https://github.com/aw-junaid/black-hat-python
A collection of advanced Python scripts for cybersecurity, penetration testing, and ethical hacking.
https://github.com/aw-junaid/black-hat-python
blackhat blackhat-python hacker hacking-tool kali-linux penetration-testing python redhat
Last synced: 5 months ago
JSON representation
A collection of advanced Python scripts for cybersecurity, penetration testing, and ethical hacking.
- Host: GitHub
- URL: https://github.com/aw-junaid/black-hat-python
- Owner: aw-junaid
- License: mit
- Created: 2025-02-04T09:31:36.000Z (8 months ago)
- Default Branch: main
- Last Pushed: 2025-02-27T14:37:15.000Z (7 months ago)
- Last Synced: 2025-02-27T20:38:54.342Z (7 months ago)
- Topics: blackhat, blackhat-python, hacker, hacking-tool, kali-linux, penetration-testing, python, redhat
- Language: Python
- Homepage: https://awjunaid.com
- Size: 1.25 MB
- Stars: 12
- Watchers: 2
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# Black-Hat-Python
# Contact With Me:
# 💰 You can help me by Donating
[](https://buymeacoffee.com/awjunaid)
> [!Note]
This repository contains tools and scripts sourced from various GitHub repositories and other open-source platforms. All original works are credited to their respective authors. If you are the owner of any content and wish to have it removed, please contact the repository author directly. This project is intended for educational and ethical purposes only. Unauthorized use, distribution, or modification of these tools without proper consent is prohibited. By using this repository, you agree to comply with all applicable laws and ethical guidelines. The author is not responsible for any misuse or damage caused by the tools provided herein.
# Source
- [blackhat-python3](https://github.com/EONRaider/blackhat-python3)
- [Mastering Python Scripting for System Administrators](https://github.com/PacktPublishing/Mastering-Python-Scripting-for-System-Administrators-)
- [python-pentest-tools](https://github.com/dloss/python-pentest-tools/blob/master/README.md)
# Table of Content
### Python Networking
- [TCP Client](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Client.md)
- [UDP Client](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/UDP%20Client.md)
- [TCP Server](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Server.md)
- [Netcat Client & Server for Remote code execution](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Netcat%20Client%20%26%20Server.md)
- [TCP Proxy](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/TCP%20Proxy.md)
- [SSH with Paramiko](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20with%20Paramiko.py)
- [Basic SSH server using the paramiko](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Basic%20SSH%20server%20using%20the%20paramiko.md)
- [SSH reverse tunneling](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/SSH%20reverse%20tunneling.md)
- [Simple SSH server](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/bhp_reverse_ssh_cmd.md)
- [Packet Sniffer Using raw sockets](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/packet%20sniffer%20using%20raw%20sockets.md)
- [Packet Sniffer Decoding Header](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20Header.md)
- [Packet Sniffer Decoding ICMP](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Packet%20Sniffer%20Decoding%20ICMP.md)
- [Python Subnet Scanner with ICMP Packet Analysis](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Python%20Subnet%20Scanner%20with%20ICMP%20Packet%20Analysis.md)
- [Email Credential Sniffer in Python](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Email%20Credential%20Sniffer%20in%20Python.md)
- [ARP Cache Poisoning with Scapy](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/ARP%20Cache%20Poisoning%20with%20Scapy.md)
- [PCAP Image Extractor & Face Detector](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/PCAP%20Image%20Extractor%20%26%20Face%20Detector.md)
- [Brute-force HTTP authentication scan](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/brute-force%20HTTP%20authentication%20scan.md)
- [Check Open and Closed Ports on a Remote Host](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Check%20Open%20and%20Closed%20Ports%20on%20a%20Remote%20Host.md)
- [Multithreaded TCP Port Scanning](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Multithreaded%20TCP%20Port%20Scanning.md)
- [Scanning a Range of Ports on a Remote Host](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Scanning%20a%20Range%20of%20Ports%20on%20a%20Remote%20Host.md)
- [Test a Socket Connection to a Remote Host](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Test%20a%20Socket%20Connection%20to%20a%20Remote%20Host.md)
- [Resolve Host Name from an IP Address](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/HTTP/Resolve%20Host%20Name%20from%20an%20IP%20Address.md)
### Web Hacking
- [Web Path Scanner (Joomla Site Crawler)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Web%20Path%20Scanner%20(Joomla%20Site%20Crawler).md)
- [Directory & File Bruteforcer](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Directory%20%26%20File%20Bruteforcer.md)
- [Multi-threaded Brute-Force Login Script](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/Multi-threaded%20Brute-Force%20Login%20Script.md)
