A curated list of my GitHub stars! Generated by juev/starred
- Ada
- Adblock Filter List
- Assembly
- Astro
- Autoit
- Batchfile
- Bitbake
- Blitzbasic
- C
- C#
- C++
- CSS
- Cmake
- Coffeescript
- Crystal
- Dart
- Dockerfile
- Earthly
- Elm
- Go
- HTML
- Haskell
- Hcl
- Holyc
- Java
- JavaScript
- Jinja
- Jupyter Notebook
- Just
- Kotlin
- LUA
- Llvm
- Makefile
- Markdown
- Mathematica
- Mdx
- Meson
- Nim
- Nix
- Nsis
- Objective-C
- Others
- PHP
- Pascal
- Perl
- PowerShell
- Purescript
- Python
- Roff
- Ruby
- Rust
- SCSS
- Scala
- Scheme
- Shell
- Starlark
- Svelte
- Swift
- Tcl
- TeX
- TypeScript
- VBScript
- Vala
- Vim Script
- Vue
- Xslt
- Yacc
- Yaml
- Yara
- Zig
- AJ-Ianozi/getada – An unofficial installer for Alire
- alire-project/alire – Command-line tool from the Alire project and supporting library
- SystemJargon/nrd-lists – Aggregation of Newly Registered Domains (NRD) in adblock and hosts format
- BLAKE3-team/BLAKE3 – the official Rust and C implementations of the BLAKE3 cryptographic hash function
- Francesco149/nolibc-httpd – 1kb single-page http server, static binary for linux x86_64
- xiph/rav1e – The fastest and safest AV1 encoder.
- ccbikai/loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo.ong – Make your URL looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooonger
- rcmaehl/WhyNotWin11 – Detection Script to help identify why your PC is not Windows 11 Release Ready. Now Supporting Update Checks!
- Atlas-OS/Atlas – 🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
- K3V1991/ADB-and-FastbootPlusPlus – A small Application for Windows that allows you to install the latest Version of ADB and Fastboot Files on the Computer without installing the entire Android SDK Package + Toolkit & Commands
- TheBobPony/MSEdgeTweaker – Easily configure Microsoft Edge, the way you want it!
- WindowsAddict/IDM-Activation-Script – An open source tool to activate and reset trial of Internet Download Manager
- blibdoolpoolp/Cloudflared-RDP-Tutorial-Free – This tutorial offers a comprehensive guide on setting up secure Remote Desktop (RDP) & SSH connections using Cloudflare's Cloudflared service. This tutorial aims to provide users with a method to access their desktops remotely without compromising security, leveraging Cloudflare's tunneling technology to create a safe, encrypted connection path.
- depler/curl-impersonate-win – A special build of curl for Windows that can impersonate Chrome and Safari
- massgravel/Microsoft-Activation-Scripts – A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
- mmgordon82/BurpSuiteInstaller – Install and Crack your Burp Suite Professional Latest (Updated Weekly).
- userdocs/iperf3-static – A static build of iperf3 to do network testing on remote servers.
- voletro/wsa-toolbox – A Windows 11 application to easily install and use the Windows Subsystem For Android™ package on your computer.
- YoeDistro/yoe-distro – Embedded Linux distribution optimized for product development (based on OE/Yocto)
- eslam3kl/SQLiDetector – Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
- AFLplusplus/AFLplusplus – The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
- AppImage/appimagetool – A low-level tool to generate an AppImage from an existing AppDir
- CZ-NIC/knot-resolver – Knot Resolver - resolve DNS names like it's 2024
- CZ-NIC/shotgun – DNS Shotgun: high-performance realistic DNS benchmarking tool. This is a mirrored repository.
- DNS-OARC/dnsperf – DNS Performance Testing Tools
- DimaKoz/meat-grinder – A native root checker for Android devices and sample app
- DosX-dev/obfus.h – Macro-header for compile-time C obfuscation (tcc, win x86/x64)
- Dr-Noob/cpufetch – Simple yet fancy CPU architecture fetching tool
- Genymobile/scrcpy – Display and control your Android device
- Im-0xea/binfetch – A Neofetch inspired binary analyzer
- ImageMagick/ImageMagick – 🧙♂️ ImageMagick 7
- JonathonReinhart/staticx – Create static executable from dynamic executable
- JuliaPoo/Artfuscator – A C compiler targeting an artistically pleasing nightmare for reverse engineers
- Kitware/CMake – Mirror of CMake upstream repository
- LaKabane/libtuntap – The portable Tun/Tap devices configuration utility
- LekKit/RVVM – The RISC-V Virtual Machine
- MaJerle/lwdtc – Lightweight date, time & cron utilities for embedded systems
- Moe-hacker/ruri – Lightweight, User-friendly Linux-container Implementation.
- MrGlockenspiel/activate-linux – The "Activate Windows" watermark ported to Linux
- Netflix/bpftop – bpftop provides a dynamic real-time view of running eBPF programs. It displays the average runtime, events per second, and estimated total CPU % for each program.
- NixOS/patchelf – A small utility to modify the dynamic linker and RPATH of ELF executables
- OpenRC/openrc – The OpenRC init system
- PangBaiWork/Dowork – Run GNU/Linux on Android (all in one)
- Projeto-Pindorama/heirloom-ng – A collection of standard Unix utilities that is intended to provide maximum compatibility with traditional Unix while incorporating additional features necessary today.
- RsyncProject/rsync – An open source utility that provides fast incremental file transfer. It also has useful features for backup and restore operations among many other use cases.
- RubyMetric/chsrc – chsrc 全平台通用换源工具. Change Source for every software on every platform from the command line.
- SELinuxProject/selinux – This is the upstream repository for the Security Enhanced Linux (SELinux) userland libraries and tools. The software provided by this project complements the SELinux features integrated into the Linux kernel and is used by Linux distributions. All bugs and patches should be submitted to selinux@vger.kernel.org
- Sweets/hummingbird – Hummingbird init system for Linux based operating systems.
- Syllo/nvtop – GPU & Accelerator process monitoring for AMD, Apple, Huawei, Intel, NVIDIA and Qualcomm
- Sysinternals/ProcDump-for-Linux – A Linux version of the ProcDump Sysinternals tool
- Sysinternals/SysinternalsEBPF – The Linux port of the Sysinternals Sysmon tool.
- Tarsnap/spiped – Spiped is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
- Thomas-Tsai/partclone – Partclone provides utilities to backup a partition smartly and it is designed for higher compatibility of the file system by using existing library.
- ThomasDickey/ncurses-snapshots – snapshots of ncurses - see https://invisible-island.net/personal/git-exports.html (no pull requests are accepted)
- TryQuiet/quiet – A private, p2p alternative to Slack and Discord built on Tor & IPFS
- VHSgunzo/ptyspawn – Tool for executing a command in a new PTY (pseudo-terminal) with new PGID and SID
- ValdikSS/GoodbyeDPI – GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)
- Xfennec/progress – Linux tool to show progress for cp, mv, dd, ... (formerly known as cv)
- ZerBea/hcxtools – A small set of tools to convert packets from capture files to hash files for use with Hashcat or John the Ripper.
- a1ive/nwinfo – Hardware information utility for Windows
- akopytov/sysbench – Scriptable database and system performance benchmark
- allinurl/goaccess – GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
- apache/guacamole-server – Mirror of Apache Guacamole Server
- arsv/minibase – small static userspace tools for Linux
- axboe/fio – Flexible I/O Tester
- axel-download-accelerator/axel – Lightweight CLI download accelerator
- beordle/termtunnel – Cross-platform terminal tunnel tool
- blechschmidt/freebind – IPv6 address rate limiting evasion tool (that also supports IPv4)
- blechschmidt/massdns – A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
- cbsd/cbsd – Yet one more wrapper around jail, bhyve, QEMU and XEN
- checkpoint-restore/criu – Checkpoint/Restore tool
- chimera-linux/chimerautils – Chimera's core userland, based on FreeBSD
- chobits/tapip – user-mode TCP/IP stack based on linux tap device
- chocolateimage/fontviewer – View and install fonts on a Linux system
- cilium/pwru – Packet, where are you? -- eBPF-based Linux kernel networking debugger
- cjdelisle/cjdns – An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
- clibs/clib – Package manager for the C programming language.
- cloudius-systems/osv – OSv, a new operating system for the cloud.
- collectd/collectd – The system statistics collection daemon. Please send Pull Requests here!
- containers/bubblewrap – Low-level unprivileged sandboxing tool used by Flatpak and similar projects
- containers/fuse-overlayfs – FUSE implementation for overlayfs
- cooperative-computing-lab/cctools – The Cooperative Computing Tools (cctools) enable large scale distributed computations to harness hundreds to thousands of machines from clusters, clouds, and grids.
- coreutils/coreutils – upstream mirror
- corsix/polyfill-glibc – Patch Linux executables for compatibility with older glibc
- cr-0w/maldev –
⚠️ malware development - curl/curl – A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features
- curl/trurl – trurl is a command line tool for URL parsing and manipulation.
- dankamongmen/notcurses – blingful character graphics/TUI library. definitely not curses.
- davidly/rvos – Loads and runs Linux RISC-V .elf files on Linux, MacOS, and Windows.
- deadpixi/mtm – Perhaps the smallest useful terminal multiplexer in the world.
- deislabs/mystikos – Tools and runtime for launching unmodified container images in Trusted Execution Environments
- diazona/pwait – Small utility to wait for a process to finish
- dimkr/loksh – A Linux port of OpenBSD's ksh
- dixyes/phpmicro – micro sfx SAPI for php (wip, may force push)
- edubart/bwrapbox – Linux sandboxing utility on top of bubblewrap
- eeriedusk/nysm – nysm is a stealth post-exploitation container.
- emikulic/darkhttpd – When you need a web server in a hurry.
- eradman/entr – Run arbitrary commands when files change
- esnet/iperf – iperf3: A TCP, UDP, and SCTP network bandwidth measurement tool
- facebook/zstd – Zstandard - Fast real-time compression algorithm
- fairyglade/ly – display manager with console UI
- fastfetch-cli/fastfetch – Like neofetch, but much faster because written mostly in C.
- fgkeepalive/AndroidKeepAlive – android 保活,禁止卸载,防卸载,2024年最新 Android 高可用黑科技应用保活,实现终极目标,最高适配Android 14 小米 华为 Oppo vivo 等最新机型 拒绝强杀 开机自启动
- floooh/sokol – minimal cross-platform standalone C headers
- fluent/fluent-bit – Fast and Lightweight Logs and Metrics processor for Linux, BSD, OSX and Windows
- git/git – Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
- gjedeer/tuntox – Tunnel TCP connections over the Tox protocol
- gluster/glusterfs – Gluster Filesystem : Build your distributed storage in minutes
- gnif/LookingGlass – An extremely low latency KVMFR (KVM FrameRelay) implementation for guests with VGA PCI Passthrough.
- gojue/ecapture – Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
- google/neper – neper is a Linux networking performance tool.
- gyf304/dotenv – Standalone, language agnostic dotenv
- haampie/libtree – ldd as a tree
- hackerschoice/dsniff
- hackerschoice/gsocket – Connect like there is no firewall. Securely.
- hackerschoice/ttyinject – Get root via TTY / TIOCSTI stuffing
- hackerschoice/zapper – Zaps arguments and environment from the process list
- haiwen/seafile – High performance file syncing and sharing, with also Markdown WYSIWYG editing, Wiki, file label and other knowledge management features.
- hardinfo2/hardinfo2 – System Information and Benchmark for Linux Systems
- hasherezade/hollows_hunter – Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
- heiher/hev-socks5-tunnel – A high-performance tun2socks for Linux/Android/FreeBSD/macOS/iOS/WSL2 (IPv4/IPv6/TCP/UDP)
- heiher/natmap – TCP/UDP port mapping for full cone NAT
- henrypp/errorlookup – Simple tool for retrieving information about Windows errors codes.
- henrypp/simplewall – Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
- herrhotzenplotz/gcli – Portable Git(hub|lab|tea) CLI tool
- hifiberry/hifiberry-os – Linux distribution optimized for audio playback
- hmgle/graftcp – A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
- hpjansson/chafa – 📺🗿 Terminal graphics for the 21st century.
- hroptatyr/dateutils – nifty command line date and time utilities; fast date calculations and conversion in the shell
- htop-dev/htop – htop - an interactive process viewer
- ibara/oksh – Portable OpenBSD ksh, based on the Public Domain Korn Shell (pdksh).
- idealeer/xmap – XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.
- inspektor-gadget/inspektor-gadget – The eBPF tool and systems inspection framework for Kubernetes, containers and Linux hosts.
- iovisor/bcc – BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
- iproute2/iproute2 – Iproute2 Source Code Mirror - This is a publish-only repository. Please follow README.devel procedure for any changes.
- iputils/iputils – The iputils package is set of small old utilities for Linux networking.
- irssi/irssi – The client of the future
- ish-app/ish – Linux shell for iOS
- jamesyoungman/findutils – GNU findutils - periodically synced from git.savannah.gnu.org
- jart/blink – tiniest x86-64-linux emulator
- jart/cosmopolitan – build-once run-anywhere c library
- jarun/bcal – 🔢 Bits, bytes and address calculator
- jarun/nnn – n³ The unorthodox terminal file manager
- jedisct1/minisign – A dead simple tool to sign files and verify digital signatures.
- jerome-pouiller/reredirect – Tool to dynamicly redirect outputs of a running process
- jo-lund/jomon – A network forensics and sniffer tool
- jqlang/jq – Command-line JSON processor
- jsummers/deark – A utility for file format and metadata analysis, data extraction, decompression, and image format decoding
- kilobyte/colorized-logs – tools for logs with ANSI color
- krallin/tini – A tiny but valid
init
for containers - kubo/injector – Library for injecting a shared library into a Linux or Windows process
- landley/toybox – toybox
- leahneukirchen/nq – Unix command line queue utility
- leleliu008/C-examples – C语言学习项目
- leleliu008/ndk-pkg – A package builder/manager for Android NDK to build projects written in C, C++, Rust, Golang, etc.
- leleliu008/uppm – Universal Prebuild Package Manager for Unix-like systems.
- lem0nSec/ShellGhost – A memory-based evasion technique which makes shellcode invisible from process start to end.
- leo-arch/clifm – The shell-like, command line terminal file manager: simple, fast, extensible, and lightweight as hell.
- libfuse/sshfs – A network filesystem client to connect to SSH servers
- libressl/portable – LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to tech@openbsd.org are welcome.
- libyal/libevt – Library and tools to access the Windows Event Log (EVT) format
- libyal/libqcow – Library and tools to access the QEMU Copy-On-Write (QCOW) image format
- libyal/libvmdk – Library and tools to access the VMware Virtual Disk (VMDK) format
- lifenjoiner/wget-for-windows – Small. New features: Windows native support for https, ftps, ntlm, metalink and IDN, instead of OpenSSL, GNU hashes and libidn dependencies; New URL transcoding model; And the smallest ever file size ~500K. 小!新特性:不依赖 OpenSSL, GNU hashes 和 libidn 的, Windows 原生支持的 https, ftps, ntlm, metalink 和 IDN;新 URL 转码模型;目前最小编译 ~500K.
- linux-audit/audit-userspace – Linux audit userspace repository
- linux-nvme/nvme-cli – NVMe management command line interface.
- logrotate/logrotate – The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files.
- lxc/lxc – LXC - Linux Containers
- lzhiyong/termux-ndk – android-ndk for termux
- madeye/proxydroid – Global Proxy for Android
- madler/pigz – A parallel implementation of gzip for modern multi-processor, multi-core machines.
- malxau/yori – Yori is a CMD replacement shell that supports backquotes, job control, and improves tab completion, file matching, aliases, command history, and more.
- managarm/mlibc – Portable C standard library
- markfasheh/duperemove – Tools for deduping file systems
- maroofi/bulkDNS – buldDNS: A DNS scanner for large-scale measurement
- maroofi/libctld – Top Level Domain parser based on Public Suffix List (PSL)
- martijnvanbrummelen/nwipe – nwipe secure disk eraser
- mcmilk/7-Zip-zstd – 7-Zip with support for Brotli, Fast-LZMA2, Lizard, LZ4, LZ5 and Zstandard
- michaelforney/samurai – ninja-compatible build tool written in C
- michaelforney/sbase – Portable UNIX tools (personal repository)
- micropython/micropython – MicroPython - a lean and efficient Python implementation for microcontrollers and constrained systems
- microsoft/DirectX-Headers – Official DirectX headers available under an open source license
- microsoft/mimalloc – mimalloc is a compact general purpose allocator with excellent performance.
- microsoft/ntttcp
- mirror/busybox – BusyBox mirror
- mkj/dropbear – Dropbear SSH
- mlcsec/proctools – Small toolkit for extracting information and dumping sensitive strings from Windows processes
- nanovms/nanos – A kernel designed to run one and only one application in a virtualized environment
- natanael-b/make-portable – The easiest way to make a glibc executable portable on Linux
- nelhage/reptyr – Reparent a running program to a new terminal
- nemuTUI/nemu – Ncurses UI for QEMU
- netblue30/firejail – Linux namespaces and seccomp-bpf sandbox
- neutrinolabs/xrdp – xrdp: an open source RDP server
- nil0x42/duplicut – Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
- nmap/npcap – Nmap Project's Windows packet capture and transmission library
- obsproject/obs-studio – OBS Studio - Free and open source software for live streaming and screen recording
- openSUSE/catatonit – A container init that is so simple it's effectively brain-dead.
- openenclave/openenclave – SDK for developing enclaves
- orhun/zps – A small utility for listing and reaping zombie processes on GNU/Linux.
- ostreedev/ostree – Operating system and container binary deployment and upgrades
- p-gen/smenu – smenu started as a lightweight and flexible terminal menu generator, but quickly evolved into a powerful and versatile CLI selection tool for interactive or scripting use.
- pbatard/rufus – The Reliable USB Formatting Utility
- pengutronix/genimage – tool to generate multiple filesystem and flash images from a tree
- pixelomer/bin2video – Tool for encoding files as videos
- pkgconf/pkgconf – package compiler and linker metadata toolkit
- pmacct/pmacct – pmacct is a small set of multi-purpose passive network monitoring tools [NetFlow IPFIX sFlow libpcap BGP BMP RPKI IGP Streaming Telemetry].
- proh14/canoutils – coreutils but cano! public domain 💖
- proot-me/proot – chroot, mount --bind, and binfmt_misc without privilege/setup for Linux
- ptitSeb/box64 – Box64 - Linux Userspace x86_64 Emulator with a twist, targeted at ARM64 Linux devices
- ptitSeb/box86 – Box86 - Linux Userspace x86 Emulator with a twist, targeted at ARM Linux devices
- pwnwriter/brainfuck – //: A simple brainfuck compiler for x86_64-linux in c.
- pwnwriter/ewm – 🌷 An elegant window manager, that just floats perfectly.
- pymumu/smartdns – A local DNS server to obtain the fastest website IP for the best Internet experience, support DoT, DoH. 一个本地DNS服务器,获取最快的网站IP,获得最佳上网体验,支持DoH,DoT。
- qemu/qemu – Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.
- rahra/onioncat – Official repository of OnionCat, the VPN adapter for Tor and I2P.
- resurrecting-open-source-projects/scrot – SCReenshOT - command line screen capture utility
- rfjakob/earlyoom – earlyoom - Early OOM Daemon for Linux
- riscv-collab/riscv-gnu-toolchain – GNU toolchain for RISC-V, including GCC
- riwux/rcore – Simple & compliant implementation of common UNIX userspace utilities
- rmyorston/busybox-w32 – WIN32 native port of BusyBox.
- rmyorston/pdpmake – Public domain POSIX make
- robertdavidgraham/masscan – TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
- rootless-containers/slirp4netns – User-mode networking for unprivileged network namespaces
- rphang/evilBPF – Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
- rsms/llvmbox – Self contained, fully static llvm tools & libs
- sahib/rmlint – Extremely fast tool to remove duplicates and other lint from your filesystem
- sahlberg/libnfs – NFS client library
- samyk/pwnat – The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind separate NATs without any 3rd party involvement. Pwnat is a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, DNS, router admin requirements, STUN/TURN/UPnP/ICE, or spoofing.
- sandboxie-plus/Sandboxie – Sandboxie Plus & Classic
- saprykin/plibsys – Highly portable C system library: threads and synchronization primitives, sockets (TCP, UDP, SCTP), IPv4 and IPv6, IPC, hash functions (MD5, SHA-1, SHA-2, SHA-3, GOST), binary trees (RB, AVL) and more. Native code performance.
- sbabic/swupdate – Software Update for Embedded Systems
- sfan5/fi6s – IPv6 network scanner designed to be fast
- sholtrop/ldpfuse – C library for developing file systems in userspace that leverage LD_PRELOAD.
- skarnet/execline – The execline scripting language
- skarnet/nsss – A small, statically linkable NSS-like implementation of getpwnam() et al. user database access
- skarnet/s6 – The s6 supervision suite.
- skeeto/w64devkit – Portable C and C++ Development Kit for x64 (and x86) Windows
- skywind3000/kcp – ⚡ KCP - A Fast and Reliable ARQ Protocol
- slicer69/doas – A port of OpenBSD's doas which runs on FreeBSD, Linux, NetBSD, and illumos
- strace/strace – strace is a diagnostic, debugging and instructional userspace utility for Linux
- sudo-project/sudo – Utility to execute a command as another user
- sumatrapdfreader/sumatrapdf – SumatraPDF reader
- syslog-ng/syslog-ng – syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL & NoSQL.
- sysprog21/semu – A minimalist RISC-V system emulator capable of running Linux kernel
- sysstat/sysstat – Performance monitoring tools for Linux
- tenox7/ttyplot – a realtime plotting utility for terminal/console with data input from stdin
- termux/proot – An chroot-like implementation using ptrace.
- termux/termux-x11 – Termux X11 add-on application.
- the-tcpdump-group/libpcap – the LIBpcap interface to various kernel packet capture mechanism
- tio/tio – A serial device I/O tool
- tmate-io/tmate – Instant Terminal Sharing
- tmux/tmux – tmux source code
- torvalds/linux – Linux kernel source tree
- traviscross/mtr – Official repository for mtr, a network diagnostic tool
- troglobit/finit – Fast init for Linux. Cookies included
- troglobit/watchdogd – Advanced system monitor & process supervisor for Linux
- tsl0922/ttyd – Share your terminal over the web
- txthinking/joker – Joker can turn process into daemon. Zero-Configuration
- unicorn-engine/unicorn – Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
- unikraft/unikraft – A next-generation cloud native kernel designed to unlock best-in-class performance, security primitives and efficiency savings.
- util-linux/util-linux
- valinet/ExplorerPatcher – This project aims to enhance the working environment on Windows
- vanhauser-thc/thc-ipv6 – IPv6 attack toolkit
- ventoy/Ventoy – A new bootable USB solution.
- visit1985/mdp – A command-line based markdown presentation tool.
- void-linux/xbps – The X Binary Package System (XBPS)
- voltagex-forks/proxydroid – Global Proxy for Android
- vvb2060/curl-android – curl tool and libcurl static library prefab for android
- whdd/whdd – HDD diagnostic and data recovery tool for Linux
- winfsp/sshfs-win – SSHFS For Windows
- winsiderss/systeminformer – A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals.com
- wishihab/Android-RATList – Android - Remote Access Trojan List
- wolfSSL/wolfCLU – The wolfSSL Command Line Utility wolfCLU
- wolfSSL/wolfssl – The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!
- wolfi-dev/os – Main package repository for production Wolfi images
- xplshn/m_ascii85 – The better Ascii85 implementation.
- xscorp/jsmug – A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
- yrutschle/sslh – Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
- zerotier/DesktopUI – ZeroTier Desktop Tray Application and UI
- zfl9/ipt2socks – 将 iptables/nftables 传入的透明代理流量转为 socks5 流量的实用工具
- zlib-ng/zlib-ng – zlib replacement with optimizations for "next generation" systems.
- zmap/zmap – ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
- 0x7c13/Notepads – A modern, lightweight text editor with a minimalist design.
- 1Remote/1Remote – One Remote Access Manager to Rule Them All
- 2dust/v2rayN – A GUI client for Windows, support Xray core and v2fly core and others
- 8LWXpg/PowerToysRun-GitHubRepo – PowerToys Run Plugin to search and open GitHub repositories
- 99natmar99/Windows-11-Fixer – A tool to "Fix" Windows 11
- Bluegrams/Vividl – Modern Windows GUI for youtube-dl/ yt-dlp
- BornToBeRoot/NETworkManager – A powerful tool for managing networks and troubleshoot network problems!
- DevToys-app/DevToys – A Swiss Army knife for developers.
- DigitalRuby/IPBan – Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓
- GoogleCloudPlatform/iap-desktop – IAP Desktop is a Windows application that provides zero-trust Remote Desktop and SSH access to Linux and Windows VMs on Google Cloud.
- Klocman/Bulk-Crap-Uninstaller – Remove large amounts of unwanted applications quickly.
- PowerShell/PSReadLine – A bash inspired readline implementation for PowerShell
- PowerShell/PowerShell – PowerShell for every system!
- ShareX/ShareX – ShareX is a free and open source program that lets you capture or record any area of your screen and share it with a single press of a key. It also allows uploading images, text or other types of files to many supported destinations you can choose from.
- SubtitleEdit/subtitleedit – the subtitle editor :)
- actions/runner – The Runner for GitHub Actions 🚀
- activescott/lessmsi – A tool to view and extract the contents of an Windows Installer (.msi) file.
- aristosMiliaressis/pwnctl – a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws infrastructure.
- bitwarden/server – Bitwarden infrastructure/backend (API, database, Docker, etc).
- builtbybel/Appcopier – Back up key things on your Windows PC, perform a reset or simply go back in time.
- builtbybel/ThisIsWin11 – The real PowerToys for Windows 11
- dantmnf/WSLAttachSwitch – Attach the WSL2 virtual machine to a Hyper-V virtual switch.
- dnGrep/dnGrep – Graphical GREP tool for Windows
- dotnettools/SharpGrabber – Download from YouTube, Vimeo, HLS (M3U8 files) and more with .NET and JavaScript - Library and desktop app for downloading high quality media
- fiddyschmitt/File-Tunnel – Tunnel TCP connections through a file
- fiddyschmitt/SimpleKVM – Use multiple computers using one set of monitors, mouse and keyboard
- gerardog/gsudo – Sudo for Windows
- github/gh-actions-importer – GitHub Actions Importer helps you plan and automate the migration of Azure DevOps, Bamboo, Bitbucket, CircleCI, GitLab, Jenkins, and Travis CI pipelines to GitHub Actions.
- immense/Remotely – A remote control and remote scripting solution, built with .NET 8, Blazor, and SignalR.
- jackBonadies/SeekerAndroid – Android client for the Soulseek peer-to-peer network
- mRemoteNG/mRemoteNG – mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager.
- marticliment/WingetUI – WingetUI: The Graphical Interface for your package managers. Could be terribly described as a package manager manager to manage your package managers
- microsoft/PowerToys – Windows system utilities to maximize productivity
- mikeroyal/Windows-11-Guide – Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.
- miroslavpejic85/p2p – 🖥️ P2P Remote Desktop - Portable, No Configuration or Installation Needed.
- nomi-san/parsec-vdd – ✨ Perfect 4K@240Hz Virtual Display
- peass-ng/PEASS-ng – PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
- reconness/reconness – ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
- redcode-labs/easyWSL – Create WSL distros based on Docker Images.
- snltty/p2p-tunnel – .NET7 Socket NAT transfer,UDP,TCP punch hole,tcp forward,udp forward,http1.1 proxy,socks5 proxy,networking
- warp-plus-cloudflare/gui – Windows GUI app for getting unlimited GB on Warp+ https://1.1.1.1
- xM4ddy/OFGB – GUI Tool To Removes Ads From Various Places Around Windows 11
- xforcered/SQLRecon – A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
- 0vercl0k/rp – rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
- Alkl58/RcloneBrowser – Simple cross platform GUI for rclone. Supports macOS, GNU/Linux, BSD family and Windows.
- Aryanstha/NetTool – Simple NetTool with CPP to make a report on simple networking command like ping, tracert, nslookup
- Blub/netevent – Input-Event device cloning utility. Use it together with ssh/netcat/... to share input devices among different machines.
- FEX-Emu/FEX – A fast usermode x86 and x86-64 emulator for Arm64 Linux
- GJDuck/e9patch – A powerful static binary rewriting tool
- Genivia/ugrep – NEW ugrep 6.1: a more powerful, ultra fast, user-friendly, compatible grep. Includes a TUI, Google-like Boolean search with AND/OR/NOT, fuzzy search, hexdumps, searches (nested) archives (zip, 7z, tar, pax, cpio), compressed files (gz, Z, bz2, lzma, xz, lz4, zstd, brotli), pdfs, docs, and more
- GustavLindberg99/AndroidDrive – A program that allows mounting Android smartphones as drives on Windows
- Haruno19/starfetch – command line tool that displays constellations
- KDAB/hotspot – The Linux perf GUI for performance analysis.
- KangLin/RabbitRemoteControl – Remote control. Support VNC, RDP, Terminal, SSH, TELNET etc
- M2Team/NanaZip – The 7-Zip derivative intended for the modern Windows experience
- MatsuriDayo/nekoray – Qt based cross-platform GUI proxy configuration manager (backend: sing-box)
- MisterTea/EternalTerminal – Re-Connectable secure remote shell
- NVISOsecurity/blogposts – A repo to house files for our blogposts on blog.nviso.eu
- NVISOsecurity/disable-flutter-tls-verification – A Frida script that disables Flutter's TLS verification
- SerenityOS/serenity – The Serenity Operating System 🐞
- WebAssembly/wabt – The WebAssembly Binary Toolkit
- WerWolv/ImHex – 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
- ac3ss0r/obfusheader.h – Obfusheader.h is a portable header file for C++14 compile-time obfuscation.
- acaudwell/Gource – software version control visualization
- aimardcr/APKKiller – Bypass APK Signatures Verify & Integrity Check using Reflection
- amnezia-vpn/amnezia-client – Amnezia VPN Client (Desktop+Mobile)
- aria2/aria2 – aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
- aristocratos/btop – A monitor of resources
- ashvardanian/StringZilla – Up to 10x faster strings for C, C++, Python, Rust, and Swift, leveraging SWAR and SIMD on Arm Neon and x86 AVX2 & AVX-512-capable chips to accelerate search, sort, edit distances, alignment scores, etc 🦖
- canonical/multipass – Multipass orchestrates virtual Ubuntu instances
- cnbatch/kcptube – 同时支持传送TCP与UDP的KCP通道,附带端口跳跃的功能,以及FEC,自带中继服务器支持
- cnbatch/udphop – 专用于UDP的端口跳跃工具。A tool of UDP's Port Hopping
- cppla/ServerStatus – 云探针、多服务器探针、云监控、多服务器云监控,演示: https://tz.cloudcpp.com/
- cramppet/dank – a deterministic finite automata ranker
- dannagle/PacketSender – Network utility for sending / receiving TCP, UDP, SSL, HTTP
- davmac314/dinit – Service monitoring / "init" system
- directvt/vtm – Text-based desktop environment
- draios/sysdig – Linux system exploration and troubleshooting tool with first class support for containers
- f-koehler/KTailctl – A GUI to monitor and manage Tailscale on your Linux desktop.
- filecxx/FileCentipede – Cross-platform internet upload/download manager for HTTP(S), FTP(S), SSH, magnet-link, BitTorrent, m3u8, ed2k, and online videos. WebDAV client, FTP client, SSH client.
- flameshot-org/flameshot – Powerful yet simple to use screenshot software 🖥️ 📸
- godotengine/godot – Godot Engine – Multi-platform 2D and 3D game engine
- google/nsjail – A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
- google/re2 – RE2 is a fast, safe, thread-friendly alternative to backtracking regular expression engines like those used in PCRE, Perl, and Python. It is a C++ library.
- hasherezade/pe-sieve – Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
- hluk/CopyQ – Clipboard manager with advanced features
- husarnet/husarnet – Husarnet is a Peer-to-Peer VPN to connect your laptops, servers and microcontrollers over the Internet with zero configuration.
- ip7z/7zip – 7-Zip
- johang/btfs – A bittorrent filesystem based on FUSE.
- jstkdng/ueberzugpp – Drop in replacement for ueberzug written in C++
- kdrag0n/safetynet-fix – Google SafetyNet attestation workarounds for Magisk
- ksnip/ksnip – ksnip the cross-platform screenshot and annotation tool
- lief-project/LIEF – LIEF - Library to Instrument Executable Formats
- lix-project/lix – [MIRROR, PRs ok! Issues: https://git.lix.systems/lix-project/lix/issues] A modern, delicious implementation of the Nix package manager, focused on correctness, usability, and growth — and committed to doing right by its community
- mamba-org/mamba – The Fast Cross-Platform Package Manager
- mhx/dwarfs – A fast high compression read-only file system for Linux, Windows and macOS
- microsoft/ctsTraffic – ctsTraffic is a highly scalable client/server networking tool giving detailed performance and reliability analytics
- microsoft/terminal – The new Windows Terminal and the original Windows console host, all in the same place!
- microsoft/wslg – Enabling the Windows Subsystem for Linux to include support for Wayland and X server related scenarios
- mobile-shell/mosh – Mobile Shell
- moudey/Shell – Powerful context menu manager for Windows File Explorer
- musescore/MuseScore – MuseScore is an open source and free music notation software. For support, contribution, bug reports, visit MuseScore.org. Fork and make pull requests!
- oasislinux/toolchain – a static toolchain targeting x86_64-linux-musl
- oguzhaninan/Stacer – Linux System Optimizer and Monitoring - https://oguzhaninan.github.io/Stacer-Web
- open-obfuscator/o-mvll –
O-MVLL is a LLVM-based obfuscator for native code (Android & iOS)
- owasp-modsecurity/ModSecurity – ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
- qbittorrent/qBittorrent – qBittorrent BitTorrent client
- raboof/nethogs – Linux 'net top' tool
- rui314/mold – Mold: A Modern Linker 🦠
- s3fs-fuse/s3fs-fuse – FUSE-based file system backed by Amazon S3
- sc0ty/subsync – Subtitle Speech Synchronizer
- setvisible/ArrowDL – ArrowDL (Arrow Downloader) is a download manager for Windows, MacOS and Linux
- stealth/crash – crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX
- stealth/fraud-bridge – ICMP and DNS tunneling via IPv4 and IPv6
- stealth/psc – E2E encryption for multi-hop tty sessions or portshells + TCP/UDP port forward
- suoyuan666/ReleaseButler – 📣📣 package manager on GitHub 📣📣
- tacesrever/easy-frida – a simple tool for easyily dev/debug using frida and write module for agent. (mainly used for android)
- telegramdesktop/tdesktop – Telegram Desktop messaging app
- tnodir/fort – Fort Firewall for Windows
- topjohnwu/Magisk – The Magic Mask for Android
- torrent-file-editor/torrent-file-editor – Qt based GUI tool designed to create and edit .torrent files
- trapexit/mergerfs – a featureful union filesystem
- tstack/lnav – Log file navigator
- upx/upx – UPX - the Ultimate Packer for eXecutables
- wangyu-/UDPspeeder – A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction, possible for All Traffics(TCP/UDP/ICMP)
- wangyu-/tinyfecVPN – A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
- wangyu-/udp2raw – A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
- wevsty/RDPBlocker – Block unauthorized users from login in via RDP service.
- worawit/blutter – Flutter Mobile Application Reverse Engineering Tool
- xbmc/xbmc – Kodi is an award-winning free and open source home theater/media center software and entertainment hub for digital media. With its beautiful interface and powerful skinning engine, it's available for Android, BSD, Linux, macOS, iOS, tvOS and Windows.
- zerotier/ZeroTierOne – A Smart Ethernet Switch for Earth
- 833M0L3/test
- devicons/devicon – Set of icons representing programming languages, designing & development tools
- hash3liZer/Subrake – 🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
- msys2/msys2.github.io – The MSYS2 homepage
- pwnwriter/pwnotes – 🔖 my random notes
- ryanoasis/nerd-fonts – Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more
- scientiac/scientiac.github.io – syntropy::scientiac.space
- tailscale-dev/tclip – A pastebin for Tailscale users
- lzhiyong/android-sdk-tools – building android-sdk tools for Android
- microsoft/vcpkg – C++ Library Manager for Windows, Linux, and MacOS
- nmeum/android-tools – Unoffical CMake-based build system for android command line utilities
- suziwen/ZeroOmega – Manage and switch between multiple proxies quickly & easily.
- busyloop/envcat – Shell Environment Swiss Army Knife
- crystal-lang/crystal – The Crystal Programming Language
- owasp-noir/noir – Attack surface detector that identifies endpoints by static analysis
- AppFlowy-IO/AppFlowy – Bring projects, wikis, and teams together with AI. AppFlowy is an AI collaborative workspace where you achieve more without losing control of your data. The best open source alternative to Notion.
- GopeedLab/gopeed – A modern download manager that supports all platforms. Built with Golang and Flutter.
- ImranR98/Obtainium – Get Android app updates straight from the source.
- KRTirtho/spotube – 🎧 Open source Spotify client that doesn't require Premium nor uses Electron! Available for both desktop & mobile!
- Livinglist/Hacki – A feature-rich Hacker News client.
- Mosc/Glider – Glider is an opinionated Hacker News client. Ad-free, open-source, no-nonsense.
- ReVanced/revanced-manager – 💊 Application to use ReVanced on Android
- atsign-foundation/noports – Connect to any device with no external listening ports open
- bluefireteam/audioplayers – A Flutter package to play multiple audio files simultaneously (Android/iOS/web/Linux/Windows/macOS)
- bostrot/wsl2-distro-manager – A GUI to quickly manage your WSL2 instances
- dstark5/Openlib – An Open source app to download and read books from shadow library (Anna’s Archive)
- eventlOwOp/zerotier-magisk – ZeroTier for magisk ✅ App controller ✅
- gokadzev/Musify – Unlock the full potential of music: Stream effortlessly with one app!
