Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Hacking

Hacking refers to the practice of gaining unauthorized access to data in a system or computer. This topic encompasses various forms of hacking, including black-hat and grey-hat hacking, which involve malicious or non-malicious intent. It explores the tools and techniques used by hackers, the motivations behind hacking, and the measures organizations can take to protect themselves.

https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

bug-bounty bugbounty bugbountytips collection ethical-hacking hacking owasp owasp-top-10 resources xalgord

Last synced: 11 Jul 2025

https://github.com/initstring/passphrase-wordlist

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

hacking infosec password-cracking penetration-testing pentesting wordlist

Last synced: 08 Apr 2025

https://github.com/k8gege/k8cscan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

cobalt-strike crack exploit ftp getshell hacking ipc mssql mysql netscan oracle password pentest poc portscan scanner security smb subdomain wmi

Last synced: 16 May 2025

https://github.com/hahwul/xspear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss

Last synced: 14 May 2025

https://github.com/k8gege/K8CScan

K8Ladon大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动

cobalt-strike crack exploit ftp getshell hacking ipc mssql mysql netscan oracle password pentest poc portscan scanner security smb subdomain wmi

Last synced: 13 Mar 2025

https://github.com/adysec/nuclei_poc

Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有19w+POC,已校验格式的有效性并去重(验证的是格式的有效性)

daily exploit exploits fingerprint hack-tools hacker hacking nuclei nuclei-templates poc scanner security security-scanner

Last synced: 16 May 2025

https://github.com/hahwul/XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss

Last synced: 02 Apr 2025

https://github.com/codingo/interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

bugbounty cidr-notation enumeration hacking hacking-tool linux multithreading oscp oscp-tools penetration-testing security security-tools service-enumeration thread

Last synced: 08 Apr 2025

https://github.com/3ndg4me/autoblue-ms17-010

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

eternal-blue-exploits hacking hacktoberfest python security

Last synced: 08 Apr 2025

https://github.com/codingo/Interlace

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

bugbounty cidr-notation enumeration hacking hacking-tool linux multithreading oscp oscp-tools penetration-testing security security-tools service-enumeration thread

Last synced: 07 Apr 2025

https://github.com/khast3x/redcloud

Automated Red Team Infrastructure deployement using Docker

bugbounty docker hacking kali metasploit offensive pentest traefik

Last synced: 06 Oct 2025

https://github.com/cybersecsi/houdini

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all.

cheatsheet docker docker-images hacking pentesting tools webapp

Last synced: 08 Apr 2025

https://github.com/codingo/vhostscan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 08 Apr 2025

https://github.com/codingo/VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

bugbounty ctf-tools discovery-service hacking hacking-tool hackthebox offensive-security oscp penetration-test penetration-testing reverse-lookups scanner security security-audit security-tools vhost vhosts virtual-host virtual-hosts web-application-security

Last synced: 30 Mar 2025

https://github.com/khast3x/Redcloud

Automated Red Team Infrastructure deployement using Docker

bugbounty docker hacking kali metasploit offensive pentest traefik

Last synced: 07 Apr 2025

https://github.com/screetsec/dracnmap

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

backbox hacker hacking information-gathering kalilinux linux nmap nmap-command parrot scanning tool toolshacking

Last synced: 16 May 2025

https://github.com/screetsec/Dracnmap

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

backbox hacker hacking information-gathering kalilinux linux nmap nmap-command parrot scanning tool toolshacking

Last synced: 07 Apr 2025

https://github.com/Screetsec/Dracnmap

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

backbox hacker hacking information-gathering kalilinux linux nmap nmap-command parrot scanning tool toolshacking

Last synced: 27 Mar 2025

https://github.com/PabloLec/RecoverPy

Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal

cli console cybersecurity data data-recovery files forensics hacking linux macos pentesting python python3 recovery search search-interface terminal textual tool tui

