opensource-discoveries

repo_url description owner_name license stars    
https://github.com/nao-sec/tknk_scanner Community-based integrated malware identification system nao-sec mit 81    
https://github.com/D1rkMtr/VirusTotalC2 Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , and in case you don’t have C2 infrastructure , now you have a free one D1rkMtr   447    
https://github.com/fox-it/spookyssl-pcaps SpookySSL PCAPS and Network Coverage fox-it mit 3    
https://github.com/NVISOsecurity/nviso-cti   NVISOsecurity   33    
https://github.com/threatray/tigerrat Scripts and IOCs for the Andariel APT group research threatray mit 6    
https://github.com/a0rtega/metame metame is a metamorphic code engine for arbitrary executables a0rtega mit 467    
https://github.com/NCSC-NL/OpenSSL-2022 Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3 NCSC-NL mit 456    
https://github.com/ek0/hxemu Triton based symbolic emulator ek0   11    
https://github.com/antonioCoco/RogueWinRM Windows Local Privilege Escalation from Service Account to System antonioCoco gpl-3.0 449    
https://github.com/Rogdham/python-xz Pure Python implementation of the XZ file format with random access support Rogdham mit 11    
https://github.com/open-obfuscator/o-mvll :electron: O-MVLL is a LLVM-based obfuscator for native code (Android & iOS) open-obfuscator apache-2.0 159    
https://github.com/eshard/obfuscator-llvm   eshard other 58    
https://github.com/PayDevs/awful-oss-incidents 🤬 A categorized list of incidents caused by unappreciated OSS maintainers or underfunded OSS projects. Feedback welcome! PayDevs cc0-1.0 245    
https://github.com/epilys/tade tade is a discussion/forum/link aggregator application. It provides three interfaces: a regular web page, a mailing list bridge and an NNTP server epilys agpl-3.0 22    
https://github.com/Accenture/Spartacus Spartacus DLL Hijacking Discovery Tool Accenture mit 206    
https://github.com/vnmabus/dcor Distance correlation and related E-statistics in Python vnmabus mit 105    
https://github.com/roaldarbol/LaPreprint 📝 A nicely formatted LaTeX preprint template roaldarbol mit 398    
https://github.com/friendica/friendica Friendica Communications Platform friendica agpl-3.0 1076    
https://github.com/GreyNoise-Intelligence/wasm_ipv4_heatmap WebAssembly module to produce an IPv4 heatmap mapped to a Hilbert Curve GreyNoise-Intelligence   4    
https://github.com/uNetworking/uWebSockets Simple, secure & standards compliant web server for the most demanding of applications uNetworking apache-2.0 14785    
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected. Cloud-Architekt   1065    
https://github.com/Qianlitp/WatchAD AD Security Intrusion Detection System Qianlitp gpl-3.0 1087    
https://github.com/SamuelTulach/RwxMeme State of the art DLL injector that took 20 minutes to make SamuelTulach mit 15    
https://github.com/jevinskie/aarch64-experimental-disasm Experimental methods of decoding/disassembling AArch64 instructions jevinskie bsd-2-clause 1    
https://github.com/wikireader/wikireader Official Source code for the WikiReader (by Openmoko) wikireader other 173    
https://github.com/hashview/hashview A web front-end for password cracking and analytics hashview gpl-3.0 255    
https://github.com/Tripwire/tripwire-open-source Open Source Tripwire® Tripwire gpl-2.0 663    
https://github.com/evilsocket/mpcfw Reverse engineering of Apple MultipeerConnectivity Framework evilsocket   44    
https://github.com/FreeTAKTeam/openTAKpickList a list of hardware and software to be used in conjunction with the ATAKplatform FreeTAKTeam epl-2.0 73    
https://github.com/T145/black-mirror Blacklists and whitelists that aim to promote security, safety, and sanity across the internet! T145 agpl-3.0 105    
https://github.com/ail-project/PyLacus Python module to enqueue and query a remote Lacus instance ail-project bsd-3-clause 2    
https://github.com/deptofdefense/AndroidTacticalAssaultKit-CIV   deptofdefense other 507    
https://github.com/TAK-Product-Center/Server TAK Server TAK-Product-Center other 110    
https://github.com/docintelapp/DocIntel Open Source Platform for storing, organizing, and searching documents related to cyber threats docintelapp other 64    
https://github.com/feathericons/feather Simply beautiful open source icons feathericons mit 22783    
https://github.com/EttusResearch/gr-ettus Out-of-tree GNU Radio Module for Experimental Ettus Research Features EttusResearch other 42    
https://github.com/gmh5225/YARA-yaralyzer Visually inspect YARA and regex matches found in both binary and text data. gmh5225 gpl-3.0 3    
https://github.com/akamai/akamai-security-research This repository includes code and IoCs that are the product of research done in Akamai’s various security research teams. akamai apache-2.0 176    
https://github.com/matplotlib/matplotlib matplotlib: plotting with Python matplotlib   16357    
https://github.com/palewire/amsat-satellite-index An interactive list of active amateur radio satellites for amsat.org palewire mit 1    
https://github.com/J4NN0/linkedin-web-scraper Python Web Scraper for LinkedIn. Collect data and store it into .xls file. J4NN0 gpl-3.0 9    
https://github.com/Its-Vichy/HBot 🐛 Self spreading Botnet based on Mirai C&C Arch, spreading through SSH and Telnet protocol. Modern script fullly written in python3. Its-Vichy apache-2.0 135    
https://github.com/DarkCoderSc/PsyloDbg User-friendly Microsoft Windows Debugger for Malware Analysts. DarkCoderSc apache-2.0 125    
https://github.com/horizon3ai/CVE-2022-40684 A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager horizon3ai   277    
https://github.com/D1rkMtr/FilelessRemotePE Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique D1rkMtr   544    
https://github.com/RansomLook/RansomLook Yet another Ransomware gang tracker RansomLook gpl-3.0 69    
https://github.com/COSSAS/sacti SACTI - Securely aggregate CTI sightings and report them on MISP COSSAS apache-2.0 9    
https://github.com/sepinf-inc/IPED IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners. sepinf-inc other 464    
https://github.com/mgeeky/ShellcodeFluctuation An advanced in-memory evasion technique fluctuating shellcode’s memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents mgeeky mit 591    
https://github.com/CScorza/Image-OSINT-Forensics Ricerca e Analisi delle Immagini CScorza   71    
https://github.com/NHAS/reverse_ssh SSH based reverse shell NHAS bsd-3-clause 204    
https://github.com/slaeryan/AQUARMOURY My musings in C and offensive tooling slaeryan   499    
https://github.com/ail-project/LacusCore The modulable part of Lacus ail-project bsd-3-clause 2    
https://github.com/msiemens/tinydb TinyDB is a lightweight document oriented database optimized for your happiness :) msiemens mit 5451    
https://github.com/avast/yari YARI is an interactive debugger for YARA Language. avast mit 71    
https://github.com/Xetnus/osm-finder A “line-network” geolocation tool created for Bellingcat’s September 2022 Hackathon: https://www.bellingcat.com/resources/2022/10/06/automated-map-searches-scam-busting-tools-and-twitter-search-translations-here-are-the-results-of-bellingcats-second-hackathon/ Xetnus mit 82    
https://github.com/mxrch/GitFive 🐙 Track down GitHub users. mxrch mpl-2.0 381    
https://github.com/cncf/tag-security 🔐CNCF Security Technical Advisory Group – secure access, policy control, privacy, auditing, explainability and more! cncf other 1501    
https://github.com/pry0cc/axiom The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more! pry0cc mit 2948    
https://github.com/vdjagilev/nmap-formatter A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it’s nmap converter. vdjagilev mit 128    
https://github.com/DISARMFoundation/DISARMframeworks Master copies of the DISARM frameworks, with generated files to help you explore the data DISARMFoundation cc-by-sa-4.0 37    
https://github.com/e2guardian/e2guardian E2guardian is a web content filter that can work in proxy, transparent or icap server modes e2guardian gpl-2.0 399    
https://github.com/codeyourweb/fastfinder Incident Response - Fast suspicious file finder codeyourweb mit 162    
https://github.com/deepfence/PacketStreamer :star: :star: Distributed tcpdump for cloud native environments :star: :star: deepfence apache-2.0 777    
https://github.com/trickest/wordlists Real-world infosec wordlists, updated regularly trickest mit 445    
https://github.com/tamimhasan404/image-upload-exploits This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty. tamimhasan404   3    
https://github.com/HavocFramework/Havoc The Havoc Framework HavocFramework gpl-3.0 2634    
https://github.com/soxoj/maigret 🕵️‍♂️ Collect a dossier on a person by username from thousands of sites soxoj mit 7274    
https://github.com/nccgroup/mimikatz-detector-busylight USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in different colours. nccgroup   16    
https://github.com/raghur/mermaid-filter Pandoc filter for creating diagrams in mermaid syntax blocks in markdown docs raghur   280    
https://github.com/Xu0Tex1/CVE-2022-3236 Unauthenticated rce in sophos User Portal and Webadmin components mass exploitation tool Xu0Tex1   1    
https://github.com/quarkslab/quokka Quokka: A Fast and Accurate Binary Exporter quarkslab apache-2.0 102    
https://github.com/tintinweb/ethereum-dasm An ethereum evm bytecode disassembler and static/dynamic analysis tool tintinweb gpl-2.0 169    
https://github.com/CYB3RMX/C2Data A database for captured data (malicious files etc.) from command and control servers. CYB3RMX mit 3    
https://github.com/DavidBuchanan314/monomorph MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash DavidBuchanan314 mit 683    
https://github.com/ORCx41/KnownDllUnhook Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs ORCx41 mit 193    
https://github.com/netspooky/xx The xx file format. Turn your hex dumps into art, then into binary data. netspooky 0bsd 280    
https://github.com/gwen001/dnspy Find subdomain takeovers gwen001 mit 66    
https://github.com/lkarlslund/ldapnomnom Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP) lkarlslund mit 556    
https://github.com/williballenthin/EVTXtract EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images. williballenthin apache-2.0 158    
https://github.com/malfp/tormalwarefp Traffic analysis for Tor-based malware detection and classification malfp mit 7    
https://github.com/corkami/collisions Hash collisions and exploitations corkami   1928    
https://github.com/D1rkMtr/DumpThatLSASS Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile. D1rkMtr   409    
https://github.com/S12cybersecurity/Infinite-Backdoors Bash Script with 4 ways to get persistence in Linux systems WITHOUT root permisions S12cybersecurity   8    
https://github.com/jgromes/RadioLib Universal wireless communication library for embedded devices jgromes mit 724    
https://github.com/Processus-Thief/HEKATOMB Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them. Processus-Thief gpl-3.0 214    
https://github.com/openai/whisper Robust Speech Recognition via Large-Scale Weak Supervision openai mit 14019    
https://github.com/memN0ps/srdi-rs Rusty Shellcode Reflective DLL Injection (sRDI) memN0ps mit 156    
https://github.com/hellman/wboxkit White-box Design and Analysis kit hellman mit 9    
https://github.com/Rupan/idapin A debugger backend for IDA Pro built on top of of Intel’s PIN framework Rupan   17    
https://github.com/benedekrozemberczki/awesome-fraud-detection-papers A curated list of data mining papers about fraud detection. benedekrozemberczki cc0-1.0 1220    
https://github.com/hasherezade/pe-bear Portable Executable reversing tool with a friendly GUI hasherezade gpl-2.0 1492    
https://github.com/jhassine/server-ip-addresses Daily updated list of IP addresses / CIDR blocks used by data centers, cloud service providers, servers, etc. jhassine   85    
https://github.com/Eventual-Inc/Daft The Python DataFrame for Media Data Eventual-Inc apache-2.0 395    
https://github.com/TheNerdlist/nerdlist list of passwords more likely to be used by sysadmins, general nerds, and folk with access TheNerdlist mit 232    
https://github.com/apache/age Graph database optimized for fast analysis and real-time data processing. It is provided as an extension to PostgreSQL. apache apache-2.0 942    
https://github.com/CybercentreCanada/assemblyline AssemblyLine 4 - File triage and malware analysis CybercentreCanada mit 62    
https://github.com/CrowdStrike/SuperMem A python script developed to process Windows memory images based on triage type. CrowdStrike mit 192    
https://github.com/NytroRST/ShellcodeCompiler Shellcode Compiler NytroRST gpl-3.0 860    
https://github.com/GreyNoise-Intelligence/pygreynoise Python3 library and command line for GreyNoise GreyNoise-Intelligence mit 134    
https://github.com/breck7/pldb PLDB: a Programming Language Database. A public domain knowledge graph focused on programming languages distributed as a CSV file. breck7   592    
https://github.com/Phantom1003/QARMA64 QARMA block cipher in C Phantom1003 mit 19    
https://github.com/kurtfu/present PRESENT block cipher kurtfu mit 3    
https://github.com/MISP/misp-guard [experimental] misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based on a set of customizable block rules. MISP agpl-3.0 7    
https://github.com/vmware/splinterdb High Performance Embedded Key-Value Store vmware apache-2.0 441    
https://github.com/CIRCL/ssdc ssdeep based clustering tool CIRCL mit 14    
https://github.com/LeeBrotherston/badflare OSINT tool for discovering the real IP addresses of services which are behind Cloudflare but not properly locked down LeeBrotherston other 100    
https://github.com/ail-project/lacus Lacus is a capturing system using playwright, as a web service. ail-project bsd-3-clause 4    
https://github.com/Te-k/cobaltstrike Code and yara rules to detect and analyze Cobalt Strike Te-k mit 220    
https://github.com/attify/firmware-analysis-toolkit Toolkit to emulate firmware and analyse it for security vulnerabilities attify mit 1004    
https://github.com/p0dalirius/Coercer A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. p0dalirius   709    
https://github.com/impira/docquery An easy way to extract information from documents impira mit 1160    
https://github.com/DirkR/capturadio Capture mp3 streams from internet radio stations and store in on the local disk. DirkR   26    
https://github.com/streetwriters/notesnook A fully open source & end-to-end encrypted note taking alternative to Evernote. streetwriters gpl-3.0 4200    
https://github.com/gl4ssesbo1/Nebula Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components. gl4ssesbo1 other 308    
https://github.com/sleuthkit/autopsy Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera’s memory card. sleuthkit   1705    
https://github.com/TheSpeedX/PROXY-List Get PROXY List that gets updated everyday TheSpeedX   1285    
https://github.com/codingo/VHostScan A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages. codingo gpl-3.0 991    
https://github.com/BigNerd95/WinboxExploit Proof of Concept of Winbox Critical Vulnerability BigNerd95 mit 188    
https://github.com/Lookyloo/pysecuritytxt Tries to get and parse .well-known/security.txt from a domain Lookyloo bsd-3-clause 4    
https://github.com/ail-project/ail-feeder-apk This AIL feeder pushes annotated APK to an AIL instance ail-project agpl-3.0 2    
https://github.com/enkomio/thematrix a PE Loader and Windows API tracer. Useful in malware analysis. enkomio   113    
https://github.com/akunull/piloslib Multi-platform open-source set of audio and modulation tools that focus on synthesis, live electronic music, interconnection, probability, unique sounds, and intuitive interfacing built by Akunull in Pure Data starting in 2014 akunull mit 112    
https://github.com/kevinzg/facebook-scraper Scrape Facebook public pages without an API key kevinzg mit 1430    
https://github.com/CYB3RMX/BlackHeart BlackHeart is a simple python script to generate powershell scripts that demonstrate reverse shell gaining without Microsoft Defender restrictions. (FOR EDUCATIONAL PURPOSES!!) CYB3RMX mit 15    
https://github.com/binarly-io/fwhunt-scan Tools for analyzing UEFI firmware and checking UEFI modules with FwHunt rules binarly-io gpl-3.0 124    
https://github.com/LongSoft/UEFITool UEFI firmware image viewer and editor LongSoft bsd-2-clause 3015    
https://github.com/AykutSarac/jsoncrack.com 🔮 Seamlessly visualize your JSON data instantly into graphs; paste, import or fetch! AykutSarac gpl-3.0 18788    
https://github.com/iilegacyyii/Shellcrypt A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods. iilegacyyii mit 77    
https://github.com/michenriksen/drawio-threatmodeling Draw.io libraries for threat modeling diagrams michenriksen mit 479    
https://github.com/adw0rd/instagrapi 🔥 The fastest and powerful Python library for Instagram Private API 2022 adw0rd mit 1547    
https://github.com/bochs-emu/Bochs Bochs - Cross Platform x86 Emulator Project bochs-emu lgpl-2.1 161    
https://github.com/jonathan-dev/tcp_reassembly_testing   jonathan-dev   2    
https://github.com/datacoon/metawarc metawarc: a command-line tool for metadata extraction from files from WARC (Web ARChive) datacoon mit 13    
https://github.com/sourceincite/hekate   sourceincite mit 40    
https://github.com/amazon-science/ReFinED ReFinED is an entity linking (EL) system. amazon-science other 51    
https://github.com/mandiant/Ghidrathon The FLARE team’s open-source extension to add Python 3 scripting to Ghidra. mandiant apache-2.0 375    
https://github.com/webrecorder/har2warc Convert HTTP Archive (HAR) -> Web Archive (WARC) format webrecorder apache-2.0 38    
https://github.com/ninoseki/misp-rb MISP API wrapper for Ruby ninoseki mit 2    
https://github.com/Idov31/Sandman Sandman is a NTP based backdoor for red team engagements in hardened networks. Idov31 bsd-2-clause 413    
https://github.com/HackerNews/API Documentation and Samples for the Official HN API HackerNews mit 9452    
https://github.com/onetrueawk/awk One true awk onetrueawk other 1520    
https://github.com/hasherezade/libpeconv A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl hasherezade bsd-2-clause 795    
https://github.com/mandiant/dncil The FLARE team’s open-source library to disassemble Common Intermediate Language (CIL) instructions. mandiant apache-2.0 81    
https://github.com/ShawnyXiao/TextClassification-Keras Text classification models implemented in Keras, including: FastText, TextCNN, TextRNN, TextBiRNN, TextAttBiRNN, HAN, RCNN, RCNNVariant, etc. ShawnyXiao mit 770    
https://github.com/google-research/albert ALBERT: A Lite BERT for Self-supervised Learning of Language Representations google-research apache-2.0 2992    
https://github.com/vxunderground/ThreatIntelligenceDiscordBot Gets updates from various clearnet domains and ransomware threat actor domains vxunderground mit 182    
https://github.com/x64dbg/XEDParse XEDParse: A MASM-like, single-line plaintext assembler x64dbg lgpl-3.0 134    
https://github.com/vnhacker1337/CVE-2022-27925-PoC Zimbra RCE simple poc vnhacker1337   58    
https://github.com/IBM/sail Library for streaming data and incremental learning algorithms. IBM mit 10    
https://github.com/fventuri/linrad Linrad - SDR receiver fventuri mit 5    
https://github.com/Flangvik/TeamFiltration TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts Flangvik gpl-3.0 491    
https://github.com/NUKnightLab/TimelineJS3 TimelineJS v3: A Storytelling Timeline built in JavaScript. http://timeline.knightlab.com NUKnightLab mpl-2.0 2589    
https://github.com/wietze/HijackLibs Project for tracking publicly disclosed DLL Hijacking opportunities. wietze gpl-3.0 338    
https://github.com/Threagile/threagile Agile Threat Modeling Toolkit Threagile mit 397    
https://github.com/Digital-Forensics-Discord-Server/TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportunity to write a chapter of a book to get their name out there, get a publication on their resume with an actual ISBN number, and ideally lower the bar for people to contribute something back to the DFIR Community. Want to write a chapter? Let me know and let’s make it happen! Digital-Forensics-Discord-Server mit 122    
https://github.com/oasislinux/oasis a small statically-linked linux system oasislinux other 1920    
https://github.com/erg-lang/erg A statically typed language that can deeply improve the Python ecosystem erg-lang apache-2.0 2016    
https://github.com/theandrew168/derzforth Bare-metal Forth implementation for RISC-V theandrew168 mit 25    
https://github.com/mcmenaminadrian/riscyforth Forth for RISC-V SBCs mcmenaminadrian gpl-2.0 15    
https://github.com/howerj/forth-cpu A Forth CPU and System on a Chip, based on the J1, written in VHDL howerj   286    
https://github.com/realaravinth/gitpad Self-Hosted alternative to GitHub Gists realaravinth agpl-3.0 44    
https://github.com/trickest/containers Automated privilege escalation of the world’s most popular Docker images. trickest   35    
https://github.com/ly4k/Certipy Tool for Active Directory Certificate Services enumeration and abuse ly4k mit 1211    
https://github.com/advanced-threat-research/DotDumper An automatic unpacker and logger for DotNet Framework targeting files advanced-threat-research other 126    
https://github.com/casualwriter/casual-markdown-page Markdown as Web Page/Site casualwriter mit 254    
https://github.com/RUB-SysSec/loki Hardening code obfuscation against automated attacks RUB-SysSec agpl-3.0 32    
https://github.com/d4rckh/gorilla tool for generating wordlists or extending an existing one using mutations. d4rckh   339    
https://github.com/armon/libart Adaptive Radix Trees implemented in C armon other 673    
https://github.com/center-for-threat-informed-defense/attack-flow Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows. center-for-threat-informed-defense apache-2.0 286    
https://github.com/redballoonsecurity/ofrak OFRAK: unpack, modify, and repack binaries. redballoonsecurity other 1166    
https://github.com/toeverything/AFFiNE There can be more than Notion and Miro. AFFiNE is a next-gen knowledge base that brings planning, sorting and creating all together. Privacy first, open-source, customizable and ready to use. toeverything mit 10747    
https://github.com/Sc00bz/bscrypt A cache hard password hash/KDF Sc00bz cc0-1.0 19    
https://github.com/vstinner/hachoir Hachoir is a Python library to view and edit a binary stream field by field vstinner gpl-2.0 506    
https://github.com/luker983/nsa-codebreaker-2021 NSA Codebreaker Challenge 2021 Write-Ups luker983   49    
https://github.com/cudeso/misp-scraper A web scraper to create MISP events and reports cudeso   7    
https://github.com/jglim/ABOVISP ISP for the ABOV MC81F4204 jglim   11    
https://github.com/yeokm1/ndp2019-wristband-teardown Tear-down effort of the Pixmob wristband used in NDP2019. yeokm1   23    
https://github.com/EnviralDesign/GeoPix GeoPix is a free and open source real-time lighting control and previz software. It’s built in TouchDesigner, with a workflow and UI/UX inspired by 3d animation software. EnviralDesign mit 182    
https://github.com/onekey-sec/unblob Extract files from any kind of container formats onekey-sec other 740    
https://github.com/elastic/protections-artifacts Elastic Security detection content for Endpoint elastic other 506    
https://github.com/projectM-visualizer/projectm projectM - cross-platform music visualization. Open-source and Milkdrop-compatible projectM-visualizer lgpl-2.1 2460    
https://github.com/sonic-visualiser/sonic-visualiser Visualisation, analysis, and annotation of music audio recordings sonic-visualiser gpl-2.0 279    
https://github.com/paulnasca/paulstretch_python Paulstretch python version paulnasca   488    
https://github.com/paulnasca/paulstretch_cpp PaulStretch paulnasca gpl-2.0 732    
https://github.com/rumblesan/wave-stretcher command line wave stretching program. based on Paul stretch rumblesan bsd-2-clause 7    
https://github.com/Elektromatic/paulStretch This Pure Data patch uses the Paul stretch algorithm to time stretch musical recordings. It is suitable for extreme sound stretching of the audio. Elektromatic gpl-3.0 9    
https://github.com/microsoft/oss-ssc-framework Open Source Software Secure Supply Chain Framework microsoft other 218    
https://github.com/CENSUS/ghidra-frida-hook-gen Frida hook generator for Ghidra CENSUS bsd-2-clause 43    
https://github.com/CZ-NIC/dns-fuzzing Repository to store unique seeds for DNS server fuzzing CZ-NIC   42    
https://github.com/williballenthin/INDXParse Tool suite for inspecting NTFS artifacts. williballenthin apache-2.0 172    
https://github.com/GendarmerieNationale/ReceptionInfoDrone   GendarmerieNationale other 29    
https://github.com/VerbalExpressions/PythonVerbalExpressions Python regular expressions made easy VerbalExpressions   1558    
https://github.com/cardiffnlp/tweetnlp TweetNLP for all the NLP enthusiasts working on Twitter! The Python library tweetnlp provides a collection of useful tools to analyze/understand tweets such as sentiment analysis, emoji prediction, and named entity recognition, powered by state-of-the-art language models specialised on Twitter. cardiffnlp mit 69    
https://github.com/microsoft/Azure-Threat-Research-Matrix   microsoft mit 36    
https://github.com/Fuziih/cctv-exposure   Fuziih other 30    
https://github.com/luca364/MalwareSourceCode Collection of malware source code for a variety of platforms in an array of different programming languages. luca364   3    
https://github.com/punk-security/dnsReaper dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team! punk-security agpl-3.0 1513    
https://github.com/deptofdefense/hack-a-sat-library Public library of space documents and tutorials deptofdefense   487    
https://github.com/Deputation/hygieia Hygieia, a vulnerable driver traces scanner written in C++ as an x64 Windows kernel driver. Deputation   101    
https://github.com/cckuailong/JNDI-Injection-Exploit-Plus 50+ Gadgets(20 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server. cckuailong mit 239    
https://github.com/ptrkrysik/uhd USRP Hardware Driver Repository ptrkrysik other 2    
https://github.com/si9int/cc.py Extracting URLs of a specific target based on the results of “commoncrawl.org” si9int mit 256    
https://github.com/BRANDEFENSE/Threat-Intelligence-Researches The Brandefense cyber threat intelligence team is always researching new threats and writing research reports. Our latest Threat Reports is available for download. This reports covers the latest activity from APT groups, as well as new information on ransomware and phishing attacks. We recommend that all Brandefense followers download this reports and keep it handy in case they need to refer to it in the future. BRANDEFENSE   17    
https://github.com/MystenLabs/ed25519-unsafe-libs List of unsafe ed25519 signature libs MystenLabs mit 169    
https://github.com/FiloSottile/edwards25519 filippo.io/edwards25519 — A safer, faster, and more powerful low-level edwards25519 Go implementation. FiloSottile bsd-3-clause 94    
https://github.com/0vercl0k/inject Yet another Windows DLL injector. 0vercl0k mit 26    
https://github.com/BloodHoundAD/BARK BloodHound Attack Research Kit BloodHoundAD gpl-3.0 237    
https://github.com/MISP/misp-workflow-blueprints Library of blueprints usable in MISP Workflows MISP other 5    
https://github.com/gtworek/VolatileDataCollector   gtworek gpl-3.0 117    
https://github.com/codership/galera Synchronous multi-master replication library codership gpl-2.0 392    
https://github.com/LyraSearch/lyra 🌌 Fast, in-memory, typo-tolerant, full-text search engine written in TypeScript. LyraSearch other 3623    
https://github.com/aydinnyunus/exifLooter ExifLooter finds geolocation on all image urls and directories also integrates with OpenStreetMap aydinnyunus other 288    
https://github.com/sam210723/wavebin ∿ Oscilloscope waveform capture viewer and converter. sam210723 mit 43    
https://github.com/novafacing/symstress Source-assisted binary analysis tool to deduce function names based on source code patterns (read: strings). novafacing   2    
https://github.com/dfirdetective/WinSearchAppCache Windows Search App Cache parsing dfirdetective mit 7    
https://github.com/mikeroyal/Photogrammetry-Guide Photogrammetry Guide. Learn all about the process of obtaining measurements and 3D models from photos. Creating topographic maps, meshes, or point clouds based on the real-world. mikeroyal   613    
https://github.com/evild3ad/Collect-MemoryDump Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR evild3ad gpl-3.0 78    
https://github.com/planetscale/beam A simple message board for your organization or project planetscale mit 1652    
https://github.com/200ok-ch/organice An implementation of Org mode without the dependency of Emacs - built for mobile and desktop browsers 200ok-ch agpl-3.0 2072    
https://github.com/SQLab/CRAXplusplus The exploit generator CRAX++ is CRAX with x86_64 ROP techniques, s2e 2.0 upgrade, code selection, I/O states, dynamic ROP, and more! SQLab other 73    
https://github.com/eurecom-s3/symqemu SymQEMU: Compilation-based symbolic execution for binaries eurecom-s3 other 219    
https://github.com/Omyyyy/pycom A Python compiler, down to native code, using C++ Omyyyy mit 1091    
https://github.com/d4rckh/grc2 grim reaper c2 d4rckh gpl-3.0 287    
https://github.com/rabitt/pysox Python wrapper around sox. rabitt bsd-3-clause 440    
https://github.com/tenacityteam/saucedacity A free open-source audio editor based on Audacity focusing on general improvements. Will be the new future codebase of Tenacity starting with 1.3 tenacityteam other 135    
https://github.com/0xsyr0/vx-underground-wordlist Wordlist to crack .zip-file password 0xsyr0   70    
https://github.com/jstrieb/hackernews-button Privacy-preserving Firefox extension linking to Hacker News discussion; built with Bloom filters and WebAssembly jstrieb gpl-3.0 73    
https://github.com/massar/hashedrpz HashedRPZ - keep your RPZ entries secret massar bsd-3-clause 4    
https://github.com/matthw/icedid_stage1_unpack Automatically unpack SPLCrypt packed binaries (IcedID / BazarLoader stagers) matthw unlicense 8    
https://github.com/nexB/python-publicsuffix2 A small Python library to deal with publicsuffix data (includes a bundled PSL as “package data”) in a wheel friendly format. Fork and continuation of Tomaž Šolc’s “publicsuffix” nexB   24    
https://github.com/hashlookup/a-ray-grass a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly discard known files “pour séparer le grain de l’ivraie” hashlookup bsd-3-clause 7    
https://github.com/kichik/tlds Automatically updated list of valid TLDs for Python kichik mit 2    
https://github.com/dmachard/go-dns-collector Aggregator, analyzer, transporter and logging for your DNS logs dmachard mit 54    
https://github.com/dmachard/python-dnstap-receiver Dnstap streams receiver in Python dmachard mit 29    
https://github.com/dmachard/python-dnstap-protobuf Dnstap Protocol Buffers implementation in Python dmachard mit 2    
https://github.com/NLnetLabs/unbound Unbound is a validating, recursive, and caching DNS resolver. NLnetLabs bsd-3-clause 1972    
https://github.com/Findomain/Findomain The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more. Findomain gpl-3.0 2608    
https://github.com/enkomio/AlanFramework A C2 post-exploitation framework enkomio other 387    
https://github.com/last-byte/RIPPL RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows last-byte mit 220    
https://github.com/eth0izzle/bucket-stream Find interesting Amazon S3 Buckets by watching certificate transparency logs. eth0izzle mit 1644    
https://github.com/zardus/wargame-nexus A sorted and updated list of security wargame sites. zardus gpl-3.0 606    
https://github.com/hzqst/unicorn_pe Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files. hzqst mit 559    
https://github.com/chip-red-pill/MicrocodeDecryptor   chip-red-pill   1435    
https://github.com/hashlookup/fleur Fleur implements a Bloom Filter library in C that is fully compatible with DCSO’s Go and python implementations. hashlookup bsd-3-clause 114    
https://github.com/xzkostyan/clickhouse-sqlalchemy ClickHouse dialect for SQLAlchemy xzkostyan other 278    
https://github.com/kacos2000/Prefetch-Browser Browse Windows Prefetch properties kacos2000 mit 28    
https://github.com/OISF/suricata Suricata git repository maintained by the OISF OISF gpl-2.0 2810    
https://github.com/Moonslate/MoonHex A hex editor for romhackers Moonslate   12    
https://github.com/bgpkit/monocle See through all BGP data with a monocle. bgpkit mit 18    
https://github.com/bluesadi/Pluto-Obfuscator Obfuscator based on LLVM 12.0.1 bluesadi mit 478    
https://github.com/DODC/turncoat   DODC   36    
https://github.com/packing-box/peid Python implementation of the Packed Executable iDentifier (PEiD) packing-box gpl-3.0 46    
https://github.com/kacos2000/Evtx_Log_Browser Evtx Log (xml) Browser kacos2000 mit 47    
https://github.com/duckdb/duckdb DuckDB is an in-process SQL OLAP Database Management System duckdb mit 7081    
https://github.com/sourceincite/randy A pre-authenticated RCE exploit for Inductive Automation Ignition sourceincite gpl-3.0 36    
https://github.com/Concinnity-Risks/RansomCoinPublic A DFIR tool to extract cryptocoin addresses and other indicators of compromise from binaries. Concinnity-Risks apache-2.0 53    
https://github.com/D4-project/analyzer-d4-passivedns A Passive DNS backend and collector D4-project agpl-3.0 26    
https://github.com/handiko/Arduino-APRS Create simple APRS modulator using Arduino UNO handiko gpl-3.0 59    
https://github.com/comsec-group/retbleed Arbitrary Speculative Code Execution with Return Instructions comsec-group   105    
https://github.com/t3l3machus/toxssin An XSS exploitation command-line interface and payload generator. t3l3machus mit 578    
https://github.com/decompiler-explorer/decompiler-explorer Decompiler Explorer! Compare tools on the forefront of static analysis, now in your web browser! decompiler-explorer mit 1008    
https://github.com/MerginMaps/geodiff Library for handling diffs for geospatial data MerginMaps mit 116    
https://github.com/akvorado/akvorado Flow collector, hydrater and visualizer akvorado agpl-3.0 488    
https://github.com/p1ngul1n0/blackbird An OSINT tool to search for accounts by username in social networks. p1ngul1n0   1193    
https://github.com/koenrh/s3enum Fast and stealthy Amazon S3 bucket enumeration tool for pentesters. koenrh isc 151    
https://github.com/wheybags/glibc_version_header Build portable Linux binaries without using an ancient distro wheybags mit 587    
https://github.com/rudyerudite/AngErza Toy implementation of a Automated Exploit Generation built on Angr; stiched using radare, pwntools, pyelftools, and Angrop. rudyerudite   9    
https://github.com/dagrejs/dagre-d3 :no_entry: [DEPRECATED] - A D3-based renderer for Dagre dagrejs mit 2704    
https://github.com/uknowsec/SweetPotato Modifying SweetPotato to support load shellcode and webshell uknowsec   512    
https://github.com/RfidResearchGroup/proxmark3 The Iceman fork of Proxmark3 / RFID / NFC reader, writer, sniffer and emulator RfidResearchGroup gpl-3.0 2121    
https://github.com/ail-project/ail-typo-website Website for ail-typo-squatting library ail-project apache-2.0 22    
https://github.com/sartlabs/0days   sartlabs   1    
https://github.com/adulau/mmdb-server mmdb-server is an open source fast API server to lookup IP addresses for their geographic location. adulau agpl-3.0 64    
https://github.com/pocketbase/pocketbase Open Source realtime backend in 1 file pocketbase mit 15592    
https://github.com/pdfminer/pdfminer.six Community maintained fork of pdfminer - we fathom PDF pdfminer mit 3943    
https://github.com/py-pdf/PyPDF2 A pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files py-pdf other 4857    
https://github.com/nttgin/BGPalerter BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more. nttgin bsd-3-clause 569    
https://github.com/formatc1702/WireViz Easily document cables and wiring harnesses formatc1702 gpl-3.0 2616    
https://github.com/fventuri/nrsc5 NRSC-5 receiver for SDRplay API, SoapySDR, and RTL-SDR fventuri other 7    
https://github.com/fventuri/gr-sdrplay3 Out-of-tree GNU Radio module for SDRplay RSP devices - SDRplay API V3.X fventuri gpl-3.0 14    
https://github.com/Arachnid/evmdis EVM disassembler Arachnid apache-2.0 456    
https://github.com/dbarzin/pandora-box USB Scanning device dbarzin gpl-3.0 10    
https://github.com/GlobalCyberAlliance/DomainSecurityScanner Single or bulk scan of domains for SPF, DKIM, or DMARC records. GlobalCyberAlliance apache-2.0 75    
https://github.com/alasdairtran/radflow [TheWebConf 2021] Radflow: A Recurrent, Aggregated, and Decomposable Model for Networks of Time Series alasdairtran   24    
https://github.com/simsong/hashdb hashdb block hash database tool and API simsong other 2    
https://github.com/whichbuffer/Lockbit-Black-3.0   whichbuffer apache-2.0 14    
https://github.com/yardenshafir/IoRingReadWritePrimitive Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2 yardenshafir mit 90    
https://github.com/TakahiroHaruyama/SpiMitm SPI flash read MitM attack PoC TakahiroHaruyama bsd-2-clause 31    
https://github.com/gusmanb/logicanalyzer 24 channel, 100Msps logic analyzer hardware and software gusmanb gpl-3.0 749    
https://github.com/espegro/timespotter First seen / last seen web service based on sha256 espegro mit 3    
https://github.com/espegro/tulip Simple stable bloomfilter web service espegro mit 2    
https://github.com/JupiterOne/security-policy-builder CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence JupiterOne mpl-2.0 52    
https://github.com/sikkerhet/sysmon-info Sysmon info corpus sikkerhet   7    
https://github.com/h3xduck/TripleCross A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. h3xduck gpl-3.0 1206    
https://github.com/winterknife/PINKPANTHER Windows x64 handcrafted token stealing kernel-mode shellcode winterknife gpl-3.0 444    
https://github.com/pluribus-one/gdpr-registry-app Open-source web application to keep track of all data processing activities prefigured by GDPR Article 30 “Records of processing activities”. pluribus-one other 16    
https://github.com/cyentific-rni/security-playbook-stix-misp-exchange This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that make use of the Security Playbook extension and MISP Security Playbook objects. cyentific-rni mit 10    
https://github.com/eCrimeLabs/MISP-PurgeEvents Cleanup of older MISP events can require some work until now eCrimeLabs mit 13    
https://github.com/pydot/pydot Python interface to Graphviz’s Dot language pydot mit 721    
https://github.com/pplonski/automated-pdf-reports-python Automated PDF Reports with Python pplonski mit 16    
https://github.com/projectdiscovery/tlsx Fast and configurable TLS grabber focused on TLS based data collection. projectdiscovery mit 466    
https://github.com/multiprocessio/dsq Commandline tool for running SQL queries against JSON, CSV, Excel, Parquet, and more. multiprocessio other 2861    
https://github.com/0xsp-SRD/callback_injection-Csharp this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback functions 0xsp-SRD mit 75    
https://github.com/NullArray/MaliciousDLLGen Malicious DLL Generator in Py3 NullArray   20    
https://github.com/usnistgov/macos_security macOS Security Compliance Project usnistgov other 970    
https://github.com/pts/pts-zcat portable and minimalistic Flate decompression filter pts   4    
https://github.com/vysecurity/LinkedInt LinkedIn Recon Tool vysecurity mit 818    
https://github.com/ninoseki/abuse_whois Yet another way to find where to report an abuse ninoseki mit 20    
https://github.com/facelessuser/pymdown-extensions Extensions for Python Markdown facelessuser other 657    
https://github.com/Dfte/Impersonate Binary and CrackMapExec module to impersonate tokens on a windows machine Dfte   40    
https://github.com/zhukovyuri/VIINA VIINA: Violent Incident Information from News Articles on the 2022 Russian Invasion of Ukraine zhukovyuri   124    
https://github.com/commoncrawl/cc-crawl-statistics Statistics of Common Crawl monthly archives mined from URL index files commoncrawl apache-2.0 61    
https://github.com/aligungr/UERANSIM Open source 5G UE and RAN (gNodeB) implementation. aligungr gpl-3.0 480    
https://github.com/optiv/Mangle Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs optiv mit 671    
https://github.com/hasherezade/pe_to_shellcode Converts PE into a shellcode hasherezade bsd-2-clause 1570    
https://github.com/yandex/YaLM-100B Pretrained language model with 100B parameters yandex apache-2.0 3089    
https://github.com/timtaylor3/UAC_processor   timtaylor3 apache-2.0 3    
https://github.com/tclahr/uac UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts. tclahr apache-2.0 271    
https://github.com/mattnotmax/hash_hunter Command-line tool to search for malware samples in various repositories mattnotmax   4    
https://github.com/D3Ext/WEF Wi-Fi Exploitation Framework D3Ext other 1361    
https://github.com/zodiacon/TotalRegistry Total Registry - enhanced Registry editor/viewer zodiacon mit 1021    
https://github.com/microsoft/avml AVML - Acquire Volatile Memory for Linux microsoft mit 576    
https://github.com/hashlookup/hashlookup-gui Provides a multi-platform Graphical User Interface for hashlookup hashlookup agpl-3.0 9    
https://github.com/sachaos/viddy 👀 A modern watch command. Time machine and pager etc. sachaos mit 3775    
https://github.com/google/cloud-forensics-utils Python library to carry out DFIR analysis on the Cloud google apache-2.0 327    
https://github.com/kochrt/markwhen Make a cascading timeline from markdown-like text. Supports simple American/European date styles, ISO8601, images, links, locations, and more. kochrt agpl-3.0 2027    
https://github.com/DavidCruciani/feed_Hashlookup   DavidCruciani   1    
https://github.com/citusdata/citus Distributed PostgreSQL as an extension citusdata agpl-3.0 7516    
https://github.com/webrecorder/warcio Streaming WARC/ARC library for fast web archive IO webrecorder apache-2.0 267    
https://github.com/unreaIuser/dll-encryptor C++ Dll-Encryptor, makes you able to stream a dll without touching your disk. (Can be used to prevent from cracking). unreaIuser   46    
https://github.com/YuzukiHD/YuzukiHCC Ultra low cost HDMI-USB Video Acquisition (HDMI Capture Card) based on MS2109 YuzukiHD other 31    
https://github.com/0x000050/cve Gather and update all available and newest CVEs with their PoC. 0x000050 mit 1    
https://github.com/imran-parray/Mind-Maps Mind-Maps of Several Things imran-parray   1170    
https://github.com/paulmillr/micro-otp One Time Password generation via RFC 6238 paulmillr mit 21    
https://github.com/gtworek/PSBits Simple (relatively) things allowing you to dig a bit deeper than usual. gtworek unlicense 1760    
https://github.com/DarthTon/Blackbone Windows memory hacking library DarthTon mit 3768    
https://github.com/trustedsec/SliverKeylogger   trustedsec mit 108    
https://github.com/DHARPA-Project/kiara Data orchestration and management. DHARPA-Project mpl-2.0 6    
https://github.com/CAIDA/commoncrawl-host-ip-mapper Crawler that retrieves commoncrawl’s crawled hosts and their corresponding IPs CAIDA other 8    
https://github.com/darvid/python-hyperscan A CPython extension for the Hyperscan regular expression matching library. darvid mit 115    
https://github.com/NtQuerySystemInformation/Malware-RE-papers Here are some of my malware reversing papers that I will be publishing NtQuerySystemInformation   26    
https://github.com/manticoresoftware/manticoresearch Easy to use open source fast database for search Good alternative to Elasticsearch now Drop-in replacement for E in the ELK soon manticoresoftware gpl-2.0 2218
https://github.com/hardenedvault/ved Vault Exploit Defense hardenedvault other 80    
https://github.com/adulau/hashlookup-server Fast lookup server for NSRL and other hash database used in digital forensic adulau agpl-3.0 32    
https://github.com/TalEliyahu/awesome-security-newsletters Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks TalEliyahu gpl-2.0 347    
https://github.com/emalderson/ThePhish ThePhish: an automated phishing email analysis tool emalderson agpl-3.0 649    
https://github.com/CeresDB/ceresdb CeresDB is a high-performance, distributed, cloud native time-series database that can handle both time-series and analytics workloads. CeresDB apache-2.0 1683    
https://github.com/ANSSI-FR/sftp2misp Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance. ANSSI-FR gpl-3.0 8    
https://github.com/jcabrero/multfs_public The implementation of the Underground Forum Parser for the identification of related accounts. jcabrero   3    
https://github.com/SecIdiot/TransitionalPeriod Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits SecIdiot   32    
https://github.com/cr-marcstevens/hashclash Project HashClash - MD5 & SHA-1 cryptanalysis cr-marcstevens other 500    
https://github.com/ail-project/ail-exchange-format AIL Exchange Format ail-project bsd-2-clause 3    
https://github.com/thunlp/PL-Marker Source code for “Packed Levitated Marker for Entity and Relation Extraction” thunlp mit 161    
https://github.com/ninoseki/misp-gateway API gateway for MISP ninoseki mit 11    
https://github.com/miroslavpejic85/mirotalk 🚀 WebRTC - P2P - Simple, Secure, Fast Real-Time Video Conferences Up to 4k and 60fps, compatible with all browsers and platforms. miroslavpejic85 agpl-3.0 1347    
https://github.com/marcinguy/betterscan-ce Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan Community Edition (CE) marcinguy other 323    
https://github.com/westerndigitalcorporation/libzbd Zoned block device manipulation library and tools westerndigitalcorporation   38    
https://github.com/josevcm/nfc-laboratory NFC signal and protocol analyzer using SDR receiver josevcm mit 176    
https://github.com/LMMS/lmms Cross-platform music production software LMMS gpl-2.0 6226    
https://github.com/pierrafleur/bibliopen-source   pierrafleur cc0-1.0 5    
https://github.com/phiresky/sql.js-httpvfs   phiresky apache-2.0 2926    
https://github.com/apache/tika The Apache Tika toolkit detects and extracts metadata and text from over a thousand different file types (such as PPT, XLS, and PDF). apache apache-2.0 1537    
https://github.com/EdwardRaff/pyBWMD Implementation of A New Burrows Wheeler Transform Markov Distance EdwardRaff   9    
https://github.com/dedupeio/dedupe :id: A python library for accurate and scalable fuzzy matching, record deduplication and entity-resolution. dedupeio mit 3537    
https://github.com/DerwenAI/kglab Graph Data Science: an abstraction layer in Python for building knowledge graphs, integrated with popular graph libraries – atop Pandas, NetworkX, RAPIDS, RDFlib, pySHACL, PyVis, morph-kgc, pslpython, pyarrow, etc. DerwenAI mit 444    
https://github.com/latchset/clevis Automated Encryption Framework latchset gpl-3.0 578    
https://github.com/radareorg/esilsolve A python symbolic execution framework using radare2’s ESIL (Evaluable String Intermediate Language) radareorg mit 136    
https://github.com/MickaelBergem/dnsstresss Simple Go program to stress test DNS servers MickaelBergem   37    
https://github.com/bats3c/darkarmour Windows AV Evasion bats3c mit 562    
https://github.com/ossu/computer-science :mortar_board: Path to a free self-taught education in Computer Science! ossu mit 126497    
https://github.com/tap-ir/tapir TAPIR is a multi-user, client/server, incident response framework tap-ir gpl-3.0 30    
https://github.com/LIAAD/yake Single-document unsupervised keyword extraction LIAAD other 1197    
https://github.com/EdwardRaff/LZJD C++ implementation of LZJD algorithm EdwardRaff apache-2.0 9    
https://github.com/COSSAS/nedagen NEDAGEN - A Network traffic Dataset Generator for Network-based Intrusion Detection Systems COSSAS mpl-2.0 2    
https://github.com/danielealbano/cachegrand cachegrand - a modern OSS Key-Value store built for today’s hardware danielealbano bsd-3-clause 767    
https://github.com/ANSSI-FR/DFIR4vSphere Powershell module for VMWare vSphere forensics ANSSI-FR gpl-3.0 93    
https://github.com/kevthehermit/YaraManager Web based Manager for Yara Rules kevthehermit gpl-2.0 50    
https://github.com/Lissy93/dashy 🚀 A self-hostable personal dashboard built for you. Includes status-checking, widgets, themes, icon packs, a UI editor and tons more! Lissy93 mit 8103    
https://github.com/jwilk/python-syntax-errors no-op statements syntactically valid only since Python X.Y jwilk   334    
https://github.com/mattifestation/AntimalwareBlight Execute PowerShell code at the antimalware-light protection level. mattifestation bsd-3-clause 115    
https://github.com/airbus-cert/ttddbg Time Travel Debugging IDA plugin airbus-cert apache-2.0 413    
https://github.com/commial/experiments Expriments commial   358    
https://github.com/WerWolv/Decompiler A WIP disassember and decompiler written in modern C++ with the goal to do as much work during compile time as possible WerWolv   12    
https://github.com/algorithm-archivists/algorithm-archive A collaborative book on algorithms algorithm-archivists mit 2047    
https://github.com/drb-ra/C2IntelFeeds Automatically created C2 Feeds drb-ra other 215    
https://github.com/ANSSI-FR/AnoMark Algorithme d’apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements “Création de Processus”, afin de détecter des anomalies dans les évènements futurs ANSSI-FR gpl-3.0 45    
https://github.com/open-source-labs/Svelvet A lightweight Svelte component library for building interactive node-based flow diagrams open-source-labs mit 1309    
https://github.com/cheat/cheatsheets Community-sourced cheatsheets cheat   1303    
https://github.com/wikiZ/RedGuard RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check. wikiZ gpl-2.0 877    
https://github.com/nikitavoloboev/alfred-my-mind Alfred workflow to search through my notes and bookmarks nikitavoloboev mit 420    
https://github.com/mushorg/glutton Generic Low Interaction Honeypot mushorg mit 190    
https://github.com/openai/openai-python   openai mit 808    
https://github.com/questdb/questdb An open source time-series database for fast ingest and SQL queries questdb apache-2.0 9595    
https://github.com/batnoter/batnoter An open source, markdown-based, self-hosted note taking webapp. batnoter mit 1791    
https://github.com/D4-project/bgp-monitor A tool for filtering BGP records, by AS numbers, prefixes, countries, etc … D4-project apache-2.0 9    
https://github.com/LiveMirror/pcshare   LiveMirror   65    
https://github.com/webix-hub/webix Stable releases of Webix UI - JavaScript library for building mobile and desktop web apps webix-hub gpl-3.0 395    
https://github.com/lyshark/Windows-exploits Windows 平台提权漏洞大合集,长期收集各种提权漏洞利用工具。 A large collection of rights raising vulnerabilities on the windows platform, which collects various rights raising vulnerability utilization tools for a long time. lyshark   749    
https://github.com/adulau/python-bloomfilter Scalable Bloom Filter implemented in Python adulau mit 7    
https://github.com/chvancooten/follina.py POC to replicate the full ‘Follina’ Office RCE vulnerability for testing purposes chvancooten   1055    
https://github.com/4x1md/phone_rtty_interface AFSK interface for Android smartphones and tablets. 4x1md mit 23    
https://github.com/BigCorvus/LORA-QWERTY-Communicator A tidy and feature-packed LORA QWERTY communication device based on a Blackberry Q10 keyboard, a nRF52840 and a 2.7’’ Sharp Memory LCD BigCorvus mit 137    
https://github.com/moonD4rk/HackBrowserData Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。 moonD4rk mit 6448    
https://github.com/hashishrajan/cloud-security-vulnerabilities List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc hashishrajan apache-2.0 208    
https://github.com/abdulkadir-gungor/JPGtoMalware It embeds the executable file or payload inside the jpg file. The method the program uses isn’t exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the “garbage code insertion/dead-code insertion” method to prevent the payload from being caught by the antivirus at runtime. abdulkadir-gungor other 276    
https://github.com/kahing/goofys a high-performance, POSIX-ish Amazon S3 file system written in Go kahing apache-2.0 4363    
https://github.com/BushidoUK/Open-source-tools-for-CTI Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers BushidoUK   279    
https://github.com/vega/vega A visualization grammar. vega bsd-3-clause 10056    
https://github.com/jeFF0Falltrades/YARA-Signatures A collection of my public YARA signatures for various malware families jeFF0Falltrades   20    
https://github.com/alex-cart/LEAF Linux Evidence Acquisition Framework alex-cart   109    
https://github.com/rhoot/sp Public domain string formatting micro-library for C++, based on python-style format strings. rhoot cc0-1.0 35    
https://github.com/libyal/libyal Yet another library library (and tools) libyal apache-2.0 190    
https://github.com/MarginResearch/cannoli High-performance QEMU memory and instruction tracing MarginResearch gpl-2.0 376    
https://github.com/ixty/mandibule linux elf injector for x86 x86_64 arm arm64 ixty   255    
https://github.com/ManimCommunity/manim A community-maintained Python framework for creating mathematical animations. ManimCommunity mit 11804    
https://github.com/curated-intel/CTI-fundamentals A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence curated-intel   307    
https://github.com/DominicBreuker/pspy Monitor linux processes without root permissions DominicBreuker gpl-3.0 3187    
https://github.com/alyakubov/blockpgp   alyakubov   19    
https://github.com/somnathrakshit/geograpy3 Extract place names from a URL or text, and add context to those names – for example distinguishing between a country, region or city. somnathrakshit apache-2.0 74    
https://github.com/xct/elevatedrv Simple Driver that elevates any process to SYSTEM xct   5    
https://github.com/WangYihang/SourceLeakHacker :bug: A multi threads web application source leak scanner WangYihang   348    
https://github.com/0xeb/ida-qscripts An IDA plugin to increase productivity when developing scripts for IDA 0xeb mit 192    
https://github.com/Ch0pin/AVIator Antivirus evasion project Ch0pin gpl-3.0 789    
https://github.com/scrapy/xtractmime https://mimesniff.spec.whatwg.org/ implementation for Python scrapy bsd-3-clause 11    
https://github.com/PaddlePaddle/PaddleNLP 👑 Easy-to-use and powerful NLP library with 🤗 Awesome model zoo, supporting wide-range of NLP tasks from research to industrial applications, including 🗂Text Classification, 🔍 Neural Search, ❓ Question Answering, ℹ️ Information Extraction, 📄 Document Intelligence, 💌 Sentiment Analysis and 🖼 Diffusion AICG system etc. PaddlePaddle apache-2.0 6263    
https://github.com/sailay1996/CdpSvcLPE Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking) sailay1996   233    
https://github.com/orlikoski/CyLR CyLR - Live Response Collection Tool orlikoski gpl-3.0 511    
https://github.com/nats-io/stan.go NATS Streaming System nats-io apache-2.0 684    
https://github.com/MISP/MISP-RPM RPM packages for MISP MISP   4    
https://github.com/CybersecurityLuxembourg/cybersecurity.lu Main portal of CYBERSECURITY Luxembourg: https://cybersecurity.lu/ CybersecurityLuxembourg bsd-2-clause 3    
https://github.com/Cargill/OpenSIEM-Logstash-Parsing SIEM Logstash parsing for more than hundred technologies Cargill apache-2.0 144    
https://github.com/DCSO/Blog_CyTec Repository to provide files related to our blog articles. DCSO   11    
https://github.com/eCrimeLabs/MISP2CbR Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed. eCrimeLabs mit 17    
https://github.com/facebookresearch/Kats Kats, a kit to analyze time series data, a lightweight, easy-to-use, generalizable, and extendable framework to perform time series analysis, from understanding the key statistics and characteristics, detecting change points and anomalies, to forecasting future trends. facebookresearch mit 4056    
https://github.com/COSSAS/Certitude CERTITUDE - A python package to classify malicious URLs COSSAS mpl-2.0 16    
https://github.com/dnSpyEx/dnSpy Unofficial revival of the well known .NET debugger and assembly editor, dnSpy dnSpyEx gpl-3.0 2273    
https://github.com/hrbrmstr/certstream-rust Extract all domains from a CertStream-compatible CTL websockets server to RocksDB hrbrmstr mit 5    
https://github.com/zitadel/zitadel ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era. zitadel apache-2.0 1626    
https://github.com/guidovranken/cryptofuzz Fuzzing cryptographic libraries. Magic bug printer go brrrr. guidovranken gpl-3.0 484    
https://github.com/vlang/ui Cross-platform UI library written in V vlang gpl-3.0 1843    
https://github.com/hughsie/libjcat Library for reading and writing Jcat files hughsie lgpl-2.1 14    
https://github.com/kazkansouh/DNSAdmin-DLL Example implementation of DNSAdmin DLL PrivEsc attack kazkansouh gpl-3.0 21    
https://github.com/EttusResearch/uhd The USRP™ Hardware Driver Repository EttusResearch other 720    
https://github.com/nccgroup/Sniffle A sniffer for Bluetooth 5 and 4.x LE nccgroup gpl-3.0 584    
https://github.com/ytisf/BirDuster A multi threaded Python script designed to brute force directories and files names on webservers. ytisf mit 62    
https://github.com/veo/vbackdoor Hide process,port,self under Linux using the ld_preload veo   99    
https://github.com/iThreatopedia/iThreatopedia.github.io A happy place for detection engineers, purple teamers and threat hunters focusing on macOS. iThreatopedia gpl-3.0 17    
https://github.com/squix78/json-streaming-parser Arduino library for parsing potentially huge json streams on devices with scarce memory squix78 mit 191    
https://github.com/HadesW/mhy_exp Mhy Exp (exploit signed driver) HadesW   123    
https://github.com/fkie-cad/socbed A Self-Contained Open-Source Cyberattack Experimentation Testbed fkie-cad gpl-3.0 18    
https://github.com/Nisarg12/Veritas A hex viewer for the sleuths! Nisarg12 mit 5    
https://github.com/rickmark/apple-malicious-baseband Sample of a Malicious baseband signed by Apple rickmark   7    
https://github.com/beerisgood/macOS_Hardening A collection about macOS beerisgood gpl-3.0 39    
https://github.com/llsoftsec/llsoftsecbook Low-Level Software Security for Compiler Developers llsoftsec other 136    
https://github.com/tinylabs/crypto-sat-solve Python framework to solve crypto problems using grainofsalt and cryptominisat tinylabs   10    
https://github.com/westerndigitalcorporation/zenfs ZenFS is a storage backend for RocksDB that enables support for ZNS SSDs and SMR HDDs. westerndigitalcorporation gpl-2.0 136    
https://github.com/lowlighter/metrics 📊 An infographics generator with 30+ plugins and 200+ options to display stats about your GitHub account and render them as SVG, Markdown, PDF or JSON! lowlighter mit 8728    
https://github.com/eurecom-s3/noise-sdr Noise-SDR: Arbitrary Modulation of Electromagnetic Noise from Unprivileged Software and Its Impact on Emission Security eurecom-s3 gpl-3.0 11    
https://github.com/just-the-docs/just-the-docs A modern, high customizable, responsive Jekyll theme for documention with built-in search. just-the-docs mit 5001    
https://github.com/BishopFox/bigip-scanner Determine the running software version of a remote F5 BIG-IP management interface. BishopFox mit 22    
https://github.com/JamesCooteUK/SharpSphere .NET Project for Attacking vCenter JamesCooteUK   467    
https://github.com/lamw/vcenter-event-mapping   lamw   31    
https://github.com/lainsce/notejot Stupidly-simple notes app. lainsce gpl-3.0 320    
https://github.com/ahrm/sioyek Sioyek is a PDF viewer designed for reading research papers and technical books. ahrm gpl-3.0 4087    
https://github.com/badkeys/keypairvuln Private keys generated with vulnerable keypair versions (CVE-2021-41117) badkeys cc0-1.0 3    
https://github.com/alufers/mitmproxy2swagger Automagically reverse-engineer REST APIs via capturing traffic alufers   4042    
https://github.com/demisto/demisto-py Demisto Client for Python demisto apache-2.0 61    
https://github.com/markdoc/markdoc A powerful, flexible, Markdown-based authoring framework. markdoc mit 5552    
https://github.com/COSSAS/dgad DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic COSSAS apache-2.0 24    
https://github.com/KasperskyLab/Apihashes IDA Pro plugin for recognizing known hashes of API function names KasperskyLab other 66    
https://github.com/SciTools/cartopy Cartopy - a cartographic python library with matplotlib support SciTools lgpl-3.0 1124    
https://github.com/mitmproxy/mitmproxy An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. mitmproxy mit 29166    
https://github.com/CERTCC/VINCE VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform. CERTCC other 38    
https://github.com/demisto/content Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR’s ever-growing Content Repository. Pull Requests are always welcome and highly appreciated! demisto mit 870    
https://github.com/cilium/tetragon eBPF-based Security Observability and Runtime Enforcement cilium apache-2.0 1902    
https://github.com/mantvydasb/RedTeaming-Tactics-and-Techniques Red Teaming Tactics and Techniques mantvydasb   2762    
https://github.com/hysnsec/awesome-threat-modelling A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review. hysnsec cc0-1.0 778    
https://github.com/ElectronicCats/magspoof MagSpoof is a portable device that can spoof/emulate any magnetic stripe or credit card “wirelessly”, even on standard magstripe readers. ElectronicCats   41    
https://github.com/eCrimeLabs/MISP-autotagging This script when executed searches for organisations with a specific UUID and add a dedicated local tag to the event. eCrimeLabs mit 6    
https://github.com/PacktPublishing/Cleaning-Data-for-Effective-Data-Science Cleaning Data for Effective Data Science, published by Packt PacktPublishing mit 67    
https://github.com/ossf/package-feeds Feed parsing for language package manager updates ossf apache-2.0 51    
https://github.com/ossf/package-analysis Open Source Package Analysis ossf apache-2.0 542    
https://github.com/hmaccelerate/DGA_Detection DGA Detection with ML and DL hmaccelerate mit 22    
https://github.com/RITRedteam/goofkit In line function hooking LKM rootkit RITRedteam mit 44    
https://github.com/pojntfx/keygaen Sign, verify, encrypt and decrypt data with PGP in your browser. pojntfx agpl-3.0 78    
https://github.com/pojntfx/weron Overlay networks based on WebRTC. pojntfx agpl-3.0 1195    
https://github.com/bigb0sss/RedTeam-OffensiveSecurity Tools & Interesting Things for RedTeam Ops bigb0sss mit 1577    
https://github.com/tsale/BlueSploit BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review. tsale apache-2.0 28    
https://github.com/LemmyNet/lemmy 🐀 A link aggregator and forum for the fediverse LemmyNet agpl-3.0 6874    
https://github.com/microsoft/debugpy An implementation of the Debug Adapter Protocol for Python microsoft other 990    
https://github.com/bytecode77/r77-rootkit Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc. bytecode77 bsd-2-clause 929    
https://github.com/jordan2175/rewritecap Tool for rebasing a PCAP file and editing layer2 and layer 3 addresses jordan2175 apache-2.0 15    
https://github.com/JulienPalard/python-versions Studying Python release adoptions by looking at PyPI downloads JulienPalard   9    
https://github.com/jgraph/drawio-desktop Official electron build of draw.io jgraph apache-2.0 34943    
https://github.com/anestisb/vdexExtractor Tool to decompile & extract Android Dex bytecode from Vdex files anestisb apache-2.0 867    
https://github.com/TimMisiak/WinDbgCookbook This is a repo for small, useful scripts and extensions TimMisiak mit 167    
https://github.com/bbayles/network-finder Python library to match IP addresses to encompassing networks bbayles mit 4    
https://github.com/nomi-sec/PoC-in-GitHub 📡 PoC auto collect from GitHub. ⚠️ Be careful Malware. nomi-sec   4474    
https://github.com/hometown-fork/hometown A supported fork of Mastodon that provides local posting and a wider range of content types. hometown-fork agpl-3.0 388    
https://github.com/0xbitx/dedsecimsi sms sniffer and imsi catcher 0xbitx   38    
https://github.com/mikeroyal/Digital-Forensics-Guide Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. mikeroyal   654    
https://github.com/xoolive/traffic A toolbox for processing and analysing air traffic data xoolive mit 251    
https://github.com/lyusupov/SoftRF :airplane: Multi-functional, compatible DIY general aviation proximity awareness system lyusupov gpl-3.0 515    
https://github.com/utkusen/wholeaked a file-sharing tool that allows you to find the responsible person in case of a leakage utkusen bsd-3-clause 722    
https://github.com/D4stiny/spectre A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine. D4stiny gpl-3.0 553    
https://github.com/the-h3x/H3X-CCTV Good dork to find vulnerable CCTV cameras the-h3x   55    
https://github.com/quickwit-oss/quickwit Cloud-native search engine for log management & analytics quickwit-oss other 2624    
https://github.com/oriansj/stage0 A set of minimal dependency bootstrap binaries oriansj gpl-3.0 787    
https://github.com/RITRedteam/Father LD_PRELOAD rootkit RITRedteam unlicense 8    
https://github.com/marcnewlin/human-detector-detector proof-of-concept firmware to stream IQ over USB from Seeed MR24D11C10 radar module marcnewlin mit 24    
https://github.com/Saul-Mirone/milkdown 🍼 Plugin driven WYSIWYG markdown editor framework. Saul-Mirone mit 6766    
https://github.com/Zeex/subhook Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies) Zeex bsd-2-clause 646    
https://github.com/cas1m1r/Titleist Finding suspicious domains as they are registereed cas1m1r   4    
https://github.com/degrigis/awesome-angr A collection of resources/tools and analyses for the angr binary analysis framework. degrigis   94    
https://github.com/1N3/IntruderPayloads A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists. 1N3   3133    
https://github.com/shubham0d/low-level-hooker A linux kernel funtions hooking module shubham0d mit 10    
https://github.com/aaronkaplan/yaccviso A tool for visualizing yacc grammars by Aaron Kaplan (Modified slightly by me modify to build and not crash on macs) aaronkaplan gpl-2.0 7    
https://github.com/microsoft/restler-fuzzer RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. microsoft mit 1789    
https://github.com/Leeon123/CC-attack Using Socks4/5 or http proxies to make a multithreading Http-flood/Https-flood (cc) attack. Leeon123 gpl-2.0 594    
https://github.com/janestreet/magic-trace magic-trace collects and displays high-resolution traces of what a process is doing janestreet mit 3902    
https://github.com/Lookyloo/PlaywrightCapture Capture a URL with Playwright Lookyloo other 8    
https://github.com/0x4D31/hassh-utils hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh) 0x4D31 bsd-3-clause 44    
https://github.com/bagder/uncurled Uncurled - everything I know and learned about running and maintaining Open Source projects for three decades. bagder cc-by-4.0 448    
https://github.com/GaloisInc/reopt A tool for analyzing x86-64 binaries. GaloisInc bsd-3-clause 260    
https://github.com/tillson/git-hound Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system. tillson mit 917    
https://github.com/mechanicalnull/phantasm Binary Ninja plugin for visualizing coverage over time mechanicalnull mit 16    
https://github.com/vmallet/ida-plugins An interactive list of plugins for hex-rays’ IDA Pro vmallet mit 92    
https://github.com/Cisco-Talos/binary_function_similarity   Cisco-Talos mit 119    
https://github.com/pump-io/pump.io Social server with an ActivityStreams API pump-io apache-2.0 2129    
https://github.com/alecalve/python-bitcoin-blockchain-parser A Python 3 Bitcoin blockchain parser alecalve other 387    
https://github.com/sebdraven/IOCmite Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert sebdraven mit 26    
https://github.com/telekom-security/misp-releases   telekom-security   5    
https://github.com/aleprada/otx_2_misp Script for gathering IoCs from OTX (AlienVault) and sending them to MISP. aleprada   10    
https://github.com/monarc-project/ansible-ubuntu Deployment of MONARC with Ansible monarc-project   2    
https://github.com/krsh/seer Seer is a tool that recognizes the architecture of a binary file krsh bsd-3-clause 85    
https://github.com/cloudsecurityalliance/gsd-database Global Security Database cloudsecurityalliance cc0-1.0 176    
https://github.com/trinodb/trino Official repository of Trino, the distributed SQL query engine for big data, formerly known as PrestoSQL (https://trino.io) trinodb apache-2.0 6459    
https://github.com/FelixBer/FindFunc FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. FelixBer   197    
https://github.com/IRATEAU/sam-bot Bot to create MISP events from data in Slack IRATEAU   16    
https://github.com/forensicanalysis/artifactcollector 🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system forensicanalysis mit 173    
https://github.com/PostgREST/postgrest REST API for any Postgres database PostgREST mit 19381    
https://github.com/NextronSystems/evtx-baseline A repository hosting example goodware evtx logs containing sample software installation and basic user interaction NextronSystems apache-2.0 39    
https://github.com/sourque/louis Linux EDR written in Golang and based on eBPF. sourque gpl-2.0 212    
https://github.com/jcrona/rf-ctrl A command-line tool to control 433MHz OOK based devices jcrona gpl-2.0 40    
https://github.com/abusix/xarf XARF - eXtended Abuse Reporting Format abusix mit 60    
https://github.com/ostafen/clover A lightweight document-oriented NoSQL database written in pure Golang. ostafen mit 284    
https://github.com/8C/skypehunt OSINT Framework for Skype     61    
https://github.com/firefart/stunner Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. firefart other 541    
https://github.com/nesosuke/mastodon-install-script 誰でもMastodonサーバーを立てられるようになるやつ(主語デカ) nesosuke gpl-3.0 13    
https://github.com/minimaxir/big-list-of-naughty-strings The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data. minimaxir mit 44087    
https://github.com/Perdu/wombat Wi-Fi tracking system for testing and demonstrational purpose Perdu gpl-3.0 26    
https://github.com/d3sre/Use_Case_Applicability Security Monitoring Resolution Categories d3sre   131    
https://github.com/CAIDA/dbats DataBase of Aggregated Time Series CAIDA other 2    
https://github.com/kyleavery/TitanLdr Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality. kyleavery   97    
https://github.com/bartblaze/Yara-rules Collection of private Yara rules. bartblaze mit 168    
https://github.com/al0ne/Vxscan python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕过CDN,查询旁站等功能,主要用来甲方自测或乙方授权测试,请勿用来搞破坏。 al0ne apache-2.0 1518    
https://github.com/infinitumitlabs/Karakurt-Hacking-Team-CTI IOC Data Obtained From Karakurt Hacking Team’s Internal Infrastructure infinitumitlabs mit 30    
https://github.com/joshhighet/ransomwatch a ransomware-group observatory 🧅👹 joshhighet unlicense 208    
https://github.com/DataDog/security-labs-pocs Proof of concept code for Datadog Security Labs referenced exploits. DataDog other 305    
https://github.com/hash3liZer/SillyRAT A Cross Platform multifunctional (Windows/Linux/Mac) RAT. hash3liZer mit 520    
https://github.com/easystats/correlation :link: Methods for Correlation Analysis easystats gpl-3.0 356    
https://github.com/herosi/CDIR CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library herosi gpl-2.0 5    
https://github.com/m0n0ph1/Process-Hollowing Great explanation of Process Hollowing (a Technique often used in Malware) m0n0ph1   760    
https://github.com/mnrkbys/macosac Forensic Artifact Collection Tool for macOS mnrkbys apache-2.0 58    
https://github.com/mandiant/thiri-notebook The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules. mandiant apache-2.0 129    
https://github.com/f4exb/sdrangel SDR Rx/Tx software for Airspy, Airspy HF+, BladeRF, HackRF, LimeSDR, PlutoSDR, RTL-SDR, SDRplay RSP1 and FunCube f4exb gpl-3.0 1660    
https://github.com/stopipv/isdi ISDi (IPV Spyware Discovery) tool for Android and iOS. stopipv mit 97    
https://github.com/arsium/EagleMonitorRAT Remote Access Tool Written In C# arsium agpl-3.0 267    
https://github.com/packetrat/packethunting Resources and materials for DEF CON 2018 Packet Hunting Workshop packetrat   75    
https://github.com/bloomberg/fast-noise-aware-topic-clustering Research code and scripts used in the Silburt et al. (2021) EMNLP 2021 paper ‘FANATIC: FAst Noise-Aware TopIc Clustering’ bloomberg apache-2.0 7    
https://github.com/bloomberg/memray Memray is a memory profiler for Python bloomberg apache-2.0 9504    
https://github.com/uber/orbit A Python package for Bayesian forecasting with object-oriented design and probabilistic models under the hood. uber other 1508    
https://github.com/hmatuschek/ATU Simple, portable automatic antenna tuner hmatuschek other 9    
https://github.com/JohnWoodman/VBA-Macro-Reverse-Shell Fully functioning reverse shell written entirely in VBA. JohnWoodman   72    
https://github.com/danghvu/pwp Python Web framework P0wner danghvu   73    
https://github.com/adamgreig/ecpdap ECPDAP allows you to program ECP5 FPGAs and attached SPI flash using CMSIS-DAP probes in JTAG mode. adamgreig apache-2.0 38    
https://github.com/natesales/q A tiny command line DNS client with support for UDP, TCP, DoT, DoH, DoQ and ODoH. natesales gpl-3.0 898    
https://github.com/0xdea/semgrep-rules A collection of my Semgrep rules to facilitate vulnerability research. 0xdea mit 239    
https://github.com/tsafavi/codex CoDEx: A set of knowledge graph Completion Datasets Extracted from Wikidata and Wikipedia tsafavi mit 109    
https://github.com/SECFORCE/sftp-exploit OpenSSH <=6.6 SFTP misconfiguration universal exploit SECFORCE   27    
https://github.com/felixwilhelm/mario_baslr PoC for breaking hypervisor ASLR using branch target buffer collisions felixwilhelm   163    
https://github.com/WB2CBA/ADX ADX - Arduino Digital Modes HF Transceiver WB2CBA   32    
https://github.com/yoeo/guesslang Detect the programming language of a source code yoeo mit 600    
https://github.com/G73st/BypassAV c++ shellcode loader G73st   63    
https://github.com/Hadi999/NXcrypt NXcrypt - ‘python backdoor’ framework Hadi999   352    
https://github.com/cdimascio/py-readability-metrics 📗 Score text readability using a number of formulas: Flesch-Kincaid Grade Level, Gunning Fog, ARI, Dale Chall, SMOG, and more cdimascio mit 233    
https://github.com/marktext/marktext 📝A simple and elegant markdown editor, available for Linux, macOS and Windows. marktext mit 36838    
https://github.com/trailofbits/pe-parse Principled, lightweight C/C++ PE parser trailofbits mit 590    
https://github.com/arget13/DDexec A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process. arget13 gpl-3.0 439    
https://github.com/ka9q/ka9q-radio Multichannel SDR based on fast convolution and IP multicasting ka9q gpl-3.0 60    
https://github.com/iamckn/backdoors Simple linux backdoors and hiding techniques iamckn   202    
https://github.com/vasturiano/react-force-graph React component for 2D, 3D, VR and AR force directed graphs vasturiano mit 1248    
https://github.com/dpalmasan/TRUNAJOD2.0 An easy-to-use library to extract indices from texts. dpalmasan mit 22    
https://github.com/bonjourmalware/melody Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulation. bonjourmalware mit 138    
https://github.com/kagancapar/CVE-2022-29072 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. kagancapar gpl-3.0 673    
https://github.com/giladreich/ida_migrator IDA Migrator is an IDA Pro plugin which helps migrate existing work from one database instance to another. It Conveniently migrates function names, structures and enums. giladreich mit 65    
