Top 861 hacking open source projects

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Ruby on Rails Phishing Framework

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Hacking Toolkit

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.

Attify OS - Distro for pentesting IoT devices

Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.

Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems

A portable, simple zip library written in C

🎯 Advanced debugging skills used in the iOS project development process, involves the dynamic debugging, static analysis and decompile of third-party libraries. iOS 项目开发过程中用到的高级调试技巧，涉及三方库动态调试、静态分析和反编译等领域

Powerfull XSS Scanning and Parameter analysis tool&gem

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Damn Vulnerable Web Application (DVWA)

Making Favicon.ico based Recon Great again !

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Automated Red Team Infrastructure deployement using Docker

Advanced Web Shell

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

💣 Impulse Denial-of-service ToolKit

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥

onex is a hacking tool installer and package manager for hackers. Onex is a library of all hacking tools for Termux and other Linux distributions. onex can install any third party tool or any hacking tool for you.

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

An Python Script For Generating Payloads that Bypasses All Antivirus so far .

HERCULES is a special payload generator that can bypass antivirus softwares.

Auto Scanning to SSL Vulnerability

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

👁 (s)AINT is a Spyware Generator for Windows systems written in Java. [Discontinued]

📝 ⌨️ A GNU/Linux keylogger that works!

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

OSINT Tool: Generate username lists for companies on LinkedIn

The New Hacking Framework

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

hack tools

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Kali Linux Cheat Sheet for Penetration Testers

Building an Active Directory domain and hacking it

All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog

Multi-threaded Instagram Brute Forcer (100 attemps at once)

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Drone pentesting framework console

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

Attack surface mapping

Useful tools and scripts during Penetration Testing engagements

Apache Solr Injection Research

Penetration Testing notes, resources and scripts

A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.

tool to extract passwords from TeamViewer memory using Frida

A front-end JavaScript toolkit for creating DNS rebinding attacks.

Automatically Launch Google Hacking Queries Against A Target Domain

HostHunter a recon tool for discovering hostnames using OSINT techniques.

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

HULK DoS tool ported to Go with some additional features.