Last synced: 24 Mar 2025

https://github.com/blacklanternsecurity/trevorspray

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

365 autodiscover email exchange hacking microsoft oauth office password passwords proxy python security socks spray spraying trevor

Last synced: 13 May 2025

https://github.com/screetsec/brutal

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

arduino arduino-library badusb hacker hacking payload penetration penetration-testing powershell-attack rubberducky teensy usb

Last synced: 12 Apr 2025

https://github.com/Screetsec/Brutal

Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )

arduino arduino-library badusb hacker hacking payload penetration penetration-testing powershell-attack rubberducky teensy usb

Last synced: 27 Mar 2025

https://github.com/EmenstaNougat/ESP32-BlueJammer

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts 2.4GHz communications. Using an ESP32 and nRF24 modules, it generates noise and unnecessary packets, causing interference between the devices communicating, making them unable to work as intended. Ideal for controlled disruption and security testing.

bluetooth bt coding cybersecurity diy electronics esp32 flashing hacker hacking jammer nrf24 programming

Last synced: 23 Oct 2025

https://github.com/athena-os/athena

Athena OS is a Arch/Nix-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!

archlinux cybersecurity hacking learning linux os payload pentesting security security-tools

Last synced: 14 May 2025

https://github.com/viralmaniar/powershell-rat

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

backdoor fud hacking hacking-tool penetration-testing pentesting powershell rat redteaming remoteaccess trojan trojan-rat

Last synced: 12 Apr 2025

https://github.com/Viralmaniar/Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

backdoor fud hacking hacking-tool penetration-testing pentesting powershell rat redteaming remoteaccess trojan trojan-rat

Last synced: 13 Mar 2025

https://github.com/blacklanternsecurity/TREVORspray

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

365 autodiscover email exchange hacking microsoft oauth office password passwords proxy python security socks spray spraying trevor

Last synced: 27 Sep 2025

https://github.com/Athena-OS/athena

Athena OS is a Arch/Nix-based distro focused on Cybersecurity. Learn, practice and enjoy with any hacking tool!

archlinux cybersecurity hacking learning linux os payload pentesting security security-tools

Last synced: 14 Mar 2025

https://github.com/BiZken/PhishMailer

Generate Professional Phishing Emails Fast And Easy

hacking phishing phishing-attacks social-engineering

Last synced: 12 Jul 2025

https://github.com/Th30neAnd0nly/AIRAVAT

A multifunctional Android RAT with GUI based Web Panel without port forwarding.

advanced airavat android android-hacking android-malware android-rat botnet hack hacking java th30neand0nly

Last synced: 04 Apr 2025

https://github.com/MegaManSec/SSH-Snake

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

bash cybersecurity exploitation exploitation-tool hacking hacking-tools pentesting post-exploitation redteam scanner security security-tools shell ssh ssh-hacking vulnerability-scanner worm

Last synced: 11 Apr 2025

https://github.com/MrTuxx/SocialPwned

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehashed and obtain Google account information via GHunt.

dehashed ghunt hacking haveibeenpwned instagram instagram-api linkedin-api osint pentesting-tools pwndb social-engineering twint

Last synced: 06 Aug 2025

https://github.com/indianajson/can-i-take-over-dns

"Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.

bugbounty bugbountytips dangling-dns dns dns-hijacking domain-takeover hacking hacking-tool infosec nameservers subdomain-takeover takeover-subdomain

Last synced: 03 Apr 2025

https://github.com/averagesecurityguy/scripts

Scripts I use during pentest engagements.

hacking penetration-testing pentests python tools

Last synced: 12 Mar 2026

https://github.com/yeswehack/PwnFox

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.

bugbounty firefox-extension hacking pentest

Last synced: 10 May 2025

https://github.com/yassineaboukir/sublert

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

bug-bounty certificate-transparency certificate-transparency-logs hacking information-gathering monitoring-tool penetration-testing pentest python reconnaissance security sublert

Last synced: 02 Apr 2025

https://github.com/t3l3machus/powershell-obfuscation-bible

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.

