Skip to content

andr6/awesome-stars

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 

Repository files navigation

Awesome Stars Awesome

A curated list of my GitHub stars! Generated by starred.

Contents

Assembly

Boo

Bro

C

C#

C++

  • ReversecLabs/C3 - Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
  • josh0xA/rrgen - A Header Only C++ Library for Storing Safe Pseudorandom Values into Modern Containers with Uniform Integer Distributions
  • mgeeky/ThreadStackSpoofer - Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
  • avast/retdec - RetDec is a retargetable machine-code decompiler based on LLVM.
  • sensepost/rattler - Automated DLL Enumerator
  • wbenny/mini-tor - proof-of-concept implementation of tor protocol using Microsoft CNG/CryptoAPI
  • epam/nfstrace - Network file system monitor and analyzer
  • ayoubfaouzi/al-khaser - Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
  • mandiant/flare-wmi -
  • psaneme/Kung-Fu-Malware -
  • screetsec/Brutal - Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powers
  • brndnmtthws/conky - Light-weight system monitor for X, Wayland, and other things, too
  • rampageX/paping - Automatically exported from code.google.com/p/paping

CSS

DIGITAL Command Language

Go

  • charmbracelet/crush - The glamourous AI coding agent for your favourite terminal 💘
  • opencode-ai/opencode - A powerful AI coding agent. Built for the terminal.
  • 0xrawsec/whids - Open Source EDR for Windows
  • analog-substance/arsenic - Pentesting tool to automate common op tasks and organize discovered data.
  • netbirdio/netbird - Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
  • piaolin/DetectDee - DetectDee: Hunt down social media accounts by username, email or phone across social networks.
  • pocketbase/pocketbase - Open Source realtime backend in 1 file
  • ollama/ollama - Get up and running with OpenAI gpt-oss, DeepSeek-R1, Gemma 3 and other models.
  • kgretzky/evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
  • projectdiscovery/katana - A next-generation crawling and spidering framework.
  • Pwn3rzs/HAK5-C2-License-Toolkit - Golang tool to help in forcing a license for HAK5 C2 Tool
  • tonywangcn/distributed-web-crawler - The Architecture of a Web Crawler: Building a Google-Inspired Distributed Web Crawler
  • tomnomnom/httprobe - Take a list of domains and probe for working HTTP and HTTPS servers
  • j3ssie/osmedeus - A Workflow Engine for Offensive Security
  • mudler/LocalAI - 🤖 The free, Open Source alternative to OpenAI, Claude and others. Self-hosted and local-first. Drop-in replacement for OpenAI, running on consumer-grade hardware. No GPU required. Runs gguf, tr
  • j3ssie/go-auxs - Collection of auxiliary command line tools
  • open-policy-agent/opa - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
  • aquasecurity/trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  • gravitational/teleport - The easiest, and most secure way to access and protect all of your infrastructure.
  • zarkones/XENA - XENA is an innovative C2 made fully in Go. With hacking automation features.
  • teler-sh/teler - Real-time HTTP Intrusion Detection
  • HavocFramework/Havoc - The Havoc Framework
  • projectdiscovery/nuclei - Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int
  • fin3ss3g0d/evilgophish - evilginx3 + gophish
  • j3ssie/metabigor - OSINT tools and more but without API key
  • ossf/package-analysis - Open Source Package Analysis
  • kensh1ro/Willie-C2 - A Golang implant that uses Discord as a C2 team server
  • BishopFox/sliver - Adversary Emulation Framework
  • nodauf/GoMapEnum - User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
  • FourCoreLabs/firedrill - firedrill is a malware simulation harness for evaluating your security controls
  • ma111e/melody - Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation.
  • sysdream/hershell - Hershell is a simple TCP reverse shell written in Go.
  • Tylous/ZipExec - A unique technique to execute binaries from a password protected zip
  • dreadl0ck/netcap - A framework for secure and scalable network traffic analysis - https://netcap.io
  • ropnop/kerbrute - A tool to perform Kerberos pre-auth bruteforcing
  • mushorg/glutton - Generic Low Interaction Honeypot
  • activecm/rita-legacy - Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
  • biggiesmallsAG/nightHawkResponse - Incident Response Forensic Framework
  • looterz/grimd - ⚡ fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers
  • asciimoo/wuzz - Interactive cli tool for HTTP inspection
  • dutchcoders/ares - Phishing toolkit for red teams and pentesters.
  • maliceio/malice - VirusTotal Wanna Be - Now with 100% more Hipster
  • EgeBalci/HERCULES - HERCULES is a special payload generator that can bypass antivirus softwares.
  • gophish/gophish - Open-Source Phishing Toolkit
  • future-architect/vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

HCL

  • RedTeamOperations/Red-Infra-Craft - RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create advanced phishing & payload infras

