Other Resource Collection Projects:

All open source security tools I collected: sec-tool-list: More than 18K. Both Markdown and Json format.
Github Security Resource Collection Repos: 1000+ Github Repos about Security Resource Collection
Reverse Engineering Resources For All Platforms:
- Windows: PE/DLL/DLL-Injection/Dll-Hijack/Dll-Load/UAC-Bypass/Sysmon/AppLocker/ETW/WSL/.NET/Process-Injection/Code-Injection/DEP/Kernel/...
- Linux: ELF/...
- macOS/iXxx: Mach-O/Jailbreak/LLDB/XCode/...
- Android: HotFix/XPosed/Pack/Unpack/Emulator/Obfuscate
- Famous Tools: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/...
Offensive Security Resources: Vulnerability/Pentest/IoTSecurity/DataExfiltration/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/AntiVirus/CobaltStrike/Recon/OSINT/SocialEnginneringAttack/Password/Credential/ThreatHunting/Payload/WifiHacking/PostExploitation/PrivilegeEscalation/UACBypass/...
Network Related Resources: awesome-network-stuff:
- Network Communication: Proxy/SS/V2ray/GFW/ReverseProxy/Tunnel/VPN/Tor/I2P/...
- Network Attack: MiTM/PortKnocking/...
- Network Analysis: Sniff/Protocol-Analysis/Network-Visualization/Network-Diagnostic/...
open source RAT and malicious RAT analysis reports: RAT for all platforms: Windows/Linux/macOS/Android; malicious RAT analysis reports
Webshell Resource: Almost 150 open source tools, and 200 blog posts and videos about webhsell.
Forensics Resource: Almost 300 open source forensics tools, and 600 blog posts and videos about forensics.
Honeypot Resource: 250+ Honeypot tools, 350+ Honeypot posts and videos
Burp Suite Resource: 400+ open source Burp plugins, 500+ posts and videos.

