Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

awesome-stars

python-guide - Python best practices guidebook, written for Humans.
DBProxy
ip2region - 准确率99.9%的ip地址定位库，0.0x毫秒级查询，数据库文件大小只有1.5M，提供了java,php,c,python,nodejs,golang查询绑定和Binary,B树,内存三种查询算法，妈妈再也不用担心我的ip地址定位！
seafile - File syncing and sharing software with file encryption and group sharing, emphasis on reliability and high performance.
naxsi - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GmSSL - 支持国密SM2/SM3/SM4算法的OpenSSL分支
yara - The pattern matching swiss knife
sha1collisiondetection - Library and command line tool to detect SHA-1 collision in a file
alfred-workflows - Collection of Alfred workflows
codewarrior - code-searching tool and static analysis - Beta, at construction
adbi - Android Dynamic Binary Instrumentation Toolkit
radare2 - unix-like reverse engineering framework and commandline tools
zmap - ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
post-exploitation - Post Exploitation Collection
goaccess - GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
exploit-database - The official Exploit Database repository
vnpy - 基于python的开源量化交易平台开发框架
tensorflow - Computation using data flow graphs for scalable machine learning
52g - Index leaked password data with bloom filter.
electron - Build cross platform desktop apps with JavaScript, HTML, and CSS
tesseract - Tesseract Open Source OCR Engine (main repository)
hexo-theme-next - Elegant theme for Hexo.
hexo-theme-material - Material Design theme for hexo.
weui - A UI library by WeChat official design team, includes the most useful widgets/modules in mobile web applications.
material_design_zh - Material Design 中文协同翻译 - design.1sters.com
humane-js - A simple, modern, browser notification system
the-swift-programming-language-in-chinese - 中文版 Apple 官方 Swift 教程《The Swift Programming Language》
Font-Awesome - The iconic SVG, font, and CSS toolkit
ZVulDrill - Web漏洞演练平台
picroscopy - A Python web-application to turn a Raspberry Pi and PiCam into a microscopy solution
asciinema-player - Web player for terminal session recordings ⏩
coffeescript - Unfancy JavaScript
yulong-hids - 一款由 YSRC 开源的主机入侵检测系统
go-ethereum - Official Go implementation of the Ethereum protocol
pouch - Pouch is an open-source project created to promote the container technology movement.
blockchain_go - A simplified blockchain implementation in Golang
blockchain_guide - Introduce blockchain related technologies, from theory to practice with bitcoin, ethereum and hyperledger.
ruler - A tool to abuse Exchange services
sshhipot - High-interaction MitM SSH honeypot
frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
beats - :tropical_fish: Beats - Lightweight shippers for Elasticsearch & Logstash
alfred-font-awesome-workflow - :tophat: Font Awesome Workflow for Alfred 3
30-seconds-of-css - A curated collection of useful CSS snippets.
js-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
portia - Visual scraping for Scrapy
Email-Boilerplate - The email boilerplate for sending out nicely formatted messages.
python-goose - Html Content / Article Extractor, web scrapping lib in Python
swagger-codegen - swagger-codegen contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition.
Top10 - Official OWASP Top 10 Document Repository
gophish - Open-Source Phishing Toolkit
qark - Tool to look for several security related Android application vulnerabilities
owasp-mstg - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
elasticsearch-definitive-guide - The Definitive Guide to Elasticsearch
XuanwuLab.github.io - Xuanwu Lab Blog
skf-flask - Security Knowledge Framework (SKF) Python Flask / Angular project
git-it-electron - :computer: :mortar_board: Git-it is a (Mac, Win, Linux) Desktop App for Learning Git and GitHub
learnyounode - Learn You The Node.js For Much Win! An intro to Node.js via a set of self-guided workshops.
git-it - :computer: :mortar_board: Learn Git and GitHub. Try the new desktop version →
behave.example - Examples and Tutorials for "behave" to simplify use for new developers.
mana - Our mana toolkit for wifi rogue AP attacks and MitM - see hostapd-mana too
post-exploitation-wiki - Post Exploitation Wiki
pwnwiki.github.io - PwnWiki - The notes section of the pentesters mind.
django-grappelli - A jazzy skin for the Django Admin-Interface (official repository).
fullstackpython.com - Full Stack Python source with Pelican, Bootstrap and Markdown.
django-admin-bootstrapped - A Django admin theme using Twitter Bootstrap. It doesn't need any kind of modification on your side, just add it to the installed apps.
yodaqa - A Question Answering system built on top of the Apache UIMA framework.
java-design-patterns - Design patterns implemented in Java
druid - :hotsprings: 为监控而生的数据库连接池！阿里云DRDS(https://www.aliyun.com/product/drds )、阿里巴巴TDDL 连接池powered by Druid
weixin-java-tools - 微信公众号、企业号Java SDK
weixin-java-tools - 微信公众号、企业号Java SDK
best-pay-sdk
tutorials - The "REST With Spring" Course:
segmentfault-lessons - Segment Fault 在线讲堂代码工程
BurpUnlimited - This project EXTENDS BurpLoader's license. It is NOT intended to replace BurpLoader.
