Awesome Stars

A curated list of my GitHub stars! Generated by starred.

ASL
ASP.NET
ActionScript
Ada
Arduino
Assembly
AutoHotkey
AutoIt
Batchfile
BitBake
Blade
BlitzBasic
Boo
C
C#
C++
CMake
CSS
Classic ASP
Clojure
CodeQL
ColdFusion
Dart
Dockerfile
Emacs Lisp
Erlang
F#
Fluent
FreeMarker
Go
Groovy
HCL
HTML
Hack
Haskell
Inno Setup
Java
JavaScript
Jinja
Jupyter Notebook
KiCad Layout
Kotlin
LLVM
Logos
Lua
MATLAB
Makefile
Markdown
Mask
Max
Mustache
NSIS
Nginx
Nim
Nix
Nunjucks
OCaml
Objective-C
Objective-C++
Open Policy Agent
Others
PHP
PLpgSQL
Pascal
Perl
PostScript
PowerShell
Propeller Spin
Pug
Python
QMake
REXX
Rascal
Rich Text Format
Roff
Ruby
Rust
SCSS
Sage
SaltStack
Scala
Scheme
Shell
Smali
Smarty
Solidity
SourcePawn
Starlark
Svelte
Swift
TSQL
Tcl
TeX
TypeScript
VBA
VBScript
VCL
Vim Script
Visual Basic
Visual Basic .NET
Vue
XSLT
YAML
YARA
Zeek
Zig
nesC
templ

ASL

postgres-cn/pgdoc-cn - PostgreSQL manual Chinese translation by China PostgreSQL Users Group

ASP.NET

Jean-Francois-C/Webshell-Upload-and-Web-RCE-Techniques - Classic Web shell upload techniques & Web RCE techniques

ActionScript

appsecco/json-flash-csrf-poc - This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.

Ada

PatrikFehrenbach/amass-tools -

Arduino

UnicycleDumpTruck/MissionControl - This kids' homework desk has top that flips up to reveal a space-themed control panel.
spacehuhn/wifi_keylogger - DIY Arduino Wi-Fi Keylogger (Proof of Concept)

Assembly

enkomio/AlanFramework - A C2 post-exploitation framework
MortenSchenk/Token-Stealing-Shellcode -
xenoscr/SysWhispers2 - AV/EDR evasion via direct system calls.
timwhitez/Doge-Direct-Syscall - Golang Direct Syscall
klezVirus/inceptor - Template-Driven AV/EDR Evasion Framework
guitmz/memrun - Small tool to run ELF binaries from memory with a given process name
DownWithUp/DynamicKernelShellcode - An example of how x64 kernel shellcode can dynamically find and use APIs
mai1zhi2/SysWhispers2_x86 - X86 version of syswhispers2 / x86 direct system call
jthuraisamy/SysWhispers2 - AV/EDR evasion via direct system calls.
Cybereason/siofra -
mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
jjyr/jonesforth_riscv - Jonesforth RISC-V port.
vxunderground/MalwareSourceCode - Collection of malware source code for a variety of platforms in an array of different programming languages.
antonioCoco/Mapping-Injection - Just another Windows Process Injection
jthuraisamy/SysWhispers - AV/EDR evasion via direct system calls.
tinysec/windows-syscall-table - windows syscall table from xp ~ 10 rs4

AutoHotkey

xianyukang/MyKeymap - 一款基于 AutoHotkey 的键盘映射工具
goreliu/runz - RunZ，专业的快速启动工具
kookob/smpic - Windows下面的SM.MS图床上传工具

