You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[26047星][17d] [Py] certbot/certbot Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
[26031星][17d] [Py] certbot/certbot Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
[24868星][22d] trimstray/the-book-of-secret-knowledge A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
[20221星][19d] [Shell] streisandeffect/streisand Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
[19929星][1m] [C++] cmderdev/cmder Lovely console emulator package for Windows
[19823星][6d] [Jupyter Notebook] camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers aka "Bayesian Methods for Hackers": An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)
[19768星][3d] [Rust] jwilm/alacritty A cross-platform, GPU-accelerated terminal emulator
[19678星][8m] [TS] railsware/upterm A terminal emulator for the 21st century.
[14557星][19d] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
[11435星][5d] [Py] owasp/cheatsheetseries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
[11402星][16d] [Java] oracle/graal Run Programs Faster Anywhere
[11294星][17d] [Go] xtaci/kcptun A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64
[11034星][2y] [ObjC] bang590/jspatch JSPatch bridge Objective-C and Javascript using the Objective-C runtime. You can call any Objective-C class and method in JavaScript by just including a small engine. JSPatch is generally used to hotfix iOS App.
[10995星][10d] [ObjC] flipboard/flex An in-app debugging and exploration tool for iOS
[7613星][4m] [Py] sovereign/sovereign A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.
[7307星][26d] [Java] lionsoul2014/ip2region Ip2region is a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is less then 5Mb with all ip address stored. binding for Java,PHP,C,Python,Nodejs,Golang,C#,lua. Binary,B-tree,Memory searching algorithm
[7261星][1y] [Py] clips/pattern Web mining module for Python, with tools for scraping, natural language processing, machine learning, network analysis and visualization.
[7020星][20d] [Go] nats-io/nats-server High-Performance server for NATS, the cloud native messaging system.
[7019星][16d] [JS] cs01/gdbgui Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
[6479星][18d] [Shell] cisofy/lynis Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
[6052星][1m] berzerk0/probable-wordlists Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
[6005星][23d] [Py] gallopsled/pwntools CTF framework and exploit development library
[5929星][19d] [Py] asciimoo/searx 网络元数据搜索引擎。汇总70 多个搜索引擎的搜素结果,避免用户被追踪或者被分析。可与 Tor 结合使用
[5876星][3m] [Gnuplot] nasa-jpl/open-source-rover A build-it-yourself, 6-wheel rover based on the rovers on Mars!
[5847星][22d] [C++] dolphin-emu/dolphin Dolphin is a GameCube / Wii emulator, allowing you to play games for these two platforms on PC with improvements.
[5677星][2y] [JS] liftoff/gateone Gate One is an HTML5-powered terminal emulator and SSH client
[5659星][2m] [C] rofl0r/proxychains-ng proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
[5308星][19d] [C++] coatisoftware/sourcetrail Sourcetrail - free and open-source interactive source explorer
[5273星][1y] [Py] xiyoumc/webhubbot Python + Scrapy + MongoDB . 5 million data per day !!!
[5269星][1y] [Py] awslabs/aws-shell An integrated shell for working with the AWS CLI.
[5253星][9d] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
[5229星][4m] [Py] ytisf/thezoo A repository of LIVE malwares for your own joy and pleasure.
[5215星][12d] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
[5214星][19d] [Shell] vulhub/vulhub Pre-Built Vulnerable Environments Based on Docker-Compose
[5173星][1y] [JS] samyk/poisontap Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.
[5169星][18d] [ObjC] macpass/macpass A native OS X KeePass client
[5164星][14d] [Go] dnscrypt/dnscrypt-proxy 灵活的DNS代理,支持现代的加密DNS协议,例如:DNS protocols such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt.
[5116星][17d] [ASP] hq450/fancyss fancyss is a project providing tools to across the GFW on asuswrt/merlin based router.
[5103星][2m] [Lua] alexazhou/verynginx A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
[5047星][21d] [Go] inlets/inlets Expose your local endpoints to the Internet
[5007星][2m] [Py] snare/voltron A hacky debugger UI for hackers
[4966星][18d] [Py] trustedsec/social-engineer-toolkit The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
[4966星][26d] [TS] jigsaw-code/outline-client Outline clients, developed by Jigsaw. The Outline clients use the popular Shadowsocks protocol, and lean on the Cordova and Electron frameworks to support Windows, Android / ChromeOS, Linux, iOS and macOS.