https://github.com/g3gg0/dump1090 Dump1090 is a simple Mode S decoder for RTLSDR devices g3gg0 other 1    
https://github.com/CERT-Polska/training-mwdb MWDB exercises CERT-Polska   14    
https://github.com/microsoft/playwright Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API. microsoft apache-2.0 44063    
https://github.com/httpie/httpie 🥧 HTTPie for Terminal — modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more. httpie bsd-3-clause 24541    
https://github.com/ssdeep-project/ssdeep Fuzzy hashing API and fuzzy hashing tool ssdeep-project gpl-2.0 498    
https://github.com/renatolond/mastodon-twitter-poster Crossposter to post statuses between Mastodon and Twitter renatolond agpl-3.0 567    
https://github.com/woodruffw/steg86 Hiding messages in x86 programs using semantic duals woodruffw other 206    
https://github.com/cloudtools/ssh-cert-authority An implementation of an SSH certificate authority. cloudtools bsd-2-clause 698    
https://github.com/J535D165/recordlinkage A powerful and modular toolkit for record linkage and duplicate detection in Python J535D165 bsd-3-clause 725    
https://github.com/Johnng007/Live-Forensicator Powershell Script to aid Incidence Response and Live Forensics Johnng007   310    
https://github.com/dnote/dnote A simple command line notebook for programmers dnote other 2396    
https://github.com/ve7it/STM32F769-FT8-Transceiver A DSP SDR project using a STM32f769 Disco board to field a self contained FT8 Transceiver utilizing SoftRock, UHFSDR , HobbyPCB RS-HFIQ SDR Transceiver Board and other SDR boards. ve7it   3    
https://github.com/ietf-tools/relaton-data-3gpp 3GPP data in Relaton format ietf-tools   3    
https://github.com/VollRagm/lpmapper A mapper that maps shellcode into loaded large page drivers VollRagm mit 112    
https://github.com/hakluke/hakrawler Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application hakluke gpl-3.0 3315    
https://github.com/JustinAzoff/pynfdump python wrapper for the nfdump cli application JustinAzoff   21    
https://github.com/omerbenamram/evtx A Fast (and safe) parser for the Windows XML Event Log (EVTX) format omerbenamram apache-2.0 402    
https://github.com/greatscottgadgets/libbtbb A Bluetooth baseband decoding library greatscottgadgets gpl-2.0 163    
https://github.com/martynvdijke/gr-lora_sdr This is the fully-functional GNU Radio software-defined radio (SDR) implementation of a LoRa transceiver with all the necessary transceiver components to operate correctly even at very low SNRs. This work is a collaboration of the Telecommunication Circuits Laboratory from EPFL and the Electronic Systems group from the Technical University of Eindhoven. martynvdijke gpl-3.0 19    
https://github.com/sbz/elfdbg Utility to determine if ELF binary is built with debug sections sbz   8    
https://github.com/jeffssh/exploits Mega repo for exploit development. Contains individual exploits and libraries to assist during exploitation jeffssh   19    
https://github.com/WhiteHSBG/JNDIExploit 对原版https://github.com/feihong-cs/JNDIExploit 进行了实用化修改 WhiteHSBG   642    
https://github.com/Microsvuln/NtQuerySection-sample Retrieve Memory mapped file size on windows with NtQuerySection and _SECTION_BASIC_INFORMATION Microsvuln   1    
https://github.com/aemmitt-ns/radius radius2 is a fast binary emulation and symbolic execution framework using radare2 aemmitt-ns mit 295    
https://github.com/arthepsy/CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) arthepsy   918    
https://github.com/cyrus-and/chrome-har-capturer Capture HAR files from a Chrome instance cyrus-and mit 479    
https://github.com/pyppeteer/pyppeteer Headless chrome/chromium automation library (unofficial port of puppeteer) pyppeteer other 2709    
https://github.com/Lissy93/personal-security-checklist 🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2022 Lissy93 other 9864    
https://github.com/hpuhr/COMPASS The OpenATS COMPASS (Compliance Assessment) tool aims at providing a generalized framework for air-traffic surveillance data analysis, visualization & evaluation. hpuhr gpl-3.0 58    
https://github.com/hpuhr/jASTERIX C++ Library for EUROCONTROL’s ASTERIX to JSON conversion. hpuhr gpl-3.0 23    
https://github.com/junzis/pyModeS Python decoder for Mode S and ADS-B signals junzis gpl-3.0 407    
https://github.com/ampledata/adsbcot ADS-B to Cursor on Target Gateway for TAK Products, including ATAK, WinTAK & iTAK. ampledata other 31    
https://github.com/TomerEven/Prefix-Filter Prefix Filter: Practically and Theoretically Better Than Bloom. TomerEven other 31    
https://github.com/NextronSystems/ransomware-simulator Ransomware simulator written in Golang NextronSystems mit 273    
https://github.com/DSecureMe/vmc VMC: a Scalable, Open Source and Free Vulnerability Management Platform DSecureMe apache-2.0 47    
https://github.com/dataplane/serverhosting Server hosting providers dataplane   22    
https://github.com/pathtofile/bad-bpf A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29 pathtofile bsd-3-clause 280    
https://github.com/s0md3v/Smap a drop-in replacement for Nmap powered by shodan.io s0md3v agpl-3.0 2237    
https://github.com/adamsvoboda/nim-loader WIP shellcode loader in nim with EDR evasion techniques adamsvoboda   158    
https://github.com/emptymonkey/revsh A reverse shell with terminal support, data tunneling, and advanced pivoting capabilities. emptymonkey mit 441    
https://github.com/csababarta/ntdsxtract Active Directory forensic framework csababarta gpl-3.0 269    
https://github.com/purocean/yn A Hackable Markdown Note Application for Programmers. Version control, AI completion, mind map, documents encryption, code snippet running, integrated terminal, chart embedding, HTML applets, Reveal.js, plug-in, and macro replacement. purocean agpl-3.0 4133    
https://github.com/krisnova/boopkit Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin. krisnova apache-2.0 1228    
https://github.com/danobot/notorious Offline-first note taking and knowledge management application for desktop and the web. Supports nested notebooks, tags, real-time sync, images and file attachments. Optimised for efficiency with keyboard navigation, full-text search and version control. Never lose a thought. Private, fast, notorious 😈 danobot gpl-3.0 74    
https://github.com/opensanctions/bods-ftm Import OpenOwnership BODS data opensanctions   5    
https://github.com/Guenael/rtlsdr-ft8d FT8 decoder of RTL devices Guenael   23    
https://github.com/CycloneDX/bom-examples A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc) CycloneDX cc0-1.0 63    
https://github.com/andrewjkerr/security-cheatsheets 🔒 A collection of cheatsheets for various infosec tools and topics. andrewjkerr mit 1007    
https://github.com/hashlookup/hashlookup-nsrl hashlookup-nsrl is a NSRL RDSv3 importer for hashlookup server hashlookup other 4    
https://github.com/CYBERDEVILZ/Cryptonite A ransomware created for Windows OS. It is easy to test in a safe environment before deploying it to the victims. Developed using Python CYBERDEVILZ mit 119    
https://github.com/mikeroyal/Open-Source-Security-Guide Open Source Security Guide. Learn all about Security Standards, Frameworks, Threat Models, Encryption, and Benchmarks. mikeroyal   602    
https://github.com/david-oswald/iot-fw-extraction Additional material for our paper “Breaking all the Things - A Systematic Survey of Firmware Extraction Techniques for IoT Devices” (CARDIS 2018) david-oswald   13    
https://github.com/github/securitylab Resources related to GitHub Security Lab github mit 1007    
https://github.com/cube0x0/MiniDump C# Lsass parser cube0x0   227    
https://github.com/lscardoso/gr-dsmx-rc GNU Radio RC DSMX decoder lscardoso   10    
https://github.com/nullt3r/jfscan JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap’s scripting abilities to discover information about services. Generate report. nullt3r mit 348    
https://github.com/amitschendel/venom-rootkit A simple Windows kernel rootkit. amitschendel   64    
https://github.com/uf0o/PykDumper Dumping credentials through windbg and pykd uf0o   34    
https://github.com/MISP/misp-grafana A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB MISP agpl-3.0 9    
https://github.com/snovvcrash/KeeThief Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory. snovvcrash bsd-3-clause 78    
https://github.com/nesg-ugr/c4darknet   nesg-ugr other 9    
https://github.com/HLasse/TextDescriptives A Python library for calculating a large variety of statistics from text HLasse apache-2.0 142    
https://github.com/sourcefrenchy/goqrexfil A mini project to exfiltrate data via QR codes sourcefrenchy mit 19    
https://github.com/hillu/local-spring-vuln-scanner Simple local scanner for applications containing vulnerable Spring libraries hillu gpl-3.0 130    
https://github.com/pre-commit/pre-commit A framework for managing and maintaining multi-language pre-commit hooks. pre-commit mit 9092    
https://github.com/uforia/exitgather Tool for automatic list generation of known TOR and VPN exit nodes uforia gpl-2.0 25    
https://github.com/log2timeline/plaso Super timeline all the things log2timeline apache-2.0 1363    
https://github.com/molly/static-timeline-generator Create static timeline webpages. molly mit 169    
https://github.com/graniet/operative-framework operative framework is a investigation OSINT framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules. graniet apache-2.0 591    
https://github.com/MISP/misp-usage-statistics MISP usage statistics using bokeh (as a static webpage) MISP bsd-2-clause 3    
https://github.com/chaosec2021/Spring-cloud-function-SpEL-RCE Spring-cloud-function-SpEL-RCE 批量检测脚本,反弹shell_EXP,欢迎师傅们试用 chaosec2021   239    
https://github.com/0xsp-SRD/OffensivePascal Pascal Offsec repo for malware dev and red teaming 🚩 0xsp-SRD   122    
https://github.com/Neo23x0/panopticon A YARA Rule Performance Measurement Tool Neo23x0 mit 51    
https://github.com/caliskanfurkan/quick-ir Python and WMI based incident response script caliskanfurkan   4    
https://github.com/disclose/bug-bounty-platforms A community-powered collection of all known bug bounty platforms, vulnerability disclosure platforms, and crowdsourced security platforms currently active on the Internet. disclose cc0-1.0 200    
https://github.com/mumble-voip/mumble Mumble is an open-source, low-latency, high quality voice chat software. mumble-voip other 5076    
https://github.com/JustasMasiulis/ida_bitfields IDA Pro plugin to make bitfield accesses easier to grep JustasMasiulis mpl-2.0 172    
https://github.com/Wilfred/difftastic a structural diff that understands syntax 🟥🟩 Wilfred mit 13362    
https://github.com/Ostorlab/ostorlab Ostorlab is a security scanning orchestrator for the modern age. Ostorlab apache-2.0 255    
https://github.com/bohops/SharpRDPHijack A POC Remote Desktop (RDP) session hijack utility for disconnected sessions bohops bsd-3-clause 323    
https://github.com/Bonfee/CVE-2022-0995 CVE-2022-0995 exploit Bonfee   483    
https://github.com/nsbogam/CVE-2022-26269 Suzuki connect app is used to get the car information like Fuel, Ignition status, Current location, Seat buckle status etc. In Ignis, Zeta variant car if the Fuel CAN messages and Seat buckle status is spoofed via OBD 2 port with the crafted value (e.g. zero percent fuel and Car seat is buckled ), then the same value is reflected on Suzuki connect app, which can mislead the user. nsbogam   2    
https://github.com/o1mate/AppLocker-Bypass Bypassing AppLocker with C# o1mate   131    
https://github.com/hktalent/spring-spel-0day-poc spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963 hktalent   340    
https://github.com/ehids/ecapture capture SSL/TLS text content without CA cert using eBPF. supports Linux x86_64/Aarch64, Android Aarch64. ehids agpl-3.0 4972    
https://github.com/saferwall/yara-rules Collection of Yara Rules saferwall apache-2.0 3    
https://github.com/soxoj/tiktok-scraper TikTok Scraper. Download video posts, collect user/trend/hashtag/music feed metadata, sign URL and etc. soxoj   39    
https://github.com/alexcard144803/KasperskyHook_NewKSDriver Started from https://github.com/iPower/KasperskyHook i updated sig and kaspersky driver alexcard144803   11    
https://github.com/vxunderground/VX-API Collection of various WINAPI tricks / features used or abused by Malware vxunderground   1207    
https://github.com/daniestevez/galileo-osnma Galileo OSNMA (Open Service Navigation Message Authentication) daniestevez apache-2.0 24    
https://github.com/hashlookup/hashlookup-lib hashlookup insert pipeline Python library hashlookup agpl-3.0 6    
https://github.com/P1sec/gea-implementation Implementations of the GEA-1 and GEA-2 (GPRS Encryption Algorithm) stream ciphers in C, Python and Rust. P1sec agpl-3.0 12    
https://github.com/gnuradio/gr-inspector Signal Analysis Toolbox for GNU Radio gnuradio gpl-3.0 230    
https://github.com/crytic/not-so-smart-contracts Examples of Solidity security issues crytic apache-2.0 1754    
https://github.com/gfek/Real-CyberSecurity-Datasets Public datasets to help you address various cyber security problems. gfek   95    
https://github.com/xpn/getsystem-offline Small tool to get a SYSTEM shell xpn   113    
https://github.com/bkerler/gr-atsc2 GNURadio TS Streaming server block that can be used to watch ATSC TV streams with a player like VLC in real-time provided your system can handle the processing of the rest of the flowgraph. bkerler gpl-3.0 3    
https://github.com/ghostop14/gr-xcorrelate GNURadio OOT Module Providing Signal Cross-Correlation ghostop14 gpl-3.0 14    
https://github.com/ghostop14/gr-correctiq GNURadio blocks to remove that IQ DC spike just like some software and drivers do! Three techniques available: auto, auto-tune to dc offset, and manual. ghostop14 gpl-3.0 68    
https://github.com/welk1n/JNDI-Injection-Exploit JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc) welk1n mit 2039    
https://github.com/cure53/Contracts A small collection of potentially useful contract templates cure53   299    
https://github.com/steakknife/bloomfilter Face-meltingly fast, thread-safe, marshalable, unionable, probability- and optimal-size-calculating Bloom filter in go steakknife mit 340    
https://github.com/tcostam/awesome-command-control A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assessments. tcostam   276    
https://github.com/PaloAltoNetworks/tcpsession A python library to extract TCP sessions from PCAPs. PaloAltoNetworks mit 12    
https://github.com/caiiiycuk/httpflow httpflow - extract http requests from tcpflow output caiiiycuk   8    
https://github.com/fpietrosanti/kaspersky-risks Risk Evaluation of Kaspersky related Risk, if subject to Coercion by Russian Government for Intelligence and Military Purposes fpietrosanti   7    
https://github.com/andrmuel/gr-dab GNU Radio DAB (digital audio broadcasting) module andrmuel gpl-3.0 73    
https://github.com/angr/binsync A collaborative reversing plugin for cross-decompiler collaboration, built on git. angr bsd-2-clause 122    
https://github.com/atlas0fd00m/rfcat RfCat - swiss-army knife of ISM band radio atlas0fd00m other 439    
https://github.com/axiros/terminal_markdown_viewer Styled Terminal Markdown Viewer axiros other 1651    
https://github.com/rushter/selectolax Python binding to Modest and Lexbor engines (fast HTML5 parser with CSS selectors). rushter mit 619    
https://github.com/awslabs/open-data-registry A registry of publicly available datasets on AWS awslabs apache-2.0 1036    
https://github.com/snovvcrash/OffensivePipeline OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises. snovvcrash gpl-3.0 79    
https://github.com/JPCERTCC/MalConfScan Volatility plugin for extracts configuration data of known malware JPCERTCC other 436    
https://github.com/m-chrome/py-suricataparser Pure python parser for Snort/Suricata rules. m-chrome apache-2.0 10    
https://github.com/0xADE1A1DE/AssemblyLine A C library and binary for generating machine code of x86_64 assembly language and executing on the fly without invoking another compiler, assembler or linker. 0xADE1A1DE apache-2.0 151    
https://github.com/alexandria-org/alexandria Full text search engine powering Alexandria.org - the open search engine. alexandria-org other 151    
https://github.com/karma9874/AndroRAT A Simple android remote administration tool using sockets. It uses java on the client side and python on the server side karma9874 mit 1310    
https://github.com/nadavrot/layout Layout is a rust library and a command line tool that renders Graphviz dot files. nadavrot mit 505    
https://github.com/claroty/arya Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA. claroty mit 161    
https://github.com/Sc00bz/break-uheprng Attack code for UHEPRNG (Ultra High Entropy Pseudo-Random Number Generator) Sc00bz mit 5    
https://github.com/Sc00bz/copilot-hash-collider   Sc00bz mit 24    
https://github.com/post-cyberlabs/Offensive_tools   post-cyberlabs   268    
https://github.com/opensemanticsearch/open-semantic-entity-search-api Open Source REST API for named entity extraction, named entity linking, named entity disambiguation, recommendation & reconciliation of entities like persons, organizations and places for (semi)automatic semantic tagging & analysis of documents by linked data knowledge graph like SKOS thesaurus, RDF ontology, database(s) or list(s) of names opensemanticsearch gpl-3.0 142    
https://github.com/tkuester/gr-lacrosse GNU Radio module for La Crosse weather stations. tkuester   21    
https://github.com/FunnyWolf/Viper Redteam operation platform with webui 图形化红队行动辅助平台 FunnyWolf bsd-3-clause 2626    
https://github.com/knownsec/404StarLink 404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目 knownsec   4225    
https://github.com/BeichenDream/InjectJDBC 注入JVM进程 动态获取目标进程连接的数据库 BeichenDream   237    
https://github.com/BeichenDream/BadPotato Windows 权限提升 BadPotato BeichenDream   570    
https://github.com/MISP/misp-training-lea Practical Information Sharing between Law Enforcement and CSIRT communities using MISP MISP   22    
https://github.com/khast3x/h8mail Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email khast3x other 2809    
https://github.com/D4Vinci/Cuteit IP obfuscator made to make a malicious ip a bit cuter D4Vinci gpl-3.0 515    
https://github.com/CalfCrusher/Poiana Meterpreter Reverse shell over TOR network using hidden services CalfCrusher mit 76    
https://github.com/r00tten/VTI-Cosplay Low budget VirusTotal Intelligence Cosplay r00tten gpl-3.0 20    
https://github.com/mpolden/echoip IP address lookup service mpolden bsd-3-clause 3598    
https://github.com/log2timeline/dfimagetools Collection of tools for processing storage media images log2timeline apache-2.0 6    
https://github.com/mttaggart/wtfbins WTF are these binaries doing?! A list of benign applications that mimic malicious behavior. mttaggart mit 62    
https://github.com/zeroSteiner/mayhem Runtime Process Manipulation zeroSteiner bsd-3-clause 216    
https://github.com/mborgerson/mdec Decompilation as a Service. Explore multiple decompilers and compare their output with minimal effort. Upload binary, get decompilation. mborgerson other 414    
https://github.com/cocaman/russian_root_ca   cocaman   5    
https://github.com/sysdream/ligolo Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/ sysdream gpl-3.0 1270    
https://github.com/cesena/ghidra2dwarf 🐉 Export ghidra decompiled code to dwarf sections inside ELF binary cesena mit 133    
https://github.com/net-protect/google-fs-recover Google Filestream Forensic Tool net-protect mit 14    
https://github.com/flesueur/mi-lxc Mini-Internet using LXC for practical works flesueur agpl-3.0 327    
https://github.com/emanuele-f/PCAPdroid No-root network monitor, firewall and PCAP dumper for Android emanuele-f gpl-3.0 742    
https://github.com/simonw/shot-scraper A command-line utility for taking automated screenshots of websites simonw apache-2.0 760    
https://github.com/cube0x0/SyscallPack BOF and Shellcode for full DLL unhooking using dynamic syscalls cube0x0   229    
https://github.com/r-cybersecurity/list-of-security-resources-for-ukraine List of companies or individuals offering cybersecurity services, data, or other tangible assets to assist in Ukraine’s defense of its independence. r-cybersecurity other 68    
https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit A root exploit for CVE-2022-0847 (Dirty Pipe) Arinerron gpl-2.0 989    
https://github.com/midnightslacker/exploit_training The best resources for learning exploit development midnightslacker   63    
https://github.com/thewhiteninja/ntfstool Forensics tool for NTFS (parser, mft, bitlocker, deleted files) thewhiteninja mit 288    
https://github.com/ail-project/ail-feeder-atom-rss   ail-project   2    
https://github.com/TomWright/dasel Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool. Supports conversion between formats and can be used as a Go package. TomWright mit 3768    
https://github.com/vgo0/nginx-backdoor Example nginx backdoor via malicious plugin vgo0   19    
https://github.com/DavidBuchanan314/libleakmydata A simple LD_PRELOAD library to disable SSL certificate verification. Inspired by libeatmydata. DavidBuchanan314 mit 153    
https://github.com/8051Enthusiast/biodiff Hex diff viewer using alignment algorithms from biology 8051Enthusiast mit 478    
https://github.com/armvirus/SinMapper usermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to prevent modern anti-cheats (BattlEye, EAC) from finding your driver and having the power to hook anything due to being inside of legit memory (signed legit driver). armvirus   160    
https://github.com/jazzband/prettytable Display tabular data in a visually appealing ASCII table format jazzband other 878    
https://github.com/crmulliner/adbi Android Dynamic Binary Instrumentation Toolkit crmulliner   1214    
https://github.com/cryptax/misc-code Miscellaneous code cryptax   58    
https://github.com/Cybernite-Technologies/trickbot-leak Repo for archiving research and investigation related to the recent Trickbot leaks. Cybernite-Technologies gpl-3.0 54    
https://github.com/trisulnsm/apps Plugin packages that provide custom visualizations and analytics capabilities to Trisul Network Analytics. trisulnsm   13    
https://github.com/binarly-io/FwHunt The Binarly Firmware Hunt (FwHunt) rule format was designed to scan for known vulnerabilities in UEFI firmware. binarly-io cc0-1.0 143    
https://github.com/vinhjaxt/eBPF-sockmap-proxy eBPF Sockmap Proxy vinhjaxt   9    
https://github.com/qeeqbox/url-sandbox Scalable URL Sandbox for analyzing URLs and Domains from phishing attacks qeeqbox agpl-3.0 114    
https://github.com/defaultnamehere/cookie_crimes Read local Chrome cookies without root or decrypting defaultnamehere mit 506    
https://github.com/DynamiteAI/dynamite-nsm DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection DynamiteAI gpl-3.0 139    
https://github.com/Gerapy/Gerapy Distributed Crawler Management Framework Based on Scrapy, Scrapyd, Django and Vue.js Gerapy mit 2849    
https://github.com/mgdm/htmlq Like jq, but for HTML. mgdm mit 6172    
https://github.com/kimci86/bkcrack Crack legacy zip encryption with Biham and Kocher’s known plaintext attack. kimci86 zlib 786    
https://github.com/QAX-A-Team/openssh-7.6p1-patch a patched sshd for red team activities QAX-A-Team   66    
https://github.com/MISP/dockerized_training_environment A training environment, with docker. MISP mit 7    
https://github.com/eset/malware-research Code written as part of our various malware investigations eset bsd-2-clause 322    
https://github.com/opengs/uashield Voluntary Ukraine security platform to protect us from Russian forces in the Internet opengs unlicense 1089    
https://github.com/hashcat/princeprocessor Standalone password candidate generator using the PRINCE algorithm hashcat other 358    
https://github.com/cudeso/misp-tip-of-the-week A collection of tips for using MISP. cudeso   41    
https://github.com/SMAT-Lab/Scalpel Scalpel: The Python Static Analysis Framework SMAT-Lab apache-2.0 167    
https://github.com/hackerschoice/gsocket-relay Global Socket Server hackerschoice other 13    
https://github.com/hackerschoice/gsocket Connect like there is no firewall. Securely. hackerschoice bsd-2-clause 982    
https://github.com/adipinto/HP-Data-Protector-RCE HP Data Protector Arbitrary Remote Command Execution adipinto   11    
https://github.com/cxnder/bn-dyldsharedcache dyld_shared_cache processing / Single-Image loading for BinaryNinja cxnder mit 74    
https://github.com/mandiant/ADFSDump   mandiant apache-2.0 231    
https://github.com/erkexzcx/stoppropaganda A special DOS application to stop pro-Russian aggression websites. Support Ukraine! erkexzcx gpl-3.0 465    
https://github.com/ajax-lives/NoRussian Volunteer DoS tool via HTML + JS ajax-lives gpl-3.0 399    
https://github.com/Orange-Cyberdefense/russia-ukraine_IOCs Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake Orange-Cyberdefense   155    
https://github.com/curated-intel/Ukraine-Cyber-Operations Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. curated-intel   845    
https://github.com/ail-project/ail-feeder-twitter External twitter feeder for AIL framework ail-project agpl-3.0 16    
https://github.com/ail-project/twint An advanced Twitter scraping & OSINT tool written in Python that doesn’t use Twitter’s API, allowing you to scrape a user’s followers, following, Tweets and more while evading most API limitations. ail-project mit 13    
https://github.com/deathau/markdownload A Firefox and Google Chrome extension to clip websites and download them into a readable markdown file. deathau apache-2.0 1120    
https://github.com/dashingsoft/pyarmor A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts. dashingsoft other 1833    
https://github.com/ail-project/ail-feeder-ct Ail feeder for certificate transparency ail-project   2    
https://github.com/rjbhide/wireshark-forensics-plugin   rjbhide   82    
https://github.com/ail-project/ail-feeder-github-repo AIL feeder for GitHub Repository ail-project   1    
https://github.com/aaronkaplan/countryblocker simple scripts which fetch CIDR blocks by country code and add them to iptables/ipset blocklists aaronkaplan gpl-3.0 8    
https://github.com/flrs/visavail A D3.js Time Data Availability Visualization flrs mit 280    
https://github.com/github/advisory-database Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software. github cc-by-4.0 1184    
https://github.com/trailofbits/maat Open-source symbolic execution framework: https://maat.re trailofbits other 493    
https://github.com/banviktor/asnlookup CLI and Go package for fast, offline ASN lookups banviktor apache-2.0 9    
https://github.com/redcode-labs/BMJ Code snippets for bare-metal malware development redcode-labs mit 80    
https://github.com/MarkBaggett/ese-analyst This is a set of tools for doing forensics analysis on Microsoft ESE databases. MarkBaggett   108    
https://github.com/JrM2628/httpworker A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educational use only. JrM2628   57    
https://github.com/hrbrmstr/cisa-known-exploited-vulns Daily archiver & triage issue creator for new releases of CISA’s Known Exploited Vulnerabilities list hrbrmstr mit 16    
https://github.com/dataplane/fdns Dataplane.org DNS server daemon dataplane   2    
https://github.com/MolecularMatters/raw_pdb A C++11 library for reading Microsoft Program DataBase PDB files MolecularMatters bsd-2-clause 453    
https://github.com/miso-belica/jusText Heuristic based boilerplate removal tool miso-belica bsd-2-clause 485    
https://github.com/avast/yaramod Parsing of YARA rules into AST and building new rulesets in C++. avast mit 83    
https://github.com/mlodic/pdfid   mlodic mit 6    
https://github.com/blueteam0ps/AllthingsTimesketch This repository contains helper scripts and custom configs to get the best out of Google’s Timesketch project. blueteam0ps apache-2.0 32    
https://github.com/bhassani/doublepulsar DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64) bhassani   19    
https://github.com/redcode-labs/poXSSon A framework for easy payloads development and deployment, collection of customizable XSS payloads redcode-labs isc 22    
https://github.com/edgedb/edgedb A graph-relational database with declarative schema, built-in migration system, and a next-generation query language edgedb apache-2.0 9508    
https://github.com/khalladay/hooking-by-example A series of increasingly complex programs demonstrating function hooking on 64 bit Windows. Culminating in a program that hooks mspaint to make it always paint orange. khalladay mit 134    
https://github.com/leoloobeek/COMRunner A simple COM server which provides a component to run shellcode leoloobeek   129    
https://github.com/horsicq/PDBRipper PDBRipper is a utility for extract an information from PDB-files. horsicq mit 619    
https://github.com/garage44/pyrite Pyrite is a web(RTC) client for the Galène videoconference server. garage44 mit 258    
https://github.com/drk1wi/Modlishka Modlishka. Reverse Proxy. drk1wi other 4092    
https://github.com/openvinotoolkit/anomalib An anomaly detection library comprising state-of-the-art algorithms and features such as experiment management, hyper-parameter optimization, and edge inference. openvinotoolkit apache-2.0 1370    
https://github.com/Gyoonus/deoptfuscator Deobfuscator for Android Application Gyoonus mit 271    
https://github.com/MISP/misp-wireshark Lua plugin to extract data from Wireshark and convert it into MISP format MISP   19    
https://github.com/MISP/LuaMISP Lua Library to create and manipulate MISP entities MISP mit 3    
https://github.com/algorithmica-org/algorithmica A computer science textbook algorithmica-org   1183    
https://github.com/SecurityBrewery/catalyst Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes SecurityBrewery agpl-3.0 126    
https://github.com/profdc9/RFBitBanger A QRP on-off keying digital transmission device profdc9   17    
https://github.com/olavolav/uniplot Lightweight plotting to the terminal. 4x resolution via Unicode. olavolav mit 190    
https://github.com/rsagroup/rsatoolbox Python library for Representational Similarity Analysis rsagroup mit 91    
https://github.com/ffuf/pencode Complex payload encoder ffuf mit 143    
https://github.com/nkrao220/accent-classification Accent Classification in Speech nkrao220   13    
https://github.com/shaarli/Shaarli The personal, minimalist, super-fast, database free, bookmarking service - community repo shaarli other 2788    
https://github.com/slingamn/mureq Single-file alternative to python-requests slingamn 0bsd 260    
https://github.com/idom-team/idom Create highly interactive web pages purely in Python idom-team mit 671    
https://github.com/mandiant/flare-floss FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware. mandiant apache-2.0 2434    
https://github.com/FelixChop/MediumArticles Sample of Python codes from mathematical problems FelixChop   100    
https://github.com/sanchikagn/topic-modeling-with-LDA Topic modeling (abstract topics) with LDA (Latent Dirichlet Allocation) in python sanchikagn   3    
https://github.com/karlicoss/promnesia Another piece of your extended mind karlicoss mit 1425    
https://github.com/MattMills/radiocapture-rf RF side of Radiocapture’s SDR based trunked radio bulk collection system MattMills gpl-3.0 48    
https://github.com/sudrich/sf-gad A statistical framework for graph anomaly detection. sudrich gpl-3.0 15    
https://github.com/milabs/khook Linux Kernel hooking engine (x86) milabs gpl-2.0 239    
https://github.com/JonathanSalwan/ROPgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures. JonathanSalwan other 3166    
https://github.com/trickest/cve Gather and update all available and newest CVEs with their PoC. trickest mit 3734    
https://github.com/ydkhatri/OneDrive OneDrive log .ODL reader ydkhatri mit 44    
https://github.com/obfuscator-llvm/obfuscator   obfuscator-llvm   3180    
https://github.com/hasherezade/process_overwriting Yet another variant of Process Hollowing hasherezade   288    
https://github.com/perkeep/perkeep Perkeep (née Camlistore) is your personal storage system for life: a way of storing, syncing, sharing, modelling and backing up content. perkeep apache-2.0 6046    
https://github.com/milabs/awesome-linux-rootkits awesome-linux-rootkits milabs cc0-1.0 1164    
https://github.com/Cyb0r9/SocialBox SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Cyb0r9 mit 1038    
https://github.com/pysemtec/semantic-python-overview (subjective) overview of projects which are related both to python and semantic technologies (RDF, OWL, Reasoning, …) pysemtec cc0-1.0 414    
https://github.com/jbaines-r7/staystaystay Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE jbaines-r7 bsd-3-clause 9    
https://github.com/intellisec/lasershark LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems (ACSAC 2021) intellisec gpl-3.0 57    
https://github.com/Flangvik/SharpDllProxy Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading Flangvik   399    
https://github.com/syloktools/misp_automation   syloktools   2    
https://github.com/bg3mdo/pisdr_hat This is budget Raspberry Pi SDR project. bg3mdo   12    
https://github.com/berty/berty Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network berty other 6175    
https://github.com/gaasedelen/patching An Interactive Binary Patching Plugin for IDA Pro gaasedelen mit 559    
https://github.com/vlang/v Simple, fast, safe, compiled language for developing maintainable software. Compiles itself in <1s with zero library dependencies. Supports automatic C => V translation. https://vlang.io vlang mit 30779    
https://github.com/malrev/ABD Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories malrev other 1009    
https://github.com/appneta/tcpreplay Pcap editing and replay tools for *NIX and Windows - Users please download source from appneta   931    
https://github.com/Cimbali/pympress Pympress is a simple yet powerful PDF reader designed for dual-screen presentations Cimbali gpl-2.0 745    
https://github.com/SoftSec-KAIST/TikNib Binary Code Similarity Analysis (BCSA) Tool SoftSec-KAIST mit 84    
https://github.com/ly4k/SpoolFool Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE) ly4k mit 650    
https://github.com/chuanjiesun/whatAV detect AV on windows via process name chuanjiesun   9    
https://github.com/Psmths/reave WIP Post-exploitation framework tailored for hypervisors. Psmths gpl-3.0 43    
https://github.com/usualsuspect/yara_vt_mock Emulates the VirusTotal “vt” YARA module for livehunt rule debugging/testing usualsuspect mit 18    
https://github.com/RUB-SysSec/Nyx USENIX 2021 - Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types RUB-SysSec gpl-2.0 160    
https://github.com/airbus-cert/Invoke-Bof Load any Beacon Object File using Powershell! airbus-cert apache-2.0 217    
https://github.com/P4nda0s/IDABeautify An IDA plugin for making pseudocode better. P4nda0s   196    
https://github.com/nbqofficial/CTHD Process hiding library nbqofficial   16    
https://github.com/MichaelDim02/Narthex Modular personalized dictionary generator. MichaelDim02 gpl-3.0 166    
https://github.com/cylance/PyPackerDetect A malware dataset curation tool which helps identify packed samples. cylance agpl-3.0 29    
https://github.com/M17-Project/M17_spec M17 standard specification M17-Project gpl-2.0 115    
https://github.com/bl4de/dictionaries Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks bl4de   198    
https://github.com/fabiospampinato/crypto-random-hexadecimal Generate a cryptographically-random hexadecimal string with the given number of bytes of entropy. fabiospampinato mit 1    
https://github.com/ytk2128/dll-merger Merging DLLs with a PE32 EXE without LoadLibrary ytk2128 mit 201    
https://github.com/CronUp/Malware-IOCs   CronUp   76    
https://github.com/pwn1sher/KillDefender A small POC to make defender useless by removing its token privileges and lowering the token integrity pwn1sher   559    
https://github.com/reb311ion/CapaExplorer Capa analysis importer for Ghidra. reb311ion mit 48    
https://github.com/boku7/HOLLOW EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode boku7   201    
https://github.com/inforion/idapython-cheatsheet Scripts and cheatsheets for IDAPython inforion   551    
https://github.com/FireyFly/hexd 🔍 Colourful, human-friendly hexdump tool FireyFly mit 131    
https://github.com/boyter/scc Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go boyter mit 3903    
https://github.com/cartographia/geospatial-intelligence-library 🛰 Your geospatial intelligence tool belt for digital investigations cartographia   82    
https://github.com/61106960/adPEAS Powershell tool to automate Active Directory enumeration. 61106960   416    
https://github.com/dbdexter-dev/sdrpp_radiosonde Radiosonde decoder plugin for SDR++ dbdexter-dev mit 32    
https://github.com/remil1000/opensearch-ansible-playbook 🤖 A community repository for Ansible Playbook of OpenSearch Project. remil1000 apache-2.0 3    
https://github.com/xenoscr/manual-syscall-detect A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks. xenoscr mit 67    
https://github.com/tahoe-lafs/tahoe-lafs The Tahoe-LAFS decentralized secure filesystem. tahoe-lafs other 1191    
https://github.com/NumLocK15/YaraStation Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centralized management solution that facilitates result investigation and easier scanning capabilities. NumLocK15   27    
https://github.com/dwmkerr/hacker-laws 💻📖 Laws, Theories, Principles and Patterns that developers will find useful. #hackerlaws dwmkerr cc-by-sa-4.0 24314    
https://github.com/CTFd/snicat TLS & SNI aware netcat CTFd apache-2.0 19    
https://github.com/meilisearch/meilisearch A lightning-fast search engine that fits effortlessly into your apps, websites, and workflow. meilisearch mit 30591    
https://github.com/oasis-open/cti-taxii-server OASIS TC Open Repository: TAXII 2 Server Library Written in Python oasis-open bsd-3-clause 82    
https://github.com/0x6d696368/ghidra-data Supporting Data Archives for Ghidra 0x6d696368 apache-2.0 184    
https://github.com/klezVirus/inceptor Template-Driven AV/EDR Evasion Framework klezVirus other 1060    
https://github.com/ail-project/ail-typo-squatting Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems. ail-project bsd-2-clause 27    
https://github.com/czs108/PE-Packer 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engineering. czs108 gpl-3.0 162    
https://github.com/VectorCamp/vectorscan A portable fork of the high-performance regular expression matching library VectorCamp other 257    
https://github.com/silverhack/voyeur VOYEUR’s main purpose is to generate a fast (and pretty) Active Directory report. The tool is developed entirely in PowerShell (a powerful scripting language) without dependencies (just .Net Framework 3.5 and Ofiice Excel if you want an useful and pretty report). The generated report is a perfect starting point for well-established forensic, incident response team, or security researchers who want to quickly analyze threats in Active Directory Services. silverhack mit 146    
https://github.com/bitsadmin/fakelogonscreen Fake Windows logon screen to steal passwords bitsadmin bsd-3-clause 1069    
https://github.com/cisco/mercury Mercury: network metadata capture and analysis cisco other 340    
https://github.com/microsoft/ANCE A novel embedding training algorithm leveraging ANN search and achieved SOTA retrieval on Trec DL 2019 and OpenQA benchmarks microsoft mit 274    
https://github.com/AndrewRathbun/DFIRArtifactMuseum The goal of this repo is to archive artifacts from all versions of various OS’s and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore. AndrewRathbun mit 179    
https://github.com/erthink/libmdbx One of the fastest embeddable key-value ACID database without WAL. libmdbx surpasses the legendary LMDB in terms of reliability, features and performance. erthink other 1040    
https://github.com/ekzhu/datasketch MinHash, LSH, LSH Forest, Weighted MinHash, HyperLogLog, HyperLogLog++, LSH Ensemble ekzhu mit 1820    
https://github.com/aristocratos/btop A monitor of resources aristocratos apache-2.0 9349    
https://github.com/0vercl0k/udmp-parser A Windows user minidump C++ parser library. 0vercl0k mit 92    
https://github.com/DTolm/VkFFT Vulkan/CUDA/HIP/OpenCL/Level Zero/Metal Fast Fourier Transform library DTolm mit 925    
https://github.com/bluekitchen/raccoon Raccoon BLE Sniffer bluekitchen   63    
https://github.com/andrewjfreyer/monitor Distributed advertisement-based BTLE presence detection reported via mqtt andrewjfreyer   1402    
https://github.com/csirt-tooling-org/csirt-tooling-best-practices CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools csirt-tooling-org   11    
https://github.com/frida/frida-tools Frida CLI tools frida other 211    
https://github.com/ANSSI-FR/guide-journalisation-microsoft Guide journalisation Microsoft ANSSI-FR   44    
https://github.com/patois/abyss abyss - augmentation of Hexrays decompiler output patois mit 287    
https://github.com/Nudin/iptable_vis visualise your iptables chains Nudin lgpl-3.0 543    
https://github.com/scipag/HardeningKitty HardeningKitty - Checks and hardens your Windows configuration scipag mit 549    
https://github.com/volexity/threat-intel Signatures and IoCs from public Volexity blog posts. volexity other 124    
https://github.com/crytic/slither Static Analyzer for Solidity crytic agpl-3.0 3357    
https://github.com/sapics/ip-location-db ip to location database by ASN, GeoFeed, Whois, iptoasn.com, db-ip lite, GeoLite2 sapics other 247    
https://github.com/norasector/turbine SDR software for capturing trunked radio systems norasector gpl-3.0 92    
https://github.com/dhondta/webgrep Grep Web pages with extra features like JS deobfuscation and OCR dhondta gpl-3.0 87    
https://github.com/ForensicArtifacts/artifacts-kb Digital Forensics Artifacts Knowledge Base ForensicArtifacts apache-2.0 42    
https://github.com/ArsMasiuk/qvge Qt Visual Graph Editor ArsMasiuk mit 424    
https://github.com/VirusTotal/vt-py The official Python 3 client library for VirusTotal VirusTotal apache-2.0 276    
https://github.com/mborgerding/kissfft a Fast Fourier Transform (FFT) library that tries to Keep it Simple, Stupid mborgerding other 1017    
https://github.com/hirve/sdr-mini-kit Building SDR apps by mapping IQ streams with pipes in CLI or bash scripts. hirve mit 7    
https://github.com/0x4D31/fatt FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic 0x4D31 bsd-3-clause 588    
https://github.com/cado-security/rip_raw Rip Raw is a small tool to analyse the memory of compromised Linux systems. cado-security apache-2.0 127    
https://github.com/RolfRolles/IDBs Analyses in IDA/Hex-Rays RolfRolles   63    
https://github.com/x64dbg/x64dbg An open-source x64/x32 debugger for windows. x64dbg other 39331    
https://github.com/stairwell-inc/threat-research Repository of tools, YARA rules, and code-snippets from Stairwell’s research team. stairwell-inc mit 14    
https://github.com/igogo-x86/HexRaysPyTools IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes igogo-x86   1136    
https://github.com/lunixbochs/usercorn dynamic binary analysis via platform emulation lunixbochs mit 824    
https://github.com/slyd0g/DLLHijackTest DLL and PowerShell script to assist with finding DLL hijacks slyd0g   283    
https://github.com/cudeso/dfir-iris-misp-timesketch Scripts to integrate DFIR-IRIS, MISP and TimeSketch cudeso agpl-3.0 19    
https://github.com/cybersecsi/HOUDINI Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all. cybersecsi gpl-3.0 1100    
https://github.com/davidgfnet/card-cap-authenticator-android Android App that genereates passcode authentication codes for Postfinance cards davidgfnet bsd-3-clause 10    
https://github.com/RyanMarcus/dirty-json A parser for invalid JSON RyanMarcus agpl-3.0 173    
https://github.com/googleprojectzero/0days-in-the-wild Repository for information about 0-days exploited in-the-wild. googleprojectzero apache-2.0 516    
https://github.com/ditekshen/detection Detection in the form of Yara, Snort and ClamAV signatures. ditekshen other 90    
https://github.com/seintpl/osint Useful OSINT hints and links seintpl   66    
https://github.com/KaLendsi/CVE-2022-21882 win32k LPE KaLendsi   435    
https://github.com/JPCERTCC/jpcert-yara JPCERT/CC public YARA rules repository JPCERTCC   75    
https://github.com/pali/bmfdec Decompile binary MOF file (BMF) from WMI buffer pali   37    
https://github.com/mb21/panwriter Markdown editor with pandoc integration and paginated preview. mb21 gpl-3.0 762    
https://github.com/doegox/EMV-CAP This tool emulates an EMV-CAP device, to illustrate the article “Banque en ligne : à la decouverte d’EMV-CAP” published in MISC, issue #56 doegox gpl-3.0 27    
https://github.com/APTortellini/DefenderSwitch Stop Windows Defender using the Win32 API APTortellini   158    
https://github.com/scipag/nac_bypass Script collection to bypass Network Access Control (NAC, 802.1x) scipag mit 165    
https://github.com/hakluke/hakrevdns Small, fast tool for performing reverse DNS lookups en masse. hakluke mit 587    
https://github.com/jevinskie/litespih4x SPI flash MITM and emulation (QSPI is a WIP) jevinskie   18    
https://github.com/pandora-analysis/pandora Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results pandora-analysis agpl-3.0 158    
https://github.com/berdav/CVE-2021-4034 CVE-2021-4034 1day berdav mit 1686    
https://github.com/Reloaded-Project/Reloaded.Injector C# DLL Injection Library capable of injecting x86 DLLs to x86 process from x64 processes. Reloaded-Project lgpl-3.0 79    
https://github.com/arc298/instagram-scraper Scrapes an instagram user’s photos and videos arc298 unlicense 7296    
https://github.com/bouffalolab/bl_iot_sdk BL602/BL702 SDK. Any technical topic, please access the following link. bouffalolab apache-2.0 189    
https://github.com/cilium/cilium eBPF-based Networking, Security, and Observability cilium apache-2.0 13403    
https://github.com/hlldz/RefleXXion RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array. hlldz   389    
https://github.com/Idov31/FunctionStomping A new shellcode injection technique. Given as C++ header, standalone Rust program or library. Idov31 bsd-2-clause 592    
https://github.com/cyentific-rni/stix2.1-coa-playbook-extension A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-readable security playbooks such as CACAO Security Playbooks cyentific-rni mit 14    
https://github.com/ZephrFish/Red-Teaming-Toolkit This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter. ZephrFish gpl-3.0 9    
https://github.com/geodienst/lighthousemap OpenStreetMap’s Blinking Beacons geodienst mit 271    
https://github.com/daem0nc0re/PrivFu Kernel mode WinDbg extension and PoCs for token privilege investigation. daem0nc0re bsd-3-clause 366    
https://github.com/executemalware/Malware-IOCs   executemalware   315    
https://github.com/behas/ransomware-dataset Economics of Ransomware Dataset behas   16  
https://github.com/spenczar/usb-next Arduino adapter for a NeXT keyboard to work over USB spenczar bsd-3-clause 16    
https://github.com/lgandx/Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. lgandx gpl-3.0 3901    
https://github.com/dievus/Oh365UserFinder Python3 o365 User Enumeration Tool dievus mit 400    
https://github.com/DidierStevens/DidierStevensSuite Please no pull requests for this repository. Thanks! DidierStevens   1418    
https://github.com/AzizKpln/Social_X “Socialx” is a Social Engineering And Remote Access Trojan Tool. You can generate fud backdoor and you can embed any file you want inside of the exe file. AzizKpln mit 198    
https://github.com/forrest-orr/moneta Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs forrest-orr gpl-3.0 365    
https://github.com/tid4l/offensive-cybersec-toolkit A central place for offensive (and sometimes not) cybersecurity tools and resources. tid4l gpl-3.0 8    
https://github.com/vuejs/petite-vue 6kb subset of Vue optimized for progressive enhancement vuejs mit 7056    
https://github.com/resyncgg/ripgen Rust-based high performance domain permutation generator. resyncgg   185    
https://github.com/p0dalirius/ldap2json The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file. p0dalirius   63    
https://github.com/quarto-dev/quarto-cli Open-source scientific and technical publishing system built on Pandoc. quarto-dev other 1413    
https://github.com/adulau/active-scanning-techniques A compilation of network scanning strategies to find vulnerable devices adulau   61    
https://github.com/fkie-cad/cwe_checker cwe_checker finds vulnerable patterns in binary executables fkie-cad lgpl-3.0 745    
https://github.com/avast/ioc Threat Intel IoCs + bits and pieces of dark matter avast   251    
https://github.com/MrNox/XRaysComments A simple IDA Pro plugin to show all HexRays decompiler comments written by user MrNox   19    
https://github.com/g-les/100DaysofYARA 100 Days of YARA to be updated with rules & ideas as the year progresses g-les   27    
https://github.com/IQTLabs/SkyScan Automatically photograph planes that fly by! IQTLabs apache-2.0 237    
https://github.com/CiscoPSIRT/openVulnQuery A Python-based client for the Cisco openVuln API CiscoPSIRT mit 20    
https://github.com/github/gemoji Emoji images and names. github mit 4072    
https://github.com/dhondta/python-codext Python codecs extension featuring CLI tools for encoding/decoding anything dhondta gpl-3.0 199    
https://github.com/brandur/redis-cell A Redis module that provides rate limiting in Redis as a single command. brandur mit 1050    
https://github.com/jakubroztocil/podcats 🎧 🐈🐈🐈 Podcats generates RSS feeds for podcast episodes from local audio files and, optionally, exposes both via a built-in web server. jakubroztocil other 106    
https://github.com/sevagas/macro_pack macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research. sevagas apache-2.0 1725    
https://github.com/typedb-osi/typedb-cti Open Source Threat Intelligence Platform typedb-osi apache-2.0 100    
https://github.com/luigifcruz/pisdr-image 🥧 A SDR Linux Distro for the Raspberry Pi and other SBC. Compatible out of the box with multiple SDR. luigifcruz other 679    
https://github.com/DanielLin1986/Function-level-Vulnerability-Detection A deep learning-based vulnerability detection framework DanielLin1986   55    
https://github.com/void-stack/VMUnprotect VMUnprotect can dynamically log and manipulate calls from virtualized methods by VMProtect. void-stack mit 250    
https://github.com/AppThreat/dep-scan Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required! AppThreat mit 275    
https://github.com/geoacumen/geoacumen-country   geoacumen apache-2.0 35    
https://github.com/maxmind/MaxMind-DB-Reader-python Python MaxMind DB reader extension maxmind apache-2.0 138    
https://github.com/maxmind/mmdbinspect look up records for one or more IPs/networks in one or more .mmdb databases maxmind apache-2.0 62    
https://github.com/cloudflare/py-mmdb-encoder Create mmdb files to encode prefix lists. cloudflare bsd-3-clause 27    
https://github.com/upx/upx UPX - the Ultimate Packer for eXecutables upx other 10245    
https://github.com/allinurl/gwsocket fast, standalone, language-agnostic WebSocket server RFC6455 compliant allinurl mit 656    
https://github.com/RolfRolles/FinSpyVM Static unpacker for FinSpy VM RolfRolles   90    
https://github.com/ryan-weil/ReadWriteDriver A kernel driver for reading and writing memory ryan-weil   81    
https://github.com/jfmaes/SharpZipRunner Executes position independent shellcode from an encrypted zip jfmaes gpl-3.0 293    
https://github.com/InQuest/awesome-yara A curated list of awesome YARA rules, tools, and people. InQuest other 2369    
https://github.com/adsbxchange/adsb-exchange ADS-B Exchange Linux Setup Scripts adsbxchange mit 192    
https://github.com/StamusNetworks/suricata-language-server Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured. StamusNetworks gpl-3.0 36    
https://github.com/PyCQA/flake8 flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code. PyCQA other 2394    
https://github.com/wavestone-cdt/wavecrack Wavestone’s web interface for password cracking with hashcat wavestone-cdt   151    
https://github.com/jerosoler/Drawflow Simple flow library 🖥️🖱️ jerosoler mit 2700    
https://github.com/jordanwildon/Telepathy Public release of Telepathy, an OSINT toolkit for investigating Telegram chats. jordanwildon mit 449    
https://github.com/orhun/rtl_map FFT-based visualizer for RTL-SDR devices. (RTL2832/DVB-T) orhun gpl-3.0 59    
https://github.com/marp-team/marp The entrance repository of Markdown presentation ecosystem marp-team mit 4349    
https://github.com/encode/starlette The little ASGI framework that shines. 🌟 encode bsd-3-clause 7534    
https://github.com/MoserMichael/pyasmtool Explores the python bytecode, provides some tools to access it for fun and profit. MoserMichael mit 275    
https://github.com/seanmcfeely/ThreatFox Python library and command line tool for interacting with the ThreatFox API. seanmcfeely gpl-3.0 6    
https://github.com/raghudotcc/simply-jekyll A simple yet highly functional jekyll theme with backlinks, wiki-style links, context menu, page preview, sidenote etc raghudotcc   160    
https://github.com/0vercl0k/rp rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries. 0vercl0k mit 1383    
https://github.com/saruman9/ghidra_dev_pres Ghidra’s development plugins, scripts, contributing. Presentation saruman9   10    
https://github.com/felias-fogg/dw-link An Arduino-based debugWIRE hardware-debugger felias-fogg gpl-3.0 21    
https://github.com/CYB3RMX/Qu1cksc0pe All-in-One malware analysis tool. CYB3RMX gpl-3.0 418    
https://github.com/random-robbie/bruteforce-lists Some files for bruteforcing certain things. random-robbie apache-2.0 746    
https://github.com/packing-box/awesome-executable-packing A curated list of awesome resources related to executable packing packing-box cc0-1.0 664    
https://github.com/trickster0/LdrLoadDll-Unhooking LdrLoadDll Unhooking trickster0   73    
https://github.com/Tox/ToxStatus Status page that keeps track of Tox bootstrap nodes Tox agpl-3.0 32    
https://github.com/RedhawkSDR/core-framework REDHAWK is a software-defined radio (SDR) framework designed to support the development, deployment, and management of real-time software radio applications RedhawkSDR lgpl-3.0 39    
https://github.com/RedhawkSDR/redhawk A submodule repository for distributing REDHAWK artifacts and the latest REDHAWK source code. Use ‘git clone –recurse-submodules git@github.com:RedhawkSDR/redhawk.git’ to also clone all submodules. RedhawkSDR other 362    
https://github.com/hrvach/babyping A computer from 1948 in ICMP packets hrvach mit 74    
https://github.com/0xC01DF00D/Collabfiltrator Exfiltrate blind remote code execution output over DNS via Burp Collaborator. 0xC01DF00D gpl-3.0 226    
https://github.com/klinix5/ReverseRDP_RCE   klinix5 mit 267    
https://github.com/opensemanticsearch/open-semantic-search Open Source research tool to search, browse, analyze and explore large document collections by Semantic Search Engine and Open Source Text Mining & Text Analytics platform (Integrates ETL for document processing, OCR for images & PDF, named entity recognition for persons, organizations & locations, metadata management by thesaurus & ontologies, search user interface & search apps for fulltext search, faceted search & knowledge graph) opensemanticsearch gpl-3.0 659    
https://github.com/1N3/ReverseAPK Quickly analyze and reverse engineer Android packages 1N3   586    
https://github.com/gocolly/colly Elegant Scraper and Crawler Framework for Golang gocolly apache-2.0 18145    
https://github.com/gnuradio/SigMF The Signal Metadata Format Specification gnuradio cc-by-sa-4.0 227    
https://github.com/xbyl1234/android_analysis android analysis tools, jni trace by native hook, libc hook, write log with caller’s addr in file or AndroidLog xbyl1234   61    
https://github.com/odedshimon/BruteShark Network Analysis Tool odedshimon gpl-3.0 2519    
https://github.com/osmocom/rtl-sdr library for turning a RTL2832 based DVB dongle into a Software DefinedReceiver; mirror from https://gitea.osmocom.org/sdr/rtl-sdr osmocom gpl-2.0 483    
https://github.com/digitalevidencetoolkit/deptoolkit The Toolkit API, app, and browser extension. Start preserving now. digitalevidencetoolkit other 40    
https://github.com/shareef12/ExtractBB LLVM Obfuscation Pass via Extracted Basic Blocks shareef12   15    
https://github.com/pnkraemer/tueplots Figure sizes, font sizes, fonts, and more configurations at minimal overhead. Fix your journal papers, conference proceedings, and other scientific publications. pnkraemer mit 476    
https://github.com/splunk/salo Synthetic Adversarial Log Objects: A Framework for synthentic log generation splunk apache-2.0 40    
https://github.com/jina-ai/docarray 🧬 The data structure for unstructured multimodal data · Neural Search · Vector Search · Document Store jina-ai apache-2.0 1274    
https://github.com/coral-xyz/sealevel-attacks ☠️ Common Security Exploits and Protections on Solana coral-xyz   337    
https://github.com/knight0x07/pyc2bytecode A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*) knight0x07   87    
https://github.com/hausec/ADAPE-Script Active Directory Assessment and Privilege Escalation Script hausec   1018    
https://github.com/swimlane/pyattck A Python package to interact with the Mitre ATT&CK Framework swimlane mit 402    
https://github.com/FirmWire/FirmWire FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband firmwares FirmWire bsd-3-clause 552    
https://github.com/terryyin/lizard A simple code complexity analyser without caring about the C/C++ header files or Java imports, supports most of the popular languages. terryyin other 1460    
https://github.com/3vangel1st/100DaysOfYARA   3vangel1st   24    
https://github.com/certsocietegenerale/abuse_finder Find abuse contacts for observables certsocietegenerale gpl-3.0 54    
https://github.com/wbolster/jsonlines python library to simplify working with jsonlines and ndjson data wbolster other 203    
https://github.com/obsidianforensics/unfurl Extract and Visualize Data from URLs using Unfurl obsidianforensics apache-2.0 468    
https://github.com/sthagen/miyuchina-mistletoe A fast, extensible and spec-compliant Markdown parser in pure Python. sthagen mit 2    
https://github.com/ShutdownRepo/ShadowCoerce MS-FSRVP coercion abuse PoC ShutdownRepo gpl-3.0 211    
https://github.com/drmpeg/dtv-utils Utilities for SDR digital television drmpeg gpl-3.0 46    
https://github.com/puckiestyle/JNDI-Exploit-Kit   puckiestyle mit 19    
https://github.com/Li4n0/revsuit RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration. Li4n0 apache-2.0 322    
https://github.com/getCUJO/ThreatIntel   getCUJO bsd-3-clause-clear 102    
https://github.com/hijiki51/gotools Plugin for Ghidra to assist reversing Golang binaries hijiki51 mit 6    
https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering Some of my publicly available Malware analysis and Reverse engineering. Dump-GUY   460    
https://github.com/fidgetingbits/IDArling Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays fidgetingbits gpl-3.0 94    
https://github.com/cudeso/tools Different tools, koen.vanimpe@cudeso.be cudeso other 87    
https://github.com/corelight/zeek-cheatsheets Bro Log Cheatsheets corelight other 232    
https://github.com/SecWiki/windows-kernel-exploits windows-kernel-exploits Windows平台提权漏洞集合 SecWiki mit 6754    
https://github.com/optiv/Ivy Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode. optiv mit 639    
https://github.com/AlexandreRouma/SDRPlusPlus Cross-Platform SDR Software AlexandreRouma gpl-3.0 2070    
https://github.com/yrp604/rappel A linux-based assembly REPL for x86, amd64, armv7, and armv8 yrp604 other 1002    
https://github.com/s-macke/VoxelSpace Terrain rendering algorithm in less than 20 lines of code s-macke mit 5533    
https://github.com/alphacep/vosk-api Offline speech recognition API for Android, iOS, Raspberry Pi and servers with Python, Java, C# and Node alphacep apache-2.0 4760    
https://github.com/intelowlproject/GreedyBear Threat Intel Platform for T-POTs intelowlproject mit 62    
https://github.com/rgerganov/aprs-sdr APRS tracker with an SDR rgerganov mit 19    
https://github.com/fabiangreffrath/crispy-doom Crispy Doom is a limit-removing enhanced-resolution Doom source port based on Chocolate Doom. fabiangreffrath gpl-2.0 609    
https://github.com/iconoir-icons/iconoir An open source icons library with 1K+ icons, supporting React, React Native, Flutter, CSS, Figma, and Framer. iconoir-icons mit 2858    
https://github.com/trapexit/mergerfs a featureful union filesystem trapexit other 2734    
https://github.com/niczem/trawler scraper for facebook, gab, google and tiktok niczem   20    
https://github.com/google/grr GRR Rapid Response: remote live forensics for incident response google apache-2.0 4223    
https://github.com/ioncodes/ceload Loading dbk64.sys and grabbing a handle to it ioncodes   120    
https://github.com/curran/data A collection of public data sets curran mit 450    
https://github.com/deepchecks/deepchecks Test Suites for Validating ML Models & Data. Deepchecks is a Python package for comprehensively validating your machine learning models and data with minimal effort. deepchecks other 2175    
https://github.com/profdc9/QRPAmplifier Layout of WA2EBY amplifier in Kicad, licensed CC-BY-SA 4.0 profdc9   15    
https://github.com/FChannel0/FChannel-Server   FChannel0 agpl-3.0 82    
https://github.com/GeneralMills/pytrends Pseudo API for Google Trends GeneralMills other 2556    
https://github.com/benlk/misc-licenses A collection of various licenses, with mild commentary upon them. benlk other 75    
https://github.com/aj-code/TimingIntrusionTool5000 A tool for performing network timing attacks on plaintext and hashed password authentication. aj-code gpl-3.0 20    
https://github.com/squidfunk/mkdocs-material Documentation that simply works squidfunk mit 11548    
https://github.com/NVISOsecurity/DLLoader   NVISOsecurity gpl-3.0 17    
https://github.com/R4yGM/garlicshare Private and self-hosted file sharing over the Tor network written in golang R4yGM apache-2.0 105    
https://github.com/travisbrown/stop-the-steal Stop the Steal / J6 Twitter user profiles travisbrown   18    
https://github.com/worldveil/dejavu Audio fingerprinting and recognition in Python worldveil mit 5919    
https://github.com/jonathandata1/pegasus_spyware decompiled pegasus_spyware jonathandata1 mit 1574    
https://github.com/tillmannw/yara-rules   tillmannw   8    
https://github.com/trailofbits/manticore Symbolic execution tool trailofbits agpl-3.0 3183    
https://github.com/forrest-orr/Exploits A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I’ve written to be used in conjunction with these exploits. forrest-orr gpl-3.0 80    
https://github.com/spaze/hashes Magic hashes – PHP hash “collisions” spaze   505    
https://github.com/uubs/firmware-collection   uubs   5    
https://github.com/desertbit/glue Glue - Robust Go and Javascript Socket Library (Alternative to Socket.io) desertbit mit 406    
https://github.com/MattETurner/DFIRlogbook Logbook for Digital Forensics and Incident Response MattETurner   40    
https://github.com/BatchDrake/SigDigger Qt-based digital signal analyzer, using Suscan core and Sigutils DSP library BatchDrake gpl-3.0 607    
https://github.com/directus/directus The Modern Data Stack 🐰 — Directus is an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database. directus gpl-3.0 18144    
https://github.com/mzfr/liffy Local file inclusion exploitation tool mzfr gpl-3.0 523    
https://github.com/PaddlePaddle/PaddleOCR Awesome multilingual OCR toolkits based on PaddlePaddle (practical ultra lightweight OCR system, support 80+ languages recognition, provide data annotation and synthesis tools, support training and deployment among server, mobile, embedded and IoT devices) PaddlePaddle apache-2.0 26342    
https://github.com/seemoo-lab/opendrop An open Apple AirDrop implementation written in Python seemoo-lab gpl-3.0 7380    
https://github.com/cert-ee/cuckoo3 Cuckoo 3 is a Python 3 open source automated malware analysis system. cert-ee eupl-1.2 409    
https://github.com/pussycat0x/malicious-pdf Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator pussycat0x bsd-2-clause 163    
https://github.com/NUKIB/misp Docker image for MISP NUKIB gpl-3.0 43    
https://github.com/tb0hdan/idun DomainsProject.org HTTP worker tb0hdan bsd-3-clause 9    
https://github.com/tb0hdan/domains World’s single largest Internet domains dataset tb0hdan bsd-3-clause 394    
https://github.com/HuskyHacks/PMAT-labs Labs for Practical Malware Analysis & Triage HuskyHacks   436    
https://github.com/doomedraven/sflock Sample staging & detonation utility to be used in combination with Cuckoo Sandbox. doomedraven   8    
https://github.com/hrbrmstr/hashlookup #️⃣ 👀👆🏽Query and Orchestrate the CIRCL Hash Lookup Service hrbrmstr other 4    
https://github.com/benthosdev/benthos-plugin-example Benthos plugin examples benthosdev mit 59    
https://github.com/hatching/sflock Sample staging & detonation utility to be used in combination with Cuckoo Sandbox. hatching   74    
https://github.com/Zhuagenborn/Dll-Injector 💉 A Windows dynamic-link library injection tool written in C++20. It can inject a dynamic-link library into a running process by its window title or create a new process with an injection. Zhuagenborn gpl-3.0 48    
https://github.com/sdasgup3/binary-decompilation Extracting high level semantic information from binary code sdasgup3 other 57    
https://github.com/adulau/dcfldd dcfldd - enhanced version of dd for forensics and security adulau gpl-2.0 58    
https://github.com/infoskirmish/hive The CIA Hive source code as released by Wikileaks infoskirmish   46    
https://github.com/peazip/PeaZip Free Zip / Unzip software and Rar file extractor. Cross-platform file and archive manager. Features volume spanning, compression, authenticated encryption. Supports 7Z, 7-Zip sfx, ACE, ARJ, Brotli, BZ2, CAB, CHM, CPIO, DEB, GZ, ISO, JAR, LHA/LZH, NSIS, OOo, PAQ/LPAQ, PEA, QUAD, RAR, RPM, split, TAR, Z, ZIP, ZIPX, Zstandard. peazip lgpl-3.0 2232    
https://github.com/magwyz/mediaLexicometer Tools to do lexicometry on media magwyz agpl-3.0 40    
https://github.com/payloadbox/xss-payload-list 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List payloadbox mit 3806    
https://github.com/swisscom/ArtifactCollectionMatrix Forensic Artifact Collection Tool Matrix swisscom other 29    
https://github.com/HoShiMin/Sig The most powerful and customizable binary pattern scanner HoShiMin mit 143    
https://github.com/cariboulabs/cariboulite CaribouLite turns any 40-pin Raspberry-Pi into a Tx/Rx 6GHz SDR cariboulabs   846    
https://github.com/threathunters-io/laurel Transform Linux Audit logs for SIEM usage threathunters-io gpl-3.0 440    
https://github.com/benthosdev/benthos Fancy stream processing made operationally mundane benthosdev mit 4912    
https://github.com/kevthehermit/volatility_symbols Volatility Symbol Generator for Linux Kernels kevthehermit   14    
https://github.com/mytechnotalent/Reverse-Engineering A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures. mytechnotalent apache-2.0 7459    
https://github.com/jthuraisamy/SysWhispers AV/EDR evasion via direct system calls. jthuraisamy apache-2.0 1410    
https://github.com/dfir-iris/iris-web Collaborative Incident Response platform dfir-iris lgpl-3.0 538    
https://github.com/tanc7/EXOCET-AV-Evasion EXOCET - AV-evading, undetectable, payload delivery tool tanc7   662    
https://github.com/Ne0nd0g/merlin-agent   Ne0nd0g gpl-3.0 95    
https://github.com/deepset-ai/haystack :mag: Haystack is an open source NLP framework that leverages pre-trained Transformer models. It enables developers to quickly implement production-ready semantic search, question answering, summarization and document ranking for a wide range of NLP applications. deepset-ai apache-2.0 5986    
https://github.com/fuzzuf/fuzzuf Fuzzing Unification Framework fuzzuf agpl-3.0 298    
https://github.com/LingDong-/shan-shui-inf Procedurally generated Chinese landscape painting. LingDong- mit 4922    
https://github.com/cdnjs/cdnjs 🤖 CDN assets - The #1 free and open source CDN built to make life easier for developers. cdnjs mit 9689    
https://github.com/IndrajeetPatil/ggstatsplot Enhancing {ggplot2} plots with statistical analysis 📊🎨📣 IndrajeetPatil gpl-3.0 1586    
https://github.com/juju4/ansible-hashlookupserver Install hashlookup-server, minimal and fast open source server (ReST/API) to lookup quickly hash value from large datase t. juju4 bsd-2-clause 1    
https://github.com/daniestevez/jupyter_notebooks Assorted Jupyter notebooks by Daniel Estévez daniestevez gpl-3.0 97    
https://github.com/constellation-app/constellation A graph-focused data visualisation and interactive analysis application. constellation-app apache-2.0 349    
https://github.com/archanchoudhury/SOC-OpenSource This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture. archanchoudhury cc0-1.0 247    
https://github.com/hashlookup/hashlookup-forensic-analyser Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/ hashlookup other 91    
https://github.com/ubfx/BinDiffHelper Ghidra Extension to integrate BinDiff for function matching ubfx   174    
https://github.com/Cracked5pider/KaynLdr KaynLdr is a Reflective Loader written in C/ASM Cracked5pider   406    
https://github.com/cursey/regenny A reverse engineering tool to interactively reconstruct structures and generate header files cursey mit 79    
https://github.com/gkiril/benchie Comprehensive evaluation framework for Open Information Extraction. gkiril other 26    
https://github.com/Yamato-Security/WELA WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ) Yamato-Security gpl-3.0 462    
https://github.com/rescuezilla/rescuezilla The Swiss Army Knife of System Recovery rescuezilla gpl-3.0 667    
https://github.com/NUKIB/misp-modules Docker image for MISP modules NUKIB gpl-3.0 4    
https://github.com/dragnet-org/dragnet Just the facts – web page content extraction dragnet-org mit 1075    
https://github.com/jstrosch/learning-malware-analysis This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware. jstrosch   124    
https://github.com/Fare9/KUNAI-static-analyzer Tool aimed to provide a binary analysis of different file formats through the use of an Intermmediate Representation. Fare9 mit 75    
https://github.com/SamuelTulach/efi-memory PoC EFI runtime driver for memory r/w & kdmapper fork SamuelTulach   330    
https://github.com/LanikSJ/dfimage Reverse-engineer a Dockerfile from a Docker image. LanikSJ mit 208    
https://github.com/ssthouse/tree-chart Flexible tree chart using Canvas and Svg, powered by D3.js; ✅Support Vue, Vue3 and React; ssthouse mit 328    
https://github.com/StrangerealIntel/Orion A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses … StrangerealIntel   112    
https://github.com/bats3c/shad0w A post exploitation framework designed to operate covertly on heavily monitored environments bats3c mit 1796    
https://github.com/Mr-Un1k0d3r/DKMC DKMC - Dont kill my cat - Malicious payload evasion tool Mr-Un1k0d3r other 1220    
https://github.com/Yamato-Security/hayabusa Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs. Yamato-Security gpl-3.0 815    
https://github.com/Srakai/Adun A way to backdoor every process Srakai gpl-3.0 58    
https://github.com/ChrisTheCoolHut/Zeratool Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems ChrisTheCoolHut gpl-3.0 950    
https://github.com/janmojzis/tinyssh TinySSH is small server (less than 100000 words of code) janmojzis other 881    
https://github.com/gqrx-sdr/gqrx Software defined radio receiver powered by GNU Radio and Qt. gqrx-sdr gpl-3.0 2257    
https://github.com/cve-search/git-vuln-finder Finding potential software vulnerabilities from git commit messages cve-search   320    
https://github.com/wader/fq jq for binary formats wader other 4534    
https://github.com/dgtlmoon/changedetection.io changedetection.io - The best and simplest self-hosted free open source website change detection tracking, monitoring and notification service. An alternative to Visualping, Watchtower etc. Designed for simplicity - the main goal is to simply monitor which websites had a text change for free. Free Open source web page change detection dgtlmoon apache-2.0 6310    
https://github.com/dafthack/DomainPasswordSpray DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS! dafthack mit 1254    
https://github.com/j3ssie/osmedeus A Workflow Engine for Offensive Security j3ssie mit 4082    
https://github.com/ziesemer/ad-privileged-audit Provides various Windows Server Active Directory (AD) security-focused reports. ziesemer   44    
https://github.com/mufeedvh/moonwalk Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. mufeedvh mit 1043    
https://github.com/boun-tabi/RELX The RELX Dataset and Matching the Multilingual Blanks for Cross-Lingual Relation Classification, EMNLP-Findings 2020. boun-tabi mit 19    
https://github.com/svenstaro/genact 🌀 A nonsense activity generator svenstaro mit 6632    
https://github.com/TheCruZ/EFI_Driver_Access Efi Driver Access is a simply project to load a driver during system boot with the idea to give the user kernel access for read/write memory without restrictions TheCruZ   212    
https://github.com/phoboslab/qoi The “Quite OK Image Format” for fast, lossless image compression phoboslab   5855    
https://github.com/tylerhou/fiber   tylerhou apache-2.0 225    
https://github.com/bohops/RogueAssemblyHunter Rogue Assembly Hunter is a utility for discovering ‘interesting’ .NET CLR modules in running processes. bohops mit 104    
https://github.com/msrkp/exploits ’>”><img src=x onerror=alert(1) />asd msrkp   46    
https://github.com/go-gitea/gitea Git with a cup of tea, painless self-hosted git service go-gitea mit 33084    
https://github.com/SigmaHQ/pySigma Python library to parse and convert Sigma rules into queries (and whatever else you could imagine) SigmaHQ lgpl-2.1 143    
https://github.com/MISP/cexf Common Exercise Format - CEXF MISP   9    
https://github.com/johnkerl/miller Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON johnkerl other 5779    
https://github.com/enisaeu/CNW The CSIRTs Network is a network composed of EU Member States’ appointed CSIRTs and CERT-EU. It provides a forum where members can cooperate, exchange information and build trust. enisaeu   17    
https://github.com/wagoodman/dive A tool for exploring each layer in a docker image wagoodman mit 34295    
https://github.com/Its-Vichy/GoriaNet 🐼 IoT worm written in pure golang. Its-Vichy gpl-3.0 68    
https://github.com/MaxHalford/procedural-art :milky_way: Procedural art with vanilla JavaScript MaxHalford mit 85    
https://github.com/lucidworks/banana Banana for Solr - A Port of Kibana lucidworks other 667    
https://github.com/gamozolabs/elfloader An architecture-agnostic ELF file flattener for shellcode gamozolabs mit 188    
https://github.com/vfsfitvnm/intruducer A Rust crate to load a shared library into a Linux process without using ptrace. vfsfitvnm mit 85    
https://github.com/saferwall/pe A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations. saferwall mit 152    
https://github.com/bongtrop/hbctool Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode) bongtrop mit 185    
https://github.com/scottrogowski/code2flow Pretty good call graphs for dynamic languages scottrogowski mit 2812    
https://github.com/ius/rsatool rsatool can be used to calculate RSA and RSA-CRT parameters ius bsd-2-clause 856    
https://github.com/fomantic/Fomantic-UI Fomantic-UI is the official community fork of Semantic-UI fomantic mit 3074    
https://github.com/Semantic-Org/Semantic-UI Semantic is a UI component framework based around useful principles from natural language. Semantic-Org mit 50214    
https://github.com/elihunter173/java-manifest-py Encode/decode Java’s META-INF/MANIFEST.MF in Python. elihunter173 agpl-3.0 4    