- [multi-threaded brute-force attack on a WordPress login page](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Networking/multi-threaded%20brute-force%20attack%20on%20a%20WordPress%20login%20page.md)
### Burp Fuzzing
- [Burp Suite Intruder Payload Generator (Python Extension)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Intruder%20Payload%20Generator%20(Python%20Extension).md)
- [Burp Suite Extension: BHP Wordlist (Bing Search Integration)](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20(Bing%20Search%20Integration).md)
- [Burp Suite Extension: BHP Wordlist Generator](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/BHP%20Fuzzer/Burp%20Suite%20Extension%3A%20BHP%20Wordlist%20Generator.md)
### Github Command and Control
- [GitHub-based trojan](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Github%20Command%20and%20Control/GitHub-based%20trojan.md)
### Trojaning Tasks on Windows
- [keylogger](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/keylogger.md)
- [Captures a screenshot of the entire desktop on a Windows system](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/captures%20a%20screenshot%20of%20the%20entire%20desktop%20on%20a%20Windows%20system.md)
- [Execute shellcode from a web server](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/execute%20shellcode%20from%20a%20web%20server.md)
- [Sandbox Detection](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Sandbox%20Detection.md)
- [Monitor processes on a Windows system](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Monitor%20processes%20on%20a%20Windows%20system.md)
- [Monitor specific directories](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/monitor%20specific%20directories.md)
- [Code Injection](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Trojaning%20Tasks%20on%20Windows/Code%20Injection.md)
### Browser Attacks
- [Browser Hijacking and Login Redirect](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Browser%20Hijacking%20and%20Login%20Redirect.md)
- [Simple HTTP Server for Capturing Credentials](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Simple%20HTTP%20Server%20for%20Capturing%20Credentials.md)
- [Document Exfiltration Using Tumblr](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/Document%20Exfiltration%20Using%20Tumblr.md)
- [Generates a new RSA key pair with a 2048-bit key length](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/generates%20a%20new%20RSA%20key%20pair%20with%20a%202048-bit%20key%20length.md)
- [Decrypts and decompresses the encrypted data](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Browser%20Attacks/decrypts%20and%20decompresses%20the%20encrypted%20data.md)
### Forensics
- [Extract password hashes from a Windows memory dump using Volatility 3](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/extract%20password%20hashes%20from%20a%20Windows%20memory%20dump%20using%20Volatility%203.md)
- [Redirect execution to the injected shellcode](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/redirect%20execution%20to%20the%20injected%20shellcode.md)
- [Immunity Debugger](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Forensics/Immunity%20Debugger.md)
### Automating Administrative Task
- [Accept input from a file.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_input_file.md)
- [Accept input from a pipe.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/accept_by_pipe.md)
- [Capture and process command output.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/capture_output.md)
- [Execute external system commands.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/execute_external_commands.md)
- [Generate and handle warning messages.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/generate_warnings.md)
- [Example of using `getpass` for secure password input.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/getpass_example.md)
- [Handle password input securely.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/handling_password.md)
- [List directory contents.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/list_dir.md)
- [Example of using Python's logging module.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_example.md)
- [Log warnings and error codes.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/logging_warnings_codes.md)
- [Run scripts without user prompts.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/no_prompt.md)
- [Open a web page or URL.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/open_web.md)
- [Example of using `os` module for directory operations.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/os_dir_example.md)
- [Reprompt for password input.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/password_prompt_again.md)
- [Set CPU usage limits for processes.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/put_cpu_limit.md)
- [Read and parse configuration files.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_config_file.md)
- [Read and process multiple configuration files.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/read_many_config_file.md)
- [Redirect input/output streams.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Redirect%20input-output%20streams.md)