- harmonoid/harmonoid – 🎵 Plays & manages your music library. Looks beautiful & juicy. Playlists, visuals, synced lyrics, pitch shift, volume boost & more.
- jiangtian616/JHenTai – A cross-platform manga app made for e-hentai & exhentai by Flutter
- kodjodevf/mangayomi – Free and open source application for reading manga and watching anime available on Android, iOS, macOS, Linux and Windows
- localsend/localsend – An open-source cross-platform alternative to AirDrop
- lollipopkit/flutter_server_box – ServerBox - server status & toolbox app using Flutter
- marchellodev/sharik – Sharik is an open-source, cross-platform solution for sharing files via Wi-Fi or Mobile Hotspot
- miru-project/miru-app – 🎉 A versatile application that is free, open-source, and supports extension sources for videos, comics, and novels, available on Android, Windows, and Web platforms.
- sun-jiao/flut-renamer – Flut Renamer - A bulk file renamer written in flutter (dart). Available on Linux, Windows, Android, iOS and macOS.
- 2moe/build-container
- DavidBurela/riscv-emulator-docker-image
- Hacking-the-Cloud/hackingthe.cloud – An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
- PasseiDireto/gh-runner – Self Hosted GitHub Actions Runner
- Privado-Inc/privado – Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
- R0GGER/public-iperf3-servers – A list of public iPerf3 servers...
- Rikorose/gcc-cmake – Docker container build on top off the official gcc image including cmake
- ThewBear/do-actions-runner – Self-hosted actions runner on DigitalOcean App Platform
- alexanderwolz/aosp-docker – Docker Build Container for Android Open Source Project (AOSP) v14+ providing needed environment and toolchain for building Android artifacts
- alvr/alpine-android – 🐋 Small docker image for building & testing Android applications.
- baby9/warp-cli-docker – Docker image to run Cloudflare Warp in proxy mode
- fornwall/rust-static-builder – Docker image to build statically linked Linux executables from Rust projects.
- ironpeakservices/iron-scratch – Secure base image for running Go (or any other static) applications.
- joaompinto/docker-build-python-static-bin – Docker image that allows to build static binaries for Python applications
- jz543fm/kali-dockerized – Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
- karellen/karellen-gha-runner – Karellen GitHub Action Server Docker Image
- kpcyrd/i-probably-didnt-backdoor-this – A practical experiment on supply-chain security using reproducible builds
- linuxserver/docker-webtop – Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.
- mikeroyal/Self-Hosting-Guide – Self-Hosting Guide. Learn all about locally hosting (on premises & private web servers) and managing software applications by yourself or your organization. Including Cloud, LLMs, WireGuard, Automation, Home Assistant, and Networking.
- mingchen/docker-android-build-box – An optimized docker image includes Android, Kotlin, Flutter sdk.
- p0dalirius/Awesome-RCE-techniques – Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
- patte/fly-tailscale-exit – Run a VPN with global exit nodes with fly.io, tailscale and github!
- perryflynn/static-binaries – Static builds of common software
- termux/termux-docker – Termux environment packaged as Docker image.
- thyrlian/AndroidSDK – 🐳 Full-fledged Android SDK Docker Image
- vaggeliskls/windows-github-custom-runner – A robust, cost-effective solution to deploy containerized custom GitHub Runners in a Windows OS environment on a Linux server. This project utilizes Vagrant VM, libvirt, and docker-compose, providing a seamless, plug-and-play approach that significantly enhances the CI/CD pipeline experience. No prior knowledge of VM creation required
- vimagick/dockerfiles – 🐳 A curated list of delicious docker recipes 🇺🇦🇮🇱 (Let's Fight Against ************)
- vulhub/vulhub – Pre-Built Vulnerable Environments Based on Docker-Compose
- wader/static-ffmpeg – Multi-arch docker image with ffmpeg/ffprobe binaries built as hardened static PIE binaries with no external dependencies
- yurymuski/curl-http3 – Curl docker image compiled with BoringSSL and quiche for HTTP3 support + httpstat
- zydou/GFW – Various tools to bypass the GFW.
- shepherdjerred/macos-cross-compiler – Compile binaries for macOS on Linux
- NixOS/nixos-search – Search NixOS packages and options
- icidasset/diffuse – A music player that connects to your cloud/distributed storage.
- 0x5ubt13/enumeraga – Automatic multiprocess Linux CLI tool that aims for a quick enumeration wrapping pentesting tools.
- 0xsha/CloudBrute – Awesome cloud enumerator
- 0xsha/GoLinkFinder – A fast and minimal JS endpoint extractor
- 1Panel-dev/1Panel – 🔥🔥🔥 Web-based linux server management control panel. / 现代化、开源的 Linux 服务器运维管理面板。
- 404tk/cloudrecon – 云上资产暴露面枚举
- 404tk/cloudtoolkit – Cloud Penetration Testing Toolkit
- 42wim/matterbridge – bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams, nextcloud, mumble, vk and more with REST API (mattermost not required!)
- 89luca89/pakkero – Pakkero is a binary packer written in Go made for fun and educational purpose. Its main goal is to take in input a program file (elf binary, script, even appimage) and compress it, protect it from tampering and intrusion.
- Alevsk/rmm – Recon MindMap (RMM)
- AlexxIT/go2rtc – Ultimate camera streaming application with support RTSP, RTMP, HTTP-FLV, WebRTC, MSE, HLS, MP4, MJPEG, HomeKit, FFmpeg, etc.
- Allaman/gstring – Swiss army knife for manipulating strings.
- Allaman/werkzeugkasten – Download your favorite command-line tools with ease!
- Android-Guards/apk-extractor
- ArchiveNetwork/wgcf-cli – A command-line tool for Cloudflare-WARP API, built using Cobra.
- Aryanstha/Go-for-Pentester
- Aryanstha/GoHTTPHasher – A lightweight Golang command-line tool designed to generate cryptographic hash values for HTTP headers.
- Aryanstha/GoSubSeeker
- Bearer/bearer – Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
- BishopFox/cloudfox – Automating situational awareness for cloud penetration tests.
- BishopFox/dufflebag – Search exposed EBS volumes for secrets
- BishopFox/jsluice – Extract URLs, paths, secrets, and other interesting bits from JavaScript
- BishopFox/sj – A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
- BishopFox/sliver – Adversary Emulation Framework
- Brum3ns/encode – Script to read input from stdin and encode it
- ChristopherHX/github-act-runner – act as self-hosted runner
- Code-Hex/pget – The fastest, resumable file download client
- ContainerSSH/ContainerSSH – ContainerSSH: Launch containers on demand
- Contextualist/acp – Make terminal personal file transfers as simple as
cp
- CryoByte33/steam-deck-utilities – A utility to improve performance and help manage storage on Steam Deck.
- D00Movenok/BounceBack –
↕️ 🤫 Stealth redirector for your red team operation security - DBCDK/morph – NixOS deployment tool
- DMarby/picsum-photos – Lorem Ipsum... but for photos.
- Damian89/ffufPostprocessing – Golang tool which helps dropping the irrelevant entries from your ffuf result file.
- Damian89/yataf – yataf extracts secrets and paths from files or urls - its best used against javascript files
- Danny-Dasilva/CycleTLS – Spoof TLS/JA3 fingerprints in GO and Javascript
- DarthSim/overmind – Process manager for Procfile-based applications and tmux
- DataDog/KubeHound – Kubernetes Attack Graph
- DataDog/stratus-red-team – ☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
- DeedleFake/trayscale – An unofficial GUI wrapper around the Tailscale CLI client.
- DevSecOpsDocs/nuclearpond – Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
- Devang-Solanki/recon.cloud – recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to terminal.
- DominicBreuker/pspy – Monitor linux processes without root permissions
- DreyAnd/WhoDupMe
- EatonChips/yalis – Yet Another LinkedIn Scraper
- Ehco1996/ehco – ehco is a network ʚrelayɞ tool and a typo :)
- Escape-Technologies/goctopus – Blazing fast GraphQL discovery & fingerprinting toolbox.
- Eun/logtimer – Enhance your output with a timer / date
- Eun/sshkeys – Get all ssh public keys of a ssh server
- EwenQuim/entropy – Entropy is a CLI tool that will scan your codebase for high entropy lines, which are often secrets.
- F1bonacc1/process-compose – Process Compose is a simple and flexible scheduler and orchestrator to manage non-containerized applications.
- FalconForceTeam/FalconHound – FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
- FiloSottile/mkcert – A simple zero-config tool to make locally trusted development certificates with any names you'd like.
- FiloSottile/sunlight – A Certificate Transparency log implementation and monitoring API designed for scalability, ease of operation, and reduced cost.
- Forceu/Gokapi – Lightweight selfhosted Firefox Send alternative without public upload. AWS S3 supported.
- Forest33/warthog – Cross platform gRPC GUI client
- Foxboron/sbctl – 💻 🔒 🔑 Secure Boot key manager
- FyshOS/fynedesk – A full desktop environment for Linux/Unix using Fyne
- GhostTroops/go4Hacker – Automated penetration and auxiliary systems, providing XSS, XXE, DNS log, SSRF, RCE, web netcat and other Servers,gin-vue-admin,online https://51pwn.com
- GhostTroops/scan4all – Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
- GoAid/md-html-cli – 🔁 CLI tool for converting markdown to a single html file. 用于将 markdown 转换为单个 html 文件的 CLI 实用工具。
- GoToolSharing/htb-cli – Interact with Hackthebox using your terminal - Be faster and more competitive !
- GoogleCloudPlatform/gcsfuse – A user-space file system for interacting with Google Cloud Storage
- HACKERALERT/Picocrypt – A very small, very simple, yet very secure encryption tool.
- Hackmanit/TInjA – TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.
- Hackmanit/Web-Cache-Vulnerability-Scanner – Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
- HarshVaragiya/sslsearch – Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
- HavocFramework/Havoc – The Havoc Framework.
- HuntDownProject/HEDnsExtractor – A suite for hunting suspicious targets, expose domains and phishing discovery
- IceWhaleTech/CasaOS – CasaOS - A simple, easy-to-use, elegant open-source Personal Cloud system.
- ImAyrix/cut-cdn – ✂️ Removing CDN IPs from the list of IP addresses
- ImAyrix/fallparams – Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
- ItsIgnacioPortal/hacker-scoper – Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.
- JFryy/qq – jq inspired (and gojq dependent) interoperable config format transcoder with interactive querying.
- Jacalz/rymdport – Cross-platform application for easy encrypted file, folder, and text sharing between devices.
- JanDeDobbeleer/aliae – Cross shell and platform alias management
- JanDeDobbeleer/oh-my-posh – The most customisable and low-latency cross platform/shell prompt renderer
- Josue87/gotator – Gotator is a tool to generate DNS wordlists through permutations.
- Josue87/roboxtractor – Extract endpoints marked as disallow in robots files to generate wordlists.
- Kriechi/git-monitor – Monitor Git repositories for new commits
- LeanerCloud/AutoSpotting – Saves up to 90% of AWS EC2 costs by automating the use of spot instances on existing AutoScaling groups. Installs in minutes using CloudFormation or Terraform. Convenient to deploy at scale using StackSets. Uses tagging to avoid launch configuration changes. Automated spot termination handling. Reliable fallback to on-demand instances.
- LeanerCloud/aws-ipv4-cost-viewer – CLI tool that shows the future public IPv4 costs for a variety of AWS resources across all AWS regions from an account.
- LeanerCloud/ec2-instances-info – Golang library for specs and pricing information about AWS EC2 instances based on the data from www.ec2instances.info
- LeeBrotherston/badflare – OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly locked down
- Legit-Labs/legitify – Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
- M3DZIK/go-pingbot – ⚡ This application "pings" websites every few minutes. It can be used to keep the application alive on e.g. glitch.me or repl.it.
- Macmod/goblob – A fast enumeration tool for publicly exposed Azure Storage blobs.
- Malwarize/webpalm – 🕸️ Crawl in the web network
- MantisSTS/GoCloud – Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
- ManuelBerrueta/urlyzer – urlyzer is a URL parsing analysis tool.
- Mayowa-Ojo/chmod-cli – Effortlessly generate chmod commands
- Mic92/ssh-to-age – Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops
- Moe-hacker/yoshinon – A whiptail-like dialog box written with Bubble Tea (Go) #Meet the modern TUI
- Moopinger/smugglefuzz – A rapid HTTP downgrade smuggling scanner written in Go.
- MrEmpy/mantra – 「🔑」A tool used to hunt down API key leaks in JS files and pages
- NHAS/reverse_ssh – SSH based reverse shell
- NodyHub/grepsecrets – Grep Secrets from input
- OJ/gobuster – Directory/File, DNS and VHost busting tool written in Go
- Optum/dce – Disposable Cloud Environment
- Picocrypt/CLI – A command-line interface for Picocrypt.
- Picocrypt/Picocrypt – A very small, very simple, yet very secure encryption tool.
- RasmusLindroth/tut – TUI for Mastodon with vim inspired keys
- RedTeamPentesting/monsoon – Fast HTTP enumerator
- RedTeamPentesting/pretender – Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
- RedTeamPentesting/resocks – mTLS-Encrypted Back-Connect SOCKS5 Proxy
- RikunjSindhwad/Task-Ninja – Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!
- Rosettea/Hilbish – 🌓 The Moon-powered shell! A comfy and extensible shell for Lua fans! 🌺 ✨
- SRI-CSL/gllvm – Whole Program LLVM: wllvm ported to go
- SSLMate/certspotter – Certificate Transparency Log Monitor
- SagerNet/sing-box – The universal proxy platform
- SeanHood/tailscale-netcat – A tool designed to immitate netcat for the purposes of SSH's ProxyCommand
- Septrum101/lightsailMon – An AWS Lightsail monitor service that can auto change blocked IP.
- ServiceWeaver/weaver – Programming framework for writing and deploying cloud applications.
- Shell-Company/Noirgate – NoirGate provides on-demand ephemeral anonymous shells secured by TOTP
- Shell-Company/poltergeist – A tool to encode and decode content as whitespace
- SpatiumPortae/portal – Portal is a quick and easy command-line file transfer utility from any computer to another 🌌 ✨
- SpecterOps/BloodHound – Six Degrees of Domain Admin
- StalkR/dns-reverse-proxy – DNS Reverse Proxy
- Static-Flow/gofingerprint – GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
- Tantalor93/dnspyre – CLI tool for a high QPS DNS benchmark
- TheForgotten69/go-opensubtitles – Go library for accessing the OpenSubtitles API
- TheYahya/enola – This is Sherlock's sister, Modern shiny CLI tool written with Golang to help you: 🔎 Hunt down social media accounts by username across social networks
- ThreatUnknown/jsubfinder – jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).
- TimothyYe/godns – A dynamic DNS client tool that supports AliDNS, Cloudflare, Google Domains, DNSPod, HE.net & DuckDNS & DreamHost, etc, written in Go.
- Tom5521/fsize – A more readable alternative to the stat command
- TomWright/dasel – Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool. Supports conversion between formats and can be used as a Go package.
- TrshPuppy/netpuppy – A CLI tool for making and/ or binding TCP connections. Inspired by Netcat & written in Golang!
- TwiN/gatus – ⛑ Automated developer-oriented status page
- TylerBrock/saw – Fast, multi-purpose tool for AWS CloudWatch Logs
- Ullaakut/cameradar – Cameradar hacks its way into RTSP videosurveillance cameras
- VHSgunzo/ssrv – Shell server/client
- Vanilla-OS/apx – Apx (/à·peks/) is the default package manager in Vanilla OS. It is a wrapper around multiple package managers to install packages and run commands inside a managed container.
- ViRb3/wgcf – 🚤 Cross-platform, unofficial CLI for Cloudflare Warp
- WHOISshuvam/gotld – Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and security researchers.
- WangYihang/Platypus – 🔨 A modern multiple reverse shell sessions manager written in go
- WangYihang/Proxy-Verifier – A set of tools designed to efficiently and effectively locate publicly available proxy server resources.
- WangYihang/Subdomain-Crawler – A program for collecting subdomains of a list of given second-level domains (SLD)
- WarpBuilds/warpbuild-agent – Application for runner lifecycle management
- WireGuard/wireguard-go – Mirror only. Official repository is at https://git.zx2c4.com/wireguard-go
- X-Cotang/gowitness-plus – 🔍 gowitness+ Add some new features
- XTLS/REALITY – THE NEXT FUTURE
- Xe/x – Various tools, trinkets and experiments
- YouROK/TorrServer – Torrent stream server
- Z3NTL3/ProxyBeast – ProxyBeast is a powerful, complete and free proxy checker with zero dependency and advanced capabilities.
- Zxilly/go-size-analyzer – A tool for determining the extent to which dependencies contribute to the bloated size of compiled Go binaries.
- abdfnx/resto – 🔗 Send pretty HTTP & API requests with TUI.
- abdfnx/tran – 🖥 Securely transfer and send anything between computers with TUI.
- abhimanyu003/sttr – cross-platform, cli app to perform various operations on string
- abiosoft/colima – Container runtimes on macOS (and Linux) with minimal setup
- aceberg/WatchYourLAN – Lightweight network IP scanner with web GUI
- activecm/rita-legacy – Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
- adhocore/gronx – Lightweight, fast and dependency-free Cron expression parser (due checker, next/prev due date finder), task runner, job scheduler and/or daemon for Golang (tested on v1.13+) and standalone usage. If you are bold, use it to replace crontab entirely.
- aerokube/init – Correct init process for Docker containers
- aerokube/selenoid – Selenium Hub successor running browsers within containers. Scalable, immutable, self hosted Selenium-Grid on any platform with single binary.
- aidansteele/freedata – A silly project for free (maybe) egress from EC2 instances using Tailscale and Session Manager
- ajinasokan/apkc – apkc is a bare-bones Android app build system that lets you build simple native Android apps without entire Android IDE
- akosela/go-cs – Concurrent ssh client
- alajmo/mani – 🤖 CLI tool to help you manage repositories
- alajmo/sake – 🤖 sake is a task runner for local and remote hosts
- alexei-led/pumba – Chaos testing, network emulation, and stress testing tool for containers
- alist-org/alist – 🗂️A file list/WebDAV program that supports multiple storages, powered by Gin and Solidjs. / 一个支持多存储的文件列表/WebDAV程序,使用 Gin 和 Solidjs。
- aliyun/aliyun-cli – Alibaba Cloud CLI
- alphasoc/flightsim – A utility to safely generate malicious network traffic patterns and evaluate controls.
- alwaystest18/hbit – 一款用于安全测试中信息收集的自动化工具
- alwaystest18/hostCollision – 一款host碰撞工具,做了较多的误报优化
- americanexpress/earlybird – EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
- ameshkov/dnscrypt – DNSCrypt v2 protocol implementation + a command-line tool
- ameshkov/dnslookup – Simple command line utility to make DNS lookups to the specified server
- ameshkov/gocurl – Simplified version of curl written in pure Go with additional features
- ameshkov/godnsbench – Simple DNS bench util that supports encrypted protocols.
- amir20/dozzle – Realtime log viewer for docker containers.
- amuluze/amprobe – 轻量级主机及容器监控服务
- anandvarma/namegen – 🌈 A unique(ish) random name and id generator
- anchore/binny – Manage a directory of binaries without a package manager
- anchore/grype – A vulnerability scanner for container images and filesystems
- andydunstall/piko – An open-source alternative to Ngrok, designed to serve production traffic and be simple to host (particularly on Kubernetes)
- ankitpokhrel/jira-cli – 🔥 Feature-rich interactive Jira command line.
- antoniomika/sish – HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
- antonmedv/countdown – Terminal countdown timer
- antonmedv/fx – Terminal JSON viewer & processor
- antonmedv/walk – Terminal file manager
- anywherelan/awl – Securely connect your devices into a private network
- apernet/OpenGFW – OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux
- apernet/hysteria – Hysteria is a powerful, lightning fast and censorship resistant proxy.
- appleboy/drone-scp – Copy files and artifacts via SSH using a binary, docker or Drone CI.
- apptainer/apptainer – Apptainer: Application containers for Linux
- aptible/supercronic – Cron for containers
- aptly-dev/aptly – aptly - Debian repository management tool
- aquaproj/aqua – Declarative CLI Version manager written in Go. Support Lazy Install, Registry, and continuous update with Renovate. CLI version is switched seamlessly
- aquasecurity/tracee – Linux Runtime Security and Forensics using eBPF
- aquasecurity/trivy – Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
- arduino/arduino-cli – Arduino command line tool
- arduino/arduino-lint – Tool to check for problems with Arduino projects
- ariary/fileless-xec – Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
- ariary/volana – 🌒 Shell command obfuscation to avoid detection systems
- arl/statsviz – 🚀 Visualise your Go program runtime metrics in real time in the browser
- arp242/goatcounter – Easy web analytics. No tracking of personal data.
- ashishb/gabo – GitHub Actions Boilerplate Generator
- assetnote/surf – Escalate your SSRF vulnerabilities on Modern Cloud Environments.
surf
allows you to filter a list of hosts, returning a list of viable SSRF candidates. - atc0005/check-vmware – Go-based tooling to monitor VMware environments; NOT affiliated with or endorsed by VMware, Inc.
- atc0005/dnsc – Run a DNS query concurrently against all servers in a list and provide results summary
- atoonk/ping-aws-ips – ping all AWS IP addresses to see how many ec2 instances AWS has at any given time
- atredispartners/flamingo – Flamingo captures credentials sprayed across the network by various IT and security products.
- authelia/authelia – The Single Sign-On Multi-Factor portal for web apps
- autobrr/autobrr – Modern, easy to use download automation for torrents and usenet.
- avelino/awesome-go – A curated list of awesome Go frameworks, libraries and software
- aws/amazon-ec2-instance-selector – A CLI tool and go library which recommends instance types based on resource criteria like vcpus and memory
- awslabs/amazon-s3-tar-tool – A utility tool to create a tarball of existing objects in Amazon S3
- awslabs/aws-simple-ec2-cli – A CLI tool that simplifies the process of launching, connecting and terminating an EC2 instance.
- axllent/mailpit – An email and SMTP testing tool with API for developers
- aydinnyunus/PackageSpy – PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers
- aydinnyunus/PassDetective – PassDetective is a command-line tool that scans shell command history to detect mistakenly written passwords, API keys, and secrets. Using regular expressions, it helps prevent accidental exposure of sensitive information in your command history.
- aydinnyunus/exifLooter – ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap
- aymanbagabas/shcopy – 📋 Copy text to your system clipboard locally and remotely using ANSI OSC52 sequence
- ayoisaiah/f2 – F2 is a cross-platform command-line tool for batch renaming files and directories quickly and safely. Written in Go!
- baby9/wgcf-socks-docker – Cloudflare WARP (WireGaurd protocol) run in containerized environment.
- balibuild/bali – Bali - Minimalist Golang build and packaging tool
- barelyhuman/goblin – Golang binaries compiled on-demand for your system
- bastiandoetsch/mullvad-best-server – Determines the Mullvad server with the lowest latency
- benchkram/bob – Bob is a high-level build tool for multi-language projects.
- benhoyt/goawk – A POSIX-compliant AWK interpreter written in Go, with CSV support
- bensadeh/circumflex – 🌿 It's Hacker News in your terminal
- berty/berty – Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network
- billcoding/sshpass – A sshpass implementation for Linux and Mac in Go
- binwiederhier/ntfy – Send push notifications to your phone or desktop using PUT/POST
- binwiederhier/pcopy – pcopy is a temporary file host, nopaste and clipboard across machines. It can be used from the Web UI, via a CLI or without a client by using curl.
- bitfield/script – Making it easy to write shell-like scripts in Go
- bitmagnet-io/bitmagnet – A self-hosted BitTorrent indexer, DHT crawler, content classifier and torrent search engine with web UI, GraphQL API and Servarr stack integration.
- bitnami/ini-file – CLI tool for modifying .ini files
- bitnami/wait-for-port – CLI tool for waiting until a TCP port reaches the desired state
- bitquark/shortscan – An IIS short filename enumeration tool
- bitrise-io/bitrise – Bitrise runner CLI - run your automations on your Mac or Linux machine -
- blacknon/lssh – List selection type ssh/scp/sftp client command. Supports single connection and parallel connection. Local bashrc can also be used without placing it on a remote machine. Written in Golang.
- blues-lab/totp-app-analysis-public – Security and Privacy Failures in Popular 2FA Apps
- bogdanfinn/tls-client – net/http.Client like HTTP Client with options to select specific client TLS Fingerprints to use for requests.
- bojand/ghz – Simple gRPC benchmarking and load testing tool
- bokysan/socketace – Your ultimate connection proxy. Proxy connections over websockets / UDP / DNS. Wrap connections in SSL/TLS. Auto-connect over best possible channel.
- bolkedebruin/rdpgw – Remote Desktop Gateway in Go for deploying on Linux/BSD/Kubernetes
- boostsecurityio/poutine – boostsecurityio/poutine
- boringtools/git-alerts – Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
- bp0lr/fget
- bp0lr/gauplus
- bschaatsbergen/cidr – CLI to perform various actions on CIDR ranges
- bschaatsbergen/dnsee – See DNS configurations quickly
- bufbuild/buf – The best way of working with Protocol Buffers.
- burrowers/garble – Obfuscate Go builds
- byt3hx/jsleak – jsleak is a tool to find secret , paths or links in the source code during the recon.
- c3l3si4n/crtdumper – crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names from certificates. Perfect for security researchers and developers interested in massively extracting domain names from CT logs.
- c3l3si4n/godeclutter – Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.
- c3l3si4n/quickcert – A better way of querying certificate transparency logs
- c3l3si4n/revwhois – CLI tool for discovering related base domains using WhoisXMLAPI's reverse Whois endpoints
- c3l3si4n/subsift – experimental wildcard subdomain filtering prototype
- c3l3si4n/thankunext – Easily gather all routes related to a NextJs application through parsing of _buildManifest.js
- caarlos0/org-stats – Get the contributor stats summary from all repos of any given organization
- caarlos0/xdg-open-svc – xdg-open as a service
- caddyserver/caddy – Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
- caddyserver/xcaddy – Build Caddy with plugins
- candrewlee14/webman – Add, remove, and manage different versions of web-distributed software binaries. No elevated permissions required!
- carapace-sh/carapace-bin – multi-shell multi-command argument completer
- cashapp/hermit – 🐚 Hermit manages isolated, self-bootstrapping sets of tools in software projects.
- casvisor/casvisor – An open-source security log auditing & RDP, VNC, SSH bastion platform, online demo: https://door.casvisor.com
- cbeuw/Cloak – A censorship circumvention tool to evade detection by authoritarian state adversaries
- cdk-team/CDK – 📦 Make security testing of K8s, Docker, and Containerd easier.
- cemulus/crt – A CLI tool to check Certificate Transparency logs of a domain name.
- chainguard-dev/apko – Build OCI images from APK packages directly without Dockerfile
- chainguard-dev/melange – build APKs from source code
- chainreactors/gogo – 面向红队的, 高度可控可拓展的自动化引擎
- chainreactors/zombie – The most powerful bruteforcer / password sprayer TOOL
- charmbracelet/freeze – Generate images of code and terminal output 📸
- charmbracelet/git-lfs-transfer – Server-side implementation of the Git LFS pure-SSH protocol
- charmbracelet/glow – Render markdown on the CLI, with pizzazz! 💅🏻
- charmbracelet/gum – A tool for glamorous shell scripts 🎀
- charmbracelet/melt – 🧊 Backup and restore Ed25519 SSH keys with seed words.
- charmbracelet/pop – Send emails from your terminal 📬
- charmbracelet/soft-serve – The mighty, self-hostable Git server for the command line🍦
- charmbracelet/vhs – Your CLI home video recorder 📼
- charmbracelet/wishlist – The SSH directory ✨
- cheat/cheat – cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not frequently enough to remember.
- chenjiandongx/sniffer – 🤒 A modern alternative network traffic sniffer.
- chmouel/gosmee – Command line server and client for webhooks deliveries (and https://smee.io)
- cilium/cilium – eBPF-based Networking, Security, and Observability
- cilium/tetragon – eBPF-based Security Observability and Runtime Enforcement
- cirruslabs/cirrus-cli – CLI for executing Cirrus tasks locally and in any CI
- cirruslabs/vetu – Create, publish and virtualize ephemeral Linux VMs with ease
- claudiodangelis/qrcp – ⚡ Transfer files over wifi from your computer to your mobile device by scanning a QR code without leaving the terminal.
- cli/cli – GitHub’s official command line tool
- cloud-barista/cb-spider – CB-Spider offers a unified view and interface for multi-cloud management.
- cloudbase/garm – GitHub Actions Runner Manager
- cloudflare/cfrpki – Cloudflare's RPKI Toolbox
- cloudflare/cfssl – CFSSL: Cloudflare's PKI and TLS toolkit
- cloudflare/cloudflared – Cloudflare Tunnel client (formerly Argo Tunnel)
- cloudflare/gokey – A simple vaultless password manager in Go
- cloudflare/ipvs – Package ipvs allows you to manage Linux IPVS services and destinations
- cloudfoundry/winc – CLI tool for spawning and running containers on Windows according to the OCI specification
- clouditor/clouditor – The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.
- cloudius-systems/capstan – Capstan, a tool for packaging and running your application on OSv. http://osv.io/capstan
- cloudreve/Cloudreve – 🌩支持多家云存储的云盘系统 (Self-hosted file management and sharing system, supports multiple storage providers)
- cloudtty/cloudtty – A Friendly Kubernetes CloudShell (Web Terminal) !
- cmars/onionpipe – Onion addresses for anything.
- codingo/dorky – A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon
- common-fate/granted – The easiest way to access your cloud.
- complexorganizations/code-formatter – ✔️ Formatting, beautifying, and optimizing code.
- confidential-containers/enclave-cc – Process-based Confidential Container Runtime
- contabo/cntb – Contabo Command Line Interface
- containerd/nerdctl – contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
- containers/buildah – A tool that facilitates building OCI images.
- containers/podman – Podman: A tool for managing OCI containers and pods.
- containers/podman-tui – Podman Terminal UI
- containers/skopeo – Work with remote images registries - retrieving information, images, signing content
- cooperspencer/gickup
- coreos/ignition – First boot installer and configuration tool
- crazy-canux/awesome-monitoring – INFRASTRUCTURE、OPERATION SYSTEM and APPLICATION monitoring tools.
- crazy-max/diun – Receive notifications when an image is updated on a Docker registry
- criteo/command-launcher – A command launcher 🚀 made with ❤️
- crtsh/ct_monitor – Certificate Transparency log monitor
- cruise-automation/fwanalyzer – a tool to analyze filesystem images for security
- csyezheng/ip-scanner – This script is used to find the fastest IP for a given site such as Google Translate, Cloudflare, GitHub, etc.
- cterence/tailout – Spawn an exit node for your tailnet anywhere
- ctrsploit/ctrsploit – A penetration toolkit for container environment
- cube2222/octosql – OctoSQL is a query tool that allows you to join, analyse and transform data from multiple databases and file formats using SQL.
- cuducos/chunk – 🧱 Chunk is a download manager for slow and unstable servers
- cunnie/sslip.io – Golang-based DNS server which maps DNS records with embedded IP addresses to those addresses.
- cvilsmeier/sqinn-go – Golang SQLite without cgo
- cybozu-go/etcdpasswd – Distributed Linux user management using etcd
- cybozu-go/neco – Project Neco
- d-Rickyy-b/certstream-server-go – This project aims to be a drop-in replacement for the certstream server by Calidog. This tool aggregates, parses, and streams certificate data from multiple certificate transparency logs via websocket connections to the clients.
- d3mondev/crossjoin – Generate a cross join, also known as a Cartesian product, from the lines of the specified files. This process is useful for creating fuzzing payloads.
- d3mondev/puredns – Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
- daffainfo/Key-Checker – Go scripts for checking API key / access token validity
- dagu-dev/dagu – Yet another cron alternative with a Web UI, but with much more capabilities. It aims to solve greater problems.
- dan-v/awslambdaproxy – An AWS Lambda powered HTTP/SOCKS web proxy
- danderson/netboot – Packages and utilities for network booting
- dark-warlord14/CVENotifier – Customized CVE FEED Notifier
- darkhz/bluetuith – A TUI bluetooth manager for Linux.
- daytonaio/daytona – The Open Source Dev Environment Manager.
- ddworken/hishtory – Your shell history: synced, queryable, and in context
- deepfence/PacketStreamer – ⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐
- deepfence/YaraHunter – 🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
- denandz/sourcemapper – Extract JavaScript source trees from Sourcemap files
- devanshbatham/headerpwn – A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers
- devanshbatham/rayder – A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
- devanshbatham/realm – A utility for recursively traversing SSL/TLS certificates for collecting DNS names
- devanshbatham/revit – A command-line utility for performing reverse DNS lookups
- devploit/nomore403 – Tool to bypass 403/40X response codes.
- dhn/spk – spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
- dhn/udon – A simple tool that helps to find assets/domains based on the Google Analytics ID.
- dhth/mult – Run a command multiple times and glance at the outputs
- diamondburned/nix-search – A Nix-channel-compatible package search
- direnv/direnv – unclutter your .profile
- distribworks/dkron – Dkron - Distributed, fault tolerant job scheduling system https://dkron.io
- distribyted/distribyted – Torrent client with HTTP, fuse, and WebDAV interfaces. Start exploring your torrent files right away, even zip, rar, or 7zip archive contents!
- divyam234/teldrive – Telegram Drive
- dkorunic/axfr2hosts – Fetches one or more DNS zones via AXFR and dumps in Unix hosts format for local use
- dkorunic/betteralign – Make your Go programs use less memory (maybe)
- dkorunic/pktstat – Simple ethernet interface traffic monitor and reporting tool
- dlvhdr/gh-dash – A beautiful CLI dashboard for GitHub 🚀
- dmachard/go-dnscollector – Ingesting, pipelining, and enhancing your DNS logs with usage indicators, security analysis, and additional metadata.
- dolthub/dolt – Dolt – Git for Data
- dragonflyoss/Dragonfly2 – Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project.
- drakkan/sftpgo – Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob
- drand/drand – 🎲 A Distributed Randomness Beacon Daemon - Go implementation
- dstotijn/hetty – An HTTP toolkit for security research.
- dub-flow/sessionprobe – SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
- dundee/gdu – Fast disk usage analyzer with console interface written in Go
- dunglas/mercure – 🪽 An open, easy, fast, reliable and battery-efficient solution for real-time communications
- dustin/go-humanize – Go Humans! (formatters for units to human friendly sizes)
- dutchcoders/transfer.sh – Easy and fast file sharing from the command-line.
- dwisiswant0/cf-check – CloudFlare Checker written in Go
- dwisiswant0/crlfuzz – A fast tool to scan CRLF vulnerability written in Go
- dwisiswant0/galer – A fast tool to fetch URLs from HTML attributes by crawl-in.
- dwisiswant0/gfx – A wrapper around grep, to help you grep for things! - Improved version of gf by @tomnomnom.
- dwisiswant0/ngocok – ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.
- dwisiswant0/siml – siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site.
- dwisiswant0/unch – Hides message with invisible Unicode characters
- dwisiswant0/wadl-dumper – Dump all available paths and/or endpoints on WADL file.
- earthly/earthly – Super simple build framework with fast, repeatable builds and an instantly familiar syntax – like Dockerfile and Makefile had a baby.
- ebitengine/purego
- edgelesssys/constellation – Constellation is the first Confidential Kubernetes. Constellation shields entire Kubernetes clusters from the (cloud) infrastructure using confidential computing.
- edoardottt/cariddi – Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
- edoardottt/csprecon – Discover new target domains using Content Security Policy
- edoardottt/depsdev – CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
- edoardottt/favirecon – Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
- edoardottt/lit-bb-hack-tools – Little Bug Bounty & Hacking Tools⚔️
- edoardottt/pwdsafety – 🔒command line tool checking password safety🔒
- edoardottt/scilla – Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
- ekalinin/awsping – Console tool to check the latency to each Amazon EC2 region
- ekristen/aws-nuke – Remove all the resources from an AWS account
- elliotwutingfeng/go-fasttld – go-fasttld is a high performance effective top level domains (eTLD) extraction module.
- elmasy-com/columbus-scanner – Log scanner CLI to upload to Columbus server.
- elmasy-com/elmasy – Open Source External Attack Surface Management
- elvisgraho/bypass-403-go – Try to bypass 403 Forbidden responses for specific endpoints.
- elvisgraho/cert-sub-go – Cert Sub Go is a tool to query SSL Certificate Transparency for subdomain discovery
- elvisgraho/jwt-cracker-go – jwt-cracker-go is a simple brute force cracker for HS256, HS384, and HS512 JWT tokens, inspired by jwt-cracker.
- ergochat/ergo – A modern IRC server (daemon/ircd) written in Go.
- ericpauley/ec2-autostart – Automatically starts EC2 instances based on network traffic
- eryajf/go-ldap-admin – 🌉 基于Go+Vue实现的openLDAP后台管理项目
- esrrhs/pingtunnel – Pingtunnel is a tool that send TCP/UDP traffic over ICMP
- etcd-io/etcd – Distributed reliable key-value store for the most critical data of a distributed system
- etix/mirrorbits – Mirrorbits is a geographical download redirector written in Go for distributing files efficiently across a set of mirrors.
- everywall/ladder – Selfhosted alternative to 12ft.io. and 1ft.io bypass paywalls with a proxy ladder and remove CORS headers from any URL
- evilsocket/shellz – shellz is a small utility to manage your ssh, telnet, kubernetes, winrm, web or any custom shell in a single place.
- famasoon/crtsh – This tool shows the result of crt.sh
- fatedier/frp – A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
- ferama/rospo – 🐸 Simple, reliable, persistent ssh tunnels with embedded ssh server
- ferreiraklet/Jeeves – Jeeves SQLI Finder
- ferreiraklet/airixss – Finding XSS during recon
- ferreiraklet/nilo – Responser
- fffaraz/fakessh – A dockerized fake SSH server honeypot written in Go that logs login attempts.
