├── 0ps.md
├── Chan9390.md
├── README.md
├── Robot5.md
├── Trinea.md
├── ahhh.md
├── az0ne.md
├── byt3bl33d3r.md
├── hackwith.md
├── happyqq.md
├── imcoder.md
├── imcoder1.md
├── imcoderr.md
├── jpenalbae.md
├── kiang70.md
├── madhuakula.md
├── misterch0c.md
├── mubix.md
├── ring04h.md
├── riusksk.md
├── tcpsec.md
├── the-c0d3r.md
├── wizardforcel.md
└── xiaoxiaoleo.md


/0ps.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/0ps.md


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # awesome-hacking-tools
2 | hacking tools awesome lists
3 | 


--------------------------------------------------------------------------------
/Robot5.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/Robot5.md


--------------------------------------------------------------------------------
/ahhh.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [C](#c)

  9 |   - [C#](#c#)

 10 |   - [C++](#c++)

 11 |   - [CSS](#css)

 12 |   - [CoffeeScript](#coffeescript)

 13 |   - [Go](#go)

 14 |   - [HTML](#html)

 15 |   - [Hack](#hack)

 16 |   - [Java](#java)

 17 |   - [JavaScript](#javascript)

 18 |   - [OCaml](#ocaml)

 19 |   - [Others](#others)

 20 |   - [PHP](#php)

 21 |   - [Perl](#perl)

 22 |   - [Perl6](#perl6)

 23 |   - [PowerShell](#powershell)

 24 |   - [Propeller Spin](#propeller spin)

 25 |   - [Python](#python)

 26 |   - [Ruby](#ruby)

 27 |   - [Shell](#shell)

 28 |   - [Visual Basic](#visual basic)

 29 | 

 30 | ## C 
 31 | 
 32 | - [pentestkoala](https://github.com/mrschyte/pentestkoala) - Modified dropbear server which acts as a client and allows authless login

 33 | - [memz](https://github.com/rcktscnc/memz) - A Cleaner MEMZ

 34 | - [DoubleAgent](https://github.com/Cybellum/DoubleAgent) - Zero-Day Code Injection and Persistence Technique

 35 | - [vlany](https://github.com/mempodippy/vlany) - Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

 36 | - [public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) - Curated list of  public penetration test reports released by several consulting firms and academic security groups

 37 | - [patchkit](https://github.com/lunixbochs/patchkit) - binary patching from Python

 38 | - [mimikatz](https://github.com/gentilkiwi/mimikatz) - A little tool to play with Windows security

 39 | - [pafish](https://github.com/a0rtega/pafish) - Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.

 40 | - [netdata](https://github.com/firehol/netdata) - Get control of your servers. Simple. Effective. Awesome. https://my-netdata.io/

 41 | - [keychaindump](https://github.com/juuso/keychaindump) - A proof-of-concept tool for reading OS X keychain passwords

 42 | - [LiME](https://github.com/504ensicsLabs/LiME) - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.

 43 | - [MacDBG](https://github.com/blankwall/MacDBG) - Simple easy to use C and python debugging framework for OSX

 44 | - [the-sea-watcher](https://github.com/scumjr/the-sea-watcher) - Implementation of the SMM rootkit "The Watcher"

 45 | - [hostapd-mana](https://github.com/sensepost/hostapd-mana) - SensePost's patches to hostapd for rogue access points. First presented at Defcon 22

 46 | - [Shellcodes](https://github.com/P0cL4bs/Shellcodes) - 

 47 | - [Kadimus](https://github.com/P0cL4bs/Kadimus) - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...

 48 | - [hashcat](https://github.com/hashcat/hashcat) - World's fastest and most advanced password recovery utility

 49 | - [hashcat-legacy](https://github.com/hashcat/hashcat-legacy) - Advanced CPU-based password recovery utility

 50 | - [icmptunnel](https://github.com/DhavalKapil/icmptunnel) - Transparently tunnel your IP traffic through ICMP echo and reply packets.

 51 | - [pwnat](https://github.com/samyk/pwnat) - pwnat punches holes in firewalls and NATs allowing any numbers of clients behind NATs to directly connect to a server behind a different NAT using a newly developed technique with no 3rd party, port forwarding, DMZ or spoofing

 52 | - [jellyfish](https://github.com/x0r1/jellyfish) - GPU rootkit PoC by Team Jellyfish

 53 | - [Throwback](https://github.com/silentbreaksec/Throwback) - HTTP/S Beaconing Implant

 54 | - [azazel](https://github.com/chokepoint/azazel) - Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit.  It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.

 55 | 

 56 | ## C# # 
 57 | 
 58 | - [PowerForensics](https://github.com/Invoke-IR/PowerForensics) - PowerForensics provides an all in one platform for live disk forensic analysis

 59 | - [PSAttack](https://github.com/jaredhaight/PSAttack) - A portable console aimed at making pentesting with PowerShell a little easier.

 60 | - [r2dr2-udp-drdos-tool](https://github.com/daniel0x00/r2dr2-udp-drdos-tool) - DRDoS UDP amplification tool

 61 | - [Prefetch](https://github.com/EricZimmerman/Prefetch) - Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.

 62 | - [PSScriptAnalyzer](https://github.com/PowerShell/PSScriptAnalyzer) - Download ScriptAnalyzer from PowerShellGallery

 63 | - [QuasarRAT](https://github.com/quasar/QuasarRAT) - Remote Administration Tool for Windows

 64 | 

 65 | ## C++ 
 66 | 
 67 | - [GameHackingCode](https://github.com/GameHackingBook/GameHackingCode) - Example code for the book http://www.nostarch.com/gamehacking . PLEASE READ THE README

 68 | - [falco](https://github.com/draios/falco) - Behavioral Activity Monitoring With Container Support

 69 | - [SideStep](https://github.com/codewatchorg/SideStep) - Yet another AV evasion tool

 70 | - [LockyVaccine](https://github.com/cryptobioz/LockyVaccine) - Vaccines against Locky ransomware

 71 | - [flare-wmi](https://github.com/fireeye/flare-wmi) - 

 72 | - [wi-door](https://github.com/Vivek-Ramachandran/wi-door) - Wi-Fi Backdoors

 73 | 

 74 | ## CSS 
 75 | 
 76 | - [jack](https://github.com/sensepost/jack) - Drag and Drop ClickJacking PoC development assistance tool.

 77 | 

 78 | ## CoffeeScript 
 79 | 
 80 | - [hubot-reactions](https://github.com/vitapluvia/hubot-reactions) - 

 81 | 

 82 | ## Go 
 83 | 
 84 | - [url2img](https://github.com/gen2brain/url2img) - HTTP server with API for capturing screenshots of websites

 85 | - [go-mimikatz](https://github.com/vyrus001/go-mimikatz) - A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.

 86 | - [winrm-powershell](https://github.com/mefellows/winrm-powershell) - Run Powershell remotely from the CLI

 87 | - [pam-ussh](https://github.com/uber/pam-ussh) - uber's ssh certificate pam module

 88 | - [EGESPLOIT](https://github.com/EgeBalci/EGESPLOIT) - EGESPLOIT is a golang library for malware development

 89 | - [ransomware](https://github.com/mauri870/ransomware) - A windows crypto-ransomware (Academic)

 90 | - [w32](https://github.com/AllenDang/w32) - A wrapper of windows apis for the Go Programming Language.

 91 | - [powershell-reverse-http](https://github.com/mauri870/powershell-reverse-http) - :innocent: A Powershell exploit, windows native service with no virus signature that open a reverse http connection via meterpreter

 92 | - [phishery](https://github.com/ryhanson/phishery) - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

 93 | - [lonely-shell](https://github.com/vesche/lonely-shell) - minimal https reverse shell

 94 | - [osxlockdown](https://github.com/SummitRoute/osxlockdown) - [No longer maintained] Apple OS X tool to audit for, and remediate, security configuration settings.

 95 | - [gobuster](https://github.com/Matir/gobuster) - GoBuster is a directory-enumeration tool written in Go.

 96 | - [go-yara](https://github.com/hillu/go-yara) - Go bindings for YARA

 97 | - [knox](https://github.com/pinterest/knox) - Knox is a secret management service

 98 | - [clair](https://github.com/coreos/clair) - Vulnerability Static Analysis for Containers

 99 | - [Go_Shells](https://github.com/ahhh/Go_Shells) - a collection of shells written with the go programming language, golang

100 | 

101 | ## HTML 
102 | 
103 | - [gophish](https://github.com/gophish/gophish) - Open-Source Phishing Toolkit

104 | - [canarytokens](https://github.com/thinkst/canarytokens) - Canarytokens helps track activity and actions on your network.

105 | - [warberry](https://github.com/secgroundzero/warberry) - WarBerryPi - Tactical Exploitation

106 | - [memory-analysis](https://github.com/scudette/memory-analysis) - A Rekall interactive document for a Memory Analysis workshop/course.

107 | - [rekall-profiles](https://github.com/google/rekall-profiles) - Public Profile Repository for Rekall Memory Forensic.

108 | - [streisand](https://github.com/jlund/streisand) - Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

109 | - [lostpass](https://github.com/cxxr/lostpass) - Pixel-perfect LastPass phishing

110 | - [misc](https://github.com/StalkR/misc) - Little bit of this, little bit of that

111 | - [threat_note](https://github.com/defpoint/threat_note) - DPS' Lightweight Investigation Notebook

112 | 

113 | ## Hack 
114 | 
115 | - [fbctf](https://github.com/javuto/fbctf) - Platform to host Capture the Flag competitions

116 | - [fbctf](https://github.com/facebook/fbctf) - Platform to host Capture the Flag competitions

117 | 

118 | ## Java 
119 | 
120 | - [bypasswaf](https://github.com/codewatchorg/bypasswaf) - Add headers to all Burp requests to bypass some WAF products

121 | - [BurpSuiteLoggerPlusPlus](https://github.com/nccgroup/BurpSuiteLoggerPlusPlus) - Burp Suite Logger++: Log activities of all the tools in Burp Suite

122 | - [JavaSerialKiller](https://github.com/NetSPI/JavaSerialKiller) - Burp extension to perform Java Deserialization Attacks

123 | - [SerialKillerBypassGadgetCollection](https://github.com/pwntester/SerialKillerBypassGadgetCollection) - Collection of bypass gadgets to extend and wrap ysoserial payloads

124 | - [firescape](https://github.com/gen0cide-/firescape) - MMORPG client and server in Java for personal research

125 | 

126 | ## JavaScript 
127 | 
128 | - [mailparser](https://github.com/nodemailer/mailparser) - Decode mime formatted e-mails

129 | - [browser-autofill-phishing](https://github.com/anttiviljami/browser-autofill-phishing) - A simple demo of phishing by abusing the browser autofill feature

130 | - [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

131 | - [AnonymousToFacebook](https://github.com/Hua777/AnonymousToFacebook) - 使用 Node.js 與 FB API 架起來的匿名發文系統

132 | - [Minions](https://github.com/sixdub/Minions) - Collaborative Distributed Scanning Application (Uses modified DNmap on backend)

133 | - [cash](https://github.com/dthree/cash) - Cross-platform Linux commands in ES6

134 | - [OSXAuditor](https://github.com/jipegit/OSXAuditor) - OS X Auditor is a free Mac OS X computer forensics tool

135 | - [onedrive-api-docs](https://github.com/OneDrive/onedrive-api-docs) - Official documentation for the OneDrive API

136 | - [jsnes](https://github.com/bfirsh/jsnes) - A JavaScript NES emulator.

137 | 

138 | ## OCaml 
139 | 
140 | - [Batsh](https://github.com/BYVoid/Batsh) - A language that compiles to Bash and Windows Batch

141 | 

142 | ## Others 
143 | 
144 | - [awesome-cyber-skills](https://github.com/joe-shenouda/awesome-cyber-skills) - A curated list of hacking environments where you can train your cyber skills legally and safely

145 | - [CCDC](https://github.com/obscuresec/CCDC) - Scripts related to CCDC

146 | - [sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config) - Sysmon configuration file template with default high-quality event tracing

147 | - [misp-book](https://github.com/MISP/misp-book) - User guide of MISP

148 | - [awesome-threat-intelligence](https://github.com/hslatman/awesome-threat-intelligence) - A curated list of Awesome Threat Intelligence resources

149 | - [iocs](https://github.com/fireeye/iocs) - FireEye Publicly Shared Indicators of Compromise (IOCs)

150 | - [awesome-incident-response](https://github.com/meirwah/awesome-incident-response) - A curated list of tools for incident response

151 | - [awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) - A collected list of awesome security talks

152 | - [Malware](https://github.com/RPISEC/Malware) - Course materials for Malware Analysis by RPISEC

153 | - [dear-github](https://github.com/dear-github/dear-github) - :incoming_envelope: An open letter to GitHub from the maintainers of open source projects

154 | - [CheatSheets](https://github.com/HarmJ0y/CheatSheets) - Cheat sheets for various projects.

155 | - [python-pentest-tools](https://github.com/dloss/python-pentest-tools) - Python tools for penetration testers

156 | - [List](https://github.com/0x0mar/List) - webapp

157 | - [pwnableweb-scoreboard](https://github.com/Matir/pwnableweb-scoreboard) - Scoreboard for CTF Competitions

158 | 

159 | ## PHP 
160 | 
161 | - [FiercePhish](https://github.com/Raikia/FiercePhish) - FiercePhish is a full-fledged phishing framework to manage all phishing engagements.  It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

162 | - [sees](https://github.com/galkan/sees) - SEES aims to increase the success rate of phishing attacks by sending emails to company users as if they are coming from the very same company’s domain.

163 | - [MISP](https://github.com/MISP/MISP) - MISP - Malware Information Sharing Platform & Threat Sharing

164 | - [Sn1per](https://github.com/1N3/Sn1per) - Automated Pentest Recon Scanner

165 | - [DAws](https://github.com/dotcppfile/DAws) - Advanced Web Shell

166 | - [webshell](https://github.com/tennc/webshell) - This is a webshell open source project

167 | 

168 | ## Perl 
169 | 
170 | - [psychoPATH](https://github.com/ewilded/psychoPATH) - This little helper script attempts to generate all potential DOCUMENT_ROOT full paths for a given application.

171 | - [shelling](https://github.com/ewilded/shelling) - SHELLING - an offensive approach to the anatomy of improperly written OS command injection sanitisers

172 | 

173 | ## Perl6 
174 | 
175 | - [metasploit-vulnerability-emulator](https://github.com/rapid7/metasploit-vulnerability-emulator) - Created by Jin Qian via the GitHub Connector

176 | 

177 | ## PowerShell 
178 | 
179 | - [PSKernel-Primitives](https://github.com/FuzzySecurity/PSKernel-Primitives) - Exploit primitives for PowerShell

180 | - [Invoke-TheHash](https://github.com/Kevin-Robertson/Invoke-TheHash) - PowerShell Pass The Hash Utils

181 | - [fathomless](https://github.com/xor-function/fathomless) - A collection of different programs for network red teaming.

182 | - [PowerShell-Suite](https://github.com/FuzzySecurity/PowerShell-Suite) - My musings with PowerShell

183 | - [Misc-PowerShell-Stuff](https://github.com/enigma0x3/Misc-PowerShell-Stuff) - random powershell goodness

184 | - [WMIOps](https://github.com/ChrisTruncer/WMIOps) - This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.

185 | - [PowerShell](https://github.com/clymb3r/PowerShell) - Useful PowerShell scripts

186 | - [PowerTools](https://github.com/PowerShellEmpire/PowerTools) - PowerTools is a collection of PowerShell projects with a focus on offensive operations.

187 | - [PowerMemory](https://github.com/giMini/PowerMemory) - Exploit the credentials present in files and memory

188 | - [CrackMapExec](https://github.com/byt3bl33d3r/CrackMapExec) - A swiss army knife for pentesting networks

189 | - [PowerSCCM](https://github.com/PowerShellMafia/PowerSCCM) - PowerSCCM - PowerShell module to interact with SCCM deployments

190 | - [Tater](https://github.com/Kevin-Robertson/Tater) - Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec

191 | - [PoshRat](https://github.com/subTee/PoshRat) - PowerShell Reverse HTTPs Shell

192 | - [AutoBot](https://github.com/lholman/AutoBot) - Awesome little automater

193 | - [AutoBot-Scripts](https://github.com/lholman/AutoBot-Scripts) - Community PowerShell scripts for [AutoBot](https://github.com/lholman/AutoBot), the awesome little automater

194 | - [PowerPath](https://github.com/andyrobbins/PowerPath) - PowerShell implementations of path-finding algorithms using graph theory

195 | - [Kansa](https://github.com/davehull/Kansa) - A Powershell incident response framework

196 | - [VirusTotalShell](https://github.com/davehull/VirusTotalShell) - A fork of David B Heise's VirusTotal Powershell Module

197 | - [Mal-Seine](https://github.com/davehull/Mal-Seine) - Why hunt when you can seine?

198 | - [box-powershell-sdk-v2](https://github.com/box-community/box-powershell-sdk-v2) - Windows PowerShell SDK for Box API v2.

199 | - [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) - PowerSploit - A PowerShell Post-Exploitation Framework

200 | - [WMI_Backdoor](https://github.com/mattifestation/WMI_Backdoor) - A PoC WMI backdoor presented at Black Hat 2015

201 | - [PowerWorm](https://github.com/mattifestation/PowerWorm) - Analysis, detection, and removal of the "Power Worm" PowerShell-based malware

202 | - [Kautilya](https://github.com/samratashok/Kautilya) - Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.

203 | - [nishang](https://github.com/samratashok/nishang) - Nishang - PowerShell for penetration testing and offensive security.

204 | - [PoshCode](https://github.com/PoshCode/PoshCode) - PoshCode Modules for Packaging, Searching, Fetching

205 | - [PSReflect](https://github.com/mattifestation/PSReflect) - Easily define in-memory enums, structs, and Win32 functions in PowerShell

206 | - [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.

207 | - [Wifi_Trojans](https://github.com/ahhh/Wifi_Trojans) - A collection of wireless based bind and reverse connect shells for penetration testers to use in demonstrating persistence to a network via rouge access points.

208 | - [PSSE](https://github.com/ahhh/PSSE) - PowerShell Scripting Expert repository, contains template code for security and administrative scripting, largely derived through taking taking the SecurityTube PowerShell for Pentesters course

209 | - [Invoke-AltDSBackdoor](https://github.com/enigma0x3/Invoke-AltDSBackdoor) - 

210 | 

211 | ## Propeller Spin 
212 | 
213 | - [DEFCON22-BADGE](https://github.com/ahhh/DEFCON22-BADGE) - My custom code for the DEFCON22 Badge, all in good fun.

214 | 

215 | ## Python 
216 | 
217 | - [manticore](https://github.com/trailofbits/manticore) - Dynamic binary analysis tool

218 | - [fancybear](https://github.com/rickey-g/fancybear) - Fancy Bear Source Code

219 | - [mimipenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux user

220 | - [MS15-034-IIS-Active-DoS-Exploit-PoC](https://github.com/davidjura/MS15-034-IIS-Active-DoS-Exploit-PoC) - Proof of concept exploit script used to exploit the MS15-034 vulnerability in the Windows HTTP Protocol Stack (HTTP.sys)

221 | - [IIS_exploit](https://github.com/edwardz246003/IIS_exploit) - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

222 | - [fame](https://github.com/certsocietegenerale/fame) - FAME Automates Malware Evaluation

223 | - [gcp-audit](https://github.com/spotify/gcp-audit) - A tool for auditing security properties of GCP projects.

224 | - [YaraGenerator](https://github.com/Xen0ph0n/YaraGenerator) - Automatic Yara Rule Generation

225 | - [SSMA](https://github.com/secrary/SSMA) - SSMA - Simple Static Malware Analyzer

226 | - [streamalert](https://github.com/airbnb/streamalert) - StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

227 | - [aws-lambda](https://github.com/EvidentSecurity/aws-lambda) - AWS Lambda Code Samples

228 | - [sovereign](https://github.com/sovereign/sovereign) - A set of Ansible playbooks to build and maintain your own private cloud: email, calendar, contacts, file sync, IRC bouncer, VPN, and more.

229 | - [eyephish](https://github.com/phar/eyephish) - OpenCV based IDN option generator PoC

230 | - [honeybadger](https://github.com/lanmaster53/honeybadger) - 

231 | - [autopwn](https://github.com/nccgroup/autopwn) - Specify targets and run sets of tools against them

232 | - [zarp](https://github.com/hatRiot/zarp) - Network Attack Tool

233 | - [aws_pwn](https://github.com/dagrz/aws_pwn) - A collection of AWS penetration testing junk

234 | - [pyshell](https://github.com/praetorian-inc/pyshell) - PyShell makes interacting with web-based command injection less painful, emulating the feel of an interactive shell as much as possible.

235 | - [EQGRP](https://github.com/samgranger/EQGRP) - Mirror

236 | - [PINCE](https://github.com/korcankaraokcu/PINCE) - A reverse engineering tool that'll (hopefully) supply the place of Cheat Engine for linux

237 | - [splunk2resilient](https://github.com/ministryofpromise/splunk2resilient) - splunk alert script to create resilient tickets

238 | - [yarAnalyzer](https://github.com/Neo23x0/yarAnalyzer) - Yara Rule Analyzer and Statistics

239 | - [Loki](https://github.com/Neo23x0/Loki) - Loki - Simple IOC and Incident Response Scanner

240 | - [EmPyre](https://github.com/EmpireProject/EmPyre) - A post-exploitation OS X/Linux agent written in Python 2.7

241 | - [PhantomShodan](https://github.com/kranzrm/PhantomShodan) - Shodan.io connector for Phantom Cyber Security Orchestration

242 | - [simuvex](https://github.com/praetorian-inc/simuvex) - A symbolic execution engine for the VEX IR

243 | - [simple](https://github.com/vitapluvia/simple) - 

244 | - [angr](https://github.com/angr/angr) - The next-generation binary analysis platform from UC Santa Barbara's Seclab!

245 | - [angr-doc](https://github.com/angr/angr-doc) - Documentation for the angr suite

246 | - [detekt](https://github.com/botherder/detekt) - Malware triaging tool

247 | - [Winpayloads](https://github.com/nccgroup/Winpayloads) - Undetectable Windows Payload Generation

248 | - [featherduster](https://github.com/nccgroup/featherduster) - An automated, modular cryptanalysis tool

249 | - [CVE-2016-3714](https://github.com/Hood3dRob1n/CVE-2016-3714) - ImaegMagick Code Execution (CVE-2016-3714)

250 | - [FIR](https://github.com/certsocietegenerale/FIR) - Fast Incident Response

251 | - [vivisect](https://github.com/vivisect/vivisect) - 

252 | - [deprecated-binaryninja-python](https://github.com/Vector35/deprecated-binaryninja-python) - Deprecated Binary Ninja prototype written in Python

253 | - [ivre](https://github.com/cea-sec/ivre) - Network recon framework.

254 | - [thug](https://github.com/buffer/thug) - Python low-interaction honeyclient

255 | - [vmcloak](https://github.com/jbremer/vmcloak) - Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.

256 | - [exploits](https://github.com/dyntopia/exploits) - 

257 | - [JSRat-Py](https://github.com/Hood3dRob1n/JSRat-Py) - This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.

258 | - [GAM](https://github.com/jay0lee/GAM) - command line management for Google G Suite

259 | - [misp-modules](https://github.com/MISP/misp-modules) - Modules for expansion services, import and export in MISP

260 | - [dfirtriage](https://github.com/travisfoley/dfirtriage) - Digital forensic acquisition tool for Windows based incident response.

261 | - [PenTestScripts](https://github.com/ChrisTruncer/PenTestScripts) - Scripts that are useful for me on pen tests

262 | - [salt](https://github.com/saltstack/salt) - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:

263 | - [Satori](https://github.com/pasv/Satori) - Hunting system admins with Powershell/WMI

264 | - [HoneyPy](https://github.com/foospidy/HoneyPy) - A low interaction honeypot.

265 | - [viper](https://github.com/viper-framework/viper) - Binary analysis and management framework

266 | - [urlquery_python_api](https://github.com/CIRCL/urlquery_python_api) - Python API for URL Query

267 | - [AlienVaultLabs](https://github.com/AlienVault-Labs/AlienVaultLabs) - Alienvault Labs Projects Random Stuff

268 | - [python-deepviz](https://github.com/saferbytes/python-deepviz) - python-deepviz is a python wrapper for deepviz.com REST APIs

269 | - [CDQR](https://github.com/rough007/CDQR) - The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux and MacOS devices

270 | - [DET](https://github.com/sensepost/DET) - (extensible) Data Exfiltration Toolkit (DET)

271 | - [shells](https://github.com/deadbits/shells) - collection of useful shells for penetration tests

272 | - [image-analogies](https://github.com/awentzonline/image-analogies) - Generate image analogies using neural matching and blending.

273 | - [neural-doodle](https://github.com/alexjc/neural-doodle) - Turn your two-bit doodles into fine artworks with deep neural networks, generate seamless textures from photos, transfer style from one image to another, perform example-based upscaling, but wait... there's more! (An implementation of Semantic Style Transfer.)

274 | - [enteletaor](https://github.com/cr0hn/enteletaor) - Message Queue & Broker Injection tool

275 | - [dcept](https://github.com/secureworks/dcept) - A tool for deploying and detecting use of Active Directory honeytokens

276 | - [thefuck](https://github.com/nvbn/thefuck) - Magnificent app which corrects your previous console command.

277 | - [botnet-lab](https://github.com/jpdias/botnet-lab) - :lock: An IRC based tool for testing the capabilities of a botnet.

278 | - [chainbreaker](https://github.com/n0fate/chainbreaker) - Mac OS X Keychain Forensic Tool

279 | - [gladius](https://github.com/praetorian-inc/gladius) - Automated Responder/secretsdump.py cracking

280 | - [pentestly](https://github.com/praetorian-inc/pentestly) - Python and Powershell internal penetration testing framework

281 | - [DAMM](https://github.com/504ensicsLabs/DAMM) - Differential Analysis of Malware in Memory

282 | - [autoDANE](https://github.com/sensepost/autoDANE) - Auto Domain Admin and Network Exploitation.

