User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Hacking

A curated list of awesome Hacking tutorials, tools and resources

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: None

Thank you carpedm20 & contributors
View Topic on GitHub:
carpedm20/awesome-hacking

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Tutorials

Tools

Metasploit Framework

23.2K
10.98K
77d
n/a

A little tool to play with Windows security

11.67K
2.48K
6m
n/a

Docker Images for Penetration Testing & Security

General

Tutorials

Disassemblers and debuggers

An open-source x64/x32 debugger for windows.

36.25K
1.55K
86d
GPL-3.0

UNIX-like reverse engineering framework and command-line toolset

13.97K
2.41K
82d
LGPL-3.0

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

2.91K
302
2y 70d
GPL-3.0

Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API

364
48
5m
GPL-3.0

Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.

4.74K
1.15K
5m
n/a

Most used Reversing software.

An assembly-level debugger for Windows

Open Source suite of reverse engineering tools. Similar to IDA Pro.

Decompilers

Java decompiler, assembler, and disassembler

1.29K
153
11m
GPL-3.0

A standalone Java Decompiler GUI

9.68K
1.83K
1y 4m
GPL-3.0

An Open Source Java Decompiler Gui for Procyon

3.91K
836
1y 89d
Apache-2.0

Dex to Java decompiler

25.16K
3.07K
88d
Apache-2.0

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

10.97K
2.22K
8m
n/a

.NET debugger and assembly editor

17.48K
2.97K
5m
n/a

Free and Open Source Reverse Engineering Platform powered by rizin

8.95K
709
82d
GPL-3.0

RetDec is a retargetable machine-code decompiler based on LLVM.

5.83K
692
83d
n/a

Snowman decompiler

1.84K
281
6m
n/a

A cross-version Python bytecode decompiler

2.06K
244
4m
GPL-3.0

JAD

JAD Java Decompiler (closed-source, unmaintained)

Free-of-charge standalone tool based on ReSharper's bundled decompiler. It can reliably decompile any .NET assembly into equivalent C# or IL code. It can create Visual Studio solutions based on the original binary files in a straight-forward way. [Proprietary] [Free]

A Dissassembler for MacOS and Linux. Has a Demo option for 30 minutes of productivity.

Deobfuscators

.NET deobfuscator and unpacker.

4.93K
1.6K
8m
GPL-3.0

Beautifier for javascript

7.17K
1.23K
106d
MIT

a web service guessing JS variables names and types based on the model derived from open source.

Other

Get inside your JVM

144
13
1y 30d
MIT

Tools to work with android .dex and java .class files

8.39K
1.59K
1y 8m
Apache-2.0

.NET anti-managed debugger and anti-profiler code

237
121
7y 30d
n/a

Reverse engineering, malware and goodware analysis of Android applications

UPX

the Ultimate Packer (and unpacker) for eXecutables

Execution logging and tracing

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

21.55K
2.77K
82d
MIT

USB packet capture for Windows

526
134
11m
n/a

Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone

274
38
1y 9m
MIT

Drltrace is a library calls tracer for Windows and Linux applications.

281
56
9m
BSD-3-Clause

A network protocol analyzer. ![Open-Source Software][oss icon] ![Freeware][freeware icon]

Packet analyzer for network traffic capture.

A cross-platform GUI web debugging proxy to view intercepted HTTP and HTTPS/SSL live traffic

Hex editors

wxHexEditor official GIT repo

378
77
1y 1d
GPL-2.0

HxD

A hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size

A hexadecimal editor, helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security

Hexinator](https://hexinator.com/) -

Other

Firmware Analysis Tool

7.09K
1.08K
100d
MIT

Binary data analysis and visualization tool

762
77
2y 12m
Apache-2.0

Kaitai Struct: declarative language to generate binary data parsers in C++ / C# / Go / Java / JavaScript / Lua / Perl / PHP / Python / Ruby

2.42K
129
95d
n/a

🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition

510
62
5m
ISC

A patch analysis tool

352
70
8m
n/a

Free universal database tool and SQL client

18.99K
1.75K
76d
Apache-2.0

A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.

3.28K
295
5m
MIT

A quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files

A small, very fast and powerful text extractor that will be of particular interest to programmers.

General

Tools

Automatic SQL injection and database takeover tool

19.42K
4.19K
80d
n/a

Automated NoSQL database enumeration and web application exploitation tool.

1.63K
445
88d
GPL-3.0

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

759
194
8m
GPL-3.0

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

3.4K
493
84d
MIT

Scriptable network authentication cracker

258
23
118d
GPL-3.0

Full-featured C2 framework which silently persists on webserver via evil PHP oneliner

981
302
8m
GPL-3.0

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

119
34
10m
MIT

Spyse is an OSINT search engine that provides fresh data about the entire web. All the data is stored in its own DB for instant access and interconnected with each other for flexible search.

base64 base85 md4,5 hash, sha1 hash encoding/decoding

A subdomains discovery tool that collects all possible subdomains from open source internet and validates them through various tools to provide accurate results.

General

More than 100 security checks for your Node.js API

405
25
7m
n/a

Tools

A Linux packet crafting tool.

382
36
6m
GPL-2.0

Man in the Middle SOCKS Proxy for JAVA

25
10
8y 89d
n/a

SSH man-in-the-middle tool

1.32K
193
1y 7m
n/a

An engine to make Tor network your default gateway

1K
229
4m
n/a

Hacking Toolkit

631
145
4m
BSD-3-Clause

Great packages that use Scapy

31
12
4m
CC-BY-4.0

In-depth Attack Surface Mapping and Asset Discovery

4.79K
874
86d
Apache-2.0

Secure multithreaded packet sniffer

647
52
7m
GPL-3.0

A Java-based HTTP/HTTPS proxy for assessing web application vulnerability

really fast subdomains scanning service that has much greater opportunities than simple subs finder(works using OSINT).

A simple TCP/UDP protocol fuzzer.

a useful tool for exploring autonomous systems and all related info (CIDR, ASN, Org...)

ZAP

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

An open source utility for network discovery and security auditing.

Crack 802.11 WEP and WPA-PSK keys.

Free program to jam all wifi clients in range

Free program for HTTP session hijacking attacks.

Tools

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

1.76K
510
82d
n/a

A digital forensics platform and graphical interface to The Sleuth Kit and other digital forensics tools

The shared technology within a suite of digital investigations products by Guidance Software

Tools

A tool to analyze multi-byte xor cipher

979
143
7m
n/a

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

4.62K
244
7m
MIT

Crack 802.11 WEP and WPA-PSK keys.

System

Reverse Engineering

This site tests your ability to Cracking & Reverse Code Engineering

The world first and largest community website for crackmes and reversemes.

Web

Training ground for hackers.

Weekly CTFs for all types of security enthusiasts.

a website without logins or ads where you can solve password-riddles (so called hackits).

Website by an Austrian group. Lots of challenges taken from CTFs they participated in.

Cryptography

Bug bounty

A list of interesting payloads, tips and tricks for bug bounty hunters.

3.06K
1.04K
117d
CC-BY-SA-4.0

Bug bounty - Earn Some Money

Competition

General

Collection of the cheat sheets useful for pentesting

2.26K
595
1y 89d
n/a

🎬 A curated list of movies every hacker & cyberpunk must watch.

8.57K
813
5m
CC0-1.0

An Intelligent network of bots that fetch the latest InfoSec content.

General information on CTF occuring around the worlds.

CTF challenge archive maintained by Jonathan Salwan.

OS RE and rootkit development

A free course that teaches beginners the basics of forensics, crypto, and web-ex.

Online resources

Website dedicated to talking about, reviewing and keeping up to date with open source operating systems

tools

Empire is a PowerShell and Python post-exploitation agent.

5.8K
2.18K
1y 9m
BSD-3-Clause

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

1.54K
325
4m
GPL-3.0

PowerSploit - A PowerShell Post-Exploitation Framework

8.03K
3.13K
8m
n/a

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

618
159
2y 105d
n/a

ETC

Top 125 Network Security Tools

Four free courses designed to teach beginners the fundamentals of computing, security, and CTFs.