hacking obfuscation offensivesecurity pentest powershell redteam

Last synced: 12 Apr 2025

https://github.com/TryCatchHCF/DumpsterFire

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools

Last synced: 27 Mar 2025

https://github.com/1n3/privesc

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

bugbounty exploits hacking linux mysql pentesting privesc sql windows

Last synced: 12 Apr 2025

https://github.com/1N3/PrivEsc

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

bugbounty exploits hacking linux mysql pentesting privesc sql windows

Last synced: 04 Apr 2025

https://github.com/i3visio/osrframework

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

gnu-agplv3 hacking internet investigations osint osrframework pypi python3 social-networks user-management

Last synced: 26 Mar 2025

https://github.com/the-viper-one/psmapexec

Dominate Active Directory with PowerShell. Inspired by CrackMapExec / NetExec.

active-directory crackmapexec hacking lateral-movement mimikatz netexec pentesting powershell rdp sam spraying vnc

Last synced: 15 May 2025

https://github.com/The-Viper-One/PsMapExec

Dominate Active Directory with PowerShell. Inspired by CrackMapExec / NetExec.

active-directory crackmapexec hacking lateral-movement mimikatz netexec pentesting powershell rdp sam spraying vnc

Last synced: 01 Apr 2025

https://github.com/SimplySecurity/SimplyEmail

Email recon made fast and easy, with a framework to build on

email-recon emails hacking kali recon

Last synced: 02 Apr 2025

https://github.com/erfg12/memory.dll

C# Hacking library for making PC game trainers.

hacking memory processes

Last synced: 06 Mar 2026

https://github.com/osintbrazuca/osint-brazuca-regex

Repositório criado com intuito de reunir expressões regulares dentro do contexto Brasil

brasil brazil hacking osint regex threat-hunting threat-intelligence

Last synced: 26 Jan 2026

https://github.com/adi0x90/attifyos

Attify OS - Distro for pentesting IoT devices

embedded exploitation hacking hardware internet-of-things iot iot-pentesting security

Last synced: 11 Jul 2025

https://github.com/alibaba/java-dns-cache-manipulator

🌏 A tiny 0-dependency thread-safe Java™ lib for setting/viewing dns programmatically without touching host file, make unit/integration testing portable; and a tiny tool for setting/viewing dns of running JVM process.

dns dns-cache dns-cache-manipulator domain-name hacking hacking-code integration-testing java jvm testing threadsafe unit-testing

Last synced: 14 May 2025

https://github.com/chvancooten/BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

bug-bounty-reconnaissance bugbounty docker-image hacking hacktoberfest reconnaissance

Last synced: 06 Apr 2025

https://github.com/chvancooten/bugbountyscanner

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

bug-bounty-reconnaissance bugbounty docker-image hacking hacktoberfest reconnaissance

Last synced: 16 May 2025

https://github.com/4lbh4cker/alhacking

Albanian Hacking Tool!! Tools to help you with ethical hacking, Social media hack, phone info, Gmail attack, phone number attack, user discovery, Anonymous-sms, Webcam Hack • Powerful DDOS attack tool!! Operating System Requirements works on any of the following operating systems: • Android • Linux • Unix

4lbh4cker albania anonymous-sms ddos-attacks ethical-hacking gmail-bomber hacking hacking-tool information-gathering ipinfo kali-linux phishing-tool sms-messages termux user-finder virus-builder webcam

Last synced: 12 May 2026

https://github.com/kennbroorg/iky

OSINT Project. Collect information from a mail. Gather. Profile. Timeline.

email github gitlab hacking iky infosec intelligence keybase leaks linkedin mastodon osint privacy profile recon reddit spotify timeline twitch twitter

Last synced: 02 Jun 2026

https://github.com/Zarcolio/sitedorks

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.

baidu bing bugbounty bugcrowd duckduckgo google google-dorks googledork hackerone hacking infosec intigriti osint python3 recon reconnaissance search search-engines yahoo yandex