AutoIt

WildByDesign/ACLViewer - ACL Viewer for Windows

Batchfile

lxgw/LxgwWenKai - An open-source Chinese font derived from Fontworks' Klee One. 一款开源中文字体，基于 FONTWORKS 出品字体 Klee One 衍生。
gsuberland/lbfo_win10 - Re-enable NIC teaming (LBFO) in Windows 10 using components from Windows Server.
SkyBlueEternal/jdk-change - 支持windows\linux\macOS | jdk一键切换版本\一键切换jdk版本\jdk版本更换
0xbinibini/emergency_response_batch - 应急响应，应急响应脚本，应急响应批处理；将Windows查看日志用户端口等命令集成在批处理脚本中。让熟练的应急人员能省去多次重复的敲击和记忆，并通过读取配置文件来调用Windows自带的命令结束进程服务等，本批处理尽量不调用任何外部的工具。任何调用的外部工具都将会存放在plugin目录下可按需使用，力图使用最原生的命令行来完成工作。
SoraShu/easyconn-socks5-for-HITsz - 在服务器上运行easyconnect并建立socks5代理，实现win电脑上免安装easyconnect访问校园内网。
r00t4dm/CVE-2020-27955 -
swagkarna/Defeat-Defender-V1.2.0 - Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
wafinfo/cobaltstrike - cobaltstrike插件
chroblert/JC-jEnv - windows java environ manage
massgravel/Microsoft-Activation-Scripts - Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.
sagishahar/lpeworkshop - Windows / Linux Local Privilege Escalation Workshop
maguowei/k8s-docker-desktop-for-mac - Docker Desktop for Mac 开启并使用 Kubernetes
ihacku/winhardening - windows 加固脚本
frizb/Windows-Privilege-Escalation - Windows Privilege Escalation Techniques and Scripts
acgbfull/IBM_Appscan_Batch_Scan_Script - IBM AppScan批量扫描脚本
crazywifi/RDP_SessionHijacking - Passwordless RDP Session Hijacking
mxk/windows-secure-group-policy - Windows 11 secure group policy for standalone devices
so87/CISSP-Study-Guide - study material used for the 2018 CISSP exam
Tai7sy/fuckcdn - CDN真实IP扫描，易语言开发
NextronSystems/APTSimulator - A toolset to make a system look as if it was the victim of an APT attack
auspbro/domain-admin-crack - :cactus: 入域电脑用户本地提权
bartblaze/Disable-Intel-AMT - Tool to disable Intel AMT on Windows
NuclearPhoenixx/fake-sandbox - 👁‍🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
wzulfikar/ngrok-caddy - Script to run ngrok with (optional) caddy server

BitBake

xer0times/BugBounty - Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...

Blade

dbarzin/mercator - Mapping the information system / Cartographie du système d'information

BlitzBasic

Sy3Omda/burp-bounty - Burp Bounty profiles
six2dez/burp-bounty-profiles - Burp Bounty profiles compilation, feel free to contribute!
PortSwigger/scan-check-builder - Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
1N3/IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
ghsec/BBProfiles - Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.

Boo

byt3bl33d3r/SILENTTRINITY - An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