https://github.com/RedHatProductSecurity/vulnerability-detection-scripts Vulnerability detection scripts for Red Hat Enterprise Linux RedHatProductSecurity gpl-3.0 15    
https://github.com/obriencj/python-javatools Tools for examining Java bytecode in Python obriencj lgpl-3.0 80    
https://github.com/haimgel/display-switch Turn a $30 USB switch into a full-featured multi-monitor KVM switch haimgel mit 2250    
https://github.com/curated-intel/Log4Shell-IOCs A collection of intelligence about Log4Shell and its exploitation activity. curated-intel   170    
https://github.com/zyantific/zasm x86-64 Assembler based on Zydis zyantific mit 158    
https://github.com/frohoff/ysoserial A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. frohoff mit 5833    
https://github.com/push0ebp/xMalHunter x64dbg Malware Plugin. Detect malicious materials push0ebp mit 13    
https://github.com/0dayCTF/reverse-shell-generator Hosted Reverse Shell generator with a ton of functionality. – (Great for CTFs) 0dayCTF mit 1548    
https://github.com/AFLplusplus/StdFuzzer StdFuzzer is the reference implementation of a generic bit-level fuzzer with LibAFL AFLplusplus   41    
https://github.com/unipacker/unipacker Automatic and platform-independent unpacker for Windows binaries based on emulation unipacker gpl-2.0 493    
https://github.com/staaldraad/dnstrap Trap dns requests staaldraad   4    
https://github.com/androguard/androguard Reverse engineering and pentesting for Android applications androguard apache-2.0 4163    
https://github.com/h2non/jsonpath-ng Finally, a JSONPath implementation for Python that aims to be standard compliant. That’s all. Enjoy it. h2non apache-2.0 358    
https://github.com/proferosec/log4jScanner log4jScanner provides the ability to scan internal subnets for vulnerable log4j web services proferosec gpl-3.0 479    
https://github.com/NotSoSecure/password_cracking_rules One rule to crack all passwords. or atleast we hope so. NotSoSecure mit 977    
https://github.com/cbaziotis/ekphrasis Ekphrasis is a text processing tool, geared towards text from social networks, such as Twitter or Facebook. Ekphrasis performs tokenization, word normalization, word segmentation (for splitting hashtags) and spell correction, using word statistics from 2 big corpora (english Wikipedia, twitter - 330mil english tweets). cbaziotis mit 587    
https://github.com/jbesomi/texthero Text preprocessing, representation and visualization from zero to hero. jbesomi mit 2616    
https://github.com/chartbeat-labs/textacy NLP, before and after spaCy chartbeat-labs other 1991    
https://github.com/facebookresearch/cc_net Tools to download and cleanup Common Crawl data facebookresearch mit 469    
https://github.com/naim94a/lumen A private Lumina server for IDA Pro naim94a mit 557    
https://github.com/hydra-synth/hydra Livecoding networked visuals in the browser hydra-synth agpl-3.0 1796    
https://github.com/mrexodia/dumpulator An easy-to-use library for emulating code in minidump files. mrexodia bsl-1.0 339    
https://github.com/trailofbits/it-depends A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories. trailofbits lgpl-3.0 265    
https://github.com/facebook/mariana-trench Our security focused static analysis tool for Android and Java applications. facebook mit 896    
https://github.com/D4-project/pybgpranking Python API for BGP Ranking D4-project bsd-3-clause 3    
https://github.com/RolfRolles/Miscellaneous Small programs and scripts that do not require their own repositories RolfRolles gpl-3.0 110    
https://github.com/easystats/see :art: Visualisation toolbox for beautiful and publication-ready figures easystats gpl-3.0 677    
https://github.com/milvus-io/milvus Vector database for scalable similarity search and AI applications. milvus-io apache-2.0 14128    
https://github.com/adulau/ssldump ssldump - (de-facto repository gathering patches around the cyberspace) adulau other 168    
https://github.com/hectorm/demergi A proxy server that helps to bypass the DPI systems implemented by various ISPs. hectorm mit 8    
https://github.com/e-m-b-a/embark EMBArk - The firmware security scanning environment e-m-b-a mit 169    
https://github.com/monoxgas/sRDI Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode monoxgas other 1523    
https://github.com/knownsec/404StarLink-Project Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink) knownsec   738    
https://github.com/yogeshojha/rengine reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine’s correlation, it just makes recon effortless. yogeshojha gpl-3.0 4818    
https://github.com/unixpickle/gobfuscate Obfuscate Go binaries and packages unixpickle bsd-2-clause 1216    
https://github.com/0xsp-SRD/mortar evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR) 0xsp-SRD mit 980    
https://github.com/redcode-labs/REVENANT Volatile ELF payloads generator with Metasploit integrations for testing GNU/Linux ecosystems redcode-labs   53    
https://github.com/anchore/grype A vulnerability scanner for container images and filesystems anchore apache-2.0 4730    
https://github.com/ly4k/Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation) ly4k mit 247    
https://github.com/microsoft/recommenders Best Practices on Recommendation Systems microsoft mit 14336    
https://github.com/cisagov/log4j-affected-db A community sourced list of log4j-affected software cisagov cc0-1.0 1111    
https://github.com/weslambert/velociraptor-misp Artifacts for integrating MISP with Velociraptor weslambert   3    
https://github.com/GenericException/SkidSuite A collection of java reverse engineering tools and informational links GenericException   192    
https://github.com/WazeHell/sam-the-admin Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user WazeHell   860    
https://github.com/nccgroup/log4j-jndi-be-gone A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x “JNDI LDAP” vulnerability. nccgroup apache-2.0 72    
https://github.com/paradoxwastaken/Poseidon stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects. paradoxwastaken   188    
https://github.com/woodpecker-appstore/log4j-payload-generator Log4j jndi injects the Payload generator woodpecker-appstore   462    
https://github.com/LeakIX/l9fuzz Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload LeakIX   11    
https://github.com/CycloneDX/specification Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis CycloneDX apache-2.0 185    
https://github.com/Ridter/noPac Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Ridter   465    
https://github.com/NCSC-NL/log4shell Operational information regarding the log4shell vulnerabilities in the Log4j logging library. NCSC-NL   1887    
https://github.com/CycloneDX/cyclonedx-cli CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions. CycloneDX apache-2.0 117    
https://github.com/CycloneDX/cyclonedx-python Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments. CycloneDX apache-2.0 104    
https://github.com/righel/log4shell_nse nse script to inject jndi payloads righel   42    
https://github.com/danieljs777/fastoverflowtk This Buffer Overflow Toolkit works through FTP, SMTP, POP, HTTP protocols as well file outputs for playlists exploiting customized variables/commands. Payloads can be generated through MSFVENOM or you can use your own ASM files. danieljs777   17    
https://github.com/Mr-Un1k0d3r/MiniDump alternative to procdump Mr-Un1k0d3r   177    
https://github.com/jivoi/awesome-osint :scream: A curated list of amazingly awesome OSINT jivoi other 10738    
https://github.com/inconvergent/weird Generative art in Common Lisp inconvergent other 1472    
https://github.com/kjellmf/dot2tex Convert graphs generated by Graphviz to LaTeX friendly formats kjellmf other 133    
https://github.com/malpedia/signator-rules Collection of rules created using YARA-Signator over Malpedia malpedia   62    
https://github.com/MelbourneFuzzingHub/aflteam AFLTeam Collaborative Parallel Fuzzing MelbourneFuzzingHub apache-2.0 63    
https://github.com/Cybereason/Logout4Shell Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell Cybereason mit 1726    
https://github.com/cube0x0/noPac CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. cube0x0   1152    
https://github.com/nneonneo/ghidra-wasm-plugin Ghidra Wasm plugin with disassembly and decompilation support nneonneo gpl-3.0 88    
https://github.com/mozilla/mig Distributed & real time digital forensics at the speed of the cloud mozilla mpl-2.0 1194    
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words 🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks Puliczek   858    
https://github.com/paulbrodersen/netgraph Drawing utilities for publication quality plots of networks paulbrodersen gpl-3.0 428    
https://github.com/cert-lv/graphoscope Graphoscope is a solution to access multiple independent data sources from a common UI and show data relations as a graph cert-lv   29    
https://github.com/YfryTchsGD/Log4jAttackSurface   YfryTchsGD   2091    
https://github.com/ptswarm/reFlutter Flutter Reverse Engineering Framework ptswarm gpl-3.0 874    
https://github.com/MISP/misp-warninglists Warning lists to inform users of MISP about potential false-positives or other information in indicators MISP   311    
https://github.com/charmbracelet/soft-serve A tasty, self-hostable Git server for the command line🍦 charmbracelet mit 2712    
https://github.com/horizon3ai/CVE-2021-44077 Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077 horizon3ai   26    
https://github.com/hughsie/python-uswid A tiny tool for embedding CoSWID tags in EFI binaries hughsie lgpl-2.1 10    
https://github.com/xonotic/darkplaces Mirror of https://gitlab.com/xonotic/darkplaces - The Quake engine that powers Xonotic https://xonotic.org xonotic gpl-2.0 158    
https://github.com/LDO-CERT/orochi The Volatility Collaborative GUI LDO-CERT mit 136    
https://github.com/minos-org/minos-static static binaries for linux minos-org   307    
https://github.com/CRED-CLUB/ARTIF An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data. CRED-CLUB mit 224    
https://github.com/Michaelangel007/crc32 CRC32 Demystified Michaelangel007   123    
https://github.com/joshlemon/DFIR-Reference-Frameworks Repository of public reference frameworks for the DFIR community. joshlemon gpl-3.0 87    
https://github.com/nickjj/notes A zero dependency shell script that makes it really simple to manage your text notes. nickjj mit 105    
https://github.com/zinclabs/zinc ZincSearch. A lightweight alternative to elasticsearch that requires minimal resources, written in Go. zinclabs other 12603    
https://github.com/blugelabs/bluge indexing library for Go blugelabs apache-2.0 1474    
https://github.com/mahaloz/objgraph Convert an objdump output into a CFG via Binary Ninja mahaloz bsd-2-clause 6    
https://github.com/idealeer/xmap XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. idealeer apache-2.0 184    
https://github.com/ycm-core/YouCompleteMe A code-completion engine for Vim ycm-core gpl-3.0 24377    
https://github.com/powerline/fonts Patched fonts for Powerline users. powerline   24032    
https://github.com/miguelgrinberg/promisio JavaScript-style async programming for Python. miguelgrinberg mit 190    
https://github.com/SpiderLabs/BlackByteDecryptor   SpiderLabs apache-2.0 53    
https://github.com/enisaeu/training-materials   enisaeu eupl-1.2 5    
https://github.com/zandi/eBPF_processor An IDA processor for eBPF bytecode zandi   52    
https://github.com/CIRCL/orbit-agents orbit-agents CIRCL   2    
https://github.com/nikeee/edotor.net Your favourite Graphviz editor nikeee mit 145    
https://github.com/post-cyberlabs/CVE-Advisory Publishing advisories for CVEs found by POST Cyberforce post-cyberlabs   8    
https://github.com/brimdata/zed A novel data lake based on super-structured data brimdata bsd-3-clause 883    
https://github.com/byt3bl33d3r/OffensiveNim My experiments in weaponizing Nim (https://nim-lang.org/) byt3bl33d3r bsd-2-clause 1867    
https://github.com/hashdd/sdhash similarity digest hashing tool hashdd apache-2.0 2    
https://github.com/gigablast/open-source-search-engine Nov 20 2017 – A distributed open source search engine and spider/crawler written in C/C++ for Linux on Intel/AMD. From gigablast dot com, which has binaries for download. See the README.md file at the very bottom of this page for instructions. gigablast apache-2.0 1391    
https://github.com/p0dalirius/webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version. p0dalirius   387    
https://github.com/ipv6hitlist/ipv6hitlist.github.io Website for IPv6 Hitlist Service with data, software, paper of “Clusters in the Expanse: Understanding and Unbiasing IPv6 Hitlists” IMC’18 publication. ipv6hitlist   25    
https://github.com/DanBloomberg/leptonica Leptonica is an open source library containing software that is broadly useful for image processing and image analysis applications. The official github repository for Leptonica is: danbloomberg/leptonica. See leptonica.org for more documentation and recent releases. DanBloomberg other 1313    
https://github.com/crowdsecurity/crowdsec CrowdSec - the open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network. crowdsecurity mit 5727    
https://github.com/visjs/vis-timeline 📅 Create a fully customizable, interactive timelines and 2d-graphs with items and ranges. visjs other 1138    
https://github.com/visjs/vis-network :dizzy: Display dynamic, automatically organised, customizable network views. visjs apache-2.0 2241    
https://github.com/knownsec/Kunyu Kunyu, more efficient corporate asset collection knownsec gpl-2.0 744    
https://github.com/luispedro/jug Parallel programming with Python luispedro mit 385    
https://github.com/restic/chunker Implementation of Content Defined Chunking (CDC) in Go restic bsd-2-clause 263    
https://github.com/damoeb/rss-proxy RSS-proxy allows you to do create an RSS or ATOM feed of almost any website, just by analyzing just the static HTML structure. damoeb   1362    
https://github.com/apache/solr Apache Solr open-source search software apache apache-2.0 565    
https://github.com/Bioruebe/UniExtract2 Universal Extractor 2 is a tool to extract files from any type of archive or installer. Bioruebe gpl-2.0 2450    
https://github.com/dodancs/douglas-quaid-docker   dodancs gpl-3.0 2    
https://github.com/hasherezade/mal_unpack Dynamic unpacker based on PE-sieve hasherezade bsd-2-clause 458    
https://github.com/holoviz/colorcet A set of useful perceptually uniform colormaps for plotting scientific data holoviz other 584    
https://github.com/jsecurity101/MSRPC-to-ATTACK A repository that maps commonly used attacks using MSRPC protocols to ATT&CK jsecurity101 bsd-3-clause 213    
https://github.com/flashcode/gitchart Build SVG charts from a Git repository. flashcode gpl-3.0 51    
https://github.com/CIRCL/factual-rules-generator Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine. CIRCL agpl-3.0 66    
https://github.com/fleetdm/fleet Fleet is the lightweight, programmable telemetry platform for servers and workstations. Get comprehensive, customizable data from all your devices and operating systems — without the downtime risk. fleetdm other 961    
https://github.com/mazen160/server-status_PWN A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances. mazen160 mit 363    
https://github.com/NCSC-NL/flubot Flubot DGA domains NCSC-NL isc 18    
https://github.com/TingPing/flatpak-cve-checker   TingPing gpl-3.0 2    
https://github.com/DoctorWebLtd/malware-iocs   DoctorWebLtd   127    
https://github.com/icyguider/DumpNParse A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0. icyguider gpl-3.0 116    
https://github.com/phage-nz/misp-feeds Python Service for MISP Feed Management phage-nz   7    
https://github.com/crate/crate CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of machine data in real-time. Built on top of Lucene. crate apache-2.0 3527    
https://github.com/glitzflitz/pyxorfilter Python bindings for xorfilter(faster and smaller than bloom and cuckoo filters) glitzflitz apache-2.0 56    
https://github.com/FastFilter/xorfilter Go library implementing binary fuse and xor filters FastFilter apache-2.0 595    
https://github.com/pdillinger/wormhashing Source code and validation tests for “wide odd regenerative multiplication,” or “worm hashing” pdillinger mit 6    
https://github.com/dirtyfilthy/siem-from-scratch SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab dirtyfilthy gpl-3.0 34    
https://github.com/DavidXanatos/wumgr Windows update managemetn tool for windows 10 DavidXanatos gpl-3.0 1067    
https://github.com/stnolting/neoTRNG 🎲 A Tiny and Platform-Independent True Random Number Generator for any FPGA. stnolting bsd-3-clause 65    
https://github.com/klinix5/InstallerFileTakeOver   klinix5 mit 1673    
https://github.com/online-ml/river 🌊 Online machine learning in Python online-ml bsd-3-clause 3784    
https://github.com/KvrocksLabs/kvrocks_exporter Prometheus Exporter for Kvrocks Metrics KvrocksLabs mit 13    
https://github.com/dveselov/python-libmagic Python bindings to libmagic dveselov mit 20    
https://github.com/pdoc3/pdoc :snake: :arrow_right: :scroll: Auto-generate API documentation for Python projects pdoc3 agpl-3.0 894    
https://github.com/laixintao/iredis Interactive Redis: A Terminal Client for Redis with AutoCompletion and Syntax Highlighting. laixintao bsd-3-clause 2175    
https://github.com/vipshop/redis-migrate-tool A convenient and useful tool for migrating data between redis group. vipshop apache-2.0 902    
https://github.com/righel/ms-exchange-version-nse Nmap script to detect a Microsoft Exchange instance version with OWA enabled. righel apache-2.0 26    
https://github.com/ghuntley/thenftbay.org The NFT Bay is the galaxy’s most resilient NFT BitTorrent site! You wouldn’t steal a JPEG (or would you) ghuntley mit 319    
https://github.com/ssh-mitm/ssh-mitm ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation ssh-mitm gpl-3.0 970    
https://github.com/JPCERTCC/EmoCheck Emotet detection tool for Windows OS JPCERTCC other 616    
https://github.com/ets-labs/python-vimrc VIM Configuration for Python / Cython / C Development ets-labs bsd-3-clause 603    
https://github.com/jtesta/ssh-audit SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc) jtesta mit 1380    
https://github.com/blackberry/threat-research-and-intelligence BlackBerry Threat Research & Intelligence blackberry apache-2.0 38    
https://github.com/magicmonty/bash-git-prompt An informative and fancy bash prompt for Git users magicmonty bsd-2-clause 6326    
https://github.com/matusf/openapi-fuzzer Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free! matusf agpl-3.0 385    
https://github.com/OWASP/Python-Honeypot OWASP Honeypot, Automated Deception Framework. OWASP apache-2.0 328    
https://github.com/trufflesecurity/driftwood Private key usage verification trufflesecurity apache-2.0 309    
https://github.com/jmdx/TLS-poison   jmdx mit 639    
https://github.com/c3rb3ru5d3d53c/binlex A Binary Genetic Traits Lexer Framework c3rb3ru5d3d53c unlicense 303    
https://github.com/manishkatyan/bbb-optimize Better audio quality, increase recording processing speed, dynamic video profile, pagination, fix 1007/1020 errors and use apply-config.sh to manage your customizations are some key techniques for you to optimize and smoothly run your BigBlueButton servers. manishkatyan mit 75    
https://github.com/greatscottgadgets/ViewSB open-source USB analyzer toolkit with support for a variety of capture hardware greatscottgadgets bsd-3-clause 287    
https://github.com/nanoc/nanoc A powerful web publishing system nanoc mit 2013    
https://github.com/niedzielski/git-diff-img 📷 Diff Git versioned images graphically. niedzielski   69    
https://github.com/OpenAtomFoundation/pika Pika is a nosql compatible with redis, it is developed by Qihoo’s DBA and infrastructure team OpenAtomFoundation bsd-3-clause 4844    
https://github.com/drmpeg/gr-atsc3 An ATSC 3.0 Transmitter for GNU Radio drmpeg gpl-3.0 14    
https://github.com/sagpant/reindexer   sagpant apache-2.0 3    
https://github.com/searxng/searxng SearXNG is a free internet metasearch engine which aggregates results from various search services and databases. Users are neither tracked nor profiled. searxng agpl-3.0 3435    
https://github.com/tejado/telegram-nearby-map Discover the location of nearby Telegram users 📡🌍 tejado gpl-3.0 433    
https://github.com/dlukes/rbo Python implementation of the rank-biased overlap list similarity measure. dlukes   58    
https://github.com/helpsystems/nanodump A crappy LSASS dumper with no ASCII art helpsystems apache-2.0 1022    
https://github.com/quarkslab/titanm This repository contains the tools we used in our research on the Google Titan M chip quarkslab apache-2.0 147    
https://github.com/SEKOIA-IO/Community Welcome to the SEKOIA.IO Community repository! SEKOIA-IO   37    
https://github.com/stratosphereips/StratosphereLinuxIPS Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague. stratosphereips other 336    
https://github.com/opencybersecurityalliance/kestrel-lang Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel. opencybersecurityalliance apache-2.0 183    
https://github.com/PlumLulz/hashes.com-cli Command line interface to interact with hashes.com escrow service. PlumLulz   22    
https://github.com/Lookyloo/webext Web extension to submit a URL with its context to a Lookyloo instance Lookyloo bsd-3-clause 2    
https://github.com/mav8557/Father LD_PRELOAD rootkit mav8557 unlicense 73    
https://github.com/mmxgn/spacy-clausie Implementation of the ClausIE information extraction system for python+spacy mmxgn gpl-3.0 181    
https://github.com/magjac/d3-graphviz Graphviz DOT rendering and animated transitions using D3 magjac bsd-3-clause 1354    
https://github.com/b4den/rsacrack A toolbox for extracting RSA private keys from public keys. b4den   150    
https://github.com/righel/gitlab-version-nse Nmap script to guess* a GitLab version. righel apache-2.0 118    
https://github.com/mcore1976/antispy-jammer Simplest ultrasonic ANTISPY voice recording jammer based on ATTINY13 / ATTINY85 / ARDUINO with PAM8403 module driving piezo ultrasonic transducers (and optionally AD8933 signal generator) mcore1976   54    
https://github.com/docker-forensics-toolkit/toolkit A toolkit for the post-mortem examination of Docker containers from forensic HDD copies docker-forensics-toolkit apache-2.0 54    
https://github.com/ail-project/ail-feeder-gharchive AIL feeder for GitHub archive - gharchive.org ail-project   2    
https://github.com/NicholasMamo/multiplex-plot Multiplex: visualizations that tell stories—A Python library to create and annotate beautiful network graph visualizations, text visualizations and more. NicholasMamo gpl-3.0 90    
https://github.com/airbus-seclab/GEA1_break Implementation of the key recovery attack against GEA-1 keys (Eurocrypt 2021) airbus-seclab gpl-2.0 47    
https://github.com/Squiblydoo/MalAPIReader Reads and prints information from the website MalAPI.io Squiblydoo gpl-3.0 15    
https://github.com/binref/refinery High Octane Triage Analysis binref other 300    
https://github.com/FerretDB/FerretDB A truly Open Source MongoDB alternative FerretDB apache-2.0 4901    
https://github.com/xorhex/mlget A golang CLI tool to download malware from a variety of sources. xorhex   107    
https://github.com/netsampler/goflow2 High performance sFlow/IPFIX/NetFlow Collector netsampler bsd-3-clause 210    
https://github.com/kholia/john John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs kholia   13    
https://github.com/nbriz/sneakrypt A simple CLI for synchronously encrypting and decrypting text files modeled on the classic hacker film Sneakers, because there’s no technical reason hacking can’t look the way it does in the movies. nbriz gpl-3.0 11    
https://github.com/center-for-threat-informed-defense/attack_to_cve A methodology for mapping MITRE ATT&CK techniques to vulnerability records to describe the impact of a vulnerability. center-for-threat-informed-defense apache-2.0 127    
https://github.com/jiesutd/NCRFpp NCRF++, a Neural Sequence Labeling Toolkit. Easy use to any sequence labeling tasks (e.g. NER, POS, Segmentation). It includes character LSTM/CNN, word LSTM/CNN and softmax/CRF components. jiesutd apache-2.0 1833    
https://github.com/helloflask/bootstrap-flask Bootstrap 4 & 5 helper for your Flask projects. helloflask other 767    
https://github.com/EricZimmerman/KapeFiles This repository serves as a place for community created Targets and Modules for use with KAPE. EricZimmerman mit 391    
https://github.com/MiroKaku/Nt-Modules Collect different versions of Crucial modules. MiroKaku   93    
https://github.com/scottashipp/noted Lightweight CLI for taking markdown notes in a journal-like (time-seried) fashion scottashipp gpl-3.0 67    
https://github.com/KB5201314/yark Yet another Linux Rootkit KB5201314   17    
https://github.com/bestpractical/rtir-extension-misp   bestpractical   4    
https://github.com/ajkhoury/ReClassEx ReClassEx ajkhoury mit 736    
https://github.com/V1D1AN/S1EM This project is a SIEM with SIRP and Threat Intel, all in one. V1D1AN   262    
https://github.com/hashlookup/hashlookup-importer Directory importer for hashlookup server hashlookup   2    
https://github.com/zmap/constants Repository of constants used in TLS and X509 parsing zmap   10    
https://github.com/CERTCC/kaiju CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is the primary, canonical repository for this project – file bug reports and wishes here! CERTCC other 168    
https://github.com/Mahlet-Inc/hobbits A multi-platform GUI for bit-based analysis, processing, and visualization Mahlet-Inc mit 524    
https://github.com/cerebrate-project/module-collection   cerebrate-project agpl-3.0 2    
https://github.com/nccgroup/umap2 Umap2 is the second revision of NCC Group’s python based USB host security assessment tool. nccgroup agpl-3.0 223    
https://github.com/broccolini/swiss Jekyll theme inspired by Swiss design broccolini mit 444    
https://github.com/pantsbuild/pex A library and tool for generating .pex (Python EXecutable) files pantsbuild apache-2.0 2168    
https://github.com/Dvd848/pytai Kaitai Struct: Visualizer and Hex Viewer GUI in Python Dvd848 other 95    
https://github.com/B2R2-org/B2R2 B2R2 is a collection of useful algorithms, functions, and tools for binary analysis. B2R2-org mit 359    
https://github.com/curated-intel/Initial-Access-Broker-Landscape A visualized overview of the Initial Access Broker (IAB) cybercrime landscape curated-intel   91    
https://github.com/canonical/section_ops Section operation hacks canonical mit 3    
https://github.com/ANSSI-FR/MLA Multi Layer Archive - A pure rust encrypted and compressed archive file format ANSSI-FR lgpl-3.0 272    
https://github.com/center-for-threat-informed-defense/attack-workbench-rest-api An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository contains the REST API service for storing, querying, and editing ATT&CK objects. center-for-threat-informed-defense apache-2.0 19    
https://github.com/Shell-Company/Public-Shell-Company Provision on-demand anonymous shells via SMS Shell-Company   8    
https://github.com/BentonEdmondson/knock Convert ACSM files to PDFs/EPUBs with one command on Linux BentonEdmondson gpl-3.0 564    
https://github.com/SentineLabs/AlphaGolang IDApython Scripts for Analyzing Golang Binaries SentineLabs gpl-3.0 350    
https://github.com/RH-ISAC/PyOTI Python library for threat intelligence RH-ISAC gpl-3.0 54    
https://github.com/optiv/ScareCrow ScareCrow - Payload creation framework designed around EDR bypass. optiv mit 2069    
https://github.com/BushidoUK/CTI-Quiz Practice CTI Quiz BushidoUK   7    
https://github.com/D4-project/pyipasnhistory API client for IPASN History D4-project   3    
https://github.com/kindtime/nosferatu Windows NTLM Authentication Backdoor kindtime   189    
https://github.com/scrapinghub/article-extraction-benchmark Article extraction benchmark: dataset and evaluation scripts scrapinghub mit 146    
https://github.com/adbar/trafilatura Python & command-line tool to gather text on the Web: web crawling/scraping, extraction of text, metadata, comments adbar gpl-3.0 634    
https://github.com/matterpoll/matterpoll Create polls and surveys directly within Mattermost matterpoll mit 223    
https://github.com/tsale/Rita-zeek_analysis Script to install rita and zeek and then analyze related logs tsale   6    
https://github.com/CQCL/lambeq A high-level Python library for Quantum Natural Language Processing CQCL apache-2.0 304    
https://github.com/jfilter/clean-text 🧹 Python package for text cleaning jfilter other 716    
https://github.com/amir-zeldes/gum Repository for the Georgetown University Multilayer Corpus (GUM) amir-zeldes other 71    
https://github.com/GitJournal/GitJournal Mobile first Note Taking integrated with Git GitJournal agpl-3.0 2715    
https://github.com/kanidm/kanidm Kanidm: A simple, secure and fast identity management platform kanidm mpl-2.0 1179    
https://github.com/ranaroussi/yfinance Download market data from Yahoo! Finance’s API ranaroussi apache-2.0 7852    
https://github.com/RaRe-Technologies/gensim Topic Modelling for Humans RaRe-Technologies lgpl-2.1 13667    
https://github.com/aliyunav/Finger A tool for recognizing function symbol aliyunav gpl-3.0 319    
https://github.com/aquasecurity/tracee Linux Runtime Security and Forensics using eBPF aquasecurity apache-2.0 2258    
https://github.com/jubairsaidi/urlinsane Multilingual domain typo permutation engine used to perform or detect typosquatting, brandjacking, URL hijacking, fraud, phishing attacks, corporate espionage and threat intelligence. jubairsaidi mit 4    
https://github.com/meixler/Page-Integrity Page Integrity is a web browser extension for Firefox, for verifying the integrity of web pages. meixler   5    
https://github.com/SK-CERT/Taranis-NG Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains a user portal for simple self asset management. Taranis NG was developed by SK-CERT with a help from wide CSIRT community. SK-CERT eupl-1.2 45    
https://github.com/ail-project/ail-splash-manager   ail-project gpl-3.0 4    
https://github.com/quarkslab/mattermost-plugin-e2ee End-to-end encryption plugin for Mattermost quarkslab apache-2.0 48    
https://github.com/OALabs/hashdb-ida HashDB API hash lookup plugin for IDA Pro OALabs bsd-3-clause 223    
https://github.com/OALabs/hashdb Assortment of hashing algorithms used in malware OALabs apache-2.0 197    
https://github.com/mandiant/flare-ida IDA Pro utilities from FLARE team mandiant apache-2.0 1801    
https://github.com/zqtay/Telegram-Message-Analyzer Process the exported Telegram chat history .html and generate a report message count by date, and most used words. zqtay   22    
https://github.com/mncoppola/suterusu An LKM rootkit targeting Linux 2.6/3.x on x86(_64), and ARM mncoppola mit 580    
https://github.com/rly0nheart/occli A command line tool that queries the Open Corporates Database and returns data on corporations under the copyleft Open Database License. rly0nheart gpl-3.0 30    
https://github.com/bats3c/DarkLoadLibrary LoadLibrary for offensive operations bats3c   728    
https://github.com/okbob/pspg Unix pager (with very rich functionality) designed for work with tables. Designed for PostgreSQL, but MySQL is supported too. Works well with pgcli too. Can be used as CSV or TSV viewer too. It supports searching, selecting rows, columns, or block and export selected area to clipboard. okbob bsd-2-clause 1910    
https://github.com/herosi/CTO Call Tree Overviewer herosi mit 255    
https://github.com/Invoke-IR/PowerForensics PowerForensics provides an all in one platform for live disk forensic analysis Invoke-IR mit 1242    
https://github.com/xwmx/nb CLI and local web plain text note‑taking, bookmarking, and archiving with linking, tagging, filtering, search, Git versioning & syncing, Pandoc conversion, + more, in a single portable script. xwmx agpl-3.0 4872    
https://github.com/Jeija/librenard Reverse Engineered Sigfox Stack - Library Jeija   20    
https://github.com/dariusk/corpora A collection of small corpuses of interesting data for the creation of bots and similar stuff. dariusk   4536    
https://github.com/aparrish/pycorpora A simple Python interface for Darius Kazemi’s Corpora Project. aparrish mit 113    
https://github.com/zinggAI/zingg Scalable identity resolution, entity resolution, data mastering and deduplication using ML zinggAI agpl-3.0 632    
https://github.com/projectdiscovery/interactsh An OOB interaction gathering server and client library projectdiscovery mit 1978    
https://github.com/nil0x42/phpsploit Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor nil0x42 gpl-3.0 1808    
https://github.com/wagga40/Zircolite A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs wagga40   420    
https://github.com/jmpsec/osctrl Fast and efficient osquery management jmpsec mit 251    
https://github.com/zentralopensource/zentral Zentral provides a unified view for endpoint monitoring. Comprehensive features include Santa binary authorization and patch management orchestration on macOS, as well as detailed Qsquery fleet management - all paired with event based stream processing and direct support for a range of data store backends (Elastic, OpenSearch, SumoLogic, Splunk, e.g.). zentralopensource other 650    
https://github.com/ICIJ/datashare Better analyze information, in all its forms ICIJ agpl-3.0 438    
https://github.com/clockfort/GitHub-Backup Backup all the repositories of a github user or organization automatically. clockfort cc0-1.0 267    
https://github.com/HugoLB0/browser-creds recover Firefox and more browsers logins HugoLB0   42    
https://github.com/my5G/my5G-non3GPP-access Implements a security connection using untrusted non3GPP my5G apache-2.0 30    
https://github.com/qeeqbox/honeypots 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc) qeeqbox agpl-3.0 234    
https://github.com/SocialConnect/auth :atom: Social (OAuth1\OAuth2\OpenID\OpenIDConnect) sign with PHP :shipit: SocialConnect mit 511    
https://github.com/mcrumm/mystex_pizza_on_broadway An example of batching for operations with Elixir and Broadway mcrumm apache-2.0 20    
https://github.com/nltk/nltk NLTK Source nltk apache-2.0 11185    
https://github.com/aaronland/go-flickr-api Go package for working with the Flickr API aaronland bsd-3-clause 1    
https://github.com/jbapple/libfilter High-speed Bloom filters and taffy filters for C, C++, and Java jbapple apache-2.0 24    
https://github.com/ossf/oss-vulnerability-guide A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications. ossf cc-by-4.0 72    
https://github.com/gallypette/ia-torrent Retrive torrent files from an Internet Archive search gallypette other 2    
https://github.com/stuhli/awesome-event-ids Collection of Event ID ressources useful for Digital Forensics and Incident Response stuhli mit 384    
https://github.com/shelld3v/PwnVPN The best exploitation tool for SSL VPN 0day vulnerabilities. shelld3v   71    
https://github.com/cisagov/crossfeed External monitoring for organization assets cisagov cc0-1.0 234    
https://github.com/advanced-threat-research/DarkSide-Config-Extract   advanced-threat-research   30    
https://github.com/wummel/patool patool is a portable command line archive file manager wummel gpl-3.0 312    
https://github.com/redpanda-data/redpanda Redpanda is a streaming data platform for developers. Kafka API compatible. 10x faster. No ZooKeeper. No JVM! redpanda-data   5150    
https://github.com/apjanke/ronn-ng Ronn-NG: An updated fork of ronn. Build man pages from Markdown. apjanke mit 48    
https://github.com/rtomayko/ronn the opposite of roff rtomayko other 1306    
https://github.com/aubio/aubio a library for audio and music analysis aubio gpl-3.0 2819    
https://github.com/slsa-framework/slsa Supply-chain Levels for Software Artifacts slsa-framework other 918    
https://github.com/alex-shpak/hugo-book Hugo documentation theme as simple as plain book alex-shpak mit 2062    
https://github.com/CESNET/ipfixprobe   CESNET bsd-3-clause 15    
https://github.com/CESNET/Nemea System for network traffic analysis and anomaly detection. CESNET other 70    
https://github.com/fofapro/fapro Fake Protocol Server fofapro   1324    
https://github.com/blacklanternsecurity/MANSPIDER Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported! blacklanternsecurity   591    
https://github.com/graphlab-fr/cosma Cosma is a document graph visualization tool. It modelizes interlinked Markdown files and renders them as an interactive network in a web interface. graphlab-fr gpl-3.0 40    
https://github.com/vesoft-inc/nebula A distributed, fast open-source graph database featuring horizontal scalability and high availability vesoft-inc apache-2.0 8170    
https://github.com/VIDA-NYU/ache ACHE is a web crawler for domain-specific search. VIDA-NYU apache-2.0 374    
https://github.com/ascoderu/xtarfile Wrapper around tarfile to add support for more compression formats ascoderu apache-2.0 6    
https://github.com/tylertreat/BoomFilters Probabilistic data structures for processing continuous, unbounded streams. tylertreat apache-2.0 1487    
https://github.com/DCSO/bloom A highly efficient Bloom filter library and command line tool written in Go. DCSO other 56    
https://github.com/DCSO/tiffy TIE Feed Generator for MISP (replaces tie2misp) DCSO bsd-3-clause 5    
https://github.com/ashemery/exploitation-course Offensive Software Exploitation Course ashemery   762    
https://github.com/aaugustin/websockets Library for building WebSocket servers and clients in Python aaugustin bsd-3-clause 4234    
https://github.com/lockedbyte/CVE-2021-40444 CVE-2021-40444 PoC lockedbyte   1444    
https://github.com/splunk/attack_data A repository of curated datasets from various attacks splunk apache-2.0 336    
https://github.com/caiobran/mstables MorningStar.com scraper that consolidates tens of thousands of financial records into a SQLite relational database. Class ‘dataframes’ easily converts the SQLite data into pandas DataFrames (see Jupyter notebook for examples) caiobran mit 137    
https://github.com/raw-packet/raw-packet Raw-packet Project raw-packet mit 197    
https://github.com/arthurdejong/python-stdnum A Python library to provide functions to handle, parse and validate standard numbers. arthurdejong lgpl-2.1 385    
https://github.com/PassiveDNS/PassiveDNS Web Application for domain name monitoring / alerting PassiveDNS agpl-3.0 54    
https://github.com/quotient-im/Quaternion A Qt5-based IM client for Matrix quotient-im gpl-3.0 550    
https://github.com/otiai10/ocrserver A simple OCR API server, seriously easy to be deployed by Docker, on Heroku as well otiai10 mit 531    
https://github.com/bitfieldaudio/OTTO Sampler, Sequencer, Multi-engine synth and effects - in a box! [WIP] bitfieldaudio other 2510    
https://github.com/austinsonger/Incident-Playbook GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] austinsonger mit 963    
https://github.com/post-cyberlabs/PyMISP_Telecom Script examples to interact with Telecom Data / Objects via PyMISP post-cyberlabs agpl-3.0 6    
https://github.com/lorien/awesome-pastebin List of pastebin sites. lorien   47    
https://github.com/eljefe7000/RestApiToText RestApiToText Notepad++ plugin that uses input from an editor tab to make a REST call and display the results in a new tab. eljefe7000 gpl-3.0 13    
https://github.com/cristianzsh/freki :wolf: Malware analysis platform cristianzsh agpl-3.0 357    
https://github.com/coolacid/docker-misp A (nearly) production ready Dockered MISP coolacid gpl-3.0 181    
https://github.com/geemion/Khepri Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++. geemion apache-2.0 1375    
https://github.com/microsoft/APSI APSI is a C++ library for Asymmetric (unlabeled or labeled) Private Set Intersection. microsoft mit 107    
https://github.com/causaltext/causal-text-papers Curated research at the intersection of causal inference and natural language processing. causaltext   573    
https://github.com/jonasmalacofilho/git-cache-http-server A caching Git HTTP server jonasmalacofilho other 68    
https://github.com/dwmetz/CSIRT-Collect PowerShell script to collect memory and (triage) disk forensics dwmetz mit 188    
https://github.com/stephenbradshaw/hlextend Pure Python hash length extension module stephenbradshaw other 75    
https://github.com/ail-project/ail-feeder-leak AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically ail-project agpl-3.0 8    
https://github.com/tabler/tabler-icons A set of over 2800 free MIT-licensed high-quality SVG icons for you to use in your web projects. tabler mit 13024    
https://github.com/doegox/awesome-rfid-talks   doegox   58    
https://github.com/WithSecureLabs/chainsaw Rapidly Search and Hunt through Windows Forensic Artefacts WithSecureLabs gpl-3.0 1717    
https://github.com/vertexproject/synapse Synapse Central Intelligence System vertexproject apache-2.0 247    
https://github.com/centrifugal/centrifugo Scalable real-time messaging server in a language-agnostic way. Set up once and forever. centrifugal apache-2.0 6505    
https://github.com/searx/searx Privacy-respecting metasearch engine searx agpl-3.0 12141    
https://github.com/google/docsy A set of Hugo doc templates for launching open source content. google apache-2.0 1942    
https://github.com/airbus-seclab/c-compiler-security Security-related flags and options for C compilers airbus-seclab cc-by-sa-4.0 128    
https://github.com/EdwardRaff/pyLZJD Python implementation of the LZJD algorithm EdwardRaff apache-2.0 18    
https://github.com/a4lg/ffuzzypp C++ implementation of ssdeep-compatible fast fuzzy hashing a4lg other 35    
https://github.com/a4lg/libffuzzy Fast ssdeep comparison library a4lg other 11    
https://github.com/libyal/libesedb Library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format. libyal lgpl-3.0 305    
https://github.com/mpetri/FM-Index FM-Index full-text index implementation using RRR Wavelet trees (libcds) and fast suffix sorting (libdivsufsort) including experimental results. mpetri gpl-3.0 87    
https://github.com/a4lg/fast-ssdeep-clus Parallel ssdeep clustering kit a4lg   16    
https://github.com/mdecrevoisier/Microsoft-eventlog-mindmap Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,… mdecrevoisier bsd-2-clause 778    
https://github.com/pykeen/pykeen 🤖 A Python library for learning and evaluating knowledge graph embeddings pykeen mit 1015    
https://github.com/AndrewRathbun/DFIRMindMaps A repository of DFIR-related Mind Maps geared towards the visual learners! AndrewRathbun mit 390    
https://github.com/opsdisk/scantron A distributed nmap / masscan scanning framework complete with scan scheduling, engine pooling, subsequent scan port diff-ing, and an API client for automation workflows. opsdisk apache-2.0 121    
https://github.com/evilsocket/medusa A fast and secure multi protocol honeypot. evilsocket other 268    
https://github.com/EquiFox/KsDumper Dumping processes using the power of kernel space ! EquiFox mit 771    
https://github.com/center-for-threat-informed-defense/attack_to_veris The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation. center-for-threat-informed-defense apache-2.0 54    
https://github.com/falconry/falcon The no-magic web data plane API and microservices framework for Python developers, with a focus on reliability, correctness, and performance at scale. falconry apache-2.0 8930    
https://github.com/daniestevez/gr-satellites GNU Radio decoder for Amateur satellites daniestevez gpl-3.0 602    
https://github.com/django-oscar/django-oscar Domain-driven e-commerce for Django django-oscar bsd-3-clause 5506    
https://github.com/wdas/reposado Host Apple Software Updates on the hardware and OS of your choice. wdas other 840    
https://github.com/rizinorg/rz-ghidra Deep ghidra decompiler and sleigh disassembler integration for rizin rizinorg lgpl-3.0 667    
https://github.com/rizinorg/rizin UNIX-like reverse engineering framework and command-line toolset. rizinorg lgpl-3.0 1635    
https://github.com/radareorg/iaito Official QT frontend of radare2 radareorg gpl-3.0 448    
https://github.com/lzfse/lzfse LZFSE compression library and command line tool lzfse bsd-3-clause 1690    
https://github.com/marceloprates/prettymaps A small set of Python functions to draw pretty maps from OpenStreetMap data. Based on osmnx, matplotlib and shapely libraries. marceloprates agpl-3.0 8841    
https://github.com/encryptogroup/MobilePSI Implementation of precomputed PSI for smartphone encryptogroup   10    
https://github.com/eric-vader/PyPSI A Python library for private set intersection eric-vader apache-2.0 9    
https://github.com/alyssaxuu/screenity The most powerful screen recorder & annotation tool for Chrome 🎥 alyssaxuu mit 7714    
https://github.com/fastfire/deepdarkCTI Collection of Cyber Threat Intelligence sources from the deep and dark web fastfire gpl-3.0 1152    
https://github.com/IlanKalendarov/PyHook PyHook is an offensive API hooking tool written in python designed to catch various credentials within the API call. IlanKalendarov bsd-3-clause 156    
https://github.com/srossross/rpmfile Read rmp archive files srossross mit 20    
https://github.com/maana-io/ServiceReadinessLevels Service Readiness Levels (SRL) are a type of measurement system used to assess the maturity of software services deployed in an orchestration and management platform. SRL are loosely based on the NASA Technology Readiness Levels. maana-io mit 2    
https://github.com/organicmaps/organicmaps 🍃 Organic Maps is a free Android & iOS offline maps app for travelers, tourists, hikers, and cyclists. It uses crowd-sourced OpenStreetMap data and is developed with love by MapsWithMe (MapsMe) founders and our community. No ads, no tracking, no data collection, no crapware. Your donations and positive reviews motivate and inspire our small team! organicmaps apache-2.0 4032    
https://github.com/jonashaag/bjoern A screamingly fast Python 2/3 WSGI server written in C. jonashaag other 2851    
https://github.com/StrangerealIntel/SkyNeXus List SID of rules used by publics sandbox for hunting StrangerealIntel   2    
https://github.com/s0md3v/Hash-Buster Crack hashes in seconds. s0md3v mit 1393    
https://github.com/byronknoll/cmix cmix is a lossless data compression program aimed at optimizing compression ratio at the cost of high CPU/memory usage. byronknoll gpl-3.0 472    
https://github.com/sptonkin/fuzzyhashlib Python hashlib-like wrapper for several fuzzy hash algorithms. sptonkin gpl-3.0 12    
https://github.com/TheClimateCorporation/python-dpkg Python library for reading Debian package files and comparing version strings TheClimateCorporation other 26    
https://github.com/barneygale/pathlab Extends Pathlib to archives, images, remote filesystems, etc barneygale gpl-3.0 25    
https://github.com/cogsec-collaborative/AMITT AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. Includes TTPs and countermeasures. cogsec-collaborative cc-by-sa-4.0 145    
https://github.com/linvon/cuckoo-filter Cuckoo Filter go implement, better than Bloom Filter, configurable and space optimized 布谷鸟过滤器的Go实现,优于布隆过滤器,可以定制化过滤器参数,并进行了空间优化 linvon mit 232    
https://github.com/hpthreatresearch/subcrawl SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as MISP. hpthreatresearch mit 117    
https://github.com/Archive-42/My-Notes-Compilation This is just a running list of notes without any unifying theme or structure, however it will generally be somewhere in the realm of web development. Archive-42   6    
https://github.com/kkamagui/bitleaker This tool can decrypt a BitLocker-locked partition with the TPM vulnerability kkamagui other 135    
https://github.com/sigstore/cosign Container Signing sigstore apache-2.0 2681    
https://github.com/in-toto/docs Specification and other related documents. in-toto mit 25    
https://github.com/sigstore/rekor Software Supply Chain Transparency Log sigstore apache-2.0 610    
https://github.com/IceFireDB/IceFireDB IceFireDB is a database built for web3 and web2. It strives to fill the gap between web2 and web3 with a friendly database experience, making web3 application data storage more convenient, and making it easier for web2 applications to achieve decentralization and data immutability. IceFireDB mit 939    
https://github.com/OpenMined/PySyft Data science on data without acquiring a copy OpenMined apache-2.0 8399    
https://github.com/jazzband/django-payments Universal payment handling for Django. jazzband other 798    
https://github.com/OpenMined/PSI Private Set Intersection Cardinality protocol based on ECDH and Bloom Filters OpenMined apache-2.0 80    
https://github.com/farsightsec/fsmtrie fast string matching trie library farsightsec apache-2.0 8    
https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX Convert Apple NeuralHash model for CSAM Detection to ONNX. AsuharietYgvar apache-2.0 1480    
https://github.com/minio/minfs A network filesystem client to connect to MinIO and Amazon S3 compatible cloud storage servers minio agpl-3.0 418    
https://github.com/jonaslejon/malicious-pdf 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh jonaslejon bsd-2-clause 1867    
https://github.com/guelfoweb/peframe PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents. guelfoweb   542    
https://github.com/cloudflare/goflow The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare. cloudflare bsd-3-clause 651    
https://github.com/satta/fever-threatbus FEVER<->Threat Bus connector satta   5    
https://github.com/hack4impact/flask-base A simple Flask boilerplate app with SQLAlchemy, Redis, User Authentication, and more. hack4impact mit 2816    
https://github.com/Yara-Rules/rules Repository of yara rules Yara-Rules gpl-2.0 3315    
https://github.com/SourceCode-AI/aura Python source code auditing and static analysis on a large scale SourceCode-AI gpl-3.0 103    
https://github.com/openwall/yescrypt Password-based key derivation function and password hashing scheme building upon scrypt openwall   60    
https://github.com/jaraco/keyring   jaraco mit 928    
https://github.com/riatelab/linemap :aquarius: Create maps made of lines riatelab   108    
https://github.com/xairy/vmware-exploitation A collection of links related to VMware escape exploits xairy cc-by-4.0 1178    
https://github.com/cudeso/CSIRT-Jump-Bag CSIRT Jump Bag cudeso   25    
https://github.com/markmap/markmap Visualize your Markdown as mindmaps with Markmap. markmap mit 4145    
https://github.com/med0x2e/SigFlip SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature. med0x2e mit 728    
https://github.com/ml874/Data-Science-Cheatsheet   ml874   2217    
https://github.com/G-Research/siembol An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework. G-Research apache-2.0 159    
https://github.com/c6fc/warcannon High speed/Low cost CommonCrawl RegExp in Node.js c6fc other 205    
https://github.com/GuidoBartoli/sherloq An open-source digital image forensic toolset GuidoBartoli gpl-3.0 2072    
https://github.com/rprinz08/hBPF hBPF = eBPF in hardware rprinz08 bsd-3-clause 326    
https://github.com/pucarasec/zuthaka Zuthaka is an open source application designed to assist red-teaming efforts, by simplifying the task of managing different APTs and other post-exploitation tools. pucarasec other 159    
https://github.com/ail-project/ail-feeder-activity-pub External ActivityPub feeder for AIL-framework. ail-project   4    
https://github.com/baidu/BaikalDB BaikalDB, A Distributed HTAP Database. baidu apache-2.0 982    
https://github.com/quarkslab/qsynthesis Greybox Synthesizer geared for deobfuscation of assembly instructions. quarkslab agpl-3.0 89    
https://github.com/build-trust/ockam Orchestrate end-to-end encryption, mutual authentication, key management, credential management & authorization policy enforcement — at scale. build-trust apache-2.0 2622    
https://github.com/ukncsc/lme Logging Made Easy ukncsc apache-2.0 660    
https://github.com/mozilla/extension-workshop Firefox Extension Workshop mozilla   70    
https://github.com/cfalta/MicrosoftWontFixList A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-)) cfalta bsd-3-clause 897    
https://github.com/amirgamil/apollo A Unix-style personal search engine and web crawler for your digital footprint. amirgamil mit 1296    
https://github.com/humhub/humhub HumHub is an Open Source Enterprise Social Network. Easy to install, intuitive to use and extendable with countless freely available modules. humhub other 5922    
https://github.com/lektor/lektor The lektor static file content management system lektor bsd-3-clause 3623    
https://github.com/securisec/chepy Chepy is a python lib/cli equivalent of the awesome CyberChef tool. securisec gpl-3.0 466    
https://github.com/AresValley/Artemis Radio Signals Recognition Manual AresValley gpl-3.0 165    
https://github.com/sigstore/sigstore-git-verifier A Github Action to verify that new commits are present in the sigstore transparency log. sigstore apache-2.0 7    
https://github.com/poettering/fsprg Forward Secure Pseudo Random Generator poettering   7    
https://github.com/seperman/deepdiff DeepDiff: Deep Difference and search of any Python object/data. DeepHash: Hash of any object based on its contents. Delta: Use deltas to reconstruct objects by adding deltas together. seperman other 1508    
https://github.com/eclecticiq/stix-icons stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats according to the STIX language for intelligence exchange, defined by OASIS Cyber Threat Intelligence (CTI) TC eclecticiq other 17    
https://github.com/strozfriedberg/lightgrep Command-line utility for multipattern search using liblightgrep strozfriedberg gpl-3.0 36    
https://github.com/aaranxu/adidoks AdiDoks is a mordern documentation theme, which is a port of the Hugo theme Doks for Zola. aaranxu mit 123    
https://github.com/mvt-project/mvt MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise. mvt-project other 8168    
https://github.com/camelot-dev/camelot A Python library to extract tabular data from PDFs camelot-dev mit 1716    
https://github.com/AmnestyTech/investigations Indicators from Amnesty International’s investigations AmnestyTech   1400    
https://github.com/RosettaCommons/RoseTTAFold This package contains deep learning models and related scripts for RoseTTAFold RosettaCommons mit 1606    
https://github.com/g-deoliveira/TextSummarization Extractive Text Summarization Using LDA For Topic Modeling g-deoliveira   33    
https://github.com/tenacityteam/tenacity-legacy Old repository. Tenacity is an easy-to-use, privacy-friendly, FLOSS, cross-platform multi-track audio editor/recorder for Windows, macOS, Linux and other operating systems. tenacityteam other 7217    
https://github.com/mozilla/bleach Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes mozilla other 2407    
https://github.com/betrusted-io/gateware IP submodules, formatted for easier CI integration betrusted-io other 21    
https://github.com/iot-onboarding/mud-visualizer mud-visualizer is a tool to visualize MUD files iot-onboarding bsd-3-clause 11    
https://github.com/t4d/PhishingKit-Yara-Rules Repository of Yara rules dedicated to Phishing Kits Zip files t4d gpl-3.0 91    
https://github.com/D4-project/d4-rustclient Very basic rust client: listen for a message on stdin, write the message on stdout. D4-project bsd-2-clause 2    
https://github.com/rpetrich/deciduous App that makes building attack decision trees from the Security Chaos Engineering report easy rpetrich gpl-2.0 100    
https://github.com/litl/backoff Python library providing function decorators for configurable backoff and retry litl mit 1966    
https://github.com/bndw/wifi-card 📶 Print a QR code for connecting to your WiFi (wificard.io) bndw mit 6095    
https://github.com/tiimgreen/github-cheat-sheet A list of cool features of Git and GitHub. tiimgreen mit 37616    
https://github.com/sophoslabs/IoCs Sophos-originated indicators-of-compromise from published reports sophoslabs   359    
https://github.com/martinus/robin-hood-hashing Fast & memory efficient hashtable based on robin hood hashing for C++11/14/17/20 martinus mit 1240    
https://github.com/splunk/security_content Splunk Security Content splunk apache-2.0 738    
https://github.com/kellyjonbrazil/jello CLI tool to filter JSON and JSON Lines data with Python syntax. (Similar to jq) kellyjonbrazil mit 327    
https://github.com/virtualabs/piotr Piotr - IoT firmware emulation instrumentation for training and research virtualabs mit 52    
https://github.com/telekom-security/malware_analysis This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts. telekom-security   72    
https://github.com/SpiderLabs/REvil_config Configuration file for REvil / Kaseya July campaign SpiderLabs   4    
https://github.com/cisco/mindmeld An Open Source Conversational AI Platform for Deep-Domain Voice Interfaces and Chatbots. cisco apache-2.0 599    
https://github.com/CachetHQ/Cachet 📛 An open source status page system for everyone. CachetHQ bsd-3-clause 12934    
https://github.com/google/trax Trax — Deep Learning with Clear Code and Speed google apache-2.0 7156    
https://github.com/MISP/misp-expansion MISP expansion - a browser extension (Firefox and Chrome) to lookup on MISP MISP bsd-2-clause 5    
https://github.com/ail-project/ail-feeder-discord Discord feeder for AIL ail-project agpl-3.0 6    
https://github.com/imuledx/OSINT_sources   imuledx   112    
https://github.com/m8sec/subscraper Perform subdomain enumeration through various techniques and retrieve detailed output to aid in further testing. m8sec gpl-3.0 583    
https://github.com/piccolomo/plotext plotting on terminal piccolomo mit 1161    
https://github.com/benedekrozemberczki/karateclub Karate Club: An API Oriented Open-source Python Framework for Unsupervised Learning on Graphs (CIKM 2020) benedekrozemberczki gpl-3.0 1760    
https://github.com/z1pti3/jimi Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch jimi has developed into a fully fledged IT automation platform which effortlessly integrates with your existing tools unlocking the potential for autonomous IT and Security operations. z1pti3 apache-2.0 124    
https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds Zeek-Formatted Threat Intelligence Feeds CriticalPathSecurity mit 176    
https://github.com/center-for-threat-informed-defense/security-stack-mappings This project empowers defenders with independent data on which native security controls of leading technology platforms are most useful in defending against the adversary TTPs they care about. center-for-threat-informed-defense apache-2.0 239    
https://github.com/ossf/scorecard Security Scorecards - Security health metrics for Open Source ossf apache-2.0 3011    
https://github.com/hm-seclab/YAFRA YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents. hm-seclab apache-2.0 24    
https://github.com/hamano/apache-mod-markdown Markdown filter module for Apache HTTPD Server hamano apache-2.0 81    
https://github.com/D4-project/ct-scrutinize ct-scrutinize is a set of tools extract information from Certificate Transparency logs D4-project agpl-3.0 3    
https://github.com/aniqfakhrul/Sharperner Simple executable generator with encrypted shellcode. aniqfakhrul   269    
https://github.com/ticarpi/jwt_tool :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens ticarpi gpl-3.0 3512    
https://github.com/rhash/RHash Great utility for computing hash sums rhash 0bsd 445    
https://github.com/RCayre/mirage Mirage is a powerful and modular framework dedicated to the security analysis of wireless communications. RCayre mit 160    
https://github.com/a-luna/fastapi-redis-cache A simple and robust caching solution for FastAPI that interprets request header values and creates proper response header values (powered by Redis) a-luna mit 85    
https://github.com/facebookresearch/faiss A library for efficient similarity search and clustering of dense vectors. facebookresearch mit 18317    
https://github.com/facebookresearch/fastText Library for fast text representation and classification. facebookresearch mit 24007    
https://github.com/muesli/markscribe Your personal markdown scribe with template-engine and Git(Hub) & RSS powers 📜 muesli mit 249    
https://github.com/rayohauno/hierpart A Python package that implements the HierarchicalPartition data structure. rayohauno gpl-2.0 5    
https://github.com/google/osv.dev Open source vulnerability DB and triage service. google apache-2.0 653    
https://github.com/ehn-dcc-development/eu-dcc-hcert-spec Electronic Health Certificates Specification ehn-dcc-development   363    
https://github.com/eaglx/VMPROTECT Obfuscation method using virtual machine. eaglx gpl-3.0 551    
https://github.com/matrix-org/pinecone Peer-to-peer overlay routing for the Matrix ecosystem matrix-org apache-2.0 303    
https://github.com/matteodellamico/flexible-clustering Clustering for arbitrary data and dissimilarity function matteodellamico bsd-3-clause 57    
https://github.com/ruslashev/elfcat ELF visualizer. Generates HTML files from ELF binaries. ruslashev zlib 870    
https://github.com/facebookresearch/AugLy A data augmentations library for audio, image, text, and video. facebookresearch other 4595    
https://github.com/EmergingThreats/threatresearch I wanted to call this repo “Nuclear Football Codes”. I was outvoted.. EmergingThreats   64    
https://github.com/mapbox/storytelling Storytelling with maps template mapbox bsd-3-clause 424    
https://github.com/barrust/pyprobables Probabilistic data structures in python http://pyprobables.readthedocs.io/en/latest/index.html barrust mit 84    
https://github.com/hashlookup/PyHashlookup Python CLI and module for CIRCL hash lookup hashlookup gpl-3.0 8    
https://github.com/infeeeee/kimai2-cmd Command line client for Kimai2, the open source, self-hosted time tracker infeeeee mit 19    
https://github.com/kevinpapst/kimai2 Kimai v2 is a web-based multiuser time-tracking application. Free for everyone: freelancers, agencies, companies, organizations - all can track their times, generate invoices and more. SaaS version available at https://www.kimai.cloud kevinpapst mit 1901    
https://github.com/sh-dv/hat.sh Encrypt and Decrypt files securely in your browser. sh-dv mit 1560    
https://github.com/CpanelInc/tech-CSI cPanel Security Scan CpanelInc other 29    
https://github.com/3c7/bazaar Python based CLI for MalwareBazaar 3c7 mit 17    
https://github.com/e-m-b-a/emba EMBA - The firmware security analyzer e-m-b-a gpl-3.0 1463    
https://github.com/otgrkiss/apache-mellon-saml-misp-proxy   otgrkiss   2    
https://github.com/vimoutliner/vimoutliner Work fast, think well. vimoutliner other 554    
https://github.com/sylhare/Type-on-Strap 🎨 Simplistic, responsive jekyll based open source theme sylhare mit 671    
https://github.com/Velocidex/velociraptor Digging Deeper…. Velocidex other 1481    
https://github.com/facebookincubator/nvdtools A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD) facebookincubator apache-2.0 358    
https://github.com/krt/redis-asm Fast fuzzy string search on Redis using Lua. UTF-8 ready. krt mit 40    
https://github.com/iCopy-X-Community/icopyx-teardown   iCopy-X-Community   36    
https://github.com/javierbyte/pintr Create single line SVG illustrations from your pictures javierbyte bsd-3-clause 678    
https://github.com/zautomata/virusshare   zautomata bsd-3-clause 10    
https://github.com/rajkumar-rangaraj/PDB-Downloader PDB Downloader - An easier way to download Microsoft’s public symbols for Libraries and Executables. rajkumar-rangaraj   252    
https://github.com/SAP/credential-digger A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models :lock: SAP apache-2.0 218    
https://github.com/jiabailie/Althttpd Althttpd is a simple webserver that has run the https://sqlite.org/ website since 2004. Althttpd strives for simplicity, security, and low resource usage. jiabailie mit 12    
https://github.com/bits-and-blooms/bloom Go package implementing Bloom filters bits-and-blooms bsd-2-clause 1710    
https://github.com/mosajjal/dnsmonster Passive DNS Capture and Monitoring Toolkit mosajjal gpl-2.0 212    
https://github.com/eTextile/Matrix   eTextile other 9    
https://github.com/drawrowfly/tiktok-scraper TikTok Scraper. Download video posts, collect user/trend/hashtag/music feed metadata, sign URL and etc. drawrowfly   3115    
https://github.com/apurvsinghgautam/dark-web-osint-tools OSINT Tools for the Dark Web apurvsinghgautam   276    
https://github.com/marco-lancini/cartography-queries Utilities for programmatic analysis of Cartography data. marco-lancini apache-2.0 27    
https://github.com/kirei/python-base45 Base45 kirei bsd-2-clause 19    
https://github.com/cudeso/misp-training-environment Setting up a training environment for MISP cudeso   10    
https://github.com/berkgoksel/sysref Terminal Linux Syscall Reference Table for x86, x64, arm32 and arm64 berkgoksel mit 18    
https://github.com/airbus-seclab/bincat Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection airbus-seclab   1416    
https://github.com/jampp/pybloomfiltermmap Fast Python Bloom Filter using Mmap jampp mit 3    
https://github.com/prashnts/pybloomfiltermmap3 Fast Python Bloom Filter using Mmap prashnts mit 89    
https://github.com/mzucker/noteshrink Convert scans of handwritten notes to beautiful, compact PDFs mzucker mit 4750    
https://github.com/MiroKaku/DetoursX Kernel-Mode extended version of https://github.com/microsoft/Detours MiroKaku mit 69    
https://github.com/HanseSecure/credgrap_ie_edge Extract stored credentials from Internet Explorer and Edge HanseSecure gpl-3.0 303    
https://github.com/wowthemesnet/mundana-theme-jekyll Mundana is a free Jekyll theme, Medium styled. wowthemesnet   572    
https://github.com/lclevy/PyTac_verif a python tool to check French covid-19 vaccination certificate ECDSA signature lclevy gpl-2.0 7    
https://github.com/beryldb/beryldb BerylDB is a fully modular data structure data manager that can be used to store data as key-value entries. The server allows channel subscription and is optimized to be used as a cache repository. Supported structures include lists, sets, multimaps, and keys. beryldb bsd-3-clause 201    
https://github.com/Ignitetechnologies/Credential-Dumping This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks Ignitetechnologies   309    
https://github.com/W3ndige/aurora Malware similarity platform with modularity in mind. W3ndige other 71    
https://github.com/Viralmaniar/MurMurHash This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. Viralmaniar mit 76    
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack Set of EVTX samples (>170) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases. mdecrevoisier   327    
https://github.com/apache/superset Apache Superset is a Data Visualization and Data Exploration Platform apache apache-2.0 48897    
https://github.com/sthagen/thampiman-reverse-geocoder A fast, offline reverse geocoder in Python sthagen lgpl-2.1 2    
https://github.com/nhairs/nserver Python DNS Name Server Framework nhairs mit 6    
https://github.com/davidteather/TikTok-Api The Unofficial TikTok API Wrapper In Python davidteather mit 2744    
https://github.com/bradleytaunt/ET-Jekyll A minimal Jekyll theme inspired by Tufte CSS bradleytaunt mit 135    
https://github.com/riverloopsec/hashashin Hashashin: A Fuzzy Matching Tool for Binary Ninja riverloopsec mit 69    
https://github.com/riverloopsec/ninjadiff NinjaDiff is a binary diffing plugin for Binary Ninja. Read more on our blog, and contribute code & improvements! riverloopsec mit 46    
https://github.com/XiphosResearch/netelf Run executables from memory, over the network, on Windows, Linux, OpenVMS… routers… spaceships… toasters etc. XiphosResearch   265    
https://github.com/observablehq/plot A concise API for exploratory data visualization observablehq isc 2134    
https://github.com/knadh/listmonk High performance, self-hosted, newsletter and mailing list manager with a modern dashboard. Single binary app. knadh agpl-3.0 8804    
https://github.com/sdhash/sdhash similarity digest hashing tool sdhash apache-2.0 144    
https://github.com/google/oss-vulnerability-guide A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disclosure notifications. google cc-by-4.0 102    
https://github.com/medsec/kiasubc Cryptanalysis of KIASU-BC medsec other 2    
https://github.com/detectify/page-fetch Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values detectify mit 460    
https://github.com/brimdata/brimcap Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more) brimdata bsd-3-clause 36    
https://github.com/nsacyber/Event-Forwarding-Guidance Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber nsacyber other 730    
https://github.com/Spacial/awesome-csirt Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities. Spacial gpl-3.0 260    
https://github.com/secworks/trng True Random Number Generator core implemented in Verilog. secworks bsd-2-clause 51    
https://github.com/strontic/xcyclopedia Encyclopedia for Executables strontic mit 289    
https://github.com/center-for-threat-informed-defense/adversary_emulation_library An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs. center-for-threat-informed-defense apache-2.0 814    
https://github.com/pydio/cells Future-proof content collaboration platform pydio agpl-3.0 1360    
https://github.com/CiscoSecurity/tr-05-serverless-misp Threat Response integration for MISP Project CiscoSecurity mit 6    
https://github.com/ninoseki/whois-parser Yet another whois parser for Python ninoseki mit 3    
https://github.com/valayDave/arxiv-miner arxiv_miner is a toolkit for mining research papers on CS ArXiv. valayDave mit 96    
https://github.com/d3sre/IntelligentProcessLifecycle The Intelligent Process Lifecycle of Active Cyber Defenders d3sre   29    
https://github.com/CyCat-project/cycat-service CyCAT.org API back-end server including crawlers CyCat-project agpl-3.0 23    
https://github.com/davidlatwe/montydb Monty, Mongo tinified. MongoDB implemented in Python ! davidlatwe bsd-3-clause 516    
https://github.com/APIs-guru/openapi-directory 🌐 Wikipedia for Web APIs. Directory of REST API definitions in OpenAPI 2.0/3.x format APIs-guru cc0-1.0 2956    
https://github.com/ninoseki/whois-rest A RESTful whois ninoseki mit 4    
https://github.com/droher/etymology-db An open etymology dataset created using Wiktionary data. Contains 3.8M entries, 1.8M terms, 2900 languages, and 31 unique relationship types. droher apache-2.0 21    
https://github.com/wwwtyro/candygraph Fast by default, flexible 2D plotting library. wwwtyro unlicense 399    
https://github.com/bee-san/pyWhat 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it’ll tell you what it is! 🧙‍♀️ bee-san mit 5537    
https://github.com/CodingGay/BlackDex BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds. CodingGay apache-2.0 4142    
https://github.com/panther-labs/panther-analysis Built-in Panther detection rules and policies panther-labs agpl-3.0 202    
https://github.com/nimrodpar/Labeled-Elfs A collection of well labeled ELF binaries compiled from benign and malicious code in various ways. Great for exploring similarity in executables and training various ML models. nimrodpar mit 74    
https://github.com/EdgeSecurityTeam/Vulnerability 此项目将不定期从棱角社区对外进行公布一些最新漏洞。 EdgeSecurityTeam   2738    
https://github.com/jfmaes/SharpRDPDump Create a minidump of TermService for clear text pw extraction jfmaes   88    
https://github.com/georgenicolaou/icarus The Exploitation Toolkit Icarus is a cross platform software exploitation library that assists in the development of proof of concept exploit code. georgenicolaou   17    
https://github.com/python-restx/flask-restx Fork of Flask-RESTPlus: Fully featured framework for fast, easy and documented API development with Flask python-restx other 1650    
https://github.com/onnx/onnx Open standard for machine learning interoperability onnx apache-2.0 13496    
https://github.com/jordanpotti/AWSBucketDump Security Tool to Look For Interesting Files in S3 Buckets jordanpotti mit 1184    
https://github.com/gvalkov/rsstail.py A command-line syndication feed monitor gvalkov other 42    
https://github.com/yahoojapan/NGT Nearest Neighbor Search with Neighborhood Graph and Tree for High-dimensional Data yahoojapan apache-2.0 941    
https://github.com/EC-DIGIT-CSIRC/credentialLeakDB A database for storing, querying and doing stats on credential leaks EC-DIGIT-CSIRC   25    
https://github.com/zedeus/nitter Alternative Twitter front-end zedeus agpl-3.0 6032    
https://github.com/jart/redisbayes Naïve Bayesian Text Classifier on Redis jart   108    
https://github.com/lcashdol/UPX A utility to fix intentionally corrupted UPX packed files. lcashdol apache-2.0 52    
https://github.com/adulau/rss-tools A set of old and crappy RSS scripts to handle RSS in an Unix way. adulau   3    
https://github.com/pixelfed/pixelfed Photo Sharing. For Everyone. pixelfed agpl-3.0 3914    
https://github.com/Python-Markdown/markdown A Python implementation of John Gruber’s Markdown with Extension support. Python-Markdown other 3041    
https://github.com/Captain-P-Goldfish/scim-for-keycloak a third party module that extends keycloak by SCIM functionality Captain-P-Goldfish bsd-3-clause 110    
https://github.com/cloudtrust/keycloak-wsfed WS-Federation implementation for keycloak cloudtrust agpl-3.0 32    
https://github.com/matplotlib/cheatsheets Official Matplotlib cheat sheets matplotlib bsd-2-clause 6603    
https://github.com/smdu57/ail-feeder-vk   smdu57   2    
https://github.com/BushidoUK/CTI-Lexicon Dictionary of CTI-related acronyms, terms, and jargon BushidoUK   117    
https://github.com/hasherezade/hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). hasherezade bsd-2-clause 1456    
https://github.com/xwiki-labs/cryptpad Collaboration suite, end-to-end encrypted and open-source. xwiki-labs agpl-3.0 3948    
https://github.com/hedgedoc/container HedgeDoc container image resources hedgedoc   178    
https://github.com/vxcute/WindowsInternals Yet another windows internals repo vxcute   189    
https://github.com/slidevjs/slidev Presentation Slides for Developers slidevjs mit 23154    
https://github.com/farsightsec/dnsdbflex command line tool to use the DNSDB Flexible Search API extensions. farsightsec   12    
https://github.com/UnaPibaGeek/ctfr Abusing Certificate Transparency logs for getting HTTPS websites subdomains. UnaPibaGeek gpl-3.0 1651    
https://github.com/adobe/OSAS One Stop Anomaly Shop: Anomaly detection using two-phase approach: (a) pre-labeling using statistics, Natural Language Processing and static rules; (b) anomaly scoring using supervised and unsupervised machine learning. adobe apache-2.0 145    
https://github.com/c3rb3ru5d3d53c/mwdb-feeds A Modular MWDB Utility to Collect Fresh Malware Samples c3rb3ru5d3d53c bsd-3-clause 32    
https://github.com/Cr4sh/MicroBackdoor Small and convenient C2 tool for Windows targets. [ Русский – значит нахуй! ] Cr4sh gpl-3.0 449    
https://github.com/camptocamp/inkmap A library for generating high-quality, printable maps on the browser. camptocamp other 77    
https://github.com/endrazine/wcc The Witchcraft Compiler Collection endrazine other 1707    
https://github.com/D4-project/TinyCheck TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere. D4-project apache-2.0 3    
https://github.com/bstoilov/py3-pinterest Fully fledged Python Pinterest client bstoilov mit 218    
https://github.com/sa7mon/S3Scanner Scan for open S3 buckets and dump the contents sa7mon mit 1903    
https://github.com/pralab/secml_malware Create adversarial attacks against machine learning Windows malware detectors pralab gpl-3.0 137    
https://github.com/ion-storm/sysmon-edr Sysmon EDR POC Build within Powershell to prove ability. ion-storm   186    
https://github.com/P4T12ICK/Sigma-Rule-Repository Sigma Detection Rule Repository P4T12ICK gpl-3.0 69    
https://github.com/nccgroup/autochrome This tool downloads, installs, and configures a shiny new copy of Chromium. nccgroup apache-2.0 391    
https://github.com/ppwwyyxx/wechat-dump Cracking encrypted wechat message history from android ppwwyyxx gpl-3.0 1479    
