Your first time on this page? Allow me to give some explanations.
A curated list of awesome Hacking tutorials, tools and resources
Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.
Thank you carpedm20 & contributors
View Topic on GitHub:
Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.
Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.
Linux Binary Exploitation
A little tool to play with Windows security
Docker Images for Penetration Testing & Security
The OWASP ZAP core project
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Disassemblers and debuggers
An open-source x64/x32 debugger for windows.
UNIX-like reverse engineering framework and command-line toolset
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
Java decompiler, assembler, and disassembler
A standalone Java Decompiler GUI
An Open Source Java Decompiler Gui for Procyon
Dex to Java decompiler
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
.NET debugger and assembly editor
Free and Open Source Reverse Engineering Platform powered by rizin
RetDec is a retargetable machine-code decompiler based on LLVM.
A cross-version Python bytecode decompiler
.NET deobfuscator and unpacker.
Get inside your JVM
Tools to work with android .dex and java .class files
.NET anti-managed debugger and anti-profiler code
Execution logging and tracing
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
USB packet capture for Windows
Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
Drltrace is a library calls tracer for Windows and Linux applications.
wxHexEditor official GIT repo
Firmware Analysis Tool
Binary data analysis and visualization tool
🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
A patch analysis tool
Free universal database tool and SQL client
A rewrite of the old legacy software "depends.exe" in C# for Windows devs to troubleshoot dll load dependencies issues.
Automatic SQL injection and database takeover tool
Automated NoSQL database enumeration and web application exploitation tool.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Scriptable network authentication cracker (formerly
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
More than 100 security checks for your Node.js API
A Linux packet crafting tool.
Man in the Middle SOCKS Proxy for JAVA
SSH man-in-the-middle tool
An engine to make Tor network your default gateway
Great packages that use Scapy
In-depth Attack Surface Mapping and Asset Discovery
Secure multithreaded packet sniffer
Discover internet-wide misconfigurations while drinking coffee
🤖 The Modern Port Scanner 🤖
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
A tool to analyze multi-byte xor cipher
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
A list of interesting payloads, tips and tricks for bug bounty hunters.
Bug bounty - Earn Some Money
Collection of the cheat sheets useful for pentesting
🎬 A curated list of movies every hacker & cyberpunk must watch.
Empire is a PowerShell and Python post-exploitation agent.
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
PowerSploit - A PowerShell Post-Exploitation Framework
Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)