283 | - [net-creds](https://github.com/DanMcInerney/net-creds) - Sniffs sensitive data from interface or pcap

284 | - [osxcollector_output_filters](https://github.com/Yelp/osxcollector_output_filters) - Filters that process and transform the output of osxcollector

285 | - [DylibHijack](https://github.com/synack/DylibHijack) - python utilities related to dylib hijacking on OS X

286 | - [GitHarvester](https://github.com/metac0rtex/GitHarvester) - 

287 | - [autoresp](https://github.com/DanMcInerney/autoresp) - Runs Responder, uploads hashes for cracking, alerts when cracked

288 | - [autoresponder](https://github.com/sensepost/autoresponder) - Quick python script to automatically load NTLM hashes from Responder logs and fires up Hashcat to crack them

289 | - [SPartan](https://github.com/sensepost/SPartan) - Frontpage and Sharepoint fingerprinting and attack tool.

290 | - [HQLmap](https://github.com/PaulSec/HQLmap) - (Deprecated) HQLmap, Automatic tool to exploit HQL injections

291 | - [CSRFT](https://github.com/PaulSec/CSRFT) - A lightweight CSRF Toolkit for easy Proof of concept

292 | - [twittor](https://github.com/PaulSec/twittor) - A fully featured backdoor that uses Twitter as a C&C server

293 | - [python_backdoor](https://github.com/az0ne/python_backdoor) - 过360主动防御360杀毒以前99%杀软的python后门

294 | - [WiFi-Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) - Framework for Rogue Wi-Fi Access Point Attack

295 | - [ptf](https://github.com/trustedsec/ptf) - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

296 | - [ghostunnel](https://github.com/square/ghostunnel) - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services

297 | - [Opy](https://github.com/QQuick/Opy) - Obfuscator for Python

298 | - [peel](https://github.com/frank2/peel) - PEEL is a Python library for being a Windows binary wizard. Literally. You will literally become the Gandalf of PE files.

299 | - [rekall](https://github.com/google/rekall) - Rekall Memory Forensic Framework

300 | - [pwntools](https://github.com/Gallopsled/pwntools) - CTF framework and exploit development library

301 | - [SNMP-Brute](https://github.com/SECFORCE/SNMP-Brute) - Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.

302 | - [Tunna](https://github.com/SECFORCE/Tunna) - Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

303 | - [sparta](https://github.com/SECFORCE/sparta) - Network Infrastructure Penetration Testing Tool

304 | - [xss2shell](https://github.com/Prochainezo/xss2shell) - Tool for abusing XSS vulnerabilities on Wordpress and Joomla! installations

305 | - [simple-salesforce](https://github.com/simple-salesforce/simple-salesforce) - A very simple Salesforce.com REST API client for Python

306 | - [macOS-Security-and-Privacy-Guide](https://github.com/drduh/macOS-Security-and-Privacy-Guide) - A practical guide to securing macOS.

307 | - [EyeWitness](https://github.com/ChrisTruncer/EyeWitness) - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

308 | - [scripts](https://github.com/averagesecurityguy/scripts) - Scripts I use during pentest engagements.

309 | - [data_hacking](https://github.com/ClickSecurity/data_hacking) - Click Security Data Hacking Project

310 | - [fisticuffs](https://github.com/aking1012/fisticuffs) - A growing implementation of a cloned game with simple game logic.  There's a Trello board if you want to see what parts I'm working to advance.

311 | - [pupy](https://github.com/n1nj4sec/pupy) - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

312 | - [crawler.py](https://github.com/DanMcInerney/crawler.py) - async web crawler

313 | - [get_proxy](https://github.com/DanMcInerney/get_proxy) - Py class that returns fastest http proxy

314 | - [search-bing](https://github.com/DanMcInerney/search-bing) - Search bing with python

315 | - [search-google](https://github.com/DanMcInerney/search-google) - Scrape google search results

316 | - [email2file](https://github.com/eudemonics/email2file) - script to download and save all email messages and attachments to file

317 | - [SPSE](https://github.com/ahhh/SPSE) - Collection of scripts created while taking the SecurityTube Python Scripting Expert course

318 | - [shellme](https://github.com/hatRiot/shellme) - simple shellcode generator

319 | - [smbmap](https://github.com/ShawnDEvans/smbmap) - SMBMap is a handy SMB enumeration tool

320 | - [libShell](https://github.com/Darkpaw95/libShell) - Library for creating modular shells.

321 | - [NTP_Trojan](https://github.com/ahhh/NTP_Trojan) - Reverse NTP remote access trojan in python, for penetration testers

322 | - [kerberoast](https://github.com/nidem/kerberoast) - 

323 | - [Reverse_SSH_Shell](https://github.com/ahhh/Reverse_SSH_Shell) - A reverse ssh shell written in python, intended for penetration testers to use as a covert channel on windows

324 | - [Reverse_HTTPS_Bot](https://github.com/ahhh/Reverse_HTTPS_Bot) - A python based https remote access trojan for penetration testing

325 | - [osxcollector](https://github.com/Yelp/osxcollector) - A forensic evidence collection & analysis toolkit for OS X

326 | - [Scout2](https://github.com/nccgroup/Scout2) - Security auditing tool for AWS environments

327 | - [Scripts](https://github.com/skyleronken/Scripts) - 

328 | - [InsurgentFramework](https://github.com/skyleronken/InsurgentFramework) - A framework for creating modular bots/backdoors

329 | - [XMPP_Shell_Bot](https://github.com/ahhh/XMPP_Shell_Bot) - A shell / chat bot for XMPP and cloud services

330 | - [Stego_Dropper](https://github.com/ahhh/Stego_Dropper) - A python based dropper, that uses steganography and an image over http to transfer a file

331 | - [LoginScan](https://github.com/Matir/LoginScan) - Scanner for document roots/URLs.

332 | - [analysis-tools](https://github.com/Matir/analysis-tools) - Miscellaneous analysis tools

333 | - [Reverse_DNS_Shell](https://github.com/ahhh/Reverse_DNS_Shell) - A python reverse shell that uses DNS as the c2 channel

334 | - [Responder](https://github.com/SpiderLabs/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

335 | 

336 | ## Ruby 
337 | 
338 | - [keyjacker](https://github.com/erran/keyjacker) - Keyjacker enumerates Mac keychains and displays plain text passwords.

339 | - [IntData](https://github.com/cryptobioz/IntData) - IntData is a forensic tool for fast research in the memory of your iPhone, iPad or iPod

340 | - [go-derper](https://github.com/sensepost/go-derper) - Memcache hacking tool.

341 | - [test-kitchen](https://github.com/test-kitchen/test-kitchen) - Test Kitchen is an integration tool for developing and testing infrastructure code and software on isolated target platforms.

342 | - [bettercap-proxy-modules](https://github.com/evilsocket/bettercap-proxy-modules) - This repository contains some bettercap transparent proxy example modules.

343 | - [bettercap](https://github.com/evilsocket/bettercap) - A complete, modular, portable and easily extensible MITM framework.

344 | - [bassethound](https://github.com/gen0cide-/bassethound) - Check the validity of email addresses

345 | - [ocra](https://github.com/larsch/ocra) - One-Click Ruby Application Builder

346 | 

347 | ## Shell 
348 | 
349 | - [unfetter](https://github.com/unfetter-analytic/unfetter) - Main Build directory

350 | - [yodo](https://github.com/b3rito/yodo) - Local Privilege Escalation

351 | - [sof-elk](https://github.com/philhagen/sof-elk) - Configuration files for the SOF-ELK VM, used in SANS FOR572

352 | - [2016-security-scripts](https://github.com/inversoft/2016-security-scripts) - Scripts built from our 2016 Guide to User Data Security

353 | - [epictreasure](https://github.com/praetorian-inc/epictreasure) - radare, angr, pwndbg, binjitsu, ect in a box ready for pwning

354 | - [Linux-RDP](https://github.com/Hood3dRob1n/Linux-RDP) - Linux RDP Scanner and Bruteforcer Scripts

355 | - [brootkit](https://github.com/cloudsec/brootkit) - Lightweight rootkit implemented by bash shell scripts v0.10

356 | - [afdns](https://github.com/Kolyunya/afdns) - Ad free DNS server. A docker container with a DNS server configured to block advertisement hosts.

357 | - [random](https://github.com/obscuresec/random) - Scripts that aren't PowerShell

358 | - [htshells](https://github.com/wireghoul/htshells) - Self contained htaccess shells and attacks

359 | - [n4p](https://github.com/Cyb3r-Assassin/n4p) - Offensives network security framework for Wireless and MiTM style hacking

360 | 

361 | ## Visual Basic 
362 | 
363 | - [PlasmaRAT](https://github.com/mwsrc/PlasmaRAT) - Remote Access Trojan(RAT), Miner, DDoS

364 | - [BetterRAT](https://github.com/mwsrc/BetterRAT) - Better Remote Access Trojan

365 | 

366 | 
367 | ## License
368 | 
369 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
370 | 
371 | To the extent possible under law, [ahhh](https://github.com/ahhh) has waived all copyright and related or neighboring rights to this work.
372 | 
373 | 


--------------------------------------------------------------------------------
/az0ne.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [Batchfile](#batchfile)

  9 |   - [C](#c)

 10 |   - [C#](#c#)

 11 |   - [C++](#c++)

 12 |   - [CSS](#css)

 13 |   - [Go](#go)

 14 |   - [HTML](#html)

 15 |   - [Java](#java)

 16 |   - [JavaScript](#javascript)

 17 |   - [KiCad](#kicad)

 18 |   - [Lua](#lua)

 19 |   - [Objective-C](#objective-c)

 20 |   - [Others](#others)

 21 |   - [PHP](#php)

 22 |   - [Perl](#perl)

 23 |   - [Python](#python)

 24 |   - [Ruby](#ruby)

 25 |   - [Shell](#shell)

 26 |   - [Vue](#vue)

 27 | 

 28 | ## Batchfile 
 29 | 
 30 | - [win-socks-to-Virtual-adapter](https://github.com/rufengsuixing/win-socks-to-Virtual-adapter) - 帮助你将socks代理转到一张虚拟网卡上，所有经过虚拟网卡的流量会被发送到代理

 31 | 

 32 | ## C 
 33 | 
 34 | - [gps-sdr-sim](https://github.com/osqzss/gps-sdr-sim) - Software-Defined GPS Signal Simulator

 35 | - [au3miner](https://github.com/sneurlax/au3miner) - 

 36 | - [Kadimus](https://github.com/P0cL4bs/Kadimus) - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it...

 37 | - [qqee_portscan_syn](https://github.com/qqee/qqee_portscan_syn) - 纯C跨平台端口扫描引擎(syn握手包/多线程/原子)，同时扫描1亿个ip占470MB内存，自动对抗防火墙。

 38 | - [DoubleAgent](https://github.com/Cybellum/DoubleAgent) - Zero-Day Code Injection and Persistence Technique

 39 | - [VoIPong](https://github.com/EnderUNIX/VoIPong) - VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to seperate wave files. It supports SIP, H323, Cisco's Skinny Client Protocol, RTP and RTCP.

 40 | - [Invoke-Vnc](https://github.com/artkond/Invoke-Vnc) - Powershell VNC injector

 41 | - [exploit](https://github.com/cloudsec/exploit) - Some kernel exploit i wrote

 42 | 

 43 | ## C# # 
 44 | 
 45 | - [WifiWarDriveLogParser](https://github.com/ceramicskate0/WifiWarDriveLogParser) - Parse Kismet Logs in Windows Forms

 46 | 

 47 | ## C++ 
 48 | 
 49 | - [smartnet-scanner](https://github.com/robotastic/smartnet-scanner) - GNURadio based scanner for SmartNet II Digital radio systems.

 50 | - [smartnet-recorder](https://github.com/robotastic/smartnet-recorder) - This project is no longer active, checkout Trunk Recorder instead

 51 | - [StupidKeylogger](https://github.com/MinhasKamal/StupidKeylogger) - A Terrific Keystroke Recorder (keylogger-key-logger-spyware-spy-trojan-simple-virus-for-windows-10-7-xp-smart)

 52 | - [pyflame](https://github.com/uber/pyflame) - Pyflame: A Ptracing Profiler For Python

 53 | 

 54 | ## CSS 
 55 | 
 56 | - [chromebackdoor](https://github.com/graniet/chromebackdoor) - Chromebackdoor is a pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malicious extension or  script on most popular browsers, and send all DOM datas on command and control.

 57 | 

 58 | ## Go 
 59 | 
 60 | - [open-ethereum-pool](https://github.com/sammy007/open-ethereum-pool) - Open Ethereum Mining Pool

 61 | - [cnki-downloader](https://github.com/amyhaber/cnki-downloader) - 知网(CNKI)文献下载工具

 62 | - [DBShield](https://github.com/nim4/DBShield) - Database firewall written in Go

 63 | - [go-mimikatz](https://github.com/ahhh/go-mimikatz) - A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.

 64 | 

 65 | ## HTML 
 66 | 
 67 | - [WamaCry](https://github.com/bitdust/WamaCry) - a fake WannaCry

 68 | - [extract-html-diff](https://github.com/TeamHG-Memex/extract-html-diff) - extract difference between two html pages

 69 | - [visualize_logs](https://github.com/keithjjones/visualize_logs) - A Python library and command line tools to provide interactive log visualization.

 70 | 

 71 | ## Java 
 72 | 
 73 | - [YougetGUI](https://github.com/bajingxiaozi/YougetGUI) - you-get 的Windows Java图形化界面实现

 74 | - [UniversalMediaServer](https://github.com/UniversalMediaServer/UniversalMediaServer) - A DLNA-compliant UPnP Media Server.

 75 | - [Android-IMSI-Catcher-Detector](https://github.com/CCrashBandicot/Android-IMSI-Catcher-Detector) - Detect and avoid IMSI-Catchers, StingRay and Silent SMS - with AIMSICD!

 76 | 

 77 | ## JavaScript 
 78 | 
 79 | - [smartnet-player](https://github.com/robotastic/smartnet-player) - A NodeJS based website that allows for the playback of captured SmartNet II Radio Transmissions

 80 | - [viz_alibaba_2016](https://github.com/guoweish/viz_alibaba_2016) - 可视化项目开源－2016阿里天池可视化大赛－专业组－媒体特别奖

 81 | - [DataVisual](https://github.com/wangyapu0714/DataVisual) - 数据可视化平台

 82 | - [mapv](https://github.com/huiyan-fe/mapv) - a library of geography visualization-地理信息可视化库

 83 | - [add-ons](https://github.com/NoneNotNull/add-ons) - 学习FF的WebExtensions的时候写的一些插件

 84 | - [electron-anyproxy](https://github.com/fwon/electron-anyproxy) - 📢  A http/https proxy client, using to analyze and mock.

 85 | - [docker-compose-ui](https://github.com/francescou/docker-compose-ui) - web interface for Docker Compose

 86 | - [beauty](https://github.com/beauty-enjoy/beauty) - 👙  VUE + VUEX + FIREBASE + BULMA … 实现的 SPA SSR 同构项目 - demo

 87 | - [typing.js](https://github.com/coffeedeveloper/typing.js) - javascript typing plugin

 88 | - [turntable](https://github.com/coffeedeveloper/turntable) - 

 89 | - [jumpserver](https://github.com/jumpserver/jumpserver) - 开源跳板机(堡垒机):认证,授权,审计,自动化运维(Open source springboard machine ( fortress machine ): Authentication, authorization, audit, automated operation and maintenance).http://www.jumpserver.org

 90 | - [electron-apps](https://github.com/electron/electron-apps) - A collection of apps built on Electron

 91 | - [dLInkCopy](https://github.com/wheato/dLInkCopy) - 

 92 | - [simple_zoomeye](https://github.com/az0ne/simple_zoomeye) - 一个还正在完善的项目，采用分布式python扫描全国的HTTP服务

 93 | - [PiGUI](https://github.com/scottmoss/PiGUI) - Raspberry Pi Web GUI (NodeJS)

 94 | - [rpi-web-control](https://github.com/openhomeautomation/rpi-web-control) - Control Raspberry Pi from anywhere

 95 | 

 96 | ## KiCad 
 97 | 
 98 | - [lens](https://github.com/byt3bl33d3r/lens) - Tap live cabling for inspection and injection

 99 | 

100 | ## Lua 
101 | 
102 | - [hydra.nse](https://github.com/lelybar/hydra.nse) - NSE-script for brute force open ports

103 | - [quick-scripts](https://github.com/pr4jwal/quick-scripts) - A collection of my quick and dirty scripts

104 | 

105 | ## Objective-C 
106 | 
107 | - [MotionDetector](https://github.com/pgalex/MotionDetector) - Detects motion in video frames taken from camera. Motion detection with AVFoundation

108 | - [ZCXMPPManager](https://github.com/149393437/ZCXMPPManager) - /*  版本说明 iOS研究院 305044955  XMPP封装2.2版本  修改了ZCXMPPManager支持为ARC版本  增加了一些宏定义  修改一些拼写错误  修复少量bug  XMPP封装2.1版本  修复断开连接清空请求信息、好友验证混乱  修复多用户聊天信息混乱  修复其他好友给我发送消息，当前聊天信息偏移  修复少量内存泄露  XMPP封装2.0版本  修复好友列表卡死、对方发送消息在最近联系人列表中不显示的问题  修复最近联系人刷新不及时的问题，添加了一个广播kXMPPNewMsgNotifaction  新增接口    获取好友名片，扩展方法为block，不会在获取不到了    扩展创建聊天室接口    离开房间接口    修改房间名称    查找特定房间配置  XMPP封装1.0版本  完成注册、登录、好友列表、判断是否是好友、好友资料、验证消息、收到请求验证消息、发送消息、聊天记录、个人中心、最近联系人、获取所有聊天室、发送群聊天信息、加入聊天室、创建聊天室、拒绝加入聊天室、发送邀请群 */

109 | 

110 | ## Others 
111 | 
112 | - [RFSec-ToolKit](https://github.com/cn0xroot/RFSec-ToolKit) - RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.

113 | - [documentation](https://github.com/tootsuite/documentation) - Full documentation repository for Mastodon

114 | - [awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc) - ✍️ A curated list of CVE PoCs.

115 | - [wordlist](https://github.com/jeanphorn/wordlist) - Collection of some common wordlists such as RDP password, user name list, ssh password wordlist for brute force. IP Cameras Default Passwords.

116 | - [ADB-Backup-APK-Injection](https://github.com/irsl/ADB-Backup-APK-Injection) - Android ADB backup APK Injection POC

117 | - [golocproxy](https://github.com/0ps/golocproxy) - 轻量级超强反向代理软件，用go语言开发，通过公共可知的服务器端口代理，把局域网内任何主机的本地服务发布给局域网外的用户，可用来跨越各种防火墙。

118 | - [KM-IT](https://github.com/bigzhu/KM-IT) - 收集昆明的IT公司

119 | - [awesome-flask](https://github.com/humiaozuzu/awesome-flask) - A curated list of awesome Flask resources and plugins

120 | - [v-note](https://github.com/zhouningyi/v-note) - 数据可视化笔记

121 | - [AZScanner](https://github.com/az0ne/AZScanner) - 自动漏洞扫描器，自动子域名爆破，自动爬取注入，调用sqlmapapi检测注入，端口扫描，目录爆破，子网段服务探测及其端口扫描，常用框架漏洞检测。 Automatic scanner, automatic sub domain blasting, automatic crawl injection, injection, call the sqlmapapi port scan detection, directory service detection and segment blasting, port scanning, vulnerability detection framework commonly used.

122 | - [BlackHat2015Arsenal](https://github.com/jelakesh/BlackHat2015Arsenal) - My Quick Note of BlackHat 2015 Arsenal

123 | - [WEIBO_USER_DATA](https://github.com/az0ne/WEIBO_USER_DATA) - 一个以前的项目 收集了20W新浪微博用户的数据 可以用于数据分析

124 | - [awesome-pentest](https://github.com/s4n7h0/awesome-pentest) - A collection of awesome penetration testing resources, tools and other shiny things

125 | 

126 | ## PHP 
127 | 
128 | - [Tieba-Cloud-Sign](https://github.com/MoeNetwork/Tieba-Cloud-Sign) - 百度贴吧云签到，在服务器上配置好就无需进行任何操作便可以实现贴吧的全自动签到。配合插件使用还可实现云灌水、点赞、封禁、删帖、审查等功能  http://zhizhe8.net

129 | - [FiercePhish](https://github.com/Raikia/FiercePhish) - FiercePhish is a full-fledged phishing framework to manage all phishing engagements.  It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

130 | - [card](https://github.com/az0ne/card) - 饭卡管理系统一个渣渣php作业，前端用bootstrap就这样

131 | - [SCANNER-INURLBR](https://github.com/googleinurl/SCANNER-INURLBR) - Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

132 | 

133 | ## Perl 
134 | 
135 | - [EQGRP](https://github.com/x0rz/EQGRP) - Decrypted content of eqgrp-auction-file.tar.xz

136 | - [nipe](https://github.com/wy931207/nipe) - Script to redirect all traffic from the machine to the Tor network.

137 | - [tcpdumpster](https://github.com/az0ne/tcpdumpster) - TCP Packet Monitoring with HTML Web Rendering Support via Gnuplot

138 | 

139 | ## Python 
140 | 
141 | - [pyrebox](https://github.com/Cisco-Talos/pyrebox) - Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

142 | - [xgoogle](https://github.com/pkrumins/xgoogle) - Python library to Google services (google search, google sets, google translate, sponsored links)

143 | - [pywinrm](https://github.com/diyan/pywinrm) - Python library for Windows Remote Management (WinRM)

144 | - [sqli-proxy](https://github.com/OneSourceCat/sqli-proxy) - 

145 | - [wechat_sender](https://github.com/bluedazzle/wechat_sender) - 随时随地发送消息到微信

146 | - [NagaScan](https://github.com/brianwrf/NagaScan) - NagaScan is a distributed passive scanner for Web application.

147 | - [sfish_pt](https://github.com/superfish9/sfish_pt) - 

148 | - [3102](https://github.com/fooying/3102) - A domain/ip fuzzing tool for vulnerability mining

149 | - [DouyuTV](https://github.com/rieuse/DouyuTV) - DouyuTV弹幕，房间信息爬取，数据分析

150 | - [zabbixPwn](https://github.com/RicterZ/zabbixPwn) - Zabbix Jsrpc.php Injection Exploit

151 | - [fdslight](https://github.com/fdslight/fdslight) - IP层代理软件(VPN)，支持Linux路由器设备和Linux本地代理，可以加速你的海外网络访问

152 | - [ShadowSocks-Client](https://github.com/huaisha1224/ShadowSocks-Client) - The ShadowSocks client is a support multiple server port and password

153 | - [doublepulsar-c2-traffic-decryptor](https://github.com/countercept/doublepulsar-c2-traffic-decryptor) - A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implant

154 | - [jieba](https://github.com/fxsjy/jieba) - 结巴中文分词

155 | - [BossSensor](https://github.com/Hironsan/BossSensor) - Hide screen when boss is approaching.

156 | - [WiFi-Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) - Framework for Rogue Wi-Fi Access Point Attack https://www.patreon.com/wifipumpkin

157 | - [massann_dahua](https://github.com/Nzt2/massann_dahua) - Masscan and Dahua parser to xml for Smart PSS

158 | - [Crawler-Practice-01](https://github.com/dRl-l/Crawler-Practice-01) - 从CVE中文漏洞信息库中爬取给定CVSS评分区间的漏洞名，并对其进行百度搜索，检索网页中该漏洞名出现次数

159 | - [SpiderKeeper](https://github.com/DormyMo/SpiderKeeper) - admin ui for scrapy/open source scrapinghub

160 | - [WebHubBot](https://github.com/xiyouMc/WebHubBot) - Python + Scrapy + MongoDB . 5 million data per day !!!💥  The world's largest website.

161 | - [mimipy](https://github.com/n1nj4sec/mimipy) - port of mimipenguin.sh in python with some additional protection features

162 | - [mimipenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux user

163 | - [IPProxyTool](https://github.com/awolfly9/IPProxyTool) - python ip proxy tool  scrapy crawl. 抓取大量免费代理 ip，提取有效 ip 使用

164 | - [Nyspider](https://github.com/Nyloner/Nyspider) - 各种爬虫---大众点评,安居客，58，人人贷，拍拍贷, IT桔子,拉勾网，豆瓣,搜房网,ASO100,气象数据,猫眼电影,链家,PM25.in...

165 | - [textfilter](https://github.com/observerss/textfilter) - 敏感词过滤的几种实现+某1w词敏感词库

166 | - [dnsmaper](https://github.com/GavinRoc/dnsmaper) - 子域名枚举与地图标记

167 | - [IIS_exploit](https://github.com/edwardz246003/IIS_exploit) - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

168 | - [htmltreediff](https://github.com/christian-oudard/htmltreediff) - Structure-aware diff for html and xml documents

169 | - [htmldiff](https://github.com/mitsuhiko/htmldiff) - Diffs arbitrary HTML inline

170 | - [Stitch](https://github.com/nathanlopez/Stitch) - Python Remote Administration Tool (RAT)

171 | - [odoo](https://github.com/odoo/odoo) - Odoo. Open Source Apps To Grow Your Business.

172 | - [java_deserialization_exploits](https://github.com/CoalfireLabs/java_deserialization_exploits) - A collection of Java Deserialization Exploits

173 | - [struts-pwn](https://github.com/mazen160/struts-pwn) - An exploit for Apache Struts CVE-2017-5638

174 | - [PyJFuzz](https://github.com/mseclab/PyJFuzz) - PyJFuzz - Python JSON Fuzzer

175 | - [androguard](https://github.com/androguard/androguard) - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

176 | - [storm](https://github.com/hw20686832/storm) - Manage your SSH like a boss.