- [Create backups of files or directories.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Create%20backups%20of%20files%20or%20directories.md)
- [Run scripts with user prompts.](https://github.com/aw-junaid/Black-Hat-Python/blob/main/Python%20Tools/Automating%20Regular%20Administrative%20Activities/Run%20scripts%20with%20user%20prompts.md)
### Books
- [Violent Python](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
- [Grey Hat Python](http://www.nostarch.com/ghpython.htm)
- [Black Hat Python](http://www.nostarch.com/blackhatpython)
- [Python Penetration Testing Essentials](https://github.com/PacktPublishing/Python-Penetration-Testing-Essentials-Second-Edition)
- [Python for Secret Agents](https://www.packtpub.com/en-us/product/python-for-secret-agents-volume-ii-9781785283406)
- [Python Web Penetration Testing Cookbook](https://www.packtpub.com/en-us/product/python-web-penetration-testing-cookbook-9781784399900)
- [Learning Penetration Testing with Python](https://www.packtpub.com/en-us/product/learning-penetration-testing-with-python-9781785289552)
- [Python Forensics](http://www.sciencedirect.com/science/book/9780124186767)
- [The Beginner's Guide to IDAPython](https://leanpub.com/IDAPython-Book)
- [Python for Offensive PenTest: A Practical Guide to Ethical Hacking and Penetration Testing Using Python](https://www.amazon.com/Python-Offensive-PenTest-practical-penetration/dp/1788838971)
## Python Tools for Penetration Testing
### Network
- [Scapy](https://scapy.net): send, sniff and dissect
and forge network packets. Usable interactively or as a library
- [Impacket](http://oss.coresecurity.com/projects/impacket.html):
craft and decode network packets. Includes support for higher-level
protocols such as NMB and SMB
- [SMBMap](https://github.com/ShawnDEvans/smbmap):
enumerate Samba share drives across an entire domain
- [dpkt](https://github.com/kbandla/dpkt): fast, simple packet
creation/parsing, with definitions for the basic TCP/IP protocols
- [AutoRecon](https://github.com/Tib3rius/AutoRecon): Multi-threaded network reconnaissance tool
- [Mitm6](https://github.com/fox-it/mitm6): IPv6-based MITM tool that exploits IPv6 features to conduct man-in-the-middle attacks
- [Habu](https://github.com/portantier/habu):
python network hacking toolkit
- [Knock Subdomain Scan](https://github.com/guelfoweb/knock), enumerate
subdomains on a target domain through a wordlist
- [SubBrute](https://github.com/TheRook/subbrute), fast subdomain
enumeration tool
- [pypcap](https://github.com/dugsong/pypcap),
[Pcapy](https://github.com/helpsystems/pcapy),
[Pcapy-NG](https://github.com/stamparm/pcapy-ng) and
[libpcap](https://pypi.org/project/libpcap/): several different
Python bindings for libpcap
- [libdnet](https://github.com/ofalk/libdnet/): low-level networking
routines, including interface lookup and Ethernet frame transmission
- [Mallory](https://github.com/intrepidusgroup/mallory), extensible
TCP/UDP man-in-the-middle proxy, supports modifying non-standard
protocols on the fly
- [Pytbull-NG](https://github.com/netrunn3r/pytbull-ng/): flexible IDS/IPS testing
framework (shipped with more than 300 tests)
- [Spoodle](https://github.com/vjex/spoodle): A mass subdomain + poodle
vulnerability scanner
### Debugging and reverse engineering
- [Frida](http://www.frida.re/): A dynamic instrumentation framework which can
inject scripts into running processes
- [Capstone](http://www.capstone-engine.org/): lightweight
multi-platform, multi-architecture disassembly framework with Python
bindings
- [Unicorn Engine](https://www.unicorn-engine.org/): CPU emulator framework with Python bindings
- [Androguard](https://github.com/androguard/androguard): reverse
engineering and analysis of Android applications
- [Paimei](https://github.com/OpenRCE/paimei): reverse engineering
framework, includes [PyDBG](https://github.com/OpenRCE/pydbg), PIDA,
pGRAPH
- [IDAPython](https://github.com/idapython/src): IDA Pro plugin that
integrates the Python programming language, allowing scripts to run
in IDA Pro
- [PyEMU](hhttps://github.com/codypierce/pyemu/): fully scriptable IA-32
emulator, useful for malware analysis
- [pefile](https://github.com/erocarrera/pefile): read and work with
Portable Executable (aka PE) files
- [pydasm](https://github.com/jtpereyda/libdasm/tree/master/pydasm):
Python interface to the [libdasm](https://github.com/jtpereyda/libdasm/tree/master/)
x86 disassembling library
- [PyDbgEng](http://pydbgeng.sourceforge.net/): Python wrapper for the
Microsoft Windows Debugging Engine
- [diStorm](https://github.com/gdabah/distorm): disassembler library
for AMD64, licensed under the BSD license
- [python-ptrace](http://python-ptrace.readthedocs.org/):
debugger using ptrace (Linux, BSD and Darwin system call to trace
processes) written in Python
- [Keystone](http://www.keystone-engine.org): lightweight multi-platform,
multi-architecture assembler framework with Python bindings
- [PyBFD](https://github.com/Groundworkstech/pybfd/): Python interface
to the GNU Binary File Descriptor (BFD) library
- [CHIPSEC](https://github.com/chipsec/chipsec): framework for analyzing the
security of PC platforms including hardware, system firmware (BIOS/UEFI),
and platform components.
