PenetrationTesting

English Version

Github的Readme显示不会超过4000行，而此Repo添加的工具和文章近万行，默认显示不全。当前页面是减配版：工具星数少于200且500天内没更新的不在此文档中显示。点击这里查看完整版：中文-完整版

工具

新添加的

[3527星][2m] [PowerShell] bloodhoundad/bloodhound Six Degrees of Domain Admin
[1992星][2m] [C++] darthton/blackbone Windows memory hacking library
[1879星][19d] [C] chipsec/chipsec Platform Security Assessment Framework
[1859星][1y] [C++] y-vladimir/smartdeblur Restoration of defocused and blurred photos/images
[1773星][5m] [Py] veil-framework/veil Veil 3.1.X (Check version info in Veil at runtime)
[1560星][1m] [Shell] internetwache/gittools A repository with 3 tools for pwn'ing websites with .git repositories available
[1400星][4m] [C] ettercap/ettercap Ettercap Project
[1384星][1y] [Go] filosottile/whosthere A ssh server that knows who you are. $ ssh whoami.filippo.io
[1339星][20d] [XSLT] lolbas-project/lolbas Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
[1328星][12m] [XSLT] api0cradle/lolbas Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
[1314星][1y] mortenoir1/virtualbox_e1000_0day VirtualBox E1000 Guest-to-Host Escape
[1298星][2m] [PowerShell] peewpw/invoke-psimage Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
[1272星][1y] [JS] sakurity/securelogin This version won't be maintained!
[1218星][1y] [Go] cloudflare/redoctober Go server for two-man rule style file encryption and decryption.
[1209星][1m] [Go] google/martian Martian is a library for building custom HTTP/S proxies
[1136星][3m] [C] dgiese/dustcloud Xiaomi Smart Home Device Reverse Engineering and Hacking
[1128星][2m] [HTML] cure53/httpleaks HTTPLeaks - All possible ways, a website can leak HTTP requests
[1105星][2m] [Py] thoughtfuldev/eagleeye Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.
[1073星][14d] [Go] looterz/grimd
[1052星][1m] [PHP] nbs-system/php-malware-finder Detect potentially malicious PHP files
[1023星][13d] [Py] yelp/detect-secrets An enterprise friendly way of detecting and preventing secrets in code.
[967星][25d] [HTML] n0tr00t/sreg 可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。
[923星][7m] [Py] osirislab/hack-night Hack Night is an open weekly training session run by the OSIRIS lab.
[904星][26d] [Ruby] david942j/one_gadget The best tool for finding one gadget RCE in libc.so.6
[903星][12m] [C++] miek/inspectrum Offline radio signal analyser
[902星][3m] [Go] dominicbreuker/pspy Monitor linux processes without root permissions
[894星][25d] [C] arm-software/arm-trusted-firmware Read-only mirror of Trusted Firmware-A
[885星][1m] [C#] google/sandbox-attacksurface-analysis-tools 沙箱攻击面（Attack Surface）分析工具，用于测试 Windows 上沙箱的各种属性
[874星][4m] [JS] dpnishant/appmon Documentation:
[873星][4m] bugcrowd/bugcrowd_university Open source education content for the researcher community
[852星][20d] [Py] shmilylty/oneforall 子域收集工具
[850星][3m] [CSS] outflanknl/redelk Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
[838星][13d] [Py] circl/ail-framework AIL framework - Analysis Information Leak framework
[835星][13d] [Roff] slimm609/checksec.sh checksec.sh: 检查可执行文件(PIE, RELRO, PaX, Canaries, ASLR, Fortify Source)属性的 bash 脚本
[832星][7m] [JS] serpicoproject/serpico SimplE RePort wrIting and COllaboration tool
[819星][10m] [Shell] thelinuxchoice/userrecon Find usernames across over 75 social networks
[818星][21d] [C#] borntoberoot/networkmanager A powerful tool for managing networks and troubleshoot network problems!
[814星][9m] [Py] ietf-wg-acme/acme A protocol for automating certificate issuance
[814星][16d] [Py] lylemi/learn-web-hacking Study Notes For Web Hacking / Web安全学习笔记
[812星][14d] [Java] lamster2018/easyprotector 一行代码检测XP/调试/多开/模拟器/root
[807星][8m] [Py] nccgroup/featherduster An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
[802星][6m] [Py] corelan/mona Corelan Repository for mona.py
[797星][2m] [JS] sindresorhus/is-online Check if the internet connection is up
[793星][1m] [Py] hellman/xortool A tool to analyze multi-byte xor cipher
[769星][1m] [Go] dreddsa5dies/gohacktools Hacker tools on Go (Golang)
[765星][12m] [PowerShell] kevin-robertson/invoke-thehash PowerShell Pass The Hash Utils
[761星][24d] [C++] shekyan/slowhttptest Application Layer DoS attack simulator
[757星][9m] [Py] hlldz/spookflare Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
[757星][4m] [TSQL] threathunterx/nebula "星云"业务风控系统，主工程
[746星][1y] [Py] greatsct/greatsct The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
[745星][1m] [Go] bishopfox/sliver Implant framework
[739星][1m] [PHP] symfony/security-csrf The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.
[738星][2m] [C++] snort3/snort3 Snort++
[735星][7m] [Py] ricterz/genpass 中国特色的弱口令生成器
[734星][5m] [Go] talkingdata/owl 企业级分布式监控告警系
[731星][1m] [HTML] m4cs/babysploit
[729星][1y] [C#] eladshamir/internal-monologue Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
[719星][5m] [Go] anshumanbh/git-all-secrets 结合多个开源 git 搜索工具实现的代码审计工具
[711星][3m] [Py] f-secure/see Sandboxed Execution Environment
[709星][24d] [Py] globaleaks/globaleaks The Open-Source Whistleblowing Software
[708星][5m] [Py] adamlaurie/rfidiot python RFID / NFC library & tools
[707星][1m] [Perl] gouveaheitor/nipe Nipe is a script to make Tor Network your default gateway.
[706星][4m] aleenzz/cobalt_strike_wiki Cobalt Strike系列
[706星][1y] [C#] p3nt4/powershdll Run PowerShell with rundll32. Bypass software restrictions.
[706星][1m] [Py] shawndevans/smbmap SMBMap is a handy SMB enumeration tool
[698星][13d] [C] iaik/zombieload Proof-of-concept for the ZombieLoad attack
[692星][3m] netflix/security-bulletins Security Bulletins that relate to Netflix Open Source
[687星][5m] [C++] google/certificate-transparency Auditing for TLS certificates.
[687星][7m] [C] hfiref0x/tdl Driver loader for bypassing Windows x64 Driver Signature Enforcement
[684星][2m] [Py] mjg59/python-broadlink Python module for controlling Broadlink RM2/3 (Pro) remote controls, A1 sensor platforms and SP2/3 smartplugs
[684星][25d] streaak/keyhacks Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
[682星][12d] [Java] peergos/peergos A decentralised, secure file storage and social network
[673星][7m] [Py] mr-un1k0d3r/powerlessshell Run PowerShell command without invoking powershell.exe
[665星][1y] [Py] endgameinc/rta
[665星][12m] [PowerShell] arvanaghi/sessiongopher SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
[664星][2m] [Py] skelsec/pypykatz 纯Python实现的Mimikatz
[662星][2m] [Go] pquerna/otp TOTP library for Go
[658星][5m] [Py] golismero/golismero GoLismero - The Web Knife
[654星][1y] [Py] deepzec/bad-pdf create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines
[651星][4m] [C#] outflanknl/evilclippy A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
[650星][12d] ptresearch/attackdetection Attack Detection
[647星][8m] [C] samdenty/wi-pwn performs deauth attacks on cheap Arduino boards
[642星][11m] [C#] wwillv/godofhacker 黑客神器
[637星][3m] [C#] ghostpack/rubeus Trying to tame the three-headed dog.
[631星][2m] [Py] gquere/pwn_jenkins Notes about attacking Jenkins servers
[628星][5m] [PHP] l3m0n/bypass_disable_functions_shell 一个各种方式突破Disable_functions达到命令执行的shell
[615星][10m] [Py] dirkjanm/privexchange Exchange your privileges for Domain Admin privs by abusing Exchange
[606星][1y] [Shell] wireghoul/htshells Self contained htaccess shells and attacks
[602星][2m] [JS] evilsocket/arc 可用于管理私密数据的工具. 后端是 Go 语言编写的 RESTful 服务器, 前台是Html + JavaScript
[592星][2m] [PHP] hongrisec/php-audit-labs 一个关于PHP的代码审计项目
[592星][1m] [PowerShell] ramblingcookiemonster/powershell Various PowerShell functions and scripts
[589星][3m] [Py] webrecorder/pywb Core Python Web Archiving Toolkit for replay and recording of web archives
[584星][16d] [YARA] didierstevens/didierstevenssuite Please no pull requests for this repository. Thanks!
[575星][8m] [C#] 0xbadjuju/tokenvator A tool to elevate privilege with Windows Tokens
[575星][9m] [Py] romanz/amodem transmit a file between 2 computers, using a simple headset, allowing true air-gapped communication (via a speaker and a microphone), or an audio cable (for higher transmission speed)
[574星][8m] [C] mrexodia/titanhide Hiding kernel-driver for x86/x64.
[567星][1y] [C#] tyranid/dotnettojscript A tool to create a JScript file which loads a .NET v2 assembly from memory.
[561星][1y] [Solidity] trailofbits/not-so-smart-contracts Examples of Solidity security issues
[558星][5m] [Py] nidem/kerberoast a series of tools for attacking MS Kerberos implementations
[550星][10m] [C] justinsteven/dostackbufferoverflowgood
[545星][1y] [Go] cw1997/natbypass 内网穿透，端口转发工具
[545星][3m] [Py] its-a-feature/apfell A collaborative, multi-platform, red teaming framework
[543星][1m] [Go] shopify/kubeaudit kubeaudit helps you audit your Kubernetes clusters against common security controls
[536星][8m] [C] hfiref0x/upgdsed Universal PatchGuard and Driver Signature Enforcement Disable
[536星][2m] [C] vanhauser-thc/thc-ipv6 IPv6 attack toolkit
[533星][1m] [Go] yggdrasil-network/yggdrasil-go An experiment in scalable routing as an encrypted IPv6 overlay network
[530星][5m] [HCL] coalfire-research/red-baron Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
[530星][2m] [C] eliasoenal/multimon-ng
[526星][28d] [Ruby] hdm/mac-ages MAC address age tracking
[524星][1y] [Py] n00py/wpforce Wordpress Attack Suite
[523星][1y] [C#] ghostpack/safetykatz SafetyKatz is a combination of slightly modified version of
[515星][11m] [PowerShell] a-min3/winspect Powershell-based Windows Security Auditing Toolbox
[513星][1m] [Shell] trailofbits/twa A tiny web auditor with strong opinions.
[509星][11m] [Go] mthbernardes/gtrs Google Translator Reverse Shell
[507星][1m] [JS] mr-un1k0d3r/thundershell Python / C# Unmanaged PowerShell based RAT
[505星][7m] [Visual Basic] mr-un1k0d3r/maliciousmacrogenerator Malicious Macro Generator
[501星][24d] [Go] sensepost/gowitness Go 语言编写的网站快照工具
[489星][2m] [PHP] nzedb/nzedb a fork of nnplus(2011) | NNTP / Usenet / Newsgroup indexer.
[485星][2m] [Go] gen2brain/cam2ip 将任何网络摄像头转换为IP 摄像机
[480星][1y] [Java] continuumsecurity/bdd-security BDD Automated Security Tests for Web Applications
[479星][11m] [Go] evanmiller/hecate The Hex Editor From Hell
[475星][1m] [C] m0nad/diamorphine LKM rootkit for Linux Kernels 2.6.x/3.x/4.x (x86 and x86_64)
[474星][10m] [Shell] craigz28/firmwalker Script for searching the extracted firmware file system for goodies!
[474星][2m] [Go] gorilla/csrf gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services
[468星][2m] [Py] bashfuscator/bashfuscator A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
[465星][18d] [Py] aoii103/darknet_chinesetrading
[457星][21d] [LLVM] jonathansalwan/tigress_protection Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
[456星][12m] [Py] mehulj94/radium Python keylogger with multiple features.
[454星][5m] [C] phoenhex/files
[453星][27d] [Go] gen0cide/gscript 基于运行时参数，动态安装恶意软件
[449星][3m] [C++] omerya/invisi-shell Hide your Powershell script in plain sight. Bypass all Powershell security features
[448星][2m] [Py] bit4woo/teemo A Domain Name & Email Address Collection Tool
[448星][2m] [PowerShell] rvrsh3ll/misc-powershell-scripts Random Tools
[445星][13d] [Shell] wireghoul/graudit 简单的脚本和签名集，进行源代码审计
[444星][9m] [C] martinmarinov/tempestsdr Remote video eavesdropping using a software-defined radio platform
[443星][2m] [Py] portantier/habu Python 编写的网络工具工具包，主要用于教学/理解网络攻击中的一些概念
[443星][1y] [JS] simonepri/upash
[437星][6m] [PHP] flozz/p0wny-shell Single-file PHP shell
[432星][1m] [PowerShell] mr-un1k0d3r/redteampowershellscripts Various PowerShell scripts that may be useful during red team exercise
[428星][6m] [Pascal] mojtabatajik/robber Robber is open source tool for finding executables prone to DLL hijacking
[426星][6m] [Py] stamparm/fetch-some-proxies Simple Python script for fetching "some" (usable) proxies
[423星][28d] [Py] super-l/superl-url 根据关键词，对搜索引擎内容检索结果的网址内容进行采集的一款轻量级软程序。程序主要运用于安全渗透测试项目，以及批量评估各类CMS系统0DAY的影响程度，同时也是批量采集自己获取感兴趣的网站的一个小程序~~ 可自动从搜索引擎采集相关网站的真实地址与标题等信息，可保存为文件，自动去除重复URL。同时，也可以自定义忽略多条域名等。
[421星][10m] [Py] d4vinci/cuteit IP obfuscator made to make a malicious ip a bit cuter
[408星][10m] [Py] powerscript/katanaframework The New Hacking Framework
[404星][2m] [C++] hoshimin/kernel-bridge Windows kernel hacking framework, driver template, hypervisor and API written on C++
[401星][5m] [Py] ytisf/pyexfil A Python Package for Data Exfiltration
[396星][2m] [HTML] w3c/webappsec Web Application Security Working Group repo
[387星][1y] [C#] squalr/squalr Squalr Memory Editor - Game Hacking Tool Written in C#
[378星][1y] [JS] empireproject/empire-gui Empire client application
[376星][1m] [JS] nccgroup/tracy tracy: 查找web app中所有的sinks and sources, 并以易于理解的方式显示这些结果
[375星][13d] [C++] simsong/bulk_extractor This is the development tree. For downloads please see:
[375星][8m] [Java] tiagorlampert/saint a Spyware Generator for Windows systems written in Java
[372星][8m] [Py] k4m4/onioff onioff：url检测器，深度检测网页链接
[365星][1m] [C++] crypto2011/idr Interactive Delphi Reconstructor
[362星][17d] [C#] bloodhoundad/sharphound The BloodHound C# Ingestor
[361星][20d] [Py] emtunc/slackpirate Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
[360星][26d] [Ruby] david942j/seccomp-tools Provide powerful tools for seccomp analysis
[360星][4m] [Shell] trimstray/otseca otseca: 安全审计工具, 搜索并转储系统配置
[354星][2m] [Py] fox-it/bloodhound.py A Python based ingestor for BloodHound
[351星][6m] [Py] tidesec/tidefinger TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。
[350星][10m] [Py] secynic/ipwhois Retrieve and parse whois data for IPv4 and IPv6 addresses
[348星][2m] [Py] lockgit/hacking hacking is a kind of spirit !
[342星][30d] [Ruby] sunitparekh/data-anonymization Want to use production data for testing, data-anonymization can help you.
[339星][1m] [C] nccgroup/phantap Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
[338星][1y] [Ruby] srcclr/commit-watcher Find interesting and potentially hazardous commits in git projects
[336星][4m] [Perl] keydet89/regripper2.8 RegRipper version 2.8
[331星][12m] [Assembly] egebalci/amber Reflective PE packer.
[328星][8m] [Py] dirkjanm/ldapdomaindump Active Directory information dumper via LDAP
[327星][28d] [PowerShell] joelgmsec/autordpwn The Shadow Attack Framework
[327星][1y] [Py] leapsecurity/inspy A python based LinkedIn enumeration tool
[325星][10m] [C#] ghostpack/sharpdump SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
[322星][1y] [Shell] 1n3/goohak Automatically Launch Google Hacking Queries Against A Target Domain
[318星][22d] [Py] codingo/interlace Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
[317星][1y] [JS] nccgroup/wssip 服务器和客户端之间通信时自定义 WebSocket 数据的捕获、修改和发送。
[316星][1m] [JS] meituan-dianping/lyrebird 基于拦截以及模拟HTTP/HTTPS网络请求的面向移动应用的插件化测试工作台
[316星][1y] [Java] ysrc/liudao “六道”实时业务风控系统
[314星][1y] [Go] benjojo/bgp-battleships Play battleships using BGP
[312星][2m] [Py] circl/lookyloo Lookyloo is a web interface allowing to scrape a website and then displays a tree of domains calling each other.
[312星][11m] crazywa1ker/darthsidious-chinese 从0开始你的域渗透之旅
[311星][12d] [C] vanhauser-thc/aflplusplus afl++ is afl 2.56b with community patches, AFLfast power schedules, qemu 3.1 upgrade + laf-intel support, MOpt mutators, InsTrim instrumentation, unicorn_mode and a lot more!
[310星][5m] [YARA] needmorecowbell/hamburglar collect useful information from urls, directories, and files
[307星][1m] [Go] wangyihang/platypus A modern multiple reverse shell sessions/clients manager via terminal written in go
[306星][3m] [PowerShell] enigma0x3/misc-powershell-stuff random powershell goodness
[304星][2m] [Py] coalfire-research/slackor A Golang implant that uses Slack as a command and control server
[304星][6m] [C] pmem/syscall_intercept Linux系统调用拦截框架，通过 hotpatching 进程标准C库的机器码实现。
[302星][7m] [C] tomac/yersinia yersinia：layer 2 攻击框架
[298星][26d] [Py] salls/angrop a rop gadget finder and chain builder
[298星][1m] [Py] skylined/bugid Detect, analyze and uniquely identify crashes in Windows applications
[296星][1y] [PowerShell] onelogicalmyth/zeroday-powershell A PowerShell example of the Windows zero day priv esc
[295星][6m] [HTML] nccgroup/crosssitecontenthijacking Content hijacking proof-of-concept using Flash, PDF and Silverlight
[295星][1y] [C++] nevermoe/unity_metadata_loader load strings and method/class names in global-metadata.dat to IDA
[295星][1y] [JS] xxxily/fiddler-plus 自定义的Fiddler规则，多环境切换、解决跨域开发、快速调试线上代码必备|高效调试分析利器
[294星][27d] [JS] doyensec/electronegativity Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
[294星][13d] [C++] squalr/squally 2D Platformer Game for Teaching Game Hacking - C++/cocos2d-x
[290星][3m] [Shell] fdiskyou/zines Mirror of my favourite hacking Zines for the lulz, nostalgy, and reference
[290星][1m] [C] mboehme/aflfast AFLFast (extends AFL with Power Schedules)
[288星][2m] [C] 9176324/shark Turn off PatchGuard in real time for win7 (7600) ~ win10 (18950).
[288星][3m] [Visual Basic] itm4n/vba-runpe A VBA implementation of the RunPE technique or how to bypass application whitelisting.
[286星][8m] [C] gianlucaborello/libprocesshider Hide a process under Linux using the ld preloader (
[286星][1y] [Java] webgoat/webgoat-legacy Legacy WebGoat 6.0 - Deliberately insecure JavaEE application
[285星][3m] [Py] apache/incubator-spot Mirror of Apache Spot
[284星][6m] [C#] matterpreter/offensivecsharp Collection of Offensive C# Tooling
[279星][11m] [Py] justicerage/ffm Freedom Fighting Mode: open source hacking harness
[278星][1m] [Go] cruise-automation/fwanalyzer a tool to analyze filesystem images
[278星][3m] [Py] joxeankoret/pyew Official repository for Pyew.
[277星][1y] [HTML] google/p0tools Project Zero Docs and Tools
[277星][16d] [Shell] trimstray/mkchain sslmerge: 建立从根证书到最终用户证书的有效的SSL证书链, 修复不完整的证书链并下载所有缺少的CA证书
[276星][4m] geerlingguy/ansible-role-security Ansible Role - Security
[276星][2m] [Go] mdsecactivebreach/o365-attack-toolkit A toolkit to attack Office365
[275星][4m] [Py] opsdisk/pagodo pagodo (Passive Google Dork) - Automate Google Hacking Database scraping
[273星][3m] [PowerShell] nullbind/powershellery This repo contains Powershell scripts used for general hackery.
[272星][9m] [C++] anhkgg/superdllhijack SuperDllHijack：A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术，不再需要手工导出Dll的函数接口了
[272星][3m] [Py] invernizzi/scapy-http Support for HTTP in Scapy
[271星][3m] artsploit/solr-injection Apache Solr Injection Research
[269星][6m] [Py] ropnop/windapsearch Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
[268星][4m] [Py] den1al/jsshell An interactive multi-user web JS shell
[264星][7m] s0md3v/mypapers Repository for hosting my research papers
[264星][7m] [Py] s0md3v/breacher An advanced multithreaded admin panel finder written in python.
[263星][1y] [Ruby] evait-security/envizon envizon: 网络可视化工具, 在渗透测试中快速识别最可能的目标
[261星][2m] [Shell] al0ne/linuxcheck linux信息收集/应急响应/常见后门检测脚本
[260星][10m] [Py] ant4g0nist/susanoo A REST API security testing framework.
[260星][5m] [C++] d35ha/callobfuscator Obfuscate specific windows apis with different apis
[260星][3m] [C] portcullislabs/linikatz UNIX版本的Mimikatz
[259星][2m] [C] eua/wxhexeditor wxHexEditor official GIT repo
[258星][25d] [Py] frint0/email-enum Email-Enum searches mainstream websites and tells you if an email is registered!
[256星][1y] [PowerShell] fox-it/invoke-aclpwn
[256星][8m] [C] landhb/hideprocess A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager
[256星][1y] [Py] m4ll0k/galileo Galileo - Web Application Audit Framework
[256星][11m] [Py] hysnsec/devsecops-studio DevSecOps Distribution - Virtual Environment to learn DevSecOps
[254星][1m] [Shell] cytoscape/cytoscape Cytoscape: an open source platform for network analysis and visualization
[254星][9m] [C] p0f/p0f p0f unofficial git repo
[253星][1y] [C] benjamin-42/trident
[253星][1y] [Java] jackofmosttrades/gadgetinspector A byte code analyzer for finding deserialization gadget chains in Java applications
[252星][2m] [C++] poweradminllc/paexec Remote execution, like PsExec
[251星][6m] [Go] lavalamp-/ipv666 ipv666: IPV6地址枚举工具. Go编写
[250星][14d] [C++] fransbouma/injectablegenericcamerasystem This is a generic camera system to be used as the base for cameras for taking screenshots within games. The main purpose of the system is to hijack the in-game 3D camera by overwriting values in its camera structure with our own values so we can control where the camera is located, it's pitch/yaw/roll values, its FoV and the camera's look vector.
[250星][2m] [Py] hacktoolspack/hack-tools hack tools
[249星][6m] [Py] itskindred/procspy Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
[247星][14d] [Py] rvrsh3ll/findfrontabledomains Search for potential frontable domains
[246星][4m] [Py] redteamoperations/pivotsuite Network Pivoting Toolkit
[244星][7m] ethicalhack3r/wordpress_plugin_security_testing_cheat_sheet wordpress_plugin_security_testing_cheat_sheet：WordPress插件安全测试备忘录。
[243星][9m] [Py] wh0ale/src-experience 工欲善其事，必先利其器
[239星][7m] [Py] openstack/syntribos 自动化的 API 安全测试工具
[236星][1y] [Py] matthewclarkmay/geoip-attack-map Cyber security geoip attack map that follows syslog and parses IPs/port numbers to visualize attackers in real time.
[236星][8m] [Py] mazen160/bfac 自动化 web app 备份文件测试工具，可检测备份文件是否会泄露 web app 源代码
[234星][15d] [Py] cisco-config-analysis-tool/ccat Cisco Config Analysis Tool
[234星][3m] [Rust] hippolot/anevicon
[233星][2m] [JS] martinzhou2015/srcms SRCMS企业应急响应与缺陷管理系统
[231星][11m] xcsh/unity-game-hacking A guide for hacking unity games
[230星][29d] [Py] timlib/webxray webxray is a tool for analyzing third-party content on webpages and identifying the companies which collect user data.
[226星][10m] duoergun0729/2book 《Web安全之深度学习实战》
[226星][7m] [Shell] r00t-3xp10it/meterpreter_paranoid_mode-ssl Meterpreter Paranoid Mode - SSL/TLS connections
[225星][1y] [Go] netxfly/sec_check 服务器安全检测的辅助工具
[224星][6m] [JS] jesusprubio/strong-node
[222星][22d] [Py] webbreacher/whatsmyname This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects.
[221星][2m] [Py] guimaizi/get_domain 域名收集与监测
[217星][6m] bhdresh/dejavu deception framework which can be used to deploy decoys across the infrastructure
[215星][9m] [Py] mckinsey666/vocabs A lightweight online dictionary integration to the command line
[213星][3m] [JS] varchashva/letsmapyournetwork Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error
[212星][4m] [Shell] cryptolok/crykex Linux Memory Cryptographic Keys Extractor
[212星][1m] [Py] wazuh/wazuh-ruleset ruleset is used to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, system anomalies or security policy violations.
[212星][8m] [JS] zhuyingda/veneno 用Node.js编写的Web安全测试框架
[209星][1y] basilfx/tradfri-hacking Hacking the IKEA TRÅDFRI light bulbs and accessories.
[208星][5m] [C#] erfg12/memory.dll C# Hacking library for making PC game trainers.
[208星][2m] [Py] jordanpotti/cloudscraper Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
[205星][4m] [PowerShell] harmj0y/damp The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
[205星][12m] [Py] orf/xcat 辅助盲 Xpath 注入，检索正在由 Xpath 查询处理的整个 XML 文档，读取主机文件系统上的任意文件，并使用出站 HTTP 请求，使服务器将数据直接发送到xcat
[205星][12m] [C#] tevora-threat/sharpview C# implementation of harmj0y's PowerView
[204星][8m] 1hack0/facebook-bug-bounty-write-ups Hunting Bugs for Fun and Profit
[203星][14d] [Py] seahoh/gotox 本地自动代理，修改自 goagent。
[201星][12d] [CoffeeScript] bevry/getmac Get the mac address of the current machine you are on via Node.js
[201星][6m] [JS] wingleung/save-page-state A chrome extension to save the state of a page for further analysis
[200星][1m] [Py] nyxgeek/lyncsmash locate and attack Lync/Skype for Business

未分类

人工智能&&机器学习&&深度学习&&神经网络

未分类-AI

[4216星][25d] [Py] tensorflow/cleverhans cleverhans：基准测试（benchmark）机器学习系统的漏洞生成（to）对抗样本（adversarial examples）
[3263星][18d] jivoi/awesome-ml-for-cybersecurity 针对网络安全的机器学习资源列表
[2480星][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[1049星][1m] [Py] 13o-bbr-bbq/machine_learning_security Source code about machine learning and security.
[569星][20d] 404notf0und/ai-for-security-learning 安全场景、基于AI的安全算法和安全数据分析学习资料整理
[513星][21d] [Py] gyoisamurai/gyoithon 使用机器学习的成长型渗透测试工具
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/渗透多合一&&渗透框架 |
[445星][4m] [Py] cchio/deep-pwning Metasploit for machine learning.
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/Metasploit/未分类-metasploit |
[283星][1m] [Py] bishopfox/eyeballer Convolutional neural network for analyzing pentest screenshots
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/未分类-Pentest |

收集

收集&&集合

未分类

[4097星][20d] qazbnm456/awesome-web-security web 安全资源列表
[2778星][4m] [C] juliocesarfort/public-pentesting-reports Curated list of public penetration test reports released by several consulting firms and academic security groups
[2747星][2m] infosecn1nja/red-teaming-toolkit A collection of open source and commercial tools that aid in red team operations.
[2592星][1m] rmusser01/infosec_reference An Information Security Reference That Doesn't Suck
[2483星][2m] kbandla/aptnotes Various public documents, whitepapers and articles about APT campaigns
[2353星][22d] [Py] 0xinfection/awesome-waf
[2253星][11m] yeyintminthuhtut/awesome-red-teaming List of Awesome Red Teaming Resources
[2058星][3m] infoslack/awesome-web-hacking A list of web application security
[2024星][1y] bluscreenofjeff/red-team-infrastructure-wiki Wiki to collect Red Team infrastructure hardening resources
[2008星][1m] tanprathan/mobileapp-pentest-cheatsheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[1897星][2m] toolswatch/blackhat-arsenal-tools Black Hat 武器库
[1767星][1m] djadmin/awesome-bug-bounty A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
[1706星][4m] ngalongc/bug-bounty-reference Inspired by
[1698星][1y] coreb1t/awesome-pentest-cheat-sheets Collection of the cheat sheets useful for pentesting
[1602星][6m] [Py] w1109790800/penetration 渗透超全面的渗透资料
[1587星][6m] [Ruby] brunofacca/zen-rails-security-checklist Checklist of security precautions for Ruby on Rails applications.
[1510星][24d] emijrp/awesome-awesome A curated list of awesome curated lists of many topics.
[1340星][19d] grrrdog/java-deserialization-cheat-sheet The cheat sheet about Java Deserialization vulnerabilities
[1170星][7m] joe-shenouda/awesome-cyber-skills A curated list of hacking environments where you can train your cyber skills legally and safely
[1126星][2m] [Batchfile] ckjbug/hacking
[1124星][2m] m4ll0k/awesome-hacking-tools Awesome Hacking Tools
[1095星][13d] w00t3k/awesome-cellular-hacking Awesome-Cellular-Hacking
[1095星][1y] paulsec/awesome-windows-domain-hardening A curated list of awesome Security Hardening techniques for Windows.
[1088星][4m] zbetcheckin/security_list Great security list for fun and profit
[994星][1y] [JS] 0xsobky/hackvault A container repository for my public web hacks!
[961星][4m] [Py] jekil/awesome-hacking Awesome hacking is an awesome collection of hacking tools.
[944星][7m] 0x4d31/awesome-threat-detection A curated list of awesome threat detection and hunting resources
[940星][6m] sundowndev/hacker-roadmap
[908星][9m] wtsxdev/penetration-testing List of awesome penetration testing resources, tools and other shiny things
[905星][6m] [PowerShell] api0cradle/ultimateapplockerbypasslist The goal of this repository is to document the most common techniques to bypass AppLocker.
[899星][6m] cn0xroot/rfsec-toolkit RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
[894星][24d] tom0li/collection-document Collection of quality safety articles
[862星][5m] [Shell] dominicbreuker/stego-toolkit Collection of steganography tools - helps with CTF challenges
[848星][13d] explife0011/awesome-windows-kernel-security-development windows kernel security development
[803星][4m] [Shell] danielmiessler/robotsdisallowed A curated list of the most common and most interesting robots.txt disallowed directories.
[762星][10m] v2-dev/awesome-social-engineering awesome-social-engineering：社会工程学资源集合
[761星][1m] daviddias/awesome-hacking-locations
[723星][1y] [Py] averagesecurityguy/scripts Scripts I use during pentest engagements.
[709星][1y] snifer/security-cheatsheets A collection of cheatsheets for various infosec tools and topics.
[696星][4m] bit4woo/python_sec python安全和代码审计相关资料收集 resource collection of python security and code review
[685星][2m] [C#] harleyqu1nn/aggressorscripts Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
[681星][1m] andrewjkerr/security-cheatsheets
[667星][8m] [XSLT] adon90/pentest_compilation Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
- 重复区段: 工具/OSCP |
[649星][1y] dsasmblr/hacking-online-games A curated list of tutorials/resources for hacking online games.
[628星][9m] webbreacher/offensiveinterview Interview questions to screen offensive (red team/pentest) candidates
[627星][2m] redhuntlabs/awesome-asset-discovery List of Awesome Asset Discovery Resources
[619星][3m] 3gstudent/pentest-and-development-tips A collection of pentest and development tips
[603星][2m] [Shell] ashishb/osx-and-ios-security-awesome OSX and iOS related security tools
[589星][1y] jiangsir404/audit-learning 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
[587星][11m] pandazheng/ioshackstudy IOS安全学习资料汇总
[575星][16d] [Py] hslatman/awesome-industrial-control-system-security awesome-industrial-control-system-security：工控系统安全资源列表
[552星][8m] guardrailsio/awesome-python-security Awesome Python Security resources
[452星][8m] gradiuscypher/infosec_getting_started A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
[444星][7m] jnusimba/miscsecnotes some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
[426星][1y] meitar/awesome-lockpicking awesome-lockpicking：有关锁、保险箱、钥匙的指南、工具及其他资源的列表
[404星][19d] meitar/awesome-cybersecurity-blueteam
[398星][21d] [Py] bl4de/security-tools Collection of small security tools created mostly in Python. CTFs, pentests and so on
[394星][3m] re4lity/hacking-with-golang Golang安全资源合集
[390星][6m] [HTML] gexos/hacking-tools-repository A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
[384星][1m] husnainfareed/awesome-ethical-hacking-resources
[380星][1m] dsopas/assessment-mindset 安全相关的思维导图, 可用于pentesting, bug bounty, red-teamassessments
[350星][16d] fkromer/awesome-ros2 The Robot Operating System Version 2.0 is awesome!
[331星][1m] softwareunderground/awesome-open-geoscience Curated from repositories that make our lives as geoscientists, hackers and data wranglers easier or just more awesome
[328星][27d] [PowerShell] mgeeky/penetration-testing-tools A collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
[308星][16d] cryptax/confsec Security, hacking conferences (list)
[303星][4m] trimstray/technical-whitepapers 收集：IT白皮书、PPT、PDF、Hacking、Web应用程序安全性、数据库、逆向等
[299星][1m] [HTML] eugenekolo/sec-tools A set of security related tools
[289星][1m] hongrisec/web-security-attack Web安全相关内容
[265星][1y] [JS] ropnop/serverless_toolkit A collection of useful Serverless functions I use when pentesting
[260星][3m] mattnotmax/cyber-chef-recipes A list of cyber-chef recipes
[243星][4m] zhaoweiho/web-sec-interview Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
[232星][21d] pe3zx/my-infosec-awesome My curated list of awesome links, resources and tools on infosec related topics
[224星][25d] euphrat1ca/security_w1k1 collect
[211星][5m] guardrailsio/awesome-dotnet-security Awesome .NET Security Resources
[207星][9m] jeansgit/redteam RedTeam资料收集整理
[205星][9m] puresec/awesome-serverless-security A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
[201星][1y] faizann24/resources-for-learning-hacking All the resources I could find for learning Ethical Hacking and penetration testing.
[201星][1y] sigp/solidity-security-blog Comprehensive list of known attack vectors and common anti-patterns

混合型收集

[24225星][15d] trimstray/the-book-of-secret-knowledge A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
[10176星][17d] enaqx/awesome-pentest 渗透测试资源/工具集
[5384星][8m] carpedm20/awesome-hacking Hacking教程、工具和资源
[4994星][1m] sbilly/awesome-security 与安全相关的软件、库、文档、书籍、资源和工具等收集
[3116星][20d] [Rich Text Format] the-art-of-hacking/h4cker 资源收集：hacking、渗透、数字取证、事件响应、漏洞研究、漏洞开发、逆向
[1710星][20d] olivierlaflamme/cheatsheet-god Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet
- 重复区段: 工具/OSCP |
[573星][5m] d30sa1/rootkits-list-download Rootkit收集
[551星][17d] [Perl] bollwarm/sectoolset 安全项目工具集合

无工具类收集

[33516星][1y] [Py] minimaxir/big-list-of-naughty-strings “淘气”的字符串列表，当作为用户输入时很容易引发问题
[8929星][2m] vitalysim/awesome-hacking-resources A collection of hacking / penetration testing resources to make you better!
[2935星][1m] blacckhathaceekr/pentesting-bible links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
[2660星][1m] secwiki/sec-chart 安全思维导图集合
[2580星][1y] [HTML] chybeta/web-security-learning Web-Security-Learning
[2427星][1y] onlurking/awesome-infosec A curated list of awesome infosec courses and training resources.
[2306星][10m] hack-with-github/free-security-ebooks Free Security and Hacking eBooks
[2054星][2m] yeahhub/hacking-security-ebooks Top 100 Hacking & Security E-Books (Free Download)
[1917星][3m] [Py] nixawk/pentest-wiki PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
[1434星][4m] hmaverickadams/beginner-network-pentesting Notes for Beginner Network Pentesting Course

收集类的收集

[32197星][2m] hack-with-github/awesome-hacking A collection of various awesome lists for hackers, pentesters and security researchers

教育资源&&课程&&教程&&书籍

[10844星][1m] [CSS] hacker0x01/hacker101 Hacker101
[3897星][3m] [PHP] paragonie/awesome-appsec A curated list of resources for learning about application security

笔记&&Tips&&Tricks&&Talk&&Conference

未分类

[2786星][29d] paulsec/awesome-sec-talks A collected list of awesome security talks
[671星][2m] uknowsec/active-directory-pentest-notes 个人域渗透学习笔记
[540星][9m] [PowerShell] threatexpress/red-team-scripts A collection of Red Team focused tools, scripts, and notes

blog

[1231星][5m] chalker/notes Some public notes

移动&&Mobile

未分类-Mobile

[4885星][14d] [HTML] owasp/owasp-mstg 关于移动App安全开发、测试和逆向的相近手册
[4785星][13d] [JS] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
[1940星][20d] [Py] sensepost/objection objection： runtimemobile exploration
[1839星][6m] [Java] fuzion24/justtrustme An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
[604星][6m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
- 重复区段: 工具/审计&&安全审计&&代码审计/未分类-Audit |
[529星][17d] [Shell] owasp/owasp-masvs OWASP 移动App安全标准
[370星][1y] [CSS] nowsecure/secure-mobile-development A Collection of Secure Mobile Development Best Practices
[320星][5m] [Java] datatheorem/trustkit-android Easy SSL pinning validation and reporting for Android.

Android

[4221星][23d] [Shell] ashishb/android-security-awesome A collection of android security related resources
[2294星][1y] [Java] csploit/android cSploit - The most complete and advanced IT security professional toolkit on Android.
[2089星][8m] [Py] linkedin/qark 查找Android App的漏洞, 支持源码或APK文件
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞扫描&&挖掘&&发现/漏洞扫描/未分类 |
[2033星][9m] jermic/android-crack-tool
[1966星][7m] [Py] fsecurelabs/drozer The Leading Security Assessment Framework for Android.
[1414星][10m] [Java] aslody/legend (Android)无需Root即可Hook Java方法的框架, 支持Dalvik和Art环境
[1393星][13d] [Java] chrisk44/hijacker Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
[1202星][26d] [Java] find-sec-bugs/find-sec-bugs The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
[1199星][2m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
[781星][2m] sh4hin/androl4b 用于评估Android应用程序，逆向工程和恶意软件分析的虚拟机
- 重复区段: 工具/环境配置&&分析系统/未分类-Env |
[664星][17d] doridori/android-security-reference A W.I.P Android Security Ref
[511星][3m] [JS] wooyundota/droidsslunpinning Android certificate pinning disable tools
[462星][3m] [JS] lyxhh/lxhtoolhttpdecrypt Simple Android/iOS protocol analysis and utilization tool
[383星][1y] [Py] thehackingsage/hacktronian All in One Hacking Tool for Linux & Android
[372星][3m] [Java] megatronking/netbare Net packets capture & injection library designed for Android
[358星][4m] [C] the-cracker-technology/andrax-mobile-pentest ANDRAX The first and unique Penetration Testing platform for Android smartphones
[348星][4m] [Makefile] crifan/android_app_security_crack 安卓应用的安全和破解
[341星][4m] b3nac/android-reports-and-resources A big list of Android Hackerone disclosed reports and other resources.
[326星][14d] [TypeScript] shroudedcode/apk-mitm
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/未分类-Network |工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[248星][9m] [C] chef-koch/android-vulnerabilities-overview An small overview of known Android vulnerabilities
[233星][1y] [Ruby] hahwul/droid-hunter Android application vulnerability analysis and Android pentest tool

iOS&&MacOS&&iPhone&&iPad&&iWatch

[5299星][5m] [C] pwn20wndstuff/undecimus unc0ver jailbreak for iOS 11.0 - 12.4
[5097星][2m] [Py] axi0mx/ipwndfu open-source jailbreaking tool for many iOS devices
[4143星][7m] [Objective-C] alonemonkey/monkeydev CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
[3411星][6m] icodesign/potatso Potatso is an iOS client that implements different proxies with the leverage of NetworkExtension framework in iOS 10+.
[3072星][9m] [JS] jipegit/osxauditor OS X Auditor is a free Mac OS X computer forensics tool
[1685星][5m] [Py] yelp/osxcollector A forensic evidence collection & analysis toolkit for OS X
[1366星][6m] [Objective-C] nabla-c0d3/ssl-kill-switch2 Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
[1259星][5m] [JS] feross/spoof Easily spoof your MAC address in macOS, Windows, & Linux!
[1218星][5m] [Vue] chaitin/passionfruit iOSapp 黑盒评估工具。功能丰富，自带基于web的 GUI
[1214星][19d] [C] datatheorem/trustkit Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
[1174星][29d] [YARA] horsicq/detect-it-easy Program for determining types of files for Windows, Linux and MacOS.
[1121星][4m] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
[1094星][1y] [Objective-C] neoneggplant/eggshell iOS/macOS/Linux Remote Administration Tool
[969星][1y] [Py] mwrlabs/needle The iOS Security Testing Framework
[898星][2m] [Objective-C] ptoomey3/keychain-dumper A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
[577星][2m] siguza/ios-resources Useful resources for iOS hacking
[475星][1y] [Swift] icepa/icepa iOS system-wide VPN based Tor client
[385星][3m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/未分类-Pentest |
[321星][30d] [Objective-C] auth0/simplekeychain A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
[213星][10m] [AppleScript] lifepillar/csvkeychain Import/export between Apple Keychain.app and plain CSV file.
[204星][7m] [C] owasp/igoat OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar

CTF&&HTB

未分类-CTF&&HTB

[952星][2m] ctfs/resources A general collection of information, tools, and tips regarding CTFs and similar security competitions
[744星][1m] [Py] ashutosh1206/crypton Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Authentication methods along with example challenges from CTFs
[634星][8m] cryptogenic/exploit-writeups A collection where my current and future writeups for exploits/CTF will go
[474星][5m] [PHP] wonderkun/ctf_web a project aim to collect CTF web practices .
[472星][3m] [PHP] susers/writeups 国内各大CTF赛题及writeup整理
[450星][8m] [Py] christhecoolhut/zeratool Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
[410星][3m] ctftraining/ctftraining CTF Training 经典赛题复现环境
[307星][5m] [C] sixstars/ctf A writeup summary for CTF competitions, problems.
[294星][28d] [HTML] balsn/ctf_writeup CTF writeups from Balsn
[290星][9m] [HTML] s1gh/ctf-literature Collection of free books, papers and articles related to CTF challenges.
[283星][10m] [Shell] ctf-wiki/ctf-tools CTF 工具集合
[260星][5m] [CSS] l4wio/ctf-challenges-by-me Pwnable|Web Security|Cryptography CTF-style challenges
[253星][6m] [Shell] lieanu/libcsearcher glibc offset search for ctf.
[233星][8m] harmoc/ctftools Personal CTF Toolkit
[209星][1y] [Py] 3summer/ctf-rsa-tool a little tool help CTFer solve RSA problem

收集

[3857星][1m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[3857星][1m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[1709星][1m] [PHP] orangetw/my-ctf-web-challenges Collection of CTF Web challenges I made
[945星][19d] [C] bt3gl/pentesting-toolkit Tools for pentesting, CTFs & wargames.
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/未分类-Pentest |
[358星][4m] xtiankisutsa/awesome-mobile-ctf This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
- 重复区段: 工具/靶机&&漏洞环境&&漏洞App/收集 |

HTB

[642星][28d] hackplayers/hackthebox-writeups Writeups for HacktheBox 'boot2root' machines

CTF

未分类-CTF

[6102星][1y] [Hack] facebook/fbctf Platform to host Capture the Flag competitions
[5861星][14d] [Py] gallopsled/pwntools CTF framework and exploit development library
[4317星][1m] [Shell] zardus/ctf-tools Some setup scripts for security research tools.
[2756星][19d] [HTML] ctf-wiki/ctf-wiki CTF Wiki Online. Come and join us, we need you!
[2295星][19d] [Py] ctfd/ctfd CTFs as you need them
[1531星][1m] [C] firmianay/ctf-all-in-one CTF竞赛入门指南
[1343星][4m] [Go] google/google-ctf Google CTF
[1340星][3m] [C] taviso/ctftool Interactive CTF Exploration Tool
[1248星][11m] [Py] unapibageek/ctfr Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
[1244星][2m] [Py] ganapati/rsactftool RSA攻击工具，主要用于CTF，从弱公钥和/或uncipher数据中回复私钥
[1132星][16d] [Py] p4-team/ctf Ctf solutions from p4 team
[1034星][2m] [C] trailofbits/ctf CTF Field Guide
[1013星][12m] naetw/ctf-pwn-tips Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
[845星][1m] [Ruby] w181496/web-ctf-cheatsheet Web CTF CheatSheet
[824星][28d] ignitetechnologies/privilege-escalation This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
[780星][2m] [Py] acmesec/ctfcracktools 中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
[609星][1m] [Shell] diego-treitos/linux-smart-enumeration Linux enumeration tool for pentesting and CTFs with verbosity levels
[423星][6m] [HTML] ctf-wiki/ctf-challenges
[397星][2m] [Py] j00ru/ctf-tasks An archive of low-level CTF challenges developed over the years
[381星][14d] [Py] moloch--/rootthebox A Game of Hackers (CTF Scoreboard & Game Manager)
[373星][4m] [C] hackgnar/ble_ctf A Bluetooth low energy capture the flag
[309星][2m] [PHP] nakiami/mellivora Mellivora is a CTF engine written in PHP
[302星][7m] [Py] screetsec/brutesploit BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
[292星][2m] [Py] christhecoolhut/pinctf Using Intel's PIN tool to solve CTF problems
[275星][11m] [Py] hongrisec/ctf-training 收集各大比赛的题目和Writeup
[252星][5m] [Shell] ctfhacker/epictreasure Batteries included CTF VM
[236星][12m] [Java] shiltemann/ctf-writeups-public Writeups for infosec Capture the Flag events by team Galaxians
[218星][2m] [HTML] sectalks/sectalks CTFs, solutions and presentations
[215星][1m] [C] david942j/ctf-writeups Collection of scripts and writeups

Writeup

[1813星][1y] [CSS] ctfs/write-ups-2015 Wiki-like CTF write-ups repository, maintained by the community. 2015
[1763星][11m] [Py] ctfs/write-ups-2017 Wiki-like CTF write-ups repository, maintained by the community. 2017
[586星][1m] [Py] pwning/public-writeup CTF write-ups by Plaid Parliament of Pwning
[489星][8m] manoelt/50m_ctf_writeup $50 Million CTF from Hackerone - Writeup
[275星][7m] [HTML] bl4de/ctf CTF (Capture The Flag) writeups, code snippets, notes, scripts
[222星][1y] [Shell] ctfs/write-ups-2018 Wiki-like CTF write-ups repository, maintained by the community. 2018

收集

漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing

未分类-Vul

[1968星][12d] [Java] jeremylong/dependencycheck OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
[1797星][27d] [TypeScript] snyk/snyk CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
[1619星][18d] roave/securityadvisories ensures that your application doesn't have installed dependencies with known security vulnerabilities
[1535星][1m] [Java] spotbugs/spotbugs SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
[1284星][12m] [Py] xyntax/poc-t 脚本调用框架，用于渗透测试中采集|爬虫|爆破|批量PoC 等需要并发的任务
[1232星][30d] [JS] archerysec/archerysec Centralize Vulnerability Assessment and Management for DevSecOps Team
[1079星][19d] [Jupyter Notebook] ibm/adversarial-robustness-toolbox Python library for adversarial machine learning, attacks and defences for neural networks, logistic regression, decision trees, SVM, gradient boosted trees, Gaussian processes and more with multiple framework support
[1074星][1y] [PowerShell] rasta-mouse/sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
[1018星][16d] [HTML] defectdojo/django-defectdojo DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
[901星][19d] [Py] knownsec/pocsuite3 远程漏洞测试与PoC开发框架
[814星][6m] numirias/security Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
[813星][3m] [JS] creditease-sec/insight 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
[806星][1y] [Py] leviathan-framework/leviathan 多功能审计工具包，包括多种服务发现（FTP、SSH、Talnet、RDP、MYSQL）、爆破、远程命令执行、SQL注入扫描、指定漏洞利用，集成了Masscan、Ncrack、DSSS等工具。
[625星][5m] [Py] pyupio/safety 检查所有已安装 Python 包, 查找已知的安全漏洞
[578星][7m] [Java] olacabs/jackhammer 安全漏洞评估和管理工具
[567星][12d] arkadiyt/bounty-targets-data This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
[541星][1y] [Java] mr5m1th/poc-collect 各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
[540星][10m] [PHP] zhuifengshaonianhanlu/pikachu 一个好玩的Web安全-漏洞测试平台
[462星][1m] [Java] joychou93/java-sec-code Java common vulnerabilities and security code.
[430星][28d] [Py] google/vulncode-db a database for vulnerabilities and their corresponding source code if available
[428星][4m] [Py] crocs-muni/roca 测试公共 RSA 密钥是否存在某些漏洞
[409星][4m] [Java] nccgroup/freddy 自动识别 Java/.NET 应用程序中的反序列化漏洞
[395星][17d] [Go] cbeuw/cloak A universal pluggable transport utilising TLS domain fronting to evade deep packet inspection and active probing from state-level adversaries
[379星][10m] skyblueeternal/thinkphp-rce-poc-collection thinkphp v5.x 远程代码执行漏洞-POC集合
[372星][6m] tidesec/tide 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
[361星][12m] hannob/vulns Named vulnerabilities and their practical impact
[357星][8m] [C] vulnreproduction/linuxflaw This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
[354星][6m] [PHP] fate0/prvd PHP Runtime Vulnerability Detection
[351星][6m] [Py] orangetw/awesome-jenkins-rce-2019 There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
[342星][2m] snyk/zip-slip-vulnerability Zip Slip Vulnerability (Arbitrary file write through archive extraction)
[335星][2m] [Java] denimgroup/threadfix threadfix：软件漏洞汇总和管理系统，可帮助组织汇总漏洞数据，生成虚拟补丁，并与软件缺陷跟踪系统进行交互
[314星][27d] [Java] sap/vulnerability-assessment-tool Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy.
[312星][11m] cryin/paper Web Security Technology & Vulnerability Analysis Whitepapers
[299星][16d] [Py] ym2011/poc-exp Collecting and writing PoC or EXP for vulnerabilities on some application
[291星][3m] [Py] christhecoolhut/firmware_slap Discovering vulnerabilities in firmware through concolic analysis and function clustering.
[286星][2m] [Py] fplyth0ner-combie/bug-project-framework 漏洞利用框架模块分享仓库
[283星][4m] [C#] l0ss/grouper2 Find vulnerabilities in AD Group Policy
[283星][7m] [C] tangsilian/android-vuln 安卓内核提权漏洞分析
[271星][21d] disclose/disclose Driving safety, simplicity, and standardization in vulnerability disclosure.
[265星][1y] [Py] ucsb-seclab/bootstomp a bootloader vulnerability finder
[263星][1y] [JS] portswigger/hackability Probe a rendering engine for vulnerabilities and other features
[249星][5m] [Py] jcesarstef/dotdotslash Python脚本, 查找目录遍历漏洞
[234星][19d] [HTML] edoverflow/bugbountyguide Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
[220星][2m] [Py] ismailtasdelen/hackertarget attack surface discovery and identification of security vulnerabilities
[211星][2m] [C++] atxsinn3r/vulncases Oh it's just a bunch of vulns for references.
[207星][6m] [Py] jas502n/cnvd-c-2019-48814 WebLogic wls9-async反序列化远程命令执行漏洞
[202星][6m] [Py] greekn/rce-bug 新漏洞感知项目主要帮助大家记录一些重大漏洞漏洞方面的细节
[201星][2m] [Ruby] appfolio/gemsurance Gem vulnerability checker using rubysec/ruby-advisory-db
[201星][7m] [C++] j00ru/kfetch-toolkit A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities

资源收集

[3444星][8m] [C] rpisec/mbe Course materials for Modern Binary Exploitation by RPISEC
[3429星][4m] [PHP] hanc00l/wooyun_public This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
[2954星][8m] [C] secwiki/linux-kernel-exploits linux-kernel-exploits Linux平台提权漏洞集合
[2600星][1m] xairy/linux-kernel-exploitation Linux 内核 Fuzz 和漏洞利用的资源收集
[2072星][14d] [PowerShell] k8gege/k8tools K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
[1962星][14d] qazbnm456/awesome-cve-poc CVE PoC列表
[1882星][1m] [HTML] gtfobins/gtfobins.github.io Curated list of Unix binaries that can be exploited to bypass system security restrictions
[1701星][3m] tunz/js-vuln-db A collection of JavaScript engine CVEs with PoCs
[1196星][1y] felixgr/secure-ios-app-dev secure-ios-app-dev：iOSApp 最常见漏洞收集
[1093星][5m] [Py] coffeehb/some-poc-or-exp 各种漏洞poc、Exp的收集或编写
[1044星][14d] [Py] offensive-security/exploitdb-bin-sploits Exploit Database binary exploits located in the /sploits directory
[1020星][1m] [C] xairy/kernel-exploits My proof-of-concept exploits for the Linux kernel
[1006星][19d] [Py] thekingofduck/fuzzdicts Web Pentesting Fuzz 字典,一个就够了。
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞扫描&&挖掘&&发现/Fuzzing/未分类-Fuzz |
[977星][10m] [Py] xiphosresearch/exploits Miscellaneous exploit code
[962星][11m] [PHP] secwiki/cms-hunter CMS漏洞测试用例集合
[938星][5m] [C] dhavalkapil/heap-exploitation This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
[894星][2m] [Py] nullsecuritynet/tools Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
[672星][1y] [C] billy-ellis/exploit-challenges A collection of vulnerable ARM binaries for practicing exploit development
[609星][7m] yeyintminthuhtut/awesome-advanced-windows-exploitation-references List of Awesome Advanced Windows Exploitation References
[568星][1y] [C] externalist/exploit_playground Analysis of public exploits or my 1day exploits
[483星][7m] [C] jiayy/android_vuln_poc-exp This project contains pocs and exploits for vulneribilities I found (mostly)
[417星][9m] [C] hardenedlinux/linux-exploit-development-tutorial a series tutorial for linux exploit development to newbie.
[329星][1y] snyk/vulnerabilitydb Snyk's public vulnerability database
[268星][10m] [Py] secwiki/office-exploits office-exploits Office漏洞集合
[222星][2m] [Py] boy-hack/airbug Airbug(空气洞)，收集漏洞poc用于安全产品
[222星][1y] [C++] wnagzihxa1n/browsersecurity 我在学习浏览器安全过程中整理的漏洞分析笔记与相关的学习资料

漏洞开发

未分类-VulDev

[3705星][10m] [Py] longld/peda Python Exploit Development Assistance for GDB
[2488星][13d] [Py] hugsy/gef gdb增强工具，使用Python API，用于漏洞开发和逆向分析。
[2362星][22d] [Py] pwndbg/pwndbg GDB插件，辅助漏洞开发和逆向
[465星][10m] [Py] wapiflapi/villoc Visualization of heap operations.