177 | - [programming-languages-influence](https://github.com/yaph/programming-languages-influence) - Code to retrieve data for the programming languages influence visualizations from Freebase

178 | - [QQSpider](https://github.com/LiuXingMing/QQSpider) - QQ空间爬虫（日志、说说、个人信息）

179 | - [pyavbot-getready](https://github.com/omegacoleman/pyavbot-getready) - 为写avbot的python克隆做的准备工作。

180 | - [QQ-Groups-Spider](https://github.com/caspartse/QQ-Groups-Spider) - QQ Groups Spider（QQ 群爬虫）

181 | - [Github_Nuggests](https://github.com/az0ne/Github_Nuggests) - 自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱

182 | - [MongoDB_AutoDump](https://github.com/az0ne/MongoDB_AutoDump) - 用于快速探测未授权MongoDB数据库结构，取第一条内容，并统计数据数量。A tool for  unauthorized MongoDB database , take the first content, and the number of statistical data.

183 | - [joomla_exp](https://github.com/az0ne/joomla_exp) - joomla 反序列化漏洞 getshell EXP，感觉别人的用着不太对，所以自己动手造了一个

184 | - [autoexp_plc](https://github.com/az0ne/autoexp_plc) - omron工控设备漏洞批量验证

185 | - [facedetect](https://github.com/ahmetkotan/facedetect) - Face and Eye Detect

186 | - [YaraGenerator](https://github.com/cd3l3on/YaraGenerator) - Automatic Yara Rule Generation

187 | - [django-angular](https://github.com/cd3l3on/django-angular) - Let AngularJS play well with Django

188 | - [jboss_autoexploit](https://github.com/az0ne/jboss_autoexploit) - JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution​ 漏洞批量检测

189 | - [autogetshell](https://github.com/az0ne/autogetshell) - phpstudy批量检测mysql弱口令

190 | - [digger](https://github.com/az0ne/digger) - python版挖掘鸡

191 | - [python_backdoor](https://github.com/az0ne/python_backdoor) - 过360主动防御360杀毒以前99%杀软的python后门

192 | - [patator](https://github.com/az0ne/patator) - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

193 | - [samsung-ime-rce-poc](https://github.com/nowsecure/samsung-ime-rce-poc) - Samsung Remote Code Execution as System User

194 | - [raspi-printer](https://github.com/andrewn/raspi-printer) - Use a Raspberry Pi to control your Freerange printer

195 | - [Instagram-Printer-RP](https://github.com/jonathanlking/Instagram-Printer-RP) - Create your own Instagram printer with a Raspberry Pi, Polaroid Pogo and web server.

196 | - [raspberry-pi-security-camera](https://github.com/andygrn/raspberry-pi-security-camera) - Motion detecting camera + web GUI for Raspberry Pi Camera Module

197 | - [Raspberry_Pi_Web_Player](https://github.com/jialeicui/Raspberry_Pi_Web_Player) - 基于web.py开发树莓派播放器, 用网页进行控制

198 | - [weibo-raspberrypi-arduino](https://github.com/lvyaojia/weibo-raspberrypi-arduino) - use raspberry pi to get real-time mentions(weibo), the mentions will be as the commands to control arduino.

199 | - [SmartQQ-for-Raspberry-Pi](https://github.com/xqin/SmartQQ-for-Raspberry-Pi) - 基于 SmartQQ 编写, 采用QQ安全中心的二维码做为登陆条件 的WebQQ客户端

200 | - [CMS-Exploit-Framework](https://github.com/chuhades/CMS-Exploit-Framework) - CMS Exploit Framework

201 | - [binwalk](https://github.com/devttys0/binwalk) - Firmware Analysis Tool

202 | 

203 | ## Ruby 
204 | 
205 | - [mastodon](https://github.com/tootsuite/mastodon) - A GNU Social-compatible microblogging server

206 | - [htmldiff](https://github.com/myobie/htmldiff) - A diff library that uses html tags to show differences

207 | - [discourse](https://github.com/discourse/discourse) - A platform for community discussion. Free, open, simple.

208 | 

209 | ## Shell 
210 | 
211 | - [shARP](https://github.com/europa502/shARP) - An anti-ARP-spoofing application software that use active scanning method to detect and remove any ARP-spoofer from the network.

212 | - [HT-WPS-Breaker](https://github.com/SilentGhostX/HT-WPS-Breaker) - HT-WPS Breaker (High Touch WPS Breaker)

213 | 

214 | ## Vue 
215 | 
216 | - [Hawkeye](https://github.com/0xbug/Hawkeye) - GitHub 泄露监控系统

217 | 

218 | 
219 | ## License
220 | 
221 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
222 | 
223 | To the extent possible under law, [az0ne](https://github.com/az0ne) has waived all copyright and related or neighboring rights to this work.
224 | 
225 | 


--------------------------------------------------------------------------------
/byt3bl33d3r.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [ActionScript](#actionscript)

  9 |   - [Assembly](#assembly)

 10 |   - [C](#c)

 11 |   - [C#](#c#)

 12 |   - [C++](#c++)

 13 |   - [CSS](#css)

 14 |   - [Dart](#dart)

 15 |   - [Go](#go)

 16 |   - [Groff](#groff)

 17 |   - [HTML](#html)

 18 |   - [Haskell](#haskell)

 19 |   - [Java](#java)

 20 |   - [JavaScript](#javascript)

 21 |   - [Jupyter Notebook](#jupyter notebook)

 22 |   - [Lua](#lua)

 23 |   - [Others](#others)

 24 |   - [PHP](#php)

 25 |   - [PLpgSQL](#plpgsql)

 26 |   - [Perl](#perl)

 27 |   - [Pony](#pony)

 28 |   - [PowerShell](#powershell)

 29 |   - [Python](#python)

 30 |   - [Roff](#roff)

 31 |   - [Ruby](#ruby)

 32 |   - [Rust](#rust)

 33 |   - [Shell](#shell)

 34 |   - [VimL](#viml)

 35 |   - [Visual Basic](#visual basic)

 36 | 

 37 | ## ActionScript 
 38 | 
 39 | - [Flashbang](https://github.com/cure53/Flashbang) - Project "Flashbang" - An open-source Flash-security helper

 40 | 

 41 | ## Assembly 
 42 | 
 43 | - [LoadDll](https://github.com/edix/LoadDll) - Better version of RunDll with GUI. This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry Point call (DllMain) or if you want to call directly an exported function of the DLL.

 44 | - [pokecrystal](https://github.com/pret/pokecrystal) - disassembly of Pokémon Crystal

 45 | 

 46 | ## C 
 47 | 
 48 | - [DoubleAgent](https://github.com/Cybellum/DoubleAgent) - Zero-Day Code Injection and Persistence Technique

 49 | - [Invoke-Vnc](https://github.com/artkond/Invoke-Vnc) - Powershell VNC injector

 50 | - [phc-winner-argon2](https://github.com/P-H-C/phc-winner-argon2) - The password hash Argon2, winner of PHC

 51 | - [CVE-2016-5195](https://github.com/timwr/CVE-2016-5195) - CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android

 52 | - [no-more-secrets](https://github.com/bartobri/no-more-secrets) - A recreation of the famous data decryption effect as seen in the 1992 movie Sneakers.

 53 | - [patchkit](https://github.com/lunixbochs/patchkit) - binary patching from Python

 54 | - [winafl](https://github.com/ivanfratric/winafl) - A fork of AFL for fuzzing Windows binaries

 55 | - [ExtractKeyMaster](https://github.com/laginimaineb/ExtractKeyMaster) - Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431

 56 | - [warp17](https://github.com/Juniper/warp17) - The Stateful Traffic Generator for Layer 1 to Layer 7

 57 | - [pivoter](https://github.com/trustedsec/pivoter) - Pivoter is a proxy tool for pentesters to have easier lateral movement.

 58 | - [Throwback](https://github.com/silentbreaksec/Throwback) - HTTP/S Beaconing Implant

 59 | - [hashcat](https://github.com/hashcat/hashcat) - World's fastest and most advanced password recovery utility

 60 | - [hashcat-legacy](https://github.com/hashcat/hashcat-legacy) - Advanced CPU-based password recovery utility

 61 | - [icmptunnel](https://github.com/DhavalKapil/icmptunnel) - Transparently tunnel your IP traffic through ICMP echo and reply packets.

 62 | - [SoftEtherVPN](https://github.com/SoftEtherVPN/SoftEtherVPN) - A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.)

 63 | - [iodine](https://github.com/yarrick/iodine) - Official git repo for iodine dns tunnel

 64 | - [3proxy](https://github.com/z3APA3A/3proxy) - 3proxy - tiny free proxy server

 65 | - [Win32-OpenSSH](https://github.com/PowerShell/Win32-OpenSSH) - Win32 port of OpenSSH

 66 | - [beurk](https://github.com/unix-thrust/beurk) - BEURK Experimental Unix RootKit

 67 | - [pynids](https://github.com/MITRECND/pynids) - 

 68 | - [kekeo](https://github.com/gentilkiwi/kekeo) - A little toolbox to play with Microsoft Kerberos in C

 69 | - [peinjector](https://github.com/JonDoNym/peinjector) - peinjector - MITM PE file infector

 70 | - [AD-control-paths](https://github.com/ANSSI-FR/AD-control-paths) - Active Directory Control Paths auditing and graphing tools

 71 | - [backdoors](https://github.com/Shellntel/backdoors) - 

 72 | - [sheep-wolf](https://github.com/silentsignal/sheep-wolf) - Wolves Among the Sheep

 73 | - [proxenet](https://github.com/hugsy/proxenet) - The REAL^WONLY Hacker-Friendly proxy for web application pentests.

 74 | - [post-exploitation](https://github.com/mubix/post-exploitation) - Post Exploitation Collection

 75 | - [reaver-wps-fork-t6x](https://github.com/t6x/reaver-wps-fork-t6x) - 

 76 | - [pixiewps](https://github.com/wiire/pixiewps) - An offline WPS brute-force utility

 77 | - [mimikatz](https://github.com/gentilkiwi/mimikatz) - A little tool to play with Windows security

 78 | - [python-netfilterqueue](https://github.com/fqrouter/python-netfilterqueue) - Python bindings for libnetfilter_queue

 79 | - [fb-adb](https://github.com/facebook/fb-adb) - A better shell for Android devices

 80 | - [asus-cmd](https://github.com/jduck/asus-cmd) - ASUS Router infosvr UDP Broadcast root Command Execution

 81 | - [nvram-faker](https://github.com/zcutlip/nvram-faker) - A simple library to intercept calls to libnvram when running embedded linux applications in emulated environments.

 82 | - [PuttyRider](https://github.com/seastorm/PuttyRider) - Hijack Putty sessions in order to sniff conversation and inject Linux commands.

 83 | - [simple-rootkit](https://github.com/FaustDeGoethe/simple-rootkit) - A simple attack against gcc and Python via kernel module, with highly detailed comments.

 84 | 

 85 | ## C# # 
 86 | 
 87 | - [oleviewdotnet](https://github.com/tyranid/oleviewdotnet) - A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container

 88 | - [DotNetToJScript](https://github.com/tyranid/DotNetToJScript) - A tool to create a JScript file which loads a .NET v2 assembly from memory.

 89 | - [CScriptShell](https://github.com/Cn33liz/CScriptShell) - CScriptShell, a Powershell Host running within cscript.exe

 90 | - [OpenPasswordFilter](https://github.com/jephthai/OpenPasswordFilter) - An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.

 91 | - [RottenPotato](https://github.com/foxglovesec/RottenPotato) - RottenPotato local privilege escalation from service account to SYSTEM

 92 | - [PSShell](https://github.com/fdiskyou/PSShell) - PSShell gets the job done when harsh group policy restrictions are in place.

 93 | - [PowerShell](https://github.com/PowerShell/PowerShell) - PowerShell for every system!

 94 | - [PowerShdll](https://github.com/p3nt4/PowerShdll) - Run PowerShell with rundll32. Bypass software restrictions.

 95 | - [KeeThief](https://github.com/HarmJ0y/KeeThief) - Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.

 96 | - [EtwStream](https://github.com/neuecc/EtwStream) - Logs are event streams. EtwStream provides In-Process and Out-of-Process ObservableEventListener. Everything can compose and output to anywhere by Reactive Extensions.

 97 | - [PSAttack](https://github.com/jaredhaight/PSAttack) - A portable console aimed at making pentesting with PowerShell a little easier.

 98 | - [DSInternals](https://github.com/MichaelGrafnetter/DSInternals) - DSInternals PowerShell Module and Framework

 99 | - [p0wnedShell](https://github.com/Cn33liz/p0wnedShell) - PowerShell Runspace Post Exploitation Toolkit

100 | - [pash](https://github.com/angelcolmenares/pash) - Mono Version of PowerShell 3.0

101 | - [QuasarRAT](https://github.com/quasar/QuasarRAT) - Remote Administration Tool for Windows

102 | - [Psychson](https://github.com/brandonlw/Psychson) - Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)

103 | 

104 | ## C++ 
105 | 
106 | - [italc](https://github.com/iTALC/italc) - iTALC classroom management software

107 | - [RpcView](https://github.com/silverf0x/RpcView) - 

108 | - [rattler](https://github.com/sensepost/rattler) - Automated DLL Enumerator

109 | - [tensorflow](https://github.com/tensorflow/tensorflow) - Computation using data flow graphs for scalable machine learning

110 | - [tortunnel](https://github.com/moxie0/tortunnel) - A partial Onion Proxy implementation that's designed to build single-hop circuits through Tor exit nodes

111 | - [dripcap](https://github.com/dripcap/dripcap) - ☕️ Caffeinated Packet Analyzer

112 | - [ssf](https://github.com/securesocketfunneling/ssf) - Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS, relay protocol, cross platform shell, standalone and cross platform

113 | - [RemCom](https://github.com/kavika13/RemCom) - Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server.  Take your pick :)

114 | - [edb-debugger](https://github.com/eteran/edb-debugger) - edb is a cross platform x86/x86-64 debugger.

115 | - [KeeFarce](https://github.com/denandz/KeeFarce) - Extracts passwords from a KeePass 2.x database, directly from memory.

116 | - [selfhash](https://github.com/snowytoxa/selfhash) - SysCon14 release

117 | - [losslessh264](https://github.com/danielrh/losslessh264) - (Deprecated) Lossless h.264 recoder/recompressor. For newest version see:

118 | - [SysvolExplorer](https://github.com/ANSSI-FR/SysvolExplorer) - Active Directory Group Policy analyzer

119 | - [demoncrypt](https://github.com/eijah/demoncrypt) - Believe in the Right to Share.  Secure, Anonymous, Free, Everywhere.  Welcome to the Future of File Sharing.

120 | - [s-4-u-for-windows](https://github.com/aurel26/s-4-u-for-windows) - s(4)u for Windows

121 | - [rowhammer-test](https://github.com/google/rowhammer-test) - Test DRAM for bit flips caused by the rowhammer problem

122 | - [IAT_patcher](https://github.com/hasherezade/IAT_patcher) - Persistent IAT hooking application - based on bearparser.

123 | 

124 | ## CSS 
125 | 
126 | - [megaboilerplate](https://github.com/sahat/megaboilerplate) - Handcrafted starter projects, optimized for simplicity and ease of use.

127 | 

128 | ## Dart 
129 | 
130 | - [markov](https://github.com/filiph/markov) - Markov chain generator in Dart

131 | 

132 | ## Go 
133 | 
134 | - [wuzz](https://github.com/asciimoo/wuzz) - Interactive cli tool for HTTP inspection

135 | - [EGESPLOIT](https://github.com/EgeBalci/EGESPLOIT) - EGESPLOIT is a golang library for malware development

136 | - [keytransparency](https://github.com/google/keytransparency) - A transparent and secure way to look up public keys.

137 | - [phishery](https://github.com/ryhanson/phishery) - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector

138 | - [git-seekret](https://github.com/apuigsech/git-seekret) - Git module to prevent from committing sensitive information into the repository.

139 | - [termui](https://github.com/gizak/termui) - Golang terminal dashboard

140 | - [gotty](https://github.com/yudai/gotty) - Share your terminal as a web application

141 | - [gopacket](https://github.com/google/gopacket) - Provides packet processing capabilities for Go

142 | - [gobuster](https://github.com/OJ/gobuster) - Directory/file & DNS busting tool written in Go

143 | 

144 | ## Groff 
145 | 
146 | - [justniffer](https://github.com/onotelli/justniffer) - Justniffer  Just A Network TCP Packet Sniffer .Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic

147 | 

148 | ## HTML 
149 | 
150 | - [visualize_logs](https://github.com/keithjjones/visualize_logs) - A Python library and command line tools to provide interactive log visualization.

151 | - [Secure-Host-Baseline](https://github.com/iadgov/Secure-Host-Baseline) - Configuration guidance and files in support of the DoD Windows 10 Secure Host Baseline. iadgov

152 | - [gophish](https://github.com/gophish/gophish) - Open-Source Phishing Toolkit

153 | - [jamaal-re-tools](https://github.com/jspeights/jamaal-re-tools) - Automatically exported from code.google.com/p/jamaal-re-tools

154 | - [GoogleScraper](https://github.com/NikolaiT/GoogleScraper) - A Python module to scrape several search engines (like Google, Yandex, Bing, Duckduckgo, Baidu and others) by using proxies (socks4/5, http proxy) and with many different IP's, including asynchronous networking support (very fast).

155 | - [quantuminsert](https://github.com/fox-it/quantuminsert) - Quantum Insert

156 | - [pirate-get](https://github.com/vikstrous/pirate-get) - A command line interface for The Pirate Bay

157 | - [snarf](https://github.com/purpleteam/snarf) - Snarf man-in-the-middle / relay suite

158 | 

159 | ## Haskell 
160 | 
161 | - [shellcheck](https://github.com/koalaman/shellcheck) - ShellCheck, a static analysis tool for shell scripts

162 | 

163 | ## Java 
164 | 
165 | - [vncthumbnailviewer](https://github.com/sigmike/vncthumbnailviewer) - Viewer for Observing Multiple Computers using VNC

166 | - [ysoserial-modified](https://github.com/pimps/ysoserial-modified) - That repository contains my updates to the well know java deserialization exploitation tool ysoserial.

167 | - [ysoserial](https://github.com/frohoff/ysoserial) - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

168 | - [wycheproof](https://github.com/google/wycheproof) - Project Wycheproof tests crypto libraries against known attacks.

169 | - [Burp-Non-HTTP-Extension](https://github.com/summitt/Burp-Non-HTTP-Extension) - Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.

170 | - [androrat](https://github.com/wszf/androrat) - androrat

171 | - [pushy](https://github.com/pushyrpc/pushy) - Easy-as RPC. Zero-server RPC for Python and Java.

172 | - [cortana-scripts](https://github.com/rsmudge/cortana-scripts) - A collection of Cortana scripts that you may use with Armitage and Cobalt Strike 2.x. Cortana Scripts are not compatible with Cobalt Strike 3.x. Cobalt Strike 3.x uses a variant of Cortana called Aggressor Script.

173 | - [binnavi](https://github.com/google/binnavi) - BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

174 | - [JustTrustMe](https://github.com/Fuzion24/JustTrustMe) - An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

175 | 

176 | ## JavaScript 
177 | 
178 | - [Shellcode-Via-HTA](https://github.com/subTee/Shellcode-Via-HTA) - How To Execute Shellcode via HTA

179 | - [hyper](https://github.com/zeit/hyper) - A terminal built on web technologies

180 | - [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

181 | - [homebridge](https://github.com/nfarina/homebridge) - HomeKit support for the impatient

182 | - [poisontap](https://github.com/samyk/poisontap) - Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.

183 | - [novahot](https://github.com/chrisallenlane/novahot) - A webshell framework for penetration testers.

184 | - [monkey](https://github.com/guardicore/monkey) - Infection Monkey - An automated pentest tool

185 | - [jsxt](https://github.com/ildar-shaimordanov/jsxt) - The collection of the Javascript / JScript extensions and standalone scripts

186 | - [felony](https://github.com/henryboldi/felony) - 🔑🔥📈 Next Level PGP

187 | - [HackVault](https://github.com/0xSobky/HackVault) - A container repository for my defensive/offensive hacks!

188 | - [asciinema2gif](https://github.com/tav/asciinema2gif) - Generate animated GIFs from asciinema terminal recordings

189 | - [sniffly](https://github.com/diracdeltas/sniffly) - Sniffing browser history using HSTS

190 | - [MagicPython](https://github.com/MagicStack/MagicPython) - Cutting edge Python syntax highlighter for Sublime Text, Atom and Visual Studio Code. Used by GitHub to highlight your Python code!

191 | - [pm](https://github.com/anvaka/pm) - package managers visualization

192 | - [sleepy-puppy](https://github.com/Netflix/sleepy-puppy) - Sleepy Puppy XSS Payload Management Framework

193 | - [web-console](https://github.com/nickola/web-console) - Simple web-based SSH, remote shell in your browser

194 | - [cloud-pcap](https://github.com/thepacketgeek/cloud-pcap) - Web PCAP storage and analytics

195 | - [mitm-grabb3r](https://github.com/ivangr0zni/mitm-grabb3r) - MITM GRABB3R

196 | - [gproxy](https://github.com/cyrus-and/gproxy) - googleusercontent.com as HTTP(S) proxy

197 | - [mstsc.js](https://github.com/citronneur/mstsc.js) - A pure Node.js Microsoft Remote Desktop Protocol (RDP) Client

198 | - [resume.github.com](https://github.com/resume/resume.github.com) - Resumes generated using the GitHub informations

199 | - [eye](https://github.com/davisagli/eye) - Python object inspector

200 | - [xss-keylogger](https://github.com/hadynz/xss-keylogger) - A keystroke logger to exploit XSS vulnerabilities in a site - for my personal Educational purposes only

201 | - [friends](https://github.com/moose-team/friends) - :tv: P2P chat powered by the web.

202 | - [hodor](https://github.com/hummingbirdtech/hodor) - Official repo for the hodor-lang.org programming language

203 | - [pycryptocat](https://github.com/evilsocket/pycryptocat) - pyCryptoCat - A CryptoCat standalone python client.

204 | - [blessed-contrib](https://github.com/yaronn/blessed-contrib) - Build terminal dashboards using ascii/ansi art and javascript

205 | - [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform

206 | - [DoFler](https://github.com/SteveMcGrath/DoFler) - Dashboard of Fail.  A application to carve out images/accounts/vulns on conference networks and display them for general entertainment.

207 | - [beef](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project

208 | 

209 | ## Jupyter Notebook 
210 | 
211 | - [clickbait-detector](https://github.com/saurabhmathur96/clickbait-detector) - Detects clickbait headlines using deep learning.

212 | 

213 | ## Lua 
214 | 
215 | - [kali-nethunter](https://github.com/offensive-security/kali-nethunter) - The Kali NetHunter Project

216 | 

217 | ## Others 
218 | 
219 | - [OPCDE](https://github.com/comaeio/OPCDE) - OPCDE DXB 2017 Materials

220 | - [Probable-Wordlists](https://github.com/berzerk0/Probable-Wordlists) - Wordlists sorted by probability originally created for password generation and testing

221 | - [status-list](https://github.com/seiyria/status-list) - A list of your various social statii.

222 | - [Social-Engineering-Payloads](https://github.com/t3ntman/Social-Engineering-Payloads) - Collection of generic social engineering payloads

223 | - [Red-Team-Infrastructure-Wiki](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki) - Wiki to collect Red Team infrastructure hardening resources

224 | - [RegistrationFreeCOM](https://github.com/subTee/RegistrationFreeCOM) - Inject DLL Prototype using Microsoft.Windows.ACTCTX COM Object

225 | - [awesome](https://github.com/sindresorhus/awesome) - :sunglasses: Curated list of awesome lists

226 | - [Mackenzie](https://github.com/Miserlou/Mackenzie) - AWS Lambda Infection Toolkit // Persistent Lambda Malware PoC

227 | - [BlueHat2016](https://github.com/subTee/BlueHat2016) - Slides & Code BlueHat 2016

228 | - [wq](https://github.com/richardj/wq) - :wq

229 | - [SCADAPASS](https://github.com/scadastrangelove/SCADAPASS) - SCADA StrangeLove Default/Hardcoded Passwords List

230 | - [awesome-windows-exploitation](https://github.com/enddo/awesome-windows-exploitation) - A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom

231 | - [Hob0Rules](https://github.com/praetorian-inc/Hob0Rules) - Password cracking rules for Hashcat based on statistics and industry patterns

232 | - [ssh-badkeys](https://github.com/rapid7/ssh-badkeys) - A collection of static SSH keys (public and private) that have made their way into software and hardware products.

233 | - [RobotsDisallowed](https://github.com/danielmiessler/RobotsDisallowed) - A harvest of the Disallowed directories from the robots.txt files of the world's top websites.

234 | - [iOSAppReverseEngineering](https://github.com/iosre/iOSAppReverseEngineering) - The world’s 1st book of very detailed iOS App reverse engineering skills :)

235 | - [TSA-Travel-Sentry-master-keys](https://github.com/Xyl2k/TSA-Travel-Sentry-master-keys) - 3D reproduction of TSA Master keys

236 | - [awesome-sysadmin](https://github.com/kahun/awesome-sysadmin) - A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.

237 | - [itpol](https://github.com/lfit/itpol) - Useful IT policies

238 | - [xssshell-xsstunnell](https://github.com/portcullislabs/xssshell-xsstunnell) - XSS Tunnel is a standard HTTP proxy which sits on an attacker’s system.  XSS Shell is a powerful XSS backdoor, in XSS Shell one can interactively send requests and get responses from victim and it allows you to keep the control of session.