- ffuf/ffuf – Fast web fuzzer written in Go
- ffuf/pencode – Complex payload encoder
- fhs/gig – Git command implemented in pure Go
- filhodanuvem/gitql – 💊 A git query language
- fipso/cntui – Replay chrome requests from your terminal using curl
- fipso/freenews – Reverse Proxy & DNS based solution to bypass paywalls 🔨💵🧱
- firecracker-microvm/firecracker-containerd – firecracker-containerd enables containerd to manage containers as Firecracker microVMs
- firecracker-microvm/firectl – firectl is a command-line tool to run Firecracker microVMs
- firefart/stunner – Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
- flint-actions/flint – Secure and isolated GitHub Actions runs without a headache.
- forestnode-io/oneshot – A first-come first-served single-fire HTTP server. Easily transfer files to and from your terminal and any browser.
- fortio/dnsping – DNS Ping: to check packet loss and latency issues with DNS servers
- foxcpp/maddy – ✉️ Composable all-in-one mail server.
- francoismichel/ssh3 – SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/
- frantjc/forge – Run reusable steps from proprietary CI systems.
- frioux/leatherman – Handy multitool that happens to be mostly Go
- fujiwara/awslim – A simplified alternative to the AWS CLI for limited use cases.
- fullstorydev/grpcui – An interactive web UI for gRPC, along the lines of postman
- fullstorydev/grpcurl – Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers
- future-architect/vuls – Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
- fyoorer/ffufsee – Ffuf output browser
- fzdwx/burst – Expose ports to the server quickly
- g0ldencybersec/CloudRecon
- g0ldencybersec/EasyEASM – Zero-dollar attack surface management tool
- g0ldencybersec/gungnir – CT Log Scanner
- gcla/termshark – A terminal UI for tshark, inspired by Wireshark
- gennaro-tedesco/element – 🧪 periodic table on the command line
- getporter/porter – Porter enables you to package your application artifact, client tools, configuration and deployment logic together as an installer that you can distribute, and install with a single command.
- getsavvyinc/savvy-cli – Create, share, and run runbooks from your terminal.
- getsops/sops – Simple and flexible tool for managing secrets
- ghostunnel/ghostunnel – A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.
- ginuerzh/gost – GO Simple Tunnel - a simple tunnel written in golang
- giodamelio/tailscale-custom-domain-dns – A small DNS serve that serves records for all the machines in your Tailscale tailnet
- github/git-sizer – Compute various size metrics for a Git repository, flagging those that might cause problems
- gitleaks/gitleaks – Protect and discover secrets using Gitleaks 🔑
- gitpod-io/gitpod – The developer platform for on-demand cloud development environments to create software faster and more securely.
- gittuf/gittuf – A security layer for Git repositories
- glanceapp/glance – A self-hosted dashboard that puts all your feeds in one place
- glebarez/cero – Scrape domain names from SSL certificates of arbitrary hosts
- gliderlabs/ssh – Easy SSH servers in Golang
- gliderlabs/sshfront – Programmable SSH frontend
- glitchedgitz/cook – A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.
- go-acme/lego – Let's Encrypt/ACME client and library written in Go
- go-debos/debos – Debian OS builder
- go-git/go-git – A highly extensible Git implementation in pure Go.
- go-gitea/gitea – Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
- go-gost/gost-plus – A cross-platform GUI client for gost.plus.
- go-nunu/nunu – A CLI tool for building Go applications.
- go-task/task – A task runner / simpler Make alternative written in Go
- gokrazy/gokrazy – turn your Go program(s) into an appliance running on the Raspberry Pi 3, Pi 4, Pi 5, Pi Zero 2 W, or amd64 PCs!
- golang-design/clipboard – 📋 cross-platform clipboard package that supports accessing text and image in Go (macOS/Linux/Windows/Android/iOS)
- gomarkdown/mdtohtml – Command-line tool to convert markdown to html
- google/cabbie – A client side tool for managing the installation of Microsoft Windows updates on a device.
- google/certificate-transparency-go – Auditing for TLS certificates (Go code)
- google/fscrypt – Go tool for managing Linux filesystem encryption
- google/gops – A tool to list and diagnose Go processes currently running on your system
- google/osv-scanner – Vulnerability scanner written in Go which uses the data provided by https://osv.dev
- gookit/goutil – 💪 Helper Utils(700+): int, byte, string, array/slice, map, struct, dump, convert/format, error, web/http, cli/flag, OS/ENV, filesystem, system, test/assert, time and more. Go 常用的一些工具函数:数字,字符串,数组,Map,结构体,反射,文本,文件,错误,时间日期,特殊处理,格式化,常用信息获取等等
- goreleaser/goreleaser – Deliver Go binaries as fast and easily as possible
- goreleaser/nfpm – nFPM is Not FPM - a simple deb, rpm, apk, ipk, and arch linux packager written in Go
- goretk/redress – Redress - A tool for analyzing stripped Go binaries
- gotenberg/gotenberg – A developer-friendly API for converting numerous document formats into PDF files, and more!
- grafana/loki – Like Prometheus, but for logs.
- gravitational/teleport – The easiest, and most secure way to access and protect all of your infrastructure.
- gravitl/netmaker – Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
- groundsec/waybackshots – Get screenshots of URLs stored in the Wayback Machine in a smart way
- grpc-ecosystem/grpc-health-probe – A command-line tool to perform health-checks for gRPC applications in Kubernetes and elsewhere
- grpc-ecosystem/grpcdebug – grpcdebug is a command line interface focusing on simplifying the debugging process of gRPC applications.
- gruntwork-io/cloud-nuke – A tool for cleaning up your cloud accounts by nuking (deleting) all resources within it
- gruntwork-io/fetch – Download files, folders, and release assets from a specific git commit, branch, or tag of public and private GitHub repos.
- gruntwork-io/git-xargs – git-xargs is a command-line tool (CLI) for making updates across multiple Github repositories with a single command.
- guumaster/hostctl – Your dev tool to manage /etc/hosts like a pro!
- gvcgo/asciinema – 🔥🎨 ⚡️📝A cross-platform asciinema(v2) terminal session recorder for MacOS/Linux/Windows. Currently a better choice than the official one.
- gvcgo/gobuilder – An enhancement for official .
- gvcgo/version-manager – 🔥 A general version manager for 60+ SDKs with TUI inspired by lazygit. No need to remember any commands. Less bugs.
- gwen001/github-endpoints – Find endpoints on GitHub.
- gwen001/github-regexp – Basically a regexp over a GitHub search.
- gwen001/github-subdomains – Find subdomains on GitHub.
- gwen001/gitlab-subdomains – Find subdomains on GitLab.
- hahwul/authz0 – 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
- hahwul/dalfox – 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
- hahwul/gee – 🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go
- hahwul/gitls – 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline
- hahwul/jwt-hack – 🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
- hahwul/mzap – ⚡️ Multiple target ZAP Scanning
- hahwul/s3reverse – The format of various s3 buckets is convert in one format. for bugbounty and security testing.
- hahwul/websocket-connection-smuggler – websocket-connection-smuggler
- hairyhenderson/github-responder – A library & CLI tool that automatically sets up GitHub WebHooks and listens for events, with automatic TLS
- hakluke/dnstrace – DNS resolution tracing tool
- hakluke/hakaxfr – Attempt zone transfers on domains
- hakluke/hakoriginfinder – Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
- hakluke/hakscale – Distribute ordinary bash commands over many systems
- hakluke/hakstore
- handlename/ssmwrap – Execute command with environment variables or/and files loaded from AWS SSM.
- harakeishi/whris – "whris" is Displays management information for IPs associated with the domain.
- hartwork/go-wait-for-it – 🦫 Wait for service(s) to be available before executing a command.
- hashicorp/packer – Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
- hectorm/cetusguard – CetusGuard is a tool that protects the Docker daemon socket by filtering calls to its API endpoints.
- hedhyw/json-log-viewer – Interactive viewer for JSON logs.
- hetznercloud/cli – A command-line interface for Hetzner Cloud
- hibiken/asynq – Simple, reliable, and efficient distributed task queue in Go
- homeport/dyff – /ˈdʏf/ - diff tool for YAML files, and sometimes JSON
- homeport/termshot – Creates screenshots based on terminal command output
- hookdeck/hookdeck-cli – Free - no account required - alternative to ngrok for localhost asynchronous web development (e.g. webhooks)
- howeyc/crocgui – GUI for croc
- iangcarroll/cookiemonster – 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
- iawia002/lux – 👾 Fast and simple video download library and CLI tool written in Go
- ibuildthecloud/wtfk8s – Watch and print changes in k8s
- iknowjason/edge – Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
- immortal/immortal – ⭕ A *nix cross-platform (OS agnostic) supervisor
- imup-io/client – Measure your d*mn internet
- influxdata/telegraf – Agent for collecting, processing, aggregating, and writing metrics, logs, and other arbitrary data.
- inguardians/peirates – Peirates - Kubernetes Penetration Testing tool
- ipinfo/cli – Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)
- ipv6rslimited/delorean – A reverse IPv4 to IPv6 TLS SNI and HTTP proxy written in GoLang
- ipv6rslimited/hamon – Hamon is a tool that uses the djb2 (ca. 1991) hash to map IP addresses to readable words and vice versa. It supports both IPv4 and IPv6 addresses. The name is derived from HAsh MOdulo Name (ハモン not 刃文).
- ipv6rslimited/shrimp – shrimp is a simple forward proxy written in GoLang, that does not decrypt traffic, making it secure and easy to configure. It features a locked-down mode which limits it to a single network interface and IPv6 stack.
- istio/istio – Connect, secure, control, and observe services.
- itchyny/bed – Binary editor written in Go
- itchyny/gojq – Pure Go implementation of jq
- itsprason/Auth0-Dump
- iximiuz/cdebug – cdebug - a swiss army knife of container debugging
- iyear/tdl – 📥 A Telegram tookit written in Golang
- izzetemredemir/GoSitemap2Md – GoSitemap2Md is a Golang program that generates a sitemap URL in Markdown format and stores the URLs in a urls.json file for easy adding of new URLs. This tool simplifies the process of generating and maintaining a sitemap for your website.
- j3ssie/durl – Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names
- j3ssie/go-auxs – Collection of auxiliary command line tools
- j3ssie/goverview – goverview - Get an overview of the list of URLs
- j3ssie/metabigor – OSINT tools and more but without API key
- j3ssie/osmedeus – A Workflow Engine for Offensive Security
- jacobnguyenn/gorya – Compute unit scheduler that helps to reduce costs for non-production environments.
- jacobsa/ssh_ping – Utility for measuring SSH session latency
- jaeles-project/gospider – Gospider - Fast web spider written in Go
- jaeles-project/jaeles – The Swiss Army knife for automated Web Application Testing
- jaksi/sshesame – An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity
- jdrews/logstation – Tail log files in web browser
- jeessy2/ddns-go – Simple and easy to use DDNS. Support Aliyun, Tencent Cloud, Dnspod, Cloudflare, Callback, Huawei Cloud, Baidu Cloud, Porkbun, GoDaddy, Namecheap, NameSilo...
- jesseduffield/lazydocker – The lazier way to manage everything docker
- jesseduffield/lazygit – simple terminal UI for git commands
- jetify-com/devbox – Instant, easy, and predictable development environments
- jfjallid/go-secdump – Tool to remotely dump secrets from the Windows registry
- jinzhu/configor – Golang Configuration tool that support YAML, JSON, TOML, Shell Environment
- jiro4989/gsv – gsv transforms a multi-line CSV into one-line JSON to make it easier to grep.
- jiro4989/relma – GitHub Releases Management cli
- jm33-m0/emp3r0r – Linux/Windows post-exploitation framework made by linux user
- joerdav/xc – Markdown defined task runner.
- johannesboyne/gofakes3 – A simple fake AWS S3 object storage (used for local test-runs against AWS S3 APIs)
- johnkerl/miller – Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON
- jpillora/chisel – A fast TCP/UDP tunnel over HTTP
- jpillora/installer – One-liner for installing binaries from Github releases
- jpillora/sshd-lite – A feature-light sshd(8) for Windows, Mac, and Linux written in Go
- jsdelivr/globalping-cli – A simple CLI tool to run networking commands remotely from hundreds of globally distributed servers
- juanfont/headscale – An open source, self-hosted implementation of the Tailscale control server
- juev/starred – Create your own Awesome List by GitHub stars!
- juicedata/juicefs – JuiceFS is a distributed POSIX file system built on top of Redis and S3.
- juicedata/juicesync – A tool to move your data between any clouds or regions.
- junegunn/fzf – 🌸 A command-line fuzzy finder
- jvns/dns-doctor
- k1LoW/awsdo – awsdo is a tool to do anything using AWS temporary credentials.
- k1LoW/runn – runn is a package/tool for running operations following a scenario.
- k1LoW/sheer-heart-attack – 💣 A debugging tool that can execute any command on process/host metrics trigger 💥 .
- kadeessh/kadeessh – Kadeessh (formerly Caddy-SSH) is a general-purpose, extensible, modular, memory-safe SSH server built in Go
- kahing/goofys – a high-performance, POSIX-ish Amazon S3 file system written in Go
- kairos-io/kairos – 🐧 The immutable Linux meta-distribution for edge Kubernetes.
- karelorigin/limiter – A small command-line utility to artificially limit the input rate to STDIN.
- kavishgr/getghrel – getghrel(get github release) is a user-friendly command-line tool that fetches and installs the latest release assets from Github for MacOS and Linux (amd64 and arm64 architectures). It automatically detects your operating system and architecture, downloads the release, extracts it(if needed), and keep only the binary.
- kaytu-io/kaytu – Kaytu's AI platform boosts cloud efficiency by analyzing historical usage and delivering intelligent recommendations—such as optimizing instance sizes—that maintain reliability. Pay for what you need, without compromising your apps.
- keidarcy/e1s – E1S - Easily Manage AWS ECS Resources in Terminal(~k9s for ECS) 🐱
- keilerkonzept/dockerfile-json – 🐳 parse & print a Dockerfile as JSON, or query (e.g. extract base images) using JSONPath. #golang #cli - single binary, no dependencies. linux, osx, windows.
- keith-turner/ecoji – Encodes (and decodes) data as emojis
- keithknott26/datadash – Visualize and graph data in the terminal
- kevincobain2000/gobrew – Go version manager, written in Go. Super simple tool to install and manage Go versions. Install go without root. Gobrew doesn't require shell rehash.
- kevwan/tproxy – A cli tool to proxy and analyze TCP connections.
- kha7iq/pingme – PingMe is a CLI which provides the ability to send messages or alerts to multiple messaging platforms & email.
- kitabisa/mubeng – An incredibly fast proxy checker & IP rotator with ease.
- knadh/dns.toys – A DNS server that offers useful utilities and services over the DNS protocol. Weather, world time, unit conversion etc.
- knadh/listmonk – High performance, self-hosted, newsletter and mailing list manager with a modern dashboard. Single binary app.
- knadh/otpgateway – Standalone server for user address and OTP verification flows with pluggable providers (e-mail, SMS, bank penny drops etc.)
- knadh/stuffbin – Compress and embed static files and assets into Go binaries and access them with a virtual file system in production
- knownsec/ksubdomain – 无状态子域名爆破工具
- ko-build/ko – Build and deploy Go applications
- koki-develop/clive – ⚡ Automates terminal operations.
- kopia/kopia – Cross-platform backup tool for Windows, macOS & Linux with fast, incremental backups, client-side end-to-end encryption, compression and data deduplication. CLI and GUI included.
- kost/revsocks – Reverse SOCKS5 implementation in Go
- kost/sqlc – sqlc - Universal DBMS/SQL client with exfiltration features :)
- kost/tty2web – Share your terminal as a web application in bind/reverse mode
- kpym/gm – Cli tool converting Markdown to HTML. This tool is a thin wrapper around the github.com/yuin/goldmark library.
- ksctl/ksctl – Cloud Agnostic Kubernetes Management (Core)
- ktr0731/evans – Evans: more expressive universal gRPC client
- kubesphere/kubeeye – KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.
- kungze/quic-tun – A fast and security tunnel based on QUIC, make you can access remote TCP/UNIX application like a local application. 一个快速且安全的 TCP 隧道工具,能加速弱网环境下(如网络有丢包)TCP 的转发性能。
- kvesta/vesta – A static analysis of vulnerabilities, Docker and Kubernetes cluster configuration detect toolkit based on the real penetration of cloud computing
- lachlan2k/phatcrack – Modern web-based distributed hashcracking solution, built on hashcat
- laktak/zfind – search for files (even inside tar/zip/7z/rar) using a SQL-WHERE filter
- lanrat/allxfr – AXFR all the things!
- lanrat/certgraph – An open source intelligence tool to crawl the graph of certificate Alternate Names
- larrabee/s3sync – Really fast sync tool for S3
- lasseh/whynoipv6 – Shame the top 1Million websites without IPv6
- layou233/NeverIdle – 资源定期浪费,可用于 Oracle 甲骨文保活。
- lc/gau – Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
- legal90/awscurl – cURL with AWS request signing
- lemonlove7/EHole_magic – EHole(棱洞)魔改。可对路径进行指纹识别;支持识别出来的重点资产进行漏洞检测(支持从hunter和fofa中提取资产)支持对ftp服务识别及爆破
- letsencrypt/ct-woodpecker – A tool to monitor a certificate transparency log for operational problems
- liamg/traitor – ⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
- life4/enc – 🔑🔒 A modern and friendly CLI alternative to GnuPG: generate and download keys, encrypt, decrypt, and sign text and files, and more.
- likexian/whois – Whois client for domain and ip whois information query in Go(Golang).
- lima-vm/lima – Linux virtual machines, with a focus on running containers
- lindell/multi-gitter – Update multiple repositories in with one command
- linuxkit/linuxkit – A toolkit for building secure, portable and lean operating systems for containers
- lionsoul2014/ip2region – Ip2region (2.0 - xdb) is a offline IP address manager framework and locator, support billions of data segments, ten microsecond searching performance. xdb engine implementation for many programming languages
- lkarlslund/ldapnomnom – Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
- lmorg/murex – A smarter shell and scripting environment with advanced features designed for usability, safety and productivity (eg smarter DevOps tooling)
- lobuhi/byp4xx – 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
- loeffel-io/ls-lint – An extremely fast directory and filename linter - Bring some structure to your project filesystem
- loft-sh/devpod – Codespaces but open-source, client-only and unopinionated: Works with any IDE and lets you use any cloud, kubernetes or just localhost docker.
- logdyhq/logdy-core – Web based real-time log viewer. Stream ANY content to a web UI with autogenerated filters. Parse any format with TypeScript.
- lollipopkit/server_box_monitor – ServerBox on server end.
- lostdusty/cobalt – Unofficial cobalt command line client made in go.
- lucasew/ts-proxy – Allows one to expose one HTTP port as one tailscale device. Supports funnel.
- lunarr-app/lunarr-go – [WIP] Self-hosted media streaming server designed as an alternative to Plex, allowing you to monitor and manage your movie and TV show files on a headless server.
- lwch/natpass – 🔥居家办公,远程开发神器
- lxc/distrobuilder – System container image builder for LXC and Incus
- m1k1o/neko – A self hosted virtual browser that runs in docker and uses WebRTC.
- m3n0sd0n4ld/uCVE – uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.
- maaslalani/nap – Code snippets in your terminal
- majd/ipatool – Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store
- makotom/cfspeed – Unofficial CLI-based implementation of https://speed.cloudflare.com/
- marcosnils/bin – Effortless binary manager
- martinlindhe/validini – Command line tool to validate INI syntax of input file.
- martinlindhe/validtoml – Command line tool to validate TOML syntax of input file.
- marwanhawari/ppath – 🌈 A command-line tool to pretty print your system's PATH environment variable.
- marwanhawari/stew – 🥘 An independent package manager for compiled binaries.
- masahide/OmniSSHAgent – Integrated ssh-agent for windows. (pageant compatible. openSSH ssh-agent etc ..)
- mathenz/goffy – A command-line tool for downloading public playlists, albums and individual tracks via Spotify URLs.
- megaease/easeprobe – A simple, standalone, and lightweight tool that can do health/status checking, written in Go.
- melbahja/goph – 🤘 The native golang ssh client to execute your commands over ssh connection. 🚀🚀
- melbahja/got – Got: Simple golang package and CLI tool to download large files faster 🏃 than cURL and Wget!
- metafates/mangal – 📖 The most advanced (yet simple) cli manga downloader in the entire universe! Lua scrapers, export formats, anilist integration, fancy TUI and more!
- mgechev/revive – 🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
- mhmdiaa/waybackrobots – Enumerate old versions of robots.txt paths using Wayback Machine for content discovery
- michael1026/trashcompactor
- miguelangel-nubla/ipv6ddns – Discover the IPv6 addresses of specific hosts in your network and update DNS records dynamically
- mikefarah/yq – yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor
- mikeroyal/Google-Cloud-Guide – Google Cloud Platform (GCP) Guide. Learn all about Google Cloud Tools, Services, and Certifications.
- mikeroyal/WireGuard-Guide – WireGuard Guide. Learn all about WireGuard for Networking and in the Cloud (Microsoft Azure, AWS, and Google Cloud).
- minamijoyo/hcledit – A command line editor for HCL
- miniflux/v2 – Minimalist and opinionated feed reader
- minio/dperf – Drive performance measurement tool
- minio/mc – Simple | Fast tool to manage MinIO clusters ☁️
- minio/minio – The Object Store for AI Data Infrastructure
- minio/selfupdate – Build self-updating Go programs
- minio/warp – S3 benchmarking tool
- mislav/hub – A command-line tool that makes git easier to use with GitHub.
- mittwald/mittnite – Small init system with templated config files; to be used as container entrypoint
- mlcsec/headi – Customisable and automated HTTP header injection
- mmpx12/xenv – Fast scanner for exposed env files
- moby/moby – The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
- moonD4rk/HackBrowserData – Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
- mosajjal/binary-tools – Collection of Statically linked binaries for Linux. Suited for Forensics
- mosajjal/dnsmonster – Passive DNS Capture and Monitoring Toolkit
- mosajjal/dnspot – End-to-end Encrypted DNS Tunnelling and C2 framework
- mosajjal/sniproxy – SNI Proxy with Embedded DNS Server
- mosajjal/tcpshark – Cross-Platform process-aware tcpdump
- moul/assh – 💻 make your ssh client smarter
- moul/quicssh – SSH over QUIC
- moul/sshportal – 🎩 simple, fun and transparent SSH (and telnet) bastion server
- mr-karan/doggo – 🐶 Command-line DNS Client for Humans. Written in Golang
- mr-pmillz/gofireprox – FireProx written in Go
- mrrootsec/AssetViz – AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.
- mrusme/cexec – Execute any command, cache its output and get cached output on subsequent execution
- mrusme/cloudcash – Check your cloud spending from the CLI, from Waybar, and from the macOS menu bar!
- mrusme/planor – The Cloud Aviator: TUI client for cloud services (AWS, Vultr, Heroku, Render.com, Fleek, ...)
- mrusme/reader – reader is for your command line what the “readability” view is for modern browsers: A lightweight tool offering better readability of web pages on the CLI.
- mrusme/shell-time – Screen Time, but for the Shell!
- mrusme/wth – What The Heck: The better personal information dashboard for your terminal
- mrvcoder/cloud_data – Get some useful data from Clouds for your targets
- msoap/shell2http – Executing shell commands via HTTP server
- mtlynch/picoshare – A minimalist, easy-to-host service for sharing images and other files
- mtzanidakis/tsrp – HTTPS reverse proxy for Tailscale
- mudler/edgevpn – ⛵ The immutable, decentralized, statically built p2p VPN without any central server and automatic discovery! Create decentralized introspectable tunnels over p2p with shared tokens
- mudler/luet – 📦 🐳 0-dependency Container-based Package Manager using SAT solver and QLearning
- mudler/yip – 📌 Yaml Instructions Processor - Simply applies a cloud-init style yaml file to the system
- muesli/duf – Disk Usage/Free Utility - a better 'df' alternative
- muety/telepush – 🤖 A simple bot to translate JSON HTTP requests into Telegram push messages
- multiprocessio/dsq – Commandline tool for running SQL queries against JSON, CSV, Excel, Parquet, and more.
- mum4k/termdash – Terminal based dashboard.
- musana/fuzzuli – fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
- mux0x/github-guard
- mux0x/mongoConnect
- mvdan/sh – A shell parser, formatter, and interpreter with bash support; includes shfmt
- mvdan/xurls – Extract urls from text
- mxpv/podsync – Turn YouTube or Vimeo channels, users, or playlists into podcast feeds
- nadoo/glider – glider is a forward proxy with multiple protocols support, and also a dns/dhcp server with ipset management features(like dnsmasq).
- naiba/nezha –
Self-hosted, lightweight server and website monitoring and O&M tool
- nao1215/gup – gup - Update binaries installed by "go install" with goroutines.
- nao1215/jose – jose - CLI tool for JOSE (JSON Object Signing and Encryption)
- nao1215/morrigan – morrigan - Penetration Tool Set
- natesales/q – A tiny command line DNS client with support for UDP, TCP, DoT, DoH, DoQ and ODoH.
- nathants/libaws – aws should be easy
- navidrome/navidrome – 🎧☁️ Modern Music Server and Streamer compatible with Subsonic/Airsonic
- neilotoole/sq – sq data wrangler
- nektos/act – Run your GitHub Actions locally 🚀
- netbirdio/netbird – Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls.
- netrixone/udig – ÜberDig - dig on steroids
- nezhahq/agent
- nfx/slrp – rotating open proxy multiplexer
- nginx-proxy/docker-gen – Generate files from docker container meta-data
- ngoduykhanh/wireguard-ui – Wireguard web interface
- nickvourd/Supernova – Real fucking shellcode encryptor & obfuscator tool
- nickzer0/RagingRotator – A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.
- nicocha30/ligolo-ng – An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
- nil-go/konf – The simplest config loader for Go that reads/watches from file, env, flag and clouds (AWS, Azure, GCP).
- nix-community/trustix – Trustix: Distributed trust and reproducibility tracking for binary caches [maintainer=@adisbladis]
- nixys/nxs-backup – The tool for creating, delivering and rotating backups for GNU/Linux distributions.
- nlewo/comin – GitOps For NixOS Machines
- nlewo/nix2container – An archive-less dockerTools.buildImage implementation
- nlnwa/warchaeology – Command line tool for digging into WARC files
- noahgorstein/jqp – A TUI playground to experiment with jq
- noborus/ov – 🎑Feature-rich terminal-based text viewer. It is a so-called terminal pager.
- noborus/trdsql – CLI tool that can execute SQL queries on CSV, LTSV, JSON, YAML and TBLN. Can output to various formats.
- nodauf/GoMapEnum – User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin
- noisysockets/nsh – The Noisy Sockets CLI
- noperator/chromedb – Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.
- nullt3r/udpx – Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable, and can be run on Linux, Mac OS, and Windows. Unlike internet-wide scanners like zgrab2 and zmap, UDPX is designed for portability and ease of use.
- nwtgck/yamux-cli – Multiplexing TCP and UDP using yamux
- nxtrace/NTrace-core – NextTrace, an open source visual route tracking CLI tool
- nyancrimew/goop – Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
- oalders/is – an inspector for your environment
- ochinchina/supervisord – a go-lang supervisor implementation
- ollama/ollama – Get up and running with Llama 3, Mistral, Gemma 2, and other large language models.
- omerh/awsctl – Control AWS infrastructure easily from a single command line written in Go
- one2nc/cloudlens – k9s like CLI for AWS and GCP
- ooni/probe-cli – OONI Probe Engine and CLI
- open-feature/flagd – A feature flag daemon with a Unix philosophy
- openclarity/apiclarity – An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.
- opencontainers/runc – CLI tool for spawning and running containers according to the OCI specification
- opencontainers/runtime-tools – OCI Runtime Tools
- opensubtitlescli/rest – Client for accessing the OpenSubtitles REST API.
- openziti/zrok – Geo-scale, next-generation peer-to-peer sharing platform built on top of OpenZiti.
- orangekame3/ghfetch –
ghfetch is a CLI tool to fetch GitHub user information and show like neofetch.
- orangekame3/stree – 📁Directory trees of AWS S3 Bucket
- ory/kratos – Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
- owasp-amass/amass – In-depth attack surface mapping and asset discovery
- owasp-amass/oam-tools – Analysis and management tools for an Open Asset Model database
- owenrumney/squealer – Telling tales on you for leaking secrets!
- owenthereal/upterm – Instant Terminal Sharing
- oz/tz – 🌐 A time zone helper
- padok-team/yatas – 🦉🔎 A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
- palantir/amalgomate – Go tool for combining multiple different main packages into a single program or library
- paololazzari/play – A TUI playground to experiment with your favorite programs, such as grep, sed, awk, jq and yq
- parsiya/Hacking-with-Go – Golang for Security Professionals
- pasknel/epyon – Epyon is a swiss army knife tool for pentesting DevOps ecosystems.
- patrickhener/gopwntomcat – A little tomcat brute forcer and pwning tool
- patrickhener/goshs – A SimpleHTTPServer written in Go, enhanced with features and with a nice design
- patrickhoefler/cloudbuildgraph – Visualize your Google Cloud Build pipelines
- patrickhoefler/dockerfilegraph – Visualize your multi-stage Dockerfiles
- pdfcpu/pdfcpu – A PDF processor written in Go.
- peak/s5cmd – Parallel S3 and local filesystem execution tool.
- peco/peco – Simplistic interactive filtering tool
- perkeep/perkeep – Perkeep (née Camlistore) is your personal storage system for life: a way of storing, syncing, sharing, modelling and backing up content.
- peterldowns/localias – custom local domain aliases for local dev servers
- peterldowns/nix-search-cli – CLI for searching packages on search.nixos.org
- pgrok/pgrok – Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding
- ph4ntonn/Stowaway – 👻Stowaway -- Multi-hop Proxy Tool for pentesters
- philippta/flyscrape – Flyscrape is a command-line web scraping tool designed for those without advanced programming skills.
- piaolin/DetectDee – DetectDee: Hunt down social media accounts by username, email or phone across social networks.
- picosh/pico – hacker labs - open source and managed web services leveraging SSH
- pingc0y/URLFinder – 一款快速、全面、易用的页面信息提取工具,可快速发现和提取页面中的JS、URL和敏感信息。
- pipe-cd/pipecd – The One CD for All {applications, platforms, operations}
- platput/sockv5er – Tool to create ssh tunnels on demand using the free tier ec2 instances from AWS from any given region
- pojntfx/htorrent – HTTP to BitTorrent gateway with seeking support.
- pojntfx/ram-dl – A tool to download more RAM (yes, seriously!)
- pojntfx/weron – Overlay networks based on WebRTC.
- portapps/portapps – 🛰 Collection of portable apps for Windows
- poundifdef/SmoothMQ – A drop-in replacement for SQS designed for great developer experience and efficiency.
- pouriyajamshidi/tcping – Ping TCP ports using tcping. Inspired by Linux's ping utility. Written in Go
- praetorian-inc/fingerprintx – Standalone utility for service discovery on open ports!
- primait/nuvola
- probonopd/go-appimage – Go implementation of AppImage tools
- projectdiscovery/aix – AIx is a cli tool to interact with Large Language Models (LLM) APIs.
- projectdiscovery/alterx – Fast and customizable subdomain wordlist generator using DSL
- projectdiscovery/asnmap – Go CLI and Library for quickly mapping organization network ranges using ASN information.
- projectdiscovery/cdncheck – A utility to detect various technology for a given IP address.
- projectdiscovery/chaos-client – Go client to communicate with Chaos DB API.
- projectdiscovery/cloudlist – Cloudlist is a tool for listing Assets from multiple Cloud Providers.
- projectdiscovery/cvemap – Navigate the CVE jungle with ease.
- projectdiscovery/dnsx – dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
- projectdiscovery/httpx – httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
- projectdiscovery/interactsh – An OOB interaction gathering server and client library
- projectdiscovery/katana – A next-generation crawling and spidering framework.
- projectdiscovery/mapcidr – Utility program to perform multiple operations for a given subnet/CIDR ranges.
- projectdiscovery/naabu – A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
- projectdiscovery/notify – Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
- projectdiscovery/nuclei – Fast and customizable vulnerability scanner based on simple YAML based DSL.
- projectdiscovery/openrisk – openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
- projectdiscovery/pdtm – ProjectDiscovery's Open Source Tool Manager
- projectdiscovery/proxify – A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.
- projectdiscovery/public-bugbounty-programs – Community curated list of public bug bounty and responsible disclosure programs.
- projectdiscovery/shuffledns – MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.
- projectdiscovery/simplehttpserver – Go alternative of python SimpleHTTPServer
- projectdiscovery/subfinder – Fast passive subdomain enumeration tool.
- projectdiscovery/tlsx – Fast and configurable TLS grabber focused on TLS based data collection.
- projectdiscovery/uncover – Quickly discover exposed hosts on the internet using multiple search engines.
- projectdiscovery/wappalyzergo – A high performance go implementation of Wappalyzer Technology Detection Library
- projectmonke/burp2caido – A tool to migrate Burpsuite HTTP history to Caido.
- pterm/pterm – ✨ #PTerm is a modern Go module to easily beautify console output. Featuring charts, progressbars, tables, trees, text input, select menus and much more 🚀 It's completely configurable and 100% cross-platform compatible.
- publicsuffix/list – The Public Suffix List
- pufferffish/wireproxy – Wireguard client that exposes itself as a socks5 proxy
- puzzlepeaches/ffufw
- qaware/protocurl – protoCURL is cURL for Protobuf: The command-line tool for interacting with Protobuf over HTTP REST endpoints using human-readable text formats
- qdm12/gluetun – VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
- quackduck/devzat – The devs are over here at devzat, chat over SSH!
- quay/clair – Vulnerability Static Analysis for Containers
- r4ulcl/bntoolkit – Toolkit to investigate the BitTorrent network.
- r4ulcl/nTask – nTask is a distributed task management program that allows you to distribute tasks across multiple computers using API communication and WebSockets. It handles task requests, distributes them to available workers, and stores the results in a database or sends them to a specified URL/API. Integration with other APIs or scripts is also supported.
- radiusmethod/awsd – AWS Profile Switcher in Go
- rakyll/statik – Embed files into a Go executable
- rancher/elemental-toolkit – ❄️ The toolkit to build, ship and maintain cloud-init driven Linux derivatives based on container images
- random-robbie/wayback-saver – Saves pages to Wayback machine
- rclone/rclone – "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files
- rebuy-de/aws-nuke – Nuke a whole AWS account and delete all its resources.
- reconquest/orgalorg – Parallel SSH commands runner and file synchronization tool
- redhuntlabs/BucketLoot – BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
- redhuntlabs/HTTPLoot – An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.
- referefref/honeydet – Signature based honeypot detector tool written in Golang
- regmicmahesh/duckchatstallmaninspired
- regmicmahesh/infrastructure-backend-pulumi – IaC Reference Implementation with Layer Architecture in Pulumi (aws-go)
- relastle/pmy – 🚀 General purpose context-aware zsh completion engine powered by fuzzy finder.
- reproducible-containers/buildkit-nix – Nix derivations as Dockerfiles (
docker build -f default.nix .
) - reproducible-containers/diffoci – diff for Docker and OCI container images
- restic/restic – Fast, secure, efficient backup program
- retr0h/gilt – A GIT layering tool.
- reviewdog/reviewdog – 🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
- rfjakob/gocryptfs – Encrypted overlay filesystem written in Go
- rhysd/actionlint –
Static checker for GitHub Actions workflow files
- richardlehane/siegfried – signature-based file format identification
- riza/indextree – Generates the tree of the directory listing page.
- riza/linx – Reveals invisible links within JavaScript files
- riza/wb – Quickly fetches files from Wayback Machine.
- robherley/snips.sh – ✂️ passwordless, anonymous SSH-powered pastebin with a human-friendly TUI and web UI
- root-gg/plik – Plik is a temporary file upload system (Wetransfer like) in Go.
- root4loot/ctlog – Obtain domains from certificate transparency logs
- root4loot/rescope – A scope generation tool for Burp Suite & ZAP
- rootless-containers/rootlesskit – Linux-native "fake root" for implementing rootless containers
- rs/curlie – The power of curl, the ease of use of httpie.
- rsc/tmp – /tmp
- rsc/unix – Old Unix programs running on modern computers.
- runabol/tork – A distributed workflow engine
- rverton/webanalyze – Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
- s0md3v/Smap – a drop-in replacement for Nmap powered by shodan.io
- s0md3v/wl – convert case style of words
- s0rg/crawley – The unix-way web crawler
- s0rg/decompose – Reverse-engineering tool for docker environments
- sHesl/amazon-where-services – Automated determination of which AWS services run where
- sa7mon/S3Scanner – Scan for misconfigured S3 buckets across S3-compatible APIs!
- sachaos/viddy – 👀 A modern watch command. Time machine and pager etc.
- safing/portmaster – 🏔 Love Freedom - ❌ Block Mass Surveillance
- sairash/chitosocket – ChitoSocket - The best Socket Server
- sampointer/digaws – Look up region and other information for any AWS IP address
- sandialabs/wiretap – Wiretap is a transparent, VPN-like proxy server that tunnels traffic via WireGuard and requires no special privileges to run.
- sari3l/Poc-Monitor – 🔍 Github CVE POC 信息监控推送 🚀
- sassoftware/relic – Relic is a service and a tool for adding digital signatures to operating system packages for Linux and Windows
- schachmat/wego – weather app for the terminal
- schollz/croc – Easily and securely send things from one computer to another 🐊 📦
- sclevine/yj – CLI - Convert between YAML, TOML, JSON, and HCL. Preserves map order.
- screego/server – screen sharing for developers https://screego.net/
- seaweedfs/seaweedfs – SeaweedFS is a fast distributed storage system for blobs, objects, files, and data lake, for billions of files! Blob store has O(1) disk seek, cloud tiering. Filer supports Cloud Drive, cross-DC active-active replication, Kubernetes, POSIX FUSE mount, S3 API, S3 Gateway, Hadoop, WebDAV, encryption, Erasure Coding.