ROP

[2101星][27d] [Py] jonathansalwan/ropgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
[931星][13d] [Py] sashs/ropper Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.
[677星][11m] [HTML] zhengmin1989/myarticles 蒸米的文章（iOS冰与火之歌系列，一步一步学ROP系列，安卓动态调试七种武器系列等）

漏洞扫描&&挖掘&&发现

未分类

漏洞扫描

未分类

[6953星][24d] [Go] future-architect/vuls 针对Linux/FreeBSD 编写的漏洞扫描器. Go 语言编写
[6516星][16d] [Java] zaproxy/zaproxy 在开发和测试Web App时自动发现安全漏洞
[5563星][17d] [Ruby] presidentbeef/brakeman ROR程序的静态分析工具
[2904星][21d] [Py] andresriancho/w3af Web App安全扫描器, 辅助开发者和渗透测试人员识别和利用Web App中的漏洞
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/未分类-Scanner |
[2440星][6m] [Py] ysrc/xunfeng 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。
[2403星][28d] [Go] knqyf263/trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
[2089星][8m] [Py] linkedin/qark 查找Android App的漏洞, 支持源码或APK文件
- 重复区段: 工具/移动&&Mobile/Android |
[1873星][1m] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/信息收集&&侦查&&Recon&&InfoGather |
[1864星][3m] [Py] python-security/pyt Python Web App 安全漏洞检测和静态分析工具
[1629星][1y] [Py] evyatarmeged/raccoon 高性能的侦查和漏洞扫描工具
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/信息收集&&侦查&&Recon&&InfoGather |
[1370星][6m] [Py] almandin/fuxploider 文件上传漏洞扫描和利用工具
[1339星][5m] [Py] s0md3v/striker Striker is an offensive information and vulnerability scanner.
[1023星][7m] [Py] lucifer1993/angelsword Python3编写的CMS漏洞检测框架
[932星][1y] [Java] google/firing-range a test bed for web application security scanners, providing synthetic, wide coverage for an array of vulnerabilities.
[913星][4m] threathuntingproject/threathunting An informational repo about hunting for adversaries in your IT environment.
[884星][1m] [Go] opensec-cn/kunpeng Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。
[884星][2m] [Py] hasecuritysolutions/vulnwhisperer Create actionable data from your Vulnerability Scans
[852星][3m] [Py] boy-hack/w9scan Plug-in type web vulnerability scanner
[840星][3m] [Py] lijiejie/bbscan A vulnerability scanner focus on scanning large number of targets in short time with a minimal set of rules.
[725星][10m] [PowerShell] l0ss/grouper A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
[643星][5m] [Perl] moham3driahi/xattacker X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
[632星][5m] [PHP] mattiasgeniar/php-exploit-scripts A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
[602星][10m] [Dockerfile] aquasecurity/microscanner Scan your container images for package vulnerabilities with Aqua Security
[539星][5m] [JS] seccubus/seccubus Easy automated vulnerability scanning, reporting and analysis
[523星][3m] [Py] hatboy/struts2-scan Struts2全漏洞扫描利用工具
[513星][7m] [Py] wyatu/perun 主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
[491星][14d] [C#] k8gege/ladon Ladon一款用于大型网络渗透的多线程插件化综合扫描神器，含端口扫描、服务识别、网络资产、密码爆破、高危漏洞检测以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描。5.5版本内置39个功能模块,通过多种协议以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、数据库等信息，漏洞检测包含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2等，密码爆破11种含数据库(Mysql、Oracle、MSSQL)、FTP、SSH(Linux主机)、VNC、Windows密码(IPC、WMI、SMB)、Weblogic后台、Rar压缩包密码等，Web指…
[488星][2m] [Perl 6] rezasp/joomscan Perl语言编写的Joomla CMS漏洞扫描器
[452星][1m] [C] greenbone/openvas-scanner Open Vulnerability Assessment Scanner
[443星][5m] [Py] dr0op/weblogicscan 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618，CVE-2019-2729检测，Python3支持
[436星][15d] [Py] k8gege/k8cscan 大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动
[375星][10m] [Py] hahwul/a2sv a2sv：自动扫描并检测常见的和已知的SSL 漏洞

[362星][1m] [Py] l4ys/lazyida 若干快速访问功能, 扫描字符串格式化漏洞

查看详情

  ### 功能
  - 快速移除函数返回类型
  - 数据格式(format)快速转换
  - 扫描字符串格式化漏洞
  - 双击跳转vtable函数
  - 快捷键: w/c/v
  </details>

[351星][1m] [C#] security-code-scan/security-code-scan Vulnerability Patterns Detector for C# and VB.NET
[343星][2m] [Py] chenjj/corscanner Fast CORS misconfiguration vulnerabilities scanner
[319星][3m] [Py] vulmon/vulmap Vulmap Online Local Vulnerability Scanners Project
[318星][7m] [C#] yalcinyolalan/wssat web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files
[297星][4m] [Py] zhaoweiho/securitymanageframwork Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer securit…
[287星][1y] [Py] flipkart-incubator/watchdog 全面的安全扫描和漏洞管理工具
[285星][2m] [Py] utiso/dorkbot dorkbot：扫描谷歌搜索返回的网页，查找网页漏洞
[279星][7m] [Py] vulscanteam/vulscan vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
[276星][5m] [Perl] rezasp/vbscan OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
[257星][2m] [JS] stono/hawkeye A project security/vulnerability/risk scanning tool
[246星][4m] [Shell] peterpt/eternal_scanner eternal_scanner：永恒之蓝漏洞的网络扫描器
[226星][1y] [Py] leapsecurity/libssh-scanner Script to identify hosts vulnerable to CVE-2018-10933
[222星][1y] [C++] ucsb-seclab/dr_checker 用于Linux 内核驱动程序的漏洞检测工具
[218星][7m] [Py] skewwg/vulscan 漏洞扫描：st2、tomcat、未授权访问等等
[211星][6m] [Py] kingkaki/weblogic-scan weblogic 漏洞扫描工具
[208星][20d] [Py] sethsec/celerystalk An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

Web漏洞

系统漏洞

App漏洞

移动平台漏洞

Fuzzing

未分类-Fuzz

[4649星][29d] [C] google/oss-fuzz oss-fuzz：开源软件fuzzing
[3992星][12d] [Py] google/clusterfuzz Scalable fuzzing infrastructure.
[3169星][1m] [Go] dvyukov/go-fuzz Randomized testing for Go
[1706星][1y] [PowerShell] fuzzysecurity/powershell-suite My musings with PowerShell
[1335星][2m] [C] googleprojectzero/winafl A fork of AFL for fuzzing Windows binaries
[1107星][9m] [Py] openrce/sulley A pure-python fully automated and unattended fuzzing framework.
[1100星][28d] bo0om/fuzz.txt Potentially dangerous files
[1006星][19d] [Py] thekingofduck/fuzzdicts Web Pentesting Fuzz 字典,一个就够了。
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/资源收集 |
[990星][28d] [C] google/fuzzer-test-suite Set of tests for fuzzing engines
[859星][18d] [Py] swisskyrepo/ssrfmap Automatic SSRF fuzzer and exploitation tool
[850星][25d] [Go] sahilm/fuzzy Go library that provides fuzzy string matching optimized for filenames and code symbols in the style of Sublime Text, VSCode, IntelliJ IDEA et al.
[808星][1m] [C] rust-fuzz/afl.rs
[788星][17d] [Swift] googleprojectzero/fuzzilli A JavaScript Engine Fuzzer
[748星][23d] [Py] jtpereyda/boofuzz 网络协议Fuzzing框架, sulley的继任者
[736星][7m] [HTML] tennc/fuzzdb 一个fuzzdb扩展库
[689星][14d] [Go] ffuf/ffuf Fast web fuzzer written in Go
[634星][28d] [Go] google/gofuzz Fuzz testing for go.
[628星][4m] [C] kernelslacker/trinity Linux system call fuzzer
[608星][14d] [C] google/afl american fuzzy lop - a security-oriented fuzzer
[588星][4m] [Py] nongiach/arm_now arm_now: 快速创建并运行不同CPU架构的虚拟机, 用于逆向分析或执行二进制文件. 基于QEMU
[569星][19d] [Py] 1n3/blackwidow A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
[541星][8m] [Py] shellphish/fuzzer fuzzer：Americanfuzzy lop 的 Python 版本接口
[516星][2m] [C++] angorafuzzer/angora Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
[500星][12d] [Py] mozillasecurity/funfuzz A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
[472星][1y] [Py] c0ny1/upload-fuzz-dic-builder 上传漏洞fuzz字典生成脚本
[471星][16d] [Py] trailofbits/deepstate A unit test-like interface for fuzzing and symbolic execution
[453星][1m] [Rust] rust-fuzz/cargo-fuzz cargo-fuzz：libFuzzer的wrapper
[424星][2m] [Perl] wireghoul/dotdotpwn DotDotPwn - The Directory Traversal Fuzzer
[404星][6m] [Ruby] tidesec/fuzzscanner 一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
[398星][4m] [C] mykter/afl-training Exercises to learn how to fuzz with American Fuzzy Lop
[384星][6m] [C] coolervoid/0d1n Web security tool to make fuzzing at HTTP/S, Beta
[379星][27d] [Haskell] crytic/echidna echidna: Ethereum fuzz testing framework
[378星][3m] [Rust] microsoft/lain A fuzzer framework built in Rust
[370星][1m] [TypeScript] fuzzitdev/jsfuzz coverage guided fuzz testing for javascript
[364星][1y] [C] battelle/afl-unicorn afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
[357星][3m] [C++] googleprojectzero/brokentype TrueType and OpenType font fuzzing toolset
[340星][4m] [Java] google/graphicsfuzz A testing framework for automatically finding and simplifying bugs in graphics shader compilers.
[340星][1m] [C++] sslab-gatech/qsym QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
[337星][11m] [Py] joxeankoret/nightmare A distributed fuzzing testing suite with web administration
[311星][3m] lcatro/source-and-fuzzing 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..
[306星][5m] [Py] cisco-talos/mutiny-fuzzer
[304星][9m] [Py] cisco-sas/kitty Fuzzing framework written in python
[298星][10m] [Py] mseclab/pyjfuzz PyJFuzz - Python JSON Fuzzer
[292星][5m] [Py] mozillasecurity/dharma Generation-based, context-free grammar fuzzer.
[283星][10m] [C++] gamozolabs/applepie A hypervisor for fuzzing built with WHVP and Bochs
[278星][11m] [Py] mrash/afl-cov Produce code coverage results with gcov from afl-fuzz test cases
[278星][10m] [C] samhocevar/zzuf Application fuzzer
[277星][1m] [Py] tomato42/tlsfuzzer SSL and TLS protocol test suite and fuzzer
[273星][17d] [HTML] mozillasecurity/fuzzdata Fuzzing resources for feeding various fuzzers with input.
[272星][1y] [C++] dekimir/ramfuzz Combining Unit Tests, Fuzzing, and AI
[268星][17d] [C] aflsmart/aflsmart Smart Greybox Fuzzing (
[263星][8m] [Py] mozillasecurity/peach Peach is a fuzzing framework which uses a DSL for building fuzzers and an observer based architecture to execute and monitor them.
[245星][7m] [C++] ucsb-seclab/difuze difuze: 针对 Linux 内核驱动的 Fuzzer
[239星][5m] [C] compsec-snu/razzer A Kernel fuzzer focusing on race bugs
[239星][1y] [Py] hgascon/pulsar pulsar：具有自动学习、模拟协议功能的网络 fuzzer
[230星][4m] [HTML] rootup/bfuzz Fuzzing Browsers
[222星][3m] [C] pagalaxylab/unifuzzer A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
[221星][3m] [C] dongdongshe/neuzz neural network assisted fuzzer
[214星][27d] cpuu/awesome-fuzzing A curated list of awesome Fuzzing(or Fuzz Testing) for software security
[212星][3m] [C++] lifting-bits/grr High-throughput fuzzer and emulator of DECREE binaries
[210星][4m] [C] hunter-ht-2018/ptfuzzer Improving AFL by using Intel PT to collect branch information
[207星][4m] [HTML] ajinabraham/droid-application-fuzz-framework Android application fuzzing framework with fuzzers and crash monitor.
[203星][2m] [Py] jwilk/python-afl American Fuzzy Lop fork server and instrumentation for pure-Python code

资源收集

[3792星][1m] [PHP] fuzzdb-project/fuzzdb 通过动态App安全测试来查找App安全漏洞, 算是不带扫描器的漏洞扫描器
[2864星][5m] secfigo/awesome-fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

Fuzzer

[2629星][17d] [Go] google/syzkaller 一个unsupervised、以 coverage 为导向的Linux 系统调用fuzzer
[2346星][1m] [Py] xmendez/wfuzz Web application fuzzer
[1699星][21d] [C] google/honggfuzz Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
[1051星][2m] [Py] googleprojectzero/domato ProjectZero 开源的 DOM fuzzer

漏洞利用

[3933星][3m] [Py] nullarray/autosploit Automated Mass Exploiter
[3364星][1m] [C] shellphish/how2heap how2heap：学习各种堆利用技巧的repo
[2175星][10m] [JS] secgroundzero/warberry WarBerryPi - Tactical Exploitation
[1448星][3m] [Py] epinna/tplmap 代码注入和服务器端模板注入（Server-Side Template Injection）漏洞利用，若干沙箱逃逸技巧。
[1180星][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |工具/数据库&&SQL攻击&&SQL注入/NoSQL/未分类-NoSQL |
[1080星][6m] [Go] sensepost/ruler ruler：自动化利用Exchange 服务的repo
[822星][1m] [Py] nil0x42/phpsploit Stealth post-exploitation framework
[818星][7m] [Shell] niklasb/libc-database Build a database of libc offsets to simplify exploitation
[797星][28d] [Ruby] rastating/wordpress-exploit-framework wordpress-exploit-framework：WordPress 漏洞利用框架
[792星][12d] cveproject/cvelist Pilot program for CVE submission through GitHub
[665星][10m] [JS] theori-io/pwnjs 辅助开发浏览器exploit 的 JS 模块
[600星][5m] [Java] sigploiter/sigploit Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
[568星][1y] [Py] spencerdodd/kernelpop 内核提权枚举和漏洞利用框架
[510星][8m] [Py] dark-lbp/isf 工控漏洞利用框架，基于Python
[474星][25d] [C] r0hi7/binexp Linux Binary Exploitation
[449星][5m] [Py] shellphish/rex Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge.
[429星][11m] [Py] neohapsis/bbqsql SQL Injection Exploitation Tool
[394星][20d] [Py] corkami/collisions Hash collisions and their exploitations
[378星][2m] [Py] sab0tag3d/siet Smart Install Exploitation Tool
[346星][9m] [C] wapiflapi/exrs Exercises for learning Reverse Engineering and Exploitation.
[345星][29d] [JS] fsecurelabs/dref DNS 重绑定利用框架
[315星][1y] [C] tharina/blackhoodie-2018-workshop Slides and challenges for my binary exploitation workshop at BlackHoodie 2018.
[314星][13d] [Shell] zmarch/orc Orc is a post-exploitation framework for Linux written in Bash
[300星][4m] [JS] vngkv123/asiagaming Chrome, Safari Exploitation
[288星][9m] [Py] immunit/drupwn Drupal enumeration & exploitation tool
[284星][1m] xairy/vmware-exploitation A bunch of links related to VMware escape exploits
[282星][12m] [C] str8outtaheap/heapwn Linux Heap Exploitation Practice
[280星][1y] [Py] novicelive/bintut Teach you a binary exploitation for great good.
[273星][12m] [Py] fox-it/aclpwn.py 与BloodHound交互, 识别并利用基于ACL的提权路径
[266星][22d] [Py] 0xinfection/xsrfprobe The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
[257星][3m] [HTML] sp1d3r/swf_json_csrf swf_json_csrf：简化基于 SWF的 JSON CSRF exploitation
[250星][7m] [Py] xairy/easy-linux-pwn A set of Linux binary exploitation tasks for beginners on various architectures
[243星][26d] [Py] 0xinfection/xsrfprobe The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
[231星][10m] [C] r3x/how2kernel This Repository aims at giving a basic idea about Kernel Exploitation.

Exp&&PoC

[1363星][1m] [Py] bitsadmin/wesng Windows Exploit Suggester - Next Generation
[1353星][6m] [Py] vulnerscom/getsploit Command line utility for searching and downloading exploits
[1322星][4m] [Py] lijiejie/githack git泄露利用脚本，通过泄露的.git文件夹下的文件，重建还原工程源代码
[1120星][4m] [Py] qyriad/fusee-launcher NVIDIA Tegra X1处理器Fusée Gelée漏洞exploit的launcher. (Fusée Gelée: 冷启动漏洞，允许在bootROM早期, 通过NVIDIA Tegra系列嵌入式处理器上的Tegra恢复模式(RCM)执行完整、未经验证的任意代码)
[930星][10m] [Shell] 1n3/findsploit Find exploits in local and online databases instantly
[918星][5m] [JS] reswitched/pegaswitch PegaSwitch is an exploit toolkit for the Nintendo Switch
[881星][3m] [C] theofficialflow/h-encore Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
[711星][1y] [Py] rfunix/pompem Find exploit tool
[707星][11m] [HTML] juansacco/exploitpack Exploit Pack -The next generation exploit framework
[703星][4m] [Py] rhinosecuritylabs/security-research Exploits written by the Rhino Security Labs team
[695星][6m] [C] unamer/vmware_escape VMwareWorkStation 12.5.5 之前版本的逃逸 Exploit
[681星][1y] [C] saelo/pwn2own2018 Pwn2Own 2018 Safari+macOS 漏洞利用链
[636星][4m] smgorelik/windows-rce-exploits The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams.
[621星][4m] [C++] eliboa/tegrarcmgui C++ GUI for TegraRcmSmash (Fusée Gelée exploit for Nintendo Switch)
[617星][4m] [Perl] jondonas/linux-exploit-suggester-2 Next-Generation Linux Kernel Exploit Suggester
[608星][3m] [C] matheus-garbelini/esp32_esp8266_attacks Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[607星][8m] [Py] al-azif/ps4-exploit-host Easy PS4 Exploit Hosting
[580星][1y] [JS] cryptogenic/ps4-5.05-kernel-exploit A fully implemented kernel exploit for the PS4 on 5.05FW
[580星][10m] mtivadar/windows10_ntfs_crash_dos Windows NTFS文件系统崩溃漏洞PoC
[552星][9m] [C] t00sh/rop-tool binary exploits编写辅助脚本
[544星][2m] [Py] tarunkant/gopherus This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
[523星][5m] [Py] bignerd95/chimay-red Working POC of Mikrotik exploit from Vault 7 CIA Leaks
[489星][6m] [Py] danigargu/heap-viewer 查看glibc堆, 主要用于漏洞开发
[489星][5m] [Py] metachar/phonesploit Using open Adb ports we can exploit a Andriod Device
[488星][7m] [Py] lijiejie/ds_store_exp A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
[481星][5m] [PHP] cfreal/exploits Some of my exploits.
[473星][2m] [JS] acmesec/pocbox 赏金猎人的脆弱性测试辅助平台
[472星][9m] [Py] insecurityofthings/jackit Exploit Code for Mousejack
[435星][1y] [Py] jfoote/exploitable The 'exploitable' GDB plugin. I don't work at CERT anymore, but here is the original homepage:
[431星][9m] [Shell] r00t-3xp10it/fakeimageexploiter Use a Fake image.jpg to exploit targets (hide known file extensions)
[418星][11m] [Shell] nilotpalbiswas/auto-root-exploit Auto Root Exploit Tool
[412星][3m] [Py] misterch0c/malsploitbase Malware exploits
[402星][1y] [C] ww9210/linux_kernel_exploits Repo for FUZE project. I will also publish some Linux kernel LPE exploits for various real world kernel vulnerabilities here. the samples are uploaded for education purposes for red and blue teams.
[390星][7m] [Py] jm33-m0/massexpconsole for concurrent exploiting
[383星][12m] [JS] linushenze/webkit-regex-exploit
[378星][12m] [PHP] bo0om/php_imap_open_exploit Bypassing disabled exec functions in PHP (c) CRLF
[372星][2m] [PHP] mm0r1/exploits Pwn stuff.
[349星][1m] [Shell] th3xace/sudo_killer A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
[348星][8m] [C] p0cl4bs/kadimus Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...
[339星][4m] [C] theofficialflow/trinity Trinity Exploit - Emulator Escape
[331星][6m] [C++] thezdi/poc Proofs-of-concept
[305星][1y] [Shell] jas502n/st2-057 St2-057 Poc Example
[302星][3m] [PowerShell] kevin-robertson/powermad PowerShell MachineAccountQuota and DNS exploit tools
[300星][1m] [Py] admintony/svnexploit SvnExploit支持SVN源代码泄露全版本Dump源码
[276星][1m] [C] 0xdea/exploits 研究员 0xdeadbeef 的公开exploits 收集
[275星][3m] [Shell] cryptolok/aslray Linux ELF x32/x64 ASLR DEP/NX bypass exploit with stack-spraying
[269星][1y] [Py] mwrlabs/wepwnise WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
[266星][4m] [Java] c0ny1/fastjsonexploit Fastjson vulnerability quickly exploits the framework（fastjson漏洞快速利用框架）
[263星][12m] [Py] c0rel0ader/east Exploits and Security Tools Framework 2.0.1
[251星][4m] [C] bcoles/kernel-exploits Various kernel exploits
[245星][9m] [Visual Basic] houjingyi233/office-exploit-case-study
[234星][19d] [C#] tyranid/exploitremotingservice A tool to exploit .NET Remoting Services
[219星][8m] [Py] coalfire-research/deathmetal Red team & penetration testing tools to exploit the capabilities of Intel AMT
[218星][3m] [PowerShell] byt3bl33d3r/offensivedlr Toolbox containing research notes & PoC code for weaponizing .NET's DLR
[218星][1m] [C++] soarqin/finalhe Final h-encore, a tool to push h-encore exploit for PS VITA/PS TV automatically
[215星][3m] [C] semmle/securityexploits PoC exploits from the Semmle Security Research team
[210星][1y] [Py] kurobeats/fimap fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
[207星][1y] [C] crozone/spectrepoc Proof of concept code for the Spectre CPU exploit.
[201星][6m] [Py] invictus1306/beebug A tool for checking exploitability

XSS&&XXE

收集

[2671星][5m] [JS] s0md3v/awesomexss Awesome XSS stuff
[454星][1y] [HTML] metnew/uxss-db

未分类-XSS

[7288星][25d] [Py] s0md3v/xsstrike Most advanced XSS scanner.
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/未分类-Scanner |
[1641星][10m] [JS] evilcos/xssor2 XSS'OR - Hack with JavaScript.
[1318星][3m] [Go] microcosm-cc/bluemonday a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
[705星][2m] [JS] mandatoryprogrammer/xsshunter The XSS Hunter service - a portable version of XSSHunter.com
[683星][18d] [C#] mganss/htmlsanitizer Cleans HTML to avoid XSS attacks
[674星][21d] [PHP] ssl/ezxss ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
[638星][10m] [HTML] bl4de/security_whitepapers Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
[504星][4m] [Py] opensec-cn/vtest 用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
[495星][4m] [PHP] nettitude/xss_payloads Exploitation for XSS
[477星][1y] [JS] koto/xsschef Chrome extension Exploitation Framework
[460星][12m] [C] laruence/taint Taint is a PHP extension, used for detecting XSS codes
[334星][12m] [Py] varbaek/xsser From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
[325星][7m] [Py] s0md3v/jshell JShell - Get a JavaScript shell with XSS.
[289星][1m] [JS] wicg/trusted-types A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
[287星][13d] [Py] stamparm/dsxs Damn Small XSS Scanner
[286星][13d] [PHP] voku/anti-xss
[251星][3m] [PHP] dotboris/vuejs-serverside-template-xss Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
[243星][4m] [JS] lewisardern/bxss bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
[241星][2m] [JS] antswordproject/ant 实时上线的 XSS 盲打平台

知名漏洞&&CVE&&特定产品

未分类

[1066星][28d] [Go] neex/phuip-fpizdam Exploit for CVE-2019-11043
[886星][1y] [Py] nixawk/labs 漏洞分析实验室。包含若干CVE 漏洞（CVE-2016-6277、CVE-2017-5689…）
[601星][1y] [C] scottybauer/android_kernel_cve_pocs A list of my CVE's with POCs
[562星][10m] [Py] fs0c131y/esfileexploreropenportvuln ES File Explorer Open Port Vulnerability - CVE-2019-6447
[456星][3m] [Py] blacknbunny/libssh-authentication-bypass Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH)
[449星][6m] [Py] n1xbyte/cve-2019-0708 dump
[394星][9m] [Ruby] dreadlocked/drupalgeddon2 Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 / CVE-2018-7600 / SA-CORE-2018-002)
[371星][1y] [Py] rhynorater/cve-2018-15473-exploit Exploit written in Python for CVE-2018-15473 with threading and export formats
[370星][9m] [Py] wyatu/cve-2018-20250 exp for
[357星][9m] [Go] frichetten/cve-2019-5736-poc PoC for CVE-2019-5736
[339星][1m] [PHP] opsxcq/exploit-cve-2016-10033 PHPMailer < 5.2.18 Remote Code Execution exploit and vulnerable container
[318星][8m] [Py] a2u/cve-2018-7600
[300星][10m] [Py] basucert/winboxpoc Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847)
[299星][1y] [Py] bhdresh/cve-2017-8759 Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
[299星][27d] [Py] rhinosecuritylabs/cves A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
[282星][4m] [Py] lufeirider/cve-2019-2725 CVE-2019-2725 命令回显
[281星][1y] [Py] mazen160/struts-pwn_cve-2018-11776 An exploit for Apache Struts CVE-2018-11776
[280星][4m] marcinguy/cve-2019-2107 CVE-2019-2107
[276星][11m] [Py] wyatu/cve-2018-8581 CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability
[269星][5m] [Py] ridter/exchange2domain CVE-2018-8581
[259星][1y] [C++] alpha1ab/cve-2018-8120 CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7
[253星][1m] [C] a2nkf/macos-kernel-exploit macOS Kernel Exploit for CVE-2019-8781. Credit for the bug goes to
[252星][29d] [Vue] nluedtke/linux_kernel_cves Tracking CVEs for the linux Kernel
[243星][3m] [Shell] projectzeroindia/cve-2019-11510 Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
[238星][8m] [JS] exodusintel/cve-2019-5786 FileReader Exploit
[237星][10m] [C] geosn0w/osirisjailbreak12 iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)
[234星][9m] [JS] adamyordan/cve-2019-1003000-jenkins-rce-poc Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
[211星][12m] [Py] evict/poc_cve-2018-1002105 PoC for CVE-2018-1002105.
[203星][8m] [C++] rogue-kdc/cve-2019-0841 PoC code for CVE-2019-0841 Privilege Escalation vulnerability
[200星][1y] [C] bazad/blanket CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.
[200星][2m] [Go] kotakanbe/go-cve-dictionary Build a local copy of CVE (NVD and Japanese JVN). Server mode for easy querying.

CVE

[1058星][3m] [C] zerosum0x0/cve-2019-0708 Scanner PoC for CVE-2019-0708 RDP RCE vuln

Spectre&&Meltdown

[3728星][29d] [C] iaik/meltdown This repository contains several applications, demonstrating the Meltdown bug.
[2999星][2m] [Shell] speed47/spectre-meltdown-checker 检查 Linux 主机是否受处理器漏洞Spectre & Meltdown 的影响
[531星][1y] [C] ionescu007/specucheck SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
[249星][5m] nsacyber/hardware-and-firmware-security-guidance Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

BlueKeep

[973星][3m] [Py] ekultek/bluekeep Proof of concept for CVE-2019-0708
[633星][6m] [C] robertdavidgraham/rdpscan A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
[303星][4m] [Py] algo7/bluekeep_cve-2019-0708_poc_to_exploit Porting BlueKeep PoC from
[267星][6m] [Py] k8gege/cve-2019-0708 3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)

Heartbleed

DirtyCow

Blueborne

CSRF

[1668星][4m] [JS] expressjs/csurf CSRF token middleware
[220星][11m] [PHP] paragonie/anti-csrf Full-Featured Anti-CSRF Library

容器&&Docker

[5906星][13d] [Go] quay/clair Vulnerability Static Analysis for Containers
[5905星][13d] [Go] quay/clair clair：容器（appc、docker）漏洞静态分析工具。
[661星][1y] [Shell] c0ny1/vulstudy 使用docker快速搭建各大漏洞学习平台，目前可以一键搭建12个平台。
[636星][13d] [Go] ullaakut/gorsair Gorsair hacks its way into remote docker containers that expose their APIs
[602星][6m] [Py] eliasgranderubio/dagda Docker安全套件
[475星][5m] [Go] arminc/clair-scanner Docker containers vulnerability scan
[332星][6m] [Dockerfile] mykings/docker-vulnerability-environment Use the docker to build a vulnerability environment
[299星][1y] [Dockerfile] ston3o/docker-hacklab My personal hacklab, create your own.

漏洞管理

[2381星][2m] [Py] infobyte/faraday 渗透测试和漏洞管理平台
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/渗透多合一&&渗透框架 |
[1177星][17d] [Py] cve-search/cve-search 导入CVE/CPE 到本地 MongoDB 数据库，以便后续在本地进行搜索和处理

漏洞数据库

[4770星][13d] [C] offensive-security/exploitdb The official Exploit Database repository
[1265星][2m] [PHP] friendsofphp/security-advisories A database of PHP security advisories

CORS

[2716星][8m] [JS] cyu/rack-cors Rack Middleware for handling Cross-Origin Resource Sharing (CORS), which makes cross-origin AJAX possible.

漏洞分析

特定目标

未分类-XxTarget

AWS

[4138星][3m] [Py] dxa4481/trufflehog Searches through git repositories for high entropy strings and secrets, digging deep into commit history
[3130星][17d] [Shell] toniblyx/my-arsenal-of-aws-security-tools List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
[2758星][12d] [Go] 99designs/aws-vault A vault for securely storing and accessing AWS credentials in development environments
[2633星][3m] [Java] teevity/ice AWS Usage Tool
[2347星][4m] [Go] mlabouardy/komiser
[1892星][19d] [Py] mozilla/mozdef Mozilla Enterprise Defense Platform
[1805星][20d] [Shell] toniblyx/prowler AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide:
[1597星][1y] [Py] nccgroup/scout2 Security auditing tool for AWS environments
[1374星][11m] [Py] eth0izzle/bucket-stream 通过certstream 监控多种证书 transparency 日志, 进而查找有趣的 Amazon S3 Buckets
[1161星][17d] [Py] lyft/cartography Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
[1105星][3m] [Py] rhinosecuritylabs/pacu The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
[887星][2m] [Py] sa7mon/s3scanner Scan for open AWS S3 buckets and dump the contents
[824星][5m] [Py] jordanpotti/awsbucketdump 快速枚举 AWS S3 Buckets，查找感兴趣的文件。类似于子域名爆破，但针对S3 Bucket，有额外功能，例如下载文件等
[756星][28d] [Go] rebuy-de/aws-nuke Nuke a whole AWS account and delete all its resources.
[749星][1m] [Java] tmobile/pacbot PacBot (Policy as Code Bot)
[592星][17d] [Shell] securityftw/cs-suite Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
[525星][25d] [Ruby] stelligent/cfn_nag Linting tool for CloudFormation templates
[490星][16d] [Py] salesforce/policy_sentry IAM Least Privilege Policy Generator
[480星][6m] [Py] netflix-skunkworks/diffy Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
[433星][7m] [Py] ustayready/fireprox AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
[391星][3m] [Py] duo-labs/cloudtracker CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
[382星][20d] [Py] riotgames/cloud-inquisitor Enforce ownership and data security within AWS
[365星][6m] [Py] carnal0wnage/weirdaal WeirdAAL (AWS Attack Library)
[363星][10m] [Py] awslabs/aws-security-automation Collection of scripts and resources for DevSecOps and Automated Incident Response Security
[311星][1y] [Py] securing/dumpsterdiver Tool to search secrets in various filetypes.
[273星][7m] [Py] cesar-rodriguez/terrascan Collection of security and best practice test for static code analysis of terraform templates
[264星][23d] [Py] nccgroup/pmapper A tool for quickly evaluating IAM permissions in AWS.
[224星][29d] [HCL] nozaq/terraform-aws-secure-baseline Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations.
[216星][26d] [Dockerfile] thinkst/canarytokens-docker Docker configuration to quickly setup your own Canarytokens.
[202星][2m] [Py] voulnet/barq The AWS Cloud Post Exploitation framework!

Phoenix

[810星][16d] [Elixir] nccgroup/sobelow Phoenix 框架安全方面的静态分析工具（Phoenix 框架：支持对webUI,接口, web性能,mobile app 或 mobile browser 进行自动化测试和监控的平台）

Kubernetes

[1761星][27d] [Py] aquasecurity/kube-hunter Hunt for security weaknesses in Kubernetes clusters
[379星][2m] [Shell] kabachook/k8s-security Kubernetes security notes and best practices

Azure

Nginx

[6164星][1m] [Py] yandex/gixy Nginx 配置静态分析工具，防止配置错误导致安全问题，自动化错误配置检测

ELK

[1875星][18d] [CSS] cyb3rward0g/helk 对ELK栈进行分析，具备多种高级功能，例如SQL声明性语言，图形，结构化流，机器学习等

物联网(IoT)&&嵌入式设备&&路由器&&交换机&&智能设备&&打印机

未分类-IoT

[1119星][6m] nebgnahz/awesome-iot-hacks A Collection of Hacks in IoT Space so that we can address them (hopefully).
[817星][14d] v33ru/iotsecurity101 From IoT Pentesting to IoT Security
[791星][30d] [Py] ct-open-source/tuya-convert A collection of scripts to flash Tuya IoT devices to alternative firmwares
[582星][8m] [Py] woj-ciech/danger-zone Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files.
[465星][2m] [Py] iti/ics-security-tools Tools, tips, tricks, and more for exploring ICS Security.
[437星][18d] [Py] rabobank-cdc/dettect Detect Tactics, Techniques & Combat Threats
[330星][1y] [Py] vmware/liota
[307星][1m] [Java] erudika/para Open source back-end server for web, mobile and IoT. The backend for busy developers. (self-hosted or hosted)

打印机

路由器&&交换机

嵌入式设备

[7428星][3m] [Py] threat9/routersploit Exploitation Framework for Embedded Devices

通信&&代理&&反向代理&&隧道

未分类-Proxy

[19800星][2m] [Shell] streisandeffect/streisand Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
[16743星][18d] [Py] mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[10723星][13d] getlantern/download 蓝灯Windows下载
[5481星][3m] [C] rofl0r/proxychains-ng proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
[4915星][13d] [Go] dnscrypt/dnscrypt-proxy 灵活的DNS代理，支持现代的加密DNS协议，例如：DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt.
[4662星][28d] [Go] alexellis/inlets Expose your local endpoints to the Internet
[4468星][22d] [C] jedisct1/dsvpn A Dead Simple VPN.
[4223星][5m] [Go] ginuerzh/gost GO语言实现的安全隧道
[4039星][4m] [Py] spiderclub/haipproxy
[3592星][2m] hq450/fancyss_history_package 科学上网插件的离线安装包储存在这里
[3348星][4m] [Go] jpillora/chisel 基于HTTP的快速 TCP 隧道
[2804星][8m] [C++] wangyu-/udpspeeder A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
[2468星][3m] [C] yrutschle/sslh Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
[2450星][17d] [Shell] teddysun/across This is a shell script for configure and start WireGuard VPN server
[2352星][6m] [Lua] snabbco/snabb Simple and fast packet networking
[2133星][1m] [Go] mmatczuk/go-http-tunnel Fast and secure tunnels over HTTP/2
[1874星][4m] [C] darkk/redsocks transparent TCP-to-proxy redirector
[1844星][1y] [Py] aploium/zmirror The next-gen reverse proxy for full site mirroring
[1813星][3m] [C] tinyproxy/tinyproxy a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
[1678星][9m] [Py] constverum/proxybroker Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS
[1665星][4m] [C] networkprotocol/netcode.io A protocol for secure client/server connections over UDP
[1611星][6m] [Go] sipt/shuttle A web proxy in Golang with amazing features.
[1495星][1m] [C] ntop/n2n Peer-to-peer VPN
[1448星][7m] [C++] wangyu-/tinyfecvpn A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
[1334星][1m] [Go] davrodpin/mole cli app to create ssh tunnels
[1308星][12m] [C] madeye/proxydroid Global Proxy for Android
[1222星][4m] [JS] bubenshchykov/ngrok Expose your localhost to the web. Node wrapper for ngrok.
[1199星][21d] [Objective-C] onionbrowser/onionbrowser An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network
[1048星][5m] [C] tcurdt/iproxy Let's you connect your laptop to the iPhone to surf the web.
[1042星][28d] [Go] pusher/oauth2_proxy A reverse proxy that provides authentication with Google, Github or other providers. #Hacktoberfest
[999星][7m] [Go] adtac/autovpn THIS PROJECT IS UNMAINTAINED.
[946星][9m] [JS] lukechilds/reverse-shell Reverse Shell as a Service
[927星][3m] [Py] christophetd/cloudflair a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should
[836星][2m] [Py] anorov/pysocks A SOCKS proxy client and wrapper for Python.
[810星][1m] [Go] henson/proxypool Golang实现的IP代理池
[790星][3m] [Py] secforce/tunna Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
[753星][1m] [C#] justcoding121/titanium-web-proxy A cross-platform asynchronous HTTP(S) proxy server in C#.
[738星][30d] [Shell] zfl9/ss-tproxy SS/SSR/V2Ray/Socks5 透明代理 for Linux
[737星][1m] [C#] damianh/proxykit A toolkit to create code-first HTTP reverse proxies on ASP.NET Core
[674星][1m] [Go] dliv3/venom Venom - A Multi-hop Proxy for Penetration Testers
[674星][24d] [JS] mellow-io/mellow Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
[664星][19d] [Kotlin] mygod/vpnhotspot Share your VPN connection over hotspot or repeater! (root required)
[651星][27d] [Py] abhinavsingh/proxy.py ⚡⚡⚡Fast, Lightweight, Programmable, TLS interception capable proxy server for your Home and Application debugging, testing and development
[616星][4m] [JS] derhuerst/tcp-over-websockets Tunnel TCP through WebSockets.
[574星][4m] [Py] trustedsec/trevorc2 trevorc2：通过正常的可浏览的网站隐藏 C&C 指令的客户端/服务器模型，因为时间间隔不同，检测变得更加困难，并且获取主机数据时不会使用 POST 请求
[568星][12d] [Go] cloudflare/cloudflared Argo Tunnel client
[558星][8m] [JS] blinksocks/blinksocks A framework for building composable proxy protocol stack.
[556星][27d] clarketm/proxy-list A list of free, public, forward proxy servers. UPDATED DAILY!
[545星][1y] [Py] fate0/getproxy 是一个抓取发放代理网站，获取 http/https 代理的程序
[513星][10m] [Erlang] heroku/vegur HTTP Proxy Library
[473星][1y] [Go] yinqiwen/gsnova Private proxy solution & network troubleshooting tool.
[449星][28d] [Py] aidaho12/haproxy-wi Web interface for managing Haproxy servers
[397星][9m] [Go] evilsocket/shellz shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
[382星][1y] [Ruby] aphyr/tund SSH reverse tunnel daemon
[361星][1m] [Py] lyft/metadataproxy A proxy for AWS's metadata service that gives out scoped IAM credentials from STS
[355星][1y] [C] emptymonkey/revsh A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
[345星][6m] [Go] coreos/jwtproxy An HTTP-Proxy that adds AuthN through JWTs
[336星][8m] [Py] iphelix/dnschef dnschef：DNS 代理，用于渗透测试和恶意代码分析
[331星][6m] [Py] fbkcs/thunderdns 使用DNS协议转发TCP流量. Python编写, 无需编译客户端, 支持socks5
[325星][4m] [Go] sysdream/hershell Go 语言编写的反向 Shell
[320星][9m] [JS] mhzed/wstunnel tunnel over websocket
[301星][4m] [Py] rootviii/proxy_requests a class that uses scraped proxies to make an http GET/POST request (Python requests)
[293星][2m] [JS] bettercap/caplets 使用.cap脚本, 自动化bettercap的交互式会话
[290星][8m] [C] basil00/reqrypt reqrypt：HTTP 请求 tunneling 工具
[289星][2m] [Py] covertcodes/multitun Tunnel arbitrary traffic through an innocuous WebSocket. Clients can 'see' each other, resulting in a stealth WebSocket VPN.
[278星][11m] [C] dgoulet/torsocks Library to torify application - NOTE: upstream has been moved to
[276星][5m] [Py] mthbernardes/rsg 多种方式生成反向Shell
[273星][12d] a2u/free-proxy-list
[273星][9m] [Py] chenjiandongx/async-proxy-pool
[272星][4m] [Go] suyashkumar/ssl-proxy
[257星][8m] [C] rofl0r/microsocks tiny, portable SOCKS5 server with very moderate resource usage
[254星][3m] [Py] fwkz/riposte Python package for wrapping applications inside a tailored interactive shell
[245星][4m] [Shell] thesecondsun/revssl A simple script that automates generation of OpenSSL reverse shells
[242星][17d] [Go] adguardteam/dnsproxy Simple DNS proxy with DoH, DoT, and DNSCrypt support
[242星][4m] [Go] lesnuages/hershell Multiplatform reverse shell generator
[241星][9m] [C] pegasuslab/ghosttunnel GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment.
[236星][11m] [Go] fardog/secureoperator A DNS-protocol proxy for DNS-over-HTTPS providers, such as Google and Cloudflare
[224星][1m] [Ruby] zt2/sqli-hunter SQLi-Hunter is a simple HTTP proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
[216星][1y] [PHP] softius/php-cross-domain-proxy PHP Proxy for Cross Domain Requests
[213星][8m] [Go] joncooperworks/judas a phishing proxy
[207星][9m] [Go] justmao945/mallory HTTP/HTTPS proxy over SSH
[202星][1y] [C#] damonmohammadbagher/nativepayload_dns C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses

翻墙&&GFW

未分类

[2918星][11m] [Shell] 91yun/serverspeeder 锐速破解版

翻墙

[12874星][8m] [JS] bannedbook/fanqiang 翻墙-科学上网
[6211星][20d] [Py] h2y/shadowrocket-adblock-rules 提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。
[3046星][4m] [Shell] softwaredownload/openwrt-fanqiang 最好的路由器翻墙、科学上网教程—OpenWrt—shadowsocks

GFW

[14484星][21d] gfwlist/gfwlist gfwlist
[3531星][14d] acl4ssr/acl4ssr SSR 去广告ACL规则/SS完整GFWList规则，Telegram频道订阅地址
[2482星][2m] [C++] trojan-gfw/trojan An unidentifiable mechanism that helps you bypass GFW.
[202星][16d] [Shell] zfl9/gfwlist2privoxy 将 gfwlist.txt（Adblock Plus 规则）转换为 privoxy.action

代理

[7149星][14d] [Go] snail007/goproxy Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理，代理API认证，全能跨平台代理服务器。
[5971星][14d] [JS] avwo/whistle 基于Node实现的跨平台抓包调试代理工具（HTTP, HTTP2, HTTPS, Websocket）
[1380星][1m] [C] z3apa3a/3proxy 3proxy - tiny free proxy server
[304星][17d] [Shell] brainfucksec/kalitorify Transparent proxy through Tor for Kali Linux OS

反向代理&&穿透

[29549星][23d] [Go] fatedier/frp 快速的反向代理, 将NAT或防火墙之后的本地服务器暴露到公网
[9114星][2m] [JS] localtunnel/localtunnel expose yourself
[8706星][2m] [Go] cnlh/nps 一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发，支持内网http代理、内网socks5代理，同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理，集成多用户模式。
[4887星][10m] [Go] bitly/oauth2_proxy 反向代理，静态文件服务器，提供Providers(Google/Github)认证
[3521星][1m] [Java] ffay/lanproxy lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具，支持tcp流量转发，可支持任何tcp上层协议（访问内网网站、本地支付接口调试、ssh访问、远程桌面...）。目前市面上提供类似服务的有花生壳、TeamView、GoToMyCloud等等，但要使用第三方的公网服务器就必须为第三方付费，并且这些服务都有各种各样的限制，此外，由于数据包会流经第三方，因此对数据安全也是一大隐患。技术交流QQ群 946273429
[2586星][1m] [C++] fanout/pushpin Reverse proxy for realtime web services
[2476星][5m] [Go] drk1wi/modlishka Modlishka. Reverse Proxy.
[656星][4m] [Py] aploium/shootback a reverse TCP tunnel let you access target behind NAT or firewall

隧道

[3271星][4m] [C++] wangyu-/udp2raw-tunnel udp2raw-tunnel：udp 打洞。通过raw socket给UDP包加上TCP或ICMP header，进而绕过UDP屏蔽或QoS，或在UDP不稳定的环境下提升稳定性
[3131星][3m] [C] yarrick/iodine 通过DNS服务器传输(tunnel)IPV4数据
[1779星][5m] [C++] iagox86/dnscat2 dnscat2：在 DNS 协议上创建加密的 C&C channel

代理爬取&&代理池

[4882星][1y] [Go] yinghuocho/firefly-proxy A proxy software to help circumventing the Great Firewall.

匿名网络

未分类

Tor&&&Onion&&洋葱

[1302星][1m] [C++] purplei2p/i2pd a full-featured C++ implementation of I2P client
[423星][2m] [Py] nullhypothesis/exitmap A fast and modular scanner for Tor exit relays.
[406星][13d] [Awk] alecmuffett/eotk Enterprise Onion Toolkit
[387星][1m] [JS] ayms/node-tor Javascript implementation of the Tor (or Tor like) anonymizer project (The Onion Router)
[377星][1m] [Py] maqp/tfc Tinfoil Chat - Onion-routed, endpoint secure messaging system
[353星][2m] [Py] micahflee/torbrowser-launcher Securely and easily download, verify, install, and launch Tor Browser in Linux
[286星][28d] [Perl] alecmuffett/real-world-onion-sites An index of the non-dark web...
[261星][9m] [C++] wbenny/mini-tor mini-tor：使用 MSCNG/CryptoAPI 实现的 Tor 协议
[250星][30d] [C] basil00/torwall Tallow - Transparent Tor for Windows
[219星][5m] [Py] ruped24/toriptables2 Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the Tor network.

Socks&&ShadowSocksXx

[25047星][14d] [Swift] shadowsocks/shadowsocksx-ng Next Generation of ShadowsocksX
[12355星][1m] [C] shadowsocks/shadowsocks-libev libev port of shadowsocks
[7061星][7m] [Shell] teddysun/shadowsocks_install Auto Install Shadowsocks Server for CentOS/Debian/Ubuntu
[4154星][15d] [Swift] yanue/v2rayu V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等
[3797星][29d] [JS] shadowsocks/shadowsocks-manager A shadowsocks manager tool for multi user and traffic control.
[3174星][15d] [Smarty] anankke/sspanel-uim 专为 Shadowsocks / ShadowsocksR / V2Ray 设计的多用户管理面板
[2946星][1m] [Go] gwuhaolin/lightsocks 轻量级网络混淆代理，基于 SOCKS5 协议，可用来代替 Shadowsocks
[2751星][24d] [Makefile] shadowsocks/openwrt-shadowsocks Shadowsocks-libev for OpenWrt/LEDE
[2300星][10m] [C] haad/proxychains a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
[2029星][15d] [C#] netchx/netch Game accelerator. Support Socks5, Shadowsocks, ShadowsocksR, V2Ray protocol. UDP NAT FullCone
[1821星][3m] [C] shadowsocks/simple-obfs A simple obfuscating tool (Deprecated)
[1683星][1y] [Swift] haxpor/potatso Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork
[1621星][17d] [Py] ehco1996/django-sspanel 用diango开发的全新的shadowsocks网络面板
[1567星][16d] [C#] hmbsbige/shadowsocksr-windows 【自用】Bug-Oriented Programming
[1306星][4m] [Rust] shadowsocks/shadowsocks-rust A Rust port of shadowsocks
[1177星][6m] ssrbackup/shadowsocks-rss Shadowsocksr project backup
[1068星][1m] jadagates/shadowsocksbio 记录一下SS的前世今生，以及一个简单的教程总结
[922星][1y] [Shell] ywb94/openwrt-ssr ShadowsocksR-libev for OpenWrt
[900星][1y] [Go] huacnlee/flora-kit 基于 shadowsocks-go 做的完善实现，完全兼容 Surge 的配置文件
[899星][2m] zhaoweih/shadowsocks-tutorial
[840星][11m] [PHP] walkor/shadowsocks-php A php port of shadowsocks based on workerman. A socks5 proxy written in PHP.
[830星][1m] [C] shadowsocksr-live/shadowsocksr-native 从容翻越党国敏感日 ShadowsocksR (SSR) native implementation for all platforms, GFW terminator
[730星][6m] [Go] cbeuw/goquiet A Shadowsocks obfuscation plugin utilising domain fronting to evade deep packet inspection
[517星][9m] [JS] mrluanma/shadowsocks-heroku shadowsocks over WebSocket, support Heroku.
[421星][2m] [PowerShell] p3nt4/invoke-socksproxy Socks proxy server using powershell. Supports local and reverse connections for pivoting.
[402星][3m] [JS] lolimay/shadowsocks-deepin
[374星][1y] [Go] riobard/go-shadowsocks2 Experimental Shadowsocks in Go. Stable fork at
[337星][16d] [Py] leitbogioro/ssr.go A new shadowsocksR config manager
[318星][3m] [Py] qwj/python-proxy HTTP/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.
[301星][13d] [Shell] loyess/shell Shadowsocks-libev with plugins one-click installation. For example: v2ray-plugin, kcptun, simple-obfs, goquiet, cloak...
[250星][4m] [Py] fsgmhoward/shadowsocks-py-mu A fast tunnel proxy server for multiple users

V2Ray

[23571星][28d] [Go] v2ray/v2ray-core A platform for building proxies to bypass network restrictions.
[2804星][2m] [Dockerfile] thinkdevelop/free-ss-ssr SS账号、SSR账号、V2Ray账号
[2484星][2m] [Py] jrohy/multi-v2ray v2ray easy delpoy & manage tool， support multiple user & protocol manage
[1656星][1m] [Shell] wulabing/v2ray_ws-tls_bash_onekey V2Ray Nginx+vmess+ws+tls/ http2 over tls 一键安装脚本
[1556星][4m] [CSS] functionclub/v2ray.fun 正在开发的全新 V2ray.Fun
[1432星][12d] selierlin/share-ssr-v2ray
[1070星][1m] [Go] xiaoming2028/freenet 科学上网/梯子/自由上网/翻墙 SSR/V2Ray/Brook 最全搭建教程
[783星][16d] [HTML] sprov065/v2-ui 支持多协议多用户的 v2ray 面板，Support multi-protocol multi-user v2ray panel
[589星][21d] [Shell] toutyrater/v2ray-guide
[553星][29d] ntkernel/lantern V2Ray配置文件，蓝灯(Lantern)破解，手机版+win版
[360星][2m] [Dockerfile] onplus/v2hero All Free . Deploy V2Ray to Heroku . v2ray学习参考
[307星][2m] [Shell] zw963/asuswrt-merlin-transparent-proxy transparent proxy base on ss, v2ray, ipset, iptables, chinadns on asuswrt merlin.
[256星][24d] [Py] jiangxufeng/v2rayl v2ray linux GUI客户端，支持订阅、vemss、ss等协议，自动更新订阅、检查版本更新

VPN

[419星][19d] hugetiny/awesome-vpn A curated list of awesome free VPNs and proxies.免费的代理,科学上网,翻墙，梯子大集合

渗透&&offensive&&渗透框架&&后渗透框架

未分类-Pentest

[3005星][3m] [Py] spiderlabs/responder LLMNR/NBT-NS/MDNS投毒，内置HTTP/SMB/MSSQL/FTP/LDAP认证服务器, 支持NTLMv1/NTLMv2/LMv2
[2013星][1m] [C++] lordnoteworthy/al-khaser Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- 重复区段: 工具/恶意代码&&Malware&&APT |
[1721星][1m] [Go] chaitin/xray xray 安全评估工具
[1444星][1m] [C] ufrisk/pcileech 直接内存访问（DMA：Direct Memory Access）攻击工具。通过 PCIe 硬件设备使用 DMA，直接读写目标系统的内存。目标系统不需要安装驱动。
[1393星][4m] yadox666/the-hackers-hardware-toolkit The best hacker's gadgets for Red Team pentesters and security researchers.
[1361星][2m] [Py] ekultek/whatwaf Detect and bypass web application firewalls and protection systems
[1212星][3m] [Py] owtf/owtf 进攻性 Web 测试框架。着重于 OWASP + PTES，尝试统合强大的工具，提高渗透测试的效率。大部分以Python 编写
[945星][19d] [C] bt3gl/pentesting-toolkit Tools for pentesting, CTFs & wargames.
- 重复区段: 工具/CTF&&HTB/收集 |
[943星][4m] [Py] hatriot/zarp 网络攻击工具，主要是本地网络攻击
[918星][1m] [Py] d4vinci/one-lin3r 轻量级框架，提供在渗透测试中需要的所有one-liners
[808星][1m] [Py] jeffzh3ng/fuxi Penetration Testing Platform
[784星][6m] [Py] jivoi/pentest
[728星][7m] [Py] gkbrk/slowloris Low bandwidth DoS tool. Slowloris rewrite in Python.
[687星][16d] voorivex/pentest-guide Penetration tests guide based on OWASP including test cases, resources and examples.
[666星][5m] leezj9671/pentest_interview 个人准备渗透测试和安全面试的经验之谈，和去部分厂商的面试题，干货真的满满~
[610星][9m] [Py] epsylon/ufonet UFONet - Denial of Service Toolkit
[489星][13d] netbiosx/checklists Pentesting checklists for various engagements
[487星][16d] [Ruby] hackplayers/evil-winrm The ultimate WinRM shell for hacking/pentesting
[487星][1y] [Shell] leonteale/pentestpackage a package of Pentest scripts I have made or commonly use
[479星][10m] [Ruby] sidaf/homebrew-pentest Homebrew Tap - Pen Test Tools
[464星][7m] [Java] alpha1e0/pentestdb WEB渗透测试数据库
[459星][2m] [C++] fsecurelabs/c3 Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
[457星][10m] [PHP] l3m0n/pentest_tools 收集一些小型实用的工具
[444星][15d] [C++] danielkrupinski/osiris Free open-source training software / cheat for Counter-Strike: Global Offensive, written in modern C++. GUI powered by imgui.
[439星][7m] [C++] rek7/mxtract Offensive Memory Extractor & Analyzer
[432星][3m] mel0day/redteam-bcs BCS（北京网络安全大会）2019 红队行动会议重点内容
[414星][18d] [PHP] gwen001/pentest-tools Custom pentesting tools
[404星][1m] [Py] admintony/prepare-for-awd AWD攻防赛脚本集合
[401星][9m] [Py] christruncer/pentestscripts Scripts that are useful for me on pen tests
[398星][27d] [PowerShell] s3cur3th1ssh1t/winpwn Automation for internal Windows Penetrationtest / AD-Security
[388星][12m] [Py] cr4shcod3/pureblood A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
[386星][9m] [Go] amyangxyz/assassingo An extensible and concurrency pentest framework in Go, also with WebGUI. Feel free to CONTRIBUTE!
[385星][3m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
- 重复区段: 工具/移动&&Mobile/iOS&&MacOS&&iPhone&&iPad&&iWatch |
[385星][23d] [Py] clr2of8/dpat Domain Password Audit Tool for Pentesters
[378星][6m] unprovable/pentesthardware Kinda useful notes collated together publicly
[371星][8m] [C] ridter/pentest tools
[368星][4m] [C#] bitsadmin/nopowershell 使用C#"重写"的PowerShell, 支持执行与PowerShell类似的命令, 然而对所有的PowerShell日志机制都不可见
[350星][2m] [Shell] maldevel/pentestkit Useful tools and scripts used during Penetration Tests.
[346星][10m] [Py] darkspiritz/darkspiritz A penetration testing framework for Linux, MacOS, and Windows systems.
[341星][15d] [Py] ym2011/pest this is some pentest script based on python, just simple but useful, maybe it can help you do something else. just have a try
[338星][3m] [Py] xuanhun/pythonhackingbook1 Python黑客编程之极速入门
[337星][1y] [Java] rub-nds/ws-attacker WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (
[327星][1y] [PowerShell] rootclay/powershell-attack-guide Powershell攻击指南----黑客后渗透之道
[320星][2m] [PowerShell] kmkz/pentesting Tricks for penetration testing
[316星][28d] [Py] m8r0wn/nullinux nullinux：SMB null 会话识别和枚举工具
[307星][2m] [PowerShell] d0nkeys/redteam Red Team Scripts by d0nkeys (ex SnadoTeam)
[300星][3m] [HTML] koutto/jok3r Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
[298星][2m] [Ruby] fozavci/viproy-voipkit VoIP渗透测试工具和 Metasploit 框架
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/Metasploit/未分类-metasploit |
[295星][11m] stardustsky/saidict 弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
[292星][27d] [Lua] pentesteracademy/patoolkit PA Toolkit is a collection of traffic analysis plugins focused on security
[286星][1y] [C++] paranoidninja/pandoras-box This repo contains my custom scripts for Penetration Testing and Red Team Assessments. I will keep on updating this repo as and when I get time.
[283星][1m] [Py] bishopfox/eyeballer Convolutional neural network for analyzing pentest screenshots
- 重复区段: 工具/人工智能&&机器学习&&深度学习&&神经网络/未分类-AI |
[267星][18d] [Go] rmikehodges/hidensneak a CLI for ephemeral penetration testing
[252星][13d] anyeduke/enterprise-security-skill 用于记录企业安全规划，建设，运营，攻防的相关资源
[251星][3m] [Py] giantbranch/python-hacker-code 《python黑帽子：黑客与渗透测试编程之道》代码及实验文件，字典等
[240星][2m] [Shell] leviathan36/kaboom An automated pentest tool
[238星][25d] [PowerShell] sdcampbell/internal-pentest-playbook Internal Network Penetration Test Playbook
[225星][8m] [Go] stevenaldinger/decker Declarative penetration testing orchestration framework
[216星][5m] [Py] mgeeky/tomcatwardeployer Apache Tomcat auto WAR deployment & pwning penetration testing tool.
[211星][19d] [JS] giper45/dockersecurityplayground A Microservices-based framework for the study of Network Security and Penetration Test techniques

收集

[903星][8m] [C] 0x90/wifi-arsenal WiFi arsenal
[803星][2m] [Shell] shr3ddersec/shr3dkit Red Team Tool Kit
[537星][6m] [Py] 0xdea/tactical-exploitation 渗透测试辅助工具包. Python/PowerShell脚本

无线&&WiFi&&AP&&802.11

未分类-WiFi

[8337星][17d] [Py] wifiphisher/wifiphisher 流氓AP框架, 用于RedTeam和Wi-Fi安全测试
- 重复区段: 工具/社工(SET)&&钓鱼&&鱼叉攻击/钓鱼&&Phish |
[6109星][9m] [Py] schollz/howmanypeoplearearound 检测 Wifi 信号统计你周围的人数
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |
[5597星][1m] [C] spacehuhn/esp8266_deauther 使用ESP8266 制作Wifi干扰器
[4313星][27d] [Py] jopohl/urh Universal Radio Hacker: investigate wireless protocols like a boss
[2723星][1y] [C] vanhoefm/krackattacks-scripts 检测客户端和AP是否受KRACK漏洞影响
[2706星][8m] [Py] p0cl4bs/wifi-pumpkin AP攻击框架, 创建虚假网络, 取消验证攻击、请求和凭证监控、透明代理、Windows更新攻击、钓鱼管理、ARP投毒、DNS嗅探、Pumpkin代理、动态图片捕获等
[2480星][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- 重复区段: 工具/人工智能&&机器学习&&深度学习&&神经网络/未分类-AI |工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[2433星][2m] [C] martin-ger/esp_wifi_repeater A full functional WiFi Repeater (correctly: a WiFi NAT Router)
[2374星][1y] [Py] danmcinerney/lans.py Inject code and spy on wifi users
[2194星][22d] [Shell] v1s1t0r1sh3r3/airgeddon This is a multi-use bash script for Linux systems to audit wireless networks.
[1816星][1y] [Py] derv82/wifite2 无线网络审计工具wifite 的升级版/重制版
[1799星][4m] [Shell] arismelachroinos/lscript 自动化无线渗透和Hacking 任务的脚本
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/自动化 |
[1527星][1m] [Py] k4m4/kickthemout 使用ARP欺骗，将设备从网络中踢出去
[1525星][1y] [HTML] qiwihui/hiwifi-ss 极路由+ss配置
[1244星][1m] [C] seemoo-lab/nexmon The C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips that enables Monitor Mode, Frame Injection and much more
[1219星][12d] [C] aircrack-ng/aircrack-ng WiFi security auditing tools suite
[1022星][1m] [C] t6x/reaver-wps-fork-t6x 攻击 Wi-Fi Protected Setup (WPS)，恢复 WPA/WPA2 密码
[998星][12m] [Py] entropy1337/infernal-twin 自动化无线Hack 工具
[987星][1y] [Py] tylous/sniffair 无线渗透框架. 解析被动收集的无线数据, 执行复杂的无线攻击
[983星][1y] [HTML] sensepost/mana DEPRECATED mana toolkit for wifi rogue AP attacks and MitM
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[977星][14d] [C] s0lst1c3/eaphammer 针对WPA2-Enterprise 网络的定向双重攻击（evil twin attacks）
[903星][1m] [TeX] ethereum/yellowpaper The "Yellow Paper": Ethereum's formal specification
[818星][2m] [C] spacehuhn/wifi_ducky Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
[796星][1y] [Objective-C] igrsoft/kismac2 KisMAC is a free, open source wireless stumbling and security tool for Mac OS X.
[766星][22d] [Py] konradit/gopro-py-api Unofficial GoPro API Library for Python - connect to GoPro via WiFi.
[755星][7m] [Py] misterbianco/boopsuite 无线审计与安全测试
[676星][10m] [Objective-C] unixpickle/jamwifi A GUI, easy to use WiFi network jammer for Mac OS X
[649星][7m] [C] wifidog/wifidog-gateway Repository for the wifidog-gateway captive portal designed for embedded systems
[608星][3m] [C] matheus-garbelini/esp32_esp8266_attacks Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞利用/Exp&&PoC |
[502星][14d] [C++] cyberman54/esp32-paxcounter Wifi & BLE driven passenger flow metering with cheap ESP32 boards
[463星][2m] [Shell] staz0t/hashcatch Capture handshakes of nearby WiFi networks automatically
[455星][3m] [Java] lennartkoopmann/nzyme 直接收集空中的802.11 管理帧，并将其发送到 Graylog，用于WiFi IDS, 监控, 及事件响应。（Graylog：开源的日志管理系统）
[450星][1m] [Py] savio-code/fern-wifi-cracker 无线安全审计和攻击工具, 能破解/恢复 WEP/WPA/WPSkey等
[396星][18d] [C] freifunk-gluon/gluon a modular framework for creating OpenWrt-based firmwares for wireless mesh nodes
[387星][1y] [Py] jpaulmora/pyrit The famous WPA precomputed cracker, Migrated from Google.
[373星][3m] [C++] bastibl/gr-ieee802-11 IEEE 802.11 a/g/p Transceiver
[320星][2m] [Shell] vanhoefm/modwifi
[316星][2m] [Java] wiglenet/wigle-wifi-wardriving Nethugging client for Android, from wigle.net
[310星][3m] [TeX] chronaeon/beigepaper Rewrite of the Yellowpaper in non-Yellowpaper syntax.
[266星][6m] [C] br101/horst “horst” - lightweight IEEE802.11 wireless LAN analyzer with a text interface
[265星][2m] [C] sensepost/hostapd-mana SensePost's modified hostapd for wifi attacks.
[253星][1y] [Py] wipi-hunter/pidense Monitor illegal wireless network activities.
[237星][7m] [Py] lionsec/wifresti Find your wireless network password in Windows , Linux and Mac OS
[234星][2m] [C] mame82/logitacker Enumerate and test Logitech wireless input devices for vulnerabilities with a nRF52840 radio dongle.
[218星][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- 重复区段: 工具/蓝牙&&Bluetooth |工具/浏览嗅探&&流量拦截&&流量分析&&中间人/未分类-Network |

WPS&&WPA&&WPA2

[302星][4m] [Py] hash3lizer/wifibroot A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication)

802.11

Payload&&远控&&RAT

未分类-payload

[1231星][19d] [PowerShell] hak5/bashbunny-payloads The Official Bash Bunny Payload Repository
[962星][27d] [C] zardus/preeny Some helpful preload libraries for pwning stuff.
[560星][10m] [Py] genetic-malware/ebowla Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
[529星][2m] [C++] screetsec/brutal Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
[438星][12d] [Py] ctxis/cape Malware Configuration And Payload Extraction
[339星][11m] [JS] gabemarshall/brosec Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.
[259星][3m] [Py] felixweyne/imaginaryc2 Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
[234星][3m] cujanovic/markdown-xss-payloads XSS payloads for exploiting Markdown syntax
[229星][17d] cujanovic/open-redirect-payloads Open Redirect Payloads
[226星][5m] cr0hn/nosqlinjection_wordlists This repository contains payload to test NoSQL Injections
[216星][2m] [Py] whitel1st/docem Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
[210星][1m] [Py] brent-stone/can_reverse_engineering Automated Payload Reverse Engineering Pipeline for the Controller Area Network (CAN) protocol
[210星][24d] [C] shchmue/lockpick_rcm Nintendo Switch encryption key derivation bare metal RCM payload
[210星][20d] [PHP] zigoo0/jsonbee A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

Payload收集

[21409星][14d] [PHP] danielmiessler/seclists 多种类型资源收集：用户名、密码、URL、敏感数据类型、Fuzzing Payload、WebShell等
- 重复区段: 工具/webshell/收集 |工具/wordlist/收集 |
[10579星][14d] [Py] swisskyrepo/payloadsallthethings A list of useful payloads and bypass for Web Application Security and Pentest/CTF
[1994星][8m] [Shell] foospidy/payloads payloads：web 攻击 Payload 集合
[1989星][26d] edoverflow/bugbounty-cheatsheet A list of interesting payloads, tips and tricks for bug bounty hunters.
[1856星][10m] [PHP] bartblaze/php-backdoors A collection of PHP backdoors. For educational or testing purposes only.
[717星][2m] [HTML] ismailtasdelen/xss-payload-list XSS 漏洞Payload列表
[367星][2m] renwax23/xss-payloads List of XSS Vectors/Payloads
[272星][3m] [Py] thekingofduck/easyxsspayload XssPayload List . Usage:
[238星][3m] payloadbox/command-injection-payload-list

远控&&RAT

[5045星][3m] [Py] n1nj4sec/pupy Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
[1696星][6m] [Smali] ahmyth/ahmyth-android-rat Android Remote Administration Tool
[1306星][1y] [Py] marten4n6/evilosx An evil RAT (Remote Administration Tool) for macOS / OS X.
[763星][22d] [Py] kevthehermit/ratdecoders Python Decoders for Common Remote Access Trojans
[597星][1y] [PowerShell] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
[477星][5m] [Visual Basic] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
[352星][2m] [C++] werkamsus/lilith Lilith, The Open Source C++ Remote Administration Tool (RAT)
[307星][5m] [Py] mvrozanti/rat-via-telegram Windows Remote Administration Tool via Telegram
[271星][1m] [C#] nyan-x-cat/asyncrat-c-sharp Open-Source Remote Administration Tool For Windows C# (RAT)
[269星][3m] [C++] yuanyuanxiang/simpleremoter 基于gh0st的远程控制器：实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能，优化全部代码及整理排版，修复内存泄漏缺陷，程序运行稳定。此项目初版见：

Payload生成

[3268星][2m] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/后渗透/未分类-post-exp |
[2591星][3m] [Java] frohoff/ysoserial 生成会利用不安全的Java对象反序列化的Payload
[1741星][21d] [Shell] leebaird/discover 自定义的bash脚本, 用于自动化多个渗透测试任务, 包括: 侦查、扫描、解析、在Metasploit中创建恶意Payload和Listener
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/自动化 |工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |工具/渗透&&offensive&&渗透框架&&后渗透框架/Metasploit/未分类-metasploit |
[1061星][5m] [Py] nccgroup/winpayloads Undetectable Windows Payload Generation
[1003星][1y] [Py] d4vinci/dr0p1t-framework 创建免杀的Dropper
[857星][10m] [Visual Basic] mdsecactivebreach/sharpshooter Payload Generation Framework
[816星][6m] [Go] tiagorlampert/chaos a PoC that allow generate payloads and control remote operating system
[810星][2m] [PHP] ambionics/phpggc PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
[794星][1m] [C#] pwntester/ysoserial.net ysoserial.net：生成Payload，恶意利用不安全的 .NET 对象反序列化
[733星][12m] [Py] oddcod3/phantom-evasion Python AV evasion tool capable to generate FUD executable even with the most common 32 bit metasploit payload(exe/elf/dmg/apk)
[684星][3m] [Py] sevagas/macro_pack 自动生成并混淆MS 文档, 用于渗透测试、演示、社会工程评估等
[618星][8m] [Shell] g0tmi1k/mpc MSFvenom Payload Creator (MSFPC)
[560星][14d] [C] thewover/donut Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
[397星][28d] [Perl] chinarulezzz/pixload Image Payload Creating/Injecting tools
[287星][7m] [Py] 0xacb/viewgen viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
[268星][1y] [Shell] abedalqaderswedan1/aswcrypter An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far [FUD]
[262星][1y] [Java] ewilded/shelling SHELLING - a comprehensive OS command injection payload generator
[222星][1y] [Java] ewilded/psychopath psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.

Botnet&&僵尸网络

[3690星][3m] [Py] malwaredllc/byob BYOB (Build Your Own Botnet)
[2135星][1y] [C++] maestron/botnets This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
[390星][19d] [C++] souhardya/uboat HTTP Botnet Project
[319星][5m] [Go] saturnsvoid/gobot2 Second Version of The GoBot Botnet, But more advanced.

后门&&添加后门

[378星][7m] [C] zerosum0x0/smbdoor Windows kernel backdoor via registering a malicious SMB handler
[364星][2m] [Shell] screetsec/vegile This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
[362星][7m] [Py] s0md3v/cloak Cloak can backdoor any python script with some tricks.
[341星][11m] [Shell] r00t-3xp10it/backdoorppt backdoorppt：将Exe格式Payload伪装成Doc（.ppt）
[317星][1y] [Ruby] carletonstuberg/browser-backdoor BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener
[287星][3m] [C#] mvelazc0/defcon27_csharp_workshop Writing custom backdoor payloads with C# - Defcon 27
[201星][8m] [C] paradoxis/php-backdoor Your interpreter isn’t safe anymore — The PHP module backdoor

混淆器&&Obfuscate

[1351星][9m] [PowerShell] danielbohannon/invoke-obfuscation PowerShell Obfuscator

Payload管理

[930星][1y] [JS] netflix/sleepy-puppy Sleepy Puppy XSS Payload Management Framework

勒索软件

[379星][1y] [Go] mauri870/ransomware A POC Windows crypto-ransomware (Academic)
[313星][13d] [Batchfile] mitchellkrogza/ultimate.hosts.blacklist The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.

键盘记录器

[359星][11m] [Py] ajinabraham/xenotix-python-keylogger Xenotix Python Keylogger for Windows.

Meterpreter

[233星][5m] [Py] mez0cc/ms17-010-python MS17-010: Python and Meterpreter

Payload投递

[255星][3m] [Py] no0be/dnslivery Easy files and payloads delivery over DNS

渗透多合一&&渗透框架

[4965星][4m] [PowerShell] empireproject/empire 后渗透框架. Windows客户端用PowerShell, Linux/OSX用Python. 之前PowerShell Empire和Python EmPyre的组合
[4576星][22d] [Py] manisso/fsociety fsociety Hacking Tools Pack – A Penetration Testing Framework
[3313星][5m] [PowerShell] samratashok/nishang 渗透框架，脚本和Payload收集，主要是PowerShell，涵盖渗透的各个阶段
[3053星][1m] [Shell] 1n3/sn1per 自动化渗透测试框架
[3041星][1m] [Py] byt3bl33d3r/crackmapexec 后渗透工具，自动化评估大型Active Directory网络的安全性
[2961星][17d] [Py] guardicore/monkey 自动化渗透测试工具, 测试数据中心的弹性, 以防范周边(perimeter)泄漏和内部服务器感染
[2767星][7m] [C#] quasar/quasarrat Remote Administration Tool for Windows
[2381星][2m] [Py] infobyte/faraday 渗透测试和漏洞管理平台
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞管理 |
[1482星][16d] [Py] zerosum0x0/koadic koadic：类似于Meterpreter、Powershell Empire 的post-exploitation rootkit，区别在于其大多数操作都是由 Windows 脚本主机 JScript/VBScript 执行
[1081星][10m] [Py] secforce/sparta 网络基础架构渗透测试
[934星][3m] [Py] 0xinfection/tidos-framework Web App渗透测试框架, 攻击性, 手动
[918星][1y] [Py] m4n3dw0lf/pythem 多功能渗透测试框架
[513星][21d] [Py] gyoisamurai/gyoithon 使用机器学习的成长型渗透测试工具
- 重复区段: 工具/人工智能&&机器学习&&深度学习&&神经网络/未分类-AI |

后渗透

未分类-post-exp

[6832星][17d] [C] hashcat/hashcat 世界上最快最先进的密码恢复工具
- 重复区段: 工具/密码&&凭证/密码 |
[3268星][2m] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload生成 |
[2346星][1m] [Shell] rebootuser/linenum Scripted Local Linux Enumeration & Privilege Escalation Checks
[2136星][14d] [Py] commixproject/commix Automated All-in-One OS command injection and exploitation tool.
[1226星][9m] [C] a0rtega/pafish Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
[1191星][1y] [C#] cn33liz/p0wnedshell PowerShell Runspace Post Exploitation Toolkit
[1045星][8m] [Py] 0x00-0x00/shellpop 在渗透中生产简易的/复杂的反向/绑定Shell
[1029星][28d] [Boo] byt3bl33d3r/silenttrinity An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
[1015星][3m] [Py] byt3bl33d3r/deathstar 在Active Directory环境中使用Empire自动获取域管理员权限
[754星][4m] [Py] lgandx/pcredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
[737星][4m] [PowerShell] hausec/adape-script Active Directory Assessment and Privilege Escalation Script
[668星][1m] [C#] cobbr/sharpsploit SharpSploit is a .NET post-exploitation library written in C#
[405星][4m] [Shell] thesecondsun/bashark Bash post exploitation toolkit
[341星][4m] [Py] adrianvollmer/powerhub A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
[282星][1y] [JS] chrisallenlane/novahot Webshell框架，实现了基于Json的API，可与任何语言编写的后门（默认支持PHP/Ruby/Python）进行通信。
- 重复区段: 工具/webshell/未分类-webshell |
[212星][2m] [Go] brompwnie/botb A container analysis and exploitation tool for pentesters and engineers.

提权&&PrivilegeEscalation

[3509星][4m] [C] secwiki/windows-kernel-exploits windows-kernel-exploits Windows平台提权漏洞集合
[1245星][2m] [Py] alessandroz/beroot Privilege Escalation Project - Windows / Linux / Mac
[583星][11m] [C++] ohpe/juicy-potato A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
[529星][4m] rhinosecuritylabs/aws-iam-privilege-escalation A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
[492星][7m] [Py] initstring/dirty_sock Linux privilege escalation exploit via snapd (CVE-2019-7304)
[467星][8m] [C] nongiach/sudo_inject [Linux] Two Privilege Escalation techniques abusing sudo token
[443星][1m] [C#] rasta-mouse/watson Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
[383星][3m] [PowerShell] cyberark/aclight A script for advanced discovery of Privileged Accounts - includes Shadow Admins
[353星][2m] [PowerShell] gdedrouas/exchange-ad-privesc Exchange privilege escalations to Active Directory
[337星][20d] [Shell] nullarray/roothelper 辅助在被攻克系统上的提权过程：自动枚举、下载、解压并执行提权脚本
[302星][4m] [Batchfile] frizb/windows-privilege-escalation Windows Privilege Escalation Techniques and Scripts
[258星][3m] [PHP] lawrenceamer/0xsp-mongoose Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding

Windows

未分类

[328星][2m] [C] mattiwatti/efiguard Disable PatchGuard and DSE at boot time
[209星][1y] [C++] tandasat/pgresarch PatchGuard Research

UAC

[2283星][15d] [C] hfiref0x/uacme Defeating Windows User Account Control

AppLocker

ActiveDirectory

[1943星][2m] infosecn1nja/ad-attack-defense Attack and defend active directory using modern post exploitation adversary tradecraft activity

域渗透

驻留&&Persistence

[271星][2m] [C#] fireeye/sharpersist Windows persistence toolkit
[260星][1y] [C++] ewhitehats/invisiblepersistence Persisting in the Windows registry "invisibly"

自动化

[1799星][4m] [Shell] arismelachroinos/lscript 自动化无线渗透和Hacking 任务的脚本
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[1741星][21d] [Shell] leebaird/discover 自定义的bash脚本, 用于自动化多个渗透测试任务, 包括: 侦查、扫描、解析、在Metasploit中创建恶意Payload和Listener
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload生成 |工具/渗透&&offensive&&渗透框架&&后渗透框架/Metasploit/未分类-metasploit |
[1656星][2m] [Py] rootm0s/winpwnage UAC bypass, Elevate, Persistence and Execution methods

数据渗透

[453星][3m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

横向渗透

Burp

收集

[1920星][1y] [BitBake] 1n3/intruderpayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
[1058星][27d] snoopysecurity/awesome-burp-extensions Burp扩展收集

未分类-Burp

[1091星][1y] [Py] bugcrowd/hunt Burp和ZAP的扩展收集
[742星][13d] [Batchfile] mr-xn/burpsuite-collections BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦
[705星][1y] [Java] d3vilbug/hackbar HackBar plugin for Burpsuite v1.0
[646星][8m] [Java] vulnerscom/burp-vulners-scanner Vulnerability scanner based on vulners.com search API
[563星][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
[549星][8m] [Java] c0ny1/chunked-coding-converter Burp suite 分块传输辅助插件
[466星][19d] [Java] wagiro/burpbounty Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
[436星][5m] [Py] albinowax/activescanplusplus ActiveScan++ Burp Suite Plugin
[434星][1m] [Py] romanzaikin/burpextension-whatsapp-decryption-checkpoint This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019)
[402星][4m] [Java] bit4woo/recaptcha reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
[397星][7m] [Java] nccgroup/burpsuitehttpsmuggler A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
[373星][1y] [Py] rhinosecuritylabs/sleuthql Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
[371星][2m] [Java] nccgroup/autorepeater Automated HTTP Request Repeating With Burp Suite
[352星][4m] [Java] bit4woo/domain_hunter A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名（不仅仅是单个主域名）的插件
[327星][2m] [Kotlin] portswigger/turbo-intruder Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
[309星][1y] [Java] ebryx/aes-killer Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
[300星][3m] [Java] bit4woo/knife A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
[300星][7m] [Java] ilmila/j2eescan J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
[299星][2m] [Java] portswigger/http-request-smuggler an extension for Burp Suite designed to help you launch HTTP Request Smuggling attack
[297星][11m] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
[296星][1y] [Java] vmware/burp-rest-api REST/JSON API to the Burp Suite security tool.
[272星][1y] [Java] elkokc/reflector reflector：Burp 插件，浏览网页时实时查找反射 XSS
[264星][18d] [Py] quitten/autorize Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
[250星][2m] [Py] rhinosecuritylabs/iprotate_burp_extension Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
[241星][4m] [Py] initroot/burpjslinkfinder Burp Extension for a passive scanning JS files for endpoint links.
[235星][1m] [Java] samlraider/samlraider SAML2 Burp Extension
[231星][1y] [Java] nccgroup/burpsuiteloggerplusplus Burp Suite Logger++: Log activities of all the tools in Burp Suite
[230星][1y] [Py] audibleblink/doxycannon DoxyCannon: 为一堆OpenVPN文件分别创建Docker容器, 每个容器开启SOCKS5代理服务器并绑定至Docker主机端口, 再结合使用Burp或ProxyChains, 构建私有的Botnet
[230星][1y] [Java] difcareer/sqlmap4burp sqlmap embed in burpsuite
[222星][6m] [Java] c0ny1/jsencrypter 一个用于加密传输爆破的Burp Suite插件
[214星][2m] [Java] c0ny1/passive-scan-client Burp被动扫描流量转发插件
[205星][2m] [Java] h3xstream/http-script-generator ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
[202星][5m] [Perl] modzero/mod0burpuploadscanner HTTP file upload scanner for Burp Proxy

Metasploit

未分类-metasploit

[18724星][14d] [Ruby] rapid7/metasploit-framework Metasploit Framework
[1741星][21d] [Shell] leebaird/discover 自定义的bash脚本, 用于自动化多个渗透测试任务, 包括: 侦查、扫描、解析、在Metasploit中创建恶意Payload和Listener
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/自动化 |工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload生成 |
[1284星][1y] [Shell] dana-at-cp/backdoor-apk backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
[709星][2m] [C] rapid7/metasploit-payloads Unified repository for different Metasploit Framework payloads
[683星][2m] [Java] isafeblue/trackray 溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）
[445星][4m] [Py] cchio/deep-pwning Metasploit for machine learning.
- 重复区段: 工具/人工智能&&机器学习&&深度学习&&神经网络/未分类-AI |
[389星][5m] [Ruby] praetorian-code/purple-team-attack-automation Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
[309星][10m] [Ruby] darkoperator/metasploit-plugins Plugins for Metasploit Framework
[298星][2m] [Ruby] fozavci/viproy-voipkit VoIP渗透测试工具和 Metasploit 框架
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/未分类-Pentest |
[296星][1m] [Py] 3ndg4me/autoblue-ms17-010 This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010
[265星][3m] [Vue] zerx0r/kage Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler

免杀&&躲避AV检测

[1009星][4m] [C] govolution/avet avet：免杀工具
[698星][9m] [Py] mr-un1k0d3r/dkmc DKMC - Dont kill my cat - Malicious payload evasion tool
[620星][6m] [Py] paranoidninja/carboncopy A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
[461星][1y] [Go] arvanaghi/checkplease Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
[299星][1y] [Py] two06/inception Provides In-memory compilation and reflective loading of C# apps for AV evasion.
[280星][1m] [C#] ch0pin/aviator Antivirus evasion project
[252星][1m] [C#] hackplayers/salsa-tools Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched

C&C

[2387星][3m] [Go] ne0nd0g/merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
[1104星][1y] [Py] byt3bl33d3r/gcat A PoC backdoor that uses Gmail as a C&C server
[917星][19d] [C#] cobbr/covenant Covenant is a collaborative .NET C2 framework for red teamers.
[632星][10m] [Py] mehulj94/braindamage Remote administration tool which uses Telegram as a C&C server
[314星][1y] [C#] spiderlabs/dohc2 DoHC2 allows the ExternalC2 library from Ryan Hanson (
[240星][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2
[240星][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2

DDOS

[2443星][17d] [C++] pavel-odintsov/fastnetmon 快速 DDoS 检测/分析工具，支持 sflow/netflow/mirror
[1174星][29d] [Shell] mitchellkrogza/nginx-ultimate-bad-bot-blocker Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
[831星][2m] [Py] 649/memcrashed-ddos-exploit DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/Shodan |
[457星][6m] [Shell] jgmdev/ddos-deflate Fork of DDoS Deflate with fixes, improvements and new features.
[451星][2m] [JS] codemanki/cloudscraper Node.js library to bypass cloudflare's anti-ddos page
[374星][12m] [C] markus-go/bonesi BoNeSi - the DDoS Botnet Simulator
[293星][3m] [Shell] anti-ddos/anti-ddos
[243星][12m] [Py] wenfengshi/ddos-dos-tools some sort of ddos-tools

OWASP

[10690星][13d] [Py] owasp/cheatsheetseries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
[2245星][13d] [Go] owasp/amass In-depth Attack Surface Mapping and Asset Discovery
[1902星][28d] [Perl] spiderlabs/owasp-modsecurity-crs OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
[1680星][1y] owasp/devguide The OWASP Guide
[1390星][2m] [HTML] owasp/top10 Official OWASP Top 10 Document Repository
[1000星][3m] [HTML] owasp/nodegoat 学习OWASP安全威胁Top10如何应用到Web App的，以及如何处理
[731星][2m] [Java] owasp/securityshepherd Web and mobile application security training platform
[665星][13d] [HTML] owasp/asvs Application Security Verification Standard
[597星][10m] [Py] zdresearch/owasp-nettacker Automated Penetration Testing Framework
[480星][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
[480星][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
[461星][7m] [Java] owasp/owasp-webscarab OWASP WebScarab
[402星][5m] [Py] stanislav-web/opendoor OWASP WEB Directory Scanner
[360星][1m] [Java] zaproxy/zap-extensions OWASP ZAP Add-ons
[341星][1m] [Java] esapi/esapi-java-legacy ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
[292星][5m] 0xradi/owasp-web-checklist OWASP Web Application Security Testing Checklist
[271星][5m] [JS] mike-goodwin/owasp-threat-dragon An open source, online threat modelling tool from OWASP
[269星][4m] tanprathan/owasp-testing-checklist OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
[248星][11m] [Java] owasp/owasp-java-encoder The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
[225星][1m] owasp/api-security OWASP API Security Project

Kali

[2522星][7m] offensive-security/kali-nethunter The Kali NetHunter Project
[2332星][7m] [Py] lionsec/katoolin Automatically install all Kali linux tools
[1690星][2m] [PHP] xtr4nge/fruitywifi FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.
[849星][10m] [Shell] esc0rtd3w/wifi-hacker Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2)
[714星][3m] [Py] rajkumrdusad/tool-x Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 263 hacking tools in termux app and other linux based distributions.
[667星][7m] offensive-security/kali-arm-build-scripts Kali Linux ARM build scripts
[542星][1m] [Shell] offensive-security/kali-linux-docker PLEASE USE GITLAB
[385星][3m] jack-liang/kalitools Kali Linux工具清单
[328星][7m] offensive-security/kali-linux-recipes Kali Linux Recipes

CobaltStrike

[389星][1y] [Shell] killswitch-gui/cobaltstrike-toolkit Some useful scripts for CobaltStrike
[203星][1y] [C#] spiderlabs/sharpcompile SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…

扫描器&&安全扫描&&App扫描&&漏洞扫描

未分类-Scanner

[11006星][2m] [C] robertdavidgraham/masscan masscan：世界上最快的互联网端口扫描器，号称可6分钟内扫描整个互联网
[7288星][25d] [Py] s0md3v/xsstrike Most advanced XSS scanner.
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/XSS&&XXE/未分类-XSS |
[5245星][1m] [Go] zricethezav/gitleaks Audit git repos for secrets
[4474星][16d] [Ruby] wpscanteam/wpscan WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
[4101星][24d] we5ter/scanners-box 安全行业从业者自研开源扫描器合辑
[3375星][1m] [Perl] sullo/nikto Nikto web server scanner
[3119星][2m] [Go] mozilla/sops Simple and flexible tool for managing secrets
[3049星][20d] [Py] maurosoria/dirsearch Web path scanner
[3022星][2m] [C] zmap/zmap ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
[2904星][21d] [Py] andresriancho/w3af Web App安全扫描器, 辅助开发者和渗透测试人员识别和利用Web App中的漏洞
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞扫描&&挖掘&&发现/漏洞扫描/未分类 |
[2261星][3m] [JS] retirejs/retire.js scanner detecting the use of JavaScript libraries with known vulnerabilities
[2027星][2m] [Ruby] urbanadventurer/whatweb Next generation web scanner
[2023星][2m] [Py] nabla-c0d3/sslyze SSL/TLS服务器扫描
[1630星][1m] [NSIS] angryip/ipscan Angry IP Scanner - fast and friendly network scanner
[1530星][7m] [Py] m4ll0k/wascan WAScan - Web Application Scanner
[1494星][4m] [Py] hannob/snallygaster Python脚本, 扫描HTTP服务器"秘密文件"
[1060星][2m] [PHP] tuhinshubhra/red_hawk 信息收集、漏洞扫描、爬虫多合一
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |
[1054星][3m] [Py] gerbenjavado/linkfinder A python script that finds endpoints in JavaScript files
[1037星][7m] [Py] lucifer1993/struts-scan struts2漏洞全版本检测和利用工具
[985星][3m] [Py] h4ckforjob/dirmap 一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。
[905星][2m] [Py] tuhinshubhra/cmseek CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
[880星][5m] [PHP] tidesec/wdscanner 分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
[862星][1m] [Py] ajinabraham/nodejsscan NodeJsScan is a static security code scanner for Node.js applications.
[759星][17d] [Py] vesche/scanless scanless：端口扫描器
[741星][19d] [Py] nekmo/dirhunt Web爬虫, 针对搜索和分析路径做了优化
- 重复区段: 工具/爬虫 |
[722星][6m] [Py] ztgrace/changeme 默认证书扫描器
[694星][4m] [CSS] ajinabraham/cmsscan Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
[690星][2m] [CSS] boy-hack/w12scan a network asset discovery engine that can automatically aggregate related assets for analysis and use
[681星][28d] [C] scanmem/scanmem memory scanner for Linux
[671星][1m] [Ruby] mozilla/ssh_scan A prototype SSH configuration and policy scanner (Blog:
[657星][7m] [Py] m4ll0k/wpseku WPSeku - Wordpress Security Scanner
[656星][2m] [Py] kevthehermit/pastehunter Scanning pastebin with yara rules
[649星][5m] [Py] droope/droopescan A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
[636星][1y] [Py] lmco/laikaboss Laika BOSS: Object Scanning System
[613星][5m] [Py] rabbitmask/weblogicscan Weblogic一键漏洞检测工具，V1.3
[612星][12m] [Ruby] thesp0nge/dawnscanner Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
[604星][4m] [Py] faizann24/xsspy Web Application XSS Scanner
[569星][2m] [HTML] gwillem/magento-malware-scanner 用于检测 Magento 恶意软件的规则/样本集合
[564星][2m] [Perl] alisamtechnology/atscan Advanced dork Search & Mass Exploit Scanner
[555星][5m] [Py] codingo/vhostscan A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
[542星][7m] [Go] marco-lancini/goscan Interactive Network Scanner
[536星][4m] [Py] dhs-ncats/pshtt Scan domains and return data based on HTTPS best practices
[526星][6m] [Py] grayddq/gscan 本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。
[481星][1m] [Py] fcavallarin/htcap htcap is a web application scanner able to crawl single page application (SPA) recursively by intercepting ajax calls and DOM changes.
[475星][1y] [C] nanshihui/scan-t a new crawler based on python with more function including Network fingerprint search
[399星][2m] [Py] boy-hack/w13scan Passive Security Scanner (被动安全扫描器)
[397星][10m] [JS] eviltik/evilscan evilscan：大规模 IP/端口扫描器，Node.js 编写
[390星][10m] [Py] mitre/multiscanner Modular file scanning/analysis framework
[386星][1y] [Py] grayddq/publicmonitors 对公网IP列表进行端口服务扫描，发现周期内的端口服务变化情况和弱口令安全风险
[385星][1m] [C] hasherezade/hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
[379星][13d] [Py] stamparm/dsss Damn Small SQLi Scanner
[340星][4m] [Py] swisskyrepo/wordpresscan WPScan rewritten in Python + some WPSeku ideas
[339星][12m] [Py] skavngr/rapidscan
[338星][1m] [Py] fgeek/pyfiscan pyfiscan：Web App 漏洞及版本扫描
[335星][3m] [Java] portswigger/backslash-powered-scanner Finds unknown classes of injection vulnerabilities
[330星][1y] [Py] flipkart-incubator/rta Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
[316星][2m] [HTML] coinbase/salus Security scanner coordinator
[315星][15d] [C] royhills/arp-scan The ARP Scanner
[301星][10m] [PHP] steverobbins/magescan Scan a Magento site for information
[299星][1m] [PowerShell] canix1/adaclscanner Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
[294星][1y] [Shell] cryptolok/ghostinthenet Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[294星][2m] [Ruby] m0nad/hellraiser Vulnerability Scanner
[294星][1m] [Shell] mitchellkrogza/apache-ultimate-bad-bot-blocker Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
[286星][4m] enkomio/taipan Web application vulnerability scanner
[284星][1y] [Py] code-scan/dzscan Dzscan
[280星][8m] [Py] boy-hack/w8fuckcdn 通过扫描全网绕过CDN获取网站IP地址
[278星][3m] [Py] shenril/sitadel Web Application Security Scanner
[276星][2m] [Py] target/strelka Real-time, container-based file scanning at enterprise scale
[268星][1y] [PHP] psecio/parse Parse: A Static Security Scanner
[262星][5m] [Py] abhisharma404/vault_scanner swiss army knife for hackers
[254星][3m] [Py] m4ll0k/konan Konan - Advanced Web Application Dir Scanner
[253星][9m] jeffzh3ng/insectsawake Network Vulnerability Scanner
[246星][1m] [Py] gildasio/h2t h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
[245星][2m] [Go] zmap/zgrab2 Go Application Layer Scanner
[235星][3m] [PHP] psecio/versionscan A PHP version scanner for reporting possible vulnerabilities
[233星][7m] [Go] gocaio/goca Goca Scanner
[217星][5m] [JS] pavanw3b/sh00t Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
[209星][3m] [Py] iojw/socialscan Check email address and username availability on online platforms
[207星][9m] [Py] nullarray/dorknet Selenium powered Python script to automate searching for vulnerable web apps.
[202星][1y] [Py] dionach/cmsmap CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
[201星][12m] [PowerShell] sud0woodo/dcomrade Powershell script for enumerating vulnerable DCOM Applications

隐私&&Secret&&Privacy扫描

[6673星][10m] [Shell] awslabs/git-secrets Prevents you from committing secrets and credentials into git repositories
[4346星][7m] [Py] boxug/trape 学习在互联网上跟踪别人，获取其详细信息，并避免被别人跟踪
[3064星][28d] [Py] tribler/tribler Privacy enhanced BitTorrent client with P2P content discovery
[1102星][4m] [Vue] 0xbug/hawkeye GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
[935星][20d] [Py] mozilla/openwpm A web privacy measurement framework
[884星][2m] [C#] elevenpaths/foca Tool to find metadata and hidden information in the documents.
[822星][18d] [Py] al0ne/vxscan python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。
[390星][6m] [Py] repoog/gitprey Searching sensitive files and contents in GitHub associated to company name or other key words
[356星][2m] [Py] hell0w0rld0/github-hunter This tool is for sensitive information searching on Github - The Fast Version here:
[312星][15d] [HTML] tanjiti/sec_profile 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/社交网络/Github |

隐私存储

未分类

[5029星][2m] [Shell] stackexchange/blackbox 文件使用PGP加密后隐藏在Git/Mercurial/Subversion

隐写

[569星][1m] [Go] dimitarpetrov/stegify Go tool for LSB steganography, capable of hiding any file within an image.
[344星][6m] [Go] lukechampine/jsteg JPEG steganography
[342星][5m] [Java] syvaidya/openstego OpenStego is a steganography application that provides two functionalities: a) Data Hiding: It can hide any data within a cover file (e.g. images). b) Watermarking: Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying.
[274星][1y] [C] abeluck/stegdetect UNMAINTAINED. USE AT OWN RISK. Stegdetect is an automated tool for detecting steganographic content in images.
[256星][26d] [Py] cedricbonhomme/stegano Stegano is a pure Python steganography module.

侦察&&信息收集&&子域名发现与枚举&&OSINT

未分类-OSINT

[7042星][28d] [Java] lionsoul2014/ip2region Ip2region is a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is less then 5Mb with all ip address stored. binding for Java,PHP,C,Python,Nodejs,Golang,C#,lua. Binary,B-tree,Memory searching algorithm
[6894星][27d] greatfire/wiki 自由浏览
[6109星][9m] [Py] schollz/howmanypeoplearearound 检测 Wifi 信号统计你周围的人数
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[2154星][28d] [C] texane/stlink stm32 discovery line linux programmer
[2061星][16d] [Py] fortynorthsecurity/eyewitness 给网站做快照，提供服务器Header信息，识别默认凭证等
[1741星][21d] [Shell] leebaird/discover 自定义的bash脚本, 用于自动化多个渗透测试任务, 包括: 侦查、扫描、解析、在Metasploit中创建恶意Payload和Listener
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/自动化 |工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload生成 |工具/渗透&&offensive&&渗透框架&&后渗透框架/Metasploit/未分类-metasploit |
[1627星][28d] [Py] cea-sec/ivre Network recon framework.
[1593星][28d] [Go] awnumar/memguard 处理内存中敏感的值，纯Go语言编写。
[1591星][4m] [Py] mozilla/cipherscan 查找指定目标支持的SSL ciphersuites
[1392星][6m] [Py] enablesecurity/wafw00f 识别保护网站的WAF产品
[1309星][3m] [JS] lockfale/osint-framework OSINT Framework
[1301星][26d] [CSS] undeadsec/socialfish 网络钓鱼培训与信息收集
- 重复区段: 工具/社工(SET)&&钓鱼&&鱼叉攻击/未分类-SET |
[1261星][1m] [Py] s0md3v/arjun HTTP parameter discovery suite.
[1256星][2m] [Py] codingo/reconnoitre A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
[1253星][1y] [PowerShell] dafthack/mailsniper 在Microsoft Exchange环境中搜索邮件中包含的指定内容：密码、insider intel、网络架构信息等
[1180星][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞利用/漏洞利用 |工具/数据库&&SQL攻击&&SQL注入/NoSQL/未分类-NoSQL |
[1135星][10m] [C] blechschmidt/massdns A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
[1060星][2m] [PHP] tuhinshubhra/red_hawk 信息收集、漏洞扫描、爬虫多合一
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/未分类-Scanner |
[1041星][1m] [Rust] fgribreau/mailchecker 邮件检测库，跨语言。覆盖33078虚假邮件提供者
[944星][4m] [C] rbsec/sslscan 测试启用SSL/TLS的服务，发现其支持的cipher suites
[930星][2m] [Py] sundowndev/phoneinfoga Advanced information gathering & OSINT tool for phone numbers
[924星][17d] [OCaml] airbus-seclab/bincat 二进制代码静态分析工具。值分析（寄存器、内存）、污点分析、类型重建和传播（propagation）、前向/后向分析
[871星][4m] derpopo/uabe Unity Assets Bundle Extractor
[851星][7m] [Py] s0md3v/recondog Reconnaissance Swiss Army Knife
[760星][12m] [HTML] sense-of-security/adrecon 收集Active Directory信息并生成报告
[742星][3m] [Py] threatexpress/domainhunter Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
- 重复区段: 工具/社工(SET)&&钓鱼&&鱼叉攻击/未分类-SET |
[698星][17d] [Ruby] intrigueio/intrigue-core 外部攻击面发现框架，自动化OSINT
[694星][27d] [Py] khast3x/h8mail Password Breach Hunting and Email OSINT tool, locally or using premium services. Supports chasing down related email
[680星][4m] [Shell] nahamsec/lazyrecon 侦查(reconnaissance)过程自动化脚本, 可自动使用Sublist3r/certspotter获取子域名, 调用nmap/dirsearch等
[617星][5m] [Py] deibit/cansina cansina：web 内容发现工具。发出各种请求并过滤回复，识别是否存在请求的资源。
[579星][7m] [Py] ekultek/zeus-scanner Advanced reconnaissance utility
[537星][8m] [Py] m4ll0k/infoga infoga：邮件信息收集工具
[483星][2m] no-github/digital-privacy 一个关于数字隐私搜集、保护、清理集一体的方案,外加开源信息收集(OSINT)对抗
[463星][3m] [Py] xillwillx/skiptracer OSINT python webscaping framework
[462星][14d] [Rust] kpcyrd/sn0int Semi-automatic OSINT framework and package manager
[417星][2m] [Py] superhedgy/attacksurfacemapper AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
[404星][4m] [Shell] d4rk007/redghost Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace.
[388星][3m] [Go] graniet/operative-framework operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
[387星][12m] [Py] chrismaddalena/odin Automated network asset, email, and social media profile discovery and cataloguing.
[378星][2m] ph055a/osint-collection Maintained collection of OSINT related resources. (All Free & Actionable)
[362星][1m] [Py] dedsecinside/torbot Dark Web OSINT Tool
[350星][11m] [Py] aancw/belati The Traditional Swiss Army Knife for OSINT
[350星][18d] [Py] depthsecurity/armory Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
[335星][1m] [Py] darryllane/bluto DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Checking
[329星][11m] [Py] mdsecactivebreach/linkedint A LinkedIn scraper for reconnaissance during adversary simulation
[320星][5m] [Go] nhoya/gosint OSINT Swiss Army Knife
[304星][4m] [Py] initstring/linkedin2username Generate username lists for companies on LinkedIn
[302星][1y] [Py] sharadkumar97/osint-spy Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. If you want to ask something please feel free to reach out to me at sharad@osint-spy.com
[299星][1y] [Py] twelvesec/gasmask Information gathering tool - OSINT
[296星][11m] [Py] r3vn/badkarma network reconnaissance toolkit
[289星][6m] [Shell] eschultze/urlextractor Information gathering & website reconnaissance |
[284星][2m] [JS] pownjs/pown-recon A powerful target reconnaissance framework powered by graph theory.
[279星][1y] [Shell] ha71/namechk Osint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.
[268星][1y] [Go] tomsteele/blacksheepwall blacksheepwall is a hostname reconnaissance tool
[264星][2m] [Py] ekultek/whatbreach OSINT tool to find breached emails, databases, pastes, and relevant information
[242星][2m] [Shell] solomonsklash/chomp-scan A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
[236星][13d] [Py] zephrfish/googd0rker GoogD0rker is a tool for firing off google dorks against a target domain, it is purely for OSINT against a specific target domain. READ the readme before messaging or tweeting me.
[229星][7m] [JS] cliqz-oss/local-sheriff Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII) are being shared / leaked to which all third-parties.
[229星][1m] [Propeller Spin] grandideastudio/jtagulator Assisted discovery of on-chip debug interfaces
[227星][1m] [Py] sc1341/instagramosint An Instagram Open Source Intelligence Tool
[225星][1m] [Py] anon-exploiter/sitebroker A cross-platform python based utility for information gathering and penetration testing automation!
[220星][3m] [Py] thewhiteh4t/finalrecon OSINT Tool for All-In-One Web Reconnaissance
[220星][13d] [PowerShell] tonyphipps/meerkat A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
[219星][3m] [Py] eth0izzle/the-endorser An OSINT tool that allows you to draw out relationships between people on LinkedIn via endorsements/skills.
[218星][1y] [Shell] edoverflow/megplus Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
[210星][4m] [Py] spiderlabs/hosthunter HostHunter a recon tool for discovering hostnames using OSINT techniques.

子域名枚举&&爆破

[4008星][1m] [Py] aboul3la/sublist3r Fast subdomains enumeration tool for penetration testers
[3147星][15d] [Py] laramies/theharvester E-mails, subdomains and names Harvester - OSINT
[2981星][6m] [Go] michenriksen/aquatone 子域名枚举工具。除了经典的爆破枚举之外，还利用多种开源工具和在线服务大幅度增加发现子域名的数量。
[1750星][6m] [Py] lijiejie/subdomainsbrute 子域名爆破
[1686星][1m] [Go] subfinder/subfinder 使用Passive Sources, Search Engines, Pastebins, Internet Archives等查找子域名
[1668星][7m] [Py] guelfoweb/knock 使用 Wordlist 枚举子域名
- 重复区段: 工具/wordlist/未分类-wordlist |
[1555星][14d] [Go] caffix/amass 子域名枚举, 搜索互联网数据源, 使用机器学习猜测子域名. Go语言
[1087星][1m] [Py] john-kurkowski/tldextract Accurately separate the TLD from the registered domain and subdomains of a URL, using the Public Suffix List.
[752星][12d] [Rust] edu4rdshl/findomain The fastest and cross-platform subdomain enumerator, don't waste your time.
[687星][4m] [Go] haccer/subjack 异步多线程扫描子域列表，识别能够被劫持的子域。Go 编写
[639星][1y] [Py] simplysecurity/simplyemail Email recon made fast and easy, with a framework to build on
[573星][2m] [Py] jonluca/anubis Subdomain enumeration and information gathering tool
[537星][8m] [Py] feeicn/esd Enumeration sub domains(枚举子域名)
[468星][1m] [Py] typeerror/domained Multi Tool Subdomain Enumeration
[435星][1y] [Go] ice3man543/subover A Powerful Subdomain Takeover Tool
[434星][5m] [Py] threezh1/jsfinder JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
[425星][1m] [Py] nsonaniya2010/subdomainizer A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
[422星][10m] [Py] appsecco/bugcrowd-levelup-subdomain-enumeration This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
[407星][2m] [Py] yanxiu0614/subdomain3 subdomain3：简单快速的子域名爆破工具。
[327星][4m] [Py] chris408/ct-exposer An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
[302星][1y] [Py] christophetd/censys-subdomain-finder 利用搜索引擎 Censys 提供的 certificate transparency 日志, 实现子域名枚举. (Censys: 搜索联网设备信息的搜索引擎)
[275星][7m] [Py] franccesco/getaltname 直接从SSL证书中提取子域名或虚拟域名
[254星][10m] [Py] appsecco/the-art-of-subdomain-enumeration This repository contains all the supplement material for the book "The art of sub-domain enumeration"
[251星][5m] [Go] anshumanbh/tko-subs A tool that can help detect and takeover subdomains with dead DNS records
[204星][1m] [Shell] screetsec/sudomy Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format

信息收集&&侦查&&Recon&&InfoGather

[3496星][15d] [Shell] drwetter/testssl.sh 检查服务器任意端口对 TLS/SSL 的支持、协议以及一些加密缺陷，命令行工具
[2378星][15d] [Py] smicallef/spiderfoot 自动收集指定目标的信息：IP、域名、主机名、网络子网、ASN、邮件地址、用户名
[2168星][1y] [Py] datasploit/datasploit 对指定目标执行多种侦查技术：企业、人、电话号码、比特币地址等
[1963星][8m] [JS] weichiachang/stacks-cli Check website stack from the terminal
[1873星][1m] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞扫描&&挖掘&&发现/漏洞扫描/未分类 |
[1629星][1y] [Py] evyatarmeged/raccoon 高性能的侦查和漏洞扫描工具
- 重复区段: 工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞扫描&&挖掘&&发现/漏洞扫描/未分类 |
[1420星][6m] [Py] oros42/imsi-catcher This program show you IMSI numbers of cellphones around you.
[1271星][1y] [Go] evilsocket/xray 自动化执行一些信息收集、网络映射的初始化工作
[619星][29d] [Py] tib3rius/autorecon AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
[510星][9m] [Py] fortynorthsecurity/just-metadata Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
[453星][19d] [Py] yassineaboukir/sublert Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
[388星][10m] [Swift] ibm/mac-ibm-enrollment-app The Mac@IBM enrollment app makes setting up macOS with Jamf Pro more intuitive for users and easier for IT. The application offers IT admins the ability to gather additional information about their users during setup, allows users to customize their enrollment by selecting apps or bundles of apps to install during setup, and provides users with …
[349星][4m] [C++] wbenny/pdbex pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers
[343星][27d] [Py] lanmaster53/recon-ng Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.
[283星][2m] [Py] govanguard/legion Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
[269星][10m] [Py] LaNMaSteR53/recon-ng

指纹&&Fingerprinting

[8843星][13d] [JS] valve/fingerprintjs2 Modern & flexible browser fingerprinting library
[3029星][1m] [JS] valve/fingerprintjs Anonymous browser fingerprint
[1595星][14d] [JS] ghacksuserjs/ghacks-user.js An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
[1595星][9m] [C] nmikhailov/validity90 Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol
[918星][7m] [JS] song-li/cross_browser cross_browser_fingerprinting
[783星][1m] [Py] salesforce/ja3 SSL/TLS 客户端指纹，用于恶意代码检测
[372星][21d] [Py] 0x4d31/fatt FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
[309星][2m] [Py] dpwe/audfprint Landmark-based audio fingerprinting
[305星][3m] [Py] salesforce/hassh HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.
[268星][1y] [CSS] w-digital-scanner/w11scan 分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform
[240星][2m] [C] leebrotherston/tls-fingerprinting TLS Fingerprinting
[224星][2m] [GLSL] westpointltd/tls_prober A tool to fingerprint SSL/TLS servers
[212星][1y] [Py] sensepost/spartan Frontpage and Sharepoint fingerprinting and attack tool.
[200星][1y] [Erlang] kudelskisecurity/scannerl scannerl：模块化、分布式指纹识别引擎，在单个主机运行即可扫描数千目标，也可轻松的部署到多台主机

收集

[3674星][15d] jivoi/awesome-osint OSINT资源收集

社交网络

Twitter

[2797星][21d] [Py] twintproject/twint An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

Github

[1627星][22d] [Go] eth0izzle/shhgit 监听Github Event API，实时查找Github代码和Gist中的secret和敏感文件
[1549星][1y] [Py] unkl4b/gitminer Github内容挖掘
[1321星][7m] [Py] feeicn/gsil GitHub敏感信息泄露监控，几乎实时监控，发送警告
[840星][7m] [Go] misecurity/x-patrol github泄露扫描系统
[834星][1m] [JS] vksrc/github-monitor Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
[767星][1m] [Py] bishopfox/gitgot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
[750星][3m] [Py] techgaun/github-dorks 快速搜索Github repo中的敏感信息
[602星][2m] [Py] hisxo/gitgraber monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
[312星][15d] [HTML] tanjiti/sec_profile 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/隐私&&Secret&&Privacy扫描 |
[290星][7m] [Py] s0md3v/zen 查找Github用户的邮箱地址

其他

[7541星][30d] [Py] theyahya/sherlock Find Usernames Across Social Networks
[2504星][2m] [Py] greenwolf/social_mapper 对多个社交网站的用户Profile图片进行大规模的人脸识别
[653星][1y] [Go] 0x09al/raven raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.

DNS

[2421星][4m] [Go] oj/gobuster Directory/File, DNS and VHost busting tool written in Go
[2278星][30d] [Py] ab77/netflix-proxy Smart DNS proxy to watch Netflix
[2081星][19d] [Py] elceef/dnstwist 域名置换引擎，用于检测打字错误，网络钓鱼和企业间谍活动
[1885星][28d] [C++] powerdns/pdns PowerDNS
[1669星][3m] [Py] lgandx/responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
[1117星][7m] [Py] darkoperator/dnsrecon DNS 枚举脚本
[1044星][2m] [Py] infosec-au/altdns Generates permutations, alterations and mutations of subdomains and then resolves them
[1039星][1m] [Go] nadoo/glider 正向代理，支持若干协议
[969星][6m] [Py] m57/dnsteal DNS Exfiltration tool for stealthily sending files over DNS requests.
[891星][18d] [Py] mschwager/fierce A DNS reconnaissance tool for locating non-contiguous IP space.
[877星][5m] [Py] m0rtem/cloudfail 通过错误配置的DNS和老数据库，发现CloudFlare网络后面的隐藏IP
[681星][1y] [Py] bugscanteam/dnslog 监控 DNS 解析记录和 HTTP 访问记录
[594星][7m] [Shell] cokebar/gfwlist2dnsmasq A shell script which convert gfwlist into dnsmasq rules. Python version:
[558星][6m] [C] getdnsapi/stubby Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
[457星][8m] [C] cofyc/dnscrypt-wrapper This is dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver.
[359星][3m] [JS] nccgroup/singularity A DNS rebinding attack framework.
[259星][11m] [Py] trycatchhcf/packetwhisper Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
[258星][2m] [Go] zmap/zdns 快速DNS查找, 命令行工具
[249星][3m] [C#] kevin-robertson/inveighzero Windows C# LLMNR/mDNS/NBNS/DNS spoofer/man-in-the-middle tool
[243星][9m] [Go] erbbysam/dnsgrep Quickly Search Large DNS Datasets
[237星][25d] [Py] mandatoryprogrammer/trusttrees a script to recursively follow all the possible delegation paths for a target domain and graph the relationships between various nameservers along the way.
[230星][1m] [Go] sensepost/godoh A DNS-over-HTTPS Command & Control Proof of Concept
[213星][1y] [PowerShell] lukebaggett/dnscat2-powershell A Powershell client for dnscat2, an encrypted DNS command and control tool.