[4922星][1y] [Go] yinghuocho/firefly-proxy A proxy software to help circumventing the Great Firewall.
[4736星][1m] [Go] ponzu-cms/ponzu Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go.
[4672星][13d] [PHP] phan/phan Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
[4672星][19d] [JS] beefproject/beef The Browser Exploitation Framework Project
[4663星][1m] [C] google/ios-webkit-debug-proxy A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
[4625星][19d] [Ruby] vcr/vcr Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.
[4610星][1y] [C] upx/upx UPX - the Ultimate Packer for eXecutables
[4600星][12m] [Py] ecthros/uncaptcha2 defeating the latest version of ReCaptcha with 91% accuracy
[4563星][22d] [Ruby] wpscanteam/wpscan WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites.
[4463星][6m] [JS] bfirsh/jsnes A JavaScript NES emulator.
[4449星][1y] [Py] sshuttle/sshuttle Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
[4441星][3m] [Shell] zardus/ctf-tools Some setup scripts for security research tools.
[4436星][15d] [JS] cure53/dompurify a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
[3688星][1m] [HTML] hamukazu/lets-get-arrested This project is intended to protest against the police in Japan
[3686星][5m] [C] facebook/fishhook A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
[3676星][1m] [PS] bloodhoundad/bloodhound a single page Javascript web application, uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.
[3564星][3y] [C] hak5darren/usb-rubber-ducky a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input.
[3475星][1m] [Java] meituan-dianping/robust Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
[3473星][5y] [HTML] grangier/python-goose Html Content / Article Extractor, web scrapping lib in Python
[3422星][5m] [C] wind4/vlmcsd KMS Emulator in C (currently runs on Linux including Android, FreeBSD, Solaris, Minix, Mac OS, iOS, Windows with or without Cygwin)
[3405星][22d] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
[3337星][18d] [Py] google/grr remote live forensics for incident response
[3327星][25d] [C] microsoft/windows-driver-samples This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
[3248星][3d] [C] magnumripper/johntheripper This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS:
[3224星][2m] [C++] spiderlabs/modsecurity ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys…
[3168星][1m] [Py] mininet/mininet Emulator for rapid prototyping of Software Defined Networks
[3168星][22d] [CSS] juliocesarfort/public-pentesting-reports Curated list of public penetration test reports released by several consulting firms and academic security groups
[3161星][18d] [JS] minbrowser/min A fast, minimal browser that protects your privacy
[3052星][5m] [C++] google/robotstxt The repository contains Google's robots.txt parser and matcher as a C++ library (compliant to C++11).
[3048星][4d] [Go] cookiey/yearning A most popular sql audit platform for mysql
[3033星][18d] [Py] twintproject/twint An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
[2927星][14d] secfigo/awesome-fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
[2906星][1y] [Py] byt3bl33d3r/mitmf Framework for Man-In-The-Middle attacks
[2895星][17d] [Go] 99designs/aws-vault A vault for securely storing and accessing AWS credentials in development environments
[2894星][2m] [C#] vsvim/vsvim Vim Emulator Plugin for Visual Studio 2015+
[2888星][18d] [HTML] ctf-wiki/ctf-wiki CTF Wiki Online. Come and join us, we need you!
[2887星][4y] [ObjC] maciekish/iresign iReSign allows iDevice app bundles (.ipa) files to be signed or resigned with a digital certificate from Apple for distribution. This tool is aimed at enterprises users, for enterprise deployment, when the person signing the app is different than the person(s) developing it.
[2885星][9m] [C++] wangyu-/udpspeeder A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
[2848星][6m] [Py] instantbox/instantbox Get a clean, ready-to-go Linux box in seconds.
[2845星][9m] [Shell] goreliu/wsl-terminal Terminal emulator for Windows Subsystem for Linux (WSL)
[2844星][30d] [Py] jrohy/multi-v2ray v2ray easy delpoy & manage tool, support multiple user & protocol manage
[2835星][2y] [TS] microsoftdx/vorlonjs A new, open source, extensible, platform-agnostic tool for remotely debugging and testing your JavaScript. Powered by node.js and socket.io
[2815星][26d] [C] processhacker/processhacker A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
[2808星][10m] [Py] plasma-disassembler/plasma Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
[2802星][19d] [C] klange/toaruos A completely-from-scratch hobby operating system: bootloader, kernel, drivers, C library, and userspace including a composited graphical UI, dynamic linker, syntax-highlighting text editor, network stack, etc.