C

ImKKingshuk/RootShield - RootShield : The Ultimate Shield for Rooted Android Devices - Protect your rooted Android device from unauthorized file operations and process executions! 🛡️ RootShield is a powerful kernel module tha
google/security-research - This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
linktools-toolkit/linktools - 记录了在移动端漏洞分析和合规扫描过程中涉及的一些常用功能，以Python库的方式提供使用
varwara/CVE-2024-35250 - PoC for the Untrusted Pointer Dereference in the ks.sys driver
hengyoush/kyanos - Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient.
wangfly-me/LoaderFly - 助力每一位RT队员，快速生成免杀木马
gianlucaborello/libprocesshider - Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)
paokuwansui/Antivirus_killer - 免杀主流防病毒软件
P001water/yuze - A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具，支持正向，反向socks5代理隧道的搭建，支持跨平台使用。
OracleNep/Nday-Exploit-Plan - 历史漏洞的细节以及利用方法汇总收集
iridium-soda/container-escape-exploits - 整理容器逃逸相关的漏洞和exploits.
baiyies/AutoMonitor - windows自动监控截图工具。 windows automatic screenshoter.
h4ckm310n/Container-Vulnerability-Exploit - 容器安全漏洞的分析与复现
m0nad/Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
PolarPeak/NIDS - 基于Suricata简单的网络入侵检测系统，也是我的垃圾毕业设计，目前仅仅是一个demo。
evilashz/PigScheduleTask - 添加计划任务方法集合
kernweak/minicrypt - 基于MiniFilter和Sfilter的加解密
esnet/iperf - iperf3: A TCP, UDP, and SCTP network bandwidth measurement tool
qwqdanchun/HVNC - 基于Tinynuke修复得到的HVNC
baidu/dperf - dperf is a 100Gbps network load tester.
H4K6/CVE-2023-0179-PoC - 针对（CVE-2023-0179）漏洞利用该漏洞被分配为CVE-2023-0179，影响了从5.5到6.2-rc3的所有Linux版本，该漏洞在6.1.6上被测试。漏洞的细节和文章可以在os-security上找到。
Impalabs/CVE-2023-27326 - VM Escape for Parallels Desktop <18.1.1
libAudioFlux/audioFlux - A library for audio and music analysis, feature extraction.
chompie1337/Windows_LPE_AFD_CVE-2023-21768 - LPE exploit for CVE-2023-21768
xforcered/Windows_LPE_AFD_CVE-2023-21768 - LPE exploit for CVE-2023-21768
Esonhugh/sshd_backdoor - /root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
brosck/Pingoor - 「🚪」Linux Backdoor based on ICMP protocol
nelhage/reptyr - Reparent a running program to a new terminal
itm4n/PPLdump - Dump the memory of a PPL with a userland exploit
zh-explorer/dirtycow - exploit for dirtycow
Coldzer0/ReverseSock5Proxy - A tiny Reverse Sock5 Proxy written in C :V
Cerbersec/KillDefenderBOF - Beacon Object File PoC implementation of KillDefender
seventeenman/noELF - Linux下用于远程加载可执行文件以达到内存加载的目的
Kevin-sa/ebpf-supply-chain - 利用ebpf做pypi恶意包检测
yukar1z0e/cloudswordtsh - 多用户版linux/freebsd/openbsd/netbsd/cygwin/sunos/irix/hpux/osf的远控tiny shell
Octoberfest7/EventViewerUAC_BOF - Beacon Object File implementation of Event Viewer deserialization UAC bypass
Rvn0xsy/SchtaskCreator - 远程创建任务计划工具
Libraggbond/EventViewerBypassUacBof - EventViewer Bypass Uac Bof
randorisec/CVE-2022-34918-LPE-PoC -
h3xduck/TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
pytorch/cpuinfo - CPU INFOrmation library (x86/x86-64/ARM/ARM64, Linux/Windows/Android/macOS/iOS)
byt3bl33d3r/BOF-Zig - Cobalt Strike BOF with Zig!
crisprss/PetitPotam - 替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, a series of local rights escalation methods have been realized
Cracked5pider/Ekko - Sleep Obfuscation
helloexp/0day - 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
tr3ee/CVE-2022-23222 - CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation
synacktiv/ica2tcp - A SOCKS proxy for Citrix.
thefLink/DeepSleep - A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
q77190858/CVE-2021-3156 - sudo提权漏洞CVE-2021-3156复现代码
nsacyber/Hardware-and-Firmware-Security-Guidance - Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as gene
nemo-wq/PrintNightmare-CVE-2021-34527 - PrintNightmare - Windows Print Spooler RCE/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits
LDrakura/Remote_ShellcodeLoader - 远程shellcode加载&权限维持+小功能
JDArmy/RPCSCAN - RPC远程主机信息匿名扫描工具
jituo666/AndroidEventRecorder - A recorder used for recording user actions on Android platforms.
liudf0716/xfrpc - The xfrpc project is a lightweight implementation of the FRP client written in C language for OpenWRT and IoT systems. It is designed to provide an efficient solution for resource-constrained devices
Mr-Un1k0d3r/WindowsDllsExport - A list of all the DLLs export in C:\windows\system32\
trustedsec/CS-Remote-OPs-BOF -
3nock/OTE - OSINT Template Engine
DataDog/security-labs-pocs - Proof of concept code for Datadog Security Labs referenced exploits.
outflanknl/C2-Tool-Collection - A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
chicharitomu14/AndScanner - This is the project for the paper “Large-scale Security Measurements on the Android Firmware Ecosystem” in ICSE2022
rbsec/sslscan - sslscan tests SSL/TLS enabled services to discover supported cipher suites
krisnova/boopkit - Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
bytedance/bhook - :fire: ByteHook is an Android PLT hook library which supports armeabi-v7a, arm64-v8a, x86 and x86_64.
r0ysue/AndroidFridaBeginnersBook - 《安卓Frida逆向与抓包实战》随书附件
easychen/pushdeer - 开放源码的无App推送服务，iOS14+扫码即用。亦支持快应用/iOS和Mac客户端、Android客户端、自制设备
emptymonkey/revsh - A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities.
Bonfee/CVE-2022-0995 - CVE-2022-0995 exploit
RfidResearchGroup/proxmark3 - Iceman Fork - Proxmark3
gojue/ecapture - Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
ly4k/PwnKit - Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
crisprss/PrintSpoofer - PrintSpoofer的反射dll实现，结合Cobalt Strike使用
AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits - A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.
mponcet/subversive - x86_64 linux rootkit using debug registers
therealdreg/lsrootkit - Rootkit Detector for UNIX
Arinerron/CVE-2022-0847-DirtyPipe-Exploit - A root exploit for CVE-2022-0847 (Dirty Pipe)
Bonfee/CVE-2022-25636 - CVE-2022-25636
bopin2020/WindowsCamp - Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&
Lojii/Knot - 一款iOS端基于MITM(中间人攻击技术)实现的HTTPS抓包工具，完整的App，核心代码使用SwiftNIO实现
r4j0x00/exploits -
SentryPeer/SentryPeer - Protect your SIP Servers from bad actors at https://sentrypeer.org
b1n4r1b01/n-days -
linux-lock/bpflock - bpflock - eBPF driven security for locking and auditing Linux machines
Rvn0xsy/CVE-2021-4034 - CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation
0verSp4ce/CVE-2021-4034 - CVE-2021-4034, For Webshell Version.
MichaelDim02/Narthex - Modular personalized dictionary generator.
FlamingSpork/iptable_evil - An evil bit backdoor for iptables
kyleavery/inject-assembly - Inject .NET assemblies into an existing process
spieglt/whatfiles - Log what files are accessed by any Linux process
berdav/CVE-2021-4034 - CVE-2021-4034 1day
arthepsy/CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
Ayrx/CVE-2021-4034 - Exploit for CVE-2021-4034
xbyl1234/android_analysis - a few android analysis tools, jni trace by native hook, libc hook, write log with caller's addr in file or AndroidLog
aaaddress1/Skrull - Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting te
thefLink/Hunt-Sleeping-Beacons - Aims to identify sleeping beacons
Rvn0xsy/linux_dirty - 更改后的脏牛提权代码，可以往任意文件写入任意内容，去除交互过程
revng/pagebuster - PageBuster - dump all executable pages of packed processes.
screetsec/TheFatRat - Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then
f0rb1dd3n/Reptile - LKM Linux rootkit
lcatro/qemu-fuzzer - Qemu Fuzzer.针对Qemu模拟设备的模糊测试工具,主要思路是Host生成种子Data,然后传递给Guest中转程序,由中转程序访问MMIO,以达到和模拟设备的交互,不同于qtest自带的fuzzer.