metron - Mirror of Apache Metron
jwt-spring-security-demo - A small demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
threadfix - ThreadFix is a software vulnerability aggregation and management system that helps organizations aggregate vulnerability data, generate virtual patches, and interact with software defect tracking systems.
dependency-check-sonar-plugin - Integrates Dependency-Check reports into SonarQube
sonarqube - Continuous Inspection
zaproxy - The OWASP ZAP core project
VirtualApp - An open source Virtual Engine for Android
find-sec-bugs - The FindBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and Scala projects)
Android_Code_Arbiter - 针对Android Studio的源码扫描工具
ApkToolPlus - ApkToolPlus 是一个 apk 逆向分析工具（a apk analysis tools）。
Brida - The new bridge between Burp Suite and Frida!
BadIntent - Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
ud851-Exercises
ud851-Sunshine
drools - Drools Expert is the rule engine and Drools Fusion does complex event processing (CEP).
android-backup-extractor - Android backup extractor
JustTrustMe - An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
Inspeckage - Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
elasticsearch - Open Source, Distributed, RESTful Search Engine
data-algorithms-book - MapReduce, Spark, Java, and Scala for Data Algorithms Book
sqlmap4burp - sqlmap embed in burpsuite
S2-046-PoC - S2-046-PoC
SecurityShepherd - Web and mobile application security training platform
TheFatRat - Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
SikuliX-2014 - SikuliX version 1.1.2 (until February 2018)
PokemonGoDecoderForBurp - A simpe decoder to decode requests/responses made by PokemonGo in burp
DependencyCheck - OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
coverity-security-library - Coverity Security Library (CSL) is a lightweight set of escaping routines for fixing cross-site scripting (XSS), SQL injection, and other security defects in Java web applications.
ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Android-InsecureBankv2 - Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
bypasswaf - Add headers to all Burp requests to bypass some WAF products
android - cSploit - The most complete and advanced IT security professional toolkit on Android.
OWASP-GoatDroid-Project - OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform. Download the built version here: https://github.com/jackMannino/OWASP-GoatDroid-Project/downloads
jadx - Dex to Java decompiler
AndroidPinning - A standalone library project for certificate pinning on Android.
VulnWebView
dex2jar - Tools to work with android .dex and java .class files
Introspy-Android - Security profiling for blackbox Android
burpbuddy - burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any language without the restrictions of the JVM
ideavim - Vim emulation plug-in for IDEs based on the IntelliJ platform.
idea-gitignore - .ignore support plugin for IntelliJ IDEA
intellij-bootstrap - Bootstrap 3 and Bootstrap 4 plugin for IntelliJ
validator.js - String validation
examples - Store all egg examples in one place
insight - 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
sawtooth-supply-chain - Sawtooth Supply Chain
awesome-blockchain-cn - 收集所有区块链(BlockChain)技术开发相关资料，包括Fabric和Ethereum开发资料
Building-Blockchain-Projects - Code repository for Building Blockchain Projects, published by Packt
web3.js - Ethereum JavaScript API
ganache-cli - Fast Ethereum RPC client for testing and development
lodash - A modern JavaScript utility library delivering modularity, performance, & extras.
spark-notebook - Interactive and Reactive Data Science using Scala and Spark.
30-seconds-of-code - Curated collection of useful Javascript snippets that you can understand in 30 seconds or less.
core-js - Standard Library
charts - Simple, responsive, modern SVG Charts with zero dependencies
passport - Simple, unobtrusive authentication for Node.js.
faker.js - generate massive amounts of fake data in Node.js and the browser
mongoose - MongoDB object modeling designed to work in an asynchronous environment.
pug - Pug – robust, elegant, feature rich template engine for Node.js
standard - 🌟 JavaScript Style Guide, with linter & automatic code fixer
minui - 基于规范的小程序 UI 组件库，自定义标签组件，简洁、易用、工具化
zanui-weapp - 高颜值、好用、易扩展的微信小程序 UI 库，Powered by 有赞
weapp-demo - 微信小程序示例教程（豆瓣电影），WeChat App Demo，新版本请移步至：https://github.com/zce/weapp-douban
weRequest - 解决繁琐的小程序会话管理，一款自带登录态管理的网络请求组件。
wx-charts-demo - demos for wxCharts
BaiduExporter - Assistant for Baidu to export download links to aria2/aria2-rpc
wepy-plugin-axios - 在 wepy 中使用 axios
egg-weapp-sdk - Egg的微信小程序登录会话管理SDK
weapp-24time - A Twitter-like news and social app for Weapp. 微信小程序社区全栈解决方案
egg-24time - A Twitter-like news and social server for Egg. 微信小程序社区全栈解决方案
wepy - 小程序组件化开发框架
machinist-client - machinist-client
naivechain - A blockchain implementation in 200 lines of code
zeppelin-solidity - OpenZeppelin, a framework to build secure smart contracts on Ethereum
truffle - The most popular Ethereum development framework
js-xlsx - :green_book: SheetJS Community Edition -- Spreadsheet Parser and Writer
fks - 前端技能汇总 Frontend Knowledge Structure
egg - Born to build better enterprise frameworks and apps with Node.js & Koa
node-schedule - A cron-like and not-cron-like job scheduler for Node.