[2789星][19d] [C++] qtox/qtox qTox is a chat, voice, video, and file transfer IM client using the encrypted peer-to-peer Tox protocol.
[2783星][19d] [Go] aquasecurity/trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
[2782星][2y] [C] seclab-ucr/intang research project for circumventing the "TCP reset attack" from the Great Firewall of China (GFW) by disrupting/desynchronizing the TCP Control Block (TCB) on the censorship devices.
[2733星][1m] [ObjC] dantheman827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
[2718星][3m] [Py] drivendata/cookiecutter-data-science A logical, reasonably standardized, but flexible project structure for doing and sharing data science work.
[2627星][29d] [JS] popcorn-official/popcorn-desktop Popcorn Time is a multi-platform, free software BitTorrent client that includes an integrated media player. Desktop ( Windows / Mac / Linux ) a Butter-Project Fork
[2625星][3m] [Swift] zhuhaow/nekit A toolkit for Network Extension Framework
[2625星][2m] [JS] knownsec/kcon KCon is a famous Hacker Con powered by Knownsec Team.
[2466星][8d] [PHP] misp/misp MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
[2406星][6d] [Java] mock-server/mockserver MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
[2402星][12m] [C] haad/proxychains a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.
[2391星][26d] [Java] mock-server/mockserver MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
[2374星][2m] [TeX] crypto101/book Crypto 101, the introductory book on cryptography.
[2364星][16d] [C] domoticz/domoticz monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more
[2357星][3m] [PHP] kint-php/kint Kint - a powerful and modern PHP debugging tool.
[2357星][9d] [PS] k8gege/k8tools K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
[2345星][4m] [Go] vuvuzela/vuvuzela Private messaging system that hides metadata
[2345星][6y] [C] stefanesser/dumpdecrypted Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
[2344星][22d] [C] tsl0922/ttyd Share your terminal over the web
[2332星][2m] [Shell] eliaskotlyar/xiaomi-dafang-hacks Xiaomi DaFang Hacks / XiaoFang 1S / Wyzecam V2 / Wyzecam Pan / Other T20 Devices
[2328星][2m] [Shell] v1s1t0r1sh3r3/airgeddon This is a multi-use bash script for Linux systems to audit wireless networks.
[2321星][5y] [C] abrasive/shairport Airtunes emulator! Shairport is no longer maintained.
[2314星][20d] [C] mintty/wsltty Mintty as a terminal for Bash on Ubuntu on Windows / WSL
[2314星][1y] [Java] csploit/android cSploit - The most complete and advanced IT security professional toolkit on Android.
[2305星][2m] [C] moby/hyperkit A toolkit for embedding hypervisor capabilities in your application
[2303星][1m] [C#] dotnetcore/dotnetspider DotnetSpider, a .NET Standard web crawling library. It is lightweight, efficient and fast high-level web crawling & scraping framework
[2262星][3m] [Py] novnc/websockify Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service. Implementations in Python, C, Node.js and Ruby.
[2238星][16d] [Go] aquasecurity/kube-bench Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
[2171星][2m] [Py] commixproject/commix Automated All-in-One OS command injection and exploitation tool.
[2169星][2m] gbdev/awesome-gbdev A curated list of Game Boy development resources such as tools, docs, emulators, related projects and open-source ROMs.
[2163星][1y] [C++] maestron/botnets This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
[2162星][2m] [C] conorpp/u2f-zero U2F USB token optimized for physical security, affordability, and style
[2149星][2m] [Py] jonathansalwan/ropgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
[2144星][4y] [Ruby] mojombo/god Ruby process monitor
[2138星][2y] [Py] rub-nds/pret Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
[2138星][1y] [Go] jetstack/kube-lego Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
[2138星][26d] [C] alexaltea/orbital Experimental PlayStation 4 emulator
[2137星][25d] [Assembly] pret/pokered disassembly of Pokémon Red/Blue
[2132星][26d] goq/telegram-list List of telegram groups, channels & bots // Список интересных групп, каналов и ботов телеграма // Список чатов для программистов
[2083星][9d] tanprathan/mobileapp-pentest-cheatsheet The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[2080星][2m] [Go] theupdateframework/notary Notary is a project that allows anyone to have trust over arbitrary collections of data
[2064星][21d] [Go] 42wim/matterbridge bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocket.chat, steam, twitch, ssh-chat, zulip, whatsapp, keybase, matrix and more with REST API (mattermost not required!)