HTML

Inno Setup

Java

JavaScript

Jinja

  • splunk/attack_range - A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Jupyter Notebook

  • pathwaycom/llm-app - Ready-to-run cloud templates for RAG, AI pipelines, and enterprise search with live data. 🐳Docker-friendly.⚡Always in sync with Sharepoint, Google Drive, S3, Kafka, PostgreSQL, real-time data APIs, an
  • NirDiamant/RAG_Techniques - This repository showcases various advanced techniques for Retrieval-Augmented Generation (RAG) systems. RAG systems combine information retrieval with generative models to provide accurate and context
  • DataExpert-io/data-engineer-handbook - This is a repo with links to everything you'd ever want to learn about data engineering
  • fastai/fastai - The fastai deep learning library
  • rahulnyk/knowledge_graph - Convert any text to a graph of knowledge. This can be used for Graph Augmented Generation or Knowledge Graph based QnA
  • Cyb3r-Monk/Threat-Hunting-and-Detection - Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  • guipsamora/pandas_exercises - Practice your pandas skills!

MDX

  • mufeedvh/code2prompt - A CLI tool to convert your codebase into a single LLM prompt with source tree, prompt templating, and token counting.
  • phuocng/csslayout - A collection of popular layouts and patterns made with CSS. Now it has 100+ patterns and continues growing!

OCaml

Objective-C

Objective-J

Others

PHP

  • Krook9d/PurpleLab - PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules and undertake various security tasks, all accessible thro
  • lucthienphong1120/AIO-Pentesting - All in one Pentest methodologies - Tools and commands | Where compiled all common materials for pentester
  • chris-short/sptoolkit - Simple Phishing Toolkit is a super easy to install and use phishing framework built to help Information Security professionals find human vulnerabilities
  • Raikia/FiercePhish - FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
  • interference-security/empire-web - PowerShell Empire Web Interface
  • danielmiessler/SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensi
  • pentestgeek/phishing-frenzy - Ruby on Rails Phishing Framework
  • paragonie/awesome-appsec - A curated list of resources for learning about application security

Pascal

Perl

PowerShell

  • monnappa22/Garuda-framework - A comprehensive PowerShell-based threat hunting and incident response framework for Windows environments, built around Sysmon event analysis and forensic investigation capabilities.
  • mgeeky/ProtectMyTooling - Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with
  • ion-storm/sysmon-config - Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events w
  • ANSSI-FR/DFIR-O365RC - PowerShell module for Office 365 and Azure log collection
  • MalwareArchaeology/ARTHIR - ATT&CK Remote Threat Hunting Incident Response
  • sans-blue-team/DeepBlueCLI -
  • k8gege/PowerLadon - Ladon hacking Scanner for PowerShell, vulnerability / exploit / detection / MS17010/SmbGhost,Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC
  • Idov31/MrKaplan - MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
  • hak5/bashbunny-payloads - The Official Bash Bunny Payload Repository
  • BC-SECURITY/Empire - Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
  • mantvydasb/RedTeaming-Tactics-and-Techniques - Red Teaming Tactics and Techniques
  • danielbohannon/Revoke-Obfuscation - PowerShell Obfuscation Detection Framework
  • samratashok/nishang - Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
  • NytroRST/NetRipper - NetRipper - Smart traffic sniffing for penetration testers
  • nccgroup/redsnarf - RedSnarf is a pen-testing / red-teaming tool for Windows environments
  • samratashok/Kautilya - Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.
  • PowerShellMafia/PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework
  • curi0usJack/luckystrike - A PowerShell based utility for the creation of malicious Office macro documents.
  • davehull/Kansa - A Powershell incident response framework