https://github.com/TheWover/CertStealer A .NET tool for exporting and importing certificates without touching disk. TheWover mit 383    
https://github.com/Genivia/ugrep 🔍NEW ugrep v3.9: ultra fast grep with interactive TUI, fuzzy search, boolean queries, hexdumps and more: search file systems, source code, text, binary files, archives (cpio/tar/pax/zip), compressed files (gz/Z/bz2/lzma/xz/lz4/zstd), documents etc. A faster, user-friendly and compatible grep replacement. Genivia bsd-3-clause 1363    
https://github.com/JSCU-NL/logging-essentials A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention. JSCU-NL apache-2.0 215    
https://github.com/certtools/ieps IntelMQ Enhancement Proposals certtools   4    
https://github.com/mandiant/pulsesecure_exploitation_countermeasures   mandiant other 23    
https://github.com/D4-project/d4-pretensor Easing tor proxies botnet analysis D4-project   4    
https://github.com/0xrawsec/gene-rules   0xrawsec gpl-3.0 32    
https://github.com/ail-project/PyAIL Python library using the AIL Rest API ail-project other 6    
https://github.com/BSI-Bund/RdpCacheStitcher RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps. BSI-Bund   172    
https://github.com/brannondorsey/PassGAN A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440) brannondorsey mit 813    
https://github.com/DSecurity/efiSeek Ghidra analyzer for UEFI firmware. DSecurity apache-2.0 233    
https://github.com/domainaware/parsedmarc A Python package and CLI for parsing aggregate and forensic DMARC reports domainaware apache-2.0 610    
https://github.com/shadowsocks/shadowsocks-crypto Shadowsocks Crypto shadowsocks mit 32    
https://github.com/angr/fidget A tool to add simple inline patches to a binary to rearrange its stack frames, and other things! angr bsd-2-clause 43    
https://github.com/GaretJax/misp-tr-cli   GaretJax   1    
https://github.com/opensearch-project/OpenSearch 🔎 Open source distributed and RESTful search engine. opensearch-project apache-2.0 5939    
https://github.com/chrislee35/yaratool Python libary to normalize Yara signatures chrislee35   19    
https://github.com/Ch0pin/medusa Binary instrumentation framework based on FRIDA Ch0pin   790    
https://github.com/bloomberg/comdb2 Bloomberg’s distributed RDBMS bloomberg other 1169    
https://github.com/OAI/OpenAPI-Specification The OpenAPI Specification Repository OAI apache-2.0 25230    
https://github.com/microsoft/CyberBattleSim An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments. microsoft mit 1460    
https://github.com/cyb3rfox/Aurora-Incident-Response Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders cyb3rfox apache-2.0 553    
https://github.com/ValdikSS/GoodbyeDPI GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows) ValdikSS apache-2.0 7772    
https://github.com/chronicle/detection-rules Collection of YARA-L 2.0 sample rules for the Chronicle Detection API chronicle apache-2.0 107    
https://github.com/glitchedgitz/cook An overpower wordlist generator, splitter, merger, finder, saver, create words permutation and combinations, apply different encoding/decoding and everything you need. Frustation Killer!!! glitchedgitz mit 466    
https://github.com/akoksal/BERT-Sentiment-Analysis-Turkish Sentiment Analysis with BERT in Turkish Tweets akoksal gpl-3.0 101    
https://github.com/bilde2910/Hauk Open-source realtime location sharing bilde2910 apache-2.0 428    
https://github.com/fboldewin/misc_malware   fboldewin   37    
https://github.com/jorisschellekens/borb borb is a library for reading, creating and manipulating PDF files in python. jorisschellekens other 2835    
https://github.com/tbarabosch/apihash_to_yara Generates YARA rules to detect malware using API hashing tbarabosch apache-2.0 14    
https://github.com/sjewo/cartogram r package for cartogram creation sjewo   131    
https://github.com/jtleek/datasharing The Leek group guide to data sharing jtleek   6199    
https://github.com/ekamioka/datasharing The Leek group guide to data sharing ekamioka   1    
https://github.com/Coldzer0/Cmulator Cmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript Coldzer0 agpl-3.0 262    
https://github.com/revng/pagebuster PageBuster - dump all executable pages of packed processes. revng gpl-2.0 188    
https://github.com/trehn/termdown Countdown timer and stopwatch in your terminal trehn gpl-3.0 1090    
https://github.com/urbanadventurer/WhatWeb Next generation web scanner urbanadventurer gpl-2.0 4178    
https://github.com/ninoseki/mitaka A browser extension for OSINT search ninoseki mit 918    
https://github.com/dibsy/SLAEx86 SLAE x86 Assembly Language and Shellcoding on Linux dibsy   7    
https://github.com/williballenthin/siglib function identification signatures williballenthin apache-2.0 8    
https://github.com/axt/angr-utils Handy utilities for the angr binary analysis framework, most notably CFG visualization axt bsd-2-clause 225    
https://github.com/trimstray/the-book-of-secret-knowledge A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. trimstray mit 81702    
https://github.com/US-CBP/GTAS Global Travel Assessment System A passenger data screening and analysis system for enhancing global security US-CBP other 93  
https://github.com/actions/runner-images GitHub Actions runner images actions mit 6819    
https://github.com/3c7/yaramanager Simple yara rule manager 3c7 mit 65    
https://github.com/ayman/flickrsavr A preservation experiment to save photos from Flickr to your disk with the metadata embedded. ayman mit 16    
https://github.com/ninoseki/eml_analyzer EML analyzer is an application to analyze the EML file ninoseki mit 146    
https://github.com/quickwit-oss/tantivy Tantivy is a full-text search engine library inspired by Apache Lucene and written in Rust quickwit-oss mit 7224    
https://github.com/codeyourweb/irma enpoint detection / live analysis & sandbox host / signatures quality test codeyourweb mit 31    
https://github.com/GiulioRossetti/ndlib Network Diffusion Library - (for NetworkX and iGraph) GiulioRossetti bsd-2-clause 225    
https://github.com/lunasorcery/Blossom 4K Executable Graphics framework lunasorcery other 174    
https://github.com/Tylous/Limelighter A tool for generating fake code signing certificates or signing real ones Tylous mit 683    
https://github.com/jakejarvis/awesome-shodan-queries 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻 jakejarvis cc0-1.0 3548    
https://github.com/dwisiswant0/apkleaks Scanning APK file for URIs, endpoints & secrets. dwisiswant0 apache-2.0 3337    
https://github.com/liyansong2018/firmware-analysis-plus Simulate firmware with one click of firmadyne (使用 firmadyne 一键模拟固件) liyansong2018 mit 174    
https://github.com/falzm/burl Pure Bash HTTP client falzm mit 38    
https://github.com/newsviz/newsviz Project on text topics evolution over time analysis newsviz gpl-3.0 74    
https://github.com/palantir/phishcatch A browser extension and API server for detecting corporate password use on external websites palantir apache-2.0 73    
https://github.com/synacktiv/shannon-dbg Debugger for the Shannon Baseband synacktiv   52    
https://github.com/mxrch/GHunt 🕵️‍♂️ Offensive Google framework. mxrch mpl-2.0 12131    
https://github.com/MISP/misp-stix MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats MISP bsd-2-clause 20    
https://github.com/CERT-Polska/drakvuf-sandbox DRAKVUF Sandbox - automated hypervisor-level malware analysis system CERT-Polska other 729    
https://github.com/arvidn/torrent-tools tools for creating, inspecting and modifying torrent files arvidn bsd-3-clause 8    
https://github.com/gracenolan/Notes   gracenolan   929    
https://github.com/GONZOsint/gitrecon OSINT tool to get information from a Github and Gitlab profile and find user’s email addresses leaked on commits. GONZOsint gpl-3.0 208    
https://github.com/DIVD-NL/scanning   DIVD-NL   2    
https://github.com/KaanSK/Go-MISPFeedGenerator Golang implementation of PyMISP-feedgenerator KaanSK gpl-3.0 15    
https://github.com/Malfrats/xeuledoc Fetch information about a public Google document. Malfrats gpl-3.0 634    
https://github.com/can1357/NoVmp A static devirtualizer for VMProtect x64 3.x. powered by VTIL. can1357 gpl-3.0 1501    
https://github.com/PwC-IR/MIA-MailItemsAccessed- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features from the Office 365 Audit Log. PwC-IR   14    
https://github.com/PwC-IR/Office-365-Extractor The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL) PwC-IR   157    
https://github.com/didix21/mdutils Python package contains a set of basic tools that can help to create a markdown file. didix21 mit 135    
https://github.com/vp777/procrustes A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering vp777   207    
https://github.com/cisagov/CHIRP A DFIR tool written in Python. cisagov cc0-1.0 1041    
https://github.com/mattermost/focalboard Focalboard is an open source, self-hosted alternative to Trello, Notion, and Asana. mattermost other 13402    
https://github.com/justfoxing/ghidra_bridge Python 3 bridge to Ghidra’s Python scripting justfoxing mit 232    
https://github.com/domenukk/strudra Use Ghidra Structs in Python domenukk mit 26    
https://github.com/gloxec/CrossC2 generate CobaltStrike’s cross-platform payload gloxec   1516    
https://github.com/alexandreborges/malwoverview Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT. alexandreborges gpl-3.0 1959    
https://github.com/speedata/publisher speedata Publisher - a professional database Publishing system speedata agpl-3.0 245    
https://github.com/GraxCode/threadtear Multifunctional java deobfuscation tool suite GraxCode gpl-3.0 684    
https://github.com/intelowlproject/IntelOwl Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale intelowlproject agpl-3.0 2441    
https://github.com/chasemccoy/museo 🏛 Museo is a tool for finding images in the public domain from some of the best museums in the world. chasemccoy   50    
https://github.com/mentebinaria/retoolkit Reverse Engineer’s Toolkit mentebinaria apache-2.0 3436    
https://github.com/marjatech/threatfox2misp Creating a Feed of MISP Events from ThreatFox (by abuse.ch) marjatech gpl-3.0 18    
https://github.com/doyensec/regexploit Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service) doyensec apache-2.0 641    
https://github.com/bbalet/jorani Leave and Overtime Management System bbalet agpl-3.0 329    
https://github.com/ancailliau/YadaYara   ancailliau agpl-3.0 6    
https://github.com/hedgedoc/hedgedoc HedgeDoc - The best platform to write and share markdown. hedgedoc agpl-3.0 3327    
https://github.com/hedgedoc/cli A tiny CLI for HedgeDoc hedgedoc agpl-3.0 126    
https://github.com/brython-dev/brython Brython (Browser Python) is an implementation of Python 3 running in the browser brython-dev bsd-3-clause 5851    
https://github.com/ckan/ckan CKAN is an open-source DMS (data management system) for powering data hubs and data portals. CKAN makes it easy to publish, share and use data. It powers catalog.data.gov, open.canada.ca/data, data.humdata.org among many other sites. ckan other 3579    
https://github.com/QKaiser/voodoo This repository holds proof-of-concepts for the VOOdoo vulnerabilities found in NETGEAR CG3100 and CG3700B cable modems provided by VOO to its subscribers. QKaiser   14    
https://github.com/amuehlem/MISP-RPM RPM packages for MISP amuehlem   24    
https://github.com/rsharo/bgrep Binary Grep rsharo   42    
https://github.com/beerfactory/hbmqtt MQTT client/broker using Python asynchronous I/O beerfactory mit 768    
https://github.com/markdown-it/markdown-it Markdown parser, done right. 100% CommonMark support, extensions, syntax plugins & high speed markdown-it mit 14391    
https://github.com/qeeqbox/social-analyzer API, CLI, and Web App for analyzing and finding a person’s profile in 1000 social media \ websites qeeqbox agpl-3.0 9414    
https://github.com/qeeqbox/chameleon 19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic and ldap) qeeqbox agpl-3.0 516    
https://github.com/evildmp/C-is-for-Camera A 35mm camera, based on the Canonet G-III QL17 rangefinder, modelled in Python. evildmp   146    
https://github.com/Ariana1729/RSA-is-alive Implementation of https://eprint.iacr.org/2021/232 Ariana1729   92    
https://github.com/microsoft/CSS-Exchange Exchange Server support tools and scripts microsoft mit 1071    
https://github.com/hzbd/kazam A screencasting program created with design in mind.(https://launchpad.net/kazam) hzbd gpl-3.0 294    
https://github.com/c0ny1/vulstudy 使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。 c0ny1   1717    
https://github.com/csirt-tooling-org/tooling-directory Tools used by CSIRT and especially in the scope of CNW csirt-tooling-org   10    
https://github.com/MISP/misp-book User guide of MISP MISP   193    
https://github.com/mbrengel/yarix   mbrengel   54    
https://github.com/metebalci/pdftitle a utility to extract the title from a PDF file metebalci gpl-3.0 86    
https://github.com/jart/cosmopolitan build-once run-anywhere c library jart isc 9485    
https://github.com/irevenko/tsukae 🐚📊 Show off your most used shell commands irevenko mit 431    
https://github.com/trailofbits/graphtage A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV. trailofbits lgpl-3.0 2171    
https://github.com/nymtech/nym Nym provides strong network-level privacy against sophisticated end-to-end attackers, and anonymous transactions using blinded, re-randomizable, decentralized credentials. nymtech   621    
https://github.com/iluxonchik/rfc-bibtex A command line tool that creates bibtex entries for IETF RFCs and Internet Drafts. iluxonchik mit 43    
https://github.com/pydata/xarray N-D labeled arrays and datasets in Python pydata apache-2.0 2733    
https://github.com/karlicoss/myinfra A diagram of my personal infrastructure karlicoss mit 37    
https://github.com/loseys/BlackMamba C2/post-exploitation framework loseys mit 866    
https://github.com/FrenchCisco/RATel RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software. FrenchCisco mit 217    
https://github.com/cert-orangecyberdefense/datalake_misp_integration   cert-orangecyberdefense   3    
https://github.com/effgarces/BookedScheduler Repository for the last open source version of Booked Scheduler. The “develop” branch contains the most current working code of the project and should be considered beta. The “master” branch is the most current stable release of BookedScheduler. Please read doc/README.md for further details. effgarces gpl-3.0 239    
https://github.com/honkit/honkit :book: HonKit is building beautiful books using Markdown - Fork of GitBook honkit apache-2.0 2344    
https://github.com/misterch0c/CrimeBoards A list of private and public (more or less) blackhat boards misterch0c   214    
https://github.com/threatgrid/ctia Cisco Threat Intelligence API threatgrid epl-1.0 51    
https://github.com/projectdiscovery/mapcidr Small utility program to perform multiple operations for a given subnet/CIDR ranges. projectdiscovery mit 566    
https://github.com/f0wl/MalwareLab_VM-Setup Setup scripts for my Malware Analysis VMs f0wl gpl-3.0 210    
https://github.com/projectdiscovery/nuclei Fast and customizable vulnerability scanner based on simple YAML based DSL. projectdiscovery mit 10399    
https://github.com/easylist/easylist EasyList filter subscription (EasyList, EasyPrivacy, EasyList Cookie, Fanboy’s Social/Annoyances/Notifications Blocking List) easylist   1408    
https://github.com/nitefood/asn ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server nitefood mit 680    
https://github.com/itm4n/Perfusion Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012) itm4n   397    
https://github.com/jeffjbowie/intelligence_gathering   jeffjbowie   23    
https://github.com/deepmind/tree tree is a library for working with nested data structures deepmind apache-2.0 783    
https://github.com/zoobab/mobib-extractor MOBIB-extractor allows you to read the data stored on your STIB Mobib card zoobab   17    
https://github.com/jackullrich/syscall-detect PoC capable of detecting manual syscalls from usermode. jackullrich   120    
https://github.com/pablomarle/networkmaps Online network diagram editor pablomarle mit 86    
https://github.com/MBCProject/mbc-markdown MBC content in markdown MBCProject   195    
https://github.com/ambrop72/badvpn NCD scripting language, tun2socks proxifier, P2P VPN ambrop72 other 1702    
https://github.com/allegro/ralph Ralph is the CMDB / Asset Management system for data center and back office hardware. allegro apache-2.0 1898    
https://github.com/cyberark/BlobHunter Find exposed data in Azure with this public blob scanner cyberark mit 240    
https://github.com/tidwall/ptree A data structure for storing points. tidwall mit 17    
https://github.com/sthagen/asenci-uipcalc Universal (IPv4/IPv6) CIDR calculator sthagen isc 4    
https://github.com/superbaud/HEAI fun with GSM superbaud   1    
https://github.com/jonasstrehle/supercookie ⚠️ Browser fingerprinting via favicon! jonasstrehle mit 3987    
https://github.com/open-sdr/openwifi open-source IEEE 802.11 WiFi baseband FPGA (chip) design: driver, software open-sdr agpl-3.0 2736    
https://github.com/srsran/srsRAN Open source SDR 4G/5G software suite from Software Radio Systems (SRS) srsran agpl-3.0 2805    
https://github.com/vixie/cron Vixie Cron, an open source implementation of POSIX Cron, later imported into BSD and Linux vixie other 27    
https://github.com/dataspectra/base-station-mapping   dataspectra gpl-3.0 4    
https://github.com/frictionlessdata/schema-collaboration Carles Pina Estany’s 2020 Tool Fund: data managers and researchers collaborate to write the Frictionless Data packages, tabular schemas, etc. frictionlessdata mit 15    
https://github.com/medialab/minet A webmining CLI tool & library for python. medialab gpl-3.0 156    
https://github.com/Guillaume-Levrier/PANDORAE A data retrieval & exploration protocol designed to investigate science and policy processes Guillaume-Levrier mit 5    
https://github.com/medialab/gazouilloire Twitter stream + search API grabber medialab gpl-3.0 94    
https://github.com/medialab/hyphe-browser Browser version of Hyphe (WIP) medialab agpl-3.0 25    
https://github.com/ossf/wg-securing-critical-projects Helping allocate resources to secure the critical open source projects we all depend on. ossf apache-2.0 244    
https://github.com/ossf/criticality_score Gives criticality score for an open source project ossf apache-2.0 1095    
https://github.com/spyder-ide/spyder Official repository for Spyder - The Scientific Python Development Environment spyder-ide mit 7235    
https://github.com/phage-nz/infosec-bazaar A collection of infosec related scripts and information. phage-nz   55    
https://github.com/ail-project/ail-feeder-telegram External telegram feeder for AIL framework ail-project agpl-3.0 6    
https://github.com/microsoft/graspologic Python package for graph statistics microsoft mit 268    
https://github.com/counteractive/incident-response-plan-template A concise, directive, specific, flexible, and free incident response plan template counteractive other 355    
https://github.com/ifduyue/python-xxhash Python Binding for xxHash ifduyue bsd-2-clause 294    
https://github.com/m8sec/pymeta Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions. m8sec gpl-3.0 300    
https://github.com/CyCat-project/cycat-taxonomy CyCAT.org taxonomies CyCat-project   13    
https://github.com/CyCat-project/cycat-project-website   CyCat-project mit 3    
https://github.com/berneout/berneout-pledge a simple tool for hassle-free open-source contribution licensing berneout   31    
https://github.com/RedLectroid/OverThruster HID attack payload generator for Arduinos RedLectroid gpl-3.0 145    
https://github.com/googleworkspace/md2googleslides Generate Google Slides from markdown googleworkspace apache-2.0 4270    
https://github.com/MITRECND/malchive Various capabilities for static malware analysis. MITRECND other 65    
https://github.com/clong/DetectionLab Automate the creation of a lab environment complete with security tooling and logging best practices clong mit 3946    
https://github.com/0xn0ne/weblogicScanner weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883 0xn0ne   1536    
https://github.com/theevilbit/injection   theevilbit   699    
https://github.com/angr/phuzzer The new phuzzing framework! angr bsd-2-clause 132    
https://github.com/Lookyloo/scraping-tutorial This tutorial explains the benefits, pitfalls, and limitations of scraping, and why Lookyloo is an important tool. Lookyloo mit 8    
https://github.com/poljar/matrix-nio A Python Matrix client library, designed according to sans I/O (http://sans-io.readthedocs.io/) principles poljar other 386    
https://github.com/anthonynsimon/timeflake Timeflake is a 128-bit, roughly-ordered, URL-safe UUID. anthonynsimon mit 795    
https://github.com/CyCat-project/cycat-logo Logo of the CyCat.org project CyCat-project   1    
https://github.com/MISP/matrix-misp-bot Very basic MISP bot for matrix. MISP apache-2.0 5    
https://github.com/ayushoriginal/Sentiment-Analysis-Twitter :mortar_board:RESEARCH [NLP :thought_balloon:] We use different feature sets and machine learning classifiers to determine the best combination for sentiment analysis of twitter. ayushoriginal   726    
https://github.com/zyw-200/FirmAFL FIRM-AFL is the first high-throughput greybox fuzzer for IoT firmware. zyw-200   354    
https://github.com/danielplohmann/smda SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps. danielplohmann bsd-2-clause 179    
https://github.com/vkbo/novelWriter novelWriter is an open source plain text editor designed for writing novels. It supports a minimal markdown-like syntax for formatting text. It is written with Python 3 (3.7+) and Qt 5 (5.10+) for cross-platform support. vkbo gpl-3.0 1402    
https://github.com/InfiniTimeOrg/InfiniTime Firmware for Pinetime smartwatch written in C/C++ and based on FreeRTOS InfiniTimeOrg gpl-3.0 1858    
https://github.com/py7hagoras/CovenantTasks Source for tasks I have used with Covenant py7hagoras   123    
https://github.com/mailvelope/keyserver A simple OpenPGP public key server that validates email address ownership of uploaded keys. mailvelope agpl-3.0 311    
https://github.com/ForensicITGuy/handy-cti Resources I’ve found useful for my CTI work ForensicITGuy mit 5    
https://github.com/OTRF/Security-Datasets Re-play Security Events OTRF mit 1311    
https://github.com/kryptoslogic/binja_degobfuscate Fix Go obfuscated binaries that were obfuscated using gobfuscator kryptoslogic mit 42    
https://github.com/igrigorik/gharchive.org GH Archive is a project to record the public GitHub timeline, archive it, and make it easily accessible for further analysis. igrigorik mit 2334    
https://github.com/dbarzin/mercator Cartographie du système d’information / Mapping the information system dbarzin gpl-3.0 77    
https://github.com/mohlcyber/MISP-STIX-ESM Exports MISP events to STIX and ingest into McAfee ESM mohlcyber   14    
https://github.com/nccgroup/pybeacon A collection of scripts for dealing with Cobalt Strike beacons in Python nccgroup   161    
https://github.com/hatari/hatari The Atari ST, STE, TT and Falcon emulator. This is a mirror repository, the official one can be found on https://hatari.tuxfamily.org/ hatari   51    
https://github.com/google/trillian A transparent, highly scalable and cryptographically verifiable data store. google apache-2.0 3151    
https://github.com/vertrex/DFF DFF (Digital Forensics Framework) vertrex gpl-2.0 9    
https://github.com/rsd-devel/rsd RSD: RISC-V Out-of-Order Superscalar Processor rsd-devel apache-2.0 719    
https://github.com/cedowens/C2-JARM A list of JARM hashes for different ssl implementations used by some C2/red team tools. cedowens   101    
https://github.com/tailwindlabs/heroicons A set of free MIT-licensed high-quality SVG icons for UI development. tailwindlabs mit 17016    
https://github.com/disclose/diodata Tools, data, and contact lists relevant to The disclose.io Project. disclose gpl-3.0 304    
https://github.com/d0c-s4vage/gramfuzz gramfuzz is a grammar-based fuzzer that lets one define complex grammars to generate text and binary data formats. d0c-s4vage mit 229    
https://github.com/goretk/redress Redress - A tool for analyzing stripped Go binaries goretk agpl-3.0 651    
https://github.com/daniel-thompson/wasp-os A MicroPython based development environment for smart watches (including Pine64 PineTime) daniel-thompson gpl-3.0 598    
https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence Defences against Cobalt Strike MichaelKoczwara mit 1151    
https://github.com/mori-b/aioconnectors Simple secure asynchronous message queue mori-b apache-2.0 18    
https://github.com/codenotary/immudb immudb - immutable database based on zero trust, SQL and Key-Value, tamperproof, data change history codenotary apache-2.0 7940    
https://github.com/VeryBueno/bash-websocket-server Websocket server written in bash VeryBueno   11    
https://github.com/sinwindie/OSINT Collections of tools and methods created to aid in OSINT collection sinwindie   1795    
https://github.com/ethereal-vx/Antivirus-Artifacts Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot. ethereal-vx   641    
https://github.com/TDAmeritrade/stumpy STUMPY is a powerful and scalable Python library for modern time series analysis TDAmeritrade other 2402    
https://github.com/jgamblin/CVEHeatMap A CVE Heatmap Using CalPlot jgamblin mit 98    
https://github.com/antvis/G6 ♾ A Graph Visualization Framework in JavaScript antvis mit 9299    
https://github.com/salesforce/jarm   salesforce bsd-3-clause 808    
https://github.com/CERT-Polska/karton Distributed malware processing framework based on Python, Redis and S3. CERT-Polska bsd-3-clause 294    
https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process. center-for-threat-informed-defense apache-2.0 333    
https://github.com/dask/fastparquet python implementation of the parquet columnar file format. dask apache-2.0 614    
https://github.com/apache/parquet-format Apache Parquet apache apache-2.0 1200    
https://github.com/madaidans-insecurities/madaidans-insecurities.github.io   madaidans-insecurities   92    
https://github.com/mattsse/voyager crawl and scrape web pages in rust mattsse apache-2.0 532    
https://github.com/NoDataFound/RiskIQ.SunBurst.Hunter The Purpose of this research tool is to provide a Python client into RiskIQ API services. NoDataFound   21    
https://github.com/WillOram/cyber-incident-management Notes on managing and coordinating the response to major cyber incidents WillOram other 24    
https://github.com/darcosion/limier Limier est un petit outil en CLI permettant de trouver un flux RSS quand il est planqué sur un site. darcosion mpl-2.0 17    
https://github.com/ninoseki/mmhdan Calculate fingerprints of a website for OSINT search ninoseki mit 38    
https://github.com/paulgb/Treeverse A browser extension for navigating burgeoning Twitter conversations paulgb mit 469    
https://github.com/hacklcx/HFish 安全、可靠、简单、免费的企业级蜜罐 hacklcx   3388    
https://github.com/projectdiscovery/naabu A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests projectdiscovery mit 2733    
https://github.com/Cretezy/dSock Distributed WebSocket broker Cretezy mit 215    
https://github.com/KasperskyLab/TinyCheck TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere. KasperskyLab apache-2.0 2608    
https://github.com/cisagov/Sparrow Sparrow.ps1 was created by CISA’s Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment. cisagov cc0-1.0 1348    
https://github.com/mlkui/chrome-cookie-password-decryption The decryption implementation of Chrome cookie(encrypted_value) and password(password_value) on Windows with Java mlkui   15    
https://github.com/Cgboal/SonarSearch A rapid API for the Project Sonar dataset Cgboal mit 592    
https://github.com/pielco11/fav-up IP lookup by favicon using Shodan pielco11 mit 781    
https://github.com/devanshbatham/FavFreak Making Favicon.ico based Recon Great again ! devanshbatham mit 846    
https://github.com/Te-k/harpoon CLI tool for open source and threat intelligence Te-k gpl-3.0 995    
https://github.com/bytedance/terarkdb A RocksDB compatible KV storage engine with better performance bytedance apache-2.0 1776    
https://github.com/jech/galene The Galène videoconference server jech mit 702    
https://github.com/joewalnes/websocketd Turn any program that uses STDIN/STDOUT into a WebSocket server. Like inetd, but for WebSockets. joewalnes bsd-2-clause 16397    
https://github.com/ITAYC0HEN/SUNBURST-Cracked The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations. ITAYC0HEN   57    
https://github.com/icedland/iced Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for .NET, Rust, Python, JavaScript icedland mit 1976    
https://github.com/BorjaMerino/Pazuzu Pazuzu: Reflective DLL to run binaries from memory BorjaMerino   215    
https://github.com/sdcampbell/Internal-Pentest-Playbook Internal Network Penetration Test Playbook sdcampbell   706    
https://github.com/closeio/socketshark A WebSocket message router based on Python/Redis/asyncio closeio mit 83    
https://github.com/0xdefendA/policies Open source information security policies 0xdefendA mpl-2.0 13    
https://github.com/google/security-research-pocs Proof-of-concept codes created as part of security research done by Google Security Team. google apache-2.0 1798    
https://github.com/owncast/owncast Take control over your live stream video by running it yourself. Streaming + chat out of the box. owncast mit 6625    
https://github.com/cve-search/CveXplore CveXplore cve-search gpl-3.0 21    
https://github.com/CaliDog/certstream-server Certificate Transparency Log aggregation, parsing, and streaming service written in Elixir CaliDog mit 165    
https://github.com/volatilityfoundation/volatility An advanced memory forensics framework volatilityfoundation gpl-2.0 5710    
https://github.com/Cn33liz/p0wnedShell PowerShell Runspace Post Exploitation Toolkit Cn33liz bsd-3-clause 1449    
https://github.com/bellingcat/instagram-location-search Finds Instagram location IDs near a specified latitude and longitude. bellingcat mit 302    
https://github.com/bambenek/research   bambenek cc0-1.0 98    
https://github.com/davidsonmizael/dwarf Tiny botnet client that is controlled by a remote blog davidsonmizael   5    
https://github.com/damnever/pigar :coffee: A tool to generate requirements.txt for Python project, and more than that. (IT IS NOT A PACKAGE MANAGEMENT TOOL) damnever bsd-3-clause 1336    
https://github.com/DongyunLee/vulnerability_db The Personal Database about CNVD DongyunLee other 2    
https://github.com/RedDrip7/SunBurst_DGA_Decode SunBurst DGA Decode Script RedDrip7   206    
https://github.com/mandiant/sunburst_countermeasures   mandiant other 548    
https://github.com/rackerlabs/scantron A distributed nmap / masscan scanning framework complete with scan scheduling, engine pooling, subsequent scan port diff-ing, and an API client for automation workflows. rackerlabs apache-2.0 684    
https://github.com/TheEconomist/covid-19-excess-deaths-tracker Source code and data for The Economist’s covid-19 excess deaths tracker TheEconomist   632    
https://github.com/BinaryAnalysisPlatform/bap Binary Analysis Platform BinaryAnalysisPlatform mit 1716    
https://github.com/facontidavide/PlotJuggler The Time Series Visualization Tool that you deserve. facontidavide mpl-2.0 3124    
https://github.com/tromp/cuckoo a memory-bound graph-theoretic proof-of-work system tromp other 780    
https://github.com/mandiant/red_team_tool_countermeasures   mandiant other 2544    
https://github.com/DNSCrypt/dnscrypt-resolvers Lists of public DNSCrypt / DoH DNS servers and DNS relays DNSCrypt   865    
https://github.com/RichieB2B/nioc No Indicators of Compromise RichieB2B agpl-3.0 3    
https://github.com/coredns/coredns CoreDNS is a DNS server that chains plugins coredns apache-2.0 9918    
https://github.com/oskarsve/ms-teams-rce   oskarsve   1085    
https://github.com/filesender/filesender FileSender server software filesender bsd-3-clause 157    
https://github.com/ufrisk/MemProcFS The Memory Process File System ufrisk agpl-3.0 1580    
https://github.com/LLVM-but-worse/maple-ir Industrial IR-based static analysis framework for Java bytecode LLVM-but-worse gpl-3.0 47    
https://github.com/gallypette/Fortigate Extract Useful info from SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) gallypette gpl-3.0 1    
https://github.com/beurtschipper/Depix Recovers passwords from pixelized screenshots beurtschipper other 22897    
https://github.com/deepseagirl/degoogle search Google and extract results directly. skip all the click-through links and other sketchiness deepseagirl mit 469    
https://github.com/3c7/infrastructure-tracking-schema   3c7 mit 22    
https://github.com/rabbitstack/fibratus A modern tool for Windows kernel exploration and tracing with a focus on security rabbitstack other 1657    
https://github.com/0xchase/modality Symbolic execution in radare2 with angr 0xchase   40    
https://github.com/mhx/dwarfs A fast high compression read-only file system mhx gpl-3.0 1001    
https://github.com/Mebus/cupp Common User Passwords Profiler (CUPP) Mebus gpl-3.0 3066    
https://github.com/ioerror/csidh-reference-implementation   ioerror other 3    
https://github.com/ggerganov/dot-to-ascii Graphviz to ASCII converter using Graph::Easy ggerganov mit 324    
https://github.com/redshiftzero/awesome-threat-modeling a curated list of useful threat modeling resources redshiftzero apache-2.0 91    
https://github.com/x0rz/tweetentropy Twitter as an extra entropy source x0rz gpl-3.0 93    
https://github.com/matrix-org/dendrite Dendrite is a second-generation Matrix homeserver written in Go! matrix-org apache-2.0 4013    
https://github.com/0xcpu/bonomen BONOMEN - Hunt for Malware Critical Process Impersonation 0xcpu gpl-3.0 42    
https://github.com/Apr4h/CobaltStrikeScan Scan files or process memory for CobaltStrike beacons and parse their configuration Apr4h mit 756    
https://github.com/WerWolv/ImHex 🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. WerWolv gpl-2.0 22314    
https://github.com/vector-im/element-ios A glossy Matrix collaboration client for iOS vector-im apache-2.0 1468    
https://github.com/tchapgouv/tchap-ios A Matrix client for iOS tchapgouv apache-2.0 51    
https://github.com/matrix-org/synapse Synapse: Matrix homeserver written in Python/Twisted. matrix-org apache-2.0 10110    
https://github.com/KonradIT/parler-py-api UNOFFICIAL Python API to interface with Parler.com KonradIT   54    
https://github.com/ma1uta/ma1sd Federated Matrix Identity Server (formerly fork of kamax/mxisd) ma1uta agpl-3.0 154    
https://github.com/DissectMalware/XLMMacroDeobfuscator Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros) DissectMalware apache-2.0 500    
https://github.com/willglynn/pdb A parser for Microsoft PDB (Program Database) debugging information willglynn apache-2.0 267    
https://github.com/opensanctions/opensanctions An open database of international sanctions data, persons of interest and politically exposed persons opensanctions mit 318    
https://github.com/jakobwesthoff/prettytable.sh A shell script to pretty print tabular data into the terminal jakobwesthoff bsd-2-clause 28    
https://github.com/MontFerret/ferret Declarative web scraping MontFerret apache-2.0 5108    
https://github.com/nrdmn/elbrus-docs   nrdmn   58    
https://github.com/MythicAgents/Nimplant DEPRECATED - A cross-platform implant written in Nim MythicAgents bsd-3-clause 152    
https://github.com/cudeso/rsit-attck Link RSIT with ATT&CK cudeso   3    
https://github.com/vxunderground/MalwareSourceCode Collection of malware source code for a variety of platforms in an array of different programming languages. vxunderground   11493    
https://github.com/benreardon-sfdc/fatt FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic benreardon-sfdc bsd-3-clause 3    
https://github.com/hugsy/ctfpad An OK way to manage CTFs for teams playing CTFs hugsy   52    
https://github.com/iceychris/LibreASR :speech_balloon: An On-Premises, Streaming Speech Recognition System iceychris mit 683    
https://github.com/ComodoSecurity/openedr Open EDR public repository ComodoSecurity other 1593    
https://github.com/telekom-security/explo Human and machine readable web vulnerability testing format telekom-security gpl-3.0 152    
https://github.com/solemnwarning/rehex Reverse Engineers’ Hex Editor solemnwarning gpl-2.0 2032    
https://github.com/nneonneo/universal-doom A single .exe binary which runs DOOM on DOS 6, Windows 95 and Windows 10 (and probably everything in between). nneonneo   252    
https://github.com/D4-project/passive-ssh A Passive SSH back-end and scanner. D4-project agpl-3.0 92    
https://github.com/ulixee/secret-agent The web scraper that’s nearly impossible to block - now called @ulixee/hero ulixee mit 537    
https://github.com/subat0mik/whoamsi An effort to track security vendors’ use of Microsoft’s Antimalware Scan Interface subat0mik gpl-3.0 149    
https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries Sample queries for Advanced hunting in Microsoft 365 Defender microsoft mit 1556    
https://github.com/davidpany/WMI_Forensics   davidpany   241    
https://github.com/quentinhardy/pytmipe Python library and client for token manipulations and impersonations for privilege escalation on Windows quentinhardy   115    
https://github.com/ralphje/signify Module to generate and verify PE signatures ralphje other 28    
https://github.com/gmsoft-tuxicoman/packet-o-matic Network forensic tool. Please use pom-ng instead. gmsoft-tuxicoman   1    
https://github.com/ovh/the-bastion Authentication, authorization, traceability and auditability for SSH accesses. ovh other 1140    
https://github.com/Freakboy/CobaltStrike CobaltStrike’s source code Freakboy   1361    
https://github.com/DevoInc/feeds   DevoInc mit 1    
https://github.com/Te-k/pecli CLI tool to analyze PE files Te-k mit 67    
https://github.com/NLnetLabs/routinator An RPKI Validator and RTR server written in Rust NLnetLabs bsd-3-clause 328    
https://github.com/cerebrate-project/cerebrate-docker   cerebrate-project agpl-3.0 4    
https://github.com/fastavro/fastavro Fast Avro for Python fastavro mit 531    
https://github.com/sq5bpf/etherify Etherify - bringing the ether back to ethernet sq5bpf gpl-3.0 335    
https://github.com/jlevy/the-art-of-command-line Master the command line, in one page jlevy   114958    
https://github.com/firmadyne/scraper Firmware scraper firmadyne mit 97    
https://github.com/alwashmi/MasterParser MasterParser is a simple, all-in-one, digital forensics artifact parser alwashmi gpl-3.0 18    
https://github.com/muteb/Hoarder This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole har drive. muteb gpl-3.0 131    
https://github.com/QuoSecGmbH/grap grap: define and match graph patterns within binaries QuoSecGmbH mit 149    
https://github.com/bitdefender/bddisasm bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior. bitdefender apache-2.0 706    
https://github.com/crossroadsfpga/pigasus 100Gbps Intrusion Detection and Prevention System crossroadsfpga   599    
https://github.com/yogsototh/ymetapost A better interface to metapost for generating graphs for the web yogsototh   5    
https://github.com/threatgrid/ctim Cisco Threat Intellligence Model threatgrid epl-1.0 55    
https://github.com/rnpgp/rnp RNP: high performance C++ OpenPGP library used by Mozilla Thunderbird rnpgp other 147    
https://github.com/fonsp/Pluto.jl 🎈 Simple reactive notebooks for Julia fonsp mit 4188    
https://github.com/somenonymous/OshiUpload Ephemeral file sharing engine somenonymous wtfpl 98    
https://github.com/kam800/MachObfuscator MachObfuscator is a programming-language-agnostic Mach-O apps obfuscator for Apple platforms. kam800 mit 476    
https://github.com/samyk/slipstream NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall, just by anyone on the victim’s network visiting a website samyk   1748    
https://github.com/mozilla/DeepSpeech DeepSpeech is an open source embedded (offline, on-device) speech-to-text engine which can run in real time on devices ranging from a Raspberry Pi 4 to high power GPU servers. mozilla mpl-2.0 20503    
https://github.com/target/halogen Automatically create YARA rules from malicious documents. target mit 191    
https://github.com/Cyan4973/xxHash Extremely fast non-cryptographic hash algorithm Cyan4973 other 6722    
https://github.com/jxy-s/herpaderping Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process. jxy-s mit 898    
https://github.com/libyal/libevt Library and tools to access the Windows Event Log (EVT) format libyal lgpl-3.0 52    
https://github.com/linuxthor/slimpack Toolkit for building encrypted file loaders for single source file NASM projects (uses AES-NI instructions) linuxthor   3    
https://github.com/Jana-Marie/EF-S-Adapter https://twitter.com/_Jana_Marie/status/1317520812761546753 Jana-Marie mit 93    
https://github.com/omerbenamram/pyevtx-rs Python bindings for https://github.com/omerbenamram/evtx/ omerbenamram   35    
https://github.com/Binary-Hackers/42_Subjects All Subjects of 42 School Binary-Hackers   930    
https://github.com/RedisGraph/redisgraph-py RedisGraph python client RedisGraph bsd-3-clause 185    
https://github.com/RedisGraph/RedisGraph A graph database as a Redis module RedisGraph other 1749    
https://github.com/Lichtsinnig/EVTX-ATTACK-SAMPLES   Lichtsinnig   9    
https://github.com/mitre/advmlthreatmatrix Adversarial Threat Landscape for AI Systems mitre   917    
https://github.com/mitre-attack/attack-datasources This content is analysis and research of the data sources currently listed in ATT&CK. mitre-attack apache-2.0 325    
https://github.com/antham/yogo Check yopmail mails and inboxes from command line. antham mit 26    
https://github.com/OSMNames/OSMNames Data for place names from OpenStreetMap prepared for fulltext search. Downloadable. Ranked. With bbox and hierarchy. Ready for geocoding. OSMNames gpl-2.0 287    
https://github.com/bcmc/oss \B\C\M\C\ Open Source Software bcmc   17    
https://github.com/peering-manager/peering-manager BGP sessions management tool peering-manager apache-2.0 345    
https://github.com/geovista/GeoCorpora The GeoCorpora project aims at creating corpora of fully geo-annotated texts (in particular microblog texts) and developing tools to support the corpus building process using crowd-sourcing and visual analytics approaches. Created corpora will be made publicly available in this repository. A first corpus of ~6000 geo-annotated tweets will be published here in the near future. geovista   15    
https://github.com/geovista/GeoTxt   geovista lgpl-3.0 20    
https://github.com/thampiman/reverse-geocoder A fast, offline reverse geocoder in Python thampiman lgpl-2.1 1787    
https://github.com/gaspardpetit/base64   gaspardpetit   77    
https://github.com/Hironsan/anago Bidirectional LSTM-CRF and ELMo for Named-Entity Recognition, Part-of-Speech Tagging and so on. Hironsan mit 1463    
https://github.com/fastai/fastai The fastai deep learning library fastai apache-2.0 22940    
https://github.com/sebastianruder/NLP-progress Repository to track the progress in Natural Language Processing (NLP), including the datasets and the current state-of-the-art for the most common NLP tasks. sebastianruder mit 21029    
https://github.com/RoiArthurB/Side-Auto_Sci-Hub Cross-Browser Plugin to open Sci-Hub 🗝 page with the article from your current tab RoiArthurB gpl-3.0 226    
https://github.com/adobe/stringlifier Stringlifier is on Opensource ML Library for detecting random strings in raw text. It can be used in sanitising logs, detecting accidentally exposed credentials and as a pre-processing step in unsupervised ML-based analysis of application text data. adobe apache-2.0 143    
https://github.com/trendmicro/telfhash Symbol hash for ELF files trendmicro apache-2.0 70    
https://github.com/ail-project/ail-feeder-jsonlogs Aggregate json log lines and push to AIL framework. ail-project agpl-3.0 1    
https://github.com/americanexpress/earlybird EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more. americanexpress apache-2.0 514    
https://github.com/microsoftgraph/security-api-solutions Microsoft Graph Security API applications and services. microsoftgraph mit 189    
https://github.com/matthewwithanm/python-markdownify Convert HTML to Markdown matthewwithanm mit 354    
https://github.com/megadose/OnionSearch OnionSearch is a script that scrapes urls on different .onion search engines. megadose gpl-3.0 647    
https://github.com/matiskay/html-similarity Compare html similarity using structural and style metrics matiskay bsd-3-clause 186    
https://github.com/Neo23x0/Raccine A Simple Ransomware Vaccine Neo23x0 unlicense 846    
https://github.com/nanomsg/nng nanomsg-next-generation – light-weight brokerless messaging nanomsg mit 2947    
https://github.com/ancailliau/sans-indexes Indexes for SANS Courses and GIAC Certifications ancailliau   124    
https://github.com/Debdut/names.io A Global Exhaustive First and Last Name Database Debdut apache-2.0 712    
https://github.com/WorldBrain/Memex Browser extension to curate, annotate, and discuss the most valuable content and ideas on the web. As individuals, teams and communities. WorldBrain   3552    
https://github.com/thalesgroup-cert/Watcher Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. thalesgroup-cert agpl-3.0 646    
https://github.com/google/cld3   google apache-2.0 585    
https://github.com/libnet/libnet A portable framework for low-level network packet construction libnet bsd-2-clause 762    
https://github.com/BloodHoundAD/BloodHound Six Degrees of Domain Admin BloodHoundAD gpl-3.0 7537    
https://github.com/unprovable/PentestHardware Kinda useful notes collated together publicly unprovable   475    
https://github.com/ALFA-group/BRON “Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting” by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O’Reilly ALFA-group mit 39    
https://github.com/dstotijn/hetty An HTTP toolkit for security research. dstotijn mit 4987    
https://github.com/D4-project/analyzer-d4-pewpew This analyzer creates a pewpew map out of d4 data D4-project agpl-3.0 5    
https://github.com/sherlock-project/sherlock 🔎 Hunt down social media accounts by username across social networks sherlock-project mit 36753    
https://github.com/iojw/socialscan Python library and CLI for accurately querying username and email usage on online platforms iojw mpl-2.0 953    
https://github.com/ahmadawais/hacktoberfest #Hacktoberfest + Git Resources Contributions beginners just like you. Jump in! 🎯 ahmadawais mit 91  
https://github.com/EFForg/yaya Yet Another Yara Automaton - Automatically curate open source yara rules and run scans EFForg gpl-3.0 201    
https://github.com/google/licenseclassifier A License Classifier google apache-2.0 263    
https://github.com/corkami/mitra A generator of weird files (binary polyglots, near polyglots…) corkami mit 958    
https://github.com/mne-tools/mne-python MNE: Magnetoencephalography (MEG) and Electroencephalography (EEG) in Python mne-tools bsd-3-clause 2054    
https://github.com/sobolevn/git-secret :busts_in_silhouette: A bash-tool to store your private data inside a git repository. sobolevn mit 3059    
https://github.com/JustAnotherArchivist/snscrape A social networking service scraper in Python JustAnotherArchivist gpl-3.0 1999    
https://github.com/gnebbia/kb A minimalist command line knowledge base manager gnebbia gpl-3.0 2901    
https://github.com/skeeto/endlessh SSH tarpit that slowly sends an endless banner skeeto unlicense 5633    
https://github.com/designsecurity/progpilot A static analysis tool for security designsecurity mit 269    
https://github.com/mxrch/darkshot Lightshot scraper on steroids with OCR. mxrch mpl-2.0 232    
https://github.com/oryon-osint/querytool Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more. oryon-osint   130    
https://github.com/yeti-platform/yetigo Maltego Transforms for Yeti yeti-platform apache-2.0 7    
https://github.com/internetarchive/fatcat Perpetual Access To The Scholarly Record internetarchive other 95    
https://github.com/CERT-Polska/malduck :duck: Malduck is your ducky companion in malware analysis journeys CERT-Polska gpl-3.0 203    
https://github.com/dfirtrack/dfirtrack DFIRTrack - The Incident Response Tracking Application dfirtrack other 405    
https://github.com/Sentinel-One/CobaltStrikeParser   Sentinel-One other 795    
https://github.com/mandiant/capa The FLARE team’s open-source tool to identify capabilities in executable files. mandiant apache-2.0 2442    
https://github.com/sowdust/tafferugli Tafferugli is a Twitter Analysis Framework sowdust agpl-3.0 357    
https://github.com/SiliconAnalysis/bitract Extract bits from photos SiliconAnalysis bsd-2-clause 60    
https://github.com/lorenzoromani1983/facebookTranscripts A simple (work in progress) script to extract transcripts from Google-indexed Facebook videos containing high quality transcripts lorenzoromani1983   11    
https://github.com/fossology/fossology FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow. fossology gpl-2.0 597    
https://github.com/Fizzadar/pyinfra pyinfra automates infrastructure super fast at massive scale. It can be used for ad-hoc command execution, service deployment, configuration management and more. Fizzadar mit 2066    
https://github.com/melicertes/docs The knowledge base reference to the MeliCERTes project melicertes cc0-1.0 4    
https://github.com/lightbody/browsermob-proxy A free utility to help web developers watch and manipulate network traffic from their AJAX applications. lightbody apache-2.0 1878    
https://github.com/keepassxreboot/keepassxc KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”. keepassxreboot other 14161    
https://github.com/viper-framework/viper-modules   viper-framework bsd-3-clause 5    
https://github.com/Flangvik/BetterSafetyKatz Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory. Flangvik other 649    
https://github.com/FRRouting/frr The FRRouting Protocol Suite FRRouting gpl-2.0 2340    
https://github.com/iovisor/ubpf Userspace eBPF VM iovisor apache-2.0 552    
https://github.com/raphaelm/android-barcode-keyboard Barcode keyboard for Android (not actively maintained) raphaelm   31    
https://github.com/ping/instagram_private_api A Python library to access Instagram’s private API. ping mit 2563    
https://github.com/vysecurity/morphHTA morphHTA - Morphing Cobalt Strike’s evil.HTA vysecurity   490    
https://github.com/rnd-ash/MBUX-Port Custom Infotainment UI for older Mercedes vehicles (2000-2007), inspired loosely by the 2021 S Class MBUX UI rnd-ash   95    
https://github.com/trimstray/multitor Create multiple TOR instances with a load-balancing. trimstray gpl-3.0 832    
https://github.com/sarciszewski/onionimbus-old Dedicated Reverse Proxy for Tor Hidden Services sarciszewski wtfpl 4    
https://github.com/m0nad/Diamorphine LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64) m0nad other 1130    
https://github.com/manubot/manubot Python utilities for Manubot: Manuscripts, open and automated manubot other 354    
https://github.com/AlgoSecure/Pollenisator Collaborative pentest tool with highly customizable tools AlgoSecure gpl-3.0 66    
https://github.com/roomylee/awesome-relation-extraction 📖 A curated list of awesome resources dedicated to Relation Extraction, one of the most important tasks in Natural Language Processing (NLP). roomylee   1013    
https://github.com/DC11331/website DC11331 DCG website repository, talks, news and archives DC11331   2    
https://github.com/returntocorp/semgrep Lightweight static analysis for many languages. Find bug variants with patterns that look like source code. returntocorp other 7348    
https://github.com/resemble-ai/Resemblyzer A python package to analyze and compare voices with deep learning resemble-ai apache-2.0 2050    
https://github.com/Datalux/Osintgram Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname Datalux gpl-3.0 5379    
https://github.com/johnjhacking/Buffer-Overflow-Guide This Bufferflow Guide includes instructions and the scripts necessary for Buffer Overflow Exploitation. This guide is a supplement for TheCyberMentor’s walkthrough. Please watch his walkthrough if you’re confused. Feel free to implement Pull Requests or raise Issues. johnjhacking   456    
https://github.com/adulau/napkin-text-analysis Napkin is a simple tool to produce statistical analysis of a text adulau agpl-3.0 11    
https://github.com/ail-project/ail-yara-rules A set of YARA rules for the AIL framework to detect leak or information disclosure ail-project agpl-3.0 31    
https://github.com/eCrimeLabs/phish2MISP Easy way to create a MISP event related to a Phishing page eCrimeLabs mit 15    
https://github.com/cablelabs/transparent-security Transparent Security is a solution for identify the source devices of a DDoS attack and mitigates the attack in the customer premises or the access network. This solution leverages a P4 based programmable data plane for add in-band network telemetry (INT) for device identification and in-band mitigation. cablelabs apache-2.0 25    
https://github.com/cablelabs/ddos-info-sharing The repository for the CRITS based DDoS Information Sharing platform cablelabs   5    
https://github.com/scythe-io/community-threats A place to share attack chains for testing people, process, and technology with the entire community. The largest, public library of adversary emulation and adversary simulation plans! #ThreatThursday scythe-io mit 547    
https://github.com/CodisLabs/codis Proxy based Redis cluster solution supporting pipeline and scaling dynamically CodisLabs mit 12690    
https://github.com/ignis-sec/Pwdb-Public A collection of all the data i could extract from 1 billion leaked credentials from internet. ignis-sec mit 2679    
https://github.com/SixGenInc/Noctilucent Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise SixGenInc   636    
https://github.com/Ciphey/Ciphey ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡ Ciphey mit 10904    
https://github.com/jdkato/prose :book: A Golang library for text processing, including tokenization, part-of-speech tagging, and named-entity extraction. jdkato mit 2952    
https://github.com/juhakivekas/multidiff Binary data diffing for multiple objects or streams of data juhakivekas mit 297    
https://github.com/TheWover/donut Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters TheWover bsd-3-clause 2281    
https://github.com/explosion/spacy-lookups-data 📂 Additional lookup tables and data resources for spaCy explosion mit 74    
https://github.com/darrenmartyn/vBulldozer Very loud vBulletin exploit darrenmartyn   15    
https://github.com/raylene/eng-handbook A developer’s guide to management: an open-sourced handbook for leading software engineering teams. raylene gpl-3.0 1210    
https://github.com/reald/urh Universal Radio Hacker: Experimental PlutoSDR support (via gnuradio). reald gpl-3.0 7    
https://github.com/reversinglabs/reversinglabs-yara-rules ReversingLabs YARA Rules reversinglabs mit 502    
https://github.com/blackberry/pe_tree Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports. blackberry apache-2.0 1241    
https://github.com/cytopia/pwncat pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE) cytopia mit 1493    
https://github.com/gto76/python-cheatsheet Comprehensive Python Cheatsheet gto76   30554    
https://github.com/souffle-lang/souffle Soufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification. souffle-lang upl-1.0 625    
https://github.com/GrammaTech/ddisasm A fast and accurate disassembler GrammaTech agpl-3.0 469    
https://github.com/skelsec/pypykatz Mimikatz implementation in pure Python skelsec mit 2048    
https://github.com/cypress-io/cypress Fast, easy and reliable testing for anything that runs in a browser. cypress-io mit 41383    
https://github.com/Dewera/Lunar A lightweight native DLL mapping library that supports mapping directly from memory Dewera mit 529    
https://github.com/redsolver/noteless A Markdown-based note-taking app for mobile devices. redsolver mit 447    
https://github.com/redcode-labs/SNOWCRASH A polyglot payload generator redcode-labs mit 221    
https://github.com/kpcyrd/sn0int Semi-automatic OSINT framework and package manager kpcyrd gpl-3.0 1349    
https://github.com/xHak9x/fbi Facebook Information xHak9x gpl-2.0 1058    
https://github.com/saffsd/langid.py Stand-alone language identification system saffsd other 2003    
https://github.com/Gamithra/terms-of-endearment struggled with finding cute words to call boys so I automated this Gamithra   4    
https://github.com/neolea/neolea-training-materials Open source training materials for law-enforcement and organisations interested in DFIR. neolea   47    
https://github.com/bsolomon1124/demoji Accurately find/replace/remove emojis in text strings bsolomon1124 apache-2.0 130    
https://github.com/ail-project/equaeris A modular scanner for finding open data store (MongoDB, Redis or alike) and feed result into AIL ail-project agpl-3.0 6    
https://github.com/glscopeclient/scopehal Test and measurement hardware abstraction library and protocol decodes. This is the library only. Most users should use scopehal-apps. glscopeclient bsd-3-clause 120    
https://github.com/cerebrate-project/cerebrate-training Cerebrate training materials cerebrate-project   7    
https://github.com/excalidraw/excalidraw Virtual whiteboard for sketching hand-drawn like diagrams excalidraw mit 34603    
https://github.com/foambubble/foam A personal knowledge management and sharing system for VSCode foambubble other 13015    
https://github.com/ndionysus/multitask-cyberthreat-detection This repository holds the data, source code and resulting model weights for the paper “Towards end-to-end Cyberthreat Detection from Twitter using Multi-Task Learning” to be presented at IJCNN 2020. ndionysus mit 14    
https://github.com/caresteouvert/caresteouvert Ça reste ouvert - the collaborative map of open places during the lockdown caresteouvert agpl-3.0 56    
https://github.com/scriptingislife/s3eker s3eker is an extensible way to find open S3 buckets. scriptingislife   17    
https://github.com/lucky-luk3/Grafiki Threat Hunting tool about Sysmon and graphs lucky-luk3 lgpl-3.0 245    
https://github.com/target/huntlib A Python library to help with some common threat hunting data analysis operations target mit 123    
https://github.com/huggingface/tokenizers 💥 Fast State-of-the-Art Tokenizers optimized for Research and Production huggingface apache-2.0 5995    
https://github.com/huggingface/datasets 🤗 The largest hub of ready-to-use datasets for ML models with fast, easy-to-use and efficient data manipulation tools huggingface apache-2.0 14676    
https://github.com/bitquark/dnspop Analysis of DNS records to find popular trends bitquark mit 412    
https://github.com/alphaSeclab/persistence Resources About Persistence, Multiple Platforms. Including ~80 Tools and 300+ Posts. alphaSeclab   84    
https://github.com/bigb0sss/LinkedinMama Linkedin Employee Profile Scrapper bigb0sss mit 45    
https://github.com/IFGHou/Unicornscan An asynchronous TCP and UDP port scanner developed by the late Jack C. Louis. IFGHou other 9    
https://github.com/HyperDbg/HyperDbg State-of-the-art native debugging tool HyperDbg gpl-3.0 1877    
https://github.com/yunuscadirci/CallStranger Vulnerability checker for Callstranger (CVE-2020-12695) yunuscadirci mit 386    
https://github.com/ntop/PF_RING High-speed packet processing framework ntop lgpl-2.1 2319    
https://github.com/ZecOps/CVE-2020-0796-RCE-POC CVE-2020-0796 Remote Code Execution POC ZecOps   479    
https://github.com/flameshot-org/flameshot Powerful yet simple to use screenshot software :desktop_computer: :camera_flash: flameshot-org gpl-3.0 19243    
https://github.com/ZecOps/CVE-2020-1206-POC CVE-2020-1206 Uninitialized Kernel Memory Read POC ZecOps other 144    
https://github.com/0xThiebaut/sigmai Import specific data sources into the Sigma generic and open signature format. 0xThiebaut eupl-1.2 69    
https://github.com/github/gitignore A collection of useful .gitignore templates github cc0-1.0 140235    
https://github.com/CERTCC/PoC-Exploits Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems. CERTCC bsd-3-clause 167    
https://github.com/m4ll0k/SecretFinder SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files m4ll0k gpl-3.0 1180    
https://github.com/paperbay/publishing-hack.lu-2020 publishing - hack.lu 2020 book paperbay   3    
https://github.com/quarkslab/binbloom Raw binary firmware analysis software quarkslab apache-2.0 360    
https://github.com/enisaeu/IRtools The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams enisaeu   47    
https://github.com/fmarotta/kaobook A LaTeX class for books, reports or theses based on https://github.com/kenohori/thesis and https://github.com/Tufte-LaTeX/tufte-latex. fmarotta lppl-1.3c 594    
https://github.com/InQuest/ThreatIngestor Extract and aggregate threat intelligence. InQuest gpl-2.0 604    
https://github.com/nazywam/AutoIt-Ripper Extract AutoIt scripts embedded in PE binaries nazywam mit 116    
https://github.com/3c7/common-osint-model Converting data from services like Censys and Shodan to a common data model 3c7 mit 34    
https://github.com/secdev/scapy Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3. secdev gpl-2.0 8124    
https://github.com/C00kie-/squirrel.lu   C00kie- cc-by-sa-4.0 5    
https://github.com/free5gc/free5gc Open source 5G core network base on 3GPP R15 free5gc apache-2.0 1468    
https://github.com/chompie1337/SMBGhost_RCE_PoC   chompie1337   1189    
https://github.com/googleprojectzero/TinyInst A lightweight dynamic instrumentation library googleprojectzero apache-2.0 837    
https://github.com/KingNull-dumps/Hosting Daniel’s Hosting - 8350 DBs KingNull-dumps   4    
https://github.com/cerebrate-project/cerebrate Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools. cerebrate-project agpl-3.0 64    
https://github.com/certat/rtir-scripts Various small scripts that make life easier with RT(IR) certat agpl-3.0 3    
https://github.com/Binject/backdoorfactory A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire. Binject gpl-3.0 339    
https://github.com/zadam/trilium Build your personal knowledge base with Trilium Notes zadam agpl-3.0 18514    
https://github.com/nshalabi/Coding-Ghidra Java Library wrapper for Ghidra Headless Analysis + Java Samples nshalabi   13    
https://github.com/JoelGMSec/AutoRDPwn The Shadow Attack Framework JoelGMSec gpl-3.0 911    
https://github.com/xnih/satori Python rewrite of passive OS fingerprinting tool xnih gpl-2.0 74    
https://github.com/BardinPetr/FINCERT-Sirius Automated IOC-scanner for FinCERT BardinPetr gpl-3.0 6    
https://github.com/Textualize/rich Rich is a Python library for rich text and beautiful formatting in the terminal. Textualize mit 40549    
https://github.com/utkusen/shotlooter a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc utkusen bsd-3-clause 553    
https://github.com/0xballistics/inject2pe inject or convert shellcode to PE 0xballistics gpl-3.0 22    
https://github.com/nsacyber/WALKOFF A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber nsacyber other 1106    
https://github.com/WithSecureLabs/captcha22 CAPTCHA22 is a toolset for building, and training, CAPTCHA cracking models using neural networks. WithSecureLabs mit 238    
https://github.com/paulpierre/informer A Telegram Mass Surveillance Bot in Python paulpierre mit 1088    
https://github.com/citcheese/telegramMonitor Dump messages and media info from list of Telegram channels to CSV and monitor for changes citcheese   17    
https://github.com/j-core/gnss-baseband Baseband Receiver IP for GPS like DSSS signals j-core other 21    
https://github.com/F5OEO/dvbsdr DVB transmit and receive F5OEO gpl-3.0 31    
https://github.com/sheharbano/scan_liveness Code for the paper “Scanning the Internet for Liveness” sheharbano   10    
https://github.com/WithSecureLabs/C3 Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits. WithSecureLabs other 1222    
https://github.com/citcheese/SqlParserPlus convert SQL dumps and other leaked db dump formats to CSV citcheese   28    
https://github.com/java-deobfuscator/deobfuscator The real deal java-deobfuscator apache-2.0 1245    
https://github.com/antijingoist/opendyslexic OpenDyslexic, a typeface that uses typeface shapes & features to help offset some visual symptoms of Dyslexia. Now in SIL-OFL. antijingoist other 347    
https://github.com/spacerace/romfont VGA and BIOS rom font extraction spacerace   495    
https://github.com/Alir3z4/html2text Convert HTML to Markdown-formatted text. Alir3z4 gpl-3.0 1318    
https://github.com/google/AFL american fuzzy lop - a security-oriented fuzzer google apache-2.0 2931    
https://github.com/outflanknl/EvilClippy A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows. outflanknl gpl-3.0 1777    
https://github.com/MISP/misp-opendata Tool to submit / delete data from MISP to opendata portal MISP agpl-3.0 5    
https://github.com/nemec/elasticslurp identify and investigate open ElasticSearch servers nemec mit 6    
https://github.com/git-artes/gr-tempest An implementation of TEMPEST en GNU Radio git-artes other 414    
https://github.com/Shuffle/Shuffle Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing. Shuffle agpl-3.0 812    
https://github.com/S1sirocks/TwitterMon TwitterMon is a module developed for AIL framework which allows to monitor the content published in Twitter either within a certain period of time or in real time, in addition to performing a sentiment analysis and a statistical analysis of the publications collected. S1sirocks agpl-3.0 8    
https://github.com/byt3bl33d3r/WitnessMe Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier. byt3bl33d3r gpl-3.0 641    
https://github.com/cyrozap/mediatek-lte-baseband-re Notes and utilities for reverse engineering the MediaTek LTE baseband and its Coresonic DSP. cyrozap gpl-3.0 142    
https://github.com/DissectMalware/xlrd2 xlrd2 is a variant of xlrd that is actively maintained DissectMalware apache-2.0 21    
https://github.com/intel/cve-bin-tool The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with a list of components and versions. intel gpl-3.0 588    
https://github.com/JarryShaw/PyPCAPKit Python multi-engine PCAP analysis kit. JarryShaw bsd-3-clause 155    
https://github.com/SecureAuthCorp/impacket Impacket is a collection of Python classes for working with network protocols. SecureAuthCorp other 10061    
https://github.com/stricaud/research Placeholder for my research content stricaud   1    
https://github.com/JPCERTCC/SysmonSearch Investigate suspicious activity by visualizing Sysmon’s event log JPCERTCC other 371    
https://github.com/python-telegram-bot/python-telegram-bot We have made you a wrapper you can’t refuse python-telegram-bot gpl-3.0 20051    
https://github.com/oseiskar/corona-sniffer Contact Tracing BLE sniffer PoC oseiskar agpl-3.0 75    
https://github.com/nasa-jpl/COVID-19-respirators JPL designed 3D and tested printed respirators to help with the COVID-19 pandemic response. nasa-jpl apache-2.0 118    
https://github.com/ail-project/ail-training AIL project training materials ail-project   12    
https://github.com/jgm/pandoc Universal markup converter jgm other 26845    
https://github.com/cgarciae/pypeln Concurrent data pipelines in Python  »> cgarciae mit 1382    
https://github.com/GliaX/Stethoscope A research-validated stethoscope whose plans are available Freely and openly. The cost of the entire stethoscope is between $2.5 to $5 to produce GliaX other 688    
https://github.com/StrangerealIntel/CyberThreatIntel Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups StrangerealIntel   588    
https://github.com/osrg/rustybgp BGP implemented in the Rust Programming Language osrg apache-2.0 340    
https://github.com/mimno/Mallet MALLET is a Java-based package for statistical natural language processing, document classification, clustering, topic modeling, information extraction, and other machine learning applications to text. mimno other 889    
https://github.com/evllabs/JGAAP The Java Graphical Authorship Attribution Program evllabs   233    
https://github.com/Postuf/telegram-osint-lib Telegram scenario-based API aimed at OSINT Postuf mit 129    
https://github.com/apache/incubator-kvrocks Kvrocks is a distributed key value NoSQL database that uses RocksDB as storage engine and is compatible with Redis protocol. apache apache-2.0 1805    
https://github.com/pts/tinygpgs symmetric key encryption compatible with GPG in Python pts mit 2    
https://github.com/nsacyber/Mitigating-Web-Shells Guidance for mitigation web shells. #nsacyber nsacyber other 871    
https://github.com/Alexiskln/Taxonomy_Of_Infantry_Small_Arms This is a taxonomy of infantry small arms based on https://www.militaryfactory.com/smallarms/guns-by-type.asp Alexiskln   2    
https://github.com/M0un/SE_API_module MISP module which displays informations about an URL based on a google search engine API. In order to use this hover type module you need to download the following API : https://github.com/abenassi/Google-Search-API. No API key is needed. M0un   1    
https://github.com/N1col4s5742/StolenCarsUS Projet Threat Intelligence - PyMisp - Stolen Cars US N1col4s5742   1    
https://github.com/Nedfire2347/Taxonomy-cia-Intelligence-Analysis-Variables Foundations for Meta-Analysis by Rob Johnston for MISP-Instance Nedfire2347   1    
https://github.com/ail-project/ail-framework AIL framework - Analysis Information Leak framework ail-project agpl-3.0 333    
https://github.com/goose3/goose3 A Python 3 compatible version of goose http://goose3.readthedocs.io/en/latest/index.html goose3 apache-2.0 590    
https://github.com/deep-insights-ai/covid-19-classifier A fastai2 based Covid-19 classifier deep-insights-ai gpl-3.0 16    
https://github.com/citcheese/ODBParser OSINT tool to search, parse and dump only the open Elasticsearch and MongoDB directories that have the data you care about exposing citcheese mit 41    
https://github.com/martinvigo/email2phonenumber A OSINT tool to obtain a target’s phone number just by having his email address martinvigo mit 1090    
https://github.com/Rob–W/cookie-manager Cookie Manager for Firefox (Desktop/Android), Chrome. Supports viewing and editing of cookies and private cookies. Rob–W mpl-2.0 76    
https://github.com/D4-project/analyzer-d4-pcap-filter d4 analyzer - PCAP filter D4-project agpl-3.0 3    
https://github.com/ly4k/SMBGhost Scanner for CVE-2020-0796 - SMBv3 RCE ly4k   627    
https://github.com/coetaur0/staticfg Python3 control flow graph generator coetaur0 apache-2.0 131    
https://github.com/MyGodIsHe/pipeplot Displays an interactive graph based on data from pipe. MyGodIsHe mit 11    
https://github.com/kc0bfv/pcode-emulator A PCode Emulator for Ghidra. kc0bfv other 90    
https://github.com/AllsafeCyberSecurity/awesome-ghidra A curated list of awesome Ghidra materials AllsafeCyberSecurity   815    
https://github.com/mhaskar/Octopus Open source pre-operation C2 server based on python and powershell mhaskar gpl-3.0 643    
https://github.com/sajjadium/DeepCrawling Crawlium (DeepCrawling): A crawling platform based on Chrome (Chromium) browser to get a deeper look into the ecosystem of content inclusion on the Web. sajjadium mit 49    
https://github.com/bigbluebutton/bigbluebutton Complete open source web conferencing system. bigbluebutton lgpl-3.0 7716    
https://github.com/laerne/desaturate_all Desature the entire gnome workspace laerne gpl-3.0 69    
https://github.com/craiu/mobiletrackers A repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries. craiu gpl-3.0 110    
https://github.com/obert01/otx_misp Imports Alienvault OTX pulses to a MISP instance obert01 other 6    
https://github.com/MISP/misp_dockerized_testing Test MISP instances using a dockerized infrastructure MISP mit 2    
https://github.com/mrfearless/APISearch-Plugin-x86 APISearch Plugin (x86) - A Plugin For x64dbg mrfearless   46    
https://github.com/cocaman/malware-bazaar Python scripts for Malware Bazaar cocaman cc-by-sa-4.0 96    
https://github.com/ckane/CS7038-Malware-Analysis Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038) ckane   590    
https://github.com/vz-risk/VCDB VERIS Community Database vz-risk other 505    
https://github.com/D4-project/d4-pyclient D4 core software client in Python https://www.d4-project.org/ D4-project bsd-2-clause 4    
https://github.com/gnuradio/gr-etcetera Additional PyBOMBS recipes that aren’t in gr-recipes gnuradio   77    
https://github.com/opendxl/opendxl-misp-service-python MISP service for use with the OpenDXL Python Client opendxl apache-2.0 3    
https://github.com/hugsy/CFB Canadian Furious Beaver is a tool for monitoring IRP handler in Windows drivers, and facilitating the process of analyzing, replaying and fuzzing Windows drivers for vulnerabilities hugsy   242    
https://github.com/twintproject/twint An advanced Twitter scraping & OSINT tool written in Python that doesn’t use Twitter’s API, allowing you to scrape a user’s followers, following, Tweets and more while evading most API limitations. twintproject mit 13958    
https://github.com/jkovacic/FreeRTOS-GCC-ARM926ejs A port of FreeRTOS to the ARM 929EJ-S Versatile Platform Baseboard jkovacic other 84    
https://github.com/StrangerealIntel/DailyIOC IOC from articles, tweets for archives StrangerealIntel   297    
https://github.com/whid-injector/Focaccia-Board Multipurpose Breakout for the FT232H whid-injector lgpl-3.0 63    
https://github.com/D4-project/analyzer-d4-isn D4 Analyser to get stats and graphs on TCP SYN packets where IP_DST==ISN D4-project   3    
https://github.com/monoxgas/Koppeling Adaptive DLL hijacking / dynamic export forwarding monoxgas gpl-3.0 531    
https://github.com/skylot/jadx Dex to Java decompiler skylot apache-2.0 32118    
https://github.com/u-boot/u-boot “Das U-Boot” Source Tree u-boot   2450    
https://github.com/GlasgowEmbedded/glasgow Scots Army Knife for electronics GlasgowEmbedded 0bsd 1588    
https://github.com/firmadyne/firmadyne Platform for emulation and dynamic analysis of Linux-based firmware firmadyne mit 1519    
https://github.com/nongiach/arm_now arm_now is a qemu powered tool that allows instant setup of virtual machines on arm cpu, mips, powerpc, nios2, x86 and more, for reverse, exploit, fuzzing and programming purpose. nongiach mit 808    
https://github.com/therealsaumil/emux EMUX Firmware Emulation Framework (formerly ARMX) therealsaumil mpl-2.0 503    
https://github.com/Wenzel/pyvmidbg LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger Wenzel gpl-3.0 213    
https://github.com/C00kie-/workshop-materials Presented hardware reverse engineering workshops since 2019 C00kie- other 60    
https://github.com/joxeankoret/diaphora Diaphora, the most advanced Free and Open Source program diffing tool. joxeankoret agpl-3.0 2429    
https://github.com/sophos/yaraml_rules Security ML models encoded as Yara rules sophos apache-2.0 162    
https://github.com/redcanaryco/chain-reactor Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints. redcanaryco mit 259    
https://github.com/0x90/ss7-arsenal SS7 tools and scripts 0x90   145    
https://github.com/elfmaster/dt_infect ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD elfmaster   91    
https://github.com/google/OpenSK OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards. google apache-2.0 2323    
https://github.com/D4-project/analyzer-d4-log Analyze logs collected though d4 to produce diverse statistics. D4-project agpl-3.0 4    
https://github.com/andreafioraldi/frida-fuzzer This experimetal fuzzer is meant to be used for API in-memory fuzzing. andreafioraldi apache-2.0 518    
https://github.com/py4n6/pytsk Python bindings for The Sleuth Kit (libtsk) py4n6 apache-2.0 71    
https://github.com/j91321/rext Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices. j91321 gpl-3.0 346    
https://github.com/opencybersecurityalliance/ontology The OpenDXL Ontology project is focused on the development of an open and interoperable cybersecurity messaging format for use with the OpenDXL messaging bus opencybersecurityalliance other 78    
