Skip to content

eugenekolo/github-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

166 Commits
README.md
README.md
 
 
backup-starred.sh
backup-starred.sh
 
 
starred
starred
 
 

Repository files navigation

Awesome Stars Awesome

A curated list of my GitHub stars! Generated by starred

Contents

TypeScript

  • juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Java

Scala

  • bfg-repo-cleaner - Removes large or troublesome blobs like git-filter-branch does, but faster. And written in Scala

JavaScript

  • postMessage-logger - Simple "postMessage logger" Chrome extension
  • eslint-plugin-apklab-frida - ESLint plugin & config for the Frida scripts used in the apklab.io platform.
  • frida-scripts - A collection of secRet frida scripts
  • 1on1-questions - Mega list of 1 on 1 meeting questions compiled from a variety to sources
  • letsgetpersonal - A simple Chrome Extension to move the "Personal Life" section on Wikipedia pages up to the top.
  • FridaLib - iOS/android frida library for reversing
  • frida-fuzzer - This experimetal fuzzer is meant to be used for API in-memory fuzzing.
  • frida-scripts - Frida Scripts
  • headless-recorder - 🎥 Headless recorder is a Chrome extension that records your browser interactions and generates a Playwright or Puppeteer script.
  • appmon - Documentation:
  • house - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
  • pwnjs - A Javascript library for browser exploitation
  • frida-ios-dump - pull decrypted ipa from jailbreak device
  • dual-captions - 🌐 Subtitles in two languages for YouTube, Netflix & Disney+
  • racer - One-click utility to test race conditions
  • insomnia - The Open Source API Client and Design Platform for GraphQL, REST and gRPC
  • pibakery - The blocks based, easy to use setup tool for Raspberry Pi
  • You-Dont-Need-jQuery - Examples of how to do query, style, dom, ajax, event etc like jQuery with plain javascript.
  • You-Dont-Need-Lodash-Underscore - List of JavaScript methods which you can use natively + ESLint Plugin
  • aggle - Course project for EC500 Agile Software Development for ECE Applications.
  • Ghost - 👻 The #1 headless Node.js CMS for professional publishing
  • atom-pair - An Atom package that allows for epic pair programming
  • UnuglifyJS - A simpler open-source version of JavaScript deobfuscator JSNice
  • javascript - JavaScript Style Guide
  • FuckAdBlock - Detects ad blockers (AdBlock, ...)
  • rodeo - A data science IDE for Python
  • WhoAmI - A mind-reading website.
  • shapdar - shape radar w/ html5 + js

Makefile

Perl

  • diff-so-fancy - Good-lookin' diffs. Actually… nah… The best-lookin' diffs. 🎉
  • Academic-Writing-Check - check for passive words, weasel words, duplicate words, typographical errors and words strunk & white don't like
  • perl5 - 🐫 The Perl programming language
  • watson-perl -

Jupyter Notebook

  • awesome-python-applications - 💿 Free software that works great, and also happens to be open-source Python.
  • pytudes - Python programs, usually short, of considerable difficulty, to perfect particular skills.

Matlab

  • hbridge - Wireless MSP430 microcontroller hooked up to a small RC car with a MATLAB UI for control

Shell

  • easy_rust - Rust explained using easy English
  • macos-virtualbox - Push-button installer of macOS Catalina, Mojave, and High Sierra guests in Virtualbox for Windows, Linux, and macOS
  • LibcSearcher - glibc offset search for ctf.
  • owasp-mstg - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
  • makeself - A self-extracting archiving tool for Unix systems, in 100% shell script.
  • vbox - Easier to use wrapper around vboxmanage
  • github-scripts - Some GitHub scripts
  • ctf-tools - Some setup scripts for security research tools.

Assembly

  • PwnAdventureZ - NES zombie survival game made to be hacked
  • REpsych - Psychological warfare in reverse engineering

PLSQL

  • idaref - IDA Pro Instruction Reference Plugin

Python

  • StagMan - An helper for mobile applications analysis
  • starboard - Personal link aggregator for interesting code projects: Consolidate stars across all git forges!
  • IDAGolangHelper - Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
  • abyss - abyss - IDAPython Plugin for Postprocessing of Hexrays Decompiler Output
  • HexraysToolbox - Hexrays Toolbox - Find code patterns within the Hexrays AST
  • api_palette - A code-searching/completion tool, for IDA APIs
  • awesome-google-vrp-writeups - 🐛 A list of writeups from the Google VRP Bug Bounty program
  • qark - Tool to look for several security related Android application vulnerabilities
  • StegCracker - Steganography brute-force utility to uncover hidden data inside files
  • iOS-messaging-tools -
  • Tiny-URL-Fuzzer - A tiny and cute URL fuzzer
  • amazon-dash - Hack your Amazon Dash to run what you want.
  • collisions - Hash collisions and their exploitations
  • bfac - BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
  • on-pwning - My solutions to some CTF challenges and a list of interesting resources about pwning stuff
  • pigaios - A tool for matching and diffing source codes directly against binaries.
  • internalblue - Bluetooth experimentation framework for Broadcom and Cypress chips.
  • T-Fuzz -
  • GitCTF - Git-based CTF
  • diaphora - Diaphora, the most advanced Free and Open Source program diffing tool.
  • AndBug - Android Debugging Library
  • XSStrike - Most advanced XSS scanner.
  • security-tools - Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
  • frida - Clone this repo to build Frida
  • IDA-Function-Tagger - This IDAPython script tags subroutines according to their use of imported functions
  • FRAPL - FRAPL Framework
  • ida_ea - A set of exploitation/reversing aids for IDA
  • prefix - Function Prefixing for IDA Pro
  • gdbida - gdbida - a visual bridge between a GDB session and IDA Pro's disassembler
  • iOS-AppStore-Malware-Automatic-Hunting-System - Blackhat USA 2018 Arsenal
  • SublimeTodoReview - A SublimeText plugin for reviewing todo (and other) comments within your code.
  • HexRaysPyTools - IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
  • xsssniper - An automatic XSS discovery tool
  • uEmu - Tiny cute emulator plugin for IDA based on unicorn.
  • firmware-analysis-toolkit - Toolkit to emulate firmware and analyse it for security vulnerabilities
  • pwn_repo - To store some CTF_pwn_bins and exploits for self-practice
  • gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
  • zeropress - A dumb script for finding dumb coding errors in WordPress plugins
  • Zeratool - Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
  • theftfuzzer - TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  • PinCTF - Using Intel's PIN tool to solve CTF problems
  • Pwngdb - gdb for pwn
  • PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  • focuson - A tool to surface security issues in python code
  • pre-commit-python-sorter - A pre-commit hook to sort your Python imports.
  • hqtrivia-automation - Automate finding better answers in HQ Trivia. This is for educational purposes only!
  • hqtrivia - hack HQ trivia with OCR and google search
  • Sublist3r - Fast subdomains enumeration tool for penetration testers
  • ida -
  • ctf-crypto-writeups -
  • dash - Analytical Web Apps for Python, R, Julia, and Jupyter. No JavaScript Required.
  • ctfs - ctf exploit codes or writeups
  • LazyIDA - Make your IDA Lazy!
  • domato - DOM fuzzer
  • truffleHog - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
  • interactive-coding-challenges - 120+ interactive Python coding interview challenges (algorithms and data structures). Includes Anki flashcards.
  • Mailpile - A free & open modern, fast email client with user-friendly encryption and privacy features
  • peda-heap - Some new commands debug heap for peda
  • stuffz - Basically a script thrift shop
  • persepolis - Persepolis Download Manager is a GUI for aria2.
  • QTodoTxt - Cross Platform todo.txt GUI
  • Openroast - An open source, cross-platform application for home coffee roasting
  • PPlayer - Music Player code by Python 2.7 and PyQt. MP3 and WMA format are supported.
  • simple-markpad - a markdown editor made with pyqt
  • qhangups - Alternative client for Google Hangouts written in PyQt
  • manticore - Symbolic execution tool
  • RSAExploits -
  • imgkit - 🌁 Wkhtmltoimage python wrapper to convert HTML to image
  • python-patterns - A collection of design patterns/idioms in Python
  • pyshell - PyShell makes interacting with web-based command injection less painful, emulating the feel of an interactive shell as much as possible.
  • metame - metame is a metamorphic code engine for arbitrary executables
  • PS4-3.55-Code-Execution-PoC -
  • flare-floss - FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  • chosen-plaintext - A small python library for exploiting simple chosen-plaintext attacks.
  • linux-insides - A little bit about a linux kernel
  • ec700-charlie-3 -
  • CANToolz - CANToolz - framework for black-box CAN network analysis
  • osxcollector - A forensic evidence collection & analysis toolkit for OS X
  • flask-examples -
  • workshops -
  • crypto-tools - Some crypto tools I've written
  • maybe - 📂 🐇 🎩 See what a program does before deciding whether you really want it to happen (NO LONGER MAINTAINED)
  • linux-ransomware-decrypter - Bitdefender's Linux.Encoder.1 Decrypter
  • ida-patcher - IDA Patcher is a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's ability to patch binary files and memory.
  • ete - Python package for building, comparing, annotating, manipulating and visualising trees. It provides a comprehensive API and a collection of command line tools, including utilities to work with the NCBI taxonomy tree.
  • project-euler - Project Euler solutions in diferent languages
  • viper - Binary analysis and management framework
  • libc-binary-collection - A collection of more than 1000 binary libc files
  • grequests - Requests + Gevent = <3
  • pwntools-write-ups - A colleciton of CTF write-ups all using pwntools
  • xortool - A tool to analyze multi-byte xor cipher
  • pwntools - CTF framework and exploit development library
  • SimplyEmail - Email recon made fast and easy, with a framework to build on
  • schedule - Python job scheduling for humans.
  • num2words - Modules to convert numbers to words. 42 --> forty-two
  • ARDT - Akamai Reflective DDoS Tool - Attack the origin host behind the Akamai Edge hosts and DDoS protection offered by Akamai services.
  • pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
  • saws - A supercharged AWS command line interface (CLI).
  • robobrowser -
  • gdb-dashboard - Modular visual interface for GDB in Python
  • Pylsy - Pylsy is a simple python library draw tables in the Terminal. Just two lines of code .
  • big-list-of-naughty-strings - The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
  • python-magic - A python wrapper for libmagic
  • pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
  • net-creds - Sniffs sensitive data from interface or pcap