[2054星][3d] [Java] jeremylong/dependencycheck OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
[2042星][1y] [C] minhaskamal/creepycodecollection A Nonsense Collection of Disgusting Codes (quine-polyglot-code-golf-obfuscated-signature-creepy-codes-mandelbrot-esoteric-language-esoteric-programming-strange-golfing-spooky-weird)
[2035星][21d] [Py] j3ssie/osmedeus Fully automated offensive security framework for reconnaissance and vulnerability scanning
[2034星][5m] [HTML] nikolait/googlescraper A Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, ...). Including asynchronous networking support.
[2031星][8d] [JS] jeremykenedy/laravel-auth Laravel 6 with user authentication, registration with email confirmation, social media authentication, password recovery, and captcha protection. Uses offical [Bootstrap 4](
[2028星][22d] [Go] projectdiscovery/subfinder Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
[2028星][22d] [Go] projectdiscovery/subfinder 使用Passive Sources, Search Engines, Pastebins, Internet Archives等查找子域名
[1986星][1m] [Go] ullaakut/cameradar Cameradar hacks its way into RTSP videosurveillance cameras
[1979星][9d] [Java] kyson/androidgodeye AndroidGodEye:A performance monitor tool , like "Android Studio profiler" for Android , you can easily monitor the performance of your app real time in pc browser
[1973星][2y] [Py] minimaxir/facebook-page-post-scraper Data scraper for Facebook Pages, and also code accompanying the blog post How to Scrape Data From Facebook Page Posts for Statistical Analysis
[1970星][7d] [C] adaway/adaway AdAway is an open source ad blocker for Android using the hosts file.
[1970星][25d] [Py] cea-sec/miasm Reverse engineering framework in Python
[1967星][2y] [Py] dormymo/spiderkeeper admin ui for scrapy/open source scrapinghub
[1966星][16d] [C] meituan-dianping/logan Logan is a lightweight case logging system based on mobile platform.
[1956星][2m] [Py] nixawk/pentest-wiki PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
[1955星][17d] [Go] solo-io/gloo An Envoy-Powered API Gateway
[1952星][3y] [C#] lazocoder/windows-hacks Creative and unusual things that can be done with the Windows API.
[1946星][7m] [Java] fuzion24/justtrustme An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
[1945星][20d] [Go] zalando/skipper An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress
[1945星][6d] [C#] lucasg/dependencies A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
[1944星][3y] [Py] aoncyberlabs/windows-exploit-suggester This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
[1923星][7d] [C++] acidanthera/lilu Arbitrary kext and process patching on macOS
[1921星][6m] [Py] scrapy/scrapyd A service daemon to run Scrapy spiders
[1919星][18d] [C] ntop/ndpi Open Source Deep Packet Inspection Software Toolkit
[1912星][20d] [Shell] toniblyx/prowler AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide:
[1877星][1m] [Java] adoptopenjdk/jitwatch Log analyser / visualiser for Java HotSpot JIT compiler. Inspect inlining decisions, hot methods, bytecode, and assembly. View results in the JavaFX user interface.
[1873星][2m] [C] tinyproxy/tinyproxy a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
[1872星][24d] [TS] rangle/augury Angular Debugging and Visualization Tools
[1857星][1y] [Java] yeriomin/yalpstore Download apks from Google Play Store
[1855星][18d] [Py] hunters-forge/threathunter-playbook A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
[1854星][25d] [C] github/glb-director GitHub Load Balancer Director and supporting tooling.
[1852星][1y] [Py] jinnlynn/genpac PAC/Dnsmasq/Wingy file Generator, working with gfwlist, support custom rules.
[1851星][7m] [Assembly] pooler/cpuminer cpuminer:莱特币和比特币的多线程 CPU 矿机
[1803星][1y] [Go] intelsdi-x/snap an open telemetry framework designed to simplify the collection, processing and publishing of system data through a single API.
[1801星][1y] [Py] ctfs/write-ups-2017 Wiki-like CTF write-ups repository, maintained by the community. 2017
[1770星][2y] [CSS] b374k/b374k a useful tool for system or web administrator to do remote management without using cpanel, connecting using ssh, ftp etc.
[1753星][5m] [Py] lgandx/responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
[1750星][10m] [Shell] ryanmjacobs/c Compile and execute C "scripts" in one go!
[1748星][4m] tunz/js-vuln-db A collection of JavaScript engine CVEs with PoCs
[1748星][2m] [PS] fireeye/flare-vm 火眼发布用于 Windows 恶意代码分析的虚拟机:FLARE VM
[1741星][2y] [Go] vzex/dog-tunnel p2p tunnel,(udp mode work with kcp,
[1740星][6m] [Shell] quericy/one-key-ikev2-vpn A bash script base on Centos or Ubuntu help you to create IKEV2/L2TP vpn.
[1740星][1y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
[1737星][14d] [TSQL] brentozarultd/sql-server-first-responder-kit sp_Blitz, sp_BlitzCache, sp_BlitzFirst, sp_BlitzIndex, and other SQL Server scripts for health checks and performance tuning.
[1731星][3y] [Go] s-rah/onionscan OnionScan is a free and open source tool for investigating the Dark Web.
[1727星][17d] [C] google/honggfuzz Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
[1714星][27d] [C++] microsoft/detours Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
[1714星][1m] [Go] hashicorp/memberlist Golang package for gossip based membership and failure detection
[1711星][16d] [HTML] clong/detectionlab Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
[1709星][23d] [Go] hunterlong/statping Status Page for monitoring your websites and applications with beautiful graphs, analytics, and plugins. Run on any type of environment.
[1708星][4y] [C] signal11/hidapi A Simple library for communicating with USB and Bluetooth HID devices on Linux, Mac, and Windows.
[1705星][4m] [PHP] xtr4nge/fruitywifi FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.
[1705星][1y] [Swift] haxpor/potatso Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework. ***This project is unmaintained, try taking a look at this fork
[1705星][10m] [CSS] bagder/http2-explained A detailed document explaining and documenting HTTP/2, the successor to the widely popular HTTP/1.1 protocol
[1670星][15d] [JS] ghacksuserjs/ghacks-user.js An ongoing comprehensive user.js template for configuring and hardening Firefox privacy, security and anti-fingerprinting
[1668星][3m] [Py] boppreh/keyboard Hook and simulate global keyboard events on Windows and Linux.
[1655星][2m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
[1655星][11m] [JS] evilcos/xssor2 XSS'OR - Hack with JavaScript.
[1654星][18d] [PHP] easyengine/easyengine Command-line control panel for Nginx Server to manage WordPress sites running on Nginx, PHP, MySQL, and Let's Encrypt
[1653星][7m] [Objective-C++] tencent/oomdetector OOMDetector is a memory monitoring component for iOS which provides you with OOM monitoring, memory allocation monitoring, memory leak detection and other functions.
[1653星][20d] [Go] bitnami-labs/sealed-secrets A Kubernetes controller and tool for one-way encrypted Secrets
[1645星][2m] [Shell] internetwache/gittools find websites with their .git repository available to the public
[1644星][12m] [C] dlundquist/sniproxy Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
[1608星][3m] [Java] internetarchive/heritrix3 Heritrix is the Internet Archive's open-source, extensible, web-scale, archival-quality web crawler project.
[1593星][4y] [Go] hu17889/go_spider An awesome Go concurrent Crawler(spider) framework. The crawler is flexible and modular. It can be expanded to an Individualized crawler easily or you can use the default crawl components only.
[1592星][3y] [C] jech/polipo The Polipo caching HTTP proxy
[1590星][1m] [Go] eolinker/goku-api-gateway A Powerful HTTP API Gateway in pure golang!Goku API Gateway (中文名:悟空 API 网关)是一个基于 Golang开发的微服务网关,能够实现高性能 HTTP API 转发、服务编排、多租户管理、API 访问权限控制等目的,拥有强大的自定义插件系统可以自行扩展,并且提供友好的图形化配置界面,能够快速帮助企业进行 API 服务治理、提高 API 服务的稳定性和安全性。