https://github.com/gaul/awesome-ld-preload List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time gaul   789    
https://github.com/charles2gan/GDA-android-reversing-Tool the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc. charles2gan apache-2.0 2999    
https://github.com/tenzir/threatbus 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools. tenzir bsd-3-clause 229    
https://github.com/EBWi11/AgentSmith-HIDS By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill. EBWi11 gpl-2.0 565    
https://github.com/luigifcruz/CyberRadio 📻 An SDR Based FM/AM Radio For Desktop. Accelerated with #cuSignal and Numba. luigifcruz gpl-3.0 180    
https://github.com/juand-r/entity-recognition-datasets A collection of corpora for named entity recognition (NER) and entity recognition tasks. These annotated datasets cover a variety of languages, domains and entity types. juand-r mit 1242    
https://github.com/mixxxdj/mixxx Mixxx is Free DJ software that gives you everything you need to perform live mixes. mixxxdj other 3026    
https://github.com/magenta/ddsp DDSP: Differentiable Digital Signal Processing magenta apache-2.0 2327    
https://github.com/CybercentreCanada/CCCS-Yara YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA CybercentreCanada mit 66    
https://github.com/x1sec/citrixmash_scanner A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash / Shitrix x1sec mit 36    
https://github.com/microsoft/msticpy Microsoft Threat Intelligence Security Tools microsoft other 1101    
https://github.com/aliasrobotics/flawfinder Python 3-enabled flawfinder, a tool to lexically find potential security flaws (“hits”) in source code aliasrobotics gpl-2.0 2    
https://github.com/zhuhuibeishadiao/PatchGuardResearch win10 pgContext dynamic dump (btc version) zhuhuibeishadiao   87    
https://github.com/ijl/orjson Fast, correct Python JSON library supporting dataclasses, datetimes, and numpy ijl apache-2.0 3899    
https://github.com/Fuzzers-Archive/Superion Superion is a fuzzer which extends the famous AFL to support structured inputs such as JavaScript and XML. Fuzzers-Archive   8    
https://github.com/corundum/corundum Open source FPGA-based NIC and platform for in-network compute corundum other 972    
https://github.com/panagioto/Mimir A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes. panagioto   39    
https://github.com/brannondorsey/naive-hashcat Crack password hashes without the fuss :cat2: brannondorsey mit 972    
https://github.com/dask/dask Parallel computing with task scheduling dask bsd-3-clause 10453    
https://github.com/firstlookmedia/gpgsync :lock: GPG Sync is designed to let users always have up-to-date public keys for other members of their organization firstlookmedia gpl-3.0 332    
https://github.com/MISP/threat-actor-intelligence-server A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors. MISP agpl-3.0 32    
https://github.com/laucyun/APT34 APT34/OILRIG leak laucyun other 62    
https://github.com/jfoote/exploitable The ‘exploitable’ GDB plugin jfoote other 601    
https://github.com/codecat/ClawSearch A memory scanner plugin for x64dbg, inspired by Cheat Engine. codecat gpl-3.0 213    
https://github.com/vikramarsid/msg_parser Python module to read, parse and converting Microsoft Outlook MSG E-Mail files. vikramarsid bsd-2-clause 41    
https://github.com/Hackndo/lsassy Extract credentials from lsass remotely Hackndo mit 1504    
https://github.com/hephaest0s/usbkill « usbkill » is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer. hephaest0s   4084    
https://github.com/opengdpr/OpenDSR A common framework enabling companies to work together to protect consumers’ privacy and data rights. opengdpr other 333    
https://github.com/x25today/voipwardialer A Voip Wardialer for the phreaking of 2020 x25today   42    
https://github.com/HexHive/retrowrite RetroWrite – Retrofitting compiler passes through binary rewriting HexHive other 496    
https://github.com/stewartsmith/libeatmydata libeatmydata - because fsync() should be a no-op stewartsmith gpl-3.0 282    
https://github.com/DavidBuchanan314/dlinject Inject a shared library (i.e. arbitrary code) into a live linux process, without ptrace DavidBuchanan314 mit 666    
https://github.com/allenai/allennlp An open-source NLP research library, built on PyTorch. allenai apache-2.0 11271    
https://github.com/argilo/gr-flarm FLARM receiver for GNU Radio argilo gpl-3.0 25    
https://github.com/WalkingCat/ExpDiff Diff tool for comparing export tables in PE images WalkingCat   24    
https://github.com/muccc/iridium-toolkit A set of tools to parse Iridium frames muccc   390    
https://github.com/muccc/gr-iridium Iridium burst detector and demodulator. muccc   253    
https://github.com/alphaSeclab/awesome-forensics Awesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics. alphaSeclab   538    
https://github.com/lightswitch05/php-version-audit Audit your PHP version for known CVEs and patches lightswitch05 apache-2.0 100    
https://github.com/rxwx/CVE-2018-0802 PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882) rxwx   268    
https://github.com/0xR0/shellver Reverse Shell Cheat Sheet TooL 0xR0   282    
https://github.com/cseagle/blc Integrate Ghidra’s decompiler as an Ida plugin cseagle gpl-2.0 364    
https://github.com/str4d/rage A simple, secure and modern encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability. str4d apache-2.0 1631    
https://github.com/devio/FinSpy-Tools Tools for the analysis of FinSpy/FinFisher components #spyware #trojan #govware devio   84    
https://github.com/Linuzifer/FinSpy-Dokumentation CCC: Analyse des Staatstrojaners “FinSpy” für Android Linuzifer   118    
https://github.com/jedisct1/ping Pong revolution. jedisct1 gpl-2.0 13    
https://github.com/gchq/stroom Stroom is a highly scalable data storage, processing and analysis platform. gchq apache-2.0 395    
https://github.com/HynekPetrak/malware-jail Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js HynekPetrak mit 411    
https://github.com/ONLYOFFICE/CommunityServer Free open source office suite with business productivity tools: document and project management, CRM, mail aggregator. ONLYOFFICE apache-2.0 1843    
https://github.com/ionescu007/winipt The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool. ionescu007 bsd-2-clause 302    
https://github.com/can1357/ByePg Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI can1357   633    
https://github.com/tarantula-team/CVE-2019-12949 CVE-2019-12949 tarantula-team   27    
https://github.com/sipa/bech32 Code snippets and analysis of the Bech32 format sipa   165    
https://github.com/lionsoul2014/ip2region Ip2region (2.0 - xdb) is a offline IP address manager framework and locator, support billions of data segments, ten microsecond searching performance. xdb engine implementation for many programming languages lionsoul2014 apache-2.0 12348    
https://github.com/hack-different/smcutil SMC utility for modifying and examining Apple’s SMC payloads. hack-different mit 31    
https://github.com/KasperskyLab/hb_dec   KasperskyLab   10    
https://github.com/brakmic/Sinkholes :bug: Malware Sinkhole List in various formats brakmic mit 95    
https://github.com/Xyrodileas/misp-k8s Automated deployment of MISP and MISP-Dashboard via K8S and AWS Xyrodileas lgpl-3.0 18    
https://github.com/adulau/MalwareClassifier Malware Classifier From Network Captures adulau   79    
https://github.com/h3x2b/yara-rules Yara rules for detecting malware h3x2b   17    
https://github.com/deadbits/yara-rules Collection of YARA signatures from individual research deadbits unlicense 34    
https://github.com/doyensec/inql InQL - A Burp Extension for GraphQL Security Testing doyensec apache-2.0 1057    
https://github.com/sharkdp/hexyl A command-line hex viewer sharkdp apache-2.0 7161    
https://github.com/mitre-attack/tram Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK. mitre-attack apache-2.0 332    
https://github.com/belangeo/soundgrain Graphical interface to control granular sound synthesis. belangeo   122    
https://github.com/wesinator/GroundTruths Knowledgebase of universal truths and technical analysis caveats for CTI and DFIR, in one place. wesinator   6    
https://github.com/codexgigassys/codex-backend Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in malware hunting. codexgigassys mit 155    
https://github.com/ANSSI-FR/chipsec-check Tools to generate a Debian Linux distribution with chipsec to test hardware requirements ANSSI-FR bsd-2-clause 41    
https://github.com/telsy-cyberops/research Telsy CTI Research Team telsy-cyberops   55    
https://github.com/mandiant/SharPersist   mandiant other 917    
https://github.com/software-engineering-and-security/inspector-gadget Inspector-gadget (a.k.a. PSHAPE - Practical Support for Half-Automated Program Exploitation) is an open source tool which assists analysts in exploit development. It discovers gadgets, chains gadgets together, and ensures that side effects such as register dereferences do not crash the program. software-engineering-and-security lgpl-2.1 15    
https://github.com/0xdidu/Reverse-Engineering-Intel-x64-101 Material for a RE 101 class on Intel x64 binaries 0xdidu   162    
https://github.com/ageitgey/face_recognition The world’s simplest facial recognition api for Python and the command line ageitgey mit 46325    
https://github.com/Areizen/Android-Malware-Sandbox Android Malware Sandbox Areizen apache-2.0 231    
https://github.com/qilingframework/qiling Qiling Advanced Binary Emulation Framework qilingframework gpl-2.0 3740    
https://github.com/eXascaleInfolab/GraphEmbEval Graph (network) embeddings evaluation framework via classification, gram martix construction for links prediction eXascaleInfolab gpl-3.0 6    
https://github.com/microsoft/presidio Context aware, pluggable and customizable data protection and anonymization SDK for text and images microsoft mit 1872    
https://github.com/p3nt4/PowerShdll Run PowerShell with rundll32. Bypass software restrictions. p3nt4 mit 1387    
https://github.com/uccidibuti/bitrush-index A serializable bitmap index library able to index millions values/sec on a single thread. uccidibuti gpl-3.0 17    
https://github.com/Azure/Azure-Sentinel Cloud-native SIEM for intelligent security analytics for your entire enterprise. Azure mit 2767    
https://github.com/bpftools/linux-observability-with-bpf Code snippets from the O’Reilly book bpftools apache-2.0 737    
https://github.com/silence-is-best/c2db c2 traffic silence-is-best   170    
https://github.com/GrammaTech/gtirb Intermediate Representation for Binary analysis and transformation GrammaTech mit 235    
https://github.com/aliasrobotics/RVD Robot Vulnerability Database. An archive of robot vulnerabilities and bugs. aliasrobotics gpl-3.0 130    
https://github.com/D4-project/demotic-js Common JS utilities used by ordinary people D4-project bsd-2-clause 3    
https://github.com/heiswayi/pgp PGP Suite - A simple and easy-to-use client-side PGP tool. heiswayi mit 42    
https://github.com/anthonykasza/nxes   anthonykasza   7    
https://github.com/ppiizzaa/runtime VEH Redirect & VEH Debugger ppiizzaa gpl-3.0 20    
https://github.com/MohitDabas/malwinx Just a normal flask web app to understand win32api with code snippets and references. MohitDabas   75    
https://github.com/BC-SECURITY/Empire Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. BC-SECURITY bsd-3-clause 2881    
https://github.com/SentineLabs/TrickBot-Anchor This is a repository for the public blog with Labs indicators of compromise. SentineLabs   11    
https://github.com/kevoreilly/CAPEv2 Malware Configuration And Payload Extraction kevoreilly other 933    
https://github.com/CaliDog/certstream-python Python library for connecting to CertStream CaliDog mit 344    
https://github.com/rodneyviana/netext WinDbg extension for data mining managed heap. It also includes commands to list http request, wcf services, WIF tokens among others rodneyviana other 159    
https://github.com/Huawei-LTE-routers-mods/imei_generator IMEI generator used in Huawei modified firmware Huawei-LTE-routers-mods   9    
https://github.com/kent37/guess-language Automatically exported from code.google.com/p/guess-language kent37 lgpl-2.1 47    
https://github.com/dncc/qpick Search for similar short strings dncc gpl-2.0 52    
https://github.com/google/sentencepiece Unsupervised text tokenizer for Neural Network-based text generation. google apache-2.0 6256    
https://github.com/KeyviDev/keyvi-server A key value store powered by keyvi KeyviDev apache-2.0 6    
https://github.com/KeyviDev/keyvi Keyvi - the key value index. It is an in-memory FST-based data structure highly optimized for size and lookup performance. KeyviDev apache-2.0 205    
https://github.com/mwouts/jupytext Jupyter Notebooks as Markdown Documents, Julia, Python or R scripts mwouts mit 5642    
https://github.com/skelsec/jackdaw gather gather gather skelsec   509    
https://github.com/ret2jazzy/disasm.pro A realtime assembler/disassembler (formerly known as disasm.ninja) ret2jazzy   239    
https://github.com/ZoneMinder/zoneminder ZoneMinder is a free, open source Closed-circuit television software application developed for Linux which supports IP, USB and Analog cameras. ZoneMinder gpl-2.0 3873    
https://github.com/mandiant/FIDL A sane API for IDA Pro’s decompiler. Useful for malware RE and vulnerability research mandiant mit 409    
https://github.com/threat9/routersploit Exploitation Framework for Embedded Devices threat9 other 10581    
https://github.com/volatilityfoundation/volatility3 Volatility 3.0 development volatilityfoundation other 1106    
https://github.com/OCSAF/freevulnsearch Free and open NMAP NSE script to query vulnerabilities via the cve-search.org API. OCSAF gpl-3.0 235    
https://github.com/cudeso/misp-usergroups MISP User Groups cudeso   10    
https://github.com/laconicwolf/cors-scanner A multi-threaded scanner that helps identify CORS flaws/misconfigurations laconicwolf   16    
https://github.com/CoatiSoftware/Sourcetrail Sourcetrail - free and open-source interactive source explorer CoatiSoftware gpl-3.0 12990    
https://github.com/0x09AL/RdpThief Extracting Clear Text Passwords from mstsc.exe using API Hooking. 0x09AL   922    
https://github.com/CERT-Polska/proactive-detection-survey Reference material for the proactive detection of incidents survey CERT-Polska   7    
https://github.com/Akaion/Bleak A Windows native DLL injection library that supports several methods of injection. Akaion mit 601    
https://github.com/berthubert/galmon galileo open source monitoring berthubert gpl-3.0 147    
https://github.com/stricaud/sightingdb SightingDB is a database for Sightings stricaud mit 18    
https://github.com/cisagov/Malcolm Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. cisagov other 1228    
https://github.com/veracode-research/solr-injection Apache Solr Injection Research veracode-research   537    
https://github.com/JohnLaTwC/Shared Shared Blogs and Notebooks JohnLaTwC   329    
https://github.com/3xpl01tc0d3r/ProcessInjection This program is designed to demonstrate various process injection techniques 3xpl01tc0d3r gpl-3.0 785    
https://github.com/DFIRKuiper/Kuiper Digital Forensics Investigation Platform DFIRKuiper   539    
https://github.com/benjojo/bgp-battleships Play battleships using BGP benjojo   398    
https://github.com/nhorman/dropwatch   nhorman gpl-2.0 459    
https://github.com/secureworks/aristotle   secureworks apache-2.0 16    
https://github.com/OALabs/BlobRunner Quickly debug shellcode extracted during malware analysis OALabs mit 405    
https://github.com/satwikbh/custom-yara-rules Custom Yara rules which are collected from various sources satwikbh   2    
https://github.com/Ph055a/OSINT_Collection Maintained collection of OSINT related resources. (All Free & Actionable) Ph055a   1321    
https://github.com/arxsys/dff DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities. arxsys gpl-2.0 207    
https://github.com/joesecurity/sigma-rules Sigma rules from Joe Security joesecurity gpl-3.0 134    
https://github.com/daddycocoaman/BeaconGraph Graph visualization of wireless client and access point relationships daddycocoaman gpl-3.0 103    
https://github.com/svperbeast/struct pack and unpack binary data. svperbeast mit 49    
https://github.com/astrelsky/Ghidra-Cpp-Class-Analyzer Ghidra C++ Class and Run Time Type Information Analyzer astrelsky mit 520    
https://github.com/DevoInc/pCraft   DevoInc mit 86    
https://github.com/SecurityRiskAdvisors/VECTR VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios SecurityRiskAdvisors   1001    
https://github.com/randomuserid/Adama Searches For Threat Hunting and Security Analytics randomuserid other 237    
https://github.com/ITAYC0HEN/APT-Ecosystem This repository contains the website and the tools which are part of the joint research between Check Point Research and Intezer to map the connections inside the APT Ecosystem of Russia. ITAYC0HEN   103    
https://github.com/i-tu/Hasklig Hasklig - a code font with monospaced ligatures i-tu ofl-1.1 5324    
https://github.com/misinfosecproject/amitt_framework Repo replaced by cogsec-collaborative/AMITT misinfosecproject cc-by-sa-4.0 158    
https://github.com/microsoft/SandDance Visually explore, understand, and present your data. microsoft mit 5891    
https://github.com/FiloSottile/age A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability. FiloSottile bsd-3-clause 11957    
https://github.com/hroi/treebitmap Fast IP lookup table for IPv4/IPv6 prefixes hroi mit 82    
https://github.com/plougher/squashfs-tools tools to create and extract Squashfs filesystems plougher gpl-2.0 419    
https://github.com/zzrcxb/fusor Obfuscator based on logic-bombs zzrcxb gpl-3.0 41    
https://github.com/GoSecure/malboxes Builds malware analysis Windows VMs so that you don’t have to. GoSecure gpl-3.0 986    
https://github.com/leeoniya/uPlot 📈 A small, fast chart for time series, lines, areas, ohlc & bars leeoniya mit 7414    
https://github.com/elfmaster/libelfmaster Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools elfmaster   338    
https://github.com/mjosaarinen/pqps Tools for power measurements of post-quantum cryptographic algorithms mjosaarinen   22    
https://github.com/tadeck/onetimepass One-time password library for HMAC-based (HOTP) and time-based (TOTP) passwords tadeck mit 663    
https://github.com/RichieB2B/php-resque-ex PHP port of resque (Workers and Queueing), with phpredis support, and more logging options RichieB2B mit 1    
https://github.com/idealo/imagededup 😎 Finding duplicate images made easy! idealo apache-2.0 4226    
https://github.com/robertdavidgraham/dnsparse Parses DNS responses in a secure, rigorous manner robertdavidgraham   16    
https://github.com/JonathanSalwan/binary-samples Samples of binary with different formats and architectures. A test suite for your binary analysis tools. JonathanSalwan mit 201    
https://github.com/dgkim0803/CTIMiner CTI database generator and public dataset dgkim0803   19    
https://github.com/naftaliharris/tauthon Fork of Python 2.7 with new syntax, builtins, and libraries backported from Python 3. naftaliharris other 650    
https://github.com/Ekultek/WhatBreach OSINT tool to find breached emails, databases, pastes, and relevant information Ekultek   763    
https://github.com/luke8086/boot2c A simple way to write standalone C programs for i386 luke8086   243    
https://github.com/D4-project/d4-sensor-generator   D4-project agpl-3.0 4    
https://github.com/security-architecture/detect-secrets An enterprise friendly way of detecting and preventing secrets in code. security-architecture apache-2.0 1    
https://github.com/ThreatHuntingProject/hunter A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook. ThreatHuntingProject mit 206    
https://github.com/CIRCL/forensic-tools CIRCL system forensic tools or a jumble of tools to support forensic CIRCL   33    
https://github.com/apache/nifi-minifi Apache MiNiFi (a subproject of Apache NiFi) apache apache-2.0 116    
https://github.com/obspy/obspy ObsPy: A Python Toolbox for seismology/seismological observatories. obspy other 957    
https://github.com/DFIR-ORC/dfir-orc Forensics artefact collection tool for systems running Microsoft Windows DFIR-ORC lgpl-2.1 297    
https://github.com/alephdata/fingerprints Make it easier to compare and cross-reference the names of companies and people by applying strong normalisation. alephdata mit 113    
https://github.com/davidonzo/Threat-Intel Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS davidonzo mit 104    
https://github.com/Barakat/CVE-2019-16098 Local privilege escalation PoC exploit for CVE-2019-16098 Barakat   163    
https://github.com/dfirlabs/ntfs-specimens NTFS file system specimens dfirlabs cc-by-4.0 10    
https://github.com/LandGrey/pydictor A powerful and useful hacker dictionary builder for a brute-force attack LandGrey gpl-3.0 2522    
https://github.com/hectorm/hmirror Mirror of multiple third-party blocklists (updated daily). hectorm mit 129    
https://github.com/D4-project/analyzer-d4-ipa analyzer-d4-ipa (ICMP Passive Analysis) D4-project agpl-3.0 4    
https://github.com/MISP/misp-decaying-models MISP decaying models MISP other 8    
https://github.com/CIRCL/pypretalx Query Pretalx via the API. CIRCL apache-2.0 4    
https://github.com/Riebart/litt Low-intrusion time tracking with minimal workflow footprint, a CLI interface, basic REST API, and a single JSON file DB for painless interop. Riebart mpl-2.0 8    
https://github.com/bcoles/jira_scan A simple remote scanner for Atlassian Jira bcoles mit 90    
https://github.com/Cisco-Talos/GhIDA   Cisco-Talos apache-2.0 674    
https://github.com/mandiant/stringsifter A machine learning tool that ranks strings based on their relevance for malware analysis. mandiant apache-2.0 588    
https://github.com/pgarba/Saturn_Results This repo contains the tests and results that were done during the research of SATURN pgarba   28    
https://github.com/timothycrosley/pdocs A simple program and library to auto generate API documentation for Python modules. timothycrosley other 65    
https://github.com/cbassa/satellite_analysis Analysis scripts of things related to satellites cbassa gpl-3.0 230    
https://github.com/Yubico/yubikey-piv-manager Tool for configuring your PIV-enabled YubiKey Yubico gpl-3.0 38    
https://github.com/gkiril/oie-resources A curated list of Open Information Extraction (OIE) resources: papers, code, data, etc. gkiril   439    
https://github.com/vmware-archive/HexRaysDeob Hex-Rays microcode API plugin for breaking an obfuscating compiler vmware-archive gpl-3.0 58    
https://github.com/jollheef/lpe collection of verified Linux kernel exploits jollheef   178    
https://github.com/guanqun/git-punchcard-plot a tool to visualize the time distribution of commits guanqun   163    
https://github.com/benjeems/packetStrider A network packet forensics tool for SSH benjeems gpl-3.0 233    
https://github.com/bkerler/ghidra_installer Helper scripts to set up OpenJDK 11 and scale Ghidra for 4K on Ubuntu 18.04 / 18.10 bkerler mit 92    
https://github.com/DevoInc/sightingdb   DevoInc mit 15    
https://github.com/bartblaze/PHP-backdoors A collection of PHP backdoors. For educational or testing purposes only. bartblaze cc0-1.0 2090    
https://github.com/KimiNewt/pyshark Python wrapper for tshark, allowing python packet parsing using wireshark dissectors KimiNewt mit 1710    
https://github.com/datasciencescoop/Data-Science–Cheat-Sheet Cheat Sheets datasciencescoop   18411    
https://github.com/rs/curlie The power of curl, the ease of use of httpie. rs mit 2037    
https://github.com/csl-ugent/diablo Diablo is a retargetable link-time binary rewriting framework csl-ugent gpl-2.0 69    
https://github.com/kkreitmair/cve-indicator A Tool, for indicating if there is a CVE related to an openwrt package. kkreitmair other 5    
https://github.com/gdabah/distorm Powerful Disassembler Library For x86/AMD64 gdabah other 1062    
https://github.com/automayt/FlowPlotter Generates visualizations from the output of flow tools such as SiLK. automayt mit 33    
https://github.com/NationalSecurityAgency/enigma-simulator An educational demonstration of breaking the Enigma machine NationalSecurityAgency other 384    
https://github.com/dalance/nom-packrat Extension of nom to apply “Packrat Parsing” dalance apache-2.0 21    
https://github.com/google-research/arxiv-latex-cleaner arXiv LaTeX Cleaner: Easily clean the LaTeX code of your paper to submit to arXiv google-research apache-2.0 3278    
https://github.com/lukeolson/parxiv a simple script to assist in making a clean directory to upload to arxiv lukeolson mit 25    
https://github.com/zerotier/lf Fully Decentralized Fully Replicated Key/Value Store zerotier mpl-2.0 876    
https://github.com/corelight/pycommunityid A Python implementation of the Community ID flow hashing standard corelight bsd-3-clause 19    
https://github.com/1995parham/github-do-not-ban-us GitHub do not ban us from open source world :iran: 1995parham   11877    
https://github.com/fkie-cad/FACT_core Firmware Analysis and Comparison Tool fkie-cad gpl-3.0 944    
https://github.com/MISP/misp-bump Simple and secure synchronisation of MISP instances with mobile phones MISP   7    
https://github.com/aguinet/crappy Gandcrab v5.2 decryption scripts aguinet gpl-3.0 14    
https://github.com/fsphil/hacktv Analogue TV transmitter for the HackRF fsphil gpl-3.0 455    
https://github.com/epartington/rsa_nw_misp MISP Integration script epartington   3    
https://github.com/spyre-project/spyre simple YARA-based IOC scanner spyre-project lgpl-3.0 135    
https://github.com/hyc/fcrackzip A braindead program for cracking encrypted ZIP archives. Forked from http://oldhome.schmorp.de/marc/fcrackzip.html hyc gpl-2.0 378    
https://github.com/christianvoigt/argdown a simple syntax for complex argumentation christianvoigt   599    
https://github.com/hoangprod/AndrewSpecial AndrewSpecial, dumping lsass’ memory stealthily and bypassing “Cilence” since 2019. hoangprod   350    
https://github.com/kohler/click The Click modular router: fast modular packet processing and analysis kohler other 685    
https://github.com/D4-project/analyzer-d4-pibs Passive Identification of BackScatter (analyzer for D4 project) D4-project   4    
https://github.com/secdevops-cuse/CyberRange The Open-Source AWS Cyber Range secdevops-cuse   395    
https://github.com/anouarbensaad/vulnx vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning. anouarbensaad gpl-3.0 1523    
https://github.com/hedgeberg/RL78_sleigh An implementation of the RL78 ISA for Ghidra SRE hedgeberg mit 24    
https://github.com/aardappel/treesheets TreeSheets : Free Form Data Organizer (see strlen.com/treesheets) aardappel zlib 1910    
https://github.com/corelight/community-id-spec An open standard for hashing network flows into identifiers, a.k.a “Community IDs”. corelight bsd-3-clause 137    
https://github.com/haam3r/mmquery A command line utility for querying the MatterMost API for various auditing or reporting purposes haam3r mit 2    
https://github.com/hockeypuck/hockeypuck OpenPGP Key Server hockeypuck other 199    
https://github.com/Zer0Mem0ry/KernelBhop Cheat that uses a driver instead WinAPI for Reading / Writing memory. Zer0Mem0ry   586    
https://github.com/cybertier/mispbump Simple and secure synchronisation of MISP instances cybertier   5    
https://github.com/D4-project/snake-oil-crypto Spotting and sharing weak cryptographic key materials D4-project agpl-3.0 8    
https://github.com/RsaCtfTool/RsaCtfTool RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data RsaCtfTool other 3965    
https://github.com/YuanGongND/ReMASC ReMASC: Realistic Replay Attack Corpus for Voice Controlled Systems YuanGongND   29    
https://github.com/square/sudo_pair Plugin for sudo that requires another human to approve and monitor privileged sudo sessions square apache-2.0 1169    
https://github.com/Normation/rudder Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way. Normation gpl-3.0 394    
https://github.com/SecurityInnovation/PGPy Pretty Good Privacy for Python SecurityInnovation bsd-3-clause 264    
https://github.com/MichaelMure/git-bug Distributed, offline-first bug tracker embedded in git, with bridges MichaelMure gpl-3.0 5803    
https://github.com/toofishes/python-pgpdump PGP packet parser library toofishes other 53    
https://github.com/tianon/pgp-happy-eyeballs DEPRECATED; like “happy eyeballs” (ipv4/ipv6), but for flaky PGP gossip servers tianon mit 33    
https://github.com/graphsense/graphsense-tagpacks A collection of public TagPacks graphsense mit 19    
https://github.com/stipub/stixfonts OpenType Unicode fonts for Scientific, Technical, and Mathematical texts stipub ofl-1.1 500    
https://github.com/mmistakes/made-mistakes-jekyll Deprecated source for mademistakes.com. Previously built with Jekyll, Gulp, and Netlify. mmistakes mit 440    
https://github.com/fengjixuchui/FuzzingPaper Recent Fuzzing Paper fengjixuchui   338    
https://github.com/MandConsultingGroup/ring3-kit Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation) MandConsultingGroup mit 60    
https://github.com/OpenLI-NZ/openli Open Source ETSI compliant Lawful Intercept software OpenLI-NZ gpl-3.0 63    
https://github.com/lunixbochs/patchkit binary patching from Python lunixbochs other 602    
https://github.com/danburzo/percollate A command-line tool to turn web pages into beautiful, readable PDF, EPUB, or HTML docs. danburzo mit 3696    
https://github.com/BishopFox/sliver Adversary Emulation Framework BishopFox gpl-3.0 4552    
https://github.com/patois/mrspicky MrsPicky - An IDAPython decompiler script that helps auditing calls to the memcpy() and memmove() functions. patois other 98    
https://github.com/apilayer/geolocationapi IP Geolocation API is a free service for locating your visitors in real-time with detailed country information. apilayer mit 494    
https://github.com/sundowndev/phoneinfoga Information gathering framework for phone numbers sundowndev gpl-3.0 7770    
https://github.com/ufrisk/LeechCore LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent ufrisk gpl-3.0 262    
https://github.com/sagi/fastgcd Fastgcd is a C implementation of an efficient algorithm to compute the pairwise GCDs of a collection of integers. The algorithm is due to Bernstein and is a simplified version of (http://cr.yp.to/papers.html#smoothparts). sagi gpl-3.0 15    
https://github.com/eyxue/fastgcd   eyxue   6    
https://github.com/SpiderLabs/DoHC2 DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH). SpiderLabs   404    
https://github.com/ryhanson/ExternalC2 A library for integrating communication channels with the Cobalt Strike External C2 server ryhanson mit 263    
https://github.com/StamusNetworks/surimisp Check IOC provided by a MISP instance on Suricata events StamusNetworks gpl-3.0 16    
https://github.com/melicertes/csp The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation. melicertes other 29    
https://github.com/FeatureBaseDB/featurebase A real-time analytical database built on bitmaps. Learn more at: http://docs.featurebase.com?utm_campaign=Open%20Source&utm_source=GitHub FeatureBaseDB other 2348    
https://github.com/cdisselkoen/pitchfork Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr) cdisselkoen bsd-3-clause 73    
https://github.com/WebBreacher/WhatsMyName This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects. WebBreacher other 1009    
https://github.com/Shashank-In/TravisLeaks A tool to find sensitive keys and passwords in Travis logs Shashank-In   131    
https://github.com/grafeas/grafeas Artifact Metadata API grafeas apache-2.0 1393    
https://github.com/emvivre/iq_toolbox Toolbox for IQ signal processing emvivre   19    
https://github.com/Comsecuris/gdbghidra gdbghidra - a visual bridge between a GDB session and GHIDRA Comsecuris mit 277    
https://github.com/paypal/yurita Anomaly detection framework @ PayPal paypal apache-2.0 104    
https://github.com/koskenni/beta An open source reimplementation of Benny Brodda’s BETA in Python koskenni   63    
https://github.com/CIRCL/douglas-quaid Open source software for image correlation, distance and analysis CIRCL gpl-3.0 58    
https://github.com/EC-DIGIT-CSIRC/RFC2350 RFC2350 for EC DIGIT CSIRC EC-DIGIT-CSIRC   1    
https://github.com/teoseller/osquery-attck Mapping the MITRE ATT&CK Matrix with Osquery teoseller apache-2.0 670    
https://github.com/madsen/vbindiff Visual Binary Diff (VBinDiff) displays files in hex & ASCII and can highlight the differences between 2 files madsen   404    
https://github.com/certat/do-portal This project is in maintenance mode and will only receive bug fixes, but no new features. A new version of this software is being developed. certat   5    
https://github.com/cert-se/megatron-java Megatron - A System for Abuse- and Incident Handling cert-se apache-2.0 40    
https://github.com/grapl-security/grapl Graph platform for Detection and Response grapl-security apache-2.0 663    
https://github.com/githubuserx/scraper Firmware scraper githubuserx mit 2    
https://github.com/k8gege/CVE-2019-0708 3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check) k8gege   376    
https://github.com/ProtonMail/gopenpgp A high-level OpenPGP library ProtonMail mit 775    
https://github.com/geekscrapy/misp-batchobjects Import MISP objects via CSV geekscrapy   4    
https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES Windows Events Attack Samples sbousseaden gpl-3.0 1770    
https://github.com/SteveClement/ioc_parser Tool to extract indicators of compromise from security reports in PDF format SteveClement other 2    
https://github.com/Vincent-CIRCL/visjs_classificator Classificator for pictures matching and clustering. Fast and visual. Vincent-CIRCL gpl-3.0 5    
https://github.com/IntelligenceX/SDK Public SDK for Intelligence X IntelligenceX   248    
https://github.com/rabobank-cdc/DeTTECT Detect Tactics, Techniques & Combat Threats rabobank-cdc gpl-3.0 1516    
https://github.com/vaticle/typedb TypeDB: a strongly-typed database vaticle agpl-3.0 3231    
https://github.com/FrenchYeti/dexcalibur [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform. FrenchYeti apache-2.0 862    
https://github.com/rsmmr/hilti NOTE: This is outdated and no longer maintained. There’s a new version at https://github.com/zeek/spicy. rsmmr other 40    
https://github.com/nfc-tools/miLazyCracker Mifare Classic Plus - Hardnested Attack Implementation for SCL3711 LibNFC USB reader nfc-tools   237    
https://github.com/mandiant/flare-kscldr FLARE Kernel Shellcode Loader mandiant apache-2.0 167    
https://github.com/P4T12ICK/Sigma2SplunkAlert Converts Sigma detection rules to a Splunk alert configuration. P4T12ICK mit 88    
https://github.com/ivanceras/svgbob Convert your ascii diagram scribbles into happy little SVG ivanceras apache-2.0 3318    
https://github.com/timescale/timescaledb An open-source time-series SQL database optimized for fast ingest and complex queries. Packaged as a PostgreSQL extension. timescale other 13975    
https://github.com/QBDI/QBDI A Dynamic Binary Instrumentation framework based on LLVM. QBDI other 1025    
https://github.com/m4b/faerie Magical ELF and Mach-o object file writer backend m4b mit 222    
https://github.com/ghidraninja/ghidra_scripts Scripts for the Ghidra software reverse engineering suite. ghidraninja gpl-3.0 877    
https://github.com/kaonashi-passwords/Kaonashi Wordlist, rules and masks from Kaonashi project (RootedCON 2019) kaonashi-passwords gpl-3.0 658    
https://github.com/botherder/snoopdroid (Abandoned) Extract packages from an Android device botherder gpl-3.0 47    
https://github.com/botherder/pcqf pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise. botherder other 114    
https://github.com/streaak/keyhacks Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they’re valid. streaak   3242    
https://github.com/hugsy/gef GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux hugsy mit 5122    
https://github.com/infertux/zeyple Postfix filter/hook to automatically encrypt outgoing emails with PGP/GPG infertux other 136    
https://github.com/optimyze/simple_simhash A pure ANSI-C implementation of calculating a SimHash over 4-byte tuples (including multiplicities) for a given byte stream. Simple and reasonably fast, no dynamic memory allocations (outside of some stack usage). Uses a counting bloom filter to count multiplicities while keeping memory consumption constant. optimyze apache-2.0 38    
https://github.com/area9innovation/flow9 Platform for safe, easy and productive programming of complex, multi-platform apps with a modern user interface area9innovation other 545    
https://github.com/GiacomoLaw/Keylogger A simple keylogger for Windows, Linux and Mac GiacomoLaw mit 1504    
https://github.com/denisugarte/PowerDrive A tool for de-obfuscating PowerShell scripts denisugarte gpl-3.0 59    
https://github.com/mchehab/zbar ZBar is an open source software suite for reading bar codes from various sources, including webcams. As its development stopped in 2012, I took the task of keeping it updated with the V4L2 API. This is the main repository for it. There’s a clone at at LinuxTV.org, and another one at gitlab. mchehab lgpl-2.1 586    
https://github.com/mandiant/vocab_scraper Vocabulary Scraper script used in FLARE’s analysis of Russian-language Carbanak source code mandiant apache-2.0 35    
https://github.com/cool-RR/PySnooper Never use print for debugging again cool-RR mit 15308    
https://github.com/sa7mon/miniprint A medium interaction printer honeypot 🍯 sa7mon gpl-3.0 187    
https://github.com/inaturalist/inaturalist The Rails app behind iNaturalist.org inaturalist mit 517    
https://github.com/airbus-cert/regrippy A modern Python-3-based alternative to RegRipper airbus-cert apache-2.0 157    
https://github.com/VSCodium/vscodium binary releases of VS Code without MS branding/telemetry/licensing VSCodium mit 18198    
https://github.com/SURFnet/honas Experimental implementation of DNS query collection based on Bloom filters SURFnet bsd-3-clause 5    
https://github.com/tboox/tbox 🎁 A glib-like multi-platform c library tboox apache-2.0 4180    
https://github.com/zeek/zeek Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. zeek other 4807    
https://github.com/t2mune/mrtparse MRT format data parser t2mune apache-2.0 116    
https://github.com/D4-project/analyzer-d4-passivessl   D4-project agpl-3.0 4    
https://github.com/olafhartong/ATTACKdatamap A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework olafhartong mit 320    
https://github.com/NLnetLabs/ldns LDNS is a DNS library that facilitates DNS tool programming NLnetLabs bsd-3-clause 221    
https://github.com/runZeroInc/runzero-tools Open source tools, libraries, and datasets related to the runZero product and associated research runZeroInc mit 95    
https://github.com/google/vulncode-db Vulncode-DB project google apache-2.0 565    
https://github.com/kitian616/jekyll-TeXt-theme 💎 🐳 A super customizable Jekyll theme for personal site, team site, blog, project, documentation, etc. kitian616 mit 2584    
https://github.com/yampelo/samparser A python script used to parse the SAM registry hive. yampelo   70    
https://github.com/yampelo/beagle Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs. yampelo mit 1163    
https://github.com/bjoern-r/corenet Minimal LTE / EPC core network bjoern-r gpl-2.0 4    
https://github.com/tudo-cni/corenet Minimal LTE / EPC core network tudo-cni gpl-2.0 5    
https://github.com/rednaga/APKiD Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android rednaga other 1417    
https://github.com/tenable/router_badusb BadUSB in Routers tenable   175    
https://github.com/PaulSec/crt.sh (Unofficial) Python API for https://crt.sh PaulSec mit 101    
https://github.com/hrbrmstr/ipasnhistory Retrieve Announcement History for IP Addresses hrbrmstr   9    
https://github.com/valeriansaliou/sonic 🦔 Fast, lightweight & schema-less search backend. An alternative to Elasticsearch that runs on a few MBs of RAM. valeriansaliou mpl-2.0 16681    
https://github.com/mkorman90/regipy Regipy is an os independent python library for parsing offline registry hives mkorman90 mit 205    
https://github.com/ejrv/VPNs List of datacenter & VPN IP addresses     325    
https://github.com/D4-project/bgpdumpy (do no use, the trunk supports python 3 now) A Python CFFI wrapper for analyzing MRTv1 and MRTv2 BGP table dump files D4-project bsd-3-clause 1    
https://github.com/certtools/stats-portal statistics portal for the eventDB certtools agpl-3.0 3    
https://github.com/CaitlinHuey/cti-sep-repository OASIS TC Open Repository: STIX Enhancement Proposals (SEPs) https://github.com/oasis-open/cti-sep-repository CaitlinHuey other 2    
https://github.com/outflanknl/RedELK Red Team’s SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations. outflanknl bsd-3-clause 1968    
https://github.com/seaglass-project/seaglass-app The Android app for scanning GSM networks with OsmocomBB-compatible phones seaglass-project apache-2.0 11    
https://github.com/daenerys-sre/source Daenerys: A framework for interoperability between IDA and Ghidra daenerys-sre mit 284    
https://github.com/sfakiana/FIRST-CTI-2019 References for FIRST CTI 2019 Symposium presentation sfakiana   22    
https://github.com/burritoblue/attck4fraud Principles of MITRE ATT&CK in the fraud domain burritoblue   26    
https://github.com/krotik/eliasdb EliasDB a graph-based database. krotik mpl-2.0 950    
https://github.com/robcowart/elastiflow Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack robcowart other 2384    
https://github.com/corkami/sbud An experimental file formats playground corkami   73    
https://github.com/erdewit/distex Distributed process pool for Python erdewit bsd-2-clause 102    
https://github.com/ninoseki/osakana A Swiss army knife tool for my phishing research ninoseki mit 11    
https://github.com/nl5887/notebooks Notebook collection nl5887 mit 10    
https://github.com/textstat/textstat :memo: python package to calculate readability statistics of a text object - paragraphs, sentences, articles. textstat mit 881    
https://github.com/certsocietegenerale/NotifySecurity Outlook add-in companion to report suspicious mail easily certsocietegenerale gpl-3.0 115    
https://github.com/LDO-CERT/BIND_Sinkhole Bind Sinkhole from MISP - Docker Image (dnstap enabled) LDO-CERT   5    
https://github.com/CrowdStrike/automactc AutoMacTC: Automated Mac Forensic Triage Collector CrowdStrike other 439    
https://github.com/Snapchat/KeyDB A Multithreaded Fork of Redis Snapchat bsd-3-clause 5888    
https://github.com/rust-lang/mdBook Create book from markdown files. Like Gitbook but implemented in Rust rust-lang mpl-2.0 11038    
https://github.com/alphasoc/flightsim A utility to safely generate malicious network traffic patterns and evaluate controls. alphasoc other 778    
https://github.com/tom-seddon/ghidra_6502 New 6502 language module for Ghidra tom-seddon   5    
https://github.com/CIRCL/carl-hauser Open Source testing framework for image correlation, distance and analysis CIRCL gpl-3.0 37    
https://github.com/NationalSecurityAgency/ghidra Ghidra is a software reverse engineering (SRE) framework NationalSecurityAgency apache-2.0 35456    
https://github.com/inters/vita Vita: simple and fast VPN gateway inters apache-2.0 691    
https://github.com/tidwall/tile38 Real-time Geospatial and Geofencing tidwall mit 8332    
https://github.com/REDasmOrg/REDasm-Database REDasm Signature Database REDasmOrg   6    
https://github.com/tklengyel/drakvuf DRAKVUF Black-box Binary Analysis tklengyel other 830    
https://github.com/MISP/misp-training MISP trainings, threat intel and information sharing training materials with source code MISP   287    
https://github.com/burtonator/polar-bookshelf Polar is a personal knowledge repository for PDF and web content supporting incremental reading and document annotation. burtonator gpl-3.0 4476    
https://github.com/uxmal/reko Reko is a binary decompiler. uxmal gpl-2.0 1431    
https://github.com/nwmap/elf_analysis Perform Static and dynamic analysis on 32 bit ELF binary, and automate the process of stack based overflow exploitation. nwmap   46    
https://github.com/intel/hyperscan High-performance regular expression matching library intel other 3935    
https://github.com/Northern-Lights/yara-parser Tools for parsing rulesets using the exact grammar as YARA. Written in Go. Northern-Lights mit 69    
https://github.com/plyara/plyara Parse YARA rules and operate over them more easily. plyara apache-2.0 135    
https://github.com/cockroachdb/pebble RocksDB/LevelDB inspired key-value database in Go cockroachdb bsd-3-clause 3202    
https://github.com/wbenny/DetoursNT Detours with just single dependency - NTDLL wbenny mit 453    
https://github.com/nbulischeck/tyton Kernel-Mode Rootkit Hunter nbulischeck gpl-3.0 344    
https://github.com/gaubert/gmvault gmail backup software gaubert agpl-3.0 3465    
https://github.com/simdjson/simdjson Parsing gigabytes of JSON per second simdjson apache-2.0 16197    
https://github.com/coleifer/ucache gametight lightweight caching library for python coleifer mit 61    
https://github.com/coleifer/walrus Lightweight Python utilities for working with Redis coleifer mit 1032    
https://github.com/coleifer/micawber a small library for extracting rich content from urls coleifer mit 588    
https://github.com/coleifer/huey a little task queue for python coleifer mit 4249    
https://github.com/JohannesBuchner/imagehash A Python Perceptual Image Hashing Module JohannesBuchner bsd-2-clause 2564    
https://github.com/benhoyt/dhash Python library to calculate the difference hash (perceptual hash) for a given image, useful for detecting duplicates benhoyt mit 268    
https://github.com/ANSSI-FR/SecuML Machine Learning for Computer Security ANSSI-FR gpl-2.0 251    
https://github.com/dfirlabs/mbr-specimens MBR volume system specimens dfirlabs cc-by-4.0 3    
https://github.com/Lookyloo/har2tree Make a tree from a HAR file Lookyloo other 4    
https://github.com/botherder/kraken Cross-platform Yara scanner written in Go botherder gpl-3.0 303    
https://github.com/jamesturk/jellyfish 🎐 a python library for doing approximate and phonetic matching of strings. jamesturk bsd-2-clause 1738    
https://github.com/secrary/idenLib idenLib - Library Function Identification [This project is not maintained anymore] secrary mit 360    
https://github.com/fr0gger/Yara-Unprotect This repository regroups the Yara Rules for the Unprotect Project fr0gger   20    
https://github.com/williamgilpin/cfgen Parse a text corpus and generate sentences in the same style using context-free grammar combined with a Markov chain. williamgilpin   36    
https://github.com/google/corpuscrawler Crawler for linguistic corpora google other 158    
https://github.com/dperezrada/keywords2vec   dperezrada apache-2.0 120    
https://github.com/attzonko/mmpy_bot A python-based chatbot for Mattermost (http://www.mattermost.org). attzonko mit 191    
https://github.com/erbbysam/DNSGrep Quickly Search Large DNS Datasets erbbysam mit 539    
https://github.com/TheBerkin/rant3 (Obsolete) Archive of Rant 3.x. TheBerkin mit 3008    
https://github.com/wireapp/wire :wavy_dash: Overview of the open source code for Wire wireapp gpl-3.0 2236    
https://github.com/hslatman/awesome-threat-intelligence A curated list of Awesome Threat Intelligence resources hslatman apache-2.0 5512    
https://github.com/izar/pytm A Pythonic framework for threat modeling izar other 622    
https://github.com/F5OEO/rpitx RF transmitter for Raspberry Pi F5OEO gpl-3.0 3239    
https://github.com/D4-project/sensor-d4-tls-fingerprinting Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s D4-project mit 34    
https://github.com/FORTH-ICS-INSPIRE/artemis ARTEMIS: Real-Time Detection and Automatic Mitigation for BGP Prefix Hijacking. This is the main ARTEMIS repository that composes artemis-frontend, artemis-backend, artemis-monitor and other needed containers. FORTH-ICS-INSPIRE bsd-3-clause 260    
https://github.com/codelucas/newspaper News, full-text, and article metadata extraction in Python 3. Advanced docs: codelucas mit 12236    
https://github.com/vi/websocat Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions vi mit 4730    
https://github.com/dvorka/mindforger Thinking notebook and Markdown editor. dvorka gpl-2.0 1885    
https://github.com/StevenBlack/hosts 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. StevenBlack mit 21751    
https://github.com/nforest/awesome-decompilation A curated list of awesome decompilation resources and projects. nforest   462    
https://github.com/k-vitali/TrickBot-share This repository consists of various malware related RE code. k-vitali   8    
https://github.com/wbenny/pdbex pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers wbenny mit 678    
https://github.com/k-vitali/apt_lazarus_toolkits This repository contains various extractable for Lazarus. k-vitali   2    
https://github.com/MISP/best-practices-in-threat-intelligence Best practices in threat intelligence MISP   40    
https://github.com/MISP/intelligence-icons intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2. MISP cc-by-sa-4.0 31    
https://github.com/rommelfs/misp_btc get BTC addresses from MISP and fetch BTC transactions rommelfs   6    
https://github.com/jopohl/urh Universal Radio Hacker: Investigate Wireless Protocols Like A Boss jopohl gpl-3.0 8788    
https://github.com/EmersonElectricCo/fsf File Scanning Framework EmersonElectricCo apache-2.0 260    
https://github.com/Cisco-Talos/DynDataResolver   Cisco-Talos   196    
https://github.com/DimitarPetrov/stegify 🔍 Go tool for LSB steganography, capable of hiding any file within an image. DimitarPetrov mit 1053    
https://github.com/kristoff-it/redis-cuckoofilter Hashing-function agnostic Cuckoo filters for Redis kristoff-it mit 205    
https://github.com/Kronuz/Xapiand Xapiand: A RESTful Search Engine Kronuz mit 364    
https://github.com/drakkar-lig/scamper-pywarts Pure-python library allowing to read the Warts file format produced by Scamper (an Internet measurement tool from CAIDA) drakkar-lig mit 14    
https://github.com/D4-project/d4-goclient D4 core software client in Go D4-project mit 11    
https://github.com/gimli-rs/gimli A blazing fast library for consuming the DWARF debugging format gimli-rs apache-2.0 631    
https://github.com/Zero-Tang/NoirVisor The Grimoire Hypervisor solution for x86 Processors. Zero-Tang mit 298    
https://github.com/droberson/ELFcrypt Simple ELF crypter. Uses RC4 encryption. droberson mit 64    
https://github.com/matonis/yara_tools Create an entire YARA rule via Python? Whhhhhhaatttt? matonis mit 63    
https://github.com/dns-violations/dnsflagday DNS flag day dns-violations   138    
https://github.com/eduardsui/tlse Single C file TLS 1.2/1.3 implementation, using tomcrypt as crypto library eduardsui bsd-2-clause 470    
https://github.com/olive-editor/olive Free open-source non-linear video editor olive-editor other 6539    
https://github.com/rsms/inter The Inter font family rsms other 14565    
https://github.com/mattnotmax/cyberchef-recipes A list of cyber-chef recipes and curated links mattnotmax   1386    
https://github.com/NationalSecurityAgency/DCP Digest, stat, and copy files from one location to another in the same read pass NationalSecurityAgency other 322    
https://github.com/MyKings/python-masscan python-masscan is a python library which helps in using masscan port scanner. MyKings gpl-3.0 253    
https://github.com/flairNLP/flair A very simple framework for state-of-the-art Natural Language Processing (NLP) flairNLP other 12168    
https://github.com/intelpt/WindowsIntelPT This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows intelpt gpl-3.0 340    
https://github.com/Neo23x0/vti-dorks Awesome VirusTotal Intelligence Search Queries Neo23x0 unlicense 259    
https://github.com/nopn0p/rkorova ld_preload userland rootkit nopn0p mit 35    
https://github.com/rthalley/dnspython a powerful DNS toolkit for python rthalley other 2027    
https://github.com/fmadio/pcap_genflow Generate randomized PCAP data based on netflows fmadio gpl-2.0 2    
https://github.com/jaegeral/osint_to_timesketch Virustotal Data to Timesketch jaegeral mit 15    
https://github.com/eCrimeLabs/ja3toMISP Extracts JA3 fingerprints from a PCAP and adds them to an event in MISP as objects eCrimeLabs mit 9    
https://github.com/notable/notable The Markdown-based note-taking app that doesn’t suck. notable   20488    
https://github.com/ulid/spec The canonical spec for ulid ulid gpl-3.0 4910    
https://github.com/9b/netinfo Simple IP enrichment service and API wrapping PyASN and MaxMind GeoIP. 9b mit 69    
https://github.com/Bashfuscator/Bashfuscator A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team. Bashfuscator mit 1011    
https://github.com/hackerb9/lsix Like “ls”, but for images. Shows thumbnails in terminal using sixel graphics. hackerb9 gpl-3.0 2784    
https://github.com/aliasrobotics/ros_volatility   aliasrobotics   1    
https://github.com/gwillem/magento-malware-scanner Scanner, signatures and the largest collection of Magento malware gwillem gpl-3.0 650    
https://github.com/minio/minio Multi-Cloud :cloud: Object Storage minio agpl-3.0 36112    
https://github.com/felipensp/itrace Tracks runtime instruction execution in Linux programs felipensp mit 23    
https://github.com/craigz28/firmwalker Script for searching the extracted firmware file system for goodies! craigz28 gpl-3.0 786    
https://github.com/mvrozanti/RAT-via-Telegram Windows Remote Administration Tool via Telegram mvrozanti mit 549    
https://github.com/hrbrmstr/docparser 🧰 Tools to Upload/Parse Documents to ‘docparser’ and Retrieve Extracted Results hrbrmstr   5    
https://github.com/dreadl0ck/netcap A framework for secure and scalable network traffic analysis - https://netcap.io dreadl0ck gpl-3.0 1580    
https://github.com/42wim/matterbridge bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams, nextcloud, mumble, vk and more with REST API (mattermost not required!) 42wim apache-2.0 5273    
https://github.com/zbetcheckin/Security_list Great security list for fun and profit zbetcheckin   1512    
https://github.com/coleifer/greendb server frontend for lmdb coleifer   20    
https://github.com/MISP/cti-python-stix2 OASIS TC Open Repository: Python APIs for STIX 2 (MISP Fork) MISP bsd-3-clause 7    
https://github.com/sogeti-esec-lab/REBoot Bootkits Revisited sogeti-esec-lab gpl-3.0 43    
https://github.com/CiscoCXSecurity/linikatz linikatz is a tool to attack AD on UNIX CiscoCXSecurity bsd-3-clause 326    
https://github.com/atc-project/atomic-threat-coverage Actionable analytics designed to combat threats atc-project apache-2.0 845    
https://github.com/mitre-attack/car Cyber Analytics Repository mitre-attack apache-2.0 719    
https://github.com/elastic/ecs Elastic Common Schema elastic apache-2.0 870    
https://github.com/9b/google-alerts Python library for automating the administration of Google Alerts. 9b mit 83    
https://github.com/log2timeline/dfvfs Digital Forensics Virtual File System (dfVFS) log2timeline apache-2.0 174    
https://github.com/PaloAltoNetworks/WireLurkerDetector Script for detecting the WireLurker malware family PaloAltoNetworks isc 414    
https://github.com/fugawi/mate Mitre Att&ck Technique Emulation fugawi   78    
https://github.com/jsvine/pdfplumber Plumb a PDF for detailed information about each char, rectangle, line, et cetera — and easily extract text and tables. jsvine mit 3167    
https://github.com/austin-taylor/twitter_feed List of Cybersecurity professionals to follow based on categorized domain expertise austin-taylor   3    
https://github.com/Raikia/FiercePhish FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. Raikia gpl-3.0 1131    
https://github.com/JonathanSalwan/Tigress_protection Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM. JonathanSalwan   673    
https://github.com/secureworks/dalton Suricata and Snort IDS rule and pcap testing system secureworks apache-2.0 355    
https://github.com/digital4rensics/Malformity Malformity is a Maltego project based on the Canari framework for malicious binary and infrastructure research. digital4rensics   119    
https://github.com/McGill-DMaS/Kam1n0-Community The Kam1n0 Assembly Analysis Platform McGill-DMaS apache-2.0 578    
https://github.com/hannob/vulns Named vulnerabilities and their practical impact hannob other 403    
https://github.com/jaegeral/osint-timelines Providing timelines based on OSINT Reports jaegeral mit 32    
https://github.com/D4-project/d4-core D4 core software (server and sample sensor client) D4-project agpl-3.0 39    
https://github.com/frikky/pyQRadar QRadar library for Python frikky mit 2    
https://github.com/ggerganov/kbd-audio 🎤⌨️ Acoustic keyboard eavesdropping ggerganov mit 5748    
https://github.com/joswr1ght/cowpatty coWPAtty: WPA2-PSK Cracking joswr1ght bsd-3-clause 139    
https://github.com/Captainarash/The_Holy_Book_of_X86 A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS…. Captainarash cc-by-sa-4.0 729    
https://github.com/jofpin/trape People tracker on the Internet: OSINT analysis and research tool by Jose Pino jofpin   7246    
https://github.com/Tierion/pymerkletools Python tools for creating Merkle trees, generating Merkle proofs, and verification of Merkle proofs Tierion mit 138    
https://github.com/pytroll/satpy Python package for earth-observing satellite data processing pytroll gpl-3.0 866    
https://github.com/pothosware/SoapyRedPitaya SoapySDR Red Pitaya module pothosware gpl-3.0 7    
https://github.com/flightaware/dump1090 Dump1090 is a simple Mode S decoder for RTLSDR devices flightaware other 695    
https://github.com/bitkeks/python-netflow-v9-softflowd PyPI “netflow” package. NetFlow v9 parser, collector and analyzer implemented in Python 3. Developed and tested with softflowd bitkeks mit 85    
https://github.com/malwaredllc/byob An open-source post-exploitation framework for students, researchers and developers. malwaredllc gpl-3.0 7990    
https://github.com/Ledger-Donjon/lascar Ledger’s Advanced Side-Channel Analysis Repository Ledger-Donjon lgpl-3.0 329    
https://github.com/holoviz/holoviews With Holoviews, your data visualizes itself. holoviz bsd-3-clause 2303    
https://github.com/BoomerangDecompiler/boomerang Boomerang Decompiler - Fighting the code-rot :) BoomerangDecompiler other 322    
https://github.com/NC3-LU/Diagnostic Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization. NC3-LU agpl-3.0 11    
https://github.com/thecasualcoder/tztail tztail (TimeZoneTAIL) allows you to view logs in the timezone you want thecasualcoder mit 230    
https://github.com/CERT-Polska/mwdb-core Malware repository component for samples & static configuration with REST API interface. CERT-Polska other 232    
https://github.com/google/google-ctf Google CTF google apache-2.0 3129    
https://github.com/cert-ee/s4a S4A main repository. SaltStack states, install script and build scripts cert-ee mit 22    
https://github.com/pfalcon/ScratchABlock Yet another crippled decompiler project pfalcon gpl-3.0 87    
https://github.com/keycloak/keycloak Open Source Identity and Access Management For Modern Applications and Services keycloak apache-2.0 13974    
https://github.com/antirez/RESP3 RESP protocol V3 repository. Contains the specification, and other related resource antirez   191    
https://github.com/intrigueio/intrigue-core Discover Your Attack Surface! intrigueio other 1214    
https://github.com/certsocietegenerale/swordphish-awareness Swordphish Phishing Awareness Tool certsocietegenerale gpl-3.0 197    
https://github.com/threatstop/crl-ocsp-whitelist   threatstop   4    
https://github.com/triq-org/bitbench Visually dissect and analyze bit strings triq-org mit 125    
https://github.com/cylance/CyBot Open Source Threat Intelligence Chat Bot cylance   292    
https://github.com/pjreddie/darknet Convolutional Neural Networks pjreddie other 23449    
https://github.com/isc-projects/dnsgen DNS packet generator isc-projects mpl-2.0 32    
https://github.com/fdurvaux/sca-redpitaya   fdurvaux   8    
https://github.com/Wenzel/r2vmi Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins Wenzel agpl-3.0 133    
https://github.com/Concinnity-Risks/LogisticalBudget This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, order, compare, or visualise quickly threat actors demonstrated operational capacities. In other words, it is meant to answer questions like ‘Which APT produces the most binaries yearly’, or ‘which apt uses the most daomains’. Concinnity-Risks apache-2.0 35    
https://github.com/wtsxDev/reverse-engineering List of awesome reverse engineering resources wtsxDev   7085    
https://github.com/intezer/ppyssdeep pure python ssdeep intezer   4    
https://github.com/joxeankoret/pigaios A tool for matching and diffing source codes directly against binaries. joxeankoret gpl-3.0 528    
https://github.com/m4ll0k/Infoga Infoga - Email OSINT m4ll0k gpl-3.0 1677    
https://github.com/m4ll0k/Atlas Quick SQLMap Tamper Suggester m4ll0k gpl-3.0 988    
https://github.com/geekscrapy/binGraph Simple tool to graph files for quick analysis geekscrapy agpl-3.0 52    
https://github.com/mmarkdown/mmark Mmark: a powerful markdown processor in Go geared towards the IETF mmarkdown other 421    
https://github.com/newaetech/chipwhisperer ChipWhisperer - the complete open-source toolchain for side-channel power analysis and glitching attacks newaetech other 790    
https://github.com/D4-project/IPASN-History IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date D4-project agpl-3.0 71    
https://github.com/michenriksen/wikiranger Gather information on Wiki contributions from IP ranges michenriksen mit 24    
https://github.com/simonw/datasette An open source multi-tool for exploring and publishing data simonw apache-2.0 6596    
https://github.com/RedisAI/RedisAI A Redis module for serving tensors and executing deep learning graphs RedisAI other 725    
https://github.com/advanced-threat-research/Yara-Rules Repository of YARA rules made by Trellix ATR Team advanced-threat-research apache-2.0 446    
https://github.com/nospaceships/raw-socket-sniffer Packet capture on Windows without a kernel driver nospaceships   164    
https://github.com/scala-native/scala-native Your favorite language gets closer to bare metal. scala-native other 4223    
https://github.com/Neo23x0/radiocarbon Leak File Analyzer Neo23x0 apache-2.0 59    
https://github.com/salesforce/hassh HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint. salesforce bsd-3-clause 467    
https://github.com/target/strelka Real-time, container-based file scanning at enterprise scale target other 584    
https://github.com/open5gs/open5gs Open5GS is a C-language Open Source implementation for 5G Core and EPC, i.e. the core network of LTE/NR network (Release-16) open5gs agpl-3.0 990    
https://github.com/chris408/known_hosts-hashcat A guide and tool for cracking ssh known_hosts files with hashcat chris408   287    
https://github.com/plotly/dash Analytical Web Apps for Python, R, Julia, and Jupyter. No JavaScript Required. plotly mit 17585    
https://github.com/woj-ciech/Danger-zone Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files. woj-ciech   654    
https://github.com/scylladb/scylladb NoSQL data store using the seastar framework, compatible with Apache Cassandra scylladb agpl-3.0 8614    
https://github.com/scylladb/charybdefs ScyllaDB fault injection filesystem scylladb other 224    
https://github.com/cmu-sei/cyobstract A tool to extract structured cyber information from incident reports. cmu-sei other 68    
https://github.com/bakirtzisg/cybok-cli A vulnerability assessment tool for system models bakirtzisg bsd-3-clause 12    
https://github.com/TheHive-Project/Hippocampe Threat Feed Aggregation, Made Easy TheHive-Project agpl-3.0 157    
https://github.com/stamparm/maltrail Malicious traffic detection system stamparm mit 4786    
https://github.com/volatilityfoundation/community Volatility plugins developed and maintained by the community volatilityfoundation   306    
https://github.com/trunkmaster/nextspace NeXTSTEP-like desktop environment for Linux trunkmaster gpl-3.0 1714    
https://github.com/palantir/alerting-detection-strategy-framework A framework for developing alerting and detection strategies for incident response. palantir mit 474    
https://github.com/CIRCL/SquashFu A backup program employing the use of SquashFS, Aufs and Rsync CIRCL mit 11    
https://github.com/mvelazc0/Oriana Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments. mvelazc0 bsd-3-clause 170    
https://github.com/chris408/ct-exposer An OSINT tool that discovers sub-domains by searching Certificate Transparency logs chris408 gpl-3.0 418    
https://github.com/kanishka-linux/reminiscence Self-Hosted Bookmark And Archive Manager kanishka-linux agpl-3.0 1606    
https://github.com/flipkart-incubator/RTA Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company’s layer 7 assets. flipkart-incubator apache-2.0 374    
https://github.com/eCrimeLabs/securityonion-ecrimelabs Implementation of informaiton from MISP through the eCrimeLabs API and into SecurityOnion eCrimeLabs mit 6    
https://github.com/benfred/py-spy Sampling profiler for Python programs benfred mit 9298    
https://github.com/hlldz/SpookFlare Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures. hlldz apache-2.0 918    
https://github.com/linkedin/Burrow Kafka Consumer Lag Checking linkedin apache-2.0 3360    
https://github.com/erthink/libfpta Ultra fast compact embedded database for tabular and semistructured data. erthink apache-2.0 125    
https://github.com/36hours/idaemu idaemu is an IDA Pro Plugin - use for emulating code in IDA Pro. 36hours gpl-2.0 490    
https://github.com/BasuCert/WinboxPoC Proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847) BasuCert mit 475    
https://github.com/codeplutos/java-security-manager-bypass   codeplutos   115    
https://github.com/novogen/pydis Python bindings for the Zydis disassembler library novogen mit 11    
https://github.com/fox-it/Invoke-ACLPwn   fox-it mit 471    
https://github.com/JulesDT/RSA-Hastad Little python tool to use the Chinese Remainder theorem attack on RSA under precise conditions. JulesDT gpl-3.0 22    
https://github.com/google/dopamine Dopamine is a research framework for fast prototyping of reinforcement learning algorithms. google apache-2.0 9931    
https://github.com/FireyFly/pixd 🔍 Colourful visualization tool for binary files FireyFly mit 484    
https://github.com/nogoodconfig/pyarascanner A simple many-rules to many-files YARA scanner for incident response or malware zoos. nogoodconfig apache-2.0 21    
https://github.com/scott-griffiths/bitstring A Python module to help you manage your bits scott-griffiths mit 330    
https://github.com/tylabs/dovehawk Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings tylabs mit 114    
https://github.com/wazuh/wazuh Wazuh - The Open Source Security Platform wazuh other 5137    
https://github.com/python-jsonschema/jsonschema An implementation of the JSON Schema specification for Python python-jsonschema mit 3897    
https://github.com/CIRCL/cti-sep-repository OASIS TC Open Repository: STIX Enhancement Proposals (SEPs) https://github.com/oasis-open/cti-sep-repository CIRCL other 3    
https://github.com/oasis-open/cti-sep-repository OASIS TC Open Repository: STIX Enhancement Proposals (SEPs) https://github.com/oasis-open/cti-sep-repository oasis-open apache-2.0 16    
https://github.com/ITI/ICS-Security-Tools Tools, tips, tricks, and more for exploring ICS Security. ITI cc-by-4.0 1118    
https://github.com/Neo23x0/munin Online hash checker for Virustotal and other services Neo23x0 apache-2.0 703    
https://github.com/merbanan/rtl_433_tests This repository contains the regressions test suite for rtl_433 merbanan   82    
https://github.com/mcnees/LaTeX-Graph-Paper Make your own quadrille, graph, hex, etc paper! Uses the pgf/TikZ package for LaTeX, which should be part of any modern TeX installation. mcnees other 341    
https://github.com/Ne0nd0g/merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. Ne0nd0g gpl-3.0 4068    
https://github.com/mxmssh/IDAmetrics IDA plugin for software complexity metrics assessment mxmssh bsd-2-clause 55    
https://github.com/microsoft/binskim A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats microsoft other 623    
https://github.com/wbenny/hvpp hvpp is a lightweight Intel x64/VT-x hypervisor written in C++ focused primarily on virtualization of already running operating system wbenny mit 881    
https://github.com/microsoft/FASTER Fast persistent recoverable log and key-value store + cache, in C# and C++. microsoft mit 5274    
https://github.com/dutchcoders/gomisp Golang client for interfacing with MISP dutchcoders other 3    
https://github.com/randomascii/blogstuff Support files related to blog posts on https://randomascii.wordpress.com/ randomascii other 334    
https://github.com/theblixguy/ScanLinks Block unsafe and dangerous links on your Android device! theblixguy gpl-3.0 6    
https://github.com/jaredly/treed Powerful Tree Editor jaredly   1703    
https://github.com/BVLC/caffe Caffe: a fast open framework for deep learning. BVLC other 32945    
https://github.com/ryanjay0/miles-deep Deep Learning Porn Video Classifier/Editor with Caffe ryanjay0 gpl-3.0 2531    
https://github.com/rizinorg/cutter Free and Open Source Reverse Engineering Platform powered by rizin rizinorg gpl-3.0 12163    
https://github.com/lorien/grab Web Scraping Framework lorien mit 2231    
https://github.com/microsoft/Detours Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form. microsoft mit 3772    
https://github.com/guidovranken/bignum-fuzzer   guidovranken gpl-3.0 34    
https://github.com/endgameinc/RTA   endgameinc other 918    
https://github.com/xoreaxeaxeax/rosenbridge Hardware backdoors in some x86 CPUs xoreaxeaxeax mit 2234    
https://github.com/jordisk/TheHive2Sigma Python script to automatically create sigma rules from The hive observables jordisk mit 23    
https://github.com/ptrkrysik/multi-rtl Multi-channel receiver with use of RTL-SDR dongles ptrkrysik gpl-3.0 175    
https://github.com/Evrytania/LTE-Cell-Scanner LTE SDR cell scanner optimized to work with very low performance RF front ends (8bit A/D, 20dB noise figure) Evrytania agpl-3.0 477    
https://github.com/rvolz/BicBucStriim BicBucStriim streams books, digital books. It fills a gap in the functionality of current NAS devices that provide access to music, videos and photos – but not books. BicBucStriim fills this gap and provides web-based access to your e-book collection. rvolz other 388    
https://github.com/openalpr/openalpr Automatic License Plate Recognition library openalpr agpl-3.0 10527    
https://github.com/bfuzzy/auditd-attack A Linux Auditd rule set mapped to MITRE’s Attack Framework bfuzzy mit 740    
https://github.com/mikeryan/crackle Crack and decrypt BLE encryption mikeryan bsd-2-clause 681    
https://github.com/dirtyfilthy/freshonions-torscraper Fresh Onions is an open source TOR spider / hidden service onion crawler hosted at zlal32teyptf4tvi.onion dirtyfilthy agpl-3.0 433    
https://github.com/hashtopolis/server Hashtopolis - A Hashcat wrapper for distributed hashcracking hashtopolis gpl-3.0 1041    
https://github.com/disclose/diodb Open-source vulnerability disclosure and bug bounty program database. disclose cc0-1.0 854    
https://github.com/s0md3v/Photon Incredibly fast crawler designed for OSINT. s0md3v gpl-3.0 9105    
https://github.com/kitao/pyxel A retro game engine for Python kitao mit 10808    
https://github.com/nasa-jpl/open-source-rover A build-it-yourself, 6-wheel rover based on the rovers on Mars! nasa-jpl apache-2.0 7121    
https://github.com/mercuri0/attiny_433_prefilter Prefilter for 433 MHz remotes (and similar protocolls) written for an attiny45 mercuri0   10    
https://github.com/evyatarmeged/Raccoon A high performance offensive security tool for reconnaissance and vulnerability scanning evyatarmeged mit 2595    
https://github.com/codingo/SharePoint-Security A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security. codingo gpl-3.0 40    
https://github.com/ThoughtfulDev/EagleEye Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search. ThoughtfulDev wtfpl 3308    
https://github.com/psf/black The uncompromising Python code formatter psf mit 30048    
https://github.com/yongman/leto A key value storage example powered by hashicorp raft and BadgerDB yongman mit 99    
https://github.com/dbohdan/remarshal Convert between CBOR, JSON, MessagePack, TOML, and YAML dbohdan mit 482    
https://github.com/LordNoteworthy/al-khaser Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection. LordNoteworthy gpl-2.0 4295    
https://github.com/ClickHouse/ClickHouse ClickHouse® is a free analytics DBMS for big data ClickHouse apache-2.0 25977    
https://github.com/mkaz/lanyon markdown web server mkaz mit 508    
https://github.com/mkaz/termgraph a python command-line tool which draws basic graphs in the terminal mkaz mit 2891    
https://github.com/1tayH/noisy Simple random DNS, HTTP/S internet traffic noise generator 1tayH gpl-3.0 1452    
https://github.com/tomerf-sndbox/noisy Simple random DNS, HTTP/S internet traffic noise generator tomerf-sndbox gpl-3.0 1    
https://github.com/MojtabaTajik/Robber Robber is open source tool for finding executables prone to DLL hijacking MojtabaTajik gpl-3.0 685    
https://github.com/xmendez/wfuzz Web application fuzzer xmendez gpl-2.0 4700    
https://github.com/ANSSI-FR/AD-control-paths Active Directory Control Paths auditing and graphing tools ANSSI-FR other 584    
https://github.com/dfxml-working-group/dfxml_schema XML Schema for Digital Forensics XML dfxml-working-group other 29    
https://github.com/ptrkrysik/gr-gsm Gnuradio blocks and tools for receiving GSM transmissions ptrkrysik other 1137    
https://github.com/Oros42/IMSI-catcher This program show you IMSI numbers of cellphones around you. Oros42 cc0-1.0 2494    
https://github.com/vinbhaskara/MalwareGAN Visualizing malware behavior, and proactive protection using GANs against zero-day attacks. vinbhaskara   38    
https://github.com/monarc-project/pyMonarc pyMonarc is a connector application which allows python to extract the information from Monarc monarc-project agpl-3.0 2    
https://github.com/Nekmo/dirhunt Find web directories without bruteforce Nekmo mit 1355    
https://github.com/quicktype/quicktype Generate types and converters from JSON, Schema, and GraphQL quicktype apache-2.0 8800    
https://github.com/TheCrowned/Hilbert-Image-to-Sound Turn an image into a sequence of sounds using a Hilbert Curve. TheCrowned gpl-3.0 12    
https://github.com/horazont/xmpp-echo-bot XMPP/Jabber echo bot (written in sed) horazont   141    
https://github.com/mit-pdos/xv6-public xv6 OS mit-pdos other 5936    
https://github.com/bromiley/olaf Office365 Log Analysis Framework bromiley gpl-3.0 79    
https://github.com/nezza/ISO7816Analyzer A simple ISO7816 analyzer that only requires the data-stream. nezza   51    
https://github.com/eCrimeLabs/vt2misp Script to fetch data from virustotal and add it to a specific event as an object eCrimeLabs mit 8    
https://github.com/Lookyloo/sanejs Use CDNJS as a source to build hashes of known JS/CSS/IMG/… content used all over the internet Lookyloo bsd-2-clause 13    
https://github.com/CAIDA/bgpstream BGP measurement analysis for the masses CAIDA gpl-2.0 101    
https://github.com/Vulnogram/Vulnogram Vulnogram is a tool for creating and editing CVE information in CVE JSON format Vulnogram mit 95    
https://github.com/airbus-seclab/bta Open source Active Directory security audit framework. airbus-seclab other 120    
https://github.com/Boyan-MILANOV/ropium ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together Boyan-MILANOV   327    
https://github.com/dat-ecosystem-archive/dat :floppy_disk: peer-to-peer sharing & live syncronization of files via command line [ DEPRECATED - More info on active projects and modules at https://dat-ecosystem.org/ ] dat-ecosystem-archive bsd-3-clause 8215    