239 | - [awesome-pentest](https://github.com/enaqx/awesome-pentest) - A collection of awesome penetration testing resources, tools and other shiny things

240 | - [Smartphone-Pentest-Framework](https://github.com/georgiaw/Smartphone-Pentest-Framework) - Repository for the Smartphone Pentest Framework (SPF)

241 | - [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS

242 | - [Google-dorks](https://github.com/JohnTroony/Google-dorks) - Common google dorks and others you prolly donn know :P

243 | 

244 | ## PHP 
245 | 
246 | - [BezierInfo-2](https://github.com/Pomax/BezierInfo-2) - A from-the-ground-up rewrite of https://pomax.github.io/bezierinfo, using react, babel, webpack, and other modern things.

247 | - [FiercePhish](https://github.com/Raikia/FiercePhish) - FiercePhish is a full-fledged phishing framework to manage all phishing engagements.  It allows you to track separate phishing campaigns, schedule sending of emails, and much more.

248 | - [xss_payloads](https://github.com/nettitude/xss_payloads) - Exploitation for XSS

249 | - [SecLists](https://github.com/danielmiessler/SecLists) - SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

250 | - [dropPoint](https://github.com/mwthink/dropPoint) - Remotely accessible Tor hidden service deployment suite

251 | - [wpes](https://github.com/weaknetlabs/wpes) - WeakNet PHP Execution Shell

252 | - [AD-permissions](https://github.com/ANSSI-FR/AD-permissions) - Active Directory permissions (ACL/ACE) auditing tools

253 | - [Parser](https://github.com/WhichBrowser/Parser) - Browser sniffing gone too far — A useragent parser library for PHP

254 | - [FruityWifi](https://github.com/xtr4nge/FruityWifi) - FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.

255 | - [php-webshells](https://github.com/JohnTroony/php-webshells) - Common php webshells. Do not host the file(s) on your server!

256 | 

257 | ## PLpgSQL 
258 | 
259 | - [idaref](https://github.com/nologic/idaref) - IDA Pro Instruction Reference Plugin

260 | 

261 | ## Perl 
262 | 
263 | - [epowner](https://github.com/funoverip/epowner) - McAfee ePolicy 0wner exploit code

264 | - [EQGRP](https://github.com/x0rz/EQGRP) - Decrypted content of eqgrp-auction-file.tar.xz

265 | - [asterisk-speech-recog](https://github.com/zaf/asterisk-speech-recog) - Speech recognition script for Asterisk that uses google's speech engine.

266 | - [evilgrade](https://github.com/infobyte/evilgrade) - 

267 | - [Slow-HTTP-Post](https://github.com/vkramskikh/Slow-HTTP-Post) - Slow HTTP POST testing tool

268 | 

269 | ## Pony 
270 | 
271 | - [ponysay](https://github.com/erkin/ponysay) - Pony rewrite of cowsay.

272 | 

273 | ## PowerShell 
274 | 
275 | - [SeeCLRly](https://github.com/sekirkity/SeeCLRly) - Fileless SQL Server CLR-based Custom Stored Procedure Command Execution

276 | - [Untypo](https://github.com/LeeHolmes/Untypo) - Help recover passwords / etc. that were incorrectly entered with a typo

277 | - [EncryptedStore](https://github.com/HarmJ0y/EncryptedStore) - Offensive Data Storage

278 | - [RandomPS-Scripts](https://github.com/xorrior/RandomPS-Scripts) - Random PowerShell scripts

279 | - [Invoke-Obfuscation](https://github.com/danielbohannon/Invoke-Obfuscation) - PowerShell Obfuscator

280 | - [Inveigh](https://github.com/Kevin-Robertson/Inveigh) - Inveigh is a Windows PowerShell LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool

281 | - [Tater](https://github.com/Kevin-Robertson/Tater) - Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec

282 | - [DeepBlueCLI](https://github.com/sans-blue-team/DeepBlueCLI) - 

283 | - [MailSniper](https://github.com/dafthack/MailSniper) - MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

284 | - [PowerShell-Suite](https://github.com/FuzzySecurity/PowerShell-Suite) - My musings with PowerShell

285 | - [powercat](https://github.com/besimorhino/powercat) - netshell features all in version 2 powershell

286 | - [Misc-PowerShell-Stuff](https://github.com/enigma0x3/Misc-PowerShell-Stuff) - random powershell goodness

287 | - [BloodHound](https://github.com/BloodHoundAD/BloodHound) - Six Degrees of Domain Admin

288 | - [mimikittenz](https://github.com/putterpanda/mimikittenz) - A post-exploitation powershell tool for extracting juicy info from memory.

289 | - [PowerOutlook](https://github.com/colemination/PowerOutlook) - Sample code from Owning MS Outlook with Powershell

290 | - [Javascript-Backdoor](https://github.com/3gstudent/Javascript-Backdoor) - Learn from  Casey Smith @subTee

291 | - [PowerTools](https://github.com/PowerShellEmpire/PowerTools) - PowerTools is a collection of PowerShell projects with a focus on offensive operations.

292 | - [Interceptor](https://github.com/subTee/Interceptor) - PowerShell HTTP(s) Intercepting Proxy

293 | - [WMIOps](https://github.com/ChrisTruncer/WMIOps) - This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.

294 | - [PowerCat](https://github.com/secabstraction/PowerCat) - A PowerShell TCP/IP swiss army knife.

295 | - [NetRipper](https://github.com/NytroRST/NetRipper) - NetRipper - Smart traffic sniffing for penetration testers

296 | - [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.

297 | - [Generate-Macro](https://github.com/enigma0x3/Generate-Macro) - This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.

298 | - [nishang](https://github.com/samratashok/nishang) - Nishang - PowerShell for penetration testing and offensive security.

299 | - [Powershell](https://github.com/nettitude/Powershell) - 

300 | - [Egress-Assess](https://github.com/ChrisTruncer/Egress-Assess) - Egress-Assess is a tool used to test egress data detection capabilities

301 | - [PowerUp](https://github.com/HarmJ0y/PowerUp) - This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current version.

302 | - [Veil-Pillage](https://github.com/Veil-Framework/Veil-Pillage) - Veil-Pillage is a post-exploitation framework that integrates with Veil-Evasion.

303 | 

304 | ## Python 
305 | 
306 | - [evilginx](https://github.com/kgretzky/evilginx) - Man-in-the-middle attack framework used for phishing credentials and session cookies of any web service.

307 | - [EQGRP_Lost_in_Translation](https://github.com/x0rz/EQGRP_Lost_in_Translation) - Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

308 | - [mimipy](https://github.com/n1nj4sec/mimipy) - port of mimipenguin.sh in python with some additional protection features

309 | - [mimipenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux user

310 | - [IIS_exploit](https://github.com/edwardz246003/IIS_exploit) - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

311 | - [gdrive-appdata](https://github.com/nelenkov/gdrive-appdata) - Fetch Android appdata/ from Google Drive

312 | - [pyamf](https://github.com/hydralabs/pyamf) - AMF for Python

313 | - [struts-pwn](https://github.com/mazen160/struts-pwn) - An exploit for Apache Struts CVE-2017-5638

314 | - [arp_aio](https://github.com/oohlaf/arp_aio) - ARP requests using asyncio

315 | - [routersploit](https://github.com/reverse-shell/routersploit) - The Router Exploitation Framework

316 | - [Bella](https://github.com/manwhoami/Bella) - A pure python, post-exploitation, data mining tool and remote administration tool (RAT) for macOS / OS X.  🍎💻

317 | - [maya](https://github.com/kennethreitz/maya) - Timestamps for Humans™

318 | - [PoC](https://github.com/lgandx/PoC) - Various PoCs

319 | - [argcomplete](https://github.com/kislyuk/argcomplete) - Python and tab completion, better together.

320 | - [click-completion](https://github.com/click-contrib/click-completion) - Add or enhance bash, fish, zsh and powershell completion in Click

321 | - [exterminate](https://github.com/adtac/exterminate) - Break Python programs with a single import.

322 | - [saythanks.io](https://github.com/kennethreitz/saythanks.io) - Spreading Thankfulness in Open Source.

323 | - [pipenv](https://github.com/kennethreitz/pipenv) - Sacred Marriage of Pipfile, Pip, & Virtualenv.

324 | - [delegator.py](https://github.com/kennethreitz/delegator.py) - Subprocesses for Humans 2.0.

325 | - [pwntools](https://github.com/Gallopsled/pwntools) - CTF framework and exploit development library

326 | - [truffleHog](https://github.com/dxa4481/truffleHog) - Searches through git repositories for high entropy strings, digging deep into commit history

327 | - [rpivot](https://github.com/artkond/rpivot) - socks4 reverse proxy for penetration testing

328 | - [tauthon](https://github.com/naftaliharris/tauthon) - Fork of Python 2.7 with new syntax, builtins, and libraries backported from Python 3.

329 | - [zget](https://github.com/nils-werner/zget) - Filename based peer to peer file transfer

330 | - [gTTS](https://github.com/pndurette/gTTS) - Module and command line utility to save spoken text to mp3 via the Google Text to Speech (TTS) API

331 | - [pybrain](https://github.com/pybrain/pybrain) - 

332 | - [WAFNinja](https://github.com/khalilbijjou/WAFNinja) - WAFNinja is a tool which contains two functions to attack Web Application Firewalls.

333 | - [gitfiti](https://github.com/gelstudios/gitfiti) - abusing github commit history for the lulz

334 | - [TrumpScript](https://github.com/samshadwell/TrumpScript) - Make Python great again

335 | - [java_deserialization_exploits](https://github.com/CoalfireLabs/java_deserialization_exploits) - A collection of Java Deserialization Exploits

336 | - [dnsteal](https://github.com/m57/dnsteal) - DNS Exfiltration tool for stealthily sending files over DNS requests.

337 | - [Ebowla](https://github.com/Genetic-Malware/Ebowla) - Framework for Making Environmental Keyed Payloads

338 | - [gef](https://github.com/hugsy/gef) - Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers

339 | - [peda](https://github.com/longld/peda) - PEDA - Python Exploit Development Assistance for GDB

340 | - [NfSpy](https://github.com/bonsaiviking/NfSpy) - ID-spoofing NFS client

341 | - [kaced](https://github.com/steponequit/kaced) - 

342 | - [Responder](https://github.com/lgandx/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

343 | - [google_socks](https://github.com/lukebaggett/google_socks) - A proof of concept demonstrating the use of Google Drive for command and control.

344 | - [Bayesian_Network](https://github.com/manonverdier/Bayesian_Network) - A Bayesian Method for the Induction of Probalistic Networks from Data

345 | - [pacdoor](https://github.com/SafeBreach-Labs/pacdoor) - Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File

346 | - [MonitorDarkly](https://github.com/RedBalloonShenanigans/MonitorDarkly) - Poc, Presentation of Monitor OSD Exploitation, and shenanigans of high quality.

347 | - [datasploit](https://github.com/DataSploit/datasploit) - A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.

348 | - [stargate](https://github.com/0x3a/stargate) - Stargate

349 | - [pywerview](https://github.com/the-useless-one/pywerview) - A (partial) Python rewriting of PowerSploit's PowerView

350 | - [cditter](https://github.com/anfractuosity/cditter) - CDitter – Electromechanical based data exfiltration

351 | - [android_fde_bruteforce](https://github.com/laginimaineb/android_fde_bruteforce) - Scripts to bruteforce Android's Full Disk Encryption off the device

352 | - [Cloakify](https://github.com/TryCatchHCF/Cloakify) - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection

353 | - [badusb2-mitm-poc](https://github.com/withdk/badusb2-mitm-poc) - BadUSB 2.0 USB-HID MiTM POC

354 | - [SpaceshipGenerator](https://github.com/a1studmuffin/SpaceshipGenerator) - A Blender script to procedurally generate 3D spaceships

355 | - [pywinrm](https://github.com/diyan/pywinrm) - Python library for Windows Remote Management (WinRM)

356 | - [xonsh](https://github.com/xonsh/xonsh) - Python-powered, cross-platform, Unix-gazing shell

357 | - [pyad](https://github.com/zakird/pyad) - Python Active Directory Tools

358 | - [ldapdomaindump](https://github.com/dirkjanm/ldapdomaindump) - Active Directory information dumper via LDAP

359 | - [python_lnk_maker](https://github.com/carnal0wnage/python_lnk_maker) - Make Windows LNK file with python (pylnk)

360 | - [SharpMeter](https://github.com/vvalien/SharpMeter) - 

361 | - [exserial](https://github.com/getcode2git/exserial) - Java Untrusted Deserialization Exploits Tools

362 | - [bt2](https://github.com/blazeinfosec/bt2) - Blaze Telegram Backdoor Toolkit is a post-exploitation tool that leverages the infrastructure of Telegram as a C&C

363 | - [plasma](https://github.com/plasma-disassembler/plasma) - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

364 | - [firefox_decrypt](https://github.com/Unode/firefox_decrypt) - Firefox Decrypt is a tool to extract passwords from Firefox profiles

365 | - [waybackpack](https://github.com/jsvine/waybackpack) - Download the entire Wayback Machine archive for a given URL.

366 | - [sneaky-creeper](https://github.com/DakotaNelson/sneaky-creeper) - Get your APT on using social media as a tool for data exfiltration.

367 | - [Pazuzu](https://github.com/BorjaMerino/Pazuzu) - Pazuzu: Reflective DLL to run binaries from memory

368 | - [gdog](https://github.com/maldevel/gdog) - A fully featured Windows backdoor that uses Gmail as a C&C server

369 | - [JSRat-Py](https://github.com/Hood3dRob1n/JSRat-Py) - This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.

370 | - [dcept](https://github.com/secureworks/dcept) - A tool for deploying and detecting use of Active Directory honeytokens

371 | - [autorelay](https://github.com/DanMcInerney/autorelay) - Automatically performs the SMB relay attack

372 | - [sidomo](https://github.com/deepgram/sidomo) - Simple Docker Python Module

373 | - [secure-smtpd](https://github.com/bcoe/secure-smtpd) - Fork of Python's standard SMTP server. Adding support for various extensions to the protocol.

374 | - [Tunna](https://github.com/SECFORCE/Tunna) - Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

375 | - [python-qBittorrent](https://github.com/v1k45/python-qBittorrent) - Python wrapper for qBittorrent Web API (for versions above v3.1.x)

376 | - [SPF](https://github.com/tatanus/SPF) - SpeedPhishing Framework

377 | - [EvilAbigail](https://github.com/GDSSecurity/EvilAbigail) - Automated Linux evil maid attack

378 | - [clusterd](https://github.com/hatRiot/clusterd) - application server attack toolkit

379 | - [fast-recon](https://github.com/DanMcInerney/fast-recon) - Does some google dorks against a domain

380 | - [pentest-machine](https://github.com/DanMcInerney/pentest-machine) - Automates some pentest jobs via nmap xml file

381 | - [GasPot](https://github.com/sjhilt/GasPot) - GasPot Released at Blackhat 2015

382 | - [SimplyEmail](https://github.com/killswitch-GUI/SimplyEmail) - Email recon made fast and easy, with a framework to build on

383 | - [backdoor-pyc](https://github.com/secretsquirrel/backdoor-pyc) - Patch pyc files with your code. Fairly lame.

384 | - [Skype-Maltego-Client](https://github.com/NoobieDog/Skype-Maltego-Client) - A set of local skype transforms for Maltego to utilise Skype and search the directory

385 | - [PyLaTeX](https://github.com/JelteF/PyLaTeX) - A Python library for creating LaTeX files

386 | - [Mobile-Security-Framework-MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) - Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.

387 | - [autoresp](https://github.com/DanMcInerney/autoresp) - Runs Responder, uploads hashes for cracking, alerts when cracked

388 | - [python-adb](https://github.com/google/python-adb) - Python ADB + Fastboot implementation

389 | - [wsuspect-proxy](https://github.com/pdjstone/wsuspect-proxy) - 

390 | - [autoDANE](https://github.com/sensepost/autoDANE) - Auto Domain Admin and Network Exploitation.

391 | - [API-namechk.com](https://github.com/PaulSec/API-namechk.com) - (Unofficial) Python API for http://namechk.com

392 | - [skype-osint](https://github.com/PaulSec/skype-osint) - Python OSINT Tool to retrieve information from Skype

393 | - [pack](https://github.com/iphelix/pack) - PACK (Password Analysis and Cracking Kit)

394 | - [commix](https://github.com/commixproject/commix) - Automated All-in-One OS command injection and exploitation tool.

395 | - [pcap-reassembler](https://github.com/FredrikAppelros/pcap-reassembler) - Reassembles UDP/TCP packets into application layer messages.

396 | - [dpkt](https://github.com/kbandla/dpkt) - fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols

397 | - [NMAPgrapher](https://github.com/attactics/NMAPgrapher) - A tool to generate graph and other output from NMAP XML files

398 | - [scripts](https://github.com/Shellntel/scripts) - 

399 | - [nessrest](https://github.com/tenable/nessrest) - A python library for using the new Nessus REST API.

400 | - [pycepa](https://github.com/pycepa/pycepa) - python tor client

401 | - [PySocks](https://github.com/Anorov/PySocks) - A semi-actively maintained SocksiPy fork. Contains many improvements to the original.

402 | - [pr0cks](https://github.com/n1nj4sec/pr0cks) - python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target

403 | - [memorpy](https://github.com/n1nj4sec/memorpy) - Python library using ctypes to search/edit windows/linux programs memory

404 | - [rpyc](https://github.com/tomerfiliba/rpyc) - RPyC (Remote Python Call) - A transparent and symmetric RPC library for python

405 | - [pupy](https://github.com/n1nj4sec/pupy) - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

406 | - [sslstrip](https://github.com/moxie0/sslstrip) - A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

407 | - [pyNES](https://github.com/gutomaia/pyNES) - Python programming for Nintendo 8 bits

408 | - [SPSE](https://github.com/ahhh/SPSE) - Collection of scripts created while taking the SecurityTube Python Scripting Expert course

409 | - [NTP_Trojan](https://github.com/ahhh/NTP_Trojan) - Reverse NTP remote access trojan in python, for penetration testers

410 | - [Reverse_SSH_Shell](https://github.com/ahhh/Reverse_SSH_Shell) - A reverse ssh shell written in python, intended for penetration testers to use as a covert channel on windows

411 | - [Stego_Dropper](https://github.com/ahhh/Stego_Dropper) - A python based dropper, that uses steganography and an image over http to transfer a file

412 | - [XMPP_Shell_Bot](https://github.com/ahhh/XMPP_Shell_Bot) - A shell / chat bot for XMPP and cloud services

413 | - [Reverse_HTTPS_Bot](https://github.com/ahhh/Reverse_HTTPS_Bot) - A python based https remote access trojan for penetration testing

414 | - [Reverse_DNS_Shell](https://github.com/ahhh/Reverse_DNS_Shell) - A python reverse shell that uses DNS as the c2 channel

415 | - [LSB-Steganography](https://github.com/RobinDavid/LSB-Steganography) - Python program to steganography files into images using the Least Significant Bit.

416 | - [PeachPy](https://github.com/Maratyszcza/PeachPy) - x86-64 assembler embedded in Python

417 | - [ripPE](https://github.com/matonis/ripPE) - ripPE - section extractor and profiler for PE file analysis

418 | - [python-mss](https://github.com/BoboTiG/python-mss) - An ultra fast cross-platform multiple screenshots module in pure Python using ctypes.

419 | - [btproxy](https://github.com/conorpp/btproxy) - Man in the Middle analysis tool for Bluetooth.

420 | - [plumbum](https://github.com/tomerfiliba/plumbum) - Plumbum: Shell Combinators

421 | - [pyautogui](https://github.com/asweigart/pyautogui) - A cross-platform GUI automation Python module for human beings. Used to programmatically control the mouse & keyboard.

422 | - [airpwn-ng](https://github.com/ICSec/airpwn-ng) - airpwn-ng

423 | - [grab](https://github.com/lorien/grab) - Web Scraping Framework

424 | - [onelinerizer](https://github.com/csvoss/onelinerizer) - Convert any Python file into a single line of code.

425 | - [snapception](https://github.com/thebradbain/snapception) - Intercept and decrypt all snapchats received over your network

426 | - [smbspider](https://github.com/T-S-A/smbspider) - SMB Spider is a lightweight python utility for searching SMB/CIFS/Samba file shares. While performing a penetration test, the need to search hundreds of hosts for sensitive password files resulted in this project.

427 | - [ZIB-Trojan](https://github.com/whitepacket/ZIB-Trojan) - The Open Tor Botnet (ZIB); Python-based forever-FUD IRC Trojan

428 | - [webhandler](https://github.com/lnxg33k/webhandler) - Bash simulator to control a server using PHP system functions.

429 | - [scapy-to-api](https://github.com/thepacketgeek/scapy-to-api) - Sniff packets and POST to API

430 | - [CredCrack](https://github.com/gojhonny/CredCrack) - A fast and stealthy credential harvester

431 | - [big-list-of-naughty-strings](https://github.com/minimaxir/big-list-of-naughty-strings) - The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

432 | - [pymiproxy](https://github.com/allfro/pymiproxy) - A small and sweet man-in-the-middle proxy capable of doing HTTP and HTTP over SSL.

433 | - [sploitego](https://github.com/allfro/sploitego) - Maltego Penetration Testing Transforms

434 | - [whitepages](https://github.com/michalmonselise/whitepages) - Python wrapper for the whitepages api. For more information about the whitepages api see their documentation at http://pro.whitepages.com/developer/documentation/api-overview/

435 | - [bokken](https://github.com/inguma/bokken) - Dear user:  This is a git mirror of our Mercurial repository in https://bokken.inguma.eu that you can use if you prefer to use pull requests. For instructions, latest updates and such visit our main site at http://www.bokken.re and our blog http://ingumadev.blogspot.com.

436 | - [unicorn](https://github.com/trustedsec/unicorn) - Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

437 | - [ivre](https://github.com/cea-sec/ivre) - Network recon framework.

438 | - [Python-Scripts](https://github.com/iCHAIT/Python-Scripts) - My Python scripts.

439 | - [aggr-inject](https://github.com/rpp0/aggr-inject) - Remote frame injection PoC by exploiting a standard compliant A-MPDU aggregation vulnerability in 802.11n networks.

440 | - [wildpwn](https://github.com/localh0t/wildpwn) - unix wildcard attacks

441 | - [scapy-ssl_tls](https://github.com/tintinweb/scapy-ssl_tls) - SSL/TLS layers for scapy the interactive packet manipulation tool

442 | - [psutil](https://github.com/giampaolo/psutil) - A cross-platform process and system utilities module for Python

443 | - [Just-Metadata](https://github.com/ChrisTruncer/Just-Metadata) - Just-Metadata is a tool that gathers and analyzes metadata about IP addresses.  It attempts to find relationships between systems within a large dataset.

444 | - [pyinstaller](https://github.com/pyinstaller/pyinstaller) - Freeze (package) Python programs into stand-alone executables

445 | - [enjarify](https://github.com/google/enjarify) - 

446 | - [pymetasploit](https://github.com/allfro/pymetasploit) - A full-fledged msfrpc library for Metasploit framework.

447 | - [httpie](https://github.com/jakubroztocil/httpie) - Modern command line HTTP client – user-friendly curl alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc.  https://httpie.org

448 | - [entweet](https://github.com/Lukasa/entweet) - Badass encryption for Twitter

449 | - [python-triplesec](https://github.com/keybase/python-triplesec) - A Python port of the triplesec library.

450 | - [TwistedEve](https://github.com/d-mo/TwistedEve) - a tool that facilitates eavesdropping and man-in-the-middle attacks

451 | - [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers

452 | - [zarp](https://github.com/hatRiot/zarp) - Network Attack Tool

453 | - [LaZagne](https://github.com/AlessandroZ/LaZagne) - Credentials recovery project

454 | - [EyeWitness](https://github.com/ChrisTruncer/EyeWitness) - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

455 | - [social-engineer-toolkit](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

456 | - [httpagentparser](https://github.com/shon/httpagentparser) - Python HTTP Agent Parser

457 | - [ptf](https://github.com/trustedsec/ptf) - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

458 | - [wifite-mod-pixiewps](https://github.com/aanarchyy/wifite-mod-pixiewps) - 

459 | - [twisted-connect-proxy](https://github.com/fmoo/twisted-connect-proxy) - Default Twisted does not ship with a CONNECT-enabled HTTP(s) proxy.  This code provides one.

460 | - [smbmap](https://github.com/ShawnDEvans/smbmap) - SMBMap is a handy SMB enumeration tool

461 | - [pysecdump](https://github.com/pentestmonkey/pysecdump) - Python-based tool to dump security information from Windows systems

462 | - [the-backdoor-factory](https://github.com/secretsquirrel/the-backdoor-factory) - Patch PE, ELF, Mach-O binaries with shellcode

463 | - [LANs.py](https://github.com/DanMcInerney/LANs.py) - Inject code, jam wifi, and spy on wifi users

464 | - [impacket](https://github.com/CoreSecurity/impacket) - Impacket is a collection of Python classes for working with network protocols.

465 | - [SMBTrap](https://github.com/CylanceSPEAR/SMBTrap) - Tools developed to test the Redirect to SMB issue

466 | - [patator](https://github.com/lanjelot/patator) - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

467 | - [dnschef](https://github.com/iphelix/dnschef) - DNSChef - DNS proxy for Penetration Testers and Malware Analysts

468 | - [sslstrip](https://github.com/xtr4nge/sslstrip) - A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

469 | - [Cellular-Automata-Manager](https://github.com/MircoT/Cellular-Automata-Manager) - Open source environment for cellular automata

470 | - [pyhipku](https://github.com/lord63/pyhipku) - Encode any IP address as a haiku, funny and lovely. TRY IT NOW: http://pyhipku.lord63.com

471 | - [dissectors](https://github.com/cssaheel/dissectors) - This project is part of improving Cuckoo Sandbox, for more information https://honeynet.org/gsoc/slot3  I will use Scapy to write protocols dissectors for: TCP, UDP, ICMP, DNS, HTTP, FTP, IRC, SMB, SIP, TELNET, SSH, IMAP, POP and H.323

472 | - [multibootusb](https://github.com/mbusb/multibootusb) - Create multiboot live Linux on a USB disk...