Shodan

[1082星][2m] [Py] achillean/shodan-python The official Python library for Shodan
[954星][4m] [Py] woj-ciech/kamerka 利用Shodan构建交互式摄像头地图
[831星][2m] [Py] 649/memcrashed-ddos-exploit DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/DDOS |
[669星][2m] jakejarvis/awesome-shodan-queries
[353星][1m] [Py] pielco11/fav-up IP lookup from favicon using Shodan
[337星][2m] [Py] random-robbie/my-shodan-scripts Collection of Scripts for shodan searching stuff.
[233星][10m] [Py] nethunteros/punter punter：使用 DNSDumpster, WHOIS, Reverse WHOIS 挖掘域名

nmap

[3492星][17d] [C] nmap/nmap Nmap
[2099星][6m] [Py] calebmadrigal/trackerjacker 映射你没连接到的Wifi网络, 类似于NMap, 另外可以追踪设备
[1666星][3m] [Lua] vulnerscom/nmap-vulners NSE script based on Vulners.com API
[1497星][2m] [C] nmap/npcap Nmap Project's packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF.
[1237星][2m] [Lua] scipag/vulscan vulscan：Nmap 模块，将 Nmap 转化为高级漏洞扫描器
[936星][4m] [Shell] trimstray/sandmap 使用NMap引擎, 辅助网络和系统侦查(reconnaissance)
[887星][11m] [Py] rev3rsesecurity/webmap Nmap Web Dashboard and Reporting
[822星][2m] [Py] x90skysn3k/brutespray brutespray：获取 nmapGNMAP 输出，自动调用 Medusa 使用默认证书爆破服务（brute-forces services）
[728星][4m] [Lua] cldrn/nmap-nse-scripts My collection of nmap NSE scripts
[658星][4m] [Py] iceyhexman/onlinetools 在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
[481星][1y] [XSLT] honze-net/nmap-bootstrap-xsl A Nmap XSL implementation with Bootstrap.
[391星][7m] [Py] savon-noir/python-libnmap libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.6 up to 3.4. It's wonderful.
[325星][9m] [Py] samhaxr/hackbox 集合了某些Hacking工具和技巧的攻击工具
[307星][1y] [Java] s4n7h0/halcyon First IDE for Nmap Script (NSE) Development.
[282星][1y] [Ruby] danmcinerney/pentest-machine Automates some pentest jobs via nmap xml file
[257星][1y] [Java] danicuestasuarez/nmapgui Advanced Graphical User Interface for NMap
[247星][1y] [Shell] m4ll0k/autonse Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
[230星][7m] [Lua] rvn0xsy/nse_vuln Nmap扫描、漏洞利用脚本
[228星][5m] [Py] maaaaz/nmaptocsv A simple python script to convert Nmap output to CSV

数据库&&SQL攻击&&SQL注入

未分类-Database

[950星][18d] [PowerShell] netspi/powerupsql 攻击SQL服务器的PowerShell工具箱
[661星][3m] [Py] v3n0m-scanner/v3n0m-scanner Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
[638星][2m] [Py] quentinhardy/odat Oracle Database Attacking Tool
[526星][4m] [Py] quentinhardy/msdat Microsoft SQL Database Attacking Tool

SQL

未分类-SQL

[2883星][1m] [Go] cookiey/yearning A most popular sql audit platform for mysql
[712星][1y] [Py] the-robot/sqliv massive SQL injection vulnerability scanner
[553星][1m] [HTML] netspi/sqlinjectionwiki A wiki focusing on aggregating and documenting various SQL injection methods
[444星][9m] [Go] netxfly/x-crack Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
[439星][3m] [Go] stripe/safesql Static analysis tool for Golang that protects against SQL injections
[395星][3m] [C#] shack2/supersqlinjectionv1 超级SQL注入工具（SSQLInjection）是一款基于HTTP协议自组包的SQL注入工具,采用C#开发，直接操作TCP会话来进行HTTP交互，支持出现在HTTP协议任意位置的SQL注入，支持各种类型的SQL注入，支持HTTPS模式注入；支持以盲注、错误显示、Union注入等方式来获取数据；支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库；支持手动灵活的进行SQL注入绕过，可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计，需要使用人员对SQL注入有一定了解。
[295星][8m] [JS] ning1022/sqlinjectionwiki 一个专注于聚合和记录各种SQL注入方法的wiki
[255星][7m] [Py] s0md3v/sqlmate A friend of SQLmap which will do what you always expected from SQLmap.

SQL注入

[15554星][16d] [Py] sqlmapproject/sqlmap Automatic SQL injection and database takeover tool
[592星][6m] aleenzz/mysql_sql_bypass_wiki mysql注入,bypass的一些心得

SQL漏洞

NoSQL

未分类-NoSQL

[1180星][15d] [Py] codingo/nosqlmap Automated NoSQL database enumeration and web application exploitation tool.
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |工具/漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing/漏洞利用/漏洞利用 |
[275星][1y] [Java] florent37/android-nosql Lightweight, simple structured NoSQL database for Android

MongoDB

[1069星][2m] [Py] stampery/mongoaudit

审计&&安全审计&&代码审计

未分类-Audit

[6407星][1m] [Shell] cisofy/lynis Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
[1465星][27d] [Shell] mzet-/linux-exploit-suggester Linux privilege escalation auditing tool
[967星][2m] [Py] nccgroup/scoutsuite Multi-Cloud Security Auditing Tool
[604星][6m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
- 重复区段: 工具/移动&&Mobile/未分类-Mobile |
[271星][17d] [Py] lorexxar/cobra-w Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版

代码审计

[2041星][3m] [Py] whaleshark-team/cobra Source Code Security Audit (源代码安全审计)
[807星][1y] [Py] utkusen/leviathan wide range mass audit toolkit
[646星][1y] chybeta/code-audit-challenges Code-Audit-Challenges
[626星][8m] [Py] klen/pylama Code audit tool for python.
[399星][4m] [C] anssi-fr/ad-control-paths Active Directory Control Paths auditing and graphing tools
[355星][11m] [Py] enablesecurity/sipvicious SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems.
[293星][2m] [C#] ossindex/devaudit Open-source, cross-platform, multi-purpose security auditing tool
[263星][14d] [Py] exodus-privacy/exodus Platform to audit trackers used by Android application
[254星][1m] [Py] hubblestack/hubble Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe.
[240星][4m] [PowerShell] nccgroup/azucar Azure环境安全审计工具
[215星][1y] [C] meliot/filewatcher A simple auditing utility for macOS

社工(SET)&&钓鱼&&鱼叉攻击

未分类-SET

[1301星][26d] [CSS] undeadsec/socialfish 网络钓鱼培训与信息收集
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |
[742星][3m] [Py] threatexpress/domainhunter Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/未分类-OSINT |
[556星][2m] [Py] thewhiteh4t/seeker Accurately Locate Smartphones using Social Engineering
[305星][1m] [Py] raikia/uhoh365 A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.

社工

[4854星][2m] [Py] trustedsec/social-engineer-toolkit The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

钓鱼&&Phish

[8337星][17d] [Py] wifiphisher/wifiphisher 流氓AP框架, 用于RedTeam和Wi-Fi安全测试
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[4161星][12d] [Go] gophish/gophish 网络钓鱼工具包
[2721星][1m] [Go] kgretzky/evilginx2 独立的MITM攻击工具，用于登录凭证钓鱼，可绕过双因素认证
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[1402星][8m] [JS] anttiviljami/browser-autofill-phishing A simple demo of phishing by abusing the browser autofill feature
[1331星][10m] [HTML] thelinuxchoice/blackeye The most complete Phishing Tool, with 32 templates +1 customizable
[994星][17d] [Py] securestate/king-phisher Phishing Campaign Toolkit
[976星][1m] [Py] x0rz/phishing_catcher phishing_catcher：使用Certstream 捕获钓鱼域名
[861星][19d] [HTML] darksecdevelopers/hiddeneye Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ]
[858星][7m] [HTML] thelinuxchoice/shellphish 针对18个社交媒体的钓鱼工具：Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest
[831星][4m] [PHP] raikia/fiercephish FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
[828星][1y] [HTML] ustayready/credsniper CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
[524星][26d] [Py] shellphish/driller augmenting AFL with symbolic execution!
[348星][4m] [Py] tatanus/spf SpeedPhishing Framework
[297星][10m] [Py] mr-un1k0d3r/catmyphish Search for categorized domain
[265星][3m] [Go] muraenateam/muraena Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
[240星][2m] [Py] atexio/mercure 对员工进行网络钓鱼的培训
[228星][1y] [Jupyter Notebook] wesleyraptor/streamingphish 使用受监督的机器学习, 从证书透明度(Certificate Transparency)日志中检测钓鱼域名
[220星][3m] [Py] duo-labs/isthislegit isthislegit：收集、分析和回复网络钓鱼邮件的框架

鱼叉攻击

硬件设备&&USB&树莓派

未分类-Hardware

[2190星][18d] [Shell] eliaskotlyar/xiaomi-dafang-hacks
[2009星][1y] [C] xoreaxeaxeax/rosenbridge Hardware backdoors in some x86 CPUs
[1932星][13d] [Go] ullaakut/cameradar Cameradar hacks its way into RTSP videosurveillance cameras
[1327星][1y] [Py] carmaa/inception 利用基于PCI的DMA实现物理内存的操纵与Hacking，可以攻击FireWire，Thunderbolt，ExpressCard，PC Card和任何其他PCI / PCIe硬件接口
[1117星][10m] [JS] mame82/p4wnp1_aloa 将 Rapsberry Pi Zero W 转变成灵活的渗透平台
- 重复区段: 工具/环境配置&&分析系统/未分类-Env |
[962星][2m] [C] olimex/olinuxino OLINUXINO is Open Source / Open Hardware, low cost from EUR 24 Linux Industrial grade Single Board Computer capable to operate -25+85C
[516星][3m] [Java] 1998lixin/hardwarecode 基于xposed 修改硬件信息

USB

[3811星][17d] drduh/yubikey-guide Guide to using YubiKey for GPG and SSH
[2643星][12m] [Py] mame82/p4wnp1 基于Raspberry Pi Zero 或 Raspberry Pi Zero W 的USB攻击平台, 高度的可定制性
- 重复区段: 工具/硬件设备&&USB&树莓派/树莓派&&RaspberryPi |
[2149星][9m] [C] conorpp/u2f-zero U2F USB token optimized for physical security, affordability, and style
[1018星][28d] [C] solokeys/solo open security key supporting FIDO2 & U2F over USB + NFC
[982星][11m] [C#] kenvix/usbcopyer 插上U盘自动按需复制文件
[865星][2m] [C++] whid-injector/whid WiFi HID Injector - An USB Rubberducky / BadUSB On Steroids.
[832星][6m] [Objective-C] sevenbits/mac-linux-usb-loader Boot Linux on your Mac, easily
[825星][1m] [C++] openzwave/open-zwave a C++ library to control Z-Wave Networks via a USB Z-Wave Controller.
[744星][19d] [Py] snovvcrash/usbrip Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
- 重复区段: 工具/事件响应&&取证&&内存取证&&数字取证/取证&&Forensics&&数字取证&&内存取证 |
[695星][2m] [C] nuand/bladerf bladeRF USB 3.0 Superspeed Software Defined Radio Source Code
[596星][5m] [C] pelya/android-keyboard-gadget Convert your Android device into USB keyboard/mouse, control your PC from your Android device remotely, including BIOS/bootloader.
[410星][8m] [Shell] jsamr/bootiso A bash script to securely create a bootable USB device from one ISO file. Just curl it, chmod it and go!
[307星][3m] [Py] circl/circlean USB key cleaner
[305星][3m] [C++] cedarctic/digispark-scripts USB Rubber Ducky type scripts written for the DigiSpark.
[221星][5m] [ANTLR] myriadrf/limesdr-usb USB 3.0 version of the LimeSDR board

树莓派&&RaspberryPi

[2643星][12m] [Py] mame82/p4wnp1 基于Raspberry Pi Zero 或 Raspberry Pi Zero W 的USB攻击平台, 高度的可定制性
- 重复区段: 工具/硬件设备&&USB&树莓派/USB |
[1658星][7m] [Makefile] raspberrypi/noobs NOOBS (New Out Of Box Software) - An easy Operating System install manager for the Raspberry Pi
[1510星][1m] [C] raspberrypi/userland Source code for ARM side libraries for interfacing to Raspberry Pi GPU.
[296星][6m] [C++] cyphunk/jtagenum Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch…
[258星][5m] [Py] mbro95/portablecellnetwork Utilize a Raspberry Pi and a Nuand BladeRF to generate your own portable local cell network
[246星][4m] [Py] tipam/pi3d Simple, yet powerful, 3D Python graphics library for beginners and school children running on the Raspberry Pi.

车&&汽车&&Vehicle

[1305星][1m] jaredthecoder/awesome-vehicle-security
[768星][1y] [C++] polysync/oscc Open Source Car Control
[513星][7m] [Py] schutzwerk/canalyzat0r Security analysis toolkit for proprietary car protocols
[261星][1y] [Shell] jgamblin/carhackingtools Install and Configure Common Car Hacking Tools.
[216星][2m] [Py] caringcaribou/caringcaribou A friendly car security exploration tool for the CAN bus

环境配置&&分析系统

未分类-Env

[1571星][13d] [HTML] clong/detectionlab Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
[1371星][16d] [Go] crazy-max/windowsspyblocker
[1294星][2m] [C] cisco-talos/pyrebox 逆向沙箱，基于QEMU，Python Scriptable
[1117星][10m] [JS] mame82/p4wnp1_aloa 将 Rapsberry Pi Zero W 转变成灵活的渗透平台
- 重复区段: 工具/硬件设备&&USB&树莓派/未分类-Hardware |
[799星][3m] redhuntlabs/redhunt-os Virtual Machine for Adversary Emulation and Threat Hunting
[781星][2m] sh4hin/androl4b 用于评估Android应用程序，逆向工程和恶意软件分析的虚拟机
- 重复区段: 工具/移动&&Mobile/Android |
[560星][5m] [Ruby] sliim/pentest-env Pentest environment deployer (kali linux + targets) using vagrant and chef.
[210星][11m] [Shell] proxycannon/proxycannon-ng 使用多个云环境构建私人僵尸网络, 用于渗透测试和RedTeaming

Linux-Distro

[2830星][1m] [Py] trustedsec/ptf 创建基于Debian/Ubuntu/ArchLinux的渗透测试环境
[2310星][1m] security-onion-solutions/security-onion Linux distro for intrusion detection, enterprise security monitoring, and log management
[1459星][13d] [Shell] blackarch/blackarch BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers.
[342星][13d] [Shell] archstrike/archstrike An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

环境自动配置&&自动安装

[3058星][2m] [PowerShell] fireeye/commando-vm Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
[1686星][18d] [PowerShell] fireeye/flare-vm 火眼发布用于 Windows 恶意代码分析的虚拟机：FLARE VM

靶机&&漏洞环境&&漏洞App

未分类-VulnerableMachine

[4986星][1m] [Shell] vulhub/vulhub Pre-Built Vulnerable Environments Based on Docker-Compose
[3680星][2m] [PHP] ethicalhack3r/dvwa Damn Vulnerable Web Application (DVWA)
[2536星][25d] [Shell] medicean/vulapps 快速搭建各种漏洞环境(Various vulnerability environment)
[2382星][27d] [TSQL] rapid7/metasploitable3 Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
[1522星][1m] [PHP] c0ny1/upload-labs 一个帮你总结所有类型的上传漏洞的靶场
[981星][1m] [C] hacksysteam/hacksysextremevulnerabledriver HackSys Extreme Vulnerable Windows Driver
[831星][27d] [JS] lirantal/is-website-vulnerable finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
[741星][1m] [Ruby] rubysec/ruby-advisory-db A database of vulnerable Ruby Gems
[633星][2m] [HCL] rhinosecuritylabs/cloudgoat CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
[577星][2m] [HTML] owasp/railsgoat A vulnerable version of Rails that follows the OWASP Top 10
[563星][1m] [C++] bkerler/exploit_me 带洞的 ARMApp, 可用于漏洞开发练习
[517星][5m] [PHP] acmesec/dorabox DoraBox - 基础Web漏洞训练靶场
[311星][28d] [Py] owasp/owasp-vwad The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
[252星][2m] [PHP] incredibleindishell/ssrf_vulnerable_lab This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
[237星][2m] [JS] owasp/dvsa a Damn Vulnerable Serverless Application
[218星][11m] [C] stephenbradshaw/vulnserver Vulnerable server used for learning software exploitation

WebApp

[2902星][13d] [JS] webgoat/webgoat 带漏洞WebApp
[2556星][15d] [JS] bkimminich/juice-shop OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
[459星][14d] [Py] stamparm/dsvw Damn Small Vulnerable Web
[427星][3m] [Py] payatu/tiredful-api An intentionally designed broken web application based on REST API.
[289星][1y] [CSS] appsecco/dvna Damn Vulnerable NodeJS Application
[218星][5m] [JS] cr0hn/vulnerable-node A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

靶机生成

[1699星][13d] [Ruby] cliffe/secgen Create randomly insecure VMs
[1408星][5m] [PHP] s4n7h0/xvwa XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
[305星][7m] [Ruby] secgen/secgen Generate vulnerable virtual machines on the fly (current team development is taking place in the cliffe/SecGen fork)

收集

[358星][4m] xtiankisutsa/awesome-mobile-ctf This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
- 重复区段: 工具/CTF&&HTB/收集 |

MobileApp

[645星][4m] [Java] dineshshetty/android-insecurebankv2 Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
[203星][2m] [Java] owasp/mstg-hacking-playground 不安全的iOS/Android App集合

浏览嗅探&&流量拦截&&流量分析&&中间人

未分类-Network

[11823星][24d] [Go] buger/goreplay 实时捕获HTTP流量并输入测试环境，以便持续使用真实数据测试你的系统
[6391星][1m] [Py] networkx/networkx 用于创建、操纵和研究复杂网络的结构，Python包
[5204星][6m] [Py] usarmyresearchlab/dshell 网络审计分析
[4526星][15d] [Py] secdev/scapy 交互式数据包操作, Python, 命令行+库
[4144星][11m] [JS] kdzwinel/betwixt Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface.
[3729星][20d] [Py] secureauthcorp/impacket Python类收集, 用于与网络协议交互
[3482星][15d] [JS] aol/moloch 数据包捕获、索引工具，支持数据库
[3480星][7m] [Go] fanpei91/torsniff torsniff - a sniffer that sniffs torrents from BitTorrent network
[3191星][14d] [Py] stamparm/maltrail 恶意网络流量检测系统
[3096星][25d] [C] valdikss/goodbyedpi GoodbyeDPI—Passive Deep Packet Inspection blocker and Active DPI circumvention utility (for Windows)
[2503星][7m] [C++] chengr28/pcap_dnsproxy Pcap_DNSProxy, a local DNS server based on packet capturing
[1877星][28d] [C] ntop/ndpi Open Source Deep Packet Inspection Software Toolkit
[1799星][1m] [C] merbanan/rtl_433 Program to decode traffic from Devices that are broadcasting on 433.9 MHz like temperature sensors
[1419星][2m] [Go] google/stenographer Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
[1328星][2m] [C++] mfontanini/libtins High-level, multiplatform C++ network packet sniffing and crafting library.
[1271星][2m] [C] traviscross/mtr Official repository for mtr, a network diagnostic tool
[1258星][1m] [Go] dreadl0ck/netcap A framework for secure and scalable network traffic analysis -
[1207星][1y] [Py] danmcinerney/net-creds Sniffs sensitive data from interface or pcap
[1056星][6m] [PowerShell] nytrorst/netripper 后渗透工具,针对Windows, 使用API Hooking拦截网络流量和加密相关函数, 可捕获明文和加密前后的内容
[1046星][10m] [C++] simsong/tcpflow TCP/IP packet demultiplexer. Download from:
[952星][2m] [Py] kiminewt/pyshark Python wrapper for tshark, allowing python packet parsing using wireshark dissectors
[945星][7m] [Py] fireeye/flare-fakenet-ng 下一代动态网络分析工具
[853星][3m] [C] cisco/joy 捕获和分析网络流数据和intraflow数据，用于网络研究、取证和安全监视
[820星][6m] [Go] 40t/go-sniffer
[817星][29d] [C] zerbea/hcxtools Portable solution for capturing wlan traffic and conversion to hashcat formats (recommended by hashcat) and to John the Ripper formats. hcx: h = hash, c = capture, convert and calculate candidates, x = different hashtypes
[800星][2m] [C] emmericp/ixy Simple userspace packet processing for educational purposes
[790星][7m] [Py] phaethon/kamene Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
[779星][2m] [C] netsniff-ng/netsniff-ng A Swiss army knife for your daily Linux network plumbing.
[713星][2m] [Py] cloudflare/bpftools BPF Tools - packet analyst toolkit
[652星][1m] [Py] kbandla/dpkt fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
[645星][1m] [C] zerbea/hcxdumptool Small tool to capture packets from wlan devices.
[636星][1y] [Go] ga0/netgraph A cross platform http sniffer with a web UI
[509星][9m] [Perl] mrash/fwknop Single Packet Authorization > Port Knocking
[505星][7m] [C++] kohler/click The Click modular router: fast modular packet processing and analysis
[499星][1m] [C] sam-github/libnet A portable framework for low-level network packet construction
[458星][1m] [Py] netzob/netzob Protocol Reverse Engineering, Modeling and Fuzzing
[451星][4m] [C] jarun/keysniffer
[440星][20d] [C#] malwareinfosec/ekfiddle A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.
[435星][2m] [C++] pstavirs/ostinato Packet/Traffic Generator and Analyzer
[431星][2m] [Ruby] aderyabin/sniffer Log and Analyze Outgoing HTTP Requests
[412星][10m] [C] jpr5/ngrep ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF f…
[411星][2m] [C] desowin/usbpcap USB packet capture for Windows
[407星][8m] [Py] mitrecnd/chopshop Protocol Analysis/Decoder Framework
[387星][1m] [Rust] kpcyrd/sniffglue Secure multithreaded packet sniffer
[382星][2m] [Go] alphasoc/flightsim A utility to generate malicious network traffic and evaluate controls
[379星][4m] [PHP] floedesigntechnologies/phpcs-security-audit phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
[375星][28d] [Py] idaholab/malcolm Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.
[330星][12m] [Ruby] packetfu/packetfu 数据包篡改工具。Ruby语言编写。
[326星][14d] [TypeScript] shroudedcode/apk-mitm
- 重复区段: 工具/移动&&Mobile/Android |工具/浏览嗅探&&流量拦截&&流量分析&&中间人/中间人&&MITM |
[303星][1y] [Py] tintinweb/scapy-ssl_tls SSL/TLS layers for scapy the interactive packet manipulation tool
[292星][4m] [C] pulkin/esp8266-injection-example Example project to demonstrate packet injection / sniffer capabilities of ESP8266 IC.
[278星][23d] [C] troglobit/nemesis 网络数据包构造和注入的命令行工具
[273星][9m] [C] jiaoxianjun/btle Bluetooth Low Energy (BLE) packet sniffer and generator for both standard and non standard (raw bit).
[254星][2m] [Go] sachaos/tcpterm tcpterm is a packet visualizer in TUI.
[243星][7m] [Py] needmorecowbell/sniff-paste Pastebin OSINT Harvester
[241星][2m] [C] nccgroup/sniffle A sniffer for Bluetooth 5 and 4.x LE
[218星][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- 重复区段: 工具/蓝牙&&Bluetooth |工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[213星][2m] [C] dns-oarc/dnscap Network capture utility designed specifically for DNS traffic

中间人&&MITM

[16743星][18d] [Py] mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
- 重复区段: 工具/通信&&代理&&反向代理&&隧道/未分类-Proxy |
[6294星][12d] [Go] bettercap/bettercap 新版的bettercap, Go 编写. bettercap 是强大的、模块化、可移植且易于扩展的 MITM 框架, 旧版用 Ruby 编写
[2886星][1y] [Py] byt3bl33d3r/mitmf Framework for Man-In-The-Middle attacks
[2721星][1m] [Go] kgretzky/evilginx2 独立的MITM攻击工具，用于登录凭证钓鱼，可绕过双因素认证
- 重复区段: 工具/社工(SET)&&钓鱼&&鱼叉攻击/钓鱼&&Phish |
[2480星][15d] [Py] evilsocket/pwnagotchi (⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
- 重复区段: 工具/人工智能&&机器学习&&深度学习&&神经网络/未分类-AI |工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[1258星][2m] [Go] unrolled/secure HTTP middleware for Go that facilitates some quick security wins.
[1199星][3m] [C] droe/sslsplit 透明SSL/TLS拦截
[1184星][2m] [Py] jtesta/ssh-mitm ssh-mitm：SSH 中间人攻击工具
[1085星][7m] [Ruby] lionsec/xerosploit Efficient and advanced man in the middle framework
[1017星][3m] [PowerShell] kevin-robertson/inveigh Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
[999星][7m] [Go] justinas/nosurf CSRF protection middleware for Go.
[983星][1y] [HTML] sensepost/mana DEPRECATED mana toolkit for wifi rogue AP attacks and MitM
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |
[977星][30d] [Py] syss-research/seth Perform a MitM attack and extract clear text credentials from RDP connections
[568星][11m] [HTML] r00t-3xp10it/morpheus Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool)
[551星][8m] [Py] fox-it/mitm6 mitm6: 攻击代码
[509星][5m] [JS] moll/node-mitm Intercept and mock outgoing Node.js network TCP connections and HTTP requests for testing. Intercepts and gives you a Net.Socket, Http.IncomingMessage and Http.ServerResponse to test and respond with. Super useful when testing code that hits remote servers.
[432星][1y] [JS] digitalsecurity/btlejuice BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework
[393星][3m] [Go] cloudflare/mitmengine A MITM (monster-in-the-middle) detection tool. Used to build MALCOLM:
[382星][3m] [JS] joeferner/node-http-mitm-proxy HTTP Man In The Middle (MITM) Proxy
[379星][1y] [JS] securing/gattacker A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
[365星][10m] [Py] crypt0s/fakedns A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
[347星][17d] [Py] gosecure/pyrdp RDP man-in-the-middle (mitm) and library for Python 3 with the ability to watch connections live or after the fact
[347星][1y] [Py] quickbreach/smbetray SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
[326星][14d] [TypeScript] shroudedcode/apk-mitm
- 重复区段: 工具/移动&&Mobile/Android |工具/浏览嗅探&&流量拦截&&流量分析&&中间人/未分类-Network |
[294星][1y] [Shell] cryptolok/ghostinthenet Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/未分类-Scanner |
[225星][8m] [Py] ivanvza/arpy Mac OSX ARP spoof (MiTM) tool that can also plug into Gource
[205星][3m] sab0tag3d/mitm-cheatsheet All MITM attacks in one place.

流量嗅探&&监控

[3480星][7m] [Go] fanpei91/torsniff 从BitTorrent网络嗅探种子
[2950星][14d] [Lua] ntop/ntopng 基于Web的流量监控工具
[1328星][1y] [C] gamelinux/passivedns A network sniffer that logs all DNS server replies for use in a passive DNS setup
[286星][1m] [Shell] tehw0lf/airbash airbash: 全自动的WPAPSK握手包捕获脚本, 用于渗透测试

pcap数据包

[820星][13d] [C++] seladb/pcapplusplus PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
[780星][3m] [Py] srinivas11789/pcapxray A Network Forensics Tool
[459星][30d] [C#] chmorgan/sharppcap Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
[210星][12m] [Py] mateuszk87/pcapviz Visualize network topologies and collect graph statistics based on pcap files
[209星][7m] [JS] dirtbags/pcapdb 分布式、搜索优化的网络数据包捕获系统
[206星][4m] [Py] pynetwork/pypcap python libpcap module, forked from code.google.com/p/pypcap, now actively maintained

劫持&&TCP/HTTP/流量劫持

协议分析&&流量分析

[1401星][1m] [Go] skydive-project/skydive An open source real-time network topology and protocols analyzer

密码&&凭证

未分类-Password

[4772星][1m] [Py] alessandroz/lazagne Credentials recovery project
[1441星][1y] [Py] d4vinci/cr3dov3r Know the dangers of credential reuse attacks.
[1025星][1y] [PowerShell] danmcinerney/icebreaker Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
[891星][16d] [C] cossacklabs/themis themis：用于存储或通信的加密库，可用于Swift, ObjC, Android, С++, JS, Python, Ruby, PHP, Go。
[514星][2m] [Py] unode/firefox_decrypt Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox/Thunderbird/Seabird) profiles
[492星][2m] [Py] byt3bl33d3r/sprayingtoolkit Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
[483星][1y] [JS] emilbayes/secure-password Making Password storage safer for all
[442星][1y] [Go] ncsa/ssh-auditor 扫描网络中的弱SSH密码
[385星][11m] [Shell] mthbernardes/sshlooter Script to steal passwords from ssh.
[347星][3m] [Py] davidtavarez/pwndb Search for leaked credentials
[295星][5m] [C#] raikia/credninja A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
[284星][6m] [Shell] greenwolf/spray A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
[272星][2m] [JS] kspearrin/ff-password-exporter Easily export your passwords from Firefox.
[267星][1m] [Py] xfreed0m/rdpassspray Python3 tool to perform password spraying using RDP
[255星][5m] [C] rub-syssec/omen Ordered Markov ENumerator - Password Guesser
[210星][3m] [Ruby] bdmac/strong_password Entropy-based password strength checking for Ruby and Rails.