- [Ghidatron](https://github.com/mandiant/Ghidrathon): The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
### Fuzzing
- [afl-python](http://jwilk.net/software/python-afl): enables American fuzzy
lop fork server and instrumentation for pure-Python code
- [Sulley](https://github.com/OpenRCE/sulley): fuzzer development and
fuzz testing framework consisting of multiple extensible components
- [Peach Fuzzing Platform](https://github.com/MozillaSecurity/peach/):
extensible fuzzing framework for generation and mutation based
fuzzing (v2 was written in Python)
- [untidy](https://github.com/kbandla/python-untidy/): general purpose XML fuzzer
- [Powerfuzzer](http://www.powerfuzzer.com/): highly automated and
fully customizable web fuzzer (HTTP protocol based application
fuzzer)
- [Construct](http://construct.readthedocs.org/): library for parsing
and building of data structures (binary or textual). Define your
data structures in a declarative manner
- [Fusil](http://fusil.readthedocs.org/): Python library
used to write fuzzing programs
### Web
- [XSStrike](https://github.com/s0md3v/XSStrike): Advanced XSS detection suite
- [Requests](https://requests.readthedocs.io/): elegant and simple HTTP
library, built for human beings
- [lxml](http://lxml.de/index.html): easy-to-use library for processing XML and HTML; similar to Requests
- [HTTPie](http://httpie.org): human-friendly cURL-like command line
HTTP client
- [Twill](https://twill-tools.github.io/twill/): browse the Web from a command-line
interface. Supports automated Web testing
- [FunkLoad](https://github.com/nuxeo/FunkLoad): functional and load web
tester
- [spynner](https://github.com/makinacorpus/spynner): Programmatic web
browsing module for Python with Javascript/AJAX support
- [mitmproxy](http://mitmproxy.org/): SSL-capable, intercepting HTTP
proxy. Console interface allows traffic flows to be inspected and
edited on the fly
- [spidy](https://github.com/rivermont/spidy/): simple command-line web crawler with page downloading and word scraping
- [https://github.com/TrixSec/waymap](Waymap): web vulnerability scanner built for penetration testers
### Forensics
- [Volatility](http://www.volatilityfoundation.org/):
extract digital artifacts from volatile memory (RAM) samples
- [Rekall](https://github.com/google/rekall):
memory analysis framework developed by Google
- [TrIDLib](http://mark0.net/code-tridlib-e.html), identify file types
from their binary signatures. Now includes Python binding
### Malware analysis
- [pyew](https://github.com/joxeankoret/pyew): command line hexadecimal
editor and disassembler, mainly to analyze malware
- [Exefilter](https://github.com/decalage2/exefilter): filter file formats
in e-mails, web pages or files. Detects many common file formats and
can remove active content
- [jsunpack-n](https://github.com/urule99/jsunpack-n), generic
JavaScript unpacker: emulates browser functionality to detect
exploits that target browser and browser plug-in vulnerabilities
- [yara-python](https://github.com/VirusTotal/yara-python):
identify and classify malware samples
- [phoneyc](https://github.com/honeynet/phoneyc): pure Python
honeyclient implementation
- [CapTipper](https://github.com/omriher/CapTipper): analyse, explore and
revive HTTP malicious traffic from PCAP file
- [Cuckoo](https://github.com/cuckoosandbox/cuckoo): Automated malware analysis system
- [CAPE](https://github.com/kevoreilly/CAPEv2): Malware configuration and payload extraction
### PDF
- [pdfminer.six](https://github.com/pdfminer/pdfminer.six):
extract text from PDF files
- [peepdf-3](https://github.com/digitalsleuth/peepdf-3):
Python tool to analyse and explore PDF files to find out if they can be harmful
- [Didier Stevens' PDF
tools](http://blog.didierstevens.com/programs/pdf-tools): analyse,
identify and create PDF files
- [pyPDF](https://pypdf.readthedocs.io/): pure Python PDF toolkit: extract
info, spilt, merge, crop, encrypt, decrypt...