chriskaliX/Hades - Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)
n0b0dyCN/redis-rogue-server - Redis(<=5.0.5) RCE
wavestone-cdt/EDRSandblast -
OALabs/BlobRunner - Quickly debug shellcode extracted during malware analysis
SweetIceLolly/Huorong_Vulnerabilities - Huorong Internet Security vulnerabilities 火绒安全软件漏洞
scareing/cmd2shellcode - cmd2shellcode
securifybv/Visual-Studio-BOF-template - A Visual Studio template used to create Cobalt Strike BOFs
HexHive/USBFuzz - A Framework for fuzzing USB Drivers by Device Emulation
fortra/nanodump - The swiss army knife of LSASS dumping
0671/RedisModules-ExecuteCommand-for-Windows - 可在Windows下执行系统命令的Redis模块，可用于Redis主从复制攻击。
Lakr233/Decrypter - An easy way to decrypt UIKit app.
idealeer/xmap - XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.
wolfpython/nids - 基于网络的入侵检测系统
dismantl/ImprovedReflectiveDLLInjection - An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
aircrack-ng/mdk4 - MDK4
boku7/injectEtwBypass - CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
codewhitesec/HandleKatz - PIC lsass dumper using cloned handles
gentilkiwi/kekeo - A little toolbox to play with Microsoft Kerberos in C
EspressoCake/PPLDump_BOF - A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
microsoft/omi - Open Management Infrastructure
seL4/seL4 - The seL4 microkernel
outflanknl/PrintNightmare -
cube0x0/SharpSystemTriggers - Collection of remote authentication triggers in C#
paranoidninja/PIC-Get-Privileges - Building and Executing Position Independent Shellcode from Object Files in Memory
SolomonSklash/SleepyCrypt - A shellcode function to encrypt a running process image when sleeping.
limithit/NginxExecute - The NginxExecute module executes the shell command through GET POST and HEAD to display the result.
boku7/azureOutlookC2 - Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Micro
cyberark/rdpfuzz - Tools for fuzzing RDP
mprovost/NFStash - NFS client CLI toolkit
aaaddress1/PR0CESS - some gadgets about windows process and ready to use :)
superflexible/TGPuttyLib - An SFTP client shared library (dll/so/dylib) with bindings and classes for C++, Delphi and Free Pascal based on PuTTY
ttdennis/fpicker - fpicker is a Frida-based fuzzing suite supporting various modes (including AFL++ in-process fuzzing)
mgeeky/ElusiveMice - Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
boku7/whereami - Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.
frkngksl/Huan - Encrypted PE Loader Generator
Yubico/yubico-c - YubiKey C low-level library (libyubikey)
RUB-SysSec/Nyx - USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types
glmcdona/Process-Dump - Windows tool for dumping malware PE files from memory back to disk for analysis.
alfarom256/BOF-ForeignLsass -
knightswd/ProcessGhosting -
NoOne-hub/Beacon.dll - Beacon.dll reverse
boku7/BokuLoader - A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
aqi00/advanceapp - 《Android App开发进阶与项目实战》随书源码
horsicq/PDBRipper - PDBRipper is a utility for extract an information from PDB-files.
Gui774ume/ebpfkit - ebpfkit is a rootkit powered by eBPF
jrbrtsn/ban2fail - Simple & efficient log file scanning and iptable filtering
cdpxe/NELphase - Network Environment Learning (NEL) Phase for Covert Channels (with a Feedback Channel)
ZhangZhuoSJTU/StochFuzz - Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting
connormcgarr/cThreadHijack - Beacon Object File (BOF) for remote process injection via thread hijacking
boku7/injectAmsiBypass - Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
LloydLabs/process-enumeration-stealth -
hasherezade/process_ghosting - Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
GJDuck/e9patch - A powerful static binary rewriting tool