- securebinary/firebaseExploiter – FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing.
- securego/gosec – Go security checker
- securisec/cliam – Cloud agnostic IAM permissions enumerator
- seekr-osint/seekr – A multi-purpose OSINT toolkit with a neat web-interface.
- segmentio/chamber – CLI for managing secrets
- sensepost/gowitness – 🔍 gowitness - a golang, web screenshot utility using Chrome Headless
- seveas/herd – Massively parallel ssh client
- shadow1ng/fscan – 一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
- shayne/go-wsl2-host – Automatically update your Windows hosts file with the WSL2 VM IP address
- shellhub-io/shellhub – 💻 Get seamless remote access to any Linux device. Centralized SSH for the edge and cloud computing
- shenwei356/brename – A practical cross-platform command-line tool for safely batch renaming files/directories via regular expression
- shenwei356/csvtk – A cross-platform, efficient and practical CSV/TSV toolkit in Golang
- shirou/toybox – golang implemenation of busybox
- shizunge/endlessh-go – A golang implementation of endlessh exporting Prometheus metrics, visualized by a Grafana dashboard.
- shoenig/ssh-key-sync – A tool for synchronizing your GitHub SSH keys onto servers authorized_keys files
- shogo82148/androidbinary – Android binary file parser written in golang
- showwin/speedtest-go – CLI and Go API to Test Internet Speed using speedtest.net
- sibprogrammer/xq – Command-line XML and HTML beautifier and content extractor
- siderolabs/kres – Tool to automate build instructions generation
- siderolabs/talos – Talos Linux is a modern Linux distribution built for Kubernetes.
- sigstore/cosign – Code signing and transparency for containers and binaries
- sigstore/rekor – Software Supply Chain Transparency Log
- six-ddc/plow – A high-performance HTTP benchmarking tool that includes a real-time web UI and terminal display
- six2dez/ipcdn – Check which CDN providers an IP list belongs to
- sj14/dbbench – 🏋️ dbbench is a simple database benchmarking tool which supports several databases and own scripts
- sj14/epoch – 🕗 Easily convert epoch timestamps to human-readable formats and vice versa.
- skupperproject/skupper – Skupper is an implementation of a Virtual Application Network, enabling rich hybrid cloud communication.
- skx/sysbox – sysadmin/scripting utilities, distributed as a single binary
- slackhq/go-audit – go-audit is an alternative to the auditd daemon that ships with many distros
- slackhq/nebula – A scalable overlay networking tool with a focus on performance, simplicity and security
- slimtoolkit/slim – Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
- smallstep/cli – 🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
- smmr-software/mabel – A fancy BitTorrent client for the terminal
- soapiestwaffles/s3-nuke – Nuke all the files and their versions from an S3 Bucket 💣🪣
- sorenisanerd/gotty – Share your terminal as a web application
- sosedoff/pgweb – Cross-platform client for PostgreSQL databases
- sower-proxy/sower – Sower is a cross-platform intelligent transparent proxy solution.
- soypat/gopherlings – 📘️ Learn Go by fixing tiny incorrect programs
- spf13/cobra – A Commander for modern Go CLI interactions
- splitsh/lite – Split a repository to read-only standalone repositories
- square/certstrap – Tools to bootstrap CAs, certificate requests, and signed certificates.
- square/rce-agent – gRPC-based Remote Command Execution Agent
- ssleert/zfxtop – [WIP] fetch top for gen Z with X written by bubbletea enjoyer
- stateful/runme – DevOps Workflows Built with Markdown
- stolenusername/cowitness – CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.
- stripe/smokescreen – A simple HTTP proxy that fogs over naughty URLs
- sudosammy/knary – A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
- sundowndev/covermyass – Post-exploitation tool to cover your tracks on a compromised machine (beta)
- superfly/litefs – FUSE-based file system for replicating SQLite databases across a cluster of machines
- suzuki-shunsuke/ghalint – GitHub Actions linter
- suzuki-shunsuke/github-comment – CLI to create and hide GitHub comments
- sw33tLie/bbscope – Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
- sw33tLie/sns – IIS shortname scanner written in Go
- sw33tLie/uff – unleashed ffuf
- sweetbbak/find-suid – Find setuid binaries on a file system with speed. A lot faster than using "find" and a lot more practical.
- sweetbbak/tget – wget but for torrents
- sweetbbak/toru – Bittorrent streaming CLI tool. Stream anime torrents, real-time with no waiting for downloads.
- swiftwave-org/swiftwave – Self-hosted lightweight PaaS solution to deploy and manage your applications on any VPS [Your own self-hosted Heroku, Vercel]
- synacktiv/octoscan – Octoscan is a static vulnerability scanner for GitHub action workflows.
- syncthing/syncthing – Open Source Continuous File Synchronization
- synthesio/selfextract – Self-extracting archives creation tool
- syumai/workers – Go package to run an HTTP server on Cloudflare Workers.
- tailscale/golink – A private shortlink service for tailnets
- tailscale/tailscale – The easiest, most secure way to use WireGuard and 2FA.
- tailwarden/komiser – Open-source cloud-environment inspector. Supporting AWS, GCP, Azure, and more! Your cloud resources will have nowhere to hide!
- tanaikech/goodls – This is a CLI tool to download shared files and folders from Google Drive.
- tanberrp/mobaxterm-keygen – A cli tool for generate MobaXterm key.
- tarunKoyalwar/talosplus – Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation
- tb0hdan/freya – DomainsProject.org DNS worker
- tb0hdan/idun – DomainsProject.org HTTP worker
- tebeka/expmod – Prints GitHub project description for every direct dependency on GitHub in go.mod
- teler-sh/teler – Real-time HTTP Intrusion Detection
- temporalio/temporal – Temporal service
- tg123/sshpiper – The missing reverse proxy for ssh scp
- thomiceli/opengist – Self-hosted pastebin powered by Git, open-source alternative to Github Gist.
- tianon/gosleep – "sleep(1)", but with Go duration parsing OR explicit time to sleep until and a progress bar
- tillson/git-hound – Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
- tilt-dev/tilt – Define your dev environment as code. For microservice apps on Kubernetes.
- timbray/topfew – Finds the field values (or combinations of values) which appear most often in a stream of records.
- tminaorg/ffmpegof – Go script that allows transparent load balancing of ffmpeg and ffprobe commands over SSH a.k.a. FFmpeg over Fabrics
- tomnomnom/anew – A tool for adding new lines to files, skipping duplicates
- tomnomnom/gf – A wrapper around grep, to help you grep for things
- tomnomnom/hacks – A collection of hacks and one-off scripts
- tomnomnom/meg – Fetch many paths for many hosts - without killing the hosts
- tomnomnom/unfurl – Pull out bits of URLs provided on stdin
- tonymet/gcloud-lite
- traefik/traefik – The Cloud Native Application Proxy
- trickest/dsieve – Filter and enrich a list of subdomains by level
- trickest/enumerepo – List all public repositories for (valid) GitHub usernames
- trickest/find-gh-poc – Find CVE PoCs on GitHub
- trickest/mgwls – Combine words from two wordlist files and concatenate them with an optional delimiter
- trickest/mkpath – Make URL path combinations using a wordlist
- trickest/mksub – Generate tens of thousands of subdomain combinations in a matter of seconds
- trickest/trickest-cli – Execute Trickest workflows right from your terminal
- trufflesecurity/trufflehog – Find and verify secrets
- trzsz/trzsz-go – trzsz-go is the go version of trzsz, makes all terminals that support local shell to support trzsz ( trz / tsz ).
- trzsz/trzsz-ssh – trzsz-ssh ( tssh ) is an alternative to ssh client, offers additional useful features, such as login prompt, trzsz ( trz / tsz ), batch login, remember password, zmodem ( rz / sz ), etc.
- trzsz/tsshd – The
tssh --udp
works likemosh
, and thetsshd
works likemosh-server
. - tsenart/vegeta – HTTP load testing tool and library. It's over 9000!
- turbot/steampipe – Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
- tus/tusd – Reference server implementation in Go of tus: the open protocol for resumable file uploads
- tvrzna/emptty – Dead simple CLI Display Manager on TTY
- twpayne/chezmoi – Manage your dotfiles across multiple diverse machines, securely.
- txn2/txeh – Go library and CLI utility for /etc/hosts management.
- txthinking/brook – A cross-platform programmable network tool
- txthinking/mad – Generate root CA and derivative certificate for any domains and any IPs.
- txthinking/nami – A clean and tidy decentralized package manager.
- u-root/cpu – cpu command in Go, inspired by the Plan 9 cpu command
- u-root/gobusybox – Tools for compiling many Go commands into one binary to save space. Builds are supported for vendor-based Go and module-based Go
- u-root/u-root – A fully Go userland with Linux bootloaders! u-root can create a one-binary root file system (initramfs) containing a busybox-like set of tools written in Go.
- ublue-os/fleek – [deprecated] Own your $HOME
- udhos/goben – goben is a golang tool to measure TCP/UDP transport layer throughput between hosts.
- ugol/jr – JR: streaming quality random data from the command line
- ugomeguerditchian/GoBoom – It's go boom, a simple webserver DDoS tool using differents proxy for each threads
- umair9747/Genzai – The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities.
- umputun/spot – A user-friendly and efficient tool for the effortless deployment and configuration of resources on remote machines.
- umputun/sys-agent – System agent. Reports server status via HTTP API
- uniget-org/cli – The universal installer and updater for (container) tools
- updatecli/updatecli – A Declarative Dependency Management tool
- usbarmory/GoTEE – Go Trusted Execution Environment (TEE)
- usbarmory/tamago – TamaGo - ARM/RISC-V bare metal Go
- v2rayA/v2rayA – A web GUI client of Project V which supports VMess, VLESS, SS, SSR, Trojan, Tuic and Juicity protocols. 🚀
- varbhat/exatorrent – 🧲 Easy to Use Torrent Client. Can be hosted in Cloud. Files can be streamed in Browser/Media Player.
- variadico/noti – Monitor a process and trigger a notification.
- vbauerster/getparty – HTTP Download Manager with multi-parts
- vdjagilev/nmap-formatter – A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot), sqlite, excel and d2-lang. Simply put it's nmap converter.
- veops/oneterm – Provide secure access and control over all infrastructure
- version-fox/vfox – A cross-platform and extendable version manager with support for Java, Node.js, Flutter, .Net & more
- vimiix/ssx – 🦅 ssx is a retentive ssh client.
- visma-prodsec/confused – Tool to check for dependency confusion vulnerabilities in multiple package management systems
- volution/kawipiko – kawipiko -- blazingly fast static HTTP server -- focused on low latency and high concurrency, by leveraging Go,
fasthttp
and the CDB embedded database - vulsio/go-exploitdb – Tool for searching Exploits from Exploit Databases, etc.
- vultr/vultr-cli – Official command line tool for Vultr services
- wader/fq – jq for binary formats - tool, language and decoders for working with binary and text formats
- wagoodman/dive – A tool for exploring each layer in a docker image
- wailsapp/wails – Create beautiful applications using Go
- wallarm/gotestwaf – An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
- watermint/toolbox – The watermint toolbox is the multi-purpose utility command-line tool for web services including Dropbox, Figma, GitHub, etc. The purpose of the tool is to provide users of cloud services and system administrators with a way to automate workflows and provide a work-around for some issues.
- wavetermdev/waveterm – An open-source, cross-platform terminal for seamless workflows
- wdahlenburg/VhostFinder – Identify virtual hosts by similarity comparison
- weppos/publicsuffix-go – Domain name parser for Go based on the Public Suffix List.
- whoissecure/yaset – Yet Another Subdomain Enumeration Tool, a template based tool to enumerate subdomains passively.
- whywaita/myshoes – Auto-scaling VirtualMachine runner 🏃 for GitHub Actions
- willnorris/imageproxy – A caching, resizing image proxy written in Go
- windvalley/gossh – 🚀🚀A high-performance and high-concurrency ssh tool written in Go. It is 10 times faster than Ansible. If you need much more performance and better ease of use, you will love it.
- woodpecker-ci/woodpecker – Woodpecker is a simple yet powerful CI/CD engine with great extensibility.
- worlpaker/gitty – Download GitHub File & Directory
- wtfutil/wtf – The personal information dashboard for your terminal
- wzv5/pping – tcp ping, tls ping, http ping, icmp ping, dns ping, quic ping.
- x-motemen/ghq – Remote repository management made easy
- x90skysn3k/brutespray – Bruteforcing from various scanner output - Automatically attempts default creds on found services.
- xNaCly/x-git-sync – Backup your repository at configured intervals using git
- xddxdd/bird-lg-go – BIRD looking glass in Go, for better maintainability, easier deployment & smaller memory footprint
- xenophonsec/keeptrak – Track recon/OSINT commands in an organized, grepable, fasion.
- xenophonsec/w3kollector – A greedy website scanner, scraper, and crawler.
- xhzeem/paramix – Paramix is a command-line tool for modifying the parameters of a list of URLs from stdin and returns them in stdout.
- xhzeem/toxicache – Go scanner to find web cache poisoning vulnerabilities in a list of URLs
- xm1k3/cent – Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
- xo/usql – Universal command-line interface for SQL databases
- xplshn/bigdl – 📦 Poor man's package manager. +1530 statically linked binaries in the repos!
- xtaci/kcptun – A Stable & Quantum Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386 and AMD64。N:M 多重化と FEC を備えた KCP に基づく安定した安全なトンネル。 N:M 다중화 및 FEC를 사용하는 KCP 기반의 안정적이고 안전한 터널입니다. Un tunnel stable et sécurisé basé sur KCP avec multiplexage N:M et FEC.
- xvzc/SpoofDPI – A simple and fast anti-censorship tool written in Go
- xyproto/algernon – Small self-contained pure-Go web server with Lua, Teal, Markdown, Ollama, HTTP/2, QUIC, Redis and PostgreSQL support
- xyproto/botsay – 🤖 Output text together with randomly generated ASCII robots in colors inspired by synthwave/rainbows
- xyproto/orbiton – Configuration-free text editor and IDE limited to VT100. Suitable for writing git commit messages, editing Markdown, config files, source code, viewing man pages and for quick edit-compile cycles when programming. Has syntax highlighting, jump-to-error, rainbow parentheses, macros, tab completion, cut/paste portals and a simple gdb front-end.
- xyproto/png2svg – 🔀 Convert small PNG images to SVG Tiny 1.2
- xyproto/wallutils – 🌆 Utilities for handling monitors, resolutions, wallpapers and timed wallpapers
- ycd/dstp – 🧪 Run common networking tests against any site.
- yggdrasil-network/yggdrasil-go – An experiment in scalable routing as an encrypted IPv6 overlay network
- yhy0/Jie – Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensable toolkit for both security professionals and penetration testers. 挖洞辅助工具(漏洞扫描、信息收集)
- yinheli/sshw – 🐝 ssh client wrapper for automatic login
- yorukot/superfile – Pretty fancy and modern terminal file manager
- yudai/gotty – Share your terminal as a web application
- yuk7/wsldl – Advanced WSL launcher / installer. (Win10 FCU x64/arm64 or later.)
- zer0yu/ghtracker – CLI tool for tracking dependents repositories and sorting result by Stars ⭐
- zerodaywolf/jsmap – Fetch Javascript sourcemaps, bounty hunter style
- zhanghanyun/backtrace – 三网回程路由测试
- zhsj/wghttp – Turn WireGuard to HTTP & SOCKS5 proxies
- zhuochun/notion-toolset – 🔩 A set of Notion automation tools using the Notion API
- zitadel/zitadel – ZITADEL - Identity infrastructure, simplified for you.
- zmap/zdns – Fast CLI DNS Lookup Tool
- zmap/zgrab2 – Fast Go Application Scanner
- zonedb/zonedb – Public Zone Database
- ztelliot/taierspeed-cli – TaierSpeed CLI
- zyedidia/eget – Easily install prebuilt binaries from GitHub.
- zyedidia/micro – A modern and intuitive terminal-based text editor
- zyylhn/zscan – Zscan a scan blasting tool set
- Azathothas/NixOS-Packages – Markdown List (Table) & JSON of all the officially Available Packages in the NixOS/nixpkgs Repository :: https://nixos-packages.ajam.dev/
- Azathothas/Termux-Packages – Markdown List (Table), JSON & YAML of all the officially Available Packages in the Termux Registry :: https://termux-packages.ajam.dev
- EdwardLab/flyos – Unleash your mobile phone's potential: it's not just a phone, but a pocket-sized computer.
- GTFOBins/GTFOBins.github.io – GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
- Igglybuff/awesome-piracy – A curated list of awesome warez and piracy links
- LSPosed/LSPosed.github.io
- Mr-xn/BurpSuite-collections – 有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
- NetSPI/SQLInjectionWiki – A wiki focusing on aggregating and documenting various SQL injection methods
- PalindromeLabs/WebSockets-Playground – Jumpstart multiple WebSocket servers quickly
- PatrikFehrenbach/practical-bug-bounty – A Django web application for curating Bug Bounty educational Videos
- SANYIMOE/VPN-free – 玉桂家园免费VPN-科学上网,免费节点,白嫖节点,免费vpn,免费v2ray,免费Trojan,免费SSR,每日更新,Free VPN,Free v2ray,Free Trojan,Free SSR,Update daily
- TheBobPony/bobpony.com – The repo for
- adityatelange/bhhb – Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition
- alufers/mitmproxy2swagger – Automagically reverse-engineer REST APIs via capturing traffic
- badmojr/1Hosts – World's most advanced DNS filter-/blocklists!
- boostsecurityio/lotp – boostsecurityio/lotp
- cf-pages/Telegraph-Image – Image Hosting solution, Flickr/imgur alternative, make it easy for users to share their images. Using Cloudflare Pages and Telegraph.
- cure53/HTTPLeaks – HTTPLeaks - All possible ways, a website can leak HTTP requests
- devsdenepal/linux-revision – A repo to record my memory and activity on linux learning path to handle inconsistency
- dolevf/Black-Hat-GraphQL – The Black Hat GraphQL Book Repository
- ebelinski/apilevels – A microsite overview of all Android 🤖 versions and their corresponding API/SDK levels, version codes, codenames, and market shares.
- evolvingweb/sitediff – SiteDiff makes it easy to see differences between two versions of a website.
- google/security-crawl-maze – Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
- google/styleguide – Style guides for Google-originated open-source projects
- gwen001/offsectools_www – A vast collection of security tools and resources curated by the community.
- initialrise/90DaysofInternship – A repository to track progress, notes, tasks etc. during the time of internship
- kananinirav/AWS-Certified-Cloud-Practitioner-Notes – AWS Certified Cloud Practitioner Short Notes And Practice Exams (CLF-C02)
- keiyoushi/extensions – Source extensions for the Mihon/Tachiyomi app.
- leaningtech/webvm – Virtual Machine for the Web
- madhuakula/kubernetes-goat – Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
- microsoft/fluentui-system-icons – Fluent System Icons are a collection of familiar, friendly and modern icons from Microsoft.
- mixmark-io/turndown – 🛏 An HTML to Markdown converter written in JavaScript
- nirajkharel/nirajkharel.github.io – View My Blogs regarding Offensive Security.
- nova-video-player/aos-AVP – NOVA opeN sOurce Video plAyer: main repository to build them all
- phil-opp/blog_os – Writing an OS in Rust
- punk-security/secret-magpie – Secret Magpie - Secret Detection Tool
- raesene/Cloud-Native-Security-Talks
- referefref/modpot – Modular web-application honeypot platform built using go and gin
- ripienaar/free-for-dev – A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
- swisskyrepo/HardwareAllTheThings – Hardware/IOT Pentesting Wiki
- tb0hdan/domains – World’s single largest Internet domains dataset
- tobychui/zoraxy – A general purpose HTTP reverse proxy and forwarding tool. Now written in Go!
- trickest/cve – Gather and update all available and newest CVEs with their PoC.
- vysecurity/IPFuscator – IPFuscator - A tool to automatically generate alternative IP representations
- x0rb3l/Cyber-Bookmarks – A list of bookmarks I have used since I started my journey in cyber security
- yogeshojha/rengine – reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
- b3nj5m1n/xdg-ninja – A shell script which checks your $HOME for unwanted files and directories.
- hadolint/hadolint – Dockerfile linter, validate inline bash, written in Haskell
- jgm/pandoc – Universal markup converter
- koalaman/shellcheck – ShellCheck, a static analysis tool for shell scripts
- Cyclenerd/google-cloud-server-on-demand –
▶️ Server on Demand Appliance (Google Compute Engine) - Cloud Build with Terraform and Ansible Showcase - cirruslabs/linux-image-templates
- fduran/sadservers – SadServers: Linux & DevOps Troubleshooting Scenarios SaaS
- kslifer/wordpress-on-gcp-free-tier – Wordpress on GCP. Aiming for $0.
- nccgroup/cowcloud
- pumasecurity/serverless-prey – Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions
- pvarentsov/terraform-aws-free-tier – Getting started with the Terraform for managing a base free-tier AWS resources.
- rogeriomm/aws-lab – Terraform AWS free tier, EC2/ECR/RDS/EFS/DynamoDB/Lambda/S3. Docker running on EC2, Traefik reverse proxy, Lets Encrypt, dynamic DNS, ZeroTier VPN(TODO)
- Zeal-Operating-System/ZealOS – The Zeal Operating System is a modernized fork of the 64-bit Temple Operating System, TempleOS.
- Aefyr/SAI – Android split APKs installer
- ChickenHook/RestrictionBypass – Android API restriction bypass for all Android Versions
- Clivebi/Daemon – Android service daemon ,keep background service alive
- CodeDead/DeadHash-android – DeadHash for Android
- Col-E/Recaf – The modern Java bytecode editor
- CoreyD97/Stepper – A natural evolution of Burp Suite's Repeater tool
- Endava/cats – CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance.
- Gedsh/InviZible – Android application for online privacy and security
- GovTech-CSG/ProxyAgent
- GrapheneOS/Auditor – Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
- In3tinct/Android-ReverseShell-HTTP – Android ReverseShell over HTTP
- Keidan/HexViewer – (GPL) Android Hex Viewer is a FREE software.
- LSPosed/CorePatch – Disable signature verification For Android
- LSPosed/LSPosed – LSPosed Framework
- MuntashirAkon/AppManager – A full-featured package manager and viewer for Android
- NationalSecurityAgency/ghidra – Ghidra is a software reverse engineering (SRE) framework
- NetSPI/AWSSigner – Burp Extension for AWS Signing
- OWASP/MASTG-Hacking-Playground
- OWASP/wrongsecrets – Vulnerable app with examples showing how to not use secrets
- Rosemoe/sora-editor – A multifunctional Android code editor library. (aka CodeEditor)
- SmartPack/PackageManager – Source code of Package Manager, an Application to Manage your Apps.
- St3v3nsS/InsecureBanking – Insecure Android Application for testing Biometric bypasses
- Static-Flow/BOR – BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor with only one click!
- Static-Flow/BurpSuiteAutoCompletion – This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
- Suwayomi/Suwayomi-Server – A rewrite of Tachiyomi for the Desktop
- TacoTheDank/Scoop – [ADB/Root] Catches a stack trace when an app crashes unexpectedly.
- Team-xManager/xManager – Ad-Free, New Features & Freedom
- Warxim/vucsa – Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
- ac3ss0r/DroidFrida – Portable frida injector for rooted android devices.
- akto-api-security/akto – Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
- apache/hertzbeat – Apache HertzBeat(incubating) is a real-time monitoring system with agentless, performance cluster, prometheus-compatible, custom monitoring and status page building capabilities.
- apk-editor/APK-Explorer-Editor – Source code of APK Explorer & Editor (AEE), an open-source tool to explore the contents of an installed APK!
- bazelbuild/bazel – a fast, scalable, multi-language and extensible build system
- beemdevelopment/Aegis – A free, secure and open source app for Android to manage your 2-step verification tokens.
- charles2gan/GDA-android-reversing-Tool – the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
- connectbot/connectbot – ConnectBot is the first SSH client for Android.
- cryptax/misc-code – Miscellaneous code
- d3mondev/burp-vps-proxy – This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
- devgianlu/Aria2App – Aria2App is an advanced download manager based on aria2 that can handle remote servers too.
- emanuele-f/PCAPdroid – No-root network monitor, firewall and PCAP dumper for Android
- federicodotta/Brida – The new bridge between Burp Suite and Frida!
- forcesunseen/graphquail – Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
- frostwire/frostwire – An easy to use Cloud Downloader, BitTorrent Client and Media Player. Search, Download, Play, Share
- gh0stkey/HaE – HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
- google/ExoPlayer – An extensible media player for Android
- google/bindiff – Quickly find differences and similarities in disassembled code
- green-green-avk/AnotherTerm – Local PTY, USB and Bluetooth serial ports, SSH and Telnet terminal client for Android. Xwayland support (in dev only).
- grpc-swagger/grpc-swagger – Debugging gRPC application with swagger-ui.
- hanxinhao000/ZeroTermux
- haticeerturk/scoper – This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.
- heiher/sockstun – A simple and lightweight VPN over socks5 proxy (tun2socks) for Android.
- honoki/burp-digitalocean-droplet-proxy – Deploy a SOCKS5 proxy in DigitalOcean and autoconfigure the Burp proxy settings to route all traffic through the droplet
- iBotPeaches/Apktool – A tool for reverse engineering Android apk files
- irsdl/IIS-ShortName-Scanner – latest version of scanners for IIS short filename (8.3) disclosure vulnerability
- jar-analyzer/jar-analyzer – Jar Analyzer - 一个JAR包分析工具,批量分析JAR包搜索,方法调用关系搜索,字符串搜索,Spring组件分析,CFG分析,JVM Stack Frame分析,远程分析Tomcat,进阶表达式搜索,自定义SQL查询,字节码查看,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码
- kaaass/ZerotierFix – An unofficial Zerotier Android client patched from official client
- krlvm/PowerTunnel-Android – Powerful and extensible proxy server with anti-censorship functionality for Android
- malexmave/blog-spring-actuator-example – An example project with a vulnerable Spring Actuator configuration, as a companion to a blog post
- meefik/busybox – BusyBox for Android
- messede-degod/sstable-migrator – Generate SStable from plain text/json
- metersphere/metersphere – MeterSphere 是新一代的测试管理和接口测试工具,让软件测试工作更简单、更高效,不再成为持续交付的瓶颈。
- mikeroyal/AWS-Guide – Amazon Web Services (AWS) Guide. Learn all about Amazon Web Services Tools, Services, and Certifications.
- moeinfatehi/Admin-Panel_Finder – A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
- moeinfatehi/Backup-Finder – A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
- moneytoo/Player – ▶ Simple and lightweight, yet polished and powerful Android video player based on ExoPlayer
- mstrobel/procyon – Procyon is a suite of Java metaprogramming tools, including a rich reflection API, a LINQ-inspired expression tree API for runtime code generation, and a Java decompiler.
- nccgroup/jwt-reauth
- patrickfav/uber-apk-signer – A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
- projectdiscovery/nuclei-burp-plugin – Nuclei plugin for BurpSuite
- pynt-io/pynt
- qtc-de/beanshooter – JMX enumeration and attacking tool.
- qtc-de/remote-method-guesser – Java RMI Vulnerability Scanner
- rom1v/sndcpy – Android audio forwarding (scrcpy, but for audio)
- sleeyax/burp-awesome-tls – Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
- subhra74/snowflake – Graphical SFTP client and terminal emulator with helpful utilities
- sunilpaulmathew/De-Bloater – An application using the power of Magisk to debloat unwanted system apps!
- termux/termux-app – Termux - a terminal emulator application for Android OS extendible by variety of packages.
- termux/termux-boot – Termux add-on app allowing programs to be run at boot.
- tiann/Leoric – PoC of fighting against force-stop kill process on Android
- tonikelope/megabasterd – Yet another unofficial (and ugly) cross-platform MEGA downloader/uploader/streaming suite.
- ukanth/afwall – AFWall+ (Android Firewall +) - iptables based firewall for Android
- uyuni-project/uyuni – Source code for Uyuni
- whwlsfb/JDumpSpider – HeapDump敏感信息提取工具
- xfarrow/locatemydevice – Application miming Google's Find My Device through SMS
- xpipe-io/xpipe – Your entire server infrastructure at your fingertips
- yohanes/zygisk-reflutter – Zygisk-based reFlutter
- yuliskov/SmartTube – SmartTube - an advanced player for set-top boxes and tvs running Android OS
- zhkl0228/unidbg – Allows you to emulate an Android native library, and an experimental iOS emulation
- 0xbigshaq/firepwn-tool – Firepwn is a tool made for testing the Security Rules of a firebase application.
- 0xdea/frida-scripts – A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
- 833M0L3/NEANotify – A simple webapp to keep track of the electricity outage
- ArchGPT/insomnium – Insomnium is a fast local API testing tool that is privacy-focused and 100% local. For testing GraphQL, REST, WebSockets and gRPC. This is a fork of Kong/insomnia
- CreditTone/hooker – 🔥🔥hooker是一个基于frida实现的逆向工具包。为逆向开发人员提供统一化的脚本包管理方式、通杀脚本、自动化生成hook脚本、内存漫游探测activity和service、firda版JustTrustMe、disable ssl pinning
- EIGHTFINITE/top-user-agents – 📦 top-user-agents drop in replacement with zero dependencies. Always mirrors the latest version. Always up to date with the most common user agents. —
npm install top-user-agents@github:EIGHTFINITE/top-user-agents#main
— https://github.com/EIGHTFINITE/top-user-agents/tags | https://github.com/microlinkhq/top-user-agents - FastForwardTeam/FastForward – Don't waste your time with compliance. FastForward automatically skips annoying link shorteners.
- FilipePS/Traduzir-paginas-web – Translate your page in real time using Google or Yandex
- Hulxv/vnstat-client – GUI Client for vnStat Network Monitor for Linux or GNU/Linux
- Kong/insomnia – The open-source, cross-platform API client for GraphQL, REST, WebSockets, SSE and gRPC. With Cloud, Local and Git storage.
- MiguelCarino/findmeadistro – a website that finds random OS
- NARKOZ/hacker-scripts – Based on a true story
- PipedreamHQ/pipedream – Connect APIs, remarkably fast. Free for developers.
- ProxymanApp/quick-diff – 🔐 A Privacy-first Diff tool for everyone. ✅ Your data never hits our servers.
- R-s0n/ars0n-framework – A Modern Framework for Bug Bounty Hunting
- SafetyCulture/grpc-web-devtools – Chrome & Firefox Browser extension to aid gRPC-Web development
- Sankalpa-Acharya/notBrowser
- SeifElsallamy/Blind-XSS-Manager – Never forget where you inject.
- SharzyL/pastebin-worker – Pastebin on Cloudflare worker, with friendly CLI usage and rich features
- SteamDatabase/SteamTracking – 🕵 Tracking things, so you don't have to
- Twingate-Labs/tg-cli – Command Line Interface for Administering Twingate
- WithSecureLabs/android-keystore-audit
- XIU2/UserScript – 🐵 自用的一些乱七八糟 油猴脚本~
- adsbypasser/adsbypasser – Bypass ad counter if possible.
- agalwood/Motrix – A full-featured download manager.
- aleixrodriala/wa-tunnel – Tunneling Internet traffic over Whatsapp
- aquasecurity/cloudsploit – Cloud Security Posture Management (CSPM)
- artilleryio/artillery – The complete load testing platform. Everything you need for production-grade load tests. Serverless & distributed. Load test with Playwright. Load test HTTP APIs, GraphQL, WebSocket, and more. Use any Node.js module.
- backblaze-b2-samples/cloudflare-b2 – Provide access to a private Backblaze B2 bucket via a Cloudflare Worker
- beautifier/js-beautify – Beautifier for javascript
- beefproject/beef – The Browser Exploitation Framework Project
- brentvollebregt/auto-py-to-exe – Converts .py to .exe using a simple graphical interface
- browsh-org/browsh – A fully-modern text-based browser, rendering to TTY and browsers
- caido/workflows – 🛠️ Workflows created by the community
- ccbikai/ip-api – 利用 Cloudflare Workers / Vercel Edge / Netlify Edge 快速搭一个获取 IP 地址和地理位置信息的接口。
- coderaiser/cloudcmd – ✨☁️📁✨ Cloud Commander file manager for the web with console and editor.
- craigary/nobelium – A static blog build on top of Notion and NextJS, deployed on Vercel.
- darobin/notion-backup – Simple command to backup a Notion workspace
- davtur19/DotGit – An extension for checking if .git is exposed in visited websites
- deadlyjack/Acode – Acode - powerful text/code editor for android
- dessant/buster – Captcha solver extension for humans, available for Chrome, Edge and Firefox
- devanshbatham/heaptruffle – Mine URLs from Browser's Heap Snapshot for fun and profit
- devploit/debugHunter – Discover hidden debugging parameters and uncover web application secrets
- diego95root/h1-templates
- dolevf/Damn-Vulnerable-GraphQL-Application – Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
- download-directory/download-directory.github.io – Web App: Download just a sub directory from a GitHub repo.
- duckduckgo/tracker-radar – Data set of top third party web domains with rich metadata about them
- duo-labs/cloudmapper – CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
- eidam/cf-workers-status-page – Monitor your websites, showcase status including daily history, and get Slack/Telegram/Discord notification whenever your website status changes. Using Cloudflare Workers, CRON Triggers, and KV storage.
- electron/asar – Simple extensive tar-like archive format with indexing
- eraseyourknees/msdl – Microsoft Software Download Listing
- ether/etherpad-lite – Etherpad: A modern really-real-time collaborative document editor.
- gchq/CyberChef – The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
- gravesoft/msdl – Microsoft Software Download Listing
- holesail/holesail – A P2P based node package to expose your local ports on the Holepunch protocol
- hoodoer/JS-Tap – JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
- httptoolkit/frida-interception-and-unpinning – Frida scripts to directly MitM all HTTPS traffic from a target mobile application
- iamadamdev/bypass-paywalls-chrome – Bypass Paywalls web browser extension for Chrome and Firefox.
- iddoeldor/frida-snippets – Hand-crafted Frida examples
- imputnet/cobalt – save what you love
- ine-labs/GCPGoat – GCPGoat : A Damn Vulnerable GCP Infrastructure
- iterative/setup-dvc – DVC GitHub action
- kangax/html-minifier – Javascript-based HTML compressor/minifier (with Node.js support)
- khantsithu1998/bypass-react-native-emulator-detection – bypass react-native-device-info emulator detection frida script
- koodo-reader/koodo-reader – A modern ebook manager and reader with sync and backup capacities for Windows, macOS, Linux and Web
- laxyapahuja/bunken – A chrome extension to download ebooks directly from Goodreads.
- leungwensen/svg-icon – An ultimate SVG icons collection DONE RIGHT, with over 10,000 SVG icons out of the box.
- liriliri/chii – Remote debugging tool
- liriliri/eruda – Console for mobile browsers
- liriliri/licia – Useful utility collection with zero dependencies
- louislam/uptime-kuma – A fancy self-hosted monitoring tool
- lukechilds/reverse-shell – Reverse Shell as a Service
- m0bilesecurity/RMS-Runtime-Mobile-Security – Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
- macbre/phantomas – Headless Chromium-based web performance metrics collector and monitoring tool
- mayswind/AriaNg – AriaNg, a modern web frontend making aria2 easier to use.
- mazen160/xless – The Serverless Blind XSS App
- mermaid-js/mermaid – Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
- messede-degod/SF-UI – A GUI Frontend for services provided by segfault
- mickael-kerjean/filestash – 🦄 A modern web client for SFTP, S3, FTP, WebDAV, Git, Minio, LDAP, CalDAV, CardDAV, Mysql, Backblaze, ...
- midoxnet/mapperplus – MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
- mrd0x/BITB – Browser In The Browser (BITB) Templates
- mrrfv/cloudflare-gateway-pihole-scripts – Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard
- msrkp/PPScan – Client Side Prototype Pollution Scanner
- nccgroup/singularity – A DNS rebinding attack framework.
- neatorobito/scoop-crystal – Scoop bucket for the Crystal programming language on Windows
- netnr/workers – Cloudflare Workers
- ooni/probe-desktop – The next generation OONI Probe desktop app
- openspeedtest/Speed-Test – SpeedTest by OpenSpeedTest™ is a Free and Open-Source HTML5 Network Performance Estimation Tool Written in Vanilla Javascript and only uses built-in Web APIs like XMLHttpRequest (XHR), HTML, CSS, JS, & SVG. No Third-Party frameworks or libraries are Required. Started in 2011 and moved to OpenSpeedTest.com dedicated Project/Domain Name in 2013.
- oscarmorrison/md-page – 📝 create a webpage with just markdown
- paazmaya/shuji – Reverse engineering JavaScript and CSS sources from sourcemaps
- practisec/pwnedhub
- prettier/prettier – Prettier is an opinionated code formatter.
- projectdiscovery/nuclei-templates – Community curated list of templates for the nuclei engine to find security vulnerabilities.
- psi-4ward/psitransfer – Simple open source self-hosted file sharing solution.
- rukh-debug/location-np – Nepal provinces, districts, municipality and wards dot json
- s0md3v/AwesomeXSS – Awesome XSS stuff
- schlagmichdoch/PairDrop – PairDrop: Local file sharing in your browser. Inspired by Apple's AirDrop. Fork of Snapdrop.
- sepehrdaddev/zap-scripts – Zed Attack Proxy Scripts for finding CVEs and Secrets.
- serverless-dns/serverless-dns – The RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io
- step-security/github-actions-goat – GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
- svenstaro/upx-action – Strips and runs upx on binaries
- techgaun/active-forks – Find active github forks of a repo https://git.io/vSnrC
- tina-hello/doh-cf-workers – DNS-over-HTTPS proxy on Cloudflare Workers
- trufflesecurity/Trufflehog-Chrome-Extension
- u0pattern/Anti-EmuDetector – Anti-EmuDetector is a frida script that bypass the emulator detection techniques in android
- usebruno/bruno – Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)
- useful-forks/useful-forks.github.io – Improving GitHub's Forks list discoverability through automatic filtering. The project offers an online tool and a Chrome extension.
