1446 Open source projects that are alternatives of or similar to Stuff

PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)

A Cloudflare resolver that works

😎 A curated list of awesome, language-agnostic WebAssembly tools

统计你的微信连接多少人，包括好友、群聊人数，并提供去重后的长图结果

MinIO Client is a replacement for ls, cp, mkdir, diff and rsync commands for filesystems and object storage.

pwninit - automate starting binary exploit challenges

some pentest scripts & tools by [email protected]

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

A dnSpy extension to aid reversing of obfuscated assemblies

Re-implementation of Abe's Exoddus and Abe's Oddysee

A simple, easily extensible shell for navigating your kubernetes clusters

Nintendo Switch loader for Ghidra

A tool for remote ADB exploitation in Python3 for all Machines.

Triton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.

Dark theme installer for Ghidra

A Minimalist Instruction Extender for the ARM architecture and IDA Pro

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Java / Kotlin Decompiler and AST Library

Docker images for infosec tools

Python 3 bridge to Ghidra's Python scripting

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

Wavestone's web interface for password cracking with hashcat

Monitoring GitLab for sensitive data shared publicly

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

🛠 Tools and scripts to manipulate Android APKs

Disassembly of Pokémon TCG

A "shim" for loading native jni files for Android active debugging

The backend of HTTP Toolkit

Real - time monitoring of distributed server information

A collection of bookmarks, resources, articles for product designers.

Bluetooth scanner for local devices that may be vulnerable to Blueborne exploit

ImGuiSDL: SDL2 based renderer for Dear ImGui

Unity3D开发的工具包集合, 集成常见的开发组件以免于重复造轮子。佛系更新中。。。

nray distributed port scanner

🐱‍💻 Tiny Tiny Hacks we use in our daily life.

Username enumeration and password spraying tool aimed at Microsoft O365.

A collection of hand-crafted bash scripts for various common tasks.

A {Windows, macOS, Linux} client recreating the functionality of the Sony Headphones app

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

Setup scripts for my Malware Analysis VMs

Some frida scripts

vscode extension for quick gists

Getting Genymotion & Burpsuite setup for Android Mobile App Analysis

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

REmatch, a complete binary diffing framework that is free and strives to be open source and community driven.

CVE-2020-0688_EXP Auto trigger payload & encrypt method

Web wrapper of niklasb/libc-database

M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter

Use Ngrok In Termux With Advanced Options

C2Hack, sharing tips and tricks for pentesters

Abandoned C++ version. Contains useful format utils and parsers.

Api Generator是一款可以自动解析Controller类抽取REST接口信息并自动上传YApi的IDEA插件。YApi好伴侣，从此维护文档再也不是事儿了！

1024Tools开发工具箱

This is a Tool to extract hard code from android layout

📢 🔒 Exploit farm for attack-defense CTF competitions

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

SSRF (Server Side Request Forgery) testing resources

🔐 Run frida-server on boot with Magisk, always up-to-date