https://github.com/attack-community/attack-best-practices   attack-community   8    
https://github.com/CIRCL/IMAP-Proxy Modular IMAP proxy (including PyCIRCLeanMail and MISP forward modules) CIRCL gpl-3.0 23    
https://github.com/enisaeu/Reference-Security-Incident-Taxonomy-Task-Force This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group. enisaeu cc0-1.0 56    
https://github.com/karthikkbala/MISP-QRadar-Integration The Project can be used to integrate QRadar with MISP Threat Sharing Platform karthikkbala   24    
https://github.com/jech/polipo The Polipo caching HTTP proxy jech mit 1742    
https://github.com/gchq/Palisade A Tool for Complex and Scalable Data Access Policy Enforcement gchq apache-2.0 91    
https://github.com/JusticeRage/FFM Freedom Fighting Mode: open source hacking harness JusticeRage   313    
https://github.com/vishwaraj101/sslunpin Frida script to bypass ssl Pinning vishwaraj101   43    
https://github.com/plotly/plotly.py The interactive graphing library for Python (includes Plotly Express) :sparkles: plotly mit 12364    
https://github.com/aaronpk/websub.rocks Test suite and debug utilities for W3C WebSub aaronpk apache-2.0 21    
https://github.com/JusticeRage/Manalyze A static analyzer for PE executables. JusticeRage gpl-3.0 873    
https://github.com/Patrowl/PatrowlManager PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform Patrowl agpl-3.0 508    
https://github.com/nbedos/termtosvg Record terminal sessions as SVG animations nbedos bsd-3-clause 9514    
https://github.com/mitshell/corenet Minimal 3G and LTE / EPC core network mitshell gpl-2.0 93    
https://github.com/jvoisin/snuffleupagus Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! jvoisin lgpl-3.0 617    
https://github.com/nbs-system/naxsi NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX nbs-system gpl-3.0 4156    
https://github.com/aguinet/dragonffi C Foreign Function Interface and JIT using Clang/LLVM aguinet apache-2.0 521    
https://github.com/regit/suriwire Wireshark plugin to display Suricata analysis info regit gpl-3.0 67    
https://github.com/quarkslab/irma IRMA is an asynchronous & customizable analysis system for suspicious files. quarkslab apache-2.0 240    
https://github.com/cryptolu/BlockSci A high-performance tool for Zcash blockchain science and exploration cryptolu gpl-3.0 10    
https://github.com/MISP/MISP MISP (core software) - Open Source Threat Intelligence and Sharing Platform MISP agpl-3.0 4068    
https://github.com/MISP/misp-cloud misp-cloud - Cloud-ready images of MISP MISP   62    
https://github.com/thedevsaddam/gojsonq A simple Go package to Query over JSON/YAML/XML/CSV Data thedevsaddam mit 1952    
https://github.com/jd/asciidoc-book-toolchain Book publishing toolchain based on AsciiDoc jd   123    
https://github.com/dauxio/daux.io Daux.io is an documentation generator that uses a simple folder structure and Markdown files to create custom documentation on the fly. It helps you create great looking documentation in a developer friendly way. dauxio mit 713    
https://github.com/dfd-tud/deda   dfd-tud gpl-3.0 1174    
https://github.com/j00ru/windows-syscalls Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10) j00ru   1670    
https://github.com/fmadio/pcap_merge High performance time ordered PCAP merging utility fmadio mit 19    
https://github.com/fmadio/pcap_flow calculate flow information from PCAP and extract tcp streams fmadio   53    
https://github.com/CERT-Polska/n6 Automated handling of data feeds for security teams CERT-Polska agpl-3.0 97    
https://github.com/antirez/dump1090 Dump1090 is a simple Mode S decoder for RTLSDR devices antirez   1978    
https://github.com/MISP/misp-docker MISP Docker (XME edition) MISP   229    
https://github.com/MISP/docker-misp Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing MISP bsd-3-clause 99    
https://github.com/vibora-io/vibora Fast, asynchronous and elegant Python web framework. vibora-io mit 5711    
https://github.com/ryancdotorg/threshcrypt A password-based implementation of threshold encryption ryancdotorg other 28    
https://github.com/shea256/secret-sharing A system for securely splitting secrets with Shamir’s Secret Sharing Scheme shea256 mit 437    
https://github.com/rommelfs/ticket-tools   rommelfs   7    
https://github.com/secrary/makin makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore] secrary mit 684    
https://github.com/actor-framework/actor-framework An Open Source Implementation of the Actor Model in C++ actor-framework bsd-3-clause 2824    
https://github.com/tenzir/vast :crystal_ball: Visibility Across Space and Time – The network telemetry engine for data-driven security investigations. tenzir bsd-3-clause 416    
https://github.com/erthink/t1ha One of the fastest hash functions erthink other 334    
https://github.com/romanz/amodem Audio MODEM Communication Library in Python romanz other 794    
https://github.com/DCSO/flor A Python implementation of our efficient Bloom filter library. DCSO other 27    
https://github.com/cugu/awesome-forensics A curated list of awesome forensic analysis tools and resources cugu cc0-1.0 2179    
https://github.com/penafieljlm/inquisitor Opinionated organisation-centric OSINT footprinting inspired from recon-ng and Maltego penafieljlm   144    
https://github.com/Wandmalfarbe/pandoc-latex-template A pandoc LaTeX template to convert markdown files to PDF or LaTeX. Wandmalfarbe bsd-3-clause 4593    
https://github.com/arturadib/strapdown Instant and elegant Markdown documents in the browser arturadib mit 2501    
https://github.com/davidmerfield/Blot Turns a folder into a blog davidmerfield cc0-1.0 1088    
https://github.com/jaegeral/PySight2MISP PySight2MISP is a project that can be run to be used as glue between iSight intel API and MISP API jaegeral mit 7    
https://github.com/AssuranceMaladieSec/CertStreamMonitor Monitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online. AssuranceMaladieSec gpl-3.0 124    
https://github.com/SSLMate/certspotter Certificate Transparency Log Monitor SSLMate mpl-2.0 582    
https://github.com/P1llus/ArcSight-Rest Python library for the ArcSight logger REST API P1llus mit 25    
https://github.com/caschnee/misp-use-cases   caschnee   14    
https://github.com/yarrick/iodine Official git repo for iodine dns tunnel yarrick isc 4544    
https://github.com/thosakwe/t2b A wicked-powerful text macro language for building binary files. thosakwe gpl-3.0 376    
https://github.com/CERT-Polska/ursadb Trigram database written in C++, suited for malware indexing CERT-Polska bsd-3-clause 99    
https://github.com/CERT-Polska/ursadb-cli Lightweight Python client for ursadb CERT-Polska bsd-3-clause 8    
https://github.com/CERT-Polska/mquery YARA malware query accelerator (web frontend) CERT-Polska agpl-3.0 346    
https://github.com/tgalopin/simhashphp SimHash similarities algorithm implementation for PHP tgalopin mit 135    
https://github.com/renyxa/re-lab RE-lab is a joint effort of gimp.ru team and developers of various open source projects to do clean-room reverse engineering of various proprietary file formats useful for the mankind. renyxa   64    
https://github.com/KVM-VMI/nitro   KVM-VMI gpl-3.0 45    
https://github.com/scVENUS/PeekabooAV Peekaboo Extended Email Attachment Behavior Observation Owl scVENUS gpl-3.0 61    
https://github.com/sodium-friends/learntocrypto Learn to crypto workshop sodium-friends isc 1673    
https://github.com/hashdd/pyhashdd A python library for building and using hash databases. hashdd other 20    
https://github.com/mseclab/PyJFuzz PyJFuzz - Python JSON Fuzzer mseclab mit 355    
https://github.com/mseclab/nathan Android Emulator for mobile security testing mseclab mit 213    
https://github.com/unfetter-discover/unfetter-analytic Main Build directory unfetter-discover other 167    
https://github.com/InQuest/python-sandboxapi Minimal, consistent Python API for building integrations with malware sandboxes. InQuest gpl-2.0 117    
https://github.com/mitre/caret CARET - A tool for viewing cyber analytic relationships mitre other 40    
https://github.com/CERTCC/tapioca CERT Tapioca for MITM network analysis CERTCC other 175    
https://github.com/guardicore/monkey Infection Monkey - An automated pentest tool guardicore gpl-3.0 5989    
https://github.com/Cyb3rWard0g/HELK The Hunting ELK Cyb3rWard0g gpl-3.0 3361    
https://github.com/OTRF/OSSEM Open Source Security Events Metadata (OSSEM) OTRF mit 1063    
https://github.com/socprime/SigmaRulesIntegration   socprime other 13    
https://github.com/simsong/notepaper Web-based notepaper simsong mit 3    
https://github.com/redcanaryco/atomic-red-team Small and highly portable detection tests based on MITRE’s ATT&CK. redcanaryco mit 6728    
https://github.com/ociredefz/lightaidra IRC-based mass router scanner/exploiter - The project is no longer maintained. ociredefz   95    
https://github.com/mitre-attack/attack-navigator Web app that provides basic navigation and annotation of ATT&CK matrices mitre-attack apache-2.0 1398    
https://github.com/jenssegers/imagehash 🌄 Perceptual image hashing for PHP jenssegers mit 1841    
https://github.com/kkirsche/CVE-2017-10271 Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271) kkirsche apache-2.0 122    
https://github.com/trailofbits/deepstate A unit test-like interface for fuzzing and symbolic execution trailofbits apache-2.0 726    
https://github.com/Matty9191/ssl-cert-check Send notifications when SSL certificates are about to expire. Matty9191 gpl-2.0 604    
https://github.com/9b/chirp Interface to manage and centralize Google Alert information 9b mit 230    
https://github.com/angr/angr A powerful and user-friendly binary analysis platform! angr bsd-2-clause 6189    
https://github.com/f0rb1dd3n/Reptile LKM Linux rootkit f0rb1dd3n   2028    
https://github.com/tombusby/cypherpunk-research This repository is essentially for compiling information about Cypherpunks, the history of the movement, and the people/events of note. tombusby   473    
https://github.com/Cyb3rPandaH/Tableau-ATTCK Understanding ATT&CK Matrix for Enterprise Cyb3rPandaH   80    
https://github.com/ttrifonov/zmqssl SSL/TLS wrapper for ZMQ sockets ttrifonov apache-2.0 9    
https://github.com/Cn33liz/JSMeter JavaScript Reversed TCP Meterpreter Stager Cn33liz   136    
https://github.com/zulip/zulip Zulip server and web app—powerful open source team chat zulip apache-2.0 16660    
https://github.com/lgandx/PCredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface. lgandx   1595    
https://github.com/jmbielec/geograpy3 Extract countries, regions and cities from a URL   other 19    
https://github.com/utds3lab/multiverse A static binary rewriter that does not use heuristics utds3lab lgpl-3.0 280    
https://github.com/junzis/aircraft-db Query all types of flight identities, such as ICAO address, registration ID, aircraft model, etc. junzis   59    
https://github.com/josegonzalez/python-github-backup backup a github user or organization josegonzalez mit 1043    
https://github.com/mattn/memo 📓 Memo Life For You mattn mit 873    
https://github.com/peco/peco Simplistic interactive filtering tool peco mit 7168    
https://github.com/DanMcInerney/net-creds Sniffs sensitive data from interface or pcap DanMcInerney gpl-3.0 1469    
https://github.com/sigchi/Document-Formats Everything you need to know to publish using LaTeX or Word and then some. sigchi gpl-2.0 305    
https://github.com/eteran/edb-debugger edb is a cross-platform AArch32/x86/x86-64 debugger. eteran gpl-2.0 2216    
https://github.com/MISP/misp-noticelist Notice lists to inform users of MISP about legal or technical implication for some attributes, categories and objects MISP   7    
https://github.com/IDArlingTeam/IDArling Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays IDArlingTeam gpl-3.0 632    
https://github.com/nolze/msoffcrypto-tool Python tool and library for decrypting MS Office files with passwords or other keys nolze mit 395    
https://github.com/ankane/ip_anonymizer IP address anonymizer for Ruby and Rails ankane mit 78    
https://github.com/erikbern/git-of-theseus Analyze how a Git repo grows over time erikbern apache-2.0 2054    
https://github.com/spdx/license-list-data Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON spdx   339    
https://github.com/fossas/fossa-cli Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems. fossas mpl-2.0 1047    
https://github.com/cea-sec/miasm Reverse engineering framework in Python cea-sec gpl-2.0 2914    
https://github.com/cookiecutter/cookiecutter A cross-platform command-line utility that creates projects from cookiecutters (project templates), e.g. Python package projects, C projects. cookiecutter bsd-3-clause 18319    
https://github.com/ioc-fang/ioc-fanger Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space . ioc-fang mit 46    
https://github.com/nerevu/riko A Python stream processing engine modeled after Yahoo! Pipes nerevu mit 1590    
https://github.com/Rafiot/defang DO NOT USE THIS REPO, FOR TESTING PURPOSES ONLY. Master is there: https://bitbucket.org/johannestaas/defang Rafiot other 2    
https://github.com/google/gvisor Application Kernel for Containers google apache-2.0 13189    
https://github.com/ezelf/CVE-2018-9995_dvr_credentials (CVE-2018-9995) Get DVR Credentials ezelf gpl-3.0 481    
https://github.com/fivepiece/btc-bash-ng math and bitcoin tools in gnu bc and bash fivepiece mit 25    
https://github.com/deepzec/Bad-Pdf Steal Net-NTLM Hash using Bad-PDF deepzec gpl-3.0 859    
https://github.com/espebra/filebin Filebin is a web application that facilitates convenient file sharing over the web. espebra bsd-3-clause 146    
https://github.com/soorya19/sparsity-based-defenses Sparsity-based defenses against adversarial attacks on machine learning classifiers soorya19 bsd-3-clause 8    
https://github.com/libnet/nemesis A command-line network packet crafting and injection utility libnet bsd-3-clause 412    
https://github.com/a13xp0p0v/linux-kernel-defence-map Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies a13xp0p0v gpl-3.0 1528    
https://github.com/vaexio/vaex Out-of-Core hybrid Apache Arrow/NumPy DataFrame for Python, ML, visualization and exploration of big tabular data at a billion rows per second 🚀 vaexio mit 7375    
https://github.com/RelaxedJS/ReLaXed Create PDF documents using web technologies RelaxedJS isc 11738    
https://github.com/sbilly/awesome-security A collection of awesome software, libraries, documents, books, resources and cools stuffs about security. sbilly mit 9086    
https://github.com/jfrazee/awesome-nifi A list of useful Apache NiFi resources, processor bundles and tools jfrazee apache-2.0 862    
https://github.com/tmcw/awesome-geojson GeoJSON utilities that will make your life easier. tmcw cc0-1.0 1870    
https://github.com/log2timeline/dftimewolf A framework for orchestrating forensic collection, processing and data export log2timeline apache-2.0 212    
https://github.com/keiichishima/yacryptopan Yet another Crypto-PAn implementation for Python keiichishima bsd-2-clause 24    
https://github.com/xme/cuckoo Miscellaneous files related to Cuckoo sandbox xme   8    
https://github.com/NC3-LU/MOSP A collaborative platform for creating, editing and sharing JSON objects. NC3-LU agpl-3.0 71    
https://github.com/mseitzer/pytorch-fid Compute FID scores with PyTorch. mseitzer apache-2.0 1996    
https://github.com/facebook/prophet Tool for producing high quality forecasts for time series data that has multiple seasonality with linear or non-linear growth. facebook mit 15114    
https://github.com/hasherezade/bearparser Portable Executable parsing library (from PE-bear) hasherezade bsd-2-clause 583    
https://github.com/fastio/1store NoSQL data store using the SEASTAR framework, compatible with Redis fastio agpl-3.0 1269    
https://github.com/yongman/tidis Distributed transactional NoSQL database, Redis protocol compatible using tikv as backend yongman mit 1406    
https://github.com/palantir/windows-event-forwarding A repository for using windows event forwarding for incident detection and response palantir other 1096    
https://github.com/brangerbriz/messages-from-the-mines An interactive art installation that excavates messages embedded in the Bitcoin blockchain brangerbriz gpl-3.0 34    
https://github.com/Sab0tag3d/SIET Smart Install Exploitation Tool Sab0tag3d   517    
https://github.com/deobald/vipassana-for-hackers A document version of my “Vipassana for Hackers” talk deobald cc-by-sa-4.0 578    
https://github.com/PDXBek/Misinformation Word lists for analyzing media reporting PDXBek   22    
https://github.com/palantir/osquery-configuration A repository for using osquery for incident detection and response palantir other 725    
https://github.com/fnando/sparkline Generate SVG sparklines with JavaScript without any external dependency. fnando mit 443    
https://github.com/joshua-gould/canvas2pdf Export your HTML canvas to PDF joshua-gould mit 137    
https://github.com/turicas/rows A common, beautiful interface to tabular data, no matter the format turicas lgpl-3.0 824    
https://github.com/kislyuk/yq Command-line YAML, XML, TOML processor - jq wrapper for YAML/XML/TOML documents kislyuk apache-2.0 1997    
https://github.com/tabler/tabler Tabler is free and open-source HTML Dashboard UI Kit built on Bootstrap tabler mit 31926    
https://github.com/masonicboom/ipscrub IP address anonymizer module for nginx masonicboom   229    
https://github.com/evilsocket/opensnitch OpenSnitch is a GNU/Linux port of the Little Snitch application firewall evilsocket gpl-3.0 7886    
https://github.com/jseidl/Babadook Connection-less Powershell Persistent and Resilient Backdoor jseidl mit 231    
https://github.com/minimaxir/person-blocker Automatically “block” people in images (like Black Mirror) using a pretrained neural network. minimaxir other 2023    
https://github.com/dchrastil/ScrapedIn A tool to scrape LinkedIn without API restrictions for data reconnaissance dchrastil   574    
https://github.com/Scribery/aushape A library and a tool for converting audit logs to XML and JSON Scribery lgpl-2.1 36    
https://github.com/zevv/lsofgraph lsof to graphviz zevv bsd-2-clause 995    
https://github.com/hvac/hvac :lock: Python 2.7/3.X client for HashiCorp Vault hvac apache-2.0 1027    
https://github.com/daveherrald/botsv1 Splunk Boss of the SOC v1 data set. daveherrald   109    
https://github.com/MISP/MISP-sizer Sizing your MISP instance MISP mit 8    
https://github.com/dsmrreader/dsmr-reader DSMR-protocol reader, telegram data storage and energy consumption visualizer. Free for non-commercial use. Docker installation: https://github.com/xirixiz/dsmr-reader-docker dsmrreader other 417    
https://github.com/square/certigo A utility to examine and validate certificates in a variety of formats square apache-2.0 840    
https://github.com/carstein/Keyhole Simple reporting plugin for binary ninja carstein   16    
https://github.com/hasherezade/pe-sieve Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). hasherezade bsd-2-clause 2244    
https://github.com/0x4D31/awesome-threat-detection A curated list of awesome threat detection and hunting resources 0x4D31   2382    
https://github.com/google/upvote_py2 A multi-platform binary whitelisting solution google apache-2.0 447    
https://github.com/dribdat/dribdat Open source hackathons-in-a-box dribdat mit 44    
https://github.com/booksbyus/mkbook Hintjens’ book production tools booksbyus other 45    
https://github.com/thec00n/smart-contract-honeypots This repo contains a collection of smart contract honeypots. thec00n   245    
https://github.com/hatching/vmcloak Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox. hatching   420    
https://github.com/aff4/pyaff4 The Python implementation of the AFF4 standard. aff4 apache-2.0 40    
https://github.com/eNMS-automation/eNMS An enterprise-grade vendor-agnostic network automation platform. eNMS-automation gpl-3.0 721    
https://github.com/hugapi/hug Embrace the APIs of the future. Hug aims to make developing APIs as simple as possible, but no simpler. hugapi mit 6662    
https://github.com/farsightsec/axa The Advanced Exchange Access suite farsightsec apache-2.0 4    
https://github.com/Moham3dRiahi/Th3inspector Th3Inspector 🕵️ Best Tool For Information Gathering 🔎 Moham3dRiahi mit 1450    
https://github.com/Exa-Networks/exabgp The BGP swiss army knife of networking Exa-Networks other 1859    
https://github.com/openeventdata/mordecai Full text geoparsing as a Python library openeventdata mit 678    
https://github.com/cedricbonhomme/freshermeat An open source software directory and release tracker. cedricbonhomme agpl-3.0 15    
https://github.com/marasawr/fml I read 20 years of mostly-fail at cyber norms at the UN, and now you can too! marasawr   19    
https://github.com/MISP/yara-misp Export MISP attributes in Yara MISP   12    
https://github.com/IllusiveNetworks-Labs/HistoricProcessTree An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view. IllusiveNetworks-Labs bsd-3-clause 52    
https://github.com/initstring/linkedin2username OSINT Tool: Generate username lists for companies on LinkedIn initstring mit 759    
https://github.com/googlecreativelab/open-nsynth-super Open NSynth Super is an experimental physical interface for the NSynth algorithm googlecreativelab apache-2.0 2300    
https://github.com/bisguzar/twitter-scraper Scrape the Twitter Frontend API without authentication. bisguzar mit 3343    
https://github.com/alexadam/img-encode Encode an image to sound and view it as a spectrogram - turn your images into music alexadam mit 213    
https://github.com/msuhanov/yarp Yet another registry parser msuhanov gpl-3.0 110    
https://github.com/alex-ball/beamerswitch Convenient mode selection in Beamer documents alex-ball   19    
https://github.com/crytic/ida-evm IDA Processor Module for the Ethereum Virtual Machine (EVM) crytic apache-2.0 266    
https://github.com/incertum/cyber-matrix-ai Collection of cyber security and “AI” relevant topics incertum   71    
https://github.com/certtools/malware_name_mapping A mapping of used malware names to commonly known family names certtools   54    
https://github.com/eset/ipyida IPython console integration for IDA Pro eset other 554    
https://github.com/berzerk0/Probable-Wordlists Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren’t popular! berzerk0 cc-by-sa-4.0 7743    
https://github.com/gdiepen/latexbeamer-handoutWithNotes Create Handouts with notes from your Latexbeamer presentation gdiepen   38    
https://github.com/D4-project/BGP-Ranking BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN) D4-project agpl-3.0 55    
https://github.com/cocaman/retefe Artefacts from various retefe campaigns cocaman   10    
https://github.com/nccgroup/Royal_APT Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research nccgroup   49    
https://github.com/patternfly/patternfly-timeline A time based / event series interactive visualization using d3.js. Use drag and zoom to navigate in time. patternfly mit 124    
https://github.com/KasperskyLab/klara Kaspersky’s GReAT KLara KasperskyLab other 624    
https://github.com/eliasgranderubio/dagda a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities eliasgranderubio apache-2.0 1005    
https://github.com/serrastusbear/NewDomainSearch Script to pull newly-registered domains and check for similarity against a provided word list. serrastusbear gpl-3.0 10    
https://github.com/mokaddem/PyMISP_wrapper A simple PyMISP wrapper designed to ease the addition of commonly used operations on daily generated event mokaddem   3    
https://github.com/paralax/awesome-cybersecurity-internships a list of cybersecurity internships paralax   398    
https://github.com/Phat3/PINdemonium A pintool in order to unpack malware Phat3 gpl-3.0 220    
https://github.com/Data4Democracy/hate_speech_detector   Data4Democracy   29    
https://github.com/conix-security/machoke   conix-security gpl-3.0 47    
https://github.com/khamidou/lptrace Trace any Python program, anywhere! khamidou gpl-3.0 686    
https://github.com/msuhanov/regf Windows registry file format specification msuhanov   257    
https://github.com/psf/requests-html Pythonic HTML Parsing for Humans™ psf mit 12793    
https://github.com/honeytrap/honeytrap Advanced Honeypot framework. honeytrap other 1103    
https://github.com/programa-stic/barf-project BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework programa-stic bsd-2-clause 1350    
https://github.com/pornin/CTTK Constant-Time Toolkit pornin mit 281    
https://github.com/ntddk/virustream A script to track malware IOCs with OSINT on Twitter. ntddk mit 50    
https://github.com/tatsu-i/fame_modules   tatsu-i   2    
https://github.com/apcshields/autocomplete-bibtex Adds Pandoc-style BibTeX citation key autocompletion to autocomplete+ for Atom. apcshields mit 44    
https://github.com/mohlcyber/MISP-MVISION-EDR Integration between MISP platform and McAfee MVISION EDR mohlcyber apache-2.0 11    
https://github.com/s0md3v/Striker Striker is an offensive information and vulnerability scanner. s0md3v gpl-3.0 2000    
https://github.com/nerves-project/nerves Craft and deploy bulletproof embedded software in Elixir nerves-project apache-2.0 1939    
https://github.com/zricethezav/gitleaks Protect and discover secrets using Gitleaks 🔑 zricethezav mit 11068    
https://github.com/vitaly-kamluk/bitscout Remote forensics meta tool vitaly-kamluk gpl-2.0 409    
https://github.com/autumnai/leaf Open Machine Intelligence Framework for Hackers. (GPU/CPU) autumnai apache-2.0 5489    
https://github.com/phage-nz/ph0neutria ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability. phage-nz apache-2.0 302    
https://github.com/randaller/cnn-rtlsdr Deep learning signal classification using rtl-sdr dongle randaller   248    
https://github.com/openhwgroup/cva6 The CORE-V CVA6 is an Application class 6-stage RISC-V CPU capable of booting Linux openhwgroup other 1587    
https://github.com/Nightbringer21/fridump A universal memory dumper using Frida Nightbringer21   531    
https://github.com/Rafiot/2018_Metz Python exercises Rafiot mit 2    
https://github.com/uber-common/metta An information security preparedness tool to do adversarial simulation. uber-common mit 976    
https://github.com/ctxis/capemon CAPE monitor DLLs ctxis gpl-3.0 40    
https://github.com/ctxis/CAPE Malware Configuration And Payload Extraction ctxis   699    
https://github.com/Tencent/rapidjson A fast JSON parser/generator for C++ with both SAX/DOM style API Tencent other 12484    
https://github.com/XMSS/xmss-reference Repository for the XMSS reference code, accompanying RFC 8391, XMSS: eXtended Merkle Signature Scheme XMSS cc0-1.0 30    
https://github.com/fideliscyber/x509 Proof of concept framework for transferring a file over x509 extension covert channel fideliscyber mit 74    
https://github.com/halpomeranz/dfis Digital Forensic Investigative Scripts halpomeranz gpl-3.0 48    
https://github.com/quiet/quiet Transmit data with sound. Includes binaries for soundcards and .wav files. quiet bsd-3-clause 1498    
https://github.com/quiet/org.quietmodem.Quiet Quiet for Android - TCP over sound quiet   1419    
https://github.com/cmatthewbrooks/r2kit A set of scripts for a radare-based malware code analysis workflow cmatthewbrooks   64    
https://github.com/matteomattei/PySquashfsImage Python library to read Squashfs image files. matteomattei gpl-3.0 38    
https://github.com/rommelfs/scanner nmap/ndiff based scanner with template based notification system in case of infrastructure changes rommelfs   17    
https://github.com/cea-sec/Sibyl A Miasm2 based function divination. cea-sec other 488    
https://github.com/cowrie/cowrie Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io cowrie other 4081    
https://github.com/orlikoski/CDQR The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices orlikoski gpl-3.0 314    
https://github.com/0xrawsec/gene Signature Engine for Windows Event Logs 0xrawsec gpl-3.0 128    
https://github.com/0xrawsec/whids Open Source EDR for Windows 0xrawsec agpl-3.0 834    
https://github.com/mitre/cti Cyber Threat Intelligence Repository expressed in STIX 2.0 mitre other 1232    
https://github.com/nabla-c0d3/trust_stores_observatory Continuously monitor and record the content of the major platforms’ root certificate stores. nabla-c0d3 mit 99    
https://github.com/endgameinc/gym-malware   endgameinc mit 556    
https://github.com/LAC-Japan/MISP-CSVImport CSV import tool for MISP LAC-Japan bsd-2-clause 10    
https://github.com/NetworkDeviceTaxonomy/wifi_taxonomy Database of known signatures identified using the mechanism in “Passive Taxonomy of Wifi Clients using MLME Frame Contents” from research.google.com/pubs/pub45429.html NetworkDeviceTaxonomy apache-2.0 68    
https://github.com/sgreben/tj stdin line timestamps. single binary, no dependencies. osx & linux & windows. plays well with jq. sgreben   228    
https://github.com/avast/retdec RetDec is a retargetable machine-code decompiler based on LLVM. avast mit 6804    
https://github.com/eldraco/domain_analyzer Analyze the security of any domain by finding all the information possible. Made in python. eldraco   1744    
https://github.com/FortyNorthSecurity/WMImplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based. FortyNorthSecurity gpl-3.0 718    
https://github.com/ANSSI-FR/transdep Discover SPOF in DNS dependency graphs ANSSI-FR bsd-2-clause 67    
https://github.com/posativ/isso a Disqus alternative posativ mit 4669    
https://github.com/TheDr1ver/crits_services CRITs Services Collection TheDr1ver   3    
https://github.com/SwiftOnSecurity/sysmon-config Sysmon configuration file template with default high-quality event tracing SwiftOnSecurity   3820    
https://github.com/olafhartong/sysmon-modular A repository of sysmon configuration modules olafhartong mit 2006    
https://github.com/ha7ilm/openwebrx Open source, multi-user SDR receiver software with a web interface ha7ilm agpl-3.0 886    
https://github.com/gaasedelen/lighthouse A Coverage Explorer for Reverse Engineers gaasedelen mit 1788    
https://github.com/wolverdude/GenSON GenSON is a powerful, user-friendly JSON Schema generator built in Python. wolverdude mit 420    
https://github.com/stedolan/jq Command-line JSON processor stedolan other 23461    
https://github.com/cisco/joy A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring. cisco other 1198    
https://github.com/alephdata/aleph Search and browse documents and data; find the people and companies you look for. alephdata mit 1680    
https://github.com/alephdata/memorious Lightweight web scraping toolkit for documents and structured data. alephdata mit 282    
https://github.com/satwikkansal/wtfpython What the f*ck Python? 😱 satwikkansal wtfpl 31887    
https://github.com/TheHive-Project/TheHive4py Python API Client for TheHive TheHive-Project agpl-3.0 193    
https://github.com/emsec/ChameleonMini The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. The ChameleonMini was developed by https://kasper-oswald.de. The device is available at https://shop.kasper.it. For further information see the Getting Started Page https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html/_page__getting_started.html or the Wiki tab above. emsec other 1457    
https://github.com/openwpm/OpenWPM A web privacy measurement framework openwpm other 1234    
https://github.com/BTrDB/btrdb-server Berkeley Tree Database (BTrDB) server BTrDB mit 897    
https://github.com/majek/fluxcapacitor The engine that powers DeLorean! majek mit 806    
https://github.com/eldraco/Salamandra Salamandra is a tool to find spy microphones that use radio freq to transmit. It uses SDR. eldraco   745    
https://github.com/pothosware/SoapyRTLSDR SoapySDR RTL-SDR Support Module pothosware mit 93    
https://github.com/pothosware/SoapySDR Vendor and platform neutral SDR support library. pothosware bsl-1.0 830    
https://github.com/xmikos/soapy_power Obtain power spectrum from SoapySDR devices (RTL-SDR, Airspy, SDRplay, HackRF, bladeRF, USRP, LimeSDR, etc.) xmikos mit 125    
https://github.com/taviso/rbndr Simple DNS Rebinding Service taviso gpl-3.0 468    
https://github.com/jaegeral/security-apis A collective list of public APIs for use in security. Contributions welcome jaegeral mit 706    
https://github.com/bambenek/bitcoin_tracker A NodeJS Template for a Twitter Bot that Tracks Transactions to Bitcoin Wallets bambenek   20    
https://github.com/spamhaus/pdns-logger pdns-logger is a small daemon that will accept connections from the protobuf channel of powerdns-reursor and will log queries in several formats spamhaus mpl-2.0 13    
https://github.com/jivoi/awesome-ml-for-cybersecurity :octocat: Machine Learning for Cyber Security jivoi other 5551    
https://github.com/IAIK/meltdown This repository contains several applications, demonstrating the Meltdown bug. IAIK zlib 3992    
https://github.com/lanrat/certgraph An open source intelligence tool to crawl the graph of certificate Alternate Names lanrat gpl-2.0 253    
https://github.com/AirbusCyber/grap grap: define and match graph patterns within binaries AirbusCyber mit 166    
https://github.com/asciidoctor/asciidoctor :gem: A fast, open source text processor and publishing toolchain, written in Ruby, for converting AsciiDoc content to HTML 5, DocBook 5, and other formats. asciidoctor other 4207    
https://github.com/facebookresearch/py2bpf A python to bpf (Berkeley Packet Filter bytecode) converter facebookresearch other 165    
https://github.com/axiomhq/hyperminhash HyperMinHash: Bringing intersections to HyperLogLog axiomhq mit 295    
https://github.com/xschul/IMAProxy IMAP transparent proxy xschul   6    
https://github.com/joeyespo/grip Preview GitHub README.md files locally before committing them. joeyespo mit 5810    
https://github.com/luismartingarcia/protocol An ASCII Header Generator for Network Protocols luismartingarcia gpl-3.0 640    
https://github.com/marcan/speculation-bugs Docs and resources on CPU Speculative Execution bugs marcan cc0-1.0 354    
https://github.com/paboldin/meltdown-exploit Meltdown Exploit PoC paboldin   930    
https://github.com/ligurio/software-quality-wiki Software Quality Wiki ligurio mit 2076    
https://github.com/googleprojectzero/domato DOM fuzzer googleprojectzero apache-2.0 1476    
https://github.com/HASecuritySolutions/VulnWhisperer Create actionable data from your Vulnerability Scans HASecuritySolutions apache-2.0 1271    
https://github.com/EdOverflow/contact.sh An OSINT tool to find contacts in order to report security vulnerabilities. EdOverflow mit 240    
https://github.com/remg427/misp42splunk A Splunk app to use MISP in background remg427 lgpl-3.0 99    
https://github.com/Siguza/IOHIDeous IOHIDFamily 0day Siguza   444    
https://github.com/das-labor/neopg The multiversal cryptoengine! das-labor other 214    
https://github.com/dafthack/MailSniper MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain. dafthack mit 2315    
https://github.com/samuelcolvin/dnserver Simple development DNS server written in python samuelcolvin mit 118    
https://github.com/g-oikonomou/sensniff Live Traffic Capture and Sniffer for IEEE 802.15.4 networks g-oikonomou bsd-3-clause 82    
https://github.com/pimutils/todoman ✅ A simple, standards-based, cli todo (aka: task) manager. pimutils isc 349    
https://github.com/pimutils/khal :calendar: CLI calendar application pimutils mit 2090    
https://github.com/kedartatwawadi/NN_compression   kedartatwawadi mit 198    
https://github.com/elasticdog/transcrypt transparently encrypt files within a git repository elasticdog mit 1216    
https://github.com/jdf/processing.py Write Processing sketches in Python jdf apache-2.0 1523    
https://github.com/dsprenkels/sss-cli Command line program for secret-sharing strings dsprenkels mit 52    
https://github.com/dsprenkels/sss Library for the Shamir secret sharing scheme dsprenkels mit 274    
https://github.com/miek/inspectrum Radio signal analyser miek gpl-3.0 1666    
https://github.com/dataspectra/AIL-framework AIL framework - Analysis Information Leak framework dataspectra agpl-3.0 4    
https://github.com/CERT-Bund/misp-warninglists-analyzer Checks observables/ioc in TheHive/Cortex against the MISP warningslists CERT-Bund   11    
https://github.com/stricaud/TA-misp Splunk integration with MISP stricaud   11    
https://github.com/merbanan/rtl_433 Program to decode radio transmissions from devices on the ISM bands (and other frequencies) merbanan gpl-2.0 4247    
https://github.com/syncthing/syncthing Open Source Continuous File Synchronization syncthing mpl-2.0 47452    
https://github.com/MDudek-ICS/TRISIS-TRITON-HATMAN Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware MDudek-ICS   201    
https://github.com/IOActive/XDiFF Extended Differential Fuzzing Framework IOActive   317    
https://github.com/cr-marcstevens/sha1_gpu_nearcollisionattacks GPU code for the first SHA-1 collision attack and two freestart attacks cr-marcstevens other 25    
https://github.com/guedou/jupyter-radare2 Just a simple radare2 Jupyter kernel guedou lgpl-3.0 109    
https://github.com/REDasmOrg/REDasm The OpenSource Disassembler REDasmOrg gpl-3.0 1312    
https://github.com/oasis-open/cti-stix2-json-schemas OASIS TC Open Repository: Non-normative schemas and examples for STIX 2 oasis-open bsd-3-clause 84    
https://github.com/InvoicePlane/InvoicePlane A self-hosted open source application for managing your invoices, clients and payments. InvoicePlane other 2084    
https://github.com/laurent22/joplin Joplin - an open source note taking and to-do application with synchronisation capabilities for Windows, macOS, Linux, Android and iOS. laurent22 other 32767    
https://github.com/vnotex/vnote A pleasant note-taking platform. vnotex lgpl-3.0 9783    
https://github.com/austin-taylor/flare An analytical framework for network traffic and behavioral analytics austin-taylor mit 418    
https://github.com/agronholm/cbor2 Python CBOR (de)serializer with extensive tag support agronholm mit 150    
https://github.com/iovisor/bcc BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more iovisor apache-2.0 15859    
https://github.com/iovisor/bpf-docs Presentations and docs iovisor   792    
https://github.com/bitnine-oss/agensgraph AgensGraph, a transactional graph database based on PostgreSQL bitnine-oss other 1215    
https://github.com/ayastreb/jekyll-maps :earth_americas: Embed maps with filterable locations in Jekyll ayastreb mit 124    
https://github.com/seclab-ucr/INTANG   seclab-ucr gpl-3.0 2852    
https://github.com/MISP/misp-compliance Legal, procedural and policies document templates for operating MISP and information sharing communities MISP agpl-3.0 29    
https://github.com/CERT-Polska/training-materials   CERT-Polska eupl-1.2 47    
https://github.com/avast/yaracpp C++ wrapper for YARA. avast mit 46    
https://github.com/achillean/redis-keys Using Shodan to get a breakdown of the most common key names in public Redis servers. achillean   12    
https://github.com/zmap/zgrab DEPRECATED This project has been replaced by https://github.com/zmap/zgrab2 zmap other 730    
https://github.com/cytoscape/cytoscape.js Graph theory (network) library for visualisation and analysis cytoscape mit 8761    
https://github.com/GreyNoise-Intelligence/api.greynoise.io Code + documentation for the public GreyNoise API GreyNoise-Intelligence   307    
https://github.com/Cisco-Talos/mutiny-fuzzer   Cisco-Talos other 507    
https://github.com/hegusung/AVSignSeek Tool written in python3 to determine where the AV signature is located in a binary/payload hegusung mit 303    
https://github.com/DomainTools/domaintools_misp Official DomainTools Iris modules for MISP DomainTools   6    
https://github.com/ptrus/suffix-trees Python implementation of Suffix Trees and Generalized Suffix Trees. Provided also methods with typcal aplications of STrees and GSTrees. ptrus mit 107    
https://github.com/secrary/SSMA SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me] secrary gpl-3.0 401    
https://github.com/netdata/netdata Real-time performance monitoring, done right! https://www.netdata.cloud netdata gpl-3.0 61043    
https://github.com/ibmresilient/resilient-community-apps Source code for IBM SOAR Apps that are available on our App Exchange ibmresilient mit 69    
https://github.com/ntddk/onionstack A Pictorial Book of Tor Hidden Services. ntddk mit 22    
https://github.com/secureworks/flowsynth a network packet capture compiler secureworks apache-2.0 173    
https://github.com/metal3d/vymad Vymad - Vym to markdown generator metal3d   21    
https://github.com/adulau/misp-osint-collection Collection of best practices to add OSINT into MISP and/or MISP communities adulau   57    
https://github.com/pretalx/pretalx Conference planning tool: CfP, scheduling, speaker management pretalx other 480    
https://github.com/ANSSI-FR/SmartPGP SmartPGP is a JavaCard implementation of the OpenPGP card specifications ANSSI-FR gpl-2.0 170    
https://github.com/x0rz/phishing_catcher Phishing catcher using Certstream x0rz gpl-3.0 1442    
https://github.com/simsong/dfxml Digital Forensics XML project and library simsong other 58    
https://github.com/pbiernat/ripr Package Binary Code as a Python class using Binary Ninja and Unicorn Engine pbiernat mit 349    
https://github.com/MobSF/Mobile-Security-Framework-MobSF Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF gpl-3.0 12761    
https://github.com/P1sec/pycrate A Python library to ease the development of encoders and decoders for various protocols and file formats; contains ASN.1 and CSN.1 compilers. P1sec lgpl-2.1 316    
https://github.com/VCVRack/Rack The virtual Eurorack studio VCVRack other 3653    
https://github.com/google/turbinia Automation and Scaling of Digital Forensics Tools google apache-2.0 601    
https://github.com/LINCnil/pia-back Programme développé avec le framework RubyOnRails mettant à disposition une API RESTful à destination des outils PIA et PIA-APP. Program developped with RubyOnRails providing a RESTful API for the PIA and PIA-APP applications. LINCnil gpl-3.0 133  
https://github.com/LINCnil/pia Version web front office de l’application PIA à déployer sur un serveur afin d’en donner l’accès via un navigateur web Front office of the PIA application to be deployed on a server in order to access it through a web browser. LINCnil gpl-3.0 216  
https://github.com/milankowww/ppp_tcpip_zxspectrum 1998 implementation of PPP + TCP/IP + various network apps for ZX Spectrum 48k milankowww gpl-2.0 5    
https://github.com/repology/repology-updater Repology backend service to update repository and package data repology gpl-3.0 410    
https://github.com/yl2chen/cidranger Fast IP to CIDR lookup in Golang yl2chen mit 752    
https://github.com/google/oss-fuzz OSS-Fuzz - continuous fuzzing for open source software. google apache-2.0 8028    
https://github.com/infobyte/faraday Open Source Vulnerability Management Platform infobyte gpl-3.0 3561    
https://github.com/CERTCC/trommel TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators CERTCC other 190    
https://github.com/inikep/lizard Lizard (formerly LZ5) is an efficient compressor with very fast decompression. It achieves compression ratio that is comparable to zip/zlib and zstd/brotli (at low and medium compression levels) at decompression speed of 1000 MB/s and faster. inikep other 569    
https://github.com/Markus-Go/bonesi BoNeSi - the DDoS Botnet Simulator Markus-Go apache-2.0 565    
https://github.com/JPCERTCC/STrelok Application for STIX v2.0 objects management and analysis JPCERTCC   25    
https://github.com/propervillain/moistpetal Open source offensive security platform for red team, by red team. propervillain apache-2.0 367    
https://github.com/werkamsus/Lilith Lilith, The Open Source C++ Remote Administration Tool (RAT) werkamsus mit 601    
https://github.com/yishn/tikzcd-editor A simple visual editor for creating commutative diagrams. yishn mit 1719    
https://github.com/monperrus/crawler-user-agents Syntactic patterns of HTTP user-agents used by bots / robots / crawlers / scrapers / spiders. pull-request welcome :star: monperrus mit 890    
https://github.com/jpalanco/nmap-scada nse scripts for scada identification jpalanco   111    
https://github.com/d30sa1/RootKits-List-Download This is the list of all rootkits found so far on github and other sites. d30sa1 gpl-3.0 1034    
https://github.com/hasherezade/ida_ifl IFL - Interactive Functions List (plugin for IDA Pro) hasherezade   370    
https://github.com/netbox-community/netbox The premiere source of truth powering network automation. Open source under Apache 2. Public demo: https://demo.netbox.dev netbox-community apache-2.0 11387    
https://github.com/ccied/ugforum-analysis Tools for Automated Analysis of Cybercriminal Markets ccied other 51    
https://github.com/openpreserve/format-corpus An openly-licensed corpus of small example files, covering a wide range of formats and creation tools. openpreserve   147    
https://github.com/ArchiveBox/ArchiveBox 🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more… ArchiveBox mit 14442    
https://github.com/annamcabee/Mitre-Attack-API Python module to interact with the MITRE attack framework via the MITRE API annamcabee   55    
https://github.com/MISP/PyMISPWarningLists Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists MISP bsd-3-clause 23    
https://github.com/juju4/ansible-MISP ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing juju4 bsd-2-clause 45    
https://github.com/MISP/misp-dashboard A dashboard for a real-time overview of threat intelligence from MISP instances MISP agpl-3.0 173    
https://github.com/lcpz/awesome-copycats Awesome WM themes lcpz   2702    
https://github.com/CaliDog/certstream-server-python Certificate Transparency Log aggregation, parsing, and streaming service CaliDog mit 100    
https://github.com/blschatz/pyaff4-bls   blschatz   6    
https://github.com/aff4/Standard AFF4 Standard Documents aff4   24    
https://github.com/InQuest/yara-rules A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net. InQuest mit 294    
https://github.com/catid/leopard Leopard-RS : O(N Log N) MDS Reed-Solomon Block Erasure Code for Large Data catid bsd-3-clause 105    
https://github.com/stratosphereips/Manati A web-based tool to assist the work of the intuitive threat analysts. stratosphereips   108    
https://github.com/sebdraven/hack_lu_2017 Python and Machine Learning Workshop at Hack.lu 2017 sebdraven   83    
https://github.com/pinterest/rocksplicator RocksDB Replication pinterest apache-2.0 568    
https://github.com/cloudflare/cfssl CFSSL: Cloudflare’s PKI and TLS toolkit cloudflare bsd-2-clause 7391    
https://github.com/chame1eon/binaryninja-frida A plugin to integrate the Frida dynamic instrumentation toolkit into Binary Ninja. chame1eon mit 44    
https://github.com/arms22/SoftModem Audio Jack Modem Library for Arduino arms22 bsd-3-clause 159    
https://github.com/zyantific/zydis Fast and lightweight x86/x86-64 disassembler and code generation library zyantific mit 2543    
https://github.com/mrexodia/zydis Fast and lightweight x86/x86-64 disassembler library mrexodia mit 1    
https://github.com/alexfru/SmallerC Simple C compiler alexfru bsd-2-clause 1158    
https://github.com/openwall/john John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs openwall   6935    
https://github.com/brightmart/text_classification all kinds of text classification models and more with deep learning brightmart mit 7450    
https://github.com/oasis-open/cti-stix-visualization OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships oasis-open bsd-3-clause 95    
https://github.com/stratosphereips/whois-similarity-distance This python scripts can calculate the WHOIS Similarity Distance between two given domains. stratosphereips mit 30    
https://github.com/agermanidis/livepython Visually trace Python code in real-time. agermanidis mit 2464    
https://github.com/fabrimagic72/malware-samples A collection of malware samples caught by several honeypots i manage fabrimagic72   1231    
https://github.com/markmarkoh/datamaps Customizable SVG map visualizations for the web in a single Javascript file using D3.js markmarkoh mit 3669    
https://github.com/SHSauler/MISPnomer Chrome extension for MISP IoC ingestion SHSauler agpl-3.0 5    
https://github.com/giMini/PowerMemory Exploit the credentials present in files and memory giMini other 807    
https://github.com/dannyfritz/commit-message-emoji Every commit is important. So let’s celebrate each and every commit with a corresponding emoji! :smile: dannyfritz mit 1477    
https://github.com/rivermont/spidy The simple, easy to use command line web crawler. rivermont gpl-3.0 296    
https://github.com/mokaddem/rdb-to-redis-wrapper A TUI interface to easily inject keys from a RDB file into a running Redis server mokaddem   1    
https://github.com/nsqio/nsq A realtime distributed messaging platform nsqio mit 22873    
https://github.com/PrivateBin/PrivateBin A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. PrivateBin other 4442    
https://github.com/tmc/pqstream pqstream turns your postgres database into an event stream tmc mit 463    
https://github.com/LappleApple/awesome-leading-and-managing Awesome List of resources on leading people and being a manager. Geared toward tech, but potentially useful to anyone. LappleApple   6315    
https://github.com/SupportIntelligence/Icewater 16,432 Free Yara rules created by SupportIntelligence other 358    
https://github.com/tasdikrahman/tnote :clipboard: A command line note taking app so simple that even your grandparents will love it! tasdikrahman mit 224    
https://github.com/MAECProject/schemas MAEC Schemas and Schema Development MAECProject   65    
https://github.com/activecm/rita Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis. activecm gpl-3.0 2028    
https://github.com/mitre/cascade-server CASCADE Server mitre apache-2.0 217    
https://github.com/facebookresearch/fairseq Facebook AI Research Sequence-to-Sequence Toolkit written in Python. facebookresearch mit 19721    
https://github.com/facebookresearch/StarSpace Learning embeddings for classification, retrieval and ranking. facebookresearch mit 3795    
https://github.com/salesforce/ja3 JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way. salesforce bsd-3-clause 1838    
https://github.com/hrbrmstr/pypi-malicious-packages Exposure analysis for skcsirt-sa-20170909-pypi-malicious-code hrbrmstr   5    
https://github.com/source-foundry/Hack A typeface designed for source code source-foundry other 15192    
https://github.com/CIRCL/yara-validator Validates yara rules and tries to repair the broken ones. CIRCL gpl-3.0 38    
https://github.com/ehloonion/onionmx Onion delivery, so delicious ehloonion   178    
https://github.com/MISP/misp-packer Build Automated Machine Images for MISP MISP gpl-3.0 25    
https://github.com/Lazza/RecuperaBit A tool for forensic file system reconstruction. Lazza gpl-3.0 409    
https://github.com/google/material-design-lite Material Design Components in HTML/CSS/JS google apache-2.0 32104    
https://github.com/tomepel/Technical_Book_DL This note presents in a technical though hopefully pedagogical way the three most common forms of neural network architectures: Feedforward, Convolutional and Recurrent. tomepel   1398    
https://github.com/mike01/pypacker :package: The fastest and simplest packet manipulation lib for Python mike01 gpl-2.0 242    
https://github.com/AlienVault-OTX/yabin A Yara rule generator for finding related samples and hunting AlienVault-OTX apache-2.0 137    
https://github.com/dod-cyber-crime-center/DC3-MWCP DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names. dod-cyber-crime-center other 228    
https://github.com/PaloAltoNetworks/minemeld-misp MineMeld nodes for MISP PaloAltoNetworks apache-2.0 19    
https://github.com/FSecureLABS/Athena GUI Tool to generate threat intelligence information in various formats FSecureLABS other 42    
https://github.com/secretsquirrel/SigThief Stealing Signatures and Making One Invalid Signature at a Time secretsquirrel bsd-3-clause 1368    
https://github.com/ucsb-seclab/BootStomp BootStomp: a bootloader vulnerability finder ucsb-seclab bsd-2-clause 344    
https://github.com/cmu-sei/BigGrep A scalable search index for binary files cmu-sei other 100    
https://github.com/VirusTotal/yara The pattern matching swiss knife VirusTotal bsd-3-clause 6118    
https://github.com/parrt/lolviz A simple Python data-structure visualization tool for lists of lists, lists, dictionaries; primarily for use in Jupyter notebooks / presentations parrt bsd-3-clause 783    
https://github.com/rommelfs/ALOD automatic launch object detection for Mac OS X rommelfs other 5    
https://github.com/mak/mlib Your bag of handy codes for malware researchers mak   115    
https://github.com/monarc-project/monarc-packer Build automated machine images for MONARC and releases bundles. monarc-project   10    
https://github.com/osquery/osquery SQL powered operating system instrumentation, monitoring, and analytics. osquery other 19443    
https://github.com/wangyu-/udp2raw A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment) wangyu- mit 5529    
https://github.com/0x09AL/DropboxC2C DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations. 0x09AL mit 144    
https://github.com/securitytxt/security-txt A proposed standard that allows websites to define security policies. securitytxt other 1618    
https://github.com/1ultimat3/PcapViz Visualize network topologies and collect graph statistics based on pcap files 1ultimat3   283    
https://github.com/Genetic-Malware/Ebowla Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED) Genetic-Malware other 697    
https://github.com/maliceio/malice VirusTotal Wanna Be - Now with 100% more Hipster maliceio apache-2.0 1402    
https://github.com/maciejkula/spotlight Deep recommender models using PyTorch. maciejkula mit 2783    
https://github.com/CIRCL/volatility-misp Volatility plugin to interface with MISP CIRCL gpl-3.0 10    
https://github.com/telekom-security/BadIPFetch API to fetch detected bad ip addresses from the DTAG early warning system telekom-security   11    
https://github.com/MISP/misp-vagrant Deploy MISP Project software with Vagrant. MISP bsd-2-clause 37    
https://github.com/falconre/falcon Binary Analysis Framework in Rust falconre apache-2.0 488    
https://github.com/hatlord/Spiderpig A document metadata spider. hatlord   51    
https://github.com/swisskyrepo/PayloadsAllTheThings A list of useful payloads and bypass for Web Application Security and Pentest/CTF swisskyrepo mit 42518    
https://github.com/danni-m/redis-timeseries Future development of redis-timeseries is at github.com/RedisLabsModules/redis-timeseries. danni-m other 202    
https://github.com/PUNCH-Cyber/YaraGuardian Django web interface for managing Yara rules PUNCH-Cyber apache-2.0 174    
https://github.com/rupa/z z - jump around rupa wtfpl 14737    
https://github.com/TailorDev/crick 📊 Crick is a backend for the Watson time-tracker. TailorDev mit 227    
https://github.com/cupy/cupy NumPy & SciPy for GPU cupy mit 6428    
https://github.com/msuiche/porosity UNMAINTAINED Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts msuiche   891    
https://github.com/doegox/python-cryptoplus PyCryptoPlus: a pycrypto extension written 100% in Python doegox other 68    
https://github.com/4144414D/pytruecrypt Truecrypt volume parsing library 4144414D gpl-3.0 28    
https://github.com/mozilla/send Simple, private file sharing from the makers of Firefox mozilla mpl-2.0 13178    
https://github.com/trendmicro/defplorex defplorex for BlackHat Arsenal trendmicro other 111    
https://github.com/SPRITZ-Research-Group/Skype-Type Don’t Skype & Type! Keyboard acoustic eavesdropping tool. SPRITZ-Research-Group gpl-3.0 316    
https://github.com/airbnb/binaryalert BinaryAlert: Serverless, Real-time & Retroactive Malware Detection. airbnb apache-2.0 1286    
https://github.com/hosom/file-extraction Extract files from network traffic with Zeek. hosom bsd-3-clause 96    
https://github.com/MISP/PyMISPGalaxies Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy MISP bsd-3-clause 16    
https://github.com/Lookyloo/lookyloo Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Lookyloo other 514    
https://github.com/dirtbags/pcapdb A Distributed, Search-Optimized Full Packet Capture System dirtbags other 235    
https://github.com/unamer/vmware_escape VMware Escape Exploit before VMware WorkStation 12.5.5 unamer   883    
https://github.com/efficient/cuckoofilter   efficient other 865    
https://github.com/voxpupuli/puppet-misp This module installs and configures MISP (Malware Information Sharing Platform) voxpupuli   14    
https://github.com/monarc-project/MonarcAppFO MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU monarc-project agpl-3.0 75    
https://github.com/simonarnell/GDPRDPIAT A GDPR Data Protection Impact Assessment (DPIA) tool to assist organisations to evaluate data protection risks with respect to the EU’s General Data Protection Regulation. 🇪🇺 simonarnell mit 32    
https://github.com/Cisco-Talos/pyrebox Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU Cisco-Talos gpl-2.0 1566    
https://github.com/futurice/meeting-room-tablet Google Apps compatible meeting room reservator futurice bsd-3-clause 176    
https://github.com/alexhude/FRIEND Flexible Register/Instruction Extender aNd Documentation alexhude   520    
https://github.com/pear/Crypt_GPG Encrypt/decrypt PGP messages with PHP pear lgpl-2.1 79    
https://github.com/genuinetools/binctr Fully static, unprivileged, self-contained, containers as executable binaries. genuinetools mit 2467    
https://github.com/williballenthin/python-idb Pure Python parser and analyzer for IDA Pro database files (.idb). williballenthin apache-2.0 418    
https://github.com/SIDN/entrada Entrada - A tool for DNS big data analytics SIDN gpl-3.0 40    
https://github.com/antirez/connect4-montecarlo Simple connect 4 AI using Monte Carlo method antirez   30    
https://github.com/microsoft/MSRC-Security-Research Security Research from the Microsoft Security Response Center (MSRC) microsoft cc-by-4.0 1143    
https://github.com/MarkBaggett/srum-dump A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet. MarkBaggett gpl-3.0 437    
https://github.com/JonathanSalwan/Triton Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. JonathanSalwan apache-2.0 2567    
https://github.com/holoviz/datashader Quickly and accurately render even the largest data. holoviz bsd-3-clause 2869    
https://github.com/saminiir/level-ip A hacker’s userspace TCP/IP stack saminiir mit 2120    
https://github.com/pzhaonet/mindr an R package which converts markdown files (.md, .Rmd) into mindmaps (brainstorms) pzhaonet gpl-3.0 551    
https://github.com/iagox86/dnscat2   iagox86 bsd-3-clause 2804    
https://github.com/airbus-cert/mispy Another MISP module for Python airbus-cert apache-2.0 15    
https://github.com/KeitaNakamura/neodark.vim A dark color scheme for vim KeitaNakamura   395    
https://github.com/metachris/pdfx Extract text, metadata and references (pdf, url, doi, arxiv) from PDF. Optionally download all referenced PDFs. metachris apache-2.0 941    
https://github.com/blacktop/docker-cuckoo Cuckoo Sandbox Dockerfile blacktop other 314    
https://github.com/openssl/openssl TLS/SSL and crypto library openssl apache-2.0 19877    
https://github.com/acaudwell/Logstalgia replay or stream website access logs as a retro arcade game acaudwell gpl-3.0 1647    
https://github.com/Cisco-Talos/BASS BASS - BASS Automated Signature Synthesizer Cisco-Talos gpl-2.0 168    
https://github.com/ermongroup/markov-chain-gan Code for “Generative Adversarial Training for Markov Chains” (ICLR 2017 Workshop) ermongroup mit 77    
https://github.com/googleprojectzero/functionsimsearch Some C++ example code to demonstrate how to perform code similarity searches using SimHashing. googleprojectzero apache-2.0 513    
https://github.com/secfigo/Awesome-Fuzzing A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis. secfigo cc0-1.0 4406    
https://github.com/bpineau/redis-munin Munin plugin for Redis. Monitors lots of things, with few dependencies (pure redis-cli + awk) bpineau   55    
https://github.com/NationalSecurityAgency/lemongraph Log-based transactional graph engine NationalSecurityAgency other 1109    
https://github.com/jjo-sec/pynetsim   jjo-sec other 15    
https://github.com/cipher1729/js-crawler For crawling the web using scrapy, collecting javascripts and training a classifier with extracted features cipher1729   2    
https://github.com/inconvergent/snek See https://github.com/inconvergent/weir instead inconvergent other 731    
https://github.com/google/gumbo-parser An HTML5 parsing library in pure C99 google apache-2.0 5080    
https://github.com/thinkst/canarytokens Canarytokens helps track activity and actions on your network. thinkst other 1187    
https://github.com/thinkst/opencanary Modular and decentralised honeypot thinkst bsd-3-clause 1590    
https://github.com/dyninst/dyninst DyninstAPI: Tools for binary instrumentation, analysis, and modification. dyninst other 599    
https://github.com/thelounge/thelounge 💬 ‎ Modern, responsive, cross-platform, self-hosted web IRC client thelounge mit 4871    
https://github.com/m4b/bingrep like grep UBER, but for binaries m4b mit 1578    
https://github.com/vladak/ipv6gen IPv6 prefix generator vladak gpl-2.0 35    
https://github.com/segmentio/ksuid K-Sortable Globally Unique IDs segmentio mit 3765    
https://github.com/blei-lab/edward A probabilistic programming language in TensorFlow. Deep generative models, variational inference. blei-lab other 4742    
https://github.com/kudelskisecurity/scannerl The modular distributed fingerprinting engine kudelskisecurity gpl-3.0 220    
https://github.com/orakaro/rainbowstream A smart and nice Twitter client on terminal written in Python. orakaro mit 3482    
https://github.com/wireapp/wire-server 🇪🇺 Wire back-end services wireapp agpl-3.0 2485    
https://github.com/firehol/blocklist-ipsets ipsets dynamically updated with firehol’s update-ipsets.sh script firehol   2371    
https://github.com/SNAS/openbmp OpenBMP Server Collector SNAS epl-1.0 219    
https://github.com/RedisLabsModules/redablooms Scalable, counting Bloom filters Redis Module RedisLabsModules agpl-3.0 29    
https://github.com/has2k1/plotnine A grammar of graphics for Python has2k1 mit 3234    
https://github.com/conix-security/BTG BTG’s purpose is to make fast and efficient search on IOC conix-security gpl-3.0 69    
https://github.com/mfontanini/libtins High-level, multiplatform C++ network packet sniffing and crafting library. mfontanini bsd-2-clause 1730    
https://github.com/joewalnes/reconnecting-websocket A small decorator for the JavaScript WebSocket API that automatically reconnects joewalnes mit 3927    
https://github.com/MonroCoury/Forensic-Tools A collection of tools for forensic analysis MonroCoury mit 249    
https://github.com/markofu/pcaps Public Repository of all Publicly Available Packet Captures that I’ve used or come across markofu   135    
https://github.com/opsxcq/exploit-CVE-2017-7494 SambaCry exploit and vulnerable container (CVE-2017-7494) opsxcq   323    
https://github.com/viper-framework/pefile-tests Test suite for pefile viper-framework other 4    
https://github.com/curi0usJack/luckystrike A PowerShell based utility for the creation of malicious Office macro documents. curi0usJack gpl-3.0 1045    
https://github.com/Cisco-Talos/file2pcap   Cisco-Talos gpl-2.0 158    
https://github.com/RUB-NDS/PRET Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. RUB-NDS gpl-2.0 3229    
https://github.com/tillmannw/honeytrap a low-interaction honeypot tillmannw gpl-2.0 91    
https://github.com/bpython/bpython bpython - A fancy curses interface to the Python interactive interpreter bpython other 2205    
https://github.com/mbechler/marshalsec   mbechler mit 2810    
https://github.com/tandasat/MemoryMon Detecting execution of kernel memory where is not backed by any image file tandasat mit 210    
https://github.com/govolution/betterdefaultpasslist   govolution   581    
https://github.com/chocolatey/choco Chocolatey - the package manager for Windows chocolatey other 8643    
https://github.com/MartinThoma/LaTeX-examples Examples for the usage of LaTeX MartinThoma mit 1360    
https://github.com/m2dsupsdlclass/lectures-labs Slides and Jupyter notebooks for the Deep Learning lectures at Master Year 2 Data Science from Institut Polytechnique de Paris m2dsupsdlclass mit 1303    
https://github.com/mohlcyber/OpenDXL-MISP-IntelMQ-Output Automated OpenDXL Output information via IntelMQ mohlcyber   14    
https://github.com/mohlcyber/OpenDXL-ATD-MISP Automated threat intelligence collection with McAfee ATD, OpenDXL and MISP mohlcyber apache-2.0 22    
https://github.com/schollz/howmanypeoplearearound Count the number of people around you :family_man_man_boy: by monitoring wifi signals :satellite: schollz mit 6664    
https://github.com/msuiche/OPCDE OPCDE Cybersecurity Conference Materials msuiche   565    
https://github.com/aviggiano/redis-roaring Roaring Bitmaps for Redis aviggiano mit 278    
https://github.com/CERT-W/certitude The Seeker of IOC CERT-W gpl-2.0 125    
https://github.com/isobit/ws-tcp-relay A simple relay between WebSocket clients and TCP servers isobit mit 221    
https://github.com/TheHive-Project/Cortex Cortex: a Powerful Observable Analysis and Active Response Engine TheHive-Project agpl-3.0 970    
https://github.com/fideliscyber/yalda   fideliscyber other 40    
https://github.com/leojcollard/cve-search-docker   leojcollard mit 14    
https://github.com/Inria-Prosecco/proscript-messaging Supporting materials for our EuroS&P paper: Automated Verification for Secure Messaging Protocols and their Implementations: A Symbolic and Computational Approach. Inria-Prosecco   32    
https://github.com/nexB/scancode-toolkit :mag_right: ScanCode detects licenses, copyrights, package manifests & dependencies and more by scanning code … to discover and inventory open source and third-party packages used in your code. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors! nexB   1566    
https://github.com/python-security/pyt A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications python-security gpl-2.0 2105    
https://github.com/Cisco-Talos/Decept Decept Network Protocol Proxy Cisco-Talos other 255    
https://github.com/MISP/misp-galaxy Clusters and elements to attach to MISP events or attributes (like threat actors) MISP other 378    
https://github.com/timeoff-management/timeoff-management-application Simple yet powerful absence management software for small and medium size business (community edition) timeoff-management mit 777    
https://github.com/mozilla/ssh_scan DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/) mozilla mpl-2.0 793    
https://github.com/MISP/mail_to_misp Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails. MISP agpl-3.0 59    
https://github.com/jymcheong/aptc Automated Payload Test Controller jymcheong unlicense 8    
https://github.com/zonination/perceptions Perceptions of Probability and Numbers zonination mit 781    
https://github.com/newlog/r2msdn r2 plugin to add MSDN documentation URLs and parameter names to imported function calls newlog   10    
https://github.com/juliocesarfort/public-pentesting-reports A list of public penetration test reports published by several consulting firms and academic security groups. juliocesarfort   6653    
https://github.com/morallo/misp-bulk-tag This script performs bulk tagging operations over MISP. morallo   2    
https://github.com/discoproject/disco a Map/Reduce framework for distributed computing discoproject bsd-3-clause 1640    
https://github.com/rolandshoemaker/solvere A validating recursive DNS resolver library and standalone server with DNSSEC support rolandshoemaker mit 33    
https://github.com/InnerSourceCommons/InnerSourcePatterns Proven approaches that can guide you through applying open source best practices within your organization InnerSourceCommons cc-by-sa-4.0 620    
https://github.com/paypal/autosklearn-zeroconf autosklearn-zeroconf is a fully automated binary classifier. It is based on the AutoML challenge winner auto-sklearn. Give it a dataset with known outcomes (labels) and it returns a list of predicted outcomes for your new data. It even estimates the precision for you! The engine is tuning massively parallel ensemble of machine learning pipelines for best precision/recall. paypal bsd-3-clause 169    
https://github.com/ripe-dns-anomaly/anomalyDetector this folder contains the possible anomaly detector(s) that can be used with the Ripe DNS measurements ripe-dns-anomaly   11    
https://github.com/RIPE-NCC/ripe-atlas-sagan A parsing library for RIPE Atlas measurement results RIPE-NCC gpl-3.0 44    
https://github.com/rishy/phishing-websites Identifies phishing websites using a treebag model rishy   22    
https://github.com/RIPE-NCC/ripe-atlas-cousteau Python client for RIPE ATLAS API RIPE-NCC gpl-3.0 57    
https://github.com/RIPE-NCC/ripe-atlas-tools Official command-line client for RIPE Atlas RIPE-NCC gpl-3.0 154    
https://github.com/RIPE-Atlas-Community/ripe-atlas-community-contrib Repository for links towards tools written during hackathons, and a collection of contributions by the community of the RIPE Atlas visualizations, tools for analysing measurements data and other scripts RIPE-Atlas-Community   163    
https://github.com/JoshData/hackathon.guide A logistics guide to running a successful hackathon. JoshData   171    
https://github.com/MISP/misp-takedown A curses-style interface for automatic takedown notification based on MISP events. MISP agpl-3.0 19    
https://github.com/TryCatchHCF/Cloakify CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection TryCatchHCF mit 1323    
https://github.com/keybase/saltpack a modern crypto messaging format keybase bsd-3-clause 943    
https://github.com/polymorf/findcrypt-yara IDA pro plugin to find crypto constants (and more) polymorf bsd-3-clause 989    
https://github.com/Invoke-IR/ForensicPosters   Invoke-IR   370    
https://github.com/Yara-Rules/yago YaGo, converting Yara rules into JSON files. Yara-Rules apache-2.0 47    
https://github.com/lief-project/LIEF LIEF - Library to Instrument Executable Formats lief-project apache-2.0 3312    
https://github.com/nccgroup/Cyber-Defence Information released publicly by NCC Group’s Cyber Incident Response Team nccgroup   456    
https://github.com/hrbrmstr/radb :microscope: Tools to Query the ‘Merit’ ‘RADb’ Network Route Server hrbrmstr   7    
https://github.com/Graylog2/graylog-plugin-threatintel Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases Graylog2 other 139    
https://github.com/DCSO/tie2misp Please use the new https://github.com/DCSO/tiffy instead! DCSO bsd-3-clause 3    
https://github.com/uforia/timestamp Generic Timestamp Converter uforia   4    
https://github.com/MISP/ansible MISP - Ansible installation script MISP   22    
https://github.com/wisk/medusa An open source interactive disassembler wisk other 998    
https://github.com/pierbol/FloppySic Foreinsic on old different types of floppydisk pierbol   2    
https://github.com/tomrittervg/ct-tools Random tools to perform Certificate Transparency-related stuff tomrittervg other 25    
https://github.com/eriktews/certificate-transparency-tools Tools to interact with a certificate transparency server eriktews mit 23    
https://github.com/CERT-Bund/yara-exporter Exporting MISP event attributes to yara rules usable with Thor apt scanner CERT-Bund mit 22    
https://github.com/infosec-au/altdns Generates permutations, alterations and mutations of subdomains and then resolves them infosec-au apache-2.0 1839    
https://github.com/errbufferoverfl/usb-canary A Linux or OSX tool that uses psutil to monitor devices while your computer is locked. In the case it detects someone plugging in or unplugging devices it can be configured to send you an SMS or alert you via Slack or Pushover. errbufferoverfl gpl-3.0 564    
https://github.com/k4m4/onioff 🌰 An onion url inspector for inspecting deep web links. k4m4 mit 514    
https://github.com/msuhanov/Linux-write-blocker The kernel patch and userspace tools to enable Linux software write blocking msuhanov gpl-2.0 121    
https://github.com/certsocietegenerale/fame FAME Automates Malware Evaluation certsocietegenerale gpl-3.0 761    
https://github.com/Cymmetria/StrutsHoneypot Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers Cymmetria mit 70    
https://github.com/threatexpress/domainhunter Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names threatexpress bsd-3-clause 1241    
https://github.com/scrapinghub/splash Lightweight, scriptable browser as a service with an HTTP API scrapinghub bsd-3-clause 3711    
https://github.com/vmware-archive/tic Bit9 + Carbon Black Threat Intelligence vmware-archive mit 80    
https://github.com/MISP/misp-objects Definition, description and relationship types of MISP objects MISP other 71    
https://github.com/google/tflow2 This software is currently maintained at https://github.com/taktv6/tflow2 google apache-2.0 38    
https://github.com/fygrave/honeyntp NTP logger/honeypot fygrave   50    
https://github.com/delvelabs/tachyon Fast http dead file finder. delvelabs gpl-2.0 203    
https://github.com/hzqst/Syscall-Monitor Syscall Monitor is a system monitor program (like Sysinternal’s Process Monitor) using Intel VT-X/EPT for Windows7+ hzqst mit 640    
https://github.com/posquit0/Awesome-CV :page_facing_up: Awesome CV is LaTeX template for your outstanding job application posquit0 lppl-1.3c 17584    
https://github.com/json-schema-form/angular-schema-form Generate forms from a JSON schema, with AngularJS! json-schema-form mit 2463    
https://github.com/MISP/misp-privacy-aware-exchange A privacy-aware exchange module to securely and privately share your indicators MISP agpl-3.0 13    
https://github.com/homenc/HElib HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations. homenc other 2889    
https://github.com/jaegeral/awesome-incident-response-pro-bono This repository is a curated list of pro bono incident response entities. jaegeral apache-2.0 17    
https://github.com/equalitie/np1sec A library for off-the-record (deniable authenticated forward secure confidential) multiparty messaging equalitie lgpl-3.0 397    
https://github.com/k4m4/movies-for-hackers 🎬 A curated list of movies every hacker & cyberpunk must watch. k4m4 cc0-1.0 9321    
https://github.com/cr-marcstevens/sha1collisiondetection Library and command line tool to detect SHA-1 collision in a file cr-marcstevens other 1212    
https://github.com/DinoTools/dionaea Home of the dionaea honeypot DinoTools gpl-2.0 612    
https://github.com/fabio-d/honeypot Honeypot that emulates several protocols (incl. SSH, telnet, SMTP, HTTP, SSL and SIP) fabio-d gpl-2.0 47    
https://github.com/dropbox/securitybot Distributed alerting for the masses! dropbox apache-2.0 995    
https://github.com/oasis-open/cti-pattern-matcher OASIS TC Open Repository: Match STIX content against STIX patterns oasis-open bsd-3-clause 34    
https://github.com/oasis-open/cti-pattern-validator OASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators oasis-open bsd-3-clause 20    
https://github.com/microlinkhq/metascraper Get unified metadata from websites using Open Graph, Microdata, RDFa, Twitter Cards, JSON-LD, HTML, and more. microlinkhq mit 1839    
https://github.com/oasis-open/cti-documentation OASIS TC Open Repository: GitHub Pages site for STIX and TAXII oasis-open bsd-3-clause 79    
https://github.com/jd7h/pritchard Data mining on public security advisories. jd7h   4    
https://github.com/atexio/mercure Mercure is a tool for security managers who want to train their colleague to phishing. atexio gpl-3.0 268    
https://github.com/vorg/timeline.js A compact JavaScript animation library with a GUI timeline for fast editing. vorg   514    
https://github.com/snare/binjatron Binary Ninja plugin for Voltron integration snare mit 159    
https://github.com/MaartenBaert/ssr SimpleScreenRecorder, a screen recorder for Linux MaartenBaert gpl-3.0 2123    