- valpackett/soundfixer – A WebExtension that lets you fix sound problems in e.g. YouTube videos
- vercel/ncc – Compile a Node.js project into a single file. Supports TypeScript, binary addons, dynamic requires.
- wdahlenburg/Hounds – Chromium based web crawler that identifies in-scope urls
- wh0/snail-cli – a CLI for Glitch
- xanderfrangos/twinkle-tray – Easily manage the brightness of your monitors in Windows from the system tray
- yeswehack/yeswehack_vdp_finder – This extension tells if visited sites have vulnerability disclosure programs
- zaproxy/community-scripts – A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
- zizifn/edgetunnel – Running V2ray inside edge/serverless runtime
- zzzteph/sheye – Opensource assets and vulnerability scanning tool
- bootlin/toolchains-webpage – The webpage of http://toolchains.bootlin.com/
- PradyumnaKrishna/Colab-Hacks – Simple Hacks for Google Colaboratory to boost your productivity and help you to perform daily tasks.
- TheCaduceus/Multi-Cloud-Transfer-Tool – The most advanced yet simple Jupyter Notebook to transfer/manage your data from/to any cloud remotely based on Rclone and other engines.⚡
- TheCaduceus/WARP-UNLIMITED-ADVANCED – Get unlimited amount of data in Cloudflare's WARP VPN🔥
- abhineetraj1/google-colab-RDP – This is online code compiler notebook for using webRDP in google colab
- akuhnet/Colab-SSH – Colab SSH
- biplobsd/OneClickRun – Another colab notebook!
- bloc97/Anime4K – A High-Quality Real Time Upscaler for Anime Video
- catppuccin/mobaxterm – 🎲 Soothing pastel theme for MobaXterm
- 2dust/v2rayNG – A V2Ray client for Android, support Xray core and v2fly core
- BharathVishal/Root-Checker – Displays all root related info(Device Rooted, Root Available, Root Path, Root given, Busy Box installation) of an Android Device. Fully implemented in Jetpack compose using Material 3 dynamic theming and also has a separate implementation in xml with MDC 3.
- ButterCam/Mediator – Cross-platform GUI gRPC debugging proxy
- Cateners/tiny_computer – Click-to-run debian 12 xfce on android for Chinese users, with fcitx pinyin input method and some useful packages preinstalled. No termux required.
- ChuckerTeam/chucker – 🔎 An HTTP inspector for Android & OkHTTP (like Charles but on device)
- DUpdateSystem/UpgradeAll – Check updates for Android apps, Magisk modules and more!
- DavidBerdik/Let-Me-Downgrade – Let Me Downgrade - Add support for downgrading apps on Android 12 through 14.
- Dr-TSNG/ApplistDetector – A library to detect suspicious apps like Magisk
- Droid-ify/client – F-Droid client with Material UI.
- FunkyMuse/Aurora – Non-official Library Genesis (Libgen) Android mobile client.
- GoSecure/dtd-finder – List DTDs and generate XXE payloads using those local DTDs.
- Jays2Kings/tachiyomiJ2K – Free and open source manga reader for Android
- JunkFood02/Seal – 🦭 Video/Audio Downloader for Android, based on yt-dlp, designed with Material You
- KotatsuApp/Kotatsu – Manga reader for Android
- LagradOst/CloudStream-3 – Android app for streaming and downloading Movies, TV-Series and Anime.
- MateriiApps/Gloom – GitHub reimagined with Material You
- MatsuriDayo/NekoBoxForAndroid – NekoBox for Android / sing-box / universal proxy toolchain for Android
- MuntashirAkon/Metro
- Mygod/VPNHotspot – Share your VPN connection over hotspot or repeater! (root required)
- NeoApplications/Neo-Store – An F-Droid client with modern UI and an arsenal of extra features.
- OxygenCobalt/Auxio – A simple, rational music player for android
- RikkaApps/Shizuku – Using system APIs directly with adb/root privileges from normal apps through a Java process started with app_process.
- Ruddle/RemoteCam – Your android camera streamed on your desktop: use as a source for OBS, or as a webcam with v4l2. Free✅, No Ads✅, Open Source✅
- Saud-97/TachiyomiS97 – Free and open source manga reader for Android. A faster version of Tachiyomi
- Swordfish90/Lemuroid – All in one emulator on Android!
- WebFuzzing/EvoMaster – The first open-source AI-driven tool for automatically generating system-level test cases (also known as fuzzing) for web/enterprise applications. Currently targeting whitebox and blackbox testing of Web APIs, like REST, GraphQL and RPC (e.g., gRPC and Thrift).
- XayahSuSuSu/Android-DataBackup – DataBackup for Android 8.0+
- adriangl/pict2cam – Android fake camera application to feed camera intents with files in your device's storage
- aniyomiorg/aniyomi – An app for manga and anime
- aniyomiorg/aniyomi-extensions – Source extensions for the Aniyomi app.
- axiel7/MoeList – Another unofficial Android MAL client
- bmax121/APatch – The patching of Android kernel and Android system
- cbeuw/Cloak-android – Android client of Cloak
- celzero/rethink-app – DNS over HTTPS / DNS over Tor / DNSCrypt client, WireGuard proxifier, firewall, and connection tracker for Android.
- chenxiaolong/BCP – A tech demo to play audio to the other party in a phone call
- chenxiaolong/BCR – A Basic Call Recorder for rooted Android devices
- chenxiaolong/RSAF – An Android Storage Access Framework document provider for rclone
- d4rken-org/permission-pilot – Android permission explorer 🧑
✈️ - deniscerri/ytdlnis – Android Video/Audio Downloader app using yt-dlp
- element-hq/element-x-android – Android Matrix messenger application using the Matrix Rust Sdk and Jetpack Compose
- evilcorpltd/aTox – Reasonable Tox client for Android
- gotev/android-upload-service – Easily upload files (Multipart/Binary/FTP out of the box) in the background with progress notification. Support for persistent upload requests, customizations and custom plugins.
- gotson/komga – Media server for comics/mangas/BDs/magazines/eBooks with API and OPDS support
- hushenghao/AndroidEasterEggs – Android Easter Egg Collections
- ismartcoding/plain-app – PlainApp is an open-source application that allows you to manage your phone through a web browser. Access files, videos, music, contacts, sms, calls, and more from your desktop using a secure, easy to use web interface!
- jobobby04/TachiyomiSY – Free and open source manga reader for Android
- kamgurgul/cpu-info – CPU Info is a KMP application which provides information about device hardware and software
- keiyoushi/extensions-source – Source code of extensions for Tachiyomi/Mihon and variants.
- libre-tube/LibreTube – An alternative frontend for YouTube, for Android.
- luk1337/SauceNAO – Unofficial SauceNAO client for Android.
- markusfisch/BinaryEye – Yet another barcode scanner for Android
- mihonapp/mihon – Free and open source manga reader for Android
- msfjarvis/compose-lobsters – Claw for Android: Unofficial read-only client for https://lobste.rs, built using Jetpack Compose.
- mukeshsolanki/Android-Tamper-Detector – A simple library that can help you detect if you app is modded or tampered with
- mukul500/AnimeXStream – An Android app to watch anime on your phone without ads.
- nekomangaorg/Neko – Unofficial MangaDex Reader for Android 7+
- nemuTUI/nemu-droid – Android client for nEMU
- ohmae/dms-explorer – DLNA Player for Android
- plateaukao/einkbro – A small, fast web browser based on Android WebView. It's tailored for E-Ink devices but also works great on normal android devices.
- puutaro/CommandClick – Android browser made by extraordinary addons: Ubuntu, Terminal, file manager, ritch qr reader etc...
- recloudstream/cloudstream – Android app for streaming and downloading media.
- rumboalla/apkupdater – APKUpdater is an open source tool that simplifies the process of finding updates for your installed apps.
- samolego/Canta – Uninstall any Android app without root (Shizuku)!
- simple-login/Simple-Login-Android – Android client for SimpleLogin
- tailscale/tailscale-android – Tailscale Android Client
- tejado/android-usb-gadget – Convert your Android phone to any USB device you like! USB Gadget Tool allows you to create and activate USB device roles, like a mouse or a keyboard. 🛠🛡📱
- theapache64/stackzy – 💻 A cross-platform desktop application to identify libraries used inside an android application. Made possible by Compose Desktop ⚡
- tiann/KernelSU – A Kernel based root solution for Android
- zacharee/InstallWithOptions – Simple-ish app using Shizuku to install APKs on-device with advanced options
- zhanghai/MaterialFiles – Material Design file manager for Android
- apache/apisix – The Cloud-Native API Gateway
- face-hh/griddycode – A code editor made with Godot. Code has never been more lit!
- metis-os/Releases – 🐧 Releases: Latest iso of metis linux
- ntop/ntopng – Web-based Traffic and Security Network Traffic Monitoring
- pwnwriter/pwnvim – 👾 Neo(vim), the less is more.
- version-fox/version-fox-plugins – plugins repository for VersionFox
- xmake-io/xmake – 🔥 A cross-platform build utility based on Lua
- bpftrace/bpftrace – High-level tracing language for Linux eBPF
- 0xcrypto/whack – Automagically generated wordlists
- ahgamut/superconfigure – wrap autotools configure scripts to build with Cosmopolitan Libc
- am11/VoidWSL – Install Void Linux as a WSL Instance (for Windows 10 1803 64bit or later)
- binary-manu/static-cross-openssh – Statically cross-compile sshd and sftp-server
- bootlin/buildroot-toolchains – The fork of Buildroot used for building toolchains.
- davidBar-On/android-iperf3 – Pre-compiled iperf3 binaries for Android + Dockerfile with SDK and NDK for manual build
- kxxt/android – My android utilities, scripts and Lineage OS patches
- morrolinux/ChimeraDesk – Simple, fast and flexible DIY Remote Desktop software
- skarnet/lh-bootstrap – A tool to build runnable Linux images with s6 and s6-rc
- yuk7/AlpineWSL – Alpine Linux based WSL distribution. Supports multi-install. Lightest WSL distribution.
- tldr-pages/tldr – 📚 Collaborative cheatsheets for console commands
- dzhang314/YouTubeDrive – Store files as YouTube videos == infinite disk space
- DeterminateSystems/zero-to-nix – Zero to Nix is your guide to learning Nix and flakes. Created by Determinate Systems.
- Xe/site – The new frontend/backend code for https://xeiaso.net
- frida/frida – Clone this repo to build Frida
- elddy/NimScan – 🚀 Fast Port Scanner 🚀
- iinsertNameHere/catnap – A highly customizable systemfetch written in nim
- nim-lang/Nim – Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. Its design focuses on efficiency, expressiveness, and elegance (in that order of priority).
- Cloudef/zig2nix – Flake for packaging, building and running Zig projects.
- DavHau/nix-portable – Nix - Static, Permissionless, Installation-free, Pre-configured
- MatthewCroughan/NixThePlanet – Run macOS, Windows and more via a single Nix command, or simple nixosModules
- NixOS/nixpkgs – Nix Packages collection & NixOS
- astro/microvm.nix – NixOS MicroVMs
- boinkor-net/tsnsrv – A reverse proxy that exposes services on your tailnet (as their own tailscale participants)
- cachix/devenv – Fast, Declarative, Reproducible, and Composable Developer Environments
- chadcat7/crystal – nix dotfiles for chilly people
- codedsprit/nix – ❄️ NixOS configuration
- fufexan/nix-gaming – Gaming on Nix
- mikeroyal/NixOS-Guide – NixOS Guide. Learn all about the immutable Nix Operating System and the declarative Nix Expression Language.
- mrene/fzf-nix – Fuzzy search through nixpkgs.
- nix-community/NixOS-WSL – NixOS on WSL(2) [maintainer=@nzbr]
- nix-community/nix-index-database – Weekly updated nix-index database [maintainer=@Mic92]
- nix-community/nix-installers – Nix installers for legacy distributions (rpm & deb & pacman) [maintainer=@adisbladis]
- nix-community/nix-on-droid – Nix-enabled environment for your Android device. [maintainers=@t184256,@Gerschtli]
- nix-community/robotnix – Build Android (AOSP) using Nix [maintainer=@danielfullmer,@Atemu]
- nixos-bsd/nixbsd – An unofficial NixOS fork with a FreeBSD kernel
- pololu/nixcrpkgs – Tools for cross-compiling standalone applications using Nix.
- pwnwriter/nix – 🍎 Procrastinating never felt this productive.
- redcode-labs/RedNix – Hackable NixOS container
- schizofox/schizofox – Hardened Firefox flake for the delusional and the schizophrenics.
- tadfisher/android-nixpkgs – Nix-packaged Android SDK
- tazjin/nix-1p – A (more or less) one page introduction to Nix, the language.
- vpsfreecz/vpsfree-cz-configuration – vpsFree.cz cluster configuration
- itsmattkc/dotnet9x – Backport of .NET 2.0 - 3.5 to Windows 9x
- 833M0L3/Legion-4600H-Hackintosh – macOS on Lenovo Legion 5-15ARH05 - Ryzen 4600H & GTX 1650 Ti
- darlinghq/darling – Darwin/macOS emulation layer for Linux
- 0xPugal/One-Liners – A collection of one-liners for bug bounty hunting.
- 0xPugal/fuzz4bounty – 1337 Wordlists for Bug Bounty Hunting
- 0xdabbad00/security_incidents_from_caching – Collection of incidents resulting from caching issues
- 0xor0ne/awesome-list – Cybersecurity oriented awesome list
- 0xtavian/awesome-attack-surface-monitoring – Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
- 1ndianl33t/Bug-Bounty-Roadmaps – Bug Bounty Roadmaps
- 255kb/stack-on-a-budget – A collection of services with great free tiers for developers on a budget. Sponsored by Mockoon, the best mock API tool. https://mockoon.com
- 4skinSkywalker/Anti-Porn-HOSTS-File – Hosts file for "blocking" porn sites
- 833M0L3/NETTV – Bypass NETTV restriction to install 3rd party android apps into your setup box
- 833M0L3/uBlockOriginNepaliFilter
- A-poc/BlueTeam-Tools – Tools and Techniques for Blue Team / Incident Response
- A-poc/RedTeam-Tools – Tools and Techniques for Red Team / Penetration Testing
- AkashHamal0x01/learn250
- Alvin9999/new-pac – 翻墙-科学上网、自由上网、免费科学上网、免费翻墙、油管youtube、fanqiang、VPN、一键翻墙浏览器,vps一键搭建翻墙服务器脚本/教程,免费shadowsocks/ss/ssr/v2ray/goflyway账号/节点,翻墙梯子,电脑、手机、iOS、安卓、windows、Mac、Linux、路由器翻墙、科学上网
- Anugrahsr/Awesome-web3-Security – A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
- Aryanstha/Aryanstha
- Azathothas/CertStream-Domains – [Automated | UpToDate] Daily Dumps of CertStream Certificate Logs Subdomains Data (SAN || CN)
- Azathothas/CertStream-Nepal – [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For Nepal 🇳🇵
- Azathothas/CertStream-World – [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For the World 🌐
- Azathothas/Distropacks – Linux Distro (Alma | Alpine | Arch | Amazon | Clear | Debian | Fedora | Gentoo | Kali | OpenSuSe | Oracle | Rocky | Ubuntu) images (.tar) extracted & pulled from various sources. (Docker Registry, Official Mirrors etc)
- Azathothas/HomeLab-Actions – GH Actions to automate some parts of my HomeLab
- Azathothas/Stars – Automated Cataloguing of Starred Repos because Github Search Sucks
- Azathothas/Toolpacks – 📦 Statically Linked Pre-Compiled Binaries & Build Scripts for Android (arm64-v8a), Linux (aarch64 | x86-64), Windows (AMD64) :: https://bin.ajam.dev
- Azathothas/Trackers – Hourly Updated (Merged & Filtered) List of Anime, Books & Movies Trackers
- Azathothas/Wordlists – [Custom || Automated] Curation & Collection of BugBounty Wordlists
- Azathothas/ip.ajam.dev – Simple Cloudflare Worker Config to return IP + GeoInfo in plain TEXT, CSV, JSON, XML & YAML
- Azathothas/ndk-pkg-formula-repository-fork-core – Forked: https://github.com/leleliu008/ndk-pkg-formula-repository-official-core
- B3nac/Android-Reports-and-Resources – A big list of Android Hackerone disclosed reports and other resources.
- Bo0oM/fuzz.txt – Potentially dangerous files
- BrownBearSec/SDTO-realworld-subdomains – A repository to host the subdomain wordlists from my blog https://medium.com/@nynan/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366
- Ch0pin/uncrackable – Can you change the server ?
- D3Ext/aesthetic-wallpapers – An awesome collection of aesthetic wallpapers
- DavidBerdik/MACsposed – MACsposed - Add support for MAC Address spoofing to Android 12 through 14!
- DeSireFire/animeTrackerList – 动漫磁性链接加速方案(animeTrackerList)
- Devang-Solanki/android-hacking-101 – This repo is a helpful starting point for those interested in exploring the world of Android hacking and bug bounties. The resources mentioned have personally assisted me.
- EdOverflow/bugbounty-cheatsheet – A list of interesting payloads, tips and tricks for bug bounty hunters.
- ErikMcClure/bad-licenses – A compendium of absurd open-source licenses.
- Escape-Technologies/awesome-graphql-security – A curated list of awesome GraphQL Security frameworks, libraries, software and resources
- FBlackBox/BlackBox – BlackBox is a virtual engine, it can clone and run virtual application on Android, users don't have to install APK file to run the application on devices. BlackBox control all virtual applications, so you can do anything you want by using BlackBox.
- HarvsG/WireGuardMeshes – A text repo to feature-track WireGuard mesh software
- HolyBugx/HolyTips – A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
- HuaZoffice/Magisk_change-your-phone-model – Change your phone model Magisk改机型模块
- Idnan/bash-guide – A guide to learn bash
- Ignitetechnologies/BurpSuite-For-Pentester – This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".
- Iir00d/low_hanging_fruit_list
- ItIsMeCall911/Course-Piracy-Index – Course Piracy Index 🏴☠️
- Jiab77/scc – Use Segfault voluntary users resources to build a massive computing cluster.
- Karanxa/Bug-Bounty-Wordlists – A repository that includes all the important wordlists used while bug hunting.
- KathanP19/HowToHunt – Collection of methodology and test case for various web vulnerabilities.
- LSPosed/MagiskOnWSA – Integrate Magisk root and Google Apps (OpenGApps) into WSA (Windows Subsystem for Android)
- LinuxNerdBTW/XSS_CheatSheet
- LittleJake/ip-blacklist – Plaintext blacklist IP, update 4 times a day.
- Lumaeris/awesome-windows – 💻 🎉 A curated list of awesome applications, software, tools and shiny things for Windows.
- Mehdi0x90/Web_Hacking – Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
- NikeshX001/Runners
- NitinYadav00/gf-patterns – Some of the gf patterns which i use
- NyaMisty/warp-on-actions – Install Cloudflare WARP on Github actions.
- PalindromeLabs/awesome-websocket-security – Awesome information for WebSockets security research
- PeterDaveHello/threat-hostlist – Comprehensive domain blocklists for 🚨 threats (🕷malware, 🎣phishing, 🕵️spyware, 🤖botnets). Ideal for DNS-based filtering tools like Pi-Hole, AdGuard Home, Blocky.
- PinoyWH1Z/SSH-Private-Key-Looting-Wordlists – SSH Private Key Looting Wordlists. A collection of wordlists to aid in locating or brute-forcing SSH private key file names.
- PoshCode/PowerShellPracticeAndStyle – The Unofficial PowerShell Best Practices and Style Guide
- PowerShell/Win32-OpenSSH – Win32 port of OpenSSH
- Purp1eW0lf/Blue-Team-Notes – You didn't think I'd go and leave the blue team out, right?
- R-s0n/ars0n-framework-scans – A repository to store data from completed scans in The Ars0n Framework
- Ralireza/Android-Security-Teryaagh – Android security guides, roadmap, docs, courses, write-ups, and teryaagh.
- RavikumarRamesh/hpAndro1337 – Repository for download all version of @hpAndro1337 (Android AppSec) application.
- RebootEx/CT-Dev
- RebootEx/CertStream-Bangladesh – [Automated | UpToDate] Daily Dumps of CertStream Subdomains Data For Bangladesh 🇧🇩
- RipplePiam/MobaXterm-Chinese-Simplified – MobaXterm 简体中文汉化版🌏🖥🖥🖥 【💌慢工精心制作,"提示"也汉化💻】 【😍控件布局精细调整】
- RoseSecurity/Red-Teaming-TTPs – Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
- SecOps-Institute/Tor-IP-Addresses – Hourly checked and updated list of IP Addresses of Tor and Tor Exit Nodes
- SecurityRiskAdvisors/VECTR – VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
- Simizfo/WSATools – Easy-to-use APK installer and more for Windows Subsystem for Android
- T4P4N/Awesome-Termux – Awesome Termux :- Bash Scripts, Wiki, Articles,Shells & Many More...
- TalEliyahu/awesome-cybersecurity-conferences – Watch the latest awesome security talks around the globe
- The-Osint-Toolbox/Website-OSINT – You will find a wealth of resources to help with your Website investigations.
- TheGP/untidetect-tools – List of anti-detect and humanizing tools and browsers, including captcha solvers and sms-activation.
- V35HR4J/OSCP-Like-Machines – https://blog.veshraj.info.np/
- XIU2/TrackersListCollection – 🎈 Updated daily! A list of popular BitTorrent Trackers! / 每天更新!全网热门 BT Tracker 列表!
- XIU2/Yuedu – 📚「阅读」APP 精品书源(网络小说)
- acidvegas/bgp – Research & Experiments with Border Gateway Protocol (BGP)
- aclap-dev/video-downloadhelper – Download Helper
- alebcay/awesome-shell – A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.
- allanlw/svg-cheatsheet – A cheatsheet for exploiting server-side SVG processors.
- alrra/browser-logos – 🗂 High resolution web browser logos
- amwalding/wireshark_profiles – Here is my Wireshark Profiles repository. These ZIP files contain profiles that can be added to your Wireshark configuration to speed up troubleshooting and packet analysis in Wireshark. Please support my work - see the readme.
- anandrmedia/heroku-free-alternatives – Free tier of Heroku Dynos, Postgres and Data for Redis will no longer be available after November 28, 2022. Let's find a list of services with a free plan that developers can use as an alternative to Heroku. Feel free to submit PRs and improve the list.
- anderspitman/awesome-tunneling – List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
- aquasecurity/cloud-security-remediation-guides – Security Remediation Guides
- arainho/awesome-api-security – A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
- arkadiyt/bounty-targets-data – This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
- assetnote/blind-ssrf-chains – An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
- awesome-foss/awesome-sysadmin – A curated list of amazingly awesome open-source sysadmin resources.
- awesome-selfhosted/awesome-selfhosted – A list of Free Software network services and web applications which can be hosted on your own servers
- awesomedata/awesome-public-datasets – A topic-centric list of HQ open datasets.
- ayoubfathi/leaky-paths – A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
- birajkarki/birajkarki – My personal repository
- bishalcpgn/terminal-shortcuts
- blockthreat/blocksec-ctfs – A curated list of blockchain security Capture the Flag (CTF) competitions
- bluscreenofjeff/Red-Team-Infrastructure-Wiki – Wiki to collect Red Team infrastructure hardening resources
- bol-van/bins – precompiled static binaries for android
- bromite/bromite – Bromite is a Chromium fork with ad blocking and privacy enhancements; take back your browser!
- buggysolid/bugbounty-wordlist – Real world bug bounty wordlists
- caido/awesome – 🔗 A curated list of awesome Caido related projects
- cckuailong/awesome-gpt-security – A curated list of awesome security tools, experimental case or other interesting things with LLM or GPT.
- cenk/nrd – Newly Registered Domains - Generated from WhoisDS.com free NRD database.
- chainguard-dev/actions – A collection of reusable Github Actions workflows.
- chaitin/xpoc – 为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.
- chaulagaisachin/learnDocker – Resources for Learning Docker
- cheeaun/awesome-hacker-news – Awesome Hacker News: a collection of awesome Hacker News apps, libraries, resources and shiny things.
- chubin/awesome-console-services – A curated list of awesome console services (reachable via HTTP, HTTPS and other network protocols)
- cipher387/Dorks-collections-list – List of Github repositories and articles with list of dorks for different search engines
- cipher387/awesome-grep – List of GREP modifications and alternatives for a variety of purposes
- cipher387/code-understanding-tools – Tools for understanding other people's code
- clarketm/proxy-list – A list of free, public, forward proxy servers. UPDATED DAILY!
- cloudcommunity/Cloud-Free-Tier-Comparison – Comparing the free tier offers of the major cloud providers like AWS, Azure, GCP, Oracle etc.
- cloudcommunity/Free-Hosting – Overview of free hosting offers, incl. compute hosting, app hosting, databases, serverless etc.
- codecrafters-io/build-your-own-x – Master programming by recreating your favorite technologies from scratch.
- craiu/mobiletrackers – A repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries.
- croqaz/awesome-decentralized – 🕶 Awesome list of distributed, decentralized, p2p apps and tools 👍
- cyprosecurity/API-SecurityEmpire – API Security Project aims to present unique attack & defense methods in API Security field
- daffainfo/all-about-apikey – Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
- daffainfo/match-replace-burp – Useful "Match and Replace" burpsuite rules
- dafthack/CloudPentestCheatsheets – This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
- dalisoft/awesome-hosting – List of awesome hosting sorted by minimal plan price
- dbohdan/structured-text-tools – A list of command-line tools for manipulating structured text data
- dduzgun-security/github-self-hosted-runners – Guideline of best practices to follow to configure Github Enterprise Cloud self-hosted runners in a secure way.
- decalage2/awesome-security-hardening – A collection of awesome security hardening guides, tools and other resources
- devsdenepal/AnnualProgress – Repo representing my past involvements*.
- devsdenepal/When_Nepal_was_h4ck3d – Record of dates and events of popular hacking attacks noticed and reported through social media and news.
- devsdenepal/devsdenepal – Config files for my GitHub profile.
- disclose/bug-bounty-platforms – A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet.
- dn0m1n8tor/AndroidPentest101 – The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.
- dracula/dracula-theme – 🧛🏻♂️ One theme. All platforms.
- dsopas/MindAPI – Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
- dtolnay/foreach
- dweinstein/awesome-frida – Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
- easimon/maximize-build-space – Github action to maximize the available disk space on Github runners
- elder-plinius/L1B3RT45 – JAILBREAK PROMPTS FOR ALL MAJOR AI MODELS
- elliotwutingfeng/Inversion-DNSBL-Blocklists – Malicious URLs identified by scanning various public URL sources using the Google Safe Browsing API (over 6 billion URLs scanned daily)
- elliotwutingfeng/SpamdexingSites – URL feed for blocking spamdexing websites. Let's banish them to the rubbish bin where they belong!
- enthec/webappanalyzer – This project aims to maintain Wappalyzer technologies
- ethanolivertroy/hackspacecon-2023 – Workshop & Talk Slide Decks from HackSpaceCon
- ex16x41/bugbounty – always updating
- facundofarias/awesome-websockets – A curated list of Websocket libraries and resources.
- fastfire/deepdarkCTI – Collection of Cyber Threat Intelligence sources from the deep and dark web
- fawazahmed0/cloudflare-trace-api – Get IP Address, TimeStamp, User Agent, Country Code, IATA, HTTP Version, TLS/SSL Version & more by Cloudflare
- fightwing/Free-Own-VPN – Free and Easy! Set up your own personal VPN using AWS EC2 and Outline with our easy-to-follow tutorial. Get the benefits of a secure, private connection without paying for a subscription.
- fpliu1214/uppm – Universal Prebuild Package Manager for Unix-like systems.
- fpliu1214/uppm-package-repository-android-aarch64
- franzos/awesome-guix – Docs, Channels, example configs and more - Guix is Awesome
- freefq/free – 翻墙、免费翻墙、免费科学上网、免费节点、免费梯子、免费ss/v2ray/trojan节点、蓝灯、谷歌商店、翻墙梯子
- fscarmen/warp-on-actions – Install Cloudflare WARP on Github actions.
- fscarmen2/V2-for-Patr
- gayanvoice/top-github-users – Check your ranking in GitHub! Don't forget to star ⭐ this repository.
- geekan/HowToLiveLonger – 程序员延寿指南 | A programmer's guide to live longer
- getcursor/cursor – The AI-powered code editor
- glaucuslinux/glaucus – A simple and lightweight Linux® distribution based on musl libc and toybox
- gosirys/Posts – Temporary dump of posts I eventually plan to publish on a proper site
- graphql-kit/graphql-apis – 📜 A collective list of public GraphQL APIs
- grpc-ecosystem/awesome-grpc – A curated list of useful resources for gRPC
- h33tlit/secret-regex-list – List of regex for scraping secret API keys and juicy information.
- h4x0r-dz/Leaked-Credentials – how to look for Leaked Credentials !
- hAPI-hacker/Hacking-APIs
- hackerschoice/Toolpacks – Statically Linked Binaries as Packaged Tools for Android (arm64-v8a), Linux (aarch64_arm64 | amd_x86-64) all in one place
- hahwul/RegexPassive – 🔭 Collection of regexp pattern for security passive scanning
- hakluke/bug-bounty-standards – A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way that specific situations are handled in bug bounties.
- hakluke/how-to-exit-vim – Below are some simple methods for exiting vim.
- harsh-bothra/SecurityStories
- hegdepavankumar/VMware-ESXi-License-Keys – Welcome to the VMware ESXi License Keys! Here, you'll find a curated collection of free license keys for various versions, including vSphere 6 and 7
- hegdepavankumar/VMware-Workstation-Pro-17-Licence-Keys – Free VMware Workstation Pro 17 full license keys. We've meticulously organized thousands of keys, catering to all major versions of VMware Workstation Pro 17 Choose from our curated selection to enhance your virtualization experience.
- herrbischoff/awesome-macos-command-line – Use your macOS terminal shell to do awesome things.
- hillz2/openwrt_cloudflare_warp – How to use Cloudflare WARP on OpenWrt to bypass DPI (Deep Packet Inspection)
- httptoolkit/httptoolkit – HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac 🎉 Open an issue here to give feedback or ask for help.
- hzzheyang/strongR-frida-android – An anti detection version frida-server for android.
- ibraheemdev/modern-unix – A collection of modern/faster/saner alternatives to common unix commands.
- imthenachoman/How-To-Secure-A-Linux-Server – An evolving how-to guide for securing a Linux server.
- indianajson/can-i-take-over-dns – "Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
- internetwache/CT_subdomains – An hourly updated list of subdomains gathered from certificate transparency logs
- ipverse/rir-ip – Download IP address lists grouped by country
- isyuricunha/top-github-users – Check your ranking in GitHub! Don't forget to star ⭐ this repository.
- ivbeg/awesome-status-pages – Awesome list of status page open source software, services and public status pages of major internet companies
- jhswartz/static-builds – Get statically linked utilities
- jueve/build-glibc – A note of building The GNU C Library(https://www.gnu.org/software/libc/)
- jvoisin/compiler-flags-distro – Usage of enabled-by-default hardening-related compiler flags across Linux distributions
- k4yt3x/sshd_config – K4YT3X's Hardened OpenSSH Server Configuration
- k4yt3x/sysctl – K4YT3X's Hardened sysctl Configuration
- kakathic/YT-AT – Tool to build YouTube ReVanced online automatically.
- kdeldycke/awesome-falsehood – 😱 Falsehoods Programmers Believe in
- kh4sh3i/RabbitMQ-Pentesting – RabbitMQ exploit and Pentesting guide for penetration tester
- kkrypt0nn/wordlists – 📜 A collection of wordlists for many different usages
- knassar702/awesome-linux-minimalism – awesome linux minimalism suggestions
- krizzsk/HackersCave4StaticAndroidSec – A comprehensive resource for Android static analysis and vulnerability assessment. Tutorials, tools, and resources for identifying and mitigating security vulnerabilities in Android applications.
- lando/lando – A development tool for all your projects that is fast, easy, powerful and liberating
- leleliu008/ndk-pkg-package-manually-build – manually build Android NDK packages using ndk-pkg via GitHub Actions.
- leleliu008/uppm-formula-repository-linux-x86_64 – the offical formula repository for uppm
- ligurio/awesome-ci – List of Continuous Integration services
- linuxone-community-cloud/technical-resources – Repository for technical resources
- logpai/loghub – A large collection of system log datasets for AI-driven log analytics [ISSRE'23]
- luigigubello/PayloadsAllThePDFs – PDF Files for Pentesting
- lutfumertceylan/top25-parameter – For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
- m0nad/awesome-privilege-escalation – A curated list of awesome privilege escalation
- makotom/iperf3-binaries – Executable binaries of iperf3
- maoxiaoke/setup-a-mac-for-frontend-dev – How I setup a Mac, with lots of productivity tools, step-by-step guide
- maple24/VPS-Warp – Guide to build a proxy server with VPS and cloudfare warp.
- mattnotmax/cyberchef-recipes – A list of cyber-chef recipes and curated links
- mendel5/alternative-front-ends – Overview of alternative open source front-ends for popular internet platforms (e.g. YouTube, Twitter, etc.)
- mendel5/iperf3-results – Interpretation of iperf and iperf3 results, especially regarding data-transfer rates aka speed (Mbit/s, Gbit/s)
- metis-os/metis-hypr – 🍦 Hyprland window manager for metislinux
- minimaxir/hacker-news-undocumented – Some of the hidden norms about Hacker News not otherwise covered in the Guidelines and the FAQ.
- minnyres/aria2-windows-arm64 – Build aria2 for Windows on ARM64
- misterch0c/what_is_this_c2 – For all these times you're asking yourself "what is this panel again?"
- monosans/proxy-list – Lists of HTTP, SOCKS4, SOCKS5 proxies with geolocation info. Updated every hour.
- morrownr/USB-WiFi – USB WiFi Adapter Information for Linux
- mrp-yt/termux_ssh – Short guide on how to connect to Termux SSH from anywhere while using TailScale as connection link.
- muttleyxd/clang-tools-static-binaries – static-linked versions of clang tools for Linux, Mac OS X and Windows, available in AUR as clang-format-static-bin
- mzfr/notes – A miscellany of thoughts.
- n0kovo/n0kovo_subdomains – An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
- netcup-community/community-tutorials – Open source tutorials for and from the netcup community
- netlas-io/netlas-dorks – A list of dorks for the Netlas.io search engine, with which you can find millions of objects in the boundless IoE. Contains queries to search for IoT elements, protocols, communication tools, remote access, and more. Over time, the list will grow.
- nex-health/setup-twingate-windows – Setup Twingate headless client on Windows
- neysofu/awesome-github-actions-runners – Save $$$ and make GitHub Actions go brrr with 3rd-party runners ⚡🤖
- nicholasaleks/graphql-threat-matrix – GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations
- nirajkharel/NotJustAChecklist
- nirajkharel/Web-Recon
- nomi-sec/PoC-in-GitHub – 📡 PoC auto collect from GitHub.
⚠️ Be careful Malware. - onceupon/Bash-Oneliner – A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.
- osamahamad/payout-targets-data – Provides public bug bounty programs in-scope data that offer rewards and monitors public bug bounty programs assets.
- osmedeus/osmedeus-workflow – Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
- p0dalirius/webapp-wordlists – This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
- packing-box/awesome-executable-packing – A curated list of awesome resources related to executable packing
- pantsufan/Magisk-Ad-Blocking-Module – Magisk module to block ads on android
- pdelteil/BugBountyReportTemplates – List of reporting templates I have used since I started doing BBH.
- pop3ret/AWSome-Pentesting – My cheatsheet notes to pentest AWS infrastructure
- proabiral/Fresh-Resolvers – List of Hourly Updated Fresh DNS resolvers
- projectdiscovery/awesome-search-queries – Community curated list of search queries for various products across multiple search engines.
- pushsecurity/saas-attacks – Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
- rajannpatel/Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs – Run your own privacy-first ad blocking service at home, or in the cloud for free with Google Cloud Services.
- ramit-mitra/blocklist-ipsets – An IP list of bad actors targeting public infra like website, ssh endpoints, etc.
- randorisec/MobileHackingCheatSheet – Basics on commands/tools/info on how to assess the security of mobile applications
- redecentralize/alternative-internet – A collection of interesting new networks and tech aiming at decentralisation (in some form).
- reswob10/HomeLabResources – List of resources for buiding a home lab
- riramar/Web-Attack-Cheat-Sheet – Web Attack Cheat Sheet
- rix4uni/BurpSuite-Config – Useful "Match and Replace" & "TLS Pass Through" in Burpsuite Rules
- roadwy/RIP
- rootcathacking/cloudcat – aws cli pentesting/red team snippets
- rothgar/awesome-tuis – List of projects that provide terminal user interfaces
- rothgar/mastering-zsh – Advanced topics to take advantage of zsh 👩💻👨💻
- rui314/setup-mold – A GitHub Action to install the mold linker
- ruslanmv/How-to-connect-via-ssh-to-SageMaker – How to connect to Sagemaker Notebook via SSH and run Flask
- saeidshirazi/awesome-android-security – A curated list of Android Security materials and resources For Pentesters and Bug Hunters
- sanwebinfo/my-termux-setup – Here is My Termux Terminal Emulator Setup & Packages
- shantanu-sarkar/CustomROM – Basic guide to build custom android ROM for smartphones
- shreshta-labs/newly-registered-domains – This repository contains lists of newly registered domain names updated daily.