puppeteer - Headless Chrome Node API
cheerio - Fast, flexible, and lean implementation of core jQuery designed specifically for the server.
vue - 🖖 A progressive, incrementally-adoptable JavaScript framework for building UI on the web.
elasticsearch-rtf - elasticsearch中文发行版，针对中文集成了相关插件，方便新手学习测试.
elasticsearch-head - A web front end for an elastic search cluster
WebGoat - WebGoat 8.0
SRCMS - SRCMS企业应急响应与缺陷管理系统
tamperchrome - Tamper Chrome is a Chrome extension that allows you to modify HTTP requests on the fly and aid on web security testing. Tamper Chrome works across all operating systems (including Chrome OS).
juice-shop - OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.
frida-scripts - A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
openrasp - Open source RASP solution
appmon - Documentation:
XposedBridge - The Java part of the Xposed framework.
jumpserver - Jumpserver是全球首款完全开源的堡垒机，是符合 4A 的专业运维审计系统。
md2googleslides - Generate Google Slides from markdown
beef - The Browser Exploitation Framework Project
H5SC - HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
wept - 微信小程序 web 端实时运行工具
MiniApp-TouTiao - 微信小程序-仿今日头条
functional-javascript-workshop - A functional javascript workshop. No libraries required (i.e. no underscore), just ES5.
javascript - JavaScript Style Guide
es6tutorial - 《ECMAScript 6入门》是一本开源的 JavaScript 语言教程，全面介绍 ECMAScript 6 新增的语法特性。
weapp-weipiao - 微信小程序-微票
awesome-wechat-weapp - 微信小程序开发资源汇总 :100:
react-demos - a collection of simple demos of React.js
raptor - Web-based Source Code Vulnerability Scanner
examples - Store all egg examples in one place
mkdocs - Project documentation with Markdown.
webot-cli - command line interface for weixin-robot
webpack - A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows to load parts for the application on demand. Through "loaders," modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
async - Async utilities for node and the browser
electronic-wechat - :speech_balloon: A better WeChat on macOS and Linux. Built with Electron by Zhongyi Tong.
sequelize - An easy-to-use multi SQL dialect ORM for Node.js
superagent - Ajax with less suck - (and node.js HTTP client to match)
javascripting - Learn JavaScript by adventuring around in the terminal.
incubator-superset - Apache Superset (incubating) is a modern, enterprise-ready business intelligence web application
hain - An 'alt+space' launcher for Windows, built with Electron
cash - Cross-platform Linux commands in ES6
fingerprintjs2 - Modern & flexible browser fingerprinting library
HackMyResume - Generate polished résumés and CVs in HTML, Markdown, LaTeX, MS Word, PDF, plain text, JSON, XML, YAML, smoke signal, and carrier pigeon.
hashids.js - A small JavaScript library to generate YouTube-like ids from numbers. Use it when you don't want to expose your database ids to the user.
Introspy-Analyzer
appium - :iphone: Automation for iOS, Android, and Windows Apps.
Content-generator-sketch-plugin - Sketch app plugin for generating dummy data such as avatars, names, photos, geo data etc
material-design-color-palette - Sketch app plugin for displaying Google Material Design color palette.
materialize - Materialize, a CSS Framework based on Material Design
alfred-workflows - Collection of Alfred workflows
book-example - Example code for my book on TDD with Python
Chart.js - Simple HTML5 Charts using the <canvas> tag
nvd3 - A reusable charting library written in d3.js
d3 - Bring data to life with SVG, Canvas and HTML. :bar_chart::chart_with_upwards_trend::tada:
wechat - 微信公共平台消息接口服务中间件
Play-with-Machine-Learning-Algorithms - Code of my MOOC Course <Play with Machine Learning Algorithms>. Updated contents and practices are also included. 我在慕课网上的课程《Python3 入门机器学习》示例代码。课程的更多更新内容及辅助练习也将逐步添加进这个代码仓。
pytudes - Python programs to practice or demonstrate skills.
zheye - 者也 - 知乎倒立的文字汉字验证码识别程序
python3-in-one-pic - Learn python3 in one picture.
Python-Machine-Learning-Blueprints - Code repository for Python Machine Learning Blueprints, published by Packt
ThinkStats2 - Text and supporting code for Think Stats, 2nd Edition
handson-ml - A series of Jupyter notebooks that walk you through the fundamentals of Machine Learning and Deep Learning in python using Scikit-Learn and TensorFlow.