密码

[6832星][17d] [C] hashcat/hashcat 世界上最快最先进的密码恢复工具
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/后渗透/未分类-post-exp |
[5149星][12m] [JS] samyk/poisontap Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
[3083星][13d] [C] magnumripper/johntheripper This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS:
[2536星][1m] [C] huntergregal/mimipenguin dump 当前Linux用户的登录密码
[1124星][7m] [Py] mebus/cupp Common User Passwords Profiler (CUPP)
[859星][4m] [Go] fireeye/gocrack 火眼开源的密码破解工具，可以跨多个 GPU 服务器执行任务
[843星][2m] [Go] ukhomeoffice/repo-security-scanner CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
[628星][1y] [Java] faizann24/wifi-bruteforcer-fsecurify Android app，无需 Root 即可爆破 Wifi 密码
[585星][1y] [Py] brannondorsey/passgan A Deep Learning Approach for Password Guessing (
[578星][6m] [C] hashcat/hashcat-utils Small utilities that are useful in advanced password cracking
[574星][3m] [Py] thewhiteh4t/pwnedornot OSINT Tool for Finding Passwords of Compromised Email Addresses
[482星][1y] [PowerShell] dafthack/domainpasswordspray DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
[404星][1y] [C++] vah13/extracttvpasswords tool to extract passwords from TeamViewer memory using Frida
[344星][7m] [Py] iphelix/pack PACK (Password Analysis and Cracking Kit)
[318星][2m] [JS] auth0/repo-supervisor Serverless工具，在pull请求中扫描源码，搜索密码及其他秘密
[318星][1m] [CSS] guyoung/captfencoder CaptfEncoder是一款跨平台网络安全工具套件，提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具，并聚合各类在线工具。

古老的&&有新的替代版本的

[1593星][3m] [Py] knownsec/pocsuite This project has stopped to maintenance, please to
[1510星][1y] dripcap/dripcap
[845星][1y] [Py] kgretzky/evilginx PLEASE USE NEW VERSION:

Windows

[8590星][3m] [C] gentilkiwi/mimikatz A little tool to play with Windows security
[2084星][1m] [Py] trustedsec/unicorn 通过PowerShell降级攻击, 直接将Shellcode注入到内存

webshell

收集

[21409星][14d] [PHP] danielmiessler/seclists 多种类型资源收集：用户名、密码、URL、敏感数据类型、Fuzzing Payload、WebShell等
- 重复区段: 工具/wordlist/收集 |工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload收集 |
[5033星][1m] [PHP] tennc/webshell webshell收集

未分类-webshell

[1739星][2m] [Py] epinna/weevely3 Weaponized web shell
[956星][1m] [Py] yzddmr6/webshell-venom 免杀webshell无限生成工具(利用随机异或无限免杀D盾)
[474星][7m] [ASP] landgrey/webshell-detect-bypass 绕过专业工具检测的Webshell研究文章和免杀的Webshell
[421星][1y] [Py] shmilylty/cheetah a very fast brute force webshell password tool
[411星][1y] [PHP] ysrc/webshell-sample 收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。
[366星][5m] [PHP] blackarch/webshells Various webshells. We accept pull requests for additions to this collection.
[351星][7m] [PHP] s0md3v/nano PHP Webshell家族
[305星][8m] [Py] wangyihang/webshell-sniper webshell管理器，命令行工具
[282星][1y] [JS] chrisallenlane/novahot Webshell框架，实现了基于Json的API，可与任何语言编写的后门（默认支持PHP/Ruby/Python）进行通信。
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/后渗透/未分类-post-exp |
[243星][8m] [Py] antoniococo/sharpyshell ASP.NET webshell，小型，混淆，针对C# Web App
[207星][6m] [PHP] samdark/yii2-webshell Web shell allows to run yii console commands using a browser

辅助周边

未分类

[25893星][12d] [Py] certbot/certbot Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
[7594星][17d] [JS] gchq/cyberchef The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
[4838星][2m] [Rust] sharkdp/hexyl 命令行中查看hex
[4230星][14d] [JS] cure53/dompurify DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
[3166星][6m] [HTML] leizongmin/js-xss Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
[3078星][2m] [Shell] trimstray/htrace.sh My simple Swiss Army knife for http/https troubleshooting and profiling.
[949星][8m] [Go] maliceio/malice 开源版的VirusTotal
[500星][17d] [Py] certtools/intelmq IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
[464星][4m] [JS] ehrishirajsharma/swiftnessx A cross-platform note-taking & target-tracking app for penetration testers.

TLS&&SSL&&HTTPS

[4292星][5m] [Py] diafygi/acme-tiny A tiny script to issue and renew TLS certs from Let's Encrypt
[1663星][2m] [HTML] chromium/badssl.com
[1177星][2m] [Go] jsha/minica minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
[1126星][19d] [Go] smallstep/certificates 私有的证书颁发机构（X.509和SSH）和ACME服务器，用于安全的自动证书管理，因此您可以在SSH和SSO处使用TLS
[507星][14d] [Java] rub-nds/tls-attacker TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is developed by the Ruhr University Bochum (

事件响应&&取证&&内存取证&&数字取证

未分类-Forensics

事件响应&&IncidentResponse

[3054星][14d] meirwah/awesome-incident-response A curated list of tools for incident response
[1801星][4m] bypass007/emergency-response-notes 应急响应实战笔记，一个安全工程师的自我修养。
[1310星][3m] [HTML] thehive-project/thehive TheHive: a Scalable, Open Source and Free Security Incident Response Platform
[1132星][10m] [Py] certsocietegenerale/fir Fast Incident Response
[988星][9m] [Go] gencebay/httplive HTTP Request & Response Service, Mock HTTP
[965星][1m] [JS] monzo/response Monzo's real-time incident response and reporting tool
[764星][16d] microsoft/msrc-security-research Security Research from the Microsoft Security Response Center (MSRC)
[744星][10m] [PowerShell] davehull/kansa A Powershell incident response framework
[710星][2m] [HTML] pagerduty/incident-response-docs PagerDuty's Incident Response Documentation.
[634星][9m] [Roff] palantir/windows-event-forwarding 使用 Windows 事件转发实现网络事件监测和防御
[627星][21d] [Kotlin] chuckerteam/chucker simplifies the inspection of HTTP(S) requests/responses, and Throwables fired by your Android App
[579星][9m] [Go] nytimes/gziphandler Go middleware to gzip HTTP responses
[535星][5m] [Py] owasp/qrljacking 一个简单的能够进行会话劫持的社会工程攻击向量，影响所有使用“使用 QR 码登录”作为安全登录方式的应用程序。（ Quick Response CodeLogin Jacking）
[459星][6m] palantir/osquery-configuration 使用 osquery 做事件检测和响应
[452星][28d] [Py] controlscanmdr/cyphon 事件管理和响应平台
[286星][1m] [Py] alexandreborges/malwoverview Malwoverview.py is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
[251星][1m] [C#] orlikoski/cylr CyLR - Live Response Collection Tool
[204星][2m] [PowerShell] wiredpulse/posh-r2 PowerShell - Rapid Response... For the incident responder in you!

取证&&Forensics&&数字取证&&内存取证

[3315星][2m] [Py] google/grr GRR Rapid Response: remote live forensics for incident response
[1486星][9m] [Py] google/rekall Rekall Memory Forensic Framework
[1465星][18d] [C] sleuthkit/sleuthkit The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
[1200星][27d] [Py] google/timesketch Collaborative forensic timeline analysis
[1152星][2m] [Go] mozilla/mig mig：分布式实时数字取证和研究平台
[953星][1m] [Rich Text Format] decalage2/oletools oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
[940星][17d] [C++] hasherezade/pe-sieve Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
[909星][2m] [Py] ondyari/faceforensics Github of the FaceForensics dataset
[826星][12d] [Java] sleuthkit/autopsy Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
[817星][21d] cugu/awesome-forensics A curated list of awesome forensic analysis tools and resources
[802星][14d] [Py] yampelo/beagle Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
[744星][19d] [Py] snovvcrash/usbrip Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
- 重复区段: 工具/硬件设备&&USB&树莓派/USB |
[419星][2m] [Py] obsidianforensics/hindsight Internet history forensics for Google Chrome/Chromium
[400星][14d] [Py] forensicartifacts/artifacts Digital Forensics Artifact Repository
[391星][10m] [Go] mozilla/masche MIG Memory Forensic library
[321星][10m] [Py] alessandroz/lazagneforensic Windows passwords decryption from dump files
[317星][3m] [HTML] intezer/linux-explorer linux-explorer: 针对Linux 系统的现场取证工具箱. Web 界面, 简单易用
[311星][8m] [Py] n0fate/chainbreaker Mac OS X Keychain Forensic Tool
[301星][2m] [Py] google/turbinia Automation and Scaling of Digital Forensics Tools
[296星][24d] [Shell] vitaly-kamluk/bitscout bitscout：远程数据取证工具
[268星][12d] [Perl] owasp/o-saft O-Saft - OWASP SSL advanced forensic tool
[255星][6m] [Batchfile] diogo-fernan/ir-rescue A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
[250星][21d] [Py] google/docker-explorer A tool to help forensicate offline docker acquisitions
[248星][12m] [C++] comaeio/swishdbgext Incident Response & Digital Forensics Debugging Extension
[243星][11m] [Py] crowdstrike/forensics Scripts and code referenced in CrowdStrike blog posts
[241星][1m] [Py] orlikoski/cdqr The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
[227星][30d] [C] elfmaster/libelfmaster Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
[217星][2m] [Py] crowdstrike/automactc AutoMacTC: Automated Mac Forensic Triage Collector

Volatility

[3199星][2m] [Py] volatilityfoundation/volatility An advanced memory forensics framework
[308星][7m] [Py] jasonstrimpel/volatility-trading A complete set of volatility estimators based on Euan Sinclair's Volatility Trading
[224星][2m] [Py] volatilityfoundation/profiles Volatility profiles for Linux and Mac OS X
[219星][1m] [Py] volatilityfoundation/community Volatility plugins developed and maintained by the community

密罐&&Honeypot

未分类-Honeypot

[1784星][1m] [Py] threatstream/mhn 蜜罐网络
[1259星][21d] [C] dtag-dev-sec/tpotce tpotce：创建多蜜罐平台T-Pot ISO 镜像
[1201星][24d] [Go] hacklcx/hfish 扩展企业安全测试主动诱导型开源蜜罐框架系统，记录黑客攻击手段
[400星][3m] [Py] nsmfoo/antivmdetection Script to create templates to use with VirtualBox to make vm detection harder
[356星][2m] [Py] p1r06u3/opencanary_web The web management platform of honeypot
[325星][1y] [JS] shmakov/honeypot Low interaction honeypot that displays real time attacks
[303星][1m] [Py] hatching/vmcloak Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
[271星][1y] [Py] gbafana25/esp8266_honeypot THE ESP8266 HONEYPOT: A PROJECT TO TRAP SCRIPT KIDDIES EVERYWHRE!!
[229星][1y] [Shell] aplura/tango Honeypot Intelligence with Splunk
[227星][9m] [Py] honeynet/beeswarm Honeypot deployment made easy
[219星][1m] [Py] jamesturk/django-honeypot

密罐

[735星][1m] [Py] buffer/thug Python low-interaction honeyclient
[687星][4m] [Py] mushorg/conpot ICS/SCADA honeypot
[668星][6m] [Go] honeytrap/honeytrap 高级蜜罐框架, 可以运行/监控/管理蜜罐. Go语言编写
[574星][2m] [Py] thinkst/opencanary Modular and decentralised honeypot
[396星][2m] [Py] mushorg/glastopf Web Application Honeypot
[379星][3m] [Py] foospidy/honeypy A low to medium interaction honeypot.
[371星][1m] [Py] dinotools/dionaea Home of the dionaea honeypot
[224星][1m] [Py] johnnykv/heralding Credentials catching honeypot
[215星][1m] [Py] mushorg/snare Super Next generation Advanced Reactive honEypot

收集

[3708星][1m] [Py] paralax/awesome-honeypots an awesome list of honeypot resources

SSH&&Telnet

[2906星][18d] [Py] cowrie/cowrie cowrie：中型/交互型 SSH/Telnet 蜜罐，
[272星][27d] [C] droberson/ssh-honeypot Fake sshd that logs ip addresses, usernames, and passwords.

TCP&&UDP

HTTP&&Web

[433星][1y] [Py] 0x4d31/honeylambda honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

ActiveDirectory

SMTP

打印机

Elasticsearch

ADB

蓝牙&&Bluetooth

[1261星][1m] [Py] virtualabs/btlejack Bluetooth Low Energy Swiss-army knife
[1120星][9m] evilsocket/bleah 低功耗蓝牙扫描器
[865星][3m] [Java] googlearchive/android-bluetoothlegatt Migrated:
[292星][11m] [JS] jeija/bluefluff Reverse Engineering Furby Connect's Bluetooth Protocol and Update Format

其他类型

Wordpress

威胁情报

未分类-ThreatIntelligence

[2390星][13d] [PHP] misp/misp MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
[1836星][3m] [YARA] yara-rules/rules Repository of yara rules
[1246星][15d] [Shell] firehol/blocklist-ipsets ipsets dynamically updated with firehol's update-ipsets.sh script
[826星][19d] [YARA] neo23x0/signature-base Signature base for my scanner tools
[824星][27d] [JS] opencti-platform/opencti Open Cyber Threat Intelligence Platform
[786星][17d] [Py] yeti-platform/yeti yeti：情报威胁管理平台
[715星][24d] [C++] facebook/threatexchange Share threat information with vetted partners
[704星][2m] [Go] activecm/rita Real Intelligence Threat Analytics
[505星][6m] [Py] te-k/harpoon CLI tool for open source and threat intelligence
[444星][4m] [PHP] kasperskylab/klara Kaspersky's GReAT KLara
[411星][1m] mitre/cti Cyber Threat Intelligence Repository expressed in STIX 2.0
[407星][3m] [Scala] thehive-project/cortex Cortex: a Powerful Observable Analysis and Active Response Engine
[374星][7m] [Py] hurricanelabs/machinae Machinae Security Intelligence Collector
[290星][6m] [YARA] supportintelligence/icewater 16,432 Free Yara rules created by
[253星][2m] [Py] diogo-fernan/malsub A Python RESTful API framework for online malware analysis and threat intelligence services.
[234星][2m] [Py] cylance/cybot Open Source Threat Intelligence Chat Bot
[231星][1m] [Py] anouarbensaad/vulnx An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of CMS
[217星][2m] [Py] inquest/threatingestor Extract and aggregate threat intelligence.
[208星][18d] [Py] inquest/omnibus The OSINT Omnibus (beta release)
[201星][3m] [Py] yelp/threat_intel Threat Intelligence APIs

收集

[3117星][5m] hslatman/awesome-threat-intelligence A curated list of Awesome Threat Intelligence resources
[1459星][14d] [YARA] cybermonitor/apt_cybercriminal_campagin_collections APT & CyberCriminal Campaign Collection

IOC

未分类

[1408星][1m] [Py] neo23x0/loki Loki - Simple IOC and Incident Response Scanner
[208星][4m] [Shell] neo23x0/fenrir Simple Bash IOC Scanner

IOC集合

[405星][8m] [Shell] sroberts/awesome-iocs A collection of sources of indicators of compromise.

IOC提取

[212星][23d] [Py] inquest/python-iocextract IoC提取器

IOC获取

[652星][13d] [Py] blackorbird/apt_report Interesting apt report collection and some special ioc express
[626星][28d] [YARA] eset/malware-ioc Indicators of Compromises (IOC) of our various investigations
[418星][1y] [JS] ciscocsirt/gosint 收集、处理、索引高质量IOC的框架
[303星][1y] [Py] fsecurelabs/win_driver_plugin A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
[257星][2m] [PHP] pan-unit42/iocs Indicators from Unit 42 Public Reports

防护&&Defense

未分类-Defense

[630星][5m] [Py] binarydefense/artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

WAF

[3248星][2m] [C] nbs-system/naxsi NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
[3125星][17d] [C++] spiderlabs/modsecurity ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
[617星][2m] [Py] 3xp10it/xwaf waf 自动爆破(绕过)工具
[600星][3m] [Lua] jx-sec/jxwaf JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的web应用防火墙
[599星][1y] [Lua] unixhot/waf 使用Nginx+Lua实现的WAF（版本v1.0）
[543星][7m] [Py] s0md3v/blazy Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
[500星][1m] [Go] janusec/janusec Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing.
[462星][7m] [Java] chengdedeng/waf
[436星][2m] [PHP] akaunting/firewall Web Application Firewall (WAF) package for Laravel
[424星][8m] [Py] aws-samples/aws-waf-sample This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
[406星][1m] [C#] jbe2277/waf Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
[401星][7m] [Py] awslabs/aws-waf-security-automations This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
[401星][10m] [C] titansec/openwaf Web security protection system based on openresty
[243星][1y] [Py] warflop/cloudbunny CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
[207星][6m] [C] coolervoid/raptor_waf Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta

防火墙&&FireWall

[4162星][2m] [Py] evilsocket/opensnitch opensnitch：Little Snitch 应用程序防火墙的 GNU/Linux 版本。（Little Snitch：Mac操作系统的应用程序防火墙，能防止应用程序在你不知道的情况下自动访问网络）
[3186星][1m] [Objective-C] objective-see/lulu LuLu is the free macOS firewall
[1515星][12d] [Java] ukanth/afwall AFWall+ (Android Firewall +) - iptables based firewall for Android
[1031星][9m] [Shell] firehol/firehol A firewall for humans...
[817星][4m] trimstray/iptables-essentials Iptables Essentials: Common Firewall Rules and Commands.
[545星][6m] [Go] sysdream/chashell Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
[449星][5m] [Shell] vincentcox/bypass-firewalls-by-dns-history Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
[232星][4m] [Shell] essandess/macos-fortress Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
[220星][1y] [Go] maksadbek/tcpovericmp TCP implementation over ICMP protocol to bypass firewalls

IDS&&IPS

[2874星][27d] [Zeek] zeek/zeek Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
[2798星][1m] [C] ossec/ossec-hids ossec-hids：入侵检测系统
[1589星][1m] [Go] ysrc/yulong-hids 一款由 YSRC 开源的主机入侵检测系统
[1252星][1m] [C] oisf/suricata a network IDS, IPS and NSM engine
[524星][19d] [Py] 0kee-team/watchad AD Security Intrusion Detection System
[507星][4m] [C] decaf-project/decaf DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
[489星][7m] [Shell] stamusnetworks/selks A Suricata based IDS/IPS distro
[369星][6m] jnusimba/androidsecnotes some learning notes about Android Security
[278星][13d] [C] ebwi11/agentsmith-hids Low performance loss and by LKM technology HIDS tool, from E_Bwill.
[243星][1y] [Perl] mrash/psad psad：iptables 的入侵检测和日志分析（psad：Port Scan Attack Detector）
[220星][1m] [Py] secureworks/dalton dalton: 使用预定义/指定的规则, 针对IDS传感器(例如Snort/Suricata)进行网络数据包捕获

爬虫

[741星][19d] [Py] nekmo/dirhunt Web爬虫, 针对搜索和分析路径做了优化
- 重复区段: 工具/扫描器&&安全扫描&&App扫描&&漏洞扫描/未分类-Scanner |

wordlist

未分类-wordlist

[1668星][7m] [Py] guelfoweb/knock 使用 Wordlist 枚举子域名
- 重复区段: 工具/侦察&&信息收集&&子域名发现与枚举&&OSINT/子域名枚举&&爆破 |
[382星][3m] [Ruby] digininja/cewl CeWL is a Custom Word List Generator
[328星][4m] [Py] initstring/passphrase-wordlist Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
[251星][1y] [Py] berzerk0/bewgor Bull's Eye Wordlist Generator - Does your password rely on predictable patterns of accessible info?

收集

[21409星][14d] [PHP] danielmiessler/seclists 多种类型资源收集：用户名、密码、URL、敏感数据类型、Fuzzing Payload、WebShell等
- 重复区段: 工具/webshell/收集 |工具/渗透&&offensive&&渗透框架&&后渗透框架/Payload&&远控&&RAT/Payload收集 |
[5955星][6m] berzerk0/probable-wordlists Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

Wordlist生成

泄漏&&Breach&&Leak

[1358星][5m] gitguardian/apisecuritybestpractices Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
[885星][21d] [Py] woj-ciech/leaklooker Find open databases - Powered by Binaryedge.io

破解&&Crack&&爆破&&BruteForce

[3217星][18d] [C] vanhauser-thc/thc-hydra 网络登录破解，支持多种服务
[1885星][1m] [Py] lanjelot/patator Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
[1042星][3m] [Py] landgrey/pydictor A powerful and useful hacker dictionary builder for a brute-force attack
[875星][2m] [Py] trustedsec/hate_crack hate_crack: 使用HashCat 的自动哈希破解工具
[789星][6m] [C] brendan-rius/c-jwt-cracker C 语言编写的 JWT 爆破工具
[780星][10m] [Py] mak-/parameth 在文件中(例如PHP 文件)暴力搜索GET 和 POST 请求的参数
[748星][4m] [Py] s0md3v/hash-buster Crack hashes in seconds.
[679星][7m] [Shell] 1n3/brutex Automatically brute force all services running on a target.
[625星][2m] [JS] animir/node-rate-limiter-flexible Node.js rate limit requests by key and protection from DDoS and Brute-Force attacks in process Memory, Redis, MongoDb, Memcached, MySQL, PostgreSQL, Cluster or PM
[619星][4m] [C#] shack2/snetcracker 超级弱口令检查工具是一款Windows平台的弱口令审计工具，支持批量多线程检查，可快速发现弱密码、弱口令账号，密码支持和用户名结合进行检查，大大提高成功率，支持自定义服务端口和字典。
[606星][1y] [C] nfc-tools/mfoc Mifare Classic Offline Cracker
[551星][5m] [PHP] s3inlc/hashtopolis Hashcat wrapper, 用于跨平台分布式Hash破解
[546星][1y] [CSS] hashview/hashview 密码破解和分析工具
[516星][3m] [C] nmap/ncrack Ncrack network authentication tool
[507星][1m] [Py] pure-l0g1c/instagram Bruteforce attack for Instagram
[499星][3m] duyetdev/bruteforce-database Bruteforce database
[487星][1y] [C] mikeryan/crackle Crack and decrypt BLE encryption
[437星][1y] [C] ryancdotorg/brainflayer A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
[435星][5m] [JS] coalfire-research/npk A mostly-serverless distributed hash cracking platform
[380星][25d] [Py] ticarpi/jwt_tool jwt_tool：测试，调整和破解JSON Web Token 的工具包
[351星][2m] [Py] denyhosts/denyhosts Automated host blocking from SSH brute force attacks
[307星][10m] [C] e-ago/bitcracker bitcracker：BitLocker密码破解器
[287星][11m] [Shell] cyb0r9/socialbox SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi
[265星][11m] [C] jmk-foofus/medusa Medusa is a speedy, parallel, and modular, login brute-forcer.
[256星][17d] [Shell] wuseman/emagnet Emagnet is a tool for find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks. Support for brute forcing spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts
[250星][1y] [Py] avramit/instahack Instagram bruteforce tool
[246星][6m] [Go] ropnop/kerbrute A tool to perform Kerberos pre-auth bruteforcing
[245星][11m] [Shell] thelinuxchoice/instainsane Multi-threaded Instagram Brute Forcer (100 attemps at once)
[225星][2m] [Py] evilmog/ntlmv1-multi 修改NTLMv1/NTLMv1-ESS/MSCHAPv1 Hask, 使其可以在hashcat中用DES模式14000破解
[220星][6m] [Py] blark/aiodnsbrute Python 3.5+ DNS asynchronous brute force utility
[220星][11m] [Py] chris408/known_hosts-hashcat A guide and tool for cracking ssh known_hosts files with hashcat
[215星][7m] [Py] paradoxis/stegcracker Steganography brute-force utility to uncover hidden data inside files
[209星][1m] [C] hyc/fcrackzip A braindead program for cracking encrypted ZIP archives. Forked from
[203星][3m] [Py] isaacdelly/plutus An automated bitcoin wallet collider that brute forces random wallet addresses

OSCP

[1710星][20d] olivierlaflamme/cheatsheet-god Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet
- 重复区段: 工具/收集&&集合/混合型收集 |
[756星][1m] [HTML] rewardone/oscprepo A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
[667星][8m] [XSLT] adon90/pentest_compilation Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
- 重复区段: 工具/收集&&集合/未分类 |
[375星][10m] [Py] rustyshackleford221/oscp-prep A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
[360星][8m] [PowerShell] ferreirasc/oscp oscp study
[289星][14d] [PowerShell] mantvydasb/redteam-tactics-and-techniques Red Teaming Tactics and Techniques
[222星][7m] 0x4d31/awesome-oscp A curated list of awesome OSCP resources
[210星][1y] foobarto/redteam-notebook Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.

MitreATT&CK

[2595星][12d] [PowerShell] redcanaryco/atomic-red-team Small and highly portable detection tests based on MITRE's ATT&CK.
[1308星][14d] [Py] mitre/caldera 自动化 adversary emulation 系统
[557星][5m] [HTML] nshalabi/attack-tools Utilities for MITRE™ ATT&CK
[454星][2m] [Py] olafhartong/threathunting A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
[450星][12m] bfuzzy/auditd-attack A Linux Auditd rule set mapped to MITRE's Attack Framework
[325星][5m] teoseller/osquery-attck Mapping the MITRE ATT&CK Matrix with Osquery
[312星][10m] [PowerShell] cyb3rward0g/invoke-attackapi A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
[307星][29d] [Py] atc-project/atomic-threat-coverage Actionable analytics designed to combat threats based on MITRE's ATT&CK.

浏览器&&browser

[4591星][2m] [JS] beefproject/beef The Browser Exploitation Framework Project
[960星][8m] [Py] selwin/python-user-agents A Python library that provides an easy way to identify devices like mobile phones, tablets and their capabilities by parsing (browser) user agent strings.
[852星][3m] escapingbug/awesome-browser-exploit awesome list of browser exploitation tutorials
[450星][30d] [Py] globaleaks/tor2web Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
[446星][2m] m1ghtym0/browser-pwn An updated collection of resources targeting browser-exploitation.
[408星][2m] [Pascal] felipedaragon/sandcat 为渗透测试和开发者准备的轻量级浏览器, 基于Chromium和Lua
[290星][2m] xsleaks/xsleaks A collection of browser-based side channel attack vectors.
[215星][2m] [Py] icsec/airpwn-ng force the target's browser to do what we want
[212星][1y] [C#] djhohnstein/sharpweb .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.

蓝牙&&Bluetooth

[218星][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
- 重复区段: 工具/浏览嗅探&&流量拦截&&流量分析&&中间人/未分类-Network |工具/渗透&&offensive&&渗透框架&&后渗透框架/无线&&WiFi&&AP&&802.11/未分类-WiFi |

REST_API&&RESTFUL

[1220星][8m] [Py] flipkart-incubator/astra 自动化的REST API安全测试脚本

恶意代码&&Malware&&APT

[2013星][1m] [C++] lordnoteworthy/al-khaser Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
- 重复区段: 工具/渗透&&offensive&&渗透框架&&后渗透框架/未分类-Pentest |
[859星][2m] aptnotes/data APTnotes data

贡献

内容为系统自动导出, 有任何问题请提issue

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
history		history
Readme.md		Readme.md
Readme_en.md		Readme_en.md
Readme_full.md		Readme_full.md
Readme_full_en.md		Readme_full_en.md

RakhithJK/Cyber-Security_Collection

Folders and files

Latest commit

History

Repository files navigation

PenetrationTesting

目录

工具

新添加的

新添加的

未分类

人工智能&&机器学习&&深度学习&&神经网络

未分类-AI

收集

收集&&集合

未分类

混合型收集

无工具类收集

收集类的收集

教育资源&&课程&&教程&&书籍

笔记&&Tips&&Tricks&&Talk&&Conference

未分类

blog

移动&&Mobile

未分类-Mobile

Android

iOS&&MacOS&&iPhone&&iPad&&iWatch

CTF&&HTB

未分类-CTF&&HTB

收集

HTB

CTF

未分类-CTF

Writeup

收集

漏洞&&漏洞管理&&漏洞发现/挖掘&&漏洞开发&&漏洞利用&&Fuzzing

未分类-Vul

资源收集

漏洞开发

未分类-VulDev

ROP

漏洞扫描&&挖掘&&发现

未分类

漏洞扫描

未分类

Web漏洞

系统漏洞

App漏洞

移动平台漏洞

Fuzzing

未分类-Fuzz

资源收集

Fuzzer

漏洞利用

漏洞利用

Exp&&PoC

XSS&&XXE

收集

未分类-XSS

知名漏洞&&CVE&&特定产品

未分类

CVE

Spectre&&Meltdown

BlueKeep

Heartbleed

DirtyCow

Blueborne

CSRF

容器&&Docker

漏洞管理

漏洞数据库

CORS

漏洞分析

特定目标

未分类-XxTarget

AWS

Phoenix

Kubernetes

Azure

Nginx