djkaty/Il2CppInspector - Powerful automated tool for reverse engineering Unity IL2CPP binaries
merbanan/rtl_433 - Program to decode radio transmissions from devices on the ISM bands (and other frequencies)
killvxk/Beacon - Lightweight, header-only C++ IPC library for Windows operating systems (Vista+) using advanced local procedure calls
sliverarmory/COFFLoader -
joshfaust/Alaris - A protective and Low Level Shellcode Loader that defeats modern EDR systems.
OWASP/IoTGoat - IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
ndilieto/uacme - ACMEv2 client written in plain C with minimal dependencies
client9/libinjection - SQL / SQLI tokenizer parser analyzer
alipay/ios-malicious-bithunter - iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime. If you are inte
xuanxuan0/TiEtwAgent - PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
antonioCoco/RemotePotato0 - Windows Privilege Escalation from User to Domain Admin.
greenbone/gvmd - Greenbone Vulnerability Manager - The database backend for the Greenbone Community Edition
topotam/PetitPotam - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
CCob/BOF.NET - A .NET Runtime for Cobalt Strike's Beacon Object Files
0xricksanchez/dlink-decrypt - D-Link firmware decryption PoC
boku7/spawn - Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG),
xforcered/InlineExecute-Assembly - InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional f
inspiringz/CVE-2021-3493 - CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)
wbenny/injdrv - proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
CCob/SylantStrike - Simple EDR implementation to demonstrate bypass
jattach/jattach - JVM Dynamic Attach utility
anthemtotheego/InlineExecute-Assembly - InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional f
praetorian-inc/PortBender - TCP Port Redirection Utility
hlldz/CVE-2021-1675-LPE - Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
blackorbird/PrintNightmare -
iqiyi/qnsm - QNSM is network security monitoring framework based on DPDK.
Yaxser/Backstab - A tool to kill antimalware protected processes
CaledoniaProject/rdpscan - RDP password verification tool - No external libraries required ;-P
wonderkun/go-packer - golang打包二进制进行免杀
cgwalters/cve-2020-14386 -
alipay/Owfuzz - Owfuzz: a WiFi protocol fuzzing tool
passthehashbrowns/hook-integrity-checks -
kevmitch/win_battery_log - command line battery stats for MS Windows
passthehashbrowns/hiding-your-syscalls - Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
yarrick/iodine - Official git repo for iodine dns tunnel
airbus-cyber/afl_ghidra_emu -
ApsaraDB/PolarDB-for-PostgreSQL - A cloud-native database based on PostgreSQL developed by Alibaba Cloud.
season-lab/fuzzolic - fuzzing + concolic = fuzzolic :)
djhohnstein/macos_shell_memory - Execute MachO binaries in memory using CGo
ASkyeye/Zipper - Zipper, a CobaltStrike file and folder compression utility.
pbek/loganalyzer - LogAnalyzer is a tool that helps you to analyze your log files by reducing the content with patterns you define.
heiher/hev-socks5-core - A simple, lightweight socks5 library (IPv4/IPv6/TCP/UDP/Client/Server)
orangetw/tsh - Tiny SHell is an open-source UNIX backdoor.
waldo-irc/CVE-2021-21551 - Exploit to SYSTEM for CVE-2021-21551
Iansus/SilentLsassDump - VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump
abcz316/rwProcMem33 - Linux ARM64内核硬件进程内存读写驱动、硬件断点调试驱动。硬件级读写Linux进程内存、硬件级下断点。
falcosecurity/pdig - ptrace-based event producer for udig
svengong/xcubebase_riru - 基于magisk 和riru的frida持久化方案
Al1ex/WindowsElevation - Windows Elevation(持续更新)
Al1ex/LinuxEelvation - Linux Eelvation(持续更新)
boazsegev/iodine - iodine - HTTP / WebSockets Server for Ruby with Pub/Sub support