PythonDataScienceHandbook - Python Data Science Handbook: full text in Jupyter Notebooks
sklearn_tutorial - Materials for my scikit-learn tutorial
TensorFlow-Examples - TensorFlow Tutorial and Examples for Beginners with Latest APIs
python-scraping - Code samples from the book Web Scraping with Python http://shop.oreilly.com/product/0636920034391.do
pydata-book - Materials and IPython notebooks for "Python for Data Analysis" by Wes McKinney, published by O'Reilly Media
intellij-solidity - Solidity plugin for IntelliJ
VeryNginx - A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
ngx_lua_waf - ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
TheSevenWeapons - 安卓动态调试七种武器
awesome-django - Repository mirror of GitLab: https://gitlab.com/rosarior/awesome-django
frida - Clone this repo to build Frida
server-configs-nginx - Nginx HTTP server boilerplate configs
aria2gui - Aria2GUI for MAC OS X
drive-ios-quickeditor - [MOVED] A sample text editor for iOS illustrating how to open and save files with the Google Drive API
spectacle - Spectacle allows you to organize your windows without using a mouse.
XcodeGhost - "XcodeGhost" Source
shuttle - A simple SSH shortcut menu for macOS
pdf - 分享资料~~
Front-End-Checklist - 🗂 一份完美的前端开发清单——专为现代网站和极致的开发者打造
wafer - Wafer - 快速构建具备弹性能力的微信小程序
My-blog - 马云云在Github的学习片段
Front-end-Developer-Interview-Questions - A list of helpful front-end related questions you can use to interview potential candidates, test yourself or completely ignore.
CN-Chrome-DevTools - Chrome开发者工具中文手册
nodebestpractices - The largest Node.JS best practices list. Curated from the top ranked articles and always updated
modern-js-cheatsheet - Cheatsheet for the JavaScript knowledge you will frequently encounter in modern projects.
awesome-nodejs - :zap: Delightful Node.js packages and resources
awesome-static-analysis - A curated list of static analysis tools, linters and code quality checkers for various programming languages
microservices - Microservices from Design to Deployment 中文版《微服务：从设计到部署》
secops
MiscSecNotes - some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
IntelliJ-IDEA-Tutorial - IntelliJ IDEA 简体中文专题教程
bug-bounty-reference - Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Java-Deserialization-Cheat-Sheet - The cheat sheet about Java Deserialization vulnerabilities
awesome-pentest-cheat-sheets - Collection of the cheat sheets useful for pentesting
ircapabilities - Incident Response Hierarchy of Needs
free-programming-books - :books: Freely available programming books
XSS-Filter-Evasion-Cheat-Sheet-CN - XSS_Filter_Evasion_Cheat_Sheet 中文版
awesome-quant - 中国的Quant相关资源索引
Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
awesome-security - A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
gold-miner - 🥇掘金翻译计划，可能是世界最大最好的英译中技术社区，最懂读者和译者的翻译平台：
awesome-ml-for-cybersecurity - :octocat: Machine Learning for Cyber Security
API-Security-Checklist - Checklist of the most important security countermeasures when designing, testing, and releasing your API
awesome-android-ui - A curated list of awesome Android UI/UX libraries
awesome-android-libraries - This is an alphabetical list of libraries for Android development, the majority being actively maintained.
awesome-android - A curated list of awesome Android packages and resources.
awesome-windows-exploitation - A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
cheatsheets-ai - Essential Cheat Sheets for deep learning and machine learning researchers
WSVD - White hat Speaks Vulnerabilities Defence《白帽子讲漏洞防御》
DevGuide - The OWASP Guide
Scanners-Box - The toolbox of open source scanners - 安全行业从业者自研开源扫描器合辑
F-Scrack - F-Scrack is a single file bruteforcer supports multi-protocol
awesome-threat-intelligence - A curated list of Awesome Threat Intelligence resources
ss-panel - rm
jstraining - 全栈工程师培训材料
quick-look-plugins - List of useful Quick Look plugins for developers
awesome-electron - Useful resources for creating apps with Electron
security-guide-for-developers - Security Guide for Developers (实用性开发人员安全须知)
APTnotes - Various public documents, whitepapers and articles about APT campaigns
Front-end-tutorial - :smiley_cat:猫的前端回忆录 Cat's front memory, these share data are from my usual work and learning, hoping to help you, and hoping slowly improve, if you like you can star
gitignore - A collection of useful .gitignore templates
awesome-javascript-cn - JavaScript 资源大全中文版，内容包括：包管理器、加载器、测试框架、运行器、QA、MVC框架和库、模板引擎等
awesome-java - A curated list of awesome frameworks, libraries and software for the Java programming language.
awesome-docker - :whale: A curated list of Docker resources and projects
awesome - :sunglasses: Curated list of awesome lists
operations-guide - OpenStack Operations Guide
mechanize - Stateful programmatic web browsing in Python, after Andy Lester's Perl module WWW::Mechanize .
android-security-awesome - A collection of android security related resources
obfuscator
AngularJS-Learning - A bunch of links to blog posts, articles, videos, etc for learning AngularJS
node123 - node.js中文资料导航
Awesome-MaterialDesign - Collection of material design libs and res.
alfred-dash-workflow - [Depreciated] Documentation Lookup
full-stack-resources
swift-style-guide - The official Swift style guide for raywenderlich.com.
