Hacking
Showing 29 of 65 projects
A plug-and-play script to crack password hashes using pre-configured, empirically-tuned hashcat attacks.
A virtual host scanner for penetration testing that performs reverse lookups, detects catch-all scenarios, and works around wildcards and aliases.
Automated deployment of red team infrastructure using Docker with a web interface for managing offensive security tools.
A Python tool that generates targeted wordlists for security testing by combining personal info, leet transforms, and song lyrics.
A modular, menu-driven tool for building time-delayed, distributed security event chains for Red, Blue, and Purple Team exercises.
A curated collection of Android exploits, hacking tools, and resources for security research and penetration testing.
A Python-based tool for exploiting and managing Android devices via ADB with capabilities like screen recording, data extraction, and remote control.
A free and open-source Ruby toolkit for security research and development, featuring CLI commands and libraries for encoding, networking, exploits, and more.
A malicious DNS server for executing DNS rebinding attacks dynamically via domain name requests.
A lightweight Python utility for running common security tests against GraphQL APIs, ideal for CI/CD checks.
A Python tool for automated scanning and detection of SSL/TLS vulnerabilities like Heartbleed, POODLE, and FREAK.
A curated collection of offensive security research, techniques, and tools for attacking CI/CD pipelines and software supply chains.
A fast scanning and attack toolkit for identifying and exploiting GitHub Actions vulnerabilities at scale.
A curated list of security resources for penetration testing and vulnerability assessment of VoIP, WebRTC, and VoLTE systems.
A frontend JavaScript framework for developing DNS rebinding exploits against vulnerable LAN devices and IoT products.
A framework for exploiting DNS rebinding vulnerabilities to bypass Same-Origin Policy and attack internal networks from browsers.
A Linux packet crafting tool for generating attack signatures to test IDS/IPS and network security.
A CLI tool to export OWASP Juice Shop security challenges into CTFd, RootTheBox, or FBCTF compatible formats.
A Python tool that automates DDoS attacks through the Tor network for security testing and education.
An open-source Android, iOS, and web app providing security best practice guides and tools for high-risk situations, from secure communication to kidnapping response.
An open-source archive for robot vulnerabilities and bugs, using a robot-specific scoring system.
An open-source Java proxy for penetration testing, enabling traffic analysis and modification of TCP/UDP application protocols.
An open-source platform for developing, running, and administering Capture the Flag (CTF) competitions on real IT infrastructure.
A curated collection of tips, commands, and strategies for solving Capture the Flag (CTF) challenges and HackTheBox machines.
A curated collection of tips, commands, and strategies for solving Capture the Flag (CTF) challenges and HackTheBox machines.
A Python library to mock SSH servers and define custom commands for testing automation scripts.
A personal collection of Capture The Flag (CTF) competition writeups from 2018 onwards.
A collection of writeups and solutions for Capture The Flag (CTF) cybersecurity challenges.
An automated IAST fuzzer for discovering vulnerabilities in CakePHP web applications with minimal false positives.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.