collection

1000+ Github Security Resource Collection Repos.
中文版本

Collection

[34045Star][1m] [Py] minimaxir/big-list-of-naughty-strings The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
[33101Star][3m] hack-with-github/awesome-hacking A collection of various awesome lists for hackers, pentesters and security researchers
[24868Star][18d] trimstray/the-book-of-secret-knowledge A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
[22055Star][30d] [PHP] danielmiessler/seclists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
[19766Star][3m] [Jupyter Notebook] camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers aka "Bayesian Methods for Hackers": An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)
[18703Star][3y] fallibleinc/security-guide-for-developers Security Guide for Developers (实用性开发人员安全须知)
[14867Star][2m] gfwlist/gfwlist gfwlist
[11389Star][13d] [Py] swisskyrepo/payloadsallthethings A list of useful payloads and bypass for Web Application Security and Pentest/CTF
[11306Star][12d] [Py] owasp/cheatsheetseries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
[10944Star][2m] [CSS] hacker0x01/hacker101 Hacker101
[10920Star][1m] enaqx/awesome-pentest A collection of awesome penetration testing resources, tools and other shiny things
[10615Star][20d] ruanyf/weekly 科技爱好者周刊，每周五发布
[9042Star][3m] vitalysim/awesome-hacking-resources A collection of hacking / penetration testing resources to make you better!
[8031Star][3m] [Py] facebook/chisel Chisel is a collection of LLDB commands to assist debugging iOS apps.
[5586Star][1m] rshipp/awesome-malware-analysis A curated list of awesome malware analysis tools and resources.
[5229Star][4m] [Py] ytisf/thezoo A repository of LIVE malwares for your own joy and pleasure.
[5181Star][27d] [PHP] tennc/webshell This is a webshell open source project
[5121Star][3m] sbilly/awesome-security A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
[5084Star][17d] [HTML] owasp/owasp-mstg The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
[4441Star][2m] [Shell] zardus/ctf-tools Some setup scripts for security research tools.
[4306Star][17d] [Shell] ashishb/android-security-awesome A collection of android security related resources
[4252Star][1m] qazbnm456/awesome-web-security Curated list of Web Security materials and resources
[4115Star][10m] wtsxdev/reverse-engineering List of awesome reverse engineering resources
[4014Star][3m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[4014Star][3m] [JS] apsdehal/awesome-ctf A curated list of CTF frameworks, libraries, resources and softwares
[3945Star][5m] [PHP] paragonie/awesome-appsec A curated list of resources for learning about application security
[3922Star][15d] [Py] secureauthcorp/impacket Impacket is a collection of Python classes for working with network protocols.
[3868Star][2m] jivoi/awesome-osint A curated list of amazingly awesome open source intelligence tools and resources
[3836Star][4y] iosre/iosappreverseengineering The world’s 1st book of very detailed iOS App reverse engineering skills :)
[3796Star][18d] [Py] paralax/awesome-honeypots an awesome list of honeypot resources
[3699Star][5m] [C] secwiki/windows-kernel-exploits windows-kernel-exploits Windows平台提权漏洞集合
[3627Star][28d] [HTML] consensys/smart-contract-best-practices A guide to smart contract security best practices
[3616Star][19d] blacckhathaceekr/pentesting-bible links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
[3517Star][10m] [C] rpisec/mbe Course materials for Modern Binary Exploitation by RPISEC
[3461Star][30d] [C] shellphish/how2heap A repository for learning various heap exploitation techniques.
[3383Star][11d] jivoi/awesome-ml-for-cybersecurity Awesome Machine Learning for Cyber Security
[3320Star][2y] scanate/ethlist The Comprehensive Ethereum Reading List
[3301Star][15d] [Shell] toniblyx/my-arsenal-of-aws-security-tools List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
[3230Star][16d] [Rich Text Format] the-art-of-hacking/h4cker thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
[3203Star][6m] hslatman/awesome-threat-intelligence A curated list of Awesome Threat Intelligence resources
[3198Star][16d] [Makefile] lorien/awesome-web-scraping List of libraries, tools and APIs for web scraping and data processing.
[3168Star][18d] [CSS] juliocesarfort/public-pentesting-reports Curated list of public penetration test reports released by several consulting firms and academic security groups
[3141Star][17d] meirwah/awesome-incident-response A curated list of tools for incident response
[3005Star][10d] [Py] felixonmars/dnsmasq-china-list Chinese-specific configuration to improve your favorite DNS server. Best partner for chnroutes.
[2977Star][2y] phith0n/mind-map 各种安全相关思维导图整理收集
[2967Star][11d] [Go] dominikh/go-tools Staticcheck – a collection of static analysis tools for working with Go code
[2904Star][3m] infosecn1nja/red-teaming-toolkit A collection of open source and commercial tools that aid in red team operations.
[2816Star][2m] paulsec/awesome-sec-talks A collected list of awesome security talks
[2800Star][3m] secwiki/sec-chart 安全思维导图集合
[2759Star][1m] [JS] s0md3v/awesomexss Awesome XSS stuff
[2680Star][14d] rmusser01/infosec_reference An Information Security Reference That Doesn't Suck
[2671Star][1y] [HTML] chybeta/web-security-learning Web-Security-Learning
[2660Star][18d] xairy/linux-kernel-exploitation A bunch of links related to Linux kernel exploitation
[2621Star][2m] pditommaso/awesome-pipeline A curated list of awesome pipeline toolkits inspired by Awesome Sysadmin
[2615Star][1m] [JS] knownsec/kcon KCon is a famous Hacker Con powered by Knownsec Team.
[2519Star][27d] onlurking/awesome-infosec A curated list of awesome infosec courses and training resources.
[2499Star][5y] [PHP] audi-1/sqli-labs SQLI labs to test error based, Blind boolean based, Time based.
[2474Star][2m] [Py] 0xinfection/awesome-waf Everything awesome about web application firewalls (WAFs).
[2419Star][3y] rpisec/malware Course materials for Malware Analysis by RPISEC
[2395Star][3y] [OCaml] facebookarchive/pfff Tools for code analysis, visualizations, or style-preserving source transformation.
[2356Star][12m] hack-with-github/free-security-ebooks Free Security and Hacking eBooks
[2345Star][22d] yeyintminthuhtut/awesome-red-teaming List of Awesome Red Teaming Resources
[2307Star][1m] [PS] k8gege/k8tools K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
[2228Star][2y] [JS] cure53/h5sc HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
[2204Star][2m] sobolevn/awesome-cryptography A curated list of cryptography resources and links.
[2184Star][3y] enddo/awesome-windows-exploitation A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
[2169Star][2m] gbdev/awesome-gbdev A curated list of Game Boy development resources such as tools, docs, emulators, related projects and open-source ROMs.
[2163Star][1y] [C++] maestron/botnets This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
[2161Star][10m] exakat/php-static-analysis-tools A reviewed list of useful PHP static analysis tools
[2132Star][22d] goq/telegram-list List of telegram groups, channels & bots // Список интересных групп, каналов и ботов телеграма // Список чатов для программистов
[2118Star][3m] yeahhub/hacking-security-ebooks Top 100 Hacking & Security E-Books (Free Download)
[2116Star][1m] infoslack/awesome-web-hacking A list of web application security
[2078Star][2m] edoverflow/bugbounty-cheatsheet A list of interesting payloads, tips and tricks for bug bounty hunters.
[2067Star][12d] tanprathan/mobileapp-pentest-cheatsheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[2066Star][1y] bluscreenofjeff/red-team-infrastructure-wiki Wiki to collect Red Team infrastructure hardening resources
[2057Star][9m] [Shell] foospidy/payloads Git All the Payloads! A collection of web attack payloads.
[2042Star][9d] [Java] williamfiset/algorithms A collection of algorithms and data structures
[2030Star][14d] [HTML] gtfobins/gtfobins.github.io Curated list of Unix binaries that can be exploited to bypass system security restrictions
[2018Star][2m] qazbnm456/awesome-cve-poc A curated list of CVE PoCs.
[1990Star][2y] dloss/python-pentest-tools Python tools for penetration testers
[1982Star][1y] [BitBake] 1n3/intruderpayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
[1956Star][2m] [Py] nixawk/pentest-wiki PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
[1930Star][3m] toolswatch/blackhat-arsenal-tools Official Black Hat Arsenal Security Tools Repository
[1904Star][30d] olivierlaflamme/cheatsheet-god Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
[1870Star][11m] [PHP] bartblaze/php-backdoors A collection of PHP backdoors. For educational or testing purposes only.
[1845Star][3m] djadmin/awesome-bug-bounty A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
[1831Star][1y] [CSS] ctfs/write-ups-2015 Wiki-like CTF write-ups repository, maintained by the community. 2015
[1787Star][4y] caesar0301/awesome-pcaptools A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
[1779Star][1m] 17mon/china_ip_list IPList for China by IPIP.NET
[1771Star][12d] onethawt/idaplugins-list A list of IDA Plugins
[1760Star][1y] coreb1t/awesome-pentest-cheat-sheets Collection of the cheat sheets useful for pentesting
[1752Star][1m] ngalongc/bug-bounty-reference Inspired by
[1748Star][3m] [PHP] orangetw/my-ctf-web-challenges Collection of CTF Web challenges I made
[1748Star][4m] tunz/js-vuln-db A collection of JavaScript engine CVEs with PoCs
[1739Star][2m] sirredbeard/awesome-wsl Awesome list dedicated to Windows Subsystem for Linux
[1716Star][4m] [R] briatte/awesome-network-analysis A curated list of awesome network analysis resources.
[1663Star][2y] [Shell] juude/droidreverse reverse engineering tools for android
[1652Star][10m] tylerha97/awesome-reversing A curated list of awesome reversing resources
[1650Star][15d] sarojaba/awesome-devblog Awesome Devblog
[1636Star][2y] jhaddix/tbhm The Bug Hunters Methodology
[1630Star][2m] ivrodriguezca/re-ios-apps A completely free, open source and online course about Reverse Engineering iOS Applications.
[1602Star][7m] [Py] w1109790800/penetration 渗透超全面的渗透资料
[1585Star][7m] [Ruby] brunofacca/zen-rails-security-checklist Checklist of security precautions for Ruby on Rails applications.
[1546Star][19d] emijrp/awesome-awesome A curated list of awesome curated lists of many topics.
[1534Star][6m] snowming04/the-hacker-playbook-3-translation 对 The Hacker Playbook 3 的翻译。
[1509Star][14d] [YARA] cybermonitor/apt_cybercriminal_campagin_collections APT & CyberCriminal Campaign Collection
[1482Star][14d] [C] sleuthkit/sleuthkit a library and collection of command line digital forensics tools that allow you to investigate volume and file system data.
[1481Star][2m] minimaxir/hacker-news-undocumented Some of the hidden norms about Hacker News not otherwise covered in the Guidelines and the FAQ.
[1479Star][30d] edoverflow/can-i-take-over-xyz "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
[1421Star][5m] yadox666/the-hackers-hardware-toolkit The best hacker's gadgets for Red Team pentesters and security researchers.
[1417Star][3m] [Go] hellogcc/100-gdb-tips A collection of gdb tips. 100 maybe just mean many here.
[1417Star][3m] [HTML] owasp/top10 Official OWASP Top 10 Document Repository
[1392Star][4y] [PHP] johntroony/php-webshells Common php webshells. Do not host the file(s) on your server!
[1376Star][2m] grrrdog/java-deserialization-cheat-sheet The cheat sheet about Java Deserialization vulnerabilities
[1347Star][2y] [HTML] daxeel/blockshell A command line utility for learning Blockchain technical concepts likechaining, mining, proof of work etc.
[1332Star][3m] jaredthecoder/awesome-vehicle-security A curated list of awesome resources, books, hardware, software, applications, people to follow, and more cool stuff about vehicle security, car hacking, and tinkering with the functionality of your car.
[1305Star][1m] nikitavoloboev/privacy-respecting Curated List of Privacy Respecting Services and Software
[1290Star][11d] [Shell] firehol/blocklist-ipsets ipsets dynamically updated with firehol's update-ipsets.sh script
[1290Star][11d] [Shell] firehol/blocklist-ipsets ipsets dynamically updated with firehol's update-ipsets.sh script
[1287Star][9m] michalmalik/linux-re-101 A collection of resources for linux reverse engineering
[1252Star][19d] michalmalik/osx-re-101 A collection of resources for OSX/iOS reverse engineering.
[1242Star][1y] [Ruby] eliotsykes/rails-security-checklist This checklist is limited to Rails security precautions and there are many other aspects of running a Rails app that need to be secured
[1223Star][5y] cure53/xsschallengewiki Welcome to the XSS Challenge Wiki!
[1223Star][5y] cure53/xsschallengewiki Welcome to the XSS Challenge Wiki!
[1222Star][25d] dweinstein/awesome-frida A curated list of Frida resources
[1215Star][8m] riusksk/secbook 信息安全从业者书单推荐
[1207Star][8m] joe-shenouda/awesome-cyber-skills A curated list of hacking environments where you can train your cyber skills legally and safely
[1203Star][1y] felixgr/secure-ios-app-dev Collection of the most common vulnerabilities found in iOS applications
[1197Star][2m] [Py] cujanovic/ssrf-testing SSRF (Server Side Request Forgery) testing resources
[1187Star][2y] [C] mubix/post-exploitation Post Exploitation Collection
[1181Star][1m] [Py] 13o-bbr-bbq/machine_learning_security Source code about machine learning and security.
- Security_and_MachineLearning The elementary training course of Machine learning for security engineer.
- Vulnerabilities_of_ML Summary of Machine Learning vulnerability.
- Analytics Analyzing packet capture data using k-means.
- CNN_test Generate adversarial example against CNN.
- DeepExploit Fully automatic penetration test tool using Machine Learning.
- Generator Fully automatically generate numerous injection codes for web application assessment using Genetic Algorithm and Generative Adversarial Networks.
- Recommender Recommend optimal injection code for detecting web app vulnerabilities.
- Saivs an artificial intelligence to find vulnerabilities in Web applications.
[1172Star][17d] m4ll0k/awesome-hacking-tools Awesome Hacking Tools
[1164Star][14d] w00t3k/awesome-cellular-hacking Awesome-Cellular-Hacking
[1155Star][3y] [PS] powershellempire/powertools a collection of PowerShell projects with a focus on offensive operations.
- PewPewPew scripts that utilize a common pattern to host a script on a PowerShell webserver, invoke the IEX download cradle to download/execute the target code and post the results back to the server, and then post-process any results.
- PowerBreach a backdoor toolkit that aims to provide the user a wide variety of methods to backdoor a system.
- PowerPick allowing the execution of Powershell functionality without the use of Powershell.exe
[1145Star][1m] [Batchfile] ckjbug/hacking Collate and develop network security, Hackers technical documentation and tools, code.
[1145Star][7m] nebgnahz/awesome-iot-hacks A Collection of Hacks in IoT Space so that we can address them (hopefully).
[1143Star][2y] [Py] hackathonhackers/personal-sites List of Hackathon Hackers' personal sites.
[1141Star][1m] [HTML] securitytxt/security-txt A proposed standard that allows websites to define security policies.
[1116Star][21d] slowmist/knowledge-base Knowledge Base 慢雾安全团队知识库
[1115Star][1y] paulsec/awesome-windows-domain-hardening A curated list of awesome Security Hardening techniques for Windows.
[1112Star][1y] [Py] bugcrowd/hunt Burp和ZAP的扩展收集
[1110Star][6m] [Py] coffeehb/some-poc-or-exp 各种漏洞poc、Exp的收集或编写
[1110Star][5m] zbetcheckin/security_list Great security list for fun and profit
[1108Star][2m] snoopysecurity/awesome-burp-extensions A curated list of amazingly awesome Burp Extensions
[1080Star][2m] guardrailsio/awesome-golang-security Awesome Golang Security resources
[1066Star][12d] [Py] forseti-security/forseti-security A community-driven collection of open source tools to improve the security of your Google Cloud Platform environments
[1065Star][2y] wtsxdev/machine-learning-for-cyber-security Curated list of tools and resources related to the use of machine learning for cyber security
[1062Star][16d] denji/awesome-http-benchmark HTTP(S) benchmark tools, testing/debugging, & restAPI (RESTful)
[1049Star][1m] [Py] ct-open-source/tuya-convert A collection of scripts to flash Tuya IoT devices to alternative firmwares
[1037Star][2m] [C] xairy/kernel-exploits My proof-of-concept exploits for the Linux kernel
[1030Star][1y] naetw/ctf-pwn-tips Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
[1030Star][7m] stephenturner/oneliners Useful bash one-liners for bioinformatics.
[1026Star][17d] sundowndev/hacker-roadmap an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking
[1026Star][2y] [ObjC] zhengmin1989/ios_ice_and_fire iOS冰与火之歌