Last synced: 11 Jul 2025

https://github.com/Hackmanit/Web-Cache-Vulnerability-Scanner

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

bugbounty hacking hacking-tool penetration-testing penetration-testing-tools pentesting scanner security security-audit security-scanner security-tools vulnerability-scanners web-cache

Last synced: 04 Apr 2025

https://github.com/r3dy/capsulecorp-pentest

Vagrant VirtualBox environment for conducting an internal network penetration test

ansible ethical-hacking hacking penetration-testing pentest pentesting vagrant

Last synced: 12 Apr 2025

https://github.com/bl4de/security-tools

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

bug-bounties bug-bounty bugbounty ctf ctf-tools hacking infosec itsecurity pentesting python scanner security-testing security-tools static-analysis webappsec

Last synced: 02 Apr 2025

https://github.com/Anime4000/RTL960x

Hacking RTL960x based xPON ONU Stick to suite your Universal OLT

busybox firmware gpon gpon-stick hacking lantiq olt onu realtek

Last synced: 20 Feb 2026

https://github.com/R3dy/capsulecorp-pentest

Vagrant VirtualBox environment for conducting an internal network penetration test

ansible ethical-hacking hacking penetration-testing pentest pentesting vagrant

Last synced: 13 Mar 2025

https://github.com/grafov/hulk

HULK DoS tool ported to Go with some additional features.

dos golang hacking http python security utilities web

Last synced: 08 Apr 2025

https://github.com/kennbroorg/iKy

OSINT Project. Collect information from a mail. Gather. Profile. Timeline.

email github gitlab hacking iky infosec intelligence keybase leaks linkedin mastodon osint privacy profile recon reddit spotify timeline twitch twitter

Last synced: 24 Mar 2025

https://github.com/ndelphit/apkurlgrep

Extract endpoints from APK files

apk endpoints hacking infosec pentesting

Last synced: 12 Jan 2026

Hacking Awesome Lists
the-book-of-secret-knowledge 74 Awesome-Hacking 83 Awesome-Hacking-Resources 291 awesome-hacking 192 movies-for-hackers 126 awesome-hacker-search-engines 564 osint_stuff_tool_collection 1,446 WebHackersWeapons 431 awesome-sec-talks 265 awesome-vehicle-security 227 awesome_gpt_super_prompting 105 Awesome-Cellular-Hacking 232 awesome-mobile-security 246 awesome-ethical-hacking-resources 85 awesome-cyber-security 30 awesome-privilege-escalation 189 awesome-vulnerable-apps 97 awesome-hacking-lists 11,757 MobileHackersWeapons 73 Offensive-OSINT-Tools 138 awesome-ctf-resources 248 awesome-cicd-attacks 88 awesome-bbht 80 All-In-One-CyberSecurity-Resources 125 awesome-rtc-hacking 101 Awesome-hacking-tools 34 guia-ackercode 226 fucking-the-book-of-secret-knowledge 35 awesome-cybersec 302 Pentest-Bookmarkz 92 fucking-Awesome-Hacking 80 awesome-security-vul-llm 300 awesome-security-feed 283 awesome-ctf-cheatsheet 33 awesome-cyber 186 awesome-reference 102 awesome-drone-hacking 201 awesome-hackathon 241 awesome-asus-tinker-board 41 Python-Security-Tool-Database 40 awesome 60 awesome-hacking 504 fucking-awesome-web-security 424 cyberelite 504 awesome-interests 66 awesome-infosec 60 awesome-wrgms-kids 191 awesome-hacking 79 penetration-testing 570 awesome-list 197
Hacking Categories
Python 3,312 [](#table-of-contents) Table of contents 1,809 Others 1,677 Go 1,218 Java 888 Uncategorized 798 Shell 700 JavaScript 675 C 520 Weapons 499 C# # 439 C++ 410 Table of Contents 384 Android 355 TypeScript 333 LLM分析过程 307 HTML 280 Tools 266 Miscellaneous 254 PHP 235