473 | - [Ghost.py](https://github.com/jeanphix/Ghost.py) - Webkit based scriptable web browser for python.

474 | - [volatility](https://github.com/volatilityfoundation/volatility) - An advanced memory forensics framework

475 | - [dbx-keygen-linux](https://github.com/newsoft/dbx-keygen-linux) - Encryption key extractor for Dropbox DBX files

476 | - [dbx-keygen-windows](https://github.com/newsoft/dbx-keygen-windows) - Encryption key extractor for Dropbox DBX files

477 | - [Dshell](https://github.com/USArmyResearchLab/Dshell) - Dshell is a network forensic analysis framework.

478 | - [net-creds](https://github.com/DanMcInerney/net-creds) - Sniffs sensitive data from interface or pcap

479 | - [Delorean](https://github.com/PentesterES/Delorean) - NTP Main-in-the-Middle tool

480 | - [CapTipper](https://github.com/omriher/CapTipper) - Malicious HTTP traffic explorer

481 | - [xss2shell](https://github.com/Prochainezo/xss2shell) - Tool for abusing XSS vulnerabilities on Wordpress and Joomla! installations

482 | - [crowbar](https://github.com/galkan/crowbar) - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

483 | - [uiautomator](https://github.com/xiaocong/uiautomator) - Python wrapper of Android uiautomator test tool.

484 | - [scapy-http](https://github.com/invernizzi/scapy-http) - Support for HTTP in Scapy

485 | - [percol](https://github.com/mooz/percol) - adds flavor of interactive filtering to the traditional pipe concept of UNIX shell

486 | - [robobrowser](https://github.com/jmcarp/robobrowser) - 

487 | - [wfuzz](https://github.com/xmendez/wfuzz) - Web application fuzzer

488 | - [rdpy](https://github.com/citronneur/rdpy) - Remote Desktop Protocol in Twisted Python

489 | - [iDictPy](https://github.com/Pilfer/iDictPy) - A salty-ass 100% verified hacker status python script to turn apple id's into apple crisp #nicememe

490 | - [unhash](https://github.com/tkisason/unhash) - unhash is a set of tools designed to enable better password auditing

491 | - [bowcaster](https://github.com/zcutlip/bowcaster) - 

492 | - [PCredz](https://github.com/lgandx/PCredz) - This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

493 | - [pyobfuscate](https://github.com/astrand/pyobfuscate) - pyobfuscate

494 | - [meterssh](https://github.com/trustedsec/meterssh) - MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned (meterpeter in this case) by the shellcode over SSH back to the attackers machine. Then connecting with meterpreter's listener to localhost will communicate through the SSH proxy, to the victim through the SSH tunnel. All communications are relayed through the SSH tunnel and not through the network.

495 | - [bunny](https://github.com/mothran/bunny) - Bunny is a wireless. meshing, darknet that uses 802.11 to hide its communications

496 | - [wifiphisher](https://github.com/wifiphisher/wifiphisher) - Automated victim-customized phishing attacks against Wi-Fi clients

497 | - [vFeed](https://github.com/toolswatch/vFeed) - The Correlated Vulnerability And Threat Intelligence Database API

498 | - [nogotofail](https://github.com/google/nogotofail) - An on-path blackbox network traffic security testing tool

499 | - [wps](https://github.com/devttys0/wps) - WPS related utilities

500 | - [BDFProxy](https://github.com/secretsquirrel/BDFProxy) - Patch Binaries via MITM: BackdoorFactory + mitmProxy.

501 | - [Veil-Ordnance](https://github.com/Veil-Framework/Veil-Ordnance) - Veil-Ordnance is a tool designed to quickly generate MSF stager shellcode

502 | - [loc-nogps](https://github.com/haxorthematrix/loc-nogps) - 

503 | - [dumpmon](https://github.com/jordan-wright/dumpmon) - Information Dump Monitor

504 | - [xsscrapy](https://github.com/DanMcInerney/xsscrapy) - XSS spider - 66/66 wavsep XSS detected

505 | - [Responder](https://github.com/SpiderLabs/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

506 | - [ridenum](https://github.com/trustedsec/ridenum) - Rid_enum is a null session RID cycle attack for brute forcing domain controllers.

507 | 

508 | ## Roff 
509 | 
510 | - [facebook-tunnel](https://github.com/matiasinsaurralde/facebook-tunnel) - Tunneling Internet traffic over Facebook chat.

511 | 

512 | ## Ruby 
513 | 
514 | - [hash_link](https://github.com/arch4ngel/hash_link) - 

515 | - [mastodon](https://github.com/tootsuite/mastodon) - A GNU Social-compatible microblogging server

516 | - [searchpass](https://github.com/michenriksen/searchpass) - A simple tool for offline searching of default credentials for network devices, web applications and more.

517 | - [wordpress-exploit-framework](https://github.com/rastating/wordpress-exploit-framework) - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

518 | - [browser-backdoor](https://github.com/IMcPwn/browser-backdoor) - BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener

519 | - [wpbrute-rpc](https://github.com/zendoctor/wpbrute-rpc) - 

520 | - [bettercap](https://github.com/evilsocket/bettercap) - A complete, modular, portable and easily extensible MITM framework.

521 | - [yasuo](https://github.com/0xsauby/yasuo) - A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

522 | - [gitrob](https://github.com/michenriksen/gitrob) - Reconnaissance tool for GitHub organizations

523 | - [memorandom](https://github.com/rapid7/memorandom) - 

524 | - [memorandom](https://github.com/mubix/memorandom) - 

525 | - [ZackAttack](https://github.com/urbanesec/ZackAttack) - Unveiled at DEF CON 20, NTLM Relaying to ALL THE THINGS!

526 | - [metasploit-framework](https://github.com/rapid7/metasploit-framework) - Metasploit Framework

527 | 

528 | ## Rust 
529 | 
530 | - [groot](https://github.com/thiagopnts/groot) - :deciduous_tree: The Groot Programming Language

531 | 

532 | ## Shell 
533 | 
534 | - [rsync-time-backup](https://github.com/laurent22/rsync-time-backup) - Time Machine style backup with rsync.

535 | - [algo](https://github.com/trailofbits/algo) - Set up a personal IPSEC VPN in the cloud

536 | - [awesome-iocs](https://github.com/sroberts/awesome-iocs) - A collection of sources of indicators of compromise

537 | - [tmux-logging](https://github.com/tmux-plugins/tmux-logging) - Easy logging and screen capturing for Tmux.

538 | - [Skippy](https://github.com/S71CK/Skippy) - A script made to validate numerous cryptographic-related vulnerabilities such as: Heartbleed, Logjam, CRIME,POODLE, DROWN, Weak Cipher Suites enabled, NULL ciphers, MD5 signed certificates, secure renegotiation checks, and self-signed certificate checks.

539 | - [backdoor-apk](https://github.com/dana-at-cp/backdoor-apk) - backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.

540 | - [ArchStrike](https://github.com/ArchStrike/ArchStrike) - An Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.

541 | - [firmwalker](https://github.com/craigz28/firmwalker) - Script for searching the extracted firmware file system for goodies!

542 | - [lynis](https://github.com/CISOfy/lynis) - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

543 | - [sasquatch](https://github.com/devttys0/sasquatch) - 

544 | 

545 | ## VimL 
546 | 
547 | - [minimap-vim](https://github.com/koron/minimap-vim) - Minimap for Vim

548 | 

549 | ## Visual Basic 
550 | 
551 | - [uacscript](https://github.com/Vozzie/uacscript) - Windows 7 UAC Bypass Vulnerability in the Windows Script Host

552 | 

553 | 
554 | ## License
555 | 
556 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
557 | 
558 | To the extent possible under law, [byt3bl33d3r](https://github.com/byt3bl33d3r) has waived all copyright and related or neighboring rights to this work.
559 | 
560 | 


--------------------------------------------------------------------------------
/happyqq.md:
--------------------------------------------------------------------------------
 1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
 2 | 
 3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
 4 | 
 5 | 
 6 | ## Contents
 7 | 
 8 | 

 9 | 
10 | ## License
11 | 
12 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
13 | 
14 | To the extent possible under law, [happyqq](https://github.com/happyqq) has waived all copyright and related or neighboring rights to this work.
15 | 
16 | 


--------------------------------------------------------------------------------
/imcoderr.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/imcoderr.md


--------------------------------------------------------------------------------
/jpenalbae.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [Assembly](#assembly)

  9 |   - [C](#c)

 10 |   - [C#](#c#)

 11 |   - [C++](#c++)

 12 |   - [CSS](#css)

 13 |   - [Go](#go)

 14 |   - [HTML](#html)

 15 |   - [Hack](#hack)

 16 |   - [Haskell](#haskell)

 17 |   - [Java](#java)

 18 |   - [JavaScript](#javascript)

 19 |   - [Max](#max)

 20 |   - [OCaml](#ocaml)

 21 |   - [Others](#others)

 22 |   - [PHP](#php)

 23 |   - [PLpgSQL](#plpgsql)

 24 |   - [Python](#python)

 25 |   - [Ruby](#ruby)

 26 |   - [Rust](#rust)

 27 |   - [Shell](#shell)

 28 |   - [VHDL](#vhdl)

 29 | 

 30 | ## Assembly 
 31 | 
 32 | - [pics](https://github.com/corkami/pics) - Posters, drawings...

 33 | - [PwnAdventureZ](https://github.com/Vector35/PwnAdventureZ) - NES zombie survival game made to be hacked

 34 | - [sinkhole](https://github.com/xoreaxeaxeax/sinkhole) - The memory sinkhole

 35 | 

 36 | ## C 
 37 | 
 38 | - [kaslr-bypass-via-prefetch](https://github.com/xairy/kaslr-bypass-via-prefetch) - A proof-of-concept KASLR bypass for the Linux kernel via timing prefetch (dilettante implementation, better read the original paper: https://gruss.cc/files/prefetch.pdf)

 39 | - [minipro](https://github.com/vdudouyt/minipro) - An open source program for controlling the MiniPRO TL866xx series of chip programmers

 40 | - [r2k](https://github.com/leberus/r2k) - kernel module for radare2

 41 | - [wcc](https://github.com/endrazine/wcc) - The Witchcraft Compiler Collection

 42 | - [cb-multios](https://github.com/trailofbits/cb-multios) - DARPA Challenges Sets for Linux, Windows, and OS X

 43 | - [vmmfuzzer](https://github.com/rcvalle/vmmfuzzer) - A hypervisor or virtual machine monitor (VMM) fuzzer

 44 | - [TriforceLinuxSyscallFuzzer](https://github.com/nccgroup/TriforceLinuxSyscallFuzzer) - A linux system call fuzzer using TriforceAFL

 45 | - [perf_event_tests](https://github.com/deater/perf_event_tests) - Test suite for the Linux perf_event subsystem

 46 | - [honggfuzz](https://github.com/google/honggfuzz) - Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (sw and hw)

 47 | - [simple-pt](https://github.com/andikleen/simple-pt) - Simple Intel CPU processor tracing on Linux

 48 | - [UEFITool](https://github.com/LongSoft/UEFITool) - UEFI firmware image viewer and editor

 49 | - [evic-sdk](https://github.com/ReservedField/evic-sdk) - An open source SDK for the Joyetech eVic VTC Mini.

 50 | - [CansecWest2016_Getting_Physical_Extreme_Abuse_of_Intel_Based_Paging_Systems](https://github.com/n3k/CansecWest2016_Getting_Physical_Extreme_Abuse_of_Intel_Based_Paging_Systems) - CansecWest2016 - Getting Physical: Extreme Abuse of Intel Based Paging Systems

 51 | - [SimpleVisor](https://github.com/ionescu007/SimpleVisor) - SimpleVisor is a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.

 52 | - [how2heap](https://github.com/shellphish/how2heap) - A repository for learning various heap exploitation techniques.

 53 | - [ret-sync](https://github.com/bootleg/ret-sync) - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA disassembler.

 54 | - [ropc](https://github.com/pakt/ropc) - A Turing complete ROP compiler

 55 | - [ropc-llvm](https://github.com/programa-stic/ropc-llvm) - ropc-llvm is a PoC of a Turing complete ROP compiler  with support for a subset of LLVM IR. It is an extension of ropc.

 56 | - [jscomp](https://github.com/tmikov/jscomp) - Ahead of time JavaScript compiler

 57 | - [ktsan](https://github.com/google/ktsan) - KernelThreadSanitizer, a fast data race detector for the Linux kernel

 58 | - [libplayground](https://github.com/djrbliss/libplayground) - A simple framework for developing Linux kernel heap exploit techniques

 59 | - [Workshop2015](https://github.com/Maijin/Workshop2015) - 

 60 | - [panda](https://github.com/panda-re/panda) - Platform for Architecture-Neutral Dynamic Analysis

 61 | - [8cc](https://github.com/rui314/8cc) - A Small C Compiler

 62 | - [MBE](https://github.com/RPISEC/MBE) - Course materials for Modern Binary Exploitation by RPISEC

 63 | - [picoc](https://github.com/zsaleeba/picoc) - A very small C interpreter

 64 | - [preeny](https://github.com/zardus/preeny) - Some helpful preload libraries for pwning stuff.

 65 | - [int-overflow](https://github.com/pts/int-overflow) - Detecting integer overflow in C and C++

 66 | - [neftis](https://github.com/BatchDrake/neftis) - Neftis is a microkernel designed to be easily extended and compiled in various platforms

 67 | - [JamesM](https://github.com/kAworu/JamesM) - me going through JamesM's kernel development tutorials

 68 | - [afl-fuzz](https://github.com/rc0r/afl-fuzz) - Non-official repository for lcamtuf's American Fuzzy Lop http://lcamtuf.coredump.cx/afl/

 69 | - [skpd](https://github.com/whatsbcn/skpd) - Process dump to executable ELF for linux

 70 | - [armette](https://github.com/BatchDrake/armette) - ARMette is a small ARM7 emulation library intended to ease ARM reverse engineering.

 71 | - [mdp](https://github.com/visit1985/mdp) - A command-line based markdown presentation tool.

 72 | 

 73 | ## C# # 
 74 | 
 75 | - [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler, and debugger

 76 | - [consoleXstream](https://github.com/Nefylem/consoleXstream) - VS2013 c# application

 77 | - [Fido](https://github.com/Netflix/Fido) - 

 78 | 

 79 | ## C++ 
 80 | 
 81 | - [grr](https://github.com/trailofbits/grr) - High-throughput fuzzer and emulator of DECREE binaries

 82 | - [DomTreSat](https://github.com/trailofbits/DomTreSat) - Dominator Tree LLVM Pass to Test Satisfiability

 83 | - [HexRaysCodeXplorer](https://github.com/REhints/HexRaysCodeXplorer) - Hex-Rays Decompiler plugin for better code navigation

 84 | - [Free-multi-Patcher](https://github.com/hartmannaf/Free-multi-Patcher) - 

 85 | - [AndFix](https://github.com/alibaba/AndFix) - AndFix is a library that offer hot-fix for Android App.

 86 | - [inspectrum](https://github.com/miek/inspectrum) - Offline radio signal analyser

 87 | - [fcd](https://github.com/zneak/fcd) - An optimizing decompiler

 88 | - [mcsema](https://github.com/trailofbits/mcsema) - x86 to LLVM bitcode translation framework

 89 | - [USB_Host_Shield_2.0](https://github.com/felis/USB_Host_Shield_2.0) - Revision 2.0 of USB Host Library for Arduino.

 90 | - [runtime](https://github.com/runtimejs/runtime) - Lightweight JavaScript library operating system for the cloud

 91 | - [node-cwrap](https://github.com/JPGygax68/node-cwrap) - 

 92 | - [Python_Pin](https://github.com/blankwall/Python_Pin) - 

 93 | - [smartdec](https://github.com/smartdec/smartdec) - SmartDec decompiler

 94 | - [gr-gsm](https://github.com/ptrkrysik/gr-gsm) - Gnuradio blocks and tools for receiving GSM transmissions

 95 | - [cryptoshark](https://github.com/frida/cryptoshark) - Self-optimizing cross-platform code tracer based on dynamic recompilation

 96 | 

 97 | ## CSS 
 98 | 
 99 | - [write-ups-2015](https://github.com/ctfs/write-ups-2015) - Wiki-like CTF write-ups repository, maintained by the community. 2015

100 | 

101 | ## Go 
102 | 
103 | - [syzkaller](https://github.com/google/syzkaller) - syzkaller is an unsupervised, coverage-guided Linux system call fuzzer

104 | 

105 | ## HTML 
106 | 
107 | - [misc](https://github.com/StalkR/misc) - Little bit of this, little bit of that

108 | 

109 | ## Hack 
110 | 
111 | - [kernel-fuzzing](https://github.com/oracle/kernel-fuzzing) - Fuzzers for the Linux kernel

112 | 

113 | ## Haskell 
114 | 
115 | - [IdaHaskell](https://github.com/kvnesterov/IdaHaskell) - Allows to execute haskell code in Ida Pro.

116 | 

117 | ## Java 
118 | 
119 | - [deobfuscator](https://github.com/java-deobfuscator/deobfuscator) - 

120 | - [Raccoon](https://github.com/onyxbits/Raccoon) - Google Play desktop client

121 | - [android-vts](https://github.com/AndroidVTS/android-vts) - Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.

122 | - [joern](https://github.com/octopus-platform/joern) - A robust parser for C/C++ storing abstract syntax trees, control flow graphs and program dependence graphs in a neo4j graph database.

123 | - [bytecode-viewer](https://github.com/Konloch/bytecode-viewer) - A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

124 | 

125 | ## JavaScript 
126 | 
127 | - [gdbgui](https://github.com/cs01/gdbgui) - A modern, browser-based frontend to gdb (gnu debugger). Add breakpoints, view stack traces, and more in C, C++, Go, and Rust. Simply run gdbgui from the terminal and a new tab will open in your browser.

128 | - [DOMPurify](https://github.com/cure53/DOMPurify) - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

129 | - [Surku](https://github.com/attekett/Surku) - Surku is a general-purpose mutation-based fuzzer.

130 | - [sniffly](https://github.com/diracdeltas/sniffly) - Sniffing browser history using HSTS

131 | - [MarkdownPresenter](https://github.com/chrishulbert/MarkdownPresenter) - Update: Follow link to recommended fork. For when you're giving a presentation in half an hour, and you haven't got the time to open up keynote...

132 | - [CTFPad](https://github.com/StratumAuhuur/CTFPad) - A web UI and server for task based competitions employing Etherpad Lite.

133 | - [node-google-play](https://github.com/dweinstein/node-google-play) - Get details and download apps from https://play.google.com by emulating an Android (Nexus 5X) device by default.

134 | - [dragula](https://github.com/bevacqua/dragula) - :ok_hand: Drag and drop so simple it hurts

135 | - [DOManalyzer](https://github.com/rubenespadas/DOManalyzer) - Analizando el DOM "like a sir"

136 | - [Kaku](https://github.com/EragonJ/Kaku) - Kaku is an highly integrated music player supports different online platform like YouTube, SoundCloud, Vimeo and more. Available on Mac, Windows and Linux.

137 | - [reveal.js](https://github.com/hakimel/reveal.js) - The HTML Presentation Framework

138 | - [smartos-live](https://github.com/joyent/smartos-live) - For more information, please see http://smartos.org/  For any questions that aren't answered there, please join the SmartOS discussion list: http://smartos.org/smartos-mailing-list/

139 | - [blessed-contrib](https://github.com/yaronn/blessed-contrib) - Build terminal dashboards using ascii/ansi art and javascript

140 | - [levelup](https://github.com/Level/levelup) - LevelDB - Node.js style

141 | - [bluebox-ng](https://github.com/jesusprubio/bluebox-ng) - Pentesting framework using Node.js powers, focused in VoIP.

142 | 

143 | ## Max 
144 | 
145 | - [FLIRTDB](https://github.com/Maktm/FLIRTDB) - A community driven collection of IDA FLIRT signature files

146 | 

147 | ## OCaml 
148 | 
149 | - [tis-interpreter](https://github.com/TrustInSoft/tis-interpreter) - An interpreter for finding subtle bugs in programs written in standard C

150 | - [symfuzz](https://github.com/maurer/symfuzz) - 

151 | 

152 | ## Others 
153 | 
154 | - [Awesome-Fuzzing](https://github.com/secfigo/Awesome-Fuzzing) - A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

155 | - [ssh-badkeys](https://github.com/rapid7/ssh-badkeys) - A collection of static SSH keys (public and private) that have made their way into software and hardware products.

156 | - [idaplugins-list](https://github.com/onethawt/idaplugins-list) - A list of IDA Plugins

157 | - [EU-CFP](https://github.com/nodeconf/EU-CFP) - Call for participation for NodeConf.eu 2015

158 | - [OMSTD](https://github.com/cr0hn/OMSTD) - Open Methodology for Security Tool Developers

159 | - [cheatsheets](https://github.com/pwntester/cheatsheets) - random brain dumps

160 | 

161 | ## PHP 
162 | 
163 | - [rips](https://github.com/ripsscanner/rips) - RIPS - A static source code analyser for vulnerabilities in PHP scripts

164 | 

165 | ## PLpgSQL 
166 | 
167 | - [nodeasm](https://github.com/Rami114/nodeasm) - By the power of node

168 | 

169 | ## Python 
170 | 
171 | - [lighthouse](https://github.com/gaasedelen/lighthouse) - Code Coverage Explorer for IDA Pro

172 | - [knockknock](https://github.com/moxie0/knockknock) - A simple, secure, and stealthy port knocking implementation that does not use libpcap or bind to a socket interface.

173 | - [DrK](https://github.com/sslab-gatech/DrK) - The DrK Attack - Proof of concept

174 | - [libheap](https://github.com/cloudburst/libheap) - python library to examine ptmalloc (the glibc userland heap implementation)

175 | - [angrop](https://github.com/salls/angrop) - 

176 | - [FunKeyCIA](https://github.com/llakssz/FunKeyCIA) - Python tool for downloading content from CDN, uses only a title id and title key, or keyfile, to make a good cia.

177 | - [Ropper](https://github.com/sashs/Ropper) - You can use ropper to display information about files in different file formats and you can find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC). For disassembly ropper uses the awesome Capstone Framework.

178 | - [rop_compiler](https://github.com/jeffball55/rop_compiler) - An open source, multi-architecture ROP compiler written in python

179 | - [exploitable](https://github.com/jfoote/exploitable) - The 'exploitable' GDB plugin. I don't work at CERT anymore, but here is the original homepage: http://www.cert.org/vuls/discovery/triage.html

180 | - [pintool](https://github.com/wagiro/pintool) - 

181 | - [IDAtropy](https://github.com/danigargu/IDAtropy) - IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib.

182 | - [kstructhunter](https://github.com/jonoberheide/kstructhunter) - Routines for hunting down kernel structs.

183 | - [afl-utils](https://github.com/rc0r/afl-utils) - Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

184 | - [deprecated-binaryninja-python](https://github.com/Vector35/deprecated-binaryninja-python) - Deprecated Binary Ninja prototype written in Python

185 | - [gdb-dashboard](https://github.com/cyrus-and/gdb-dashboard) - Modular visual interface for GDB in Python

186 | - [DIE](https://github.com/ynvb/DIE) - Dynamic IDA Enrichment

187 | - [xortool](https://github.com/hellman/xortool) - A tool to analyze multi-byte xor cipher

188 | - [pwntools](https://github.com/Gallopsled/pwntools) - CTF framework and exploit development library

189 | - [diaphora](https://github.com/joxeankoret/diaphora) - Diaphora, a Free and Open Source program diffing tool

190 | - [chipsec](https://github.com/chipsec/chipsec) - Platform Security Assessment Framework

191 | - [pwndbg](https://github.com/pwndbg/pwndbg) - Exploit Development and Reverse Engineering with GDB Made Easy

192 | - [miasm](https://github.com/cea-sec/miasm) - Reverse engineering framework in Python

193 | - [stuff](https://github.com/hugsy/stuff) - Misc tools for reversing, exploit and pentest

194 | - [plasma](https://github.com/plasma-disassembler/plasma) - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

195 | - [sonare](https://github.com/sapir/sonare) - A Qt-based disassembly viewer based on radare2

196 | - [nightmare](https://github.com/joxeankoret/nightmare) - A distributed fuzzing testing suite with web administration

197 | 

198 | ## Ruby 
199 | 
200 | - [commit-watcher](https://github.com/srcclr/commit-watcher) - Find interesting and potentially hazardous commits in git projects

201 | - [BooJS](https://github.com/sotownsend/BooJS) - Unix swiss army knife for headless browser javascript

202 | 

203 | ## Rust 
204 | 
205 | - [neon](https://github.com/neon-bindings/neon) - A safe Rust abstraction layer for native Node.js modules.

206 | 

207 | ## Shell 
208 | 
209 | - [crosstool-ng](https://github.com/crosstool-ng/crosstool-ng) - A versatile (cross-)toolchain generator.

210 | - [algo](https://github.com/trailofbits/algo) - Set up a personal IPSEC VPN in the cloud

211 | - [z2d](https://github.com/umiddelb/z2d) - Zero 2 Docker with Ubuntu Core, Debian or CentOS

212 | - [service-daemons](https://github.com/frdmn/service-daemons) - :japanese_ogre: This repository contains a lot of proper working start/stop-scripts or daemons for a variety of linux systems or even operating systems.

213 | - [afl-trivia](https://github.com/bnagy/afl-trivia) - Short, unrelated helper scripts for users of AFL (the fuzzer)

214 | 

215 | ## VHDL 
216 | 
217 | - [bcomp](https://github.com/MJoergen/bcomp) - 8-bit computer

218 | 

219 | 
220 | ## License
221 | 
222 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
223 | 
224 | To the extent possible under law, [jpenalbae](https://github.com/jpenalbae) has waived all copyright and related or neighboring rights to this work.
225 | 
226 | 


--------------------------------------------------------------------------------
/kiang70.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [Assembly](#assembly)

  9 |   - [Batchfile](#batchfile)

 10 |   - [C](#c)

 11 |   - [C#](#c#)

 12 |   - [C++](#c++)

 13 |   - [CSS](#css)

 14 |   - [Clojure](#clojure)

 15 |   - [Go](#go)

 16 |   - [HTML](#html)

 17 |   - [Java](#java)

 18 |   - [JavaScript](#javascript)

 19 |   - [Lua](#lua)

 20 |   - [Others](#others)

 21 |   - [PHP](#php)

 22 |   - [Perl](#perl)

 23 |   - [PowerShell](#powershell)

 24 |   - [Python](#python)

 25 |   - [Roff](#roff)

 26 |   - [Ruby](#ruby)

 27 |   - [Shell](#shell)

 28 | 

 29 | ## Assembly 
 30 | 
 31 | - [Eternalblue](https://github.com/gitdlf/Eternalblue) - 

 32 | 

 33 | ## Batchfile 
 34 | 
 35 | - [WinSystemHelper](https://github.com/kiang70/WinSystemHelper) - A tool that checks and downloads scripts that will aid with privilege escalation on a Windows system.

 36 | 

 37 | ## C 
 38 | 
 39 | - [smart7ec-scan-console](https://github.com/hxp2k6/smart7ec-scan-console) - 基于Linux c开发的插件式扫描器(Python/lua)

 40 | - [p4p1](https://github.com/p4p1/p4p1) - Reverse shell for remote administration :peach:

 41 | - [TheFatRat](https://github.com/Screetsec/TheFatRat) - Thefatrat a massive exploiting tool revealed >> An easy tool to generate backdoor and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .

 42 | - [fcn](https://github.com/boywhp/fcn) - free connect your private network from anywhere

 43 | - [wifi-arsenal](https://github.com/0x90/wifi-arsenal) - WiFi arsenal

 44 | - [public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) - Curated list of  public penetration test reports released by several consulting firms and academic security groups

 45 | - [toolforspider](https://github.com/kiang70/toolforspider) - a new spider based on python with more function including Network fingerprint search

 46 | - [Scan-T](https://github.com/nanshihui/Scan-T) - a new crawler based on python with more function including Network fingerprint search

 47 | - [phptrace](https://github.com/Qihoo360/phptrace) - A tracing and troubleshooting tool for PHP scripts.

 48 | 

 49 | ## C# # 
 50 | 
 51 | - [cve-2017-7269-tool](https://github.com/zcgonvh/cve-2017-7269-tool) - CVE-2017-7269 to webshell or shellcode loader

 52 | - [QuasarRAT](https://github.com/quasar/QuasarRAT) - Remote Administration Tool for Windows

 53 | - [Altman](https://github.com/keepwn/Altman) - the cross platform webshell tool in .NET

 54 | - [shadowsocks-windows](https://github.com/shadowsocks/shadowsocks-windows) - If you want to keep a secret, you must also hide it from yourself.

 55 | 

 56 | ## C++ 
 57 | 
 58 | - [autoshadower](https://github.com/yangyangwithgnu/autoshadower) - autoshadower is so sweet, she will find many free shadowsoks accounts for you, do her best!

 59 | - [hardseed](https://github.com/yangyangwithgnu/hardseed) - SEX IS ZERO (0), so, who wanna be the ONE (1), aha?

 60 | - [kcws](https://github.com/koth/kcws) - Deep Learning Chinese Word Segment

 61 | 

 62 | ## CSS 
 63 | 
 64 | - [ZVulDrill](https://github.com/710leo/ZVulDrill) - Web漏洞演练平台

 65 | - [cobra](https://github.com/wufeifei/cobra) - Source Code Security Audit (源代码安全审计)

 66 | - [orangescan](https://github.com/0xbug/orangescan) - 在线子域名信息收集工具

 67 | - [portnine-free-bootstrap-theme](https://github.com/xiow/portnine-free-bootstrap-theme) - Free bootstrap theme

 68 | 

 69 | ## Clojure 
 70 | 
 71 | - [oss.io](https://github.com/bcambel/oss.io) - Developers gathering up

 72 | 

 73 | ## Go 
 74 | 
 75 | - [yunSpider](https://github.com/gudegg/yunSpider) - 百度云网盘爬虫

 76 | - [poseidon](https://github.com/Qihoo360/poseidon) - A search engine which can hold 100 trillion lines of log data.

 77 | - [dog-tunnel](https://github.com/vzex/dog-tunnel) - p2p tunnel,(udp mode work with kcp,https://github.com/skywind3000/kcp)

 78 | 

 79 | ## HTML 
 80 | 
 81 | - [WamaCry](https://github.com/bitdust/WamaCry) - a fake WannaCry

 82 | - [WooyunDrops](https://github.com/SuperKieran/WooyunDrops) - Wooyun知识库，乌云知识库，https://superkieran.github.io/WooyunDrops

 83 | - [Sreg](https://github.com/n0tr00t/Sreg) - Sreg可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。

 84 | - [1000php](https://github.com/Xyntax/1000php) - 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

 85 | - [readfree](https://github.com/bnpysse/readfree) - 

 86 | - [louchaooo.github.io](https://github.com/louchaooo/louchaooo.github.io) - 🐺三千浮华 独居一隅   (记录下学习生活中的点滴)

 87 | - [fuzzdb](https://github.com/tennc/fuzzdb) - 一个fuzzdb扩展库

 88 | - [wifisheep](https://github.com/code-scan/wifisheep) - 

 89 | - [gophish](https://github.com/gophish/gophish) - Open-Source Phishing Toolkit

 90 | - [hackazon](https://github.com/rapid7/hackazon) - A modern vulnerable web app

 91 | - [BroDomain](https://github.com/code-scan/BroDomain) - 兄弟域名查询

 92 | 

 93 | ## Java 
 94 | 
 95 | - [EquationExploit](https://github.com/1135/EquationExploit) - Eternalblue Doublepulsar exploit

 96 | - [androrat](https://github.com/DesignativeDave/androrat) - Remote Administration Tool for Android devices

 97 | - [S2-046-PoC](https://github.com/pwntester/S2-046-PoC) - S2-046-PoC

 98 | - [PDFLayoutTextStripper](https://github.com/JonathanLink/PDFLayoutTextStripper) - Converts a pdf file into a text file while keeping the layout of the original pdf. Useful to extract the content from a table in a pdf file for instance. This is a subclass of PDFTextStripper class (from the Apache PDFBox library).

 99 | - [ysoserial](https://github.com/frohoff/ysoserial) - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

100 | - [ShareLoc](https://github.com/junerver/ShareLoc) - 这是一个多用户共享位置的demo，通过socket与服务器长连接来实现位置共享

101 | - [pentestdb](https://github.com/alpha1e0/pentestdb) - WEB渗透测试数据库

102 | - [Cknife](https://github.com/Chora10/Cknife) - Cknife

103 | - [agnes](https://github.com/lietdai/agnes) - android上的wifi钓鱼应用

104 | - [WeChatLuckyMoney](https://github.com/geeeeeeeeek/WeChatLuckyMoney) - :money_with_wings: WeChat's lucky money helper (微信抢红包插件). An Android app that helps you snatch red packets in WeChat groups.

105 | - [QiangHongBao](https://github.com/WooyunDota/QiangHongBao) - 微信、QQ自动抢红包外挂（绿色、无广告）

106 | - [sqlmap4burp](https://github.com/difcareer/sqlmap4burp) - sqlmap embed in burpsuite

107 | 

108 | ## JavaScript 
109 | 
110 | - [xssor2](https://github.com/evilcos/xssor2) - XSS'OR - Hack with JavaScript.

111 | - [winxin-app-watch-life.net](https://github.com/iamxjb/winxin-app-watch-life.net) - "守望轩"WordPress官网微信小程序

112 | - [3xp10it](https://github.com/3xp10it/3xp10it) - 一个自动化渗透框架

113 | - [simple_zoomeye](https://github.com/az0ne/simple_zoomeye) - 一个还正在完善的项目，采用分布式python扫描全国的HTTP服务

114 | - [antSword](https://github.com/360sec/antSword) - 中国蚁剑是一款跨平台的开源网站管理工具

115 | - [django-template-bootstrap](https://github.com/adieu/django-template-bootstrap) - A django template based on twitter's bootstrap project.

116 | - [Qkindle](https://github.com/qiu0130/Qkindle) - kindle 图书在线分享

117 | - [AS_BugScan](https://github.com/Medicean/AS_BugScan) - 通过 Webshell 创建 BugScan 节点(需要目标支持 Python2.7)

118 | - [Brosec](https://github.com/gabemarshall/Brosec) - Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.

119 | - [antSword](https://github.com/antoor/antSword) - AntSword is a cross-platform website management toolkit.

120 | - [ant](https://github.com/antoor/ant) - code for study

121 | - [SRCMS](https://github.com/martinzhou2015/SRCMS) - SRCMS企业应急响应与缺陷管理系统

122 | - [BlueLotus_XSSReceiver](https://github.com/firesunCN/BlueLotus_XSSReceiver) - XSS平台 CTF工具 Web安全工具

123 | - [cms](https://github.com/iusky/cms) - 社工库

124 | 

125 | ## Lua 
126 | 
127 | - [ScanS2-045-Nmap](https://github.com/Z-0ne/ScanS2-045-Nmap) - Struts2 S2-045-Nmap NSE script

128 | 

129 | ## Others 
130 | 
131 | - [vuldocker](https://github.com/Loneyers/vuldocker) - 

132 | - [ebook](https://github.com/jyfc/ebook) - classic books of computer science

133 | - [Salon2](https://github.com/T00lsNet/Salon2) - T00ls.Net 2017第二期线下聚会（安徽）PPT合集

134 | - [Sec-Box](https://github.com/tengzhangchao/Sec-Box) - information security Tools Box （信息安全工具以及资源集合）

135 | - [betterdefaultpasslist](https://github.com/govolution/betterdefaultpasslist) - 

136 | - [EternalRocks](https://github.com/stamparm/EternalRocks) - EternalRocks worm

137 | - [kindle114-rsrc-gathering](https://github.com/it-ebooks/kindle114-rsrc-gathering) - :books: Kindle114 资源集结计划

138 | - [EternalBlue-MSF-Automation](https://github.com/SecFloater/EternalBlue-MSF-Automation) - Automation script for the Eternal Blue & Double Pulsar Metasploit exploit.

139 | - [wooyunallbugs](https://github.com/m0l1ce/wooyunallbugs) - wooyun_all_bugs

140 | - [awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc) - ✍️ A curated list of CVE PoCs.

141 | - [flexidie](https://github.com/Te-k/flexidie) - Source code and binaries of FlexiSpy from the Flexidie dump

142 | - [awesome-machine-learning-cn](https://github.com/jobbole/awesome-machine-learning-cn) - 机器学习资源大全中文版，包括机器学习领域的框架、库以及软件

143 | - [Awesome-Hacking](https://github.com/Hack-with-Github/Awesome-Hacking) - A collection of various awesome lists for hackers, pentesters and security researchers

144 | - [Chinese-Names-Corpus](https://github.com/wainshine/Chinese-Names-Corpus) - 中文人名语料库。中文姓名,姓氏,名字,称呼,日本人名,翻译人名,英文人名。

145 | - [free-programming-books](https://github.com/EbookFoundation/free-programming-books) - :books: Freely available programming books

146 | - [papers](https://github.com/ring04h/papers) - my security summit papers

147 | - [Mind-Map](https://github.com/phith0n/Mind-Map) - 各种安全相关思维导图整理收集

148 | - [AZScanner](https://github.com/az0ne/AZScanner) - 自动漏洞扫描器，自动子域名爆破，自动爬取注入，调用sqlmapapi检测注入，端口扫描，目录爆破，子网段服务探测及其端口扫描，常用框架漏洞检测。 Automatic scanner, automatic sub domain blasting, automatic crawl injection, injection, call the sqlmapapi port scan detection, directory service detection and segment blasting, port scanning, vulnerability detection framework commonly used.

149 | - [awesome-pentest](https://github.com/enaqx/awesome-pentest) - A collection of awesome penetration testing resources, tools and other shiny things

150 | - [awesome-django](https://github.com/rosarior/awesome-django) - A curated list of awesome Django apps, projects and resources.

151 | - [F-Scrack](https://github.com/ysrc/F-Scrack) - F-Scrack is a single file bruteforcer supports multi-protocol

152 | - [msfrpc](https://github.com/SpiderLabs/msfrpc) - Perl/Python modules for interfacing with Metasploit MSGRPC

153 | - [pentest_study](https://github.com/l3m0n/pentest_study) - 从零开始内网渗透学习

154 | - [pupy-binaries](https://github.com/n1nj4sec/pupy-binaries) - precompiled templates for pupy

155 | - [git-recipes](https://github.com/geeeeeeeeek/git-recipes) - :octocat: Git recipes in Chinese. 高质量的Git中文教程.

156 | - [Cpassword](https://github.com/pyphrb/Cpassword) - Cpassword is a about password dict create tools

157 | - [phpcodz](https://github.com/80vul/phpcodz) - Php Codz Hacking

158 | - [papers](https://github.com/evilcos/papers) - my open papers

159 | - [RobotsDisallowed](https://github.com/danielmiessler/RobotsDisallowed) - A harvest of the Disallowed directories from the robots.txt files of the world's top websites.

160 | - [sqlmapapi](https://github.com/Ezy2015/sqlmapapi) - 

161 | 

162 | ## PHP 
163 | 
164 | - [SCANNER-INURLBR](https://github.com/googleinurl/SCANNER-INURLBR) - Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

165 | - [Sn1per](https://github.com/1N3/Sn1per) - Automated Pentest Recon Scanner

166 | - [SecLists](https://github.com/danielmiessler/SecLists) - SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

167 | - [Scanners-Box](https://github.com/We5ter/Scanners-Box) - The toolbox of open source scanners - 安全行业从业人员自研开源扫描器合集👻

168 | - [wooyun_search](https://github.com/grt1st/wooyun_search) - 乌云公开漏洞、知识库搜索 search from wooyun.org

169 | - [webshell](https://github.com/tennc/webshell) - This is a webshell open source project

170 | - [wooyun_public](https://github.com/hanc00l/wooyun_public) - 乌云公开漏洞、知识库爬虫和搜索   crawl and search for wooyun.org public bug(vulnerability) and drops

171 | - [AwvScan](https://github.com/xibijj/AwvScan) - New On Live Web Vul Scan

172 | - [Bugscan](https://github.com/xibijj/Bugscan) - Bugscan Web Vulnerability Scaner Online System

173 | - [exp](https://github.com/rootphantomer/exp) - 收集各种各样的exp

174 | - [fuzzdb](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

175 | - [sees](https://github.com/galkan/sees) - SEES aims to increase the success rate of phishing attacks by sending emails to company users as if they are coming from the very same company’s domain.

176 | - [web-malware-collection](https://github.com/nikicat/web-malware-collection) - Clone of svn repository of http://insecurety.net/projects/web-malware/ project

177 | - [webshellSample](https://github.com/tanjiti/webshellSample) - webshell sample for WebShell Log Analysis

178 | - [joomla-getshell-EXP](https://github.com/whirlwind110/joomla-getshell-EXP) - joomla 反序列化漏洞 getshell&&命令执行

179 | - [MCIR](https://github.com/SpiderLabs/MCIR) - The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds.

180 | - [doom](https://github.com/lietdai/doom) - DOOM是在thorn上实现的分布式任务分发的ip端口漏洞扫描器

181 | - [GourdScan](https://github.com/kiang70/GourdScan) - 

182 | - [GourdScan](https://github.com/code-scan/GourdScan) - 

183 | - [SQLMAP-Web-GUI](https://github.com/Hood3dRob1n/SQLMAP-Web-GUI) - PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!

184 | - [LBSContacts](https://github.com/3kqing/LBSContacts) - 基于地理位置服务的通讯录

185 | - [SQLMAP-Web-GUI](https://github.com/sechacking/SQLMAP-Web-GUI) - PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!

186 | - [phpvulhunter](https://github.com/OneSourceCat/phpvulhunter) - A tool that can scan php vulnerabilities automatically using static analysis methods

187 | 

188 | ## Perl 
189 | 
190 | - [ATSCAN](https://github.com/AlisamTechnology/ATSCAN) - Advanced Search & Mass Exploit Scanner- فاحص متقدم لبحث و استغلال الثغرات بالجملة

191 | - [EQGRP](https://github.com/x0rz/EQGRP) - Decrypted content of eqgrp-auction-file.tar.xz

192 | 

193 | ## PowerShell 
194 | 
195 | - [redsnarf](https://github.com/nccgroup/redsnarf) - RedSnarf is a pen-testing / red-teaming tool for Windows environments

196 | - [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.

197 | - [mimikittenz](https://github.com/putterpanda/mimikittenz) - A post-exploitation powershell tool for extracting juicy info from memory.

198 | 

199 | ## Python 
200 | 
201 | - [s2-048-exp](https://github.com/mynameisk/s2-048-exp) - 

202 | - [datasploit](https://github.com/DataSploit/datasploit) - An #OSINT Framework to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.

203 | - [maltrail](https://github.com/stamparm/maltrail) - Malicious traffic detection system

204 | - [django-cms](https://github.com/divio/django-cms) - The easy-to-use and developer-friendly CMS

205 | - [blog](https://github.com/tomming233/blog) - 基于django1.10的个人博客

206 | - [gk7-douban](https://github.com/jacksyen/gk7-douban) - 豆瓣阅读推送kindle

207 | - [RedKindle](https://github.com/ynhacler/RedKindle) - Kindle期刊推送系统

208 | - [Prowl](https://github.com/nettitude/Prowl) - 

209 | - [kekescan](https://github.com/xiaoxiaoleo/kekescan) - automate scanner

210 | - [getsploit](https://github.com/vulnersCom/getsploit) - Command line utility for searching and downloading exploits

211 | - [microscan](https://github.com/MiniSafe/microscan) - MicroScan 基于B/S架构微扫描器

212 | - [SambaHunter](https://github.com/brianwrf/SambaHunter) - It is a simple script to exploit RCE for Samba (CVE-2017-7494 ).

213 | - [pyfiscan](https://github.com/fgeek/pyfiscan) - Free web-application vulnerability and version scanner

214 | - [WindowsExploits](https://github.com/abatchy17/WindowsExploits) - Windows exploits, mostly precompiled.

215 | - [PyAttack](https://github.com/tengzhangchao/PyAttack) - 批量抓鸡脚本

216 | - [btScan](https://github.com/he1m4n6a/btScan) - 批量漏洞扫描框架

217 | - [CVE-2017-7269-Echo-PoC](https://github.com/lcatro/CVE-2017-7269-Echo-PoC) - CVE-2017-7269 回显PoC ,用于远程漏洞检测..

218 | - [kmanga](https://github.com/aplanas/kmanga) - KManga site

219 | - [Sharly](https://github.com/SparkSharly/Sharly) - 

220 | - [github-dorks](https://github.com/techgaun/github-dorks) - Collection of github dorks and helper tool to automate the process of checking dorks

221 | - [eternalsunshine](https://github.com/frknozr/eternalsunshine) - EternalBlue/DoublePulsar python wrapper

222 | - [cupper](https://github.com/Saferman/cupper) - It comes!!

223 | - [fuzzbunch-debian](https://github.com/mdiazcl/fuzzbunch-debian) - Fuzzbunch deployment for Debian - Intructions: Readme.md

224 | - [WebEye](https://github.com/zerokeeper/WebEye) - 

225 | - [scan](https://github.com/webxscan/scan) - 

226 | - [wxpy](https://github.com/youfou/wxpy) - 微信机器人 / 可能是最优雅的微信个人号 API ✨✨

227 | - [RouterExploitScan](https://github.com/K1NGCOBRA/RouterExploitScan) - RouterExploit

228 | - [sicklepoc](https://github.com/bsmali4/sicklepoc) - 

229 | - [shadowbroker](https://github.com/misterch0c/shadowbroker) - The Shadow Brokers "Lost In Translation" leak

230 | - [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) - A list of useful payloads and bypass for Web Application Security and Pentest/CTF

231 | - [ZEROScan](https://github.com/zer0yu/ZEROScan) - Just a scan by Z3r0yu

232 | - [Drystan](https://github.com/Xyntax/Drystan) - Automated information gathering tool for pentest

233 | - [pocscan-cli](https://github.com/Xyntax/pocscan-cli) - 模拟登录，自动提交pocscan扫描任务

234 | - [doublepulsar-c2-traffic-decryptor](https://github.com/countercept/doublepulsar-c2-traffic-decryptor) - A python2 script for processing a PCAP file to decrypt C2 traffic sent to DOUBLEPULSAR implant

235 | - [PyShell](https://github.com/tengzhangchao/PyShell) - python backdoor （后门程序）

236 | - [CVE-2017-3599](https://github.com/SECFORCE/CVE-2017-3599) - Proof of concept exploit for CVE-2017-3599

237 | - [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester

238 | - [Nosql-Exploitation-Framework](https://github.com/torque59/Nosql-Exploitation-Framework) - A Python Framework For NoSQL Scanning and Exploitation

239 | - [Smbtouch-Scanner](https://github.com/3gstudent/Smbtouch-Scanner) - Automatically scan the inner network to detect whether they are vulnerable.

240 | - [cheetah](https://github.com/sunnyelf/cheetah) - a very fast brute force webshell password tool

241 | - [leakPasswd](https://github.com/lauixData/leakPasswd) - Python 密码泄露查询模块

242 | - [CMSmap](https://github.com/Dionach/CMSmap) - 

243 | - [lcyscan](https://github.com/Lcys/lcyscan) - 

244 | - [CVE-2017-0199](https://github.com/bhdresh/CVE-2017-0199) - Exploit toolkit CVE-2017-0199 - v3.0 is a handy python script which provides pentesters and security researchers a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious (Obfuscated) RTF file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.

245 | - [gwhatweb](https://github.com/boy-hack/gwhatweb) - CMS识别 python gevent实现

246 | - [doublepulsar-detection-script](https://github.com/countercept/doublepulsar-detection-script) - A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

247 | - [EQGRP_Lost_in_Translation](https://github.com/x0rz/EQGRP_Lost_in_Translation) - Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

248 | - [mimipenguin](https://github.com/huntergregal/mimipenguin) - A tool to dump the login password from the current linux user

249 | - [bugscan-1](https://github.com/Tu-tu-tu/bugscan-1) - w8ay专属扫描器

250 | - [struts2_045_scan](https://github.com/lijiejie/struts2_045_scan) - Struts2-045 Scanner

251 | - [GoogleSearchCrawler](https://github.com/meibenjin/GoogleSearchCrawler) - a tool for crawl Google search results

252 | - [zoomeyer](https://github.com/x1n9snv0/zoomeyer) - This is a program to use Zoomeye.org's API for exploering IOT.

253 | - [zoomeye_search](https://github.com/latentgod/zoomeye_search) - 基于 zoomeyey api 整理的一个小脚本

254 | - [pymsf](https://github.com/s0m30ne/pymsf) - using python to hack

255 | - [ProxyPool](https://github.com/Greyh4t/ProxyPool) - Crawl and validate proxies from Internet

256 | - [Proxies](https://github.com/MyFaith/Proxies) - 获取最新的HTTP代理，每日更新代理。

257 | - [webdav_exploit](https://github.com/eliuha/webdav_exploit) - An exploit for Microsoft IIS 6.0 CVE-2017-7269

258 | - [reGeorg](https://github.com/sensepost/reGeorg) - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

259 | - [IIS_exploit](https://github.com/edwardz246003/IIS_exploit) - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

260 | - [basicRAT](https://github.com/vesche/basicRAT) - python remote access trojan

261 | - [Ares](https://github.com/sweetsoftware/Ares) - Python botnet and backdoor

262 | - [censys-python](https://github.com/Censys/censys-python) - Python Library for Censys

263 | - [censys](https://github.com/jgamblin/censys) - Censys.io Python API Search

264 | - [fofa-py](https://github.com/fofapro/fofa-py) - fofa pro的sdk，python语言版本

265 | - [PocHunter](https://github.com/DavexPro/PocHunter) - 一个适配器模块，用于调用市面上流行的PoC框架(Beebeeto/PocSuite/TangScan/KsPoc)下的PoC.

266 | - [GitHack](https://github.com/BugScanTeam/GitHack) - .git 泄漏利用工具，可还原历史版本

267 | - [poc](https://github.com/Tu-tu-tu/poc) - poc from bugscan beebeeto

268 | - [Github_Nuggests](https://github.com/az0ne/Github_Nuggests) - 自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱

269 | - [web_shell_bopo](https://github.com/liulongfei/web_shell_bopo) - Python 一句话木马爆破工具，速度极快

270 | - [corePython](https://github.com/Xyntax/corePython) - 《Python 核心编程 第二版》 (《Core Python Programming 2nd Edition》)  学习笔记、事例代码以及课后练习

271 | - [Struts2_045-Poc](https://github.com/tengzhangchao/Struts2_045-Poc) - Struts2-045 POC

272 | - [Some-PoC-oR-ExP](https://github.com/coffeehb/Some-PoC-oR-ExP) - 各种漏洞poc、Exp的收集或编写

273 | - [genpAss](https://github.com/RicterZ/genpAss) - 中国特色的弱口令生成器

274 | - [pentestEr_Fully-automatic-scanner](https://github.com/RASSec/pentestEr_Fully-automatic-scanner) - 定向全自动化渗透测试

275 | - [BkScanner](https://github.com/blackye/BkScanner) - BkScanner 分布式、插件化web漏洞扫描器

276 | - [lalascan](https://github.com/blackye/lalascan) - 自主开发的分布式web漏洞扫描框架，集合webkit爬虫，Subdomain子域名发现，sqli、反射xss、Domxss等owasp top10漏洞扫描和边界资产发现能力。同时为通用CMS POC扫描提供了插件扩展平台

277 | - [Tunna](https://github.com/SECFORCE/Tunna) - Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

278 | - [operative-framework](https://github.com/graniet/operative-framework) - This is a framework based on fingerprint action, this tool is used for get information on  a website or a enterprise target with multiple modules (Viadeo search,Linkedin search, Reverse email whois, Reverse ip whois, SQL file forensics ...)

279 | - [python_gdork_sqli](https://github.com/ThomasTJdev/python_gdork_sqli) - This python script is developed to show, how many vulnerables websites, which are laying around on the web. 1) Scan net for urls prone to SQL injection 2) Check if urls is vulnerable 3) Exploit with sqlmap

280 | - [FileSensor](https://github.com/Xyntax/FileSensor) - Dynamic file detection tool based on crawler 基于爬虫的动态敏感文件探测工具

281 | - [Stitch](https://github.com/nathanlopez/Stitch) - Python Remote Administration Tool (RAT)

282 | - [wqcmsexp](https://github.com/hackdou/wqcmsexp) - 批量检测wqcms6.0配合iis6.0解析漏洞getshell

283 | - [subdomain3](https://github.com/yanxiu0614/subdomain3) - 

284 | - [sensitivefilescan](https://github.com/aipengjie/sensitivefilescan) - 

285 | - [python_learn](https://github.com/jetty-guo/python_learn) - 郭帅用于学习的python's code

286 | - [pentest-wiki](https://github.com/nixawk/pentest-wiki) - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

287 | - [zoomeye](https://github.com/s0m30ne/zoomeye) - sdk for zoomeye to explore the web space

288 | - [PhpStudy](https://github.com/s0m30ne/PhpStudy) - phpstudy get shell

289 | - [s0m3poc](https://github.com/s0m30ne/s0m3poc) - a poc framework to test hosts via zoomeye sdk

290 | - [srez](https://github.com/david-gpu/srez) - Image super-resolution through deep learning

291 | - [httpscan](https://github.com/zer0h/httpscan) - 一个爬虫式的网段Web主机发现小工具 # A HTTP Service detector with a crawler from IP/CIDR

292 | - [Fwaf-Machine-Learning-driven-Web-Application-Firewall](https://github.com/faizann24/Fwaf-Machine-Learning-driven-Web-Application-Firewall) - Machine learning driven web application firewall to detect malicious queries with high accuracy.

293 | - [Hacking](https://github.com/LockGit/Hacking) - not just code  , hacking is a spirit , will write code better !

294 | - [iRead4Kindle](https://github.com/haolloyin/iRead4Kindle) - A simple Django site for sharing Kindle highlights to Sina Weibo & Douban broadcast

295 | - [sendKindle](https://github.com/kparal/sendKindle) - CLI tool for sending files via email to your Amazon Kindle device

296 | - [hacking_script](https://github.com/Lingerhk/hacking_script) - 开发或收集的一些网络安全方面的脚本、小工具

297 | - [SDK](https://github.com/ZoomEye/SDK) - ZoomEye API SDK

298 | - [xunfeng](https://github.com/ysrc/xunfeng) - 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

299 | - [proxy_pool](https://github.com/jhao104/proxy_pool) - python爬虫代理IP池(proxy pool)

300 | - [pocscan_dockerfile](https://github.com/tlskbz/pocscan_dockerfile) - 构建pocscan运行环境的Dockerfile

301 | - [crawlers](https://github.com/evilcos/crawlers) - Some crawlers u know it:-)

302 | - [douban-client](https://github.com/douban/douban-client) - Python client library for Douban APIs (OAuth 2.0)

303 | - [readfree](https://github.com/Neverly/readfree) - 

304 | - [GourdScanV2](https://github.com/ysrc/GourdScanV2) - 被动式漏洞扫描系统

305 | - [wyproxy](https://github.com/ring04h/wyproxy) - proxying and recording HTTP/HTTPs/Socks5 proxy flow, save to MYSQL database.

306 | - [Dir-Xcan](https://github.com/NoobieDog/Dir-Xcan) - Python version of OWASP's DirBuster Application.

307 | - [SQLiScanner](https://github.com/0xbug/SQLiScanner) - Automatic SQL injection with Charles and sqlmap api

308 | - [RD_Checklist](https://github.com/knownsec/RD_Checklist) - 知道创宇研发技能表

309 | - [webzmap](https://github.com/fengyouchao/webzmap) - Zmap on Web

310 | - [exploit-database-bin-sploits](https://github.com/offensive-security/exploit-database-bin-sploits) - Exploit Database binary exploits located in the /sploits directory

311 | - [ABPTTS](https://github.com/nccgroup/ABPTTS) - TCP tunneling over HTTP/HTTPS for web application servers

312 | - [Bugscan_exploits-url](https://github.com/stupid333/Bugscan_exploits-url) - 投诉太狠啊，换个地方自己下吧

313 | - [pythem](https://github.com/m4n3dw0lf/pythem) - pentest framework

314 | - [wxBot](https://github.com/liuwons/wxBot) - Python网页微信API

315 | - [FuzSub](https://github.com/DavexPro/FuzSub) - A Tool For Fuzzing Sub-domain.

316 | - [PocCollect](https://github.com/nanshihui/PocCollect) - a plenty of poc based on python

317 | - [Pocsuite](https://github.com/knownsec/Pocsuite) - Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team.

318 | - [vulcan](https://github.com/pnigos/vulcan) - A gevent spider ,support webkit for dom parsing.

319 | - [cyberbot](https://github.com/RickGray/cyberbot) - A lightweight batch scanning framework based on gevent.

320 | - [normal_hack](https://github.com/nanshihui/normal_hack) - based on search engine and get the valid infomation to test the vulnerability

321 | - [Bugscan_exploits](https://github.com/bugscan233/Bugscan_exploits) - 

322 | - [WiFi-Pumpkin](https://github.com/P0cL4bs/WiFi-Pumpkin) - Framework for Rogue Wi-Fi Access Point Attack https://www.patreon.com/wifipumpkin

323 | - [DNSLog](https://github.com/BugScanTeam/DNSLog) - DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。

324 | - [hackhttp](https://github.com/BugScanTeam/hackhttp) - Hackhttp is an HTTP library, written in Python.

325 | - [jexboss](https://github.com/joaomatosf/jexboss) - JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

326 | - [pymsf](https://github.com/kiang70/pymsf) - using python to hack

327 | - [POC-T](https://github.com/Xyntax/POC-T) - 渗透测试插件化并发框架

328 | - [portscan](https://github.com/jax777/portscan) - push

329 | - [Blasting_dictionary](https://github.com/dc3l1ne/Blasting_dictionary) - 爆破字典

330 | - [cupp](https://github.com/Mebus/cupp) - Common User Passwords Profiler (CUPP)

331 | - [MyJSRat](https://github.com/Ridter/MyJSRat) - This is JSRat.ps1 in Python

332 | - [KWP](https://github.com/JutaZhu/KWP) - Keyboard Weak Password

333 | - [pocscan](https://github.com/erevus-cn/pocscan) - Will to be a niubility scan-framework

334 | - [weakScan](https://github.com/notwhy/weakScan) - a web weak file scanner

335 | - [pupy](https://github.com/n1nj4sec/pupy) - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

336 | - [vulysisBugBounty](https://github.com/movingname/vulysisBugBounty) - 

337 | - [GitHarvester](https://github.com/metac0rtex/GitHarvester) - 

338 | - [wifiphisher](https://github.com/wifiphisher/wifiphisher) - Automated victim-customized phishing attacks against Wi-Fi clients

339 | - [python-pinyin](https://github.com/mozillazg/python-pinyin) - 汉字拼音转换工具 Python 版(pypinyin)。

340 | - [python-shanbay](https://github.com/mozillazg/python-shanbay) - 提供一系列操作扇贝网 (www.shanbay.com) 的 API

341 | - [fuckCoreMail](https://github.com/pyphrb/fuckCoreMail) - fuck

342 | - [TangScan](https://github.com/WooYun/TangScan) - TangScan

343 | - [ScanSqlTestchromeExtensions](https://github.com/liuxigu/ScanSqlTestchromeExtensions) - just test

344 | - [Nscan](https://github.com/OffensivePython/Nscan) - Nscan: Fast internet-wide scanner

345 | - [Windows-Exploit-Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.

346 | - [Beehive](https://github.com/n0tr00t/Beehive) - Beehive is an open-source vulnerability detection framework based on Beebeeto-framework. Security researcher can use it to find vulnerability, exploits, subsequent attacks, etc.

347 | - [Beebeeto-framework](https://github.com/n0tr00t/Beebeeto-framework) - Beebeeto FrameWork

348 | - [social-engineer-toolkit](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

349 | - [Crack-Tools](https://github.com/MyKings/Crack-Tools) - web form crack

350 | - [V3n0M-Scanner](https://github.com/v3n0m-Scanner/V3n0M-Scanner) - Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

351 | - [SimplyEmail](https://github.com/killswitch-GUI/SimplyEmail) - Email recon made fast and easy, with a framework to build on

352 | - [spiderfoot](https://github.com/smicallef/spiderfoot) - SpiderFoot, the open source footprinting and intelligence-gathering  tool.

353 | - [baiduyun-brute](https://github.com/Xyntax/baiduyun-brute) - [已失效] 多线程百度云(私密分享)密码爆破工具 pan.baidu.com

354 | - [subDomainsBrute](https://github.com/lijiejie/subDomainsBrute) - A simple and fast sub domain brute tool for pentesters

355 | - [Sublist3r](https://github.com/aboul3la/Sublist3r) - Fast subdomains enumeration tool for penetration testers

356 | - [dzscan](https://github.com/code-scan/dzscan) - Dzscan

357 | - [thorns](https://github.com/ring04h/thorns) - thorns_project 分布式异步队列系统

358 | - [passive_scan](https://github.com/c4bbage/passive_scan) - 基于http代理的web漏洞扫描器的实现

359 | - [CPassword](https://github.com/cityofEmbera/CPassword) - 社工密码生成

360 | - [genPass](https://github.com/he1m4n6a/genPass) - 渗透测试中关于字典生成和整理辅助的工具

361 | - [wydomain](https://github.com/ring04h/wydomain) - to discover subdomains of your target domain

362 | - [GitHack](https://github.com/lijiejie/GitHack) - A `.git` folder disclosure exploit

363 | - [htpwdScan](https://github.com/lijiejie/htpwdScan) - A python HTTP weak pass scanner

364 | - [sqlmap](https://github.com/sqlmapproject/sqlmap) - Automatic SQL injection and database takeover tool

365 | - [sqlmapapi_pi](https://github.com/sowish/sqlmapapi_pi) - 利用sqlmapapi进行批量检测sql注入

366 | - [MSpider](https://github.com/manning23/MSpider) - Spider

367 | - [BBScan](https://github.com/lijiejie/BBScan) - A tiny Batch weB vulnerability Scanner

368 | - [weakfilescan](https://github.com/80vul/weakfilescan) - 动态多线程敏感信息泄露检测工具

369 | - [wyportmap](https://github.com/ring04h/wyportmap) - 目标端口扫描+系统服务指纹识别

370 | - [weakfilescan](https://github.com/ring04h/weakfilescan) - 动态多线程敏感信息泄露检测工具

371 | - [wydomain](https://github.com/sechacking/wydomain) - 目标系统信息收集组件

372 | - [hackUtils](https://github.com/brianwrf/hackUtils) - It is a hack tool kit for pentest and web security research.

373 | 

374 | ## Roff 
375 | 
376 | - [websearch](https://github.com/cuijianxiong/websearch) - Search engine for web assets

377 | 

378 | ## Ruby 
379 | 
380 | - [metasploit-framework](https://github.com/hdm/metasploit-framework) - Metasploit Framework

381 | - [Eternalblue-Doublepulsar-Metasploit](https://github.com/gh0stsec/Eternalblue-Doublepulsar-Metasploit) - Eternalblue-Doublepulsar-Metasploit

382 | - [Eternalblue-Doublepulsar-Metasploit](https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit) - 

383 | - [Metasploit-Plugins](https://github.com/darkoperator/Metasploit-Plugins) - Plugins for Metasploit Framework

384 | - [Meterpreter-Scripts](https://github.com/darkoperator/Meterpreter-Scripts) - Meterpreter Scripts that I'm working on

385 | - [cve-2017-7269](https://github.com/zcgonvh/cve-2017-7269) - fixed msf module for cve-2017-7269

386 | - [PTReporter](https://github.com/HackingLab/PTReporter) - 中文版渗透报告生成系统-Serpico

387 | - [metasploit-framework](https://github.com/dmchell/metasploit-framework) - Metasploit Framework

388 | - [fofa](https://github.com/LubyRuffy/fofa) - fofa website

389 | - [whitewidow](https://github.com/WhitewidowScanner/whitewidow) - SQL Vulnerability Scanner

390 | - [msf_module](https://github.com/tlskbz/msf_module) - Metasploit module

391 | - [phishlulz](https://github.com/antisnatchor/phishlulz) - 

392 | - [metasploit-framework](https://github.com/rapid7/metasploit-framework) - Metasploit Framework

393 | - [wordpress-exploit-framework](https://github.com/rastating/wordpress-exploit-framework) - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.

394 | - [sqli-hunter](https://github.com/zt2/sqli-hunter) - A simple sqlmap api wrapper and proxy server

395 | - [wyquery](https://github.com/LubyRuffy/wyquery) - Wooyun查询系统

396 | 

397 | ## Shell 
398 | 
399 | - [vulhub](https://github.com/phith0n/vulhub) - Docker-Compose file for vulnerability environment

400 | - [secist_script](https://github.com/Szrzvdny/secist_script) - 更新优化Demon的Metasploit Payload

401 | - [S2-046](https://github.com/yibeizifd/S2-046) - S2-046 POC

402 | - [st2-046-poc](https://github.com/jas502n/st2-046-poc) - st2-046-poc  CVE-2017-5638

403 | - [VulApps](https://github.com/Medicean/VulApps) - 快速搭建各种漏洞环境(Various vulnerability environment)

404 | - [metasploitavevasion](https://github.com/nccgroup/metasploitavevasion) - Metasploit AV Evasion Tool

405 | - [streisand](https://github.com/jlund/streisand) - Streisand sets up a new server running L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

406 | - [payloads](https://github.com/foospidy/payloads) - Git All the Payloads! A collection of web attack payloads.

407 | - [RootHelper](https://github.com/brianwrf/RootHelper) - A  Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

408 | - [RootHelper](https://github.com/NullArray/RootHelper) - A  Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

409 | - [Woobuntu](https://github.com/woolabs/Woobuntu) - 

410 | 

411 | 
412 | ## License
413 | 
414 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
415 | 
416 | To the extent possible under law, [kiang70](https://github.com/kiang70) has waived all copyright and related or neighboring rights to this work.
417 | 
418 | 


--------------------------------------------------------------------------------
/mubix.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [C](#c)

  9 |   - [C#](#c#)

 10 |   - [C++](#c++)

 11 |   - [CSS](#css)

 12 |   - [Go](#go)

 13 |   - [Java](#java)

 14 |   - [JavaScript](#javascript)

 15 |   - [KiCad](#kicad)

 16 |   - [Others](#others)

 17 |   - [PHP](#php)

 18 |   - [Perl](#perl)

 19 |   - [PowerShell](#powershell)

 20 |   - [Python](#python)

 21 |   - [Ruby](#ruby)

 22 |   - [Shell](#shell)

 23 | 

 24 | ## C 
 25 | 
 26 | - [USaBUSe](https://github.com/sensepost/USaBUSe) - Universal Serial aBUSe is a project to demonstrate the risks of hardware bypasses of software security by Rogan Dawes at SensePost.

 27 | - [public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) - Curated list of  public penetration test reports released by several consulting firms and academic security groups

 28 | - [winafl](https://github.com/ivanfratric/winafl) - A fork of AFL for fuzzing Windows binaries

 29 | - [qira](https://github.com/BinaryAnalysisPlatform/qira) - QEMU Interactive Runtime Analyser

 30 | - [hashcat-legacy](https://github.com/hashcat/hashcat-legacy) - Advanced CPU-based password recovery utility

 31 | - [thc-ipv6](https://github.com/vanhauser-thc/thc-ipv6) - IPv6 attack toolkit

 32 | - [nanomet](https://github.com/kost/nanomet) - Nano meterpreter shell based on TinyMet

 33 | - [littleblackbox](https://github.com/devttys0/littleblackbox) - Database of private SSL/SSH keys for embedded devices

 34 | - [meterpreter](https://github.com/rapid7/meterpreter) - THIS REPO IS OBSOLETE. USE https://github.com/rapid7/metasploit-payloads INSTEAD

 35 | - [osf_db](https://github.com/wick2o/osf_db) - Offline Security Focus Database

 36 | - [npwin32](https://github.com/mubix/npwin32) - NPAPI DLL for Win32 API

 37 | - [ettercap](https://github.com/Ettercap/ettercap) - Ettercap Project

 38 | - [dbd](https://github.com/gitdurandal/dbd) - Durandal's Backdoor

 39 | - [JohnTheRipper](https://github.com/magnumripper/JohnTheRipper) - This is the official repo for the Jumbo version of John the Ripper. The "bleeding-jumbo" branch (default) is based on 1.8.0-Jumbo-1 (but we are literally thousands of commits ahead of it). This is a bug tracker, not a support forum. It's also not the place to report bugs you see in any version of Jumbo other than the LATEST, from HERE! Thanks.

 40 | - [shellcodeexec](https://github.com/inquisb/shellcodeexec) - Script to execute in memory a sequence of opcodes

 41 | - [proxychains](https://github.com/haad/proxychains) - proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy.  Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.

 42 | - [npwin32](https://github.com/hasegawayosuke/npwin32) - NPAPI DLL for Win32 API

 43 | - [xdotool](https://github.com/jordansissel/xdotool) - fake keyboard/mouse input, window management, and more

 44 | 

 45 | ## C# # 
 46 | 
 47 | - [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler, and debugger

 48 | - [volatile_reader](https://github.com/brandonprry/volatile_reader) - A small, fast, and efficient offline event log parser, registry reader, pcap file analyzer, IL decompiler (with ICSharpCode), and pagefile analyzer written in C# and using GTK.

 49 | - [metasploit-sharp](https://github.com/VolatileMindsLLC/metasploit-sharp) - C# bindings for the Metasploit RPC

 50 | 

 51 | ## C++ 
 52 | 
 53 | - [inmet](https://github.com/SherifEldeeb/inmet) - A multi-purpose meterpreter executable (inline, many transports, msfpayload)

 54 | - [doom3.gpl](https://github.com/TTimo/doom3.gpl) - Doom 3 GPL source release

 55 | 

 56 | ## CSS 
 57 | 
 58 | - [WhiteChapel](https://github.com/mubix/WhiteChapel) - password cracking front end

 59 | 

 60 | ## Go 
 61 | 
 62 | - [pam-ussh](https://github.com/uber/pam-ussh) - uber's ssh certificate pam module

 63 | - [PassCrackNet](https://github.com/UnrealAkama/PassCrackNet) - An application for distributing oclHashcat tasks.

 64 | 

 65 | ## Java 
 66 | 
 67 | - [Wsdler](https://github.com/NetSPI/Wsdler) - WSDL Parser extension for Burp

 68 | - [heritrix3](https://github.com/internetarchive/heritrix3) - Heritrix is the Internet Archive's open-source, extensible, web-scale, archival-quality web crawler project.

 69 | - [netifera](https://github.com/netifera/netifera) - Open Source Network Security Platform

 70 | 

 71 | ## JavaScript 
 72 | 
 73 | - [msfjs](https://github.com/SomeoneWeird/msfjs) - NodeJS library for interacting with metasploit

 74 | - [CTF-Scoreboard](https://github.com/PTCoreSec/CTF-Scoreboard) - A scoreboard for Security CTF events

 75 | - [DoFler](https://github.com/SteveMcGrath/DoFler) - Dashboard of Fail.  A application to carve out images/accounts/vulns on conference networks and display them for general entertainment.

 76 | - [beef](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project

 77 | - [cuckoo](https://github.com/cuckoosandbox/cuckoo) - Cuckoo Sandbox is an automated dynamic malware analysis system

 78 | - [ctf_apps](https://github.com/mccabe615/ctf_apps) - Vulnerable applications

 79 | 

 80 | ## KiCad 
 81 | 
 82 | - [usbarmory](https://github.com/jdesfossez/usbarmory) - USB armory: open source flash-drive-sized computer

 83 | 

 84 | ## Others 
 85 | 
 86 | - [awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) - A collected list of awesome security talks

 87 | - [impacket-examples-windows](https://github.com/maaaaz/impacket-examples-windows) - The great impacket example scripts compiled for Windows

 88 | - [resource-portal-data](https://github.com/metasploit/resource-portal-data) - YAML data sources for metasploit.github.io

 89 | - [artillery](https://github.com/trustedsec/artillery) - The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

 90 | - [squirtle](https://github.com/mubix/squirtle) - A fork of the Squirtle project from: http://code.google.com/p/squirtle/

 91 | - [carnal0wnage-code](https://github.com/carnal0wnage/carnal0wnage-code) - Random Code

 92 | 

 93 | ## PHP 
 94 | 
 95 | - [XMLmao](https://github.com/SpiderLabs/XMLmao) - A configurable XPath/XML injection testbed

 96 | - [SQLol](https://github.com/SpiderLabs/SQLol) - A configurable SQL injection test-bed

 97 | - [NoVAHA-Scripts](https://github.com/NoVAHA/NoVAHA-Scripts) - Scripts that the NoVA Hacker Association Members have created

 98 | 

 99 | ## Perl 
100 | 
101 | - [nikto](https://github.com/sullo/nikto) - Nikto web server scanner

102 | - [htshells](https://github.com/mubix/htshells) - Self contained htaccess shells and attacks

103 | - [PadBuster](https://github.com/gw0/PadBuster) - Automated script for performing Padding Oracle attacks

104 | - [PadBuster](https://github.com/GDSSecurity/PadBuster) - Automated script for performing Padding Oracle attacks

105 | 

106 | ## PowerShell 
107 | 
108 | - [BrowserGather](https://github.com/sekirkity/BrowserGather) - Fileless web browser information extraction

109 | - [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.

110 | - [BloodHound](https://github.com/BloodHoundAD/BloodHound) - Six Degrees of Domain Admin

111 | - [LAPSToolkit](https://github.com/leoloobeek/LAPSToolkit) - Tool to audit and attack LAPS environments

112 | - [PowerShell](https://github.com/mmessano/PowerShell) - 

113 | - [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) - PowerSploit - A PowerShell Post-Exploitation Framework

114 | 

115 | ## Python 
116 | 
117 | - [trigen](https://github.com/karttoon/trigen) - Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.

118 | - [Responder](https://github.com/lgandx/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

119 | - [waybackpack](https://github.com/jsvine/waybackpack) - Download the entire Wayback Machine archive for a given URL.

120 | - [Ebowla](https://github.com/Genetic-Malware/Ebowla) - Framework for Making Environmental Keyed Payloads

121 | - [SublimeFixMacPath](https://github.com/int3h/SublimeFixMacPath) - A Sublime Text 2/3 plugin to set the PATH correctly on OS X

122 | - [certbot](https://github.com/certbot/certbot) - Certbot, previously the Let's Encrypt Client, is EFF's tool to obtain certs from Let's Encrypt, and (optionally) auto-enable HTTPS on your server.  It can also act as a client for any other CA that uses the ACME protocol.

123 | - [impacket](https://github.com/CoreSecurity/impacket) - Impacket is a collection of Python classes for working with network protocols.

124 | - [pth-toolkit](https://github.com/byt3bl33d3r/pth-toolkit) - Modified version of the passing-the-hash tool collection (https://code.google.com/p/passing-the-hash/) made to work straight out of the box

125 | - [kerberoast](https://github.com/nidem/kerberoast) - 

126 | - [TidyOnSave](https://github.com/kernelsmith/TidyOnSave) - Sublime Text 2 plugin, useful primarily to Metasploit contributors, to automatically run msftidy.rb when you save a file w/the .rb extension

127 | - [ScourDNS](https://github.com/reswob10/ScourDNS) - This script does some basic analysis of Windows DNS Debug Logs

128 | - [social-engineer-toolkit](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

129 | - [MFSniffer](https://github.com/mainframed/MFSniffer) - Mainframe TN3270 unencrypted TSO session user ID and password sniffer

130 | - [Responder](https://github.com/SpiderLabs/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

131 | - [ip6-arpa-scan](https://github.com/mubix/ip6-arpa-scan) - ip6.arpa scanner

132 | - [sqlmap](https://github.com/sqlmapproject/sqlmap) - Automatic SQL injection and database takeover tool

133 | - [chapcrack](https://github.com/moxie0/chapcrack) - 

134 | - [ntlmsspparse](https://github.com/psychomario/ntlmsspparse) - Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker.

135 | - [claymore](https://github.com/mayhemiclabs/claymore) - Claymore WiFi Honeypot

136 | - [ip6-arpa-scan](https://github.com/Habbie/ip6-arpa-scan) - ip6.arpa scanner

137 | - [scripts](https://github.com/averagesecurityguy/scripts) - Scripts I use during pentest engagements.

138 | - [pwn_plug_sources](https://github.com/pwnieexpress/pwn_plug_sources) - Public source repository for the Pwn Plug platform.

139 | - [XSS-over-NBNS](https://github.com/simon-weber/XSS-over-NBNS) - Proof of concept toolkit for demonstrating xss attacks against the Netgear WGR614v5.