[1020Star][2m] [C] bt3gl/pentesting-toolkit Tools for pentesting, CTFs & wargames.
[1013Star][1y] [JS] 0xsobky/hackvault A container repository for my public web hacks!
[1009Star][10m] onethawt/reverseengineering-reading-list A list of Reverse Engineering articles, books, and papers
[1007Star][1y] [PHP] secwiki/cms-hunter Content Management System Vulnerability Hunter
[993Star][19d] [Py] jekil/awesome-hacking Awesome hacking is an awesome collection of hacking tools.
[990Star][11m] [Py] xiphosresearch/exploits Miscellaneous exploit code
[986Star][8m] 0x4d31/awesome-threat-detection A curated list of awesome threat detection and hunting resources
[977Star][4m] ctfs/resources A general collection of information, tools, and tips regarding CTFs and similar security competitions
[963Star][2y] [C] fdiskyou/injectallthethings Seven different DLL injection techniques in one single project.
[959Star][5m] bugcrowd/bugcrowd_university Open source education content for the researcher community
[959Star][10m] wtsxdev/penetration-testing List of awesome penetration testing resources, tools and other shiny things
[949Star][6m] [C] dhavalkapil/heap-exploitation This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
[946Star][2y] [HTML] chybeta/software-security-learning Software-Security-Learning
[943Star][18d] [Py] nullsecuritynet/tools Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
[939Star][2y] deepspaceharbor/awesome-ai-security A curated list of AI security resources
[929Star][2m] tom0li/collection-document Collection of quality safety articles
[923Star][9m] [C] 0x90/wifi-arsenal WiFi arsenal
[921Star][7m] [PS] api0cradle/ultimateapplockerbypasslist The goal of this repository is to document the most common techniques to bypass AppLocker.
[917Star][7m] cn0xroot/rfsec-toolkit RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
[906Star][1m] [Shell] dominicbreuker/stego-toolkit Collection of steganography tools - helps with CTF challenges
[899Star][12d] [Py] derekselander/lldb A collection of LLDB aliases/regexes and Python scripts to aid in your debugging sessions
[898Star][2m] [HTML] hookmaster/frida-all-in-one FRIDA操作手册
[894Star][3m] [Ruby] w181496/web-ctf-cheatsheet Web CTF CheatSheet
[890Star][3m] jakejarvis/awesome-shodan-queries Awesome Shodan Search Queries
[871Star][12d] explife0011/awesome-windows-kernel-security-development windows kernel security development
[852Star][30d] trimstray/iptables-essentials Common Firewall Rules and Commands.
[841Star][2m] cugu/awesome-forensics A curated list of awesome forensic analysis tools and resources
[838Star][17d] [HTML] rewardone/oscprepo A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
[836Star][15d] v33ru/iotsecurity101 From IoT Pentesting to IoT Security
[829Star][4y] [PS] clymb3r/powershell Useful PowerShell scripts
[829Star][5m] [Shell] danielmiessler/robotsdisallowed A curated list of the most common and most interesting robots.txt disallowed directories.
[826Star][10d] cveproject/cvelist Pilot program for CVE submission through GitHub
[823Star][3m] feeicn/security-ppt 大安全各领域各公司各会议分享的PPT
[822Star][3m] [Shell] shr3ddersec/shr3dkit Red Team Tool Kit
[813Star][3y] [Py] scrapy/quotesbot This is a sample Scrapy project for educational purposes
[805Star][3y] shmilylty/awesome-hacking awesome hacking chinese version
[796Star][15d] [Shell] aqzt/kjyw 快捷运维，代号kjyw，项目基于shell、python，运维脚本工具库，收集各类运维常用工具脚本，实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
[788Star][11m] v2-dev/awesome-social-engineering A curated list of awesome social engineering resources.
[778Star][2y] [Py] dagrz/aws_pwn A collection of AWS penetration testing junk
[766Star][2m] daviddias/awesome-hacking-locations List of Awesome Hacking Locations, organised by Country and City, listing if it features power and wifi.
[761Star][1m] [Py] mubix/shellshocker-pocs Collection of Proof of Concepts and Potential Targets for #ShellShocker
[760Star][3y] masatokinugawa/filterbypass Browser's XSS Filter Bypass Cheat Sheet
[738Star][14d] [C++] google/shaderc A collection of tools, libraries, and tests for Vulkan shader compilation.
[737Star][7m] [Py] devttys0/ida Collection of IDA Python plugins/scripts/modules.
- wpsearch Searches for immediate values commonly founds in MIPS WPS checksum implementations.
- md5hash A sample implementation of MD5 in pure Python
- alleycat Finds paths to a given code block inside a function; Finds paths between two or more functions; Generates interactive call graphs
- codatify Defines ASCII-strings/functions/code that IDA's auto analysis missed; Converts all undefined bytes in the data segment into DWORDs
- fluorescence Un/highlights function call instructions
- leafblower Assists in identifying standard POSIX functions in MIPS/ARM code.
- localxrefs Finds references to any selected text from within the current function
- mipslocalvars Names stack variables used by the compiler for storing registers on the stack, simplifying stack data analysis (MIPS only)
- mipsrop Allows you to search for suitable ROP gadgets in MIPS executable code; Built-in methods to search for common ROP gadgets
- rizzo Identifies and re-names functions between two or more IDBs
[736Star][1y] [Py] averagesecurityguy/scripts Scripts I use during pentest engagements.
[733Star][5m] [Lua] cldrn/nmap-nse-scripts My collection of nmap NSE scripts
[728Star][3m] [C#] harleyqu1nn/aggressorscripts Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
[725Star][2m] [HTML] j00ru/windows-syscalls Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
[722Star][29d] voorivex/pentest-guide Penetration tests guide based on OWASP including test cases, resources and examples.
[714Star][1y] snifer/security-cheatsheets A collection of cheatsheets for various infosec tools and topics.
[713Star][6m] leezj9671/pentest_interview pentest interview experience
[712Star][5m] bit4woo/python_sec resource collection of python security and code review
[696Star][2m] [Py] iceyhexman/onlinetools 在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
[695Star][4m] netflix/security-bulletins Security Bulletins that relate to Netflix Open Source
[693Star][2y] [C] 1n3/privesc A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
[685Star][14d] [Py] gwen001/pentest-tools My collection of custom tools I use in my daily.
[684Star][2m] andrewjkerr/security-cheatsheets A collection of useful cheatsheets for cheat that focuses on aiding security-type people with either security tools or popular UNIX programs.
[682Star][3y] [PHP] xl7dev/webshell Webshell && Backdoor Collection
[681Star][1m] [Shell] wslutilities/wslu A collection of utilities for Windows 10 Linux Subsystems
[675Star][1y] [C] billy-ellis/exploit-challenges A collection of vulnerable ARM binaries for practicing exploit development
[668Star][2m] doridori/android-security-reference A W.I.P Android Security Ref
[665Star][2m] redhuntlabs/awesome-asset-discovery List of Awesome Asset Discovery Resources
[664Star][1y] chybeta/code-audit-challenges Code-Audit-Challenges
[662Star][11d] the-akira/computer-science-resources A list of resources in different fields of Computer Science (multiple languages)
[653Star][1m] [YARA] eset/malware-ioc Indicators of Compromises (IOC) of our various investigations
[643Star][2y] harmj0y/cheatsheets Cheat sheets for various projects.
[643Star][6m] [PHP] mattiasgeniar/php-exploit-scripts A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.
[639Star][9m] cryptogenic/exploit-writeups A collection where my current and future writeups for exploits/CTF will go
[638Star][12m] [HTML] bl4de/security_whitepapers Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
[637Star][23d] [PS] olafhartong/sysmon-modular A repository of sysmon configuration modules
[635Star][8m] yeyintminthuhtut/awesome-advanced-windows-exploitation-references List of Awesome Advanced Windows Exploitation References
[633Star][5m] 3gstudent/pentest-and-development-tips A collection of pentest and development tips
[632Star][10m] webbreacher/offensiveinterview Interview questions to screen offensive (red team/pentest) candidates
[629Star][4m] bypass007/safety-project-collection 收集一些比较优秀的开源安全项目，以帮助甲方安全从业人员构建企业安全能力。
[620Star][2y] turbo/openftp4 A list of all FTP servers in IPv4 that allow anonymous logins.
[619Star][1y] jiangsir404/audit-learning 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
[618Star][22d] 404notf0und/ai-for-security-learning 安全场景、基于AI的安全算法和安全数据分析学习资料整理
[613Star][4m] [Shell] ashishb/osx-and-ios-security-awesome OSX and iOS related security tools
[608Star][3m] [Swift] gradients/gradients A curated collection of 180 splendid gradients made in swift
[606Star][1y] [C] scottybauer/android_kernel_cve_pocs A list of my CVE's with POCs
[604Star][2m] siguza/ios-resources Useful resources for iOS hacking
[601Star][2m] [Py] hslatman/awesome-industrial-control-system-security A curated list of resources related to Industrial Control System (ICS) security.
[600Star][6m] fabrimagic72/malware-samples A collection of malware samples caught by several honeypots i manage
[593Star][1m] lirantal/awesome-nodejs-security Awesome Node.js Security resources
[593Star][2m] [PS] threatexpress/red-team-scripts A collection of Red Team focused tools, scripts, and notes
[592Star][3y] hack-with-github/windows Awesome tools to exploit Windows !
[592Star][12m] pandazheng/ioshackstudy IOS安全学习资料汇总
[591Star][16d] [Perl] bollwarm/sectoolset The security tool(project) Set from github
[591Star][1y] brunty/awesome-checker-services List of links to the various checkers out there on the web for sites, domains, security etc
[590Star][15d] clarketm/proxy-list A list of free, public, forward proxy servers. UPDATED DAILY!
[587Star][6m] d30sa1/rootkits-list-download the list of all rootkits found so far on github and other sites.
[577Star][2y] hack-with-github/awesome-security-gists A collection of various GitHub gists for hackers, pentesters and security researchers
[574Star][3m] [HTML] gwillem/magento-malware-scanner Scanner, signatures and the largest collection of Magento malware
[573Star][2y] [Py] nnamon/linux-exploitation-course A Course on Intermediate Level Linux Exploitation
[571Star][4m] r35tart/penetration_testing_case 用于记录分享一些有趣的案例
[564Star][1y] [C] externalist/exploit_playground Analysis of public exploits or my 1day exploits
[564Star][3m] [HTML] netspi/sqlinjectionwiki A wiki focusing on aggregating and documenting various SQL injection methods
[564Star][11m] rapid7/ssh-badkeys A collection of static SSH keys (public and private) that have made their way into software and hardware products.
[560Star][9m] guardrailsio/awesome-python-security Awesome Python Security resources
[558Star][10m] guardrailsio/awesome-php-security Awesome PHP Security Resources
[557Star][3y] secmobi/wiki.secmobi.com a collection of mobile security resources.
[557Star][9m] [Py] yellowbyte/reverse-engineering-reference-manual collage of reverse engineering topics that I find interesting
[550Star][4y] miyogurt/network-security-mind-map 网络安全基础知识思维导图
[549Star][4m] [C] espressif/esp-iot-solution Espressif IoT Library. IoT Device Drivers, Documentations And Solutions.
[530Star][30d] a13xp0p0v/linux-kernel-defence-map Linux Kernel Defence Map
[530Star][2y] [Py] ihack4falafel/oscp Collection of things made during my OSCP journey
[521Star][3y] vasanthk/web-security-basics Web security concepts
[504Star][2m] hugetiny/awesome-vpn A curated list of awesome free VPNs and proxies.
[501Star][4m] [PHP] susers/writeups 国内各大CTF赛题及writeup整理
[500Star][3y] tengzhangchao/sec-box information security Tools Box （信息安全工具以及资源集合）
[498Star][3m] govolution/betterdefaultpasslist list includes default credentials from various manufacturers for their products like NAS, ERP, ICS etc.
[496Star][2y] sergey-pronin/awesome-vulnerability-research A curated list of the awesome resources about the Vulnerability Research
[494Star][2m] [C] hasherezade/demos Demos of various injection techniques found in malware
[490Star][2y] [C++] turbo/kpti-poc-collection Meltdown/Spectre PoC src collection.
[489Star][14d] [C] jiayy/android_vuln_poc-exp This project contains pocs and exploits for vulneribilities I found (mostly)
[488Star][2y] b-mueller/android_app_security_checklist Android App Security Checklist
[487Star][2m] radareorg/awesome-radare2 A curated list of awesome projects, articles and the other materials powered by Radare2
[486Star][1y] lmy375/awesome-vmp VM analysis materials
[480Star][1y] ksluckow/awesome-symbolic-execution A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
[477Star][1y] hack-with-github/powerful-plugins Powerful plugins and add-ons for hackers
[476Star][23d] [PS] mantvydasb/redteam-tactics-and-techniques Red Teaming Tactics and Techniques
[472Star][12m] [PHP] l3m0n/pentest_tools collection of pentest tools
[470Star][3y] [Shell] g0tmi1k/os-scripts Personal Collection of Operating Systems Scripts
[468Star][29d] meitar/awesome-cybersecurity-blueteam A collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
[465Star][2y] [Py] coalfire-research/java-deserialization-exploits A collection of curated Java Deserialization Exploits
[465Star][1m] gradiuscypher/infosec_getting_started A collection of resources/documentation/links/etc to help people learn about Infosec and break into the field.
[463Star][3y] remath/literature_review Survey of program analysis research with a focus on machine code
[462Star][6m] [C] phoenhex/files Repository for exploits/POCs/presentation of the phoenhex team
[461Star][2y] [Py] 0xdeadbeefjerky/office-dde-payloads Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
[460Star][5m] [C++] comaeio/opcde OPCDE Cybersecurity Conference Materials
[456Star][4y] [C] haka-security/haka a collection of tools that allows capturing TCP/IP packets and filtering them based on Lua policy files.
[455Star][22d] m1ghtym0/browser-pwn An updated collection of resources targeting browser-exploitation.
[454Star][10m] [C++] ahupowerdns/hello-dns Hello and welcome to DNS!
[449Star][4y] [Py] alienvault-labs/alienvaultlabs Alienvault Labs Projects Random Stuff
[442Star][17d] [TSQL] 404notf0und/security-data-analysis-and-visualization 2018-2020青年安全圈-活跃技术博主/博客
[439Star][2y] magoo/redteam-plan Issues to consider when planning a red team exercise.
[438Star][1y] meitar/awesome-lockpicking A curated list of awesome guides, tools, and other resources relating to the security and compromise of locks, safes, and keys.
[437Star][4m] re4lity/hacking-with-golang Golang安全资源合集
[431Star][2y] rsmudge/malleable-c2-profiles Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
[431Star][24d] xuanhun/hackingresource “玄魂工作室--安全圈” 知识星球内资源汇总
[429Star][4m] [Shell] ashishb/android-malware Collection of android malware samples
[426Star][1m] dropsofzut/awesome-security-weixin-official-accounts awesome-security-weixin-official-accounts
[425Star][4m] jack-liang/kalitools Kali Tools Translate Volunteers
[424Star][3y] pgaijin66/xss-payloads List of advanced XSS payloads
[424Star][2y] ring04h/papers my security summit papers
[423Star][12m] [Lua] w3h/icsmaster ICS/SCADA Security Resource
[421Star][6m] preos-security/awesome-firmware-security Awesome Firmware Security & Other Helpful Documents
[420Star][9m] [Shell] sroberts/awesome-iocs A collection of sources of indicators of compromise.
[415Star][2y] zhengmin1989/greatiosjailbreakmaterial Great iOS Jailbreak Material! - I read hundreds of papers and PPTs. Only list the most useful materials here!
[411Star][15d] [Py] bl4de/security-tools Collection of small security tools created mostly in Python. CTFs, pentests and so on
[411Star][15d] [HTML] w3c/webappsec Web Application Security Working Group repo
[411Star][2m] husnainfareed/awesome-ethical-hacking-resources Awesome Resources For Learning Hacking & Pentesting
[409Star][3m] ph055a/osint-collection Maintained collection of OSINT related resources. (All Free & Actionable)
[407Star][2y] [JS] 0xdea/frida-scripts A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
[407Star][8m] kai5263499/osx-security-awesome A collection of OSX and iOS security resources
[405Star][3y] [Py] xitu/macos-security-and-privacy-guide A practical guide to securing macOS.
[397Star][7m] [HTML] gexos/hacking-tools-repository A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.
[396Star][4m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
[395Star][2y] sweis/crypto-might-not-suck List of crypto projects that might not suck
[393Star][2y] r0ysue/osg-translationteam 看雪iOS安全小组的翻译团队作品集合，如有勘误，欢迎斧正！
[392Star][2m] dsopas/assessment-mindset Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
[391Star][2m] milabs/awesome-linux-rootkits awesome-linux-rootkits
[391Star][13d] [Py] random-robbie/my-shodan-scripts Collection of Scripts for shodan searching stuff.
[389Star][2m] tobiasbueschel/awesome-pokemon A curated list of awesome Pokémon & Pokémon GO resources, tools and more.
[388Star][2y] [PS] shellntel/scripts A collection of scripts from the security professionals at www.shellntel.com.
[386Star][2y] m0l1ce/wooyunallbugs wooyun_all_bugs
[385Star][3m] [Jupyter Notebook] endgameinc/ember a collection of features from PE files that serve as a benchmark dataset for researchers.
[383Star][2m] thejambo/awesome-testing A curated list of testing resources
[379Star][1y] [CSS] nowsecure/secure-mobile-development A Collection of Secure Mobile Development Best Practices
[378Star][2y] aozhimin/ios-debug-hacks
[376Star][5m] xtiankisutsa/awesome-mobile-ctf This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
[375Star][8m] opencybertranslationproject/linux-basics-for-hackers 书籍《Linux Basics for Hackers》2019版中文翻译版
[374Star][3m] [AngelScript] inquest/malware-samples A collection of malware samples and relevant dissection information, most probably referenced from
[373Star][3m] renwax23/xss-payloads List of XSS Vectors/Payloads
[372Star][3y] [PHP] nikicat/web-malware-collection Clone of svn repository of
[370Star][11m] [Py] awslabs/aws-security-automation Collection of scripts and resources for DevSecOps and Automated Incident Response Security
[369Star][30d] fkromer/awesome-ros2 The Robot Operating System Version 2.0 is awesome!
[366Star][2y] [PHP] attackercan/regexp-security-cheatsheet
[366Star][2m] [Go] tomnomnom/httprobe Take a list of domains and probe for working HTTP and HTTPS servers
[366Star][2y] wtsxdev/malware-analysis List of awesome malware analysis tools and resources
[364Star][8m] [Py] orangetw/awesome-jenkins-rce-2019 There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
[363Star][10m] fr0gger/awesome-ida-x64-olly-plugin Awesome IDA, x64DBG & OllyDBG plugin
[363Star][13d] hongrisec/web-security-attack Web安全相关内容
[358Star][5m] b3nac/android-reports-and-resources A big list of Android Hackerone disclosed reports and other resources.
[356Star][5m] [Py] a3sal0n/cyberthreathunting A collection of resources for Threat Hunters
[355Star][29d] [Py] lockgit/hacking hacking is a kind of spirit !
[354Star][14d] [Py] alecmuffett/real-world-onion-sites This is a list of substantial, commercial-or-social-good mainstream websites which provide onion services.
[354Star][4y] fireeye/iocs FireEye Publicly Shared Indicators of Compromise (IOCs)
[354Star][3y] virajkulkarni14/webdevelopersecuritychecklist A checklist of important security issues you should consider when creating a web application.
[352Star][4y] [Java] rsmudge/cortana-scripts A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.
[351Star][4m] [Shell] maldevel/pentestkit Useful tools and scripts used during Penetration Tests.
[350Star][1m] [Shell] fanyueciyuan/eazy-for-ss A Bypassgfw Collection
[345Star][3m] softwareunderground/awesome-open-geoscience Curated from repositories that make our lives as geoscientists, hackers and data wranglers easier or just more awesome
[342Star][2y] [C++] ele7enxxh/poc-exp poc or exp of android vulnerability
[341Star][2y] slowmist/eos-bp-nodes-security-checklist EOS bp nodes security checklist
[335Star][2y] [PS] arno0x/powershellscripts Collection of PowerShell scripts
[335Star][10d] stamparm/ipsum Daily feed of bad IPs (with blacklist hit scores)
[334Star][15d] [PS] mgeeky/penetration-testing-tools A collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
[332Star][2m] [Jupyter Notebook] beeva/beeva-best-practices Best Practices and Style Guides in BEEVA
[331Star][3y] [Visual Basic .NET] khr0x40sh/macroshop Collection of scripts to aid in delivering payloads via Office Macros. Most are python. See
[331Star][1y] snyk/vulnerabilitydb Snyk's public vulnerability database
[330Star][11m] [Py] justicerage/freedomfighting A collection of scripts which may come in handy during your freedom fighting activities.
[327Star][10m] pxlpnk/awesome-ruby-security Awesome Ruby Security resources
[327Star][12m] [Py] secwiki/office-exploits office-exploits Office漏洞集合
[324Star][9m] [JS] zyszys/awesome-captcha Curated list of awesome captcha libraries and captcha crack tools.
[323Star][4m] [PS] kmkz/pentesting Tricks for penetration testing
[321Star][3m] [HTML] eugenekolo/sec-tools A set of security related tools
[320Star][3m] xsleaks/xsleaks A collection of browser-based side channel attack vectors.
[318Star][13d] cryptax/confsec Security, hacking conferences (list)
[316Star][1y] [PHP] grt1st/wooyun_search 乌云公开漏洞、知识库搜索 search from wooyun.org
[315Star][2y] burntmybagel/oscp-prep A list of the resources I use as I get ready for the exam
[315Star][1m] trimstray/technical-whitepapers Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
[312Star][11m] [Shell] swoodford/aws A collection of bash shell scripts for automating various tasks with Amazon Web Services using the AWS CLI and jq.
[310Star][1y] 1522402210/2018-blackhat-tools-list 2018 BlackHat Tools List
[309Star][2m] no-github/dork-admin 盘点近年来的数据泄露、供应链污染事件
[306Star][2m] [Py] rhinosecuritylabs/cves A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
[306Star][2y] [Py] timsutton/python-macadmin-tools List of open-source Python-based Mac sysadmin tools
[305Star][2y] [Java] joaomatosf/javadeserh2hc Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
[305Star][3y] [C++] m0n0ph1/malware-1 Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
[301Star][12m] [Assembly] guitmz/virii Collection of ancient computer virus source codes
[300Star][11m] [Shell] ctf-wiki/ctf-tools CTF 工具集合
[299Star][25d] [JS] aws-samples/aws-serverless-security-workshop In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
[299Star][2y] [C] pwning/docs Tips, Tricks, and Suggestions for Running a CTF
[298Star][1y] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
[297Star][5m] tanprathan/owasp-testing-checklist OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
[295Star][1y] findneo/newbie-security-list 网络安全学习资料，欢迎补充
[295Star][9m] vysecurity/domainfrontinglists A list of Domain Frontable Domains by CDN
[294Star][3y] lucyoa/ctf-wiki Hacking techniques useful during CTFs
[294Star][7m] [JS] ma3k4h3d/papers Some papers about cyber security
[294Star][10m] [HTML] s1gh/ctf-literature Collection of free books, papers and articles related to CTF challenges.
[292Star][8m] [Py] cesar-rodriguez/terrascan Collection of security and best practice test for static code analysis of terraform templates
[290Star][30d] [C#] matterpreter/offensivecsharp Collection of Offensive C# Tooling
[289Star][3y] [Py] dhilipsiva/webapp-checklist Technical details that a programmer of a web application should consider before making the site public.
[289Star][15d] [Java] mr-xn/penetration_testing_poc About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce
[287Star][10m] wallarm/awesome-nginx-security A curated list of awesome links related to application/API security in NGINX environment.
[286Star][3y] [Py] nanshihui/poccollect a plenty of poc based on python
[285Star][3y] [HTML] buddhalabs/packetstorm-exploits Collection of publicly available exploits from Packetstorm
[284Star][3m] [C] ayeks/sgx-hardware This is a list of hardware which is supports Intel SGX - Software Guard Extensions.
[282Star][23d] [PHP] nico3333fr/csp-useful Collection of scripts, thoughts about CSP (Content Security Policy)
[281Star][3m] [C] 0xdea/exploits A handy collection of my public exploits, all in one place.
[277Star][2y] [Assembly] tinysec/windows-syscall-table windows syscall table from xp ~ 10 rs4
[276Star][4m] mattnotmax/cyberchef-recipes A list of cyber-chef recipes
[273Star][3m] [JS] hynekpetrak/javascript-malware-collection Collection of almost 40.000 javascript malware samples
[272Star][18d] [JS] ropnop/serverless_toolkit A collection of useful Serverless functions I use when pentesting
[272Star][18d] zodiacon/alltools All reasonably stable tools
[271Star][8m] offensive-security/nethunter-lrt The Nethunter Linux Root Toolkit is a collection of bash scripts which install Nethunter onto a supported device.
[270Star][2y] [Java] reoky/android-crackme-challenge A collection of reverse engineering challenges for learning about the Android operating system and mobile security.
[267Star][2y] [PHP] sqlmapproject/testenv A collection of web pages vulnerable to SQL injection flaws
[265Star][13d] [Py] den4uk/andriller a collection of forensic tools for smartphones
[260Star][5m] zhaoweiho/web-sec-interview Information Security (Web Security/Penetration Testing Direction) Interview Questions/Solutions 信息安全(Web安全/渗透测试方向)面试题/解题思路
[260Star][1m] thelsa/cs-checklist PC客户端（C-S架构）渗透测试checklist / Client side(C-S) penestration checklist
[258Star][24d] [Jupyter Notebook] aws-samples/aws-security-workshops A collection of the latest AWS Security workshops
[258Star][30d] [Py] inforion/idapython-cheatsheet Scripts and cheatsheets for IDAPython
[258Star][2y] [Go] netxfly/xsec-ip-database Malicious ip database
[257Star][4y] [C] roxas75/rxtools a collection of hacking tools for Nintendo 3DS/3DSXL/2DS, compatible with all the system versions from 4.1 to 9.2.
[256Star][11m] [C++] ramadhanamizudin/malware Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from:
[253Star][5m] [C++] tonychen56/hackertools 使用MFC编写的病毒技术合集
[252Star][12m] crytic/awesome-ethereum-security A curated list of awesome Ethereum security references
[250Star][9m] 0x4d31/awesome-oscp A curated list of awesome OSCP resources
[249Star][1m] pomerium/awesome-zero-trust A curated collection of awesome resources for the zero-trust security model.
[246Star][30d] [C++] strazzere/android-scripts Collection of Android reverse engineering scripts
[245Star][2y] ludiosarchive/unfixed-security-bugs A list of publicly known but unfixed security bugs
[244Star][2y] hsis007/useful_websites_for_pentester This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.
[244Star][3y] [PHP] tdifg/webshell WebShell Collect
[243Star][10m] accordbox/awesome-scrapy A curated list of awesome packages, articles, and other cool resources from the Scrapy community.
[243Star][2m] croqaz/awesome-decentralized Awesome distributed, decentralized, p2p apps or tools
[243Star][17d] euphrat1ca/security_w1k1 collect
[243Star][3y] misterch0c/awesome-hacking A collection of various awesome lists for hackers, pentesters and security researchers
[241Star][2y] kinimiwar/penetration-testing List of awesome penetration testing resources, tools and other shiny things
[239Star][16d] pe3zx/my-infosec-awesome My curated list of awesome links, resources and tools on infosec related topics
[236Star][3m] [Py] boy-hack/airbug Airbug(空气洞)，收集漏洞poc用于安全产品
[233Star][8m] [C] ctz/cifra A collection of cryptographic primitives targeted at embedded use.
[233Star][2y] wizardforcel/web-hacking-101-zh
[231Star][15d] cpuu/awesome-fuzzing A curated list of awesome Fuzzing(or Fuzz Testing) for software security
[228Star][6m] guardrailsio/awesome-dotnet-security Awesome .NET Security Resources
[227Star][2y] [C#] t3ntman/social-engineering-payloads Collection of social engineering payloads
[224Star][23d] vixentael/my-talks List of my talks and workshops: security engineering, applied cryptography, secure software development
[223Star][3m] [C] david942j/ctf-writeups Collection of scripts and writeups
[223Star][15d] decalage2/awesome-security-hardening A collection of awesome security hardening guides, tools and other resources
[222Star][14d] [C#] carlospolop/privilege-escalation-awesome-scripts-suite PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
[222Star][9m] jesusprubio/awesome-nodejs-pentest Awesome Node.js for pentesters
[222Star][2m] [PS] tonyphipps/meerkat A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
[221Star][2y] sh4hin/mobileapp-pentest-cheatsheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[221Star][5m] security-checklist/php-security-check-list PHP Security Check List [ EN ]
[219Star][18d] [JS] strangerealintel/cyberthreatintel Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
[217Star][3m] [CSS] 7dog7/bottleneckosmosis 瓶颈渗透,web渗透,red红队,fuzz param,注释,js字典,ctf
[217Star][2y] cure53/browser-sec-whitepaper Cure53 Browser Security White Paper
[217Star][2y] [Py] euphrat1ca/fuzzdb-collect 网络上安全资源的搜集
[216Star][10m] puresec/awesome-serverless-security A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
[214Star][13d] shogunlab/awesome-hyper-v-exploitation A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.
[213Star][11m] jeansgit/redteam RedTeam资料收集整理
[209Star][7m] [PHP] momosecurity/rhizobia_p PHP安全SDK及编码规范
[209Star][1m] sigp/solidity-security-blog Comprehensive list of known attack vectors and common anti-patterns
[207Star][1y] faizann24/resources-for-learning-hacking All the resources I could find for learning Ethical Hacking and penetration testing.
[207Star][15d] vschiavoni/sgx-papers A list of system papers using/about Intel SGX
[204Star][2y] evnm/research-in-production A collection of research papers categorized by real-world systems that enact them
[201Star][13d] anudeepnd/blacklist Curated and well-maintained host file to block ads, tracking, cryptomining and more! Updated regularly.
[201Star][1y] [Py] sec-bit/awesome-buggy-erc20-tokens A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
[200Star][1y] iamcryptoki/snowden-archive
[199Star][4y] [Java] pwntester/serialkillerbypassgadgetcollection Collection of bypass gadgets to extend and wrap ysoserial payloads
[198Star][1m] [F#] b2r2-org/b2r2 B2R2 is a collection of useful algorithms, functions, and tools for binary analysis.
[198Star][10m] hannoch/scaner scanner collection
[198Star][5y] rutkai/pentest-bookmarks A collection of penetration testing related sites
[197Star][1y] [Py] pstirparo/mac4n6 Collection of forensics artifacs location for Mac OS X and iOS
[196Star][4m] jdonsec/allthingsssrf This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
[196Star][3m] noorqureshi/kali-linux-cheatsheet Kali Linux Cheat Sheet for Penetration Testers
[196Star][10m] zardus/wargame-nexus An sorted and updated list of security wargame sites.
[195Star][9m] [Py] lingerhk/hacking_script 开发或收集的一些网络安全方面的脚本、小工具
[195Star][12m] [JS] zer4tul/hacker-howto 本文原文由知名Hacker Eric S. Raymond 所撰写，教你如何成为一名黑客。
[194Star][1y] [HTML] yaseng/iot-security-wiki IOT security wiki
[193Star][4m] [ObjC] riusksk/secconarchive Security Conference Archive
[192Star][4m] [Py] jrspruitt/ubi_reader Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.
[192Star][7m] pochubs/pochubs PocHubs是为了整合网上知名开源框架的漏洞详细和POC
[188Star][4y] [Lua] automayt/ics-pcap A collection of ICS/SCADA PCAPs
[186Star][2m] feeicn/securityinterviewquestions 网络信息安全从业者面试指南（持续补充各公司招聘题目和侧重点）
[186Star][1y] yellowbyte/analysis-of-anti-analysis writings on anti-reverse engineering
[185Star][3m] [Py] naategh/pyck A collection of useful Python hacking scripts for beginners
[184Star][15d] enovella/tee-reversing A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices
[184Star][14d] fkie-cad/awesome-embedded-and-iot-security A curated list of awesome embedded and IoT security resources.
[184Star][3y] [Py] wavestone-cdt/hadoop-attack-library A collection of pentest tools and resources targeting Hadoop environments
[183Star][4m] radareorg/r2con Radare Congress Stuff
[182Star][10m] [Py] hasecuritysolutions/logstash Contains Logstash related content including tons of Logstash configurations
[182Star][3m] mre/awesome-dynamic-analysis A curated list of dynamic analysis tools for various programming languages
[181Star][2y] [PHP] lcatro/php-webshell-bypass-waf Share some experience about PHP WebShell bypass WAF and Anti-AV
[180Star][8m] pandazheng/threat-intelligence-analyst 威胁情报，恶意样本分析，开源Malware代码收集
[179Star][2y] [CSS] bhdresh/socialengineeringpayloads This is a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks.
[177Star][2y] [Py] duo-labs/idapython a few Python modules developed for use with IDA Pro from the researchers at Duo Labs.
- cortex_m_firmware grooms an IDA Pro database containing firmware from an ARM Cortex M microcontroller.
- amnesia an IDAPython module designed to use byte level heuristics to find ARM thumb instructions in undefined bytes in an IDA Pro database
- REobjc an IDAPython module designed to make proper cross references between calling functions and called functions in Objective-C methods
[176Star][7y] [Py] gdssecurity/gwt-penetration-testing-toolset A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here:
[175Star][9m] guardrailsio/awesome-java-security Awesome Java Security Resources
[175Star][18d] winmin/awesome-vm-exploit share some useful archives about vm and qemu escape exploit.
[174Star][2m] chbrian/awesome-adversarial-examples-dl A curated list of awesome resources for adversarial examples in deep learning
[170Star][10m] thehackingsage/hackdroid Penetration Testing Apps for Android
[169Star][3y] [Py] northernsec/cve-scan Scan systems with NMap and parse the output to a list of CVE's, CWE's and DPE's
[168Star][12m] [Py] mnkgrover08-zz/whatsapp_automation Whatsapp Automation is a collection of APIs that interact with WhatsApp messenger running in an Android emulator, allowing developers to build projects that automate sending and receiving messages, adding new contacts and broadcasting messages multiple contacts.
[168Star][2y] [Py] monrocoury/forensic-tools A collection of tools for forensic analysis
[167Star][1m] [Py] botherder/targetedthreats Collection of IOCs related to targeting of civil society
[167Star][2y] [C++] mortenschenk/bhusa2017 Content from presentation at BHUSA 2017
[166Star][7m] [Ruby] r00t-3xp10it/msf-auxiliarys My collection of metasploit auxiliary post-modules
[164Star][3m] mdrights/digital-rights Promote digital rights in China
[163Star][3y] [Py] ctfs/write-ups-tools A collection of tools used to maintain and create CTF write-up folders
[163Star][2y] secwiki/hack-movie 黑客相关的电视剧/电影/纪录片
[161Star][2y] javierolmedo/shodan-filters A list of shodan filters
[161Star][1y] splunk/botsv1 A sample security dataset and CTF platform
[161Star][7m] [C#] xorrior/random-csharptools Collection of CSharp Assemblies focused on Post-Exploitation Capabilities
[160Star][1y] [HTML] exploitprotocol/mobile-security-wiki
[159Star][1y] joychou93/sks Security Knowledge Structure(安全知识汇总)
[159Star][3y] [Py] nneonneo/eqgrp-free-file Free sampling of files from the purported Equation Group hack.
[159Star][6m] samanl33t/awesome-mainframe-hacking List of Awesome Mainframe Hacking/Pentesting Resources
[158Star][4m] [HTML] zer0yu/berserker A list of useful payloads for Web Application Security and Pentest/CTF
[157Star][9m] dckc/awesome-ocap Awesome Object Capabilities andCapability-based Security
[156Star][1y] [YARA] mikesxrs/open-source-yara-rules YARA Rules I come across on the internet
[156Star][2y] [PS] psconfeu/2018 PowerShell Conference Europe 2018 Slides and Demo Scripts
[156Star][2y] [ASP] testsecer/webshell 这是一个WebShell收集项目
[154Star][3y] zbetcheckin/pdf_analysis Several PDF analysis reassembled with additional tips and tools
[151Star][1y] chryzsh/awesome-windows-security List of Awesome Windows Security Resources
[151Star][3y] [C] pustladi/windows-2000 Microsoft Windows 2000 Professional — (Source Codes)
[151Star][7m] shramos/awesome-cybersecurity-datasets A curated list of amazingly awesome Cybersecurity datasets
[150Star][1y] brucetg/app_security
[150Star][2y] dragonquesthero/awesome-windows-security-development awesome-windows-security-development
[150Star][2m] leonjza/awesome-nmap-grep Awesome Nmap Grep
[150Star][2y] [Py] malwaretech/trickbot-toolkit A collection of tools for dealing with TrickBot
[149Star][6y] [C++] kaiserfarrell/malware virus collection source code
[148Star][11m] [Shell] aturl/awesome-anti-gfw Awesome GFW Bypass
[148Star][7m] [Shell] petermosmans/security-scripts A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)
[147Star][14d] [Shell] recolic/awesome-hust HUST experiments, reports, and useful tools.
[147Star][1m] security-cheatsheet/reverse-shell-cheatsheet
[146Star][2m] bin2415/fuzzing_paper puzzing related paper
[145Star][2y] chan9390/awesome-mitm Curated List of MitM frameworks on GitHub
[145Star][3m] [Py] ripe-atlas-community/ripe-atlas-community-contrib Repository for links towards tools written during hackathons, and a collection of contributions by the community of the RIPE Atlas visualizations, tools for analysing measurements data and other scripts
[145Star][3y] [PHP] webshellpub/awsome-webshell webshell样本大合集。收集各种webshell用于webshell分析与发现
[144Star][10m] [Py] kacperszurek/exploits exploits
[142Star][3y] [C] mdsecresearch/publications A list of published research documents
[142Star][3y] kejane/securityrss 网络安全相关的RSS订阅列表
[141Star][6m] [C++] oatpp/oatpp-examples List of example projects of how to use oat++ framework
[140Star][1y] laxa/hackingtools Exhaustive list of hacking tools
[140Star][8y] stefanesser/ida-ios-toolkit Collection of idapython scripts for dealing with the iOS kernelcache
[139Star][29d] pomerium/awesome-security-audits A collection of public security audits.
[138Star][2y] [Py] duoergun0729/3book 《Web安全之强化学习与GAN》
[137Star][11d] [Py] omegak2/pypoe Collection of Python Tools for Path of Exile
[136Star][8m] gaerae/awesome-algorithms-education A curated list to learning and practicing about algorithm.
[136Star][3y] kurobeats/pentest-bookmarks Open Penetration Testing Bookmarks Collection
[136Star][2m] [Py] wudimahua/firewall 美国国家安全局NSA下属方程式黑客组织（Equation Group）被The Shadow Brokers（影子经纪人）hack出来的并免费分享的源码
[135Star][6m] [Makefile] cirosantilli/arm-assembly-cheat MOVED TO:
[135Star][11m] [PS] securemode/invoke-apex A PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
[135Star][2y] thec00n/smart-contract-honeypots a collection of smart contract honeypots.
[135Star][1y] [Shell] onmyway133/swiftsnippets A collection of Swift snippets to be used in Xcode
[134Star][3y] aqzt/sso 项目主要是汇集整理服务器安全运维规范，包括运维工程师必须遵守的规范、服务器运维中注意事项、故障避免手段等文档，帮助运维工程师避免服务器安全和运维故障，方便运维工程师学习成长。
[133Star][3y] [C++] chenenyu/androidsecurity Android安全实践
[133Star][2m] jlopp/physical-bitcoin-attacks A list of known attacks against Bitcoin / crypto asset owning entities that occurred in meatspace.
[133Star][10d] [Shell] adroitadorkhan/energizedprotection A merged collection of hosts from reputable sources. #StayEnergized!
[132Star][2y] [C#] m0xiaoxi/ctftools 本项目主要搜集一些关于信息安全攻防相关的知识与工具，便于个人的渗透工作。
[131Star][2y] [HTML] chybeta/waf-bypass WAF Bypass Cheatsheet
[131Star][10m] [HTML] minhaskamal/cuteviruscollection A Collection of Cute But Deadly Viruses (small-unharmful-annoying-harmless-funny-malware-virus-worm-windows-xp-7-10)
[131Star][11m] [C] regehr/ub-canaries collection of C/C++ programs that try to get compilers to exploit undefined behavior
[130Star][30d] inquest/yara-rules A collection of YARA rules we wish to share with the world, most probably referenced from
[130Star][1y] [PS] xor-function/fathomless A collection of post-exploitation tools for network red teaming. (Migrating to Fathomless Project)
[128Star][2y] mawenjian/china-cdn-domain-whitelist 中国CDN服务提供商域名白名单（China CDN Service Providers' Domain Whitelist）
[127Star][10m] whid-injector/awesome-go-offensive-tools List of Awesome Offensive Tools written in GO
[126Star][3m] [HTML] sundaysec/android-exploits A collection of android Exploits and Hacks
[123Star][2m] [HTML] edoverflow/proof-of-concepts A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
[123Star][2y] we5ter/awesome-platforms A curated list of awesome security platforms,including CTF/Security Response Center/Bug Tracker and so on.
[123Star][2y] [Shell] averagesecurityguy/cheat-sheets Various Cheat Sheets related to development and security
[122Star][1y] nagwww/s3-leaks List of S3 Hacks
[121Star][1y] [PHP] a0xnirudh/kurukshetra A framework for teaching secure coding by means of interactive problem solving.
[121Star][4y] [Py] fengxuangit/dede_exp_collect collection dedecms exp use pocsuite framework 收集织梦的一些漏洞，并用pocsuite框架写出利用程序。打造一键日dede
[121Star][16d] [HTML] mozillasecurity/fuzzmanager A fuzzing management tools collection
[121Star][4y] sandysekharan/ctf-tool A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.
[120Star][10m] byt3bl33d3r/ansibleplaybooks A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
[118Star][7m] fabionoth/awesome-cyber-security A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
[118Star][1y] [lua] tanjiti/icstools ics security tools
[117Star][9m] marcosvalle/awesome-windows-red-team A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
[117Star][4m] [PS] thom-s/netsec-ps-scripts Collection of PowerShell network security scripts for system administrators.
[116Star][2m] govanguard/list-pentest-tools A curated list of network penetration testing tools.
[111Star][1m] firmianay/security-paper （与本人兴趣强相关的）各种安全or计算机资料收集
[110Star][3m] [C++] x64dbg/scripts A collection of x64dbg scripts. Feel free to submit a pull request to add your script.
[108Star][8m] binject/awesome-go-security A dedicated place for cool golang security projects
[108Star][2y] [Ruby] porterhau5/bloodhound-owned A collection of files for adding and leveraging custom properties in BloodHound.
[107Star][3m] ajvb/awesome-tor A list of awesome Tor related projects, articles, papers, etc
[105Star][4m] [Py] ex16x41/oscp-prep my oscp prep collection
[105Star][2y] gossithedog/threathunting Tools for hunting for threats.
[105Star][4m] soffensive/windowsblindread A list of files / paths to probe when arbitrary files can be read on a Microsoft Windows operating system
[104Star][3y] [Py] landgrey/taoman 快速收集
[103Star][3y] [C++] azuregreen/injectcollection A collection of injection via vc++ in ring3
[102Star][8m] fox-it/cobaltstrike-extraneous-space Historical list of {Cobalt Strike,NanoHTTPD} servers
[102Star][13d] houjingyi233/cpu-vulnerability-collections
[102Star][3m] ashemery/linuxforensics Everything related to Linux Forensics
[102Star][13d] chryzsh/awesome-bloodhound A curated list of awesome BloodhoundAD resources
[101Star][2m] jonaschn/awesome-he A curated list of amazing Homomorphic Encryption libraries, software and resources
[101Star][4m] xx0hcd/malleable-c2-profiles Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike
[100Star][5y] [Py] blasty/moneyshot A collection of python scripts to aid you in the final steps of binary exploitation or during the construction of buffers.
[100Star][17d] [Ruby] hahwul/mad-metasploit Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
[99Star][19d] [TeX] misp/misp-training MISP trainings, threat intel and information sharing training materials with source code
[99Star][10y] [C] tecknicaltom/dsniff dsniff is a collection of tools for network auditing and penetration testing.
[99Star][2y] [PS] testingpens/malwarepersistencescripts A collection of scripts I've written to help red and blue teams with malware persistence techniques.
[98Star][3m] byt3bl33d3r/slides Slides from various talks that I've given over the years
[98Star][2y] [Py] leesoh/yams A collection of Ansible roles for automating infosec builds.
[97Star][2y] [Shell] chorankates/h4ck a collection of writeups and tools related to ~embedded device ~hacking
[97Star][1y] [Py] njcx/pocsuite_poc_collect collection poc use pocsuite framework
[97Star][3y] [C] s4n7h0/practical-reverse-engineering-using-radare2 Training Materials of Practical Reverse Engineering using Radare2
[97Star][4y] [Java] zencodex/hack-android Collection tools for hack android, java
[96Star][3m] geeksonsecurity/vuln-web-apps A curated list of vulnerable web applications.
[96Star][2y] [Java] jgillam/burp-co2 A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.
[95Star][2y] [C] cetfor/antidbg A bunch of Windows anti-debugging tricks.
[95Star][3m] [PHP] commixproject/commix-testbed A collection of web pages, vulnerable to command injection flaws.
[95Star][5y] [Py] nihilus/ida-idc-scripts Varoius IDC-scripts I've collected during the years.
[94Star][14d] [Py] alanvivona/pwnshop Exploit Development and Reverse Engineering topics
[94Star][10d] [Py] endermanch/malwaredatabase This repository is one of a few malware collections on the GitHub.
[94Star][2y] [ObjC] r0ysue/osg-teams 希望大家在合作中学习姿势、提升技术、交流感情。比赛第二，友谊第一。
[93Star][5y] [Py] debasishm89/hack_audio_captcha Collection of Scripts written to Solve/Crack Audio reCapcha Challenges
[93Star][4y] [Py] groundworkstech/pybfd A Python interface to the GNU Binary File Descriptor (BFD) library.
[93Star][23d] [Py] log2timeline/dftimewolf A framework for orchestrating forensic collection, processing and data export
[92Star][2m] [PS] dbheise/vm_setup A collection of scripts to initialize a windows VM to run all the malwares!
[92Star][1y] [PS] rasta-mouse/aggressor-script Collection of Aggressor Scripts for Cobalt Strike
[92Star][2y] [PS] sadprocessor/empiredog A collection of PowerShell Modules for BloodHound/Empire Orchestration
[92Star][2y] [C] secwiki/android-kernel-exploits android kernel exploits漏洞集合
[91Star][1y] 001spartan/aggressor_scripts A collection of useful scripts for Cobalt Strike
[91Star][2y] grrrdog/tls-redirection raise awareness of a little-known group of attacks, TLS redirection / Virtual Host Confusion, and to bring all the information related to this topic together.
[91Star][6m] [C++] niklasb/sploits
[91Star][2y] [PS] russelltomkins/active-directory Collection of scripts for Querying and Managing Active Directory and Domain Controllers
[90Star][10m] pandazheng/securitysite 收集了一些安全公司的博客
[90Star][3m] [Py] radareorg/r2con2019 slides and materials
[90Star][1m] payloadbox/sql-injection-payload-list SQL Injection Payload List
[89Star][8m] [Shell] hannob/tlshelpers A collection of shell scripts that help handling X.509 certificate and TLS issues
[89Star][12m] paralax/awesome-internet-scanning A curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
[89Star][19d] [C++] sinakarvandi/process-magics This is a collection of interesting codes about Windows Process creation.
[88Star][19d] claucece/useful-crypto-resources A place for useful crypto-related resources plus some of my fav stuff
[88Star][4y] dantaler/detectionstring list of sql-injection and XSS strings
[88Star][6m] v-p-b/avpwn List of real-world threats against endpoint protection software
[88Star][1y] [TeX] zxgio/r2-cheatsheet Radare2 cheat-sheet
[87Star][9m] [Py] laconicwolf/burp-extensions A collection of scripts to extend Burp Suite
[86Star][3y] aidanharris/free-security-ebooks-from-packtpub Collection of free Security eBooks from Packt Publishing [Regularly Updated]
[86Star][5m] chrisdiana/awesome-odroid-go A collection of awesome ODROID-GO emulators, games and resources
[86Star][9m] nongiach/awesome-cryptocurrency-security Awesome cryptocurrency security
[86Star][1y] [HTML] radareorg/r2con2018
[85Star][10d] caledoniaproject/awesome-opensource-security A list of interesting stuffs that I have no time to test/review
[85Star][1y] ckjbug/kali-linux-learning
[85Star][2y] palmercluff/qemu-images A collection of disk images and virtual machines that can be used by the QEMU emulator
[85Star][1y] santosomar/who_and_what_to_follow Who and what to follow in the world of cyber security
[83Star][9m] kai5263499/awesome-container-security Awesome list of resources related to container security
[83Star][2y] [Py] am0nsec/exploit Collection of different exploits
[83Star][17d] allsafecybersecurity/awesome-ghidra A curated list of awesome Ghidra materials
[82Star][4m] blockchainlabsnz/awesome-solidity A curated list of awesome Solidity resources
[82Star][9m] [Py] ciscodevnet/virlutils
[82Star][11m] sderosiaux/guidelines-to-create-a-strong-website A list of all things to consider when making a website or webapp of quality.
[82Star][14d] yingtongdou/graph-adversarial-learning-literature A curated list of adversarial attacks and defenses papers on graph-structured data.
[82Star][21d] alphaseclab/sec-tool-list Almost 18K security related open source tools, sorted by star count. Both in markdown and json format.
[81Star][4y] fabiobaroni/awesome-chinese-infosec-websites A curated list of Chinese websites and personal blogs about ethical hacking and pentesting
[81Star][3y] [Py] januzellij/hopperscripts Collection of scripts I use in the Hopper disassembler
[81Star][1m] [ObjC] poomsmart/idaobjctypes A collection of types & functions definitions useful for Objective-C binaries analysis.
[79Star][2y] iamhdt/ecommerce-website-security-checklist List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
[79Star][2y] [Py] imiyoo2010/teye_scanner_for_book 《白帽子讲Web扫描》书籍参考代码
[79Star][3y] yeyintminthuhtut/awesome-study-resources-for-kernel-hacking Kernel Hacking study materials collection
[78Star][6y] [CSS] gajus/bugger Bugger is a collection of functions for debugging PHP code.
[78Star][3y] [HTML] malqr/malqr.github.io MalQR is a collection of malicious QR Codes and Barcodes you can use to test the security of your scanners.
[78Star][3y] [Py] securitystreak/security-scripts A collection of public offensive and defensive security related scripts for InfoSec students.
[77Star][4y] [HTML] f47h3r/hackingteam_exploits Initial Collection of HackingTeam Exploits
[76Star][4y] hardhatdigital/rails-security-audit A checklist of Rails security audit
[76Star][4m] ivbeg/awesome-forensicstools Awesome list of digital forensic tools
[76Star][10m] misterch0c/crimeboards A list of private and public (more or less) blackhat boards
[76Star][4m] ivbeg/awesome-forensicstools Awesome list of digital forensic tools
[75Star][2y] [HTML] cyberheartmi9/payloadsallthethings
[75Star][9m] edelahozuah/awesome-wifi-security A collection of awesome resources related to 802.11 security, tools and other things
[75Star][4m] gouveaheitor/awesome-biohacking a awesome collection about Biohacking.
[75Star][3m] [C++] shellvm/shellvm A collection of LLVM transform and analysis passes to write shellcode in regular C
[75Star][1y] tianjifou/ios-security-attack-and-prevent iOS安全攻与防,详细的列出了，在iOS开发中，项目会存在的安全漏洞以及解决办法。
[74Star][6m] [HTML] ph0en1x-xmu/awesome-ctf-book Study CTF, study security
[74Star][3y] wtsxdev/android-security-list Collection of Android security related resources
[73Star][3y] lcatro/hacker_document 收集一些以前看过对于入门和进阶很有用的攻击原理文档..
[73Star][3y] [Py] programa-stic/hexag00n Hexag00n: A collection of reverse engineering tools for the Qualcomm Digital Signal Proccesor (QDSP6)
[72Star][5y] [C#] khr0x40sh/whitelistevasion Collection of scripts, binaries and the like to aid in WhiteList Evasion on a Microsoft Windows Network.
[72Star][3y] [Py] roothaxor/ransom Various codes related to Ransomware Developement
[72Star][9m] wufengxue/android-reverse 安卓逆向工具汇总
[72Star][2y] zntfdr/awesome-twitter-bots A Curated Collection of the Best Twitter Bots
[71Star][8y] [Py] hellais/buckle-up Script for running Mac OS X applications in a sandbox and a collection of seatbelt profiles
[70Star][5m] ascotbe/osmographic-brain-mapping 渗透脑图(渗透步骤)
[70Star][2y] hacker0x01/h1-212-ctf-solutions A collection of the solutions people wrote for the H1-212 Capture The Flag event
[70Star][3y] [Ruby] melvinsh/subresolve Resolve and quickly portscan a list of (sub)domains.
[70Star][4y] [C++] nccgroup/windowsdaclenumproject A collection of tools to enumerate and analyse Windows DACLs
[70Star][3y] [HTML] skylined/bugs Collection of software bugs found by SkyLined
[70Star][7m] [C++] thomasthelen/antidebugging A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
[70Star][4y] [C++] waleedassar/antidebug Collection Of Anti-Debugging Tricks
[70Star][6m] wbierbower/awesome-physics A collaborative list of awesome software for exploring Physics concepts
[70Star][16d] [Shell] sclorg/s2i-php-container PHP container images based on Red Hat Software Collections and intended for OpenShift and general usage, that provide a platform for building and running PHP applications. Users can choose between Red Hat Enterprise Linux, Fedora, and CentOS based images.
[70Star][3m] opentoallctf/tips
[69Star][3m] [C] aerosoul94/ida_gel A collection of IDA loaders for various game console ELF's. (PS3, PSVita, WiiU)
[67Star][11d] [TSQL] mitchellkrogza/the-big-list-of-hacked-malware-web-sites This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
[67Star][2y] shmilylty/awesome-malware-analysis A curated list of awesome malware analysis tools and resources
[66Star][3y] [Py] jgamblin/badactors Create a list of bad actors from public IP blacklist.
[66Star][2y] tkmru/awesome-linux-rootkits Awesome Linux Rootkits
[66Star][10m] [Py] phxbandit/scripts-and-tools Scripts and utilities to help your hacking needs
[66Star][10m] security-cheatsheet/wireshark-cheatsheet Wireshark Cheat Sheet
[65Star][5m] [JS] exposejs/expose A Dynamic Symbolic Execution (DSE) engine for JavaScript
[65Star][1y] [Py] immunit/xip XIP generates a list of IP addresses by applying a set of transformations used to bypass security measures e.g. blacklist filtering, WAF, etc.
[65Star][5m] [Py] integeruser/on-pwning My solutions to some CTF challenges and a list of interesting resources about pwning stuff
[65Star][12m] [HTML] mtesauro/owasp-wte Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice..
[65Star][1y] [Py] naivenom/reversing-list Reversing list
[65Star][2y] [HTML] secwiki/ipot Honeypot Research Blog
[64Star][2y] opsxcq/proxy-list A curated list of free public proxy servers
[64Star][1y] [Lua] pr4jwal/quick-scripts A collection of my quick and dirty scripts for vulnerability POC and detections
[64Star][3y] secdr/sec-ml security machine learning
[63Star][9m] [Shell] ernw/static-toolbox A collection of statically compiled tools like Nmap and Socat.
[63Star][3y] funkmyster/awesome-cloud-security Curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
[63Star][28d] tiaotiaolong/sec_interview_know_list 信息安全方面面试清单
[62Star][9m] [Py] 3lackrush/poc-bank Focus on cybersecurity | collection of PoC and Exploits
[62Star][1y] pfalcon/awesome-linux-android-hacking List of hints and Q&As to get most of your Linux/Android device
[62Star][3y] shmilylty/sec-box information security Tools Box （信息安全工具集合）
[62Star][30d] ga1ois/bluehat-2019-seattle All the materials in BlueHat 2019 Seattle will be realeased here.
[61Star][2y] im-bug/blockchain-security-list
[61Star][3y] [Py] samyk/awesome-vehicle-security A curated list of awesome resources, books, hardware, software, applications, people to follow, and more cool stuff about vehicle security, car hacking, and tinkering with the functionality of your car.
[61Star][7y] [JS] enablesecurity/webapp-exploit-payloads a collection of payloads for common webapps
[60Star][2m] infosec-community/apac-conferences A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
[60Star][5y] [Go] jgrahamc/torhoney Gets the list of TOR exit nodes and matches them with Project Honeypot data
[60Star][2y] [Shell] kevthehermit/pentest Just a collection of pentest stuffs
[59Star][1y] [Roff] cloudsriseup/hacker_ezines A collection of electronic hacker magazines carefully curated over the years from multiple sources
[59Star][1y] latestalexey/awesome-web-hacking A list of web application security
[59Star][3m] lgg/awesome-keepass Curated list of KeePass-related projects
[59Star][3m] [Py] williballenthin/idawilli IDA Pro resources, scripts, and configurations
- hint_calls IDA plugin to display the calls and strings referenced by a function as hints.
- dynamic_hints an example plugin that demonstrates how to provide custom hints with dynamic data.
- add_segment IDAPython plugin that adds the contents of a file as a new segment in an existing idb
- color IDAPython script that colors instructions
- find_ptrs IDAPython script that scans through the .text section for values that could be pointers (32-bit).
- yara_fn IDAPython script that generates a YARA rule to match against the basic blocks of the current function
- idawilli a python module that contains utilities for working with the idapython scripting interface.
- themes colors and skins
[58Star][4y] [C] dev-zzo/exploits-nt-privesc Exploit collection for NT privilege escalation
[58Star][22d] [Py] lich4/personal_script 010Editor/BurpSuite/Frida/IDA tools and scripts collection
- 010Editor 010Editor scripts
- ParamChecker Burp插件
- Frida Frida Scripts
- IDA IDA Scripts
- IDA-read_unicode.py When there is chinese unicode character in programe, due to python's shortage, ida could not recongnized them correctly, it's what my script just do
- IDA-add_xref_for_macho When you deal with macho file with ida, you'll find out that it's not easy to find Objc-Class member function's caller and callee, (because it use msgSend instead of direct calling convention), so we need to make some connection between the selector names and member function pointers, it's what my script just do
- IDA-add_info_for_androidgdb When you debug android with IDA and gdbserver, you'd find that the module list and segment is empy, while we can read info from /proc/[pid]/,
- IDA-trace_instruction this script is to trace instruction stream in one run
- IDA-detect_ollvm this script is to detect ollvm and fix it in some extent, apply to android and ios
- IDA-add_block_for_macho this script is used to analysis block structure exist in macho file, target NSConcreteStackBlock/NSConcreteGlobalBlock currently, also contain some wonderful skills
[57Star][3m] [PS] eclypsium/screwed-drivers a centralized source of knowledge which contains a list of drivers determined to be vulnerable as well as example code for how to use this kind of functionality.
[57Star][2y] [PS] invokethreatguy/csasc Cobalt Strike Aggressor Script Collection
[57Star][2y] mrash/afl-cve A collection of vulnerabilities discovered by the AFL fuzzer (afl-fuzz)
[57Star][2y] wangyihang/awesome-web-security Awesome Web Security
[57Star][3y] shmilylty/awesome-application-security awesome application security chinese version
[56Star][2m] [Py] dedsecinside/awesome-scripts A collection of awesome scripts from developers around the globe.
[56Star][13d] [PS] jaapbrasser/sharedscripts This is a collection of scripts that I have shared online
[56Star][2y] myndtt/ctf-site 介绍一些CTF训练的站点
[55Star][26d] guyanqi/awesome-privacy Repository for collection of research papers on privacy.
[55Star][10m] muhammd/awesome-pentest Awesome Penetration Testing A collection of awesome penetration testing resources
[55Star][23d] [C] outscale/packetgraph Packetgraph library is a collection of network bricks you can connect to form a network graph.
[55Star][2y] yrzx404/free-security-resources 安全总是无处不在...
[54Star][3y] annsec/awesome-cybersecurity Curated list of awesome cybersecurity companies and solutions.
[54Star][1y] cujanovic/subdomain-bruteforce-list subdomain bruteforce list
[54Star][4m] mikerah/awesome-privacy-on-blockchains A curated list of privacy on blockchains resources
[54Star][2y] [Py] nezza/scada-stuff A collection of scripts & tools for reverse-engineering & hacking SCADA/ICS devices.
[54Star][5y] [Py] nnewsom/webbies Collection of tools for web recon and enumeration.
[54Star][2m] b-mueller/awesome-mythx-smart-contract-security-tools A curated list of resources and tools for the MythX smart contract security API
[53Star][2y] 1522402210/blockchain-security-list BlockChain-Security-List
[53Star][2m] [HTML] brampat/security Collection of links to Security stuff
[53Star][2m] [C++] cirosantilli/algorithm-cheat MOVING TO:
[53Star][6m] [Py] deadbits/malware-analysis-scripts Collection of scripts for different malware analysis tasks
[53Star][2y] [Py] h-j-13/malicious_domain_whois
[53Star][3y] hack-with-github/awesome-hacking-tools A collection of various hacking and exploitation tools for hackers and pentesters.
[52Star][2y] [Py] 0xd34db33f/gfyp Unification of dnstwist + SQLite + Email reporting. Set it as a cron job that runs every hour, give it a list of domains and email addresses for reporting, then watch it go find stuff.
[52Star][2y] harshilpatel007/hackinglabs A List Of Labs For People (Students) Who Want Learn OR Practice IT Security / Hacking / Penetration Testing In Ethical Way.
[52Star][6m] hitripod/awesome-blockchain Curated list of blockchain, Awesome Awesomeness
[51Star][2y] [JS] gnijuohz/awesome-developers A list of awesome developers
[51Star][3m] jcesarstef/ghhdb-github-hacking-database Github Hacking Database - My personal collection of Github Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)
[50Star][12d] [Py] command-tab/awesome-n64-development A curated list of Nintendo 64 development resources including toolchains, documentation, emulators, and more
[50Star][2y] [PHP] daudmalik06/reconcat A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
[50Star][1y] [PS] dgg-it/match-adhashes Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the AD NTLM hashmap
[50Star][9m] [Swift] joncardasis/to-the-apples-core A collection of non-jailbroken code snippets on reverse-engineered iOS private apis
[50Star][30d] [PHP] tsug0d/myawesomewebchallenge Collection of my capture-the-flag web challenge in any levels
[49Star][3y] maldevel/rootkits-list-download A curated list of rootkits found on Github and other sites.
[49Star][1y] opensourcepentest/tools Tools used for Penetration testing / Red Teaming
[49Star][2y] [JS] sola-da/redos-vulnerabilities A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-concept exploit, showing how the slowdown may occur. The resources in this repository are provided for research purpose only. Please read below for more details.
[49Star][6m] [Shell] t3chnocat/oscp-ctf oscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.
[48Star][4m] blackint3/awesome-debugging Why Debugging?（为什么要调试？）
[48Star][1y] pbnj/infosec-interview-questions
[48Star][3m] [C] spacial/csirt CSIRT is an awesome curated list of links and resources in security and csirt daily activities.
[47Star][9m] anhkgg/awesome-windbg-extensions awesome windbg extensions
[47Star][5m] [C] ihack4falafel/osee Collection of things made during my preparation to take on OSEE
[47Star][5y] [Py] neohapsis/mptcp-abuse A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014.
[47Star][22d] radareorg/cutter-plugins A curated list of Community Plugins and Scripts written for Cutter
[47Star][9m] turing-chain/honeypots-on-blockchain This repo collects almost all the smart contract honeypots that you could find in the first three pages of Google search.
[47Star][2m] mohitkhemchandani/oscp_bible This is a collection of resources, scripts, bookmarks, writeups, notes, cheatsheets that will help you in OSCP Preparation as well as for general pentesting and learning. If you feel like you can contribute in it. Please do that, I'll appreciate you.
[46Star][9m] syst3ma/awesome-baseband-research A curated list of awesome baseband research resources
[46Star][2y] gdssecurity/whitepapers A collection of publicly released whitepapers
[46Star][9m] syst3ma/awesome-baseband-research A curated list of awesome baseband research resources
[45Star][2y] [Pascal] 0x48piraj/malwarex Collection of killers !
[44Star][3y] shmilylty/nmap-reference-guide Nmap Reference Guide(Nmap参考指南)
[43Star][4m] [TSQL] abrignoni/dfir-sql-query-repo Collection of SQL query templates for digital forensics use by platform and application.
[43Star][1y] [Py] ambionics/prestashop-exploits Collection of exploits/POC for PrestaShop cookie vulnerabilities (CVE-2018-13784)
[43Star][1y] bulentrahimkazanci/windbg-cheat-sheet A practical guide to analyze memory dumps of .Net applications by using Windbg
[43Star][2y] [C] rbaron/fitless A collection of toy firmwares for the ID115 fitness tracker
[43Star][2y] [Py] robertbaruch/polychip Python app to extract a netlist of NMOS transistors from an Inkscape diagram.
[43Star][8m] [C] sensepost/frida-windows-playground A collection of Frida hooks for experimentation on Windows platforms.
[43Star][2y] [C] shipcod3/irc-bot-hunters a collection of Metasploit PoC exploits for IRC Botnets that allows RCE
[43Star][2y] [Shell] wh1t3rh1n0/pentest-scripts Miscellaneous scripts for pentesting
[42Star][1y] [Py] daddycocoaman/ironpentest Collection of IronPython scripts and executables for penetration testing
[42Star][3m] [Py] dhn/osee Collection of resources for my preparation to take the OSEE certification.
[42Star][2m] mikalv/awesome-i2p A curated list of awesome I2P implementations, libraries, resources, projects, and shiny things. I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs.
[42Star][2y] [C] nixawk/awesome-windows-debug Debug Windows Application / Kernel
[41Star][3y] [C++] avdbg/saber 《macOS软件安全与逆向分析》随书的调试器代码
[41Star][3y] [Assembly] ilovepp/firminsight Automatic collect firmwares from internet,decompress,find binary code,extract info,file relation and function relation
[40Star][10m] 54yimeng/sia-websites 这里是我在youtube等上收集的一些科学上网网站的集合,以各自的网站名命名文件夹。
[40Star][2y] milkdevil/ultimateapplockerbypasslist
[40Star][2y] [Py] mxmssh/idametrics static software complexity metrics collection
[39Star][3y] [JS] auth0-blog/nodejs-awesome-polls
[39Star][4y] [C++] corelan/pin Collection of pin tools
[39Star][2m] d1nfinite/sec-interview 信息安全面试题汇总
[39Star][29d] [Shell] userlandkernel/plataoplomo Collection of (at time of release) iOS bugs I found
[38Star][3y] certtools/intelmq-feeds-documentation Cyber Threat Intelligence Feeds
[38Star][7y] [Py] evilcry/pythonscripts Collection of my Python Scripts
[38Star][2y] [HTML] keenrivals/bugsite-index Index of websites publishing bugs along the lines of heartbleed.com
[38Star][1y] [Py] lnxg33k/misc Collection of useful scripts.
[38Star][1y] [Jupyter Notebook] nfrumkin/forecast-prometheus A collection of analysis, and machine learning techniques for time series forecasting w/ Prometheus metrics
[38Star][16d] [HTML] q1271964185/cyberspace_security_learning 在学习CTF、网络安全路上整合自己博客和一些资料，持续更新~
[38Star][2y] [Py] saelo/ida_scripts Collection of IDA scripts
- kernelcache Identify and rename function stubs (plt entries) in an iOS kernelcache. ARM64 only.
- ssdt Resolve syscall table entries in the Windows kernel.
[38Star][1y] [Py] tanc7/arms-commander Malware Suite/Menu designed for "Speedy and No-Mistakes Penetration Testing", written in Python 2.7.13 and tested on Kali Linux 4.6 & 4.9, originally intended to only perform the Reconnaissance and Enumeration Stages (it's role is dramatically expanded now). Requires Python 2.7 + Pip + Termcolor Module. All code is entirely free to be used in yo…
[38Star][3y] wtsxdev/exploit-development Resources for learning about Exploit Development
[37Star][2m] [Py] michaelstott/crlf-injection-scanner Command line tool for testing CRLF injection on list of domains.
[37Star][2y] [C] mlafeldt/ps2rd Collection of tools to remotely debug PS2 games
[37Star][2m] [Lua] r00t-3xp10it/nmap-nse-modules My collection of nmap nse modules
[37Star][3y] vduddu/pentestresources A list of resources for Pentesting from various sources
[37Star][2y] rivaill/blockchain-security-awesome A curated list of awesome things related to blockchain security
[36Star][17d] [Perl] gouveaheitor/security-spellbook My collection of custom scripts, plugins, exploits and others small things
[36Star][10m] [Py] phage-nz/malware-hunting A collection of scripts and information for Malware Hunting.
[36Star][1y] [JS] threatexpress/aggressor-scripts Cobalt Strike Aggressor Scripts
[35Star][3y] [Shell] diekmann/net-network Public collection of firewall dumps.
[35Star][5y] [Py] kitctf/ctfcode Collection of somewhat useful stuff for CTF events
[35Star][7m] [Shell] kitsun3sec/pentest-cheat-sheets A collection of snippets of codes and commands to make your life easier!
[35Star][16d] [C] atrosinenko/kbdysch A collection of user-space Linux kernel specific guided fuzzers based on LKL
[34Star][2m] [HTML] adulau/misp-osint-collection Collection of best practices to add OSINT into MISP and/or MISP communities
[34Star][2y] [Py] anbai-inc/secrss RSS安全订阅每日安全信息推送
[34Star][4y] [Py] madsc13ntist/idapython My collection of IDAPython scripts.(No Documentation)
[33Star][3y] cert-w/hadoop-attack-library A collection of pentest tools and resources targeting Hadoop environments
[33Star][4y] [HTML] gosecure/security-cheat-sheet Minimalist cheat sheet for developpers to write secure code
[33Star][10m] kiyadesu/android-reversing-challenges there are some CTF challenges or some other things helping improving android reversing skills.
[33Star][10m] kiyadesu/android-reversing-challenges there are some CTF challenges or some other things helping improving android reversing skills.
[33Star][16d] [Py] angr/angr-platforms A collection of extensions to angr to handle new platforms
[33Star][2m] [Py] landgrey/toolsparty A collection of script tools for pentesting
[32Star][1y] lylemi/dom-vuln-db A collection of Browser DOM Vulnerabilities with PoCs
[32Star][3y] nextco/android-decompiler A hight quality list of tools to reverse engineering code from android.
[32Star][19d] [Java] retarded-skid/skidsuite-3 A collection of java reverse engineering tools and informational links
[32Star][6y] [PS] roo7break/powershell-scripts List of PowerShell scripts conjured up for my consumption (you are welcome to use)
[31Star][10m] [JS] codebox/monkeyshine A collection of slightly evil JavaScript
[31Star][5m] [C] csandker/inmemoryshellcode A Collection of In-Memory Shellcode Execution Techniques for Windows
[31Star][4y] danielmiessler/ctfsolutiontypes A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!
[31Star][10m] mmarfil/tinfoilhat A list of privacy-respecting alternatives to apps and services that track you around.
[31Star][6y] [Ruby] zeknox/scripts a collection of useful scripts that for penetration testers
[31Star][2m] zoranpandovski/awesome-testing-tools
[30Star][2y] biprodeep/awesome-ml-for-cybersecurity
[30Star][3y] [Py] deadbits/shells collection of useful shells for penetration tests
[30Star][5m] [PS] kendalvandyke/sqlpowerdoc SQL Power Doc is a collection of Windows PowerShell scripts and modules that discover, document, and diagnose SQL Server instances and their underlying Windows OS & machine configurations.
[30Star][1y] [Tcl] mohemiv/tcltools Сollection of TCL scripts for Cisco IOS penetration testing
[30Star][4y] neu5ron/malware-traffic-analysis-pcaps malware-traffic-analysis.net PCAPs repository.
[29Star][2y] syst3ma/awesome_cisco_exploitation A curated list of awesome Cisco exploitation resources
[29Star][2y] [Lua] foxmole/pwnadventure3 Blog series about Pwn Adventure 3
[29Star][3y] [Py] scubsrgroup/lectures-a-weekly-information-security-knowledge-lecture-hall “每周一讲，信息安全基础知识讲堂”由四川大学信息安全研究所漏洞挖掘和利用组同学共同创建，通过每组员每周一讲的形式展开，主要涉及信息安全的基础知识，包括windows安全、移动安全等，此外还对通过该平台对外发布一些小组的研究成果！通过知识讲座一方面对新同学起到引导作用，另一方面则是漏洞挖掘与利用研究组同学信息安全研究经验和知识的积累！
[29Star][2m] hrt/anticheatjs Javascript Anti Cheats 101
[29Star][3m] [C] iaik/transientfail Website and PoC collection for transient execution attacks
[29Star][2y] syst3ma/awesome_cisco_exploitation A curated list of awesome Cisco exploitation resources
[28Star][6y] [Ruby] andrewsmhay/brisket Brisket is a collection of frontend scripts for masscan, zmap, and nmap, in addition data manipulation scripts
[28Star][1y] [C] mrmacete/r2scripts Collection of scripts for radare2
[28Star][6y] [Shell] packetforger/localroot Collection of tools for privesc on Linux
[28Star][3y] [Shell] rccoder/awesome-shadowsocks-qt5-installation-on-debian Installation Script For shadowsocks-Qt5 on Debian
[28Star][2y] secarmalabs/iotchecklist Baseline IoT security checklist. Consider security as early in development as possible and reap the rewards.
[28Star][2y] [HTML] shikarisenpai/leak-ntlm-hash-via-html List of HTML tags for leaking NTLM-hashes
[28Star][2m] [JS] benoitsevens/applying-ttd-to-malware-analysis Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
[27Star][1y] alonemonkey/iosrebook-issues 《iOS应用逆向与安全》勘误
[27Star][2y] [PHP] blackfan/web-inf-dict List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.
[27Star][9m] [Py] nullarray/amplispy Check local or remote list of DNS servers for suitability in DNS Amplification DoS.
[27Star][3y] stayliv3/iotsec 收集物联网安全相关资料
[27Star][23d] security-prince/resources-for-application-security Some good resources for getting started with application security
[26Star][2m] infosec-community/apac-meetups A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
[26Star][2y] [Shell] jchrisfarris/aws-service-control-policies Collection of semi-useful Service Control Policies and scripts to manage them
[26Star][3y] lucifer1993/awesome-hacking awesome hacking chinese version
[26Star][1m] meitar/awesome-pentest
[26Star][5m] pushinginertia/ip-blacklist An Apache httpd configuration file that rejects access to a server from a list of blacklisted IPs
[26Star][20d] thehive-project/awesome A curated list of awesome things related to TheHive & Cortex
[25Star][1y] [Go] opennota/hydra Penetration testing tool. This repository has migrated to
[25Star][3y] unexpectedby/awesome-pentest-tools List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
[25Star][5y] wirelesscollege/securitytools android安全工具大全
[25Star][3y] wtsxdev/application-security Resources for learning about application security
[24Star][1y] bountymachine/about A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
[24Star][2y] evilmog/hashcat-hcstat A collection of hashcat-hcstat files
[24Star][3m] jmscory/security-tool-chest A list of useful security and obvescation tools useful for red and blue teaming activities. A list made possible by the provided references.
[24Star][6m] meitar/awesome-malware
[24Star][6m] redshiftzero/awesome-threat-modeling a curated list of useful threat modeling resources
[23Star][3y] [PHP] 3xp10it/xwebshell 免杀webshell集合
[23Star][3y] johnnydep/cobaltstrike cobalt strike stuff I have gathered from around github
[23Star][29d] [Shell] meisterp/torbrowser-overlay Gentoo overlay for Tor Browser related ebuilds
[23Star][2y] [Py] simonuvarov/expdev
[23Star][6m] [HTML] tarafans/collections A medley of PoCs and exploits
[23Star][2m] [Py] torpyorg/torpy Pure python Tor client implementation of the Tor protocol
[22Star][4y] [Java] ernw/burpsuite-extensions A collection of Burp Suite extensions
[22Star][3y] [PHP] gr33ntii/malware-collection
[22Star][2y] [JS] jamesacampbell/elector TOR BROWSER IN ELECTRON
[22Star][4m] [Py] nlitsme/idascripts IDApro idc and idapython script collection
- enumerators Enumeration utilities for idapython
[22Star][4y] [Py] onethawt/idapyscripts IDAPython scripts
- DataXrefCounter A small IDAPython plugin which enumerates all of the the x-references in a specific segment and counts the frequency of usage
[21Star][3y] aozhimin/ios-monitor-resources 对各厂商的 iOS SDK 性能监控方案的整理和收集后的资源
[21Star][6y] [Py] carlpulley/volatility A collection of Volatility Framework plugins.
[21Star][2y] [TeX] citp/anomalous-tor-keys Analysis of archived Tor relay RSA public keys
[21Star][5m] [C] cyclaero/void-zones-tools Prepare a list of void zones that can be readily feed into Unbound on FreeBSD
[21Star][1m] extremecoders-re/re-list A list of open source reverse engineering tools with a focus on binary analysis
[21Star][4y] fabiobaroni/awesome-pentest A collection of awesome penetration testing resources, tools and other shiny things
[21Star][5y] shieldfy/awesome-pentest A collection of awesome penetration testing resources, tools and other shiny things
[21Star][10m] slowmist/awesome-blockchain-bug-bounty A comprehensive curated list of available Blockchain Bug Bounty Programs.
[21Star][2m] status-im/awesome-secure-messaging A curated collection of links for secure messaging.
[21Star][2y] 0x90/firmware-arsenal Tools and scripts for firmware reverse engeneering
[21Star][3m] alexanderstonec/top-100-hacking-security-e-books-free-download-2019 Hacking and Cyber Security Ebooks | For More Visit -
[20Star][3y] [TeX] edelahozuah/awesome-tls-security A collection of (not-so, yet) awesome resources related to TLS, PKI and related stuff
[20Star][2m] edwardqiu/awesome-infosec A curated list of awesome infosec blog posts, courses, books and more!
[20Star][1y] seifreed/awesome-sandbox-evasion A summary about different projects/presentations/tools to test how to evade malware sandbox systems
[19Star][1y] annalorimer/security-resources A list of stuff to learn more about security!
[19Star][1y] exaybachay-ak/securityadvice Collection of advice to new IT security folks
[19Star][3y] [Shell] operatorequals/oneliner-sh oneliner is a tool that gives a list of compatible reverse-shell-string oneliners
[19Star][2y] voidhack/toolset Useful tools for CTF competitions
[19Star][2y] hunter-github/evil-and-not-wholly-awesome-firefox [deprecated since Mozilla turned evil] A list of resources for and about Mozilla Firefox
[19Star][7m] [C#] rainkin1993/remote-access-trojan-database A database of RAT collected from Internet
[18Star][3y] [Shell] mitchellkrogza/linux-server-administration-scripts Simple bash administration scripts for Linux to make your life easier.
[18Star][3y] shakenetwork/malwareanalysis 恶意软件分析工具和资源列表
[17Star][2y] cherishao/security-box 安全盒子，这里主要指的是自己备份的安全行业相关小工具项目集。
[17Star][4y] fabiobaroni/awesome-web-hacking A list of web application security
[17Star][7m] imfht/websecurityscannerwhitepaper 收集网络上公开的漏洞扫描器的白皮书。
[16Star][3y] 0xc1r3ng/malware-sandboxes-malware-source Malware Sandboxes & Malware Source
[16Star][2y] [Py] b4zinga/explib Explib: Collections of poc and exp.
[16Star][4y] demonsec666/pentest_study 从零开始内网渗透学习
[16Star][1y] [Py] portswigger/additional-scanner-checks Collection of scanner checks missing in Burp
[15Star][10m] anyeduke/at-p-list 攻防清单:用于整理当前收集的所有攻防相关资源
[15Star][2y] [Py] ecbftw/poc A collection of published exploits and proof-of-concept code.
[15Star][1y] ilovecode2018/awesome-osint A curated list of amazingly awesome open source intelligence tools and resources
[15Star][1y] nytrorst/presentations My presentations from different conferences
[15Star][7m] [C] yuawn/ais3-2019-pre-exam My pwn challeges for AIS3 2019 Pre-exam.
[15Star][2y] shmilylty/malware-analysis-tools 恶意软件分析套件
[15Star][1y] adhdproject/awesome-active-defense an awesome list of active defense resources
[14Star][2y] 3xp10it/xlearn 记录安全界大牛分享经验
[14Star][3y] [Py] ernw/ctf-writeups Collection of CTF writeups
[14Star][1y] [JS] osrdrivers/windbg-exts Various WinDbg extensions and scripts
[14Star][1y] probely/security_checklist Web Application Security Checklist
[14Star][30d] [Py] ricardojoserf/wifi-pentesting-guide WiFi Penetration Testing Guide
[14Star][1y] vagnes/infosecguide infosec.guide is a collection of resources for anyone in the infosec field
[14Star][3y] xeushack/awesome-hacking-practice A curated list of websites and apps to help you practice hacking
[13Star][4y] djadmin/awesome-security A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
[13Star][4y] joesecurity/awesome-malware-analysis A curated list of awesome malware analysis tools and resources
[12Star][2y] alchu4n/sec_chart 有关信息安全的一些截图及流程图分享
[12Star][3y] paralax/awesome-pentest-1 Awesome Penetration Testing A collection of awesome penetration testing resources
[12Star][5m] wuseman/wnmap This is a cheatsheet for mastering nmap
[12Star][30d] gaurav-gogia/dftools A curated list of digital forensic tools.
[12Star][1m] albertzsigovits/mal-analysis-tools A curated list of malware repositories, trackers and malware analysis tools
[11Star][28d] [YARA] deadbits/yara-rules Collection of YARA signatures from individual research
[11Star][2y] dictionaryhouse/sql-injection-fuzzpayload-collection Sql-injection FuzzPayload collection
[11Star][7m] [HTML] lambdacasserole/hack-this A collection of common web programming security mistakes.
[11Star][4y] [PHP] yunkaiyueming/php_back_door_code PHP后门代码汇总
[11Star][2y] [Py] redteamwing/pentest-wiki PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
[11Star][1y] hackinfinity/honey-pots- My collection of Honeypot resources
[10Star][1y] [Py] ecx86/ida-scripts Collection of my IDA Pro/Hex-Rays scripts and plugins
[10Star][2y] hxy9243/whotofollow Who to follow on Twitter/Telegram
[10Star][4y] [Py] randomsctf/ctf-scripts A collection of short scripts for analysis, encryption and forensics, that can be used for CTF and/or security assessments
[10Star][9m] [JS] twlinux/lets-talk Intentionally vulnerable website that demonstrates beginner-level injection vulnerabilities
[9Star][4y] gavz/awesome-windows-exploitation A curated list of awesome Windows Exploitation resources, and shiny things.
[8Star][28d] [Shell] kbnlresearch/forensicimagingresources resources and documentation related to an effort at setting up an experimental small-scale forensic imaging facility.
[8Star][1y] newcon/securitytools A list of security tools that includes free, opensourse and paid ones too.
[8Star][1y] testrockytesting/awesome-cloud-osint This repository will host resources for collecting information about cloud providers - SaaS, IaaS, PaaS, DaaS etc.
[7Star][1y] [Py] aye-whitehat/ctf-collection
[7Star][2y] cuccs/ns 网络安全课程作业收集
[7Star][2y] dictionaryhouse/the-security-handbook-kali-linux A useful reference guide and a handbook of security basics for those starting out.
[7Star][1m] mitchellkrogza/badd-boyz-bitcoin-scammers A list of bitcoin addresses being used in Ransomware and Sextortion Scams
[7Star][2m] [Shell] oldbonhart/cheat_sheets cheat-sheets for network security
[7Star][28d] [HTML] arch3rpro/pentesttools Awesome Pentest Tools Collection
[6Star][2y] [Py] benderpan/pocs 整理收集的一些漏洞利用POC+一些扫描类的实现。
[6Star][3y] [C] degrigis/exploitation Repo for various exploitation utilities/PoC/Shellcodes/CTF solutions
[6Star][3y] jasonmiacono/iocs Indicators of compromise for threat intelligence
[6Star][4y] mattulm/sfiles_yara A collection of YARA signatures that I have found around the web.
[6Star][4y] [Shell] thoqbk/code-collection A shell script tool for decompiling multiple jar files and re-arranging source code
[6Star][8m] stendarr/funny-tech-talks A list of funny talks about Technology and Computer Science
[5Star][3y] agnosticlines/binaryninja-plugins A repo with a listing of binary ninja scripts + plugins (massively inspired by
[5Star][2m] repnz/windbg-cheat-sheet My personal cheat sheet for using WinDbg for kernel debugging
[4Star][1m] arkecosystem/security-vulnerabilities List of known and closed security vulnerabilities related to our products.
[4Star][4y] [PHP] blackhalt/webshells An list of webshell vulnerability injection.
[4Star][7m] gexos/malrepo A collection of malware samples caught by DIONAEA Honeypot
[4Star][2y] netseclab/paper_for_digital_forensics This is a collection of papers, codes, issues for digital forensics.
[3Star][5y] api0cradle/shmoocon-2015 ShmooCon Slides/ Proceedings Draft
[3Star][5m] [Java] hktalent/myhktools
[2Star][2y] androidtamer/awesome_android_pentest Awesome android Pentest tools collection
[2Star][4y] [C] geekben/cve-collections collect the POC and EXP for recent CVEs
[2Star][2y] kanglib/edu_for A cheat sheet for digital forensics
[2Star][2y] [PS] truekonrads/powerspells Small collection of powershell scripts useful during lateral movement
[1Star][2y] [PHP] 12345bt/webshell webshell收集项目
[1Star][1y] iamprbkr/awesomebugbounty4noob Awesome Resources for beginners on how to find websites/Domains/Targets for Bugbounty/Pentesting/Responsible Disclosure
[1Star][2y] [Py] monkeyman79/janitor Collection of GDB commands for low-level debugging, aimed at bringing debug.exe flavor into GDB command line interface.
[1Star][3y] sunu11/sec-box information security Tools Box （信息安全工具集合）
[1Star][6m] sv4us/ebook ebook programing reverse pentest
[1Star][3m] kingsabri/aggressorscripts A collection of Cobalt Strike aggressor scripts
[0Star][2y] goel42/meltdown-spectre-bug-poc-collection Aggregating the Proof of Concept published so far.
[0Star][2y] goel42/meltdown-spectre-poc-collection Aggregating the Proof of Concept published so far.
[0Star][10m] [Py] ponusjang/poc-exp-collection Poc&Exp Collection
[0Star][11m] s3curityb3ast/s3curityb3ast.github.io Kaustubh's security advisories
[0Star][5y] andrewsmhay/research Collection of my research and studies

Notes&&Post&&Tutorials

[24956Star][10d] xitu/gold-miner 翻译优质互联网技术文章的社区
[15776Star][10m] micropoor/micro8 Gitbook
[5513Star][9m] carpedm20/awesome-hacking A curated list of awesome Hacking tutorials, tools and resources
[4174Star][2y] forter/security-101-for-saas-startups security tips for startups
[2918Star][10d] secfigo/awesome-fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
[2529Star][4m] kbandla/aptnotes Various public documents, whitepapers and articles about APT campaigns
[1871Star][5m] bypass007/emergency-response-notes 应急响应实战笔记，一个安全工程师的自我修养。
[1679Star][7m] dsasmblr/game-hacking Tutorials, tools, and more as related to reverse engineering video games.
[1457Star][3y] tiancode/learn-hacking 开始学习Kali Linux 各种破解教程渗透测试逆向工程 HackThisSite挑战问题解答
[1229Star][6m] chalker/notes Some public notes
[893Star][1m] aptnotes/data APTnotes data
[883Star][4m] escapingbug/awesome-browser-exploit awesome list of browser exploitation tutorials
[773Star][1y] pfarb/awesome-crypto-papers A curated list of cryptography papers, articles, tutorials and howtos.
[750Star][4y] fabiobaroni/awesome-exploit-development A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development
[723Star][4m] uknowsec/active-directory-pentest-notes Active-Directory-Pentest-Notes
[683Star][1y] [HTML] zhengmin1989/myarticles 蒸米的文章（iOS冰与火之歌系列，一步一步学ROP系列，安卓动态调试七种武器系列等）
[671Star][1y] dsasmblr/hacking-online-games A curated list of tutorials/resources for hacking online games.
[607Star][2y] [HTML] jiji262/wooyun_articles drops.wooyun.org 乌云Drops文章备份
[558Star][3y] advanced-threat-research/firmware-security-training materials for a hands-on training Security of BIOS/UEFI System Firmware from Attacker and Defender Perspectives
[478Star][2m] xiangpasama/jdsrc-small-classroom 京东SRC小课堂系列文章
[448Star][8m] jnusimba/miscsecnotes some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
[425Star][10m] [C] hardenedlinux/linux-exploit-development-tutorial a series tutorial for linux exploit development to newbie.
[383Star][7m] jnusimba/androidsecnotes some learning notes about Android Security
[383Star][1y] [HTML] maestron/reverse-engineering-tutorials Reverse Engineering Tutorials
[379Star][7m] unprovable/pentesthardware Kinda useful notes collated together publicly
[369Star][2y] jaybosamiya/security-notes notes on the security related videos I watch (as a way of quick recall).
[359Star][3y] [Py] sangaline/advanced-web-scraping-tutorial The Zipru scraper developed in the Advanced Web Scraping Tutorial.
[299Star][1y] [Py] anasaboureada/penetration-testing-study-notes Penetration Testing notes, resources and scripts
[269Star][2y] sam-b/windows_kernel_resources Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
[233Star][2y] [C] hardenedlinux/grsecurity-101-tutorials 增强 Linux 内核安全的内核补丁集
[222Star][1y] [C++] wnagzihxa1n/browsersecurity 我在学习浏览器安全过程中整理的漏洞分析笔记与相关的学习资料
[220Star][2y] [Py] wwong99/pentest-notes all my penetration testing study notes, penetration testing tools, scripts, techniques, tricks and also many scripts that I found them useful from all over the internet.
[213Star][4m] [Shell] xu-jian/vps 个人笔记汇总
[204Star][2y] [C] peperunas/injectopi A set of tutorials about code injection for Windows.
[176Star][1m] microsvuln/awesome-afl A curated list of different AFL forks and AFL inspired fuzzers with detailed equivalent academic papers with AFL-fuzzing tutorials
[174Star][2y] [C] geosn0w/reverse-engineering-tutorials Some Reverse Engineering Tutorials for Beginners
[161Star][1y] jnusimba/linuxsecnotes some learning notes about Linux Security
[140Star][2y] spoock1024/web-security Web安全中比较好的文章
[133Star][3y] [PHP] ksanchezcld/hacking_cheat_sheet All my Hacking|Pentesting Notes
[128Star][2y] [C] firmianay/life-long-learner Personal Notes About Everything.
[103Star][2y] [Py] 1111joe1111/tuts Reverse engineering tutorials
[98Star][11d] smi1esec/web-security-note Record some common Web security sites
[74Star][2y] [HTML] anquanquantao/pentraining 一个网络安全基础知识的教程。内容比较杂，好在都是实验视频和工具提供，可以自行动手完成实验。
[74Star][2y] [Assembly] azeria-labs/arm-assembly-examples Snippets from ARM assembly tutorials
[63Star][10m] [C] zigzagsecurity/survival-guide-radare2 Basic tutorials for reverse engineer with radare2
[60Star][13d] leipzig/awesome-reproducible-research A curated list of reproducible research case studies, projects, tutorials, and media
[52Star][12m] feicong/zsxq_archives 【软件安全与知识星球】精华文章列表
[47Star][27d] [Py] ercoppa/symbolic-execution-tutorial Tutorial on Symbolic Execution. Hands-on session is based on the angr framework.
[41Star][1m] mykings/security-study-tutorial Summary of online learning materials
[41Star][10m] [C++] thebabush/dumb-obfuscator Tutorial on how to write the dumbest obfuscator I could think of.
[28Star][1y] [JS] wahengchang/nodejs-security-must-know It is a note about security on nodejs
[20Star][28d] [Py] 0x25/useful useful pentest note
[12Star][1m] [HTML] gnebbia/nmap_tutorial Some collected notes about nmap
[0Star][1y] [C++] linux-sir/arm_reverse_engineer ARM平台逆向工程学习笔记

Wordlist

[6033Star][28d] berzerk0/probable-wordlists Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
[2314Star][2y] [Py] rootphantomer/blasting_dictionary 爆破字典
[917Star][15d] [Batchfile] mr-xn/burpsuite-collections burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
[628Star][4y] jeanphorn/wordlist Collection of some common wordlists such as RDP password, user name list, ssh password wordlist for brute force. IP Cameras Default Passwords.
[315Star][2y] [Shell] kennyn510/wpa2-wordlists A collection of wordlists dictionaries for password cracking
[314Star][8m] [Py] screetsec/brutesploit BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p
[180Star][4y] [Shell] nccgroup/cisco-snmp-enumeration Automated Cisco SNMP Enumeration, Brute Force, Configuration Download and Password Cracking
[136Star][6m] tarraschk/richelieu List of the most common French passwords
[82Star][6y] [Java] schierlm/javapayload JavaPayload is a collection of pure Java payloads to be used for post-exploitation from pure Java exploits or from common misconfigurations (like not password protected Tomcat manager or debugger port).
[77Star][2y] [Py] stasinopoulos/jaidam Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or joomla platform was used and finally check them automatically, for web vulnerabilities using two well‐known open source tools, WPScan and Joomscan.
[70Star][3y] screetsec/wordlist-dracos Collection My Wordlist
[58Star][7m] [HTML] tgeaus/weak-password dictionary
[35Star][3y] arnaudsoullie/ics-default-passwords List of default passwords for Industrial Control Systems
[27Star][8m] [PS] onelogicalmyth/invoke-gppcse Obtains a list of GPOs based on known Client Side Extensions (CSE) that normally contain passwords
[24Star][2y] [PHP] skyzyx/bad-passwords A list of the top 10,000 most-used passwords from hacked password lists.
[23Star][3y] [Go] hgfischer/domainerator Simple application written in Go that combines two wordlists and a list of TLDs to form domain names and check if they are already registered.
[21Star][2y] troydo42/awesome-pen-test Experiment with penetration testing Guides and Tools for WordPress, iOS, MacOS, Wifi and Car
[12Star][2y] cujanovic/virtual-host-wordlist Virtual host wordlist
[8Star][3y] [Py] nyxxxie/awesome-default-passwords An organized collection of default passwords for various devices and services.
[5Star][3y] cujanovic/dirsearch-wordlist Serbian/English wordlist for

Spider

[11489Star][2m] facert/awesome-spider 爬虫集合
[5807Star][3m] [Py] luyishisi/anti-anti-spider 越来越多的网站具有反爬虫特性，有的用图片隐藏关键数据，有的使用反人类的验证码，建立反反爬虫的代码仓库，通过与不同特性的网站做斗争（无恶意）提高技术。
[4407Star][2y] [Py] lining0806/pythonspidernotes Python入门网络爬虫之精华版
[3901Star][3m] brucedone/awesome-crawler A collection of awesome web crawler,spider in different languages
[3504Star][6m] [PHP] hanc00l/wooyun_public This repo is archived. Thanks for wooyun! 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
[2753Star][2m] [Py] kr1s77/python-crawler-tutorial-starts-from-zero python爬虫教程，带你从零到一，包含js逆向，selenium, tesseract OCR识别,mongodb的使用，以及scrapy框架
[2479Star][1y] [Py] geekan/scrapy-examples Multifarious Scrapy examples. Spiders for alexa / amazon / douban / douyu / github / linkedin etc.
[2437Star][2m] [Py] the0demiurge/shadowsocksshare Python爬虫/Flask网站/免费ShadowSocks账号/ssr订阅/json API
[1997Star][2m] [Py] wistbean/learn_python3_spider python爬虫教程系列、从0到1学习python爬虫，包括浏览器抓包，手机APP抓包，如 fiddler、mitmproxy，各种爬虫涉及的模块的使用
[1130Star][1m] [HTML] ehco1996/python-crawler 从头开始系统化的学习如何写Python爬虫。 Python版本 3.6
[509Star][12d] [Py] mozillasecurity/funfuzz A collection of fuzzers in a harness for testing the SpiderMonkey JavaScript engine.
[384Star][4y] [PHP] spiderlabs/mcir The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.
[215Star][3y] liinnux/awesome-crawler-cn 互联网爬虫，蜘蛛，数据采集器，网页解析器的汇总，因新技术不断发展，新框架层出不穷，此文会不断更新...
[51Star][2m] [Py] ahmia/ahmia-crawler Collection of crawlers used by the ahmia search engine
[37Star][1y] chenjiandongx/awesome-spider 爬虫集合

Contribute

Contents auto exported by Our System, please raise Issue if you have any question.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Readme_en.md

Readme_en.md

Other Resource Collection Projects:

collection

Directory

Collection

Collection

Notes&&Post&&Tutorials

Wordlist

Spider

Contribute

Files

Readme_en.md

Latest commit

History

Readme_en.md

File metadata and controls

Other Resource Collection Projects:

collection

Directory

Collection

Collection

Notes&&Post&&Tutorials

Wordlist

Spider

Contribute