Welcome-to-Swift - Swift中文文档
Bootstrap-3-Axure-7-Template-Library-Helvetica-Neue - A Bootstrap 3 library for Axure 7. Widgets are designed with interactive states in mind. Includes a widget style library that corresponds to Bootstrap component classes. Font use is Helvetica Neue.
bs3-sublime-plugin - Twitter Bootstrap 3 Snippets Plugin for Sublime Text 2/3
alfred-workflows - Collection of Alfred workflows
homebrew-python - :skull: Homebrew/python (deprecated)
1book - 《Web安全之机器学习入门》
labs - This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.
alfred-workflow-qshell - 七牛开发者工具 qshell
wp-acceleration-for-china - 替换Google CDN文件、Gravatar头像链接，加快WordPress打开速度，为WordPress中国用户提供加速
DVWA - Damn Vulnerable Web Application (DVWA)
php-malware-finder - Detect potentially malicious PHP files
webshell - This is a webshell open source project
wooyun_public - 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
awesome-appsec - A curated list of resources for learning about application security
xvwa - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
SecLists - SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
alfred-github-workflow - Searching Github repos.
Alfred-Workflows - Make your Alfred more powerful. (include Workflows, Extensions and Themes)
nikto - Nikto web server scanner
PowerShellArsenal - A PowerShell Module Dedicated to Reverse Engineering
PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework
starred - creating your own Awesome List used GitHub stars!
MachineLearning - Machine Learning in Action（机器学习实战）
THULAC-Python - An Efficient Lexical Analyzer for Chinese
Agriculture_KnowledgeGraph - 农业知识图谱(KG)：农业领域的信息检索，命名实体识别，关系抽取，分类树构建，数据挖掘
QA - 使用深度学习算法实现的中文问答系统
SpoofMAC - :briefcase: Change your MAC address for debugging
jd-autobuy - Python爬虫，京东自动登录，在线抢购商品
ItChat - A complete and graceful API for Wechat. 微信个人号接口、微信机器人及命令行微信，三十行即可自定义个人号机器人。
WeixinBot - 网页版微信API，包含终端版微信及微信机器人
Ghost.py - Webkit based scriptable web browser for python.
GSIL - GitHub Sensitive Information Leakage（GitHub敏感信息泄露）
core-scrapy - python-scrapy demo
splash - Lightweight, scriptable browser as a service with an HTTP API
IPProxyPool - IPProxyPool代理池项目，提供代理ip
schedule - Python job scheduling for humans.
xadmin - Drop-in replacement of Django admin comes with lots of goodies, fully extensible with plugin support, pretty UI based on Twitter Bootstrap.
xmltodict - Python module that makes working with XML feel like you are working with JSON
scrapy-redis - Redis-based components for Scrapy.
tushare - TuShare is a utility for crawling historical data of China stocks
sparta - Network Infrastructure Penetration Testing Tool
pythem - pentest framework
XssPy - XssPy - Web Application XSS Scanner
shimit - A tool that implements the Golden SAML attack
git-dependency - 扫描GIT仓库Java依赖库
xssfork
passmaker - 可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified
dpark - Python clone of Spark, a MapReduce alike framework in Python
mininet - Emulator for rapid prototyping of Software Defined Networks
bitcoinbook - Mastering Bitcoin 2nd Edition - Programming the Open Blockchain
electrum - Electrum; Bitcoin thin client
zipline - Zipline, a Pythonic Algorithmic Trading Library
king-phisher - Phishing Campaign Toolkit
wifiphisher - The Rogue Access Point Framework
algo - Set up a personal IPSEC VPN in the cloud
macOS-Security-and-Privacy-Guide - A practical guide to securing macOS.
needle - The iOS Security Testing Framework
angr - The next-generation binary analysis platform from UC Santa Barbara's Seclab!
owasp-masvs - The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
enjarify
BurpSmartBuster - A Burp Suite content discovery plugin that add the smart into the Buster!
enjarify
Struts2_045-Poc - Struts2-045 POC
BaiDuPan - 百度网盘自动添加资源脚本
weakfilescan - 动态多线程敏感信息泄露检测工具
GitPrey - Searching sensitive files and contents in GitHub associated to company name or other key words
GitMiner - Tool for advanced mining for content on Github
ffmpeg-avi-m3u-xbin
awesome-machine-learning - A curated list of awesome Machine Learning frameworks, libraries and software.
fshell - 基于机器学习的分布式webshell检测系统
sklearn-pandas - Pandas integration with sklearn
scipy-lecture-notes - Tutorial material on the scientific Python ecosystem
tensorflow_template_application - TensorFlow template application for deep learning
keras - Deep Learning for humans
tflearn - Deep learning library featuring a higher-level API for TensorFlow.
theZoo - A repository of LIVE malwares for your own joy and pleasure
Sharly
Apriori - Python Implementation of Apriori Algorithm for finding Frequent sets and Association Rules
SublimeTableEditor - This package is no more supported. I moved to vim.