140 | - [crack](https://github.com/averagesecurityguy/crack) - XMLRPC server for password cracking

141 | - [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script

142 | - [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers

143 | 

144 | ## Ruby 
145 | 
146 | - [attackresearch](https://github.com/cktricky/attackresearch) - Rails application that mirrors carnal0wnage blog posts "Basics of Rails"

147 | - [WordpressPingbackPortScanner](https://github.com/FireFart/WordpressPingbackPortScanner) - WordpressPingbackPortScanner

148 | - [metassh](https://github.com/mubix/metassh) - ssh session type for metasploit

149 | - [Ambush](https://github.com/scriptjunkie/Ambush) - Ambush Host Intrusion Prevention System

150 | - [metasploit-framework](https://github.com/webstersprodigy/metasploit-framework) - Metasploit Framework

151 | - [ZackAttack](https://github.com/urbanesec/ZackAttack) - Unveiled at DEF CON 20, NTLM Relaying to ALL THE THINGS!

152 | - [metasploit-framework](https://github.com/mubix/metasploit-framework) - Metasploit Framework

153 | - [omgeasymon](https://github.com/pentestify/omgeasymon) - Simple CCDC monitoring tool for red or blue teams

154 | - [domain-profiler](https://github.com/jwilkins/domain-profiler) - Given a domain, will tell you the decisions that the domain owner has made.

155 | - [metassh](https://github.com/dirtyfilthy/metassh) - ssh session type for metasploit

156 | - [tapir](https://github.com/intrigueio/tapir) - An easy-to-use and extensible framework for OSINT - REPLACED BY INTRIGUE-CORE

157 | - [warvox](https://github.com/rapid7/warvox) - 

158 | - [msfrpc-client](https://github.com/rapid7/msfrpc-client) - Rapid7 Metasploit API client library written in Ruby

159 | - [nexpose-client](https://github.com/rapid7/nexpose-client) - Rapid7 Nexpose API client library written in Ruby

160 | - [Not-In-Pentesting-Class](https://github.com/mubix/Not-In-Pentesting-Class) - The Dirty Secrets They Didn't Teach You In Pentesting Class

161 | - [metasploit-framework](https://github.com/rapid7/metasploit-framework) - Metasploit Framework

162 | - [stuff](https://github.com/mubix/stuff) - Things I've coded, or use (cause I can't find them online anymore)

163 | - [Metasploit-Code](https://github.com/carnal0wnage/Metasploit-Code) - Metasploit modules that didn't make it into trunk for some reason or the other

164 | - [AMI-Exposed](https://github.com/jjarmoc/AMI-Exposed) - AMI Exposed is a Ruby framework for testing Amazon Machine Images (AMIs) for common security weaknesses and credential exposures.

165 | - [buby](https://github.com/tduehr/buby) - A JRuby implementation of the BurpExtender interface for PortSwigger Burp Suite.

166 | - [asciinema.org](https://github.com/asciinema/asciinema.org) - asciinema hosting web app

167 | - [Metasploit-Plugins](https://github.com/darkoperator/Metasploit-Plugins) - Plugins for Metasploit Framework

168 | - [Meterpreter-Scripts](https://github.com/darkoperator/Meterpreter-Scripts) - Meterpreter Scripts that I'm working on

169 | - [misc](https://github.com/svent/misc) - scripts and tools

170 | - [gltail](https://github.com/Fudge/gltail) - Real-time visualization of server traffic, events and statistics with Ruby, SSH and OpenGL

171 | 

172 | ## Shell 
173 | 
174 | - [debian-ssh](https://github.com/g0tmi1k/debian-ssh) - Debian OpenSSL Predictable PRNG (CVE-2008-0166)

175 | - [Scrape-DNS](https://github.com/304GEEK/Scrape-DNS) - Searches for interesting cached DNS entries.

176 | - [Mainframed](https://github.com/mainframed/Mainframed) - Mainframe security auditing and scripts

177 | - [DVCS-Pillage](https://github.com/evilpacket/DVCS-Pillage) - Pillage web accessible GIT, HG and BZR repositories

178 | - [htshells](https://github.com/wireghoul/htshells) - Self contained htaccess shells and attacks

179 | 

180 | 
181 | ## License
182 | 
183 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
184 | 
185 | To the extent possible under law, [mubix](https://github.com/mubix) has waived all copyright and related or neighboring rights to this work.
186 | 
187 | 


--------------------------------------------------------------------------------
/ring04h.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/ring04h.md


--------------------------------------------------------------------------------
/riusksk.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/riusksk.md


--------------------------------------------------------------------------------
/the-c0d3r.md:
--------------------------------------------------------------------------------
  1 | # Awesome Stars [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
  2 | 
  3 | > A curated list of my GitHub stars!  Generated by [starred](https://github.com/maguowei/starred)
  4 | 
  5 | 
  6 | ## Contents
  7 | 
  8 |   - [C](#c)

  9 |   - [C#](#c#)

 10 |   - [C++](#c++)

 11 |   - [CSS](#css)

 12 |   - [Go](#go)

 13 |   - [HTML](#html)

 14 |   - [Java](#java)

 15 |   - [JavaScript](#javascript)

 16 |   - [Jupyter Notebook](#jupyter notebook)

 17 |   - [Matlab](#matlab)

 18 |   - [Objective-C](#objective-c)

 19 |   - [Others](#others)

 20 |   - [PHP](#php)

 21 |   - [Perl](#perl)

 22 |   - [PowerShell](#powershell)

 23 |   - [Python](#python)

 24 |   - [Roff](#roff)

 25 |   - [Ruby](#ruby)

 26 |   - [Shell](#shell)

 27 |   - [Smali](#smali)

 28 |   - [TeX](#tex)

 29 |   - [Vim script](#vim script)

 30 |   - [VimL](#viml)

 31 | 

 32 | ## C 
 33 | 
 34 | - [CreepyCodeCollection](https://github.com/MinhasKamal/CreepyCodeCollection) - A Nonsense Collection of Disgusting Codes

 35 | - [linux-exploit-development-tutorial](https://github.com/hardenedlinux/linux-exploit-development-tutorial) - a series tutorial for linux exploit development to newbie.

 36 | - [fuse-ext2](https://github.com/alperakcan/fuse-ext2) - Fuse-ext2 is a multi OS FUSE module to mount ext2, ext3 and ext4 file system devices and/or images with read write support.

 37 | - [netdata](https://github.com/firehol/netdata) - Get control of your servers. Simple. Effective. Awesome. https://my-netdata.io/

 38 | - [UACME](https://github.com/hfiref0x/UACME) - Defeating Windows User Account Control

 39 | - [Unix-Privilege-Escalation-Exploits-Pack](https://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Pack) - Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.

 40 | - [progress](https://github.com/Xfennec/progress) - Linux tool to show progress for cp, mv, dd, ... (formerly known as cv)

 41 | - [Craft](https://github.com/fogleman/Craft) - A simple Minecraft clone written in C using modern OpenGL (shaders).

 42 | - [pwnat](https://github.com/samyk/pwnat) - pwnat punches holes in firewalls and NATs allowing any numbers of clients behind NATs to directly connect to a server behind a different NAT using a newly developed technique with no 3rd party, port forwarding, DMZ or spoofing

 43 | 

 44 | ## C# # 
 45 | 
 46 | - [my-Little-Ransomware](https://github.com/aaaddress1/my-Little-Ransomware) - easy ransomware module base on csharp.

 47 | - [Psychson](https://github.com/brandonlw/Psychson) - Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB)

 48 | 

 49 | ## C++ 
 50 | 
 51 | - [Mutate](https://github.com/qdore/Mutate) - A simple launcher inspired by Alfred for ubuntu and Fedora.

 52 | - [ppsspp](https://github.com/hrydgard/ppsspp) - A PSP emulator for Android, Windows, Mac and Linux, written in C++. Want to contribute? Join us in #ppsspp on freenode (IRC) or just send pull requests / issues. For discussion use the forums on ppsspp.org.

 53 | 

 54 | ## CSS 
 55 | 
 56 | - [Quiver-Theme-Atom-One-Dark](https://github.com/pslobo/Quiver-Theme-Atom-One-Dark) - A theme for Quiver based on Atom One Dark UI

 57 | - [mononoki](https://github.com/madmalik/mononoki) - a programming typeface

 58 | 

 59 | ## Go 
 60 | 
 61 | - [micro](https://github.com/zyedidia/micro) - A modern and intuitive terminal-based text editor

 62 | - [vuvuzela](https://github.com/vuvuzela/vuvuzela) - Private messaging system that hides metadata

 63 | 

 64 | ## HTML 
 65 | 
 66 | - [warberry](https://github.com/secgroundzero/warberry) - WarBerryPi - Tactical Exploitation

 67 | - [mana](https://github.com/sensepost/mana) - Our mana toolkit for wifi rogue AP attacks and MitM  - see hostapd-mana too

 68 | - [edx-dl](https://github.com/coursera-dl/edx-dl) - A simple tool to download video lectures from edx.org.

 69 | 

 70 | ## Java 
 71 | 
 72 | - [SharePodcasts](https://github.com/Victory/SharePodcasts) - A website to share Podcast episodes online without needing to download a native app

 73 | - [Dev404](https://github.com/Iczac/Dev404) - Java Demos

 74 | - [android-autofittextview](https://github.com/grantland/android-autofittextview) - A TextView that automatically resizes text to fit perfectly within its bounds.

 75 | - [Cknife](https://github.com/Chora10/Cknife) - Cknife

 76 | - [diva-android](https://github.com/payatu/diva-android) - DIVA Android - Damn Insecure and vulnerable App for Android

 77 | - [karmadetector](https://github.com/pmbento/karmadetector) - Android wireless karma attack detector

 78 | - [jython-burp-api](https://github.com/mwielgoszewski/jython-burp-api) - Develop Burp extensions in Jython

 79 | 

 80 | ## JavaScript 
 81 | 
 82 | - [TermKit](https://github.com/unconed/TermKit) - Experimental Terminal platform built on WebKit + node.js. Currently only for Mac and Windows, though the prototype works 90% in any WebKit browser.

 83 | - [zuzu-magic](https://github.com/AungMyoKyaw/zuzu-magic) - Convert to magic version on selecting all twice

 84 | - [CyberChef](https://github.com/gchq/CyberChef) - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

 85 | - [komodo-terminal-butterfly](https://github.com/Defman21/komodo-terminal-butterfly) - Docks the Butterfly terminal in Komodo

 86 | - [monkey](https://github.com/guardicore/monkey) - Infection Monkey - An automated pentest tool

 87 | - [hacker-scripts](https://github.com/NARKOZ/hacker-scripts) - Based on a true story

 88 | - [Iosevka](https://github.com/be5invis/Iosevka) - Slender typeface for code, from code.

 89 | - [Boostnote](https://github.com/BoostIO/Boostnote) - Boostnote is an open source note-taking app made for programmers just like you🚀

 90 | - [Subterfuge](https://github.com/Subterfuge-Framework/Subterfuge) - Framework for Man-In-The-Middle attacks

 91 | - [ufonet](https://github.com/epsylon/ufonet) - UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks    using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

 92 | - [awesome-ctf](https://github.com/apsdehal/awesome-ctf) - A curated list of CTF frameworks, libraries, resources and softwares

 93 | - [TiddlyDesktop](https://github.com/Jermolene/TiddlyDesktop) - A custom browser for TiddlyWiki, based on nw.js

 94 | 

 95 | ## Jupyter Notebook 
 96 | 
 97 | - [python-machine-learning-book](https://github.com/rasbt/python-machine-learning-book) - The "Python Machine Learning" book code repository and info resource

 98 | 

 99 | ## Matlab 
100 | 
101 | - [deep-photo-styletransfer](https://github.com/luanfujun/deep-photo-styletransfer) - Code and data for paper "Deep Photo Style Transfer": https://arxiv.org/abs/1703.07511

102 | 

103 | ## Objective-C 
104 | 
105 | - [santa](https://github.com/google/santa) - A binary whitelisting/blacklisting system for Mac OS X

106 | - [QuickLookAPK](https://github.com/hezi/QuickLookAPK) - A Quick Look plugin for Android packages

107 | 

108 | ## Others 
109 | 
110 | - [MLJejuCamp](https://github.com/TensorFlowKR/MLJejuCamp) - Machine Learning Jeju Camp

111 | - [android-dev-sources](https://github.com/ParaskP7/android-dev-sources) - All those android development sources that you need to be and stay awesome!

112 | - [computer-science](https://github.com/open-source-society/computer-science) - :mortar_board: Path to a free self-taught education in Computer Science!

113 | - [osx-re-101](https://github.com/michalmalik/osx-re-101) - A collection of resources for OSX/iOS reverse engineering.

114 | - [awesome-hacking](https://github.com/carpedm20/awesome-hacking) - A curated list of awesome Hacking tutorials, tools and resources

115 | - [dockerized_fbctf](https://github.com/qazbnm456/dockerized_fbctf) - This repo aims to dockerized fbctf.

116 | - [awesome-osx-command-line](https://github.com/herrbischoff/awesome-osx-command-line) - Use your OS X terminal shell to do awesome things.

117 | - [Quiver](https://github.com/HappenApps/Quiver) - Quiver documentation and issue tracker

118 | - [mmunicodesites](https://github.com/kyawzazaw/mmunicodesites) - A list of sites that use Unicode Complaint Standards for displaying content in Burmese language

119 | - [free-programming-books](https://github.com/vhf/free-programming-books) - :books: Freely available programming books

120 | - [ubuntu-mm-wiki](https://github.com/fossmyanmar/ubuntu-mm-wiki) - Ubuntu Wiki - Ubuntu Myanmar LoCo Team

121 | - [hidden-tear](https://github.com/utkusen/hidden-tear) - an open source ransomware honeypot

122 | - [awesome-shell](https://github.com/alebcay/awesome-shell) - A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.

123 | 

124 | ## PHP 
125 | 
126 | - [Sn1per](https://github.com/1N3/Sn1per) - Automated Pentest Recon Scanner

127 | - [fuzzdb](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

128 | - [quasibot](https://github.com/Smaash/quasibot) - complex webshell manager, quasi-http botnet.

129 | - [SCANNER-INURLBR](https://github.com/googleinurl/SCANNER-INURLBR) - Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.

130 | 

131 | ## Perl 
132 | 
133 | - [browsersploit](https://github.com/julienbedard/browsersploit) - BrowserExploit is an advanced browser exploit pack for doing internal and external pentesting, helping gaining access to internal computers.

134 | - [sec-tools](https://github.com/infoslack/sec-tools) - Docker images for infosec tools

135 | 

136 | ## PowerShell 
137 | 
138 | - [Empire](https://github.com/EmpireProject/Empire) - Empire is a PowerShell and Python post-exploitation agent.

139 | - [mimikittenz](https://github.com/putterpanda/mimikittenz) - A post-exploitation powershell tool for extracting juicy info from memory.

140 | - [Get-bADpasswords](https://github.com/ZilentJack/Get-bADpasswords) - Find enabled Active Directory users with bad passwords

141 | 

142 | ## Python 
143 | 
144 | - [cheetah](https://github.com/sunnyelf/cheetah) - a very fast brute force webshell password tool

145 | - [JSShell](https://github.com/Den1al/JSShell) - An interactive multi-user web JS shell

146 | - [Droopy](https://github.com/stackp/Droopy) - Mini Web server that let others upload files to your computer

147 | - [jexboss](https://github.com/joaomatosf/jexboss) - JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

148 | - [ImageScraper](https://github.com/sananth12/ImageScraper) - :scissors: High performance, multi-threaded image scraper

149 | - [ReadComicOnline-Downloader](https://github.com/Xonshiz/ReadComicOnline-Downloader) - A little script to download issues from http://readcomiconline.to/

150 | - [elizabeth](https://github.com/lk-geimfari/elizabeth) - Elizabeth is a fast and easy to use Python library for generating dummy data for a variety of purposes. This data can be particularly useful during software development and testing.

151 | - [mps-youtube](https://github.com/mps-youtube/mps-youtube) - Terminal based YouTube player and downloader

152 | - [maltrail](https://github.com/stamparm/maltrail) - Malicious traffic detection system

153 | - [tsusen](https://github.com/stamparm/tsusen) - Network traffic sensor

154 | - [pupy](https://github.com/n1nj4sec/pupy) - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

155 | - [ka-lite](https://github.com/learningequality/ka-lite) - KA Lite: lightweight web server for serving core Khan Academy content (videos and exercises) without needing internet connectivity

156 | - [flaskr-tdd](https://github.com/mjhea0/flaskr-tdd) - Flaskr: Intro to Flask, Test Driven Development (TDD), and jQuery

157 | - [kcc](https://github.com/ciromattia/kcc) - KCC (a.k.a. Kindle Comic Converter) is a comic and manga converter for ebook readers.

158 | - [ProxyBroker](https://github.com/constverum/ProxyBroker) - Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS

159 | - [static-python](https://github.com/bendmorris/static-python) - A fork of cpython that supports building a static interpreter and true standalone executables

160 | - [subtitle-downloader](https://github.com/manojmj92/subtitle-downloader) - Python script to automatically download subtitles for any movie/tv series episode.

161 | - [pocket2quiver](https://github.com/AnsonT/pocket2quiver) - Exports Pocket bookmarks to Quiver Notebook

162 | - [evlal_win](https://github.com/pyqteval/evlal_win) - 

163 | - [zarp](https://github.com/hatRiot/zarp) - Network Attack Tool

164 | - [Fox-scan](https://github.com/fengxuangit/Fox-scan) - Fox-scan is a initiative and passive SQL Injection vulnerable Test tools.

165 | - [facebook-comment-spammer](https://github.com/kirankaranth1/facebook-comment-spammer) - Script that can recursively comment on hundreds of threads on a facebook profile/page. Helpful for handling with extremely non-cooperative customer care units.

166 | - [changeme](https://github.com/ztgrace/changeme) - A default credential scanner.

167 | - [baseimage-docker](https://github.com/phusion/baseimage-docker) - A minimal Ubuntu base image modified for Docker-friendliness

168 | - [WAFNinja](https://github.com/khalilbijjou/WAFNinja) - WAFNinja is a tool which contains two functions to attack Web Application Firewalls.

169 | - [Rabbit-Python](https://github.com/Rabbit-Converter/Rabbit-Python) - Rabbit in Python

170 | - [borg](https://github.com/borgbackup/borg) - Deduplicating archiver with compression and authenticated encryption.

171 | - [h264_dvr_rce](https://github.com/k1p0d/h264_dvr_rce) - 

172 | - [PyHarry](https://github.com/Larz60p/PyHarry) - Python Local Reference - 'Harry the helper'

173 | - [teledowner](https://github.com/v3ss0n/teledowner) - Telenor Autodownload Daemon when Zeekwat is active.

174 | - [python-myanmar](https://github.com/trhura/python-myanmar) - Python Routines for Myanmar Language Processing

175 | - [OWASP-ZSC](https://github.com/zscproject/OWASP-ZSC) - OWASP ZSC - Shellcode/Obfuscate Code Generator

176 | - [Ocrn](https://github.com/swvist/Ocrn) - Optical Character Recognition using Neural Networks in Python

177 | - [wireless-ids](https://github.com/SYWorks/wireless-ids) - Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets.

178 | - [phpsploit](https://github.com/nil0x42/phpsploit) - Stealth post-exploitation framework

179 | - [scripts](https://github.com/averagesecurityguy/scripts) - Scripts I use during pentest engagements.

180 | - [BBScan](https://github.com/lijiejie/BBScan) - A tiny Batch weB vulnerability Scanner

181 | - [wordbrutepress](https://github.com/claudioviviani/wordbrutepress) - Wordpress Brute Force Multithreading with standard and xml-rpc login

182 | - [rext](https://github.com/j91321/rext) - Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices.

183 | - [interactive-coding-challenges](https://github.com/donnemartin/interactive-coding-challenges) - Huge update!  Interactive Python coding interview challenges (algorithms and data structures).  Includes Anki flashcards.

184 | - [Responder](https://github.com/SpiderLabs/Responder) - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

185 | - [wsuspect-proxy](https://github.com/ctxis/wsuspect-proxy) - WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections

186 | - [infernal-twin](https://github.com/entropy1337/infernal-twin) - wireless hacking - This is automated wireless hacking tool

187 | - [foresight](https://github.com/ALSchwalm/foresight) - A tool for predicting the output of random number generators

188 | - [commix](https://github.com/commixproject/commix) - Automated All-in-One OS command injection and exploitation tool.

189 | - [dnsteal](https://github.com/m57/dnsteal) - DNS Exfiltration tool for stealthily sending files over DNS requests.

190 | - [wifikill](https://github.com/roglew/wifikill) - A python program to kick people off of wifi

191 | - [gcat](https://github.com/byt3bl33d3r/gcat) - A fully featured backdoor that uses Gmail as a C&C server

192 | - [cintruder](https://github.com/epsylon/cintruder) - Captcha Intruder (CIntruder) is an automatic pentesting tool to bypass captchas.

193 | - [pyxtrlock](https://github.com/leonnnn/pyxtrlock) - The X transparent screen lock rewritten in Python, using XCB and PAM.

194 | - [xosVer](https://github.com/coca1ne/xosVer) - xosVer Get remote host os version info

195 | - [cookiecutter-pypackage](https://github.com/audreyr/cookiecutter-pypackage) - Cookiecutter template for a Python package.

196 | - [scribe](https://github.com/VikParuchuri/scribe) - Simple speech recognition using your microphone.

197 | - [tinydb](https://github.com/msiemens/tinydb) - TinyDB is a lightweight document oriented database optimized for your happiness :)

198 | - [PyBitmessage](https://github.com/Bitmessage/PyBitmessage) - Reference client for Bitmessage: a P2P encrypted decentralised communication protocol:

199 | - [GitHack](https://github.com/lijiejie/GitHack) - A `.git` folder disclosure exploit

200 | - [usbkill](https://github.com/hephaest0s/usbkill) - « usbkill » is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer.

201 | - [ComicMerge](https://github.com/khutchins/ComicMerge) - This is a simple tool that allows you to merge multiple .cbz files into a single .cbz file.

202 | - [DeDRM_tools](https://github.com/apprenticeharper/DeDRM_tools) - DeDRM tools for ebooks

203 | - [organized-edx-download](https://github.com/VarunBatraIT/organized-edx-download) - Python based edx downloader which downloads edx videos in separate folders (per week)

204 | - [spiderfoot](https://github.com/smicallef/spiderfoot) - SpiderFoot, the open source footprinting and intelligence-gathering  tool.

205 | - [wifiphisher](https://github.com/wifiphisher/wifiphisher) - Automated victim-customized phishing attacks against Wi-Fi clients

206 | - [ipgetter](https://github.com/phoemur/ipgetter) - Utility to fetch your external IP address

207 | - [calibre](https://github.com/kovidgoyal/calibre) - The official source code repository for the calibre ebook manager

208 | - [HoloBackup](https://github.com/omegavesko/HoloBackup) - A noob-friendly GUI to Android's native backup function.

209 | - [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell

210 | - [xwpscan](https://github.com/Mister-Geek/xwpscan) - Part of our python framework project

211 | - [sqlmap](https://github.com/sqlmapproject/sqlmap) - Automatic SQL injection and database takeover tool

212 | 

213 | ## Roff 
214 | 
215 | - [facebook-tunnel](https://github.com/matiasinsaurralde/facebook-tunnel) - Tunneling Internet traffic over Facebook chat.

216 | 

217 | ## Ruby 
218 | 
219 | - [geeklet-scripts](https://github.com/rjorgenson/geeklet-scripts) - various scripts to be used in conjunction with GeekTool or Ubersicht

220 | 

221 | ## Shell 
222 | 
223 | - [cloud9-vnc](https://github.com/noobkilervip/cloud9-vnc) - Running X11 in a Cloud9 Workspace

224 | - [cloud9-vnc](https://github.com/acabey/cloud9-vnc) - Running X11 in a Cloud9 Workspace

225 | - [instant-archlinux-on-mac](https://github.com/yantis/instant-archlinux-on-mac) - Instant Arch Linux on Mac & MacBook

226 | - [gitDigger](https://github.com/wick2o/gitDigger) - 

227 | - [Findsploit](https://github.com/1N3/Findsploit) - Find exploits in local and online databases instantly

228 | - [pentestpackage](https://github.com/leonteale/pentestpackage) - a package of Pentest scripts I have made or  commonly use

229 | - [ARP-Defense](https://github.com/aarreedd/ARP-Defense) - ARP Poisoning Defense Scripts

230 | - [temp-throttle](https://github.com/Sepero/temp-throttle) - A shell script for throttling system CPU frequency based on a desired maximum temperature

231 | - [pokemon-linux](https://github.com/codygarver/pokemon-linux) - A PlayOnLinux script for easy installation and management of the fan games Pokemon Melanite, Pokemon Zeta and Pokemon Omicron

232 | - [LS_COLORS](https://github.com/trapd00r/LS_COLORS) - A collection of LS_COLORS definitions; needs your contribution!

233 | 

234 | ## Smali 
235 | 
236 | - [kwetza](https://github.com/sensepost/kwetza) - Python script to inject existing Android applications with a Meterpreter payload.

237 | 

238 | ## TeX 
239 | 
240 | - [RE-for-beginners](https://github.com/dennis714/RE-for-beginners) - "Reverse Engineering for Beginners" free book

241 | 

242 | ## Vim script 
243 | 
244 | - [vim-gitgutter](https://github.com/airblade/vim-gitgutter) - A Vim plugin which shows a git diff in the gutter (sign column) and stages/undoes hunks.

245 | 

246 | ## VimL 
247 | 
248 | - [colorsbox](https://github.com/mkarmona/colorsbox) - 

249 | - [gruvbox](https://github.com/morhetz/gruvbox) - Retro groove color scheme for Vim

250 | 

251 | 
252 | ## License
253 | 
254 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](https://creativecommons.org/publicdomain/zero/1.0/)
255 | 
256 | To the extent possible under law, [the-c0d3r](https://github.com/the-c0d3r) has waived all copyright and related or neighboring rights to this work.
257 | 
258 | 


--------------------------------------------------------------------------------
/xiaoxiaoleo.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/3hm1ly/awesome-hacking-lists/2d23e3d285f9f2794c9e86bbb3abcce0565f79d2/xiaoxiaoleo.md


--------------------------------------------------------------------------------