- shutingrz/busybox-static-binaries-fat
- sirredbeard/awesome-wsl – Awesome list dedicated to Windows Subsystem for Linux
- six2dez/pentest-book
- six2dez/resolvers_reconftw – Resolvers updated daily for reconftw
- slowpeek/debian-iso-guide – Your guide to Debian iso downloads
- snoopysecurity/awesome-burp-extensions – A curated list of amazingly awesome Burp Extensions
- soulteary/docker-flare – Flare ✨ Lightweight, high performance and fast self-hosted navigation pages, resource utilization rate is <1% CPU, MEM <30 M, Docker Image < 10M
- stal-ix/stal-ix.github.io – landing page
- stal-ix/stalix – STAtically LInked LInuX, based on IX package manager
- stamparm/ipsum – Daily feed of bad IPs (with blacklist hit scores)
- streaak/keyhacks – Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
- styfle/awesome-online-ide – 🌩️ A list of awesome online development environments
- sw33tLie/impressive-chatgpt – A collection of impressive and useful results from OpenAI's chatgpt
- tanprathan/MobileApp-Pentest-Cheatsheet – The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
- teamssix/awesome-cloud-security – awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
- the-xentropy/samlists – Free, libre, effective, and data-driven wordlists for all!
- thehlopster/hfuzz – Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templates, web-scanners, seclist, bo0m, and more.
- tldrsec/awesome-secure-defaults – Awesome secure by default libraries to help you eliminate bug classes!
- trickest/cloud – Monitoring the Cloud Landscape
- trickest/github-logs – Extracting OSINT Insights from 15TB of GitHub Event Logs
- trickest/insiders – Archive of Potential Insider Threats
- trickest/recon-and-vulnerability-scanner-template – Create your own recon & vulnerability scanner with Trickest and GitHub
- trickest/resolvers – The most exhaustive list of reliable DNS resolvers.
- trickest/safe-harbour – security.txt collection of most popular world-wide domains
- trickest/scripts – Handy scripts and one-liners to make life easier
- trickest/wordlists – Real-world infosec wordlists, updated regularly
- trickest/zip – Monitoring the internet for new .zip domains
- ultrafunkamsterdam/undetected-frida – Making frida less detectable by applying some patches. This follows the official Frida releases and publishes releases the same day. Do not fork this!
- upx/upx-test-build-with-zig – Test building UPX with Zig https://ziglang.org
- user-why-red/san_gcc_toolchain_arm – A upto-date GCC toolchain for aarch64/aarch32 host machine which targets aarch64,aarch32,x86_64 architectures.(A bare-metal toolchain optimized with LTO for optimum perfomance in linux kernel development)
- vaib25vicky/awesome-mobile-security – An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
- vavkamil/awesome-bugbounty-tools – A curated list of various bug bounty tools
- vavkamil/awesome-vulnerable-apps – Awesome Vulnerable Applications
- wallarm/jwt-secrets
- wanderer-moe/cdn – 📁 All assets and other files used in wanderer.moe — hosted with Cloudflare R2.
- x-Ai/BurpSuite – Burp Suite loader version --> ∞
- yazhuo-wyze/github-action-free-proxy – 利用GitHub Actions 实现的临时proxy。
- yemixzy/proxy-list – Free Proxy List from the best sources. Hosted on own servers!
- yeyintminthuhtut/Awesome-Red-Teaming – List of Awesome Red Teaming Resources
- yggdrasil-network/public-peers – Public peers in the Yggdrasil network
- you-dont-need/You-Dont-Need-GUI – Stop relying on GUI; CLI ROCKS
- zerotier/awesome-zerotier – A collection of things you can do with ZeroTier, how-to guides, and more
- zloi-user/hideip.me – proxy list that updates every 10 minutes
- zzzteph/probable_subdomains – Subdomains analysis and generation tool. Reveal the hidden!
- DirectoryLister/DirectoryLister – 📂 Directory Lister is the easiest way to expose the contents of any web-accessible folder for browsing and sharing.
- Serhatcck/vulnsocket – Vulnerable Web Socket-Web Site
- ambionics/phpggc – PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
- coollabsio/coolify – An open-source & self-hostable Heroku / Netlify / Vercel alternative.
- crazywhalecc/static-php-cli – Build standalone PHP binary on Linux, macOS, FreeBSD, Windows, with PHP project together, with popular extensions included.
- danielmiessler/SecLists – SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
- firefly-iii/firefly-iii – Firefly III: a personal finances manager
- gwen001/vhost-brute – A PHP tool to brute force vhost configured on a server.
- hitrov/oci-arm-host-capacity – This script allows to bypass Oracle Cloud Infrastructure 'Out of host capacity' error immediately when additional OCI capacity will appear in your Home Region / Availability domain.
- interference-security/DVWS – OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
- librespeed/speedtest – Self-hosted Speed Test for HTML5 and more. Easy setup, examples, configurable, mobile friendly. Supports PHP, Node, Multiple servers, and more
- monicahq/monica – Personal CRM. Remember everything about your friends, family and business relationships.
- oldkingcone/slopShell – the only php webshell you need.
- rix4uni/WordList – Custom wordlist, updated regularly
- wadelau/Base62x – Base62x is an alternative approach to Base 64 without symbols in output. 无符号的Base64编码解码方案.
- yanncam/ShuckNT – ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).
- PhrozenIO/win-brute-logon – Crack any Microsoft Windows users password without any privilege (Guest account included)
- peazip/PeaZip – Free Zip / Unzip software and Rar file extractor. Cross-platform file and archive manager. Features volume spanning, compression, authenticated encryption. Supports 7Z, 7-Zip sfx, ACE, ARJ, Brotli, BZ2, CAB, CHM, CPIO, DEB, GZ, ISO, JAR, LHA/LZH, NSIS, OOo, PAQ/LPAQ, PEA, QUAD, RAR, RPM, split, TAR, Z, ZIP, ZIPX, Zstandard.
- AlDanial/cloc – cloc counts blank lines, comment lines, and physical lines of source code in many programming languages.
- htrgouvea/nozaki – HTTP fuzzer engine security oriented
- ido50/Svsh – Process supervision shell for daemontools, perp, s6 and runit
- kost/dvcs-ripper – Rip web accessible (distributed) version control systems: SVN/GIT/HG...
- pmqs/zipdetails – zipdetails - Display details about the internal structure of Zip files.
- pstray/rename – Rename renames the filenames supplied according to the rule specified as the first argument. The argument is a Perl expression which is expected to modify the $_ string for at least some of the filenames specified.
- sitaramc/gitolite – Hosting git repositories -- Gitolite allows you to setup git hosting on a central server, with very fine-grained access control and many (many!) more powerful features.
- 0x6d69636b/windows_hardening – HardeningKitty and Windows Hardening Settings
- 3v4Si0N/HTTP-revshell – Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware
- BlackSnufkin/Invoke-DumpMDEConfig – PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
- ChrisTitusTech/winutil – Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates
- HotCakeX/Harden-Windows-Security – Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
- HotNoob/Oracle-Free-Arm-VPS-PS – Simple Powershell Script that automatically tries to create a arm vps in oracle cloud using OCI. Resulting in a work-around for "out of capacity"
- IAL32/WSL2-Create-Distro – Creates a distro from a tarball and optionally adds a user to it
- MScholtes/PS2EXE – Module to compile powershell scripts to executables
- NeedsCoffee/Tailscale-Updater-Windows – Windows PowerShell scripts that will keep installations of Tailscale updated daily. Tailscale is an excellent peer-to-peer style mesh VPN based on the Wireguard protocol. See https://tailscale.com
- NetSPI/MicroBurst – A collection of scripts for assessing Microsoft Azure security
- PhrozenIO/PowerRemoteDesktop – Remote Desktop entirely coded in PowerShell.
- Pwd9000-ML/docker-github-runner-windows – Repository for building a self hosted GitHub runner as a windows container
- Raphire/Win11Debloat – A simple, easy to use powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.
- ScoopInstaller/Install – 📥 Next-generation Scoop (un)installer
- ScoopInstaller/Versions – 📦 A Scoop bucket for alternative versions of apps.
- The-Viper-One/PsMapExec – A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec
- W4RH4WK/Debloat-Windows-10 – A Collection of Scripts Which Disable / Remove Windows 10 Features and Apps
- actions/runner-images – GitHub Actions runner images
- arcadesdude/BRU – Bloatware Removal Utility, for automating removal of pre-installed, factory bloatware from devices running Windows 7-10 and newer. Silently removes items selected if possible. Preselects common bloatware. Can remove Win10 UWP/Metro/Modern/Windows Store apps and provisioned apps.
- d4t4s3c/OffensiveReverseShellCheatSheet – Collection of reverse shells for red team operations.
- dahvidschloss/PILOT – Ping-based Information Lookup and Outbound Transfer
- farag2/Sophia-Script-for-Windows – ⚡ The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11
- fcharlie/wincurl – cURL build script, based on Github Actions (msvc flavor)
- freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy – Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)
- kelleyma49/PSFzf – A PowerShell wrapper around the fuzzy finder fzf
- lptstr/winfetch – 🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.
- luxzg/WSL2-fixes – Fix-up scripts for WSL2, mainly networking related
- mantvydasb/RedTeaming-Tactics-and-Techniques – Red Teaming Tactics and Techniques
- max-las/prioritize-zerotier – Simple PowerShell script to set ZeroTier network interface as top priority
- mgeeky/ProtectMyTooling – Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
- microsoft/Windows-Sandbox – Disposable, secure and lightweight Windows Desktop Environment
- mikeroyal/Azure-Guide – Microsoft Azure Guide. Learn all about Microsoft Azure Tools, Services, and Certifications.
- mikeroyal/Windows-Terminal-Guide – Windows Terminal Guide
- pxlrbt/move-wsl – Easily move your WSL distros VHDX file to a new location.
- simeononsecurity/Windows-Optimize-Debloat – Optimize and debloat Windows 10 and Windows 11 deployments according to best practices for maximum performance and privacy. The ultimate script for enhancing your Windows experience.
- tiobe/docker-github-runner-windows – This repository will run the self-hosted github actions runners for Windows with Visual Studio 2022 buildtools installed by default.
- zoicware/DefenderProTools – Take Control Over Windows Defender
- sharkdp/insect – High precision scientific calculator with support for physical units
- 0xacb/recollapse – REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
- 0xacb/viewgen – Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
- 3b1b/manim – Animation engine for explanatory math videos
- 3xp10it/xwaf – Automatic bypass (brute force) waf
- 5f0ne/pdf-examiner – Provides an overview of the inner file structure of a PDF
- A-poc/certSniff – A certificate transparency log keyword sniffer written in python
- ActivityWatch/activitywatch – The best free and open-source automated time tracker. Cross-platform, extensible, privacy-focused.
- Ademking/repolist – Generate wordlists from Github repositories
- AethliosIK/reset-tolkien – Unsecure time-based secret exploitation and Sandwich attack implementation Resources
- AggressiveUser/AllForOne – AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,
- Aldeshov/ADBFileExplorer – File Explorer for Android devices
- Alikhalkhali/programs-watcher – A Python script designed to monitor bug bounty programs for any changes and promptly notify users.
- Anof-cyber/ParaForge – A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing
- ArchiveBox/ArchiveBox – 🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
- AtomsDevs/Atoms – Easily manage Linux Chroot(s) and Containers with Atoms.
- B34MR/scanman – ScanMan is the amalgamation of Masscan, Metasploit Framework (MSF) and Nmap Scripting Engine (NSE).
- Backblaze/B2_Command_Line_Tool – The command-line tool that gives easy access to all of the capabilities of B2 Cloud Storage
- CaliDog/certstream-python – Python library for connecting to CertStream
- Ch0pin/medusa – Binary instrumentation framework based on FRIDA
- Ciphey/Ciphey – ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
- CorralPeltzer/newTrackon – newTrackon, a public open BitTorrent trackers monitoring tool
- D3Ext/DFShell – D3Ext's Forward Shell
- DotNetRussell/Ensemble – A Bug Bounty Platform that allows hunters to issue commands over a geo-distributed cluster. The ideal user is someone who is attempting to scan multiple bug bounty programs simultaneously, on a recurring basis.
- Drew-Alleman/autodeauth – Automated Linux service that collects information on local Wi-Fi networks and performs deauthentication attacks.
- Eilonh/s3crets_scanner
- ElSicarius/Supp-truder – Supertruder but better
- EntySec/Ghost – Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
- EntySec/Shreder – Shreder is a powerful multi-threaded SSH protocol password brute-force tool.
- Escape-Technologies/ClairvoyanceNext – Obtain GraphQL API Schema even if the introspection is not enabled
- Escape-Technologies/graphinder – 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
- FlareSolverr/FlareSolverr – Proxy server to bypass Cloudflare protection
- Freedium-cfd/web – Web application for Freedium.cfd
- Frissi0n/GTFONow – Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
- Ge0rg3/requests-ip-rotator – A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
- GlasgowEmbedded/glasgow – Scots Army Knife for electronics
- Gozargah/Marzban – Unified GUI Censorship Resistant Solution Powered by Xray
- GrrrDog/weird_proxies – Reverse proxies cheatsheet
- HackTricks-wiki/hacktricks – Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
- Hamz-a/frida-android-helper – Frida Android utilities
- Hamz-a/jeb4frida – Generate Frida hooks directly from JEB!
- HashPals/Name-That-Hash – 🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
- HashPals/Search-That-Hash – 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
- Hipo/university-domains-list – University Domains and Names Data List & API
- HorlogeSkynet/archey4 – 💻 Maintained fork of the original Archey (Linux) system tool
- Impact-I/reFlutter – Flutter Reverse Engineering Framework
- Impact-I/x8-Burp – Hidden parameters discovery suite
- InitRoot/BurpSQLTruncSanner – Messy BurpSuite plugin for SQL Truncation vulnerabilities.
- JakeWharton/pidcat – Colored logcat script which only shows log entries for a specific application package.
- KissPeter/APIFuzzer – Fuzz test your application using your OpenAPI or Swagger API definition without coding
- KurtBestor/Hitomi-Downloader – 🍰 Desktop utility to download images/videos/music/text from various websites, and more.
- LandGrey/pydictor – A powerful and useful hacker dictionary builder for a brute-force attack
- LukeLambert/fly-dev-tunnel – Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.
- MandConsultingGroup/porch-pirate – Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
- MatrixTM/MHDDoS – Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
- MattKeeley/Spoofy – Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
- MikeWang000000/Natter – Expose your TCP/UDP port behind full-cone NAT to the Internet.
- MikeWang000000/n4 – 双 NAT4 网络打洞 PoC
- Mr-Robert0/Logsensor – A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning
- MuhammadKhizerJaved/Insecure-Firebase-Exploit – A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
- Ne00n/Looking-Glass
- Ne00n/Multi-Ping
- NetSPI/NetblockTool – Find netblocks owned by a company
- NickstaDB/patch-apk – Wrapper to inject an Objection/Frida gadget into an APK, with support for app bundles/split APKs.
- Nuitka/Nuitka – Nuitka is a Python compiler written in Python. It's fully compatible with Python 2.6, 2.7, 3.4-3.12. You feed it your Python app, it does a lot of clever things, and spits out an executable or extension module.
- OWASP/owasp-mastg – The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
- OfriOuzan/HardeningMeter – HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.
- Osb0rn3/bugbounty-targets – An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms.
- PabloLec/RecoverPy – Interactively find and recover deleted or 👉 overwritten 👈 files from your terminal
- PalindromeLabs/STEWS – A Security Tool for Enumerating WebSockets
- Peco602/findwall – Check if your provider is blocking you!
- Pennyw0rth/NetExec – The Network Execution Tool
- PortSwigger/request-minimizer
- ProjectNull0/Firebase-exploit – Fast and customizable Firebase api and Project ID extractor .
- PushkraJ99/ParamSpider – Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
- R0X4R/bhedak – A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
- RedSiege/EyeWitness – EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
- RevoltSecurities/Dnsbruter – Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently bruteforce and identify potential subdomains for a given target domain. With its multithreading capability, users can control the concurrency level to speed up the process.
- RhinoSecurityLabs/cloudgoat – CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
- RhinoSecurityLabs/pacu – The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
- Significant-Gravitas/AutoGPT – AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.
- Sprocket-Security/fireproxng – Next generation fireprox AWS API endpoint creation utility.
- StateFarmIns/LambdaLooter – This application was built to help reduce the amount of time it takes to review AWS Lambda code.
- StevenBlack/hosts – 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
- Supervisor/supervisor – Supervisor process control system for Unix (supervisord)
- Sybil-Scan/TLDbrute – A simple utility to generate domain names with all possible TLDs
- Syzik/DockerRegistryGrabber – Enumerate / Dump Docker Registry
- Tedixx/dmarc-subdomains – Tool to parse subdomains from dmarc.live
- Textualize/textual-web – Run TUIs and terminals in your browser
- Th0h0/autossrf – Smart context-based SSRF vulnerability scanner.
- TheCaduceus/tg-upload – An open-source Python program or a CLI Tool to upload/download files/folders to/from Telegram effortlessly.
- ThePorgs/Exegol – Fully featured and community-driven hacking environment
- ThioJoe/Auto-Synced-Translated-Dubs – Automatically translates the text of a video based on a subtitle file, and also uses AI voice to dub the video, and synced using the subtitle's timings
- Tw1sm/RITM – Roast in the Middle
- Twingate-Labs/Twingate-CLI
- UndeadSec/SwaggerSpy – Automated OSINT on SwaggerHub
- Vinyzu/Botright – Botright, the most advance undetected, fingerprint-changing, captcha-solving, open-source automation framework. Build on Playwright, its as easy to use as it is to extend your code. Solving your Captchas for free with AI.
- Vozec/CVE-2023-7028 – This repository presents a proof-of-concept of CVE-2023-7028
- WangYihang/GitHacker – 🕷️ A
.git
folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags. - Warxim/deluder – Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
- Xewdy444/CF-Clearance-Scraper – A simple program for scraping Cloudflare clearance (cf_clearance) cookies from websites issuing Cloudflare challenges to visitors
- Xewdy444/Playwright-reCAPTCHA – A Python library for solving reCAPTCHA v2 and v3 with Playwright
- YT-Advanced/WSA-Script – Integrate Magisk root and Google Apps into WSA (Windows Subsystem for Android) with GitHub Actions
- Z4nzu/hackingtool – ALL IN ONE Hacking Tool For Hackers
- ab77/netflix-proxy – Smart DNS proxy to watch Netflix
- abathur/resholve – a shell resolver? :) (find and resolve shell script dependencies)
- abhinavsingh/proxy.py – 💫 Ngrok FRP Alternative • ⚡ Fast • 🪶 Lightweight • 0️⃣ Dependency • 🔌 Pluggable • 😈 TLS interception • 🔒 DNS-over-HTTPS • 🔥 Poor Man's VPN • ⏪ Reverse & ⏩ Forward • 👮🏿 "Proxy Server" framework • 🌐 "Web Server" framework • ➵ ➶ ➷ ➠ "PubSub" framework • 👷 "Work" acceptor & executor framework
- abi/screenshot-to-code – Drop in a screenshot and convert it to clean code (HTML/Tailwind/React/Vue)
- abrignoni/ALEAPP – Android Logs Events And Protobuf Parser
- adarshshetty18/fcm_server_key – Tool to extract & validate google fcm server keys from apks
- affggh/Magisk_patcher – Patch boot image with magisk on windows/linux/macos
- agateau/clyde-store – Package definitions for Clyde, the prebuilt application package manager.
- airbus-seclab/cpu_rec – Recognize cpu instructions in an arbitrary binary file
- albertodonato/sshoot – Manage sshuttle VPN sessions
- almandin/fuxploider – File upload vulnerability scanner and exploitation tool.
- amalmurali47/onaws – Fetch the details of assets hosted on AWS.
- amalmurali47/swagroutes – swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
- amalshaji/portr – Open source ngrok alternative designed for teams. Tunnel http, tcp or websocket connections.
- amanusk/s-tui – Terminal-based CPU stress and monitoring utility
- ambionics/wrapwrap – Generates a
php://filter
chain that adds a prefix and a suffix to the contents of a file. - amodm/ip-lookup – Free IP details lookup service, based on Cloudflare Workers
- angr/angr – A powerful and user-friendly binary analysis platform!
- anishathalye/seashells – The official client for seashells.io 🐚
- anmolksachan/JIRAya – JIRA"YA is a vulnerability analyzer for JIRA instances. It runs active scans to identify vulnerabilities by interacting with the host and conducting tests.
- anrbn/GATOR – GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments
- ansible/ansible – Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.
- aquasecurity/kube-hunter – Hunt for security weaknesses in Kubernetes clusters
- arthaud/git-dumper – A tool to dump a git repository from a website
- ashishb/adb-enhanced – 🔪Swiss-army knife for Android testing and development 🔪 ⛺
- assetnote/nowafpls – Burp Plugin to Bypass WAFs through the insertion of Junk Data
- avito-tech/deepsecrets – Secrets scanner that understands code
- az0mb13/hooker
- bee-san/pyWhat – 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
- belane/CloudHunter – AWS, Azure, Alibaba and Google bucket scanner
- bigb0sss/RedTeam-OffensiveSecurity – Tools & Interesting Things for RedTeam Ops
- bkerler/edl – Inofficial Qualcomm Firehose / Sahara / Streaming / Diag Tools :)
- blacklanternsecurity/TREVORproxy – A SOCKS proxy written in Python that randomizes your source IP address. Round-robin your evil packets through SSH tunnels or give them billions of unique source addresses!
- blacklanternsecurity/baddns – Check subdomains for subdomain takeovers and other DNS tomfoolery
- blacklanternsecurity/bbot – A recursive internet scanner for hackers.
- bluet/proxybroker2 – The New (auto rotate) Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS 🎭
- bojanisc/quicmap – quicmap is a simple yet quic (!) QUIC protocol scanner
- boringthegod/postmaniac – Postman OSINT tool to extract creds, token, username, email & more from Postman Public Workspaces
- brevityinmotion/brevityrecon
- brevityinmotion/goodfaith – Stay within program scope
- bugcrowd/vulnerability-rating-taxonomy – Bugcrowd’s baseline priority ratings for common security vulnerabilities
- bugen/pypipe – Python pipe command line tool
- c0dejump/CredzCheckr – Testing default web credentials
- c0dejump/HawkScan – Security Tool for Reconnaissance and Information Gathering on a website. (python 3.x)
- cado-security/cloudgrep – cloudgrep is grep for cloud storage
- calebstewart/pwncat – Fancy reverse and bind shell handler
- canonical/cloud-init – Official upstream for the cloud-init: cloud instance initialization
- carlospolop/Gorks
- carlospolop/Leakos
- carlospolop/Pastos
- caronc/apprise – Apprise - Push Notifications that work with just about every platform!
- castilho101/FuzzyGuard
- casualsnek/cassowary – Run Windows Applications on Linux as if they are native, Use linux applications to launch files files located in windows vm without needing to install applications on vm. With easy to use configuration GUI
- casualsnek/waydroid_script – Python Script to add OpenGapps, Magisk, libhoudini translation library and libndk translation library to waydroid !
- cckuailong/pocsploit – a lightweight, flexible and novel open source poc verification framework
- cedowens/Helpful_aws-scripts – python3 scripts to help with aws triage needs
- chenjj/CORScanner – 🎯 Fast CORS misconfiguration vulnerabilities scanner
- chimera-linux/cports – Chimera ports collection
- cider-security-research/cicd-goat – A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
- claffin/cloudproxy – Hide your scrapers IP behind the cloud. Provision proxy servers across different cloud providers to improve your scraping success.
- codingo/Interlace – Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
- corpnewt/MountEFI – An even more robust edition of my previous MountEFI scripts
- cowrie/cowrie – Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
- cramppet/regulator – Automated learning of regexes for DNS discovery
- cryptax/droidlysis – Property extractor for Android apps
- cujanovic/SSRF-Testing – SSRF (Server Side Request Forgery) testing resources
- cve-search/git-vuln-finder – Finding potential software vulnerabilities from git commit messages
- cyal1/fireproxycn – Aliyun API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
- cyberark/KubiScan – A tool to scan Kubernetes cluster for risky permissions
- cybervelia/graphicator – A GraphQL enumeration and extraction tool
- daijro/browserforge – 🎭 Intelligent browser header & fingerprint generator
- daijro/hrequests – 🚀 Web scraping for humans
- dalibo/pg_activity – pg_activity is a top like application for PostgreSQL server activity monitoring.
- darkoperator/dnsrecon – DNS Enumeration Script
- daxAKAhackerman/XSS-Catcher – A blind XSS detection and XSS data capture framework
- dbhi/qus – qemu-user-static (qus) and containers, non-invasive minimal working setups
- ddgth/cf2dns – 筛选出优质的Cloudflare IP,并使用域名服务商提供的API解析到不同线路以达到网站加速的效果,新增假墙防御方式
- decompiler-explorer/decompiler-explorer – Decompiler Explorer! Compare tools on the forefront of static analysis, now in your web browser!
- defparam/smuggler – Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
- devanshbatham/Awesome-Bugbounty-Writeups – A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
- dgtlmoon/changedetection.io – The best and simplest free open source web page change detection, website watcher, restock monitor and notification service. Restock Monitor, change detection. Designed for simplicity - Simply monitor which websites had a text change for free. Free Open source web page change detection, Website defacement monitoring, Price change notification
- disclose/diodb – Open-source vulnerability disclosure and bug bounty program database
- dmdhrumilmistry/Termux-SSH – Termux SSH helps you to setup SSH server on termux application on android, which helps you to execute tasks remotely through terminal/cmd/powershell/termux.
- dolevf/graphql-cop – Security Auditor Utility for GraphQL APIs
- dolevf/graphw00f – graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
- doyensec/GQLSpection – GQLSpection - parses GraphQL introspection schema and generates possible queries
- doyensec/inql – InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
- doyensec/wsrepl – WebSocket REPL for pentesters
- dwisiswant0/secpat2gf – convert secret patterns to gf compatible.
- dynobo/normcap – OCR powered screen-capture tool to capture information instead of images
- e1abrador/Burp-Encode-IP – Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
- ejedev/web2shell – Automate converting webshells into reverse shells.
- elceef/dnstwist – Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
- elceef/subzuf – a smart DNS response-guided subdomain fuzzer
- elliotwutingfeng/ThreatFox-IOC-IPs – Machine-readable .txt IP blocklist from ThreatFox by Abuse.ch, updated every hour.
- elliotwutingfeng/USOM-Blocklists – Malicious URLs and IP Addresses compiled by USOM (Computer Emergency Response Team of Turkey), updated once a day.
- emadshanab/Nuclei-Templates-Collection – Nuclei Templates Collection
- endoflife-date/release-data – Common Release Data for various projects in a consumable format, automatically updated.
- epinna/tplmap – Server-Side Template Injection and Code Injection Detection and Exploitation Tool
- euske/pyrexecd – Standalone SSH server for Windows
- evilsocket/opensnitch – OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
- evyatarmeged/Raccoon – A high performance offensive security tool for reconnaissance and vulnerability scanning
- facebookresearch/nougat – Implementation of Nougat Neural Optical Understanding for Academic Documents
- fail2ban/fail2ban – Daemon to ban hosts that cause multiple authentication errors
- federicodotta/protobuf-decoder – A simple Google Protobuf Decoder for Burp
- firewalld/firewalld – Stateful zone based firewall daemon with D-Bus interface
- fortra/impacket – Impacket is a collection of Python classes for working with network protocols.
- freedomofpress/dangerzone – Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs
- fyoorer/ShadowClone – Unleash the power of cloud
- g0ldencybersec/sus_params
- gdraheim/docker-systemctl-images
- gdraheim/docker-systemctl-replacement – docker systemctl replacement - allows to deploy to systemd-controlled containers without starting an actual systemd daemon (e.g. centos7, ubuntu16)
- gehaxelt/Python-dsstore – A library for parsing .DS_Store files and extracting file names
- gelstudios/gitfiti – abusing github commit history for the lulz
- google/clusterfuzz – Scalable fuzzing infrastructure.
- google/gcp_scanner – A comprehensive scanner for Google Cloud
- google/magika – Detect file content types with deep learning
- google/paranoid_crypto – Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
- greshake/Alice – Giving ChatGPT access to a real terminal
- gruns/furl – 🌐 URL parsing and manipulation made easy.
- gsmith257-cyber/GraphCrawler – GraphQL automated security testing toolkit
- gwen001/cloudflare-origin-ip – Try to find the origin IP of a webapp protected by Cloudflare.
- gwen001/graphql-introspection-analyzer – Graphql introspection query analyzer.
- gwen001/pentest-tools – A collection of custom security tools for quick needs.
- gwen001/related-domains – Find related domains of a given domain.
- hacefresko/CVE-2021-4045-PoC – Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera
- handrew/browserpilot – Natural language browser automation
- hansmach1ne/LFImap – Local File Inclusion discovery and exploitation tool
- hisxo/ReconAIzer – A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!
- hoppersroppers/nightmare
- hpcaitech/ColossalAI – Making large AI models cheaper, faster and more accessible
- httpie/cli – 🥧 HTTPie CLI — modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more.
- httpie/http-prompt – An interactive command-line HTTP and API testing client built on top of HTTPie featuring autocomplete, syntax highlighting, and more. https://twitter.com/httpie
- ihebski/DefaultCreds-cheat-sheet – One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
- imhunterand/ApachSAL – It's a vulnerability scanner tool for test Apache Path Traversal 👾
- indigo-dc/udocker – A basic user tool to execute simple docker containers in batch or interactive systems without root privileges.
- indygreg/python-build-standalone – Produce redistributable builds of Python
- infobyte/faraday – Open Source Vulnerability Management Platform
- initstring/cloud_enum – Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
- intruder-io/guidtool – A tool to inspect and attack version 1 GUIDs
- iperov/DeepFaceLive – Real-time face swap for PC streaming or video calls
- iterative/dvc – 🦉 ML Experiments and Data Management with Git
- ivan-sincek/forbidden – Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
- ivre/ivre – Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
- jakev/pyxamstore – Python utility for parsing Xamarin AssemblyStore blob files
- jamesmishra/unwebpack-sourcemap – Extract uncompiled, uncompressed SPA code from Webpack source maps. A fork of @rarecoil's work.
- jayanta525/github-pages-directory-listing – Directory listing for Github Pages
- jelmer/dulwich – Pure-Python Git implementation
- joaompinto/py2static – Build Linux static binaries from Python scripts
- joouha/euporie – Jupyter notebooks in the terminal
- jopohl/urh – Universal Radio Hacker: Investigate Wireless Protocols Like A Boss
- jtesta/ssh-audit – SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
- jumpserver/jumpserver – An open-source PAM tool alternative to CyberArk. 广受欢迎的开源堡垒机。
- kalanakt/All-Url-Uploader – A simple telegram Bot, Upload Media File| video To telegram using the direct download link. (youtube, Mediafire, google drive, mega drive, etc)
- kejilion/python-for-vps – 专注制作VPS机群自动化管理脚本!
- kellyjonbrazil/jc – CLI tool and python library that converts the output of popular command-line tools, file-types, and common strings to JSON, YAML, or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts.
- khuedoan/homelab – Fully automated homelab from empty disk to running services with a single command.
- kiber-io/apkd – APK downloader from few sources
- kleiton0x00/Todesstern – A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities
- kljunowsky/XXElixir – This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
- kmille/deezer-downloader – Download music from Deezer with a nice front end
- knavesec/CredMaster – Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
- knownsec/pocsuite3 – pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
- ksg97031/frida-gadget – Automated tool for patching APKs to enable the use of Frida gadget by downloading the library and injecting code into the main activity.
- kynan/nbstripout – strip output from Jupyter and IPython notebooks
- laluka/bypass-url-parser – bypass-url-parser
- laluka/jolokia-exploitation-toolkit – jolokia-exploitation-toolkit
- lanjelot/patator – Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
- leetCipher/bug-bounty-labs – All the labs in this repository simulate real world bugs I found in the wild
- lemonlove7/dirsearch_bypass403 – 目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别
- lexfo/sshimpanzee – SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)
- lijiejie/GitHack – A
.git
folder disclosure exploit - lijiejie/ds_store_exp – A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
- linkedin/qark – Tool to look for several security related Android application vulnerabilities
- linsomniac/ztproxy – A user-space stdin-to-ZeroTier proxy
- lithops-cloud/lithops – A multi-cloud framework for big data analytics and embarrassingly parallel jobs, that provides an universal API for building parallel applications in the cloud ☁️🚀
- localstack/localstack – 💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline
- luong-komorebi/Awesome-Linux-Software – 🐧 A list of awesome Linux softwares
- lwthiker/curl-impersonate – curl-impersonate: A special build of curl that can impersonate Chrome & Firefox
- m417z/winbindex – An index of Windows binaries, including download links for executables such as exe, dll and sys files
- m4ll0k/BBTz – BBT - Bug Bounty Tools (examples💡)
- maaaaz/dnsdumps – Various DNS dumps (daily new domains, FQDNs, etc.)
- magic-wormhole/magic-wormhole – get things from one computer to another, safely
- mamba-org/micromamba-releases – Micromamba executables mirrored from conda-forge as Github releases
- marc1307/tailscale-cloudflare-dnssync – Syncs Tailscale/Headscale host IPs to a cloudflare hosted dns zone
- maximko/mullvad-socks-list – List all active mullvad socks servers and resolve its internal addresses
- mayakyler/link-shorteners – Python and JavaScript packages listing all known link shorteners
- mazen160/secrets-patterns-db – Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
- megadose/holehe – holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
- mesonbuild/meson – The Meson Build System
- mgeeky/PackMyPayload – A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
- mhaskar/DNSStager – Hide your payload in DNS
- micahflee/hacks-leaks-and-revelations – Code that goes along with the Hacks, Leaks, and Revelations book
- microsoft/restler-fuzzer – RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
- minimaxir/big-list-of-naughty-strings – The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
- monosans/proxy-scraper-checker – HTTP, SOCKS4, SOCKS5 proxies scraper and checker with rich functionality.
- montysecurity/C2-Tracker – Live Feed of C2 servers, tools, and botnets
- moogar0880/PyTrakt – A Pythonic interface to the Trakt.tv REST API
- mrh0wl/Cloudmare – Cloudflare, Sucuri, Incapsula real IP tracker.
- mschwager/fierce – A DNS reconnaissance tool for locating non-contiguous IP space.
- mschwager/route-detect – Find authentication (authn) and authorization (authz) security bugs in web application routes.
- mvt-project/mvt – MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
- mxbi/tailscale-hostmap – Automatically map Tailscale hosts to DNS names locally
- mxmlnkn/ratarmount – Access large archives as a filesystem efficiently, e.g., TAR, RAR, ZIP, GZ, BZ2, XZ, ZSTD archives
- mxrch/GHunt – 🕵️♂️ Offensive Google framework.
- mxrch/GitFive – 🐙 Track down GitHub users.
- mzfr/slicer – A tool to automate the boring process of APK recon
- nadermx/backgroundremover – Background Remover lets you Remove Background from images and video using AI with a simple command line interface that is free and open source.
- napisani/procmux – a TUI utility for running multiple commands in parallel in easily switchable terminals
- narfindustries/http-garden – Differential testing and fuzzing of HTTP servers and proxies
- nathom/streamrip – A scriptable music downloader for Qobuz, Tidal, SoundCloud, and Deezer
- nccgroup/PMapper – A tool for quickly evaluating IAM permissions in AWS.
- nccgroup/ScoutSuite – Multi-Cloud Security Auditing Tool
- nccgroup/blackboxprotobuf – Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
- nccgroup/cq
- nemesida-waf/waf-bypass – Check your WAF before an attacker does
- neoncloud/Zerotier-port-forward – The Zerotier userspace port forwarder without TUN.
- net4people/bbs – Forum for discussing Internet censorship circumvention
- nicholasaleks/CrackQL – CrackQL is a GraphQL password brute-force and fuzzing utility.
- nicolargo/glances – Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.
- nicotine-plus/nicotine-plus – Graphical client for the Soulseek peer-to-peer network
- nikitastupin/clairvoyance – Obtain GraphQL API schema even if the introspection is disabled
- notdls/known-breaches – Daily updates from leak data search engines and aggregators
- novnc/websockify – Websockify is a WebSocket to TCP proxy/bridge. This allows a browser to connect to any application/server/service.
- nullt3r/jfscan – JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
- nvbn/thefuck – Magnificent app which corrects your previous console command.
- nyaadevs/nyaa – Bittorrent software for cats
- obsidianforensics/unfurl – Extract and Visualize Data from URLs using Unfurl
- obskyr/khinsider – A script for khinsider mass downloads. Get video game soundtracks quickly and easily! Also a Python interface.
- oilshell/oil – Oils is our upgrade path from bash to a better language and runtime. It's also for Python and JavaScript users who avoid shell!
- okigan/awscurl – curl-like access to AWS resources with AWS Signature Version 4 request signing.
- omidxrz/Watch-Tower – Simple Python Script for Tracking Bug Bounty Programs.
- onekey-sec/unblob – Extract files from any kind of container formats
- oppsec/Pinkerton – 🕵️ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python
- ortegaalfredo/aiTrans – Multi-language transpiler (source-to-source compiler) using AI
- owasp-dep-scan/blint – BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
- p-fruck/python-contabo – Fully featured Python wrapper for the Contabo API
- p0dalirius/GeoWordlists – GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.
- p0dalirius/RDWAtool – A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
- p0dalirius/crawlersuseragents – Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.
- p0dalirius/objectwalker – A python module to explore the object tree to extract paths to interesting objects in memory.
- pahaz/sshtunnel – SSH tunnels to remote server.
- pielco11/fav-up – IP lookup by favicon using Shodan
- pirxthepilot/wtfis – Passive hostname, domain and IP lookup tool for non-robots
- plaintextpackets/netprobe_lite – Simple internet performance tester written in Python
- praetorian-inc/gato – GitHub Actions Pipeline Enumeration and Attack Tool
- pry0cc/proteus – A projectdiscovery driven attack surface monitoring bot powered by axiom
- punk-security/dnsReaper – dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
- pwr-Solaar/Solaar – Linux device manager for Logitech devices
- pygments/pygments – Pygments is a generic syntax highlighter written in Python
- pyinstaller/pyinstaller – Freeze (package) Python programs into stand-alone executables
- pypa/pipx – Install and Run Python Applications in Isolated Environments
- qtc-de/webshell-cli – A simple command line interface for webshells
- quarkslab/AERoot – AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs.
- r0oth3x49/ghauri – An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
- radude/rentry – Markdown pastebin from command line
- rahiel/telegram-send – Send messages and files over Telegram from the command-line.
- rarecoil/unwebpack-sourcemap – Extract uncompiled, uncompressed SPA code from Webpack source maps.
- reddelexc/hackerone-reports – Top disclosed reports from HackerOne
- redhuntlabs/KubeStalk – KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
- redhuntlabs/Octopii – An AI-powered Personal Identifiable Information (PII) scanner.
- releng-tool/releng-tool – releng-tool aims to provide developers a way to manage multiple packages to assist in building a project
- reorx/httpstat – curl statistics made simple
- rev1si0n/lamda – ⚡️ Android reverse engineering & automation framework | 史上最强安卓抓包/逆向/HOOK & 云手机/远程桌面/自动化取证框架,你的工作从未如此简单快捷。
- rfc-st/humble – A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.
- rfmoz/tuptime – Report historical and statistical real time of the system, keeping it between restarts. Like uptime command but with more interesting output.
- rook1337/dupimageremover
- root-tanishq/userefuzz – User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
- roughiz/lfito_rce – LFI to RCE via phpinfo() assistance or via controlled log file
- rs-loves-bugs/burp-browser-profiles – Make better use of the embedded browser that comes by default with Burp
- s0md3v/Arjun – HTTP parameter discovery suite.
- s0md3v/Parth – Heuristic Vulnerable Parameter Scanner
- s0md3v/Photon – Incredibly fast crawler designed for OSINT.
- s0md3v/SubGPT – Find subdomains with GPT, for free
- s0md3v/XSStrike – Most advanced XSS scanner.
- s0md3v/roop – one-click face swap
- s0md3v/uro – declutters url lists for crawling/pentesting
- s3tools/s3cmd – Official s3cmd repo -- Command line tool for managing S3 compatible storage services (including Amazon S3 and CloudFront).
- samber/the-great-gpt-firewall – 🤖 A curated list of websites that restrict access to AI Agents, AI crawlers and GPTs
- saulpw/unzip-http – Extract individual files from .zip files over http without downloading the entire archive.
- saw-your-packet/EC2StepShell – EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.
- schemathesis/schemathesis – Supercharge your API testing, catch bugs, and ensure compliance
- sdushantha/dora – Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
- sdushantha/gitdir – Download a single directory/folder from a GitHub repo
- seanpm2001/Candroid – 🤖️🐧️📦️ Candroid is the ultimate Android BusyBox, and a complete open-source re-implementation of everything Android. Currently only available on Linux.
- sensepost/objection – 📱 objection - runtime mobile exploration
- shelld3v/JSshell – JSshell - JavaScript reverse/remote shell
- shimmeris/SCFProxy – A proxy tool based on cloud function.
- shmilylty/OneForAll – OneForAll是一款功能强大的子域收集工具
- simonw/s3-ocr – Tools for running OCR against files stored in S3
- simonw/shot-scraper – A command-line utility for taking automated screenshots of websites
- simple-login/app – The SimpleLogin back-end and web app
- six2dez/postleaksNg – Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks
- smacke/ffsubsync – Automagically synchronize subtitles with video.
- smol-ai/developer – the first library to let you embed a developer agent in your own app!
- snovvcrash/DivideAndScan – Divide full port scan results and use it for targeted Nmap runs
- soimort/you-get – ⏬ Dumb downloader that scrapes the web
- soxoj/maigret – 🕵️♂️ Collect a dossier on a person by username from thousands of sites
- spyboy-productions/CloakQuest3r – Uncover the true IP address of websites safeguarded by Cloudflare & Others
- sqall01/LSMS – Linux Security and Monitoring Scripts
- sqlmapproject/sqlmap – Automatic SQL injection and database takeover tool
- srevinsaju/guiscrcpy – A full fledged GUI integration for the award winning open-source android screen mirroring system -- scrcpy located on https://github.com/genymobile/scrcpy/ by @rom1v
- sshuttle/sshuttle – Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
- stamparm/maltrail – Malicious traffic detection system
- stark0de/nginxpwner – Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
- sting8k/BurpSuite_403Bypasser – Burpsuite Extension to bypass 403 restricted directory
- stolk/sotrace – Traces the shared-object dependencies of a binary, and graphs them.
- streamlink/streamlink – Streamlink is a CLI utility which pipes video streams from various services into a video player
- swisskyrepo/GraphQLmap – GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
- swisskyrepo/PayloadsAllTheThings – A list of useful payloads and bypass for Web Application Security and Pentest/CTF
- swisskyrepo/SSRFmap – Automatic SSRF fuzzer and exploitation tool
- sysdig/wafer
- systemd/pystemd – A thin Cython-based wrapper on top of libsystemd, focused on exposing the dbus API via sd-bus in an automated and easy to consume way.
- t3l3machus/Synergy-httpx – A Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).
- t3l3machus/Villain – Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
- t3l3machus/psudohash – Generates millions of keyword-based password mutations in seconds.
- t3l3machus/toxssin – An XSS exploitation command-line interface and payload generator.
- t3l3machus/wwwtree – A utility for quickly and easily locating, web hosting and transferring resources (e.g., exploits/enumeration scripts) from your filesystem to a victim machine during privilege escalation.
- takito1812/web-hacking-playground – Web application with vulnerabilities found in real cases, both in pentests and in Bug Bounty programs.
- tasooshi/brutas – Wordlists handcrafted (and automated) with ♥
- tcosolutions/betterscan-ce – Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
- theahmadov/NIVOS – NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS :> [NIVOS Created By NIVO Team]
- ticarpi/jwt_tool – 🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
- timothymiller/cloudflare-ddns – 🎉🌩️ Dynamic DNS (DDNS) service based on Cloudflare! Access your home network remotely via a custom domain name without a static IP!
- tlkh/asitop – Perf monitoring CLI tool for Apple Silicon
- toolleeo/cli-apps – The largest Awesome Curated list of CLI/TUI applications with source data organized into CSV files
- totoroterror/warp-cloner – Simple Python script that can clone Warp Plus (1.1.1.1) keys and generate 12PB (or 24PB) keys.
- tox-dev/tox-conda – Make tox cooperate with conda envs
- trailofbits/graphtage – A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.
- tralph3/ZeroTier-GUI – A Linux front-end for ZeroTier
- unkn0wnamd/ByteWizard
- user1342/AutoDroid – A tool for automating interactions with Android devices - including ADB, AndroGuard, and Frida interactivity.
- ustayready/fireprox – AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
- volitank/nala – Nala is a front-end for libapt-pkg.
- volkandindar/agartha – A Burp extension generates dynamic payloads to uncover injection flaws (LFI, RCE, SQLi), creates user access tables to identify authentication and authorization issues, attempts to bypass HTTP 403 access restrictions, and converts HTTP requests as JavaScript code for enhanced XSS exploitation.
- w9w/JSA – Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
- walkxcode/dashboard-icons – 🚀 The best source for dashboard icons.
- wasp-os/wasp-os – A MicroPython based development environment for smart watches (including Pine64 PineTime)
- waydroid/waydroid – Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.
- wdahlenburg/werkzeug-debug-console-bypass – Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.
- webrtc-for-the-curious/webrtc-for-the-curious – WebRTC for the Curious: Go beyond the APIs
- welldone-cloud/aws-summarize-account-activity
- witalihirsch/qBitTorrent-fluent-theme – Fluent theme for qBitTorrent
- wkentaro/gdown – Google Drive Public File Downloader when Curl/Wget Fails
- wmariuss/awesome-devops – A curated list of awesome DevOps platforms, tools, practices and resources
- xaitax/SploitScan – SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
- xaitax/TotalRecall – This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
- xbgmsharp/trakt – Import CSV to Trakt.tv list and Export Trakt.tv list into CSV
- xcp-ng/xcp – Entry point for issues and wiki. Also contains some scripts and sources.
- xnl-h4ck3r/GAP-Burp-Extension – Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
- xnl-h4ck3r/urless – De-clutter a list of URLs
- xnl-h4ck3r/waymore – Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
- xnl-h4ck3r/xnLinkFinder – A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target
- xonsh/xonsh – 🐚 Python-powered shell. Full-featured and cross-platform.
- xxh/xxh – 🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
- yt-dlp/yt-dlp – A feature-rich command-line audio/video downloader
- yunemse48/403bypasser
- zer1t0/awsenum – Enumerate AWS permissions and resources.
- zjx20/socks-cli – A solution to make CLI commands use socks5 proxy.
- zricethezav/h1domains – HackerOne "in scope" domains
- zydou/cli-tools – A collection of Command Line Interface (CLI) tools.
- containers/container-selinux – SELinux policy files for Container Runtimes
- gavinhoward/bc – An implementation of the POSIX bc calculator with GNU extensions and dc, moved away from GitHub. Finished, but well-maintained.
- graysky2/kodi-standalone-service – Use systemd to allow for standalone operation of kodi.
- oasislinux/oasis – a small statically-linked linux system
- pyenv/pyenv – Simple Python version management
- slimm609/checksec.sh – Checksec.sh
- Acceis/unisec – Unicode Security Toolkit
- arkadiyt/bounty-targets – This project crawls bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) hourly and dumps them into the bounty-targets-data repo
- bcoles/jira_scan – A simple remote scanner for Atlassian Jira
- digininja/CeWL – CeWL is a Custom Word List Generator
- drujensen/fib – Performance Benchmark of top Github languages
- endoflife-date/endoflife.date – Informative site with EoL dates of everything
- hahwul/WebHackersWeapons – ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
- hahwul/deadfinder – 🏴☠️ Find dead-links (broken links)
- lobsters/lobsters – Computing-focused community centered around link aggregation and discussion
- maybe-finance/maybe – The OS for your personal finances
- rapid7/recog – Pattern recognition for hosts, services, and content
- ubicloud/ubicloud – Open, free, and portable cloud. Elastic compute, block storage (non replicated), virtual networking, managed Postgres, and IAM services in public beta.
- urbanadventurer/WhatWeb – Next generation web scanner
- vpsfreecz/vpsadminos – Host for Linux system containers based on NixOS, ZFS and LXC
- 01mf02/jaq – A jq clone focussed on correctness, speed, and simplicity
- 0x00snape/Trassh – SSH session Sniffer.
- 0x192/universal-android-debloater – Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
- 0x676e67/vproxy – An easy and powerful Rust HTTP/Socks5/HTTP2Socks5 Proxy
- 0x727/ObserverWard – 侦查守卫(ObserverWard)指纹识别工具Community web fingerprint identification tool
- 12932/cf_speedtest – A CLI internet speed test tool
- 2moe/tomlyre – 📁💻🔍🔧 This CLI utility facilitates effortless manipulation and exploration of TOML, YAML, JSON and RON files.
- AhmedSoliman/netperf – A network performance measurement tool written in Rust
- Andoryuuta/certstream-rs – A library for streaming Certificate Transparency Log events from the certstream service
- Beastwick18/nyaa – A tui tool for browsing and downloading torrents
- Ben-Lichtman/ropr – A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative
- BlackDex/rust-musl – For compiling static Rust binaries using musl toolchain with some pre-compiled static libraries
- BugBlocker/lotus – ⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
- BurntSushi/ripgrep – ripgrep recursively searches directories for a regex pattern while respecting your gitignore
- Byron/gitoxide – An idiomatic, lean, fast & safe pure Rust implementation of Git
- Canop/broot – A new way to see and navigate directory trees : https://dystroy.org/broot
- Canop/dysk – A linux utility to get information on filesystems, like df but better
- Chleba/netscanner – Terminal Network scanner & diagnostic tool with modern TUI
- CleanCut/headtail – head and tail simultaneously
- ClementTsang/bottom – Yet another cross-platform graphical process/system monitor.
- DNSCrypt/encrypted-dns-server – An easy to install, high-performance, zero maintenance proxy to run an encrypted DNS server.
- DerGoogler/MMRL-CLI – MMRL Command Line Interface is a free tool to install Magisk/KernelSU modules
- DeterminateSystems/fh – The official CLI for FlakeHub: search for flakes, and add new inputs to your Nix flake.
- DeterminateSystems/magic-nix-cache – Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.
- DeterminateSystems/nix-installer – Install Nix and flakes with the fast and reliable Determinate Nix Installer, with over 2 million installs.
- Devolutions/IronRDP – Rust implementation of the Microsoft Remote Desktop Protocol (RDP)
- Drew-Alleman/DataSurgeon – Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
- Dusk-Labs/dim – Dim, a media manager fueled by dark forces.
- Dvlv/BoxBuddyRS – A Graphical Interface for Distrobox
- EFForg/apkeep
- EdJoPaTo/ip-changed-telegram-message – Send a Telegram message when the public IP address changes
- EdJoPaTo/mqttui – Subscribe to a MQTT Topic or publish something quickly from the terminal
- EdJoPaTo/website-stalker – Track changes on websites via git
- Edu4rdSHL/unimap – Scan only once by IP address and reduce scan times with Nmap for large amounts of data.
- EgeBalci/deoptimizer – Machine code de-optimizer.
- EmberHext/DomoArigato – A simple command line tool which quickly audits the Disallow entries of a site's robots.txt.
- FedericoPonzi/Horust – Horust is a supervisor / init system written in rust and designed to run inside containers.
- FoxIO-LLC/ja4 – JA4+ is a suite of network fingerprinting standards
- GuillaumeGomez/sysinfo – Cross-platform library to fetch system information
- GyulyVGC/sniffnet – Comfortably monitor your Internet traffic 🕵️♂️
- ImageOptim/gifski – GIF encoder based on libimagequant (pngquant). Squeezes maximum possible quality from the awful GIF format.
- Inlyne-Project/inlyne – Introducing Inlyne, a GPU powered yet browserless tool to help you quickly view markdown files in the blink of an eye.
- JakWai01/lurk – A pretty (simple) alternative to strace
- Jake-Shadle/xwin – A utility for downloading and packaging the Microsoft CRT headers and libraries, and Windows SDK headers and libraries needed for compiling and linking programs targeting Windows.
- KSXGitHub/parallel-disk-usage – Highly parallelized, blazing fast directory tree analyzer
- Kudaes/Split – Apply a divide and conquer approach to bypass EDRs
- LGUG2Z/komorebi – A tiling window manager for Windows 🍉
- LibNyanpasu/clash-nyanpasu – Clash Nyanpasu~(∠・ω< )⌒☆
- Lurk/clink – url cleaner
- Mic92/cntr – A container debugging tool based on FUSE
- Mic92/envfs – Fuse filesystem that returns symlinks to executables based on the PATH of the requesting process.
- Mic92/vmsh – Shell into a virtualized linux, with your own tools
- MohamedSherifNoureldin/PCtrl – Rust based Linux Process Manager with both a GUI and a TUI
- Morganamilo/paru – Feature packed AUR helper
- MrPicklePinosaur/shrs – The rusty shell toolkit for hackers
- NH-RED-TEAM/RustHound – Active Directory data collector for BloodHound written in Rust. 🦀
- NOBLES5E/cproxy – Easy per application transparent proxy built on cgroup.
- Nukesor/pueue – 🌠 Manage your shell commands.
- Orange-OpenSource/hurl – Hurl, run and test HTTP requests with plain text.
- PThorpe92/CuTE – HTTP client/libcurl TUI front end in Rust, with request + key storage
- PaddiM8/kalker – Scientific calculator with math syntax that supports user-defined variables and functions, complex numbers, and estimation of derivatives and integrals
- PaulJuliusMartinez/jless – jless is a command-line JSON viewer designed for reading, exploring, and searching through JSON data.
- Ph0enixKM/Amber – 💎 Amber the programming language compiled to bash
- Phate6660/rsfetch – A WIP rewrite of rsfetch from scratch.
- Rigellute/spotify-tui – Spotify for the terminal written in Rust 🚀
- RustCrypto/SSH – Pure Rust implementation of components of the Secure Shell (SSH) protocol
- RustScan/RustScan – 🤖 The Modern Port Scanner 🤖
- Schniz/fnm – 🚀 Fast and simple Node.js version manager, built in Rust
- Scille/parsec-cloud – Open source Dropbox-like file sharing with full client encryption !
- SeaDve/Kooha – Elegantly record your screen
- Sh1Yo/x8 – Hidden parameters discovery suite
- ShadowsocksR-Live/overtls – A simple proxy tunnel, minimalist tool for bypassing the GFW.
- Siriusmart/youtube-tui – An aesthetically pleasing YouTube TUI written in Rust
- SkuldNorniern/fluere – Fluere is a powerful and versatile tool designed for network monitoring and analysis. It is capable of capturing network packets in pcap format and converting them into NetFlow data, providing a comprehensive view of network traffic. It also Provides Terminal User Interface.
- Start9Labs/start-os – Open source Linux distro optimized for self-hosting
- SuperCuber/dotter – A dotfile manager and templater written in rust 🦀
- TheAlgorythm/zsplit – Split text into multiple files by line
- TheBinitGhimire/NtHiM – Now, the Host is Mine! - Super Fast Sub-domain Takeover Detection!
- TimeToogo/remote-pty – Tricking shells into interactive mode when local PTY's are not available
- TimeToogo/tunshell – Remote shell into ephemeral environments 🐚 🦀
- Timmmm/anakin – Kill orphan processes
- Universal-Debloater-Alliance/universal-android-debloater-next-generation – Cross-platform GUI written in Rust using ADB to debloat non-rooted Android devices. Improve your privacy, the security and battery life of your device.
- VHSgunzo/importenv – Launching an executable file with environment variables from a specific process id
- VHSgunzo/stresstestcpu – Simple CPU stress-test in Rust
- VirusTotal/yara-x – A rewrite of YARA in Rust.
- Void-ux/pixelsort – CLI image manipulation tool to pixel sort images
- Watfaq/clash-rs – custom protocol network proxy
- Wilfred/difftastic – a structural diff that understands syntax 🟥🟩
- XAMPPRocky/tokei – Count your code, quickly.
- XDream8/file-rs – a tool for determining file types, extensions etc.
- XOR-op/BoltConn – Privacy-oriented proxy & network manager, supporting WireGuard, L7 firewall and scripted MitM.
- Xewdy444/Proxy-Scraper-Checker – A command-line tool for scraping and checking HTTP and SOCKS5 proxies from the checkerproxy.net proxies archive
- Y2Z/monolith – ⬛️ CLI tool for saving complete web pages as a single HTML file
- YS-L/csvlens – Command line csv viewer
- ZingerLittleBee/netop – Network Top -- Help you monitor network traffic with bpf
- a-scie/jump – A Self Contained Interpreted Executable Launcher
- aaronriekenberg/rust-parallel – Fast command line app in rust/tokio to run commands in parallel. Similar interface to GNU parallel or xargs plus useful features. Listed in Awesome Rust utilities.
- aerys/gpm – Git-based Package Manager.
- agateau/clyde – A cross-platform package manager for prebuilt applications
- aheart/hearth – Linux server monitoring via SSH 🔥📊
- ahgamut/rust-ape-example – A simple example with Rust and Cosmopolitan Libc
- ajeetdsouza/zoxide – A smarter cd command. Supports all major shells.
- alexhallam/tv – 📺(tv) Tidy Viewer is a cross-platform CLI csv pretty printer that uses column styling to maximize viewer enjoyment.
- alexkirsz/dispatch – Combine internet connections, increase your download speed
- amanharwara/subtitle – Find & download subtitles from the terminal.
- andyk/ht – headless terminal - wrap any binary with a terminal interface for easy programmatic access.
- anordal/shellharden – The corrective bash syntax highlighter
- aramperes/onetun – User space WireGuard port-forward in Rust
- arxanas/git-branchless – High-velocity, monorepo-scale workflow for Git
- asciinema/agg – asciinema gif generator
- ast-grep/ast-grep – ⚡A CLI tool for code structural search, lint and rewriting. Written in Rust
- astral-sh/ruff – An extremely fast Python linter and code formatter, written in Rust.
- astral-sh/rye – a Hassle-Free Python Experience
- astral-sh/uv – An extremely fast Python package installer and resolver, written in Rust.
- atanunq/viu – Terminal image viewer with native support for iTerm and Kitty
- atuinsh/atuin – ✨ Magical shell history
- awslabs/coldsnap – A command line interface for Amazon EBS snapshots
- awslabs/mountpoint-s3 – A simple, high-throughput file client for mounting an Amazon S3 bucket as a local file system.
- axodotdev/oranda – 🎁 generate beautiful landing pages for your developer tools
- b1-team/superman – 🤖 Kill The Protected Process 🤖
- bbqsrc/cargo-ndk – Compile Rust projects against the Android NDK without hassle
- bensadeh/despell – 🎩 Put icons in
tmux
's status line - bensadeh/tailspin – 🌀 A log file highlighter
- bgkillas/kalc – a complex numbers, 2d/3d graphing, arbitrary precision, vector/matrix, cli calculator with real-time output and support for units
- bincode-org/bincode – A binary encoder / decoder implementation in Rust.
- biomejs/biome – A toolchain for web projects, aimed to provide functionalities to maintain them. Biome offers formatter and linter, usable via CLI and LSP.
- blacknon/hwatch – A modern alternative to the watch command, records the differences in execution results and can check this differences at after.
- blst-security/cherrybomb – Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
- boinkor-net/chars – cha(rs) is a commandline tool to display information about unicode characters
- boinkor-net/flac-tracksplit – Tool to losslessly, quickly & accurately split CUE+FLAC files into multiple tracks
- bootandy/dust – A more intuitive version of du in rust
- bottlerocket-os/bottlerocket – An operating system designed for hosting containers
- bpfman/bpfman – An eBPF Manager for Linux and Kubernetes
- br0kej/bin2ml – A command line tool for extracting machine learning ready data from software binaries powered by Radare2
- brave/adblock-rust – Brave's Rust-based adblock engine
- brettcannon/python-launcher – Python launcher for Unix
- brioche-dev/brioche – A delicious package manager
- brocode/fblog – Small command-line JSON Log viewer
- bruceadams/yj – Command line tool that converts YAML to JSON
- build-trust/ockam – Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
- bvaisvil/zenith – Zenith - sort of like top or htop but with zoom-able charts, CPU, GPU, network, and disk usage
- bytecodealliance/javy – JS to WebAssembly toolchain
- bytehunt/rayso – 💫 create beautiful code snippets on ray.so
- cantino/mcfly – Fly through your shell history. Great Scott!
- cargo-bins/cargo-binstall – Binary installation for rust projects
- casey/intermodal – A command-line utility for BitTorrent torrent file creation, verification, and more
- casey/just – 🤖 Just a command runner
- cask-pkg/cask.rs – A universal, distributed binary file manager. 一个通用的去中心化二进制管理器
- cea-sec/usbsas – Tool and framework for securely reading untrusted USB mass storage devices.
- chawyehsu/hok – CLI reimplementation of Scoop in Rust
- chenxiaolong/avbroot – Sign (and root) Android A/B OTAs with custom keys while preserving Android Verified Boot
- chmln/sd – Intuitive find & replace CLI (sed alternative)
- chrisdickinson/git-rs – git, implemented in rust, for fun and education 🦀
- cjrh/lifter – Download and sync new releases of single-file binaries from Github Releases and other sites
- ckaznable/tenki – tty-clock with weather effect
- cloud-hypervisor/cloud-hypervisor – A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Linux guests, device offload with vhost-user and a minimal compact footprint. Written in Rust with a strong focus on security.
- cloud-hypervisor/rust-hypervisor-firmware
- cloudflare/boringtun – Userspace WireGuard® Implementation in Rust
- cloudflare/quiche – 🥧 Savoury implementation of the QUIC transport protocol and HTTP/3
- cloudflare/shellflip – Graceful process restarts in Rust
- cloudflare/svg-hush – Make it safe to serve untrusted SVG files
- clux/muslrust – Docker environment for building musl based static linux rust binaries
- cn-kali-team/notion-blog – One click build your website with Notion for free using wrangler
- cocogitto/cocogitto – The Conventional Commits toolbox
- code-inflation/cfspeedtest – Unofficial CLI for speed.cloudflare.com
- confidential-containers/guest-components – Confidential Containers Guest Tools and Components
- containers/bootc – Boot and upgrade via container images
- containers/conmon-rs – An OCI container runtime monitor written in Rust
- containers/youki – A container runtime written in Rust
- copy/v86 – x86 PC emulator and x86-to-wasm JIT, running in the browser
- crate-ci/typos – Source code spell checker
- cross-rs/cross – “Zero setup” cross compilation and “cross testing” of Rust crates
- d4rckh/gorilla – tool for generating wordlists or extending an existing one using mutations.
- dalance/gip – a command-line tool to get global IP address
- dalance/procs – A modern replacement for ps written in Rust
- dandavison/delta – A syntax-highlighting pager for git, diff, grep, and blame output
- dani-garcia/vaultwarden – Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
- datavzrd/datavzrd – A tool to create visual HTML reports from collections of CSV/TSV tables
- dbohdan/csv2html – Convert CSV files to HTML tables
- dbohdan/jsonwatch – Track changes in JSON data from the command line
- devmatteini/dra – A command line tool to download release assets from GitHub
- dimo414/bkt – a subprocess caching utility, available as a command line binary and a Rust library.
- djc/topfew-rs – Rust implementation of Tim Bray's topfew tool
- dkorunic/findlargedir – quickly find all "blackhole" directories with a huge amount of filesystem entries in a flat structure
- dndx/phantun – Transforms UDP stream into (fake) TCP streams that can go through Layer 3 & Layer 4 (NAPT) firewalls/NATs.
- dndx/uip – A tool to obtain your public IP address with the help of STUN servers
- dominikwilkowski/cfonts – Sexy fonts for the console
- dotenv-linter/dotenv-linter – ⚡️Lightning-fast linter for .env files. Written in Rust 🦀
- dswd/vpncloud – Peer-to-peer VPN
- dszczyt/rust-jwt-cracker – JWT brute force token cracker written in rust
- dtolnay/build-alert
- dtolnay/cargo-unlock – Remove Cargo.lock lockfile
- dtolnay/dircnt – Count directory entries—
ls | wc -l
but faster - dtolnay/faketty – Wrapper to exec a command in a pty, even if redirecting the output
- dtolnay/sha1dir – Checksum of a directory tree
- dtolnay/star-history – Graph history of GitHub stars of a user or repo over time
- ducaale/xh – Friendly and fast tool for sending HTTP requests
- dwisiswant0/ppfuzz – A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
- efugier/smartcat – Putting a brain behind
cat
🐈⬛ Integrating language models in the Unix commands ecosystem through text streams. - ekzhang/bore – 🕳 bore is a simple CLI tool for making tunnels to localhost
- ekzhang/sshx – Fast, collaborative live terminal sharing over the web
- elliotwutingfeng/SyncthingRelayServerIPs – Machine-readable .txt allowlist of Syncthing Relay Server IP Addresses, updated every hour
- emmett-framework/granian – A Rust HTTP server for Python applications
- enarx/enarx – Enarx: Confidential Computing with WebAssembly
- envio-cli/envio – Envio is a modern and secure command-line tool that simplifies the management of environment variables
- epi052/feroxbuster – A fast, simple, recursive content discovery tool written in Rust.
- erebe/wstunnel – Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
- ergrelet/windiff – Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
- erikh/ztui – A terminal UI for ZeroTier
- espanso/espanso – Cross-platform Text Expander written in Rust
- esrlabs/northstar – Embedded container runtime
- ethicalhackingplayground/aem-eye – A very simple AEM detector written in rust.🦀
- ethicalhackingplayground/hrekt – A really fast http prober.
- ethicalhackingplayground/pathbuster – A path-normalization pentesting tool.
- evilsocket/legba – A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷
- exein-io/pulsar – A modular and blazing fast runtime security tool for the IoT, powered by eBPF.
- extrawurst/gitui – Blazing 💥 fast terminal-ui for git written in rust 🦀
- eza-community/eza – A modern, maintained replacement for ls
- face-hh/webx – An alternative for the World Wide Web - browse websites such as buss://yippie.rizz made in HTML, CSS and Lua. Custom web browser, custom HTML rendering engine, custom search engine, and more.
- facebook/buck2 – Build system, successor to Buck
- facebook/dotslash – Simplified executable deployment
- facebookexperimental/hermit – Hermit launches linux x86_64 programs in a special, hermetically isolated sandbox to control their execution. Hermit translates normal, nondeterministic behavior, into deterministic, repeatable behavior. This can be used for various applications, including replay-debugging, reproducible artifacts, chaos mode concurrency testing and bug analysis.
- facebookincubator/below – A time traveling resource monitor for modern Linux systems
- fathyb/carbonyl – Chromium running inside your terminal
- fioncat/otree – A command line tool to view objects (JSON/YAML/TOML) in TUI tree widget.
- firecracker-microvm/firecracker – Secure and fast microVMs for serverless computing.
- fish-shell/fish-shell – The user-friendly command line shell.
- fkie-cad/cwe_checker – cwe_checker finds vulnerable patterns in binary executables
- flo-at/minmon – MinMon - an opinionated minimal monitoring and alarming tool
- flox/flox – Developer environments you can take with you
- flukejones/asusctl – Daemon and tools to control your ASUS ROG laptop. Supersedes rog-core.
- flxzt/rnote – Sketch and take handwritten notes.
- foresterre/cargo-msrv – 🦀 Find the minimum supported Rust version (MSRV) for your project
- fossable/goldboot – Immutable infrastructure for the desktop!
- fujiapple852/trippy – A network diagnostic tool
- gamelife1314/rsb – a http server benchmark tool written in rust 🦀
- gbrls/kurl – HTTP Requests for security researchers
- gbrls/tls-leak – Domain discovery via TLS connections
- getgrit/gritql – GritQL is a query language for searching, linting, and modifying code.
- glotlabs/gdrive – Google Drive CLI Client
- golangboy/fast-cloudflare – Scan all IP nodes of CloudFlare to find the fastest IP node.
- greymd/teip – Masking tape to help commands "do one thing well"
- hatoo/oha – Ohayou(おはよう), HTTP load generator, inspired by rakyll/hey with tui animation.
- hermit-os/hermit-rs – Hermit for Rust.
- hickory-dns/hickory-dns – A Rust based DNS client, server, and resolver
- holly-hacker/git-dumper – A tool to dump exposed .git repositories
- holly-hacker/s3-dumper – A tool to dump exposed S3 buckets by URL
- holmgr/cargo-sweep – A cargo subcommand for cleaning up unused build files generated by Cargo
- houseabsolute/ubi – The Universal Binary Installer
- hw0lff/shikane – [mirror] A deterministic dynamic output configuration tool that automatically detects and configures connected outputs based on a set of profiles.
- iamsauravsharma/cargo-trim – Binary application to clean up .cargo/registry & .cargo/git cache
- ifd3f/caligula – A user-friendly, lightweight TUI for disk imaging
- iggy-rs/iggy – Iggy is the persistent message streaming platform written in Rust, supporting QUIC, TCP and HTTP transport protocols, capable of processing millions of messages per second.
- igor-petruk/scriptisto – A language-agnostic "shebang interpreter" that enables you to write scripts in compiled languages.
- ikatson/rqbit – A bittorrent client in Rust
- immunant/c2rust – Migrate C code to Rust
- imsnif/bandwhich – Terminal bandwidth utilization tool
- indygreg/PyOxidizer – A modern Python application packaging and distribution tool
- innobead/huber – Huber 📦, Package Install Manager for GitHub repos
- insanitybit/cargo-sandbox
- io12/pwninit – pwninit - automate starting binary exploit challenges
- io12/unf – UNixize Filename -- replace annoying anti-unix characters in filenames
- irishmaestro/fubar – Formidable Unix Binary Arsenal & Repository. TUI built for offline payload generation, retrieval, and exfiltration.
- islet-project/islet – An on-device confidential computing platform
- ismaelgv/rnr – A command-line tool to batch rename files and directories
- itsjunetime/tdf – A tui-based PDF viewer
- iustin24/chameleon
- iustin24/rextract – CLI tool that extracts a regex pattern from a list of urls ( Rust )
- ivre/masscanned – Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to GreyNoise.
- j-hc/mindetach-magisk – Simpler and better Magisk module to detach apps from Play Store
- j-hc/zygisk-detach – Zygisk module to detach installed apps from Play Store
- jamesmcm/vopono – Run applications through VPN tunnels with temporary network namespaces
- jasonwhite/rudolfs – A high-performance, caching Git LFS server with an AWS S3 and local storage back-end.
- jdx/mise – dev tools, env vars, task runner
- jelmer/wadl – Wadl parser for rust
- jerrita/peerban – 高性能 BT 吸血客户端封禁器,支持客户端探测、自动过滤 PT,兼容 qBittorrent
- jhspetersson/fselect – Find files with SQL-like queries
- jkfran/killport – A command-line tool to easily kill processes running on a specified port.
- joaoviictorti/RustRedOps – 🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
- johnthagen/min-sized-rust – 🦀 How to minimize Rust binary size 📦
- jqnatividad/qsv – CSVs sliced, diced & analyzed.
- jvns/dnspeep – spy on the DNS queries your computer is making
- jwt-rs/jwt-ui – A command line UI for decoding/encoding JSON Web Tokens
- kahing/catfs – Cache AnyThing filesystem written in Rust
- kata-containers/kata-containers – Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
- kateinoigakukun/wasi-vfs – A virtual filesystem layer for WASI.
- kateinoigakukun/wasminspect – An interactive debugger for WebAssembly
- khyerdev/tcobalt – Command-line interface wrapper for https://cobalt.tools, written in rust
- kimono-koans/httm – Interactive, file-level Time Machine-like tool for ZFS/btrfs/nilfs2 (and even actual Time Machine backups!)
- knassar702/hacks – Build some cyber security tools in Rust 🦀 🚀
- knassar702/lorsrf – Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load 🛰️ 🦀
- konradsz/igrep – Interactive Grep
- koutheir/binary-security-check – Moved: https://codeberg.org/koutheir/binary-security-check
- kpcyrd/apt-swarm – 🥸 p2p gossip network for update transparency, based on pgp 🥸
- kpcyrd/rebuilderd – Independent verification of binary packages - reproducible builds
- kpcyrd/repro-env – Dependency lockfiles for reproducible build environments 📦🔒
- kpcyrd/rshijack – TCP connection hijacker, Rust rewrite of shijack
- kpcyrd/sh4d0wup – Signing-key abuse and update exploitation framework
- kpcyrd/sn0int – Semi-automatic OSINT framework and package manager
- kpcyrd/sniffglue – Secure multithreaded packet sniffer
- kuasar-io/kuasar – A multi-sandbox container runtime that provides cloud-native, all-scenario multiple sandbox container solutions.
- kunai-project/kunai – Threat-hunting tool for Linux
- kxxt/tracexec – Tracer for execve{,at} and pre-exec behavior, launcher for debuggers.
- kyee-rs/grizzly – 🐻 Grizzly - Self-Extractable (SFX) archives creator. Written purely on Rust.
- kyren/piccolo – An experimental stackless Lua VM implemented in pure Rust
- lapce/lapce – Lightning-fast and Powerful Code Editor written in Rust
- lapce/lapdev – Self-Hosted Remote Dev Environment
- lbl8603/vnt – A virtual network tool (or VPN),简便高效的异地组网、内网穿透工具
- leesum1/RV64emu-rs – RV64emu is a riscv64 emulator written in rust,can run linux !
- linkdd/procfusion – Very simple process manager written in Rust for your Docker images
- lmammino/jwtinfo – A command-line tool to get information about JWTs (Json Web Tokens)
- lodosgroup/lpm – an experimental package manager for operating systems
- lotabout/skim – Fuzzy Finder in rust!
- lowitea/gitlobster – 🦞 A tool for full cloning all available repositories from a GitLab instance.
- lsk569937453/eagle – A tool to plot the memory and cpu usage.
- lu-zero/cargo-c – build and install C-compatible libraries
- lycheeverse/lychee – ⚡ Fast, async, stream-based link checker written in Rust. Finds broken URLs and mail addresses inside Markdown, HTML, reStructuredText, websites and more!
- m4b/bingrep – like
grepUBER, but for binaries - maestro-os/maestro – Unix-like kernel written in Rust
- maestro-os/maestro-utils – Utility commands for Maestro operating system
- makindotcc/FlarelessHeadlessChrome – Pass cloudflare IUAM using headless chrome without hassle. Vercel WAF, friendlycaptcha too, and probably many more.
- makindotcc/fabricbin – Patch binary file using IDA signatures and defined replacement bytes in YAML.
- marcoesposito1988/dependency_runner – ldd for Windows - and more!
- martinvonz/jj – A Git-compatible VCS that is both simple and powerful
- master-of-zen/Av1an – Cross-platform command-line AV1 / VP9 / HEVC / H264 encoding framework with per scene quality encoding
- mattrighetti/envelope – An environment variables cli tool backed by SQLite
- max-niederman/ttyper – Terminal-based typing test.
- medialab/xan – The CSV magician
- meli/meli – 🐝 terminal mail client, mirror of https://git.meli-email.org/meli/meli.git https://crates.io/crates/meli
- memorysafety/river – This repository is the home of the River reverse proxy application, based on the pingora library from Cloudflare.
- memorysafety/sudo-rs – A memory safe implementation of sudo and su.
- metalbear-co/mirrord – Connect your local process and your cloud environment, and run local code in cloud conditions.
- mfontanini/presenterm – A markdown terminal slideshow tool
- mgdm/htmlq – Like jq, but for HTML.
- mgree/ffs – the file filesystem: mount semi-structured data (like JSON) as a Unix filesystem
- mgunyho/tere – Terminal file explorer
- mihaigalos/aim – 🎯 A command line download/upload tool with resume.
- mikeroyal/Steam-Deck-Guide – Steam Deck Guide. Learn all about the Tools, Accessories, Games, Emulators, and Gaming Tips that will make your Steam Deck an awesome Gaming Handheld or a Portable Computer Workstation.