GourdScanV2 - 被动式漏洞扫描系统
Mobile-Security-Framework-MobSF - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
cobra - Source Code Security Audit (源代码安全审计)
passive_scan - 基于http代理的web漏洞扫描器的实现
python-xss-filter - Based on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
tensorflow-101 - learn code with tensorflow
django-DefectDojo - DefectDojo is an open-source defect tracking application
xunfeng - 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。
shadowsocks-py-mu - A fast tunnel proxy server for multiple users
edx-platform - The Open edX platform, the software that powers edX!
mooder - Mooder是一款开源、安全、简洁、强大的团队内部知识分享平台。
bandit - Python AST-based static analyzer from OpenStack Security Group
WechatSogou - 基于搜狗微信搜索的微信公众号爬虫接口
mac-setup - Installing Development environment on macOS
web_develop - 《Python Web开发实战》书中源码
django-rest-framework-jwt - JSON Web Token Authentication support for Django REST Framework
dymerge - 🔓 A dynamic dictionary merger for successful dictionary based attacks.
SublimeJEDI - awesome Python autocompletion with SublimeText
sublime-jekyll - A Sublime Text package for Jekyll static sites.
locust - Scalable user load testing tool written in Python
multi-mechanize - Performance Test Framework in Python
django-axes - Keep track of failed login attempts in Django-powered sites.
django-security - A collection of models, views, middlewares, and forms to help secure a Django project.
django-defender - A simple super fast django reusable app that blocks people from brute forcing login attempts
gt-python-sdk - GtWeb Python Sdk
Webcam - Raspberry Pi Web Camera
django-cors-headers - Django app for handling the server headers required for Cross-Origin Resource Sharing (CORS)
robotframework-requests - Robot Framework keyword library wrapper for requests
SeleniumLibrary - Web testing library for Robot Framework
robotframework - Generic test automation framework.
Some-PoC-oR-ExP - 各种漏洞poc、Exp的收集或编写
kippo - Kippo - SSH Honeypot
serializekiller - Mass scanner for the Java serialize bug
channels-example - An example Channels app
SIPI - Simple IP Information Tools for Reputation Data Analysis
django-downloadview - Serve files with Django.
zhao - 【编程随想】整理的《太子党关系网络》，专门揭露赵国的权贵
wafw00f - WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
http-prompt - HTTPie + prompt_toolkit = an interactive command-line HTTP client featuring autocomplete and syntax highlighting
faraday - Collaborative Penetration Test and Vulnerability Management Platform
django-admin-honeypot - :honey_pot: A fake Django admin login screen page.
awesome-honeypots - an awesome list of honeypot resources
routersploit - The Router Exploitation Framework
changeme - A default credential scanner.
Pocsuite - Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team.
python3-cookbook - 《Python Cookbook》 3rd Edition Translation
youtube-dl - Command-line program to download videos from YouTube.com and other video sites
interpy-zh - 📘《Python进阶》（Intermediate Python 中文版）
you-get - :arrow_double_down: Dumb downloader that scrapes the web
django-compressor - Compresses linked and inline javascript or CSS into a single cached file.
django-allauth - Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
django-excel - A Django middleware to read, manipulate and write data in different excel formats: csv, ods, xls, xlsx and xlsm.
pyexcel - Single API for reading, manipulating and writing data in csv, ods, xls, xlsx and xlsm files
django-dynamic-scraper - Creating Scrapy scrapers via the Django admin interface
viewflow - Reusable workflow library for Django
django_quiz - This is a configurable quiz app for Django.
django-ratelimit - Cache-based rate-limiting for Django
django-ipware - A Django application to retrieve client's IP address
CAPTCHA-breaking
simple-captcha-solver - simple CAPTCHA solver in python :snake:
wagtaildemo - Old example site implemented with Wagtail. Please see https://github.com/wagtail/bakerydemo for the current demo site
captcha-decoder - An elementary captcha decoder writen in python
cintruder - Captcha Intruder (CIntruder) is an automatic pentesting tool to bypass captchas.
wechat-python-sdk - 微信公众平台 Python 开发包 [DEPRECATED]
pyminifier - Pyminifier is a Python code minifier, obfuscator, and compressor.
pyautogui - A cross-platform GUI automation Python module for human beings. Used to programmatically control the mouse & keyboard.
sushigoroundbot - A bot that plays the Sushi Go Round flash game using PyAutoGUI.
faker - Faker is a Python package that generates fake data for you.
pycrypto - The Python Cryptography Toolkit
snownlp - Python library for processing Chinese text
jedi - Awesome autocompletion and static analysis library for python.
responses - A utility for mocking out the Python Requests library.