Pug

Python

  • SuperClaude-Org/SuperClaude_Framework - A configuration framework that enhances Claude Code with specialized commands, cognitive personas, and development methodologies.
  • Aider-AI/aider - aider is AI pair programming in your terminal
  • davidwolverton/Splunk_to_Elastic_Security_LLM_Detection_Converter - Scripts used to convert Splunk detections to Elastic Security using OpenAI and Google Gemini
  • F3dai/Threat-intelligence-knowledge-graph - Generating Knowledge Graphs from cyber security reports with LLMs and neo4j
  • adeftriangga/AudiTTACK - AudiTT&CK-is a CLI tool that generates predictive cybersecurity audit checklists based on real-world threat actor behavior. It maps adversary TTPs (Tactics, Techniques, and Procedures) from the MITRE
  • hacksider/Deep-Live-Cam - real time face swap and one-click video deepfake with only a single image
  • anmolksachan/wayBackLister - A New Approach to Directory Bruteforce with WaybackLister v1.0
  • BerriAI/litellm - Python SDK, Proxy Server (LLM Gateway) to call 100+ LLM APIs in OpenAI format - [Bedrock, Azure, OpenAI, VertexAI, Cohere, Anthropic, Sagemaker, HuggingFace, Replicate, Groq]
  • elastic/detection-rules -
  • Mohammad-Mirasadollahi/ThinkingSOC - A new era for SOCs begins
  • TracecatHQ/tracecat - All-in-one automation platform (workflows, tables, cases) for security and IT teams. Open source Splunk SOAR / ServiceNow SecOps alternative.
  • Sakshamk17/Automated-bugbounty-scanner - A Python-based tool for automated bug bounty scanning. It performs subdomain enumeration, port scanning, and web scraping to help security researchers find vulnerabilities efficiently.
  • vivekbhatt3011/NucleiAutomationScript - Nuclei is an open-source vulnerability scanner that automates security testing using customizable YAML-based templates. It efficiently detects CVEs, misconfigurations, and exposures in web apps, APIs,
  • TheresAFewConors/Sooty - The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
  • Ayush7989/Automated-pentesting-Tool - CyberX is an AI-driven penetration testing tool that scans websites for open ports, SQL injection, XSS vulnerabilities, directory misconfigurations, subdomain enumeration, and dark web leaks.
  • LuckyStail/ZeroTrace - ZeroTrace is an all-in-one automated pentesting system designed to integrate a variety of scanning, exploitation, and reporting tools into a single framework. It helps penetration testers and security
  • suljov/ReconRunner - ReconRunner streamlines scanning by automating tasks for webapp pentest and organizing results for a more efficient experience.
  • Cinnamon/kotaemon - An open-source RAG-based tool for chatting with your documents.
  • unclecode/crawl4ai - 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & Scraper. Don't be shy, join here: https://discord.gg/jP8KfhDhyN
  • Pythagora-io/gpt-pilot - The first real AI developer
  • Alfredredbird/tookie-osint - Tookie is a advanced OSINT information gathering tool that finds social media accounts based on inputs.
  • franckferman/MetaDetective - 🕵️ Unleash Metadata Intelligence with MetaDetective. Your Assistant Beyond Metagoofil.
  • RUC-NLPIR/FlashRAG - ⚡FlashRAG: A Python Toolkit for Efficient RAG Research (WWW2025 Resource)
  • truefoundry/cognita - RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry
  • stanford-oval/storm - An LLM-powered knowledge curation system that researches a topic and generates a full-length report with citations.
  • neuml/txtai - 💡 All-in-one open-source AI framework for semantic search, LLM orchestration and language model workflows
  • zulip/zulip - Zulip server and web application. Open-source team chat that helps teams stay productive and focused.
  • protectai/vulnhuntr - Zero shot vulnerability discovery using LLMs
  • sherlock-project/sherlock - Hunt down social media accounts by username across social networks
  • gptme/gptme - Your agent in your terminal, equipped with local tools: writes code, uses the terminal, browses the web, vision.
  • osgil-defense/TARS - Using Agents To Automate Pentesting
  • Zarcolio/sitedorks - Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.
  • Natan-Asrat/crewai_trip_planner - Trip Planner | CrewAI | Groq
  • jgravelle/AutoGroq - AutoGroq is a groundbreaking tool that revolutionizes the way users interact with Autogen™ and other AI assistants. By dynamically generating tailored teams of AI agents based on your project requirem
  • albertan017/LLM4Decompile - Reverse Engineering: Decompiling Binary Code with Large Language Models
  • mrphrazer/reverser_ai - Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
  • St3v3nsS/MMSF - Massive Mobile Security Framework
  • jina-ai/serve - ☁️ Build multimodal AI applications with cloud-native stack
  • deepset-ai/haystack - AI orchestration framework to build customizable, production-ready LLM applications. Connect components (models, vector DBs, file converters) to pipelines or agents that can interact with your data. W
  • santosomar/AI-agents-for-cybersecurity - This repository contains resources and materials for the "AI Agents and Retrieval Augmented Generation (RAG) for Cybersecurity Operations" and other courses by Omar Santos.
