Top 50 Awesome List

carpedm20/awesome-hacking

Security  4 months ago  8.4k
A curated list of awesome Hacking tutorials, tools and resources
View byDAY/WEEK/README
View on Github

Feb 28th - Mar 6th, 2022

Online resources

  • Security related Operating Systems @ Rawsec - Complete list of security related operating systems
  • ETC

  • Rawsec's CyberSecurity Inventory - An open-source inventory of tools, resources, CTF platforms and Operating Systems about CyberSecurity. (Source)
  • Oct 18th - Oct 24th, 2021

    Tools

  • Decompiler.com - Java, Android, Python, C# online decompiler.
  • Oct 4th - Oct 10th, 2021

    Web

  • TryHackMe - Hands-on cyber security training through real-world scenarios.
  • Sep 13th - Sep 19th, 2021

    Tutorials

  • Roppers Computing Fundamentals
    • Free, self-paced curriculum that builds a base of knowledge in computers and networking. Intended to build up a student with no prior technical knowledge to be confident in their ability to learn anything and continue their security education. Full text available as a gitbook.
  • General

  • Roppers CTF Fundamentals Course - Free course designed to get a student crushing CTFs as quickly as possible. Teaches the mentality and skills required for crypto, forensics, and more. Full text available as a gitbook.
  • ETC

  • Roppers Security Fundamentals - Free course that teaches a beginner how security works in the real world. Learn security theory and execute defensive measures so that you are better prepared against threats online and in the physical world. Full text available as a gitbook.
  • May 24th - May 30th, 2021

    Tools

  • Netzstars330 - Discover internet-wide misconfigurations, using zgrab2 and others.
  • Feb 15th - Feb 21st, 2021

    Tools

  • RustScanstars6.5k - Extremely fast port scanner built with Rust, designed to scan all ports in a couple of seconds and utilizes nmap to perform port enumeration in a fraction of the time.
  • CSP Scanner - Analyze a site's Content-Security-Policy (CSP) to find bypasses and missing directives.
  • Nov 2nd - Nov 8th, 2020

    Tutorials

  • Lena151: Reversing With Lena
  • Exploit Writing Tutorials for Pentesters
  • Tools

    Docker Images for Penetration Testing & Security

  • `docker pull metasploitframework/metasploit-framework
  • Oct 19th - Oct 25th, 2020

    Tools

    Disassemblers and debuggers

  • Ghidra - A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
  • Sep 28th - Oct 4th, 2020

    Tools

  • Git-Scannerstars265 - A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
  • Competition

  • prompt(1) to win - XSS Challenges
  • Tools

    Other

  • Kaitai Structstars3k - a DSL for creating parsers in a variety of programming languages. The Web IDE is particularly useful for reverse-engineering.
  • Aug 24th - Aug 30th, 2020

    Tools

  • PhpSploitstars1.7k - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner
  • Aug 3rd - Aug 9th, 2020

    Cryptography

    Tools

  • Cipheystars10.1k - Automated decryption tool using artificial intelligence & natural language processing.
  • May 18th - May 24th, 2020

    Tutorials

  • Shells
  • Missing Semester
  • Tools

  • Hackers tools - Tutorial on tools.
  • Apr 6th - Apr 12th, 2020

    Tools

  • Scapystars72 - A Python tool and library for low level packet creation and manipulation
  • Nov 11th - Nov 17th, 2019

    Tools

  • Spyse - Data gathering service that collects web info using OSINT. Provided info: IPv4 hosts, domains/whois, ports/banners/protocols, technologies, OS, AS, maintains huge SSL/TLS DB, and more... All the data is stored in its own database allowing get the data without scanning.
  • Findsubdomains - A subdomains discovery tool that collects all possible subdomains from open source internet and validates them through various tools to provide accurate results.
  • Oct 14th - Oct 20th, 2019

    Competition

  • HackTheBox
  • tools

  • ebowlastars682 - Framework for Making Environmental Keyed Payloads
  • Oct 7th - Oct 13th, 2019

    Tools

  • IPED - Indexador e Processador de Evidências Digitais - Brazilian Federal Police Tool for Forensic Investigation
  • System

  • HackingLab
  • Sep 30th - Oct 6th, 2019

    Web

  • fuzzy.land - Website by an Austrian group. Lots of challenges taken from CTFs they participated in.
  • Sep 2nd - Sep 8th, 2019

    Tools

  • findsubdomains - really fast subdomains scanning service that has much greater opportunities than simple subs finder(works using OSINT).
  • cirt-fuzzer - A simple TCP/UDP protocol fuzzer.
  • ASlookup - a useful tool for exploring autonomous systems and all related info (CIDR, ASN, Org...)
  • Aug 5th - Aug 11th, 2019

    tools

  • PowerSploitstars9.6k - A PowerShell post exploitation framework
  • Jun 10th - Jun 16th, 2019

    Tools

    Decompilers

  • JD-GUIstars11.3k
  • Python
  • Tools

    Hex editors

  • Synalize It/Hexinator -
  • Competition

  • Pico CTF
  • Mar 4th - Mar 10th, 2019

    General

  • Strong node.jsstars463 - An exhaustive checklist to assist in the source code security analysis of a node.js web service.
  • Nov 12th - Nov 18th, 2018

    Tools

  • badtouchstars324 - Scriptable network authentication cracker
  • sniffgluestars849 - Secure multithreaded packet sniffer
  • Oct 29th - Nov 4th, 2018

    Bug bounty - Earn Some Money

  • Bugcrowd
  • Hackerone
  • Oct 15th - Oct 21st, 2018

    Tools

    Disassemblers and debuggers

  • x64dbgstars38.7k - An open-source x64/x32 debugger for Windows
  • Capstonestars5.7k
  • Tools

    Decompilers

  • JVM-based languages
  • Krakataustars1.6k - the best decompiler I have used. Is able to decompile apps written in Scala and Kotlin into Java code. JD-GUI and Luyten have failed to do it fully.
  • procyon
    • Luytenstars4.4k - one of the best, though a bit slow, hangs on some binaries and not very well maintained.
  • JAD - JAD Java Decompiler (closed-source, unmaintained)
  • JADXstars30.6k - a decompiler for Android apps. Not related to JAD.
  • .net-based languages
    • dotPeek - a free-of-charge .NET decompiler from JetBrains
    • ILSpystars15.3k - an open-source .NET assembly browser and decompiler
    • dnSpystars21k - .NET assembly editor, decompiler, and debugger
  • native code
  • Tools

    Deobfuscators

  • de4dotstars5.8k - .NET deobfuscator and unpacker.
  • JS Beautifierstars7.8k
  • JS Nice - a web service guessing JS variables names and types based on the model derived from open source.
  • Tools

    Other

  • nudge4jstars149 - Java tool to let the browser talk to the JVM
  • dex2jarstars9.9k - Tools to work with Android .dex and Java .class files
  • androguard - Reverse engineering, malware and goodware analysis of Android applications
  • antinetstars265 - .NET anti-managed debugger and anti-profiler code
  • UPX - the Ultimate Packer (and unpacker) for eXecutables
  • Tools

    Execution logging and tracing

  • Wireshark - A free and open-source packet analyzer
  • tcpdump - A powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture
  • mitmproxystars28k - An interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface
  • Charles Proxy - A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic
  • usbmon - USB capture for Linux.
  • USBPcapstars668 - USB capture for Windows.
  • dynStructstars289 - structures recovery via dynamic instrumentation.
  • drltracestars328 - shared library calls tracing.
  • Tools

    Hex editors

  • HxD - A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size
  • WinHex - A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security
  • wxHexEditorstars437
  • Tools

    Other

  • Binwalkstars8.3k - Detects signatures, unpacks archives, visualizes entropy.
  • Velesstars846 - a visualizer for statistical properties of blobs.
  • Protobuf inspectorstars700
  • DarunGrimstars353 - executable differ.
  • DBeaverstars27k - a DB editor.
  • Dependenciesstars5k - a FOSS replacement to Dependency Walker.
  • PEview - A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files
  • BinText - A small, very fast and powerful text extractor that will be of particular interest to programmers.
  • Oct 8th - Oct 14th, 2018

    tools

  • empirestars6.5k - A post exploitation framework for powershell and python.
  • silenttrinitystars1.9k - A post exploitation tool that uses iron python to get past powershell restrictions.
  • Aug 27th - Sep 2nd, 2018

    Tools

  • Nipestars1.4k - A script to make Tor Network your default gateway.
  • Jul 23rd - Jul 29th, 2018

    Tools

  • Amassstars7.3k - In-depth subdomain enumeration tool that performs scraping, recursive brute forcing, crawling of web archives, name altering and reverse DNS sweeping
  • Jun 25th - Jul 1st, 2018

    Tools

  • NoSQLMapstars2.1k - Automated NoSQL database enumeration and web application exploitation tool.
  • VHostScanstars944 - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
  • SubFinderstars5.7k - SubFinder is a subdomain discovery tool that discovers valid subdomains for any target using passive online sources.
  • Jun 18th - Jun 24th, 2018

    Jun 11th - Jun 17th, 2018

    Tools

  • ssh-mitmstars1.4k - An SSH/SFTP man-in-the-middle tool that logs interactive sessions and passwords.
  • May 28th - Jun 3rd, 2018

    May 7th - May 13th, 2018

    Tools

  • Autopsy - A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools
  • Bug bounty

  • Awesome bug bounty resources by EdOverflowstars4.2k
  • General

  • Movies For Hackersstars9.1k - A curated list of movies every hacker & cyberpunk must watch.
  • Mar 26th - Apr 1st, 2018

    Web

  • Hack The Box - a free site to perform pentesting in a variety of different systems.
  • Oct 16th - Oct 22nd, 2017

    Tools

  • Wifi Jammer - Free program to jam all wifi clients in range
  • Firesheep - Free program for HTTP session hijacking attacks.
  • Sep 11th - Sep 17th, 2017

    Tools

  • Habustars753 - Python Network Hacking Toolkit
  • May 22nd - May 28th, 2017

    General

  • Hack+ - An Intelligent network of bots that fetch the latest InfoSec content.
  • Mar 27th - Apr 2nd, 2017

    Tools

  • Paros - A Java-based HTTP/HTTPS proxy for assessing web application vulnerability
  • mitmsocks4jstars28 - Man-in-the-middle SOCKS Proxy for Java
  • sleuthkitstars2.1k - A library and collection of command-line digital forensics tools
  • EnCase - The shared technology within a suite of digital investigations products by Guidance Software
  • Cryptography

    Tools

  • xortoolstars1.1k - A tool to analyze multi-byte XOR cipher
  • Feb 27th - Mar 5th, 2017

    General

  • Pentest Cheat Sheetsstars2.8k - Collection of cheat sheets useful for pentesting
  • Feb 13th - Feb 19th, 2017

    Online resources

  • Security @ Distrowatch - Website dedicated to talking about, reviewing and keeping up to date with open source operating systems
  • Best Linux Penetration Testing Distributions @ CyberPunk - Description of main penetration testing distributions
  • Jan 30th - Feb 5th, 2017

    Tools

    Disassemblers and debuggers

  • ScratchABitstars377 - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
  • Jan 2nd - Jan 8th, 2017

    Tools

    Docker Images for Penetration Testing & Security

  • docker pull kalilinux/kali-linux-docker official Kali Linux
  • docker pull owasp/zap2docker-stable - official OWASP ZAPstars9.6k
  • docker pull wpscanteam/wpscan - official WPScan
  • Oct 31st - Nov 6th, 2016