DashDoc - Dash integration for Sublime Text
splinter - splinter - python test framework for web applications
gittle - Pythonic Git for Humans
python-qrcode - Python QR Code image generator
yapf - A formatter for Python files
raspberry_pwn - A Raspberry Pi pentesting suite by Pwnie Express
weevely3 - Weaponized web shell
gevent - Coroutine-based concurrency library for Python
data-science-ipython-notebooks - Data science Python notebooks: Deep learning (TensorFlow, Theano, Caffe, Keras), scikit-learn, Kaggle, big data (Spark, Hadoop MapReduce, HDFS), matplotlib, pandas, NumPy, SciPy, Python essentials, AWS, and various command lines.
click - Python composable command line utility
clint - Python Command-line Application Tools
AlfredWorkflow.com - A public Collection of Alfred Workflows.
pyspider - A Powerful Spider(Web Crawler) System in Python.
scrapy-examples - Multifarious Scrapy examples. Spiders for alexa / amazon / douban / douyu / github / linkedin etc.
credmap - The Credential Mapper
spiderfoot - SpiderFoot, the open source footprinting and intelligence-gathering tool.
mimic - [ab]using Unicode to create tragedy
Pytesser - Python wrapper for the tesseract OCR engine. The module is based on OpenCV
Autorize - Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
shadowsocks
htpwdScan - A python HTTP weak pass scanner
TangScan - TangScan
dpkt - fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
jira - Python JIRA Library is the easiest way to automate JIRA.
docopt - Pythonic command line arguments parser, that will make you smile
scikit-learn - scikit-learn: machine learning in Python
hands-on-analysis-python - PyCon 2015
patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
django-wiki - A wiki system with complex functionality for simple integration and a superb interface. Store your knowledge with style: Use django models.
hashids-python - Implementation of hashids (http://hashids.org) in Python. Compatible with Python 2 and Python 3
Beebeeto-framework - Beebeeto FrameWork
docker_practice - Learn and understand Docker technologies, with real DevOps practice!
androguard - Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
drozer - The Leading Security Assessment Framework for Android.
ptf - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
SPF - SpeedPhishing Framework
Panoptic - Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.
Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
awesome-python - A curated list of awesome Python frameworks, libraries, software and resources
pysqli - Python SQL injection framework
wphardening - Fortify the security of any WordPress installation.
fbht - Facebook Hacking Tool
xsscrapy - XSS spider - 66/66 wavsep XSS detected
mwebfp - LNHG - Mass Web Fingerprinter
zarp - Network Attack Tool
Pompem - Find exploit tool
sparty - Sparty - MS Sharepoint and Frontpage Auditing Tool [Unofficial]
crowbar - Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
CapTipper - Malicious HTTP traffic explorer
PhEmail - PhEmail is a python open source phishing email tool that automates the process of sending phishing emails as part of a social engineering test
dirsearch - Web path scanner
XSSYA-V-2.0
net-creds - Sniffs sensitive data from interface or pcap
commix - Automated All-in-One OS command injection and exploitation tool.
instarecon - Automated digital reconnaissance
wig - WebApp Information Gatherer
jexboss - JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
creepy - A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.
wfuzz - Web application fuzzer
theHarvester - E-mails, subdomains and names Harvester - OSINT
MITMf - Framework for Man-In-The-Middle attacks
wifite
shadowsocks
pyauto - 《python自动化运维：技术与最佳实践》书中示例及案例源码
cupp - Common User Passwords Profiler (CUPP)
Windows-Exploit-Suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
pymetasploit - A full-fledged msfrpc library for Metasploit framework.
social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
sqlmap - Automatic SQL injection and database takeover tool
owtf - Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient @owtfp http://owtf.org
cookiecutter - A command-line utility that creates projects from cookiecutters (project templates). E.g. Python package projects, jQuery plugin projects.
grr - GRR Rapid Response: remote live forensics for incident response
pyringe - Debugger capable of attaching to and injecting code into python processes.
paramgmt - A parallel SSH-based remote machine management system
nogotofail - An on-path blackbox network traffic security testing tool
django-crontab - dead simple crontab powered job scheduling for django.
paramiko - The leading native Python SSHv2 protocol library.
redis-py - Redis Python Client
jieba - 结巴中文分词
requests - Python HTTP Requests for Humans™ ✨🍰✨
httpbin - HTTP Request & Response Service, written in Python + Flask.
django-jsonview - Return Python objects, always get JSON.
django-model-utils - Django model mixins and utilities.
cookiecutter-django - Cookiecutter Django is a framework for jumpstarting production-ready Django projects quickly.
django-fagungis - DJANGO + FAbric + GUnicorn + NGInx + Supervisor deployment
django-nvd3 - Django wrapper for nvd3 - It's time for beautiful charts
django-recaptcha - Django reCAPTCHA form field/widget integration app.
django-simple-captcha - Django Simple Captcha is an extremely simple, yet highly customizable Django application to add captcha images to any Django form.
django-extensions - This is a repository for collecting global custom management extensions for the Django Framework.
httpie - Modern command line HTTP client – user-friendly curl alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc. https://httpie.org
WeRoBot - WeRoBot 是一个微信公众号开发框架
pandas - Flexible and powerful data analysis / manipulation library for Python, providing labeled data structures similar to R data.frame objects, statistical functions, and much more
raspberrypi_cookbook - The source code from the book 'The Raspberry Pi Cookbook' by Simon Monk.
sslyze - Current development of SSLyze now takes place on a separate repository
scrapy - Scrapy, a fast high-level web crawling & scraping framework for Python.
fabric - Simple, Pythonic remote execution and deployment.
envoy - Python Subprocesses for Humans™.
presentations - Presentations from various conferences.
pygeoip - Pure Python API for Maxmind's binary GeoIP databases
arachni - Web Application Security Scanner Framework
gitrob - Reconnaissance tool for GitHub organizations
secrss
phishlulz
Cartero - Cartero - Social Engineering Framework
Scumblr - Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
legacy-homebrew - :skull: The former home of Homebrew/homebrew (deprecated)
q - Exploit Pack for Metasploit - Collection of modules gathered across time and internets
metasploit-framework - Metasploit Framework
Mining-the-Social-Web-2nd-Edition - The official online compendium for Mining the Social Web, 2nd Edition (O'Reilly, 2013)
parity - Fast, light, robust Ethereum implementation.
gatling - Async Scala-Akka-Netty based Load Test Tool
AndroidZipArbitrage - Exploit for Android Zip bugs: 8219321, 9695860, and 9950697
streisand - Streisand sets up a new server running your choice of L2TP/IPsec, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, a Tor bridge, and WireGuard. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
SpringCloudLearning - project for spring cloud learning
exploit-database-papers - exploit-database-papers
git-secrets - Prevents you from committing secrets and credentials into git repositories
vulhub - Docker-Compose file for vulnerability environment
docker-elk - The ELK stack powered by Docker and Compose.
datascience-sp14 - Repository for data science course Spring 14
docker-vulnerability-environment - Use the docker to build a vulnerability environment
rules - Repository of yara rules
mhn - Modern Honey Network
smartcd - Alter your bash (or zsh) environment as you cd
ctf-tools - Some setup scripts for security research tools.
discover - For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks.
cheat-sheets - Various Cheat Sheets related to development and security
rbenv - Groom your app’s Ruby environment
cleartext-mac - A text editor that will help you write clearer and simpler
SwiftyJSON - The better way to deal with JSON data in Swift
json-swift - A basic library for working with JSON in Swift.
SQLite.swift - A type-safe, Swift-language layer over SQLite3.
SwiftData - Simple and Effective SQLite Handling in Swift
iOS-8-Swift-Programming-Cookbook - This is the GitHub repository of O'Reilly's iOS 8 Swift Programming Cookbook
Alamofire - Elegant HTTP Networking in Swift
SwiftGuide - 这份指南汇集了Swift语言主流学习资源，并以开发者的视角整理编排。http://dev.swiftguide.cn
awesome-ios - A curated list of awesome iOS ecosystem, including Objective-C and Swift Projects
mosquito - XSS exploitation tool - access victims through HTTP proxy
deeplearningbook-chinese - Deep Learning Book Chinese Translation
wechaty - Bot for WeChat. Powered by Puppeteer / Node.js / TypeScript / Docker
chromeless - 🖥 Chrome automation made simple. Runs locally or headless on AWS Lambda.
Hawkeye - GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor)
samm
![CC0
aka99

Programming Languages

Python 177 JavaScript 66 Java 41 HTML 18 PHP 13 Shell 12 Jupyter Notebook 12 Go 11 C 10 Swift 9

Keywords

python 64 security 37 javascript 25 awesome 15 java 14 machine-learning 14 awesome-list 14 pentesting 13 android 13 nodejs 10 security-audit 10 tensorflow 9 deep-learning 8 penetration-testing 8 django 8 owasp 8 framework 8 list 7 infosec 7 wechat 6 blockchain 6 data-science 6 hacking 6 docker 6 appsec 6 security-tools 6 static-analysis 6 php 6 weapp 5 devsecops 5 scanner 5 automation 5 ios 5 es6 5 ethereum 5 css 5 swift 5 crawler 5 pandas 4 book 4 application-security 4 api 4 pentest 4 spark 4 vulnerability 4 egg 4 bitcoin 4 linux 4 golang 4 vulnerability-scanners 4