https://github.com/oasis-open/cti-python-stix2 OASIS TC Open Repository: Python APIs for STIX 2 oasis-open bsd-3-clause 284    
https://github.com/wbond/certvalidator Python library for validating X.509 certificates and paths wbond mit 88    
https://github.com/ExodusIntelligence/cpe_utils A simple python library to assist in working with cpes ExodusIntelligence mit 14    
https://github.com/tribalchicken/postfix-cuckoolyse A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox tribalchicken   12    
https://github.com/python/cpython The Python programming language python other 48597    
https://github.com/SigmaHQ/sigma Generic Signature Format for SIEM Systems SigmaHQ other 5682    
https://github.com/nodesocket/jsonlite A simple, self-contained, serverless, zero-configuration, json document store. nodesocket apache-2.0 834    
https://github.com/ColumPaget/Hashrat Hashing tool supporting md5,sha1,sha256,sha512,whirlpool,jh and hmac versions of these. Includes recursive file hashing and other features. ColumPaget gpl-3.0 47    
https://github.com/ResidentMario/geoplot High-level geospatial data visualization library for Python. ResidentMario mit 1021    
https://github.com/opieters/business-card A business card in LaTeX. opieters gpl-3.0 667    
https://github.com/EC-DIGIT-CSIRC/MISP-ThreatExchange Script to interface MISP with Facebook ThreatExchange EC-DIGIT-CSIRC   11    
https://github.com/maxbbraun/trump2cash A stock trading bot powered by Trump tweets maxbbraun mit 6149    
https://github.com/autocrypt/memoryhole Protected E-mail Headers autocrypt   71    
https://github.com/zardus/ctf-tools Some setup scripts for security research tools. zardus bsd-3-clause 7006    
https://github.com/UTSA-cyber/sceadan Systematic Classification Engine for Advanced Data ANalysis UTSA-cyber gpl-2.0 21    
https://github.com/kaitai-io/kaitai_struct_python_runtime Kaitai Struct: runtime for Python kaitai-io mit 60    
https://github.com/kaitai-io/kaitai_struct_formats Kaitai Struct: library of binary file formats (.ksy) kaitai-io   591    
https://github.com/deepmind/learning-to-learn Learning to Learn in TensorFlow deepmind apache-2.0 4048    
https://github.com/lgandx/PoC Various PoCs lgandx   485    
https://github.com/MISP/SimpleQueue Multiprocessing queuing module extracted from AIL framework (Pre-Alpha stage) - to replace Cake::Resque in MISP MISP   4    
https://github.com/pinkflawd/r2graphity Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators pinkflawd mit 86    
https://github.com/x0rz/tweets_analyzer Tweets metadata scraper & activity analyzer x0rz gpl-3.0 2819    
https://github.com/marcurdy/dfir-toolset Dump of organized knowledge on DFIR marcurdy   114    
https://github.com/mispy-archive/ebooks_example Example of a full twitter_ebooks bot definition mispy-archive   138    
https://github.com/RediSearch/RediSearch A query and indexing engine for Redis, providing secondary indexing, full-text search, and aggregations. RediSearch other 3984    
https://github.com/spellchecker-lu/dictionary-lb-lu HunSpell dictionary and MyThes thesaurus for the Luxembourgish language. spellchecker-lu other 18    
https://github.com/ShellcodeSmuggler/IAT_POC POC for IAT Parsing Payloads ShellcodeSmuggler   45    
https://github.com/AnttiKurittu/kirjuri Kirjuri is a web application for managing cases and physical forensic evidence items. AnttiKurittu mit 103    
https://github.com/seveas/python-hpilo Accessing the HP iLO XML interface from python seveas other 289    
https://github.com/0x3a/tor-dns Monitoring ‘DNS’ inside the Tor network 0x3a   91    
https://github.com/ANSSI-FR/bootcode_parser A boot record parser that identifies known good signatures for MBR, VBR and IPL. ANSSI-FR gpl-3.0 93    
https://github.com/SAFETAG/SAFETAG SAFETAG is a curricula, a methodology, and a framework for security auditors working with advocacy groups. SAFETAG mit 73    
https://github.com/adamcaudill/EquationGroupLeak Archive of leaked Equation Group materials adamcaudill   718    
https://github.com/sch3m4/libntoh User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation sch3m4 other 98    
https://github.com/wille/cry Cross platform PoC ransomware written in Go wille   204    
https://github.com/pevma/SEPTun Suricata Extreme Performance Tuning guide pevma gpl-2.0 185    
https://github.com/m3db/m3 M3 monorepo - Distributed TSDB, Aggregator and Query Engine, Prometheus Sidecar, Graphite Compatible, Metrics Platform m3db apache-2.0 4278    
https://github.com/MISP/misp-website MISP website (hugo-based) MISP other 19    
https://github.com/RichardLitt/open-source-protocol :unlock: Open up web development RichardLitt mit 44    
https://github.com/jorilallo/jsonbrowse 🔎 Browse, filter and manipulate your JSON inside the browser jorilallo   367    
https://github.com/nojhan/liquidprompt A full-featured & carefully designed adaptive prompt for Bash & Zsh nojhan agpl-3.0 4219    
https://github.com/FallibleInc/security-guide-for-developers Security Guide for Developers (实用性开发人员安全须知) FallibleInc   20422    
https://github.com/Te-k/analyst-scripts Scripts to analyze stuff Te-k   118    
https://github.com/oklog/oklog A distributed and coördination-free log management system oklog apache-2.0 2961    
https://github.com/r00t-3xp10it/backdoorppt transform your payload.exe into one fake word doc (.ppt) r00t-3xp10it   439    
https://github.com/not-kennethreitz/omnijson Like AnyJSON, but better. not-kennethreitz mit 43    
https://github.com/erik1o6/oscp oscp-scripts erik1o6   133    
https://github.com/lateralblast/lunar A UNIX security auditing tool based on several security frameworks lateralblast   280    
https://github.com/ipankajg/ceed A tiny x86 compiler with ELF and PE target ipankajg bsd-2-clause 129    
https://github.com/PaloAltoNetworks/minemeld-core Engine of MineMeld PaloAltoNetworks apache-2.0 137    
https://github.com/CheckPointSW/InviZzzible InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them. CheckPointSW gpl-3.0 390    
https://github.com/Plazmaz/MongoDB-HoneyProxy A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server. Plazmaz gpl-3.0 81    
https://github.com/jedisct1/minisign A dead simple tool to sign files and verify digital signatures. jedisct1 other 1611    
https://github.com/Netflix/vizceral WebGL visualization for displaying animated traffic graphs Netflix apache-2.0 3973    
https://github.com/nccgroup/featherduster An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction nccgroup bsd-3-clause 991    
https://github.com/bat-serjo/vivisect-py3 Vivisect in python3 bat-serjo apache-2.0 12    
https://github.com/patois/IDACyber Data Visualization Plugin for IDA Pro patois mit 264    
https://github.com/mattermost/mattermost-server Mattermost is an open source platform for secure collaboration across the entire software development lifecycle. mattermost other 24213    
https://github.com/lmrs2/secretgrind Secretgrind: a Valgrind analysis tool to detect secrets in memory lmrs2   54    
https://github.com/jspsych/jsPsych Create behavioral experiments in a browser using JavaScript jspsych mit 868    
https://github.com/netblue30/firejail Linux namespaces and seccomp-bpf sandbox netblue30 gpl-2.0 4497    
https://github.com/peterbrittain/asciimatics A cross platform package to do curses-like operations, plus higher level APIs and widgets to create text UIs and ASCII art animations peterbrittain apache-2.0 3166    
https://github.com/dloss/binary-parsing A list of generic tools for parsing binary data structures, such as file formats, network protocols or bitstreams dloss mit 635    
https://github.com/toumorokoshi/nlgen Natural Language Generator for Python toumorokoshi mit 27    
https://github.com/bolek42/rsa-sdr   bolek42   33    
https://github.com/decaf-project/DECAF DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF. decaf-project gpl-3.0 717    
https://github.com/tridentli/trident Trident is a trusted and secure communication platform for enabling better communication between groups of trusted parties tridentli apache-2.0 20    
https://github.com/mermaid-js/mermaid Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown mermaid-js mit 51000    
https://github.com/google/grumpy Grumpy is a Python to Go source code transcompiler and runtime. google apache-2.0 10536    
https://github.com/seaweedfs/seaweedfs SeaweedFS is a fast distributed storage system for blobs, objects, files, and data lake, for billions of files! Blob store has O(1) disk seek, cloud tiering. Filer supports Cloud Drive, cross-DC active-active replication, Kubernetes, POSIX FUSE mount, S3 API, S3 Gateway, Hadoop, WebDAV, encryption, Erasure Coding. seaweedfs apache-2.0 15764    
https://github.com/jamiemcg/Remarkable Remarkable - The Markdown Editor for Linux http://remarkableapp.github.io jamiemcg mit 1863    
https://github.com/Maktm/FLIRTDB A community driven collection of IDA FLIRT signature files Maktm   1009    
https://github.com/timeweb/ddosdetector A flexible tool for analyzing network traffic and automation of the process of protection against DDoS attacks. timeweb gpl-3.0 134    
https://github.com/jekil/awesome-hacking Awesome hacking is an awesome collection of hacking tools. jekil   2147    
https://github.com/trufflesecurity/trufflehog Find credentials all over the place trufflesecurity agpl-3.0 9630    
https://github.com/cryptax/confsec Security, hacking conferences (list) cryptax   392    
https://github.com/hugsy/binja-retdec Binary Ninja plugin to decompile binaries using RetDec API hugsy mit 159    
https://github.com/pingcap/tidb TiDB is an open-source, cloud-native, distributed, MySQL-Compatible database for elastic scale and real-time analytics. Try free: https://tidbcloud.com/free-trial pingcap apache-2.0 32742    
https://github.com/aio-libs/yarl Yet another URL library aio-libs other 857    
https://github.com/BurntSushi/ripgrep ripgrep recursively searches directories for a regex pattern while respecting your gitignore BurntSushi unlicense 34015    
https://github.com/a2o/snoopy Snoopy Command Logger is a small library that logs all program executions on your Linux/BSD system. a2o gpl-2.0 1044    
https://github.com/OpenKMIP/PyKMIP A Python implementation of the KMIP specification. OpenKMIP apache-2.0 198    
https://github.com/pcbje/ggraph Graph visualization of big messy data pcbje apache-2.0 789    
https://github.com/harvard-itsecurity/docker-misp Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing harvard-itsecurity bsd-3-clause 169    
https://github.com/dudeintheshell/blackhole   dudeintheshell   34    
https://github.com/devongovett/regexgen Generate regular expressions that match a set of strings devongovett   3190    
https://github.com/gpg/gnupg The GNU Privacy Guard. NOTE: Maintainers are not tracking this mirror. Do not make pull requests here, nor comment any commits, submit them usual way to bug tracker (https://www.gnupg.org/documentation/bts.html) or to the mailing list (https://www.gnupg.org/documentation/mailing-lists.html). gpg gpl-3.0 520    
https://github.com/OpenPGP/openpgp.org OpenPGP.org website OpenPGP mit 212    
https://github.com/nickbytes/notella Super clean notes app nickbytes mit 3    
https://github.com/0xrawsec/golang-misp Golang Library to interact with your MISP instance 0xrawsec other 19    
https://github.com/PidgeyL/cve-search cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs. PidgeyL other 22    
https://github.com/nbareil/SSTIC-Annex Slides et Articles de sstic.org nbareil   7    
https://github.com/r00t-3xp10it/morpheus Morpheus - Automating Ettercap TCP/IP (MITM-hijacking Tool) r00t-3xp10it   762    
https://github.com/CISecurity/OVALRepo   CISecurity   202    
https://github.com/intel/tinycbor Concise Binary Object Representation (CBOR) Library intel mit 376    
https://github.com/DNS-OARC/dnscap Network capture utility designed specifically for DNS traffic DNS-OARC other 247    
https://github.com/dekimir/RamFuzz Combining Unit Tests, Fuzzing, and AI dekimir apache-2.0 292    
https://github.com/tunz/js-vuln-db A collection of JavaScript engine CVEs with PoCs tunz   2189    
https://github.com/oasis-tcs/cti-stix2 OASIS CTI TC: Provides issue tracking and wiki pages for the STIX 2.x Work Products oasis-tcs other 19    
https://github.com/Unitech/pm2 Node.js Production Process Manager with a built-in Load Balancer. Unitech other 37997    
https://github.com/intelxed/xed x86 encoder decoder intelxed apache-2.0 1227    
https://github.com/google/gonids gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/ google apache-2.0 149    
https://github.com/MISP/misp-taxonomies Taxonomies used in MISP taxonomy system and can be used by other information sharing tool. MISP other 219    
https://github.com/MISP/misp-modules Modules for expansion services, import and export in MISP MISP agpl-3.0 257    
https://github.com/cloudtracer/ThreatPinchLookup Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension cloudtracer   296    
https://github.com/CVEProject/automation-working-group CVE Automation Working Group CVEProject   131    
https://github.com/AlticeLabsProjects/kyoto Kyoto Tycoon key-value store (and the underlying Kyoto Cabinet library) AlticeLabsProjects gpl-3.0 259    
https://github.com/pan-unit42/iocs Indicators from Unit 42 Public Reports pan-unit42 mit 580    
https://github.com/Kafeine/public   Kafeine   19    
https://github.com/faker-ruby/faker A library for generating fake data such as names, addresses, and phone numbers. faker-ruby mit 10465    
https://github.com/stickermule/rump Hot sync two Redis servers using dumps. stickermule mit 446    
https://github.com/dflemstr/rq Record Query - A tool for doing record analysis and transformation dflemstr apache-2.0 2147    
https://github.com/PUNCH-Cyber/stoq An open source framework for enterprise level automated analysis. PUNCH-Cyber apache-2.0 385    
https://github.com/OxalisCommunity/oxalis Oxalis - PEPPOL Access Point open source implementation - Core component OxalisCommunity other 95    
https://github.com/gchq/CyberChef The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis gchq apache-2.0 19246    
https://github.com/sensepost/DET (extensible) Data Exfiltration Toolkit (DET) sensepost mit 788    
https://github.com/cloudflare/bpftools BPF Tools - packet analyst toolkit cloudflare bsd-3-clause 1037    
https://github.com/rastating/wordpress-exploit-framework A Ruby framework designed to aid in the penetration testing of WordPress systems. rastating gpl-3.0 956    
https://github.com/Parsely/streamparse Run Python in Apache Storm topologies. Pythonic API, CLI tooling, and a topology DSL. Parsely apache-2.0 1465    
https://github.com/Gorcenski/voting-machines A repo for exploring the software quality of electronic voting machines Gorcenski mit 244    
https://github.com/onethawt/reverseengineering-reading-list A list of Reverse Engineering articles, books, and papers onethawt   1748    
https://github.com/cve-search/VIA4CVE Vulnerability Information Aggregator for CVEs cve-search other 110    
https://github.com/johnnykv/heralding Credentials catching honeypot johnnykv gpl-3.0 333    
https://github.com/nils-werner/zget Filename based peer to peer file transfer nils-werner mit 479    
https://github.com/joxeankoret/cosa-nostra Cosa Nostra, a FOSS graph based malware clusterization toolkit. joxeankoret gpl-3.0 224    
https://github.com/quentinhardy/odat ODAT: Oracle Database Attacking Tool quentinhardy   1246    
https://github.com/ytisf/PyExfil A Python Package for Data Exfiltration ytisf mit 649    
https://github.com/sroberts/awesome-iocs A collection of sources of indicators of compromise. sroberts other 661    
https://github.com/nsacyber/Control-Flow-Integrity A proposed hardware-based method for stopping known memory corruption exploitation techniques. #nsacyber nsacyber other 140    
https://github.com/screetsec/TheFatRat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection . screetsec gpl-3.0 7043    
https://github.com/pstirparo/utils Different DFIR and CTI utilities pstirparo apache-2.0 31    
https://github.com/kevthehermit/VolUtility Web App for Volatility framework kevthehermit gpl-3.0 346    
https://github.com/securing/gattacker A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks securing mit 579    
https://github.com/MISP/MISP-Taxii-Server An OpenTAXII Configuration for MISP MISP bsd-3-clause 73    
https://github.com/mehrdadrad/mylg Network Diagnostic Tool mehrdadrad mit 2604    
https://github.com/oasis-open/cti-stix-elevator OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON oasis-open bsd-3-clause 46    
https://github.com/charly077/MISP-privacy-aware-sharing-master-thesis Git used for my master thesis: charly077   4    
https://github.com/rootkovska/codehash.db A public database for software and firmware hashes rootkovska   218    
https://github.com/cchio/deep-pwning Metasploit for machine learning. cchio mit 520    
https://github.com/Yelp/elastalert Easy & Flexible Alerting With ElasticSearch Yelp apache-2.0 7854    
https://github.com/dakami/overflowd Stochastic Traffic Factoring Utility dakami bsd-3-clause 14    
https://github.com/jonschipp/ISLET Isolated, Scalable, & Lightweight Environment for Training jonschipp other 111    
https://github.com/TheHive-Project/TheHive TheHive: a Scalable, Open Source and Free Security Incident Response Platform TheHive-Project agpl-3.0 2691    
https://github.com/dabeaz/curio Good Curio! dabeaz other 3875    
https://github.com/EmpireProject/Empire Empire is a PowerShell and Python post-exploitation agent. EmpireProject bsd-3-clause 6729    
https://github.com/Neo23x0/signature-base YARA signature and IOC database for my scanners and tools Neo23x0 other 1796    
https://github.com/CISOfy/lynis Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional. CISOfy gpl-3.0 10183    
https://github.com/NLnetLabs/NSD.old The NLnet Labs Name Server Daemon (NSD) is an authoritative RFC compliant DNS nameserver. This is an outdated export of the subversion repository. For the current export, head to NLnetLabs bsd-3-clause 17    
https://github.com/NLnetLabs/unbound.old Unbound is a validating recursive DNS resolver. This is an old export of the subversion repository. For the current export, please use NLnetLabs bsd-3-clause 22    
https://github.com/scudette/memory-analysis A Rekall interactive document for a Memory Analysis workshop/course. scudette other 43    
https://github.com/keithjjones/visualize_logs A Python library and command line tools to provide interactive log visualization. keithjjones other 133    
https://github.com/stsi/fragroute-ipv6   stsi other 6    
https://github.com/ajkeeton/fragroute Tweaked version of Dug Song’s fragroute ajkeeton other 3    
https://github.com/hfiref0x/TDL Driver loader for bypassing Windows x64 Driver Signature Enforcement hfiref0x bsd-2-clause 905    
https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools Set of tools to analyze Windows sandboxes for exposed attack surface. googleprojectzero apache-2.0 1675    
https://github.com/topojson/topojson An extension of GeoJSON that encodes topology! 🌐 topojson other 4343    
https://github.com/CRIPTIM/private-sightings Private sharing of sightings of indicators of compromise using the private aggregation of time-series data scheme by Shi et al. CRIPTIM mit 4    
https://github.com/CRIPTIM/private-IOC-sharing Proof-of-concept implementation of cryptographic indicators of compromise. CRIPTIM mit 6    
https://github.com/mempodippy/vlany Linux LD_PRELOAD rootkit (x86 and x86_64 architectures) mempodippy gpl-3.0 881    
https://github.com/BreakingMalwareResearch/atom-bombing Brand New Code Injection for Windows BreakingMalwareResearch   685    
https://github.com/robertdavidgraham/telnetlogger Simulates enough of a Telnet connection in order to log failed login attempts. robertdavidgraham   234    
https://github.com/mkorman90/VolatilityBot VolatilityBot – An automated memory analyzer for malware samples and memory dumps mkorman90 mit 246    
https://github.com/DE-CIX/pbgp-parser PCAP BGP Parser DE-CIX other 81    
https://github.com/pyupio/safety-db A curated database of insecure Python packages pyupio other 711    
https://github.com/Pepitoh/VBad VBA Obfuscation Tools combined with an MS office document generator Pepitoh mit 473    
https://github.com/jedisct1/edgedns A high performance DNS cache designed for Content Delivery Networks jedisct1 isc 458    
https://github.com/Geal/nom Rust parser combinator framework Geal mit 7207    
https://github.com/haegardev/unzip   haegardev   1    
https://github.com/snabbco/snabb Snabb: Simple and fast packet networking snabbco apache-2.0 2854    
https://github.com/dirtycow/dirtycow.github.io Dirty COW dirtycow   3136    
https://github.com/cve-search/PyCVESearch Python wrapper for the API of cve-search cve-search other 97    
https://github.com/michenriksen/birdwatcher Data analysis and OSINT framework for Twitter michenriksen mit 398    
https://github.com/whitesmith/hawkpost Generate links that users can use to submit messages encrypted with your public key. whitesmith mit 898    
https://github.com/MISP/misp-rfc Specifications used in the MISP project including MISP core format MISP   39    
https://github.com/sanic-org/sanic Next generation Python web server/framework Build fast. Run fast. sanic-org mit 16565  
https://github.com/tandasat/ExploitCapcom This is a standalone exploit for a vulnerable feature in Capcom.sys tandasat mit 205    
https://github.com/xujun10110/es_email_intel Extract IOCs from emails, store them in ElasticSearch, and generate mails and feeds based on the data xujun10110   4    
https://github.com/IoTPOT/IoTPOT We implement IoTPOT, a novel honeypot to emulate Telnet services of various IoT devices to analyze ongoing attacks in depth. IoTPOT consists of a frontend low-interaction responder cooperating with backend high-interaction virtual environments called IoTBOX. IoTBOX operates various virtual environments commonly used by embedded systems for different CPU architectures. IoTPOT   26    
https://github.com/martinbjeldbak/ultimate-beamer-theme-list A collection of custom Beamer themes martinbjeldbak   899    
https://github.com/ddcc/d3-waterfall   ddcc mit 81    
https://github.com/john-kurkowski/tldextract Accurately separates a URL’s subdomain, domain, and public suffix, using the Public Suffix List (PSL). john-kurkowski bsd-3-clause 1554    
https://github.com/Blueliv/yaraQA   Blueliv other 14    
https://github.com/hackergrrl/art-of-readme :love_letter: Things I’ve learned about writing good READMEs. hackergrrl   6850    
https://github.com/shendo/netsink Network sinkhole for isolated malware analysis shendo gpl-3.0 37    
https://github.com/reelsense/markdeep 📝 Markdeep reelsense bsd-2-clause 246    
https://github.com/sebicas/bitcoin-sniffer Bitcoin P2P Network Sniffer sebicas   72    
https://github.com/bontchev/pcodedmp A VBA p-code disassembler bontchev gpl-3.0 407    
https://github.com/keystone-engine/keystone Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings keystone-engine gpl-2.0 1887    
https://github.com/amix/neuralist A Python interface to access neural-redis amix mit 77    
https://github.com/miekg/mmark OBSOLETE See https://github.com/mmarkdown/mmark miekg other 257    
https://github.com/antirez/neural-redis Neural networks module for Redis antirez bsd-3-clause 2217    
https://github.com/decalage2/ViperMonkey A VBA parser and emulation engine to analyze malicious macros. decalage2   918    
https://github.com/oasis-open/cti-marking-prototype OASIS TC Open Repository: Prototype for processing granular data markings in STIX oasis-open bsd-3-clause 4    
https://github.com/mimoo/Diffie-Hellman_Backdoor How to backdoor Diffie-Hellman mimoo   590    
https://github.com/mlsecproject/tiq-test Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds mlsecproject gpl-3.0 158    
https://github.com/OpenC2-org/openc2-org The Open Command and Control Forum promotes the global development and adoption of the OpenC2 language and reference material. OpenC2-org other 28    
https://github.com/ccdcoe/Frankencoding You’re busted! ccdcoe   15    
https://github.com/twschiller/open-synthesis Open platform for CIA-style intelligence analysis twschiller gpl-3.0 176    
https://github.com/hintjens/socialarchitecture A primer on on-line community building hintjens other 184    
https://github.com/oasis-open/cti-cybox3-json-schemas OASIS TC Open Repository: Non-normative schemas and examples for CybOX 3 oasis-open bsd-3-clause 3    
https://github.com/push0ebp/sig-database IDA FLIRT Signature Database push0ebp   671    
https://github.com/MISP/MISP-STIX-Converter A utility repo to assist with converting between MISP and STIX formats MISP lgpl-3.0 60    
https://github.com/gohugoio/hugo The world’s fastest framework for building websites. gohugoio apache-2.0 63444    
https://github.com/anisse/hashbot Twitter bot that looks for hashes anisse   8    
https://github.com/mispy-archive/twitter_ebooks Better twitterbots for all your friends~ mispy-archive mit 974    
https://github.com/salesforce/threatshell   salesforce bsd-3-clause 64    
https://github.com/tom8941/MISP-IOC-Validator Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format tom8941 gpl-3.0 11    
https://github.com/stamparm/ipsum Daily feed of bad IPs (with blacklist hit scores) stamparm unlicense 858    
https://github.com/mrexodia/idapatch IDA plugin to patch IDA Pro in memory. mrexodia mit 44    
https://github.com/gcrahay/otx_misp Imports Alienvault OTX pulses to a MISP instance gcrahay other 48    
https://github.com/wsong/Typo-Distance Finds the likelihood that one string is a typo of another and generates likely typos from a given string wsong   59    
https://github.com/zmallen/pygraylog Python API bindings for Graylog zmallen apache-2.0 12    
https://github.com/eclecticiq/OpenTAXII TAXII server implementation in Python from EclecticIQ eclecticiq bsd-3-clause 150    
https://github.com/infoscout/weighted-levenshtein Weighted Levenshtein library infoscout mit 97    
https://github.com/aoh/radamsa a general-purpose fuzzer aoh   1207    
https://github.com/shellphish/fuzzer A Python interface to AFL, allowing for easy injection of testcases and other functionality. shellphish bsd-2-clause 610    
https://github.com/tom8941/DefenseCenter_Snort_Uploader Automatic upload of snort rules in SourceFire Defense Center tom8941 gpl-3.0 3    
https://github.com/sdispater/pendulum Python datetimes made easy sdispater mit 5156    
https://github.com/santu47/Eramba   santu47 gpl-2.0 1    
https://github.com/tomnomnom/gron Make JSON greppable! tomnomnom mit 11561    
https://github.com/yuki-kimoto/gitprep Portable GitHub system into your own server yuki-kimoto   874    
https://github.com/digitalbazaar/pyld JSON-LD processor written in Python digitalbazaar other 503    
https://github.com/ministryofpromise/tlp threat language parser ministryofpromise mit 57    
https://github.com/ufrisk/pcileech Direct Memory Access (DMA) Attack Software ufrisk agpl-3.0 2765    
https://github.com/linuz/Sticky-Keys-Slayer Scans for accessibility tools backdoors via RDP linuz gpl-3.0 304    
https://github.com/Miserlou/omnihash Hash files, strings, input streams and network resources in various common algorithms simultaneously Miserlou mit 249    
https://github.com/skorokithakis/shortuuid A generator library for concise, unambiguous and URL-safe UUIDs. skorokithakis bsd-3-clause 1753    
https://github.com/freetaxii/stix2-graphics Graphics, icons, and diagrams to support STIX 2 freetaxii cc-by-sa-4.0 34    
https://github.com/PidgeyL/MISP-Extractor Extract information from MISP via the API PidgeyL   13    
https://github.com/tesseract-ocr/tesseract Tesseract Open Source OCR Engine (main repository) tesseract-ocr apache-2.0 47278    
https://github.com/madmaze/pytesseract A Python wrapper for Google Tesseract madmaze apache-2.0 4501    
https://github.com/Phillipmartin/gopassivedns PassiveDNS in Go Phillipmartin mit 118    
https://github.com/commonsmachinery/blockhash-python Implementation of perceptual image hash calculation in Python commonsmachinery mit 125    
https://github.com/dxa4481/Snapper A security tool for grabbing screenshots of many web hosts dxa4481 gpl-2.0 276    
https://github.com/MISP/PyTaxonomies Python module to use the MISP Taxonomies MISP bsd-3-clause 25    
https://github.com/REMath/literature_review Survey of program analysis research with a focus on machine code REMath   533    
https://github.com/waywardgeek/infnoise The world’s easiest TRNG to get right waywardgeek cc0-1.0 624    
https://github.com/celiadominguez/shcft Sherlock Holmes Computer Forensics Tools celiadominguez   5    
https://github.com/jedisct1/piknik Copy/paste anything over the network. jedisct1 bsd-2-clause 2280    
https://github.com/PaloAltoNetworks/minemeld Main MineMeld documentation repo PaloAltoNetworks   362    
https://github.com/old-jekyll-templates/Arcana-Jekyll-Theme Arcana Jekyll Theme old-jekyll-templates other 26    
https://github.com/MISP/cti-toolkit CERT Australia Cyber Threat Intelligence (CTI) Toolkit MISP other 11    
https://github.com/antirez/kilo A text editor in less than 1000 LOC with syntax highlight and search. antirez bsd-2-clause 5679    
https://github.com/misterch0c/firminator_backend The first open source vulnerability scanner for firmwares misterch0c   195    
https://github.com/traefik/traefik The Cloud Native Application Proxy traefik mit 40270    
https://github.com/tehsyntx/loffice Lazy Office Analyzer tehsyntx   113    
https://github.com/hamidreza-s/NanoChat A P2P, E2E encrypted and discoverable chat application on top of nanomsg library hamidreza-s   108    
https://github.com/laginimaineb/ExtractKeyMaster Exploit that extracts Qualcomm’s KeyMaster keys using CVE-2015-6639 and CVE-2016-2431 laginimaineb   323    
https://github.com/ANSSI-FR/polichombr Collaborative malware analysis framework ANSSI-FR other 346    
https://github.com/melaniecebula/cat-ascii-faces ₍˄·͈༝·͈˄₎◞ ̑̑ෆ⃛ (=ↀωↀ=)✧ (^・o・^)ノ” cat faces! melaniecebula   238    
https://github.com/ANSSI-FR/bmc-tools RDP Bitmap Cache parser ANSSI-FR cecill-2.1 341    
https://github.com/stealth/opmsg opmsg message encryption stealth other 722    
https://github.com/parltrack/parltrack Parliamentary Tracker Application parltrack   63    
https://github.com/blechschmidt/massdns A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) blechschmidt gpl-3.0 2434    
https://github.com/quarkslab/keyringer Fork of keyringer from https://keyringer.pw (added some features like tree view, additional checks, …) quarkslab gpl-3.0 8    
https://github.com/doukremt/distance Levenshtein and Hamming distance computation doukremt other 110    
https://github.com/bartobri/no-more-secrets A command line tool that recreates the famous data decryption effect seen in the 1992 movie Sneakers. bartobri gpl-3.0 5238    
https://github.com/cx9527/strongdb gdb plugin for android debugging cx9527 gpl-3.0 100    
https://github.com/tandasat/HyperPlatform Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows. tandasat mit 1216    
https://github.com/CybOXProject/specifications Cyber Observable Expression (CybOX™) CybOXProject   4    
https://github.com/ThreatHuntingProject/ThreatHunting An informational repo about hunting for adversaries in your IT environment. ThreatHuntingProject   1430    
https://github.com/cloudflare/cfssl_trust CFSSL’s CA trust store repository cloudflare bsd-2-clause 207    
https://github.com/HurricaneLabs/machinae Machinae Security Intelligence Collector HurricaneLabs mit 479    
https://github.com/ethanrowe/python-merky Provides a python library for the somewhat flexible calculation of merkle trees. Flexible, not necessarily fast. ethanrowe mit 6    
https://github.com/laginimaineb/cve-2016-2431 Qualcomm TrustZone kernel privilege escalation laginimaineb other 51    
https://github.com/IMcPwn/browser-backdoor BrowserBackdoor is an Electron Application with a JavaScript WebSocket Backdoor and a Ruby Command-Line Listener IMcPwn mit 341    
https://github.com/icecoder/ICEcoder Browser code editor awesomeness icecoder other 1366    
https://github.com/fox-it/mofang Mofang Indicators of Compromise fox-it   9    
https://github.com/Antelox/NemucodFR Extract the key and use it to recover encrypted files by Nemucod Ransomware [.crypted] Antelox mit 18    
https://github.com/ciscocsirt/malspider Malspider is a web spidering framework that detects characteristics of web compromises. ciscocsirt bsd-3-clause 426    
https://github.com/FIRSTdotorg/global-irt Global IRT (Incident Response Team) is a project to describe common IRT and abuse contact information FIRSTdotorg bsd-2-clause 43    
https://github.com/kwouffe/halloffame Manage reported vulnerabilies kwouffe   2    
https://github.com/Nakiami/mellivora Mellivora is a CTF engine written in PHP Nakiami gpl-3.0 405    
https://github.com/jaegeral/FireMISP FireEye Alert json files to MISP Malware information sharing plattform (Alpha) jaegeral mit 29    
https://github.com/lachesis/scallion GPU-based Onion Hash generator lachesis other 1166    
https://github.com/IonicaBizau/git-stats 🍀 Local git statistics including GitHub-like contributions calendars. IonicaBizau mit 6050    
https://github.com/rommelfs/vt-submit Program to submit files (with comments) to VirusTotal rommelfs   2    
https://github.com/cmu-sei/pharos Automated static analysis tools for binary programs cmu-sei other 1285    
https://github.com/gitunique/cti-scripts Scripts for accessing and transforming cyber threat intelligence gitunique   20    
https://github.com/Rafiot/pdfid Clone of PDFiD by Didier Stevens, as a package and with some improvements. Rafiot   23    
https://github.com/mit-nlp/MITIE MITIE: library and tools for information extraction mit-nlp   2794    
https://github.com/paralax/awesome-honeypots an awesome list of honeypot resources paralax artistic-2.0 6451    
https://github.com/OfflineIMAP/imapfw imapfw (IMAP/mail framework) OfflineIMAP mit 463    
https://github.com/CodeClubLux/TopCompiler Top Compiler, compiling to JS CodeClubLux mit 3    
https://github.com/glmcdona/Process-Dump Windows tool for dumping malware PE files from memory back to disk for analysis. glmcdona mit 1295    
https://github.com/koenrh/sidtoday-text The SIDtoday Files koenrh   6    
https://github.com/das-labor/panopticon A libre cross-platform disassembler. das-labor gpl-3.0 1403    
https://github.com/foospidy/HoneyPy A low to medium interaction honeypot. foospidy gpl-2.0 427    
https://github.com/libyal/libvshadow Library and tools to access the Volume Shadow Snapshot (VSS) format libyal lgpl-3.0 92    
https://github.com/dbohdan/structured-text-tools A list of command line tools for manipulating structured text data dbohdan   6395    
https://github.com/adamchainz/treepoem Barcode rendering for Python supporting QRcode, Aztec, PDF417, I25, Code128, Code39 and many more types. adamchainz mit 109    
https://github.com/grierforensics/officedissector Static analysis tools for Microsoft Office Open XML files and documents grierforensics other 57    
https://github.com/mitre/multiscanner Modular file scanning/analysis framework mitre other 573    
https://github.com/jessek/hashdeep   jessek other 615    
https://github.com/xolox/vim-notes Easy note taking in Vim xolox   1571    
https://github.com/nsacyber/Windows-Secure-Host-Baseline Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber nsacyber other 1405    
https://github.com/pwnall/sphero-notes Notes on reverse-engineering sphero pwnall mit 14    
https://github.com/ofercas/ransomware_begone ransomware_begone ofercas   39    
https://github.com/cedricbonhomme/newspipe A web news aggregator. cedricbonhomme agpl-3.0 344    
https://github.com/igraph/igraph Library for the analysis of networks igraph gpl-2.0 1449    
https://github.com/gbrindisi/malware malware source codes gbrindisi   485    
https://github.com/DFAX/dfax (DEPRECATED) Digital Forensic Analysis eXpression DFAX   7    
https://github.com/vaab/gitchangelog Creates a changelog from git log history. vaab other 554    
https://github.com/eleme/corvus A fast and lightweight Redis Cluster Proxy for Redis 3.0 eleme mit 786    
https://github.com/cve-search/Plugins Plugins written for CVE-Search cve-search   24    
https://github.com/kohler/hotcrp HotCRP conference review software kohler other 268    
https://github.com/lqdc/virus-names Virus names generator lqdc mit 27    
https://github.com/iilab/satellitefieldguide Satellite field guide for NGOs, activists and human rights defenders iilab   8    
https://github.com/tweekmonster/tmux2html :cat2: Render full tmux windows or individual panes as HTML tweekmonster mit 654    
https://github.com/ukncsc/stix-cvebuilder CVE Builder script that generates STIX formatted Exploit Target objects ukncsc other 18    
https://github.com/almende/vis ⚠️ This project is not maintained anymore! Please go to https://github.com/visjs almende   7899    
https://github.com/AGWA/git-crypt Transparent file encryption in git AGWA gpl-3.0 6848    
https://github.com/ANSSI-FR/OVALI Generic graph exploration, manipulation and visualization tool (Outil de Visualisation et Analyse de Liens Inter-objets) ANSSI-FR bsd-3-clause 35    
https://github.com/caradoc-org/caradoc A PDF parser and validator caradoc-org gpl-2.0 287    
https://github.com/s3git/s3git s3git: git for Cloud Storage. Distributed Version Control for Data. Create decentralized and versioned repos that scale infinitely to 100s of millions of files. Clone huge PB-scale repos on your local SSD to make changes, commit and push back. Oh yeah, it dedupes too and offers directory versioning. s3git apache-2.0 1390    
https://github.com/varnish/hitch A scalable TLS proxy by Varnish Software. varnish other 1767    
https://github.com/MISP/MISPego Maltego Transform to put entities into MISP events MISP mit 24    
https://github.com/BromiumLabs/PackerAttacker C++ application that uses memory and code hooks to detect packers BromiumLabs gpl-2.0 250    
https://github.com/r043v/rdd redis database dumper r043v   90    
https://github.com/MISP/data-processing Scripts to process big chunks of data from MISP and do in depth correlations on samples. MISP bsd-2-clause 12    
https://github.com/omererdem/honeything TR-069 Honeypot omererdem gpl-3.0 101    
https://github.com/niksite/url-normalize URL normalization for Python niksite mit 78    
https://github.com/UnkL4b/GitMiner Tool for advanced mining for content on Github UnkL4b gpl-3.0 1955    
https://github.com/libgenman/GenSearch Powered by Library Genesis libgenman   21    
https://github.com/google/vsaq VSAQ is an interactive questionnaire application to assess the security programs of third parties. google apache-2.0 808    
https://github.com/jpmens/jo JSON output from a shell jpmens other 4269    
https://github.com/danigargu/IDAtropy IDAtropy is a plugin for Hex-Ray’s IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib. danigargu gpl-3.0 124    
https://github.com/xme/misp-docker Docker container for MISP xme   95    
https://github.com/nimia/public_drown_scanner   nimia gpl-2.0 438    
https://github.com/fulldecent/system-bus-radio Transmits AM radio on computers without radio transmitting hardware. fulldecent mit 5971    
https://github.com/passivetotal/python_api Python abstract API for PassiveTotal services in the form of libraries and command line utilities. passivetotal other 86    
https://github.com/honeynet/ghost-usb-honeypot A honeypot for malware that propagates via USB storage devices honeynet gpl-3.0 80    
https://github.com/lyle-nel/siga Population based metaheuristic for password cracking. Siga(Simple genetic algorithm) lyle-nel gpl-3.0 409    
https://github.com/MISP/MISP-maltego Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset. MISP agpl-3.0 147    
https://github.com/bifurcation/pyjose A Python implementation of JOSE bifurcation   14    
https://github.com/S03D4-164/Hiryu IOC Management and Visualization Tool S03D4-164   41    
https://github.com/mandiant/iocs FireEye Publicly Shared Indicators of Compromise (IOCs) mandiant apache-2.0 442    
https://github.com/armbues/ioc_parser Tool to extract indicators of compromise from security reports in PDF format armbues mit 389    
https://github.com/scrapinghub/portia Visual scraping for Scrapy scrapinghub bsd-3-clause 8653    
https://github.com/fjserna/CVE-2015-7547 Proof of concept for CVE-2015-7547 fjserna apache-2.0 548    
https://github.com/jayjacobs/verisr R package for working with data stored within VERIS framework jayjacobs   13    
https://github.com/bigchaindb/bigchaindb Meet BigchainDB. The blockchain database. bigchaindb apache-2.0 3935    
https://github.com/kanzure/pdfparanoia pdf watermark removal library for academic papers kanzure   480    
https://github.com/dfirlabs/focalpoint Proof of concept Chrome extension to extract specific information from websites dfirlabs apache-2.0 1    
https://github.com/gchq/Gaffer A large-scale entity and relation database supporting aggregation of properties gchq apache-2.0 1667    
https://github.com/Wikinaut/agrep AGREP - approximate GREP for fast fuzzy string searching. Files are searched for a string or regular expression, with approximate matching capabilities and user-definable records. Developed 1989-1991 by Udi Manber, Sun Wu et al. at the University of Arizona. ISC open source license since Sept. 2014. Wikinaut other 270    
https://github.com/CESNET/ipfixcol IPFIXcol is an implementation of an IPFIX (RFC 7011) collector CESNET other 63    
https://github.com/pyca/cryptography cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. pyca other 5134    
https://github.com/Kitt-AI/parsetron A natural language semantic parser Kitt-AI apache-2.0 109    
https://github.com/emsec/SCATools Open tools for side-channel analysis and related techniques. Currently, this repository contains: 1) A near-field EM probe amplifier circuit emsec other 32    
https://github.com/wllm-rbnt/fft_process Classifying logs using FFT wllm-rbnt agpl-3.0 3    
https://github.com/mtivadar/qiew Home of Qiew - Reverse engineering tool mtivadar gpl-2.0 154    
https://github.com/restic/restic Fast, secure, efficient backup program restic bsd-2-clause 18359    
https://github.com/Kinto/kinto A generic JSON document store with sharing and synchronisation capabilities. Kinto other 4222    
https://github.com/geohot/qira QEMU Interactive Runtime Analyser geohot mit 3569    
https://github.com/rieck/derrick A Simple Network Stream Recorder rieck other 32    
https://github.com/rieck/harry A Tool for Measuring String Similarity rieck gpl-3.0 110    
https://github.com/hrbrmstr/pewpew :star: :star: :star: Build your own IP Attack Maps with SOUND! hrbrmstr   946    
https://github.com/onyxbits/dummydroid Google Play checkin utility. Creates a configurable hardware profile and gets a GSF ID for it. onyxbits apache-2.0 55    
https://github.com/CrowdStrike/travel-laptop Auxiliary documentation and scripts around “A Reasonably Safe Travel Burner Laptop” CrowdStrike   219    
https://github.com/gophish/gophish Open-Source Phishing Toolkit gophish other 8253    
https://github.com/ALSchwalm/foresight A tool for predicting the output of random number generators ALSchwalm mit 168    
https://github.com/ForensicArtifacts/artifacts Digital Forensics Artifact Repository ForensicArtifacts apache-2.0 786    
https://github.com/fastos/tcpdive A TCP performance profiling tool. fastos gpl-2.0 1830    
https://github.com/aboSamoor/polyglot Multilingual text (NLP) processing toolkit aboSamoor other 2070    
https://github.com/Storyyeller/Krakatau Java decompiler, assembler, and disassembler Storyyeller gpl-3.0 1638    
https://github.com/mbachry/exxo Build portable Python binaries mbachry isc 461    
https://github.com/RPISEC/Malware Course materials for Malware Analysis by RPISEC RPISEC   3279    
https://github.com/probcomp/crosscat A domain-general, Bayesian method for analyzing high-dimensional data tables probcomp apache-2.0 322    
https://github.com/simongog/sdsl-lite Succinct Data Structure Library 2.0 simongog other 2080    
https://github.com/jboone/tpms Tire Pressure Monitoring System decoding tools. jboone   325    
https://github.com/intel/pyMIC   intel bsd-3-clause 52    
https://github.com/OpenWhiteBox/AES Implementations of white-box AES constructions and their cryptanalyses. OpenWhiteBox bsd-3-clause 194    
https://github.com/Googulator/TeslaCrack Decryptor for the TeslaCrypt malware Googulator gpl-3.0 178    
https://github.com/shikata-ga-nai/the-backdoor-factory Patch PE (x86/x64) and ELF (x86/x64 and ARM LE x32) binaries with shellcode shikata-ga-nai bsd-3-clause 5    
https://github.com/kala13x/scap Network Sniffer (Scan and Capture Incoming Packets) kala13x lgpl-3.0 83    
https://github.com/hannob/ed25519hetzner Script to scan OpenSSH host key and known_hosts files for shared keys from server hoster Hetzner hannob cc0-1.0 18    
https://github.com/EC-DIGIT-CSIRC/Landesk-Registry-Entry-Parser Parses the registry entries for Landesk within the Software hive. EC-DIGIT-CSIRC   4    
https://github.com/EC-DIGIT-CSIRC/VirusTotal-Tools   EC-DIGIT-CSIRC mit 36    
https://github.com/lumifyio/lumify open source big data integration, analytics, and visualization lumifyio apache-2.0 413    
https://github.com/ricochet-im/ricochet Anonymous peer-to-peer instant messaging ricochet-im other 3630    
https://github.com/reinderien/mimic [ab]using Unicode to create tragedy reinderien mit 3720    
https://github.com/drwetter/testssl.sh Testing TLS/SSL encryption anywhere on any port drwetter gpl-2.0 6496    
https://github.com/mafintosh/dns-discovery Discovery peers in a distributed system using regular dns and multicast dns. mafintosh mit 189    
https://github.com/tqdm/tqdm A Fast, Extensible Progress Bar for Python and CLI tqdm other 23245    
https://github.com/scadastrangelove/SCADAPASS SCADA StrangeLove Default/Hardcoded Passwords List scadastrangelove   400    
https://github.com/MacLemon/CongressChecklist A list of things to do, to pack and tips on attending a congress, especially Chaos Communication Congress. MacLemon   319    
https://github.com/jipegit/FECT Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer jipegit other 39    
https://github.com/anl-cyberscience/FlexTransform Enables dynamic translation of structured data between formats anl-cyberscience other 14    
https://github.com/anl-cyberscience/LQMToolset Flexible framework that allows automation to process cyber threat information and update endpoint defense tools. anl-cyberscience other 21    
https://github.com/cseagle/fREedom capstone based disassembler for extracting to binnavi cseagle gpl-2.0 220    
https://github.com/yahoo/redislite Redis in a python module. yahoo other 525    
https://github.com/cure53/HTTPLeaks HTTPLeaks - All possible ways, a website can leak HTTP requests cure53 bsd-2-clause 1655    
https://github.com/clayh53/tufte-jekyll Minimal Jekyll blog styled to resemble the look and layout of Edward Tufte’s books clayh53 mit 557    
https://github.com/ghedo/pflask :sake: Lightweight process containers for Linux ghedo bsd-2-clause 193    
https://github.com/osirislab/Fentanyl Fentanyl is an IDAPython script that makes patching significantly easier osirislab   188    
https://github.com/nanomsg/nanomsg nanomsg library nanomsg other 5517    
https://github.com/mrsarm/mongotail Command line tool to log all MongoDB queries in a “tail”able way mrsarm gpl-3.0 177    
https://github.com/soulaklabs/bitoduc.fr A website about french words for computer concepts. soulaklabs   228    
https://github.com/d3/d3-shape Graphical primitives for visualization, such as lines and areas. d3 isc 2340    
https://github.com/hashcat/hashcat World’s fastest and most advanced password recovery utility hashcat   15965    
https://github.com/hashcat/hashcat-legacy Advanced CPU-based password recovery utility hashcat   2116    
https://github.com/Lab41/SkyLine An Exploration into Graph Databases Lab41   28    
https://github.com/PoorBillionaire/USN-Journal-Parser Python script to parse the NTFS USN Journal PoorBillionaire other 92    
https://github.com/PoorBillionaire/Windows-Prefetch-Parser Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files PoorBillionaire other 94    
https://github.com/dgraph-io/dgraph Native GraphQL Database with graph backend dgraph-io other 18605    
https://github.com/PeterNotenboom/SwiftCodes Swift Codes or BIC Codes for all the Banks in the world. Cached to json. PeterNotenboom mit 152    
https://github.com/facebook/zstd Zstandard - Fast real-time compression algorithm facebook other 18579    
https://github.com/MISP/misp-workbench MISP Workbench MISP   26    
https://github.com/RedHatProductSecurity/Certificates-Shipped A list of certificates shipped by various vendors and Open Source Projects RedHatProductSecurity gpl-2.0 38    
https://github.com/samyk/magspoof A portable device that can spoof/emulate any magnetic stripe, credit card or hotel card “wirelessly”, even on standard magstripe (non-NFC/RFID) readers. It can disable Chip&PIN and predict AMEX card numbers with 100% accuracy. samyk   3157    
https://github.com/daedafusion/cyber-ontology Cyber Intelligence Ontology daedafusion cc-by-sa-4.0 47    
https://github.com/samratashok/nishang Nishang - Offensive PowerShell for red team, penetration testing and offensive security. samratashok other 6952    
https://github.com/elceef/dnstwist Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation elceef   3574    
https://github.com/thnyheim/misp2bro Python script that gets IOC from MISP and converts it into BRO intel files. thnyheim gpl-2.0 12    
https://github.com/graphistry/pygraphistry PyGraphistry is a Python library to quickly load, shape, embed, and explore big graphs with the GPU-accelerated Graphistry visual graph analyzer graphistry bsd-3-clause 1742    
https://github.com/biokoda/actordb ActorDB distributed SQL database biokoda mpl-2.0 1883    
https://github.com/CIRCL/dma-frontend Pre-pre-pre Beta DMA frontend CIRCL agpl-3.0 5    
https://github.com/JamesHabben/sysmon-queries Queries to parse sysmon event log file with microsoft logparser JamesHabben   54    
https://github.com/elceef/bitlocker Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key) elceef   183    
https://github.com/surevine/spiffing Jolly good library for SPIF/Label/Clearance handling surevine mit 10    
https://github.com/microsoft/microsoft-pdb Information from Microsoft about the PDB format. We’ll try to keep this up to date. Just trying to help the CLANG/LLVM community get onto Windows. microsoft other 1664    
https://github.com/SekoiaLab/Fastir_Collector   SekoiaLab gpl-3.0 479    
https://github.com/benbalter/word-to-markdown A ruby gem to liberate content from Microsoft Word documents benbalter mit 1326    
https://github.com/Rurik/Noriben Noriben - Portable, Simple, Malware Analysis Sandbox Rurik other 923    
https://github.com/markdbenson/dapper A publishing tool for static websites. markdbenson   44    
https://github.com/n1nj4sec/pr0cks python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target n1nj4sec gpl-3.0 339    
https://github.com/vyrus001/go-mimikatz A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion. vyrus001   481    
https://github.com/tillmannw/swffile swffile.py - SWF file parser module in Python tillmannw   28    
https://github.com/Lookingglass/opentpx Open Threat Partner eXchange Lookingglass other 39    
https://github.com/8u1a/plyara Parse Yara rules and operate over them more easily. 8u1a apache-2.0 50    
https://github.com/veorq/blueflower a grep -r for secrets veorq gpl-3.0 175    
https://github.com/bwall/pemcracker Tool to crack encrypted PEM files bwall mit 138    
https://github.com/eniac/faas Factoring as a Service eniac lgpl-3.0 240    
https://github.com/phaag/nfdump Netflow processing tools phaag other 599    
https://github.com/awesomedata/awesome-public-datasets A topic-centric list of HQ open datasets. awesomedata mit 51708    
https://github.com/Yelp/threat_intel Threat Intelligence APIs Yelp mit 259    
https://github.com/XiphosResearch/exploits Miscellaneous exploit code XiphosResearch   1342    
https://github.com/koalaman/shellcheck ShellCheck, a static analysis tool for shell scripts koalaman gpl-3.0 30381    
https://github.com/GitbookIO/gitbook 📝 Modern documentation format and toolchain using Git and Markdown GitbookIO apache-2.0 25124    
https://github.com/jjo-sec/pdns-scala Attempt at a Scala transaltion of CIRCL.LU’s PyPDNS Python module jjo-sec   2    
https://github.com/1e0ng/simhash A Python Implementation of Simhash Algorithm 1e0ng mit 857    
https://github.com/yahoo/gryffin Gryffin is a large scale web security scanning platform. yahoo bsd-3-clause 2075    
https://github.com/abenassi/Google-Search-API Python based api for searching google web, images, calc, and currency conversion. abenassi   516    
https://github.com/NPS-DEEP/hashdb hashdb block hash database tool and API NPS-DEEP other 44    
https://github.com/n1nj4sec/pupy Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python n1nj4sec other 7278    
https://github.com/Suor/flaws Finds flaws in your python code Suor bsd-2-clause 38    
https://github.com/obsidianforensics/hindsight Web browser forensics for Google Chrome/Chromium obsidianforensics apache-2.0 803    
https://github.com/fuzzdb-project/fuzzdb Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery. fuzzdb-project   7027    
https://github.com/google/brotli Brotli compression format google mit 11595    
https://github.com/Xyl2k/TSA-Travel-Sentry-master-keys 3D reproduction of TSA Master keys Xyl2k other 2968    
https://github.com/timtadh/zhang-shasha Tree edit distance using the Zhang Shasha algorithm timtadh other 360    
https://github.com/CIRCL/PyEUPI Client API to query the Phishing Initiative service API CIRCL other 19    
https://github.com/lloyd/yajl A fast streaming JSON parsing library in C. lloyd isc 2062    
https://github.com/horia141/sdhash Python library for image hashing and deduplication horia141 mit 11    
https://github.com/Leviathan1995/Pylsy Pylsy is a simple python library draw tables in the Terminal. Just two lines of code . Leviathan1995 other 466    
https://github.com/BayshoreNetworks/yextend Yara integrated software to handle archive file data. BayshoreNetworks bsd-3-clause 250    
https://github.com/alexbredo/honeypot-camera observation camera honeypot alexbredo bsd-2-clause 49    
https://github.com/alexbredo/honeypot-ftp FTP Honeypot alexbredo bsd-2-clause 23    
https://github.com/jedisct1/bloom-filter A dead simple bloom filter in C jedisct1 other 9    
https://github.com/ashish-gehani/SPADE SPADE: Support for Provenance Auditing in Distributed Environments ashish-gehani gpl-3.0 114    
https://github.com/troglobit/netcalc Simplified clone of sipcalc with ipcalc looks troglobit bsd-3-clause 40    
https://github.com/rbsec/dnscan   rbsec gpl-3.0 824    
https://github.com/StamusNetworks/scirius Scirius is a web application for Suricata ruleset management and threat hunting. StamusNetworks gpl-3.0 512    
https://github.com/dnSpy/dnSpy .NET debugger and assembly editor dnSpy   22039    
https://github.com/lifting-bits/mcsema Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode lifting-bits agpl-3.0 2405    
https://github.com/BreakingMalware/Selfie A Tool to Unpack Self-Modifying Code using DynamoRIO BreakingMalware   139    
https://github.com/dirkmoors/python-bloomfilter A pure python bloomfilter implementation with JSON (de)serialisation and (zlib) compression dirkmoors   4    
https://github.com/lytics/anomalyzer Probabilistic anomaly detection for time series data lytics apache-2.0 282    
https://github.com/StamusNetworks/ansible-misp Ansible playbook to install Malware Information Sharing Platform (MISP) StamusNetworks gpl-3.0 16    
https://github.com/cayleygraph/cayley An open-source graph database cayleygraph apache-2.0 14384    
https://github.com/nabla-c0d3/ssl-kill-switch2 Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications. nabla-c0d3 other 2676    
https://github.com/danvk/webdiff Two-column web-based git difftool danvk apache-2.0 236    
https://github.com/kkar/TeamViewer-dumper-in-CPP Dumps TeamViewer ID,Password and account settings from a running TeamViewer instance by enumerating child windows. kkar   41    
https://github.com/lmco/laikaboss Laika BOSS: Object Scanning System lmco apache-2.0 700    
https://github.com/MuseumofModernArt/collection The Museum of Modern Art (MoMA) collection data MuseumofModernArt   1249    
https://github.com/syllog1sm/cython-sparsehash Cython wrappers for Google’s sparsehash library, and the murmur hash functions syllog1sm   17    
https://github.com/PaloAltoNetworks/misp-to-autofocus Script for pulling events from a MISP database and converting them to Autofocus queries. PaloAltoNetworks   12    
https://github.com/PaloAltoNetworks/report_to_misp Parse a report and import the events into MISP PaloAltoNetworks   25    
https://github.com/seiflotfy/cuckoofilter Cuckoo Filter: Practically Better Than Bloom seiflotfy mit 939    
https://github.com/Rafiot/HackedTeamCerts A bunch of certificates from the Hacking Team leak Rafiot   70    
https://github.com/helpsystems/pcapy Pcapy is a Python extension module that interfaces with the libpcap packet capture library. helpsystems other 368    
https://github.com/jedisct1/massresolver Mass DNS resolution tool jedisct1 bsd-2-clause 36    
https://github.com/david415/HoneyBadger Quantum Insert detector/recorder david415 gpl-3.0 300    
https://github.com/repbin/repbin Replicating Encrypted PasteBin repbin other 76    
https://github.com/libhostile/libhostile “What if I tossed small pox into a room filled with sprinters after filling their water cups with red bull.” libhostile bsd-3-clause 33    
https://github.com/CIRCL/pbtc Passive Bitcoin Project CIRCL agpl-3.0 10    
https://github.com/rapid7/ssh-badkeys A collection of static SSH keys (public and private) that have made their way into software and hardware products. rapid7 mit 753    
https://github.com/Shopify/ejson EJSON is a small library to manage encrypted secrets using asymmetric encryption. Shopify mit 1153    
https://github.com/RPISEC/MBE Course materials for Modern Binary Exploitation by RPISEC RPISEC bsd-2-clause 4952    
https://github.com/floragunn/search-guard Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorisation. floragunn apache-2.0 2139    
https://github.com/znb/Scripts General scripts for random stuff znb   38    
https://github.com/Phoul/yara_rules yara rules for crypto detection Phoul bsd-3-clause 30    
https://github.com/ctz/cifra A collection of cryptographic primitives targeted at embedded use. ctz cc0-1.0 304    
https://github.com/Parsely/pykafka Apache Kafka client for Python; high-level & low-level consumer/producer, with great performance. Parsely apache-2.0 1107    
https://github.com/zer0box/zer0m0n zer0m0n driver for cuckoo sandbox zer0box gpl-3.0 21    
https://github.com/AuditProject/truecrypt-verified-mirror Verified Windows, OSX, Linux TrueCrypt v. 7.1a binaries and source files AuditProject   846    
https://github.com/ot/succinct A collection of succinct data structures ot other 178    
https://github.com/Rafiot/MultiProcQueue Multiprocessing queuing module extracted from AIL framework (Pre-Alpha stage) Rafiot   5    
https://github.com/t-d-k/LibreCrypt LibreCrypt: Transparent on-the-fly disk encryption for Windows. LUKS compatible. t-d-k   685    
https://github.com/YoloSwagTeam/feedstail Feedstail is a tail-f-like utility for feeds. It monitor a feed and emits new entries. Feedstail aim to be simple, hackable and compatible with rsstail its C brother. YoloSwagTeam gpl-3.0 29    
https://github.com/JamesHabben/evolve Web interface for the Volatility Memory Forensics Framework JamesHabben   250    
https://github.com/dominictarr/pull-box-stream One way streaming encryption based on libsodium’s secretbox primitive dominictarr mit 84    
https://github.com/CIRCL/PyRichHeader A Python parser for Rich Headers CIRCL   13    
https://github.com/extremeshok/clamav-unofficial-sigs ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com extremeshok other 472    
https://github.com/jfalken/github_commit_crawler Tool used to continuously monitor a Github org for mistaken public commits jfalken   166    
https://github.com/nologic/idaref IDA Pro Instruction Reference Plugin nologic gpl-2.0 608    
https://github.com/CIRCL/PyCIRCLean Python library used by CIRCLean (the USB sanitizer) and others CIRCL bsd-3-clause 46    
https://github.com/google/honggfuzz Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based) google apache-2.0 2646    
https://github.com/yougov/raleway-webfont   yougov ofl-1.1 18    
https://github.com/nlohmann/json JSON for Modern C++ nlohmann mit 32358    
https://github.com/trendmicro/tlsh   trendmicro other 603    
https://github.com/openaddresses/openaddresses A repository of global open address data. openaddresses bsd-3-clause 2474    
https://github.com/matze/mtheme A modern LaTeX Beamer theme matze   5615    
https://github.com/smartdec/smartdec SmartDec decompiler smartdec gpl-3.0 352    
https://github.com/daverstephens/The-SOC-Shop Repository of scripts/tools that may be useful in Security Operations Centres (SOC) daverstephens gpl-2.0 51    
https://github.com/BII-Lab/Yeti-Project Maintains the public documents, zone file, trust anchor of Yeti Project BII-Lab mit 64    
https://github.com/mfouesneau/asciiplot Package that allows you to plot simple graphs in ASCII, a la matplotlib mfouesneau   67    
https://github.com/OISF/libhtp LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. OISF bsd-3-clause 258    
https://github.com/ultrajson/ultrajson Ultra fast JSON decoder and encoder written in C with Python bindings ultrajson other 3876    
https://github.com/victims/victims-cve-db CVE database store victims other 126    
https://github.com/MITRECND/snugglefish Simple NGram Fast Indexer & Searcher MITRECND   35    
https://github.com/MITRECND/WhoDat Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT) MITRECND   152    
https://github.com/joxeankoret/multiav MultiAV scanner with Python and JSON API. Disclaimer: I don’t maintain it any more. joxeankoret other 305    
https://github.com/cryptostorm-dev/cstorm_fishycerts.vuln.party The Repository Formerly Known As Fishycerts, vuln.party is a place to study & share SSL certificates & other CA-based crypto-buffonery for fun and… more fun. Also for Science! cryptostorm-dev   40    
https://github.com/BowlingX/flexcss A simple css pattern-library using flexbox, build for hellofellow BowlingX mit 85    
https://github.com/Neo23x0/yarGen yarGen is a generator for YARA rules Neo23x0 other 1130    
https://github.com/sooshie/Security-Data-Analysis A series of labs that will help users apply various data science techniques to security related data. sooshie   126    
https://github.com/megumiteam/staticpress [WordPress Plugin] staticpress - A WordPress plugin to Export your WordPress to static site megumiteam   199    
https://github.com/dcjones/hat-trie An efficient trie implementation. dcjones mit 239    
https://github.com/pytries/marisa-trie Static memory-efficient Trie-like structures for Python (2.x and 3.x) based on marisa-trie C++ library. pytries mit 951    
https://github.com/fox-it/quantuminsert Quantum Insert fox-it unlicense 203    
https://github.com/jaegeral/viper2stix This tool will export viper information to valid stix file jaegeral other 4    
https://github.com/tr3w/ExpImp-Lookup Looks for all export and import names that contain a specified string in all Portable Executable in a directory tree tr3w gpl-2.0 6    
https://github.com/vladimarius/pyap Python address detector and parser vladimarius mit 173    
https://github.com/bdcht/amoco yet another tool for analysing binaries bdcht gpl-2.0 435    
https://github.com/Vector35/deprecated-binaryninja-python Deprecated Binary Ninja prototype written in Python Vector35 gpl-2.0 514    
https://github.com/tigran-a/relbot Neighbors-keep-alive-based p2p bot detection tool taking as input NetFlow/IPFIX tigran-a other 5    
https://github.com/thomasf/internet go package for indexing and querying certain aspects of bgp dumps and some other things. thomasf   12    
https://github.com/MyNameIsMeerkat/pyREtic pyREtic is an extensible framework for in-memory Python bytecode reverse engineering MyNameIsMeerkat gpl-3.0 241    
https://github.com/antirez/otree a simple btree implementation with automatic space reclaiming antirez bsd-3-clause 261    
https://github.com/CIRCL/email-abuse Email Abuse - A Versatile Software for Email review, analysis and reporting CIRCL   18    
https://github.com/dnsviz/dnsviz   dnsviz gpl-2.0 714    
https://github.com/dnstap/dnstap-ldns reference dnstap decoding utility dnstap apache-2.0 17    
https://github.com/Lasagne/Lasagne Lightweight library to build and train neural networks in Theano Lasagne other 3825    
https://github.com/SilenceIM/Silence PROJECT MOVED: https://git.silence.dev/Silence/Silence-Android/ (GitHub is just a mirror.) SilenceIM gpl-3.0 1087    
https://github.com/fygrave/moloch_zmq ZMQ data explort plugin for Moloch fygrave bsd-3-clause 6    
https://github.com/mailgun/flanker Python email address and Mime parsing library mailgun apache-2.0 1555    
https://github.com/hillar/moloch_zmq ZMQ data explort plugin for Moloch hillar bsd-3-clause 1    
https://github.com/steeve/france.code-civil Le code civil français sous git steeve   2654    
https://github.com/jordan-wright/elastichoney A Simple Elasticsearch Honeypot jordan-wright mit 171    
https://github.com/TakahiroHaruyama/openioc_scan openioc_scan Volatility Framework plugin TakahiroHaruyama gpl-2.0 40    
https://github.com/USBGuard/usbguard USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system) USBGuard gpl-2.0 879    
https://github.com/yasuhironet/bgpdump2 Bgpdump2: A Tool to Read and Compare the BGP RIB Dump Files. yasuhironet gpl-3.0 40    
https://github.com/WestpointLtd/tls_prober A tool to fingerprint SSL/TLS servers WestpointLtd mit 245    
https://github.com/mafintosh/airpaste A 1-1 network pipe that auto discovers other peers using mdns mafintosh mit 795    
https://github.com/hannob/pgpecosystem Scripts to parse and analyze pgp key server data hannob cc0-1.0 31    
https://github.com/facebook/ThreatExchange Share threat information with vetted partners facebook other 943    
https://github.com/jonstewart/fsrip Output Filesystem Information as JSON using The Sleuthkit jonstewart apache-2.0 14    
https://github.com/syn2cat/syndilights A blinkenlights implementation by syn2cat syn2cat gpl-3.0 2    
https://github.com/jipegit/IRNotes Some IR notes jipegit   72    
https://github.com/ayeowch/bitnodes Bitnodes estimates the relative size of the Bitcoin peer-to-peer network by finding all of its reachable nodes. ayeowch mit 538    
https://github.com/plasma-disassembler/plasma Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax. plasma-disassembler gpl-3.0 2976    
https://github.com/ops-trust/portal Ops-Trust Platform - Portal ops-trust apache-2.0 21    
https://github.com/certsocietegenerale/FIR Fast Incident Response certsocietegenerale gpl-3.0 1460    
https://github.com/erwanlr/Fingerprinter CMS/LMS/Library etc Versions Fingerprinter erwanlr other 246    
https://github.com/google/rowhammer-test Test DRAM for bit flips caused by the rowhammer problem google   910    
https://github.com/Neo23x0/Loki Loki - Simple IOC and Incident Response Scanner Neo23x0 gpl-3.0 2610    
https://github.com/mkdocs/mkdocs Project documentation with Markdown. mkdocs bsd-2-clause 15222    
https://github.com/ledisdb/ledisdb A high performance NoSQL Database Server powered by Go ledisdb mit 3901    
https://github.com/usbarmory/usbarmory USB armory - open source flash-drive-sized computer usbarmory   1177    
https://github.com/CIRCL/url-abuse URL Abuse - A Versatile Software for URL review, analysis and black-list reporting CIRCL agpl-3.0 128    
https://github.com/dpetker/dataglobe A more generic version of https://github.com/dataarts/armsglobe for visualizing source/destination data dpetker other 10    
https://github.com/Kozea/Radicale A simple CalDAV (calendar) and CardDAV (contact) server. Kozea gpl-3.0 2580    
https://github.com/bumptech/stud The Scalable TLS Unwrapping Daemon bumptech other 1428    
https://github.com/alexwebr/stud The Scalable TLS Unwrapping Daemon alexwebr other 1    
https://github.com/the-tcpdump-group/tcpdump the TCPdump network dissector the-tcpdump-group other 2023    
https://github.com/sloria/TextBlob Simple, Pythonic, text processing–Sentiment analysis, part-of-speech tagging, noun phrase extraction, translation, and more. sloria mit 8340    
https://github.com/polera/rblwatch RBL lookups with Python polera bsd-2-clause 37    
https://github.com/NeowayLabs/neosearch Full Text Search Library NeowayLabs   29    
https://github.com/jonschipp/mal-dnssearch Compare multiple log formats against malware reputation lists. jonschipp   88    
https://github.com/pudo/dataset Easy-to-use data handling for SQL data stores with support for implicit table creation, bulk loading, and transactions. pudo mit 4225    
https://github.com/google/stenographer Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com google apache-2.0 1746    
https://github.com/robertdavidgraham/pemcrack Cracks SSL PEM files that hold encrypted private keys. Brute forces or dictionary cracks. This code is extraordinarily slow, DON’T JUDGE ME!!! robertdavidgraham mit 297    
https://github.com/jjyg/metasm This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby jjyg lgpl-2.1 426    
https://github.com/citizenlab/spyware-scan   citizenlab bsd-3-clause 29    
https://github.com/mimoo/RSA-and-LLL-attacks attacking RSA via lattice reductions (LLL) mimoo   614    
https://github.com/KoreLogicSecurity/mastiff Malware static analysis framework KoreLogicSecurity   159    
https://github.com/F-Secure/Sulo Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin F-Secure   150    
https://github.com/de4dot/de4dot .NET deobfuscator and unpacker. de4dot gpl-3.0 6030    
https://github.com/google/rekall Rekall Memory Forensic Framework google gpl-2.0 1831    
https://github.com/bez0r/BeaconBits Network timing evaluation used to detect beacons, works with argus flow as the source bez0r gpl-3.0 18    
https://github.com/martinmarinov/TempestSDR Remote video eavesdropping using a software-defined radio platform martinmarinov gpl-3.0 986    
https://github.com/ant4g0nist/lisa.py - An Exploit Dev Swiss Army Knife. ant4g0nist apache-2.0 634    
https://github.com/tandasat/findpg Windbg extension to find PatchGuard pages tandasat mit 102    
https://github.com/NorthernSec/CVE-Scan Scan systems with NMap and parse the output to a list of CVE’s, CWE’s and DPE’s NorthernSec bsd-4-clause 239    
https://github.com/dimsemenov/PhotoSwipe JavaScript image gallery for mobile and desktop, modular, framework independent dimsemenov mit 22324    
https://github.com/kaie/sphere-detection Various modules to implement the DetecTor design from http://detector.kuix.de kaie mpl-2.0 53    
https://github.com/lpsantil/rt0 A minimal C runtime for Linux i386 & x86_64 lpsantil bsd-2-clause 568    
https://github.com/stribika/sshlabs SSH configuration analysis stribika unlicense 71    
https://github.com/jbremer/goatse.mbr A 512-byte bootloader displaying ASCII Goatse on boot. jbremer   29    
https://github.com/StreisandEffect/streisand Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists. StreisandEffect other 22895    
https://github.com/wekan/wekan The Open Source kanban (built with Meteor). Keep variable/table/field names camelCase. For translations, only add Pull Request changes to wekan/i18n/en.i18n.json , other translations are done at https://transifex.com/wekan/wekan only. wekan mit 18289    
https://github.com/defuse/swatd Run a script when one or more sensors fail. defuse gpl-3.0 852    
https://github.com/vz-risk/veris Vocabulary for Event Recording and Incident Sharing (VERIS) vz-risk other 481    
https://github.com/rbsec/sslscan sslscan tests SSL/TLS enabled services to discover supported cipher suites rbsec gpl-3.0 1765    
https://github.com/eurecom-s3/hdd_firmware_tools Tools for viewing and extracting HDD firmware files eurecom-s3 mit 69    
https://github.com/bwall/HashPump A tool to exploit the hash length extension attack in various hashing algorithms bwall mit 1040    
https://github.com/CIRCL/cve-portal Common Vulnerabilities and Exposures - Portal CIRCL agpl-3.0 73    
https://github.com/ANSSI-FR/SysvolExplorer Active Directory Group Policy analyzer ANSSI-FR   78    
https://github.com/sshock/AFFLIBv3 AFF is an open and extensible file format to store disk images and associated metadata. sshock other 67    
https://github.com/jduck/asus-cmd ASUS Router infosvr UDP Broadcast root Command Execution jduck   251    
https://github.com/palantir/plottable :bar_chart: A library of modular chart components built on D3 palantir mit 2890    
https://github.com/psypanda/hashID Software to identify the different types of hashes - psypanda   1171    
https://github.com/twitter/AnomalyDetection Anomaly Detection with R twitter gpl-3.0 3473    
https://github.com/samyk/usbdriveby USBdriveby exploits the trust of USB devices by emulating an HID keyboard and mouse, installing a cross-platform firewall-evading backdoor, and rerouting DNS within seconds of plugging it in. samyk gpl-2.0 1193    
https://github.com/tennc/webshell This is a webshell open source project tennc mit 8498    
https://github.com/blackfist/sonyhack   blackfist   21    
https://github.com/iSECPartners/Android-SSL-TrustKiller Bypass SSL certificate pinning for most applications iSECPartners other 652    
https://github.com/gpoore/minted minted is a LaTeX package that provides syntax highlighting using the Pygments library. Highlighted source code can be customized using fancyvrb. gpoore   1567    
https://github.com/bortzmeyer/key-checker Monitor and analyze DNSSEC key rollovers bortzmeyer   24    
https://github.com/XPIR-team/XPIR XPIR: Private Information Retrieval for Everyone XPIR-team other 102    
https://github.com/rapid7/dap Data Analysis Pipeline rapid7 mit 148    
https://github.com/google/snappy A fast compressor/decompressor google other 5421    
https://github.com/Zentific/vmidbg PoC LibVMI-based GDB server for virtual machines Zentific other 48    
https://github.com/coruus/pyasn1-modules Export of pyasn1.cvs.sourceforge.net:/cvsroot/pyasn1-modules coruus bsd-2-clause 9    
https://github.com/umpirsky/country-list :globe_with_meridians: List of all countries with names and ISO 3166-1 codes in all languages and data formats. umpirsky mit 4986    
https://github.com/nabla-c0d3/sslyze Fast and powerful SSL/TLS scanning library. nabla-c0d3 agpl-3.0 2807    
https://github.com/gamelinux/passivedns A network sniffer that logs all DNS server replies for use in a passive DNS setup gamelinux   1550    
https://github.com/pwarren/rtl-entropy An entropy generator using SDR peripherals, including rtl-sdr and BladeRF pwarren gpl-3.0 345    
https://github.com/ahupp/python-magic A python wrapper for libmagic ahupp other 2219    
https://github.com/USArmyResearchLab/Dshell Dshell is a network forensic analysis framework. USArmyResearchLab other 5380    
https://github.com/kbandla/APTnotes Various public documents, whitepapers and articles about APT campaigns kbandla   3143    
https://github.com/bsdphk/Ntimed Network time synchronization software, NTPD replacement. bsdphk   381    
https://github.com/emirozer/fake2db create custom test databases that are populated with fake data emirozer gpl-2.0 2144    
https://github.com/mithrandi/ssh-key-generator A utility for deterministically generating ssh keypairs mithrandi mit 46    
https://github.com/google/end-to-end End-To-End is a crypto library to encrypt, decrypt, digital sign, and verify signed messages (implementing OpenPGP) google apache-2.0 4087    
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector AIMSICD • Fight IMSI-Catcher, StingRay and silent SMS! CellularPrivacy gpl-3.0 4261    
https://github.com/elliotlepers/Amazon-Killer Extension Chrome et Firefox pour chercher un livre sur Amazon et l’acheter dans une vraie librairie. elliotlepers   109    
https://github.com/herrcore/punbup Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it’s not just another wrapper around 7zip! herrcore other 36    
