Top 861 hacking open source projects

An automated e-mail OSINT tool

Facebook Brute Forcer in shellscript using TOR

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Code for my 0x00sec.org posts

A tool to fastly get all javascript sources/files

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Keeping Twitter for macOS alive with code injection

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Hospitality for Hackers

ANDRAX The first and unique Penetration Testing platform for Android smartphones

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

The DevSecOps toolset for REST APIs

Advanced and easy to use penetration testing framework 💣🔎

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

The all-in-one Red Team extension for Web Pentester 🛠

Creative and unusual things that can be done with the Windows API.

An Advanced Tool For Complete Apk-Modding In Termux ...

Awesome Vulnerable Applications

Facebook Cracker Version 1.0 can crack into Facebook Database 100% without Interruption By Facebook Firewall

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

Simple Dll injector loading from memory. Supports PE header and entry point erasure. Written in C99.

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

🛡️⚔️ Protect your web app from DDOS attack or the Dead Ping + CAPTCHA VERIFICATION in one line!

A high performance offensive security tool for reconnaissance and vulnerability scanning

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

TechNowLogger is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

🍰 Trace objc method call for ios and mac

📕 Both personal and public notes for EC-Council's CEHv10 312-50, because its thousands of pages/slides of boredom, and a braindump to many

RubberDucky like payloads for DigiSpark Attiny85

Python library and CLI for the Bug Bounty Recon API

JSshell - JavaScript reverse/remote shell

🔓 A dynamic dictionary merger for successful dictionary based attacks.

A list of payload and bypass lists for penetration testing and red team infrastructure build.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

Auto IP or Domain Attack Tool ( #1 )

Create Best Wordlist From Python Tool In Termux

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

🔺 Red Team Hardware Toolkit 🔺

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Social media & camera hacking & whatsapp virus & SMS bombing

This repository contains reference material & links for people willing to learn Ethical Hacking

Automated brute-forcing attack tool.

web scanner - exploitation - information gathering

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Source code for Hacker101.com - a free online web and mobile security class.

💤 Kick devices off your network by performing an ARP Spoof attack.

An open source batch script based WiFi Passview for Windows!

Bot18 is a high-frequency cryptocurrency trading bot developed by Zenbot creator @carlos8f

This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

Repositório com conteúdo sobre web hacking em português

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network

All in One Termux Os..!! (New)

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box