### Misc
- [Angr](https://github.com/angr/angr): Powerful binary analysis framework for vulnerability research and exploit development
- [ScoutSuite](https://github.com/nccgroup/ScoutSuite): Multi-cloud security auditing tool
- [Exomind](https://github.com/jio-gl/exomind):
framework for building decorated graphs and developing open-source
intelligence modules and ideas, centered on social network services,
search engines and instant messaging
- [simplejson](https://github.com/simplejson/simplejson/): JSON
encoder/decoder, e.g. to use [Google's AJAX
API](http://dcortesi.com/2008/05/28/google-ajax-search-api-example-python-code/)
- [PyMangle](http://code.google.com/p/pymangle/): command line tool
and a python library used to create word lists for use with other
penetration testing tools
- [Hachoir](https://hachoir.readthedocs.io/en/latest/): view and
edit a binary stream field by field
- [py-mangle](http://code.google.com/p/pymangle/): command line tool
and a python library used to create word lists for use with other
penetration testing tools
- [wmiexec.py](https://github.com/CoreSecurity/impacket/blob/master/examples/wmiexec.py):
execute Powershell commands quickly and easily via WMI
- [Pentestly](https://github.com/praetorian-inc/pentestly):
Python and Powershell internal penetration testing framework
- [hacklib](https://github.com/leonli96/python-hacklib):
Toolkit for hacking enthusiasts: word mangling, password guessing,
reverse shell and other simple tools
- [Certipy](https://github.com/ly4k/Certipy): Active Directory Certificate Services enumeration and abuse tool
- [BloodHound.py](https://github.com/fox-it/BloodHound.py): Python-based BloodHound ingestor for Active Directory security assessment
### Other useful libraries and tools
- [Project Jupyter](https://jupyter.org): enhanced interactive
shell with many features for object introspection, system shell
access, and its own special command system
- [Beautiful Soup](http://www.crummy.com/software/BeautifulSoup/):
HTML parser optimized for screen-scraping
- [matplotlib](https://matplotlib.org): make 2D plots of
arrays
- [Mayavi](http://code.enthought.com/projects/mayavi/): 3D scientific
data visualization and plotting
- [RTGraph3D](http://www.secdev.org/projects/rtgraph3d/): create
dynamic graphs in 3D
- [Twisted](http://twistedmatrix.com/): event-driven networking engine
- [Suds](https://github.com/suds-community/suds): lightweight SOAP client for
consuming Web Services
- [NetworkX](https://networkx.org): graph library (edges, nodes)
- [Pandas](http://pandas.pydata.org/): library providing
high-performance, easy-to-use data structures and data analysis
tools
- [pyparsing](https://pypi.org/project/pyparsing/): general parsing
module
- [lxml](http://lxml.de/): most feature-rich and easy-to-use library
for working with XML and HTML in the Python language
- [Whoosh](https://github.com/whoosh-community/whoosh): fast, featureful
full-text indexing and searching library implemented in pure Python
- [Pexpect](https://github.com/pexpect/pexpect): control and automate
other programs, similar to Don Libes \`Expect\` system
- [SikuliX](https://sikulix.github.io/docs/scripts/python/), visual technology
to search and automate GUIs using screenshots. Scriptable in
- [PyQt](http://www.riverbankcomputing.co.uk/software/pyqt) and
[PySide](http://www.pyside.org/): Python bindings for the Qt
application framework and GUI library