  • topscoder/nuclei-wordfence-cve - The EXCLUSIVE Collection of 60,000+ Nuclei templates based on Wordfence intel. Daily updates for bulletproof WordPress security.
  • blacklanternsecurity/bbot - The recursive internet scanner for hackers. 🧡
  • naksyn/Pyramid - a tool to help operate in EDRs' blind spots
  • strnad/CrewAI-Studio - A user-friendly, multi-platform GUI for managing and running CrewAI agents and tasks. Supports Conda and virtual environments, no coding needed.
  • MervinPraison/PraisonAI - PraisonAI is a production-ready Multi AI Agents framework, designed to create AI Agents to automate and solve problems ranging from simple tasks to complex challenges. It provides a low-code solution
  • McGill-NLP/llm2vec - Code for 'LLM2Vec: Large Language Models Are Secretly Powerful Text Encoders'
  • mrwadams/stride-gpt - An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
  • GreyDGL/PentestGPT - A GPT-empowered penetration testing tool
  • yanniedog/Autocrew - Automatically create a crew and tasks for CrewAI
  • crewAIInc/crewAI - Framework for orchestrating role-playing, autonomous AI agents. By fostering collaborative intelligence, CrewAI empowers agents to work together seamlessly, tackling complex tasks.
  • neokd/NeoGPT - Chat effortlessly, execute commands, and interpret code with Llama3, Phi3, and more - your local AI assistant. Enjoy seamless interaction while ensuring ultimate privacy
  • Tib3rius/AutoRecon - AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
  • PromtEngineer/localGPT - Chat with your documents on your local device using GPT models. No data leaves your device and 100% private.
  • sensity-ai/dot - The Deepfake Offensive Toolkit
  • senran101604/sagemode - 👀Sagemode: Track and Unveil Online identities across social media platforms🕵️‍♂️
  • docker/genai-stack - Langchain + Docker + Neo4j + Ollama
  • aorumbayev/autogpt4all - 🛠️ User-friendly bash script for setting up and configuring your LocalAI server with the GPT4All for free! 💸
  • Significant-Gravitas/AutoGPT - AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.
  • AutoGPTQ/AutoGPTQ - An easy-to-use LLMs quantization package with user-friendly apis, based on GPTQ algorithm.
  • deep-floyd/IF -
  • OpenMOSS/MOSS - An open-source tool-augmented conversational language model from Fudan University
  • BishopFox/eyeballer - Convolutional neural network for analyzing pentest screenshots
  • crond-jaist/AutoPentest-DRL - AutoPentest-DRL: Automated Penetration Testing Using Deep Reinforcement Learning
  • RomanRII/jenkins-strike - Cobalt Strike profile generator using Jenkins to automate the heavy lifting
  • AUTOMATIC1111/stable-diffusion-webui - Stable Diffusion web UI
  • mazen160/secrets-patterns-db - Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
  • bublint/ue5-llama-lora - A proof-of-concept project that showcases the potential for using small, locally trainable LLMs to create next-generation documentation tools.
  • freedmand/semantra - Multi-tool for semantic search
  • oobabooga/text-generation-webui - LLM UI with advanced features, easy setup, and multiple backend support.
  • Significant-Gravitas/Auto-GPT-Plugins - Plugins for Auto-GPT
  • zetavg/LLaMA-LoRA-Tuner - UI tool for fine-tuning and testing your own LoRA models base on LLaMA, GPT-J and more. One-click run on Google Colab. + A Gradio ChatGPT-like Chat UI to demonstrate your language models.
  • jofpin/trape - People tracker on the Internet: OSINT analysis and research tool by Jose Pino
  • soxoj/maigret - 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites
  • p0dalirius/Coercer - A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
  • Xyntax/Drystan - Automated information gathering tool for pentest
  • t3l3machus/Villain - Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them
  • atenreiro/opensquat - The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
  • termuxhackers-id/SIGIT - SIGIT - Simple Information Gathering Toolkit
  • OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
  • sinwindie/OSINT - Collections of tools and methods created to aid in OSINT collection
  • gyoisamurai/GyoiThon - GyoiThon is a growing penetration test tool using Machine Learning.
  • Azure/Azure-Sentinel - Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  • jstnk9/ETW-Almulahaza - ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  • GamehunterKaan/AutoPWN-Suite - AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
  • ExpLangcn/agartha - a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http req
  • AvalZ/WAF-A-MoLE - A guided mutation-based fuzzer for ML-based Web Application Firewalls
  • blacklanternsecurity/MANSPIDER - Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!
  • SubGlitch1/OSRipper - AV evading OSX Backdoor and Crypter Framework
  • p1ngul1n0/blackbird - An OSINT tool to search for accounts by username and email in social networks.
  • abdulkadir-gungor/JPGtoMalware - It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in t
  • jarun/ddgr - 🦆 DuckDuckGo from the terminal
  • tropChaud/webpage2attack - Generate portable TTP intelligence from a web-based report
  • password123456/malwarescanner - Simple Malware Scanner written in python
  • medpaf/hawk - Network, recon and offensive-security tool for Linux.
  • offensive-hub/black-widow - GUI based offensive penetration testing tool (Open Source)
  • ericpd/hook-pentester - HOOK-Worm Pentest the Modern Web
  • ksharinarayanan/SourceWolf - Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
  • iperov/DeepFaceLive - Real-time face swap for PC streaming or video calls
  • signorrayan/RedTeam_toolkit - Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
  • kurogai/deepweb-scappering - Discover hidden deepweb pages
  • vil/H4X-Tools - Open source toolkit for scraping, OSINT and more.
  • tasos-py/Search-Engines-Scraper - Search google, bing, yahoo, and other search engines with python
  • DinoTools/dionaea - Home of the dionaea honeypot
  • emalderson/ThePhish - ThePhish: an automated phishing email analysis tool
  • sowdust/tafferugli - Tafferugli is a Twitter Analysis Framework
  • gokulapap/Reconator - Automated Recon for Pentesting & Bug Bounty
  • IR0DayToday/Xerosploit-PY3 - Xerosploit based on python3 rooling done !
  • Lucksi/Mr.Holmes - A Complete Osint Tool 🔍
  • v4d1/Dome - Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
  • krabelize/icmpdoor - ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)
  • Intellisec-Solutions/Sentinel2D3FEND - This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defenses
  • fortra/impacket - Impacket is a collection of Python classes for working with network protocols.
  • josh0xA/darkdump - Open Source Intelligence Interface for Deep Web Scraping
  • dlegs/php-jpeg-injector - Injects php payloads into jpeg images
  • CorentinJ/Real-Time-Voice-Cloning - Clone a voice in 5 seconds to generate arbitrary speech in real-time
  • nccgroup/Winpayloads - Undetectable Windows Payload Generation
  • aslitsecurity/CVE-2021-40444_builders - This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit
  • MindPatch/scant3r - ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
  • knownsec/pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
  • calebstewart/pwncat - Fancy reverse and bind shell handler
  • cytopia/badchars - Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
  • tristanlatr/burpa - Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).
  • VoidSec/Exploit-Development - Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  • SusmithKrishnan/torghost - TorGhost is an anonymization script. TorGhost redirects all internet traffic through SOCKS5 tor proxy. DNS requests are also redirected via tor, thus preventing DNSLeak. The scripts also disables unsa
  • capt-meelo/Beaconator - A beacon generator using Cobalt Strike and a variety of tools.
  • jonaswinkler/paperless-ng - A supercharged version of paperless: scan, index and archive all your physical documents
  • nsacyber/WALKOFF - A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber
  • 0xZDH/o365spray - Username enumeration and password spraying tool aimed at Microsoft O365.
  • pstirparo/mac4n6 - Collection of forensics artifacts location for Mac OS X and iOS
  • alexandreborges/malwoverview - Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa
  • khast3x/h8mail - Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
  • mitre/caldera - Automated Adversary Emulation Platform
  • dievus/threader3000 - Multi-threaded Python Port Scanner with Nmap Integration
  • bee-san/Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
  • buffer/thug - Python low-interaction honeyclient
  • pwnlandia/mhn - Modern Honey Network
  • paralax/awesome-honeypots - an awesome list of honeypot resources
  • intelowlproject/IntelOwl - IntelOwl: manage your Threat Intelligence at scale
  • mushorg/tanner - He who flays the hide
  • Raikia/Kali-Setup - Script for Kali that adds a bunch of tools and customizes it to be much better
  • infosecn1nja/MaliciousMacroMSBuild - Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
  • s0md3v/Photon - Incredibly fast crawler designed for OSINT.
  • kevthehermit/VolUtility - Web App for Volatility framework
  • CIRCL/url-abuse - URL Abuse - A Versatile Software for URL review, analysis and black-list reporting
  • log2timeline/plaso - Super timeline all the things
  • thinkst/opencanary - Modular and decentralised honeypot
  • foospidy/HoneyPy - A low to medium interaction honeypot.
  • AlessandroZ/LaZagne - Credentials recovery project
  • warquel/ppdecode - Proofpoint URL Decoder
  • SpamScope/spamscope - Fast Advanced Spam Analysis Tool
  • phin3has/mailoney - An SMTP Honeypot
  • cryptolok/MorphAES - IDPS & SandBox & AntiVirus STEALTH KILLER. MorphAES is the world's first polymorphic shellcode engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for a
  • G4LB1T/SmoothCriminal - Detect sandbox by cursor movement speed
  • Mr-Un1k0d3r/DKMC - DKMC - Dont kill my cat - Malicious payload evasion tool
  • doomedraven/VirusTotalApi - VirusTotal Full api
  • SySS-Research/Seth - Perform a MitM attack and extract clear text credentials from RDP connections
  • trustedsec/nps_payload - This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (@Spoonman1091) Payload
  • AonCyberLabs/Windows-Exploit-Suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploit
  • D4Vinci/Dr0p1t-Framework - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
  • spcampbell/FireStic - A Python script for indexing (putting) FireEye alert data into Elasticsearch...and notifying you too.
  • t4d/PhishingKitHunter - Find phishing kits which use your brand/organization's files and image.
  • vesche/scanless - online port scan scraper
  • stamparm/DSSS - Damn Small SQLi Scanner
  • bhdresh/CVE-2017-0199 - Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious R
  • netzob/netzob - Netzob: Protocol Reverse Engineering, Modeling and Fuzzing
  • z0noxz/powerstager - A payload stager using PowerShell
  • Miserlou/omnihash - Hash files, strings, input streams and network resources in various common algorithms simultaneously
  • kgretzky/evilginx - PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
  • roj4s/Malshare-Crawler - A CGI program that consumes from the malshare.com API alowing to obtain info and to download malware samples.
  • HarryR/maltrieve - A tool to retrieve malware directly from the source for security researchers.
  • maltelligence/maltelligence - a Malware/Threat Analyst Desktop
  • clausing/scripts -
  • certsocietegenerale/fame - FAME Automates Malware Evaluation
  • yeti-platform/yeti - Your Everyday Threat Intelligence
  • smxlabs/LAMMA-beta - Vulnerability Assessment and Auditing Framework for all the Crypto Implementations.
  • PayloadSecurity/VxAPI - A generic interface and CLI for all endpoints of the Falcon Sandbox API
  • Neo23x0/Loki - Loki - Simple IOC and YARA Scanner
  • Neo23x0/yarAnalyzer - Yara Rule Analyzer and Statistics
  • Pepitoh/VBad - VBA Obfuscation Tools combined with an MS office document generator
  • kevthehermit/malwareconfig-miner - MineMeld Miner for Malwareconfig.com C2 Domains
  • kevthehermit/DuckToolkit - Encoding Tools for Rubber Ducky
  • tehsyntx/loffice - Lazy Office Analyzer
  • ChrisRimondi/VulntoES - Vulnerability Data in ES
  • xme/mail2ioc - Fork of ioc_parser script to extract IOC's from emails
  • itsreallynick/office-crackros - Crack your macros like the math pros.
  • michael-yip/ThreatTracker - ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.
  • cysinfo/PyMal - PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and Volatility.
  • PUNCH-Cyber/stoq - An open source framework for enterprise level automated analysis.
  • nsmfoo/antivmdetection - Script to create templates to use with VirtualBox to make vm detection harder
  • phage-nz/ph0neutria - ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability.
  • EmersonElectricCo/fsf - File Scanning Framework
  • jesparza/peepdf - Powerful Python tool to analyze PDF documents
  • Veil-Framework/Veil - Veil 3.1.X (Check version info in Veil at runtime)
  • SigmaHQ/sigma - Main Sigma Rule Repository
  • swisskyrepo/PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  • sethlaw/sputr - Security Payload Unit Test Repository (SPUTR)
  • byt3bl33d3r/gcat - A PoC backdoor that uses Gmail as a C&C server
  • decalage2/exefilter - ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats and can remove active content (scripts, macros, etc) according
  • RoliSoft/ReconScan - Network reconnaissance and vulnerability assessment tools.
  • williballenthin/EVTXtract - EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  • moranned/hostnameFinder - Tool to discover previously unknown hosts at known domains
  • nathanlopez/Stitch - Python Remote Administration Tool (RAT)
  • FSecureLABS/wePWNise - WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.
  • Veil-Framework/Veil-Evasion - Veil Evasion is no longer supported, use Veil 3.0!
  • trustedsec/unicorn - Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented
  • tomchop/malcom - Malcom - Malware Communications Analyzer
  • wifiphisher/wifiphisher - The Rogue Access Point Framework
  • StevenBlack/hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
  • FeeiCN/Cobra - Source Code Security Audit (源代码安全审计)
  • RUB-NDS/PRET - Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
  • hatching/vmcloak - Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
  • google/glazier - A tool for automating the installation of the Microsoft Windows operating system on various device platforms.
  • ThomasTJdev/WMD - Python framework for IT security tools
  • cldrn/rainmap-lite - Rainmap Lite - Responsive web based interface that allows users to launch Nmap scans from their mobiles/tablets/web browsers!
  • HPE-AppliedSecurityResearch/maltese - Maltese - Malware Traffic Emulator
  • Genetic-Malware/Ebowla - Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
  • sensepost/DET - (extensible) Data Exfiltration Toolkit (DET)
  • DataSploit/datasploit - An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
  • tkmru/maruko - malware crawler inspired by 'ちびまる子ちゃん'
  • ivre/ivre - Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, colle
  • GoSecure/malboxes - Builds malware analysis Windows VMs so that you don't have to.
  • joxeankoret/cosa-nostra - Cosa Nostra, a FOSS graph based malware clusterization toolkit.
