User Experience on mobile might not be great yet, but
I'm working on it.
Your first time on this page? Allow me to give some explanations.
Awesome Hacking
A curated list of awesome Hacking tutorials, tools and resources
Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.
Thank you carpedm20 & contributors
View Topic on GitHub:
carpedm20/awesome-hacking
Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.
Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.
Tutorials
Linux Binary Exploitation
Tools
Metasploit Framework
A little tool to play with Windows security
Docker Images for Penetration Testing & Security
The OWASP ZAP core project
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
General
Tutorials
Disassemblers and debuggers
An open-source x64/x32 debugger for windows.
UNIX-like reverse engineering framework and command-line toolset
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
Decompilers
Java decompiler, assembler, and disassembler
A standalone Java Decompiler GUI
An Open Source Java Decompiler Gui for Procyon
Dex to Java decompiler
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
.NET debugger and assembly editor
Free and Open Source Reverse Engineering Platform powered by rizin
RetDec is a retargetable machine-code decompiler based on LLVM.
Snowman decompiler
A cross-version Python bytecode decompiler
Deobfuscators
.NET deobfuscator and unpacker.
Beautifier for javascript
Other
Get inside your JVM
Tools to work with android .dex and java .class files
.NET anti-managed debugger and anti-profiler code
Execution logging and tracing
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
USB packet capture for Windows
Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
Drltrace is a library calls tracer for Windows and Linux applications.
Hex editors
wxHexEditor official GIT repo
Other
Firmware Analysis Tool
Binary data analysis and visualization tool
Kaitai Struct: declarative language to generate binary data parsers in C++ / C# / Go / Java / JavaScript / Lua / Perl / PHP / Python / Ruby
๐ต๏ธ Tool to reverse-engineer Protocol Buffers with unknown definition
A patch analysis tool
Free universal database tool and SQL client
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
General
Tools
Automatic SQL injection and database takeover tool
Automated NoSQL database enumeration and web application exploitation tool.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Scriptable network authentication cracker (formerly badtouch)
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
General
More than 100 security checks for your Node.js API
Tools
A Linux packet crafting tool.
Man in the Middle SOCKS Proxy for JAVA
SSH man-in-the-middle tool
An engine to make Tor network your default gateway
Hacking Toolkit
Great packages that use Scapy
In-depth Attack Surface Mapping and Asset Discovery
Secure multithreaded packet sniffer
Discover internet-wide misconfigurations while drinking coffee
๐ค The Modern Port Scanner ๐ค
Tools
The Sleuth Kitยฎ (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Tools
A tool to analyze multi-byte xor cipher
โก Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes โก
System
Reverse Engineering
Web
Cryptography
Bug bounty
A list of interesting payloads, tips and tricks for bug bounty hunters.
Bug bounty - Earn Some Money
Competition
General
Collection of the cheat sheets useful for pentesting
๐ฌ A curated list of movies every hacker & cyberpunk must watch.
Online resources
tools
Empire is a PowerShell and Python post-exploitation agent.
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
PowerSploit - A PowerShell Post-Exploitation Framework
Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)