xforcered/CredBandit - Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that back through your already existing Beacon communication channel
dgoulet/kjackal - Linux Rootkit Scanner
rsmudge/ZeroLogon-BOF -
git-for-windows/git-sdk-64 - A Git repository mirroring the current 64-bit Git for Windows SDK
csandker/inMemoryShellcode - A Collection of In-Memory Shellcode Execution Techniques for Windows
pattern-f/TQ-pre-jailbreak - Hello from pattern-f.
darvincisec/AntiDebugandMemoryDump - Anti-Debug and Anti-Memory Dump for Android
purerosefallen/ygopro - KoishiPro
decoder-it/juicy_2 - juicypotato for win10 > 1803 & win server 2019
9bie/exe2shellcode - Remote Download and Memory Execute for shellcode framework
trustedsec/COFFLoader -
akopytov/sysbench - Scriptable database and system performance benchmark
mtrojnar/osslsigncode - OpenSSL based Authenticode signing for PE/MSI/Java CAB files
jmk-foofus/medusa - Medusa is a speedy, parallel, and modular, login brute-forcer.
rewardone/OSCPRepo - A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and readi
aaaddress1/sakeInject - Windows PE - TLS (Thread Local Storage) Injector in C/C++
Rvn0xsy/CVE-2021-3156-plus - CVE-2021-3156非交互式执行命令
blasty/CVE-2021-3156 -
Mr-Un1k0d3r/RedTeamCCode - Red Team C code repo
lockedbyte/CVE-Exploits - PoC exploits for software vulnerabilities
mai1zhi2/ShellCodeFramework - 绕3环的shellcode免杀框架
ea/bosch_headunit_root - Documentation and code for rooting and extending a Bosch car head unit (lcn2kai)
LloydLabs/Windows-API-Hashing - This is a simple example and explanation of obfuscating API resolution via hashing
LloydLabs/delete-self-poc - A way to delete a locked file, or current running executable, on disk.
zznop/drow - Injects code into ELF executables post-build
neil-wu/CatFrida - CatFrida is a macOS tool for inspecting a running iOS app.
ybdt/evasion-hub - 免杀对抗
jsherman212/xnuspy - an iOS kernel function hooking framework for checkra1n'able devices
rsmudge/unhook-bof - Remove API hooks from a Beacon process.
dacade/tools - some tools
lengjibo/FourEye - AV Evasion Tool For Red Team Ops
AFLplusplus/AFLplusplus - The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
ethereal-vx/Persistence - Recreating and reviewing the Windows persistence methods
anantshri/Android_Security - This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017
gtworek/PSBits - Simple (relatively) things allowing you to dig a bit deeper than usual.
ajpc500/BOFs - Collection of Beacon Object Files
tomcarver16/BOF-DLL-Inject - Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.
gnxbr/Fully-Undetectable-Techniques -
chroblert/JC-AntiPtrace - 安卓绕过ptrace反调试
NixOS/patchelf - A small utility to modify the dynamic linker and RPATH of ELF executables
TannerJin/AntiMSHookFunction - AntiMSHookFunction (make MSHookFunction doesn't work)
ntop/n2n - Peer-to-peer VPN
gaffe23/linux-inject - Tool for injecting a shared object into a Linux process
code-scan/ssh-inject-auto-find-libdl -
geokb/yabar - A modern and lightweight status bar for X window managers.
cbwang505/CVE-2019-0708-EXP-Windows - CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
strongcourage/uafuzz - UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
LloydLabs/wsb-detect - wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")
g0dA/linuxStack - Linux技术栈
0voice/algorithm-structure - 2021年最新总结 500个常用数据结构，算法，算法导论，面试常用，大厂高级工程师整理总结
GeoSn0w/Blizzard-Jailbreak - An Open-Source iOS 11.0 -> 11.4.1 (soon iOS 13) Jailbreak, made for teaching purposes.
bytecode77/r77-rootkit - Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
ventoy/Ventoy - A new bootable USB solution.
SkewwG/domainTools - 内网域渗透小工具