  • mozilla/MozDef - DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
  • abdesslem/malwareHunter - Static and automated/dynamic malware analysis
  • mkorman90/VolatilityBot - VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  • google/rekall - Rekall Memory Forensic Framework
  • keithjjones/hostintel - A modular Python application to collect intelligence for malicious hosts.
  • entropy1337/infernal-twin - wireless hacking - This is automated wireless hacking tool
  • decalage2/ViperMonkey - A VBA parser and emulation engine to analyze malicious macros.
  • kbandla/dpkt - fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
  • HurricaneLabs/machinae - Machinae Security Intelligence Collector
  • robbyFux/Ragpicker - Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.
  • DidierStevens/DidierStevensSuite - Please no pull requests for this repository. Thanks!
  • sensepost/autoDANE - Auto Domain Admin and Network Exploitation.
  • secrary/SSMA - SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]
  • nheijmans/malzoo - Mass static malware analysis tool
  • byt3bl33d3r/CrackMapExec - A swiss army knife for pentesting networks
  • jzadeh/aktaion - Aktaion: Open Source ML tool and data samples for Exploit and Phishing Research
  • codexgigassys/codex-backend - Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in malware hunting.
  • lolwaleet/BannerGrab - ~ BannerGrab
  • johnnykv/heralding - Credentials catching honeypot
  • stamparm/maltrail - Malicious traffic detection system
  • secretsquirrel/the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
  • secretsquirrel/recomposer - Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
  • rfunix/Pompem - Find exploit tool
  • averagesecurityguy/blue - Scripts that are suited for blue teams
  • averagesecurityguy/scripts - Scripts I use during pentest engagements.
  • trustedsec/tap - The TrustedSec Attack Platform is a reliable method for droppers on an infrastructure in order to ensure established connections to an organization.
  • trustedsec/ptf - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
  • joxeankoret/multiav - MultiAV scanner with Python and JSON API. Disclaimer: I don't maintain it any more.
  • ciscocsirt/malspider - Malspider is a web spidering framework that detects characteristics of web compromises.
  • Ptr32Void/OSTrICa -
  • mandiant/flare-floss - FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  • mandiant/flare-fakenet-ng - FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  • usableprivacy/upribox - Usable Privacy Box
  • decalage2/olefile - olefile is a Python package to parse, read and write Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office 97-20
  • decalage2/oletools - oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
  • rsmusllp/king-phisher - Phishing Campaign Toolkit
  • tatanus/SPF - SpeedPhishing Framework
  • openwpm/OpenWPM - A web privacy measurement framework
  • EC-DIGIT-CSIRC/VirusTotal-Tools -
  • pevma/rule2alert - Improvements of/over the original rule2alert
  • TravisFSmith/SweetSecurity - Network Security Monitoring on Raspberry Pi type devices
  • google/grr - GRR Rapid Response: remote live forensics for incident response
  • spender-sandbox/cuckoo-modified - Modified edition of cuckoo
  • monnappa22/Limon - Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux ma
  • iniqua/plecost - Plecost - Wordpress finger printer Tool
  • kevthehermit/RATDecoders - Python Decoders for Common Remote Access Trojans
  • brad-sp/community-modified - Modified edition of cuckoo community modules
  • brad-sp/cuckoo-modified - Modified edition of cuckoo
  • 504ensicsLabs/DAMM - Differential Analysis of Malware in Memory
  • wmetcalf/buildcuckoo-trusty - A dumb set of scripts for building a cuckoo rig
  • seanthegeek/phishforall - A USB phishing evaluation platform
  • seanthegeek/etupdate - Updates the Emerging Threats open ruleset for Suricata
  • Neo23x0/yarGen - yarGen is a generator for YARA rules
  • crits/crits_services - CRITs Services Collection
  • PaulSec/twittor - A fully featured backdoor that uses Twitter as a C&C server
  • n1nj4sec/pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
  • davidoren/CuckooSploit - An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.
  • ChrisTruncer/PenTestScripts - Scripts that are useful for me on pen tests
  • galkan/crowbar - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
  • jtibaquira/nsearch - minimal script to help find script into the nse database
  • galkan/tools - Tools that are related to pentest and network security
  • RedSiege/Just-Metadata - Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
  • byt3bl33d3r/MITMf - Framework for Man-In-The-Middle attacks
  • galkan/flashlight - Pentesters spend too much time during information gathering phase. Flashlight (Fener) provides services to scan network/ports and gather information rapidly on target networks. So Flashlight should be
  • omriher/CapTipper - Malicious HTTP traffic explorer
  • Rurik/Noriben - Noriben - Portable, Simple, Malware Analysis Sandbox
  • idanr1986/cuckoo-droid - CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox.

Roff

  • uschtwill/docker_monitoring_logging_alerting - Docker host and container monitoring, logging and alerting out of the box using cAdvisor, Prometheus, Grafana for monitoring, Elasticsearch, Kibana and Logstash for logging and elastalert and Alertman

Ruby

  • spree/spree - An open source eCommerce platform giving you full control and customizability. Modular and API-first. Multi-vendor, multi-tenant, multi-store, multi-currency, multi-language. Built using Ruby on Rails
  • ronin-rb/ronin - Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git rep
  • coolacid/logstash-filter-virustotal - Virustotal Lookup filter for Logstash
  • rastating/wordpress-exploit-framework - A Ruby framework designed to aid in the penetration testing of WordPress systems.
  • presidentbeef/brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications
  • philhagen/sof-elk - Configuration files for the SOF-ELK VM

Rust

  • cisagov/thorium - A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale.
  • openai/codex - Lightweight coding agent that runs in your terminal
  • wssheldon/osintui - OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys
  • matanolabs/matano - Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
  • WithSecureLabs/chainsaw - Rapidly Search and Hunt through Windows Forensic Artefacts
  • mttaggart/OffensiveNotion - Notion as a platform for offensive operations
  • das-labor/panopticon - A libre cross-platform disassembler.

SCSS

Scala

Shell

Smali

TeX

TypeScript

  • cyproxio/mcp-for-security - MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workfl
  • ChatGPTNextWeb/NextChat - ✨ Light and Fast AI Assistant. Support: Web | iOS | MacOS | Android | Linux | Windows
  • stackblitz-labs/bolt.diy - Prompt, run, edit, and deploy full-stack web applications using any LLM you want!
  • lifeart/code2prompt - Code to Prompt generator
  • firecrawl/firecrawl - The Web Data API for AI - Turn entire websites into LLM-ready markdown or structured data 🔥
  • twentyhq/twenty - Building a modern alternative to Salesforce, powered by the community.
  • danny-avila/LibreChat - Enhanced ChatGPT Clone: Features Agents, DeepSeek, Anthropic, AWS, OpenAI, Responses API, Azure, Groq, o1, GPT-5, Mistral, OpenRouter, Vertex AI, Gemini, Artifacts, AI model switching, message search,
  • ItzCrazyKns/Perplexica - Perplexica is an AI-powered search engine. It is an Open source alternative to Perplexity AI
  • Lissy93/personal-security-checklist - 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
  • infiniflow/ragflow - RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding.
  • webstudio-is/webstudio - Open source website builder and Webflow alternative. Webstudio is an advanced visual builder that connects to any headless CMS, supports all CSS properties, and can be hosted anywhere, including with
  • rowyio/rowy - Low-code backend platform. Manage database on spreadsheet-like UI and build cloud functions workflows in JS/TS, all in your browser.
  • streetwriters/notesnook - A fully open source & end-to-end encrypted note taking alternative to Evernote.
  • outline/outline - The fastest knowledge base for growing teams. Beautiful, realtime collaborative, feature packed, and markdown compatible.
  • hackerai-tech/PentestGPT - AI-Powered Penetration Testing Assistant
  • Onelevenvy/flock - Flock is a workflow-based low-code platform for rapidly building chatbots, RAG, and coordinating multi-agent teams, powered by LangGraph, Langchain, FastAPI, and NextJS.(Flock 是一个基于workflow工作流的低代码平台,用
  • Lissy93/web-check - 🕵️‍♂️ All-in-one OSINT tool for analysing any website
  • Eng-Elias/CrewAI-Visualizer - Interactive user interface for CrewAI package.
  • upscayl/upscayl - 🆙 Upscayl - #1 Free and Open Source AI Image Upscaler for Linux, MacOS and Windows.
  • SiriusScan/Sirius -
  • FlowiseAI/Flowise - Build AI Agents, Visually
  • ConvoStack/convostack - Plug and play embeddable AI chatbot widget and backend deployment framework
  • reworkd/AgentGPT - 🤖 Assemble, configure, and deploy autonomous AI Agents in your browser.
  • mayooear/ai-pdf-chatbot-langchain - AI PDF chatbot agent built with LangChain & LangGraph
  • LasCC/HackTools - The all-in-one browser extension for offensive security professionals 🛠
  • JS-Encoder/JS-Encoder - 一个前端在线编辑器,且致力于成为一个方便、快速的在线 Web 实例开发、调试工具。使用 Vue3 和 Codemirror6 构建。
  • undergroundwires/privacy.sexy - Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
  • brimdata/zui - Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.
  • laurent22/joplin - Joplin - the privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS.

VBA

Vim Script

Visual Basic

Vue

XSLT

YARA

  • Xumeiquer/yara-forensics - Set of Yara rules for finding files using magics headers
  • Neo23x0/signature-base - YARA signature and IOC database for my scanners and tools
  • decalage2/balbuzard - Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can als
  • Yara-Rules/rules - Repository of yara rules

Zeek

Zig

  • ziglang/zig - General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

License

CC0

To the extent possible under law, andr6 has waived all copyright and related or neighboring rights to this work.

About

A curated list of my GitHub stars!

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors