A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

C 13,007 1,564 Updated Nov 5, 2025

redcanaryco / atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

C 11,179 2,992 Updated Nov 6, 2025

vanhauser-thc / thc-hydra

hydra

C 11,117 2,311 Updated Oct 11, 2025

shellphish / how2heap

A repository for learning various heap exploitation techniques.

C 8,171 1,229 Updated Oct 29, 2025

open-sdr / openwifi

open-source IEEE 802.11 WiFi baseband FPGA (chip) design: driver, software

C 4,401 735 Updated Nov 6, 2025

TheWover / donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

C 4,286 716 Updated Jul 8, 2025

google / security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

C 4,245 500 Updated Nov 6, 2025

NLnetLabs / unbound

Unbound is a validating, recursive, and caching DNS resolver.

C 3,957 411 Updated Nov 6, 2025

gtworek / PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

C 3,414 549 Updated Oct 20, 2025

panda-re / panda

Platform for Architecture-Neutral Dynamic Analysis

C 2,677 499 Updated Nov 2, 2025

risinek / esp32-wifi-penetration-tool

Exploring possibilities of ESP32 platform to attack on nearby Wi-Fi networks.

C 2,622 414 Updated Feb 18, 2024

r4j0x00 / exploits

C 2,506 687 Updated Jan 2, 2023

bats3c / shad0w

A post exploitation framework designed to operate covertly on heavily monitored environments

C 2,160 336 Updated Sep 29, 2021

topotam / PetitPotam

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

C 2,111 295 Updated Aug 15, 2024

fortra / nanodump

The swiss army knife of LSASS dumping

C 2,022 256 Updated Sep 17, 2024

phra / PEzor

Open-Source Shellcode & PE Packer

C 2,017 334 Updated Feb 3, 2024

microsoft / SysmonForLinux

Sysmon for Linux

C 1,993 208 Updated Jul 3, 2025

504ensicsLabs / LiME

LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquir…

C 1,889 357 Updated Aug 18, 2025

netero1010 / EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

C 1,768 229 Updated Nov 3, 2024

hackerschoice / gsocket

Connect like there is no firewall. Securely.

C 1,758 156 Updated Sep 27, 2025

wavestone-cdt / EDRSandblast

C 1,733 306 Updated Aug 30, 2024

Mr-Un1k0d3r / SCShell

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

C 1,560 254 Updated Jul 10, 2023

cnlohr / channel3

ESP8266 Analog Broadcast Television Interface

C 1,544 165 Updated Nov 1, 2025

Yaxser / Backstab

A tool to kill antimalware protected processes

C 1,483 249 Updated Jun 19, 2021

antonioCoco / RemotePotato0

Windows Privilege Escalation from User to Domain Admin.

C 1,421 222 Updated Dec 18, 2022

outflanknl / C2-Tool-Collection

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

C 1,305 209 Updated Oct 27, 2023

trustedsec / trevorc2

TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.

C 1,301 278 Updated Jan 31, 2022

BEWNIAC bewniac

Organizations

Lists (32)

Automation

Automotive

Azure

Blue team

C2

Cloud

Coding

Containers

CTI

CVE

Dorks

fuzzing

Hardware

Linux

Lists

Malware development

MCP

Misc

ML/AI

Mobile

Networking

OSINT

Phishing

Purple team

Reconnaissance

Red team

Reporting

Source code analysis

Training

Web

Wifi

Windows

Stars