StarCross-Tech/heap_exploit_2.31 -
XiphosResearch/netelf - Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.
andreafioraldi/weizz-fuzzer -
hackerschoice/gsocket - Connect like there is no firewall. Securely.
phra/PEzor - Open-Source Shellcode & PE Packer
TimelifeCzy/Shell_Protect - VM一键加壳/脱壳，全压缩，反调试等
ish-app/ish - Linux shell for iOS
inspektor-gadget/inspektor-gadget - Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF
gloxec/CrossC2 - generate CobaltStrike's cross-platform payload
timwhitez/Cobalt-Strike-Aggressor-Scripts - Cobalt Strike Aggressor 插件包
brendan-rius/c-jwt-cracker - JWT brute force cracker written in C
bg6cq/whoisscanme -
aircrack-ng/rtl8188eus - RealTek RTL8188eus WiFi driver with monitor mode & frame injection support
dtcooper/fakehostname - Run a command and fake your hostname.
yifengyou/learn-kvm - Qemu KVM(Kernel Virtual Machine)学习笔记
blendin/3snake - Tool for extracting information from newly spawned processes
0vercl0k/sic - Enumerate user mode shared memory mappings on Windows.
CylanceVulnResearch/ReflectiveDLLRefresher - Universal Unhooking
DoctorWkt/acwj - A Compiler Writing Journey
limbenjamin/LogServiceCrash - POC code to crash Windows Event Logger Service
nil0x42/duplicut - Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
blunderbuss-wctf/wacker - A WPA3 dictionary cracker
uf0o/CVE-2020-17382 - PoC exploits for CVE-2020-17382
libinjection/libinjection - SQL / SQLI tokenizer parser analyzer
blackarrowsec/redteam-research - Collection of PoC and offensive techniques used by the BlackArrow Red Team
chompie1337/s8_2019_2215_poc - PoC 2019-2215 exploit for S8/S8 active with DAC + SELinux + Knox/RKP bypass
DerekSelander/yacd - Decrypts FairPlay applications on iOS 13.4.1 and lower, no jb required
jvinet/knock - A port-knocking daemon
ThunderGunExpress/UAC-TokenDuplication -
Ascotbe/Kernelhub - :palm_tree:Linux、macOS、Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file (提权漏洞合集)
fancycode/MemoryModule - Library to load a DLL from memory.
reactos/reactos - A free Windows-compatible Operating System
MobileForensicsResearch/mem - Tool used for dumping memory from Android devices
ARM-software/CSAL - Coresight Access Library
webview/webview_csharp - C# bindings for webview/webview - Batteries included
gabrielrcouto/awesome-php-ffi - PHP FFI examples and use cases
bhassani/EternalBlueC - EternalBlue suite remade in C/C++ which includes: MS17-010 Exploit, EternalBlue vulnerability detector, DoublePulsar detector and DoublePulsar Shellcode & DLL uploader
mdsecactivebreach/firewalker -
hzqst/VmwareHardenedLoader - Vmware Hardened VM detection mitigation loader (anti anti-vm)
aligrudi/neatcc - A small arm/x86(-64) C compiler
bkerler/opencl_brute - MD5,SHA1,SHA256,SHA512,HMAC,PBKDF2,SCrypt Bruteforcing tools using OpenCL (GPU, yay!) and Python
marsyy/littl_tools -
n0b0dyCN/RedisModules-ExecuteCommand - Tools, utilities and scripts to help you write redis modules!
vulhub/redis-rogue-getshell - redis 4.x/5.x master/slave getshell module
TheWover/donut - Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
google/sanitizers - AddressSanitizer, ThreadSanitizer, MemorySanitizer
AntSwordProject/ant_php_extension - PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions
m57/cobaltstrike_bofs - My CobaltStrike BOFS
anthemtotheego/C_Shot -
sailay1996/UAC_Bypass_In_The_Wild - Windows 10 UAC bypass for all executable files which are autoelevate true .
a0rtega/pafish - Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environm

awesome hacking lists

Transport

Dokumentation

Awesome Stars

Contents

ASL

ASP.NET

ActionScript

Ada

Arduino

Assembly

AutoHotkey

AutoIt

Batchfile

BitBake

Blade

BlitzBasic

Boo

C