Skip to content
This repository has been archived by the owner. It is now read-only.
[Moved to: ][Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


English Version

Github的Readme显示不会超过4000行,而此Repo添加的工具和文章近万行,默认显示不全。当前页面是减配版:工具星数少于200且500天内没更新的不在此文档中显示。 点击这里查看完整版:中文-完整版
























  • [952星][2m] ctfs/resources A general collection of information, tools, and tips regarding CTFs and similar security competitions
  • [744星][1m] [Py] ashutosh1206/crypton Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Authentication methods along with example challenges from CTFs
  • [634星][8m] cryptogenic/exploit-writeups A collection where my current and future writeups for exploits/CTF will go
  • [474星][5m] [PHP] wonderkun/ctf_web a project aim to collect CTF web practices .
  • [472星][3m] [PHP] susers/writeups 国内各大CTF赛题及writeup整理
  • [450星][8m] [Py] christhecoolhut/zeratool Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems
  • [410星][3m] ctftraining/ctftraining CTF Training 经典赛题复现环境
  • [307星][5m] [C] sixstars/ctf A writeup summary for CTF competitions, problems.
  • [294星][28d] [HTML] balsn/ctf_writeup CTF writeups from Balsn
  • [290星][9m] [HTML] s1gh/ctf-literature Collection of free books, papers and articles related to CTF challenges.
  • [283星][10m] [Shell] ctf-wiki/ctf-tools CTF 工具集合
  • [260星][5m] [CSS] l4wio/ctf-challenges-by-me Pwnable|Web Security|Cryptography CTF-style challenges
  • [253星][6m] [Shell] lieanu/libcsearcher glibc offset search for ctf.
  • [233星][8m] harmoc/ctftools Personal CTF Toolkit
  • [209星][1y] [Py] 3summer/ctf-rsa-tool a little tool help CTFer solve RSA problem






  • [1813星][1y] [CSS] ctfs/write-ups-2015 Wiki-like CTF write-ups repository, maintained by the community. 2015
  • [1763星][11m] [Py] ctfs/write-ups-2017 Wiki-like CTF write-ups repository, maintained by the community. 2017
  • [586星][1m] [Py] pwning/public-writeup CTF write-ups by Plaid Parliament of Pwning
  • [489星][8m] manoelt/50m_ctf_writeup $50 Million CTF from Hackerone - Writeup
  • [275星][7m] [HTML] bl4de/ctf CTF (Capture The Flag) writeups, code snippets, notes, scripts
  • [222星][1y] [Shell] ctfs/write-ups-2018 Wiki-like CTF write-ups repository, maintained by the community. 2018




  • [1968星][12d] [Java] jeremylong/dependencycheck OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
  • [1797星][27d] [TypeScript] snyk/snyk CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies
  • [1619星][18d] roave/securityadvisories ensures that your application doesn't have installed dependencies with known security vulnerabilities
  • [1535星][1m] [Java] spotbugs/spotbugs SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
  • [1284星][12m] [Py] xyntax/poc-t 脚本调用框架,用于渗透测试中 采集|爬虫|爆破|批量PoC 等需要并发的任务
  • [1232星][30d] [JS] archerysec/archerysec Centralize Vulnerability Assessment and Management for DevSecOps Team
  • [1079星][19d] [Jupyter Notebook] ibm/adversarial-robustness-toolbox Python library for adversarial machine learning, attacks and defences for neural networks, logistic regression, decision trees, SVM, gradient boosted trees, Gaussian processes and more with multiple framework support
  • [1074星][1y] [PowerShell] rasta-mouse/sherlock PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
  • [1018星][16d] [HTML] defectdojo/django-defectdojo DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
  • [901星][19d] [Py] knownsec/pocsuite3 远程漏洞测试与PoC开发框架
  • [814星][6m] numirias/security Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
  • [813星][3m] [JS] creditease-sec/insight 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
  • [806星][1y] [Py] leviathan-framework/leviathan 多功能审计工具包,包括多种服务发现(FTP、SSH、Talnet、RDP、MYSQL)、爆破、远程命令执行、SQL注入扫描、指定漏洞利用,集成了Masscan、Ncrack、DSSS等工具。
  • [625星][5m] [Py] pyupio/safety 检查所有已安装 Python 包, 查找已知的安全漏洞
  • [578星][7m] [Java] olacabs/jackhammer 安全漏洞评估和管理工具
  • [567星][12d] arkadiyt/bounty-targets-data This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
  • [541星][1y] [Java] mr5m1th/poc-collect 各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
  • [540星][10m] [PHP] zhuifengshaonianhanlu/pikachu 一个好玩的Web安全-漏洞测试平台
  • [462星][1m] [Java] joychou93/java-sec-code Java common vulnerabilities and security code.
  • [430星][28d] [Py] google/vulncode-db a database for vulnerabilities and their corresponding source code if available
  • [428星][4m] [Py] crocs-muni/roca 测试公共 RSA 密钥是否存在某些漏洞
  • [409星][4m] [Java] nccgroup/freddy 自动识别 Java/.NET 应用程序中的反序列化漏洞
  • [395星][17d] [Go] cbeuw/cloak A universal pluggable transport utilising TLS domain fronting to evade deep packet inspection and active probing from state-level adversaries
  • [379星][10m] skyblueeternal/thinkphp-rce-poc-collection thinkphp v5.x 远程代码执行漏洞-POC集合
  • [372星][6m] tidesec/tide 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
  • [361星][12m] hannob/vulns Named vulnerabilities and their practical impact
  • [357星][8m] [C] vulnreproduction/linuxflaw This repo records all the vulnerabilities of linux software I have reproduced in my local workspace
  • [354星][6m] [PHP] fate0/prvd PHP Runtime Vulnerability Detection
  • [351星][6m] [Py] orangetw/awesome-jenkins-rce-2019 There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  • [342星][2m] snyk/zip-slip-vulnerability Zip Slip Vulnerability (Arbitrary file write through archive extraction)
  • [335星][2m] [Java] denimgroup/threadfix threadfix:软件漏洞汇总和管理系统,可帮助组织汇总漏洞数据,生成虚拟补丁,并与软件缺陷跟踪系统进行交互
  • [314星][27d] [Java] sap/vulnerability-assessment-tool Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy.
  • [312星][11m] cryin/paper Web Security Technology & Vulnerability Analysis Whitepapers
  • [299星][16d] [Py] ym2011/poc-exp Collecting and writing PoC or EXP for vulnerabilities on some application
  • [291星][3m] [Py] christhecoolhut/firmware_slap Discovering vulnerabilities in firmware through concolic analysis and function clustering.
  • [286星][2m] [Py] fplyth0ner-combie/bug-project-framework 漏洞利用框架模块分享仓库
  • [283星][4m] [C#] l0ss/grouper2 Find vulnerabilities in AD Group Policy
  • [283星][7m] [C] tangsilian/android-vuln 安卓内核提权漏洞分析
  • [271星][21d] disclose/disclose Driving safety, simplicity, and standardization in vulnerability disclosure.
  • [265星][1y] [Py] ucsb-seclab/bootstomp a bootloader vulnerability finder
  • [263星][1y] [JS] portswigger/hackability Probe a rendering engine for vulnerabilities and other features
  • [249星][5m] [Py] jcesarstef/dotdotslash Python脚本, 查找目录遍历漏洞
  • [234星][19d] [HTML] edoverflow/bugbountyguide Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
  • [220星][2m] [Py] ismailtasdelen/hackertarget attack surface discovery and identification of security vulnerabilities
  • [211星][2m] [C++] atxsinn3r/vulncases Oh it's just a bunch of vulns for references.
  • [207星][6m] [Py] jas502n/cnvd-c-2019-48814 WebLogic wls9-async反序列化远程命令执行漏洞
  • [202星][6m] [Py] greekn/rce-bug 新漏洞感知项目 主要帮助大家 记录一些重大漏洞 漏洞方面的细节
  • [201星][2m] [Ruby] appfolio/gemsurance Gem vulnerability checker using rubysec/ruby-advisory-db
  • [201星][7m] [C++] j00ru/kfetch-toolkit A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities




  • [3705星][10m] [Py] longld/peda Python Exploit Development Assistance for GDB
  • [2488星][13d] [Py] hugsy/gef gdb增强工具,使用Python API,用于漏洞开发和逆向分析。
  • [2362星][22d] [Py] pwndbg/pwndbg GDB插件,辅助漏洞开发和逆向
  • [465星][10m] [Py] wapiflapi/villoc Visualization of heap operations.


  • [2101星][27d] [Py] jonathansalwan/ropgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
  • [931星][13d] [Py] sashs/ropper Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper uses the awesome Capstone Framework.
  • [677星][11m] [HTML] zhengmin1989/myarticles 蒸米的文章(iOS冰与火之歌系列,一步一步学ROP系列,安卓动态调试七种武器系列等)




  • [6953星][24d] [Go] future-architect/vuls 针对Linux/FreeBSD 编写的漏洞扫描器. Go 语言编写

  • [6516星][16d] [Java] zaproxy/zaproxy 在开发和测试Web App时自动发现安全漏洞

  • [5563星][17d] [Ruby] presidentbeef/brakeman ROR程序的静态分析工具

  • [2904星][21d] [Py] andresriancho/w3af Web App安全扫描器, 辅助开发者和渗透测试人员识别和利用Web App中的漏洞

  • [2440星][6m] [Py] ysrc/xunfeng 巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

  • [2403星][28d] [Go] knqyf263/trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI

  • [2089星][8m] [Py] linkedin/qark 查找Android App的漏洞, 支持源码或APK文件

  • [1873星][1m] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning

  • [1864星][3m] [Py] python-security/pyt Python Web App 安全漏洞检测和静态分析工具

  • [1629星][1y] [Py] evyatarmeged/raccoon 高性能的侦查和漏洞扫描工具

  • [1370星][6m] [Py] almandin/fuxploider 文件上传漏洞扫描和利用工具

  • [1339星][5m] [Py] s0md3v/striker Striker is an offensive information and vulnerability scanner.

  • [1023星][7m] [Py] lucifer1993/angelsword Python3编写的CMS漏洞检测框架

  • [932星][1y] [Java] google/firing-range a test bed for web application security scanners, providing synthetic, wide coverage for an array of vulnerabilities.

  • [913星][4m] threathuntingproject/threathunting An informational repo about hunting for adversaries in your IT environment.

  • [884星][1m] [Go] opensec-cn/kunpeng Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。

  • [884星][2m] [Py] hasecuritysolutions/vulnwhisperer Create actionable data from your Vulnerability Scans

  • [852星][3m] [Py] boy-hack/w9scan Plug-in type web vulnerability scanner

  • [840星][3m] [Py] lijiejie/bbscan A vulnerability scanner focus on scanning large number of targets in short time with a minimal set of rules.

  • [725星][10m] [PowerShell] l0ss/grouper A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)

  • [643星][5m] [Perl] moham3driahi/xattacker X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

  • [632星][5m] [PHP] mattiasgeniar/php-exploit-scripts A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzzers and vulnerability scanners. Feel free to contribute.

  • [602星][10m] [Dockerfile] aquasecurity/microscanner Scan your container images for package vulnerabilities with Aqua Security

  • [539星][5m] [JS] seccubus/seccubus Easy automated vulnerability scanning, reporting and analysis

  • [523星][3m] [Py] hatboy/struts2-scan Struts2全漏洞扫描利用工具

  • [513星][7m] [Py] wyatu/perun 主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

  • [491星][14d] [C#] k8gege/ladon Ladon一款用于大型网络渗透的多线程插件化综合扫描神器,含端口扫描、服务识别、网络资产、密码爆破、高危漏洞检测以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描。5.5版本内置39个功能模块,通过多种协议以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、数据库等信息,漏洞检测包含MS17010、Weblogic、ActiveMQ、Tomcat、Struts2等,密码爆破11种含数据库(Mysql、Oracle、MSSQL)、FTP、SSH(Linux主机)、VNC、Windows密码(IPC、WMI、SMB)、Weblogic后台、Rar压缩包密码等,Web指…

  • [488星][2m] [Perl 6] rezasp/joomscan Perl语言编写的Joomla CMS漏洞扫描器

  • [452星][1m] [C] greenbone/openvas-scanner Open Vulnerability Assessment Scanner

  • [443星][5m] [Py] dr0op/weblogicscan 增强版WeblogicScan、检测结果更精确、插件化、添加CVE-2019-2618,CVE-2019-2729检测,Python3支持

  • [436星][15d] [Py] k8gege/k8cscan 大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

  • [375星][10m] [Py] hahwul/a2sv a2sv:自动扫描并检测常见的和已知的SSL 漏洞

  • [362星][1m] [Py] l4ys/lazyida 若干快速访问功能, 扫描字符串格式化漏洞


      ### 功能
      - 快速移除函数返回类型
      - 数据格式(format)快速转换
      - 扫描字符串格式化漏洞
      - 双击跳转vtable函数
      - 快捷键: w/c/v
  • [351星][1m] [C#] security-code-scan/security-code-scan Vulnerability Patterns Detector for C# and VB.NET

  • [343星][2m] [Py] chenjj/corscanner Fast CORS misconfiguration vulnerabilities scanner

  • [319星][3m] [Py] vulmon/vulmap Vulmap Online Local Vulnerability Scanners Project

  • [318星][7m] [C#] yalcinyolalan/wssat web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files

  • [297星][4m] [Py] zhaoweiho/securitymanageframwork Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer securit…

  • [287星][1y] [Py] flipkart-incubator/watchdog 全面的安全扫描和漏洞管理工具

  • [285星][2m] [Py] utiso/dorkbot dorkbot:扫描谷歌搜索返回的网页,查找网页漏洞

  • [279星][7m] [Py] vulscanteam/vulscan vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...

  • [276星][5m] [Perl] rezasp/vbscan OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

  • [257星][2m] [JS] stono/hawkeye A project security/vulnerability/risk scanning tool

  • [246星][4m] [Shell] peterpt/eternal_scanner eternal_scanner:永恒之蓝漏洞的网络扫描器

  • [226星][1y] [Py] leapsecurity/libssh-scanner Script to identify hosts vulnerable to CVE-2018-10933

  • [222星][1y] [C++] ucsb-seclab/dr_checker 用于Linux 内核驱动程序的漏洞检测工具

  • [218星][7m] [Py] skewwg/vulscan 漏洞扫描:st2、tomcat、未授权访问等等

  • [211星][6m] [Py] kingkaki/weblogic-scan weblogic 漏洞扫描工具

  • [208星][20d] [Py] sethsec/celerystalk An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.



  • [3792星][1m] [PHP] fuzzdb-project/fuzzdb 通过动态App安全测试来查找App安全漏洞, 算是不带扫描器的漏洞扫描器
  • [2864星][5m] secfigo/awesome-fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
  • [2629星][17d] [Go] google/syzkaller 一个unsupervised、以 coverage 为导向的Linux 系统调用fuzzer
  • [2346星][1m] [Py] xmendez/wfuzz Web application fuzzer
  • [1699星][21d] [C] google/honggfuzz Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
  • [1051星][2m] [Py] googleprojectzero/domato ProjectZero 开源的 DOM fuzzer







  • [7288星][25d] [Py] s0md3v/xsstrike Most advanced XSS scanner.
  • [1641星][10m] [JS] evilcos/xssor2 XSS'OR - Hack with JavaScript.
  • [1318星][3m] [Go] microcosm-cc/bluemonday a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
  • [705星][2m] [JS] mandatoryprogrammer/xsshunter The XSS Hunter service - a portable version of
  • [683星][18d] [C#] mganss/htmlsanitizer Cleans HTML to avoid XSS attacks
  • [674星][21d] [PHP] ssl/ezxss ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
  • [638星][10m] [HTML] bl4de/security_whitepapers Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
  • [504星][4m] [Py] opensec-cn/vtest 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
  • [495星][4m] [PHP] nettitude/xss_payloads Exploitation for XSS
  • [477星][1y] [JS] koto/xsschef Chrome extension Exploitation Framework
  • [460星][12m] [C] laruence/taint Taint is a PHP extension, used for detecting XSS codes
  • [334星][12m] [Py] varbaek/xsser From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  • [325星][7m] [Py] s0md3v/jshell JShell - Get a JavaScript shell with XSS.
  • [289星][1m] [JS] wicg/trusted-types A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
  • [287星][13d] [Py] stamparm/dsxs Damn Small XSS Scanner
  • [286星][13d] [PHP] voku/anti-xss
  • [251星][3m] [PHP] dotboris/vuejs-serverside-template-xss Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
  • [243星][4m] [JS] lewisardern/bxss bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  • [241星][2m] [JS] antswordproject/ant 实时上线的 XSS 盲打平台





  • [3728星][29d] [C] iaik/meltdown This repository contains several applications, demonstrating the Meltdown bug.
  • [2999星][2m] [Shell] speed47/spectre-meltdown-checker 检查 Linux 主机是否受处理器漏洞Spectre & Meltdown 的影响
  • [531星][1y] [C] ionescu007/specucheck SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
  • [249星][5m] nsacyber/hardware-and-firmware-security-guidance Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber










  • [2716星][8m] [JS] cyu/rack-cors Rack Middleware for handling Cross-Origin Resource Sharing (CORS), which makes cross-origin AJAX possible.





  • [4138星][3m] [Py] dxa4481/trufflehog Searches through git repositories for high entropy strings and secrets, digging deep into commit history
  • [3130星][17d] [Shell] toniblyx/my-arsenal-of-aws-security-tools List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  • [2758星][12d] [Go] 99designs/aws-vault A vault for securely storing and accessing AWS credentials in development environments
  • [2633星][3m] [Java] teevity/ice AWS Usage Tool
  • [2347星][4m] [Go] mlabouardy/komiser
  • [1892星][19d] [Py] mozilla/mozdef Mozilla Enterprise Defense Platform
  • [1805星][20d] [Shell] toniblyx/prowler AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide:
  • [1597星][1y] [Py] nccgroup/scout2 Security auditing tool for AWS environments
  • [1374星][11m] [Py] eth0izzle/bucket-stream 通过certstream 监控多种证书 transparency 日志, 进而查找有趣的 Amazon S3 Buckets
  • [1161星][17d] [Py] lyft/cartography Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
  • [1105星][3m] [Py] rhinosecuritylabs/pacu The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  • [887星][2m] [Py] sa7mon/s3scanner Scan for open AWS S3 buckets and dump the contents
  • [824星][5m] [Py] jordanpotti/awsbucketdump 快速枚举 AWS S3 Buckets,查找感兴趣的文件。类似于子域名爆破,但针对S3 Bucket,有额外功能,例如下载文件等
  • [756星][28d] [Go] rebuy-de/aws-nuke Nuke a whole AWS account and delete all its resources.
  • [749星][1m] [Java] tmobile/pacbot PacBot (Policy as Code Bot)
  • [592星][17d] [Shell] securityftw/cs-suite Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
  • [525星][25d] [Ruby] stelligent/cfn_nag Linting tool for CloudFormation templates
  • [490星][16d] [Py] salesforce/policy_sentry IAM Least Privilege Policy Generator
  • [480星][6m] [Py] netflix-skunkworks/diffy Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
  • [433星][7m] [Py] ustayready/fireprox AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
  • [391星][3m] [Py] duo-labs/cloudtracker CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  • [382星][20d] [Py] riotgames/cloud-inquisitor Enforce ownership and data security within AWS
  • [365星][6m] [Py] carnal0wnage/weirdaal WeirdAAL (AWS Attack Library)
  • [363星][10m] [Py] awslabs/aws-security-automation Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  • [311星][1y] [Py] securing/dumpsterdiver Tool to search secrets in various filetypes.
  • [273星][7m] [Py] cesar-rodriguez/terrascan Collection of security and best practice test for static code analysis of terraform templates
  • [264星][23d] [Py] nccgroup/pmapper A tool for quickly evaluating IAM permissions in AWS.
  • [224星][29d] [HCL] nozaq/terraform-aws-secure-baseline Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations.
  • [216星][26d] [Dockerfile] thinkst/canarytokens-docker Docker configuration to quickly setup your own Canarytokens.
  • [202星][2m] [Py] voulnet/barq The AWS Cloud Post Exploitation framework!


  • [810星][16d] [Elixir] nccgroup/sobelow Phoenix 框架安全方面的静态分析工具(Phoenix 框架:支持对webUI,接口, web性能,mobile app 或 mobile browser 进行自动化测试和监控的平台)




  • [6164星][1m] [Py] yandex/gixy Nginx 配置静态分析工具,防止配置错误导致安全问题,自动化错误配置检测


  • [1875星][18d] [CSS] cyb3rward0g/helk 对ELK栈进行分析,具备多种高级功能,例如SQL声明性语言,图形,结构化流,机器学习等



  • [1119星][6m] nebgnahz/awesome-iot-hacks A Collection of Hacks in IoT Space so that we can address them (hopefully).
  • [817星][14d] v33ru/iotsecurity101 From IoT Pentesting to IoT Security
  • [791星][30d] [Py] ct-open-source/tuya-convert A collection of scripts to flash Tuya IoT devices to alternative firmwares
  • [582星][8m] [Py] woj-ciech/danger-zone Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files.
  • [465星][2m] [Py] iti/ics-security-tools Tools, tips, tricks, and more for exploring ICS Security.
  • [437星][18d] [Py] rabobank-cdc/dettect Detect Tactics, Techniques & Combat Threats
  • [330星][1y] [Py] vmware/liota
  • [307星][1m] [Java] erudika/para Open source back-end server for web, mobile and IoT. The backend for busy developers. (self-hosted or hosted)






  • [19800星][2m] [Shell] streisandeffect/streisand Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
  • [16743星][18d] [Py] mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
  • [10723星][13d] getlantern/download 蓝灯Windows下载
  • [5481星][3m] [C] rofl0r/proxychains-ng proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the page is currently not updated, use releases from github release page instead.
  • [4915星][13d] [Go] dnscrypt/dnscrypt-proxy 灵活的DNS代理,支持现代的加密DNS协议,例如:DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt.
  • [4662星][28d] [Go] alexellis/inlets Expose your local endpoints to the Internet
  • [4468星][22d] [C] jedisct1/dsvpn A Dead Simple VPN.
  • [4223星][5m] [Go] ginuerzh/gost GO语言实现的安全隧道
  • [4039星][4m] [Py] spiderclub/haipproxy
  • [3592星][2m] hq450/fancyss_history_package 科学上网插件的离线安装包储存在这里
  • [3348星][4m] [Go] jpillora/chisel 基于HTTP的快速 TCP 隧道
  • [2804星][8m] [C++] wangyu-/udpspeeder A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
  • [2468星][3m] [C] yrutschle/sslh Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
  • [2450星][17d] [Shell] teddysun/across This is a shell script for configure and start WireGuard VPN server
  • [2352星][6m] [Lua] snabbco/snabb Simple and fast packet networking
  • [2133星][1m] [Go] mmatczuk/go-http-tunnel Fast and secure tunnels over HTTP/2
  • [1874星][4m] [C] darkk/redsocks transparent TCP-to-proxy redirector
  • [1844星][1y] [Py] aploium/zmirror The next-gen reverse proxy for full site mirroring
  • [1813星][3m] [C] tinyproxy/tinyproxy a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
  • [1678星][9m] [Py] constverum/proxybroker Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS
  • [1665星][4m] [C] networkprotocol/ A protocol for secure client/server connections over UDP
  • [1611星][6m] [Go] sipt/shuttle A web proxy in Golang with amazing features.
  • [1495星][1m] [C] ntop/n2n Peer-to-peer VPN
  • [1448星][7m] [C++] wangyu-/tinyfecvpn A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
  • [1334星][1m] [Go] davrodpin/mole cli app to create ssh tunnels
  • [1308星][12m] [C] madeye/proxydroid Global Proxy for Android
  • [1222星][4m] [JS] bubenshchykov/ngrok Expose your localhost to the web. Node wrapper for ngrok.
  • [1199星][21d] [Objective-C] onionbrowser/onionbrowser An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network
  • [1048星][5m] [C] tcurdt/iproxy Let's you connect your laptop to the iPhone to surf the web.
  • [1042星][28d] [Go] pusher/oauth2_proxy A reverse proxy that provides authentication with Google, Github or other providers. #Hacktoberfest
  • [999星][7m] [Go] adtac/autovpn THIS PROJECT IS UNMAINTAINED.
  • [946星][9m] [JS] lukechilds/reverse-shell Reverse Shell as a Service
  • [927星][3m] [Py] christophetd/cloudflair a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should
  • [836星][2m] [Py] anorov/pysocks A SOCKS proxy client and wrapper for Python.
  • [810星][1m] [Go] henson/proxypool Golang实现的IP代理池
  • [790星][3m] [Py] secforce/tunna Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
  • [753星][1m] [C#] justcoding121/titanium-web-proxy A cross-platform asynchronous HTTP(S) proxy server in C#.
  • [738星][30d] [Shell] zfl9/ss-tproxy SS/SSR/V2Ray/Socks5 透明代理 for Linux
  • [737星][1m] [C#] damianh/proxykit A toolkit to create code-first HTTP reverse proxies on ASP.NET Core
  • [674星][1m] [Go] dliv3/venom Venom - A Multi-hop Proxy for Penetration Testers
  • [674星][24d] [JS] mellow-io/mellow Mellow is a rule-based global transparent proxy client for Windows, macOS and Linux.
  • [664星][19d] [Kotlin] mygod/vpnhotspot Share your VPN connection over hotspot or repeater! (root required)
  • [651星][27d] [Py] abhinavsingh/ ⚡⚡⚡Fast, Lightweight, Programmable, TLS interception capable proxy server for your Home and Application debugging, testing and development
  • [616星][4m] [JS] derhuerst/tcp-over-websockets Tunnel TCP through WebSockets.
  • [574星][4m] [Py] trustedsec/trevorc2 trevorc2:通过正常的可浏览的网站隐藏 C&C 指令的客户端/服务器模型,因为时间间隔不同,检测变得更加困难,并且获取主机数据时不会使用 POST 请求
  • [568星][12d] [Go] cloudflare/cloudflared Argo Tunnel client
  • [558星][8m] [JS] blinksocks/blinksocks A framework for building composable proxy protocol stack.
  • [556星][27d] clarketm/proxy-list A list of free, public, forward proxy servers. UPDATED DAILY!
  • [545星][1y] [Py] fate0/getproxy 是一个抓取发放代理网站,获取 http/https 代理的程序
  • [513星][10m] [Erlang] heroku/vegur HTTP Proxy Library
  • [473星][1y] [Go] yinqiwen/gsnova Private proxy solution & network troubleshooting tool.
  • [449星][28d] [Py] aidaho12/haproxy-wi Web interface for managing Haproxy servers
  • [397星][9m] [Go] evilsocket/shellz shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
  • [382星][1y] [Ruby] aphyr/tund SSH reverse tunnel daemon
  • [361星][1m] [Py] lyft/metadataproxy A proxy for AWS's metadata service that gives out scoped IAM credentials from STS
  • [355星][1y] [C] emptymonkey/revsh A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
  • [345星][6m] [Go] coreos/jwtproxy An HTTP-Proxy that adds AuthN through JWTs
  • [336星][8m] [Py] iphelix/dnschef dnschef:DNS 代理,用于渗透测试和恶意代码分析
  • [331星][6m] [Py] fbkcs/thunderdns 使用DNS协议转发TCP流量. Python编写, 无需编译客户端, 支持socks5
  • [325星][4m] [Go] sysdream/hershell Go 语言编写的反向 Shell
  • [320星][9m] [JS] mhzed/wstunnel tunnel over websocket
  • [301星][4m] [Py] rootviii/proxy_requests a class that uses scraped proxies to make an http GET/POST request (Python requests)
  • [293星][2m] [JS] bettercap/caplets 使用.cap脚本, 自动化bettercap的交互式会话
  • [290星][8m] [C] basil00/reqrypt reqrypt:HTTP 请求 tunneling 工具
  • [289星][2m] [Py] covertcodes/multitun Tunnel arbitrary traffic through an innocuous WebSocket. Clients can 'see' each other, resulting in a stealth WebSocket VPN.
  • [278星][11m] [C] dgoulet/torsocks Library to torify application - NOTE: upstream has been moved to
  • [276星][5m] [Py] mthbernardes/rsg 多种方式生成反向Shell
  • [273星][12d] a2u/free-proxy-list
  • [273星][9m] [Py] chenjiandongx/async-proxy-pool
  • [272星][4m] [Go] suyashkumar/ssl-proxy
  • [257星][8m] [C] rofl0r/microsocks tiny, portable SOCKS5 server with very moderate resource usage
  • [254星][3m] [Py] fwkz/riposte Python package for wrapping applications inside a tailored interactive shell
  • [245星][4m] [Shell] thesecondsun/revssl A simple script that automates generation of OpenSSL reverse shells
  • [242星][17d] [Go] adguardteam/dnsproxy Simple DNS proxy with DoH, DoT, and DNSCrypt support
  • [242星][4m] [Go] lesnuages/hershell Multiplatform reverse shell generator
  • [241星][9m] [C] pegasuslab/ghosttunnel GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment.
  • [236星][11m] [Go] fardog/secureoperator A DNS-protocol proxy for DNS-over-HTTPS providers, such as Google and Cloudflare
  • [224星][1m] [Ruby] zt2/sqli-hunter SQLi-Hunter is a simple HTTP proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
  • [216星][1y] [PHP] softius/php-cross-domain-proxy PHP Proxy for Cross Domain Requests
  • [213星][8m] [Go] joncooperworks/judas a phishing proxy
  • [207星][9m] [Go] justmao945/mallory HTTP/HTTPS proxy over SSH
  • [202星][1y] [C#] damonmohammadbagher/nativepayload_dns C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-viruses





  • [14484星][21d] gfwlist/gfwlist gfwlist
  • [3531星][14d] acl4ssr/acl4ssr SSR 去广告ACL规则/SS完整GFWList规则,Telegram频道订阅地址
  • [2482星][2m] [C++] trojan-gfw/trojan An unidentifiable mechanism that helps you bypass GFW.
  • [202星][16d] [Shell] zfl9/gfwlist2privoxy 将 gfwlist.txt(Adblock Plus 规则)转换为 privoxy.action


  • [7149星][14d] [Go] snail007/goproxy Proxy是高性能全功能的http代理、https代理、socks5代理、内网穿透、内网穿透p2p、内网穿透代理、内网穿透反向代理、内网穿透服务器、Websocket代理、TCP代理、UDP代理、DNS代理、DNS加密代理,代理API认证,全能跨平台代理服务器。
  • [5971星][14d] [JS] avwo/whistle 基于Node实现的跨平台抓包调试代理工具(HTTP, HTTP2, HTTPS, Websocket)
  • [1380星][1m] [C] z3apa3a/3proxy 3proxy - tiny free proxy server
  • [304星][17d] [Shell] brainfucksec/kalitorify Transparent proxy through Tor for Kali Linux OS


  • [29549星][23d] [Go] fatedier/frp 快速的反向代理, 将NAT或防火墙之后的本地服务器暴露到公网
  • [9114星][2m] [JS] localtunnel/localtunnel expose yourself
  • [8706星][2m] [Go] cnlh/nps 一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发,支持内网http代理、内网socks5代理,同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理,集成多用户模式。
  • [4887星][10m] [Go] bitly/oauth2_proxy 反向代理,静态文件服务器,提供Providers(Google/Github)认证
  • [3521星][1m] [Java] ffay/lanproxy lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具,支持tcp流量转发,可支持任何tcp上层协议(访问内网网站、本地支付接口调试、ssh访问、远程桌面...)。目前市面上提供类似服务的有花生壳、TeamView、GoToMyCloud等等,但要使用第三方的公网服务器就必须为第三方付费,并且这些服务都有各种各样的限制,此外,由于数据包会流经第三方,因此对数据安全也是一大隐患。技术交流QQ群 946273429
  • [2586星][1m] [C++] fanout/pushpin Reverse proxy for realtime web services
  • [2476星][5m] [Go] drk1wi/modlishka Modlishka. Reverse Proxy.
  • [656星][4m] [Py] aploium/shootback a reverse TCP tunnel let you access target behind NAT or firewall


  • [3271星][4m] [C++] wangyu-/udp2raw-tunnel udp2raw-tunnel:udp 打洞。通过raw socket给UDP包加上TCP或ICMP header,进而绕过UDP屏蔽或QoS,或在UDP不稳定的环境下提升稳定性
  • [3131星][3m] [C] yarrick/iodine 通过DNS服务器传输(tunnel)IPV4数据
  • [1779星][5m] [C++] iagox86/dnscat2 dnscat2:在 DNS 协议上创建加密的 C&C channel





  • [1302星][1m] [C++] purplei2p/i2pd a full-featured C++ implementation of I2P client
  • [423星][2m] [Py] nullhypothesis/exitmap A fast and modular scanner for Tor exit relays.
  • [406星][13d] [Awk] alecmuffett/eotk Enterprise Onion Toolkit
  • [387星][1m] [JS] ayms/node-tor Javascript implementation of the Tor (or Tor like) anonymizer project (The Onion Router)
  • [377星][1m] [Py] maqp/tfc Tinfoil Chat - Onion-routed, endpoint secure messaging system
  • [353星][2m] [Py] micahflee/torbrowser-launcher Securely and easily download, verify, install, and launch Tor Browser in Linux
  • [286星][28d] [Perl] alecmuffett/real-world-onion-sites An index of the non-dark web...
  • [261星][9m] [C++] wbenny/mini-tor mini-tor:使用 MSCNG/CryptoAPI 实现的 Tor 协议
  • [250星][30d] [C] basil00/torwall Tallow - Transparent Tor for Windows
  • [219星][5m] [Py] ruped24/toriptables2 Tor Iptables script is an anonymizer that sets up iptables and tor to route all services and traffic including DNS through the Tor network.


  • [25047星][14d] [Swift] shadowsocks/shadowsocksx-ng Next Generation of ShadowsocksX
  • [12355星][1m] [C] shadowsocks/shadowsocks-libev libev port of shadowsocks
  • [7061星][7m] [Shell] teddysun/shadowsocks_install Auto Install Shadowsocks Server for CentOS/Debian/Ubuntu
  • [4154星][15d] [Swift] yanue/v2rayu V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等
  • [3797星][29d] [JS] shadowsocks/shadowsocks-manager A shadowsocks manager tool for multi user and traffic control.
  • [3174星][15d] [Smarty] anankke/sspanel-uim 专为 Shadowsocks / ShadowsocksR / V2Ray 设计的多用户管理面板
  • [2946星][1m] [Go] gwuhaolin/lightsocks 轻量级网络混淆代理,基于 SOCKS5 协议,可用来代替 Shadowsocks
  • [2751星][24d] [Makefile] shadowsocks/openwrt-shadowsocks Shadowsocks-libev for OpenWrt/LEDE
  • [2300星][10m] [C] haad/proxychains a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
  • [2029星][15d] [C#] netchx/netch Game accelerator. Support Socks5, Shadowsocks, ShadowsocksR, V2Ray protocol. UDP NAT FullCone
  • [1821星][3m] [C] shadowsocks/simple-obfs A simple obfuscating tool (Deprecated)
  • [1683星][1y] [Swift] haxpor/potatso Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork
  • [1621星][17d] [Py] ehco1996/django-sspanel 用diango开发的全新的shadowsocks网络面板
  • [1567星][16d] [C#] hmbsbige/shadowsocksr-windows 【自用】Bug-Oriented Programming
  • [1306星][4m] [Rust] shadowsocks/shadowsocks-rust A Rust port of shadowsocks
  • [1177星][6m] ssrbackup/shadowsocks-rss Shadowsocksr project backup
  • [1068星][1m] jadagates/shadowsocksbio 记录一下SS的前世今生,以及一个简单的教程总结
  • [922星][1y] [Shell] ywb94/openwrt-ssr ShadowsocksR-libev for OpenWrt
  • [900星][1y] [Go] huacnlee/flora-kit 基于 shadowsocks-go 做的完善实现,完全兼容 Surge 的配置文件
  • [899星][2m] zhaoweih/shadowsocks-tutorial
  • [840星][11m] [PHP] walkor/shadowsocks-php A php port of shadowsocks based on workerman. A socks5 proxy written in PHP.
  • [830星][1m] [C] shadowsocksr-live/shadowsocksr-native 从容翻越党国敏感日 ShadowsocksR (SSR) native implementation for all platforms, GFW terminator
  • [730星][6m] [Go] cbeuw/goquiet A Shadowsocks obfuscation plugin utilising domain fronting to evade deep packet inspection
  • [517星][9m] [JS] mrluanma/shadowsocks-heroku shadowsocks over WebSocket, support Heroku.
  • [421星][2m] [PowerShell] p3nt4/invoke-socksproxy Socks proxy server using powershell. Supports local and reverse connections for pivoting.
  • [402星][3m] [JS] lolimay/shadowsocks-deepin
  • [374星][1y] [Go] riobard/go-shadowsocks2 Experimental Shadowsocks in Go. Stable fork at
  • [337星][16d] [Py] leitbogioro/ssr.go A new shadowsocksR config manager
  • [318星][3m] [Py] qwj/python-proxy HTTP/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.
  • [301星][13d] [Shell] loyess/shell Shadowsocks-libev with plugins one-click installation. For example: v2ray-plugin, kcptun, simple-obfs, goquiet, cloak...
  • [250星][4m] [Py] fsgmhoward/shadowsocks-py-mu A fast tunnel proxy server for multiple users



  • [419星][19d] hugetiny/awesome-vpn A curated list of awesome free VPNs and proxies.免费的代理,科学上网,翻墙,梯子大集合







  • [302星][4m] [Py] hash3lizer/wifibroot A WiFi Pentest Cracking tool for WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication)




  • [1231星][19d] [PowerShell] hak5/bashbunny-payloads The Official Bash Bunny Payload Repository
  • [962星][27d] [C] zardus/preeny Some helpful preload libraries for pwning stuff.
  • [560星][10m] [Py] genetic-malware/ebowla Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
  • [529星][2m] [C++] screetsec/brutal Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
  • [438星][12d] [Py] ctxis/cape Malware Configuration And Payload Extraction
  • [339星][11m] [JS] gabemarshall/brosec Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.
  • [259星][3m] [Py] felixweyne/imaginaryc2 Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
  • [234星][3m] cujanovic/markdown-xss-payloads XSS payloads for exploiting Markdown syntax
  • [229星][17d] cujanovic/open-redirect-payloads Open Redirect Payloads
  • [226星][5m] cr0hn/nosqlinjection_wordlists This repository contains payload to test NoSQL Injections
  • [216星][2m] [Py] whitel1st/docem Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
  • [210星][1m] [Py] brent-stone/can_reverse_engineering Automated Payload Reverse Engineering Pipeline for the Controller Area Network (CAN) protocol
  • [210星][24d] [C] shchmue/lockpick_rcm Nintendo Switch encryption key derivation bare metal RCM payload
  • [210星][20d] [PHP] zigoo0/jsonbee A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.



  • [5045星][3m] [Py] n1nj4sec/pupy Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
  • [1696星][6m] [Smali] ahmyth/ahmyth-android-rat Android Remote Administration Tool
  • [1306星][1y] [Py] marten4n6/evilosx An evil RAT (Remote Administration Tool) for macOS / OS X.
  • [763星][22d] [Py] kevthehermit/ratdecoders Python Decoders for Common Remote Access Trojans
  • [597星][1y] [PowerShell] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
  • [477星][5m] [Visual Basic] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
  • [352星][2m] [C++] werkamsus/lilith Lilith, The Open Source C++ Remote Administration Tool (RAT)
  • [307星][5m] [Py] mvrozanti/rat-via-telegram Windows Remote Administration Tool via Telegram
  • [271星][1m] [C#] nyan-x-cat/asyncrat-c-sharp Open-Source Remote Administration Tool For Windows C# (RAT)
  • [269星][3m] [C++] yuanyuanxiang/simpleremoter 基于gh0st的远程控制器:实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能,优化全部代码及整理排版,修复内存泄漏缺陷,程序运行稳定。此项目初版见:



  • [3690星][3m] [Py] malwaredllc/byob BYOB (Build Your Own Botnet)
  • [2135星][1y] [C++] maestron/botnets This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
  • [390星][19d] [C++] souhardya/uboat HTTP Botnet Project
  • [319星][5m] [Go] saturnsvoid/gobot2 Second Version of The GoBot Botnet, But more advanced.


  • [378星][7m] [C] zerosum0x0/smbdoor Windows kernel backdoor via registering a malicious SMB handler
  • [364星][2m] [Shell] screetsec/vegile This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
  • [362星][7m] [Py] s0md3v/cloak Cloak can backdoor any python script with some tricks.
  • [341星][11m] [Shell] r00t-3xp10it/backdoorppt backdoorppt:将Exe格式Payload伪装成Doc(.ppt)
  • [317星][1y] [Ruby] carletonstuberg/browser-backdoor BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener
  • [287星][3m] [C#] mvelazc0/defcon27_csharp_workshop Writing custom backdoor payloads with C# - Defcon 27
  • [201星][8m] [C] paradoxis/php-backdoor Your interpreter isn’t safe anymore  —  The PHP module backdoor




  • [379星][1y] [Go] mauri870/ransomware A POC Windows crypto-ransomware (Academic)
  • [313星][13d] [Batchfile] mitchellkrogza/ultimate.hosts.blacklist The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.




  • [255星][3m] [Py] no0be/dnslivery Easy files and payloads delivery over DNS




  • [6832星][17d] [C] hashcat/hashcat 世界上最快最先进的密码恢复工具
  • [3268星][2m] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
  • [2346星][1m] [Shell] rebootuser/linenum Scripted Local Linux Enumeration & Privilege Escalation Checks
  • [2136星][14d] [Py] commixproject/commix Automated All-in-One OS command injection and exploitation tool.
  • [1226星][9m] [C] a0rtega/pafish Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
  • [1191星][1y] [C#] cn33liz/p0wnedshell PowerShell Runspace Post Exploitation Toolkit
  • [1045星][8m] [Py] 0x00-0x00/shellpop 在渗透中生产简易的/复杂的反向/绑定Shell
  • [1029星][28d] [Boo] byt3bl33d3r/silenttrinity An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
  • [1015星][3m] [Py] byt3bl33d3r/deathstar 在Active Directory环境中使用Empire自动获取域管理员权限
  • [754星][4m] [Py] lgandx/pcredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
  • [737星][4m] [PowerShell] hausec/adape-script Active Directory Assessment and Privilege Escalation Script
  • [668星][1m] [C#] cobbr/sharpsploit SharpSploit is a .NET post-exploitation library written in C#
  • [405星][4m] [Shell] thesecondsun/bashark Bash post exploitation toolkit
  • [341星][4m] [Py] adrianvollmer/powerhub A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
  • [282星][1y] [JS] chrisallenlane/novahot Webshell框架,实现了基于Json的API,可与任何语言编写的后门(默认支持PHP/Ruby/Python)进行通信。
  • [212星][2m] [Go] brompwnie/botb A container analysis and exploitation tool for pentesters and engineers.


  • [3509星][4m] [C] secwiki/windows-kernel-exploits windows-kernel-exploits Windows平台提权漏洞集合
  • [1245星][2m] [Py] alessandroz/beroot Privilege Escalation Project - Windows / Linux / Mac
  • [583星][11m] [C++] ohpe/juicy-potato A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
  • [529星][4m] rhinosecuritylabs/aws-iam-privilege-escalation A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
  • [492星][7m] [Py] initstring/dirty_sock Linux privilege escalation exploit via snapd (CVE-2019-7304)
  • [467星][8m] [C] nongiach/sudo_inject [Linux] Two Privilege Escalation techniques abusing sudo token
  • [443星][1m] [C#] rasta-mouse/watson Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities
  • [383星][3m] [PowerShell] cyberark/aclight A script for advanced discovery of Privileged Accounts - includes Shadow Admins
  • [353星][2m] [PowerShell] gdedrouas/exchange-ad-privesc Exchange privilege escalations to Active Directory
  • [337星][20d] [Shell] nullarray/roothelper 辅助在被攻克系统上的提权过程:自动枚举、下载、解压并执行提权脚本
  • [302星][4m] [Batchfile] frizb/windows-privilege-escalation Windows Privilege Escalation Techniques and Scripts
  • [258星][3m] [PHP] lawrenceamer/0xsp-mongoose Privilege Escalation Enumeration Toolkit (64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding


  • [2283星][15d] [C] hfiref0x/uacme Defeating Windows User Account Control




  • [453星][3m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.





  • [1091星][1y] [Py] bugcrowd/hunt Burp和ZAP的扩展收集
  • [742星][13d] [Batchfile] mr-xn/burpsuite-collections BurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦
  • [705星][1y] [Java] d3vilbug/hackbar HackBar plugin for Burpsuite v1.0
  • [646星][8m] [Java] vulnerscom/burp-vulners-scanner Vulnerability scanner based on search API
  • [563星][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
  • [549星][8m] [Java] c0ny1/chunked-coding-converter Burp suite 分块传输辅助插件
  • [466星][19d] [Java] wagiro/burpbounty Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
  • [436星][5m] [Py] albinowax/activescanplusplus ActiveScan++ Burp Suite Plugin
  • [434星][1m] [Py] romanzaikin/burpextension-whatsapp-decryption-checkpoint This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019)
  • [402星][4m] [Java] bit4woo/recaptcha reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件
  • [397星][7m] [Java] nccgroup/burpsuitehttpsmuggler A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  • [373星][1y] [Py] rhinosecuritylabs/sleuthql Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  • [371星][2m] [Java] nccgroup/autorepeater Automated HTTP Request Repeating With Burp Suite
  • [352星][4m] [Java] bit4woo/domain_hunter A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名(不仅仅是单个主域名)的插件
  • [327星][2m] [Kotlin] portswigger/turbo-intruder Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
  • [309星][1y] [Java] ebryx/aes-killer Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
  • [300星][3m] [Java] bit4woo/knife A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
  • [300星][7m] [Java] ilmila/j2eescan J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
  • [299星][2m] [Java] portswigger/http-request-smuggler an extension for Burp Suite designed to help you launch HTTP Request Smuggling attack
  • [297星][11m] [Shell] yw9381/burp_suite_doc_zh_cn 这是基于Burp Suite官方文档翻译而来的中文版文档
  • [296星][1y] [Java] vmware/burp-rest-api REST/JSON API to the Burp Suite security tool.
  • [272星][1y] [Java] elkokc/reflector reflector:Burp 插件,浏览网页时实时查找反射 XSS
  • [264星][18d] [Py] quitten/autorize Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
  • [250星][2m] [Py] rhinosecuritylabs/iprotate_burp_extension Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
  • [241星][4m] [Py] initroot/burpjslinkfinder Burp Extension for a passive scanning JS files for endpoint links.
  • [235星][1m] [Java] samlraider/samlraider SAML2 Burp Extension
  • [231星][1y] [Java] nccgroup/burpsuiteloggerplusplus Burp Suite Logger++: Log activities of all the tools in Burp Suite
  • [230星][1y] [Py] audibleblink/doxycannon DoxyCannon: 为一堆OpenVPN文件分别创建Docker容器, 每个容器开启SOCKS5代理服务器并绑定至Docker主机端口, 再结合使用Burp或ProxyChains, 构建私有的Botnet
  • [230星][1y] [Java] difcareer/sqlmap4burp sqlmap embed in burpsuite
  • [222星][6m] [Java] c0ny1/jsencrypter 一个用于加密传输爆破的Burp Suite插件
  • [214星][2m] [Java] c0ny1/passive-scan-client Burp被动扫描流量转发插件
  • [205星][2m] [Java] h3xstream/http-script-generator ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  • [202星][5m] [Perl] modzero/mod0burpuploadscanner HTTP file upload scanner for Burp Proxy




  • [1009星][4m] [C] govolution/avet avet:免杀工具
  • [698星][9m] [Py] mr-un1k0d3r/dkmc DKMC - Dont kill my cat - Malicious payload evasion tool
  • [620星][6m] [Py] paranoidninja/carboncopy A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
  • [461星][1y] [Go] arvanaghi/checkplease Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
  • [299星][1y] [Py] two06/inception Provides In-memory compilation and reflective loading of C# apps for AV evasion.
  • [280星][1m] [C#] ch0pin/aviator Antivirus evasion project
  • [252星][1m] [C#] hackplayers/salsa-tools Salsa Tools - ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched


  • [2387星][3m] [Go] ne0nd0g/merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  • [1104星][1y] [Py] byt3bl33d3r/gcat A PoC backdoor that uses Gmail as a C&C server
  • [917星][19d] [C#] cobbr/covenant Covenant is a collaborative .NET C2 framework for red teamers.
  • [632星][10m] [Py] mehulj94/braindamage Remote administration tool which uses Telegram as a C&C server
  • [314星][1y] [C#] spiderlabs/dohc2 DoHC2 allows the ExternalC2 library from Ryan Hanson (
  • [240星][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2
  • [240星][14d] [PowerShell] nettitude/poshc2 Python Server for PoshC2



  • [10690星][13d] [Py] owasp/cheatsheetseries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
  • [2245星][13d] [Go] owasp/amass In-depth Attack Surface Mapping and Asset Discovery
  • [1902星][28d] [Perl] spiderlabs/owasp-modsecurity-crs OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
  • [1680星][1y] owasp/devguide The OWASP Guide
  • [1390星][2m] [HTML] owasp/top10 Official OWASP Top 10 Document Repository
  • [1000星][3m] [HTML] owasp/nodegoat 学习OWASP安全威胁Top10如何应用到Web App的,以及如何处理
  • [731星][2m] [Java] owasp/securityshepherd Web and mobile application security training platform
  • [665星][13d] [HTML] owasp/asvs Application Security Verification Standard
  • [597星][10m] [Py] zdresearch/owasp-nettacker Automated Penetration Testing Framework
  • [480星][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
  • [480星][17d] owasp/wstg The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
  • [461星][7m] [Java] owasp/owasp-webscarab OWASP WebScarab
  • [402星][5m] [Py] stanislav-web/opendoor OWASP WEB Directory Scanner
  • [360星][1m] [Java] zaproxy/zap-extensions OWASP ZAP Add-ons
  • [341星][1m] [Java] esapi/esapi-java-legacy ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
  • [292星][5m] 0xradi/owasp-web-checklist OWASP Web Application Security Testing Checklist
  • [271星][5m] [JS] mike-goodwin/owasp-threat-dragon An open source, online threat modelling tool from OWASP
  • [269星][4m] tanprathan/owasp-testing-checklist OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
  • [248星][11m] [Java] owasp/owasp-java-encoder The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
  • [225星][1m] owasp/api-security OWASP API Security Project



  • [389星][1y] [Shell] killswitch-gui/cobaltstrike-toolkit Some useful scripts for CobaltStrike
  • [203星][1y] [C#] spiderlabs/sharpcompile SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approach than manually compiling an .NET assembly and loading it into Cobalt Strike. The project aims to make it easier to move away from adhoc PowerShell execution instead creating a temporary assembly and executing…




  • [6673星][10m] [Shell] awslabs/git-secrets Prevents you from committing secrets and credentials into git repositories
  • [4346星][7m] [Py] boxug/trape 学习在互联网上跟踪别人,获取其详细信息,并避免被别人跟踪
  • [3064星][28d] [Py] tribler/tribler Privacy enhanced BitTorrent client with P2P content discovery
  • [1102星][4m] [Vue] 0xbug/hawkeye GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
  • [935星][20d] [Py] mozilla/openwpm A web privacy measurement framework
  • [884星][2m] [C#] elevenpaths/foca Tool to find metadata and hidden information in the documents.
  • [822星][18d] [Py] al0ne/vxscan python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。
  • [390星][6m] [Py] repoog/gitprey Searching sensitive files and contents in GitHub associated to company name or other key words
  • [356星][2m] [Py] hell0w0rld0/github-hunter This tool is for sensitive information searching on Github - The Fast Version here:
  • [312星][15d] [HTML] tanjiti/sec_profile 爬取secwiki和,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)




  • [569星][1m] [Go] dimitarpetrov/stegify Go tool for LSB steganography, capable of hiding any file within an image.
  • [344星][6m] [Go] lukechampine/jsteg JPEG steganography
  • [342星][5m] [Java] syvaidya/openstego OpenStego is a steganography application that provides two functionalities: a) Data Hiding: It can hide any data within a cover file (e.g. images). b) Watermarking: Watermarking files (e.g. images) with an invisible signature. It can be used to detect unauthorized file copying.
  • [274星][1y] [C] abeluck/stegdetect UNMAINTAINED. USE AT OWN RISK. Stegdetect is an automated tool for detecting steganographic content in images.
  • [256星][26d] [Py] cedricbonhomme/stegano Stegano is a pure Python steganography module.




  • [4008星][1m] [Py] aboul3la/sublist3r Fast subdomains enumeration tool for penetration testers
  • [3147星][15d] [Py] laramies/theharvester E-mails, subdomains and names Harvester - OSINT
  • [2981星][6m] [Go] michenriksen/aquatone 子域名枚举工具。除了经典的爆破枚举之外,还利用多种开源工具和在线服务大幅度增加发现子域名的数量。
  • [1750星][6m] [Py] lijiejie/subdomainsbrute 子域名爆破
  • [1686星][1m] [Go] subfinder/subfinder 使用Passive Sources, Search Engines, Pastebins, Internet Archives等查找子域名
  • [1668星][7m] [Py] guelfoweb/knock 使用 Wordlist 枚举子域名
  • [1555星][14d] [Go] caffix/amass 子域名枚举, 搜索互联网数据源, 使用机器学习猜测子域名. Go语言
  • [1087星][1m] [Py] john-kurkowski/tldextract Accurately separate the TLD from the registered domain and subdomains of a URL, using the Public Suffix List.
  • [752星][12d] [Rust] edu4rdshl/findomain The fastest and cross-platform subdomain enumerator, don't waste your time.
  • [687星][4m] [Go] haccer/subjack 异步多线程扫描子域列表,识别能够被劫持的子域。Go 编写
  • [639星][1y] [Py] simplysecurity/simplyemail Email recon made fast and easy, with a framework to build on
  • [573星][2m] [Py] jonluca/anubis Subdomain enumeration and information gathering tool
  • [537星][8m] [Py] feeicn/esd Enumeration sub domains(枚举子域名)
  • [468星][1m] [Py] typeerror/domained Multi Tool Subdomain Enumeration
  • [435星][1y] [Go] ice3man543/subover A Powerful Subdomain Takeover Tool
  • [434星][5m] [Py] threezh1/jsfinder JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
  • [425星][1m] [Py] nsonaniya2010/subdomainizer A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
  • [422星][10m] [Py] appsecco/bugcrowd-levelup-subdomain-enumeration This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
  • [407星][2m] [Py] yanxiu0614/subdomain3 subdomain3:简单快速的子域名爆破工具。
  • [327星][4m] [Py] chris408/ct-exposer An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
  • [302星][1y] [Py] christophetd/censys-subdomain-finder 利用搜索引擎 Censys 提供的 certificate transparency 日志, 实现子域名枚举. (Censys: 搜索联网设备信息的搜索引擎)
  • [275星][7m] [Py] franccesco/getaltname 直接从SSL证书中提取子域名或虚拟域名
  • [254星][10m] [Py] appsecco/the-art-of-subdomain-enumeration This repository contains all the supplement material for the book "The art of sub-domain enumeration"
  • [251星][5m] [Go] anshumanbh/tko-subs A tool that can help detect and takeover subdomains with dead DNS records
  • [204星][1m] [Shell] screetsec/sudomy Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format



  • [8843星][13d] [JS] valve/fingerprintjs2 Modern & flexible browser fingerprinting library
  • [3029星][1m] [JS] valve/fingerprintjs Anonymous browser fingerprint
  • [1595星][14d] [JS] ghacksuserjs/ghacks-user.js An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
  • [1595星][9m] [C] nmikhailov/validity90 Reverse engineering of Validity/Synaptics 138a:0090, 138a:0094, 138a:0097, 06cb:0081, 06cb:009a fingerprint readers protocol
  • [918星][7m] [JS] song-li/cross_browser cross_browser_fingerprinting
  • [783星][1m] [Py] salesforce/ja3 SSL/TLS 客户端指纹,用于恶意代码检测
  • [372星][21d] [Py] 0x4d31/fatt FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
  • [309星][2m] [Py] dpwe/audfprint Landmark-based audio fingerprinting
  • [305星][3m] [Py] salesforce/hassh HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.
  • [268星][1y] [CSS] w-digital-scanner/w11scan 分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform
  • [240星][2m] [C] leebrotherston/tls-fingerprinting TLS Fingerprinting
  • [224星][2m] [GLSL] westpointltd/tls_prober A tool to fingerprint SSL/TLS servers
  • [212星][1y] [Py] sensepost/spartan Frontpage and Sharepoint fingerprinting and attack tool.
  • [200星][1y] [Erlang] kudelskisecurity/scannerl scannerl:模块化、分布式指纹识别引擎,在单个主机运行即可扫描数千目标,也可轻松的部署到多台主机




  • [2797星][21d] [Py] twintproject/twint An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.


  • [1627星][22d] [Go] eth0izzle/shhgit 监听Github Event API,实时查找Github代码和Gist中的secret和敏感文件
  • [1549星][1y] [Py] unkl4b/gitminer Github内容挖掘
  • [1321星][7m] [Py] feeicn/gsil GitHub敏感信息泄露监控,几乎实时监控,发送警告
  • [840星][7m] [Go] misecurity/x-patrol github泄露扫描系统
  • [834星][1m] [JS] vksrc/github-monitor Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
  • [767星][1m] [Py] bishopfox/gitgot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
  • [750星][3m] [Py] techgaun/github-dorks 快速搜索Github repo中的敏感信息
  • [602星][2m] [Py] hisxo/gitgraber monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
  • [312星][15d] [HTML] tanjiti/sec_profile 爬取secwiki和,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
  • [290星][7m] [Py] s0md3v/zen 查找Github用户的邮箱地址


  • [7541星][30d] [Py] theyahya/sherlock Find Usernames Across Social Networks
  • [2504星][2m] [Py] greenwolf/social_mapper 对多个社交网站的用户Profile图片进行大规模的人脸识别
  • [653星][1y] [Go] 0x09al/raven raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin.


  • [2421星][4m] [Go] oj/gobuster Directory/File, DNS and VHost busting tool written in Go
  • [2278星][30d] [Py] ab77/netflix-proxy Smart DNS proxy to watch Netflix
  • [2081星][19d] [Py] elceef/dnstwist 域名置换引擎,用于检测打字错误,网络钓鱼和企业间谍活动
  • [1885星][28d] [C++] powerdns/pdns PowerDNS
  • [1669星][3m] [Py] lgandx/responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
  • [1117星][7m] [Py] darkoperator/dnsrecon DNS 枚举脚本
  • [1044星][2m] [Py] infosec-au/altdns Generates permutations, alterations and mutations of subdomains and then resolves them
  • [1039星][1m] [Go] nadoo/glider 正向代理,支持若干协议
  • [969星][6m] [Py] m57/dnsteal DNS Exfiltration tool for stealthily sending files over DNS requests.
  • [891星][18d] [Py] mschwager/fierce A DNS reconnaissance tool for locating non-contiguous IP space.
  • [877星][5m] [Py] m0rtem/cloudfail 通过错误配置的DNS和老数据库,发现CloudFlare网络后面的隐藏IP
  • [681星][1y] [Py] bugscanteam/dnslog 监控 DNS 解析记录和 HTTP 访问记录
  • [594星][7m] [Shell] cokebar/gfwlist2dnsmasq A shell script which convert gfwlist into dnsmasq rules. Python version:
  • [558星][6m] [C] getdnsapi/stubby Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
  • [457星][8m] [C] cofyc/dnscrypt-wrapper This is dnscrypt wrapper (server-side dnscrypt proxy), which helps to add dnscrypt support to any name resolver.
  • [359星][3m] [JS] nccgroup/singularity A DNS rebinding attack framework.
  • [259星][11m] [Py] trycatchhcf/packetwhisper Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
  • [258星][2m] [Go] zmap/zdns 快速DNS查找, 命令行工具
  • [249星][3m] [C#] kevin-robertson/inveighzero Windows C# LLMNR/mDNS/NBNS/DNS spoofer/man-in-the-middle tool
  • [243星][9m] [Go] erbbysam/dnsgrep Quickly Search Large DNS Datasets
  • [237星][25d] [Py] mandatoryprogrammer/trusttrees a script to recursively follow all the possible delegation paths for a target domain and graph the relationships between various nameservers along the way.
  • [230星][1m] [Go] sensepost/godoh A DNS-over-HTTPS Command & Control Proof of Concept
  • [213星][1y] [PowerShell] lukebaggett/dnscat2-powershell A Powershell client for dnscat2, an encrypted DNS command and control tool.



  • [3492星][17d] [C] nmap/nmap Nmap
  • [2099星][6m] [Py] calebmadrigal/trackerjacker 映射你没连接到的Wifi网络, 类似于NMap, 另外可以追踪设备
  • [1666星][3m] [Lua] vulnerscom/nmap-vulners NSE script based on API
  • [1497星][2m] [C] nmap/npcap Nmap Project's packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF.
  • [1237星][2m] [Lua] scipag/vulscan vulscan:Nmap 模块,将 Nmap 转化为高级漏洞扫描器
  • [936星][4m] [Shell] trimstray/sandmap 使用NMap引擎, 辅助网络和系统侦查(reconnaissance)
  • [887星][11m] [Py] rev3rsesecurity/webmap Nmap Web Dashboard and Reporting
  • [822星][2m] [Py] x90skysn3k/brutespray brutespray:获取 nmapGNMAP 输出,自动调用 Medusa 使用默认证书爆破服务(brute-forces services)
  • [728星][4m] [Lua] cldrn/nmap-nse-scripts My collection of nmap NSE scripts
  • [658星][4m] [Py] iceyhexman/onlinetools 在线cms识别|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
  • [481星][1y] [XSLT] honze-net/nmap-bootstrap-xsl A Nmap XSL implementation with Bootstrap.
  • [391星][7m] [Py] savon-noir/python-libnmap libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.6 up to 3.4. It's wonderful.
  • [325星][9m] [Py] samhaxr/hackbox 集合了某些Hacking工具和技巧的攻击工具
  • [307星][1y] [Java] s4n7h0/halcyon First IDE for Nmap Script (NSE) Development.
  • [282星][1y] [Ruby] danmcinerney/pentest-machine Automates some pentest jobs via nmap xml file
  • [257星][1y] [Java] danicuestasuarez/nmapgui Advanced Graphical User Interface for NMap
  • [247星][1y] [Shell] m4ll0k/autonse Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
  • [230星][7m] [Lua] rvn0xsy/nse_vuln Nmap扫描、漏洞利用脚本
  • [228星][5m] [Py] maaaaz/nmaptocsv A simple python script to convert Nmap output to CSV





  • [2883星][1m] [Go] cookiey/yearning A most popular sql audit platform for mysql
  • [712星][1y] [Py] the-robot/sqliv massive SQL injection vulnerability scanner
  • [553星][1m] [HTML] netspi/sqlinjectionwiki A wiki focusing on aggregating and documenting various SQL injection methods
  • [444星][9m] [Go] netxfly/x-crack Weak password scanner, Support: FTP/SSH/SNMP/MSSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
  • [439星][3m] [Go] stripe/safesql Static analysis tool for Golang that protects against SQL injections
  • [395星][3m] [C#] shack2/supersqlinjectionv1 超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库;支持手动灵活的进行SQL注入绕过,可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。
  • [295星][8m] [JS] ning1022/sqlinjectionwiki 一个专注于聚合和记录各种SQL注入方法的wiki
  • [255星][7m] [Py] s0md3v/sqlmate A friend of SQLmap which will do what you always expected from SQLmap.








  • [6407星][1m] [Shell] cisofy/lynis Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
  • [1465星][27d] [Shell] mzet-/linux-exploit-suggester Linux privilege escalation auditing tool
  • [967星][2m] [Py] nccgroup/scoutsuite Multi-Cloud Security Auditing Tool
  • [604星][6m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
  • [271星][17d] [Py] lorexxar/cobra-w Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版


  • [2041星][3m] [Py] whaleshark-team/cobra Source Code Security Audit (源代码安全审计)
  • [807星][1y] [Py] utkusen/leviathan wide range mass audit toolkit
  • [646星][1y] chybeta/code-audit-challenges Code-Audit-Challenges
  • [626星][8m] [Py] klen/pylama Code audit tool for python.
  • [399星][4m] [C] anssi-fr/ad-control-paths Active Directory Control Paths auditing and graphing tools
  • [355星][11m] [Py] enablesecurity/sipvicious SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems.
  • [293星][2m] [C#] ossindex/devaudit Open-source, cross-platform, multi-purpose security auditing tool
  • [263星][14d] [Py] exodus-privacy/exodus Platform to audit trackers used by Android application
  • [254星][1m] [Py] hubblestack/hubble Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe.
  • [240星][4m] [PowerShell] nccgroup/azucar Azure环境安全审计工具
  • [215星][1y] [C] meliot/filewatcher A simple auditing utility for macOS










  • [2643星][12m] [Py] mame82/p4wnp1 基于Raspberry Pi Zero 或 Raspberry Pi Zero W 的USB攻击平台, 高度的可定制性
  • [1658星][7m] [Makefile] raspberrypi/noobs NOOBS (New Out Of Box Software) - An easy Operating System install manager for the Raspberry Pi
  • [1510星][1m] [C] raspberrypi/userland Source code for ARM side libraries for interfacing to Raspberry Pi GPU.
  • [296星][6m] [C++] cyphunk/jtagenum Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch…
  • [258星][5m] [Py] mbro95/portablecellnetwork Utilize a Raspberry Pi and a Nuand BladeRF to generate your own portable local cell network
  • [246星][4m] [Py] tipam/pi3d Simple, yet powerful, 3D Python graphics library for beginners and school children running on the Raspberry Pi.





  • [2830星][1m] [Py] trustedsec/ptf 创建基于Debian/Ubuntu/ArchLinux的渗透测试环境
  • [2310星][1m] security-onion-solutions/security-onion Linux distro for intrusion detection, enterprise security monitoring, and log management
  • [1459星][13d] [Shell] blackarch/blackarch BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers.
  • [342星][13d] [Shell] archstrike/archstrike An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.


  • [3058星][2m] [PowerShell] fireeye/commando-vm Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution.
  • [1686星][18d] [PowerShell] fireeye/flare-vm 火眼发布用于 Windows 恶意代码分析的虚拟机:FLARE VM



  • [4986星][1m] [Shell] vulhub/vulhub Pre-Built Vulnerable Environments Based on Docker-Compose
  • [3680星][2m] [PHP] ethicalhack3r/dvwa Damn Vulnerable Web Application (DVWA)
  • [2536星][25d] [Shell] medicean/vulapps 快速搭建各种漏洞环境(Various vulnerability environment)
  • [2382星][27d] [TSQL] rapid7/metasploitable3 Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
  • [1522星][1m] [PHP] c0ny1/upload-labs 一个帮你总结所有类型的上传漏洞的靶场
  • [981星][1m] [C] hacksysteam/hacksysextremevulnerabledriver HackSys Extreme Vulnerable Windows Driver
  • [831星][27d] [JS] lirantal/is-website-vulnerable finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
  • [741星][1m] [Ruby] rubysec/ruby-advisory-db A database of vulnerable Ruby Gems
  • [633星][2m] [HCL] rhinosecuritylabs/cloudgoat CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  • [577星][2m] [HTML] owasp/railsgoat A vulnerable version of Rails that follows the OWASP Top 10
  • [563星][1m] [C++] bkerler/exploit_me 带洞的 ARMApp, 可用于漏洞开发练习
  • [517星][5m] [PHP] acmesec/dorabox DoraBox - 基础Web漏洞训练靶场
  • [311星][28d] [Py] owasp/owasp-vwad The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
  • [252星][2m] [PHP] incredibleindishell/ssrf_vulnerable_lab This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  • [237星][2m] [JS] owasp/dvsa a Damn Vulnerable Serverless Application
  • [218星][11m] [C] stephenbradshaw/vulnserver Vulnerable server used for learning software exploitation


  • [2902星][13d] [JS] webgoat/webgoat 带漏洞WebApp
  • [2556星][15d] [JS] bkimminich/juice-shop OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
  • [459星][14d] [Py] stamparm/dsvw Damn Small Vulnerable Web
  • [427星][3m] [Py] payatu/tiredful-api An intentionally designed broken web application based on REST API.
  • [289星][1y] [CSS] appsecco/dvna Damn Vulnerable NodeJS Application
  • [218星][5m] [JS] cr0hn/vulnerable-node A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools


  • [1699星][13d] [Ruby] cliffe/secgen Create randomly insecure VMs
  • [1408星][5m] [PHP] s4n7h0/xvwa XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
  • [305星][7m] [Ruby] secgen/secgen Generate vulnerable virtual machines on the fly (current team development is taking place in the cliffe/SecGen fork)





  • [11823星][24d] [Go] buger/goreplay 实时捕获HTTP流量并输入测试环境,以便持续使用真实数据测试你的系统
  • [6391星][1m] [Py] networkx/networkx 用于创建、操纵和研究复杂网络的结构,Python包
  • [5204星][6m] [Py] usarmyresearchlab/dshell 网络审计分析
  • [4526星][15d] [Py] secdev/scapy 交互式数据包操作, Python, 命令行+库
  • [4144星][11m] [JS] kdzwinel/betwixt Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface.
  • [3729星][20d] [Py] secureauthcorp/impacket Python类收集, 用于与网络协议交互
  • [3482星][15d] [JS] aol/moloch 数据包捕获、索引工具,支持数据库
  • [3480星][7m] [Go] fanpei91/torsniff torsniff - a sniffer that sniffs torrents from BitTorrent network
  • [3191星][14d] [Py] stamparm/maltrail 恶意网络流量检测系统
  • [3096星][25d] [C] valdikss/goodbyedpi GoodbyeDPI—Passive Deep Packet Inspection blocker and Active DPI circumvention utility (for Windows)
  • [2503星][7m] [C++] chengr28/pcap_dnsproxy Pcap_DNSProxy, a local DNS server based on packet capturing
  • [1877星][28d] [C] ntop/ndpi Open Source Deep Packet Inspection Software Toolkit
  • [1799星][1m] [C] merbanan/rtl_433 Program to decode traffic from Devices that are broadcasting on 433.9 MHz like temperature sensors
  • [1419星][2m] [Go] google/stenographer Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at
  • [1328星][2m] [C++] mfontanini/libtins High-level, multiplatform C++ network packet sniffing and crafting library.
  • [1271星][2m] [C] traviscross/mtr Official repository for mtr, a network diagnostic tool
  • [1258星][1m] [Go] dreadl0ck/netcap A framework for secure and scalable network traffic analysis -
  • [1207星][1y] [Py] danmcinerney/net-creds Sniffs sensitive data from interface or pcap
  • [1056星][6m] [PowerShell] nytrorst/netripper 后渗透工具,针对Windows, 使用API Hooking拦截网络流量和加密相关函数, 可捕获明文和加密前后的内容
  • [1046星][10m] [C++] simsong/tcpflow TCP/IP packet demultiplexer. Download from:
  • [952星][2m] [Py] kiminewt/pyshark Python wrapper for tshark, allowing python packet parsing using wireshark dissectors
  • [945星][7m] [Py] fireeye/flare-fakenet-ng 下一代动态网络分析工具
  • [853星][3m] [C] cisco/joy 捕获和分析网络流数据和intraflow数据,用于网络研究、取证和安全监视
  • [820星][6m] [Go] 40t/go-sniffer
  • [817星][29d] [C] zerbea/hcxtools Portable solution for capturing wlan traffic and conversion to hashcat formats (recommended by hashcat) and to John the Ripper formats. hcx: h = hash, c = capture, convert and calculate candidates, x = different hashtypes
  • [800星][2m] [C] emmericp/ixy Simple userspace packet processing for educational purposes
  • [790星][7m] [Py] phaethon/kamene Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
  • [779星][2m] [C] netsniff-ng/netsniff-ng A Swiss army knife for your daily Linux network plumbing.
  • [713星][2m] [Py] cloudflare/bpftools BPF Tools - packet analyst toolkit
  • [652星][1m] [Py] kbandla/dpkt fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
  • [645星][1m] [C] zerbea/hcxdumptool Small tool to capture packets from wlan devices.
  • [636星][1y] [Go] ga0/netgraph A cross platform http sniffer with a web UI
  • [509星][9m] [Perl] mrash/fwknop Single Packet Authorization > Port Knocking
  • [505星][7m] [C++] kohler/click The Click modular router: fast modular packet processing and analysis
  • [499星][1m] [C] sam-github/libnet A portable framework for low-level network packet construction
  • [458星][1m] [Py] netzob/netzob Protocol Reverse Engineering, Modeling and Fuzzing
  • [451星][4m] [C] jarun/keysniffer
  • [440星][20d] [C#] malwareinfosec/ekfiddle A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general.
  • [435星][2m] [C++] pstavirs/ostinato Packet/Traffic Generator and Analyzer
  • [431星][2m] [Ruby] aderyabin/sniffer Log and Analyze Outgoing HTTP Requests
  • [412星][10m] [C] jpr5/ngrep ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF f…
  • [411星][2m] [C] desowin/usbpcap USB packet capture for Windows
  • [407星][8m] [Py] mitrecnd/chopshop Protocol Analysis/Decoder Framework
  • [387星][1m] [Rust] kpcyrd/sniffglue Secure multithreaded packet sniffer
  • [382星][2m] [Go] alphasoc/flightsim A utility to generate malicious network traffic and evaluate controls
  • [379星][4m] [PHP] floedesigntechnologies/phpcs-security-audit phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
  • [375星][28d] [Py] idaholab/malcolm Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.
  • [330星][12m] [Ruby] packetfu/packetfu 数据包篡改工具。Ruby语言编写。
  • [326星][14d] [TypeScript] shroudedcode/apk-mitm
  • [303星][1y] [Py] tintinweb/scapy-ssl_tls SSL/TLS layers for scapy the interactive packet manipulation tool
  • [292星][4m] [C] pulkin/esp8266-injection-example Example project to demonstrate packet injection / sniffer capabilities of ESP8266 IC.
  • [278星][23d] [C] troglobit/nemesis 网络数据包构造和注入的命令行工具
  • [273星][9m] [C] jiaoxianjun/btle Bluetooth Low Energy (BLE) packet sniffer and generator for both standard and non standard (raw bit).
  • [254星][2m] [Go] sachaos/tcpterm tcpterm is a packet visualizer in TUI.
  • [243星][7m] [Py] needmorecowbell/sniff-paste Pastebin OSINT Harvester
  • [241星][2m] [C] nccgroup/sniffle A sniffer for Bluetooth 5 and 4.x LE
  • [218星][18d] [Py] ghostop14/sparrow-wifi Next-Gen GUI-based WiFi and Bluetooth Analyzer for Linux
  • [213星][2m] [C] dns-oarc/dnscap Network capture utility designed specifically for DNS traffic



  • [3480星][7m] [Go] fanpei91/torsniff 从BitTorrent网络嗅探种子
  • [2950星][14d] [Lua] ntop/ntopng 基于Web的流量监控工具
  • [1328星][1y] [C] gamelinux/passivedns A network sniffer that logs all DNS server replies for use in a passive DNS setup
  • [286星][1m] [Shell] tehw0lf/airbash airbash: 全自动的WPAPSK握手包捕获脚本, 用于渗透测试


  • [820星][13d] [C++] seladb/pcapplusplus PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
  • [780星][3m] [Py] srinivas11789/pcapxray A Network Forensics Tool
  • [459星][30d] [C#] chmorgan/sharppcap Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
  • [210星][12m] [Py] mateuszk87/pcapviz Visualize network topologies and collect graph statistics based on pcap files
  • [209星][7m] [JS] dirtbags/pcapdb 分布式、搜索优化的网络数据包捕获系统
  • [206星][4m] [Py] pynetwork/pypcap python libpcap module, forked from, now actively maintained





  • [4772星][1m] [Py] alessandroz/lazagne Credentials recovery project
  • [1441星][1y] [Py] d4vinci/cr3dov3r Know the dangers of credential reuse attacks.
  • [1025星][1y] [PowerShell] danmcinerney/icebreaker Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
  • [891星][16d] [C] cossacklabs/themis themis:用于存储或通信的加密库,可用于Swift, ObjC, Android, С++, JS, Python, Ruby, PHP, Go。
  • [514星][2m] [Py] unode/firefox_decrypt Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox/Thunderbird/Seabird) profiles
  • [492星][2m] [Py] byt3bl33d3r/sprayingtoolkit Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
  • [483星][1y] [JS] emilbayes/secure-password Making Password storage safer for all
  • [442星][1y] [Go] ncsa/ssh-auditor 扫描网络中的弱SSH密码
  • [385星][11m] [Shell] mthbernardes/sshlooter Script to steal passwords from ssh.
  • [347星][3m] [Py] davidtavarez/pwndb Search for leaked credentials
  • [295星][5m] [C#] raikia/credninja A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
  • [284星][6m] [Shell] greenwolf/spray A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
  • [272星][2m] [JS] kspearrin/ff-password-exporter Easily export your passwords from Firefox.
  • [267星][1m] [Py] xfreed0m/rdpassspray Python3 tool to perform password spraying using RDP
  • [255星][5m] [C] rub-syssec/omen Ordered Markov ENumerator - Password Guesser
  • [210星][3m] [Ruby] bdmac/strong_password Entropy-based password strength checking for Ruby and Rails.


  • [6832星][17d] [C] hashcat/hashcat 世界上最快最先进的密码恢复工具
  • [5149星][12m] [JS] samyk/poisontap Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
  • [3083星][13d] [C] magnumripper/johntheripper This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS:
  • [2536星][1m] [C] huntergregal/mimipenguin dump 当前Linux用户的登录密码
  • [1124星][7m] [Py] mebus/cupp Common User Passwords Profiler (CUPP)
  • [859星][4m] [Go] fireeye/gocrack 火眼开源的密码破解工具,可以跨多个 GPU 服务器执行任务
  • [843星][2m] [Go] ukhomeoffice/repo-security-scanner CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
  • [628星][1y] [Java] faizann24/wifi-bruteforcer-fsecurify Android app,无需 Root 即可爆破 Wifi 密码
  • [585星][1y] [Py] brannondorsey/passgan A Deep Learning Approach for Password Guessing (
  • [578星][6m] [C] hashcat/hashcat-utils Small utilities that are useful in advanced password cracking
  • [574星][3m] [Py] thewhiteh4t/pwnedornot OSINT Tool for Finding Passwords of Compromised Email Addresses
  • [482星][1y] [PowerShell] dafthack/domainpasswordspray DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
  • [404星][1y] [C++] vah13/extracttvpasswords tool to extract passwords from TeamViewer memory using Frida
  • [344星][7m] [Py] iphelix/pack PACK (Password Analysis and Cracking Kit)
  • [318星][2m] [JS] auth0/repo-supervisor Serverless工具,在pull请求中扫描源码,搜索密码及其他秘密
  • [318星][1m] [CSS] guyoung/captfencoder CaptfEncoder是一款跨平台网络安全工具套件,提供网络安全相关编码转换、古典密码、密码学、特殊编码等工具,并聚合各类在线工具。



  • [8590星][3m] [C] gentilkiwi/mimikatz A little tool to play with Windows security
  • [2084星][1m] [Py] trustedsec/unicorn 通过PowerShell降级攻击, 直接将Shellcode注入到内存






  • [25893星][12d] [Py] certbot/certbot Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
  • [7594星][17d] [JS] gchq/cyberchef The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
  • [4838星][2m] [Rust] sharkdp/hexyl 命令行中查看hex
  • [4230星][14d] [JS] cure53/dompurify DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
  • [3166星][6m] [HTML] leizongmin/js-xss Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
  • [3078星][2m] [Shell] trimstray/ My simple Swiss Army knife for http/https troubleshooting and profiling.
  • [949星][8m] [Go] maliceio/malice 开源版的VirusTotal
  • [500星][17d] [Py] certtools/intelmq IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
  • [464星][4m] [JS] ehrishirajsharma/swiftnessx A cross-platform note-taking & target-tracking app for penetration testers.


  • [4292星][5m] [Py] diafygi/acme-tiny A tiny script to issue and renew TLS certs from Let's Encrypt
  • [1663星][2m] [HTML] chromium/
  • [1177星][2m] [Go] jsha/minica minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
  • [1126星][19d] [Go] smallstep/certificates 私有的证书颁发机构(X.509和SSH)和ACME服务器,用于安全的自动证书管理,因此您可以在SSH和SSO处使用TLS
  • [507星][14d] [Java] rub-nds/tls-attacker TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is developed by the Ruhr University Bochum (





  • [3315星][2m] [Py] google/grr GRR Rapid Response: remote live forensics for incident response
  • [1486星][9m] [Py] google/rekall Rekall Memory Forensic Framework
  • [1465星][18d] [C] sleuthkit/sleuthkit The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
  • [1200星][27d] [Py] google/timesketch Collaborative forensic timeline analysis
  • [1152星][2m] [Go] mozilla/mig mig:分布式实时数字取证和研究平台
  • [953星][1m] [Rich Text Format] decalage2/oletools oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
  • [940星][17d] [C++] hasherezade/pe-sieve Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
  • [909星][2m] [Py] ondyari/faceforensics Github of the FaceForensics dataset
  • [826星][12d] [Java] sleuthkit/autopsy Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
  • [817星][21d] cugu/awesome-forensics A curated list of awesome forensic analysis tools and resources
  • [802星][14d] [Py] yampelo/beagle Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
  • [744星][19d] [Py] snovvcrash/usbrip Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux
  • [419星][2m] [Py] obsidianforensics/hindsight Internet history forensics for Google Chrome/Chromium
  • [400星][14d] [Py] forensicartifacts/artifacts Digital Forensics Artifact Repository
  • [391星][10m] [Go] mozilla/masche MIG Memory Forensic library
  • [321星][10m] [Py] alessandroz/lazagneforensic Windows passwords decryption from dump files
  • [317星][3m] [HTML] intezer/linux-explorer linux-explorer: 针对Linux 系统的现场取证工具箱. Web 界面, 简单易用
  • [311星][8m] [Py] n0fate/chainbreaker Mac OS X Keychain Forensic Tool
  • [301星][2m] [Py] google/turbinia Automation and Scaling of Digital Forensics Tools
  • [296星][24d] [Shell] vitaly-kamluk/bitscout bitscout:远程数据取证工具
  • [268星][12d] [Perl] owasp/o-saft O-Saft - OWASP SSL advanced forensic tool
  • [255星][6m] [Batchfile] diogo-fernan/ir-rescue A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  • [250星][21d] [Py] google/docker-explorer A tool to help forensicate offline docker acquisitions
  • [248星][12m] [C++] comaeio/swishdbgext Incident Response & Digital Forensics Debugging Extension
  • [243星][11m] [Py] crowdstrike/forensics Scripts and code referenced in CrowdStrike blog posts
  • [241星][1m] [Py] orlikoski/cdqr The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
  • [227星][30d] [C] elfmaster/libelfmaster Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
  • [217星][2m] [Py] crowdstrike/automactc AutoMacTC: Automated Mac Forensic Triage Collector







  • [2906星][18d] [Py] cowrie/cowrie cowrie:中型/交互型 SSH/Telnet 蜜罐,
  • [272星][27d] [C] droberson/ssh-honeypot Fake sshd that logs ip addresses, usernames, and passwords.



  • [433星][1y] [Py] 0x4d31/honeylambda honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway














  • [1408星][1m] [Py] neo23x0/loki Loki - Simple IOC and Incident Response Scanner
  • [208星][4m] [Shell] neo23x0/fenrir Simple Bash IOC Scanner






  • [630星][5m] [Py] binarydefense/artillery The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.


  • [3248星][2m] [C] nbs-system/naxsi NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
  • [3125星][17d] [C++] spiderlabs/modsecurity ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
  • [617星][2m] [Py] 3xp10it/xwaf waf 自动爆破(绕过)工具
  • [600星][3m] [Lua] jx-sec/jxwaf JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的web应用防火墙
  • [599星][1y] [Lua] unixhot/waf 使用Nginx+Lua实现的WAF(版本v1.0)
  • [543星][7m] [Py] s0md3v/blazy Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
  • [500星][1m] [Go] janusec/janusec Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing.
  • [462星][7m] [Java] chengdedeng/waf
  • [436星][2m] [PHP] akaunting/firewall Web Application Firewall (WAF) package for Laravel
  • [424星][8m] [Py] aws-samples/aws-waf-sample This repository contains example scripts and sets of rules for the AWS WAF service. Please be aware that the applicability of these examples to specific workloads may vary.
  • [406星][1m] [C#] jbe2277/waf Win Application Framework (WAF) is a lightweight Framework that helps you to create well structured XAML Applications.
  • [401星][7m] [Py] awslabs/aws-waf-security-automations This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
  • [401星][10m] [C] titansec/openwaf Web security protection system based on openresty
  • [243星][1y] [Py] warflop/cloudbunny CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
  • [207星][6m] [C] coolervoid/raptor_waf Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta


  • [4162星][2m] [Py] evilsocket/opensnitch opensnitch:Little Snitch 应用程序防火墙的 GNU/Linux 版本。(Little Snitch:Mac操作系统的应用程序防火墙,能防止应用程序在你不知道的情况下自动访问网络)
  • [3186星][1m] [Objective-C] objective-see/lulu LuLu is the free macOS firewall
  • [1515星][12d] [Java] ukanth/afwall AFWall+ (Android Firewall +) - iptables based firewall for Android
  • [1031星][9m] [Shell] firehol/firehol A firewall for humans...
  • [817星][4m] trimstray/iptables-essentials Iptables Essentials: Common Firewall Rules and Commands.
  • [545星][6m] [Go] sysdream/chashell Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
  • [449星][5m] [Shell] vincentcox/bypass-firewalls-by-dns-history Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.
  • [232星][4m] [Shell] essandess/macos-fortress Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
  • [220星][1y] [Go] maksadbek/tcpovericmp TCP implementation over ICMP protocol to bypass firewalls


  • [2874星][27d] [Zeek] zeek/zeek Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  • [2798星][1m] [C] ossec/ossec-hids ossec-hids:入侵检测系统
  • [1589星][1m] [Go] ysrc/yulong-hids 一款由 YSRC 开源的主机入侵检测系统
  • [1252星][1m] [C] oisf/suricata a network IDS, IPS and NSM engine
  • [524星][19d] [Py] 0kee-team/watchad AD Security Intrusion Detection System
  • [507星][4m] [C] decaf-project/decaf DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
  • [489星][7m] [Shell] stamusnetworks/selks A Suricata based IDS/IPS distro
  • [369星][6m] jnusimba/androidsecnotes some learning notes about Android Security
  • [278星][13d] [C] ebwi11/agentsmith-hids Low performance loss and by LKM technology HIDS tool, from E_Bwill.
  • [243星][1y] [Perl] mrash/psad psad:iptables 的入侵检测和日志分析(psad:Port Scan Attack Detector)
  • [220星][1m] [Py] secureworks/dalton dalton: 使用预定义/指定的规则, 针对IDS传感器(例如Snort/Suricata)进行网络数据包捕获







  • [1358星][5m] gitguardian/apisecuritybestpractices Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
  • [885星][21d] [Py] woj-ciech/leaklooker Find open databases - Powered by


  • [3217星][18d] [C] vanhauser-thc/thc-hydra 网络登录破解,支持多种服务
  • [1885星][1m] [Py] lanjelot/patator Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
  • [1042星][3m] [Py] landgrey/pydictor A powerful and useful hacker dictionary builder for a brute-force attack
  • [875星][2m] [Py] trustedsec/hate_crack hate_crack: 使用HashCat 的自动哈希破解工具
  • [789星][6m] [C] brendan-rius/c-jwt-cracker C 语言编写的 JWT 爆破工具
  • [780星][10m] [Py] mak-/parameth 在文件中(例如PHP 文件)暴力搜索GET 和 POST 请求的参数
  • [748星][4m] [Py] s0md3v/hash-buster Crack hashes in seconds.
  • [679星][7m] [Shell] 1n3/brutex Automatically brute force all services running on a target.
  • [625星][2m] [JS] animir/node-rate-limiter-flexible Node.js rate limit requests by key and protection from DDoS and Brute-Force attacks in process Memory, Redis, MongoDb, Memcached, MySQL, PostgreSQL, Cluster or PM
  • [619星][4m] [C#] shack2/snetcracker 超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
  • [606星][1y] [C] nfc-tools/mfoc Mifare Classic Offline Cracker
  • [551星][5m] [PHP] s3inlc/hashtopolis Hashcat wrapper, 用于跨平台分布式Hash破解
  • [546星][1y] [CSS] hashview/hashview 密码破解和分析工具
  • [516星][3m] [C] nmap/ncrack Ncrack network authentication tool
  • [507星][1m] [Py] pure-l0g1c/instagram Bruteforce attack for Instagram
  • [499星][3m] duyetdev/bruteforce-database Bruteforce database
  • [487星][1y] [C] mikeryan/crackle Crack and decrypt BLE encryption
  • [437星][1y] [C] ryancdotorg/brainflayer A proof-of-concept cracker for cryptocurrency brainwallets and other low entropy key alogrithms.
  • [435星][5m] [JS] coalfire-research/npk A mostly-serverless distributed hash cracking platform
  • [380星][25d] [Py] ticarpi/jwt_tool jwt_tool:测试,调整和破解JSON Web Token 的工具包
  • [351星][2m] [Py] denyhosts/denyhosts Automated host blocking from SSH brute force attacks
  • [307星][10m] [C] e-ago/bitcracker bitcracker:BitLocker密码破解器
  • [287星][11m] [Shell] cyb0r9/socialbox SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi
  • [265星][11m] [C] jmk-foofus/medusa Medusa is a speedy, parallel, and modular, login brute-forcer.
  • [256星][17d] [Shell] wuseman/emagnet Emagnet is a tool for find leaked databases with 97.1% accurate to grab mail + password together from pastebin leaks. Support for brute forcing spotify accounts, instagram accounts, ssh servers, microsoft rdp clients and gmail accounts
  • [250星][1y] [Py] avramit/instahack Instagram bruteforce tool
  • [246星][6m] [Go] ropnop/kerbrute A tool to perform Kerberos pre-auth bruteforcing
  • [245星][11m] [Shell] thelinuxchoice/instainsane Multi-threaded Instagram Brute Forcer (100 attemps at once)
  • [225星][2m] [Py] evilmog/ntlmv1-multi 修改NTLMv1/NTLMv1-ESS/MSCHAPv1 Hask, 使其可以在hashcat中用DES模式14000破解
  • [220星][6m] [Py] blark/aiodnsbrute Python 3.5+ DNS asynchronous brute force utility
  • [220星][11m] [Py] chris408/known_hosts-hashcat A guide and tool for cracking ssh known_hosts files with hashcat
  • [215星][7m] [Py] paradoxis/stegcracker Steganography brute-force utility to uncover hidden data inside files
  • [209星][1m] [C] hyc/fcrackzip A braindead program for cracking encrypted ZIP archives. Forked from
  • [203星][3m] [Py] isaacdelly/plutus An automated bitcoin wallet collider that brute forces random wallet addresses




  • [4591星][2m] [JS] beefproject/beef The Browser Exploitation Framework Project
  • [960星][8m] [Py] selwin/python-user-agents A Python library that provides an easy way to identify devices like mobile phones, tablets and their capabilities by parsing (browser) user agent strings.
  • [852星][3m] escapingbug/awesome-browser-exploit awesome list of browser exploitation tutorials
  • [450星][30d] [Py] globaleaks/tor2web Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
  • [446星][2m] m1ghtym0/browser-pwn An updated collection of resources targeting browser-exploitation.
  • [408星][2m] [Pascal] felipedaragon/sandcat 为渗透测试和开发者准备的轻量级浏览器, 基于Chromium和Lua
  • [290星][2m] xsleaks/xsleaks A collection of browser-based side channel attack vectors.
  • [215星][2m] [Py] icsec/airpwn-ng force the target's browser to do what we want
  • [212星][1y] [C#] djhohnstein/sharpweb .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.





内容为系统自动导出, 有任何问题请提issue

You can’t perform that action at this time.