- misprit7/computerraria – A fully compliant RISC-V computer made inside the game Terraria
- mitsuhiko/teetty – A bit like tee, a bit like script, but all with a fake tty. Lets you remote control and watch a process
- mkj/sunset – SSH for Rust, no_std and elsewhere
- mokeyish/smartdns-rs – A cross platform local DNS server (Dnsmasq like) written in rust to obtain the fastest website IP for the best Internet experience, supports DoT, DoQ, DoH, DoH3.
- mpalmer/action-validator – Tool to validate GitHub Action and Workflow YAML files
- mpalmer/scrape-ct-log – CLI tool to quickly and efficiently bulk-download entries from a Certificate Transparency log
- mre/envy – 💫 Manage environment variables without cluttering your .zshrc.
- mtkennerly/ludusavi – Backup tool for PC game saves
- mtkennerly/shawl – Windows service wrapper for arbitrary commands
- mttaggart/OffensiveNotion – Notion as a platform for offensive operations
- mufeedvh/code2prompt – A CLI tool to convert your codebase into a single LLM prompt with source tree, prompt templating, and token counting.
- mullvad/mullvadvpn-app – The Mullvad VPN client app for desktop and mobile
- mullvad/udp-over-tcp – Proxy UDP traffic over a TCP stream
- musikid/gateau – 🍪 Use your cookies from browsers in your curl, wget and httpie requests!
- n0-computer/iroh – A toolkit for building distributed applications
- n0-computer/sendme – A tool to send files and directories, based on iroh
- narrowlink/narrowlink – A self-hosted solution to enable secure connectivity between devices across restricted networks like NAT or firewalls
- neelkarma/redive – Trace URL redirections in the terminal.
- neosmart/securestore-rs – A simple, encrypted, git-friendly, file-backed secrets manager for rust
- next-hat/nanocl – Distributed System that simplifies the management of containers and virtual machines.
- ngrok/ngrok-rust – Embed ngrok secure ingress into your Rust apps with a single line of code.
- nikolassv/bartib – A simple timetracker for the command line. It saves a log of all tracked activities as a plaintext file and allows you to create flexible reports.
- nix-community/comma – Comma runs software without installing it. [maintainers=@Artturin,@burke,@DavHau]
- nix-community/nix-index – Quickly locate nix packages with specific files [maintainers=@bennofs @figsoda @raitobezarius]
- nix-community/nix-ld-rs – Run unpatched dynamic binaries on NixOS [maintainer=@zhaofengli @Mic92]
- nix-community/nix-user-chroot – Install & Run nix without root permissions [maintainer=@Mic92]
- nix-community/patsh – A command-line tool for patching shell scripts inspired by resholve [maintainer=@figsoda]
- norskeld/pingmole – CLI that helps to filter Mullvad servers and pick the closest one.
- nullpo-head/wsl-distrod – Distrod is a meta-distro for WSL 2 which installs Ubuntu, Arch, Debian, Gentoo, etc. with systemd in a minute for you. Distrod also has built-in auto-start feature on Windows startup and port forwarding ability.
- numtide/system-manager – Manage system config using nix on any distro
- nushell/nushell – A new type of shell
- o2sh/onefetch – Command-line Git information tool
- o8vm/octox – Unix-like OS in Rust inspired by xv6-riscv
- obi1kenobi/trustfall – A query engine for any combination of data sources. Query your files and APIs as if they were databases!
- occlum/occlum – Occlum is a memory-safe, multi-process library OS for Intel SGX
- ogham/dog – A command-line DNS client.
- omerbenamram/evtx – A Fast (and safe) parser for the Windows XML Event Log (EVTX) format
- one-d-wide/yggdrasil-jumper – Reduce latency of a connection over yggdrasil network
- oreboot/oreboot – oreboot is a fork of coreboot, with C removed, written in Rust.
- orf/gping – Ping, but with a graph
- orhun/flawz – A Terminal UI for browsing security vulnerabilities (CVEs)
- orhun/git-cliff – A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️
- orhun/gpg-tui – Manage your GnuPG keys with ease! 🔐
- orhun/halp – A CLI tool to get help with CLI tools 🐙
- orhun/kmon – Linux Kernel Manager and Activity Monitor 🐧💻
- orhun/rustypaste – A minimal file upload/pastebin service.
- orhun/systeroid – A more powerful alternative to sysctl(8) with a terminal user interface 🐧
- ouch-org/ouch – Painless compression and decompression in the terminal
- oxalica/onedrive-fuse – Mount your Microsoft OneDrive storage as FUSE filesystem.
- oxc-project/oxc – ⚓ A collection of JavaScript tools written in Rust.
- oxidecomputer/aws-wire-lengths – simple command line for various AWS management tasks
- pamburus/hl – A fast and powerful log viewer and processor that translates JSON or logfmt logs into a pretty human-readable format.
- pardus-topluluk/paket – Blazing fast, memory safe & modern Linux package manager written in Rust.
- pathtofile/ctlwatcher – Monitor Certificate Transparency logs for domains matching regexes.
- patrick-kidger/exvoker – A CLI tool. Extract regexes from stdout (e.g. URLs) and invoke commands on them (e.g. open the webpage).
- phip1611/ttfb – Library + CLI-Tool to measure the TTFB (time to first byte) of HTTP requests. Additionally, this crate measures the times of DNS lookup, TCP connect and TLS handshake.
- phiresky/ripgrep-all – rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.
- phylum-dev/birdcage – Cross-platform embeddable sandboxing
- pipelight/pipelight – Tiny automation pipelines. Bring CI/CD to the smallest projects. Self-hosted, Lightweight, CLI only.
- pkgcraft/pkgcraft – highly experimental tooling ecosystem for Gentoo
- pkolaczk/fclones – Efficient Duplicate File Finder
- pradt2/always-online-stun – A list of publicly available STUN servers, refreshed every hour.
- praetorian-inc/noseyparker – Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
- prefix-dev/pixi – Package management made easy
- prefix-dev/rattler-build – rattler-build is a universal package builder for Windows, macOS and Linux
- prefix-dev/rip – Solve and install Python packages quickly with rip (pip in Rust)
- project-oak/oak – Meaningful control of data in distributed systems.
- pvolok/mprocs – Run multiple commands in parallel
- pwnwriter/haylxon – ⚡ Blazing-fast tool to grab screenshots of your domain list right from terminal.
- pwnwriter/hysp – 📦 An independent package manager that every hacker deserves.
- pwnwriter/kanha – 🦚 A web-app pentesting suite written in rust .
- pythops/bluetui – 🛜 TUI for managing bluetooth devices on Linux.
- pythops/impala – 🛜 TUI for managing wifi on Linux.
- qarmin/czkawka – Multi functional app to find duplicates, empty folders, similar images etc.
- qarmin/system-info-collector – App to collect ram/cpu usage from OS and show it in pretty graphs
- qmonnet/rbpf – Rust virtual machine and JIT compiler for eBPF programs
- quantumsheep/sshs – Terminal user interface for SSH
- queer/atsi – instant rootless Alpine shells
- queer/boxxy – boxxy puts bad Linux applications in a box with only their files.
- queer/peckish – peckish (case-sensitive) is a CLI tool/Rust library for (re)packaging Linux software artifacts.
- r12f/rnp – A simple layer 4 ping tool for cloud.
- railwayapp/nixpacks – App source + Nix packages + Docker = Image
- rami3l/pacaptr – Pacman-like syntax wrapper for many package managers.
- rapiz1/catp – Print the output of a running process
- rapiz1/rathole – A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
- rash-sh/rash – Declarative shell scripting using Rust native bindings inspired by Ansible
- rcoh/angle-grinder – Slice and dice logs on the command line
- redox-os/extrautils – Mirror of https://gitlab.redox-os.org/redox-os/extrautils
- redox-os/pkgutils – Mirror of https://gitlab.redox-os.org/redox-os/pkgutils
- redox-os/redox-ssh – Mirror of https://gitlab.redox-os.org/redox-os/redox-ssh
- redox-os/redoxfs – Mirror of https://gitlab.redox-os.org/redox-os/redoxfs
- redox-os/relibc – Mirror of https://gitlab.redox-os.org/redox-os/relibc
- replit/rippkgs – A CLI for indexing and searching packages in Nix expressions
- replydev/cotp – Trustworthy, encrypted, command-line TOTP/HOTP authenticator app with import functionality.
- resyncgg/ripgen – Rust-based high performance domain permutation generator.
- rgwood/systemctl-tui – A fast, simple TUI for interacting with systemd services and their logs
- robiot/rustcat – Rustcat(rcat) - The modern Port listener and Reverse shell
- robjtede/inspect-cert-chain – Inspect and debug TLS certificate chains (without OpenSSL)
- rosenpass/rosenpass – Rosenpass is a post-quantum-secure VPN that uses WireGuard to transport the actual data.
- ruslashev/elfcat – ELF visualizer. Generates HTML files from ELF binaries.
- rust-cross/cargo-xwin – Cross compile Cargo project to Windows MSVC target with ease
- rust-cross/cargo-zigbuild – Compile Cargo project with zig as linker
- rust-lang/libm – A port of MUSL's libm to Rust.
- rust-lang/mdBook – Create book from markdown files. Like Gitbook but implemented in Rust
- rust-lang/miri – An interpreter for Rust's mid-level intermediate representation
- rustcoreutils/posixutils-rs – Core POSIX command line utilities in safe Rust
- rustdesk/rustdesk – An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
- rustne-kretser/noline – IO-agnostic line editor for embedded systems
- rustpq/pqcrypto – Rust Post-Quantum cryptography
- rusty-ferris-club/rustwrap – 📦+🦀=
♥️ A tool that helps wrap binary releases for easy distribution - rusty-ferris-club/shellclear – Secure shell history commands by finding sensitive data
- s3m/s3m – CLI for streams of data in S3 buckets
- sairash/Danfe – Writing a Programming Language / Compiler in Rust
- say4n/jf – flatten them json
- sayanarijit/xplr – A hackable, minimal, fast TUI file explorer
- scullionw/dirstat-rs – (fastest?) disk usage cli, similar to windirstat.
- segersniels/supdock – What's Up, Doc(ker)? A slightly more visual way to interact with the docker daemon using prompts. Supdock is a wrapper for the docker binary meaning you can still use all of the other docker commands without issues.
- serpent-os/moss – The safe, fast and sane package manager for Linux
- shadow/shadow – Shadow is a discrete-event network simulator that directly executes real application code, enabling you to simulate distributed systems with thousands of network-connected processes in realistic and scalable private network experiments using your laptop, desktop, or server running Linux.
- sharkdp/bat – A cat(1) clone with wings.
- sharkdp/binocle – a graphical tool to visualize binary data
- sharkdp/diskus – A minimal, fast alternative to 'du -sh'
- sharkdp/fd – A simple, fast and user-friendly alternative to 'find'
- sharkdp/hexyl – A command-line hex viewer
- sharkdp/hyperfine – A command-line benchmarking tool
- sharkdp/pastel – A command-line tool to generate, analyze, convert and manipulate colors
- shell-pool/shpool – Think tmux, then aim... lower
- shenek/wait-for-them – Wait until TCP services are running.
- shixinhuang99/sxtetris – A terminal Tetris game
- shotover/shotover-proxy – L7 data-layer proxy
- shshemi/tabiew – A lightweight TUI app to view and query CSV files
- sigoden/argc – A Bash CLI framework, also a Bash-based command runner.
- sigoden/dufs – A file server that supports static serving, uploading, searching, accessing control, webdav...
- sigoden/projclean – Project dependencies & build artifacts cleanup tool.
- sigoden/upt – Universal Package-management Tool for any OS.
- sinKettu/cruster – Intercepting MitM proxy with flexible security scanner power
- sisungo/airup – 🚀 Airup is a modern, portable and blazingly fast implementation of service supervisor and the init daemon.
- sitkevij/hex – 🔮 Futuristic take on hexdump, made in Rust.
- smallnest/mping-rs – a multi-targets ping tool and library, which supports 10,000 packets/second, accurate latency
- smoltcp-rs/smoltcp – a smol tcp/ip stack
- solidiquis/erdtree – A modern, cross-platform, multi-threaded, and general purpose filesystem and disk-usage utility that is aware of .gitignore and hidden file rules.
- sourcefrog/conserve – 🌲 Robust file backup tool in Rust
- spellshift/realm – Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
- spider-rs/spider – The fastest web crawler written in Rust. Maintained by @a11ywatch.
- spider-rs/ua_generator – Pre-compiled random real User-Agents. Updated weekly for windows, mac, linux, and android
- spieglt/FlyingCarpet – Cross-platform AirDrop. File transfer between Android, iOS, Linux, macOS, and Windows over ad hoc WiFi. No network infrastructure required, just two devices with WiFi chips in close range.
- ssh-vault/ssh-vault – 🌰 encrypt/decrypt using ssh keys
- sshuttle/sshuttle_rust – Rewrite sshuttle in rust
- starship/starship – ☄🌌️ The minimal, blazing-fast, and infinitely customizable prompt for any shell!
- static-web-server/static-web-server – A cross-platform, high-performance and asynchronous web server for static files-serving. ⚡
- stefins/wdcrypt – 🔐A CLI to encrypt all the files and folder in your current working directory.
- steven-omaha/pacdef – multi-backend declarative package manager for Linux
- str4d/rage – A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
- streamdal/streamdal – Code-Native Data Privacy
- sunface/rust-by-practice – Learning Rust By Practice, narrowing the gap between beginner and skilled-dev through challenging examples, exercises and projects.
- surban/aggligator – Aggregates multiple links (TCP, Bluetooth, USB or similar) into one connection having their combined bandwidth and provides resiliency against failure of individual links.
- svenstaro/genact – 🌀 A nonsense activity generator
- svenstaro/miniserve – 🌟 For when you really just want to serve some files over HTTP right now!
- swanandx/lemmeknow – The fastest way to identify anything!
- swsnr/mdcat – cat for markdown
- sxyazi/yazi – 💥 Blazing fast terminal file manager written in Rust, based on async I/O.
- symphorien/nix-du – Visualise which gc-roots to delete to free some space in your nix store
- synoet/cdwe – ⚡️(cd with env) Is a configurable cd wrapper that lets you define your environment per directory.
- szabodanika/microbin – A secure, configurable file-sharing and URL shortening web app written in Rust.
- tamasfe/taplo – A TOML toolkit written in Rust
- tarka/xcp – An extended
cp
- tarkah/tickrs – Realtime ticker data in your terminal 📈
- tbillington/kondo – Cleans dependencies and build artifacts from your projects.
- theseus-os/Theseus – Theseus is a modern OS written from scratch in Rust that explores 𝐢𝐧𝐭𝐫𝐚𝐥𝐢𝐧𝐠𝐮𝐚𝐥 𝐝𝐞𝐬𝐢𝐠𝐧: closing the semantic gap between compiler and hardware by maximally leveraging the power of language safety and affine types. Theseus aims to shift OS responsibilities like resource management into the compiler.
- thinkgos/goup-rs – an elegant Go version manager write in rust
- threathunters-io/laurel – Transform Linux Audit logs for SIEM usage
- tkellogg/dura – You shouldn't ever lose your work if you're using Git
- tock/tock – A secure embedded operating system for microcontrollers
- todoesverso/logss – A simple cli for logs splitting
- tonarino/innernet – A private network system that uses WireGuard under the hood.
- topgrade-rs/topgrade – Upgrade all the things
- tox-rs/tox – toxcore implementation in Rust
- trickster0/OffensiveRust – Rust Weaponization for Red Team Engagements.
- trou/rsbkb – CLI tools to encode/decode things
- tsirysndr/superviseur – Define and run multi-service applications on isolated environments with Nix or Docker ❄️🐋 🛠️ 💻 ✨
- tun2proxy/tun2proxy – Tunnel (TUN) interface for SOCKS and HTTP proxies
- tux3/armerge – Tool to merge static libraries and hide their private symbols
- tversteeg/emplace – 👩❤️💋👩 Synchronize installed packages on multiple machines
- tw93/Pake – 🤱🏻 Turn any webpage into a desktop app with Rust. 🤱🏻 利用 Rust 轻松构建轻量级多端桌面应用
- tweag/nickel – Better configuration for less
- twitchax/kord – A music theory binary and library for Rust / JS.
- twitchax/rtz – A tool to easily work with timezone lookups via a binary, a library, or a server.
- typst/typst – A new markup-based typesetting system that is powerful and easy to learn.
- unique1o1/uniqx – A simple HTTP/TCP tunnel - Ngrok Alternative
- uutils/coreutils – Cross-platform Rust rewrite of the GNU coreutils
- uutils/diffutils – Drop-in replacement of diffutils in Rust
- uutils/findutils – Rust implementation of findutils
- uutils/platform-info – A cross-platform way to get information about your machine
- veeso/termscp – 🖥 A feature rich terminal UI file transfer and explorer with support for SCP/SFTP/FTP/S3/SMB
- vi/websocat – Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions
- viperML/nh – Yet another nix cli helper
- voidash/8085-Emulator – online 8085 emulator using Rust, WebAssembly and React
- voidash/nep-preter – Special nepali programming language Interpreter in Rust
- volta-cli/volta – Volta: JS Toolchains as Code. ⚡
- volution/z-tokens – z-tokens -- random tokens generation and related tools
- w4/pisshoff – 🧸 fully isolated honeypot ssh server using thrussh
- warp-tech/warpgate – Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software
- watchexec/watchexec – Executes commands in response to file modifications
- westandskif/rate-mirrors – Everyday-use client-side map-aware mirror ranking tool (Arch Linux; Manjaro; custom ones)
- wez/wezterm – A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust
- wezm/git-grab – Clone a git repository into a standard location organised by domain and path.
- wfxr/csview – 📠 Pretty and fast csv viewer for cli with cjk/emoji support.
- whitfin/jen – A fast utility to generate fake/test documents based on a template
- whitfin/runiq – An efficient way to filter duplicate lines from input, à la uniq.
- wlh320/portguard – A port forwarding tool works like ssh tunneling, but Zero Config for client.
- woodruffw/toml2json – A very small CLI for converting TOML to JSON
- wssheldon/osintui – OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys
- xct/winssh
- xetdata/nfsserve – A Rust NFS Server implementation
- xetdata/xet-core – Rust crates for XetHub
- xrelkd/caracal – File downloader written in Rust programming language
- xrelkd/clipcat – A clipboard manager written in Rust Programming Language.
- yamafaktory/craftql – A CLI tool to visualize GraphQL schemas and to output a graph data structure as a graphviz .dot format
- yamafaktory/jql – A JSON Query Language CLI tool
- yassinebridi/serpl – A simple terminal UI for search and replace, ala VS Code.
- yinheli/kungfu – Flexible DNS hijacking and proxy tool.
- ynqa/jnv – Interactive JSON filter using jq
- yshui/job-security – job control from anywhere!
- zaghaghi/openapi-tui – Terminal UI to list, browse and run APIs defined with openapi spec.
- zdz/ServerStatus-Rust – ✨ Rust 版 ServerStatus 探针、威力加强版
- zed-industries/zed – Code at the speed of thought – Zed is a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter.
- zellij-org/zellij – A terminal workspace with batteries included
- zer0yu/anew – A tool for adding new lines to files, skipping duplicates and written in Rust!
- zhaofengli/attic – Multi-tenant Nix Binary Cache
- zhaofengli/colmena – A simple, stateless NixOS deployment tool
- zhboner/realm – A network relay tool
- zimbatm/mdsh –
$ mdsh
# a markdown shell pre-processor - zu1k/http-proxy-ipv6-pool – Make every request from a separate IPv6 address.
- zydou/arti – An implementation of Tor, in Rust. [mirror]
- AboutRSS/ALL-about-RSS – A list of RSS related stuff: tools, services, communities and tutorials, etc.
- jonico/awesome-runners – A curated list of awesome self-hosted GitHub Action runners in a large comparison matrix
- rs-loves-bugs/xsshunter
- zzzteph/DutchGovScope – Dutch Government Bugbounty scope analysis, subdomains and url lists
- twitter/the-algorithm – Source code for Twitter's Recommendation Algorithm
- SystemCrafters/guix-installer – A GNU Guix installer image with the full Linux kernel!
- abcdw/rde – Tools for managing reproducible development environments. Mirror of https://sr.ht/~abcdw/rde/
- nicolas-graves/dotfiles – My dotfiles, on the shoulders of guix and rde
- 0xSpidey/cloudrecon – This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeger.gay provider.
- 1N3/ReverseAPK – Quickly analyze and reverse engineer Android packages
- 7RU7H/Archive – Hacking Methodology, Cheatsheats, Conceptual-Breakdowns
- 89luca89/distrobox – Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
- AdarshAddee/root – Root - Access root previliges in termux without rooting android device
- Aj-Seven/Android-Sysinfo – A tool efficiently displays Android system details on Termux.
- Akianonymus/gdrive-downloader – Download a gdrive folder or file easily, shell ftw.
- AlvinPix/bspwm – 🐲 Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things
- Animeshz/scripts – Collection of my regularly used scripts
- AryanVBW/LinuxDroid – The most powerful security toolkit for Android: without rooting your device. Run security tools like Nmap, Metasploit, and Wireshark on your Android device without voiding your warranty. Access a wide range of penetration testing tools and utilities, right from your Android phone or tablet.
- Axarva/dotfiles-2.0 – XMonad™️. Widgets go brr.
- Azathothas/Arsenal – Hastly written Tools & Scripts for Personal Use Cases & Bug Bounties
- Azathothas/static-toolbox – Statically Compiled Linux Binaries for [CoreUtils | Dropbear | Git | kmod | Nmap | OpenSSH | Procps | Socat | Strace | TCPDump | Util-Linux | xz-utils]
- Bugswriter/notflix – Notflix is a shell script to search and stream torrent.
- BuildAPKs/buildAPKs – Really quickly build APKs on handheld device (smartphone and tablet) in Amazon, Android, Chromebook, PRoot and Windows📲 See https://buildapks.github.io/docsBuildAPKs/setup to start building APKs.
- CHIZI-0618/box4magisk – Use sing-box, clash, v2ray, xray tunnel proxy on Android devices.
- CISOfy/lynis – Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
- CaffeineDuck/Balderdash – Bathe your code in ganga jaal.
- CecilWesterhof/BashLibrary – A library with useful Bash functions
- Cloudbox/Cloudbox – Ansible-based solution for rapidly deploying a Docker containerized cloud media server.
- Cyclenerd/static_status – 🚦Bash script to generate a static status page.
- DanielGibson/DanielGibson.github.io – My blog, I guess
- DannyBen/rush-cli – Personal Package Manager - run your GitHub hosted scripts, locally.
- DannyBen/rush-repo – My package repository for the Rush package manager
- DesktopECHO/Pi-hole-for-Android – Pi-hole/Unbound Raspbian APK Installer for Android 5.0+ devices (requires root)
- DoTheEvo/selfhosted-apps-docker – Guide by Example
- Fadavvi/Sub-Drill – A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
- FrancescoDiSalesGithub/Google-cloud-shell-hacking – Hacks for a better google cloud shell experience
- FriendlyNeighborhoodShane/MinMicroG – Sources and scripts for MinMicroG installers. You shall find no prebuilt releases here.
- Genivia/ugrep-benchmarks – ugrep benchmarks
- GhostTroops/TOP – TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
- Gogh-Co/Gogh – Gogh is a collection of color schemes for various terminal emulators, including Gnome Terminal, Pantheon Terminal, Tilix, and XFCE4 Terminal also compatible with iTerm on macOS.
- HackingGate/Country-IP-Blocks – Latest country IP ranges in CIDR notation updates by the end of every week day (Monday to Friday at 9:22PM UTC)
- HariSekhon/DevOps-Bash-tools – 1000+ DevOps Bash Scripts - AWS, GCP, Kubernetes, Docker, CI/CD, APIs, SQL, PostgreSQL, MySQL, Hive, Impala, Kafka, Hadoop, Jenkins, GitHub, GitLab, BitBucket, Azure DevOps, TeamCity, Spotify, MP3, LDAP, Code/Build Linting, pkg mgmt for Linux, Mac, Python, Perl, Ruby, NodeJS, Golang, Advanced dotfiles: .bashrc, .vimrc, .gitconfig, .screenrc, tmux..
- InfoSecWarrior/Offensive-Pentesting-Scripts – Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work more efficient and effective.
- Inscyght/Zero-E – Automates the network enumeration process in a fire-and-forget manner, among many more functions. Zero effort, zero error network enumeration.
- IvanGlinkin/AutoSUID – AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
- IvanGlinkin/Fast-Google-Dorks-Scan – The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
- Jip-Hop/ubernerd – Run Docker and LXC-like containers with a portable install of nerdctl on a systemd based host
- KathanP19/JSFScan.sh – Automation for javascript recon in bug bounty.
- Kicksecure/security-misc – Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc
- KittyKatt/screenFetch – Fetches system/theme information in terminal for Linux desktop screenshots.
- Kron4ek/Conty – Easy to use unprivileged Linux container packed into a single portable executable
- LemonBench/LemonBench – A simple Linux Benchmark Toolkit
- LinuxNerdBTW/openbox-minimal
- LloydAsp/NodeBench – vps聚合测试脚本,直接输出排版好的markdown格式,方便粘贴
- LloydAsp/OsMutation – Reinstall Any OpenVZ/LXC VPS to Debian/CentOS/Alpine
- Macmod/CloudPersist – A collection of simple scripts to achieve persistence quick in cloud environments without generating too much noise.
- Magisk-Modules-Alt-Repo/custom-certificate-authorities – A Magisk module which adds custom certificate authorities from a pre-defined path on the Android file system to the system trust store.
- Magisk-Modules-Repo/acc – Upstream repo:
- Magisk-Modules-Repo/ccbins
- Magisk-Modules-Repo/movecert – movecert
- Magisk-Modules-Repo/nano-ndk – nano-ndk
- Magisk-Modules-Repo/ssh – ssh
- MegaManSec/SSH-Snake – SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
- Mexit/MultiOS-USB – Boot operating systems directly from ISO files
- Micro0x00/Arsenal – Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
- Misaka-blog/xray-for-uffizzi – 在 Uffizzi 云平台上部署 xray 节点
- Moe-hacker/daijin – (Aka. termux-container) Run linux with chroot&unshare/proot on your Android phone,safely and easy.
- Moe-hacker/rootfstool – A tool to get linux container rootfs from lxc-image mirrors.
- Mon-ius/Docker-Warp-Socks – Connet to CloudFlare WARP, exposing
socks5
proxy all together. - MysticRyuujin/guac-install – Script for installing Guacamole on Ubuntu
- NVISOsecurity/MagiskTrustUserCerts – A Magisk/KernelSU module that automatically adds user certificates to the system root CA store
- NullSense/fuzzy-sys – Utility tool for using systemctl interactively
- PeterDaveHello/nrd-list-downloader – Shell Script to download NRD(Newly Registered Domain) list for free
- QaidVoid/Complete-Single-GPU-Passthrough – Single GPU VFIO Passthrough Guide
- RabbitHoleEscapeR1/r1_escape
- RandomCoderOrg/ubuntu-on-android – Run Ubuntu with pre-installed Desktop Environments in android/termux with ease! Everything is preinstalled so just download install and done🚀🚀
- ReverseTEN/NucProbe – Automate Nuclei scans and streamline bug hunting workflows
- Ridter/warp_proxy – cloudflare socks5 server
- RohitVerma882/termux-miunlock – A program that can be used to retrieve the bootloader unlock token for Xiaomi devices. (and unlock the bootloader) using Termux
- Security-Onion-Solutions/securityonion – Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
- Shell-Company/QRExfil – This tool is a command line utility that allows you to convert any binary file into a QRcode movie. The data can then be reassembled visually allowing exfiltration of data in air gapped systems
- Skimmeroni/Nupk – Dummy package manager in roughly 400 lines of shell script
- Skimmeroni/Nupk-repository – A repository of installation scripts. To be used with Nupk
- SkyperTHC/pure-bash-bible – 📖 A collection of pure bash alternatives to external processes.
- Smiley-McSmiles/jellyman – Jellyman is a set of scripts to install/manage and update the jellyfin-combined tar.gz generic linux package
- Sohil876/Termux-zsh – Make termux a better looking and much more functional terminal
- SomajitDey/tunnel – Peer-to-peer, secure, TCP/UDP port forwarding using HTTP(s) relay for NAT/firewall traversal
- Soroushnk/Astro – a bash script to help you bypass GFW
- TH3xACE/SUDO_KILLER – A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
- The-Z-Labs/linux-exploit-suggester – Linux privilege escalation auditing tool
- Trigus42/alpine-qbittorrentvpn – Multiarch docker image with the latest qBittorrent-nox client (WEB UI) and WireGuard/OpenVPN tunnel
- VHSgunzo/bubblewrap-static – Statically compiled bubblewrap
- VHSgunzo/coreutils-static – Statically compiled coreutils with musl
- VHSgunzo/findutils-static – Statically compiled findutils with musl
- VHSgunzo/gawk-static – Statically compiled gawk with musl
- VHSgunzo/ge-proton-lw – Compatibility tool for Steam Play based on Wine and additional components
- VHSgunzo/grep-static – Statically compiled grep with musl
- VHSgunzo/lux-wine – Easy launch of your Windows applications and games with Wine/Proton
- VHSgunzo/procps-static – Statically compiled procps
- VHSgunzo/runimage – Portable single-file linux container
- VHSgunzo/runimage-openssh – SSH protocol implementation for remote login, command execution and file transfer for RunImage container
- VHSgunzo/runimage-static – Statically compiled binaries for runimage
- VHSgunzo/sed-static – Statically compiled sed with musl
- VHSgunzo/squashfs-tools-static – Statically compiled squashfs-tools
- VHSgunzo/tar-static – Statically compiled tar with musl
- VHSgunzo/util-linux-static – Statically compiled util-linux
- VHSgunzo/which-static – Statically compiled which with musl
- VHSgunzo/xz-static – Statically compiled xz with musl
- VHSgunzo/zstd-static – Statically compiled zstd with musl
- VR-25/acc – Advanced Charging Controller
- ValdikSS/nat-traversal-github-actions-openvpn-wireguard – OpenVPN and WireGuard server on GitHub Actions: representative NAT traversal case
- ViRb3/magisk-frida – 🔐 Run frida-server on boot with Magisk, always up-to-date
- WSA-Community/WSAGAScript – Scripts to install Google Apps into a WSA image. Plus optional root
- XDream8/revanced-creator – Create Revanced apps easily ☠️
- XQuartz/XQuartz – An X11 server and client libraries for macOS
- Yonle/alpine-proot – A well quick standalone Alpine PRoot installer & launcher
- Zackptg5/Cross-Compiled-Binaries-Android – A collection of (mostly) static cross compiled binaries for android
- abcfy2/aria2-static-build – aria2 static build, support cross compile
- acidvegas/random – collection of un-sorted bollocks
- adi1090x/termux-style – Simple script to change color-schemes and fonts for Termux.
- adityathebe/dotfiles – Dotfiles Backup
- agarrharr/awesome-cli-apps – 🖥 📊 🕹 🛠 A curated list of command line apps
- agnostic-apollo/sudo – A wrapper script to drop to the supported shells or execute shell script files or their text passed as an argument with superuser (root) context in termux
- ajdiaz/bashc – A tool to convert/compile a bash script to a static linked x86 and x86_64 binary.
- akinomyoga/ble.sh – Bash Line Editor―a line editor written in pure Bash with syntax highlighting, auto suggestions, vim modes, etc. for Bash interactive sessions.
- akuhnet/w-colab – Free Rdp windows with google colab
- akuhnet/wqemu
- amrsa1/Android-Emulator-image – The use of this Docker image simplifies the process of running an Android emulator within a Docker container
- anasfanani/Magisk-Tailscaled – Magisk/KernelSU module for running Tailscale on rooted Android devices. The easiest, most secure way to use WireGuard and 2FA.
- anasfik/flutter-spy – Explore, analyze, and gain valuable data & insights from reverse engineered Flutter apps.
- angela-d/brain-dump – Cheat sheets, customizations and configurations I use across multiple systems.
- ansemjo/version.sh – output identical version strings from repository clones or downloaded archives
- arget13/DDexec – A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
- armbian/build – Armbian Linux build framework generates custom Debian or Ubuntu image for x86, aarch64, riscv64 & armhf
- armbian/os – Armbian operating system rolling releases provides automated nightly builds of maintained targets
- arp242/goon – Run Go on another machine such as a QEMU VM or cloud instance
- asdf-vm/asdf – Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
- ashishb/android-security-awesome – A collection of android security related resources
- ax/apk.sh – apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
- axonasif/dotsh – A fast dotfiles and system configuration installer optimized for Gitpod and power users
- azlux/gnos-sockets – 🐾 Colorful IP sockets list
- basant0x01/b3-Hackerone – triple-b is the General repo created for mantaining backup for Bugbounty programs and it's scopes.
- basecamp/omakub – Opinionated Ubuntu Setup
- bats-core/bats-core – Bash Automated Testing System
- bdloser404/Fluttermux – Run Flutter on Termux Natively. Install Latest Flutter SDK on Termux within hour.
- benpye/alpine-droplet – Alpine Linux image generator for digital ocean
- bin456789/reinstall – 一键DD/重装脚本 (One-click reinstall OS on VPS)
- binpash/try – Inspect a command's effects before modifying your live system
- bitnami/minideb – A small image based on Debian designed for use in containers
- blinksh/mosh-static-multiarch – Static builds of mosh-server
- blues-lab/getapk – Small CLI program that uses an Android device and adb tp download raw APK files from the Google Play store.
- bootlin/toolchains-builder
- borestad/blocklist-abuseipdb – Aggregated AbuseIPDB blocklists with worst IPv4 & IPv6 offenders (~100% confidence)
- borestad/ci-utils – Common utils & binaries used in CI-pipelines / scripts etc.
- borestad/static-binaries – Static binaries updated hourly
- bruzistico/mortomuitolouco – Tool to try to find IPs of "dead" subdomains/domains, based on virtual hosts.
- candrewlee14/webman-pkgs – Repo to store package installation config files for https://github.com/candrewlee14/webman
- carlosedp/riscv-bringup – Risc-V journey thru containers and new projects
- casterbyte/F31 – Tool for hiding Kali Linux on the network
- cburgmer/jp – A simpler jq, and with JSONPath
- cloudposse/geodesic – 🚀 Geodesic is a DevOps Linux Toolbox in Docker
- cpendery/kaldo – cross shell aliases
- crosstool-ng/crosstool-ng – A versatile (cross-)toolchain generator.
- cswl/tsu – Gain root shell on Termux.
- cytopia/pwncat – pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
- dalaolala/blog – 用issue来写博客 和别人学的
- darklotuskdb/auto-launch-frida-server – The process involves downloading the latest version and automatically configuring it within the Termux Android application. Subsequently, upon launching the Termux application, Frida Server is initiated automatically to facilitate penetration testing.
- davideolgiati/PartyLoud – A simple tool to generate fake web browsing and mitigate tracking
- davidhampgonsalves/music-server – Music streaming server on a Android Galaxy S7
- debuerreotype/docker-debian-artifacts – Official builds of debuerreotype-generated Debian tarballs for use in Docker
- deepwn/warpod – A containerized WARP client with gost proxy. (ubuntu:22.04 + warp-svc + gost) for use Zero Trust and private network inside container project and k8s.
- denilsonsa/prettyping –
prettyping
is a wrapper around the standardping
tool, making the output prettier, more colorful, more compact, and easier to read. - diego-treitos/linux-smart-enumeration – Linux enumeration tool for pentesting and CTFs with verbosity levels
- dimkr/toolchains – Toolchains for ultra-portable static binaries
- dmotte/desktainer – 🖥 Remote desktop in a container
- dockcross/dockcross – Cross compiling toolchains in Docker images
- docker/docker-bench-security – The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
- dockur/windows – Windows inside a Docker container.
- docsion/rfsh – RFSH: Run shell scripts in batch, concurrently, fully customized with variable .
- dokku/dokku – A docker-powered PaaS that helps you build and manage the lifecycle of applications
- dracula/tmux – 🧛🏻♂️ Dark theme for tmux
- dracutdevs/dracut – dracut the event driven initramfs infrastructure
- dreamkinn/CompileCSDocker – Compile SharpHound and others on Linux
- droidian/glibc-downgrade
- dtolnay/rust-toolchain – Concise GitHub Action for installing a Rust toolchain
- dustinkirkland/byobu – text window manager, shell multiplexer, integrated DevOps environment
- dwisiswant0/gf-secrets – Secret and/or credential patterns used for gf.
- dylanaraps/fff – 📁 A simple file manager written in bash.
- dylanaraps/pure-sh-bible – 📖 A collection of pure POSIX sh alternatives to external processes.
- dzove855/Bash-web-server – A purely bash web server, no socat, netcat, etc...
- e-m-b-a/emba – EMBA - The firmware security analyzer
- edoardottt/secfiles – My useful files for penetration tests, security assessments, bug bounty and other security related stuff
- elitak/nixos-infect – [GPLv3+] install nixos over the existing OS in a DigitalOcean droplet (and others with minor modifications)
- erikw/restic-automatic-backup-scheduler – Automatic restic backup using Backblaze B2 storage and either Linux systemd timers, macOS LaunchAgent, Windows ScheduledTask or simply cron.
- erikw/tmux-powerline – ⚡️ A tmux plugin giving you a hackable status bar consisting of dynamic & beautiful looking powerline segments, written purely in bash.
- ernw/static-toolbox – A collection of statically compiled tools like Nmap and Socat.
- fipso/ccurl.sh – Use cURL with cookies from Chrome
- firasuke/mussel – The shortest and fastest script to build working cross compilers targeting musl libc
- fire1ce/DDNS-Cloudflare-Bash – Cloudflare DDNS bash Script for most Linux distributions and MacOS. Choose any source IP address to update external or internal (WAN/LAN). Cloudflare's options proxy and TTL configurable via the parameters.
- foozzi/discoshell – a simple discover