https://github.com/herrcore/CmdDesktopSwitch CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to identify and watch malware that has created a hidden desktop. herrcore   32    
https://github.com/binux/pyspider A Powerful Spider(Web Crawler) System in Python. binux apache-2.0 15631    
https://github.com/superponible/volatility-plugins Plugins I’ve written for Volatility superponible   159    
https://github.com/seastorm/PuttyRider Hijack Putty sessions in order to sniff conversation and inject Linux commands. seastorm other 346    
https://github.com/CalebFenton/simplify Android virtual machine and deobfuscator CalebFenton other 4055    
https://github.com/radare/radare2-capstone Vala API and R2 plugins for the Capstone disassembler framework radare   24    
https://github.com/ivre/ivre Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! ivre gpl-3.0 2720    
https://github.com/pronto/SSH-Ranking SSH Ranking system! :D (re-write of ssh-fail-watcher) pronto apache-2.0 26    
https://github.com/Neo23x0/ReginScanner Scanner for Regin Virtual Filesystems Neo23x0   25    
https://github.com/Th4nat0s/No_Sandboxes Test suite for bypassing Malware sandboxes. Th4nat0s unlicense 36    
https://github.com/snare/calculon A terminal-based programmer’s calculator endowed with unholy acting talent by the Robot Devil snare   82    
https://github.com/snare/voltron A hacky debugger UI for hackers snare mit 5816    
https://github.com/pan-unit42/public_tools   pan-unit42 mit 656    
https://github.com/secretsquirrel/the-backdoor-factory Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors secretsquirrel bsd-3-clause 3051    
https://github.com/v0s/plus22 Tool to analyze 64-bit binaries with 32-bit Hex-Rays Decompiler v0s other 78    
https://github.com/YahooArchive/PyIOCe Python IOC Editor YahooArchive apache-2.0 56    
https://github.com/miekg/pandoc2rfc Use pandoc to create XML suitable for xml2rfc miekg other 80    
https://github.com/DIGImend/usbhid-dump USB HID device dumping utility DIGImend   114    
https://github.com/unixfreak0037/officeparser Extract embedded files and macros from office documents. unixfreak0037 mit 157    
https://github.com/buaazp/zimg A lightweight and high performance image storage and processing system. buaazp bsd-3-clause 2677    
https://github.com/getnikola/nikola A static website and blog generator getnikola mit 2342    
https://github.com/google/timesketch Collaborative forensic timeline analysis google apache-2.0 2028    
https://github.com/clymb3r/KdExploitMe A kernel driver to practice writing exploits against, as well as some example exploits using public techniques. clymb3r bsd-2-clause 397    
https://github.com/thesp0nge/wordstress A security scanner for Wordpress blogging engine thesp0nge mit 34    
https://github.com/dholm/voidwalker A GDB toolbox for low-level debugging dholm gpl-3.0 128    
https://github.com/AnimeshShaw/Hash-Algorithm-Identifier A python tool to identify different Hash Function Algorithms AnimeshShaw apache-2.0 389    
https://github.com/CubicaLabs/IDASynergy A combination of an IDAPython Plugin and a control version system that result in a new reverse engineering collaborative addon for IDA Pro. By CubicaLabs mit 91    
https://github.com/crossbario/autobahn-python WebSocket and WAMP in Python for Twisted and asyncio crossbario mit 2380    
https://github.com/Lookyloo/uwhoisd A ‘Universal WHOIS’ proxy server - you query it, it gives back the correct details Lookyloo mit 9    
https://github.com/brandonlw/Psychson Phison 2251-03 (2303) Custom Firmware & Existing Firmware Patches (BadUSB) brandonlw mit 3926    
https://github.com/kgaughan/uwhoisd A ‘Universal WHOIS’ proxy server - you query it, it gives back the correct details kgaughan mit 38    
https://github.com/wifiphisher/wifiphisher The Rogue Access Point Framework wifiphisher gpl-3.0 11226    
https://github.com/360netlab/flint The python client of passivedns.cn 360netlab bsd-2-clause 91    
https://github.com/yinqiwen/ardb A redis protocol compatible nosql, it support multiple storage engines as backend like Google’s LevelDB, Facebook’s RocksDB, OpenLDAP’s LMDB, PerconaFT, WiredTiger, ForestDB. yinqiwen bsd-3-clause 1752    
https://github.com/volatilityfoundation/profiles Volatility profiles for Linux and Mac OS X volatilityfoundation   295    
https://github.com/dholm/dotgdb GDB scripts to add support for low level debugging and reverse engineering dholm   137    
https://github.com/kevthehermit/Maildb Python Web App to Parse and Track Email and http Pcap Files. kevthehermit other 55    
https://github.com/tmux-plugins/tmux-resurrect Persists tmux environment across system restarts. tmux-plugins mit 9283    
https://github.com/wapiflapi/binglide Visual reverse engineering tool. Veles is better, use it. Don’t use this. wapiflapi mit 571    
https://github.com/CIRCL/potiron Potiron - Normalize, Index and Visualize Network Capture CIRCL   73    
https://github.com/johnnykv/mnemosyne Normalizer for honeypot data. johnnykv gpl-3.0 42    
https://github.com/jviereck/vedit A new code editor - different by behavior jviereck   64    
https://github.com/ctfs/write-ups-2014 Wiki-like CTF write-ups repository, maintained by the community. 2014 ctfs   1790    
https://github.com/signalapp/Signal-Android A private messenger for Android. signalapp gpl-3.0 22980    
https://github.com/certtools/intelmq-manager IntelMQ Manager is a graphical interface to manage configurations for IntelMQ framework. certtools   99    
https://github.com/radareorg/radare2 UNIX-like reverse engineering framework and command-line toolset radareorg lgpl-3.0 17099    
https://github.com/Rafiot/MyNSA Playing the NSA at home, and discover what your devices do in the background. Rafiot   3    
https://github.com/OpenRCE/sulley A pure-python fully automated and unattended fuzzing framework. OpenRCE gpl-2.0 1342    
https://github.com/usb-tools/USBProxy-legacy A proxy for USB devices, libUSB and gadgetFS - this project is unmaintained, try here: https://github.com/usb-tools/Facedancer usb-tools gpl-2.0 399    
https://github.com/CIRCL/AIL-framework AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project CIRCL agpl-3.0 1200    
https://github.com/kyrus/crypto-un-locker   kyrus mit 32    
https://github.com/freeoks/SD0_reader Program for reading Mayhem hidden filesystem freeoks   6    
https://github.com/FinFisher/FinFly-Web   FinFisher   228    
https://github.com/CIRCL/bgp-ranking BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN). CIRCL other 98    
https://github.com/xyz2tex/svg2tikz An Inkscape extension for exporting SVG paths as TikZ/PGF paths xyz2tex other 386    
https://github.com/dkovar/ircollect ircollect dkovar apache-2.0 29    
https://github.com/certtools/intelmq IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol. certtools agpl-3.0 778    
https://github.com/regit/pshitt Passwords of SSH Intruders Transferred to Text regit gpl-3.0 137    
https://github.com/blackswanburst/classify6 An command line tool (written in OCAML) to classify IPv6 addresses, and provide a bit of further information. blackswanburst   5    
https://github.com/crits/crits CRITs - Collaborative Research Into Threats crits other 825    
https://github.com/DrWhax/truecrypt-archive Archive of (almost) all truecrypt releases - Please audit this repository! DrWhax   678    
https://github.com/onionshare/onionshare Securely and anonymously share files, host websites, and chat with friends using the Tor network onionshare other 5380    
https://github.com/ikkisoft/bradamsa Burp Suite extension to generate Intruder payloads using Radamsa ikkisoft gpl-3.0 85    
https://github.com/google/certificate-transparency Auditing for TLS certificates. google apache-2.0 828    
https://github.com/addthis/hydra   addthis apache-2.0 439    
https://github.com/theopolis/uefi-firmware-parser Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc theopolis other 576    
https://github.com/sumanj/frankencert Frankencert - Adversarial Testing of Certificate Validation in SSL/TLS Implementations sumanj   154    
https://github.com/gentilkiwi/mimikatz A little tool to play with Windows security gentilkiwi   16255    
https://github.com/chris-barry/darkweb-everywhere HTTPS Everywhere rulesets for hidden services and eepsites. chris-barry other 154    
https://github.com/secviz/davix Data Analysis and Visualization Linux Toolset secviz   58    
https://github.com/PoshSec/PoshSec PoshSec PowerShell Module PoshSec other 157    
https://github.com/jamu/pwnypot Malicious Code Execution Detection Prevention (MCEDP) High Interaction Client Honeypot jamu   9    
https://github.com/elastic/beats :tropical_fish: Beats - Lightweight shippers for Elasticsearch & Logstash elastic other 11345    
https://github.com/Trefex/arduino-airquality In this project, we are building an Arduino based platform to measure air quality and map it using GPS coordinates. Trefex   52    
https://github.com/awruef/find-heartbleed clang checker to find heartbleed awruef   83    
https://github.com/MISP/PyMISP Python library using the MISP Rest API MISP other 328    
https://github.com/chipsec/chipsec Platform Security Assessment Framework chipsec gpl-2.0 2526    
https://github.com/kevthehermit/RATDecoders Python Decoders for Common Remote Access Trojans kevthehermit mit 992    
https://github.com/simsong/bulk_extractor This is the development tree. Production downloads are at: simsong other 725    
https://github.com/robertdavidgraham/heartleech Demonstrates the “heartbleed” problem using full OpenSSL stack robertdavidgraham agpl-3.0 691    
https://github.com/rscmbbng/Border-Check   rscmbbng   25    
https://github.com/tweepy/tweepy Twitter for Python! tweepy mit 9232    
https://github.com/vmt/udis86 Disassembler Library for x86 and x86-64 vmt bsd-2-clause 879    
https://github.com/google/pyringe Debugger capable of attaching to and injecting code into python processes. google other 1630    
https://github.com/everpix/Everpix-Intelligence Uncensored Everpix metrics, financials and business data for your perusing everpix   2432    
https://github.com/rr-debugger/rr Record and Replay Framework rr-debugger other 7449    
https://github.com/flowztul/pandoras_bochs Official repository of Pandora’s Bochs, a Bochs-based automated unpacker for runtime-packed Windows executables flowztul   13    
https://github.com/rescrv/busybee BusyBee is a high-performance messaging layer rescrv bsd-3-clause 39    
https://github.com/veorq/SipHash High-speed secure pseudorandom function for short messages veorq cc0-1.0 519    
https://github.com/mmozeiko/aes-finder Utility to find AES keys in running processes mmozeiko   801    
https://github.com/DarthTon/Xenos Windows dll injector DarthTon mit 1513    
https://github.com/eset/malware-ioc Indicators of Compromises (IOC) of our various investigations eset bsd-2-clause 1277    
https://github.com/alfredxing/brick Open-source webfont service alfredxing   2878    
https://github.com/corelan/windbglib Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py corelan bsd-3-clause 280    
https://github.com/simsong/privacy-auditing-book Privacy auditing book simsong   11    
https://github.com/p2p-hacker-fr/articles Collection of collaborative articles about p2p p2p-hacker-fr   12    
https://github.com/dsiroky/snakemq Small cross-platform Python library for easy and reliable communication between hosts. dsiroky mit 124    
https://github.com/papers-we-love/papers-we-love Papers from the computer science community to read and discuss. papers-we-love   65433    
https://github.com/yatish27/linkedin-scraper Scrapes the public profile of the linkedin page yatish27 mit 536    
https://github.com/SteveClement/irssi-python Irssi-python bindings SteveClement gpl-2.0 2    
https://github.com/cokebottle/ASgrank ASgrank cokebottle   3    
https://github.com/JustinAzoff/bro-pdns Passive DNS collection using Bro JustinAzoff mit 170    
https://github.com/sleuthkit/sleuthkit The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. sleuthkit   2128    
https://github.com/jeffbryner/timeBoss UI for forensic filtering of filesystem mac times. jeffbryner other 15    
https://github.com/bez0r/pDNS2 Passive DNS V2 bez0r gpl-3.0 64    
https://github.com/dnsdb/dnsdbq DNSDB API Client, C Version dnsdb   74    
https://github.com/resume/resume.github.com Resumes generated using the GitHub informations resume   58705    
https://github.com/bitly/dablooms scaling, counting, bloom filter library bitly mit 962    
https://github.com/hfaran/Tornado-JSON A simple JSON API framework based on Tornado hfaran mit 270    
https://github.com/chokepoint/azazel Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection. chokepoint gpl-2.0 722    
https://github.com/bup/bup Very efficient backup system based on the git packfile format, providing fast incremental saves and global deduplication (among and within files, including virtual machine images). Please post problems or patches to the mailing list for discussion (see the end of the README below). bup other 6820    
https://github.com/jedisct1/iptrap A simple, but damn fast sinkhole jedisct1 other 60    
https://github.com/Katee/quietnet Simple chat program that communicates using inaudible sounds Katee mit 2930    
https://github.com/meejah/txtorcon Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction. meejah mit 237    
https://github.com/ytisf/theZoo A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public. ytisf other 9078    
https://github.com/cryptotronix/hashlet Driver and application software for the Cryptotronix Hashlet cryptotronix gpl-3.0 60    
https://github.com/ambitioninc/fleming Python functions for manipulating datetime objects with respect to their time zone ambitioninc other 50    
https://github.com/influxdata/influxdb Scalable datastore for metrics, events, and real-time analytics influxdata mit 24382    
https://github.com/cmichi/twitterwall Display topic-related tweets in realtime. Using node.js, socket.io & jQuery. cmichi   41    
https://github.com/bwall/ircsnapshot Tool to gather information from IRC servers bwall mit 87    
https://github.com/jrnold/ggthemes Additional themes, scales, and geoms for ggplot2 jrnold   1204    
https://github.com/NullHypothesis/exitmap A fast and modular scanner for Tor exit relays. The canonical repository (including issue tracker) is at https://gitlab.torproject.org/tpo/network-health/exitmap NullHypothesis gpl-3.0 456    
https://github.com/FFM/pycryptopan A Crypto-PAn implementation for python FFM lgpl-3.0 8    
https://github.com/joke2k/faker Faker is a Python package that generates fake data for you. joke2k mit 14942    
https://github.com/d-fence/frit A framework that ease the use of the numerous forensic open source tools. d-fence gpl-3.0 6    
https://github.com/skyhover/Deckard Code clone detection; clone-related bug detection; sematic clone analysis skyhover other 183    
https://github.com/wallabag/wallabag wallabag is a self hostable application for saving web pages: Save and classify articles. Read them later. Freely. wallabag mit 7550    
https://github.com/spotify/annoy Approximate Nearest Neighbors in C++/Python optimized for memory usage and loading/saving to disk spotify apache-2.0 10429    
https://github.com/catid/cymric Cymric - Portable secure random number generator catid   19    
https://github.com/mozilla/cipherscan A very simple way to find out which SSL ciphersuites are supported by a target. mozilla mpl-2.0 1861    
https://github.com/asciidoctor/asciidoctor-pdf :page_with_curl: Asciidoctor PDF: A native PDF converter for AsciiDoc based on Asciidoctor and Prawn, written entirely in Ruby. asciidoctor mit 1017    
https://github.com/cr0hn/info2cpe Library to convert a information text (server banner, for example) into CPE v2.3 value cr0hn gpl-2.0 20    
https://github.com/certtools/contactdb The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams certtools agpl-3.0 35    
https://github.com/wopot/jsgifkeylogger a javascript keylogger included in a gif file wopot mit 38    
https://github.com/offensive-security/exploitdb The official Exploit Database repository offensive-security gpl-2.0 7561    
https://github.com/SoftEtherVPN/SoftEtherVPN Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable. SoftEtherVPN apache-2.0 9409    
https://github.com/unixpickle/JamWiFi A GUI, easy to use WiFi network jammer for Mac OS X unixpickle   774    
https://github.com/exaexa/codecrypt Post-quantum cryptography tool (THIS REPOSITORY IS ONLY A MIRROR OF THE MAIN ONE, PLEASE DO NOT FILE BUGS HERE) exaexa lgpl-3.0 281    
https://github.com/python-visualization/folium Python Data. Leaflet.js Maps. python-visualization mit 5946    
https://github.com/elvanderb/TCP-32764 some codes and notes about the backdoor listening on TCP-32764 in linksys WAG200G. elvanderb other 1290    
https://github.com/KDr2/redis-leveldb A redis-protocol compatible frontend to google’s leveldb KDr2 mit 188    
https://github.com/ifduyue/pyssdb An SSDB Client Library for Python ifduyue bsd-2-clause 109    
https://github.com/ideawu/ssdb SSDB - A fast NoSQL database, an alternative to Redis ideawu bsd-3-clause 7966    
https://github.com/srinikom/leveldb-server Database server based on leveldb storage engine srinikom bsd-3-clause 122    
https://github.com/farsightsec/wdns low-level DNS library farsightsec apache-2.0 17    
https://github.com/spyoungtech/grequests Requests + Gevent = <3 spyoungtech bsd-2-clause 4138    
https://github.com/averagesecurityguy/twanalyze Extract useful information from a Twitter account. averagesecurityguy bsd-3-clause 35    
https://github.com/enigma0x3/Old-Powershell-payload-Excel-Delivery This version touches disk for registry persistence. enigma0x3   23    
https://github.com/kevthehermit/YaraPcap Process HTTP Pcaps With YARA kevthehermit   86    
https://github.com/chrislee35/passivedns-client passivedns-client provides a library and a query tool for querying several passive DNS providers chrislee35 mit 190    
https://github.com/sripathikrishnan/redis-rdb-tools Parse Redis dump.rdb files, Analyze Memory, and Export Data to JSON sripathikrishnan mit 4592    
https://github.com/bd808/python-iptools A few useful functions and objects for manipulating ip addresses in python. bd808 bsd-2-clause 68    
https://github.com/EtiennePerot/parcimonie.sh Refresh your GnuPG keyring without disclosing your whole contact list to the world EtiennePerot wtfpl 219    
https://github.com/golismero/golismero GoLismero - The Web Knife golismero gpl-2.0 808    
https://github.com/SpiderLabs/Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. SpiderLabs gpl-3.0 3922    
https://github.com/toolswatch/vFeed The Correlated CVE Vulnerability And Threat Intelligence Database API toolswatch other 892    
https://github.com/carmaa/inception Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces. carmaa   1481    
https://github.com/abemassry/wsend-gpg Encrypted end to end file transfer abemassry gpl-3.0 102    
https://github.com/kholia/passe-partout passe-partout is a tool to extract SSL private keys from process memory written by Nicolas Collignon and Jean-Baptiste Aviat (passe-partout@hsc.fr). kholia   63    
https://github.com/kholia/PGPCrack-NG PGPCrack-NG is a program designed to brute-force symmetrically encrypted PGP files. It is a replacment for the long dead PGPCrack. kholia   25    
https://github.com/pierce403/keyhunter A tool to recover lost bitcoin private keys from dead harddrives. pierce403   284    
https://github.com/wavexx/fgallery a modern, minimalist javascript photo gallery wavexx gpl-2.0 248    
https://github.com/encrypt-to/encrypt.to Send encrypted PGP messages with one click encrypt-to mit 130    
https://github.com/jackjack-jj/pywallet bitcoin wallet importer/exporter jackjack-jj   451    
https://github.com/1aN0rmus/TekDefense-Automater Automater - IP URL and MD5 OSINT Analysis 1aN0rmus mit 477    
https://github.com/etsy/MIDAS Mac Intrusion Detection Analysis System etsy   835    
https://github.com/indutny/bud NOT MAINTAINED Bud - The TLS Terminator indutny   455    
https://github.com/infosec-sharing-archive/MISP-TAXII–broken- (broken) THIS TOOL IS NOT MAINTAINED AND NOT WORKING ANYMORE WITH MISP infosec-sharing-archive agpl-3.0 1    
https://github.com/ReFirmLabs/binwalk Firmware Analysis Tool ReFirmLabs mit 8646    
https://github.com/bramcohen/DissidentX Bram’s steganographic framework bramcohen   482    
https://github.com/jperla/sentiment-data sentiment analysis datasets jperla   93    
https://github.com/danielmiessler/SecLists SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. danielmiessler mit 42729    
https://github.com/hbs/PySSSS Python Shamir Secret Sharing Scheme hbs   47    
https://github.com/P1sec/country_adjacency Country adjacency datasets P1sec agpl-3.0 9    
https://github.com/wummel/linkchecker check links in web documents or full websites wummel gpl-2.0 1382    
https://github.com/basil00/Divert WinDivert: Windows Packet Divert basil00 other 1831    
https://github.com/oleiade/trousseau File based encrypted key-value store oleiade mit 950    
https://github.com/philgyford/twelescreen A fullscreen, one-Tweet-at-a-time Twitter display. Runs on Node.js. philgyford other 40    
https://github.com/protobuf-c/protobuf-c Protocol Buffers implementation in C protobuf-c other 2193    
https://github.com/kohler/ipsumdump Ipsumdump and other programs for command-line network trace manipulation. kohler   31    
https://github.com/JustinAzoff/bro_scripts Analysis scripts for the Bro Intrusion Detection System JustinAzoff other 57    
https://github.com/facebook/rocksdb A library that provides an embeddable, persistent key-value store for fast storage. facebook gpl-2.0 23894    
https://github.com/dzzie/VS_LIBEMU Visual Studio 2008 port of the libemu library that includes scdbg.exe, a modification of the sctest project, that includes more hooks, interactive debugging, reporting features, and ability to work with file format exploit shellcode. Will run under WINE dzzie   160    
https://github.com/DanMcInerney/LANs.py Inject code and spy on wifi users DanMcInerney gpl-3.0 2505    
https://github.com/viper-framework/viper Binary analysis and management framework viper-framework other 1497    
https://github.com/jeffbryner/pyKeylogger python client/server keystroke logger jeffbryner other 19    
https://github.com/piannucci/blurt Data over audio piannucci mit 78    
https://github.com/tomchop/malcom Malcom - Malware Communications Analyzer tomchop other 1052    
https://github.com/gokyle/sshcrypt Encrypt files using Cryptobox and SSH keys. gokyle isc 16    
https://github.com/Pythonity/font-awesome-to-png Exports Font Awesome icons as PNG images Pythonity   623    
https://github.com/ArmoredPidgin/pidgin-hardened Clone of the official pidgin repository, with hardening options (apparmor profile, gcc options) ArmoredPidgin gpl-2.0 3    
https://github.com/bwalex/tc-play Free and simple TrueCrypt/VeraCrypt Implementation based on dm-crypt bwalex bsd-2-clause 535    
https://github.com/konklone/fisacourt Watching the FISA Court’s public docket. konklone cc0-1.0 41    
https://github.com/bennoleslie/pexif Python EXIF parsing bennoleslie mit 120    
https://github.com/luispedro/BuildingMachineLearningSystemsWithPython Source Code for the book Building Machine Learning Systems with Python luispedro mit 2111    
https://github.com/Xen0ph0n/YaraGenerator Automatic Yara Rule Generation Xen0ph0n   307    
https://github.com/infosec-sharing-archive/misp-maltego-old few transforms to make Maltego interface with MISP REST API (deprecated, use MISP-maltego) infosec-sharing-archive   6    
https://github.com/hexgolems/pint A debugger backend and LUA wrapper for PIN hexgolems   30    
https://github.com/antonmks/Alenka GPU database engine antonmks other 1157    
https://github.com/panda-re/panda Platform for Architecture-Neutral Dynamic Analysis panda-re other 2148    
https://github.com/averagesecurityguy/scripts Scripts I use during pentest engagements. averagesecurityguy other 910    
https://github.com/jbremer/darm A light-weight and efficient disassembler written in C for the ARMv7 instruction set. jbremer bsd-3-clause 205    
https://github.com/akngs/dviz   akngs mit 372    
https://github.com/robertdavidgraham/masscan TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. robertdavidgraham other 19995    
https://github.com/takemaru/graphillion Fast, lightweight graphset operation library takemaru other 409    
https://github.com/pyeve/eve REST API framework designed for human beings pyeve other 6550    
https://github.com/csirtgadgets/krenk-protocol the simplest way to convey disclosure guidelines. csirtgadgets lgpl-3.0 1    
https://github.com/i4ki/pymalelf Python bindings to libmalelf (https://github.com/SecPlus/libmalelf) i4ki other 4    
https://github.com/CybOXProject/python-cybox A Python library for parsing, manipulating, and generating CybOX content. CybOXProject bsd-3-clause 72    
https://github.com/cartazio/HaNS HaNS, a haskell network stack (currently an archeology project, but maybe can be revived) cartazio bsd-3-clause 4    
https://github.com/sopel-irc/sopel :robot::speech_balloon: An easy-to-use and highly extensible IRC Bot framework. Formerly Willie. sopel-irc other 921    
https://github.com/intrepidusgroup/xref_finder   intrepidusgroup   21    
https://github.com/spotify/sparkey Simple constant key/value storage library, for read-heavy systems with infrequent large bulk inserts. spotify apache-2.0 982    
https://github.com/wibiti/uncompyle2 Python 2.7 decompiler wibiti   1183    
https://github.com/mushorg/buttinsky Botnet monitoring is a crucial part in threat analysis and often neglected due to the lack of proper open source tools. Our tool will provide an open source framework for automated botnet monitoring. The modular design will allow full customization of the used protocols, the monitoring clients behavior, how we log the collected information, processing of the data to analyze the botnets purpose, size and threat and how the monitoring task are distributed between dedicated nodes. mushorg gpl-3.0 77    
https://github.com/devrandom/gitian-builder Build packages in a secure deterministic fashion inside a VM devrandom other 394    
https://github.com/STIXProject/schemas STIX Schema Development STIXProject   74    
https://github.com/bryannolen/DFIR-PUBLIC   bryannolen   12    
https://github.com/mailpile/Mailpile A free & open modern, fast email client with user-friendly encryption and privacy features mailpile other 8672    
https://github.com/goldsmith/Wikipedia A Pythonic wrapper for the Wikipedia API goldsmith mit 2516    
https://github.com/MAECProject/python-maec A Python library for parsing, manipulating, and generating MAEC content. MAECProject bsd-3-clause 38    
https://github.com/wking/rss2email open-source tool for Windows, Mac OS and UNIX for getting news from RSS feeds in email wking gpl-2.0 264    
https://github.com/Rafiot/bgpranking-hilbert Representation of the IP addresses gathered in BGP Ranking on an Hilbert Map. Rafiot   3    
https://github.com/nbareil/seccomp-nurse Sandboxing framework based on SECCOMP nbareil   51    
https://github.com/holman/gifme Fucking animations. You need them. holman   323    
https://github.com/greatscottgadgets/hackrf low cost software radio platform greatscottgadgets gpl-2.0 4926    
https://github.com/Bitmessage/PyBitmessage Reference client for Bitmessage: a P2P encrypted decentralised communication protocol: Bitmessage other 2735    
https://github.com/cjdelisle/cjdns An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. cjdelisle gpl-3.0 4929    
https://github.com/DrDub/urlclassy URL Classy: Guessing a class for a URL only from its text DrDub gpl-3.0 6    
https://github.com/urllib3/urllib3 Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more. urllib3 mit 3185    
https://github.com/jamessan/vim-gnupg This script implements transparent editing of gpg encrypted files. jamessan   651    
https://github.com/martinblech/xmltodict Python module that makes working with XML feel like you are working with JSON martinblech mit 4960    
https://github.com/REhints/HexRaysCodeXplorer Hex-Rays Decompiler plugin for better code navigation REhints   1962    
https://github.com/richo/hw_rand A python wrapper for poking at RDRAND richo mit 11    
https://github.com/robotmay/photographer-io An open source photography community. No longer in production but still open source. robotmay mit 670    
https://github.com/CIRCL/pcapdj pcapdj - dispatch pcap files CIRCL agpl-3.0 38    
https://github.com/isislovecruft/python-gnupg A modified version of python-gnupg, including security patches, extensive documentation, and extra features. isislovecruft other 408    
https://github.com/davidbau/seedrandom seeded random number generator for Javascript davidbau   1826    
https://github.com/PowerShellMafia/PowerSploit PowerSploit - A PowerShell Post-Exploitation Framework PowerShellMafia other 10028    
https://github.com/Rafiot/STARTTLS-Probe Probe SMTP servers to find out if they support STARTTLS Rafiot   1    
https://github.com/certsocietegenerale/event2timeline Simple Microsoft Windows sessions event logs visualization certsocietegenerale gpl-3.0 134    
https://github.com/swirepe/personalscripts a peek into what I do during the day swirepe   13    
https://github.com/gevent/gevent Coroutine-based concurrency library for Python gevent other 5832    
https://github.com/fonnesbeck/statistical-analysis-python-tutorial Statistical Data Analysis in Python fonnesbeck   1470    
https://github.com/EiNSTeiN-/decompiler A decompiler with multiple backend support, written in Python. Works with IDA and Capstone. EiNSTeiN-   502    
https://github.com/celery/celery Distributed Task Queue (development branch) celery other 20359    
https://github.com/saimn/sigal yet another simple static gallery generator saimn mit 770    
https://github.com/blanu/Dust A Polymorphic Engine for Filtering-Resistant Transport Protocols blanu   274    
https://github.com/Veil-Framework/Veil-Evasion Veil Evasion is no longer supported, use Veil 3.0! Veil-Framework other 1734    
https://github.com/armon/bloomd C network daemon for bloom filters armon other 1219    
https://github.com/armon/hlld C network daemon for HyperLogLogs armon other 441    
https://github.com/fredley/soma-pi A frontend for soma-pi, a Soma FM playing Pi Jukebox fredley   19    
https://github.com/CIRCL/IP-ASN-history IP-ASN-history is a server software to store efficiently the history of BGP announces and quickly lookup IP addresses origins CIRCL agpl-3.0 42    
https://github.com/totetmatt/GephiStreamer Python classes for streaming graph to gephi totetmatt   74    
https://github.com/arkime/arkime Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system. arkime other 5330    
https://github.com/nbareil/net2pcap Net2PCAP is a simple network-to-pcap capture file for Linux. Its goal is to be as simple as possible to be used in hostile environments nbareil   38    
https://github.com/bitblaze-fuzzball/fuzzball FuzzBALL: Vine-based Binary Symbolic Execution bitblaze-fuzzball other 209    
https://github.com/nieluj/sstic2013   nieluj   3    
https://github.com/icsharpcode/ILSpy .NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform! icsharpcode   16268    
https://github.com/MarioVilas/url_shortener_utils Having fun with URL shorteners MarioVilas   5    
https://github.com/rjhansen/nsrllookup Checks with NSRL RDS servers looking for for hash matches rjhansen isc 100    
https://github.com/rjhansen/nsrlsvr   rjhansen isc 73    
https://github.com/inveniosoftware/dictdiffer Dictdiffer is a module that helps you to diff and patch dictionaries. inveniosoftware other 761    
https://github.com/CIRCL/Circlean USB key cleaner CIRCL bsd-3-clause 393    
https://github.com/tumi8/vermont Vermont (VERsatile MONitoring Toolkit) is an open-source software toolkit for the creation and processing of network flow data. tumi8 gpl-2.0 55    
https://github.com/caesar0301/pkt2flow A simple utility to classify packets into flows. It’s so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it’s so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing. This is why this program is born. caesar0301 mit 139    
https://github.com/9b/pcap_tools Help summarize a PCAP file 9b   33    
https://github.com/haegardev/ipv4index IPv4 address index for fast insert/query/delete/merge/diff operations haegardev   1    
https://github.com/Gallopsled/pwntools CTF framework and exploit development library Gallopsled other 9600    
https://github.com/hubert3/iSniff-GPS Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices hubert3   971    
https://github.com/williballenthin/python-registry Pure Python parser for Windows Registry hives. williballenthin apache-2.0 382    
https://github.com/frida/frida-python Frida Python bindings frida other 657    
https://github.com/laurentj/slimerjs A scriptable browser like PhantomJS, based on Firefox laurentj other 2981    
https://github.com/givp/RoyGBiv RoyGBiv is a python module for analyzing image colors givp   25    
https://github.com/zed-0xff/pedump dump windows PE files using ruby zed-0xff mit 277    
https://github.com/cbd/edis An Erlang implementation of Redis cbd apache-2.0 464    
https://github.com/emeau/itrace hook objc_msgSend to trace Objective-C method callz emeau   117    
https://github.com/BrightcoveOS/Diamond   BrightcoveOS   1194    
https://github.com/mschiffm/cvrfparse CVRF parsing/validation utility mschiffm mit 28    
https://github.com/gorhill/cablegatesearch.net Cablegate’s cables: Full-text search web site gorhill   32    
https://github.com/mushorg/conpot ICS/SCADA honeypot mushorg gpl-2.0 1041    
https://github.com/heipei/engine-cuda engine-cuda is a CUDA/OpenCL engine for the popular OpenSSL cryptography framework. heipei gpl-3.0 64    
https://github.com/honeynet/beeswarm Honeypot deployment made easy honeynet gpl-3.0 238    
https://github.com/a0rtega/pafish Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do a0rtega gpl-3.0 2414    
https://github.com/infincia/Cardrand This is a simple demonstration of two things, pulling random entropy out of a hardware smart card, and feeding that data into the Linux kernel pool using an ioctl call. Makes it possible for any Linux system to have a real hardware random number generator infincia other 7    
https://github.com/deresz/funcap IDA Pro script to add some useful runtime info to static analysis deresz   452    
https://github.com/dzzie/pdfstreamdumper research tool for the analysis of malicious pdf documents. make sure to run the installer first to get all of the 3rd party dlls installed correctly. dzzie   259    
https://github.com/iSECPartners/LibTech-Auditing-Cheatsheet   iSECPartners   197    
https://github.com/iSECPartners/yontma You’ll never take me alive. iSECPartners other 81    
https://github.com/honza/rembrant rembrant is a photo organizational tool and an online gallery builder honza bsd-2-clause 9    
https://github.com/allfro/canari Local and Remote Maltego Rapid Transform Development Framework allfro   105    
https://github.com/lobsters/lobsters Computing-focused community centered around link aggregation and discussion lobsters other 3363    
https://github.com/andrix/python-snappy Python bindings for the snappy google library andrix other 446    
https://github.com/heapwolf/levelui A GUI for LevelDB management based on atom-shell. heapwolf mit 715    
https://github.com/carlosgprado/MILF An IDA Pro swiss army knife (with a sexy name!) carlosgprado   54    
https://github.com/stephenbrannon/IOCextractor IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files. stephenbrannon   132    
https://github.com/redis/node-redis A high-performance Node.js Redis client. redis mit 15628    
https://github.com/toxinu/leselys I’m Leselys, your very elegant RSS reader. toxinu other 231    
https://github.com/elhoim/mwcrawler Python Malware Crawler for Zoos and Repositories elhoim   3    
https://github.com/cvandeplas/pystemon Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon cvandeplas agpl-3.0 321    
https://github.com/jedisct1/Pincaster A fast persistent nosql database with a HTTP/JSON interface, not only for geographical data. jedisct1 other 171    
https://github.com/jedisct1/libsodium A modern, portable, easy to use crypto library. jedisct1 other 10553    
https://github.com/airblade/vim-gitgutter A Vim plugin which shows git diff markers in the sign column and stages/previews/undoes hunks and partial hunks. airblade mit 7858    
https://github.com/von/PerProxy A python-based proxy that uses Perspectives to detect and thwart SSL MITM attacks. von   7    
https://github.com/threatstream/threatstream-api   threatstream other 21    
https://github.com/deadbits/Intersect-2.5 Post-Exploitation Framework deadbits   65    
https://github.com/gitdurandal/Intersect-2.5 Post-Exploitation Framework gitdurandal   5    
https://github.com/hellman/xortool A tool to analyze multi-byte xor cipher hellman   1160    
https://github.com/coolwanglu/flasm My modified version of Flasm the Flash disassembler coolwanglu other 7    
https://github.com/coolwanglu/pdf2htmlEX Convert PDF to HTML without losing text or format. coolwanglu other 9630    
https://github.com/bigsnarfdude/d3py a plottling library for python, based on D3 bigsnarfdude   37    
https://github.com/sethhall/bro-apt1 This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report. sethhall   46    
https://github.com/MaStr/OFFLINEART Source Repository for Aram Bartholl’s OFFLINEART project. More information at http://www.offlineart.net (we be filled later) MaStr   16    
https://github.com/stephenfewer/ReflectiveDLLInjection Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process. stephenfewer bsd-3-clause 2038    
https://github.com/jbangert/trapcc Computing with traps jbangert bsd-3-clause 1111    
https://github.com/Hexxeh/rpi-update An easier way to update the firmware of your Raspberry Pi Hexxeh mit 1934    
https://github.com/cantino/reckon Flexibly import bank account CSV files into Ledger for command-line accounting cantino mit 362    
https://github.com/ipython/ipython Official repository for IPython itself. Other repos in the IPython organization contain things like the website, documentation builds, etc. ipython bsd-3-clause 15568    
https://github.com/jwilberding/bcp Broadcast Copy jwilberding gpl-3.0 263    
https://github.com/gleeda/Volatility-Plugins Plugins for the most recent branch of Volatility gleeda   19    
https://github.com/JohnCoogan/twitter-graph-visualization Analysis of the Twitter Social graph using Python, NetworkX, and D3.js JohnCoogan   58    
https://github.com/tblobaum/redis-graph a graph database using redis sets tblobaum mit 57    
https://github.com/twitter/fatcache Memcache on SSD twitter apache-2.0 1298    
https://github.com/blasty/moneyshot hax ‘n shit blasty   108    
https://github.com/i4ki/libmalelf Library for Dissect and Infect ELF Binaries. i4ki other 40    
https://github.com/stevedekorte/vertexdb C based graph db server using tokyocabinet & libevent stevedekorte other 294    
https://github.com/networkx/networkx Network Analysis in Python networkx other 11777    
https://github.com/bokeh/bokeh Interactive Data Visualization in the browser, from Python bokeh bsd-3-clause 16855    
https://github.com/krmaxwell/maltrieve A tool to retrieve malware directly from the source for security researchers. krmaxwell gpl-3.0 556    
https://github.com/RMLL/rmll2013-graphics sandbox for all graphics resources & creations RMLL   1    
https://github.com/dschuermann/wireshark2latex Generate TikZ graphics from tcpdump/Wireshark captures dschuermann   20    
https://github.com/joshleitzel/rawthought Aaron Swartz’s blog posts in Markdown, PDF, ePub, and Mobi joshleitzel   196    
https://github.com/adamsmith/game-theory-poker A game-theoretic poker player (written in 2005) adamsmith   175    
https://github.com/oreillymedia/open_government Open Government, released as part of #PDFtribute oreillymedia other 1292    
https://github.com/jdjkelly/www.aaronsw.com An archival copy. jdjkelly   80    
https://github.com/MITRECND/yaraprocessor Yara is awesome, but sometimes you need to manipulate the data streams you’re scanning in different ways. MITRECND bsd-2-clause 94    
https://github.com/toxinu/pyhn Hacker news command line client toxinu mit 387    
https://github.com/darjeeling/python-blake2 blake2 python module darjeeling   26    
https://github.com/williballenthin/python-evtx Pure Python parser for recent Windows Event Log files (.evtx) williballenthin apache-2.0 573    
https://github.com/dchest/b2sum Go implementation of b2sum utility to calculate BLAKE2 checksums (GitHub Mirror) dchest mit 16    
https://github.com/germgeis/SelfModifyingCode This project deals with self modifying code for windows executable germgeis   3    
https://github.com/bbrodriges/pholcidae Tiny python web crawler bbrodriges mit 170    
https://github.com/ilvalle/vtraffic Archived ilvalle other 18    
https://github.com/haegardev/libnfdump libnfdump - library to natively access netflow records stored by nfcapd haegardev   3    
https://github.com/berggren/foorep Forensics/Malware repository berggren bsd-2-clause 18    
https://github.com/oldeurope/rwthctf2012   oldeurope   40    
https://github.com/TAXIIProject/TAXII-Specifications A repository for development of the TAXII Specifications. For official releases, please see http://taxiiproject.github.io/releases/ TAXIIProject   39    
https://github.com/regit/SuricataC A Suricata unix socket client coded in plain C regit gpl-2.0 2    
https://github.com/CIRCL/bgpranking-redis-api API to access the Redis database of a BGP Ranking instance. CIRCL other 17    
https://github.com/gleitz/howdoi instant coding answers via the command line gleitz mit 9727    
https://github.com/okoeroo/drssl DoctorSSL enables you to diagnose the SSL enables services and generate a report. okoeroo   10    
https://github.com/Fitblip/vdb-fork A fork of @invisig0th’s VDB, for bugfixes, and other stuff. Fitblip   9    
https://github.com/mandiant/Reversing   mandiant   112    
https://github.com/botherder/vxcage REST API based malware repository (abandoned) botherder   104    
https://github.com/rethinkdb/rethinkdb The open-source database for the realtime web. rethinkdb other 25753    
https://github.com/MaStr/Forban Forban is a p2p application for link-local and local area network. Forban works independently from Internet and use only the local area capabilities to announce, discover, search or share files.Forban is a kind of p2p application for link-local and local area network. Forban works independently from Internet and use only the local area capabilities to announce, discover, search or share files. Forban relies on HTTP and he is opportunistic (meaning replicating any files seen in his proximity or interest). The name took his origins from the old French word (a forban is a kind of pirate). “Forban” can be also a play word in English at a time where government or corporate want to ban access to the Internet. The current implementation is written in Python. The Forban protocols are minimalistic to ease the accessibility to build independent Forban in any decent language or even in shell scripts (using tcpdump and wget for example). MaStr   1    
https://github.com/mothran/mongol A simple python tool to pinpoint the IP addresses of machines working for the Great Firewall of China. mothran   1277    
https://github.com/unbit/gitwhoosh A git repository indexer (using whoosh as the engine) unbit   19    
https://github.com/OpenRefine/OpenRefine OpenRefine is a free, open source power tool for working with messy data and improving it OpenRefine bsd-3-clause 9102    
https://github.com/anandkunal/goq A persistent queue implemented in Go. anandkunal   29    
https://github.com/agl/pond Pond agl bsd-3-clause 906    
https://github.com/iamultra/xmppmitm XMPP Man-in-the-Middle, quick & dirty iamultra   42    
https://github.com/jeffbryner/pyioc Python tools for IOC (Indicator of Compromise) handling jeffbryner other 94    
https://github.com/thomasbhatia/Packet-IO-Engine A high-performance and batching-oriented device driver for Intel 82598/82599-based network interface cards, the work is done in cooperation with ANLAB and NDSL. thomasbhatia other 1    
https://github.com/MITRECND/chopshop Protocol Analysis/Decoder Framework MITRECND   471    
https://github.com/snare/ida-efiutils Some scripts for IDA Pro to assist with reverse engineering EFI binaries snare   257    
https://github.com/juuso/keychaindump A proof-of-concept tool for reading OS X keychain passwords juuso   492    
https://github.com/lclevy/odd_verify odd_verify.py, a tool to recompute Original Decision data from your Canon EOS DSLR lclevy gpl-2.0 6    
https://github.com/mailvelope/mailvelope Browser extension for OpenPGP encryption with Webmail mailvelope agpl-3.0 1535    
https://github.com/asweigart/codebreaker “Hacking Secret Ciphers with Python” programs asweigart   322    
https://github.com/talkatv/talkatv An open source commenting system talkatv agpl-3.0 206    
https://github.com/jsommers/pytricia A library for fast IP address lookup in Python. jsommers lgpl-3.0 176    
https://github.com/cuckoosandbox/community Repository of modules and signatures contributed by the community cuckoosandbox   302    
https://github.com/zynga/hiccup [DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to be extended and customized, through the interface provided by Burp Extender (http://portswigger.net/burp/extender/). Its aim is to allow for the development and integration of custom testing functionality into the Burp tool using Python request/response handler plugins. zynga mit 42    
https://github.com/gmsoft-tuxicoman/pom-ng Packet-o-matic NG ! gmsoft-tuxicoman   62    
https://github.com/wavii/darner simple, lightweight message queue wavii other 864    
https://github.com/mandiant/AuditParser AuditParser mandiant apache-2.0 54    
https://github.com/CybOXProject/Tools CybOX Tools and Scripts CybOXProject   40    
https://github.com/jfrancois/SDBF Smart DNS Brute Forcer jfrancois gpl-3.0 20    
https://github.com/twitter/twemcache Twemcache is the Twitter Memcached twitter bsd-3-clause 925    
https://github.com/bdarnell/plop Python Low-Overhead Profiler bdarnell mit 922    
https://github.com/zeek/trace-summary Generates network traffic summaries. zeek other 20    
https://github.com/slifty/torwolf A game of communication, deception, and media slifty   20    
https://github.com/niklasfemerstrand/rc_openpgpjs OpenPGP for Roundcube via JavaScript niklasfemerstrand gpl-2.0 113    
https://github.com/bortzmeyer/dns-lg DNS Looking Glass bortzmeyer   74    
https://github.com/ecprice/newsdiffs Automatic scraper that tracks changes in news articles over time. ecprice other 477    
https://github.com/antirez/hping hping network tool antirez other 1180    
https://github.com/sroberts/malwarehouse A warehouse for your malware sroberts other 126    
https://github.com/adulau/GoUUID UUID generator/parser for Go adulau other 2    
https://github.com/nkrode/RedisLive Visualize your redis instances, analyze query patterns and spikes. nkrode mit 3073    
https://github.com/asciimoo/exrex Irregular methods on regular expressions asciimoo agpl-3.0 743    
https://github.com/adulau/gitlog2timesheet generate timesheet from git logs adulau   3    
https://github.com/jianli/git-playback A git command to play back file history. jianli   121    
https://github.com/tomrittervg/separator-oracle   tomrittervg   8    
https://github.com/MerlijnWajer/tracy tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net MerlijnWajer wtfpl 72    
https://github.com/GOVCERT-LU/rt_bot simple request tracker xmpp bot GOVCERT-LU other 8    
https://github.com/caesar0301/awesome-pcaptools A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors. caesar0301 cc0-1.0 2602    
https://github.com/mhils/HoneyProxy This project is now part of @mitmproxy. mhils mit 195    
https://github.com/jbremer/pyasm2 An easy and powerful assembler engine in python. jbremer   47    
https://github.com/ayrus/afterglow-cloud AfterGlow Cloud is a security visualization tool which lets users upload data and visualize the data as graphs on-the-fly (part of Google Summer of Code 2012). ayrus   15    
https://github.com/fygrave/dnslyzer DNS traffic indexer and analyzer fygrave   25    
https://github.com/cve-search/cve-search cve-search - a tool to perform local searches for known vulnerabilities cve-search agpl-3.0 1958    
https://github.com/djfiander/BiblioBox Inspired by griffey’s LibraryBox project, create a standalone ebook server djfiander   12    
https://github.com/obfuscurity/tasseo Live dashboard for Graphite obfuscurity other 1541    
https://github.com/psychomario/ntlmsspparse Parses ntlmssp netlm[v2] hashes out of a pcap file for use with a password cracker. psychomario   65    
https://github.com/droe/sslsplit Transparent SSL/TLS interception droe bsd-2-clause 1540    
https://github.com/MaStr/mkPirateBox-Forban Module for Openwrt-Piratebox-Package MaStr   9    
https://github.com/simsong/tcpflow TCP/IP packet demultiplexer. Download from: simsong gpl-3.0 1436    
https://github.com/simsong/AFFLIBv3 AFF is now being maintained at https://github.com/sshock/AFFLIBv3 simsong other 51    
https://github.com/ddopson/underscore-cli Command-line utility-belt for hacking JSON and Javascript. ddopson other 1705    
https://github.com/stricaud/faup Fast URL decoder library stricaud wtfpl 170    
https://github.com/griffey/LibraryBox Fork of PirateBox designed for educational and library use. griffey   63    
https://github.com/selfspy/selfspy Log everything you do on the computer, for statistics, future reference and all-around fun! selfspy gpl-3.0 2315    
https://github.com/fdietz/team_dashboard Visualize your team’s metrics all in one place. fdietz   860    
https://github.com/sneakybeaky/mod_redis An Apache HTTPD module for speaking to redis via HTTP sneakybeaky   131    
https://github.com/liquidsnake/pygexf a python library to generate gexf file format liquidsnake other 2    
https://github.com/lam0re/scoreboard An animated scoreboard for challenge-based CTFs lam0re bsd-3-clause 9    
https://github.com/twitter/twemproxy A fast, light-weight proxy for memcached and redis twitter apache-2.0 11614    
https://github.com/athrun/flickr-backup useful scripts to backup my flickr account athrun   1    
https://github.com/megamattron/SplinterNet A serverless, unblockable messaging system for Android. megamattron   414    
https://github.com/PirateBox-Dev/PirateBoxScripts David Dart’s Piratebox scripts reformed for laptop usage. PirateBox-Dev   23    
https://github.com/blackthorne/Codetective a tool to determine the crypto/encoding algorithm used according to traces from its representation blackthorne   128    
https://github.com/adulau/DomainClassifier DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes. adulau   70    
https://github.com/karlseguin/the-little-redis-book   karlseguin   1400    
https://github.com/chrislee35/IMAPCrypt GPG Encrypts an IMAP folder chrislee35 mit 12    
https://github.com/trevp/tlslite TLS Library in python trevp other 236    
https://github.com/j4mie/rediset Composable, cacheable, lazy trees of Redis set operations j4mie unlicense 18    
https://github.com/agl/crlset-tools Tools for dealing with Chrome’s CRLSets agl   131    
https://github.com/djrbliss/libplayground A simple framework for developing Linux kernel heap exploit techniques djrbliss gpl-2.0 108    
https://github.com/ubuwaits/beautiful-web-type In-depth guide to the best open-source typefaces: https://beautifulwebtype.com ubuwaits mit 7169    
https://github.com/crossbear/Crossbear   crossbear   31    
https://github.com/berggren/fordrop Core fordrop, including XMPP federation berggren   10    
https://github.com/jakecarpenter/Canvas-Prompter JavaScript/HTML5 Canvas based teleprompter jakecarpenter mit 4    
https://github.com/savonet/liquidsoap Audio and video streaming language savonet gpl-2.0 1024    
https://github.com/thedjpetersen/subway ABANDONED - A web based IRC client thedjpetersen   1484    
https://github.com/manjuraj/config my configurations manjuraj   5    
https://github.com/RaRe-Technologies/gensim-simserver [NO LONGER MAINTAINED AS OPEN SOURCE - USE SCALETEXT.COM INSTEAD] RaRe-Technologies agpl-3.0 106    
https://github.com/cryptosphere/cryptosphere Encrypted peer-to-peer web application platform for decentralized, privacy-preserving applications cryptosphere mit 1161    
https://github.com/beefproject/beef The Browser Exploitation Framework Project beefproject   7801    
https://github.com/arangodb/arangodb 🥑 ArangoDB is a native multi-model database with flexible data models for documents, graphs, and key-values. Build high performance applications using a convenient SQL-like query language or JavaScript extensions. arangodb apache-2.0 12658    
https://github.com/jbittel/httpry HTTP logging and information retrieval tool jbittel   553    
https://github.com/antirez/lamernews Lamer News – an HN style social news site written in Ruby/Sinatra/Redis/JQuery antirez other 1361    
https://github.com/adulau/pdns-qof Passive DNS Common Output Format adulau   30    
https://github.com/semk/voldemort A simple static site generator using Jinja2 and Markdown templates. semk apache-2.0 48    
https://github.com/niho/related A high performance distributed graph database. niho mit 128    
https://github.com/pockethub/PocketHub PocketHub Android App pockethub apache-2.0 9427    
https://github.com/liheyuan/BloomFilter-For-KeSeek An C++ implementation of BloomFilter using bitset and MurmurHash3 liheyuan   33    
https://github.com/fpletz/kernelroll linux kernel module for advanced rickrolling fpletz gpl-3.0 214    
https://github.com/cuckoosandbox/cuckoo Cuckoo Sandbox is an automated dynamic malware analysis system cuckoosandbox other 5090    
https://github.com/hgn/captcp A open source program for TCP analysis of PCAP files hgn gpl-3.0 110    
https://github.com/not-kennethreitz/envoy Python Subprocesses for Humans™. not-kennethreitz mit 2259    
https://github.com/edma2/asmscan a port scanner written in x86 assembly edma2   97    
https://github.com/sambaTux/Ubuntu10.04_server_on_soekris_net5501-70_CF Ubuntu10.04 server 32Bit on soekris net5501-70 with CompactFlash (CF) as storage device. sambaTux   3    
https://github.com/secYOUre/Encounter cryptocounters for our PETs secYOUre bsd-3-clause 23    
https://github.com/regit/coccigrep Semantic grep for the C language based on coccinelle regit gpl-3.0 113    
https://github.com/adulau/pdns-toolkit Passive DNS visualization and Passive DNS server toolkit adulau   36    
https://github.com/stephenmcd/drawnby Drawn By is a collaborative real-time sketching app built for the 2011 Django Dash. stephenmcd bsd-2-clause 24    
https://github.com/twbs/bootstrap The most popular HTML, CSS, and JavaScript framework for developing responsive, mobile first projects on the web. twbs mit 160214    
https://github.com/aaronhalford/dot-grid-templates Printable dot grid notebook templates aaronhalford   38    
https://github.com/adulau/lesoir2text The following script fetches the most read article from lesoir.be (from their official sitemap) and make an ascii text file of all the articles with the junk removed. adulau   3    
https://github.com/webwurst/chattle Small chat application demonstrating asynchronous responses in Bottle using gevent webwurst   12    
https://github.com/seatgeek/fuzzywuzzy Fuzzy String Matching in Python seatgeek gpl-2.0 8773    
https://github.com/z4r/python-rtkit Python Api for Request Tracker’s REST interface z4r other 67    
https://github.com/ewiger/jsmodem JSModem for JSLinux ewiger mit 118    
https://github.com/Rafiot/Directory-Indexing Index all the strings of all the files in a directory Rafiot   6    
https://github.com/r0ket/r0ket This is r0ket science! r0ket   165    
https://github.com/ianozsvald/EuroPython2011_HighPerformanceComputing Code for High Performance Computing tutorial for EuroPython 2011 ianozsvald   100    
https://github.com/amereservant/MediaWiki-Codex-Clone-Skin This is a clone of the WordPress.org Codex theme. amereservant   8    
https://github.com/bdcht/grandalf graph and drawing algorithms framework bdcht other 161    
https://github.com/Bibzball/Git-Mediawiki Gate between git and mediawiki Bibzball   31    
https://github.com/mkrecny/redis-extend A repository of non-native, useful redis commands, scripted in lua. mkrecny   62    
https://github.com/radii/observatory EFF SSL Observatory radii   22    
https://github.com/adulau/logs-ranking logs-ranking is a simple Perl script to add BGP Ranking to log files to ease the discovery of suspicious activities adulau   3    
https://github.com/pedrocr/codecomp Analyze the evolution of open-source code pedrocr gpl-2.0 19    
https://github.com/jduck/file-dissect File Dissect is a cross-platform framework and UI for analyzing various file formats. It is based on wxWidgets since it provides a native feel regardless of base OS. jduck bsd-3-clause 20    
https://github.com/clips/pattern Web mining module for Python, with tools for scraping, natural language processing, machine learning, network analysis and visualization. clips bsd-3-clause 8343    
https://github.com/jeffmurphy/DAQ-PCAPRR DAQ Round Robin PCAP module. jeffmurphy   3    
https://github.com/adulau/bgpranking-API Simple whois-like services for BGP Ranking adulau   6    
https://github.com/bsandrow/hn-profile Scraping profile info from news.ycombinator.com bsandrow mit 9    
https://github.com/JuliaLang/julia The Julia Programming Language JuliaLang mit 40772    
https://github.com/bdamele/shellcodeexec Script to execute in memory a sequence of opcodes bdamele   400    
https://github.com/hpfeeds/hpfeeds Honeynet Project generic authenticated datafeed protocol hpfeeds gpl-3.0 201    
https://github.com/adulau/dotfiles Minimal dotfiles and scripts used on my various GNU/Linux hosts adulau   5    
https://github.com/zacharyvoase/jsonpipe Convert JSON to a UNIX-friendly line-based format. zacharyvoase unlicense 302    
https://github.com/ether/etherpad-lite Etherpad: A modern really-real-time collaborative document editor. ether apache-2.0 13456    
https://github.com/addthis/stream-lib Stream summarizer and cardinality estimator. addthis apache-2.0 2232    
https://github.com/chrislee35/flowtag FlowTag visualizes pcap files for forensic analysis chrislee35 mit 28    
https://github.com/cies/resume My resume as a PDF including the well commented LaTeX source and build instructions. cies   382    
https://github.com/mprentice/GraphViz-sty graphviz.sty - A library for using GraphViz dot files in LaTeX mprentice   40    
https://github.com/DrWhax/mpOTR Our aim is to build a multi-party ‘off the record’ messaging plugin for various clients. DrWhax   34    
https://github.com/adulau/dnscap Patched version of dnscap (network capture utility designed specifically for DNS traffic) adulau   8    
https://github.com/altercation/solarized precision color scheme for multiple applications (terminal, vim, etc.) with both dark/light modes altercation mit 15352    
https://github.com/flazz/vim-colorschemes one colorscheme pack to rule them all! flazz   3318    
https://github.com/berggren/fordropweb Forensic Dropbox berggren other 22    
https://github.com/wmorgan/whistlepig A minimalist realtime full-text search index wmorgan other 149    
https://github.com/DNS-OARC/PacketQ A tool that provides a basic SQL-frontend to PCAP-files DNS-OARC gpl-3.0 379    
https://github.com/jstorimer/kitabu A framework for creating e-books from Markdown/Textile text markup using Ruby. Using the Prince PDF generator, you’ll be able to get high quality PDFs. jstorimer   49    
https://github.com/cr/mkPirateBox .ipk package that turns your mint OpenWRT into a PirateBox cr   69    
https://github.com/mattsta/redisfuse FUSE File System for Redis specializing in CRUDing strings and hashes (and R of everything else) mattsta   28    
https://github.com/RafeKettler/magicmethods Guide to Python’s magic methods RafeKettler   1620    
https://github.com/bookmine/libgen-tools LibGen Tools (Digital media collection management) bookmine gpl-3.0 8    
https://github.com/schacon/git-scribe basically the best way to write an ebook schacon mit 1348    
https://github.com/trolldbois/python-cymru-services API to use Cymru services trolldbois gpl-3.0 27    
https://github.com/adulau/logstash logstash - logs/event transport, processing, management, search. adulau other 2    
https://github.com/adulau/wikirc2text MediaWiki RecentChanges into text line while keeping track of changes seen adulau   2    
https://github.com/rhodimus/jQuery-News-Ticker An easy to use, slick and flexible news ticker plugin for jQuery. rhodimus   284    
https://github.com/openannotation/annotator Annotation tools for the web. Select text, images, or (nearly) anything else, and add your notes. openannotation other 2560    
https://github.com/jordansissel/fpm Effing package management! Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity. jordansissel other 10579    
https://github.com/adulau/Library-Genesis Library Genesis (code base from https://www.assembla.com/code/libgen/subversion/nodes) + tarball update from official website - this is just a free software to manage a bookshelf. This code can be used for any structured private or public bookshelf. I’m not the author or maintainer. This is kept for archival purpose. adulau   70    
https://github.com/kni/redis-sharding Redis Sharding is a multiplexed proxy-server, designed to work with the database divided to several servers. kni   114    
  It’s a temporary substitution of Redis Cluster that is under development.          
https://github.com/bitcoin/bitcoin Bitcoin Core integration/staging tree bitcoin mit 66744    
https://github.com/Doist/redis_graph Python graph database implemented on top of Redis Doist   132    
https://github.com/jgarzik/cpuminer CPU miner for bitcoin jgarzik other 824    
https://github.com/koorchik/FastNotes-Proto Trying mojolicious koorchik   31    
https://github.com/elastic/logstash Logstash - transport and process your logs, events, or other data elastic other 13132    
https://github.com/xme/known_hosts_bruteforcer Perl script to bruteforce SSH known_hosts files. xme   24    
https://github.com/mgan59/python-pinboard A Python module to access Pinboard.in via its API. This is a fork/modification of mudge/python-delicious mgan59 other 169    
https://github.com/ogrisel/paper2ebook Utility to re-structure research papers published in US Letter or A4 format PDF files to typically remove the 2 columns layout. ogrisel apache-2.0 53    
https://github.com/Diablo-D3/DiabloMiner OpenCL miner for Bitcoin Diablo-D3 gpl-3.0 529    
https://github.com/adulau/Net-Whois-RIS Perl module to query RIPE Routing Information Service (RIS) adulau   2    
https://github.com/Rafiot/Whois-Server Implementation of a Whois Server with a redis backend Rafiot   16    
https://github.com/abneptis/GoUUID UUID generator/parser for Go abneptis other 13    
https://github.com/pagekite/PyPagekite Python implementation of the PageKite remote front-end protocols. pagekite agpl-3.0 663    
https://github.com/getpelican/pelican Static site generator that supports Markdown and reST syntax. Powered by Python. getpelican agpl-3.0 11193    
https://github.com/clee/mobipocket Ruby interface for reading (and eventually writing) mobipocket books clee mit 16    
https://github.com/adulau/bgp-ranking For an Internet Service Provider, AS numbers are a logical representation of the other ISP peering or communicating with his autonomous system. ISP customers are using the capacity of the Internet Service Provider to reach Internet services over other AS. Some of those communications can be malicious (e.g. due to malware activities on an end-user equipments) and hosted at specific AS location. In order to provide an improved security view on those AS numbers, a trust ranking scheme will be implemented based on existing dataset of compromised systems, malware C&C IP and existing datasets of the ISPs. adulau other 4    
https://github.com/NewEraCracker/LOIC Low Orbit Ion Cannon - An open source network stress tool, written in C#. Based on Praetox’s LOIC project. USE ON YOUR OWN RISK. WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. NewEraCracker other 2117    
https://github.com/symkat/SymPullCDN SymPullCDN is a reverse caching proxy for use with Google Application Engine symkat other 40    
https://github.com/dotse/dns2db DNS2db is no longer supported and has been replaced by the superior PacketQ. PacketQ is much faster and no longer relies on Sqlite. Go to https://github.com/dotse/packetq/ for more information. The information and source on this page is provided for historical reasons. dotse   9    
https://github.com/lethain/Redis-Python-Datastructures simple python datastructure wrappings for redis lethain mit 105    
https://github.com/grugq/RunTracer PIN tool runtracer suite grugq   42    
https://github.com/edipretoro/WebService–Instapaper Basic interface to the Instapaper API edipretoro   2    
https://github.com/lachesis/zzz-scratch-pybitcoin Python Conversion of the Bitcoin Client lachesis   13    
https://github.com/FlowingMedia/TimeFlow Timeline visualization application FlowingMedia   447    
https://github.com/adulau/arc Paul Graham’s Brand New Lisp adulau other 2    
https://github.com/zeromq/pyzmq PyZMQ: Python bindings for zeromq zeromq other 3195    
https://github.com/andrewf/pcap2har A convertor from .pcap network capture files to HTTP Archive files. andrewf bsd-2-clause 222    
https://github.com/quuxlabs/Spear The reference implementation of the SPEAR ranking algorithm in Python. quuxlabs   35    
https://github.com/mape/node-wargames Visualization of an IRC channel in a wargame theme. mape mit 168    
https://github.com/ieure/sicp Structure and Interpretation of Computer Programs, Second Edition ieure   991    
https://github.com/SvenDowideit/fireGPG FireGPG is a Firefox extension under MPL that provides an integrated interface to apply GnuPG operations to the text of any web page, including encryption, decryption, signing, and signature verification. SvenDowideit other 18    
https://github.com/adulau/paper-token paper token is a PDF generator to create paper-based OTP token. adulau   4    
https://github.com/quuxlabs/DeliciousAPI Unofficial Python API for retrieving data from Delicious quuxlabs   39    
https://github.com/twitter-archive/snowflake Snowflake is a network service for generating unique ID numbers at high scale with some simple guarantees. twitter-archive   7150    
https://github.com/edsu/linkypedia a web based tool to monitor how your website content is used in wikipedia edsu   37    
https://github.com/paulgirard/pygexf a python library to generate gexf file format paulgirard other 119    
https://github.com/rubys/venus Planet Venus is an awesome ‘river of news’ feed reader. It downloads news feeds published by web sites and aggregates their content together into a single combined feed, latest news first. rubys other 263    
https://github.com/saucelabs/monocle An async programming framework with a blocking look-alike syntax. saucelabs other 331    
https://github.com/Rafiot/bgp-ranking For an Internet Service Provider, AS numbers are a logical representation of the other ISP peering or communicating with his autonomous system. ISP customers are using the capacity of the Internet Service Provider to reach Internet services over other AS. Some of those communications can be malicious (e.g. due to malware activities on an end-user equipments) and hosted at specific AS location. In order to provide an improved security view on those AS numbers, a trust ranking scheme will be implemented based on existing dataset of compromised systems, malware C&C IP and existing datasets of the ISPs. Rafiot other 20    
https://github.com/penma/dpaper Archive binary data on paper, for the lulz penma   5    
https://github.com/masonoise/redis-cheatsheet Cheatsheet for Redis masonoise   55    
https://github.com/jgoerzen/pygopherd Multiprotocol Gopher/Web Server [Python] jgoerzen gpl-2.0 166    
https://github.com/jsundram/streamgraph.js   jsundram   156    
https://github.com/eleybourn/Book-Catalogue A book cataloging tool for Android phones. eleybourn gpl-3.0 363    
https://github.com/basho/ebloom A NIF wrapper around a basic bloom filter. basho   62    
https://github.com/tbrumm/RT-Extension-QueueDeactivatedScrips Deactivate global Scrips on Queue Level tbrumm   5    
https://github.com/axiak/pybloomfiltermmap Fast Python Bloom Filter using Mmap axiak mit 732    
https://github.com/refaim/reposeer Library Genesis import tool refaim other 7    
https://github.com/gollum/gollum A simple, Git-powered wiki with a sweet API and local frontend. gollum mit 12845    
https://github.com/pklaus/timetable A LaTeX package for creating one-week timetables as they can frequently be found in universities or schools. pklaus   38    
https://github.com/erh/mongo-munin Munin plugins for MongoDB erh   148    
https://github.com/kazu-yamamoto/pgpdump A PGP packet visualizer kazu-yamamoto other 147    
https://github.com/g2p/git-fs A filesystem interface to git repositories g2p gpl-2.0 226    
https://github.com/singpolyma/shttpd An HTTP server written in POSIX shell script singpolyma other 40    
https://github.com/progrium/localtunnel Expose localhost servers to the Internet progrium mit 3131    
https://github.com/gonzoua/EBook-EPUB EBook::EPUB perl module for generating EPUB document gonzoua bsd-2-clause 32    
https://github.com/adulau/hotp-js A simple Javascript HOTP implementation (HMAC-Based One-Time Password Algorithm) as described in RFC 4226. The library relies on crypto-js (http://code.google.com/p/crypto-js/) for the javascript HMAC-SHA1 implementation. adulau   28    
https://github.com/adulau/Forban Forban is a p2p application for link-local and local area networks. Forban works independently from the Internet and uses only the local area capabilities to announce, discover, search or share files. Forban relies on HTTP and it is “opportunistic”. adulau   133    
https://github.com/quartzjer/TeleHash Old v1 repo, please see http://github.org/telehash now. quartzjer other 740    
https://github.com/ranguard/text-vcard Perl package to edit and create vCard(s) (RFC 2426) ranguard   21    
https://github.com/clever-algorithms/CleverAlgorithms Clever Algorithms: Nature-Inspired Programming Recipes clever-algorithms   1891    
https://github.com/latsami/close-commenting A simple text-publishing Django application enabling per paragraph comments. latsami gpl-3.0 2    
https://github.com/Abigail/Regexp–Common Common patterns Abigail other 31    
https://github.com/OSQA/osqa An open source Q&A(question and answer) eco-system. Issue tracking is at http://jira.osqa.net OSQA other 289    
https://github.com/IlyaSkriblovsky/txredisapi non-blocking redis client for python twisted IlyaSkriblovsky apache-2.0 232    
https://github.com/tpope/vim-pathogen pathogen.vim: manage your runtimepath tpope vim 11951    
https://github.com/luispedro/milk MILK: Machine Learning Toolkit luispedro mit 611    
https://github.com/Pistos/Top-Hacker-News Poller and RSS feed of the top Hacker News links Pistos   5    
https://github.com/mstevens/email-arf Email::ARF perl module for parsing ARF mstevens other 2    
https://github.com/scy/levitation Tools to convert Wikipedia dumps into Git repositories. scy   126    
https://github.com/mithro/media2iki Convert MediaWiki into an ikiwiki while preserving all history mithro gpl-2.0 12    
https://github.com/fs111/TheSilentGuy the talking IRC bot fs111 mit 5    
https://github.com/tstack/lnav Log file navigator tstack bsd-2-clause 4700    
https://github.com/phreeza/cells a game where players programm agents that compete for resources in a simulated environment phreeza mit 222    
https://github.com/rmurphey/jqfundamentals Code repository for jQuery Fundamentals training rmurphey   1168    
https://github.com/singpolyma/git-mediawiki Talk to a mediawiki from git singpolyma   6    
https://github.com/viveleroi/notepad-generator Source code for the notepad generator tool from Botsko.net viveleroi   17    
https://github.com/jweslley/bashreduce map/reduce in bash jweslley   11    
https://github.com/bestpractical/rtir   bestpractical   101    
https://github.com/toddr/perl-net-jabber-bot Net::Jabber::Bot module for Perl toddr   14    
https://github.com/mnutt/hid.im-firefox Firefox extension to convert an image to a torrent mnutt mit 20    
https://github.com/atl/twitstream A simple asynchronous HTTP library in python for speaking with Twitter’s streaming API, with numerous example applications. atl mit 60    
https://github.com/wireghoul/graudit grep rough audit - source code auditing tool wireghoul gpl-3.0 1148    
https://github.com/vecna/sniffjoke a client-only layer of protection from the wiretap/sniff/IDS analysis vecna gpl-3.0 90    
https://github.com/zxombie/contiki-arduino Contiki ported to various Arduino boards zxombie   22    
https://github.com/paulsm/pyzeroconf A pure python implementation of multicast DNS service discovery paulsm   102    
https://github.com/rieck/malheur A Tool for Automatic Analysis of Malware Behavior rieck gpl-3.0 338    
https://github.com/runpaint/vim-recipes A cookbook for the Vim text editor. runpaint other 274    
https://github.com/nodejs/http-parser http request/response parser for c nodejs mit 6117    
https://github.com/bronson/pdfdir Utilities to operate on lots of PDF files bronson   22    
https://github.com/lkeijser/stonevpn Easy OpenVPN certificate and configuration management lkeijser gpl-2.0 48    
https://github.com/jelmer/dulwich Pure-Python Git implementation jelmer other 1807    
https://github.com/redis/redis Redis is an in-memory database that persists on disk. The data model is key-value, but many different kind of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs, Bitmaps. redis bsd-3-clause 57442    
https://github.com/todotxt/todo.txt-cli ☑️ A simple and extensible shell script for managing your todo.txt file. todotxt gpl-3.0 5061    
https://github.com/vim-perl/vim-perl Support for Perl 5 in Vim vim-perl vim 488    
https://github.com/minad/olelo Wiki with git backend minad mit 242    
https://github.com/sanko/net-bittorrent Perl based BitTorrent module available on CPAN sanko other 13    
https://github.com/linuxfrorg/linuxfr.org The new version of LinuxFr.org will be in Ruby on Rails. It was NoNo’s resolution for 2009 (well, achieved!). You may add other enhancements at http://linuxfr.org/suivi/ as you have a look at the website linuxfrorg agpl-3.0 120    
https://github.com/samuelclay/NewsBlur NewsBlur is a personal news reader that brings people together to talk about the world. A new sound of an old instrument. samuelclay mit 6126    
https://github.com/xHire/wrapsix The fastest software NAT64 xHire gpl-3.0 30    
https://github.com/akrennmair/newsbeuter Newsbeuter is an open-source RSS/Atom feed reader for text terminals. akrennmair mit 778    
https://github.com/jaybaird/python-bloomfilter Scalable Bloom Filter implemented in Python jaybaird mit 1565    
https://github.com/akkumar/jreversepro JReversePro Java Decompiler akkumar   82    
https://github.com/internetarchive/bookreader The Internet Archive BookReader internetarchive agpl-3.0 755    
https://github.com/mcr/tcpdump the TCPdump network dissector. now moved to: mcr other 84    
https://github.com/internetarchive/openlibrary One webpage for every book ever published! internetarchive agpl-3.0 3828    
https://github.com/mojolicious/mojo :sparkles: Mojolicious - Perl real-time web framework mojolicious artistic-2.0 2361    
https://github.com/webpy/webpy web.py is a web framework for python that is as simple as it is powerful. webpy other 5742    
https://github.com/tarcieri/reia Ruby-like hybrid OOP/functional programming language for BEAM, the Erlang VM tarcieri mit 777    
https://github.com/sr/git-wiki A quick & dirty git-powered Sinatra wiki sr   531    
https://github.com/lydgate/git-todo-py A fork of todo.py that commits all changes into a git repository. lydgate gpl-2.0 20    
https://github.com/arclanguage/anarki Community-managed fork of the Arc dialect of Lisp; for commit privileges submit a pull request. arclanguage other 1123