    General

  • Rookit Arsenal - OS RE and rootkit development
  • Jun 27th - Jul 3rd, 2016

    Tools

    Disassemblers and debuggers

  • plasmastars3k - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
  • May 9th - May 15th, 2016

    Reverse Engineering

  • Crackmes.de - The world first and largest community website for crackmes and reversemes.
  • Mar 7th - Mar 13th, 2016

    Tools

  • pigstars423 - A Linux packet crafting tool
  • Nov 9th - Nov 15th, 2015

    General

  • Exploit database - An ultimate archive of exploits and vulnerable software
  • CTF archives (shell-storm)
  • Tools

  • nmap - Nmap (Network Mapper) is a security scanner
  • Web

  • 0xf.at - a website without logins or ads where you can solve password-riddles (so called hackits).
  • Competition

  • PHD CTF
  • Oct 5th - Oct 11th, 2015

    Tools

    Disassemblers and debuggers

  • radare2stars16.4k - A portable reversing framework
  • Dec 15th - Dec 21st, 2014

    Cryptography

    Tools

  • Aircrack - Aircrack is 802.11 WEP and WPA-PSK keys cracking program.
  • John the Ripper - A fast password cracker
  • Tools

  • sqlmapstars23.8k - Automatic SQL injection and database takeover tool
  • Aircrack-ng - An 802.11 WEP and WPA-PSK keys cracking program
  • Metasploitstars27.6k A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
  • mimikatzstars15.5k - A little tool to play with Windows security
  • malzilla - Malware hunting tool
  • tools.web-max.ca - base64 base85 md4,5 hash, sha1 hash encoding/decoding
  • NetworkMiner - A Network Forensic Analysis Tool (NFAT)
  • ZAP - The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
  • ETC

  • SecTools - Top 125 Network Security Tools
  • General

  • Open Malware
  • CTFtime.org - All about CTF (Capture The Flag)
  • WeChall
  • Competition

  • RuCTFe
  • Ghost in the Shellcode
  • SECUINSIDE CTF
  • Codegate CTF
  • Boston Key Party CTF
  • hack.lu CTF
  • Pliad CTF
  • DEF CON
  • CSAW CTF
  • Tutorials

  • Corelan Team's Exploit writing tutorial
  • Malware Analysis Tutorials: a Reverse Engineering Approach
  • Tools

    Disassemblers and debuggers

  • IDA - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • OllyDbg - A 32-bit assembler level analysing debugger for Windows
  • System

  • Exploit Exercises - Nebula
  • OverTheWire - Semtex
  • OverTheWire - Vortex
  • OverTheWire - Drifter
  • pwnable.kr - Provide various pwn challenges regarding system security
  • SmashTheStack
  • Reverse Engineering

  • simples.kr - (Korean)
  • Reversing.kr - This site tests your ability to Cracking & Reverse Code Engineering
  • CodeEngn - (Korean)
  • Cryptography

  • OverTheWire - Krypton
  • Web

  • Hack This Site! - a free, safe and legal training ground for hackers to test and expand their hacking skills
  • Webhacking.kr
  • Last Checked At: 2022-06-24T18:44:20.549Z
    Previous
    ashishb/android-security-awesome
    Next
    paralax/awesome-honeypots

    About

    Track your favorite github awesome repo, not just star it. trackawesomelist.com provides website, newsletter, RSS for tracking the popular awesome list by daily and weekly.
    Contact us: [email protected]
    Track Awesome List - Track your favorite Github awesome repos, not just star them | Product Hunt

    Subscribe

    Subscribe to our weekly newsletter to receive the awesome updates! We never send spam and you can unsubscribe instantly with one click. Here's past issues.

    Links

    Follow us on TwitterSubscribe us on TelegramSubmit awesome list repoNewsletterDonateSitemap