists) Bulgarian wordlists (списък с думи на Български език)
- [**21**Star][3y] [C++] [microsoft/firewalleventmonitor](https://github.com/microsoft/firewalleventmonitor) Listens for Firewall rule match events generated by Microsoft Hyper-V Virtual Filter Protocol (VFP) extension.
- [**21**Star][3m] [Ruby] [michenriksen/wikiranger](https://github.com/michenriksen/wikiranger) Gather information on Wiki contributions from IP ranges
- [**21**Star][1y] [C#] [michel-pi/lowlevelinput.net](https://github.com/michel-pi/lowlevelinput.net) A thread safe and event driven LowLevelMouse and LowLevelKeyboard Hook
- [**21**Star][1m] [C] [mgrzeszczak/des-cuda](https://github.com/mgrzeszczak/des-cuda) DES cracking using brute force algorithm and CUDA
- [**21**Star][3y] [PHP] [mgeeky/phishingpost](https://github.com/mgeeky/phishingpost) PHP Script intdended to be used during Phishing campaigns as a credentials collector linked to backdoored HTML <form> action parameter
- [**21**Star][2y] [Py] [mdsecresearch/thriftdecoder](https://github.com/mdsecresearch/thriftdecoder) Apache Thrift Decoder
- [**21**Star][3y] [Py] [mdegrazia/onionpeeler](https://github.com/mdegrazia/onionpeeler) Python script to batch query the Tor Relays and Bridges
- [**21**Star][29d] [mayter/sec-charts](https://github.com/mayter/sec-charts) 更新了更多的思维导图。
- [**21**Star][25d] [C] [maurotfilho/dns-spoof](https://github.com/maurotfilho/dns-spoof) DNS Spoof
- [**21**Star][4y] [PHP] [martiningesen/honnypotter](https://github.com/martiningesen/honnypotter) WordPress Honeypot
- [**21**Star][4m] [C++] [markopaul0/datagramtunneler](https://github.com/markopaul0/datagramtunneler) Simple C++ cross-platform client/server app forwarding UDP datagrams through a TCP connection.
- [**21**Star][5y] [C] [magellannh/rtl-wx](https://github.com/magellannh/rtl-wx) RTL-Wx logs data from 433Mhz wireless sensors using an RTL-SDR dongle. The Wiki has some screenshots of the results
- [**21**Star][21d] [Py] [macaron-et/wasabi-aeg](https://github.com/macaron-et/wasabi-aeg) Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.
- [**21**Star][2y] [Py] [m4cs/digiduck-framework](https://github.com/m4cs/digiduck-framework) Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader!
- [**21**Star][6y] [C++] [lynnux/holyshit](https://github.com/lynnux/holyshit) ollydbg plugin, the goal is to make life easier. The project is DEAD!
- [**21**Star][3m] [C] [lnslbrty/potd](https://github.com/lnslbrty/potd) A high scalable low to medium interactive SSH/TCP honeypot using Linux Namespaces, capabilities, seccomp, cgroups designed for OpenWrt and IoT devices.
- [**21**Star][27d] [Py] [lonfme/web-shell-bopo](https://github.com/lonfme/web-shell-bopo) Python 一句话木马爆破工具，速度极快
- [**21**Star][2y] [Shell] [linuxlite/spectre-meltdown-checker-automated](https://github.com/linuxlite/spectre-meltdown-checker-automated) An Automated Spectre Meltdown downloader and checker
- [**21**Star][25d] [C] [lillypad/swamp-rat](https://github.com/lillypad/swamp-rat) A Linux RAT in C
- [**21**Star][4m] [Py] [lifehackjim/cert_human](https://github.com/lifehackjim/cert_human) SSL Certificates for Humans
- [**21**Star][1m] [Java] [lgrangeia/aesburp](https://github.com/lgrangeia/aesburp) Burp Extension to manipulate AES encrypted payloads
- [**21**Star][3y] [C] [leixiangwu/cse509-rootkit](https://github.com/leixiangwu/cse509-rootkit) After attackers manage to gain access to a remote (or local) machine and elevate their privileges to "root", they typically want to maintain their access, while hiding their presence from the normal users and administrators of the system. This basic rootkit works on the Linux operating system and is a loadable kernel module which when loaded int…
- [**21**Star][4m] [Py] [lazza/carbon14](https://github.com/lazza/carbon14) OSINT dating tool for web pages
- [**21**Star][3y] [Py] [kudelskisecurity/check_all_apks](https://github.com/kudelskisecurity/check_all_apks) Check All APK's -- scripts for checking your phone for malware
- [**21**Star][6m] [Py] [kslgroup/threadmap](https://github.com/kslgroup/threadmap) threadmap plugin for Volatility Foundation
- [**21**Star][1y] [HTML] [kronik/devsecops2017](https://github.com/kronik/devsecops2017) Monitoring attacks with elastick, kibana, grok, logstash and beats
- [**21**Star][2y] [Py] [korolr/gui-form-brut](https://github.com/korolr/gui-form-brut) GTK3+
- [**21**Star][1m] [Py] [kkevsterrr/tcpkiller](https://github.com/kkevsterrr/tcpkiller) kills all TCP connections on a network
- [**21**Star][3y] [Ruby] [kingsabri/burp_suite_extension_ruby](https://github.com/kingsabri/burp_suite_extension_ruby) BurpSuite Extension Ruby Template to speed up building a Burp Extension using Ruby
- [**21**Star][5y] [Java] [khai-tran/burpjdser](https://github.com/khai-tran/burpjdser) a Burp plugin that will deserialze/serialize Java request and response to and from XML with the use of Xtream library
- [**21**Star][23d] [JS] [jsoverson/shift-refactor](https://github.com/jsoverson/shift-refactor) A suite of utilities to query and modify JavaScript source
- [**21**Star][1y] [Py] [jordisk/thehive2sigma](https://github.com/jordisk/thehive2sigma) Python script to automatically create sigma rules from The hive observables
- [**21**Star][6y] [JS] [jonstewart/sifter](https://github.com/jonstewart/sifter) Indexed search and clustering tool for digital forensics
- [**21**Star][4y] [C] [jonathanseals/ios-kexec-utils](https://github.com/jonathanseals/ios-kexec-utils) I'm taking a break, I swear
- [**21**Star][1m] [Py] [johestephan/ibmxforceex.checker.py](https://github.com/johestephan/ibmxforceex.checker.py) Python based client for IBM XForce Exchange
- [**21**Star][2y] [Py] [jimmyastle/atomic-parser](https://github.com/jimmyastle/atomic-parser) Python parser for Red Canary's Atomic Red Team Yamls
- [**21**Star][9m] [Shell] [jfernandez/ddos-deflate](https://github.com/jfernandez/ddos-deflate) custom DDoS Deflate clone
- [**21**Star][1m] [HTML] [jes/stegoseed](https://github.com/jes/stegoseed) Steganographically hide Bitcoin wallet seeds
- [**21**Star][3y] [Groovy] [jenkinsci-cert/security-218](https://github.com/jenkinsci-cert/security-218) 
- [**21**Star][7d] [Py] [jbremer/vtdl](https://github.com/jbremer/vtdl) Easiest way to download samples through VirusTotal Intelligence
- [**21**Star][13d] [Py] [jay-johnson/network-pipeline](https://github.com/jay-johnson/network-pipeline) Network traffic data pipeline for real-time predictions and building datasets for deep neural networks
- [**21**Star][2m] [PHP] [izzysoft/virustotal](https://github.com/izzysoft/virustotal) PHP library for VirusTotal.COM. Moved to
- [**21**Star][8m] [ivmachiavelli/osint_opendata](https://github.com/ivmachiavelli/osint_opendata) A collection of Open Data for the data freaks out there.
- [**21**Star][2y] [Java] [it-gorillaz/lnk2pwn](https://github.com/it-gorillaz/lnk2pwn) Malicious Shortcut(.lnk) Generator
- [**21**Star][16d] [JS] [isafeblue/jxss-platform](https://github.com/isafeblue/jxss-platform) java版xss平台
- [**21**Star][2y] [Py] [ins1gn1a/pwdlyser](https://github.com/ins1gn1a/pwdlyser) Python-based CLI Password Analyser (Reporting Tool)
- [**21**Star][10m] [Py] [ikoniaris/kippo-malware](https://github.com/ikoniaris/kippo-malware) Download all malicious files from a Kippo SSH honeypot database
- [**21**Star][2m] [Makefile] [icing/h2fuzz](https://github.com/icing/h2fuzz) everyone can fuzz h2
- [**21**Star][9m] [Ruby] [realbearcat/cve-2018-1297](https://github.com/RealBearcat/CVE-2018-1297) Apache Jmeter RMI 反序列化
- [**21**Star][2m] [Java] [hvqzao/burp-wildcard](https://github.com/hvqzao/burp-wildcard) Burp extension intended to compact Burp extension tabs by hijacking them to own tab.
- [**21**Star][8m] [C++] [holmesian/gh0st-light](https://github.com/holmesian/gh0st-light) 精简之后的老东西
- [**21**Star][30d] [Ruby] [heroku/omniauth-heroku](https://github.com/heroku/omniauth-heroku) OmniAuth strategy for Heroku
- [**21**Star][15d] [C++] [hackedteam/vector-dropper](https://github.com/hackedteam/vector-dropper) Droppers for all platforms
- [**21**Star][3m] [Py] [guedou/flashre](https://github.com/guedou/flashre) Tools to reverse the Toshiba FlashAir SD cards
- [**21**Star][19d] [C] [greenbone/openvas-smb](https://github.com/greenbone/openvas-smb) SMB module for OpenVAS Scanner
- [**21**Star][2m] [Py] [gilks/enumerid](https://github.com/gilks/enumerid) Enumerate RIDs using pure Python
- [**21**Star][5m] [C++] [ghostlander/ccminer-neoscrypt](https://github.com/ghostlander/ccminer-neoscrypt) NVIDIA CCminer for NeoScrypt
- [**21**Star][1m] [Rust] [gamozolabs/slime_tree](https://github.com/gamozolabs/slime_tree) Worst Android kernel fuzzer
- [**21**Star][1m] [Go] [freetaxii/libstix2](https://github.com/freetaxii/libstix2) APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)
- [**21**Star][18d] [Shell] [free5ty1e/honeypotpi](https://github.com/free5ty1e/honeypotpi) Script for turning a Raspberry Pi into a Honey Pot Pi
- [**21**Star][15d] [Py] [firmadyne/extractor](https://github.com/firmadyne/extractor) Kernel and filesystem extractor
- [**21**Star][7m] [Shell] [fabaff/fsl-test-bench](https://github.com/fabaff/fsl-test-bench) FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.
- [**21**Star][4m] [Py] [f5networks/f5-google-gdm-templates](https://github.com/f5networks/f5-google-gdm-templates) Google Deployment Templates for quickly deploying BIG-IP services in Google Cloud Platform
- [**21**Star][1y] [WebAssembly] [eosessentials/eos-proxy-token](https://github.com/eosessentials/eos-proxy-token) Proxy token to allow mitigating EOSIO Ram exploit
- [**21**Star][10m] [C#] [empier/memoryeditor](https://github.com/empier/memoryeditor) [C#]Main.exe < - > [C_DLL] < - > [C_KERNEL] = Memory_Editor via Kernel
- [**21**Star][7m] [Py] [electric-cloud/electricaccelerator](https://github.com/electric-cloud/electricaccelerator) ElectricAccelerator enables private cloud computing by accurately executing parallel builds on a single desktop computer with Developer Edition or across scalable clusters of standard hardware to reduce build times by as much as 20x.
- [**21**Star][2y] [Py] [ekultek/hacapt](https://github.com/ekultek/hacapt) Package manager for hackers built by hackers
- [**21**Star][1y] [C++] [edwig/sslsocket](https://github.com/edwig/sslsocket) Two sided secure/insecure socket that can do SSL/TLS connections without the need for OpenSSL libraries. It uses the standard WinCrypt modules
- [**21**Star][3m] [edoverflow/security-policy-specification-standard](https://github.com/edoverflow/security-policy-specification-standard) This document proposes a way of standardising the structure, language, and grammar used in security policies.
- [**21**Star][17d] [Java] [edmcman/ghidra-scala-loader](https://github.com/edmcman/ghidra-scala-loader) An extension to load Ghidra scripts written in Scala
- [**21**Star][5m] [JS] [dweinstein/node-frida-contrib](https://github.com/dweinstein/node-frida-contrib) frida utility-belt
- [**21**Star][6m] [Py] [dusanmadar/scrapemeagain](https://github.com/dusanmadar/scrapemeagain) Yet another Python web scraping application
- [**21**Star][14d] [JS] [dubzzz/fuzz-rest-api](https://github.com/dubzzz/fuzz-rest-api) Derive property based testing fact-check into a fuzzer for REST APIs
- [**21**Star][1y] [C] [downwithup/cve-2018-16712](https://github.com/downwithup/cve-2018-16712) PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
- [**21**Star][27d] [Vue] [dj-zombie/hashpass](https://github.com/dj-zombie/hashpass) Hash cracking WebApp & Server for hashcat
- [**21**Star][2m] [Go] [dirkduesentrieb/fgsniffer](https://github.com/dirkduesentrieb/fgsniffer) Convert Fortigates "diagnose sniffer" output to pcap files
- [**21**Star][24d] [C++] [dinamsky/malware-botnets](https://github.com/dinamsky/malware-botnets) 
- [**21**Star][4y] [Py] [digitalbond/ctf-challenges](https://github.com/digitalbond/ctf-challenges) Challenges from past S4 (SCADA Security Scientific Symposium) Capture-the-Flag contests.
- [**21**Star][2m] [C] [devio/lpcflash](https://github.com/devio/lpcflash) flash utility for NXP LPC17xx ARM CM3 series on-chip bootloader
- [**21**Star][3y] [Py] [dev1dor/ethereumd-proxy](https://github.com/dev1dor/ethereumd-proxy) Proxy client-server for Ethereum node using bitcoin JSON-RPC interface.
- [**21**Star][11m] [Py] [dearbytes/opensource-endpoint-monitoring](https://github.com/dearbytes/opensource-endpoint-monitoring) This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
- [**21**Star][4y] [PS] [davehardy20/invoke-winrmattack](https://github.com/davehardy20/invoke-winrmattack) PowerShell cmdlet to push PowerShell attack modules to a remote system via PSRemoting and if required enable WinRM remotely.
- [**21**Star][7y] [Ruby] [darkoperator/nessus-bridge-for-metasploit](https://github.com/darkoperator/nessus-bridge-for-metasploit) nessus plugin for metasploit to connect to a nessus server
- [**21**Star][2m] [Py] [danilabs/rexploit](https://github.com/danilabs/rexploit) RExploit (Router Exploitation) is a tool that search exploits for any router SOHO. It is written on Python and QT.
- [**21**Star][3m] [Py] [cz-nic/deckard](https://github.com/cz-nic/deckard) DNS test harness
- [**21**Star][5m] [Py] [cys3c/evilosx](https://github.com/cys3c/evilosx) A pure python, post-exploitation, remote administration tool (RAT) for macOS / OS X.
- [**21**Star][3m] [HTML] [cymmetria/honeycomb_plugins](https://github.com/cymmetria/honeycomb_plugins) The plugin repository for Honeycomb, the honeypot framework by Cymmetria
- [**21**Star][29d] [Py] [cylance/winapi-deobfuscation](https://github.com/cylance/winapi-deobfuscation) Towards Generic Deobfuscation of Windows API Calls
- [**21**Star][2m] [Py] [cyberclues/rtf_exploit_extractor](https://github.com/cyberclues/rtf_exploit_extractor) Script to extract malicious payload and decoy document from CVE-2015-1641 exploit documents
- [**21**Star][24d] [Java] [cryptomator/siv-mode](https://github.com/cryptomator/siv-mode) RFC 5297 SIV mode of operation in Java
- [**21**Star][4m] [Py] [critiqjo/lldb.nvim](https://github.com/critiqjo/lldb.nvim) This repository was moved to
- [**21**Star][9m] [C++] [cr4sh/prl_guest_to_host](https://github.com/cr4sh/prl_guest_to_host) Guest to host VM escape exploit for Parallels Desktop
- [**21**Star][1y] [HTML] [consensys/evm-analyzer-benchmark-suite](https://github.com/consensys/evm-analyzer-benchmark-suite) A benchmark suite for evaluating the precision of EVM code analysis tools.
- [**21**Star][2m] [Java] [codahale/passpol](https://github.com/codahale/passpol) A Java library for validating passwords against NIST SP-800-63B requirements.
- [**21**Star][11m] [Java] [codahale/grpc-proxy](https://github.com/codahale/grpc-proxy) A gRPC service which proxies requests to an HTTP server.
- [**21**Star][28d] [HTML] [cloudfoundry-incubator/haproxy-boshrelease](https://github.com/cloudfoundry-incubator/haproxy-boshrelease) A BOSH release for haproxy (based on cf-release's haproxy job)
- [**21**Star][2m] [JS] [cleafy/refingerprint](https://github.com/cleafy/refingerprint) A more refined fingerprinting module based on Fingerprint2.js
- [**21**Star][3m] [Py] [clayball/nector](https://github.com/clayball/nector) A SIEM inspired by HECTOR, built on Django.
- [**21**Star][3m] [Ruby] [claudijd/rotten_apple](https://github.com/claudijd/rotten_apple) A tool for testing continuous integration (CI) or continuous delivery (CD) system security
- [**21**Star][6m] [TeX] [citp/anomalous-tor-keys](https://github.com/citp/anomalous-tor-keys) Analysis of archived Tor relay RSA public keys
- [**21**Star][7m] [chrismeyersfsu/playbook-ec2_properties](https://github.com/chrismeyersfsu/playbook-ec2_properties) Spin up ec2 hosts with individualized tags
- [**21**Star][1m] [C] [cert-polska/nymaim-tools](https://github.com/cert-polska/nymaim-tools) 
- [**21**Star][2m] [Py] [cbrnrd/netsploit](https://github.com/cbrnrd/netsploit) 
- [**21**Star][7m] [Py] [carlpulley/volatility](https://github.com/carlpulley/volatility) A collection of Volatility Framework plugins.
- [**21**Star][6y] [PHP] [bwall/php-rfi-payload-decoder](https://github.com/bwall/php-rfi-payload-decoder) This project is to decode and analyze RFI payloads developed in PHP
- [**21**Star][2m] [Py] [buanzo/fail2ban-zmq-tools](https://github.com/buanzo/fail2ban-zmq-tools) A zeromq-based fail2ban clustering solution
- [**21**Star][20d] [Shell] [brimstone/docker-kali](https://github.com/brimstone/docker-kali) A Docker image for bits of Kali Linux
- [**21**Star][6y] [JS] [brewfactory/brewberry](https://github.com/brewfactory/brewberry) RaspberryPI powered MEAN brewing system.
- [**21**Star][4m] [C++] [bogdan-kulynych/libshe](https://github.com/bogdan-kulynych/libshe) Symmetric somewhat homomorphic encryption library based on DGHV
- [**21**Star][3m] [TeX] [bniemczyk/pacumen](https://github.com/bniemczyk/pacumen) Packet Acumen
- [**21**Star][3m] [Py] [bdscharf/cryptoscrape](https://github.com/bdscharf/cryptoscrape) Scrape popular forums and image boards for mentions of crypto-currencies, and perform sentiment analysis
- [**21**Star][4m] [C++] [bb107/winsudo](https://github.com/bb107/winsudo) Execute commands as local system.
- [**21**Star][3m] [Go] [azohra/lyra](https://github.com/azohra/lyra) A lightweight encryption tool designed for ease of use.
- [**21**Star][1y] [Ruby] [audibleblink/doubletap](https://github.com/audibleblink/doubletap) Password spraying on sites that require 2+ page loads and dynamic nonces
- [**21**Star][3m] [JS] [assap-org/assap](https://github.com/assap-org/assap) Anti Shoulder Surfing Attack Platform (ASSAP)
- [**21**Star][1m] [Shell] [appsecco/docker-datasploit](https://github.com/appsecco/docker-datasploit) Docker container for datasploit framework
- [**21**Star][6y] [C++] [antirootkit/bdarkit](https://github.com/antirootkit/bdarkit) just an lite AntiRootkit for interesting
- [**21**Star][2m] [C++] [anha1/esp8266-wifi-fake-geiger-counter](https://github.com/anha1/esp8266-wifi-fake-geiger-counter) esp8266-based fake Geiger counter, reacts on WiFi networks signal level.
- [**21**Star][3y] [PHP] [amine-smahi/bruteforceprotector](https://github.com/amine-smahi/bruteforceprotector) A simple wordpress plugin that protects your website against brute force Hacking attacks using the .htaccess file
- [**21**Star][6m] [C#] [alphadelta/png-mask](https://github.com/alphadelta/png-mask) PNG Steganography Software
- [**21**Star][3y] [Py] [almco/panorama](https://github.com/almco/panorama) Fast incident overview
- [**21**Star][24d] [Shell] [alexgaspar/docker-fbctf](https://github.com/alexgaspar/docker-fbctf) Dockerized fbctf
- [**21**Star][2m] [Java] [alcarl/nfcproxy](https://github.com/alcarl/nfcproxy) 用两个安卓手机的nfc功能截取iso14443交互数据 fork by
- [**21**Star][3y] [C] [al-homedawy/injector](https://github.com/al-homedawy/injector) A Windows driver used to facilitate DLL injection
- [**21**Star][13d] [Py] [ahmia/ahmia-index](https://github.com/ahmia/ahmia-index) Ahmia's elasticsearch index
- [**21**Star][29d] [C] [adrianyy/kernelhook](https://github.com/adrianyy/kernelhook) Windows inline hooking tool.
- [**21**Star][1y] [Py] [adoreste/truehunter](https://github.com/adoreste/truehunter) Truehunter
- [**21**Star][4y] [C#] [adamcaudill/curvelock](https://github.com/adamcaudill/curvelock) Experimental File & Message Encryption for Windows
- [**21**Star][3y] [C] [a232319779/phantom-3-standard](https://github.com/a232319779/phantom-3-standard) Used hackrf one to sniffer nrf24l0 and so on wireless packet.Application in PHANTOM 3 STANDARD RC signal sniffer.
- [**21**Star][18d] [JS] [957204459/w8scan](https://github.com/957204459/w8scan) 一款模仿bugscan的漏洞扫描器
- [**21**Star][5m] [Py] [73696e65/ctf-notes](https://github.com/73696e65/ctf-notes) 
- [**21**Star][3y] [HTML] [649/chrome-sandbox-exploit](https://github.com/649/chrome-sandbox-exploit) [Patched] Sandbox escape Chrome exploit. Allows the execution of local binaries, read/write functions and exfiltration of Chrome OAuth tokens to remote server. More info:
- [**21**Star][4y] [55-aa/cve-2015-0057](https://github.com/55-aa/cve-2015-0057) 翻译文章，CVE-2015-0057漏洞在32位和64位系统上的利用。Exploiting the win32k!xxxEnableWndSBArrows use-after-free (CVE 2015-0057) bug on both 32-bit and 64-bit(Aaron Adams of NCC )
- [**21**Star][18d] [HCL] [4armed/terraform-burp-collaborator](https://github.com/4armed/terraform-burp-collaborator) Terraform configuration to build a Burp Private Collaborator Server
- [**21**Star][7m] [C] [0xroot/whitesnow](https://github.com/0xroot/whitesnow) An experimental rootkit for Android
- [**21**Star][19d] [Smarty] [0xrawsec/gene-rules](https://github.com/0xrawsec/gene-rules) 
- [**20**Star][18d] [C] [aesophor/satan](https://github.com/aesophor/satan) 
- [**20**Star][2m] [Go] [devopsfaith/krakend-opencensus](https://github.com/devopsfaith/krakend-opencensus) Opencensus adapter. Exports KrakenD metrics and traces to InfluxDB, Prometheus, Zipkin, Jaeger, Xray, StackDriver and Logger
- [**20**Star][10d] [Py] [technowlogy-pushpender/crypter](https://github.com/technowlogy-pushpender/crypter) Crypter in Python 3 with advanced functionality, Bypass VM, Encrypt Source with AES & Base64 Encryption | Evil Code is executed by bruteforcing the decryption key, and then executing the decrypted evil code
- [**20**Star][2m] [Jupyter Notebook] [noahgift/web_scraping_python](https://github.com/noahgift/web_scraping_python) Techniques for Scraping the Web in Python
- [**20**Star][19d] [karneades/malware-persistence](https://github.com/karneades/malware-persistence) Collection of malware persistence and hunting information. Be a persistent persistence hunter!
- [**20**Star][17d] [Py] [xscorp/pingfisher](https://github.com/xscorp/pingfisher) A ping detection tool for linux
- [**20**Star][10d] [Py] [extremecoders-re/pyinstxtractor](https://github.com/extremecoders-re/pyinstxtractor) PyInstaller Extractor
- [**20**Star][13d] [C] [blazeinfosec/aslrekt](https://github.com/blazeinfosec/aslrekt) ASLREKT is a proof of concept for an unfixed generic local ASLR bypass in Linux.
- [**20**Star][15d] [Py] [asn-d6/onionbalance](https://github.com/asn-d6/onionbalance) Onionbalance v3 -- mirror of (
- [**20**Star][3m] [Py] [jumbo-wjb/cve-2020-0688](https://github.com/jumbo-wjb/cve-2020-0688) CVE-2020-0688 - Exchange
- [**20**Star][5m] [Py] [sujianqingfeng/scrapy_xiuren](https://github.com/sujianqingfeng/scrapy_xiuren) 秀人网爬虫 55156爬虫
- [**20**Star][2y] [Shell] [chef-koch/asn-blocking](https://github.com/chef-koch/asn-blocking) ASN rules for AFWall+, iptables, OpenWRT & IPfire
- [**20**Star][12d] [Java] [mastercard/client-encryption-java](https://github.com/mastercard/client-encryption-java) Library for Mastercard API compliant payload encryption/decryption.
- [**20**Star][2y] [JS] [gfigure/justdownlink](https://github.com/gfigure/justdownlink) 基于Scrapy+Elasticsearch+Django搭建的分布式电影搜索
- [**20**Star][12d] [C] [samsung/mtower](https://github.com/samsung/mtower) mTower is Trusted Execution Environment specially designed to be used on MicroController Units (MCUs) supporting ARM TrustZone technology (e.g., Cortex-M23/33/35p). mTower operates well under restrictions typical for such environment – small RAM and ROM sizes, relatively low performance, absence of rich OSes providing variety of services availab…
- [**20**Star][9m] [Py] [openslack/openslack-crawler](https://github.com/openslack/openslack-crawler) 分布式采集
- [**20**Star][26d] [Go] [portapps/hostsman-portable](https://github.com/portapps/hostsman-portable) 
- [**20**Star][4m] [Java] [adorsys/xs2a-sandbox](https://github.com/adorsys/xs2a-sandbox) XS2ABank - PSD2 XS2A Dynamic Sandbox
- [**20**Star][1y] [HTML] [knightsec-official/phlexish](https://github.com/knightsec-official/phlexish) Advanced Spear Phishing tool for Facebook with 2 factor authentication bypass! May contain minor bugs due to...idk
- [**20**Star][3m] [Py] [dtcarrot/sg-food-ml](https://github.com/dtcarrot/sg-food-ml) This script is used to scrap images from the Internet to classify 5 common noodle "mee" dishes in Singapore. Wanton Mee, Bak Chor Mee, Lor Mee, Prawn Mee and Mee Siam.
- [**20**Star][9m] [JS] [transitive-bullshit/scrape-github-trending](https://github.com/transitive-bullshit/scrape-github-trending) Tutorial for web scraping / crawling with Node.js.
- [**20**Star][3m] [Go] [jarmo/secrets](https://github.com/jarmo/secrets) Not Yet Another Password Manager written in Go using libsodium
- [**20**Star][1y] [C] [m0rv4i/ridgway](https://github.com/m0rv4i/ridgway) A quick tool for hiding a new process running shellcode.
- [**20**Star][20d] [JS] [binstreamio/tvbus.pc](https://github.com/binstreamio/tvbus.pc) tvbus.pc is a live streaming SDK based on P2P technology on win32, macOS and linux.
- [**20**Star][5m] [Py] [czs0x55aa/video_url_crawler_demo](https://github.com/czs0x55aa/video_url_crawler_demo) 爱奇艺视频信息的爬虫
- [**20**Star][2m] [C] [tklauser/llmnrd](https://github.com/tklauser/llmnrd) Link-Local Multicast Resolution (LLMNR) Daemon for Linux
- [**20**Star][4m] [C#] [0xthirteen/sharpmove](https://github.com/0xthirteen/sharpmove) .NET Project for performing Authenticated Remote Execution
- [**20**Star][26d] [C] [wargio/libmc7](https://github.com/wargio/libmc7) Library to disassemble MC7 bytecode for Siemens PLC SIMATIC S7-300 and S7-400
- [**20**Star][6m] [C++] [zhfkt/complexci](https://github.com/zhfkt/complexci) The c++ implementation of Collective Influence (CI) algorithm in Complex Network with DataCastle Competition Solution
- [**20**Star][6m] [Java] [danielepantaleone/hadoop-pagerank](https://github.com/danielepantaleone/hadoop-pagerank) PageRank algorithm implementation which make use of the Apache Hadoop framework
- [**20**Star][4m] [Swift] [kirankunigiri/apple-signal](https://github.com/kirankunigiri/apple-signal) Connect Apple devices via bluetooth and wifi.
- [**20**Star][2m] [Py] [melicertes/csp](https://github.com/melicertes/csp) The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.
- [**20**Star][3m] [Py] [helix-iot/helix-sandbox](https://github.com/helix-iot/helix-sandbox) Middleware for secure IoT provisioning, access and control.
- [**20**Star][4m] [C++] [vaithak/sudoku-generator](https://github.com/vaithak/sudoku-generator) A Sudoku puzzle generator written in C++ using modified and efficient backtracking algorithm.
- [**20**Star][24d] [Go] [chanyipiaomiao/pritunl-http-api](https://github.com/chanyipiaomiao/pritunl-http-api) Pritunl OpenVPN HTTP API
- [**20**Star][28d] [Nix] [thpham/magics](https://github.com/thpham/magics) My NixOps / NixOs experiments ( #k8s , #elk, #kafka / #zk clusters and #RaspberryPi3)
- [**20**Star][3m] [JS] [mongoose-os-apps/sonoff-basic-openhab](https://github.com/mongoose-os-apps/sonoff-basic-openhab) A Sonoff Basic firmware to work with openHAB
- [**20**Star][4m] [Java] [lanyuanxiaoyao/picking](https://github.com/lanyuanxiaoyao/picking) 木瓜图王——新一代图片爬虫神器
- [**20**Star][5m] [Java] [okou19900722/lippen-network-tool](https://github.com/okou19900722/lippen-network-tool) 网络调试助手
- [**20**Star][16d] [C] [grodansparadis/vscp-firmware](https://github.com/grodansparadis/vscp-firmware) Firmware for the VSCP project
- [**20**Star][5m] [Shell] [gy-games/smartvpn](https://github.com/gy-games/smartvpn) 帮助运维人员快速自动化安装OpenVPN服务的脚本，主要用于企业使用OpenVPN组网环境。
- [**20**Star][15d] [Py] [harrypotter0/algorithms-in-python](https://github.com/harrypotter0/algorithms-in-python) 
- [**20**Star][10d] [PHP] [virgilsecurity/virgil-crypto-php](https://github.com/virgilsecurity/virgil-crypto-php) Virgil PHP Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.
- [**20**Star][10m] [Perl] [annmuor/freeaudit](https://github.com/annmuor/freeaudit) Packaging audit toolkit using vulners.com vulnerability database
- [**20**Star][17d] [Java] [svenruppert/proxybuilder](https://github.com/svenruppert/proxybuilder) 
- [**20**Star][4m] [JS] [venables/bookshelf-secure-password](https://github.com/venables/bookshelf-secure-password) A Bookshelf.js plugin for handling secure passwords
- [**20**Star][4m] [PHP] [2amigos/2fa-library](https://github.com/2amigos/2fa-library) 2 Factor Authentication (2FA) library
- [**20**Star][1y] [Go] [cubicdaiya/gonp](https://github.com/cubicdaiya/gonp) diff algorithm in Go
- [**20**Star][5m] [Java] [eson-yunfei/androidble](https://github.com/eson-yunfei/androidble) 蓝牙连接库，支持同时连接多个设备
- [**20**Star][1m] [CSS] [buildyourowninternet/buildyourowninternet.github.io](https://github.com/buildyourowninternet/buildyourowninternet.github.io) Ideas for building your own internet, plus a global directory of community wireless mesh networks.
- [**20**Star][13d] [Haskell] [biohaskell/hpdb](https://github.com/biohaskell/hpdb) PDB parser in Haskell
- [**20**Star][2m] [rustcohlnikov/awesome-frontend-security](https://github.com/rustcohlnikov/awesome-frontend-security) 
- [**20**Star][2m] [Dockerfile] [krish512/docker_nginx_modsecurity](https://github.com/krish512/docker_nginx_modsecurity) Dockerfile for Nginx with Modsecurity v3 and Brotli compression
- [**20**Star][2m] [Java] [bholagabbar/algorithmic-programming](https://github.com/bholagabbar/algorithmic-programming) Solutions to various OJ problems and implementations of advanced Algorithms and Data-Structures
- [**20**Star][5m] [C#] [nathan-alden-sr/proxy](https://github.com/nathan-alden-sr/proxy) An HTTP proxy server written in C# and targeting .NET Core 3.
- [**20**Star][1m] [C#] [agentrev/cod-fov-changers](https://github.com/agentrev/cod-fov-changers) Field of view tools for MW2, MW3, and Ghosts
- [**20**Star][7m] [Go] [8treenet/jaguar](https://github.com/8treenet/jaguar) jaguar is a scalable, efficient network library.
- [**20**Star][2m] [PHP] [sop/x509](https://github.com/sop/x509) A PHP library for X.509 public key certificates, attribute certificates, certification requests and certification path validation.
- [**20**Star][3m] [Shell] [islishude/shell-proxy](https://github.com/islishude/shell-proxy) 在命令行工具中使用HTTP/SOCK5代理
- [**20**Star][1m] [C#] [2toad/rijndael256](https://github.com/2toad/rijndael256) AES cryptographic library for .NET Framework and .NET Core
- [**20**Star][3m] [C] [vy/wapi](https://github.com/vy/wapi) C library to configure wireless network interfaces in GNU/Linux systems.
- [**20**Star][22d] [Java] [jayfoxrox/ghidra-xbox-extensions](https://github.com/jayfoxrox/ghidra-xbox-extensions) Use
- [**20**Star][1y] [C++] [k8gege/k8badusb](https://github.com/k8gege/k8badusb) BadUSB Teensy downexec exploit support Windows & Linux / Windows Cmd & PowerShell addUser exploit
- [**20**Star][4m] [C] [netik/dc27_badge](https://github.com/netik/dc27_badge) Defcon 27 "DaBomb!" badge.
- [**20**Star][2m] [Py] [carleslc/crypttools](https://github.com/carleslc/crypttools) Tools for encryption, decryption and cracking from several cryptographic systems.
- [**20**Star][16d] [jonnybanana/quickuack](https://github.com/jonnybanana/quickuack) Some of my antiUAC Scripts for Rubbber Ducky.
- [**20**Star][5m] [Shell] [gzu-liyujiang/apkdecompiler](https://github.com/gzu-liyujiang/apkdecompiler) 【Linux系统】上apk反编译助手，已打包为ApkDecompiler.deb，支持debian系linux，如debian、ubuntu、mint、deepin等等
- [**20**Star][15d] [Kotlin] [hacker1024/android-wifi-qr-code-generator](https://github.com/hacker1024/android-wifi-qr-code-generator) An android app that generates QR codes from your saved wifi networks.
- [**20**Star][18d] [C++] [jakoch/csgo-cli](https://github.com/jakoch/csgo-cli) CS:GO Console shows your user account, stats and latest matches. It also uploads demo sharecodes to csgostats.gg.
- [**20**Star][5m] [C++] [6e726d/native-wifi-api-beacon-sniffer](https://github.com/6e726d/native-wifi-api-beacon-sniffer) Tool that dumps beacon frames to a pcap file. Works on Windows Vista or Later with any Wireless Card.
- [**20**Star][2m] [Smarty] [saltwaterc/aircrack-db](https://github.com/saltwaterc/aircrack-db) A list of wireless cards tested with the dual-card injection test and in the field
- [**20**Star][2m] [Py] [eldraco/darm](https://github.com/eldraco/darm) darm - intelligent network sniffer for the masses darm is an attempt to create a very easy to use app that will sniff and report information about the activities happening on a live network. The main goal is to educate the public so that it becomes aware of the security of their communications. darm is being developed by leandrinux as a project …
- [**20**Star][3m] [Py] [sekoialab/fastir_artifacts](https://github.com/sekoialab/fastir_artifacts) Live forensic artifacts collector
- [**20**Star][7m] [Py] [mephi42/ida-kallsyms](https://github.com/mephi42/ida-kallsyms) (No Doc)
- [**20**Star][6m] [Py] [chenjiandongx/wallpaper](https://github.com/chenjiandongx/wallpaper) zol 手机壁纸爬虫（简单分布式？）
- [**20**Star][2y] [Py] [hyuunnn/ida_python_scripts](https://github.com/hyuunnn/ida_python_scripts) ida python scripts
- [**20**Star][29d] [Py] [jackeriss/one-scan](https://github.com/jackeriss/one-scan) 🧜🏻‍♀️多合一网站指纹扫描器，轻松获取网站的 IP / DNS 服务商 / 子域名 / SSL 证书 / WHOIS / 开发框架 / WAF 等信息
- [**20**Star][5m] [Shell] [opszero/opshell](https://github.com/opszero/opshell) DevOps Toolkit for Every Cloud on Every Cloud
- [**20**Star][7d] [PHP] [banujan6/csrf-handler](https://github.com/banujan6/csrf-handler) A simple CSRF Token protection library for PHP. I t will help you to generate the random unique token and validate it to prevent CSRF attack.
- [**20**Star][3m] [Shell] [oblique/proxflix](https://github.com/oblique/proxflix) ProxFlix is yet another smart DNS solution to bypass geo-blocking
- [**20**Star][13d] [Py] [cbuijs/unbound-dns-firewall](https://github.com/cbuijs/unbound-dns-firewall) DNS-Firewall Python script for UNBOUND
- [**20**Star][5m] [Py] [ysc21/webcocktail](https://github.com/ysc21/webcocktail) An automatic and lightweight web application scanning tool for CTF.
- [**20**Star][3m] [nurkiewicz/crypto-hall-of-shame](https://github.com/nurkiewicz/crypto-hall-of-shame) Scams, hacks and fails of cryptocurrencies
- [**20**Star][1m] [Swift] [gsurma/sliding_puzzle](https://github.com/gsurma/sliding_puzzle) Swift implementation of the Sliding Puzzle game with Iterative Deepening A* AI Solver.
- [**20**Star][1m] [Go] [jfrog/kubexray](https://github.com/jfrog/kubexray) JFrog KubeXray scanner on Kubernetes
- [**20**Star][2m] [Py] [1n3/cloudhunter](https://github.com/1n3/cloudhunter) Find unreferenced AWS S3 buckets which have CloudFront CNAME records pointing to them
- [**20**Star][2m] [JS] [tobinshields/zaqar_emailspoofer](https://github.com/tobinshields/zaqar_emailspoofer) A powerful PHP email spoofer with a polished UI, rich text editor, and multiple sending options.
- [**20**Star][2m] [C#] [iccfish/portproxyv2](https://github.com/iccfish/portproxyv2) 蛤？？
- [**20**Star][1y] [HTML] [opennetworkingfoundation/5g-xhaul](https://github.com/OpenNetworkingFoundation/5G-xHaul) 5G xHaul PoC Applications
- [**20**Star][24d] [olirehacek/spectre_macos](https://github.com/olirehacek/Spectre_MacOS) Tools to run MacOS on HP Spectre x360 (Late-2016 / Early-2017, Kaby Lake)
- [**20**Star][1m] [Py] [radiushub/freeradius-server-configuration-tool](https://github.com/radiushub/FreeRADIUS-Server-Configuration-Tool) 
- [**20**Star][4m] [Swift] [kealdishx/swiftloadhook](https://github.com/kealdishx/SwiftLoadHook) Use a hack way to achieve similar functions as Load() or initialize() in OC
- [**20**Star][16d] [Ruby] [aoncyberlabs/badsamba](https://github.com/AonCyberLabs/BadSamba) This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB share.
- [**20**Star][17d] [ajayrandhawa/auto-screen-catpure](https://github.com/ajayrandhawa/Auto-Screen-Catpure) It is primary designed to be hidden and monitoring the computer activity. Take a screenshot of desktop in hidden mode using Visual C++ and save automatically to 'jpeg' file in every 30 second. 60+ Most Popular antivirus not detect this application while it is running on background.
- [**20**Star][4m] [HTML] [ser4wang/browsersecurity](https://github.com/ser4wang/BrowserSecurity) 我在学习浏览器安全过程中整理的漏洞分析笔记与相关的学习资料
- [**20**Star][7m] [C++] [utsa-cyber/sceadan](https://github.com/UTSA-cyber/sceadan) Systematic Classification Engine for Advanced Data ANalysis
- [**20**Star][26d] [Py] [hatching/roach](https://github.com/hatching/roach) Cockroach is your primitive & immortal swiss army knife.
- [**20**Star][5y] [C++] [r-lyeh-archived/moon9](https://github.com/r-lyeh-archived/moon9) a game framework. warning: wip, dev, unstable, radiation hazard, defcon 3
- [**20**Star][1m] [Py] [migolovanov/libinjection-fuzzer](https://github.com/migolovanov/libinjection-fuzzer) This tool was written as PoC to article
- [**20**Star][5m] [Py] [osirislab/imm-taint-trace](https://github.com/osirislab/imm-taint-trace) Immunity Debugger Taint Tracer
- [**20**Star][2m] [Go] [u238/grafana-cve-2018-15727](https://github.com/u238/grafana-CVE-2018-15727) a small utility to generate a cookie in order to exploit a grafana vulnerability (CVE-2018-15727)
- [**20**Star][8m] [Go] [thanasisk/go-ssh-cracker](https://github.com/thanasisk/go-ssh-cracker) A simple ssh private key password recovery tool written in Go
- [**20**Star][2m] [Py] [0x646e78/c5scan](https://github.com/0x646e78/c5scan) Vulnerability scanner and information gatherer for the Concrete5 CMS
- [**20**Star][8m] [C#] [zzvertigo/xboxlive.server](https://github.com/zzvertigo/xboxlive.server) Experimenting with the revival of Xbox Live 1.0
- [**20**Star][3y] [Rust] [zv/sha3implementedinsideofararfile](https://github.com/zv/sha3implementedinsideofararfile) The Keccak hash algorithm implemented inside of a RAR archive using the RAR filter assembly language
- [**20**Star][3y] [Py] [ztrix/idascript](https://github.com/ztrix/idascript) Full functional idascript with stdin/stdout handled
- [**20**Star][13d] [Py] [zombiesam/googlesub](https://github.com/zombiesam/googlesub) This script will try to find a domains subdomains by using google dorking. It will never connect to the site it is researching.
- [**20**Star][3y] [C#] [zoebear/radia](https://github.com/zoebear/radia) create an interactive and immerse environment to visualize code, and to augment the task of reverse engineering binaries
- [**20**Star][2y] [C] [zhuhuibeishadiao/drivermaper](https://github.com/zhuhuibeishadiao/drivermaper) map driver to memory
- [**20**Star][10m] [Py] [zhl2008/ctf-framework](https://github.com/zhl2008/ctf-framework) Hence
- [**20**Star][4y] [C++] [yujokang/epex](https://github.com/yujokang/epex) Tool for detecting error handling bugs
- [**20**Star][4m] [C++] [yasheena/telnetspy](https://github.com/yasheena/telnetspy) Telnet Server For ESP8266: Cloning the serial port via Telnet. "Debugging over the air"
- [**20**Star][2m] [Ruby] [xorond/passtrust](https://github.com/xorond/passtrust) A Ruby based tool that converts a simple passphrase into a secure password
- [**20**Star][2y] [Jupyter Notebook] [xiaoyongzhu/seeingai-currency-detection](https://github.com/xiaoyongzhu/seeingai-currency-detection) This repository contains the code for the blogpost: How to Develop a Currency Detection Model using Azure Machine Learning
- [**20**Star][2y] [xiaoqx/pocs](https://github.com/xiaoqx/pocs) pocs of tested targets
- [**20**Star][6y] [C] [x64dbg/staticanalysis](https://github.com/x64dbg/staticanalysis) Static analysis plugin for x64dbg (now deprecated).
- [**20**Star][4m] [x-f1v3/cve-2019-3396](https://github.com/x-f1v3/cve-2019-3396) Confluence Widget Connector path traversal (CVE-2019-3396)
- [**20**Star][2m] [C++] [wujr5/algorithm-analysis-and-design](https://github.com/wujr5/algorithm-analysis-and-design) 算法分析与设计课程作业代码
- [**20**Star][3m] [Py] [wjdigby/apd_launchpad](https://github.com/wjdigby/apd_launchpad) Script for generating hostapd-wpe configuration files and spoofed certificates
- [**20**Star][2y] [Py] [wipi-hunter/piuser](https://github.com/wipi-hunter/piuser) 
- [**20**Star][11d] [C++] [watersalesman/spookey](https://github.com/watersalesman/spookey) SpooKey is a keylogger written in C++ that uses kernel-level APIs to capture keystrokes (Linux only. Windows is a work in progress)
- [**20**Star][10d] [Ruby] [w3c/wai-website](https://github.com/w3c/wai-website) This is a repository hosts the new WAI Website.
- [**20**Star][6m] [PHP] [w181496/fuckfastcgi](https://github.com/w181496/fuckfastcgi) [Tool] Forge PHP FastCGI protocol to RCE with strict disable_functions
- [**20**Star][2y] [Py] [vortexau/mooscan](https://github.com/vortexau/mooscan) A scanner for Moodle LMS
- [**20**Star][4m] [viva64/pvs-studio-check-list](https://github.com/viva64/pvs-studio-check-list) Offer an interesting project for PVS-Studio analysis.
- [**20**Star][5m] [Py] [vincentds/hackerone-notifier](https://github.com/vincentds/hackerone-notifier) Send notifications if a new program is published on HackerOne using Pushbullet
- [**20**Star][3m] [Go] [viglesiasce/kubernetes-anchore-image-validator](https://github.com/viglesiasce/kubernetes-anchore-image-validator) Validating webhook for checking images against Anchore Engine Policy
- [**20**Star][3y] [v1v1/aix-for-penetration-testers](https://github.com/v1v1/aix-for-penetration-testers) A basic AIX enumeration guide for penetration testers/red teamers
- [**20**Star][5m] [ObjC] [ura14h/blesniffer](https://github.com/ura14h/blesniffer) A Bluetooth LE sniffer for CC2540 USB dongle and Mac.
- [**20**Star][3m] [Py] [undefinedd/extract0r-](https://github.com/undefinedd/extract0r-) 
- [**20**Star][1y] [JS] [tunnelshade/pocuito](https://github.com/tunnelshade/pocuito) A tiny chrome extension to record and replay your web application proof-of-concepts.
- [**20**Star][5m] [Py] [tsreaper/yame-a-mips-editor](https://github.com/tsreaper/yame-a-mips-editor) 简单的 MIPS 编辑器 / 汇编器 / 反汇编器 / 模拟器，具有图形化界面
- [**20**Star][6m] [travispooley/whid-payloads](https://github.com/travispooley/whid-payloads) A collection of Payloads for the WHID Cactus
- [**20**Star][4m] [LLVM] [trailofbits/krfanalysis](https://github.com/trailofbits/krfanalysis) Collection of LLVM passes and triage tools for use with the KRF fuzzer
- [**20**Star][5y] [C] [tongzeyu/hooksysenter](https://github.com/tongzeyu/hooksysenter) hook sysenter，重载内核，下硬件断点到debugport，防止debugport清零
- [**20**Star][2m] [Py] [tintinweb/aggroargs](https://github.com/tintinweb/aggroargs) Bruteforce commandline buffer overflows and automated exploit generation, linux, aggressive arguments
- [**20**Star][11d] [Py] [thisissecurity/sinkhole](https://github.com/thisissecurity/sinkhole) Miscellanous scripts used for malware analysis
- [**20**Star][4m] [Go] [theredspy15/multi-go](https://github.com/theredspy15/multi-go) A multi-tool made in Go, and aimed at security experts to make life a little more convenient
- [**20**Star][2m] [C] [therealsaumil/custom_nvram](https://github.com/therealsaumil/custom_nvram) Shared Library to intercept nvram get/set/match calls for emulating libnvram.so used by many IoT firmware software.
- [**20**Star][7m] [C++] [terencechow/pwnedpasswords](https://github.com/terencechow/pwnedpasswords) PwnedPasswords as a Service
- [**20**Star][25d] [Elixir] [techgaun/ex_pwned](https://github.com/techgaun/ex_pwned) Elixir client for haveibeenpwned.com
- [**20**Star][4m] [C] [tatam/lama](https://github.com/tatam/lama) Lama, the application that does not mache these words.
- [**20**Star][6m] [PHP] [stypr/ctf](https://github.com/stypr/ctf) Web-based CTF challenge writeups (2011~2015).
- [**20**Star][6m] [Ruby] [staaldraad/metasploit](https://github.com/staaldraad/metasploit) Metasploit things, modules, plugins, exploits
- [**20**Star][23d] [Py] [sslmate/ct-honeybee](https://github.com/sslmate/ct-honeybee) Lightweight program that pollinates STHs between Certificate Transparency logs and auditors
- [**20**Star][8m] [C++] [sparkfun/blynk_board_esp8266](https://github.com/sparkfun/blynk_board_esp8266) ESP8266-based, Blynk-compatible, beginner-friendly programmable WiFi development board.
- [**20**Star][4m] [C] [soapyman/redriver2](https://github.com/soapyman/redriver2) Driver 2 reverse engineering project
- [**20**Star][5m] [Shell] [so87/home-lab](https://github.com/so87/home-lab) This is the network diagrams, configuration guides, and hardware used for my home lab.
- [**20**Star][6y] [snifer/l4bsforandroid](https://github.com/snifer/l4bsforandroid) Repositorio de APK para Hacking y Seguridad
- [**20**Star][4m] [Java] [smartdone/printlog](https://github.com/smartdone/printlog) 
- [**20**Star][12d] [Py] [sloria/sphinx-issues](https://github.com/sloria/sphinx-issues) A Sphinx extension for linking to your project's issue tracker
- [**20**Star][2m] [C] [slavaim/redirfs](https://github.com/slavaim/redirfs) A Linux file system filter based on redirfs
- [**20**Star][6m] [Erlang] [silentsignal/sslproxy](https://github.com/silentsignal/sslproxy) Generic HTTPS proxy for logging non-HTTP traffic
- [**20**Star][4y] [Py] [shwetankarora/gsm-packets-analysis-framework](https://github.com/shwetankarora/gsm-packets-analysis-framework) 
- [**20**Star][3m] [C++] [sgielen/cosix](https://github.com/sgielen/cosix) A fully capability-based operating system
- [**20**Star][14d] [JS] [sflow-rt/ddos-blackhole](https://github.com/sflow-rt/ddos-blackhole) DDoS mitigation using null routing
- [**20**Star][16d] [Py] [sergiodmn/cherrymap](https://github.com/sergiodmn/cherrymap) Import Nmap scans to Cherrytree
- [**20**Star][5m] [Py] [sensepost/understanding-eap](https://github.com/sensepost/understanding-eap) A repository with toy implementations of MSCHAPv2, MPEE and WPA/2 to understand EAP better
- [**20**Star][9m] [Ruby] [sensepost/squeeza](https://github.com/sensepost/squeeza) SQL Injection without the pain of syringes.
- [**20**Star][10d] [JS] [securingthestack/tutorials](https://github.com/securingthestack/tutorials) Additional Resources For Securing The Stack Tutorials
- [**20**Star][8m] [C++] [secrary/findloop](https://github.com/secrary/findloop) find possible encryption/decryption or compression/decompression code
- [**20**Star][10m] [Shell] [sec0ps/va-pt](https://github.com/sec0ps/va-pt) VAPT is a Vulnerability Assessment and Penetration Testing toolkit. It merges the most common tools from Kali and SamuraiWTF into one platform and places them onto an Ubuntu or Raspbian platform.
- [**20**Star][1m] [C] [seb-m/jpake](https://github.com/seb-m/jpake) Small-subgroup confinement issue in the OpenSSL and OpenSSH implementations of J-PAKE.
- [**20**Star][8m] [sampi/create-react-app-hack](https://github.com/sampi/create-react-app-hack) Hacking create-react-app to work with Preact & LESS without ejecting
- [**20**Star][5y] [Py] [salvacorts/password-cracking-suite](https://github.com/salvacorts/password-cracking-suite) 
- [**20**Star][5m] [C] [safecast/onyxfirmware](https://github.com/safecast/onyxfirmware) 
- [**20**Star][3y] [Py] [saelo/33c3ctf-repl](https://github.com/saelo/33c3ctf-repl) Code and exploit for the "read-eval-pwn loop" challenge of 33C3 CTF
- [**20**Star][2m] [Py] [robintw/pywavethermo](https://github.com/robintw/pywavethermo) Basic module to control the Worcester Wave thermostat from Python
- [**20**Star][5m] [Py] [rmadair/windbg2ida](https://github.com/rmadair/windbg2ida) Import debugging traces from WinDBG into IDA. Color the graph, fill in the value of all operands, etc.
- [**20**Star][30d] [JS] [remzi1993/jquery-manager](https://github.com/remzi1993/jquery-manager) Manage jQuery and jQuery Migrate on a WordPress website, activate a specific jQuery and/or jQuery Migrate version. The ultimate jQuery debugging tool for WordPress
- [**20**Star][2m] [C] [realgam3/x64dbg-python](https://github.com/realgam3/x64dbg-python) Automating x64dbg using Python
- [**20**Star][7m] [JS] [rd17/detor](https://github.com/rd17/detor) 
- [**20**Star][17d] [Jupyter Notebook] [rasbt/model-eval-article-supplementary](https://github.com/rasbt/model-eval-article-supplementary) Supplementary material for the article "Model Evaluation, Model Selection, and Algorithm Selection in Machine Learning"
- [**20**Star][4m] [Ruby] [rapid7/metasploit-credential](https://github.com/rapid7/metasploit-credential) Code for modeling and managing credentials in Metasploit, implemented as a Rails Engine
- [**20**Star][2m] [Py] [rapid7/metasploit-baseline-builder](https://github.com/rapid7/metasploit-baseline-builder) Created by Jeffrey Martin via the GitHub Connector
- [**20**Star][2y] [ranchoice/44con2018](https://github.com/ranchoice/44con2018) Slides of 44Con 2018
- [**20**Star][5m] [Py] [qmonnet/pkpoc-bpf](https://github.com/qmonnet/pkpoc-bpf) Stateful packet processing: port knocking PoC in BPF
- [**20**Star][5m] [PHP] [pyrou/morpheus](https://github.com/pyrou/morpheus) Library to encrypt and decrypt data in colors of a picture. Process also known as steganography
- [**20**Star][3m] [Py] [ptresearch/parsemfs](https://github.com/ptresearch/parsemfs) This repository contains Python 2.7 scripts for parsing MFS/MFSB partition and extracting contained files.
- [**20**Star][3m] [C] [psxdev/fmsx](https://github.com/psxdev/fmsx) fMSX port for PlayStation 4 with liborbis
- [**20**Star][6m] [JS] [protyposis/yi-mirrorless-firmware-tools](https://github.com/protyposis/yi-mirrorless-firmware-tools) Firmware tools / unpacker for the YI M1 mirrorless camera
- [**20**Star][3m] [CSS] [polterguy/sephia-five](https://github.com/polterguy/sephia-five) A secure and PGP enabled webmail module for Phosphorus Five
- [**20**Star][3y] [Java] [pnfsoftware/pleaserop](https://github.com/pnfsoftware/pleaserop) Architecture-agnostic ROP gadget finder using JEB's IR
- [**20**Star][6m] [Py] [pmdevita/gifreversingbot](https://github.com/pmdevita/gifreversingbot) A Reddit bot that reverses gifs
- [**20**Star][1m] [Rust] [plus-postech/soma](https://github.com/plus-postech/soma) Cross-platform CTF problem container manager
- [**20**Star][14d] [PHP] [pluginkollektiv/antivirus](https://github.com/pluginkollektiv/antivirus) Useful plugin that will scan your theme templates for malicious injections. Automatically. Every day. For more blog security.
- [**20**Star][7m] [Assembly] [pinkp4nther/shellcodes](https://github.com/pinkp4nther/shellcodes) I'll post my custom shellcode I make here!
- [**20**Star][6m] [C] [pinkp4nther/pinkit](https://github.com/pinkp4nther/pinkit) A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges.
- [**20**Star][3y] [JS] [pierky/ripeatlastracepath](https://github.com/pierky/ripeatlastracepath) A JavaScript/Python web-app which reads results from RIPE Atlas traceroute measurements (both IPv4 and IPv6) and shows the Autonomous Systems and Internet Exchange Points that probes traverse to reach the target.
- [**20**Star][3m] [Shell] [philcryer/prickly-pete](https://github.com/philcryer/prickly-pete) A script using Docker to quickly bring up some honeypots exposing 16 services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
- [**20**Star][3m] [Dockerfile] [pereval-team/pereval-server](https://github.com/pereval-team/pereval-server) The Pereval server: a set of OSINT & misc related web-services
- [**20**Star][5y] [Assembly] [patois/ntrdisasm](https://github.com/patois/ntrdisasm) Annotated disassembly of the NTR 2.x custom firmware for the Nintendo N3DS
- [**20**Star][3y] [C++] [patois/ndsldr](https://github.com/patois/ndsldr) Nintendo DS ROM loader module for IDA Pro
- [**20**Star][4m] [Java] [panagiotisdrakatos/t0rlib4android](https://github.com/panagiotisdrakatos/t0rlib4android) A minimal android controller library for Tor
- [**20**Star][19d] [Py] [owctejlvlfynztcbnooh/gr-wmbus](https://github.com/owctejlvlfynztcbnooh/gr-wmbus) Receiver for wireless m-bus (EN 13757-4) based on the rtl-sdr
- [**20**Star][2y] [C] [osandamalith/gamehacking](https://github.com/osandamalith/gamehacking) Some cool game hacks
- [**20**Star][26d] [Py] [orndorffgrant/bnhook](https://github.com/orndorffgrant/bnhook) binary ninja plugin for adding custom hooks to executables
- [**20**Star][9m] [C] [opsxcq/exploit-cve-2016-7434](https://github.com/opsxcq/exploit-cve-2016-7434) NTPD remote DOS exploit and vulnerable container
- [**20**Star][2y] [Batchfile] [olafhartong/ta-sysmon-deploy](https://github.com/olafhartong/ta-sysmon-deploy) Deploy and maintain Symon through the Splunk Deployment Sever
- [**20**Star][2y] [c] [odzhan/propagate](https://github.com/odzhan/propagate) PROPagate code injection technique example
- [**20**Star][4m] [C#] [nyan-x-cat/limelogger](https://github.com/nyan-x-cat/limelogger) Simple C# Keylogger (Keyboard Layout)
- [**20**Star][1y] [Visual Basic] [nyan-x-cat/asyncrat](https://github.com/nyan-x-cat/asyncrat) Remote Administration Tool For Windows
- [**20**Star][3y] [Py] [nullarray/pyparser-cve](https://github.com/nullarray/pyparser-cve) Multi source CVE/exploit parser.
- [**20**Star][17d] [JS] [ntblk/whois-rdap](https://github.com/ntblk/whois-rdap) 
- [**20**Star][22d] [Py] [notsosecure/dynamic-instrumentation-with-frida](https://github.com/notsosecure/dynamic-instrumentation-with-frida) Dynamic Instrumentation with Frida
- [**20**Star][1y] [C] [nofvcks/aimkit-pasted-driver](https://github.com/nofvcks/aimkit-pasted-driver) The BlackBone + Chinese spoofer paste that GreenTea denied. AimKit is a scam. GreenTea is a fraud. Don't waste your money.
- [**20**Star][7y] [Java] [nfcproxy/nfcproxy](https://github.com/nfcproxy/nfcproxy) NFCProxy
- [**20**Star][1y] [Shell] [netspi/binrev](https://github.com/netspi/binrev) 
- [**20**Star][4m] [C#] [netcorestack/dispatchproxyasync](https://github.com/netcorestack/dispatchproxyasync) System.Reflection.DispatchProxy to Async Proxy
- [**20**Star][4m] [Py] [neatmonster/mcexplorer](https://github.com/neatmonster/mcexplorer) Python portage of the Microcode Explorer plugin
- [**20**Star][3y] [HTML] [neargle/secnewsbak](https://github.com/neargle/secnewsbak) 备份SecNews失效的Drops.Wooyun文章
- [**20**Star][2y] [C] [neargle/cve-2018-6574-poc](https://github.com/neargle/cve-2018-6574-poc) CVE-2018-6574 POC : golang 'go get' remote command execution during source code build
- [**20**Star][10m] [Py] [ncatlin/lockwatcher](https://github.com/ncatlin/lockwatcher) Anti-forensic monitor program: watches for signs of tampering and purges keys/shuts everything down.
- [**20**Star][1m] [C++] [namreeb/hacksniff](https://github.com/namreeb/hacksniff) A tool to monitor how a target process modifies other processes
- [**20**Star][1y] [C] [n30m1nd/painless_intro_ptmalloc2](https://github.com/n30m1nd/painless_intro_ptmalloc2) Proof of Concept files for SensePost's blog - Painless intro to the linux userland heap
- [**20**Star][9m] [Py] [n0tty/random-hacking-scripts](https://github.com/n0tty/random-hacking-scripts) A collection of scripts made duing my personal research
- [**20**Star][3y] [C] [mrexodia/yaragen](https://github.com/mrexodia/yaragen) Plugin for x64dbg to generate Yara rules from function basic blocks.
- [**20**Star][10d] [JS] [mozillasecurity/framboise](https://github.com/mozillasecurity/framboise) Framboise is a fuzzer for in-depth testing of WebAPIs.
- [**20**Star][12m] [XSLT] [mozilla-services/shavar-plugin-blocklist](https://github.com/mozilla-services/shavar-plugin-blocklist) 
- [**20**Star][5m] [C] [mortenschenk/tagwnd-hardening-bypass](https://github.com/mortenschenk/tagwnd-hardening-bypass) Bypass for the hardening against usage of tagWnd as a kernel read/write primitive
- [**20**Star][3y] [PS] [mortenschenk/babuska-dolls](https://github.com/mortenschenk/babuska-dolls) 
- [**20**Star][6m] [Py] [mntn0x/poc](https://github.com/mntn0x/poc) 一些漏洞检测/利用脚本
- [**20**Star][1m] [Dockerfile] [mmicko/cross-fpga](https://github.com/mmicko/cross-fpga) Cross compile FPGA tools
- [**20**Star][1y] [Py] [mk-fg/nflog-zmq-pcap-pipe](https://github.com/mk-fg/nflog-zmq-pcap-pipe) Tool to collect nflog and pipe it to a pcap stream/file over network (0mq) for real-time (or close to) analysis
- [**20**Star][7m] [Py] [milo2012/pentest_automation](https://github.com/milo2012/pentest_automation) 
- [**20**Star][5y] [Perl] [miguelraulb/spamhat](https://github.com/miguelraulb/spamhat) Spam Honeypot Tool
- [**20**Star][3m] [C] [microwave89/drvtricks](https://github.com/microwave89/drvtricks) drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.
- [**20**Star][10d] [Py] [mgeeky/burpcontextawarefuzzer](https://github.com/mgeeky/burpcontextawarefuzzer) BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JSON; XML; GWT; binary) and following encoding-scheme applied originally.
- [**20**Star][4m] [Perl] [mfontani/kippo-stats](https://github.com/mfontani/kippo-stats) Mojolicious app to display statistics for your kippo SSH honeypot
- [**20**Star][1y] [Shell] [merces/scripts](https://github.com/merces/scripts) cuz life is scriptable...
- [**20**Star][2y] [ActionScript] [mdsecactivebreach/cve-2018-4878](https://github.com/mdsecactivebreach/cve-2018-4878) 
- [**20**Star][15d] [toor-pro/alert-1-to-win](https://github.com/toor-pro/alert-1-to-win) alert(1) to win payloads
- [**20**Star][10d] [C] [marcan/asbestos](https://github.com/marcan/asbestos) PS3 Linux bootloader
- [**20**Star][2y] [Go] [malfunkt/iprange](https://github.com/malfunkt/iprange) IPv4 address parser for the nmap format
- [**20**Star][1m] [Java] [makkarpov/mtoxy](https://github.com/makkarpov/mtoxy) An asynchronous & non-blocking Java implementation of Telegram MTProto proxy protocol
- [**20**Star][1y] [m4cs/ios-tweak-dev-tools](https://github.com/m4cs/ios-tweak-dev-tools) A collection of useful development tools and forks of tools that are geared towards iOS jailbreak developers.
- [**20**Star][5m] [Py] [lukdog/backtolife](https://github.com/lukdog/backtolife) Memory forensic tool for process resurrection starting from a memory dump
- [**20**Star][5m] [Py] [lucamassarelli/unsupervised-features-learning-for-binary-similarity](https://github.com/lucamassarelli/unsupervised-features-learning-for-binary-similarity) Code for the paper "Investigating Graph Embedding Neural Networks with Unsupervised Features Extraction for Binary Analysis"
- [**20**Star][24d] [YARA] [lprat/static_file_analysis](https://github.com/lprat/static_file_analysis) Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
- [**20**Star][2m] [JS] [longtian/cache_attack_in_javascript](https://github.com/longtian/cache_attack_in_javascript) Perform cache attack using javascript
- [**20**Star][3y] [PS] [linuz/powerhungry](https://github.com/linuz/powerhungry) Experimental PowerShell tools for Penetration Testing / Red Teaming
- [**20**Star][9m] [JS] [lersh/potatostream](https://github.com/lersh/potatostream) Shadowsocks like Proxy,Written by nodejs
- [**20**Star][5m] [Py] [lanmaster53/ptscripts](https://github.com/lanmaster53/ptscripts) 
- [**20**Star][14d] [Py] [kylemiles/nehebn2](https://github.com/kylemiles/nehebn2) The only thing better than completely headless!
- [**20**Star][11m] [Py] [kudelskisecurity/cryptochallenge17](https://github.com/kudelskisecurity/cryptochallenge17) Kudelski Security's 2017 crypto challenge
- [**20**Star][2y] [Py] [ktb88/ctf](https://github.com/ktb88/ctf) repo for ctf
- [**20**Star][15d] [Py] [konradit/gopro-ble-py](https://github.com/konradit/gopro-ble-py) Python Bluetooth controller for GoPro cameras with BLE connection
- [**20**Star][7m] [Py] [kevthehermit/yaramail](https://github.com/kevthehermit/yaramail) Yara Scanner For IMAP Feeds and saved Streams
- [**20**Star][8m] [TeX] [kevateam/ctf-attack-defense](https://github.com/kevateam/ctf-attack-defense) Attack-defense platform
- [**20**Star][10m] [kdpryor/linuxvolprofiles](https://github.com/kdpryor/linuxvolprofiles) Volatility Linux Profiles
- [**20**Star][1y] [Py] [jymcheong/sysmonresources](https://github.com/jymcheong/sysmonresources) Consolidation of various resources related to Microsoft Sysmon & sample data/log
- [**20**Star][6y] [Java] [juxing/adoreforandroid](https://github.com/juxing/adoreforandroid) Transplant adore rootkit for Android platform.
- [**20**Star][4m] [C++] [justasmasiulis/memory_signature](https://github.com/justasmasiulis/memory_signature) A small wrapper class providing an unified interface to search for various memory signatures
- [**20**Star][11d] [C] [jogolden/ps4flashtool](https://github.com/jogolden/ps4flashtool) A flash tool for the PlayStation 4!
- [**20**Star][9m] [Py] [jnraber/virtualdeobfuscator](https://github.com/jnraber/virtualdeobfuscator) Reverse engineering tool for virtualization wrappers
- [**20**Star][2m] [Go] [jm33-m0/mec-ng](https://github.com/jm33-m0/mec-ng) pentest toolbox
- [**20**Star][9m] [Py] [jiayunhan/opanalyzer](https://github.com/jiayunhan/opanalyzer) The unofficial release of the tool we used in the EuroS&P 2017 paper: Open Doors for Bob and Mallory: Open Port Usage in Android Apps and Security Implications.
- [**20**Star][28d] [jhuapl/allstar](https://github.com/jhuapl/allstar) Assembled Labeled Library for Static Analysis Research - Debian packages built for 6 architectures, storing compiler artifacts, binaries and symbols
- [**20**Star][1m] [Py] [jgamblin/btrecon](https://github.com/jgamblin/btrecon) Bluetooth Recon Script
- [**20**Star][6m] [Py] [jeffbryner/kinectasploitv2](https://github.com/jeffbryner/kinectasploitv2) kinectasploitv2
- [**20**Star][4m] [Py] [jbcayrou/ethre](https://github.com/jbcayrou/ethre) Reverse Engineering tool for Ethereum EVM
- [**20**Star][3m] [C] [jameshilliard/linux-grsec](https://github.com/jameshilliard/linux-grsec) unofficial grsecurity gpl release
- [**20**Star][2m] [C++] [jacob-baines/jit_obfuscation_poc](https://github.com/jacob-baines/jit_obfuscation_poc) Using GNU lightning to generate xor deobfuscation at runtime
- [**20**Star][1y] [C] [izuolan/pshell](https://github.com/izuolan/pshell) ICMP/IP tunnel manager for Linux.
- [**20**Star][1y] [ivan1ee/regasm_installutil_applockerbypass](https://github.com/ivan1ee/regasm_installutil_applockerbypass) AppLocker Bypass With Regasm/InstallUtil
- [**20**Star][3m] [Logos] [iosre/iosrelottery](https://github.com/iosre/iosrelottery) 
- [**20**Star][14d] [C] [intel/efiwrapper](https://github.com/intel/efiwrapper) 
- [**20**Star][17d] [C] [iagox86/dnsmasq-fuzzing](https://github.com/iagox86/dnsmasq-fuzzing) 
- [**20**Star][9m] [hybrisdisaster/asphashdos](https://github.com/hybrisdisaster/asphashdos) ASP.NET HashDoS PoC Payload
- [**20**Star][7m] [Py] [hrushikeshk/enum.py](https://github.com/hrushikeshk/enum.py) A tool to enumerate network services
- [**20**Star][3m] [Py] [hpe-appliedsecurityresearch/maltese](https://github.com/hpe-appliedsecurityresearch/maltese) Maltese - Malware Traffic Emulator
- [**20**Star][7m] [Py] [hexabin/apkstat](https://github.com/hexabin/apkstat) Automated Information Retrieval From APKs For Initial Analysis
- [**20**Star][2m] [PHP] [gwen001/testxss](https://github.com/gwen001/testxss) PHP tool to test XSS
- [**20**Star][2m] [graylog2/graylog-guide-snort](https://github.com/graylog2/graylog-guide-snort) How to send structured Snort IDS alert logs into Graylog
- [**20**Star][8m] [C] [graphitemaster/nvfc](https://github.com/graphitemaster/nvfc) OpenSource tool for monitoring, configuring and overclocking NVIDIA GPUs
- [**20**Star][5m] [Shell] [graneed/bwpot](https://github.com/graneed/bwpot) 高対話型ハニーポット
- [**20**Star][2m] [CMake] [google/idaidle](https://github.com/google/idaidle) a plugin for the commercial IDA Pro disassembler that warns users if they leave their instance idling for too long
- [**20**Star][12d] [HTML] [gnebbia/nmap_tutorial](https://github.com/gnebbia/nmap_tutorial) Some collected notes about nmap
- [**20**Star][2y] [C] [gifur/networkmnt](https://github.com/gifur/networkmnt) Monitor network float of process
- [**20**Star][5m] [gh0st-404/zs-personal-infiltration-syste](https://github.com/gh0st-404/zs-personal-infiltration-syste) 泽少个人渗透系统 Zs Personal Infiltration Syste
- [**20**Star][3m] [geopjr/block-revokes-async_wake](https://github.com/geopjr/block-revokes-async_wake) Just an ipa for blocking ocsp.apple.com
- [**20**Star][2y] [Py] [geekonlinecode/poc](https://github.com/geekonlinecode/poc) 
- [**20**Star][5m] [C] [gdbinit/hello_santa_bye_santa](https://github.com/gdbinit/hello_santa_bye_santa) Bypass Google's Santa
- [**20**Star][2m] [Py] [gaearrow/mssqlatk](https://github.com/gaearrow/mssqlatk) Attack ms sql servers base on shodan python library and pymssql library
- [**20**Star][4m] [C] [fm4dd/viper](https://github.com/fm4dd/viper) Viper is a brute-force password cracker.
- [**20**Star][23d] [C] [firmadyne/libnvram](https://github.com/firmadyne/libnvram) NVRAM emulator
- [**20**Star][4m] [Py] [fireeye/ics_mem_collect](https://github.com/fireeye/ics_mem_collect) 
- [**20**Star][2m] [Py] [fireeye/ardvark](https://github.com/fireeye/ardvark) ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.
- [**20**Star][12d] [JS] [felixbrucker/foxy-proxy](https://github.com/felixbrucker/foxy-proxy) A Proof of Capacity proxy which supports solo and pool mining upstreams
- [**20**Star][5y] [Py] [feanaur/scapy-pentest](https://github.com/feanaur/scapy-pentest) Scapy Penetration testing scripts
- [**20**Star][20d] [Py] [fausecteam/ctf-gameserver](https://github.com/fausecteam/ctf-gameserver)  a gameserver for attack-defense (IT security) CTFs
- [**20**Star][10m] [C++] [ez8-co/ezpp](https://github.com/ez8-co/ezpp) 
- [**20**Star][4y] [C] [exploit-install/thefatrat](https://github.com/exploit-install/thefatrat) An easy tool to generate backdoor with msfvenom (a part from metasploit framework). This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection
- [**20**Star][7m] [Py] [euniceylee/waves](https://github.com/euniceylee/waves) raspberry pi project that visualizes sound waves
- [**20**Star][21d] [CSS] [eugeny/terminus-theme-hype](https://github.com/eugeny/terminus-theme-hype) A Terminus theme that imitates Hyper
- [**20**Star][8m] [Py] [erpscanteam/cve-2018-2636](https://github.com/erpscanteam/cve-2018-2636) ERPScan Public POC for CVE-2018-2636
- [**20**Star][1m] [Ruby] [envato/unwrappr](https://github.com/envato/unwrappr) 
- [**20**Star][11m] [Py] [enigmatos/fuzzlon](https://github.com/enigmatos/fuzzlon) 802.15.4 Fuzzer
- [**20**Star][9m] [Py] [embedi/dji-ws-tools](https://github.com/embedi/dji-ws-tools) DJI Assistant 2 web socket server exploitation tools
- [**20**Star][1m] [Shell] [elreydetoda/packer-kali_linux](https://github.com/elreydetoda/packer-kali_linux) This is a repository that will be used to help create a process of a new kali vagrant box for hashicorp each month.
- [**20**Star][2y] [Py] [ekultek/strutter](https://github.com/ekultek/strutter) Proof of Concept for CVE-2018-11776
- [**20**Star][6m] [HTML] [egzola/esp8266-screensetwifi](https://github.com/egzola/esp8266-screensetwifi) Esp8266 - Transfer data (WiFi credentials) from your smartphone to an ESP8266 by Pulsing your Mobile Screen
- [**20**Star][1y] [eddietcc/cvenotes](https://github.com/eddietcc/cvenotes) 
- [**20**Star][1y] [Go] [dwickern/packer-post-processor-virtualbox-to-hyperv](https://github.com/dwickern/packer-post-processor-virtualbox-to-hyperv) Packer plugin to create Hyper-V vagrant boxes from VirtualBox artifacts
- [**20**Star][4m] [Py] [dtag-dev-sec/peba](https://github.com/dtag-dev-sec/peba) Python EWS Backend API
- [**20**Star][3m] [Py] [discipleofdust/autobof](https://github.com/discipleofdust/autobof) 
- [**20**Star][5y] [Py] [digitalbond/ibal](https://github.com/digitalbond/ibal) IDA Pro Bootrom Analysis Library, which contains a number of useful functions for analyzing embedded ROMs
- [**20**Star][11m] [Java] [delicioushorse/writeups](https://github.com/delicioushorse/writeups) 
- [**20**Star][2m] [Py] [davikawasaki/iot-security-vulnerability](https://github.com/davikawasaki/iot-security-vulnerability) Raspberry PI Vulnerability Study using Flask, PWA VueJS 2, Requests, Vue-Socket.io and Flask SocketIO
- [**20**Star][6y] [darthton/secureerasewin](https://github.com/darthton/secureerasewin) Send SECURE_ERASE_UNIT and SANITIZE_DEVICE ATA command to hard disks
- [**20**Star][19d] [Shell] [danielruf/snyk-js-jquery-174006](https://github.com/danielruf/snyk-js-jquery-174006) patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428
- [**20**Star][2y] [PS] [danielbohannon/devsec-defense](https://github.com/danielbohannon/devsec-defense) Accompanying PowerShell Modules for DevSec Defense Presentation
- [**20**Star][5y] [JS] [dagger0/ipvfox](https://github.com/dagger0/ipvfox) Firefox extension to list the hosts, and corresponding IPs, from which a page and its resources are loaded.
- [**20**Star][2y] [Py] [czardoz/hornet](https://github.com/czardoz/hornet) SSH Multipot
- [**20**Star][5y] [Java] [cyberscions/digitalbank](https://github.com/cyberscions/digitalbank) Android Digital Bank Vulnerable Mobile App
- [**20**Star][2m] [C] [cybersaxostiger/androiddump](https://github.com/cybersaxostiger/androiddump) A tool pulls loaded binaries ordered by memory regions
- [**20**Star][1y] [HTML] [cryptolok/epmg](https://github.com/cryptolok/epmg) Entropic Password Manager Generator is a cross-platform, most secure and storageless password manager that generates passwords
- [**20**Star][13d] [Java] [cronn-de/ssh-proxy](https://github.com/cronn-de/ssh-proxy) Pure Java implementation for SSH port tunneling that understands ProxyJump and ProxyCommand
- [**20**Star][3m] [Py] [countercept/radare2-scripts](https://github.com/countercept/radare2-scripts) A collection of useful radare2 scripts!
- [**20**Star][4m] [Shell] [corb3nik/pwnbox](https://github.com/corb3nik/pwnbox) A VM for RE and Pwn
- [**20**Star][2m] [HLSL] [comsecuris/vgpu_shader_pocs](https://github.com/comsecuris/vgpu_shader_pocs) PoCs for VMWare VGPU Direct 3D 10 vulnerabilities fixed in VMware Workstation 12.5.5 and 12.5.7
- [**20**Star][2m] [C] [colavitam/curl-collisions](https://github.com/colavitam/curl-collisions) An implementation of Heilman et al.'s differential attack on IOTA's Curl hashing function.
- [**20**Star][5m] [Java] [col-e/bytecode-modification-framework](https://github.com/col-e/bytecode-modification-framework) A bytecode modification library
- [**20**Star][5m] [C++] [coffeetrac/autosteer_esp](https://github.com/coffeetrac/autosteer_esp) Advanced Autosteer Sketch for ESP32 - WiFi Version
- [**20**Star][3m] [Py] [codepr/aiotunnel](https://github.com/codepr/aiotunnel) HTTP tunnel on top of aiohttp and asyncio
- [**20**Star][4m] [cnlh/easyproxy](https://github.com/cnlh/easyproxy) 本项目已经迁移至
- [**20**Star][3m] [cn0xroot/gr-replay](https://github.com/cn0xroot/gr-replay) signal record and replay flow graph for Gnuradio
- [**20**Star][6y] [Py] [cloudbase/winrm-scripts](https://github.com/cloudbase/winrm-scripts) Scripts to configure and use WinRM certificate authentication
- [**20**Star][11m] [Batchfile] [cldrn/insecureprogrammingdb](https://github.com/cldrn/insecureprogrammingdb) Insecure programming functions database
- [**20**Star][13d] [Go] [ciehanski/onionbox](https://github.com/ciehanski/onionbox) Send and receive files securely through Tor.
- [**20**Star][8m] [Py] [chrisjd20/cve-2017-9805.py](https://github.com/chrisjd20/cve-2017-9805.py) Better Exploit Code For CVE 2017 9805 apache struts
- [**20**Star][1y] [Py] [chalarangelo/unscrape](https://github.com/chalarangelo/unscrape) A simple image scraper.
- [**20**Star][18d] [Py] [cedricbonhomme/pyhids](https://github.com/cedricbonhomme/pyhids) pyHIDS is a HIDS (host-based intrusion detection system) for verifying the integrity of a system. This project has moved to:
- [**20**Star][19d] [Py] [cbrunsch/scambus](https://github.com/cbrunsch/scambus) Scambus is a python based wireless M-Bus scanner and dissector
- [**20**Star][5y] [Py] [catalyst256/watcher](https://github.com/catalyst256/watcher) Maltego with a twist of wireless
- [**20**Star][2y] [Py] [bsidespdx/ctf-2018](https://github.com/bsidespdx/ctf-2018) 
- [**20**Star][4m] [Py] [brianlam38/sec-cheatsheets](https://github.com/brianlam38/sec-cheatsheets) Cheatsheets on security vulnerabilities and exploits.
- [**20**Star][2y] [Java] [bort-millipede/wlt3serial](https://github.com/bort-millipede/wlt3serial) Native Java-based deserialization exploit for WebLogic T3 (and T3S) listeners.
- [**20**Star][9m] [C] [bnagy/osx-afl-llvm](https://github.com/bnagy/osx-afl-llvm) Barely working LLVM mode for AFL on OSX
- [**20**Star][2y] [C] [bisoon/ps4-api-server](https://github.com/bisoon/ps4-api-server) PS4API server to handle client request for read/write to game memory
- [**20**Star][5m] [C#] [bellapatricia/anothersc2hack](https://github.com/bellapatricia/anothersc2hack) Hacking Blizzard Entertainment's Game "StarCraft II" with external methods
- [**20**Star][1m] [Py] [ba1ma0/tool](https://github.com/ba1ma0/tool) 渗透测试实用工具
- [**20**Star][29d] [C] [b09780978/pwnable.kr-write-up](https://github.com/b09780978/pwnable.kr-write-up) write up for pwnable.kr
- [**20**Star][2m] [Py] [axt/afl-cov](https://github.com/axt/afl-cov) AFL fuzzing coverage CFG visualization
- [**20**Star][2m] [C] [axcheron/pydasm](https://github.com/axcheron/pydasm) Minimal "pydasm" fork for Windows
- [**20**Star][7m] [atvaark/tpp.fileformats](https://github.com/atvaark/tpp.fileformats) Fox Engine / MGS V: TPP file format research
- [**20**Star][4m] [Shell] [aryanrtm/htp](https://github.com/aryanrtm/htp) Hack The Printer
- [**20**Star][4m] [Py] [aron-tn/smtp-cracker](https://github.com/aron-tn/smtp-cracker) [NEw] : SMTP/Mail Access Checker and auto send Result to your email
- [**20**Star][5y] [C] [ariafan/mt65x2_kernel_lk](https://github.com/ariafan/mt65x2_kernel_lk) Kernel and lk source for mt65x2
- [**20**Star][2m] [Py] [anxolerd/dvpwa](https://github.com/anxolerd/dvpwa) Damn Vulnerable Python Web App
- [**20**Star][16d] [annalorimer/security-resources](https://github.com/annalorimer/security-resources) A list of stuff to learn more about security!
- [**20**Star][2y] [C] [android-rooting-tools/libmsm_vfe_read_exploit](https://github.com/android-rooting-tools/libmsm_vfe_read_exploit) CVE-2014-4321 exploit
- [**20**Star][3m] [Py] [andresriancho/vpc-vpn-pivot](https://github.com/andresriancho/vpc-vpn-pivot) Pivot into private VPC networks using a VPN connection
- [**20**Star][1m] [Py] [andreafortuna/malhunt](https://github.com/andreafortuna/malhunt) Hunt malware with Volatility
- [**20**Star][7y] [PHP] [amitnaik/php-backdoor](https://github.com/amitnaik/php-backdoor) This is php backdoor hack to access directory, access to mysql, access to execute shell command
- [**20**Star][3m] [Lua] [alexzhuo/luci-app-pdnsd](https://github.com/alexzhuo/luci-app-pdnsd) 为OpenWRT路由器Pdnsd设计的luci页面和配置文件，用于TCP请求DNS以免投毒
- [**20**Star][2m] [Java] [alexknvl/tracehash](https://github.com/alexknvl/tracehash) Compress long exception traces down to short signatures
- [**20**Star][1m] [Jupyter Notebook] [alexandremuzio/deep-steg](https://github.com/alexandremuzio/deep-steg) Global NIPS Paper Implementation Challenge of "Hiding Images in Plain Sight: Deep Steganography"
- [**20**Star][6m] [JS] [alcideio/pipeline](https://github.com/alcideio/pipeline) Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration
- [**20**Star][10m] [Go] [agnivade/easy-scrypt](https://github.com/agnivade/easy-scrypt) This is a nice and simple wrapper in Go over the scrypt password based key derivation algorithm.
- [**20**Star][2y] [Py] [acru3l/hevd-exploits](https://github.com/acru3l/hevd-exploits) The place where my HackSys Extreme Vulnerable Driver exploits go.
- [**20**Star][3y] [Py] [abdilahrf/ctfwriteupscrapper](https://github.com/abdilahrf/ctfwriteupscrapper) Website to Scrapping all writeup from
- [**20**Star][4m] [Py] [649/netscraped-exploit](https://github.com/649/netscraped-exploit) Framework for obtaining all the credentials stored in vulnerable Netwave IP cameras. Can be used to break into IP cameras, use for research only.
- [**20**Star][2m] [Py] [1oid/webknife](https://github.com/1oid/webknife) Web在线菜刀
- [**20**Star][11m] [Go] [0x4445565a/portanoia](https://github.com/0x4445565a/portanoia) A tool that sets a honeypot port and runs a command against every IP that connects to it.