HTML

QML

Others

Ruby

Logos

C

  • dc2020f-gameboooy-public -
  • xnu-qemu-arm64 -
  • ktrw - An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.
  • How2Kernel - This Repository aims at giving a basic idea about Kernel Exploitation.
  • memctl - An iOS kernel introspection tool.
  • ctf-writeups - Collection of scripts and writeups
  • rbndr - Simple DNS Rebinding Service
  • android_vuln_poc-exp - This project contains pocs and exploits for vulneribilities I found (mostly)
  • HITCON-Training - For Linux binary Exploitation
  • Rhme-2016 - Rhme2 challenge (2016)
  • cb-multios - DARPA Challenges Sets for Linux, Windows, and macOS
  • Process-Dump - Windows tool for dumping malware PE files from memory back to disk for analysis.
  • armadito-av - Armadito antivirus main repository
  • ctf-training - Repository with the material of the Tower of Hanoi introductory briefings on binary exploitation
  • chw00t - chw00t - Unices chroot breaking tool
  • how2heap - A repository for learning various heap exploitation techniques.
  • libctf - Library for creating CTF services.
  • shellforge4 - Enhanced version of secdev's shellforge G3. More platforms and architectures supported.
  • peinjector - peinjector - MITM PE file infector
  • minhook - The Minimalistic x86/x64 API Hooking Library for Windows
  • cdefs - Describe C function prototypes in JSON.
  • preeny - Some helpful preload libraries for pwning stuff.
  • SwiftFilesZip - A repo for saving, loading, deleting and unzipping in iOS
  • MBE - Course materials for Modern Binary Exploitation by RPISEC
  • GOAT-Plugs - GCC Obfuscation Augmentation Tools
  • Deviare2 - Deviare API Hook
  • pcompress - A Parallelized Data Deduplication and Compression utility

LLVM

  • Tigress_protection - Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.

C++

  • Street-Party - Street Party is a suite of tools that allows the RTP streams of video conferencing implementations to be viewed and modified.
  • MouClassInputInjection - MouClassInputInjection implements a kernel interface for injecting mouse input data packets into the input data stream of HID USB mouse devices.
  • MouHidInputHook - MouHidInputHook enables users to filter, modify, and inject mouse input data packets into the input data stream of HID USB mouse devices without modifying the mouse device stacks.
  • art-tracer - ART tracing research
  • calculator - Windows Calculator: A simple yet powerful calculator that ships with Windows
  • exploit_me - Very vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)
  • functionsimsearch - Some C++ example code to demonstrate how to perform code similarity searches using SimHashing.
  • HexType - HexType: Efficient Detection of Type Confusion Errors for C++
  • node-memwatch - A NodeJS library to keep an eye on your memory usage, and discover and isolate leaks.
  • Ponce - IDA 2016 plugin contest winner! Symbolic Execution just one-click away!
  • pyxel - A retro game engine for Python
  • devilution - Diablo devolved - magic behind the 1996 computer game
  • QBDI - A Dynamic Binary Instrumentation framework based on LLVM.
  • SimplifyGraph - IDA Pro plugin to assist with complex graphs
  • dxxd-decrypter - DXXD Ransomware Decrypter
  • al-khaser - Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
  • MazeWalker - Toolkit for enriching and speeding up static malware analysis
  • paybreak -
  • sqlitebrowser - Official home of the DB Browser for SQLite (DB4S) project. Previously known as "SQLite Database Browser" and "Database Browser for SQLite". Website at:
  • iaito - This project has been moved to:
  • hexrays_tools -
  • coho - Base libraries for C++ development
  • CrowdDetox - The CrowdDetox plugin for Hex-Rays automatically removes junk code and variables from Hex-Rays function decompilations.
  • PackerAttacker - C++ application that uses memory and code hooks to detect packers
  • keygenme - keygenme challenge from csaw ctf 2013
  • ghostwriter - ghostwriter is a cross-platform, aesthetic, distraction-free Markdown editor.
  • Blackbone - Windows memory hacking library
  • pn - Programmer's Notepad
  • vld - Visual Leak Detector for Visual C++ 2008-2015
  • cbang - C! (cbang) is a library of cross-platform C++ utilities.
  • packJPG - A compression program for further compressing JPEG image files

Objective-C

  • IDAObjcTypes - A collection of types & functions definitions useful for Objective-C binaries analysis.

Vim script

  • dotfiles - home of the award winning tmux configuration file

CSS

Swift

  • androidtool-mac - One-click screenshots, video recordings, app installation for iOS and Android

OCaml

  • infer - A static analyzer for Java, C, C++, and Objective-C

C#

  • NBug - Automated bug reporting library for .NET

ActionScript

Go

  • marblerun - Marblerun is the service mesh for confidential computing. Deploy, scale, and verify your confidential microservices on vanilla Kubernetes. 100% Go, 100% cloud native, 100% confidential
  • aquatone - A Tool for Domain Flyovers
  • grv - GRV is a terminal interface for viewing git repositories
  • gitrob - Reconnaissance tool for GitHub organizations
  • GoSublime - A Golang plugin collection for SublimeText 3, providing code completion and other IDE-like features.
  • pyre - tinder cli built at stupid hackathon san francisco 2015

PHP

  • phpggc - PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
  • vuejs-serverside-template-xss - Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
  • iOS-Mail.app-inject-kit - iOS 8.3 Mail.app inject kit

License

CC0

To the extent possible under law, eugenekolo has waived all copyright and related or neighboring rights to this work.

About

Some GitHub scripts

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages